Hi, I think some function like eAlign and Wireless Link Test are helpful on "Home" user...
First, please do not take this as an attack against your request/idea. You may have a valid reason for it and I am not trying to discredit it, but I have a simple set of questions that I think should be asked and My reasons for not wanting a client to have access. “Do you want clients messing with alignment?” This feature might be nice for self installs, but you still have to support the client and even truck-roll to fix a bad install. Worse yet, having to curry good feelings from said self-install gone wrong by fixing it at a reduced fee or no fee at all. Clients tend to not care that they mounted the antenna wrong, missed a structural member and now the expensive radio and antenna are lying on the lawn, a hole in the roof and arguing that you need to pay to fix everything, including their roof. “Do you want clients sitting on the SM webpage doing repeated link-tests?” I have yet to see a WISP network that didn’t have at least 2 clients that basically do nothing but sit there and do speed tests and then complain that we are not giving the full package specified, despite that we don’t control the whole internet to the server they are accessing (this is why we have specific contract clauses about this behavior and limit any commitment regarding speed testing to in network servers only). “If given access, are you able to detect an access permissions elevation attack?” lets face it, the SM is a micro-computer with an Ethernet port on one side and a wireless port on the other. The stripped down version of Linux that they run is fairly secure, but it is possible that an exploit could be found to elevate a home user to admin. I know of no known exploit for this yet, but it is a matter of time before one is found and yes one will be found eventually. I have a few clients that I have had to remove client side access to the web-interface completely due to access attempts, I would not want to give them even the slightest bit of access as then they may be able to prove my paranoia as valid. I think being able to select what the “Home” account has access to would be a much more meaningful method and ensuring that the “Home” account does not need to login like the way Canopy SM’s displayed basic information on the title page before logging in to the page. This would provide the security since they wont have valid credentials and allow you to specify what they have access to even if only until the SM downloads its configuration from the Radius/cnMeastro server.
I have suggested in the past the eAlign for the "readonly" account. I have several customers that choose to self install or want to try to fix their alignment issues themselves instead of paying for a service call.
Never have we had any of the above situations happen in the past 15 years.