Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com
Answertopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions
Privacy Policy

  




 

 

SUSE Linux Enterprise Desktop Deployment Guide
Previous Page Home Next Page

33.2 Using iManager to Enable Users for eDirectory Authentication

When Linux User Management components are properly installed, you can use eDirectory and iManager to specify which users can access SUSE Linux Enterprise Desktop computers on the network. iManager is the browser-based utility for managing eDirectory objects. It runs in a network browser such as Mozilla* Firefox*, Netscape* Navigator*, or Internet Explorer.

When you create user or group accounts in iManager, you are prompted to “LUM enable” the User object or Group object. You can also use iManager to enable existing User or Group objects for Linux.

Each time you configure a SUSE Linux Enterprise Desktop workstation for eDirectory authentication, eDirectory users that are LUM enabled must be associated with a workstation before they can log in from that workstation.

  1. Launch iManager by entering the following in the Address field of a network browser:

    https://target_server/nps/iManager

    where target_server is the IP address or domain name of the eDirectory server. You are prompted to provide the full context of the admin user (for example, admin.novell) and password.

  2. Make sure you are in the Roles and Tasks view by clicking Roles and Tasks Icon on the top button bar, then select Linux User Management in the navigation panel on the left.

  3. Click Enable Users for Linux, select the User object you want to enable, then click Next.

    When an eDirectory User object is extended to hold Linux user-login properties, it is said to be LUM enabled or enabled for Linux. When enabled for Linux, a user can simply access the Linux computer using Telnet, SSH, or other supported methods (see Step 10) and enter their username and password. The access request is redirected to find the appropriate username and login information stored in eDirectory.

    When extended for Linux, the eDirectory User object holds Linux-related properties, such as user ID, primary group ID, primary group name, location of home directory, and preferred shell.

  4. Assign the user to a group, then click Next.

    The group and its corresponding group ID (GID) are assigned as the user's primary GID. If the selected user account already has a primary GID, this group's GID is assigned to the user as secondary. You can choose any of the following ways to assign the user to a group:

    • An Existing eDirectory Group: If the Group object has not yet been enabled for Linux, its properties are extended to include Linux login attributes. You can click the Object Selector icon to browse the tree for an existing group.

    • An Existing Linux-Enabled Group: This option lets you select an existing eDirectory Group object, but if you use the Object Selector to browse, you can view and select only those Group objects already extended with Linux login attributes.

    • Create a New Linux-Enabled Group: This option lets you create a new eDirectory Group object. When created, the Group object is extended to include Linux login attributes.

  5. Select the workstations that the users in the group should have access to, then click Next.

  6. Click Finish to apply the changes, then click OK.

    Users should now be able to use their eDirectory user login credentials to log in to their SUSE Linux Enterprise Desktop workstations.

SUSE Linux Enterprise Desktop Deployment Guide
Previous Page Home Next Page

 
 
  Published under the terms of the Open Publication License Design by Interspire