[Freeipa-users] users account functionality

Dmitri Pal dpal at redhat.com
Tue May 7 20:01:26 UTC 2013 

On 05/03/2013 03:24 AM, Juan Armario wrote:
> Sorry for my english.
>
> My doubt is about the user's functions. For example when I want to do
> the login into the web site and I don't remember the pass. I click in
> a link, button... and I receive a mail with the instructions for reset
> the pass, or with a temporary pass that I must change...
>
> The others functions are when the user want to create a account, and
> fill in a form with name, surname... and the admin receive a mail and
> active the account. The same for delete the account.
>
> Exist something already implemented or have I to do it? Is not a
> problem for me do it, but it's better use something already tested and
> working.
>
> I hope now my doubt is more clear.

Sorry for delayed reply. Was away for couple days.
Yes. Now it is more clear.

Let me summarize:

1) Provide a self service password reset capability.
https://fedorahosted.org/freeipa/ticket/3611

2) Provide a self service interface to reset forgotten password using
some kind of temporary code.
https://fedorahosted.org/freeipa/ticket/3612

3) Provide a self service enrollment capability with admin approval and
notification workflow
https://fedorahosted.org/freeipa/ticket/3613

4) Provide a self service account decommissioning with admin approval
https://fedorahosted.org/freeipa/ticket/3614

None of these are implemented so I opened tickets on your behalf.
We would be glad if someone would pick it up however please start with
the design proposal and get it acked on the list because this area is
very security sensitive and we do not want to jeopardize the security
and integrity of the system.


>
> thanks.
>
> On 02/05/13 15:49, John Dennis wrote:
>> On 05/02/2013 04:42 AM, Juan Armario wrote:
>>> Hi,
>>>
>>> I'm Juan and I'm building a freeipa application and need to know if it
>>> possible integrate a module or if is already developed, the typical
>>> functionality when we want an authentication service for our users,
>>> like
>>> remember password, create users, and send an email for confirmation, or
>>> send a account delete  request.
>>>
>>> We have installed the basic freeipa and we need to incorporate this
>>> functionality.
>>>
>>> Exist this or have I to implement it?
>>
>> It's a little hard to understand exactly what you're looking to
>> accomplish, for instance what does "remember password" mean?
>>
>> It doesn't sound like what you're looking for requires adding a
>> plugin module, rather you're looking to add a front-end to IPA which
>> is easy to do with scripts. IPA is quite amenable to scripting
>> because we provide a command line interface. You can either call the
>> ipa command from a shell script or you can write your own Python
>> scripts and invoke the IPA API directly. Be careful though, the type
>> of operations you've described all require administrator privileges,
>> it's not something a general user can do.
>>
>>
>
>


-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager for IdM portfolio
Red Hat Inc.


-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/

More information about the Freeipa-users mailing list