Administration Guide 1.0.3

Owned by Don DaRe
Last updated: Jan 20, 2014 by Richard Matheson (Unlicensed)
21 min read

About this Guide

What this Guide Contains

The Athena Administration Guide provides information about:

  • Configuration for Athena
  • Exposing users and groups
  • Troubleshooting Athena

This guide is intended for administrators who are already familiar with eDirectory and Active Directory directories and using LDAP queries to access directory data.

Related Documentation

Getting Started

Complete the installation and configuration instructions specified in Installation Guide 1.0.3 

 

  • To access Athena Setup:
    1. http://<Athena server IP or DNS>/main/setup
    2. Login name: admin
    3. Default password: admin

Initial Configuration

Connection Settings

  1. Select Directory Vendor:
    1. AD for Microsoft Active Directory
    2. eDir for Novell eDirectory
    3. Other will default to eDir specific behavior
  2. Specify the Scheme for the LDAP connection
    1. LDAP - Unsecured LDAP access.  The Default port for this is 389.
    2. LDAPS - Secured LDAP access.  The Default port for this is 636.
      1. If you select LDAPS, Athena will display the certificate info is has stored.  You may either click Get Server Certificate to retrieve the certificate from the server specified by Host and Port or you can click Choose to upload a certificate.
  3. Host
    This is the Host IP Address or Server Name of the target LDAP server.
  4. Port
    This is the port Athena will use to access the LDAP server.  Consult your LDAP administrator to determine which port the LDAP server uses.
  5. Once you have set the fields, click Validate Connection

  6. Set the Service Account Settings

    1. Enter the username for the Principal account you want to use
      1. If you have set your directory type to eDir, this is a DN.  

      2. If you have selected AD it can be either a DN or a User Principal Name

         

        NOTE

        The Service Account specified by Principal MUST have administrative rights to the directory.

    2. Enter the credentials (password) for the Principal user
    3. Click Save

  7. Review Main Attributes.  You may change the default mappings for any of the default Main attributes.  

    NOTE

    The attribute you map to User Login ID must contain a unique name. If the values of cn in your directory tree are only unique on a per-container basis, and your search contexts search multiple containers it is possible that Athena will encounter multiple search results when trying to resolve the specified user name during the login process. Ambiguous naming on login will cause Athena to throw an error that it can't resolve the user. Please ensure the naming values in the attribute you map to User Login ID are unique.

  8. To edit an attribute see Managing Required Attributes to learn how to manage the required attributes.
  9. Click Next .
  10. Specify the search contexts for Users. 
  11. Click on the arrow next to the folder icon to expand the directory tree view.
  12. Browse the tree and Ctrl-click on each folder to be included in the search contexts.
  13. Click Next
  14. Select a search scope for the context.
  15. Click Next
  16. If you have defined multiple search contexts, you may change the order in which they are searched.
  17. Add Group Search contexts, set the scope and search order.
  18. Click Next
  1. Click OK

Athena General Configuration

This option is used to configure security roles and attributes which apply across the Athena Framework and modules

To access Athena Configuration:

  1. From your web browser type: http://<Athena server IP or DNS>/main/configuration
  2. Login name: admin
    Default password: admin


Licensing Athena

  1. Click Check Licensing Status
    1. If you have not uploaded a license, or if your license is not valid Athena will display the following screen.

    2. If the license if valid Athena will display a screen similar to the one below.

    3. Click OK to return to Athena Configuration

Security Roles

About Roles

Athena Security Roles are required for creating roles, assigning users to a role and user access.  All users accessing Athena must belong to a role. No security roles exist after the initial deployment of Athena and the roles must be created and populated using the admin user created during the deployment phase.  Additional roles will be needed to add users and control directory access.

The Security Roles section of the screen serves two functional purposes.  First, you may define security roles by clicking the Add Roles button.  A role consists of a Name, a Description, and a set of users to which the role applies.   You may specify a set of directory contexts, groups and even specific users to which a role applies.  The set of users will be populated by the union of all users found within the directory contexts, groups and specific user objects selected.  Once roles have been defined, you can associate them with each of the modules configured for Athena and apply permissions based on the roles.  This is the second function of the Security Roles section of the screen.

Managing Default Roles

Athena is pre-configured with two default Security Roles.  

  • Admin Role
  • Basic User Role

These Security Roles have default permissions for each of the modules associated with them.  Once a set of users, groups and directory containers have been assigned to these Security Roles, Athena is ready for use.  See Managing Roles to learn how to assign users, groups or directory containers to each of these roles.  

