01-28-2009 08:22 AM - edited 03-15-2019 03:49 PM
Bit of an old version for you.....! call manager version 3.3 - where do you assign rights to user profiles? e.g. full rights, read rights, no rights?
user 1 = full rights to change everything
user 2 - to see what is in a profile
user 3 - has no rights at all?
Many thanks in advance
Solved! Go to Solution.
01-28-2009 09:12 AM
Hi Nick,
Multilevel Administration Access
Multilevel administration access provides multiple levels of security to Cisco CallManager Administration. This technique permits granting only the required privileges for a selected group of users and limits the configuration functions that users in a particular user group can perform.
Prior to the availability of multilevel administration access, administrators with read/write access to Cisco CallManager configuration could change any or all the database/directory elements that are accessible through Cisco CallManager Administration and Cisco CallManager Serviceability. Users could inadvertently disable the entire system with a few mouse clicks by accidentally modifying the data to which they do not need access.
Key Features
Multilevel administration access provides multiple levels of security to Cisco CallManager Administration. Cisco CallManager Administration functions comprise functional groups. Each functional group can have different access levels, such as no access, read-only access, and full access, to different user groups. Multilevel administration access also provides audit logs of user logins and access and modifications to Cisco CallManager configuration data.
Login Authentication
Prior to the availability of multilevel administration access, Cisco CallManager administrators logged in using a local NT administration account. With multilevel administration access, directory user names and passwords stored in Lightweight Directory Access Protocol (LDAP) provide the basis for login authentication. Multilevel administration access creates a predefined super user called the CCMAdministrator.
The windows registry stores the CCMAdministrator's user ID and encrypted password. Thus, even when the directory is unavailable, CCMAdministrator can log in to take corrective action. When the user attempts direct access by entering a URL in the browser, a login window displays first to authenticate a user.
--------------------------------------------------------------------------------
Note Applications other than Cisco CallManager Administration and Cisco CallManager Serviceability continue to use Windows basic authentication, which provides access to the local administrator. Multilevel administration access does not affect these applications, which include Trace Configuration and the Real-Time Monitoring Tool (RTMT).
--------------------------------------------------------------------------------
Functional Groups
A functional group includes a collection of Cisco CallManager system administration functions. All the web pages that compose each functional group belong to a common administrative menu. Two types of functional groups exist: standard functional groups, which are the default functional groups, and custom functional groups. Standard functional groups are created as part of multilevel administration access installation. Users may define custom functional groups.
http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/admin/3_3_5/mla124a/mla_a.html#wpxref43540
Hope this helps!
Rob
01-28-2009 09:12 AM
Hi Nick,
Multilevel Administration Access
Multilevel administration access provides multiple levels of security to Cisco CallManager Administration. This technique permits granting only the required privileges for a selected group of users and limits the configuration functions that users in a particular user group can perform.
Prior to the availability of multilevel administration access, administrators with read/write access to Cisco CallManager configuration could change any or all the database/directory elements that are accessible through Cisco CallManager Administration and Cisco CallManager Serviceability. Users could inadvertently disable the entire system with a few mouse clicks by accidentally modifying the data to which they do not need access.
Key Features
Multilevel administration access provides multiple levels of security to Cisco CallManager Administration. Cisco CallManager Administration functions comprise functional groups. Each functional group can have different access levels, such as no access, read-only access, and full access, to different user groups. Multilevel administration access also provides audit logs of user logins and access and modifications to Cisco CallManager configuration data.
Login Authentication
Prior to the availability of multilevel administration access, Cisco CallManager administrators logged in using a local NT administration account. With multilevel administration access, directory user names and passwords stored in Lightweight Directory Access Protocol (LDAP) provide the basis for login authentication. Multilevel administration access creates a predefined super user called the CCMAdministrator.
The windows registry stores the CCMAdministrator's user ID and encrypted password. Thus, even when the directory is unavailable, CCMAdministrator can log in to take corrective action. When the user attempts direct access by entering a URL in the browser, a login window displays first to authenticate a user.
--------------------------------------------------------------------------------
Note Applications other than Cisco CallManager Administration and Cisco CallManager Serviceability continue to use Windows basic authentication, which provides access to the local administrator. Multilevel administration access does not affect these applications, which include Trace Configuration and the Real-Time Monitoring Tool (RTMT).
--------------------------------------------------------------------------------
Functional Groups
A functional group includes a collection of Cisco CallManager system administration functions. All the web pages that compose each functional group belong to a common administrative menu. Two types of functional groups exist: standard functional groups, which are the default functional groups, and custom functional groups. Standard functional groups are created as part of multilevel administration access installation. Users may define custom functional groups.
http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/admin/3_3_5/mla124a/mla_a.html#wpxref43540
Hope this helps!
Rob
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide