Placido Sanchez <[email protected]>
Updated
5-15-2002
WARNING!
This is probably not a safe package to install, I made it because I
needed it. It may help other people, or may not.
You are responsible for any results. I am not responsible for anything
that may happen, as a result of installing this RPM.
Problem
You need to use the users SME password for other programs.
You want the users to only remember one password for your site.
You want to use the same password for other programs/services running
on the same server.
Download
You only need this RPM
http://www.geocities.com/lapsch/rpms/ps-sme-pwd-utils-0.1-2.noarch.rpm
Here's the source RPM
http://www.geocities.com/lapsch/rpms/ps-sme-pwd-utils-0.1-2.src.rpm
Installation
rpm -Uvh ps-sme-pwd-utils-0.1-2.noarch.rpm
Uninstall
rpm -e ps-sme-pwd-utils-0.1-2
This puts the original autopassword program (autopassword.bin) back
in its place.
The 'userspwds' database is not removed, you have to remove it manually.
What does it do?
When you install it it moves /usr/bin/autopassword to /usr/bin/autopassword.bin,
installs a perl script as /usr/bin/autopassword.pl and links /usr/bin/autopassword
to point to /usr/bin/autopassword.pl. /usr/bin/autopassword.pl calls /usr/bin/autopassword.bin
and changes the password, if it is successfull it then stores it in the
'userspwds' database. When the 'password-modify' event runs, it doesn't
get the password, it only gets the username, this does not allow for changing
the new password on other programs (e.g. Sherpath), but since /usr/bin/autopassword.pl
store the password in 'userspwds' we can get the password from it
and change it on other programs. At the end of the event 'user-pwd-db'
(/etc/e-smith/events/actions/user-pwd-db') is call (make sure this is the
last thing run for the event) this
checks if the password should remain in 'userspwds', by default it
will, if it is not to remain it removes it. All password are store by default,
except for root's and admin's, if you want to store it read/edit '/etc/e-smith/events/actions/user-pwd-db'
It also installs a new server-manager panel under 'Collaboration' called 'User accounts export'. This will allow you to export all your users and their information for use with other programs. It is able to export the users password, if it is store in 'userspwds'.
Passwords are not store in clear text, this mean that you can not easily read the data found in 'userspwds' database with an editor, you'll see something like this:
34304O2313232O323233O313232O3O13088O313131O3937O313030=313062313181O313141O313038O313132O323234O323133313131313032
35305O63939O313131O3937O3130O30O383231=3438O3532O3438O35363439O3586O3534O3438
36306O7313039O3932O313038O32O3132O313230O313031=313136316139O313138O313047O313035O323030O323135
37307O73931O3937O312038O3130O38O3837O3438O3439=3532313063O313131813030O4532
Why do I need this?
Well, we have windows programs that use usernames and password, we don't
want the users to have to remember another password, that would just cause
more work for us, because they will be forgetting/loosing it. So just remembering
one username and password for all programs/service is much easier, all
the user does is change his/her password on the SME server, an admin exports
the information from the server and imports it on the programs. All of
this can take 5, 10, 15, 30, 60 minutes (depending on the program) to do
but, it may only take a few minutes to start the proccess, once it's
started you can walk away and do some other work. You can probably also
automate all this with other programs like cron or AutoIt ( http://www.hiddensoft.com/AutoIt/
) for windows
Here's some code
If you only want the password to be accessible during the event, but deleted at the end of the event
/sbin/e-smith/db userspwds set DontStoreAnyPwd 1
If you need to store only certain users, but not all, do this
/sbin/e-smith/db accounts setprop USERNAME StorePwd (yes|no)
e.g.
/sbin/e-smith/db accounts setprop jbrown StorePwd yes
/sbin/e-smith/db accounts setprop jamesb StorePwd no
If you want to access the password during the 'password-modify' event, create your perl script with this included.
my %userspwds;
tie %userspwds, 'esmith::config', '/home/e-smith/userspwds'
my $txtpwd;
# this is you clear text password
$txtpwd = &do_decode( db_get(\%userspwds, &do_encode($account))
);
# make sure to include the two subroutines (do_decode, do_encode) found in /usr/bin/autopassword.pl