From the user administration, you can create new users and user groups. A new group is created by typing in the group name while creating or updating a user. A new user group comes without any permissions.
By default, a user who's not a member of the Administrators group can't do anything with rport. From the inventory, you can assign a host to none-admin users. This enables the users to execute any action on the host.
Assign a client to a user
Starting with RPort version 0.9.0 assigning a client to a user will not give only minimal rights such as searching for clients and viewing their inventory. For any further action like creating tunnels or executing scripts, group permission are needed.
RPort version 0.9.0 has introduced user group permissions. To allow certain actions, you must give permission to a user group.
If two or more groups are assigned to a user and groups have contra dictionary permissions, the authorization wins over the denial.
Example: If a user is a member of the groups Red and Blue, and Red allows script while Blue denies it, script will be allowed.
Keep in mind, that client permission is also needed. If a user is a member of a group with scripts unlocked, the user can execute scripts only on the assigned clients.
Members of the Administrators group are granted full permission and can therefore perform any action on all clients.
With the rport-plus plugin, you can control which user group is allowed to execute which command.
With the rport-plus plugin, you can control which kind of tunnels a user group is allowed to create.
