We (Jon McCann and myself, with some input from others) have been working on a design for a new user management tool, with the goal of coming up with something better than the current trias of system-config-users, gnome-about-me and gdmsetup.
The design is not finalized, you can see the current state of affairs here: http://people.redhat.com/mclasen/user-account3.pdf.bz2 (I really wanted to put this on the wiki, but all I could only get proxy errors when trying to do so).
Comments are welcome. Please note the section on target audience and use cases.
Matthias
Matthias Clasen wrote:
Comments are welcome. Please note the section on target audience and use cases.
Perhaps a note with the Short Name field on the "Create a new user" dialog explaining the basic limitations (no spaces, special chars, etc.)
Maybe even auto-generate the Short Name if the field is empty when Name is entered? Turn "Ed Jones" into "edjones", etc.?
Cheers, Steven Garrity
On Thu, 2008-05-22 at 15:32 -0300, Steven Garrity wrote:
Matthias Clasen wrote:
Comments are welcome. Please note the section on target audience and use cases.
Maybe even auto-generate the Short Name if the field is empty when Name is entered? Turn "Ed Jones" into "edjones", etc.?
It's already in the design document, at the bottom of page 3:
"The tool then generates a Unix username from the full name and prefills the Short Name field. There was some idea to define a set of rules for this (e.g. Matthias Clasen→mclasen or Jon McCann→jonm) and update the currently used rule based on the corrections that are made to the pregenerated username."
-w
On Thu, 2008-05-22 at 15:39 -0400, Will Woods wrote:
On Thu, 2008-05-22 at 15:32 -0300, Steven Garrity wrote:
Matthias Clasen wrote:
Comments are welcome. Please note the section on target audience and use cases.
Maybe even auto-generate the Short Name if the field is empty when Name is entered? Turn "Ed Jones" into "edjones", etc.?
It's already in the design document, at the bottom of page 3:
"The tool then generates a Unix username from the full name and prefills the Short Name field. There was some idea to define a set of rules for this (e.g. Matthias Clasen→mclasen or Jon McCann→jonm) and update the currently used rule based on the corrections that are made to the pregenerated username."
Umm, is the above really a problem we need to solve? Is there a great problem with people being able to create usernames?
-sv
On Thu, 2008-05-22 at 16:09 -0400, seth vidal wrote:
On Thu, 2008-05-22 at 15:39 -0400, Will Woods wrote:
On Thu, 2008-05-22 at 15:32 -0300, Steven Garrity wrote:
Matthias Clasen wrote:
Comments are welcome. Please note the section on target audience and use cases.
Maybe even auto-generate the Short Name if the field is empty when Name is entered? Turn "Ed Jones" into "edjones", etc.?
It's already in the design document, at the bottom of page 3:
"The tool then generates a Unix username from the full name and prefills the Short Name field. There was some idea to define a set of rules for this (e.g. Matthias Clasen→mclasen or Jon McCann→jonm) and update the currently used rule based on the corrections that are made to the pregenerated username."
Umm, is the above really a problem we need to solve? Is there a great problem with people being able to create usernames?
There is no problem being solved here, just a tiny bit of smart convenience added. You can still specify a username yourself if you like.
On 2008-05-22, 18:32 GMT, Steven Garrity wrote:
Matthias Clasen wrote:
Comments are welcome. Please note the section on target audience and use cases.
Perhaps a note with the Short Name field on the "Create a new user" dialog explaining the basic limitations (no spaces, special chars, etc.)
Could we just call it "Login name"? This sounds really like a bad macintoshism to me -- generating nonsensical name just for sake of not sounding like a computerese -- even the Aunt Tillie these days knows what login name is, and this duo "Name/Short Name" is guaranteed to confuse everybody.
Matěj
On Fri, 2008-05-23 at 11:19 +0200, Matej Cepl wrote:
Could we just call it "Login name"? This sounds really like a bad macintoshism to me -- generating nonsensical name just for sake of not sounding like a computerese -- even the Aunt Tillie these days knows what login name is, and this duo "Name/Short Name" is guaranteed to confuse everybody.
