# Manage Users _Register users on your TWiki site; change/reset/install passwords; remove user accounts_
%X% Some of the features below may be disabled, depending on your TWiki configuration. ## Authentication and Access Control - [[TWikiUserAuthentication]] describes your options for user authentication - [[TWikiAccessControl]] describes how to define groups and how to restrict access to content ## Register User You don't have to have user home pages in TWiki for Authentication to work - see [[TWikiUserAuthentication]] for details. - [[TWikiRegistration]] is used when you want new users to individually register with TWiki by filling out a form - You can create a custom versions of [[NewUserTemplate]] and [[UserForm]] - [[BulkRegistration]] is used by administrators to register multiple users at the same time ## Change, Reset and Install Passwords _Note that the below features are only relevant when you use an internal password manager where TWiki can set and reset passwords._ - [[ChangePassword]] is for users who _can_ remember their password and want to change it - [[ResetPassword]] is for users who _cannot_ remember their password; a system generated password is e-mailed to them - [[BulkResetPassword]] if for administrators who want to reset many passwords at once - [[ChangeEmailAddress]] changes the hidden email address stored in the password file ## Changing User Account Names To change the user's [[WikiName]]: - Rename the user's TWiki homepage in the Main web, such as from `JaneSmith` to `JaneMiller`. - Fix backlinks in the Main web only - Make sure the group topics are updated (if any.) - Edit the [[Main.TWikiUsers|Main/TWikiUsers]] topic and move the user's entry so that the list is in proper alphabetical order. - Recreate the old topic with a pointer to the new topic, so that links in other webs work properly. Example content:%BR% `%M% Jane Smith is now known as JaneMiller` If external authentication is used and you want to change the login name: - The login name needs to be changed in the authentication server (e.g. Active Directory) - In TWiki's [[Main.TWikiUsers|Main/TWikiUsers]] topic, fix the mapping from login name to [[WikiName]]:%BR% `   * JaneSmith - jsmith - 13 Sep 2006` %BR% to: %BR% `   * JaneMiller - jmiller - 13 Sep 2006` ## Removing User Accounts To remove a user account (FredQuimby, who logs in as "fred"): 1. If you are using a `.htpasswd` file, edit the `.htpasswd` file to delete the line starting `fred:` - **Warning:** Do **not** use the Apache `htpasswd` program with `.htpasswd` files generated by TWiki! `htpasswd` wipes out email addresses that TWiki plants in the info fields of this file. 2. Remove the `FredQuimby - fred` line from the Main.TWikiUsers topic 3. Remove `FredQuimby` from all groups and from all the `ALLOWWEB/ALLOWTOPIC...` declarations, if any.%BR% **_Note:_** If you fail to do this you risk creating a security hole, as the next user to register with the wikiname FredQuimby will inherit the old FredQuimby's permissions. 4. _[optional]_ Delete their user topic Main.FredQuimby (including attachments, if any.) **_Note:_** Consider leaving the user topic file in place so their past signatures and revision author entries don't end up looking like [[AnUncreatedTopic]]. If you want to make it clear the user is no longer around, replace the topic content with a note to that effect. The existence of the UserName topic should also prevent that user name from being re-used, sealing the potential security hole regarding inherited permissions.. ## Customizing registration Emails. TWiki's Registration can send 3 emails who's output is governed by templates: 1. User registration confirmation - `templates/registerconfirm.tmpl` 2. User registration notification - `templates/registernotify.tmpl` 3. Email to notify the TWiki admin of registration - `templates/registernotifyadmin.tmpl` As these are [[TWikiTemplates]], they can be customized and selected using the SKIN path setting. Because there are default tmpl files in the `templates` dir, this cannot use Template topics. These template files have a specific format that matches the raw format of emails sent via SMTP, so be careful and test your changes. It is easiest to start by copying the default templates: cd twiki/templates cp registernotify.tmpl registernotify.myskin.tmpl cp registerconfirm.tmpl registerconfirm.myskin.tmpl cp registernotifyadmin.tmpl registernotifyadmin.myskin.tmpl then add `myskin` to the beginning of the `SKIN` setting in [[TWikiPreferences]]. From this point on, your myskin templates will be used for the registration emails. To make it possible for [[TWikiUsers]] to modify the email contents, you could use a parameterized `%INCLUDE%` statement in your customized version. eg: From: %WIKIWEBMASTERNAME% <%WIKIWEBMASTER%> To: %FIRSTLASTNAME% <%EMAILADDRESS%> Subject: %MAKETEXT{"[_1] - Registration for [_2] ([_3])" args="%WIKITOOLNAME%, %WIKINAME%, %EMAILADDRESS%"}% MIME-Version: 1.0 Content-Type: text/plain; charset=%CHARSET% Content-Transfer-Encoding: 8bit %INCLUDE{ "Main.RegistrationNotification" WIKINAME="%WIKINAME%" FIRSTLASTNAME="%FIRSTLASTNAME%" EMAILADDRESS="%EMAILADDRESS%" }% - **_note the use of %WIKINAME%, %FIRSTLASTNAME%, %EMAILADDRESS% passed in from the INCLUDE so that the topic below is similar to the original template_** and then create a topic Main.RegisterNotifyEmail: Welcome to %WIKITOOLNAME%. %MAKETEXT{"Your personal [_1] topic is located at [_2]. You can customize it as you like:" args="%WIKITOOLNAME%, %SCRIPTURL{"view"}%/%USERSWEB%/%WIKINAME%"}% * %MAKETEXT{"Some people turn it into a personal portal with favorite links, what they work on, what help they'd like, etc."}% * %MAKETEXT{"Some add schedule information and vacation notice."}% Regards %WIKIWEBMASTERNAME% Your TWiki Admin %MAKETEXT{"Note:"}% 2 %MAKETEXT{"You can change your password at via [_1]" args="%SCRIPTURL{"view"}%/%SYSTEMWEB%/ChangePassword"}% 3 %MAKETEXT{"If you haven't set a password yet or you want to reset it, go to: [_1]" args="%SCRIPTURL{"view"}%/%SYSTEMWEB%/ResetPassword"}% %MAKETEXT{"Submitted content:"}% %FORMDATA% - **_remember to secure the topic appropriately to prevent attackers from getting emailed sensitive passwords._** **_Related Topics:_** [[AdminDocumentationCategory]]