Utilities in JRButils v4.00 Part C Notes on NDS utilities The NDS programs retain all the functionality of their bindery counterparts, and except where noted provide the same functionality under NDS. Some common features are: o Each program uses /y to control how NDS names are displayed. The options are: c Canonical form d Canonical form with a leading period. This should be used when the output is to be used as input to another program. s Short form name u Replace spaces in names with underscores. This should be used when the output is to be used as input to another program. x Relative to the current context (the default) t May be used with any of the preceding options to force inclusion of types in the name o Each program will function in NDS mode on any server supporting NDS, otherwise it will use bindery mode. o Each program may be forced into bindery mode on an NDS server. o Each program which previously used the bindery HOME_DIR property to locate a user's home directory now uses the "Home Directory" attribute. If this does not exist, the program checks for a HOME_DIR bindery property. o Each program accepting a path as a parameter or option value, when used in NDS mode, allows volume objects or directory map objects to be used in the path. o These programs require the unicode files appropriate to your country setting and code page. These are usually located in the nls subdirectory of sys:public, but unless the utilities in Part C are placed in sys:public, the unicode files will not be found. The Novell-supplied code in the development kit searches for the unicode files as follows: o The curent directory o The first search drive o An nls subdirectory of the first search drive o An nls subdirectory of your current directory o Each of the search drives As the Part C programs will not perform NDS operations without the unicode files, you must place them in a location where they will be found. Some minor limitations under NDS are: o It is not possible to specify a tree name. You must specify the name of an NDS server if you want to perform an NDS operation when currently logged into a non-NDS server o /k does not function on NDS servers o The NDS aware programs may give incorrect relative names when you have two containers with the same name, one immediately below the other e.g. test.test.jrb. When names are expressed relative to test.jrb, the lower test container name may be omitted e.g. john.test.test.jrb is output as 'john' instead of 'john.test'. This is due to a bug in the SDK. o Partial names using a trailing period may not be expanded correctly again due to an SDK bug. These limitations will be removed or worked around in a future release. Those programs which do not yet have NDS support will do so in the next release. Accexp-NDS Accexp-NDS is intended for use in a login script under NW 2.x, NW 3.x and NW 4.x where it displays a warning if the user's account is about to expire. The number of days before expiry at which warnings begin is adjustable and defaults to 7. Chkhome-NDS Chkhome-NDS allows you to check bindery HOME_DIR properties and NDS "Home Directory" attributes are set correctly and to display the paths contained therein. Specifically chkhome can: o Display home directories for one or more users. When obtaining the home directory path from the "Home Directory" attribute, the name space in which the path is stored is also displayed. o Check for each user that the directory stored in HOME_DIR or in the NDS "Home Directory" attribute actually exists, and if it does not, it will scan other volumes on the server for a matching directory. o For a single directory, or all subdirectories of a directory, check if there is a registered user corresponding to the lowest level directory i.e. for vol1:users\karen, it will check if user karen exists. o For each directory, check that the corresponding user's HOME_DIR property or "Home Directory" attribute contains that directory e.g. for vol1:users\karen it checks that karen's "Home Directory" contains vol1:users\karen. o Can also display each user's default server attribute o When /c is used, it also checks the "Home Directory" attribute for lowercase characters in the path. Netadmin allows a path to be specified in lowercase, but NetWare functions require DOS paths in uppercase. All JRButils convert the path to uppercase before using it. Creatobj-NDS Creatobj-NDS allows you to create bindery and NDS objects of almost any type or class. It is intended primarily for creating users in batch mode. Creatobj does the following by default: o Gives the user the default account restrictions as set under "Supervisor Options" in syscon under NW 2.x or 3.x, or in NDS mode it copies the attributes of the User_template object. o Makes the user a member of group everyone. This is optional in NDS mode. o Creates a mail directory and grants rights to it. This is optional in NDS mode. o Assigns a default account balance and credit limit if accounting is enabled. o Sets a null password. Creatobj may also do the following via command line switches o Set a password. o Create a login script o Create a home directory and grant rights to it o Store the home directory path in a bindery HOME_DIR property and/or NDS "Home Directory" attribute. o When creating NDS users, all attributes are copied from the USER_TEMPLATE object if it exists in the context where the user is created. Creatobj also copies volume quotas from USER_TEMPLATE user objects (which Uimport does not). An alternative template object may also be specified. Creatobj can copy from template objects of class 'User' and 'Template'. o Can specify a time delay to occur after creating an NDS user, before attempting to create the home directory and grant rights to it. This gets around an NDS programming problem where a user creation request is directed to one server, the home directory is created on a second but the new user has not yet been replicated to that second server. An NDS request to create an object can now be directed to a particular server and creatobj will attempt to do this. Deladdr-NDS Deladdr can be used to overcome a problem caused by bug in NW 4 where a user's network address is not removed from NDS at logout. When a user logs in, the network address of the workstation is added to the user's "Network address" attribute. The number of addresses in this attribute is used at login to determine the number of concurrent connections and whether the user has reached their limit. When addresses are not removed, a user may be told they have reached their connection limit when in fact they have not. Deladdr can be used to remove addresses where there is no corresponding login. Because the addresses cannot be linked back to the server to which the user connected, deladdr requires a list of servers to be scanned for connections with matching addresses to ensure addresses are not deleted for users currently logged in. Delobj-NDS Delobj-NDS can delete almost any type of bindery or NDS object. For safety you may not use wild cards when deleting objects. Nor will delobj delete groups with members. When deleting users, delobj will delete the user's home directory if it is stored in the bindery HOME_DIR property, or the NDS "Home Directory" attribute, or if it is specified on the command line. Delobj will also delete the mail directory and its contents. Dquota-NDS Dquota-NDS is intended for use in a login script to display the user's quota, space used and space available. It