Utilities in JRButils for Netware v20
Salvlist lists deleted files in a single directory or for all directories in a tree. Features include:
- Can display any combination of up to 12 properties of each file e.g. size, owner, deleter etc.
- Output may be sorted by any field.
- Can search for files with a particular name, by owner, deleter, file size, and deletion date and time.
- Can display only the number of deleted files in each directory.
- Files may be recovered based on any selection criteria, with automatic renaming if a file with the same name already exists.
- Files can be moved to a different directory on the same volume upon recovery.
- Can request that only the most recently deleted file with a particular name be recovered.
- Can display and recover deleted directories on NSS volumes.
- Correctly displays file sizes larger than 4.3 GB on NSS volumes under NW 6.0 SP2 or later.
- A fully GUI version is available which also supports purging of deleted files.
Displays information from the eDirectory schema. The following may be displayed:
- Object classes in the schema. Wildcards may be used to list only a subset of the defined classes.
- For each object class, the names of attributes which are valid for that class.
- For each object class, full details of attributes which are valid for that class.
- A list of attributes defined in the schema. Wildcards may be used to list only a subset of defined attributes.
- A list of attributes with the object classes for which the attribute is valid.
- The schema program may be used before and after a product install to identify changes made to the schema by the installation.
Allows various server console commands to be executed from a work station under all versions of NetWare but not on OES Linux. These are:
Add a name space to a volume
Mount or dismount a volume
Execute an NCF file
Load or unload an NLM
Display the loaded modules
Display the values for “set” commands
Display file cache information
Display directory cache information
Display cpu information
Display general information
Display the amount of memory and memory allocation details
Display NCP statistics
Display link support layer (lsl) information
Display known networks
Display known servers
Display login and TTS status
Down the server
Disable or enable logins
Issue “set” commands
Manage a server’s bindery contexts
Some commands require supervisory rights, others require console operator status.
Servcert imports, exports and lists server certificates. A range of certificate properties may be displayed. These include:
Number of extensions
Public key size
Public key algorithm oid
Signature key algorithm oid
In addition to having the NetWare client installed, servcert requires five or six DLLs to run. They are listed below and can be found in the sys:ni\nis30\bin directory.
spmdclnt.dll for npkiapi.dll v184.108.40.206 onwards
Servtime displays the time on one or more servers.
Setacl can set, delete and view ACLs for a single object, multiple objects selected using wildcards, all members of a group, or for a list of objects in a file. Its features include:
- Can process both object ACLs and attribute ACLs.
- Can process ACLs for any object class or all object classes.
- Allows you to add or delete en masse, objects’ rights to one of its own properties. For example, it can grant each member of a group write access to his/her own telephone number.
- When viewing ACLs, all ACLs for each object can be displayed (this is the default).
- Can limit the ACLs displayed to those for a particular attribute or trustee, or those containing particular rights.
- Can list the ACLs to be deleted without actually deleting them.
- Can prompt for confirmation before modifying each ACL.
- Can search the entire tree from [Root]. This together with the ability to filter by attribute, trustee and rights allows tasks to be performed such as listing all ACLs in the tree for which a particular object is a trustee, or to list all ACLs granting the supervisory right.
- Supports the “Password Management” pseudo attribute.
- Supports auxiliary classes.
- Supports attribute inheritance.
- Supports the nested group inheritance bit introduced in eDirectory 8.8.2.
- Can save ACLs in a form allowing them to be restored, also by setacl.
- Supports multiple ACLs for the same attribute and trustee, but with different rights. By default an ACL is replaced when only the rights are different. It seems that under some circumstances, Zen uses multiple ACLs for the same attribute and trustee.
Setattr sets attributes for files and directories on both NetWare and Windows. This provides a direct replacement for Novell’s flag.exe which is a DOS program and can have problems with long paths, deeply nested paths, and paths containing extended characters. JRButils's setowner replaces the remaining flag.exe functionality of modifying file ownership.
