------------------------------------------------------------------- USERMGM1.DOC -- 19970203 -- Email thread on NetWare User Management ------------------------------------------------------------------- Feel free to add or edit this document and then email it back to faq@jelyon.com Date: Mon, 7 Aug 1995 19:20:30 -0400 From: Shawn Holmstead Subject: Re: Create users from file? >I swear that I have heard of a program that will allow you to create >users from a tab delimited file. I have to add 600+ users to a new >4.1 file server and would appreciate it if I didn't have to do it one >at a time. Thanks You could use an MS-Windows program called Mass User Management to do the job for you. It reads in a tab, comma or space delimited file and creates the users. It uses templates to match different user account restrictions to different users in the ASCII file. A demo of Mass User is available via anonymous FTP and CompuServe. Via anonymous FTP, look on oak.oakland.edu in the /SimTel/msdos/novell directory for MUM13A.ZIP. Via CompuServe, look in NETWIRE in NOVUSER library 09 (management utilities) for MUM13A.ZIP. This version of Mass User only works in bindery emulation on NetWare 4.1 servers (meaning all users must be in the same context). An NDS version is in the works, though. P.S. I helped to write Mass User so I am biased towards it. Shawn Holmstead, Novell, Inc \\\\ \ \ \\\\\| Shawn_Holmstead@novell.com |\ \\\ \\ \\ \\\| sholmste@novell.com |\\ \\\ \\\ \\\ \| ______ |\\\ \\\ \\\ \\\\ |\\\\\`| |\\\\ \\\ \\\ \\\\| | \\\ | \\\\ \\\ \\\ \\\| | \ | |\ \\\ \\\ \\\ \\| | | |\\\ \\ \\ \\\ \| | ECNE | |\\\\\ \ \ \\\\ |______| --------- Date: Tue, 8 Aug 1995 15:11:17 -0400 From: Shawn Holmstead Subject: Re: Create users from file? >From: ag129@cam.ac.uk (A. Grant) >Date: Mon, 7 Aug 1995 09:50:32 >>This version of Mass User only works in bindery emulation on NetWare 4.1 >>servers (meaning all users must be in same context). An NDS version is in >>the works, though. > >As an employee of Novell and an ECNE, would you mind telling us >why the standard 4.x utility UIMPORT is not the correct answer to >the requirement? > >I.e. why are you recommending an extra-cost bindery-emulation tool >when there is an NDS-aware tool provided as standard? I apologize. You are correct that I should have pointed the original poster towards UIMPORT as a first stop. UIMPORT does read an ASCII text file and add users, and may well suit his needs. The reason I recommended a different tool is because UIMPORT, like the 3.x MAKEUSER, is very limited in its capabilities. Other utilities, even though they are penalized because they are bindery utilities, offer many more features above UIMPORT. But like you suggest, all 4.x owners should look at the standard Novell utilities in 4.x before seeking alternatives. ------------------------------ ftp://ftp.coast.net/SimTel/win3/network/rsu15a.zip Remote Software Update (RSU) Version 1.5a is a utility that allows software to be distributed and individually configured over a network. It is controlled by a simple script language. RSU features IF-THEN-ELSE-ENDIF constructs, GOTO jumps and the unique ability to synchronize entire directory trees. ShareWare. Burkhard Daniel --------- Check out setquota in jrb221a.zip from one of the following sites: netlab2.usu.edu apps risc.ua.edu pub/network/misc/novell ftp.let.rug.nl jrbutils It handles both directory based quotas and volume based quotas under 3.x and bindery emulation under 4.x. e.g. setquota students vol1: 5000000 would set an (approx) 5 MB quota on volume vol1: for all members of group students. You can specify either a group name or username, both of which can contain wild cards. John Baird --------- >> Currently in a mixed 3.12/4.1 environment where the 3.12 servers >>are all using Pegasus Mail. What NDS mail programs are there that >>I can use to remain compatible with the existing system and still work >>with internet and cross server mail. >> >>I can't set up new accounts on the 4 server except in bindery >>emulation mode because the mail only works on the 3.12 servers. John Selph couldn't bear any longer to log every user in in bindery emulation so he produced a freeware utility to make mail directories and assign the appropriate rights to NDS user objects. You can find a copy of mkmail.exe in the Americas at ftp://ftp.obu.edu/pub/pegasus/mkmail.exe or Australia at ftp://plato.ens.gu.edu.au/sys/xfers/mkmail.exe ------------------------------ I recall recently some people asking for a way to give their users access to file manager but without the ability to affect the network drives. This looks like the answer. ftp://ftp.coast.net/SimTel/win3/fileman/fmgrd208.zip File Manager guard provides a comprehensive set of [Restrictions] for MS Windows File Manager. You can disable any command of File Manager (including Run, Exit, etc.), prevent access to any drive of your choice, keep the size and position of the File Manager window on the screen unchanged, prevent users from running programs and opening documents. The restrictions are password-protectable. For use with private systems and corporate networks. Andrei Belogortseffm, 74634.2173@CompuServe.com Jeff Pilant ------------------------------ You can have a look at the Wofgang Schreiber utilities: dorm.rutgers.edu:/pub/novell/utilities/wschreib.zip Or you can look for the Mass User Management (windows) program: dorm.rutgers.edu:/pub/novell/utilities:/massusr2.zip Larry LeBlanc ------------------------------ Date: Sat, 18 Nov 1995 12:07:56 -0800 From: rgrein@halcyon.com (Randy Grein) To: netw4-l@bgu.edu Subject: Re: Management Utitlity Landesk manager is not really very much like Managewise - Novell's NMS is the core of the product. I did work with that product, and was reasonably happy with it. I have associates who are running it and have been quite satisfied - bearing in mind that no one utility or console will do everything you might need. The great thing is, however, that it is extensible with snap in modules. --------- Our facility is presently using HP Openview. This product works well for traffic statistics and hub\router management, but it does lack in some of the more sophisticated trouble shooting tools like a network sniffer or a proptocal analyzer. Tom Witteman ------------------------------ Date: Wed, 22 Nov 1995 09:13:37 +1300 From: J.Baird@ONO.LINCOLN.AC.NZ Subject: Re: Command line utility >Is there a command line utility to display which users have what files >in use? Check out two of Wolfgang Schreiber's utils - whohas and monitor. They can be downloaded from your nearest mirror of ftp.novell.com Search for whohas.zip and monito.zip ------------------------------ Date: Sun, 21 Jan 1996 03:30:20 GMT From: "Ron P. Bergeron" Subject: Re: nw311 - userlist! >Is there any way to get a list over the users on nw311. >I would like to get UserName, Full Name, Last Login, Groups Belonged To... I wrote a program that will create a list of usernames, full names, object ID, last login dates, and last login times of all users. It will also show any user that has been disabled. The program also creates a comma delimited output file. I have tested it on 3.11 and 3.12 servers. It is available at: ftp://ftp.shore.net/members/machine/lastlog1.zip Here is a sample of the program's output: Login Name Full name Obj ID Last Date Last Time -----------+-------------------------+--------+---------+---------+-------- SUPERVISOR Admin: System Supervisor 00000001 12-14-95 08:54:48 CAREYR Carey, Rebecca 020000d1 12-13-95 08:07:50 LEWISR Lewis, Robert 0700000b 12-13-95 08:05:55 SHINNICD Shinnick, Diana 09000014 12-14-95 07:54:39 TOGHERP Togher, Patricia 0a00002a 12-13-95 09:20:10 HOGANT Hogan, Tom 0b000083 12-14-95 08:39:36 LIFSONA Lifson, Alex 0c000058 12-14-95 09:10:17 Disabled LERNERJ Lerner, Judy 1d00008d 12-13-95 09:09:27 ------------------------------ Date: Sat, 20 Jan 1996 23:25:52 -0800 From: Floyd Maxwell Subject: Re: change 'NoUser' owner file to 'someone' user >>After deleting a user on NetWare 3.11, those files created >>by that user are set to 'No User' ownership....Is there any easy >>'command line' utility that can change ownership... > >I'm not sure if it can be done in one step... > >You can generate a list of ownerless files using a command like: >NDIR *.* /OW LE " " /S > >In NW4, you can change ownership of a file (or a group of files) using: >FLAG /NAME=new_owner_name > >Now if you can just put the two together..... >Even if you have to print out the list and use it to track them down, it's >probably faster than FILER (and I've done it on servers for hundreds of >files, too, so I know how tedious it is!) > >Debbie Becker In my search for a ConLog replacement, someone sent back info (and later the NLM) on EventMon.NLM...a product that has been sold to Citadel ( www.citadel.com ). Citadel, it turns out, has a product that will manage files that have lost their ownership...one is an NLM that will reowner files automatically (but to "admin"). The second is called MDir...despite the meaningless program name, MDir allows mass renaming to the user of your choice. ------------------------------ Date: Sun, 21 Jan 1996 18:50:27 -0600 From: Bill Braughton Subject: Re: change 'NoUser' owner file to 'someone' user >Someone (sorry, lost the original info) wrote: > >>After deleting a user on NetWare 3.11, those files created >>by that user are set to 'No User' ownership....Is there any easy >>'command line' utility that can change ownership... > >I'm not sure if it can be done in one step... > >You can generate a list of ownerless files using a command like: >NDIR *.