Feature #3125
Password policy page
| Status: | CLOSED | Start date: | ||
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: | - | % Done: | 100% | |
| Category: | nethserver-password | |||
| Target version: | v6.6 | |||
| Resolution: | NEEDINFO: | No |
Description
Implement a new Server Manager page where the admin can tweak
- password complexity policy
- password expiration policy
Also add per-user checkbox to set a non-expiring password.
Related issues
Associated revisions
Web UI: add todo when password strenght is disabled. Refs #3125
Web UI: add todo when password strenght is disabled. Refs #3125
Update translations and inline help. Refs #3125
Update translations and inline help. Refs #3125
Password page: moved under Security category. Refs #3125
Password page: moved under Security category. Refs #3125
nethserver-lang: imported Help files from nethserver-password. Refs #3125
History
#1
Updated by Davide Principi over 6 years ago
- Status changed from TRIAGED to ON_DEV
- Assignee set to stephane de Labrusse
- % Done changed from 20 to 30
#2
Updated by Davide Principi over 6 years ago
- Status changed from ON_DEV to MODIFIED
- Assignee deleted (
stephane de Labrusse) - % Done changed from 30 to 60
#3
Updated by Davide Principi over 6 years ago
- Status changed from MODIFIED to ON_QA
- % Done changed from 60 to 70
In nethserver-testing:
nethserver-password-1.0.2-1.ns6.noarch.rpm
#4
Updated by Giacomo Sanchietti over 6 years ago
- Related to Enhancement #2887: Localize "password expire" notifications added
#5
Updated by Davide Principi over 6 years ago
- Related to Feature #2980: Expired password visual notification added
#6
Updated by Davide Principi over 6 years ago
- Status changed from ON_QA to TRIAGED
- % Done changed from 70 to 20
We should add a scaring TODO notification if the admin sets passwordstrength none
#7
Updated by stephane de Labrusse over 6 years ago
Ok I'm on it, I will add a TODO notification if the admin sets passwordstrength none
#8
Updated by Giacomo Sanchietti about 6 years ago
- Status changed from TRIAGED to ON_DEV
- % Done changed from 20 to 30
#9
Updated by Giacomo Sanchietti about 6 years ago
- Assignee set to Giacomo Sanchietti
#10
Updated by Giacomo Sanchietti about 6 years ago
- Status changed from ON_DEV to MODIFIED
- % Done changed from 30 to 60
- moved to new official repo: https://github.com/nethesis/nethserver-password
- added transifex support
- added Italian inline help
- Change policies from the web interface
- Check properties inside the configuration database reflect values from web interface
- See http://docs.nethserver.org/en/latest/accounts.html#password-management
#11
Updated by Giacomo Sanchietti about 6 years ago
- Status changed from MODIFIED to ON_QA
- Assignee deleted (
Giacomo Sanchietti) - % Done changed from 60 to 70
- nethserver-password-1.0.2-1.3.g028b202.ns6.noarch.rpm
#12
Updated by stephane de Labrusse about 6 years ago
- Assignee set to stephane de Labrusse
I take this one
#13
Updated by stephane de Labrusse about 6 years ago
Verification
[root@nethserver-dev ~]# rpm -qa | grep nethserver-password nethserver-password-1.0.2-1.3.g028b202.ns6.noarch
at first after the installation
[root@nethserver-dev ~]# config show passwordstrength
passwordstrength=configuration
Admin=strong
Ibays=strong
MaxPassAge=180
MinPassAge=0
PassExpires=yes
PassWarning=7
Users=strong
- GUI modification
I set custom values from the GUI and look db[root@nethserver-dev ~]# config show passwordstrength passwordstrength=configuration Admin=none Ibays=strong MaxPassAge=365 MinPassAge=365 PassExpires=no PassWarning=30 Users=none
the event signal-event password-policy-update is launched in log and therefore the action nethserver-directory-password-policy
- todo list
After that the Todo list display a yellow box with a reminder with that :
Change password strength
Password policy is too weak
- Password Expiration
a user can be dispensed to have a password expiration
by default it is set to yes (mean the password must expire)
[root@nethserver-dev ~]# db accounts show plop
plop=user
City=
Company=
Department=
FirstName=artur
LastName=de labrusse
PassExpires=yes
PhoneNumber=
Street=
Uid=5000
__state=new
after action in the user panel the property 'PassExpires' is set to 'no'
[root@nethserver-dev ~]# db accounts show plop
plop=user
City=
Company=
Department=
FirstName=artur
LastName=de labrusse
PassExpires=no
PhoneNumber=
Shell=/usr/libexec/openssh/sftp-server
Street=
Uid=5000
__state=new
- help page
the online help is here, no problem
- Translations
italian and english are here
- Logs
no errors in logs
-----------> verified
side note : why the rpm needs so much time to be in the mirror, you pushed it monday around 10AM and around 10PM there was nothing on mirror, only this morning ?????
#14
Updated by Giacomo Sanchietti about 6 years ago
side note : why the rpm needs so much time to be in the mirror, you pushed it monday around 10AM and around 10PM there was nothing on mirror, only this morning ?????
Because repositories are kept in sync from our data center during the night, and any mirror has its own scheduled sync.
We are planning to fix this situation and make mirror.nethserver.org a master repository always in sync with our facility.
#15
Updated by Giacomo Sanchietti about 6 years ago
- Status changed from ON_QA to VERIFIED
- Assignee deleted (
stephane de Labrusse) - % Done changed from 70 to 90
#16
Updated by Giacomo Sanchietti about 6 years ago
- Status changed from VERIFIED to CLOSED
- % Done changed from 90 to 100
- nethserver-password-1.0.3-1.ns6.noarch.rpm