You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@openmeetings.apache.org by Lee But <le...@gmail.com> on 2021/08/24 16:07:00 UTC
Registering on behalf of users - no confirmation email
Hello,
I turned off self-registering, and when I set up a user as admin, no
verification email is sent despite the key being set to true.
[image: image.png]
Also, the email that contains the user's account details does not contain
the password, nor a link to the openmeetings page, so they cannot log in.
Here's the message:
[image: image.png]
Thank you,
Lee
Re: Registering on behalf of users - no confirmation email
Posted by Ali Alhaidary <al...@the5stars.org>.
Yes :-)
Ali
On 8/25/21 5:52 AM, Maxim Solodovnik wrote:
> Hello Lee,
>
> this is by design
> these email settings are for self-registration only
> Password is not being sent for security reasons
>
> As workaround your users can click "Forget password"
> enter login/email and change the password
>
> We can add some additional setting to send email to newly created
> users with instructions above :)
> WDYT?
>
> On Tue, 24 Aug 2021 at 23:07, Lee But <leesenglishlessons@gmail.com
> <ma...@gmail.com>> wrote:
>
> Hello,
>
> I turned off self-registering, and when I set up a user as admin,
> no verification email is sent despite the key being set to true.
> image.png
>
> Also, the email that contains the user's account details does not
> contain the password, nor a link to the openmeetings page, so they
> cannot log in.
> Here's the message:
>
> image.png
>
> Thank you,
> Lee
>
>
>
> --
> Best regards,
> Maxim
Re: Registering on behalf of users - no confirmation email
Posted by Maxim Solodovnik <so...@gmail.com>.
Thanks!
got notification from JIRA :)
On Thu, 2 Sept 2021 at 14:02, Lee But <le...@gmail.com> wrote:
> Done: https://issues.apache.org/jira/browse/OPENMEETINGS-2658
>
> On Thu, Sep 2, 2021 at 6:11 AM Maxim Solodovnik <so...@gmail.com>
> wrote:
>
>>
>>
>> On Thu, 2 Sept 2021 at 11:27, Lee But <le...@gmail.com>
>> wrote:
>>
>>> 1) Perhaps there is no need for a new template, just make it possible
>>> for an admin-registered user to follow a link to log in.
>>> Yes, a password with registration is a bad idea.
>>> Which methods are available for a user to log in without knowing their
>>> password if not sent by the admin?
>>>
>>
>> "Forget password" link should work :))
>>
>> My bank sends verification codes via email, so I suppose there must be
>>> some way to use email securely.
>>>
>>
>> Better way to send password in separate email
>> OR even better send it to alternative email or via SMS/Push (different
>> channel)
>>
>> "Forget password" will do it :) (with hash in URL as temporary password
>> :))
>>
>>
>>> 2) I think the base url is enough, the same as the application.base.url
>>> key in configuration.
>>>
>>
>> OK
>> Could you please create JIRA:
>> https://issues.apache.org/jira/browse/OPENMEETINGS (you need to be
>> registered :)
>>
>>
>>>
>>> On Thu, Sep 2, 2021 at 3:33 AM Maxim Solodovnik <so...@gmail.com>
>>> wrote:
>>>
>>>> There is no such thing as temporary password
>>>>
>>>> From security perspective it is not good idea to send login and
>>>> password via same channel
>>>> And extremely bad idea to send them in same message
>>>>
>>>> I'm ready to add some changes to the registration template :)
>>>> Since email is being sent while registering
>>>>
>>>> 1) Do we need a separate template?
>>>> 2) Shall we add server URL to the current template?
>>>>
>>>>
>>>> On Sat, 28 Aug 2021 at 10:50, Lee But <le...@gmail.com>
>>>> wrote:
>>>>
>>>>> I was just thinking; does the template need a line with the temporary
>>>>> password in it?
>>>>>
>>>>> *Your temporary password is <password>. You should change it when you
>>>>> complete your registration.*
>>>>>
>>>>> On Thu, Aug 26, 2021 at 8:39 AM Ali Alhaidary <
>>>>> ali.alhaidary@the5stars.org> wrote:
>>>>>
>>>>>>
>>>>>> On 8/26/21 8:46 AM, Maxim Solodovnik wrote:
>>>>>>
>>>>>> I would call it: security issue :)
>>>>>> IMO such destructive action like purging user should be very much
>>>>>> secured ....
>>>>>>
>>>>>> Admins periodically review user list and remove old, not fully
>>>>>> registered or not verified users. Also, a user needs to remove his contact
>>>>>> information if the application keeps interacting with him by email for
>>>>>> example, however, OM does not do that.
>>>>>>
>>>>>>
>>>>>> On Thu, 26 Aug 2021 at 12:44, Lee But <le...@gmail.com>
>>>>>> wrote:
>>>>>>
>>>>>>> Isn't there a way to send an ID key in the invitation email that can
>>>>>>> automatically remove the record that matches the key. Or, match the email
>>>>>>> address?
>>>>>>>
>>>>>>> On Thu, Aug 26, 2021 at 5:36 AM Maxim Solodovnik <
>>>>>>> solomax666@gmail.com> wrote:
>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On Thu, 26 Aug 2021 at 12:18, Lee But <le...@gmail.com>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>> Hello Maxim,
>>>>>>>>>
>>>>>>>>> The <application.base.url> is just to point to the website that
>>>>>>>>> openmeetings is on so that the user can recognise it. Example, Maxim
>>>>>>>>> Solodonvik at www.openmeetings.apache.org has invited you to join
>>>>>>>>> their online meeting room(s).
>>>>>>>>> Perhaps, it would be better if the admin could create an
>>>>>>>>> 'organisation name' and have that in the invitation instead.
>>>>>>>>>
>>>>>>>>> The <URL>, would point directly to a page to change the password
>>>>>>>>> and complete registration.
>>>>>>>>>
>>>>>>>>
>>>>>>>> Well
>>>>>>>> Actually both URLs will be
>>>>>>>> https://om.alteametasoft.com/openmeetings/signin
>>>>>>>> This is why I'm asking :)
>>>>>>>>
>>>>>>>>
>>>>>>>>> What I mean by 'deregister' is to remove the information that the
>>>>>>>>> admin created: names, password and email address. That may not be clear.
>>>>>>>>>
>>>>>>>>> I suppose it could read, 'If you have received this invitation in
>>>>>>>>> error or do not wish to join the meeting room(s), please *click
>>>>>>>>> here* to deregister your information shown in this email.'
>>>>>>>>>
>>>>>>>>
>>>>>>>> As I wrote before
>>>>>>>> this is impossible without successful login
>>>>>>>> which impossible without "change the password and complete
>>>>>>>> registration"
>>>>>>>> So the footer looks useless to me :(
>>>>>>>>
>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Thu, Aug 26, 2021 at 4:59 AM Maxim Solodovnik <
>>>>>>>>> solomax666@gmail.com> wrote:
>>>>>>>>>
>>>>>>>>>> Thanks for the templates :)
>>>>>>>>>>
>>>>>>>>>> I'll do the following:
>>>>>>>>>>
>>>>>>>>>> 1) will create the key `send.invite.to.user.created.by.admin`
>>>>>>>>>> 2) will use "Formal version" to create the template
>>>>>>>>>> (you can modify it any time as described here
>>>>>>>>>> https://openmeetings.apache.org/EditTemplates.html)
>>>>>>>>>>
>>>>>>>>>> Couple of questions:
>>>>>>>>>> 1) why do we need both "<application.base.url>" and "<URL>"?
>>>>>>>>>> 2) why do we need this "If you have received this invitation in
>>>>>>>>>> error, please *click here* to deregister." footer? the only way
>>>>>>>>>> to de-register is to complete registration then to delete themselves ....
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Wed, 25 Aug 2021 at 20:39, Ali Alhaidary <
>>>>>>>>>> ali.alhaidary@the5stars.org> wrote:
>>>>>>>>>>
>>>>>>>>>>> Nice :-)
>>>>>>>>>>>
>>>>>>>>>>> Ali
>>>>>>>>>>> On 8/25/21 3:07 PM, Lee But wrote:
>>>>>>>>>>>
>>>>>>>>>>> Hello Maxim,
>>>>>>>>>>>
>>>>>>>>>>> Here are two templates. One is formal, the other informal. I
>>>>>>>>>>> think it would be useful for admins to view default templates and create
>>>>>>>>>>> their own invitations as well.
>>>>>>>>>>> possible keys could be:
>>>>>>>>>>>
>>>>>>>>>>> send.formal.invite.to.user.created.by.admin
>>>>>>>>>>> send.casual.invite.to.user.created.by.admin
>>>>>>>>>>> send.custom.invite.to.user.created.by.admin
>>>>>>>>>>>
>>>>>>>>>>> In the examples below, the name order could be swapped according
>>>>>>>>>>> to the language being used.
>>>>>>>>>>>
>>>>>>>>>>> *****************
>>>>>>>>>>> Formal version
>>>>>>>>>>>
>>>>>>>>>>> *****************
>>>>>>>>>>>
>>>>>>>>>>> Dear <firstName> <lastName>,
>>>>>>>>>>>
>>>>>>>>>>> <adminFirstName> <adminLastName> at <application.base.url> has
>>>>>>>>>>> invited you to join their online meeting room(s).
>>>>>>>>>>>
>>>>>>>>>>> To complete your registration and use the room(s), please visit
>>>>>>>>>>> the link below and create a strong password.
>>>>>>>>>>>
>>>>>>>>>>> <URL>
>>>>>>>>>>>
>>>>>>>>>>> Your username for logging in is <username>.
>>>>>>>>>>>
>>>>>>>>>>> Thank you for joining our meeting rooms.
>>>>>>>>>>>
>>>>>>>>>>> Best regards,
>>>>>>>>>>>
>>>>>>>>>>> <adminFirstName> <adminLastName>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> If you have received this invitation in error, please *click
>>>>>>>>>>> here* to deregister.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> *****************
>>>>>>>>>>> Casual version
>>>>>>>>>>>
>>>>>>>>>>> *****************
>>>>>>>>>>>
>>>>>>>>>>> Hi <firstName> <lastName>,
>>>>>>>>>>>
>>>>>>>>>>> <adminFirstName> <adminLastName> here from
>>>>>>>>>>> <application.base.url>. I’ve added you as a user to our online meeting
>>>>>>>>>>> room(s).
>>>>>>>>>>>
>>>>>>>>>>> To use the room(s), you need to complete your registration.
>>>>>>>>>>> Click the link below and create a strong password.
>>>>>>>>>>>
>>>>>>>>>>> <URL>
>>>>>>>>>>>
>>>>>>>>>>> Your username for logging in is <username>.
>>>>>>>>>>>
>>>>>>>>>>> Thanks for joining our meeting room(s).
>>>>>>>>>>>
>>>>>>>>>>> See you soon!
>>>>>>>>>>>
>>>>>>>>>>> <adminFirstName>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> If I’ve sent you this invitation by mistake, please *click here*
>>>>>>>>>>> to deregister.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On Wed, Aug 25, 2021 at 6:13 AM Maxim Solodovnik <
>>>>>>>>>>> solomax666@gmail.com> wrote:
>>>>>>>>>>>
>>>>>>>>>>>> Maybe you can help to create a template for such email (as
>>>>>>>>>>>> text) here? :)
>>>>>>>>>>>> and maybe propose a configuration key name?
>>>>>>>>>>>>
>>>>>>>>>>>> `send.email.when.created.by.admin`? Maybe better ideas? :))
>>>>>>>>>>>>
>>>>>>>>>>>> On Wed, 25 Aug 2021 at 12:18, Lee But <
>>>>>>>>>>>> leesenglishlessons@gmail.com> wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> Hello Maxim,
>>>>>>>>>>>>>
>>>>>>>>>>>>> I'm testing with my own email addresses until I am sure that I
>>>>>>>>>>>>> have everything right.
>>>>>>>>>>>>> I think that would be great. Also, a link to the login page
>>>>>>>>>>>>> would be useful, as without it, users don't know the URL of the website.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Regards,
>>>>>>>>>>>>> Lee
>>>>>>>>>>>>>
>>>>>>>>>>>>> On Wed, Aug 25, 2021 at 2:53 AM Maxim Solodovnik <
>>>>>>>>>>>>> solomax666@gmail.com> wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> Hello Lee,
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> this is by design
>>>>>>>>>>>>>> these email settings are for self-registration only
>>>>>>>>>>>>>> Password is not being sent for security reasons
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> As workaround your users can click "Forget password"
>>>>>>>>>>>>>> enter login/email and change the password
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> We can add some additional setting to send email to newly
>>>>>>>>>>>>>> created users with instructions above :)
>>>>>>>>>>>>>> WDYT?
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> On Tue, 24 Aug 2021 at 23:07, Lee But <
>>>>>>>>>>>>>> leesenglishlessons@gmail.com> wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Hello,
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> I turned off self-registering, and when I set up a user as
>>>>>>>>>>>>>>> admin, no verification email is sent despite the key being set to true.
>>>>>>>>>>>>>>> [image: image.png]
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Also, the email that contains the user's account details
>>>>>>>>>>>>>>> does not contain the password, nor a link to the openmeetings page, so they
>>>>>>>>>>>>>>> cannot log in.
>>>>>>>>>>>>>>> Here's the message:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> [image: image.png]
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Thank you,
>>>>>>>>>>>>>>> Lee
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> --
>>>>>>>>>>>>>> Best regards,
>>>>>>>>>>>>>> Maxim
>>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> --
>>>>>>>>>>>> Best regards,
>>>>>>>>>>>> Maxim
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> --
>>>>>>>>>> Best regards,
>>>>>>>>>> Maxim
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> Best regards,
>>>>>>>> Maxim
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>> --
>>>>>> Best regards,
>>>>>> Maxim
>>>>>>
>>>>>>
>>>>
>>>> --
>>>> Best regards,
>>>> Maxim
>>>>
>>>
>>
>> --
>> Best regards,
>> Maxim
>>
>
--
Best regards,
Maxim
Re: Registering on behalf of users - no confirmation email
Posted by Lee But <le...@gmail.com>.
Done: https://issues.apache.org/jira/browse/OPENMEETINGS-2658
On Thu, Sep 2, 2021 at 6:11 AM Maxim Solodovnik <so...@gmail.com>
wrote:
>
>
> On Thu, 2 Sept 2021 at 11:27, Lee But <le...@gmail.com>
> wrote:
>
>> 1) Perhaps there is no need for a new template, just make it possible for
>> an admin-registered user to follow a link to log in.