* /OW LE " " /S > >In NW4, you can change ownership of a file (or a group of files) using: >FLAG /NAME=new_owner_name > >Now if you can just put the two together..... >Even if you have to print out the list and use it to track them down, it's >probably faster than FILER (and I've done it on servers for hundreds of >files, too, so I know how tedious it is!) It really is much easier than you think. I knew you could do it on 4.1 b/c I've done it with some of my servers, but I wasn't sure about 3.11. Well, here's the procedure. Start up filer and get into the parent of the subdirectory you want to change ownership, so if it's PUBLIC say for instance then you need to be in the root of the SYS volume. Ok, now list the contents of the parent directory. When you see the subdirectory you want, hit F5 to mark it and then hit enter. Note that you mark multiple subdirectories and it should work too. Ok, now select View/Set Directory Information. Now select owner and select the new owner. Choose your new owner from the list, once you have done this, it will present you with two options, one is which Change Ownership for Entire Subdirectory Structure and the other is Change Ownership for this Subdirectory. I usually choose the first. It then changes the ownership of all files and subdirectories for the particualar subdirectory that you choose and below. You can confirm this by doing an NDIR and checking the owner. Hope this helps! ------------------------------ Date: Mon, 22 Jan 1996 11:30:48 -0400 From: G_AGUAYO@RUMAC.UPR.CLU.EDU Subject: Uimport Problem Here is a copy of my CTL and USR files for the creation of student accounts, including home directories. It has worked fine for us. We create over 4500 users per semester. CTL file: Inmport Control Name Context=".OU=GRUP01.O=CCI" Create home directory=Y Home directory path="USERS" Home directory volume=".CN=RMECC01_VOL1.O=CCI" Home directory volume=".CN=RMECC01_VOL1.O=CCI" ------------------------------ Date: Mon, 22 Jan 1996 11:50:05 -0400 From: G_AGUAYO@RUMAC.UPR.CLU.EDU (Guillermo Aguayo) Subject: Uimport Problem Here are the files we have been using to succesfully create home dir's for our students. Over 4500 per semester: ---CTL File START--- Import Control Name Context=".OU=GRUP01.O=CCI" Create home directory=Y Home directory path="USERS" Home directory volume=".CN=RMECC01_VOL1.O=CCI" Fields Name LAst Name Password required Password Login expiration time Login maximum simultaneous Password allow change Passowrd minimum length Group membership Group membership Volume resterictions ---CTL File END--- ---USR File START--- Q412,"SMITH JOE",Y,XXXXX,"05/29/96",1,Y,4, ".CN=Q4.OU=GRUPO.O=CCI",".CN=EVERYONE.O=CCI", ".CN=RMECC01_VOL1.O=CCI:500" ---USR File END--- I also have a homemade FORTRAN program that creates, based on a student list of fixed format, a USR file with the abnove specifications, including the assigning of random passwords. Anyone interested let me know. It has worked for us extremely well. ------------------------------ Date: Thu, 25 Jan 1996 11:14:25 EST From: Sheng Jiang Subject: Re: Tools for listing all Users >I'am searching for a tool (shareware) that lists all Users on a Novell >Netware 3.12. I want to use it for documentations and statistics. You might want to check out VB NetWare Programming home page at "http://mailserv1.ferris.edu/~jiangshe/nwvbhome.htm/". The file you want is ALLUSER. ------------------------------ Date: Fri, 26 Jan 1996 03:07:20 -0500 From: Debbie Becker Subject: Re: Transfering Rights to New volumes >How to move Directories from one volume to other volume along >with their rights..Do I have to manually assign the rights once >again for all the directory structure? >Is there a way I can get the listing of all the properties of all the >users and groups along with their rights? NLIST seems to give >properties of the users in the same context. For users in all >contexts is there any way... I don't think there's much any way to move files/directories and maintain the trustee assignments except using a backup. I have heard of a program on NETWIRE/NOVUSERS called FSTRUST which will backup and restore file system trustees. Haven't had a chance to play with it yet, but sounds promising. To get detailed info (i.e., a listing of all properties) for all users from the [Root], make sure you're logged in as an administrative user and type: NLIST USER /R /D /S If you're looking for who has rights to Organization, Organizational Unit objects, etc., use: NLIST ORGANIZATION SHOW ACL /R /S NLIST "ORGANIZATIONAL UNIT" SHOW ACL /R /S and so on... You'll have to check the [Root] manually. Good idea to port all of these off into a file (>ORG.TXT, >OU.TXT, etc.) for future reference and easier handling! ------------------------------ Date: Fri, 26 Jan 1996 08:17:17 -0600 From: Joe Doupnik Subject: Re: Accounting and fee charging >We are currently looking at implementing some form of a user fee in our >academic computer labs. What we are looking for is some way of setting up >individual accounts for users on the academic network as opposed to an >individual fileserver. What we want to be able to do is as soon as the user >logs into the network, time starts ticking away and the charge/debt, >etc., starts to take place. We currently have a student HP/UX box for >internet access and we would like to be able to tie into its accounting >procedure on this, as far as creating accounts, etc., automatically. We >currently have computers throughtout the campus, that connect to our >corporate database, for students to create accounts on the HP/UX box. >The corporate database is on an HP/3000 box running MPE/IX 5.0. The way that >this happens is a student goes to one of the access computers and requests >an internet account. After requesting the account, the student then goes to >accounting services and pays for the time requested. This transaction is >then updated and a job on the HP/UX box runs every night and queries the >HP MPE/IX box for new accounts to be created. The HP/UX box then takes >this information and creates new accounts or adds more time to exsisting >accounts. We would like to be able use this exsisting procedure and >extend it to the entire academic network (ie. create user accounts on the >Novell network and on the student HP/UX box and have the accounting take >place in one central location). Does anyone know of any products that >can be added on to Netware 3.11 fileservers (this is the version that we are >running)? Does the accounting features and the technology of Netware 4.x >have this capability already in it? ----------- I thought such glass-house concepts were finally dying off. Think of the expense incurred in administering this scheme. You do have the NetWare accounting log, if you turn on accounting on servers. That will give you a start/stop time for a station. I have a suggestion for you. People actively resent being scrutinized and every tiny thing being charged for. So don't. If you want to raise money then raise money in one clean operation: just charge them X dollars per year/quarter/semester for computing activties, same fee to everyone. That gives you a known budget and cuts out the bean counting nonsense. Joe D. ------------------------------ Date: Fri, 2 Feb 1996 12:25:01 GMT0BST From: Liz Jarman Subject: Re: # of user objects in a ou >We plan on having several thousand user objects in a ou container. >Is there any problem with that many objects? Very possibly speed. We have at the moment one container with about 10,000 students in and we are having tremedous problems with login speeds. We are looking at splitting the container and other solutions. Why do you want to have so many users in one container? Novell recommends that you split the users according to work area. We do not have that luxury as our students are not always attached to one school nor even on a 'course'. Our students are given such a choice that they could be studying with more than one school, on more than one course, doing modules that span course and modules and possibly even acadmic years. ------------------------------ Date: Mon, 5 Feb 1996 16:13:09 GMT From: Wilson Randy # Computer Services Subject: Re: Need a Program to edit login scripts >>>a script and we have multiple servers, each with it own unique login >>>script. >> >>As net$log.dat is a simple text file, you can do this with any text >>editor. There are tons of grep/fgrep type things out there in the >>public domain and share ware, plus you may simply be able to do >>whatever you want to do by using the standard dos "type" and "find" >>commands. You will find that net$log.dat is read-only, so you'll need >>to run "flag" before modifying the file, plus of course you would not >>be able to change the file if it's in use..... > >Well if you're logged in as supervisor net$log.dat is *not* a >read-only file. You can just straight away edit it. If you find that >to be a read only file, its most likely that u're not a supervisor & u >wouldn't be able flag it as read-write. We have 13 servers and they all have a similar login script. I log into and map all servers I want to edit login scripts for and use SYSCON. The F5 key will mark and block a section of the script. Deleting a block puts it into the edit buffer in SYSCON. Exit the editor without saving and then change servers to to edit its login script. The INS key then pastes the text block in the edit buffer. You say the login scripts are uniqe in your case. May be you can use AWK to make changes for you. I have never used fgrep. Both AWK and FGREP are utils that are run against text files and that is what NET$LOG.DAT is. More detail on how and when you want to edit the login script would help. ------------------------------ Date: Tue, 6 Feb 1996 17:48:00 GMT From: tech@AVANTI-TECH.COM (Steve Meyer) Subject: Re: Tracking Open Files >I would like to know if there is a Novell or 3rd party utility that will >show me which connections have a particular file open. I know that >MONITOR will allow you to look at a connection and see which files that >connection has open. What I need to be able to do is look at a file, >and see which connections have it open. ftp://avanti-tech.com/pub/users/a/avanti-tech/nodeinfo.zip Manage users/files on NetWare v3.1x, v4.0x & v4.10 (NDS or bindery) with Windows client better than FCONSOLE, MONITOR, SEND & SESSION combined. Grid shows Logged In, NOT-LOGGED-IN, Authenticated (NW v4) & inactive conns. Search conns for USER, GROUP, Open Files, Record Locks, Node ID & more. Clear File Locks &/or Close Open Files WITHOUT killing conns. View conn info (incl. IPX/SPX & NETX/VLM stats), SEND msgs &/or CLEAR marked conns. Display most active conns by Server or IPX activity. ------------------------------ Date: Tue, 6 Feb 1996 18:52:18 -0600 From: Joe Doupnik Subject: Re: bootp and Novell >I am using Hellsofts bootpd.nlm but ... >If I edit the static list, I need to reload bootpd.nlm and it "forgets" all >the addresses that it had given out: two devices with same IP address. >The device that has just asked for an IP address, when rebooted gets the same >address, which is still in use ... >The problem arises if I have to down the server and is most acute for Macintosh >users, the Mac holds on to it's IP address when given it unlike for example a >trumpet which asks each time it is used. >What I need is an NLM that checks that an IP address is not already in use >before it gives it out: does anyone know of such an NLM or do I have to set up >a seperate machine. ------------- There isn't a solution to this puzzle as given. A program can retain the IP number in memory even while not using TCP/IP between sessions, and there is no way of finding out from another machine. The problem is very well known. The real solution is DHCP, where IP addresses are borrowed with promises to return before the overdue book charges get large. It's a superset of bootp. It's also a committee solution, which means large and awkward. There are few DHCP servers around at this time. A very simple alternative in many (not all) cases is to assign IP addresses permanently rather than from a pool. But you need the address space to do this. My place has that space. In my student open labs I omit bootp, the file server is read-only, no hard disks, all stations are alike and all login as user GUEST. Hmmm, so what do I do about IP numbers? Easy: the system login script looks like this: map display off include