eDirectory™ administration involves the management of objects in your directory tree. You can create, edit, and organize objects. You can also set up user accounts and assign rights, grant equivalence, and block inheritance. When you configure Role-Based Services, you can define administrator roles for specific administrative applications through the Role-Based Services object.
You can either create a new object with the same attribute values as an existing object, or copy attribute values from one object to another.
In Roles and Tasks, select > .
In the Object to Copy From field, type the name and context of the object or use the search feature to find it.
Select one of the following options:
Select the check box if you want to copy access control list rights to this object. This step might take additional processing time, depending on your system and networking environment.
In Roles and Tasks, select > .
Select the object class from the list that appears and click .
Enter the requested information that appears according to the object class you selected, and click .
A confirmation message appears: The
Create Object request succeeded.
Click , ,
or .
In Roles and Tasks, select > .
Type the name and context of the object, or use the search feature to find it, and click .
A confirmation message appears: The Delete Object request succeeded.
In Roles and Tasks, select > .
Type the name and context of the object, or use the search feature to find it, and click . The Modify Objects screen appears, displaying a set of tabs which are specific to the object you selected. Tabs and their features are described below this task.
Complete the modification based on the tabs you select and click .
The General tab displays the Identification page.
Complete the form with the following information:
Modify your description using the add, delete, and edit features.
Click .
The See Also page displays the search feature (Object Selector) to help you locate the object to modify.
The Other page displays the Valued Attributes and Unvalued Attributes list boxes. You can move, edit, or delete attributes for the object.
The Security tab displays one or both of the following options, according to the object selected. The following attributes are used in rights calculation for eDirectory.
This attribute specifies other objects that are security equivalent to this object.
This attribute specifies objects that this object is security equivalent to.
Use the option to force users to change their passwords after a number of logins using an expired password.
Set the maximum number of concurrent connections a user is allowed.
Use the Member Query page to specify the search criteria when looking for members of a Dynamic Group object.
Select the check box to make a static group dynamic.
After a static group becomes dynamic, it can be converted back to static status by clearing the Dynamic Group check box.
Complete the (Base dn) text box with the location that you are searching from.
Specify the search scope. If you do not specify, the base scope is assumed.
Choose whether the search for Dynamic Members should involve multiple servers or only the server containing the Dynamic Group object.
Use the two Search Filter icons to refine the search and manually edit the string if you know the syntax.
Click to update the Query Results.
Use the Settings page to establish an identity object and other object-related search parameters.
Select the Identity Object. This is the object that the LDAP server uses to log in to the tree as, to query.
Leave the blank unless you give iManager a reasonable amount of time to load the objects it finds.
If you do not allow enough time for iManager to load and it times out, the object becomes unusable. You must delete the object and start over.
Select to reduce the load on the server while listing dynamic group members.
Unless you fully understand the implications of this feature, leave it unchecked.
Leave unselected unless you fully understand the implications of this feature.
Allow Unknowns determines the inclusion or exclusion of members in the dynamic group when the membership cannot be correctly determined.
This configuration task applies only to NDPS® printers. iPrint printers are not affected.
Select if Remote Printer Management is disabled and printers are not installed or removed from workstations.
Select to allow only the printers specified in Remote Printer Management.
All other NDPS printers on the workstation are removed. This does not remove any iPrint printers.
Select to display a window on the workstation that shows the printers that were installed and removed.
Select the printers to install.
Set a default printer.
Indicate printers to be removed, if, any, and click , or .
In Roles and Tasks, select > .
Type the name and context of the object, or use the search feature (Object Selector) to find it, and click .
In the field, select the container you want to move the object to.
Select if you want to create an alias in an old location for each object being moved.
Click . A confirmation message appears: The Move Object request succeeded.
In Roles and Tasks, select > .
Type the name and context of the object, or use the search feature to find it.
Type only the name of the new object; do not include a context.
Select to save the old name if you want to save it.
This saves the old name as an additional unofficial value of the Name property. Saving the old name lets users search for the object based on that name. After renaming the object, you can view the old name in the Other Name field on the General Identification tab for that object.
Select if you want to create an alias for the object being named.
This allows any operations that are dependent on the old object name to continue uninterrupted until you can update those operations to reflect the new name.
Click . A confirmation message appears: The Rename Object request succeeded.