Migrating to Netware 4.1

---

- 6 -

Creating Objects

• Setting Up the NetWare Administrator Tool (NWADMIN.EXE)
• Using the NetWare Administrator Tool
• Using the NetAdmin Utility
• The UIMPORT Utility

---

Although the upgrade and migrate procedures (see Chapter 3) include facilities for translating NetWare 3.x bindery objects into NDS objects, you will probably have to create some additional NDS objects as you build your NDS tree. This could be for the following reasons:

• You performed a full installation (rather than an upgrade or a migration) on one or more of the servers
  
  
• You are adding new users or new devices to the network
  
  
• The translated bindery data does not correspond with your new NDS tree design

The two primary tools for creating, deleting, and moving NDS objects follow:

• NetWare Administrator tool (NWADMIN.EXE)
  
  
• NetAdmin

If you must create many users at once, you might want to use the batch utility UIMPORT, which can create, delete, and modify large groups of users all at once. UIMPORT is similar to the NetWare 3 MAKEUSER utility.

The Network Administrator tool is a Windows and OS/2 graphical-user interface (GUI) tool that can be used for creating or managing NDS objects. The NetAdmin tool is a text utility for creating NDS objects using C-Worthy menus.

In this chapter, you'll learn how to create obejcts using the NetWare Administrator tool and NetAdmin, and how to create User objects using UIMPORT.

Setting Up the NetWare Administrator Tool (NWADMIN.EXE)

To set up the NWADMIN tool, you must have installed the NetWare 4.x server (see Chapter 3) and the DOS/Windows client software (see Chapter 4). The following steps, performed within Windows, outline how to set up the NWADMIN tool for Microsoft Windows.

1. If the NetWare group does not exist, do step 2. Otherwise, skip to step 3.

2. Create a new program group called NetWare (or any other name you prefer) by doing the following:

From the Program Manager, select the New option from the File Menu.

Select the Program Group from the New Program Object dialog box and click on OK.

In the Program Group Properties box, enter the following information for the Description and Program Group File:

 Description:   NetWare  Group File:    C:\WINDOWS\NWUTILS.GRP (or whichever is the Windows directory)

3. If the program item for the NetWare Administrator tool is set, you can skip this step. Otherwise, perform the following to create a program item for the NetWare Administrator tool:

Highlight the NetWare program group.

From the Program Manager, select File, New.

Select the Program Item from the New Program Object dialog box and click on OK.

In the Program Item Properties box, enter the following information:

 description:         NetWare Administrator Tool  command Line:        Z:\PUBLIC\NWADMIN  working Directory:   Z:\PUBLIC

Select OK to install the new program item.

Answer Yes to the prompt The specified path points to a file that might not be available during later Windows sessions. Do you want to continue?.

Please note the following while performing the previous step.

a. Make sure you are logged in to the network before performing this setup.

b. Your login script might map SYS:PUBLIC to a drive letter other than Z. Drive X is preferred because you are likely to have at least one search drive mapping that will be assigned to the letter Z. Make sure that this search drive is not "root mapped," though.

The program item for NWADMIN will appear in the program group.

Using the NetWare Administrator Tool

This section gives you a guided tour of creating the NDS tree structure using the NetWare Administrator tool, shown in figure 6.1. The following steps take you through the process.

1. Log in, using the LOGIN command, to the network as an Administrator account.

When NDS services is first installed (at the time the first NetWare 4.x server is installed), a default network administrator user object Admin is created that has

Figure 6.1 A sample NDS tree.

supervisor privileges to the entire NDS tree. You can use the Admin user object to log in to the network.

2. Activate the NetWare group and start the NetWare Administrator Tool program item. (You can do this by double-clicking on the NetWare Administrator icon.)

You will see a screen similar to that shown in figure 6.2.

The NDS tree in figure 6.2 shows the NDS tree starting from the current container. To see the NDS tree starting from the [Root], perform the following:

Select the View menu, then Set Context.

Set the current context to [Root]. You can do this by entering [Root] or by using the Browse icon to browse through the tree and select the current context.

Figure 6.2 The NetWare Administrator tree.

3. Highlight the [Root] object. You can do this by clicking on it once.

Right-click on the [Root] object to see a list of operations that can be performed under the [Root].

Select Create.

You will see a list of objects that can be created under the [Root] object, as shown in figure 6.3.

4. Select the organization object and click on OK.

You will see the Create Organization dialog box (see fig. 6.4).

Enter the name of the organization shown back in figure 6.1 and press the Create button.

Figure 6.3 New objects under [Root] container.

Figure 6.4 The dialog box for creating an organization container.

You will see the name of the newly created organization MICROCOMM appear in the NDS tree.

5. Highlight MICROCOMM and right-click.

Select Create.

You will see a list of objects that can be created under the organization object (see fig. 6.5). Compare figure 6.5 with figure 6.3. Notice that the list of objects that can be created under an organization object is much larger.

6. Select the Organizational Unit object and click OK.

You will see a dialog box for creating the organization object (see fig. 6.6).

Enter the name of the Organizational Unit CORP, shown in figure 6.1, and select the Create button.

Figure 6.5 New objects under an organization container.

Figure 6.6 The dialog box for creating an Organizational Unit container.

You will see the name of the newly-created Organizational Unit CORP appear in the NDS tree if you double click on MICROCOMM.

7. Repeat steps 5 and 6 to create Organizational Unit container objects for MARKETING and ENGINEERING, as shown in figure 6.1. You can check the Create Another Organizational Unit box to speed the creation of organizational units.

8. Repeat previous steps to create the rest of the organization as shown in figure 6.1.

9. Delete the NDS tree you have just created. You cannot delete a container object that has objects defined in it. You must, therefore, start with the bottom-most objects and delete them first.

To delete an object, right-click on the object and select the Delete operation. Alternatively, highlight the object and select Delete from the Object menu.

To delete a group of objects, perform the following:

a. Open the structure you are deleting by double-clicking on the target container objects.

b. Highlight the first object to be deleted.

c. Click on the last object to be deleted while holding down the Shift key.

d. Press Delete and select OK.

Using the NetAdmin Utility

This section shows you how to create the NDS tree structure of figure 6.1, using the NetAdmin tool. NetAdmin is a text-based utility that is similar in function to the NetWare Administrator tool. As a system administrator, it is very useful to be able to perform NDS operations using NetAdmin because you might run into situations where Microsoft Windows is not installed at a NetWare workstation. NetAdmin can work directly on top of DOS and does not require Microsoft Windows.

In this section you'll want to accomplish the same objectives as in the previous section so you can compare the differences between NetWare Administrator and NetAdmin.

1. Log in to the network as an Administrator account.

When NDS services is first installed (at the time the first NetWare 4.x server is installed), a default network administrator user object Admin is created that has supervisor privileges to the entire NDS tree. You can use the Admin user object to log in to the network.

2. Invoke the program NETADMIN, by typing its name,

NETADMIN

You will see the NetAdmin screen shown in figure 6.6.

The NetAdmin utility is located in the SYS:PUBLIC directory, and you must have a search path to that directory for the NetAdmin command to work correctly.

The current context is seen on top of the screen under the label Context. If this is not set to [Root], perform the following steps to set it to [Root].

a. Select "Change context."

b. Enter [Root] when asked to Enter context.

c. Press Enter to go back to the NetAdmin main menu with the changed context.

Figure 6.7 The NetAdmin options screen.

3. Select "Manage objects."

You will see a list of objects and their classes under the [Root] container (see fig. 6.8).

Figure 6.8 Object, Class under the [Root] container.

4. Press Ins.

You will see a list of objects that can be created under [Root] (see fig. 6.9).

5. Select Organization to create an Organization object.

Figure 6.9 Selecting an object class under the [Root] container.

You will see a box for creating the Organization object (see fig. 6.10).

Enter the name of the organization shown in figure 6.1. You can elect to create a User Template for the Organization object at this point or defer this action until later.

Figure 6.10 The NetAdmin dialog box for creating an organization container.

6. Press F10 to save changes and perform the Create operation.

When prompted to create another Organization object, answer No.

You should see the name of the newly-created organization MICROSYS appear in the object class list.

7. Highlight MICROSYS and press Enter. Notice that your context has changed to O=MICROSYS.

8. Press Insert to create an object.

You should see a list of objects that can be created under the Organization object (see fig. 6.11).

Figure 6.11 Selecting an object class under the organization container.

9. Select Organizational Unit to create an Organization object.

You should see a box for creating the Organizational Unit object (see fig. 6.12).

Enter the name of the Organizational Unit shown in figure 6.1. You can elect to create a User Template for the Organization object at this point or defer this action until later.

10. Press F10 to save changes and perform the create operation.

11. When asked to create another Organizational Unit object, answer Yes and repeat previous steps to create all the other Organizational Unit objects.

12. Review figure 6.1 and repeat previous steps to create the rest of the organization as shown in that tree.

Figure 6.12 The NetAdmin dialog box for creating an Organizational Unit.

13. Delete the NDS tree you have just created. You cannot delete a container object that has objects defined in it. You must, therefore, start with the bottom-most objects and delete them first.

