Difference: ManagingUsers (7 vs. 8)

Revision 82010-05-15 - TWikiContributor

  Manage Users
 On this page: 
  Authentication and Access Control
   List Users
   Register Users
   Query and Edit User Account Data (Passwords, E-mails)
   Changing User Account Names
   Removing User Accounts
   Customizing registration Emails.
-<
<
+ Some of the features below may be disabled, depending on your TWiki
configuration.
->
>
+ Some of the features below may be disabled, depending on your TWiki configuration.
  Authentication and Access Control 
 

 TWikiUserAuthentication describes your options for user authentication
-<
<
+ TWikiAccessControl describes how to define groups and how to restrict     access to content
->
>
+ TWikiAccessControl describes how to define groups and how to restrict access to content
  Register User
-<
<
+You don't have to have user home pages in TWiki for Authentication to
work - see TWikiUserAuthentication for details.
->
>
+You don't have to have user home pages in TWiki for Authentication to work - see TWikiUserAuthentication for details.
-<
<
+ TWikiRegistration is used when you want new users to individually     register with TWiki by filling out a form
  You can create a custom versions of NewUserTemplate and     UserForm
  BulkRegistration is used by administrators to register multiple users at     the same time
->
>
+ TWikiRegistration is used when you want new users to individually register with TWiki by filling out a form
  You can create a custom versions of NewUserTemplate and UserForm
  BulkRegistration is used by administrators to register multiple users at the same time
  Change, Reset and Install Passwords 

Note that the below features are only relevant when you use an internal password manager where TWiki can set and reset passwords.
-<
<
+ ChangePassword is for users who can remember their password and want to     change it
  ResetPassword is for users who cannot remember their password; a system     generated password is e-mailed to them
  BulkResetPassword if for administrators who want to reset many passwords     at once
  ChangeEmailAddress changes the hidden email address stored in the password     file
->
>
+ ChangePassword is for users who can remember their password and want to change it
  ResetPassword is for users who cannot remember their password; a system generated password is e-mailed to them
  BulkResetPassword if for administrators who want to reset many passwords at once
  ChangeEmailAddress changes the hidden email address stored in the password file
  Changing User Account Names 

To change the user's WikiName:
-<
<
+ Rename the user's TWiki homepage in the Main web, such as     from JaneSmith to JaneMiller. 
 Fix backlinks in the Main web only
->
>
+ Rename the user's TWiki homepage in the Main web, such as from JaneSmith to JaneMiller. 
 Fix backlinks in the Main web only
  Make sure the group topics are updated (if any.)
-<
<
+ Edit the Main.TWikiUsers topic and move the user's entry so     that the list is in proper alphabetical order.
  Recreate the old topic with a pointer to the new topic, so that links     in other webs work properly. Example content:
->
>
+ Edit the Main.TWikiUsers topic and move the user's entry so that the list is in proper alphabetical order.
  Recreate the old topic with a pointer to the new topic, so that links in other webs work properly. Example content:
      %M% Jane Smith is now known as JaneMiller

If external authentication is used and you want to change the login name:
-<
<
+ The login name needs to be changed in the authentication server (e.g.     Active Directory)
  In TWiki's Main.TWikiUsers topic, fix the mapping from     login name to WikiName:
->
>
+ The login name needs to be changed in the authentication server (e.g. Active Directory)
  In TWiki's Main.TWikiUsers topic, fix the mapping from login name to WikiName:
         * JaneSmith - jsmith - 13 Sep 2006 
 
     to: 
 
        * JaneMiller - jmiller - 13 Sep 2006
 To remove a user account (FredQuimby, who logs in as "fred"):
-<
<
+ If you are using a .htpasswd file, edit the .htpasswd file to     delete the line starting fred: 
 Warning: Do not use the Apache htpasswd program with        .htpasswd files generated by TWiki! htpasswd wipes out email        addresses that TWiki plants in the info fields of this file.
 
  Remove the FredQuimby - fred line from the Main.TWikiUsers     topic
  Remove FredQuimby from all groups and from all the      ALLOWWEB/ALLOWTOPIC... declarations, if any.
  Note: If you      fail to do this you risk creating a security hole, as the next user to      register with the wikiname FredQuimby will inherit the old      FredQuimby's permissions.
  [optional] Delete their user topic Main.FredQuimby     (including attachments, if any.)
 

Note: Consider leaving the user topic file in place so their past signatures and revision author entries don't end up looking like AnUncreatedTopic .
If you want to make it clear the user is no longer around, replace the topic content with a note to that effect.
The existence of the UserName topic should also prevent that user name from being re-used, sealing the potential security hole regarding inherited permissions..
->
>
+ If you are using a .htpasswd file, edit the .htpasswd file to delete the line starting fred: 
 Warning: Do not use the Apache htpasswd program with .htpasswd files generated by TWiki! htpasswd wipes out email addresses that TWiki plants in the info fields of this file.
 
