The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WHM - Multilevel Access Question

Discussion in 'General Discussion' started by jdsystem, Aug 26, 2011.

  1. jdsystem

    jdsystem Registered

    Joined:
    Aug 26, 2011
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Greetings Team Cpanel,
    I'm having some problems at cofiguring WHM to my company's needs.
    I explain you our scenario, hoping that you may offer us a solution.

    Making it simple we have two deparments: the first, the system administrators,
    which use the root account and password to manage the whole server; and the second, the webmasters, which should only have a limited access.

    Our problem is in the configuration of this limited account.
    In detail, webmasters account should have:
    -Full FTP access/rights to any account using the same wembaster password (in the way the root password can access any account via FTP)
    -Full access/rights to a phpMyAdmin interface which manages every database on the server (in the way the root user can do it from the WHM interface)
    -Eventually write privileges on accounts (create, edit, delete, change passwords, etc), but this is low priority.

    Lastly webmaster account must NOT have any rights or access to deeper server configurations, nor definitely root privileges.

    Following forums advise, I tried configuring the webmaster user as a "reseller" and assigning it the ownership of every account, which could actually make sense but sadly this path wasn't successful since:
    1) the reseller password wasn't able to login via FTP to its accounts.
    2) accessing with reseller password in cPanel doesn't give access to phpMyAdmin, nor the phpMyAdmin icon is active in the WHM interface.
    3) the "reseller privileges" panel only allows to grant a limited subset of privileges, notably missing FTP and SQL access.

    I hope you may provide us a working configuration (even source file editing if needed) or an alternative way to achieve a root/super user result.
    Thanks in advance,

    Daniele Tezza
     
  2. jdsystem

    jdsystem Registered

    Joined:
    Aug 26, 2011
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    no answer?
     
  3. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,453
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    I don't think this exact configuration is possible. A few thoughts though on this if I can though.

    You should not want multiple users using root login, IMHO. And certainly you shouldn't want anyone, not even root, logging into FTP with root password. Nor Reseller. FTP is not secure.

    You could for the phpMyAdmin issue, I suppose, install a copy of phpMyAdmin into an account and grant that user access to all databases. I think that would work. But of course you'd have to secure this install of phpMyAdmin as it would be outside of cPanel. This also is not going to be a secure situation. (read: https://)

    There is a Feature Request you might wish to sign onto located here: Reseller phpMyAdmin access in WHM thats got no real support so far as you can see.

    I understand this post is not what you were hoping to read, but there are reasons why cPanel handles these users all differently access wise.

    Setting aside the FTP and phpMyAdmin access for the Reseller account, does cPanel do everything else as you want properly? I ask as if the answer is yes, then we've narrowed down what you seek to have and can work out from there with that Feature Request mentioned above and/or by you creating a new Feature Request for the FTP access.

    IMO, Reseller access for all users that need the access you seek, and root for a very limited group. If the Resellers are going to need ongoing access to all users accounts, you might force the users to have their passwords on file with you or something.
     
Loading...

Share This Page