Creating a Login Sequence

Once login and post-login methods are installed, you must create login sequences in order for the methods to be used to log in to eDirectory^®. You view, add, modify, or delete login sequences using ConsoleOne or Novell iManager.

In NMAS Enterprise Edition, you can set up multiple login and post-login methods per sequence. You must have at least one login method selected to be able to select a post-login method.

When multiple methods are selected for a sequence, they are executed in the order they are listed. Login methods are executed first, then post-login methods.

A login sequence can be an And or an Or sequence. An And sequence is successful if all of the login methods successfully validate the identity of the user. An Or sequence only requires that on of the login methods validate the identity of the user for the login to be successful.

The post-login methods are only executed if the login is successful, irregardless of the And/Or relationship.

Once a sequence is created, users may be authorized to use the new sequence to log in to eDirectory.

Adding a New Login Sequence (ConsoleOne)

1. In ConsoleOne, select the Security container.

2. Right-click the Login Policy container > select Properties.

3. Click New Sequence.

4. Enter a name for the new login sequence > click OK to continue.

   All available login methods will be listed under Available Login Methods and Available Post-Login Methods.

5. Select the Sequence Type from the drop-down list.

   If you select And, a user will have to log in using every login method that makes up the login sequence. If you select Or, the user will only have to log in using one of the login methods that makes up the login sequence.

6. Double-click or use the horizontal arrows to add each method you want to the sequence.

   If you are using multiple methods, use the vertical arrows to change the execution order.

   The Sequence Grade field displays the grade for the login sequence. For And sequences, the sequence grade is the union of the grades of the login methods. For Or sequences, the sequence grade is the intersection of the method grades.

7. Click OK when you are finished.

Adding a New Login Sequence (Novell iManager)

1. Launch Novell iManager.

2. Authenticate to the eDirectory tree as an administrator or a user with administrative rights.

3. From the Roles and Tasks menu, click NMAS Management > NMAS Login Sequences.

4. Click the Add (+) button and enter a name for the new login sequence > click OK to continue.

   All available login methods will be listed under Available Login Methods and Available Post-Login Methods.

5. Select the Sequence Type from the drop-down list.

   If you select And, a user must log in using every login method that makes up the login sequence. If you select Or, the user will only need to log in using one of the login methods that makes up the login sequence.

6. Use the horizontal arrows to add each method you want to the sequence.

   If you are using multiple methods, use the vertical arrows to change the execution order.

   The Sequence Grade field displays the grade for the login sequence. For And sequences, the sequence grade is the union of the grades of the login methods. For Or sequences, the sequence grade is the intersection of the method grades.

7. Click OK when you are finished.

Modifying a Login Sequence (ConsoleOne)

1. In ConsoleOne, select the Security container.

2. Right-click the Login Policy container > select Properties.

3. Select a login sequence from the Defined Login Sequences drop-down list.

   The Sequence Grade and Login and Post-Login Sequences for the selected method are displayed. All of the available login methods appear in the Available Login and Available Post-Login Methods lists.

4. Select an action:

   • To add or remove login or post-login methods from a sequence, use the left- and right-arrows.

     NOTE:  You must have at least one login method selected in order to have a post-login method selected.

   • To change the sequence order of the login methods, use the up- and down-arrows.
   • To exit without saving changes, click Cancel.

   IMPORTANT:  Login sequences that don't have a method associated with them will not be saved.

Modifying a Login Sequence (Novell iManager)

1. Launch Novell iManager.

2. Authenticate to the eDirectory tree as an administrator or a user with administrative rights.

3. From the Roles and Tasks menu, click NMAS Management > NMAS Login Sequences.

4. Select a login sequence from the Login Sequences drop-down list.

   The Sequence Grade and Login and Post-Login Sequences for the selected method are displayed. All of the available login methods appear in the Available Login and Available Post-Login Methods lists.

5. Select an action:

   • To add or remove login or post-login methods from a sequence, use the left-arrow and right-arrow.

     NOTE:  You must have at least one login method selected in order to have a post-login method selected.

   • To change the sequence order of the login methods, use the up-arrow and down-arrow.
   • To exit without saving changes, click Cancel.

   IMPORTANT:  Login sequences that don't have a method associated with them will not be saved.

Deleting a Login Sequence (ConsoleOne)

1. In ConsoleOne, select the Security container.

2. Right-click the Login Policy container > select Properties.

3. Select the sequence from the Defined Login Sequences drop-down list (Alt+S).

4. Click Delete Sequence.

5. Click Apply or OK.

Deleting a Login Sequence (Novell iManager)

1. Launch Novell iManager.

2. Authenticate to the eDirectory tree as an administrator or a user with administrative rights.

3. From the Roles and Tasks menu, click NMAS Management > NMAS Login Sequences.

4. Select the login sequence you want to delete from the Login Sequences drop-down list > click the Delete (-) button.

5. Click OK > Apply or OK.