>> Yes, a password with registration is a bad idea.
>> Which methods are available for a user to log in without knowing their
>> password if not sent by the admin?
>>
>
> "Forget password" link should work :))
>
> My bank sends verification codes via email, so I suppose there must be
>> some way to use email securely.
>>
>
> Better way to send password in separate email
> OR even better send it to alternative email or via SMS/Push (different
> channel)
>
> "Forget password" will do it :) (with hash in URL as temporary password :))
>
>
>> 2) I think the base url is enough, the same as the application.base.url
>> key in configuration.
>>
>
> OK
> Could you please create JIRA:
> https://issues.apache.org/jira/browse/OPENMEETINGS (you need to be
> registered :)
>
>
>>
>> On Thu, Sep 2, 2021 at 3:33 AM Maxim Solodovnik <so...@gmail.com>
>> wrote:
>>
>>> There is no such thing as temporary password
>>>
>>> From security perspective it is not good idea to send login and password
>>> via same channel
>>> And extremely bad idea to send them in same message
>>>
>>> I'm ready to add some changes to the registration template :)
>>> Since email is being sent while registering
>>>
>>> 1) Do we need a separate template?
>>> 2) Shall we add server URL to the current template?
>>>
>>>
>>> On Sat, 28 Aug 2021 at 10:50, Lee But <le...@gmail.com>
>>> wrote:
>>>
>>>> I was just thinking; does the template need a line with the temporary
>>>> password in it?
>>>>
>>>> *Your temporary password is <password>. You should change it when you
>>>> complete your registration.*
>>>>
>>>> On Thu, Aug 26, 2021 at 8:39 AM Ali Alhaidary <
>>>> ali.alhaidary@the5stars.org> wrote:
>>>>
>>>>>
>>>>> On 8/26/21 8:46 AM, Maxim Solodovnik wrote:
>>>>>
>>>>> I would call it: security issue :)
>>>>> IMO such destructive action like purging user should be very much
>>>>> secured ....
>>>>>
>>>>> Admins periodically review user list and remove old, not fully
>>>>> registered or not verified users. Also, a user needs to remove his contact
>>>>> information if the application keeps interacting with him by email for
>>>>> example, however, OM does not do that.
>>>>>
>>>>>
>>>>> On Thu, 26 Aug 2021 at 12:44, Lee But <le...@gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Isn't there a way to send an ID key in the invitation email that can
>>>>>> automatically remove the record that matches the key. Or, match the email
>>>>>> address?
>>>>>>
>>>>>> On Thu, Aug 26, 2021 at 5:36 AM Maxim Solodovnik <
>>>>>> solomax666@gmail.com> wrote:
>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Thu, 26 Aug 2021 at 12:18, Lee But <le...@gmail.com>
>>>>>>> wrote:
>>>>>>>
>>>>>>>> Hello Maxim,
>>>>>>>>
>>>>>>>> The <application.base.url> is just to point to the website that
>>>>>>>> openmeetings is on so that the user can recognise it. Example, Maxim
>>>>>>>> Solodonvik at www.openmeetings.apache.org has invited you to join
>>>>>>>> their online meeting room(s).
>>>>>>>> Perhaps, it would be better if the admin could create an
>>>>>>>> 'organisation name' and have that in the invitation instead.
>>>>>>>>
>>>>>>>> The <URL>, would point directly to a page to change the password
>>>>>>>> and complete registration.
>>>>>>>>
>>>>>>>
>>>>>>> Well
>>>>>>> Actually both URLs will be
>>>>>>> https://om.alteametasoft.com/openmeetings/signin
>>>>>>> This is why I'm asking :)
>>>>>>>
>>>>>>>
>>>>>>>> What I mean by 'deregister' is to remove the information that the
>>>>>>>> admin created: names, password and email address. That may not be clear.
>>>>>>>>
>>>>>>>> I suppose it could read, 'If you have received this invitation in
>>>>>>>> error or do not wish to join the meeting room(s), please *click
>>>>>>>> here* to deregister your information shown in this email.'
>>>>>>>>
>>>>>>>
>>>>>>> As I wrote before
>>>>>>> this is impossible without successful login
>>>>>>> which impossible without "change the password and complete
>>>>>>> registration"
>>>>>>> So the footer looks useless to me :(
>>>>>>>
>>>>>>>
>>>>>>>>
>>>>>>>> On Thu, Aug 26, 2021 at 4:59 AM Maxim Solodovnik <
>>>>>>>> solomax666@gmail.com> wrote:
>>>>>>>>
>>>>>>>>> Thanks for the templates :)
>>>>>>>>>
>>>>>>>>> I'll do the following:
>>>>>>>>>
>>>>>>>>> 1) will create the key `send.invite.to.user.created.by.admin`
>>>>>>>>> 2) will use "Formal version" to create the template
>>>>>>>>> (you can modify it any time as described here
>>>>>>>>> https://openmeetings.apache.org/EditTemplates.html)
>>>>>>>>>
>>>>>>>>> Couple of questions:
>>>>>>>>> 1) why do we need both "<application.base.url>" and "<URL>"?
>>>>>>>>> 2) why do we need this "If you have received this invitation in
>>>>>>>>> error, please *click here* to deregister." footer? the only way
>>>>>>>>> to de-register is to complete registration then to delete themselves ....
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Wed, 25 Aug 2021 at 20:39, Ali Alhaidary <
>>>>>>>>> ali.alhaidary@the5stars.org> wrote:
>>>>>>>>>
>>>>>>>>>> Nice :-)
>>>>>>>>>>
>>>>>>>>>> Ali
>>>>>>>>>> On 8/25/21 3:07 PM, Lee But wrote:
>>>>>>>>>>
>>>>>>>>>> Hello Maxim,
>>>>>>>>>>
>>>>>>>>>> Here are two templates. One is formal, the other informal. I
>>>>>>>>>> think it would be useful for admins to view default templates and create
>>>>>>>>>> their own invitations as well.
>>>>>>>>>> possible keys could be:
>>>>>>>>>>
>>>>>>>>>> send.formal.invite.to.user.created.by.admin
>>>>>>>>>> send.casual.invite.to.user.created.by.admin
>>>>>>>>>> send.custom.invite.to.user.created.by.admin
>>>>>>>>>>
>>>>>>>>>> In the examples below, the name order could be swapped according
>>>>>>>>>> to the language being used.
>>>>>>>>>>
>>>>>>>>>> *****************
>>>>>>>>>> Formal version
>>>>>>>>>>
>>>>>>>>>> *****************
>>>>>>>>>>
>>>>>>>>>> Dear <firstName> <lastName>,
>>>>>>>>>>
>>>>>>>>>> <adminFirstName> <adminLastName> at <application.base.url> has
>>>>>>>>>> invited you to join their online meeting room(s).
>>>>>>>>>>
>>>>>>>>>> To complete your registration and use the room(s), please visit
>>>>>>>>>> the link below and create a strong password.
>>>>>>>>>>
>>>>>>>>>> <URL>
>>>>>>>>>>
>>>>>>>>>> Your username for logging in is <username>.
>>>>>>>>>>
>>>>>>>>>> Thank you for joining our meeting rooms.
>>>>>>>>>>
>>>>>>>>>> Best regards,
>>>>>>>>>>
>>>>>>>>>> <adminFirstName> <adminLastName>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> If you have received this invitation in error, please *click
>>>>>>>>>> here* to deregister.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> *****************
>>>>>>>>>> Casual version
>>>>>>>>>>
>>>>>>>>>> *****************
>>>>>>>>>>
>>>>>>>>>> Hi <firstName> <lastName>,
>>>>>>>>>>
>>>>>>>>>> <adminFirstName> <adminLastName> here from
>>>>>>>>>> <application.base.url>. I’ve added you as a user to our online meeting
>>>>>>>>>> room(s).
>>>>>>>>>>
>>>>>>>>>> To use the room(s), you need to complete your registration. Click
>>>>>>>>>> the link below and create a strong password.
>>>>>>>>>>
>>>>>>>>>> <URL>
>>>>>>>>>>
>>>>>>>>>> Your username for logging in is <username>.
>>>>>>>>>>
>>>>>>>>>> Thanks for joining our meeting room(s).
>>>>>>>>>>
>>>>>>>>>> See you soon!
>>>>>>>>>>
>>>>>>>>>> <adminFirstName>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> If I’ve sent you this invitation by mistake, please *click here*
>>>>>>>>>> to deregister.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Wed, Aug 25, 2021 at 6:13 AM Maxim Solodovnik <
>>>>>>>>>> solomax666@gmail.com> wrote:
>>>>>>>>>>
>>>>>>>>>>> Maybe you can help to create a template for such email (as text)
>>>>>>>>>>> here? :)
>>>>>>>>>>> and maybe propose a configuration key name?
>>>>>>>>>>>
>>>>>>>>>>> `send.email.when.created.by.admin`? Maybe better ideas? :))
>>>>>>>>>>>
>>>>>>>>>>> On Wed, 25 Aug 2021 at 12:18, Lee But <
>>>>>>>>>>> leesenglishlessons@gmail.com> wrote:
>>>>>>>>>>>
>>>>>>>>>>>> Hello Maxim,
>>>>>>>>>>>>
>>>>>>>>>>>> I'm testing with my own email addresses until I am sure that I
>>>>>>>>>>>> have everything right.
>>>>>>>>>>>> I think that would be great. Also, a link to the login page
>>>>>>>>>>>> would be useful, as without it, users don't know the URL of the website.
>>>>>>>>>>>>
>>>>>>>>>>>> Regards,
>>>>>>>>>>>> Lee
>>>>>>>>>>>>
>>>>>>>>>>>> On Wed, Aug 25, 2021 at 2:53 AM Maxim Solodovnik <
>>>>>>>>>>>> solomax666@gmail.com> wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> Hello Lee,
>>>>>>>>>>>>>
>>>>>>>>>>>>> this is by design
>>>>>>>>>>>>> these email settings are for self-registration only
>>>>>>>>>>>>> Password is not being sent for security reasons
>>>>>>>>>>>>>
>>>>>>>>>>>>> As workaround your users can click "Forget password"
>>>>>>>>>>>>> enter login/email and change the password
>>>>>>>>>>>>>
>>>>>>>>>>>>> We can add some additional setting to send email to newly
>>>>>>>>>>>>> created users with instructions above :)
>>>>>>>>>>>>> WDYT?
>>>>>>>>>>>>>
>>>>>>>>>>>>> On Tue, 24 Aug 2021 at 23:07, Lee But <
>>>>>>>>>>>>> leesenglishlessons@gmail.com> wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> Hello,
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> I turned off self-registering, and when I set up a user as
>>>>>>>>>>>>>> admin, no verification email is sent despite the key being set to true.
>>>>>>>>>>>>>> [image: image.png]
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Also, the email that contains the user's account details does
>>>>>>>>>>>>>> not contain the password, nor a link to the openmeetings page, so they
>>>>>>>>>>>>>> cannot log in.
>>>>>>>>>>>>>> Here's the message:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> [image: image.png]
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Thank you,
>>>>>>>>>>>>>> Lee
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> --
>>>>>>>>>>>>> Best regards,
>>>>>>>>>>>>> Maxim
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> --
>>>>>>>>>>> Best regards,
>>>>>>>>>>> Maxim
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> Best regards,
>>>>>>>>> Maxim
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Best regards,
>>>>>>> Maxim
>>>>>>>
>>>>>>
>>>>>
>>>>> --
>>>>> Best regards,
>>>>> Maxim
>>>>>
>>>>>
>>>
>>> --
>>> Best regards,
>>> Maxim
>>>
>>
>
> --
> Best regards,
> Maxim
>
Re: Registering on behalf of users - no confirmation email
Posted by Maxim Solodovnik <so...@gmail.com>.
On Thu, 2 Sept 2021 at 11:27, Lee But <le...@gmail.com> wrote:
> 1) Perhaps there is no need for a new template, just make it possible for
> an admin-registered user to follow a link to log in.
> Yes, a password with registration is a bad idea.
> Which methods are available for a user to log in without knowing their
> password if not sent by the admin?
>
"Forget password" link should work :))
My bank sends verification codes via email, so I suppose there must be some
> way to use email securely.
>
Better way to send password in separate email
OR even better send it to alternative email or via SMS/Push (different
channel)
"Forget password" will do it :) (with hash in URL as temporary password :))
> 2) I think the base url is enough, the same as the application.base.url
> key in configuration.
>
OK
Could you please create JIRA:
https://issues.apache.org/jira/browse/OPENMEETINGS (you need to be
registered :)
>
> On Thu, Sep 2, 2021 at 3:33 AM Maxim Solodovnik <so...@gmail.com>
> wrote:
>
>> There is no such thing as temporary password
>>
>> From security perspective it is not good idea to send login and password
>> via same channel
>> And extremely bad idea to send them in same message
>>
>> I'm ready to add some changes to the registration template :)
>> Since email is being sent while registering
>>
>> 1) Do we need a separate template?
>> 2) Shall we add server URL to the current template?
>>
>>
>> On Sat, 28 Aug 2021 at 10:50, Lee But <le...@gmail.com>
>> wrote:
>>
>>> I was just thinking; does the template need a line with the temporary
>>> password in it?
>>>
>>> *Your temporary password is <password>. You should change it when you
>>> complete your registration.*
>>>
>>> On Thu, Aug 26, 2021 at 8:39 AM Ali Alhaidary <
>>> ali.alhaidary@the5stars.org> wrote:
>>>
>>>>
>>>> On 8/26/21 8:46 AM, Maxim Solodovnik wrote:
>>>>
>>>> I would call it: security issue :)
>>>> IMO such destructive action like purging user should be very much
>>>> secured ....
>>>>
>>>> Admins periodically review user list and remove old, not fully
>>>> registered or not verified users. Also, a user needs to remove his contact
>>>> information if the application keeps interacting with him by email for
>>>> example, however, OM does not do that.
>>>>
>>>>
>>>> On Thu, 26 Aug 2021 at 12:44, Lee But <le...@gmail.com>
>>>> wrote:
>>>>
>>>>> Isn't there a way to send an ID key in the invitation email that can
>>>>> automatically remove the record that matches the key. Or, match the email
>>>>> address?
>>>>>
>>>>> On Thu, Aug 26, 2021 at 5:36 AM Maxim Solodovnik <so...@gmail.com>
>>>>> wrote:
>>>>>
>>>>>>
>>>>>>
>>>>>> On Thu, 26 Aug 2021 at 12:18, Lee But <le...@gmail.com>
>>>>>> wrote:
>>>>>>
>>>>>>> Hello Maxim,
>>>>>>>
>>>>>>> The <application.base.url> is just to point to the website that
>>>>>>> openmeetings is on so that the user can recognise it. Example, Maxim
>>>>>>> Solodonvik at www.openmeetings.apache.org has invited you to join
>>>>>>> their online meeting room(s).
>>>>>>> Perhaps, it would be better if the admin could create an
>>>>>>> 'organisation name' and have that in the invitation instead.
>>>>>>>
>>>>>>> The <URL>, would point directly to a page to change the password and
>>>>>>> complete registration.
>>>>>>>
>>>>>>
>>>>>> Well
>>>>>> Actually both URLs will be
>>>>>> https://om.alteametasoft.com/openmeetings/signin
>>>>>> This is why I'm asking :)
>>>>>>
>>>>>>
>>>>>>> What I mean by 'deregister' is to remove the information that the
>>>>>>> admin created: names, password and email address. That may not be clear.
>>>>>>>
>>>>>>> I suppose it could read, 'If you have received this invitation in
>>>>>>> error or do not wish to join the meeting room(s), please *click
>>>>>>> here* to deregister your information shown in this email.'
>>>>>>>
>>>>>>
>>>>>> As I wrote before
>>>>>> this is impossible without successful login
>>>>>> which impossible without "change the password and complete
>>>>>> registration"
>>>>>> So the footer looks useless to me :(
>>>>>>
>>>>>>
>>>>>>>
>>>>>>> On Thu, Aug 26, 2021 at 4:59 AM Maxim Solodovnik <
>>>>>>> solomax666@gmail.com> wrote:
>>>>>>>
>>>>>>>> Thanks for the templates :)
>>>>>>>>
>>>>>>>> I'll do the following:
>>>>>>>>
>>>>>>>> 1) will create the key `send.invite.to.user.created.by.admin`
>>>>>>>> 2) will use "Formal version" to create the template
>>>>>>>> (you can modify it any time as described here
>>>>>>>> https://openmeetings.apache.org/EditTemplates.html)
>>>>>>>>
>>>>>>>> Couple of questions:
>>>>>>>> 1) why do we need both "<application.base.url>" and "<URL>"?
>>>>>>>> 2) why do we need this "If you have received this invitation in
>>>>>>>> error, please *click here* to deregister." footer? the only way to
>>>>>>>> de-register is to complete registration then to delete themselves ....
>>>>>>>>
>>>>>>>>
>>>>>>>> On Wed, 25 Aug 2021 at 20:39, Ali Alhaidary <
>>>>>>>> ali.alhaidary@the5stars.org> wrote:
>>>>>>>>
>>>>>>>>> Nice :-)
>>>>>>>>>
>>>>>>>>> Ali
>>>>>>>>> On 8/25/21 3:07 PM, Lee But wrote:
>>>>>>>>>
>>>>>>>>> Hello Maxim,
>>>>>>>>>
>>>>>>>>> Here are two templates. One is formal, the other informal. I think
>>>>>>>>> it would be useful for admins to view default templates and create their
>>>>>>>>> own invitations as well.
>>>>>>>>> possible keys could be:
>>>>>>>>>
>>>>>>>>> send.formal.invite.to.user.created.by.admin
>>>>>>>>> send.casual.invite.to.user.created.by.admin
>>>>>>>>> send.custom.invite.to.user.created.by.admin
>>>>>>>>>
>>>>>>>>> In the examples below, the name order could be swapped according
>>>>>>>>> to the language being used.
>>>>>>>>>
>>>>>>>>> *****************
>>>>>>>>> Formal version
>>>>>>>>>
>>>>>>>>> *****************
>>>>>>>>>
>>>>>>>>> Dear <firstName> <lastName>,
>>>>>>>>>
>>>>>>>>> <adminFirstName> <adminLastName> at <application.base.url> has
>>>>>>>>> invited you to join their online meeting room(s).
>>>>>>>>>
>>>>>>>>> To complete your registration and use the room(s), please visit
>>>>>>>>> the link below and create a strong password.
>>>>>>>>>
>>>>>>>>> <URL>
>>>>>>>>>
>>>>>>>>> Your username for logging in is <username>.
>>>>>>>>>
>>>>>>>>> Thank you for joining our meeting rooms.
>>>>>>>>>
>>>>>>>>> Best regards,
>>>>>>>>>
>>>>>>>>> <adminFirstName> <adminLastName>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> If you have received this invitation in error, please *click here*
>>>>>>>>> to deregister.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> *****************
>>>>>>>>> Casual version
>>>>>>>>>
>>>>>>>>> *****************
>>>>>>>>>
>>>>>>>>> Hi <firstName> <lastName>,
>>>>>>>>>
>>>>>>>>> <adminFirstName> <adminLastName> here from <application.base.url>.
>>>>>>>>> I’ve added you as a user to our online meeting room(s).
>>>>>>>>>
>>>>>>>>> To use the room(s), you need to complete your registration. Click
>>>>>>>>> the link below and create a strong password.
>>>>>>>>>
>>>>>>>>> <URL>
>>>>>>>>>
>>>>>>>>> Your username for logging in is <username>.
>>>>>>>>>
>>>>>>>>> Thanks for joining our meeting room(s).
>>>>>>>>>
>>>>>>>>> See you soon!
>>>>>>>>>
>>>>>>>>> <adminFirstName>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> If I’ve sent you this invitation by mistake, please *click here*
>>>>>>>>> to deregister.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Wed, Aug 25, 2021 at 6:13 AM Maxim Solodovnik <
>>>>>>>>> solomax666@gmail.com> wrote:
>>>>>>>>>
>>>>>>>>>> Maybe you can help to create a template for such email (as text)
>>>>>>>>>> here? :)
>>>>>>>>>> and maybe propose a configuration key name?
>>>>>>>>>>
>>>>>>>>>> `send.email.when.created.by.admin`? Maybe better ideas? :))
>>>>>>>>>>
>>>>>>>>>> On Wed, 25 Aug 2021 at 12:18, Lee But <
>>>>>>>>>> leesenglishlessons@gmail.com> wrote:
>>>>>>>>>>
>>>>>>>>>>> Hello Maxim,
>>>>>>>>>>>
>>>>>>>>>>> I'm testing with my own email addresses until I am sure that I
>>>>>>>>>>> have everything right.
>>>>>>>>>>> I think that would be great. Also, a link to the login page
>>>>>>>>>>> would be useful, as without it, users don't know the URL of the website.
>>>>>>>>>>>
>>>>>>>>>>> Regards,
>>>>>>>>>>> Lee
>>>>>>>>>>>
>>>>>>>>>>> On Wed, Aug 25, 2021 at 2:53 AM Maxim Solodovnik <
>>>>>>>>>>> solomax666@gmail.com> wrote:
>>>>>>>>>>>
>>>>>>>>>>>> Hello Lee,
>>>>>>>>>>>>
>>>>>>>>>>>> this is by design
>>>>>>>>>>>> these email settings are for self-registration only
>>>>>>>>>>>> Password is not being sent for security reasons
>>>>>>>>>>>>
>>>>>>>>>>>> As workaround your users can click "Forget password"
>>>>>>>>>>>> enter login/email and change the password
>>>>>>>>>>>>
>>>>>>>>>>>> We can add some additional setting to send email to newly
>>>>>>>>>>>> created users with instructions above :)
>>>>>>>>>>>> WDYT?
>>>>>>>>>>>>
>>>>>>>>>>>> On Tue, 24 Aug 2021 at 23:07, Lee But <
>>>>>>>>>>>> leesenglishlessons@gmail.com> wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> Hello,
>>>>>>>>>>>>>
>>>>>>>>>>>>> I turned off self-registering, and when I set up a user as
>>>>>>>>>>>>> admin, no verification email is sent despite the key being set to true.
>>>>>>>>>>>>> [image: image.png]
>>>>>>>>>>>>>
>>>>>>>>>>>>> Also, the email that contains the user's account details does
>>>>>>>>>>>>> not contain the password, nor a link to the openmeetings page, so they
>>>>>>>>>>>>> cannot log in.
>>>>>>>>>>>>> Here's the message:
>>>>>>>>>>>>>
>>>>>>>>>>>>> [image: image.png]
>>>>>>>>>>>>>
>>>>>>>>>>>>> Thank you,
>>>>>>>>>>>>> Lee
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> --
>>>>>>>>>>>> Best regards,
>>>>>>>>>>>> Maxim
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> --
>>>>>>>>>> Best regards,
>>>>>>>>>> Maxim
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> Best regards,
>>>>>>>> Maxim
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>> --
>>>>>> Best regards,
>>>>>> Maxim
>>>>>>
>>>>>
>>>>
>>>> --
>>>> Best regards,
>>>> Maxim
>>>>
>>>>
>>
>> --
>> Best regards,
>> Maxim
>>
>
--
Best regards,
Maxim
Re: Registering on behalf of users - no confirmation email
Posted by Lee But <le...@gmail.com>.
1) Perhaps there is no need for a new template, just make it possible for
an admin-registered user to follow a link to log in.
Yes, a password with registration is a bad idea.
Which methods are available for a user to log in without knowing their
password if not sent by the admin?
My bank sends verification codes via email, so I suppose there must be some
way to use email securely.
2) I think the base url is enough, the same as the application.base.url key
in configuration.
On Thu, Sep 2, 2021 at 3:33 AM Maxim Solodovnik <so...@gmail.com>
wrote:
> There is no such thing as temporary password
>
> From security perspective it is not good idea to send login and password
> via same channel
> And extremely bad idea to send them in same message
>
> I'm ready to add some changes to the registration template :)
> Since email is being sent while registering
>
> 1) Do we need a separate template?
> 2) Shall we add server URL to the current template?
>
>
> On Sat, 28 Aug 2021 at 10:50, Lee But <le...@gmail.com>
> wrote:
>
>> I was just thinking; does the template need a line with the temporary
>> password in it?
>>
>> *Your temporary password is <password>. You should change it when you
>> complete your registration.*
>>
>> On Thu, Aug 26, 2021 at 8:39 AM Ali Alhaidary <
>> ali.alhaidary@the5stars.org> wrote:
>>
>>>
>>> On 8/26/21 8:46 AM, Maxim Solodovnik wrote:
>>>
>>> I would call it: security issue :)
>>> IMO such destructive action like purging user should be very much
>>> secured ....
>>>
>>> Admins periodically review user list and remove old, not fully
>>> registered or not verified users. Also, a user needs to remove his contact
>>> information if the application keeps interacting with him by email for
>>> example, however, OM does not do that.
>>>
>>>
>>> On Thu, 26 Aug 2021 at 12:44, Lee But <le...@gmail.com>
>>> wrote:
>>>
>>>> Isn't there a way to send an ID key in the invitation email that can
>>>> automatically remove the record that matches the key. Or, match the email
>>>> address?
>>>>
>>>> On Thu, Aug 26, 2021 at 5:36 AM Maxim Solodovnik <so...@gmail.com>
>>>> wrote:
>>>>
>>>>>
>>>>>
>>>>> On Thu, 26 Aug 2021 at 12:18, Lee But <le...@gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Hello Maxim,
>>>>>>
>>>>>> The <application.base.url> is just to point to the website that
>>>>>> openmeetings is on so that the user can recognise it. Example, Maxim
>>>>>> Solodonvik at www.openmeetings.apache.org has invited you to join
>>>>>> their online meeting room(s).
>>>>>> Perhaps, it would be better if the admin could create an
>>>>>> 'organisation name' and have that in the invitation instead.
>>>>>>
>>>>>> The <URL>, would point directly to a page to change the password and
>>>>>> complete registration.
>>>>>>
>>>>>
>>>>> Well
>>>>> Actually both URLs will be
>>>>> https://om.alteametasoft.com/openmeetings/signin
>>>>> This is why I'm asking :)
>>>>>
>>>>>
>>>>>> What I mean by 'deregister' is to remove the information that the
>>>>>> admin created: names, password and email address. That may not be clear.
>>>>>>
>>>>>> I suppose it could read, 'If you have received this invitation in
>>>>>> error or do not wish to join the meeting room(s), please *click here* to
>>>>>> deregister your information shown in this email.'
>>>>>>
>>>>>
>>>>> As I wrote before
>>>>> this is impossible without successful login
>>>>> which impossible without "change the password and complete
>>>>> registration"
>>>>> So the footer looks useless to me :(
>>>>>
>>>>>
>>>>>>
>>>>>> On Thu, Aug 26, 2021 at 4:59 AM Maxim Solodovnik <
>>>>>> solomax666@gmail.com> wrote:
>>>>>>
>>>>>>> Thanks for the templates :)
>>>>>>>
>>>>>>> I'll do the following:
>>>>>>>
>>>>>>> 1) will create the key `send.invite.to.user.created.by.admin`
>>>>>>> 2) will use "Formal version" to create the template
>>>>>>> (you can modify it any time as described here
>>>>>>> https://openmeetings.apache.org/EditTemplates.html)
>>>>>>>
>>>>>>> Couple of questions:
>>>>>>> 1) why do we need both "<application.base.url>" and "<URL>"?
>>>>>>> 2) why do we need this "If you have received this invitation in
>>>>>>> error, please *click here* to deregister." footer? the only way to
>>>>>>> de-register is to complete registration then to delete themselves ....
>>>>>>>
>>>>>>>
>>>>>>> On Wed, 25 Aug 2021 at 20:39, Ali Alhaidary <
>>>>>>> ali.alhaidary@the5stars.org> wrote:
>>>>>>>
>>>>>>>> Nice :-)
>>>>>>>>
>>>>>>>> Ali
>>>>>>>> On 8/25/21 3:07 PM, Lee But wrote:
>>>>>>>>
>>>>>>>> Hello Maxim,
>>>>>>>>
>>>>>>>> Here are two templates. One is formal, the other informal. I think
>>>>>>>> it would be useful for admins to view default templates and create their
>>>>>>>> own invitations as well.
