From owner-freebsd-questions@FreeBSD.ORG Thu May 19 15:30:10 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CAD3116A4CE for ; Thu, 19 May 2005 15:30:10 +0000 (GMT) Received: from orb.pobox.com (orb.pobox.com [207.8.226.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id 614EA43D45 for ; Thu, 19 May 2005 15:30:10 +0000 (GMT) (envelope-from bjd@pobox.com) Received: from orb (localhost [127.0.0.1]) by orb.pobox.com (Postfix) with ESMTP id F126C90D for ; Thu, 19 May 2005 11:29:59 -0400 (EDT) Received: from [10.0.1.201] (c-24-12-132-100.hsd1.in.comcast.net [24.12.132.100]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by orb.sasl.smtp.pobox.com (Postfix) with ESMTP id B58CB99 for ; Thu, 19 May 2005 11:29:59 -0400 (EDT) Mime-Version: 1.0 (Apple Message framework v730) To: freebsd-questions@freebsd.org Message-Id: <98178168-BB06-4D7F-A84D-625E9850FFA4@pobox.com> Content-Type: multipart/signed; micalg=sha1; boundary=Apple-Mail-1-770426523; protocol="application/pkcs7-signature" From: Benjamin J Doherty Date: Thu, 19 May 2005 10:29:39 -0500 X-Mailer: Apple Mail (2.730) X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: web-based ldap user administration X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 May 2005 15:30:10 -0000 --Apple-Mail-1-770426523 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Friends, Now that I've successfully assembled my LDAP enabled FreeBSD machine with pam_ldap and nss_ldap, I'm looking for a way to allow users to administer their accounts through a web browser. Webmin and Usermin appear to be excellent candidates except for the fact that they don't appear to support FreeBSD and OpenLDAP. Webmin doesn't have an option to use SSHA password hashing when creating an account, and all of its supported hashing mechanisms don't equal the actual authentication process' hashing mechanism. Usermin (probably for the same reason) can allow a user to change a password but changes the password to something besides what the user wanted, effectively disabling his account. Usermin offers a huge advantage in that it also can change a Samba account password at the same time (though I don't know if it will change an LDAP password out of the box). Are there other options in the ports tree that actually work? Is there a simple way to get Webmin and Usermin to work? Cheers, Benjamin Doherty chicago --Apple-Mail-1-770426523--