EnlightenDSM helps you easily perform some of the more common and basic tasks of setting up and managing a network. This chapter describes how to create user accounts, set up user groups, and configure network printers.
Setting up and modifying user accounts is one of the most common network management tasks. This section describes how to use the User Configuration window to add, modify, and delete user accounts and passwords. This section also describes management features for locking and unlocking user accounts, and for monitoring user information and processes.
For information about managing a user's system access, see “Managing a User's System Access,”.
To add a single new user account:
Choose Configure from the User menu. The User Configuration window appears.
The User Configuration window lists all of the current user accounts by hostname and user name. This window also lists user's password status, user id, group id, and home directory.
Click the Add button. The Create New User Account window appears.
The Create New User Account window allows you to add a single new user or multiple users.
Enter the appropriate information in each field. Refer to the section “New User Account and Modify User Fields” for information about each of the fields.
After entering the information in the fields, click the Add button.
 | Note: To add multiple users in a single operation, you must first create a text file of the new users. Next, click the Multi-User Add button in the User Configuration window to bring up the Add Multiple User window. For information on using this feature, refer to Chapter 3, “User,” in the EnlightenDSM Reference Manual. |
New user accounts often contain the same configuration information. Creating a new user account from an existing template can reduce the amount of redundant typing you'll have to do.
To create a new user account from an existing record (template):
Click the Template button in the Create New User Account window. A list of templates appears in a pick list.
Select the template that best matches the parameters of the new user. The information from that template will automatically appear in the Create New User Account window.
Change any of the information from the template.
Click Add to create a new user account.
If running NIS or NIS+, click the NIS button to save the changes.
The LADP icon will query the LDAP server(s) specified within the params configuration file every time it is depressed and load the configured input fields with addition user information found on the LADP server.
For more information about using the LADP feature, refer to Chapter 3, “User,” in the EnlightenDSM Reference Manual.
To modify a user account:
Highlight the user(s) whose account(s) to be modified.
Click the Modify button in the User Configuration window. A Modify User window similar to the Create New User Account window appears.
Change the information in the fields as desired. For information about each field refer to “New User Account and Modify User Fields”.
Click the Modify button to save the changes.
If more than one user account was selected from the User Configuration list, click the Next button to modify the next account. Be sure to click Modify before moving on to the next user or the new settings will not be saved.
If running NIS or NIS+, click the NIS button to save the changes.
The fields in the Create New User Account and Modify User Account windows are similar. The Login Name field is read-only in the Modify window. The Mail Alias and Mail Lists fields exist only in the Create window.
Hostnames field
To limit an account to specific hostnames within a pool, enter those hostnames in this field. For multiple hostnames, leave a blank between each entry. Click the right arrow button to choose from a pick list of available hosts from the current pool. If this field is left blank, the user will be added to all hosts in the pool.
Login Name field
Each user needs a unique Login Name to access the system. The first character of this Login Name should be set in lowercase (for example, cHE034). Macros can also be used in this field; see Appendix K, “Macros,” in the EnlightenDSM Reference Manual for more details.
In the Modify User window, this field is read-only.
Enter the user's real name to help associate the sometimes cryptic Login Name with the actual user. On larger systems, this name matching is invaluable. This field can also identify a company or organization.
Enter the location where the user will normally access the system. This field can contain a department name, office number, or an assigned location code. Punctuation characters are not allowed in this field.
Enter the telephone number, telephone extension, or some other contact information, in this field. The text format is user definable.
Click the Add button to have EnlightenDSM automatically fill in the remainder of the form.
The rest of this section contains information for manually filling in these fields:
Enter the UserID number for the user account. Although more than one user can technically have the same number, the UserID number should be unique for easier system administration. The number is also used by the operating system to identify each user.
If the New User Template is set to automatically generate a unique UserID, that number will be entered in this field.
| Note: If this field is left blank, EnlightenDSM will automatically enter a unique number when the user account is saved. |
Home Dir. field
The Home Dir. field specifies the parent directory in which each user's start-up directory is created. EnlightenDSM uses /home as the default HOME directory unless you change this field (most systems will use /usr or /home as the default parent directory). Creating a new user “Charlie”, for example, will also create a user directory /home/charlie.
If you specify a HOME directory that does not exist, EnlightenDSM creates and initializes one. EnlightenDSM initializes the HOME directory by executing the HOME directory initialization script $ENLIGHTEN/scripts/user.rc. This copies the initialization files (for example; .profile and .cshrc) into the HOME directory. This script can be modified to perform other initialization procedures.
The Shell is a program that acts as a translator between the user and the operating system. There may be several standard shells on a system, including the C Shell, the Bourne Shell, the Korn Shell and the restricted Bourne, C, and Korn Shells. You can also create a custom shell. Each shell has its own start-up executable program:
| Bourne Shell | /bin/sh | |
| Restricted Bourne Shell |
| |
| C Shell | /bin/csh | |
| Korn Shell | /bin/ksh | |
| Restricted Korn Shell |
| |
| Other | user defined |
EnlightenDSM uses the Bourne Shell (/bin/sh) as the default shell in this field. Each shell offers different functionality and all users on the system do not have to use the same shell. The number of standard shells available for this field depends on your system. Click the right arrow button to choose from a pick list of available shells.
