Installing and then publishing the Web interface extensions adds a number of pages and commands to the ActiveRoles Server Web interface, enabling the management of Unix-specific information in Active Directory.
These pages and commands include:
-
Unix Properties on User Account.
View or modify Unix-related properties of a Windows user account.
-
Unix Properties on Group.
View or modify Unix-related properties of a Windows group.
To publish Web interface extensions
-
Start the ActiveRoles Server Web interface in Windows Internet Explorer.
NOTE: The PROD.NAME only works with Internet Explorer.
-
Start Internet Explorer.
-
Navigate to the following URL:
http://<IP Address>/ARWebAdmin
-
At the login screen, enter your user name and password.
-
From the Customization menu on the main page of the ActiveRoles Server Web Interface, choose the Reload option.
NOTE: If you do not see the Customization link on the ActiveRoles Server Web interface on Windows 2008 R2, run the browser with elevated privileges.
You can manage the Unix-specific information for a Windows user account from the ActiveRoles Server Web Interface.
To Unix-enable a user
- Click the Directory Management link on the home page of the ActiveRoles Server.
- From the ActiveRoles Server directory tree, navigate to Active Directory and select the Users folder under your managed domain.
- In the details pane, click a user name link.
- From the drop-down menu, select Unix Properties.
- On the Unix Account tab, select the Unix Enabled option.
-
Modify any of the Unix-related properties.
The UID Number is the unique identifier for a Unix user. Ideally, each Windows user is assigned a unique UID number. By default the Integration Pack generates a unique ID automatically. If you change the User ID, the Integration Pack checks to ensure the specified value is unique among Unix-enabled users.
NOTE: The Primary Group box displays the Domain Name of the group corresponding to the Primary Group ID. You can click Change to browse Unix-enabled groups to find the Primary Group by name.
- Click Save to commit your changes.
To Unix-disable a user
- Click the Directory Management link on the home page of the ActiveRoles Server.
- From the ActiveRoles Server directory tree, navigate to Active Directory and select the Users folder under your managed domain.
- In the details pane, click a user name link.
- From the drop-down menu, select Unix Properties.
- On the Unix Account tab, deselect the Unix Enabled option.
- Click Save to commit your changes.
Unix-disabling a user changes his login shell to bin/false.
After you Unix-disable a user, you may want to clear that user's Unix attributes.
To clear Unix attributes
- Click the Directory Management link on the home page of the ActiveRoles Server.
- From the ActiveRoles Server directory tree, navigate to Active Directory and select the Users folder under your managed domain.
- In the details pane, click a user name link.
- From the drop-down menu, select Unix Properties.
- Clear the text of each Unix-related property and click Save.
NOTE: When you click Save, if there is a Unix property in any of the fields, the Integration Pack makes no changes to the user's Unix properties.