HP 9000 Networking NetWare 4.1/9000 Supervising the Network ® HP Part No. J2771-90010 Printed in U.S.A.
Notice Notice Hewlett-Packard makes no warranty of any kind with regard to this material, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose. Hewlett-Packard shall not be liable for errors contained herein or for incidental or consequential damages in connection with the furnishing, performance, or use of this material.
Printing History Printing History The manual printing date and part number indicate its current edition. The printing date will change when a new edition is printed. Minor changes may be made at reprint without changing the printing date. The manual part number will change when extensive changes are made. Manual updates may be issued between editions to correct errors or document product changes.
Preface Preface Supervising the Network has two purposes: • • To help you set up your NetWare® network after completing the NetWare® 4.1/9000 NetWare Services installation procedure To help you manage your NetWare network after you have installed NetWare® 4.1/9000 NetWare Services. This manual is to be used by network supervisors or system administrators responsible for maintaining all or part of a UnixWare 2.1 NetWare Services network.
Preface NetWare Services product. This includes running the required Directory Services Install (DS_Install) utility and creating your client diskettes (if desired). See Installation Handbook for complete instructions..
Preface NetWare file system, and setting up your NetWare servers. Software Requirements • NetWare® 4.1/9000 • NetWare® 4.1/9000 NetWare Services • DOS, Win 95, Win 3.11 and NT on the client Other Requirements Unless otherwise stated, all tasks documented in this manual are intended for a user having the Supervisor object right to the Root object and to the Server object for native NetWare, plus System Owner permissions for configuration.
Contents 1 Getting Started Introduction 1-2 Setting Up Your Network 1-3 Administrator Status 1-4 About Objects 1-5 After Installing NetWare Services 1-6 Setting Up Administration Utilities 1-9 Creating Client Install Diskettes from a Network Device 1-9 Installing a Windows Workstation and Starting NetWare Administrator Installing a DOS Workstation and Starting NETADMIN 1-13 1-11 How Clients Can Access NetWare 1-16 2 Setting Up and Managing NetWare Directory Services Objects Introduction 2-2 Rights Neede
Contents Using NetWare Administrator Using NETADMIN 2-9 2-8 Creating Container Objects 2-11 Types of Container Objects 2-11 Naming Container Objects 2-13 Creating Searchable Container Objects 2-15 Creating Container Objects Using Directory Services Installation Creating Container Objects Using NetWare Administrator or NETADMIN 2-16 Creating Leaf Objects 2-20 How to Use Leaf Objects 2-20 Naming Leaf Objects 2-27 Creating Searchable Leaf Objects 2-29 Creating Leaf Objects Using NetWare Administrator Creat
Contents Deleting Objects from the Directory Tree 2-65 Cautions When Deleting Server Objects 2-65 Cautions When Deleting User Objects 2-66 Cautions When Deleting Alias Objects 2-66 Deleting Objects Using NetWare Administrator Deleting Objects Using NETADMIN 2-68 2-67 Renaming Leaf and Container Objects 2-69 Renaming Objects Using NetWare Administrator Renaming Objects Using NETADMIN 2-71 2-69 Changing Object Property Values 2-73 Changing Object Property Values Using NetWare Administrator Changing Objec
Contents Setting Up Files 3-19 Prerequisites 3-19 Procedure 3-19 Planning Directory Structures 3-21 System-Created Directories 3-22 Workstation Operating-System Directories Application Directories 3-22 Data Directories 3-23 3-22 Creating Directories and Copying Files 3-24 Creating Directories Using NetWare Administrator 3-24 Creating Directories Using FILER 3-25 Copying or Moving Files Using NetWare Administrator 3-26 Copying or Moving Files Using FILER 3-28 Loading Operating Systems and Applications o
Contents Changing Attributes of a Directory or File 3-55 Changing the Owner of a Directory or File 3-58 Viewing Effective Rights and Other Information 3-61 Viewing a Trustee’s Effective Rights Using NetWare Administrator Viewing a Trustee’s Effective Rights Using FILER 3-62 3-61 Viewing Other Information about a Directory or File 3-64 Viewing Other Information Using NetWare Administrator Viewing Other Information Using FILER 3-65 Viewing Other Information Using NDIR 3-66 3-64 4 Managing the NetWare Di
Contents Viewing a List of Partitions Stored on a NetWare Server 4-33 Viewing a List of Replicas in a Partition 4-35 Viewing a List of Partitions in a Directory Tree 4-38 Changing a Replica’s Type 4-38 Removing NetWare Directory Services from a Server 4-42 Considerations Before Removing NDS Removing NDS from a Server 4-43 Re-installing NDS on a Server 4-44 4-42 Deleting a NetWare Server Object from the NDS Database 4-46 Considerations Before Deleting NetWare Server Objects 4-46 Deleting a NetWare Server
Contents 5 Customizing the User Environment Introduction 5-2 About Login Scripts 5-3 Types of Login Scripts 5-3 Deciding Which Login Scripts to Create 5-4 Creating, Modifying, Copying, and Printing Login Scripts 5-8 Hints for Planning Login Scripts 5-8 Creating or Modifying a Login Script Using NetWare Administrator 5-10 Creating or Modifying a Login Script Using NETADMIN 5-12 Copying a Login Script Using NetWare Administrator 5-14 Copying a Login Script Using NETADMIN 5-15 Printing Login Scripts 5-17 L
Contents LASTLOGINTIME 5-37 MACHINE 5-37 MAP 5-38 NO_DEFAULT 5-45 NOSWAP 5-45 PAUSE 5-46 PCCOMPATIBLE 5-47 PROFILE 5-48 REMARK 5-48 SCRIPT_SERVER 5-49 SET 5-49 SET_TIME 5-51 SHIFT 5-52 SWAP 5-54 TEMP SET 5-55 WRITE 5-55 Identifier Variables 5-58 Using Identifier Variables 5-61 Using LOGIN Parameters with %n Variables 5-62 Examples of Login Scripts 5-64 Default Login Script 5-64 Container Login Script 5-65 Profile Login Script 5-67 User Login Script 5-69 6 Creating Menus Introduction 6-2 Creating, Conve
Contents Getting Acquainted with NMENU 6-4 NMENU Syntax 6-4 What Menus Look Like 6-4 What Makes Menus Work 6-5 Planning Your Menus 6-10 Using the NMENU Commands 6-11 NMENU Organizational Commands and Options MENU 6-11 ITEM 6-12 NMENU Control Commands and Options 6-15 EXEC 6-16 LOAD 6-17 SHOW 6-18 GETx (GETO, GETP, GETR) 6-19 6-11 Creating a Menu File 6-22 Prerequisites 6-22 Example Menu Programs 6-22 Making Menus Work 6-25 Setting Up the User Environment 6-25 Converting Old Menu Files 6-27 Procedure
Contents Standard Volumes 7-3 CD-ROM Volumes 7-4 NFS-Mounted Volumes 7-5 Interdependencies between Partitions and NetWare Volumes Volume Statistics and Partitions 7-6 Volume Configuration Parameters 7-8 Volume Utilities 7-9 Managing Server Hard Disks 7-10 Checking Available Disk Space 7-10 Adding a Hard Disk to a NetWare Server 7-10 About NetWare Networking Protocols 7-11 NetWare Protocol Overview IPX Auto-Discovery 7-16 7-11 Managing the Server 7-18 Starting NetWare after Booting Your System 7-18 Bri
Contents Managing Network Time Synchronization 7-37 Changing the Default Time Server Type 7-37 Time Sources 7-37 Polling Intervals 7-39 Synchronization Limits 7-40 Creating a Custom Time Source Configuration 7-40 xvii
Contents xviii
1 Getting Started 1-1
Getting Started Introduction Introduction This chapter briefly explains the NetWare Directory Services™ (NDS™) scenerio and what objects exist in the NDS tree immediately after you install NetWare® 4.1/9000 NetWare® Services (NetWare Services). It also explains how to set up users on HP-UX.
Getting Started Setting Up Your Network Setting Up Your Network Before you can fully manage NetWare Services, we suggest that you perform these tasks: • Install NetWare Services (as described in Installation Handbook). • Run /opt/netware4/bin/dsinstall to install the NDS database (as described in Installation Handbook). • Ensure that the server is up and running (as described in Installation Handbook). • Create client diskettes to install on each DOS, Windows 3.
Getting Started Administrator Status Administrator Status As a network administrator, you will find the tasks in this manual require not only ADMIN status when working in NetWare, but also superuser status when using HP-UX: • From a DOS or Windows client connected to NetWare, you will be using utilities such as NetWare Administrator, NETADMIN, FILER, and so on, to do network administration. • From an HP-UX server, you will be using SAM, and other options to configure NetWare to run with HP-UX.
Getting Started About Objects About Objects Refer to the sections in Chapter 2, “Setting Up and Managing NetWare Directory Services Objects,” for basic tasks on • Creating and managing objects, such as Users, Groups, Organizational Roles, and Profiles. • Searching for objects. • Moving, deleting, and renaming objects. • Changing properties of objects. You can use either the NetWare Administrator graphical utility or the NETADMIN text utility to perform the tasks.
Getting Started After Installing NetWare Services After Installing NetWare Services Table 1-1 lists the objects that exist in a Directory tree immediately after you install NetWare Services and the default rights those objects have. Table 1-1 Default Objects and Rights in a Directory Tree Default objects after installation Default rights after installation NetWare Server object for the server on which NetWare Services was installed.
Getting Started After Installing NetWare Services Table 1-1 Default Objects and Rights in a Directory Tree Default objects after installation User object ADMIN. When the User object ADMIN is first created, it is placed in the Organization container object by default. This may not be the same context in which you installed the server.
Getting Started After Installing NetWare Services New objects Message Routing Group Organizational Role External Entity Organizational Unit Distribution List Printer AFP Server Print Server Alias Profile Computer Print Queue Directory Map User Group Volume NetWare Server Figure 1-1 Example of a New Directory Tree TSERVER is a newly installed NetWare Services server and was placed in the context TEST.MEDTEC (that is, in the Organizational Unit TEST which is in the Organization MEDTEC).
Getting Started Setting Up Administration Utilities Setting Up Administration Utilities The first time the network supervisor logs in, it must be as the User object ADMIN. This is the only object, after installation, that has rights to create and manage objects. Before you can log in, however, you must first use the instructions in this section to install a single client workstation from which you can run either NetWare Administrator or NETADMIN to start creating objects on your network.
Getting Started Setting Up Administration Utilities If creating diskettes for Windows 4 Go to this subdirectory DOSWIN If you are installing a language version other than English (the default language), set the “nwlanguage” environment variable by typing the following at the workstation command line: SET NWLANGUAGE=language Replace language with the appropriate language found in the NLS subdirectory under either CLIENT\OS2 or CLIENT\DOSWIN.
Getting Started Setting Up Administration Utilities Table 1-2 Client diskette labels Diskette number 5 Label for DOS/Windows NetWare Client for DOS and MS Windows ODI LAN drivers Label for OS/2 OS2DOC_X 1=English 2=French 3=German 4=Italian 5=Spanish 7 6 WSDRV_1 7 VLMBOOT (optional) Save these diskettes until you are ready to install client software.
Getting Started Setting Up Administration Utilities Replace drive with the letter of your workstation’s disk drive. 3 Follow the installation instructions on the workstation screen. Use the arrow keys to move between the fields. Press to modify a particular field. Because this workstation is being installed to get you started with the network setup, you can do a standard installation with the default settings and configure other options later. 4 Exit the installation program.
Getting Started Setting Up Administration Utilities 13 Select “Program Item.” 14 Choose “OK.” 15 Enter “NWADMIN” in the “Description” field and press . 16 Choose “BROWSE.” 17 From the “Drives” drop-down list, select the drive that points to SYS:PUBLIC. 18 From the list under “File Name,” select NWADMIN.EXE and choose “OK.” The path to the executable file is placed in the “Command Line” text box. 19 Again, choose “OK,” and then choose “Yes.
Getting Started Setting Up Administration Utilities Prerequisites • A workstation cabled to the network and running DOS 3.30 or later • At least one NetWare Services server installed • The WSDOS_1, WSWIN_1, WSDRV_1, and WSDRV_2 diskettes • 1.2 MB of free disk space on the workstation Procedure 1 Insert the WSDOS_1 diskette into the workstation’s disk drive. 2 Load the INSTALL.EXE program by typing drive:install Replace drive with the letter of your disk drive.
Getting Started Setting Up Administration Utilities 7 Enter a password if prompted; then press . 8 Map the next network drive to the PUBLIC directory of volume SYS: by typing MAP N SYS:PUBLIC 9 Change to the network drive that is mapped to the PUBLIC subdirectory. For example, if you mapped network drive Z:, you’d type Z: You can now use text utilities such as NETADMIN to complete your network setup.
Getting Started How Clients Can Access NetWare How Clients Can Access NetWare Even though most of this manual discusses how to configure and manage servers, an overview of NetWare access may be helpful. Since the clients available with NetWare Services are DOS, Windows 3.11, Win 95 and NT, , the following items briefly explain how to get to NetWare from a client machine. • NetWare Services. This allows NetWare clients to access HP-UX resources while maintaining their NetWare environment. • NUC.
2 Setting Up and Managing NetWare Directory Services Objects 2-1
Setting Up and Managing NetWare Directory Services Objects Introduction Introduction This chapter helps you set up and start managing your network objects after installing NetWare® 4.1 Services.
Setting Up and Managing NetWare Directory Services Objects Rights Needed to Create and Manage Objects Rights Needed to Create and Manage Objects As User object ADMIN, you initially have all rights to all objects in the Directory tree. However, if you allow users to manage parts of the Directory tree, you need to give them the rights necessary to manage their section of the tree.
Setting Up and Managing NetWare Directory Services Objects Rights Needed to Create and Manage Objects Types of Rights Four kinds of rights exist in NetWare 4.1: • Object rights control what a trustee can do with an object. These rights control the object as a single piece in the Directory tree, but do not allow access to information stored within that object (unless the Supervisor object right is granted).
Setting Up and Managing NetWare Directory Services Objects Rights Needed to Create and Manage Objects NOTE: In addition to the rights mentioned previously, NetWare® 4.1/9000 has its own security. The discussion of rights in this chapter is limited to those rights inherent to NetWare Services. For information about how these two sets of security work together see Chapter 3, “Managing the NetWare Services File System.
Setting Up and Managing NetWare Directory Services Objects Rights Needed to Create and Manage Objects Property Rights Object rights do not allow trustees to see the information stored in the object’s properties. Property rights are required to read the information in an object’s properties. Property rights control access to each property of an object.
Setting Up and Managing NetWare Directory Services Objects Rights Needed to Create and Manage Objects Additional Information For more information about Refer to Access Control List “Access Control List” in Concepts Container and leaf objects “Object” in Concepts Trustees and rights “Security” in Concepts 2-7
Setting Up and Managing NetWare Directory Services Objects Managing Trustee Assignments to Objects Managing Trustee Assignments to Objects An object that is granted rights to work with another object is called a trustee of the object. Through trustee assignments you determine what level of rights you want trustees to have on the objects to which they are assigned.
Setting Up and Managing NetWare Directory Services Objects Managing Trustee Assignments to Objects Procedure 1 From the Windows Program Manager, choose the “NetWare Administrator” icon. 2 Select the object to which you want to assign trustees. 3 Right-click and choose “Trustees of this Object,” or, from the “Object” menu, choose “Trustees of this Object.” All the trustees of this object are listed in the “Trustees” box.
Setting Up and Managing NetWare Directory Services Objects Managing Trustee Assignments to Objects 4 When the desired object appears in the “Object, Class ” list, select it and press . 5 Select “View or Edit the Trustees of This Object.” From the “Trustees of This Object” menu you can 6 • Set the Inherited Rights Filter (IRF). • Add or change trustee assignments. • View the effective rights for a trustee. From the “Trustees of This Object” menu, select one of the options.
Setting Up and Managing NetWare Directory Services Objects Creating Container Objects Creating Container Objects You can create container objects using either NetWare Administrator or NETADMIN. Both of these methods are described in this section. Considerations for naming container objects and suggestions for creating searchable objects are also described here. Types of Container Objects The kinds of container objects you can create are Country, Organization, and Organizational Unit.
Setting Up and Managing NetWare Directory Services Objects Creating Container Objects Figure 2-1 Hierarchy of Objects You can create leaf objects only under the Organization and Organizational Unit container objects. Table 2-3 describes each container object you can create and when to use it.
Setting Up and Managing NetWare Directory Services Objects Creating Container Objects Table 2-3 Container object Country Container Objects You Can Create Description Designates the countries where your network resides and organizes other objects within the country. You must always include the name type of the object in complete names when you include the Country container object in your Directory tree.
Setting Up and Managing NetWare Directory Services Objects Creating Container Objects The following rules apply to most objects. For specific rules about naming leaf objects, see “Naming Leaf Objects.” Object Naming Rules Remember these rules when naming an object: NOTE: • The name must be unique in the branch (container) of the Directory tree where the object is located. • The object name can be up to 64 characters in length, except for Country objects, which are limited to two characters.
Setting Up and Managing NetWare Directory Services Objects Creating Container Objects You cannot use the following characters in an object name that must be accessed from a client running a version of NetWare earlier than NetWare 4.1: / slash \ backslash : colon , comma * asterisk ? question mark Creating Searchable Container Objects When you create a container object, you can enter various types of information about that object into its properties, such as location and telephone.
Setting Up and Managing NetWare Directory Services Objects Creating Container Objects the container object is running bindery services. • A read/write replica of the Directory partition where the container object resides is stored on the server that you just installed. For more information on how to create container objects using Directory Services Install (dsinstall), see the NetWare 4.1/9000 Installation and Administration Guide..
Setting Up and Managing NetWare Directory Services Objects Creating Container Objects If the container object class you want to create does not appear under “New Object,” you cannot create that object in the selected container. Choose “Cancel” to return to the browser; then select a different container type. 5 Choose “OK.” The “Create Object” dialog box appears. 6 Type a name for the object in the box provided. 7 (Optional) Select “Define Additional Properties.
Setting Up and Managing NetWare Directory Services Objects Creating Container Objects For more information about Refer to Using NetWare Administrator “NetWare Administrator” in Utilities Reference Using object dialog pages in NetWare Administrator “NetWare Administrator” in Utilities Reference Creating Container Objects Using NETADMIN Prerequisites • A workstation running DOS 3.
Setting Up and Managing NetWare Directory Services Objects Creating Container Objects 8 If you want to create a user template to be applied to new User objects created in this container, type “Y” and press . If you do not want to create a user template, type “N” and press . The user template is a User object named USER_TEMPLATE. A user template contains default information you can apply to users you create to give them default property values. 9 Press to save the information.
Setting Up and Managing NetWare Directory Services Objects Creating Leaf Objects Creating Leaf Objects Leaf objects represent network resources, such as users, computers, printers, and lists. They do not contain any other objects. You create leaf objects within a container object. Figure 2-2 lists the leaf objects you can create. (The icons represent the objects as they appear in NetWare Administrator.
Setting Up and Managing NetWare Directory Services Objects Creating Leaf Objects Table 2-4 Leaf object Alias Leaf Objects You Can Create Description Points to another object in the Directory tree and makes it appear as if that object actually exists in the Directory tree where the alias is. Although an object appears both where it was actually created and where an alias referring to it was created, only one copy of the object really exists.
Setting Up and Managing NetWare Directory Services Objects Creating Leaf Objects Table 2-4 Leaf Objects You Can Create Leaf object Directory Map Description When to use Represents a particular directory in the file system. Directory Map objects can be especially useful in login scripts by pointing to directories that contain applications or other frequently used files. Use this object to avoid making changes to many login scripts when the location of applications changes.
Setting Up and Managing NetWare Directory Services Objects Creating Leaf Objects Table 2-4 Leaf object External Entity Leaf Objects You Can Create Description When to use Represents a non-native NDS object that is imported into NDS or registered in NDS. If your messaging environment contains non-MHS servers, such as SMTP hosts, SNADS nodes, or X.400 MTAs, you might choose to add users and lists at these servers to your NetWare database as External Entities.
Setting Up and Managing NetWare Directory Services Objects Creating Leaf Objects Table 2-4 Leaf Objects You Can Create Leaf object NetWare Server Description When to use Represents a server running NetWare on your network. Use the NetWare Server object to associate the physical server on the network with the Directory tree. Without this object, users cannot access file systems that are on that server’s volumes.
Setting Up and Managing NetWare Directory Services Objects Creating Leaf Objects Table 2-4 Leaf object Print Server Leaf Objects You Can Create Description Represents a network print server. When to use You must create a Print Server object for every print server on the network. This object cannot be created with NETADMIN. See Print Services for more information. Printer Represents a physical printing device on the network. You must create a Printer object for every printer on the network.
Setting Up and Managing NetWare Directory Services Objects Creating Leaf Objects Table 2-4 Leaf Objects You Can Create Leaf object User Description Represents a person who uses your network. In the User object properties, you can set login restrictions, intruder detection limits, password and password restrictions, security equivalences, etc. When to use You must create a User object for every user who needs to log in to the network.
Setting Up and Managing NetWare Directory Services Objects Creating Leaf Objects Table 2-4 Leaf Objects You Can Create Leaf object Description Volume Represents a physical volume on the network. In the Volume object’s properties, you can enter identification information, such as the host server, volume location, etc. You can also set restrictions for use of the volume, such as space limits for users. When to use You should create a Volume object for every physical volume on the network.
Setting Up and Managing NetWare Directory Services Objects Creating Leaf Objects are considered to be identical names. • You can use both spaces and underscores, but they are both considered spaces. Therefore, “Manager_Profile” and “Manager Profile” are considered to be identical names. If you use a space in a name, you must place quotation marks around that text string whenever you use a command line utility that includes that text string.
Setting Up and Managing NetWare Directory Services Objects Creating Leaf Objects Naming Restrictions for NetWare Server Objects The first NetWare Server object for a NetWare 4.1 server must be created with Directory Services Install. The object is given the same name as the physical server. Rules for naming physical servers appear in Help of Directory Services Install. If you create a NetWare Server object for a non-NetWare 4.
Setting Up and Managing NetWare Directory Services Objects Creating Leaf Objects Standardizing the value for the Location property for all User objects at the site (such as M1, M2, and M3) makes it possible to search for objects located in each building.
Setting Up and Managing NetWare Directory Services Objects Creating Leaf Objects For example, if you select “Define Additional Properties,” the “Identification” page is displayed immediately after the object is created. Make this selection if you want to enter more information for the new leaf object at the time of creation. You can also enter additional property information later. If you select “Create Another Object,” another “Create” dialog box is displayed immediately after the object is created.
Setting Up and Managing NetWare Directory Services Objects Creating Leaf Objects If you are creating User objects, remember that users who are using nonNetWare 4.1 workstations must be created in the container at which the bindery services context is set for the server that they need to log in to. You can create User objects for users who have NetWare 4.1 workstations anywhere in the Directory tree, but the users must know their context in order to log in.
Setting Up and Managing NetWare Directory Services Objects Managing Groups of User Objects Managing Groups of User Objects NetWare 4.1 allows you to manage User objects as a group, which is often more efficient than managing them individually. Six objects that can help you manage groups of User objects are described in Table 2-5.
Setting Up and Managing NetWare Directory Services Objects Managing Groups of User Objects Managing Group Objects If you want a user to have access to an object, you must give the user a trustee assignment to that object. Rather than make trustee assignments to many users, you can create a Group object and make just one trustee assignment to grant access to all the users who belong to the Group.
Setting Up and Managing NetWare Directory Services Objects Managing Groups of User Objects Additional Information For more information about Refer to Groups “Group Objects” in Concepts Object and property rights “Rights Needed to Create and Manage Objects” in this chapter Using NETADMIN “NETADMIN” in Utilities Reference Using NetWare Administrator “NetWare Administrator” in Utilities Reference Adding Members to a Group Using NetWare Administrator Prerequisites • A 386 or later workstation and N
Setting Up and Managing NetWare Directory Services Objects Managing Groups of User Objects 8 Repeat Step 5 through Step 7 to add more User objects to the Group object. 9 When you have finished adding User objects to the Group object, choose “OK” to save your changes and return to the browser. Adding Members to a Group Object Using NETADMIN Prerequisites • A workstation running DOS 3.
Setting Up and Managing NetWare Directory Services Objects Managing Groups of User Objects 9 When the selected User object appears in the “ Members” screen, press . To select (mark) multiple User objects, press . 10 Continue to press and select User objects until you have added all the users you want as Group members. 11 To save the list of Group members, press . 12 To exit, press until you return to the “NetAdmin Options” menu.
Setting Up and Managing NetWare Directory Services Objects Managing Groups of User Objects The default rights that make up this object’s trustee assignment to the file or directory appear in the “Rights” area. 10 Select the check boxes next to the rights that you want to add. You must have the Access Control right to the file or directory to make trustee assignments to the file or directory. 11 Choose “OK.” The new trustee assignment is now effective for this object.
Setting Up and Managing NetWare Directory Services Objects Managing Groups of User Objects 8 Select “Directories/Files” and press . Choose whether you want to view files, directories, or both when you are selecting one to give a trustee assignment to. 9 Select “Trustee Search Depth” and press . Choose whether you want to view only the files or directories in the current directory, or to search subdirectories. 10 To list the trustee assignments, press .
Setting Up and Managing NetWare Directory Services Objects Managing Groups of User Objects 2 Select the Group object you want to edit. For information on moving around in the browser and selecting objects, press . 3 From the “Object” menu, choose “Details.” 4 Select the “Members” button at the right side of the “Object” dialog box. The list of User objects for this group appears. 5 From the “Members” dialog box, select the name you want to delete. 6 Choose “Delete.
Setting Up and Managing NetWare Directory Services Objects Managing Groups of User Objects Use the instructions at the bottom of the screen to browse the directory. Press if you need help. 4 When the Group object appears in the “Object” list, select it and press . The “Actions” menu appears. 5 Choose “View or Edit Properties of This Object.” 6 From the “View or Edit Groups” menu, select Group members. 7 Select the User object you want to delete from the Group object and press .
Setting Up and Managing NetWare Directory Services Objects Managing Groups of User Objects For more information about Refer to Creating login scripts Chapter 5, “Customizing the User Environment” Using NETADMIN “NETADMIN” in Utilities Reference Using NetWare Administrator “NetWare Administrator” in Utilities Reference Creating Profile Objects Using NetWare Administrator Prerequisites • A 386 or later workstation and NetWare Administrator • The Create object right to the object that will contain
Setting Up and Managing NetWare Directory Services Objects Managing Groups of User Objects 8 Choose “Create.” If you selected “Define Additional Properties,” the “Identification” dialog box appears. 9 (Optional) Enter information in the fields provided in the “Identification” page of the “Object” dialog box. 10 (Optional) Choose the “See Also” button at the right side of the object dialog box. The “See Also” page allows you to add information about the Profile object you are creating.
Setting Up and Managing NetWare Directory Services Objects Managing Groups of User Objects If the Profile object class does not appear, you cannot create that object in the selected container. Press to return to the browser, and then select a different container type. 6 Type the new Profile object name and press . 7 If you want to create another Profile object, choose “Yes.” If you do not, choose “No.” If you choose“Yes,” you are prompted to type the new Profile object name.
Setting Up and Managing NetWare Directory Services Objects Managing Groups of User Objects For example, you decide that you need a print manager for SALES. You create an Organizational Role object called PRINT MANAGER. You grant the PRINT MANAGER object all object rights to all the Printer, Print Queue, and Print Server objects in that part of the Directory tree. You may also grant the PRINT MANAGER object the property rights to the Print Job Configuration property of users.
Setting Up and Managing NetWare Directory Services Objects Managing Groups of User Objects 2 Select the object that will contain the new Organizational Role object. For information on moving around in the browser and selecting objects, press . Only Organization and Organizational Unit objects can contain Organizational Role objects. 3 From the “Object” menu, choose “Create.” 4 From the “New Object” dialog box, choose “Organizational Role.
Setting Up and Managing NetWare Directory Services Objects Managing Groups of User Objects The “See Also” page allows you to add information about the Organizational Role object you are creating. For example, you might list the User objects that you have assigned as occupants. 17 To save the new Organizational Role object and return to the browser, choose “OK.” Creating Organizational Role Objects Using NETADMIN Prerequisites • A workstation running DOS 3.
Setting Up and Managing NetWare Directory Services Objects Managing Groups of User Objects If you choose “No,” then the Organizational Role object is displayed in the Directory tree. Continue with Step 9. 9 To edit this object, press . A menu appears from which you can choose to view or edit information about this object. 10 Choose “View or Edit Properties of This Object.” 11 From the “View or Edit Organizational Role” menu, choose “Identification.
Setting Up and Managing NetWare Directory Services Objects Managing Groups of User Objects object’s properties. • The user template is actually a User object named USER_TEMPLATE. You enter information in this User object just as you would for any other User object. However, not all properties of a User object can be copied from a user template. • You can copy information from the parent container’s user template. For example, if you create a user template in SALES.
Setting Up and Managing NetWare Directory Services Objects Managing Groups of User Objects Creating and Editing User Templates with NetWare Administrator Prerequisites • A 386 or later workstation and NetWare Administrator • The Create object right to the object that will contain the user template Procedure 1 From the Windows Program Manager, click on the “NetWare Administrator” icon. 2 Select the object that will contain the new user template.
Setting Up and Managing NetWare Directory Services Objects Managing Groups of User Objects Creating and Editing User Templates with NETADMIN Prerequisites • A workstation running DOS 3.30 or later and NETADMIN • The Create object right to the object that will contain the user template Procedure 1 At the DOS prompt, type NETADMIN For information on moving around in NETADMIN and selecting objects, press after starting the utility.
Setting Up and Managing NetWare Directory Services Objects Managing Groups of User Objects The help line at the bottom of the screen gives information on each option as you highlight it. For more information, press . 11 To save the information, press . 12 To exit, press until you return to the “NetAdmin Options” menu.
Setting Up and Managing NetWare Directory Services Objects Searching for Objects Searching for Objects When you want to find information in the Directory database without opening numerous containers to view the objects, you can use the Search feature. With the Browse object right, you can search for object classes anywhere in the Directory tree. With the Compare property right, you can search for objects that have properties that match a particular value.
Setting Up and Managing NetWare Directory Services Objects Searching for Objects 5 6 7 Specify how much of the Directory tree to search. • To search everything below the “Start From” object, select “Search Entire Subtree.” • To search only among objects one level below the “Start From” object, continue with Step 6. Select the down-arrow to the right of the “Search For” field to select an object class to search. • If you want all the objects of this selected object class to be listed, choose “OK.
Setting Up and Managing NetWare Directory Services Objects Searching for Objects Searching for Objects Using NETADMIN NETADMIN searches each object in the Directory database unless you narrow the search by specifying properties in combination with additional variables such as “less than” or “equal to.” For example, to find all users in New York, you could search for User objects with State or Province Name “equal to” New York. The Search feature then displays objects that meet the search criteria.
Setting Up and Managing NetWare Directory Services Objects Searching for Objects For more information about Refer to Properties “Property” in Concepts Using NETADMIN “NETADMIN” in Utilities Reference Searching for Objects Using NLIST NLIST is a workstation command line utility that allows you to • List objects and object properties. • View information about such objects as users, groups, volumes, and servers (such as object properties, names, property groups, and login information).
Setting Up and Managing NetWare Directory Services Objects Moving Objects in the Directory Tree Moving Objects in the Directory Tree While previous versions of NetWare allowed you to move only leaf objects, NetWare 4.1 allows you to move both leaf objects and container objects to other containers in the Directory tree. When you move a leaf or container object, NDS changes all references to the moved object.
Setting Up and Managing NetWare Directory Services Objects Moving Objects in the Directory Tree Using Dialog Boxes Prerequisites • A 386 or later workstation and NetWare Administrator • The Browse object right to the object you want to see in the search Procedure 1 From the Windows Program Manager, click on the “NetWare Administrator” icon. 2 From the browser window, select one or more leaf objects.
Setting Up and Managing NetWare Directory Services Objects Moving Objects in the Directory Tree Using Drag-and-Drop Prerequisites • A 386 or later workstation and NetWare Administrator • The Supervisor right for the object you want to move • The Create object right to the destination container Procedure 1 From the Windows Program Manager, click on the “NetWare Administrator” icon. 2 (Optional) From the “Tools” menu, open another browser window by selecting “Browse.
Setting Up and Managing NetWare Directory Services Objects Moving Objects in the Directory Tree Moving Leaf Objects Using NETADMIN Prerequisites • A workstation running DOS 3.30 or later and NETADMIN • The Supervisor right to the object you want to move • The Create object right to the destination container Procedure 1 At the DOS prompt, type NETADMIN For information on moving around in NETADMIN and selecting objects, press after starting the utility.
Setting Up and Managing NetWare Directory Services Objects Moving Objects in the Directory Tree For more information about Refer to Objects “Object” in Concepts Rights “Rights” in Concepts Directory tree “Directory tree” in Concepts Using NETADMIN “NETADMIN” in Utilities Reference Moving Container Objects Using NetWare Administrator Prerequisites • A 386 or later workstation and NetWare Administrator • The Supervisor right to the object you want to move • The Create object right to the desti
Setting Up and Managing NetWare Directory Services Objects Moving Objects in the Directory Tree “OK.” 7 Choose “Create Alias in Place of Moved Container.” The Alias object will point to the partition’s new location. 8 In the “Move” dialog box, choose “OK.” If you choose to create an alias in place of the moved container, NetWare Administrator polls for the creation of the Alias object before it moves the selected partition.
Setting Up and Managing NetWare Directory Services Objects Moving Objects in the Directory Tree Procedure 1 At the DOS prompt, type NETADMIN For information on moving around in NETADMIN and selecting objects, press after starting the utility. 2 From the “NetAdmin Options” menu, choose “Manage Objects.” Your current context appears in the upper left corner. 3 4 Select the object that you want to move. • If the object you want to move appears on the list, select it and press .
Setting Up and Managing NetWare Directory Services Objects Moving Objects in the Directory Tree The selected object is moved to the destination container. NOTE: You need to wait for processes throughout the Directory tree to be completed before you can move this object again. If you moved a container and created an alias in its place, you should use the NCUPDATE utility to update the name context of users in the moved container. For instructions, see “NCUPDATE” in Utilities Reference.
Setting Up and Managing NetWare Directory Services Objects Deleting Objects from the Directory Tree Deleting Objects from the Directory Tree When you delete a leaf object, NDS removes references to the deleted object. For example, if you delete a Profile object, that Profile object is deleted from any User objects that list it. Or, if you delete a User object, all trustee assignments listing that user are deleted.
Setting Up and Managing NetWare Directory Services Objects Deleting Objects from the Directory Tree Cautions When Deleting User Objects You must be careful not to delete a trustee object that has the only trustee assignment to a part of the Directory tree. If you do, you could cut off access to that part of the Directory tree. Be careful not to block all users’ rights to an object with an Inherited Rights Filter, which would leave no one with access to part of the Directory tree.
Setting Up and Managing NetWare Directory Services Objects Deleting Objects from the Directory Tree Deleting Objects Using NetWare Administrator Prerequisites • A 386 or later workstation and NetWare Administrator • The Delete object right to the object that you want to delete Procedure 1 From the Windows Program Manager, click on the “NetWare Administrator” icon. 2 Using the browser, select the object you want to delete. Only leaf objects and container objects that are empty can be deleted.