can handle NW 2.x quotas, volume quotas under NW 3.x and 4.x, and directory quotas under NW 3.x and 4.x. The format of the output is extremely flexible, and it is possible to supply a text file with substitution parameters for the quota, space used etc. Warnings may be given if the user's free space falls below a certain threshold. Fsupdate-NDS Fsupdate-NDS allows you to perform file maintenance operations across multiple servers. Its features include: o Can copy individual files, files selected via wild cards, or entire directory trees to multiple servers. Fsupdate attempts to retain all file attributes including ownership, creation and last update dates. o Can delete individual files, files selected via wild cards, or entire directory trees on multiple file servers. o Can rename files on multiple servers. This facility may be used to move files from one directory to another providing that the source and target directories are on the same volume. o Can specify what attributes you want set on copied files and directories o Can overwrite, delete or rename files flagged read-only o Can copy trustee assignments o Can purge files which have been deleted o Handles non-DOS name spaces o Can retain compression when copying files under NW 4.x o Copies sparse files correctly. Getbal-NDS Getbal-NDS lists account balances (adjusted or unadjusted), account holds or credit limits for multiple bindery or NDS users. Features include: o Can specify a multiplier to change the units of output o Can control which values are output and in what order o The output may be sorted by username, balance, or credit limit o The output can be filtered by value e.g. all users with a balance of less than $10.00 o May be used in a login script to display the account balance for each user as they log in o Can also display the default account balance and credit limit given to new users under NW 2.x and 3.x. This is normally viewed via SYSCON's "Supervisor Options" - "Default Account Balance/Restrictions". o Totals are given when displaying balances and holds for multiple users o Can list users without credit limits or account balances. o Can process all users in a container and in all subcontainers of that container. o Can display balances and credit limits for print servers Getequiv-NDS Getequiv may be used to check for or display security equivalences for bindery users and NDS objects. It can do the following: o List all security equivalences for one or more users o List all users who are security equivalent to another e.g. supervisor o Check for accounts under NW 2.x and NW 3.11 which have been modified using Wolfgang Schreiber's super utility allowing supervisor equivalence to be turned on and off at will. o List bindery users who are managers of their own accounts. Under 3.11, these users can grant themselves supervisor equivalence using super. o List those bindery users with more than 32 security equivalences. NetWare takes into account only the first 32 when calculating an object's rights. Getname-NDS Getname-NDS may be used to display a wide range of attribute values for any class of NDS object. The values of single attributes may be displayed, or a template file may be used allowing the values for multiple attributes to be retrieved and displayed in any format. The template file comprises one or more lines of text with substitution identifiers representing the attributes to be displayed. The list of substitution identifiers for objects of class user is: %account_balance %allow_unlimited_credit %city %common_name %default_server (%message_server) %department (%ou) %description %email_address %email_alias %facsimile_telephone_number (%fax) %full_name %generational_qualifier %given_name %home_directory %initials %locality %language %last_login_time %last_name (%surname) %locked_by_intruder (%al) %login_disabled (%ad) %login_expiration_time (%aed) %login_grace_limit (%gla) %login_grace_remaining (%glr) %login_intruder_address (%bla) %login_intruder_attempts (%blc) %login_name %login_maximum_simultaneous (%mcc) %login_time (%lld) %mailbox_id %mailbox_location %message_server (%default_server) %minimum_account_balance %network_address %network_address_restriction (%sr) %object_class %other_name %ou (%department) %password_allow_change (%ucp) %password_expiration_interval (%pei) %password_expiration_time (%ped) %password_minimum_length (%mpl) %password_required (%pr) %password_unique_required (%upr) %physical_delivery_office_name (%city) %postal_address %postal_code %postal_office_box %profile %province (%state, %s) %revision %s (%province, %state) %sa (%street_address) %street_address (%sa) %surname (%last_name) %telephone_number %title %uid The identifier may be followed by a '\' and a field width e.g. '%title\10'. A sample template file (t1.dat) is: %login_name,%full_name,%department,%location,%telephone The command 'getname * /r/x/a=@t1.dat /l=all.log' would produce a comma delimited list comprising the username, full name, department, location and phone number for all users in the NDS tree. Another template file (t2.dat) is: %login_name Last Name: %last_name Initials: %init Given name: %given_name Full name: %full Other name: %other Description: %desc Title: %title Department: %depart Location: %location Street: %street_addr Postal code: %postal_code PO Box: %post_office City: %City State: %State Mailbox ID %mailbox_id Email addr: %email_addr Email alias: %email_al Language: %lang Fax: %fax Phone: %tel The command 'getname jonah /a=@t2.dat /yd' produces .Jonah.mintech.acme Last Name: Lomu Initials: I.J. Given name: Jonah Full name: Jonah I.J. Lomu Other name: Jo Description: Branch Manager Title: Mr Department: Mineral technology Location: K Block Street: 7777 Long St Postal code: 70321 PO Box: PO Box 123 City: Anchorage State: Alaska Mailbox ID ABC-123 Email addr: :SMTP:Jonah@somewhere.com Email alias: :jonah@somewhere.else.com Language: English Fax: 345-678 Phone: 123-456 Getquota-NDS Getquota-NDS can display disk quotas, disk usage and disk available for multiple users. It can handle disk quotas under NW 2.x, volume based quotas under NW 3.x and 4.x, and directory based quotas under NW 3.x and 4.x. Features include: o Can obtain a user's home directory from the bindery o Can show a user's volume quotas on all volumes or a single volume o Can show quotas on all subdirectories of a directory o Optional sorting into ascending or descending order of quota, space used, space available, or by username o Optional totals only o Can suppress any of the output (quotas, space used, space available) o Can filter by value e.g. list all users whose usage exceeds 100 MB o Output may be in bytes, 4096 byte blocks, KB or MB o Can operate on user's mail directories. These can be subdirectories of SYS:MAIL, or PMAIL subdirectories of the user's home directory. o In NDS mode, getquota can process all users in a container and in all subcontainers of that container. Getrest-NDS Getrest-NDS displays account restrictions for multiple bindery or NDS users. These include: Account Disabled Account Expired Account Expiration Date Account Locked Bad Login Address Bad Login Count Grace Logins Allowed Grace Logins Remaining Last Login Date and Time Maximum Concurrent Connections Maximum Disk Usage (2.x only) Password Minimum Length Next Reset Time Password Expired Password Expiration Date Password Expiration Interval Previous Login Date and Time Password Required Station Restrictions Time Restrictions User Can change