experimental: WLUS with jradmins and admins
this is an experimental version of wlus that supports ACLs that
allow for jradmins and admins to change passwords for users.
I recommend to test this on sarge based debian-edu systems to
start with. It is possible to do the same thing for woody
installes, but it requires an other ACL syntax. And since we will
have slapd 2.2 in sarge soon, anyway, i thought it was best to
use that for development.
To test this software you need to install the slapd 2.2.X from
debian unstable. so you need to add a line like
deb http://ftp.no.debian.org/debian/ unstable main contrib non-free
to your sources.list.
then download
http://developer.skolelinux.no/~andreas/webmin-ldap-user-simple_1.4-4_all.deb
http://developer.skolelinux.no/~andreas/slap-config.tar.gz
then
stop slapd
/etc/init.d/slapd stop
untar
tar xfz slap-config.tar.gz -C /etc/ldap
install the new slapd and necessary dependencies
apt-get install slapd
install
dpkg -i webmin-ldap-user-simple_1.4-4_all.deb
upgrade the ldap database backend
upgrade-ldpa-backend
start slapd
/etc/init.d/slapd start
now you should be able to add a new user of the role jradmins or
admins. when logging into webmin as that user you should be able
to modify passwords of the lesser authority groups.
this is the ranking of the authority groups
admin
admins
jradmins
students teachers
example:
- a user in the group students can have his password changed by
jradmins and admins and admin and himself
- a user in the groups jradmins and students can get his password
changed by admins and admin and himself
- a user in the group admins can get her password changed by
admin and herself.
plans are to give more power to the admins group, besides
changing passwords.
Reply to: