Ifolder User Account Considerations - Novell IFOLDER 3 - ADMINISTRATION Manual

IMPORTANT: If you do modify the iFolder Proxy user, make sure that the identity you specify is
different than the iFolder Admin user or other system users because the iFolder Proxy user password
is stored in reversible encrypted form in the Simias database on the iFolder server.
When you initially configure the iFolder enterprise server in YaST, iFolder autogenerates a
password for the iFolder proxy user.
Table 3-2
iFolder Version
iFolder 3.2
iFolder 3.0 and 3.1
Initially, the password for the iFolder Proxy user is stored in clear text in the /opt/novell/
ifolder3/etc/simias-server-bootstrap.config file. At the end of the
configuration process, the system reboots Apache 2 and starts iFolder. When iFolder runs this first
time after configuration, the iFolder process copies the simias-server-bootstrap.config
file to the Simias.config file. The default location of the Simias.config file is /var/
lib/wwwrun/.local/share/simias directory or the /home/wwwrun/.local/
share/simias directory. The proxy user password is stored in a reversible encrypted form in the
Simias database, then the value is removed from both configuration files.
The password stored on the system for the iFolder Proxy user must match the password stored in the
iFolder Proxy user's eDirectory object. If you ever modify the iFolder Proxy user password in
eDirectory, you must also change the password stored on the system. For example, if you change the
iFolder Proxy user assignment, or if you want to set a longer password for the iFolder Proxy user,
you must modify the values afterwards in iFolder's LDAP settings or iFolder cannot access the
LDAP server to update the user list. For information, see
Proxy User Password," on page
To secure access to the Simias.config file, administrators of the iFolder 3.x server computer
must use every precaution to not inadvertently assign file system rights to the /var/lib/
wwwrun/.local/share/simias directory or the /home/wwwrun/.local/share/
simias directory to unauthorized users.

3.5 iFolder User Account Considerations

•
•
•
34 Novell iFolder 3.x Administration Guide
Encryption Method for the iFolder Proxy User Password
Encryption Method
YaST encryption method
BASH random number generator Generates a number between 0 and
Section 3.5.1, "Preventing the Propagation of Viruses," on page 35
Section 3.5.2, "Provisioning User Accounts," on page 35
Section 3.5.3, "Setting Account Quotas," on page 35
Generates an alphanumeric, 13-digit,
mixed-case password
10,000 and appends it to iFolderProxy. For
example, iFolderProxy1234.
88.
iFolder Proxy User Password
Section 8.4.5, "Modifying the iFolder