06-07-2010 10:29 AM - edited 03-19-2019 01:02 AM
I am attempting to refine access to CUPS Administration; however, I cannot find anything except for all-or-nothing access. Adding roles/groups within CUPS appears to only apply toward Application Users, not End Users copied from UCM. The access rights inherited from UCM appear to allow all access if the user is a member of superusers and no access otherwise.
Is there a method for assigning per-page access in CUPS as there is in UCM? Also, if there is and I'm just missing it, which resource within the role controls access to Application > Deskphone Control > User Assignment?
CUPS 7.0.8.10000-1
UCM 7.1.3.32900-1
Solved! Go to Solution.
06-07-2010 11:44 AM
Their definition of "Resolved" might be different with yours.
Here's the "resolution notes":
Added code to CUP to always permit end users who can login to that GUI to access all pages, regardless of what role they have on CUCM or CUCM resources.
Access control to individual CUP End User GUI resources is not supported or on our roadmap.
In short, the feature you're looking for is not there in the latest version. And Cisco has no intention to support it. You should talk to an account manager instead of opening a TAC case.
Michael
06-07-2010 11:09 AM
Hi Jonathan
Nah, you're not missing anything :-)
Regards
Aaron
06-07-2010 11:22 AM
Figures.
The defect claims this was resolved:
Fixed-In
7.1(1.39000.95)
7.0(3.38000.76)
7.1(2.10000.16)
Since this install is at 7.0.8.10000-1 I guess I will open a new case.
06-07-2010 11:44 AM
Their definition of "Resolved" might be different with yours.
Here's the "resolution notes":
Added code to CUP to always permit end users who can login to that GUI to access all pages, regardless of what role they have on CUCM or CUCM resources.
Access control to individual CUP End User GUI resources is not supported or on our roadmap.
In short, the feature you're looking for is not there in the latest version. And Cisco has no intention to support it. You should talk to an account manager instead of opening a TAC case.
Michael
06-07-2010 11:54 AM
Well that is definitely different than my definition. I think that's a cop-out resolution if I have ever seen one.
This does not hold true though. If the user is a member of Standard CCM Admin Users (which does grant access to the /ccmadmin Tomcat app in UCM), they are able to login to CUPS Administration; however, they receive an access denied message when attempting to view any page. It appears the user must actually be added to the superusers group in UCM for this "resolution" to take hold.
06-07-2010 11:57 AM
Ya, I think there was another bug superceded it. But in short, there's no refinement in CUPS. It's either "super user" or nothing.
Michael
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide