[ZendTo] Re: Antwort: Re: Online User administration

Tue Jul 2 13:40:02 BST 2013

Jörg,

If your issue is sensitivity over access to AD from an application (or server) that has off-site users, you could consider using either an AD-LDS server or a read-only DC, which could be in the DMZ. Either way AD is insulated against change.

Regards

Richard
--
Richard Rogers
Principal IT Officer, Client Technology and Applications
Information Services, Staffordshire University

From: zendto-bounces at zend.to [mailto:zendto-bounces at zend.to] On Behalf Of Joerg Muehlberger
Sent: 02 July 2013 12:13
To: ZendTo Users
Subject: [ZendTo] Antwort: Re: Online User administration

Hello Jules,

the "security aspects" are not because we do not trust you code, It is more that I would be administrating this machine and I am not part of our IT crew. That is why I would like to place this server in our DMZ with least as possible access to our network, so that if anything happens I am not the guilty person. One other solution would be to host this on a dedicated root server and this would mean no direct access to our AD or an additional VPN needed.

I hope that you are already back from hospital and are feeling better.

Regards

Jörg

Von:        Jules <Jules at zend.to<mailto:Jules at zend.to>>
An:        ZendTo Users <zendto at zend.to<mailto:zendto at zend.to>>,
Datum:        02.07.2013 13:03
Betreff:        [ZendTo] Re: Online User administration
Gesendet von:        zendto-bounces at zend.to<mailto:zendto-bounces at zend.to>
________________________________

I'm afraid I've never written a web-based tool for administering local users.
I don't quite see why for "security aspects" you would not use the very secure authentication system you already have. Not using it seems a little nuts to me, that's exactly what it's there for.

Jules.

On 29/05/2013 12:00, Joerg Muehlberger wrote:
Hello everybody,

I made a test installation of Zendto, as we are looking for a software exactly like that.
The only thing that is "missing" would be an easy user administration interface for local users. Due to security aspects we do not want to connect it with our AD...

So the question is, if the same email verification mechanism that is used for external users could be used for creating (local) internal users.
Another wish would be to have a password changing possibility for local/internal users.

I have searched the list for similar requests but did not find any, and now I am curious whether any of this might already be in the pipeline or not.

Thank you for your help!

Jörg Mühlberger

Telefon +49 (711) 648 71-27

_________________________________________________

schlaich bergermann
und partner

Beratende Ingenieure
im Bauwesen

Stuttgart . Berlin
New York . São Paulo . Shanghai

Knut Goeppert Dipl.Ing.
Andreas Keil Dipl.Ing.
Sven Plieninger Dipl.Ing.
Mike Schlaich Prof. Dr. sc.techn.

sbp gmbh
Schwabstrasse 43
70197 Stuttgart
Telefon +49 (711) 648 71-0

www.sbp.de<file:///C:\Users\mueh\AppData\Local\Temp\notesC654C1\www.sbp.de>
_________________________________________________

_______________________________________________
ZendTo mailing list
ZendTo at zend.to<mailto:ZendTo at zend.to>
http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto

Jules

--
Julian Field MEng MBCS CITP CEng

'There is always one moment in childhood when the door opens and
lets the future in.' - Graham Greene

www.Zend.To<http://www.zend.to/>
Twitter: @JulesFM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
_______________________________________________
ZendTo mailing list
ZendTo at zend.to<mailto:ZendTo at zend.to>
http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20130702/7ed6d6b4/attachment.html 