web gui admin

jcizzo

Explorer
Joined
Jan 20, 2023
Messages
79
I read somewhere that now we can create separate accounts that can have access to the web gui so we don't have to log in as 'root'. is this true? couldn't for the life of me figure it out through the documentation.. which, for a professional product, is abysmal..
 

danb35

Hall of Famer
Joined
Aug 16, 2011
Messages
15,504

jcizzo

Explorer
Joined
Jan 20, 2023
Messages
79
In SCALE, but not in CORE.

Sadly, agreed. It's fallen so far.
ok, thanks! was ripping my hair out over that one... is there a reason for that? is it not required from an administration point of view?

and regarding the documentation, it's INCREDIBLY STUPID on their part.. i don't believe i'd be too far off in assuming that most people who use truenas in a professional environment started off trying it at home and then realized how beneficial it would be to run it in their work environment where they could get away from microsoft's junk.. and the lack of documentation really gets in the way. i know from my own experience that at work we were using fortigates for firewalling, and i was using pfsense at home, and the setup was easy because of their incredible documentation, and i was able to pitch that to my boss and after demo'ing it he finally agreed to make the switch and we've saved SO much money (important at a non-profit) and we're SO much more secure... alllll because they took the time to document and create configuration recipes..
 

danb35

Hall of Famer
Joined
Aug 16, 2011
Messages
15,504
is there a reason for that?
iX have taken the position for over a decade that root is the only admin user, there was no non-root admin user, and there would be no non-root admin user. With the release of SCALE 23, they've done a hard 180 to not only allow but strongly encourage (to the point of the GUI lying to you about it) non-root admin accounts, and it sounds like they're on track to outright block root logins in the near future. The story now is that they weren't technically able to make non-root admins work under FreeBSD.
 

jcizzo

Explorer
Joined
Jan 20, 2023
Messages
79
iX have taken the position for over a decade that root is the only admin user, there was no non-root admin user, and there would be no non-root admin user. With the release of SCALE 23, they've done a hard 180 to not only allow but strongly encourage (to the point of the GUI lying to you about it) non-root admin accounts, and it sounds like they're on track to outright block root logins in the near future. The story now is that they weren't technically able to make non-root admins work under FreeBSD.
i can understand why there's only one root. i can't understand why multiple users can be created, be associated with the builtin administrators group, granted 'su' privileges, and yet those users granted 'su' privileges can't log in via the web gui with their own admin login.

so you're saying that in an enterprise environment, after spending 10's of thousands of dollars on a brand new ix storage solution based upon truenas enterprise, in a team of system engineers, if one were to need to make a system change via the web gui, they'd have to log in as root to do so? so if one is having an off-day and makes a small mistake, there's no way of finding out which engineer made the mistake? just some guy named 'root' logged in and made a change.. but we don't know who.. just trying to wrap my head around this stuff, since the documentation leaves much to be desired.
 
Joined
Oct 22, 2019
Messages
3,641
so you're saying that in an enterprise environment, after spending 10's of thousands of dollars on a brand new ix storage solution based upon truenas enterprise, in a team of system engineers, if one were to need to make a system change via the web gui, they'd have to log in as root to do so? so if one is having an off-day and makes a small mistake, there's no way of finding out which engineer made the mistake? just some guy named 'root' logged in and made a change.. but we don't know who..

Well, when you put it that way...
 

jcizzo

Explorer
Joined
Jan 20, 2023
Messages
79
i'm just looking for precise clarity. i'm working on my first truenas build at home and i'd love to become proficient in it. the last guy who worked here set up a truenas mini and it quietly chugs along.. beyond reliable.. to the point where no one knows what to do with it because there are never any problems so there's no need to mess with it and learn. and, yeah the documentation is lacking... was on the phone with a sales guy yesterday and even they admitted that the documentation is terrible.. so this is why i ask so many direct and simple questions, hoping one day soon i'll be able to contribute to others like myself who are just coming aboard.
 

jcizzo

Explorer
Joined
Jan 20, 2023
Messages
79
my initial question was: "is it possible to create a user, or group of users that can log in via the web gui", but i was told earlier 'no, only root can log in via the web gui'.
 
Joined
Oct 22, 2019
Messages
3,641
i'm just looking for precise clarity.
my initial question was: "is it possible to create a user, or group of users that can log in via the web gui", but i was told earlier 'no, only root can log in via the web gui'.

What @danb35 wrote above is an accurate telling of the past and present (and likely future.)

Unforunately, this will not be implemented in Core / Enterprise, only in SCALE.



So what you wrote is basically what to expect with Core / Enterprise.
so you're saying that in an enterprise environment, after spending 10's of thousands of dollars on a brand new ix storage solution based upon truenas enterprise, in a team of system engineers, if one were to need to make a system change via the web gui, they'd have to log in as root to do so? so if one is having an off-day and makes a small mistake, there's no way of finding out which engineer made the mistake? just some guy named 'root' logged in and made a change.. but we don't know who..
 

danb35

Hall of Famer
Joined
Aug 16, 2011
Messages
15,504
i'm just looking for precise clarity.
I don't know that, or how, I could have been clearer in my first post in this topic: No, CORE doesn't allow any user other than root to log in to the web UI. It never has, and iX has said it never will. Though with the unannounced 180 they pulled with SCALE, who the hell knows?
 
Top