[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: User Administration

On Fri, Oct 29, 2004 at 01:06:32PM +0200, Runo Forrisdahl wrote:
> On Fri, Oct 29, 2004 at 12:10:17PM +0200, Rudolf Weeber wrote:
> | Hi,
> | On Fri, Oct 29, 2004 at 12:04:32PM +0200, Runo Forrisdahl wrote:
> | > Hi,
> | > 
> | > Is it possible to give other users than root create/modify and delete users
> | > and groups rights in Skolelinux?
> | Yes, you can use sudo to do that.
> | Tha man-page fo the sudoers file has examples for just that purpose.
> | 
> I find this in the sudoers man-page:
> +secretaries   ALL = PRINTING, /usr/bin/adduser, /usr/bin/rmuser
> and indeed this will work, but will the adduser/rmuser scripts populate LDAP
> or /etc/passwd/shadow? When I tested it added the user to passwd/shadow and
> not to LDAP, and in LDAP is where I want my users to be. Can I then still
> use adduser/rmuser?

No, sudo will not be usefull with webmin and adding users in
Skolelinux. We uses ldap, and yes, it is possible to allow other users
than root to add users. 
Actually we uses the the ldap-administrator "admin" to administer the
ldap. By default, the admin password is the same as the root password.
when it comes to webmin, if you log in as root, you actually are using
the unix-root-account, and if you do so, you are able to
add/delete/modify other users. There was talk about letting the group
"admins" use the ldap admin password to add/delete/modify other users,
but I haven't checked the changelog to see if it has happened. 

If you want that functionality, then you are free to either implement
it, or help funding someone to do it. 

Finn-Arne Johansen 

Reply to: