basic people playbook
This commit is contained in:
parent
76c4d0eae2
commit
c9bb61dcc0
1
TODO.md
1
TODO.md
|
@ -1,3 +1,2 @@
|
||||||
- [ ] nameservers for users
|
- [ ] nameservers for users
|
||||||
- [ ] create dmarc.report, postmaster email users, give access to infra users
|
- [ ] create dmarc.report, postmaster email users, give access to infra users
|
||||||
- [ ] figure oute mailbox permissions, ensure users can't just set random senders and stuff, domain fixing
|
|
||||||
|
|
|
@ -0,0 +1,15 @@
|
||||||
|
obviously, don't let people have usernames that would conflict with anything internal (i.e. "email", "infra*", etc.) and are only alphanumeric
|
||||||
|
|
||||||
|
```sh
|
||||||
|
kanidm login --name idm_admin
|
||||||
|
kanidm person create --name idm_admin <username> "<display name>"
|
||||||
|
kanidm person credential create-reset-token <username> --name idm_admin
|
||||||
|
|
||||||
|
# allow them to set a unix/ldap password
|
||||||
|
kanidm person posix set --name idm_admin <username>
|
||||||
|
kanidm person posix set --name idm_admin <username> --shell /bin/zsh
|
||||||
|
|
||||||
|
# give them email access (need unix access)
|
||||||
|
kanidm person update <username> --legalname "<display name>" --mail <username>@hatecomputers.club
|
||||||
|
kanidm group add-members mail <username>
|
||||||
|
```
|
Loading…
Reference in New Issue