| |
The Dynamic User page lets you configure users created on Windows NT* workstations after they have successfully authenticated to NDSTM. Once a user has been associated with an NT Configuration object, NetWare® Graphical Identification and Authentication (NWGINA) can retrieve information from the NT Configuration object to create an NT user account on the workstation.
The NDS name must be no longer than 48 characters in order to use Dynamic Local User.
The fields include the following:
Enables creation of a User object that resides either temporarily or permanently in the workstation's Security Access Manager (SAM) database. NWGINA requires that you specify whether a local user is to be created.
If this box is not checked, NWGINA does not create a user in the local SAM. Instead, NWGINA attempts to find an existing NT user with the credentials indicated in the Windows NT tab of the NWGINA login interface.
If Enable Dynamic Local User is enabled, then NWGINA gets the NT Username from the NT Configuration object and queries the local SAM to see if the Username already exists. If it does exist, NWGINA authenticates the user to the NT workstation and access is granted. If the Username does not exist, NWGINA creates the user in the local workstation SAM.
If Windows NT password restriction policies are set on the local workstation, Dynamic Local User will not be used.
Allows management through the existing NT account. Click if the User object you want to manage already exists. Workstation group assignments specified by Workstation Management will be implemented, including changing the account from non-volatile to volatile when the user logs in to the account. The account will also be removed from the workstation after the user logs out.
If this check box and the Volatile User check box are both marked, and the user has a permanent local account that uses the same credentials specified in NDS, the permanent account will be changed to a volatile (temporary) account. The account will be managed, but will be removed when the volatile user cache age is reached.
Any settings you change here overwrite the current account settings at the NT workstation
If this option is not enabled, Workstation Management cannot manage the existing User object.
Enables logging in through the user's NetWare credentials instead of NT credentials. When creating the NT user account, NWGINA can use either the same credential set used for NDS authentication or a predetermined credential set specified in the NT Configuration object. When using NetWare credentials to create the workstation NT user account, NWGINA queries the user's NDS account for the login name, full name, and description. The password for the NT user account is the same as that for the NDS user account.
If NetWare credentials are not used, the account is always volatile and is not accessible. Full Name and Description can also be included to provide a complete user description.
If you don't use NetWare credentials and the User object does not already exist (as indicated by the Manage Existing Accounts check box), the User object is created as a volatile User object, which means that the User object will be automatically deleted. This will be apparent because the Volatile User check box will be automatically enabled if the Use NetWare Credentials check box is not enabled.
Specifies the use of a volatile user account for NT login. The user account that NWGINA creates on the local workstation can be either a volatile or a non-volatile account.
Identifies the name of the NT user.
Identifies the user's complete name.
Enter any additional information that helps the administrator to further identify this user account.
Lists the groups of which this user is a member. When NWGINA creates the NT workstation user, it can provide group membership to any NT user groups. The groups that the user is added to are listed in the Members Of list. The default configuration is for the user to be added to the Users group. Other groups can be added by selecting the group and clicking Add. Groups can be removed by selecting the group and clicking Delete.
Lists available groups where this user has not been assigned as a member.
Opens the Custom Groups page where you can add a new custom group, delete an existing custom group, and view or modify properties of an existing custom group.
| |