[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Help, Max users for a realm

To: jon-nad@post.guernsey.net (John & Nadine)
Subject: Re: Help, Max users for a realm
From: jproy@world.std.com (John P Roy)
Date: Fri, 9 Jan 1998 16:31:20 -0500 (EST)
Cc: pi3-users@johnroy.com
In-Reply-To: <3.0.1.32.19980106065854.0086f470@post.guernsey.net> from "John & Nadine" at Jan 6, 98 06:58:54 am

> 
OK - Sorry this took a few days,
> I am configuring PI3 for the first time, beta 4 on windows 95, and I have
> created a realm for access, however, once I reach 100 users in total in all
> realms the program cannot load the config file after 100 - Is this a
> physical limit and is their a work around ?
> 
> Also, how would I create two levels of access, say one to the root and no
> further down, and 2 for the whole site, this is irrelevant if the 100 users
> is a physical limit, however, the way I see it a the moment is that I
> create another realm OK, but have to re-enter all the passwords again, with
> a lot of users this is a monumental task - any tips
^^^
The problem here is bugs. EnhPi3.exe (the windows GUI) did not
use an optimal syntax when it writes the file Conf\Config.pi3 this
means that load fails at about 100 users. The next version will
hopefully have this fixed, in the meantime there is a workaround
and I just tested it with beta 4 to 12,000 users.

You've got to modify the file Conf\Config.pi3 with a text editor
and play with it a bit. In essence find the line that causes the
server to authentication your realm.

<Object>
	...
	CheckAuth BasicAuth Realm="MyRealm" \
		Base64="ZGY6ZGY=" \
		Base64="ZGY8ZGY=" \
		Base64="ZGYkZGY=" 
	...
</Object>
This uses line continuation to put all users (base64 encoded)
on the one line (smart eh?). You can express the same thing using
this alternate approach.

Add a new object:
<Object>
	Name BasicAuth_MyRealm
	Class BasicAuthClass
	Base64 "ZGY6ZGY=" 
	Base64 "ZGY8ZGY=" 
	Base64 "ZGYkZGY=" 
</Object>

Then change the CheckAuth line to
<Object>
	...
	CheckAuth BasicAuth_MyRealm
	...
</Object>

Now in terms of the multiple entry of the same users, again you
can modify Conf\Config.pi3 to avoid reentering every name, ultimately
the concept of a 'group' of users should solve this problem but
that is not there now.

Use the following snipets of information to develop a solution
that suits you. 

- The admin GUI generates a base64 encoding of usernames and passwords
by running the pattern "username:password" thru a base64 algorithm. You
can have the admin GUI generate this or you can use a CGI program that
will be included in the next version

- For a realm "MyRealm" the admin GUI saves the usernames and
passwords in the file Conf\Config.pi3 for its own reference at the
end in the form
#+++---AD Section Start, Do not Modify:__MyRealm
#Base64:ZGY6ZGY=
#+++---AD Section End---+++
You can copy users from one realm to another easily by copying
the lines starting with #Base64:... when you restart the admin
GUI it will look like all the users were entered manually. You will
need to change something trivial (to enable the Apply button) then
apply changes to have the server pick up the changes.

- You can use the syntax used to overcome the 100 users bug to
modify lines loaded by the server (lines starting with # are
ignored by the server) to customize groups of users and avoid
the GUI completely.

Sorry this is pretty messy, when the bugs get fix this 
will be better - in the meantime these approaches can be users
to overcome the problems.

Hope this helps,
John

> 
> John
>

Prev by Date: Help, Max users for a realm
Next by Date: Win NT 4.0 Server w/IIS 4.0
Prev by thread: Help, Max users for a realm
Next by thread: Re: found problem
Index(es):
- Date
- Thread