[opencms-dev] User Role for Newsletter Module

Wed May 28 11:09:59 CEST 2008

Hi.

I don't see what is the problem here.

User having "Account Manager" role, can manage users in his 
Organizational Unit and any sub Organizational Unit.
He will NOT be able to edit users in the parent OUs.

So, you only need to create this "newsletter manager" in a OU different 
than the "root organizational unit".

Regards,
Bobi.

Konstantin Ott wrote:
> Hi List,
> did anything happen due to this mail from Christian Hellinger?
> We are running into the same question...
> regards
> Konstantin Ott
> 
> Christian Hellinger schrieb:
>> Hello,
>>
>> we are using the Newsletter Module 1.0.0 in an OpenCms 7.0.3 installation 
>> on a WAS 6.1 Express
>>
>> It's described in the manual of the newsletter module, that the "Account 
>> manager" role is required to sent newsletters.
>>
>> My question is: How can I prevent a "newsletter manager" from changing 
>> i.e. the password of the "Admin" account (what would mean that this user 
>> could lock me, the admin, out of the system)? It seems that an Account 
>> Manager is able to manage all users below _and_ above his current OU! 
>>
>> So, even if I create an Admin account in an OU parallel to the OU used by 
>> this user, he could create an account in the root unit and disable my 
>> account with this new account.
>>
>> Was this behaviour described above intended? Is there a way of restricting 
>> the access of the Account Manager? If not, it seems to me that this is a 
>> possible security risk.
>>
>>
>> Best regards
>>
>> Christian Hellinger
>>
>> PS: I also found, that I can't add roles to users in the newsletter ou 
>> directly, btw.
>>
>> --------------------------------------
>>
>> DREGER INFORMATION TECHNOLOGY
>>
>> J&J DREGER Consulting GmbH & Co. KG
>> Carl-Benz-Str. 35
>> D - 60386 Frankfurt am Main, Germany
>>
>> Phone :    +49-69-90479-0
>> Fax   :    +49-69-90479-479
>>
>> Email :    christian.hellinger at dreger.de
>> WWW   :    http://www.dreger.de
>>
>> --------------------------------------
>>
>> Consulting & Solutions: http://www.d-business.de
>> Mobile Solutions Competence Center: http://www.d-business.de/mscc
>>
>> Business Development: http://www.1j1.com
>> --------------------------------------
>> Sitz / Registergericht: Frankfurt am Main / Amtsgericht Frankfurt am Main
>> Registernummer: HRA 42705
>> Geschaeftsfuehrer: Jens Dreger, Joerg Dreger
>> USt.ID: DE244892265
>> --------------------------------------
>> Komplementaer-GmbH: J&J DREGER Verwaltungs GmbH, Carl-Benz-Str. 35, 60386 Frankfurt am Main
>> Sitz / Registergericht: Frankfurt am Main / Amtsgericht Frankfurt am Main
>> Registernummer: HRB 73891
>> Geschaeftsfuehrer: Jens Dreger, Joerg Dreger
>> --------------------------------------
>> Diese E-Mail inklusive aller Anhaenge koennte vertrauliche und/oder rechtlich geschuetzte Informationen 
>> enthalten. Wenn Sie nicht der beabsichtigte Adressat sind, der diese E-Mail irrtuemlich erhalten hat, 
>> informieren Sie bitte sofort den Absender und vernichten Sie alle Kopien dieser E-Mail von Ihrem System. 
>> Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail sind nicht gestattet.
>>
>> This e-mail and any attachment (both hereinafter called as e-mail)  may contain confidential and/or privileged 
>> information. If you are not the intended recipient or have received this e-mail in error please notify the sender 
>> immediately and destroy all copies of this e-mail from your system. Any unauthorised copying, disclosure or 
>> distribution of the material in this e-mail is strictly forbidden.
>>
>>
>> _______________________________________________
>> This mail is sent to you from the opencms-dev mailing list
>> To change your list options, or to unsubscribe from the list, please visit
>> http://lists.opencms.org/mailman/listinfo/opencms-dev
>>
>>   
> 
> 

-- 
Bozidar Ilievski | bozidar.ilievski at netcetera.com.mk
phone +389 -2- 30 64 532 | fax +389 -2- 30 79 495
Netcetera | 1000 Skopje | Macedonia | http://netcetera.com.mk