Solved

Equivalent commands in Netware 4.11

Posted on 1998-09-29
3
384 Views
Last Modified: 2008-02-01
1) i would like to know how to create a workgroup manager or    user account manager( found in Netware 3.12) in Netware    4.11?
2) how to assign queues to printers in Netware 4.11? i don't    seem to find the equivalent procedures as in Netware 3.12
0
Comment
Question by:tyj
  • 2
3 Comments
 
LVL 5

Accepted Solution

by:
aioudine earned 60 total points
ID: 1593592
1) Create object "Organizational role"
assign user-account manager as occupant of this object
Then make this object 9Org. role) trustee of group

Also you may directly make user trustee of group
for more information see manual

2) you may use NWADMIN or pconsole
If you not familar with this utilites use Quick Setup options in netadmin

regards,
andrei
0
 

Author Comment

by:tyj
ID: 1593593
1)can please be more detail on where to create an organizational role? whether i should create it under the current context or under an organizational unit? And what exactly does an organizational unit does?

 After creating the organizational role, can you tell me in more detail whether should i assign a particular group as trustees to the org. role or should i assign the role as trustees to the group?
0
 
LVL 5

Expert Comment

by:aioudine
ID: 1593594
An Organizational Unit object helps you to organize leaf objects in the Directory tree. It
also allows you to set defaults in a login script, and create a user template for User objects you create in the Organizational  Unit container.

You can use an Organizational Unit object to designate a business unit within a company, a department within a division or univeristy, a project team within a department, and so on.

So, you may create OU Marketing, Sales, Support,
or OU Tokyo, Dallas, London
----------
An Organizational Role object defines a position or role within an organization.
An example might be a department manager or vice president of sales, and so on.
You can assign any User object to be an occupant of the Organizational Role object.
Any occupant receives the same rights that were granted to the Organizational Role object.

You create an Organizational Role object to assign rights to a particular position in the organization where the person  holding the position might change frequently, while the actual responsibilities of the position do not change often. It can also be used when you have a job where you want different people to handle the same job at different times of the lear.

----------
After creating the organizational role you should assign a role as trustees of the group
or you can grant OrgRole right to OU (All depend on tree design)
--------
Below related TID from support.novell.com
NOTE: Here explained how to create User object, but I recomend you create OR
_________________________________
How do I create a Workgroup Manager in 4.1 ?  (Last modified: 06FEB1998)

     This document (2913382) is provided subject to the disclaimer at the end of this document.
   
     Symptom

     There is no easy way to create a Workgroup Manager (WGM) in NetWare 4.1 environment
     without giving this user too many rights. In fact, many people believe that there is NO WAY to
     have a WGM, unless we give him/her all of these excessive rights.

     The solution described below must be followed precisely, or the user will end up with too many
     rights or no rights at all over the container he or she will be responsible for.

     By the way, the sequence described here is based on the fact that the WGM created will be in
     fact a
      "CONTAINER" MANAGER, and not a "Group" Manager.

     The solution here can be found also in the Dynatext Library for Netware 4.1 "Building and
     Auditing a Trusted Network Environment with Netware 4", chapter 3 Section "Workgroup
     Manager" , with less details.

     Solution

     Workgroup Manager

     Your organization may have security needs that require central administration but also allow for
     workgroup or departmental management. As seen in this example, it is possible to cut off
     administrative control to a branch of the tree. It is therefore imperative to set up security so that
     if the WorkGroup Manager administrator of a branch leaves the company under unfavorable
     circumstances, the resources in that branch can still be administered.

     To prevent cutting off administrative control from a branch of the tree, and to give rights to a
     WGM to perform daily tasks over a container like change or reassign passwords, create or delete
     users, carefully complete the following steps:

     1. Create a User called WGManager (or something appropriate).

     2. Assign this User an explicit trustee of the container to be administered by going to the
     container that needs to be administred, right click on it, go to "Trustees of this object" and ADD
     the WGManager user as a trustee of the container. Before closing the window, give the user the
     following rights:
       
     [BCDR] to object rights (Check in the left box )

     [RCWA] to All Properties rights (Check in the right box)

     Then click on "Selected Properties" and scroll down until you find the "Object Trustees (ACL)"
     and check

     [CR] ACL Property rights

     (Do not click OK yet. Wait for instructions about when to close this window (step 5.))

     (Reassignment of the ACL property rights override the rights assigned to All Properties rights,
     preventing the user WGManager from changing trustee assignments to the container.)

     3. ADD the user Admin as a trustee of this container by clicking the button "Add Trustee" and
     searching the tree.

     4. Assign Admin an explicit trustee assignment to the container of all Object Rights and
     properties Rights by checking:

     [SBCDR] object rights (Checking in the left box - Object Rights)

     [SRCWA] All Properties rights (Check in the right box - All Properties Rights)

     5. Now click OK to close the Container Box and save the changes.

     6. Right Click the user WGManager, go to "Trustees of this object" and ADD the user Admin as
     a trustee of this object.

     7. Assign Admin an explicit trustee assignment to the user WGManager of all Object Rights and
     All Properties Rights by checking:

     [SBCDR] object rights (Checking in the left box - Object Rights)

     [SRCWA] All Properties rights (Check in the right box - All Properties Rights)

     8. Revoke all inherited rights except B to the user WGManager by clicking in Inherited Rights
     Filter and checking with a " X " only the Browse. All other rights in both boxes must be without
     " X " , or blocked.

     IRF [B ] object rights only

     9. Now click OK to save the IRF box changes.

     (This is done so that the workgroup manager does not inherit rights to manage himself.)

     10. Reassign explicit rights to the user WGManager to the Object Right and Properties Rights by
     highlighting the user's name in the trustee list and checking:

     [ B ] object rights (Checking in the left box - Object Rights)

     [ R ] All properties (Checking in the right box - All Properties Rights)

     Check on "Selected properties" and check:

     [ RW] to the "Login script" property

     [ RW] to the "Print job configuration" property

     [CR ] to the "Object trustees (ACL)" property

     11. Click OK to close the user's box and save the changes

     (This gives the workgroup manager the same rights to manage himself that a user has by
     default, and prevents him from adding more rights to himself.)

     What makes this scenario work is the workgroup manager's inability to change trustee
     assignments for a container through restricted access to this container's ACL property.




--------
PS For more information obtain Novell White book from NAEC (Netware Administration)

And read articles in Novell AppNotes on http://developer.novell.com
"Planning a  Directory Tree" at http://developer.novell.com/research/appnotes/1993/april/03/03.htm

About Nw4.X Security read
"Implementing and Administering NetWare 4 Security" on
http://developer.novell.com/research/appnotes/1994/april/03/index.htm

0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Performance in games development is paramount: every microsecond counts to be able to do everything in less than 33ms (aiming at 16ms). C# foreach statement is one of the worst performance killers, and here I explain why.
In  today’s increasingly digital world, managed service providers (MSPs) fight for their customers’ attention, looking for ways to make them stay and purchase more services. One way to encourage that behavior is to develop a dependable brand of prod…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now