To delete an object, highlight it in the object class list and press Delete. You are then asked to confirm your delete operation.

The UIMPORT Utility

When you create User objects in the NDS tree, you must use a standard convention for user object names. One way of doing this is through creating User objects en masse by using the UIMPORT (User Import) utility. UIMPORT creates User objects based on the contents of two files: a control and a data file. Both of these are text (ASCII) files. The UIMPORT data file contains the values of properties of User objects, such as user name, last name, telephone number, and so on, and the UIMPORT control file contains a description of the fields in the data file.

Because the user property values of many users can be placed in a single data file, a uniform naming convention can be more easily enforced. The data in the text file is in the CSV (Comma Separated Value) format. The CSV format is a popular way of exporting/importing database records between two different database systems. In CSV format, the values are separated by commas. An example of a CSV format is shown on the following page:

Karanjit, Siyan, Engineer, 709-1234, KARANJIT@SCS, M/S 505, SCS Engineering, Eng, Dev

The data items are separated by the comma delimiter. Values that have a space character are enclosed in quotes. The different data items can be considered as fields of a record.

You can maintain a text file with user information in CSV format. It might, however, be more convenient to maintain the database of users using a commercial database such as dBASE, XQL/SQL/Btrieve, MS Access, Paradox, or Ingres. You can then export the information in the database in the CSV format to the UIMPORT data file. This can then be used with the UIMPORT command, whose general syntax is shown here:

UIMPORT controlfile datafile 

The controlfile contains a description of the order of the fields in the datafile and import control information. Figure 6.13 shows the process of using UIMPORT.

Figure 6.13 Using UIMPORT.

The following is an example of a data file and the corresponding control file. The UIMPORT command for these files is such:

UIMPORT USERS.CTL USERS.DAT 

UIMPORT data file USERS.DAT: Karanjit, Siyan, Engineer, 709-1234, KARANJIT@SCS, "M/S 505", "SCS Engineering"

Michael, Singh, Accountant, 709-7884, Michael@SCS, "M/S 506", "SCS Accounting"

Amar, Sigal, Manager, "", Amar@SCS, "M/S 508", "SCS Corp" "Rama", "Sinha", "Manager", "709-2344", "Rama@SCS", "M/S 608", "SCS Corp" Notice that each record contains the user's object name, last name, telephone number, e-mail address, postal address, department, and groups. Property values that are missing are represented as "". This is seen in the third record, which does not have the telephone number property value set. Values that have a space as part of their value are placed in quotes (M/S 505, SCS Accounting), but you can also place quotes around all values. You can see this in the fourth record where all values, regardless of whether they have a space or not, have quotes around them.

UIMPORT control file USERS.CTL:

IMPORT CONTROL

User Template = Y Create Home Directory = Y Home Directory Path = "USERS" Home Directory Volume = ".CN=NW4CS_SYS.OU=CORP.O=ESL" 

FIELDS

Name Last Name Title Telephone Number Email Address Postal Address Department 

The statements in the Import Control section contain information such as whether to use the settings in the USER_TEMPLATE User object (for values of User object properties that are not specified in the data file), whether to create a home directory, the home directory path to use, the volume on which the home directory should be placed, and so on.

The IMPORT CONTROL and FIELDS sections begin on the first column of the control file. The parameters under each section must be indented by one or more space characters or a tab.

Figure 6.13 shows the results of running the UIMPORT command with the data and control files listed previously. The first command shown on the screen is the CX command to change to the context where the User objects are created. You can add a NAME CONTEXT statement to the IMPORT CONTROL section of your control file to specify the context in which to create the User objects. If you were using the following control file, you would not have to precede the UIMPORT command with an explicit CX command.CTL control file, you can use the following control file to avoid having to use an explicit CX command before the UIMPORT command.

IMPORT CONTROL

User Template = Y Create Home Directory = Y Home Directory Path = "USERS" Home Directory Volume = ".CN=NW4CS_SYS.OU=CORP.O=ESL" Name Context = O=SCS 

FIELDS

Name Last Name Title Telephone Number Email Address Postal Address Department 

Figure 6.14 Running UIMPORT.

