Admin user deleted by your primary admin user.
What is primary admin? There's no such concept. Any account with admin rights has access to everything.
Then everyone can eliminate everyone. There is no Super User and then the other admins as it should be in reality.
- Primary User Superuser (ADMINISTRATION)
- User 1
- user 2
- user 3
- Admin User
- User 1
- user 2
- user 3
The first admin user has access to user -1/-2/-3 and admin 2 and its users 1/2/3
But Admin 2 has access to their user *1/*2/*3 but not access to Admin 1's users.
From my point of view, I think that should be the case.
And prevent admin users from deleting their primary user.
Have you heard of a manager user? To me it sounds like that's what you're looking for.
Yes, of course, but if the admin user creates another admin, this second admin can delete me.
Admin is an admin. It has full access. It works like this pretty much everywhere.
I understand perfectly, but if by a fortuitous event it happens that
Subject 1- You want to have an administrator account.
Subject 2- You want to have an administrator account
Subject 3- You want to have an administrator account
Each of them will be able to create their users and add their devices. But if for a reason x Subject 1 eliminates Subject 3 or Subject 3 eliminates Subject 2. Who controls that? Since you have access to the subject information of both the 123 and all 3 subjects?
Why do you need admin instead of manager?
The user manager can't create users, they can only manage them. Then there is some option to allow the manager to create their own users and not be limited to just managing the ones assigned to them by the admin
The user manager can't create users
Not sure where you got this information from, but it's completely false.
There is a lack of understanding here. I will explain. There is an administrator role and then really anyone can delete the other, but there is an administrator who only manages the users under him. How do you create such a simple administrator instead of the "permissions" do not mark anyone and define a number of users for the account and then he can manage the Everyone below him without being able to delete the main manager
Yeah, there's some major misunderstanding. What you're describing is a manager role, not admin. And it already exists.
Perfect I understood, thank you very much for the reply. It was a mistake and a lack of understanding, maybe the day-to-day.
I'll close the subject.
Good afternoon community.
I have a server, and while testing between users, I activated an administrator account from my main administrator account.
All well and good, but the sub-admin created by the main admin account has access to the first admin's user list and can view the first admin and remove him from the list.
Clicking on delete user displays the warning and also displays the permission restriction warning.
But the primary admin's account has still been deleted.
Is there a way around this, so that you can create admin accounts and prevent a sub-admin from deleting the primary admin's user account and gaining full control of the server?
Obviously I can't put it as a read-only admin, otherwise it won't do any good for it to be admin.
This image shows all users, viewed from the admin2 account
In this image, the admin has already been removed The warning is displayed but does not prevent deletion
In this image all admin users were removed without any restrictions
Is there anything I should know, or am I opening a debate without knowing everything?