Password Unique Password Required The features of getrest-NDS include: o Displays all restrictions, or a single restriction e.g. minimum password length. o Can control the order and width of each output field (username, server/username, full name, server name, restriction value) when displaying individual restrictions. o Can sort into ascending or descending order by username or by restriction value. o Can filter by restriction value e.g. list all users whose account has expired, or all users whose maximum concurrent connections is not equal to 1. o Can display the default account restrictions as set under "Supervisor Options" in syscon for NW 2.x and 3.x. o NW 4.x allows station restrictions to be set for protocols other than IPX. Getrest will display these with the exception of the Appletalk restrictions as Novell have not released details of the structure of the information returned for Appletalk restrictions. Currently filtering works only on IPX addresses. This limitation will be removed in a future release. o Getrest can process users in the specified container and all containers below it. o Getrest will use the value associated with a TZ environment variable to adjust date/time values to local time, if the variable is defined. The values for attributes such as last login time are stored in NDS in UTC (= GMT), and if a TZ variable is not defined, the values are displayed in the local time of the server to which you are connected. Grpadd-NDS Grpadd-NDS adds one or more users to a group in either bindery or NDS mode. Its features include: o Can create the group o Can accept one or more users on the command line o Can add all members of another group o Can add a list of users from a file o Can warn if a bindery user has more than 32 security equivalences after being added to the group (IntraNetWare uses only the 1st 32 when determining a user's rights). Grpdel-NDS Grpdel-NDS removes one or more users from a group under in either bindery or NDS mode. Its features include: o Can accept one or more users on the command line o Can remove all members of another group o Can remove a list of users from a file o Can delete the group if it has no remaining members Grplist-NDS Grplist-NDS lists the members of one or more bindery or NDS groups. Features include: o Outputs the full name of each member o Optional sorting by member name o Optional totals only o Optional listing of all users on the server or in an NDS container o Can use logical operators and, or and not to list users who are or are not members of a combination of groups Grpmemb-NDS Grpmemb-NDS is intended for use in a BAT file to determine if a specific user is a member of a particular group. it functions in bindery or NDS mode and returns one of two possible sets of error levels. The default set is: 0 Success (user is a member) 1 Failure (user is not a member) 2 No such group 3 No such user 4 Any other error The alternative is: 0 Failure (not a member and all errors) 1 Success (user is a member) Grpmemb may also output the result to the screen. Home2-NDS This is an NDS version of David Harris' HOME utility. It works under both bindery mode and NDS. In NDS mode it will check first for a "Home Directory" attribute, and if this does not exist, it will check for a bindery HOME_DIR property. It supports the /m option to map the current drive to the user's mail directory, and also allows /r to do a map root. Jrbmap-NDS Jrbmap-NDS is a replacement for Novell's MAP, primarily for use in BAT files where it will map drives without fuss and piping in 'y's and 'n's. While it does not have all the features of MAP, it has numerous features which MAP does not have including: o Can specify alternative paths so that in the event of one being unavailable it will try the next (this is used for all applications at Lincoln University so that in the event of an APPS volume failing, the application will simply be retrieved from the corresponding volume on another server). o Can save existing mappings in the DOS master environment and subsequently restore from there o Supports map root o Supports map next o Can map multiple drive letters in a single command o Can save all mappings to a file and subsequently restore them o Can display current mappings including the paths for local drives o Can map network drives to local drives under the VLMs (this is not possible under NETX) o Can force truncation of the lowest level directory to eight chars. This could be useful in a login script e.g. #jrbmap p:=vol1:users\%LOGIN_NAME o Can specify the username and password to use when connecting to other servers (it defaults to GUEST) o Can map to a user's home directory by specifying the path as ~HOME. Jrbpurge-NDS Jrbpurge-NDS allows selective purging of files in a single directory, in an entire directory tree, or for an entire volume. Features include: o Supports purging by name o Supports purging by size o Supports purging by owner o Supports purging by deletor o Supports purging by deletion date and time o Can query whether or not to purge each file o Can specify multiple files to purge in a single run e.g. *.obj,*.tmp,*.swp,fred.bak Killconn-NDS Killconn clears connections from a file server under NW 2.x, 3.x and 4.x. Features include: o Can clear all connections from a server o Can clear all not logged in connections o Clear connections for objects of a specific type or class o Clear connections for objects of a given name o Clear specific connection numbers o Clear connections which have been logged in for less than or greater than a specified time. o Clear connections of users who are members of specified groups. o Can accept a list of object names or connection numbers in a file o Can query whether or not to clear each connection o Can specify a list of objects whose connections are to be retained o Has a suicide option where it will logout your connection after clearing all other requested connections Killzero-NDS This program will delete zero length files in a single directory or in an entire directory tree. It was written to remove the large numbers of zero length files which accumulate in student mail directories when using Pegasus Mail when directory quotas are enabled. When a user has no space available and an attempt is made to deliver a message, the file is created but cannot be written to, leaving a zero length file. Options include: o Can delete read-only files o Can optionally list the zero length files without deleting them o Can display only the total zero length files o Can optionally purge deleted files (this is recommended as there is no reason to recover an empty file!) o Can retain certain zero length files by giving a list of one or more file names, optionally containing wild cards. o Is smart enough not to delete Mac files with a zero length data fork but a non-zero length resource fork Killzero can process the home or mail directories for single users, all members of a group, users selected via wild cards, or a list of users in a file. It can also process directories directly. Listobj-NDS Listobj-NDS lists objects of any or all types or classes across multiple file bindery or NDS servers. Features include: o Can specify multiple server names, possibly containing wild cards. If a server name is preceded by '!', it is skipped. o Attaches transparently as GUEST if this account is available on bindery server, or performs a background authentication on NDS servers o Displays full names and optionally object IDs o