Annotation of loncom/html/adm/help/tex/Domain_Configuration_Trust.tex, revision 1.2
1.1 raeburn 1: \label{Domain_Configuration_Trust}
2: Starting with LON-CAPA 2.12, as Domain Coordinator you can set limits
3: on the internal LON-CAPA commands which servers/VMs in your domain will
4: run when responding to data requests sent by LON-CAPA hosts at other
5: institutions in the cluster via Socket-based connections between
6: LON-CAPA nodes.
7:
8: Setting these types of limits for a particular institution only makes
9: sense if you also disallow session hosting of your domain's users on
10: LON-CAPA hosts at that same (remote) institution. See the User Session
11: Hosting section \ref{Domain_Configuration_User_Sessions}) for details.
12:
13: If a LON-CAPA server is part of a cluster in which there is a only a
14: single domain, or multiple domains but only a single library server,
15: then options to configure domain trust relationships are unavailable,
16: as they do not make sense in this context.
17:
18: For all nine limits there are two types of restriction: ``Allow all, but exclude
19: specific domains'' or ``Deny all, but include specific domains''. In both
20: cases the options are (a) for the restriction to be in use, or (b) not be in
21: use (the default).
22:
23: If in use, then checkboxes can be checked for any ``internet domains''
24: for which the restriction is to apply. Internet domains encompass all servers at a
25: particular institution, and also any aliases used on a multiple domain server.
26:
27: For example, there is a single internet domain for educog.com. Constraints
28: for that internet domain will apply to all *.educog.com servers, as well as
29: all domains on the multi-domain educog server. On a multiple domain server,
30: session hosting constraints are defined in a single domain - the default domain
31: included in the loncapa.conf file (e.g., the ``author'' domain for ``educog.com'').
32:
33: Default domain configurations can be assigned for:
34:
35: \begin{itemize}
36: \item \textbf{Access to this domain's content by others}
37:
38: Although individual authors in your domain can set highly granular rights of
39: use for their content, as Domain Coordinator you can configure a domain trust
40: setting for access from other specified institutions to any content published
41: by your domain's authors,
42:
43:
44: \item \textbf{Access to other domain's content by this domain}
45:
46: Although individual authors in other domains can set highly granular rights
47: of use for their content, which can apply to access by your domain's users,
48: as Domain Coordinator you can configure a domain trust setting for access to
49: content belonging to other institutions.
50:
51:
52: \item \textbf{Enrollment in this domain's courses by others}
53:
54: By default, a Course Coordinator can enroll users in any other domain into a
55: course. However, as a Domain Coordinator you can configure a domain trust
56: setting to control which other institutions may have their users enrolled.
57: If you set a restriction of this type, but a user from one of the prohibited
58: institutions needs to be part of a course in your domain, you could create
59: a new user account in your own domain for that particular user.
60:
61:
62: \item \textbf{Co-author roles in this domain for others}
63:
64: By default an Author can assign co-author roles to users in any other domain.
65: However, as a Domain Coordinator you can configure a domain trust setting
66: to control which other institutions may have their users assigned co-author
67: roles for Authoring Spaces in your domain. If you set a restriction of this
68: type, but a user from one of the prohibited institutions needs to be a co-author
69: you could create a new user account in your own domain for that particular
70: user.
71:
72:
73: \item \textbf{Co-author roles for this domain's users elsewhere}
74:
75: By default an Author in another domain can assign a co-author role to users
76: in your domain. However, as a Domain Coordinator you can configure a domain
77: trust setting to control which other institutions may assign co-author roles
78: for Authoring Spaces in their domains to your users. If you set a restriction
79: of this type, but one of your users needs to be a co-author for an authoring
1.2 ! raeburn 80: space at one of the prohibited institutions, the author there could create a
1.1 raeburn 81: new user account in that domain for your user, and assign a co-author role to it.
82:
83:
84: \item \textbf{Domain roles in this domain assignable to others}
85:
86: By default a Domain Coordinator can assign certain domain roles for your domain
87: (Librarian, Domain Guest, and Bubblesheet Scanning Operator) to users from
88: other domains. In addition a user with the Super User role can assign a
89: Domain Coordinator role for your domain to users from other domains.
90:
91: As Domain Coordinator you can configure a domain trust setting to control
92: which other institutions may have their users assigned domain roles in
93: your domain. If you set a restriction of this type, but a user from one of the
94: prohibited institutions needs a domain role in your domain you could create a
95: new user account in your own domain for that particular user.
96:
97:
98: \item \textbf{Course catalog for this domain displayed elsewhere}
99:
100: By default another domain can display the course catalog for your domain,
101: although there is a domain configuration to determine whether the catalog
102: is only accessible to authenticated users. As Domain Coordinator you can
103: configure a domain trust setting to control which other institutions can
104: access course catalog information for your domain.
105:
106:
107: \item \textbf{Requests for creation of courses in this domain by others}
108:
109: By default a Domain Coordinator can assign the right to request courses in
110: the domain to users from other domains. As Domain Coordinator you can configure
111: a domain trust setting to control which other institutions may have their users
112: receive the right to request courses in your domain.
113:
114:
115: \item \textbf{Users in other domains can send messages to this domain}
116:
117: By default a user can send a LON-CAPA message to any other LON-CAPA user, by
118: entering the intended recipient's username and domain. As Domain Coordinator
119: you can configure a domain trust setting to control which other institutions'
120: users may send LON-CAPA messages to users in your domain.
121:
122: \end{itemize}
123:
124:
125: \textbf{Important Note:}
126: LON-CAPA is designed to foster sharing of educational resources both
127: within an institution, and between institutions, and in addition the LON-CAPA
128: philosophy is to empower educators to determine who has access to the content
129: they create. Setting configurations at the domain level for the first two items:
130: (a) Access to this domain's content by others, and (b) Access to other domain's
131: content by this domain runs counter to that philosophy. However, this
132: functionality is provided to support membership of the LON-CAPA network by
133: institutions which have policies that require more restrictive rules than is
134: the case for the default set-up for a LON-CAPA domain.
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to Domain_Configuration_Trust.tex CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / html / adm / help / tex