RUTX11 System Users — Teltonika Networks Docs

Change Password

The User configuration section is used to change the password of the current user.

Password Policy

The Password policy section is used to configure password policy and password expiration settings.

Field	Value	Description
Minimum password length	integer; default: 8	Minimum password length is from 8 to 64 characters.
Digits	off \| on; default: on	Password must contain at least one digit (0-9).
Upper / lower case characters	off \| on; default: on	Password must contain at least one upper and lower case letter (A-Z, a-z).
Special characters	off \| on; default: on	Password must contain at least one special character (~`! @#$%^&*()-_+={}[]\|\;:"<>,./?).
Password expiration	off \| on; default: off	A new password will need to be created once the current one reaches its expiration date. The password expiration period can be set from 1 to 365 days.

System Users

Summary

The System Users page is used to add new user accounts that can access the device with different user credentials than the default ones. The newly added users can be assigned to one of two groups, either of which can be modified to limit WebUI read/write access rights for users belonging to each specific group.

This page is unrelated to SSH users. By default, there is one SSH user named "root" and it shares the same password as the default WebUI user named "admin".

This manual page provides an overview of the Users page in RUTX11 devices.

Groups

The Groups section lists available user groups of which there are three:

root - highest level of authority. Key elements that define this group:
- has unlimited read/write access;
- additional users cannot be added to this group;
- access rights for this group cannot be modified.
admin - second highest level of authority. Key elements that define this group:
- limited read access; by default, users belonging to this group cannot view these pages:
  - System → Administration → Users Settings → System Users
  - System → Administration → Profiles
  - System → Maintenance → Backup
  - System → Firmware
  - System → Maintenance → CLI
  - System → Setup Wizard
  - System → Maintenance → Custom Scripts
- limited write access; by default, users belonging to this group cannot view these pages:
  - System → Administration → Users Settings → System Users
  - System → Maintenance → Backup
  - System → Firmware
  - System → Maintenance → CLI
  - System → Setup Wizard
  - System → Maintenance → Custom Scripts
  - System → Administration → Access Control → General
  - System → Administration → Profiles
- access rights can be modified.
user - lowest level of authority. Key elements that define this group:
- no write access;
- limited read access; by default, users belonging to this group cannot view these pages:
  - System → Administration → Users Settings → System Users
  - System → Firmware
  - System → Maintenance → Backup
  - System → Administration → Access Control
  - System → Maintenance → CLI
  - System → Maintenance → Custom Scripts
  - System → Maintenance → Troubleshoot
  - System → Package Manager
  - Network
  - System → Setup Wizard
  - Services → Hotspot → General → Userscripts
- access rights can be modified.

Additional note: you can view and/or edit settings for each group by clicking the 'Edit' button next to them. More on information on how to edit group access settings is located in the following section of this manual page.

Group Settings (edit group)

A group's parameters can be set in its Group Settings page. To access the Groups Settings page, click the 'Edit' button next to the group's name. Below is an example of the Group Settings section:

Field	Value	Description
Hide sensitive information	off \| on; default: on	Enabling this option will restrict this user group from viewing sensitive information, such as passwords, private keys and related data. Editing rights for sensitive information fields will remain available, if applicable.
Write action	Allow \| Deny; default: Allow	Specifies whether to deny or allow write access for users belonging the group.
Write access	path(s) to page(s); default: System > Administration > User Settings > Change Password	Controls the ability of users to change and execute the contents (e.g. Network > Lan).
Read action	Allow \| Deny; default: Deny	Specifies whether to deny or allow read access for users belonging the group.
Read access	path(s) to page(s); default: in the picture above	Path(s) to the page(s) to which the selected "Read action" will be applied. Click the plus symbol to add more entries.

The easiest way to master the syntax is to navigate to page that you want to generate a path for and the copy the path from the URL of that page.

For example, to specify the path to the Network → Mobile page, navigate to the page, copy the page's URL address starting from the symbol "#" and paste it into one of the access fields:

However, the VPN window contains links to many different types of VPN pages. If you want to specify only one of them, you can do it as well. For example, to to specify the path to the IPsec page, add "/ipsec" to the path string:

services/vpn
/ipsec

An asterisk (*) in the path string means that the every page from that point on is included in that path. For example, to generate a path that includes pages in the Services menu tab:

services/
*

Or to simply include everything in the entire WebUI (if this path is combined with Read action: Deny, users from that group will not be able to login to the WebUI):

Users

The Users section lists all created users and provides the possibility to change their passwords and the group they belong to (with the exception of the default user "admin" which always belongs to the root group).

By default, there is only one user called "admin":

Admin user

Field	Value	Description
Username	admin; default: admin	Displays the user's name.
Current password	string; default: none	Enter your current user password.
New password	string; default: none	Create a new password for the user. The password must contain at least 8 characters, including at least one upper case letter and one digit. Another option is to use the 'Dice' icon, which generates random passwords.
Confirm new password	string; default: none	Repeat the new password.
Group	root; default: root	The group to which the user belongs.
Enable SSH access	off \| on; default: off	Enables SSH access (only for 'root' users).

User Settings (edit user)

Each user's password and group parameters can be set in their User Settings pages. To access the User Settings page, click the 'Edit' button next to the user's name.

However, you may want to add a new user at first. This can be done from the Add New User section below:

create a username;
create a password for the user (must contain at least 8 characters, including at least one upper case letter and one digit);
click the 'Add' button;
click the 'Edit' next to newly added user.

Below is an example of a newly added user's settings page:

Field	Value	Description
Username	string; default: none	Displays the user's name.
New password	string; default: none	Create a new password for the user. The password must contain at least 8 characters, including at least one upper case letter and one digit. Another option is to use the 'Dice' icon, which generates random passwords.
Confirm new password	string; default: none	Repeat the new password.
Group	admin \| user; default: user	The group to which the user belongs.
Enable SSH access	off \| on; default: off	Enables SSH access (only for 'root' users).

Add New User

The Add New User section is used to create additional users that can access the WebUI. After a new user is added, it will appear in the Users section.

Field	Value	Description
Username	string; default: none	A custom name for the new user.
Password	string; default: none	A password for the new user. The password must contain at least 8 characters, including at least one upper case letter and one digit. Another option is to use the 'Dice' icon, which generates random passwords.