Linux User Management (LUM)
Linux User Management lets you create eDirectory users that can then access the NNLS server. This is required if either of the following applies to your NNLS implementation:
- You want users who are accessing PAM-enabled services, such as login or ftp, on a Linux workstation or the NNLS server to authenticate through eDirectory.
- You are providing Samba file services on the NNLS server to Windows users on your network.
Figure 11 illustrates how the Linux User Management services in NNLS control access to the NNLS server.
Figure 11
What Linux User Management (LUM) Does
Table 4 summarizes the functions of the various PAM-enabled services that can be controlled by having LUM installed. As illustrated in Figure 11 above, only the login command is enabled for LUM support during the NNLS installation.
If you want to enable other PAM-enabled services for access by LUM users, you should plan to do this during the NNLS installation process. For more information, see "Linux User Management" in the Novell Nterprise Linux Services Installation Guide.
Table 4. PAM-enabled Services Controlled by LUM
ftp |
Another host |
Transfer files to and from the NNLS server, which is a remote host in this case. |
login |
NNLS server or in an SSH session with NNLS server |
Log in to the NNLS server, either directly or in an SSH session with the server. |
passwd |
NNLS server or in an SSH session with NNLS server |
Change the eDirectory password. |
rlogin |
Another host |
Log in to the NNLS server, which is a remote host in this case. |
rsh |
Another host |
Execute a command on the NNLS server, which is a remote host in this case. |
sshd |
Another host |
Establish a secure encrypted connection with the NNLS server, which is a remote host in this case. |
su |
NNLS server or in an SSH session with NNLS server. |
Temporarily become another user. This is most often used to temporarily become the root user, who is not a LUM user and is, therefore, not affected by LUM. |