Super Administrator

  • App
    WoltLab Suite Core

    A super administrator is essentially another administrator but with additional permissions. For example, only a super administrator can manage other admins. A super administrator can also not be banned by a rogue member. In addition, this feature could be used as a tool to recover a site if someone successfully hacks your account, as only you would have access to the file server and have the ability to change the user ID to a new super administrator.


    Super administrators must be added to the config.php file to enable their super admin status:


    Code
    //    ****** SUPER ADMINISTRATORS ****** 
    //    The users specified below will have permission to access the administrator permissions 
    //    page, which controls the permissions of other administrators 
    $config['SpecialUsers']['superadministrators'] = '1';  


    This feature is found in vBulletin

    https://www.vbulletin.com/docs/html/what_is_superadmin

  • If this feature ever gets implemented I will switch the software. "Super administrators" are bad software design and should never ever exist.

    • Super administrators grant no additional security. A super administrator account is as likely to be "hacked" as a "normal" administrator account
    • Super administrators are usually bound to a specific user ID. That makes the whole concept rather inflexible and not really user-friendly
    • There are cases where you want administrators to be able to manage other administrators (I personally have that in my forum) and the concept of a super administrator kinda destroys this. The workaround is to make every administrator a super administrator ... but then what purpose does a super administrator serve?

    Many years ago a lot of software used to have such super administrators. But let's be real: It just makes everything more complicated and serves no real purpose. I have never needed a super administrator in the last 7 years and I'm fully positive that a lot of other people feel the same way.

    98% aller PC Probleme sitzen direkt davor.

    Edited once, last by Garma ().

  • Well, if you need something like this, you can implement it basically yourself.

    Create a new Super Admin group.

    Grant this Group Access to manage all other Groups and add an Backup useraccount to the new group.

    Set the Priority of the group to 0 so it won't be shown.

    Edit (with the new User) the standart admin group to not be able to edit your Super Admin Group and you'll be done^^

    The only thing there is missing is the option to mark a user as super admin throu the file system...

  • ... that's just what I am going to do, thanks.

    I am a Newbie Admin. Please be gentle, I don't understand technical things.
    (Please can we have a full manual for this software)

    • Official Post

    Internet Serious Business See the answer by Morik for an explanation on how to accomplish it. Because of how the permission system works, the created super admin group (and its permissions!) are uneditable by other admins. Bonus for something that isn't a bogus option somewhere in the file, where you'll have to pray that it gets respected everywhere.

    Alexander Ebert
    Senior Developer WoltLab® GmbH

  • This is an acceptable solution. Thank you Morik

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!