Koozali.org: home of the SME Server

General Clarification Of Users/Groups/Ibays Please

Offline Agent86

  • ****
  • 592
  • +0/-0
    • http://www.iclbiz.com
General Clarification Of Users/Groups/Ibays Please
« on: August 27, 2006, 05:00:10 PM »
Hi all

I've been using SME server now for a while but I'm not sure I really understand the concept of the Users/Groups/Ibays.

For example if I add a user, and then a group, and then an ibay and only allow a certain group to write/read, then does this effect who can ftp the ibay. And what is the ibay password for and is this necessary.

What I would like to do is create an ibay with basically only one user access to the ibay for uploading his website files and folders etc.

But it appears that no matter what changes I seem to make the user does not have access.

I'm trying to understand also what login method is needed to access this ibay.

I had assumed that the users in the group that could access the ibay would login with something like : ftp://user:pass@myaddress.com and this would get them in, however it appears this is only their email and user space.

So to access this ibay I've attempted varous things for this such as ftp://ibay:ibaypassword@myaddress.com

I'm just wanted to know the proper login method to the ibay for the user to put some files in there.

I've read all the documents I could find, however this does not appear to work.

I can ftp via admin to anything, but can't seem to get the user access to his ibay.

I know I'm repeating myself, I just can't figure this out.

Please clarify
Thanks

frond

Re: General Clarification Of Users/Groups/Ibays Please
« Reply #1 on: August 27, 2006, 05:43:48 PM »
Agent86

> For example if I add a user, and then a group, and then an ibay and
> only allow a certain group to write/read, then does this effect who can
> ftp the ibay. And what is the ibay password for and is this necessary.

You are confusing local file sharing access with web access, they are very different things.

The group membership affects local access (eg file sharing or VPN or user ftp), not web access or ftp access direct to the ibay.

The password you set for the ibay relates to web access, and in this case you access using username=ibayname and password=ibaypassword
This will only permit downloads.


> What I would like to do is create an ibay with basically only one user
> access to the ibay for uploading his website files and folders etc.

You are referring to ftp access, sme does not permit anonymous ftp access to ibays.
Read the ibay chapter in the manual and it clearly advises you MUST use secure ftp (sftp) to access the sme server and then cd to the ibay. If you do this you will be able to upload files.
Note you must use a ftp client that supports this (not all do), and you must login as a valid user on the sme server using the users username and password (not the ibay password). This will log you in to the users home folder and then you issue the cd /home/e-smith/files/ibays/ibayname/html command. You can then upload files.

This method does not limit the user to their own home folder, so it's a bit dangerous. This is a contrib from dungog that you can use to set where the user has access to eg smeserver-remoteuseraccess contrib from http://sme.dungog.net/packages/smeserver/7.0/i386/html/index_dungog.html.
You can specify that the user only has access to a certain ibay for example.

A combination of the above should achieve what you want.
Search on sftp for additional info as this has been answered before.

Offline Agent86

  • ****
  • 592
  • +0/-0
    • http://www.iclbiz.com
Ooohhh
« Reply #2 on: August 27, 2006, 05:54:30 PM »
Thanks I was reading those part about the ftp access, but I was definately confusing the web access portions.

Also when testing I am testing from a local machine so everytime I access with ftp or sftp and then cd to the directories I was able to write to just about any folder I pleased, except for the admin folder which was concerning me.

I think I understand this, but please confirm that with the current SME configuration without that addon thing you suggested, and using sftp program to and accesses the ibay, will they have any write or read access to the other ibays ? by using the sftp program ?

Thanks for help

frond

Re: Ooohhh
« Reply #3 on: August 27, 2006, 06:20:55 PM »
Agent86

>..access with ftp or sftp and then cd to the directories I was able to write > to just about any folder I pleased..

If you login using sftp as admin, then you will have access to everything.


>...without that addon thing you suggested, and using sftp program to and accesses the ibay, will they have any write or read access to the other ibays ? by using the sftp program ?

A user who logs in using sftp, will be able to access other ibays if their group permissions allow that. Problem is they can also move up the directory tree to areas of the server that you probably do not want users being able to move to.

I'd advise you to install the smeserver-remoteuseraccess contrib, as you can force the user to only have access to an ibay (if that's how you want to set them). It installs a nice server manager panel.

Offline Agent86

  • ****
  • 592
  • +0/-0
    • http://www.iclbiz.com
Thanks
« Reply #4 on: August 27, 2006, 07:16:17 PM »
Sorry to be so ignorant about this subject, but I'm just too far behind the learning curve here.

I can't figure out how to install this. I've looked at the add yum repositories etc. I don't really want that but I guess I'll do this anyhow.

I just want to install the rpm is there a simple how to for installing an rpm on SME that won't take a week to read and learn about?

Or isn't there a method of installing software from the server-manager using install software options, or would that be too easy?

Sorry for the sarcasm I'm haveing trouble understanding this

I've followed the instructions for setting up the repositories, now what about the install or file location? and can this be done from the SME server-manger ? or not ?

And regarding this part of the adding yum repositories ?

[ replace user:sescret below with your username:password ]

db yum_repositories set dungogMembers repository \
 BaseURL http://user:secret@sme.dungog.net/packages/smeserver/7.0/i386/dungogMembers \
 EnableGroups yes \
 GPGCheck no \
 Name 'SME Server 7 - dungogMembers' \
 Visible yes \
 status enabled

Is this the Admin user and password ?

Thanks

Offline raem

  • *
  • 3,972
  • +4/-0
Re: Thanks
« Reply #5 on: August 27, 2006, 08:33:25 PM »
Agent86

Go to the dungog link provided, and save the smeserver-remoteuseraccess rpm file to an ibay or user home folder on sme.
Use My network to select the location on your server
Then login as root to server using Putty (ssh) or directly on the server.
do
cd /home/e-smith/files/ibays/ibayname/files
or perhaps (depending where you saved the file)
cd /home/e-smith/files/users/agent86/home
ls -al
(to check the file name)
rpm -Uvh smeserver-remoteuseraccess*.rpm
the rpm should install
Then run server manager and you should see a new panel, configure as required.

There that wasn't hard !
...

Offline Agent86

  • ****
  • 592
  • +0/-0
    • http://www.iclbiz.com
Yep thanks
« Reply #6 on: August 27, 2006, 08:50:17 PM »
I actually found a instruction for yum also at http://dungog.net/sme/admin.php#remote

Thank for the help.

The main change in the panel that I can see is the
User remote access:

I'm guessing thats the main change for this?