Welcome to the MacNN Forums.

macvillage.net · Mar 4, 2003, 03:55 PM

Does anyone have a perl script that can be used via a web interface to change the password of a user account in Mac OS X?

I want to allow users to remotely be able to change their password (enter current password, then new password).

I'm using the system as a fileserver, hence nobody uses it directly. So remote management is needed.

ttjervaag · Mar 4, 2003, 04:04 PM

Is login via SSH not an option?

terje

macvillage.net · Mar 4, 2003, 07:43 PM

Originally posted by ttjervaag:
Is login via SSH not an option?

terje

I plan to disable shell access. Just file access.

So I was hoping I can use a perl script via a web interface to allow users to change their password.

macvillage.net · Mar 5, 2003, 05:58 PM

<bump>

Anyone?

ttjervaag · Mar 6, 2003, 06:34 AM

...

Have you tried Webmin, which you can install from Fink? I think you could probably set detailed enough permissions there so that the only thing a user would be allowed to do would be to change his/her password. Of course, since webmin is open source you might learn how to do it from just looking at the code.

Just throwing out ideas, hope it might help.

terje.

macvillage.net · Mar 6, 2003, 08:44 AM

Originally posted by ttjervaag:
...

Have you tried Webmin, which you can install from Fink? I think you could probably set detailed enough permissions there so that the only thing a user would be allowed to do would be to change his/her password. Of course, since webmin is open source you might learn how to do it from just looking at the code.

Just throwing out ideas, hope it might help.

terje.

Interesting idea.

I'm suprised nobody has created any code to setup/modify accounts via a perl script. I've looked around and nothing.

kcm3 · Mar 6, 2003, 10:04 AM

Since user management is handled by netinfo, you would probably be able to put a shell script together to call niutil or nicl, and call it as a cgi, to accomplish what you want.

That said, allowing people to change passwords in this manner over the web is really not a stellar idea.

macvillage.net · Mar 6, 2003, 11:14 AM

Originally posted by kcm3:
Since user management is handled by netinfo, you would probably be able to put a shell script together to call niutil or nicl, and call it as a cgi, to accomplish what you want.

That said, allowing people to change passwords in this manner over the web is really not a stellar idea.

I'm using my mac as a home fileserver... behind a firewall.

macmike42 · Mar 6, 2003, 11:43 AM

Originally posted by macvillage.net:
I'm using my mac as a home fileserver... behind a firewall.

An AppleShare file server? If so, just click "Options..." and then click "Change Password..."

kcm3 · Mar 6, 2003, 03:04 PM

I'm using my mac as a home fileserver... behind a firewall.

OK, so your server is behind a firewall. That doesn't make password changes coming from remote web users any more secure. You will need 2 things to make something like that more secure. 1) SSL. Unless you encrpyt the web traffic, the password changes can be seen easily on the wire. 2) more importantly, make sure your script is bulletproof. Since you will be effectively executing commands in the shell, you'll want to make sure that users can't make the script to anything unintended (either on purpose or by accident.)