>>>>>>>> possible keys could be:
>>>>>>>>
>>>>>>>> send.formal.invite.to.user.created.by.admin
>>>>>>>> send.casual.invite.to.user.created.by.admin
>>>>>>>> send.custom.invite.to.user.created.by.admin
>>>>>>>>
>>>>>>>> In the examples below, the name order could be swapped according to
>>>>>>>> the language being used.
>>>>>>>>
>>>>>>>> *****************
>>>>>>>> Formal version
>>>>>>>>
>>>>>>>> *****************
>>>>>>>>
>>>>>>>> Dear <firstName> <lastName>,
>>>>>>>>
>>>>>>>> <adminFirstName> <adminLastName> at <application.base.url> has
>>>>>>>> invited you to join their online meeting room(s).
>>>>>>>>
>>>>>>>> To complete your registration and use the room(s), please visit the
>>>>>>>> link below and create a strong password.
>>>>>>>>
>>>>>>>> <URL>
>>>>>>>>
>>>>>>>> Your username for logging in is <username>.
>>>>>>>>
>>>>>>>> Thank you for joining our meeting rooms.
>>>>>>>>
>>>>>>>> Best regards,
>>>>>>>>
>>>>>>>> <adminFirstName> <adminLastName>
>>>>>>>>
>>>>>>>>
>>>>>>>> If you have received this invitation in error, please *click here*
>>>>>>>> to deregister.
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> *****************
>>>>>>>> Casual version
>>>>>>>>
>>>>>>>> *****************
>>>>>>>>
>>>>>>>> Hi <firstName> <lastName>,
>>>>>>>>
>>>>>>>> <adminFirstName> <adminLastName> here from <application.base.url>.
>>>>>>>> I’ve added you as a user to our online meeting room(s).
>>>>>>>>
>>>>>>>> To use the room(s), you need to complete your registration. Click
>>>>>>>> the link below and create a strong password.
>>>>>>>>
>>>>>>>> <URL>
>>>>>>>>
>>>>>>>> Your username for logging in is <username>.
>>>>>>>>
>>>>>>>> Thanks for joining our meeting room(s).
>>>>>>>>
>>>>>>>> See you soon!
>>>>>>>>
>>>>>>>> <adminFirstName>
>>>>>>>>
>>>>>>>>
>>>>>>>> If I’ve sent you this invitation by mistake, please *click here*
>>>>>>>> to deregister.
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On Wed, Aug 25, 2021 at 6:13 AM Maxim Solodovnik <
>>>>>>>> solomax666@gmail.com> wrote:
>>>>>>>>
>>>>>>>>> Maybe you can help to create a template for such email (as text)
>>>>>>>>> here? :)
>>>>>>>>> and maybe propose a configuration key name?
>>>>>>>>>
>>>>>>>>> `send.email.when.created.by.admin`? Maybe better ideas? :))
>>>>>>>>>
>>>>>>>>> On Wed, 25 Aug 2021 at 12:18, Lee But <
>>>>>>>>> leesenglishlessons@gmail.com> wrote:
>>>>>>>>>
>>>>>>>>>> Hello Maxim,
>>>>>>>>>>
>>>>>>>>>> I'm testing with my own email addresses until I am sure that I
>>>>>>>>>> have everything right.
>>>>>>>>>> I think that would be great. Also, a link to the login page would
>>>>>>>>>> be useful, as without it, users don't know the URL of the website.
>>>>>>>>>>
>>>>>>>>>> Regards,
>>>>>>>>>> Lee
>>>>>>>>>>
>>>>>>>>>> On Wed, Aug 25, 2021 at 2:53 AM Maxim Solodovnik <
>>>>>>>>>> solomax666@gmail.com> wrote:
>>>>>>>>>>
>>>>>>>>>>> Hello Lee,
>>>>>>>>>>>
>>>>>>>>>>> this is by design
>>>>>>>>>>> these email settings are for self-registration only
>>>>>>>>>>> Password is not being sent for security reasons
>>>>>>>>>>>
>>>>>>>>>>> As workaround your users can click "Forget password"
>>>>>>>>>>> enter login/email and change the password
>>>>>>>>>>>
>>>>>>>>>>> We can add some additional setting to send email to newly
>>>>>>>>>>> created users with instructions above :)
>>>>>>>>>>> WDYT?
>>>>>>>>>>>
>>>>>>>>>>> On Tue, 24 Aug 2021 at 23:07, Lee But <
>>>>>>>>>>> leesenglishlessons@gmail.com> wrote:
>>>>>>>>>>>
>>>>>>>>>>>> Hello,
>>>>>>>>>>>>
>>>>>>>>>>>> I turned off self-registering, and when I set up a user as
>>>>>>>>>>>> admin, no verification email is sent despite the key being set to true.
>>>>>>>>>>>> [image: image.png]
>>>>>>>>>>>>
>>>>>>>>>>>> Also, the email that contains the user's account details does
>>>>>>>>>>>> not contain the password, nor a link to the openmeetings page, so they
>>>>>>>>>>>> cannot log in.
>>>>>>>>>>>> Here's the message:
>>>>>>>>>>>>
>>>>>>>>>>>> [image: image.png]
>>>>>>>>>>>>
>>>>>>>>>>>> Thank you,
>>>>>>>>>>>> Lee
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> --
>>>>>>>>>>> Best regards,
>>>>>>>>>>> Maxim
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> Best regards,
>>>>>>>>> Maxim
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Best regards,
>>>>>>> Maxim
>>>>>>>
>>>>>>
>>>>>
>>>>> --
>>>>> Best regards,
>>>>> Maxim
>>>>>
>>>>
>>>
>>> --
>>> Best regards,
>>> Maxim
>>>
>>>
>
> --
> Best regards,
> Maxim
>
Re: Registering on behalf of users - no confirmation email
Posted by Maxim Solodovnik <so...@gmail.com>.
There is no such thing as temporary password
From security perspective it is not good idea to send login and password
via same channel
And extremely bad idea to send them in same message
I'm ready to add some changes to the registration template :)
Since email is being sent while registering
1) Do we need a separate template?
2) Shall we add server URL to the current template?
On Sat, 28 Aug 2021 at 10:50, Lee But <le...@gmail.com> wrote:
> I was just thinking; does the template need a line with the temporary
> password in it?
>
> *Your temporary password is <password>. You should change it when you
> complete your registration.*
>
> On Thu, Aug 26, 2021 at 8:39 AM Ali Alhaidary <al...@the5stars.org>
> wrote:
>
>>
>> On 8/26/21 8:46 AM, Maxim Solodovnik wrote:
>>
>> I would call it: security issue :)
>> IMO such destructive action like purging user should be very much secured
>> ....
>>
>> Admins periodically review user list and remove old, not fully registered
>> or not verified users. Also, a user needs to remove his contact
>> information if the application keeps interacting with him by email for
>> example, however, OM does not do that.
>>
>>
>> On Thu, 26 Aug 2021 at 12:44, Lee But <le...@gmail.com>
>> wrote:
>>
>>> Isn't there a way to send an ID key in the invitation email that can
>>> automatically remove the record that matches the key. Or, match the email
>>> address?
>>>
>>> On Thu, Aug 26, 2021 at 5:36 AM Maxim Solodovnik <so...@gmail.com>
>>> wrote:
>>>
>>>>
>>>>
>>>> On Thu, 26 Aug 2021 at 12:18, Lee But <le...@gmail.com>
>>>> wrote:
>>>>
>>>>> Hello Maxim,
>>>>>
>>>>> The <application.base.url> is just to point to the website that
>>>>> openmeetings is on so that the user can recognise it. Example, Maxim
>>>>> Solodonvik at www.openmeetings.apache.org has invited you to join
>>>>> their online meeting room(s).
>>>>> Perhaps, it would be better if the admin could create an 'organisation
>>>>> name' and have that in the invitation instead.
>>>>>
>>>>> The <URL>, would point directly to a page to change the password and
>>>>> complete registration.
>>>>>
>>>>
>>>> Well
>>>> Actually both URLs will be
>>>> https://om.alteametasoft.com/openmeetings/signin
>>>> This is why I'm asking :)
>>>>
>>>>
>>>>> What I mean by 'deregister' is to remove the information that the
>>>>> admin created: names, password and email address. That may not be clear.
>>>>>
>>>>> I suppose it could read, 'If you have received this invitation in
>>>>> error or do not wish to join the meeting room(s), please *click here* to
>>>>> deregister your information shown in this email.'
>>>>>
>>>>
>>>> As I wrote before
>>>> this is impossible without successful login
>>>> which impossible without "change the password and complete registration"
>>>> So the footer looks useless to me :(
>>>>
>>>>
>>>>>
>>>>> On Thu, Aug 26, 2021 at 4:59 AM Maxim Solodovnik <so...@gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Thanks for the templates :)
>>>>>>
>>>>>> I'll do the following:
>>>>>>
>>>>>> 1) will create the key `send.invite.to.user.created.by.admin`
>>>>>> 2) will use "Formal version" to create the template
>>>>>> (you can modify it any time as described here
>>>>>> https://openmeetings.apache.org/EditTemplates.html)
>>>>>>
>>>>>> Couple of questions:
>>>>>> 1) why do we need both "<application.base.url>" and "<URL>"?
>>>>>> 2) why do we need this "If you have received this invitation in
>>>>>> error, please *click here* to deregister." footer? the only way to
>>>>>> de-register is to complete registration then to delete themselves ....
>>>>>>
>>>>>>
>>>>>> On Wed, 25 Aug 2021 at 20:39, Ali Alhaidary <
>>>>>> ali.alhaidary@the5stars.org> wrote:
>>>>>>
>>>>>>> Nice :-)
>>>>>>>
>>>>>>> Ali
>>>>>>> On 8/25/21 3:07 PM, Lee But wrote:
>>>>>>>
>>>>>>> Hello Maxim,
>>>>>>>
>>>>>>> Here are two templates. One is formal, the other informal. I think
>>>>>>> it would be useful for admins to view default templates and create their
>>>>>>> own invitations as well.
>>>>>>> possible keys could be:
>>>>>>>
>>>>>>> send.formal.invite.to.user.created.by.admin
>>>>>>> send.casual.invite.to.user.created.by.admin
>>>>>>> send.custom.invite.to.user.created.by.admin
>>>>>>>
>>>>>>> In the examples below, the name order could be swapped according to
>>>>>>> the language being used.
>>>>>>>
>>>>>>> *****************
>>>>>>> Formal version
>>>>>>>
>>>>>>> *****************
>>>>>>>
>>>>>>> Dear <firstName> <lastName>,
>>>>>>>
>>>>>>> <adminFirstName> <adminLastName> at <application.base.url> has
>>>>>>> invited you to join their online meeting room(s).
>>>>>>>
>>>>>>> To complete your registration and use the room(s), please visit the
>>>>>>> link below and create a strong password.
>>>>>>>
>>>>>>> <URL>
>>>>>>>
>>>>>>> Your username for logging in is <username>.
>>>>>>>
>>>>>>> Thank you for joining our meeting rooms.
>>>>>>>
>>>>>>> Best regards,
>>>>>>>
>>>>>>> <adminFirstName> <adminLastName>
>>>>>>>
>>>>>>>
>>>>>>> If you have received this invitation in error, please *click here*
>>>>>>> to deregister.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> *****************
>>>>>>> Casual version
>>>>>>>
>>>>>>> *****************
>>>>>>>
>>>>>>> Hi <firstName> <lastName>,
>>>>>>>
>>>>>>> <adminFirstName> <adminLastName> here from <application.base.url>.
>>>>>>> I’ve added you as a user to our online meeting room(s).
>>>>>>>
>>>>>>> To use the room(s), you need to complete your registration. Click
>>>>>>> the link below and create a strong password.
>>>>>>>
>>>>>>> <URL>
>>>>>>>
>>>>>>> Your username for logging in is <username>.
>>>>>>>
>>>>>>> Thanks for joining our meeting room(s).
>>>>>>>
>>>>>>> See you soon!
>>>>>>>
>>>>>>> <adminFirstName>
>>>>>>>
>>>>>>>
>>>>>>> If I’ve sent you this invitation by mistake, please *click here* to
>>>>>>> deregister.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Wed, Aug 25, 2021 at 6:13 AM Maxim Solodovnik <
>>>>>>> solomax666@gmail.com> wrote:
>>>>>>>
>>>>>>>> Maybe you can help to create a template for such email (as text)
>>>>>>>> here? :)
>>>>>>>> and maybe propose a configuration key name?
>>>>>>>>
>>>>>>>> `send.email.when.created.by.admin`? Maybe better ideas? :))
>>>>>>>>
>>>>>>>> On Wed, 25 Aug 2021 at 12:18, Lee But <le...@gmail.com>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>> Hello Maxim,
>>>>>>>>>
>>>>>>>>> I'm testing with my own email addresses until I am sure that I
>>>>>>>>> have everything right.
>>>>>>>>> I think that would be great. Also, a link to the login page would
>>>>>>>>> be useful, as without it, users don't know the URL of the website.
>>>>>>>>>
>>>>>>>>> Regards,
>>>>>>>>> Lee
>>>>>>>>>
>>>>>>>>> On Wed, Aug 25, 2021 at 2:53 AM Maxim Solodovnik <
>>>>>>>>> solomax666@gmail.com> wrote:
>>>>>>>>>
>>>>>>>>>> Hello Lee,
>>>>>>>>>>
>>>>>>>>>> this is by design
>>>>>>>>>> these email settings are for self-registration only
>>>>>>>>>> Password is not being sent for security reasons
>>>>>>>>>>
>>>>>>>>>> As workaround your users can click "Forget password"
>>>>>>>>>> enter login/email and change the password
>>>>>>>>>>
>>>>>>>>>> We can add some additional setting to send email to newly created
>>>>>>>>>> users with instructions above :)
>>>>>>>>>> WDYT?
>>>>>>>>>>
>>>>>>>>>> On Tue, 24 Aug 2021 at 23:07, Lee But <
>>>>>>>>>> leesenglishlessons@gmail.com> wrote:
>>>>>>>>>>
>>>>>>>>>>> Hello,
>>>>>>>>>>>
>>>>>>>>>>> I turned off self-registering, and when I set up a user as
>>>>>>>>>>> admin, no verification email is sent despite the key being set to true.
>>>>>>>>>>> [image: image.png]
>>>>>>>>>>>
>>>>>>>>>>> Also, the email that contains the user's account details does
>>>>>>>>>>> not contain the password, nor a link to the openmeetings page, so they
>>>>>>>>>>> cannot log in.