Setting Up and Managing NetWare Directory Services Objects Deleting Objects from the Directory Tree Deleting Objects Using NETADMIN Prerequisites • A workstation running DOS 3.30 or later and NETADMIN • The Delete object right to the object that you want to delete from the Directory tree Procedure 1 At the DOS prompt, type NETADMIN For information on moving around in NETADMIN and selecting objects, press after starting the utility.
Setting Up and Managing NetWare Directory Services Objects Renaming Leaf and Container Objects Renaming Leaf and Container Objects You may want to rename objects to make the names more descriptive or to reflect your changing environment. For example, you may want to rename a printer from LASER IN BLDG D to LASER IN BLDG A, or an Organizational Unit from SALES to ACCOUNTS. When you rename an object, NetWare Directory Services changes all references to the renamed object.
Setting Up and Managing NetWare Directory Services Objects Renaming Leaf and Container Objects icon. 2 Using the browser, select the object that you want to rename. 3 From the “Object” menu, choose “Rename.” 4 Type the new name for the object you selected. 5 (Optional) Select “Save Old Name.” Select this option if you want the old name saved as a value in the “Other Names” field of the “Details” screen.
Setting Up and Managing NetWare Directory Services Objects Renaming Leaf and Container Objects Renaming Objects Using NETADMIN Prerequisites • A workstation running DOS 3.30 or later and NETADMIN • The Rename object right to the object that you want to rename Procedure 1 At the DOS prompt, type NETADMIN For information on moving around in NETADMIN and selecting objects, press after starting the utility. 2 Choose “Manage Objects” from the “NetAdmin Options” menu.
Setting Up and Managing NetWare Directory Services Objects Renaming Leaf and Container Objects 10 Press until you return to the “NetAdmin Options” menu. If you renamed a container object, you should use the NCUPDATE utility to update the name context of users in the renamed container. For instructions, see “NCUPDATE” in Utilities Reference.
Setting Up and Managing NetWare Directory Services Objects Changing Object Property Values Changing Object Property Values You can use NetWare Administrator or NETADMIN to change object property values. Both are described in this section. In this section, the general procedures for changing object property values are followed by tables that describe how to change specific properties of specific objects.
Setting Up and Managing NetWare Directory Services Objects Changing Object Property Values Do not choose “Cancel” unless you want to lose all changes made to every page of the “Object” dialog box. Table 2-6 describes how to change User object property values.
Setting Up and Managing NetWare Directory Services Objects Changing Object Property Values Table 2-6 Changing User Object Property Values Using NetWare Administrator To Choose this page of the “Object” dialog box; then… Unlock a user’s account “Details”; choose “Intruder Lockout” and enter information in fields to reset the User’s account. View, reset, or set up intruder detection on a user’s account “Details”; choose “Intruder Lockout” and view or reset information in fields.
Setting Up and Managing NetWare Directory Services Objects Changing Object Property Values Table 2-7 Changing Other Object Property Values Using NetWare Administrator To Select this class of object Choose this page of the “Object” dialog box; then… Change the list of operators or resources associated with this object Computer, NetWare Server “Details”; choose “Operators,” “Supported Services,” “Resources,” or “User”; click on “Add;” and then select other objects from the “Select Object” dialog box.
Setting Up and Managing NetWare Directory Services Objects Changing Object Property Values Changing Object Property Values Using NETADMIN Prerequisites • A workstation running DOS 3.30 or later and NETADMIN • The Create object right to the container of the object whose property value will be changed Procedure 1 At the DOS prompt, type NETADMIN For information on moving around in NETADMIN and selecting objects, press after starting the utility.
Setting Up and Managing NetWare Directory Services Objects Changing Object Property Values Table 2-8 Changing User Object Property Values Using NETADMIN To Choose this option from the “View or Edit Properties of This Object” menu; then… Change the user’s last name, other names, title, description, location, department, telephone number, fax number, or email address “Identification”; enter information in the fields.
Setting Up and Managing NetWare Directory Services Objects Changing Object Property Values Table 2-8 Changing User Object Property Values Using NETADMIN Choose this option from the “View or Edit Properties of This Object” menu; then… To Add the user object to an existing Group “Groups/Security Equal To Profile”; select “Groups” and press , then press and enter the Group name (or press again and select the Group name from the list).
Setting Up and Managing NetWare Directory Services Objects Changing Object Property Values Table 2-9 Changing Other Object Property Values Using NETADMIN To Select this class of object Choose this option from the “View or Edit Properties of This Object” menu; then… Set up the object’s accounting information NetWare Server “Accounting”; choose “Submenus,” and enter information in the fields.
Setting Up and Managing NetWare Directory Services Objects Changing Object Property Values For more information about Refer to Rights “Rights” in Concepts Using NETADMIN “NETADMIN” in Utilities Reference 2-81
Setting Up and Managing NetWare Directory Services Objects Changing Object Property Values 2-82
3 Managing the NetWare Services File System 3-1
Managing the NetWare Services File System Introduction Introduction This chapter provides an explanation of user types, the file access control system, and the NetWare® file system directory structure. The sections in this chapter provide step-by-step procedures to set up your network file system so that users can access the resources they need while keeping files secure. The following types of tasks are included.
Managing the NetWare Services File System User Types User Types On a NetWare 4.1/9000 NetWare Services server, three different types of users can work with files and directories in the file system: • HP-UX users have an HP-UX user account and not a NetWare user account. These users cannot access a NetWare server but can manage a NetWare server from HP-UX. • NetWare users have a NetWare user account and do not have an explicit HP-UX user account.
Managing the NetWare Services File System User Types Considerations for NetWare UNIX Client (NUC) Users NUC users can log in to a NetWare server either through the HP-UX server console or by using nwlogin and nwlogout at the HP-UX command line (see System Owner Handbook for information). The NetWare volumes can be accessed from the HP-UX server console, from the automounter, or from the command line using mount.
Managing the NetWare Services File System User Types Table 3-1 NUC Behavior User Type ID on the Inode Ownership as Seen from NUC Action Performed by NUC 2. Hybrid User 2 Not applicable Mapped IDs of the Hybrid User Lists the file for ownership as created by Hybrid User 1. 3. Nonhybrid User 1 nwuser, nwgroup Native IDs Creates a file and lists the file for ownership. 4. Nonhybrid User 2 Not applicable Native IDs Lists the file created by Nonhybrid User 1.
Managing the NetWare Services File System User Types assignments. However, during the creation process, NetWare Services is required to assign a HP-UX owner to the file in order to store it on any type of HP-UX file system. NetWare Services uses nwuser, or it uses nwroot if the user on a NetWare server is ADMIN or Supervisor. The hybrid feature solves this problem by mapping the NetWare account to the HP-UX account so that when a NetWare user creates a file, the HP-UX UID becomes the owner of the file.
Managing the NetWare Services File System User Types Allowing NetWare Users without Hybrid User Mapping This section discusses how to enable a hybrid user to be assigned to a NetWare user who does not have hybrid user mapping. The hybrid user feature is enabled and logins are synchronized by default. Prerequisites • Hybrid user account set up in SAM • Superuser permission to use SAM Procedure Figure 3-1 1 Under Admin Tools aunder HP-UX, double-click on NetWare_Setup in the Networking folder.
Managing the NetWare Services File System User Types Allow Processes to Assume Hybrid User IDs? This variable determines whether the NetWare processes use the UID or GID for the hybrid user when processing an NCP request. This is only required when a NetWare volume uses NFS to access files from remote HP-UX machines. The default is No. 5 3-8 Click OK.
Managing the NetWare Services File System File Access Control File Access Control In NetWare, trustee assignments are used to grant access to files and directories; these assignments are part of the file system. In NetWare Services, trustee assignments are kept in a separate, per-volume database in the volume’s control directory.
Managing the NetWare Services File System File Access Control Table 3-3 File Access Control Modes Value Description Both Both NetWare and HP-UX enforcement. Both NetWare trustee assignments and HP-UX permissions control file and directory access. File system security must be set from both NetWare and HP-UX. See “Using Both NetWare and HP-UX for File Access Control” in this chapter for more information. The mode affects the performance of the Standard file system volumes.
Managing the NetWare Services File System File Access Control Using NetWare Only for File Access Control When “NetWare” is selected as the mode for file access control, rights checking is the same as it is on native NetWare. NetWare Services checks that the user has NetWare rights to the file or directory and that the NetWare file and directory attributes allow the action. Figure 3-2 illustrates this process.
Managing the NetWare Services File System File Access Control 2 If the user is the NetWare administrator or equivalent, the user is granted all rights to the file or directory. 3 NetWare Services scans up the tree from the node in question, looking for a trustee assignment granted to each object ID. 4 If one of the object IDs has been granted the Supervisor right, the user is granted all rights to the file or directory.
Managing the NetWare Services File System File Access Control Using HP-UX Only for File Access Control When “UNIX” is selected as the mode for file access control, the HP-UX permission bits are used to calculate effective NetWare rights to a file or directory. Each NetWare Services user has a UID and a GID and these are compared with the file or directory’s UID and GID. The UID and GID are established by default or through the hybrid user feature. Figure 3-3 illustrates this process.
Managing the NetWare Services File System File Access Control The GIDs match under the following conditions: • The NetWare user’s hybrid GID matches the file’s (or directory’s) GID. Although HP-UX allows a user to belong to more than one group, currently only the HP-UX user’s primary group is used, the GID obtained with getpwnam ( ). All other group GIDs are ignored. • The file’s (or directory’s) GID is nwgroup and the user is logged in.
Managing the NetWare Services File System File Access Control Table 3-4 Translating HP-UX Permissions to NetWare Rights HP-UX Permissions NetWare Effective Rights Parent Directory File or Directory File Directory rwx r x R CE F No Rights rwx w WCE F No Rights rwx wx WCE F No Rights rwx x CE F No Rights r x --- F No Rights r x r R F No Rights r x rw RW F No Rights r x rwx RW F RWC F r x r x R F R r x w W F No Rights r x wx W F No Rights r x x F No
Managing the NetWare Services File System File Access Control Additional Rules In addition to mapping UID and GIDs and converting HP-UX permissions into NetWare rights, the following rules are used to determine HP-UX access to a file or directory: • Attached NetWare users always have Read and Execute rights to the files in the SYS:LOGIN directory and any subdirectories. • The path from the volume mount point is used to calculate access to a file or directory.
Managing the NetWare Services File System File Access Control If the NetWare volumes are NFS-mounted, set the “Allow Processes to Assume Hybrid User IDs?” variable in NetWare Setup to Yes. Forcing all NetWare users to be hybrid users is the best method of enforcing security with the “UNIX” mode for file access. In this mode, all NetWare users should have sufficient rights to the files and directories that they create to control access from HP-UX.
Managing the NetWare Services File System File Access Control NetWare Services checks NetWare and UnixWare rights NetWare Services checks NetWare attributes Start here yes Has trustee rights? Figure 3-4 UnixWare rights okay? yes Attributes okay? no no no Deny access Deny access Deny access yes Grant access NetWare and HP-UX File System Security Checks NetWare Services calculates the rights for both NetWare and HP-UX.
Managing the NetWare Services File System Setting Up Files Setting Up Files This section discusses how to set your default umask, enable host locking, and specify the number of open files allowed on a server. Prerequisites • Access to the server console • Superuser permission to use SAM Procedure 1 Under Admin Tools at the HP-UX server console, double-click on NetWare_Setup in the Networking folder. 2 Double-click on NetWare_Server. 3 Double-click on Files.
Managing the NetWare Services File System Setting Up Files Basic. The Basic category shows the most commonly changed HP-UX file configuration variables. Maximum Number of Open Files. This variable specifies the maximum number of simultaneous open files allowed on a server. File Default umask. This variable specifies the host umask used to reduce host permissions on files created by NetWare users. The supported values are octal 0000 to 0777.
Managing the NetWare Services File System Planning Directory Structures Planning Directory Structures Understanding how NetWare and HP-UX rights and permissions are translated makes file-system organization easier when administering the NetWare network. Read the following sections before planning your directory structure.
Managing the NetWare Services File System Planning Directory Structures System-Created Directories During NetWare Services installation, some directories are created automatically. • SYS:ETC contains sample files to help you configure the server. • SYS:LOGIN contains the programs necessary for users to log in to the network, such as LOGIN.EXE. The SYS:LOGIN directory has a subdirectory named NLS that contains subdirectories for each supported language of login message files.
Managing the NetWare Services File System Planning Directory Structures Since the application programs do not normally change, you can keep one set of application files on backup diskettes and then skip the application directories when doing network backups. For more information about loading applications on the network, see “Loading Operating Systems and Applications onto the Network” in this chapter. Data Directories Data directories can include work areas where groups or users keep work files.
Managing the NetWare Services File System Creating Directories and Copying Files Creating Directories and Copying Files After you plan your directory structure for each NetWare volume, you can create directories and subdirectories to organize data and applications. (If you have not created the volume, see “Maintaining Volumes” in Chapter 7.) You can use one of several tools to divide a NetWare volume into directories, for example, use NetWare Administrator, or FILER, or MKDIR (MD) to do this.
Managing the NetWare Services File System Creating Directories and Copying Files 6 (Optional) To create another directory immediately after this one, choose “Create Another Directory.” 7 To create another directory with the name you entered, choose “Create.” The new directory is created. You are returned to the browser.
Managing the NetWare Services File System Creating Directories and Copying Files 3 4 Find and select the volume, directory, or subdirectory in which you want to create a new directory by completing the following steps: • If the item you want appears on the list, select it and press . • If the item is not on the list, browse a directory by selecting it and pressing until you see the item you want. Select it and press .
Managing the NetWare Services File System Creating Directories and Copying Files need the Erase right. Procedure 1 From the Windows Program Manager, click on the “NetWare Administrator” icon. 2 Using the browser, select the directory and then select one or more files in that directory that you want to copy or move. To select multiple files, press on the keyboard while clicking on the files. For information about moving around in the browser and selecting objects, choose “Help” from the menu bar.
Managing the NetWare Services File System Creating Directories and Copying Files For more information about Using NetWare Administrator Refer to “NetWare Administrator” in Utilities Reference Copying or Moving Files Using FILER Prerequisites • A workstation running DOS 3.30 or later and FILER. • A minimum of 512 KB of memory available on the workstation. • The File Scan right to the source directory and the Create right to the destination directory.
Managing the NetWare Services File System Creating Directories and Copying Files complete the following steps. a Select the directory and press . b Select the option you want from the “Subdirectory Options” menu. c At the prompt, type in the complete path to the destination directory, or press to search for the destination directory. d Press to start the copy or move process. The progress of the transaction is shown in an information box.
Managing the NetWare Services File System Creating Directories and Copying Files For more information about Refer to “Attributes,” “Effective rights,” “Inherited Rights Filter,” “Rights,” and “Security” in Concepts Using FILER 3-30 “FILER” in Utilities Reference
Managing the NetWare Services File System Loading Operating Systems and Applications onto the Network Loading Operating Systems and Applications onto the Network You may want to load workstation operating system (OS) files on the network to save workstation disk space or to allow diskless workstations to log in to the network.
Managing the NetWare Services File System Loading Operating Systems and Applications onto the Network MD MSDOS CD MSDOS MD 50 CD 50 2 Load DOS. Follow the instructions in the DOS documentation to load the DOS software into the directory you created. 3 In the system login script, map the second search drive to the DOS directory. If all users have the same types of computers and are using the same version of DOS, you will probably have only one DOS directory.
Managing the NetWare Services File System Loading Operating Systems and Applications onto the Network For more information about Refer to Login scripts Chapter 5, “Customizing the User Environment” Running DOS on a workstation NetWare Client for DOS/Windows User Guide Loading Windows onto the Network You can load Windows onto a network in several ways. • Load all Windows files on a user’s local hard drive. • Load Windows program files on the server, and load user files on local hard drives.
Managing the NetWare Services File System Loading Operating Systems and Applications onto the Network File Function NETWARE.DRV NetWare device driver. Contains executable code for NetWare-related functions. NETWARE.HLP Help file for NETWARE.DRV. NETWARE.INI Initialization file for NETWARE.DRV and other Windows utilities for NetWare. Automatically created by NETWARE.DRV. NWPOPUP.EXE Handler for broadcast messages. VNETWARE.386 Virtual NetWare device driver.
Managing the NetWare Services File System Loading Operating Systems and Applications onto the Network Loading and Setting Up Windows Prerequisites • A workstation running DOS 3.30 or later • The Supervisor or Create right to the directory where you are loading Windows • A licensed network copy of Windows 3.1 or later • 16 MB of available disk space • NetWare Client for DOS and Windows Procedure 1 Install Windows server software using the SETUP /A option.
Managing the NetWare Services File System Loading Operating Systems and Applications onto the Network MAP INS P:=SYS:USERS\%LOGIN_NAME\WIN31 MAP INS S16:=SYS:APPS\WINAPPS\WIN31 SET TEMP = “P:\USERS\%LOGIN_NAME\WIN31\TEMP” END 6 Set up the workstations by completing the following steps. a Change to the search drive mapped to the Windows directory. Enter the drive letter only. b Modify the user AUTOEXEC.BAT and CONFIG.
Managing the NetWare Services File System Loading Operating Systems and Applications onto the Network application. • Follow the instructions in the application’s documentation for loading the application onto a network. • Make sure the application is designed for network (multiuser) use, and that you observe any licensing restrictions on the number of users who can access the application.
Managing the NetWare Services File System Loading Operating Systems and Applications onto the Network When you are ready to assign file and directory attributes and rights, see “Making the File System Secure and Accessible” in this chapter. Use the FLAG utility to assign rights as follows: • Assign the Shareable and Read-Only attributes to application and workstation operating-system files. • Assign the Execute Only attribute to executable files for which you keep permanent backups.
