home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Tech Arsenal 1
/
Tech Arsenal (Arsenal Computer).ISO
/
tek-05
/
lanman_2.zip
/
TOOLS
/
NWBIND
/
README.TXT
< prev
Wrap
Text File
|
1992-03-10
|
16KB
|
383 lines
NWBIND
------
The Bindery Conversion Utility (BINDCONV.EXE) copies user
accounts from a NetWare server's bindery to a LAN Manager
server's user account database, preserving as much of the
original account information as possible.
All users and groups from the NetWare bindery are added to the
LAN Manager user account database (except duplicates of accounts
already in the LAN Manager database). There is no limit on the
number of users or groups that can be converted from the NetWare
bindery, up to the maximum of 16,000 users in a LAN Manager user
account database.
The next section of this file describes the syntax of the
BINDCONV utility. The following section describes each option
available with the BINDCONV utility, and the final sections
describe how BINDCONV copies or generates each component of a
user account, explain how groups and security equivalences are
handled, and give an example of output from BINDCONV.
INSTALLING BINDCONV
To install BINDCONV, copy BINDCONV.EXE and BINDCONV.MSG to
the LANMAN\NETPROG directory of a workstation that runs LAN Manager
and NetWare Connectivity. You can run BINDCONV only on a workstation
with LAN Manager and NetWare Connectivity.
SYNTAX
The format for the BINDCONV command is as follows:
BINDCONV source destination [options]
where:
source is the NetWare server from which the user accounts are
to be copied. You must first attach to this server with the
NetWare ATTACH command before running BINDCONV.
destination is the LAN Manager server or domain to which you
want to copy the accounts. If you want to copy the accounts
to a single server, precede the server name with two
backslashes (\\). To copy the accounts to a domain, specify
the domain name as the destination, with no backslashes. In
this case, the accounts will be copied to that domain's
primary domain controller.
[options] are the options discussed in the rest of this
section. You can use these options in any combination, as
shown in the following examples. You are not required to
specify any options; for any options you don't specify, the
default value will be assumed.
SYNTAX EXAMPLES
The first example runs BINDCONV to copy accounts from the NetWare
server named NETWARE1 to the LAN Manager server named LANMAN1,
using the default values for all options:
BINDCONV NETWARE1 \\LANMAN1
The next example copies the accounts to the LAN Manager domain
DOMAIN1, sets the comments of each account created on the LAN
Manager server to "Copied from NetWare1", and specifies that
the new accounts have no password:
BINDCONV NETWARE1 DOMAIN1 /C "Copied from NetWare1" /P N
The next example produces a report of how user accounts would be
copied from NETWARE1 to LANMAN1, but does not actually copy any
accounts:
BINDCONV NETWARE1 \\LANMAN1 /Test
OPTIONS
The following options are available with BINDCONV.
[/Test] When you specify this option, BINDCONV does not
actually copy any accounts to the LAN Manager
server, but instead generates a detailed report
showing what user accounts and groups will be
created on the LAN Manager server if you run
BINDCONV in non-test mode.
[/C N|A|'text'] Determines the account comments for user accounts
created on the LAN Manager server. N (the
default) sets no comments, A sets every user's
comment to be "Transferred account from NetWare
server", and 'text' sets the text you type
between the single quote marks as the comment of
each account.
[/CC 0|n] Sets the country code for each user account
created on the LAN Manager server. n can be any
number. The default is 0.
[/CP 0|n] Sets the code page for each user account created
on the LAN Manager server. n can be any number.
The default is 0.
[/D O|U|P] Determines how BINDCONV acts when it finds that a
user account or group on the NetWare server has
the same name as a user or group already on the
LAN Manager server. O (the default) overwrites
the LAN Manager account or group, replacing all
of its information with the information from the
NetWare server. U updates the account, meaning
that only certain aspects of the user account or
group are changed, as explained in the following
paragraphs. P preserves the user or group already
on the LAN Manager server, discarding the
information from the NetWare account.
With the U option, only the following changes are
made to a duplicate user account on the LAN
Manager server:
- If the LAN Manager account has no logon
script and the value of the /S option is not
N, create a logon script.
- If the LAN Manager account has no home
directory and the /HD option was specified,
create a home directory.
- If the account expiration date in the NetWare
account is farther in the future than the
expiration date in the LAN Manager account,
set the expiration date to the NetWare date.
- Set the allowed logon hours in the LAN
Manager account to all hours that are allowed
in either the NetWare account or the LAN
Manager account.
- If the maximum disk storage amount in the
NetWare account is larger than the amount in
the LAN Manager account, set the storage
amount to the NetWare amount.
Also with the U option, if BINDCONV finds that a
group on the NetWare server has user(s) that
aren't members of the group on the LAN Manager
server, it adds those members to the group on the
LAN Manager server.
[/P P|N|U|R] Determines what password is given to accounts
created on the LAN Manager server. The passwords
in the NetWare accounts are encrypted and
BINDCONV cannot read them or copy them to the LAN
Manager account. P (the default) sets the
password of every user created to the word
"PASSWORD". N specifies that accounts have no
password. U sets the password of each account to
that account's username. R generates a random
password for each account, and also creates a
file called RANDPASS.FIL in the current directory
on the workstation from which you run BINDCONV.
RANDPASS.FIL contains the randomly-generated
passwords for each account, and you can use this
file to find the password assigned to each user.
Be sure to delete RANDPASS.FIL as soon as all users
know their passwords; when deleting the file, you
may want to use a utility that deletes all the
file's data, such as Norton's Wipefile utility.
If you specify the U option, and some users have
usernames shorter than the minimum password length
allowed on the LAN Manager server, their passwords
will be padded with zeros until they are the minimum
length. For example, if the server has a minimum
password length of 6, the user JOEB would have a
password of JOEB00. Passwords are also padded
with zeros if you specify P for /P and the minimum
password length is greater than 8 (for example),
PASSWORD00 if the minimum length is 10.
[/S N|B|C|BC] Determines how login scripts are converted. N
(the default) causes the NetWare login script to
be discarded, and no logon script to be created
on the LAN Manager server. B causes the NetWare
scripts to be converted to .BAT files, C causes
the NetWare scripts to be converted to .CMD
files, and BC causes both .BAT and .CMD files to
be created for each user. For more information on
how Logon scripts are converted, see "How Account
Information is Converted," later in this file.
[/HD] Creates home directories for each user account
created on the LAN Manager server.
[/Help or /?] Causes a syntax help message to be displayed.
How Account Information is Converted
The following list shows each component of a LAN Manager user
account and how it is converted or generated when a user
account is created on the LAN Manager server to correspond to an
account on the NetWare server. Under the "How converted or
generated" column, "Converted" means that the value of that
component is copied from the NetWare account to the new LAN
Manager account.
Following this list is a discussion of how NetWare groups and
security equivalences are handled.
Account component How converted or generated
-----------------------------------------------------------------
Username Converted. (However, accounts with NetWare
usernames of more than 20 characters are
not converted.
Password Passwords in NetWare accounts are
encrypted and cannot be read. However a
new password can be generated for each
account. For more information on what the
password is, see the /P option under
"Options," earlier in this file.
Full name Converted
Comment See the /C option under "Options,"
earlier in this file.
Country Code See the /CC option under "Options,"
earlier in this file.
Privilege Level If the user's NetWare account has security
equivalence to SUPERVISOR, then set the
privilege level to ADMIN. Otherwise, set
privilege level to USER.
Operator Privileges The user is given no operator privileges.
Group memberships Converted
Expiration date Converted
Valid workstations The user is allowed to use all
workstations.
Logon hours Converted
Logon server Set to "Any server"
Logon script The NetWare logon script is either
discarded or converted, depending on the
value of the /S option. If scripts are
converted, they are converted to .BAT
files, .CMD files, or both, depending on
the value of /S.
If you choose to convert logon scripts,
BINDCONV generates a script for each user.
The script contains the commands from the
user's NetWare logon script, except that
each command is commented out (preceded by
REM). This way, you can see the commands
from the NetWare script while you edit the
LAN Manager script.
Converted logon scripts are stored in the
LAN Manager server's NETLOGON directory.
The filename of each script is the
username of the script's user, plus either
the .BAT or .CMD extension.
Home directory If the /HD option is specified, a home
directory (with the same name as the
username) is created for the user. If a
directory of this name already exists,
it is not created and an error message is
shown.
If /HD is not specified, no home
directories are created.
Maximum disk storage Converted
Account disabled? Converted
Password required? If the minimum password length of the
user's NetWare account is 0, the user's
LAN Manager account is set so that the
user is not required to have a password.
If the NetWare minimum password length
is anything but 0, the user's LAN Manager
account is required to have a password.
Can user change Converted
password?
Groups
All groups with names of 20 or fewer characters are converted.
Their memberships will be the same on the LAN Manager server as
on the NetWare server.
Security Equivalences
All users on the NetWare server who have security equivalence to
SUPERVISOR are given ADMIN privilege on the LAN Manager server.
Any user who has security equivalence to a group on the NetWare
server is made a member of that group on the LAN Manager server.
Security equivalences to individual users are handled this way:
when BINDCONV determines that one or more users have security
equivalence to another user, a group is created, and these users
are placed in that group. For example, suppose that users A and B
have security equivalence to user C. On the LAN Manager server, a
group name USER_C is created, and users A and B are placed into
this group.
Note that in the messages that BINDCONV displays, when groups in the
LAN Manager database created for security equivalence are referred to,
the "USER_" portion of the group name is omitted. For example, when
the output of BINDCONV mentions the group "USER_C," it is referred to
only as "C".
EXAMPLE OUTPUT
The rest of this document is the actual output from running
BINDCONV to convert user accounts from the NetWare server NETWARE1
to the LAN Manager server LANMAN1.
Microsoft LAN Manager 2.1 NetWare (TM) Bindery Conversion Utility.
Copyright (C) 1991, Microsoft Corp.
Account information from the NetWare server NETWARE1 is
being transferred to the LAN Manager server \\LANMAN1.
Reading user information from NETWARE1.
..
Reading group information from NETWARE1.
..
Reading security equivalence information from NETWARE1.
..
No new groups are created.
The following groups are updated:
EVERYONE NETSYS_MGRS NETSYS_USERS TESTGRP1
TESTGRP2
Following groups are not transferred since a user with same name exists
on the NetWare server NETWARE1:
NEWGRP NEWGRP1
No new security equivalence groups are created.
The following security equivalence groups are updated:
ALEXSM CAROLRA NEWGRP TERRYN
The following new users are created:
NEWGRP1
The following users are updated:
ANNAKN CHRISD EDWARDS GUEST
NEWGRP SUPERVISOR TERRYN
The following users are not transferred since their names are
longer than 20 characters:
A01234567890123456789
B0123456768988425843765873757345349548
The following users are not transferred since they already exist as a
group on the LAN Manager server \\LANMAN1:
A1USER_DEST1 B1USER_DEST1
Bindery conversion was completed successfully.