>>>>>>>>>>> Here's the message:
>>>>>>>>>>>
>>>>>>>>>>> [image: image.png]
>>>>>>>>>>>
>>>>>>>>>>> Thank you,
>>>>>>>>>>> Lee
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> --
>>>>>>>>>> Best regards,
>>>>>>>>>> Maxim
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> Best regards,
>>>>>>>> Maxim
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>> --
>>>>>> Best regards,
>>>>>> Maxim
>>>>>>
>>>>>
>>>>
>>>> --
>>>> Best regards,
>>>> Maxim
>>>>
>>>
>>
>> --
>> Best regards,
>> Maxim
>>
>>
--
Best regards,
Maxim
Re: Registering on behalf of users - no confirmation email
Posted by Lee But <le...@gmail.com>.
I was just thinking; does the template need a line with the temporary
password in it?
*Your temporary password is <password>. You should change it when you
complete your registration.*
On Thu, Aug 26, 2021 at 8:39 AM Ali Alhaidary <al...@the5stars.org>
wrote:
>
> On 8/26/21 8:46 AM, Maxim Solodovnik wrote:
>
> I would call it: security issue :)
> IMO such destructive action like purging user should be very much secured
> ....
>
> Admins periodically review user list and remove old, not fully registered
> or not verified users. Also, a user needs to remove his contact
> information if the application keeps interacting with him by email for
> example, however, OM does not do that.
>
>
> On Thu, 26 Aug 2021 at 12:44, Lee But <le...@gmail.com>
> wrote:
>
>> Isn't there a way to send an ID key in the invitation email that can
>> automatically remove the record that matches the key. Or, match the email
>> address?
>>
>> On Thu, Aug 26, 2021 at 5:36 AM Maxim Solodovnik <so...@gmail.com>
>> wrote:
>>
>>>
>>>
>>> On Thu, 26 Aug 2021 at 12:18, Lee But <le...@gmail.com>
>>> wrote:
>>>
>>>> Hello Maxim,
>>>>
>>>> The <application.base.url> is just to point to the website that
>>>> openmeetings is on so that the user can recognise it. Example, Maxim
>>>> Solodonvik at www.openmeetings.apache.org has invited you to join
>>>> their online meeting room(s).
>>>> Perhaps, it would be better if the admin could create an 'organisation
>>>> name' and have that in the invitation instead.
>>>>
>>>> The <URL>, would point directly to a page to change the password and
>>>> complete registration.
>>>>
>>>
>>> Well
>>> Actually both URLs will be
>>> https://om.alteametasoft.com/openmeetings/signin
>>> This is why I'm asking :)
>>>
>>>
>>>> What I mean by 'deregister' is to remove the information that the admin
>>>> created: names, password and email address. That may not be clear.
>>>>
>>>> I suppose it could read, 'If you have received this invitation in error
>>>> or do not wish to join the meeting room(s), please *click here* to
>>>> deregister your information shown in this email.'
>>>>
>>>
>>> As I wrote before
>>> this is impossible without successful login
>>> which impossible without "change the password and complete registration"
>>> So the footer looks useless to me :(
>>>
>>>
>>>>
>>>> On Thu, Aug 26, 2021 at 4:59 AM Maxim Solodovnik <so...@gmail.com>
>>>> wrote:
>>>>
>>>>> Thanks for the templates :)
>>>>>
>>>>> I'll do the following:
>>>>>
>>>>> 1) will create the key `send.invite.to.user.created.by.admin`
>>>>> 2) will use "Formal version" to create the template
>>>>> (you can modify it any time as described here
>>>>> https://openmeetings.apache.org/EditTemplates.html)
>>>>>
>>>>> Couple of questions:
>>>>> 1) why do we need both "<application.base.url>" and "<URL>"?
>>>>> 2) why do we need this "If you have received this invitation in error,
>>>>> please *click here* to deregister." footer? the only way to
>>>>> de-register is to complete registration then to delete themselves ....
>>>>>
>>>>>
>>>>> On Wed, 25 Aug 2021 at 20:39, Ali Alhaidary <
>>>>> ali.alhaidary@the5stars.org> wrote:
>>>>>
>>>>>> Nice :-)
>>>>>>
>>>>>> Ali
>>>>>> On 8/25/21 3:07 PM, Lee But wrote:
>>>>>>
>>>>>> Hello Maxim,
>>>>>>
>>>>>> Here are two templates. One is formal, the other informal. I think it
>>>>>> would be useful for admins to view default templates and create their own
>>>>>> invitations as well.
>>>>>> possible keys could be:
>>>>>>
>>>>>> send.formal.invite.to.user.created.by.admin
>>>>>> send.casual.invite.to.user.created.by.admin
>>>>>> send.custom.invite.to.user.created.by.admin
>>>>>>
>>>>>> In the examples below, the name order could be swapped according to
>>>>>> the language being used.
>>>>>>
>>>>>> *****************
>>>>>> Formal version
>>>>>>
>>>>>> *****************
>>>>>>
>>>>>> Dear <firstName> <lastName>,
>>>>>>
>>>>>> <adminFirstName> <adminLastName> at <application.base.url> has
>>>>>> invited you to join their online meeting room(s).
>>>>>>
>>>>>> To complete your registration and use the room(s), please visit the
>>>>>> link below and create a strong password.
>>>>>>
>>>>>> <URL>
>>>>>>
>>>>>> Your username for logging in is <username>.
>>>>>>
>>>>>> Thank you for joining our meeting rooms.
>>>>>>
>>>>>> Best regards,
>>>>>>
>>>>>> <adminFirstName> <adminLastName>
>>>>>>
>>>>>>
>>>>>> If you have received this invitation in error, please *click here*
>>>>>> to deregister.
>>>>>>
>>>>>>
>>>>>>
>>>>>> *****************
>>>>>> Casual version
>>>>>>
>>>>>> *****************
>>>>>>
>>>>>> Hi <firstName> <lastName>,
>>>>>>
>>>>>> <adminFirstName> <adminLastName> here from <application.base.url>.
>>>>>> I’ve added you as a user to our online meeting room(s).
>>>>>>
>>>>>> To use the room(s), you need to complete your registration. Click the
>>>>>> link below and create a strong password.
>>>>>>
>>>>>> <URL>
>>>>>>
>>>>>> Your username for logging in is <username>.
>>>>>>
>>>>>> Thanks for joining our meeting room(s).
>>>>>>
>>>>>> See you soon!
>>>>>>
>>>>>> <adminFirstName>
>>>>>>
>>>>>>
>>>>>> If I’ve sent you this invitation by mistake, please *click here* to
>>>>>> deregister.
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Wed, Aug 25, 2021 at 6:13 AM Maxim Solodovnik <
>>>>>> solomax666@gmail.com> wrote:
>>>>>>
>>>>>>> Maybe you can help to create a template for such email (as text)
>>>>>>> here? :)
>>>>>>> and maybe propose a configuration key name?
>>>>>>>
>>>>>>> `send.email.when.created.by.admin`? Maybe better ideas? :))
>>>>>>>
>>>>>>> On Wed, 25 Aug 2021 at 12:18, Lee But <le...@gmail.com>
>>>>>>> wrote:
>>>>>>>
>>>>>>>> Hello Maxim,
>>>>>>>>
>>>>>>>> I'm testing with my own email addresses until I am sure that I have
>>>>>>>> everything right.
>>>>>>>> I think that would be great. Also, a link to the login page would
>>>>>>>> be useful, as without it, users don't know the URL of the website.
>>>>>>>>
>>>>>>>> Regards,
>>>>>>>> Lee
>>>>>>>>
>>>>>>>> On Wed, Aug 25, 2021 at 2:53 AM Maxim Solodovnik <
>>>>>>>> solomax666@gmail.com> wrote:
>>>>>>>>
>>>>>>>>> Hello Lee,
>>>>>>>>>
>>>>>>>>> this is by design
>>>>>>>>> these email settings are for self-registration only
>>>>>>>>> Password is not being sent for security reasons
>>>>>>>>>
>>>>>>>>> As workaround your users can click "Forget password"
>>>>>>>>> enter login/email and change the password
>>>>>>>>>
>>>>>>>>> We can add some additional setting to send email to newly created
>>>>>>>>> users with instructions above :)
>>>>>>>>> WDYT?
>>>>>>>>>
>>>>>>>>> On Tue, 24 Aug 2021 at 23:07, Lee But <
>>>>>>>>> leesenglishlessons@gmail.com> wrote:
>>>>>>>>>
>>>>>>>>>> Hello,
>>>>>>>>>>
>>>>>>>>>> I turned off self-registering, and when I set up a user as admin,
>>>>>>>>>> no verification email is sent despite the key being set to true.
>>>>>>>>>> [image: image.png]
>>>>>>>>>>
>>>>>>>>>> Also, the email that contains the user's account details does not
>>>>>>>>>> contain the password, nor a link to the openmeetings page, so they cannot
>>>>>>>>>> log in.
>>>>>>>>>> Here's the message:
>>>>>>>>>>
>>>>>>>>>> [image: image.png]
>>>>>>>>>>
>>>>>>>>>> Thank you,
>>>>>>>>>> Lee
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> Best regards,
>>>>>>>>> Maxim
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Best regards,
>>>>>>> Maxim
>>>>>>>
>>>>>>
>>>>>
>>>>> --
>>>>> Best regards,
>>>>> Maxim
>>>>>
>>>>
>>>
>>> --
>>> Best regards,
>>> Maxim
>>>
>>
>
> --
> Best regards,
> Maxim
>
>
Re: Registering on behalf of users - no confirmation email
Posted by Ali Alhaidary <al...@the5stars.org>.
On 8/26/21 8:46 AM, Maxim Solodovnik wrote:
> I would call it: security issue :)
> IMO such destructive action like purging user should be very much
> secured ....
Admins periodically review user list and remove old, not fully
registered or not verified users. Also, a user needs to remove his
contact information if the application keeps interacting with him by
email for example, however, OM does not do that.
>
> On Thu, 26 Aug 2021 at 12:44, Lee But <leesenglishlessons@gmail.com
> <ma...@gmail.com>> wrote:
>
> Isn't there a way to send an ID key in the invitation email that
> can automatically remove the record that matches the key. Or,
> match the email address?
>
> On Thu, Aug 26, 2021 at 5:36 AM Maxim Solodovnik
> <solomax666@gmail.com <ma...@gmail.com>> wrote:
>
>
>
> On Thu, 26 Aug 2021 at 12:18, Lee But
> <leesenglishlessons@gmail.com
> <ma...@gmail.com>> wrote:
>
> Hello Maxim,
>
> The <application.base.url> is just to point to the website
> that openmeetings is on so that the user can recognise it.
> Example, Maxim Solodonvik at www.openmeetings.apache.org
> <http://www.openmeetings.apache.org> has invited you to
> join their online meeting room(s).
> Perhaps, it would be better if the admin could create an
> 'organisation name' and have that in the invitation instead.
>
> The <URL>, would point directly to a page to change the
> password and complete registration.
>
>
> Well
> Actually both URLs will be
> https://om.alteametasoft.com/openmeetings/signin
> <https://om.alteametasoft.com/openmeetings/signin>
> This is why I'm asking :)
>
>
> What I mean by 'deregister' is to remove the information
> that the admin created: names, password and email address.
> That may not be clear.
>
> I suppose it could read, 'If you have received this
> invitation in error or do not wish to join the meeting
> room(s), please _click here_ to deregister your
> information shown in this email.'
>
>
> As I wrote before
> this is impossible without successful login
> which impossible without "change the password and complete
> registration"
> So the footer looks useless to me :(
>
>
>
> On Thu, Aug 26, 2021 at 4:59 AM Maxim Solodovnik
> <solomax666@gmail.com <ma...@gmail.com>> wrote:
>
> Thanks for the templates :)
>
> I'll do the following:
>
> 1) will create the key
> `send.invite.to.user.created.by.admin`
> 2) will use "Formal version" to create the template
> (you can modify it any time as described here
> https://openmeetings.apache.org/EditTemplates.html
> <https://openmeetings.apache.org/EditTemplates.html>)
>
> Couple of questions:
> 1) why do we need both "<application.base.url>" and
> "<URL>"?
> 2) why do we need this "If you have received this
> invitation in error, please _click here_ to
> deregister." footer? the only way to de-register is to
> complete registration then to delete themselves ....
>
>
> On Wed, 25 Aug 2021 at 20:39, Ali Alhaidary
> <ali.alhaidary@the5stars.org
> <ma...@the5stars.org>> wrote:
>
> Nice :-)
>
> Ali
>
> On 8/25/21 3:07 PM, Lee But wrote:
>> Hello Maxim,
>>
>> Here are two templates. One is formal, the other
>> informal. I think it would be useful for admins
>> to view default templates and create their own
>> invitations as well.
>> possible keys could be:
>>
>> send.formal.invite.to.user.created.by.admin
>> send.casual.invite.to.user.created.by.admin
>> send.custom.invite.to.user.created.by.admin
>>
>> In the examples below, the name order could be
>> swapped according to the language being used.
>>
>> *****************
>> Formal version
>>
>> *****************
>>
>> Dear <firstName> <lastName>,
>>
>> <adminFirstName> <adminLastName> at
>> <application.base.url> has invited you to join
>> their online meeting room(s).
>>
>> To complete your registration and use the
>> room(s), please visit the link below and create a
>> strong password.
>>
>> <URL>
>>
>> Your username for logging in is <username>.
>>
>> Thank you for joining our meeting rooms.
>>
>> Best regards,
>>
>> <adminFirstName> <adminLastName>
>>
>>
>> If you have received this invitation in error,
>> please _click here_ to deregister.
>>
>>
>>
>> *****************
>> Casual version
>>
>> *****************
>>
>> Hi <firstName> <lastName>,
>>
>> <adminFirstName> <adminLastName> here from
>> <application.base.url>. I’ve added you as a user
>> to our online meeting room(s).
>>
>> To use the room(s), you need to complete your
>> registration. Click the link below and create a
>> strong password.
>>
>> <URL>
>>
>> Your username for logging in is <username>.
>>
>> Thanks for joining our meeting room(s).
>>
>> See you soon!
>>
>> <adminFirstName>
>>
>>
>> If I’ve sent you this invitation by mistake,
>> please _click here_ to deregister.
