精华内容
下载资源
问答
  • SelfService.exe

    2014-05-07 12:54:49
    SelfService.exe
  • Self Service Password部署

    2021-04-19 16:25:29
    Self Service Password部署 通过Self Service Password 自助修改和重置AD域账号密码 一、准备 操作系统 :192.168.1.8 CentOS7.6 AD域:192.168.1.10 ad01.test.com (已安装CA证书服务) ,创建ssp AD域账号,用于...

    Self Service Password部署


    通过Self Service Password 自助修改和重置AD域账号密码

    一、准备

    操作系统 :192.168.1.8 CentOS7.6 

    AD域:192.168.1.10  ad01.test.com (已安装CA证书服务) ,创建ssp AD域账号,用于登录验证

    Self Service Password官网文档:https://ltb-project.org/documentation/self-service-password

    1、配置yum源

    cat /etc/yum.repos.d/ltb-project.repo
    [ltb-project-noarch]
    name=LTB project packages (noarch)
    baseurl=https://ltb-project.org/rpm/$releasever/noarch
    enabled=1
    gpgcheck=1
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-LTB-project

    2、导入GPG私钥

    rpm --import https://ltb-project.org/wiki/lib/RPM-GPG-KEY-LTB-project

    3、添加php72的yum源

    yum -y install epel-release
    rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm

    4、修改host文件

    vim /etc/hosts
    192.168.1.10    ad01.test.com

     

    二、安装self service password

    yum -y install self-service-password

    执行安装后,apache未安装成功,需要执行

    yum -y install httpd

    四、修改self-service-password配置文件

    只启用AD账号修改密码和通过邮箱重置密码功能,以下都是需要配置的项。

    vim /usr/share/self-service-password/conf/config.inc.php
    # LDAP配置
    $ldap_url = "ldaps://ad01.test.com:636";
    $ldap_starttls = false;
    $ldap_binddn = "cn=ssp,cn=users,dc=test,dc=com";
    $ldap_bindpw = "Test2021";
    $ldap_base = "dc=test,dc=com";
    $ldap_login_attribute = "sAMAccountName";
    $ldap_fullname_attribute = "cn";
    $ldap_filter = "(&(objectClass=user)(sAMAccountName={login})(!(userAccountControl:1.2.840.113556.1.4.803:=2)))";
    
    # AD域配置
    $ad_mode = true;
    $ad_options['force_unlock'] = true;
    $ad_options['force_pwd_change'] = false; 
    $ad_options['change_expired_password'] = true;
    
    $who_change_password = "manager";
    
    # 邮箱配置
    $mail_from = "ssp@test.com";
    $mail_from_name = "Self Service Password";
    $mail_protocol = 'smtp';
    $mail_smtp_debug = 0;
    $mail_debug_format = 'html';
    $mail_smtp_host = 'smtp.test.com';
    $mail_smtp_auth = true;
    $mail_smtp_user = 'ssp@test.com';
    $mail_smtp_pass = 'Test2021';
    $mail_smtp_port = 25;
    $mail_smtp_timeout = 30;
    $mail_smtp_keepalive = false;
    # $mail_smtp_secure = 'tls';
    # $mail_smtp_autotls = true;
    
    ## SMS
    # Use sms
    $use_sms = false;
    
    $keyphrase = "abd2021aa";

    五、安装和配置openldap

    1、安装openldap

    yum install -y openldap

    2、修改ldap.conf配置

    vim /etc/openldap/ldap.conf

    增加

    TLS_CACERT /etc/openldap/certs/ad01.pem
    TLS_REQCERT allow
    TLS_CIPHER_SUITE TLSv1+RSA

    六、配置CA证书

    1、导出AD域服务器CA证书

    导出对应AD域服务器证书,右击证书名-选择“所有任务”-“导出”

    2、转换CA证书

    上传ad01.cer到 Self Service Password 服务器中的 /root/目录下

    openssl x509 -inform der -in ad01.cer -out ad01.pem
    cat ad01.pem >> /etc/openldap/certs/ad01.pem

    七、启动服务

    service httpd start

    访问地址:http://192.168.1.8

     

    八、问题处理

    1、修改密码,提示“密码被 LDAP 服务器拒绝”

    $who_change_password配置错误导致修改时出错

    vim /usr/share/self-service-password/conf/config.inc.php
    $who_change_password = "manager";

    2、通过email找回密码,“口令无效”

    通过email找回密码,点击重置密码链接后,提示“口令无效

    查询 /etc/httpd/logs/ssp_error_log 日志文件  /var/lib/php/session 只有root控制权限

    PHP Warning:  session_start(): Failed to read session data: files (path: /var/lib/php/session) in /usr/share/self-service-password/pages/resetbytoken.php on line 66

    修改/var/lib/php/session权限

    chmod -R 777 /var/lib/php/session

     

     

     

     

     

    展开全文
  • selfservice 自助服务平台demo
  • Customer self service in the hybrid library 国外原版电子书,仅供学习使用!
  • selfservice picture

    2014-02-19 23:39:45
    用户自助服务手机web素材分享 包括界面素材 样式文件 js文件等
  • 转载链接 搭建OpenLDAP自助修改密码系统Self Service Password
    展开全文
  • Pointers for developing selfservice in PeopleSoft More and more companies use selfservice funcionality. PeopleSoft deliveres some out-of-the-box selfservice functionality, but what if you want to dev

    Pointers for developing selfservice in PeopleSoft

    More and more companies use selfservice funcionality. PeopleSoft deliveres some out-of-the-box selfservice functionality, but what if you want to develope some yourself?

