LDAP

Server data

Load members into LDAP.
Set passwords manually for selected users.
Connect homepage/Drupal to the LDAP server.
Create a password (re)set service.
Load the users of the wiki into LDAP (we need to see if the MediaWiki password hashes has can be transported to LDAP)
Connect MediaWiki to LDAP
Start connecting the space-desktops to LDAP

To add users to the LDAP "members" group there is an automated process that will receive the complete list of members and do the following:

To use this process, the maintainer of the official list (Normally: The Treasurer) will have to do the following:

Generate a JSON file with all of the space members (anyone not in the list, will not be a member in the LDAP anymore). Format example: https://github.com/chotee/memberizer/blob/master/memberizer/test/test_members.json
Encrypt and sign the resgpg --sign --encrypt --recipient D2ABFD78 members.jsonulting file. It needs to be encrypted with the memberizer public key [0xF71A39FFD2ABFD78]

 $ gpg --sign --encrypt --recipient 0xF71A39FFD2ABFD78 members.json

Copy the encrypted file via scp to the /var/spool/members directory on armitage.techinc.nl .

 $ scp members.json.gpg armitage.techinc.nl:/var/spool/members

Memberizer will send an email to the emailadres of the member that signed the members file with a summary of the changes.

The code that runs this is available for review at https://github.com/chotee/memberizer

(this needs to be done once for each person able to update the member list)

Create a user for this authorized-member on armitage
Add this user to the memberizer group on armitage
As the memberizer user add the public key of the authorized-member to the GPG keyring and (after verifying the fingerprint) trust it in the keyring.
Edit the /home/memberizer/memberizer/config.json file and add the fingerprint of this key to the signer_ids list.
Restart memberizer with supervisorctl for the changes to take effect:

 # supervisorctl restart memberizer