Network Support Encyclopedia 96-1

home *** CD-ROM | disk | FTP | other *** search

/ Network Support Encyclopedia 96-1 / novell-nsepro-1996-1-cd2.iso / cbt / course7 / less7315.tbk (.txt) < prev next >

Wrap

Asymetrix ToolBook File | 1993-02-01 | 332KB | 3,335 lines

mouseEnter buttonDown indexButton_change keyUp leavePage keyUp ptemplate 0,0,0 0,0,0 Do you want to exit the course? Would you like to leave a bookmark? bmark bookname pmark smark tmark result review revnum numrev revdes atmpt component tbkfile.dll review numrev revdes component BookName totno bmarkfile result revnum atmpt popup vTemplate seqno isCntrl isShift buttonDown hotword popup displayHotword vtext No definition for fpopup System vtext fPopup fPopup fPopup popup vLines fpopup popup vText mouseEnter hotword indexButton_change pHotTopics vGpage vGPage vPage vItem vTopic theSelf leavePage popup PLast EnterPage leavePage EnterPage DoPage ESetComp 0,100,0 0,0,0 leavePage 0,0,0 0,0,0 0,100,0 0,0,0 leavePage 0,0,0 0,0,0 pTextPort ptemplate plast Page 21 of 21 AAAAAA" ` ` L o t ~ t Q ` ` 8 1' L o t ~ t Q 3 $ ~ Lesson estroy destroy adjustBounds pText pText gTextID ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds xG^GppBounds 3030,1470,9285,6277 GgTextID group id 543 of page id 197 ffield You have now completed this lesson. To select another lesson, click Menu or Map. To search for information on a specific topic, click Options, and then click Topic Search. For more information on these topics, refer to the following: - NetWare v4.0 Concepts - NetWare v4.0 Supervising the Network PopUpBig PopUp Big destroy buttonUp menuButton_change buttonDown buttonStillDown adjustBounds erted within pText pInverted pExcludeTab nverted pText pInverted pExcludeTab menuButton_change theSelf bButton bButtonID fField fFieldID fFieldID bButtonID fFieldID ppBounds pEnabled fFieldID set p of this page to my uniquename vBounds vText destroy set p of this page to null buttonUp ppEnabled within menuButton_change theLocation buttonDown ppEnabled pInverted buttonStillDown ppEnabled within pInverted pInverted theLocation within theObject theLocation pInverted bButtonID bButtonID theInverted pInverted ppInverted pText fTextID theText pText fTextID pExcludeTab bButtonID bButtonID theExcludeTab pExcludeTab bButtonID adjustBounds pNoAdjust ppBounds title destroy buttonUp menuButton_change buttonDown buttonStillDown adjustBounds erted within pText pInverted pExcludeTab nverted pText pInverted pExcludeTab menuButton_change theSelf bButton bButtonID fField fFieldID fFieldID bButtonID fFieldID ppBounds pEnabled fFieldID set p of this page to my uniquename vBounds vText destroy set p of this page to null buttonUp ppEnabled within menuButton_change theLocation buttonDown ppEnabled pInverted buttonStillDown ppEnabled within pInverted pInverted theLocation within theObject theLocation pInverted bButtonID bButtonID theInverted pInverted ppInverted pText fTextID theText pText fTextID pExcludeTab bButtonID bButtonID theExcludeTab pExcludeTab bButtonID adjustBounds pNoAdjust ppBounds PLast EnterPage whatRevAmI EnterPage DoPage whatRevAmI ptemplate :Rev 1.00 bookname whatRevAmI ptemplate :Rev 1.00 bookname pTextPort pTemplate concept Page 19 of 21 estroy destroy adjustBounds pText pText gTextID ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds 300,3750,9290,6270 gTextID group id 8 of page id 341 ffield Object Rights and Rights Granted with the All Properties Option are Inherited Separately It is important to remember that object rights and rights granted with the All Properties option are inherited separately. If an IRF only includes object rights, the inheritance of rights granted with the All Properties option is not affected, and vice versa. IRF affects only object rights. All Properties All Properties Object Rights: Object Rights: Property Rights: Property Rights: Rights for All Properties still flow.l IRF affects only object rights. Rights for All Properties still flow.l destroy buttonUp menuButton_change buttonDown buttonStillDown adjustBounds erted within pText pInverted pExcludeTab nverted pText pInverted pExcludeTab menuButton_change theSelf bButton bButtonID fField fFieldID fFieldID bButtonID fFieldID ppBounds pEnabled fFieldID set p of this page to my uniquename vBounds vText destroy set p of this page to null buttonUp ppEnabled within menuButton_change theLocation buttonDown ppEnabled pInverted buttonStillDown ppEnabled within pInverted pInverted theLocation within theObject theLocation pInverted bButtonID bButtonID theInverted pInverted ppInverted pText fTextID theText pText fTextID pExcludeTab bButtonID bButtonID theExcludeTab pExcludeTab bButtonID adjustBounds pNoAdjust ppBounds destroy buttonUp menuButton_change buttonDown buttonStillDown adjustBounds erted within pText pInverted pExcludeTab nverted pText pInverted pExcludeTab menuButton_change theSelf bButton bButtonID fField fFieldID fFieldID bButtonID fFieldID ppBounds pEnabled fFieldID set p of this page to my uniquename vBounds vText destroy set p of this page to null buttonUp ppEnabled within menuButton_change theLocation buttonDown ppEnabled pInverted buttonStillDown ppEnabled within pInverted pInverted theLocation within theObject theLocation pInverted bButtonID