    Here are some pointers to get you on the right track:

    Roles
    One of the most distinctive trademarks of selfservice functionality are the different roles an enduser can have, for instance:
    - employees enter / adjust their own specific data
    - managers can approve changes made by employees
    - functional managers can setup/change configuration items, correct entered data and support employees and managers

    Make sure you set up your permission lists & roles in PeopleSoft according to the roles you define for your selfservice customization.

    User profiles
    PeopleSoft users the OperatorID (OPRID) for logging on a user. On the other hand, the employee nr (EMPLID) is used when saving transactional user data. The link between the OPRID and the EMPLID of a user is made in the User Profile page. However, PeopleSoft does not force you to specify an EMPLID for every OPRID. You can even add the same EMPLID to different OPRIDs. This can cause errors in a self service module. In order to prevent this, create a process that checks for these things and schedule it daily.

    Developing Self Service pages
    The develoment of a self service page differs from a ‘normal’ page. Normally, you create a page object and put it into a component object. If you need a second scree, you define a second page and put it in a second component. In selfservice screens however, the information on a screen can be almost identical, but differs a bit depending on the role of the user. An example:
    - an employee wants to request an absence of leave, so a page has to be created with all relevant input fields and a button to request the absence of leave.
    - the corresponding manager has to approve or deCline the request. A page has to be available identical to the page where the use has entered the request, only the fields have to be display-only and the manager needs a button to approve and a button to decline.
    - the functional manager at least must have the ability to look at the request (display-only) or even may have the ability to correct it (input fields available).

    When using the normal way of creating a screen, you will have to create three more or less identical pages and three new components. It is easier however to create one page with all necessary fields / buttons for all roles, and put that page into three components (one for every role). With the use of PeopleCode you can then finetune the page for each role.

    Using Component and Application Package PeopleCode
    By using Component PeopleCode you can determine which fields / buttons are available based on the role. You can then use Application Package PeopleCode to define code that can be shared amongs all the components.

    For instance, you can define a method called DisplayPage which accept the name of a component as a variable. In this method you can turn field on or off based on the given parameter. In the Component PostBuild event of each of the three components you can call this method providing the name of the component it is called from.

    In the same way you can define for instance input checks in an Application Package and call it with Component Field Peoplecode from the relevant components.

     Viewed 14728 times by 2761 visitors


    展开全文
  • 服务安装: 安装依赖:yum install php70-ldap.x86_64 -y (版本尽量大于5.3,否则会提示... yum install httpd -y 安装Self Service Password:yum install https://ltb-project.org/rpm/6Server/noarch/self-ser...

    服务安装:

      安装依赖:yum install php70-ldap.x86_64 -y (版本尽量大于5.3,否则会提示更新php程序) 
                     yum install httpd -y 
      安装Self Service Password:yum install https://ltb-project.org/rpm/6Server/noarch/self-service-password-1.1-1.el6.noarch.rpm
    
            配置apache: /etc/httpd/conf.d/self-service-password.conf
                NameVirtualHost *:80
    <VirtualHost *:80>
            ServerName ssp.xinniu.com
    
            DocumentRoot /usr/share/self-service-password
            DirectoryIndex index.php
    
            AddDefaultCharset UTF-8
       <Directory "/usr/share/self-service-password">
                AllowOverride None
                Allow from all
     </Directory>
            LogLevel warn
            ErrorLog /var/log/httpd/ssp_error_log
            CustomLog /var/log/httpd/ssp_access_log combined
    </VirtualHost>

    配置Self Service Password,支持密码修改和邮件重置: vim /usr/share/self-service-password/conf/config.inc.php

    这个文件配置项太多了,只写一下改动的

    $ldap_url = "ldap://172.xx.xx.xx:389";
    $ldap_starttls = false;
    $ldap_binddn = "cn=admin,dc=xxxx,dc=com";
    $ldap_bindpw = "****";
    $ldap_base = "dc=xxxx,dc=com";
    $ldap_login_attribute = "uid";
    $ldap_fullname_attribute = "cn";
    $ldap_filter = "(&(objectClass=person)($ldap_login_attribute={login}))";
    $mail_from = "msg_data@xxxx.com";
    $mail_from_name = "Self Service Password";
    $mail_signature = "";
    
