2.3 Configuring Driver Authentication

In order for the driver to authenticate to the GroupWise domain, the driver must first authenticate to its local operating system, and then authenticate to the system holding the GroupWise domain. (If the driver is on the same computer as the domain database, you do not need to configure authentication.)

As part of configuring authentication, you create the same user name and password on each system, and assign administrative rights to the account.

IMPORTANT:To establish a connection between systems, you must create user accounts with the same username and password for each system.

The following topics help you configure authentication:

2.3.1 Creating a User Account for the System Containing the Driver for Windows

As part of configuring authentication, you should create the same username and password on the system containing the driver, and assign administrative rights to the account.

After you have created the user account for the driver system, refer to Creating a User Account for the System Containing the GroupWise Domain.

Defining an Account When the Driver Is on Windows 2000

  1. From the Start Menu, click Settings > Control Panel > Administrative Tools > Computer Management.

  2. Double-click Local Users and Groups.

  3. Right-click Users > New User.

  4. Specify a username and a case-sensitive password.

    The username and password must be the same on both systems.

  5. Deselect User must change password at next logon, then select Password never expires.

  6. Deselect all other boxes.

  7. Click Create, then click Close.

  8. Double-click Groups.

  9. Double-click Administrators.

  10. Click Add.

  11. Browse to and select the user you just created in Step 4, then click OK.

  12. Click OK again.

  13. Close the Computer Management window.

  14. Double-click Local Security Policy in the Administrative Tools window.

  15. Select Local Policies, then double-click User Rights Assignment.

  16. Double-click Log On As a Service.

  17. Select Add, browse to and select the user you just created in Step 4, click Add, then click OK.

  18. Click OK again.

  19. Close the Local Security Settings window.

  20. Close the Administrative Tools window.

  21. Restart the computer.

Defining an Account When the Driver Is on a Windows 2000 AD Domain Controller

  1. From the Start Menu, click Settings > Control Panel > Administrative Tools > Active Directory Users and Computers.

  2. Expand the domain, then right-click Users > New > User.

  3. Specify the first name, last name, then specify the user logon name.

    The user logon name is used in the driver configuration. The user name must be the same on both systems.

  4. Click Next.

  5. Specify a case-sensitive password.

    The password must be the same on both systems.

  6. Select Password Never Expires.

  7. Click Next, then click Finish.

  8. Select Builtin, then double-click Administrators > Members > Add.

  9. Browse to and select the full name of the user you entered in Step 3, click Add, then click OK.

  10. Click OK.

  11. Close the Active Directory Users and Computers window.

  12. In the Administrative Tools window, select Domain Controller Security Policy.

  13. Expand the Security Settings, click Local Policies, then double-click User Rights Assignment.

  14. Select Log on as a service and select Define These Policy Settings. Click Add, then click Browse.

  15. Browse to and select the user you created in Step 3. Click Add, click OK, then click OK again.

  16. Click OK and close the Domain Controller Security Policy window.

  17. In the Administrative Tools window, select Local Security Policy.

  18. Double-click Local Policies, then click User Rights Assignment.

  19. Select Logon as a service, select Local Policy Settings for the user created in Step 3, then click OK.

  20. Close the Local Security Policy window.

  21. Restart the computer.

Defining An Account When the Driver Is on a Windows 2003 Server

  1. From the Start Menu, click Control Panel > Administrative Tools > Computer Management.

  2. Select Local Users and Groups.

  3. Right-click Users > New User.

  4. Specify a User name, Full name, and a case-sensitive password.

    The user name and password must be the same on both systems.

  5. Deselect User must change password at next logon.

  6. Select Password never expires, then deselect all other check boxes.

  7. Click Create, then click Close.

  8. Double-click Groups under Local User and Groups.

  9. Double-click Administrators.

  10. Click Add.

  11. Type the name of the user you created in Step 4, click Check Names to verify the name, then click OK.

  12. Click OK again.

  13. Close the Computer Management window.

  14. From the Start Menu, click Control Panel > Administrative Tools > Computer Management > Local Security Policy.

  15. Expand Local Policies, then select User Rights Assignment.

  16. Double-click Log on as a service.

  17. Select Add User or Group, then specify the name of the user you created in Step 4.

  18. Click Check Names to verify the name, then click OK.

  19. Click OK again.

  20. Close the Local Security Settings window.

  21. Restart the computer.

2.3.2 Creating a User Account for the System Containing the GroupWise Domain

As part of configuring authentication, you should create a username and password on the system containing the GroupWise domain and assign administrative rights to the account.

IMPORTANT:To establish a connection between the driver and the GroupWise domain system, you should create user accounts with the same username and password for each system.

If you have not created the user account for the driver system, refer to Creating a User Account for the System Containing the Driver for Windows. (If the driver runs on NetWare, you do not need to create this user account.)

Defining an Account When the GroupWise Domain Is on Windows 2000

  1. From the Start Menu, click Settings > Control Panel > Administrative Tools > Computer Management.

  2. Select Local Users and Groups, then right-click Users > New User.

  3. Specify a User name and the Full name.

    The user name must be the same on both systems.

  4. Specify a case-sensitive password.

  5. Deselect User must change password at next logon.

  6. Select Password never expires, then deselect all other check boxes.

  7. Click Create, then click Close.

  8. Close the Windows Manager window.

  9. Double-click the My Computer icon on the desktop.

  10. Right-click the drive that contains the GroupWise Domain, then select Properties > Sharing.

  11. Select New Share.

  12. Specify a share name to be used by the driver.

  13. Restart the computer.

  14. Double-click the My Computer icon on the desktop.

  15. Right-click the drive that contains the GroupWise Domain, then select Properties > Sharing.

  16. From the drop-down menu, select the new share you created in Step 12.

  17. Select Permissions > Everyone, then click Remove.

  18. Select Add.

  19. Browse to and select the user you created in Step 3.

  20. Click Add, then click OK.

  21. Select Full Control under permissions, then click OK.

  22. Click OK.

  23. Restart the computer.

Defining an Account When the GroupWise Domain Is on a Windows 2003 Server

  1. From the Start Menu, click Control Panel > Administrative Tools > Computer Management.

  2. Select Local Users and Groups.

  3. Right-click Users > New User.

  4. Specify a User name, Full name, and a case-sensitive password.

    The user name and password must be the same on both systems.

  5. Deselect User must change password at next logon.

  6. Select Password never expires, then deselect all other check boxes.

  7. Click Create, then click Close.

  8. Close the Windows Manager window.

  9. Double-click the My Computer icon on the desktop.

  10. Right-click the drive that contains the GroupWise Domain, then select Properties > Sharing.

  11. Select New Share.

  12. Specify a share name to be used by the driver.

  13. Click Permissions.

  14. Select the Everyone group, then click Remove.

  15. Click Add.

  16. Enter the name of the user created in Step 4, then click Check Names.

  17. Click OK.

  18. Select Full Control for the user, then click OK.

  19. Click OK, then click OK again.

  20. Restart the computer.

Defining an Account When the GroupWise Domain Is on NetWare

If the driver is running on NetWare or Windows and the GroupWise domain is on a remote NetWare server, it’s especially important to verify that this user has file system rights to the GroupWise domain directory structure. If access is not granted to this user, changes do not replicate to the rest of the GroupWise system.

  1. In ConsoleOne®, create a user in NetWare with the same username and password as the Windows user account. If the driver is not running on Windows, use any user name or password.

  2. Give the user Read, Write, Create, Erase, Modify, and File Scan access to the GroupWise domain directory and subdirectories for the domain to which the driver will connect. We recommend connecting to the GroupWise primary domain.