Creating Roles

To create a new role:

  1. Using a web browser use the url: http://<Athena server IP or DNS>/main/configuration

  2. Login using the admin account created in the deployment section

  3. Now you can add roles.
    1. Click Add Role




    2. Enter the Role Name
    3. Enter the Role Description
    4. Assign users to the Role.  Users can be assigned using any combination of the following:
      1. Using the Pick the contexts tree control, browse to and select any number of directory contexts.  Control-click each context you wish to select.
      2. Search for groups to include
      3. Search for users to include
        1. As you enter a user or group to search for, Athena will search the search contexts defined in Module Configurations | Main | Search Contexts section of this document.  When a match is found Athena will display the information for the user.
        2. Click on the displayed object information to add it to the list of users or groups to which the new role will apply.
        3. When you have finished configuring contexts, groups and users for the role, click Save 

Managing Roles

To modify the set of users to which a roles applies

  1. Using a web browser use the url: http://<Athena server IP or DNS>/main/configuration
  2. Login using a user that has Athena Admin rights
  3. In the Security Roles section
    1. Select a Role
    2. Click the Edit pencil in the Edit column
    3. Edit this list of directory contexts by adding or removing contexts as desired.
    4. Edit the list of groups as desired.  
      1. Delete groups by clicking the X next to the group DN.  
      2. Add groups by typing the name of a desired group found in the defined search contexts.
    5. Edit the list of users as desired
      1. Delete users by clicking the X next to the user's DN
      2. Add users by typing the name of the desired user found in the defined search contexts.

Configuring Modules for the Athena Framework

About Module Configuration

The Athena framework provides a scheme to enable modules to manage the sets of Permissions, Attributes, Search Contexts and Filters they use.  Modules can inherit from the sets defined for the Main module, or can require specific sets to be configured.

Managing Permissions

Permissions are assigned to a defined role and will be enforced for all members of that role.  This allows for each role to have different Search permissions for ease of administration.  Permissions control access to specific modules, groups, users and their attributes within Athena.  

Each module requires some base permissions

  • Administrative roles require Access and Configure
  • User roles at minimum require Access

The Access permission is named slightly differently from module to module.   For instance, for the My Profile module, the Access permission is named Access user profile module.   

To manage permissions for a module

  1. Select the tab for the desired module.
  2. Click on the arrow to the left of the Permissions section to expand the module's permissions.
  3. Click the Edit pencil icon on the right of the security role for which you wish to edit the permissions list.
  4. Select the permissions to enable for the selected Security Role.  In some instances, the list of permissions can be very long.  You can narrow the set of permissions displayed by typing search terms next to the magnifying glass icon.  As you type the list of permissions will be narrowed.
  5. When you are finished specifying permissions for the selected security role:
    1. Click the checkmark icon to save your changes
      or
    2. Click the X to cancel your changes.

Managing Attributes

Modules can view and interact with a set of attributes for users and groups.  The set of attributes can be managed using the Attributes section.  The Required Attributes section lists attributes which a module requires.  Note that the attribute names shown in Required Attributes are namespace specific to the target directory.  It is possible to edit the attributes's Name or OID value to map it to a different attribute in the target directory if necessary.

Additional attributes can be added for each module.  

Viewing Attributes

  1. With the desired module tab selected, expand the Attributes section

Managing Required Attributes

  1. To edit the Name or OID value for an attribute in Required Attributes click on the Edit pencil icon to the right of the desired attribute
  2. Edit the Name or OID field.
  3. Click the checkmark to save your changes
    or
  4. click the X to cancel your change.

Adding Optional Attributes

  1. To add an optional attribute, click on Add Attribute.  A new empty row appears in the Optional Attributes section.

Editing Optional Attributes

  1. Click on the Edit pencil icon to the right side of the attribute to edit.
  2. The attribute being edited will be shown in a grey background.
  3. Edit the fields
    1. Label
    2. Description
    3. Name or OID
    4. Type
  4. Click the checkmark to save your changes
    or
  5. Click the X to cancel your changes.

Deleting Optional Attributes

  1. Click on the Remove trash can icon to the right side of the attribute to delete.

Managing Search Contexts  

Search contexts are defined in the Main module for user and group objects and will be used by the other modules.  Setting the search context defines where in the directory objects searches will begin.