Can accept a list of names in a file o Optional sorting by username, object ID or object type when all users are being listed o Can list only permanent or temporary bindery objects o Optional totals only o Can optionally search the full name field as well as usernames o Can output full names for users, groups and print servers as 'setname' commands. o Can return an error level if no matching objects are found, providing a means to detect in a BAT file if an object of any type exists. o Can list any class of NDS object in the nominated container o Can search all subordinates of the nominated container o Can search from [Root] Lscripts-NDS Lscripts operates under NW 2.x, 3.x and 4.x. It can perform both bindery and NDS functions. Features include: o Copies scripts from mail directories into NDS o Copies scripts from NDS into mail directories o Copies a file into NDS or the mail directories to become the login script. o Sets NDS scripts to 'include' the mail directory script o Creates mail directories for those users who do not have one, and grants the standard trustee rights [RWCEMF] o Views login scripts for users from NDS or mail directories o Can view and set login scripts for NDS profile objects, organizations and organizational units. o Corrects Mac names for mail directories. Novell's Install may not change the mail directory names in the Mac namespace during an upgrade (each mail directory is renamed as each user's ID changes). o Renaming mail directories after restoration of NDS via replication. Object IDs change when restoring so it is necessary to rename mail directories. To do this lscripts requires a file containing distinguished names and the object IDs before restoration. Listobj can create such a file. o List mail directories without a matching user o Can copy any file into each user's mail directory retaining the file name allowing lscripts to be used for tasks such as giving every user the same printcon.dat. o Can copy print job configurations into mail directories, into NDS, or from one to the other. o Can display print job configurations. Makememb-NDS Makememb-NDS is an alternative to grpadd and grpdel. Whereas these allow addng or removing multiple users from a group, makememb allowes adding or removing individual bindery or NDS users from multiple groups. Features include: o Can create groups o Can specify multiple groups on the command line o Can specify files containing groups o Can specify a file containing one username followed by one or more group names on each line o Can query whether or not to make the user a member of each group o Can warn if a bindery user has more than 32 security equivalences after being added to the group (IntraNetWare uses only the 1st 32 when determining a user's rights). Mattach-NDS Mattach-NDS allows you to attach to or detach from multiple servers in a single command. Features include: o Can specify one or more server names, each of which may contain wild cards, and you may exclude servers by preceding the name with '!' e.g. 'mattach rata,toki,p*,!pn*/john' would log you into the designated servers as user JOHN o Can optionally give the password on the command line o Can optionally list all visible servers as per slist o Can optionally perform a whoami function and list all servers to which your workstation is attached. o Optional sorting by server name for both the whoami and slist functions o When listing all visible servers, mattach can also display the version of NetWare running on each server o When listing all visible servers, mattach can also display the serial number of each server Move_obj-NDS Move_obj moves NDS objects from one container to another. Objects can be moved individually, can be selected using wild cards, all members of a group may be moved, or a list of objects in a file may be moved. When using an input file, the destination context may be given on each line allowing users to be moved to different contexts in a single invocation of move_obj. Netcopy-NDS Netcopy-NDS copies individual files or an entire directory tree from one location to another, possibly on a different volume, on a different server, or on a local drive. It preserves the following when copying files and directories: o All file information including the creation date, last update date and time, file attributes, and if possible, file ownership. If a file is being copied from one server to another, and the owner is not registered on the destination server, the owner becomes the username under which you are logged in on that server. o All directory information including the creation date, directory attributes, and if possible, directory ownership. If a directory is being copied from one server to another, and the owner is not registered on the destination server, the owner becomes the username under which you are logged in on that server. o Optionally, all directory trustee assignments, providing that the object to which the rights are granted, is registered on both the source and destination server. Trustee rights are automatically converted when copying from NW 2.x to NW 3.x or NW 4.x and vice versa. o Optionally, all file trustee assignments, providing that (a) both the source and destination server are running NW 3.x or NW 4.x, and (b) that the object to which the rights are granted is registered on both the source and destination servers. o Optionally, all directory quotas if both the source and destination servers are running NW 3.x or NW 4.x. o Optionally, all volume quotas, providing that both the source and destination servers are running NW 3.x or 4.x, and that the object to which each quota applies is registered on both the source and destination servers. Netcopy copies DOS, long, NFS (with -t) and Mac name space entries. It will attempt to retain name space information for FTAM, but this has not been tested. Other features include: o An update option allows you to copy only those files which do not exist in the destination tree, or have more recent update dates Or you can copy only those files which do not have an exact match of size and update date in the destination directory o Quotas may be removed during copying and restored later. This is often useful when copying to a volume with a larger block size where each file is likely to have more space allocated. o Quotas may be altered as they are copied o Checks that there is sufficient space available before copying a file. This can be suppressed for a slight gain in speed. o Can optionally ignore hidden files and directories o Can copy only those files with the archive bit set with optional resetting of the archive bit on the original and copy of the file o Can query whether or not to copy each file o Can disable the receipt of broadcasts while copying o Can retain compression when copying files under NW 4.x o Copies sparse files correctly. Nsrename-NDS Nsrename-NDS allows the renaming of files and directories in any name space without affecting the name in other name spaces. It requires NW 3.12 or NW 4.x as the functionality to perform the rename in a single name space is not present in earlier versions. Nsrename can also change the case of names of multiple files or directories and was in fact written to overcome a problem where a particular product failed to function correctly when it encountered NFS names in uppercase. In NDS mode, a path or file name may incorporate an NDS volume or directory map object. Openfile-NDS Openfile-NDS can o Display open files by