Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
442
Views
0
Helpful
4
Replies

Unity Connection Voicemail users can log into Administration page

bacland
Level 1
Level 1

‎06-19-2009 10:19 AM - edited ‎03-18-2019 11:13 PM

I am running Unity Connection 1.2(1). Traditionally, I have blocked all client access to Unity Connection. I would like to start piloting some PCA and IMAP access to some clients, but I'm running into some potential security concerns.

Due to the PCA requiring HTTPS access to the server, the Unity Connection Administration login web page is now available to clients as well. If they slightly change the URL I provide to gain access to the PCA login page they can get the Administration login page. That's not the problem so much as the fact that a standard voicemail user is able to log into the Administration web page! Once they are logged in most items are not accessible to them and say 'Not Authorized' if they are clicked on, but the reports are fully accessible and a standard voicemail user can run any report on the server.

As some additional info, voicemail users do not have any 'Roles' assigned to them.

My question is: Is there a way to restrict access to the Administration page so that ALL items are inaccessible to standard voicemail users? I do not want my voicemail users to be able to run any reports at all. It would be better if they could not log into the Administration page in the first place and I see this as a serious design flaw in Unity Connection if it cannot be fixed easily.

Any help on this issue would be greatly appreciated.

Thanks,

Brian

Labels:
0 Helpful
4 Replies 4

lfulgenzi
Level 7
Level 7

‎06-20-2009 06:58 AM

Hi Brian,

You'd think so, but unfortunately not as far as I know. Don't feel too bad though, it's still an issue in Connection 7.x!

Although they can log in and traverse the tree, they shouldn't be able to see anything.

0 Helpful

Tana Franko
Level 1
Level 1
In response to lfulgenzi

‎06-20-2009 03:01 PM

Just to add to the response a bit, the reports (and everything else under Cisco Unity Connection Serviceability) in version 2.1 and above are inaccessible -- it doesn't even allow such users to log in to the Serviceability interface.

0 Helpful

bacland
Level 1
Level 1
In response to lfulgenzi

‎06-22-2009 07:32 AM

The problem, though, is that they CAN see some things. They are able to run any of the built-in reports.

Has that part been resolved in further releases of Unity Connection? Is the reports access just an issue in 1.2?

0 Helpful

Tana Franko
Level 1
Level 1
In response to bacland

‎07-07-2009 10:59 AM

Right, in 2.1 and above the Reports are under Serviceability. Serviceability is not accessible even for viewing. So while users can still log into the System Administration interface and see the page links, there is no link to access Reports from there.

Hope that makes sense. :-)

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents