When you install a login or post-login method, you are asked if you want to create a login sequence that uses only the login method you are installing. If you answer yes, a login sequence will be created for you which contains just the one login method.
You can also manually create and manage login sequences. After login and post-login methods are installed, you can view, add, modify, or delete login sequences using ConsoleOne or Novell iManager.
In NMAS, you can set up multiple login and post-login methods per sequence. You must have at least one login method selected to be able to select a post-login method.
When multiple methods are selected for a sequence, they are executed in the order they are listed. Login methods are executed first, then post-login methods.
A login sequence can be an And or an Or sequence. An And sequence is successful if all of the login methods successfully validate the identity of the user. An Or sequence only requires that one of the login methods validate the identity of the user for the login to be successful.
The post-login methods are only executed if the login is successful, irregardless of the And/Or relationship.
After a sequence is created, you can authorize users to use the new sequence to log in to eDirectory.
In ConsoleOne, select the Security container.
Right-click the Login Policy container, then select Properties.
Click New Sequence.
Enter a name for the new login sequence, then click OK to continue.
All available login methods will be listed under Available Login Methods and Available Post-Login Methods.
Select the Sequence Type from the drop-down list.
If you select And, a user must log in using every login method that makes up the login sequence. If you select Or, the user only needs to log in using one of the login methods that makes up the login sequence.
Double-click or use the horizontal arrows to add each method you want to the sequence.
If you are using multiple methods, use the vertical arrows to change the execution order.
The Sequence Grade field displays the grade for the login sequence. For And sequences, the sequence grade is the union of the grades of the login methods. For Or sequences, the sequence grade is the intersection of the method grades.
Click OK when you are finished.
Launch Novell iManager.
Authenticate to the eDirectory tree as an administrator or a user with administrative rights.
From the Roles and Tasks menu, click NMAS Management > NMAS Login Sequences.
Click the Add (+) button and enter a name for the new login sequence, then click OK to continue.
All available login methods will be listed under Available Login Methods and Available Post-Login Methods.
Select the Sequence Type from the drop-down list.
If you select And, a user must log in using every login method that makes up the login sequence. If you select Or, the user only needs to log in using one of the login methods that makes up the login sequence.
Use the horizontal arrows to add each method you want to the sequence.
If you are using multiple methods, use the vertical arrows to change the execution order.
The Sequence Grade field displays the grade for the login sequence. For And sequences, the sequence grade is the union of the grades of the login methods. For Or sequences, the sequence grade is the intersection of the method grades.
Click OK when you are finished.
In ConsoleOne, select the Security container.
Right-click the Login Policy container > select Properties.
Select a login sequence from the Defined Login Sequences drop-down list.
The Sequence Grade and Login and Post-Login Sequences for the selected method are displayed. All of the available login methods appear in the Available Login and Available Post-Login Methods lists.
Select an action:
NOTE: You must have at least one login method selected in order to select a post-login method.
IMPORTANT: Login sequences that don't have a method associated with them will not be saved.
Launch Novell iManager.
Authenticate to the eDirectory tree as an administrator or a user with administrative rights.
From the Roles and Tasks menu, click NMAS Management > NMAS Login Sequences.
Select a login sequence from the Login Sequences drop-down list.
The Sequence Grade and Login and Post-Login Sequences for the selected method are displayed. All of the available login methods appear in the Available Login and Available Post-Login Methods lists.
Select an action:
NOTE: You must have at least one login method selected in order to select a post-login method.
IMPORTANT: Login sequences that don't have a method associated with them will not be saved.
In ConsoleOne, select the Security container.
Right-click the Login Policy container > select Properties.
Select the sequence from the Defined Login Sequences drop-down list (Alt+S).
Click Delete Sequence.
Click Apply or OK.
Launch Novell iManager.
Authenticate to the eDirectory tree as an administrator or a user with administrative rights.
From the Roles and Tasks menu, click NMAS Management > NMAS Login Sequences.
Select the login sequence you want to delete from the Login Sequences drop-down list, then click the Delete (-) button.
Click OK, then Apply or OK.