Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Local user Effective System Privileges problem….

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    1 Posts 1 Posters 1.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      amitaussie
      last edited by

      Hi Developers,

      I have deployed pfsense on 3 different remote sites and at each site a user account i.e. “acct” with effective system privileges to create users and groups, change password and check captive portal status is created. No other system privilege is given to "acct" user. This “'acct”user is maintaining pfsense local database for user accounts for captive portal authentication to allow access to Internet. There are more than 100 user accounts in each pfsense server at each location.

      Sometimes at any of 3 sites, “acct” user assigns unnecessary effective system privileges to any user account  (maybe by mistake) and that privileged user, later on changes the settings of pfsense like allow banned sites or disable captive portal page on LAN so that users can use Internet without filtering etc.

      This halts the working of pfsense at that remote site and I have to edit every user's account to check and remove unnecessary effective system privileges assigned to that user account.

      Is it possible that “acct” user can be given rights only to create users and groups and assign only one effective system privilege to users i.e.  to change their password only and that “acct” user cant assign any other effective system privileges to the users?

      Or is there a way to check and see effective system privileges to a user without editing every user account?

      I have a suggestion….

      On the page-> System: User Manage: Add Privileges, every system privilege must be assigned a unique number (1,2,3,...)  i.e system privilege "WebCfg - System: User Password Manager page" is assigned a number 10.

      On the page -> System:User Manager - User; there are four columns: Username - Fullname - Disabled - Groups. There add a new 5th column named as "Effective system privileges"  which shows the numbers of the privileges that are assigned to a user. So by just  looking at the numbers in effective system privileges column one can see what kind of privileges are assigned to which user.

      This ll be a great help.

      Regards

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.