[opencms-dev] User Role for Newsletter Module

Schliemann, Kai K.Schliemann at comundus.com
Wed May 28 11:26:44 CEST 2008 

Hi Bobi,
This is what I wanted to say. It was possible to change an admins password even if he was not in the same OU in version 7.0.3 and earlier. 
Regards
Kai

-----Ursprüngliche Nachricht-----
Von: opencms-dev-bounces at opencms.org [mailto:opencms-dev-bounces at opencms.org] Im Auftrag von Bozidar Ilievski
Gesendet: Mittwoch, 28. Mai 2008 11:10
An: The OpenCms mailing list
Betreff: Re: [opencms-dev] User Role for Newsletter Module

Hi.

I don't see what is the problem here.

User having "Account Manager" role, can manage users in his Organizational Unit and any sub Organizational Unit.
He will NOT be able to edit users in the parent OUs.

So, you only need to create this "newsletter manager" in a OU different than the "root organizational unit".

Regards,
Bobi.

Konstantin Ott wrote:
> Hi List,
> did anything happen due to this mail from Christian Hellinger?
> We are running into the same question...
> regards
> Konstantin Ott
> 
> Christian Hellinger schrieb:
>> Hello,
>>
>> we are using the Newsletter Module 1.0.0 in an OpenCms 7.0.3 
>> installation on a WAS 6.1 Express
>>
>> It's described in the manual of the newsletter module, that the 
>> "Account manager" role is required to sent newsletters.
>>
>> My question is: How can I prevent a "newsletter manager" from 
>> changing i.e. the password of the "Admin" account (what would mean 
>> that this user could lock me, the admin, out of the system)? It seems 
>> that an Account Manager is able to manage all users below _and_ above his current OU!
>>
>> So, even if I create an Admin account in an OU parallel to the OU 
>> used by this user, he could create an account in the root unit and 
>> disable my account with this new account.
>>
>> Was this behaviour described above intended? Is there a way of 
>> restricting the access of the Account Manager? If not, it seems to me 
>> that this is a possible security risk.
>>
>>
>> Best regards
>>
>> Christian Hellinger
>>
>> PS: I also found, that I can't add roles to users in the newsletter 
>> ou directly, btw.
>>
>> --------------------------------------
>>
>> DREGER INFORMATION TECHNOLOGY
>>
>> J&J DREGER Consulting GmbH & Co. KG
>> Carl-Benz-Str. 35
>> D - 60386 Frankfurt am Main, Germany
>>
>> Phone :    +49-69-90479-0
>> Fax   :    +49-69-90479-479
>>
>> Email :    christian.hellinger at dreger.de
>> WWW   :    http://www.dreger.de
>>
>> --------------------------------------
>>
>> Consulting & Solutions: http://www.d-business.de Mobile Solutions 
>> Competence Center: http://www.d-business.de/mscc
>>
>> Business Development: http://www.1j1.com
>> --------------------------------------
>> Sitz / Registergericht: Frankfurt am Main / Amtsgericht Frankfurt am 
>> Main
>> Registernummer: HRA 42705
>> Geschaeftsfuehrer: Jens Dreger, Joerg Dreger
>> USt.ID: DE244892265
>> --------------------------------------
>> Komplementaer-GmbH: J&J DREGER Verwaltungs GmbH, Carl-Benz-Str. 35, 
>> 60386 Frankfurt am Main Sitz / Registergericht: Frankfurt am Main / 
>> Amtsgericht Frankfurt am Main
>> Registernummer: HRB 73891
>> Geschaeftsfuehrer: Jens Dreger, Joerg Dreger
>> --------------------------------------
>> Diese E-Mail inklusive aller Anhaenge koennte vertrauliche und/oder 
>> rechtlich geschuetzte Informationen enthalten. Wenn Sie nicht der 
>> beabsichtigte Adressat sind, der diese E-Mail irrtuemlich erhalten hat, informieren Sie bitte sofort den Absender und vernichten Sie alle Kopien dieser E-Mail von Ihrem System.
>> Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail sind nicht gestattet.
>>
>> This e-mail and any attachment (both hereinafter called as e-mail)  
>> may contain confidential and/or privileged information. If you are 
>> not the intended recipient or have received this e-mail in error 
>> please notify the sender immediately and destroy all copies of this e-mail from your system. Any unauthorised copying, disclosure or distribution of the material in this e-mail is strictly forbidden.
>>
>>
>> _______________________________________________
>> This mail is sent to you from the opencms-dev mailing list To change 
>> your list options, or to unsubscribe from the list, please visit 
>> http://lists.opencms.org/mailman/listinfo/opencms-dev
>>
>>   
> 
> 

--
Bozidar Ilievski | bozidar.ilievski at netcetera.com.mk phone +389 -2- 30 64 532 | fax +389 -2- 30 79 495 Netcetera | 1000 Skopje | Macedonia | http://netcetera.com.mk

_______________________________________________
This mail is sent to you from the opencms-dev mailing list To change your list options, or to unsubscribe from the list, please visit http://lists.opencms.org/mailman/listinfo/opencms-dev

More information about the opencms-dev mailing list