Concepts
--------

Envoy supports security on a system by providing a database of users that
are allowed to access services provided by a particular machine.  Usually
each machine will have it's own unique database of users, but the capability
exists for multiple machines to share a central user database.

As with many other operating systems, a "user" is simply an entry in a database
that contains among other things a persons name and password.  Also, Envoy
has the concept of a group, which is a collection of users.

Unlike some systems, every machine using Envoy does not need to have it's own
private list of users and groups.  Only machines that are providing network
services need to have a user and group database.

The core of Envoy security is the Accounts Manager, which runs on each machine
that is exporting services, such as a printer or file system.  The Accounts
Manager is a program that keeps track of all user and group information on a
particular machine.


User Administration
-------------------

Assign and removing users on a system are accomplished using the Configuration
tool named "Users".

The Users tool allows you to add, remove, or change users on a particular
machine.  When it is started, it will ask you to log in.  If this is the
first time you've run the Users tool, you should log in with a user name
of "Admin" with a password of "Admin".  At this point you should probably
change the password for the Admin account.  You may also change then name
of the Admin account if you wish.

If you want to add a user to your machine, click on the Create gadget below
the ListView gadget.  A new account named "NewUser" will be created.  You
can then change then change "NewUser" to anything that you like, as well as
the password.

At the upper right of the User's window there is a string gadget that
may be used to change a user's password.  The password's characters are
replaced with 's to keep users from determining other user's passwords.

Below the password gadget there is a button that will bring up a requester
to allow an administrator to choose the primary group that a user belongs
to.  This is used by things such as the envoy file system to determine
what group a new files created by a user are set to.

On the right side of the window there are also several checkbox gadgets that
allow you to select various things that a user on a particualr system may do.

Administrator Priviledges: Usser with this box checked will be able to add
			   and remove users, change user names, change
			   passwords and change the flags for all other
			   users, including the administrator account.

May Create Groups: Users that have this box checked will be able to create
		   new groups of users using the Groups tool discussed below.

May Change Name: Users that have this box checked will be able to change
                 their account names, provided that there are no other accounts
                 with the same name.

May Change Password: Users that have this box checked will be able to change
		     what their password is on you system.

Requires Password: This box determines whether or not a correct password must
		   be given to log into this account.  This is useful for
		   creating "guest" accounts with no passwords.


Group Administration
--------------------

Adding and removing groups on a system are accomplished using the Configuration
tool named "Groups".

To add or remove groups, you must run the Groups tool.  Once you have logged
in, you will see two listview gadgets.  The one on the left lists the groups
that have been created on your machine.  The list on the right is for
displaying what users are members of the currently selected group.

To add a group, click on the Create button below the left listview.  A new
group named "NewGroup" will be created.  You may change the name of this
group by clicking in the string gadget below the lefthand listview.

To add a user to the currently selected group, click on the Add... button
below the righthand listview.  A requester will open that will allow you
to click on a user to add.

You may remove a group member by clicking on a user's name in the righthand
listview and clicking on the Remove button.

Each group also may have a Group Administrator that is allowed to add or
remove users to a particular group.  The default for the Group Administrator
is the Admin account.  You may change this by clicking on the Select...
gadget above the righthand listview.  A requester will open that will allow
you to select the new Group Administrator.  Note that any user may be a
group administrator.


Remote Administration
---------------------

Both the Users and Groups tools allow you to remotely change users or groups
on another system.  Simply chosse the "Select Host" menu item under the
settings menu.  A requester will open that will allow you to select a machine
to log into.  Once you've chosen a new host, another requester will open
asking you to log in with your name and password on the remote machine.
Once you are logged in, you will be able to modify users and groups as if you
were sitting at the machine itself.


Sharing User and Group information between multiple hosts
---------------------------------------------------------

(This will be filled in once we define how this will work.  The basic functionality
is there, but it hasn't been defined how it will be set up.)

