Feature changed by: Haripriya Srinivasaraghavan (sharipriya) Feature #306428, revision 2 Title: Reduction and management of the proxy users in a OES deployment Requested by: Haripriya Srinivasaraghavan (sharipriya) Description: ECO for: 1) A proxy user screen at the beginning of OES installation, where the following fields would be present * A proxy user input field which is auto-populated with a proxy user from the relevant scope - this could be a name of the user if already existing, or the name of a new user to create. The name entered in this field will become the default “OES proxy user” for all the services on that server. * A proxy user password field which will be filled by the install user. * A radio button which allows the administrator to select creation of proxy users at any of various levels/scope– * one proxy user per service per server * one proxy user per server (Default) * one proxy user per partition * one proxy user per tree * For all the services using proxy user, the proxy user and password fields will be auto-populated. The services will add the required rights or policies to this proxy user. * Based on the granularity of proxy users, this utility will allow the administrator to reset the proxy user passwords of the proxy user for all the services on a given OES box. 2) A utility to change all the proxy user passwords with one command. + Discussion: + #1: Haripriya Srinivasaraghavan (sharipriya) (2009-05-13 11:30:40) + + ...snipped... + The admin (LDAP) user and password are generated in two places in the + OES install. If eDir is to be installed on the box, then one of the + eDir screens contains this information. If eDir is not to be installed + on the box then there is an LDAP screen which contains this data. For + this ECO, we would add GUI in both of those places to handle the proxy + user as described in the ECO. The data in these screens would be + defaulted to a well-known name (e.g. "oes_proxy_user") and would be + located in the server's context (e.g. "cn=oes_proxy_user.o=". We could + also auto-generate a password. Radio buttons would also be on this + screen for "partition-wide" and "tree-wide" with a default set. The + values entered in these screens would be passed down to a script to be + provided to me (developed in India) that will do the work of proxy- + configuration, etc. Also, the values entered in these screens will be + the defaults for proxy users in the product configuration screens for + the product that currently have proxy users. I would estimate about 3 + days to implement and unit test my piece (new GUI and logic) of the + above. + Mark T. Clark + ...snipped... -- openSUSE Feature: https://features.opensuse.org/306428