  1. Expand the Search Contexts section
  2. Click the Edit pencil button to edit the Group Search Base
  3. Select the directory context you wish to use for Groups and click Next  
  4. Select a scope for the context.  Click Next
  5. You can specify multiple search contexts.  If necessary, reorder the contexts.  Click Save
  6. Repeat steps 1 through 5 as many times as necessary to set the desired groups search contexts.
  7. Click on the Edit pencil for Users and then repeat steps 2 through 5 as many times as necessary to set the desired user search contexts.

Managing Filters

Athena uses LDAP to access the target directory.  Filters are used to make LDAP queries more specific, thus limiting the amount of data returned for a query based on a Search request.  The use of filters improve performance and scalability.  Filters are defined in LDAP syntax.  To learn more about LDAP filters see http://tools.ietf.org/html/rfc4515.

 

To manage filters

  1. Click the arrow to the left of Filters to expand the list of defined filters


  2. Click the text in the cell in the Value column that you wish to edit. 
  3. An In-place editor will open, allowing you to edit the filter text
    1. Add the LDAP filter
    2. For example for User class:
      1. (&(objectClass=organizationalPerson)(|(userPrincipalName={0}*)(displayName={0}*)(mail={0}*)))
    3. For Group class:
      1. (&(objectClass=group)(|(name={0}*)(cn={0}*)))
  4. Click the check mark to save the filter, or the X on the far right to cancel the changes.

Module Specific Configuration

Main

Permissions


To Manage the permissions for the Main module, see Managing Permissions

PermissionDescription
Configuration PermissionWhen checked, this permission allows users with the associated role to configure the module.
Access Main ModuleWhen checked, this permission allows users with the associated role to use the module.

 

The Main module requires some base permissions

  • Administrative roles require Access Main Module and Configure Permission
  • User roles at minimum require Access Main Module

 

Attributes

The Main module comes pre-configured with a set of attributes needed for the module to operate.  You may wish to map one of those attributes to a different schema element.   See Managing Attributes for an explaination of how to edit required attributes.

No other attributes are needed by Main.  Adding attributes will have no affect on the functionality or user experience of the module. 

Search Contexts  

Search contexts are defined in the Main module for user and group objects and will be used by the other modules.  Setting the search context defines where in the directory objects searches will begin. See Managing Search Contexts to learn how to manage Search Contexts.

Filters

The Main module uses five defined filters.  

  • Container Search Filter
  • Group Search Filter
  • User Search Filter
  • Object Search Filter
  • Group by Member Search Filter

These filters tell the LDAP server how to search for these specific objects types.  See Managing Filters to learn how to manage these filters.

My Profile 

About My Profile

The My Profile module allows a user to view their attribute values for their object or other users' objects in the target directory.

Configuring My Profile

Permissions

See Managing Permissions to learn how to configure the permissions for My Profile.

PermissionPermission
Access user profile moduleAllows user to access the My Profile module
Configuration PermissionAllows user to configure the My Profile module
Edit all profile attributes on subordinateAllows user to edit all the attributes of a subordinate user
Edit any personal profile attributeAllows user to edit any of their personal profile attributes
Edit any profile attribute on any userAllows user to edit any profile attribute on any user
Edit any profile attribute on othersAllows user to edit any profile attribute on other users
Edit any subordinate's phone numberAllows user to edit any subordinate's phone number
Edit any user's emailAllows user to edit any user's email address
Edit any user's mobileAllows user to edit any user's mobile number
Edit any user's nameAllows user to edit any user's name
Edit any user's optional attributesAllows user to edit any user's optional attributes
Edit any user's phoneAllows user to edit any user's phone number
Edit any users's photoAllows user to edit any users photo
Edit other's email addressAllows user to edit other's email address
Edit other's mobile numberAllows user to edit other's mobile number
Edit other's nameAllows user to edit other's name
Edit other's optional attributesAllows user to edit other's optional attributes
Edit other's phone numberAllows user to edit other's phone number
Edit other's photoAllows user to edit other's photo
Edit personal emailAllows user to edit personal email address
Edit personal nameAllows user to edit personal name
Edit personal optional attributesAllows user to edit personal optional attributes
Edit personal phone numberAllows user to edit personal phone number
Edit personal photoAllows user to edit personal phtoto
Edit subordinate's mobile numberAllows user to edit subordinate's mobile number
Edit subordinate's nameAllows user to edit subordinate's name
Edit subordinate's optional attributesAllows user to edit subordinate's optional attributes
Edit subordinate's photoAllows user to edit subordinate's photo
No limitsAllows user to view and edit their own attributes as well as those for subordinates and others
View all profile attributes on subordinateAllows user to view all profile attributes on subordinate
View any personal profile attributeAllows user to view any personal profile attribute
View any profile attribute on any userAllows user to view any profile attribute on any user
View any profile attribute on othersAllows user to view any profile attribute on others
View any user's emailAllows user to view any user's email address
View any user's mobileAllows user to view any user's mobile number
View any user's nameAllows user to view any user's name
View any user's optional attributesAllows user to view any user's optional attributes
View any user's phoneAllows user to view any user's phone number
View any user's photoAllows user to view any user's photo
View or edit all profile attributes on othersAllows user to view or edit all profile attributes on others
View or edit all profile attributes on subordinateAllows user to view or edit all profile attributes on subordinates
View or edit any personal profile attributeAllows user to view or edit any personal profile attributes
View or edit other's email addressAllows user to view or edit other's email address
View or edit other's mobile numberAllows user to view or edit other's mobile phone number

