Novell Netware 6 Documentation

NetWare 6 Readme
Novell
NetWare 6
www.novell.com
6.0
README
October 25, 2001

Novell Confidential
Manual
99a
38
July 17, 2001
Legal Notices
Novell, Inc. makes no representations or warranties with respect to the contents or use of this documentation, and
specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose.
Further, Novell, Inc. reserves the right to revise this publication and to make changes to its content, at any time,
without obligation to notify any person or entity of such revisions or changes.
Further, Novell, Inc. makes no representations or warranties with respect to any software, and specifically disclaims
any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc.
reserves the right to make changes to any and all parts of Novell software, at any time, without any obligation to
notify any person or entity of such changes.
This product may require export authorization from the U.S. Department of Commerce prior to exporting from the
U.S. or Canada.
Copyright 2001 Novell, Inc. All rights reserved. No part of this publication may be reproduced, photocopied,
stored on a retrieval system, or transmitted without the express written consent of the publisher.
U.S. Patent No. 5,157,663; 5,349,642; 5,455,932; 5,553,139; 5,553,143; 5,572,528; 5,594,863; 5,608,903;
5,633,931; 5,652,859; 5,671,414; 5,677,851; 5,692,129; 5,701,459; 5,717,912; 5,758,069; 5,758,344; 5,781,724;
5,781,724; 5,781,733; 5,784,560; 5,787,439; 5,818,936; 5,828,882; 5,832,274; 5,832,275; 5,832,483; 5,832,487;
5,850,565; 5,859,978; 5,870,561; 5,870,739; 5,873,079; 5,878,415; 5,878,434; 5,884,304; 5,893,116; 5,893,118;
5,903,650; 5,903,720; 5,905,860; 5,910,803; 5,913,025; 5,913,209; 5,915,253; 5,925,108; 5,933,503; 5,933,826;
5,946,002; 5,946,467; 5,950,198; 5,956,718; 5,956,745; 5,964,872; 5,974,474; 5,983,223; 5,983,234; 5,987,471;
5,991,771; 5,991,810; 6,002,398; 6,014,667; 6,015,132; 6,016,499; 6,029,247; 6,047,289; 6,052,724; 6,061,743;
6,065,017; 6,094,672; 6,098,090; 6,105,062; 6,105,132; 6,115,039; 6,119,122; 6,144,959; 6,151,688; 6,157,925;
6,167,393; 6,173,289; 6,192,365; 6,216,123; 6,219,652; 6,229,809. Patents Pending.
Novell, Inc.
1800 South Novell Place
Provo, UT 84606
U.S.A.
www.novell.com
NetWare 6 Readme
October 2001
103-000171-001
Online Documentation: To access the online documentation for this and other Novell products, and to get
updates, see www.novell.com/documentation.
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Novell Trademarks
ConsoleOne is a trademark of Novell, Inc.
DirXML is a trademark of Novell, Inc.
eDirectory is a trademark of Novell, Inc.
GroupWise is a registered trademark of Novell, Inc. in the United States and other countries.
Hardware Specific Module and HSM are trademarks of Novell, Inc.
Internetwork Packet Exchange and IPX are trademarks of Novell, Inc.
IPX/SPX is a trademark of Novell, Inc.
Link Support Layer and LSL are trademarks of Novell, Inc.
Media Support Module and MSM are trademarks of Novell, Inc.
NetWare is a registered trademark of Novell, Inc. in the United States and other countries.
NetWare Core Protocol and NCP are trademarks of Novell, Inc.
NetWare Loadable Module and NLM are trademarks of Novell, Inc.
NMAS is a trademark of Novell, Inc.
Novell is a registered trademark of Novell, Inc. in the United States and other countries.
Novell BorderManager is a trademark of Novell, Inc.
Novell Certificate Server is a trademark of Novell, Inc.
Novell Client is a trademark of Novell, Inc.
Novell Cluster Services is a trademark of Novell, Inc.
Novell Directory Services and NDS are registered trademarks of Novell, Inc. in the United States and other
countries.
Novell Distributed Print Services is a trademark and NDPS is a registered trademark of Novell, Inc. in the United
States and other countries.
Novell iFolder is a trademark of Novell, Inc.
Novell Internet Messaging System and NIMS are trademarks of Novell, Inc.
Novell OnDemand Services is a trademark of Novell, Inc.
Novell Storage Services is a trademark of Novell, Inc.
Open Data-Link Interface and ODI are trademarks of Novell, Inc.
Sequenced Packet Exchange and SPX are trademarks of Novell, Inc.
Storage Management Services and SMS are trademarks of Novell, Inc.
Topology Specific Module and TSM are trademarks of Novell, Inc.
Transaction Tracking System and TTS are trademarks of Novell, Inc.
ZENworks is a trademark of Novell, Inc.
Third-Party Trademarks
All third-party trademarks are the property of their respective owners.
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
37
June 14, 2001
Contents
NetWare 6 Readme
General Information
Installation and Upgrade
13
Before the Installation or Upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

During the Installation or Upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
After the Installation or Upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
ConsoleOne 1.3
21
DNS/DHCP
25
iManage 1.0 and iMonitor 1.5 for Novell eDirectory 8.6
27
iManage 1.0 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
iMonitor 1.5. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
iPrint/NDPS
33
IPX Dependencies
37
NetWare Enterprise Web Server
39
NetWare FTP Server
41
10 NetWare Migration Wizard 6
43
11 NetWare WebAccess
45
12 NetWare Web Manager
47
13 NetWare Web Search Server
49
14 Novell Advanced Audit Service
51
15 Novell Certificate Server
55
16 Novell Client for Windows
57
17 Novell Cluster Services
59
Installation/Upgrade Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
Other Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
Contents
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
99a
June 14, 2001
37
18 Novell Compatibility Mode Driver
63
19 Novell eDirectory 8.6 for NetWare
65
20 Novell GroupWise
67
21 Novell iFolder
69
22 Novell International Cryptographic Infrastructure (NICI)
71
23 Novell Modular Authentication Service (NMAS)
73
24 Novell Native File Access Protocols

General Issues . . . .
Macintosh / AFP Issues
Windows / CIFS Issues
UNIX / NFS Issues . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
75
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
75
78
80
82
25 Novell NetDrive
85
26 Novell NetStorage
87
27 Novell Storage Services
89
28 Novell TCP/IP
91
29 Pervasive.SQL
93
30 Scripting Products
95
31 Storage Management Services (SMS)
97
Backup and Restore Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Client Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Other Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
32 Third-Party Adapters, Drivers, and Applications
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
97
98
99
101
Manual
99a
38
July 17, 2001
NetWare 6 Readme
This document provides information on known issues and limitations for
NetWare 6. The issues are divided into sections based on product features.
Use the Table of Contents or the Search feature to locate the information you
need.
For information about additional issues discovered after the release, see the
Novell Support Knowlegebase (http://support.novell.com/search/
kb_index.jsp) and enter TID #10064501.
Complete information describing system requirements; installation,
configuration, and optimization procedures; and administration tasks is
available in the documentation provided on CD or online.
Documentation Conventions
In this documentation, a greater-than symbol (>) is used to separate actions

within a step and items in a cross-reference path.
Also, a trademark symbol (, TM, etc.) denotes a Novell trademark. An
asterisk (*) denotes a third-party trademark.
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
July 17, 2001
38
General Information
This chapter contains general information about the NetWare 6 release.
For information about additional issues discovered after the release, see the
Novell Support Knowlegebase (http://support.novell.com/search/
kb_index.jsp) and enter TID #10064501.
NetWare 6 Contents
The NetWare 6 package consists of the following:

Operating System CD
Client CD
Novell ClientTM 4.81 for Windows* NT*/2000
Novell Client 3.31 for Windows 95/98
NMAS Client 2.0
NICI Client 1.5.7 for Windows
NICI Client 2.0.2 for Windows
Novell NetDrive Client 4.0
Novell ConsoleOneTM 1.3 with snap-ins
Documentation CD
NOTE: We welcome your feedback about the completeness, accuracy, and
accessibility of the NetWare 6 documentation. Please send your comments to

webdoc@novell.com (mailto:webdoc@novell.com?subject=NetWare%206) with
NetWare 6 in the subject line.
General Information
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
MP-Enabled Components
The following core NetWare 6 components are MP-enabled:

Core operating system
ODITM (including LSLTM, LAN, TSMTM, MSMTM, HSMTM)
TCP/IP
NCP/IP
Winsock (including NILE and BSD)
CLIB BSD calls
Novell Storage ServicesTM file system
Novell eDirectoryTM, including LDAP
Novell JVM for NetWare
Novell Modular Authentication Service (NMASTM)
Novell Cluster ServicesTM
NetWare Web Search
NetWare FTP Server
Scripting products (NSN, Perl, and UCS)
All other NetWare 6 components included with this release function in an MP
environment.
Compatibility with Other Novell Products
The following Novell products are compatible with NetWare 6:

Account Management 2.1 for Windows 2000
DirXMLTM 1.01
GroupWise 5.5 Enhancement Pack 3 and GroupWise 6
iChain 1.5 and 2.0
Novell BorderManagerTM 3.6 Support Pack 1a
Novell Internet Messaging SystemTM (NIMSTM) 2.6 and 3.0
Novell OnDemand ServicesTM 1.0
10
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Novell Portal Services 1.0

Novell Single Sign-on 2.1
If you install Novell Single Sign-on to a NetWare 6 server that is not an
SD Key Server and you select No when prompted to make the server an
SD Key Server, you may see messages indicating that Novell Single Signon did not successfully install. The messages and entries in the log file
(sys:system\sssi.log) falsely indicate that the SD Key Client and Secret
Store Service were not installed successfully.
Despite these messages, SSS.NLM is correctly installed, the schema is
extended, and Novell Single Sign-On should function properly in the tree.
Novell ZENworksTM for Desktops 3.0 Support Pack 1 and Novell
ZENworks for Desktops 3.2
Novell ZENworks for Servers 2 with the latest Support Pack
There are some compatibility issues using NetWare 6 with ZENworks for
Servers 2. For an explanation of the issues and their resolution, see the
ZENworks for Servers 2 online documentation (http://www.novell.com/
documentation/lg/zfs2/index.html).
NetWare 5.1 Products Not Included in NetWare 6
NIAS components that enable NetWare to function as a WAN or RAS

(dial-up) gateway
If you are upgrading from a previous version of NetWare, your INITSYS
files might need to be edited to remove WAN components that are
autoloaded.
Novell Servlet Gateway
This functionality is now provided by the Tomcat servlet engine.
IBM* WebSphere* application server
This has been replaced by the Tomcat servlet engine. If you are using a
previous version of WebSphere on NetWare, you can use the WebSphereto-Tomcat migration utility included with NetWare 6. For instructions on
using the utility, see Migrating from WebSphere to Tomcat in Getting
Results with Novell Web Services.
Collabra News Server and Novell Media Server
During an upgrade from a NetWare 5.1 server, these products are
removed without warning.
General Information
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
11
Manual
99a
38
July 17, 2001
Client DOS Utilities
Many DOS utilities have been removed from NetWare 6. The following
utilities are still included for your convenience, but they are not supported:
CAPTURE
CX
FILER
LOGIN
LOGOUT
MAP
NCOPY
NDIR
NetWare Administrator
NLIST
NPRINTER
RIGHTS
International Issues
Euro Character. There are several places throughout Netware 6 where the
euro character is displayed as its hex value [20AC]. This happens
because the server code page does not support some of the newer
extended characters, including the euro. Although the hex value of the
euro is displayed in a few locations, the integrity of the object containing
the euro character should remain intact.
Web Page Encoding Issue. To properly display international text in your
Web browser, the proper Code Page must be selected for that language.
From the main browser menu, click View > Encoding. Then select the
proper Code Page for the language you want to display. If the correct
Code Page is not selected, you might see question marks or corrupted
text.
12
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

This chapter contains the following subsections:
Before the Installation or Upgrade on page 13
During the Installation or Upgrade on page 16
After the Installation or Upgrade on page 18
You should also review the other sections of this Readme for additional
installation and upgrade issues.
For complete instructions on preparing the network and installing or
upgrading to NetWare 6, see the NetWare 6 Overview and Installation Guide.
IMPORTANT: Upgrades from any Beta version of NetWare 6 to the shipping
version of the product are not supported.
Before the Installation or Upgrade

Upgrading with NetWare Accelerated Upgrade
Do not use NetWare Accelerated Upgrade to upgrade the first server in the tree
to NetWare 6you must use the NetWare 6 installation program. After you
upgrade or install the first NetWare 6 server using the installation program,
you can then use NetWare Accelerated Upgrade to upgrade other servers in the
tree.
NetWare Accelerated Upgrade is intended for use by network administrators
who are skilled at troubleshooting and installing NetWare networks.
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
13
Manual
99a
38
July 17, 2001
Upgrading NetWare 5 Servers with NDS 7 and NSS Volumes
A NetWare 5 server with NDS 7 and NSS volumes is inaccessible after

completing the Prepare a Server with NDS 7 and NSS step in NetWare
Deployment Manager. For this reason, complete this step just before you
upgrade to NetWare 6.
Update NetWare 5 Servers Running NMAS before Installing Novell
Native File Access Protocols
Before installing Novell Native File Access Protocols (as part of the
NetWare 6 installation or otherwise), all NetWare 5 and NetWare 5.1 servers
(in the tree) running NMAS must be updated to NMASTM 2.0.1, NICI 2.0.1,
and ConsoleOneTM 1.3.2.
NMAS 2.0.1, NICI 2.0.1, and ConsoleOne 1.3.2 updates and instructions are
available at www.novell.com/downloads.
NetWare 4.11 Upgrades
NetWare 4.11 requires that Support Pack 8 or later be installed before

upgrading. The requirement was accidentally omitted from the Upgrade to
NetWare 6 > Meet System and Software Requirements section of the printed
NetWare 6 Overview and Installation manual.
Mixed NDS Environments and Synchronization -628 Errors
If your network includes servers running NetWare 5 with NDS eDirectoryTM

8.5 (Build 85.00), NetWare 5 with NDS eDirectory servers in the same replica
ring with NetWare 4 servers, or NetWare 5 with NDS 7 servers, you must
update NDS before installing a NetWare 6 server. (You must also complete the
Network Preparation tasks in NetWare Deployment Manager.)
If you do not update NDS, -628 errors will occur during synchronization. For
information on updating NDS to the proper version number, see http://
support.novell.com/cgi-bin/search/searchtid.cgi?/10063534.htm (http://
support.novell.com/cgi-bin/search/searchtid.cgi?/10063534.htm).
NDS updates are available on the Novell Support Web site (http://
support.novell.com).
Prepare the Schema before Upgrading or Installing
Before you install or upgrade to NetWare 6 on an existing network, make sure

to complete all relevant steps in the "Network Preparation" section of NetWare
14
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Deployment Manager and specifically complete Step 3: Prepare for NDS

eDirectory 8.6. This step identifies and updates a server on the network that
holds the Master or Read/Write replica of the Root of the tree.
NetWare Deployment Manager (NWDEPLOY.EXE) runs on a Windows
workstation and is located on the NetWare Operating System CD.
For complete instructions on preparing the network, see the NetWare 6
Overview and Installation Guide.
Video Driver for NetWare Deployment Manager on Windows 2000
NetWare Deployment Manager might not run on Windows 2000 computers

with the Matrox G400 video driver. To fix the problem, download and install
the latest video driver from Matrox (http://www.matrox.com).
Using a Compaq ML530 Computer
NetWare 6 will not install on the Compaq* ML530 computer unless the
ML530 ROM has been flashed (updated) using Compaq's SmartStart 5.1 or
later. The ROM flash utility from Compaq's SmartStart 5.0 or earlier is not
sufficient. If the ROM is not updated, the NetWare 6 installation might hang
while configuring IP addresses.
Accelerated Upgrade: Removing Unsupported LAN Drivers
To avoid any problems, upgrade your LAN drivers before using NetWare
Accelerated Upgrade to upgrade your server to NetWare 6.
If you did not select the Auto-detect Computer Hardware after Rebooting
option, NetWare Accelerated Upgrade will not automatically update any old
LAN drivers and you might not be able to connect to your server. To correct
this problem, unload or remove any unsupported drivers and then load the
corresponding supported NetWare 6 drivers. After the upgrade is finished,
modify the AUTOEXEC.NCF file to reflect any name changes.
If you did not upgrade your LAN drivers before upgrading to NetWare 6 and
you have old hardware, select the Auto-detect Computer Hardware after
Rebooting option. If you do this, NetWare Accelerated Upgrade automatically
replaces any old LAN drivers with NetWare 6 LAN drivers.
NOTE: Some LAN driver hardware is no longer supported on NetWare 6.
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
15
Manual
99a
38
July 17, 2001
During the Installation or Upgrade

Copying and Overwriting Existing Files
Because all the components of NetWare 6 have been tested as a whole, you
should select Overwrite on all files that report a new date conflict during an
upgrade.
Installing from a Bootable CD
If your server supports a bootable CD-ROM and you want to boot to the
NetWare Operating System CD, make sure that the machine boot order
specifies that the CD boots before the hard drive. This ensures that the CD is
available for booting and formatting the hard disk.
To boot to the NetWare Operating System CD, the server must have a ROM
BIOS that fully supports the El Torito specification. Booting on a machine
where the specification is not supported might result in hangs after starting
Caldera* DR DOS* or in messages such as No operating system found. If
your computer or storage adapter is not working, contact the vendor for an
updated BIOS.
If you boot the CD to install NetWare using an existing DOS partition, it must
not be a FAT32 partition. The DOS that boots on the CD does not recognize
FAT32 partitions and will not be able to write to the drive. To install with a
FAT32 partition, you must boot a FAT32-compatible DOS and then run
INSTALL.BAT either from the CD or a network drive.
Installing Only IPX
Most NetWare 6 services require IP. If you choose to install IPXTM only, you
will have very limited functionality. Installing IP as the default protocol is
highly recommended.
Installing IPX after Installing IP Only
If during the installation you select IP only, the server ID number is removed
from the AUTOEXEC.NCF at the end of the installation. It is used only for
IPX-needed configurations (IP/IPX and IP/SCMD). If you decide to add IPX
to your server later after initially installing IP only, you will need to add the
SERVERID xxxxxxxx line to your AUTOEXEC.NCF after the server name to
use IPX services on the server.
16
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Installing a NetWare 5.1 Server into a Tree with a NetWare 6 SDI

Server
When installing a NetWare 5.1 server into a tree with a NetWare 6 Security
Domain Infrastructure (SDI) server, the installation fails with a 125 error
due to a security upgrade.
The following error message is displayed:
Error while Contacting Security Domain Infrastructure Key
Server: NW6_1.Servers.RCH.TX.HCSC
Error #125
If the Security Domain Infrastructure server in the NDSPKI:SD Key Server

DN attribute in the Security.KAP.WO container is a NetWare 6 server, then a
NetWare 5.1 server installation into the tree will fail with this error.
This error happens during the final file copy and shows up as part of the Novell
Certificate ServerTM installation. To complete the installation of the NetWare
5.1 server, complete the following steps:
1 Install the NetWare 5.1 server standalone (into its own tree).
2 Delete the file SYS:SYSTEM\NICI\NICISDI.KEY.
3 Update the NetWare 5.1 server to NICI 2.0.1 or later.
You can download this version of NICI from the Novell download site.
4 Using NWCONFIG, uninstall eDirectory on the NetWare 5.1 server.
5 Using NWCONFIG, install eDirectory onto this server and specify to
install the server into the existing NetWare 6 tree.

6 Run the Novell Certificate Server installation either from the server
console or through the NetWare Deployment Manager.

The Certificate Server installation automatically creates the necessary
security objects.
7 Configure products that use SSL certificates, such as LDAP, Web Server,
etc., to use the new certificates.

Accelerated Upgrade: Installing Apache Web Server
Because NetWare Accelerated Upgrade does not install or update any

software applications outside of the core NetWare operating system, the
Apache Web server is not upgraded/installed during the upgrade. The
following products are dependent on Apache: Novell iFolder, NetWare Web
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
17
Manual
99a
38
July 17, 2001
Search, iManage, NetWare Web Access, and Novell NetStorage. If you plan
to install any of these products after the upgrade, make sure that you install the
Apache Web server first.
After the Installation or Upgrade

Missing Device Drivers
The server installation program copies to a startup directory

(C:\NWSERVER) only drivers (such as HAMs, CDMs and PSMs) for devices
that were auto-detected during the installation process. If you attempt to load
a HAM, CDM, or PSM that was not auto-detected during installation and it
fails to load, copy the appropriate driver from the C:\NWSERVER\DRIVERS
directory to the C:\NWSERVER directory and then load the driver again.
Status of Old LAN and WAN Files
After an upgrade to NetWare 6, old LAN and WAN files will not be deleted.
These old files might not be supported in a NetWare 6 environment.
To Speed Up the Post-Installation Utility
If performance of the post-installation utility and other Java* applications is

slow, then change the VM Cache Pool Percentage SET parameter by entering
the following command at the server console:
SET VM CACHE POOL PERCENTAGE = 30
Performance of the post-installation program and some Java applications is
significantly improved with this change. The changes are saved by the
operating system and remain even if the server is rebooted.
Update SMS Components
A new release of Storage Management Services (SMS) is available at the

Novell Support Web site (http://support.novell.com). This release contains
important fixes to the SMS components delivered with NetWare 6.
The fixes ensure compatibility between earlier versions of NetWare and the
NetWare 6 SMS modules. In addition, the patch includes updates to SMS
components (including SMDR and TSA), which have made the product more
stable and robust.
18
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
To maintain backup and restore services on NetWare 6 and your network, you
must install the patch. The patch will supersede the SMS modules installed by
default during the NetWare 6 installation.
For more information, see the Readme included with the patch.
Agent Installation for GroupWise 6 Replaces LDAP Files Needed by
iFolder
The Agent Installation program for GroupWise 6 lets you overwrite LDAP
modules that consequently disable iFolder running on NetWare 6. To avoid
this problem, select No when prompted to overwrite the LDAP modules
during GroupWise Agent Installation. The LDAP module includes:
LDAPSDK.NLM
LDAPSSL.NLM
LDAPX.NLM
If these files are overwritten (by selecting Yes), you must manually copy the
files from the NetWare 6 Operating System CD before iFolder will run on
NetWare 6.
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
19
Manual
20
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
July 17, 2001
38
ConsoleOne 1.3
Installing the NICI Client
Some of the ConsoleOne snap-ins for NetWare 6 require the NICI Client. To
use those snap-ins, you must install NICI on every workstation where you will
use ConsoleOne.
IMPORTANT: Two versions of NICI are provided for Windows platforms: 1.5.7
and 2.0.2. We recommend that you install both versions.

NICI 1.5.7 is implemented as a kernel driver, while NICI 2.0.2 is implemented as a
shared DLL. Applications using NICI 1.5.7 will not work if only NICI 2.0.2 is
installed. Likewise, new applications will require at least NICI version 2.0.2. Both
NICI versions can be installed on the same Windows workstations, providing
support for all applications.
A Client CD containing the NICI client for Microsoft* Windows operating

systems is included with NetWare 6. NICI clients for Solaris* and Linux* can
be found on the Novell software download page (http://www.novell.com/
download).
To install the NICI client from the Client CD, insert the CD. An autorun
application begins. Select the NICI client from the list.
Running ConsoleOne on the NetWare Server Console
For best performance, we recommend that you install ConsoleOne on a

workstation. Use the NetWare 6 Client CD to install ConsoleOne and snap-ins
onto your workstation.
Losing Connection to ConsoleOne after Cluster
After a node in the cluster dies, you should log out and then log back in to see
the Cluster View in ConsoleOne.
ConsoleOne 1.3
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
21
Manual
99a
38
July 17, 2001
ConsoleOne Is Not Refreshing Properly
With 3D mouse pointer software installed on a machine running ConsoleOne,

the screen might appear to not refresh properly.
To solve this problem, remove the 3D mouse pointers.
For more information on this issue, refer to Solution #10058840 (http://
ConsoleOne Does Not See the Tree
In a pure IP environment, ConsoleOne does not see the eDirectoryTM tree of

the server that ConsoleOne is running on.
To fix this, make the following changes in the AUTOEXEC.NCF file:
Add the statement LOAD SCMD.NLM after the LOAD and BIND
statements for TCPIP.
Add IPX to the serverID. For information on the serverID format, see
Chapter 7, IPX Dependencies, on page 37.
Then restart the server.
For more information on this issue, refer to Solution #2943528 (http://
Administering Volumes and Files Using Novell Client for Windows 95/
98
There is a defect in earlier versions of Novell ClientTM for Windows 95/98 that
causes problems when you try to administer volumes and files in ConsoleOne.
(This is not a problem with Windows NT or 2000.) This defect has been
resolved in the Novell Client that ships with NetWare 6.
If you are using an earlier version of the Client, you should disable caching on
Windows 95/98 by modifying several settings in the Client properties panel.
1 Right-click the red N in the system tray.
2 Click Novell Client Properties > Advanced Settings.
3 For each of the following options, adjust the setting as specified:
22
Option
Setting
Cache Writes
Change from On to Off.
Delay Writes
Change from On to Off.
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Option
Setting
File Cache Level
Change from 3 to 0.
File Write Through
Change from Off to On.
True Commit
Change from Off to On.
4 Click OK.
Support for the Hong Kong Supplementary Character Set
This release of ConsoleOne does not support the Hong Kong Supplementary
Character Set (HKSCS). We are currently working on a patch to allow HKSCS
support in future releases of ConsoleOne.
ConsoleOne 1.3
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
23
Manual
24
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
DNS/DHCP
Known Issues
The Novell iManage browser-based DNS/DHCP management utility

does not support the following:
IPV6.INT zones
Configuring DHCP Option 60
Pooled Mac addresses (Use the Java Management tool to manage
this feature.)
While importing the DHCP configuration, a default subnet address range
is automatically created. The DHCP Server reference is not automatically
updated; you can manually update the server reference later.
Special Instructions
For improved performance, configure the DNS/DHCP scope settings

before you start using the Novell iManage browser-based DNS/DHCP
management utility.
The recommended settings for the Novell iManage browser-based DNS/
DHCP management utility are as follows:
Display Settings
Font Size
Browser Text Size
800 * 600
Small
Medium to Smallest
1024 * 768
Small
Largest to Smallest
DNS/DHCP
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
25
Manual
99a
38
July 17, 2001
While importing the DHCP configuration, if the subnet address range

contains a reference to an external DHCP server, this reference is
automatically replaced by a reference to the default DHCP server that you
specify.
The Novell DNS and DHCP servers are based on ISC BIND Version 4.9.6
and ISC DHCP Version 2.
26
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
iManage 1.0 and iMonitor 1.5 for

Novell eDirectory 8.6
iManage 1.0 on page 27
iMonitor 1.5 on page 31
iManage 1.0
Associating a Role to a Scope
If you add a member to a role and then try to associate that role to a scope that
does not exist, you will get an error message. Click OK to clear the error
message.
Creating Objects with European Characters
To create objects in iManage containing European characters, set your

browser locale to any European language. Even if you set your locale back to
English, you can now create and view objects containing European characters.
Using Internet Explorer 5.5, do the following:
1 Click Tools > Internet Options.
2 Click Language > Add.
3 Select a European language (such as Portuguese or German) and then
click OK.
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
27
Manual
99a
38
July 17, 2001
Setting Up Encoding for Foreign Languages
If you are experiencing problems with correct character display in iManage,

you should verify that your browser's language and character set encoding are
configured properly.
To enable iManage to display information in the language you expect, you
need to
Set your browser's language preference to the appropriate language
Select the encoding that supports your browser's language
Setting Your Browser's Language

1 Click Tools > Internet Options to display the Internet Options dialog box.
2 On the General page, click Languages.
3 Add your language to the list and make your language the first language
in the list.
4 Click OK to save the changes and then close your browser.
5 Open your browser and log in to iManage.
Selecting the Correct Encoding
When your browser receives encoded iManage information, it uses the

currently selected character set encoding to display the information. For this
reason, you need to make sure that you've selected the correct character set
encoding for your browser's language.
1 Click View > Encoding to display the Encoding submenu.
2 Click the appropriate character-set encoding for your language.
IMPORTANT: On Windows workstations, iManage uses Windows encoding to
display characters. On other platforms, iManage uses ISO encoding. If both

encoding types are displayed, select the type that is appropriate for your platform.
Creating New Roles
If you have more than one rbsCollection in your tree and you create a new role
in one rbsCollection and assign tasks to that role from another rbsCollection,
users will not be able to see their assigned roles and tasks when they log in to
iManage.
28
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
When creating new rbsRole objects in iManage, the tasks for that role should
be assigned from the same rbsCollection container that the role was created in.
Out-of-Memory Errors
If you receive out-of-memory errors when running iManage (Error: 500 on

client browsers and OutOfMemory Java exception on the Server Login
Screen), edit the SYS:TOMCAT\33\BIN\TOMCAT33.NCF file and add the
following switch to the Java command line:
-Xmx128m
128 represents the heap memory (in MB) that Tomcat will use. You can go as
high as 400 for this parameter. To change the heap memory to 400 MB, your
Java command line would look similar to the following:
java -Xmx400m -envCWD=$TOMCAT_HOME -classpath
$TOMCAT_CLASSPATH -Dtomcat.home=SYS:\tomcat\33
org.apache.tomcat.startup.Main -f sys:/tomcat/33/conf/
nwserver.xml %1
To determine the heap memory that Tomcat is currently using, enter the
following at the server console:
: java -show
This command will return a process number such as 196.

The following command will show the heap memory setting as well as the
current usage for the heap and physical memory:
: java -showmemory196
Use the number returned from the Java -show command (196 in the above
example).
Deleting All Role Objects
If you delete all the rbsRole objects in iManage without also deleting the tasks,
you can create a new rbsRole object, but the task list will not show any of the
tasks.
You can create a role without any tasks and then modify the role to include
tasks. However, we recommend instead that you re-install the product
packages in order to re-create the removed roles. Use the Install Package task
in iManage to reinstall the product packages.
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
29
Manual
99a
38
July 17, 2001
Modifying the iManage Installation Path during a NetWare 6 Custom

Installation
You should not modify the iManage installation path during the NetWare
custom installation unless the container you specify in the installation field
already exists.
If you do specify a container that does not exist, you will receive -601 (No
Such Entry) errors on the following files:
.../BASE/EDIR.XML
.../DNSDHCP/DNSDHCP.XML
.../IPRINT/IPRINT.XML
.../NLS/NLS.XML
You will also receive the following error:
Failed to associate initial roles with user admin.
If you receive this error, you can associate the initial roles with the
administrator User object after the installation finishes by completing the
following steps:
1 In iManage, click the Configure tab.
2 Click Role Based Services Setup > Create rbsCollection.
3 Follow the online instructions to create an rbsCollection container.
4 To install the iManage plug-ins, click Role Based Services Setup > Install
Plug-in.
5 Associate each role with the Admin User object.
5a Click Role Management > Modify Role.
5b Click the icon in the Members column of a role.
5c Follow the online instructions to add the admin User object as a
member of the role.

Setting Inheritance Rights
In this release of iManage, the ability to set inheritance rights is not available.
Inheritance from the container chosen as the scope down through any
subcontainers is automatically set and cannot be changed. This allows only the
chosen container to be used as the scope and not the subcontainers as well.
30
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Performing a Post-installation of iManage
When performing a post-installation of iManage, you must restart both

Apache and Tomcat after the installation is complete in order for iManage to
work properly.
Granting Additional eDirectory Rights to Owners of rbsCollection
Containers
When you make a user an owner of an rbsCollection container, you should

grant that user the additional eDirectory rights needed to fully administer that
collection. This user should be given supervisor entry rights to the objects
needing modification (assign roles to, etc.).
Assigning a Container Object As a Member of a Role
When you assign a container object (Organization or Organizational Unit) as

a member of a role, only the users directly under the container will have access
to that role. Users in subcontainers under the one assigned will not be able to
use that role. This is the same way that assigning containers to Group objects
works in eDirectory.
iMonitor 1.5
Browsing for Objects Containing Extended Characters
When using iMonitor to browse an eDirectory tree for objects, an object with
extended characters in the name might not hyperlink to the object properties
correctly. This problem does not happen with any objects that contain doublebyte characters.
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
31
Manual
32
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
iPrint/NDPS
Installing Printers on Windows NT/2000
To install a printer on Windows NT/2000, you must have Administrator rights

or be a Power User.
Managing iPrint
iPrint can be managed with the Novell iManage browser-based management

utility. Not all operations have been included in iManage. For those operations
that you cannot complete in iManage, you can use NetWare Administrator.
For information on setting up iManage, see the Novell iManager
Administration Guide.
IP Address Limitation
When using iPrint, IP addresses must be between 1 and 255 for the Network
ID and Host ID. Addresses that have a 0 (zero) in any of the four octets are not
currently supported. For example, 1.0.0.9 is not supported.
Using NDPS Gateways
When you use iManage to create an NDPS Printer object and select the
Novell Gateway, the Novell Gateway (NDPSGW.NLM) is used.
When you use NetWare Administrator to create a Printer object and select the
Novell Gateway, the gateway comprised of PH.NLM and NDPDS.NLM is
used. This is the only version of the gateway that supports RP protocol and
local ports.
To use a third-party print vendors gateway, you must use NetWare
Administrator to create the NDPS Printer object.
iPrint/NDPS
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
33
Manual
99a
38
July 17, 2001
Running iPrint Map Designer
To have full functionality of the iPrint Map Designer, IPPSRVR.NLM must be

loaded before starting iPrint Map Designer.
Changing Printer Security Levels
If you change the printer agent security level to high and do not check the
Requires Security check box on the IPP Support page of the printers Client
Support Page in iManage, you will receive the following error:
Error message: iPrint Client - "The request requires user
authentication."
IMPORTANT: When you check the Requires Security check box, the URL for the
associated printer will change. Users who have already installed this printer will
have to delete and reinstall the printer in order to use the updated URL.
Invalid IP Address When Loading the NDPS Manager
When you load the NDPS Manager, you can specify an IP address or DNS
name. If you do not specify one, the NDPS Manager uses the address stored
in SYS:\ETC\HOSTNAME. If either the IP address or DNS name specified
on the command line or in the HOSTNAME file is invalid, you will receive
the following error:
IP Address xxx.xxx.xx.xxx, specified at load time, is not
bound. Program execution cannot continue normally. Press
Escape to continue.
To resolve the error, use a valid DNS Name or IP Address on the command
line, or edit the SYS:\ETC\HOSTNAME file to contain a valid address.
Using TTS on NSS Volumes
By default the Transaction Tracking SystemTM (TTSTM) is not enabled on NSS

volumes for NetWare 6 servers. To protect database integrity, NDPS requires
that TTS be enabled on the NDPS Manager's host volume before
NDPSM.NLM is loaded. If the NDPS Managers host volume is an NSS
volume, you should enable TTS by completing the following:
1 Enter
NSS /transaction=NDPS_Manager_host_volume_name
If you want to list the NSS volumes on a server, enter NSS volumes.
2 Dismount the NSS volume by entering
NSS /Deactivate=NDPS_Manager_host_volume_name
34
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
3 Remount the volume with TTS enabled by entering
mount NDPS_Manager_host_volume_name
iPrint Client Install Page Has No Link
When using a map generated by the iPrint Map Designer, if users click on a
printer from a workstation that does not have the iPrint client installed, they
might be redirected to an iPrint client install page that does not have the client
install link.
To resolve this, use a text editor to edit LOGIN\IPPDOCS\TOOLS.JS and
make the following changes to the Function: ProductNotInstalled section.
Replace the
"
document.writeln(\"" +
parent.iprintclientinstallString + "<BR><BR>\");\n" +
line of code with these lines:

"
document.writeln(\"" +
parent.iprintclientinstallString + "\");\n" +
"
document.writeln(\"<BR>\");\n" +
"
document.writeln(\"<BR>\");\n" +
iPrint/NDPS
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
35
Manual
36
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
IPX Dependencies
If you select TCP/IP as your only protocol during the NetWare 6 installation,
IPX/SPXTM will no longer be available.
If you have problems loading IPX/SPX-dependent NLMTM programs, add the
following line after the Server Name in the AUTOEXEC.NCF file:
serverID XXXXXXXX
Replace XXXXXXXX with the internal IPXTM address you want to assign to
the server. This address can be numbers and letters A, B, C, D, E, F only
(serverID is a hex value).
For example, the serverID line could appear as follows:
serverID 12345abc
For the changes to take effect, you must restart your server after updating the
AUTOEXEC.NCF file.
IPX Dependencies
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
37
Manual
38
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001

No NDS Replica on the Web Server
If the Web server does not have an NDS replica, users cannot access private
pages through the Web server. Users are allowed to authenticate, but the page
access returns a 404 error.
To avoid this problem, make sure the Web server has an NDS replica.
Internet Explorer Issues
Folder operations in WebDAV have limitations. When you copy a folder to

another folder of the same name, Internet Explorer sends a request to delete
the original folder and its contents before it copies the new folder.
To update a folder and its contents with a folder of the same name in another
location, copy the contents of the folder rather than the folder itself to the
target destination.
ActiveX Controls
If icons such as those for Users, Groups, and Organizational Units are missing
from your My Network folder, check the security settings in Internet Explorer.
Security settings must allow ActiveX Controls to be downloaded and run.
When the following message appears, accept the module to allow it to run:
Novell DAVICONS.OCX Signed ActiveX Controls Being Downloaded
If your Web folders still do not display the icons, you must repair Internet
Explorer 5 by doing the following:
1 From your desktop, click Start > Settings > Control Panel.
2 Double-click Add/Remove Programs.
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
39
Manual
99a
38
July 17, 2001
3 Click Microsoft Internet Explorer 5 > Change/Remove > Repair Internet
Explorer.
4 Restart your system if required.
INDEX.HTML Renamed
When upgrading to NetWare 6 from an earlier version of NetWare, the file

INDEX.HTML in the document root of the Enterprise Web Server
(volume:\NOVONYX\SUITESPOT\DOCS) might be renamed to
INDEX_ENTERPRISE.HTML. This occurs when the new NetWare 6 default
home page is installed as INDEX.HTML.
40
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
NetWare FTP Server

Intruder Detection
To disable intruder detection, both intruder detection parameters

(INTRUDER_HOST_ ATTEMPTS and
INTRUDER_USER_ATTEMPTS) must be set to zero (0).
To enable intruder detection, both intruder detection parameters
(INTRUDER_HOST_ ATTEMPTS and
INTRUDER_USER_ATTEMPTS) must be set to a value greater than
zero (0).
Login from FTP Client
When logging in from FTP client, the format of the user distinguished name
should be either username or .username.ou1....
Dont use the format .cn=username.ou=ou1....
Use Home Icon Instead of Back Icon
From the Service Manager panel of the FTP Server, do not click the Back icon
in the navigation toolbar of the browser to return to the Service Selector panel
of NetWare Web Manager. Instead, click the Home icon in the Service
Manager panel to return to the Service Selector panel.
Configuring FTP Server with Cluster Services
When FTP Server is configured to run in the Active/Passive mode, add

only nwftpd to the end of load script and add only unload nwftpd to
the beginning of the unload script.
When FTP Server is configured to run in the Active/Passive mode, make
sure to comment the nwftpd entry in AUTOEXEC.NCF. Also, before
you bring the resource online, execute unload nwftpd to bring down
the FTP service already running.
NetWare FTP Server
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
41
Manual
42
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
10
99a
38
July 17, 2001
NetWare Migration Wizard 6

NOTE: Additional Readme information is available at the end of the NetWare
Migration Wizard 6 installation. Once Migration Wizard is installed, you can also
view the Readme before you launch the wizard by clicking Start > Programs >
Novell > NetWare Migration Wizard > NetWare Migration Wizard Readme.
Migrating to NetWare 6 NSS Volumes
When migrating to NetWare 6 NSS volumes, trustee assignments might not be

fully restored to User and Group objects the first time you run the Finish NDS
Migration step. NSS volumes depend on the NDS backlink process to create
ID information on objects before trustees can be associated with those objects.
Therefore, you must verify that the backlink process is complete before
running the Finish NDS Migration step.
If you have already run the Finish NDS Migration step and are missing
trustees, you can manually complete the backlink process and rerun the Finish
NDS Migration step. Reboot the server after this step completes.
To manually run the backlink process, enter the following commands at the
server console:
set dstrace=on
set dstrace=+blink
set dstrace=*b
If you switch to the Directory Services screen on the server, you can watch the
objects as they are processed. The above commands must be repeated until no
more User or Group objects appear in the backlinked list on the Directory
Services screen.
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
43
Manual
44
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
11
99a
38
July 17, 2001
NetWare WebAccess
Do Not Run NetWare WebAccess and Novell Portal Services on Same
Server
NetWare WebAccess and Novell Portal Services cannot be run simultaneously

on the same server. NetWare WebAccess is based on Novell Portal Services
technology. Therefore, the limitation of not being able to run two instances of
Novell Portal Services on the same server also applies when attempting to run
NetWare WebAccess and Novell Portal Services on the same server.
Form Authentication Type Required for Some Lotus Notes Applets
In order for some Lotus* Notes* applets to display correctly, you must select
FORM as the authentication type when configuring the NetWare WebAccess
Email gadget using ConsoleOneTM. BASIC is the default Lotus Notes
authentication type.
WebAccess Object Name Change
An object in the WebAccess container in Novell eDirectoryTM might be

referred to incorrectly in the documentation. The WebAccess_portalgroup
object should be WebAccess_Configuration_All_Users. This is the object
used to configure NetWare WebAccess gadgets in ConsoleOne.
NetWare WebAccess
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
45
Manual
46
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
12
99a
38
July 17, 2001
NetWare Web Manager

Upgrading Products Accessible through NetWare Web Manager
If you are upgrading products accessible through NetWare Web Manager, new
configuration files will be written out and the old configuration files will be
backed up in their current location.
A _BKddd (where ddd is a number) will be appended to the old
configuration file. For example, MAGNUS.CONF will become
MAGNUS.CONF_BK000.
If another installation is done on top of this one, MAGNUS.CONF will
become MAGNUS.CONF_BK001. The count is incremented with each new
upgrade installation. If you want to restore the old settings, you can manually
merge the new and old files.
Using Internet Explorer
To view NetWare Web Manager with Internet Explorer, you must change a
setting in Internet Explorer to set the correct page caching option.
1 From the tool bar, click Tools > Internet Options > General > Settings.
2 Check the Every Visit to This Page check box so that the browser re-
requests a page and displays the appropriate information after you have
made new selections on the NetWare Enterprise Server forms.
NetWare Web Manager
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
47
Manual
48
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
13
99a
38
July 17, 2001
NetWare Web Search Server

Web Search and Web Server Interaction
The NetWare Web Search installation program automatically detects and

registers itself with both the Apache and Enterprise Web servers if they are
installed on your server. However, the NetWare Web Search Manager
(AdminServlet) will be registered only with the Apache Web server, which is
the Web server used by all NetWare Web administration utilities (such as
NetWare Web Manager and NetWare Remote Manager). The Search and Print
servlets will be registered with both Web servers, if available.
IMPORTANT: Web Search uses the Enterprise servers NLMTM programs when
authorizing rights-based search results. If the Enterprise Web server is not

installed, the rights-based search results feature will not work. However, Web
Search will continue to operate without this feature and will simply return all search
results.
Regenerating All Indexes after Installation
After upgrading from a previous installation of Web Search to the NetWare 6

version, you must regenerate the older indexes before they can be searched.
Indexes No Longer Listed on Default Search Page
After upgrading from previous versions of Web Search, the list of indexes
(formerly called collections) that appear on the default search page might
disappear. This is because subsequent versions of Web Search differentiate
between the indexes specified by a particular query versus those actually
available at the server.
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
49
Manual
99a
38
July 17, 2001
To fix this problem so that all available indexes display on the search page,
either use the templates that ship with the newer Web Search (located in the
\NSearch\Templates\Samples directory) or make the following changes to the
SEARCHTEMPLATE.HTML file that you are currently using as your search
page:
1. Change $$BeginCollectionsLoop to $$BeginServerCollectionsLoop.
2. Change $$EndCollectionsLoop to $$EndServerCollectionsLoop.
New Sample Web Search Templates
NetWare Web Search includes new sample search results templates. You
should always use the new templates as a basis for your templates.
If you install Web Search over a previous installation, your existing templates
will not be overwritten. The new templates will be copied into the
volume:\searchroot\TEMPLATES\SAMPLES directory.
To test the sample templates from a Web client machine, include the Theme
query parameter with the value Samples:
&theme=Samples&other_query_parameters
You can also temporarily change the TEMPLATES directory to the
SAMPLES directory in the Search Properties form in the NetWare Web
Search Manager.
Also, all of the templates colors and fonts are now in the
volume:\searchroot\DOCS\TEMPLATE.CSS style sheet. This allows you to
easily modify fonts and colors across all of your templates to match the design
of your Web sites.
50
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
14
99a
38
July 17, 2001
Novell Advanced Audit Service

Default Configuration
NAAS is not supported a mixed network environment containing NDS

6.x, 7.x, and 8.x. NAAS enables auditing only for NetWare servers that are
running in pure NDS (Novell eDirectoryTM) 8.x networks. It does not
audit NetWare servers running NDS 8.x even if they are part of a mixed
network running NDS versions earlier than NDS 8.x. Therefore, you
should install and configure NAAS only in networks solely running
NDS 8.x.
The ConsoleOneTM-based NAAS default configuration utility cannot be
run from a NetWare 6 server console. Instead, you must run it from a
Windows workstation.
By default, NAAS searches only up to three levels up the tree to find a
policy of any type for an object. If a policy is not found in the three levels,
that object is not audited.
If the depth of the partition is greater than three, specific NAAS Search
Criteria policies should be associated with the objects with the search
level equal to the partition depth.
The NAAS default configuration utility fails to create NAAS objects if
the partition root is not an Organization Unit or Tree Root. Before using
this utility, manually create a NAAS container under the partition root.
If the NetWare server hosts two partitions, and the server partition root is
an ancestor of the other partition, explicitly give rights to the NAAS
Agents to the objects in the other partition.
The default configuration utility configures NAAS for a single partition
and, by default, the Audit Server generates reports only for the query
domains in the same partition.
If the Auditor Query Domain is in a partition other than that of the Audit
Server, you need to give specific rights to that NAAS Server Object.
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
51
Manual
99a
38
July 17, 2001
The default configuration utility can make a user Auditor for only one
partition.
To make the same user an Auditor for more than one partition, do the
following:
Manually configure NAAS.
Grant the auditor Read and Compare rights to the LDAP Server
attribute for the partition containing the User object.
Grant the auditor Read and Compare rights to the
LDAP:keyMaterialName attribute for the partition containing the
User object.
After generating a report for one naasAuditorQueryDomain, restart
ConsoleOne to generate a report for a second domain.
The NAAS schema for eDirectory does not get extended from the
NetWare 6 server if that server happens to be a nonreplica server.
Run the NAAS installation from a NetWare 6 server that is hosting a
Read/Write replica of Root.
Audit Data Commit
Automatic commit of audit cache on reaching the specified threshold is not

enabled. The size of the cache file will grow until the periodic commit is
scheduled.
NAAS Agent
Occasionally, the NAAS Agent might fail to commit data to the NAAS Server
due to communication failure. However, there is no loss of data and the data
is cached.
To resolve this, do the following:
1 Unload Java.
This unloads some of the NAAS Agent and NAAS server components.
2 Reload Java using the LOAD JAVA command at the system console.
3 Reload the unloaded NAAS components using the ST_AGENT and
ST_SRVR commands at the system console.
52
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Loading the Shims
If all three NAAS Shims are required to be loaded, the load order should be
FSSHIM.NLM
NSSSHIM.NLM
DSSHIM.NLM
eDirectory Auditing
Auditing is not enabled for the following events in Novell eDirectory:

DSE ADD MEMBER
DSE DELETE MEMBER
If the NetWare server hosts two partitions and the server partition is a
child partition of the other, only the server partition is audited.
Audit Report Generation
Generating a report for a large number of records takes more time than
generating a report for a small number of records. For example, it will
take approximately 15 minutes to generate a report containing 17,000
records.
Two or more Audit report queries cannot be processed simultaneously by
the Audit database, so auditors should generate one report at a time.
If event filters are created for NSS or NWFS, the Audit report will contain
events for both NSS and NWFS even when only one of the two is
selected. This happens only for events that are common to both NSS and
NWFS.
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
53
Manual
54
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
15
99a
38
July 17, 2001
Novell Certificate Server

Novell Certificate Server Dependencies
The Certificate Server ConsoleOneTM snap-in has the following dependencies:

Client NICI 2.0.2 or later for Windows
Novell LDAP SDK
Novell ClientTM version 4.8 or later for Windows NT/2000, or Novell
Client version 3.3 or later for Windows 95/98/ME
If any of the above dependencies are not met, Certificate Server functionality
will not be available and you will get one or both of the following error
messages:
NICI 2.0.2 or later is not installed on this client.
The Certificate Server snap-in will not function
until NICI is installed.
The dynamic link library ccsw32.dll could not be
found in the specified path.
These error messages will occur only once on the first object access.
You will typically not have LDAP SDK in your ConsoleOne distribution if
you obtained ConsoleOne directly from the Novell Web site. You should use
the version of ConsoleOne provided with NetWare 6. The ConsoleOne shell
is located on the Client CD at \CONSOLEONE\C1.EXE and the snap-ins are
located on the Client CD at \CONSOLEONE\NW6SNAPINS.EXE.
ConsoleOne and snap-ins are also available on an installed NetWare 6 server
at SYS:\PUBLIC\MGMT\CONSOLEONE\1.2\BIN\CONSOLEONE.EXE.
NICI 2.0.2 for Windows is available on the Client CD at
\NICI\WCNICIU0.EXE or from the Novell Free Download Site (http://
www.novell.com/download/).
Novell Certificate Server
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
55
Manual
99a
38
July 17, 2001
Browser Support
You must use the Internet Explorer 5 or later or the Netscape Navigator 4 or
later browser to use the certificates generated by Novell Certificate Server for
SSL or LDAP connections. Older browsers are not supported.
Removing a Server from NDS
When removing a server from NDS and then reinstalling it into the same
context with the same name, a successful reinstallation occurs only if the SAS
Service object representing the removed server is also deleted, if it exists.
For example, for a server named MYSERVER, there could exist a SAS object
named SAS ServiceMYSERVER located in the same container as the server.
This SAS object must be manually deleted (using ConsoleOne) after the
server is removed from the tree, but before the server is reinstalled into the
tree.
IMPORTANT: If the server is the Organizational CA or the SD Key server, you
must complete some additional steps. These steps are documented in TID
10056795 (entitled Certificate Server Issues: Removing a Server from a Tree).
You can search for this TID in the Novell Knowledgebase located at (http://
Verisign Certificates and Creating a Server Certificate (KMO)
If you use Verisign as the external Certificate Authority (CA) during the
creation of a Server Certificate (KMO), you no longer need to obtain
Verisigns trusted root to paste into the Trusted Root field. You can now select
the option No Trusted Root Available, click Next, and then paste in the
certificate you received from Verisign.
When the certificate is installed, the server determines if the certificate you
pasted chains to a Verisign embedded root. If it does, the certificate and the
trusted root are added to the Server Certificate object in NDS.
56
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
16
99a
38
July 17, 2001
Novell Client for Windows

See the Novell ClientTM Readme (http://www.novell.com/documentation/lg/
noclienu/index.html) for issues related to the Novell Client for Windows 95/
98 and Novell Client for Windows NT/2000.
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
57
Manual
58
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
17
99a
July 17, 2001
38
Novell Cluster Services

Installation/Upgrade Issues on page 59
Other Issues on page 60
Installation/Upgrade Issues
Perform Cluster Pre-upgrade from an NT Workstation
You must run the Deployment Manager option to prepare your cluster for an
upgrade from an NT workstation rather than from a Windows 9x workstation.
Also ensure that your cluster-enabled volumes are in the Running state. Use
Cluster View in ConsoleOneTM to check the state of each corresponding
cluster volume resource.
Shared Cluster Volumes Disabled in NetWare Deployment Manager
Shared volumes are disabled after you complete the Prepare a Novell Cluster
for Upgrade step in NetWare Deployment Manager. Once the upgrade to
NetWare 6 is complete, the shared volumes are re-enabled.
Do Not Create Traditional Volumes during Cluster Upgrade
Do not create new traditional volumes on NetWare 5 servers when upgrading

a cluster from NetWare 5 to NetWare 6.
After one NetWare 5 server in the cluster is upgraded to NetWare 6, upgraded
NSS volumes on shared storage might appear as free space in a traditional
partition. Creating a volume on the free space will corrupt the NSS volume.
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
59
Manual
99a
38
July 17, 2001
NSS volume corruption occurs if all of the following conditions exist on your
system:
The Prepare a Novell Cluster for Upgrade option in the Deployment
Manager was run and completed.
At least one of the NetWare 5 servers in the cluster was upgraded to
NetWare 6.
One of the NetWare 5 servers not yet upgraded was rebooted and an
attempt was made on that server to create a traditional partition using
NWCONFIG.
Unable to Authenticate to a New Node during Installation
When using NetWare Deployment Manager to install a new node into a

cluster, you might not be able to authenticate to the new node. If this happens,
map a drive from the workstation running Novell Client software (right-click
the red N) to each node in the cluster and then repeat the NetWare Deployment
Manager steps to install the node into the cluster.
Directory Tree Not Visible during Installation
When running the Cluster Services installation, you occasionally might be

unable to see the eDirectoryTM tree you want to install into from the installation
browser. If this happens, type the name of the tree in the browser path:
treename/cluster.context.
Other Issues
Deactivate Shared NSS Pools
After creating shared NSS pools or volumes, you must deactivate them before
you bring the cluster resource online; otherwise, the resource will go comatose
because it is already active on the server where it was created.
Using DELAY.NLM in Cluster Resource Scripts
If you use DELAY.NLM to delay execution of commands in a cluster resource

load or unload script, do not use the load command in the script to load
DELAY.NLM. Instead, add a command to load DELAY.NLM to the
AUTOEXEC.NCF file on each server where the resource will run. Then
specify the amount of time you want to delay command execution by adding
the DELAY command to the load or unload script. For example, if you want
to cause a five-second delay, add DELAY 5 to the script.
60
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Do Not Use the Prepare Volume for Use by Novell Cluster Services
Option in NetWare Remote Manager
If you are using NetWare Remote Manager to create NSS pools and volumes
to use in your cluster, do not check the Prepare Volume for Use by Novell
Cluster Services check box. This feature does not work and will not correctly
cluster enable your newly created pool or volume.
Instead, go to the NetWare Remote Manager Cluster Config screen and use the
New Cluster Volume button to cluster enable the volume. You can also use
ConsoleOneTM to create and cluster enable NSS volumes.
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
61
Manual
62
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
18
99a
38
July 17, 2001
Novell Compatibility Mode Driver

There is no control on the Designated Router Election process. To make any
migration agent a Designated Router, use INETCFG to assign it the highest
priority IP Address.
Novell Compatibility Mode Driver
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
63
Manual
64
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
19
99a
38
July 17, 2001
Novell eDirectory 8.6 for NetWare

Installing into an Existing Tree
With this release, you cannot install a NetWare 6 server into a partition that
has all of its replicas on a NetWare 4 server if that server will get a replica of
the partition.
If you are installing into a tree that has NetWare 5 servers, each NetWare 5.0
server must be running NetWare 5.0 Support Pack 6a (http://
support.novell.com/misc/patlst.htm#nw) or later. Each NetWare 5.1 server
must be running NetWare 5.1 Support Pack 2a (http://support.novell.com/
misc/patlst.htm#nw) or later.
Distributing Proper Versions of DSREPAIR to All Servers in the Tree
For information on preparing an existing tree for a NetWare 6 installation, see

"Updating the eDirectory Schema for NetWare" in Chapter 1, "Installing and
Upgrading Novell eDirectory," of the Novell eDirectory Administration
Guide.
You can also use NetWare Deployment Manager to prepare your tree for
installation.
Installing into a NetWare 4 Tree
When installing a NetWare 6 server into a pure NetWare 4 tree, clicking the
Browse button on the eDirectory installation screen to search for a context will
not return a list of available containers. You must type the context where you
want to install the NetWare 6 server into the tree.
Persistent Search Operations
A persistent search operation might not retrieve the updated information if

entries in the eDirectory database change frequently.
Novell eDirectory 8.6 for NetWare
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
65
Manual
99a
38
July 17, 2001
Additional Readme Information
For information on additional eDirectory issues for this release, see TID
#10063534 (http://support.novell.com) in the Novell Support Connection
Knowledgebase.
66
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
20
99a
38
July 17, 2001
Novell GroupWise
In order to use GroupWise 5.5 Enhancement Pack WebAccess on NetWare
6, you must download and install the WebAccess 5.5 EP SP4 Rev 3 patch or
later (FWAEP4C.EXE, FWAEP4D.EXE, etc.) available from Novell Support
Connection Patches and Files (http://support.novell.com/filefinder). The
patch is a prerelease version (Field Test File) of GroupWise 5.5 Enhancement
Pack Support Pack 4. Your system must be running GW 5.5 SP3a before you
can install this patch. Follow the installation instructions provided with the
patch.
This patch resolves the following compatibility issues between GroupWise
5.5 Enhancement Pack WebAccess and NetWare 6:
If NetWare 6 is installed on a system where GroupWise 5.5 Enhancement
Pack WebAccess has already been installed, the NetWare 6 installation
program changes WebAccess from using the Novell Servlet Gateway to
using the Tomcat Servlet Gateway. Your existing WebAccess software is
not designed to work with Tomcat. Therefore, you must install the
WebAccess patch for compatibility with NetWare 6 and Tomcat.
If you attempt to install GroupWise 5.5 Enhancement Pack WebAccess
on NetWare 6 without first obtaining the patch, the WebAccess
installation program will encounter problems. It will not be able to
automatically stop your Web server, WebSphere, or Java for you so that
the WebAccess installation can proceed. Although you can work around
these installation problems by manually stopping the listed programs and
then continuing the installation, you will still need to install the patch to
provide WebAccess compatibility with Tomcat.
Novell GroupWise
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
67
Manual
68
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
21
99a
38
July 17, 2001
Novell iFolder
Selecting the Pre-migration Server Option
If you install iFolder via a Custom installation of the Pre-migration server

option available in NetWare 6, make sure NetWare Web Manager is also
selected to be installed. You will need to reboot your server after the
installation in order for iFolder to work properly.
Using a Proxy Server
If you plan to use a proxy server, set the following options on each workstation
where the iFolder client will be installed:
1 Open Internet Explorer and click Internet Options > Connections > LAN
Settings > Use a Proxy Server > Advanced.

2 Check the Use the Same Proxy Server for All Protocols check box.
Installing iFolder on NT 4 Workstations
If you install the iFolder client on an NT 4 workstation with NTFS volumes,

the iFolder client login will fail. To fix this, complete one of the following
procedures for each iFolder workstation.
Modify Workstation Permissions
1 Open Explorer and click Program Files > Novell > iFolder.
2 Right-click the iFolder folder and then click Properties > Security.
3 Make sure the user has Full Control permissions.
Novell iFolder
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
69
Manual
99a
38
July 17, 2001
Apply the iFolder Patch

1 Go to the Novell Support Web site (http://support.novell.com) and click
Patches and Files.

2 Enter
IFLDRCLA.EXE
The A is a variable and will change as the iFolder client is updated.
3 Double-click IFLDRCLA.EXE to begin the download process.
Creating a User Account
Before you can access your iFolder files from the iFolder Web site, you must
first download and install the iFolder client and then log in. The iFolder user
account can be created only by logging in from the iFolder client. After you
have logged in from the iFolder client, you will then be able to access your
iFolder files from the Java applet via a browser.
70
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
22
99a
38
July 17, 2001
Novell International Cryptographic

Infrastructure (NICI)
Some of the ConsoleOneTM snap-ins for NetWare 6 require the NICI Client.
To use those snap-ins, you must install NICI on every workstation where you
will use ConsoleOne.
IMPORTANT: Two versions of NICI are provided for Windows platforms: 1.5.7
and 2.0.2. We recommend that you install both versions.