Setbal sets account balances or credit limits for a single user, each member of a group, one or more users selected using wildcards, or a list of users in a file. Features include:
- Both the account balance and credit limit may be set to a specified value, or they may be adjusted by a given amount (e.g. add $10 to each member of group comp101).
- When using an input file, the balances may be in the file allowing a different balance to be set for each user.
- Can delete accounting holds which are amounts put on reserve pending completion of a job resulting in a charge. This is not normally required but a bug in an older version of A.N.D. Technologies’ Pcounter could result in large random account holds remaining in existence.
- Can set balances and credit limits for print servers.
- Can process objects in a nominated container and in all containers below that container.
- Can set balances in the PCOUNTER:FreeQuota attribute instead of the “Acount Balance” attribute.
Setcx searches an eDirectory tree for a given object, and if found, sets the default context to that in which the object was found. It functions with only browse rights for [Public] to [Root] which is granted by default at installation. Features include:
- Can prompt for the object to search for.
- Can specify the text for the prompt.
- Can locate objects of any class.
- Can begin the search at any specified location in the tree.
- Can store the distinguished name of the object in the environment.
Setequiv makes one or more objects security equivalent to another. It allows input of object names from a file.
Sethome2 stores users’ home directories in their “Home Directory” attribute. Features include:
- When a root directory is specified, (e.g. moa/vol1:users), sethome2 will automatically append the user name to obtain the complete home directory path for each user.
- An absolute path can be specified when the lowest level of the home directory does not match the user name.
- Can create the home directory if it does not exist. The user will be assigned [RWCEMFA] rights to the created directory by default but you may specify alternative rights.
- Can modify the rights to existing home directories.
- Can delete “Home Directory” attributes.
- Can set or delete each user’s default server.
- Allows the home directory to be stored in the “Home Directory” attribute in any name space.
- Can store paths using ‘/’ or ‘\’ as separators of path components.
- Can convert ‘/’ to ‘\’ and vice versa for paths already stored in the “Home Directory” attribute. Some applications making use of this attribute fail to function when they encounter ‘/’.
- Can create home directories without modifying the contents of the “Home Directory” attribute.
- Can set the “Home Directory” attribute without creating the home directory.
- Can control whether the path component stored in the “Home Directory” attribute is preceded by ‘/’ or ‘\’ e.g. “\users\john” versus “users\john”.
- Can add or remove leading ‘/’ or ‘\’ characters from the path component of existing values in the “Home Directory” attribute. We have received reports of ConsoleOne requiring a leading ‘\’ but have been unable to reproduce this.
- Can set the ownership of home directories to the user.
- Can set or remove a directory quota on each home directory.
- Can grant or remove rights for another user to each home directory.
- Can change just the volume object in each “Home Directory” attribute.
Setname was originally written to set text attributes (hence its name) but its functionality has been extended over time to allow setting of a range of other types of attributes. Its current repertoire is:
- Text attributes such as full name, given name, generational qualifier, description, department, city and internet email address. Setname may also be used to change the case of existing values for text attributes.
- Attributes holding object names as values.
- Attributes using the “Integer” syntax e.g. “Login Intruder Limit”.
- Attributes using the “Counter” syntax e.g. “Login Grace Remaining”.
- Attributes using the “Interval” syntax e.g. “Intruder Lockout Reset Interval”.
- Boolean attributes e.g. “Detect Intruder” and “Login Disabled”.
- Attributes using the “Time” syntax e.g. “Password Expiration Time”.
- Attributes using the “Typed name” syntax e.g. “App:Associations”. This syntax comprises three fields - an object name, a level and an interval.
- Attributes using the “Facsimile Telephone Number” syntax e.g. “Facsimile Telephone Number”.
- Attributes using the “Email Address” syntax e.g. “Email Address”.
- Attributes using the “Object Class” syntax allowing auxiliary classes to be applied to objects.
- Attributes using the “Network Address” syntax e.g. “Network Address Restriction”.
- Attributes using the “Back Link” syntax.
- Attributes using the “Path” syntax e.g. the “Path” attribute for directory map objects.
- Some attributes using the “Octet String” syntax e.g. “photo”.
