SM7 Web Admin forms for any user
Hi all,
We recently setup SM7 and discovered an issue when using the web interface. If a user attempts to login with an admin account, say "falcon", and fails with a bad password. Then use a regular account, with out changing the screen. All the admin forms for the falcon account are accessible. Most will actually work, like scheduling a system shutdown. Did we miss a configuration, or is it a "feature" of SM7
connect URL is
/[server]:8080/webtier-7.00/index.do
Thanks
I too am unable to replicate this...
01. Try to login to http://xxxxxxxxx/webtier-7.00/index.do as falcon with incorrect pass.
02. After "Invalid Login" message, successfully login as BOB.HELPDESK
BOB.HELPDESK's forms are displayed in the system navigator as expected. Can you elaborate on what your steps if they're different than above?
I suspect we may have missed something with the accounts setup.
I have attached a document that shows how I was loggin in with pics of what was displayed for clarity. We do not have the BOB.HELPDESK account so something is different with our installation.
Thanks
Don't worry about the user BOB.HELPDESK thats just a user in the default system which just has been deleted in your system. I used CM 1 for example.
Check the operator home menu, if for some reason the menu specified is not found SC defaults to the admin home menu. It might be whats happening.
This condition exist for every account I have setup. But I thought we were OK based on Pic1 which shows the correct menu.
I will check
Thanks
Since the user "Service Desk" logs in and gets the menu initially, it seems the menu must be setup correctly.
If you do it the opposite way... fail login with Service Desk and then correctly login as falcon, does falcon get the Service Desk menu?
mm, good point I never tried in reverse.
So...
1) Logged in as Service Desk using a password, caused a failure. (this account has no password)
2) logged in as falcon using the password.
3) Menu displayed matches the falcon account.
Conclusion, the answer is no. The falcon account is fine.
Also, I have submitted an Incident with HP this morning (ID 3601133557).
Please keep us up to date on what happens!
Can you make an unload of following and attach here:
- formatctrl login.DEFAULT
- an operator that fails with password set to either the userid or blank
- the menu specified on the operator
- the format for the menu
Update.
HP has moved this up to the developers for action.
They were able to replicate the condition with the BOB.HELPDESK account. To replicate the condition, modify the operator record for BOB.HELPDESK. Change the startup routines to use the falcon operators menu. Be sure to set all the parameters the same as well.
Some access is still restricted, but you will have sufficient rights to create a new operator and assign sysadmin rights using the sys admin role. Then gain full access with the new account.
BOB.HELPDESK isn't supposed to have falcon's menu. The menu is how you restrict access to many functions in the system.
I agree. Give a normal user the admin menu and you ask for trouble. I am surprised HP even bothered to raise a ticket and investigate further on it.Originally Posted by glg
So my answer had I been in HP's end: Works as designed!
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote
Bookmarks