Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Delegating User Admin Priviledge but lock the admin account completely

    Off-Topic & Non-Support Discussion
    1
    1
    1.2k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      cinlung
      last edited by

      Dear PF Experts

      I have one very deep concern about the user management delegation. I want to be able to delegate all the user management functions such as add user, delete user, and change other user password to another IT and one management guy who seems to want to conquer all the access to firewall and risking him to jeopardize the whole firewall settings.

      I need to be able to give them that exact access, but prevent them to do anything to the admin account and admin group. Kinda like in linux where you can create user and delegate all powers to do anything on user account except for one account (the root)?

      I tried PF and it seems to be able to grant power to add user, I have to give the power to change all password including admin. This is very dangerous as the user can change my admin password and lock me out of the system.

      I have to give this power because it is inside company politics. Please help me to find solutions to this. By the way, I uses the internal user authentication. Not using outside user authentication server like LDAP Server or RADIUS.

      Thank you
      Rendra

      1 Reply Last reply Reply Quote 0
      • First post
        Last post