• Recent
    • Unsolved
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login

    Access Control

    Scheduled Pinned Locked Moved
    General Problems
    4
    9
    1.3k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      NT_Tech
      last edited by

      It is REALLY important that we return to having some level of access control in FOG. In the early versions we could specify whether someone was a full or imaging only user. For years I have been able to let my student helpers reimage laptops whenever there was an issue with our 1:1 student laptops. Now, if I give them an account, they can do anything that I can do, including deleting images, making new users…

      FOG is not a single user system. We need to get back to at least an account that only allows deploying images from the PXE boot if nothing else.

      PLEASE re-add this functionality!

      Brian

      JunkhackerJ 1 Reply Last reply Reply Quote 0
      • JunkhackerJ
        Junkhacker Developer @NT_Tech
        last edited by

        @NT_Tech the mobile interface has been removed, and the “mobile only” user type can’t be made in the interface anymore, but, you can still create that type of user by directly entering it in the database. that user will only be able to use the PXE boot menu.
        i know this is not an ideal solution.

        signature:
        Junkhacker
        We are here to help you. If you are unresponsive to our questions, don't expect us to be responsive to yours.

        N 2 Replies Last reply Reply Quote 0
        • S
          Sebastian Roth Moderator
          last edited by

          @NT_Tech Have you looked into using the access control plugin yet?

          PLEASE re-add this functionality!

          Would you be willing to help us? If it’s not coding than maybe answering those many questions coming up in the forums day by day. That would free up some time for developers then.

          Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

          Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

          N 1 Reply Last reply Reply Quote 0
          • N
            NT_Tech
            last edited by

            Well that would certainly work. How would I enter a user directly into the database?

            I did try the AccessControl Plugin, which would work by simply taking away all items from the “imager” role, but it doesn’t seem to be working.

            1 Reply Last reply Reply Quote 0
            • N
              NT_Tech @Sebastian Roth
              last edited by

              @Sebastian-Roth I certainly would be willing to help with questions where I can. I have used FOG since .32 and love it. My students use it as well but someone recently deleted an image and I need to restrict their access so I don’t have to rebuild it again!

              Brian

              1 Reply Last reply Reply Quote 0
              • N
                NT_Tech @Junkhacker
                last edited by

                @Junkhacker I really miss the mobile interface! I used to use it whenever I had an issue around the district. I would not have upgraded had I known I was going to loose features…but I am there now. How do I manually add a user into the database? PHPMyAdmin?

                1 Reply Last reply Reply Quote 0
                • N
                  NT_Tech @Junkhacker
                  last edited by

                  @Junkhacker I am using PHPMyAdmin on FOG 1.54 (Ubuntu 16.04 Server) and if I make a user manually the PXE Boot does not allow me to use it to image. I keep getting Invalid Logon.

                  1 Reply Last reply Reply Quote 0
                  • N
                    NT_Tech
                    last edited by

                    OKAY…I “kind of” solved my issue. If you go into the database and change the uType on an account from 0 to 1, then that user cannot delete anything. I was more concerned about that than anything else. I had hoped a type 2 could image and not access the GUI (mobile user) but then the user cannot image at all. But I am 1/2 way there.

                    Maybe the Access Control will be fixed for 1.54 and I can try it again. I am beginning to regret updating past 1.3…but the past is the past.

                    Brian

                    Tom ElliottT 1 Reply Last reply Reply Quote 0
                    • Tom ElliottT
                      Tom Elliott @NT_Tech
                      last edited by Tom Elliott

                      @NT_Tech Access control is a plugin now which has much more use than the “mobile” vs “non-mobile” account.

                      FOG was indeed a single user system, from it’s original startup. The only thing that kind of made things different was the mobile interface.

                      I want you to understand, mobile interface was it’s OWN element from the main interface. This meant having to update two GUI platforms to ensure all functionality was maintained. When moved to a single interface that could do both mobile and full screen usages, I removed the “mobile only” user type.

                      I want to stress, while it wasn’t necessarily intuitive, even in 0.32 a “mobile only” user had exactly the same level of usage as the full admin users. The GUI access was limited and didn’t allow a mobile only user to see anything, but a mobile user could delete items, change things, etc… if they knew the url pathing and calls. They couldn’t see it, but it was not “limited” in the way you thought it was. As the access control plugin was created and managing a single interface made updating and keeping things in a more testable and common way, I decided to remove the “mobile only” option. This was not intended to hurt people who were using the element, but rather there were better things in place that did far better at controlling the scope of things and in a more granular and appropriate fashion.

                      Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

                      Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                      Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                      1 Reply Last reply Reply Quote 2
                      • 1 / 1
                      • First post
                        Last post

                      183

                      Online

                      12.0k

                      Users

                      17.3k

                      Topics

                      155.2k

                      Posts
                      Copyright © 2012-2024 FOG Project