IntranetWare 4.11 Administration - Tips

 

Tips and Tricks

 

Know NWADMIN - the Netware Administrator for Windows inside and out. You will have to walk through multiple scenarios with this utility. Also, make sure you brush up on your command line utilites and their paramaters.

IntranetWare 4.11 Administration - Need To Know

What you need to know for the exam

 

Differences between typeful, relative, and distinguished names. What command to use to map to a drive on a server in the current context. What command to use to map to a drive on a server in a different context. The remark statements used in the login script. Basic NetWare MS-DOS commands. How to capture printer ports and assign printer properties. What is, and when to use, the Organizational Role object. The order in which login scripts are executed. What a print queue is and does, and where the data is redirected through. Where NetWare utilities are stored. What files are used to load Client32 and Client16. What rights grant what ablilities. What files are loaded on the server to allow someone to use RCONSOLE to remotely access it.

 

NWADMIN:How to create users, and give them proper rights to objects. How to make changes to multiple users at once. Inherited Rights Filter. How to move files from one server to another. How to create application objects. Redirect print queues. How to modify the login script. How to make users trustees of objects, and give them proper rights. How to properly create and modify user templates.

IntranetWare 4.11 Administration - Cramsession

 

Minimum Hardware Requirements for an IntranetWare server

 

Intel 386 processor or higher
20MB RAM
VGA Video adapter and display
NIC (Network Interface Card)
15MB DOS partition
75MB SYS partition
CD-Rom

 

NDS Container Objects

 

Root - Top of NDS structure. Tree can only have one root, from where all other objects branch out.
Country - Container which designates the country that this branch of the network resides in.
Organization - Container that typically represents a company.
Alias - Logical NDS pointer. Can only point to Country and Organization objects, when used as a Container object.
Organizational Unit - Container that represents divisions of units.

 

NDS Leaf Objects

 

User Template - Template used to create users with predefined rights.
Organizational Role - Defines a position in organization. Used to assign priveleges to anyone in a certain position.
Profile - Contains login script for a group of unrelated users.
Directory Map - Represents a logical pointer to a directory in the server file system. Used to centrally manage drive mappings.
Application - Gives ability to manage applications as NDS objects.
Alias - Logical NDS pointer. Can only point to Container and Leaf objects, when used as a Leaf object.

 

Context

 

Context describes what part of the tree an object resides in.
O- Organization container.
OU- Organizational unit container.
CN- Common name of the leaf object.

Typical context format: .CN=Joe.OU=FBI.O=USGovernment

Two types of context available:
Current context - Defines where you are in the tree at the time.
Object context - Defines where an object resides in the tree.

Types of NDS names:
Distinguished name
Object's complete NDS path.
Complete path for Joe: .CN=Joe.OU=FBI.O=USGovernment

Relative distinguished name
Object's NDS path, relative to its current context. Relative distinguished names are not preceded by a dot.
Joe's current context: .OU=FBI.O=USGovernment
Joe's relative distinguished name: CN=Joe

Typeful name
Complete NDS path, which contains descriptors to define the object.
Joe's typeful name: .CN=Joe.OU=FBI.O=USGovernment

Typeless name
Complete NDS path, which does not contain descriptors to define the object.
Joe's typeless name: .Joe.FBI.USGovernment

 

IntranetWare File System

 

The file system organizes internal disks into one or more volumes.

To rename a physical volume, change its server definition with INSTALL.NLM.

To rename a logical volume, use NWADMIN.

One server can hold up to 64 volumes
Each volume can span up to 32 hard disks
Each volume can support up to 32 segments

IntranetWare default directory structure:

NDS and File System Security

 

W: Write - Grants rights to open and change contents of files.
R: Read - Open files.
M: Modify- Change attributes or rename a file/directory.
F: File Scan- See files/directories, but unable to open/copy.
A: Access Control- Change trustee assignments and IRFs.
C: Create- Create new files and directories.
E: Erase- Delete files and directories.
S: Supervisor- Grants all rights to files and directories.

Supervisor rights cannot be blocked by an IRF for file system security
Supervisor rights can be blocked by an IRF for NDS security.

Rights from NDS to not transfer into the file-system, except for supervisory rights.

Creator is always given supervisor rights to the file/directory they create.
Container is always given RF access to SYS:PUBLIC
User is always given RWCEMF access to their own personal directory.

 

In NWADMIN:

Rights to Files and Directories is used to assign rights from a user's aspect.
Trustees of this Directory is used to assign rights from a directory's aspect.

IRF (Inherited Rights Filter):
When the filter is applied, the rights specified are the rights allowed to pass through.
If Joe has RF rights, and goes through an IRF with only F specified, Joe keeps only F rights.

Security equivalence:
When one object's access rights are specified to be equivalent of another object's access rights.

Ancestral Inheritance:
Any object is security equivalent to its parent container.

Client 32 for IntraNetware

Client 32 file requirements for Windows 95:

Client 32 file requirements for DOS:

Preferred Server, Context, NDS Tree and login settings are specified in the NET.CFG file when using Client32 for DOS, and in the Network Properties page when using Client32 for Windows 95.

 

Login Scripts

 

Execution order for login scripts:
1) Container - Script for Organization or Orginizational Unit containers, used for all users in the container.
2) Profile - Script which contains specific paramaters for a group of unrelated users.
3) User - User specific script.
4) Default - Executed for any user who does not have an individual user login script.

Users can only be assigned to one profile group.

Place NO_DEFAULT in the profile or container script to avoid executing a default login script.

Remarks are used to insert a line of text which will be ignored by IntranetWare.
REMARK, REM, ; , or * can be inserted before the line of text to define it as a remarked line.
REM MAP F:=SYS:PUBLIC

DOS executables, commands unrecognized by an IntranetWare login script, need to be preceded by # to specify that the script will need to run an external command.
#CAPTURE P=HPLJColor5

 

File Server Security

 

Implement the following steps to ensure file server security:
1) Restrict physical access to the file server.
2) Lock the file server console from within MONITOR.
3) Load SECURE CONSOLE to allow NLMs to only be loaded from the SYS:SYSTEM directory.
4) Lead REMOTE.NLM to allow only remote access to the server.

To enable RMF for remote access:
Type at the console LOAD REMOTE.
Type either:
LOAD RSPX - to allow remote management across a LAN
LOAD RS232 - to allow remote management through dialup access.

LDREMOTE can be loaded to encrypt passwords.

 

Commands

 

FILER - Used to manage files/directories, display volume information, and salve and purge files.
FLAG - Changes file/directory attributes.
NDIR - Used to view files, directories and volumes.
NLIST - Displays information about NDS objects.

Know how to use the following commands and all of their options.

 

MAP command options

CAPTURE command options