Unity Administration accounts for administrating local Unity Server

Unanswered Question
Aug 14th, 2007

We have multiple Unity servers in VM joining the same domain and digitally networked together.

Originally we use the same sets of Unity accounts (UnityAdmin, UnityInstall...) for easy administration. But later on we want to create some admin accounts that can just only administrate it's own Unity server. Is there a way to do so?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
a.cruea1980 Wed, 08/15/2007 - 09:15

Do you mean for administration via the SA Web page, or actual box administration?

maddox-mp Wed, 08/15/2007 - 12:34

Hi,

Also, how to create a login account with Read Only right to SA Web page and Server box administration?

lee.alex Wed, 08/15/2007 - 18:28

Hi,

I just want to control the admin account in location a can only add / remove subscribers and change the unity server settings via the SA web for the unity server in location a.

Is it possible to do so

a.cruea1980 Thu, 08/16/2007 - 08:11

Well, technically, yes you can. You can block port 80 and 443 to each Unity server, and then the admins would only be able to log into their local servers. I don't think you can change any settings for other servers in the SA Web page anyway. The users? Well, that could get tricky.

How is your organization set up? Is it all the Unity servers reading from one address book, or will each location have it's own address book? If each location has it's own address book for whatever mail store you're using, then admins will only be able to add/remove users that are in the local address book.

If they're all reading from the same address book, depending on how you set it up, I remember reading something about Unity will not touch the settings another Unity server put into an address book. It'll only modify it's own. You'd have to check out the Unity documentation a little more to find out the exact conditions of that happening, though. I can't remember if I read it in a book or on the online docs. And after consulting my co-worker, he seems to remember the same thing; a Unity server will only modify something that it has created, and will ignore anything created by other Unity servers.

Now, if you have this all set up as failover, that's a different story.

a.cruea1980 Thu, 08/16/2007 - 08:15

"Also, how to create a login account with Read Only right to SA Web page and Server box administration?" --maddox

As for this question, are you using AD authentication for Unity, or Lotus?

If you're using Active Directory, just add the user to the Administrators group on the actual server, and create the user in Unity with Read Only rights to the page.

http://www.cisco.com/en/US/products/sw/voicesw/ps2237/products_administration_guide_chapter09186a0080449c68.html << There's how to create subscribers, and a chapter or two previous explains Class of Service (if you need it).

Actions

This Discussion