starting from a new truenas setup
as per advise during setup i went with the truenas_admin
then i create my pool and datasets. I check the owner is root.
i create a new user (for simplicity sake i call it admin. yes i know they ask u make it unique)
then i do rsync to recover my data from old nas using admin account (lets just ignore zfs replication, outside scope for my questions, thx)
So then i double check, the owner for the folders/subfolders after recover is admin
is this correct? or should i have set the rsync to owner?
So anyway, i tried to change the owner to root thinking that is the correct setup.
To do this i had to allow login for root, allow ssh, to login to winscp, to right click permissive change owner from admin to root. But that didn’t work.
note: another reason i had to login with root to winscp, was so i could browse and access the /var/log txts which was totally inaccesible unless i did so
In the end i had to go to winscp, delete the contents of the dataset, then redo the rsync with root selected as the user, then it did what i wanted.
Also another reason to use user root for rsync was when i used admin i noticed in logs i got this error
rsync: [generator] failed to set times on “/mnt/Mog/Storage5”: Operation not permitted (1)
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1865) [generator=3.2.7]
but when root user was used, this error did not occur.
Anyway this is my understanding. i know i made mistakes, but i don’t know a better way to manage it. Any tips? And is it correct that the dataset owner should be root? 
and if u arent suppose to enable login for root, or ssh, how else are you suppose to do the stuff i mention alternatively then? 
sources
*update
was working on setting up jailmaker and spotted this
Before You Begin
Before beginning, go to Credentials > Local User, click on the root user and then Edit to enable the root user password. Log into TrueNAS as root user to complete the commands in the procedures in this article. When finished, to security-harden the system, disable the root user password, log out of TrueNAS, and then log back into TrueNAS as the administrator user.
sauce
ok so whenever i need to go winscp to direct access the stuff, i can temp enable the credential for login, do what i need, then disable it back. got it.
also for my rsync, found the jobs where the logs are shown in truenas ui. so i don’t need to specifically access those log files directly using winscp. but there are still other things i need to be able to do it that way.
moving forward, i’ll just do it like this enable/disable when needed. in the initial stuff they dont mention this. they simply said disable login for root and use some other new account instead. they dont explain beyond this 
still not clear about the other stuff mentioned though 