I have sucessfully created 2 admin levels -- Corporate admin (superadmin) and on-site admin.

Unfortunately, the on-site admin can see and delete the Corporate admin's logon in the user permission's at this time, causing fun and games for me! Sooooo...........

I need the Corporate admin to be able to do everything, and I need the on-site admin to only add/delete/modify users BUT NOT see the Corporate Admin user's id! Is there a way that I can make the Corporate Admin (superadmin) user NOT appear in the user list when an on-site admin is the one editing users?

Thanks, I hope that makes sense!

Lynette
Lynette
Hollister, Ca

If I'm not mistaken this has been asked in the past and I don't think it was possible to just hide one specific user from the list.

Unoffical DBMan FAQ
http://redundantcartridge.com/dbman/

Thank you Lois,

Do you happen to remember why it wasn't possible? Is it a unix limitation related to the password file? As in if the password file is opened for viewing, all records have to show and can't be filtered?

And, I assume you're saying you can't have multiple password files.... or could I have a different .cfg for the corporate admin and a different db.cgi, html.pl, auth.pl ..... giving them all rights over all dbs? since I set up a different DB for each Site with separate .cfg, .pass, .db, .log and .count files but all use the same, db.cgi, auth.pl and html.pl files.

The only easy solution I can think of is to not allow the site admin to delete any users... but they'd still be able to change the password for the corporate admin which I don't want either.

Any ideas on how to get around this?

Thanks!
Lynette
Hollister, Ca

What i remember is just dealing directly with the admin view of managing users and not being able to hide certain users.

I can't remember the exact details of the various threads or questions, but it was related to trying to hide the admin's specs from view of others with admin permission.

As long as they can view all users and have the permission to administer the password file they have access to all users.

Unoffical DBMan FAQ
http://redundantcartridge.com/dbman/

I solved this! Thanks to looking through the Admin section of the Faq! (Bless you Lois for this awesome resource!) There is a thread: 293 - Drop down list of users - and that person wanted to filter out 'admin' from the user_list.

So, since I separated the rights of admin and site_admin (cloning sub admin_display in db.cgi to sub site_admin_display) I just added this line of code in sub site_admin_display and VOILA! superadmin doesn't show up in the user list! And, they can't add or remove superadmin from here either!!!! YEAH!

The added/modified lines are:

unless ($data[0] eq 'superadmin') {
push (@users,$data[0]);
}

In your CLONE of admin_display it goes after:

# If we are inquiring, let's look for the specified user.
my (@data, $user_list, $perm, $password, $email);
$user_list = qq~<select name="username"><option> </option>~;
LINE: foreach $line (@lines) {
$line =~ /^#/ and next LINE;
$line =~ /^\s*$/ and next LINE;
chomp $line;
@data = split (/:/, $line);


unless ($data[0] eq 'superadmin') {
push (@users,$data[0]);
}

You will also want to hide the superadmin permission from the permissions list built at the end of this section! (look for $perm )

HTH

Lynette

Lynette:

YEAH!! That's great that you found a solution. The FAQ truly is a great way to find answers although it still takes some digging around to find treasures hidden within the various thread references.

Unoffical DBMan FAQ
http://redundantcartridge.com/dbman/