Group Name field
Each user account must be assigned to at least one User Group. Each User Group has specific read, write, and execute privileges associated with every file created on the system. The User Group is part of the system's security.
Enter the primary Group Name for this user (or click the right arrow button to choose from a pick list of defined User Groups). If a non-existent Group Name is entered, EnlightenDSM will ask for a correct Group Name when trying to create the user.
To give users privileges beyond those set in the primary User Group, you can assign users to additional Groups. Enter the names of the additional Groups in the Add Groups field (or click the right arrow button to choose from a pick list of defined User Groups).
Because the password is part of system security, each user must have a password. A new password can be the same characters as the user's Login Name, allowing the user to change it later. Macros can also be used in this field to automatically generate new passwords. See Appendix K, “Macros,” in the EnlightenDSM Reference Manual for more details.
| Note: If the entry in the password field is not long enough, an error message will be displayed when you try to add this user account. |
For systems that support password aging, this optional field contains the time when the password will expire. When a password expires, the system forces the user to change their password at the next system login.
If the Expires field is left blank, the default parameter is used. If you don't set a default when adding a user, password aging will be turned off for that user. For more details, refer to Appendix D, “Password Aging,” in the EnlightenDSM Reference Manual.
To specify a time format, see Appendix C, “Time Formats,” in the EnlightenDSM Reference Manual.
The Span field defines the minimum period of time that must elapse before a user can change their password (you can, however, change the user's password at any time by using the Password button in the User Configuration window). For information on time formats, see Appendix C, “Time Formats,” in the EnlightenDSM Reference Manual.
Mail Alias field (Create New User Account window only)
Enter the default mail alias for an account. This alias designates a short name as the substitute for the full user address or group of addresses. You may also use macros in this field. See Appendix K, “Macros,” in the EnlightenDSM Reference Manual for more details.
Mail Lists field (Create New User Account window only)
Enter the mailing lists this user will belong to. A mail list allows a single message to be sent to a group of people. Click the right arrow button to choose from a pick list of defined mail lists.
To delete a user from the system:
In the User Configuration window (Figure 3-1), highlight the username(s) to be removed from the system and click Delete.
Confirm the deletion of the user(s).
By default, EnlightenDSM will also delete the user's HOME directory (including all files and sub-directories). EnlightenDSM will prompt you to confirm the deletion of this directory. Click Yes to delete the directory. Click No to leave the directory intact while still deleting the user account.
If running NIS or NIS+, click the NIS button to save the changes.
EnlightenDSM will not delete the user's HOME directory if:
The user's HOME directory is considered to be a system (required) directory. The system directories are:
/
/usr
/etc
/bin
/lib
/home
/dev
/sbin
/usr/bin
/usr/adm
/usr/lib
/usr/sbin
/usr/man
/usr/lib/uucp
The user's HOME directory is shared by more than one user. In this case, the HOME directory is not deleted since this would also delete the HOME directory of any sharing co-users.
The user's HOME directory is not owned by the user. In this case, you are asked to confirm before deleting it.
It is the HOME directory of the root user account.
You do not have to know a user's password in order to change it.
To change a current user account password:
From the User Configuration window (Figure 3-1), highlight the user(s) whose password(s) you want to change.
Click the Password button. Enter the new password in the pop-up window (Figure 3-4).
Click the Apply button to save the password.
If multiple usernames were selected, click the Next button to enter the next user password. Be sure to click Apply before moving on to the next user or the password will not be saved.
Click Apply To All to set the same password for all the selected users.
Click the Close button to stop changing passwords and close the window. Any previous changes made by using the Apply button remain; they are not undone by clicking this button.
If running NIS or NIS+, click the NIS button to save the changes.
User Groups allow system managers to assign access privileges to groups of individual users. Use EnlightenDSM to create, modify or delete User Groups.
To create a new User Group:
Choose Groups from the User menu. The Group Configuration window appears.
Click the Add button. The New User Group window appears.
To limit the group to certain hostnames, type the hostnames in the Hostnames field. For multiple entries, leave a blank between each hostname.
Type the name of the group in the Group Name field. Choose a name that reflects the group's function, such as “marketing” or “bizteam”.
Enter a unique number (no decimal points) in the Group ID field. The Group ID (GID) is used by the operating system to identify the group. SCO operating system limits the Group ID to eight digits.
Click Add to save the new User Group. Click Close to return to the Group Configuration window.
If running NIS or NIS+, click the NIS button to save the changes.
To modify the parameters of a User Group:
Click the Modify button in the Group Configuration window (Figure 3-5). The Modify Group Configuration window appears.
Change the parameters as desired.
Click the Modify button to save the changes.
If multiple groups were selected, click the Next button to modify the next User Group. Be sure to click Modify before moving on to the next group or the new settings will not be saved.
If running NIS or NIS+, click the NIS button to save the changes.