I concur. The connotation "Login screen" <-> "Login name" should be easier made than "Login screen" <-> "Short name". People are hardly confused by seeing their real names in the login screen if there is a list of users, but they need to make that connotation if they only see "User Name: ______ Password: _____".
As a side note, I don't like the login screen a bit for going corporate on me by using full names instead of given ones (or nicknames?). I haven't seen a Mac or Windows user using a full name on his home computer anyway ;-).
Nils
On Fri, 2008-05-23 at 11:19 +0200, Matej Cepl wrote:
On 2008-05-22, 18:32 GMT, Steven Garrity wrote:
Matthias Clasen wrote:
Comments are welcome. Please note the section on target audience and use cases.
Perhaps a note with the Short Name field on the "Create a new user" dialog explaining the basic limitations (no spaces, special chars, etc.)
Could we just call it "Login name"? This sounds really like a bad macintoshism to me -- generating nonsensical name just for sake of not sounding like a computerese -- even the Aunt Tillie these days knows what login name is, and this duo "Name/Short Name" is guaranteed to confuse everybody.
Matěj
We're following the recommendations of gnome documentation team here: http://mail.gnome.org/archives/gnome-doc-list/2008-April/msg00028.html
login (n., adj.) The act of logging in to a computer, or something related to logging in to a computer. Do not use "login" or "login name" as a synonym for username. Do not use "logon".
On Fri, 23 May 2008 08:36:20 -0400, Matthias Clasen scripst:
We're following the recommendations of gnome documentation team here: http://mail.gnome.org/archives/gnome-doc-list/2008-April/msg00028.html
login (n., adj.) The act of logging in to a computer, or something related to logging in to a computer. Do not use "login" or "login name" as a synonym for username. Do not use "logon".
OK, I used to be a lawyer, so I am used to distinguishing between authorities which I need to strongly adhere and to somebody who just made to much crack and nothing to do. I am afraid this falls squarely into the latter camp. Cannot we somehow object to this nonsense? Can I do something about it (so that we are not wasting your time)?
Matej
On Fri, 2008-05-23 at 17:24 +0200, Matej Cepl wrote:
On Fri, 23 May 2008 08:36:20 -0400, Matthias Clasen scripst:
We're following the recommendations of gnome documentation team here: http://mail.gnome.org/archives/gnome-doc-list/2008-April/msg00028.html
login (n., adj.) The act of logging in to a computer, or something related to logging in to a computer. Do not use "login" or "login name" as a synonym for username. Do not use "logon".
OK, I used to be a lawyer, so I am used to distinguishing between authorities which I need to strongly adhere and to somebody who just made to much crack and nothing to do. I am afraid this falls squarely into the latter camp.
I disagree. Besides, I'm not sure how useful is to bikeshed about strings in gimped up stuff.
David
On Fri, 2008-05-23 at 17:24 +0200, Matej Cepl wrote:
On Fri, 23 May 2008 08:36:20 -0400, Matthias Clasen scripst:
We're following the recommendations of gnome documentation team here: http://mail.gnome.org/archives/gnome-doc-list/2008-April/msg00028.html
login (n., adj.) The act of logging in to a computer, or something related to logging in to a computer. Do not use "login" or "login name" as a synonym for username. Do not use "logon".
OK, I used to be a lawyer, so I am used to distinguishing between authorities which I need to strongly adhere and to somebody who just made to much crack and nothing to do. I am afraid this falls squarely into the latter camp. Cannot we somehow object to this nonsense? Can I do something about it (so that we are not wasting your time)?
I'll reiterate what's in the mail, which is also in the dictionary: login is a verb, not a noun. FWIW, MacOS X qualifies it with "Unix" username.
It should probably never be visible to the user though (so could easily be generated, or hidden in a disclosure triangle). Anybody fancies filing bugs about visible login names when apps should use the person's name?
