Last modified: 2009-05-20 13:51:27 UTC
http://www.mediawiki.org/wiki/Manual:Preventing_access#Restrict_account_creation says New users will still be able to be created by sysops, in the following manner: 1. Go to [[Special:Userlogin]], when logged in as a sysop. 2. Click on "Create an account" to get to the account creation form. 3. Enter a username and an email address, and click the "by email" button. 4. The account will be created with a random password which is then emailed to the given address. But that won't work if $wgEnableEmail=false, there will be no such button. One either has to open up their wiki to $wgEnableEmail=true and all that it implies, or forget about being able to use the above steps. $wgHooks['UserCreateForm'], $wgHooks['addNewAccount'] scope is not high enough to remedy the situation either. So at least the sysop can create new accounts, but he has no way via the web interface of changing a password once forgotten -- he never did (there was only the email 'send a new password facility'.) Now he can only use changePassword.php via the shell.
http://www.mediawiki.org/wiki/Extension:Password_Reset sounds like it'll cover you here.
Manual now says: Note need $wgEnableEmail=true$ or else the sysop must pick a password and send it to the user.