Novell Open Enterprise Server (OES) Support Pack 2
Linux User Management (LUM)
Installed LUM on several servers, and it is not working.
This document uses Novell iManager to browse the tree and
verify that objects are Present. You can browse the tree in
Novell iManager by selecting the View Objects button at the top of
iManager. You can modify (or view the objects
properties) by right clicking on the object and selecting Modify
When you want to go back to Roles and Tasks view, for Linux
User Managment, select the button just to the left. If you do
not have the Linux User Management option in iManager, it will be
necessary to get the plugin from https://download.novell.com
by searching on the product Linux User Management. Then
install it into iManager.
1. Verify the Unix Workstation object exists for the
Linux Server. It should be at the same context where the
Server object resides, with the name Unix Workstation - Server
Name. Verify that it has at least the admingroup
in it's membership list.
2. In Novell iManager verify the Unix Config object
exisits in the tree. This location is specified during
install but is typically uner the organization object.
Verify that Linux Workstation Contexts, lists the context(s) where
your Unix Workstation object(s) reside. If the context
of the Linux Workstation Contexts does not specify the corret Unix
Workstation object location for your Unix Workstations, you can
modify this under the General tab and Editing the
3. Go the the admingroup object specified in
step1, and view its membership. It should at least show
the user object you installed LUM with as a member of that
group. If it does not, then LUM enable the user, or if
it gives an error that it is already LUM enabled, then just add the
user as a member of the admingroup.
4. On the Linux server edit the /etc/nam.conf
file. Verify the admin-fdn, specifies an admin user in
eDirectory (in ldap format). Verify that the preferred-server
is an LDAP server, holding a replica of where the admin user
specified exists in the tree, is working and running.
You should test this using an authenticated login with an
ldapbrowser, such as browser282, available off the web.
If you cannot, then you can point the server to another ldap
server by changing the IP address information for the
5. Restart namcd with "rcnamcd restart".
Once it restarts, if there are no errors, type "id admin" (or
the user that was a member of the admingroup above)(NOTE: The
username IS case sensative. This should return
groups=600(admingroup),8(www). You should then be able
to login as admin.
If id admin does not return the above information, or if the
namcd did not start up properly, look at the var/log/messages file
for information. (tail /var/log/messages) A
proper startup of namcd should list the following in the
A common error you may see in the messages file is the
This is a problem with the certificates on the linux
box. You can typically fix this by re-copying the
certificates local. This can be done with the following
command "namconfig -k". You will then need to restart
namcd (rcnamcd restart) and check the messages file file for a
Once the startup is correct and you can do an id admin, seeing
the above information, then try logging in as that admin
user. You should be able to.
6. To lum enable users you to this through Linux User
Management. You can Lum enable individual users or
groups of users. To LUM enable a Group and the users in that
group automatically, you currently need to be launching iManager
from your OES box, have the Linux User Managment plugin version
2.0.120050824 installed and select "
Linux-enable all users in these Groups " while you LUM enable
the group. (FYI: The Linux User Managment plugin version
2.0.120050824 is available with OES, and is not currently
available for direct download)