On Sat, 2008-05-24 at 00:19 +0100, Bastien Nocera wrote:
It should probably never be visible to the user though (so could easily be generated, or hidden in a disclosure triangle). Anybody fancies filing bugs about visible login names when apps should use the person's name?
Sometimes you need a username to differentiate between people that have the same real name. In Germany for instance, you'll find a lot of "Markus Müller"s and I'm sure other languages have their share of common names as well, so that should be taken into account. A unix username is a good differentiator there IMO.
Nils
Could we just call it "Login name"? This sounds really like a bad macintoshism to me -- generating nonsensical name just for sake of not sounding like a computerese -- even the Aunt Tillie these days knows what login name is, and this duo "Name/Short Name" is guaranteed to confuse everybody.
I agree, Short Name sounds awful, and doesn't seem to mean anything. "Login name" or "Username" would make much more sense.
Quasar
On Fri, May 23, 2008 at 7:27 PM, Quasar Jarosz quasar@ja.rosz.org wrote:
Could we just call it "Login name"? This sounds really like a bad macintoshism to me -- generating nonsensical name just for sake of not sounding like a computerese -- even the Aunt Tillie these days knows what login name is, and this duo "Name/Short Name" is guaranteed to confuse everybody.
I agree, Short Name sounds awful, and doesn't seem to mean anything. "Login name" or "Username" would make much more sense.
+1
On 05/23/2008 11:19 AM, Matej Cepl wrote:
Could we just call it "Login name"?
Is not "user name" better? For me, that has been using Unix-based system for over 20 years, that is far more easy to understand. Although, I have to admit that "login name" is better than "short name". I would never have known what "short name" was used for, if I saw it on "create a new user account" screen. So, as the dialog says "user account", "User name" would also be the logical choice.
/Lars
Matthias Clasen wrote:
The main dialog
Looks too much like the OS X one, particularly in the way that "Login Options" is in a place where it doesn't make sense. :)
The Email, Language and Location fields are here because they are frequently useful...
I assume "Location" will tie in in some way with the improved Location/Time Zone stuff?
The password dialog
An alternate UI possibility would be to autogenerate a few passwords of different strength levels and put them directly in the actions list:
Choose a password now Choose a password at next login Use this random password: zintelforb Use this random password: fas42Br0x Use this random password: y8Tx$mrA Allow login without a password
I don't think "Disable this account" belongs in the password dialog, even though that's how it's implemented underneath.
We've discussed ways to generate useful hints to go along with generated passwords, including somewhat crazy ideas like computergenerated poetry (cf gnoetry).
Hm... how could that work though? Without knowing at least one "secret" about the user besides their password, how can you autogenerate a hint that will make sense to them (when they've forgotten their password), but not make just as much sense to anyone else?
"Sites where people use randomly-generated passwords" and "sites that allow password hints" are probably mostly orthogonal anyway.
-- Dan
On Thu, 2008-05-22 at 16:52 -0400, Dan Winship wrote:
Matthias Clasen wrote:
The main dialog
Looks too much like the OS X one, particularly in the way that "Login Options" is in a place where it doesn't make sense. :)
Yeah. Thats only gimped in anyway, and won't work like that in a real treeview.
The Email, Language and Location fields are here because they are frequently useful...
I assume "Location" will tie in in some way with the improved Location/Time Zone stuff?
You tell us :-) I don't know how much thought Jon has put into this particular field...
The password dialog
An alternate UI possibility would be to autogenerate a few passwords of different strength levels and put them directly in the actions list:
Choose a password now Choose a password at next login Use this random password: zintelforb Use this random password: fas42Br0x Use this random password: y8Tx$mrA Allow login without a password
I don't think "Disable this account" belongs in the password dialog, even though that's how it's implemented underneath.
Unless it is implemented via /usr/bin/nologin...but you have a point.
