I read somewhere that now we can create separate accounts that can have access to the web gui so we don't have to log in as 'root'. is this true? couldn't for the life of me figure it out through the documentation.. which, for a professional product, is abysmal..
-
Important Announcement for the TrueNAS Community.
The TrueNAS Community has now been moved. This forum has become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums
web gui admin
- Thread starter jcizzo
- Start date
danb35
Hall of Famer
- Joined
- Aug 16, 2011
- Messages
- 15,504
ok, thanks! was ripping my hair out over that one... is there a reason for that? is it not required from an administration point of view?
and regarding the documentation, it's INCREDIBLY STUPID on their part.. i don't believe i'd be too far off in assuming that most people who use truenas in a professional environment started off trying it at home and then realized how beneficial it would be to run it in their work environment where they could get away from microsoft's junk.. and the lack of documentation really gets in the way. i know from my own experience that at work we were using fortigates for firewalling, and i was using pfsense at home, and the setup was easy because of their incredible documentation, and i was able to pitch that to my boss and after demo'ing it he finally agreed to make the switch and we've saved SO much money (important at a non-profit) and we're SO much more secure... alllll because they took the time to document and create configuration recipes..
danb35
Hall of Famer
- Joined
- Aug 16, 2011
- Messages
- 15,504
iX have taken the position for over a decade that root is the only admin user, there was no non-root admin user, and there would be no non-root admin user. With the release of SCALE 23, they've done a hard 180 to not only allow but strongly encourage (to the point of the GUI lying to you about it) non-root admin accounts, and it sounds like they're on track to outright block root logins in the near future. The story now is that they weren't technically able to make non-root admins work under FreeBSD.
i can understand why there's only one root. i can't understand why multiple users can be created, be associated with the builtin administrators group, granted 'su' privileges, and yet those users granted 'su' privileges can't log in via the web gui with their own admin login.
so you're saying that in an enterprise environment, after spending 10's of thousands of dollars on a brand new ix storage solution based upon truenas enterprise, in a team of system engineers, if one were to need to make a system change via the web gui, they'd have to log in as root to do so? so if one is having an off-day and makes a small mistake, there's no way of finding out which engineer made the mistake? just some guy named 'root' logged in and made a change.. but we don't know who.. just trying to wrap my head around this stuff, since the documentation leaves much to be desired.
winnielinnie
MVP
- Joined
- Oct 22, 2019
- Messages
- 3,641
Well, when you put it that way...
i'm just looking for precise clarity. i'm working on my first truenas build at home and i'd love to become proficient in it. the last guy who worked here set up a truenas mini and it quietly chugs along.. beyond reliable.. to the point where no one knows what to do with it because there are never any problems so there's no need to mess with it and learn. and, yeah the documentation is lacking... was on the phone with a sales guy yesterday and even they admitted that the documentation is terrible.. so this is why i ask so many direct and simple questions, hoping one day soon i'll be able to contribute to others like myself who are just coming aboard.
winnielinnie
MVP
- Joined
- Oct 22, 2019
- Messages
- 3,641
What @danb35 wrote above is an accurate telling of the past and present (and likely future.)
Unforunately, this will not be implemented in Core / Enterprise, only in SCALE.
So what you wrote is basically what to expect with Core / Enterprise.
danb35
Hall of Famer
- Joined
- Aug 16, 2011
- Messages
- 15,504
I don't know that, or how, I could have been clearer in my first post in this topic: No, CORE doesn't allow any user other than root to log in to the web UI. It never has, and iX has said it never will. Though with the unannounced 180 they pulled with SCALE, who the hell knows?
