Setting up accounts/unit directories on www.ucsc.edu
DRAFT
- Description
-
This page describes how accounts are created on the web server.
It also describes how to setup unit groups, and how unit pages are
indexed on the web server.
Note: the procedures described below will change when
www.ucsc.edu will become a Primary Domain Controller (PDC)
for its own groups. When this happens, the www.ucsc.edu
administrator will be able to create new groups, and change who is in
the various groups without compromising the account and group security
of the entire UCSCNT domain.
We use the same username in the UCSCNT domain as in the CATS/Athena
database. This minimizes the possibility of account name collisions,
and will allow us to integrate account management more easily in the
future. For these reasons, all users of www.ucsc.edu will
automatically have a CATS/Athena
account of the same name.
-
Create the user account in the UCSCNT domain.
-
For proper access to the server, web users must be added to various
groups in the UCSCNT domain:
| Group names |
Needed to give... |
| Domain Users |
...Scott? |
| webuser |
...standard set of privileges accorded to all web users on this
machine. |
| unitname |
...read and write privileges in the unit web directory. |
-
Add the user to their unit web authors mailing list via
listmaint on CATS/Athena. The name of list is
unitname-www.
-
Notify the user and the unit web administrator.
-
Create the unit web group in the UCSCNT domain. The group name
corresponds to the abbreviated unit name (e.g. taps, pio).
-
Create the unit web directory in
e:\inetpub\wwwroot\unitname. It should have the
same name as the unit web group created above.
-
Set the permissions for the unit web directory. The permissions of
the directory should be set like this:
| Group names |
Permissions |
Needed to allow... |
| Everyone |
read |
...access to users not logged in as IUSR_JELLYLORUM. |
| jellylorum\IUSR_JELLYLORUM |
read |
...the web server to serve pages. |
| ucscnt\unitname |
change |
...members of the unit to create files and edit them. |
| ucscnt\webadmin |
full |
...web administrators to correct errors. |
| ucscnt\SYSTEM |
full |
...your files to be backed up on a regular basis. |
-
Create the unit web authors mailing list using listmaint in
CATS/Athena. The list name should be: unitname-www.
This lets web authors communicate easily with each other.
-
List the unit in
/afs/cats.ucsc.edu/www/webdir/.adm/webunit.data, and
regenerate the list of unit pages by running webunit.pl
in the same directory.
-
Notify the unit web administrator.
Unit search
-
Create the configuration file unitname.conf in the
e:\inetpub\search\swish directory by copying an existing one,
and changing the few parameters inside the file.
-
Edit the e:\inetpub\script\swish-web.pl script,
and add the name of the unit in two places: in the variables
%MultiIndexLocation and %MultiBaseDirectory.
-
Edit the e:\inetpub\wwwroot\search\swish.html page, and add
the unitname in the select drop box.
The new index file will be created automaticaly that night when the
index updates occur.
Telnet access
Telnet is not generally available on www.ucsc.edu for the
following reasons:
-
MS-Windows NT is not a multiuser OS, so it is not designed to have
multiple user sessions running concurrently. It could adversely affect
the delivery of web pages.
-
Each telnet user requires additional RAM (16MB for telnet itself,
plus some additional amount for each application running within the
telnet session).
-
From a telnet session, all system binaries are potentially exposed,
since they could be executed by anyone who can login.
Because of this, telnet access to www.ucsc.edu will be severely
restricted. The number of simultaneous telnet sessions is limited to
a very small number, and is available by special request only.