EditAttachPrintable
r5 - 14 Sep 2006 - 23:48:11 - TWikiContributorYou are here: TWiki >  TWiki Web > ManagingUsers

Manage Users

Register users on your TWiki site; change/reset/install passwords; remove user accounts

Authentication and Access Control

Register User

It is not necessary to have user home pages in the TWiki system for Authentication to work - see TWikiUserAuthentication for details.

  • TWikiRegistration is for users to fill out a form
  • NewUserTemplate can be changed to customize user home pages, it can optionally use the UserForm to define user fields as meta data
  • BulkRegistration is for administrators to use to set up one or more accounts: either from a table or from an external file

Change, Reset and Install Passwords

  • ChangePassword is for users who can remember their password and want to change it
  • ResetPassword is for users who cannot remember their password; a system generated password is e-mailed to them
  • BulkResetPassword if for administrators who want to reset many passwords at once

Changing User Account Names

To change the user's WikiName:

  • Rename the user's TWiki homepage in the Main web, such as from JaneSmith to JaneMiller.
    • Fix backlinks in the Main web only
    • Make sure the group topics are updated (if any.)
  • Edit the Main.TWikiUsers topic and move the user's entry so that the list is in proper alphabetical order.
  • Recreate the old topic with a pointer to the new topic, so that links in other webs work properly. Example content:
    %M% Jane Smith is now known as JaneMiller

If external authentication is used and you want to change the login name:

  • The login name needs to be changed in the directory server, such as AD or LDAP
  • In TWiki's Main.TWikiUsers topic, fix the mapping from login name to WikiName such as from:
       * JohnSmith - john - 13 Sep 2006
    to:
       * JohnSmith - jsmith - 13 Sep 2006

Removing User Accounts

To remove a user account (FredQuimby, who logs in as "fred"):

  1. If you are using a .htpasswd file, edit the .htpasswd file to delete the line starting fred:
    • Warning: Do not use the Apache htpasswd program with .htpasswd files generated by TWiki! htpasswd wipes out email addresses that TWiki plants in the info fields of this file.
  2. Remove the FredQuimby - fred line from the Main.TWikiUsers topic
  3. Remove FredQuimby from all groups and from all the ALLOWWEB/ALLOWTOPIC... declarations, if any.
    Note: If you fail to do this you risk creating a security hole, as the next user to register with the wikiname FredQuimby will inherit the old FredQuimby's permissions.
  4. [optional] Delete their user topic Main.FredQuimby (including attachments, if any.)

Note: Consider leaving the user topic file in place so their past signatures and revision author entries don't end up looking like AnUncreatedTopic? . If you want to make it clear the user is no longer with the organization or has been banished, replace the topic content with a note to that effect. The existance of the UserName topic should also prevent that user name from being re-used, sealing the potential security hole regarding inherited permissions..

Related Topics: AdminDocumentationCategory

Edit | Attach | Printable | Raw View | Backlinks: Web, All Webs | History: r5 < r4 < r3 < r2 < r1 | More topic actions
 
DIUM
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback
Note: Please contribute updates to this topic on TWiki.org at TWiki:TWiki.ManagingUsers