We've discussed ways to generate useful hints to go along with generated passwords, including somewhat crazy ideas like computergenerated poetry (cf gnoetry).
Hm... how could that work though? Without knowing at least one "secret" about the user besides their password, how can you autogenerate a hint that will make sense to them (when they've forgotten their password), but not make just as much sense to anyone else?
It is a hint that helps you remember your password, not a challenge/response pair to use instead of your password. Anyway, I don't think generated hints are very high on the priority list - it was just an idea that came up during discussion.
On Thu, 2008-05-22 at 16:52 -0400, Dan Winship wrote:
I assume "Location" will tie in in some way with the improved Location/Time Zone stuff?
I'm interested in that part as well -- if we map locations to timezones (which I guess isn't trivial), there should be one component doing it, regardless of if that frontend is s-c-date or a desktop-specific/user-centric tool.
Nils
Nils Philippsen wrote:
On Thu, 2008-05-22 at 16:52 -0400, Dan Winship wrote:
I assume "Location" will tie in in some way with the improved Location/Time Zone stuff?
I'm interested in that part as well -- if we map locations to timezones (which I guess isn't trivial), there should be one component doing it, regardless of if that frontend is s-c-date or a desktop-specific/user-centric tool.
See also http://fedoraproject.org/wiki/Features/TimeZoneAndLocation
-- Dan
On Thu, 2008-05-22 at 13:59 -0400, Matthias Clasen wrote:
We (Jon McCann and myself, with some input from others) have been working on a design for a new user management tool, with the goal of coming up with something better than the current trias of system-config-users, gnome-about-me and gdmsetup.
The design is not finalized, you can see the current state of affairs here: http://people.redhat.com/mclasen/user-account3.pdf.bz2 (I really wanted to put this on the wiki, but all I could only get proxy errors when trying to do so).
Comments are welcome. Please note the section on target audience and use cases.
[...]
The target usage scenarios are home and smb, not enterprise customers and big deployments, although we do need to make sure that the tools not totally break down when used in a big deployment scenario, since users should still be able to use it for changing their own account. But we do expect system administrators in enterprise settings to use a web interface to their directory server, not this tool.
That's a pretty daring assumption IMO. I don't think that there should be one tool for both home/smb and enterprise (or home and smb/enterprise, but I digress ;-), but I'm not sold to the idea that enterprise admins will want to use web interfaces over native tools anytime soon, assuming that native interfaces will always outperform web interfaces for the same job (more performance with a given level of convenience, or more convenience with given level of performance). And, just as a datapoint, there are people using s-c-users against an LDAP directory ;-). I'd like to think that a backend handling the conventional passwd type of stuff should be able to cater for more than one use case. This would make it fairly easy to implement several UIs on top of it for the different use cases: graphical home/smb and enterprise, text-mode and what have you -- and I'm pretty sure that we'll (have to) end up with something like that anyway. Whether or not that same backend would handle the non-Unix properties of users would need some dicussion, I don't have a firm opinion on that one.
Another use case is temporary access to a computer (guest account). The proposed workflow for this is to offer a "Guest" user on the login screen. Selecting this user will not ask for a password, the account will have limited privileges (Account type: Guest), and all data will be removed at the end of the session, unless the user chooses 'Convert to normal account' from the menu of the userswitch applet. Todo: this is not reflected in the screenshots below.
I trust that the ability to convert a guest account to a normal one would be protected by an appropriate amount of PolicyKit ;-)?
The Name field is first, since we expect the full name to be entered first. The tool then generates a Unix username from the full name and prefills the Short Name field. There was some idea to define a set of rules for this (e.g. Matthias Clasen→mclasen or Jon McCann→jonm) and update the currently used rule based on the corrections that are made to the pregenerated username. We do need to validate the Name and Short Name fields to ensure that there are no conflicts with existing users. While it is technically possible to have two users with the same Name, we at last want to ask 'Did you really mean to do this ?'.
