Expired Password Information; Contextless Login Using Alternate Object Classes And/Or Alternate Attributes - Novell IMANAGER 2.7.3 - ADMINISTRATION Administration Manual
Hide thumbs
Also See for IMANAGER 2.7.3 - ADMINISTRATION:
- Installation manual (30 pages) ,
- Manual (19 pages)
Table of Contents
Advertisement
For information about limiting the error messages that iManager displays upon a failed
authentication attempt, see
2.4.4 Expired Password Information
If a password expires, the user sees a message to this effect. However, users might not be aware that
grace logins can be quickly consumed, depending on certain operations such as modifying a
dynamic group, simple find, and setting a simple password.
These operations consume additional grace logins each time a user performs a task. We highly
recommend that you encourage users to change their passwords the first time they are prompted.
2.4.5 Contextless Login Using Alternate Object Classes and/or
Alternate Attributes
To enable contextless authentication using an alternate object type, do the following:
1 Open iManager and browse to Configure > iManager Server > Configure iManager >
Authentication.
If you do not see this task, you are not an authorized user. See
on page
2 Set Public Username and Password to a user that has rights to read the desired attributes.
3 Modify
property that lists the attributes you want to add to the contextless search, and then restart
Tomcat.
For information about restarting Tomcat, see
For example, the following XML adds the Alias and User objects to the contextless search:
<setting>
<name><![CDATA[Authenticate.Form.ContextlessLoginClass.NDAP.treename]]></
name>
<value><![CDATA[User]]></value>
<value><![CDATA[Alias]]></value>
</setting>
Similarly, the following XML allows users to log in with the CN or uniqueID attribute:
<setting>
<name><![CDATA[Authenticate.Form.ContextlessLoginSearchAttributes.NDAP.treena
me]]></name>
<value><![CDATA[CN]]></value>
<value><![CDATA[uniqueID]]></value>
</setting>
IMPORTANT:
In the sample code above, replace treename with the name of the appropriate directory tree in
lower case.
If you save any iManager Server settings from the Configure iManager task after editing the
config.xml file, verify that the treename is still in lowercase or customized contextless login
will fail.
16
Novell iManager 2.7.3 Administration Guide
"Preventing Username Discovery" on page
72.
TOMCAT_HOME\webapps\nps\WEB-INF\config.xml
111.
"Authorized Users and Groups"
to include a
"Starting and Stopping Tomcat" on page
<Setting>
94.
Advertisement
Chapters
Table of Contents
