Arbitration / Training

The Training Course for Case Managers and Arbitrators

Training Home / back

Appendix 02: What Support can do

When making a ruling it helps to know what Support is able to do using the Support console.

For one thing you can try the console yourself using the testsystem at, but of course an experienced Support Engineer can do more things than a lowly Arbitrator just playing around a bit.

So this page should give you an idea about the things that are possible. Of course you may still ask Support for their advice if you don't know whether some action is possible or not.

Finding an Account

To find an account Support has to know an email address. Or at least a large enough part of it.

When searching for a mail address the Support Console is looking in all possible mail addresses, including secondary and deleted mail adresses.

In the search mask, SQL wildcard characters can be used, so "%cacert%" will find all addresses containing the string "cacert" somewhere. The search will only show the "first" 100 results, so probably the search for "%cacert%" won't show every address.

Examining an Account

Using the Support Console a Support Engineer can see almost everything that's connected to an account.

This includes (but is not limited to):

Account History available as soon as bug 1138 is put onto the production server

Viewing the account history provides more data but is logged and shown to the user. This is only allowed when requested by an Arbitrator (at least that's my guess).

Additional information provided:

Modifying an Account

If ordered by Arbitration a SE can "hijack" a user account, that is, s/he may set a new password and use this password to log in to the account. S/he can then do everything the account owner could do. Obviously the original account owner will loose access to his account if this procedure is used, since the original password can not be recovered.

The following actions are possible using the Support Console without hijacking an account:

Organisation Accounts

Support has no access to Organisation Accounts. The only thing possible by using the Support Console is to find out whether a specific domain is linked to a personal account or an Org Account, and whether a specific user is Administrator for one or more Org Accounts.

So every order to modify Org Accounts must be addressed to an Org Assurer.

An Org Assurer may

Note that an Org Assurer as such cannot revoke specific Org certificates. But she may add herself as Org Admin to an Org Account, revoke one or more certificates and remove herself once again. (N.B.: I hope such actions are logged for auditing...)

Arbitrations/Training/Appendix02 (last edited 2014-04-02 14:24:14 by arobertson)