NetWare Directory Services
3-3
Understanding Management Features
User Object ADMIN
User Object ADMIN
The first time you log in to a new Directory tree, you log in as the User
object ADMIN—the only User object created during the NetWare 4™
installation process. The ADMIN object is created when you first set up a
Directory tree but not when you later add other servers to an existing tree.
The ADMIN object is assigned all rights (including the Supervisor right) to
every object and property in the Directory tree. This gives ADMIN complete
control of the Directory tree.
NOTE: When your first log in to a new Directory tree, you may want to create a User object
and assign that object Supervisor rights to ensure that you have more than one object
with sufficient rights to completely control the tree. Such an object can be critically
important if the ADMIN object is deleted accidentally.
When it is created, ADMIN is assigned the Supervisor object right to the
NetWare Server object. This gives ADMIN the Supervisor right to the root
directory of all NetWare volumes attached to the server, so ADMIN can be
used to manage all directories and files on every volume in the Directory
tree.
ADMIN does not have any special significance like that of SUPERVISOR in
previous versions of NetWare. ADMIN is granted rights to create and
manage all objects simply because it is the first object created.
The following rights are also granted by default to provide basic network
functionality:
• The container object where the Volume object SYS resides is granted Read and
File Scan rights to the SYS:PUBLIC directory.
This means that when users are created in that container, they can access all
utilities located in the SYS:PUBLIC directory.
Users outside the container object that holds the SYS volume should be made
part of a group with explicit rights to the SYS:PUBLIC directory.
• When created, each User object is granted the Browse object right to the [Root]
object.