|
|
|
|
33.2 Using iManager to Enable Users for eDirectory
Authentication
When Linux User Management components are properly installed, you can use
eDirectory and iManager to specify which users can access SUSE Linux Enterprise Desktop computers on
the network. iManager is the browser-based utility for managing eDirectory
objects. It runs in a network browser such as Mozilla* Firefox*,
Netscape* Navigator*, or Internet Explorer.
When you create user or group accounts in iManager, you are prompted to
“LUM enable” the User object or Group object. You can also use
iManager to enable existing User or Group objects for Linux.
Each time you configure a SUSE Linux Enterprise Desktop workstation for eDirectory authentication,
eDirectory users that are LUM enabled must be associated with a workstation
before they can log in from that workstation.
-
Launch iManager by entering the following in the Address field of a network
browser:
https://target_server/nps/iManager
where target_server is the IP address or
domain name of the eDirectory server. You are prompted to provide the full
context of the admin user (for example, admin.novell) and password.
-
Make sure you are in the Roles and Tasks view by clicking
on the top button bar, then select in the navigation panel on the left.
-
Click , select the User object you
want to enable, then click .
When an eDirectory User object is extended to hold Linux user-login
properties, it is said to be LUM enabled or
enabled for Linux. When enabled for Linux, a user can
simply access the Linux computer using Telnet, SSH, or other supported
methods (see Step 10) and
enter their username and password. The access request is redirected to find
the appropriate username and login information stored in eDirectory.
When extended for Linux, the eDirectory User object holds Linux-related
properties, such as user ID, primary group ID, primary group name, location
of home directory, and preferred shell.
-
Assign the user to a group, then click .
The group and its corresponding group ID (GID) are assigned as the user's
primary GID. If the selected user account already has a primary GID, this
group's GID is assigned to the user as secondary. You can choose any of the
following ways to assign the user to a group:
-
Select the workstations that the users in the group should have access to,
then click .
-
Click to apply the changes, then click
.
Users should now be able to use their eDirectory user login credentials to
log in to their SUSE Linux Enterprise Desktop workstations.
|
|
|