Hey guys and gals, i got a quick one.
I basically need two admin accounts but I need that the second one to have admin access but not be able to delete/disable/change pw on the first user.
What i need is access for our engineers to manage the MT's but also let the local admin have access as well but we don't want him changing our access.
Is this possible?
Regards
Re: Super User
you can create another group for admin users without be super "policy" users:
If the user NOT have "policy" right can not modify password or delete user account
Code: Select all
/user group
add name=near-full policy="local,telnet,ssh,ftp,reboot,read,write,test,winbox,web,sniff,api,sensitive,password,!policy"
Last edited by rextended on Fri Jun 27, 2014 1:23 am, edited 2 times in total.
-
-
ytuxedo002
Frequent Visitor
- Posts: 62
- Joined:
Re: Super User
Beautiful. I will implement this and let you know how it works out. But I can tell that this will work just fine. Thank you sir.you can create another group for admin users without be super users:
Code: Select all/user group add name=near-full policy="local,telnet,ssh,ftp,reboot,read,write,test,winbox,web,sniff,api,sensitive,password,!policy"
Re: Super User
BUT...Beautiful. I will implement this and let you know how it works out. But I can tell that this will work just fine. Thank you sir.you can create another group for admin users without be super users:
Code: Select all/user group add name=near-full policy="local,telnet,ssh,ftp,reboot,read,write,test,winbox,web,sniff,api,sensitive,password,!policy"
there is more than one way for right excalation, if the admin know the way...