Managing LUNA with the Administrator Tools

Owned by Luna
Last updated: Aug 30, 2012Version comment
7 min read

Introduction

The Administrator tools have been enhanced to incorporate tasks for managing the LUNA application and configuration.
In the Administrator Tools you can:

  • Manage user rights
  • Manage Credentials
  • Manage IP range access privileges
  • See what collections LUNA has loaded
  • Manage the LUNA Application Configuration
  • Manage the Collection Properties
  • Place the LUNA Application into maintenance mode


Managing User Rights and Access Privileges


Before defining how to manage users and their privileges, you need to understand what options exist and how they are integrated with current Insight User Management.
If you have been working with Insight, then you should be familiar with how Insight grants access to collections. LUNA can work with existing Insight authenticators to grant your users access to your collections.
During your installation, you were asked for your User Manager's address. If you are using the default Insight User Manager to grant access to your collections, then you do not need to do anymore work to allow your users access to collections in LUNA.
LUNA also has several other authenticators that can be used to grant access to your Collection resources.

  • LUNA self registration and user management
  • Integrate with Active Directory LDAP
  • Authenticate via LDAP


LUNA Self Registration


During the install process you were given the option to let users self register in LUNA. If you selected this option you will see the Register option at the top of the LUNA application.

This allows the user to create and manage their own account in LUNA. Once registered, the user will be granted the default privileges defined in the default Credential.

Integrate with Active Directory Using Kerberos and LDAP

As with Insight, LUNA can be integrated with Active Directory to grant access to your Collections.
To configure LUNA with your Active Directory server, you will need to contact our support department for instructions on your specific configuration lunasupport@lunaimaging.com. This document does not go into the configuration details of Active Directory integration.

Integrate with LDAP

As with Insight, LUNA can be integrated with LDAP to authenticate your users and grant them access to your collections.
To configure LUNA with your LDAP server, you will need to contact our support department for instructions on your specific configuration lunasupport@lunaimaging.com. This document does not go into the configuration details of LDAP.

Advantages of LUNA Authentication Methods Not Available in Insight Java Client


LUNA authentication has been designed to be more flexible to allow for future authentication methods and to allow for mixed authentication methods to be used.
LUNA can be configured to use more than one authentication method in your environment. LUNA can be setup to step through any number of authenticators. For example:

  • You can have LUNA access the Insight User Manager and also allow for LUNA self registration.
  • You can have an LDAP server authenticate and use the Insight User Manager to grant access to individuals who are not in your LDAP server.


There are many ways LUNA can be configured. Please contact lunasupport@lunaimaging.com for any questions you might have.

LUNA's Escalating Collection Access

LUNA has also been designed to grant increasing access as a user passes certain conditions.
At your institution you may want to do the following:

  • Level 1 anonymous user - off site but you still want to make some of your collections accessible.
  • Level 2 (within a lager block of IP's) – on site privileged collections are accessible.
  • Level 3 (within a restricted block of IP's) – on site but in a particular area where the user is granted access to restricted collections.
  • Level 4 (logged in to LUNA) - granted access to even more collections with the ability to export.


This is a very flexible system and can meet many needs for granting varied collection access.

Credentials

Credentials are used to define a set of privileges to selected collections.

There are four Credentials by default in your LUNA application. You are responsible to define what each one of these will be used for. You can create as many Credentials as you want.
With a Credential you can:

  • Define what collections are accessible
  • Indicate if exporting will be allowed (this includes media and presentation exports)
  • Define it as the default (only one allowed)
  • Indicate if the LUNA Commons (publicly shared collections) will be accessible
  • Grant Access to My Uploads
  • Define the My Upload formats that a user can upload to LUNA


Only one credential can be assigned to:

  • An IP Range
  • A User
  • Default (Anonymous User)


  • Run Maintenance Mode twice to load your new Credential settings.



Credential Settings

Credential settings enable collection level control of various privileges.

Max Resolution
Controls avalible viewing resolution
Three options are available: 3, 4 and 5.

  • 3 indicates the user has up to Size 3 access (768 pixels on the long side).
  • 4 indicates the user has up to Size 4 access (1536 pixels on the long side).
  • 5 indicates the user has full access privileges to the images.


Access to LUNA Size 2 and lower (384 pixels on the long side) are automatically assumed, these resolutions are used for the thumbnail images.

Max Export Resolution
Control what resolutions are available for download in the detail view.

