diff --git a/lam/docs/manual-sources/howto.xml b/lam/docs/manual-sources/howto.xml index 94b3c1cc..0018a1ae 100644 --- a/lam/docs/manual-sources/howto.xml +++ b/lam/docs/manual-sources/howto.xml @@ -1963,7 +1963,64 @@ Have fun! The Unix module manages Unix user accounts including group memberships. - + There are several configuration options for this module: + + + + UID generator: LAM will suggest UID numbers for your + accounts. Please note that it may happen that there are duplicate + IDs assigned if users create accounts at the same time. Use an + overlay + like "Attribute Uniqueness" if you have lots of LAM admins + creating accounts. + + + + Fixed range: LAM searches for free numbers within the + given limits. LAM always tries to use a free UID that is + greater than the existing UIDs to prevent collisions with + deleted accounts. + + + + Samba ID pool: This uses a special LDAP entry that + includes attributes that store a counter for the last used + UID/GID. Please note that this requires that you install the + Samba schema and create an LDAP entry of object class + "sambaUnixIdPool". + + + + + + Password hash type: If possible use CRYPT-SHA512 or SSHA to + protect your user's passwords. + + + + Login shells: List of valid login shells that can be + selected when editing an account. + + + + Hidden options: Some input fields can be hidden to simplify + the GUI if you do not need them. + + + + + + + + + + + + The user name is automatically filled as specified in the + configuration (default smiller for Steve Miller). Of course, the + suggested value can be changed any time. Common name is also filled + with first/last name by default. @@ -2708,6 +2765,41 @@ Have fun! default module to manage Unix groups and uses the nis.schema. Suse users who use the rfc2307bis.schema need to use LAM Pro. + Configuration + + GID generator: LAM will suggest GID numbers for your accounts. + Please note that it may happen that there are duplicate IDs assigned + if users create groups at the same time. Use an overlay + like "Attribute Uniqueness" if you have lots of LAM admins creating + groups. + + + + Fixed range: LAM searches for free numbers within the given + limits. LAM always tries to use a free GID that is greater than + the existing GIDs to prevent collisions with deleted + groups. + + + + Samba ID pool: This uses a special LDAP entry that includes + attributes that store a counter for the last used UID/GID. Please + note that this requires that you install the Samba schema and + create an LDAP entry of object class "sambaUnixIdPool". + + + + + + + + + + + + Group management: + @@ -2715,6 +2807,16 @@ Have fun! + + Group membership management: + + + + + + + +
@@ -6864,10 +6966,13 @@ Run slapindex to rebuild the index. Setup for home directory and quota management Lamdaemon.pl is used to modify quota and home directories on a - remote or local host via SSH. If you want wo use it you have to set up the - following things to get it to work: + remote or local host via SSH (even if homedirs are located on + localhost). -
+ If you want wo use it you have to set up the following things to get + it to work: + +
LDAP Account Manager configuration @@ -6890,10 +6995,33 @@ Run slapindex to rebuild the index. server. Do not create a second local account but change your system to accept LDAP users. You can use LAM to add the Unix account part to your admin user or create a new account. Please do not forget to - setup LDAP write access (ACLs) if you create a new account. + setup LDAP write access (ACLs) + if you create a new account. + + + + + + + + + + + Note that the builtin admin/manager entries do not work for + lamdaemon. You need to login with a Unix account. + + + + + + + + + OpenLDAP ACL location: The access rights for OpenLDAP are configured in @@ -6990,12 +7118,13 @@ Run slapindex to rebuild the index. Now check /var/log/syslog for messages from sshd. - - - Update Openssh. A Suse Linux user reported that upgrading - Openssh solved the problem. - + + Error message "Your LAM admin user (...) + must be a valid Unix account to work with lamdaemon!": This + happens if you use the default LDAP admin/manager user to login to LAM. + Please see here and setup a Unix + account.
diff --git a/lam/docs/manual-sources/images/lamdaemon.png b/lam/docs/manual-sources/images/lamdaemon.png new file mode 100644 index 00000000..39d9e7eb Binary files /dev/null and b/lam/docs/manual-sources/images/lamdaemon.png differ diff --git a/lam/docs/manual-sources/images/lamdaemon1.png b/lam/docs/manual-sources/images/lamdaemon1.png new file mode 100644 index 00000000..654302f8 Binary files /dev/null and b/lam/docs/manual-sources/images/lamdaemon1.png differ diff --git a/lam/docs/manual-sources/images/mod_unixGroup2.png b/lam/docs/manual-sources/images/mod_unixGroup2.png new file mode 100644 index 00000000..31fafa19 Binary files /dev/null and b/lam/docs/manual-sources/images/mod_unixGroup2.png differ diff --git a/lam/docs/manual-sources/images/mod_unixGroupConfig.png b/lam/docs/manual-sources/images/mod_unixGroupConfig.png new file mode 100644 index 00000000..d8122b1b Binary files /dev/null and b/lam/docs/manual-sources/images/mod_unixGroupConfig.png differ diff --git a/lam/docs/manual-sources/images/mod_unixUserConfig.png b/lam/docs/manual-sources/images/mod_unixUserConfig.png new file mode 100644 index 00000000..3dd0c05c Binary files /dev/null and b/lam/docs/manual-sources/images/mod_unixUserConfig.png differ