View or edit other's name

Allows user to view or edit other's name

View or edit other's optional attributes

Allows user to view or edit other's optional attributes

View or edit other's phone number

Allows user to view or edit other's phone number

View or edit other's photo

Allows user to view or edit other's photo

View or edit personal email

Allows user to view or edit personal email

View or edit personal mobile phone number

Allows user to view or edit personal mobile phone number

View or edit personal name

Allows user to view or edit personal name

View or edit personal phone number

Allows user to view or edit phone number

View or edit personal photo

Allows user to view or edit personal photo

View or edit subordinate's email address

Allows user to view or edit subordinate's email address

View or edit Subordinate's mobile number

Allows user to view or edit subordinate's mobile number

View or edit subordinate's name

Allows user to view or edit subordinate's name

View or edit subordinate's optional attributes

Allows user to view or edit subordinate's optional attributes

View or edit subordinate's phone number

Allows user to view or edit subordinate's phone number

View or edit subordinate's photo

Allows user to view or edit subordinate's photo

View other's email address

Allows user to view other's email address

View other's mobile number

Allows user to view other's mobile number

View other's name

Allows user to view other's name

View other's optional attributes

Allows user to view other's optional attributes

View other's phone number

Allows user to view other's phone number

View other's photo

Allows user to view other's photo

View personal email

Allows user to view personal email address

View personal mobile phone number

Allows user to view personal mobile phone number

View personal name

Allows user to view personal name

View personal optional attributes

Allows user to view personal optional attributes

View personal phone number

Allows user to view personal phone number

View subordinate's email address

Allows user to view subordinate's email address

View subordinate's mobile number

Allows user to view subordinate's mobile phone number

View subordinate's name

Allows user to view subordinate's name
View subordinate's optional attributesAllows user to view subordinate's optional attributes
View subordinate's phone numberAllows user to view subordinate's phone number
View subordinate's photoAllows user to view subordinate's photo.

 

Attributes

The My Profile module comes pre-configured with a set of attributes needed for the module to operate.  You may wish to map one of those attributes to a different schema element.   See Managing Attributes for an explaination of how to edit the list of required attributes as well as add optional attributes.

 

Search Contexts

My Profile inherits the search contexts defined for Main.

Filters

My Profile inherits the filters defined for Main.


About Search

The Search module allows a user to search for a users or groups in the directory.  Once the search is completed the user can select individual search results.  User objects will be opened in the My Profile module.  Groups will be opened in a view from the Manage Groups module. 

Configuring Search

Permissions

To Manage the permissions for the Search module, see Managing Permissions

PermissionDescription
Configuration PermissionWhen checked, this permission allows users with the associated role to configure the module.
Access Main ModuleWhen checked, this permission allows users with the associated role to use the module.

 

The Search module requires some base permissions

  • Administrative roles require Access Search Module and Configure Permission
  • User roles at minimum require Access Search Module

Because the results returned by the Search module are viewed in the My Profile module, no other permissions are needed for Search.

Attributes

Because the results returned by the Search module are viewed in the My Profile module, no attributes are needed for Search. 

 

Search Contexts

Search contexts are defined in the Main module for user and group class objects.  Those search contexts are used by the Search module.  See Managing Search Contexts to learn about setting search contexts.

Filters

The Search module uses two defined filters.  

  • Group Search Filter
  • User Search Filter

These filters tell the LDAP server how to search for these specific objects types.  See Managing Filters to learn how to manage these filters.

