This module lets you limit the sections of freePBX to certain users.

Configuration

This module may not be active by default, and will say 'NOTE -
AUTHTYPE is not set to 'database' in /etc/amportal.conf - Module
crippled'. To enable it, you need to change AUTHTYPE in
/etc/amportal.conf to 'database'. If you have already tried to add
users before changing AUTHTYPE to 'database', delete them now and read
the "important warning" below.

Trixbox or Asterisk@Home users have some extra work due to the
Apache level authentication with the "maint" user. You will have to
comment out or delete the following lines in
/etc/trixbox/httpdconf/trixbox.conf for Trixbox or
/etc/httpd/conf/httpd.conf for A@H for this to work:

Password protect /var/www/html/admin

<Directory /var/www/html/admin>

AuthType Basic

AuthName "Restricted Area"

AuthUserFile /usr/local/apache/passwd/wwwpasswd

Require user wwwadmin maint

</Directory>

Then you have to restart httpd (/etc/init.d/httpd restart) and
possibly amportal (amportal restart) too. You should now be able to
login with admin/admin and create/change users in the Administrators
module. Be sure to change the admin password straight away!

Important Warning! Read before using this module

It is quite easy to lock yourself out of freePBX if you enable
AUTHTYPE after you have added users. Don't do it. If you want to use
this, then you must have NO USERS CREATED before you turn it on. If you
don't heed this advice, and turn it on with an existing user there,
then nothing you type in will let you access freePBX. You'll have to
turn it back off, and then delete any existing users.

Adding a User

Enter a username and password in the General section. If this is
the first user, make sure that you select 'ALL SECTIONS' in the 'Admin
Access' list so you can get back in there. As soon as you add the first
user, you will then be prompted for a username and password. Log in as
the user you've just created.

Limiting User Access

  • Department Name
    • Have been unable to find any documentation on this . Help?
  • Extension Range
    • When this user is logged in, they will only see the range
      specified here. This is useful if you're setting up multiple tenants on
      the one system.
  • Admin Access
    • This is a multiple-selection box. You can select a range of
      areas they're allowed to access by either holding down Control (or
      'apple' on Mac's) and selecting individual ones, or dragging the mouse
      over the list of ones you want to give them access to.

‹ Overview of the ModulesupAnnouncements ›

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Admin does not work

truevoice's picture
On May 18th, 2008 truevoice (tadpole) said:

Hi can someone help when i try username admin and password admin freepbx does not log in. I made sure that I deleted any users in freepbx but still not woring any guild would help
Thanks


works great.....but

bestest's picture
On December 3rd, 2010 bestest (tadpole) said:

it leaves the whole /var/www/html/admin/* file structure wide open. How can I protect my server from unsavory critters, while still utilizing the admin module? Should I add another user in the nano /usr/local/apache/passwd/wwwpasswd
file, or somehow point that file to the FreePBX user database? Hmmmmmmmmm.....any thoughts?


Subaru Legacy Fuel Pump

johnsmithsmuels's picture
On January 13th, 2012 johnsmithsmuels (tadpole) said:

Subaru Legacy Fuel Pump Hey...this is a wonderful website buddy and an informative post!!! i am new here and i found this site very interesting and informative ,, you are a professional blogger i think i have a great interest in such things...thank you for the post buddy and keep on posting nice stuff like this :) i am a student


"FreePBX System Status" always enabled

fsegato's picture
On December 7th, 2010 fsegato (tadpole) said:

I've added a user with limited access, in fact just to one module (phonebook). However, the user can always access also to "FreePBX System Status" under Setup, and to "FreePBX Support" under Tools, even if the corresponding lines are _not_ selected in Admin Access.
Is there a way to prevent it? I want people to be allowed just to add phonebook entries without looking around into system details which may be confusing for them.


Here's a way to do it:

bestest's picture
On December 21st, 2010 bestest (tadpole) said:

1) nano /var/www/html/admin/module-builtin.xml
2) go down to line 5 and delete the word Builtin between "name &/name"


strange things

coolname's picture
On February 16th, 2011 coolname (tadpole) said:

a strange thing.
I have do the guide step by step.Before i turn the authtype on,there is no user.After i add a new user ,i can't login,but i can use the old user maint to login.And after i have add the user in /etc/trixbox/httpdconf/trixbox.conf,i can login.

BTW:i only restart the httpd service but not the amportal.

#Password protect /var/www/html/maint

AuthType Basic
AuthName "Restricted Area"
AuthUserFile /usr/local/apache/passwd/wwwpasswd
Require user maint