cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

653
Views
5
Helpful
5
Replies

CUPS Administration Access Refinement/Delegation

I am attempting to refine access to CUPS Administration; however, I cannot find anything except for all-or-nothing access. Adding roles/groups within CUPS appears to only apply toward Application Users, not End Users copied from UCM. The access rights inherited from UCM appear to allow all access if the user is a member of superusers and no access otherwise.

Is there a method for assigning per-page access in CUPS as there is in UCM? Also, if there is and I'm just missing it, which resource within the role controls access to Application > Deskphone Control > User Assignment?

CUPS 7.0.8.10000-1

UCM 7.1.3.32900-1

1 ACCEPTED SOLUTION

Accepted Solutions

Their definition of "Resolved" might be different with yours. 

Here's the "resolution notes":

Added code to CUP to always permit end users who can login to that GUI to access all pages, regardless of what role they have on CUCM or CUCM resources.

Access control to individual CUP End User GUI resources is not supported or on our roadmap.

In short, the feature you're looking for is not there in the latest version.  And Cisco has no intention to support it.  You should talk to an account manager instead of opening a TAC case. 

Michael

http://htluo.blogspot.com

View solution in original post

5 REPLIES 5

Hi Jonathan

Nah, you're not missing anything :-)

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsr25527

Regards

Aaron

Aaron Please remember to rate helpful posts to identify useful responses, and mark 'Answered' if appropriate!

Figures.

The defect claims this was resolved:

Fixed-In
7.1(1.39000.95)
7.0(3.38000.76)
7.1(2.10000.16)                                                         

Since this install is at 7.0.8.10000-1 I guess I will open a new case.

Their definition of "Resolved" might be different with yours. 

Here's the "resolution notes":

Added code to CUP to always permit end users who can login to that GUI to access all pages, regardless of what role they have on CUCM or CUCM resources.

Access control to individual CUP End User GUI resources is not supported or on our roadmap.

In short, the feature you're looking for is not there in the latest version.  And Cisco has no intention to support it.  You should talk to an account manager instead of opening a TAC case. 

Michael

http://htluo.blogspot.com

View solution in original post

Well that is definitely different than my definition. I think that's a cop-out resolution if I have ever seen one.

This does not hold true though. If the user is a member of Standard CCM Admin Users (which does grant access to the /ccmadmin Tomcat app in UCM), they are able to login to CUPS Administration; however, they receive an access denied message when attempting to view any page. It appears the user must actually be added to the superusers group in UCM for this "resolution" to take hold.

Ya, I think there was another bug superceded it.  But in short, there's no refinement in CUPS.  It's either "super user" or nothing.

Michael

Create
Recognize Your Peers
Content for Community-Ad