# Access control management

The module page for configuring access groups

Additionally, the module allows for authentication in MikoPBX using external LDAP/AD services or simply assigning a login and password to each employee.

Assignment of access groups and authentication credentials

The module also adds a new tab to the employee settings page, allowing for quick assignment of access groups or password changes directly from their profile card.

An additional tab in the employee profile card with access group configuration settings

Let's consider a few common scenarios for MikoPBX access control: ### Scenario 1: Access for Multiple Administrators 1. Create an access group and enable the **Group without access restrictions** toggle. 2. Choose the home page that administrators will land on after authentication.

Setting up the access group for administrators

Next, navigate to the "Users" tab of the access group and select the employees who will be granted permission to administer the system.

### Scenario 2: Access Limited to IVR Menu Administration Create an access group with restricted privileges that grants access only to IVR menu administration.

Access group with IVR menu editing rights

Next, go to the **Setting permissions** tab and select only the necessary rights to view and modify existing IVR menus.

Detailed access control settings in MikoPBX

Assign the access group to employees who will administer the IVR menus and save the access group. ### Scenario 3: Access to Call History with User Filtering Create an access group, disable full privileges, and grant access only to the call history section with user filtering.

Configure access to call history in MikoPBX

When selecting this section, an additional tab appears in the module settings, allowing you to configure permissions for viewing and listening to call recordings on a per-employee basis.

Configuring permissions for listening and viewing call recording history in MikoPBX

You can select various filtering options and employees whose call recordings can be listened to by users within this access group. ### LDAP Authorization Configuration The module allows users to be authenticated either with a simple login-password pair or by using an external LDAP authentication server. To configure the connection with the server, navigate to the "Domain Authorization Settings" tab.

Setting up access parameters for the domain controller

Please provide the access parameters to your domain. If necessary, specify the parameters for the organizational unit and the filter for user accounts. Before saving, you can perform a connection data check and retrieve a list of users from the server.

Testing the connection with the domain controller

At the end, you can enter user credentials to test the authorization and save the module settings. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.mikopbx.com/mikopbx/english/modules/miko/module-users-u-i.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.