This article provide details on Adding\Managing Staff roles and Staff users.
This article applies to all builds of MachPanel.
Staff roles define privileges assigned to the Staff member. To view staff roles, navigate to the following path:
Home » System Configuration » System Users » Staff roles . There are couple of pre-defined roles that come packaged with Control Panel.
These roles include:
- Super Administrator: This role has full unrestricted access to the system. Assign this role only to the staff members who will have full access to every feature of the system.
- Billing Administrator: This role can access only billing relevant section of system. For example, this role can access Billing Manager section but cannot view Network Eye section.
- Help Desk Administrator: This role can access only Help Desk section of the system.
- Network Administrator: This role can access only Network Eye section.
You cannot remove default roles but you can clone or edit default roles or create new roles and assign them to your staff members.
To create a new role, click
Add New Role button and follow the instructions below:
- Role Name: Enter the name for this role.
- Role Description: Enter some description here.
- Is sub reseller: You can Add sub reseller by checking this option.
- Read Only: When it is checked and this role is applied to any user then he can only Read information (Cannot do any add/update/remove operation)
- Features Access: Click the check boxes to define which system areas this role can access.
Note: Now Staff Users can Mange CSP Accounts, manage their own profiles and manage 2FA settings in latest build.
Save
Click
Save button when finished.
Staff Users\Staff Members:
Staff users are your staff member who can access the administrative features. To view staff users, navigate to the following path: Home » System Configuration » System Users » Staff Users . To create a staff user, click Add Staff Member button and follow the instructions below:
You can assign built-in or custom defied roles to your staff user.
- Passport Login: Enter the email address of user. This is used as login for the system.
- Passport Password: Enter a password for the staff member.
- Primary Contact: Here only First Name and Last Name fields are compulsory.
- Roles: Select the Roles you want to assign to staff user.
Click Save button when finished.
Assigning/changing roles when AD LDAP are Set
When AD LDAPs are set
- AD Domains: Select an Active directory domain from the domain(s) which are already configured in machpanel
- Staff users OU LDAP: Users from this OU will be imported into machpanel, Please note staff users can not be deleted, can only be disabled.
- Staff security group OU LDAP: Groups from this OU will be used to assign roles, when OU LDAPs are specified, a new column "Security Group Name" will appear in staff roles listing.
On backend AD, let's say you have groups like billingGroup and networkGroup as shown below, you will specify groups name in Security Group Name column as shown above.
Now Staffuser10272021-1_1 is member of networkGroup
and Staffuser10272021-1_2 is member of billingGroup as shown below
Roles will get assigned automatically.
Under Password Configuration tab you can define password policy system wide.
SaveSave