[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

experimental: WLUS with jradmins and admins

this is an experimental version of wlus that supports ACLs that
allow for jradmins and admins to change passwords for users.

I recommend to test this on sarge based debian-edu systems to
start with. It is possible to do the same thing for woody
installes, but it requires an other ACL syntax. And since we will
have slapd 2.2 in sarge soon, anyway, i thought it was best to
use that for development.

To test this software you need to install the slapd 2.2.X from
debian unstable. so you need to add a line like 

deb http://ftp.no.debian.org/debian/ unstable main contrib non-free

to your sources.list.

then download 

stop slapd 
	/etc/init.d/slapd stop
	tar xfz slap-config.tar.gz -C /etc/ldap 
install the new slapd and necessary dependencies
	apt-get install slapd 
	dpkg -i webmin-ldap-user-simple_1.4-4_all.deb 
upgrade the ldap database backend
start slapd
	/etc/init.d/slapd start

now you should be able to add a new user of the role jradmins or
admins. when logging into webmin as that user you should be able
to modify passwords of the lesser authority groups.
this is the ranking of the authority groups

students teachers

- a user in the group students can have his password changed by
  jradmins and admins and admin and himself
- a user in the groups jradmins and students can get his password
  changed by admins and admin and himself
- a user in the group admins can get her password changed by
  admin and herself.

plans are to give more power to the admins group, besides
changing passwords. 

Reply to: