Glossary

A special trustee that can be added to any object, directory, or file. Rights granted to [PUBLIC] are effective for any object in NDS that does not have other effective rights.

An object in the Directory tree whose purpose is to provide a highest point to access different Country and Organization objects, and to allow trustee assignments granting rights to the entire Directory tree.

A list that contains information about an object describing which other objects can access it. It is a property of every object in the NetWare® Directory Services™ database. Trustees and the Inherited Rights Filter are contained in the ACL.

Grants a trustee the right to add or remove itself as a value of the property. This right is used only for properties that contain object names as values, such as lists of group members or mailing lists.

A User object that is created at installation. It has the Supervisor object right to all objects so that it can be used to create the Directory tree.

An object that points to another object at a different location in the Directory tree. Use it to see an object that you need to use regularly but that is not located in the context that you normally work in.

An option you can choose in order to give a trustee specific property rights to all properties at once instead of assigning rights individually to each property. While property rights assigned individually to a property cannot be inherited, rights granted with the All Properties option flow down the Directory tree to objects below.

A means of verifying that a user is authorized to use the network. Authentication works in combination with Access Control to provide network security.

A set of defined object classes.

Object classes

A network database in NetWare versions earlier than NetWare 4™. The bindery contains definitions for entities such as users, groups, and workgroups.

The container objects where bindery services is set.

Context

An object that was upgraded from a bindery-based server, but that cannot be identified. Bindery- based clients must use older NetWare utilities to access these objects through bindery emulation.

A feature of NetWare 4 that allows bindery-based utilities and clients to coexist with NetWare Directory Services on the network, using a subset of the Directory tree as if it were a bindery.

A container object and all the objects it holds, which can include other container objects.

Grants the right to see the object in the Directory tree. The name of the object is returned when a search is made that matches the object.

A partition that has a Directory tree boundary immediately below another partition.

The name of a leaf object, as displayed in the Directory tree.

Allows a trustee to compare the value of a property with another value to see if they are equal. With the Compare right, an operation can return True or False, but you cannot see the value of the property.

Distinguished Name

An object that represents a computer on the network.

An object that holds, or contains, other objects. Container objects are used to logically organize all other objects in the Directory tree. The three types of container objects are Country, Organization, and Organizational Unit.

The location of an object in the Directory tree.

An object that designates a country where your network resides and organizes other objects within the country.

Grants the right to create a new object below the designated object in the Directory tree. This right is available only for container objects.

Your current location in the Directory tree.

A text workstation utility that allows you to view or change your current context in the Directory tree.

Grants the right to delete the object from the Directory tree. To delete a container object, all subordinate objects must first be deleted.

A database that maintains, stores, and manages Directory objects that consist of categories of information, known as properties, and the data included in those properties.

The rules that define how the Directory tree is constructed. The schema define specific types of information that dictate the way information is stored in the Directory database.

Databases of information with powerful facilities for storing, accessing, managing, and using diverse kinds of information about users and resources in computing environments.

NetWare Directory Services (NDS)

A hierarchical structure of objects in the NetWare Directory Services database. The Directory tree includes container objects that are used to organize the network and leaf objects that represent resources.

A name of 1 to 32 characters assigned during installation to each Directory tree. It can contain upper- and lowercase letters, numbers, hyphens, and underscores, but no spaces or trailing underscores.

The complete name, or path, from an object to the [Root] of the Directory tree.

Relative Distinguished Name (RDN)

Databases that provide services to all network applications and users across disparate platforms including hosts, minicomputers, and network systems.

A utility that enables you to set dynamic, configurable NDS variables.

A utility that corrects problems in the NetWare Directory Services database.

The rights that an object can actually exercise to see or modify a particular directory, file, or object. An object's effective rights to a directory, file, or object are calculated by NetWare each time that object attempts an action.

A means of protecting data by providing safeguards against hazardous events such as power outages or hard disk crashes.

Allows users to log in to the network rather than to individual servers, and to gain access to all network resources.

Allow network supervisors to manage the network through MS Windows 3.x Presentation Manager*.

A leaf object listing several User objects, used to allow collective (rather than individual) network administration.

