TrueCommand Version DocumentationThis content follows TrueCommand 3.0 releases. Use the Product and Version selectors above to view content specific to TrueNAS software or major versions.
Users and Teams
6 minute read.
TrueCommand has a robust user management system that lets administrators tune system permissions for each user account. You can create user accounts in the TrueCommand interface. Alternately, LDAP can automatically create new user accounts when someone logs into TrueCommand with their LDAP credentials.
You can also manage many user accounts simultaneously by organizing them into Teams.
To create a new user account, open the Configure settings menu and click Users > + NEW USER. Assign them a descriptive name and authentication method.
TrueCommand uses the default authentication method to create unique credentials for logging in to the web interface. User names and passwords are case-sensitive. The administrator must provide the user with their login credentials.
You can assign users to existing teams. After creating the team, you can add the user in the New User configuration panel by selecting Teams on the drop-down menu. You can assign users to multiple teams.
If the user needs to be an administrator, check the TrueCommand Administrator box.
When finished, click Create User.
To configure account details and permissions, open the Configure settings menu and click Users.
To edit a user, click the edit icon edit.
There are several different user elements that you can configure, including their avatar, personal details, contact email address, team membership, and system permissions.
Users or admins can add personal details about the user on this page.
To revert to the original field contents, click RESET FORM before you click SAVE CHANGES.
Setting | Description |
---|---|
Username | Enter or change the username. |
Full Name | Enter or change the user full name. |
Title | Enter or change the user title. |
Enter or change the user email. If SMTP is not set up, an error message displays at the bottom of the screen stating Failed to send email. Are your SMTP settings configured?. Admins can click the CONFIGURE button to open the SMTP settings window. Before adding a user email, go to Alert Services and verify you have set up the SMTP service. | |
Phone | Enter or change the user phone number. |
Two Factor Authentication | Enables Two Factor Authentication, which requires the user to enter a validation code emailed to them after they enter their username, password, and click SIGN IN on the login screen. |
TrueCommand Administrator | Designates the account as an administrator. This gives the user full permissions to every connected TrueNAS system, as well as the ability to configure TrueCommand. |
Password | New user password. |
Password Confirm | Confirms new user password. |
The CREATE A NEW TEAM button displays if a TrueCommand team does not exist. When teams exist, the JOIN TEAM button displays instead.
Click JOIN TEAM to display the list of existing teams, then select a team to add the user to it. You can add users to multiple teams. TrueCommand applies team permissions to any user added to a team, but setting specific permissions for users can override related team permissions. Use the Teams screen to create new teams or edit existing ones.
To limit non-administrative account access to connected systems, configure the System Access and System Groups sections. You must first configure system connections and/or system groups in TrueCommand. Add systems from either the Dashboard or Systems screens.
It is possible to configure multiple permissions for the same user account and system in different screens within TrueCommand.
When this happens, TrueCommand follows a specific flow to check permission settings for the account:
flowchart TB A(User settings for individual systems) --> B(User settings for system groups) --> C(Teams settings for individual systems) --> D(Teams settings for system groups)
When a user account has multiple permissions at the same level (user is a member of two teams that have different permissions to the same system), TrueCommand defaults to granting the user account the most permissive option between the conflicting permissions.
For example, user A is configured to have direct read and write access to system 1. This permission remains in place, even if user A joins a TrueCommand team that is configured with read only permission for system 1. If user A is configured to have read only access to system 1 and joins a TrueCommand team with read and write permission for system 1, the more permissive access is granted.
Click ADD SYSTEM and select a system from the drop-down to give the user access to that system. To restrict them to viewing system details, select the read permission. To remove their access to a particular system, click - minus on that system.
When TrueCommand has system groups, the ADD GROUP button displays. Click ADD GROUP and select a group from the drop-down to give the user access to all the systems in that group. To choose the user group permissions, select read or read/write. To remove their access to a particular system group, click - (minus) on that group.
TrueCommand users can reset their passwords from the login screen. Enter the username then click FORGOT PASSWORD.
Enter the user email address (or where you want to send the reset login code).
An [AUTH] TrueCommand Password Reset email should arrive with the reset password login code.
Enter the user name in the login screen and the reset password code, then click SIGN IN. The user can then go to their profile to change their password.
The Docker version of TrueCommand allows you to reset user passwords from the command line. Open the Shell on the TrueNAS system running the TrueCommand container and use the following command, replacing the values in brackets with their appropriate values.
docker exec -it [docker instance ID] resetpw [username]
To delete an account, open the Configure settings menu and click Users. On the Users page, click the delete icon delete to the right of the user you want to delete. A popup displays to confirm user deletion.
To create a team, open the Configure settings menu and click Teams.
Clicking NEW TEAM displays the New Team configuration panel.
Type a name and select an avatar for the new team. You can edit team permissions and settings after creating it.
To configure a team, click on the Configure settings icon and then click Teams. To change team members or permissions, click on the edit icon edit for the team you selected on the list.
You can change a team profile avatar or name or grant team members permission to create new TrueCommand alert rules by selecting Enable alert creation.
The Members section shows which accounts are in the team. To add users to the team, click ADD USER and select users on the dropdown list. To remove users from the team, click the - (minus) next to the users you want to remove.
You can configure system permissions the same way as individual user system access. Note that individual user account permissions can override team permissions.
To delete account details and permissions, open the Configure settings menu and click Teams. On the Users page, click the delete icon delete to the right of the user you want to delete. A popup displays to confirm the team deletion.
Deleting a team does not remove users or systems assigned to that team.