bindery or NDS object name or connection number o Display who has a particular file or files open Features include o Can display open files for all logged in objects on a server o Can display open files for any class of object o Can display open files in any name space o Can display who has any files open in a particular directory, or in an entire directory tree. o Can display lock information for open files o Can clear connections holding a file open o Can sort the output as follows o by connection number o by directory name o by file name o by object name o data from multiple files, users, or connections can be merged before sorting o the sort order can be reversed o Can display the total number of open files on the server o When doing a merged sort by directory, it gives the number of unique files open Orgroles-NDS Add occupants to, removes occupants from and lists the occupants of organizational roles. Pqadd-NDS Pqadd-NDS makes one or more bindery users or groups 'operators' or 'users' of the specified print queue. In NDS mode, pqadd can make any NDS object a 'user' or 'operator' of the print queue. Features include: o Can use wild cards in the queue name o Can also add print servers to a queue o You may specify multiple entities on the command line, each of which may be a single user, one or more users selected via wild cards (e.g. z*), a group, or a list of usernames in a file. o Can make a group object a queue user or operator, or the individual members of the group may be made queue users or operators o Can add both queue users and operators (but not print servers) in a single invocation Pqdel-NDS Pqdel-NDS removes one or more bindery users or groups from being 'operators' or 'users' of the specified print queue. In NDS mode, pqdel can remove any NDS object from being a 'user' or 'operator' of the print queue. Features include: o Can use wild cards in the queue name o Can also remove print servers from a queue o You may specify multiple entities on the command line, each of which may be a single user, one or more users selected via wild cards (e.g. z*), a group, or a list of usernames in a file. o Can remove a group object from being a queue user or operator, or the individual members of the group may be removed as queue users or operators o Can remove both queue users and operators (but not print servers) in a single invocation Pqdeljob-NDS Pqdeljob-NDS deletes one or more jobs from a print queue. Features include: o You may specify one or more job numbers on the command line, '*' meaning all jobs in the queue, a range e.g. jobs 10-20, or usernames possibly including wild cards o Can chose to have pqdeljob ask for confirmation before deleting each job Pqlist-NDS Pqlist-NDS lists the jobs in one or more bindery or NDS queues on one or more file servers. Features include: o Wild cards may be used in the queue name o Any number of file server names may be specified (e.g. tui,kea,weka/laser*) or you may specify 'A' meaning all servers to which you are currently attached. Files servers preceded by '!' will be skipped. o The default output gives the job number, user, description or file name, size, date/time submitted and status for each job o You may design you own output selecting from 16 fields and choosing the size and order of each field. The fields are: Banner file name Connection number of the workstation from which the job was submitted Description Job entry time File name (may be blank if the job was captured directly from an application) Job number Form number Form name Job position in the queue Number of copies The path associated with the file being printed The name of job file in the queue directory Target server name if specified The job status (open, ready, user hold, etc) The name of the object which enqueued the job Job execution time Number of bytes to be printed o Output may be limited to jobs submitted by a particular user o The number of jobs can be returned as an error level Pqmovjob-NDS Pqmovjob-NDS allows print jobs to be copied from one bindery or NDS queue to another possibly on a different server. The jobs may optionally be deleted from the source server. Pqreljob-NDS Pqreljob-NDS allows jobs to be released from user and/or operator hold on bindery or NDS queues. It may optionally be used to place existing jobs on user or operator hold. Pqstatus-NDS Pqstatus-NDS allows you to view and alter the status of multiple print queues across multiple servers. It displays: o Whether jobs can be submitted to the queue o Whether print servers can attach to the queue o Whether print servers can service the queue o The number of jobs in the queue o Attached print servers and their connection numbers Features include: o Can use wild cards in queue names o Any number of file server names may be specified (e.g. tui,kea,weka/laser*) or you may specify 'A' meaning all servers to which you are currently attached. Files servers preceded by '!' will be skipped. o Allows you to toggle or set to a specific value: (a) jobs can be submitted to the queue (b) servers can attach to the queue (c) servers can service the queue Pqusers-NDS Pqusers-NDS lists the queue users, operators and/or print servers for one or more queues on one or more file servers. Features include: o Wild cards may be used in the queue name o Any number of file server names may be specified (e.g. tui,kea,weka/laser*) or you may specify 'A' meaning all servers to which you are currently attached. Files servers preceded by '!' will be skipped. o The list of users, operators or print servers for each queue may be sorted o Can limit the output to the total number of users, operators and/or print servers for each queue o User or operator groups may be expanded so that all user objects which are queue users or queue operators are listed o Can output 'pqadd' commands for users, operators and print servers Pradd-NDS Pradd works in NDS mode only allowing queues to be added to NDS printers. The default queue may be set, and priorities may be assigned to queues when adding them. Prdel-NDS Prdel works in NDS mode only allowing queues to be removed from NDS printers. The default queue may be removed, but NetWare will automatically make the first of the 'other' queues the default. Profiles-NDS The 'profiles' program adds profiles to users, replaces profiles for users or removes profiles for users. It can process a single user, or multiple selected via wild cards, group membership, or a list in a file. Profiles can create a profile object, but currently cannot assign a login script to it - use lscripts to do this. It can also display the users of a particular profile either by scanning the objects which have rights to the profile script (this is quick), or by scanning the NDS tree (this may be slow). Psadd-NDS Psadd-NDS makes one or more bindery users or groups 'operators' or 'users' of the specified print server. In NDS mode, psadd can make any NDS object a 'user' or 'operator' of the print server. Features include: o Can use wild cards in the print server name o You may specify multiple entities on the command line, each of which may be a single user, one or more users selected via wild cards (e.g. z*), a group, or a list of usernames in a file. o Can make a group object a print server user or operator, or the individual members of the group may be made print server users or operators o Can add both print server users and operators in a single invocation o Under NDS, psadd can add printers to an NDS