%META:TOPICINFO{author="TWikiContributor" date="1158277691" format="1.1" version="6"}%
%STARTINCLUDE%
---+ Manage Users

_Register users on your TWiki site; change/reset/install passwords; remove user accounts_

%TOC%

%X% Some of the features below may be disabled, depending on your TWiki
configuration.

---++ Authentication and Access Control

   * TWikiUserAuthentication describes your options for user authentication
   * TWikiAccessControl describes how to define groups and how to restrict
     access to content

---++ Register User

You don't have to have user home pages in TWiki for Authentication to
work - see TWikiUserAuthentication for details.

   * TWikiRegistration is used when you want new users to individually
     register with TWiki by filling out a form
   * You can create a custom versions of %TWIKIWEB%.NewUserTemplate and
     %TWIKIWEB%.UserForm
   * BulkRegistration is used by administrators to register multiple users at
     the same time

---++ Change, Reset and Install Passwords

_Note that the below features are only relevant when you use an internal password manager where TWiki can set and reset passwords._

   * ChangePassword is for users who _can_ remember their password and want to
     change it
   * ResetPassword is for users who _cannot_ remember their password; a system
     generated password is e-mailed to them
   * BulkResetPassword if for administrators who want to reset many passwords
     at once
   * ChangeEmailAddress changes the hidden email address stored in the password
     file

---++ Changing User Account Names

To change the user's WikiName:
   * Rename the user's TWiki homepage in the %MAINWEB% web, such as
     from =JaneSmith= to =JaneMiller=.
      * Fix backlinks in the %MAINWEB% web only
      * Make sure the group topics are updated (if any.)
   * Edit the [[%MAINWEB%.TWikiUsers]] topic and move the user's entry so
     that the list is in proper alphabetical order.
   * Recreate the old topic with a pointer to the new topic, so that links
     in other webs work properly. Example content:%BR%
     =%<nop>M% Jane Smith is now known as !JaneMiller=

If external authentication is used and you want to change the login name:
   * The login name needs to be changed in the authentication server (e.g.
     Active Directory)
   * In TWiki's [[%MAINWEB%.TWikiUsers]] topic, fix the mapping from
     login name to WikiName:%BR%
     =&nbsp;  * !JaneSmith - jsmith - 13 Sep 2006= %BR%
     to: %BR%
     =&nbsp;  * !JaneMiller - jmiller - 13 Sep 2006=

---++ Removing User Accounts

To remove a user account (<nop>FredQuimby, who logs in as "fred"):

   1 If you are using a =.htpasswd= file, edit the =.htpasswd= file to
     delete the line starting =fred:=
      * *Warning:* Do *not* use the Apache =htpasswd= program with
        =.htpasswd= files generated by TWiki! =htpasswd= wipes out email
        addresses that TWiki plants in the info fields of this file.
   2 Remove the =FredQuimby - fred= line from the <nop>%MAINWEB%.TWikiUsers
     topic
   3 Remove =FredQuimby= from all groups and from all the
      =ALLOWWEB/ALLOWTOPIC...= declarations, if any.%BR% __Note:__ If you
      fail to do this you risk creating a security hole, as the next user to
      register with the wikiname Fred<nop>Quimby will inherit the old
      Fred<nop>Quimby's permissions.
   4 _[optional]_ Delete their user topic %MAINWEB%.<nop>FredQuimby
     (including attachments, if any.)

__Note:__ Consider leaving the user topic file in place so their past signatures and revision author entries don't end up looking like AnUncreatedTopic. If you want to make it clear the user is no longer around, replace the topic content with a note to that effect. The existance of the <nop>UserName topic should also prevent that user name from being re-used, sealing the potential security hole regarding inherited permissions..

__Related Topics:__ AdminDocumentationCategory