sys:public\machine.log rem #f:\public\castoff write "" write " Good %GREETING_TIME! It's %HOUR24:%MINUTE %DAY_OF_WEEK"; ... and file sys:public\machine.log holds this long list: machine name="station%STATION" set MACID=P_STATION << 6 if ="13C523" then set MYIP="129.123.30.01" set MYGW="129.123.30.62" #f:\public\capture /l=1 /q=dot_matrix /ff /tim=30 /notab /nam=r1c1 /noban #f:\public\capture /l=3 /q=laser /noff /tim=40 /notab /nam=r1c1 /noban #f:\public\capture /l=2 /q=color /noff /tim=40 /notab /nam=r1c1 /noban end if ="13C427" then set MYIP="129.123.30.02" set MYGW="129.123.30.62" #f:\public\capture /l=1 /q=dot_matrix /ff /tim=30 /notab /nam=r1c2 /noban #f:\public\capture /l=3 /q=laser /noff /tim=40 /notab /nam=r1c2 /noban #f:\public\capture /l=2 /q=color /noff /tim=40 /notab /nam=r1c2 /noban end if ="13C4E3" then set MYIP="129.123.30.03" set MYGW="129.123.30.62" #f:\public\capture /l=1 /q=dot_matrix /ff /tim=30 /notab /nam=r1c3 /noban ... It's a poor man's bootp. It runs very fast. The second file is required to prevent net$log.dat from exceeding 4KB and hence losing all after that point. Note the "/name=" in the capture statements so we can tell where a job came from on Pconsole. MS-DOS Kermit knows how to read the DOS evironment; no helper needed. Many other programs do too, but not all. Joe D. ------------------------------ Date: Mon, 4 Mar 1996 15:05:51 -0500 From: Debbie Becker Subject: Re: UIMPORT >Yes, there's a switch you give uimport to delete users in the control file >as opposed to create them. I'm sorry I can't recall the parameter by >heart, but it's there! It is, indeed. IMPORT MODE = R will remove all users listed in the data file. The other modes are C (create) U (update) B (both create and/or update). Note that using the R mode will not remove the user directories, but if you've set it up so that they're isolated to start with (i.e., USERS\STUDENTS\CLASS001), you need only delete the entire subdirectory structure. ------------------------------ Date: Tue, 12 Mar 1996 17:16:19 +1300 From: J.Baird@ONO.LINCOLN.AC.NZ Subject: Re: syscon copy group? >Question 2 - is there an easy way to add everyone to >another group. I'd rather not tag and move each user on the >server, but I need to add all the users in group everyone to >another group. I thought of renaming, but I still need the >group everyone to exist after. grpadd.exe from jrb230a.zip on one of the following will do this: ftp://netlab2.usu.edu/apps ftp://risc.ua.edu/pub/network/misc/novell ftp://ftp.let.rug.nl/jrbutils ftp://dorm.rutgers.edu/pub/novell/utilities Eg, grpadd newgroup everyone /c will create newgroup then add all members of group everyone to it. ------------------------------ Date: Tue, 9 Apr 1996 16:22:13 -0500 From: David Kobbervig Subject: Re: Password troubles! Migration from NW >One of our Novell 3.11 file servers has over four thousand users >defined for sign-on login name & password. We're going to have to >migrate to NW4.11 with-in the next two weeks. We're bumping the 250 >user limit all the time now and users can't get on. Under 4.1 we'll >be able to merge / share / spread around our user licenses amoung of >7 servers better for a total count of one thousand users at a time. >NW4.11 migrate has a bad feature (bug?) in that you loose all the >current passwords. Is there anyway around this? I know users are >supposed to change their passwords and they do. But get real!!! > >The two choices for migrate are a new random password or no password >at all. Both ways we can make the user sign-on first to the old >server before allowing them to try the new main server. (batch files) >Well, bottom line... We need to migrate with passwords intact or we >can't migrate. Whats my solution? We've already purchased the 7 >copies of NW4.1... Thanks for any help... You better give yourself more that just two weeks prep to migrate that many objects. It'll be a miracle if you are able to insert all those users into your existing tree the first time. You may find you have problems in your tree that you are unaware of. (Even with DSTRACE resporting no errors) Anyway, the reason I responded was to tell you that there is another way. Clone your server, and then do a 4.1 Install upgrade on the clone. You get to keep the passwords that way. This worked like a charm for me on a 3.12 upgrade a few weeks ago. Of course you need a backup program that is really backing up everything, esp. because the clone (which was restored from tape) becomes the new production server. HTHs. ------------------------------ Date: Mon, 29 Apr 1996 11:57:44 -0400 From: Debbie Becker Subject: Re: nw4.1 utils >Hi, I am looking for a way to create a report on Netware Server >Configuration and all NDS object info including all object >properties,trustees,scripts,file/dir rights... Are there any good >utils available to do this??? If your tree is small you can use NLIST /R /D /S and get full NDS data. RIGHTS volumename /T /S will get all file system rights assignments. Both of these are best ported off to a text file... ------------------------------ Date: Fri, 17 May 1996 12:49:49 +0000 From: Garry J Scobie Ext 3360 Subject: NETCTRL.NLM: was LOGOUT USERS? >Is there a program that will logout users at a certain time every >night? We are running NetWare 3.12 (250 user). NetCtrl is an NLM that allows you to operate and control a Netware Server even when you are not physically present. With NetCtrl you can set up a sequence of scripts which allow various management actions to be taken at configureable times. Among the actions which are supported are Sending of messages to logged in users based on the membership of groups. Forcibly logging users of at specific times. Disabling and enabling loggin in of all users or only users within certain groups. Issuing any system console command. NetCtrl can also be configured to log all the actions that it effects to provide you with a record of events. NetCtrl basically operates by loading a control file for each day which contains the sequence of timed actions which are to be carried out that day. The particular control file used is normally determined using the day of the week but this can be overriden so that a particular date can have its own individual control file. Once loaded NetCtrl loads the appropriate control file for the current day and builds a list of actions which are to be effected that day and then initiates each of the actions at the specified time. At midnight, NetCtrl searchs for and loads the control file for the new day and processes the specified actions. http://www.enterprise.net/pamoran/ Choose the products page and go for NetCtrl.nlm ------------------------------ Date: Thu, 23 May 1996 09:59:37 -0800 From: Mark Schoonover Subject: Re: Conversion of User's object and their properties to ASCI >Does any one know of a utility that can do the opposite of >the UIMPORT utility available with NOVELL 4.1. I would like >to convert back user's objects and their properties to an >ASCII file or some kind of database file. Sure, try nlist user /d >> users.txt in the current context. It's not pretty, but that'll get all of the user information into a text file. ------------------------------ Date: Thu, 30 May 1996 08:42:04 +0100 From: "David W. Hanson" Subject: Re: Multiple configurations of Windows >>>I disturb you to know if it's possible to have multiple configurations >>>of Windows to the same user. By example, I want to have different >>>VGA's drivers for the same user if he connects in different >>>computers. >> >>Yes, it is possible. What you really want to do is to use a set of >>drivers depending on what type of machine, not who the user is. >> >>The easiest way to do this is to set an environment variable on each >>machine via AUTOEXEC.BAT before login. Then, in the login script, >>you do a series of IFs that set up the correct video drivers, based >>on the value of the environment variable. > >The way to distinguish machines is by the NIC address. If you want, you >can set an environment variable to that in the system login script: > > set PCNIC = "%P_STATION" > >If the P_STATION is a particular PC, then copy the appropriate drivers >to the Windows directory. But if you take this approach, you run into severe scaleability problems. Imagine a network with say, 500 workstations. You would need to use an incredibly -huge- login script to go through and check which individual workstation you were logging in from, based on P_STATION. Also, when you have that many workstations, you are likely to see NIC failures/changes once in a while, which would require you to also change the login script. Or maybe you change out -all- of the NICs, say to go to 100-BT. You will spend as much time editing the script as you will installing the cards! I suggest a more generic approach. Lump the stations by video adapter type. Then set an environment variable for that video adapter type (ie. SET VIDEO=VGA, SET VIDEO=S3SVGA, SET VIDEO=TRIDENT1, etc.) in autoexec.bat. You will have a lot fewer video adapter types than you will individual workstations. Now, the only time you need to edit the login script is when you get a machine with a new adapter type. No worries about NICs. If someone needs to get set up remotely, you can talk them through setting the environment variable in autoexec.bat. ------------------------------ Date: Thu, 6 Jun 1996 10:54:52 +0100 From: "Mr. R. Coates" Subject: New Toy Another new toy - freeware of course, and available from the NEW site (ftp.mersinet.co.uk) from approx 9pm UK time. The readme file is as follows:- USER v1.0 USER is a simple command line program written to perform those routine day-to-day tasks that would often require a larger/slower program such as syscon to be used. Intended platforms: Netware 3.11/3.12 or 4.xx with bindery emulation. Available Commands are:- USER followed by one of:- ACCOUNT SHOW Shows the current account balance, and credit limit for the specified user. ACCOUNT BALANCE Sets the users account balance to the new value. ACCOUNT CREDIT Sets the users credit limit to the given value. The value may also be -1 or 'none' to grant unlimited credit. ACCOUNT DEPOSIT Add 'amount' to the users account balance. REALNAME Sets the users Realname in the bindery to (If is ommitted, the current name will be displayed) LASTLOGIN Shows the last login date/time for the specified user ENABLE Enables the specified users account. DISABLE Disables the specified users account. LOGINSCRIPT Calls 'EDIT' to edit the users login script. Edit can be any text editor, as long as it is called 'EDIT' and it is in your search path. Caution: The standard MS-DOS Edit program uses enormous amounts of memory and does NOT report a failure to load. INTRUDER SHOW Show if the user is locked out by Intruder alert. INTRUDER CLEAR Unlocks the user if locked out by an Intruder alert SPLAT Disconnects the specified user from ALL connections to which they are attached. Each of the above commands may be abbreviated down to a minimum of two letters, eg:- USER ROY ACCOUNT CREDIT NONE is the