NICI 1.5.7 is implemented as a kernel driver and NICI 2.0.2 is implemented as a
shared DLL. Applications using NICI 1.5.7 will not work if only NICI 2.0.2 is
installed. Likewise, new applications will require at least NICI version 2.0.2. Both
NICI versions can be installed on the same Windows workstations, providing
support for all applications.
The Client CD that is included with NetWare 6 contains the NICI client for
Microsoft Windows operating systems. NICI clients for Solaris and Linux can
be found on the Novell software download page (http://www.novell.com/
download).
To install the NICI client from the Client CD, insert the CD. An autorun
application begins. Select the NICI client from the list.
Novell International Cryptographic Infrastructure (NICI)
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
71
Manual
72
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
23
99a
38
July 17, 2001
Novell Modular Authentication

Service (NMAS)
NICI Client
You must have the NICI Client installed on each client that will run
ConsoleOneTM and NMAS. See Novell International Cryptographic
Infrastructure (NICI) on page 71 for more information.
Before installing Novell Native File Access Protocols (as part of the NetWare
6 installation or otherwise), all NetWare 5 servers (in the tree) running NMAS
must be updated to NMAS 2.0.1, NICI 2.0.1, and ConsoleOne 1.3.
NMAS and BorderManager Interoperability
In order for BorderManagerTM Enterprise Edition 3.5 (BMEE35) and NMAS

to coexist, the Login Policy Object must be created using the BMEE35
NetWare Administrator snap-ins.
In order to install BMEE35 in a tree with NMAS, complete the following
steps:
1 If a Login Policy Object already exists, delete it from the Security
Container.
2 Install BMEE35.
3 Create a new Login Policy Object using NetWare Administrator with the
BMEE35 snap-ins.
Novell Modular Authentication Service (NMAS)
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
73
Manual
99a
38
July 17, 2001
4 Configure the BorderManager services to use the Login Policy Object.
Refer to the Border Manager documentation (http://www.novell.com/

documentation/) for details.
5 Run the NMAS installation from the server-side GUI.
6 Reinstall any NMAS Methods and re-create any NMAS login sequences.
Simple Password and Force Password Change
The Simple Password method is used for various authentication services in

NetWare 6. These include the Native File Access Pack that provides
authentication support for CIFS and AFP.
A problem might arise if you set or change a user's simple password from the
ConsoleOne administrative snap-ins using Force Password Change. If you
experience problems setting an initial password, you might need to check the
Force Password Change check box. If the user already has a password set,
Force Password Change might not work unless you remove the current
password and enter a new one.
Explicit Rights and Graded Authentication
You must give explicit rights to users with graded authentication. Inherited
rights do not work. For example, an administrator's Supervisor right is defined
at the [Root] container. Rights for the administrator are not defined in the
Volume object. So if the administrator changes the volume's security label
from Logged In to any other security label, the administrator cannot get the
appropriate rights. The administrator must assign explicit rights to the volume,
directories, or files in the volume.
74
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
24
99a
38
July 17, 2001
Novell Native File Access Protocols

General Issues on page 75
Macintosh / AFP Issues on page 78
Windows / CIFS Issues on page 80
UNIX / NFS Issues on page 82
General Issues
Before installing Novell Native File Access Protocols (as part of the NetWare
6 installation or otherwise), all NetWare 5 servers (in the tree) running
NMASTM must be updated to NMAS 2.0.1, NICI 2.0.1, and ConsoleOneTM
1.3.2.
Beta Files Must Be Removed Prior to Installation
If you installed an earlier version of the AFPTCP or CIFS code (the Beta test
release), you need to completely remove it (including the login methods from
NDS) before you reinstall.
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
75
Manual
99a
38
July 17, 2001
Uninstalling the Software
To remove the software, complete the following steps on each server running
Novell Native File Access Protocol software.
1 Run Native File Access for Macintosh* (AFP) Uninstall using
NWCONFIG or the GUI Uninstall. Reboot the server or unload the

AFPTCP.NLM (AFPSTOP.NCF).
2 Run Native File Access for Windows (CIFS) Uninstall using
NWCONFIG or the GUI Uninstall. Reboot the server or unload the CIFS
NLMTM programs (CIFSSTOP.NCF).
3 Use ConsoleOne to remove the NMAS Login Server Methods from NDS.
3a Go to the root of the tree and select the Security object.
3b Right-click the Security object, select the Login Policy object, and
then click Properties.

3c Delete/deselect LSMAFP and LSMCIFS sequences from Selected
Login Methods.
3d Close the Properties window.
3e Select and delete the LSMAFP and LSMCIFS objects under
Security/Authorized Login Methods.

NOTE: The uninstall program removes references to CIFS and AFP from the
PRODUCTS.DAT and AUTOEXEC.NCF files. It does not remove the related NLM
programs (CIFS.NLM, AFPTCP.NLM) and configuration files (AFPVOL.CFG,
CTXS.CFG, CIFSCTXS.CFG, CIFS.CFG).
Intermittent Java Fatal Error
When the installation progress bar shows 100% copy and processing settings,
the following error might occur:
A fatal error has occurred. This program will terminate. You
may check sys:\ni\data\ni.log for more details after you
dismiss the dialog com/novell/admin/ns/nds/jndi/
ndsnamespaceImpl.
If this error occurs, terminate the installation and try again.
76
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Possible Login Error
If you encounter a login error while connecting to the server from a Macintosh
or Windows workstation, run ConsoleOne and verify that the Simple
Password, LSMCIFS, and LSMAFP login sequences are installed.
If the sequences are not installed, do the following:
1 Run ConsoleOne and locate the Security container.
2 Double-click the Security container.
3 Right-click the Login Policy icon and click Properties > New Sequence.
4 Enter simplepassword as the Sequence Name.
5 Select the SimplePassword Object from the left column and click the
arrow to add it to the right column.

6 Click Apply.
7 Repeat the above steps for the LSMAFP and LSMCIFS login sequences.
8 Restart the server.
NMAS.DLL Could Not Initialize Cryptographic Services (-1461)
If any of the following errors appear when launching ConsoleOne, you need
to install NICI Client 2.02 or later on the administrator workstation:
NMAS.DLL could not initialize cryptographic services or
cryptographic services are not available. (-1461)
NMAS.DLL is unloading b/c of errors during initialization.
The library NMASWrap could not be located.
NMAS PutLoginConfig -1460 error
You might see the following error while trying to assign a simple password in
ConsoleOne 1.2d1:
NMAS PutLoginConfig -1460 (NICI_E_NOT_FOUND error)
This error could be caused by either of the following:

NICI Client is not installed. You must install the client.
NICI Partition key is missing. You must reinstall NetWare.
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
77
Manual
99a
38
July 17, 2001
Macintosh / AFP Issues

AppleTalk Not Supported as a Transport Protocol
The legacy AppleTalk* protocol stack is not supported as a transport protocol

in this version of Novell Native File Access Protocols for Macintosh.
AppleTalk migration is targeted for a subsequent release.
Older Mac applications that have unique dependencies upon AppleTalk as a
transport protocol must be updated to a version that is known to work over
TCP/IP. The AppleTalk stack protocols (TLAP, ELAP, LLAP, DDP, RTMP,
AEP, ATP, NBP, ADSP, ZIP, ASP, and PAP) are not supported over TCP/IP by
Apple*.
Therefore, Novell does not support those legacy protocols either. Both Novell
and Apple have embraced TCP/IP as the Internet standard transport protocol.
IMPORTANT: Older NetWare for Macintosh and Prosoft versions of AFP.NLM and
APPLETLK.NLM are not supported. Do not attempt to mix old Mac support NLM
programs with the new AFPTCP.NLM.
Server MONITOR Does Not Register Mac Connections
The MONITOR.NLM on the server does not register Mac connections. Also,
the active connections Network Address list indicates no address available.
This is a known problem for connections other than NCPTM sessions.
User Authentication Method Not Found
Mac users receiving the following error message should check the AppleShare
folder in the Extensions folder and try again:
The UserAuthentication Method required by this server can't
be found
This error occurs because the new AFPTCP.NLM cannot coexist with prior
versions of the AFP.NLM.
To fix this error, do the following:
1 Unload the old AFP.NLM and remove it from the AUTOEXEC.NCF file.
2 Unload and delete the old AFPCON.NLM and do not use it again.
3 Delete the old AFPCON configuration file in
SYS:\SYSTEM\GLOBDATA.AFP if it exists.
4 Make sure that the users context is in the context search file CTXS.CFG.
78
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Mac OS 8.x Will Not Mount Volumes Checked to Mount at Startup
Mac OS 8.x will not mount volumes checked to mount at startup. To resolve
this, add the server volume's alias to the StartUp Items folder inside the
System Folder on the Mac's local startup disk.
Drag a NetWare Folder to the Trash and Errors Occur
When you drag a NetWare folder to the trash, an error occurs because it is
unable to leave the item in the trash and it will delete it immediately.
This happens on Mac OS 8.1 with NSS volumes. Also, Mac OS X running
with network volumes does not support the functionality associated with the
Trash icon.
0x01 Filenames and NSS Volumes
Certain extensions and control panels (such as MacAdministrator) use

filenames beginning with 0x01 to ensure that they load first. These filenames
will not work correctly on an NSS volume.
Unloading AFPTCP.NLM and WSPDSI.NLM Programs
The Winsock component used by the Macintosh Native File Access NLM
does not always clean up all open sockets. If you unload AFPTCP.NLM and
then explicitly unload WSPDSI.NLM, it might give you the following
warning in flashing red text:
WARNING!!!
1 active Winsock 2 DSI socket session(s)
Unloading WSPDSI.NLM with active session(s) will abend the
server.
Unload all Winsock 2 apps with active SSL socket session(s).
Unload module anyway?
Do not unload the module or the server will abend.
The warning is correct. WSPDSI thinks there are still active AFP sessions and
it will abend the server if you unload it. The last line of the warning should
read "Unload AFPTCP.NLM" but, because AFPTCP is already unloaded,
unloading AFPTCP will have no effect.
There is no need to unload WSPDSI manually. AFPTCP.NLM loads it
automatically on startup and AFPSTOP.NCF does not unload it. It remains
loaded. Under normal use, you should not see this warning.
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
79
Manual
99a
38
July 17, 2001
Volume ID
You might get pervasive errors in a clustered AFP environment when the
volume ID is set to higher than 32. To eliminate these errors, use ConsoleOne
to edit the cluster AFP/TCP volume resource and change the volume ID to 32
or lower. Remember to make the value you choose unique from other volume
IDs.
Windows / CIFS Issues

Problem with Microsoft Patch
Microsoft recently released a patch to its Windows NT 4.0 RPC service to

address a vulnerability to Denial-of-Service attacks. Although the CIFS
Import Users functionality does not cause or participate in any denial of
service attacks, the patch does change the Window NT 4.0 RPC interface
which, in turn, affects the CIFS Import Users functionality.
The interface changes are in the process of being tested, and we will release a
patch to correct this problem soon after NetWare 6 ships.
Workstations Might Not Be Able to Access a Windows 2000 Primary
Domain Controller
If the Primary Domain Controller (PDC) is a Windows 2000 server, Windows

workstations might not be able to access the CIFS server. To fix this, complete
the following steps:
1 Specify the following parameter in SYS:\ETC\CIFS.CFG:
-PDC PDC_name IP_address

For example:
PDC ONENET 130.57.66.134
2 Enter CIFSSTOP and then CIFSSTRT.
PDC and CIFS on Different Subnets
If the PDC and CIFS servers are on different subnets, the -PDCNAME option
(which uses DNS resolution) might not work. Use the -PDC option instead.
80
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Password Changes
Trying to change a password from a Windows 9x or NT4 client workstation

might fail if the default network username and password in the client's cache
is not a valid combination on the CIFS server where the password change was
attempted.
To avoid this problem, validate the username and password combination in the
client's cache on the CIFS server before attempting the password change. You
can validate by attempting to access the file system on the CIFS server by
browsing to Network Neighborhood.
Password Changes and Case Sensitivity
When the CIFS password (simple password) on NetWare server is changed

using the NET PASSWORD command on a Windows 9x client, the client
always sends the old and new passwords in upper case. As a result, the regular
NDS password update will not be successful if the old regular NDS password
contains lowercase letters. Also, the new password will be stored in upper
case.
For Windows NT/2000, the user should provide a case-sensitive password; if
not, the regular NDS password update will not be successful.
CIFS Server on NetWare Does Not Function As a Master Browser
If the CIFS server on NetWare is the only member of a workgroup, then the
workgroup will not appear under Network Neighborhood. However, it might
be possible to locate the server using the Find Computer feature.
Configuration File Options Not Supported
The -ASYNC, -OPLOCKS, and -UNICODE options are not supported with
this release. Make sure these options are set to Off.
CIFS Server Not Visible in Network Neighborhood
You might occasionally find that your CIFS server is not visible using
Network Neighborhood. This can happen if you have a domain that contains
only Windows 95/98 and no NT/2000/XP servers or clients. To correct this
problem, enter the server name or IP address in Find Computer.
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
81
Manual
99a
38
July 17, 2001
MS Paint "Out of Memory" Error
CIFS users might occasionally see an Out of Memory error when using MS
Paint on a Windows NT workstation. This error message is incorrect and no
processes are out of memory. The error message will disappear if the data file
is first saved to local storage and then copied to the remote storage directory.
UNIX / NFS Issues

Upgrade Issues
Before beginning an upgrade from NetWare 5.0 with NetWare NFS

Services 2.4 installed, you must comment out the UNISTART entry in
AUTOEXEC.NCF.
Before rebooting the system after an upgrade from NetWare 5.1 with
ZENworksTM for Desktops 3.2 and PXE support installed, you must
change the load order in AUTOEXEC.NCF so that NFSSTART.NCF
comes before ZFDSTART.NCF.
Upgrading from NetWare 5.1 with NetWare NFS* Services 3.0 installed
removes the product but retains the NFS Server and NIS configuration.
After an upgrade from NetWare 5.1 with NetWare NFS Services 3.0
installed, you must remount the NetWare exports mounted on NFS
clients.
After upgrading from NetWare 5.1 with NetWare NFS Services 3.0
installed, the NFS Gateway component of NetWare NFS Services 3.0 will
not be functional; it is not supported on NetWare 6.
General
If the server holding the master eDirectoryTM replica is down, Native File
Access for UNIX* will not work on servers that have a Read-Only
replica, a Filtered replica, or no replica.
When Native File Access for UNIX is installed on a multiserver tree, the
UNIX profile of the NIS User object is not mapped to root. Therefore,
NFS Server fails to load.
Refer to the SYS:ETC\SCHINST.LOG file after the installation and run
schinst again if any errors are logged.
If the pkernel screen displays messages similar to the following, you can
ignore them (they do not affect functionality in any way):
RPC:svc_register failed for prog=186A4, vers=1
82
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
When Native File Access for UNIX is installed, the nfsstart entry is added
to AUTOEXEC.NCF, so the services are not automatically available after
installation.
To make Native File Access for UNIX available, run nfsstart after
installation or reboot the server.
ConsoleOne
If you administer NFS exports of multiple servers and switch between

them, it is possible that the data you view is for the previous server.
Click the corresponding Server object, right-click Exports, and then click
Refresh to display its data.
When managing the NFS server through ConsoleOne, if you try to export
a volume without logging in to the Novell eDirectory tree, the following
message displays erroneously: Config file is open.
To export a volume, log in to the Novell eDirectory tree.
When managing NFS Server through ConsoleOne, if a value that is out of
range or invalid is entered in NFS Server > Options > Parameters, a cursor
is placed in the next field and you cannot modify that field.
To modify the field, close the panel and open it again. Enter a valid
number that is in the range in the NFS Server > Options > Parameters
field.
When managing NIS through ConsoleOne, eDirectory objects of type
ipService and nisObject cannot be created.
When performing special map migration through ConsoleOne, the
complete path of the file is required (for example,
SYS:ETC\NIS\PHLIST).
Administering NetWare 5 NFS Services on NetWare 5 from ConsoleOne
on NetWare 6 is not supported.
NFS Server
If exported NSS volumes are deactivated and activated in a different

order, operations from an NFS client on these mount points will fail.
To ensure proper functionality, unload and reload the NFS Server
software and remount the exported path on the NFS client.
Hard links are not supported on exported NSS Volumes.
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
83
Manual
99a
38
July 17, 2001
Traditional volumes can be mounted only using NFS version 2.

Even though showmount shows the volumes as exported, they are not
mountable using NFS version 3. You need to explicitly mount the
exported traditional volumes specifying the mount version as 2.
If a Windows workstation user who has write permission to a file created
in a mounted volume by a UNIX user attempts to modify the file, the
ownership of the file will change from the UNIX user to the Windows
workstation user.
UnixWare* 7 NFS client access has issues with recursive delete and C file
compilation. Also, the ownership of a file will change if a nonowner user
with permissions to the file edits it.
NIS Server
No error message is displayed to convey that the NetWare server fails to

become a slave to the UnixWare 7 NIS Master.
To set the password for a user from a UNIX NIS client, use ypset to set
the default domain in the NetWare server.
NIS objects such as nisDomain, nisMap, and nisObject cannot have
names with more than 64 characters.
Unloading nisbind might take several minutes.
If maps are pushed to an NetWare NIS slave server using any map name
(for example, hosts.byname or hosts.byaddr), both maps are updated in
the slave server.
For Default maps, the pound sign (#) is not a valid comment character. If
you dont want to migrate a particular record, remove it from the text file
before migrating.
The bootparam and netgroup maps are not supported in this release.
Using ypcat groups does not show the members of the group.
Migration
After a new user is created and the user's UNIX profile is set, if the group
corresponding to the user's GID exists, the user will be listed as a member
of that group. However, the rights of the group will not flow down to this
user. Remove the user from the members list and add it again.
While migrating domains using the -x option, edit the context parameter
by prefixing each of the dots in the Relative Distinguished Names with a
backslash ( \ ) to distinguish them from eDirectory (NDS) names.
84
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
25
99a
38
July 17, 2001
Novell NetDrive
NetDrive supports HTTPS for WebDAV only on Windows NT 4.0 and
Windows 2000 workstations.
If your NetDrive client is behind a firewall regulated by a
BorderManagerTM server that is configured for FTP proxy and
authentication, NetDrive cannot map a network drive via FTP to any
servers that reside outside the firewall. To solve this problem, disable the
FTP proxy authentication on the BorderManager server.
Novell NetDrive
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
85
Manual
86
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
26
99a
38
July 17, 2001
Novell NetStorage
Changing iFolder IP Address after NetStorage Installation
If you change the iFolderTM server IP address, DNS name, or port number after
NetStorage has been installed, you must either reinstall NetStorage or edit the
XSYNCNSP\IFOLDER SERVER registry setting to reflect the change.
NetStorage will not function properly without this change.
Changing Apache Port Numbers after NetStorage Installation
If you change the Apache Web server port numbers after NetStorage has been
installed, you must either reinstall NetStorage or edit the
XSYNCNSP\SECURE PORT registry setting to reflect the change.
NetStorage will not function properly without this change.
Logging In as a Different User
If you are using Windows 98 and Internet Explorer, and after logging in to
NetStorage you intend to log in again as a different user, you must first delete
Internet Explorer cookies and log out from Windows 98 or you will not be able
to log in again. This is necessary because Windows 98 retains user information
and NetStorage cookies are created that are user specific.
When using Windows 2000 and Microsoft Web Folders, you must enable the
Launch Folder Windows in a Separate Process option by doing the following:
1 Double-click My Computer and then click Tools > Folder Options >
View.
2 Check the Launch Folder Windows in a Separate Process check box.
Novell NetStorage
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
87
Manual
99a
38
July 17, 2001
Internet Explorer Unable to Open Some Web Folders
If you use Microsoft Web Folders with NetStorage to create a new folder, you
might not be able to open that folder using Internet Explorer.
Hosts File Not Usable by NetStorage
NetStorage cannot use the SYS:\ETC\HOSTS file to resolve DNS names. If

you have applications that can use DNS names (such as iFolder), your DNS
names must be registered with a valid DNS server which is identified in the
SYS:\ETC\RESOLVE.CFG file. The DNS server is normally registered
automatically during the NetWare 6 installation.
NetStorage Help Not Accessible When Using NetWare WebAccess
NetStorage online help is not accessible when both of the following conditions
exist:
You access NetStorage using NetWare WebAccess
NetStorage and NetWare WebAccess are installed on different servers
To make NetStorage help accessible, copy the SYS:NETSTORAGE directory
from the server where NetStorage is installed to the server where NetWare
WebAccess is installed and add the following lines to the
SYS:APACHE\CONF\ADMINSERV.CONF file on the NetWare WebAccess
server.
Alias /NetStorage "SYS:/webapps/NetStorage"
<Directory "SYS:/webapps/NetStorage">
Options Indexes FollowSymLinks
AllowOverride None
Order deny,allow
Allow from all
</Directory>
Character Set Issues with Netscape
If you use the Netscape* browser to open NetStorage, square boxes will be
displayed in place of some characters. To resolve this, click View > Character
Set > Unicode (UTF-8) and then click View > Character Set > Set Default
Character Set.
88
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
27
99a
38
July 17, 2001
Novell Storage Services

Previous NSS Volumes Not Automatically Upgraded
Previous NSS volumes are not automatically upgraded during the NetWare 6
installation process. After you install NetWare and reboot the server, you can
upgrade previous NSS volumes to the current NSS volume layout.
Before you upgrade previous NSS volumes, you must ensure that NDS is up
and running and that the Backlink process is complete.
To upgrade previous NSS volumes, do the following at the server console:
To upgrade a single NSS volume, enter
nss /zlssvolumeupgrade=volume
To upgrade all NSS volumes, enter
nss /zlssvolumeupgrade=all
After you upgrade all the volumes, you can use the MOUNT ALL command
or mount the volumes individually.
Must Add Trustee Rights to SYS:LOGIN When Upgrading Volume
SYS:
You can use the Volume Conversion Utility (VCU) to upgrade a traditional
volume SYS: to the NSS volume SYS:. However, the implied trustee rights do
not transfer with this method. After you upgrade volume SYS:, you must
manually add a public trustee with read and file scan rights to the LOGIN
directory.
Novell Storage Services
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
89
Manual
99a
38
July 17, 2001
Modifying a Volumes NDS Object When Converting Volumes
You can convert traditional volumes to NSS volumes after you upgrade to
NetWare 6. The following is an example of using the volume conversion
utility (VCU) when you want to modify the volumes NDS object:
vcu TRAD NSSPOOL provo_tree\novell\provo ds_poolname ds_volName
DS tree: provo_tree
DS context:provo.novell
DS NSSPOOL name: ds_poolName
DS TRAD name: ds_volName
Do Not Create Traditional Volumes Still in Clusters
After you upgrade the first server in a cluster, the shared NSS volumes might
appear as free space in a traditional partition on the remaining NetWare 5
servers. Creating a volume in this space will corrupt the NSS volumes. For
more information, see Chapter 17, Novell Cluster Services, on page 59.
90
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
28
99a
38
July 17, 2001
Novell TCP/IP
Missing INETCFG Information
If any information is missing from INETCFG after a new installation, it is

because no information was uploaded to the TCPIP.CFG file. Similarly, if
INETCFG information is missing or you get configuration error messages
after an upgrade, it is because no new information was uploaded to the
TCPIP.CFG file and some entries have become invalid. In either case, delete
the SYS:/ETC/TCPIP.CFG file and reconfigure through INETCFG.
Supernetting
Once the server is configured with a supernet mask, it behaves like an end
node when IP Forward gets disabled. It continues to behave like an end
node, even if the mask is changed to a non-supernet mask and the system
is reinitialized. To make it work like a router, change the state of the IP
packet forwarding or RIP or LAN Static Routing in INETCFG and
reinitialize the system.
With the CIDR mask on, some valid host IDs ending in .255/.0 cannot be
bound.
Fault Tolerance
Fault tolerance is supported on ODITM compliant drivers (such as

CE100B, IBMFE, PCNTNW,3C90XC, and N100).
Load balancing and fault tolerance features cannot be configured in the
protocols menu of INETCFG if the bindings are created by transferring
commands from AUTOEXEC.NCF. To resolve this problem, delete all of
the bindings from the Bindings menu and add them again.
Novell TCP/IP
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
91
Manual
99a
38
July 17, 2001
Load Balancing
Load balancing might not work when all the clients IP address are
mapped to a single server NIC and all the clients start data transfer
simultaneously.
Multihoming might not work in some cases where the hosts are
supernetted.
Viewing Bindings
You can discover and load drivers using NWCONFIG and subsequently bind
the boards to IP addresses through INETCFG. However, NWCONFIG does
not show the bindings. To see the drivers, unload the drivers from the system
console and reinitialize the system. NWCONFIG then shows the bindings
added through INETCFG.
Routing
EGP and OSPF are not completely functional in this release.

RAM
Ensure that at least 512 MB of RAM is available where the server is to be

stressed with heavy network operations.
IP Trace
Once the IP Trace is loaded, you cannot load anything from the console until
the Trace finishes. To load something, close the Trace screen.
Application Dependency
If the IP address used by an application is changed, it might stop working. For

more information, refer to the documentation for the particular application.
92
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
29
99a
38
July 17, 2001
Pervasive.SQL
Pervasive.SQL 2000 Database Licenses
A permanent two-user license is installed during the NetWare 6 installation

process. If you are upgrading an existing NetWare server, an unlimited license
that will expire 90 days after installation is also installed.
The permanent two-user license is intended for use by the NetWare operating
system. If you have additional applications using Pervasive.SQL 2000 or
Pervasive.SQL 2000i, including the Btrieve* interface, you can use the
unlimited user count license for 90 days. If you have applications that need
access to the NetWare Pervasive.SQL 2000i database engine, you must
purchase an appropriate user count license from Pervasive Software before the
90-day evaluation period ends. Please allow adequate time before the end of
the evaluation period to receive your user count license.
For more information on Pervasive.SQL 2000i, features, documentation, or
information, see the following:
Internet: Pevasive Software Web site (http://www.pervasive.com)
Email: Salessupport@pervasive.com
Phone (U.S.):1-800-287-4383
Phone numbers for all international offices are available from the Contact Us
link (http://www.pervasive.com/company/contact/index.asp) on the Pervasive
Software Web site.
Pervasive.SQL
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
93
Manual
99a
38
July 17, 2001
Known Issues
So that Pervasive can update known issue reports periodically between

releases, all Known Issues are now published in the Pervasive Knowledge
Base (http://support.pervasive.com/eSupport/). Search on "Pervasive.SQL
2000 Service Pack 3 known issues".
You can also see a static list of known issues, including links to the associated
Knowledge Base articles, at their Fixed Defects and Known Issues Web page
(http://www.pervasive.com/support/updates/psql2kfixed.asp).
Technical Support
For technical support and discussions about Pervasive products, see their
DevTalk forum (http://www.pervasive.com/devtalk).
To file a support incident, submit an Electronic Support Incident (http://
www.pervasive.com/support/support_email.asp).
You can also visit the Pervasive Support Center (http://www.pervasive.com/
support/supportcenter.asp) for other contact information.
Useful Links
You can also check out the following:

Comprehensive list and details of Pervasive products (http://
www.pervasive.com/offerings).
Discussions about Pervasive development issues (http://
www.pervasive.com/devtalk).
Technical papers (http://www.pervasive.com/support/TechPapers.asp).
Online product manuals (http://www.pervasive.com/support/technical/
online_manuals.asp).
Support programs (http://www.pervasive.com/support/
support_programs.asp).
Pervasive Knowledge Base (http://support.pervasive.com/eSupport/).
Updates and patches (http://www.pervasive.com/support/updates/).
94
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
30
99a
38
July 17, 2001
Scripting Products
Scripting Products Included
The following scripting products are included with NetWare 6. Readme

information can be found at the links provided.
Novell Script for NetWare (NSN) (http://www.developer.novell.com/
ndk/nscript.htm#readme)
Perl for NetWare (http://www.developer.novell.com/ndk/
perl5.htm#readme)
NetBasic* 6.0 (http://www.developer.novell.com/ndk/nb6.htm#readme)
Universal Component System (UCS) (http://www.developer.novell.com/
ndk/ucs.htm#readme)
Upgrading from NetWare 5.1 to NetWare 6
The NSN and NetBasic configuration files

(SYS:SYSTEM\NSNSYS.INI, SYS:UCS\UCX.INI, and
SYS:SYSTEM\NBSYS.INI) are overwritten during the upgrade. If you
previously made changes to the files, you might want to keep a copy of
them.
ScriptEase (SE) is not installed as part of NetWare 6. If the system is
upgraded from NetWare 5.1 to NetWare 6, SE will be available because
it was part of the NetWare 5.1 system. Note that Novell will not provide
customer support for SE in a NetWare 6 environment.
NSN Compiler
The NSN Compiler SDK is not included with NetWare 6. The NSN product
on the NDK Web site (http://www.developer.novell.com/ndk/nscript.htm) has
the latest version of the compiler.
Scripting Products
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
95
Manual
99a
38
July 17, 2001
Novell Script Pages
Novell Script Pages (NSP) prevents any NSP page from being uploaded and
executed without the execute bit set on the NSP file itself or on the parent
directory.
To mark an NSP file or directory with the execute bit, do the following:
1 Access NDS from the NetWare Web Manager General Administration
page.
2 Navigate to the NSP file or directory and display the access control rights
for that object.

3 Check the Execute check box and save your changes.
After the NSP page file or directory has been marked with the execute bit,
NSP will allow it to run.
96
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
31
99a
38
July 17, 2001
Storage Management Services (SMS)

Backup and Restore Issues on page 97
Client Issues on page 98
Other Issues on page 99
Backup and Restore Issues

Update SMS Components
A new release of Storage Management Services (SMS) is available at the

Novell Support Web site (http://support.novell.com). This release contains
important fixes to the SMS components delivered with NetWare 6.
The fixes ensure compatibility between earlier versions of NetWare and the
NetWare 6 SMS modules. In addition, the patch includes updates to SMS
components (including SMDR and TSA), which have made the product more
stable and robust.
To maintain backup and restore services on NetWare 6 and your network, you
must install the patch. The patch will supersede the SMS modules installed by
default during the NetWare 6 installation.
For more information, see the Readme included with the patch.
DOS File Systems on NSS
TSADOSP.NLM, the target service agent for the DOS file system on NSS, is
no longer required. Instead, load DOSFAT.NSS and TSA600.NLM on the
server hosting the DOS partition. This enables the partition to be listed as an
NSS volume for backup or restore operations.
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
97
Manual
99a
38
July 17, 2001
Exclude/Include Options for Workstation Restore
When Exclude/Include options are set for a workstation restore, only the
selected data sets are restored. The log file and the status window of the
session reports incorrect status. All the data sets are reported as restored,
whereas only the data sets matching the specified options are actually restored.
Hard Links Not Supported by NSS in NetWare 6
Hard links are not supported by NSS in NetWare 6. Therefore, existing hard
links in your data can no longer be restored to NSS.
Restoring Hard Links in a NetWare Traditional File System
Hard links in a NetWare Traditional File System cannot be restored to a

directory that does not exist on the volume. That is, if the hard link has to be
created in a directory that is different from the parent directory (where the file
was originally located), then the directory for the hard link should exist on the
volume before the hard link can be created. This is unlike a normal restore
operation wherein a new directory is created whenever the restore directory is
different from the parent directory.
Client Issues
Windows 2000 and NT Workstation Registration Using IPX/SPX
The Windows workstation will not register to the NetWare server if both are
configured to use only IPXTM/SPXTM.
Setting the Username and Password for Windows 2000 Workstation
Follow the procedure below to set the username and password on a Windows
2000 workstation. The TSAPrefs interface does not let you set these fields
while registering the workstation to a server.
1 From the Start Menu, click Settings > Control Panel, double-click
Administrative Tools > Computer Management, and then click Local

Users&Groups > Users.
2 Double-click a user from the list.
3 In the Member Of window, select the group that has the security policy,
click Act As Part of the Operating System, add the user as a member of
the group, and then click Apply > OK.
98
NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If you need to assign a security policy to a group, do the following:
Return to the Administrative Tools window and click Local Security

Policies > Local Policies > User Rights Assignment.
The list of policies and the local and effective settings are displayed.
Double-click Act As Part of the Operating System Security Policy to

display the Local Security Policy Setting dialog box.
Click Add, select the group that this policy is to be assigned to, and
then click Add > OK.
4 Restart the Windows NT Target Service Agent for the changes to take
effect.
5 Register the workstation to a server.
Other Issues
SBCON recognizes data only in the System Independent Data Format (SIDF).
If the media contains data in any format other than SIDF, the media must be
labeled before use.
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
99
Manual
100 NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
32
99a
38
July 17, 2001
Third-Party Adapters, Drivers, and

Applications
Using Virus Scan Software with NetWare 6
When performing virus scans with Norton or McAfee software, you must
exclude the protected NSS volume named _ADMIN. Otherwise, the server
will abend.
ISA Adapters Are Not Supported on NetWare 6
For performance and scalability reasons, all ISA adapter drivers have been
removed from NetWare 6. There is a possibility that a family driver might
support adapters which run on more than one bus type (PCI and ISA). In this
case, any ISA adapter would be considered a noncertified driver and would
not be supported by Novell.
CardBus and Mini-PCI LAN Drivers
There are no certified CardBus or Mini-PCI drivers in NetWare 6. However,

we have included drivers for adapters that use the 3COM* 3C1556.LAN
Mini-PCI driver and drivers for XIRCOM CardBus adapters, which use the
CE3ODI.LAN driver. These drivers are located in the
DRIVERS\UNSUPDRV directory on the Operating System CD or in the
NWSERVER\DRIVERS\UNSUPDRV directory, located in the DOS partition
after installation.
IMPORTANT: Although these drivers might work, they have been included only
for use in cases where laptop servers are needed for demonstration purposes.
They should be considered not supported by Novell. See the Readme in the
UNSUPDRV directory for details.
Third-Party Adapters, Drivers, and Applications 101
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Suggested LAN Driver Substitution
In some cases there are no substitutes for LAN drivers. For example, Compaq
no longer supports the Netflex 3 LAN hardware associated with the
CPQNF3.LAN driver. 3Com provides limited support for their 3c90x LAN
card line to LAN cards starting with the 3c905b hardware and beyond.
Unsupported versions of these drivers are located on the NetWare 6 Operating
System CD and can be installed in the NWSERVER\DRIVERS\UNSUPDRV
directory.
Patches for Backup
Patches for backup and restore operations will be available on the Novell
Support Web site (http://support.novell.com) concurrent with the shipment of
NetWare 6.
WAN Support
WAN support is not included with NetWare 6. If you are upgrading from a
previous version of NetWare, your AUTOEXEC.NFC and STARTUP.NCF
files might need to be edited to remove WAN components that are autoloaded.
102 NetWare 6 Readme
NetWare 6 Readme
103-000171-001
October 25, 2001
Novell Confidential
QuickStart
Rev 99a
44
August 22, 2001
To begin a QuickStart (English): Click in the box under the word Novell. Insert QuickStart and Title elements. 2. Type the product name. 3. Insert the HeadQS element and type
the title of your card. 4. Put in your product version: Click Special > Variable > select the variable named Version > Edit Definition > enter the version number > click Done > Done.
It will appear as background text replacing Version X.X.
For a single (stand-alone) card: Keep this master page, named QS-Single. It shows the part number on the bottom right, since single cards dont have front matter.
For a card thats part of a booklet: Use Special > Master Page Usage to change to using First master page on the first page of the card. It doesnt show the part number, since
part number will be noted in the front of the booklet.
Novell
NetWare 6
w w w. n o v e l l . c o m
Q U I C K S TA R T

MINIMUM SYSTEM REQUIREMENTS
A server-class PC with a Pentium* II or AMD* K7 processor
256 MB of RAM
A Super VGA display adapter
A DOS partition of at least 200 MB and 200 MB available space
2 GB of available disk space outside the DOS partition for volume SYS:
One network board
A CD drive
A USB, PS/2*, or serial mouse (recommended but not required)
RECOMMENDED SYSTEM REQUIREMENTS
A server-class PC with two-way Pentium III 700 MHz or higher processors
512 MB of RAM
A Super VGA or higher resolution display adapter
A DOS partition with 1 GB of available space
4 GB of available disk space outside the DOS partition
One or more network boards
A bootable CD drive that supports the El Torito specification
A USB, PS/2, or serial mouse
102-001442-001
Instructions for International. For SINGLE cards: 1. After importing SGML, click the BookQS element in the "Structure View" window. 2. Select QuickStart in the "Elements" window
and click Wrap. 3. Right-click the BookQS element in the "Structure View" to bring up menu, and select Unwrap. 4. Highlight the Front element in the "Structure View" and delete
it. 5. Right-click the nested QuickStart element in the "Structure View" to bring up menu, and select Unwrap. 6. You can continue with print prep and creating PostScript and PDF,
even though the file is not completely valid because the ID on the QuickStart element is missing. Thats okayit will not affect the appearance of the document, so PostScript and
PDF will be correct. For cards in a booklet: To remove part number from f irst page, use the master page "First."
August 29, 2001

Novell Confidential
QuickStart
Rev 99a
44
August 22, 2001
UPGRADE SYSTEM REQUIREMENTS

The server to be upgraded must be running one of the following:
NetWare 5.1 with Support Pack 2 or later
NetWare 5 with Support Pack 6 or later
A server-class PC with a Pentium II or AMD K7 processor
256 MB of RAM
A DOS partition with 35 MB of available space
2 GB of available disk space on volume SYS:
One network board
A CD drive
A USB, PS/2, or serial mouse (recommended but not required)
SOFTWARE AND OTHER REQUIREMENTS
NetWare 6 Operating System CD
NetWare 6 License/Cryptography diskette
Supervisor right at the [Root] of the eDirectoryTM tree
Supervisor right to the container where the server will be installed
Read right to the Security container object for the eDirectory tree
DOS and CD drivers (required if the computer does not boot from CD)
You can make a bootable floppy diskette using the MKFLOPPY.BAT program located in the
INSTALL directory of the NetWare 6 Operating System CD.
Client connection utilities (optional, for installing from a network):
Novell ClientTM for DOS and Windows* 3.1x (optional, for installing from a NetWare
server running IPXTM).
IP Server Connection Utility (optional, for installing from a NetWare server running IP
only).
For instructions, see PRODUCTS\SERVERINST\IPCONN.TXT on the Novell Client CD.
102-001442-001
August 29, 2001
QuickStart
Rev 99a
44
August 22, 2001
IP address and domain names (required for connecting to the Internet):

An IP address
An IP address of a domain name server
The name of your domain
Network board and storage device properties, such as the interrupt and port address
(required if not included in NetWare)
PREPARE THE NETWORK
1 Run NetWare Deployment Manager (NWDEPLOY.EXE), located on the NetWare 6 Operating
System CD.
2 Complete all relevant tasks in the Prepare the Network section.
START THE INSTALLATION
1 Access the NetWare 6 Operating System CD.
Boot from CD
Boot from DOS partition, access the CD, and enter INSTALL
Make sure that the CONFIG.SYS file contains the FILES=50 and BUFFERS=30
commands.
2 Select the type of installation.
Express Installation sets up a server using standard settings.
Custom Installation lets you specify settings for your environment.
SELECT SETTINGS AND DRIVERS
1 Select regional and server settings.
2 Select the mouse and video type.
3 Select a platform support module and storage adapter.
4 Select a storage device and a network board.
SET UP THE SERVER
1 Create volume SYS:.
2 Name the server.
3 Install the NetWare 6 server file system.
4 Install networking protocols.
102-001442-001
August 29, 2001
QuickStart
Rev 99a
44
August 22, 2001
5 Set up Domain Name Service (DNS).

6 Set the server time zone.
7 Set up Novell eDirectory.
8 License the NetWare server.
SELECT AND INSTALL ADDITIONAL PRODUCTS
Additional installation screens will appear depending on the products you select.
1 Set up Novell Certificate Server.
2 Configure LDAP.
3 Install Novell Native File Access Protocols.
4 Set up NetWare WebAccess.
5 Set up Novell iManage.
6 Install Novell iFolderTM.
7 Install Novell NetStorage.
REBOOT THE SERVER
1 Complete the installation/upgrade by rebooting the server when prompted.
2 Start the server.
If you chose to load the server on reboot, it will load automatically.
To load the server manually, change to the startup directory containing the NetWare
server files (C:\NWSERVER) and enter SERVER.
UPDATE NSS VOLUMES (UPGRADE ONLY)
If you upgraded from a NetWare 5.1 server with Novell Storage ServicesTM (NSS) volumes, you
must complete the following procedure to update NSS volumes.
1 When prompted at the end of the upgrade, reboot the computer.
2 Make sure that all processes relating to the NetWare 6 upgrade have completed.
3 At the server console, enter the following command
NSS /ZLSSVOLUMEUPGRADE=ALL
The NSS volumes can now be mounted on the NetWare 6 server.
102-001442-001
August 29, 2001
QuickStart
Rev 99a
44
August 22, 2001
WHATS NEXT?
Although you have installed or upgraded to NetWare 6, you might need to configure products to
work in the new environment. Additionally, some products such as Novell Cluster ServicesTM can
be set up only after completing the server installation. You can install products using NetWare
Deployment Manager or from the GUI server console screen.
Copyright 2001 Novell, Inc. All rights reserved. No part of this publication may be reproduced, photocopied, stored on a retrieval
system, or transmitted without the express written consent of the publisher. eDirectory, iFolder, Internetwork Packet Exchange and
IPX, Novell Client, Novell Cluster Services, and Novell Storage Services are trademarks and NetWare and Novell are registered
trademarks of Novell, Inc. in the United States and other countries. All third-party products are the property of their respective
owners. A trademark symbol (, TM, etc.) denotes a Novell trademark; an asterisk (*) denotes a third-party trademark.
102-001442-001
August 29, 2001
NetWare 6 Overview and Installation Guide
Novell
NetWare 6
www.novell.com
O V E RV I E W A N D I N S TA L L AT I O N G U I D E
August 30, 2001

Novell Confidential
Manual
99a
38
July 17, 2001
Contents
Preface
Documentation Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
User Comments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Welcome to NetWare 6
11
Make End Users More Effective with NetWare 6 . . . . . . . . . . . . . . . . . . .

Eliminate Client Software with Novell Native File Access Protocols . . . . . . . .
Print from Anywhere with Novell iPrint . . . . . . . . . . . . . . . . . . . . . . .
Access and Manage Your Files From Anywhere with Novell iFolder. . . . . . . .
Use Novell NetStorage to Access Files with an Internet Browser . . . . . . . . .
Store and Retrieve Network Data With Novell NetDrive . . . . . . . . . . . . . .
Access Internet Services from a Centralized Location with NetWare WebAccess .
Manage the Network with NetWare 6 . . . . . . . . . . . . . . . . . . . . . . . . .
Manage Your Network with NetWare Remote Manager . . . . . . . . . . . . . .
Manage eDirectory Objects from an Internet Browser with iManage. . . . . . . .
Manage the Network with ConsoleOne. . . . . . . . . . . . . . . . . . . . . . .
Manage IP Addresses with the Novell DNS/DHCP Administration Tool . . . . . .
Powering Net Services with Novell Web Services . . . . . . . . . . . . . . . . .
Publish Web Pages with NetWare Enterprise Web Server. . . . . . . . . . . . .
Run Applications on NetWare Using the Tomcat Servlet Engine . . . . . . . . .
Provide Custom Search Services with NetWare Web Search Server . . . . . . .
Manage UNIX and NetWare Networks with Network Information Services . . . .
Track Network Usage with Novell Advanced Audit Service . . . . . . . . . . . .
Track Application Licenses with Novell Licensing Services . . . . . . . . . . . .
Build on an Established Networking Platform . . . . . . . . . . . . . . . . . . . . .
Increase Availability with Novell Cluster Services . . . . . . . . . . . . . . . . .
Manage Millions of Network Objects with Novell eDirectory . . . . . . . . . . . .
Manage Disk Storage Devices with Novell Storage Services . . . . . . . . . . .
Mint Digital Certificates with Novell Certificate Server . . . . . . . . . . . . . . .
Verify Identity with Novell Modular Authentication Service . . . . . . . . . . . . .
Back up Data with Storage Management Services. . . . . . . . . . . . . . . . .
Communicate with IP, the Protocol of the Internet . . . . . . . . . . . . . . . . .
Support IPX Applications with Compatibility Mode Driver . . . . . . . . . . . . .
Reduce Deployment Costs with NetWare 6 . . . . . . . . . . . . . . . . . . . . . .
Streamline the Server Installation with the NetWare 6 Express Installation . . . .
Customize the Server Configuration with NetWare 6 Custom Installation . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Contents

100-004725-001
August 30, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
11
11
12
12
13
13
14
14
14
15
15
16
16
18
18
18
18
19
19
19
19
20
21
21
21
22
22
22
23
23
23
Manual
99a
July 17, 2001
38
Migrate Network Data to another Server with NetWare Migration Wizard .

Use Other Installation Options to Simplify the Move to NetWare 6 . . . .
Lets Get Started . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Step 1: Decide What Solutions You Want . . . . . . . . . . . . . . . . .
Step 2: Install or Upgrade to NetWare 6 . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Setting Up NetWare 6
23
24
24
24
24
27
Meeting System and Software Requirements . . . . . . . . . . . .

System Requirements . . . . . . . . . . . . . . . . . . . . . .
Software and Other Requirements . . . . . . . . . . . . . . .
Preparing the Network. . . . . . . . . . . . . . . . . . . . . . . .
Preparing the Computer . . . . . . . . . . . . . . . . . . . . . . .
Installing Computer and Networking Hardware . . . . . . . . .
Creating and Formating a DOS Partition . . . . . . . . . . . .
Accessing the Installation Files . . . . . . . . . . . . . . . . .
Installing the Software . . . . . . . . . . . . . . . . . . . . . . . .
Navigating in the Character-Based Screens . . . . . . . . . . .
Selecting the Type of Installation and Regional Settings . . . . . .
Selecting the Language and Accepting the License Agreement
Selecting the Type of Installation . . . . . . . . . . . . . . . .
Specifying Server Settings . . . . . . . . . . . . . . . . . . . .
Selecting the Regional Settings . . . . . . . . . . . . . . . . .
Selecting the Mouse and Video Type . . . . . . . . . . . . . .
Selecting a Platform Support Module and Storage Adapter. . . . .
Selecting a Platform Support Module (If Required) . . . . . . .
Selecting a PCI Hot Plug Module (If Required) . . . . . . . . .
Selecting a Storage Adapter . . . . . . . . . . . . . . . . . . .
Selecting a Storage Device and a Network Board . . . . . . . . .
Selecting a Storage Device . . . . . . . . . . . . . . . . . . .
Selecting a Network Board . . . . . . . . . . . . . . . . . . .
Loading a NetWare Loadable Module (If Required) . . . . . . .
Creating a NetWare Partition and Volume SYS: . . . . . . . . . .
Removing an Existing Volume SYS: (Conditional). . . . . . . .
Creating Volume SYS: . . . . . . . . . . . . . . . . . . . . . .
Summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Naming the Server . . . . . . . . . . . . . . . . . . . . . . . . .
Enabling Cryptography . . . . . . . . . . . . . . . . . . . . . . .
Installing the NetWare Server File System . . . . . . . . . . . . .
Understanding Volumes . . . . . . . . . . . . . . . . . . . . .
Creating Volumes . . . . . . . . . . . . . . . . . . . . . . . .
Modifying Volumes. . . . . . . . . . . . . . . . . . . . . . . .
Deleting Volumes . . . . . . . . . . . . . . . . . . . . . . . .
Mounting Volumes . . . . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

100-004725-001
August 30, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
27
27
28
30
33
33
33
34
35
35
35
36
36
38
39
39
40
41
41
41
42
43
43
43
44
44
45
46
46
48
49
49
50
51
51
51
Manual
99a
Installing Networking Protocols . . . . . . . . . . . . . . . .

About Internet Protocol (IP). . . . . . . . . . . . . . . . .
About IPX . . . . . . . . . . . . . . . . . . . . . . . . . .
Using Both IP and IPX . . . . . . . . . . . . . . . . . . .
Setting Up Domain Name Service . . . . . . . . . . . . . . .
Configuring a NetWare Server as a DNS Server (Optional)
Setting the Server Time Zone . . . . . . . . . . . . . . . . .
Setting Up Novell eDirectory . . . . . . . . . . . . . . . . . .
Choosing the Type of eDirectory Installation . . . . . . . .
Install the Server into an Existing eDirectory Tree . . . . .
Creating a New eDirectory Tree . . . . . . . . . . . . . .
Summary . . . . . . . . . . . . . . . . . . . . . . . . . .
Licensing the NetWare Server . . . . . . . . . . . . . . . . .
Install Networking Products . . . . . . . . . . . . . . . . . .
Configuring IP-Based Services (Conditional). . . . . . . .
Installing Novell Certificate Server . . . . . . . . . . . . .
Configuring LDAP . . . . . . . . . . . . . . . . . . . . .
Installing Novell Native File Access Protocols . . . . . . .
Setting up NetWare WebAccess . . . . . . . . . . . . . .
Setting Up Novell iManage . . . . . . . . . . . . . . . . .
Install Novell iFolder . . . . . . . . . . . . . . . . . . . .
Install Novell NetStorage . . . . . . . . . . . . . . . . . .
Customizing the Installation . . . . . . . . . . . . . . . . . .
Completing the Server Installation . . . . . . . . . . . . . . .
Whats Next? . . . . . . . . . . . . . . . . . . . . . . . . . .
Updating NSS Volumes . . . . . . . . . . . . . . . . . .
Installing Additional Products . . . . . . . . . . . . . . . .
July 17, 2001
38
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Upgrade to NetWare 6
53
54
55
55
55
57
57
57
58
59
59
60
61
62
64
64
66
67
75
77
79
80
82
83
84
84
84
87
Meet System and Software Requirements . . . . .

System and Software Requirements . . . . . .
Software and Other Requirements . . . . . . .
Preparing the Network . . . . . . . . . . . . . . .
Preparing the Computer . . . . . . . . . . . . . .
Backing Up the NetWare Server Files . . . . .
Preparing Application Files Prior to Upgrading .
Verify a Valid DOS Partition . . . . . . . . . .
Access the Installation Files . . . . . . . . . .
Whats Next . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Contents

100-004725-001
August 30, 2001
Novell Confidential
88
88
88
89
93
93
93
94
94
95
Manual
99a
38

100-004725-001
August 30, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
Preface
This book is divided into the following sections:
Chapter 1, Welcome to NetWare 6, on page 11 explains the features and
benefits of NetWare 6. It also includes descriptions of products that ship
with NetWare 6 and how they add value to your network.
Chapter 2, Setting Up NetWare 6, on page 27 explains the prerequisites
and instructions for installing a NetWare 6 server.
Chapter 3, Upgrade to NetWare 6, on page 87 explains the prerequisites
and instructions for upgrading to NetWare 6 from a NetWare 3, 4, or 5
server.
NetWare 6 online documentation and any relevant corrections or updates
are also available at the Novell Product Documentation Web site (http://
www.novell.com/documentation).
Novell Education offers a variety of courses that help you maximize your
investment in NetWare 6. For course descriptions, details, and locations
of training events, visit the Novell Education Web site (http://
www.novell.com/education/netware6).
Also, a trademark symbol (, TM, etc.) denotes a Novell trademark. An asterisk
(*) denotes a third-party trademark.
Preface

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
User Comments
We want to hear your comments and suggestions about this manual and the
other documentation included with NetWare 6.
To contact us, send e-mail to webdoc@novell.com or send comments to:
Novell, Inc.
Product Documentation
MS PRV-E-232
Provo, UT 84606 USA
Fax (801) 861-3002
10

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
NetWare 6 provides your business and your network with new solutions,
updated products, and rock-solid applications that give you the power to
change.
NetWare 6 is the Net services software solution that adds tremendous value to
your companys ability to communicate on your network and on the Internet.
With nonstop access, Net-ready security, and high availability, NetWare 6
delivers file storage, printing, directory, e-mail, and database resources that
can be accessed as one Net across all type of networkscorporate and public,
wired and wireless, storage systems and client desktops.
NOTE: This section contains several references to other pieces of NetWare 6
documentation. This documentation is available on the NetWare 6 Online

Documentation CD and on the NetWare 6 Product Documentation Web site (http:/
/www.novell.com/documentation/lg/nw6p).
Make End Users More Effective with NetWare 6

NetWare 6 provides solutions that simplify the system administration
responsibility while at the same time increasing the efficiency of the end user.
Several new products help end users access, synchronize, and print their files
from any location.
Eliminate Client Software with Novell Native File Access Protocols

Novell Native File Access Protocols let Macintosh*, Windows*, and UNIX*
workstations access and store files on NetWare servers without having to
install any additional softwaresuch as Novell ClientTM software. The
software is installed only on the NetWare server and provides out of the box
network access. Just plug in the network cable, start the computer, and youve

100-004725-001
August 30, 2001
Novell Confidential
11
Manual
99a
38
July 17, 2001
got access to servers on your network. No more client configuration. No more

client software. No more problems.
For more information, see the Novell Native File Access Protocols Installation
and Administration Guide.
NetWare
Server
IP
CIFS
AFP
NFS
Windows
MAC
UNIX
Print from Anywhere with Novell iPrint

Novell iPrint allows mobile employees, business partners, and customers to
access printers from a variety of remote locations using existing Internet
connections. Users install printers and manage print jobs using a Web browser.
Administrators set up Web pages with a list of available printers or create
maps with printer locations to aid users in finding the printer closest to them.
For more information, see the iPrint Administration Guide.
Access and Manage Your Files from Anywhere with Novell iFolder
Novell iFolder is a file storage and management solution to the universal
problems associated with storing and retrieving data. With iFolder you have
the latest version of your data when you need it and where you need it from
any computer that you regularly use. And if you are not at a computer that you
regularly use, you can still access and manage your files if you have an
Internet connection and a Java*-enabled browser.
For more information, see the Novell iFolder Administration Guide.
12

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Office
Laptop
John Home
Novell
iFolder
Server
John Home
LDAP Directory
Home
John Home
John Home
Kathy Home
Your iFolder Files

through a Browser
Sam Home
Use Novell NetStorage to Access Files with an Internet Browser

Novell NetStorage provides simple Internet-based access to file storage and
serves as a bridge between a company's protected Novell network and the
Internet. It allows users secure file access from any Internet location, with
nothing to download or install on the user's workstation. Files and folders on
a Novell network can be accessed using either a browser or Microsoft* Web
Folders.
For more information, see the NetStorage Overview and Installation quick
start.
Store and Retrieve Network Data With Novell NetDrive

Novell NetDrive is a file storage solution to the universal problems associated
with storing and retrieving data. With NetDrive, users can map a drive to a
Web or FTP server with only an Internet connection, thereby eliminating the
need to have a Novell Client. When connected to the Web or FTP server, they
can perform all the familiar file operations that they now use in Windows
Explorer.
For more information, see the Novell NetDrive Administration Guide.

100-004725-001
August 30, 2001
Novell Confidential
13
Manual
99a
38
July 17, 2001
Access Internet Services from a Centralized Location with NetWare

WebAccess
NetWare WebAccess allows administrators to set up a Web page that lets users
access multiple network resources from their Web browser. Users do not need
a Novell Client or VPN client to access to their resources. They can access
these resources on the Web from any computer with a compliant browser.
Customized content is provided through gadgets. A gadget provides access to
specific content on the network. Gadgets communicate with the appropriate
back-end system to gather the necessary data for a particular userand users
can access it all with a single password.
For more information, see NetWare WebAccess Overview and Installation.
Manage the Network with NetWare 6

NetWare 6 includes many new utilities to help you easily and effectively
manage your network. As a network administrator, you will find that these
utilities provide you with a host of solutions to simplify, secure, and manage
your network.
Manage Your Network with NetWare Remote Manager

NetWare Remote Manager lets you use a Web browser to securely access
NetWare servers from any workstation and perform specific server
management tasks. From Remote Manager, you can monitor the health of your
servers, their processes, and CPU usage.
You can also perform common server management tasks more quickly such as
mounting and dismounting volumes, managing server connections,
configuring SET parameters, viewing the configuration of the server,
accessing files on volumes and DOS partitions, and even shutting down,
restarting, and resetting your server. Through the Console Screens applet, you
can view and run all the console screens just as though you were using the
keyboard at the server console.
14

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
For more information about NetWare Remote Manager, see the NetWare
Remote Manager Administration Guide.
Manage eDirectory Objects from an Internet Browser with iManage

iManage runs in an Internet browser and is used for administering, managing,
and configuring Novell eDirectory objects. iManage lets you assign specific
tasks or responsibilities to users and presents users with only the tools (and
accompanying rights) necessary to perform those tasks. In NetWare 6, you can
use iManage to administer iPrint, DNS/DHCP, and Novell Licensing Services.
For more information, see the Novell iManage Administration Guide.
Manage the Network with ConsoleOne

ConsoleOneTM is a Java-based administration tool that you can use to flexibly
manage Novell and third-party products on a variety of platforms. Running on
either a NetWare server or a Windows workstation, ConsoleOne provides a
single point of administration for your network resources, including
eDirectory objects, schema, partitions, replicas, and NetWare servers.
With ConsoleOne, you can modify properties of multiple files, folders,
objects, and volumes simultaneously. You can also use ConsoleOne to quickly
browse large eDirectory trees, manage user accounts, administer rights, and
extend eDirectory schema.

100-004725-001
August 30, 2001
Novell Confidential
15
Manual
99a
38
July 17, 2001
Novell ConsoleOne
For more information, see the ConsoleOne 1.3 User Guide.
Manage IP Addresses with the Novell DNS/DHCP Administration Tool

The DNS/DHCP Administration Tool runs in an Internet browser and enables
network administrators to easily configure and manage DNS (Domain Name
System Service) and DHCP (Dynamic Host Configuration Protocol Service).
For more information, see the Novell DNS/DHCP Services Administration
Guide.
Powering Net Services with Novell Web Services

Novell Web Services is a collection of products such as Tomcat Servlet
Engine, NetWare Enterprise Web Server, Apache Web Server, and WebDAV,
technologies that enable Novells Net Services products to work.
The following diagram depicts the role that Novell Web Services plays as the
Web-enabling technology for Net Services Software such as iFolder, iPrint,
iLogin, and Web Search Server.
16

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Internet
Laptop
PC
Firewall
Net
Services
Web
Sevices
iFolder
iLogin
iPrint
Tomcat
Servlet
Engine
eFrame
Web
Search
Enterprise
Web
Server
etc.
Portal
Services
Apache
Web
Server
HTTP
Stack
NetWare
NetWare 6 lets you manage documents with WebDAV, transfer files using
FTP, and communicate with HTTP.
For more information, see Getting Results with Novell Web Services.
Manage Novell Web Services with NetWare Web Manager
NetWare Web Manager is the tool you use to manage all of your Novell Web
Services and to access other Web-based management tools. You can manage
your Novell Web Services from any place on the Internet using an Internet
browser.
For more information, see "Introducing NetWare Web Manager" in Getting

100-004725-001
August 30, 2001
Novell Confidential
17
Manual
99a
38
July 17, 2001
Publish Web Pages with NetWare Enterprise Web Server

The NetWare Enterprise Web Server is optimized to run in the NetWare
environment. It serves up Web pages to the Internet, an intranet, or an extranet.
Use the NetWare Enterprise Web Server to communicate across departments
or throughout the world. Let customers, suppliers, vendors, or consultants
access specific information. Of course, you can publish information on the
Internet so that the whole world can see it and even contribute to it.
For more information, see "Putting the Web Server to Work" in Getting
Run Applications on NetWare Using the Tomcat Servlet Engine

If you have or develop java applications that run on a server, NetWare 6 can
run them using the Tomcat Servlet Engine.
For more information, see "Extending Your Server with Programs" in Getting
Provide Custom Search Services with NetWare Web Search Server

NetWare Web Search allows users to find the information they're looking for
on any of your public and private Web sites, your partners' sites, and any
number of additional Web sites across the Internet all from a single search
form on your Web page. You can easily modify the look and feel of any of the
For more information, see "Introducing NetWare Web Search Server" in
Getting Results with Novell Web Services.
Manage UNIX and NetWare Networks with Network Information

Services
Network Information Service (NIS) lets you use Novell eDirectoryTM to
manage UNIX computers by providing information about users, groups, and
hosts and other information that NIS client might require. It maintains all
information in the form of eDirectory objects organized under the eDirectory
tree. NIS supports standard NIS maps and user-defined (custom) NIS maps.
For more information, see the Novell Native File Access Protocols Installation
and Administration Guide.
18

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Track Network Usage with Novell Advanced Audit Service

Novell Advanced Audit Service (NAAS) is an Novell eDirectory enabled
robust, flexible, and scalable auditing framework. It can audit services, both
Novell and third-party, and can provide a single, unified view of audit data for
the entire Net. It provides a single point of management by storing
configurable audit policies in eDirectory.
It adds auditing capability to the Net and thus addresses the security-related
concerns of enterprises when their networks are thrown open to their
customers, suppliers, and partners.
For more information, see the Novell Advanced Audit Service Administration
Guide.
Track Application Licenses with Novell Licensing Services

Novell Licensing Services (NLS) is a distributed, enterprise network service
that enables administrators to monitor and control the use of licensed
applications on a network. NLS also provides a basic license metering tool, as
well as libraries that export licensing service functionality to developers of
other licensing systems. NLS is tightly integrated with the Novell eDirectory
technology and is based on an enterprise service architecture.
For more information, see the Novell Licensing Services Administration
Guide.
Build on an Established Networking Platform

NetWare 6 combines new technologies with a tried-and-true network
operating system, giving you a platform that meets the needs of your growing
business and network.
Increase Availability with Novell Cluster Services

NetWare 6 includes Novell Cluster ServicesTM, which ensures high
availability and manageability of critical network resources including data
(volumes), applications, server licenses, and services. It is a multinode
clustering product for NetWare that is enabled for Novell eDirectory and
supports failover, failback, and migration (load balancing) of individually
managed cluster resources.

100-004725-001
August 30, 2001
Novell Confidential
19
Manual
99a
July 17, 2001
38
Novell Cluster Services allows you to configure up to 32 NetWare servers into

a high-availability cluster, where resources can be dynamically switched or
moved to any server in the cluster. Resources can be configured to
automatically switch or be moved in the event of a server failure, or they can
be moved manually to troubleshoot hardware or balance the workload.
Network Hub
Network
Interface
Card(s)
Server 1
Sys
Server 2
Sys
Server 3
Sys
Server 4
Sys
Fiber Channel
Switch
Server 5
Sys
Server 6
Fiber
Channel
Card(s)
Sys
Shared Disk
System
For more information, see Novell Cluster Services Overview and Installation.
Manage Millions of Network Objects with Novell eDirectory

Novell eDirectory is a full-service, platform-independent LDAP directory that
can store and manage millions of objects, such as users, applications, network
devices, and data.
Novell eDirectory provides replication and partitioning capabilities and serves
as the foundation for directory-enabled services such as automated businessrelationship management, supply-chain management, electronic store fronts,
automated provisioning, enhanced security, customer profiling, electronic
wallets, automated notification systems, customized Web interfaces, and
virtual private networks (VPNs).
For more information, see the Novell eDirectory 8.6 Administration Guide.
20

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Manage Disk Storage Devices with Novell Storage Services

Novell Storage Services (NSS) is a file storage and management system that
meets the needs of your growing file system requirements. NSS can take free
space from multiple storage devices and create unlimited volumes which can
store up to 8 trillion files (each up to 8 terabytes in size). You can quickly
mount as many as 255 volumes. NSS lets you mount, configure, and maintain
volumes without disrupting the work of end users.
For more information, see the Novell Storage Services Administration Guide.
Mint Digital Certificates with Novell Certificate Server

Novell Certificate Server allows you to mint, issue, and manage digital
certificates. When Novell Certificate Server is installed, it creates a Security
container object, an Organizational Certificate Authority (CA) object, and two
server certificates. The server certificates enable secure data transmissions
and is required for Web-related products such as NetWare Web Manager and
NetWare Enterprise Web Server.
For more information, see Novell Certificate Server.
Verify Identity with Novell Modular Authentication Service

Novell Modular Authentication Service (NMAS) is designed to help you
protect information on your network. NMAS brings together additional ways
of authenticating to Novell eDirectory and to Windows NT/2000 networks to
help ensure that the people accessing your network resources are who they say
they are.
For more information, see the Novell Modular Authentication Service

100-004725-001
August 30, 2001
Novell Confidential
21
Manual
99a
38
July 17, 2001
Back up Data with Storage Management Services

Storage Management ServicesTM (SMSTM) is the data protection system for all
your storage requirements. SMS allows backup and restore of targets such as
eDirectory, the file system, or an individual workstation's hard disk onto a tape
device that can be stored offsite.
If you have a hardware failure, corrupted data, or incorrectly deleted or
changed data, you can recover a previous version of the data. New features of
SMS to look for are superior performance and support for cluster resources.
For more information, see the Storage Management Services Administration
Guide.
Communicate with IP, the Protocol of the Internet

Novell TCP/IP software allows connectivity between different hosts in an
Internet environment. The TCP/IP stack lets you group multiple boards using
a multihoming feature. It also allows you to balance the load across different
configured boards and to ensure minimum downtime in case of board failure.
It provides high security, performance, and reliability of the host in the
Internet environment.
Novell TCP/IP offers an extensive set of configurable parameters for all
supported protocols. You can use these parameters to modify the default
characteristics of the initial configuration and also to configure advanced
features and optimize host, router, and LAN performance options.
For more information, see the TCP/IP Administration Guide.
Support IPX Applications with Compatibility Mode Driver

The Compatibility Mode Driver (CMD) helps you access NetWare services
using the IP protocol. The CMD services are used only when the system uses
an IPXTM application or tries to establish connections between IP and IPX
systems. These drivers are automatically loaded on both the NetWare clients
and servers when installed as IP-only systems. The IPX Compatibility Driver
also allows IP systems to communicate with IPX systems by using Migration
Agents.
The Migration Agent is a migration component that enables communication
between IPX and IP systems and creates an IP backbone that connects IPX
22

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
segments. The Migration Agent is used to migrate systems from IPX to IP in

a phased manner without losing connectivity.
For more information, see the Server Communications Administration Guide.
Reduce Deployment Costs with NetWare 6

NetWare 6 includes several options that help you install a new server, upgrade
a legacy NetWare server, or migrate from a Windows NT* server. Whether
you need to install one or a thousand servers, NetWare 6 has an installation
option that will help you get the job done.
Streamline the Server Installation with the NetWare 6 Express

Installation
NetWare 6 includes an installation option that lets you accept the
recommended default values and quickly install a server. Drivers for disks and
network boards are automatically discovered and loaded, volume SYS: is
automatically created, and default products are installed. Using the Express
Installation option, youll breeze through the task of installing a server.
Customize the Server Configuration with NetWare 6 Custom

Installation
If your networking environment requires a specific configuration, NetWare 6
lets you select which components and products will be installed and what
location they will be installed to. You can also make volumes and partitions as
large as you want. The NetWare 6 Custom Installation option gives you the
flexibility you require.
Migrate Network Data to another Server with NetWare Migration

Wizard
NetWare Migration Wizard is a solution to the difficulties associated with
upgrading your hardware and software. The Migration Wizard migrates data
from Windows NT and NetWare 3, 4, 5, or 6 to a computer running NetWare
5 or 6.
For more information, see the NetWare Migration Wizard 6 Administration
Guide.

100-004725-001
August 30, 2001
Novell Confidential
23
Manual
99a
38
July 17, 2001
Use Other Installation Options to Simplify the Move to NetWare 6

Several other options are also available to help you install or upgrade to
NetWare 6.
Quickly upgrade with NetWare Accelerated UpgradeYou can run NetWare
Accelerated Upgrade from a Windows client workstation so that you dont
need to be physically present at the server console. Although NetWare
Accelerated Upgrade is quicker than the standard installation process, it does
not install additional network products, licensing services, or license
certificates.
Automate the NetWare installation with a response fileInstalling the
NetWare operating system software can be easier and more flexible when you
use a response file. When used with the graphical server installation, a
response file lets you set and display specific default values, bypass entire
sections of the installation, and automate the entire server installation process.
Use installation scripts to control the installationNetWare installation
scripts let you alter or extend the NetWare installation process. You can use
installation scripts to install additional products on a server after the operating
system has been installed.
For more information on these options, see Other Installation Options.
Lets Get Started

Now that youre familiar with the power of NetWare 6, you can see that it
provides you with a lot of options. The next step is to decide what products
and solutions you wantand then install your NetWare 6 servers.
Step 1: Decide What Solutions You Want

Before installing your NetWare 6 servers, make sure that you read all about
your chosen solutions. Some products require that you install the server in a
specific way.
Step 2: Install or Upgrade to NetWare 6

You have several options for installing and upgrading to NetWare 6. Choose
the option that best meets your needs and follow the instructions provided.
24

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Installation Option
Refer to
Add a NetWare 6 server to an

existing network
Chapter 2, Setting Up NetWare

6, on page 27
Upgrade from NetWare 3,

NetWare 4, or NetWare 5
Chapter 3, Upgrade to NetWare

6, on page 87
Migrate data from another

NetWare server or NT Server

Administration Guide
Use advanced installation/

upgrade options
Other Installation Options
All this information is available on the NetWare 6 Online Documentation CD

included with the NetWare 6 product and on the NetWare 6 Product
Documentation Web site (http://www.novell.com/documentation/lg/nw6p).

100-004725-001
August 30, 2001
Novell Confidential
25
Manual
26
99a
38

100-004725-001
August 30, 2001
Novell Confidential
July 17, 2001
Manual
99a
July 17, 2001
38
This chapter describes how to set up a NetWare 6 server. The process
includes the following tasks:
Meet system and software requirements
Prepare the network and the computer
Determine the type of installation
Specify hardware and software settings
Create volume SYS:
Name the server and install the server file system
Install networking protocols
Set up Novell eDirectory
Install other networking products
Meeting System and Software Requirements

System Requirements
NetWare will run on the minimum system requirements listed below. For
optimal performance, the computer should meet the recommended
requirements.
Minimum System Requirements
NetWare 6 has the following minimum system requirements:

A server-class PC with a Pentium* II or AMD* K7 processor
256 MB of RAM

100-004725-001
August 30, 2001
Novell Confidential
27
Manual
99a
38
July 17, 2001

A DOS partition of at least 200 MB and 200 MB available space
2 GB of available disk space outside the DOS partition for volume SYS:
One network board
A CD drive
A USB, PS/2*, or serial mouse (recommended but not required)
Recommended System Requirements
For optimal performance, NetWare 6 has the following recommended system

requirements:
A server-class PC with two-way Pentium III 700 MHz or higher
processors
NOTE: NetWare 6 can run on as many as 32 processors.
512 MB of RAM
A Super VGA or higher resolution display adapter
A DOS partition with 1 GB of available space
NOTE: To determine the optimal size of a boot partition, add the amount of server
memory to the minimum amount of the available disk space. The minimum amount
of available space is 200 MB, so a server with1024 MB RAM has an optimal boot
partition of 1224 MB (1024 MB + 200 MB = 1224 MB). This size will allow you to
do a core dump to the disk drive if required.
4 GB of available disk space outside the DOS partition

One or more network boards
A bootable CD drive that supports the El Torito specification
A USB, PS/2, or serial mouse
Software and Other Requirements

Depending on the network configuration, you might need one or all of the
following software and information:
Supervisor right at the [Root] of the eDirectoryTM tree
28

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Supervisor right to the container where the server will be installed

DOS and CD drivers (required if the computer does not boot from CD)
You can make a bootable floppy diskette using the MKFLOPPY.BAT
program located in the INSTALL directory of the NetWare 6 Operating
System CD.
Client connection utilities (optional, for installing from a network):
Novell ClientTM for DOS and Windows* 3.1x (optional, for installing
from a NetWare server running IPXTM).
IP Server Connection Utility (optional, for installing from a NetWare
server running IP only).
For instructions, see PRODUCTS\SERVERINST\IPCONN.TXT on
the Novell Client CD.
An IP address
For IP addresses and domain names, contact your network
administrator and Internet Service Provider.
Network board and storage device properties, such as the interrupt and
port address (required if not included in NetWare)
For more information, contact your computer hardware manufacturer.
Next, you should prepare the network for the NetWare 6 server. If this server
is not being integrated into an existing network, you can skip to Preparing the
Computer on page 33.

100-004725-001
August 30, 2001
Novell Confidential
29
Manual
99a
38
July 17, 2001
Preparing the Network

Before you introduce a NetWare 6 server into an existing network, you must
run NetWare Deployment Manager to update the network.
To update the network for NetWare 6, you must do the following:
1 Log in from a Windows 95/98 or Windows NT/2000 workstation to your
existing network as a user with the Supervisor right.

If prompted to log into the network while using NetWare Deployment
Manager, you can enter the server name or click Details and specify the
IP address.
2 Run NetWare Deployment Manager (NWDEPLOY.EXE), located on the
NetWare 6 Operating System CD.
3 Double-click the Network Preparation folder to view the tasks and read
the Overview section to get an understanding of the tasks.

4 Back up any server data and Novell eDirectory data following the
instructions in the Back Up Data step.
30

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
5 Run the View and Update eDirectory Version program to update
eDirectory as required.
HINT: If you are prompted to log in again while running NetWare Deployment
Manager, you can enter the IP address of the server by clicking Details.
6 Run the Prepare for eDirectory program to extend the network schema.

100-004725-001
August 30, 2001
Novell Confidential
31
Manual
99a
38
July 17, 2001
7 (Conditional) If you are upgrading a cluster of NetWare servers, run the
Prepare a Novell Cluster for Upgrade program.

8 (Conditional) If you are upgrading a NetWare 5 server running NDS 7
that has NSS volumes, run the Prepare a Server with NDS 7 and NSS
program.
9 Follow the instructions in the Update Certificate Authority (CA) Object
step to create or update a Security container object and a Certificate

Authority (CA) object.
After you have completed the Network Preparation section of NetWare
Deployment Manager, read through the Installation / Upgrade Options section
to help you decide the option that best meets your needs.
After choosing an installation or upgrade option, you should now prepare the
computer to be a NetWare 6 server.
32

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Preparing the Computer

To prepare your computer for NetWare 6, do the following:
Install computer and networking hardware
Create and format a DOS partition
Access the installation files
Installing Computer and Networking Hardware

Follow the manufacturers instructions to install and connect the network
board and network cabling to your computer. Make sure that all storage
devices are properly attached to storage adapters.
Creating and Formating a DOS Partition

NetWare requires a DOS partition to start the computer and load NetWare. The
DOS partition contains the NetWare startup and server files.
HINT: You should increase the size of your DOS partition to accommodate your
specific configuration requirements. See System Requirements on page 27.
To create and format a DOS partition, complete the following steps.

1 Back up any desired data to another computer or offline storage media.
2 Insert the NetWare 6 Operating System CD and boot the computer.
3 Complete one of the following:
If the computer boots from the CD, follow the on-screen prompts to
create and format a partition. Skip to Selecting the Language and
Accepting the License Agreement on page 36.
If you will be installing from files located on another server, continue

with the following steps.
If the computer does not boot from the CD, continue with the
following steps.
4 Boot your computer with DOS 3.3 or later.
You can make a bootable floppy diskette using the MKFLOPPY.BAT

program located in the INSTALL directory of the NetWare 6 Operating
System CD. You can boot from the NetWare 6 License/Cryptography

100-004725-001
August 30, 2001
Novell Confidential
33
Manual
99a
38
July 17, 2001
diskette. DOS 7 and all required DOS utilities are included on the diskette
and on the CD.
5 If the computer already has an operating system installed, such as
Windows or NetWare, you should completely remove the partitions and

the operating system.
Use FDISK to remove partitions.
6 Use FDISK to create an active DOS partition by entering FDISK.
Create a primary DOS partition and make it the active partition. See
System Requirements on page 23 for minimum requirements.
The computer will restart.
7 Format and transfer DOS system files to the partition by changing to drive
A: and entering FORMAT C: /S.

Your computer should now have an active DOS partition that meets or exceeds
the minimum requirements. Continue the installation by accessing the
installation files.
Accessing the Installation Files

NetWare 6 can be installed from the servers local CD drive or from
installation files located on the network. To access the NetWare 6 installation
files, complete the following steps.
1 Install the DOS CD driver for your CD drive onto the DOS partition.
DOS CD drivers are provided by the CD drive manufacturer.

Make sure that the logical filename of your CD drive (specified in the
CONFIG.SYS and AUTOEXEC.BAT files) is not CDROM or CDINST.
2 Make sure that the CONFIG.SYS file contains the FILES=50 and
BUFFERS=30 commands.
3 (Conditional) If you are installing from files located on a network, install
the Novell Client for DOS and Windows 3.1x or IP Server Connection
Utility software located on the Novell Client CD.
After accessing the files for the installation program, you can begin the
installation.
34

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Installing the Software

To begin the installation, complete the following steps.
1 Insert the NetWare 6 Operating System CD, or log in to the network to
access the installation files on the network.

2 At the CD drive or network drive prompt, enter INSTALL.
Navigating in the Character-Based Screens

The initial screens of the installation program display in text-based mode.
Auto-detected and default settings appear on each screen.
You can accept the detected and default settings, or you can modify the
settings to meet the needs of your networking environment.
HINT: To continue the installation with the standard settings, use the arrow keys
to select Continue in the Options box and then press Enter.

To modify the settings, use the arrow keys to select Modify in the Options box and
then press Enter. Select the field to be modified and press Enter. Select or enter
the appropriate value.
Some screens require additional keystrokes in order to navigate through the

interface. Information about screen navigation appears at the bottom of each
screen.
Selecting the Type of Installation and Regional Settings

To select the type of installation and select regional settings, you must
Select the language and accept the License Agreement
Select the type of installation
Specify server settings
Select the regional settings
Select the mouse and video type

100-004725-001
August 30, 2001
Novell Confidential
35
Manual
99a
38
July 17, 2001
Selecting the Language and Accepting the License Agreement

The installation program is available in several languages. You can install
other language options, such as the language for the operating system or for
users, later during the installation program.
Accepting each License Agreement means that you have read and you accept
terms and conditions contained in the License Agreement. Press F10 to accept.
Selecting the Type of Installation

Express Installation or Custom Installation
Express Installation
The Express Installation automatically detects drivers and installs the

NetWare server with default settings and default software programs.The
settings include the following
4 GB volume SYS: (Any remaining disk space will be left as free space.)
LAN and disk drivers: Auto-discovered and loaded
Default products installed
Country Code: 1
Codepage: 437
Video mode: VGA Plug N Play
Keyboard: United States
Mouse: Auto-discovered and loaded
Custom Installation
The Custom Installation allows you to choose specific configuration options

for your networking environment.
36

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
New Server, Upgrade or Pre-Migration Server
You can install NetWare on a new computer or you can upgrade an existing
computer running NetWare 4 or NetWare 5.
New ServerInstalls a new server. Creates a new NetWare partition but

does not delete system partitions or other partitions such as DOS, UNIX*,
or Windows.
If you select Express Installation, you can skip to Naming the Server on
page 46.
UpgradeIf you are upgrading an existing server from a previous
version of NetWare, select Upgrade. Upgrading retains all your server
data such as files, directory structures, partitions, and volumes.
If you select Upgrade, you will skip entire sections of this chapter,
depending on the configuration of the server.
Pre-MigrationA Pre-Migration server is used to migrate data from one
server to another using the NetWare Migration Wizard. For more
information, see the NetWare Migration Wizard 6 Administration Guide.
To select the type of installation, in the Options box, select Modify and press
Enter. Select the installation type and then return to the Options box to
continue.

100-004725-001
August 30, 2001
Novell Confidential
37
Manual
99a
38
July 17, 2001
Specifying Server Settings

You can change the following default server settings for your networking
environment.
Server ID NumberA unique server identification number (up to eight
hexadecimal digits) identifies the server on the network. The server ID
number functions like an internal IPX number. Although a server ID
number is created automatically, you might need to enter a specific server
ID number if you are installing in either of the following conditions:
Filtered environmentRouters between network segments can be
configured to forward data only from specific computer addresses.
Data being sent from other computer addresses is not forwarded to
other segments.
NOTE: If you are accessing the installation files from a server on a different
network segment, you might not be able to reconnect to the server to
complete the installation unless you specify an unfiltered server ID number.
Numbering schemeSome network administrators set up a

predetermined numbering scheme to identify servers in particular
locations or organizations. For example, all servers in building A
might begin with 0101, and all servers in building B might begin with
0102.
If you choose to install IP and not IPX, the SERVERID reference is not
used and is removed from the AUTOEXEC.NCF file. You can add IPX
after the server installation by adding the SERVERID
8_digit_number command after the SERVERNAME command in the
AUTOEXEC.NCF file.
Load Server at RebootSelect No if you do not want the
AUTOEXEC.BAT and CONFIG.SYS files to contain the commands to
automatically load the server operating system when the computer
reboots. If you select Yes (default), the old AUTOEXEC.BAT and
CONFIG.SYS files are renamed and saved with a .00x extension.
Server SET ParametersYou might need to modify the SET
parameters for some device drivers, such as for network boards and
storage devices, in order to complete installation. SET parameters are
saved to the STARTUP.NCF file.
Startup DirectoryThe directory on the DOS partition that contains the
files to launch the NetWare server. (This field will display only during an
upgrade.)
38

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Selecting the Regional Settings
Choose the country, code page, and keyboard mapping for your language and
computer.
Selecting the Mouse and Video Type

100-004725-001
August 30, 2001
Novell Confidential
39
Manual
99a
38
July 17, 2001
Mouse TypeChoose a mouse type, if available on the computer. The

installation program supports USB, PS/2 and serial mouse types, but a
mouse is not required.
Video TypeThe NetWare installation program is optimized to display
with video display hardware that is VESA 2 compliant.
NOTE: The video type is not auto-detected by the installation program. You must
select the settings for the computer.
Selecting a Platform Support Module and Storage

Adapter
To select a platform support module and storage adapter, you must
Select a platform support module (if required)
Select a PCI Hot Plug module (if required)
Select and configure a storage adapter
To add a driver, in the Options box select Modify. Select the driver field and
press Enter. Press Insert to select from a list of drivers provided with NetWare.
Press Insert again to install a driver from diskette.
40

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
To delete a driver, in the Options box select Modify. Select the driver field and
press Enter. Select the driver to delete and press Delete.
To modify a driver, in the Options box select Modify. Select the driver field
and press Enter. Select the driver to modify and press Enter. Select the
property to modify.
Selecting a Platform Support Module (If Required)

A platform support module (PSM) provides increased performance for
multiprocessor computers and some specific hardware configurations. If a
PSM driver is required, it will be auto-detected. If the installation program
does not detect a PSM driver, your computer does not need one.
NOTE: If a PSM driver is detected on a computer without multiple processors, you
can allow the driver to load without adversely affecting performance.
Selecting a PCI Hot Plug Module (If Required)

Computers that support PCI Hot Plug technology allow storage adapters and
network boards to be inserted and removed while the computer is on. If the
installation program does not detect a PCI Hot Plug support module, your
computer probably does not support the PCI Hot Plug technology.
Selecting a Storage Adapter

A storage adapter provides a link between the computer and one or more
storage devices. The storage adapter requires a software driver called a host
adapter module (HAM) in order to communicate with the computer (host).
Storage devices require a separate driver called a custom device module
(CDM).
NOTE: .DSK drivers are no longer supported. Instead, NetWare uses the
enhanced capability of NetWare Peripheral ArchitectureTM (NWPA). NWPA

requires a HAM and a CDM.
Because a single adapter can control more than one type of storage device,
your computer might require only a single HAM, even though it can have
more than one type of storage deviceand therefore multiple CDMs.
The installation program auto-detects many types of storage adapters, such as
IDE and SCSI adapters. If your storage adapter is not detected, select the
appropriate driver from the list of available drivers provided with NetWare or
add a new driver from a diskette. HAMs can be obtained from the storage
adapter manufacturer.

100-004725-001
August 30, 2001
Novell Confidential
41
Manual
99a
38
July 17, 2001
Editing the Properties of the Storage Adapter (If Required)
The storage adapter must be installed and configured correctly. Properties

such as interrupt, port value, and slot must not conflict with any other device
in the computer. If you need specific storage adapter properties, contact the
storage adapter manufacturer.
Selecting a Storage Device and a Network Board

To select a storage device and network board, you must
Select and configure the storage device
Select and configure the network board
Load a NetWare Loadable Module program (if required)
To add a driver, in the Options box select Modify. Select the driver field and
press Enter. Press Insert to select from a list of drivers provided with NetWare.
Press Insert again to install a driver from diskette.
To delete a driver, in the Options box select Modify. Select the driver field and
press Enter. Select the driver to delete and press Delete.
To modify a driver, in the Options box select Modify. Select the driver field
and press Enter. Select the driver to modify and press Enter. Select the
property to modify.
42

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Selecting a Storage Device

Storage devices such as hard disks, CD drives, and tape devices require a
software driver to communicate with the storage adapter. The software driver
for the storage device is called a custom device module (CDM). Each type of
storage device requires a CDM.
The installation program auto-detects many types of storage devices, such as
IDE drives, SCSI drives, CD drives, and tape drives. If your storage device is
not detected, select the appropriate driver from the list of available drivers
provided with NetWare 6 or add a new driver from a diskette. CDMs can be
obtained from the storage device manufacturer.
Selecting a Network Board

Network boards, such as the Novell NE3200TM board, require a software
driver in order to communicate with the network. The software driver for a
network board is called a LAN driver.
The installation program auto-detects many types of network boards. If your
network board is not detected, select the driver for the network board from the
list provided with NetWare 6 or add a new driver from a diskette. You can
obtain LAN drivers from the network board manufacturer.
Editing the Properties of the Network Board (If Required)
The network board must be installed and configured correctly. Properties such
as interrupt, port value, and slot must not conflict with any other device in the
computer. If you need specific network board properties, contact the network
board manufacturer.
Loading a NetWare Loadable Module (If Required)

Some server and network configurations require you to load a NetWare
Loadable Module (NLM) program before completing the server installation.
For example, you can load ROUTE.NLM for installing in a token ring
environment.

100-004725-001
August 30, 2001
Novell Confidential
43
Manual
99a
38
July 17, 2001
Creating a NetWare Partition and Volume SYS:

Partitions correspond with operating systems, such as NetWare, DOS, or
UNIX. Partitions divide a large storage region into smaller, more manageable
sections. A single storage device can contain up to four partitions.
You can divide NetWare partitions into smaller sections called volumes. Each
NetWare partition can contain up to eight volumes.
To create a NetWare partition and volume SYS:, you must
Remove an existing volume SYS: (conditional)
Create a NetWare partition
Create volume SYS:
Set the size of the NetWare partition and volume SYS: (if required)
Modify the properties of volume SYS: (if required)
Removing an Existing Volume SYS: (Conditional)

If the computer already has a volume SYS: from a previous installation, the
volume and all its data will be deleted.
IMPORTANT: To retain the data on volume SYS:, you should exit and restart the
installation program and select Upgrade from the Type of Installation screen.
44

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
When removing volume SYS: during a new server installation, you must
choose one of the following options:
Replace Volume SYS: and its NetWare PartitionThis removes the
existing volume SYS: as well as the entire NetWare partition containing
volume SYS:. Any volume that is part of the NetWare partition that
contains volume SYS: is also removedeven if the volume spans to
other NetWare partitions.
Remove All NetWare Volumes and NetWare/NSS PartitionsThis
removes all NetWare volumes and all NetWare/NSS partitions.
Remove All but Shared Volumes and PartitionsThis option is
available only if shared storage has been detected on the server.
Any option will remove only NetWare partitions. Other types of partitions,
such as DOS, UNIX, and system/utility partitions will not be removed.
Creating Volume SYS:

During the initial stages of installation, the installation program guides you
through the steps to create a single NetWare partition containing volume
SYS:. It is created as a Novell Storage Services (NSS) volume, which has
many advantages over a traditional volume.
The NetWare 6 operating system requires a volume SYS: that meets the
requirements specified in System Requirements on page 27.

100-004725-001
August 30, 2001
Novell Confidential
45
Manual
99a
38
July 17, 2001
Volume SYS: SizeThe size that you specify for the NetWare partition will
be used for the size of volume SYS:.
To modify the volume SYS: size, in the Options box select Modify. Select the
appropriate storage device. Select the NetWare Partition Size field and press
Enter. Backspace over the current size. Type the new size and press Enter. The
size of volume SYS: will change accordingly. Press F10 to save the settings
and continue.
If you plan to have additional volumes on the server, remember to reduce the
size of the NetWare partition and volume SYS: so that the appropriate amount
of disk space is available for other volumes.
Additional volumes can be created later during the installation program or
after completing the installation using ConsoleOneTM.
HINT: Although an NSS volume SYS: is recommended for most server
installations, you can create a traditional volume SYS: by pressing F5.
Summary
NetWare system files will now be copied to volume SYS:.
If you are installing from the network, you will be prompted to reconnect to
the network. To continue the installation, enter the password for the user that
originally logged in.
The NetWare installation program will continue in graphical display mode.
Naming the Server

The NetWare server name must be unique from all other servers on the
eDirectory tree. The name can be between 2 and 47 alphanumeric characters
and can contain underscores (_) and hyphens (-), but no spaces. The first
character cannot be a period (.).
IMPORTANT: The server name must be different from the name that you plan to
use for the eDirectory tree.
46

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Although a mouse is recommended, you can use the keyboard commands in

Table 1 to navigate through the installation program. Use the arrow keys on
the numeric keypad for cursor movements.
HINT: NumLock (number lock) must be on in order for cursor movements to be
enabled on the keypad.

Table 1
Graphical Mode Keyboard Actions

Keystroke
Action
Tab
Move to next element
Shift+Tab
Move to previous element
Enter
Select
Ctrl+Tab
Move to next text area
Up-arrow (keypad 8)
Move cursor up
Down-arrow (keypad 2)
Move cursor down
Right-arrow (keypad 6)
Move cursor right
Left-arrow (keypad 4)
Move cursor left

100-004725-001
August 30, 2001
Novell Confidential
47
Manual
99a
38
July 17, 2001
Keystroke
Action
Hold Shift while pressing

keypad
Accelerate cursor movement
Keypad 5
Select or click an object
Keypad 0
Lock a selected object (for dragging)
Keypad . (period)
Unlock a selected object (to drop)
Keypad + (plus)
Double-click an object
Alt+F7
Move to next window
Alt+F8
Move to previous window
Enabling Cryptography
Some technologies require the use of cryptography. To enable cryptography,
you must provide a cryptographic file (.NFK) which is located on the NetWare
6 License/Cryptography diskette.
To enable cryptography, insert the NetWare 6 License/Cryptography diskette,

browse to the License directory, and select the .NFK file.
48

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Installing the NetWare Server File System

The server should now have a NetWare partition and one volume named SYS:.
If you have space available for creating additional partitions and volumes, you
can create them now.
NOTE: If you have allocated all available space to volume SYS:, you will not be
prompted for NetWare server file system information. You can skip to Installing
Networking Protocols on page 53.
When installing the NetWare file system, you can

Create additional volumes
Modify volumes
Delete volumes
Understanding Volumes
Volumes allow you to subdivide your partitions into more manageable
sections. Additional volumes can be created from any available free space on
a storage device. Volume names can be between 2 and 15 characters. Valid
characters include A through Z, 0 through 9, and characters _ ! - @ # $ % & (
). The volume name cannot begin with an underscore (_) or have two or more
consecutive underscores.
You can create two types of volumesNovell Storage Services (NSS)
volumes or traditional volumes.
NSS volumeNSS is advanced file system technology that enhances the
management of large files, large volumes, namespaces, and storage
devices. The time required to mount large volumes is significantly
reduced with NSS.
Traditional NetWare volumeAlthough not recommended,
Traditional NetWare volumes might be required to use data migration,
File Transfer Protocol (FTP), VREPAIR, Network File System (NFS), or
file name locks.

100-004725-001
August 30, 2001
Novell Confidential
49
Manual
99a
38
July 17, 2001
Creating Volumes
Volumes are created from free space. A large disk can be divided into several
volumes during installation. Conversely, a volume can be distributed over
multiple disks.
WARNING: Creating a volume that spans two or more storage devices is not
recommended. If a volume spans disk devices and one of the devices fails, all data
on the entire volume could be lost.
50

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
To create a volume, select Free Space and click Create. Type the name of the
volume and click OK.
To allocate only a portion of the selected free space to the volume, type the
amount of space to use and click Apply to Volume.
Modifying Volumes
The size of any existing volume can be increased but not decreased. To
decrease the size of an existing volume, the volume must be deleted and recreated.
To add to the size of a volume, select an additional free space, type the amount
of space to use, and click Apply to Volume.
Deleting Volumes
You can delete any volume you have created except volume SYS:. When a
volume is deleted, all data on the volume is lost.
Mounting Volumes
In order for volumes to be accessed by NetWare, they must be mounted.
Volumes can be mounted immediately or at the end of installation.

100-004725-001
August 30, 2001
Novell Confidential
51
Manual
99a
38
July 17, 2001
Mount Volumes NowYou should mount volumes now if you plan to

install additional products and services, such as documentation, on
volumes other than volume SYS:. You should also mount volumes that
you might be moving forward from a previous NetWare server so they can
be updated.
Mount Volumes after Installation CompletesIf you are installing
products and services on volume SYS: only, you can wait to mount
volumes after the installation program completes.
Upgrading a NetWare Server with NSS Volumes
If you are upgrading a NetWare server with NSS volumes, the NSS volumes
will not appear or mount until they are updated. Updating NSS volumes is
done after finishing the server upgrade by following the instructions in
Updating NSS Volumes on page 84.
52

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Installing Networking Protocols

NetWare 6 can process IP (Internet Protocol) network packets and traditional
IPX (Internetwork Packet ExchangeTM) packets. Both protocols can be
assigned to a single network board, which allows the server to communicate
using IP and IPX.
To install IP, click a network board and then check the IP check box. Enter the
required IP information. To install IPX, click a network board and then check
the IPX check box.
If you choose to install IP and not IPX, the SERVERID reference is not used
and is removed from the AUTOEXEC.NCF file. You can add IPX after the
server installation by adding the SERVERID 8_digit_number command
after the SERVERNAME command in the AUTOEXEC.NCF file.

100-004725-001
August 30, 2001
Novell Confidential
53
Manual
99a
38
July 17, 2001
About Internet Protocol (IP)

Internet protocol (IP) lets your network share data with other IP networks,
including the Internet. Using IP requires a unique IP address, a subnet, and a
router or gateway address.
IP AddressIdentifies each device on the network. The address consists
of 32 bits, which are represented as decimal values separated by periods,
such as 123.45.67.89.
If your server will connect to the Internet, you must obtain a unique IP
address. For information on receiving an IP address, contact your Internet
service provider (ISP).
Subnet MaskLets you break up your network into smaller networks.
Your network might have too many nodes or might be too geographically
dispersed to manage as a single network.
Dividing your network into smaller networks allows the network routers
to filter and reduce the network activity seen by any of the nodes.
However, dividing your network and using several network addresses
might not be appropriate on a large network that needs to appear to
network administrators as a single network.
Router (Gateway)The address of the router that connects two different
environments, such as a LAN and the Internet.
You can enter a specific router (gateway) address or you can rely on the
network to automatically find the nearest router. If you specify the
address, remember that the router must exist on your network segment.
Installing IP will automatically bind to the Ethernet_II frame type.
When IP is selected, passive support for IPX is also provided. If an IPX
request arrives at the server, NetWare will process the IPX request. This
passive support for IPX is called Compatibility Mode and is automatically
enabled to provide service for applications that require IPX.
HINT: You can disable Compatibility Mode by removing the LOAD SCMD command
from the servers AUTOEXEC.NCF file. When IPX Compatibility Mode is disabled,
the server will process only IP packets. Applications that require IPX will not
function properly.
54

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
About IPX
Novells traditional protocol, Internetwork Packet Exchange (IPX), lets you
continue using IPX-based applications. If IPX, but not IP, is installed on your
server, it will actively process IPX packets and ignore packets using other
protocols, such as IP.
During the installation program, existing IPX frame types will be detected.
The installation program will detect one of the following conditions.
A single IPX frame typeIf a single frame type is detected, it will be
installed.
Multiple IPX frame typesIf detected, you will be prompted to choose
the frame types that you want to install.
No IPX frame typesIf no frame types are detected, Ethernet_802.2
will be installed by default.
Using Both IP and IPX

If you have network clients or applications that require IPX and IP, you can
install both protocols. Both protocols can be bound to a single network board.
When selected, both IP and IPX protocols are actively supported. The server
will process IP requests using IP, and it will broadcast and reply to IPX
requests using IPX.
Setting Up Domain Name Service

The IP protocol identifies computers and systems by their assigned IP
addresses, such as 123.45.56.89. Domain Name Service (DNS) allows a
specific server on the network to maintain a list of simple, readable names that
match IP addresses. Applications (or protocols) that require IP addresses
rather than names can use a DNS server to translate from one form to another.

100-004725-001
August 30, 2001
Novell Confidential
55
Manual
99a
38
July 17, 2001
HINT: If this server will not be available to the Internet, you can skip this screen
and ignore any associated error messages.
If you want this server to be available to the Internet, you must enter the
following:
Host ComputerThe simple, readable name on the DNS server that
matches this NetWare servers name (or the name that you have bound to
the network board).
HINT: Set up the host computer name on the DNS server to use the NetWare
server name.
Domain NameThe hierarchical name that represents the organization

of your network, such as acme.com.
Domain Name ServerThe IP address of the DNS server that maintains
the list containing this NetWare servers simple, readable name and IP
address. For more information, contact your network administrator or
Internet service provider.
56

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Configuring a NetWare Server as a DNS Server (Optional)

In addition to standard services, a NetWare server can be configured to
provide DNS services. The DNS Server setup is done after completing the
NetWare server installation.
Setting the Server Time Zone

The server time and time zone are important in order to synchronize network
events. Advanced time synchronization settings are available during the
Customize section of the installation.
Setting Up Novell eDirectory

Novell eDirectory provides global access to all networking resources.
eDirectory allows users with the proper access rights to log in to the network
and view and access network resources.
Network resources such as servers and printers are presented hierarchically in
an eDirectory tree. Users log in to the eDirectory tree with a single login name
and password instead of logging in to specific servers.

100-004725-001
August 30, 2001
Novell Confidential
57
Manual
99a
38
July 17, 2001
Choosing the Type of eDirectory Installation

To set up eDirectory, you must choose one of the following options:
Install the server into an existing eDirectory tree
Create a new eDirectory tree
Before completing this task, you should understand the concepts relating to
eDirectory trees, containers, and context.
Tree NameThe top level of the available network resources and must
be unique from other eDirectory tree names on the network.
ContainersMuch like subdirectories, containers contain network
objects. The server can be installed into two types of container objects:
Organization (O) and Organizational Unit (OU).
ContextThe context, much like DOS directory paths, denotes the full
path of a network object in the eDirectory tree. For example, a NetWare
server might be installed into an Organizational Unit (OU) named Sales
under the Organization (O) named Acme. The context would be denoted
as OU=Sales.O=Acme or Sales.Acme.
58

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Install the Server into an Existing eDirectory Tree

Installing your server into an existing eDirectory tree incorporates the server
into your network.
The server can be installed in any Organization (O) or Organizational Unit
(OU) container in the eDirectory tree where you have the Supervisor right.
You can create containers during the installation program. You will be
required to log in and provide the context, username, and password for the
user with the Supervisor right to the container.
IMPORTANT: If this is the first NetWare 6 server to be installed into an existing
eDirectory tree, you should have already completed the Network Preparation
section of the NetWare Deployment Manager utility.
NetWare Deployment Manager (NWDEPLOY.EXE) is located on the NetWare 6
Operating System CD and is run from a Windows workstation.
If you have updated the eDirectory tree on all servers but have not yet prepared the
network for NDS 8, you will be prompted to modify the schema. When prompted,
you must provide the administrator name and password for the entire eDirectory
tree.
Creating a New eDirectory Tree

Create a new tree if you are creating a new network or if this server requires a
separate eDirectory tree. The resources available on the new tree will only be
available to users logged in to the new tree.

100-004725-001
August 30, 2001
Novell Confidential
59
Manual
99a
38
July 17, 2001
Each eDirectory tree must have a name unique from other eDirectory trees on
the network. You will also be prompted to create a user (default name Admin)
with the Supervisor right, identify an eDirectory context, and assign a
password.
Summary
Now that you have created a new eDirectory tree or installed the server into
an existing eDirectory tree, the NetWare Server object and Volume objects
will be installed in the container you specified.
60

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If you have created a new eDirectory tree, a user (default name Admin) with
Supervisor rights to the eDirectory tree will be created in the same eDirectory
container as the NetWare Server object.
IMPORTANT: Record the administrator password and other relevant information
before proceeding.
Licensing the NetWare Server

NetWare 6 must have a valid license in order to function as a server. You can
install the license from the NetWare 6 License/Cryptography diskette or
browse to a directory that contains NetWare 6 licenses.
If you already installed a license at the beginning of the installation, you can
choose to use that license, or install a different one.
Install without LicensesAlthough the server can be installed without a
license, the unlicensed server will allow only two user connections. After
installation, you can use the iManage utility to install additional licenses.

100-004725-001
August 30, 2001
Novell Confidential
61
Manual
99a
38
July 17, 2001
If prompted, select where in the tree you want to install the license.
Install Networking Products

After completing the NetWare server portion of the installation, you can select
other networking products to install. Other networking products provide
enhanced functionality, such as network management and Internet access, to
NetWare 6.
NOTE: Some products can be installed only by using NetWare Deployment
Manager after the server installation is complete.
62

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Although you can choose which products to install, installing the products that
are already selected by default will ensure that you receive the features
recommended for NetWare.
For more information on NetWare products, see Chapter 1, Welcome to
NetWare 6, on page 11.
Depending on the products selected to be installed, you may need to complete
the steps in the following sections. Although the products are installed, many
require additional configuration after completing the server installation.
For more information on configuration requirements for specific products,
refer to each product documentation as part of the NetWare 6 documentation
at the NetWare 6 Documentation site (http://www.novell.com/documentation/
lg/nw6p/index.html).

100-004725-001
August 30, 2001
Novell Confidential
63
Manual
99a
38
July 17, 2001
Configuring IP-Based Services (Conditional)

Make sure that port assignments and addresses do not conflict. Some port
number assignments in NetWare 6 can be reassigned from one service to
another. Other port numbers cannot be reassigned.
For information on default port assignments, which ports can be reassigned,

and which ports cannot be reassigned, see "Port Number Assignments" in
Getting Results with Novell Web Services.
Installing Novell Certificate Server

Novell Certificate Server enables secure data transmissions and is required for
Web-related products such as NetWare Web Manager and NetWare Enterprise
Web Server. It also allows you to mint, issue, and manage digital certificates
by creating a Security container object and an Organizational Certificate
If the network does not already have an Organizational CA object, the first
NetWare 6 server will automatically create and physically store the Security
container object and Organizational CA object for the entire eDirectory tree.
Both objects are created at, and must remain at the [Root] of, the eDirectory
tree.
64

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Only one Organizational CA object can exist in an eDirectory tree. Once the
Organizational CA object is created on a server, it cannot be moved to another
server. Deleting and re-creating an Organizational CA object will invalidate
any certificates associated with the Organizational CA.
Make sure that the server that you intend to permanently host the
Organizational CA object and will be a reliable, accessible, and continuing
part of your network.
To create the Security container object and the Organizational CA object, you
must be logged in as a user with rights at [Root] of the eDirectory tree.
If the Organizational CA object already exists on the network, the installation
program will find and reference the server that it. The installation program
will access the Security container and create a Server Certificate object.
To access the Security container and create a Server Certificate object, you
must be logged in as a user with the Read right to the existing Security
container object.
If an Organizational CA object is not available on the network, Web-related

products such as NetWare Web Manager and NetWare Enterprise Web Server
will not function.

100-004725-001
August 30, 2001
Novell Confidential
65
Manual
99a
38
July 17, 2001
Configuring LDAP
TCP and SSL port numbers can be configured for LDAP services. You can
also configure ports after the server installation using ConsoleOne.
The default setting for the Allow Cleartext Passwords option (unchecked)
disallows cleartext passwords, effectively disabling eDirectory user binds on
non-SSL connections. Any sent password, however, is received by the server
before the bind fails. Therefore, it is possible for an eDirectory username and
password to be captured during a failed bind attempt.
By default, only passwords exchanged over SSL connections are encrypted.
Checking Allow Cleartext Passwords lets requests that include passwords be
transmitted over nonencrypted connections. Nonencrypted passwords can be
captured by network monitoring equipment; therefore, depending on the
environment, clear text passwords can pose a security risk.
66

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Installing Novell Native File Access Protocols

Novell Native File Access Pack lets Macintosh, Windows, and UNIX
install any additional softwaresuch as Novell Client software. The software
is installed only on the NetWare server and provides "out of the box" network
access. Just plug in the network cable, start the computer, and you have access
to servers on your network. No client configuration, no client software, no
problem.
About Native Protocols
Novell Native File Access Pack software enables the NetWare server to use
the same protocol (referred to as "native") as the client workstation to copy,
delete, move, save, and open files. Windows workstations perform these tasks
using the native Common Internet File System (CIFS) protocol, and
Macintosh workstations use the native Apple* Filing Protocol (AFP). UNIX
computers use the NFS protocol.

100-004725-001
August 30, 2001
Novell Confidential
67
Manual
99a
38
July 17, 2001
User Benefits of Novell Native File Access Protocols
Enabling native protocols on NetWare means that users can access files, map
network drives, and create shortcuts to NetWare servers using the native
methods available in their specific operating system. Windows users can use
their familiar Network Neighborhood. Macintosh users can use Chooser or the
Go menu to access network files and even create aliases. Because the NetWare
server is running native protocols, users can copy, delete, move, save, and
open network filesjust like they would if they were working locally.
Setting Server Properties for Windows Workstations
You can decide how the NetWare server appears to Windows workstations by
configuring the NNFAP Server Name, NNFAP Server Comment, and
Unicode settings.
NNFAP Server Name
The name specified in the NNFAP Server Name field displays as the server
name when Windows workstations without Novell Client software browse the
network You can change the name but it must be different than the NetWare
Server name and no longer than 15 characters. The default NNFAP Server
68

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Name is the NetWare server name with an added underscore (_) and a W. For
example, a NetWare server named SERVER1 defaults to a NNFAP server
name of SERVER1_W.
NNFAP Server Comment
The text in the NNFAP Server Comment field displays when viewing details
of the NNFAP server from a Windows workstation.
Enabling Unicode
When enabled, this command enables Unicode characters (used in doublebyte languages). To support Unicode, an additional file named
UNINOMAP.TXT must be created and saved in the SYS:\ETC directory.
When UNICODE is enabled, the UNINOMAP.TXT file is used to resolve
Unicode-to-ASCII "no-map" problems. To specify "no-map" cases in the
UNINOMAP.TXT file, enter the first Unicode value to watch for and then the
second value representing the ASCII replacement code. For example:
0178 98
20AC CC
Save the values in the UNINOMAP.TXT file. If an unmappable character is

encountered, the system uses the ASCII substitution character specified in the
file.
Selecting an Authentication Method for Windows Workstations
Select one of the following:

If users will authenticate using NDS, select Local.
If users will authenticate using a Domain, select Domain.
For Windows users, there are two types of authentication methods available
with Novell Native File Access: Local and Domain. Local authentication
requires a simple password to log in to a NetWare server, but a simple
password is not required for Domain authentication.
Local Authentication
The server running Novell Native File Access Protocol software performs the
user authentication when clients are a member of a workgroup. With local
authentication, the username and password on NetWare must match the
username and password used to log in to the Windows workstation.

100-004725-001
August 30, 2001
Novell Confidential
69
Manual
99a
38
July 17, 2001
Workgroup Name: The domain or workgroup that the server will belong to. In
this case, Workgroup and Domain are interchangeable.
WINS Address: Address of WINS server to be used to locate the primary
domain controller (PDC), if the PDC and server running Novell Native File
Access Protocols software are on different subnets.
Windows Internet Naming Service (WINS), part of the Microsoft Windows
NT and 2000 Servers, manages the association of workstation names and
locations with Internet Protocol (IP) addresses. WINS automatically creates
and maintains a computer name and corresponding IP address mapping entry
in a table. When a computer is moved to another geographic location, the
subnet part of the IP address is likely to change. Using WINS, the new subnet
information will be updated automatically in the WINS table.
Domain Authentication
A simple password is not required for domain authentication. Since the

password is kept on the Windows domain controller, it is not possible to use
Windows native Change Password feature to change the password. Instead,
you must use Windows domain management utilities. To work properly, the
username and password on the domain controller must match the username
and password used to log in to the Windows workstation.
70

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
PDC Is On Same Subnet
Indicates that the PDC is on the same subnet.

Specify PDC Using DNS or WINS
Select this option to use DNS or WINS to specify the primary domain
controller.
PDC Name
A PDC server name and static IP address are needed if the PDC is on a
different subnet. This option should be used only when there is a valid reason
for overriding WINS or DNS.
PDC Address
The address of the PDC must be static; otherwise, if the PDC reboots and the
address changes, the server running Novell Native File Access Protocols
software will not be able to contact the PDC.

100-004725-001
August 30, 2001
Novell Confidential
71
Manual
99a
38
July 17, 2001
Selecting IP Addresses to Service Windows Workstations
Although we recommend that you enable the CIFS protocol on all IP

addresses, you can specify which IP addresses will respond to CIFS protocol
requests.
Specifying Share Points for Windows Workstations
Any volume or directory on the server can be specified as a shared point and
made accessible via the Network Neighborhood or My Network Places. If no
share points are specified, then all mounted volumes are displayed.
72

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Directory
The path to the server volume or directory which becomes the root of the
sharepoint. Beginning at the volume name, the full path must be specified and
it must end with a backslash (\). For example:
VOL1:GRAPHICS\
Share Name
The name by which the sharepoint is displayed to Windows computers. For

example, if you enter Lots of Pics as the sharename associated with
VOL1\GRAPHICS, then Windows workstations browsing the network see
"Lots of Pics" instead of "VOL1\GRAPHICS."
Connections
The number of connections allowed to access the sharepoint.

Comment
A description for the sharepoint that appears in Network Neighborhood or My

Network Places.

100-004725-001
August 30, 2001
Novell Confidential
73
Manual
99a
38
July 17, 2001
Set up Contexts for Windows Workstations
You must specify the NDS contexts of Windows users that require access to
the network. These contexts are saved in the context search file. When the
Windows user enters a username, the Novell Native File Access Protocol
software searches through each context in the list until it finds the correct User
object. For example if you had users with full NDS distinguished names such
as Bob.sales.acme, Sue.graphics.marketing.acme, Pat.graphics.marketing,
and Jo.marketing.acme, then you would enter the following contexts:
sales.acme
graphics.marketing.acme
marketing.acme
If User objects with the same name exist in different contexts, each user object
attempts authentication in order until one succeeds with the corresponding
password.
After server installation, you can add or remove contexts by editing the
context search file (CIFSCTXS.CFG) in the SYS:\ETC directory of the server
running Novell Native File Access Protocols.
74

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Next Steps for Novell Native File Access Protocols
After completing the installation of the Novell Native File Access Protocols,
you must create passwords for users before they can access the files on the
server. For more information, see the Novell Native File Access Protocols
Installation and Administration Guide.
Setting up NetWare WebAccess

NetWare WebAccess lets administrators set up a Web page that allows users
access to multiple network resources from their Web browser. Users do not
need a Novell Client or VPN client to access to their resources. They can
access these resources on the Web from any computer with a compliant
browser.
Customized content is provided through gadgets which provide access to

specific content on the network. Gadgets communicate with the appropriate
back-end system to gather the necessary data for a particular userand users
can access it all with a single password. For more information, see NetWare
WebAccess Overview and Installation.

100-004725-001
August 30, 2001
Novell Confidential
75
Manual
99a
38
July 17, 2001
Choose which gadgets you want to enable and configure now and which
gadgets you want to enable and configure later by checking or unchecking the
check boxes next to each gadget type. All gadgets are installed automatically
when you install NetWare WebAccess. This screen lets you choose whether to
enable and configure those gadgets now or later.
The default is to enable and configure gadgets later, because during a new
server installation, the applications accessed by the gadgets might not have
been installed yet. If you choose to enable and configure gadgets now, you
must specify the location (URL) that you want the gadgets to link to for each
application.
Mail Gadget
Type
If you choose to enable and configure the Mail gadget now, you will need to
specify your e-mail type. You can choose between GroupWise, Web-based Email, Exchange, Notes, or NIMS.
Location
Specify the URL of the Web server running the service.
76

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
For GroupWise, the URL will be similar to http://IP_address or DNS

name/servlet/webacc. Substitute the IP address or DNS name of the Web
server running GroupWise WebAccess.
For Web-based e-mail, provide the URL you assigned either the IMAP or
POP3 server when you set it up.
For Microsoft Exchange, provide the URL for accessing your Exchange
server. The URL might be an IP address like http://192.168.0.1.
For Lotus* Notes*, provide the URL for accessing your Lotus Notes
server. The URL might be something like showcase2.notes.net.
For Novell Internet Messaging Services (NIMS), provide the URL to the
NIMS server. The URL was created when you installed and configured
NIMS, and might be something like https://webmail.myrealbox.com.
Print Gadget
If you choose to install the Print gadget now, you will need to specify the URL
to your iPrint Web page. The URL might be something like http://
myserver.com/iPrint/hongkong.htm.
NetStorage Gadget
If you choose to install the NetStorage gadget now, you will need to specify
the location of your NetStorage server. The URL might be something like
http://myserver.com. The NetStorage gadget requires the NetStorage
component of NetWare 6, so you must choose to install the NetStorage
component during the NetWare 6 installation.
Setting Up Novell iManage

iManage runs in an Internet browser and is used for administering, managing,
and configuring Novell eDirectory objects. iManage gives you the ability to
assign specific tasks or responsibilities to users and to present the user with
only the tools (with the accompanying rights) necessary to performs those sets
of tasks.
In NetWare 6, you can use iManage to administer iPrint, DNS/DHCP, and
Novell Licensing Services.

100-004725-001
August 30, 2001
Novell Confidential
77
Manual
99a
38
July 17, 2001
During installation, roles and tasks are installed and associated with the
logged-in user (typically the Admin user) by default. These role and task
objects are stored in a new eDirectory container (rbsCollection). You can
select the location and name of the new container or use the defaults provided.
Location
Enter the path to the eDirectory container that you want to create the
rbsCollection container in, or use the default location.
Name
Enter a name for the rbsCollection or use the default name.
78

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Install Novell iFolder

Novell iFolder is a file storage and management solution to the universal
problems associated with storing and retrieving data. With iFolder you have
the latest version of your data when you need it and where you need it from
any computer that you regularly use. And if you are not at a computer that you
regularly use, you can still access and manage your files if you have an
Internet connection and a Java-enabled browser. For more information, see the
Novell iFolder Administration Guide
User Data
Enter the path to the directory where you want the iFolder user data to be
stored on the server.
Admin Names
Enter the names of all the administrators who need rights to modify iFolder
user account information via the Server Management Console. If you are
entering more than one name, separate the usernames with a semicolon (;). For

100-004725-001
August 30, 2001
Novell Confidential
79
Manual
99a
38
July 17, 2001
example, if you wanted users JSmith and Admin to have rights to administer
the Server Management Console, you would enter admin;jsmith.
Network Domain
Enter the IP address or the DNS name of your iFolder server.
Install Novell NetStorage

serves as a bridge between a company's protected Novell network and the
Internet. It allows users secure file access from any Internet location, with
nothing to download or install on the user's workstation. Files and folders on
a Novell network can be accessed using either a browser or Microsoft Web
Folders.
DNS Name or IP Address of Primary eDirectory Server and Context
Specify the IP address or DNS name of a server in your eDirectory tree that
has the master replica or a read/write replica of eDirectory. The Primary
eDirectory Server URL is required for NetStorage to function properly. This
80

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
does not necessarily have to be the IP address or DNS name of the server
where NetStorage is to be installed.
When a user attempts to log in, NetStorage searches the eDirectory database
on the server you specify for the User object. If the User object is found,
NetStorage attempts to authenticate the user to eDirectory.
If you know the eDirectory context for the users that will use NetStorage, you
can add that context to the URL by inserting a colon (:) between the IP address
or DNS name and the eDirectory context. The context is optional. If no
context is specified, NetStorage searches the entire eDirectory tree on the
primary eDirectory server for User objects. For example, if the IP address of
the server is 127.0.0.1 and the eDirectory context for your users is Personnel,
then you would add 127.0.0.1:personnel to the field.
DNS Name or IP Address of Alternate eDirectory Server and Context (Optional)
This optional text box is where you specify alternate IP addresses or DNS
names of other servers in your directory tree that have at least read/write
eDirectory replicas. You can add two alternate eDirectory server URL and
context settings.
These alternate settings can be used in the event that eDirectory authentication
cannot be accomplished using the primary eDirectory server URL and
context. The alternate URL and context settings are optional, but can help
provide users with an additional level of access to NetStorage.
DNS Name or IP Address and Port Number of iFolder Server (Optional)
Specify the IP address or DNS name and the port number that you assigned to
Novell iFolder. The iFolder DNS name or IP address and the port number are
optional but, if specified, will allow NetStorage users to access and
manipulate files and directories on the iFolder server.
HINT: Click Back to view the screen where the IP address and port number
assignments were made.

100-004725-001
August 30, 2001
Novell Confidential
81
Manual
99a
38
July 17, 2001
Customizing the Installation

You can customize the installation of many products for your networking
environment.
To customize products and components, at the Summary screen click

Customize to access the Customize screen.
82

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Select the product to customize. Click Properties. Modify the product as

required. Click OK to return to the Summary screen.
Completing the Server Installation

The server installation program is now ready to copy files to your computer.
Depending on which products you are installing, you might be prompted for
additional information.
At the Summary screen, click Finish to begin copying the files to the server.
After all files are copied, the server must be rebooted in order for the settings
to take effect.

100-004725-001
August 30, 2001
Novell Confidential
83
Manual
99a
38
July 17, 2001
After the files are copied, click Yes to reboot the server. If you chose to load
server on reboot, the NetWare 6 server software will automatically load when
the computer reboots.
If you chose not to load the server on reboot, you can load it manually. To load
the server manually, reboot the computer by clicking Yes. When the computer
reboots, change to the startup directory containing the NetWare server files
(C:\NWSERVER) and enter SERVER.
Whats Next?
Although you have installed or upgraded to NetWare 6, you may need to
configure products to work in the new environment. If you chose not to install
a product during the server installation, you can follow the instructions in
Installing Additional Products on page 84 to do it afterwards.
Updating NSS Volumes

If you upgraded from a NetWare 5.1 server with NSS volumes, you must
complete the following procedure to update NSS volumes.
NOTE: For more detailed information, see "Updating NSS Volumes" in the Novell
Storage Services Administration Guide.
1 When prompted at the end of the upgrade, reboot the computer.

2 Make sure that all processes relating to the NetWare 6 upgrade have
completed.
3 At the server console, enter the following command
The NSS volumes can now be mounted on the NetWare 6 server.
Installing Additional Products

You should now install and set up other networking products. For specific
product information, see the product documentation in the NetWare 6 Online
Documentation (http://www.novell.com/documentation/lg/nw6p). For brief
product descriptions, see Chapter 1, Welcome to NetWare 6, on page 11.
Although many products can be installed during the basic server installation,
some additional products such as Novell Cluster ServicesTM can be installed
only after completing the server installation. You can install additional
84

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
products using NetWare Deployment Manager or from the GUI server console
screen.
Install Additional Products Using NetWare Deployment Manager
1 Log in to the network from a Windows workstation running Novell Client
software.
2 Run NWDEPLOY.EXE located at the root of the NetWare 6 Operating
System CD.
3 Click Post Installation Tasks > Install NetWare 6 Products.
4 Follow the on-screen instructions for adding the product.
HINT: Select the PRODUCT.NI file located at the root of the CD.
Install Additional Products Using the GUI Server Console Screen

1 Insert the NetWare 6 Operating System CD into the CD drive of the
server.
2 Go to the GUI server console screen.
Start the GUI server console screen by entering STARTX at the server
console.
3 Click Novell > Install > Add.
4 Specify the root directory of the CD and click OK.
5 Select the PRODUCT.NI file.
6 Follow the on-screen instructions for installing the product.
If you are running Novell Client software, you should now upgrade your
existing workstations. You can choose to run workstations without additional
software using Novell Native File Access Protocols. For more information,
see the NetWare 6 Online Documentation (http://www.novell.com/
documentation/lg/nw6p).

