GCoffey Posted July 28 Posted July 28 I am the owner of a community on Invision that is at the core of our entire business. We run a network of sites and this one is our most vibrant. We have an employee who was a development admin and has been let go from our company. Unfortunately, they left on bad terms and we need to restrict their access immediately while also getting ROOT access back to us. What is the best course of action for us here? We are in a spot where I am afraid to delete the former employee's account because we don't want to lose back end access permanently. I am afraid if I merge their account with mine they might get more control. Who do I call here? I need a Ghostbuster.
Ghust Posted July 28 Posted July 28 Where is it hosted? You don't neccesarily need to delete the account, if you can ensure only internal network can reach your machine. GCoffey 1
Jim M Posted July 28 Posted July 28 There is not root admin in version 4, you can change the user’s permissions to not be admin or change user’s email and password so they don’t have access if you don’t want to change permissions or delete the account. Ive also changed the name of the topic to be more representative of the topic here GCoffey 1
GCoffey Posted July 29 Author Posted July 29 21 hours ago, Ghust said: Where is it hosted? You don't neccesarily need to delete the account, if you can ensure only internal network can reach your machine. Ah, that's a good idea but unfortunately we are a mostly remote business. 13 hours ago, Jim M said: There is not root admin in version 4, you can change the user’s permissions to not be admin or change user’s email and password so they don’t have access if you don’t want to change permissions or delete the account. Ive also changed the name of the topic to be more representative of the topic here So to be clear, there is no super admin type role? The admins all have the same permissions?
Ghust Posted July 29 Posted July 29 If you're mostly remote, my go-to would be: Disable ssh access with password, only use public key authentication. Remove all unknown keys in /root/.ssh/authorized_keys file And for all other accounts . When adding public keys to authorized_keys, annotate whose key is whose, will greatly simplify this in the future. But for all intents and purposes you have to assume your server is compromised, especially if your ex employee had root access. This is something that your Legal department should know about. This is less of a technical issue imo.
Marc Posted July 29 Posted July 29 40 minutes ago, GCoffey said: So to be clear, there is no super admin type role? The admins all have the same permissions? Not quite. Admin can have different permissions, but there is no "super admin". You can have all permissions or some permissions, but there can be multiple admin with all permission. There isnt a single admin that has more than all the others unless you specifically have set it that way. As a cloud customer, if you want us to confirm your position we can certainly do that. Submit a ticket to us with the name of your account and the other admins account, and we can certainly ensure you are better informed of what you need to do GCoffey 1
Recommended Posts