Ignoring technical possibility (which is just a side effect of that the full name has no bearing w.r.t. the Unix side of things), we shouldn't allow this, to avoid confusion about which "John Doe" a user should log into in the login greeter.
Likewise, the home directory, the uid and gid, the shell, and other uninteresting pieces of legacy information will be automatically determined by the tool and/or the service. People who have a strong interest in these will probably be better served by useradd anyway.
... or a suitable different frontend ;-).
Clicking on the face image brings up a dialog for selecting the user image which offers a set of predefined images, as well as an option to use a webcam (if available), a simple drawing tool (such as MeMaker) or pick an image from the filesystem. Fine point: when showing the predefined faces, we should indicate which ones are already 'taken'. This dialog has not been mocked up yet. When creating a new user, it initially gets a randomly picked image from the predefined images (excluding those that are already used for a different user)
I don't think that's a good idea, as there are too many ways to unintentionally insult people by picking the wrong one, even colors can have bad connotations in some cultures ("Your @*§$"!§%" tool picked {a monkey, something green, ...} for my account, now I'll {have your guts, not do any business with you again, ...}!").
The Account Type field associates (still to be implemented) PolicyKit 'roles' with the account. The Password field shows information about the kind of password that is currently set. The password change dialog is a bit more complicated than the other change dialogs, and is discussed in a separate section below. The Email, Language and Location fields are here because they are frequently useful (e.g. the language is needed on the login screen to relieve gdm from storing this information in .dmrc). Also, they are part of the standard LDAP user schema. Todo: these dialogs should perhaps provide some hints as to how these fields are used. E.g. entering an email address here does not create an email account or set up the mail client to use it.
At least for some SMBs (those who don't trust Google/Yahoo/... with their mails), a user mgmt tool should at some point (by way of a plugin or else) do exactly that, e.g. log into the company's cyrus-imapd and create a mailbox for the user. Maybe that's better suited for the enterprisey kind of user mgmt tool, however.
The Parental Controls field is just an idea that needs to be fleshed out. Beyond direct user management, we also want the new tool to take up some login screen configuration (which is, after all, more or less related to users and passwords).
Shouldn't that be somehow done in the login greeter so you directly see your changes (suitably authenticated of course)?
The service will certainly have the expected Create, Delete, Modify functions dealing with individual users. It is wellknown that it is a bad idea to have a enumerateallusers function, since the cost may be prohibitive and user interfaces that rely on such a function will simply not work in large deployments (cf fastuserswitchapplet vs NIS).
Which makes "Show list of users" in the login settings kind of dead in the water, unless that list of users is somehow limited, e.g. to people who were logged into the system in a certain timeframe (e.g. since 4 weeks before the last successful login), and/or people who have been created on that system, ...
By the same token, exposing every user as a dbus object will not work very well in such situations. One idea (inspired by LDAP again) is to have a Query function that allows querying for users by certain criteria.
... which would return the list of user names and create the matching dbus objects? Sounds sensible to me.
Nils
On Fri, 2008-05-23 at 12:23 +0200, Nils Philippsen wrote:
The target usage scenarios are home and smb, not enterprise customers and big deployments, although we do need to make sure that the tools not totally break down when used in a big deployment scenario, since users should still be able to use it for changing their own account. But we do expect system administrators in enterprise settings to use a web interface to their directory server, not this tool.
That's a pretty daring assumption IMO. I don't think that there should be one tool for both home/smb and enterprise (or home and smb/enterprise, but I digress ;-), but I'm not sold to the idea that enterprise admins will want to use web interfaces over native tools anytime soon, assuming that native interfaces will always outperform web interfaces for the same job (more performance with a given level of convenience, or more convenience with given level of performance). And, just as a datapoint, there are people using s-c-users against an LDAP directory ;-). I'd like to think that a backend handling the conventional passwd type of stuff should be able to cater for more than one use case. This would make it fairly easy to implement several UIs on top of it for the different use cases: graphical home/smb and enterprise, text-mode and what have you -- and I'm pretty sure that we'll (have to) end up with something like that anyway. Whether or not that same backend would handle the non-Unix properties of users would need some dicussion, I don't have a firm opinion on that one.
