Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


Equivalent commands in Netware 4.11

Posted on 1998-09-29
Medium Priority
Last Modified: 2008-02-01
1) i would like to know how to create a workgroup manager or    user account manager( found in Netware 3.12) in Netware    4.11?
2) how to assign queues to printers in Netware 4.11? i don't    seem to find the equivalent procedures as in Netware 3.12
Question by:tyj
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2

Accepted Solution

aioudine earned 240 total points
ID: 1593592
1) Create object "Organizational role"
assign user-account manager as occupant of this object
Then make this object 9Org. role) trustee of group

Also you may directly make user trustee of group
for more information see manual

2) you may use NWADMIN or pconsole
If you not familar with this utilites use Quick Setup options in netadmin


Author Comment

ID: 1593593
1)can please be more detail on where to create an organizational role? whether i should create it under the current context or under an organizational unit? And what exactly does an organizational unit does?

 After creating the organizational role, can you tell me in more detail whether should i assign a particular group as trustees to the org. role or should i assign the role as trustees to the group?

Expert Comment

ID: 1593594
An Organizational Unit object helps you to organize leaf objects in the Directory tree. It
also allows you to set defaults in a login script, and create a user template for User objects you create in the Organizational  Unit container.

You can use an Organizational Unit object to designate a business unit within a company, a department within a division or univeristy, a project team within a department, and so on.

So, you may create OU Marketing, Sales, Support,
or OU Tokyo, Dallas, London
An Organizational Role object defines a position or role within an organization.
An example might be a department manager or vice president of sales, and so on.
You can assign any User object to be an occupant of the Organizational Role object.
Any occupant receives the same rights that were granted to the Organizational Role object.

You create an Organizational Role object to assign rights to a particular position in the organization where the person  holding the position might change frequently, while the actual responsibilities of the position do not change often. It can also be used when you have a job where you want different people to handle the same job at different times of the lear.

After creating the organizational role you should assign a role as trustees of the group
or you can grant OrgRole right to OU (All depend on tree design)
Below related TID from support.novell.com
NOTE: Here explained how to create User object, but I recomend you create OR
How do I create a Workgroup Manager in 4.1 ?  (Last modified: 06FEB1998)

     This document (2913382) is provided subject to the disclaimer at the end of this document.

     There is no easy way to create a Workgroup Manager (WGM) in NetWare 4.1 environment
     without giving this user too many rights. In fact, many people believe that there is NO WAY to
     have a WGM, unless we give him/her all of these excessive rights.

     The solution described below must be followed precisely, or the user will end up with too many
     rights or no rights at all over the container he or she will be responsible for.

     By the way, the sequence described here is based on the fact that the WGM created will be in
     fact a
      "CONTAINER" MANAGER, and not a "Group" Manager.

     The solution here can be found also in the Dynatext Library for Netware 4.1 "Building and
     Auditing a Trusted Network Environment with Netware 4", chapter 3 Section "Workgroup
     Manager" , with less details.


     Workgroup Manager

     Your organization may have security needs that require central administration but also allow for
     workgroup or departmental management. As seen in this example, it is possible to cut off
     administrative control to a branch of the tree. It is therefore imperative to set up security so that
     if the WorkGroup Manager administrator of a branch leaves the company under unfavorable
     circumstances, the resources in that branch can still be administered.

     To prevent cutting off administrative control from a branch of the tree, and to give rights to a
     WGM to perform daily tasks over a container like change or reassign passwords, create or delete
     users, carefully complete the following steps:

     1. Create a User called WGManager (or something appropriate).

     2. Assign this User an explicit trustee of the container to be administered by going to the
     container that needs to be administred, right click on it, go to "Trustees of this object" and ADD
     the WGManager user as a trustee of the container. Before closing the window, give the user the
     following rights:
     [BCDR] to object rights (Check in the left box )

     [RCWA] to All Properties rights (Check in the right box)

     Then click on "Selected Properties" and scroll down until you find the "Object Trustees (ACL)"
     and check

     [CR] ACL Property rights

     (Do not click OK yet. Wait for instructions about when to close this window (step 5.))

     (Reassignment of the ACL property rights override the rights assigned to All Properties rights,
     preventing the user WGManager from changing trustee assignments to the container.)

     3. ADD the user Admin as a trustee of this container by clicking the button "Add Trustee" and
     searching the tree.

     4. Assign Admin an explicit trustee assignment to the container of all Object Rights and
     properties Rights by checking:

     [SBCDR] object rights (Checking in the left box - Object Rights)

     [SRCWA] All Properties rights (Check in the right box - All Properties Rights)

     5. Now click OK to close the Container Box and save the changes.

     6. Right Click the user WGManager, go to "Trustees of this object" and ADD the user Admin as
     a trustee of this object.

     7. Assign Admin an explicit trustee assignment to the user WGManager of all Object Rights and
     All Properties Rights by checking:

     [SBCDR] object rights (Checking in the left box - Object Rights)

     [SRCWA] All Properties rights (Check in the right box - All Properties Rights)

     8. Revoke all inherited rights except B to the user WGManager by clicking in Inherited Rights
     Filter and checking with a " X " only the Browse. All other rights in both boxes must be without
     " X " , or blocked.

     IRF [B ] object rights only

     9. Now click OK to save the IRF box changes.

     (This is done so that the workgroup manager does not inherit rights to manage himself.)

     10. Reassign explicit rights to the user WGManager to the Object Right and Properties Rights by
     highlighting the user's name in the trustee list and checking:

     [ B ] object rights (Checking in the left box - Object Rights)

     [ R ] All properties (Checking in the right box - All Properties Rights)

     Check on "Selected properties" and check:

     [ RW] to the "Login script" property

     [ RW] to the "Print job configuration" property

     [CR ] to the "Object trustees (ACL)" property

     11. Click OK to close the user's box and save the changes

     (This gives the workgroup manager the same rights to manage himself that a user has by
     default, and prevents him from adding more rights to himself.)

     What makes this scenario work is the workgroup manager's inability to change trustee
     assignments for a container through restricted access to this container's ACL property.

PS For more information obtain Novell White book from NAEC (Netware Administration)

And read articles in Novell AppNotes on http://developer.novell.com
"Planning a  Directory Tree" at http://developer.novell.com/research/appnotes/1993/april/03/03.htm

About Nw4.X Security read
"Implementing and Administering NetWare 4 Security" on


Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Geo-targeting is the practice of distributing content based on a person’s location, as best as you can determine it. Let’s look at some ways you could successfully use this tactic. The following tips and case studies could lead to meaningful results.
An overview of cyber security, cyber crime, and personal protection against hackers. Includes a brief summary of the Equifax breach and why everyone should be aware of it. Other subjects include: how cyber security has failed to advance with technol…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question