same as USER ROY AC CR NONE Disclaimer: While reasonable care has been taken to ensure that this program behaves as advertised, the program is used at your own risk and the author will not be deemed liable for any damages caused through the direct or indirect use of this program. Freeware: Yup, yet again this is freeware. All I ask is that if you like it, hate it, find bugs in it, or can think of a way it could be improved - you drop me an e-mail to: roy@mechnet.liv.ac.uk - END - ------------------------------ Date: Fri, 7 Jun 1996 11:26:14 -0600 From: Joe Doupnik Subject: Re: re how many users Users spread out their load over time since N of them are competing for the same wire. That depends on local conditions, naturally enough. For example. Student lab, Pentium-90's, DOS/Win 3/Win95 pulled from a read-only NW file server to diskless clients. A dozen clients per net is too much during the day and throughput is markedly lower than desirable. That's why I am dreaming of a few 100Mbps ports to the server and several Etherswitches to multiplex 10Mbps client connections. It's the Windows traffic clogging the copper, and the fancier folks get with docs the more traffic I see. Printing to a server also eats bandwidth like crazy. As a rough rule of thumb, if the wire carries about 1000 packets/sec smoothed over minutes then it's pretty busy. Twice that means it is likely much too busy (say 1KB per packet one way and on average and ACKs ever few of these guys, where 1000 pkts/sec * 1 KB/pkt = 1MB/sec = one full Ethernet) As another person remarked, "it all depends." I see the dependencies by running Novell's Lanalyser/Windows on the net and also running those apps myself to notice responsiveness. Investment in LZFW is a good move when contemplating spending lots more bucks on sundry comms boxes. Joe D. ------------------------------ Date: Wed, 19 Jun 1996 15:38:08 +0100 From: Stuart Phethean Subject: Re: A large container, bindery emulation, nds traffic >I work at a small university with 6000 students and at this moment >these students are working on 3 netserver 10G 64M HP netserver LH >machines >2 contain apps and userdata >1 contains the printerqueues group data and mail (pegasus > mail is used with mercury) > >all 6000 students have their own account on the network and need to >be able to work from any student computer and all apps (about >500 pc's and 20 printers) >- large waiting times after changing adding nds objects/properties > >possible solutions >divide in more containers and multiple comntainers in one bindery >put printerqueues volumes fileservers in a different container to >speed up mapping capturing etc. > >does anyone have experience with these , what is the solution in your >organisation. We have, at present 13000+ users with each alphabetical group a ... z present in a separate container (ie 26 containers). Each container is also a replica, which is present on two other servers as well, so we have three central servers in all. Novell recommend ( and so do I !) not much more than 1000 users per container or replica. We had big server crashes when we had much larger containers. I set bindery contexts for containers a..h on server 1, i..q on server 2 etc etc. User admin using Uimport works fine. Servers do tend to work quite hard keeping in sync, but we are upgrading RAM this week from 64MB to 96MB. Dsrepair does take a while, but thats just a function of the total number of users and not the number or size of container. The LRU time in the cache statistics is about 40 - 50 minutes - on our other NW410 servers which just have more local information it is in the order of 1 - 2 DAYS! At present we have only the central user-id servers running NW410 - we will be gradually migrating our 28 NW312 applications servers to NW410 once we are confident that our central authentication servers are standing up to the load. At present most connectivity is via bindery emulation. ------------------------------ Date: Wed, 19 Jun 1996 10:42:05 -0600 From: Joe Doupnik Subject: Re: remove/create users >I need to transfer a ton of people from one server to another and >I seem to recall having heard of a program which will create a >makeuser script from the contents of the bindery for use on >another fileserver. Wolfgang Schreiber's Utilities. Components such as saveus, trust. Copy of the utility suite is on netlab2.usu.edu, cd APPS, binary file WSCHREIB.ZIP. Also John Baird's utility suite (the free edition), binary file JRB231A.ZIP in the same directory. John's material ranks as one of the all time favorite downloaded files from my machinery. I've used these to rebuild NW 3 servers from crumbling binderies (so bad bindfix would fail, and the whole thing was ready to collapse). Joe D. ------------------------------ Date: Thu, 27 Jun 1996 14:07:25 PST From: kdevin@CCMAIL.SACTO.SAIC.COM Subject: Re[2]: small NLIST problem... >>I just attempted something this morning and noticed an error that is >>quite irritating... I attempted to create a list of all of my groups >>within my current container/context. The command line I used was as >>follows: >> >>NLIST GROUP /A /C >> >>Now the problem that I experienced was the utility would display the >>groups until it came upon a group that had a lengthy description. It >>seems to hang up the process and not return to the DOS prompt. I go >>to the server console and I can see that there are two files open, one >>being NLIST and the other the NLIST.MSG file. I end up having to >>reboot to kill it. >> >>Another strange item... If I narrow the search down to a single group >>that has the lengthy description, at the end of the display I get the >>following message: >> >> One Group object was found in this context. >> >> A total of 25961 Group objects was found. >> >>If I attempt to list a group that doesn't have a description I receive >>the message: >> >> One Group object was found in this context. >> >> One Group object was found. > >How many characters is in the description property for the troublesome >group?? Somewhere in the fog of my brain I seem to remember there >being a limit to 256 characters. Or you've probably just hit a limit >that nlist can display. When I run the command on my system, and >descriptions longer than about 20 characters they get wrapped around >and it's harder to read. Just a thought. I've definitley hit a limitation... I started tinkering around a little yesterday afternoon and found that at 195 Chrs, all is well. As soon as you hit the 200 mark... everything falls apart. I can see within the field that you are allowed to input 256 Chrs, but kinda silly that NLIST can't handle the entire field, especially when it's a default field when displaying GROUPS with NLIST. ------------------------------ Date: Fri, 28 Jun 1996 10:27:08 +0200 From: Patrick Medhurst Subject: Re: problem in creating users >>I tried VREPAIR, but now the error is: >> UIMPORT-4.25-991: An error occured in NWDSModifyObject. >> Error Code: FD9B FD9B is "SYNTAX_VIOLATION" An attribute value being added to an object is incorrect. >>And also, how do I delete an object of type UNKNOWN? NETADMIN >>says that it can't be deleted and the Error Code is: FD4B FD4B is "MISSING_REFERENCE" A required reference is missing from the object. Often this is seen when trying to delete an object with a zero creation timestamp. Run DSREPAIR on every server in the replica ring. This will give objects with missing creation timestamps valid ones. You can then delete the objects. ------------------------------ Date: Wed, 10 Jul 1996 14:19:18 PDT From: "Arturo Castro O." Subject: Creating HOME DIRECTORIES... RE: >Hello, I've a 250U Netware V4.11 server and I want to create home >directories for each user of the network. Currently only 2 or 5 users >have home directories, but now I've the necesity to create one for every >user. The question is: How can I do that for all of them at the same > time (I don't want to do it one by one with the NWADMIN)? >One last thing, is there a way in the which I can change to the MAIL >directory of each user in the container login script. Try to use the UIMPORT utility with the following control parameters among others: - Home directory path (without the volume name in the path) - Home directory volume (distinguished name name) - Import mode (U:update, C:create ....) ------------------------------ Date: Tue, 30 Jul 1996 19:12:20 -0400 From: Debbie Becker Subject: Re: using uimport do remove users from a single group >I want to be able to add & remove bunches of users to a group from >the command line. If you use UIMPORT with the "Import Mode" line in the Control file set to R (i.e., IMPORT MODE=R) it will remove all users in the data file. Lots of folks keep their data and control files to remove users easily (en masse) at a later date. ------------------------------ Date: Tue, 30 Jul 1996 21:05:07 -0400 From: Clay Gibney Subject: Re: who deleted files -Reply I've been using AuditTrak from ON Technology, and it has been worth the money so far. I audits all activity (every type of activity at the file level, at the bindery level, and in NDS). And it tracks what date, what time, from what NIC, and who did it. --------- Date: Tue, 30 Jul 1996 18:17:02 -0700 From: "Robert S. Sfeir" Subject: Re: who deleted files -Reply >I've been using AuditTrak And if you are using Netware 4.1 you can use AUDIT, and not spend any money. Audit will do what you are looking to do. I don't know that it's as user friendly as AuditTrack, but it sure cuts the pie! ------------------------------ Date: Fri, 2 Aug 1996 08:37:40 +0000 From: Garry J Scobie Ext 3360 Subject: Re: auto logout a certain group If you wish to auto logout a certain group of users then grab a copy of netctrl.nlm: http://www.enterprise.net/pamoran/ Choose the products page and go for NetCtrl.nlm NetCtrl is an NLM that allows you to operate and control a Netware Server even when you are not physically present. With NetCtrl you can set up a sequence of scripts which allow various management actions to be taken at configureable times. Among the actions which are supported are Sending of messages to logged in users based on the membership of groups. Forcibly logging users of at specific times. Disabling and enabling loggin in of all users or only users within certain groups. Issuing any system console command. NetCtrl can also be configured to log all the actions that it effects to provide you with a record of events. NetCtrl basically operates by loading a control file for each day which contains the sequence of timed actions which are to be carried out that day. The particular control file used is normally determined using the day of the week but this can be overriden so that a particular date can have its own individual control file. Once loaded NetCtrl loads the appropriate control file for the current day and builds a list of actions which are to be effected that day and then initiates each of the actions at the specified time. At midnight, NetCtrl searchs for and loads the control file for the