Topic: Add option to allow remote access to user-password screen

[zoi]

A simple need which several people are requesting in differing ways, is to allow users to change their passwords from anywhere on the internet.

The option to allow remote access to the user-password screen seems the simplest solution as an option against the access forbidden screen which is currently displayed.

As a part of this it might be worth considering forcing the use of a secure http session.

[guest22]

There is a contrib out here and together with the default SME Server functionality it could be done.

Head over to the other forums and fire up your wishes together with others.

[cc_skavenger]

search for user-panel contrib

[zoi]

I think the point of my suggestion was to make the option a part of the default installation.

Extra user configurable menu items in the GUI for the default installation would assist many users of SME.

Choosing whether to force http or https might be a part of the option.

I know there are measures out there to address the request. My Suggestion is to make them a part of the options in the default setup.

I'm sorry, but it is only a suggestion, but I think most average joe's dont understand how to use 'putty' to be able to login remotely.

I simple request for an idiot like me who wants simple functionality for my users.

Once again, its a suggestion for the powers that be, to add an extra option or two for a widely requested additional access feature.

[jcoleman]

Go to:

https://yourservername/user-manager

This feature already exists.

I hope that was fast enough service for your request :>

-jeff

[zoi]

Which version of SME is that with because its not on mine, I am running  SME Server 6.0.1-01.  and there is no such screen as a part of the default installation.

?!?

[wyron]

No, you're quite right, Zoi
The user-manager is a contrib.
And putty (or equivalent) is required to create the secure link. It's parallel to the server-manager access.
The only remedy I know of, is to add your external users' networks to local networks in server-manager, but that is NOT recommendable.
Lets see what possibilities 6.5 or later versions offer, once the kinks have been untangled.

[zoi]

WTF, OMFG.

Lets start from the top.

My SUGGESTION is for the DEFAULT INSTALLATION to include the EXISTING FACILITY of users being able to change their passwords (/user-password), to be able to FROM ANYWHERE ON THE NET as an additional option.

SEPERATELY, I suggest the OPTION to FORCE Secure HTTP sessions for User-password and Server-Manager.

I know the ability is their.
I know there is a contrib
I know it can be done already.....

Im SUGGESTING having the ABILITY to CHOOSE to allow users to change their password from ANYWHERE on the internet AS AN OPTION within the DEFAULT INSTALLATION.

If you still dont get it, please go back to the top and re-read my original post, and then re-read this one.

[wyron]

Sorry for the intrusion, zoi, and for the ripples in your sobriety.
I shan't ever answer posts from you again - that's a promise!

[zoi]

I'm sorry wyron if I seem to come off a bit strong, but if you read my posts in this thread you'll notice I'm making a suggestion.

I figured thats what the Suggestion forum was for.

There are other enquiries about how to work about my needs in the other forums.

So not aimed at anyone in particular I make this point.

Please read the post for what it is, not everyone is just looking for an answer to a problem.

I made a suggestion, I hope that everyone understands, that thats all that it is.

I apologise to anyone who has take offence to my posts in this thread, but you all seem to be going off on a tangent to what the thread is about all.

[wyron]

All right, zoi, I'll go back on my promise, and answer this one.
1. I had read the whole thread, and so knew beforhand that you only offered a suggestion.
2. I noted the condescending comment from at least one of the professionals at contribs, and so found it worth the effort to 'second your motion'.
Thats why your rebuke provoked me to bare my fangs.

[slords]

My SUGGESTION is for the DEFAULT INSTALLATION to include the EXISTING FACILITY of users being able to change their passwords (/user-password), to be able to FROM ANYWHERE ON THE NET as an additional option.

I know this works for 6.5 and I believe it was there in 6.0.1.  Any place that /server-manager is available /user-password is also available.  This means that if you add something as a local network or add exceptions to the remote access panel that /user-password will also be available from there.  It will never be available outside the local network by default but you know know how to unsecure your system.

-Shad

[zoi]

And thanks for the reply.

Yes by adding the network of 0.0.0.0 to your local network anyone can from anywhere change their password. (and access the admin section).

I was hopeing to seperate the 2.

Thus allow me to maintain a certain level of security while also allowing users to change their passwords.

Seperately I wanted to force to use of secure sessions for /server-manager and /user-password by means of automatically moving attempts using http across to https.

I have 6.0.1 and I have 0.0.0.0 set as local networks.

Id rather have the option to allow /user-password access from the net, with /server-manager limited to local.
and Id like everyone to be forced into secure sessions.

Thanks for listening.

[CharlieBrady]

Which version of SME is that with because its not on mine, I am running  SME Server 6.0.1-01.  and there is no such screen as a part of the default installation.

?!?

Try:

https://servername/user-password/

[zoi]

Which version of SME is that with because its not on mine, I am running  SME Server 6.0.1-01.  and there is no such screen as a part of the default installation.

?!?

Try:

https://servername/user-password/

Sorry but if you read my original suggestion, you would have noticed that this page IS NOT AVAILABLE FROM ANYHERE ON THE NET unless ofcourse you consider the entire internet as being a local network.

I am suggesting, that the user-password screen be able to be seen from anywhere on the net without server-manager also having to be available to the entire internet, and without having to have the entire internet considered as your local network.

Sorry CharlieBrady, please go back to the top and actually READ the suggestion, and then try to understand it.

[CharlieBrady]

Sorry CharlieBrady, please go back to the top and actually READ the suggestion, and then try to understand it.

Sorry, I was just correcting Jeff's typo.

You're quite right, the URL I offered isn't available from the entire Internet. I think that's a good thing. Obviously you disagree.

Have you considered having your users use VPN connections to gain access to the user password panel? That's what I'd recommend.

[zoi]

You're quite right, the URL I offered isn't available from the entire Internet. I think that's a good thing. Obviously you disagree.

Have you considered having your users use VPN connections to gain access to the user password panel? That's what I'd recommend.

No VPN does not suit my needs, and I can see how having access would not suit everyones needs. So I agree with you there.

What I'd like is the options as either.

No Access.
Local Access.
or Anywhere Access.

and seperately

Allow secure (https) and Unsecure (http)
or Force Secure (https) only, (ie forward http to https).

By the number of posters commenting about how this can be done and how it can do it now etc etc... it honestly doesnt seem like a Suggestions forum.

So I admit, its not an option which everyone would want or need, But I can see people would want it, just not all of them.