3CX Community

10 readers

1 users here now

About

3CX Phone System is a software-based IP PBX for Windows and Linux which replaces traditional business PBX telephone systems. It is based on the SIP standard and supports standard SIP software and hardware phones. It allows calls to be made via an internet-based VOIP service provider or via the traditional public telephone network. Easy to install and configure, it includes a web-based softphone with voice mail, auto attendant, call hunting and other features.

Rules

Follow the lemmy.world rules.
Only 3CX related content.
Keep it civil! From time to time contentious subjects come up. Stay calm and collected, don't devolve the comments into a flame war.
No spam, this includes multiple postings of the same topic.
No links that obfuscate access to content, e.g. redirecting to a sign-up page.

founded 1 year ago

MODERATORS

MordyT

Common Topic: Admin Permissions (self.3cx)

submitted 1 year ago by MordyT to c/3cx

0 comments fedilink hide all child comments

Building off the last common topic, https://lemmy.world/post/3989759, where I discussed the 2 admin/management pages, this thread will discuss the types of admins in the system when accessing the Management Console:

Hosting Admin
Root Admin (not OS, what 3CX calls root credentials)
Root Admin , but via SSO
Admin via Delegated permissions

It's very uncommon for people to run into a situation where hosting credentials are in use. Put simply, hosting credentials can be setup when the PBX is installed to lock out certain settings that have to do with the hosted platform. These settings can include terminal access, network settings, and a few others. It's a method to allow people hosting 3CX to control certain settings while not having access to the main PBX settings.

Root credentials (and root via SSO) is the most common method. With root you have access to everything (unless hosting method is in use, then it's everything but the hosting settings) and can modify whatever you want. If you use SSO to sign in and your username is specified under the "Administrator Sign In" section, it impersonates the root user. The audit log shows all actions taken as that root user and not the username of the signed in user.

Delegated permissions are where it gets interesting. Under an extension you can grant a user access to the management console, but they never have full access. Even with every checkbox set a delegated admin cannot modify another user who is also listed as an admin, nor can they promote a user to admin. The audit log shows all actions taken as that user with their username of the signed in user.

no comments (yet)

sorted by: hot top controversial new old

there doesn't seem to be anything here