The rights granted to a trustee by a trustee assignment. These rights apply to everything below the point where the trustee assignment is made, unless another explicit trustee assignment is made or the rights are blocked by an Inherited Rights Filter.

A filter that is part of every directory, file, and object, controlling which rights a trustee can inherit from parent directories and container objects.

Allows adaptation of a network for use with multiple languages.

See also Inherited Rights Filter (IRF)>

See Local Area Network (LAN).

An NLM program that understands and controls the network board. A LAN driver serves as a link between a station's operating system and the physical network infrastructure.

An object that doesn't contain any other objects. Leaf objects are located at the end of a branch in the Directory tree.

A network located within a small area or common environment, such as in a building or a building complex.

Wide Area Network (WAN)

A list of commands that are executed when a user logs in to the network. These commands establish a user's network environment.

Three different login scripts can be executed when a user logs in: one from the user's immediate container object, one from a Profile object (if specified for the user), and one from the User object itself.

A writable replica that contains all object information for the partition. All partition operations (create, join, delete, and repair) occur from the master replica of a given partition.

Only one master replica can be defined for each partition.

Distinguishes the type of object name of an object (such as O, OU, or CN).

NetWare Directory Services (NDS)

A text utility that allows you to create objects and assign rights and properties.

A graphical utility that provides much of the same functionality as the text menu and command line utilities. With NetWare Administrator, you can perform most of the tasks in one utility.

An object-oriented implementation of directory services that allows you to build sophisticated naming schemes and databases across network-wide resources.

Directory services

A computer running the NetWare 4.1/9000 Services operating system software.

A group of computers that can communicate with each other, share peripherals (such as hard disks and printers), and access remote hosts or other networks.

A utility that enables you to view and configure NDS parameters, to monitor the internal time on a server, and to ensure that the time reported by all servers across the network is consistent.

Logical representations of network resources including users, groups, printers, volumes, computers, etc., that make up the Directory tree.

Some objects represent physical entities while others represent logical entities such as groups and print queues.

It is important to note that an object is a structure where information is stored. It is not the entity that it represents.

Property

A defined list of objects such as servers, users, and print queues used by NDS.

Rights that control access to an object as an entity are called object rights. Object rights control what trustees of an object can do with that object. Object rights do not allow the trustee to access information stored in that object's properties unless the trustee has the Supervisor object right, which includes the Supervisor property right.

A container object that helps organize other objects in the Directory tree.

A leaf object that defines a position or role within an organization. It is used to specify a position that can be filled by different people, such as a Team Leader or Vice President.

A container object, a level below the Organization object, that helps to further organize other objects in the Directory tree.

A partition that is organizationally above another partition in the Directory tree.

Relative Distinguished Name (RDN)

A logical division of the NetWare Directory Services database. A partition forms a distinct unit of data in the Directory tree that is used to store and replicate Directory information.

Each partition consists of a container object, all objects contained in it, and data about those objects. Partitions do not include any information about the file system or the directories and files contained there.

The text workstation utility that can create, modify, and delete partitions and replicas.

A time source server that synchronizes the time with at least one other Primary or Reference time server and provides the time to Secondary time servers and to clients.

Time synchronization

A leaf object that represents the print queue and contains its properties.

A leaf object that represents a network print server.

A leaf object that represents a physical printing device on the network.

A leaf object that represents a login script that is used by a special group of users who need to share common login script commands.

It can be used for users who are not located under the same container in the Directory tree or who are a subset of users in the same container.

A characteristic of a NetWare Directory Services object such as name, volume, login name, password restrictions, group membership, etc.

Some properties can contain multiple values, such as multiple telephone numbers.

Object

Rights that apply to the properties of a NetWare Directory Services object.

Convention or rule used by a program or operating system to communicate between multiple endpoints.

A directory on SYS where NetWare utilities and their related files are copied to during installation.

The right to read the values of an object's properties, assigned on a per property basis.

A type of replica that can be read but not written to by any user.

A type of replica that can be read and written to by any user. However, it cannot be used for partition operations such as create, join, delete, and rebuild.

A time source server that provides a time to which all other time servers and clients synchronize.

Time synchronization

The context, or path, from an object to another object of the Directory tree.

