In CCM6 if I create an application user, and give them a small subset of rights Such as phone Administration, I have noticed that if that admin has the ability to edit end users they can in turn add end users into Administrative groups! This in effect is a major security vulnerability an administrator with lower rights can create a new end user and give them every role / right to the CCM box (except super user). I have even verified that end user can log into the CCM Admin pages with full rights! What is the point of groups and roles then, am I missing something?
If I do not give phone administrators the ability to edit end user's the phone administrators cannot change an end user's password, or associate phones to their profilesâ¦
I wish I had a solution. I am trying to sort out the same dilemma. There is little point in trying to limit access if they can elevate themselves to virtually unlimited access by having update abilities for user accounts.
I'm not able to access my old voice mail messages all of a sudden. The recording says something like 'the message is currently not available'. This has never happened before in all the years I have been using this system. I have t...