100-004725-001
August 30, 2001
Novell Confidential
85
Manual
86
99a
38

100-004725-001
August 30, 2001
Novell Confidential
July 17, 2001
Manual
99a
July 17, 2001
38
The NetWare 6 installation program can be used to upgrade an existing
NetWare 4 or NetWare 5 server to NetWare 6.
The upgrade process includes the following tasks:
Meet system and software requirements
Prepare the network and the computer
Specify hardware and software settings
Create additional disk volumes (if required)
Select and install networking protocols
Set up Novell eDirectoryTM
Install other networking products
During the upgrade program, the server is upgraded to NetWare 6 by
automating the following tasks:
Device drivers and LAN drivers for the NetWare 6 operating system are
loaded. Outdated drivers are matched with and replaced by new drivers
included with NetWare 6.
eDirectory is upgraded.
NetWare 6 information is added to the AUTOEXEC.NCF and
STARTUP.NCF files.
The NetWare 6 files are copied to the server.

100-004725-001
August 30, 2001
Novell Confidential
87
Manual
99a
38
July 17, 2001
Meet System and Software Requirements

To upgrade to NetWare 6, your system must meet the minimum requirements
listed below.
System and Software Requirements

The server to be upgraded must be running one of the following:
NetWare 5 with Support Pack 6 or later
A server-class PC with a Pentium II or AMD K7 processor
256 MB of RAM
A DOS partition with 35 MB of available space
2 GB of available disk space on volume SYS:
One network board
A CD drive
A USB, PS/2, or serial mouse (recommended but not required)
Software and Other Requirements

Depending on the network configuration, you might need one or all of the
following software and information:
Supervisor right at the [Root] of the eDirectory tree
Supervisor right to the container where the Server object resides
CD drivers (required to access the CD)
88

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Client connection utilities (optional, for upgrading from another server):

Novell ClientTM for DOS and Windows* 3.1x (optional, for
upgrading from a NetWare server running IPXTM).
IP Server Connection Utility (optional, for installing from a NetWare
server running IP only).
For instructions, see PRODUCTS\SERVERINST\IPCONN.TXT on
the Novell Client CD.
An IP address
For IP addresses and domain names, contact your network
administrator and Internet Service Provider.
Network board and storage device properties, such as the interrupt and
port address (required if not included in NetWare).
For more information, contact your computer hardware manufacturer.
Next, you should prepare the network for the NetWare 6 server. If this server
is not part of an existing network, you can skip to Preparing the Computer
on page 93.
Preparing the Network

Before you introduce a NetWare 6 server into an existing network, you must
run NetWare Deployment Manager to update the network.
To update the network for NetWare 6, you must do the following:
1 Log in from a Windows 95/98 or Windows NT/2000 workstation to your
existing network as a user with the Supervisor right.

If prompted to log into the network while using NetWare Deployment
Manager, you can enter the server name or click Details and specify the
IP address.
2 Run NetWare Deployment Manager (NWDEPLOY.EXE), located on the
NetWare 6 Operating System CD.

100-004725-001
August 30, 2001
Novell Confidential
89
Manual
99a
38
July 17, 2001
3 Double-click the Network Preparation folder to view the tasks and read
the Overview section to get an understanding of the tasks.

4 Back up any server data and Novell eDirectory data following the
instructions in the Back Up Data step.

5 Run the View and Update eDirectory Version program to update
eDirectory as required.
90

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
6 Run the Prepare for eDirectory program to extend the network schema.
7 (Conditional) If you are upgrading a cluster of NetWare servers, run the
Prepare a Novell Cluster for Upgrade program.

100-004725-001
August 30, 2001
Novell Confidential
91
Manual
99a
38
July 17, 2001
8 (Conditional) If you are upgrading a NetWare 5 server running NDS 7
that has NSS volumes, run the Prepare a Server with NDS 7 and NSS
program.
9 Follow the instructions in the Update Certificate Authority (CA) Object
step to create or update a Security container object and a Certificate

After you have completed the Network Preparation section of NetWare
Deployment Manager, read through the Installation / Upgrade Options section
to help you decide the option that best meets your needs.
After choosing an installation or upgrade option, you should now prepare the
computer to be a NetWare 6 server.
92

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Preparing the Computer

To prepare your existing server for the NetWare 6 operating system, do the
following:
Back up the NetWare server files
Prepare application files
Verify a valid DOS partition
Access the upgrade program
Backing Up the NetWare Server Files

Make at least one backup of your NetWare server files, including files on the
DOS partition. Do not attempt an upgrade without a backup.
Preparing Application Files Prior to Upgrading

Some applications require that you prepare the files prior to upgrading.
Preparing IBM WebSphere Application Server for NetWare Files
(Conditional)
If the server has been running IBM* WebSphere Application Server for
NetWare, you must migrate your existing Web applications using the
migration utility included with NetWare 6. The utility migrates WebSphere
Web applications to Tomcat 3.3 Web applications.
Migrate WebSphere Applications
1 At the NetWare server system console, enter XMLCONFIG -EXPORT
volume_name:\websphere\migrate.xml adminNodeName
NodeName
NOTE: If you installed WebSphere to a different directory, specify that directory.
2 Complete the upgrade to NetWare 6.

3 After the upgrade, continue migrating the applications by following the
instructions in "Migrating from WebSphere to Tomcat in Getting Results

with Novell Web Services.

100-004725-001
August 30, 2001
Novell Confidential
93
Manual
99a
38
July 17, 2001
Preparing Servers Running ZENworks for Server 2 (Conditional)
If the server is running ZENworks for Servers 2, you must install ZENworks
for Servers 2 Support Pack 1 prior to upgrading the server to NetWare 6.
ZENworks for Servers 2 Support Pack and related information can be
obtained from Novell Technical Support (htttp://support.novell.com).
Verify a Valid DOS Partition

Your NetWare server uses the DOS partition to start the computer and load
NetWare. Many of the existing NetWare startup files will be replaced with
new NetWare 6 files. In addition, the DOS partition must exceed the minimum
amount of available space to accommodate new NetWare 6 files.
If the DOS partition does not have enough available space, you cannot
upgrade the server. You must create a new DOS partition and install a new
server. See Setting Up NetWare 6 on page 27.
HINT: If your computer does not meet the minimum requirements, you might try
using the Novell Migration Wizard utility to migrate data to another computer. For
more information, see www.novell.com/documentation.
Access the Installation Files

NetWare 6 can be upgraded from the servers local CD drive or from
installation files located on the network. To access the NetWare 6 installation
files, complete the following steps.
1 Insert the NetWare 6 Operating System CD and boot the computer.
2 Complete one of the following:
If the computer boots from the CD, follow the on-screen prompts and
skip to Selecting the Language and Accepting the License
Agreement on page 36.
If the computer does not boot from the CD, continue with the
following steps.
3 Boot your computer with DOS 3.3 or later.

4 Access the NetWare 6 Operating System CD.
If you install CD drivers to the disk drive, make sure that the logical
filename of your CD drive (specified in the CONFIG.SYS and
AUTOEXEC.BAT files) is not CDROM or CDINST.
94

100-004725-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
5 Make sure that the CONFIG.SYS file contains the FILES=50 and
BUFFERS=30 commands.
6 (Conditional) To upgrade from NetWare 6 files located on a network,
install the Novell Client for DOS and Windows 3.1x or IP Server
Connection Utility software located on the Novell Client CD.
Whats Next
After accessing the NetWare 6 installation files, follow the instructions for
installing a server beginning with Installing the Software on page 35.
IMPORTANT: If you are upgrading a NetWare server with NSS volumes, the NSS
volumes will not appear or mount until they are updated. Updating NSS volumes is
done after finishing the server upgrade by following the instructions in Updating
NSS Volumes on page 84.
Because you are doing an upgrade, you are not prompted to provide all the
information normally required for a new server installation. The installation
program uses existing information to skip entire sections and complete the
upgrade to NetWare 6.
HINT: Dont forget to select Upgrade as the type of installation.

100-004725-001
August 30, 2001
Novell Confidential
95
Manual
96
99a
38

100-004725-001
August 30, 2001
Novell Confidential
July 17, 2001
Novell
NetWare 6
www.novell.com
O T H E R I N S TA L L AT I O N O P T I O N S
August 30, 2001

Novell Confidential
doc_tpl.fm
Rev 99a
28 October 99
17
Contents
Overview
Using NetWare Accelerated Upgrade . . . . . . . . . . .

Automating the NetWare Installation with a Response File
Using Installation Scripts for NetWare Installation . . . . .
Documentation Conventions . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
How NetWare Accelerated Upgrade Works . . . . . . . . . . . . . . . . . . . .

Upgrading to NetWare 6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Prepare the Workstation . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Prepare a Staging Server. . . . . . . . . . . . . . . . . . . . . . . . . . . .
Prepare the Target Server . . . . . . . . . . . . . . . . . . . . . . . . . . .
Prepare the Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Run NetWare Accelerated Upgrade . . . . . . . . . . . . . . . . . . . . . .
Complete Post-Upgrade Tasks . . . . . . . . . . . . . . . . . . . . . . . . .
Specifying Disk Drivers Manually . . . . . . . . . . . . . . . . . . . . . . . . .
Troubleshooting Server-to-Server Connections . . . . . . . . . . . . . . . . . .
Disabling SAP Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Detaching from Unauthenticated Servers . . . . . . . . . . . . . . . . . . .
Setting the Target Servers Gate Parameter to Its Default Router IP Address .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Using NetWare Accelerated Upgrade
11

Creating a Response File . . . . . . . . . . . . . . . . . . . .
Creating a New Response File . . . . . . . . . . . . . . . .
Editing a Response File from a Previous Server Installation .
Using a Response File . . . . . . . . . . . . . . . . . . . . . .
Using a Response File during a Server Installation . . . . .
Entering a Response File at the Command Line . . . . . . .
Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetWare Sections and Keys . . . . . . . . . . . . . . . . . . .
[NWI:Product Information] Section . . . . . . . . . . . . . .
[NWI:Language] Section . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
11
13
13
13
15
17
18
20
20
21
21
21
22
25
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Contents

104-001234-001
August 30, 2001
Novell Confidential
. 9
. 9
10
10
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
26
26
26
27
27
27
28
33
33
34
doc_tpl.fm
[NWI:Install Options] Section . . . . . . . . . . . . . . . .

[NWI:Server Settings] Section . . . . . . . . . . . . . . . .
[NWI:Locale] Section . . . . . . . . . . . . . . . . . . . .
[NWI:Mouse and Video] Section . . . . . . . . . . . . . . .
[NWI:Hardware] Section . . . . . . . . . . . . . . . . . . .
[NWI:Excluded From Detection] Section. . . . . . . . . . .
[NWI:Multi-Processor System] Section . . . . . . . . . . .
[NWI:Storage Adapter n] Section . . . . . . . . . . . . . .
[NWI:Storage Device n] Section . . . . . . . . . . . . . . .
[NWI:Network Adapter n] Section . . . . . . . . . . . . . .
[NWI:Reserved Adapter n] Section . . . . . . . . . . . . .
[NWI:Hotplug System] Section. . . . . . . . . . . . . . . .
[NWI:NetWare Loadable Module] Section . . . . . . . . . .
[NWI:File System] Section . . . . . . . . . . . . . . . . . .
[NWI:Partition n] Section . . . . . . . . . . . . . . . . . . .
[NWI:Volume n] Section . . . . . . . . . . . . . . . . . . .
[NWI:Misc] Section. . . . . . . . . . . . . . . . . . . . . .
[NWI:File Server] Section . . . . . . . . . . . . . . . . . .
[NWI:Protocols] Section . . . . . . . . . . . . . . . . . . .
[NWI:TCPIP] Section . . . . . . . . . . . . . . . . . . . .
[NWI:IPX] Section . . . . . . . . . . . . . . . . . . . . . .
[NWI:IPCMD] Section . . . . . . . . . . . . . . . . . . . .
[NWI:SNMP] Section. . . . . . . . . . . . . . . . . . . . .
[NWI:DNS] Section . . . . . . . . . . . . . . . . . . . . .
[NWI:Host Name] Section . . . . . . . . . . . . . . . . . .
[NWI:Time Zone] Section . . . . . . . . . . . . . . . . . .
[NWI:Time Synchronization] Section . . . . . . . . . . . .
[NWI:NDS] Section . . . . . . . . . . . . . . . . . . . . .
[NWI:License] Section . . . . . . . . . . . . . . . . . . . .
[NWI:Add to Startup] Section . . . . . . . . . . . . . . . .
[NWI:Append To Autoexec.ncf] Section . . . . . . . . . . .
[NWI:Use NCF Settings] Section . . . . . . . . . . . . . .
Performing a Fully Automated Installation. . . . . . . . . . . .
[Novell:NOVELL_ROOT:1.0.0] Section . . . . . . . . . . .
Automating the Installation of Additional Products and Services
[Selected Nodes] Section . . . . . . . . . . . . . . . . . .
Installing Multiple Products on a Server . . . . . . . . . . .
Product Keys and Values . . . . . . . . . . . . . . . . . .
Additional Services . . . . . . . . . . . . . . . . . . . . .
CD Boot and the Response File . . . . . . . . . . . . . . . . .
Customizing the Installation Using Install Scripts . . . . . . . .
[NWI:Install Script] Section . . . . . . . . . . . . . . . . .
Performing a Factory Install . . . . . . . . . . . . . . . . . . .
[NWI:Factory] Section . . . . . . . . . . . . . . . . . . . .
[Novell:StartupDirectory:1.0.0] Section . . . . . . . . . . .

104-001234-001
August 30, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Rev 99a
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
28 October 99
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
35
37
38
39
40
44
44
45
46
47
50
50
51
51
52
56
59
60
61
62
63
64
65
67
68
69
70
70
74
76
77
77
78
78
79
80
82
82
83
87
87
88
90
91
92
doc_tpl.fm
[Novell:SYSDirectory:1.0.0] Section .
[Novell:ConfigDirectory:1.0.0] Section
[Novell:LANFiles:1.0.0] Section. . . .
[Novell:SBDFiles:1.0.0] Section . . .
[Novell:portalzip:1.0.0] Section . . . .
[Novell:Rconjzip:1.0.0] Section . . . .
[Novell:Perl5zip:1.0.0] Section . . . .
[Novell:beanszip:1.0.0] Section. . . .
[Novell:nscriptzip:1.0.0] Section . . .
[Novell:scripteszip:1.0.0] Section . . .
[Novell:console1zip:1.0.0] Section . .
[Novell:ldapzip:1.0.0] Section. . . . .
[Novell:wanmanzip:1.0.0] Section . .
Install Command Line Options . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Rev 99a
28 October 99
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Using NetWare Installation Scripts . . . . . . . . . . . .

Script Files . . . . . . . . . . . . . . . . . . . . . .
Launching a Script File . . . . . . . . . . . . . . . .
Using a Script with NetWare 6 . . . . . . . . . . . .
Descriptors and Commands . . . . . . . . . . . . . . .
Syntax Conventions . . . . . . . . . . . . . . . . .
Comments . . . . . . . . . . . . . . . . . . . . . .
Descriptors . . . . . . . . . . . . . . . . . . . . . .
Commands . . . . . . . . . . . . . . . . . . . . . .
External Commands . . . . . . . . . . . . . . . . . . .
Version 2.10 External Command Compatibility. . . .
External Command Syntax . . . . . . . . . . . . . .
Commands . . . . . . . . . . . . . . . . . . . . . .
External Command Programming Interface . . . . . . .
ICMDSetVar . . . . . . . . . . . . . . . . . . . . .
ICMDGetVar . . . . . . . . . . . . . . . . . . . . .
External Command Variable Substitution . . . . . . . .
Example . . . . . . . . . . . . . . . . . . . . . . .
Installation NLM Command Line Options . . . . . . . .
User-Documented Switches for NetWare Installation
Switches Helpful for Install Script Writers . . . . . .
Other Switches . . . . . . . . . . . . . . . . . . . .
NetWare 4.1 Remote Installation Wrapper. . . . . . . .
NetWare Installation Command Version Availability . . .
NetWare Install Commands . . . . . . . . . . . . .
NetWare External Install Commands . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Installation Scripts for NetWare
.
.
.
.
.
.
.
.
.
.
.
.
.
.
92
93
93
94
94
95
95
96
96
97
97
98
98
99
101
Contents

104-001234-001
August 30, 2001
Novell Confidential
101
101
102
102
103
103
104
104
120
125
125
126
126
154
154
155
156
157
158
158
158
159
160
161
161
162
doc_tpl.fm

104-001234-001
August 30, 2001
Novell Confidential
Rev 99a
28 October 99
Manual
99a
38
July 17, 2001
Overview
The following advanced options can help you upgrade or install NetWare
servers.

You can run NetWare Accelerated Upgrade from a Windows* client
workstation, so that you dont need to be physically present at the server
console. Although NetWare Accelerated Upgrade is quicker than the standard
installation process, it does not install additional network products, licensing
services, or license certificates.
See Chapter 1, Using NetWare Accelerated Upgrade, on page 11.
Automating the NetWare Installation with a Response

File
Installing the NetWare operating system software can be easier and more
flexible when you use a response file. When used with the graphical server
installation, a response file lets you
Set and display specific defaults
Bypass entire sections of the installation
Automate the entire server installation process
A response file is a text file containing sections and keys (similar to a
Windows .INI file). You can create a response file using any ASCII text editor.
If you use a response file, the NetWare server installation reads the installation
parameters directly from the response file, replacing the default installation
values with response file values.
See Chapter 2, Automating the NetWare Installation with a Response File,
on page 25.
Overview

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Using Installation Scripts for NetWare Installation

NetWare installation scripts let you
Alter or extend the NetWare installation process
Install additional products or services on a NetWare server after the
operating system has been installed
See Chapter 3, Installation Scripts for NetWare, on page 101.
10

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

The NetWare Accelerated Upgrade utility is an advanced utility that can be
used to upgrade a NetWare 4.11, NetWare 4.2, or NetWare 5 server to NetWare
6. NetWare Accelerated Upgrade is intended for use by network
administrators who are skilled at troubleshooting and installing NetWare
networks.
WARNING: Back up all data before using this utility. Although NetWare
Accelerated Upgrade can reduce the time required to upgrade multiple servers, it
must be used carefully. There are no backout procedures that will restore your
servers to their original configuration or restore trustee assignments if the upgrade
is unsuccessful.
Two advantages to using NetWare Accelerated Upgrade are that:

It runs on a Windows client workstation, so you dont need to be
physically present at the server console. You also have the option of
customizing the NetWare Accelerated Upgrade script files, which allows
you the flexibility of customizing the NetWare 6 installation.
It is quicker than the standard installation process; however, it does not
install additional network products or licensing certificates.
How NetWare Accelerated Upgrade Works

NetWare Accelerated Upgrade requires a Windows client workstation, a
staging server, and a NetWare 4 or 5 server targeted for upgrade.
The staging server holds a copy of the NetWare 6 Operating System CD files.
From this one location, all targeted servers can be upgraded.

103-000143-001
August 30, 2001
Novell Confidential
11
Manual
99a
38
July 17, 2001
NetWare 4 or 5
targeted server
Logs in
File
copy
Windows
client workstation
running
NetWare Accelerated Upgrade
-ROM files
CD
Logs in
Staging server
After the NetWare 6 Operating System CD files are copied to the staging
server, you will log in to a Windows workstation and launch the NetWare
Accelerated Upgrade utility (ACCUPG.EXE), located at the root of the
NetWare 6 Operating System CD. When NetWare Accelerated Upgrade
launches, you will log in to the target and staging servers.
During the upgrade, NetWare Accelerated Upgrade compares the existing
target server properties, such as the Directory Services version and the CLIB
version, with the minimum upgrade requirements for those properties.
If you meet the minimum requirements, NetWare Accelerated Upgrade copies
the NetWare 6 CD files from the staging server to the target server. After the
file copy, the target server reboots to complete the NetWare 6 server upgrade.
Before you begin upgrading the server, make sure that you have the following
software:
NetWare 6 License/Cryptography diskette for each server plus five
connections if you do not have an MLA
12

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Upgrading to NetWare 6
To run NetWare Accelerated Upgrade, complete the following tasks:
1. Prepare the Workstation (page 13)
2. Prepare a Staging Server (page 13)
3. Prepare the Network (page 17)
4. Prepare the Target Server (page 15)
5. Run NetWare Accelerated Upgrade (page 18)
6. Complete Post-Upgrade Tasks (page 20)
Prepare the Workstation

A Windows 95/98, Windows NT*, Windows 2000, or Windows ME
workstation with 50 MB of available disk space.
The Windows 95/98 and Windows ME workstations must be running
Novell ClientTM version 3.3 or later and Support Pack 1 or later
The Windows NT and Windows 2000 workstations must be running
Novell Client for Windows version 4.8 or later and Support Pack 1
or later
PS/2* or serial mouse recommended, but not required.
Continue with the next section, "Prepare a Staging Server."
Prepare a Staging Server

The staging server holds a copy of the NetWare 6 Operating System CD files.
From this one location, all targeted servers can be upgraded. The staging
server can be any server other than the server you plan to upgrade and the
client workstation you are using to run NetWare Accelerated Upgrade.
1 Do one of the following:
Copy the NetWare 6 Operating System CD files to a volume on the

staging server. Make sure that all target servers can access the staging
server and the client workstation.
Mount the NetWare 6 Operating System CD as a volume on the

staging server.

103-000143-001
August 30, 2001
Novell Confidential
13
Manual
99a
38
July 17, 2001
2 (Conditional) If you are upgrading a target server that does not have NICI
installed, copy the NetWare 6 NICI file to your target server. Do one of
the following:
If you copied the NetWare 6 CD files in Step 1 on page 13, create

directory named License at the root of the copied NetWare 6
Operating System CD and then copy the #.NFK file from the
NetWare 6 License/Cryptography diskette to the newly created
License directory.
If you mounted the NetWare 6 Operating System CD, rename the

#.NFK file to NICIFK (no extension is needed) and then copy the
#.NFK to the SYS:SYSTEM directory on every target server that you
plan to upgrade that does not have the NICI installed.
3 (Optional) Specify disk drivers manually.
Although not recommended, you can load disk drivers that are not
provided on the NetWare 6 Operating System CD or bypass the hardware
auto-detection used while running NetWare Accelerated Upgrade. For
more information, see Specifying Disk Drivers Manually on page 20.
4 (Optional) Customize the NetWare Accelerated Upgrade script files.
WARNING: Customizing the installation process could affect the way that
NetWare 6 is installed. This might result in an upgrade failure and might make your
server unusable.
Customizing script files lets you add more menu options or install
additional software or patches that are not standard features of the
NetWare 6 installation.
For information on using script files, see "Upgrading an Enterprise Using
the NetWare Accelerated Upgrade" (AppNotes, April 1999) at the Novell
Developer Net Web site (http://developer.novell.com/research/
completearchive.htm).
When the source server is ready, continue with the next section, "Prepare the
Target Server."
14

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Prepare the Target Server

The target server is the NetWare 4 or NetWare 5 server that you plan to
upgrade to NetWare 6. Make sure your target server meets the minimum
requirements listed below.
WARNING: Do not use NetWare Accelerated Upgrade to upgrade the first server
in your tree to NetWare 6. You must already have a server running NetWare 6 in
your tree in order to use NetWare Accelerated Upgrade. If you do not already have
a server running NetWare 6, do an inplace upgrade on a server in your tree, and
then upgrade the rest of the servers in your tree with NetWare Accelerated
Upgrade.
A server-class PC with Pentium* Pro or Pentium II or higher processor

with a minimum of 180 MB of RAM. 512 MG of RAM is recommended.
HINT: 180 MB is the minimum requirement. If you plan to install additional
products after the upgrade, you might want to take into account the additional
memory requirements those products will have and plan for them now.
Make sure the target server has enough disk space.

30 MB of available disk space on the DOS partition. The
recommended total size of the DOS partition is 100 MB.
1 GB minimum available disk space on volume SYS:. However, the
total recommended size of volume SYS: is 2 GB.
(Optional) Load the RSPX and REMOTE NLMTM programs (for the
IPXTM protocol) or the RCONJAG6.NLM program (for the IP protocol)
on the target server if you are using script files to upgrade your server and
you want to see and access the target servers server console from the
client workstation.
(Conditional) If your target server is running ZENworksTM for Servers 2,
you must unload this application before upgrading your server. For more
information about upgrading servers with ZENworks, see ZENworks for
Server 2 Installation and Setup Guide (http://www.novell.com/
documentation/lg/zfs2/index.html) > Installing and Setting Up
Management and Monitoring Services > Setting Up Management and
Monitoring > Starting and Stopping Services.
To stop the Policy and Distribution Services, follow these steps:
Enter CTRL/ESC at the server console of the NetWare server to list
the processes that are currently running.
Select Distributor from the list.

103-000143-001
August 30, 2001
Novell Confidential
15
Manual
99a
38
July 17, 2001
Prompt enter Exit, at the Distributor console.

Select Subscriber from the list.
Prompt enter Exit, at the Subscriber console.
Select ZENworks for Servers from the list.
Prompt enter Exit, at the ZENworks for Servers console.
Select Remote Web Console from the list.
Prompt enter Exit, at the Remote Web Console.
The following table lists the procedures that NetWare Accelerated Upgrade
does not support during a NetWare 4 or NetWare 5 upgrade.
Table 1
Unsupported Procedures When Upgrading a NetWare 4 or NetWare 5 Target Server

Not Supported during an Upgrade
Recommendation
Adding the IP protocol during the

upgrade
Add the IP protocol after upgrading by

using NetWare 6 utilities such as
INETCFG, or use the NetWare 6
Installation program to upgrade.
Once you have met the hardware requirements, complete the following steps
to prepare your target server to be upgraded:
1 Update the target server with the latest NetWare Support Pack.
Support Packs are available at the Novell Support Web site (http://
www.support.novell.com/filefinder).
NetWare 4.11 and NetWare 4.2 require NetWare 4 Support Pack 8

(IWSP6A.EXE) or later
NetWare 5.0 requires NetWare 5 Support Pack 6 or later
NetWare 5.1 requires NetWare 5 Support Pack 2 or later
2 (Conditional) If you are upgrading a server in a multiserver tree that is
running NDS 7 with NSS volumes, do the following:
2a Run the NetWare Deployment Manager utility (NWDEPLOY.EXE),
located at the root of the NetWare 6 Operating System CD.

2b Click Network Preparation > Prepare a Server with NDS 7 & NSS.
16

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
3 (Conditional) If you are upgrading a server in a multiserver tree that is
clustered, do the following:

3a Run the NetWare Deployment Manager utility (NWDEPLOY.EXE),
located at the root of the NetWare 6 Operating System CD.

3b Click Network Preparation > Prepare a Novell Cluster for Upgrade.
4 Run DSREPAIR > Time Synchronization at the server console of the
target server. If you encounter any NDS synchronization errors, make

sure you resolve these before continuing.
5 Mount all volumes.
If you have experienced disk errors in the past, you might want to run
VREPAIR on all of the volumes on the server to ensure that there are no
errors.
6 Verify that your target server can communicate with your staging server
and your client workstation.

IMPORTANT: Make sure that the client workstation, target server, and staging
server share the same protocol (IPXTM or IP).
If you have problems here, refer to Troubleshooting Server-to-Server

Connections on page 21.
7 Make sure that you have the Supervisor right to the container where the
target server resides.

When the target server is ready, continue with the next section, "Prepare the
Network."
Prepare the Network

Because you cannot use NetWare Accelerated Upgrade to upgrade the first
server in a multiserver tree to NetWare 6, you must do an inplace upgrade on
one server in your tree. Once there is a server in your tree running NetWare 6,
you can safely upgrade the rest of your servers using NetWare Accelerated
Upgrade.
For instructions on performing an inplace upgrade, refer to Chapter 3,
"Upgrade to NetWare 6" in the NetWare 6 Overview and Installation Guide.
If you are upgrading a server in a single-server tree to NetWare 6, you can use
NetWare Accelerated Upgrade; however, you will need to manually extend
the NDS schema after the upgrade. If you want the schema updated
automatically, it is best to do an inplace upgrade.
Continue with the next section, "Run NetWare Accelerated Upgrade."

103-000143-001
August 30, 2001
Novell Confidential
17
Manual
99a
38
July 17, 2001
Run NetWare Accelerated Upgrade

1 From your workstation, log in to the staging server and double-click the
NetWare Accelerated Upgrade executable (ACCUPG.EXE), located at

the root of the NetWare 6 Operating System CD.
2 Read the Welcome screen and click the right-arrow.
3 Enter the location where you copied or mounted the NetWare 6 files to the
staging server and click the right-arrow.

4 Enter the password to the staging server (the server that holds the copy of
the NetWare 6 CD files) and click OK.

5 Select your target server from the list and click the right-arrow.
6 If prompted, enter the username, password, tree name and context for the
target server, and then click OK.

7 Click the right-arrow.
At this point, NetWare Accelerated Upgrade checks the target server to

make sure that the selected server meets the minimum software and
hardware requirements of NetWare 6. This might take a few minutes.
8 Review the critical requirement screen and make sure that the target
server meets the minimum NetWare 6 server requirements.

NOTE: If you have applied the Support Packs listed in the Prepare the Target
Server on page 15, you wont have any problems meeting these requirements.
Some items appearing on the list are not critical requirements. But the
following requirements must be met before continuing:
NetWare server version
Directory Services version
CLIB version
HCSS is not loaded (NetWare 4 only)
SFTTM IIITM server is not used (NetWare 4 only)
Unsupported drivers are unloaded (NetWare 4 only)
If the target server does not meet a critical minimum requirement, the
server property will be listed in red. NetWare Accelerated Upgrade will
not allow you to continue until you have met all critical minimum
requirements.
IMPORTANT: If prompted to update your NICI file, follow the instructions in Step
2 on page 14 before continuing.
18

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
9 Check any of the following options that you want NetWare Accelerated
Upgrade to automatically perform during the upgrade, and then click the
right-arrow:
Reboot the target server after the upgrade is completed.

Even if you checked this option, there might be an instance where
you might need to manually reboot the target server once the file
copy is complete.
Update the existing drivers on the target server to NetWare 6 LAN

and disk drivers.
Because NetWare Accelerated Upgrade has renamed the
STARTUP.NCF file to STARTUP.AUP, during auto-detection,
NetWare Accelerated Upgrade will restore the original
STARTUP.NCF and then loads the appropriate .HAM and .CDM
drivers that NetWare 6 supports.
If device drivers are not found for a device currently loaded in the
former STARTUP.NCF or AUTOEXEC.NCF files, the LOAD line
will be deleted or copied to the new file and then commented out.
WARNING: If the target server contains any disk drivers that are not
compatible with NetWare 6, they cannot be replaced during the hardware

auto-detection process and your server cannot be upgraded. To avoid this,
unload any drivers that are not compatible with NetWare 6 before you
complete the upgrade. NetWare Accelerated Upgrade automatically detects
unsupported drivers and will warn you about proceeding.
Remove any unsupported DOS utilities existing on the target server

(NetWare 4 servers only).
10 Review the list of products that NetWare Accelerated Upgrade is going to
install and click the right-arrow.

Once you click the right-arrow, you might need to wait a few minutes
before the Progress Screen appears.
11 Monitor the Progress Screen and click Close when the NetWare 6
Operating System files have been copied to the target server.

Your target server has now been upgraded to a NetWare 6 server. NetWare
Accelerated Upgrade does not install additional network products during
the upgrade. To install additional network products, see Installing
Additional Networking Products on page 20.
Continue with Complete Post-Upgrade Tasks.

103-000143-001
August 30, 2001
Novell Confidential
19
Manual
99a
38
July 17, 2001
Complete Post-Upgrade Tasks

Installing Licensing Certificates
Because the NetWare Accelerated Upgrade utility does not install licenses,
use iManage via NetWare Web Manager to install license certificates on the
new NetWare 6 server.
NOTE: If licenses are installed at the [Root] of the NDS tree or you are on an MLA
account, you might not need to install additional licenses.
1 Go to NetWare Web Manager by entering the following into a Web
browser:
https://nw6serveripaddress:portnumber
2 Click the iManage icon.
3 Click License Management > Install Licenses.
4 Follow the on-screen instructions.
Installing Additional Networking Products
NetWare Accelerated Upgrade does not install additional products. If you

want to add network products, you can do so in one of two ways:
Through the server console by clicking the Novell icon on the servertop
and then Install.
Through Deployment Manager (located at the root of the NetWare 6
Operating System CD).
Specifying Disk Drivers Manually

You might want to change the behavior of hardware detection and the NDS
database upgrade. By replacing the -U option with the -MU option from the
lines that load HDETECT.NLM in the HWDETECT.ICS script file, you can
confirm or add new hardware devices during the upgrade.
To confirm or add new hardware devices during the upgrade, you must
physically be at the server console of the target server.
This procedure can also be used to load disk drivers that are not provided on
the NetWare 6 Operating System CD. This action might be beneficial when
upgrading multiple servers with identical hardware components. If you select
20

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
specific drivers manually, you must create and configure a \STARTUP

directory that contains the disk drivers and the STARTUP.NCF file.
1 Copy the NetWare 6 Operating System CD files to a volume on a staging
server.
IMPORTANT: Do not copy the files onto the target server that you are upgrading
or onto the client workstation.
2 Make sure that the target server can connect to the staging server.
3 Copy any additional .HAM and .CDM disk drivers that you need to the
\STARTUP directory on the staging server.

4 Continue with Prepare the Network on page 17.
Troubleshooting Server-to-Server Connections

If you could not make a server-to-server connection during NetWare
Accelerated Upgrade, try one or more of the possible solutions.
Disabling SAP Filtering

1 At the server console of the target server, enter
INETCFG
2 Select Protocols > IPX > Filtering Support.
If SAP filtering cannot be disabled, make sure that the client workstation is on
the same LAN segment as the target and staging servers.
Detaching from Unauthenticated Servers

1 From a Windows 95/98 or Windows NT client, right-click the red
Novell N.
2 Click NetWare Connections.
3 Select the server that you are not authenticated to.
4 Click Detach.
If you are still having problems communicating with the target server, reboot
the client workstation and try to log in to the target server again.

103-000143-001
August 30, 2001
Novell Confidential
21
Manual
99a
38
July 17, 2001
Setting the Target Servers Gate Parameter to Its Default Router IP

Address
For a NetWare 4 Target Server
1 At the server console, enter
LOAD INSTALL
2 Select NCF Files Options > Edit AUTOEXEC.NCF File.
3 In the AUTOEXEC.NCF file, add
LOAD TCP/IP
4 Add a command that loads the network board and specifies the slot,
frame, and name of the network board (the AUTOEXEC.NCF file should
list this information).
For example, if you had a NE2000TM network board located in slot 3 with
an Ethernet_II frame, you would add a command similar to the following:
LOAD NE2000 Slot=3 Frame=ethernet_II Name=NE2000
5 Add a command that will load the network board and its IP address, mask
address, and gate parameter (set this to the default router IP address of the
target server).
For example, for the NE2000 network board with a default router IP
address of 137.33.172.1, the command would be similar to the following:
LOAD NE2000 addr=137.65.178.1 mask=255.255.255.0
gate=137.33.172.1
6 Add a command to bind IP to the network board, using the following
format:
BIND IP network_board_name
7 Next, add the IP address, mask address, and gate parameter for the target
server to the BIND IP command line.

For a NetWare 5 Target Server
NWCONFIG
2 Select NCF Files Options > Edit AUTOEXEC.NCF File.
22

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
3 At the BIND IP command line, after the mask address, set the gate
parameter to the default router IP address for the target server.

For example, if your default router IP address was 137.65.178.1, at the
BIND IP command line you would enter the following after the mask
address:
gate=137.65.178.1

103-000143-001
August 30, 2001
Novell Confidential
23
Manual
24

103-000143-001
August 30, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
Automating the NetWare Installation

with a Response File
Installing the NetWare operating system software can be easier and more
flexible when you use a response file. When used with the graphical server
installation, a response file lets you
Set and display specific defaults
Bypass entire sections of the installation
Automate the entire server installation process
A response file is a text file containing sections and keys (similar to a
Windows .INI file). You can create a response file using any ASCII editor.
If you use a response file, the NetWare server installation reads the installation
parameters directly from the response file, replacing the default installation
values with response file values. The installation program accepts the values
as they appear and continues to the next installation screen. Because the
installation program gets all the required information from the response file,
you can even skip the entire sequence of installation screens.
Using a response file to install NetWare can be very useful to a variety of
customers and vendors. Novell customers who have established server
hardware standards in their enterprise can use the response file to rapidly
deploy multiple NetWare servers. They will also find the response file useful
for preconfiguring some of the NetWare installation, while leaving other
parameters to the local administrator. Resellers and OEMs will find the
response file useful for pre-installing NetWare prior to shipping a server to
their customers.

103-000143-001
August 30, 2001
Novell Confidential
25
Manual
99a
38
July 17, 2001
This chapter contains the following sections:

Creating a Response File on page 26
Using a Response File on page 27
Syntax on page 28
NetWare Sections and Keys on page 33
Performing a Fully Automated Installation on page 78
Automating the Installation of Additional Products and Services on
page 79
CD Boot and the Response File on page 87
Customizing the Installation Using Install Scripts on page 87
Performing a Factory Install on page 90
Creating a Response File

You can create a new response file, or edit one from a previous server
installation.
NOTE: You should take care when using a response file from a previous
installation because it can contain advanced configuration options you dont want
for your current installation.
Creating a New Response File

1 Open an ASCII editor such as EDIT.
2 Input parameters as described in Syntax on page 28.
Editing a Response File from a Previous Server Installation

You can generate a response file from a server installation or upgrade, and then
use it as input for additional server installations or upgrades. Using the
response file from another server installation works best when both servers
have the same hardware configurations.
1 Perform the first server installation, and then reboot the server by clicking
Yes on the closing screen of the installation.

2 Log in to the new server after it has been rebooted.
26

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
3 Copy RESPONSE.NI from the SYS:NI\DATA directory to either a
diskette or to the new server.

4 Modify the file by adjusting the parameters and removing unwanted
sections.
See Syntax on page 28 for a description of the parameters
Using a Response File

A response file can be used during a server installation in one of two ways:
Identified during the server installation
Entered at the command line
Using a Response File during a Server Installation

1 Copy the response file to a diskette, hard disk, or network directory
accessible by the PC that you are installing NetWare on.

2 Enter INSTALL to start the server installation.
3 On the Install Options screen (the first screen after the language section),
press F3 for the response file window.

4 Enter the path for the response file, and then press Enter.
5 Continue with the rest of the server installation.
Entering a Response File at the Command Line

1 Copy the response file to a diskette, hard disk, or network directory
accessible by the server that you are installing NetWare on.

2 Start the server installation from CD, hard disk, or network directory by
entering
INSTALL /RF=response_file_DOS_path\filename
Replace response file DOS path with the path for the response file, and
filename with the name of the response file. For example, if you are
installing NetWare from a CD and the response file is on a diskette, enter
D:\INSTALL /RF=A:\RESPONSE.TXT

103-000143-001
August 30, 2001
Novell Confidential
27
Manual
99a
38
July 17, 2001
Syntax
A response file is a Windows .INI-type file. Data items are identified as keys,
and keys have associated values (Key = value). These keys are grouped in
sections. For the NetWare installation program, each data input screen has one
or more sections associated with it. Section names of the installation generally
correspond to the function of the screens.
Section and key names are case sensitive. Values associated with keys are not
case sensitive. Semicolons placed at the beginning of a line indicate that the
line is a comment.
Sections can be placed in any order. However, if there are two or more sections
with the same section name, the first section listed in the response file will be
used and the other sections will be ignored.
The following sections apply to the NetWare server installation. They are
listed in the order they are used during installation.
28
Section
Purpose
[NWI:Product Information] Section

on page 33
Identifies the specific product version the

response file is associated with.
[NWI:Language] Section on page

34
Specifies the languages to be installed on

the server.
[NWI:Install Options] Section on

page 35
Corresponds to the first data input screen.
[NWI:Server Settings] Section on

page 37
Corresponds to the server settings

screen.
[NWI:Locale] Section on page 38
Corresponds to the regional settings

screen.
[NWI:Mouse and Video] Section

on page 39
Corresponds to the video and mouse

settings screen.
[NWI:Hardware] Section on page

40
Corresponds to the hardware detection

and driver matching function of the
installation program. If drivers are found in
the Update directories, they will be used
instead of the drivers found on the
NetWare CD.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Section
Purpose
[NWI:Excluded From Detection]

Section on page 44
Identifies what drivers will be excluded

from the auto-detection.
[NWI:Multi-Processor System]
Section on page 44
Identifies the driver associated with the

processor system in the server.
[NWI:Storage Adapter n] Section

on page 45
Identifies the driver and its associated

parameters for a specific storage adapter.
This Section can be duplicated for as
many adapters as are in the server. n
uniquely identifies the sequence of the
Section (for example, 1, 2, etc.).
[NWI:Storage Device n] Section on

page 46
Specifies storage devices. This section

can be duplicated for as many devices as
are in the server. n uniquely identifies the
sequence of the Section (for example, 1,
2, etc.).
[NWI:Network Adapter n] Section

on page 47
Identifies the driver and its associated

parameters for a specific network adapter.
This section can be duplicated for as many
devices as are in the server. n uniquely
identifies the sequence of the Section (for
example, 1, 2, etc.).
[NWI:Reserved Adapter n] Section

on page 50
Specifies the adapters that are to be

reserved.
[NWI:Hotplug System] Section on

page 50
Identifies the driver associated with the

processor system in the server.
[NWI:NetWare Loadable Module]

Section on page 51
Identifies NLMTM programs that are to be

loaded with the hardware drivers.
[NWI:Misc] Section on page 59
Functions as a container of parameters

that do not correspond to a data input
screen.
[NWI:File System] Section on page

51
Specifies the parameters for the partitions

and volumes.
[NWI:File Server] Section on page

60
Specifies the parameters that uniquely

identify the server.

103-000143-001
August 30, 2001
Novell Confidential
29
Manual
30
99a
38
July 17, 2001
Section
Purpose
[NWI:Protocols] Section on page

61
Controls whether the protocol screen is

displayed.
[NWI:TCPIP] Section on page 62
Specifies TCP/IP parameters.
[NWI:IPX] Section on page 63
Specifies IPXTM parameters.
[NWI:IPCMD] Section on page 64
Specifies Compatibility Mode parameters.
[NWI:SNMP] Section on page 65
Specifies Simple Network Management

Protocol parameters.
[NWI:DNS] Section on page 67
Specifies Domain Name Service (DNS)

parameters.
[NWI:Host Name] Section on page

68
Specifies DNS Host Name for each IP

address.
[NWI:Time Zone] Section on page

69
Corresponds to the time zone screen.
[NWI:Time Synchronization]
Section on page 70
Specifies time server configuration.
[NWI:NDS] Section on page 70
Corresponds to the NDS screen.
[NWI:License] Section on page 74
Identifies the location of the license file.
[NWI:Add to Startup] Section on

page 76
Specifies lines to be added to the

STARTUP.NCF file.
[NWI:Append To Autoexec.ncf]
Section on page 77
Specifies lines to be added to the

AUTOEXEC.NCF file.
[NWI:Use NCF Settings] Section

on page 77
Specifies whether to use the response file

or the AUTOEXEC.NCF file for the server
name during an upgrade.
[Novell:NOVELL_ROOT:1.0.0]
Section on page 78
Specifies full automation of installation.
[Selected Nodes] Section on page

80
Specifies full automation of products and

services.
[LDAP] Section on page 83

services.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Section
Purpose
[Novell:DNS_DHCP:1.0.0] Section
on page 85

services.
[NWI:Install Script] Section on

page 88

services.
[NWI:Factory] Section on page 91
Specifies full automation of factory install.
[Novell:StartupDirectory:1.0.0]
Section on page 92
[Novell:SYSDirectory:1.0.0]
Section on page 92
[Novell:ConfigDirectory:1.0.0]
Section on page 93
[Novell:LANFiles:1.0.0] Section on
page 93
[Novell:SBDFiles:1.0.0] Section on
page 94
[Novell:portalzip:1.0.0] Section on
page 94
[Novell:Rconjzip:1.0.0] Section on
page 95
[Novell:Perl5zip:1.0.0] Section on
page 95
[Novell:beanszip:1.0.0] Section on
page 96
[Novell:scripteszip:1.0.0] Section
on page 97
on page 97
[Novell:console1zip:1.0.0] Section
on page 97
[Novell:ldapzip:1.0.0] Section on
page 98
[Novell:wanmanzip:1.0.0] Section
on page 98

103-000143-001
August 30, 2001
Novell Confidential
31
Manual
99a
38
July 17, 2001
The Prompt key is listed with each section that corresponds to a data input
screen and it
Controls whether the screen will be displayed.
Lets you use the response file to pass in the keys and values of the section.
Lets you bypass the screen.
If the value of Prompt is True, the screen will be displayed and the data
specified in the response file will be presented as default values. The screen
will not be displayed if the value of Prompt is False. If any of the required data
is missing in the response file, however, the screen will be shown regardless
of the Prompt value. For more information on each sections keys, see
NetWare Sections and Keys on page 33.
In the following example, the data input screen will be displayed with the NDS
information already filled in:
[NWI:NDS]
Prompt = True
Tree Name = Novell
New Tree = True
Server Context = O=Utah
Admin Context = O=Utah
Admin Login Name = Admin
Admin Password = install
Display Summary = True
In the following example, the NDS input screen and the Summary screens will
not be displayed and the NetWare installation program will bypass them.
[NWI:NDS]
Prompt = False
Tree Name = Novell
New Tree = True
Server Context = O=Utah
Admin Context = O=Utah
Admin Password = install
Display Summary = False
32

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NetWare Sections and Keys

The NetWare installation sections and their associated keys are specified
below. Section names and Key names are in bold. Included with each key are
the default value, possible values, whether the Key is required for the NetWare
installation to run silently (for example, to create a new NDS tree without any
user input, New Tree=True must appear in the response file). Also included
with each Key is a short description of the Keys purpose.
[NWI:Product Information] Section

Major Version = <string>
Default
NetWare 6
Values
(product name)
Key Required
Yes
Example
Major Version = NetWare 6
Purpose
Specifies the name of the product that this response file is

associated with. If this value does not match that of the
NetWare default response file (normally found in the
INSTALL directory on the CD), the installation will not
continue.
Minor Version = <integer>

Default
10
Value
0-99
Key Required
Yes
Example
Minor Version = 10
Purpose
Specifies the revision level of the product. If this value

does not match that of the NetWare default response file
(normally found in the INSTALL directory on the CD
image), the installation will not continue.
NOTE: The default value was inadvertently left at 0 for
the English version release. The error was corrected in

the international release.

103-000143-001
August 30, 2001
Novell Confidential
33
Manual
99a
38
July 17, 2001
Small Business = <string>

Default
False
Value
True or False
Key Required
No
Example
Small Business = True
Purpose
Controls whether the Small Business licensing model is

used.
[NWI:Language] Section
Prompt = <string>
Default
True
Values
True or False
Key Required
Yes
Example
Prompt = True
Purpose
Controls whether the screen is displayed.
Server Language = <integer>
34
Default
4 (English)
Values
1-100
Key Required
Yes
Example
Server Language = 4
Purpose
Specifies the language that the screens of the installation

program will be displayed in and that will be the default
language of the server.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Additional Languages = <integers separated by commas>

Default
(none)
Values
1-100 (values are specified in INSTALL\PROFILE.TXT)
Key Required
No
Example
Additional Languages = 5,6
Purpose
Specifies additional languages that will be installed on the

server.
[NWI:Install Options] Section

Prompt = <string>
Default
True
Values
True or False
Key Required
Yes
Example
Prompt = True
Purpose
Default
False
Values
True or False
Key Required
Yes
Example
Upgrade = False
Purpose
Specifies whether the installation will be an upgrade or a

new installation. False specifies a new installation rather
than an upgrade.
Upgrade = <string>

103-000143-001
August 30, 2001
Novell Confidential
35
Manual
99a
38
July 17, 2001
Startup Directory = <string>

Default
C:\NWSERVER
Values
(existing DOS path up to 255 characters)
Key Required
Yes
Example
Startup Directory = C:\NWSERVER
Purpose
Identifies the directory where the servers initialization files

will reside on the Boot Partition.
Allow User response file = <string>

Default
True
Values
True or False
Key Required
No
Example
Allow User response file = True
Purpose
Makes the F3 key available on the opening screen. It

allows a user to input a path to an additional response file.
NOTE: Values in a user response file will override the
values of other response files passed in previously to the

installation program.
Abort on Error = <string>
36
Default
False
Values
True or False
Key Required
No
Example
Abort on Error = True
Purpose
Specifies whether the installation will halt when an error is

encountered during an unattended installation. The user will
normally see an error screen if this key is set to False.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
[NWI:Server Settings] Section

Prompt = <string>
Default
True
Values
True or False
Key Required
Yes
Example
Prompt = True
Purpose
NDS Version = <integer>

Default
Values
7 or 8
Key Required
Yes
Example
NDS Version = 8
Purpose
Specifies the version of NDS to install on this server.
Load Server at Reboot = <string>

Default
True
Values
True or False
Key Required
No
Example
Load Server at Reboot = True
Purpose
Adds new AUTOEXEC.BAT and CONFIG.SYS files that sets

a minimal DOS environment and automatically loads the
server. Pre-existing AUTOEXEC.BAT and CONFIG.SYS
files on the server will be renamed to *.000. If this value is set
to True and AUTOEXEC.000 already exists, then
AUTOEXEC.BAT will be renamed to AUTOEXEC.001, etc.

103-000143-001
August 30, 2001
Novell Confidential
37
Manual
99a
38
July 17, 2001
CD Driver = <string>
Default
NetWare
Values
NetWare or DOS
Key Required
No
Example
Source Media Access = NetWare
Purpose
Determines the driver type (DOS or server) used to access

the CD during installation.
[NWI:Locale] Section
Prompt = <string>
Default
True
Values
True or False
Key Required
Yes
Example
Prompt = True
Purpose
Country Code = <integer>
38
Default
001
Values
(Values are specified in INSTALL\NLS\language

number\LOCALE.TXT)
Key Required
Yes
Example
Country Code = 001
Purpose
Specifies the country-oriented settings for display.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Code Page = <integer>

Default
437
Values
(values are specified in INSTALL\NLS\language

number\LOCALE.TXT)
Key Required
Yes
Example
Code Page = 437
Purpose
Sets the character set for the server.
Keyboard = <string>
Default
United States
Values
(values are specified in INSTALL\NLS\<language

number>\LOCALE.TXT)
Key Required
Yes
Example
Keyboard = United States
Purpose
Sets the keyboard type.
[NWI:Mouse and Video] Section

Prompt = <string>
Default
True
Values
True or False
Key Required
Yes
Example
Prompt = True
Purpose

103-000143-001
August 30, 2001
Novell Confidential
39
Manual
99a
38
July 17, 2001
Mouse = <string>
Default
PS/2
Values
PS/2, Serial COM1, Serial COM2, No Mouse (values are

specified in INSTALL\NLS\language number\LOCALE.TXT)
Key Required
Yes
Example
Mouse = PS/2
Purpose
Specifies the mouse type that will be used for the graphical
portion of the installation.
Use Super VGA = <string>

Default
True
Values
True or False
Key Required
No
Example
Use Super VGA = True
Purpose
Indicates whether 256-color Super VGA is set for the

graphical portion of the installation. If set to False, 16-color
Standard VGA is set.
[NWI:Hardware] Section
Prompt = <string>
40
Default
True
Values
True or False
Key Required
Yes
Example
Prompt = True
Purpose

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Update Storage Driver Directory = <DOS path>

Default
(none)
The Install always looks in C:\NWUPDATE as well.
Values
Key Required
No
Example
Update Storage Driver Directory = F:\DRV\UPDATE
Purpose
Specifies the directory path where updated storage (HAM and

CDM) drivers will be found; the directory should already exist
and be a local DOS path.
NOTE: Associated DDI files must accompany the storage
drivers in this directory.
Update Network Driver Directory = <DOS path>

Default
(none)
The Install always looks in C:\NWUPDATE as well.
Values
Key Required
No
Example
Update Network Driver Directory = F:\DRV\UPDATE
Purpose
Specifies the directory path where updated network (LAN)

drivers will be found; the directory should already exist and be
a local DOS path.
NOTE: Associated LDI files must accompany the storage

103-000143-001
August 30, 2001
Novell Confidential
41
Manual
99a
38
July 17, 2001
Update PSM Driver Directory = <DOS path>

Default
(none)
The Install always looks in C:\NWUPDATE as well
Values
Key Required
No
Example
Update PSM Driver Directory = F:\DRV\UPDATE
Purpose
Specifies the directory path where updated processor (PSM)

drivers will be found; the directory should already exist and be
a local DOS path.
NOTE: Associated PDI files must accompany the storage
Update Source Drive Type = <string>

Default
(the type of the install source)
Values
Floppy or CD or Network or Other
Key Required
No, unless one or more of the Update keys above are set.
Example
Update Source Drive Type = Network
Purpose
Specifies the type of all source directories identified in the keys

above; all directories must be of the same type.
PSM Detection = <string>
42
Default
True
Values
True or False
Key Required
No
Example
PSM Detection = True
Purpose
Controls whether driver matching is performed for the processor

system. If driver information is identified in the response file (see
Multi-Processor System section), detection can be set to False.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Storage Detection = <string>

Default
True
Values
True or False
Key Required
No
Example
Storage Detection = True
Purpose
Controls whether detection of storage adapters and driver

matching is performed. If storage adapter and driver information
is identified in the response file (see Storage Adapter section),
detection can be set to False.
Network Detection = <string>

Default
True
Values
True or False
Key Required
No
Example
Network Detection = True
Purpose
Controls whether detection of network adapters and driver

matching is performed. If network adapter and driver
information is identified in the response file (see Network
Adapter section), detection can be set to False.
Device Detection = <string>

Default
True
Values
True or False
Key Required
No
Example
Device Detection = True
Purpose
Controls whether detection of storage devices and driver

matching is performed. If storage adapter and driver information
is identified in the response file (see Storage Device section),
detection can be set to False.

103-000143-001
August 30, 2001
Novell Confidential
43
Manual
99a
38
July 17, 2001
HotPlug Detection = <string>

Default
True
Values
True or False
Key Required
No
Example
HotPlug Detection = True
Purpose
Controls whether detection of Hot Plug devices and driver

matching is performed.
[NWI:Excluded From Detection] Section

Driver File = <filename>
Default
(none)
Values
(name of driver)
Key Required
No
Example
Driver File =AHA2940.HAM
Purpose
Identifies the driver that will be excluded from auto-detection.
[NWI:Multi-Processor System] Section

44
Default
(none)
Values
(name of driver)
Key Required
No, unless PSM Detection=False
Example
Driver File = MPS14.PSM
Purpose
Identifies the driver to use for the servers multiprocessor

system.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
[NWI:Storage Adapter n] Section

Example
[NWI:Storage Adapter 1]
Description
This section can be included for each storage adapter in the

server. Several Keys are described under this section which
are optional; if the driver is detectable by NetWare, only the
Driver File key is required for the section. The other Keys and
Values are varied and are extracted from the drivers
corresponding DDI file.

Default
(none)
Values
(name of driver)
Key Required
No, unless Storage Detection=False
Example
Driver File = AHA2940.HAM
Purpose
Identifies the driver to use for the storage adapter.
SLOT = <integer>
Default
(none)
Values
(can be a 5-digit Hardware Instance Number assigned on

servers with buses that support detectionsuch as PCI)
Key Required
No, unless the driver is for an ISA adapter
Example
SLOT = 2
Purpose
Specifies the bus slot of the storage adapter to which the

driver should be loaded.

103-000143-001
August 30, 2001
Novell Confidential
45
Manual
99a
38
July 17, 2001
INT = <hexadecimal number>

Default
(none)
Values
1-F
Key Required
No, unless the driver is for an ISA adapter.
Example
INT = F
Purpose
Specifies the interrupt that the adapter is set to; this

parameter is commonly used for ISA bus adapters.
Default
(none)
Values
(3-digit memory address)
Key Required
Example
PORT = 170
Purpose
Specifies the memory address the adapter is set to; this

PORT = <number>
[NWI:Storage Device n] Section

Example
[NWI:Storage Device 1]
Description
This section can be included for each storage device in the

server.
46
Default
(none)
Values
(name of driver)
Key Required
No, unless Device Detection=False
Example
Driver File = IDECD.CDM
Purpose
Identifies the driver to use for the storage device.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
[NWI:Network Adapter n] Section

Example
[NWI:Network Adapter 1]
Description
This section can be included for each network adapter in

the server. Several Keys are described under this section
which are optional; if the driver is detectable by NetWare,
only the Driver File Key is required for the section. The
other Keys and Values are varied and are extracted from
the drivers corresponding LDI file.

Default
(none)
Values
(name of driver)
Key Required
No, unless Network Detection=False
Example
Driver File = 3C59X.LAN
Purpose
Identifies the driver to use for the network adapter.
Default
(none)
Values

Key Required
Example
SLOT = 10001
Purpose
Specifies the bus slot of the network adapter to which the

driver should be loaded.
SLOT = <integer>

103-000143-001
August 30, 2001
Novell Confidential
47
Manual
99a
38
July 17, 2001
INT = <hexadecimal number>

Default
(none)
Values
1-F
Key Required
Example
INT = F
Purpose
Specifies the interrupt that the adapter is set to; this

PORT = <number>
Default
(none)
Values
(3-digit memory address)
Key Required
Example
PORT = 170
Purpose
Specifies the memory address the adapter is set to; this

Adapter Name = <string>
48
Default
(none)
Values
(text up to 255 characters)
Key Required
No
Example
Adapter Name = 3C59X_1
Purpose
Specifies a unique name for this adapter.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Frame Type n = <frame type>

Default
(none)
Values
(frame types supported by the driver are found in the

drivers LDI file)
Key Required
No
Example
Frame Type 1 = Ethernet_802.2
Purpose
Identifies the network frame type to be used when loading

the driver. There can be as many descriptions as there
are frame types supported by the drivern uniquely
identifies the frame type (for example, 1, 2, etc.).
Logical Name n = <string>

Default
(none)
Values
(text combining the Frame Type with the Adapter Name)
Key Required
No
Example
Logical Name 1 = 3C59X_1_E82
Purpose
Identifies the name to be used when binding a protocol to

a frame type on this adapter. There must be a logical
name for each frame type loaded with the drivern
uniquely identifies the frame type (for example, 1, 2,
etc.).
Octet Bit Order = <string>

Default
LSB
Values
LSB or MSB
Key Required
No
Example
Octet Bit Order = LSB
Purpose
Specifies the bit order (Least Significant Bit or Most

Significant Bit) that this network adapter uses for
deciphering the node address.

103-000143-001
August 30, 2001
Novell Confidential
49
Manual
99a
38
July 17, 2001
[NWI:Reserved Adapter n] Section

Example
[NWI:Reserved Adapter 1]
Description
This section can be included for each slot in the server.
Default
(none)
Values

Key Required
Example
SLOT = 5
Purpose
Specifies the bus slot that should be reserved. If an adapter

is found in this slot, an error is generated.
SLOT = <integer>
[NWI:Hotplug System] Section

50
Default
(none)
Values
(name of driver)
Key Required
No, unless HotPlug Detection=False
Example
Driver File = CPQSBD.NLM
Purpose
Identifies the driver to use for the Hot Plug system.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
[NWI:NetWare Loadable Module] Section

Default
(none)
Values
(name of NLM)
Key Required
No
Example
Driver File = ROUTE.NLM
Purpose
Identifies the NLM to load during installation. This is

typically used for network support NLM programs.
[NWI:File System] Section

Prompt = <string>
Default
True
Values
True or False
Key Required
Yes
Example
Prompt = True
Purpose
Controls whether the character-based SYS Volume and

Partition screen is displayed.
Allow Volume Properties = <string>

Default
True
Values
True or False
Key Required
No
Example
Allow Volume Properties = True
Purpose
Controls whether the F3 Volume Properties option is

displayed.

