4. Local user Effective System Privileges problem….

Local user Effective System Privileges problem….

  • A

    Hi Developers,

    I have deployed pfsense on 3 different remote sites and at each site a user account i.e. “acct” with effective system privileges to create users and groups, change password and check captive portal status is created. No other system privilege is given to "acct" user. This “'acct”user is maintaining pfsense local database for user accounts for captive portal authentication to allow access to Internet. There are more than 100 user accounts in each pfsense server at each location.

    Sometimes at any of 3 sites, “acct” user assigns unnecessary effective system privileges to any user account  (maybe by mistake) and that privileged user, later on changes the settings of pfsense like allow banned sites or disable captive portal page on LAN so that users can use Internet without filtering etc.

    This halts the working of pfsense at that remote site and I have to edit every user's account to check and remove unnecessary effective system privileges assigned to that user account.

    Is it possible that “acct” user can be given rights only to create users and groups and assign only one effective system privilege to users i.e.  to change their password only and that “acct” user cant assign any other effective system privileges to the users?

    Or is there a way to check and see effective system privileges to a user without editing every user account?

    I have a suggestion….

    On the page-> System: User Manage: Add Privileges, every system privilege must be assigned a unique number (1,2,3,...)  i.e system privilege "WebCfg - System: User Password Manager page" is assigned a number 10.

    On the page -> System:User Manager - User; there are four columns: Username - Fullname - Disabled - Groups. There add a new 5th column named as "Effective system privileges"  which shows the numbers of the privileges that are assigned to a user. So by just  looking at the numbers in effective system privileges column one can see what kind of privileges are assigned to which user.

    This ll be a great help.

    Regards

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy