Posted on: 11/21/01 06:25am
By: Anonymous (Anonymous)
Does anyone have advice about using GeekLog in a public school setting? I'm thinking about using it as an intranet and school newspaper for our 6th through 12th grade schools. I'm worried about some of our students ruining the comments system for everyone (e.g. how do I handle kicking abusers off the system if they can just make a new account (perhaps with a Hotmail account) anyway?)
All success and horror stories are appreciated!
Go for it...
Posted on: 11/21/01 09:07am
By: Tony
Generally speaking Geeklog is very capable of serving a public school setting. If you are really worried about users abusing the comments here are a couple simple things you can do:
1) turn off anonymous postings. This will force users to login making it a bit easier to identify any abusers
2) really make use of the censorship features. In config.php you can add all the words that aren't acceptable in a school setting so they are replaced with something like *censored*
3) what the Geeklog access.log. I'm not sure off-hand if this is works this way yet but it should. Everytime Geeklog users log in we should log the username and IP to access.log. If it doesn't already do this, when the offending user does post something you *should* be able to pull the IP from the sessions table (assuming it hasn't expired).
Would that be enough for your needs?
Go for it...
Posted on: 11/21/01 10:07am
By: Anonymous (Anonymous)
Unfortunately, no. I need to be able to be
sure that there is a one-to-one
relationship between users and
usernames. For example, as far as my
testing has shown, GeekLog would
currently allow situations like this to
occur:
1) Student is kicked off GeekLog for good
reasons. Student creates new login
using the same email account.
2) Student is kicked off GeekLog for good
reasons. Student goes to Hotmail.com
and makes a new email address.
Student uses that address to register for
a new GeekLog account.
3) Student is kicked off GeekLog. A friend
allows him/her to use their email
address. That student then registers for
a new account using their friend's email
address.
The way that I see it, I need the following
two things added. I could be wrong, so
please correct me if I overlooked
something.
1) _Only_ <username>
@schooldomain.org can
register for GeekLog accounts. All email
addresses that try to register for a
GeekLog account that do not end in this
domain are rejected. (Preferably at the
web interface so that feedback is
immediate.)
2) Only one GeekLog account may be
held by a given email address at a time.
I could see why these would be
configuration options, of course. For out-
of-the-box defaults, GeekLog could use
something like "+\@.+\..+" for account
registration requirements and set the
multiple-accounts-per-email setting on by
default. That will let other GeekLog users
continue to use it without a problem. But I
(and people in my situation) could still
run an effective BBS, intranet, school site,
etc. by changing these variables.
I hope that made sense.
- Jaime
LDAP authentication?
Posted on: 11/21/01 12:13pm
By: Anonymous (Anonymous)
This makes me really wonder if one
could configure geeklog to use other
authentication methods, e.g. LDAP, NIS.
And in addition, tell geeklog to first look in
LDAP and then in the geeklog user
databaese or only look in LDAP. This
would be ideal for controlling access to
geeklog (e.g. geeklog in public school).
--
Marc
LDAP authentication?
Posted on: 11/23/01 10:23pm
By: Anonymous (Anonymous)
That's easy; in my school we have accounts already set-up in the network, Hence; basically you could have the admin create the accounts for the children.
Go for it...
Posted on: 11/26/01 12:56pm
By: Tony
well of the two things you need to take care of, the second one is already done. You can't create multiple accounts with the same email address.
With that said, the only immediate change you need is you want to be able to ensure email addresses submitted for new accounts are from a specific domain.
This is what I'd call a custom hack and I'd be willing to add it for you when I get around to it (right now installation scripts are top priority). My hunch is I'd wait for the first post 1.3 release to add it. If you can wait that long great...if not email and we'll see if we can't work something out.
LDAP authentication?
Posted on: 11/26/01 01:04pm
By: Tony
I'd be happy to help someone add LDAP/NIS authentication support but unfortunately I don't know what would be involved. If someone ones to help me implement this then let me know otherwise it will probably stay unimplemented for the foreseeable future.
Go for it...
Posted on: 10/23/02 10:20am
By: etam
Has this been done yet?
This is what I am looking to do.
I would like to allow people from a specific domain to be able to create accts (ie intranet)
Thanks
Ed