In an agency or large company, you may have administrators who want to log easily into a range of client sites or company micro-sites.
To achieve this, you need to have:
The arrangement works by running one additional Zenario site, and creating the accounts of the multi-site admins on that "global" site.
Client sites that are on the authentication "star" are connected to the hub site by a small change in their configuration files.
The setup is quite easy:
Here are the lines, with example values (normally they are commented out):
As soon as you've saved the zenario_siteconfig.php file on a client site, you can test the connection.
Simply log in to the client site's URL, e.g. http://zenario-client-site.com/admin and log in with your administrator account as created in step 3 above on the global site. You should be able to log in.
If you see a database connection problem, check your DBHOST_GLOBAL and other connection parameters. If connecting across a network (you may have multiple servers or virtual servers) be sure to check that the global server has its MySQL permissions set up correctly.
When you log on a client site, you should find that you can log in normally using your administrator credentials from the global site. If you go to the Administrators panel you should see something like this:
You should see your own details there with an auth-type of "Multi-site".
Regular administrators will be shown as type "Local", and these accounts only exist on the client site.
Zenario's interface will not betray one group of client administrators to another; the presence of other client sites connecting to the same global database is completely invisible to them.
The administrator permissions granted to an administrator on the global site will be reflected on all of the client sites that that administrator logs in to.
Note that modules can create their own permissions: so if a client site has a module with specific permissions that it adds, a global administrator will not have permission to use that module's functionality.
If you wish to get round this - that is, that global administrators should always have full permissions of client sites - then when creating a global administrator, you should assign "every possible permission" like this:
Then when that administrator logs in to a client site, he will always have permission to use all standard and custom features.
Note that global administrators will not be able to retrieve a lost password, change a password, or change other details about their profile, except by logging in to the global site.