print server. Psdel-NDS Psdel-NDS removes one or more bindery users or groups from being 'operators' or 'users' of the specified print server. In NDS mode, psdel can remove any NDS object from being a 'user' or 'operator' of the print server. Features include: o Can use wild cards in the print server name o You may specify multiple entities on the command line, each of which may be a single user, one or more users selected via wild cards (e.g. z*), a group, or a list of usernames in a file. o Can remove a group object from being a print server user or operator, or the individual members of the group may be removed from being print server users or operators o Can remove both print server users and operators in a single invocation o Under NDS, psdel can remove printers from an NDS print server. Psusers-NDS Psusers-NDS lists bindery and NDS print server users and operators for one or more print servers on one or more file servers. Features include: o Wild cards may be used in the print server name o Any number of file server names may be specified (e.g. tui,kea,weka/laser*) or you may specify 'A' meaning all servers to which you are currently attached. Files servers preceded by '!' will be skipped o The list of users and operators for each print server may be sorted o Can limit the output to the total number of users and operators for each print server o User or operator groups may be expanded so that all user objects which are print server users or operators are listed o Can output 'psadd' commands for users and operators o Under NDS, psusers can list printers associated with an NDS print server Pwdexp-NDS Pwdexp-NDS is intended for use in a login script on bindery or NDS servers, where it displays a warning if the user's password is about to expire. The number of days before expiry at which warnings begin is adjustable and defaults to 7. Pwdexp-NDS can also force a password change if the password has expired. It will prompt for and change the password. However, there is a bug in all versions of login.exe where it still says the password has expired and asks if you want to change it, even when the password has already been changed by a program run by the login script. Renobj-NDS Renobj-NDS allows renaming of bindery or NDS objects of any type or class. Features include: o When renaming a user, it will check for the existence of a bindery HOME_DIR property or NDS "Home Directory" attribute. If either is found, renobj will rename the user's home directory to match the user's new name and update the contents of HOME_DIR or "Home Directory". o Can specify the home directory path on the command line when the user does not have a HOME_DIR property or "Home Directory" attribute. o Can process a file containing one old name and one new name per line. o Can change the case of the names of existing NDS objects to all lowercase, all uppercase, or the first letter uppercase and the remainder lowercase. Requests-NDS Requests-NDS continuously displays the total requests, bytes read and bytes written for up to 20 connections on a NW 4.x server since the program began running (the information is not available under earlier versions). This allows easy identification of workstations loading a server. The output is sorted into descending order by whichever column you select, and the column on which you are sorting can be changed without restarting the program. Requests-NDS can perform a background authentication to the nominated server. Schema-NDS Displays information from the NDS schema. The following may be displayed: o Object classes in the schema. Wild cards may be used to list only a subset of the defined classes. o For each object class, the names of attributes which are valid for that class. o For each object class, full details of attributes which are valid for that class. o A list of attributes defined in the schema. Wild cards may be used to list only a subset of defined attributes. o A list of attributes with the object classes for which the attribute may be used. The schema program may be used before and after a product install to identify changes made to the schema by the installation. Serv_cmd-NDS Allows various server console commands to be executed from a work station. These are: Add a name space to a volume Mount a volume Dismount a volume Execute an NCF file Load an NLM Unload an NLM Display the loaded modules Display the values for "set" commands Down the server Disable logins Enable logins The first 6 commands require supervisory rights, the remainder require console operator status. Serv_cmd functions only on NW 4.x servers. This version can perform a bindery login to the nominated server, or perform a background authentication. Salvlist-NDS Salvlist-NDS lists the file name, size, owner, deletor and the date/time of deletion individual files, for all deleted files in a single directory or for all directories in a tree. In NDS mode, the path may include an NDS volume or directory map object. Features include: o Output may be sorted by any field o Can search for files with a particular name, files owned by a given bindery or NDS user, files deleted by a given bindery or NDS user, by file size, and deletion date and time. o Can display only the number of deleted files in each directory o Files may be recovered based on any selection criteria, with automatic renaming if a file exists with the same name. o Can request that only the most recently deleted file with a particular name be recovered. Setacl-NDS Setacl can set, delete and view acls for a single object, multiple objects selected using wild cards, all members of a group, or for a list of objects in a file. Its features include: o Can process object acls, attribute acls and SMS acls. o Can process acls for any object class or all object classes o Setacl also allows you to add or delete en masse, objects' rights to one of its own properties. For example, it can grant each member of a group read access to his/her own login script. o When viewing ACLs, all ACLs for each object can be displayed (this is the default) o Can limit the acls displayed to those for a particular attribute or trustee, or those containing particular rights o Can search the entire tree from [Root]. This together with the ability to filter by attribute, trustee and rights allows tasks to be performed such as listing all acls in the tree for which a particular object is a trustee, or to list all acls granting the supervisory right. Setbal-NDS Setbal-NDS sets account balances or credit limits for a single bindery or NDS user, each member of a group, one or more users selected using wild cards, or a list of users in a file. Features include: o Both the account balance and credit limit may be set to a specified value, or they may be adjusted by a given amount (e.g. add $10 to each member of group ABC). o Can set the account balance or credit limit to the default value used when creating accounts on NW 2.x and 3.x. This is normally set under "Supervisor Options" - "Default Account Balance/ Restrictions" in SYSCON. o When using an input file, the balances may be in the file allowing a different balance to be set for each user o Can delete accounting holds. This is not normally required but a bug in A.N.D. Technologies' Pcounter could result in large random account holds remaining in existence. o Can set balances and credit limits for print servers o In NDS mode, setbal can process objects in a nominated container and in all containers below that