Re: experimental: WLUS with jradmins and admins

To: Andreas Schuldei <andreas@schuldei.org>
Cc: debian-edu@lists.debian.org
Subject: Re: experimental: WLUS with jradmins and admins
From: Finn-Arne Johansen <faj@bzz.no>
Date: Wed, 06 Apr 2005 21:36:09 +0200
Message-id: <[🔎] 42543A29.4010204@bzz.no>
In-reply-to: <[🔎] 20050406190637.GA19859@timotheus.schuldei.org>
References: <[🔎] 20050406190637.GA19859@timotheus.schuldei.org>

Andreas Schuldei wrote:

this is an experimental version of wlus that supports ACLs that
allow for jradmins and admins to change passwords for users.

I recommend to test this on sarge based debian-edu systems to
start with. It is possible to do the same thing for woody
installes, but it requires an other ACL syntax. And since we will
have slapd 2.2 in sarge soon, anyway, i thought it was best to
use that for development.

To test this software you need to install the slapd 2.2.X from

debian unstable. so you need to add a line like

deb http://ftp.no.debian.org/debian/ unstable main contrib non-free

to your sources.list.

then downloadhttp://developer.skolelinux.no/~andreas/webmin-ldap-user-simple_1.4-4_all.deb

http://developer.skolelinux.no/~andreas/slap-config.tar.gz

then

stop slapd/etc/init.d/slapd stop

Although there will be created a dump during upgrade-ldap-backend, Ithinks it's smart to do a

 slapcat -l /var/backups/tjener.ldif
before continuing.

I think upgrade-ldap-backend also does this (although to another file),but it never hurts to be on the safe side.

untartar xfz slap-config.tar.gz -C /etc/ldapinstall the new slapd and necessary dependenciesapt-get install slapdinstalldpkg -i webmin-ldap-user-simple_1.4-4_all.debupgrade the ldap database backend
	upgrade-ldpa-backend

small correction:
 upgrade-ldap-backend

start slapd
	/etc/init.d/slapd start


now you should be able to add a new user of the role jradmins or
admins. when logging into webmin as that user you should be able
to modify passwords of the lesser authority groups.
this is the ranking of the authority groups

admin
admins
jradmins
students teachers

example:
- a user in the group students can have his password changed by
  jradmins and admins and admin and himself
- a user in the groups jradmins and students can get his password
  changed by admins and admin and himself
- a user in the group admins can get her password changed by
  admin and herself.

plans are to give more power to the admins group, besides

changing passwords.



--
Finn-Arne Johansen
faj@bzz.no
http://bzz.no/

Reply to:

References:
- experimental: WLUS with jradmins and admins
  - From: Andreas Schuldei <andreas@schuldei.org>

Prev by Date: experimental: WLUS with jradmins and admins
Next by Date: Please test new discover-data for woody
Previous by thread: experimental: WLUS with jradmins and admins
Next by thread: Re: experimental: WLUS with jradmins and admins
Index(es):
- Date
- Thread