Tranquil IT Forum

Hello,

Under WAPT 2.5 we are unable to restrict local administrator access to the self-service interface as described in the documentation (
https://www.wapt.fr/fr/doc-2.5/wapt-sel ... inistrator )

. The parameter waptservice_admin_filter=True is deployed on the agents
. The agents have been restarted
. The AD group "waptselfservice" has been created and contains only one user.

However, any local admin who logs into the self-service interface sees all packages displayed, not just those activated in the self-service interface like regular users.

Have we missed something?
Thank you for your help.
Regards

Hello Erems,

are there any local accounts with the same username as the domain account? There was a bug related to this in version 2.5 which should have been fixed in 2.6.

Regards,

Denis

Hello,

no, these are domain accounts without a local equivalent.

That said, I'll plan the upgrade to 2.6; it can't hurt.

Regards.

Hello,

just to let you know, we've upgraded to version 2.6, but the problem persists. Any user with administrator privileges can see all packages without restrictions.

If you have any ideas on how to investigate, I'd appreciate it.

Thank you.

Hello

, * Are you entering a password in the self-service interface? Or is it a file token access (without a password), in version 2.6?

* Is your user not a member of the "domain admins" group?

Simon

Hello,

the self-service area has been password-free since the update to version 2.6.

Indeed, the "admin" accounts I was testing with are also "domain admins". I just tried a local admin account only, and the self-service restriction seems to be working correctly.

So, I understand the issue, thank you.

Hello, this is yet another illustration of why you need two admin accounts, one for a local administrator and another for a domain administrator who will rarely be used.