Distinguished Name

Allows you to change the name of the object. This changes the value of the naming property. Only the last part of the complete name can be changed with this right.

For example, if you have the Rename object right on a Printer object, you can rename that Printer object so that its complete name changes from CN=HR_Printer.OU=Personnel.O=Nov ell to CN=Personnel_Printer.OU=Personnel. O=Novell.

A copy of a NetWare Directory Services database partition's information. An unlimited number of replicas can be created for each partition, and they can be stored on any server in the network.

There are three types of replicas: master, read/write, and read-only.

The collection of replica properties of a partition.

Replica list

The highest directory level in the NetWare file system hierarchical directory structure. With NetWare, the root directory is at the volume level and all other directories are subdirectories of the volume.

The first partition that is created (at the top of the tree) which includes the [Root] object.

Service Advertising Protocol (SAP)

Directory schema

A time server that obtains the time from a Single Reference, Primary, or Reference time server and provides the time to clients.

Time synchronization

A leaf object that represents a server. Information about its location can be stored in its properties.

A protocol that provides a way for services to advertise on a NetWare internetwork.

A time source server that provides time to Secondary time servers and to clients. It is the sole source of time on the network.

Time synchronization

A type of replica that is automatically placed on a server if the parent Directory partition has a master, read/write, or read-only replica and the child Directory partition does not. Subordinate replicas cannot be modified.

A branch of a Directory tree partition.

Grants all access privileges to an object. A trustee who has the Supervisor right automatically has access to all properties of an object.

The Supervisor right can be blocked by the Inherited Rights Filter, both for objects below the object where Supervisor is assigned and for individual properties of an object.

Grants all access privileges. A trustee who has the Supervisor right automatically has all other rights to the property.

The Supervisor right can be blocked by the Inherited Rights Filter, both for objects below the object where Supervisor is assigned and for individual properties of an object.

A means of ensuring that replicas of a Directory partition contain the same information as other replicas of that partition. Replica synchronization updates the replicas and runs periodically at a cycle controlled by the network supervisor.

Replica

One of the two main types of utilities available, the other being graphical utilities. There are two categories of text utilities: command line utilities and menu utilities.

A server which provides time to the system. There are four types of time server: Primary, Reference, Secondary, and Single Reference.

Time synchronization

The server that provides time to the network. These are three types of time source servers: Single Reference, Primary, and Reference.

A unique code that identifies an event and includes the time it occurred. It is reported by the Directory tree at the time of an event such as a password change.

NetWare Directory Services uses this to establish event order, record real-world times, and set expiration dates.

A method of ensuring that all servers in a Directory tree report the same time.

In systems with a Single Reference time server or a Reference time server, all other servers synchronize to them.

Primary and Secondary time servers synchronize with other Primary or Reference time servers and provide time to Secondary time servers.

Directory tree

Directory tree name

A user or group that has been granted rights to work with a directory, file, or object.

Trustee assignments

Rights granted to an object to perform actions on another object or its properties, on a file, or on a directory.

In the NetWare Administrator utility, trustee assignments granting rights to an object can be viewed by selecting the object and choosing "Trustees" from the "Object menu." Trustee assignments are stored in the Access Control List (ACL) property of every object.

A utility that enables you to force an immediate time synchronization with the network.

The object name that includes the name type (OU, O, etc.) of each object when identifying the Distinguished Name of that object.

The object name that excludes the name type (OU, O, etc.) of each object when identifying the Distinguished Name of that object.

A text utility that allows the network supervisor to import User objects from an existing database.

A leaf object that represents a person who uses the network. Its properties can store information such as a telephone number, address, group membership, etc.

The contents of an object property. Many properties can have multiple values, such as a telephone number property containing three different telephone numbers. Each telephone number is a value of the property.

Access rights control access to a property, but not to individual values of a property.

A leaf object that represents a physical volume on the network. Its properties can store information about its location, owner, space use restrictions, etc.

Wide Area Network (WAN)

A network that communicates over a long distance, such as across a city or around the world. It can be comprised of or incorporate one or more local area networks.

Local Area Network (LAN)

Allows a trustee to add, change, or remove any value of a property. If the Write right is given, Add Self is disabled because Write includes its functionality.