This article provides the required steps to configure access rights in Kerio Control. This procedure is helpful for administrators when implementing the access right access scheme within Kerio Control, and assigning permissions to end-users depending on their roles.
- In Kerio Control's administration interface, go either to Users or Groups, under Users and Groups.
- Double-click the user or group you want to edit.
- Go to tab Rights and select the desired level of access rights.
- Click Confirm.
Available Levels of Access Rights
Users and groups can have assigned the following levels of access rights:
- No access to administration
- Read only access to administration
- Full access to administration
|User can unlock Content Filter rules||
The user with this right is allowed to bypass rules denying access to requested websites at the page providing information about the denial, and the Unlock button is displayed.
|User can control dial-up lines||
If the Internet connection uses dial-up lines, users with this right will be allowed to dial and hang up these lines through the web interface.
|User can connect using VPN||
The user is allowed to communicate through Kerio Control's VPN server or IPSec VPN server using Kerio VPN Client or IPSec Client.
For determining which users are admin (for example), one may check the 'Rights' parameter in the UserDB.cfg file (which is contained in any configuration backup downloaded from Kerio Control). The Rights matrix is as follows:
- No access to administration - 0, 4, 16, 20, 32, 36, 48 or 52
- Read only access to administration - 1, 5, 17, 21, 33, 37, 49 or 53
- Full access to administration - 3, 7, 19, 23, 35, 39, 51 or 55
E.g. if the Rights parameter has a value from 1, 5, 17, 21, 33, 37, 49 or 53, then the user has read only access to administration, and so on.