User Admin in NW6 got deleted

The netware 6 network has been up and running for a year now.
Can any one tells me how to re-create user object admin. The story was like this
One day ( months ago ) I was maintaining and deleting users who no longer worked in the Compnay, by mistake, I deleted the user admin. Fortunately my own account is having equivalent rights as user admin, so I got no problem so far in maintenance.
With the recent release of sp5 for nw6, I wanted to install it but till this moment I found out that I do not have sufficient right to do the job even though I was sure I set up my account in equivalent to admin ( supervisor ), is there a way to get the user admin back or what should I do to find out if I do have the administrator rights?
I know if I set up another server from the scratch it can be the answer but I really don't want to, please help
Who is Participating?
PsiCopConnect With a Mentor Commented:
ppdsh, no matter which way you go, one of the first things you need to do is grant another account "S" at the root of the tree,
OK, first, in the NDS environment, there is no "Supervisor" user - that user was a creature of NetWare v3.x and earlier (Bindery). User "Admin" in the NDS environment is just another user account, it just happens to have the "S" NDS right at the root of the NDS tree. As you've unfortunately found out, "Admin" can be deleted just like any other user. This is good in that because the administration-privledge-level account does not have a fixed name, it makes it harder for an intruder to get in (this contrasts with the NT/AD environment, where 1/2 of the administration-level credentials - the user name - is unchangeable, so all the intruder has to do is guess/brute-force the password).

The mistake you made, and its unfortunately a common mistake, is that you made your account equivalent to Admin, instead of having the Admin account grant your account the "S" right at the root of the NDS tree. Thus, when you deleted Admin, you destroyed your privledges.

The fact that you did this a month ago means that even if you have an NDS-aware backup system (and I hope you do!), you probably don't want to back-rev the NDS database that far. At this point, you have two choices:

1) Destroy your current NDS installation and re-install the directory service from scratch. This means trashing the entire tree, all the user accounts, and loss of the filesystem trustee rights. The latter you could backup and then put back in with a script, and with something like JRB Utilities ( you could automate restoration of the user accounts, but this is still a messy and brutal process.

2) Contact Novell TS (if you don't have a support contract, you're going to have to shell out some $$$) and get them to perform the necessary tree surgery to either re-create the Admin account or, better yet, assign your account the "S" privledge at the root of the tree.

Personally, I'd go for the second option unless I had a small, single-server tree with only a handful of user accounts.
ShineOnConnect With a Mentor Commented:
There is always a way.

First, was your account set as equivalent to Admin, or do you have explicit rights to [ROOT]?

You should ALWAYS have at least ONE account with full EXPLICITLY-ASSIGNED rights to the root of the tree.  Equivalence goes away when the account you're equivalent to goes away.

If you have explicit rights, you should be able to create a new Admin user.  Problem there, is that if the licensing was installed by Admin, creating a new Admin account won't necessarily let that new Admin user manage them.

You may have to call Novell Support (and pay for the service,) but they have tricks for re-creating the Admin user.

There are hacker tools floating around that can create Admin accounts, but I don't know that it'd be my first choice with a supported OS.
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

ppdshAuthor Commented:
I am just a newbie in NDS, professional set up the server for me and disappeared
I just made my account equivalent to admin, so when admin is gone, my rights are gone! By deleting the tree, are all the print queues, print server things are destroyed too? My network has only about 15 users so re-build user accounts is not a big deal but I hate to set up the printing things. How do I rebuild the tree?
Just another thought, if I set up another server and migrate all the settings and files would that be an alternative?
Yes, you'd have to do it all over again.  Migration needs admin on both servers.  The best you could do is set everything up "the same" with a different tree name, then copy over the data files.  The users passwords will all have to change, too, unless you are like some installations where the Administrator assigns the passwords and keeps 'em on a piece of paper...which I DON'T recommend, no matter how small or "cozy" your organization is.
You can think of it as a good learning experience, and look forward to the successful completion, upon which you can pat yourself on the back and buy yourself a beer. ;)

 - Don't forget to grant your user ID "S" NDS rights to [ROOT].
"I am just a newbie in NDS, professional set up the server for me and disappeared"

Doesn't sound like they were too professional if they didn't at least offer to document their work.

Your options remain as I indicated earlier - toss out your current NDS database, including printing info, users, file permissions, all of it; and re-install from scratch - or contact Novell Technical Support and they may be able to do the necessary tree surgery that will get your account the access it needs.
DSPooleConnect With a Mentor Commented:
Don't you guys ever read CoolSolutions?  ;)

Here - a solution WITHOUT a rebuild of the network:

Damn. No, I'd never seen that. That's way cool. Novell TS in a box.
ppdshAuthor Commented:
I downloaded the emadmin.nlm and created the account
Tried to install sp5, system tells 'username do not have the right to extend schema' so installation can't go on. Did I miss anything? How do I get the right to extend schema? I guess I have the right in root but still can't carry on this patch.
I've used the account I created to grant rights, but no luck
Any more ideas please
I've not used EMADMIN, so mebbe an Expert who has will chime in. In what context you create the account? If you are in ConsoleOne and right-click on your tree's Root object and select Trustees of this object, is the account listed there?
ppdshAuthor Commented:
Yes, the account is there, NDS rights of the object is

>xxxx CN
>Role Based Server.xxxx

Do I miss anything?
ppdshAuthor Commented:
Thanks for all, I mixed all the clues in the answers from you guys, I worked it out finally, with a bit of luck
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.