Sambar Server Documentation
|
User Authentication |
User Management
Unless an external authentication mechanism is used (i.e. SQL Auth, Radius, LDAP, or NT Authentication), user management is performed from the Users link found in the System Administration Security page. After clicking on the Users link, a list of users will be displayed. From these forms, you can add, delete or update user profiles. Changes to user accounts take effect immediately. It is recommended that you modify the password of the "admin" user prior to putting the Sambar Server on a public network. Simply click on the "admin" account, and enter a new password into the Password field. Then update the admin account.
Authenitication Mechanisms
On top of these mechanisms, there are multiple authentication facilities:
The /session/login , security.ini , and
.htaccess mechanisms by default use the config/passwd
authentication facility. This can be modified in the config.ini
to specify an alternative authentication facility (i.e. SQL
Authentication ). Often, there is confusion because it is unclear
that the default config/passwd facility specified in the
config.ini is used by all authentication mechanisms unless overridden.
Case Insensitive Usernames
Adding new users via a script The only other element needed is for mail server users. To create a valid mailbox for a server user, you must create the appropriate path/file for the user: mail/mbox/username/inbox.fld If the zero-length file/path exists, it is assumed the user is a valid mail server user.
NT Authentication
NT Authentication = true Important! When using NT authentication, the user's root directory is defaulted to / unless Auto-provision Users is enabled (see below), group is defaulted to other and access privileges are defaulted to none. To change these default values, you an put an entry for the user in the config/passwd file or modify the Default User Privileges and Default User Max Content.
Radius Authentication
Radius Authentication = true Important! When using Radius authentication, the user's root directory is defaulted to / unless Auto-provision Users is enabled (see below), group is defaulted to other and access privileges are defaulted to none. To change these default values, you an put an entry for the user in the config/passwd file or modify the Default User Privileges and Default User Max Content.
LDAP Authentication
LDAP Authentication = true Important! When using LDAP authentication, the user's root directory is defaulted to / unless Auto-provision Users is enabled (see below), group is defaulted to other and access privileges are defaulted to none. To change these default values, you an put an entry for the user in the config/passwd file or modify the Default User Privileges and Default User Max Content.
SQL Authentication
SQL Authentication = true The above select clause was issued against a SQL table "users" created with the following syntax:
The SQL AUTH Cache must be a SQL datasource configured using the database cache configuration. Obviously, the database engine must be enabled in order to use the cache specified by the SQL AUTH Cache. The SQL AUTH Query string will be used by the authentication interface to build a SQL lookup query. The query string can be formatted with any argument available in custom log formating. If a row comes back from the query, the SQL authentication interface assumes a match and logs the user in.
Important! The
Auto-provision Users
|
© 2001 Sambar Technologies. All rights reserved. Terms of Use.