User with privileges to administer user in Captive Portal
-
Hi!
I want to implement a Captive Portal for some users and give permissions to only one of them so that it can create new users, modify the password, delete users, etc.
This can be done from the Effective Privileges tab and it works perfect.
The problem is that this user, who has only permissions to edit users, can modify his own user and add himself as a member of the group "Admins" in "Group membership" and then he would become Administrator and have access to the entire system.I hope you have understood me and can help me.
Thanks! -
@devey That seems exactly what you want to give that user ... admin user ... so, you don't trust that person?
-
@nollipfsense Hi!
Thanks for your reply.
I don't want to give that person access to the entire configuration panel. I just would like you to be able to create or delete users or change the passwords of those users. But I don't want that person to be able to add himself to the Admins group, because with that he will already have full access to all the pfSense configuration. -
@devey
Here I attach 2 images.
That user should not see what is with a red cross
-
@devey I hope others more knowledgeable would chime ... all I can think of off the top of my head is use a USB key in conjunction with certificates to be able to manage the group without system admin privileges