From: Mark H. <mi...@mi...> - 2004-06-25 17:35:54
|
> Wow, this is a great release, does almost everything we need now. > Thanks so much. Wow.. lots of praise, and a wow to boot :) Thanks! > The print friendly stylesheet is a godsend, the deleted > site and user bugfixes are as well. Really our only issue left with > HelpmeICT is our email not functioning (which is a local box issue and I > haven't had the time to solve), and perhaps a finer security model for > user access. Oh and the LDAP patch is actually where we want to be > heading so good work on that :). All in all very impressive. Any suggestions as to how the security model could be improved are welcome. I'm assuming this would be things like limiting the sections certain users/user classes can view - e.g. stop certain users from being able to view reports, or limiting specific users in other ways. A section like this would also allow domain administrators (for example) to mark specific users as being able to receive new unassigned issues to the email set in the users' details (a capability not currently present in 0.9, but something I want to add eventually). As for the LDAP authentication, my workplace is currently undergoing a transition to LDAP as a central authorisation server for pretty much every service we have, including the helpdesk system (in the later stages of the transition). One we have learnt the pitfalls of moving to LDAP and found the 'right' way of doing things, full LDAP support will be added to the helpdesk. Currently, usernames and passwords can be validated via LDAP, but the users still have to be added manually and password changes made by users in the helpdesk do not come into effect. Hopefully a much saner way (where at least the username, password, full name and email are retrieved from the LDAP database, probably with some form of caching) will be able to be implemented in a future version. As always, suggestions are welcome, especially if anybody has done something like this with LDAP before. Mark -- -=<[ Mark Harrison ]-[ Email/Jabber: mi...@mi... ]>=- -=<[ Web: http://www.mivok.net ]=- |