Topic: Is there an experienced user who could make an adjustment ?

[zoi]

I need to allow users to change their user-password via https:// from anywhere on the internet.

Simple requirement.

If I am unable to achieve this I may need to look at other distros similar to SME which do allow it, but considering that its likely to simply be sometype of configurable permission, can somebody possibly complile an adjust for this ?

or otherwise maybe build a seperate user-password update facility which is open to inbound https requests ?

I ask because I have NFI how to do much with linux based systems, and because there have been several posts requesting the same.

Would anyone like to have a stab at this for everyone ?

[Normando]

Of course you can. SME Server is great. I'm a newbie, and I use the Password extension from Webmail. Each user can modified the password into their email account.

[raem]

Dear PicsOne

> "I use the Password extension from Webmail. Each
> user can modified the password into their email account"

Would you please give us a bit more specific information about what is involved to do this ?
Thanks

[Normando]

Go to:
http://mirror.contribs.org/smeserver/contribs/dmusty/SME6.0/webmail/
and upgrade webmail. Read the Readme.txt first. Then, go to passwd directory and install the password extension.
That's all.
Recently I browse D Musty directory, and see remove passwd rpm for testing. Unfortunately I not have a copy for this contrib. But if you go up to SRPMS directory you found passwd-2.2-3es.src.rpm
Good luck

[zoi]

I read that the horde webmail password extension corrupts the ability to add new users and adjust other settings, (which might be why its been removed for testing).

I would think a small adjustment to allow a few extra options in the server-manger screen to switch on/off the ability for users to access the user-password screen from not at all/local network only/anywhere on the internet would be faiyly simple to impliment. With a second option to allow "http: or https:" OR "force https: only"

I dont have a test system to test out the horde webmail password option. I cant afford to re-build the machine if the system does become corrupted from the add-on.

[Normando]

Hi Zoi. You can:
cd /etc/e-smith/templates/etc/httpd/conf/httpd.conf/
cp 92ProxyPassPassword /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/

In the file 92ProxyPassPassword under templates-custom (not templates only) edit:
Bellow:
ProxyPass /user-password http://127.0.0.1:980/user-password/
<Location /user-password>
    order deny,allow
    deny from all
Replace:
{
    $OUT .= "    allow from $localAccess\n";
}
With:
     allow from all

The users can now modified the password http://your_host/user-password

Ofcourse you can force ssl (HTTPS) and customize other settings such as allow from ...
And you can make server-manager add-on to place your settings, but I don't have experiency with server-manager event.
If you have knowledeg you can modified /etc/e-smith/web/functions/emailsettings to include the user-password ability.
I hope this help you

[zoi]

Thanks for that.

Your adjustment does indeed allow anyone on the internet access to my http://.../user-password screen.

It does NOT however allow users access to the https://.../user-password screen.

As you can imagine, I'd prefer it the other way around.

At least, I have some idea as to what I'm looking for now. I'll have a look for the Secure http version, unless someone already knows it and would like to share.

Thanks again.

[zoi]

Anyone able to assist with this ?

As noted the adjustment above works for http:// but not https://

I really would prefer it was the other way around.

I have had a look for how to do this, but its like looking at the face of a clock, with no idea what a wheel or cog is, let alone how they can work inside.

Please pretty please.

[nkevans]

Isn't this covered by the User-Manager panel that can be added to SME?  It can be found at http://www.dungog.net/sme/files/userpanel/.
This can be configured to allow users to change their passwords and can be accessed remotely via https://.

HTH
Nick