Annotation of loncom/html/adm/help/tex/Domconfig_User_Creation.tex, revision 1.1
1.1 ! raeburn 1: Identity management in a LON-CAPA domain is dependent on settings
! 2: made for user creation and user modification. Of particular concern
! 3: is the potential for assignment of usernames in a format used by your
! 4: institution when the username does not yet exist. In such a case,
! 5: authentication is likely to be set to be \char`\"{}internal\char`\"{},
! 6: and should a real user be created in the future, and be enrolled in
! 7: a course by auto-enrollment, the user would either be unable to authenticate
! 8: (using LON-CAPA log-in page), or would be authenticated by SSO, and
! 9: have access to the original user's roles and associated information.
! 10:
! 11: It is important therefore to establish format rules for new usernames
! 12: so the only users created with institutional-type usernames are the
! 13: real users themselves with the appropriate authentication type (Kerberos
! 14: or localauth). Even without format rules, the Domain Coordinator can
! 15: set who can create new users, and the authentication types that may
! 16: be set in different context.
! 17:
! 18: The domain-wide options available for user creation are:
! 19:
! 20: \begin{itemize}
! 21: \item Activate/deactivate operation of format rule(s) for usernames
! 22: \item Activate/deactivate opration of format rule(s) for student/employee
! 23: IDs
! 24: \item Activate/deactivate operation of format rule(s) which prohibit self-created
! 25: accounts using certain types of e-mail address as the username.
! 26: \item Control which types of username (official or non-official) may be
! 27: used when creating new users in course or author context
! 28: \item Control which types of user may create their own accounts in LON-CAPA
! 29: \item Control which types of authentication may be used when assigning authentication
! 30: to new users in author, course or domain context
! 31: \end{itemize}
! 32: The format rules themselves are defined by customizing the following
! 33: routines in localenroll.pm:
! 34:
! 35: \begin{itemize}
! 36: \item usernames: \&username\_rules() and \&username\_check()
! 37: \item IDs: \&id\_rules() and \&id\_check()
! 38: \item self-created accounts: \&selfcreate\_rules() and \&selfcreate\_check()
! 39: \end{itemize}
! 40: The first two of these - username and ID check, when enforced, require
! 41: that if a username and/or ID of the activated formats is to be used
! 42: in LON-CAPA, they must exist in the institutional directory. If they
! 43: exist, the corresponding user information (first name, middle name,
! 44: last name, e-mail address) will be used when creating the new user
! 45: account. If they do not exist, account creation will not occur.
! 46:
! 47: The third one operates in the opposite manner - if a user attempts
! 48: to self-create an account employing a username with an e-mail address
! 49: in a format which matches the rule, the action does not proceed, and
! 50: the user is directed to create an account with the corresponding institutional
! 51: log-in. In this case account creation can only occur once the user
! 52: has authenticated using that login.
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to Domconfig_User_Creation.tex CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / html / adm / help / tex