Novell Doc: Novell SecureLogin 6.1 SP1 Administration Guide - Setting Corporate Redirection with eDirectory

13.4 Setting Corporate Redirection with eDirectory

Corporate redirection functionality bypasses eDirectory inheritance by specifying the object from which the object inherits its SecureLogin configuration. Although inheritance is redirected to a specific object, such as a container or organizational unit, local user object settings continue to override the inherited settings.

With the introduction of the eDirectory group membership feature in the Novell SecureLogin 6.1 release, you must make additional attribute assignments to the group objects. This is primarily required when users are using different administrative management utilities such as NWAdmin, ConsoleOne, or iManager.

IMPORTANT:This is required if you wish to use group management after upgrading to Novell SecureLogin.

To use the eDirectory group membership feature, you must run the ndsschema tool to correctly set the group, user, and container assignments before upgrading to Novell SecureLogin 6.1 SP1.

You can resolve this in one of the following ways:

Run the ndsschema tool to assign the necessary rights and attributes or schema assignments to the group objects.
Manage through iManager by running the Novell SecureLogin 6.1 SP1 plug-in.

Section 13.4.1, Configuring Groups Within eDirectory

13.4.1 Configuring Groups Within eDirectory

Access the Administrative Management utility.

For information on accessing the Administrative Management utility see, Section 1.2, Starting the Administrative Management Utilities and, or, Section 1.3, Accessing the Single Sign-On Plug-In Through iManager.
Specify the distinguished name of the container object you want to modify.

NOTE:You can modify only container object to configure group.
Select Advanced Settings > Configured Groups. The Group Configuration dialog box is displayed.
Click Add. The Adding a group dialog is displayed.
Provide the distinguished name of the group object.
Click OK to add the new group object. The Group Configuration dialog is displayed.

Use the Up and Down options to promote or demote the order in which the group policies are applied.

Within the Group Configuration, the higher group takes precedence.

Configured groups can only be set against containers like O and OU and not set against a user object. In such a case, contrary to the earlier statement, the higher container takes the lower precedence.

NOTE:After you have configured single sign-on settings for Dynamic Group, the configuration is not reflected iManager for member users.

However, the configured settings are available in the Client when Novell SecureLogin is launched.