Topic: SARG reporting options?

[haymann]

I am wondering if anyone has any idea on how to give someone other than the server admin access to SARG reports? I have a potential customer that wants to monitor web usage and I think SARG would work great, but I don't want them to have full-access to /server-manager... I am wondering if someone might know how the reports could be emailed (but still be usable), or maybe how to get the reports to appear on a different page (i.e. server-name/sarg)?
Thank you in advance,
Ryan

[cjensen]

You could allow them access with dungog's user-panels contrib.

http://sme.dungog.net/packages/smeserver/7.0/i386/RPMS.dungog/smeserver-userpanel-0.9-10.noarch.rpm

Or you could create a script to 'mail' the daily reports to someone.

Craig

[haymann]

Thanks for the idea of user-panels, I had totally forgotten about that.

I can't get SARG to work right though. I log in as the user I want to have access, and when I click on SARG it prompts me to login again (something I noticed awhile back) and I have to use the admin credentials to view the reports... Kind of defeats the purpose...
Thanks!
Ryan

[cjensen]

If I remember right the sarg reports dir has a template requiring admin auth.  
yeah it does:

Code: [Select]


AuthName "SME Server Manager"
AuthType Basic
AuthExternal pwauth
require user admin


Since it is a redirect from the server-manager page to the web viewable reports page it is a bit different than the other panels.  I had not thought of that either.  you 'could' custom template that fragment and either allow that specific user or require authuser.  That would make it viewable by that user but also by any other authuser (if they know where to look).

I have been playing around a bit with custom-templating the /etc/cron.daily/sarg script to have it mail that report somewhere.  That may be an option.

Craig

[Franco]

If you have the latest version of SME (updated) then you need these instructions:
http://forums.contribs.org/index.php?topic=35924.0

[haymann]

you 'could' custom template that fragment and either allow that specific user or require authuser.  That would make it viewable by that user but also by any other authuser (if they know where to look).

I have been playing around a bit with custom-templating the /etc/cron.daily/sarg script to have it mail that report somewhere.  That may be an option.
Craig

I guess that I am not too concerned about other users being able to view that even if they did know where to look, in fact this customer might not want to setup a DC or email so there is a good chance that there will only be one or two user accounts created anyway... Is "authuser" the term that I would use, and that would allow any SME user to view the report (assuming that I gave them access to the panel)?

If you come up with something on the email reporting I would be interested to see that as well. I didn't know what the reports would look like if mailed as you have quite a few options on the web page...

Also, I created bug 2931 to try to resolve being prompted for the username and password again when accessing the SARG reports. I trust that I am not the only one that sees that, as I have seen it on a couple different servers...
Thanks again,
Ryan

[haymann]

If you have the latest version of SME (updated) then you need these instructions:
http://forums.contribs.org/index.php?topic=35924.0

I have the latest version of SME and user-panel, and it looks to me like user-panel is functioning perfectly. Did I miss what you are pointing at?
Thanks,
Ryan

[Franco]

I have the latest version of SME and user-panel, and it looks to me like user-panel is functioning perfectly. Did I miss what you are pointing at?
Thanks,
Ryan

Then you just discovered a bug, and  and should report to bugtracker.
Are all the rpm's you're using from Dungog?

[bpivk]

I have the latest version of SME and user-panel, and it looks to me like user-panel is functioning perfectly. Did I miss what you are pointing at?
Thanks,
Ryan

Then you just discovered a bug, and  and should report to bugtracker.
Are all the rpm's you're using from Dungog?

It's not a bug. The latest user-pannel doesn't make any problems when upgrading only the older versions (0.9-9 if i'm not mistaken) had this problem.

[Franco]

I meant Sarg, or both?

[haymann]

Then you just discovered a bug, and  and should report to bugtracker.
Are all the rpm's you're using from Dungog?

Yes, all packages are from Dungog. Hopefully you saw in one of my posts a little to the North of here that I did raise a bug about being prompted for username and password again after already entering it and entering server-manager. This behavior with SARG reports did not change when I accessed SARG Reports from the user-manager page. To restate, SARG Reports prompts for username and password from server-manager and from user-manager pages.

The only difference is that the user that I am using for user-manager is not admin so I can not access SARG Reports at all. As cjensen pointed out a little earlier this is built into SARG that it requires admin credentials as default.

Am I misunderstanding you completely? I apologize if I am.

So to make a long story short:
It looks to me like SARG and user-panel are functioning as designed. For my situation though I would like to modify SARG so that a user other than admin can view the report. I will explore cjensen's idea of a custom template to get around that. Now it would be nice not to have to enter my username and password twice to see the SARG Reports (once to login to SME Server, once when clicking SARG Reports) and I have raised a bug to that effect.

Thanks for all the help!
Ryan

[bpivk]

Am I misunderstanding you completely?

No. You've got it. The last post was about updating SME with older contribs installed and is not related to auth.

User-pannel won't help you because the SARG template is started after you connect to the SARG report page so you should make a custom template for another user (like cjensen said in his post).

[haymann]

OK, I don't know what I am doing, but I was trying to figure out how to custom template the fragment that deals with admin auth without asking (but I think I will probably need some help anyway...). I stumbled upon /etc/sarg/sarg.conf There is an option in there to output email, would enabling that do the trick? (for email, not allowing users other that admin) I don't want to edit the file directly as I am guessing this needs to be another custom template task?
Ryan

[haymann]

OK, I need some help on the custom template process...

Here is what I did, can someone show me the error of my ways?
1. I copied 90e-smithAccess20sarg to /etc/e-smith/templates-custom/etc/conf/httpd.conf (edit: I should point out that I had to create the etc, conf, and httpd.conf directories as they didn't exist. I used WinSCP and also used WinSCP to copy the file I mention below. I don't know if that means anything...)
2. I modified the copied version of 90e-smithAccess20sarg from this

Code: [Select]

AuthName "SME Server Manager"
AuthType Basic
AuthExternal pwauth
require user admin to this

Code: [Select]

AuthName "SME Server Manager"
AuthType Basic
AuthExternal pwauth
require user authuser
3. I ran this

Code: [Select]

expand-template /etc/httpd/conf/httpd.conf
4. Then this

Code: [Select]

etc/rc.d/init.d/httpd-e-smith restart
5. I then logged into user-manager using the non-admin account that I am testing.
6. I clicked SARG Reports and was prompted for my username and password. The non-admin account does not work, but the admin account still does.

Where did I go wrong? This process was gleaned from a number of posts, but it was mostly guess work...

B-t-w, how do you experts know where to look for settings files like this? To find 90e-smithAccess20sarg I had to open the smeserver-sarg rpm with 7-zip and dig through all the files in the rpm until I came across this one that has the settings in it that cjensen mentioned initially. There has to be a faster way right?
Thanks,
Ryan

[haymann]

Well I know this isn't the proper way, but commenting out the "require user admin" line in /etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess20sarg gets rid of the prompting for password and lets the test user I created access the reports.

When I tried changing the line to "require user authuser" I could not access the reports as any user even admin...