- Attributes using the “stream” syntax e.g. “App:Startup Script”.
Features of setname include:
- Can set the same attribute value for multiple objects.
- Can add one or more attribute values for multi-value attributes.
- Can remove individual attribute values for multi-value attributes.
- Can convert existing attribute values to entirely upper case, to entirely lowercase, or to a mixture of upper and lowercase.
- Can use an input file containing object names and attribute values.
- Can copy an attribute value from another object.
- Can copy one or more values from another attribute of the same object e.g. CN to uniqueID.
- Supports setting multi-line values for attributes such as “Description”.
- Supports prefixing an attribute name with its auxiliary class. This ensures that the correct auxiliary class is added when the attribute is valid for more than one class.
- Supports base64 encoding of string values e.g. for the aplXMLHomeDirectory attribute.
- Can force setting a zero value for a boolean attribute. The default is to delete the attribute unless it is one of the few exceptions where the absence of a value equals ‘true’.
- Can add or remove selected bit values stored in attributes using the “Integer” or “Interval” syntaxes. For example, bit 0x80000 could be added to the app:Flags attribute of a Zen application object.
- Can selectively delete attributes using the “Path” and “Typed name” syntaxes based on the value in certain fields.
Setowner can change the ownership of individual files, selected files in a directory tree, all files and directories in a directory tree, or can treat each subdirectory as a separate tree and set ownership to the user corresponding to the subdirectory name e.g. for vol1:users\hewey set ownership to hewey, for vol1:users\dewey set ownership to dewey etc. Other features include:
- Can obtain a user’s home directory from their “Home Directory” attribute.
- Can specify the name of the new owner.
- Can set ownership to objects of any class.
- Can change ownership of only those files without a valid owner.
- Can process files, directories or both.
- Can display paths in the DOS or LONG name space.
- Can set the updater and archiver for files.
- Can be used to restore creation, update and last archive dates and times, last access dates, attributes and inherited rights filters, using an input file created using whodidit.
- When restoring owners, archivers and updaters, setowner can search eDirectory for matching objects if just the common names are recorded rather than the distinguished names.
- Can display all file names, or just the names of those for which a change is made.
Setpword can set NetWare and other passwords for multiple objects. Its features include:
- Can set NetWare and universal passwords.
- Can set simple passwords.
- Can set GroupWise passwords.
- Can set AD domain and NT Domain passwords.
- Can set workstation passwords.
- Can set samba NT and Lan Manager passwords for objects on OES Linux which have been added to the samSambaAccount auxiliary class.
- Can set passwords for a range of users e.g. comp001-comp100.
- Can remove passwords.
- Can set the password to match the user name.
- When using an input file, it is possible to set a different password for each user.
- Can generate random passwords of any length using numeric, special, alphanumeric or alphabetic characters of mixed case or single case. The generated passwords may be written to a file, along with the user name and optionally the server name and user’s full name. The random passwords can be generated without them actually being set.
- Can be used by anyone, but if neither supervisor nor “Password Management” rights are held, the old password is required.
- When changing passwords for other users, NetWare by default expires the password if a password expiration interval is set. Setpword can retain the current expiration date, or update it by the password expiration interval.
- Can verify NetWare, universal and simple passwords.
- Can identify users without passwords.
- Can reset intruder lockout before setting a user’s password.
Setquota sets quotas for multiple users. It supports volume based and directory based quotas on both traditional and NSS volumes. Features include:
- Can obtain user’s home directories from their “Home Directory” attribute.
- Can set a specific quota, or increment/decrement a quota by a given amount e.g. 2 MB, or by a given percentage e.g. 20%.
- Quotas may be specified in units of bytes, 4096 byte blocks, KB, MB or GB.
- Can set or remove a quota on any subdirectory of each user’s home directory.
- Can process all subdirectories of a directory, or all directories in a tree.
- Can prompt for confirmation before setting each quota.
- Can process objects in a nominated container and in all containers below that container.
- Quotas may be removed.
- Can remove all quotas from a volume, or all quotas for which no corresponding users exist.
