Buch1 > Functions, Uses, Concepts > Protection from Unauthorised Access
Protection from Unauthorised Access
The following authorisation levels are available:
Administrator (access with the admin username and admin password)
Sub-administrator (access with the username sub-admin and assigned sub-admin password)
User (access with the internal subscriber number and with the assigned user password)
In order to prevent important settings from being changed accidentally or by unauthorised people, the PBX can be protected from unauthorised access.
Administrator
The administrator has unrestricted access to the Configuration Manager. The PBX can be configured completely and the PINS of the other users (internal subscribers) can be changed with this access.
Sub-administrator
A maximum of four sub-administrators can be configured. The access authorisations to the Web interface are assigned to the sub-administrators by the administrator according to the local requirements. With the exception of some pages (e.g. Administration > Droits d’accès) the whole Configuration Manager or alternatively only some individual pages can be released to the sub-administrators.
Each sub-administrator has the same access and modification authorisations.
*Note: If the sub-administrator enters his internal number as user name, this registration is recognised as an user login and the Web interface is presented in user-mode.
Users (internal subscribers)
The user is any internal subscriber of the PBX. For each user, a user PIN is generated. The access authorisations to the Web interface are assigned to the user by the administrator according to local requirements. The possible range of page releases is limited to a very small number of own subscriber and group settings.
Each user has the same access authorisations. There modification rights may differ depending on the profiles.
Additional app passwords for subscribers
The subscriber password is used for SIP registration and the access to the Configuration Manager and API. Therefore, PBX access data must frequently be saved in external systems. This will lead to security risks, if these systems are insufficiently secured.
Therefore, additional subscriber passwords for accessing the Configuration Manager or API or for accessing Action URLs can be generated.
If an app password has been generated for the subscriber and the corresponding access authorisation has been enabled, the previous subscriber password loses the access authorisation for the correspondig application.
All generated passwords are listed in the table under Synthèses > Mots de passe abonné supplémentaires. The passwords can be generated system-wide or for subscribers, although system-wide passwords can only be generated for Action URLs. Subscriber passwords can be generated for the Configuration Manager, API and for Action URLs.
Proceed as follows for configuration:
Configuring protection from unauthorized access.
Using the Configuration Manager (Administration > Droits d’accès)
Configuring administrator access.
Using the Configuration Manager (Administration > Données constructeur et opérateur)
Configuring sub-administrator access.
Using the Configuration Manager (Abonnés (Abo) > Propriétés > Droits)
PINs and passwords for sub-administrators and users.
Using the Configuration Manager (Abonnés (Abo) > Numéros de téléphone > Configurer)
Generating additional app passwords (Configuration Manager/API) for a subscriber.
Using the Configuration Manager (Abonnés (Abo) > Numéros de téléphone > Configurer)
Generating passwords for accessing Action URLs.
Using the Configuration Manager (Périphériques > URL d’action)
Configuring authorization for controlling of the pbx via phone.
Using the Configuration Manager (Abonnés (Abo) > Propriétés > Droits)