#1757: Log LDAP edits performed via Drupal website, or remove the functionality
---------------------------+--------------------------
Reporter: strk | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone:
Component: Systems Admin | Keywords: ldap, userid
---------------------------+--------------------------
I found out LDAP database can be also edited via Drupal,
from URLs like: https://www.osgeo.org/user/409/edit/ldap_user_data
(where 409 correspond to my own username).
For simplicity we might want to disable that form and have users sent to
the LDAP editing form: https://www.osgeo.org/cgi-
bin/auth/ldap_edit_user.py
Or, at least, we should have the Drupal mediated editing form also log
edits, like the ldap-specific form linked above does since a few weeks.
For additional info: I noticed the Drupal form allows setting a "First
Name" (givenName in LDAP database) whereas the ldap_edit_user.py script
does not allow that (in case we want to add that).
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1757>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#1757: Log LDAP edits performed via Drupal website, or remove the functionality
---------------------------+--------------------
Reporter: strk | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: ldap, userid |
---------------------------+--------------------
Comment (by rduivenvoorde):
Yep, not working... If I go to
https://www.osgeo.org/user/91/edit
to (I thought being able to change my password after a password reset),
you cannot even reset it there, as you get this image:
https://duif.net/osgeo.png
Then trying to to click in the red-warning-bar link 'Have you forgotten
your password' sents you to
https://www.osgeo.org/user/password
which shows 'Access Denied'
This link should either be:
https://www.osgeo.org/cgi-bin/auth/ldap_edit_user.py
where I CAN succesfully change my password, OR this fields there should
just be hidden/replace by the ldap_edit_user.py link...
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1757#comment:1>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#1757: Log LDAP edits performed via Drupal website, or remove the functionality
--------------------------+-----------------------
Reporter: strk | Owner: webcom@…
Type: task | Status: new
Priority: normal | Milestone:
Component: WebSite | Resolution:
Keywords: ldap, userid |
--------------------------+-----------------------
Changes (by strk):
* owner: sac@… => webcom@…
* component: Systems Admin => WebSite
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1757#comment:2>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#1757: Log LDAP edits performed via Drupal website, or remove the functionality
--------------------------+-----------------------
Reporter: strk | Owner: webcom@…
Type: task | Status: closed
Priority: normal | Milestone:
Component: WebSite | Resolution: fixed
Keywords: ldap, userid |
--------------------------+-----------------------
Changes (by robe):
* status: new => closed
* resolution: => fixed
Comment:
I'm closing these since all these have been redirected to id.osgeo.org
which I think is logged.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1757#comment:4>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.