Web User Manager Installation

If the default setting of the Setup Program was accepted, all necessary components to use the Web User Manager should have been installed.

Actually two copies of the application are installed on the server:

• One with "Main Administrator Mode." This mode gives access to any DAF User Database.
• One with "Database Administrator Mode." This mode gives access to only ONE predefined DAF User Database.

However, to use the Web User Manager it is:

• necessary to map a URL to each copy of the application,
• recommended to define an administration password to protect unwanted access to this tool.

Installation Instructions for:

• Main Administrator Mode
• Database Administrator Mode

Regarding NT permission, it is important to check that the Web User Manager has read and write access to the user list. More information available here.

Installation for Main Administrator Mode

1. Map a URL to directory "<daf directory>\asp\main_usermanager." For example: http://www.yourdomain.com/mainuserman
2. Allow ASP execution for this URL
3. With a browser load "http://www.yourdomain.com/mainuserman"
4. 
   The following page should be displayed:

   

   If this page is displayed, DAFTools and the Web User Manager are correctly installed.
   Links in the left frame offer several choices not available with Database Administrator Mode
   (Select Web Host, Set Admin Password, Set DB Password).
    

5. If needed, define a Main Administrator Password with link "Set Admin Password." See section Define Passwords.
6. If needed, define a Database Administrator Password for each database with link "Set DB Password." See section Define Passwords.
7. Installation is over, you may now check page Usage Instruction.

Installation for Database Administrator Mode

1. Map a URL to directory "<daf directory>\asp\db_usermanager." For example: http://www.yourdomain.com/dbuserman
2. Allow ASP execution for this URL
3. If needed, predefine the DAF database to manage.
4. 
   By default, the managed DAF database will be the one attached to the current Web Host or IP address.
   If you wish to define another DAF database, you need to open file DAFCOMMON.INC in directory "<daf directory>\asp\db_usermanager" and set ASP session variable "WebHostToAdmin" with the mapped Web Host:

   session("WebHostToAdmin")= "192.168.1.103,80,www.mydomain.com"
    

5. If no mapped NT user is used, it is possible to set a session variable to prevent the Web User Manager from displaying information and input fields related to a mapped NT user. To do so, open file DAFCOMMON.INC in directory "<daf directory>\asp\db_usermanager" and set ASP session variable "UseMappedNTAccount" to FALSE:

session("UseMappedNTAccount") = FALSE
 

6. With a browser load "http://www.yourdomain.com/dbuserman"
7. 
   The following page should be displayed:

   

   If this page is displayed, DAFTools and the Web User Manager are correctly installed.
   Note the left frame which does not offer several links available with Main Administrator Mode.

1. If needed, define a Database Administrator Password for each database with link "Change DB Password." See section Define Passwords.
2. Installation is over, you may now check page Usage Instruction.

Define Passwords

The Web User Manager can be used with two different modes:

• Main Administrator Mode
• Database Administrator Mode

If Main Administrator Mode is active:

If you plan to use the Web User Manager in Administrator Mode, I strongly recommend you define a Main Administrator login and password.

To define a Main Administrator user

Choose link "Set Main Password."

Remarks:

• Default Main Administrator login is "admin" and default password "" (empty string).
• With Default Main Administrator no password will be required while running the Web User Manager.
• If no login and password are defined, anyone who has access to the Web User Manager will be able to modify any user from any user list.
• Link "Set Main Password" is available only if the application is running in Main Administrator mode.
• When Main Administrator is logged, all requests for any user from any DAF database will be granted.
• Only one Main Administrator can be defined.

To set a Database Security Level

Choose link "Set DB Password."

If Main Administrator is logged (with "Admin Log In"):

• field "DAF Database Name" will contain a drop down list offering all installed DAF databases.
• the old password is NOT required to set a new password.

If Main Administrator is NOT logged:

• A DAF database name must be typed in field "DAF Database Name."
• The old password IS required to set a new password.

If Database Administrator Mode is active:

The Database Administrator Mode is designed to define one password per DAF database, so each DAF database can be safely managed by a different person.

To use the Web User Manager with limited access per database (Database Administrator Mode) it is necessary to define a Main Administrator login and password. If not, Main Administrator permissions will be given by default and any administrator will have access to all databases.
To set a Database Password:

• If the application is running in Main Administrator Mode, select an IP address with link "Select IP" and choose link "Set DB Password" (the current database password IS NOT required).
• If the application is running in Database Administrator Mode, choose link "Set DB Password" (the current database password IS required).

Remarks:

• Only one password can be defined per database.
• "Set DB Password" will set a password for Security Level 3.

About Database Security Levels:

The purpose of a Security Level is to define a password (for each DAF database) which grants or denies execution of DAFTools methods.

Regarding the Web User Manager passwords:

• For Level 3 a password is required to execute "FindUser" "Add User" and "Remove User"
• For Level 2 a password is required to execute "Modify User" (but the user password is needed)

The complete list of Security Levels required attached to each DAFTools method is available at  http://www.dafweb.com/daf30/daftools/daftools_security.htm.

Required NT Permissions

For a text user list or an MS Access file, the NT account used by the Web Manager User to access the user file is the web user. Therefore, if the Web User Manager is not password protected it will be the IIS default user (IUSR_XXXXXX). If the directory is protected, the (mapped) NT user will be used.

Therefore, the used NT user MUST have read and write permissions to the user list. For a local user list (e.g., text file or MS Access file) Full NT Permission should be given to the NT user to access the user list.

Since the Web User Manager offers security features, usually the Web User Manager directory will not be protected and NT permission "IUSR_XXXXX | Read, Write" will be enough.

Last update: Friday, April 02, 1999 08:16