Managing the NetWare Services File System Creating and Using Directory Map Objects Creating and Using Directory Map Objects Directory map objects make it easier to find applications and files within a directory structure. You can create these objects by using either NetWare Administrator or NETADMIN. Both procedures are described in this section. How to Use Directory Map Objects A Directory Map object is an object that represents a particular directory in the file system.
Managing the NetWare Services File System Creating and Using Directory Map Objects Additional Information For more information about Refer to Creating login scripts Chapter 5, “Customizing the User Environment” Mapping drives to Directory Map objects in login scripts “MAP” in Chapter 5 Using the MAP utility “MAP” in Utilities Reference Creating a Directory Map Object Using NetWare Administrator Prerequisites • A 386 or later workstation and NetWare Administrator • The Create object right to the
Managing the NetWare Services File System Creating and Using Directory Map Objects object will point. You can type in the path, or you can choose the browser button to the right of the “Path” field to browse for the directory to which the Directory Map object will point. If the Directory Map Object will point to the root of the specified Volume, leave the “Path” field blank.
Managing the NetWare Services File System Creating and Using Directory Map Objects 2 From the “NetAdmin Options” menu, choose “Manage Objects.” 3 Find the Organization or Organizational Unit object that will contain the Directory Map object. Browse the Directory tree by selecting objects and pressing . When you find the object that will contain the Directory Map object, select it and press . 4 Press . 5 From the “Select an Object Class” menu, choose “Directory Map.
Managing the NetWare Services File System Making the File System Secure and Accessible Making the File System Secure and Accessible Ensuring filesystem security is essential when hundreds of thousands of users are accessing directories and files on a NetWare server daily. The following sections discuss how to add, delete, and modify owners, trustee rights, and attributes for directories and files.
Managing the NetWare Services File System Making the File System Secure and Accessible Directory and File Attributes Directory and file attributes assign properties to individual directories or files. Some are only meaningful when applied at the file level. Some apply to both the directory and the file levels. Not all attributes are supported on the NetWare server (see Table 3-6). Be careful when assigning directory and file attributes. Attributes apply to all users and can supersede trustee rights.
Managing the NetWare Services File System Making the File System Secure and Accessible Table 3-6 Attribut Directory and File Attributes Description Applies to Ic* Immediate Compress sets data to be compressed as soon as a file is closed. If it is applied to a directory, every file in the directory is compressed as it is closed. Directories and files N Normal indicates the Read/Write attribute is assigned and the Shareable attribute is not. This is the default attribute assignment for all new files.
Managing the NetWare Services File System Making the File System Secure and Accessible Adding a Trustee Using NetWare Administrator Prerequisites • A 386 or later workstation and NetWare Administrator • The Access Control right to the file or directory to which you want to add the trustee Procedure 1 From the Windows Program Manage, click on the “NetWare Administrator” icon. 2 Using the browser, select the directory or file to which you want to add a trustee.
Managing the NetWare Services File System Making the File System Secure and Accessible Adding a Trustee Using FILER Prerequisites • A workstation running DOS 3.30 or later and FILER • A minimum of 512 KB of memory available in the workstation • Access Control right to the file or directory to which you want to add the trustee Procedure 1 At the DOS prompt, type FILER A list of available options appears.
Managing the NetWare Services File System Making the File System Secure and Accessible Press until you get to the “View/Set File [or Directory] Information” screen and then repeat Steps 5 and 6. 8 (Optional) Assign rights to the new trustee. You can assign or modify trustee rights now, or at any time after the trustee has been assigned to the directory or file. a From the trustee list, select the user you want to assign or modify rights for and press .
Managing the NetWare Services File System Making the File System Secure and Accessible Deleting a Trustee Using NetWare Administrator Prerequisites • A 386 or later workstation and NetWare Administrator • The Access Control right to the file or directory to which you want to delete the trustee Procedure 1 From the Windows Program Manager, click on the “NetWare Administrator” icon. 2 Using the browser, select a directory or file from which you want to delete a trustee.
Managing the NetWare Services File System Making the File System Secure and Accessible trustee Procedure 1 At the DOS prompt, type FILER A list of available options appears. Your current context, Volume object, and path are shown in the upper left corner of the screen. 2 Select “Manage Files and Directories.” The “Directory Contents” list appears. 3 4 Find and select the file or directory you want. • If the item you want appears on the list, select it and press .
Managing the NetWare Services File System Making the File System Secure and Accessible Modifying a Trustee’s Rights to a Directory or File You can modify trustee rights to a directory or file using NetWare Administrator or FILER. Both procedures are described in this section.
Managing the NetWare Services File System Making the File System Secure and Accessible Modifying a Trustee’s Rights Using FILER Prerequisites • A workstation running DOS 3.30 or later and FILER • A minimum of 512 KB of memory available on the workstation • The Access Control right to the file or directory for which you want to change the trustee rights Procedure 1 At the DOS prompt, type FILER A list of available options appears.
Managing the NetWare Services File System Making the File System Secure and Accessible 9 To exit, press . The new rights appear next to the trustee name.
Managing the NetWare Services File System Making the File System Secure and Accessible The “Trustees” dialog box reappears. 7 To return to the browser, choose “OK.
Managing the NetWare Services File System Making the File System Secure and Accessible until you see the item you want. Select it and press . • 4 If you cannot find what you want, check the Volume object name in the upper left corner of the screen. If you are in the wrong Volume, you can change it by returning to the “Available Options” menu and choosing “Select Current Directory.” Select “View/Set File [or Directory] Information” and press .
Managing the NetWare Services File System Making the File System Secure and Accessible Changing Attributes Using NetWare Administrator Prerequisites • A 386 or later workstation and NetWare Administrator • The Modify right to the file or directory whose attributes you want to change Procedure 1 From the Windows Program Manager, click on the “NetWare Administrator” icon. 2 Using the browser, select a directory or file.
Managing the NetWare Services File System Making the File System Secure and Accessible 1 At the DOS prompt, type FILER A list of available options appears. Your current context, Volume object, and path are shown in the upper left corner of the screen. 2 Select “Manage Files and Directories.” The “Directory Contents” list appears. 3 4 Find and select the file or directory you want. • If the item you want appears in the list, select it and press .
Managing the NetWare Services File System Making the File System Secure and Accessible For more information about File and directory attributes Refer to “Directory and File Attributes” in this chapter “Attributes” in Concepts Using FILER “FILER” in Utilities Reference Changing the Owner of a Directory or File You can change the owner of a directory or file using NetWare Administrator or FILER. Both procedures are described in this section.
Managing the NetWare Services File System Making the File System Secure and Accessible Additional Information For more information about Objects Refer to Chapter 2, “Setting Up and Managing NetWare Directory Services Objects” “Objects” in Concepts Using NetWare Administrator “NetWare Administrator” in Utilities Reference Changing the Owner Using FILER Prerequisites • A workstation running DOS 3.
Managing the NetWare Services File System Making the File System Secure and Accessible Information for the file or directory appears. The current owner of the file or directory appears in the “Owner” field. 5 Use the arrow keys to move to the “Owner” field and press . 6 Select the user that you want to be the owner of the file or directory and press . For directories only, apply the change of ownership to either the entire subdirectory structure or to the selected directory.
Managing the NetWare Services File System Viewing Effective Rights and Other Information Viewing Effective Rights and Other Information You can see the effective rights a trustee has to a directory or file using NetWare Administrator or FILER. Both procedures are described in this section.
Managing the NetWare Services File System Viewing Effective Rights and Other Information Additional Information For more information about Refer to Effective rights “Effective rights” in Concepts Using NetWare Administrator “NetWare Administrator” in Utilities Reference Viewing a Trustee’s Effective Rights Using FILER Prerequisites • A workstation running DOS 3.
Managing the NetWare Services File System Viewing Effective Rights and Other Information 5 Use the arrow keys to move to the “Trustees” field and press . A list of trustees for the file or directory appears, along with the object type of the trustee and the current rights the trustee has to the file or directory. If the trustee list is empty, no effective rights exist for this file or directory. To assign trustee rights, see “Adding a Trustee Using FILER” in this chapter.
Managing the NetWare Services File System Viewing Other Information about a Directory or File Viewing Other Information about a Directory or File You can view extended information about a directory or file using NetWare Administrator or FILER or NDIR, such as • Owner and trustees • Attributes, effective rights, and IRF • Name space • File size (files only) • Creation, access, archive, and modify dates (files only) • Creation date and time (directories only) • Disk-space limitations (directorie
Managing the NetWare Services File System Viewing Other Information about a Directory or File return to the browser. Additional Information For more information about Using NetWare Administrator Refer to “NetWare Administrator” in Utilities Reference Viewing Other Information Using FILER Prerequisites • A workstation running DOS 3.
Managing the NetWare Services File System Viewing Other Information about a Directory or File Information for the file or directory appears. 5 To exit, press until the menu you want appears.
Managing the NetWare Services File System Viewing Other Information about a Directory or File Table 3-7 Using NDIR to Get File and Directory Information To get information about Use this NDIR command Files only NDIR path /FO Directories only NDIR path /DO All subdirectories NDIR path /S Volumes NDIR /VOL Directory space NDIR /SPA File version NDIR /VER File details NDIR filename /D For more information about the NDIR utility, see “NDIR” in Utilities Reference.
Managing the NetWare Services File System Viewing Other Information about a Directory or File 3-68
4 Managing the NetWare Directory Services Tree 4-1
Managing the NetWare Directory Services Tree Introduction Introduction This chapter provides information on NetWare® Directory Services™ (NDS™), including the following: • How to set up after NDS is installed • How to work with NDS partitions and replicas • How to remove or re-install NDS • How to delete an NDS object from the NDS database • How to import data into NDS • How to repair the NDS database • How to manage NDS synchronization 4-2
Managing the NetWare Directory Services Tree About NetWare Directory Services About NetWare Directory Services NetWare Directory Services (NDS) is a distributed database that provides global access to all network resources regardless of where they are located physically. Users log in to a multiserver network and view the entire network as a single information system. This single information system is the basis for increased productivity and reduced administrative costs.
Managing the NetWare Directory Services Tree General NetWare Directory Services Setup General NetWare Directory Services Setup You set up NetWare Directory Services from your server console. Prerequisites • Access to the server console • Superuser permission to use the System Administration Manager (SAM) Procedure 1 At the HP-UX prompt, type: sam 2 Double click Networking and Communications at the SAM main window. 3 Double click NetWare at the Networking and Communications window.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions Creating and Managing Directory Services Partitions This section explains how to set up NDS partitions and replicas on your servers. About Partitions and Replicas A partition is a part of the total Directory tree and contains at least one container and its associated leaf objects. When a partition is subordinate to another in the Directory tree, it is referred to as a child partition.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions Replica Description Read/Write Partition information can be read from and written to this replica. For example, it can be used to log in, add or delete objects, and view directory information. Read-Only Partition information can be read from this replica, but it cannot be written to by anything other than a read/write or master replica.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions These default settings ensure that bindery services will work correctly for networks running both NetWare 3™ and NetWare 4 software.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions Having too many replicas may slow down your network because it will be busy synchronizing. • You can have only one master replica. Because partition and replica management is such a vital part of managing your network, you should read Chapter 9 , “Managing NetWare Directory Services,” of Introduction to NetWare Directory Services before you use the Partition Manager utilities.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions installed? • Which server is Single Reference, which is Primary, and which servers are Secondary? • How are the replicas set up? How many are there? On which servers do they exist? Which replicas are master? Read/write? Read-only? Subordinate? • How are your partitions set up? Which partitions are the parents? Which partitions are the children? After all of your partitions and replicas are set up, you can
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions NOTE: You can also limit rights to PARTMGR (in DOS) by restricting rights to PARTMGR.EXE or by removing it from SYS:PUBLIC and placing it in your path or in a directory to which you have a search drive mapped. Creating a New Partition A partition consists of one or more container objects and their associated leaf objects. It cannot contain only leaf objects.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions Creating a Partition Using NetWare Administrator Prerequisites • A 386 or later workstation and NetWare Administrator • A minimum of 6 MB of memory available on the workstation • The Supervisor object right to the container object you are partitioning Procedure 1 From the Windows Program Manager, click on the “NetWare Administrator” icon. 2 From the “Tools” menu, select “Partition Manager.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions If you want to make additional replicas of this partition, see “Creating a Replica” in this chapter.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions A master replica is stored on the server where the parent partition’s master replica resides. An icon appears next to the Organization (O) or Organizational Unit (OU) to show that the container is the root of a partition. To see where the master replica is stored, select the Organization (O) or Organizational Unit (OU) that you just partitioned, and then choose “View/Edit Replicas.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions Merging Partitions Using NetWare Administrator Prerequisites • A 386 or later workstation and NetWare Administrator • A minimum of 6 MB of memory available on the workstation • The Supervisor object right to the object and its parent partition Procedure 1 From the Windows Program Manager, click on the “NetWare Administrator” icon. 2 Choose “Partition Manager” from the “Tools” menu.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions For more information about Refer to Partitions “Partition, Directory Services,” “Partition management,” and “Replica” in Concepts Using NetWare Administrator “NetWare Administrator” in Utilities Reference Merging Partitions Using PARTMGR Prerequisites • A workstation running DOS 3.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions For more information about Refer to Partitions “Partition, Directory Services,” “Partition management,” and “Replica” in Concepts Using PARTMGR “PARTMGR” in Utilities Reference Moving a Partition You can move a container object only if it is the root of a Directory partition that has no subordinate partitions. Moving a container is really moving a partition.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions Moving a Partition Using NetWare Administrator Prerequisites • A workstation running Windows 3.1 and NetWare Administrator • The Supervisor right to the object you want to move • The Create object right to the destination container Procedure 1 From the Windows Program Manager, click on the “NetWare Administrator” icon. 2 From the “Tools” menu, choose “Partition Manager.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions This might also cause client workstations to fail at login if the NAME CONTEXT parameter in the NET.CFG file is set to the original location in the Directory tree. Because the context of an object changes when you move it, users whose name context in their configuration file (NET.CFG file) references the moved object need to update their NET.CFG so that it references the object’s new name.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions Moving a Partition Using NETADMIN Prerequisites • A DOS workstation running DOS 3.30 or later and NETADMIN • The Create object right to the destination container Procedure 1 At the DOS prompt, type NETADMIN For information on moving around in NETADMIN and selecting objects, press after starting the utility.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions twice to browse the Directory tree for the destination container; then select the destination container and press . 7 To accept the new context as the destination container, press . 8 To confirm that you want to move the object listed in the “Old Context” field to the container listed in the “New Context” field, press the key.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions Aborting a Partition Operation If you have begun the process of creating, merging, or moving a partition, or changing a replica type, you can often abort the process, because partition operations take time. You can abort a partition operation only before the operation is in its final stages. You should use this feature if you begin a partition operation and find that your database will not synchronize.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions 4 Select the partition that is executing a partition operation and choose “Abort Partition Operation.” As long as at least one of the replicas has not yet completed the operation (as shown in the “State” box), you can abort the operation. 5 To abort the partition operation, choose “Abort” and then choose “Yes.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions 4 Choose “Abort Partition Operation.” A list of the replicas of the selected partition appears. Each replica’s type and state are also displayed. As long as at least one of the replicas has not yet finished the operation you began, you can abort the operation. If the state of the replica is “On,” all operations are complete and cannot be aborted.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions Creating a Replica Using NetWare Administrator Prerequisites • A 386 or later workstation and NetWare Administrator • A minimum of 6 MB of memory available on the workstation • The Supervisor object right to the object at the root of the partition Procedure 1 From the Windows Program Manager, click on the “NetWare Administrator” icon. 2 Select “Partition Manager” from the “Tools” menu.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions For more information about Refer to Partitions “Partition, Directory Services,” “Partition management,” and “Replica” in Concepts Using NetWare Administrator “NetWare Administrator” in Utilities Reference Creating a Replica Using PARTMGR Prerequisites • A workstation running DOS 3.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions at the top of the screen. c At the “Store on Server” field, press . d Type the name of the server to which you want to add the replica, or press to select a server from the browser. e To create the replica, press or and choose “Yes.” The new replica appears on the list of replicas for the server.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions icon. 2 Select “Partition Manager” from the “Tools” menu. 3 Browse the “Partition Manager” screen to locate the partition whose replica you want to delete. If the object where the container is stored does not appear in the window, browse the Directory tree either by selecting an object to see its subordinates or by choosing the arrow key to move toward the Root.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions Procedure 1 At the DOS prompt, type PARTMGR 2 From the “Partition Administration” menu, choose “Manage Partitions.” Your current context appears in the upper left corner of the screen. 3 4 Select the partition that has a replica you want to delete. • If the partition appears on the list, select it and press .
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions Sending Updates to Other Replicas Although NDS automatically synchronizes the directory data of replicas (so that each replica contains the most recent data), you can manually start the process to synchronize (update) the directory data of replicas, if necessary. You should use the Directory Services Repair utility to discover whether the data in some replicas is out of sync with the master replica.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions Replicas.” The updated data is sent to all existing replicas of the same partition. Additional Information For more information about Refer to Partitions “NetWare Directory partition,” ”Partition management,” and “Replica” in Concepts Using NetWare Administrator “NetWare Administrator” in Utilities Reference Sending Updates Using PARTMGR Prerequisites • A workstation running DOS 3.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions 7 To send updates to all the other replicas, choose “Yes.” The replica information is sent to all other replicas of the partition (including the master replica).
