Topic: User Manager

[Thomas Kristensen]

Hi,

I have a SME 5.5 installed which is being used as sort of a family server. My family around the country have their email and stuff hosted on it.

I downloaded and installed the User Manager package because I needed a convenient way to let the users change their passwords and because I simply couldn't imagine explaining to my 60-year old mother that she had to create a VPN connection and what not in order to change passwords

Now the question is: User Manager is only accessible from within my own network, how do I make accessible from the Internet???

Thanks in advance,
Thomas Kristensen

[guestHH]

Hi Thomas,

As far as I know the user-manager is intended for 5.1.2. so it will not work on a 5.5

Regards,
guestHH

[Greg Zartman]

Usermanager most certianly does work work with SME 5.5 as I am using it on my setup.

By design, the Server Manager and User Manager are only accessable from behind your firewall.    SME 5.5 provides a means for defining an external network that will be granted access to the server manager (although, I haven't used this feature).  The catch is that you really need to be on a static connection to take advantage of this.  

At one point, I remember reading on this forum of users configuring the server-manager to allow access outside their networs, but I recall the technique being somewhat advanced.  What this really boils down to is:  Yes, you will need to setup a VPN connection if you want mom to access the user manager.   If you are running Win2000 of XP, no problem.  You can setup a secondary network connection to your SME server in less than five minutes.  I have such a connection on my laptop that I use to access my server-manager from home.  After dialing in to my isp, I simply double click the connection to my SME network and preso, I'm connected.  

The real question I'd be asking myself if I were you is why it is so important that your family members have access to the user-manager? Can't they fire you an email asking you to change their password for them?  Unless you have a REALLY big family, this certainly won't result in my work for you.

Greg

[Jeff C]

Greg,

This is timely for me as well.  I have a client that it interested in hosting a small isp out of an SME 5.1.2 box.  The issue of creating a PPTP connection to give users access to the user-manager is problematical.

So we are also looking to give users ssl access to the user-manager.

Any ideas?

Cheers,

-jeff

[Thomas Kristensen]

Greg and Jeff,

Thanks for your replies...

I'll have to agree with Jeff. Creating a VPN connection is no walk in park for novices running Win9x, which most of my "users" (ie. family) do.

Another point is convenience for myself. My family isn't that big but on some level I don't want to know their passwords and allowing access to user-manager seems like a good idea to me. Then they can go change their passwords, vacation messages etc without bothering me.

An SSL solution would also work, I guess, but the User Manager is far more elegant and I believe (without knowing) that it's just a matter of changing a few entries in a conf-file to make it work. But which one???

Cheers,
Thomas

[guestHH]

Well Greg, thanks for your confirmation regarding 5.5. This means _my_ setup is faulty.

Time to investigate

Regards,
guestHH

[Darrell May]

Thomas Kristensen wrote:
> Now the question is: User Manager is only accessible from
> within my own network, how do I make accessible from the
> Internet???

http://www.e-smith.org/docs/howto/remote-mgr-access-howto.html

Darrell

[stephen noble]

on the subject of the userpanel, i've forked the development

http://www.dungog.net/sme/howto/delegate.html

this method is more secure for business or if your users need protecting from themselves.

procmail and autoreply have been updated
a new panel user-backup has been added

real soon now i'll fix the user-password so you don't have to enter your passwords twice, this affects 5.5

regards
stephen noble

[Jeff C]

I think there is some confusion here.

The main question is not how to give users partial access to the server-manager functions, nor is it to make server-manager available from anywhere.

The question is how to make the user-manager panel (either Darrel's or Stephen's) available from any IP on the net via an ssl connection.

-jeff

[Greg Zartman]

Jeff C wrote:
>
> I think there is some confusion here.

I think you're right Jeff.  Neither Darrell's nor Stephen's posts go to the original question:  How to access the user manager via ssl.  Darrell's post points a person at a howto for setting up windows VPN (which I prefer.).  Stephens post points you at a hybrid usermanger (while I haven't tried this, it looks like  very good contrib).

This issue has been discussed on this forum and possible the devinfo forum at one point.  As I mentioned in my 8/27 post, the technique was a bit advanced.  I'll do a little digging this morning and see if I can find the thread.

Greg

[Greg Zartman]

Have a look at this:
http://myezserver.com/downloads/mitel/howto/mindterm-howto.html

Seems that I played around with this at one point and couldn't get it to work.  

I think the window VPN approach is ALOT easier.  I talked my brother through the process, on a Win98 machine, over the telephone.

Greg

[Thomas Kristensen]

Greg,

I haven't actually tried the Mindterm thing but from what I can read in the how-to it does the same thing as I can do with puTTY, right?

That could also work for me, if only users other than root/admin could log in. Is that possible??

Thomas