|
Grex > Coop > #299: Discussion of newuser. | |
|
| Author |
Message |
| 25 new of 85 responses total. |
rcurl
|
|
response 12 of 85:
| 
Dec 2 19:39 UTC 2010 |
How would all that information be used?
|
cross
|
|
response 13 of 85:
|
Dec 2 19:44 UTC 2010 |
resp:12 What information are you referring to, specifically? Right
now, the stuff we ask for get's put into the user's .plan file. Well,
the email address gets used to email the user their new password. The
only other real use is for resetting passwords if the user forgets:
traditionally, this was done via an emailed request; if the user's
plan is private, but has information that could be used to verify the
user's identity in it, then staff could look at that and ask the user
a question based on it to get at least some idea that they are who
they say they are. Of course, if the request comes from the email
address the user used to register, then that's not really necessary.
|
kentn
|
|
response 14 of 85:
|
Dec 2 23:35 UTC 2010 |
I'd rather we didn't complicate this newuser process. It's not about
how much information we can collect or about customizing the information
we collect. It's about collecting less information and making the
process of creating an account simpler and faster.
In my opinion, if we do ask for optional information, it's good if we
do it directly. Then people can ignore what they don't want to have
appearing on their accounts.
|
veek
|
|
response 15 of 85:
|
Dec 3 00:27 UTC 2010 |
resp:12 nope, darn - me unclear:
1. Strip newuser to the barest minimum.
2. If the user decides to do the mkhomepage/mkplan routine, then ask him
for stuff - meanwhile highlight the cool home-pages bit in motd and on
the site
|
cross
|
|
response 16 of 85:
|
Dec 3 00:50 UTC 2010 |
resp:14 Is it really complicated right now?
Has anyone run newuser recently?
I must admit, I'm patently confused about what people want here. Are we
stripping things out of newuser or not? What *should* be there? Can we
get a concrete list?
|
kentn
|
|
response 17 of 85:
|
Dec 3 01:45 UTC 2010 |
When I took a look at the web newuser it was the usual questions about
all the details and settings, so yes, somewhat complicated. I realize
it isn't complicated for anyone who has set up a Unix acount before, but
for the uninitiated it can be quite complex and confusing. And time
consuming. If this extra information is not needed for people who want
to access Grex via the web, I'd question the value of collecting it.
I'd probably strip it back to full name, login id, password, optional
telephone number and optional e-mail address, assuming we can use some
default values for the other information like shell, terminal type,
backspace key, etc. I'd be interested to hear what others think of this
idea.
I tried to run the web newuser on Nov 22 and it failed. The command
line newuser was successful. Has there been a change to the web newuser
so that it actually creates an account? If so, this should be announced
and it would be good if we said something about it on our web page.
I see it still errors out today:
Your application for an account on Grex has not been processed due to a
system problem.
* Could not access directory /usr/noton/nu/
Sorry. This system error has been logged and will be addressed by our
staff. Please, try again later.
I'd say we probably want at least the Board to hear about this. We can
discuss at our next meeting, unless we all think it's a good idea to do
it now. What do the rest of staff think?
|
cross
|
|
response 18 of 85:
|
Dec 3 02:09 UTC 2010 |
resp:17 We seem to be talking at cross-purposes.
I haven't written the new web newuser yet; the one that's current
there is the old broken one. It has not been streamlined, or even
changed in any way in the last couple of years; perhaps longer.
I'd like to get to the new one soon, but I've got other things going
on in life than just Grex, and I've been devoting a lot of time to
Grex lately and it's been interfering with some of the things that
I've got to get done.
So what I'm saying is, give me a little more time to get that up
and running; what's running *on the web* is not currently representative.
When I'm saying "try newuser", I mean the one runs when one logs in as
"newuser" on grex using SSH or telnet.
>I'd probably strip it back to full name, login id, password, optional
>telephone number and optional e-mail address, assuming we can use some
>default values for the other information like shell, terminal type,
>backspace key, etc. I'd be interested to hear what others think of this
>idea.
We need the email address to email the password to the user. Newuser
generates a password and emails it to the user.
You don't need to set defaults for:
* terminal type
* backspace key
The terminal emulators and connection programs and tset figure that stuff
out these days. The user gets to pick a shell once they get validated or
verified.