103-000143-001
August 30, 2001
Novell Confidential
51
Manual
99a
38
July 17, 2001
GUI Prompt = <string>

Default
True
Values
True or False
Key Required
Yes
Example
GUI Prompt = True
Purpose
Controls whether the File System screen is displayed during

the graphical portion of the install.
[NWI:Partition n] Section
Example
[NWI:Partition 0]
Description
This section allows partitions to be created on specific

devices in the system during installation. The devices are
specified by the key entries in the section. The zero-based
sequence number (n = 0, 1, 2, 3, ...) in the section heading
specifies the order in which the partitions are created. The
partition on which volume SYS is created must be defined in
[NWI:Partition 0].
Device Type = <string>
52
Default
(none)
Values
IDE or SCSI
Key Required
No
Example
Device Type = IDE
Purpose
Identifies the type of the device the partition is to be placed

on.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
IDE Device Serial Number = <string>

Default
(none)
Values
(string of characters)
Key Required
No
Example
IDE Device Serial Number = AX8273430930.
Purpose
Specifies the serial number of the device designated by the

manufacturer. (It is usually found on a sticker attached to the
device.)
IDE Device Channel = <integer>

Default
(none)
Values
1 or 2 or 3 or 4
Key Required
No
Example
IDE Device Channel = 1
Purpose
Identifies the channel on which the device is to be found.
IDE Device Type = <string>

Default
(none)
Values
Master or Slave
Key Required
No
Example
IDE Device Type = Master
Purpose
Specifies the IDE type of the device on the channel.

103-000143-001
August 30, 2001
Novell Confidential
53
Manual
99a
38
July 17, 2001
SCSI Device Adapter Slot = <integer>

Default
(none)
Values
1 to16
Key Required
No
Example
SCSI Device Adapter Slot = 1
Purpose
Identifies the physical slot number of the SCSI adapter
SCSI Device ID = <integer>

Default
(none)
Values
0 to 15
Key Required
Yes
Example
SCSI Device ID = 0
Purpose
Specifies the ID of the device on the SCSI chain
Partition Type = <string>
54
Default
NSS
Values
NetWare or NSS or Free
Key Required
No
Example
Partition Type = NSS
Purpose
Identifies the type of partition to be created

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Partition Size = <integer> or <ALL FREE SPACE>

Default
(none)
Values
(up to the size of free space on the device in MB)
Key Required
No
Example
Partition Size = 1000
Purpose
Identifies the size of the partition. Note that the number is

modified to align with a cylinder boundary. "ALL FREE
SPACE" specifies that all remaining free space on the
device will be used.
Partition HotFix Size = <integer>

Default
(calculated on Partition Size)
Values
0 to 120 (in MB)
Key Required
No
Example
Partition HotFix Size = 20
Purpose
Identifies the size of the redirection area on the partition
Mirror Partition = <integer>

Default
(none)
Values
(partition number)
Key Required
No
Example
Mirror Partition = 3
Purpose
Identifies the partition that this partition will be mirrored to.

103-000143-001
August 30, 2001
Novell Confidential
55
Manual
99a
38
July 17, 2001
[NWI:Volume n] Section
Example
[NWI:Volume 0]
Description
This section can be included for each volume defined on the

server. Note that SYS must be Volume 0. This section allows
volumes to be created on specific partitions in the system
during installation. The partitions are specified by the key
entries in the section. The zero-based sequence number (n
= 0, 1, 2, 3, ...) in the section heading specifies the order in
which the volumes are created. Volume SYS must be
defined in [NWI:Volume 0].
Volume Name = <string>

Default
(none)
Values
(valid volume name)
Key Required
Yes
Example
Volume Name = DATA
Purpose
Identifies the name of the volume; follows naming

convention found in the NetWare user documentation.
Volume Type = <string>
56
Default
NSS
Values
NetWare or NSS or Free
Key Required
No
Example
Volume Type = NSS
Purpose
Specifies the type of the volume to be created. Note that

volume types must be created on like partition types (e.g.,
NSS volume on NSS partition).

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Block Size = <integer>

Default
(calculated on the size of the first segment of the volume)
Values
4 or 8 or 16 or 32 or 64
Key Required
No
Example
Block Size = 64
Purpose
Identifies the volumes block size. Note that this key does
not apply to NSS volumes.
Compression = <string>
Default
True
Values
True or False
Key Required
No
Example
Compression = True
Purpose
Specifies whether compression is enabled on the

volume.
Suballocation = <string>
Default
True (on NetWare volume types)
Values
True or False
Key Required
No
Example
Suballocation = True
Purpose
Specifies whether suballocation is enabled on the volume.

Note that this key does not apply to NSS volumes.

103-000143-001
August 30, 2001
Novell Confidential
57
Manual
99a
38
July 17, 2001
Data Migration = <string>

Default
False
Values
True or False
Key Required
No
Example
Data Migration = True
Purpose
Specifies whether data migration is enabled on the volume.

Note that this key does not apply to NSS volumes.
Default
False
Values
True or False
Key Required
No
Example
Mount = True
Purpose
Specifies whether the volume should be mounted during

installation. This is useful if additional products and services
are to be installed on a volume other than SYS. Note that
mounting volumes will take additional time during the server
installation. Also, this key will be ignored if GUI Prompt =
False is not set in the NWI:File System section; this is to
avoid a conflict between this key and the mount volumes
screen during installation.
Mount = <string>
Segment n Partition = <integer>
58
Default
(none)
Values
(any value n previously defined in section [NWI:Partition

n])
Key Required
Yes
Example
Segment 1 Partition = 1
Purpose
Identifies the partition on which the volume segment is to

be created. The number of segments n is limited from 1 to
8 for NetWare partitions and must be defined sequentially.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Segment n Size = <integer> or <ALL FREE SPACE>

Default
(none)
Values
(up to free space on a partition in MB)
Key Required
Yes
Example
Segment 1 Size = 1000
Purpose
Specifies the size of the volume segment. "ALL FREE

SPACE" specifies that all remaining free space on the
partition will be used.
[NWI:Misc] Section
Relogin Password = <string>
Default
(none)
Values
(text)
Key Required
No, unless it is a network installation.
Example
Relogin Password = Novell
Purpose
Specifies the password for the user connection being

used while installing across the network. When this
section is properly used, the install bypasses the
reauthentication screen following the loading of the LAN
driver and prior to the preliminary file copy.

103-000143-001
August 30, 2001
Novell Confidential
59
Manual
99a
38
July 17, 2001
[NWI:File Server] Section

NOTE: This is the first section used during the graphical portion of the installation.
Prompt = <string>
Default
True
Values
True or False
Key Required
Yes
Example
Prompt = True
Purpose
Servername = <string>
Default
(none)
Values
(text up to 47 characterssee NetWare documentation for

valid set of characters)
Key Required
Yes
Example
Servername = Novell
Purpose
Specifies the name of the server. Note that a server is

brought up with temporary name until a valid Servername is
entered.
Server ID Number = <hexadecimal number>
60
Default
(randomly generated)
Values
00000001-FFFFFFFF
Key Required
Yes
Example
Server ID Number = 01010101
Purpose
Uniquely identifies the server for network communication

purposes. Note that this number should not conflict with
any existing IPXTM addresses on your network.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
[NWI:Protocols] Section
Prompt = <string>
Default
True
Values
True or False
Key Required
Yes
Example
Prompt = True
Purpose
Controls whether the protocols screen is displayed.
Single Network Adapter=<string>

Default
False
Values
True or False
Key Required
No
Example
Single Network Adapter=True
Purpose
If this key is set to True then in the [NWI:TCPIP] and

[NWI:IPX] sections of the response file the "Logical Name
1" key is automatically filled in with the logical name of the
first network card found in the system. The logical name
will be bound to the TCPIP and IPX addresses specified
in the [NWI:TCPIP] and [NWI:IPX] sections of the
response file.
Default IP Frame Typer=<string>

Default
(none)
Values
(Frame types that are supported by a driver are found in the

drivers LDI file
Key Required
No
Example
Default IP Frame Type=Ethernet II
Purpose
Identifies the network frame type to be bound to the IP stack

when the "Single Network Adapter" is set to True.

103-000143-001
August 30, 2001
Novell Confidential
61
Manual
99a
38
July 17, 2001
Default IPX Frame Typer=<string>

Default
(none)
Values
(Frame types that are supported by a driver are found in the

drivers LDI file
Key Required
No
Example
Default IPX Frame Type=Ethernet 802.2
Purpose
Identifies the network frame type to be bound to the IPX stack

when the "Single Network Adapter" is set to True.
[NWI:TCPIP] Section
Default
(none)
Values
(name identified in the Network Adapter sections of the

response file)
Key Required
No, unless IP is to be bound.
Example
Logical Name 1 = 3C59X_1_EII
Purpose
Identifies the name of the adapter and frame type that the
protocol is to be bound to.
IP Address n = <decimal number>
62
Default
(none)
Values
(valid IP address)
Key Required
No, unless Logical Name is set
Example
IP Address 1 = 130.1.130.1
Purpose
Specifies the IP address to be bound.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Subnet Mask n = <decimal number>

Default
(none)
Values
(valid IP address)
Key Required
No, unless Logical Name is set.
Example
Subnet Mask 1 = 255.255.255.0
Purpose
Specifies the subnet. Divides the IP address into network

address and node address.
Gateway n = <decimal number>

Default
(none)
Values
(valid IP address)
Key Required
No
Gateway 1 = 127.127.0.254
Purpose
Identifies the gateway or router through which this server

can communicate outside the subnet.
[NWI:IPX] Section
Default
(none)
Values
(name identified in the Network Adapter sections of the

response file)
Key Required
No, unless IPX is to be bound
Example
Logical Name 1 = 3C59X_1_E82
Purpose
Identifies the name of the adapter and frame type that the
protocol is to be bound to.

103-000143-001
August 30, 2001
Novell Confidential
63
Manual
99a
38
July 17, 2001
IPX Address n = <hexadecimal number>

Default
(address detected by the installation program)
Values
00000001-FFFFFFFF
Key Required
No, unless Logical Name is set
Example
IPX Address 1 = 01010102
Purpose
Specifies the IPX address to be bound.
[NWI:IPCMD] Section
IPX Compatibility = <string>
Default
True
Values
True or False
Key Required
No
Example
IPX Compatibility = True
Purpose
Controls whether SCMD is loaded on this server.
Migration Agent = <string>
64
Default
True
Values
True or False
Key Required
No
Example
Migration Agent = True
Purpose
Controls whether the Migration Agent (SCMD /MA) is loaded

on this server.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
CMD Net Number = <string>

Default
(none)
Values
00000001-FFFFFFFF
Key Required
No
Example
CMD Net Number = 01010101
Purpose
Specifies the network number.
Preferred IP Address = <decimal number>

Default
(none)
Values
(valid IP address)
Key Required
No
Example
Preferred IP Address = 130.1.130.1
Purpose
Specifies the IP address.
[NWI:SNMP] Section
Hardware = <string>
Default
(none)
Values
Values (text)
Key Required
No
Example
Hardware = Personal Computer
Purpose
Identification information that is sent with SNMP traps to

assist in troubleshooting.

103-000143-001
August 30, 2001
Novell Confidential
65
Manual
99a
38
July 17, 2001
Location = <string>
Default
(none)
Values
(text)
Key Required
No
Example
Location = Building A
Purpose

Contact = <string>
Default
(none)
Values
(text)
Key Required
No
Example
Contact = John Doe
Purpose

Trap Targets TCPIP = <decimal numbers separated by commas>
66
Default
(none)
Values
(valid IP addresses)
Key Required
No
Example
Trap Targets TCPIP = 127.1.127.3
Purpose
Identifies IP address of a computer to which SNMP traps

are sent.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Trap Targets IPX = <MAC address separated by commas>

Default
(none)
Values
(8-character IPX address:12-character node number)
Key Required
No
Example
Trap Targets IPX = C9990111:000001B555555
Purpose
Identifies MAC addresses of a computer to which SNMP

traps are sent.
[NWI:DNS] Section
Prompt = <string>
Default
True
Values
True or False
Key Required
Yes
Example
Prompt = True
Purpose
Controls whether the DNS screen is displayed.
Domain = <string>
Default
(none)
Values
(text)
Key Required
No
Example
Domain = novell.com
Purpose
Specify a domain.

103-000143-001
August 30, 2001
Novell Confidential
67
Manual
99a
38
July 17, 2001
Nameservers = <decimal numbers separated by commas>

Default
(none)
Values
(valid IP addresses)
Key Required
No
Example
Nameservers = 131.1.131.1, 131.1.131.2
Purpose
Identifies the servers to be used for name resolution.
[NWI:Host Name] Section

Prompt = <string>
Default
True
Values
True or False
Key Required
Yes
Example
Prompt = True
Purpose
Host Name n = <string>
68
Default
(none)
Values
(text)
Key Required
No
Example
Host Name 1 = install.novell.com
Purpose
Specifies the host name associated with an IP address

already bound.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
IP Address n = <decimal number>

Default
(none)
Values
(valid IP address)
Key Required
No
Example
IP Address 1 = 130.1.130.1
Purpose
Specifies the IP address associated with a Host Name.

Note that Host Name 1 will be set as the Primary address.
[NWI:Time Zone] Section

Prompt = <string>
Default
True
Values
True or False
Key Required
Yes
Example
Prompt = True
Purpose
Controls whether the time zone screen is displayed.
Time Zone = <string>

Default
(none)
Values
(stringsee COMOTHR.ILS)
Key Required
Yes
Example
Time Zone = (GMT-06:00) U.S. and Canada Central Time
Purpose
Specifies the standard time zone. Note that the exact string
from COMOTHR.ILS (in INSTALL\NLS\4) must be used.

103-000143-001
August 30, 2001
Novell Confidential
69
Manual
99a
38
July 17, 2001
Use Daylight Saving Time = <string>

Default
True, if Time Zone supports Daylight Saving Time
Values
True or False
Key Required
No
Example
Use Daylight Saving Time = True
Purpose
Controls whether daylight saving time is set.
[NWI:Time Synchronization] Section

Default Time Server Type = <string>
Default
(Single if new tree, Secondary if existing tree)
Values
Single, Primary, Secondary
Key Required
No
Example
Default Time Server Type = Single
Purpose
Specifies the time server type.
[NWI:NDS] Section
Prompt = <string>
70
Default
True
Values
True or False
Key Required
Yes
Example
Prompt = True
Purpose
Controls whether the NDS screen is displayed.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Tree Name = <string>

Default
(none)
Values
(text)
Key Required
Yes
Example
Tree Name = Novell
Purpose
Specifies the tree name for either a new tree or an existing

tree to install the server into.
Default
False
Values
True or False
Key Required
Yes
Example
New Tree = True
Purpose
Specifies whether the NDS tree to be installed is a new tree

or install into an existing tree.
New Tree = <string>
NOTE: This key is only used when Prompt = False.
Server Context = <string>

Default
(none)
Values
(NDS distinguished name)
Key Required
Yes
Example
Server Context = .install.novell
Purpose
Identifies the NDS context that the server is to be installed

into.

103-000143-001
August 30, 2001
Novell Confidential
71
Manual
99a
38
July 17, 2001
Add Replica = <string>

Default
(none)
Values
True or False
Key Required
No
Example
Add Replica = True
Purpose
Controls whether a replica is added to the server. This only

applies if the server is not one of the first three servers
added to an NDS tree (by default the first three servers
receive replicas).
Upgrade User Conflict Action = <string>

Default
(none)
Values
Delete, Merge, or Rename
Key Required
No, unless it is an upgrade from NetWare 3.1x
Example
Upgrade User Conflict Action = Merge
Purpose
Determines what action is to be taken during the upgrade of

a NetWare 3.1x server when objects of the same name are
found during the conversion of the bindery to NDS.
Admin Login Name = <string>
72
Default
(none)
Values
(text)
Key Required
Yes
Example
Purpose
Specifies the name for the server administrator.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Admin Context = <string>

Default
(none)
Values
Key Required
Yes
Example
Admin Context = .install.novell
Purpose
Identifies the NDS context in which the server administrator

is to be installed into.
Admin Password = <string>

Default
(none)
Values
(text)
Key Required
Yes
Example
Admin Password = Novell
Purpose
Specifies the password for the server administrator. Note

that for security purposes, this password is removed from
the response file after NDS is installed.
Admin Language = <integer>

Default
4 (English)
Values
1-100
Key Required
Yes
Example
Admin Language = 4
Purpose
Specifies the language of the server administrator. User

objects created by the server administrator will be assigned
this language.

103-000143-001
August 30, 2001
Novell Confidential
73
Manual
99a
38
July 17, 2001
Display Summary = <string>

Default
True
Values
True or False
Key Required
Yes
Example
Display Summary = True
Purpose
Controls whether the NDS Summary screen is displayed
[NWI:License] Section
Prompt = <string>
Default
True
Values
True or False
Key Required
Yes
Example
Prompt = True
Purpose
Controls whether the license screen is displayed.
Display License Agreement = <string>
74
Default
True
Values
True or False
Key Required
Yes
Example
Display License Agreement = False
Purpose
Controls whether the license agreement screen at the

beginning of the server install is displayed

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Install Licenses Later = <string>

Default
False
Values
True or False
Key Required
No
Example
Install Licenses Later = True
Purpose
Specifies that no licenses will be installed on the server. If

this key is set to True, all remaining licensing keys will be
ignored.
License File = <string>

Default
(none)
Values
(existing DOS path and envelope file nameup to 255

characters)
Key Required
No, unless a license is to be installed
Example
License File = C:\NWSERVER\0000001.NLF
Purpose
Identifies the directory and filename of a license envelope

file.
NICI Foundation Key File = <string>

Default
(none)
Values
(existing DOS path and envelope file nameup to 255

characters)
Key Required
No
Example
NICI Foundation Key File = C:\LIC\92942492.NFK
Purpose
Identifies the directory and filename of a region specific

cryptography module.

103-000143-001
August 30, 2001
Novell Confidential
75
Manual
99a
38
July 17, 2001
Search For Existing License = <string>

Default
True
Values
True or False
Key Required
Yes
Example
Search For Existing License = False
Purpose
Controls whether the licenses (such as MLA licenses) are

searched for in the tree. Used in conjunction with the next
key.
Auto Skip If License Found = <string>

Default
False
Values
True or False
Key Required
Yes
Example
Auto Skip If License Found = True
Purpose
Controls whether the license that was found using the

previous key is used; this is particularly useful for MLA
accounts.
[NWI:Add to Startup] Section

Prepend Line n = <decimal number>
76
Default
(none)
Values
(decimal number)
Key Required
No
Example
Prepend Line 1 = SET IGNORE DISK GEOMETRY=ON
Purpose
Adds the line to the beginning of the STARTUP.NCF file. If

multiple lines are listed, n should increment sequentially.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Append Line n = <decimal number>

Default
(none)
Values
(decimal number)
Key Required
No
Example
Append Line 1 = LOAD NFS.NAM
Purpose
Adds the line to the end of the STARTUP.NCF file. If

[NWI:Append To Autoexec.ncf] Section

Line n = <decimal number>
Default
(none)
Values
(decimal number)
Key Required
No
Example
Line 1 = LOAD MONITOR
Purpose
Adds the line to the end of the AUTOEXEC.NCF file. If

[NWI:Use NCF Settings] Section

Override NCF = <True or False>
Default
(False)
Values
(True or False)
Key Required
No
Example
Override NCF = True
Purpose
During an upgrade, if set to True, the server name is

specified in the response file instead of the
AUTOEXEC.NCF file.

103-000143-001
August 30, 2001
Novell Confidential
77
Manual
99a
38
July 17, 2001
Performing a Fully Automated Installation

The following parameters must be present to completely automate an
installation or upgrade. The syntax and values for the supplementary NetWare
installation sections and their associated keys are specified below. For a fully
automated installation to work, these sections must appear in the response file
in addition to all of the required keys listed in NetWare Sections and Keys
on page 33.
[Novell:NOVELL_ROOT:1.0.0] Section
closeScreen = <string>
Default
(none)
Values
SilentCloseScreen
Key Required
Yes
Example
closeScreen = SilentCloseScreen
Purpose
When this parameter is set, the final installation screen is

not shown.
Reboot = <string>
78
Default
(none)
Values
True or False
Key Required
Yes
Example
Reboot = False
Purpose
Controls whether the server is restarted after the final

screen of the installation is closed.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
allowSummary = <string>
Default
True
Values
True or False
Key Required
Yes
Example
allowSummary = False
Purpose
Controls whether the installation Summary screen is

displayed.
Default
False
Values
True or False
Key Required
Yes
Example
silent = False
Purpose
Global key that controls whether the installation runs in

silent mode with no user interaction. Some sections do
not support this key. If this is the case, use a
"prompt=false" key instead.
silent = <string>
Automating the Installation of Additional Products and

Services
As part of the overall NetWare installation, you can auto-install additional
products and services by including a [Selected Nodes] section in the response
file. Because this section of the response file is not as easy to configure as the
other sections are, we recommended the following:
1 Perform a manual installation, selecting the products you want to have
installed on the server.

2 Modify the resulting response file for use as input to future NetWare
installations.
3 Add a [Selected Nodes] section to the input response file.

103-000143-001
August 30, 2001
Novell Confidential
79
Manual
99a
38
July 17, 2001
4 Add the following lines under the [Selected Nodes] section heading:
Novell:NetWare5:1.0.0=Novell:NetWare5OS:5.0.0,Novell:Products:1.0.0,Novell:NW
UpdateGroup:1.0.0
Novell:NetWare5OS:5.0.0=Novell:DiskCarver:1.0.0,Novell:Protocols:1.0.0,Novell
:DS_Install:1.0.0, Novell:LicensePrompt:1.0.0,Novell:NW:1.0.0,Novell:NDPS
Server Files:1.0.0
Novell:NW:1.0.0=Novell:Startup:1.0.0,Novell:SYS:1.0.0,Novell:DriverFiles:1.0.
0
Novell:Startup:1.0.0=Novell:StartupDirectory:1.0.0
Novell:SYS:1.0.0=Novell:SYSDirectory:1.0.0,Novell:ETCDirectory:1.0.0,Novell:P
ROFINST_NODE:1.0.0
Novell:DriverFiles:1.0.0=Novell:LANFiles:1.0.0,Novell:SBDFiles:1.0.0
Novell:NDPS Server Files:1.0.0=Novell:NDPS System:1.0.0,Novell:NDPS
Public:1.0.0
Novell:Products:1.0.0=Novell:NICIInstall:1.0.0
Novell:NICIInstall:1.0.0=Novell:NICIModule:1.0.0
Novell:NWUpdateGroup:1.0.0=Novell:NWUpdate:1.0.0
NOTE: You can add more lines according to your needs, but these represent the
minimum information that must be included in the [Selected Nodes] section.
[Selected Nodes] Section

Prompt = <string>
80
Default
True
Values
True or False
Key Required
Yes
Example
Prompt = True
Purpose
Controls whether the Additional Products and Services

screen is displayed.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Product Selection = <string>

Default
(none)
Values
Default or Web
Key Required
No
Example
Product Selection = Web
Purpose
Specifies which bundle of Additional Products and Services

to install. Default will install the Web Services bundle. Web
will install the Web Services bundle plus WebSphere*
Application Server. To specify a custom bundle of
Additional Products and Services, do not include this key,
and specify each product as described below.
Novell:Products:1.0.0 = <strings separated by commas>

Default
Novell:NICIInstall:1.0.0
NOTE: This NICI install string must be included.
Values
Novell:NDPS:2.0.0
Novell:IpLdapService:3.0.0
Novell:IpCatalogService:1.0.0
Novell:IpWanmanService:1.0.0
Novell:SecuritySASInstall:1.0.0
Novell:PKIInstall:1.0.0
Novell:NICIInstall:1.0.0
Novell:RAS:4.1.0
Novell:SMS:1.0.0
Novell:DNS_DHCP:1.0.0
Key Required
Yes
Example
Novell:Products:1.0.0=Novell:NICIInstall:1.0.0,Novell:NDP
S:2.0.0
Purpose
Specifies the additional products and services to be

installed on the server.

103-000143-001
August 30, 2001
Novell Confidential
81
Manual
99a
38
July 17, 2001
Installing Multiple Products on a Server

To install multiple products on a server, make sure that the
Novell:Products:1.0.0 key has multiple values, separated by commas as
shown in the example above.
Product Keys and Values

In addition to identifying the product in the Novell:Products:1.0.0 key, each
product has its own keys and values for the [Selected Nodes] section. These
keys and values for each product are listed below. We recommended that you
reuse a response file from a previous installation rather than attempting to type
these keys and values into the file. If you do not enter them exactly as shown,
the NetWare Installation will fail abruptly with no information to help you
troubleshoot the problem.
Novell Distributed Print Services (NDPS)
Novell:NDPS:2.0.0=Novell:NDPS Server Files:1.0.0,Novell:NDPS Resource
Files:1.0.0
Novell:NDPS Resource Files:1.0.0=Novell:NDPS Banner:1.0.0,Novell:NDPS
Font:1.0.0,Novell:NDPS Prndef:1.0.0,Novell:NDPS Prndrv:1.0.0
Novell:NDPS Prndrv:1.0.0=Novell:NDPS Prndrv W31:1.0.0,Novell:NDPS Prndrv
W95:1.0.0,Novell:NDPS Prndrv NT4:1.0.0
LDAP Services
Novell:SecuritySASModule:1.0.0=Novell:SASFiles:1.0.0
Novell:PKIModule:1.0.0=Novell:PKIFiles:1.0.0
NDS Catalog Services

Novell:IpCatalogService:1.0.0=Novell:DfgCatalogService:1.0.0
WAN Traffic Manager Services

Novell:IpWanmanService:1.0.0=Novell:DfgWanmanService:1.0.0
Secure Authentication Services

Novell:SecuritySASInstall:1.0.0=Novell:SecuritySASModule:1.0.0,Novell:PKIModu
le:1.0.0,Novell:NICIModule:1.0.0
Novell:SecuritySASModule:1.0.0=Novell:SASFiles:1.0.0
82

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Novell PKI Services

Novell:PKIInstall:1.0.0=Novell:PKIModule:1.0.0,Novell:NICIModule:1.0.0
Novell Internet Access Server

Novell:RAS:4.1.0=Novell:RAS Server
Files:1.0.0,Novell:SVCDEF_NODE:1.0.0,Novell:SupportedOS:1.0.0,Novell:UpgradeF
rom:1.0.0
Novell:RAS Server Files:1.0.0=Novell:RAS System Connect:1.0.0,Novell:RAS System
Connect Scripts:1.0.0,Novell:RAS Public:1.0.0
Storage Management Services

Novell:SMS:1.0.0=Novell:SMSFiles:1.0.0
Novell:SMSFiles:1.0.0=Novell:SMSSystemFiles:1.0.0,Novell:SMSPublicFiles:1.0.0
Novell DNS/DHCP Services
No additional keys and values are used for the installation of this service.
Additional Services
Two of the additional services available with NetWare, LDAP Services and
Novell DNS/DHCP Services, have data input screens for their configuration.
These services have response file sections that must be included in addition to
the keys and values mentioned above.
NOTE: Be sure to use the proper case (upper or lower) when entering any of these
keys and values.
[LDAP] Section
prompt = <string>
Default
(none)
Values
true or false
Key Required
Yes
Example
prompt=false
Purpose
Controls whether the LDAP configuration screen is

displayed.

103-000143-001
August 30, 2001
Novell Confidential
83
Manual
99a
38
July 17, 2001
adminID = <string>
Default
(none)
Values
Key Required
Yes
Example
adminID=.CN=admin.O=install
Purpose
Identifies the Admin name and NDS context; this should

correspond with the Admin Login Name and Admin Context
identified in the NWI:NDS section of the response file. Note
the case of the characters in the string.
installCatalog = <string>
Default
(none)
Values
true or false
Key Required
Yes
Example
installCatalog=false
Purpose
Controls whether an LDAP catalog is installed.

Corresponds to the question: Enable use of LDAP
catalog?
useCatalogOnly = <string>
84
Default
(none)
Values
true or false
Key Required
Yes
Example
useCatalogOnly=false
Purpose
Controls whether the LDAP catalog is used exclusively for

searching. Corresponds to the LDAP screen prompt:
Catalog Usage for Searching.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
[Novell:DNS_DHCP:1.0.0] Section
Prompt = <string>
Default
None
Values
true or false
Key Required
Yes
Example
Prompt=false
Purpose
Controls whether the DNS/DHCP configuration screen is

displayed.
TreeName = <string>
Default
(none)
Values
(text)
Key Required
Yes
Example
TreeName=Novell
Purpose
Specifies the NDS tree name in which DNS/DHCP

Services will be installed.
UserName = <string>
Default
(none)
Values
Key Required
Yes
Example
UserName=.CN=admin.O=install
Purpose
Identifies the Admin name and NDS context; this should

correspond with the Admin Login Name and Admin
Context identified in the NWI:NDS section of the response
file. Note the case of the characters in the string.

103-000143-001
August 30, 2001
Novell Confidential
85
Manual
99a
38
July 17, 2001
ExtendDNIPSchema = <string>
Default
(none)
Values
true or false
Key Required
Yes
Example
ExtendDNIPSchema=true
Purpose
Controls whether the schema is extended for DNS/DHCP

Services. Note that this should be set to true.
LocatorNDSContext = <string>
Default
(none)
Values
Key Required
Yes
Example
LocatorNDSContext=O=install
Purpose
Identifies the NDS context that the Locator Object is to be

installed into.
GroupNDSContext = <string>
86
Default
(none)
Values
Key Required
Yes
Example
GroupNDSContext=O=install
Purpose
Identifies the NDS context that the Group Object is to be

installed into.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
RootSrvrNDSContext = <string>
Default
(none)
Values
Key Required
Yes
Example
RootSrvrNDSContext=O=install
Purpose
Identifies the NDS context that the RootSrvr Zone is to

be installed into.
In addition to the DNS/DHCP keys identified above, there must also be a line
in the [Settings] section with the entry: Novell:DNS_DHCP:1.0.0=
CD Boot and the Response File

There are two options available for passing a response file into the NetWare
installation: using the /RF switch at the command line, or from the Install
Options screen.
If you start the install by booting directly to the NetWare CD, you cannot pass
in the response file automatically unless you have a RESPONSE.TXT file in
the C:\NWUPDATE directory. When the NetWare CD is booted, the startup
utility checks for a RESPONSE.TXT file in the C:\NWUPDATE directory. If
such a file exists, the installation program bypasses the DOS partitioning
utility and uses RESPONSE.TXT as the input response file.
Customizing the Installation Using Install Scripts

In NetWare, install scripts are supported by the NWCONFIG utility and the
NetWare installation system.
NOTE: For more information on using install scripts, see Automating the NetWare
Installation with a Response File (http://www.developer.novell.com/research/

appnotes/1998/december/a1frame.htm) and More About Automating the NetWare
Installation with a Response File (http://www.developer.novell.com/research/
appnotes/1999/february/a3frame.htm).

103-000143-001
August 30, 2001
Novell Confidential
87
Manual
99a
38
July 17, 2001
There are two places in the NetWare installation where you can use install
scripts:
At the end of the preliminary file copy (just prior to the launching of the
graphical portion of the install). An install script executed here can be
used for copying files from the DOS partition to the SYS volume.
At the end of the NetWare installation. It is called right after you answer
AOK@ or ANo@ on the closing screen and before the install cleanup
process. This script is useful if you want to manage files and launch NLM
programs (for example, those that install other products) as part of the
NetWare installation.
The following response file syntax is used to run install scripts during the
NetWare installation:
[NWI:Install Script] Section

Script Location = <string>
Default
None
Values
Key Required
No
Example
Script Location = C:\NWUPDATE\PRECOPY.IC?
Purpose
Identifies the filename and path of an Install Script that will

be executed at the end of the preliminary file copy (prior to
the launching of the graphical portion of the install).
NOTE: Usage of the ? wildcard in the extension of the
filename will suppress an error if the specified file does not

exist.
88

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Support Pack Script = <string>

Default
Support Pack Script = C:\spack\silent.ics
Values
Key Required
No
Example
If the support pack image is located on the C: drive, use this

path: Support Pack Script=c:\nw51sp1\spack.ips
e=c:\facterr.log s=c:\nw51sp1
If the support pack image is on a mounted CDROM, use this
path: Support Pack Script=NW51:\spack.ips e=c:\err.log
s=NW51:\
If the support pack image is on a remote server, use this
path: Support Pack script=prvathena\images:nw5\cobra\sp1 128.524\spack.ips
TRANSPORT=IPX u="SITESTER2"
a=01010155:000000000001:0451 DS
c="CN=SITESTER2.OU=INSTALL.OU=DEV.O=NOVELL"
z=PRV-ATHENA-TREE e=C:\err.log s=PRVATHENA\IMAGES:NW5\COBRA\SP1 128.524
Purpose

be executed at the end of the install.
Close Script = <string>

Default
None
Values
Key Required
No
Example
Script Location = SYS:\OTHER.ICS
Purpose

be executed when the final screen of the NetWare server
installation is closed.
NOTE: This script is executed just prior to some
housekeeping that is done by the Close Screen routine.

103-000143-001
August 30, 2001
Novell Confidential
89
Manual
99a
38
July 17, 2001
Performing a Factory Install

A Factory Install can reduce the complexity and time spent on an installation.
Much of the hardware configuration and file copy is done in the Factory so
that you only need to use the graphical portion of the NetWare installation to
complete the on-site configuration. Because the network operating system
files are pre-copied to the server, installation time is reduced to a few minutes.
A Factory Install splits the installation of NetWare into two phases:
Phase 1 performs the disk detection, disk partitioning, volume SYS
creation, and file copy portions of the install. This phase is meant to be
performed in a factory or configuration center.
Phase 2 focuses on user configuration. It includes the setting of the server
name, protocol binding, creation of volumes other than SYS, and
configuration of time zone, NDS, licensing, and other products. This
phase is meant to be performed by the customer at the servers permanent
location.
Once Phase 1 is completed, the machine should be rebooted or powered off.
When the machine is powered on and the server is started, the
AUTOEXEC.NCF file will launch Java* for Phase 2 of the installation.
A Factory Install is implemented with the response file sections below. A
default Factory Install response file can be created by combining the
FACTORY.TXT and RESPONSE.TXT files found in the \INSTALL directory
of the NetWare Operating System CD.
he Preinstall key of the [NWI:Factory] section is the primary key that directs
the NetWare Installation to perform a factory install. The Precopy key of the
other sections specifies whether the file group should be recopied during the
final file copy routine of the NetWare Installation. If Precopy=True, the files
will be verified, but not copied. The Installation will appear, however, as if it
is copying the files because you will see each file name displayed in the copy
status box.
NOTE: The NetWare CD must be inserted in Phase 2 of the Factory Install in order
to perform this file verification.
All other required keys for an automated install must also be included in the
response file. See Performing a Fully Automated Installation on page 78 for
more information.
90

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
[NWI:Factory] Section
Preinstall = <string>
Default
True
Values
True or False
Key Required
Yes
Example
Preinstall = True
Purpose
Controls whether the Factory Install option of the NetWare

installation is invoked. If Preinstall=True, the remaining keys
are checked.
Copy Products to SYS = <string>

Default
False
Values
True or False
Key Required
No
Example
Copy Products to SYS = True
Purpose
Controls whether the products directory of the NetWare

Installation CD is copied to volume SYS so that products can
be selected and installed during Phase 2 without the need for
a NetWare Operating System CD.
Remove Directory = <local path>

Default
(none)
Values
Key Required
No
Example
Remove Directory = SYS:\PRODUCTS
Purpose
Removes a directory from the system at the end of Phase 2.

103-000143-001
August 30, 2001
Novell Confidential
91
Manual
99a
38
July 17, 2001
[Novell:StartupDirectory:1.0.0] Section
Precopy = <string>
Default
True
Values
True or False
Key Required
No
Example
Precopy = True
Purpose
Controls whether the files in the \STARTUP\NLS directory of

the install image and destined for the
C:\Startup_Directory\NLS directory are copied in Phase 2. If
Precopy = True, the files are not copied again in the final file
copy routine.
[Novell:SYSDirectory:1.0.0] Section
Precopy = <string>
92
Default
True
Values
True or False
Key Required
No
Example
Precopy = True
Purpose
Controls whether the files in the \STARTUP\NLS directory

of the install image and destined for the
C:\Startup_Directory\NLS directory are copied in Phase 2.
If Precopy = True, the files are not copied again in the final
file copy routine.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
[Novell:ConfigDirectory:1.0.0] Section
Precopy = <string>
Default
True
Values
True or False
Key Required
No
Example
Precopy = True
Purpose
Controls whether the files in the \CONFIG directory of the

install image, destined for volume SYS, are copied in
Phase 2. If Precopy = True, the files are not copied again
in the final file copy routine.
[Novell:LANFiles:1.0.0] Section
Precopy = <string>
Default
True
Values
True or False
Key Required
No
Example
Precopy = True
Purpose
Controls whether the LAN files in the \DRIVERS\LAN

directory of the install image, destined for the
SYS:SYSTEM directory, are copied in Phase 2. If Precopy
= True, the files are not copied again in the final file copy
routine.

103-000143-001
August 30, 2001
Novell Confidential
93
Manual
99a
38
July 17, 2001
[Novell:SBDFiles:1.0.0] Section
Precopy = <string>
Default
True
Values
True or False
Key Required
No
Example
Precopy = True
Purpose
Controls whether the files in the \DRIVERS\SBD directory

of the install image, destined for the SYS:SYSTEM
directory, are copied in Phase 2. If Precopy = True, the files
are not copied again in the final file copy routine.
[Novell:portalzip:1.0.0] Section
Precopy = <string>
94
Default
True
Values
True or False
Key Required
No
Example
Precopy = True
Purpose
Controls whether the files in the zip file destined for volume
SYS are copied in Phase 2. If Precopy = True, the files are
not copied again in the final file copy routine.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
[Novell:Rconjzip:1.0.0] Section
Precopy = <string>
Default
True
Values
True or False
Key Required
No
Example
Precopy = True
Purpose
Controls whether the files in the zip file, destined for

volume SYS, are copied in Phase 2. If Precopy = True, the
files are not copied again in the final file copy routine.
[Novell:Perl5zip:1.0.0] Section
Precopy = <string>
Default
True
Values
True or False
Key Required
No
Example
Precopy = True
Purpose
Controls whether the files in the zip file, destined for volume
SYS, are copied in Phase 2. If Precopy = True, the files are

103-000143-001
August 30, 2001
Novell Confidential
95
Manual
99a
38
July 17, 2001
[Novell:beanszip:1.0.0] Section
Precopy = <string>
Default
True
Values
True or False
Key Required
No
Example
Precopy = True
Purpose
[Novell:nscriptzip:1.0.0] Section
Precopy = <string>
96
Default
True
Values
True or False
Key Required
No
Example
Precopy = True
Purpose

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Precopy = <string>
Default
True
Values
True or False
Key Required
No
Example
Precopy = True
Purpose
[Novell:console1zip:1.0.0] Section
Precopy = <string>
Default
True
Values
True or False
Key Required
No
Example
Precopy = True
Purpose

103-000143-001
August 30, 2001
Novell Confidential
97
Manual
99a
38
July 17, 2001
[Novell:ldapzip:1.0.0] Section
Precopy = <string>
Default
True
Values
True or False
Key Required
No
Example
Precopy = True
Purpose
[Novell:wanmanzip:1.0.0] Section
Precopy = <string>
98
Default
True
Values
True or False
Key Required
No
Example
Precopy = True
Purpose

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Install Command Line Options

The following command line options that can be used when initiating the
installation executable.
/SERVER_LOG = <string>
Default
(none)
Values
Key Required
No
Example
Install /LOG=C:\TMP\ERROR.LOG
Purpose
Designates where an installation log file will be created.
/IIPX <decimal number> or /SERVER_ID <hexadecimal number>

Default
(none)
Values
1 - FFFFFFFF
Key Required
No
Example
Install /IIPX 38483933 or

38483933
Purpose
Allows a specific internal net address to be used for the

server being installed.
Install\SERVER_ID

103-000143-001
August 30, 2001
Novell Confidential
99
Manual
100 Other Installation Options

103-000143-001
August 30, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
Installation Scripts for NetWare

WARNING: This document describes software that is subject to change. Novell
intends to keep it as current as possible, but the user must assume any inherent
risk in developing or maintaining code based on the information in this document.
Novell may discontinue or decline to support any software feature described within
this document at any time.
This chapter describes the installation script support for NetWare. NetWare
installation scripts let you:
Alter or extend the NetWare pre-packaged installation process.
Install additional products or services onto a NetWare server after the
operating system has been installed.
Using NetWare Installation Scripts

NetWare installation scripts in NetWare 6 are processed by the
NWCONFIG.NLM program.
NOTE: NetWare 4 uses INSTALL.NLM to process script commands.
Script Files
Script files are ASCII text files. They can have any eight-character name with
one of the following extensions:
Extension
Type of File
.IPS
Individual product installation
.ICS
Common functionality between scripts or non-language

specific scripts
.ILS
Language-specific functionality
Installation Scripts for NetWare 101

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Launching a Script File

1 At the server console, enter NWCONFIG.NLM.
2 Click Products Options on the Configuration Options screen.
3 Click Other Installation Actions menu > Install a product not listed.
4 Press F3, and then specify the directory path to the script file.
The directory path is first checked for an .IPS file. If only one .IPS file exists,
it is executed. If more than one exists, only the first one found is executed. If
there is no .IPS file, PINSTALL.NLM will be loaded and executed. The first
@Other...@EndOther descriptor found in the .IPS file is displayed so that you
can confirm the product being installed.
The NetWare install program also loads any file that contains the command
line parameter B=. For example, a script can be launched by entering LOAD
NWCONFIG b=A:\myscript.IPS (where myscript stands for the name
of your .IPS file).
Using a Script with NetWare 6

There are two points in the installation where scripts can be launched:
At the end of the preliminary file copy just prior to the launching of the
graphical portion of the installation.
At the end of the installation.
See Using a Response File with NetWare for more information.
The NetWare installation program uses one installation script
(NETWARE.ILS) during the text-based file copy. You can modify this script
file to copy additional files or launch additional processes, but we do not
recommend it.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Descriptors and Commands

This section describes the descriptors and commands found in
NETMAIN.ILS and other installation script files. The product installation
script files you write contain the same types of descriptors and commands as
those in NETMAIN.ILS.
A descriptor is a keyword preceded by the @ character. The installation NLM
scans the descriptors and uses them to build linked lists and menus in memory.
Descriptors
Describe a configuration or presentation, but do not specify a procedure
or order.
Are typically block-oriented (with an @Command and an
@EndCommand statement), although some are single-line.
Are declarative in nature.
Cannot be nested.
A command is a keyword not preceded by the @ character. Commands are
Procedural, describing the method and order of installation (creating
directories, copying files, etc.).
Usually grouped within an @FileSet...@EndFileSet descriptor block
(although they can also exist independently).
Executed in order, according to the script file.
Script files can be natural-language-enabled by using text within double
quotes (in-line text). Such text is designated for language translation,
including text that will be displayed in menu items, help text, etc.
Syntax Conventions
Commands and arguments are not case-sensitive, but prompt strings are.
A script parser recognizes the following special characters:
= {} () , : - ; > < ! []
If a special character is used within a name, the entire name must be
surrounded by double or single quotation marks.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
ANSI escape sequences are recognized by the parser within double or

single quotes. For example, '\\', "\n", and '\t' represent a backslash, a new
line, and a tab, respectively.
A NULL character (ASCII value 0) is not allowed anywhere in the file.
Comments
Syntax
; <text>
Description
A comment (semicolon followed by text) exists for documentation purposes

onlyit does not invoke a script file operation. Comment characters through
the end of a line are read and discarded.
Example
; THIS IS A COMMENT
Descriptors
@CDName
Syntax
@CDName <name>
Description
@CDName specifies the name of the CD-ROM volume being installed. This
name is passed to CDROM.NLM in a MOUNT command (CD MOUNT
<name>) to mount the CD-ROM as a NetWare volume. This descriptor should
only be used in a script on a CD-ROM. It should not be used in a diskette drive
installation script. Copy CDROM.NLM to the STARTUP directory as
specified in the BOOT fileset.
Example
@CDName NETWARE5
The installation will use the string NETWARE5 when trying to mount the
CD-ROM as a NetWare volume. After successfully loading CDROM.NLM, it
will issue CD MOUNT NETWARE5 at the system console.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
@DeletePartition
Syntax
@DeletePartition <comma-separated list of partition types>
Description
@DeletePartition deletes the existing partitions that you specify. In contrast,

the installation NLMs automatic partition creation deletes (by default)
existing partitions of the first two types listed below. In both cases, all active
partitions are left untouched.
Partition Type
Description
Deleted?
64
NetWare 286
Yes
65
NetWare 386
Yes
01
DOS, 12-bit FAT
No
04
DOS, 16-bit FAT
No
05
Extended partition
No
06
DOS Huge partition
No
If any of these partitions should not be deleted, or if additional partitions need

to be added, use @DeletePartition to replace the list.
Example
If the following appears in NETMAIN.ILS, only NetWare 386 partitions are

eligible for deletion:
@DeletePartition 65

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
@Driver
@EndDriver
Syntax
@Driver
Help: Help description for finding drivers
[Dir: <DSK | LAN>, <subdirectory name>, <vol label>,
<disk description>]
[Dir: <DSK | LAN>, <subdirectory name>, <vol label>,
<disk description>]
...
@EndDriver
Description
@Driver specifies help for finding drivers in maintenance-mode installations,

or finding disks and directories that contains drivers. <subdirectory name>
specifies the directory to read. For floppy or network installations, the
subdirectory will typically be NULL. For a CD-ROM, the subdirectory will
usually be the common directory where drivers are found. <vol label> is the
corresponding media volume name, and <disk description> specifies the
printed name on the media that contains the included file. Use @Driver in the
NETMAIN.ICS file.
Variable
Description
<subdirectory name>
Specifies the directory to read. For floppy or network

installations, the subdirectory is typically NULL. For a
CD-ROM, the subdirectory is usually the common
directory where drivers are found.
<vol label>
Specifies the name of the corresponding media volume.
<disk description>
Specifies the printed name on the media that contains

the include file.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Example
@Driver
Help: If installing from a floppy, disk drivers will be
on disk NetWare-2 and LAN drivers will be on disk
NetWare-3. If installing from CDROM, all drivers will be
in the directory <cdrom drive>:\NW40\SERVER\DRIVERS.
Dir: DDSK, '', 'NETWARE-2', 'NetWare-2'
Dir: LAN, '', 'NETWARE-3', 'NetWare-3'
@EndDriver
Disk NetWare-2 will be scanned for .DSK and .DDI files; disk NetWare-3 will
be scanned for .LAN and .LDI files.
@FileSet
@EndFileSet
Syntax
@FileSet
Description: ...[fileset description]...
Class: {MANDATORY | CORE | OPTIONAL | OPTIONAL_OFF |
BOOT}
Name: <text name - no spaces allowed>
Bytes: <total transfer size for this fileset>
[DiskBytes: <total disk space for this fileset>]
[Attribute: <attribute1>, <attribute2>]
[Flags: <flags>]
<fileset commands...See Syntax on page 104.>
@EndFileSet
Description
@FileSet specifies a logically similar group of files to be copied and the

necessary commands for copying and installing those files.
The Description and DiskBytes information for OPTIONAL and
OPTIONAL_OFF classes of filesets is displayed in a menu before copying.
The description for all filesets are displayed during the file copy. Bytes are
used to update a status bar representing the total bytes to copy for all selected
filesets, which is used in displaying the status bar.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Class specifies how the fileset will be used:

File
Action
MANDATORY
Always executed.
CORE
Always copied in a sequential install, but optionally

copied in the selective install/maintain mode.
OPTIONAL
Displayed to the user for selection. They are defaulted

to on (selected for copy).
OPTIONAL_OFF
Displayed for the user to choose, but are defaulted to

off.
BOOT
Copied, depending on the kind of installation and

whether the server was launched from the directory
that the user is installing to.
For all classes, as the files are copied, the file group status is also displayed,
including the file being copied and the percent of all the filesets that have been
completed.
Name is used to relate logical filesets together, even when they are declared in
different included files. If multiple filesets exist with the same logical name,
there can be only one description and one class for all of them. For example,
if multiple filesets with the name OS2 are declared, and the class is
OPTIONAL, only one description entry for the OS2 files is presented for the
user to select. If the user selects it, all filesets with the name OS2 are copied.
BOOT files are files such as SERVER.EXE, SERVER.MSG,
NWCONFIG.NLM, NWCONFIG.MSG, NUT.NLM, and NUT.MSG. The
BOOT filesets are for internal use only: product files should not have any
BOOT fileset declarations. Boot files cannot be compressed or renamed.
Attribute value indicates the final file attributes.The default value for
attribute1 is 00060081 (Read Only, Shareable, Rename Inhibit, Delete
Inhibit).

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
For a DOS file:

Attribute1
Meaning
00000001
Read Only
00000002
Hidden
00000004
System
00000008
Volume Label
For a NetWare file:

Attribute1
Meaning
00000001
Read Only
00000002
Hidden
00000004
System
00000008
Execute
00000010
Subdirectory
00000020
Archive
00000080
Shareable
00000700
Smode
00001000
Transaction
00004000
Read Audit
00008000
Write Audit
00010000
Immediate Purge
00020000
Rename Inhibit
00040000
Delete Inhibit
00080000
Copy Inhibit

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The meaning for Attribute2 is 00000001 (do not decompress or process file).
The default for Attribute2 is zero, which should be used in all usual
circumstances.
Flag
Meaning
00000001
Do only for a custom install.
00000002
Do in first-phase copy (bit reset = second-phase).
00000004
Do only if NetWare for OS/2*.
00000008
Do only if native (not SFT IIITM or NetWare for OS/2).
00000010
Do only if SFT III.
00000020
Do only for a simplified installation.
00000040
Do only for maintenance mode.
00000080
Do only for upgrade.
00000100
Do only if installing from front end (NWNSTLL.EXE).
00000200
Do only if not installing from front end

(NWNSTLL.EXE).
Example
@FileSet
Class: CORE
Name: SYSTEM_FILES
Description: System Files
Bytes: 10192463
CopyToServer 'SYSTEM', '*.*', 'SYSTEM-1', NetWare
System-1 Files
@EndFileSet
In this example, *.* files are copied from volume SYSTEM-1:, and the
percent of complete status for this fileset is displayed during copying.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
@IncludeFile
@EndIncludeFile
Syntax
@IncludeFile
File: <filename>
[DiskDescription: ...[disk description]...]
[DiskVolume: 11 char vol name>]
@EndIncludeFile
Description
@IncludeFile specifies a file (<filename>) with additional commands to parse

and execute. DiskDescription specifies the printed name on the media that
shows where the include file is located; DiskVolume is the corresponding
media volume name.
The command file's directory is searched first. If the include file is not there,
the specified disk volume is checked. If <filename> is a <path>\<file>
combination, the command file directory is checked first for <file>, then the
disk volume at the <path> offset is checked. If <file> includes wildcard
characters, all files matching the pattern are included. If the filename has
wildcards but no files match, none are included, and no error results. If the
filename does not have wildcards, and the file is not present, an error occurs.
If the filename is in single quotes and contains %{NWLANG},
%{NWLANG} is replaced by the language number (4=English).
Example
For the NETMAIN.ILS file, where NETMAIN.ICS is not in the same

directory as NETMAIN.ILS:
@IncludeFile
File: NETMAIN.ICS
DiskDescription: '[1]'
DiskVolume: SYSTEM-1
@EndIncludeFile
The file is parsed just after the @EndIncludeFile statement. If the installation
cannot find NETMAIN.ICS in the directory where NETMAIN.ILS is, it
prompts for the CD, then reads and parses NETMAIN.ICS from the CD.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
@MessageFile
@EndMessageFile
Syntax
@MessageFile
File: <filename>
[Version: <message file version number>]
@EndMessageFile
Description
@MessageFile specifies a file, usually with the extension .MSG, containing

message strings. It is typically located in the same directory as the script file
or in an NLS subdirectory. When <message file version number> name
variables are encountered when the remainder of the script file is parsed
(including @Include files), the symbols are substituted with definitions from
the message file.
The search order of message files is:
1. The current directory.
2. The NLS directory corresponding to the current language.
3. The default definitions of <message file version number> string.
The Version number is eventually used to synchronize the script file with the
messages. If no version is specified, version checking is not performed.
Currently, no version checking is performed, regardless of whether the
@Version descriptor is present.
Example
Using the NETMAIN.ILS file (in the same directory as NETMAIN.MSG):

@MessageFile
File: NETMAIN.MSG
@EndMessageFile
NETMAIN.MSG is read into memory and used to dereference <message file

version number> strings.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
@StartAppObject
@EndAppObject
Syntax
@StartAppObject
AppPlatform: <Supported Platforms>
AppName: <Name of the object to create>
AppPath: <UNC Path to the executable>
[AppDescription: ...Text...]
[AppContact: <List of contacts>]
[AppMapping: <List of drive mappings>]
[AppFlags: <>]
[AppIcon: <Filename of Icon>]
[AppCaption: ...Text...]
[AppParameters: <List of Parameters for AppPath>]
[AppPrinter: <Printer Ports>]
[AppShutdownScript: <Filename of Script>]
[AppStartupScript: <Filename of Script>]
[AppWorkingDir: <Startup directory for App>]
[AppUser: <List of users>]
[AppAdminNotes: ...Text...]
[AppFaultTolerance: <List of fallover apps>]
[AppLoadBalancing: <List of load balancing apps>]
@EndAppObject
Description
Use @StartAppObject to create NDS objects for use with the Novell
Application LauncherTM (NAL) product. It is used with NetWare for Small
Business.
Variable
Description
AppPlatform
The list of supported platforms the Application object can

run on.
AppName
The NDS name of the object as viewed in NetWare

Administrator.
AppPath
The UNC path and filename of the executable to be

launched by the object.
AppDescription
The description that shows on Novell Application

Launcher.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Variable
Description
AppContact
The list of usernames to contact for resolving issues with

the Application object.
AppMapping
A list of drive mappings that are made for the application

to run correctly.
AppIcon
The filename and location of the applications icon.
AppWorkingDir
The startup directory for the application.
AppUser
A list of users authorized to run the application.
Example
@StartAppObject
AppPlatform: 3x 95 NT
AppName: Netscape Install
AppPath: SYS\\PUBLIC\\NETSCAPE\\NTSCINST.EXE
AppCaption: Netscape Install
AppDescription: Install the Netscape Internet browser
AppContacts: admin
AppFlags: No Cleanup
AppIcon: sys:public\\netscape\\netscape.ico
AppWorkingDir: sys\\public\\netscape
AppUsers: All Users Action Standard Desktop
@EndAppObject
This example creates an NDS Application object named Netscape* Install.

When NAL is run, this object will let the user install it to their desktop.
@Other
@EndOther
Syntax
@Other
Description: ...[text]...
[DiskDescription: ...[disk description]...]
[DiskVolume: <11 char vol name>]
[File: <filename>]
[Flags: <flags>]
@EndOther

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Description
Description is the menu description displayed for the @Other configuration

option. This label must be first in the set of labels for a particular @Other
option.
File specifies the *.IPS file to execute, or the NLM to load to install the
@Other option.
DiskDescription is the prompt name that will be displayed to the user to
prompt for another diskette.
DiskVolume is the volume name for the disk specified in DiskDescription. If
the DiskVolume label is present, the user is prompted for the specific volume
using DiskDescription from drive A: (the user can change the drive). This
continues until the file is found or the user cancels. If no DiskVolume is
present, Install prompts for another diskette in drive A: and continues until the
file is found (if File is present) or the user cancels. If File is not specified,
installation looks for any *.IPS or PINSTALL.NLM files.
Flag
Meaning
00000001
Load product environment (clib, btrieve, product.dat).
00000002
Product included in product box (NETMAIN.ILS

description).
00000004
Display product should be displayed in simplified

installation.
00000008
Display product only in simplified installation.
00000010
Display product only in maintenance installation.
00000020
Display product only in upgrade.
00000040
Display product only in NetWare for OS/2 install.
00000080
Display product only in native installation.
00000100
Display product only in SFT III installation.
00000200
Display product only if started from front end

(NWNSTLL.EXE).
00000400
Display product only if not started from front end

(NWNSTLL.EXE).

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If the other filename extension is .IPS, the file is assumed to be a script and is
interpreted. If the other filename extension is .NLM, the file is loaded and
executed as an NLM.
Example
@Other
Description: Install NetWare for Macintosh
DiskDescription: 'NWM System 1'
DiskVolume: 'MAC-1'
File: PINSTALL.NLM
Description: Install TCP/IP Protocol
DiskDescription: 'TCPIP System 2'
DiskVolume: 'TCPIP-2'
File: TCPIP.IPS
@EndOther
The Install NetWare for Macintosh* and Install TCP/IP Protocol menu items
are displayed. If NetWare for Macintosh is selected, the user is prompted for
the NWM System 1 CD, then PINSTALL.NLM on volume MAC-1: is
executed. If TCP/IP is selected, the user is prompted for the TCPIP System 2
CD, then the command file TCPIP.IPS is interpreted.
@SyntaxVersion
Syntax
@SyntaxVersion <major version>.<minor version>
Description
The SyntaxVersion string represents the version of the script file parser. The
SyntaxVersion string should be present for all script files, and the syntax
version of the parser must match that of the file.
Example
@SyntaxVersion 1.02
The internal syntax string in the installation utility will be compared with this
string. If they do not match, the installation will prompt for a different file. All
included scripts with a @SyntaxVersion descriptor will be checked for
matching version strings (see @IncludeFile @EndIncludeFile on page 111).

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
@StartSchemaMod
@EndStartSchemaMod
Syntax
@StartSchemaMod
SchemaFileName: <Filename>, <Description>
@EndSchemaMod
Description
@StartSchemaMod lets NDS schemas be extended through installation

scripts.
SchemaFileName specifies the filename for the schema file, along with a
Description for displaying to the screen during the modification.
Example
@StartSchemaMod
SchemaFileName: sys:\\system\\schema\\nwadmin.sch,
NetWare Administrator
@EndSchemaMod
In this example, the NWADMIN.SCH file extends the NDS schema and
displays NetWare Administrator on the screen during the installation of
Directory Services.
@TimeZone
@EndTimeZone
Syntax
@TimeZone
Description: <tz description>
Standard: <tz abb.>, <tz adj.>
[Daylight: <dst abb.>, <dst adj.>]
[DSTStart: <start rule>, <seq number>, <day number>,
<weekday number>, <month number>, <time>]
[DSTEnd: <end rule>, <seq number>, <day number>,
<weekday number>, <month number>, <time>]
@EndTimeZone
Description
Description specifies a time zone description to be displayed to the user during

time services installation.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Standard specifies information to be displayed to the user once the time zone
has been selected. This includes the time zone abbreviation and the adjust +/x:xx:xx from GMT (Greenwich Mean Time) or UTC (Universal Coordinated
Time).
If Daylight exists, it specifies that daylight savings time exists for part of the
year. It also specifies the daylight abbreviation, and the adjust +/-x:xx:xx from
standard time.
DSTStart and DSTEnd specify the rule (w for weekday of month or d for day
of month), the sequence number (1-relative), day number (1-relative),
weekday number (1-relative), month number (1-relative), and time on a 24hour clock for daylight savings time.
Sequence number means:
First
(ignore day number)
Second
(ignore day number)
Third
(ignore day number)
Fourth
(ignore day number)
Fifth
(ignore day number)
Last
(ignore day number)
>= day number
<= day number
Example
@TimeZone
Description: United States, Mountain Time Zone,
Standard: MST, '7:00'
Daylight: MDT, '+1:00'
DSTStart: w, 1, 1, 1, 4, '2:00'
DSTEnd: w, 6, 1, 1, 10, '2:00'
Description: United States, Central Time Zone,
Standard: CST, '6:00'
Daylight: CDT, '+1:00'
DSTStart: w, 1, 1, 1, 4, '2:00'
DSTEnd: w, 6, 1, 1, 10, '2:00'
@EndTimeZone

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Two time zone descriptions are displayed. When one is selected, the time
parameters are filled in according to the above information, and the user can
verify or edit them.
@TranslateModule
@EndTranslateModule
Syntax
@TranslateModule
<old driver name1>,<new driver name1>,
<old driver name2>,<new driver name2>,
...
@EndTrandlateModuel
Description
@TranslateModule is used internally by NETMAIN.ILS. It specifies that a

disk or LAN driver name has been changed for the previous release. The name
will be changed in the STARTUP.NCF or AUTOEXEC.NCF file during an
upgrade.
@Version
Syntax
@Version <major version>.<minor version>
Description
The @Version string represents the version of the script file (and its
corresponding script data). For the NETMAIN.ILS script file, @Version must
be greater than or equal to the expected version of the installation NLM. If any
included script files contain version numbers, all the numbers must match.
@Version should be incremented each time a new script is released.
In product scripts, the version string is entirely optional. A version string in a
product script is not compared with the installation NLM, but all included
product scripts must have matching version strings.
Example
@Version 1.01
The version string in the installation is compared with this version string. If
they do not match, the installation prompts for a different file. All included
scripts with a @Version descriptor will be checked for matching version
strings (see @IncludeFile @EndIncludeFile on page 111).

