Manualshelf

Supervising the Network

ManualsBrandsHP ManualsSoftwareHP-UX 11i v1 Networking Software
61626364656667686970
2-34
Setting Up and Managing NetWare Directory Services Objects
Managing Groups of User Objects
Managing Group Objects
If you want a user to have access to an object, you must give the user a
trustee assignment to that object. Rather than make trustee assignments to
many users, you can create a Group object and make just one trustee
assignment to grant access to all the users who belong to the Group.
Here are some guidelines to follow when setting up a Group object:
Only User objects can be listed in a Group, and you can add User objects from
any part of the Directory tree to a Group.
A Group object is not a container. It does not “contain” User objects; users’
names are merely assigned to a Group object.
To create a Group object, see “Creating Leaf Objects” in this chapter.
You must create User objects before you can add them to the membership list of
a Group object. See “Creating Leaf Objects” in this chapter for instructions on
creating User objects.
After you have created a Group object and added User object names to it, you
manage the rights of the Group object rather than the rights of the individual
users.
For example, suppose you have a word-processor application on the network
that many users need to access. You could create a Group object named WORD
PROCESSOR USERS and add the User object names of the users who need
access to the application.
Then, rather than granting file trustee rights to each of the User objects, you
would grant the file trustee rights to the Group object WORD PROCESSOR
USERS for the application and the working directory.
When a user is added to the membership list of a Group object, the Group is listed
in that user’s Security Equal To property. The user is granted all rights that any
object (User, Group, Printer, etc.) in that list is granted, both object and file rights.
After you have created a Group object, use the procedures that follow to:
Add members to a Group object.
Give a Group object rights to files and directories.
Delete members from a Group object.
You can use NetWare Administrator or NETADMIN to manage Group
objects. Both procedures are described in this section.