diff options
Diffstat (limited to 'docs/PEOPLE_PLAYBOOK.md')
| -rw-r--r-- | docs/PEOPLE_PLAYBOOK.md | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/docs/PEOPLE_PLAYBOOK.md b/docs/PEOPLE_PLAYBOOK.md new file mode 100644 index 0000000..2eb468b --- /dev/null +++ b/docs/PEOPLE_PLAYBOOK.md @@ -0,0 +1,19 @@ +obviously, don't let people have usernames that would conflict with anything internal (i.e. "email", "infra*", etc.) and are only alphanumeric + +```sh +kanidm login --name idm_admin +kanidm person create --name idm_admin <username> "<display name>" +kanidm person credential create-reset-token <username> --name idm_admin + +# allow them to set a unix/ldap password +kanidm person posix set --name idm_admin <username> +kanidm person posix set --name idm_admin <username> --shell /bin/zsh + +# give them email access (need unix access) +kanidm person update <username> --legalname "<display name>" --mail <username>@hatecomputers.club +kanidm group add-members mail <username> +``` + +groups you'll probably want to add people: ++ gitea-access ++ mail |