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Commands
Command
Syntax
Command <command handler name>
Description
Command specifies the name of an optional command handler for commands

not included in this file. The command handler name must be eight characters
or less and correspond to the name of an NLM that exports external command
entry points.
Example
Command ICMD.NLM
ICMD.NLM provides external command support (see External Command

Syntax on page 126). It supports the command syntax described in this
document, plus additional commands.
CopyDriverToServer
Syntax
CopyDriverToServer <target_directory_path>, <file_spec>,
<source_volume>, <source_description>
Description
CopyDriverToServer replaces driver files in <target_directory_path> with

new driver files. The source files are assumed to be those on the distribution
CD (which might have been copied to a user-specified directory).
<file_spec> is the name of the file to be copied, and can be of the form *.LAN,
*.DSK, <directory>/*.LAN or <directory>/*.DSK. <source_volume>
specifies the name of a diskette volume label and <source_description>
specifies the string used to prompt for the diskettes. If the installation source
is a CD-ROM or network drive, <source_volume> and <source_description>
are ignored (although these fields must be present in the command).

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Example
CopyDriverToServer SYSTEM, '*.LAN', 'NETWARE-3', NetWare
diskette [3]
The *.LAN files are copied to the SYS:SYSTEM directory.

CopyDriverToStartup
Syntax
CopyDriverToStartup <file_spec>, <source_volume>,
<source_description>
Description
CopyDriverToStartup replaces driver files in the startup or boot directory

(where STARTUP.NCF is) with new driver files. The source files are assumed
to be those on the distribution CD (which might have been copied to a userspecified directory). <file_spec> names the files to be copied, and can be
*.LAN, *.DSK, <directory>/*.LAN or <directory>/*.DSK.
<source_volume> specifies the name of a diskette volume label and
<source_description> specifies the string used to prompt for the diskette. If
the installation source is a CD or network drive, <source_volume> and
<source_description> will be ignored (although these fields must be present
in the command).
Example
CopyDriverToStartup '*.LAN', 'NETWARE-3', NetWare
diskette [3]
The *.LAN files are copied to the user-designated DOS startup directory
where the server boot files reside.
CopyToServer
Syntax
CopyToServer <target_directory_path>, <file_spec>,
<source_volume>, <source_description>
Description
CopyToServer specifies a file (or a group of files using wildcards) to copy to

the system volume of the server.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
<target_directory_path> is a directory path relative to SYS: where the files

will be copied. <file_spec> names the files to be copied; it might be in the
directory/file form to copy files from a subdirectory. <source_volume>
specifies the name of a diskette volume label and <source_description>
specifies the string used to prompt for the diskettes. If the installation source
is a CD-ROM or network drive, the <source_volume> and
<source_description> fields are ignored (although these fields must be
present in the command).
Example
CopyToServer 'SYSTEM', '*.*', 'SYSTEM-2', NetWare
diskette [4]
Files matching the DOS file specification (including DOS wildcard names)
are copied from the volume SYSTEM-2 (or from a user-specified hard disk or
network directory) to directory SYS:SYSTEM. If the volume SYSTEM-2 is
not present, the user will be prompted to insert the NetWare CD.
CopyToStartup
Syntax
CopyToStartup <file_spec>, <source_volume>,
<source_description>
Description
CopyToStartup copies files to the startup or boot directory (where

STARTUP.NCF is). The source files are assumed to be those on the
distribution diskettes (which might have been copied to a user-specified
directory).
<file_spec> names the files to be copied. To copy files from a subdirectory,
<file_spec> can be of the form directory/file. <source_volume> specifies
the name of a diskette volume label and <source_description> specifies the
string used to prompt for the diskettes. If the installation source is a CD or
network drive, <source_volume> and <source_description> are ignored
(although these fields must be present in the command).
Example
CopyToStartup 'SERVER.EXE', 'SYSTEM-3', NetWare diskette
[3]
SERVER.EXE is copied to the user-designated DOS startup directory where

the server boot files will reside.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Exec
Syntax
Exec <filename>
Description
Exec issues the operating system command LOAD <filename>, pauses until
the child NLM unloads, then continues executing. To load from other
subdirectories of the system volume besides \SYSTEM, specify a filename
(SYS:/<directory>/<file> and <directory>/<file>).
Example
Exec MY.NLM
MY.NLM will be loaded and executed. Exec will follow the normal NLM
search path to find MY.NLM. Control will return to the installation after Exec
exits and unloads.
ProductRecord
Syntax
ProductRecord <product ID (string)>, <record type>, <record
data>
Description
ProductRecord creates a record in the product database with the ID string

<product ID> and the record type and data indicated.
Record Type
Data
Version string (10 char max)
Product description (60 char max)
[2]
Configuration NLM command line(255 char max)
[3]
Configuration text file specification (255 char max)
[4]
Un-install NLM command line (255 char max)
[5]
Delete AUTOEXEC line (255 char max)

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
Record Type
Data
[6]
Delete STARTUP line (255 char max)
[7]
Delete file line (255 char max)
July 17, 2001
Example
ProductRecord MYPROD, 1, Description for my product
This creates a product description record for MYPROD with the quoted
description.
RegisterLanguage
Syntax
RegisterLanguage <language ID>, <language name>
Description
RegisterLanguage renames <language ID> to the respective name <language

name>. This exists typically to allow non-standard languages to be registered
when they are installed.
Example
RegisterLanguage 17, TURKISH
This command aliases TURKISH to ID 17.

SaveLanguageFile
Syntax
SaveLanguageFile <file>
Description
SaveLanguageFile copies <file> in the DOS startup directory to the directory

indicated by the old language ID <startup directory>/<old language ID>. This
might involve creating a new directory. If the directory path for the new file
does not exist, it will be created.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Example
SaveLanguageFile SERVER.MSG
If the current language ID is 4, SERVER.MSG in the DOS startup directory

(BOOT directory) is copied to the subdirectory 4 in the DOS startup directory.
Spawn
Syntax
Spawn <file name>
Description
Spawn issues the operating system command LOAD <file_name>, then the
installation continues to execute. See Exec on page 123.
Example
Spawn MY.NLM
The MY.NLM file is loaded and executed. Spawn follows the normal NLM
search path to find MY.NLM. The installation and the child NLM both
execute, sharing the CPU through context switches.
External Commands
This section describes commands provided by ICMD.NLM, a companion to
the NetWare Installation NLMs (INSTALL.NLM and NWCONFIG.NLM).
See NetWare Installation Command Version Availability on page 161 for a
table showing the ICMD versions that support these commands.
Version 2.10 External Command Compatibility

If you intend to use ICMD.NLM 2.18 or greater, do not copy this new version
to SYS:SYSTEM. Instead, copy it to a different directory and load it from
there.
For example, the script commands below will copy ICMD.NLM to a
temporary directory and load from there.
CopyToServer SYSTEM\TMP, ICMD.NLM, ,
Command TMP\ICMD

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Using this method ensures that the ICMD.NLM version in SYS:SYSTEM is

the actual 4.10 version and that all built-in products that use it will work
properly. The new ICMD.NLM might still be fully backward-compatible, but
it has not yet been fully tested in that regard.
External Command Syntax

To use any of the external commands made available by the ICMD.NLM
command handler, include the statement command [<filepath>] ICMD in the
script file. Use CopyToServer to copy ICMD.NLM to a temporary directory
(for example, SYS:SYSTEM\TEMP), then use command to run it from there
(for example, command SYS:SYSTEM\TEMP\ICMD). This removes any
compatibility problems associated with using the standard ICMD.NLM in
SYS:SYSTEM. You can create then add additional commands to your own
version of ICMD.NLM (after you rename the file) to perform applicationspecific functions.
Commands
Activate
Syntax
Activate
Description
Activate causes the installation screen to be activated.

Example
Activate
The installation screen will be displayed for further script processing.

AppendFile
Syntax
AppendFile <src var name>, <src file spec>, <src vol name>,
<src descr>, <dest var name>, <dest dir>, <dest vol name>,
<dest descr>

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Description
AppendFile appends the contents of the source file onto the destination file. It
creates a temporary file that is as large as the destination file, then renames that
file to the destination file. Wildcard characters for <src file spec> are not
allowed.
Example
AppendFile input, file1, 'NETWARE-1', NW [1], output,
file2, '', ''
The user is prompted for diskette NW [1], which is verified by checking for
volume label NETWARE-1. The FILE1 on that diskette is appended to FILE2
in the directory corresponding to output.
AppendTextToFile
Syntax
AppendTextToFile <src var name>, <src file spec>, <src vol
name>, <src descr, <text>
Description
AppendTextToFile appends the contents of the literal text onto the destination
file. It also places a date timestamp with every entry. Wildcard characters for
<src file spec> are not allowed.
If the file is found, the value of variable NWSTATUS will be zero; otherwise
it will be non-zero.
Example
AppendTextToFile input, file1, NETWARE-1, NW[1],
Installation Complete
The user is prompted for disk NW[1], which is verified by checking for
volume label NETWARE-1. The FILE1 on that disk will be appended to
FILE2 in the directory corresponding to the output.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
CheckFile
Syntax
CheckFile <var name>, <file spec>, <vol name>, <description>
Description
CheckFile checks for the existence of <file spec> at a path determined by the
value of <var name>. If the path is a floppy, and <vol name> is non-null (not
''), the user will be prompted for disk <description> if it is not already in the
drive.
If the file is found, the value of variable NWSTATUS will be zero; otherwise
it will be non-zero.
Example
CheckFile NWSRC, file1.dat, '', ''
GotoIfNEqual '%{NWSTATUS}', 0, FileNotFound
File found
.
.
Label FileNotFound
In this example, a check is made for a file (FILE1.DAT). If the file is found at
the path determined by NWSRC, execution continues on the next line. If the
file is not found, control branches to label FileNotFound.
Config
Syntax
Config <flag>
Description
Config creates a configuration file with available default information from the
installation. If <flag> is 1, AUTOEXEC.NCF is created on SYS:SYSTEM; if
0, STARTUP.NCF is created in the server boot path.
Example
Config 1
This command creates AUTOEXEC.NCF, with server name, internal net

address, configured LAN driver load and bind commands, directory service

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
and time services information. The existing AUTOEXEC.NCF on

SYS:SYSTEM is overwritten.
Console
Syntax
Console <text>, <delay in seconds>
Description
Console enters the text on the system console screen and delays <delay in
seconds> before returning control back to the calling process. Because the
system installation process executes in a different thread from the console, it
is possible that the next command might finish before this Console command
does. If the delay is set at -1, Console will delay until the system console
screen has processed all the commands in its buffer.
Example
Console 'load ne2000 frame=ethernet_802.3 int=3 port=300',
10
Console 'bind ipx to ne2000 net=1240000', 3
These commands load and bind an NE2000TM driver to IPXTM.

CopyFile
Syntax
CopyFile <recurse flag>, <directory flag>, <empty flag>,
<attribute flag>, <attributes>, <src var name>, <src file
spec>, <src vol name>, <src descr>, <dest var name>, <dest
dir>, <dest vol name>, <dest descr>, [<conditional copy flag>]
Description
CopyFile copies files (wildcards are allowed in <src file spec>) from the
source path to the destination path.
<recurse flag> (0|1)
Value
Description
Do not copy subdirectories recursively.
Copy subdirectories recursively.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
<directory flag> (0|1|2|3)

Value
Description
Source is a file.
Source (including <src file spec>) is a directory; copy directory contents

to destination.
Source and the destination are files (file-to-file copy). <recurse flag>
must be 0 if <directory flag> is 2
Source (including <src file spec>) is a directory; copy directory contents

to destination only if that directory already exists on the destination.
<empty flag> (0|1)

Value
Description
No error if no files are found.
Error if no files are found.
<attribute flag> (0|1|2)

Value
Description
Use the default file set attributes.
Use the source file's attributes.
Use the attribute specified by <attributes> (must be used to copy to DOS

drive).

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
<attributes>
For a DOS file:
Attribute
Meaning
00000001
Read Only
00000002
Hidden
00000004
System
00000008
Volume Label
For a NetWare file:

Attribute
Meaning
00000001
Read Only
00000002
Hidden
00000004
System
00000008
Execute
00000010
Subdirectory
00000020
Archive
00000080
Shareable
00000700
Smode
00001000
Transaction
00004000
Read Audit
00008000
Write Audit
00010000
Immediate Purge
00020000
Rename Inhibit
00040000
Delete Inhibit
00080000
Copy Inhibit

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Reserved path names (<src|dest var name>) are NWSRC, NWDST and
NWBOOT, the standard source, destination and boot path for NetWare files.
<dest dir name> can be a null string.
<conditional copy flag>
Value
Description
0 (or not present)
Unconditionally copy this file.
Copy if destination file is not present.
Copy if destination file is not present; if it is, prompt user

(no version check).
Copy if destination file is not present or if the source file

version is newer than the destination file version.
Copy if destination file is not present or if the source file

version is newer than the destination file version;
otherwise, prompt the user.
Copy if destination file is present (no version check).
Copy if destination file is present and source file version is

newer than destination file version.
Copy if destination file is present and source file version is

newer than destination file version; otherwise, prompt the
user.
Copy if destination file is not present or if source file version

is newer than destination file version (refresh with new
files).
Copy only if destination file is present and source file

version is newer than destination file version (refresh
existing files).
Example
CopyFile 0, 0, 1, 0, 0, input, *.*, 'NETWARE-1', NW [1],
output, '', '', ''
This is a continuation of the examples for GetPath on page 141. The user is
prompted for diskette NW [1], and the diskette is verified by checking for
volume label NETWARE-1. All files on the diskette are copied to the
subdirectory the user indicated for output.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
CopyFloppyImage
Syntax
CopyFloppyImage <floppy type flag>, <diskette name>, <src var
name>, <src file spec>, <src vol name>, <src descr>, <dest var
name>, <dest dir>, <dest vol name>, <dest descr>
Description
CopyFloppyImage copies a diskette image file sector by sector to the specified

drive (destination path which must be a diskette drive).
Variable
Description
<floppy type flag> (0|1)
0 indicates a 3.5-inch high-density drive. 1 indicates

a 5.25-inch high-density drive.
<diskette name>
The external label for the diskette.
Example
GetPath, dst, 2, 'A:', ''
CopyFloppyImage 0, Disk 1", 3.5\WSDOS_1.IMG, '', '', dst,
'', '', ''
The floppy image specified by the source path is copied to the diskette in the
specified drive.
Delay
Syntax
Delay <delay in seconds>
Description
Delay relinquishes control for <delay in seconds> seconds before returning

control back to the calling process. If a negative value is used, the delay is a
random value from 0 to the absolute value of <delay in seconds>.
Example
Delay '-10'
This delays randomly from 0 to 10 seconds.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
DiskReset
Syntax
DiskReset <var name>
Description
DiskReset tells DOS to rescan the directories on the <var name> floppy drive.
This is necessary because the drive change interrupt is disabled while
NetWare has control.
Example
Assuming myDir corresponds with A:\

DiskReset myDir
Drive A:\will be rescanned.

Dismounted CD
Syntax
DisMountCD <CD Volume Name>
Description
DisMountCD is to be used with PromptForCD (below). It is used to dismount

a CD volume that has been mounted via the PromptForCD command.
Example
DisMountCD CDVolumeName
Display_Text_File
Syntax
Display_Text_File <Path>, <Filename>, <Completion Code>
Description
Display_Text_File displays an ASCII text file. The user can scroll the text in
any direction to read the entire contents of the file. Scroll bars automatically
display if needed. The maximum file size is 30 KB for the file.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Example
GetPath sys, 1, 'SYS:', ''
Display_Text_File sys, license.txt, ccode
The completion code will return a 0 (zero) for a successful return. Anything
else is an error.
Display
Syntax
Display <0|1|2>, ...<text>...
Description
Display displays a message, accompanied by a beep if the first argument is 1.

If the argument is 2, the message is displayed as a copy status.
Example
Display 0, Product XYZ installation is complete.
The text is displayed (without a beep), and the user can press Enter to
continue.
DSInst
Syntax
DSInst <time zone name>, <time server type>, <daylight
flag>, <daylight start>, <daylight end>, <daylight
offset in seconds>, <tree name>, <tree address>,
<container object name>, <admin name>, <admin password>,
<replica flag>, <upgrade bindery flag>, <root server
flag>
Description
DSInst installs the directory with default time synchronization.

Variable
Description
<time zone name>
Time zone name (works as a system SET

parameter)
<time server type>
Time server type (works as a system SET

parameter): single, reference, primary,
secondary

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Variable
Description
<daylight flag>
1: Daylight savings time exists in this time

zone
0: Daylight savings time doesn't exist in this
time zone
<daylight start>
set parameter daylight savings time start

string. For Example First Sunday of April at
2:00:00 a.m
<daylight end>
set parameter daylight savings time end

string. For Example Last Sunday of October
at 2:00:00 a.m.
<daylight offset in seconds>
Typically this is 3600 (seconds per hour), or

zero if daylight saving time is not applicable.
<tree name>
DS tree name
<tree address>
Internal IPX address of the SAP server for

the tree
<container object name>
Full DN of container
<admin name>
Full DN of Admin object (must have

supervisor rights on the container)
<admin password>
Password for <admin name>
<replica flag>
1: Install a replica on this server; 0: don't

install
<upgrade bindery flag>
1: Upgrade the bindery if it exists; 0: don't

install
<root server flag>
1: Make this a new tree; 0: don't make this a

new tree
Example
DSInstMST7MDT, SECONDARY, 1, '(APRIL SUNDAY FIRST 2:00:00
AM)', '(OCTOBER SUNDAY LAST 2:00:00 AM)', 3600, URSA,
FACE3234, 'O=Novell', 'CN=Admin.O=Novell', '', 1, 1, 0
Time services will be installed with this server as a secondary server using
existing tree name URSA. Directory services will be installed, with this server
in container O=Novell. This server will have a replica installed, and its
bindery will be upgraded.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
EraseFile
Syntax
EraseFile <directory flag>, <var name>, <file spec>, <vol
name>, <vol descr>
Description
EraseFile recursively erases the file or directories indicated in <file spec>.

Wildcards are acceptable. In NetWare, files can be removed no matter what
their attributes; in DOS, only normal files can be removed.
IMPORTANT: Use this command with care to delete only the intended data.
If <directory flag> is 1, <file spec> must be a directory name; the contents of

the directory will be deleted, but the directory will not.
Example
If myDir corresponds to VOL1:\.

EraseFile 1, myDir, '', '', ''
The contents of directory VOL1:\ will be erased.

EditNCF
Syntax
EditNCF <ncf path var>, <ncf file name>, <backup ext>, <ccode>
Description
EditNCF edits the specified NCF file as follows:

Writes any lines in the EditNCF_ADDLINE list at the beginning of the
NCF file.
Deletes any lines that match lines in the addline list.
Comments out any lines containing keystrings in the
EditNCF_KEYSTRINGS list.
Any other lines are copied unchanged.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Example
GetPath startup, 1, 'C:\\NWSERVER', ''
EditNCF_KEYSTRING ''
EditNCF_KEYSTRING 'PK411.NLM'
EditNCF startup, 'startup.ncf', 'bak', ccode
The contents of C:\NWSERVER\STARTUP.NCF will be searched for a line

containing PK411.NLM and will be commented out by the EditNCF
command. Ccode will contain the following:
0 - Success
1 - Duplicate Extension
2 - Open Error
3 - Read Error
4 - Write Error
5 - NCF to Backup Extension Error
6 - Tmp to NCF Error
EditNCF_ADDLINE
Syntax
EditNCF_ADDLINE <LineToBeAdded>
Description
EditNCF_ADDLINE adds a line of text to the list of lines to be added at the

top of the file being edited with EditNCF.
Example
EditNCF_ADDLINE ''
EditNCF_ADDLINE 'LOAD PK411.NLM'
The first line will clear the ADDLINE list. The second line will add the string
LOAD PK411.NLM to the top of the STARTUP.NCF file.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
EditNCF_KEYSTRINGS
Syntax
EditNCF_KEYSTRINGS <keystring>
Description
EditNCF_KEYSTRINGS defines a list of keystrings to be used by EditNCF

when determining which lines to comment out. (A line will be commented out
if it contains any of the keystrings).
NOTE: The list must be terminated with a null string (empty quotes) for the last
entry. This command can be used multiple times. Each time replaces the previously
defined list.
Example
EditNCF_KEYSTRINGS ''
EditNCF_KEYSTRINGS 'PK411.NLM', 'ADTRSTFX', 'AUTODUMP',
'CLSSCRFX', 'EAPURGFX', 'EVNTRPFX', 'GETDIRFX', ''
The first line clears the KEYSTRING list. The second line adds the strings to
the list to be commented out of the STARTUP.NCF file.
ExtractVersionNumbers
Syntax
ExtractVersionNumbers <version string>, <major var name>,
<minor var name>, <revision var name>
Description
ExtractVersionNumbers parses a version string and returns the major version

number, minor version number, and revision number as integers. Version
string is parsed and leading non-digits are ignored. The variables are filled
with the major, minor, and revision values for the version string. If no revision
value is in the version string, a zero is returned. If the revision value is a nondigit value, a numeric revision value is returned (i.e., A = 1, B = 2, etc.).
Example
SetVar version, v2.11
ExtractVersionNumbers version, major, minor, revision

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The variable version contain the string v2.11. ExtractVersionNumbers

returns a value of 2 in the variable major, a value of 11 in the variable minor.
And a value of 0 in the variable revision.
FileVersion
Syntax
FileVersion <src var name>, <src file spec>, <src vol name>,
<src descr>, <Module major number>, <Module minor number>,
<Module rev number>, <Module description>, <return code>
Description
FileVersion returns the major, minor, and revision numbers as well as the
description string of the NetWare Loadable Module (NLM, HAM, CDM,
LAN, etc.) as long as the return code is 0.
IMPORTANT: This works only for NetWare Loadable Modules ( that is, it does not
work with .EXE or .DLL files, etc.).
Example
GetPath1, 1, 'SYS:\\SYSTEM
File Version path1, DS.NLM, ,, DSMajor, DSMinor,
DSRev, DSDesc, DSCode
GetDOSServer
Syntax
GetDOSServer <var name>
Description
GetDOSServer returns the default DOS server number in <var name> on

SFT* III servers.
Example
GetDOSServer DOSServer
The value of the variable DOSServer will be either 0 or 1. If the value is

anything else, the server is not running SFT III.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
GetPath
Syntax
GetPath <var name>, <path type>, <default>, <prompt>, [<base
var name>]
Description
GetPath prompts the user for a path using the prompt. The prompt string will
be displayed, with %s (like C-language print formatting) being replaced by
the <default> string.
The keystrokes to modify will be added to your prompt. Trailing backslashes
are always removed before the path is displayed. <var name> is a variable
name that can be used later in a CopyFile command. If <prompt> is a null
string, the user is not prompted; the path variable is set. If <base var name>
exists, it will be used as a basis for the new variable (the remote connection
number will be maintained, etc.).
<path type>
Value
Description
Allow any path.
Allow floppy only (including remote).
Allow DOS only (including remote).
Allow NetWare local path only.
Allow local floppy only.
Example
GetPath input, 1, 'A:', Files will be copied from %s\\.
The user will see the following prompts:

Files will be copied from A:\
Press <F3> to specify a different path.
Press <F4> to specify a remote path.
Press <Enter> to continue.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Goto
Syntax
Goto <label_name>
Description
Goto causes execution to continue at the first occurrence of label

<label_name>.
The scope of a label is always local to a file set. Therefore, a Goto statement
cannot transfer execution to a file set different from the current one.
Example
Goto Done
Label Done
The statement Goto Done will cause execution to continue at the label Done.
GotoIfEqual
Syntax
GotoIfEqual <larg1>, <arg2>, <label_name>
Description
GotoIfEqual causes execution to continue at the first occurrence of Label

<label_name> if <arg1> is equal in value to <arg2>. Both <arg1> and
<arg2> must be integers.
cannot transfer execution to a file set different than the current one.
Example
GotoIfEqual 0, 1, Error
Goto Done
Label Error
Since 0 is not equal to 1, execution will not continue at label Error.

NOTE: GotoIfEqual performs an integer comparison, not a string comparison.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
GotoIfNEqual
GotoIfGreater
GotoIfLess
GotoIfGrEqual
GotoIfLsEqual
Syntax
GotoIfNEqual <arg1>, <arg2>, <label_name>
GotoIfGreater <arg1>, <arg2>, <label_name>
GotoIfLess <arg1>, <arg2>, <label_name>
GotoIFGrEqual <arg1>, <arg2>, <label_name>
GotoIfLsEqual <arg1>, <arg2>, <label_name>
Description
These are identical to GotoIfEqual (page 142), except that execution branches
only if (respectively):
<arg1> not equal to <arg2>
<arg1> is greater than <arg2>
<arg1> is less than <arg2>
<arg1> is greater than or equal to <arg2>
<arg1> is less than or equal to <arg2>
cannot transfer execution to a file set different from the current one.
NOTE: GotoIf* performs an integer comparison, not a string comparison.
Is_NLM_Active
Syntax
Is_NLM_Active <NLM Name>, <Completion Code>
Description
Is_NLM_Active searches the loaded modules list and returns 1 if the NLM is
loaded, or 0 if the NLM is not present in memory.
Example
Is_NLM_Active Monitor.nlm, ccode

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
IsSubString
Syntax
IsSubString <string>, <substring>, <index>
Description
IsSubString returns the zero based <index> of <string> where <substring>

starts, if <substring> is indeed contained within <string>, otherwise <index>
is -1.
Example
IsSubString Little Miss Muffet sat on, Miss Muffet,
index
In this example, <index> would return as 7.

Label
Syntax
Label <label_name>
Description
Label serves only as a target of a goto statement with <label_name>.

IMPORTANT: The scope of a label is always local to a file set. Therefore, a Goto
statement cannot transfer execution to a file set different from the current one.
Example
Goto Done
Label Done
The Goto Done statement will cause execution to continue at Label Done.
LangVar
Syntax
LangVar <default>, <lang var>, <src var dir name>, <src vol
name>, <src descr>

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Description
LangVar sets a variable to the number of a language. It starts with <src var dir
name>, then it looks for a subdirectory whose name is a number that matches
the current server language number. If the subdirectory is found, <lang var>
is set to that number; otherwise, <lang var> is set to <default>.
Example
Assuming the current language is 6:

LangVar 4, lang, NWSRC, '', ''
This command looks in the source install directory for a subdirectory named
6. Finding it, it sets lang to 6.
Menu
Syntax
Menu <var name>, <Prompt>, <# of menu options>, <default menu
option>, <first choice>, <first value>, <second option>,
<second value> [<third option>, <third value>,] [<fourth
option>, <fourth value>]
Description
Menu command will display a window with the <Prompt> showing in a

header area. The <choices> will display in a scrolling area below the header.
The <# of menu options> is 1 based. The <default menu option> is zero based.
The entire command is terminated without a comma after the final value.
Example
Menu done, Are you ready to continue?, 2, 0,

Yes, 1,
No, 0
The Menu command displays a box on the screen with the Prompt Are you
ready to continue? Below it the choices are Yes and No. The Yes
option is highlighted as the default option. Upon selecting the option, the value
will be placed in the variable. The values must be integers.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NLMExec
NLMExecIO
Syntax
NLMExec <block flag>, <command line>
Description
NLMExec executes the NLM specified by <command line>. If <block flag>

is 1, NLMExec waits for the NLM to complete execution, then continues.
NLMExec is the external command version of the Exec (page 123) command.
NLMExecIO is identical to NLMExec except it executes the command line on
the default DOS server on a NetWare SFT III server. See SetDOSServer on
page 149 for more information.
Example
NLMExec 1, PINSTALL
This command executes PINSTALL.NLM and waits for it to finish.

Partitions
Syntax
Partitions <delete flag>
Description
Partitions creates NetWare partitions as needed on all available devices. If

<delete flag> is 1, all existing non bootable partitions will be deleted. If
<delete flag> is 0, they will be left intact. The minimum allowable partition
size is 1 MB, according to default rules (see @DeletePartition on page 105).
Example
For one existing device with a DOS (active) partition and a NetWare 286
partition:
Partitions 1
This deletes the 286 partition and creates a NetWare partition in the remaining
space.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
PromptForCD
Syntax
PromptForCD <CD Volume Name>, <seconds to mount>
Description
PromptForCD is to be used with DisMountCD (above). PromptForCD
will prompt the user to insert the CD labeled <CD Volume Name>
into the CD drive and then will attempt to mount the CD volume
within the <seconds to mount> time frame.
Example
PromptForCD CD 1, 30
Quit
Syntax
Quit
Description
Quit will exit the script processing at this point. No further processing will
take place.
Example
GotoIfEqual %{variable1}, %{true}, Continue_On
Quit
Label Continue_On
ReadProductRecord
Syntax
ReadProductRecord <productID>, <recordtype>,
<recorddatavarname>, <ccode>
Description
ReadProductRecord reads the record in the products database matching the

<productID> and <recordtype> specified and returns the corresponding data.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
This command is the counterpart to the ProductRecord command. See

ProductRecord on page 123 for more information on record types.
Example
ReadProductRecord MYPROD, 0, version, ccode
The command will search the products database and return the value for
<version> for product 'MYPROD'.
Read_Var_File
Syntax
Read_Var_File <path>, <filename>, <completion code>
Description
Read_Var_File will read the contents of the filename and create variables for
script processing. The file is an ASCII formatted file with the content as
follows:
Variable1=true
Variable2=false
Variable3=Servername
Example
Read_Var_File sys:system, varfile.txt, ccode
NOTE: Ccode will return the file open status. 0 is success, anything else is an
error. If the variable to the left contains any spaces, leading or trailing, the spaces
will become part of the variable name and must be included with the variable when
referencing it.
SetDir
Syntax
SetDir <var name>, <relative dir>, <vol name>, <vol descr>,
<attributes>, <0|1>, <rights>
Description
SetDir creates directories (if they do not already exist), according to the <var
name> obtained from GetPath (page 141). The <relative dir> value can be
null. <attributes> are the attributes to use when creating the directory; 0

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
indicates normal attributes. If the <0|1> argument is 1, the server container

object (or everyone) is given <rights> rights to the directory.
Example
If myDir corresponds to VOL1:\

SetDir myDir, DOC, '', '', 10, 1, 0
The directory VOL1:\DOC will be created and all applicable users will have
rights to it.
SetDOSServer
Syntax
SetDOSServer <engine number>, <ccode>
Description
SetDOSServer specifies the <engine number> to be made the default DOS

server (valid numbers are 0 and 1). This will set the default server used by the
OS APIs.
NOTE: DiskReset and GetPath can be directed to a particular IOEngine by first
setting the DOS server as needed. This allows you to essentially map a path
variable to a particular IOEngine. From that point on, that path variable will be
associated with that IOEngine regardless of what the default DOS server is set to.
Therefore, any commands that use path variables will target the IOEngine
associated with the path variable rather than the default.
Example
SetVar IOEngineNumber, 0
SetDOSServer IOEngineNumber, ccode
The servers default IOEngine 0 will now be the default DOS server. Ccode
will have a 0 for its value on success and a -1 for a failure.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
SetLConfigLang
Syntax
SetLConfigLang <value>
Description
SetLConfigLang looks for the LCONFIG.SYS file in the server boot directory.
The default server language ID number is changed to <value>.
Example
SetLConfigLang 9
The default server language ID number in the LCONFIG.SYS file is changed

to 9 (Japanese).
SetVar
Syntax
SetVar <variable name>, <variable value>, [<Prompt>]
Description
SetVar sets a variable with <variable name> to the <variable value> string
value. If the value does not exist, one is created. The variable value cannot
exceed 127 characters in length.
Example
SetVar message, Hello World!
This causes a variable to be created with name message, and its value set to
the string Hello World!
NOTE: The Prompt option is only available in version 3.25+.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
SGotoIfEqual
SGotoIfNEqual
SGotoIfGreater
SGotoIfLess
SGotoIfGrEqual
SGotoIfLsEqual
The SGotoIf commands have the same options as the GotoIf commands. The
SGotoIf commands perform a string comparison instead of an integer
comparison.
SpaceCheck
Syntax
SpaceCheck <path var name>, <value>
Description
SpaceCheck looks at <path var name>. If it matches a NetWare volume,

SpaceCheck checks whether the volume is large enough for <value> bytes,
and whether the volume has enough free space for <value> bytes. If the
volume is not large enough, the installation aborts. If there is not enough free
space, the user is alerted and allowed to continue.
Example
Assuming srcVar corresponds to VOL1:\FILES

SpaceCheck srcVar, 1000000
Volume VOL1: will be checked for one million bytes of free space.
NOTE: ICMD.NLM versions 3.25 and older do not support SpaceCheck on DOS
drives. Newer versions support this drive option.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
SrchNCF
Syntax
SrchNCF <ncf path var>, <ncf file name>, <keystring>,
<foundline var name>
Description
SrchNCF searches an .NCF file for line containing a substring matching

<keystring> (non case-sensitive). If found, the line of text will be returned;
otherwise <foundline var name> will be empty.
NOTE: The same value as not found will be returned if an error is encountered (for
example, invalid filename, read error, etc). It is assumed that this command will be
used before calling EditNCF (page 137) which returns a more detailed completion
code that can be acted on as necessary.
Example
GetPath sys, 1, 'SYS:\\', ''
SrchNCF sys, 'SYSTEM\\AUTOEXEC.NCF', Load Monitor, ccode
The SrchNCF command will search the SYS:\SYSTEM\AUTOEXEC.NCF

file for the string 'Load Monitor' and return the line number in ccode if found.
ValueSet
ValueAdd
Syntax
ValueSet <var name>, <value>
Value Add <var name>, <value>
Description
ValueSet sets, and ValueAdd adds to, the numeric contents of variable <var
name>.
Example
ValueSet srcVar, 1
The variable srcVar is created if it did not exist and is set to 1.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Volumes
Syntax
Volumes <minimum vol SYS: size in sectors>
Description
Volumes creates and mounts volumes on this server, with the volume SYS:
placed on the first device larger than <minimum volume SYS: size in sectors>
(512 bytes per sector). Additional volumes, named VOL1, VOL2, etc.,
will be created on other devices, one per device.
Example
For one existing device with 50 MB and a NetWare partition, but no volumes:
Volumes 51200; 25 MB minimum
This command creates volume SYS: on the device and mounts it. For more
information on creating and mounting NetWare volumes, see the Volume
Management API.
Write_Var_File
Syntax
Write_Var_File <path>, <filename>, <varname>, <var value>,
<completion code>
Description
Write_Var_File will write the varname and var value to the filename specified
by the path/filename. The file is an ASCII formatted file with contents as
follows:
Variable1=true
Variable2=false
Variable3=Servername
Example
Write_Var_File sys:system, varfile.txt, Variable1,
true, ccode
NOTE: Ccode will return the file open status. 0 is success, anything else is an
error. If the variable to the left contains any spaces, leading or trailing, they will be

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
part of the variable name and must be included with the variable when referencing
it later. If the filename doesn't exist, it will be created. The varname and var value
will then be written. If the file does exist, the varname and var value will be
appended to the contents of the file.
External Command Programming Interface

The external command programming interface contains the functions
described below.
IMPORTANT: These functions require ICMD.NLM 2.18 or later.
ICMDSetVar
Use the ICMDSetVar function to set a script variable programmatically.
Function
int ICMDSetVar (char *variableName, char *variableValue)

*variableName: Pointer to name of variable to set
*variableValue: Pointer to string representing value of variable being set
Return
0 if successful; non-zero error code if unsuccessful.

Description
ICMDSetVar is a function exported by ICMD.NLM that another NLM can

call (for instance, in a blocking NLMExec command). This lets the NLM set
a variable within a script being executed by ICMD.NLM so the NLM can
communicate with the script, changing the control flow, etc.
Example
If MYNLM.NLM has code as follows:

ICMDSetVar(mynlmvar, hello world); exit();
and the script looks like this:

NLMExec 1, mynlm
Display 0, Information: %{mynlmvar}
then this popup text box would be displayed:

Information: hello world

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
ICMDGetVar
Use the ICMDGetVar function to get the value of a script variable.
Function
int ICMDGetVar (char *variableName, char *variableValue)

*variableName: Pointer to name of variable
*variableValue: Buffer containing value of variable; must be at least 128
bytes
Return
0 if successful; non-zero error code if unsuccessful or if variableName does

not exist.
Description
ICMDGetVar is a function exported by ICMD.NLM that another NLM can

call. This lets the NLM set a variable within a script being executed by
ICMD.NLM so the NLM can communicate with the script, changing the
control flow, etc.
Example
If a script looks like this:

SetVar myvar, Hello
NLMExec 1, mynlm
and if MYNLM.NLM has code as follows:

char buffer[128];
ICMDGetVar(myvar, buffer);
then the value in buffer would be the null-terminated string:

Hello.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
External Command Variable Substitution

A variable, such as the value returned by GetPath (page 141), can be used
inside any quoted string within an executed external command. The variable
is global. It goes out of scope only when the command processor is replaced
by a different one. The variable can be dereferenced explicitly by an
expression %{<var name>} within another string.
Variable
Description
NWSERVER
The name of the server the script is processing on.
NWSRC
Source path where script is found.
NWDST
Destination path (where server will boot from).
NWBOOT
Current path (where server was booted from).
NWLANG
Language number (4 = English, etc.).
COUNTRY
Country ID (DOS country specifier).
CODEPAGE
Codepage number (DOS code page specifier).
OSTYPE
NetWare operating system type:

0 - Native
1 - OS/2
2 - SFT III
LOADERTYPE
Type of loader used to start NetWare:

1 - DOS
2 - OS/2
3 - Windows 3.1
SERVCONFIGTYPE
NetWare server configuration:

0 - Native
1 - SFT III I/O Engine
2 - SFT III MS Engine
SFTLEVEL
Level of active System Fault Tolerance for NetWare.
OSMAJORVERSION
The major version number for the NetWare OS.
OSMINORVERSION
The minor version number for the NetWare OS.
OSREVISION
The revision level for the NetWare OS.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
All path variables, including the predefined ones, allow subfield specifiers in
the form <path var>.<specifier>.
<path var>
<specifier>
PATH
String containing the actual path.
VOL
Disk volume name.
PROMPT
Disk volume prompt.
TYPE
Path type.
SUBTYPE
Path subtype.
CONN
Connection number (hex).
ENGINE
Engine number.
TYPE
Values:
1 local server
2 remote server
3 local DOS
4 remote DOS (via RCONSOLE)
SUBTYPE
Values:
0 unknown
1 floppy
2 cd
3 network
4 other
Example
NLMExec 1, 'Pinstall %{NWLANG} %{NWSRC.CONN}'
If the server language is English, and the connection number for NWRSC is
5, it is as if the following were typed on the system console:
'load PINSTALL.NLM 4 5'

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Installation NLM Command Line Options

Command line options can be preceded by '-', but this is not required.
IMPORTANT: These options are not intended for general distribution; they apply
only to the NetWare installation NLM. Other Switches are not guaranteed to be
supported in all versions.
User-Documented Switches for NetWare Installation

Switch
Description
DSREMOVE
Allows absolute removal of DS.
Allows license replacement.
Switches Helpful for Install Script Writers

Switch
Description
DELAY
Wait until execution of AUTOEXEC.NCF is complete

before activating screen.
NOSTATUS
Suppress status bar display in batch mode.
A=
NNNNNNNN:OOOOOOOOOOOO:SSSS or
XXX.XXX.XXX
source path IPX address: N hex network (8 chars): O
hex node (12 chars): S hex socket
source path IP address: XXX decimal value (1-3 chars)
B=
Batch file spec.
D=
Destination path in DOS for SERVER.EXE, etc.
E=
Error file spec.
O=
Overwrite existing files flag; 1: always, 2: never

overwrite.
S=
Source path DOS specifier.
W=
Overwrite newer files flag; 1: always, 2: never

overwrite.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Other Switches
Switch
Description
MDEBUG
Memory debug.
TRANSPORT
Transport layer type. (IPX is the default).

IPX
TCP
UDP
C=
Source path remote context.
DS=
Specifies that NDS authentication will be used.

If command is not present, the connection is made through
the bindery.
F=
Front end flag.

Q simplified mode
T calculate file set totals
V suppressed delayed init (DELAY)
X allow more DS options
K=
Default startup.ncf file spec.
L=
Mode of installation.
N=
Source path remote server spec.
P=
Source path remote user password.
U=
Source path remote user name.
Z=
Source path remote tree.

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NetWare 4.1 Remote Installation Wrapper

You can use NetWare installation to remotely install a product that was not
originally intended for remote installation.
1 Create a wrapper script that copies the associated files to the server before
executing PINSTALL.NLM.
Make sure the system volume is large enough to contain the scratch files,
even in local install cases.
In the example below, the directory layout is as follows on the diskette:
\ (root)
PINSTALL.IPS
PINSTALL.NLM
other files...
The contents of file PINSTALL.IPS appears as follows:
command icmd
getpath dest, 1, 'sys:system\\tmp', ''
copyfile 0, 0, 0, 0, 0, NWSRC, '*.*', '', '', dest, '', '', ''
; Additional copyfile commands might be needed to copy all diskettes
; See filedata.doc for details.
nlmexec 1, 'sys:system\\tmp\\pinstall'
erasefile 0, dest, '', '', ''
PINSTALL.IPS script causes ICMD.NLM to be loaded. A path variable
dest is set, all files are copied to that location, PINSTALL.NLM is
executed, then the files are erased.
2 Load INSTALL.NLM.
3 Click Product Options > Install a Product Not Listed.
4 Press F3.
5 Enter the remote path:
server_name\vol_name:path

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NetWare Installation Command Version Availability

The following tables list the available NetWare installation and external
installation commands.
NetWare Install Commands

Command
NetWare 4.10
NetWare 4.11
NetWare for Small

Business
NetWare 5 and
NetWare 6
@CDName
@DeletePartition
@Driver
@FileSet
@IncludeFile
@MessageFile
@Other
@StartAppObject
@StartSchemaMod
@SyntaxVersion
@TimeZone
@TranslateModule
@Version
Command
CopyDriverToServer
CopyDriverToStartup
CopyToServer
CopyToStartup

103-000143-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Command
NetWare 4.10
NetWare 4.11
NetWare for Small

Business
NetWare 5 and
NetWare 6
Exec
ProductRecord
RegisterLanguage
SaveLanguageFile
Spawn
2.18
3.20
3.25
NetWare External Install Commands

Command
Version of ICMD.NLM
2.00
Activate
AppendFile
CheckFile
Config
Console
CopyFile
CopyFloppyImage
Delay
DiskReset
Display_Text_File
Display
DSInst
EditNCF
EditNCF_Addline

103-000143-001
August 30, 2001
Novell Confidential
Manual
Command
99a
38
July 17, 2001
Version of ICMD.NLM
2.00
2.18
3.20
3.25
ExtractVersionNumbe
rs
GetDOSServer
Goto
GotoIfEqual
GotoIfNEqual
GotoIfGreater
GotoIfLess
GotoIfGrEqual
GotoIfLsEqual
EditNCF_Keystrings
EraseFile
GetPath
Is_NLM_Active
Label
LangVar
Menu
NLMExec
NLMExec_IO
Partitions
Quit
ReadProductRecord
Read_Var_File
X
X

103-000143-001
August 30, 2001
Novell Confidential
Manual
Command
SetDir
99a
38
July 17, 2001
Version of ICMD.NLM
2.00
2.18
3.20
3.25
SetDOSServer
SetLConfigLang
SetVar
SgotoIfEqual
SgotoIfNEqual
SgotoIfGreater
SgotoIfLess
SgotoIfGrEqual
SgotoIfLsEqual
SpaceCheck
SrchNCF
ValueAdd
ValueSet
Volumes
Write_Var_File

103-000143-001
August 30, 2001
Novell Confidential
NetWare Migration Wizard 6 Administration Guide
Novell
NetWare Migration
Wizard 6
www.novell.com
A D M I N I S T R AT I O N G U I D E
August 29, 2001

Novell Confidential
Manual
Rev 99a
July 17, 2001
38
Contents
Contents
Migrating Data from NetWare 3
Meet System and Software Requirements . . . . . . .

Preparing the Workstation . . . . . . . . . . . . .
Preparing the Source Server . . . . . . . . . . . .
Preparing the Servers in the Destination NDS Tree
Creating a Template Object . . . . . . . . . . . .
Run Novell NetWare Migration Wizard. . . . . . . . .
Model Your Migration Project . . . . . . . . . . . . .
Verify Your Migration Project. . . . . . . . . . . . . .
Migrate Users and Data to the Destination NDS Tree .
Perform Post-Migration Tasks . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Migrating Data from NetWare 4, 5, or 6

Meet System and Software Requirements .
Preparing the Workstation . . . . . . .
Preparing the Source Server . . . . . .
Preparing the Destination Server . . . .
Run Migration Wizard . . . . . . . . . . .
Copy Volumes . . . . . . . . . . . . . . .
Edit Configuration Files . . . . . . . . . .
Begin NDS Migration . . . . . . . . . . . .
Finish NDS Migration. . . . . . . . . . . .
Perform Post-Migration Tasks . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
10
10
11
11
11
12
15
17
17
20
21
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Meet System and Software Requirements . . .

Perform Prerequisite Tasks . . . . . . . . . .
Creating a Template Object . . . . . . . .
Creating ZENworks User Policy Packages .
Registering the Workstation . . . . . . . .
Run Migration Wizard . . . . . . . . . . . . .
Model Your Migration Project . . . . . . . . .
Verify Your Migration Project. . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Migrating Data from Windows NT
22
22
22
23
25
26
28
29
31
32
33
Contents
NetWare Migration Wizard 6 Aministration Guide

103-000161-001
August 29, 2001
Novell Confidential
35
36
36
37
38
39
42
45
Manual
Rev 99a
July 17, 2001
38
Migrate Users and Data to the Destination NDS Tree. . . . . . . . . . . . . . . . . . . . . . . 46

Perform Post-Migration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
Troubleshooting
51
General Connection Problems . . . . . . . . . . . . .

Workstation-to-Server Connections . . . . . . . . . . .
Server-to-Server Connections . . . . . . . . . . . . . .
File Copy . . . . . . . . . . . . . . . . . . . . . . . .
SMDR Errors . . . . . . . . . . . . . . . . . . . . . .
Restoring Trustees . . . . . . . . . . . . . . . . . . .
NUWAGENT.NLM . . . . . . . . . . . . . . . . . . . .
NICI Errors . . . . . . . . . . . . . . . . . . . . . . .
NDS Migration . . . . . . . . . . . . . . . . . . . . .
Restore Source Server to Its Original Configuration .
Remove NDS from the Destination Server . . . . .
Remove NDS from the Source Server . . . . . . . .
Restore NDS to the Source Server . . . . . . . . .
Reinstall the Destination Server . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

103-000161-001
August 29, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
51
52
53
53
54
54
55
55
56
56
57
58
59
60
Manual
Rev 99a
38
July 17, 2001

Novell NetWare Migration Wizard 6 lets you copy data from a NetWare or
a Windows* NT* server to another NetWare server in your network.
Migrating Data from NetWare 3Migration Wizard copies the NetWare 3 file
system and bindery objects to a destination NDS tree. When the bindery
objects are copied to the destination NDS tree, they are automatically
converted to NDS objects.
Migrating Data from NetWare 4, 5, or 6Migration Wizard migrates the file
system and NDS database from a NetWare 4, NetWare 5, or NetWare 6 source
server to a faster, more reliable NetWare destination server. After NDS is
migrated, the destination server replaces and assumes the identity of the
source server on the network. Valid destination servers must be ruuning
NetWare 5.0, 5.1, or 6.
Migrating Data from Windows NTMigration Wizard migrates NT domain
users and local and global groups from a Windows NT 3.51 or 4 server to a
destination NDS tree. During the migration, the NT users and groups are
converted to NDS objects and placed in the destination NDS tree. NetWare
Migration Wizard 6 also migrates NT shared folders to a NetWare file system
while migrating and converting Windows NT permissions to NetWare trustee
rights.

103-000161-001
August 29, 2001
Novell Confidential
Manual
Rev 99a

103-000161-001
August 29, 2001
Novell Confidential
38
July 17, 2001
Manual
Rev 99a
38
July 17, 2001

Novell NetWare Migration Wizard 6 copies and consolidates your NetWare
3 bindery and file system from one or more existing NetWare 3 servers to a
destination NDS tree.
The following figure shows how the Migration Wizard manages the migration
of data from multiple NetWare 3 servers to a destination NDS tree.
NetWare 3
Servers
Data
Destination
NDS Tree
files
volumes
objects
NetWare
Migration
Wizard
Windows 98
or
Windows NT 4.0/2000
Workstation
To migrate data from NetWare 3, complete the following tasks in the order
they are listed.
1. Meet System and Software Requirements on page 10
2. Run Novell NetWare Migration Wizard on page 12

103-000161-001
August 29, 2001
Novell Confidential
Manual
Rev 99a
38
July 17, 2001
3. Verify Your Migration Project on page 17

4. Migrate Users and Data to the Destination NDS Tree on page 17
5. Perform Post-Migration Tasks on page 20

Log in to your destination NDS tree with a user that is listed in the bindery
context of the destination NDS tree. Make sure the user has the
Supervisor right to the destination servers that you are migrating file data
to and three available user licenses.
For more on how to enable the Supervisor right, see the ConsoleOneTM
Documentation (http://www.novell.com/documentation).
Make sure you have the Write right to all NDS containers and directories
that are receiving data from NetWare 3.
Preparing the Workstation

A Windows 98, Windows NT (4.0 or later), or Windows 2000
workstation with 50 MB of available disk space.
IMPORTANT: NetWare Migration Wizard 6 does not run on a Windows 95
workstation.
The Windows 98 workstation must be running Novell ClientTM for

Windows 98 version 3.3 or later.
The Windows NT/2000 workstation must be running Novell Client
for Windows NT/2000 version 4.8 or later.
To check your current Novell Client version, right-click the N icon on the
workstation toolbar, and then click Novell Client Properties > Client. If
you need to download the latest client, see the Novell Software
Downloads Web site (http://www.novell.com/download).
The IPXTM protocol running on your Novell Client workstation. Make
sure that your client workstation has an IPX connection to your source
server and destination tree.
10

103-000161-001
August 29, 2001
Novell Confidential
Manual
Rev 99a
38
July 17, 2001
Preparing the Source Server

The source server is the existing server that contains the data that will be
copied to the destination NDS tree.
The source server must be running NetWare 3.11 or later.
Load the following NLMTM program at the server console of each
NetWare 3 source server that you are planning to migrate:
For NetWare 3.11, load TSA311.NLM
For NetWare 3.12 and 3.2, load TSA312. NLM
Use SYSCON to verify that you have the console operator right to the
source server.
Back up all data on the source server.
Preparing the Servers in the Destination NDS Tree

The destination NDS tree is the NDS tree that contains the servers that will
receive the data migrated from the NetWare 3 source server. After data is
copied from the source server, it appears in the destination NDS tree.
Make sure that all the servers that you are migrating data to in the destination
NDS tree have the following:
NetWare 4, NetWare 5, or NetWare 6 installed.
NOTE: NetWare Migration Wizard 6 does not migrate to NetWare 4.10 servers.
The IPX protocol running and bound to the network card of each NetWare
server in the destination NDS tree that you are migrating files to.
WARNING: If IPX is not bound and running on the destination server, the file
migration will fail. To check whether IPX is bound, enter CONFIG at the server
console of the destination server.
Continue with the next section, "Creating a Template Object."
Creating a Template Object

This is an optional prerequisite task. A Template object is used to define
additional NDS user attributes to NetWare 3 users during the migration. We
recommend that you use a Template object because it is an organized way to
migrate your NetWare 3 users to the NDS tree and manage them once they are
there.

103-000161-001
August 29, 2001
Novell Confidential
11
Manual
Rev 99a
38
July 17, 2001
If there is a conflict between the properties of a Template object and properties

of a NetWare 3 user, the properties of the Template object will, in most cases,
take priority. For example, if a minimum password length of seven characters
is specified for the NetWare 3 user, Jeff, and a minimum password length of
nine characters is specified in the Template object, then when Jeffs object is
migrated, the object will be created in NDS with a password length of nine
characters.
If you want to know what additional NDS attributes can be defined in a
Template object, run ConsoleOne and double-click a Template object to view
all of the existing properties.
The last name, full name, and description of every NetWare 3 object is always
migrated and these corresponding properties from the Template object are
overwritten.
If you decide to use a Template object, you can create one in ConsoleOne by
clicking File > New > Object > Template.
Continue with the next section, "Run Novell NetWare Migration Wizard."
Run Novell NetWare Migration Wizard

1 Download and install NetWare Migration Wizard 6 from the NetWare
section of the Novell Software Downloads Web site (http://

www.novell.com/download/).
2 Run Migration Wizard from the location where you installed it.
The installation program, by default, installs Migration Wizard at this

location: Start Menu > Programs > Novell > Netware Migration Wizard
> NetWare Migration Wizard.
3 Read the Welcome screen and click OK.
4 Click Create a New Project > OK.
5 Click NetWare 3 > OK.
6 Click the View Setup Tasks button.
This launches your default Web browser and takes you to the NetWare
Migration Wizard 6 online documentation.
7 Browse to Chapter 1, Migrating Data from NetWare 3, on page 9 and
make sure you have completed the system and software requirements in
"Meet System and Software Requirements." Then close your browser.
12

103-000161-001
August 29, 2001
Novell Confidential
Manual
Rev 99a
38
July 17, 2001
8 Click Next.
9 Name your migration project, choose a place to save it, and then click
Next.
By default, Migration Wizard saves your project in C:\Program
Files\Novell\NetWare Migration Wizard.
10 Select the source servers that you want to migrate.
Only servers that you are already logged in to appear in the Selected
Servers text box. To log in to a server, click the Server icon. When you
are finished selecting your servers, click Next.
11 Select your destination NDS tree and click Next.
12 Decide whether you want Migration Wizard to find any NetWare 3 and
NDS User objects that have the same name, click Yes or No, and then
click Next.
If you choose to do this, Migration Wizard will look for duplicate
usernames in the destination NDS tree and on the NetWare 3 source
servers. Migration Wizard will then display its findings and you can
choose to merge the matching User objects.
13 To create and save your project, click Create.
When a project is created and saved, Migration Wizard also creates

success and error logs which contain the details of what took place during
the migration.
14 If you clicked No in Step 12, skip the rest of these steps and continue with
Model Your Migration Project on page 15. If you clicked Yes in Step
12, continue with the next step.
15 Complete the following tasks:
15a Click the Browse button to select an NDS container on the

Migration Wizard will search this container and all subcontainers for
matching NDS usernames.
15b Browse the tree and select an NDS container, and then click OK.
15c Click Next to begin searching for duplicate usernames.
15d Decide how to handle duplicate usernames.
The following screen is an example of the username table in

Migration Wizard. Carefully review this screen. If you do not make

103-000161-001
August 29, 2001
Novell Confidential
13
Manual
Rev 99a
38
July 17, 2001
any changes, Migration Wizard will automatically merge the

NetWare 3 user with the displayed NDS user.
Figure 1
Merging Your NetWare 3 Users with Duplicate NDS Users
You have the following options for each NetWare 3 user:
Merge the NetWare 3 user with the displayed NDS user

Simply leave the NetWare 3 user displayed as it is in the table
and continue with the next user.
Merge an NDS user other than the currently displayed NDS user
Click the arrow by the NDS username to view a drop-down list
containing all the NDS users that have the same username
(including contexts) as the adjacent NetWare 3 user. Select one
of the NDS names and continue with the next NetWare 3 user.
Do not merge any of the NDS users with the NetWare 3 user
If you know that none of the listed NDS users represents the
same person as the adjacent NetWare 3 user, click the arrow by
the NDS username and then click Dont Merge.
14

103-000161-001
August 29, 2001
Novell Confidential
Manual
Rev 99a
38
July 17, 2001
15e Once you have made a decision for each listed NetWare 3 user, click
Finish.
The NetWare 3 users that you chose to merge with NDS User objects
appear automatically as dropped objects in the destination NDS tree.
Continue with the next section, "Model Your Migration Project."
Model Your Migration Project

Most of your work will be done in the Project Window, where you can drag
and drop NetWare 3 bindery objects and volume data into NDS containers in
the destination NDS tree.
The Project Window is a place to model different migration scenarios before
you begin the actual migration. The source servers bindery objects and
volume data are shown in the left side of the Project Window, and the
destination NDS tree is displayed in the right side of the Project Window. All
of the planning in the Project Window is done offline, meaning that items
moved and created in the Project Window are not actually moved or created
until you begin the migration.
The Project Window and the Using the Project Window dialog box appear
once you have created the migration project. The following figure is an
example of the Using the Project Window dialog box that appears on top of
the Project Window.

103-000161-001
August 29, 2001
Novell Confidential
15
Manual
Figure 2
Rev 99a
38
July 17, 2001
Using the Project Window Dialog Box
The three basic steps outlined in this dialog box should be performed for each
migration project. Once you are familiar with the tasks that you will be
performing, click Close to access the Project Window and begin modeling
your migration.
Complete the following tasks:
1 Determine which NetWare 3 bindery objects and volume data will be
copied to which containers in the destination servers NDS tree.

2 If needed, create new objects in the destination NDS tree.
To create a new NDS Organizational Unit (also called a container),

right-click the parent of the Organizational Unit.
To create a new folder, right-click an existing folder or volume.
3 Drag and drop NetWare 3 bindery objects, folders, and volumes into NDS
containers.
Continue with the next section, "Verify Your Migration Project."
16

103-000161-001
August 29, 2001
Novell Confidential
Manual
Rev 99a
38
July 17, 2001
Verify Your Migration Project

Once you have modeled your migration in the Project Window, you should
verify that the proposed locations for these new objects do not conflict with
existing names in the destination NDS tree.
Remember, dragged-and-dropped items appearing in the NDS tree are merely
assigned to be copied to that area in the NDS tree. Objects will not actually be
migrated until you begin the migration.
Once you have modeled your migration project, you can run a standalone
verification wizard or you can verify and migrate at the same time. Running
the standalone verification wizard prior to migration is not mandatory;
however, catching any critical errors or warnings before you begin your
migration will speed up the verification process during the migration.
1 To run the standalone verification wizard, click Project > Verify Project.
2 Follow the procedure in the next section Migrate Users and Data to the
Destination NDS Tree on page 17, starting with Step 2.
Migrate Users and Data to the Destination NDS Tree

Although you have selected the volumes and containers where the NetWare 3
data will be copied, no data has been migrated. When migrated, NetWare 3
User objects are converted to NDS objects and placed in the destination NDS
tree. To begin the migration, do the following:
1 From the Migration Wizard toolbar, click Project > Verify and Migrate
Project.
IMPORTANT: If you are notified during the verification that certain NLM files are
outdated on your NetWare 3 source server, you must update those files. To update
the files, copy them from the Products\NW3X directory. It is important that you copy
only the NLM files that Migration Wizard prompts you to. After copying the NLM
files, reboot the NetWare 3 source server and launch Migration Wizard again.
The Products\NW3X directory is located in the same directory where Migration
Wizard was installed (C:\Program Files\Novell\Novell NetWare Migration
Wizard\Products\NW3X).
2 Read the Welcome Screen and then click Next.