>>
>>
>>
>>
>> On Wed, Aug 25, 2021 at 6:13 AM Maxim Solodovnik
>> <solomax666@gmail.com
>> <ma...@gmail.com>> wrote:
>>
>> Maybe you can help to create a template for
>> such email (as text) here? :)
>> and maybe propose a configuration key name?
>>
>> `send.email.when.created.by.admin`? Maybe
>> better ideas? :))
>>
>> On Wed, 25 Aug 2021 at 12:18, Lee But
>> <leesenglishlessons@gmail.com
>> <ma...@gmail.com>> wrote:
>>
>> Hello Maxim,
>>
>> I'm testing with my own email addresses
>> until I am sure that I have everything right.
>> I think that would be great. Also, a link
>> to the login page would be useful, as
>> without it, users don't know the URL of
>> the website.
>>
>> Regards,
>> Lee
>>
>> On Wed, Aug 25, 2021 at 2:53 AM Maxim
>> Solodovnik <solomax666@gmail.com
>> <ma...@gmail.com>> wrote:
>>
>> Hello Lee,
>>
>> this is by design
>> these email settings are for
>> self-registration only
>> Password is not being sent for
>> security reasons
>>
>> As workaround your users can click
>> "Forget password"
>> enter login/email and change the password
>>
>> We can add some additional setting to
>> send email to newly created users
>> with instructions above :)
>> WDYT?
>>
>> On Tue, 24 Aug 2021 at 23:07, Lee But
>> <leesenglishlessons@gmail.com
>> <ma...@gmail.com>>
>> wrote:
>>
>> Hello,
>>
>> I turned off self-registering,
>> and when I set up a user as
>> admin, no verification email is
>> sent despite the key being set to
>> true.
>> image.png
>>
>> Also, the email that contains the
>> user's account details does not
>> contain the password, nor a link
>> to the openmeetings page, so they
>> cannot log in.
>> Here's the message:
>>
>> image.png
>>
>> Thank you,
>> Lee
>>
>>
>>
>> --
>> Best regards,
>> Maxim
>>
>>
>>
>> --
>> Best regards,
>> Maxim
>>
>
>
> --
> Best regards,
> Maxim
>
>
>
> --
> Best regards,
> Maxim
>
>
>
> --
> Best regards,
> Maxim
Re: Registering on behalf of users - no confirmation email
Posted by Maxim Solodovnik <so...@gmail.com>.
I would call it: security issue :)
IMO such destructive action like purging user should be very much secured
....
On Thu, 26 Aug 2021 at 12:44, Lee But <le...@gmail.com> wrote:
> Isn't there a way to send an ID key in the invitation email that can
> automatically remove the record that matches the key. Or, match the email
> address?
>
> On Thu, Aug 26, 2021 at 5:36 AM Maxim Solodovnik <so...@gmail.com>
> wrote:
>
>>
>>
>> On Thu, 26 Aug 2021 at 12:18, Lee But <le...@gmail.com>
>> wrote:
>>
>>> Hello Maxim,
>>>
>>> The <application.base.url> is just to point to the website that
>>> openmeetings is on so that the user can recognise it. Example, Maxim
>>> Solodonvik at www.openmeetings.apache.org has invited you to join their
>>> online meeting room(s).
>>> Perhaps, it would be better if the admin could create an 'organisation
>>> name' and have that in the invitation instead.
>>>
>>> The <URL>, would point directly to a page to change the password and
>>> complete registration.
>>>
>>
>> Well
>> Actually both URLs will be
>> https://om.alteametasoft.com/openmeetings/signin
>> This is why I'm asking :)
>>
>>
>>> What I mean by 'deregister' is to remove the information that the admin
>>> created: names, password and email address. That may not be clear.
>>>
>>> I suppose it could read, 'If you have received this invitation in error
>>> or do not wish to join the meeting room(s), please *click here* to
>>> deregister your information shown in this email.'
>>>
>>
>> As I wrote before
>> this is impossible without successful login
>> which impossible without "change the password and complete registration"
>> So the footer looks useless to me :(
>>
>>
>>>
>>> On Thu, Aug 26, 2021 at 4:59 AM Maxim Solodovnik <so...@gmail.com>
>>> wrote:
>>>
>>>> Thanks for the templates :)
>>>>
>>>> I'll do the following:
>>>>
>>>> 1) will create the key `send.invite.to.user.created.by.admin`
>>>> 2) will use "Formal version" to create the template
>>>> (you can modify it any time as described here
>>>> https://openmeetings.apache.org/EditTemplates.html)
>>>>
>>>> Couple of questions:
>>>> 1) why do we need both "<application.base.url>" and "<URL>"?
>>>> 2) why do we need this "If you have received this invitation in error,
>>>> please *click here* to deregister." footer? the only way to
>>>> de-register is to complete registration then to delete themselves ....
>>>>
>>>>
>>>> On Wed, 25 Aug 2021 at 20:39, Ali Alhaidary <
>>>> ali.alhaidary@the5stars.org> wrote:
>>>>
>>>>> Nice :-)
>>>>>
>>>>> Ali
>>>>> On 8/25/21 3:07 PM, Lee But wrote:
>>>>>
>>>>> Hello Maxim,
>>>>>
>>>>> Here are two templates. One is formal, the other informal. I think it
>>>>> would be useful for admins to view default templates and create their own
>>>>> invitations as well.
>>>>> possible keys could be:
>>>>>
>>>>> send.formal.invite.to.user.created.by.admin
>>>>> send.casual.invite.to.user.created.by.admin
>>>>> send.custom.invite.to.user.created.by.admin
>>>>>
>>>>> In the examples below, the name order could be swapped according to
>>>>> the language being used.
>>>>>
>>>>> *****************
>>>>> Formal version
>>>>>
>>>>> *****************
>>>>>
>>>>> Dear <firstName> <lastName>,
>>>>>
>>>>> <adminFirstName> <adminLastName> at <application.base.url> has invited
>>>>> you to join their online meeting room(s).
>>>>>
>>>>> To complete your registration and use the room(s), please visit the
>>>>> link below and create a strong password.
>>>>>
>>>>> <URL>
>>>>>
>>>>> Your username for logging in is <username>.
>>>>>
>>>>> Thank you for joining our meeting rooms.
>>>>>
>>>>> Best regards,
>>>>>
>>>>> <adminFirstName> <adminLastName>
>>>>>
>>>>>
>>>>> If you have received this invitation in error, please *click here* to
>>>>> deregister.
>>>>>
>>>>>
>>>>>
>>>>> *****************
>>>>> Casual version
>>>>>
>>>>> *****************
>>>>>
>>>>> Hi <firstName> <lastName>,
>>>>>
>>>>> <adminFirstName> <adminLastName> here from <application.base.url>.
>>>>> I’ve added you as a user to our online meeting room(s).
>>>>>
>>>>> To use the room(s), you need to complete your registration. Click the
>>>>> link below and create a strong password.
>>>>>
>>>>> <URL>
>>>>>
>>>>> Your username for logging in is <username>.
>>>>>
>>>>> Thanks for joining our meeting room(s).
>>>>>
>>>>> See you soon!
>>>>>
>>>>> <adminFirstName>
>>>>>
>>>>>
>>>>> If I’ve sent you this invitation by mistake, please *click here* to
>>>>> deregister.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On Wed, Aug 25, 2021 at 6:13 AM Maxim Solodovnik <so...@gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Maybe you can help to create a template for such email (as text)
>>>>>> here? :)
>>>>>> and maybe propose a configuration key name?
>>>>>>
>>>>>> `send.email.when.created.by.admin`? Maybe better ideas? :))
>>>>>>
>>>>>> On Wed, 25 Aug 2021 at 12:18, Lee But <le...@gmail.com>
>>>>>> wrote:
>>>>>>
>>>>>>> Hello Maxim,
>>>>>>>
>>>>>>> I'm testing with my own email addresses until I am sure that I have
>>>>>>> everything right.
>>>>>>> I think that would be great. Also, a link to the login page would be
>>>>>>> useful, as without it, users don't know the URL of the website.
>>>>>>>
>>>>>>> Regards,
>>>>>>> Lee
>>>>>>>
>>>>>>> On Wed, Aug 25, 2021 at 2:53 AM Maxim Solodovnik <
>>>>>>> solomax666@gmail.com> wrote:
>>>>>>>
>>>>>>>> Hello Lee,
>>>>>>>>
>>>>>>>> this is by design
>>>>>>>> these email settings are for self-registration only
>>>>>>>> Password is not being sent for security reasons
>>>>>>>>
>>>>>>>> As workaround your users can click "Forget password"
>>>>>>>> enter login/email and change the password
>>>>>>>>
>>>>>>>> We can add some additional setting to send email to newly created
>>>>>>>> users with instructions above :)
>>>>>>>> WDYT?
>>>>>>>>
>>>>>>>> On Tue, 24 Aug 2021 at 23:07, Lee But <le...@gmail.com>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>> Hello,
>>>>>>>>>
>>>>>>>>> I turned off self-registering, and when I set up a user as admin,
>>>>>>>>> no verification email is sent despite the key being set to true.
>>>>>>>>> [image: image.png]
>>>>>>>>>
>>>>>>>>> Also, the email that contains the user's account details does not
>>>>>>>>> contain the password, nor a link to the openmeetings page, so they cannot
>>>>>>>>> log in.
>>>>>>>>> Here's the message:
>>>>>>>>>
>>>>>>>>> [image: image.png]
>>>>>>>>>
>>>>>>>>> Thank you,
>>>>>>>>> Lee
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> Best regards,
>>>>>>>> Maxim
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>> --
>>>>>> Best regards,
>>>>>> Maxim
>>>>>>
>>>>>
>>>>
>>>> --
>>>> Best regards,
>>>> Maxim
>>>>
>>>
>>
>> --
>> Best regards,
>> Maxim
>>
>
--
Best regards,
Maxim
Re: Registering on behalf of users - no confirmation email
Posted by Lee But <le...@gmail.com>.
Isn't there a way to send an ID key in the invitation email that can
automatically remove the record that matches the key. Or, match the email
address?
On Thu, Aug 26, 2021 at 5:36 AM Maxim Solodovnik <so...@gmail.com>
wrote:
>
>
> On Thu, 26 Aug 2021 at 12:18, Lee But <le...@gmail.com>
> wrote:
>
>> Hello Maxim,
>>
>> The <application.base.url> is just to point to the website that
>> openmeetings is on so that the user can recognise it. Example, Maxim
>> Solodonvik at www.openmeetings.apache.org has invited you to join their
>> online meeting room(s).
>> Perhaps, it would be better if the admin could create an 'organisation
>> name' and have that in the invitation instead.
>>
>> The <URL>, would point directly to a page to change the password and
>> complete registration.
>>
>
> Well
> Actually both URLs will be
> https://om.alteametasoft.com/openmeetings/signin
> This is why I'm asking :)
>
>
>> What I mean by 'deregister' is to remove the information that the admin
>> created: names, password and email address. That may not be clear.
>>
>> I suppose it could read, 'If you have received this invitation in error
>> or do not wish to join the meeting room(s), please *click here* to
>> deregister your information shown in this email.'
>>
>
> As I wrote before
> this is impossible without successful login
> which impossible without "change the password and complete registration"
> So the footer looks useless to me :(
>
>
>>
>> On Thu, Aug 26, 2021 at 4:59 AM Maxim Solodovnik <so...@gmail.com>
>> wrote:
>>
>>> Thanks for the templates :)
>>>
>>> I'll do the following:
>>>
>>> 1) will create the key `send.invite.to.user.created.by.admin`
>>> 2) will use "Formal version" to create the template
>>> (you can modify it any time as described here
>>> https://openmeetings.apache.org/EditTemplates.html)
>>>
>>> Couple of questions:
>>> 1) why do we need both "<application.base.url>" and "<URL>"?
>>> 2) why do we need this "If you have received this invitation in error,
>>> please *click here* to deregister." footer? the only way to de-register
>>> is to complete registration then to delete themselves ....
>>>
>>>
>>> On Wed, 25 Aug 2021 at 20:39, Ali Alhaidary <al...@the5stars.org>
>>> wrote:
>>>
>>>> Nice :-)
>>>>
>>>> Ali
>>>> On 8/25/21 3:07 PM, Lee But wrote:
>>>>
>>>> Hello Maxim,
>>>>
>>>> Here are two templates. One is formal, the other informal. I think it
>>>> would be useful for admins to view default templates and create their own
>>>> invitations as well.
>>>> possible keys could be:
>>>>
>>>> send.formal.invite.to.user.created.by.admin
>>>> send.casual.invite.to.user.created.by.admin
>>>> send.custom.invite.to.user.created.by.admin
>>>>
>>>> In the examples below, the name order could be swapped according to the
>>>> language being used.
>>>>
>>>> *****************
>>>> Formal version
>>>>
>>>> *****************
>>>>
>>>> Dear <firstName> <lastName>,
>>>>
>>>> <adminFirstName> <adminLastName> at <application.base.url> has invited
>>>> you to join their online meeting room(s).
>>>>
>>>> To complete your registration and use the room(s), please visit the
>>>> link below and create a strong password.
>>>>
>>>> <URL>
>>>>
>>>> Your username for logging in is <username>.
>>>>
>>>> Thank you for joining our meeting rooms.
>>>>
>>>> Best regards,
>>>>
>>>> <adminFirstName> <adminLastName>
>>>>
>>>>
>>>> If you have received this invitation in error, please *click here* to
>>>> deregister.
>>>>
>>>>
>>>>
>>>> *****************
>>>> Casual version
>>>>
>>>> *****************
>>>>
>>>> Hi <firstName> <lastName>,
>>>>
>>>> <adminFirstName> <adminLastName> here from <application.base.url>. I’ve
>>>> added you as a user to our online meeting room(s).
>>>>
>>>> To use the room(s), you need to complete your registration. Click the
>>>> link below and create a strong password.
>>>>
>>>> <URL>
>>>>
>>>> Your username for logging in is <username>.
>>>>
>>>> Thanks for joining our meeting room(s).
>>>>
>>>> See you soon!
>>>>
>>>> <adminFirstName>
>>>>
>>>>
>>>> If I’ve sent you this invitation by mistake, please *click here* to
>>>> deregister.
>>>>
>>>>
>>>>
>>>>
>>>> On Wed, Aug 25, 2021 at 6:13 AM Maxim Solodovnik <so...@gmail.com>
>>>> wrote:
>>>>
>>>>> Maybe you can help to create a template for such email (as text) here?
