09-15-2017 05:59 AM - edited 03-19-2019 12:47 PM
Recently we decided to allow standard helpdesk members to assist with the management of user mailboxes, only the basics such as resetting a password and unlocking a mailbox.
From looking a the roles the default Helpdesk Administrator role appears to be what we are looking for however when the role is assigned the other members of IT can access the admin page, they can search for a user, view the user basics page but they are not able to change passwords.
I am aware that it cannot be done by users with equal or higher permissions however this is for end users with no management roles assigned to them.
Creating a custom role with full user access achieves what we want to an extent but it can also delete users which we definitely do not want to give that ability out.
This is CUC version 11.5.
Thanks in advance.
09-15-2017 06:38 AM
Hi Stuart,
If you are running Unity Connection 11.5.1.999 it may be that you are hitting this bug;
09-15-2017 06:52 AM - edited 09-15-2017 07:01 AM
Thanks for the quick reply Rob, from the bug description the symptom is when an access denied message appears. I've attached a screenshot about what we're seeing however the bug could be related still as we are on 1.5.1.11900-26.
09-15-2017 07:55 AM
Hi Stuart,
I'm not sure why you are seeing that but as you say it could be bug related. You could try to create a "Custom" role with only this privilege level;
Privileges to Manage User MWI and Password Settings | |
Reset User MWI | Allows the administrator to reset user MWIs. |
Reset User Passwords | Allows the administrator to reset user passwords. |
From;
Cheers!
Rob
09-18-2017 02:02 AM
Hi Rob,
Thanks again for coming back, strangely enough even with the custom role it results in the same.
For clarification, the only priveleges allowed are the below two along with "Read access to system configuration data - read access" - as it is necessary for custom roles.
Reset User MWI | Allows the administrator to reset user MWIs. |
Reset User Passwords | Allows the administrator to reset user passwords. |
I can assign - End user full access to the role which enables all the neccessary option however we don't want people to have the delete option which comes it.
Seems quite unusual.
Thanks,
Stuart.
09-19-2017 08:24 AM
Hi Stuart,
Did you open a TAC case? I'm very curious to know the outcome of your enquiry.
Cheers!
Rob
11-28-2017 03:03 AM
01-22-2018 10:33 AM
Just FYI Rob, we upgraded from S1 to SU3 as reccomended by TAC and the issue was resolved.
We're back working with the helpdesk role as normal.
01-22-2018 01:41 PM
HI Stuart,
Thanks for posting back with your resolution. Much appreciated my friend!
Cheers!
Rob
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide