home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Network Supervisor's Toolkit
/
Network Supervisor's Toolkit.iso
/
security
/
mw-test
/
read.me
< prev
next >
Wrap
Text File
|
1996-07-10
|
11KB
|
237 lines
MWATCH NLM
DEMONSTRATION COPY
INTRODUCTION
------------
On a Novell Netware network each file has a designated owner. This owner can be the person
who created the file, or the one who last edited it. Ownership is used to determine such things
as the space used by each user-id. You can find out who owns a file by using Novell's NDIR
command or the included MDIR utility from Dana Consultants.
Whenever a user is deleted from the network, any file which was owned by that user is then
considered to be "unowned". Unowned files are represented by NDIR as "[N/A]" and by Dana
Consultants's MDIR program as "[No owner]". Unowned files can be a potential hazard to
network users and have not been serous addressed - until now. MWATCH and MDIR have been
developed to correct and prevent these files from creating problems on your network. By
transferring ownership of unowned files to another id, the hazards of unowned files will be
removed.
In some cases the next user to edit the file will have ownership transferred to them. But, if an
attempt is made to expand the file beyond it's last segment, Novell will return a "Disk Full"
error. (See the section on Unowned Files for more details.) Not very descriptive of an error is
it? Many administrations have been confounded by this error and Novell's lack of documentation
to explain it.
The MWATCH Network Loadable Module (NLM) and the MDIR command line utility can help
you prevent any errors from occurring, or correct them when they do. As a Network Loadable
Module (NLM) MWATCH will run on your file server and when a user is deleted from the
network (or is scheduled to execute), will scan for unowned files. When an unowned file is
encountered, MWATCH will change the ownership to SUPERVISOR, thus preventing any
problems from occurring.
The MDIR utility can be used by a Supervisor to scan for unowned files when necessary, or the
utility can be used to convert ownership from one user-id to another. This feature is useful in
changing ownership on files which were installed by user-ids which may be removed in the
future. It is good practice to install network applications as the SUPERVISOR id, as it is unlikely
that it will be deleted. If an administrator installs an application using their id, then MDIR can
convert the ownership to SUPERVISOR when completed.
Together, MWATCH and MDIR can help an administrator avoid the problems associated with
unowned files on their network.
UNOWNED FILES EXPLAINED
-----------------------
Each file on a Netware Server has a user that is identified as the file's owner. The owner of a
file is used by Netware to determine such things as disk space usage by user-id. (This becomes
an important factor on Networks which limit disk usage by user-id.)
When a user is deleted from the network, all files which were owned by that user are now
considered unowned. You can determine when a file is unowned by the "[N/A]" designation in
Novell's NDIR command, or the "[No owner]" designation in Dana Consultants MDIR utility.
An unowned file is a time-bomb waiting to go off. If a user were to try and expand the file (by
adding records to a database, for example), and that addition would extend beyond that LAST
sector used by the file, Netware will return a "Disk Full" error. Sector size may vary from
network to network, but is usually set at 4K. That does not mean the addition would have to total
4K. Because you do not know how much of the 4K area the file is already using, it would be
difficult to know how much you could add before getting an error. If the unowned file being
edited does not extend beyond the end of it's last sector, then the additions will be saved, and
the owner will be changed to the user-id of the user making the changes (thereby transferring
ownership). But if it does cause the error, you have potentially lost any data you have have
entered.
The "Disk full" errors can be avoided if proper procedures are followed.
1) Before deleting a user from the network, first:
a) Use MWATCH in automatic mode where a scan will be conducted each time
a user is deleted from the network, or
b) Convert files owned by the user you are deleting to SUPERVISOR using the
MDIR utility.
Optionally, MWATCH can be scheduled to execute at a specified time each day to
prevent the additional load on the server from occurring during business hours.
2) On your server, make sure that the SUPERVISOR id is the owner of installed application
files. This will ensure that the installed base of applications will not become
ownerless from the removal of any id.
3) DO NOT DELETE THE SUPERVISOR ID. Re-adding a user-id DOES NOT correct the
unowned file status.
USING MWATCH
------------
MWATCH is a Network Loadable Module (NLM) which executes on a Novell Netware 3.11
File Server. A NLM is a specialized program which is designed to execute along with other
NLMs and the operating system in a multitasking environment.
There are two modes which MWATCH can be loaded with:
1) Automatic mode. This mode will cause MWATCH to execute each time an object is
deleted from the network. When an Object (such as a User-id) is deleted from the
network a signal is set to MWATCH causing it to "awaken". When awakened, MWATCH
will scan the file server in search of unowned files. When encountered, MWATCH
will convert the ownership to SUPERVISOR. Once the scan is completed, MWATCH
will go back to sleep and await another signal.
2) Scheduled mode. This mode will cause MWATCH to execute at a specified time
each day. This option is useful for administrators who would like to only have
the scan occur at specific times (usually prior to a backup). Scheduled mode
is useful when the Automatic mode causes a greater load than is necessary.
Regardless of which mode you use, MWATCH can keep a log file which contains information
on actions taken by the program. This log file is useful to track unowned files, and the
occurrence of them on your network. Because of the information sent to the screen during
execution, using a log file is recommended for information purposes.
You will notice that when MWATCH is executing information is constantly sent to the screen
during program execution. This may seem unnecessary, but is done for a specific purpose. An
NLM must yield itself to other processes so that the network may continue to operate efficiently.
An NLM which takes too much CPU time will impair the performance of a network. One way
that an NLM yields to other processes is through Screen Input/Output (I/O). Each time a message
is sent to the console, the NLM yields itself to all other processes and will continue in it's next
timeslice. So while it may seem like alot of garbage printing on the screen, there is a valid
purpose for it.
INSTALLING MWATCH
-----------------
To install the MWATCH NLM on your File Server, simply copy the MWATCH.NLM file into
your SYSTEM directory. This will make the file available from the console when you use the
"load" command.
MDIR should be copied into your PUBLIC directory. This will make the utility available from
any location on the network.
*********************************** IMPORTANT NOTICE ****************************
BEFORE LOADING MWATCH: Install your new copies of CLIB.NLM and MATHLIB.NLM
into your SYSTEM directory. Then to install the new CLIB into the server, "unload clib" from
the console, and then re-load CLIB.NLM with the command "load clib".
:unload clib ,_command to unload current CLIB from memory
[CLIB.NLM unloaded] <-console response message
:load clib <-reloads new CLIB.NLM you copied into SYSTEM
*********************************** IMPORTANT NOTICE ****************************
MWATCH COMMAND-LINE OPTIONS
---------------------------
The format for the MWATCH command is:
:load mwatch [-s] [-tHH:MM] [-lVOL:PATH\FILE]
Option Explanation
-s Skips the initial file server scan conducted at load time.
Normally, when MWATCH is first loaded it will conduct a scan of the file
server in search of unowned files. If you wish to skip this step, use the
-s option.
-tHH:MM Specifies that MWATCH is to be used in the Scheduled Mode.
HH:MM is to be specified in 24-hour military format. The default of
MWATCH is to be loaded in Automatic Mode. Using the -t option changes
that to Scheduled Mode.
-lVOL:PATH\FILE Specifies the log file to be used by MWATCH.
This file will contain information generated during each execution of
MWATCH. The file will be appended to each time the program is
executed. The messages printed on the console will not be entered in
the log file. Those message for program control only.
Examples
:load mwatch
Loads MWATCH in the Automatic mode and performs an initial file server scan. Each time an
object is deleted from the bindery MWATCH will perform a full scan.
:load mwatch -s
Loads MWATCH like above, but skips the initial file server scan.
:load mwatch -t23:00
Loads MWATCH, performs an initial file server scan, and then sleeps until 11 p.m. each day
when a file server scan will occur.
:load mwatch -t23:00 -lSYS:\MWATCH.LOG
Loads MWATCH like above, but all log information will be sent to the SYS:\MWATCH.LOG
file.
:load mwatch -s -t23:00 -lSYS:\MWATCH.LOG
Loads MWATCH skipping the initial file server scan, schedules MWATCH to execute at 11 PM
each day, and sends all log information to the SYS:\MWATCH.LOG file.
LOG FILE
--------
The file will contain information on files which were effected by MWATCH. It will detail the
file's name and location and any action taken by MWATCH. The file will also contain statistics
which detail when MWATCH execute, and summary information.
You may delete this file at any time, as MWATCH will create this file when it cannot find it.
DEMONSTRATION NOTES
-------------------
This demonstration copy of MWATCH NLM will NOT make any corrections to file
ownerships. The purpose is to demonstrate the capability of the product, and
will identify unowned files on your network. Once loaded the product will
display all files on the network which are unowned, then exit.
IMPORTANT NOTICE
================
YOU MUST USE THE CURRENT VERSION OF CLIB.NLM (VERSION 3.11d). Using another
version can cause unexpected results. If you do not have a current version
of CLIB.NLM (dated 12-16-92), you can contact Novell for the current version.
[See NOVFILES forum on CompuServe, file SECSYS.EXE]
All MWATCH orders will be supplied with the current CLIB.NLM
If you have any questions, comments, or suggestions, please feel free to
contact Dana Consultants at (800) 800-9301