Password Self-Service

About Password Self-Service

The Password Self-Service allows a user to change their own password, as well as subordinate users and other users' passwords based on their permissions.  A user can also set and manage password challenge questions.

Configuring Password Self-Service

Permissions

To Manage the permissions for the Password Self Service module, see Managing Permissions

PermissionDescription
Access Password ModuleAllows users with the associated role to use the module.
Configure Password ModuleAllows users with the associated role to configure the module.
Change any user's passwordAllows user to change any user's password
Change other user's passwordAllows user to change other user's password
Change own passwordAllows user to change their own password
Change subordinate user's passwordAllows user to change a subordinate user's password

 

The Search module requires some base permissions

  • Administrative roles require Access Password Self-service Module and Configure Permission
  • User roles at minimum require Access Password Self-service Module

 

Attributes

The Password Self Service module comes pre-configured with a set of attributes needed for the module to operate.  You may wish to map one of those attributes to a different schema element.   See Managing Attributes for an explanation of how to edit the list of required attributes as well as add optional attributes.

 

Search Contexts

My Profile inherits the search contexts defined for Main.

Filters

My Profile inherits the filters defined for Main.

Account Sponsorship 

Account Sponsorship moves creating accounts from the directory to a simple browser interface that uses account templates created by the Athena administrator that can be assigned to users.

About Account Sponsorship

Account Sponsorship does the following

  • Use templates to create accounts
  • Administrator can define create account templates to match account requirements
  • Assign users to create account templates that match the required account
  • Simplify management of account creation

Configuring Account Sponsorship

Permissions

To Manage the permissions for the Account Sponsorship module, see Managing Permissions

PermissionDescription
Configuration PermissionWhen checked, this permission allows users with the associated role to configure the module.
Access Accounts ModuleWhen checked, this permission allows users with the associated role to use the module.

 

The Account Sponsorship module requires some base permissions

  • Administrative roles require Access Accounts Module and Configure Permission
  • User roles at minimum require Access Accounts Module

Because the results returned by the Search module are viewed in the My Profile module, no other permissions are needed for Search.

Attributes

The Account Sponsorship module comes pre-configured with a set of attributes needed for the module to operate.  You may wish to map one of those attributes to a different schema element.  See Managing Attributes for an explaination of how to edit the list of required attributes as well as add optional attributes.. 

 

Search Contexts

Search contexts are defined in the Main module for user and group class objects.  Those search contexts are used by the Search module.  See Managing Search Contexts to learn about setting search contexts.

Filters

The Search module uses two defined filters.  

  • Group Search Filter
  • User Search Filter

These filters tell the LDAP server how to search for these specific objects types.  See Managing Filters to learn how to manage these filters.

Manage Groups

Permissions


To Manage the permissions for the Main module, see Managing Permissions

PermissionDescription
Access Groups ModuleWhen checked, this permission allows users with the associated role to use the module.
Configuration PermissionWhen checked, this permission allows users with the associated role to configure the module.
Allow Group CreationAllows user to create groups
Allow Owners to Add MembersAllows user to add members to groups of which they are owners
Allow Owners to Edit DescriptionAllows user to edit the description of groups of which they are owners
Allow Owners to Add/Remove OwnersAllows user to add or remove owners to groups of which they are owners
Allow Owners to Remove MembersAllows user to remove members to groups of which they are owners
Allow Owners to Rename GroupsAllows user to rename groups of which they are owners

 

The Main module requires some base permissions

  • Administrative roles require Access Groups Module and Configuration Permission
  • User roles at minimum require Access Groups Module

Attributes

The Manage Groups module comes pre-configured with a set of attributes needed for the module to operate.  You may wish to map one of those attributes to a different schema element.  See Managing Attributes for an explaination of how to edit the list of required attributes as well as add optional attributes.

Search Contexts  

Search contexts are defined in the Main module for user and group objects and will be used by the other modules.  Setting the search context defines where in the directory objects searches will begin. See Managing Search Contexts to learn how to manage Search Contexts.

Filters

The Main module uses five defined filters.  

  • Group Owned by User Filter
  • Owned Groups with Selected Member Filter
  • Group by Member Filter

These filters tell the LDAP server how to search for these specific objects types.  See Managing Filters to learn how to manage these filters.

Administering Modules

About Module Administration

Each module loaded in the Athena framework may need module specific administration.  If the currently authenticated user has administrative rights the administrative tools will be displayed in the main view.  The user can click on any of the module administration tools to administer the options for that module.  

