Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1741
Views
0
Helpful
8
Replies

CUCM 8.6.2 Help Desk User Group

Johannes Snyman
Level 1
Level 1

‎07-30-2013 01:55 AM - edited ‎03-16-2019 06:36 PM

Hi,

i'm trying to create a user group on cucm for our service desk. they should only be able to access the end user configuration pages in order to change PIN/Passwords.

Cisco has a document explaining how to do this (http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/admin/8_0_2/ccmsys/a02mla.html#wp1043930
).

however, after following the doc, the service desk user cannot log in to the ccmadmin webpage. every time login info is entered, the authentication page simply resets. no error  (e.g. invalid password, etc) is provided.

does anyone know how to fix this issue? i've added screenshots to show exactly what i have done.

many thanks!!

johan

Labels:
Preview file
76 KB
0 Helpful
8 Replies 8

Aman Soi
VIP Alumni
VIP Alumni

‎07-30-2013 03:19 AM

Hi,

Can u try changing from Standard CCM End Users to Standard CCM Admin User and check?

regds,

aman

0 Helpful

Johannes Snyman
Level 1
Level 1
In response to Aman Soi

‎07-30-2013 04:16 AM

Hey Aman,

i figured it out:

1. create a custom user role that has read/update privileges to user web pages

2. Create a custom user group that includes the custom role, as well as the Standard CCM Admin Users role.

3. Apply user group to user.

please note that even though the service desk administrator will only be able to get to the end user configuration page with this setup, he'd still be able to change his own user group (to SuperUser, for instance) since the configuration is done on the same webpage.

0 Helpful

Aman Soi
VIP Alumni
VIP Alumni
In response to Johannes Snyman

‎07-30-2013 04:40 AM

Hi John,

Good the problem has been solved.

This is what I told or made some mistake.Please let me know.

Can u share the latest snapshot?

regds,

aman

0 Helpful

Johannes Snyman
Level 1
Level 1
In response to Aman Soi

‎07-30-2013 04:51 AM

Hi Aman,

i've attached the updated config.

regards,

Johan

Preview file
78 KB
0 Helpful

Aman Soi
VIP Alumni
VIP Alumni
In response to Johannes Snyman

‎07-30-2013 04:56 AM

Hi John,

So, u need to add CCM End User as well.

thanks.

regds,

aman

0 Helpful

Johannes Snyman
Level 1
Level 1
In response to Aman Soi

‎07-30-2013 05:00 AM

no, it's not needed. i've added it because i still want my service desk users to be able to log into the ccm web user pages. it's not necessary for limiting access on ccmadmin webpages.

regards,

Johan

0 Helpful

Craig Locasto
Level 1
Level 1
In response to Johannes Snyman

‎09-23-2015 01:39 PM

he'd still be able to change his own user group (to SuperUser, for instance) since the configuration is done on the same webpage

 

Has anyone found a work around which stops someone from elevating their own permissions?

0 Helpful

Johannes Snyman
Level 1
Level 1
In response to Craig Locasto

‎10-05-2015 12:28 AM

Hi Craig,

 

the best solution that i have been able to find is to limit users who can assign administrative privileges to superusers. you obviously need to make sure that only the authorised administrators are assigned to the superuser group.

 

to change this:

System>Enterprise Parameters>User Management Parameters>Allow non-super user to grant access to administrative web pages  - Change the value to False.

 

HTH,

Johan

0 Helpful
Customers Also Viewed These Support Documents