hatecomputers
/
infra
6
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

basic people playbook

This commit is contained in:
Elizabeth Hunt 2024-03-23 14:08:35 -04:00
parent 76c4d0eae2
commit c9bb61dcc0
2 changed files with 15 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
TODO.md
View File

@ -1,3 +1,2 @@
- [ ] nameservers for users - [ ] nameservers for users
- [ ] create dmarc.report, postmaster email users, give access to infra users - [ ] create dmarc.report, postmaster email users, give access to infra users
- [ ] figure oute mailbox permissions, ensure users can't just set random senders and stuff, domain fixing

15
docs/PEOPLE_PLAYBOOK.md Normal file
View File

@ -0,0 +1,15 @@
obviously, don't let people have usernames that would conflict with anything internal (i.e. "email", "infra*", etc.) and are only alphanumeric
```sh
kanidm login --name idm_admin
kanidm person create --name idm_admin <username> "<display name>"
kanidm person credential create-reset-token <username> --name idm_admin
# allow them to set a unix/ldap password
kanidm person posix set --name idm_admin <username>
kanidm person posix set --name idm_admin <username> --shell /bin/zsh
# give them email access (need unix access)
kanidm person update <username> --legalname "<display name>" --mail <username>@hatecomputers.club
kanidm group add-members mail <username>
```