Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Local user Effective System Privileges problem….

    Installation and Upgrades
    1
    1
    1760
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      amitaussie last edited by

      Hi Developers,

      I have deployed pfsense on 3 different remote sites and at each site a user account i.e. “acct” with effective system privileges to create users and groups, change password and check captive portal status is created. No other system privilege is given to "acct" user. This “'acct”user is maintaining pfsense local database for user accounts for captive portal authentication to allow access to Internet. There are more than 100 user accounts in each pfsense server at each location.

      Sometimes at any of 3 sites, “acct” user assigns unnecessary effective system privileges to any user account  (maybe by mistake) and that privileged user, later on changes the settings of pfsense like allow banned sites or disable captive portal page on LAN so that users can use Internet without filtering etc.

      This halts the working of pfsense at that remote site and I have to edit every user's account to check and remove unnecessary effective system privileges assigned to that user account.

      Is it possible that “acct” user can be given rights only to create users and groups and assign only one effective system privilege to users i.e.  to change their password only and that “acct” user cant assign any other effective system privileges to the users?

      Or is there a way to check and see effective system privileges to a user without editing every user account?

      I have a suggestion….

      On the page-> System: User Manage: Add Privileges, every system privilege must be assigned a unique number (1,2,3,...)  i.e system privilege "WebCfg - System: User Password Manager page" is assigned a number 10.

      On the page -> System:User Manager - User; there are four columns: Username - Fullname - Disabled - Groups. There add a new 5th column named as "Effective system privileges"  which shows the numbers of the privileges that are assigned to a user. So by just  looking at the numbers in effective system privileges column one can see what kind of privileges are assigned to which user.

      This ll be a great help.

      Regards

      1 Reply Last reply Reply Quote 0
      • First post
        Last post

      Products

      • Platform Overview
      • TNSR
      • pfSense
      • Appliances

      Services

      • Training
      • Professional Services

      Support

      • Subscription Plans
      • Contact Support
      • Product Lifecycle
      • Documentation

      News

      • Media Coverage
      • Press
      • Events

      Resources

      • Blog
      • FAQ
      • Find a Partner
      • Resource Library
      • Security Information

      Company

      • About Us
      • Careers
      • Partners
      • Contact Us
      • Legal
      Our Mission

      We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

      Subscribe to our Newsletter

      Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

      © 2021 Rubicon Communications, LLC | Privacy Policy