Page 1 of 1
Admin (level 8/9) restrict access
Posted:
Wed Feb 21, 2018 3:03 pm
by gequiros
Is there ANY way we can LIMIT / Restrict a level 8 or 9 agent to login from ANY IP
My idea, since i am planning to go "big" (at least for me) is to open the server and limit ADMIN users from login from ANYWHERE in the world
Either way i will block all our servers and login ONLY from certain countries ( those we will have business / agents )
I can ( per hardware firewall ) block/allow per IP/Country, but, i don't want anyone to be able to download leads or create phones and so on....
Thanks so much !!
Re: Admin (level 8/9) restrict access
Posted:
Wed Feb 21, 2018 4:11 pm
by williamconley
You seem to be mixing your "goal" up a bit, can you clarify?
Level 8 or 9 should be "ok" to download ... but only if they are in certain countries when they do so? Is that really the goal? (To be clear: You have people who you want to download ... but only while they are in the office, but they can have access while outside the office, just not Download access ...?)
If that's true, it's not built into Vicidial, but could be added. Depending on your "and so on", which obviously won't work. A detailed list of the "and so on" would be required. Preferably as it pertains to the permission items under Modify User.
Re: Admin (level 8/9) restrict access
Posted:
Wed Feb 21, 2018 4:19 pm
by blackbird2306
I think this is what you are looking for:
revision 2726 from 2017-04-10:
Added IP Lists feature, allowing creating of lists of IP Addresses that can
be used as whitelists on a User Group basis for Agent, Admin and API
web resources.
Please upgrade your system and this feature is available!
Re: Admin (level 8/9) restrict access
Posted:
Wed Feb 21, 2018 4:58 pm
by williamconley
blackbird2306 wrote:I think this is what you are looking for:
revision 2726 from 2017-04-10:
Added IP Lists feature, allowing creating of lists of IP Addresses that can
be used as whitelists on a User Group basis for Agent, Admin and API
web resources.
Please upgrade your system and this feature is available!
I don't think I remember that being a method in this feature.
Have you used this feature to verify that the IP will override the User Name when allowing access to specific modules (ie: if the same user attempts to download a list from two different IPs, it'll work from one, but not the other)?
Re: Admin (level 8/9) restrict access
Posted:
Wed Feb 21, 2018 5:28 pm
by gequiros
Sorry, i think i didn't explain properly...
I just want from where the ADMINs would be able to login ( just whitelist ), i remove the ability from them to do most harmful things to our system.... if an admin or higher level can do "bigger" changes and they use a WEAK password, i don't want any one doing brute force and being able to change anything harmful ( creating trunks/agents, etc )
Hope it does make sense now
Cause, i can have AGENTS from COSTA RICA, remotely from their homes, and i can be an admin and able to login, but, what happens if someone see me typing my password (that won't happen, i use a password manager) but, if they see a supervisor or manager doing something and they get home and try that user and password....
What if a "manager" upset with me goes in and start removing agents, changing things on campaign, downloading leads and sell those leads somewhere else ?
I hope you guys understand what i mean
Thanks for your help...
Re: Admin (level 8/9) restrict access
Posted:
Wed Feb 21, 2018 5:43 pm
by mflorell
If you upgrade your system, you will have the IP Lists feature, which will let you do this.
Re: Admin (level 8/9) restrict access
Posted:
Wed Feb 21, 2018 5:54 pm
by williamconley
Also, your system should be whitelisted and disallow logins from agent's homes in the first place. We've also had a few clients who allowed login attempts from anywhere just so they could capture the IP/User/Pass and then log the attempt and report the violated user/pass/ip to the SuperUser so action could be taken to seal the breach.
Just not allowing the access often doesn't solve the problem, it merely causes the violator to become more creative ... if you fire them that tends to reduce the likelihood of temptation (especially for the one that got fired). If you are like that client, they brought along badges to the home identified by the IP. Financial services people have NO sense of humor in that regard. lol
Re: Admin (level 8/9) restrict access
Posted:
Wed Feb 21, 2018 5:58 pm
by gequiros
Great, thanks so much
really appreciated...
Yeah, didn't had time lately to check on new one version