new day and processes the specified actions. ------------------------------ Date: Thu, 8 Aug 1996 13:54:31 -0400 From: PowrTekSys@aol.com To: netw4-l@bgu.edu Subject: Re: LAN Management and Software Distribution >We are wanting to do centralized software distributions, Novell and >AIX6000 monitoring and administration, remote workstation takeover/access >to assist users with problems, "sniffer" type functions, and inventoring >of software and hardware. Call Saber, too. You missed NeTTools which is a sweet product. ------------------------------ Date: Tue, 20 Aug 1996 11:00:27 +0200 From: Jakob Kellner Subject: Re: MAC Address before Login >Can anyone point us to a utility which can read the MAC address >(and display it, or set it in the environment), before having >the user log in? > >We have been using "getnode", which is included in Infinity's >IQ-Server, but getnode seems to be having trouble reading the >right MAC address. (Yes, this is really true.) We could >easily get the data through the login script, but we need it >before the user logs in. ftp://charlie.fellows.denison.edu/reitsma/eth2env.zip This wonderful program does what you want, and even more. ------------------------------ Date: Tue, 27 Aug 1996 20:28:48 -0600 From: Joe Doupnik Subject: Re: Using UIMPORT for account >We have upgraded all of our servers this summer from 3.11 to 4.1 and we >are using NDS. > >At the start of each school year, we generate a large number of computer >accounts for all the incoming students and some of the returning students >that did not keep their Novell accounts during the summer. > >We are trying to use the UIMPORT program to install about 2200 new accounts. >On Sunday afternoon when we ran it the first time, it made about 300 accounts >before it brought 3 of our fileservers down. It appears that the NDS >was constantly trying to update itself and just gave up, causing the >3 filesevers to crash. Seems to be a familiar story. One of my NW 4.10 servers (a 486-50) died several times from the same effect when a server/OU lower in the tree was adding thousands of GroupWise accounts. The machine simply could not keep up with network traffic plus the intense NDS internal data shuffling and it ran itself out of memory and then out of business. >Since then we have run the NDS Repair program to fix some problems and updated >the NDS to version 5.1. But we have only been able to run the UIMPORT on I presume you mean DS.NLM v5.01. Values above 5.01 basically belong to the next version of NetWare (Green River), unless Novell has planned a numerical hole for 4.10-specific upgrades. >a small group of names (about 100+) before the servers start crashing again. >Has anyone experienced this problem? Is there a solution or method to >create a large amount of new users (and delete then next summer) without >having the NDS update until after we have completed the import? I think it's inherent in the, ah, er, scheme of things and one of the reasons to partition cleverly. Spoon feeding is the only answer I know of to keep under the 22 minute interval to complete a synchronization cycle, and smaller spoons to help servers survive the cpu crunch of merging database information. Less information about each user is another way of reducing the overall data exchange. I can say that Novell is aware of the database operations problem and is working on solutions. What the solutions will be, and when, I don't know, but database merging is an old old problem with well known techniques (say, indexed files) to keep the complexity from growing geometrically (as it does with our current flat files). Joe D. ------------------------------ Date: Thu, 12 Sep 1996 15:47:17 -0600 From: "Mike Avery" To: netw4-l@bgu.edu Subject: Re: Server Management Packages >Does anyone have any experience using Symantec Expose or Avanti's Nconsole >to manage NetWare 3x/4x file servers? What other server mgmt packages are >on the market? Symantec's Expose is a really neat product. I looked at it recently, and it supports mutiple platforms. From a Windows based machine you can monitor/manage NetWare 3.x, NetWare 4.x, Windows NT 2.51, and Banyan Vines servers. It works quite well and was quite stable in my tests. There are some reviews of Expose on line at: http:/www.infoworld.com./ I have not seen Avanti's Nconsole, so I can not comment on it's features. However, I have a great deal of respect for Steve Meyer and his efforts. Everything of his I've used works very reliably and smoothly, and it does what he says it will. I'd suggest downloading a copy of NConsole from his web site: http://www.avanti-tech.com/ and trying it out. If you don't need the cross platform capabilities of Expose, and it will do what you need done, it will almost certainly be cheaper than Expose. --------- Date: Sat, 14 Sep 1996 12:25:23 -0600 From: "Mike Avery" To: netw4-l@bgu.edu Subject: Re: Server Management Packages >>Does anyone have any experience using Symantec Expose or Avanti's Nconsole >>to manage NetWare 3x/4x file servers? What other server mgmt packages are >>on the market? > >Novell's Managewise is pretty hard to beat. There's also Optivity, HP >Openview and the Frye Utilities (I believe owned by MacAffee now). ManageWise is marginally better than LANDesk. It is difficult to install, setup, and manage. I haven't seen Optivity or HP's Openview, but my impression is that the part of the network management they handle is pretty much limited to the physical network, and do not do software inventory, software distribution, desktop control, and so on. Frye was, as far as I know, purchased by Seagate. McAfee bought Brightworks and Saber. I haven't looked at Frye yet, and was not impressed by Brightworks or SaberTools. SMS shows promise, but I wouldn't recommend it to NetWare people this in the current release. So, what DO I like? Symantec's Norton Administrator Suite. For a smaller net, the Essential Edition. For a larger net, the Premier Edition. The Premier Edition handles multiple sites very nicely. One thing that I especially like is that is uses no NLM's - it is largely platform independent until you load Expose (their server management tool, bundled with the Premier edition - and it lets you manage NT, NetWare 3.X, NetWare 4.X, and Banyan servers from a single console). None of the packages cover all the bases I'd like to see covered, all have holes. Norton's seems to be the best of the lot, except that it is not yet NDS aware. Again, most of the other packages aren't either. --------- Date: Sat, 14 Sep 1996 19:56:04 -0400 From: "Spencer D. Hall" To: netw4-l@bgu.edu Subject: Re: Server Management Packages For server management the Intrack packages are an excellent alternative. The packages are Server Track and Trend Track. Server Track monitor and reports real time while Trend Track does trending and historical analysis. ------------------------------ Date: Mon, 16 Sep 1996 18:22:27 -0400 From: Debbie Becker Subject: Re: Removing Mail directories of Deleted Users on 4.1 >I am in process of testing a Novell 4.1 server, and have been keeping it in >sync with the old Novell 2.2 server. Was hoping to get it all done during the >summer, but the server didn't have enough ram to support the running. >According to the memory program, I need at least 25MB of ram, and it only has >16MB. Have 64MB coming in, so it should be enough. > >Now for the problem. We remove old student Id's each semester, and on the >2.2, bindfix will clear out the old mail directories. I recently removed some >ids from the summer schedule on the 2.2 and the 4.1 server. Bindfix removed >the mail directories on the 2.2, but I manually had to remove the files and >directories from the summer. Is there something that will do the equivalent >of the removing of mail directories for delete users as Bindfix does. I've always recommended to clients that they make sure that student directories be segregated by class/semester/etc. (i.e., STUDENTS/SEM1/GEOL/SMITH/JSTUDENT) That way, at the end of the semester, you can run DELTREE on the entire section of the tree you wish to delete (semester-SEM1, subject-GEOL, instructor-SMITH, whatever). You shouldn't really need mail directories for the students unless you're using a bindery based email program or logging in in bindery mode and need user login scripts (which are a nuisance to maintain anyway). ------------------------------ From: Hansang Bae Subject: Another submission Date: Thu, 3 Oct 1996 23:58:56 -0700 (MST) To tell the user to change their password when it is about to expire, add the following the login script... if value "%PASSWORD_EXPIRES" < "1" then begin #command /c cls fire phasers 2 write "You will HAVE to change your password now!" write "You cannot re-use your old password and your" write "password has to have a minimum of 6 characters" #setpass if errorlevel = "1" goto LISTEN_UP else if value PASSWORD_EXPIRES < "5" then begin write "Your password will expire in %PASSWORD_EXPIRES days." write "Select the Password Change icon to change your password." end GOTO SUCCESS LISTEN_UP: #command /c cls write "You did not type the old password correctly, or" write "you miss typed the new password." write "Please retype your ORIGINAL password and try again." #setpass if errorlevel="1" goto LISTEN_UP SUCCESS: etc... ------------------------------ Date: Fri, 4 Oct 1996 20:02:56 -0400 From: WBrianT@aol.com To: netw4-l@bgu.edu Subject: Re: Windows 95 on Server >I would like to install Windows 95 on server so it can be used to install >on new PCs. I don't want to share over net, just install to PCs. >We OEM many PCs and spend too much time with Windows installations, would >like to setup a standard configuration on server then copy it to PCs. > >This was easy with Win 3.x, but 95 gets tangled with its boot sector & >registry. I have found a gem of a utility called "Hard Disk Copy". The program will allow you to read a hard disk, sector by sector, and create an image from it. You can then store this image on your server. You can then use the program to copy TO a hard drive, sector by sector, from the image file. This method is FAST and since it is a sector based copy you don't need to worry about boot sectors or file attributes. The program is available as shareware..I think I found it on AOL. If you can't find it the address to write to is: DCF Software PO BOX 60064 Palo Alto, CA 94306 ------------------------------ Date: Fri, 18 Oct 1996 19:02:51 +0100 From: Richard Letts Subject: Quick test.... no sneaking Suppose you have the following lines in your login script: if = "BMS2" then if = "00104003" or = "00104004" then if not member of "BM" and not member of "MS" and not member of "ML" and not member of "AI" then write "Only authorised users may login from here" pause exit "coldboot" end else dos set S_LOCAL="MAXWELL-A" end end S_LOCAL is the name of the nearest fileserver, S_LAN is the LAN your workstation is connected to. the user logging in is AIS007, a member of group AI and PRINT-USERS Question. 