container. Setcx-NDS Setcx scans an NDS tree for a given object, and if found, sets the default context to that in which the object was found. It functions with only browse rights for [Public] to [Root] which is granted by default at installation. Features include: o Setcx will work from a NW 3.x server provided an NDS tree can be found. Where a preferred tree is not set in NET.CFG, a tree can be specified on the command line, but this feature cannot be used to override any existing connection to a tree. o Can prompt for the object to search for o Can locate objects of any class o Can begin the search at any specified location in the tree o Can store the distinguished name of the object in the DOS environment Setequiv-NDS Setequiv-NDS allows you to make one or more bindery users security equivalent to another, and one or more NDS objects security equivalent to another. On NW 2.x and 3.x, SYSCON will run out of memory when you attempt to do this when there are around 3,000 or more registered users. Setequiv can also check for and restore the security of bindery user accounts modified by Wolfgang Schreiber's SUPER utility (NW 3.11 and earlier). It allows input of object names from a file. Sethome2-NDS Sethome2 is an alternative to David Harris' sethome program for creating HOME_DIR bindery properties and storing the user's home directory path in it. The NDS aware versions can also store home directory paths in the NDS "Home Directory" attribute. Sethome2 can process multiple users in a single command whereas sethome processes only one. Features include: o When a root directory is specified, (e.g. vol1:users), sethome2 will automatically append the username to obtain the home directory path for each user. o An absolute path can be specified when the home directory does not match the username (e.g. for supervisor). o Can create the home directory if it does not exist. The user will be assigned [RWCEMFA] rights to the created directory. o Can modify the rights to existing home directories. o Can delete HOME_DIR properties and "Home Directory" attributes. o Set or delete each user's default server o Copy the home directory path from the HOME_DIR bindery property to the NDS "Home Directory" attribute o Copy the home directory path from the NDS "Home Directory" attribute to the bindery HOME_DIR property o Allows the home directory to be stored in the "Home Directory" attribute in any name space. o Can store paths using '/' or '\' as separators of path components. o Can convert '/' to '\' and vice versa for paths already stored in the "Home Directory" attribute. Some applications making use of this attribute fail to function when they encounter '/'. o Can create home directories without modifying the contents of the HOME_DIR property or "Home Directory" attribute. Setname-NDS Setname-NDS sets the full name for one or more bindery users, print servers or groups. In NDS, mode it can set text values for any attribute having a text value (specifically the attribute type is SYN_CI_STRING) plus a few others. For objects of class user, these are: City Department Description Email address Email alias Facsimile telephone number Full name Generational qulifier Given name Initials Language Location (or locality) Mailbox ID Other name Postal code Postal office box State (or province) Street address Surname (or last name) Telephone number Title Features of setname include: o Can set the same full name for multiple bindery users o Can set the same full name for all members of a bindery group o Can process a makeuser .usr file to ensure the full name is set as specified (makeuser converts it to uppercase) o Can set the same NDS attribute value for multiple objects o Can add attribute values for multi-value attributes o Can remove individual attribute values for multi-value attributes o Can convert existing attribute values to entirely upper case, to entirely lowercase, or to a mixture of upper and lowercase o Can use an input file containing object names and attribute values o Can copy an attribute value from another object Setowner-NDS Setowner-NDS can change the ownership of individual files, selected files in a directory tree, all files and directories in a directory tree, or can treat each subdirectory as a separate tree and set ownership to the user corresponding to the subdirectory name e.g. for vol1:users\hewey set ownership to hewey, for vol1:users\dewey set ownership to dewey etc. Other features include: o Can obtain a user's home directory from the HOME_DIR bindery property, or the NDS "Home Directory" attribute. o Can specify the name of the new owner o Can set ownership to objects of any class o Can change ownership of only those files without a valid owner o Can process user's mail directories Setpword-NDS Setpword can set passwords for multiple users across one or more servers. It operates in either bindery or NDS mode,and its features include: o Can specify multiple server names, optionally containing wild cards. Names preceded by '!' are skipped. o Can set passwords for a range of users e.g. comp001-comp100 o Can set null passwords o Can set the password to match the username o When using an input file, it is possible to set a different password for each user o Can generate random passwords of any length. These may optionally be written to a file, along with the username and optionally the server name and user's full name. The random passwords can be generated without them actually being set. o Can be used by anyone, but if you are not supervisor or equivalent or a manager of the target object, the old password is required o When changing passwords for other users, NetWare by default expires the password if a password expiration interval is set. Setpword can retain the current expiry date, or update it by the password expiration interval. Setquota-NDS Setquota-NDS sets quotas for multiple users. It handles 2.x disk quotas, volume based quotas under NW 3.x and 4.x, and directory quotas under NW 3.x and 4.x. Features include: o Can obtain user's home directories from the HOME_DIR bindery property or the NDS "Home Directory" attribute. o Can set a specific quota, or increment/decrement a quota by a given amount e.g. 2 MB o Quotas may be removed o Quotas may be specified in units of bytes, 4096 byte blocks, KB or MB o Can set quotas on user's mail directories. These may be the subdirectories of SYS:MAIL or the PMAIL subdirectories of the user's home directory. o Can process all subdirectories of a directory, or all directories in a tree o Can query whether or not to set a quota for each user or directory o In NDS mode, setbal can process objects in a nominated container and in all containers below that container. Setrest-NDS Setrest sets account restrictions for multiple bindery or NDS users. These include: Account disabled Account Expiration Date Account Locked Bad Login Address Bad Login Count Grace Logins Allowed Grace Logins Remaining Last Login Date and Time Maximum Concurrent Connections Maximum Disk Usage (2.x only) Password Minimum Length Next Reset Time Password Expiration Date Password Expiration Interval Password Required Previous Login date and time (NW 2.x and 3.x only) Station Restrictions Time Restrictions User Can change Password Unique Password Required Setrest may also set the default account restrictions displayed under "Supervisor options" in syscon under NW 2.x and 3.x. The following points should be noted under NDS: o NW 4.x allows station restrictions