AdminGuide:BasicConcepts:Users and roles

Da Kalliope Wiki.
Versione del 10 feb 2017 alle 10:02 di Stefano (discussione | contributi) (Creata pagina con "en:AdminGuide:BasicConcepts:Users and roles <div class="noautonum" style="float: right">__TOC__</div> = Users = Access to KalliopePBX GUI (as well as CTI services, LDAP...")
(diff) ← Versione meno recente | Versione attuale (diff) | Versione più recente → (diff)
Jump to navigation Jump to search


Users

Access to KalliopePBX GUI (as well as CTI services, LDAP phonebook, etc.) is granted to Users. There are two kind of users: builtin and custom users. Builtin users include administrative and service users, whose role are usually predefined and not modifiable, whereas custom users are additional users that can be created and assigned to custom roles.

Each user has one or more associated access permissions among GUI, CTI and API.

  • GUI: GUI access means that the user can login to the KalliopePBX web interface; GUI access also grants the user the permission to access the integrated LDAP server.
  • CTI: CTI access allows the users to use Kalliope softwares (CTI, Logger, Supervisor Panel) which connects to the


Builtin users

The first example of builtin user is "admin" (whose factory password is "admin"), which is used to access the GUI after first firmware installation. This is the primary technical figure, and is commonly used to perform all the system configuration. Additional users may have the rights to perform configuration tasks, but they can be limited to specific GUI panels only, according to their granted Role.

The list of builtin users follows, along with their access permissions (Note: (+) means that this access permission is assigned and cannot be revoked; (-) means that the permission can be granted or not):

Username Access permissions Notes
admin GUI (+)
CTI (+)
API (+) 		this is the main technical user. It has all the privileges on the configuration of the PBX, in terms of system (network, network services) and telephony (entites, services, etc.). It has full access to logs and registers, but it has some limitations regarding the aspects related to the privacy of the users. Firstly, it cannot see the full external telephone numbers in the CDR, but it has the last three digits masked by "xxx"; secondly, "admin" user does not have access to Call Recording configuration and files, which is limited to "privacyadmin" user (and delegated users).
privacyadmin GUI (-)
API (-) 		this represents the main
phonebook GUI (-)
API (-) 		this user has read access to the KalliopePBX phonebook. It has to be explicitly enabled from the "System Settings"->"Users Management" panel, assigning it a password and the related access permissions. NOTE: GUI permission also grants the right to access the integrated LDAP server, where the KalliopePBX phonebook is published (according to the settings in "Phonebook"->"LDAP Settings" panel). The "phonebook" user is mainly useful to have a single identity (configurable through provisioning) used by the telephones to access the KalliopePBX phonebook using LDAP.
click2call Testo della cella


Multitenant

Custom users

Estratto da "https://www.kalliope.com/wiki/index.php?title=AdminGuide:BasicConcepts:Users_and_roles&oldid=1424"