Template:Networking rutos manual users: Difference between revisions
No edit summary |
No edit summary |
||
(44 intermediate revisions by 7 users not shown) | |||
Line 1: | Line 1: | ||
{{Template:Networking_rutos_manual_fw_disclosure | |||
| fw_version = {{{series}}}_R_00.02.03 | |||
| series = {{{series}}} | |||
}} | |||
==Summary== | |||
The <b>Users</b> window is used to add new user accounts that can access the device with different user credentials than the default ones. The newly added users can be assigned to one of two groups, either of which can be modified to limit WebUI read/write access rights for users belonging to each specific group. | |||
The <b> | |||
<b>This page is unrelated to SSH users.</b> By default, there is one SSH user named "root" and it shares the same password as the default WebUI user named "admin". | <b>This page is unrelated to SSH users.</b> By default, there is one SSH user named "root" and it shares the same password as the default WebUI user named "admin". | ||
This manual page provides an overview of the Users | This manual page provides an overview of the Users windows in {{{name}}} devices. | ||
{{Template:Networking_rutos_manual_basic_advanced_webui_disclaimer | {{Template:Networking_rutos_manual_basic_advanced_webui_disclaimer}} | ||
==Groups== | |||
The <b>Groups</b> section lists available user groups of which there are three: | The <b>Groups</b> section lists available user groups of which there are three: | ||
[[File: | [[File:{{{file_groups}}}|border|class=tlt-border]] | ||
---- | ---- | ||
<ul> | <ul> | ||
Line 31: | Line 26: | ||
<li>additional users cannot be added to this group;</li> | <li>additional users cannot be added to this group;</li> | ||
<li>access rights for this group cannot be modified.</li> | <li>access rights for this group cannot be modified.</li> | ||
</ul><br>[[File: | </ul><br>[[File:{{{file_groups_root_visual}}}]] | ||
</li> | </li> | ||
---- | ---- | ||
Line 38: | Line 33: | ||
<li>limited read access; by default, users belonging to this group cannot view these pages: | <li>limited read access; by default, users belonging to this group cannot view these pages: | ||
<ul> | <ul> | ||
<li>System → | <li>System → [[{{{name}}} Users|Users]].</li> | ||
</ul> | </ul> | ||
</li> | </li> | ||
<li>unlimited write access by default;</li> | |||
<li>access rights can be modified.</li> | <li>access rights can be modified.</li> | ||
</ul><br>[[File: | </ul><br>[[File:{{{file_groups_admin_visual}}}]] | ||
</li> | </li> | ||
---- | ---- | ||
Line 68: | Line 46: | ||
<li>limited read access; by default, users belonging to this group cannot view these pages: | <li>limited read access; by default, users belonging to this group cannot view these pages: | ||
<ul> | <ul> | ||
<li> | <li>Services → Mobile Utilities → Messages → [[{{{name}}} Mobile_Utilities#Send_Messages|Send Messages]];</li> | ||
<li>System → | <li>System → [[{{{name}}} Users|Users]];</li> | ||
<li>System → [[{{{name}}} Firmware|Firmware]];</li> | |||
<li>System → [[{{{name}}} Reboot|Reboot]].</li> | |||
<li>System → | |||
<li> | |||
</ul> | </ul> | ||
</li> | </li> | ||
<li>access rights can be modified.</li> | <li>access rights can be modified.</li> | ||
</ul><br>[[File: | </ul><br>[[File:{{{file_groups_user_visual}}}]] | ||
</li> | </li> | ||
</ul> | </ul> | ||
Line 90: | Line 59: | ||
<b>Additional note</b>: you can view and/or edit settings for each group by clicking the 'Edit' button next to them. More on information on how to edit group access settings is located in the following section of this manual page. | <b>Additional note</b>: you can view and/or edit settings for each group by clicking the 'Edit' button next to them. More on information on how to edit group access settings is located in the following section of this manual page. | ||
===Group Settings (edit group)=== | |||
---- | ---- | ||
A group's parameters can be set in its <b>Group Settings</b> page. To access the Groups Settings page, click the 'Edit' button next to the group's name. Below is an example of the Group Settings section: | A group's parameters can be set in its <b>Group Settings</b> page. To access the Groups Settings page, click the 'Edit' button next to the group's name. Below is an example of the Group Settings section: | ||
[[File: | [[File:{{{file_groups_user}}}|border|class=tlt-border]] | ||
<table class="nd-mantable"> | <table class="nd-mantable"> | ||
<tr> | <tr> | ||
<th>Field</th> | <th>Field</th> | ||
<th | <th>Value</th> | ||
<th>Description</th> | <th>Description</th> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td>Write action</td> | <td>Write action</td> | ||
