diff options
Diffstat (limited to 'account/commands.mdwn')
-rw-r--r-- | account/commands.mdwn | 68 |
1 files changed, 68 insertions, 0 deletions
diff --git a/account/commands.mdwn b/account/commands.mdwn new file mode 100644 index 0000000..1b2a2f7 --- /dev/null +++ b/account/commands.mdwn @@ -0,0 +1,68 @@ +# Account maintainance commands + +## Normal users + +### Create new account + + 1. Have the following information ready: + * Full name + * Cellphone number + 2. Pick a username: + * Start with the initials of the user + * Include also second letter of either first name or surname + * Add a trailing number if necessary (or better: third letter of first name or surname) + * The result should be practical (short and related to the name of the user) but must not be a nickname or initals: A username is comparable to the shape of a key - the user may get confused in every day use if it looks like a toy or jewelery! + 3. Generate some random passwords and create the account using a good one (pronaouncable but meaningless) of those codes: + + (user=<username>; gpw && adduser $user && chage -M30 -W14 $user) + + * Full name: Full name (Capital and small letters allowed, as is space and special characters, but no comma!) + * Room number: Primary group within the organisation + * Work phone: POTS phone number (optional) + * Home phone: Cellphone number + * Other: leave this blank for now (do not unclude email hints yet!) + 4. Compose an email based on the introEmail skeleton: + * If an ouside working email address has been provided, then use that as recipient. Alternatively use the contact person of the new user (teacher, boss etc.) as recipient. + * Add <username>@users.kaospilot.no as Cc:. + * Add tech@lists.kaospilot.no as Reply-To:. + 5. Send a cellphone text message to the new user with the following text: + + Du har fået ny adgangskode. Den skal ændres inden 14 dage - se websiden https://wiki.kaospilot.no/BrugerKonto og check din mail. Koden er: <adgangskode> + +FIXME: Gør denne rutine semi-automatisk: Valg af adgangskode og udsendelse af sms bør ske automatisk. + +### Attach groups to account + + 1. Attach the account to relevant organisational groups: + + (user=<username>; for group in <group1> [<group2> ...]; do adduser $user $group; done) + +### Add/replace additional email addresses to account + + + +## Extend password lifespan + +When a user has changed password into something personal, the password lifespan is extended to 1 year: + + (user=<username>; chage -M360 -W30 $user) + + +TODO: The above command should ideally never ever be invoked manyally, but automatically through PAM + +## Reset password + + (user=<username>; gpw && finger $user && passwd $user && chage -M30 -W14 $user) + +== Varsel om udløb af adgangskode == + + 1. Læg mærke til logbeskeder om adgangskoder der snart udløber + 2. Send en sms med følgende besked: + Du skal ændre din adgangskode - den udløber snart! Læs hvordan og hvorfor på websiden http://wiki.kaospilot.no/BrugerKonto + +TODO: Omskriv som automatisk syslog-ng plugin eller cron script tilknyttet en sms gateway. + +=== Udløbstid for konti med varighed under 100 dage === +{{{ +(group=<gruppe>; echo $group:; for user in `members $group`; do chage -l $user|egrep -q '^Maximum:[[:blank:]]*[0-9]{2}$' && printf $user'\t' && chage -l $user|egrep '^Password Expires:'; done) +}}} |