TrueNAS
Products
Support & Resources
Solutions
Company
  1. Documentation Hub
  2. /
  3. TrueNAS 26 (Early)
  4. /
  5. Credentials
  6. /
  7. Privileges
  8. /
  9. Managing Privileges
Edit page

Managing Privileges

  2 minute read.

Never modify the settings for the standard pre-defined privileges (listed below)! Changing these pre-defined roles can result in lost access to the UI!

Pre-defined TrueNAS privileges ares:

  • Read-Only Administrator - Allows the user to view settings but not make changes in the UI.
  • Sharing Administrator - Allows the user to create new shares and the share dataset.
  • Local Administrator - Gives full control (read/write/execute permissions) to the user.

Active Directory can provision groups in TrueNAS or you can add new groups that you assign to users in AD. After adding a group, verify or edit the privilege(s) granted to the users in the group.

Adding a Privilege

To configure a new privilege, go to Credentials > Groups, click on Privileges to open the Privileges screen.

Click Add to define a new privilege. For example, if you want to create an group with the ability to only perform and manage backup, replication, or some other task. You can create a new privilege to customize the functional access you want to grant.

On the New Privilege screen:

  1. Enter a name for the new privilege. Names can include the dash (-) or underscore (_) special characters, and upper and lowercase alphanumeric characters. Make the name descriptive of the privilege. For example, Replication Administrator, Backup Administrator, iSCSI Share Admin, etc. You can create a privilege that can only manage iSCSI shares or one that can manage applications based on the selections made in the Roles field.

  2. Click in the Local Groups field to see a list of groups on the system. To add another group, click in the field to select another group. Click the x to the right of the group name to remove that group from the privilege.

  3. Click the down arrow at the right of the Roles field to show the list of roles configured on the system. Select all roles to include. Use the scroll bar at the right of the field to see all options.

  4. Select Web Shell Access to allow access to the shell screen in the TrueNAS UI.

  5. Click Save to create the new privilege.

Users assigned to the group show on the Users screen with the new privilege granted to the user in the Roles column, and the new group shows on the Groups screen with privilege listed in the Roles column.

Related Content

Tutorial
Reference

Have more questions?

For further discussion or assistance, see these resources:

Found content that needs an update?  You can suggest content changes directly! To request changes to this content, click the Feedback button located on the middle-right side of the page (might require disabling ad blocking plugins).