1

Topic: Full server Admin Log access for any domain admins

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.6.0
- Deployed with iRedMail Easy or the downloadable installer? installer
- Linux/BSD distribution name and version: Ubuntu 20.04 LTS
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): PGSQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? Yes
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

I manage an iRedmail server with close to 300 domains and 2000 users.

Problem -- Any user with domain admin permissions for a specified domain is able to view the full Admin Log (Activities / Admin Log), viewing events for all domains and admins.

Expected behavior -- Only global admins should have full access to the Admin Log. For admins who are not global, either hide the admin log or restrict view to activities pertaining only to assigned domain(s).

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Full server Admin Log access for any domain admins

This is unexpected. Sorry about this trouble.
Which iRedAdmin-Pro release are you running?

3 (edited by josteiner87 2022-06-18 03:52:42)

Re: Full server Admin Log access for any domain admins

Hi Zhang, thanks for the reply. We are running iRedAdmin-Pro 5.1 (PostgreSQL). Pardon me, I should have included this detail in my original post.

4

Re: Full server Admin Log access for any domain admins

Dear @josteiner87,

This issue has been fixed, please email us with your license key to get a patched version, or wait for upcoming release.
https://www.iredmail.org/contact.html