<td>Allow | <td>Allow | Deny; default: <b>Deny</b></td> | ||
<td>Specifies whether to deny | <td>Specifies whether to allow or deny write actions for users in the group. Write actions consist of changing configurations and performing certain actions (such as clicking buttons).<br>This field directly correlates with the "Write access" field below it, because the selected write action will apply to pages specified in that field.</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td>Write access</td> | <td>Write access</td> | ||
<td>path(s) to page(s); default: <b> | <td>path(s) to page(s); default: <b>*</b></td> | ||
<td>Path(s) to the page(s) to which the selected "Write action" will be applied. Click the plus symbol to add multiple entries.</td> | |||
<td> | |||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td>Read action</td> | <td>Read action</td> | ||
<td>Allow | <td>Allow | Deny; default: <b>Deny</b></td> | ||
<td>Specifies whether to deny | <td>Specifies whether to allow or deny read actions for users in the group. Read actions consist of viewing pages on the WebUI.<br>This field directly correlates with the "Read access" field below it, because the selected read action will apply to pages specified in that field.</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td>Read access</td> | <td>Read access</td> | ||
<td>path(s) to page(s); default: <b> | |||
<td>Path(s) to the page(s) to which the selected "Read action" will be applied. Click the plus symbol to add | <ul> | ||
<li><b>admin/services/mobile_utilities/sms/send</b></li> | |||
<li><b>admin/system/multiusers/*</b></li> | |||
<li><b>admin/system/flashops/*</b></li> | |||
<li><b>admin/system/reboot</b></li> | |||
</ul> | |||
</td> | |||
<td>Path(s) to the page(s) to which the selected "Read action" will be applied. Click the plus symbol to add multiple entries.</td> | |||
</tr> | </tr> | ||
</table> | </table> | ||
====Examples==== | |||
---- | ---- | ||
The easiest way to master the syntax is to navigate to page that you want to generate a path for and the copy the path from the URL of that page. | The easiest way to master the syntax is to navigate to page that you want to generate a path for and the copy the path from the URL of that page. | ||
For example, to specify the path to the | For example, to specify the path to the Services → VPN page, navigate to the page, copy the page's URL address <b>starting from the word "admin"</b> and paste it into one of the access fields: | ||
[[File: | [[File:{{{file_groups_example}}}]] | ||
---- | ---- | ||
However, the VPN window contains links to many different types of VPN pages. If you want to specify only one of them, you can do it as well. For example, to to specify the path to the IPsec page, <b>add "/ipsec" to the path string</b>: | However, the VPN window contains links to many different types of VPN pages. If you want to specify only one of them, you can do it as well. For example, to to specify the path to the IPsec page, <b>add "/ipsec" to the path string</b>: | ||
services/vpn<b>/ipsec</b> | admin/services/vpn<b>/ipsec</b> | ||
---- | ---- | ||
An <b>asterisk (*)</b> in the path string means that the every page from that point on is included in that path. For example, to generate a path that includes pages in the Services menu tab: | An <b>asterisk (*)</b> in the path string means that the every page from that point on is included in that path. For example, to generate a path that includes pages in the Services menu tab: | ||
services/<b>*</b> | admin/services/<b>*</b> | ||
Or to simply include everything in the entire WebUI (<b>if this path is combined with <i>Read action: Deny</i>, users from that group will not be able to login to the WebUI</b>): | Or to simply include everything in the entire WebUI (<b>if this path is combined with <i>Read action: Deny</i>, users from that group will not be able to login to the WebUI</b>): | ||
Line 148: | Line 120: | ||
<b>*</b> | <b>*</b> | ||
==Users== | |||
The <b>Users</b> section lists all created users and provides the possibility to change their passwords and the group they belong to (with the exception of the default user "admin" which always belongs to the <i>root</i> group). | The <b>Users</b> section lists all created users and provides the possibility to change their passwords and the group they belong to (with the exception of the default user "admin" which always belongs to the <i>root</i> group). | ||
By default, there is only one user called "admin": | By default, there is only one user called "admin": | ||
