4.3 Configuring User Home Directories

User home directories on the Web server enable users to access their own files using a Web browser. In addition, they can share information with the Web community by moving content into their own public_html directory. The public_html directory serves as the user's own primary document directory.

Complete the following tasks for each user who requires a home directory:

4.3.1 Creating Home Directories for Users

A home directory is simply a directory that has been created and named after the user for whom it was created. Typically, home directories are created on a volume of the server dedicated for this purpose. You can create each user home directory using iManager or ConsoleOne®. This can be done either when you create each user object, or it can be enabled later on.

After each home directory is created, you must specify the path to it within each User object in the directory. You might have already done this when you first created the directory.

For information about creating user home directories, see Consoleone 1.3.x User Guide.

4.3.2 Creating public_html Directories in Home Directories

The public_html directory is the user's personal primary document directory. Whatever is placed in the public_html directory is typically visible to all other users.

Create the public_html directory as a subdirectory within each of the users' home directories. To help your users, you could create a default index.html file and place it in their public directories. Users then see some contents when they point their Web browsers at the new directory for the first time, which could prevent support calls.

4.3.3 Selecting a Method for Accessing eDirectory

In order for Apache to authenticate to eDirectory™, use one of the following two methods for assigning rights and attributes:

  • Use the Public User Object: If you want to use the public user object, make sure you assign the required rights and attributes listed below to the container where your public user object is stored.

  • Create a New Generic User Object: Using iManager or ConsoleOne, create a User object, such as hdiruser, in a container in your Novell eDirectory tree. It doesn't matter where you create the object, as long as you assign the required rights and attributes listed below to the container where you create the User object.

Regardless of which method you choose, you must then assign the following rights and attributes to the container where the user object is stored:

  • Home Directory Rights

  • Host Resource Name

  • Host Server

You can assign these rights and attributes at either the context or individual user levels, but assigning them at the context level simplifies administration.

After you have chosen which user object to use and assigned proper attributes to the container where the user object resides, you are ready to enable user home directories on Apache.

4.3.4 Enabling User Home Directories on Apache

Before a user home directory can work, you must first enable it. After it is enabled, a user can view the content of the user home directory by typing the domain name, followed by a slash (/), followed by ~usersname.

The User Home Directories page in Apache Manager enables you to set up a home directory for each of your users.

Figure 4-2 Apache User Home Directories

User Home Directories page

  1. On the User Home Directories page, click On.

  2. In the User URL Prefix field, specify the character to be used to indicate to Apache that the text that follows is referring to a user home directory.

    The default character is ~ because it is the most expected character in use today for home directories. However, you can specify any character or number.

  3. In the Subdirectory field, type the name of the directory you created for each user as the primary document directory.

    The default name is public_html, although it can be whatever name you used when you created the public directory within the user home directory.

  4. In the User Search Contexts field, specify the search context where your user objects are stored.

    Because this is done using LDAP, you must specify the user contexts using LDAP syntax, which requires commas rather than periods for separating multiple contexts, and no leading periods. For example, 

    
ou=provo,ou=novell

    The search begins in the specified context and searches all subcontexts until the user is found.

  5. Under Configuration Option, select which method (Assign Public Rights or Username and Password) to use for logging Apache in to eDirectory:

    For more information, see Selecting a Method for Accessing eDirectory.

    IMPORTANT:Using this option places the username and password in Apache’s httpd.conf configuration file. If a user can access this file, they could identify the username and password and thereby have access to eDirectory. However, if you have assigned the proper read-only attributes to the generic user, the user would only be allowed to browse user directories.

  6. (Conditional) If you selected Username and Password as your configuration option, specify the username and password of the user object you created in eDirectory.

  7. Click Save > Save to save your changes.

    or

    Click Save > Save and Apply to save your changes and restart Apache so your changes are immediately put into effect.

    For information about where configuration information is stored, see Section 2.3.3, Saving Configuration Changes and Restarting Apache in Apache Manager.