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions to which you want to send updates Procedure 1 From the Windows Program Manager, click on the “NetWare Administrator” icon. 2 From the “Tools” menu, choose “Partition Manager.” 3 Browse the “Partition Manager” screen to locate the partition whose replicas you want to update.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions PARTMGR 2 From the “Partition Administration” menu, choose “Manage Partitions.” Your current context appears in the upper left corner of the screen. 3 4 Select the partition whose replicas you want to update. • If the partition appears on the list, select it and press .
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions Listing Partitions Using NetWare Administrator Prerequisites • A 386 or later workstation and NetWare Administrator • A minimum of 6 MB of memory available on the workstation • The Write property right to the ACL property of the NetWare server object for the partitions you want to view Procedure 1 From the Windows Program Manager, click on the “NetWare Administrator” icon.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions Listing Partitions Using PARTMGR Prerequisites • A workstation running DOS 3.30 or later and PARTMGR • A minimum of 512 KB of memory available on the workstation • The Write property right to the ACL property of the NetWare Server object for the partitions you want to view Procedure 1 At the DOS prompt, type PARTMGR 2 From the “Partition Administration” menu, select “Manage Partitions.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions Listing Replicas Using NetWare Administrator Prerequisites • A 386 or later workstation and NetWare Administrator • A minimum of 6 MB of memory available on the workstation • The Write property right to the ACL property of the NetWare Server Object for the replicas you want to view Procedure 1 From the Windows Program Manager, click on the “NetWare Administrator” icon.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions Listing Replicas Using PARTMGR Prerequisites • A workstation running DOS 3.30 or later and PARTMGR • A minimum of 512 KB of memory available on the workstation • The Write property right to the ACL property of the NetWare Server object for the replicas you want to view Procedure 1 At the DOS prompt, type PARTMGR 2 From the “Partition Administration” menu, choose “Manage Partitions.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions Viewing a List of Partitions in a Directory Tree You can see a list of all partitions to which you have Browse rights in an NDS tree using NetWare Administrator. Prerequisites • A 386 or later workstation and NetWare Administrator • A minimum of 6 MB of memory available on the workstation Procedure 1 From the Windows Program Manager, click on the “NetWare Administrator” icon.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions You can change a replica’s type using NetWare Administrator or PARTMGR. Both procedures are documented in this section.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions Additional Information For more information about Refer to Partitions “NetWare Directory partition,” “Partition management,” and “Replica” in Concepts Using NetWare Administrator “NetWare Administrator” in Utilities Reference Changing a Replica’s Type Using PARTMGR Prerequisites • A workstation running DOS 3.
Managing the NetWare Directory Services Tree Creating and Managing Directory Services Partitions The new replica type appears on the list and on the “Partition Replicas” screen. If you changed a replica type to a master and a master replica already existed, the replica you just changed to master is now the master replica and the old master replica is changed automatically to a read/write replica.
Managing the NetWare Directory Services Tree Removing NetWare Directory Services from a Server Removing NetWare Directory Services from a Server You may want to remove NDS from an existing server if you mistakenly installed it into the wrong Directory tree or into the wrong Organization or Organizational Unit in the tree. This section discusses how to safely remove NDS. Considerations Before Removing NDS Removing NDS from a server may corrupt your NDS database.
Managing the NetWare Directory Services Tree Removing NetWare Directory Services from a Server WARNING: Removing NDS may corrupt your Directory database. You must remove NDS if you are reformatting this server’s hard drive. Do not remove NDS unless Technical Support advises you to remove NDS from the server. Removing NDS from a Server Prerequisites • Access to the server console and superuser privileges. • The Supervisor object right to the NetWare Server object and its associated Volume objects.
Managing the NetWare Directory Services Tree Removing NetWare Directory Services from a Server Directory Services Install removes NDS and deletes the Server object and Volume objects associated with it from the Directory database. If a Directory link is down (such as another server containing objects from this server), you must use Partition Manager to delete the Server and Volume objects from the Directory database.
Managing the NetWare Directory Services Tree Removing NetWare Directory Services from a Server 4 To exit Directory Services Install, return to the dsinstall main menu and select “Exit.
Managing the NetWare Directory Services Tree Deleting a NetWare Server Object from the NDS Database Deleting a NetWare Server Object from the NDS Database The following sections show you how to delete NetWare Server objects from NDS using either NetWare Administrator in Windows or PARTMGR in DOS. Both procedures are described in this section.
Managing the NetWare Directory Services Tree Deleting a NetWare Server Object from the NDS Database Deleting a NetWare Server Object Using NetWare Administrator Prerequisites • A 386 or later workstation and NetWare Administrator. • A minimum of 6 MB of memory available on the workstation. • The Supervisor object right to the container of the server object you want to delete. • Create a new master replica (if a master replica is stored on the NetWare Server object).
Managing the NetWare Directory Services Tree Deleting a NetWare Server Object from the NDS Database For more information about Using NetWare Administrator Refer to “NetWare Administrator” in Utilities Reference Deleting a NetWare Server Object Using PARTMGR Prerequisites • A workstation running DOS 3.30 or later and PARTMGR. • A minimum of 512 KB of memory available on the workstation. • The Supervisor right to the container of the Server object you want to delete.
Managing the NetWare Directory Services Tree Deleting a NetWare Server Object from the NDS Database For more information about Refer to Deleting objects from the NDS database “Deleting Objects from the Directory Tree” in chapter 2 Using PARTMGR “PARTMGR” in Utilities Reference 4-49
Managing the NetWare Directory Services Tree Importing User Information into the NDS Database Importing User Information into the NDS Database The UIMPORT utility allows you to import data from an existing database into the NDS database. This utility is particularly valuable if you have hundreds or thousands of user records that you want to record in NDS without having to re-create each user manually. Any application capable of converting records to a comma-separated ASCII file will work with UIMPORT.
Managing the NetWare Directory Services Tree Importing User Information into the NDS Database generate Database Login name: Jsmith Last name: Smith First name: John Group: Testing Data file "Jsmith","Smith","John", "Testing","Tester","555-5678" UIMPORT Jsmith create Import control file Fields name last name Title: Tester given name Telephone 555-5678 title Figure 4-7 NetWare Directory Services group membership telephone User object with properties Jsmith Smith John Testing Tester 555-5678 n
Managing the NetWare Directory Services Tree Importing User Information into the NDS Database Generate Delimiter Separator Figure 4-8 "Jsmith","Smith","John","Testing","Tester","55 Mbarr , Ba "Mbarr","Jones","Mike","Customer Satisfaction "Bclark","C "Dcorrive","Clark","Betty","Services","Project "Bgashler","Porter","Amy","Marketing","Writer, "Aporter","G "Jseinfel","Grant","Jerry","Designer", 555-344 "Jgrant","G Generate a Data File If you need instructions on how to save your data as a delimited ASCI
Managing the NetWare Directory Services Tree Importing User Information into the NDS Database Since embedded quotation marks and commas are the most commonly found punctuation in database fields, here are some guidelines, grouped according to four situations you might encounter, to help you avoid problems in generating a data file: • You have both embedded quotation marks and embedded commas that you do not want to delete.
Managing the NetWare Directory Services Tree Importing User Information into the NDS Database However, if your application uses quotation marks as the default delimiter, you must change the delimiter to a different character or tell your application to use no delimiter. If you use a different character, you must specify in the import control file the replacement character you use. (See Table 4-1.) Required “Name” Field One of the fields required to create new user objects in the NDS database is name.
Managing the NetWare Directory Services Tree Importing User Information into the NDS Database Import control Separator=^ User template=y Fields Last name Name Telephone Title • Control and field parameters are not case-sensitive. The headings “Import Control” and “Fields” must be left aligned (you do not have to specify import control parameters if you use the defaults). • Entries under the headings must be preceded by at least one space or a tab.
Managing the NetWare Directory Services Tree Importing User Information into the NDS Database For more information about Refer to Creating and managing User objects Chapter 2, “Setting Up and Managing NetWare Directory Services Objects” Starting the import process “Creating User Objects with the UIMPORT Utility” in this chapter NetWare Directory Services “NetWare Directory Services” in Concepts, and Introduction to NetWare Directory Services Control Parameters Use the application control parameters
Managing the NetWare Directory Services Tree Importing User Information into the NDS Database Table 4-1 UIMPORT Control Parameters Control Parameter Delete Mailbox Dirs Explanation To delete the mailbox directories, type DELETE MAILBOX DIRS=Y. Allows you to delete the mailbox directories when moving a user’s mailbox from one messaging server to another or changing the mailbox ID of a user. The default is “N”; so if you don’t want to delete the mailbox directories, no parameter is needed.
Managing the NetWare Directory Services Tree Importing User Information into the NDS Database Table 4-1 UIMPORT Control Parameters Control Parameter Home directory path Explanation If you create a home directory for User objects, you must specify a path in the file system where you want the directories to be created. This and the Home directory volume must be entered as a pair. If you specify a Home directory volume, the path will be assumed to be null unless this field is also specified.
Managing the NetWare Directory Services Tree Importing User Information into the NDS Database Table 4-1 UIMPORT Control Parameters Control Parameter Import mode Explanation Controls how the User objects will be created or updated. Options are C (create new objects only), U (update data for existing objects only), B (both create and update), and R (remove objects). The default is “B”, so if you want new objects to be created and existing users updated, no parameter is needed.
Managing the NetWare Directory Services Tree Importing User Information into the NDS Database Table 4-1 UIMPORT Control Parameters Control Parameter Quote Explanation The default characters for delimiters are quotation marks (“ ”). If you don’t have embedded quotation marks in fields in your database and you generate the data file with quote delimiters, no parameter is needed. Specifies the character used to delimit fields when exporting data to the data file.
Managing the NetWare Directory Services Tree Importing User Information into the NDS Database Table 4-1 UIMPORT Control Parameters Control Parameter User template Explanation Specifies whether you want user template defaults to be applied to the User objects being created. (User template defaults are explained in “Managing User Templates” in chapter 2.) To apply template properties to User objects, type USER TEMPLATE=Y.
Managing the NetWare Directory Services Tree Importing User Information into the NDS Database Table 4-2 UIMPORT Field Definitions Property Property description Account balance Single-value property. In the data file, enter the beginning account balance for the user. If accounting is not turned on, this field has no use. Account disabled Single-value property. In the data file, enter Y if you want to disable this account. If you enter Y, you can’t modify Password or Login script.
Managing the NetWare Directory Services Tree Importing User Information into the NDS Database Table 4-2 UIMPORT Field Definitions Property Property description Department Multivalue property. In the data file, enter the department name, code, number, or other type of information. Description This field is a string; all data from the opening to the closing quotation mark is considered part of the field. Single-value property.
Managing the NetWare Directory Services Tree Importing User Information into the NDS Database Table 4-2 UIMPORT Field Definitions Property Property description Full name Single-value property. In the data file, enter the user’s full name. For example: in your data file you could enter a field such as Roland D Bruns. Generational qualifier Single-value property. In the data file, enter the generational qualifier for the user’s name. Usually this is Jr., Sr., II or III.
Managing the NetWare Directory Services Tree Importing User Information into the NDS Database Table 4-2 UIMPORT Field Definitions Property Language Property description Multiple-value property. In the data file, enter the language directories to be searched to find the message files for NetWare utilities for this user. If more than one language directory should be searched, enter multiple language fields. The order is important.
Managing the NetWare Directory Services Tree Importing User Information into the NDS Database Table 4-2 UIMPORT Field Definitions Property Property description Mailbox location Single-value property. In the data file, enter the name of the messaging server on which the user’s mailbox is located. If the messaging server is not in the same context as the user, enter the complete NDS name of the messaging server.
Managing the NetWare Directory Services Tree Importing User Information into the NDS Database Table 4-2 UIMPORT Field Definitions Property Property description Name Single-value property. A value is required for this field. In the data file, enter any unique username. For example, you can use a student or employee identification number as the login name. This field is the user’s login name in NDS. Other names Multiple-value property.
Managing the NetWare Directory Services Tree Importing User Information into the NDS Database Table 4-2 UIMPORT Field Definitions Property Property description See also Multiple-value property. Enter in the data file any other related objects. Enter the complete NDS name of the object if it is not in the same context as the User object. Skip This is a unique processing option for UIMPORT. The values in the data file that correspond to Skip fields are ignored by UIMPORT.
Managing the NetWare Directory Services Tree Importing User Information into the NDS Database Table 4-2 UIMPORT Field Definitions Property Volume restrictions Property description Single-value property. In the data file, enter the name of the Volume object and the space restrictions on that volume in the following format: Volume object name:Restriction amount To remove volume restrictions, enter –1 (or any other negative number) for the restriction amount.
Managing the NetWare Directory Services Tree Importing User Information into the NDS Database NetWare Services UIMPORT Field Name 4.
Managing the NetWare Directory Services Tree Importing User Information into the NDS Database Cumulative grade point average: Department: Data File Created from Exported Database Fields When you export your database records to a comma-separated ASCII file, the records appear in the data file as shown here: “Jones”,“Adam”,“J”,“111 South 8th East”,“Salt Lake City”,“Utah”,“84007”,“2345”,“Sophomore”,“Environmental Engineering”,“2.
Managing the NetWare Directory Services Tree Importing User Information into the NDS Database Mailing label information Name Skip Skip Skip Department Note how the Name field corresponds to a student ID number. When the ID number is imported into NDS, it will become the user’s login name—which is the User object name. An alternative to managing numbers is to create a field of unique login names in your data file.
Managing the NetWare Directory Services Tree Importing User Information into the NDS Database !Name context=.ENGINEERING.ACME. !Separator=; Corresponding Changes to the Import Control File After editing the data file, you must change the import control file to reflect the changes you made.
Managing the NetWare Directory Services Tree Importing User Information into the NDS Database See also See also Department Creating User Objects with the UIMPORT Utility Prerequisites • A workstation logged in to the network, running DOS 3.30 or above and using NetWare 4.
Managing the NetWare Directory Services Tree Importing User Information into the NDS Database 4 (Optional) Route import errors to a file. If errors occur during the import process, messages appear on your workstation screen. If you want the messages sent to a file, add the DOS “>filename” option to the command. For example, to route the messages to a file called UIMPORT.LOG in your home directory, use a command similar to the following: UIMPORT [control_file] [data_file] >HOME\PAUL\UIMPORT.
Managing the NetWare Directory Services Tree Repairing the NetWare Directory Database Repairing the NetWare Directory Database The Directory Services Repair (dsrepair) utility is provided with NetWare 4 software to repair problems with NetWare Directory Services on a singleserver basis. It does not correct problems on servers from a single, centralized location. It must be run on each server on which you want to correct Directory database errors.
Managing the NetWare Directory Services Tree Repairing the NetWare Directory Database Some NDS database problems are not fatal and NDS continues to operate. But if the database becomes corrupted, you get a message on the console that the server could not open the local database. In this case, run Directory Services Repair or re-install the NDS database to fix the problem so that the database can be opened.
Managing the NetWare Directory Services Tree Repairing the NetWare Directory Database Option View/Edit Repair Log File Use to Track all operations of the Directory Services Repair utility to a single file. The default log file is SYS:SYSTEM\DS Repair.LOG. You can configure options for the log file by accessing “Log File And Login Configuration” in the “Advanced Options” menu.
Managing the NetWare Directory Services Tree Repairing the NetWare Directory Database Figure 4-9 Directory Services Repair 2 Choose “Unattended full repair.” A window is available to allow you to observe the repairs in process. Following the automatic repair, a message window appears that informs you of the repair status, the total number of errors corrected, and the amount of time used to complete the repair operation. 3 Press to display the error log file.
Managing the NetWare Directory Services Tree Repairing the NetWare Directory Database Prerequisites • Access to the server console • All servers in a Directory tree using the same time source • Administer NetWare Server permission in NetWare 4.1/9000 Procedure 1 Run the dsrepair utility. 2 Choose “Time synchronization.” A window is available to allow you to observe the operations in process. Following the operation, the Directory Services Repair log is displayed within a full-screen text editor.
Managing the NetWare Directory Services Tree Repairing the NetWare Directory Database Field Time +/– Indicates The difference in time between the local server and the selected server in the list. All servers should be within one second of each other; if they are not, they have not been configured properly. This field reports up to 999 minutes and 59 seconds (approximately 16 hours and 30 minutes) in the form minutes:seconds.
Managing the NetWare Directory Services Tree Repairing the NetWare Directory Database The default log file is SYS:SYSTEM\DSREPAIR.LOG. You can change the filename with the “Log File and Login Configuration” option in the “Advanced Options” menu. See “Using the Advanced Options” in this chapter for more information. Prerequisites • Access to NetWare 4.1/9000 • Administer NetWare Server permission to NetWare 4.1 Procedure 1 Run the dsrepair utility. 2 Choose “View/edit repair file log.
Managing the NetWare Directory Services Tree Repairing the NetWare Directory Database View remote server ID list Replica and partition operations Check external references Security equivalence synchronization Global schema update View/Edit repair log file Create a database dump file Return to main menu Refer to the online help in Directory Services Repair for more information and instructions on how to use these options in the Directory Services Repair utility.
Managing the NetWare Directory Services Tree Merging NDS Trees Merging NDS Trees NetWare Services does not support DSMERGE. For information on how to merge two trees, see your native NetWare documentation and software.
Managing the NetWare Directory Services Tree Viewing and Managing NDS Synchronization Status Viewing and Managing NDS Synchronization Status This section explains the NDS Trace feature that you can use from the server console. You should use this feature to do the following: • Determine whether NDS synchronization processes are complete. • Diagnose NDS errors. These errors may appear when you are manipulating NDS objects with the administration utilities.
