Re: What Skolelinux want from Cerebrum
[ Petter Reinholdtsen ]
(Sorry for the delay. This is what you get for reading mail very late
or very early. I simply forgot all about it. Sorry.)
> Here are some notes on what we want Cerebrum to do in Skolelinux.
> - import person info from school admin system / whatever
> - generate accounts and update group membership automatically
> - close down accounts and remove user data when the person quit
Ok. This is what Cerebrum does, so there shouldn't be any major
rewrites that has to be done.
> - export user three to LDAP, usable by NSS-LDAP.
> - export user filegroups and netgroups to LDAP, usable by NSS-LDAP.
> - export automount maps of user disks to LDAP, usable by autofs
> (- export host netgroups, usable by NSS-LDAP.)
User- and person-trees: ok. I'm not sure about automount maps. A
Cerebrum-developer(Rune Frøysa) claims he has the essential part of
the infamous MREG coded for Cerebrum. I guess we'll have to speak
> - handle account locking
> - allow teachers to change password on "their" pupils
> - allow admins to change password on all users
bofhd has a very strong and dynamic authorization-model. Privileges
are granted to persons which need them. I'm not sure if this is done
automagicly, but I don't see why it couldn't.
> - handle printer quotas with CUPS
I don't know anything about printer-quotas and Cerebrum. I know there
is a printer-module in Cerebrum, but that's all. I'll ask around.
> - allow teachers and admins to update quota info for pupils
> This is a first draft. It is probably not complete, and should
> include more info on each point.
It is a first draft, indeed. :) We've spoken about slx and Cerebrum
several times, but never made a spec. This is a nice start.
 MREG is a ghost at the University of Oslo. Before Cerebrum, UoO
used a user-administration-system called UREG. MREG was supposed to
manage machine-related information as a module for UREG. It was never
finished and is now the equivalent of an urban-legend at UoO.
 BOFH is the frontend to Cerebrum. bofhd is the server. bofh the
client. No need to explain the acronym.
"If it works; HIT IT AGAIN!"