Manualshelf

NetWare Directory Services

ManualsBrandsHP ManualsSoftwareHP-UX 11i v1 Networking Software
41424344454647484950
3-4
Understanding Management Features
User Object ADMIN
This means that all users can browse the entire Directory tree.
When created, User objects are granted the Read right to all properties and the
Write right to all login scripts associated with their own User objects.
As User objects are created in the Directory tree, you can grant them the
Supervisor object right to selected objects or to entire Directory subtrees.
Other objects that receive the Supervisor object right are allowed to create
and manage other container objects and their leaf objects. This allows
network control and management to be as centralized or as distributed as
you want to make it.
You can rename or delete ADMIN at any time; however, you should assign
another User object the Supervisor object right to the [Root] object before
you delete ADMIN.
WARNING: Never delete ADMIN without having assigned the Supervisor right to another
User object. Neglecting to do so can be disastrous because you eliminate
supervising control of the Directory tree.
This warning also applies to other sections of the Directory tree where you have
an ADMIN object defined. At each level of the tree where you have ADMIN
defined, be sure you also have a User object with explicit Supervisor rights.
It is also important to remember that rights can be granted at a container, and
they can also be taken away. If all rights are filtered at a container and there is
not a user in that container with all rights, then that container is without full
administrative rights. This can cause problems.