Creating Administrator Roles

Creating Administrator Roles

For most web applications it is useful to have graduated
permission access, so that users have only access to the functions
they need.

This lets you give office managers, for example, access to the
Extensions directory to change usernames and reset voicemail
passwords as employees come and go, without exposing trunks and other
settings they do not need.

Show below is just such a configuration. In this case, Mie is
allowed to see status, edit extensions (this part is not shown) and
apply changes.

In addition to the webapp username / password settings, both
Apache and iptables can be used to restrict access on a location
basis to the web application.

A good policy is to only allow local (LAN) or tunneled via SSH
access to the web application, though exceptions can be be made for
the Recordings (ARI) interface.