Return to Domain_Configuration_User_Creation.tex CVS log

Up to [LON-CAPA] / loncom / html / adm / help / tex

Annotation of loncom/html/adm/help/tex/Domain_Configuration_User_Creation.tex, revision 1.3

1.1       raeburn     1: \label{Domain_Configuration_User_Creation}
                      2: Identity management in a LON-CAPA domain is dependent on settings
                      3: made for user creation and user modification. Of particular concern
                      4: is the potential for assignment of usernames in a format used by your
                      5: institution when the username does not yet exist. In such a case,
1.3     ! raeburn     6: authentication is likely to be set to be ``internal'',
1.1       raeburn     7: and should a real user be created in the future, and be enrolled in
                      8: a course by auto-enrollment, the user would either be unable to authenticate
                      9: (using LON-CAPA log-in page), or would be authenticated by SSO, and
                     10: have access to the original user's roles and associated information.
                     11: 
                     12: It is important therefore to establish format rules for new usernames
                     13: so the only users created with institutional-type usernames are the
                     14: real users themselves with the appropriate authentication type (Kerberos
                     15: or localauth). Even without format rules, the Domain Coordinator can
                     16: set who can create new users, and the authentication types that may
                     17: be set in different context.
                     18: 
                     19: The domain-wide options available for user creation are: 
                     20: 
                     21: \begin{itemize}
                     22: \item Activate/deactivate operation of format rule(s) for usernames 
1.2       raeburn    23: \item Activate/deactivate operation of format rule(s) for student/employee
1.1       raeburn    24: IDs 
                     25: \item Control which types of username (official or non-official) may be
                     26: used when creating new users in course or author context 
                     27: \item Control which types of authentication may be used when assigning authentication
                     28: to new users in author, course or domain context
                     29: \end{itemize}
1.2       raeburn    30: 
1.1       raeburn    31: The format rules themselves are defined by customizing the following
                     32: routines in localenroll.pm: 
                     33: 
                     34: \begin{itemize}
                     35: \item usernames: \&username\_rules() and \&username\_check()
                     36: \item IDs: \&id\_rules() and \&id\_check()
                     37: \end{itemize}
1.2       raeburn    38: When enforced the user name and ID rules require that if a username 
                     39: and/or ID which matches the format for an active rule is to be used
1.1       raeburn    40: in LON-CAPA, they must exist in the institutional directory. If they
                     41: exist, the corresponding user information (first name, middle name,
                     42: last name, e-mail address) will be used when creating the new user
                     43: account. If they do not exist, account creation will not occur.
                     44: