Server webinterface rights management
The server web interface is protected by a pretty standard user system. You can create, manage and delete accounts. Those accounts are only linked loosely to clients by rights management. Be aware that after first installing UrBackup there is no administrator password set and everybody can see all backed up files! If you want to limit access you should immediately go to the account management in the settings and create an administrator account and set its password.
An admin account can do everything including browsing file backups of all clients. The web interface allows one to create a ’limited’ account that can only browse backups and view statistics from one client. The more sophisticated rights editor can be used to allow an account to access several clients or to limit some aspects. For example you could setup an account which can do everything except browse backups. Following domains, with which you can limit or expand an account’s rights, are currently available:
|browse_backups||Browse and download files from file backups|
|lastacts||View the last actions (file or image backups) the server did (including backup size and duration)|
|progress||View the progress of currently running file or image backups|
|settings||Allows settings to be changed|
|client_settings||Allows client specific settings to be changed|
|status||Allows the current status to be viewed (last seen, last file backup and last image backup)|
|logs||View the logs which were creating during backups|
|manual_archive||Manually archive file backups|
|stop_backup||Stop backups for client on the server|
|users*||Get client names|
|general_settings*||Change general settings (like backup storage path)|
|mail_settings||Change the mail server settings|
|usermod*||Create, change and delete users|
|remove_client*||Remove clients and delete all their backups|
|start_backup*||Start backups for a client on the server|
|download_image||Download images of volumes from the server via restore CD|
You can set the domains not marked with stars(*) either to one or several client ids (separated by ’,’) or to ’all’ – meaning the account can access all clients. The entries with stars(*) have to be set to ’all’ or ’none’ and don’t allow client ids. In order to be able to view statistics you need to set both ’piegraph’ and ’users’ to ’all’. There is a special domain ’all’ which is a wild card for all domains (this means if you set ’all’ to ’all’ the account has the right to do everything).
Currently a user needs the “status” right for at least one client, in order for the user to be able to log in.