/
Managing LUNA with the Administrator Tools

Managing LUNA with the Administrator Tools

Aug 30, 2012

Introduction

The Administrator tools have been enhanced to incorporate tasks for managing the LUNA application and configuration.
In the Administrator Tools you can:

  • Manage user rights

  • Manage Credentials

  • Manage IP range access privileges

  • See what collections LUNA has loaded

  • Manage the LUNA Application Configuration

  • Manage the Collection Properties

  • Place the LUNA Application into maintenance mode



Managing User Rights and Access Privileges


Before defining how to manage users and their privileges, you need to understand what options exist and how they are integrated with current Insight User Management.
If you have been working with Insight, then you should be familiar with how Insight grants access to collections. LUNA can work with existing Insight authenticators to grant your users access to your collections.
During your installation, you were asked for your User Manager's address. If you are using the default Insight User Manager to grant access to your collections, then you do not need to do anymore work to allow your users access to collections in LUNA.
LUNA also has several other authenticators that can be used to grant access to your Collection resources.

  • LUNA self registration and user management

  • Integrate with Active Directory LDAP

  • Authenticate via LDAP



LUNA Self Registration


During the install process you were given the option to let users self register in LUNA. If you selected this option you will see the Register option at the top of the LUNA application.


This allows the user to create and manage their own account in LUNA. Once registered, the user will be granted the default privileges defined in the default Credential.

Integrate with Active Directory Using Kerberos and LDAP

As with Insight, LUNA can be integrated with Active Directory to grant access to your Collections.
To configure LUNA with your Active Directory server, you will need to contact our support department for instructions on your specific configuration lunasupport@lunaimaging.com. This document does not go into the configuration details of Active Directory integration.

Integrate with LDAP

As with Insight, LUNA can be integrated with LDAP to authenticate your users and grant them access to your collections.
To configure LUNA with your LDAP server, you will need to contact our support department for instructions on your specific configuration lunasupport@lunaimaging.com. This document does not go into the configuration details of LDAP.


Advantages of LUNA Authentication Methods Not Available in Insight Java Client


LUNA authentication has been designed to be more flexible to allow for future authentication methods and to allow for mixed authentication methods to be used.
LUNA can be configured to use more than one authentication method in your environment. LUNA can be setup to step through any number of authenticators. For example:

  • You can have LUNA access the Insight User Manager and also allow for LUNA self registration.

  • You can have an LDAP server authenticate and use the Insight User Manager to grant access to individuals who are not in your LDAP server.


There are many ways LUNA can be configured. Please contact lunasupport@lunaimaging.com for any questions you might have.

LUNA's Escalating Collection Access

LUNA has also been designed to grant increasing access as a user passes certain conditions.
At your institution you may want to do the following:

  • Level 1 anonymous user - off site but you still want to make some of your collections accessible.

  • Level 2 (within a lager block of IP's) – on site privileged collections are accessible.

  • Level 3 (within a restricted block of IP's) – on site but in a particular area where the user is granted access to restricted collections.

  • Level 4 (logged in to LUNA) - granted access to even more collections with the ability to export.


This is a very flexible system and can meet many needs for granting varied collection access.

Credentials

Credentials are used to define a set of privileges to selected collections.


There are four Credentials by default in your LUNA application. You are responsible to define what each one of these will be used for. You can create as many Credentials as you want.
With a Credential you can:

  • Define what collections are accessible

  • Indicate if exporting will be allowed (this includes media and presentation exports)

  • Define it as the default (only one allowed)

  • Indicate if the LUNA Commons (publicly shared collections) will be accessible

  • Grant Access to My Uploads

  • Define the My Upload formats that a user can upload to LUNA