Main

Selecting the Main administration module will invoke the interface described in Main.

My Profile


Use the My Profile module administration tool to select which credentials Athena should use when interacting with a user's profile data, as well as to set options regarding a user's profile picture.

  • Select User to perform user edits using the credentials of the currently authenticated user.  Select Service to perform user edits as the Athena service account.
  • Drag the slider to set the maximum uploaded profile picture size.  The maximum picture size is 1024 KBytes.
  • Click the checkboxes to enable various file extensions to allow for profile pictures.
  • Click Save to save the changes.
  • Click Main to return to the main screen.

 

Search

Use the Search module administration tool to select which credentials Athena should use when performing searches and to determine search size limits.

 

  • Select User to perform edits using the credentials of the currently authenticated user.  Select Service to perform user edits as the Athena service account.
  • To search without limiting the result set size, leave the Limit the search result set size checkbox unchecked.
  • To limit the search result set size, check the Limit the search result set size checkbox.

  • Once the Limit the search result set size checkbox is checked, a control to set the limit size will be displayed.
  • Click Save to save your changes.  
  • Click Main to return to the main screen.

Passwords

Use the Passwords module administration tool to configure the password policy for password complexity.  

 

  • Drag the slider to set the minimum password length.
  • Check the checkboxes for desired password requirements.
    • Require lowercase characters.
    • Require uppercase characters.
    • Require numeric characters.
    • Require special characters.
    • Prompt users to answer recovery questions on login.
    • Require users to answer recovery questions on login.
  • Click Save to save changes.
  • Click Home to return to the main screen.

Account Sponsorship

Use the Account Sponsorship module administrative tool to set an acceptable use policy, define sponsorship templates, and view sponsored account information.

Defining an Acceptable Use Policy

  • To set a default Acceptable Use Policy, simply type the policy in the Acceptable Use Policy edit control.
  • Click Save below the edit control to save the policy. 

Creating Account Templates

  • To create a new Account Template, click New.
  • The Account Template Wizard will be displayed.
  • Enter the template Name and Description

  • Click Next
  • On the Attributes tab, select optional attributes to be available in the template.

  • Clicking Add will move an available attribute to the list of Selected Optional Attributes.

  • Click Next

  • On the Required Attributes tab you can select which optional attributes to make required.

  • Click Add to move an Available Optional Attribute to the list of Required Optional Attributes.  

    Available Optional Attributes may be populated when creating a new sponsored account.

    Required Optional Attributes must be populated when creating a new sponsored account.

  • Click Next
  • On the Username Policy tab select a naming method for new users.

  • Select a naming method from the dropdown list.
  • Click Next
  • On the Container tab browse to a container to hold sponsored accounts.

  • Click on the desired container.
  • Click Next
  • On the Validity Period tab specify the number of days until the Sponsored Account expires.

  • Drag the slider to specify the number of days desired.
  • Click Next
  • On the Acceptable Use Policy tab enter the Acceptable Use Policy for this template.

  • Click Save

Viewing Account Template Details

  • All defined Account Templates are listed in the Templates section.
  • To view the details of a template, click on the arrow symbol on the far left of the desired row.

  • Hide the template details by clicking on the arrow icon again.

Editing an Account Template

  • To edit an Account Template, click on the pencil icon on the far right side of the row containing the desired Account Template.  This launches the Account Sponsorship Template Wizard.

Deleting an Account Template

  • To delete an Account Template, click on the garbage can icon on the far right side of the row containing the Account Template to delete.
  • Athena will display the details of the Account Sponsorship Template to delete.

  • Click Yes to delete the template or No to keep the template.

Manage Groups

Use the Manage Groups module administrative tool to enable group creation, group name uniqueness, and where Athena will create groups.

 

  • To allow Group Management to create groups, check the Allow creation of groups checkbox.
  • To have Athena test to make sure group names are unique across all containers, check the Test new group names for global uniqueness checkbox.

  • Add contexts where groups can be created by browsing the tree control.
  • Select the desired container.

  • Click Add Context to add the selected context to the list of Allowed Creation Contexts.

  • To remove a context from the list of Allowed Creation Contexts click the Remove button to the right of the desired context.
  • To save any changes made to Group Management Options, click Save.

Troubleshooting

About Troubleshooting

Troubleshooting Logs

Common Issues

Nullpointer Error

Appendix A

Appendix B

Appendix C

 

View subordinate's name