The backend needs to be flexible enough to support more enterprise-oriented frontends, sure. Perhaps that hasn't been stated clearly enough. Wrt to storage, I think we are pretty much within the standard LDAP user schema.
I trust that the ability to convert a guest account to a normal one would be protected by an appropriate amount of PolicyKit ;-)?
Of course.
Clicking on the face image brings up a dialog for selecting the user image which offers a set of predefined images, as well as an option to use a webcam (if available), a simple drawing tool (such as MeMaker) or pick an image from the filesystem. Fine point: when showing the predefined faces, we should indicate which ones are already 'taken'. This dialog has not been mocked up yet. When creating a new user, it initially gets a randomly picked image from the predefined images (excluding those that are already used for a different user)
I don't think that's a good idea, as there are too many ways to unintentionally insult people by picking the wrong one, even colors can have bad connotations in some cultures ("Your @*§$"!§%" tool picked {a monkey, something green, ...} for my account, now I'll {have your guts, not do any business with you again, ...}!").
Or maybe we just make the business customers use the other frontend...
At least for some SMBs (those who don't trust Google/Yahoo/... with their mails), a user mgmt tool should at some point (by way of a plugin or else) do exactly that, e.g. log into the company's cyrus-imapd and create a mailbox for the user. Maybe that's better suited for the enterprisey kind of user mgmt tool, however.
In fact, an earlier draft of the design had the idea of plugins for this kind of setup tasks. Maybe we'll have to revisit it. For the client-side email setup, I guess you could get 90% of the way there sabayon - just give the user a sabayon profile that has all the mail configuration set up except for the email address, that evolution can then pick up from the user service...
Beyond direct user management, we also want the new tool to take up some login screen configuration (which is, after all, more or less related to users and passwords).
Shouldn't that be somehow done in the login greeter so you directly see your changes (suitably authenticated of course)?
The old gdm had something like that, and it was not very nice. Maybe it was just not very well done, with the configuration options being directly visible in a toolbar on the greeter, and all gtk themes in a long menu...
The service will certainly have the expected Create, Delete, Modify functions dealing with individual users. It is wellknown that it is a bad idea to have a enumerateallusers function, since the cost may be prohibitive and user interfaces that rely on such a function will simply not work in large deployments (cf fastuserswitchapplet vs NIS).
Which makes "Show list of users" in the login settings kind of dead in the water, unless that list of users is somehow limited, e.g. to people who were logged into the system in a certain timeframe (e.g. since 4 weeks before the last successful login), and/or people who have been created on that system, ...
...which is pretty much exactly what the user list in the greeter already does.
On Fri, 2008-05-23 at 09:06 -0400, Matthias Clasen wrote:
The backend needs to be flexible enough to support more enterprise-oriented frontends, sure. Perhaps that hasn't been stated clearly enough. Wrt to storage, I think we are pretty much within the standard LDAP user schema.
Do you access LDAP directly or do you use libuser -- for s-c-users, libuser abstracted local user accounts from LDAP ones enough so that it could handle local as well as directory accounts without (any= much? haven't checked lately) distinction in the tool.
Clicking on the face image brings up a dialog for selecting the user image which offers a set of predefined images, as well as an option to use a webcam (if available), a simple drawing tool (such as MeMaker) or pick an image from the filesystem. Fine point: when showing the predefined faces, we should indicate which ones are already 'taken'. This dialog has not been mocked up yet. When creating a new user, it initially gets a randomly picked image from the predefined images (excluding those that are already used for a different user)
I don't think that's a good idea, as there are too many ways to unintentionally insult people by picking the wrong one, even colors can have bad connotations in some cultures ("Your @*§$"!§%" tool picked {a monkey, something green, ...} for my account, now I'll {have your guts, not do any business with you again, ...}!").
