Novell OPEN ENTERPRISE SERVER - PLANNING AND IMPLEMENTATION GUIDE 12-2010 Implementation Manual page 151

Command Where Executed

gdm

gnomesu-pam Local host
Another host
sshd

su

NOTE: Logging in to the OES 2 server through a PAM-enabled service for the first time
causes the creation of a home directory on the server.

Novell Remote Manager on Linux: You can access Novell Remote Manager as the
following:

The user with rights to see everything on the Linux server.
root

A local Linux user with access governed by POSIX access rights. (Having local users in
addition to
root

A LUM-enabled eDirectory user, such as the Admin user created during the install.

Novell Storage Management Services (SMS) on Linux: You can access SMS utilities as

The user with rights to see everything on the Linux server.
root

A local Linux user with access governed by POSIX access rights. (Having local users in
addition to
root

A LUM-enabled eDirectory user, such as the Admin user created during the install.
Services That Do Not Require LUM-Enabled Access But Have Some LUM
Requirements
Some services do not require eDirectory users to be LUM-enabled for service access:

NetStorage: NetStorage users don't generally need to be LUM-enabled. However, salvaging
and purging files through NetStorage on an NSS volume can only be done by users who are
enabled for Linux.
IMPORTANT: Files that are uploaded by non-LUM users via NetStorage are owned, from a
POSIX perspective, by the
on NSS or NCP volumes by using an NCP storage location object. In both cases, the Novell
Trustee Model applies and POSIX ownership is irrelevant.
If non-LUM NetStorage users are later enabled for Samba access (which includes LUM-
enabling) and begin using Samba as a file service, their NetStorage uploaded files are not
accessible through Samba until you change POSIX file ownership. Although the Novell
implementation of Samba leverages eDirectory for authentication, Samba file and directory
access is always controlled by POSIX. The Novell Trustee Model doesn't apply to Samba.
Task
Local host Run and manage the X servers using XDMCP.
Remote host
Required for GNOME applications that need
superuser access.
Establish a secure encrypted connection with the
OES 2 server which, in this case, is a remote host.
OES 2 server Temporarily become another user.
SSH session with OES 2
This is most often used to temporarily become the
server
root
therefore, not affected by LUM.
is not recommended on OES 2 servers.)
is not recommended on OES 2 servers.)
user. The assumption is that such users are accessing their data
root
user, who is not a LUM user and is,
Users and Groups 151