Annotation of loncom/html/adm/help/tex/Domain_Configuration_User_Creation.tex, revision 1.1
1.1 ! raeburn 1: \label{Domain_Configuration_User_Creation}
! 2: Identity management in a LON-CAPA domain is dependent on settings
! 3: made for user creation and user modification. Of particular concern
! 4: is the potential for assignment of usernames in a format used by your
! 5: institution when the username does not yet exist. In such a case,
! 6: authentication is likely to be set to be \char`\"{}internal\char`\"{},
! 7: and should a real user be created in the future, and be enrolled in
! 8: a course by auto-enrollment, the user would either be unable to authenticate
! 9: (using LON-CAPA log-in page), or would be authenticated by SSO, and
! 10: have access to the original user's roles and associated information.
! 11:
! 12: It is important therefore to establish format rules for new usernames
! 13: so the only users created with institutional-type usernames are the
! 14: real users themselves with the appropriate authentication type (Kerberos
! 15: or localauth). Even without format rules, the Domain Coordinator can
! 16: set who can create new users, and the authentication types that may
! 17: be set in different context.
! 18:
! 19: The domain-wide options available for user creation are:
! 20:
! 21: \begin{itemize}
! 22: \item Activate/deactivate operation of format rule(s) for usernames
! 23: \item Activate/deactivate opration of format rule(s) for student/employee
! 24: IDs
! 25: \item Activate/deactivate operation of format rule(s) which prohibit self-created
! 26: accounts using certain types of e-mail address as the username.
! 27: \item Control which types of username (official or non-official) may be
! 28: used when creating new users in course or author context
! 29: \item Control which types of user may create their own accounts in LON-CAPA
! 30: \item Control which types of authentication may be used when assigning authentication
! 31: to new users in author, course or domain context
! 32: \end{itemize}
! 33: The format rules themselves are defined by customizing the following
! 34: routines in localenroll.pm:
! 35:
! 36: \begin{itemize}
! 37: \item usernames: \&username\_rules() and \&username\_check()
! 38: \item IDs: \&id\_rules() and \&id\_check()
! 39: \item self-created accounts: \&selfcreate\_rules() and \&selfcreate\_check()
! 40: \end{itemize}
! 41: The first two of these - username and ID check, when enforced, require
! 42: that if a username and/or ID of the activated formats is to be used
! 43: in LON-CAPA, they must exist in the institutional directory. If they
! 44: exist, the corresponding user information (first name, middle name,
! 45: last name, e-mail address) will be used when creating the new user
! 46: account. If they do not exist, account creation will not occur.
! 47:
! 48: The third one operates in the opposite manner - if a user attempts
! 49: to self-create an account employing a username with an e-mail address
! 50: in a format which matches the rule, the action does not proceed, and
! 51: the user is directed to create an account with the corresponding institutional
! 52: log-in. In this case account creation can only occur once the user
! 53: has authenticated using that login.
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to Domain_Configuration_User_Creation.tex CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / html / adm / help / tex