Local Users Screens
5 minute read.Last Modified 2022-12-15 13:21 EST
The Credentials > Users screen displays a list of user accounts added to the system. By default built-in users except for root are hidden until you make them visible.
Toggle Build-In Users displays either the Show Built-In Users or Hide Built-in Users dialogs based on the current Users list view. If built-in users are hidden, the Show Built-in Users dialog opens. Click Show to display the hidden list of users.
To hide the built-in users, click Toggle Built-In Users again to open the Hide Built-in Users dialog. Click Hide to only display non-built-in users again.
Add opens the Add User screen.
The expanded view of each user includes details on that user and provides the option to edit or delete the user. Click thearrow to show the user details screen.
Edit opens the Edit User screen. Delete opens a delete confirmation dialog.
The Add User and Edit User configuration screens display the same setting options. Built-in users (except the root user) do not include the Home Directory Permissions settings, but all new users created, such as those for an SMB share like the smbguest user, do.
Identification settings specify the name, user name, password, and email for the user.
|Full Name||Required. Enter a name for the user with our without spaces.|
|Username||Required. Enter a user name of up to 16 characters in length. When using NIS or other legacy software with limited user name lengths, keep names to eight characters or less for compatibility. Do not begin the user name with a hyphen (-), and do not include a space, tab, the comma (,), plus (+), ampersand (&), percent (%), carat (^), open or close parenthesis ( ), exclamation mark (!), at symbol (@), tilde (~), question mark (?), greater or less than symbols (<)(>), or equals (+) in the name. You can use the dollar sign ($) as the last character of the user name.|
|Disable Password||Use the toggle to disable the password for the selected user. If you disable the admin account the admin user cannot login. If you disable the root and admin user passwords you see a Set new root account password sign-in splash screen.|
|Password||Required. Enter a user password unless Enable Password login is set to No. The password cannot contain a question mark (?).|
|Confirm Password||Required. Re-enter the value entered in Password.|
|Enter the email address of the new user. This email address receives notifications, alerts, messages based on the settings configured.|
User ID and Group settings specify the user ID and groups this user belongs to.
|User ID||Required. Enter a number greater than 1000 for user accounts. For system accounts use an ID equal to the default port number used by the service.|
|Primary Group||Select a group from the dropdown list. New users are not assigned su permissions if wheel is their primary group.|
|Auxiliary Groups||Select group(s) from the dropdown list to add this new user to additional groups.|
|New Primary Group||Click the toggle to create a new primary group with the same name as the user. Clear to select an existing group from the Primary Group dropdown list.|
Directory and Permissions settings specify the user home directory and the permissions for that home directory.
|Home Directory||Enter or browse to enter the path to the home directory for this user. If the directory exists and matches the Username, it is set as the home directory for the user. When the path does not end with a subdirectory matching the username, a new subdirectory is created. The full path to the user home directory displays here on the Edit User screen when editing this user.|
|Home Directory Permissions||Select the permissions checkboxes (Read, Write, Execute) for each (User, Group, Other) to set default Unix permissions for the user home directory. Built-in users are read-only and do not see these permissions settings.|
Authentication settings specify authentication methods, the public SSH key, user administration access, and enables/disables password authentication. It also covers the Shell options.
|Authorized Keys||Enter or paste the downloaded SSH public key of the user for any key-based authentication. Use Download SSH Public Key to obtain a public key text file. Keep a backup copy of the public key! Do not paste the private key in this field!|
|Shell||Select the shell to use for local and SSH logins from the dropdown list. Options are bash, rbash, dash, sh, zsh, tmux and nologin.|
|Lock User||Select to prevent the user from logging in or using password-based services until you clear this checkbox. Locking an account is only possible when Disable Password is set to No and the account has a created password in Password.|
|Permit Sudo||Select to give this user administrator permissions and the ability to use sudo. When using sudo, a user is prompted for their account password.|
|Samba Authentication||Select to allow this user to authenticate to and access data share with SMB samba shares.|
|Download SSH Public Key||Click to generate and download a public key text file to past into SSH Public Key.|
You can set a specific shell for the user from the Shell dropdown list options:
|bash||Bourne Again shell for the GNU operating system.|
|dash||Debian Almquist shell|
|nologin||Use when creating a system account or to create a user account that can authenticate with shares but that cannot log in to the TrueNAS system using |