>I tried to run the web newuser on Nov 22 and it failed. The command
>line newuser was successful. Has there been a change to the web newuser
>so that it actually creates an account? If so, this should be announced
>and it would be good if we said something about it on our web page.
No, there's been no change.
>I'd say we probably want at least the Board to hear about this. We can
>discuss at our next meeting, unless we all think it's a good idea to do
>it now. What do the rest of staff think?
This is where I'm confused. What do you want the board to hear about?
What are we discussing, exactly? I really need a clear, concise answer
to this to know what direction to head in on this.
|
kentn
|
|
response 19 of 85:
|
Dec 3 02:17 UTC 2010 |
It's a relatively significant change to an application that's been in
place for eons, so keeping the Board and the rest of staff in the loop
would be good, I think. It's also good to get multiple opinions on your
question of what exactly needs to be asked by newuser. We don't usually
get opinions from many people in coop.
Anyway, I understand about other priorities, so don't feel you need to
attend to Grex constantly. I see the error I got out of the web newuser
was different than the one I had on Nov 22, so something maybe changed.
It doesn't look like it's too far off from working if the most recent
message is accurate.
In the short term, what we need is to have the web newuser working as it
used to, using the old program. If that's easy to do, great, it'll give
us more time to hash out the details of any changes. If not, then we'll
just have to be patient.
|
cross
|
|
response 20 of 85:
|
Dec 3 02:58 UTC 2010 |
Actually, I think the short term solution is to get the new one written. The
code that's there now is, well, complicated and confusing and very, very old.
|
kentn
|
|
response 21 of 85:
|
Dec 3 03:12 UTC 2010 |
Looks like /usr/noton/nu doesn't exist so that's why I got that error.
But if the new one is easier to get in place and it works, that might be
better (and more maintainable).
|
rcurl
|
|
response 22 of 85:
|
Dec 3 04:53 UTC 2010 |
Re #13: "What information are you referring to, specifically?"
The info listed in #10. We don't think weneed to do a demographic study
on all newusers.
|
kentn
|
|
response 23 of 85:
|
Dec 3 15:23 UTC 2010 |
Here's what I see we need to do, in order of priority:
1. Get the web newuser working. If that means getting it working
as it did when it was last working, with all the questions and
technical stuff, so be it. Not having it working at all is more of
a harm to us than a complicated new user process.
2. Simplify the web newuser. From what I've seen we should be able to
do this if we have a working web newuser and just use some default
values or no values for options, for the things we're no longer
asking (in the data submitted from the web page). If this is not
the case, speak up.
The "how" (or "how much") to simplify is one of those consensus
questions we get from time to time. Let's give the Board and Staff
and the rest of the users some time to weigh in. Perhaps they see
other issues with any simplification proposal. If we hear nothing
in a reasonable amount of time (e.g. 1 week), I'll assume no one
has an objection. Then let's simplify it and see how it works out.
Let me know if you see issues with this process (such as it's more work
to re-do the web newuser or web page to simplify it than it is to just
take the time to simplify all of it now). We can adjust accordingly.
(I've also e-mailed staff and board with a summary of what we're talking
about in this item).
|
cross
|
|
response 24 of 85:
|
Dec 3 15:51 UTC 2010 |
resp:23 I've got to be honest. I *really* think you're making it too
complicated, and involving too many hands into the pot. Consensus is
great, but Grex is riddled with inaction because people wait and wait
for consensus that never comes. And most of the time, it's for
inconsequential things that people just don't care about. Whether we
ask for somebody's hobbies or not is probably one of those things.
People will debate endlessly about it, but in the end, I really doubt
that anyone here *really* cares.
