Koozali.org: home of the SME Server
Legacy Forums => General Discussion (Legacy) => Topic started by: Gerard on September 17, 2003, 08:31:28 PM
-
Hi,
I installed SME Server 5.6. Great product, works fine.
But I have some users which will never login on the domain, but will only use the e-mail account. When they want to change the password they will need to go to:
http://www.domain.com/user-password
From inside (http://servername/user-password) I can access this page, but not via the internet. Does anyone know how I can get this working???
Second question: What can I do with the user-manager (http://servername/user-manager) and how can I get this working???
Thanks and greetings,
Gerard
-
Hello
this is how
you need to use
https://www.domain.com/user-manager note the ----HTTPS------
makes it secure
it will bring you to a login prompt enter your info
this will give you access to your account to change your password
or whatever other rights you have given them
forward mail
vacation message
etc
Greg
-
Making the user-password page visible to the world is only possible if you add the user's IP adress to local networks otherwise they can't change their password. If your user has a dynamic IP you should open a range of IP adresses for him / her.
Note that you create a security leak with this (and don.t use IP 123.123.123.123 with netmask 0.0.0.0)
Niels
-
Thanks both for your help.
I have it working now.
Only problem is the security leak by entering ip adres 0.0.0.0 and subnet 255.255.255.255. Everyone can have access to the user-manager and server-manager sites now. No idea how to solve it. Maybe no password change then via internet.
But again, thanks.
Greeting,
Gerard
-
...of course, they could connect via VPN, and then they'd be considered to be part of the local network. Or you could use an ssh client with tunneling, like putty (there's a contributed howto floating around here somewhere with instructions on that).