Because you might create an administrator account for the Middle Tier Server installation and login and also for the administration of the Middle Tier Server after it is installed (using the NSAdmin utility) at the same time, this section contains the following content:
NOTE: For the purpose of this example, we have already created a proxy user, zenpxyuser, in the CN=zenpxyuser.OU=zen.OU=Users.O=Company context, with test as its password.
Because it already has all of the required access rights, you can use an administrator account as the Middle Tier Proxy User Account, but this poses significant security risks. Alternatively, you can create a user account in ConsoleOne and assign it only the rights required for a ZENworks Middle Tier proxy user.
Use the following steps to assign rights to the proxy user:
Make zenpxyuser a Trustee of OU=Users.O=Company.
Select the OU, then click
.Select the
tab.Click
, then add the proxy user as a trustee of the OU.(Conditional) If the Rights Assigned dialog box is not displayed, click
.Click Table 10-1 and assign the appropriate rights (also shown in the same table.)
, select , then select all of the properties listed inAfter these rights are assigned, you can enter this proxy user's context and password during the ZENworks Middle Tier Server installation. Using the preceding example, you would enter zenpxyuser.zen.users.company as the proxy user and test as the proxy user password.
Table 10-1 Summary of Proxy User Rights
To administer the ZENworks Middle Tier Server using the NSAdmin utility, the administrator account you use needs to be equivalent to the proxy user account. The administrative user also needs the
right to the attribute on the proxy user account.By default, a newly created user does not have the
right to the attribute on its own account. Therefore, as you create an arbitrary user for the proxy account, you need to grant this account the right to its own attribute. Doing so will let you use NSAdmin to manage the Middle Tier Server.For more information about NSAdmin, see Configuring the ZENworks Middle Tier Server with NSAdmin
in the Novell ZENworks 7 Desktop Management Administration Guide.
Use the following steps to assign rights to the proxy user:
Make zenpxyuser a Trustee of CN=zenpxyuser.OU=zen.OU=Users.O=Company with the following rights:
Select the zenpxyuser User object, click .
Select the
tab.Click zenpxyuser User object.
, then add the User object that needs rights to log in to NSAdmin as a trustee of the(Conditional) If the Rights Assigned dialog box is not displayed, click
.Click
, select , then select the property.Assign the [C]ompare, [R]ead, and [W]rite rights to this property. See Table 10-2, Summary of Proxy User Rights for NSAdmin for more information.
After these rights are assigned, you can enter this proxy user's name and password during the login to NSAdmin. Using the preceding example, you would enter zenpxyuser as the proxy user and test as the password.