Delegating WPMU Admin Role

Hi there,

I'd like to be able to delegate the role of the WPMU admin to a support team member.

Essentially, I need them to be able to create blogs and add new users. I guess we could share the admin account, but it'd obviously be better if we could keep things separate in the event people leave the company.

Thanks in advance! :slight_smile:

  • drmike

    Just to throw this in, most of our install downgrade the admin account to a subscriber on blog #1 and upgrade their own accounts to site admin status. There was a thread on the mu forums a few days ago where someone was reporting that they were getting password reset emails all the time. This is probably an attempt to figure out the admin account and gain access to your install.

    If they gain access to a subscriber level admin account, they can do no harm.

    Some of our folks go the extra step of using their normal accounts as normal accounts while setting up additional admin level account only for work. When they go to post around the site or answer questions in the forums, they use their regular accounts while only doing actual admin work with their special admin accounts.

    Hope that makes sense

  • drmike

    We suggest leaving in the admin account. Last time I knew, wp would report a "user not found" error vs a "password or username not correct" error when trying to login with an unknown username. If admin isn't found, they'll move on to trying different usernames. If admin is found but the password isn't correct, they should keep trying and, since the admin account isn't at admin level anymore, they can have fun with that as much as they want and if they get in, they don't go anywhere.

    What started this was a discussion about not having an actual account named "root" way back when many many many eons ago. (edit: As in server admin discussions, not wp ones.) Some server setup guides actually suggest upping server admin accounts to root level and dropping the actual root to something with no access. Makes sense when you have boxes that get hundreds if not thousands of login attempts everyday for root, mysql and other common accounts.

    edit: Also a good reason to lock out an ip at the firewall after three incorrect attempts.

    But anyway....

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.