The Dynamic User page lets you configure users created on Windows* NT* workstations after they have successfully authenticated to NDS®. Once a user has been associated with an NT Configuration object, NetWare Graphical Identification and Authentication (NWGINA) can retrieve information from the NT Configuration object to create an NT user account on the workstation.
The NDS name must be no longer than 48 characters in order to use Dynamic Local User.
Enable Dynamic Local User
Enables creation of a User object
that resides either temporarily or permanently in the workstation's
Security Access Manager
(SAM) database. NWGINA requires that you specify whether a local
user is to be created.
If this check box is not checked, NWGINA does not create a user in the local SAM. Instead, NWGINA attempts to find an existing NT user with the credentials indicated in the Windows NT tab of the NWGINA login interface.
If the Enable Dynamic Local User check box is checked, NWGINA gets the NT Username from the NT Configuration object and queries the local SAM to see if the Username already exists. If it does exist, NWGINA authenticates the user to the NT workstation and access is granted. If the Username does not exist, NWGINA creates the user in the local workstation SAM.
If Windows NT password restriction policies are set on the local workstation, Dynamic Local User will not be used.
Manage Existing NT Account (If Any)
Allows management
through the existing NT account. Click if the User object you want to
manage already exists. Workstation group assignments specified by
Workstation Management will be implemented, including changing the account
from nonvolatile to volatile
when the user logs in to the account. The account will also be removed
from the workstation after the user logs out.
If this check box and the Volatile User check box are both checked, and the user has a permanent local account that uses the same credentials specified in NDS, the permanent account will be changed to a volatile (temporary) account. The account will be managed, but will be removed when the volatile user cache age is reached.
Any settings you change here overwrite the current account settings at the NT workstation.
If this option is not enabled, Workstation Management cannot manage the existing User object.
Use NetWare Credentials
Enables logging in through the
user's NetWare® credentials instead of NT credentials. When creating the NT
user account, NWGINA can use either the same credential set used for NDS
authentication or a predetermined credential set specified in the NT
Configuration object. When using NetWare credentials to create the
workstation NT user account, NWGINA queries the user's NDS account for the
login name, full name, and description. The password for the NT user
account is the same as that for the NDS user account.
If NetWare credentials are not used, the account is always volatile and is not accessible. Full Name and Description can also be included to provide a complete user description.
If you don't use NetWare credentials and the User object does not already exist (as indicated by the Manage Existing Accounts check box), the User object is created as a volatile User object, which means that the User object will be automatically deleted at logout. This will be apparent because the Volatile User check box will be automatically enabled if the Use NetWare Credentials check box is not enabled.
Volatile User (Remove NT User After Logout)
Specifies the use of a volatile user account for NT login. The user account that NWGINA creates on the local workstation can be either a volatile or a nonvolatile account.
NT User Name
Specify the name of the NT user.
Full Name
Specify the user's complete name.
Description
Enter any additional information that helps the
administrator to further identify this user account.
Member Of
Lists the groups where this user is a member. When NWGINA creates the NT workstation
user, it can provide group membership to any NT user groups. The groups that
the user is added to are listed in the Members Of list. The default configuration
is for the user to be added to the Users group. Other groups can be added by
selecting the group and clicking Add. Groups can be removed by selecting the
group and clicking Remove.
Not Member Of
Lists available groups where this user has not
been assigned as a member.
Add
Adds selected groups to the Member Of box.
Remove
Removes selected groups from the Member Of box.
Custom
Opens the Custom Groups page, where you can add a new
custom group, delete an existing custom group, and view or modify
properties of an existing custom group.
A trademark symbol (®, TM, etc.) denotes a Novell trademark. An asterisk denotes a third-party trademark. For information on trademarks, see Legal Notices.