--- loncom/html/adm/help/tex/Domain_Configuration_Quotas.tex	2008/07/23 02:41:55	1.1
+++ loncom/html/adm/help/tex/Domain_Configuration_Quotas.tex	2017/12/01 20:57:35	1.7
@@ -1,15 +1,89 @@
 \label{Domain_Configuration_Quotas}
-Each user in your domain will receive an individual portfolio space
-to which files may be uploaded. Students can submit items from their
-portfolio to meet the requirements of assignments in their courses.
-The default quotas you set for users in your domain will be overridden
-by any quota you set for individual users. 
+By default, each user in your domain can create blogs, a personal 
+information page, and store files in an individual portfolio space. 
+Students can submit items from their portfolio to meet the requirements 
+of assignments in their courses.
 
-Default quotas (in Mb) can be set to vary by institutional affiliation,
-as defined for your domain (e.g., Faculty, Adjunct, Staff, Student).
+You can choose to disable personal information pages, blogs and/or portfolios 
+for different groups of users defined for your domain (e.g., Faculty, Adjunct, 
+Staff, Student).  If the ``Modify User'' utility in User Management is 
+used to explicitly set availability of these tools for a particular user,
+that will override the corresponding settings determined by the user's 
+affiliation.
+
+If you choose to enable portfolios, default quotas (in MB) 
+can similarly be set to vary by institutional affiliation.
 If a user is affiliated with more than one group, whichever default
 quota is largest for the different groups is the one which applies.
-Institutional types need to be defined in a customized version of
-\&inst\_usertypes() in the localenroll.pm module installed on the
-primary server in your domain. If no types have been defined, then
-a single default quota will apply for all users from the domain.
+Institutional types are defined in the ``Institutional user types''
+section on the ``Default authentication, language, timezone, portal, types'' 
+screen. If no types have been defined, then a single default quota
+will apply for all users from the domain.
+
+Default portfolio quotas which can be set for users in your domain
+will be overridden by any quota you set for an individual user via:
+the ``Modify User'' utility.
+
+Additional options for authoring spaces can be set for the various user 
+types: (a) whether webDAV is active, and (b) the default quota for Authoring Space.
+These only come into effect for a particular user, when an author and/or one or
+more co-author roles have been assigned to a user to provide access to one or more 
+Authoring Spaces.
+
+WebDAV allows a user to connect to an Authoring Space in the same way as removable
+media, and to use their own laptop/desktop computer's file management tools and
+applications to move, edit and delete files. See: ``WebDAV access to Authoring Space''
+section in the Authoring manual for more information.
+
+Note: webDAV usage requires Apache with SSL to be running on the library server.  
+The user will be prompted to enter his/her username (this will be the LON-CAPA username
+or username,domain if the access is for a co-author with a domain different 
+to that of the author), and the user's LON-CAPA password. webDAV also requires that the
+dav and dav_fs modules are enabled in Apache. The way those are enabled depends on the 
+Linux distro (command line access required).
+the Apache config.  
+
+\begin{itemize}
+
+\item CentOS, Red Hat and Scientific Linux (6 and earlier)
+
+The required LoadModule lines are included in the /etc/httpd/conf/httpd.conf
+file added by install.pl run to prepare a server for installation of LON-CAPA.
+
+\item CentOS, Red Hat and Scientific Linux 7
+
+The required LoadModule lines are in the default /etc/httpd/conf.modules.d/00-dav.conf 
+file added when the httpd rpm is installed.
+
+\item Ubuntu
+
+Use the commands: a2enmod dav and a2enmod dav_fs to enable the modules. 
+
+\item SLES
+
+The APACHE_MODULES entry in /etc/sysconfig/apache2 contains the list of modules to be
+loaded. If dav and dav_fs are not present they should be added to the list.
+
+\end{itemize}
+
+(Reload Apache after making any changes to the Apache configuration).
+
+If you use Single Sign On to authenticate LON-CAPA users in your domain, then to
+support webDAV you also need to support authentication by LON-CAPA for your users.
+This can achieved if the authentication type stored internally for each SSO user is 
+set to either (a) Kerberos 5 (with a parameter --  the appropriate Kerberos realm 
+set), or (b) Local Authentication, with /home/httpd/lib/perl/localauth.pm
+customized to verify username and password (e.g., via LDAP).  If a user can log-in  
+to LON-CAPA via the URL /adm/login (thereby by-passing SSO), then the same user will 
+also be able to authenticate using a WebDAV client (assuming other requirements are 
+met, i.e., SSL, WebDAV access enabled, active author or co-author role).
+
+The requirement to obsolete published files before moving or deleting them, which applies to
+the regular web browser-based management of Authoring Space, also applies in the webDAV 
+environment. Moving and deleting directories in the webDAV environment is prohibited if
+the directory, or any (nested) subdirectory contains a non-obsolete published resource.
+
+Given the ability to easily delete unpublished content in webDAV (without the ability to 
+reverse the deletion), it is important that authors assigned webDAV access are especially
+careful when working in the webDAV environment. 
+