[[File: | [[File:{{{file_users}}}|border|class=tlt-border]] | ||
===User Settings (edit user)=== | |||
---- | ---- | ||
Each user's password and group parameters can be set in their <b>User Settings</b> pages. To access the User Settings page, click the 'Edit' button next to the user's name. | Each user's password and group parameters can be set in their <b>User Settings</b> pages. To access the User Settings page, click the 'Edit' button next to the user's name. | ||
Line 162: | Line 134: | ||
<u>However</u>, you may want to add a new user at first. This can be done from the [[{{{name}}}_Users#Add_New_User|Add New User]] section below: | <u>However</u>, you may want to add a new user at first. This can be done from the [[{{{name}}}_Users#Add_New_User|Add New User]] section below: | ||
[[File: | [[File:{{{file_users_add_new_ex}}}]] | ||
<ol> | <ol> | ||
Line 173: | Line 145: | ||
Below is an example of a newly added user's settings page: | Below is an example of a newly added user's settings page: | ||
[[File: | [[File:{{{file_users_edit}}}|border|class=tlt-border]] | ||
<table class="nd-mantable"> | <table class="nd-mantable"> | ||
Line 185: | Line 157: | ||
<td>string; default: <b>none</b></td> | <td>string; default: <b>none</b></td> | ||
<td>Displays the user's name.</td> | <td>Displays the user's name.</td> | ||
</tr> | |||
<tr> | |||
<td>Current password</td> | |||
<td>string; default: <b>none</b></td> | |||
<td>Enter the user's current password here if you wish to change it.</td> | |||
</tr> | </tr> | ||
<tr> | <tr> | ||
<td>New password</td> | <td>New password</td> | ||
<td>string; default: <b>none</b></td> | <td>string; default: <b>none</b></td> | ||
<td | <td>Create a new password for the user. The password must contain at least 8 characters, including at least one upper case letter and one digit.</td> | ||
</tr> | </tr> | ||
<tr> | <tr> | ||
Line 198: | Line 175: | ||
<tr> | <tr> | ||
<td>Group</td> | <td>Group</td> | ||
<td>admin | <td>admin | user; default: <b>user</b></td> | ||
<td>The group to which the user belongs.</td> | <td>The group to which the user belongs.</td> | ||
</tr> | </tr> | ||
</table> | </table> | ||
==Add New User== | |||
The <b>Add New User</b> section is used to create additional users that can access the WebUI. After a new user is added, it will appear in the [[{{{name}}} Users#Users|Users]] section. | The <b>Add New User</b> section is used to create additional users that can access the WebUI. After a new user is added, it will appear in the [[{{{name}}} Users#Users|Users]] section. | ||
[[File: | [[File:{{{file_users_add_new}}}|border|class=tlt-border]] | ||
<table class="nd-mantable"> | <table class="nd-mantable"> | ||
Line 228: | Line 200: | ||
<td>Password</td> | <td>Password</td> | ||
<td>string; default: <b>none</b></td> | <td>string; default: <b>none</b></td> | ||
<td | <td>A password for the new user. The password must contain at least 8 characters, including at least one upper case letter and one digit.</td> | ||
</tr> | </tr> | ||
</table>}} | </table> | ||
[[Category:{{{name}}} System section]] |
Revision as of 12:56, 7 May 2020
Template:Networking rutos manual fw disclosure
Summary
The Users window is used to add new user accounts that can access the device with different user credentials than the default ones. The newly added users can be assigned to one of two groups, either of which can be modified to limit WebUI read/write access rights for users belonging to each specific group.
This page is unrelated to SSH users. By default, there is one SSH user named "root" and it shares the same password as the default WebUI user named "admin".
This manual page provides an overview of the Users windows in {{{name}}} devices.
If you're having trouble finding this page or some of the parameters described here on your device's WebUI, you should turn on "Advanced WebUI" mode. You can do that by clicking the "Advanced" button, located at the top of the WebUI.
Groups
The Groups section lists available user groups of which there are three:
[[File:{{{file_groups}}}|border|class=tlt-border]]
- root - highest level of authority. Key elements that define this group:
- has unlimited read/write access;
- additional users cannot be added to this group;
- access rights for this group cannot be modified.
[[File:{{{file_groups_root_visual}}}]] - admin - second highest level of authority. Key elements that define this group:
- limited read access; by default, users belonging to this group cannot view these pages:
- System → [[{{{name}}} Users|Users]].
- unlimited write access by default;
- access rights can be modified.
