You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The Problem:
As a security best practice I recently made some changes to our Rocket.Chat instance so that none of our day-to-day accounts have the Administrator role. This role is only held by a single account with a strong password + 2FA that can be used to modify server settings, create new users, etc.
There is currently no way for non-admin users to receive notifications from Rocket.Chat when new server versions are available.
Under the update checker permission (General->Update) I see that it says:
“Checks automatically for new updates / important messages from the Rocket.Chat developers and receives notifications when available. The notification appears once per new version as a clickable banner and as a message from the Rocket.Cat bot, both visible only for administrators.”
The Solution:
It would be great if these notifications were controlled by a permission config that defaults to the Administrator role that could also be enabled for other roles. In this way one could lock down the administrator account and only use it when needed (Adding new users, changing settings, etc) but still receive notifications on a "daily driver" account when new server versions are available.
The text was updated successfully, but these errors were encountered:
The Problem:
As a security best practice I recently made some changes to our Rocket.Chat instance so that none of our day-to-day accounts have the Administrator role. This role is only held by a single account with a strong password + 2FA that can be used to modify server settings, create new users, etc.
There is currently no way for non-admin users to receive notifications from Rocket.Chat when new server versions are available.
Under the update checker permission (General->Update) I see that it says:
“Checks automatically for new updates / important messages from the Rocket.Chat developers and receives notifications when available. The notification appears once per new version as a clickable banner and as a message from the Rocket.Cat bot, both visible only for administrators.”
The Solution:
It would be great if these notifications were controlled by a permission config that defaults to the Administrator role that could also be enabled for other roles. In this way one could lock down the administrator account and only use it when needed (Adding new users, changing settings, etc) but still receive notifications on a "daily driver" account when new server versions are available.
The text was updated successfully, but these errors were encountered: