Administering User Objects


Administering GroupWise user objects is the most common task you will be doing with GroupWise administration in ConsoleOne. This section fully explains all the attributes that can be administered on a GroupWise object.

The User GroupWise Account Property Page

If you have worked at all with Novell Directory Services and ConsoleOne, you are probably quite familiar with the user object details window. With GroupWise 7 installed in your tree, the user object has some new property pages available to it. The one you'll likely use the most is the GroupWise Account property page. Figure 5.7 shows this page.

Figure 5.7. The user object's GroupWise Account page


Note

There is a special kind of user object that you may or may not see in your GroupWise system. It's what's called a "GroupWise External Entity." A GroupWise External Entity is a full GroupWise user, with an eDirectory object, but the eDirectory object is not a typical "red shirt" type user object. External Entity users have a green shirt. These users cannot authenticate to eDirectory, but they have an eDirectory object so that administrative rights can be assigned to the object


This tab offers three major administrative tools:

  • Changing GroupWise information for this user

  • Changing this user's GroupWise password

  • Deleting the user's GroupWise account

The following offers a discussion of each of the fields:

  • Post Office: This is the name of this user's post office, with the name of the domain tacked on before the post office name with a period delimiting the domain and post office names.

  • Mailbox ID: This is the user's GroupWise user ID for accessing the user's mailbox.

  • Visibility: This field defines which users elsewhere in the GroupWise system can find this user in the GroupWise address book. Following are the options for this pull-down menu:

    • System: Anyone on this GroupWise system can see this user in the address book.

    • Domain: This user can be seen only by users in the same domain.

    • Post Office: This user can be seen only by users in the same post office.

    • None: This user does not appear in the GroupWise address book.

      Just because a user cannot be seen in the address book does not mean that the user cannot be sent to. If you know the domain, post office, and user ID, you can enter those items in the TO field (for example, corp.corppo.tkratzer), and the email will reach the user.

      Similarly, if GroupWise Internet addressing is enabled, you can reach this user by entering the user's user ID and IDOMAIN (that is, tkratzer@wwwidgets.com) in the TO field.

  • External Sync Override: If you have connected your GroupWise system to another organization's GroupWise system, and are using external system synchronization, you might want to make some users invisible outside of your GroupWise system. This field enables you to override the setting in the Visibility field for this user.

  • Account ID: This field is used for GroupWise gateways that offer accounting features so that users can be charged for, say, sending faxes or transmitting data across an expensive line.

  • File ID: This is the three-character string that uniquely identifies this user's USER database in this post office directory. In the example in Figure 5.7, the File ID is 5nw, which means that the mailbox for user TKRATZER is in USER5NW.DB.

  • Expiration Date: If you have temporary or contract employees, you can choose to set an expiration date for them. After the date has passed, the user cannot log in to his or her GroupWise mailbox. Other users can still send mail to an expired user, however. Clearing the date out of this field after that date has passed will, in effect, un-expire the user, allowing that user to log in again.

  • Gateway Access: This is an obscure feature that was used in older GroupWise gateways. Use this field if instructed to do so when configuring a specific GroupWise gateway.

  • Disable Logins: If you need to prevent a user from logging in, you can check this box. Note that this change, as with any changes made in ConsoleOne, takes time to propagate down to the post office. Try to plan a few minutes ahead in order to ensure that the user doesn't successfully log in before the update takes place. If the post office that this user is a member of has Enable Intruder Detection enabled, when a user is locked out of his or her account, you should see a check mark in this box. If you uncheck the box, the user's mailbox will no longer be locked out.

  • LDAP Authentication: This option applies only if you are using LDAP to authenticate users (see "The Security Property Page" section earlier in this chapter) and the LDAP server is not the Novell LDAP server, or if the eDirectory tree you are using for LDAP authentication is a different tree than the one the users are in. Chapter 26 talks more about how you might use this field.

  • Restore Area: This option displays the restore area, if any, that the user can access to restore deleted items from backup.

    To set up a restore area, choose Tools, GroupWise System Operations, Restore Area Management. Restore area management is covered more in Chapter 28, "Restoring Deleted Users."

  • Change GroupWise Password: Clicking this option displays the Security Options window shown in Figure 5.8. The GroupWise password (managed with this Security Options window) is independent of the user's eDirectory password. So changing this password will not change the user's eDirectory password.

    Figure 5.8. The Security Options window


    This window offers the following options:

    • Enter New Password: If a user forgets a GroupWise password, you can provide the user with a new password to access GroupWise. You should advise the user to change the new password to a personal one.

    • Retype Password: If you retype the password correctly, it is set; otherwise, you need to reenter the password in both fields.

    • Clear User's Password: If a user forgets a personal password, check this box to clear the password. The user can then enter a new password at his or her discretion. In a high-security post office, it might be necessary to set a new password after clearing the old one.

    • Allow Password Caching: This option is selected by default, enabling the user to select the Remember My Password option under Tools, Options, Security in the GroupWise client. This option lets the user restart GroupWise without reentering the password. The password is stored in the Windows password list on the current computer.

    • Allow eDirectory Authentication Instead of Password: This option lets users select the No Password Required with eDirectory option under Security options in the GroupWise client. When selected, this option lets the user access his or her mailbox without requiring a password if he or she is already logged in to eDirectory. Mailbox access is granted based on eDirectory authentication, not on password information.

    • Enable Single Sign-on: This check box lets the user select the Use Novell Single Sign-on option under Tools, Options, Security in the GroupWise client. When selected, this option lets the user access his or her mailbox without reentering the password. The GroupWise password is stored in eDirectory for the currently logged-in user.

      Novell Single Sign-on must be installed on user workstations in order for this option to take effect. The Single Sign-on options are not applicable if LDAP authentication is enabled.

  • Delete GroupWise Account: This selection deletes a user's GroupWise account, but not the user's eDirectory account.

The user password portion of the user account page is a very popular destination in ConsoleOne, unless you have enabled LDAP authentication at the post office. This section listed all the ways you can approach mailbox authentication security with GroupWise.

The User Distribution Lists Property Page

To find the Distribution Lists property page, click the GroupWise tab, and click Distribution Lists. This page displays all the distribution lists that this user appears in, and it enables you to add this user to additional GroupWise distribution lists.

The Participation button enables you to specify whether the user is a TO, CC, or BC (blind copy) recipient of messages sent to the distribution list you are highlighting.

The User Internet Addressing Property Page

Internet addressing exceptions can be configured at the domain, post office, and user level. On the user object details window, this tab enables you to make exceptions at the user level. Most particularly, you can even change the USER ADDRESS portion of the USER ADDRESS@INTERNET DOMAIN NAME. This feature is new to GroupWise 6.5. Figure 5.9 shows an example in which the default Internet Addressing scheme has been changed at a user level.

Figure 5.9. Defining Internet addressing at the user level


In the example shown in Figure 5.9, when Tay Kratzer sends messages to the Internet, the recipient will see Tay's address as taykratzer@wwwidgets.com. For incoming messages destined for Tay, the GroupWise Internet Agent (GWIA) will accept messages addressed to taykratzer@wwwidgets.com or tkratzer@wwwidgets.com. Because certain check marks have been removed under Allowed Address Formats, the GWIA will not allow messages sent to tay.kratzer@wwwidgets.com, kratzer.tay@wwwidgets.com, or tkratzer.corppo@wwwidgets.com.

Chapter 16 goes into depth on Internet addressing.

Note

The post office must be version 6.5 or 7 in order for you to see the "free-form" Internet address override option on the user object. The GWIA must also be version 7 for you to use this feature. This relatively new feature has many advantages when compared to the older gateway aliases (as described in the following section) in solving problems with spaces and other disallowed characters in the last name, like erno.de Korte@wwwidgets.com. The free-form Internet address filed is the preferred method for changing an Internet email address; try not to use gateway aliases anymore, which are part of an older toolset.


The User Gateway Aliases Property Page

A user alias can be used to change the "user" field for a single user's Internet address. It can also be used to change the entire address.

If you set the gateway alias address to a value with no @ sign, you are only changing the user portion of the Internet address. If you include the @ sign, you have changed the entire address for that user.

If you assign a gateway alias to a user, that alias appears as the reply-to address on all mail the user sends through that particular gateway. In an example mentioned in Chapter 3, "Understanding the GroupWise Directory," Eva Cornish wants inbound email that is addressed to webmaster@wwwidgets.com to come to her. If you create a gateway alias called "webmaster" for her, not only will she get mail addressed to "webmaster," but also all the mail she sends will appear as if it is from "webmaster." This is most likely not the desired effect. So in this scenario a gateway alias is not the best choice. It is probably better to create a nickname of "webmaster" for Eva, as covered next.

The User Nicknames Property Page

A nickname is a way for a user to exist in two places at once. It is also a way for one user to have more than one identity. Nicknames added through this tab can be placed in any GroupWise post office. This is a handy way to overcome some of the limitations of the visibility feature, and it can also enable the user to be known by more than one user ID.

Assume, for example, that Eva Cornish is the webmaster for WorldWide Widgets. If you create a nickname for Eva Cornish of "webmaster," when someone sends a message to webmaster@wwwidgets.com, it will reach Eva.

The User X.400 Information Property Page

If you need to connect your system to an X.400 system, each of your users might need an X.400-style address. In most situations, however, it is much more convenient for X.400 systems and GroupWise systems to communicate via the SMTP, or Internet email protocol.

If your users do need X.400 addresses, the X.400 system's administrator can assist you as you populate these fields.



NOVELL GroupWise 7 Administrator Solutions Guide
Novell GroupWise 7 Administrator Solutions Guide
ISBN: 0672327880
EAN: 2147483647
Year: 2003
Pages: 320
Authors: Tay Kratzer

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net