Managing multiple domains and user access


#1

I have multiple domains on my account and would like to be able to provide users full access to only certain domains while, of course, maintaining my “superuser” access to all domains. In other words, this is for the simple situation where I want to set up a domain for a friend or client and give them pretty much full control of that domain and that domain only.

I figured that this should be easy but after fumbling around in the dreamhost panel and then searching through the forums, I find that it is not at all simple. I would think that this would be a very common need so I would like to pull together folks ideas about the best options for implementing this setup, boil that down, and perhaps request that a simple summary get added to the knowledge base.

From what I’ve gleamed from the forums, this looks to me to be the best appoach:

  • Create a new user first and then create the new domain under that user.
  • Give that user administrative privileges for their domain.

The main downside I see for this approach is that there is no easy way for me to have “superuser” access to this users domain.

The approaches I’ve seen for giving user access to one of the domains under my user do not look very promising to me. For one, there is no simple way to give them ftp and shell access to just that domain. I guess I could give them administrative access to that domain by giving them an email address and then giving administrative privileges to that email address for that domain.

Other ideas? Remember, one of my goals is to keep the set up as simple as possile.


#2

[quote]I would think that this would be a very common need …

[/quote]

Oh yes, count me in. :slight_smile: I too THOUGHT it would be quite logical to assume this super-user/sub-user configuration but was actually told that “nested permissions” were at least not encouraged. Really confused.


[color=#CC0000]name[/color]slave
Domain Registration, Web Hosting & Search Engine Optimization


#3

Amen, at least from my perspective as web-grunt for a nonprofit. Public sites, member sites, forums, gallery, directories, and so on…I see no practical way to share or delegate responsibilities. I was able to set up a single user to co-update a single page – and that relies on a third-party file manager (and all the lovely 777 permissions those seem to require).


#4

[quote]From what I’ve gleamed from the forums, this looks to me to be the best appoach:

  • Create a new user first and then create the new domain under that user.
  • Give that user administrative privileges for their domain.[/quote]
    This is already pointed out in other replies, but …

In order to give someone administrative privileges, they need a Web ID, which is not the same as the user id for ftp/shell/mail etc.

There is no “superuser” available. You would need to login as the ftp/shell user in question in order to manage their files, etc. You can use the web panel to retreve their ftp/shell user details.

Also, when creating a user, they get their own mailbox. In order for that mailbox to be set up for the domain for that user,

  1. create the domain first
  2. create the user
  3. edit the domain to be located in the user directory instead of yours

Otherwise when creating the user, his mailbox would be tied to a domain that existed before theirs.

:cool: Perl / MySQL / HTML+CSS


#5

[quote]… “nested permissions” were at least not encouraged. Really confused.

[/quote]

May I elaborate a bit here: when you create a new user under one of your domains, your control of that domain will then be lost. This doesn’t sound very logical I must say. In other words, you can only “give away” control but not “delegate” it; and this alone is in itself so different from what we have all learned about management and organization.


[color=#CC0000]name[/color]slave
Domain Registration, Web Hosting & Search Engine Optimization