The user database can be more general than the properties needed for the NDS User object. It might have fields such as social security number, employee identification number, sex, and so on. Ideally, the UIMPORT data file should be created so that it does not contain fields that are not needed in the User object. However, even if the user data file does contain unwanted fields, you can use the SKIP keyword in the control file to cause UIMPORT to skip the corresponding data field in the data file. Consider the following data file that has two additional fields for employee identification and sex: Karanjit, Siyan, Engineer, E1830, M, 709-1234, KARANJIT@SCS, "M/S 505", "SCS Engineering"

Michael, Singh, Accountant, E8833, M, 709-7884, Michael@SCS, "M/S 506", "SCS Accounting"

Amar, Sigal, Manager, "", E8323, M, Amar@SCS, "M/S 508", "SCS Corp" "Rama", "Sinha", "Manager", E3433, M, "709-2344", "Rama@SCS", "M/S 608", "SCS Corp" To ignore these additional fields, you can use SKIP in the control file as shown here:

IMPORT CONTROL

User Template = Y Create Home Directory = Y Home Directory Path = "USERS" Home Directory Volume = ".CN=NW4CS_SYS.OU=CORP.O=ESL" Name Context = O=SCS 

FIELDS

Name Last Name Title Skip Skip Telephone Number Email Address Postal Address Department 

If the data fields have a comma or a double quotation mark as part of the data value, you can inform UIMPORT to use an alternate character as a separator or as a quote character. If you used the percent character (%) as a separator and the circumflex character (^) instead of a double quote, the data file and control files would look similar to the following:

UIMPORT data file USERS.DAT using alternate separator and quote characters: Karanjit% Siyan% Engineer% 709-1234% KARANJIT@SCS% ^M/S 505^% ^SCS Engineering^

Michael% Sigal% Accountant% 709-7884% Michael@SCS% ^M/S 506^% ^SCS Accounting^

Amar% Anand% Manager% ^^% Amar@SCS% ^M/S 508^% ^Special Hush Projects^ ^Rama^% ^Kumar^% ^Manager^% ^709-2344^% ^Rama@SCS^% ^M/S 608^% ^Accounting ^ UIMPORT control file USERS.CTL showing alternate separator and quote characters:

IMPORT CONTROL

User Template = Y Create Home Directory = Y Home Directory Path = "USERS" Home Directory Volume = ".CN=NW4CS_SYS.OU=CORP.O=ESL" separator=% quote=^ 

FIELDS

Name Last Name Title Telephone Number Email Address Postal Address Department 

Each user record in the UIMPORT data file usually takes up a single line. A single UIMPORT data file line can be 8 KB characters. If the record size exceeds this value, you can continue to the next line. To continue a user record on a new line, the previous line must end in the separator character (usually ",").

Table 6.1 shows the statements that can go under the IMPORT CONTROL section, and table 6.2 shows the properties of the User object properties that can be specified in the FIELDS section. You must specify the property name exactly as listed in table 6.2.

TABLE 6.1 IMPORT CONTROL Parameters for UIMPORT

Import Control Parameter	Description
Create Home Directory	The parameter value can be a Y (Yes) or N (No) and is used to specify whether UIMPORT creates a home directory for the user. The default setting is N. If this parameter is set to Y, the Home Directory Path and Home Directory Volume must be specified.
Delete Property	You can use this parameter to delete the value of a property. When a property value is deleted, it becomes a property that is not set. This parameter specifies the character pattern that will be used in the UIMPORT data file to delete the value of the corresponding user property. The exact character pattern that you use is not important as long as the pattern is not a valid property value. Examples of Delete Property character patterns follow:
	Delete Property = DEL##
	Delete Property = &&DEL&&
	Delete Property = ##
	Deleted Property = !!!
	The delete property pattern is placed in the data field of the user record for whom the property value is to be deleted.
Home Directory Path	This parameter specifies the directory path under which the user's home directory should be created. The actual value is enclosed in double quotes. For example, the following setting places the user's home directories under the USERS directory on the volume specified by the Home Directory Volume parameter:
	Home Directory Path = \USERS
	The first eight letters of the user's name are used as the name of the home directory. The users are given the directory rights of [RWCEMFA] to their home directory. A common mistake is to include the volume name as part of the home directory. The volume name is specified by the Home Directory Volume parameter.
Home Directory Volume	This parameter specifies the NDS path name of the volume object under which the user's home directory should be created. The actual value is enclosed in quotes. For example, the following setting places the user's home directories under the volume object .FS_SYS.ESL.:
	Home Directory Volume = .FS_SYS.ESL
Import Mode	This parameter is used to specify whether UIMPORT is to be used for creating, updating, replacing, or deleting properties for the NDS User object. The Import Values have the following meanings:
	C = Create new User objects; if data matches existing object, it is ignored
	B = Create and Update User objects (default)
	U = Update existing User objects
	R = Remove User objects
Name Context	This parameter specifies the NDS context in which the new User objects are to be placed. The default is the current context. A common mistake is to run UIMPORT without making sure that the User objects are to be created in a specific context. It is a good idea to always use the Name Context parameter. The name context value is enclosed in quotes and must not have a leading period. Example:
	Name Context = OU=CORP.O=ESL
	Note that the absence of the leading period is also common to the Name Context parameter in the NetWare DOS Requester section of the NET.CFG file.
Quote	This parameter is used to specify the character that will enclose string data. The default value is quote (" "). Its primary use is to specify an alternate quote character if property values contain the quote (" ") as part of the data. Examples:
	Quote = ^
	Quote = #
	Quote = /
Replace Value	This parameter controls the behavior of UIMPORT for properties that have multiple values. Examples of such properties are list properties (group membership, telephone number). If you specify Y as the value, UIMPORT will replace existing property values with the values specified in the data file. If you specify N (default) as the value, UIMPORT will add data in the data file to existing values of the multi-valued property.
Separator	This parameter is used to specify the character that will separate data fields. The default value is a comma. Its primary use is to specify an alternate separator character if property values contain the comma as part of the data. Examples:
	Comma = ,
	Quote = %
	Quote = $
User Template	This parameter is used to specify whether you want to apply the properties in the special User_Template object to apply first or not. If set to Y, the property values defined in the user template are applied before the property values defined in the data file. If you do not want user template values to be applied, set the value to N (default).