LUNA Size

Dimensions

0

– up to 96 pixels on the long side

1

– up to 192 pixels on the long side

2

– up to 384 pixels on the long side

3

– up to 768 pixels on the long side

4

– up to 1536 pixels on the long side

5

– up to 3072 pixels on the long side

6

– up to 6144 pixels on the long side

7

– up to 12288 pixels on the long side

8

– up to 24576 pixels on the long side



Collection Level Annotation
This grants the user the ability to save an annotation that will be accessible to all users for a specified collection.

User Settings

Each user will be assigned a credential.

Users cannot be added from the Admin Tools. Instead, they will be created through the following:

  • User Self Registration (passwords will display in Admin Tools)
  • Automatically migrated from the Insight User Manager on first login (passwords never copied)
  • From Active Directory (passwords never copied)
  • From LDAP (passwords never copied)




Each authenticator will add its own user and each user is granted the default Credential. You can reassign a Credential to a user at any time.
If you are using the Insight User Manager to get access to your collections, you will receive access to all collections you had access to in Insight.

IP Ranges

IP Ranges are another way of assigning Credential level privileges. You can set up IP ranges to grant access to specific areas and access to specific content.

  • Run Maintenance Mode twice to reload your new settings. Also to test make sure you quit all browsers on the tested system then test your access change


Media Collections

Media Collections shows you which collections have been added to LUNA.

Extended Collection Properties

Extended Collection Properties are provided to allow you to make changes your collections.

Extended Collection Properties will allow you to do the following:

  • Set the Media Group that is used for your Featured Media on your Collections Page. This will allow the end user to see a selected set of media for the specified collection.
    • To use this option, first make a Media Group in LUNA then select the group in the drop down menu (Must be public and not password protected).


  • Redefine the collection's Introduction Text (this text is automatically pulled from your Insight Collection and may not need to be updated). However you can modify your collection description using Insight Studio and include hyperlink anchor tags. If you want the links to be a specific color or look, style them in the anchor tag (may not display in the Insight client).

For example
<a style="color:white;" href="http://www.lunaimaging.com/">Luna Imaging</a>

  • Change the Header Graphic URL. This Graphic must be exactly 754 x 65 pixels and be available from any browser accessing the collection.


  • Indicate what theme will be used by your collection. At the time of this release, only "default" is available. In the future other themes that will define the entire color scheme of the application will be available to set. If you would like to participate in defining Themes, please contact Luna's support department lunasupport@lunaimaging.com.



Defaults for Multi Collection Access

Collection ID -1 is the default used for any user accessing more than one collection.

This is a very important graphic and will be used to give identity to your institution. Many times default access will be to more than one collection and you will want to have your institution's identity defined here.

All Collections Feature Media Group

As of LUNA 6.2.2 you can set a Featured Media Group for the "All Collections" option. This is a special Collection ID in the Extended Collection Properties section of the LUNA Manager.
This option will show this group in the featured Media panel of the Collections page

Deleting a Collection from LUNA

Deleting a Collection from LUNA is done in a few steps.

  1. Delete the collection from the Admin Tools.

  1. Run the Merge and Load task
    1. This will remove the content from the search Index.
    2. Your LUNA system will not work properly unless you do this step.
  2. Restart your Jboss or tomcat service


Deleting a User from LUNA

Deleting a User from LUNA is done the following way.
NOTE: Before you delete the user, Note the ID associated with that user.
Select the User in the Admin Tools and right click and select delete.

Once you delete the user, All Media Groups and Presentations that the user owned will be orphaned.
Open the Presentation or Media Group folder in the Admin Tools and locate any item that was owned by the User you just deleted and change the ID to another User's ID who you would like to pass ownership to. After you finish, run the Maintenance Mode twice.

Application Configuration

Application Configuration allows you to set various characteristics of LUNA.


During the installation process these settings were defined. If you need to make modifications to any of these properties, be aware that it will affect how LUNA functions. If you are unsure of what a particular setting is for, do not change it without first contacting Luna support for an explanation of the setting.
Making any change most likely will require the application to be restarted.

Maintenance Mode

On occasion you will want to put the application into a maintenance mode.

Maintenance Mode can also be used to reload User and Credential Settings. To trigger Maintenance Mode send one request, then send a second to take the system out of Maintenance Mode and reload your settings.

Admin Accounts

Used to control access to the Admin Tools console.

Like in User Manager and Collection Manager sections of the Administrator Tools, The LUNA Manager also has Admin Accounts. These accounts grant access to the Admin Tools.
Server Admin Permissions grants access to perform actions in the Admin Tools.
Account Admin Permissions grants access to create and manage Admin Accounts.