Your advice on allowing a large customer to let one of their employees use manager 9

[Rhinorhino]

I've always been the vendor who manages all the changes on my customers large-scale systems. I now have a customer on an IPO with over 200 extensions very complex auto attendant and voicemail call center set up that wants somebody in the bookkeeping department to make changes for the employees.

I'm really concerned that they're going to cause some sort of catastrophic problem with this.

I think they think this is just something simple. It's just phones.

They wouldn't let their employees mess around with their IT Network but I think they think less of the phone system.

What's your experience and recommendations in morning the customer how dangerous this could be.

Thanks

 

[budbyrd]

I have worked with a lot of sites that would do their own user management. Name changes and such. Just provide clear documentation on how to do the basic changes. Also make sure to have it save backups on open and saves of the config so if they do muff it you can just reload the backup and go about your day.

You are probably safer with having someone in bookkeeping doing it than their junior IT guy that is willing to mess around and find out when he think he can fix things better.

Dermis and feline can be divorced by manifold methods.*
*(Disclaimer for all advise given)--'Version Dependent'

 

[IPOTS]

You can configure the IP Office Manager user to have limited abilities for name changes etc....
I would be careful on providing access the VMPro Client as changes to call flows would have a more drastic effect.
I would also setup the Manager to auto save backups after each change. Just in case you need to restore the last known good config.

 

[sizbut]

Find out what they want to do first. Then see if it matches any options other than full access.

- SoftConsole users can change other users hunt group, forwarding, DND, etc. settings.

- You can create a right group with limited Manager and Web Manager security rights. Play with it on one of your own systems to see the effect.



Stuck in a never ending cycle of file copying.

 

[Rhinorhino]

They want whole access to add change and delete users incoming the ID assignment etc.

The only problem is they only need this done every couple of months when they have an employee change so it's not like it's somebody who's doing this on a daily or weekly basis that's going to be able to remember how this is done. This site has tons of customization hunt groups voicemail maybe paging all sorts of stuff that could get messed up if they click the wrong option. Then of course they're going to blame it on me.

It's not that I want to keep control over it myself it's just I think for 0 safety of the customers Network they shouldn't have somebody there really is not experienced at this play around with it.

 

[Qzwsa]

We make our customers sign a waiver if they want full admin rights. Did this even back in the Nortel Norstar days if they wanted the installer-level password instead of the system admin password. Send a letter stipulating that you can not warranty any programming if you release administrative access to untrained users and advise against it, and make sure you send it to someone high up at the company. Maybe they still go ahead with it, but now your butt is covered and all the hours you put in fixing their screw-ups are billable. More likely, the big boss looks at it and says they'd rather pay for a couple hours of programming safely over a year, than pay for a couple of hours over a single day while out of service.

- Qz

 

[sizbut]

You should still look at the security settings. Create them a service user who can't fiddle with lines, IP routes, etc. Restrict it as much as possible and only loosen it if they hit one of the blocks (which will give you an idea of what changes they are doing).

If its Manager, make sure they have it configured to keep backup config files. And regardless, if you have remote access, make sure you schedule regular backups.

Stuck in a never ending cycle of file copying.

 

[biv343]

I have customers with anywhere from a few dozen to over 2000 phones on IPO. Every customer does their own MAC work. Some have dedicated telecom resources, some use junior IT resources, some use Sally in accounting. At the end of the day, it is their system that they own, so they can do to it what they want. They do get their own logins and we provide admin documentation.

If they break something, we fix it, either under the maintenance agreement or as a billable ticket depending on the extent of what the issue was. Only once has a customer broken something to the point where loading a backup config was the quickest way to restore operation.

 

[Westi]

I am with biv343 on this. The customer bought the system and they can do what they like. Trying to minimize the risk with good documentation has so far shown to be the best way to go.
Also unique logins are a must so that you can see who buggered it up. ;-)

Joe
FHandw, ACSS, ACIS

https://www.millsidetc.com/

 

[dsm600rr]

Give them full access, take backups, have them sign a waiver and let them free. Billable work to fix the crap they break, say I told ya so and revoke programming privileges. Done and Done.

ACSS / ACIS

 

[sartechy]

I definitely get your concern about letting someone inexperienced mess with that complex phone system. Covering your bases with a waiver sounds like the smartest move so you're not left holding the bag if something goes wrong. Maybe also suggest keeping their access on more of a "view only" basis, unless a specific change request comes through you first? That way at least you've got oversight on any changes. But if they really want full control, protecting yourself is priority one.