Thanks for the work, I just reviewed the code (but I didnât test it), and it looks fine.
Iâm wondering about to include the module as a core package.
@giacomo Thatâs nice if the code can be imported as a core feature, no problem with thatâŠIâm only wondering wich core rpm you want that I do a pull request ???
Concerning :
nethserver-password-PassExpires2yes-conf : If the code become a core feature then it needs to be integrated to anterior actions of events (user-modify and user-create). I prefer that the property âPassExpireâ is set to yes for each user, it is more clear.
The colouration, why not, no idea on how to do that, but seriously how much admins, do you think, will keep a strong passwordstrengh. I want to bet that a lot will set quickly to none. Maybe It is needed an intermediate level like it exists with SME Server.
The low level of Ibays password for the http access, makes me some interrogations. I do not understand why ? Moreover I would be happy if we can add some users and groups access to ibays with apache. I do love Webdav.
@alefattorini Iâm not really enthusiast about a webui for importing users from csv files. Of course that can be done, but I donât see a real value to a webUI like that. In fact it is destined to sysadmin, and IMHO, they have to use the command line for these tasks. Most of time, it is needed just one time per year, soâŠ
In fact I would be more interested by a module with ddclientâŠI looked a bit and It could be relatively easy with nethserver-hosts. Either I could fork it, or doing a pull request.
We will add your package among the core packages, maybe directly inside nethserver-iso yum group.
Itâs not necessary to have an explicit property. I would like to propose âYesâ as default inside the User configuration page. So each new user will have PassExpire set, but the old ones will be untouched.
If you need help for the web interface, @davidep will be glad to assist you
We can do it. There are some simple API: TODO API â NethServer 7 documentation
I donât see any reason to lower the password strength policy (beside develop environment).
The administrator should really really really discourage to do so!
In the old SME implementation, ibays were system users so the password needed to be strong (we saw many attacks based on weak ibay passwords!). But with the new implementation this is not needed: if the password is stolen, an attacker can only access a read-only web directory.
By the way, we can re-add a check in the future maybe only at web interface level.
I would not implement a shortcut to change the password policy, anyway the support team says a such feature can help and they asks for it. As @giacomo said: The administrator should really really really discouraged to do so!; that means a scaring message must be displayed at least
As the feature is accepted, I have no problem to include it into a new core package: if possible, Iâd limit any modification to existing packages.
Iâd prefer to make this an optional package, available from the âSoftware Centerâ page.