Environment
Novell Open Enterprise Server (Linux based)
Situation
With Quickfinder authentication enabled, search results do not
include all files the user has rights to.
Resolution
If you do not see the files you think you should see after
authentication, check the following:
The user must be LUM enabled (You do this through iManager -
look for Linux User Management and enable the user object as a LUM
user).
The server that is running QuickFinder has
a Unix Workstation object. This object should be a
member of the LUM enabled Group created for the user.
Use iManager and view the group membership of the user object used
to authenticate. Now edit the LUM group the user is a member
of and add the Quickfinder servers Unix Workstation Object to the
membership list.
By default QF handles rights "by Directory", which means the
user must have read rights at the parent directory where the files
are located.
Additional Information
Let's summarize the way QuickFinder handles rights and this may
give us better understanding what is wrong. By default QF
handles rights "by Directory", which means QF does not check rights
for every file (by default). When a search is done, QF strips
the filename and checks if the user has read rights to that
directory. The result of that is then cached for the rest of
the search query. Any other file from that directory will get
the same result (has or has not rights to read). This is done to
limit the number of times QF asks the OS if a user has rights to a
file.
Checking rights by directory can be turned off. This will make QF ask if a user has read rights for every file. This is a bit slower but rights can be managed at a more granule level. In the QF admin on the left nav is "Security">"Check authorization by directory". Turn this option off.
To make a long story short, Is it possible that the "normal" users don't have read rights to the directory just to individual files and that is why you don't see the files in the results. Turn"Check authorization by directory" off and check the results?
Checking rights by directory can be turned off. This will make QF ask if a user has read rights for every file. This is a bit slower but rights can be managed at a more granule level. In the QF admin on the left nav is "Security">"Check authorization by directory". Turn this option off.
To make a long story short, Is it possible that the "normal" users don't have read rights to the directory just to individual files and that is why you don't see the files in the results. Turn"Check authorization by directory" off and check the results?