TrueNAS Early Release Documentation
This content follows TrueNAS 26 releases.
Use the Product and Version selectors above to view content specific to a stable software release.
Groups Screens
4 minute read.
The Credentials > Groups screen displays a list of groups configured on the screen. By default, built-in groups are hidden until you make them visible.
When enabled, the Show Built-In Groups toggle turns blue and shows built-in groups. When disabled, the toggle turns grey and shows only non-built-in groups.
The Credentials > Groups screen displays the No groups screen if no groups other than built-in groups are configured on the system.
Add opens the Add Group configuration screen.
Privileges opens the Privileges screen
Clicking on the arrow or anywhere on a group row expands it to show the group management buttons.
Use Members to manage membership and Edit or Delete to manage the group.
The Add Group and Edit Group screens show the same settings but the GID is not editable after saving changes on the Add Group screen. Add opens the Add Group configuration screen. The Edit icon opens the Edit Group screen.
| Setting | Description |
|---|---|
| GID | (Required) Assigns the entered unique number as the group ID (GID) TrueNAS uses to identify a Unix group. Enter a number above 1000 for a group with user accounts. If a system service uses the group, the group ID must match the default port number for the service. Shows the group ID assigned at the time the group is created on the Edit Group screen but cannot be changed. |
| Name | (Required) Assigns the entered name to the group. A group name cannot begin with a hyphen (-) or contain a space, tab, or any of these characters: colon (:), plus (+), ampersand (&), hash (#), percent (%), carat (^), open or close parentheses ( ), exclamation mark (!), at symbol (@), tilde (~), asterisk (*), question mark (?), greater or less than (<) (>), equal (=). You can only use the dollar sign ($) as the last character in a group name. Group names must also align with the Portable Filename Character Set defined by The Open Group. |
| Privileges | Attaches a role privilege to the group as assigned and configured on the Add or Edit Privileges screens. Using custom administrator roles aside from the defaults is an experimental feature and is not supported. Do not modify the local administrator or default admin user privileges! Only use if you need users in this group to access limited areas of the TrueNAS UI or authentication for TrueNAS API calls. |
| Allowed sudo commands | Permits the group members to enter the specific sudo commands in this field. Enter each command as an absolute path to the ELF (Executable and Linkable Format) executable file, for example /usr/bin/nano. Grants limited root-like permissions for group members when using these commands. Using sudo prompts the user for their account password. |
| Allow all sudo commands | Enable to give group members permission to use all sudo commands. Using sudo prompts the user for their account password. |
| Allowed sudo commands with no password | Permits group memebers to enter the specific allowed sudo commands entered in this field without requiring the user to enter their password. Enter each command as an absolute path to the ELF (Executable and Linkable Format) executable file, for example /usr/bin/nano. Grants limited root-like permissions for group members when using these commands. Exercise caution when allowing sudo commands without password prompts. Recommended to limit the privilege to trusted users and specific commands to minimize security risks. |
| Allow all sudo commands with no password | Not recommended. Enable to give group members the ability to enter all sudo commands without needing to enter a password. Does not require specifying allowed commands. |
| SMB Group | Select to make the group available for permissions editors over SMB protocol (and the share ACL editor). Not used for SMB authentication or determining the user session token or internal permissions checks. |
The Update Members screen manages group permissions and access for large numbers of user accounts.
The right arrow adds a user account to the group after selecting the user. The left arrow removes the selected user account from the group. Hold Ctrl while clicking each entry to select multiple groups.