On Fri, 11 Oct 2002 19:38:52 -0600
"Ashley M. Kirchner" <[EMAIL PROTECTED]> wrote:
>
> Most of the users on our network simply use it for checking
> email, and
> hosting their websites. Most of them don't know how to log in
> through SSH should they need to. Consequently if and when their
> password expires, they don't know what to do, or where to go to get
> it reset. And them picking up the phone and calling me isn't
> exactly efficient either.
>
> Is there some (secure) way of having them go to some webpage (on
> the
> system) that will ask for their username, current password and then
> give them the option to change their password?
>
> And on that same token, any suggestions on what to do when
> someone forgets
> their password? Maybe some type of form that allows them to enter
> an alternative email address (that they have access to) and have the
> system generate a new, random one and mail it out?
>
> How do ISP's deal with these things really?
>
>
Cgipaf is a combination of three CGI programs. passwd.cgi, which
allow users to update their password, viewmailcfg.cgi, which allows
users to view their current mail configuration, and mailcfg.cgi, which
updates the mail configuration. All programs use PAM for user
authentication. It is possible to run a script to update SAMBA
passwords or NIS configuration when a password is changed. mailcfg.cgi
creates a .procmailrc in the user's home directory. A user with too
many invalid logins can be locked. The minimum and maximum UID can be
set in the configuration file, so you can specify a range of UIDs that
are allowed to use cgipaf.
http://staf.patat.org/cgipaf/
Regards,
Tom
--
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list
