Topic: Public user registration form (panel)

[oMQYN0AvPB]

As far as I am concerned this does not exist (at least yet), right?

For clarification, I mean the ability of a new user to register on a public available registration form.

[Stefano]

can you clarify what are you talking about?

in other words, colud you please define your problem and not your solution?

TIA

[oMQYN0AvPB]

OK (sorry for the reverse approach!)

I want someone without an account to be able to become a (mail) user in the server via a registration system.

The specifics of which are not important right now because I haven't found anything similar or relevant at all.

[Stefano]

this feature is not available in SME server..
the fact is that every user is, basically, a system user
SME stays for Small Medium Enterprise and in such an environment nobody will let an user to create a email account.

that said, you should reconsider thew idea of using SME if you are willing to offer (lets say) something like a freemail feature to your users..

hope my english is clear enough

[oMQYN0AvPB]

Thanks for the reply.

I know it is intended for small/medium setups, and that is what I have.

I don't want to offer freemail. I just want to simplify the process of user creation.

For instance, the user submits a request, then the administrator gets a notification of the request, and he approves it or not.
If he approves it, the user creation script runs and the user is notified (on his existing email) of the success.

I guess I'll have to write it on my own

[Stefano]

you should/could start from userpanel contrib and, of course, from bugzilla

in any case, since you said

the administrator gets a notification of the request, and he approves it or not

and the creation of an user account is a matter of.. seconds, I can't see a big difference

[oMQYN0AvPB]

No there isn't a big difference.

Just that the administrator will not bother with user names, email addresses, and what else the user wants (addresses phones etc.)

[Stefano]

"the user wants"..

what the user wants is, basically, unrelevant

you should think at him as a 6 years old child.. he has no idea of what he really needs

all IMVHO

[oMQYN0AvPB]

As an old colleague and friend said, "We should treat users like sheep."

I know it's a bit harsh, but he was referring to users of an IPTV service

And when the product is TV, you can't expect nothing more !

[janet]

Kidlike

The functionality you are asking for does not exist in a default SME server.
Also there are no add on contribs that I am aware of that will give that functionality.

Here is what you could do utilising an existing contrib & standard SME server functionality.
Minimally a new user would send an email request (you could even have a form filler page to do that), then the administrator adds the basic details of username & password, firstname & surname in server manager User panel.
The administrator would install the user manager (smeserver-userpanel contrib), then users can access that to change their password.
Note that the email address is determined by the user name, unless you add pseudonyms.
When the administrator sets up the new user initially, he would also have to enable limited access to user manager.
Exactly how much access is allowed & to what panels is really your decision.

The only issue is that external (remote) user manager access from all locations (public IP's ) has to be allowed, which is potentially a security risk.
Just ensure that user password security is set to highest, I think the SME server default should be OK, so as to prevent users from creating simple easily crackable passwords.

If you just want to provide email, then is webmail sufficient ?

Otherwise you have a significant coding job to do, & you will be tapping into areas of SME server that are then vulnerable from a security viewpoint, & in effect opening a "channel" for hackers to try & gain access to your server backend.
If you go this route, then take a lot of care with the quality of your code.

For a small user base I do not see my suggested method as being cumbersome, but for a large user base you should use a OS system specific to your purpose, ie something a small ISP would use etc. SME is not really the right product.

Read the Pseudonyms section of the Manual for further details of domain based email address issues, & workarounds. This also involves webmail & default return email addresses, so some careful thought is needed before implementing all this (depending on your requirements etc).

[oMQYN0AvPB]

Hello Janet and thanks for the reply.

What you are describing is how I currently operate.

By the way, I have only the user-manager and webmail (actually roundcube) open for public IPs.

I am too concerned about security. I would not integrate the registration system inside SME (I don't have the time to understand and use the internal mechanisms of SME server to do so anyway).
Instead on a separate one, that will communicate with SME server via a secure channel. I don't believe I could be hacked on a service so simple as a registration form... I have not been (yet) on very large ones

Best regards!

[janet]

Kidlike

It would be good if you told us what you are doing in future, then we do not waste our time suggesting something you are already doing.

I don't believe I could be hacked on a service so simple as a registration form...

Don't be too overconfident, with a few cross vulnerabilities in different systems (php etc), then anything is possible with poor or inadequate code.

[oMQYN0AvPB]

It was a bit out of scope, regarding the question, for me to explain how I already work.
I didn't ask for how to register a user. I just asked if a user registration panel exists, and was already covered by Stefano.

But I apologise for your time anyway. I know how it feels..