Novell iManager 2.7.5 Administration Guide - NetIQ
Novell iManager 2.7.5 Administration Guide - NetIQ
Novell iManager 2.7.5 Administration Guide - NetIQ
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Plain Text:<br />
RBS Report Query Settings<br />
User: admin.novell<br />
Date: Thursday, June 26, 2008 (10:33:17 AM IST)<br />
Types: User, Group, Dynamic Group, Organizational Role, Container<br />
-------------------------------------------------<br />
Dynamic Group Search Settings:<br />
Search Enabled: yes<br />
Role Search: parent sub-directory (novell)<br />
Role Search: Dynamic Group Objects<br />
Container Role Search: up to parent (novell)<br />
-------------------------------------------------<br />
Role Name: eDirectory <strong>Administration</strong> Role Object: eDirectory <strong>Administration</strong>.Role<br />
Based Service 2.novell Type: User Member: jdoe.novell Scope: novell Assigned: true<br />
Inherit: true<br />
-------------------------------------------------<br />
6.4 <strong>iManager</strong> Server<br />
If you do not see this task, you are not an authorized user. See “Authorized Users and Groups” on<br />
page 70. This topic includes the following information:<br />
• Section 6.4.1, “Configure <strong>iManager</strong>,” on page 69<br />
• Section 6.4.2, “Security,” on page 70<br />
• Section 6.4.3, “Look and Feel,” on page 71<br />
• Section 6.4.4, “Logging Events,” on page 71<br />
• Section 6.4.5, “Redirection After Logout,” on page 72<br />
• Section 6.4.6, “Authentication,” on page 72<br />
• Section 6.4.7, “RBS,” on page 73<br />
• Section 6.4.8, “Plug‐In Download,” on page 73<br />
• Section 6.4.9, “Misc,” on page 74<br />
• Section 6.4.10, “Encryption,” on page 75<br />
6.4.1 Configure <strong>iManager</strong><br />
There are three settings in the config.xml file that control the security and the certificates used when<br />
<strong>iManager</strong> creates an LDAP SSL connection:<br />
Security.Keystore.AutoUpdate: If the value of AutoUpdate is True, when a user successfully logs in<br />
to <strong>iManager</strong>, the certificate from that eDirectory server might automatically be imported into the<br />
<strong>iManager</strong>‐specific keystore. Select the setting Auto Import Tree Certificate for Secure LDAP (Configure<br />
<strong>iManager</strong> > Security).<br />
Security.Keystore.UpdateAllowAll: When UpdateAllowAll is True, then any successful user login<br />
imports/updates a certificate into the <strong>iManager</strong> certificate keystore. If the setting is false, only an<br />
authorized user login imports/updates certificates.<br />
Security.Keystore.Priority: The priority setting contains two words that define the search order for<br />
certificates during a connection: system, and imanager.system uses the default JVM* keystore to locate<br />
certificates when created the SSL context. If that fails, it then goes to the <strong>iManager</strong> keystore.<br />
You can change the search order of system and <strong>iManager</strong> by removing either word from the entry.<br />
Configuring and Customizing <strong>iManager</strong> 69