>>>>> :)
>>>>> and maybe propose a configuration key name?
>>>>>
>>>>> `send.email.when.created.by.admin`? Maybe better ideas? :))
>>>>>
>>>>> On Wed, 25 Aug 2021 at 12:18, Lee But <le...@gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Hello Maxim,
>>>>>>
>>>>>> I'm testing with my own email addresses until I am sure that I have
>>>>>> everything right.
>>>>>> I think that would be great. Also, a link to the login page would be
>>>>>> useful, as without it, users don't know the URL of the website.
>>>>>>
>>>>>> Regards,
>>>>>> Lee
>>>>>>
>>>>>> On Wed, Aug 25, 2021 at 2:53 AM Maxim Solodovnik <
>>>>>> solomax666@gmail.com> wrote:
>>>>>>
>>>>>>> Hello Lee,
>>>>>>>
>>>>>>> this is by design
>>>>>>> these email settings are for self-registration only
>>>>>>> Password is not being sent for security reasons
>>>>>>>
>>>>>>> As workaround your users can click "Forget password"
>>>>>>> enter login/email and change the password
>>>>>>>
>>>>>>> We can add some additional setting to send email to newly created
>>>>>>> users with instructions above :)
>>>>>>> WDYT?
>>>>>>>
>>>>>>> On Tue, 24 Aug 2021 at 23:07, Lee But <le...@gmail.com>
>>>>>>> wrote:
>>>>>>>
>>>>>>>> Hello,
>>>>>>>>
>>>>>>>> I turned off self-registering, and when I set up a user as admin,
>>>>>>>> no verification email is sent despite the key being set to true.
>>>>>>>> [image: image.png]
>>>>>>>>
>>>>>>>> Also, the email that contains the user's account details does not
>>>>>>>> contain the password, nor a link to the openmeetings page, so they cannot
>>>>>>>> log in.
>>>>>>>> Here's the message:
>>>>>>>>
>>>>>>>> [image: image.png]
>>>>>>>>
>>>>>>>> Thank you,
>>>>>>>> Lee
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Best regards,
>>>>>>> Maxim
>>>>>>>
>>>>>>
>>>>>
>>>>> --
>>>>> Best regards,
>>>>> Maxim
>>>>>
>>>>
>>>
>>> --
>>> Best regards,
>>> Maxim
>>>
>>
>
> --
> Best regards,
> Maxim
>
Re: Registering on behalf of users - no confirmation email
Posted by Maxim Solodovnik <so...@gmail.com>.
On Thu, 26 Aug 2021 at 12:18, Lee But <le...@gmail.com> wrote:
> Hello Maxim,
>
> The <application.base.url> is just to point to the website that
> openmeetings is on so that the user can recognise it. Example, Maxim
> Solodonvik at www.openmeetings.apache.org has invited you to join their
> online meeting room(s).
> Perhaps, it would be better if the admin could create an 'organisation
> name' and have that in the invitation instead.
>
> The <URL>, would point directly to a page to change the password and
> complete registration.
>
Well
Actually both URLs will be https://om.alteametasoft.com/openmeetings/signin
This is why I'm asking :)
> What I mean by 'deregister' is to remove the information that the admin
> created: names, password and email address. That may not be clear.
>
> I suppose it could read, 'If you have received this invitation in error or
> do not wish to join the meeting room(s), please *click here* to
> deregister your information shown in this email.'
>
As I wrote before
this is impossible without successful login
which impossible without "change the password and complete registration"
So the footer looks useless to me :(
>
> On Thu, Aug 26, 2021 at 4:59 AM Maxim Solodovnik <so...@gmail.com>
> wrote:
>
>> Thanks for the templates :)
>>
>> I'll do the following:
>>
>> 1) will create the key `send.invite.to.user.created.by.admin`
>> 2) will use "Formal version" to create the template
>> (you can modify it any time as described here
>> https://openmeetings.apache.org/EditTemplates.html)
>>
>> Couple of questions:
>> 1) why do we need both "<application.base.url>" and "<URL>"?
>> 2) why do we need this "If you have received this invitation in error,
>> please *click here* to deregister." footer? the only way to de-register
>> is to complete registration then to delete themselves ....
>>
>>
>> On Wed, 25 Aug 2021 at 20:39, Ali Alhaidary <al...@the5stars.org>
>> wrote:
>>
>>> Nice :-)
>>>
>>> Ali
>>> On 8/25/21 3:07 PM, Lee But wrote:
>>>
>>> Hello Maxim,
>>>
>>> Here are two templates. One is formal, the other informal. I think it
>>> would be useful for admins to view default templates and create their own
>>> invitations as well.
>>> possible keys could be:
>>>
>>> send.formal.invite.to.user.created.by.admin
>>> send.casual.invite.to.user.created.by.admin
>>> send.custom.invite.to.user.created.by.admin
>>>
>>> In the examples below, the name order could be swapped according to the
>>> language being used.
>>>
>>> *****************
>>> Formal version
>>>
>>> *****************
>>>
>>> Dear <firstName> <lastName>,
>>>
>>> <adminFirstName> <adminLastName> at <application.base.url> has invited
>>> you to join their online meeting room(s).
>>>
>>> To complete your registration and use the room(s), please visit the link
>>> below and create a strong password.
>>>
>>> <URL>
>>>
>>> Your username for logging in is <username>.
>>>
>>> Thank you for joining our meeting rooms.
>>>
>>> Best regards,
>>>
>>> <adminFirstName> <adminLastName>
>>>
>>>
>>> If you have received this invitation in error, please *click here* to
>>> deregister.
>>>
>>>
>>>
>>> *****************
>>> Casual version
>>>
>>> *****************
>>>
>>> Hi <firstName> <lastName>,
>>>
>>> <adminFirstName> <adminLastName> here from <application.base.url>. I’ve
>>> added you as a user to our online meeting room(s).
>>>
>>> To use the room(s), you need to complete your registration. Click the
>>> link below and create a strong password.
>>>
>>> <URL>
>>>
>>> Your username for logging in is <username>.
>>>
>>> Thanks for joining our meeting room(s).
>>>
>>> See you soon!
>>>
>>> <adminFirstName>
>>>
>>>
>>> If I’ve sent you this invitation by mistake, please *click here* to
>>> deregister.
>>>
>>>
>>>
>>>
>>> On Wed, Aug 25, 2021 at 6:13 AM Maxim Solodovnik <so...@gmail.com>
>>> wrote:
>>>
>>>> Maybe you can help to create a template for such email (as text) here?
>>>> :)
>>>> and maybe propose a configuration key name?
>>>>
>>>> `send.email.when.created.by.admin`? Maybe better ideas? :))
>>>>
>>>> On Wed, 25 Aug 2021 at 12:18, Lee But <le...@gmail.com>
>>>> wrote:
>>>>
>>>>> Hello Maxim,
>>>>>
>>>>> I'm testing with my own email addresses until I am sure that I have
>>>>> everything right.
>>>>> I think that would be great. Also, a link to the login page would be
>>>>> useful, as without it, users don't know the URL of the website.
>>>>>
>>>>> Regards,
>>>>> Lee
>>>>>
>>>>> On Wed, Aug 25, 2021 at 2:53 AM Maxim Solodovnik <so...@gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Hello Lee,
>>>>>>
>>>>>> this is by design
>>>>>> these email settings are for self-registration only
>>>>>> Password is not being sent for security reasons
>>>>>>
>>>>>> As workaround your users can click "Forget password"
>>>>>> enter login/email and change the password
>>>>>>
>>>>>> We can add some additional setting to send email to newly created
>>>>>> users with instructions above :)
>>>>>> WDYT?
>>>>>>
>>>>>> On Tue, 24 Aug 2021 at 23:07, Lee But <le...@gmail.com>
>>>>>> wrote:
>>>>>>
>>>>>>> Hello,
>>>>>>>
>>>>>>> I turned off self-registering, and when I set up a user as admin, no
>>>>>>> verification email is sent despite the key being set to true.
>>>>>>> [image: image.png]
>>>>>>>
>>>>>>> Also, the email that contains the user's account details does not
>>>>>>> contain the password, nor a link to the openmeetings page, so they cannot
>>>>>>> log in.
>>>>>>> Here's the message:
>>>>>>>
>>>>>>> [image: image.png]
>>>>>>>
>>>>>>> Thank you,
>>>>>>> Lee
>>>>>>>
>>>>>>>
>>>>>>
>>>>>> --
>>>>>> Best regards,
>>>>>> Maxim
>>>>>>
>>>>>
>>>>
>>>> --
>>>> Best regards,
>>>> Maxim
>>>>
>>>
>>
>> --
>> Best regards,
>> Maxim
>>
>
--
Best regards,
Maxim
Re: Registering on behalf of users - no confirmation email
Posted by Lee But <le...@gmail.com>.
Hello Maxim,
The <application.base.url> is just to point to the website that
openmeetings is on so that the user can recognise it. Example, Maxim
Solodonvik at www.openmeetings.apache.org has invited you to join their
online meeting room(s).
Perhaps, it would be better if the admin could create an 'organisation
name' and have that in the invitation instead.
The <URL>, would point directly to a page to change the password and
complete registration.
What I mean by 'deregister' is to remove the information that the admin
created: names, password and email address. That may not be clear.
I suppose it could read, 'If you have received this invitation in error or
do not wish to join the meeting room(s), please *click here* to deregister
your information shown in this email.'
On Thu, Aug 26, 2021 at 4:59 AM Maxim Solodovnik <so...@gmail.com>
wrote:
> Thanks for the templates :)
>
> I'll do the following:
>
> 1) will create the key `send.invite.to.user.created.by.admin`
> 2) will use "Formal version" to create the template
> (you can modify it any time as described here
> https://openmeetings.apache.org/EditTemplates.html)
>
> Couple of questions:
> 1) why do we need both "<application.base.url>" and "<URL>"?
> 2) why do we need this "If you have received this invitation in error,
> please *click here* to deregister." footer? the only way to de-register
> is to complete registration then to delete themselves ....
>
>
> On Wed, 25 Aug 2021 at 20:39, Ali Alhaidary <al...@the5stars.org>
> wrote:
>
>> Nice :-)
>>
>> Ali
>> On 8/25/21 3:07 PM, Lee But wrote:
>>
>> Hello Maxim,
>>
>> Here are two templates. One is formal, the other informal. I think it
>> would be useful for admins to view default templates and create their own
>> invitations as well.
>> possible keys could be:
>>
>> send.formal.invite.to.user.created.by.admin
>> send.casual.invite.to.user.created.by.admin
>> send.custom.invite.to.user.created.by.admin
>>
>> In the examples below, the name order could be swapped according to the
>> language being used.
>>
>> *****************
>> Formal version
>>
>> *****************
>>
>> Dear <firstName> <lastName>,
>>
>> <adminFirstName> <adminLastName> at <application.base.url> has invited
>> you to join their online meeting room(s).
>>
>> To complete your registration and use the room(s), please visit the link
>> below and create a strong password.
>>
>> <URL>
>>
>> Your username for logging in is <username>.
>>
>> Thank you for joining our meeting rooms.
>>
>> Best regards,
>>
>> <adminFirstName> <adminLastName>
>>
>>
>> If you have received this invitation in error, please *click here* to
>> deregister.
>>
>>
>>
>> *****************
>> Casual version
>>
>> *****************
>>
>> Hi <firstName> <lastName>,
>>
>> <adminFirstName> <adminLastName> here from <application.base.url>. I’ve
>> added you as a user to our online meeting room(s).
>>
>> To use the room(s), you need to complete your registration. Click the
>> link below and create a strong password.
>>
>> <URL>
>>
>> Your username for logging in is <username>.
>>
>> Thanks for joining our meeting room(s).
>>
>> See you soon!
>>
>> <adminFirstName>
>>
>>
>> If I’ve sent you this invitation by mistake, please *click here* to
>> deregister.
>>
>>
>>
>>
>> On Wed, Aug 25, 2021 at 6:13 AM Maxim Solodovnik <so...@gmail.com>
>> wrote:
>>
>>> Maybe you can help to create a template for such email (as text) here?
>>> :)
>>> and maybe propose a configuration key name?
>>>
>>> `send.email.when.created.by.admin`? Maybe better ideas? :))
>>>
>>> On Wed, 25 Aug 2021 at 12:18, Lee But <le...@gmail.com>
>>> wrote:
>>>
>>>> Hello Maxim,
>>>>
>>>> I'm testing with my own email addresses until I am sure that I have
>>>> everything right.
>>>> I think that would be great. Also, a link to the login page would be
>>>> useful, as without it, users don't know the URL of the website.
>>>>
>>>> Regards,
>>>> Lee
>>>>
>>>> On Wed, Aug 25, 2021 at 2:53 AM Maxim Solodovnik <so...@gmail.com>
>>>> wrote:
>>>>
>>>>> Hello Lee,
>>>>>
>>>>> this is by design
>>>>> these email settings are for self-registration only
>>>>> Password is not being sent for security reasons
>>>>>
>>>>> As workaround your users can click "Forget password"
>>>>> enter login/email and change the password
>>>>>
>>>>> We can add some additional setting to send email to newly created
>>>>> users with instructions above :)
>>>>> WDYT?
>>>>>
>>>>> On Tue, 24 Aug 2021 at 23:07, Lee But <le...@gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Hello,
>>>>>>
>>>>>> I turned off self-registering, and when I set up a user as admin, no
>>>>>> verification email is sent despite the key being set to true.
>>>>>> [image: image.png]
>>>>>>
>>>>>> Also, the email that contains the user's account details does not
>>>>>> contain the password, nor a link to the openmeetings page, so they cannot
>>>>>> log in.
>>>>>> Here's the message:
>>>>>>
>>>>>> [image: image.png]
>>>>>>
>>>>>> Thank you,
>>>>>> Lee
>>>>>>
>>>>>>
>>>>>
>>>>> --
>>>>> Best regards,
>>>>> Maxim
>>>>>
>>>>
>>>
>>> --
>>> Best regards,
>>> Maxim
>>>
>>
>
> --
> Best regards,
> Maxim
>
Re: Registering on behalf of users - no confirmation email
Posted by Maxim Solodovnik <so...@gmail.com>.
Thanks for the templates :)
I'll do the following:
1) will create the key `send.invite.to.user.created.by.admin`
2) will use "Formal version" to create the template
(you can modify it any time as described here
https://openmeetings.apache.org/EditTemplates.html)
Couple of questions:
1) why do we need both "<application.base.url>" and "<URL>"?
