Hi,
Following an unknown bug of the software,
https://sfj48-fkj200.heiksthsd.cf/clearfoundation/social/community/error-when-adding-user#COM_EASYDISCUSS_REPLY_PERMALINK-274951
While I can add a user to ClearOS, but when I try to add it to the existing groups, for instance, I followed what my other accounts are in:
Then, after a system reboot, executing
Is there some particular mechanism somewhere in ClearOS I need to use when adding a user to groups?
The purpose is for allowing this user to access OpenVPN and LAN via WAN.
Following an unknown bug of the software,
https://sfj48-fkj200.heiksthsd.cf/clearfoundation/social/community/error-when-adding-user#COM_EASYDISCUSS_REPLY_PERMALINK-274951
While I can add a user to ClearOS, but when I try to add it to the existing groups, for instance, I followed what my other accounts are in:
usermod -a -G allusers,openvpn_plugin,user_certificates_plugin,domain_users newuser
Then, after a system reboot, executing
groups newuser
does not show any change about the group it is in.Is there some particular mechanism somewhere in ClearOS I need to use when adding a user to groups?
The purpose is for allowing this user to access OpenVPN and LAN via WAN.
In Users
Share this post:
Responses (3)
-
Accepted Answer
Like Users, Group membership is stored in LDAP so it is LDAP you need to modify rather than traditional group manipulation utilities. Normally this is done through the webconfig. I guess it would be possible to use phpLDAPadmin or other LDAP editing utilities.
Note that if you are manipulating OpenVPN access, you'll also need to manipulate User Certificate membership. -
Accepted Answer
Nick Howitt wrote:
Like Users, Group membership is stored in LDAP so it is LDAP you need to modify rather than traditional group manipulation utilities. Normally this is done through the webconfig. I guess it would be possible to use phpLDAPadmin or other LDAP editing utilities.
Note that if you are manipulating OpenVPN access, you'll also need to manipulate User Certificate membership.
Thanks Nick for the suggestions, I will look into this. -
Accepted Answer
I've had a message from a dev who helped someone to do something similar with the program clearos_user (type "clearos_user -h"). Change:
to:$user_factory = new User_Factory();
$user = $user_factory->create($options['u']);$user_factory = new User_Factory();
$user = $user_factory->create($options['u']);
$group_memberships['pptpd_plugin'] = TRUE;
$user->set_group_memberships($group_memberships);
This would, as an example, add the user to the pptpd_plugin group.
Another change:
to:$user_info['extensions'] = array();
$user->add($user_info, $options['p']);$user_info['plugins']['web_proxy'] = array ('state' => 1);
$user_info['extensions'] = array();
$user->add($user_info, $options['p']);
would enable a plugin (in this case, web proxy), when updating a user.
He also says that, ideally, the script would be enhanced by adding a -g flag along with the group you wanted the user to belong to and maybe other flags like --web-proxy, to automatically add them to an extension.
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »