[LON-CAPA-admin] [was LON-CAPA-users] mass resetting internal aauth passwords

Jim Maxka jim.maxka at nau.edu
Sat Sep 16 12:23:23 EDT 2006 

This is a good thing.  I never noticed that the change password went 
away -- that must explain why I never had a problem.

For Lars or anyone else --
As far as setting up :LDAP, I am glad to help as well with my 
experience.  We use the localauth.pm module for loncapa only.  Hon-Kie 
sent me a script, the local network people gave me a login into their 
ldap server, a certificate and everything worked.

I also recommend this type of authentication  -- although I had to 
convert all the older accounts to the new authentication method via dc 
as has been stated.  So, the initial change was somewhat painful.

--Jim

Lars Jensen wrote:

> Hi Todd,
>
> What has to be done to use LDAP with lon-capa. Did you have to write 
> any scripts?
>
> Lars.
>
> Todd Ruskell wrote:
>
>> Jim,
>>
>> When I converted to LDAP authentication the "Change Password" option 
>> was removed.  That means I have to use the officially sanctioned LDAP 
>> password changer to do that.  Personally, I see that as a plus, since 
>> most students know how to change their email password, which on our 
>> campus equates to changing the password on the LDAP server. 
>> Todd
>>
>> On Friday 15 September 2006 01:40 am, Jim Maxka wrote:
>>
>>> While this topic is open, maybe someone can help me with this
>>> hypothetical situation -- which has never happened as far as I know.
>>>
>>> We use ldap authentication and so there should not be internal 
>>> passwords
>>> in the loncapa system for the students.  What happens if a student
>>> changes the password in Change Preferences.  Does this become the
>>> student's internal password?  If this were to happen and the student
>>> forgot the password, would this have to be reset to local 
>>> authentication?
>>>
>>> Just wondering -- Jim
>>>
>>> Lars Jensen wrote:
>>>
>>>> Hi Gerd and Ray,
>>>>
>>>> What's really needed is a service by which students can enter a
>>>> registered email address and get a new password, so instructors/DC's
>>>> doesn't have to be involved. I realize tha tnot all students
>>>> necessarily have a registered email with lon-capa, but whenever it
>>>> exists, it ought to be possible to get a new password via email.
>>>>
>>>> Lars.
>>>>
>>>> Gerd Kortemeyer wrote:
>>>>
>>>>> Hi,
>>>>>
>>>>>> On Thu, 14 Sep 2006, Ray Batchelor wrote:
>>>>>>
>>>>>>>     How can one quickly reset the passwords for a bunch of 
>>>>>>> internally
>>>>>>> authenticated students in a hosted course??  Course coordinators
>>>>>>> can't reset
>>>>>>> passwords, it seems to me.
>>>>>>
>>>>> On Sep 14, 2006, at 8:05 PM, lucasm at ohiou.edu wrote:
>>>>>
>>>>>> Have fun, Ray. This is a domain coordinator only ability as far as I
>>>>>> know.
>>>>>
>>>>> Yep. At some point, I would like to add the functionality that if a
>>>>> domain coordinator impersonates a course coordinator, they can upload
>>>>> class lists and overwrite the password. I have spend longer than I
>>>>> care to admit resetting passwords one-by-one by hand.
>>>>>
>>>>>> I have considered writing a script to do this, but I'm not sure this
>>>>>> is sanctioned behavior for root!
>>>>>
>>>>> A script is the way to go for now, I think. The file is
>>>>>
>>>>> /home/httpd/lonUsers/(your_domain)/(first)/(second)/(third)/(username)/p 
>>>>>
>>>>> assword
>>>>>
>>>>>
>>>>> for example
>>>>>
>>>>> /home/httpd/lonUsers/msu/k/o/r/kortemey/password
>>>>>
>>>>> For internally authenticated, it looks like this:
>>>>>
>>>>> internal:3XbDe45Bh
>>>>>
>>>>> where the latter is the encrypted password.
>>>>>
>>>>> Reset one password by hand, and copy that file to the rest of the
>>>>> users. Somebody probably already has a script like that ...
>>>>>
>>>>> BTW, the reason that course coordinators cannot do this is that the
>>>>> confusion would be great if a kid is already in some courses, and
>>>>> then their password gets messed up because they were added to another
>>>>> course. We didn't want passwords to bounce around like that at the
>>>>> discretion of just any course coordinator.
>>>>>
>>>>> - Gerd.
>>>>> _______________________________________________
>>>>> LON-CAPA-admin mailing list
>>>>> LON-CAPA-admin at mail.lon-capa.org
>>>>> http://mail.lon-capa.org/mailman/listinfo/lon-capa-admin
>>>>
>>>> _______________________________________________
>>>> LON-CAPA-admin mailing list
>>>> LON-CAPA-admin at mail.lon-capa.org
>>>> http://mail.lon-capa.org/mailman/listinfo/lon-capa-admin
>>>
>>> _______________________________________________
>>> LON-CAPA-admin mailing list
>>> LON-CAPA-admin at mail.lon-capa.org
>>> http://mail.lon-capa.org/mailman/listinfo/lon-capa-admin
>>
>>
> _______________________________________________
> LON-CAPA-admin mailing list
> LON-CAPA-admin at mail.lon-capa.org
> http://mail.lon-capa.org/mailman/listinfo/lon-capa-admin

More information about the LON-CAPA-admin mailing list