1. if S_LAN is 00104003 and S_LOCAL is BMS2 which lines get executed? which group memberships are checked? 2. if S_LAN is 92570100 and S_LOCAL is WHITWORTH-A which lines get executed? which group memberships ar checked? 3. How would your answers to (1) and (2) change if MUS003 (member of MU and PRINT-USERS logged in from the same locations) Answer below.... some white space to prevent cheating on the test.... 1. All the IF statements are evaluated, and S_LOCAL is left unchanged all group membershuips are checked 2. All the IF statements are evaluated, and S_LOCAL is left unchanged all group memberships are checked 3. all of the group memberships are still checked 1. the workstation is rebooted 2. S_LOCAL changes to maxwell-A yes, there you have it, login evaluates all the IF statements, even when it isn't going to use the results. group membership tests are bad, and we were minimising the number of times they were checked. things to try next week: - goto statement (fact or fiction, you decide) - #include (the modular approach) - writing our own login replacement. I'd like to thank the staff here who've spent the afternoon looking at lanalyser traces and login scripts scratching their heads and saying "why's it doing that?" ------------------------------ Date: Tue, 22 Oct 1996 09:38:55 -0700 From: Darren Rogers To: netw4-l@bgu.edu, NOVELL@LISTSERV.SYR.EDU Subject: Installing win95 from an image A while back someone asked about duplicating win95 installations to ease the process for doing a large # of machines. Well, I just got my hands on a wonderful app called Ghost that'll do just that. It's at www.ghostsoft.com and you can use a server to store the image, a CD, or go from PC to PC via netbios or a parrallel cable. cheap easy and fast... --------- Date: Thu, 24 Oct 1996 19:01:40 -0600 From: Kevin Pidd To: netw4-l@bgu.edu Subject: Re: installing win95 from an image -Reply >A while back someone asked about duplicating win95 installations to >ease the process for doing a large # of machines. Well, I just got my >hands on a wonderful app called Ghost that'll do just that. It's at >www.ghostsoft.com and you can use a server to store the image, a CD, >or go from PC to PC via netbios or a parrallel cable. Cheap easy & fast... I downloaded and tested this and I was quite impressed. You can copy the image to a netware server over IPX and then restore it with a boot floppy with enough vlms to connect to the server. It took seven minutes to install win95. As I have to install a Win95 workstation nearly everyday to do testing on which takes nearly an hour, using this method takes less time than it used to take formatting the hard disk. What I like with ghost is that no disk preparation is required. It can be unformatted, formatted with a different O/S and a different size from the original disk the image was copied from. The only feature I found missing was that it writes over the whole physical hard disk, removing any existing partitions. It would be great if you could just restore to a nominated partition. The Ghost support people said they would add this in a future release but i wondered if any similar product were avaiable that do that now. --------- Date: Thu, 7 Nov 1996 12:02:49 -0800 From: Darren Rogers Subject: Re: Restoring Win95 configuration -Reply >The ArcServe product in particular has an option to create a boot >floppy which will launch the restore operation and have you back up >running with the configuration that is on tape. You would just need >to keep one tape per machine. > >I believe that a shareware program called "Ghost" will do the trick >too, but actually copying the drive file to a volume. It was >mentioned recently here or on the Netware 4 list. Yeah, I mentioned it, and I'm a huge fan of it. It doesn't require the HD to even be bootable, no reformatting, no nothing. Just get the computer on the network, run ghost and copy over the image then reboot the machine. Here we get 25-30mb per minute on the copy over a lan, much less if the image is on cd, but... Much faster than a tape backup, and much easier too. No tapes to go bad, no boot floppies, just a small .exe file to carry around, and at $50 it's by far the cheapest solution mentioned here. ------------------------------ Date: Fri, 25 Oct 1996 12:48:00 CDT From: Larry Moore Subject: Re: Re[2]: 3.12 login scripts >>>This is probably a really dumb question but I have forgotten how to do >>>this. I have a login script that has the following in it: >>> >>>IF NOT MEMBER OF "GROUPNAME" OR NOT MEMBER OF "GROUPNAME1" THEN BEGIN >>> #do something >>>END >>> >>>The problem is the first group seems to work but the second group >>>doesn't. What I am trying to do is have these two groups not run the >>>routine. >> >>If you want to exclude both groups then change your OR to AND. > >This won't work either, since an AND would require the user to >belong to both groups, whereas the OR will let the user belong to just >one group. I think this maybe related to the fact that LOGIN.EXE has a >bug in it that it doesn't differentiate between group names where the >last character differs. He needs to try renaming the groups backwards, >1GROUP and GROUP and see if that works. Why not nest the if statements?? IF NOT MEMBER OF "123" THEN ...do some stuff... IF NOT MEMBER OF "456" THEN ...do some other stuff END END --------- Date: Fri, 25 Oct 1996 15:38:52 +0500 From: George Patton Subject: Re[3]: 3.12 login scripts >>IF NOT MEMBER OF "GROUPNAME" OR NOT MEMBER OF "GROUPNAME1" >>THEN BEGIN >> #do something >>END >> >>The problem is the first group seems to work but the second >>group doesn't. What I am trying to do is have these two >>groups not run the routine. Probably the easiest way to do it is to create a new group and make it contain 2 members: GROUPNAME and GROUPNAME1. Then you need only one NOT statement. An alternative is to nest the IF statements. --------- Date: Fri, 25 Oct 1996 20:39:39 +0100 From: Richard Letts Subject: Re: Login Scripts >Try this.. > >IF NOT MEMBER OF "123" THEN > ...do some stuff.. > Else IF NOT MEMBER OF "456" THEN > ...do some other stuff... > END >END One thing to watch in a NetWare 4 environment is login.exe does the variable interopolation before evaluating the statement. This is okay as variable interpolation has no side effects. However this means that ALL of the 'Member of "xx"' tests get carried out in your login script. I've not check if GOTO's cause them to be skipped... If you have a BIG NDS tree (like > 20,000 users, ~25,000 objects) and lots of tests you can slow login down to a crawl. --------- Date: Sat, 26 Oct 1996 12:25:20 +1000 From: Adrian Moore Subject: Re: 3.12 login scripts <- could be a bug? I remember a bug surrounding groupnames, and it had to do with either of the following: 1) The first eight characters of the groupnames are identical or 2) The groupnames are greater than eight characters To test if my memory is working: Create a couple of dummy groups which are completely different names and less than eight characters. Does the syntax work under these conditions? Is it the same problem when you use the NetWare 4.1 release of LOGIN.EXE? I'm assuming you've checked the syntax in DynaText or the red books, cos I'm at home and can't get to either without a measure of fuss ;] ------------------------------ Date: Sun, 27 Oct 1996 08:56:31 +0000 From: "Doug Black,CNE" Subject: Re: limiting home directory sizes >I run a group of networked student labs with a population of users >which changes every quarter, but currently totaling about 450 >individuals. We recently upgraded to 4.1 from 3.11 and I have >discovered to my horror that the simple function in makeuser which >allowed you to set a user limit for volume space when you created >groups of users is no longer available. As far as I can see, the only >way to do this is to go each individual home directory after it has >been created and limit its size. I have been searching for a better >way, and so far haven't been able to locate it. With 450 individual >accounts, this is mind-bogglingly time consuming and tedious. Can >someone show me what I'm doing wrong, or point me in the direction of >a work-around? Download JRB Utilities (JRB231A.ZIP on netlab2.usu.edu); it's got a utility called SETQUOTA that will do just what you want. You can even limit the size of users' \MAIL directories with it. ------------------------------ Date: Wed, 30 Oct 1996 08:07:48 -0500 From: Dennis Large Subject: Re: User Names >We are planning to move to Netware 4 in 1997 and would appreciate >comments on the best way to name users for an educational >institution. > >We run courses lasting from 9 weeks to 3 years. > >We are considering breaking users up into contexts and using real >names (lastname first initial) Setup you OUs per Novell's guidance. I'm not sure what the suggestion is these days for 4.11. As to the user naming, our place standardized many years ago and it has seemed to stand the test of time fairly well. It's heritage is from an IBM mainframe environment, which uses 8 characters for files, ids, etc. Of course this carries over very well to the DOS environment. Our IDs are first initial, second initial, first 4 chars of last name, and 2 digits, which are serialized to overcome dupes. So William Dennis Large becomes wdlarg01. We do have several near-dupes e.g. bajone01, bajone02. Depending on the size of your institution, you find a single digit enough. Out of about 5K facutly and staff, we have very few xxxxx03 and 04s. I think we had the 2 digits when we used bulk generic class accounts that were given to an instructor for a particular class, like MGT30101 thru MGT30150. Not used much any more since we're working towards standing accounts for the students, which they keep as long as they're registered. The 8 char limit also eliminates any problems associating users to their home directories. The only grumbling we get are from the few that feel they ought to be just . Tough noogies. For privileged or admin accounts that a user may need as well, we use SYS and initials, syswdl in my case. This isn't as standard for us across platforms, though. I think it actually started on the VAX, and is used on our Unix systems as well. ------------------------------ Date: Wed, 30 Oct 1996 21:00:12 GMT From: Adrian Cunnelly Subject: Netware FAQ WnSyscon is a Netware 2.x, 3.x administration utility for Windows. It is available from http://www.amcsoft.demon.co.uk/wnsyscon.htm ------------------------------ Date: Wed, 6 Nov 1996 17:45:18 -0600 From: Joe Doupnik Subject: Re: Delete entire volume structure? >Can you think of a way to delete the entire contents of a volume? It's a >long story but: > >a) I have to do this every day for a few months. > >b) because it's a tedious, slow ('cause of the large vol. size) task, I >don't want to delete & recreate the volumes every day. > >The DOS "deltree" comand fails (without an error message) and Filer >complains about "delete inhibited" files, even after running an "attrib -S >-H -R *.