bButtonID theInverted pInverted ppInverted pText fTextID theText pText fTextID pExcludeTab bButtonID bButtonID theExcludeTab pExcludeTab bButtonID adjustBounds pNoAdjust ppBounds terpage LeavePage enterpage whatRevAmI enterpage vblueback BlueBack background blueback foreground BlueBack vComback pback2 vComback ComBack ComBack DoPage pTest pTest set wr _fb to it pCor_Fb exit_fb pExit_Fb vScript revnum quesno cor_FB wr1_FB wr2_FB wr3_FB exit_FB LeavePage HFInvert a,b,c,d whatRevAmI ptemplate :Rev 1.00 bookname .W_C ButtonUp ButtonUp A,B,C,D Select 2 choices from A, B, C, or D, and then click the Done button. pcor_fb score cor_fb wr1_fb wr2_fb wr3_fb exit_fb quesno result stroke fill_h stroke_h destroy buttonUp menuButton_change buttonDown buttonStillDown adjustBounds erted within pText pInverted pExcludeTab nverted pText pInverted pExcludeTab menuButton_change theSelf bButton bButtonID fField fFieldID fFieldID bButtonID fFieldID ppBounds pEnabled fFieldID set p of this page to my uniquename vBounds vText destroy set p of this page to null buttonUp ppEnabled within menuButton_change theLocation buttonDown ppEnabled pInverted buttonStillDown ppEnabled within pInverted pInverted theLocation within theObject theLocation pInverted bButtonID bButtonID theInverted pInverted ppInverted pText fTextID theText pText fTextID pExcludeTab bButtonID bButtonID theExcludeTab pExcludeTab bButtonID adjustBounds pNoAdjust ppBounds destroy buttonUp menuButton_change buttonDown buttonStillDown adjustBounds erted within pText pInverted pExcludeTab nverted pText pInverted pExcludeTab menuButton_change theSelf bButton bButtonID fField fFieldID fFieldID bButtonID fFieldID ppBounds pEnabled fFieldID set p of this page to my uniquename vBounds vText destroy set p of this page to null buttonUp ppEnabled within menuButton_change theLocation buttonDown ppEnabled pInverted buttonStillDown ppEnabled within pInverted pInverted theLocation within theObject theLocation pInverted bButtonID bButtonID theInverted pInverted ppInverted pText fTextID theText pText fTextID pExcludeTab bButtonID bButtonID theExcludeTab pExcludeTab bButtonID adjustBounds pNoAdjust ppBounds EnterPage whatRevAmI EnterPage DoPage whatRevAmI ptemplate :Rev 1.00 bookname whatRevAmI ptemplate :Rev 1.00 bookname pTextPort pTemplate concept Page 9 of 21 estroy destroy adjustBounds pText pText gTextID ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds 4665,1470,9285,6270 gTextID group id 11 of page id 337 ffield The object creation defaults make it easy for users to access appropriate portions of the Directory tree and the file system. For example, users can create, write to, and delete files in their own directories (under their home directory) without any special intervention by the network administrator. Users can also look at the values contained in their User object properties to be sure the information is correct and up-to-date. -to-date. I can create, write to, and delete files in my home directory. I can also look at the values contained in my User object properties. EnterPage whatRevAmI EnterPage DoPage whatRevAmI ptemplate :Rev 1.00 bookname whatRevAmI ptemplate :Rev 1.00 bookname pTextPort pTemplate concept Page 11 of 21 estroy destroy adjustBounds pText pText gTextID ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds 4665,1470,9285,6270 gTextID group id 11 of page id 338 ffield Security Design Considerations When designing a security structure for NDS, keep in mind the following considerations: - Grant other object rights along with the Supervisor right. - Use caution when granting rights to the ACL property. - Every object must have a "supervisor." - The Supervisor object right includes the Supervisor property right.property right H c h s _ A "supervisor" for every object. Use caution with the ACL property. Don't just grant the Supervisor right. s _ Supervisor object right includes Supervisor property right. EnterPage whatRevAmI EnterPage DoPage whatRevAmI ptemplate :Rev 1.00 bookname whatRevAmI ptemplate :Rev 1.00 bookname pPopup POPUP pTextPort pTemplate concept Page 15 of 21 estroy destroy adjustBounds pText pText gTextID ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds 4665,1470,9285,6270 gTextID group id 11 of page id 339 ffield The "supervisor" of a NetWare Server object automatically has the Supervisor right in the root directory of each file system volume on that server. To prevent loss of access to the file system, if the Server object does not have a "supervisor" asssigned explicitly, one will be inherited. popup fpopup borderstype rectangle buttonup buttonup popup Every object must have a "supervisor" in order to prevent the complete loss of access to an object. destroy buttonUp menuButton_change buttonDown buttonStillDown adjustBounds erted within pText pInverted pExcludeTab nverted pText pInverted pExcludeTab menuButton_change theSelf bButton bButtonID fField fFieldID fFieldID bButtonID fFieldID ppBounds pEnabled fFieldID set p of this page to my uniquename vBounds vText destroy set p of this page to null buttonUp ppEnabled within menuButton_change theLocation buttonDown ppEnabled pInverted buttonStillDown ppEnabled within pInverted pInverted theLocation within theObject theLocation pInverted bButtonID bButtonID theInverted pInverted ppInverted pText fTextID theText pText fTextID pExcludeTab bButtonID bButtonID theExcludeTab pExcludeTab bButtonID adjustBounds pNoAdjust ppBounds EnterPage whatRevAmI EnterPage popup DoPage whatRevAmI ptemplate :Rev 1.00 bookname DoPage whatRevAmI ptemplate :Rev 1.00 bookname pPopup POPUP pTextPort pTemplate concept Page 8 of 21 estroy destroy adjustBounds pText pText gTextID ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds 4665,1470,9285,6270 gTextID group id 11 of page id 326 ffield Object Creation Defaults The following default security configurations apply when you create an object: - When you create a User object, NetWare allows you to create the user's home directory and automatically assigns all rights to that directory (SRWCEMFA). - A User object is automatically made a trustee of itself with the Read property right so that the user can see his or her own properties. ly made a trustee of itself with the Read property right so that the user can see his or her own properties. it easy for users to access the portions of NDS and the file system that affect them. When I am created, you can create a user's home directory with all rights [SRWCEMFA]. I am automatically made a trustee of myself and given the Read property right. popup fpopup borderstype rectangle No definition for home directory buttonup buttonup popup nel: Right Half terpage leavePage enterpage menuButton_change enterpage ppTotNo DoPage 0,100,0 0,0,0 INDEX 0,100,0 seqno totno component StartZ leavePage INDEX 0,0,0 0,0,0 0,0,0 menuButton_change pHotTopics vPage vTopic vName theSelf >@EXT 0,0,0 INDEX 0,100,0 seqno totno component StartZ leavePage INDEX 0,0,0 0,0,0 0,0,0 menuButton_change pHotTopics vPage vTopic vName theSelf SlU|VK r N ptopic10 group id 2470 of page id 304 ptopic8 group id 2461 of page id 304 ptopic7 group id 2457 of page id 304 ptopic6 group id 2453 of page id 304 ptopic5 group id 2449 of page id 304 ptopic4 group id 2445 of page id 304 ptopic3 group id 2441 of page id 304 ptopic2 group id 2437 of page id 304 ptopic1 group id 2433 of page id 304 pColdTopics Installation - ADMIN,5 Object rights - ADMIN,5 Installation - [PUBLIC],6 Object rights - [PUBLIC],6 Object rights - \PUBLIC,7 Security configurations,8 Object rights - Creation,8 Object creation defaults,9 Granting rights with Supervisor right,12 Granting rights to Access Control List (ACL) property,13 Object rights - Supervisor,14 Server object,15 Property right,16 Design considerations,17 Property rights - Inheritance,18 All Properties option,18 Rights - Object and property,19 pHotTopics Overview,2 Objectives,3 Default Security,4 The User Object ADMIN,5 The [PUBLIC] Trustee,6 The \PUBLIC Directory,7 Object Creation Defaults,8 Security Design Considerations,11 Design Considerations for Inheritance and IRFs,17 Summary,20 pTextPort pptotno pTemplate Page 1 of 210 \,Q I >0Q u !!!!!! AAAAAA AAAAAA Index estroy destroy adjustBounds pText pText gTextID ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds A~AppBounds 3030,1470,9285,6277 AgTextID group id 1943 of page id 304 ffield Lesson Index Click Next to begin this lesson or click an Index button to jump to the topic of your choice. choice. topic1 DbButtonID button id 2431 of page id 304 EfFieldID field id 2432 of page id 304 TE:EppBounds 3405,2760,6390,3075 fEpEnabled bButton fField OverviewgyyzXx topic2 FtFbButtonID button id 2435 of page id 304 FfFieldID field id 2436 of page id 304 FppBounds 3405,3465,6390,3780 GpEnabled bButton fField Objectives topic3 HbButtonID button id 2439 of page id 304 tHPHfFieldID field id 2440 of page id 304 HppBounds 3405,4155,6390,4470 HpEnabled bButton fField Default Security topic4 IppBounds 3420,4755,6405,5280 IfTextID field id 64 of page id 154 JpEnabled BJ:JpLines xJTJbButtonID button id 2443 of page id 304 JppOffset JppLineHeight JppLines JppEnabled JfFieldID field id 2444 of page id 304 bButton fField The User Object ADMINN topic5 <L"LppBounds 3405,5535,6390,5850 nLLLfTextID field id 64 of page id 154 LpEnabled LpLines LbButtonID button id 2447 of page id 304 LppOffset MppLineHeight .M&MppLines LM@MppEnabled ^MfFieldID field id 2448 of page id 304 bButton fField The [PUBLIC] Trusteeiderations for Inheritance and IRFs topic6 NfFieldID field id 2452 of page id 304 NppEnabled NppLines OppLineHeight :O0OppOffset pOLObButtonID button id 2451 of page id 304 OpLines OpEnabled OfTextID field id 64 of page id 154 OppBounds 6285,2670,9270,3195 bButton fField The \PUBLIC Directoryy topic7 QfFieldID field id 2456 of page id 304 HQ<QppEnabled `QXQppLines QvQppLineHeight QppOffset QbButtonID button id 2455 of page id 304 QpLines QpEnabled RfTextID field id 64 of page id 154 LRppBounds 6285,3375,9270,3900 bButton fField Object Creation Defaultss topic8 ShSfFieldID field id 2460 of page id 304 SppEnabled SppLines SppLineHeight SppOffset TbButtonID button id 2459 of page id 304 LTDTpLines jT^TpEnabled TzTfTextID field id 64 of page id 154 TppBounds 6285,4080,9270,4605 bButton fField Security Design Considerations topic9 bButton fField Design Considerations for Inheritance and IRFss topic10 VpEnabled VppBounds 6285,5535,9270,5850 HW$WfFieldID field id 2469 of page id 304 ZWbButtonID button id 2468 of page id 304 bButton fField Summary000000000000000 buttonUp buttonUp dlgInit dlgInit Cancel setValue dlgBox dialog bCancel getValue bSearch getValue tindex.tbK tindex.tbk pCaller bGoto getValue pptotno pptotno Go to Page (1 - Page number is not within this component bTopMenu getValue pTopmenu bGlossary getValue glossary.tbK glossary.tbk pCaller vTopMenu vPage vStartPage vTotalPages vCaller vResult vTempInit vInit coursefile component destroy buttonUp menuButton_change buttonDown buttonStillDown adjustBounds erted within pText pInverted pExcludeTab nverted pText pInverted pExcludeTab menuButton_change theSelf bButton bButtonID fField fFieldID fFieldID bButtonID fFieldID ppBounds pEnabled fFieldID set p of this page to my uniquename vBounds vText destroy set p of this page to null buttonUp ppEnabled within menuButton_change theLocation buttonDown ppEnabled pInverted buttonStillDown ppEnabled within pInverted pInverted theLocation within theObject theLocation pInverted bButtonID bButtonID theInverted pInverted ppInverted pText fTextID theText pText fTextID pExcludeTab bButtonID bButtonID theExcludeTab pExcludeTab bButtonID adjustBounds pNoAdjust ppBounds EnterPage whatRevAmI EnterPage DoPage whatRevAmI ptemplate :Rev 1.00 bookname whatRevAmI ptemplate :Rev 1.00 bookname pPopup POPUP pTextPort pTemplate concept Page 12 of 21 estroy destroy adjustBounds pText pText gTextID ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds 4665,1470,9285,6270 gTextID group id 11 of page id 328 ffield Grant Other Object Rights Along With the Supervisor Right Granting the Supervisor object or property right automatically grants all of the other rights. Also, if the Supervisor right is subsequently blocked by an Inherited Rights Filter (IRF) or revoked, all of the other rights are removed. In this case, the object would have no rights to the other object. To avoid problems, consider what rights you want to remain if the Supervisor right is blocked and be sure to grant rights individually. (Note that these rights may also be blocked at some point.)))and Add Self). popup fpopup borderstype rectangle buttonup buttonup popup If you grant the Supervisor object right without granting other rights, and the Supervisor right is subsequently blocked by an IRF, the object may then have no rights to the other object. EnterPage whatRevAmI EnterPage DoPage whatRevAmI ptemplate :Rev 1.00 bookname whatRevAmI ptemplate :Rev 1.00 bookname pTextPort pTemplate concept Page 13 of 21 estroy destroy adjustBounds pText pText gTextID ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds 4665,1470,9285,6270 gTextID group id 11 of page id 329 ffield Use Caution When Granting Rights to the ACL Property The Access Control List (ACL) property of an object contains the names of all objects that can access that object. An object with the Write property right to the ACL property has the power to grant itself Supervisor object rights. Be aware of this as you plan your security structure so that you don't mistakenly give an object more rights than you intended. object. ded to a given object. If you have the Write property right to the ACL property, you can grant yourself Supervisor rights. An object with the Write property right to the ACL property has the power to grant itself Supervisor object rights. +9*u EnterPage whatRevAmI EnterPage DoPage whatRevAmI ptemplate :Rev 1.00 bookname whatRevAmI ptemplate :Rev 1.00 bookname pPopup POPUP pTextPort pTemplate concept Page 14 of 21 estroy destroy adjustBounds pText pText gTextID ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds 4665,1470,9285,6270 gTextID group id 11 of page id 330 ffield Every Object Must Have a "Supervisor" To prevent the complete loss of access to an object, every object must have a "supervisor." The "supervisor" of an object is any object with the Supervisor object right or the Write right to the ACL property of that object. Note that the Supervisor object right may be from an explicit trustee assignment or from inheritance. ect. The Supervisor right can come from an explicit trustee assignment on that object, or through inheritance. ect rights, you could lose access to that object. popup fpopup borderstype rectangle buttonup buttonup popup Every object must have a "supervisor" in order to prevent the complete loss of access to an object. title buttonup buttonup Do you want to exit the course? Would you like to leave a bookmark? bmark bookname pmark smark tmark result review revnum numrev revdes atmpt component tbkfile.dll review numrev revdes component BookName seqno totno bmarkfile result revnum atmpt Do you want to exit the course? Would you like to leave a bookmark? bmark bookname pmark smark tmark result review revnum numrev revdes atmpt component tbkfile.dll review numrev revdes component BookName seqno totno bmarkfile result revnum atmpt buttonup buttonup Find_Menu coursefile place buttonup buttonup Find_Menu coursefile place Index Index 3*7en buttonup buttonup 0,0,0 seqno buttonup buttonup 0,0,0 seqno buttonup buttonup \help pCaller vCaller place \help pCaller vCaller place Dialog buttonUp buttonUp dlgInit dlgInit Cancel setValue dlgBox dialog bCancel getValue bSearch getValue tindex.tbK tindex.tbk pCaller bTopMenu getValue pTopmenu bGlossary getValue glossary.tbK glossary.tbk pCaller vTopMenu vCaller vResult vTempInit vInit coursefile , "bGlossary") tbk" buttonUp buttonUp dlgInit dlgInit Cancel setValue dlgBox dialog bCancel getValue bSearch getValue tindex.tbK tindex.tbk pCaller bTopMenu getValue pTopmenu bGlossary getValue glossary.tbK glossary.tbk pCaller vTopMenu vCaller vResult vTempInit vInit coursefile dlgInit button bSearch,b19,TRUE button bGlossary,b21,TRUE button bTopMenu,b25,TRUE button bCancel,b20,FALSE dlgBox 524480,4,30,20,111,114,,,Options,8,Helv,bSearch,3.70,6.61,50.86,32.16,19,1342242816,128,Topic Search,0,bGlossary,57.87,6.61,50.86,32.16,21,1342242816,128,Glossary,0,bTopMenu,29.68,41.93,50.86,32.16,25,1342242816,128,Main Menu,0,bCancel,29.68,84.14,50.86,12.31,20,1342242817,128,Cancel,0 ctrlID Options buttonup buttonup pCaller vCaller place buttonup buttonup pCaller vCaller place title Title Screen EnterPage LeavePage EnterPage initialize 0,0,0 0,0,0 0,0,0 component LeavePage tialize 0,0,0 0,0,0 0,0,0 component LeavePage pptotno pTemplate title Controlling Access to the Directory Tree Controlling Access to the Directory Tree J#3 g Property Rights LOGIN PUBLIC SYSTEM USERS APPSUsererr LOGIN PUBLIC SYSTEM USERS APPSUsererr [PUBLIC] [PUBLIC] ADMIN ADMIN Object Rightss Property Rights Object Rightss $E ` R&O M *5$ ~ H83 . EnterPage whatRevAmI EnterPage DoPage whatRevAmI ptemplate :Rev 1.00 bookname whatRevAmI ptemplate :Rev 1.00 bookname pPopup POPUP pTextPort pTemplate concept Page 16 of 21 estroy destroy adjustBounds pText pText gTextID ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds 4665,1470,9285,6270 gTextID group id 11 of page id 331 ffield The Supervisor Object Right Includes the Supervisor Property Right When you grant the Supervisor object right, you automatically grant the Supervisor property right to all properties. Because of this, you can freely use IRFs to block access to individual properties without fear of blocking access to those whom you have given the Supervisor object right..ight..lock access to individual properties without fear of blocking access for those you have chosen to give the Supervise right. popup fpopup borderstype rectangle buttonup buttonup popup When you grant the Supervisor object right, you automatically grant the Supervisor property right to all properties. EnterPage whatRevAmI EnterPage DoPage whatRevAmI ptemplate :Rev 1.00 bookname whatRevAmI ptemplate :Rev 1.00 bookname pPopup POPUP pTextPort pTemplate concept Page 17 of 21 estroy destroy adjustBounds pText pText gTextID ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds 4665,1470,9285,6270 gTextID group id 11 of page id 332 ffield Design Considerations for Inheritance and IRFs Inheritance is a powerful tool that helps you avoid hours of work creating explicit trustee assignments. Considerations to keep in mind include: - Individual property rights are not inherited. - Object rights and rights granted with the All Properties option are inherited separately. roperty rights are not inherited - Object and All property rights are inherited separately popup fpopup borderstype rectangle buttonup buttonup popup Individual property rights are not inherited. Object rights and rights granted with the All Properties option are inherited separately. are inherited separately. Individual property rights are not inherited. Object rights and rights granted with the All Properties option are inherited separately. are inherited separately. destroy buttonUp menuButton_change buttonDown buttonStillDown adjustBounds erted within pText pInverted pExcludeTab nverted pText pInverted pExcludeTab menuButton_change theSelf bButton bButtonID fField fFieldID fFieldID bButtonID fFieldID ppBounds pEnabled fFieldID set p of this page to my uniquename vBounds vText destroy set p of this page to null buttonUp ppEnabled within menuButton_change theLocation buttonDown ppEnabled pInverted buttonStillDown ppEnabled within pInverted pInverted theLocation within theObject theLocation pInverted bButtonID bButtonID theInverted pInverted ppInverted pText fTextID theText pText fTextID pExcludeTab bButtonID bButtonID theExcludeTab pExcludeTab bButtonID adjustBounds pNoAdjust ppBounds EnterPage whatRevAmI EnterPage DoPage whatRevAmI ptemplate :Rev 1.00 bookname whatRevAmI ptemplate :Rev 1.00 bookname pTextPort pTemplate concept Page 18 of 21 estroy destroy adjustBounds pText pText gTextID ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds 4665,1470,9285,6270 gTextID group id 11 of page id 334 ffield Individual Property Rights are Not Inherited Because each type of object has different properties, individual property rights are not inherited. For example, Printer objects have a Serial Number property, which User objects do not have. If you want property rights to flow down for inheritance, you must use the All Properties option to grant rights. You can then override specific property rights on each object as needed. ach object as needed. eded. Container Object Use All Properties option to grant rights. Container Object Some can inherit rights . . . Or you can override specific property rights . . . Some can inherit rights . . . Or you can override specific property rights . . . Use All Properties option to grant rights. pFeedbackPort pTextPort pTemplate PCor_Fb Correct. The User object ADMIN has the Supervisor object right to the Root object and a User object is automatically made a trustee of itself. pTest One of your choices is correct. B, however, is incorrect. All users can "walk the tree" at installation. Please select two items again. One of your choices is correct. D, however, is incorrect. All users have access to \PUBLIC at installation. Please select two items again. B and D are incorrect. They are not default configurations. Please select two items again. pExit_fb A and C are correct. The User object ADMIN has Supervisor object rights to the Root object and a User object is automatically made a trustee of itself. Page 10 of 21 estroy destroy adjustBounds pText pText gTextID ppBounds pFeedbackPort destroy pFeedbackPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds pFeedbackPort destroy pFeedbackPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds 285,4635,4710,6270 gTextID group id 7 of page id 335 estroy destroy adjustBounds pText pText gTextID ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds gTextID group id 29 of page id 335 ppBounds 315,1485,9330,6285 The \PUBLIC directory is blocked from all objects except the user object ADMIN. A User object is automatically made a trustee of itself.x Only the network administrator can "walk the tree."can "walk the tree"""ree."" The User object ADMIN has the Supervisor object right to the Root object. Answer ButtonUp ButtonUp LChPageHi 1,2,3,4 HFInvert 1,2,3,4 0,0,0 0,100,0 exit_fb fill_h stroke_h quesno result nvert 1,2,3,4 0,0,0 0,100,0 exit_fb fill_h stroke_h quesno result Answer ffield Which two of the following are default configurations provided by NetWare v4.0 at installation?ion? buttondown buttonup buttondown HFInvert A,B,C,D 0,0,0 0,100,0 Hfinvert 0,100,0 0,0,0 buttonup HFInvert A,B,C,D 0,0,0 0,100,0 Hfinvert 0,100,0 0,0,0 buttonup buttondown buttonup buttondown HFInvert A,B,C,D 0,0,0 0,100,0 Hfinvert 0,100,0 0,0,0 buttonup HFInvert A,B,C,D 0,0,0 0,100,0 Hfinvert 0,100,0 0,0,0 buttonup buttondown buttonup buttondown HFInvert A,B,C,D 0,0,0 0,100,0 Hfinvert 0,100,0 0,0,0 buttonup HFInvert A,B,C,D 0,0,0 0,100,0 Hfinvert 0,100,0 0,0,0 buttonup buttondown buttonup buttondown HFInvert A,B,C,D 0,0,0 0,100,0 Hfinvert 0,100,0 0,0,0 buttonup HFInvert A,B,C,D 0,0,0 0,100,0 Hfinvert 0,100,0 0,0,0 buttonup Select 2 choices from A, B, C, or D, and then click the Done button.utton.. C:\TOOLBOOK\COURSE7.TBK :REPORTDATA 09 +09 FromGoTo FromGoTo curfocus altyes false InCor ActButton FromGoTo System `D|D| System `D|D| pIndex page id 232 ActButton 22.TBK" tno,bancont 4result,revnum,numrev,revdes,atmpt,component,level,bmarkfile Xuser showwindow( gsetwindowword( 9792,7200 8,-14,1024 +512) -- ** Prog. banner content here "Public Switched Telephone Network" -- ** J -- o4 digit no ( ,unit,sec,lesson) c"yes" PMark SMark TotNo TMark c"I" c"C" \ LeaveBook EnterBook LeaveBook EnterBook showwindow setwindowword setwindowword showwindow reader Public Switched Telephone Network PMark SMark TotNo TMark result revnum numrev revdes atmpt component normal result revnum numrev revdes atmpt component level bmarkfile coursefile place bookname seqno totno bancont LeaveBook normal normal normal bmarkfile stoploop LessComp(3,2,3) System gD|D| ActButton ActButton ActButton LessComp(1,1,1) LessComp(2,2,1) curfocus false scrollx field id 0 of page id 148 IdNumber of this Background = 19 field id 43 of page id 198 curfocus fD|D| FromGoTo FromGoTo FromGoTo curfocus gD|D| ActButton fD|D| FromGoTo FromGoTo field id 89 of page id 181 false gD|D| gD|D| gD|D| LessComp(2,2,2) pplaceLastDate 10432 03:00:05 PM 73874 ActButton pptottry ppbancont "ppPlace ppLevel "D"D"@ ActButton 8 of page id 232 :PRINTLAYOUT 09 +09 Title stname PrintReview `D|D| s Rmn `D|D| id 1124 of page id 261 button id 408 of page id 232 `D|D| ActButton 8 of page id 232 8 of page id 232 recordField id 1124 of page id 303 ActButton 8 of page id 232 ActButton :CONDITIONDATA IdNumber of this Background = 19 IdNumber of this Background = 19 this Background = 19 AltKey DoubleEntry DoubleEntry DoubleEntry DoubleEntry FromGoTo ActButton >mhu$ 5 of page id 185 field id 51 of page id 155 omGoTo fD|D| fD|D| DoubleEntry pplaceTime p7000LastDate p5000LastDate 08:36:21 PM p5000Time !63432 05:03:33 PM Nov 18 1992 03:06:26 PM 03:55:18 PM "p7000Time : vTemp1 6 e Directory Tree ActButton Jan 20 1993 02:38:40 PM Controlling Access to the Directory Tree System `D|D| System `D|D| !&!96740 2!true System System `D|D| !true 93657 "true "ActButton Tms Rmn `D|D| System System "LessComp(0,0,0) Jan 27 1993 02:29:50 PM #:40:21 AM "p7315LastDate 111239 #>!H#10:49:03 AM "p7315Time #D#LessComp(3,1,5) #08:17:02 PM "----------------------------------------------------------------- system quesno, ans, cor_fb, wr1_fb,revnum,scn if vblueback of this page is "show" show rectangle "BlueBack" of this background send background select rectangle "blueback" of this background set layer of selection to 1 send foreground else hide rectangle "BlueBack" of this background end if set vComback of this page to my pback2 if vComback of this page is "show" show group "ComBack" of this background else hide group "ComBack" of this background end if send DoPage set ActButton of this book to true -- ** Set scn to the scenario number. If there is no scenario -- then set scn to "" -- set scn to "" set scn to my pScn -- ** Prog. set correct answer here ("T"/"F") -- set ans to "F" set ans to my pAns -- ** Prog. set feedbacks here -- set cor_fb to " " set cor_fb to my pCor_Fb -- set wr1_fb to " " set wr1_fb to my pWr1_Fb end EnterPage to handle LeavePage set SysLockScreen to true send FInvert "true,false" clear text of field "feed" end LeavePage to handle whatRevAmI system bookname,rev push ptemplate of this page&&":Rev 1.00"&CRLF onto rev !4!push ptemplate of this page&&":Rev 1.00"&CRLF onto rev normal nner and Pagination BlueBack comback Banner Controlling Access to the Directory Tree buttonup buttonup Do you want to exit the course? Would you like to leave a bookmark? bmark bookname pmark smark tmark result review revnum numrev revdes atmpt component tbkfile.dll review numrev revdes component BookName seqno totno bmarkfile result revnum atmpt Would you like to leave a bookmark? bmark bookname pmark smark tmark result review revnum numrev revdes atmpt component tbkfile.dll review numrev revdes component BookName seqno totno bmarkfile result revnum atmpt buttonup buttonup Find_Menu coursefile place Find_Menu coursefile place Index ButtonUp ButtonUp 0,100,0 component ponent ButtonUp ButtonUp 0,100,0 component Index buttonup buttonup 0,0,0 seqno buttonup buttonup 0,0,0 seqno buttonup buttonup 0,0,0 seqno buttonup buttonup 0,0,0 seqno buttonup buttonup \help pCaller vCaller place \help pCaller vCaller place Dialog dlgInit button bSearch,b19,TRUE button bGlossary,b21,TRUE button bGoTo,b22,TRUE button bTopMenu,b25,TRUE button bCancel,b20,FALSE dlgBox 524480,5,30,20,111,116,,,Options,8,Helv,bSearch,3.70,6.07,50.86,32.16,19,1342242816,128,Topic Search,0,bGlossary,57.87,6.07,50.86,32.16,21,1342242816,128,Glossary,0,bGoTo,3.70,42.26,50.86,32.16,22,1342242816,128,Go To Page,0,bTopMenu,57.68,42.17,50.86,32.16,25,1342242816,128,Main Menu,0,bCancel,31.54,83.61,50.90,12.31,20,1342242817,128,Cancel,0 ctrlID Options buttonup buttonup pCaller vCaller place buttonup buttonup pCaller vCaller place destroy buttonUp menuButton_change buttonDown buttonStillDown adjustBounds erted within pText pInverted pExcludeTab nverted pText pInverted pExcludeTab menuButton_change theSelf bButton bButtonID fField fFieldID fFieldID bButtonID fFieldID ppBounds pEnabled fFieldID set p of this page to my uniquename vBounds vText destroy set p of this page to null buttonUp ppEnabled within menuButton_change theLocation buttonDown ppEnabled pInverted buttonStillDown ppEnabled within pInverted pInverted theLocation within theObject theLocation pInverted bButtonID bButtonID theInverted pInverted ppInverted pText fTextID theText pText fTextID pExcludeTab bButtonID bButtonID theExcludeTab pExcludeTab bButtonID adjustBounds pNoAdjust ppBounds keyUp whatRevAmI keyUp 0,0,0 0,0,0 Do you want to exit the course? Would you like to leave a bookmark? bmark bookname pmark smark tmark result review revnum numrev revdes atmpt component tbkfile.dll review numrev revdes component BookName totno bmarkfile result revnum atmpt popup seqno isCntrl isShift whatRevAmI Background Title Rev 1.00 bookname Overview Street estroy destroy adjustBounds pText pText gTextID ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds :ppBounds ApTextPort 9,<gTextID 3030,1470,9285,6277 ffield group id 235 of page id 318 NetWare v4.0 makes access to resources fast and efficient. A well-planned strategy for access control will ensure that your system is completely secure, while users have easy access to resources they are authorized to use. In order to create an effective security plan, you need to understand the default security structure from which you will be working. You also need to understand specific security rules and considerations..fully understand the details involved in planning security, however, you will want to use other Novell Education training products in addition to this lesson.n training products in addition to this lesson.ou actually create your security system.m.tem. EnterPage EnterPage DoPage DoPage Page 2 of 21 normal ` ` ` ` L o t ~ t Q L o t ~ t Q AAA!!!" ` ` 8 {F ` ` 8 )J L o t ~ t Q 4Yo < c AAA L o t ~ t Q ` rv8 Objectives estroy destroy adjustBounds pText pText gTextID ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds pTextPort gTextID 3030,1470,9285,6277 ffield group id 448 of page id 319 At the end of this lesson, you will be able to do the following: - Identify the default security structure of a new Directory tree. - Identify security design considerations. - Identify design considerations for inheritance and Inherited Rights Filters (IRFs). EnterPage EnterPage DoPage DoPage Page 3 of 21 pTextPort N AAA Summary estroy destroy adjustBounds pText pText gTextID ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds gTextID group id 815 of page id 321 ppBounds 3030,1470,9285,6277 ffield Designing security for a complex network requires careful planning. NetWare v4.0 makes this task easier by providing default security configurations, including: - The User object ADMIN with Supervisor rights - [PUBLIC] as a trustee to the Root - Access to utilities in the \PUBLIC