[[File:{{{file_groups_admin_visual}}}]] - limited read access; by default, users belonging to this group cannot view these pages:
- user - lowest level of authority. Key elements that define this group:
- no write access;
- limited read access; by default, users belonging to this group cannot view these pages:
- Services → Mobile Utilities → Messages → [[{{{name}}} Mobile_Utilities#Send_Messages|Send Messages]];
- System → [[{{{name}}} Users|Users]];
- System → [[{{{name}}} Firmware|Firmware]];
- System → [[{{{name}}} Reboot|Reboot]].
- access rights can be modified.
[[File:{{{file_groups_user_visual}}}]]
Additional note: you can view and/or edit settings for each group by clicking the 'Edit' button next to them. More on information on how to edit group access settings is located in the following section of this manual page.
Group Settings (edit group)
A group's parameters can be set in its Group Settings page. To access the Groups Settings page, click the 'Edit' button next to the group's name. Below is an example of the Group Settings section:
[[File:{{{file_groups_user}}}|border|class=tlt-border]]
Field | Value | Description |
---|---|---|
Write action | Allow | Deny; default: Deny | Specifies whether to allow or deny write actions for users in the group. Write actions consist of changing configurations and performing certain actions (such as clicking buttons). This field directly correlates with the "Write access" field below it, because the selected write action will apply to pages specified in that field. |
Write access | path(s) to page(s); default: * | Path(s) to the page(s) to which the selected "Write action" will be applied. Click the plus symbol to add multiple entries. |
Read action | Allow | Deny; default: Deny | Specifies whether to allow or deny read actions for users in the group. Read actions consist of viewing pages on the WebUI. This field directly correlates with the "Read access" field below it, because the selected read action will apply to pages specified in that field. |
Read access | path(s) to page(s); default:
|
Path(s) to the page(s) to which the selected "Read action" will be applied. Click the plus symbol to add multiple entries. |
Examples
The easiest way to master the syntax is to navigate to page that you want to generate a path for and the copy the path from the URL of that page.
For example, to specify the path to the Services → VPN page, navigate to the page, copy the page's URL address starting from the word "admin" and paste it into one of the access fields:
[[File:{{{file_groups_example}}}]]
However, the VPN window contains links to many different types of VPN pages. If you want to specify only one of them, you can do it as well. For example, to to specify the path to the IPsec page, add "/ipsec" to the path string:
admin/services/vpn/ipsec
An asterisk (*) in the path string means that the every page from that point on is included in that path. For example, to generate a path that includes pages in the Services menu tab:
admin/services/*
Or to simply include everything in the entire WebUI (if this path is combined with Read action: Deny, users from that group will not be able to login to the WebUI):
*
Users
The Users section lists all created users and provides the possibility to change their passwords and the group they belong to (with the exception of the default user "admin" which always belongs to the root group).
By default, there is only one user called "admin":
[[File:{{{file_users}}}|border|class=tlt-border]]
User Settings (edit user)
Each user's password and group parameters can be set in their User Settings pages. To access the User Settings page, click the 'Edit' button next to the user's name.
However, you may want to add a new user at first. This can be done from the [[{{{name}}}_Users#Add_New_User|Add New User]] section below:
[[File:{{{file_users_add_new_ex}}}]]
- create a username;
- create a password for the user (must contain at least 8 characters, including at least one upper case letter and one digit);
- click the 'Add' button;
- click the 'Edit' next to newly added user.
Below is an example of a newly added user's settings page:
[[File:{{{file_users_edit}}}|border|class=tlt-border]]
Field | Value | Description |
---|---|---|
Username | string; default: none | Displays the user's name. |
Current password | string; default: none | Enter the user's current password here if you wish to change it. |
New password | string; default: none | Create a new password for the user. The password must contain at least 8 characters, including at least one upper case letter and one digit. |
Confirm new password | string; default: none | Repeat the new password. |
Group | admin | user; default: user | The group to which the user belongs. |
Add New User
The Add New User section is used to create additional users that can access the WebUI. After a new user is added, it will appear in the [[{{{name}}} Users#Users|Users]] section.
[[File:{{{file_users_add_new}}}|border|class=tlt-border]]
Field | Value | Description |
---|---|---|
Username | string; default: none | A custom name for the new user. |
Password | string; default: none | A password for the new user. The password must contain at least 8 characters, including at least one upper case letter and one digit. |
[[Category:{{{name}}} System section]]