About Me
MikroTik Certified User Management Engineer (MTCUME)
1 Introduction to MikroTik
1-1 Overview of MikroTik products
1-2 MikroTik RouterOS basics
1-3 MikroTik hardware overview
1-4 MikroTik software overview
2 User Management Fundamentals
2-1 Understanding user roles and permissions
2-2 Creating and managing users
2-3 User groups and their usage
2-4 Password policies and security
3 Advanced User Management
3-1 Implementing role-based access control (RBAC)
3-2 Customizing user profiles
3-3 User authentication methods
3-4 Integrating external authentication sources
4 User Access Control
4-1 Configuring access lists (ACLs)
4-2 Managing user access to resources
4-3 Time-based access control
4-4 Monitoring and logging user activities
5 User Management in Network Services
5-1 User management in DHCP
5-2 User management in VPN
5-3 User management in firewall
5-4 User management in hotspot
6 User Management in Cloud
6-1 Introduction to MikroTik Cloud
6-2 Managing users in MikroTik Cloud
6-3 Integrating Cloud services with user management
6-4 Security considerations in Cloud user management
7 Troubleshooting User Management
7-1 Common user management issues
7-2 Debugging user authentication problems
7-3 Resolving access control issues
7-4 Performance optimization in user management
8 Best Practices and Compliance
8-1 Best practices in user management
8-2 Compliance with industry standards
8-3 Auditing user management configurations
8-4 Continuous improvement in user management
Creating and Managing Users in MikroTik

Creating and Managing Users in MikroTik

In MikroTik RouterOS, managing users is a critical aspect of network security and administration. This webpage will guide you through the key concepts and steps involved in creating and managing users, ensuring you have a comprehensive understanding of this essential task.

Key Concepts

1. User Groups

User groups in MikroTik allow you to manage permissions and access levels for multiple users simultaneously. By assigning users to groups, you can control what resources and services they can access. This is akin to organizing employees into departments in a company, where each department has specific roles and responsibilities.

2. User Profiles

User profiles define the settings and permissions for individual users. These profiles can include details such as login credentials, access rights, and time restrictions. Think of user profiles as individualized contracts that specify what each user is allowed to do within the network.

3. Access Lists

Access lists are rules that determine which users can access specific network resources. These lists can be applied to both user groups and individual users. Access lists are like security checkpoints at an airport, ensuring that only authorized individuals can proceed to certain areas.

4. Time Restrictions

Time restrictions allow you to limit when users can access the network. This feature is particularly useful for controlling access during non-business hours or for specific tasks. Time restrictions are like scheduling appointments, ensuring that users can only access the network during predetermined times.

Creating and Managing Users

Step 1: Creating a User Group

To create a user group, follow these steps:

  1. Open Winbox and connect to your MikroTik device.
  2. Navigate to System > Users > Groups.
  3. Click Add to create a new group.
  4. Enter a name for the group and configure the permissions as needed.
  5. Click OK to save the group.

For example, you might create a group called "NetworkAdmins" with full access to all network resources.

Step 2: Creating a User Profile

To create a user profile, follow these steps:

  1. Navigate to System > Users > Profiles.
  2. Click Add to create a new profile.
  3. Enter a name for the profile and configure the settings, such as access rights and time restrictions.
  4. Click OK to save the profile.

For example, you might create a profile called "LimitedAccess" that restricts access to certain network services during business hours.

Step 3: Adding Users

To add users, follow these steps:

  1. Navigate to System > Users.
  2. Click Add to create a new user.
  3. Enter the username, password, and select the appropriate group and profile.
  4. Click OK to save the user.

For example, you might add a user named "JohnDoe" to the "NetworkAdmins" group with the "LimitedAccess" profile.

Step 4: Configuring Access Lists

To configure access lists, follow these steps:

  1. Navigate to IP > Firewall > Filter.
  2. Click Add to create a new rule.
  3. Configure the rule to allow or deny access based on user groups or individual users.
  4. Click OK to save the rule.

For example, you might create a rule that denies access to the internet for users in the "Guest" group.

Step 5: Applying Time Restrictions

To apply time restrictions, follow these steps:

  1. Navigate to System > Scheduler.
  2. Click Add to create a new schedule.
  3. Configure the schedule to define the time periods when access is allowed or denied.
  4. Apply the schedule to the relevant user profiles or groups.
  5. Click OK to save the schedule.

For example, you might create a schedule that allows access only from 9 AM to 5 PM on weekdays.

By following these steps, you can effectively create and manage users in MikroTik RouterOS, ensuring secure and efficient network administration.

© 2024 Ahmed Baheeg Khorshid. All rights reserved.