  Remove the FredQuimby - fred line from the Main.TWikiUsers topic
  Remove FredQuimby from all groups and from all the ALLOWWEB/ALLOWTOPIC... declarations, if any.
  Note: If you fail to do this you risk creating a security hole, as the next user to register with the wikiname FredQuimby will inherit the old FredQuimby's permissions.
  [optional] Delete their user topic Main.FredQuimby (including attachments, if any.)
 

Note: Consider leaving the user topic file in place so their past signatures and revision author entries don't end up looking like AnUncreatedTopic . If you want to make it clear the user is no longer around, replace the topic content with a note to that effect. The existence of the UserName topic should also prevent that user name from being re-used, sealing the potential security hole regarding inherited permissions..
  Customizing registration Emails.
->
>
 TWiki's Registration can send 3 emails who's output is governed by templates:
->
>
  User registration confirmation - templates/registerconfirm.tmpl
  User registration notification - templates/registernotify.tmpl
  Email to notify the TWiki admin of registration - templates/registernotifyadmin.tmpl
  User registration notification - templates/registernotify.tmpl
  Email to notify the TWiki admin of registration - templates/registernotifyadmin.tmpl
-<
<
+As these are TWikiTemplates, they can be customized and selected using the SKIN path setting.
Because there are default tmpl files in the templates dir, this cannot use Template topics.
->
>
+As these are TWikiTemplates, they can be customized and selected using the SKIN path setting. Because there are default tmpl files in the templates dir, this cannot use Template topics.
-<
<
+These template files have a specific format that matches the raw format of emails sent via SMTP,
so be careful and test your changes. It is easiest to start by copying the default templates:
->
>
+These template files have a specific format that matches the raw format of emails sent via SMTP, so be careful and test your changes. It is easiest to start by copying the default templates:
 cd twiki/templates
 cp registerconfirm.tmpl registerconfirm.myskin.tmpl
cp registernotifyadmin.tmpl registernotifyadmin.myskin.tmpl
-<
<
+then add myskin to the beginning of the SKIN setting in TWikiPreferences.
->
>
+then add myskin to the beginning of the SKIN setting in TWikiPreferences.
 From this point on, your myskin templates will be used for the registration emails.
-<
<
+To make it possible for TWikiUsers  to modify the email contents, you could use a parameterized %INCLUDE%
statement in your customized version. eg:
->
>
+To make it possible for TWikiUsers  to modify the email contents, you could use a parameterized %INCLUDE% statement in your customized version. e.g.:
 From: %WIKIWEBMASTERNAME% <%WIKIWEBMASTER%>
     EMAILADDRESS="%EMAILADDRESS%"
}%
-<
<
+ note the use of %WIKINAME%, %FIRSTLASTNAME%, %EMAILADDRESS% passed in from the INCLUDE so that the topic below is similar to the original template
-<
<
+and then create a topic Main.RegisterNotifyEmail:
->
>
+Note: The use of %WIKINAME%, %FIRSTLASTNAME%, %EMAILADDRESS% passed in from the INCLUDE so that the topic below is similar to the original template.

And then create a topic Main.RegisterNotifyEmail:
 Welcome to %WIKITOOLNAME%.
 Submitted content:
%FORMDATA%
-<
<
+ META PREFERENCE 
 name="ALLOWTOPICCHANGE" title="ALLOWTOPICCHANGE" type="Set" value="Main.TWikiAdminGroup"
- META PREFERENCE
+ name="ALLOWTOPICCHANGE" title="ALLOWTOPICCHANGE" type="Set" value="Main.TWikiAdminGroup"
->
>
+ META PREFERENCE 
 name="ALLOWTOPICCHANGE" title="ALLOWTOPICCHANGE" type="Set" value="Main.TWikiAdminGroup"
- META PREFERENCE
+ name="ALLOWTOPICCHANGE" title="ALLOWTOPICCHANGE" type="Set" value="Main.TWikiAdminGroup"
-<
<
+ remember to secure the topic appropriately to prevent attackers from getting emailed sensitive passwords.
->
>
+Note: Remember to secure the topic appropriately to prevent attackers from getting emailed sensitive passwords.
 Related Topics: AdminDocumentationCategory

View topic | History: r9 < r8 < r7 < r6 | More topic actions...

Copyright © 1999-2025 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback
Note: Please contribute updates to this topic on TWiki.org at TWiki:TWiki.ManagingUsers.