* /s" command. ---------- Use FLAG from NW 4, first operate on all directories (/DO) and then on all files (/FO), and afterward deltree the works. I do this in a system login script to guarantee pristine clean temp directories for clients upon every login. Joe D. ------------------------------ Date: Thu, 07 Nov 1996 22:38:00 -0600 From: Darwin Collins To: netw4-l@bgu.edu Subject: Re: scheduling nlm >I need an NLM (or some other netware utility) that is NDS-aware that will >allow me to broadcast messages to specific container groups/objects at >specific times each evening. I found one (Netctrl.nlm) but it is not >NDS-aware. Check out: http://www.podell.com/podell/ There are others, but here is one that comes to mind. ------------------------------ Date: Fri, 15 Nov 1996 22:29:38 +1300 From: "Baird, John" Subject: Re: ndir Problems >Why do I get this error messages when I do a ndir *.* owner=myname /s. >The error is "Ndir-4.25-920: this utility was unable to allocate 4 bytes >of memory Use the /sort un option" Ndir will be allocating memory for temporary storage for holding info to be sorted. This memory should be freed after processing each directory, but it appears that there is a memory leak and if you process enough directories it will run out of memory below 640 KB. As the message indicates, turning off sorting will bypass the problem. ------------------------------ Date: Fri, 15 Nov 1996 05:32:28 -0600 From: "Mike Avery" To: netw4-l@bgu.edu Subject: Re: Managewise licensing >>>The Managewise license must match the user count on the server. 100 >>>user Netware = 100 user Managewise. >> >>Does this mean that if I have 5 servers (100, 50, 3 * 25) I need to buy 5 >>copies of Managewise, all for different servers ? Or does one license >>covering the total number of users licenses (ie. 225) suffice ? > >Basically, Managewise is licensed similarly to your Netware licenses. >So, you will need to buy a 100, 50, and three 25 user licenses of >Managewise. > >Alternatively, you may want to look at Intel LanDesk. Basically, >ManageWise and LanDesk share alot of code and features. For example, >Remote Control in both packages was actually done by Intel. > >LanDesk is node licensed. If you have only 100 users total, then, you >can purchase a 100-user license of LanDesk for your network. I've lived with Intel's LANDesk and looked at MangeWise. LANDesk is... fragile. It patches the operating system at a low level - at run time it looks for code sequences in memory and changes them. As a result when NetWare changes, LANDesk can roll over and die. It is also a huge package, and the learning curve is rather steep. ManageWise is quite similar. I have also looked at Symantec's Norton Administrative Suite. I like it a LOT better. The Basic Edition is fine for smaller networks, the Premier Edition adds some very neat multi-site functions. They are very stable, and platform independent. ------------------------------ Date: Tue, 19 Nov 1996 21:01:06 -0600 From: Darwin Collins To: netw4-l@bgu.edu Subject: Re: Volume Limitations on v4.10 volumes >I am learning to set volume limitations on v4.10 volumes in NWAdmin. >I have a lot of users in the container where the volume is. In NWAdmin >the volume limitation information has four columns, one of which is user >name. If I want to check a specific user's limitation on the volume I >have to look through all the users one page at a time to find the account >because I have not found a way to sort on the user name column. Is there >an easier way? Not in NWADMIN, that I know of. N4DSPACE.EXE can display what you want: http://www.fastlane.net/homepages/dcollins ------------------------------ Date: Mon, 25 Nov 1996 19:31:49 +0200 From: Heimo Jarkka Subject: Re: How to push out context changes? >I need to be able to replace a single line of text automatically >(if possible). I wrote a little program called edini . Maybe it can help you to change the lines of (ini) system files. I use it through login scripts. When user logs in this utility is called. Down under is a short help text when you call edini without parameters. In case you will need it I'll send it as an attachment. (13Kb) >>> EdIni ver. 1.0 (c) HJ 1995 EDINI.EXE tag action 99 add string at line 99 ib add string before ia add string after d delete string m replace string with + will be converted to space! <<< ------------------------------ Date: Mon, 9 Dec 1996 14:55:51 -0600 From: Joe Doupnik Subject: Re: User Disk Space >Just wondering - what kind of network disk space do you all allocate to >a user for their home directory. > >I've been having some heated discussions with users who constantly want >more space. They know that I back up the network every night, and they ------------ Maybe I can bring both heated discussions to a conclusion by stating the obvious. This is (both are) basically a people problem, not a technical one. There is never enough computing resources to give a large group everything they want over time. So people must compromise. Just where and how they do that is particular to each group and can't be generalized. A task of a systems manager is to achieve that compromise, and often it is neither easy nor pleasant. A successful manager realizes this instinctively and educates the user population to the same conclusion. Asking others what they do is uninformative and will not be accepted by groups outside that social community. In short, these problems are strictly local affairs and must be solved within the local community. A manager unable to bring the group together on the matter is likely to suffer by being cast as the obstruction. Joe D. ------------------------------ Date: Fri, 13 Dec 1996 16:27:22 +0000 From: Richard Letts Subject: Re: multiple volumes >User quotas are set per volume. This can be used to your advantage. Watch out for this in a NDS environment suppose two users: ama034.amme.salford whose disk space is on ame_user1.amme.salford/ama034 grants access to a directory to the user eea780.eee.salford whose disk space is on eee_user2.eee.salford/eea780 -- eea780 will have effectively unrestricted filestore on the ame server. Instead one should set directory space restrictions as wll as user volume restrictions. ------------------------------ Date: Tue, 31 Dec 1996 19:20:17 -0600 From: "Mike Avery" To: netw4-l@bgu.edu Subject: Re: Need a DOS based utility >I need a DOS based batch process that will check the day >and month and if the condition is true, run my NET.CFG >change batch process. I remember and located DOS >processes that will start based on a time of day, but I need >to get this piped into each users' AUTOEXEC.BAT file prior >to the kick-off day (which is Monday 06 Jan 97). Well, it's time to confess my secret sin. I still use BASIC. For things like this, it's real easy to check the date, it's easy to do text scanning, it's easy to do text changing. And it's easy to put the program into the login script. I use QuickBasic. If you don't have a copy, look around in used software stores. Works like a champ. Still... there are other ways to skin this goose. I have a simple little program called dater.com that returns the day of the month as a DOS error level. I use it to run Norton's disk repair programs on my son's PC once, and only once, a day. The AUTOEXEC.BAT segment looks something like this... DATER FOR %%A IN (1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31) DO IF ERRORLEVEL %%A SET DAY=%%A ECHO %DAY%>C:\FLAGFILE\TEST.DAY IF NOT EXIST C:\FLAGFILE\NORTON.DAY GOTO SNORTRUN IFEQUIVL C:\FLAGFILE\NORTON.DAY C:\FLAGFILE\TEST.DAY IF ERRORLEVEL 3 GOTO SNORTEND :snortrun rem do norton thing :snortend ifequivl is another routine I use. It tests two files and determines if they are identical. In the snippet above, I check the date and compare it to the last date that norton was run. If Norton was already run, then I don't run it again. If the date is different, then I run it and update the date file. Another trick.... with the command: rem>c:\filename you create a zero byte file on a DOS drive. I create files like that in a special subdirectory called FLAGFILE. By testing for the presence of particular files, I can easily determine if a condition has been met. Interestingly enough, the file only takes a file allocation block, but does not allocate any disk space. It can be tested for in batch files very easily. I believe that it is also possible to test for the date in a login script, but my notes on that are missing in action. I'll comment on that after the new year. Both programs are, by the way, available at ftp://hostigos.otherwhen.com ...anonymous login is accepted. ------------------------------ Date: Mon, 06 Jan 1997 10:00:52 -0200 From: Marcus Senna Barros - CI To: netw4-l@bgu.edu Subject: Re: Quicki Question about a selective delete utility >Does anyone know of a utility that I can feed a list of files (or >directories) into, then have the utility search for and optionally >delete said files from the local hard drives? > >Looking for a good way to keep games and illegal >software off of our lab computers. There is an utility written with MARXMENU scripting language that may help you. It's on http://www.ctyme.com/doc/doc0057.htm Here' the description of the program: DOLIST.EXE - Executes Commands on Lists of Files Download: DOLIST.ZIP DoList is a dual-purpose program. It acts as a DOS SHELL, allowing the easy and convenient entry of commands. This DOS SHELL is designed to provide an improved user interface with DOS since DOS can sometimes be slow, cumbersome, and difficult-to-use. DoList gives you the editing power of a word processor when typing your commands at the command line. Using the up arrow allows you to recall previously executed commands. DoList also allows you to execute commands on a LIST of files. Filenames can be in a text file or can come from the standard DOS pipes. ------------------------------ Date: Sun, 12 Jan 1997 12:41:01 +1300 From: "Baird, John" Subject: Re: 2nd class group membership? >We got us here a strange problem regarding group membership under NW >4.10. Some members of certain groups are "not taken for full" in the >sense that they appear in the member list but they are nor granted the >rights which are results from the trustee positions the group has and >the "IF MEMBER OF" statement in login scripts doesn't evaluate true for >them. > >Upon closer inspection (via DSVIEW.NLM) it turns out, that these members >show up as values of attribute "member" but neither "reference" nor >"equivalent to me", where both of the last don't appear in nlist or >netadmin. Apparently only more recently acquired members have the "full" >status, presumably the ones added after the upgrade to 4.10. Adding a user to a group under NDS in NW 4.10 and 4.11 involves 4 steps 1. Adding the group to the user's "Group membership" attribute 2. Adding the group to the user's "Security equals" attribute 3. Adding the user to the group's "Members" attribute 4. Adding the user to the group's "Equivalent to me" attribute. My understanding is that the last step did not exist under 4.0, 4.01 and 4.02 