2) why do we need this "If you have received this invitation in error,
please *click here* to deregister." footer? the only way to de-register is
to complete registration then to delete themselves ....
On Wed, 25 Aug 2021 at 20:39, Ali Alhaidary <al...@the5stars.org>
wrote:
> Nice :-)
>
> Ali
> On 8/25/21 3:07 PM, Lee But wrote:
>
> Hello Maxim,
>
> Here are two templates. One is formal, the other informal. I think it
> would be useful for admins to view default templates and create their own
> invitations as well.
> possible keys could be:
>
> send.formal.invite.to.user.created.by.admin
> send.casual.invite.to.user.created.by.admin
> send.custom.invite.to.user.created.by.admin
>
> In the examples below, the name order could be swapped according to the
> language being used.
>
> *****************
> Formal version
>
> *****************
>
> Dear <firstName> <lastName>,
>
> <adminFirstName> <adminLastName> at <application.base.url> has invited you
> to join their online meeting room(s).
>
> To complete your registration and use the room(s), please visit the link
> below and create a strong password.
>
> <URL>
>
> Your username for logging in is <username>.
>
> Thank you for joining our meeting rooms.
>
> Best regards,
>
> <adminFirstName> <adminLastName>
>
>
> If you have received this invitation in error, please *click here* to
> deregister.
>
>
>
> *****************
> Casual version
>
> *****************
>
> Hi <firstName> <lastName>,
>
> <adminFirstName> <adminLastName> here from <application.base.url>. I’ve
> added you as a user to our online meeting room(s).
>
> To use the room(s), you need to complete your registration. Click the link
> below and create a strong password.
>
> <URL>
>
> Your username for logging in is <username>.
>
> Thanks for joining our meeting room(s).
>
> See you soon!
>
> <adminFirstName>
>
>
> If I’ve sent you this invitation by mistake, please *click here* to
> deregister.
>
>
>
>
> On Wed, Aug 25, 2021 at 6:13 AM Maxim Solodovnik <so...@gmail.com>
> wrote:
>
>> Maybe you can help to create a template for such email (as text) here? :)
>> and maybe propose a configuration key name?
>>
>> `send.email.when.created.by.admin`? Maybe better ideas? :))
>>
>> On Wed, 25 Aug 2021 at 12:18, Lee But <le...@gmail.com>
>> wrote:
>>
>>> Hello Maxim,
>>>
>>> I'm testing with my own email addresses until I am sure that I have
>>> everything right.
>>> I think that would be great. Also, a link to the login page would be
>>> useful, as without it, users don't know the URL of the website.
>>>
>>> Regards,
>>> Lee
>>>
>>> On Wed, Aug 25, 2021 at 2:53 AM Maxim Solodovnik <so...@gmail.com>
>>> wrote:
>>>
>>>> Hello Lee,
>>>>
>>>> this is by design
>>>> these email settings are for self-registration only
>>>> Password is not being sent for security reasons
>>>>
>>>> As workaround your users can click "Forget password"
>>>> enter login/email and change the password
>>>>
>>>> We can add some additional setting to send email to newly created users
>>>> with instructions above :)
>>>> WDYT?
>>>>
>>>> On Tue, 24 Aug 2021 at 23:07, Lee But <le...@gmail.com>
>>>> wrote:
>>>>
>>>>> Hello,
>>>>>
>>>>> I turned off self-registering, and when I set up a user as admin, no
>>>>> verification email is sent despite the key being set to true.
>>>>> [image: image.png]
>>>>>
>>>>> Also, the email that contains the user's account details does not
>>>>> contain the password, nor a link to the openmeetings page, so they cannot
>>>>> log in.
>>>>> Here's the message:
>>>>>
>>>>> [image: image.png]
>>>>>
>>>>> Thank you,
>>>>> Lee
>>>>>
>>>>>
>>>>
>>>> --
>>>> Best regards,
>>>> Maxim
>>>>
>>>
>>
>> --
>> Best regards,
>> Maxim
>>
>
--
Best regards,
Maxim
Re: Registering on behalf of users - no confirmation email
Posted by Ali Alhaidary <al...@the5stars.org>.
Nice :-)
Ali
On 8/25/21 3:07 PM, Lee But wrote:
> Hello Maxim,
>
> Here are two templates. One is formal, the other informal. I think it
> would be useful for admins to view default templates and create their
> own invitations as well.
> possible keys could be:
>
> send.formal.invite.to.user.created.by.admin
> send.casual.invite.to.user.created.by.admin
> send.custom.invite.to.user.created.by.admin
>
> In the examples below, the name order could be swapped according to
> the language being used.
>
> *****************
> Formal version
>
> *****************
>
> Dear <firstName> <lastName>,
>
> <adminFirstName> <adminLastName> at <application.base.url> has invited
> you to join their online meeting room(s).
>
> To complete your registration and use the room(s), please visit the
> link below and create a strong password.
>
> <URL>
>
> Your username for logging in is <username>.
>
> Thank you for joining our meeting rooms.
>
> Best regards,
>
> <adminFirstName> <adminLastName>
>
>
> If you have received this invitation in error, please _click here_ to
> deregister.
>
>
>
> *****************
> Casual version
>
> *****************
>
> Hi <firstName> <lastName>,
>
> <adminFirstName> <adminLastName> here from <application.base.url>.
> I’ve added you as a user to our online meeting room(s).
>
> To use the room(s), you need to complete your registration. Click the
> link below and create a strong password.
>
> <URL>
>
> Your username for logging in is <username>.
>
> Thanks for joining our meeting room(s).
>
> See you soon!
>
> <adminFirstName>
>
>
> If I’ve sent you this invitation by mistake, please _click here_ to
> deregister.
>
>
>
>
> On Wed, Aug 25, 2021 at 6:13 AM Maxim Solodovnik <solomax666@gmail.com
> <ma...@gmail.com>> wrote:
>
> Maybe you can help to create a template for such email (as text)
> here? :)
> and maybe propose a configuration key name?
>
> `send.email.when.created.by.admin`? Maybe better ideas? :))
>
> On Wed, 25 Aug 2021 at 12:18, Lee But
> <leesenglishlessons@gmail.com
> <ma...@gmail.com>> wrote:
>
> Hello Maxim,
>
> I'm testing with my own email addresses until I am sure that I
> have everything right.
> I think that would be great. Also, a link to the login page
> would be useful, as without it, users don't know the URL of
> the website.
>
> Regards,
> Lee
>
> On Wed, Aug 25, 2021 at 2:53 AM Maxim Solodovnik
> <solomax666@gmail.com <ma...@gmail.com>> wrote:
>
> Hello Lee,
>
> this is by design
> these email settings are for self-registration only
> Password is not being sent for security reasons
>
> As workaround your users can click "Forget password"
> enter login/email and change the password
>
> We can add some additional setting to send email to newly
> created users with instructions above :)
> WDYT?
>
> On Tue, 24 Aug 2021 at 23:07, Lee But
> <leesenglishlessons@gmail.com
> <ma...@gmail.com>> wrote:
>
> Hello,
>
> I turned off self-registering, and when I set up a
> user as admin, no verification email is sent despite
> the key being set to true.
> image.png
>
> Also, the email that contains the user's account
> details does not contain the password, nor a link to
> the openmeetings page, so they cannot log in.
> Here's the message:
>
> image.png
>
> Thank you,
> Lee
>
>
>
> --
> Best regards,
> Maxim
>
>
>
> --
> Best regards,
> Maxim
>
Re: Registering on behalf of users - no confirmation email
Posted by Lee But <le...@gmail.com>.
Hello Maxim,
Here are two templates. One is formal, the other informal. I think it would
be useful for admins to view default templates and create their own
invitations as well.
possible keys could be:
send.formal.invite.to.user.created.by.admin
send.casual.invite.to.user.created.by.admin
send.custom.invite.to.user.created.by.admin
In the examples below, the name order could be swapped according to the
language being used.
*****************
Formal version
*****************
Dear <firstName> <lastName>,
<adminFirstName> <adminLastName> at <application.base.url> has invited you
to join their online meeting room(s).
To complete your registration and use the room(s), please visit the link
below and create a strong password.
<URL>
Your username for logging in is <username>.
Thank you for joining our meeting rooms.
Best regards,
<adminFirstName> <adminLastName>
If you have received this invitation in error, please *click here* to
deregister.
*****************
Casual version
*****************
Hi <firstName> <lastName>,
<adminFirstName> <adminLastName> here from <application.base.url>. I’ve
added you as a user to our online meeting room(s).
To use the room(s), you need to complete your registration. Click the link
below and create a strong password.
<URL>
Your username for logging in is <username>.
Thanks for joining our meeting room(s).
See you soon!
<adminFirstName>
If I’ve sent you this invitation by mistake, please *click here* to
deregister.
On Wed, Aug 25, 2021 at 6:13 AM Maxim Solodovnik <so...@gmail.com>
wrote:
> Maybe you can help to create a template for such email (as text) here? :)
> and maybe propose a configuration key name?
>
> `send.email.when.created.by.admin`? Maybe better ideas? :))
>
> On Wed, 25 Aug 2021 at 12:18, Lee But <le...@gmail.com>
> wrote:
>
>> Hello Maxim,
>>
>> I'm testing with my own email addresses until I am sure that I have
>> everything right.
>> I think that would be great. Also, a link to the login page would be
>> useful, as without it, users don't know the URL of the website.
>>
>> Regards,
>> Lee
>>
>> On Wed, Aug 25, 2021 at 2:53 AM Maxim Solodovnik <so...@gmail.com>
>> wrote:
>>
>>> Hello Lee,
>>>
>>> this is by design
>>> these email settings are for self-registration only
>>> Password is not being sent for security reasons
>>>
>>> As workaround your users can click "Forget password"
>>> enter login/email and change the password
>>>
>>> We can add some additional setting to send email to newly created users
>>> with instructions above :)
>>> WDYT?
>>>
>>> On Tue, 24 Aug 2021 at 23:07, Lee But <le...@gmail.com>
>>> wrote:
>>>
>>>> Hello,
>>>>
>>>> I turned off self-registering, and when I set up a user as admin, no
>>>> verification email is sent despite the key being set to true.
>>>> [image: image.png]
>>>>
>>>> Also, the email that contains the user's account details does not
>>>> contain the password, nor a link to the openmeetings page, so they cannot
>>>> log in.
>>>> Here's the message:
>>>>
>>>> [image: image.png]
>>>>
>>>> Thank you,
>>>> Lee
>>>>
>>>>
>>>
>>> --
>>> Best regards,
>>> Maxim
>>>
>>
>
> --
> Best regards,
> Maxim
>
Re: Registering on behalf of users - no confirmation email
Posted by Maxim Solodovnik <so...@gmail.com>.
Maybe you can help to create a template for such email (as text) here? :)
and maybe propose a configuration key name?
`send.email.when.created.by.admin`? Maybe better ideas? :))
On Wed, 25 Aug 2021 at 12:18, Lee But <le...@gmail.com> wrote:
> Hello Maxim,
>
> I'm testing with my own email addresses until I am sure that I have
> everything right.
> I think that would be great. Also, a link to the login page would be
> useful, as without it, users don't know the URL of the website.
>
> Regards,
> Lee
>
> On Wed, Aug 25, 2021 at 2:53 AM Maxim Solodovnik <so...@gmail.com>
> wrote:
>
>> Hello Lee,
>>
>> this is by design
>> these email settings are for self-registration only
>> Password is not being sent for security reasons
>>
>> As workaround your users can click "Forget password"
>> enter login/email and change the password
>>
>> We can add some additional setting to send email to newly created users
>> with instructions above :)
>> WDYT?
>>
>> On Tue, 24 Aug 2021 at 23:07, Lee But <le...@gmail.com>
>> wrote:
>>
>>> Hello,
>>>
>>> I turned off self-registering, and when I set up a user as admin, no
>>> verification email is sent despite the key being set to true.
>>> [image: image.png]
>>>
>>> Also, the email that contains the user's account details does not
>>> contain the password, nor a link to the openmeetings page, so they cannot
>>> log in.
>>> Here's the message:
>>>
>>> [image: image.png]
>>>
>>> Thank you,
>>> Lee
>>>
>>>
>>
>> --
>> Best regards,
>> Maxim
>>
>
--
Best regards,
Maxim
Re: Registering on behalf of users - no confirmation email
Posted by Lee But <le...@gmail.com>.
Hello Maxim,
I'm testing with my own email addresses until I am sure that I have
everything right.
I think that would be great. Also, a link to the login page would be
useful, as without it, users don't know the URL of the website.
Regards,
Lee
On Wed, Aug 25, 2021 at 2:53 AM Maxim Solodovnik <so...@gmail.com>
wrote:
> Hello Lee,
>
> this is by design
> these email settings are for self-registration only
> Password is not being sent for security reasons
>
> As workaround your users can click "Forget password"
> enter login/email and change the password
>
> We can add some additional setting to send email to newly created users
> with instructions above :)
> WDYT?
>
> On Tue, 24 Aug 2021 at 23:07, Lee But <le...@gmail.com>
> wrote:
>
>> Hello,
>>
>> I turned off self-registering, and when I set up a user as admin, no
>> verification email is sent despite the key being set to true.
>> [image: image.png]
>>
>> Also, the email that contains the user's account details does not contain
>> the password, nor a link to the openmeetings page, so they cannot log in.
>> Here's the message:
>>
>> [image: image.png]
>>
>> Thank you,
>> Lee
>>
>>
>
> --
> Best regards,
> Maxim
>
Re: Registering on behalf of users - no confirmation email
Posted by Maxim Solodovnik <so...@gmail.com>.
Hello Lee,
this is by design
these email settings are for self-registration only
Password is not being sent for security reasons
As workaround your users can click "Forget password"
enter login/email and change the password
We can add some additional setting to send email to newly created users
with instructions above :)
WDYT?
On Tue, 24 Aug 2021 at 23:07, Lee But <le...@gmail.com> wrote:
> Hello,
>
> I turned off self-registering, and when I set up a user as admin, no
> verification email is sent despite the key being set to true.
> [image: image.png]
>
> Also, the email that contains the user's account details does not contain
> the password, nor a link to the openmeetings page, so they cannot log in.
> Here's the message:
>
> [image: image.png]
>
> Thank you,
> Lee
>
>
--
Best regards,
Maxim