To delete an entire User Group:
Select the group(s) to be deleted from the Group Configuration window (Figure 3-5).
Click the Delete button. In addition to removing the highlighted User Groups, links between the group and its members are deleted.
If running NIS or NIS+, click the NIS button to save the changes.
Click the Assign Users button (see Figure 3-5) to modify the users assigned to a group. The User Group List window (Figure 3-8) will appear.
To add a user to a group:
Click the Add Users button. A menu appears listing all users on the system.
Highlight the users to be added to the group.
Click the Apply button.
To delete users from a group:
Highlight the users to be deleted from the group.
Click the Delete button.
To move a user from one group to another:
Highlight the users to be moved to another group. Click the Move Users button. A pop-up window appears.
Enter the User Group that the user is to be moved to (or click the right arrow button to choose from a pick list of available User Groups).
Click the Apply button to save the changes.
If running NIS or NIS+, click the NIS button to save the changes.
Use EnlightenDSM to define printer servers and printer clients.
Printer servers are used to efficiently manage print jobs. Print servers receive all print requests, queue the jobs, and distribute each print job to various available printer clients. The printer clients then print the jobs sent to them by the printer server.
EnlightenDSM has two configuration options: the Configuration Local option reports only local printer destinations. The Configuration All option displays both network and local printers. A local printer is a printer connected directly to a host. A network printer is connected to your network and so has an IP address.
This section describes how to set up network printers, enable and disable print jobs, and manage print jobs and queues. This section assumes that the printers are already physically connected to either a host or network.
Refer to Chapter 4, “Printer,” in the EnlightenDSM Reference Manual for information about
Defining custom printer models or drivers
Displaying and managing print jobs
To set up a local print service for a printer attached directly to a host:
Choose Configure (local) from the Printer menu. The Configured Printers window appears.
Click the Add button. The Add a New Print Service window appears.
For Print Service Type, click the Server option.
For Printer Type, click the Local option.
In the Printer Name field, enter the printer name users will refer to. (use a meaningful name, such as the printer's location, type, or purpose). This name is also referred to as a printer queue or destination.
In the Device field, enter the type of device by which the printer will be attached: for example, /dev/lp (parallel) or /dev/ttyh7 (serial). This device must already exist.
In the Server Hostname field, enter the hostname (from the current pool) that will act as the print server for this printer.
In the Printer Model field, specify the printer driver to be used. A Server Hostnames must be entered before selecting a driver.
The Class field is optional. By entering a printer in this field, the print job is sent to the first available printer in that printer class. For systems using the System V type spooling system, defining the class will more efficiently distribute print jobs to multiple printers of the same type.
If a printer class in not entered, the printer (queue) will not be put into a printer class. If you enter a printer class that does not exist, the class will automatically be created.
| Note: The class field is not used by systems using the Berkeley style printer spooler (lpd) or by IBM AIX systems. |
In the Hosts Allowed Access field, enter the hostnames that will have access to this printer.
Click the Apply button to save the settings.
Adding a network print server is similar to adding a local print server.
To add a network print server, follow the steps described in the previous section, “Setting Up a Local Print Service”. You must also:
Click the Printer Type option to Network.
Specify the printer's IP address in the IP Address field (this field will appear when you select the Network Printer Type option).
To set up a client print service:
Choose Configure All from the Printer menu. The Configured Printers window appears.
Click the Add button. The Add a New Print Service window appears.
Click the Client button in the Print Service Type option.
To configure the new printer on a subset of the currently managed hosts, enter the hostname(s) in the Hostnames field. For multiple entries, leave a blank space between each hostname. You can also click the right arrow button to choose from a pick list of hosts in the current pool.
In the Local Queue Name field, enter the full pathname for the local printer queue (for example, /var/spool/lp).
In the Remote Host field, enter the hostname that will act as the print server for this particular client (or click the right arrow button to choose from a pick list of hosts in the current pool).
In the Remote Printer field, enter the remote printer that will service the print jobs (or click the right arrow button to choose from a pick list of all printers defined on hosts in the current pool).
Click the Apply button to save the printer configuration.
To delete a printer from the system:
Choose either Configure (all) or Configure (local) from the Printer menu. The Configured Printers window appears (Figure 3-11).
Highlight the printers to be deleted from the system. Click the Delete button. A EnlightenDSM window will ask for confirmation of the deletion.
| Note: EnlightenDSM cannot delete a printer configuration if there are pending print requests. To move or cancel all pending print requests on the printer to be deleted, choose Queue from the Printer and click on the appropriate option. |
The Enable command makes the printer active and available for printing. Once enabled, the printer will print any jobs waiting in the queue.
To enable a printer that has been disabled, click the Enable button in the Configured Printers window (Figure 3-11).
| Note: When a printer is added to the system, it is automatically enabled. |
To disable printers and stop them from receiving spooler print requests, highlight the printers and click the Disable button. Currently printing jobs will stay in the print queue and finish printing once the printer is enabled. This command does not stop users from sending print jobs to the disabled printer; those print requests are added to the queue and printed once the printer is enabled.