Unity Connection Voicemail users can log into Administration page
I am running Unity Connection 1.2(1). Traditionally, I have blocked all client access to Unity Connection. I would like to start piloting some PCA and IMAP access to some clients, but I'm running into some potential security concerns.
Due to the PCA requiring HTTPS access to the server, the Unity Connection Administration login web page is now available to clients as well. If they slightly change the URL I provide to gain access to the PCA login page they can get the Administration login page. That's not the problem so much as the fact that a standard voicemail user is able to log into the Administration web page! Once they are logged in most items are not accessible to them and say 'Not Authorized' if they are clicked on, but the reports are fully accessible and a standard voicemail user can run any report on the server.
As some additional info, voicemail users do not have any 'Roles' assigned to them.
My question is: Is there a way to restrict access to the Administration page so that ALL items are inaccessible to standard voicemail users? I do not want my voicemail users to be able to run any reports at all. It would be better if they could not log into the Administration page in the first place and I see this as a serious design flaw in Unity Connection if it cannot be fixed easily.
Any help on this issue would be greatly appreciated.
Just to add to the response a bit, the reports (and everything else under Cisco Unity Connection Serviceability) in version 2.1 and above are inaccessible -- it doesn't even allow such users to log in to the Serviceability interface.
Right, in 2.1 and above the Reports are under Serviceability. Serviceability is not accessible even for viewing. So while users can still log into the System Administration interface and see the page links, there is no link to access Reports from there.
All Info from userid1run sql select * from enduser where userid='userid1'
userid selective info for multiple usersrun sql select eu.userid,eu.islocaluser,eu.status, eu.mailid, eu.directoryuri, dpc.name as ad_filter from enduser eu left join direct...
New update of Cisco Meeting Server book with Streamer and Scheduler components, the book will cover the following:certificates requirements, clustering, dial plan with call flow, WebRTC, WebBridge3, CallBridge, recorder, streamer, scheduler, NAT Traversal...
The Scheduler component was introduced as a beta feature in version 3.3. It was added as anew component that enabled Web app users to schedule meetings, modify the scheduledmeetings, and notify participants via email. From version 3.4, Scheduler is fully ...
A collection of the most important notes from different resources for Cisco CMS and vbrick integration. Live Streaming (Webcast) integration with VBrick DME allow users to watch any live streamed CMS conference anywhere inside the network from differ...