Novell OPEN ENTERPRISE SERVER - PLANNING AND IMPLEMENTATION GUIDE 12-2010 Implementation Manual page 149
Planning and implementation guide
Hide thumbs
Also See for OPEN ENTERPRISE SERVER - PLANNING AND IMPLEMENTATION GUIDE 12-2010:
- Manual (78 pages)
Table of Contents
Advertisement
Linux User Management
Table 15-1
Valid POSIX Users
Some services on OES 2 servers
must be accessed by POSIX
users.
eDirectory users can function as
POSIX users if they are enabled
for Linux access (LUM).
Linux Requires POSIX Users
Linux requires that all users be defined by standard POSIX attributes, such as username, user ID
(UID), primary group ID (GID), password, and other similar attributes.
Linux Users Can Be Local or Remote
Users that access a Linux server can be created in two ways:
Locally (on the server): Local users are managed at a command prompt (using commands
such as
) or in YaST. (See the useradd(8) man page and the YaST online help for more
useradd
information.) These local users are stored in the
page for more information.)
IMPORTANT: As a general rule on OES 2 servers, the only local user account that should
exist is
. All other user accounts should be created in eDirectory and then be enabled for
root
Linux access (LUM). You should never create duplicate local and eDirectory user accounts.
For more information, see
page
60.
Remotely (off the server): Remote users can be managed by other systems, such as LDAP-
compliant directory services. Remote user access is enabled through the Pluggable
Authentication Module (PAM) architecture on Linux.
The Linux POSIX-compliant interfaces can authenticate both kinds of users, independent of where
they are stored and how they are managed.
The root User Is Never LUM-Enabled
The OES 2 user management tools prevent you from creating an eDirectory user named
replacing the
user on an OES 2 server. If
root
unavailable for some reason, there would be no root access to the system.
Even if eDirectory is not available, you can still log into the server through Novell Remote Manager
and perform other system management tasks as the
Authentication
When the system receives an
action request, it can authenticate
both local POSIX users and users
who have been enabled for Linux
access.
/etc/passwd
Section 6.2, "Avoiding POSIX and eDirectory Duplications," on
were to be a LUM user and eDirectory became
root
root
eDirectory Authenticated Services
Users can potentially access
PAM-enabled services, Samba
shares, and Novell Remote
Manager as either local or
eDirectory users.
By default, only the
command (required for server
management) is enabled for
eDirectory access.
file. (See the passwd(5) man
user.
openwbem
, thus
root
Users and Groups 149
Advertisement
Table of Contents
Related Manuals for Novell OPEN ENTERPRISE SERVER - PLANNING AND IMPLEMENTATION GUIDE 12-2010
Related Products for Novell OPEN ENTERPRISE SERVER - PLANNING AND IMPLEMENTATION GUIDE 12-2010
- NOVELL EDIRECTORY 8.8 SP2 - GUIDE 10-2007
- NOVELL EDIRECTORY 8.8 SP5 - GUIDE 12-2009
- NOVELL IDENTITY MANAGER 3.6.1 - WORKORDER DRIVER IMPLEMENTATION GUIDE 18-12-2009
- NOVELL LINUX ENTERPRISE 11 - SUBSCRIPTION MANAGEMENT TOOL GUIDE 10-02-2009
- NOVELL LINUX ENTERPRISE DESKTOP 11 - ADMINISTRATION GUIDE 17-03-2009
- NOVELL OPEN ENTERPRISE SERVER 2 SP2 - PLANING AND IMPLEMENTATION GUIDE 11-10-2009
- NOVELL PLATESPIN ORCHESTRATE 2.0.2 - UPGARDE GUIDE 10-09-2009
- NOVELL PLATESPIN ORCHESTRATE 2.0.2 - VIRTUAL MACHINE MANAGEMENT GUIDE 10-17-2009
- NOVELL PRODUCT NAME 10.3 - DEPLOYING ZENWORKS ON CITRIX SERVER BEST PRACTICES GUIDE 12-13-2010
- NOVELL SERVER CONSOLIDATION MIGRATION TOOLKIT 1.1 - ADMINISTRATION GUIDE 12-23-2005
- NOVELL ZENWORKS APPLICATION VIRTUALIZATION 8.0.2 - INTEGRATION AND STREAMING GUIDE 11-2010
- NOVELL INTELLISYNC MOBILE SUITE 7.0 - SECURE GATEWAY ADMINISTRATOR GUIDE 04-2006
- NOVELL LINUX ENTERPRISE SERVER 10 - STORAGE ADMINISTRATION GUIDE 7-2007
- NOVELL LINUX ENTERPRISE SERVER 10 SP2 - STARTUP GUIDE 05-08-2008
- NOVELL OPEN ENTERPRISE SERVER 2 SP2 - LAB GUIDE 01-19-2010
- NOVELL PLATESPIN ORCHESTRATE 2.0.2 - HIGH AVAILABILITY CONFIGURATION GUIDE 06-17-2009