Managing the NetWare Directory Services Tree Viewing and Managing NDS Synchronization Status 2 To disable tracing, type dsadmin -d off dsadmin -f off Additional Information For more information about Refer to NDS Trace options dsadmin utility in the Utilities Reference NDS system messages System Messages 4-86
5 Customizing the User Environment 5-1
Customizing the User Environment Introduction Introduction This chapter provides steps on how to create login scripts to customize NetWare® users’ workstations and includes the following: • How to create, modify, copy, and print a login script • Common login script commands • Sample login scripts 5-2
Customizing the User Environment About Login Scripts About Login Scripts You can use login scripts to automatically set up your users’ workstation environments whenever they log in to the network. Login scripts are similar to configurable batch files and are executed by the LOGIN utility. You can use login scripts to • Map drives and search drives to directories. • Display messages. • Set environment variables. • Execute programs or menus.
Customizing the User Environment About Login Scripts The LOGIN utility executes the user login script after any container and profile login scripts have executed. A user can have only one user login script. • The default login script is precoded into the LOGIN.EXE command and is not editable. It executes if a user doesn’t have his or her own user login script, even if a container or profile login script exists.
Customizing the User Environment About Login Scripts Since up to three login scripts can execute whenever a user logs in, conflicts can occur. If this happens, the last login script to execute (usually the user login script) overrides any conflicting commands in a previous login script. Login scripts are properties of objects. Table 5-1 shows which objects can contain which login scripts.
Customizing the User Environment About Login Scripts In the previous figure, there are three users: ESAYERS, SWILLIAMS, and MRICHARD. The following table shows which login scripts execute when each of these users logs in.
Customizing the User Environment About Login Scripts You can, however, assign users to more than one Group object. Then use the MEMBER OF “group” identifier variable to specify that different parts of a login script execute, depending on the Group objects to which the user belongs. For more information about using the MEMBER OF “group” identifier variable in login scripts, see “IF…THEN” and “Identifier Variables” in this chapter.
Customizing the User Environment Creating, Modifying, Copying, and Printing Login Scripts Creating, Modifying, Copying, and Printing Login Scripts To create or modify login scripts and to copy one object’s login script into another’s, you can use either NetWare Administrator or NETADMIN. Both procedures are described in this section. If you are logged in to a server running NetWare 2 or NetWare 3 and that server is in a Directory tree, do not create or edit a login script using the SYSCON utility.
Customizing the User Environment Creating, Modifying, Copying, and Printing Login Scripts Table 5-2 Login Script Conventions Subject Convention Minimum login script No minimum. All four types of login scripts are optional. Login scripts can have only one line or they can have many. There are no required commands for login scripts. Case Either uppercase or lowercase is accepted, except that identifier variables enclosed in quotation marks and preceded by a percent sign (%) must be uppercase.
Customizing the User Environment Creating, Modifying, Copying, and Printing Login Scripts Table 5-2 Login Script Conventions Subject Convention Identifier variables Type identifier variables exactly as shown. For the value of an identifier variable to be displayed on the workstation’s screen as part of a WRITE command, you must enclose the identifier in quotation marks and precede it by a percent sign (%). See “Identifier Variables” in this chapter.
Customizing the User Environment Creating, Modifying, Copying, and Printing Login Scripts If the login script you created was a container or user login script, you are finished. If the login script you created was for a Profile object, continue with Step 7. 7 (Profile login scripts only) Using the browser, select the User object that needs to use the profile login script. 8 From the “Object” menu, choose “Details.” 9 Choose the “Login Script” page.
Customizing the User Environment Creating, Modifying, Copying, and Printing Login Scripts Using NetWare Administrator “NetWare Administrator” in Utilities Reference Creating or Modifying a Login Script Using NETADMIN Use the following instructions to create any of the three user-created types of login script (container, profile, or user). Prerequisites • A workstation running DOS 3.
Customizing the User Environment Creating, Modifying, Copying, and Printing Login Scripts 6 Enter the login script commands and information in the login script text box. For a description of all login script commands, see “Login Script Commands and Variables” in this chapter. For login script examples, see “Examples of Login Scripts” in this chapter. 7 To save the login script, press . If the login script you created was a container or a user login script, you are finished.
Customizing the User Environment Creating, Modifying, Copying, and Printing Login Scripts 22 To add the user as a trustee and grant the default property right, press . The User object is added as a trustee of the Profile object and is given the Read right to all of the Profile’s properties. Now you must assign the Browse object right to the User object. 23 Enter the name of the User object.
Customizing the User Environment Creating, Modifying, Copying, and Printing Login Scripts Prerequisities • A 386 or later workstation and NetWare Administrator • The Write property to the object that will contain the login script • The object whose login script you will be working with must already exist (Organization, Organizational Unit, Profile, or User Object) Procedure 1 From the Windows Program Manager, click on the “NetWare Administrator” icon.
Customizing the User Environment Creating, Modifying, Copying, and Printing Login Scripts Prerequisites • A workstation running DOS 3.30 or later and NETADMIN • The Write property to the object that will contain the login script • The object whose login script you will be working with must already exist (Organization, Organizational Unit, Profile, or User Object) Procedure 1 At the DOS prompt, type NETADMIN 2 From the “NetAdmin Options” menu, choose “Manage Objects.
Customizing the User Environment Creating, Modifying, Copying, and Printing Login Scripts 12 Select the object whose login script you want to paste the copied text into. You can either type the object’s complete name and press or press to browse through the Directory tree and choose the name. 13 Select “View or Edit Properties of This Object.” 14 Select “Login Script.” 15 In the login script text box, place the cursor where you want the copied text to appear.
Customizing the User Environment Login Script Commands and Variables Login Script Commands and Variables This section describes the commands you can use in a login script. The commands are presented in alphabetical order. Syntax conventions for login script commands, as shown in Table 5-3, are the same as those for workstation text utilities, with one exception: some login script commands must be preceded by the # symbol.
Customizing the User Environment Login Script Commands and Variables # (Execute External Program) Use the # symbol to execute a program that is external to the login script. Command Format # [path] filename [parameter] Replace path with a drive letter; or, if you have specified NOSWAP on the command line or in the login script, you may replace path with a full directory path beginning with the NetWare volume name. Replace filename with an executable file (files that end in .EXE, .COM, or .
Customizing the User Environment Login Script Commands and Variables command, the # command fails but the rest of the login script executes normally. For more information, see “SWAP” in this chapter. Examples When you want to define a default print queue and printer, you can make the login script execute the NetWare CAPTURE utility. This allows you to send print jobs to a network print queue (named QUEUE_FOR_LASERJET in this example).
Customizing the User Environment Login Script Commands and Variables Using ATTACH Replace server with the name of the NetWare server to which you want to attach. Replace username with the login name. If you do not include the username, the user is prompted for a login name when the ATTACH command is executed from the login script. You can replace password with the correct password for that user and server.
Customizing the User Environment Login Script Commands and Variables CLS Use CLS to clear the display from the workstation’s screen during the login process. Command Format CLS Using CLS When a user logs in, a login script may display messages on the user’s workstation screen. If the CLS command is added to the login script, any messages generated by commands earlier in the login script are cleared from the screen. COMSPEC Use COMSPEC in the login script to execute DOS commands from the network.
Customizing the User Environment Login Script Commands and Variables COMSPEC command to the container login script. • If more than one version of DOS is available on your network, a network directory should exist for each DOS version. In this case, you can put COMSPEC commands in either profile or user login scripts, to make sure each workstation accesses the version of DOS it needs. • If users are running DOS from their local drives, do not add COMSPEC to login scripts.
Customizing the User Environment Login Script Commands and Variables CONTEXT . To move up two levels, enter two periods, and so on. Additional Information For more information about Refer to Context “Context” in Concepts Using the CX utility “CX” in Utilities Reference DISPLAY Use DISPLAY to show the contents of a text file on a workstation’s screen when the user logs in. This command works best with an ASCII file.
Customizing the User Environment Login Script Commands and Variables Example Suppose you put messages in a file called SYSNEWS.TXT, in the directory SYS:PUBLIC\MESSAGES, and you want your users to see this file on their screens when they log in on Mondays. Add the following lines to the container login script: IF DAY_OF_WEEK=“Monday” THEN DISPLAY SYS:PUBLIC\MESSAGES\SYSNEWS.TXT END DOS BREAK Use DOS BREAK to set the + checking level for DOS.
Customizing the User Environment Login Script Commands and Variables DOS SET See “SET” in this chapter. DOS VERIFY Use DOS VERIFY to verify that data written to a local drive is not written to a bad sector and can be read without an error. Command Format DOS VERIFY [ON|OFF] Using DOS VERIFY The DOS COPY and NCOPY commands do not automatically verify that data copied to a local drive can be read after the copy.
Customizing the User Environment Login Script Commands and Variables Using DRIVE Unless this command is in your login script, the default drive is set to the first network drive, which is often assigned to your home directory when you log in. If you don’t want the default drive to be the first network drive, map a drive in the login script to the directory you want to be the default; then use the DRIVE command to change the default drive.
Customizing the User Environment Login Script Commands and Variables Because EXIT stops the login script, make sure you put this command at the end of the login script. You can also use EXIT in an IF…THEN statement so that the login script stops and exits to an external program only if a certain condition exists. If the condition doesn’t exist, the login script skips the EXIT command and continues executing.
Customizing the User Environment Login Script Commands and Variables Additional Information For more information about Refer to Changing the machine name in NET.CFG NetWare Client for DOS/Windows User Guide Creating a menu Chapter 6, “Creating Menus” FDISPLAY Use FDISPLAY to show the text of a word-processing file on a workstation’s screen when the user logs in. To display both the text and the printer and word-processing codes of a file, or to display an ASCII file, see “DISPLAY” in this chapter.
Customizing the User Environment Login Script Commands and Variables FDISPLAY SYS:PUBLIC\MESSAGES\SYSNEWS.TXT END FIRE PHASERS Use FIRE PHASERS to signal the workstation to emit a phaser sound. Command Format FIRE n Replace n with the number of times you want this sound to occur. Using FIRE PHASERS Use this command alone to generate the phaser sound whenever a user logs in.
Customizing the User Environment Login Script Commands and Variables GOTO Use GOTO to execute a portion of the login script out of the regular sequence. Command Format GOTO label Use label to indicate where the login script should continue executing. Using GOTO Set BREAK ON in your login script before experimenting with GOTO loops so that you can break out of a login script if necessary. For more information about the BREAK login script command, see “BREAK” in this chapter.
Customizing the User Environment Login Script Commands and Variables IF…THEN Use IF…THEN when you want the login script to perform an action only under certain conditions. Command Format IF conditional [AND|OR [conditional]] THEN commands [ELSE command] [END] Replace conditional with identifier variables. For more information about identifier variables, see “Identifier Variables” in this chapter.
Customizing the User Environment Login Script Commands and Variables a separate line. • If you include a WRITE command as part of the IF…THEN command, the WRITE command must be on a separate line. • IF…THEN statements can be nested (up to 10 levels). However, GOTO should not be used in a nested IF…THEN statement to enter or exit from the body of an IF…THEN statement. • If your IF…THEN statement consists of only one line, even if that line wraps, you do not need to include END.
Customizing the User Environment Login Script Commands and Variables END • The following command executes the CAPTURE utility on the fourth day of the week (Wednesday): IF NDAY_OF_WEEK=“4” THEN #CAPTURE Q=FAST_Q NB TI=10 NFF END • The following example shows nested IF…THEN statements. Notice that there are two IF statements, so each one must have its own END statement.
Customizing the User Environment Login Script Commands and Variables For more information about Refer to Using identifier variables “Identifier Variables” in this chapter Using the WRITE login script command to display messages “WRITE” in this chapter INCLUDE Use INCLUDE to execute independent files or another object’s login script as a part of the login script currently being processed.
Customizing the User Environment Login Script Commands and Variables INCLUDE nesting is limited only by available memory. This means that one subscript file can include another subscript file, which can include yet another subscript file, and so on. If the subscript is a text file, users must have at least File Scan and Read rights to the directory containing the subscript.
Customizing the User Environment Login Script Commands and Variables Figure 5-2 Using INCLUDE in a Login Script LASTLOGINTIME Use LASTLOGINTIME to display the last time the user logged in. Command Format LASTLOGINTIME Using LASTLOGINTIME If you include this command in your login script, the time of the last login is displayed on the user’s workstation screen. MACHINE Use MACHINE to set the DOS machine name (such as IBM or EDIT_ROOM) of the workstation.
Customizing the User Environment Login Script Commands and Variables It is unlikely that you will need to use this command. However, it is provided in case you come upon a program that requires it. Command Format MACHINE=name Using MACHINE The machine name can be up to 15 characters. (Longer machine names are truncated to 15 characters.
Customizing the User Environment Login Script Commands and Variables When mapping to a directory on a bindery-based server or to an NDS server that isn’t your current server, begin the path with the server’s name. Replace option with one of the following: • DISPLAY ON/OFF: Determines whether drive mappings are displayed on the screen when the user logs in. The default setting is ON. This option is valid only in login scripts.
Customizing the User Environment Login Script Commands and Variables available drive. This option is valid in login scripts and at the command line. Using MAP Follow these guidelines when using MAP: • If you use MAP to automate drive map assignments during execution of the login script, users don’t have to map drives manually every time they log in. • Specify drive mappings in a login script by entering the same commands that you would enter if you were using MAP at the command line.
Customizing the User Environment Login Script Commands and Variables Mapping Search Drives For DOS and Windows workstations, you can map search drives to directories that contain applications, executable files, and so forth. Then users can execute those applications regardless of the directory in which they are currently working. A maximum of 16 NetWare search drives is allowed.
Customizing the User Environment Login Script Commands and Variables To avoid inadvertently changing the order of any search drives that must be mapped to a specific drive letter, you can map all remaining search drives with the number S16:, which assigns the next lowest search number each time it is used. This command assigns the next available drive letter to the search drive without displacing the previous search drives.
Customizing the User Environment Login Script Commands and Variables If the user whose login script this line appears in is also located in the SALES_LA.ACME_US context, the MAP command does not have to specify the Directory Map object’s complete name. Instead, the line would be MAP S2:=APPL For more information about using Directory Map objects, see “Loading Operating Systems and Applications onto the Network” in chapter 3.
Customizing the User Environment Login Script Commands and Variables For example, suppose you created a Directory Map object called WPROC, which is located in the context SALES.ACME_US, and mapped that object to the SYS:APPL\WORDPROC directory. Following the rule of no complete names in a login script, you would create an alias in your own context to the object in .SALES.ACME_US.
Customizing the User Environment Login Script Commands and Variables MAP *6:=VOL1:APPL Additional Information For more information about Refer to Drive mappings “Drive mapping” in Concepts Enabling users to run DOS from the network “Loading DOS onto the Network” in chapter 3 Using Directory Map objects “Loading Operating Systems and Applications onto the Network” in chapter 3 NO_DEFAULT Use NO_DEFAULT in a container or profile login script if you do not want the default user login script to run.
Customizing the User Environment Login Script Commands and Variables Using NOSWAP LOGIN always swaps to extended or expanded memory unless NOSWAP is specified on the command line or in the login script. If you do not want LOGIN to be temporarily stored in higher memory or on the workstation’s disk, use the NOSWAP command. NOSWAP prevents LOGIN from being swapped out of conventional memory.
Customizing the User Environment Login Script Commands and Variables PCCOMPATIBLE Use PCCOMPATIBLE to enable the EXIT “command” login script command to work if your workstation’s LONG MACHINE NAME is not IBM_PC. Command Format PCCOMPATIBLE Using PCCOMPATIBLE If your computer is an IBM PC compatible machine and not an IBM PC, use PCCOMPATIBLE in your login script to inform the LOGIN utility that your machine’s long name is something other than IBM_PC.
Customizing the User Environment Login Script Commands and Variables PROFILE Use PROFILE in a container script to set or override a user’s assigned or command-line-specified profile script. It is useful when defining a group profile.
Customizing the User Environment Login Script Commands and Variables other users to read and understand. • The REMARK command and its associated text must be the only entry on a line. Placing remarks on the same line as other login script commands can cause errors. • If a remark is several lines long, begin each line with the remark keyword (REMARK, REM, an asterisk, or a semicolon).
Customizing the User Environment Login Script Commands and Variables Replace name with an environment parameter that identifies the environment you want to change. Replace value with identifier variable substitutions. Values must be enclosed in quotation marks. To change the environment for the login script, but not for the workstation after the login script has finished executing, use the optional keyword TEMP. Using SET Use the SET login script command the same way you use the DOS command SET.
Customizing the User Environment Login Script Commands and Variables line to the login script: SET PROMPT=“$P$G” “$P” lists the current directory path; “$G” displays a “>” (greater than) character. See your DOS manual for more information. • To set a path for a program called DAILY, which is in the REPORTS subdirectory beneath drive G:, you would add the following line: SET PATH=“G:\REPORTS\DAILY” This sets the variable PATH to G:\REPORTS\DAILY.
Customizing the User Environment Login Script Commands and Variables Command Format SET_TIME ON|OFF Using SET TIME The default value is SET_TIME ON, which means the workstation time is set to the NetWare server time whenever the user logs in. If you include SET_TIME OFF in the login script, the workstation time does not update to the server’s time. SHIFT Use SHIFT to change the order in which %n identifier variables are interpreted in the login script.
Customizing the User Environment Login Script Commands and Variables LOOP IF “%2”=“WP” THEN SET WP=”\U-CML\B-10\D” MAP S16:=SYS:APPL\WP\SETUP IF “%2”=“ACCNTS” THEN MAP G:=SYS:ACCNTS IF “%2”=“LOTUS” THEN MAP S16:=SYS:APPL\LOTUS SHIFT IF “%2”<>“” THEN GOTO LOOP (In the last line, “IF “%2” < >” is followed by closed quotation marks, which means “If %2 isn’t blank”.
Customizing the User Environment Login Script Commands and Variables %2=ACCNTS %3=WP In this case, Mary’s login script looks for %2, which is now ACCNTS. The login script maps a drive to the ACCNTS directory. Then the login script shifts the variables to the right so that %2 now becomes WP. Upon executing the loop, the login script sets the word-processing environment.
