18.4 LUM Implementation Suggestions

The following sections summarize LUM implementation considerations.

18.4.1 About Enabling eDirectory Users for Linux Access

You can enable eDirectory users for Linux User Management using either iManager 2.5 or the nambulkadd command.

  • iManager: You can enable existing eDirectory users for Linux access using the Linux User Management tasks in iManager.

    You can enable multiple users in the same operation as long as they can be assigned to the same primary Linux-enabled group. The enabling process lets you associate the group with one or more OES Linux servers or Linux workstations. For more information, see Section 18.4.3, Enabling Users to Access Multiple OES Linux Servers.

  • nambulkadd: If you have eDirectory users and groups that need to be enabled for Linux access, you can use the nambulkadd command to modify multiple objects simultaneously. For more information, see the Novell Linux User Management Technology Guide .

18.4.2 UNIX Workstation vs. Linux Workstation (Naming Discrepancy)

When using iManager to manage OES Linux access, you might notice a discrepancy in naming.

When OES Linux servers are created, a UNIX Workstation - server_name object is created in eDirectory, where server_name is the DNS name of the OES Linux server. The iManager Linux User Management plug-in refers to these server objects as Linux Workstation objects.

Both UNIX Workstation and Linux Workstation refer to the same eDirectory objects.

18.4.3 Enabling Users to Access Multiple OES Linux Servers

IMPORTANT:Users gain server access through their Linux-enabled group assignment rather than through a direct assignment to the UNIX Workstation (Linux Workstation) objects themselves.

You can enable users for access to multiple OES Linux servers by associating the Linux-enabled group to which users belong with each UNIX Workstation (Linux Workstation) object you want users to have access to.

18.4.4 Enabling eDirectory Groups for Linux Access

There are two methods for enabling eDirectory groups for Linux access:

Using LUM Utilities at the Shell Prompt to Enable/Create Multiple Groups

Novell Linux User Management includes utilities for creating new Linux-enabled groups, and for enabling existing eDirectory groups for Linux access.

The nambulkadd utility lets you use a text editor to create a list of groups you want enabled for Linux access. For more information, see nambulkadd in the Novell Linux User Management Technology Guide.

IMPORTANT:Be sure to include a blank line at the end of each text file. Otherwise, the last line of the file won’t be processed properly.

The namgroupadd utility lets you create a new Linux-enabled group or enable an existing eDirectory group for Linux access. For more information, see namgroupadd in the Novell Linux User Management Technology Guide.

Using iManager

The following steps assume that the eDirectory Group objects already exist and that any User objects you want to enable for Linux also exist and have been assigned to the groups.

  1. Log in to iManager as the eDirectory Admin user or equivalent.

  2. Click Linux User Management > Enable Groups for Linux.

  3. Browse to and select one or more Group objects, then click OK.

  4. If you want all users assigned to the group to be enabled for Linux, make sure the Linux-Enable All Users in These Groups option is selected.

  5. Click Next twice.

  6. Browse to and select one or more UNIX Workstation (OES Linux server) objects, then click OK.

  7. Click Next, click Finish, then click OK.

18.4.5 Enabling eDirectory Users for Linux Access

There are two methods for enabling eDirectory users for Linux access:

Using LUM Utilities at the Shell Prompt to Enable/Create Multiple Users

Novell Linux User Management includes utilities for creating new Linux-enabled users, and for enabling existing eDirectory users for Linux access.

The nambulkadd utility lets you use a text editor to create a list of users you want enabled for Linux access. For more information, see nambulkadd in the Novell Linux User Management Technology Guide.

IMPORTANT:Be sure to include a blank line at the end of each text file. Otherwise, the last line of the file won’t be processed properly.

The namuseradd utility lets you create a single Linux-enabled user or enable an existing eDirectory user for Linux access. For more information, see namuseradd in the Novell Linux User Management Technology Guide.

Using iManager

The following steps assume that the eDirectory User objects already exist.

  1. Log in to iManager as the eDirectory Admin user or equivalent.

  2. Click Linux User Management > Enable Users for Linux.

  3. Browse to and select one or more User objects, then click OK.

  4. Click Next.

  5. As indicated, you can do the following:

    • Select and enable an existing eDirectory group for Linux.

    • Select an eDirectory group that is already enabled for Linux.

    • Specify the name and context of a new eDirectory group to create and enable for Linux.

    Select the option that matches your requirements.

  6. Click Next.

  7. Browse to and select one or more UNIX Workstation (OES Linux server) objects, then click OK.

  8. Click Next, click Finish, then click OK.

18.4.6 Refreshing the User List in the KDE Login Screen

After you create and enable an eDirectory user for Linux access, the user doesn’t initially appear on the KDE Login screen. However, the user has Linux access and can log in.

If you want the user to appear in the list, you can refresh the list by logging in as the root user and restarting the namcd process.

At a shell prompt, enter the following command:

/etc/init.d/namcd restart