Connections (--conntype)

Objects with this attribute

Usage

Object Manager Connections Create as many connection type specifications as you need, using the New and Delete buttons. Order them using the arrows.
Command line --conntype type_spec... Replace type_spec with a connection type specification of the form client:server:type. For example, 192.168.5.*:*:STD. Separate each type_spec with the "pipe" character, "|".

Description

This attribute defines, for ranges of DNS names or IP addresses, the connections that are allowed between the client device and the Tarantella server.

When a user logs in to a Tarantella server, the DNS names and IP addresses of the client device and the Tarantella server are used to determine the type of connection. First, the Connections attribute for that user's person object is checked. If there's no matching entry, the parent organizational unit's Connections attribute is checked, and so on up the organizational hierarchy to the organization object.

If there's no matching entry for the organization object, the user is given the best available connection.

Any connection may be denied if there is doubt over its validity, for example if a problem with a web browser means the incorrect TCP port is used for the connection.

Processing of connection types is turned off by default, which lets users log in more quickly. You can turn on processing of connection types on the Security panel of Array Manager.

The Connections attribute is an ordered list of connection type specifications. Each specification names:

In all cases, DNS names or IP addresses are considered from the perspective of the Tarantella server (they are peer DNS names and IP addresses). If your network is configured to use different names on each side of a firewall, you must use the names on the side of the Tarantella servers for this attribute.

These connection types are available:

Object ManagerCommand lineNotes
StandardSTD
  • Always available.
SecureSSL
  • Gives users a secure, SSL-based connection between their client device and the Tarantella server.
  • Only available if the Tarantella Security Pack is installed and running on the Tarantella server. If not, users configured to receive secure connections are given standard connections instead.
DenyDENY
  • Denies users access to the Tarantella server.
  • Always available.

Note If the Tarantella Security Pack is installed and running on the Tarantella server, all connections are secure until the user logs in. Once the user is known, the connection may be downgraded or denied.

Examples

--conntype '192.168.5.*:*:SSL|*:*:STD'

For a person object, means the user is given a secure connection to all Tarantella servers if the client device has an IP address that starts 192.168.5, and a standard connection for all other client devices.

For an organizational unit or an organization object, these connection type specifications would be used only if no match was found for the client device and Tarantella server in the person object's Connections attribute.

Related topics
  • Security and Tarantella
  • What is the Tarantella Security Pack?
  • Security properties (array-wide)
  • Security properties (server-specific)
  • How do I tell what connection type a user gets?