Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SOLVED How to limit reseller's access to DNS

Discussion in 'General Discussion' started by jndawson, Dec 6, 2016.

Tags:
  1. jndawson

    jndawson Well-Known Member

    Joined:
    Aug 27, 2014
    Messages:
    169
    Likes Received:
    18
    Trophy Points:
    18
    Location:
    Western US
    cPanel Access Level:
    DataCenter Provider
    We are setting up a reseller on one of our WHM/cPanel boxes and have restricted access to DNS in the reseller's privileges (DNS add/edit/park/remove all unchecked), and no access to DNS clustering. However, when logged in as the reseller, there is unfettered access to all the DNS functions, including the clustering functions. If it was only access to the customer's domains, there wouldn't be any issues.

    Is restricting access not possible? We don't want the headache of exposing several thousand domain zones.
     
  2. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,515
    Likes Received:
    33
    Trophy Points:
    308
    cPanel Access Level:
    Root Administrator
    Hello, I'm sorry you're having trouble getting this to work. To figure out what is happening, please provide the following information:

    1. Version of cPanel & WHM you are using
    2. A list of all the privileges assigned to the reseller (you can find an easy to paste list in /var/cpanel/resellers)

    Thank you.
     
  3. jndawson

    jndawson Well-Known Member

    Joined:
    Aug 27, 2014
    Messages:
    169
    Likes Received:
    18
    Trophy Points:
    18
    Location:
    Western US
    cPanel Access Level:
    DataCenter Provider
    1. v.60.0.26
    2. <reseller's account>:add-pkg,all,create-acct,disallow-shell,edit-account,edit-mx,edit-pkg,kill-acct,limit-bandwidth,list-accts,mailcheck,news,passwd,quota,rearrange-accts,resftp,restart,show-bandwidth,software-ConfigServer-csf,stats,status,suspend-acct,thirdparty,upgrade-account,viewglobalpackages

    Note that 'edit-mx' is the only dns-related privilege. Does that over ride the other dns-specific settings?
     
  4. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,515
    Likes Received:
    33
    Trophy Points:
    308
    cPanel Access Level:
    Root Administrator
    The reseller has the all privilege. That grants full access to the entire server through WHM. It is not possible to assign the all privilege, then reduce privileges by unchecking boxes. You need to remove the all privilege to restrict access to functionality.
     
  5. jndawson

    jndawson Well-Known Member

    Joined:
    Aug 27, 2014
    Messages:
    169
    Likes Received:
    18
    Trophy Points:
    18
    Location:
    Western US
    cPanel Access Level:
    DataCenter Provider
    Thanks - that was it.
     
    cPanelMichael likes this.
Loading...

Share This Page