- Can wait for a specified time after setting each quota to avoid possible problems on NSS volumes when setting large numbers of quotas on directories which did not previously have a quota.
- Can store quotas in eDirectory for retrieval via LDAP as well as applying the quotas to the file system.
- Can perform consistency checks when setting directory quotas e.g. that the quota is not larger than one at a higher level.
Setrest sets account restrictions for multiple users. These include:
Account activation date (requires eDir 8.7 or later)
Account is disabled
Account expiration date and time
Address restrictions (both IP and IPX)
Force periodic password changes
Grace logins allowed
Grace logins remaining
GroupWise login disabled
GroupWise mailbox expiration
Last login date and time
Login time restrictions
Maximum concurrent connections
Password minimum length
Password expiration date and time
Password expiration interval
Password is required
Proxy password age limit
Proxy password change allowed
Proxy password expiration date and time
Proxy password grace logins
Proxy password force periodic changes
Unique passwords are required
User can change their own password
Settrust performs many of the functions of Novell’s rights program. It can do the following:
- Set trustee assignments for one or more directories or files.
- Remove trustee assignments for one or more directories or files.
- Restore trustee assignments from a file of rights, grant or settrust commands created by trstlist.
- Display trustee assignments for one or more directories or files. Note that settrust lacks the flexibility of JRButils’ trstlist which is the better program for displaying trustee assignments.
- Set and display inherited rights filters.
- Restore inherited rights filters from a file of rights or settrust commands created by trstlist.
- Display the rights of the person running settrust to selected files and directories.
- Display the rights of any object to selected files or directories.
- Store trustee assignments for ZEN application objects with eDirectory.
Settrust’s advantages over Novell’s rights program include the ability to specify and display paths in the LONG name space, the ability to set or remove trustee assignments for multiple objects in a single command, the ability to display rights for another user and being a 32 bit Windows program rather than a 16 bit DOS program.
Changes the creation date for a NetWare volume. This may be useful to overcome a problem with Apple Macintosh machines which distinguish volumes by their creation dates and times. If two NetWare volumes have exact same creation dates and times, a Macintosh client cannot distinguish between them.
A GUI program which monitors the user’s free or used space and pops up a warning if these have reached a threshold value. It works with both volume and directory quotas, and can also monitor the usage and free space for an entire volume. It can be configured from the command line, or by right clicking on the icon in the system tray. The current quota, usage and free space can be displayed by moving the cursor over the system tray icon.
Sparse identifies sparse files. These are files with ‘holes’ in them where no data exists, and so the file system has not allocated disk blocks for these parts of the file. Many sparse files are created accidentally by misbehaving applications, and appear as large files when listed in explorer. However, they can have as little as one block of disk space allocated. These files can cause problems when copied, or backed up. If the program reading the sparse file reads it as an ordinary file, the file system returns zero values for the missing data, and if the data is written to tape or disk, the new file will have all blocks allocated. This can cause problems such as:
- Copies failing because a directory quota or volume quota has been reached.
- User’s being over quota if the application transfers quotas after copying the files.
- Running out of space on a volume.
- Slow backups as multi-megabytes of zeroed data is transferred to tape.
Sparse has the following features:
- Can check all files in a directory structure.
- Can search all volumes on a server.
- Can display the block bit map for each sparse file on NetWare servers. Under OES11 SP2 onwards, it can display the offset and length of each extent.
- Can specify a minimum size for files to be checked.
- Reports both the physical size (bytes of disk used) and logical size (reported by ‘dir’) for each sparse file.
- Can restore the last access date on files which are checked. Because it has to open the file to determine if it is sparse, the last access date is automatically updated by NetWare.
- Can skip compressed files as these are decompressed when checked.
- Displays paths in the DOS or LONG name space.
This program currently cannot be used on OES Linux servers prior to OES11 SP2. The NWGetSparseFileBitMap function used on NetWare servers has not been implemented on OES Linux. However, in OES11 SP2, a new function is available performing the same task and with the added advantage of supporting files larger than 4.3 GB in size.