When you install a login or post-login method, you are asked if you want to create a login sequence that uses only the login method you are installing. If you answer yes, a login sequence will be created for you which contains just the one login method.
You can also manually create and manage login sequences. After login and post-login methods are installed, you can view, add, modify, or delete login sequences using iManager or ConsoleOne.
In NMAS, you can set up multiple login and post-login methods per sequence. You must have at least one login method selected to be able to select a post-login method.
When multiple methods are selected for a sequence, they are executed in the order they are listed. Login methods are executed first, then post-login methods.
A login sequence can be an And or an Or sequence. An And sequence is successful if all of the login methods successfully validate the identity of the user. An Or sequence only requires that one of the login methods validate the identity of the user for the login to be successful.
The post-login methods are only executed if the login is successful, irregardless of the And/ Or relationship.
After a sequence is created, you can authorize users to use the new sequence to log in to eDirectory.
In ConsoleOne, select the Security container.
Right-click the Login Policy container, then select Properties.
Click New Sequence.
Enter a name for the new login sequence, then click OK to continue.
All available login methods will be listed under Available Login Methods and Available Post-Login Methods.
Select the Sequence Type from the drop-down list.
If you select And, a user must log in using every login method that makes up the login sequence. If you select Or, the user only needs to log in using one of the login methods that makes up the login sequence.
Double-click or use the horizontal arrows to add each method you want to the sequence.
If you are using multiple methods, use the vertical arrows to change the execution order.
The Sequence Grade field displays the grade for the login sequence. For And sequences, the sequence grade is the union of the grades of the login methods. For Or sequences, the sequence grade is the intersection of the method grades.
Click OK when you are finished.
Launch Novell iManager.
Authenticate to the eDirectory tree as an administrator or a user with administrative rights.
From the Roles and Tasks menu, click NMAS > NMAS Login Sequences.
Click New and enter a name for the new login sequence.
All available login methods are listed under Available Login Methods and Available Post-Login Methods.
Select the Sequence Type from the drop-down list.
If you select And, a user must log in using every login method that makes up the login sequence. If you select Or, the user only needs to log in using one of the login methods that makes up the login sequence.
Use the horizontal arrows to add each method you want to the sequence.
If you are using multiple methods, use the vertical arrows to change the execution order.
The Sequence Grade field displays the grade for the login sequence. For And sequences, the sequence grade is the union of the grades of the login methods. For Or sequences, the sequence grade is the intersection of the method grades.
Click Finish to save the login sequence.
In ConsoleOne, select the Security container.
Right-click the Login Policy container > select Properties.
Select a login sequence from the Defined Login Sequences drop-down list.
The Sequence Grade and Login and Post-Login Sequences for the selected method are displayed. All of the available login methods appear in the Available Login and Available Post-Login Methods lists.
Select an action:
To add or remove login or post-login methods from a sequence, use the left- and right-arrows.
NOTE:You must have at least one login method selected in order to select a post-login method.
To change the sequence order of the login methods, use the up- and down-arrows.
To exit without saving changes, click Cancel.
IMPORTANT:Login sequences that don't have a method associated with them will not be saved.
Click Apply or OK.
Launch Novell iManager.
Authenticate to the eDirectory tree as an administrator or a user with administrative rights.
From the Roles and Tasks menu, click NMAS > NMAS Login Sequences.
Click on a login sequence name.
The sequence grade and sequence type are displayed and the Login and Post-Login Methods are listed. All of the available login methods appear in the Available Login and Available Post-Login Methods lists.
Select an action:
To change the sequence type, use the drop-down list next to sequence type.
To add or remove login or post-login methods from a sequence, use the left-arrow and right-arrow.
NOTE:You must have at least one login method selected in order to select a post-login method.
To change the sequence order of the login methods, use the up-arrow and down-arrow.
To exit without saving changes, click Cancel.
IMPORTANT:Login sequences that don't have a method associated with them will not be saved.
Click Apply or OK.
In ConsoleOne, select the Security container.
Right-click the Login Policy container > select Properties.
Select the sequence from the Defined Login Sequences drop-down list (Alt+S).
Click Delete Sequence.
Click Apply or OK.
Launch Novell iManager.
Authenticate to the eDirectory tree as an administrator or a user with administrative rights.
From the Roles and Tasks menu, click NMAS > NMAS Login Sequences.
Select the login sequence you want to delete, then click Delete.
Click Apply or OK.