There are several threads that seem to indicate that the feature set for a cPanel account controls which options (including changing user password) the user has via the webmail interface. But this is not entirely true...
Turning off Autoresponders or Forwarders in the feature set for a cPanel account removes them or turns then off in cPanal and the webmail interface. (Works as expected.)
BUT... deselecting Password & Security removes it from cPanel's interface, while leaving it active in webmail's interface! Deselecting it in the default feature set, and selecting it in the disabled feature set still does not remove it from the webmail interface.
Additionally, there is a work-around (bug?) for changing user passwords (other than the main cPanel user). It is possible in cPanel, under Email Accounts, and also under User Manager (which cannot be turned off in the feature set) to change a user password. It's like this ONLY possible to prevent a cPanel account password change but not prevent other user password changes.
It makes sense that a cPanel user should be able to change email passwords in their account, but how do we prevent users from changing their own in webmail?
What am I missing?
-Pete
Turning off Autoresponders or Forwarders in the feature set for a cPanel account removes them or turns then off in cPanal and the webmail interface. (Works as expected.)
BUT... deselecting Password & Security removes it from cPanel's interface, while leaving it active in webmail's interface! Deselecting it in the default feature set, and selecting it in the disabled feature set still does not remove it from the webmail interface.
Additionally, there is a work-around (bug?) for changing user passwords (other than the main cPanel user). It is possible in cPanel, under Email Accounts, and also under User Manager (which cannot be turned off in the feature set) to change a user password. It's like this ONLY possible to prevent a cPanel account password change but not prevent other user password changes.
It makes sense that a cPanel user should be able to change email passwords in their account, but how do we prevent users from changing their own in webmail?
What am I missing?
-Pete