Show pagesourceOld revisionsBacklinksBack to top Share via Share via... Twitter LinkedIn Facebook Pinterest Telegram WhatsApp Yammer RedditRecent ChangesSend via e-MailPrintPermalink × Table of Contents Self-service-password changes on NethServer Installation Testing Configuration Self-service-password changes on NethServer I run my NethServer installation at home, but many of my users are family users in other locations. I wanted them to be able to change their passwords without messing with a VPN, and without exposing the server-manager to the whole Internet. Self-service-password was the answer that was suggested to me. Caution: These instructions have received only minimal testing at this point, particularly in an Active Directory environment. Use at your own risk. Installation Begin by installing the danb35_repository. You'll then need to manually add the LTB repository. To do that, run: nano /etc/yum.repos.d/ltb-project.repo Its contents should be: [ltb-project-noarch] name=LTB project packages (noarch) baseurl=https://ltb-project.org/rpm/$releasever/noarch enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-LTB-project Then import the signing key: rpm --import https://ltb-project.org/wiki/lib/RPM-GPG-KEY-LTB-project Finally, install the packages: yum --enablerepo=danb35,ltb-project-noarch install nethserver-self-service-password Testing Browse to https://yournethserver/ssp. You should see a page like this: You'll be unable to change the admin user's password for security reasons, but any other user can. Configuration There are several configuration properties under the ssp key, as described below: Property Default Description UseDefaultHost enabled Make self-service-password available on the default virtual host. To disable, set to disabled. DefaultPath /ssp Path to self-service-password on the default virtual host (if enabled). Must include the leading slash. UseVhost disabled Use a dedicated virtual host for self-service-password. Set to enabled to enable. VHostName ssp.$DomainName If using a dedicated virtual host, the fully-qualified domain name for that virtual host (e.g., password.yourdomain.com). UseEmail false Enable password resets by email token. This will allow users who have forgotten their passwords to email a reset token to their local email address. On clicking that link, they'll be able to reset their password. To enable, set to true. This option is unlikely to work in an Active Directory environment. Use the standard configuration database commands to change these settings, e.g., config setprop ssp UseEmail true. After making any changes, run signal-event nethserver-self-service-password-update. userguide, ht v7, ht application, module userguide/self-service-password.txt Last modified: 2021/07/31 01:56by Dan Brown