3 (Conditional) If you are migrating more than one server, choose the order
that you want your servers migrated in and then click Next.
This matters only if you have duplicate User objects among your source
servers.

103-000161-001
August 29, 2001
Novell Confidential
17
Manual
Rev 99a
38
July 17, 2001
4 If prompted, select what volume you want to migrate your NetWare 3
print queue volume to, and then click Next.

5 If you want to apply a Template object to newly created users, browse the
tree, select the Template object from the tree view and then click Next.
If you do not want to use a Template object, uncheck the check box and
click Next.
IMPORTANT: Home directories are not automatically migrated. To migrate them,
you must drag and drop the NetWare 3 directory that lists the home directories into
the destination NDS tree. Then use a Template object when migrating your
NetWare 3 users to the destination NDS tree and make sure that the specified
home directory path in the Template object points to the location where you
dropped the NetWare 3 directory in the destination NDS tree.
HINT: If you have not created a Template object but you want to use one now,
save the project, go to ConsoleOne, and create the Template object. Next, run
Migration Wizard again and click Open Last Project. Then restart the migration
procedure beginning with Step 1 on page 17.
6 Decide how you want to handle any duplicate filenames between the
NetWare 3 source servers and the destination NDS tree. Select one of the
following and then click Next:
Dont Copy Over Existing Files
Copy the Source File If It Is Newer
Always Copy the Source File
7 If you are migrating this NetWare 3 server for the first time, click Yes >
Next. If you are continuing with a previous migration, click No > Next.
When you migrate users and groups from NetWare 3, Migration Wizard
stores a table in the bindery of each source server of the NDS names that
it associates with the migrated NetWare 3 users as they are migrated to the
destination NDS tree. This way, you can migrate a few users at different
times and Migration Wizard will remember where you migrated them to.
Also, by storing this information, Migration Wizard can assign the correct
file permissions to the appropriate users.
8 Enter the password for the destination NDS tree and click Next.
9 Enter the password for the source server that you are migrating and then
click Next.
If you are migrating multiple servers at one time, you will see this screen
for every source server that you are migrating.
18

103-000161-001
August 29, 2001
Novell Confidential
Manual
Rev 99a
38
July 17, 2001
10 Click Next to verify that you have enough disk space on the destination
volume to accommodate your NetWare 3 file system.

Migration Wizard will also scan the contents of all dropped folders and
verify that you have sufficient rights to migrate them.
11 If prompted, resolve any naming conflicts between different-type objects,
and then click Next.

You can choose to rename different-type objects or to not migrate them.
If you are migrating multiple servers at one time, you will see this screen
for every source server that you are migrating.
12 If prompted, resolve any naming conflicts between same-type objects,

You can choose to merge same-type objects or to not migrate them. If you
are migrating multiple servers at one time, you will see this screen for
every source server that you are migrating.
13 Verify that you do not want to migrate the listed NetWare 3 users, and
then click Next.

You will see this screen for every source server that you are migrating. If
you have made a mistake, click Cancel to return to the Project Window
and drag and drop the users that you want to migrate.
14 Verify that you do not want to migrate the listed NetWare 3 groups, and
then click Next.

You will see this screen for every source server that you are migrating. If
you have made a mistake, click Cancel to return to the Project Window
and drag and drop the users that you want to migrate.
15 Resolve any critical errors and click Next.
Warnings, or noncritical errors, can be resolved after the migration. To

resolve a critical error or warning, read the description in the text field
located beneath it. This description should give you a good idea of what
could be the possible cause of the error and a suggestion for fixing it.
If you are only verifying your project at this point, read the
Verification Summary, click Finish, and follow the instructions in
Migrate Users and Data to the Destination NDS Tree on page 17 to
begin the actual migration.
If you are actually migrating at this point, read the Verification

Summary and click Proceed to start the actual migration.

103-000161-001
August 29, 2001
Novell Confidential
19
Manual
Rev 99a
38
July 17, 2001
17 (Migration only) View the Error Log and the Success Log.
Continue with the next section, "Perform Post-Migration Tasks."
Perform Post-Migration Tasks

After youve migrated the bindery objects and file system to the destination
server, complete the following tasks:
Modify the print configuration if you want to convert your queue-based
printing to NDPS.
For more information, see the Novell Documentation Web site (http://
www.novell.com/documentation/lg/nw51/docui/index.html) >
Additional Documentation > Print Services > Novell Distributed Print
Services.
Make sure that applications have migrated correctly.
After migration, if you want to install additional network products and
services, you can do so from the servertop by clicking the Novell icon >
Install.
Make sure that each migrated user has the correct Novell Client
properties to log in to the destination NDS tree.
Modify user login scripts to accommodate the new location of data in the
NDS tree.
For more information, see the Novell Documentation Web site (http://
www.novell.com/documentation/lg/nw51/docui/index.html) >
Additional Documentation > Novell Clients > Novell Client for Windows
> Setting Up Client Login > Setting Up Login Scripts.
Reassign home directories if they were not migrated.
20

103-000161-001
August 29, 2001
Novell Confidential
Manual
Rev 99a
38
July 17, 2001

When you migrate data from a NetWare 4, NetWare 5, or NetWare 6 source
server to a NetWare destination server, Novell NetWare Migration Wizard 6
copies the file system and NDS database from the source server to the newly
installed NetWare destination server.
After the source servers file system and NDS database is migrated to the
destination server, the source server is automatically brought down and the
destination server reboots and assumes the name and identity of the source
server on your existing network.
Existing
NDS Tree
Temporary
NDS Tree
Temporary
Server Name
NetWare
Destination Server
replaces
and
assumes
the identity
of
Source Server
Before you can migrate your data, you must first install a destination NetWare
server in a temporary NDS tree. A temporary tree is simply a tree that contains
one server with a basic installation of NetWare and no additional products
installed (other than SMSTM or any other default products).

103-000161-001
August 29, 2001
Novell Confidential
21
Manual
Rev 99a
38
July 17, 2001
To migrate data from NetWare 4, NetWare 5, or NetWare 6, complete the

following tasks in the order they are listed.
2. Run Migration Wizard on page 25

Preparing the Workstation
Make sure your workstation has the following:
A Windows 98 or Windows NT 4/2000 workstation with 50 MB of
available disk space.
The Windows 98 workstation must be running Novell ClientTM for
Windows 98 version 3.3 or later.
IMPORTANT: NetWare Migration Wizard 6 does not run on Windows 95
workstations.
The Windows NT 4/2000 workstation must be running Novell Client

for Windows NT version 4.8 or later.
If migrating from NetWare 4, the IPXTM protocol should be configured on
your Novell Client workstation.
For better performance, it is strongly recommended that the source server,
destination server, and client workstation be running on a common LAN
segment.
Preparing the Source Server

The source server is the NetWare server that contains the files, volumes, and
NDS objects that will be copied to the NetWare destination server. Valid
source servers can be running NetWare 4.11, 4.2, 5.0, 5.1, or 6.
Use ConsoleOneTM to verify that you have the Supervisor right to the
source servers file system and the source server itself.
Update the source server with the latest NetWare Support Pack.
Updates are available at the Consolidated Support Pack Home Page
(http://support.novell.com/csp/csplist.html).
22

103-000161-001
August 29, 2001
Novell Confidential
Manual
Rev 99a
38
July 17, 2001
(Conditional) If you are migrating data from NetWare 4, make sure that
the source servers volumes are running long name space support on all
volumes to be copied.
To add long name space support to a NetWare 4.11 or NetWare 4.2
volume, enter the following at the server console: LOAD LONG and then
ADD NAME SPACE LONG TO volumename.
Load DSREPAIR and run the following three options:
Unattended Full Repair
Time Synchronization
Report Synchronization Status
Make sure that these finish with no errors.
Back up NDS and all data.
Preparing the Destination Server

The destination server is the new computer that will receive the data from the
source server. This server must be installed into a temporary tree.
After data is migrated from the source server to the destination server, the
destination server reboots and Migration Wizard automatically modifies the
destination servers AUTOEXEC.NCF file to include the source servers
name and internal IPXTM number/server ID. You dont have to modify these
manually.
Valid destination servers can be running NetWare 5.0, 5.1, and 6. Migration
Wizard does not migrate to NetWare 4 destination servers.
Review the following tasks before installing the NetWare operating system on
the destination server:
Use ConsoleOne to verify that you have the Supervisor right to the
destination servers file system and the destination server itself.
Make sure you create a temporary NDS tree with a temporary NDS tree
name.
IMPORTANT: The temporary name and temporary NDS tree name must not be
the same as the source servers name or NDS tree name; otherwise, the
destination server will not assume the identity of the source server after the
migration.

103-000161-001
August 29, 2001
Novell Confidential
23
Manual
Rev 99a
38
July 17, 2001
During the installation, create volumes on the destination server that are
the same size as, or larger than, volumes on the source server.
Volume names on the destination server must be the same as the volume
names on the source server.
Migration Wizard migrates compressed volumes. If you are migrating
compressed volumes to uncompressed volumes, Migration Wizard
decompresses the volumes during the migration. Make sure you have
enough room on the uncompressed volume to accommodate the source
volumes once they are decompressed.
If migrating from NetWare 4, install and configure the IPX protocol.
The IPX protocol must be bound to the destination server for the
migration to work. (You can remove IPX after completing the migration.)
IMPORTANT: IP addresses for the source server will not be migrated. For more
information on changing your IP addresses, see Step 3 on page 28.
Install the destination server with the NetWare operating system that you
are migrating to.
For instructions on installing NetWare 5, see the NetWare 5
Overview and Installation Guide (http://www.novell.com/
documentation/lg/nw5/docui/index.html).
Make sure that you select the New Server option on the Additional
Products and Services screen during the NetWare 5 installation, and
deselect all products except SMS.
For instructions on installing NetWare 5.1, see the NetWare 5.1
Installation Guide (http://www.novell.com/documentation/lg/nw51/
docui/index.html).
Make sure that you select the custom option on the Installation
Options screen during the NetWare 5.1 installation, and deselect all
deselectable products except SMS. Dont worry about any default
products that you cant deselect.
For instructions on installing NetWare 6, see the "NetWare 6
Overview and Installation Guide".
Make sure that you select the Pre-migration server option during the
NetWare 6 installation. And then select the custom option so that you
can verify that you have enough room on your destination server to
accomodate your source server data.
Continue with the next section, "Run Migration Wizard."
24

103-000161-001
August 29, 2001
Novell Confidential
Manual
Rev 99a
38
July 17, 2001
Run Migration Wizard

1 Download and install NetWare Migration Wizard 6 from the NetWare
section of the Novell Software Downloads Web site (http://

www.novell.com/download).
2 Run Migration Wizard from the location where you installed it.
The installation program, by default, installs Migration Wizard at this

location: Start Menu > Programs > Novell > Netware Migration Wizard
> NetWare Migration Wizard.
3 Read the Welcome screen and click OK.
5 Click NetWare 4, 5, or 6 > OK.
7 Browse to Migrating Data from NetWare 4, 5, or 6 and make sure you
have completed the system and software requirements in "Meet System

and Software Requirements." Then close your browser.
8 Click Next.
9 Name the project, choose a place to save it, and then click Next.
By default, Migration Wizard saves all projects to C:\Program

10 Select the NDS tree that contains your source server and click Next.
11 Select your source server from the NDS tree and click Next.
12 Select the NDS tree that contains your destination server and click Next.
13 Select your destination server from the destination NDS tree and click
Next.
14 To save your project and access the Project Window, click Create.
The Project Window now appears.

Continue with the next section, "Copy Volumes."

103-000161-001
August 29, 2001
Novell Confidential
25
Manual
Rev 99a
38
July 17, 2001
Copy Volumes
1 In the Project Window, click Copy Volumes.
Before Migration Wizard starts copying files, it backs up your directory

and file trustees and saves them in files located on the source and the
destination server. Once the NDS migration is complete, Migration
Wizard restores the trustees from the files it stored on the destination
server.
You do not need to copy all volumes at once. You can select volumes to
copy now and then copy other volumes later by reopening the project file.
Remember that open files are not migrated.
IMPORTANT: If you choose to copy your volumes in phases, at the final volume
copy, make sure you select all volumes that you previously copied and then click
Cancel. Otherwise, Migration Wizard will restore trustee assignments only to the
last volumes that were copied.
2 Select each volume name from the text field and then click Yes or No.
If you decide not to copy any of the volumes, select No for all volumes,
click Next, and then continue with Edit Configuration Files on page 28.
If you selected Yes for one or more of the volumes, continue with Step 3.
If you have big volumes or slow LAN connections, or if you want to
reconfigure your data by putting existing directories into different folders
on the destination server, you should consider using a backup tape to copy
your volumes.
IMPORTANT: If you using tape backup, do not restore the source servers
standard SYS: directories to the destination server if you are upgrading your
NetWare operating system to a higher version. The standard SYS: directories, like
SYS:SYSTEM and SYS:PUBLIC, were created for you during the NetWare
installation.
If you are only migrating your existing data to new hardware and keeping the same
version of NetWare, restore the source servers standard SYS: directories to the
destination server.
If you decide to use tape backup, select No for all volumes on the Select
Volumes to Copy screen, click Next, and continue with Edit
Configuration Files on page 28.
3 Decide if you want to copy the source servers SYS: directories to the
destination servers SYS:MIG directory, and then click Next.

Migration Wizard never overwrites the SYS: directories on the
destination server. If you choose to migrate the source servers SYS:
26

103-000161-001
August 29, 2001
Novell Confidential
Manual
Rev 99a
38
July 17, 2001
directories, Migration Wizard migrates them to the SYS:SYS.MIG

directory on the destination server.
If there are files in the source servers SYS: directories that you want to
utilize on the destination server, after the NDS migration is completed,
copy the files from the SYS:SYS.MIG directory into the appropriate
SYS: directory on the destination server.
Remember, any applications that have NLM programs in this directory
will need to be reinstalled after the migration.
source server and the destination NDS tree. Select one of the following
and then click Next:
5 Determine how you would like to copy your volumes and then click Next.
You have the following two choices:
Copy volumes with users logged in
Disable login
Migration Wizard does not copy open files. If you disable user login, you
can be sure that no other users will log in to the network and open files
during the file copy.
6 Enter the passwords for the source and destination trees, and then click
Next.
7 If prompted, resolve any critical errors or warnings, and then click Next.
8 To copy the file system to the destination NDS tree, click Migrate.
9 Review the error and success logs, and then click Done.
Continue with the next section, "Edit Configuration Files."

103-000161-001
August 29, 2001
Novell Confidential
27
Manual
Rev 99a
38
July 17, 2001
Edit Configuration Files

1 In the Project Window, click Edit Configuration Files.
Migration Wizard lets you modify any .NCF or .CFG files on the
destination server. These files contain default LOAD statements and
parameters.
IMPORTANT: If you are editing your AUTOEXEC.NCF, make sure the file is
closed before you migrate your NDS database.
2 In the text box, select the configuration file that you want to edit and then
click Edit File.

3 Copy and paste the commands from the configuration file on the source
server to the corresponding configuration file on the destination server.

When you are finished, click Save & Close.
If you intend to change the IP address on your destination server to be the
same as the IP address of your source server, you must edit your
configuration files and change the IP address in two places:
AUTOEXEC.NCF and SYS:ETC/HOSTS.
Copy the source servers IP address and paste it into the destination
servers AUTOEXEC.NCF file. (This works only if your IP LOAD and
BIND statements are located in the AUTOEXEC.NCF.) You also need to
go to the server console of the destination server and change the IP
address in the SYS:ETC\HOSTS file. Look for the original name of the
destination server.
If you use INETCONFIG to assign IP addresses, change the IP addresses
after the migration is complete.
4 (Conditional) If you are using configured time sources
(TIMESYNC.CFG), then copy and paste your timesync information from

the source servers TIMESYNC.CFG file to the destination servers
TIMESYNC.CFG file.
5 Close the Compare Configurations dialog box.
Continue with the next section, "Begin NDS Migration."
28

103-000161-001
August 29, 2001
Novell Confidential
Manual
Rev 99a
38
July 17, 2001
Begin NDS Migration

1 In the Project Window, click Begin NDS Migration.
2 Back up all volumes that you are not planning to migrate and complete
the following tasks before continuing:
Make sure all volume data migrated successfully.
Make sure all critical errors from the file copy are resolved.
Make sure the servers in your source NDS tree are in time sync and
that NDS is synchronized. For more information, see Step 2 on page
31.
3 Click Next.
4 Insert the licensing diskette, browse to or enter the path to the licensing
file, and then click Next.

If you have an MLA, you also have the option of selecting the MLA
instead of inserting the licensing diskette.
5 Select Yes or No to update the source servers schema.
Migration Wizard will update the source servers schema to include the
NDS classes of the default applications that are installed on the
destination server.
If you select No, by default the Yes radio button is enabled, which causes
Migration Wizard to compare the source and destination schemas. This
comparison will help you determine how to extend your schema in
preparation for the migration.
6 Before continuing, verify that you have run the DSREPAIR procedures in
Step 2 on page 31 to verify that the NDS tree containing the source server
is functioning correctly, click Yes or No to acknowledge that your tree is
healthy, and then click Next.
Migration Wizard does not prevent you from continuing if you have not
run DSREPAIR to verify the health of your tree. However, if your tree is
unhealthy before you begin the migration, the migration might not
complete successfully.
7 If you are migrating from NetWare 4 running Border Manager, NetWare
5, or NetWare 6, you will be prompted to copy and transfer the NICI

configuration files from the source server to the destination server. Just
follow the on-screen instructions and when the NICI configuration is
complete, continue with the next step.

103-000161-001
August 29, 2001
Novell Confidential
29
Manual
Rev 99a
38
July 17, 2001
IMPORTANT: If you are getting NICI errors when NDS is trying to load or when
you are copying the NICI files, you should first check and see if PKI.NLM will load
on the destination server. If PKI.NLM wont load, see NICI Errors on page 55.
8 Delete all user connections (except your own) to the source and
destination servers, and then click Next.

9 Enter the passwords for the source and destination trees, and then click
Next.
10 Resolve any critical errors or warnings on the Migrate NDS Verification
Results screen, and then click Next.

11 Click Migrate to begin the NDS migration.
At the end of this the migration process, the source server is brought down
and the destination server reboots and takes over the name and identity of
the source server.
Migration Wizard automatically modifies the following items in the
destination servers AUTOEXEC.NCF file:
The file server name is changed to the name of the source server
The time zone is changed to the time zone stored in the source
servers AUTOEXEC.NCF file
The server ID is changed to the IPX internal net value or server ID

stored in the source servers AUTOEXEC.NCF file
The default time server type is changed to the value stored in the
source servers AUTOEXEC.NCF file
The bindery context is changed to the bindery context stored in

source servers AUTOEXEC.NCF file
IMPORTANT: During the migration, the source servers timesync information is
not automatically migrated.
12 View the Error and Success logs, and then click Done.
Use the Error Log to see a listing of all errors that occurred during the
migration. If there were errors, use the Success Log to determine how far
the migration got before the error occurred.
If the NDS migration failed, see NDS Migration on page 56 for
instructions on how to restore your servers to their original configuration.
13 Check the former destination server and verify that it has restarted and
taken on the name of the source server.
30

103-000161-001
August 29, 2001
Novell Confidential
Manual
Rev 99a
38
July 17, 2001
14 Reboot your workstation and log in to the former destination server.
If you cant log in, refer to Workstation-to-Server Connections on page

52.
Continue with the next section, "Finish NDS Migration."
Finish NDS Migration

1 In the Project Window, click Finish NDS Migration.
2 Read the Continue NDS Migration screen and make sure that
The former destination server has restarted and taken on the name
and identity of the source server
Licensing is installed
NDS is synchronized on all servers in the tree

To check NDS synchronization status, enter DSREPAIR at the server
console and run the Report Synchronization Status and Time
Synchronization options.
If the destination server does not contain a Read/Write or Master
replica, you must check NDS synchronization by running
DSREPAIR on another server in the NDS tree that has one of these
replicas.
3 Click Yes or No to verify that you have completed the tasks in "Step 2,"

4 Enter the password for the source tree and click Next.
5 Resolve any warnings or errors and click Next.
6 To finish the NDS migration, click Continue.
During this stage, Migration Wizard is restoring the file trustees and
updating the Volume objects in the tree.
7 View the error and success logs, and then click Done to close the current
project.
Continue with the next section, "Perform Post-Migration Tasks."

103-000161-001
August 29, 2001
Novell Confidential
31
Manual
Rev 99a
38
July 17, 2001

1 Run DSREPAIR on the destination server and select Unattended Full
Repair.
2 Make sure that user information migrated successfully.
3 Reinstall any applications that have files or NLM programs associated
with the following volume SYS: directories: SYSTEM, PUBLIC, MAIL,

ETC, and NETBASIC.
IMPORTANT: Because the source servers identity will replace the destination
server, all NDS objects on the destination server, including those representing
applications, are removed and replaced by the NDS objects that exist on the
source server. However, the NLM programs associated with the destination
servers applications will still exist. Because you cannot manage applications
without their corresponding NDS objects, you must reinstall the applications to
restore their NDS objects to the NDS tree.
If your destination server was running NetWare 5.1, you might see warnings on
your server referring to SMS, LDAP, Novell Certificate Server, or NetWare
Management Portal. Just ignore the warnings and reinstall the products after NDS
has been migrated.
To reinstall these network products and services, go to the NetWare

Deployment Manager utility (NWDEPLOY.EXE) located on the
NetWare Operating System CD, or go to the GUI interface and click the
Novell icon on the servertop.
4 Install the latest NetWare Support Pack.
This will ensure that you get the latest code for the applications that you
are reinstalling. The latest Support Packs are available at the Novell
Support Web site (http://www.support.novell.com/misc/patlst.htm).
5 Run DSREPAIR > Time Synchronization to verify that your source server
is synchronized with the rest of your servers.
32

103-000161-001
August 29, 2001
Novell Confidential
Manual
Rev 99a
38
July 17, 2001

Novell NetWare Migration Wizard 6 automates key tasks, such as
migrating users and their file permissions, assigning passwords, and migrating
the NT file system to a designated NDS tree. This automation eliminates the
need to choose from various utilities that would help you perform these tasks
individually.
Windows NT 3.51/4
Server
NetWare
Server
Data
File System
and
NT Objects
NetWare
Migration
Wizard
Windows NT 4.0 Workstation,

Windows NT 2000 Workstation,
or Windows NT 4.0 Server
Although many tasks are automated in Migration Wizard, you should consider
the following issues before you get started.
First, you should plan your migration by answering the following questions:
Which NT users are accessing which NT files and directories, and where
are those files and directories located?

103-000161-001
August 29, 2001
Novell Confidential
33
Manual
Rev 99a
38
July 17, 2001
This information will help you decide which NT servers to migrate first
and how many servers you will need to migrate at one time. When you
migrate your users and groups, you will want to migrate all files and
directories that they have access to at the same time that you migrate their
User objects.
Which NetWare servers and volumes are you going to migrate your NT
folders to?
You should plan which servers and volumes in your destination NDS tree
will receive each of your NT folders. You can select a separate location
for each NT folder, if desired. In order to plan effectively, you will need
to become familiar with the file structure on the NetWare servers in your
Which NT users and groups are you going to migrate? Which NDS
containers on the destination NDS tree are you going to migrate them
into?
Decide which NT user and groups you are going to migrate, and then
determine whether you will need to create separate containers for your
NT users and groups in the destination NDS tree. When you model your
migration in the Project Window, you can create any additional NDS
containers you might need by right-clicking an NDS Organizational Unit.
Do any existing NDS User objects represent the same person in your NT
domain?
Determine whether any of your NT users already have an NDS account.
During the migration you will be asked if you want to search the NDS tree
for duplicate usernames. When Migration Wizard finds identical
usernames, it will display these in a table where you can choose to merge
the listed NT user with a NDS User object.
What will you do with any applications that do not run on NetWare?
Migration Wizard does not migrate applications. After the migration, you
will have to reinstall your applications. If you have some applications that
do not run on NetWare, you can keep an NT server intact and use it as an
application server.
How do you want to migrate information about your users and groups?
Do you want to use a Template object, ZENworksTM User Policy
Packages, or both?
For information, see Creating a Template Object on page 36 and
Creating ZENworks User Policy Packages on page 37.
34

103-000161-001
August 29, 2001
Novell Confidential
Manual
Rev 99a
38
July 17, 2001
Do you have any trusted domains?

If so, you must reassign any trusted domain permissions to the
appropriate NT user and groups after the migration is complete. Use
ConsoleOneTM to reassign all lost trusted domain permissions.
Once you have planned your migration, youre ready to begin your NT
migration. Complete the following tasks in the order they are listed.
2. Perform Prerequisite Tasks on page 36
3. Run Migration Wizard on page 39
4. Model Your Migration Project on page 42
5. Verify Your Migration Project on page 45
6. Migrate Users and Data to the Destination NDS Tree on page 46

You can run Migration Wizard either from the Windows NT 4 server that you
are migrating data from or from a Windows NT 4 or Windows 2000
workstation. However, the migration is faster if you run Migration Wizard
from the server rather than from the workstation because the files are copied
directly from server-to-server rather than via the client workstation.
Make sure you have the following NT permissions:
Write/Modify permission to the NT Domain and the Registry of the PDC
Read permission to all folders and files you are migrating
Log in to the NT domain with a user that has administrative rights to the
NetWare destination server
Make sure you have the Supervisor right to the NetWare destination server.
The following table lists the hardware and software requirements for the
workstation or server that you are using to run Migration Wizard.

103-000161-001
August 29, 2001
Novell Confidential
35
Manual
Rev 99a
38
July 17, 2001
Platform
Hardware
Software
Windows NT 4 and
Windows NT 2000
workstations
Minimum hardware
requirements of Windows
NT 4 and 2000
workstations
Novell ClientTM for

Windows NT 4 and 2000
version 4.8 or later
Minimum hardware
requirements of Windows
NT 4
Novell Client for

Windows NT version 4.8
or later
Windows NT 4 server
Microsoft* Service Pack

6 or later
Microsoft Service Pack 6

or later
To check the Microsoft Service Pack version, click Start > Run, type winver
in the text field, and then click OK. To download and install Microsoft Service
Packs, see the ZDNet Web site (http://updates.zdnet.com/products/
pr_13616.htm).
To check your current Novell Client version, right-click the N icon on your
workstation and click Novell Client Properties > Client. To download the
Novell Client, see the Novell Download Web site (http://www.novell.com/
download).
Continue with the next section, "Perform Prerequisite Tasks."
Perform Prerequisite Tasks

Creating a Template Object
The first prerequisite task is to determine whether you want to use a Template
object to migrate your NT users to the destination NDS tree.
A Template object is used to define additional NDS User attributes for NT
users during the migration. Template objects are especially useful for defining
additional attributes that are not found in the Windows NT domains. We
recommend that you use a Template object because it is an organized way to
migrate your NT users to the NDS tree and manage them once they are there.
IMPORTANT: In order to migrate home directories, you must use a Template
object.
36

103-000161-001
August 29, 2001
Novell Confidential
Manual
Rev 99a
38
July 17, 2001
If there is a conflict between the properties of a Template object and an NT

policy, the properties of the Template object will, in most cases, take priority.
For example, if a minimum password length of seven characters is specified
for user Jeff in an NT policy and a minimum password length of nine
characters is specified in the Template object, then when Jeffs object is
migrated, the object will be created in NDS with a password length of nine
characters.
If you want to know what additional NDS attributes can be defined in a
Template object, run ConsoleOne and double-click a Template object to view
all of the existing properties.
The last name, full name, and description of every NT object is always
migrated and these corresponding properties from the Template object are
overwritten.
If you decide to use a Template object, you can create one in ConsoleOneTM
by clicking File > New > Object > Template.
Creating ZENworks User Policy Packages

The next prerequisite task is to decide whether to use ZENworksTM User
Policy Packages.
ZENworks User Policy Packages help control the appearance and
functionality of a users desktop. Migration Wizard associates ZENworks
User Policy Packages only with groups.
If you decide to use ZENworks, you can determine the appearance of all
workstations belonging to the users associated with a particular NDS group.
When you associate a ZENworks User Policy Package with an NDS group,
the properties you apply in the policy package allow you to control
workstation attributes by setting a certain workstation backdrop, restricting
rights to the control panel, and modifying the workstations sound and color
scheme for users within that group.
NOTE: Migration Wizard does not migrate Microsoft NT 3.51 roaming profiles.
If you want to use ZENworks, install ZENworks Full 2.0 in your destination
NDS tree. ZENworks Full 2.0 can be installed from the NetWare 5.0 or 5.1
product CD. ZENworks 3.0 is not supported.

103-000161-001
August 29, 2001
Novell Confidential
37
Manual
Rev 99a
38
July 17, 2001
To create ZENworks User Policy Packages in ConsoleOne, do the following:

1 In NetWare Administrator, right-click an NDS Organizational Unit in the
tree view and then click Create > Policy Package.

The type of workstation you have in your NT network (Windows NT/
2000, Windows 95/98, or both) will determine whether you want to create
WINNT-2000 user policy packages, WIN 95-98 policy packages, or both.
2 In ConsoleOne, click the user policy package icon in the toolbar. If you
dont know which icon it is, mouseover the icons to see a short
description.
For more information about installing and using ZENworks, see the Novell
Product Documentation Web site (http://www.novell.com/documentation).
Registering the Workstation

If you are running Migration Wizard from a workstation, make sure that the
workstation is registered within the domain that you want to migrate. If it is
registered properly, continue with Run Migration Wizard on page 39.
If you want to change the domain that your workstation is registered in,
complete the following instructions for Windows NT or Windows 2000.
IMPORTANT: Migration Wizard does not run on a Windows 95 workstation.
Windows NT Workstations
1 At the workstation, right-click Network Neighborhood and then click
Properties.
2 Click the Identification tab and then click Change > Domain.
3 Specify the appropriate domain, enter your Administrator name and
password, and then click OK.

4 Reboot the workstation and launch Migration Wizard again; then
continue with the next section, "Run Migration Wizard."

Windows 2000 Workstations
1 At the workstation, right-click My Network Places, and then click
Properties.
2 Click the Network Identification link.
38

103-000161-001
August 29, 2001
Novell Confidential
Manual
Rev 99a
38
July 17, 2001
3 Click Properties and enter the computer name and appropriate domain,
and then click OK.

4 Reboot the workstation and launch Migration Wizard again; then
continue with the next section, "Run Migration Wizard."
Run Migration Wizard

1 Download and install Migration Wizard from Novell Software
Downloads (http://www.novell.com/download) > NetWare > NetWare

Migration Wizard 6 or from the NetWare 6 Operating System CD. Follow
the download and installation instructions.
2 Launch Migration Wizard from the Start menu by clicking Programs >
Novell > NetWare Migration Wizard > NetWare Migration Wizard.

4 Click Microsoft Windows NT 3.51/4 Server > OK.
6 Make sure you have completed the system and software requirements in
Meet System and Software Requirements on page 35 of the online

documentation. Then close your browser.
7 Click Next.
8 Verify that the NT domain that appears in the grayed-out text field is the
domain that you want to migrate.

Migration Wizard automatically displays the NT domain that your
workstation or server is a member of.
If you are running Migration Wizard from a workstation, you can change
the domain that it is registered in. To do this, exit Migration Wizard and
follow the instructions in Registering the Workstation on page 38.
9 Name your migration project, choose a place to save it, and then click
Next.
By default, Migration Wizard saves your project in C:\Program
10 Select your destination NDS tree from the drop-down list and then click
Next.

103-000161-001
August 29, 2001
Novell Confidential
39
Manual
Rev 99a
38
July 17, 2001
The destination NDS tree is the NDS tree that you want to migrate your
NT data to.
If you are not logged in to your NDS tree, the NDS tree name will not
appear in the drop-down list. If this is the case, click the Browse button to
log in to your NDS tree. Once you are logged in, the NDS tree name
automatically appears in the drop-down list.
11 Decide whether you want Migration Wizard to find any User objects in
your NT domain and in the destination NDS tree that have the same name,
and then click Yes or No.
12 Click Create to create and save your migration project.
When a project is created and saved, Migration Wizard creates a file that
contains the success and error logs of your project; these logs contain the
details of what took place during the migration.
13 (Conditional) If you clicked Yes in Step 11, continue with Step 13a. If you
clicked No, skip the rest of the steps in this procedure and go to Model
Your Migration Project on page 42.
13a Click the Browse button to select an NDS container on the

13b Browse the tree and select an NDS container, and then click OK.
13c Click Next to begin searching for duplicate usernames.
13d Decide what you want to do with NT users that have the same name
as NDS users.
The following screen is an example of the username table in
Migration Wizard. Carefully review this screen. If you do not make
any changes, Migration Wizard will automatically merge the
displayed NDS user with the adjacent NT user.
40

103-000161-001
August 29, 2001
Novell Confidential
Manual
Figure 3
Rev 99a
38
July 17, 2001
Merging Your NT Users with Duplicate NDS Users
You have the following options for each listed NT user:
Merge the NT user with the displayed NDS user. Simply leave
that user as it is displayed in the table and continue with the next
listed NT user.
Merge an NT user with a different NDS user. Click the arrow by

the NDS username to view a drop-down list containing all the
NDS users that have the same username (including contexts) as
the adjacent NT user. Select one of the NDS names and continue
with the next listed NT user.
Do not merge the NT user with any of the matching NDS users.
Right-click the NDS user and click Dont Merge. Select this
option if you know that none of the listed NDS users represents
the same person as the adjacent NT user.
13e Once you have made a decision for each listed NT user, click Finish.
The Project Window will now appear and the NT users that you
chose to merge with NDS User objects appear automatically as
dropped objects in the destination NDS tree.
Continue with the next section, "Model Your Migration Project."

103-000161-001
August 29, 2001
Novell Confidential
41
Manual
Rev 99a
38
July 17, 2001
Model Your Migration Project

Most of your work will be done in the Project Window, where you can drag
and drop NT User and Group objects into NDS containers, and NT folders and
volumes into any volume or folder in the destination NDS tree.
The Project Window is a place to model different migration scenarios before
you begin the actual migration without affecting your NT domain or your
destination NDS tree. All of the planning in the Project Window is done offline, meaning that items moved and created in the Project Window are not
actually moved or created until you begin the migration.
HINT: For information on shared NT folders that end with a dollar sign ($), click
anywhere on your Windows desktop, press F1, click the Index tab, and then enter
$shares in the keyword text field.
The Project Window and the Using the Project Window dialog box appear
once you have created the migration project.
The following figure is an example of the Using the Project Window dialog
box that appears on top of the Project Window.
Figure 4
Using the Project Window Dialog Box
The three basic steps outlined in this dialog box should be performed for each
migration project. Once you are familiar with the tasks that you will be
42

103-000161-001
August 29, 2001
Novell Confidential
Manual
Rev 99a
38
July 17, 2001
performing, click Close to access the Project Window and begin modeling
your migration project.
Using the Project Window
Review the following tips to help you organize your migration project and use
the Project Window more effectively.
Creating a New NDS Organizational Unit or FolderTo create a new
NDS Organizational Unit (OU), right-click the parent NDS
Organizational Unit or folder and then click New Organizational Unit or
New Folder. The following figure is an example of this task in the Project
Window.
Figure 5
Right-clicking Organizational Units in the Project Window
You can create new NDS OUs in the NDS tree and then migrate your NT
information to those OUs. This keeps the NT information organized and
in one place in the NDS tree. You can also choose to migrate the NT data
to existing OUs; just remember that you can always create a new OU in
the NDS tree if you need to.
If you add new containers or names to the destination tree, the names you
choose must adhere to the following NDS naming conventions:
Names must be unique. For example, Debra Jones and Daniel Jones
cannot both be named DJONES if they are in the same container.
The following special characters are allowed only if they are
preceded by a backslash (\): plus sign (+), equal sign (=), and period
(.).

103-000161-001
August 29, 2001
Novell Confidential
43
Manual
Rev 99a
38
July 17, 2001
Uppercase and lowercase letters, underscores, and spaces are not

acknowledged by NDS. For example, Manager_Profile and
MANAGER PROFILE are considered identical names in NDS.
Setting the ContextTo set the context, right-click an NDS
Organizational Unit and then click Set Context.
When you set the context, you can designate what part of the NDS tree
will appear in the right side of the Project Window. This is useful if you
have a large NDS tree with many objects.
Setting the context at a specific container will eliminate the need to scroll
down or collapse objects in your NDS tree. Once the context is set, this
container will appear as the top object in the right side of the Project
Window.
Viewing a Description of the Objects in the Project WindowTo see
a short description of what an icon represents in the Project Window,
right-click an NDS object and then click Whats This?
Backing Out a Dropped ObjectTo return a dropped object to its
original position, right-click a dropped NT object in the NT domain or the
destination NDS tree and then click Back Out Dropped Object.
The following screen is an example of how a dropped object appears in
the NDS tree, along with the right-click menu.
Figure 6
44
Right-clicking Objects in the Project Window

103-000161-001
August 29, 2001
Novell Confidential
Manual
Rev 99a
38
July 17, 2001
Finding Out Where a Dropped NT Object Came FromTo find out

where a dropped object was located in the NT domain, right-click an NT
object and then click Where Did It Come From? When dragging and
dropping a large number of objects, this will help you remember where a
dropped object was previously located in the NT domain.
Once you feel comfortable with where you have dropped your NT folders,
users, and groups in the NDS tree, verify your migration project to resolve any
potential problems before migrating your NT data.
Continue with the next section, "Verify Your Migration Project."
Verify Your Migration Project

Once you have modeled your migration in the Project Window, you should
verify that the proposed locations for these new objects do not conflict with
existing names, rights, name spaces, etc., in the NDS tree.
Remember, dragged-and-dropped items appearing in the NDS tree are merely
assigned to be copied to that area in the NDS tree. Objects will not actually be
copied until you begin the migration process.
Because a similar verification process is run when you begin the actual NT
migration, running the standalone verification process prior to migration is not
mandatory; however, catching any critical errors or warnings now will speed
up the verification process during the migration.
You must resolve all critical errors before you begin to actually migrate your
migration project. Warnings can be resolved after the migration.
1 From the Migration Wizard toolbar, click Project > Verify Project, or
click the Verification button on the toolbar and then click Next.
2 Follow the procedure in the next section, "Migrate Users and Data to the
Destination NDS Tree," starting with Step 2.

103-000161-001
August 29, 2001
Novell Confidential
45
Manual
Rev 99a
38
July 17, 2001
Migrate Users and Data to the Destination NDS Tree

Although you have selected the volumes and containers where the NT data
will be copied, no data has yet been migrated. When migrated, NT User
objects are converted to NDS objects and placed in the destination NDS tree.
To begin the migration, do the following:
1 From the Migration Wizard toolbar, click Project > Verify and Migrate
Project.
2 Read the Welcome screen and then click Next.
3 If you want to apply a Template object to newly created NDS users,
browse the tree, select the Template object from the tree view and then
click Next.
If you do not want to use a Template object, uncheck the check box and
click Next.
IMPORTANT: To migrate home directories, you must use a Template object when
migrating your NT users to the destination NDS tree. Make sure a Home Directory
property is defined for the Template object you are using.
HINT: If you have not created a Template object but you want to use one now,
save the project, go to ConsoleOneTM, and create the Template object. Next, run
Migration Wizard again and click Open Last Project. Then restart this migration
procedure again starting with Step 1.
4 (Conditional) If ZENworks is installed, complete the following steps:

4a Browse the destination NDS tree and select any of the ZENworks
User Policy Packages that you want to associate with your NT

groups, and then click Next.
4b Select a ZENworks User Policy Package from the drop-down list,
and then select the NT groups that you want to associate with each
ZENworks User Policy Package. Click the right-arrow to move the
associated groups to the Associate NT Groups window, and then
click Next.
HINT: If you selected both WINNT-2000 and WIN 95-98 policy packages in
the previous dialog box, you will first see a dialog box dealing only with your
WINNT-2000 policy packages, followed by another dialog box dealing only
with your WIN 95-98 policy packages. If you selected only one type of policy
package, you will see only one dialog box.
The drop-down list contains all the ZENworks User Policy Packages
that you selected in the previous step. You can associate as many NT
groups as you want with each policy package.
46

103-000161-001
August 29, 2001
Novell Confidential
Manual
Rev 99a
38
July 17, 2001
4c Review the NT groups that you chose to associate with specific
ZENworks User Policy Packages, and then click Next.

If you want to change an association, click Back and follow the
instructions in Step 4b.
HINT: This screen will not appear if you are using ZENworks 3.0.
Microsoft NT domain and the destination NDS tree. Select one of the
following and then click Next:
6 Decide how you want to handle passwords for your NT users. Select one
of the following and then click Next:
Assign the Same Password to All UsersMigration Wizard will

assign the same password to all migrated users.
Assign a Randomly Generated Password to All UsersMigration

Wizard will randomly generate passwords, assign them, and then
store the passwords it assigns in a file that it creates, named
project_name_OUT.TXT. This file is saved in the same directory
where your migration project is located.
Read Passwords from a FileMigration Wizard will migrate the

current NT passwords to the destination NDS tree by reading them
from a text file. You must create the text file containing the NT
passwords before you begin the migration.
For more information on how to create this file, click the Help
button.
7 Set NT migration options by checking or unchecking the check boxes
next to the following options and then click Next:
Migrate File PermissionsNormally, Migration Wizard migrates

file and directory permissions. If, for some reason, you want to
reassign file and directory permissions, you can choose to not copy
the file and directory permissions here and then assign them later
with ConsoleOne.
Migrate Everyone PermissionsThe NDS container that you drop

the NT Domain Info object into will be assigned the permissions that
were associated with group Everyone. If you are migrating the

103-000161-001
August 29, 2001
Novell Confidential
47
Manual
Rev 99a
38
July 17, 2001
Everyone permissions, be sure to drop the NT Domain Info object

high enough in the NDS tree so that all NT users will inherit those
permissions.
HINT: Every new folder that is created in the NT domain automatically
receives the Everyone permissions by default.
Restart OptionNormally, this information is not erased; however,

if you have previously run a migration and deleted the NDS objects
from the destination tree, and you are planning to start over and
migrate the same domain again, check this check box.
When you migrate users and groups from NT, Migration Wizard
stores a table of NT names and associated NDS usernames in the
registry of the Primary Domain Controller (PDC). Migration Wizard
then uses this information when migrating the file system so that it
can remember where each user and group has been migrated to in the
destination NDS tree. By storing this information, Migration Wizard
can assign the correct file permissions to the appropriate users.
8 (Conditional) If you are running the standalone verification process, you
will now be asked if you want to check for rights and volume size on the
destination server. Check Yes if you want to check these things now, and
then click Next.
Since this process is quite time-consuming, you might not want to do this
every time you verify your migration project. But it is very useful if you
want to verify that you have enough space on the destination volume to
accommodate your NT file system.
Migration Wizard will also scan the contents of all dropped folders and
verify that you have sufficient rights to migrate them.
NOTE: NT can filter supervisory privileges. If you have all rights at the root of a
directory structure, this does not guarantee that you have these rights throughout
the directory structure.
9 In the Verify NT to NetWare Project window, click Next to begin the
verification.
10 If prompted, resolve any naming conflicts between different-type objects,

You can choose to merge different-type objects or to keep them as they
are.
11 If prompted, resolve any naming conflicts between same-type objects,

You can choose to merge same-type objects or to keep them as they are.
48

103-000161-001
August 29, 2001
Novell Confidential
Manual
Rev 99a
38
July 17, 2001
12 If prompted, verify that you do not want to migrate the listed NT users and
groups, and then click Next.

This procedure must be done three timesonce for all your NT local
groups, NT global groups, and NT users that were not dragged and
dropped into the destination NDS tree. If you migrated all of your users
and groups, you will not see this dialog box.
If you have made a mistake, click Cancel. This will return you to the
Project Window. Drag and drop the objects, go to the toolbar, click
Project > Start Migration, and then restart this procedure with Step 1 on
page 46.
13 Resolve any critical errors.
Warnings or noncritical errors, can be resolved after the migration. To

resolve a critical error or warning, read the description in the text field
located beneath it. This description should give you a good idea of what
could be the possible cause and a suggestion for fixing it.
If you are actually migrating at this point, click Proceed to start the
actual migration.
If you are only running the standalone verification process at this

point, click Finish and then follow the instructions in Migrate Users
and Data to the Destination NDS Tree on page 46 to begin the actual
migration.
15 (Migration only) View the Error and Success Logs.
Continue with the next section, Perform Post-Migration Tasks.

103-000161-001
August 29, 2001
Novell Confidential
49
Manual
Rev 99a
38
July 17, 2001

After youve migrated your NT data to the destination NDS tree, complete the
following tasks:
Install the latest Novell Client software on any workstations that it was
not previously installed on.
You can download the client from the Novell Software Download Web
site (http://www.novell.com/download). For instructions on installing the
Novell Client on multiple workstations at the same time, see the Novell
Client Documentation at (http://www.novell.com/documentation).
Use ConsoleOne to make sure that your NT users and groups have been
migrated to the correct place in the destination NDS tree and have the
correct file and shared permissions.
HINT: If you end up with more or fewer permissions than you planned for, enter
CACLS/? at the DOS prompt and follow the on-screen instructions. Permissions
are sometimes hidden in Microsoft utilities; therefore, running this command at the
DOS prompt lets you see all of the permissions associated with your NT objects,
even the hidden ones.
At the destination NetWare server, use ConsoleOne to view the volume

that you migrated your data to and verify that it was done correctly.
Set up your printer mappings in NDPS. For instructions, go to the online
documentation (http://www.novell.com/documentation) of the operating
system that you are running on the destination server and click Print
Services > Novell Distributed Print Services.
Check the migrated users home directories to make sure that they were
migrated the way you expected them to be.
Distribute the new NDS passwords to all of your users. The passwords are
located in a password file that Migration Wizard created for you named
project_name_OUT.TXT. This file is located in the same directory where
you saved your migration project.
50

103-000161-001
August 29, 2001
Novell Confidential
Manual
Rev 99a
38
July 17, 2001
Troubleshooting
Refer to the appropriate section if you are having trouble with any of the
following:
General Connection Problems (page 51)
Workstation-to-Server Connections (page 52)
Server-to-Server Connections (page 53)
File Copy (page 53)
SMDR Errors (page 54)
Restoring Trustees (page 54)
NUWAGENT.NLM (page 55)
NICI Errors (page 55)
NDS Migration (page 56)
General Connection Problems

To eliminate unneccessary connection problems, make sure that
The source and destination servers have enough available server and
workstation licenses to do the migration.
The NDS user that you are using to do the migration has no concurrent
connection limitations. To check this, do the following:
Run ConsoleOneTM on the workstation.
Edit the properties of the NDS User object.
Click the Login Restrictions tab.
Uncheck the Limit Concurrent Connections check box.
Troubleshooting

103-000161-001
August 29, 2001
Novell Confidential
51
Manual
Rev 99a
38
July 17, 2001
The NDS user that you are using to do the migration has the Supervisor
right to the source servers NDS object. Use ConsoleOneTM to verify that
the NDS object of the NDS user is listed in the source servers Operators
list.
Workstation-to-Server Connections
If you have problems establishing or maintaining connections between your
servers and workstations, try one or more of these troublshooting suggestions:
Reboot the client workstation to clear the cache in the Novell ClientTM.
Map a drive to the server instead of logging in. This is especially useful
when connecting with the IPXTM protocol.
Search for the server by its IP or IPX address instead of its name. Enter
the IP or IPX address in the Server field of the Novell Login dialog box.
Try connecting to the server and not the NDS tree by entering only the
name of the server and leaving the tree name and context blank.
Clear all unauthenticated connections. To do this, right-click the N icon
and click NeWare Connections. Detach from all servers and trees that you
are not authenticated to, and then try logging in again.
Make sure your Preferred NetWork Protocol is set correctly by doing the
following:
Right-click the N icon.
Click Novell Client Properties > Protocol Preferences.
Select the desired preferred network protocol and click OK.
Reboot the workstation.
Unbind the protocol you are not using from the destination server. For
example, if you are using IPX for the migration, but IP is bound on the
destination server, unbind the IP protocol on the destination server during
the migration.
52

103-000161-001
August 29, 2001
Novell Confidential
Manual
Rev 99a
38
July 17, 2001
Server-to-Server Connections
If you have problems establishing or maintaining connections between your
servers, try one or more of these troublshooting suggestions:
Do not remove the source or destination server from the NDS tree. The
servers must be able to communicate with the other servers in the tree
during the migration.
Make sure the destination and source servers can communicate with each
other.
For IPX connections, enter DISPLAY SERVERS at the server console.
For IP connections, enter PING at the server console.
If you are using IPX, make sure the frame type and the IPX network
number/server ID are consistent between the source and destination
servers. For IP connections, verify that you have corresponding
addressing, subnet mask, and gateway information.
Reboot the destination server.
File Copy
There are a few common troubleshooting procedures you can try if you are
having problems during the file copy:
Enable login on both the destination and source servers. If you have
disabled login before you started the file copy, the servers cant log in to
each other in order to migrate the files.
NOTE: If you have selected to do so, Migration Wizard disables login for you
during the migration.
If files are copying very slowly, make sure that the servers and
workstation are configured at the lowest common LAN speed. Verify that
the NICs and anything in between are all hard coded to either
communicate half-duplex or full-duplex; they need to be the same
throughout. If there are problems with full-duplex, use half-duplex.
If compressed files are migrated to uncompressed volumes, file copy
might be slower.
Troubleshooting

103-000161-001
August 29, 2001
Novell Confidential
53
Manual
Rev 99a
38
July 17, 2001
SMDR Errors
Sometimes the SMDR.NLM program that is running on the destination server
cant make a connection to the source server. To correct this problem, try one
or more of the following:
Reboot the source server.
Unbind the protocol you are not using from the destination server. For
example, if you are using IPX for the migration, but IP is bound on the
destination server, unbind the IP protocol on the destination server during
the migration.
If Migration Wizard cant load the appropriate TSA.NLM on your
destination server, manually load it from the destination server console
and following the onscreen instructions. Or, enter SMDR NEW at the
server console to re-create the SMDR object.
Load SMDR.NLM at the destination server console and then enter SMDR
NEW at the destination server console to solve SMSTM problems.
Make sure the latest NLMTM programs are loaded.
Migration Wizard automatically copies the required NLMs to the source
and destination servers. To verify that you have the latest NLMs loaded,
check the files in the NetWare Migration Wizard\Products\NW3x
directory. You might have to load TSA312 manually.
Check your primary connections. Right-click the N icon in the system
tray and click NetWare Connections. Make sure the destination tree and
server are marked as "primary."
If you are migrating from NetWare 3, make sure the bindery context is set
on the destination server. If you are migrating to NetWare 6, enter set
bindery context = o=[context] on the destination server
console.
Restoring Trustees
If the trustees fail to restore and you get a 0xfffffffb error, this means that
you did not modify your IP address in all the necessary places. For more
information, see Edit Configuration Files on page 28.
If you need to restore trustees, in the Migration Wizard, you can click the
Finish NDS Migration button or select Restore Trustees from the toolbar.
54

103-000161-001
August 29, 2001
Novell Confidential
Manual
Rev 99a
38
July 17, 2001
NUWAGENT.NLM
NUWAGENT.NLM is the NLM program that the Migration Wizard uses to do
much of its work. If you get errors that the NUWAGENT.NLM wont load, try
the following:
Manually load NUWAGENT.NLM from the server console.
Enter SMDR NEW at the destination server console. This re-creates the
SMDR configuration and allows NUWAGENT.NLM to load.
NICI Errors
If you are gettting NICI errors when NDS is trying to load or when you are
copying the NICI files in the Migration Wizard, this might mean that your
NICI files are corrupt. To correct the problem, follow these steps on the server
that is getting NICI errors:
1 Copy the *.NFK file from servers license diskette to the servers
SYS:SYTEM directory.
2 Rename the *.NFK file that you just copied to NICIFK (this has no
extension).
3 Go to the Novell Support Web site (http://support.novell.com/filefinder)
and download NREPAIR3.EXE.

4 Extract NREPAIR3.EXE and locate NREPAIR.NLM.
5 Run NREPAIR.NLM on the server, clicking Yes at all the prompts.
6 Reboot the server.
7 Load PKI.NLM on the server and verify that you are no longer getting
NICI errors.
If you still see NICI errors, go to the Novell Support Home Page (http://
www.support.novell.com/search/kb_index.jsp) and search for TID
10025666.
Troubleshooting

103-000161-001
August 29, 2001
Novell Confidential
55
Manual
Rev 99a
38
July 17, 2001
NDS Migration
If the migration fails during the NDS Migration step, you need to restore the
source and destination servers to their original configuration before you can
retry the NDS migration. The instructions for restoring the servers to their
original configurations are different depending on when the migration of data
failed.
If Begin NDS Migration, button 3, failed and the destination server did not
reboot and take on the name and identity of the source server, complete the
steps in Restore Source Server to Its Original Configuration on page 56.
If Begin NDS Migration, button 3, successfully completed and the destination
server has already rebooted and taken on the name and identity of the source
server, complete the steps in the following sections:
1. Remove NDS from the Destination Server on page 57
2. Remove NDS from the Source Server on page 58
3. Restore NDS to the Source Server on page 59
4. Reinstall the Destination Server on page 60
Restore Source Server to Its Original Configuration

If Begin NDS Migration, button 3, failed and the destination server did not
reboot and take on the name and identity of the source server, you need only
restore NDS to the source server. Once NDS has been restored, you have
restored the source server to its original configuration and you are ready to try
the NDS migration again.
1 Enter one of the following at the server console of the source server:
If your source server is running NetWare 4, enter LOAD INSTALL.
If your source server is running NetWare 5 or later, enter

NWCONFIG.
2 Select Directory Options > Directory Backup and Restore > Restore
Local DS Information after Hardware Upgrade.

3 Press F3 and enter SYS:SYSTEM\NUW30\NDSBU when promted for
the location of the backup files.

NDS has now been restored to the source server.
IMPORTANT: Do not reboot the destination server. Since the destination server
did not take over the identity of the source server, no other action is required prior
to performing the NDS migration again.
56

103-000161-001
August 29, 2001
Novell Confidential
Manual
Rev 99a
38
July 17, 2001
4 To perform the NDS migration again, launch Migration Wizard and open
the project you were previously working on. When the project opens and
you see the Project Window, click the Begin NDS Migration button and
follow the instructions in Begin NDS Migration on page 29.
Remove NDS from the Destination Server

If Begin NDS Migration, button 3, successfully completed and the destination
server has already rebooted and taken on the name and identity of the source
server, you must remove NDS from the destination server before you can
restore NDS to the source server.
1 At the destination server console, enter NWCONFIG.
2 Select Directory Options > Remove Directory Services from This Server.
3 Press Enter when you see a warning instructing you to not remove
Directory Services.
Ignore any other errors during the removal of NDS.
4 Select Yes to Remove Directory Services.
5 Enter the Admin username and password.
6 Press Enter to reference a different object.
This object is used when NDS is restored back to the source server.
WARNING: Do not press Esc. If you do, the server references you entered will not
be saved or restored to the server.
7 Enter the full Admin username as the placeholder object distinguished
name.
8 Enter [Root] as the distinguished name to change from.
9 If the information about single reference time source appears, review the
information and press Enter.

10 If your server holds the Master copy of a replica, you will see a warning.
Press Enter.
11 Designate another server to hold the Master replica. You can choose to let
NWCONFIG randomly select another server, or you can designate one

yourself.
12 Return to the NWCONFIG utility and verify that NDS has been removed
by selecting Remove Directory Services from This Server.
Troubleshooting

103-000161-001
August 29, 2001
Novell Confidential
57
Manual
Rev 99a
38
July 17, 2001
If the message appears saying that NDS has already been removed, bring
the destination server down and continue with the next section, "Remove
NDS from the Source Server."
If NDS was not successfully removed, exit NWCONFIG and enter
NWCONFIG -DSREMOVE at the destination server console.Then follow
this procedure again, beginning with Step 2.
Remove NDS from the Source Server

Once NDS has been removed from the destination server, remove NDS from
the source server.
1 Restart the source server by entering Server at the DOS command
prompt.
2 Enter LOAD INSTALL -DSREMOVE.
This command will instruct INSTALL or NWCONFIG to ignore any

warnings or errors during the removal of NDS.
If your source server is running NetWare 4, enter LOAD INSTALL DSREMOVE.
If your source server is running NetWare 5 or later, enter NWCONFIG DSREMOVE.
3 Select Directory Options > Remove Directory Services from This Server.
4 Press Enter to skip past any warning screens.
5 Select Yes to remove NDS.
6 Press Enter to skip the error message warning you that NDS is locked.
Ignore, but keep track of, any additional NDS error messages that appear.
7 When the INSTALL or NWCONFIG menu appears again, select Remove
Directory Services again.

If a message indicates that NDS is already removed, continue with the next
section, "Restore NDS to the Source Server."
If NDS was not properly removed, contact Novell Technical Support at 1-800858-4000.
58

103-000161-001
August 29, 2001
Novell Confidential
Manual
Rev 99a
38
July 17, 2001
Restore NDS to the Source Server

By removing NDS from the source server, you removed the server from any
replica rings that held a partition of the source server. Now you must complete
the following procedure to restore NDS to the source server.
1 Enter one of the following at the server console:
If your source server was running NetWare 4, enter LOAD

INSTALL.
If your source server was running NetWare 5 or later, enter LOAD

NWCONFIG.
2 Select Directory Services > Install Directory Services onto This Server.
3 Select the NDS tree where the source server existed prior to migration.
4 Select a time zone and time configuration parameters.
Ignore any warnings or errors that appear during the restoration of NDS,
but make a note of the errors before pressing ESC.
5 Enter the Admin name and password.
6 Enter the context where the source server existed prior to migration and
press F10.
7 Save the NDS (Directory) information.
8 Wait while the server synchronizes with the NDS tree, which might take
a while.
9 Return to the INSTALL or NWCONFIG utility and select Directory
Options > Select Directory Back Up and Restore > Restore Local DS
Information after Hardware Upgrade > Restore Reference from another
Object to This Server.
This will restore all references to the Server object that you assigned
when you removed NDS from the destination server.
10 Press Enter.
11 Enter the full Admin username as the placeholder object distinguished
name, and then enter [Root] as the distinguished name to change from.
12 Exit the NWCONFIG or INSTALL utility.
13 At the server console of the source server, enter LOAD DSREPAIR.
14 Select Unattended Full Repair > Advanced Options > Check Volume
Objects and Trustees.
Troubleshooting

103-000161-001
August 29, 2001
Novell Confidential
59
Manual
Rev 99a
38
July 17, 2001
15 Enter the Admin username and password.

16 Exit DSREPAIR.
17 At the workstation where you performed the migration, open your
project.
18 From the Migration Wizard Tools menu, click Restore Trustees to restore
the trustee assignments.

19 If the source server held the master replica of any partitions and you want
to restore these partitions prior to doing the NDS migration again, use
DSREPAIR to re-create them.
The source server is now restored to its original configuration.
Continue with the next section, "Reinstall the Destination Server."
Reinstall the Destination Server

To perform the migration again, you must reinstall the operating system on the
destination server.
HINT: If you had your server imaged, you can just restore the image rather than
reinstall.
1 Bring down the destination server.

2 Install NetWare and follow the on-screen instructions during the
installation.
After NetWare is installed on the destination server, you are ready to perform
the NDS migration again. Go to Begin NDS Migration on page 29.
60

103-000161-001
August 29, 2001
Novell Confidential
Novell
Client for Windows

www.novell.com
I N S TA L L AT I O N A N D A D M I N I S T R AT I O N G U I D E
December 7, 2001
Novell Confidential
doc_tpl.fm
Rev 99a
22 June 00
28
Contents
Novell Client Documentation
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Documentation Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Installing Novell Clients .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Preparing to Install the Client Software . . . . . . . .