so it may be missing for users added to groups under these versions which have subsequently been upgraded to 4.10 and 4.11. If you add a user to a group via bindery based tools, only the first 3 steps are completed. I am not aware of any circumstance under which the contents of the group's "Equivalent to me" attribute are checked, and group membership seems to work as expected when the user is not added to this attribute. LOGIN.EXE v4.13 when executing "if member of" checks the user's "Group membership" attribute which explains your results if indeed the user has only been added to the group's "Members" attribute. The "Reference" attribute provides back links and is maintained by NDS itself. >Only cure known to me rn is to delete all "challanged" members and put >them back in, a task I'm not too eager of performing :-) It appears you have used a dodgy application in the past for adding members to groups and it was only adding the user to the group's "Members" attribute. I don't know if NETADMIN and NWADMIN will complete the missing steps - I suspect not as SYSCON won't. However, if you use the NDS version of JRButils GRPADD, it will complete any missing steps without having to remove the user from the group first. The bindery version in JRB300A.ZIP will also do this in bindery mode, but will ignore the "Equivalent to me" attribute. I suppose I should check if this attribute is visible in bindery mode - til now I've just assumed it isn't. ------------------------------ Date: Sun, 26 Jan 1997 12:08:11 +1300 From: "Baird, John" Subject: Re: Already logged in problem >We recently upgraded a 3.12 server to 4.1. We had to run the upgrade >multiple times because the server would crash when we tried to add it to >our existing tree. the only way we got it up was to mack it in a tree of >it's own. After getting it up we noticed the user login scripts, vol space >restrictions, and authorities did not transfer from bindery to NDS. We >have worked thru all of these probelms but one we can't find out a >solution to is on about 50% of the old bindery user show something in >the "network address" attribute even when they are not logged on. >Rebooting the server did not correct the problem. With logins restricted to >1 this is preventing them from logging on again in NDS, They can logon in >bindery which is also set to 1 connection. The entries in the "network address" attribute wont be related to the upgrade as there is no equivalent bindery attribute, but will be a consequence of your problems since, or due to user logins since the upgrade not having the address removed at logout. You can remove these using Novell's REMADR.EXE which can be found at: http://www.novell.com/corp/programs/ncs/toolkit/nw4tools.html Thanks to Steve Wehrle providing a location for this file earlier last week. I had been aware of REMADR for ages, but had never succeeded in locating a copy. ------------------------------ Date: Sat, 25 Jan 1997 22:47:01 -0800 From: "Corris C. Randall" Subject: restoring files on client workstations IF you're running DOS, Windows95 or Windows NT, there is a program called PCR-Dist made by a gentleman named Chris Volkert which will suit your purpose. It's a very convenient program, I run a lab of 30 pentiums and have my assistants run it almost every day. It keeps an image of what I want hte hard drive to look like on the server, then makes it exactly similar. the address I think is http://pantheon.cis.yale.edu/~treklov/pcrdist/ ------------------------------ Date: Mon, 27 Jan 1997 10:14:45 -0600 From: "Scott Etienne, C.N.E." To: netw4-l@bgu.edu Subject: Re: multiple login >Have you considered using the 3.x DS sync utility that comes with 4.1? >Load it on the 3.x server and it becomes manageable in the tree, >including the users. I would add that if you want to use NetSync, you should know what you're getting into. NetSync has some peculiarities that you may or may not want to put up with. Specifically, when NetSync is installed, is splits the management up between syscon and NWAdmin. Depending upon the individrual task to be performed, each task must be performed with either syscon or NWAdmin *exclusively*. In other words, you must keep a list of the routine management tasks with the associated utility, and must adhere to it without exception. In some cases, a deviation can mess up the associations created NetSync, to the point where repairs must be made. That's about all I know about NetSync. If it were me, I would want to know the downside a little better, and of course the upside of the downside (in other words, if the worst happens, what can I do about it?). ------------------------------ Date: Wed, 29 Jan 1997 13:20:00 -0300 From: "David de Carvalho" To: netw4-l@bgu.edu Subject: Re: Moving Users Home directories >We would like to move our users off of sys:system\users to a different >volume. We realize that we could just move the directories but what about >the user's rights and home directory property. Just moving the data would >screw up these properties, wouldn't it? When I needed to do this, I did a batch file, using the name of the directory as the name of owner, I presume theyïre equal. Each line of the batch file was like this: rights rwcemf /name=.context I used the ndir to get the userlist of each context. --------- Date: Wed, 29 Jan 1997 10:55:59 -0500 From: Robert MacDonald To: netw4-l@bgu.edu Subject: Re: Moving Users Home directories -Reply >We would like to move our users off of sys:system\users to a different >volume. We realize that we could just move the directories but what about >the user's rights and home directory property. Just moving the data would >screw up these properties, wouldn't it? JRB Utils. Use TRSTLIST(run TRSTLIST /? for help). This will allow you to create a batch file with everything you need - including usernames. I was able to move 300 users from a SYS volume to a new DATA1 volume in about 4 hours (the batch file moved all data and then assigned the correct rights.) This was a 3.x server. --------- Date: Wed, 29 Jan 1997 12:46:04 -0600 From: "Scott Etienne, C.N.E." To: netw4-l@bgu.edu Subject: Re: Moving Users Home directories -Reply You only need NETCOPY from JRB. It will move all directories, files *and* trustee assignments with *one* command. [Floyd: I found the NETCOPY [d:] [d:] /S/T/U worked for me] ------------------------------ Date: Thu, 30 Jan 1997 22:28:12 PST From: "Mark R. Pettersen" Subject: Re: NOVELL Digest - 29 Jan 1997 to 30 Jan 1997 - Special issue >Does anyone know of an NLM which can act as an scheduler so that it can >execute specified programs in specified time. Yes, NETCTRL...it can even be configured to pass key strokes to the software you're loading... Is ShareWare and should be available near you...I'm at home and don't recall further information off-hand... ------------------------------ Date: Fri, 31 Jan 1997 10:33:40 +0000 From: Stuart Phethean Subject: Re: Uimporting 1000 users - SYS filling up >I'm trying to uimprt 1000 users into my NDS. I've broken it down to >5 lots of about 200, but when I do the uimport, the Sys volume on one >of my servers (with a R/W Replica) fills up - the backout.tts file >grows to 53M. Is there any know way to tweak around this. It only >happens once a year, but for the last 2 years, it has brought the >system to it's knees (TTS becomes disables ... and on it goes). First of all - patch your server to the current levels - a lot of our problems in the early days went away with later patch levels. We saw problems like this in our early days with NW4.10 when adding large numbers (1000's) of users via UIMPORT. You could try setting the following on each server: SET MAXIMUM TRANSACTIONS=1000 rather than the default value which is 10,000. This was a recommended change from our tech. support people. I'm not sure if latest update to DS.NLM still need this, though. Also, how much memory have you got in the servers - there is a calculation somewhere which enables you to assess how much RAM you need to keep the whole of Directory Services cached. Use "MONITOR" and look at CACHE UTILISATION STATISTICS. Short term and Long term cache hits should always be 99 - 100%. Also LRU Sitting Time should be as long as possible - hours/days rather than minutes. We upgraded some of our servers from 64MB to 96MB RAM this summer and the LRU time increased dramatically, and Cache Hits are now always 100% If you are still getting TTS errors, I would imagine that Directory Services has become corrupt. Have you run DSREPAIR on each server? If not, it is _essential_ that you run this as soon as possible to check for (and fix) DS errors. Another thing to check - make sure you are not adding all your users to one Group as per "Everyone" in NW312 - we brought a system to a halt in October because we were adding all campus users to a common Group - it took over 15,000 users mind you before it came to grief! We have succesfully added users in batches of over 1000 at a time with no problems. ------------------------------ Date: Fri, 31 Jan 1997 17:13:01 -0500 (EST) From: "Steve Stanley" To: netw4-l@bgu.edu Subject: Re: Moving Users Home directories -The Last Word Thanks to everyone for their suggestions. It turns out I'll be using a hybrid of a couple of your suggestions. I'm home now so I can't give credit where it's due but here is the steps we plan on taking. Arcserve 6.0 copy function works great for copying files and directories while retaining file system rights. First hurdle cleared. The second part of the problem was to change the user's home directory property in NDS (necessary because we use it to create a map to the directory). While looking for JRBUTILS I stumbled across a freeware utility (N4ATTR) that is a dos command line exe file that allows you to change NDS property attributes to one or many users or groups. ( I work for local gov't. We don't have money to spend and if we do it takes 6 months to actually get something ordered. ) All we needed was a way to specify all the users on each server. What we ended up doing was writing a BASIC program. ( See, I told you we have no money). What it does is a dir of directories into a text file and then creates a 3 byte file with the same name as the user (no context needed). Then we'll use N4ATTR in a batch file to change the home directory for each user. Anybody who'd like more details, feel free to e-mail me at dueceshoot@aol.com Thanks again to all who offered suggestions. ------------------------------ Date: Mon, 03 Feb 1997 11:11:11 -0300 From: Marcus Senna Barros - CI To: netw4-l@bgu.edu Subject: Re: program for a group >How can I execute a program for every members of a group, if these >members are in differents Organizational Units? I do not want to write >in every OU script In Netware Consulting Tools Homepage, at: http://www.novell.com/corp/programs/ncs/toolkit/nw4tools.html there is an utility that updates the schema to set a profile property for a group. This way, you could write it to only ONE profile script. ------------------------------