Index: openacs-4/packages/acs-authentication/www/doc/xml/install.xml
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-authentication/www/doc/xml/install.xml,v
diff -u -r1.2 -r1.3
--- openacs-4/packages/acs-authentication/www/doc/xml/install.xml 14 Oct 2003 09:54:26 -0000 1.2
+++ openacs-4/packages/acs-authentication/www/doc/xml/install.xml 20 Oct 2003 15:44:31 -0000 1.3
@@ -49,13 +49,13 @@
-DUSE_FIONREAD=1 -DHAVE_COND_EINTR=1 -c -o pam_support.o pam_support.c
/bin/rm -f nspam.so
gcc -shared -nostartfiles -o nspam.so nspam.o pam_support.o -lpam
-[root@yourserver nspam]# cp nspam.o /usr/local/aolserver/bin
+[root@yourserver nspam]# make install
[root@yourserver nspam]#
cd /usr/local/src/aolserver
tar xzf /tmp/ns_pam-0.1.tar.gz
cd nspam
make
-cp nspam.so /usr/local/aolserver/bin
+make install
@@ -100,7 +100,13 @@
Debian users: apt-get install libpam-radius-auth
- Set up the PAM domain by creating the file
+ Set up the PAM domain. Recent PAM
+ distributions have a different file for each domain,
+ all in /etc/pam.d.
+ Previous PAM setups put all domain configuration lines
+ into a single file,
+ /etc/pam.conf. On
+ Red Hat, create the file
/etc/pam.d/service0
with these contents:auth sufficient /lib/security/pam_radius_auth.so
@@ -157,25 +163,67 @@
Set Authentication to PAM.
- If the PAM module contains a password command, you can set Password Management to PAM. If not, the PAM module cannot change the user's password and you should leave this option Disabled.
+ If the PAM domain defines a password command, you can set Password Management to PAM. If not, the PAM module cannot change the user's password and you should leave this option Disabled.Leave Account Registration disabed.
- Set Batch sync enabled to Yes. Set GetDocumentImplementation to HTTP GET. Set ProcessDocumentImplementation to IMS Enterprise 1.1. These settings will cause OpenACS to attempt to retrieve via HTTP a list of users in XML format from a location we will specify in a few steps.
+ Configure Batch Synchronization
+
+
+
+
+
+
+
+ Installing LDAP support
+ ...
+
+
+
+ Installing AOLserver LDAP support
+ Forthcoming. (more information)
+
+
+
+
+ Install auth-ldap OpenACS service package
+ Installauth-ldap and restart the server.
+
+
+
+
+
+
+ Configure Batch Synchronization
+
+ Browse to the authentication administration page,
+ http://yourserver/acs-admin/auth/
+ and choose an authority for batch sync.
+
+
+ Set Batch sync enabled to Yes. Set GetDocument
+ Implementation to HTTP GET. Set ProcessDocument Implementation to IMS Enterprise 1.1. These settings will cause OpenACS to attempt to retrieve via HTTP a list of users in XML format from a location we will specify in a few steps.
+
+ Click OK.On the next page, click Configure on the GetDocument Implementation line.
- Enter the IncrementalURL and SnapshotURL. These are the URLs which the external Authority will supply with XML files in IMS Enterprise 1.1 format.
+ Enter either or both the IncrementalURL and SnapshotURL. These are the URLs which the external Authority will supply with XML files in IMS Enterprise 1.1 format.
- Configure your Authority (RADIUS server, etc) to supply XML files to the URLs IncrementalURL and SnapshotURL
+ Configure your Authority (RADIUS server, etc) to
+ supply XML files to the URLs IncrementalURL and
+ SnapshotURL. A typical set of incremental file record
+ looks like:
<enterprise>
<person recstatus = "1"> added person
@@ -198,31 +246,30 @@
</sourcedid>
</person>
</enterprise>
+ A snapshot file is similar but doesn't have recstatus,
+ since it's not a delta but a list of valid records.
+
+
+<enterprise>
+ <person>
+ <sourcedid>
+ <id>[username]</id>
+ </sourcedid>
+ <name>
+ <family>[last_name]</family>
+ <given>[first_names]</given>
+ </name>
+ <email>[email]</email>
+ <url>[homepage_url]</url>
+ </person>
+ ...
+</enterprise>
+(More information: , The IMS 1.1 spec)
-
-
-
-
-
-
- Installing LDAP support
- ...
-
-
-
- Installing AOLserver LDAP support
- Forthcoming. (more information)
-
-
-
-
- Install auth-ldap OpenACS service package
- Installauth-ldap and restart the server.
-
-
+
+
($Id$)