Or maybe we just make the business customers use the other frontend...
I think that point's valid enough for home users. Even if we ignore home/SMB use as a potential business market, we surely don't want to hurt users' feelings. I don't like having to jump through hoops to achieve that as much as anybody else, but I'd rather not pull a "Pajero"[1] if it can be avoided -- I recently read an article in the newspaper about clashes of cultures and it's amazing how things that are innocuous in one culture are offensive in another.
[1]: http://en.wikipedia.org/wiki/Mitsubishi_Pajero
Which makes "Show list of users" in the login settings kind of dead in the water, unless that list of users is somehow limited, e.g. to people who were logged into the system in a certain timeframe (e.g. since 4 weeks before the last successful login), and/or people who have been created on that system, ...
...which is pretty much exactly what the user list in the greeter already does.
That's nice. On account of not using LDAP/NIS/Kerberos on any of my systems (which have a gdm login screen), I wasn't aware of that it makes such a distinction. The last thing in that context I heard about was fast-user-switch-applet excessively burning CPU cycles to enumerate all NIS users (multiplied by a number of these applets running concurrently on a VNC/NX terminal server ;-), so I wanted to cover that bit.
Nils
On Fri, 2008-05-23 at 09:06 -0400, Matthias Clasen wrote: <snip>
At least for some SMBs (those who don't trust Google/Yahoo/... with their mails), a user mgmt tool should at some point (by way of a plugin or else) do exactly that, e.g. log into the company's cyrus-imapd and create a mailbox for the user. Maybe that's better suited for the enterprisey kind of user mgmt tool, however.
In fact, an earlier draft of the design had the idea of plugins for this kind of setup tasks. Maybe we'll have to revisit it. For the client-side email setup, I guess you could get 90% of the way there sabayon - just give the user a sabayon profile that has all the mail configuration set up except for the email address, that evolution can then pick up from the user service...
I'm not sure we should be having e-mail addresses, or even e-mail setup in the system (unless it was possible to do for sysadmins as a Python plugin, or something).
I have 6 e-mail addresses from different projects, some are aliases, some are different accounts, which would be too complicated to 1) present in the UI rationally, 2) setup without having people bored about the details when they're just trying to login.
It would make more sense, for the "this is my e-mail" to be able to call up evolution's addressbook to be able to enter parts of that information, or have a way to import the data from somewhere else (beam a vCard from your phone). MacOS X has that "that vCard is me" concept in the addressbook as well.
What we _could_ setup would be an GNOME Online Desktop login, that's been discussed previously for setting up a small storage, blog, etc. for single users, similar to .Mac. This would be less intrusive as a first step, but would certainly require more infrastructure.
Cheers
On Sat, 2008-05-24 at 00:29 +0100, Bastien Nocera wrote:
On Fri, 2008-05-23 at 09:06 -0400, Matthias Clasen wrote:
<snip> > > At least for some SMBs (those who don't trust Google/Yahoo/... with > > their mails), a user mgmt tool should at some point (by way of a plugin > > or else) do exactly that, e.g. log into the company's cyrus-imapd and > > create a mailbox for the user. Maybe that's better suited for the > > enterprisey kind of user mgmt tool, however. > > In fact, an earlier draft of the design had the idea of plugins for this > kind of setup tasks. Maybe we'll have to revisit it. > For the client-side email setup, I guess you could get 90% of the way > there sabayon - just give the user a sabayon profile that has all the > mail configuration set up except for the email address, that evolution > can then pick up from the user service...
I'm not sure we should be having e-mail addresses, or even e-mail setup in the system (unless it was possible to do for sysadmins as a Python plugin, or something).
That's roughly what I meant -- this would really only have a tangible benefit in multi user situations with homogenous email settings, e.g. a company where most users will have mail addresses that can be generated programatically ("username@domain.tld", "firstname.surname@domain.tld", ...), with known POP/IMAP/SMTP servers. Granted, "multi" may be as low as "2", for instance home user systems where you have one computer buff in the family who administrates the system.