Web newuser has been broken for several years; if it's down for
another week, the world won't stop turning. Let's just decide what
questions we want to ask and program to that. It'll be less work to
do it all now as a unit than to fix the terrible code that's there now
and then change it down the road.
|
kentn
|
|
response 25 of 85:
|
Dec 3 16:21 UTC 2010 |
I understand your point of view, Dan. Maybe it's time to not try so
hard for a consensus or the involvement of others and just get things
done. From what I've seen, generally, the people who care have little
or no interest in actually making things happen, so I'm tempted to just
say "do it this way" and let the chips fall where they may.
|
slynne
|
|
response 26 of 85:
|
Dec 3 17:36 UTC 2010 |
I am all for getting things done. If I ever make a stink about
something, please feel free to refer me back to this post ;)
|
cross
|
|
response 27 of 85:
|
Dec 3 18:25 UTC 2010 |
resp:25 Thanks, Kent. Don't get me wrong, consensus is good, but it's
also this community's achillies heel.
resp:26 Quick! Someone upload slynne's post to wikileaks!
|
rcurl
|
|
response 28 of 85:
|
Dec 3 21:24 UTC 2010 |
Re #27: "consensus is good, but it's also this community's achillies
heel". No kidding. I won't participate on boards of organizations that
do things by consensus. I'm a "straight up and down vote" person (with
Roberts Rules.....).
|
remmers
|
|
response 29 of 85:
|
Dec 4 21:04 UTC 2010 |
Re resp:20 - "Actually, I think the short term solution is to get the
new one written. The code that's there now is, well, complicated and
confusing and very, very old."
I quite agree. Web newuser is around 2400 lines of C source code, and
the TTY-based newuser around 5700, code that nobody currently active on
Grex had anything to do with writing. Wading through that to fix
problems, when a new TTY newuser is already in place and a new web
newuser shouldn't be far behind, strikes me as not worth the effort.
|
kentn
|
|
response 30 of 85:
|
Dec 4 22:06 UTC 2010 |
Having code that is easier to maintain is a plus, I think. I know from
personal experience that wading through someone else's code can be a
lot of effort depending on how it is written. Sometimes, it's easier
to start from scratch, and faster than trying to fix old code that is
confusing.
|
cross
|
|
response 31 of 85:
|
Dec 5 01:05 UTC 2010 |
resp:29 Agreed.
resp:30 The new newuser needs some cleanup, but overall, I think it's a lot
less crufty than the old newuser.
|
tsty
|
|
response 32 of 85:
|
Dec 9 17:40 UTC 2010 |
re 18 ... uhhhhh....
We need the email address to email the password to the user. Newuser
generates a password and emails it to the user.
let;s not do that .... struturally it;st not a good idea.
keep resh and with the modificatoins./clarifications that validationg is goign
to require email -exchange- with someone staff/board on grex.
i.e.. after crateing an acount (and the laert in newuser that
other-email-addrs is needded for validation) a validationg rqeust can be sent.
sent by the newuwer from (possibly other-email-addrs) or frm grex-email,
whichever.
emaikling passwds makes me puke.
|
kentn
|
|
response 33 of 85:
|
Dec 9 18:04 UTC 2010 |
What's not a good idea about mailing the password? This isn't the
Pentagon or anything. We've talked about an an offsite e-mail address
being more or less required, as in automatically send the user an
e-mail and they can respond and be validated. It also gives us contact
information if there are other issues (including forgotten password).
I suppose we could require the password be changed when they first
log in. Or at least, suggest strongly that they do so in the e-mail
we send.
|
cross
|
|
response 34 of 85:
|
Dec 10 03:06 UTC 2010 |
resp:32 Why?
resp:33 Resh requires the new user to change their password the first
time they login. Actually, it requires them to change whenever there's
a certain file in their home directory.
|
kentn
|
|
response 35 of 85:
|
Dec 10 04:35 UTC 2010 |
Okay, then, sounds like we're in good shape.
|
tsty
|
|
response 36 of 85:
|
Dec 10 06:29 UTC 2010 |
first of all .... about emailing passwdds... whe a newuser cone here she/he/it
creates a passwd.
wtf is wrong with that? notiohing.
second, the balidation is a time dalya, eveninfit is 30 secs.
third. hte eamil to the newuser may ot be read (or it might og iotn some spam
foledre) and be unknown for monthsl. (rt stuff is expeirience as is ... my
emaoil)..
i ahve validated .. well tried to valisdate ... reaped loginds .. which
prompted me ... a wheil aago ... to ask aobut hte reapo preocedure. wheat
i had to send was "well create your loginid AGAIN .. and i wiell validate"
fourth .. a passwd distting around for a whiel is STUPID (imnsho) wheich is
also different from the newuser's orogianl choice .. w t f ?
there is more but the above is enough, i think.
|