3.1 Setting Up Linux Computers to Use eDirectory Authentication

Before users can use eDirectory user-login information to log in, the target workstation or server must be configured with Linux User Management components. You are prompted to set up Linux User Management while installing the operating system. You can also set it up afterwards by using YaST.

IMPORTANT:Setting up Linux User Management requires administrator rights to the container where the Linux User Management objects are created.

To use YaST to install and configure Linux User Management on a workstation or server that is already running:

  1. Follow the instructions for your platform for adding services to an existing server or workstation. For more information, see the OES 2 SP3: Installation Guide.

  2. From the OES Services option, select Novell LUM. Click Accept.

  3. Enter the admin password to access the LUM configuration dialog box.

  4. Specify the following values in the LUM configuration dialog box:

    1. The Directory Server Address field displays the default LDAP server for this service. If you want to specify an LDAP server other than the default LDAP server, select an LDAP server from the Directory Server Address list.

    2. Enter the Unix Config Context in the Unix Config Context field. The Unix Config object holds a list of the locations (contexts) of Unix Workstation objects in eDirectory.

    3. Enter the Unix Workstation Context in the Unix Workstation Context field. Computers running Linux User Management (LUM) are represented by Unix Workstation objects in eDirectory. The object holds the set of properties and information associated with the target computer, such as the target workstation name or a list of eDirectory groups that have access to the target workstation.

    4. (Optional) Specify a user with rights to search the LDAP tree for LUM objects in the Proxy User Name with Context field.

    5. Specify a password for the Proxy user in the Proxy user password field. This field is disabled, if you have selected the Use OES Common Proxy User check box.

    6. (Optional) Select the Use OES Common Proxy User option if you want to use OES common proxy user. Do not change the common proxy user password. This option is disabled by default.

    7. Restrict Access to the Home Directories of Other Users check box is selected by default to restrict read and write access for users other than the owner to home directories. Using the default selection changes the umask setting in /etc/nam.conf from 022 to 077.

    8. Click Next.

  5. Select the services to LUM-enable and click Next to complete the configuration.

Installing and configuring Linux User Management technology sets up the target computer to validate login requests against user account information stored in eDirectory. Before users can log in, they must have eDirectory user accounts created with iManager and extended for Linux User Management.