I'm using Magento ver. 1.4.1.1.
I'm always able to login with the administrative account that was created during the installation.
I created new user and new role.After i assigned new role to new user.Also i made sure new user is active.
Now i try to login with new username and password the systems prompts that is an Invalid Username or Password.
How to solve this issue?
Thanks and regards,
Logan
First of all, try the original administrator role.
If it logs in then there is a problem with the custom role.
The custom role I think in 1.4x requires global search to be checked. Otherwise there maybe a module that doesn't have permissions XML setup correctly in etc/config.xml
Related
I gave a freelance developer the magento2 backend credential and FTP credential to outsource the development of a custom magento2 module. What are the safety measures that i need to do aside from changing the passwords of magento2 backend and FTP to prevent from being hacked in the future?
Ensure that You are giving an admin panel with new user and password for your freelancer's to work. That you can done from magento2 admin panel itself. If you are not done so, if you were gave admin master user name and password you should need to change the password of your admin by using following query.
UPDATE admin_user SET password = CONCAT(SHA2('xxxxxxxYourNewPassword', 256), ':xxxxxxx:1') WHERE username = 'admin';
For more to know about reset password go to the link
And definitely you have to change the FTP Credential too from your server back end.
The most taking care you can prohibit the admin login with IP address.
Hope these things are helpful to you.
In magento , I can create a sub-admin giving access to limited resources. But if I allow any sub-admin to create new sub-admin role and user then he is allowed to give all the access to the new sub-admin even which are not available to him..
(I mean all the module are available to him in Role Resources Tree Under add New Role, even which are not assigned to him)
For example: If sub admin is not having access to reports,Order he can not allow the reports,Order access to the other user he is creating from his access.
Any suggestions?
If you are giving User & Role access to sub-admin, then he/she can create new user as well as role. Magento doesn't check it's own access level. According to your requirement, you have to override admin Permission module.
Create custom extension to overcome from this issue or try any ready extension for it.
I have a solution where I had a user1. I have add this user in the Admin group to give him access to the server. Then I change the name in admin and set the password to admin1234. Then ehn I start the server and it ask for the pass, I enter the new one but it doesn't work. So I remove my user and create a new one, still the same... I remove all the user and have only the default Admin group with no user, but still impossible to run anything. I always get ask for the admin pass when I have no user in the directory.
I have try to do a custom required.js function, I have try with the basic settings... I tried everything but I can't make my project to run.
Anybody have an idea of what should I do to fix this problem?
Try to remove the admin user, kill the server process and then create a new admin user.
I had the same issue a long time ago and this worked for me.
I've set a Joomla site password policy via users > options.
If I add a new user via the backend and try to set an insecure password, the policy seems to work and I get the appropriate error message.
If the user logs in, goes to their profile and changes their password, the password policy is still enforced.
However, if the user goes to the login screen, chooses 'Forgot your password' they are able to choose a new password which doesn't pass the policy.
I'm using the default Joomla login and registration extensions and as far as I can see, there's nothing else that could be causeing a conflict.
Does anyone have some suggestions on where to look?
EDIT
Site is using Joomla! 3.3.6 Stable, which is currently the latest version of Joomla
Thanks a lot!
When I logged in with the user who has non-admin security role the dashboard is not loading and browser will get hanged. But when I logged in with user who had Admin role its working good. So, whats the issue in this scenario..?
It seems a security issue. You will have to check the permissions for the role that the non-admin user has and check if there are limitations on the entity that is being displayed in the dashboard.
maybe this link will help you: http://www.dynamicscrmtrickbag.com/2011/07/15/dynamics-crm-2011-charts-and-dashboards-who-can-see-what/
Hope this will be helpfull
EDIT: Maybe another role conflicts with the one of system admin that might also be possible