directory - Object creation defaults When designing your security system, keep careful track of which objects have Supervisor priviledges. Consider how Supervisor rights flow down, and be sure that all objects have at least one object with the Supervisor object right. Also remember that object rights and rights granted with the All Properties option are inherited separately. Individual property rights cannot be inherited. EnterPage EnterPage DoPage DoPage Page 20 of 21 EnterPage whatRevAmI EnterPage DoPage whatRevAmI ptemplate :Rev 1.00 bookname whatRevAmI ptemplate :Rev 1.00 bookname pTextPort pTemplate concept Page 4 of 21 estroy destroy adjustBounds pText pText gTextID ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds 4665,1470,9285,6270 gTextID group id 11 of page id 322 ffield Default Security NetWare v4.0 helps you plan your security system by providing default security configurations at installation. These serve as a starting point for system-wide security design. Default security configurations affect the following areas: - The User object ADMIN - The [PUBLIC] trustee - The \PUBLIC directory - The defaults for object creation n n n faults system-wide security design. [PUBLIC] [PUBLIC] LOGIN PUBLIC SYSTEM USERS APPSUsererr LOGIN PUBLIC SYSTEM USERS APPSUsererr ADMIN ADMIN EnterPage whatRevAmI EnterPage popup DoPage whatRevAmI ptemplate :Rev 1.00 bookname DoPage whatRevAmI ptemplate :Rev 1.00 bookname pPopup POPUP pTextPort pTemplate concept Page 5 of 21A estroy destroy adjustBounds pText pText gTextID ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds 4665,1470,9285,6270 gTextID group id 11 of page id 323 ffield The User Object ADMIN The User object ADMIN is created at installation. You log in the first time as ADMIN in order to create other objects in your Directory tree. ADMIN has the Supervisor object right for the Root object, giving it all rights to all objects in the Directory tree. It also has the Supervisor object right to the NetWare Server object, giving it supervisor rights to all volumes attached to the server. Because of these extensive rights, the User object ADMIN makes initial object creation quick and efficient.quick and efficient..and efficient. I'm created at installation. I create the other objects in the Directory tree. I have the Supervisor object right to the Root object and the NetWare Server object.. ADMIN ADMIN popup fpopup borderstype rectangle No definition for object right buttonup buttonup popup EnterPage whatRevAmI EnterPage popup DoPage whatRevAmI ptemplate :Rev 1.00 bookname DoPage whatRevAmI ptemplate :Rev 1.00 bookname pPopup POPUP pTextPort pTemplate concept Page 6 of 21 estroy destroy adjustBounds pText pText gTextID ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds 4665,1470,9285,6270 gTextID group id 11 of page id 324 ffield The [PUBLIC] Trustee [PUBLIC] is a special trustee that represents all persons using network services, whether they are logged in or not. At installation, [PUBLIC] is a trustee of the Root object with the Browse object right. This grants everyone the ability to browse through and view all objects in the tree, also known as "walking the tree," even if they are not logged in. Access Control (PUBLIC) popup fpopup borderstype rectangle No definition for trustee buttonup buttonup popup hatRevAmI EnterBook whatRevAmI LeaveBook whatRevAmI :Lesson Book Rev 1.19 bookname EnterBook seconds altkey sizetopage reader setSysBooks ppTotTry ppBancont ppLevel ppPlace PMark SMark TotNo TMark result revnum numrev revdes atmpt component normal svEnterTime svTotalIdle svStartIdle result revnum numrev revdes atmpt component level bmarkfile StartZ coursefile place bookname seqno totno bancont tottry LeaveBook MMM dd y hh:min:sec AMPM set vLastTime to p time of book bmarkfile set p LastDate of book bmarkfile to vLastDate set p Time of book bmarkfile to vDiff FromGoTo vLastTime vCommand vLastDate vDiff vTotal svEnterTime svLeaveTime svTotalIdle bmarkfile place title EnterPage whatRevAmI EnterPage popup DoPage whatRevAmI ptemplate :Rev 1.00 bookname DoPage whatRevAmI ptemplate :Rev 1.00 bookname pPopup POPUP pTextPort pTemplate concept Page 7 of 21 estroy destroy adjustBounds pText pText gTextID ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds pTextPort destroy pTextPort gTextID pText fText pText fText theText adjustBounds pNoAdjust ppBounds ppBounds 4665,1470,9285,6270 gTextID group id 11 of page id 325 ffield The \PUBLIC Directory The container object holding the Volume object for the SYS: volume has Read and File Scan rights ( R F ) to the \PUBLIC directory (on the SYS: volume). This allows users to easily access network applications kept in the \PUBLIC directory. For example, the Organizational Unit Sales has Read and File Scan ( R F ) rights to the \PUBLIC directory on the SYS: volume contained within it. All users within the Sales container, therefore, have those rights ( R F ). Sales LOGIN PUBLIC SYSTEM USERS APPSUsererr ADMIN LOGIN PUBLIC SYSTEM USERS APPSUsererr ADMIN Sales has the Read and File Scan rights to the \PUBLIC directory... Sales Sales has the Read and File Scan rights to the \PUBLIC directory... popup fpopup 2borderstype rectangle No definition for \PUBLIClume buttonup buttonup popup