0 votes

Hi,

I'm trying to create a web console only for sending SMS using adaxes 2018.2. The SMS-users that are going to use the console should only be able to view users, not edit them. The user accounts (who should receive SMS) are spread across a huge number of OUs, and because of that I have created a business unit to collect them.

I have created a security role for the web console, and delegated rights to the users. In the permissions I have tried initially to give only the read-permissions for Business Units and Users. bilde.png In Assignments I have assigned a security group (which the SMS-users are a member of) to the Business Units I have created, plus all the OUs that the users are coming from. I have tried ticking off only "members of the Business Unit", and both as showed below bilde.png

I have also tried giving the users full access to all permissions , as I cannot understand why the SMS-users cannot view the Business Units that I have delagated permissions to. bilde.png

In web configuration, I have ticked off "Display the Business units node" in Navigation bilde.png

The SMS-users cannot view any business units in either the Adaxes Administration Console (GUI), or the Web Console. This is what it looks like for a user with the permissions mentioned over: bilde.png bilde.png

What am I doing wrong?

The only thing I can think of is that the SMS-users security group also is a member of the Blind User Security Role, which removes a lot of OUs that the users should not see or be able to browse to.

by (120 points)

1 Answer

0 votes
by (288k points)

Hello,

You need to make sure that there are no Security Roles assigned to the users that deny the permissions to see Business Units and their members. For your information, Deny permissions always override the Allow ones. As such if there are two roles assigned to a user, one granting a permission and the other denying the permission, finally the user will not have the permission. For information on how to view Security Roles assigned to a user or group, have a look at the following help article: https://www.adaxes.com/help/?HowDoI.ManageSecurityRoles.ViewSecurityRolesUserGroupPerforms.html.

If you are still not sure about the required roles configuration, please, post here or send us (support[at]adaxes.com) screenshots of all the Security Roles assigned to a user whose credentials are specified at sign in during tests with assignments. We need something like the following for each Security Role: image.png

Related questions

0 votes
1 answer

Hello, Is it possible to grant members of a business unit permission to run a custom command? I know I'm able to give permission to a user/group to run a cmd on a business ... that can run the command. I've not been successful with any of my attempts to do so.

asked Mar 23, 2017 by JoCCCsa (100 points)
0 votes
1 answer

Hello We are using the Computer Manager security role and have given access to this group of staff to a web console, what I can't get working is getting it to display the ... else like OS, service pack, role are displaying OK. Can you help please? Thank you.

asked Feb 4, 2015 by CBurn (700 points)
0 votes
1 answer

Greetings. When I create the parameters to make a business rule that looks for users whose Email Proxy Adresses does not contain 'SMTP:%userPrincipalName%', it still generates profiles ... and primary SMTP address don't match. Version is 2023 How rule is set

asked Dec 19, 2022 by MShep (80 points)
0 votes
1 answer

Hello, I want service desk to be able to select from the web interface only groups that are specified in a Business Unit. it is possible to do it (Adaxes 2009.1)? Thanks you.

asked Sep 2, 2020 by tentaal (1.1k points)
0 votes
1 answer

Hi, I do not find where in the web config file we change this limit. Thanks for your help

asked Jul 28, 2011 by sroux (800 points)
3,541 questions
3,232 answers
8,225 comments
547,805 users