07-11-2011, 04:32 PM
Join Date: Jul 2011
Post Thanks: 0
Thanked 0 Times in 0 Posts
| | BES Express 5.0.3 Security Role Problem?
Please Login to Remove!
New Member here, I tried several searches but could not find anyone else complaining of this problem. I am wondering if nobody has noticed it, or if it is unique to my situation.
My company is getting ready to migrate from BES 4.1.6 to BES 5.x. In researching this, I have put up BES Express 5.0.3 in a test environment to see if it is worth it for us to migrate to the free version of BES.
I was testing different security roles in BESX, and created an account for our Help Desk using the Senior Helpdesk Administrator role. While logged in under that test account, I went into Manager Users, and just as a fluke tried to delete the default Security Administrator account that was created when I installed BESX. Color me surprised when it let me delete the Security Administrator account while logged in as a lowly Senior Helpdesk Administrator.
Luckily I had previously made other Security Administrator accounts. I created a few other test Security Administrator accounts just to see if it was a one time thing, or if I was seeing things. Each time, I was able to delete the Security Administrator account using the Senior Helpdesk Administrator Account.
Has anyone else come across this before? It seems like a potentially huge security problem, and I have not been able to come up with a solution to protect the Security Admin accounts.
Any help/guidance you guys can provide is appreciated.