Table 6.2 FIELD Parameters for UIMPORT

UIMPORT Field Values	Multivalued Property?	Comments
Name	No	This field is mandatory. It serves as the user's login name.
Last Name	Yes	At least one value is required when creating the User object.
Other Name	Yes	Used to enter alias names for the object.
Postal Address Post Office Box State or Province Street Address City	No	These values are used for the Postal (ZIP) Code user's mailing address.
Email Address	Yes	Currently, this is for informational purposes. Add-on e-mail packages can make use of this value.
Telephone Number	Yes	This is the telephone number(s) for the User objects.
Facsimile Telephone	Yes	This is the fax number(s) for the Number User objects.
Title	Yes	This is the title(s) of the user.
Description	No	This is a description of the user. The value is of type string, and it must be enclosed in quotes if it contains commas or new-line characters.
Department	No	This is the department name, code, or any other type of entry.
Location	No	This is the location of the user's work- place, environment, department, organization, and so forth.
Group Membership	Yes	Defines group names of which the User object is a member.
See Also	Yes	Miscellaneous information on the user.
Skip	Not a	This enables you to skip the property corresponding data field in the UIMPORT data file.
Login Script	No	Contains a data file which in turn contains the name of the data file whose contents become the login script for the user.
Account Balance	No	Amount of balance for the user.
Allow Unlimited Credit	No	Set to Y to allow unlimited credit, otherwise set to N.
Minimum Account Balance	No	Minimum amount of balance for the user.
Language	Yes	Set to the preferred language for the user: English, Spanish, French, Italian, German, and so on.
Login Disabled	No	Set to Y to disable user's login. Set to N to enable user's login.
Login Expiration Time	No	Time at which the user's login expires.
Login Grace Limit	No	Number of additional logins allowed to user after the current password expires if the user does not change the password.
Login Grace Remaining	No	Status property indicating how many additional grace logins are available to user.
Login Maximum Simultaneous	No	Set to Y (default) to allow simultaneous user logins by the same user. To disable simultaneous user logins by the same user, set to N.
Password Allow Change	No	Set to Y (default) to allow user to change his password. To disable this feature, set to N.
Password Expiration	No	Set to Y to allow password to expire. Set Interval to N (default) to enable user to keep the same password indefinitely.
Password Expiration	No	This value can be entered only if Time Password Expiration Interval is set to Y. The value is the date and time the password expires.
Password Required	No	Set to Y to force User object to have a password set. Set to N (default) to disable setting of the password.
Password Unique	No	Set to Y to force user to give a different Required password when she changes her password. Set to N to disable this feature.
Password Minimum	No	Specifies the minimum length of Length the user's password.
Profile Security	No	Name of Profile object for this user. Equal To The Profile object contains the profile login script.

In this chapter you learned the principal methods for adding, deleting, and modifying NDS objects:

• The NetWare Administrator (NWADMIN.EXE)
  
  
• The NetAdmin tool (NETADMIN)

You looked closely at UIMPORT.

NetWare Administrator is a Windows- and OS/2-based tool. NetAdmin is a DOS-based tool. UIMPORT is a batch utility that can create, modify, or delete a large number of users all at once.

---

© Copyright, Macmillan Computer Publishing. All rights reserved.