Customizing the User Environment Login Script Commands and Variables If you do not specify a path, LOGIN swaps either into higher memory (if available) or to the current drive. If LOGIN tries to swap to the current drive and you don’t have rights to the current drive, LOGIN prompts you for a path to use. If you specify a valid path, LOGIN always swaps to the specified path.
Customizing the User Environment Login Script Commands and Variables Using WRITE Text you want to display must be enclosed in quotation marks (“ ”). There are several ways to display variables in the text message. The way you enter the variable in the WRITE command determines the display format, as follows: • If you type the identifier variable exactly as shown, with no special punctuation, only the variable is displayed on the screen. (See “Login Script Identifier Variables” in Table 5-6.
Customizing the User Environment Login Script Commands and Variables In addition to the semicolon, there are other operators you can use to form compound strings (in other words, to join text and identifier variables into one command). These operators are listed in Table 5-5 in order of precedence.
Customizing the User Environment Identifier Variables Identifier Variables With many login script commands, you can take advantage of identifier variables to make your login script more efficient and flexible. Identifier variables allow you to enter a variable (such as LAST_NAME), rather than a specific name (such as Smith) in a login script command. When the login script executes, it substitutes real values for the identifier variables.
Customizing the User Environment Identifier Variables Table 5-6 Category Date Time User Login Script Identifier Variables Identifier Variable Function DAY Day number (01 through 31) DAY_OF_WEEK Day of week (Monday, Tuesday, etc.) MONTH Month number (01 through 12) MONTH_NAME Month name (January, February, etc.) NDAY_OF_WEEK Weekday number (1 through 7; 1=Sunday) SHORT_YEAR Last two digits of year (94, 95, 96, etc.) YEAR All four digits of year (1994, 1995, 1996, etc.
Customizing the User Environment Identifier Variables Table 5-6 Login Script Identifier Variables Category Network Workstation DOS environment Identifier Variable Function PASSWORD_EXPIRES Number of days before password expires. REQUESTER_CONTEXT Context when login started. USER_ID Number assigned to each user. FILE_SERVER NetWare server name. NETWORK_ADDRESS IPX external network number of the cabling system (8-digit hexadecimal number). MACHINE Type of computer (IBM_PC, etc.).
Customizing the User Environment Identifier Variables Table 5-6 Login Script Identifier Variables Category Miscellaneous Object properties Identifier Variable Function ACCESS_SERVER Shows whether the access server is functional (TRUE=functional, FALSE=not functional). ERROR_LEVEL An error number (0=no errors). %n Replaced by parameters the user enters at the command line with the LOGIN utility. For more information, see “Using LOGIN Parameters with %n Variables” in this chapter.
Customizing the User Environment Identifier Variables specify a path, such as COMSPEC. • Type the variable exactly as shown. • To use DOS environment variables as identifiers, enclose them in angle brackets. • Identifier variables can be placed within literal text strings in a WRITE statement. However, the identifier variable must be in uppercase letters and preceded by a percent sign. (Literal text is the text that is displayed on the screen, such as “Sales report is due today.
Customizing the User Environment Identifier Variables The SHIFT login script command allows you to change the order in which these %n variables are substituted. For more information about the SHIFT command, see “SHIFT” in this chapter. The %n variables can be used in WRITE statements if they are included within the quotation marks: WRITE “My login name is %1.
Customizing the User Environment Examples of Login Scripts Examples of Login Scripts The following examples of login scripts may help you plan your own container, profile, and user login scripts. Each example login script is shown in a table. The left column of each table shows the commands in the login script. The right column explains the command’s purpose.
Customizing the User Environment Examples of Login Scripts Table 5-7 Default Login Script Login Script Command Purpose IF “%1”=“ADMIN” THEN MAP *1:=SYS:SYSTEM If the login name is ADMIN, the first drive is mapped to SYS:SYSTEM instead of the user’s home directory. MAP P:=SYS:PUBLIC If the user logs in from an OS/2 workstation, drive P: is mapped to SYS:PUBLIC. If the user is not using an OS/2 workstation, this drive mapping is not included in the default login script.
Customizing the User Environment Examples of Login Scripts Table 5-8 Sample Container Login Script Login script command Purpose MAP DISPLAY OFF Prevents MAP commands from displaying on the screen as they are assigned. MAP ERRORS OFF Prevents mapping errors from displaying on the screen. MAP *1:=SYS: Maps the first drive to volume SYS:. MAP *1:=SYS:%LOGIN_NAME Maps the first drive to the user’s home directory if LOGIN_NAME is the same as the user’s home directory.
Customizing the User Environment Examples of Login Scripts Table 5-8 Sample Container Login Script Login script command IF MEMBER OF “MANAGERS” THEN MAP *3:=VOL1:PROJECTS\REPORTS Purpose If the user belongs to the Group object MANAGERS, the login script maps the third network drive to the REPORTS directory. END IF MEMBER OF “TESTERS” THEN MAP *4:=INPUT:STATUS\UPDATES If the user belongs to the Group object TESTERS, the login script maps the fourth network drive to the UPDATES directory.
Customizing the User Environment Examples of Login Scripts Table 5-9 shows an example of a profile login script you might create for users in the Profile object ACCOUNTING. This profile login script would execute after the container login script had executed. Table 5-9 Sample Profile Login Script Login script command Purpose MAP DISPLAY OFF Prevents MAP commands from displaying on the screen as they are assigned. MAP ERRORS OFF Prevents mapping errors from displaying on the screen.
Customizing the User Environment Examples of Login Scripts Table 5-9 Sample Profile Login Script Login script command PCCOMPATIBLE EXIT “NMENU WORK” Purpose Stops the profile login script and sends the user into a menu program called WORK. EXIT also prevents any user login scripts from executing. If you want a user login script to execute after the profile login script, put these lines at the end of the user login script instead.
Customizing the User Environment Examples of Login Scripts Table 5-10 Sample User Login Script Login script command Purpose REM Mary needs access to FORMS while she’s on the REM troubleshooting team. Remove the driver mapping REM when Mary is reassigned. This remark is intended as a reminder to the person who created the login script. SET WP=”/u-mjr/b-5” Sets Mary’s environment variables for her word-processing application.
6 Creating Menus 6-1
Creating Menus Introduction Introduction This chapter provides steps on how to create and use menus in NetWare® and includes information about the following: • How to create, convert, or modify menus • How to use the NMENU program • NMENU commands • How to create new menu files and convert old menu files 6-2
Creating Menus Creating, Converting, and Modifying Menu Files Creating, Converting, and Modifying Menu Files Menus create a simple front end to the users’ working environment. They make it easy to access network resources by presenting a list of options instead of requiring the user to enter cryptic DOS commands. Menus can be shared by multiple users, requiring the creation of fewer menus. Or, for the unique requirements of some users, custom menus can be easily created as needed. In NetWare 4™, NMENU.
Creating Menus Getting Acquainted with NMENU Getting Acquainted with NMENU Since the sole function of NMENU is to cause a scripted file to execute, there is little to learn about NMENU.BAT except its syntax. The command is followed by the menu filename. NMENU Syntax nmenu filename Replace filename with the menu filename. What Menus Look Like Figure 6-1 shows the display created by a single-window menu with only three options.
Creating Menus Getting Acquainted with NMENU Figure 6-1 A Single-Window Menu When you create menus with multiple windows, the windows cascade from left to right. Window sizing is automatically determined by the content of each window. What Makes Menus Work You create menu files with a text editor and save the file with an .SRC extension. Then you use the MENUMAKE program to compile the file. It is given a .DAT extension and, as a compiled file, is no longer editable. Any edits must be made to the .
Creating Menus Getting Acquainted with NMENU Figure 6-2 shows the .SRC file used to create the menu in Figure 6-1. This file shows how these three elements are used. Details about these elements and their options are covered later in the chapter. Menu 1,Title Bar Item One {pause} Exec dir Item Two {show pause} Exec ver Item ^XExit Exec EXIT Figure 6-2 Primary Elements of a Menu • Element 1: MENU MENU specifies a window within the menu file. It includes a menu number and a menu name.
Creating Menus Getting Acquainted with NMENU Figure 6-3 A Multiple-Window Menu Menu Creation Steps There are generally six steps to follow when considering a new menu. The relationship among steps is shown in Figure 6-4. 1 Plan menu 2 Create script 3 Compile script Was compile successful? no 5 Edit script yes 4 6 Grant privileges Figure 6-4 yes Run menu Does every option work? no Charting the Steps in Creating a Menu Procedure Each step in the flowchart is explained next.
Creating Menus Getting Acquainted with NMENU 1 Plan and design your menu. Before starting, answer the following questions: • Who is it for? • What do the users need access to? • Should they have access to a NetWare prompt? • Should they be forced to log out when exiting? • How complex is the menu? Will it need to be in multiple files? 2 Use a text editor to create your menu file with an .SRC extension. 3 Compile the .SRC file with the MENUMAKE program. This will create a .
Creating Menus Getting Acquainted with NMENU Figure 6-5 Example of a Simple Menu Menus also can be more complex, such as guiding data entry for cataloging (see Figure 6-6). Figure 6-6 Example of a More Complex Menu The text used to create the four menus shown in this section (Figure 6-1, Figure 6-3, Figure 6-5, and Figure 6-6) is included in “Example Menu Programs” in this chapter.
Creating Menus Planning Your Menus Planning Your Menus Several considerations are important when planning a menu. Details are presented throughout this chapter, but some general rules include the following: • You must include an EXIT or LOGOUT command in the menu to be able to leave the menu. For security reasons, the key doesn’t work. • The maximum number of windows per menu is 11 (1 main window and 10 subwindows). • The maximum number of menus you can define in a single file is 255.
Creating Menus Using the NMENU Commands Using the NMENU Commands Menu programs use two types of commands: organizational and control. The following sections describe these commands and their options. NMENU Organizational Commands and Options Organizational commands establish the content and organization of the menus the user sees on the screen. Use these commands to determine what the menus look like. Table 6-1 gives an overview of the organizational commands.
Creating Menus Using the NMENU Commands Using MENU The first menu defined in the source file is always the first menu displayed, no matter what number is assigned to it. Subsequent menus are referenced by their numbers, no matter what order they appear in the .SRC file. For example, if you have defined three menus and assigned them numbers 1, 2, and 5, and menu 5 is the first menu in the source file, menu 5 is displayed first.
Creating Menus Using the NMENU Commands Table 6-2 ITEM Command Options ITEM option BATCH Explanation Removes the menu program from memory before executing the item. Without this option, a portion of the memory stays resident, requiring approximately 32 KB of available memory, even though an application may be running. For example, if you type ITEM Word 5.0 {BATCH} the menu program is removed from memory when Word 5.0 is executed. Setting this option automatically sets the CHDIR option.
Creating Menus Using the NMENU Commands Table 6-2 ITEM Command Options ITEM option CHDIR Explanation When the word-processing application is closed, the directory is changed to the original directory for the menu. Changes back to the drive and directory that were in effect before an ITEM was executed. For example, to change back to the drive and directory the user was in before executing a word- processing application in another directory, type ITEM Word 5.0 {CHDIR}.
Creating Menus Using the NMENU Commands List items appear on the menu in the same order as they appear in the source file. They are not displayed in alphabetical order. Each item is automatically assigned an alphabetic selection character. If you want to assign a different character, place a carat (^) and the character you want in front of the item name (no spaces). NOTE: Forcing the selection character shortens the maximum line length to 38 characters.
Creating Menus Using the NMENU Commands Table 6-3 NMENU Control Commands Command Explanation GETO Requests information from the user before a menu item is executed. User input is optional. (See “GETx (GETO, GETP, GETR)” in this chapter.) GETP Requests information from the user before a menu item is executed. User input is required for the program to proceed. Assigns a variable (%n) to the information so it can be used again. (See “GETx (GETO, GETP, GETR)” in this chapter.
Creating Menus Using the NMENU Commands Table 6-4 EXEC Command Options EXEC option Explanation EXEC EXIT Exits the user from NMENU, but leaves the user logged in to NetWare. For security reasons, users cannot access the NetWare prompt unless this command is included in the menu. EXEC LOGOUT Exits the user from NMENU and logs the user out of the network, leaving the user at the DOS prompt. (See “Setting Up the User Environment” in this chapter.
Creating Menus Using the NMENU Commands The NMENU file being loaded must be in the current directory, or you must have a search path to the file defined. Example If you are writing a menu program for Sales and you want to call up the Accounting menu program, type MENU 1,Sales Main Menu ITEM Accounting Menu LOAD ACCOUNT SHOW Instructs NMENU to execute a submenu defined within the same file. Command Format SHOW menu_number Replace menu_number with the number of the submenu to be displayed.
Creating Menus Using the NMENU Commands GETx (GETO, GETP, GETR) The GETx commands provide access to user input. You can request or require user input. You can even store user input for future use. Each variation of the GETx command uses the same parameters to control what the user sees and does. Pay close attention to the use of spaces, commas, and braces { }. Command Format GETx prompt {prepend} length,[prefill], {append} Replace x with the letter “O,” “R,” or “P.
Creating Menus Using the NMENU Commands NOTE: Append does not work with GETP. Using GETx Interactive Commands Following are some general guidelines on the use of the GETx commands. • You must define commands for each menu ITEM separately. • Enter commands between the ITEM and the EXEC command(s) associated with the ITEM. • Enter the commands in either uppercase or lowercase. • Limit each prompt to one line.
Creating Menus Using the NMENU Commands EXEC mortgage %1 %2 %3 EXEC pause 6-21
Creating Menus Creating a Menu File Creating a Menu File Prerequisites • A workstation running DOS 3.30 or later • The Read, File Scan, Write, Create, and Erase filesystem rights to the directory where you will create and edit the menu • A DOS text editor Example Menu Programs Study the following examples by creating and trying them. By entering, executing, and debugging each example, you will gain understanding necessary to use the scripting language effectively.
Creating Menus Creating a Menu File Menu 5,Available Applications Item Word Processors { } Show 10 Item SpreadSheets { } Show 15 Item ^XExit Menu { } Exec EXIT Menu 10,Available Word Processors Item WordPerfect 5.1 Exec wp51 Item WordPerfect 6 Exec wp6 Item MSWord Exec Word Menu 15,Available SpreadSheets Item Quattro Pro Exec Q Item Lotus 123 Exec 123 Figure 6-8 A Simple Menu Script Example 3: A More Complex Menu The menu in Figure 6-6 was created from the text file in the following figure.
Creating Menus Creating a Menu File Example 4: Combining DOS and NetWare Commands Users can accomplish more work when access to DOS and NetWare functionality is combined in the same menu, as shown in Figure 6-10.
Creating Menus Making Menus Work Making Menus Work Now that you have working menus, you must make them available to your users. Following is a list of rules for usage. • You must create a search drive to the directory where the menu files exist. Search mappings can be created in container, profile, or user login scripts. • Users must have at least Read and File Scan rights to the directory where the menu files exist. • NMENU uses temporary files.
Creating Menus Making Menus Work NOTE: If you choose not to use the %STATION identifier variable, you must manually create a file with a maximum length of seven characters. The NMENU program automatically prepends the # symbol to the beginning of the S_FILE filename. If the user will be using a menu with the logout option, set the S_FILEDIR environment variable to a path on the user’s local drive. Set the S_FILE to “%STATION.” A copy of the MENU-X.
Creating Menus Converting Old Menu Files Converting Old Menu Files Use this procedure to convert an existing MENU file (created with an earlier version of NetWare) to an NMENU file. These older menu programs usually have the extension .MNU. Procedure 1 Create a directory for the new menu files and temporary files. If you want to use the directories you already have set up for menu programs, you do not need to create new ones. 2 Change the old .MNU file to the new .
Creating Menus Converting Old Menu Files 3 Follow the same six steps explained in “Menu Creation Steps” in this chapter. Example To help you see the differences between MENU and NMENU files, Figure 6-11 shows a part of the file for the menu in Figure 6-3. The figure shows both the .MNU and the unedited .SRC file formats. They are shown side-by-side to help you make the comparison. The “After Conversion (.SRC)” side has not yet been edited.
Creating Menus Converting Old Menu Files (continued) Before Conversion (.MNU) After Conversion (.SRC) %Your Choice,5,50,4 A. Quit leave.bat B. Try Again %Utilities C. Experiment %Demo MENU 02,Your Choice ITEM Quit { } EXEC leave.bat ITEM Try Again { } SHOW 06 ITEM Experiment { } SHOW 07 %Demo,12,40,1 1. CHOICE 1 %Utility 2. CHOICE 2 %Variety 3. CHOICE 3 %TalkToMe 4.
Creating Menus Converting Old Menu Files 6-30
7 Maintaining the NetWare Server 7-1
Maintaining the NetWare Server Introduction Introduction NetWare® 4.1/9000 Services is an implementation of NetWare 4®. Because NetWare Services resides on a HP-UX server, it becomes many processes of UNIX®. This chapter describes specific features of NetWare Services, as well as tasks you can perform in the NetWare® 4.
Maintaining the NetWare Server Managing NetWare Volumes Managing NetWare Volumes This section describes volumes in the NetWare® 4.1/9000 environment and how NetWare imposes the concept of volumes on NetWare® HP 9000 server. It also describes how to set up and manage NetWare volumes within the NDS tree. NetWare® 4.1/9000 supports multiple filesystem types (FSTypes such as vxfs, ufs, s5, and so on).
Maintaining the NetWare Server Managing NetWare Volumes system. • They use a NetWare usinodes file to maintain NetWare information. • They use an extended names file for the following: • Names longer than 27 characters • OS/2* names longer than 100 characters • Directory paths longer than 92 characters • They use a NetWare database to maintain trustee assignments and modifications to Inherited Rights Filters (IRF). • NFS*-accessible files can be included.