    $notify_on_change = true;
     https://github.com/PHPMailer/PHPMailer)
    $mail_sendmailpath = '/usr/sbin/sendmail';
    $mail_protocol = 'smtp';
    $mail_smtp_debug = 0;
    $mail_debug_format = 'html';
    $mail_smtp_host = 'localhost';
    $mail_smtp_auth = true;
    $mail_smtp_user = 'msg_data@xxxxx.com';
    $mail_smtp_pass = 'xxxxx;
    $mail_smtp_port = 25;
    
    keyphrase = "secret";

    配完后
    systemctl restart httpd

    完成之后,测试系统是否可以使用
    打开页面
    搭建ldap自助修改密码系统--Self Service Password
    d搭建ldap自助修改密码系统--Self Service Password
    修改密码时不用输入整个dn,直接输入前缀就可以了

    测试修改密码时,报错,ldap服务器拒绝我们修改的密码,经过查看日志加上自己手动验证,发现普通用户没有修改密码的权限。
    然后查看ldap官方的手册:http://www.openldap.org/doc/admin24/access-control.html

    研究后发现需要修改ldap的条目
    文件添加ACL 信息,问题解决,添加命令如下:

    ldapmodify -Y EXTERNAL -H ldapi:/// -f updatepass.ldif 

    updatepass.ldif 文件内容如下:

     dn: olcDatabase={2}hdb,cn=config
    changetype: modify
    add: olcAccess
    olcAccess: to attrs=userPassword
            by self =xw
            by anonymous auth
            by * none
    
    olcAccess: to *
            by self write
            by users read
            by * none

    然后试下真的可以修改密码了

    展开全文
  • EdVIE Self Service-crx插件

    2021-04-02 16:40:41
    语言:English (United States) 一个简单的扩展程序,使您可以将桌面流式传输到使用Edvie Virtual Rooms的会议中
  • 语言:English 此扩展可用于使用s4文本分析服务从浏览器注释文本内容 ... *可提供AS-Service的自我管理或完全管理的可扩展RDF数据库,以便您可以搜索和更新从链接的开放数据或您自己的文档加载的语义事实
  • 安装 Self service password @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Note: http://ltb-project.org/wiki/download self service password download page CentOS下php安装mcrypt扩展: vim /etc/yum.repos.d/...
  • How to Find the Self Service Related File Location and Versions (文档 ID 781385.1) In this Document Goal   Solution Applies to: Oracle Self
  • 今天正在做openstack实例时输入neutron subnet-create --name selfservice --dns-nameserver 114.114.114.114 --gateway 192.168.1.1 selfservice 192.168.1.0/24后报错如图:   修改办法:  因为 self...
  • NULL 博文链接:https://yexingren23.iteye.com/blog/1691573
  •   <br /> 修正SelfService工程在myeclipse下的布署问题一、  将工程的描述文件改为web以及修正文件错误的描述. 1)  .classpath文件改class输出路径为 kind="output" path="webapps/self...
  • PAGE1 / NUMPAGES4 6.6.3 创建Self-service network 6.6.3 创建Self-service network 管理员和普通用户都...网络中单击创建网络 2输入网络名称为selfservice 3输入子网名称为selfservice网络地址为/24网关IP为172.16.1
  • 官方下载地址:https://github.com/ltb-project/self-service-password 官方简介: Self Service Password is a PHP application that allows users to change their password in an LDAP directory. The ...
  • SELF_SERVICE_BI-源码

    2021-03-19 21:17:47
    SELF_SERVICE_BI
  • self-service-password搭建文档 通过此应用的搭建,可实现员工自助通过邮箱自助恢复忘记的AD密码,有效减轻IT人员工作量
  • Self-service Business Intelligence
  • Self Service Password 是一个 PHP 应用程序,它允许用户在 LDAP 目录中更改他们的密码。 该应用程序可用于标准 LDAPv3 目录(OpenLDAP、OpenDS、ApacheDS、Sun Oracle DSEE、Novell 等)和 Active Directory。 它...
  • Self-Service Linux 讲解内核问题定位的书 Self-Service Linux 讲解内核问题定位的书 Self-Service Linux 讲解内核问题定位的书
  • SASS-Customer-Self-Service
  • Video set of Using Self-service Portal 2.0
  • 官方网站:... 官方简介: Self Service Password is a PHP application that allows users to change their password in an LDAP directory. The application can be used on standard LDAPv...
  • Introduce to Private Cloud by Using Self-service Portal 2.0
  • self-service-源码

    2021-04-01 07:46:33
    自助服务
  • Applications of self-service pattern can range from the very simple function of allowing users to view data built explicitly for one purpose, to taking requests from users, decomposing them into ...

空空如也

空空如也

1 2 3 4 5 ... 20
收藏数 78,414
精华内容 31,365
关键字:

selfservice