Nils
Matthias Clasen wrote:
We (Jon McCann and myself, with some input from others) have been working on a design for a new user management tool, with the goal of coming up with something better than the current trias of system-config-users, gnome-about-me and gdmsetup.
The design is not finalized, you can see the current state of affairs here: http://people.redhat.com/mclasen/user-account3.pdf.bz2 (I really wanted to put this on the wiki, but all I could only get proxy errors when trying to do so).
Comments are welcome. Please note the section on target audience and use cases.
Matthias
Please add fields to set and change user and group IDs - they are important especially in an enterprise environment.
Am I right, that the "Login options" are not user specific? (No user is selected.) So please separate it from the users list and move it below the "Add"- and "Remove"-user buttons. Then it is more clear that you can not add and remove "Login options", but something in the list. BTW: I think it would be nice to give the list a description.
If you do not like the word "login", then you could use these two: "User Name" and "Full Name".
Thomas
On Mon, 2008-05-26 at 19:52 +0200, Thomas Woerner wrote:
Matthias Clasen wrote:
We (Jon McCann and myself, with some input from others) have been working on a design for a new user management tool, with the goal of coming up with something better than the current trias of system-config-users, gnome-about-me and gdmsetup.
The design is not finalized, you can see the current state of affairs here: http://people.redhat.com/mclasen/user-account3.pdf.bz2 (I really wanted to put this on the wiki, but all I could only get proxy errors when trying to do so).
Comments are welcome. Please note the section on target audience and use cases.
Matthias
Please add fields to set and change user and group IDs - they are important especially in an enterprise environment.
I think this tool is meant especially for not enterprisey environments, for such you can use s-c-users if you want a native GUI which lets you set them.
Am I right, that the "Login options" are not user specific? (No user is selected.) So please separate it from the users list and move it below the "Add"- and "Remove"-user buttons. Then it is more clear that you can not add and remove "Login options", but something in the list. BTW: I think it would be nice to give the list a description.
If you do not like the word "login", then you could use these two: "User Name" and "Full Name".
Sounds good to me.
Nils
Hi Mathias, hi all,
i miss always the possibility to import/export user and group settings from/to a file. I wrote for my own use a little python scripts that creates alls users, groups and smb shares.
It would be great, if your new tool support this.
Just my 2 cents,
Carsten
On 05/22/2008 07:59 PM, Matthias Clasen wrote:
Comments are welcome. Please note the section on target audience and use cases.
How is the account type intended to be used? One of the better things with Linux/Unix/etc. is the differentiation between "normal" users and the administrator, i.e. the root account. But I may be missing something obvious here?
/Lars
Well i think i know what you mean but you know you have to have those because of the fact that if you have kids or someone who not computer smart dosen't fuck the computer up. but hay you could just as easily do it at the normal acconts. Seeing it happen in windows vista.
Date: Tue, 10 Jun 2008 08:55:05 +0200> From: lars@homer.se> To: fedora-desktop-list@redhat.com> Subject: Re: A new user management tool> > On 05/22/2008 07:59 PM, Matthias Clasen wrote:> > Comments are welcome. Please note the section on target audience and use> > cases.> > How is the account type intended to be used? One of the better things > with Linux/Unix/etc. is the differentiation between "normal" users and > the administrator, i.e. the root account. But I may be missing something > obvious here?> > /Lars> -- > Lars E. Pettersson lars@homer.se> http://www.sm6rpz.se/%3E > -- > Fedora-desktop-list mailing list> Fedora-desktop-list@redhat.com> https://www.redhat.com/mailman/listinfo/fedora-desktop-list
_________________________________________________________________ It’s easy to add contacts from Facebook and other social sites through Windows Live™ Messenger. Learn how. https://www.invite2messenger.net/im/?source=TXT_EML_WLH_LearnHow
desktop@lists.stg.fedoraproject.org