How can I protect the account of the first user, and not allow administration users to alter it?
Question
I want to not allow users with the permission to administer users to alter the account for the first registered user (the one created during the installation of Drupal).
I also want to not allow them to view the user profile for that user.
Is there a module that allows this?
Solution
From the project page:
This module allows fine-grained access control of user administrators, by providing various editing protection for users. The protections can be specific to a user, or applied to all users in a role.
Note: User Protect has a complicated configuration -- please take the time to read the very extensive module help before using it!
The following protections are supported:
- username
- e-mail address
- password
- status changes
- roles
- deletion
- OpenID identities
- all edits (any accessed via user/X/edit)
When a protection is enabled for a specified user (or the protection is enabled because the user belongs to a role that has the protection), it prevents the editing operation in question that anyone might try to perform on the user--unless an administrator who is permitted to bypass the protection is editing the specified user. The module will protect fields by disabling them at user/X/edit.
User administrators may be configured to bypass specified protections, on either a global or per-administrator basis.
These protections are valid both when trying to edit the user directly from their user/X/edit page, or using the mass user editing operations.
The module also provides protection at the paths user/X/edit and user/X/delete, should anyone try to visit those paths directly.
Note: this module is compatible with the RoleAssign module.