Authenticating; Tree Name Field; Logging In To A Server Without A Replica; Unsuccessful Authentication - Novell IMANAGER 2.7.3 - ADMINISTRATION Administration Manual

Collection Owner: Displays all of the roles and tasks installed in the collection. If you are a
collection owner, though you are not assigned specific roles, it allows you to use all the roles and
tasks in the collection. Role-Based Services must be installed in order to use this mode. Adding a
group or user as a collection owner does not assign any RBS rights. To assign rights you must make
explicit RBS role assignments or make trustee assignments.
NOTE: When collection is assigned to a group, all the members of that group get the collection
ownership. The collection owner sees all roles and tasks, regardless of role membership.

2.4 Authenticating

Be aware of the following issues related to iManager authentication:
Section 2.4.1, "Tree Name Field," on page 15
Section 2.4.2, "Logging in to a Server without a Replica," on page 15
Section 2.4.3, "Unsuccessful Authentication," on page 15
Section 2.4.4, "Expired Password Information," on page 16
Section 2.4.5, "Contextless Login Using Alternate Object Classes and/or Alternate Attributes,"
on page 16
NOTE: If your network has more than three servers, or one or more servers that do not host
eDirectory replicas, you must have SLP properly configured for iManager to log in. For more
TM
information, see the Novell Open Enterprise Server SLP documentation (http://www.novell.com/
documentation/oes/networking-protocols.html#slp).

2.4.1 Tree Name Field

If eDirectory is installed and running on another port besides the default port 524, you can use the IP
address or DNS name of the eDirectory server to log in if you also specify the port (for example,
127.0.0.1: 1080). If you use the tree name to log in, you do not have to specify a port.
Possible values for the Tree Name field are the tree name, the server IP address, and the server DNS
name. For best results, use the IP address.

2.4.2 Logging in to a Server without a Replica

If necessary, iManager can log in to the eDirectory tree using a server that does not host an
eDirectory replica. To do this, iManager maintains a connection cache with the information it needs
to successfully log in. To populate the connection cache, the first time you login to an eDirectory
tree with iManager you must log in to a server that hosts a replica.
Restarting Tomcat or the iManager server clears the connection cache, so the first time iManager
logs in following one of these events, you must log in to a server that hosts a replica.

2.4.3 Unsuccessful Authentication

Login failures occur for a variety of reasons. Authentication error messages are addressed in
"Authentication Issues" on page 88.
Accessing iManager 15