to be set for protocols other than IPX. Setrest currently sets only IPX restrictions. This limitation will be removed in a future release. o Setrest can process users in the specified container and all containers below it. o Setrest will use the value associated with a TZ environment variable to adjust date/time values to UTC time, if the variable is defined. The values for attributes such as last login time are stored in NDS in UTC (= GMT), and if a TZ variable is not defined, the values are assumed to be in the local time of the server to which you are connected. Sparse-NDS Sparse-NDS identifies sparse files. These are files with 'holes' in them where no data exists, and so NetWare has not allocated disk blocks for these parts of the file. Many sparse files are created accidentally by misbehaving applications, and appear as large files when listed using 'dir'. However, they can have as little as one block of disk space allocated. These files can cause problems when copied, or backed up. If the program reading the sparse file reads it as an ordinary file, NetWare returns zero values for the missing data, and if the data is written to tape or disk, the new file will have all blocks allocated. This can cause problems such as: o Copies failing because a directory quota or volume quota has been reached. o User's being over quota if the application transfers quotas after copying the files. o Running out of space on a volume o Slow backups as multi-megabytes of zeroed data is transferred to tape. Sparse-NDS has the following features: o Can scan all files in a directory tree o Can scan all volumes on a server o Can display the block bit map for each sparse file o Can specify a minimum size for files to be checked o Reports both the physical size (bytes of disk used) and logical size (reported by 'dir') for each sparse file. o Can restore the 'last access date' on files which are checked. Because it has to open the file to determine if it is sparse, the 'last access date' is updated by default. o Can skip compressed files as these are decompressed when checked. o A path given on the command line can incorporate an NDS volume or directory map object. Trstlist-NDS Trstlist-NDS display trustee assignments for multiple bindery or NDS users, or for selected directories or files. Features include: o Can display trustees for files, directories, all directories in a tree, or for an entire volume. o Can display trustees for any class of object on any or all volumes o Optional sorting by user, directory or rights o Optional filtering by trustee rights e.g. can list only those trustees with supervisory rights o Can optionally list the trustee rights as 'rights' or 'grant' commands allowing them to be saved in a form in which they can be restored via a BAT file o Can optionally list the trustee rights as 'rights' or 'remove' commands allowing them to be saved in a form in which they can be removed via a BAT file o Can optionally list trustee rights for an object which are inherited through security equivalence. As a user is security equivalent to groups belonged to, this included trustee rights inherited via group membership. Under NDS this includes trustees of each of the container objects forming the object's distinguished name, plus [Public] and [Root]. Every object is security equivalent to each of its parent objects. o Can display only those files and/or directories without trustees. Usergrps-NDS Usergrps-NDS lists the groups to which one or more bindery or NDS users belong. Features include: o Optional sorting by username o Optional sorting of the groups belonged to o Can exclude selected groups e.g. everyone o Usergrps can process users in the specified container and all containers below it. Users-NDS Users-NDS displays information about logged in users, and not-logged-in connections under NW 2.x, 3.x and 4.x. It is has the following features: o Can list logged in users across multiple servers. Wild cards may be used in server names, and servers may be excluded by preceding the name with '!'. o Will attempt to attach transparently to other servers as GUEST, or n NDS mode it will perform a background authenication. o Can display not logged in connections o Can select from 13 possible output fields and control the order of each field and its width. These fields are: Combined network and station address Connection number NW 4.x connection status (console operators only)", Login date Full name of the logged in object Object ID Location of the workstation Network address Object name Period for which the object has been logged in Server name Login time Workstation address o Can display where a user is logged in. This requires a text database mapping network addresses to locations. This file may also contain wild card entries which are used when no exact match is found. This feature allows, for example, entries for different networks. o Can sort the output on any of the fields o Can filter output on numerous fields o Can display the total users logged in on each server o Can show members of selected groups who are logged in Whodidit-NDS Whodidit-NDS displays selected information about files and directories which is useful in determining when they were created, modified, last accessed, archived and by whom. It can list any combination of the following fields: o Archiver - the object which last archived the file o Archive date and time o Creation date and time o Extended attributes - does the file have them? o Resource fork size for Mac files o Inherited rights mask o Owning name space o Last access date (the time is not recorded) o Search mode o Logical size as shown by 'dir' o Owner o Physical size (for compressed or sparse files) o Quota (for directories) o Attributes o Update date and time o Updater - the object which last updated the file o Mac name o NFS name o LONG name o FTAM name The user may select which of the above are to be displayed, in what order, and the width of the columns. Alternatively, a template file containing text and substitution identifiers may be given. This allows any combination of values to be given in any format and may be useful to create a batch file of commands incorporating file names. The output can be filtered on any value e.g. it is possible to display details of files greater than a certain size, files which are compressed, or all files and directories owned by a particular name space. Whodidit has the ability to use a template file to format the output. The file can contain one or more lines of text and substitution identifiers representing informational items, the volume, path or file name, or any combination of these in any name space. This allows commands to be built for files or directories matching some filter criteria. For example, whodidit could scan a volume for files not accessed during the last 6 months and via the template file, a batch file could be created to copy these to some other location and then delete them. Whodidit can output owner, updater and archiver information in a form suitable for input to setowner. This option may be useful if NDS is to be removed from a server and subsequently reinstated. All object IDs will change when NDS is reinstated with loss of this information which is stored as object IDs in the directory entry tables. Saving this information with whodidit allows it to be restored via setowner. This facility may also be used to restore ownership for files and directories copied using copy, xcopy and ncopy.