Get a Quote     (408) 943-4100               TrueNAS Discord      VendOp_Icon_15x15px   Commercial Support Toggle between Light and Dark mode

Local Users Screens

  5 minute read.

Last Modified 2022-12-15 13:21 EST

The Credentials > Users screen displays a list of user accounts added to the system. By default built-in users except for root are hidden until you make them visible.

UsersScreen

Toggle Build-In Users displays either the Show Built-In Users or Hide Built-in Users dialogs based on the current Users list view. If built-in users are hidden, the Show Built-in Users dialog opens. Click Show to display the hidden list of users.

UserScreenWithBuiltinUsers

To hide the built-in users, click Toggle Built-In Users again to open the Hide Built-in Users dialog. Click Hide to only display non-built-in users again.

Add opens the Add User screen.

User Details Screen

The expanded view of each user includes details on that user and provides the option to edit or delete the user. Click the expand_more arrow to show the user details screen.

UserScreenUserDetails

Edit opens the Edit User screen. Delete opens a delete confirmation dialog.

Add or Edit User Screens

The Add User and Edit User configuration screens display the same setting options. Built-in users (except the root user) do not include the Home Directory Permissions settings, but all new users created, such as those for an SMB share like the smbguest user, do.

Identification Settings

Identification settings specify the name, user name, password, and email for the user.

AddUserIdentificationSettings

SettingDescription
Full NameRequired. Enter a name for the user with our without spaces.
UsernameRequired. Enter a user name of up to 16 characters in length. When using NIS or other legacy software with limited user name lengths, keep names to eight characters or less for compatibility. Do not begin the user name with a hyphen (-), and do not include a space, tab, the comma (,), plus (+), ampersand (&), percent (%), carat (^), open or close parenthesis ( ), exclamation mark (!), at symbol (@), tilde (~), question mark (?), greater or less than symbols (<)(>), or equals (+) in the name. You can use the dollar sign ($) as the last character of the user name.
Disable PasswordUse the toggle to disable the password for the selected user. If you disable the admin account the admin user cannot login. If you disable the root and admin user passwords you see a Set new root account password sign-in splash screen.
PasswordRequired. Enter a user password unless Enable Password login is set to No. The password cannot contain a question mark (?).
Confirm PasswordRequired. Re-enter the value entered in Password.
EmailEnter the email address of the new user. This email address receives notifications, alerts, messages based on the settings configured.

User ID and Groups Settings

User ID and Group settings specify the user ID and groups this user belongs to.

AddUser-UserIDAndGroupSettings

SettingDescription
User IDRequired. Enter a number greater than 1000 for user accounts. For system accounts use an ID equal to the default port number used by the service.
Primary GroupSelect a group from the dropdown list. New users are not assigned su permissions if wheel is their primary group.
Auxiliary GroupsSelect group(s) from the dropdown list to add this new user to additional groups.
New Primary GroupClick the toggle to create a new primary group with the same name as the user. Clear to select an existing group from the Primary Group dropdown list.

Directories and Permissions settings

Directory and Permissions settings specify the user home directory and the permissions for that home directory.

AddUserDirPermsAuthSettings

SettingDescription
Home DirectoryEnter or browse to enter the path to the home directory for this user. If the directory exists and matches the Username, it is set as the home directory for the user. When the path does not end with a subdirectory matching the username, a new subdirectory is created. The full path to the user home directory displays here on the Edit User screen when editing this user.
Home Directory PermissionsSelect the permissions checkboxes (Read, Write, Execute) for each (User, Group, Other) to set default Unix permissions for the user home directory. Built-in users are read-only and do not see these permissions settings.

Authentication settings

Authentication settings specify authentication methods, the public SSH key, user administration access, and enables/disables password authentication. It also covers the Shell options.

AddUserDirPermsAuthSettings

SettingDescription
Authorized KeysEnter or paste the downloaded SSH public key of the user for any key-based authentication. Use Download SSH Public Key to obtain a public key text file. Keep a backup copy of the public key! Do not paste the private key in this field!
ShellSelect the shell to use for local and SSH logins from the dropdown list. Options are bash, rbash, dash, sh, zsh, tmux and nologin.
Lock UserSelect to prevent the user from logging in or using password-based services until you clear this checkbox. Locking an account is only possible when Disable Password is set to No and the account has a created password in Password.
Permit SudoSelect to give this user administrator permissions and the ability to use sudo. When using sudo, a user is prompted for their account password.
Samba AuthenticationSelect to allow this user to authenticate to and access data share with SMB samba shares.
Download SSH Public KeyClick to generate and download a public key text file to past into SSH Public Key.

Shell Options

You can set a specific shell for the user from the Shell dropdown list options:

ShellDescription
bashBourne Again shell for the GNU operating system.
rbashRestricted bash
dashDebian Almquist shell
shBourne shell
zshZ shell
tmuxterminal multiplexer
nologinUse when creating a system account or to create a user account that can authenticate with shares but that cannot log in to the TrueNAS system using ssh.

Related Content

Related Shell Articles