Hello,
i was wondering if there is a way to ‘disable’ the users oneadmin/serveradmin from the gui sunstone. Off course on server the users have to exist.
Because everyone uses those accounts, the risk of leave those accounts available, is too high for me. Is there a way to make those account unavailable to only the gui ?
Running 6.8 CC on Ubuntu 22.04 servers, cluster of 7…
Could you please elaborate why would you need to disable those users from the GUI (it is not supported). You can only access those accounts if you know the password. If you want users to have oneadmin privileges without being oneadmin, you can have these users in the oneadmin group and leave oneadmin only accessible to you.
Thank you for your response. Shure i can.
We want to exclude the super superusers from the ‘internet accessible’ user interface. We always can the oneadmin user as root-account on our debian based systems (for things like upgrades and stuff). All the rights for the administartor users are set correct, and they have to use the 2 factor authentication.
For the oneadmin user, we have to system admins (with own accounts on the GUI), we tried to set the 2Fa for both, but that did not work. The only account at this moment on the internet accessible GUI, that has no 2Fa, is the oneadmin (and serveradmin) user.
It’s just a possible security risk when the super superadmin (oneadmin) has no 2Fa.
Maybe my knowledge is not enough, but if there are other ways, sure, but i really like to secure the oneadmin-user a bit more than (not that) simple password.
Thank you for reading and mayby thinking along.