Maintaining the NetWare Server Managing NetWare Volumes NOTE: When changing CD-ROM disks, ensure that you have followed the proper HP-UX rules for unmounting and remounting a disk. (See “mount” in the Command Reference for more information.) NFS-Mounted Volumes An NFS-mounted volume gives you access to NFS file systems.
Maintaining the NetWare Server Managing NetWare Volumes Figure 7-1 NetWare Volumes Compared with the HP-UX File System Because HP-UX has no concept of a “volume,” NetWare volumes become paths to a particular point in the HP-UX file system. In Figure 7-1, root directories /sys, /home, and /work become NetWare volumes by specifying the path in the NetWare Services voltab file through SAM. NetWare supports a maximum of 64 volumes, and NetWare Services allows the 64 volumes.
Maintaining the NetWare Server Managing NetWare Volumes Figure 7-2 Possible Volume Configuration If the HP-UX file system is configured so that file system mount points coincide with paths to NetWare Services volumes, NetWare volume statistics will be accurate. In Figure 7-2, volume SYS: corresponds to the mount point for Disk 0, Partition 2. Volume WORK: corresponds to the mount point for Disk 1 (which has one partition). Disk 3 is a remote disk and is mounted at the root.
Maintaining the NetWare Server Managing NetWare Volumes the remote partition. • As NetWare users access directories below bob, directory statistics will reflect the statistics for Disk 3. Volume Configuration Parameters NetWare volumes use some variables in SAM that are global to the server— for example, the maximum number of volumes. The NetWare configuration files also support variables that are generic to all volume types, as well as variables that are specific to a particular volume type.
Maintaining the NetWare Server Managing NetWare Volumes Volume Utilities You can use the System Administration Manager (SAM) to specify a volume’s mount point, control point, attributes, and security mode. You can also add, delete, and modify volumes using SAM.
Maintaining the NetWare Server Managing Server Hard Disks Managing Server Hard Disks This section describes how to determine available disk space and how to add a hard disk to a NetWare server. Checking Available Disk Space You should monitor available disk space regularly and keep a log to track disk usage over time. This information helps you make the best use of your disk-space management options, such as adding a new hard disk. On HP-UX, you can type df at the command line in a “Terminal” window.
Maintaining the NetWare Server About NetWare Networking Protocols About NetWare Networking Protocols The following information provides an overview of IPX and NetWare protocols. If you are familiar with IPX and you now want to configure IPX from the server console, skip to chapter 1 in the NetWare 4.1/9000 Installation and Administration Guide. NetWare Protocol Overview The IPX protocol is the main protocol used to transfer data from your HPUX system to a NetWare server.
Maintaining the NetWare Server About NetWare Networking Protocols the Open Systems Interconnection (OSI) model. This model specifies how protocols should be defined in the future. The OSI model separates the functions required for effective computer communications (such as error checking and addressing) into the following seven catagories or layers. These layers are Application, Presentation, Session, Transport, Network, Datalink, and Physical.
Maintaining the NetWare Server About NetWare Networking Protocols The IPX protocol provides both IPX services and RIP services. As LAN drivers deliver packets to IPX, the IPX driver uses RIP to determine the route for packets outbound to other networks. Packets addressed to a local host are routed by IPX to the applications. When setting up NetWare from the HP-UX server console, you will need to configure your IPX internal LAN address and maximum hops, plus other information.
Maintaining the NetWare Server About NetWare Networking Protocols As a message service, SPXII provides enhanced throughput. This protocol reduces the amount of traffic on the wire by negotiating for large packets and reducing the number of acknowledgements. Applications using SPXII do not need to determine packet size. The SPXII driver handles packet size for the application.
Maintaining the NetWare Server About NetWare Networking Protocols Routing Information Protocol (RIP) The RIP allows routing information exchange on a NetWare internetwork. The single packet structure defined by the RIP allows the following exchanges of information: • Workstations locate the fastest route to a network number by broadcasting a route request. • Routers request routing information from other routers to update their own internal tables by broadcasting a route request.
Maintaining the NetWare Server About NetWare Networking Protocols When setting up NetWare, you will need to turn SAP on and enter the number of services you will be advertising to use this feature. See “Managing NetWare Protocols” in this chapter for more information. NetWare Core Protocol (NCP) The NCP makes interaction between clients and file servers possible by defining connection control and service request reply/encoding.
Maintaining the NetWare Server Managing the Server Managing the Server This section describes basic setup and configuration of your NetWare server so that it will run efficiently.
Maintaining the NetWare Server Managing the Server Prerequisites • Access to the server console • Superuser permission to shut down a NetWare server Procedure 1 Start the NetWare transport using the command: startnps Start NetWare services using the command: startnw In order to start the NetWare server process, the IPX protocol stack must be active. There are several ways to check at the HP-UX server console command line whether the stack is active: • Type ps -ef | grep IPX.
Maintaining the NetWare Server Managing the Server Managing Engines at the Desktop NetWare Services servers refer to certain processes as NCP engines. NCP engines are often considered the workhorses of NetWare Services servers and are responsible for initial processing of all client requests. NetWare Services requires a minimum of two engines running at all times. The more work you require of your system, the more engines you will need to start. Adding too many engines, however, may decrease performance.
Maintaining the NetWare Server Managing the Server See “Error Log File Size” in “Tuning Your Server” in this chapter to change the size of your error log file. Configuring Packet Burst Packet Burst is a protocol built on top of IPX that speeds multiple-packet NCP reads and writes of files. This protocol speeds the transfer of NCP data between a workstation and a NetWare server by eliminating the need to sequence and acknowledge each packet.
Maintaining the NetWare Server Managing the Server Replace number with the new number of NCP engines you want running. The nwengine command determines the difference between the total number of NCP engines requested and those already running. For example, if you have four NCP engines already running and you want to add three more engines, type the following command: nwengine 7 Three more NCP engines will be started.
Maintaining the NetWare Server Managing the Server If a large number of packets is dropped because a server message indicates that the server is busy, you may need to add another engine. Adding too many engines, however, may decrease performance. For more information, see “nxinfo” in Utilities Reference. Checking Client Activity Use this procedure at the HP-UX server console to configure the NetWare watchdog (a connection-monitoring feature).
Maintaining the NetWare Server Managing the Server delay_between_watchdog_packets. This variable determines the time (in seconds) between watchdog packets. After the server sends out the first watchdog packet, it waits a specified time before sending out succeeding packets if there is no reply. The default is 60. For more information on Watchdog, see “Watchdog” in Concepts.
Maintaining the NetWare Server Network Security Features Network Security Features NetWare Services includes security and fault tolerance features to protect network data from intruders and system failures. This section describes how to prevent network data disaster and recover from failures. Preventing Packet Forgery NetWare Services includes a security feature, NCP packet signature, that protects servers and clients using the NetWare Core Protocol.
Maintaining the NetWare Server Network Security Features NOTE: Some combinations of server and client packet signature levels may slow performance. However, systems with low CPU-demand may not show any performance degradation. Network supervisors can choose the packet signature level that meets both their performance needs and their security requirements. When to Use NCP Packet Signature NCP packet signature is not required for every installation.
Maintaining the NetWare Server Network Security Features ncp_packet_signature_option. This variable determines the signature levels for NCP packets. Valid values are Disabled, Enabled, Preferred, and Required (see Table 7-1). The default is Disabled. allow_unencrypted_passwords. This variable controls unencrypted passwords. “Yes” means unencrypted passwords are allowed. “No” means passwords must be encrypted and clients who use software that sends clear text passwords cannot log in. The default is No.
Maintaining the NetWare Server Network Security Features Table 7-1 Client Signature Levels Number Explanation Disabled (0) Client does not sign packets. Enabled (1) Client signs packets only if the server requests it (server option is 2 or higher). Preferred (2) Client signs packets if the server is capable of signing (server option is 1 or higher). Required (3) Client signs packets and requires the server to sign packets (or logging in will fail).
Maintaining the NetWare Server Network Security Features Examples of Signature Levels in Different Situations The default NCP packet signature level is Enabled (1) for clients and Preferred (2) for servers. In general, this setting provides the most flexibility while still offering protection from forged packets. Below are some examples of using different signature levels.
Maintaining the NetWare Server Network Security Features Replace number with 0 (Disabled), 1 (Enabled), 2 (Preferred), or 3 (Required). Assigning the NUC Workstation Packet Signature Level This signature level applies to all NUC clients unless it is set in a userspecific NET.CFG file or in NetWare Setting The default packet signature level is Enabled. To change the level, see “Setting Packet Security Levels” in the System Owner Handbook. These settings are in NetWare_SAM, NUC Setup.
Maintaining the NetWare Server Common Management Tasks Common Management Tasks This section describes other network administrator tasks and ways you can change the server environment after installation of NetWare Services. Viewing the Server Error Log File The server error log is a text file called SYS$LOG.ERR in the server’s SYS:SYSTEM directory. All system messages and alerts that appear on the server display device are recorded in the SYS$LOG.ERR file.
Maintaining the NetWare Server Common Management Tasks The server error log appears. 6 To delete or exit the server error log, press . A prompt to clear the error log file appears. 7 To clear the error log file, choose “Yes.” To exit NETADMIN, press + . Managing Error Log Files NetWare creates and maintains these server, advertising, and volume error log files: • SYS$LOG.ERR for server errors. • SAP error log file for advertising errors. This is located in /var/netware4.
Maintaining the NetWare Server Controlling Resource Allocation Controlling Resource Allocation This section describes how to use accounting to control the number of resources a NetWare client can use. The following are items to consider when installing and using the accounting procedures. • Install the accounting program • Decide on the services you will charge for • Calculate the rates • Set up accounting balances for the users • View the balances If you want to use the NetWare® 4.
Maintaining the NetWare Server Controlling Resource Allocation 5 Choose “Accounting” from the bottom of the dialog box. 6 Confirm that you want to install accounting on this server. Accounting page buttons appear on the right side of the dialog box with the other page buttons. 7 Use the accounting buttons to edit the accounting pages. 8 Choose “OK.” Setting Up Accounting Using NETADMIN Prerequisites • A workstation running DOS 3.
Maintaining the NetWare Server Controlling Resource Allocation 13 To exit NETADMIN, press +. Calculating Charge Rates for Accounting Charge rates for using server resources are specified as multipliers and divisors. To set the charge amount to “No Charge,” enter 0 as the multiplier.
Maintaining the NetWare Server Controlling Resource Allocation 2 To view daily and weekly totals for accounting services, type ATOTAL 3 To redirect ATOTAL data to a file, type ATOTAL > filename 7-35
Maintaining the NetWare Server Managing Network Time Synchronization Managing Network Time Synchronization Time synchronization ensures that all servers in a Directory tree report the same time and order NetWare Directory Services events correctly. To establish time synchronization, a time server must first be assigned a time server type.
Maintaining the NetWare Server Managing Network Time Synchronization claim to be synchronized. • Primary servers must poll either another Primary server or a Reference server. • Secondary servers must poll a Reference, Primary, or Single Reference server to obtain the correct time. During each polling interval, a time server contacts one, and only one, valid time source.
Maintaining the NetWare Server Managing Network Time Synchronization network and your server is not synchronizing within its Directory tree. • You want to control the sources your server uses for time synchronization. • You want to reduce SAP traffic by turning off time service advertising.
Maintaining the NetWare Server Managing Network Time Synchronization Synchronization Limits Since clocks in computers vary, synchronizing all servers in a network to the same precise time is almost impossible. By default, time synchronization is set up to allow for a two-second time variance between network time and a server's time. Servers that come within that two-second variance are considered synchronized.
Maintaining the NetWare Server Managing Network Time Synchronization Procedure 1 HP recommends that you use SAM to set the bindery context and most time synchronization parameters. Use the nwcm command to set the other parameters. The nwcm command is described in the Utilities Reference. 2 Set the following variables as appropriate. Basic. This category shows the most commonly changed time synchronization variables. Time Server Type.
Maintaining the NetWare Server Managing Network Time Synchronization unsuccessful or the list is empty, the server attempts to contact an advertising time source. The default is No. Advanced. The Advanced category shows and allows you to change less commonly used time synchronization variables. Polling Count. This variable determines the number of time packets to exchange while polling. Polling Interval.
Maintaining the NetWare Server Managing Network Time Synchronization Example of Synchronizing Two Directory Trees Suppose you have two Directory trees on your network and you want all the servers in both trees to synchronize to the same time. You used the default installation, so the Root servers of the trees (ROOT1 and ROOT2) are Single Reference servers, Tree Mode is set to “Yes,” and Service Advertising is set to “Yes.
Maintaining the NetWare Server Managing Network Time Synchronization For more information about Refer to Time server types “Time Servers” in Chapter 4 of Introduction to NetWare Directory Services Time synchronization “Time synchronization” in Concepts SAP “Service Advertising Protocol (SAP)” in Concepts 7-43
Maintaining the NetWare Server Managing Network Time Synchronization 7-44
Index Symbols # login script command, using, 5-19 %n identifier variable, using to shift LOGIN parameters, 5-52, 5-62 * character, using in login scripts, 5-48 ; character, using in login scripts, 5-48 identifier variable, explained, 5-60 A Aborting partition operation explained, 4-21 Access control mode Both, 3-10 NetWare, 3-9 None, 3-9 UNIX, 3-9 Access server, checking for, in login scripts, 5-61 ACCESS_SERVER identifier variable, explained, 5-61 Account expiration date changing, with NETADMIN
Index Connection number workstation, specifying in login scripts, 5-60 Container login script, explained, 5-3 Container object changing property values with NetWare Administrator, 2-73 creating with NETADMIN, 2-18 explained, 2-11 listed, 2-12 naming rules for, 2-13 Container objects creating, 2-11, 2-16 creating with DS_Install, 2-15 creating with NETADMIN, 2-16 creating with NetWare Administrator, 216 moving, 2-61 types of, 2-11 Container, moving, 4-16 Context, name displaying context user exists in, 5-59
Index 24 Disk space, checking for, 7-10 Diskette, client, making from CD-ROM, 15 DISPLAY login script command, using, 524 Distribution list, explained, 2-22 DOS installing on the network, 3-31 DOS in login scripts allowing , 5-25 COMMAND.
Index changing the owner, 3-58 copying, 3-24 copying or moving, with FILER, 3-28 moving or copying, with NetWare Administrator, 3-26 number allowed, 3-19 purging, 3-19 setting up, 3-19 viewing information about, 3-64 word-processed, displaying during login, 5-29 Filter.
Index 31 Log file server, viewing, 7-30 Logging in ADMIN User object, 15, 2-16 attaching to server from login script, 520 changing name context in login scripts, 5-23 last time of, displaying during login, 537 Login script commands ATTACH (attaching to servers), 5-20 CLS (clearing screen), 5-22 CONTEXT (changing context), 5-23 DISPLAY (displaying text file), 5-24 DRIVE (specifying default drive), 5-26 FDISPLAY (displaying word-processed file), 5-29 IF…THEN (executing conditional action), 5-32 INCLUDE (exec
Index Memory, workstation not swapping, with login scripts, 5-45 Menu commands. See also NMENU utility EXEC (specifying actions), 6-16 GETx (specifying user input), 6-19 ITEM (specifying menu options), 6-12 LOAD (executing one menu from another), 6-17 MENU (naming menus), 6-11 SHOW (displaying submenu), 6-18 Menu program. See NMENU utility MENU utility, converting to NMENU, 627 MENUCNVT command, using, 6-27 MENUMAKE utility, compiling converted menu program, 6-27 Menus.
Index deleting, with NetWare Administrator, 4-47 deleting, with PARTMGR, 4-48 explained, 2-24 NetWare Server objects deleting, 4-46 NetWare Server objects, naming restrictions for, 2-29 NetWare Services software requirements, vi NetWare shell, specifying version in login scripts, 5-60 NetWare UNIX Client user explained, 3-4 NetWare user account explained, 3-5 NetWare users without mapping, 3-7 NetWare volumes managing in a UnixWare environment, 7-3 NETWARE_REQUESTER identifier variable, explained, 5-60 Net
Index Operating systems installing on the network, 3-31 loading on the network, 3-31 Organization object changing property values with NetWare Administrator, 2-73 explained, 2-13 login script (see Login scripts) Organization,creating user templates in, 248 Organizational Role object creating, 2-45 creating with NETADMIN, 2-47 creating with NetWare Administrator, 245 explained, 2-24 managing, 2-44 Organizational Unit object changing property values with NetWare Administrator, 2-73 changing property values,
Index NETADMIN, 2-79 changing Login Script property with NetWare Administrator, 2-75 creating, 2-42 creating with NETADMIN, 2-43 creating with NetWare Administrator, 242 explained, 2-25 login script, example of 5-68 (see also Login scripts) managing User objects with, 2-41 Prompt, setting in login scripts, 5-50 Properties Security Equal To, 2-3 Properties, object.
Index Root, fake mapping in login scripts, 5-39 mapping in login scripts, examples, 5-44 S SAP explained, 7-15 Scripts.
Index deleting, 2-9 viewing, 2-9 Trustee rights. See also Rights; Trustee effective, calculating, 3-11 effective, viewing with FILER, 3-62 effective, viewing with NetWare Administrator, 3-61 explained, 3-43 Trustee.
Index mounting CD-ROM, 7-4 mounting NFS, 7-5 mounting Standard, 7-3 NetWare, interdependencies UnixWare partitions, 7-5 number supported, 7-6 Y YEAR identifier variable, explained, 5-59 with W Watchdog logging watchdog logouts, 7-22 setting delay time, 7-22 setting number of packets, 7-22 Windows files needed to run NetWare, 3-33 guidelines for running in NetWare, 3-34 icon for NetWare Administrator, creating, 18 installing on the network, 3-33 loading, 3-31 mapping search drive in login scripts, 541 net
