Assignment  7 Chapter 7

Managing eDirectory Security

***Activities that are done in the lab.

 ***Activity 7-1 Making User Trustee Assignments using ConsoleOne

On the Lab workstation-login and start ConsoleOne- expand the directory tree to locate yourlastnamecorp. Right click yourlastnamecorp-properties-NDS rights to display the trustees of the yourlastnamecorp OU. Click Add Trustee-browse for and click  userlastname –then click OK to open the Rights assigned to selected objects. Click all the rights except Supervisor-Print Screen. Click the All Attributes Rights in the Property section-click all the rights for the attributes except supervisory-Print Screen-OK.

 Activity 7-2 Making Group Trustee Assignments using iManager

Login using iManager-  Scroll under the Role and Task pane and expand the Rights heading.  Click Modify Trustees-click the Object Selector button and browse for yourlastnamecorp- (make sure your lastnamecorp is in the Object Name -click OK. Click Add Trustee and browse for and select the ITmgrs-click OK. Clicked the Assigned Rights link next to ITMgrs and click all the Entry and Attributes rights except Supervisor-Print Screen-click Done-OK-OK.

  ***Activity 7-3 Creating a Directory Map Object and Assigning Rights using ConsoleOne

Start ConsoleOne and expand the eDirectory tree. Navigate to yourlastnamecorp –right click New-Object-Directory Map-OK-enter SharedData in the Name text box and browse for the Shared directory in your last name directory in the SYS-Home-click OK-Print Screen(New Directory Map)-click OK. Double click yourlastnamecorp-  Right click the SharedData object(in the right panel)- properties-NDS Rights-Add Trustee-and browse for your userlastname in your lastnamecorp-OK-click the rename and delete check boxes-Print Screen-OK-OK.

Activity 7-5 Using the Inheritable Entry Right using iManager

Login using iManager- Scroll under the Role and Task pane and expand the Rights heading -click Modify Trustees -click the Object Selector button and browse for yourlastnamecorp-ok. Click the Assigned Rights link next to userlastname-click the Supervisor in the Entry Right assignment(if you do not see Entry Right-click the Add Property Button)-Print Screen –click done-ok-ok.

 Activity 7-7 Working with the Inherited Rights Filter using iManager

Scroll under the Role and Task pane and expand the Rights heading -click Modify Inheritable Rights Filter -browse for ITMgrs organizational unit in your lastnamecorp-ok-click Add Property and insure that All Attributes Rights is selected-ok. Click to clear Write and Self-Print Screen-ok-ok.

 

 

 

 

PAGE 2   Assignment 7 Chapter 7

 ***Activity 7-8 Viewing  Trustees of an eDirectory object using NWAdmin

On lab computer log into the server and double click NWAdmn32 icon. Expand the tree to high light yourlastnamecorp-right click your lastnamecorp-click Trustees of this object. High light each trustee and label and record each object right. Log out.

 Activity 7-13 Assigning a Security Equivalent using iManager

Login using iManager- Click the Modify Object link under eDirectory- and browse for userlastname-ok Click the Security tab and browse for any student in the Student container-Print Screen the Equivalent to me-ok Close iManager.