Checking Server Protocols and Requirements . . .
Downloading the Latest Client Software . . . . . .
Checking for a Valid Network Connection . . . . .
Checking for Client Workstation Incompatibilities .
Additional Information . . . . . . . . . . . . . . .
Installing Novell Client at the Workstation . . . . . . .
Configuring Network Protocols . . . . . . . . . . .
Installing Clients from the Network . . . . . . . . . . .
Creating a Folder . . . . . . . . . . . . . . . . . .
Copying Files . . . . . . . . . . . . . . . . . . . .
Granting Rights . . . . . . . . . . . . . . . . . . .
Modifying the ACU Configuration File . . . . . . .
Updating the Platform-Specific Configuration Files.
Creating or Modifying the Login Script . . . . . . .
What Users See . . . . . . . . . . . . . . . . . .
Upgrading a Client Workstation to Windows 2000 . . .
Upgrading a Client Workstation to Windows XP . . . .
Setting Up Client Login
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
13
13
15
15
16
16
17
18
19
19
20
20
21
22
24
25
26
27
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Setting Up Login Scripts . . . . . . . . . . . . . . . . . . . . . .

Where Login Scripts Should Be Located . . . . . . . . . . . .
Creating or Modifying Login Scripts . . . . . . . . . . . . . .
Creating Login Scripts from a Sample or Existing Login Script.
Printing Login Scripts . . . . . . . . . . . . . . . . . . . . . .
Setting Up Login Restrictions . . . . . . . . . . . . . . . . . . .
Setting Up Location Profiles . . . . . . . . . . . . . . . . . . . .
Removing a Location Profile . . . . . . . . . . . . . . . . . .
Customizing the Novell Login Dialog Box . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Contents

Place Part Number Here
December 7, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
29
31
32
34
35
36
36
38
38
doc_tpl.fm
Rev 99a
22 June 00
Logging In to the Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Logging Out of the Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Setting Up Passwords in Windows NT/2000 . . . . . . . . . . . . . . . . . . . . . . . . . . .
Setting Client Properties .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Setting Properties before Installation . . . . . . . . . . . . .

Setting Properties on a Single Workstation after Installation .
Setting Properties on Multiple Workstations after Installation .
Using DHCP . . . . . . . . . . . . . . . . . . . . . . . . . .
Using DHCP Like an NDS Server Name Service Provider
Using DHCP to Distribute SLP Configuration Information .
Using DHCP to Distribute IPX Compatibility Information .
Managing Novell Client .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Printing to a Network Printer .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
. . . . . . . . . . . . . . . . . . . . . . . . . . . .
53

December 7, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
59
62
65
66
66
66
67
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Login Script Conventions . . . . . . . . . . . . .

Using Identifier Variables . . . . . . . . . . . . .
Login Parameters with %n Variables . . . . .
Login Scripts Commands by Task. . . . . . . . .
Network Connection and Access to Resources
Login Script Execution . . . . . . . . . . . . .
Workstation Environment . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
59
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
. . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Login Script Commands and Variables

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
53
54
54
55
56
57
57
57
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
45
45
45
46
46
46
47
48
50
50
51
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
41
41
42
42
43
43
43
43
.
.
.
.
.
.
.
.
.
.
Attaching to a Network Printer. . . . . . . . . . . . . . . . . . . . . . .

Setting Up Network Printing . . . . . . . . . . . . . . . . . . . . . .
Specifying Capture Settings with Windows Printing . . . . . . . . . .
Setting Up Point and Print . . . . . . . . . . . . . . . . . . . . . . . . .
Printing DBCS Characters from DOS in Windows NT/2000. . . . . . . .
Disabling NetWare Login Dialog Boxes Brought Up by the Print Provider
Windows NT/2000/XP . . . . . . . . . . . . . . . . . . . . . . . . .
Windows 95/98 . . . . . . . . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Common Networking Tasks . . . . . . . . . . . . . . . . . . . . .

NetWare File Security . . . . . . . . . . . . . . . . . . . . . . . .
Checking File or Folder Rights. . . . . . . . . . . . . . . . . .
Changing Trustee Assignments . . . . . . . . . . . . . . . . .
Combining Multiple Trustees . . . . . . . . . . . . . . . . . .
Setting Up AutoAdminLogon for Windows NT/2000/XP. . . . . . .
AutoAdminLogon Options . . . . . . . . . . . . . . . . . . . .
Setting the AutoAdminLogon Options . . . . . . . . . . . . . .
Changing Passwords in NetWare Login with AutoAdminLogon .
Uninstalling Novell Client . . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
40
40
40
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
doc_tpl.fm
Text File Usage . . . .

Other . . . . . . . . .
# . . . . . . . . . . . . .
Command Format . .
Example . . . . . . .
@. . . . . . . . . . . . .
Command Format . .
Examples . . . . . . .
ATTACH . . . . . . . . .
BREAK . . . . . . . . . .
Command Format . .
CONTEXT . . . . . . . .
Command Format . .
Example . . . . . . .
DISPLAY . . . . . . . . .
Command Format . .
Example . . . . . . .
DRIVE . . . . . . . . . .
Command Format . .
Example . . . . . . .
EXIT . . . . . . . . . . .
FDISPLAY . . . . . . . .
Command Format . .
Examples . . . . . . .
FIRE or FIRE PHASERS.
Command Format . .
Examples . . . . . . .
GOTO . . . . . . . . . .
Command Format . .
Example . . . . . . .
IF...THEN. . . . . . . . .
Command Format . .
Examples . . . . . . .
INCLUDE. . . . . . . . .
Command Format . .
Examples . . . . . . .
LASTLOGINTIME . . . .
Command Format . .
MAP . . . . . . . . . . .
Command Format . .
NO_DEFAULT . . . . . .
Command Format . .
PAUSE . . . . . . . . . .
Command Format . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Rev 99a
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
22 June 00
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Contents

December 7, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
67
67
67
68
68
68
69
69
69
70
70
70
70
70
71
71
71
71
72
72
72
72
73
73
73
73
74
74
74
74
75
76
76
78
78
79
80
80
80
81
82
82
82
83
doc_tpl.fm
PROFILE . . . . . .
Command Format
Example . . . . .
REMARK . . . . . .
Command Format
Example . . . . .
SCRIPT_SERVER .
Command Format
SET . . . . . . . . .
Command Format
Examples . . . .
SET_TIME . . . . . .
Command Format
SHIFT . . . . . . . .
Command Format
Examples . . . .
TERM . . . . . . . .
Command Format
Example . . . . .
TREE . . . . . . . .
Command Format
Example . . . . .
WRITE. . . . . . . .
Command Format
Examples . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
22 June 00
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
83
83
83
83
83
84
84
84
84
85
85
86
86
86
87
87
88
89
89
89
89
90
90
91
91
Sample Login Scripts
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
93
Sample Container Login Script

Sample Profile Login Script . .
Sample User Login Script . . .
Sample Default Login Script . .
.
.
.
.
93
94
95
95
.
.
.
.
Troubleshooting Issues.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Windows 95/98 Issues . . . . . . .

Installation . . . . . . . . . . . .
Login . . . . . . . . . . . . . . .
Dial-Up Networking . . . . . . .
Printing . . . . . . . . . . . . . .
Windows NT/2000/XP Issues . . . .
Installation . . . . . . . . . . . .
Login . . . . . . . . . . . . . . .
Login Script . . . . . . . . . . .
Printing Issues . . . . . . . . . .
Remote Access Services Issues.
IPX Compatibility. . . . . . . . .
Software Compatibility Issues . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Rev 99a
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

December 7, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
97
97
97
99
100
102
102
102
104
105
108
108
109
111
Manual
99a
38
July 17, 2001

This documentation includes information on installing and configuring
Novell ClientTM for Windows* XP version 4.82, Novell Client for Windows
NT*/2000 version 4.81, and Novell Client for Windows 95/98 version 3.31
and later software.
If you are using a previous version of Novell Client software, you should
update it to the latest version (http://www.novell.com/download). If you are
using a previous version of Novell Client software, some of the information in
this documentation might not apply.
This documentation includes the following information:
Chapter 1, Installing Novell Clients, on page 13
Chapter 2, Setting Up Client Login, on page 29
Chapter 3, Setting Client Properties, on page 41
Chapter 4, Managing Novell Client, on page 45
Chapter 5, Printing to a Network Printer, on page 53
Appendix A, Login Script Commands and Variables, on page 59
Appendix B, Sample Login Scripts, on page 93
Appendix C, Troubleshooting Issues, on page 97

103-000159-001
December 7, 2001
Novell Confidential
11
Manual
12

103-000159-001
December 7, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
July 17, 2001
38
Installing Novell Clients

This chapter explains how to install Novell ClientTM for Windows XP,
Novell Client for Windows NT/2000, and Novell Client for Windows 95/98
software on one workstation or across the network. It describes the following
tasks:
Preparing to Install the Client Software (page 13)
Installing Novell Client at the Workstation (page 17)
Installing Clients from the Network (page 19)
Upgrading a Client Workstation to Windows 2000 (page 26)
Upgrading a Client Workstation to Windows XP (page 27)
Preparing to Install the Client Software

Before installing the client software, make sure the server and workstations
have sufficient resources and the required software. The hardware and
software setup for the server and client workstations require you to complete
the following tasks:
Checking server protocols and requirements
Locating the latest Novell Client software
Checking for a valid network connection
Checking client workstation requirements

103-000159-001
December 7, 2001
Novell Confidential
13
Manual
99a
38
July 17, 2001
Checking Server Protocols and Requirements

You must prepare your servers to work with the Novell Client software. You
must know what protocols you use on the server and make sure that the servers
are configured to support long filenames. NetWare 5 or later automatically
supports long filenames and does not need to have the name space added to it.
However, you must add long filename support to NetWare 3 and NetWare 4
servers.
You can install Novell Client with one of the following protocol options:
IP Only (NetWare 5 or later)
Installs the IP protocol stack, which allows the client to run in IP-only
networks; the workstation cannot communicate with IPXTM servers.
IP with IPX Compatibility Mode (NetWare 5 or later)
Installs IP and includes Compatibility mode, which allows IPX
applications to run in IP-only networks by converting IPX packets into IP
packets. IPX Compatibility mode allows the client to communicate with
services in IPX-only networks if the Migration Agent is installed on any
NetWare 5 or later servers. IPX Compatibility mode requires Service
Location Protocol (SLP) on the server.
IMPORTANT: Workstations using IPX Compatibility Mode cannot have an IPX
internal network number configured. If you have configured an IPX internal

network number on your workstation and you are planning to install the Novell IP
Client with IPX Compatibility Mode, then remove the IPX internal network number
before installing the client.
IP and IPX (default for new installations)

Allows the client to run in both IP and IPX networks. The workstation
uses the same protocol as the server it is communicating with.
IPX Only
Allows the client to run in IPX-only networks. This option does not install
IP.
If you are upgrading Novell Client software and you are keeping the same
protocol option, you do not need to select a protocol option. The previous
protocol configuration remains unchanged unless you choose a different
protocol.
14

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Adding Long Name Space
Make sure that long filename support is installed on NetWare 3 or NetWare 4

servers. NetWare 5 or later servers automatically support long filenames.
IMPORTANT: Each name space added to a volume requires additional server
memory. If you add name space support to a volume on a server without sufficient
memory, that volume cannot be mounted. Once a name space is added to a
volume, the name space can be removed from the volume only by deleting the
volume and re-creating it, or by using VREPAIR.
1 Load the long name space.
At the server console prompt, enter

LOAD LONG.NAM
NOTE: On versions of NetWare earlier than NetWare 4.11, use the OS/2* name
space, OS2.NAM. For NetWare 3.11 servers, use OS2OPNFX.NML for long
filenames. This NLMTM is a part of 311PTD.EXE and is available on the Novell
Web site.
2 Add the long name space.
At the server console prompt, enter

ADD NAME SPACE LONG TO VOLUME volume_name
Downloading the Latest Client Software

Novell Client software is shipped on CD and is also available from the Novell
Web site. You should install the latest version of the software. To download
the latest Novell Client software, complete the following steps.
1 Create an installation directory.
2 At the Novell Web site (http://www.novell.com/download), click the
client software that you want to download.

3 Follow the download instructions provided with the files on the Web site.
Checking for a Valid Network Connection

To check for a valid network connection from a Windows 95/98, Windows
NT/2000, or Windows XP workstation:
1 Open Network Neighborhood or My Network Places (NT/2000/XP).
2 Make sure that the networks you expect to see actually appear in the
window.

103-000159-001
December 7, 2001
Novell Confidential
15
Manual
99a
38
July 17, 2001
If you have never installed a client or created a network connection, you might
not have access to Network Neighborhood or My Network Places. Therefore,
you must install the client software from CD-ROM. See Installing Novell
Client at the Workstation on page 17.
Checking for Client Workstation Incompatibilities

Windows 95/98
The following network components are not compatible with Novell Client for
Windows 95/98:
Microsoft Client for NetWare networks
Microsoft file and printer sharing for NetWare networks
Microsoft Service for NDS software
Novell NetWare workstation shell 3.x (NETX)
Novell NetWare workstation shell 4.0 and later (VLMTM) clients
Novell IPX ODI protocol 16-bit module for the NETX and VLM clients
If any of these network components are installed, the client installation
program detects the conflict and removes the conflicting network
components.
Windows NT/2000/XP
Novell Client cannot be installed on Windows 2000 or Windows XP if the

Local Area Connection Properties Page is open. Close this page before
running the Novell Client install.
IPX Compatibility and Novell NetWare/IP Adapter will not be upgraded from
Windows NT to Windows 2000.
Some Windows NT 4.0 printer drivers are incompatible with Windows 2000
and XP and will not install. Contact Microsoft for more information.
For up-to-date information about software incompatibilities, see the Novell
Client Readme.
16

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Additional Information
Installing Novell Client at the Workstation on page 17
Installing Clients from the Network on page 19
Installing Novell Client at the Workstation

If you plan to install Novell Client software on a small number of
workstations, or if the workstations are not yet connected to a network, install
from the Novell Client CD or download it from the Novell Web site (http://
HINT: If you are installing or upgrading Novell Client software on several
workstations on the network, consider using the network installation explained in

Installing Clients from the Network on page 19.
The Novell Client Setup utility installs Novell Client software on workstations
running Windows. This utility lets you select the client that you want to install
from a list of available clients. Administrative options are also available.
HINT: The Typical Install only installs the basic Novell Client components. If you
want to install additional services such as NDPS, use the Custom Installation. If
you are upgrading Novell Client software, the same custom components are
installed unless you choose different ones.
ZENworksTM for Desktops Remote Management requires that you install
Workstation Manager components during the Novell Client installation.
To install at the workstation, complete the following:

Download the latest Novell Client software and then follow the
installation instructions included on the download page.
See Downloading the Latest Client Software on page 15.
Insert the Novell Client CD.

If the Novell Client Setup utility does not automatically launch, run
WINSETUP.EXE from the root of the CD.
If you require special accessibility settings, click Start > Run and enter the
/508 option to retain your monitor settings. Then, follow the onscreen
instructions.
For Windows 95/98, enter path_to_the_software/SETUP.EXE
/508

103-000159-001
December 7, 2001
Novell Confidential
17
Manual
99a
38
July 17, 2001
For Windows NT/2000/XP, enter path_to_the_software/

SETUPNW.EXE /508
2 Click a language, a platform, and then the software you want to install.
3 Follow the on-screen instructions.
Once Novell Client is installed, check your network protocol configuration.

See Configuring Network Protocols on page 18.
Configuring Network Protocols

After you install Novell Client, make sure that it is configured correctly for
your network.
WARNING: Before you configure network protocols, make sure you have the
correct information and any addresses needed. If you configure protocols

incorrectly, the workstation will not be able to connect to the network, or it might
conflict with other workstations using the same address.
Windows 95/98 and Windows NT: Right-click Network Neighborhood,

click Properties, select the protocol that you want to configure, and then
click Properties.
Windows 2000 and XP: Right-click My Network Places, click
Properties, right-click Local Area Connection, select the protocol that
you want to configure, and then click Properties.
2 Configure the protocol options in each tab, then click OK.
For example, if your network uses DHCP to assign IP addresses

automatically, click the IP Address tab and then click Obtain IP Address
Dynamically. Or, if you must use a static IP address, click Specify an
Address and enter a valid IP address.
HINT: Click the question mark in the upper-right corner and then click in any field
for more information.
3 Click OK to make the changes.
You might be prompted to supply the Windows operating system CD. If

you do not have access to the correct files, you might not be able to create
a network connection.
You should now set the Novell Client properties for the workstation. See
Chapter 3, Setting Client Properties, on page 41.
18

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Installing Clients from the Network

You can install Novell Client software on multiple workstations from the
network by copying files to the server and modifying the login script. This
installation is sometimes referred to as an Automatic Client Upgrade (ACU).
HINT: You can install the Novell Client using the Application Launcher component
of ZENworks. Application Launcher lets you distribute applications such as the

client software to workstations and manage those applications as objects in the
NDS tree. For more information, see the ZENworks for Desktops documentation.
On Windows XP, you can install the client software from the network on
workstations running the Microsoft Client Service for NetWare. Run the
install by logging into the server using bindery emulation.
You can install and upgrade the client software on all platforms when users
log in. The process involves six tasks:
1. Creating a folder on the server.
2. Copying Novell Client files and other required files to the new folder.
Workstations can then read the files during login.
3. Granting rights to the new folder.
4. Modifying the ACU configuration file.
5. (Optional) Creating or update the platform-specific configuration files.
6. Creating or modifying the login script. (A sample login script is
included.)
When the login script runs, ACU.EXE determines if the client needs to be
upgraded. This initial check saves network bandwidth during login because
the setup utility is run only if the client needs to be updated.
Creating a Folder
1 Log in to a server as Admin or as a user with Admin equivalence.
Make sure that you have rights to copy files to a network folder that all
users can access, as well as rights to modify login scripts.
2 Create a folder in SYS:PUBLIC.
For example:
SYS:\PUBLIC\CLIENT

103-000159-001
December 7, 2001
Novell Confidential
19
Manual
99a
38
July 17, 2001
Copying Files
From the Novell Client CD, copy the WINNT or WIN95 directories
to the new folder.
If you are installing only one platform, you need to copy only the
platform directory (WINNT or WIN95) for the platform you will
install.
If you are installing the client in only one language or if your network
does not have enough space to accommodate multiple language
directories, you can delete the language directories that you do not
need from the NLS directory under each client directory. To ensure
that you have all necessary files, copy the entire client directory and
then delete only the extra language directories.
Copy the downloaded Novell Client software files to the new folder.
See Downloading the Latest Client Software on page 15.
2 (Conditional) If you are installing Novell Client for Windows 95/98, copy
the Windows 95 and/or Windows 98 .CAB files to the WIN95 directory.

The files are on the Microsoft Windows 95 or Windows 98 CD (and
Upgrade CD) in the respective WIN95 or WIN98 folder.
Granting Rights
1 Create a Group object in the NDS tree.
2 Place into that group users whose workstations need to be installed or
upgraded.
3 Make sure that the group has the Read and File Scan rights to the folder
that you created.

If you created a folder in SYS:PUBLIC, the new folder should have Read
and File Scan rights already associated with it, but you should make sure
that these rights have not been changed.
4 (Conditional) If you want the results of the installation to be added to a
status log file, make sure that the group has the Write right to that file.
A status log file records the success or failure of the installation. As each
workstation completes its installation, the status log file is appended to
include information on that workstation. Enable status logging in the
ACU configuration file.
20

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
If you did not create the status log file prior to running the network
installation, you must give users the Create and Write rights to the
directory.
Modifying the ACU Configuration File

The Automatic Client Upgrade utility (ACU.EXE) determines whether the
client needs to be updated and allows you to specify several installation
options.
Option
Description
Settings
[LAUNCHINSTALL]
Specifies whether the platformspecific setup utility will be launched

once ACU.EXE determines that the
installation is necessary.
Launch=Yes | No
(default: Yes)
[DISPLAYDIALOG]
Specifies whether users will be

prompted to begin the upgrade.
Display=Yes | No
(default: Yes)
[UNATTENDFILE]
Specifies whether a platformspecific configuration will be used

and where it is located.
Use=Yes | No
(default: No)
Specifies whether a status log will

be created and where it will be
located.
Use=Yes | No
(default: No)
[STATUS
LOGGING]
File=configuration_file_path
File=log file path
If you did not create a status log file

prior to installation, it will be created
and placed in the installation
directory on the network or in the
directory specified in the File
setting.
[ADMINISTRATOR
MESSAGE]
Specifies additional text that will

appear when the user is prompted
to start an ACU.
Message=the message you

want to appear

103-000159-001
December 7, 2001
Novell Confidential
21
Manual
99a
July 17, 2001
38
Option
Description
Settings
[CLIENTLOCAL
INSTALL]
Specifies whether the installation

will be copied to a specified local
directory and run locally.
LocalInstall=Yes | No
(default: No)
LocalDirectory=directory
where you want the
installation copied
(default:
C:\Novell\ClientLocalInstall)
DeleteLocalInstall=Yes | No
(default: No)
HINT: If you want to delete
the files after the installation

is complete, set the
DeleteLocalInstall parameter
to Yes.
To customize ACU, do the following:

1 Open the ACU.INI file located in the folder that you created on the server.
2 Modify the configuration options.
IMPORTANT: We recommend that you use the ACU.INI file instead of the
command line switches used in previous versions of Novell Client. ACU.INI

simplifies the installation process. If you choose to use switches, they will override
ACU.INI options.
Updating the Platform-Specific Configuration Files

NOTE: If you are installing the client with the default settings, you do not need to
create or modify the configuration files. Skip this process and proceed to Chapter
3, Setting Client Properties, on page 41.
IMPORTANT: If you use a platform-specific configuration file to configure Novell
Client and you are using ACU.EXE, you must change the [UNATTENDFILE] option
to Yes in the ACU.INI file.
Each platform-specific installation utility reads a configuration file generated

by Novell Client Install Manager in order to configure the client properties.
This file provides information such as where to copy drivers during
installation and the most recent version number. This file must be placed in
the same folder as the installation utility.
22

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
IMPORTANT: If you are configuring Windows 95/98 workstations, options that
were set in the NWSETUP.INI file or on the command line in previous versions of
Novell Client (such as Display First Screen or CAB FIX) are now set up in Novell
Client Install Manager.
To create a configuration file, do the following:

1 Start Novell Client Install Manager (NCIMAN.EXE).
Windows 95/98: Novell Client Install Manager is located in the

WIN95\IBM_language \ADMIN folder that you copied to the server.
Windows NT/2000/XP: Novell Client Install Manager is located in the
WINNT\I386\ADMIN folder that you copied to the server.
2 Click File > New, select the platform, and then click OK.
3 Modify the installation options as needed.
3a In the Installation Options list box, double-click the configuration
option that you want to modify.

3b In the property pages, set the parameters and then click OK.
The values that you set appear in the right list box.
HINT: You can import the settings from a workstation that has been previously
configured and save them to the configuration file. Once you set up the
workstation, click File > Import Registry to import the settings.
4 Click File > Save.
You can use any filename (for example, UNATT_95.TXT or

UNATT_NT.TXT).
5 Copy this file to one of the following directories:
Windows 95/98: WIN95\IBM_language

Windows NT/2000/XP: WINNT\I386
IMPORTANT: The path to the text file cannot contain long filenames.

103-000159-001
December 7, 2001
Novell Confidential
23
Manual
99a
38
July 17, 2001
Creating or Modifying the Login Script

You need to modify login scripts for users whose workstations will be
upgraded.
To upgrade workstations for users in a container, modify that containers login
script.
To upgrade workstations for users in a profile, modify that profiles login
script.
To upgrade specific users workstations, modify those users login scripts.
To upgrade a workstation running bindery-based client software (such as
Microsoft Client for NetWare Networks which ships with Windows 95 or
Windows 98), edit the system login script (SYS:PUBLIC\NET$LOG.DAT).
Creating or Modifying a Login Script Using ConsoleOne
1 Double-click the object whose login script you want to create or modify.
2 Click Login Script.
3 Enter the login script commands and information into the login script text
box.
For a sample of the login script commands that you need to add to the
scripts, see Sample Client Installation Login Script (Windows 95/98 and
NT/2000 Only) on page 25.
IMPORTANT: Make sure that you edit the sample login script to match the server
names, directory paths, and specifications of your own network.
For additional information on all login script commands, see Login

Script Commands and Variables on page 59.
4 To save the login script and close the Details dialog box, click OK.
If the login script that you just created was a container or user login script,
youre finished and the client software will be installed or updated the
next time users log in.
If the login script that you just created was for a Profile object, you must
associate the User object with the Profile object and make the User object
a trustee of the Profile object.
For additional information on all login scripts, see Creating or
Modifying Login Scripts on page 32.
24

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Sample Client Installation Login Script (Windows 95/98 and NT/2000 Only)
The following sample shows the commands that you add to the login script in
order to install the client software from the network. The sample includes text
for installing across an internal network.
HINT: In this sample, the text that is necessary to the script is represented in
uppercase letters. The information that you should customize for your network is in
lowercase letters.
REM ***** Windows 95/98 *****
IF (OS = "WIN95") OR (OS = "WIN98" AND OS_VERSION <> "V4.90")
THEN
WRITE "Updating Novell Client for Windows 95/98."
#\\server1\sys\public\client\win95\ibm_enu\acu.exe
IF "%ERROR_LEVEL" = "1" THEN
EXIT
END
END
IF OS = "WINNT" AND OS_VERSION <> "V5.01" THEN
WRITE "Updating Novell Client for Windows NT/2000."
#\\server1\sys\public\client\winnt\i386\acu.exe
IF "%ERROR_LEVEL" = "1" THEN
EXIT
END
END
At this time, you cannot use a login script to install Novell Client for Windows
XP version 4.82. This feature will be available in a future release.
NOTE: If you are using this sample script to replace the Microsoft Client with Novell
Client for Windows95/98, some user intervention is necessary. Due to Microsoft
Clients limited scripting capabilities, users must close an open DOS box before the
workstation is rebooted and the installation is completed.
What Users See

If this is a new client software installation, or if it is an upgrade from older
client software, the software is installed or upgraded when users log in and
restart the workstation. Users might see system messages as their workstations
are upgraded, depending on how you set up the installation.

103-000159-001
December 7, 2001
Novell Confidential
25
Manual
99a
38
July 17, 2001
Upgrading a Client Workstation to Windows 2000

You can upgrade a Windows 95/98 or Windows NT 4.0 workstation with
Novell Client software to Windows 2000 without uninstalling the client
software.
NOTE: IPX Compatibility and Novell NetWare/IP Adapter will not be upgraded
from Windows NT to Windows 2000.

Some Windows NT 4.0 printer drivers are incompatible with Windows 2000 and will
not install. Contact Microsoft for more information.
Windows 95/98 to Windows 2000: Installs Novell Client version 4.51 from
the Windows 2000 CD.
Windows NT to Windows 2000: Detects the version of Novell Client
software installed and does one of the following:
If the Novell Client version is 4.6 or earlier, Windows 2000 installs the
Novell Client version 4.51 from the Windows 2000 CD.
If the Novell Client version is 4.7 or later, Windows 2000 leaves it intact
but removes all installed components and changes the protocol selection.
After the migration to Windows 2000 is complete, Novell Client will reinstall
the previously installed components and restore the previously selected
protocols.
IMPORTANT: In order to complete the reinstallation of the components and
protocols, the user who logs in to the workstation after the migration must have
Administrator rights.
Novell Client version 4.51 on the Windows 2000 CD has limited

functionality. Therefore, you will want to upgrade to the latest Novell Client
version once you have completed the upgrade. You can either access the latest
client software from a product CD or download it from www.novell.com/
download. Once you have set up the Automatic Client Upgrade (see
Installing Clients from the Network on page 19), Novell Client will run an
ACU from one of the following places:
The path pointed to by the NWCLIENTDIR environment variable in the
login script or at the command line
The path were Novell Client was installed from
Drive Z: on the network
You can choose to skip the Automatic Client Upgrade by setting the
NWCLIENTDIR environment variable to NULL in the login script.
26

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
For more information on Automatic Client Upgrade, see Installing Clients

from the Network on page 19.
For more information on installing Novell Client on individual workstations,
see Installing Novell Client at the Workstation on page 17.
Upgrading a Client Workstation to Windows XP

If you are upgrading your Windows operating system on workstations that
already have the Novell Client installed, you must first uninstall the Novell
Client to ensure a clean upgrade.
1 Uninstall Novell Client.
See Uninstalling Novell Client on page 51.

2 Upgrade the Windows operating system to Windows XP.
3 Install Novell Client for Windows XP version 4.82.
See Installing Novell Client at the Workstation on page 17.

HINT: On Windows XP, you can install the client software from the network
on workstations running the Microsoft Client Service for NetWare. Run

the install by logging into the server using bindery emulation.
NOTE: Novell Client cannot be installed on Windows XP if the Local Area
Connection Properties Page is open. Close this page before running the Novell
Client install.

103-000159-001
December 7, 2001
Novell Confidential
27
Manual
28

103-000159-001
December 7, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
July 17, 2001
38

You can customize the client login environment to suit your network and have
greater control over what users can access during login. This chapter contains
information about the following:
Setting Up Login Scripts (page 29)
Setting Up Login Restrictions (page 36)
Setting Up Location Profiles (page 36)
Customizing the Novell Login Dialog Box (page 38)
Logging In to the Network (page 40)
Logging Out of the Network (page 40)
Setting Up Login Scripts

When a user successfully logs in to the network, one or more login scripts are
executed which automatically set up the workstation environment. Login
scripts are similar to batch files and are executed by the Novell LOGIN
utility.
You can use login scripts to map drives and search drives to directories,
display messages, set environment variables, and execute programs or menus.
Login scripts are properties of specific NDS objects.
There are four types of login scripts:
Container sets the general environments for all users in that container.
Container login scripts are execute first and can be associated with
Organization or Organizational Unit objects. A user can use only one
container login script.
NOTE: A container login script replaces the system login script from NetWare 3.

103-000159-001
December 7, 2001
Novell Confidential
29
Manual
99a
38
July 17, 2001
Profile sets environments for several users at the same time. Profile login
script are executed after the container login script and are associated with
Profile objects. A user can be assigned only one profile login script but
can choose other profile login scripts.
User sets environments (such as printing options or an e-mail username)
specific to a single user. User login script are executed after any container
and profile login scripts and are associated with User objects. A user can
have only one user login script.
Default contains only essential commands, such as drive mappings to
NetWare utilities, and cannot be edited. The default login script runs if a
user (including user Admin) doesnt have a user login script, even if a
container or profile login script exists.
HINT: If you dont want to create any user login scripts and you dont want the
default login script to execute for any users, you can disable the default login script
by including the NO_DEFAULT command in the container or profile login script.
Maintaining many user login scripts can be time consuming. Therefore, you
should try to include as much customization information as possible in the
container and profile login scripts, which are fewer in number and easier to
maintain.
For example, if all users need access to the NetWare utilities in the same
volume, put the search drive mapping to that volume in a single container
login script rather than in every user login script.
Create profile login scripts if several users have identical login script needs.
Profile login scripts are sometimes thought of as group login scripts.
Finally, in user login scripts, include only those individual items that cant be
included in profile or container login scripts.
IMPORTANT: Because up to three login scripts can execute whenever a user logs
in, conflicts can occur and drive mappings can be overwritten by consecutive login
scripts. It is important to note that the last login script to execute (usually the user
login script) overrides any conflicting commands in a previous login script.
HINT: In Windows NT and Windows 2000, all drive mappings created using
NetWare LOGIN are root mapped. Because of this, programs cannot access
directories above the directory that the drive is mapped to. If necessary, you can
turn off the default by adding SET MAPROOTOFF="1" as the first line in the login
script. This will globally force all NT/2000 workstations using the login script to not
map root drives.
WARNING: Dont delete the login directory (SYS:LOGIN) created during network
installation. It contains the Novell LOGIN and NLIST utilities. If users run command
line utilities, they can use these utilities to log in and view a list of available NetWare
servers.
30

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Where Login Scripts Should Be Located

Login scripts are properties of objects. Consequently, only certain objects can
contain login scripts. This, in turn, largely determines where login scripts can
be located.
The following figure shows how the different types of login scripts can reside
in an NDS tree and how they affect users.
In the figure, there are three users: ESAYERS, SWILLIAMS, and

MRICHARD. The following explains which login scripts execute when each
of these users logs in:
User ESAYERS: The SALES_PV container login script executes first,
followed by ESAYERSs user login script.
User SWILLIAMS: The SALES_PV container login script executes first,
followed by the default login script.
User MRICHARD: The ACCOUNTING container login script executes,
followed by the CLERKS profile login script, and then MRICHARDs
user login script.
Container login scripts affect only users immediately below the Organization
or Organizational Unit that contains the login script.

103-000159-001
December 7, 2001
Novell Confidential
31
Manual
99a
38
July 17, 2001
For example, in the previous figure, although there are two levels of container
objects above users ESAYERS and SWILLIAMS, only the script for the
container theyre in (OU=SALES_PV) executes when they log in.
If the SALES_PV Organizational Unit had no container login script defined,
no container login script would execute for ESAYERS and SWILLIAMS,
even though a container login script exists at a higher level.
Because user SWILLIAMS has no user login script defined, the default login
script executes after the container login script.
Because user MRICHARD belongs to the profile CLERKS, the CLERKS
profile login script executes before MRICHARDs user login script. Users can
be assigned to only one Profile object, but there are ways to get around this
restriction. See Getting around the One Profile Login Script Restriction on
page 34.
Creating or Modifying Login Scripts

You can use ConsoleOneTM to create login scripts from scratch or from a
sample login script that is provided for you. Using a sample login script can
help reduce syntax errors and thus reduce the time it takes to create login
scripts.
All four types of login scripts use the same conventions, commands, and
variables. For more information, see Login Script Commands and Variables
on page 59.
The main difference in creating container, profile, and user login scripts is the
object that you select to contain the login scripts. The default login script is
not assigned to any object.
Container login scripts are assigned to container objects (Organization or
Organizational Unit objects).
Profile login scripts are assigned to Profile objects. In order for a User
object to use a profile login script, you must select that User object and
assign it to the Profile object.
User login scripts are assigned to User objects.
IMPORTANT: Before you create or modify login scripts, you must have the Write
property right to the object that will contain the login script. In addition, the
Organization, Organizational Unit, Profile, or User object that you plan to assign the
login script to must already exist.
32

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
To create or modify a login script using ConsoleOne, complete the following

steps:
1 Double-click the object whose login script you want to create or modify.
3 Enter the login script commands and information into the login script text
box.
For a sample, see Sample Login Scripts on page 93.
For additional information on all login script commands, see Login

Script Commands and Variables on page 59.
4 To save the login script and close the Details dialog box, click OK.
youre finished and the client software will be installed or updated the
next time users log in.
If the login script that you just created was for a Profile object, you must
associate the User object with the Profile object and make the User object
a trustee of the Profile object. See the next section, Associating the User
Object with a Profile Object.
For additional information on all login scripts, see Creating or
Modifying Login Scripts on page 32.
Associating the User Object with a Profile Object
1 In ConsoleOne, double-click the User object that needs to use the profile
login script.
3 Enter the name of the Profile object in the Default Profile field located
under the login script text box, and then click OK.
4 To add the User object as a trustee of the Profile object, double-click the
Profile object.
5 Click NDS Rights > Trustees of this Object > Add Trustee.
6 Enter the name of the User object that uses this Profile object.
7 Make sure that the Browse object and the Read property check boxes are
checked, and then click OK to assign these rights to the User object.

103-000159-001
December 7, 2001
Novell Confidential
33
Manual
99a
38
July 17, 2001
The User object is now a trustee of the Profile object and has the rights
necessary to run the profile login script.
Repeat these steps for all additional users who need to use this script.
Getting around the One Profile Login Script Restriction
Users can belong to only one profile login script and so, as a rule, only one
profile login script can be executed for any user. There are ways to run the
equivalent of different or multiple profile login scripts by specifying other
profile login scripts.
For example, to specify a different profile login script for a user at the
command line, use the following command:
LOGIN username /p profile_object
You can also specify a different profile login script using ConsoleOne. On the
users Login Script page, browse until you find the profile login script that you
want to associate with the user, select it, and then click OK. For more
information on associating a profile login script with a user, see the
ConsoleOne help.
You can also assign users to more than one Group object. Use the MEMBER
OF group identifier variable to execute different parts of a login script,
depending on the Group objects that the user belongs to. To accomplish this,
use the If...THEN command (see IF...THEN on page 75) and the MEMBER
OF group identifier variable (see Using Identifier Variables on page 62).
To view an example of the IF...THEN command used with the MEMBER OF
group identifier variable, see Sample Login Scripts on page 93.
Creating Login Scripts from a Sample or Existing Login Script

To create a login script from any of the samples included in this
documentation or from an existing login script, complete the following steps:
1 Locate the sample or existing login script that you want to modify.
For sample login scripts included in this documentation, see Sample

Login Scripts on page 93.
2 Copy the sample or existing login script.
3 In ConsoleOne, open the login script, copy the sample and then paste it
into the login script.
34

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
4 Make necessary changes to the sample login script to customize it for
your network.
5 Click OK to save the new login script.
youre finished. If the login script that you just created was for a Profile
object, you must associate the User object with the Profile object and
make the User object a trustee of the Profile object. See Associating the
User Object with a Profile Object on page 33.
Printing Login Scripts

To print a login script from the command line, use the NLIST command and
redirect the output to a file or a printer. You must be in an objects parent
container to see and print the login script of that object.
IMPORTANT: You must have a workstation running DOS 3.30 or later and the
Read and File Scan property rights to the object to be printed.
To print a users login script, enter

NLIST user=username show "login script">LPT1
To print a containers login script, enter

NLIST "organizational unit"="ou name" show "login
script">LPT1
NOTE: Any option in the NLIST command that includes a space in its name must
be enclosed in quotes.

103-000159-001
December 7, 2001
Novell Confidential
35
Manual
99a
38
July 17, 2001
Setting Up Login Restrictions

Login restrictions are limitations on user accounts that control access to the
network. These restrictions can be set in ConsoleOne for each user and include
the following:
Requiring a password (you can specify its minimum length, whether it
must be changed and how often, whether it must be unique, and whether
the user can change it)
Setting the number of logins with expired password and the number of
incorrect login attempts allowed
Setting account limits such as an account balance or expiration date
Limiting disk space for each user by specifying the maximum blocks
available for each user on a volume
Specifying the number of simultaneous connections a user can have
Specifying, by node address, which workstations users can log in on
Restricting the times when users can log in (you can assign all users the
same hours, or you can restrict users individually)
When a user violates login restrictions, the account is disabled and no one can
log in using that username. This prevents unauthorized users from logging in.
Setting Up Location Profiles

Location profiles allow you to save the information from a users specific
login into a location profile. When the user selects this profile during login,
the profile automatically sets up login information such as the users name,
server, tree, context, login script, and other applicable information so that the
user does not have to type this information.
Location profiles are especially powerful for users who log in from multiple
places. Users can have separate profiles for the office, home, laptop, or any
other workstation they use. This simplifies the login process so that users do
not have to remember their login information for each workstation. Using
multiple location profiles also gives you control over what users can access
from each workstation.
You can create a location profile on a single workstation or you can create
location profiles for multiple workstations by using the ZENworksTM
Workstation Configuration policy packages.
36

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
HINT: To create and then distribute location profiles that will be used by multiple
workstations, use the Novell Client Configuration policy created in the Workstation
Configuration policy package in ConsoleOne.
For more information on using ZENworks for Desktops policy packages, see the
ZENworks for Desktops documentation. If you have questions while setting up a
policy package, click Help.
To create a location profile on a specific workstation, complete the following

steps:
1 Open the Client property pages.
Right-click the N icon in the system tray and then click Novell Client
Properties > Location Profiles.
or
Right-click Network Neighborhood and then click Properties > Location
Profiles.
2 Type the name of the profile that you want to add, and then click Add.
3 From the Service menu, select one of the following:
Login Service to configure login settings
Connection Service to configure your dial-up connection settings
4 From the Service Instance menu, do one of the following:
Select an existing service instance
Type a name for a new service instance and then click Add to specify
the settings for this service in the Novell Client Login window or
Connection Services window.
5 When you have finished creating the location profile, click OK.
HINT: When storing the profile through an NDS login, you can use a File System
Pointer. This allows multiple users to use the same profile, provided they all use
the same path as the file system pointer.
IMPORTANT: When storing the profile from a Windows NT 4.0 workstation on a
NetWare server, that server volume must support long filenames. In versions of
NetWare earlier than NetWare 4.11, the OS/2 name space was required for long
filename support. In NetWare 4.11 and NetWare 5 or later, the LONG.NAM name
space is required on the server.

103-000159-001
December 7, 2001
Novell Confidential
37
Manual
99a
38
July 17, 2001
Removing a Location Profile

You might need to remove a location profile once it has been created. If you
are removing a location profile created on an individual workstation, complete
the procedure below. If you want to remove a location profile created in a
Client Configuration policy, you can either delete the Client Configuration
policy or change the associations of specific users with this policy.
1 Right-click the N icon in the system tray and then click Novell Client
Properties > Location Profiles to open the Novell Client property pages.
2 Select the name of the profile that you want to remove and then click
Remove.
Customizing the Novell Login Dialog Box

The Novell Login dialog box can be customized to show the features that you
want users to have access to. Customizing gives you control over the
following:
The choice of NDS or bindery connection
The Location field at the top of the dialog box
Hiding the Location field is especially useful if you have set up only one
location profile for a workstation. In this case, the Location field is not
useful and might confuse or distract the user.
The Advanced button
If you have set up several location profiles and do not want users to
change the data in various login fields (such as tree, context, server, and
run scripts), you can hide the Advanced button.
The Variables button on the Script tab
If you use %2, %3, %4, or %5 in the login script, you might want to set
these values in the location profile but not allow the user to change them.
In this case, it might be helpful to hide the Variables button.
The Clear Connections check box on the NDS and Bindery tabs
If you want all connections to be cleared every time the user logs in, or if
you dont want any connections to be cleared, you can set the value in the
location profile and then hide the Clear Connections check box.
NOTE: The Clear Connections check box is never visible during initial login,
because an initial login automatically clears all connections.
38

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
The Workstation Only check box that appears under the Password field
during an initial NT/2000 login
If you do not want to allow workstation-only loginsfor example, if you
want to require that the user log in to NetWare in order to use the
workstationyou can hide the Workstation Only check box.
The Run, Display, and Automatically Close properties of login scripts
RAS options, if installed on the workstation
These additional features of the Novell Login dialog box should also be
considered:
If Dialup is not installed on the workstation, the fields on the Dialup tab
are disabled.
If the Novell Login dialog box is being used to log in to a specific tree,
the Tree field is disabled to prevent the user from changing the tree.
If the Novell Login dialog box is being used to log in to a specific NDS
server, the Server and Tree fields on the NDS tab are disabled to prevent
the user from changing them.
If the Novell Login dialog box is being used to log in to a specific bindery
server, the Server field on the Bindery tab is disabled to prevent the user
from changing the server.
The Novell Login dialog box can be customized to control the availability of
certain login options. This gives you control over how users log in.
HINT: You can also customize the Novell Login dialog box for multiple
workstations using the Novell Client Configuration policy created in the Workstation
Configuration policy package in ConsoleOne (ZENworks for Desktops 3) or
NetWare Administrator (ZENworks for Desktops 2).
For more information on using ZENworks for Desktops policy packages, see the
ZENworks for Desktops online documentation. If you have questions while setting
up a policy package, click Help.
To show or hide any login dialog box options, complete the following steps:
Properties > Location Profiles to open the Novell Client property pages.
2 Click Advanced Login.
3 In the Show On Login section of the Advanced Login property page,
check the check boxes for the items that you want to appear and uncheck
those that you do not want to appear.

103-000159-001
December 7, 2001
Novell Confidential
39
Manual
99a
38
July 17, 2001
Logging In to the Network

IMPORTANT: We recommend that users do not use the command line LOGIN
utility.
There are several ways to initiate a Novell Client Login once users have
already logged in to NetWare or to the local workstation:
Right-click the red N icon in the System Tray and then click NetWare
Login.
Right-click Network Neighborhood and then click NetWare Login.
Click Start > Programs > Novell (Common) > Novell Login.
In Network Neighborhood, double-click the tree or server to log in to; the
Novell Login will load automatically.
In Network Neighborhood, right-click on the desired tree or server and
then click either Authenticate or Login.
Run LOGINWIN32.EXE from the DOS command prompt.
Logging Out of the Network

To log in to new NetWare services while logging out of other servers or
clearing the current connections, use the NetWare Client Login and check the
Clear Current Connections check box.
If you want to log out of both the Windows NT/2000 workstation and
NetWare, press Ctrl+Alt+Del and then click Logout.
To log out of a specific server, right-click Network Neighborhood, click
NetWare Connections, select the server or tree, and then click Detach.
IMPORTANT: We recommend that users do not use the LOGOUT.EXE
command. If you use this command, specify a server name (LOGOUT

server_name).
Setting Up Passwords in Windows NT/2000

We recommend that you configure NT workstations to not use any of the
Microsoft password restrictions available in User Manager. Novell Client for
Windows NT works best if password restrictions are set in NDS.
40

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Setting Client Properties

You can optimize Novell ClientTM for your network by using property pages
to configure installation options and protocol support, optimize performance,
configure optional client parameters, and set a variety of other parameters.
By default, the client is configured for high speed with moderate use of
memory and data protection. You can adjust the client to optimize its
performance in any of these areas. However, optimizing the client in one area
might lessen performance in other areas.
HINT: A new Advanced Menu Settings tab has been added to the Novell Client
Property Page. This tab lets you set menu options and control settings such as the
ability to send messages to the server console or how Network Neighborhood is
configured. A short description of each setting is available in the Description field
when you select the option.
Also, additional information on the Advanced Settings is available in an April 1999
AppNotes article (http://developer.novell.com/research/appnotes/1999/april/03/
index.htm).
You can set properties for a single workstation, or you can set them for
multiple workstations simultaneously.
Setting Properties before Installation

Use Novell Client Install Manager to set properties for one or more
workstations before an unattended install. This method saves you from having
to set each workstation individually.
1 Start the Novell Client Install Manager.
Novell Client Install Manager is located on the CD-ROM or in the Novell

Client download in the WIN95\IBM_language >ADMIN directory.
2 Click File > New File > your operating system.

103-000159-001
December 7, 2001
Novell Confidential
41
Manual
99a
38
July 17, 2001
3 Modify the installation options as needed.

3a Double-click the configuration option that you want to modify in the
Installation options list box.

3b In the property pages, set the parameters and then click OK.
The values that you set appear in the right list box.
HINT: You can set up one workstation the way you want other workstations to be
set up, and then use Novell Client Install Manager to import the settings from that
workstations registry and save them to the configuration file you will use during the
ACU install. Once you set up the workstation, click File > Open Registry to import
the settings into Novell Client Install Manager.
For information about setting properties on a single workstation, see Configuring

Network Protocols on page 18.
4 Click File > Save.
You can save the file with any filename that you want to use. For
example, you could rename the file NOVELL.TXT and then use it in
conjunction with the ACU.
Setting Properties on a Single Workstation after

Installation
1 At the users workstation, right-click the N icon in the system tray.
2 Click Novell Client Properties.
3 Set the properties that you want to change.
4 Click OK to make the changes and close the property pages.
Setting Properties on Multiple Workstations after

Installation
Beginning with ZENworksTM for Desktops 3 or later and NetWare 5 or later,
you can use ConsoleOne to configure client properties for multiple
workstations. The properties that you set in ConsoleOneTM or NetWare
Administrator are pushed down to the client workstations at scheduled times
or when specified events occur, such as when a user logs in.
To set the properties on multiple workstations after installation, refer to the
corresponding ZENworks for Desktops documentation at Novells
documentation Web site (http://www.novell.com/documentation/) for more
information.
42

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Using DHCP
If a DHCP server is set up on your network, the DHCP server can inform
Novell Client of network-specific configuration information.
You can easily configure Novell DHCP servers (NetWare 5 and later) to
distribute this information to the clients. See the server configuration
documentation for your NetWare product.
Clients obtain configuration information from DHCP even when you
statically configure the clients IP address or even when the DHCP server used
to supply the information is different from the DHCP server supplying an IP
address to the client.
Using DHCP Like an NDS Server Name Service Provider

You can set up a DHCP server to inform Novell Client workstations that use
the IP protocol about an NDS tree name and the IP addresses of servers that
are on that tree. When using this feature, it is best to specify the IP addresses
of the closest NDS servers containing partitions with the user information.
Using DHCP to Distribute SLP Configuration Information

You can configure the following SLP parameters through DHCP:
IP Address of SLP Directory Agents
SLP Scopes
Using DHCP to Distribute IPX Compatibility Information

You can configure the following IPXTM Compatibility parameters through
DHCP:
IP Address of Migration Agents
CMD Network Number
Migration Agent List Stale Time

103-000159-001
December 7, 2001
Novell Confidential
43
Manual
44

103-000159-001
December 7, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
July 17, 2001
38
Managing Novell Client

Managing Novell ClientTM requires that you manage users network
connections, passwords, rights and other security issues, etc. All of these
features are available from the Novell Client desktop.
Common Networking Tasks

Novell Client software is integrated with Windows. Features are integrated
into standard Windows interfaces such as My Computer, Network
Neighborhood, Control Panel, and the N icon in the system tray.
Instructions for performing common client tasks are provided under the N
menu:
1 Right-click the N icon.
2 Click Novell Client Help > Novell Client User Guide.
NetWare File Security

NetWare networks restrict access to network files and folders based on user
accounts. For example, a user connected to the network using the
Administrator account might be able to delete or rename a file that other users
can only open and edit.
The NetWare file system keeps track of the rights that users have to files and
directories on the network. When users try to access any file on a NetWare
network, NetWare either grants access or prohibits certain things that users
can do with the file.
Rights are granted and revoked by creating trustee assignments. For more
information, see Changing Trustee Assignments on page 46.

103-000159-001
December 7, 2001
Novell Confidential
45
Manual
99a
38
July 17, 2001
File rights apply only to the file that they are assigned to. The rights can be
inherited from the folder that contains the file. Folder rights apply not only to
the folder but also to the files and folders it contains.
Checking File or Folder Rights

1 In Windows Explorer or Network Neighborhood, right-click the file that
you want to check.

2 Click Properties > NetWare Rights.
3 In the Trustees box, click the user account. The rights to the file or folder
will be displayed on the right-hand side.
Changing Trustee Assignments

You must have the Supervisor right to change trustee assignments.
1 In Windows Explorer or Network Neighborhood, right-click the file that
you want to check.

3 Add trustees, remove trustees, or change the rights granted to trustees as
needed.
Trustee assignments override inherited rights.
To change an Inherited Rights Filter, click the Inherited Rights and Filters
button on the NetWare Rights property page.
Combining Multiple Trustees

As an administrator, you might need to apply the same trustee assignments to
a group of selected files. You can combine trustee assignments by checking
the Combine Multiple Trustees check box on the NetWare Rights page.
1 In Windows Explorer or Network Neighborhood, click a file.
2 Press and hold Control while clicking additional files.
3 Right-click the selected files.
The Combine Multiple Trustees check box is enabled.
46

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
This check box is available only if youre viewing the NetWare rights for
multiple files or folders. Additionally, at least one of the files or folders
must have at least one trustee assignment. The trustees and rights shown
are the combined trustees and rights for all the files.
5 Check or uncheck the check box.
If you check Combine Multiple Trustees, the trustee assignments that are
shown will apply to all selected files after you click OK or Apply.
6 Click OK.
For example, Kim is a trustee of FILE_A and FILE_B. Kim has Read, File
Scan, and Access Control rights for FILE_A and Read and File Scan rights for
FILE_B. If you select FILE_A and FILE_B and view their properties, Kim is
shown as a trustee with Read, File Scan, and Access Control rights.
If you check Combine Multiple Trustees and then click OK, Kim is given the
Access Control right for FILE_B. Therefore, Kim now has Read, File Scan,
and Access Control rights for both FILE_A and FILE_B.
Setting Up AutoAdminLogon for Windows NT/2000/XP

Windows NT, Windows 2000, and Windows XP can automate the logon
process by storing passwords and other pertinent information in the Registry
database.
WARNING: There is a security risk to using the AutoAdminLogon feature.
Usernames and passwords in the registry are visible to users. This feature also
allows other users to start the computer and use the account to automatically logon
even if the workstation is locked. Refer to the Microsoft recommendations on when
to use AutoAdminLogon.
Use Registry Editor (REGEDIT.EXE) to add the needed logon information.

WARNING: Using Registry Editor incorrectly can cause serious, systemwide
problems that might require reinstalling Windows NT or Windows 2000 to correct

them.
HINT: To bypass the AutoAdminLogon process, and to log in as a different user,
hold down the Shift key after a logout or after a Windows NT restart.

103-000159-001
December 7, 2001
Novell Confidential
47
Manual
99a
38
July 17, 2001
AutoAdminLogon Options
This section lists the options that you can choose from when setting
AutoAdminLogon. To set the options, use the procedure in Setting the
AutoAdminLogon Options on page 50.
Additional information on AutoaAdminLogon may also be available in
Technical Information Document # 10052847 on the Novell Technical
Support Web site (www.support.novell.com).
AutoAdminLogon for Windows Workstation Only
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
WindowsNT\CurrentVersion\Winlogon
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Novell\
Login
AutoAdminLogon=1
AutoAdminLogon=0
DefaultDomain or Local WorkstationName=Name of

Domain or Local Workstation
DefaultUserName=Windows User Name
DefaultPassword=Windows Password for the
DefaultUserName specified above
AutoAdminLogon for Windows Workstation and NetWare

Login
AutoAdminLogon=1
AutoAdminLogon=1

DefaultLocationProfile=Name of the Location

Profile that contains the information about the
Novell User to log in to the NetWare network such
as Username, Tree, Context, Server, etc.

DefaultPassword=Novell Password for the

DefaultUserName specified in the Location Profile
Location profiles allow you to save a users specific login information. The
profile automatically sets up login information such as the users name, server,
tree, context, login script, and other applicable information so that the user
48

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
does not have to type this information. For more information, see Setting Up
Location Profiles on page 36.
NOTE: The NT Credential information in the Location Profile will not be used. The
NT user information in the registry will be used instead.
AutoAdminLogon for NetWare Only Using Dynamic Local User (DLU) for Windows
Login
AutoAdminLogon=0
AutoAdminLogon=1
Location profiles allow you to save a users specific login information. The
profile automatically sets up login information such as the users name, server,
tree, context, login script, and other applicable information so that the user
does not have to type this information. In this case, the location profile must
specify an NDS user with Dynamic Local User (DLU) privileges on the
Windows NT or Windows 2000 workstation. For more information, see
Setting Up Location Profiles on page 36.
AutoAdminLogon for Windows and Query for NetWare
Login
AutoAdminLogon=1
AutoAdminLogon=0

AutoAdminQueryNDS=1


103-000159-001
December 7, 2001
Novell Confidential
49
Manual
99a
38
July 17, 2001
AutoAdminLogon for NetWare under Terminal Server

Login
AutoAdminLogon=1
Turn Off AutoAdminLogon

Login
AutoAdminLogon=0
AutoAdminLogon=0
Setting the AutoAdminLogon Options

1 Start Registry Editor (REGEDIT.EXE).
2 Locate the specified Registry keys and set the values as indicated.
If a value does not exist, click Edit > New > String Value, type the name
of the value, and then press Enter.
IMPORTANT: If no DefaultPassword string is specified, the value of the
AutoAdminLogon key is automatically changed from 1 (true) to 0 (false), disabling

the AutoAdminLogon feature.
3 Exit the Registry Editor and log out of Windows NT or Windows 2000.
Changing Passwords in NetWare Login with AutoAdminLogon

If AutoAdminLogon is enabled, be careful when running the NetWare Login
utility from the icon in the NetWare (Common) group. When run as a
standalone utility from the icon, NetWare Login does not recognize that the
workstation is running AutoAdminLogon.
50

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If the primary connections password expires when running NetWare Login

from the icon, the user will be given the chance to synchronize all NetWare
and NT passwords. Make sure that users do not synchronize the NT password,
because NetWare Login does not update the Registry setting for
AutoAdminLogon.
Uninstalling Novell Client

You can uninstall the Novell Client by using the uninstall utility or by
selecting Remove in Network Properties.
For Windows 95/98, double-click the uninstall utility (UNC32.EXE)
located in the WIN95\language_directory\ADMIN directory.
For Windows NT, in the Network Properties, click Services > Novell
Client for Windows NT/2000 > Remove, and then click Yes.
For Windows 2000/XP, right-click My Network Places, click Properties,
right-click Local Area Connection, and then Properties > Novell Client >
Uninstall.

103-000159-001
December 7, 2001
Novell Confidential
51
Manual
52

103-000159-001
December 7, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
Printing to a Network Printer

Printer setup can be automated so that users workstations attach to the
network printers they use each time users log in to the network. Users can use
the network printers without having to manually connecting to the printer
every time they want to print.
After connecting to a network printer, users can select the printer from any
application that they are using. See the applications documentation for
information on using printers.
Attaching to a Network Printer

A printer driver for each type of printer must be installed on the workstations.
Users can set up network printing on a workstation by specifying the name of
the printer in any of the following programs:
Windows Add Printer Wizard
Novell Capture Printer Port
The following can automate printer connections so that the computer connects
to network printers each time a user log in:
NetWare Login Script
NT/2000 Restore Connections
NT/2000 Logon Script

103-000159-001
December 7, 2001
Novell Confidential
53
Manual
99a
38
July 17, 2001
Setting Up Network Printing

1 Click Start > Settings > Printers.
2 Double-click Add Printer.
3 Click Network Printer Server > Next.
4 Select a printer you want to use from the Shared Printers box.
For NetWare 4 or later (NDS) networks, double-click Novell

Directory Services and find the context for the printer. Then select
a Printer object from the list.
For NetWare 3.x and bindery networks, double-click NetWare

Servers. Then, double-click the name of the server that supports the
queues you want to use and select the queue.
5 Click OK.
6 (Conditional) If a dialog box prompts you to install a driver for the
printer, click OK and install it.

6a Select the name of the printer from the Driver box and then click OK.
6b Enter the path to the printer driver and then click OK.
7 Run an application and select the network printer when you print.
Specifying Capture Settings with Windows Printing

Windows does not require captured printer ports to print to a network printer.
Windows can use print devices that are associated with network printers. This
allows applications to print directly to a network printer.
The CAPTURE utility does not affect Windows printer devices.
Captures are global. If you capture a printer port, the port is available for
network printing from anywhere in Windows.
Use the Capture Settings dialog box to specify printer settings for print
captures created with Windows. This can be useful if you want to use a DOS
or Windows 3.x application that relies on print captures and you cant put the
capture in a login script.
To access the Capture Setting dialog box, complete the following steps:
1 Right-click the N icon in the system tray.
2 Click Novell Capture Printer Port.
54

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
3 Enter the correct information in the dialog box.

4 Click Settings.
These settings apply only to printer ports that are captured from Windows.
Printer ports that are captured in a login script or from the command line do
not use these settings.
These settings do not apply to printers that appear in the Windows Printers
folder.
Changing the printer settings for a specific captured printer port does not
change the default printer settings.
Setting Up Point and Print

1 Get the printer driver files.
Get the Windows operating system CD-ROM or the Windows printer

driver files supplied by the printers manufacturer.
2 Log in as Admin or as a user with Admin-equivalent rights for the printer
or print queue.
3 Select a printer or print queue in the Windows Explorer or Network
Neighborhood.
4 Click File > Properties > Setup Point and Print.
5 Specify the path for the printer driver files.
You must be logged in to the tree or server where the path is located. You
must also have sufficient rights for the specified directory to copy the files
there. Users need Read and File Scan rights for the specified directory.
6 Click Select Printer Model.
7 Select the manufacturer of the printer.
8 Select the model of the printer.
9 Click OK.
The printer driver files are copied to the path specified in Step 5.
10 Click OK again.

103-000159-001
December 7, 2001
Novell Confidential
55
Manual
99a
38
July 17, 2001
Printing DBCS Characters from DOS in Windows NT/

2000
In Windows NT and Windows 2000, the default command window runs as a
32-bit process. In order to use the existing DOS printer driver for DOSintrinsic commands, you must use a 16-bit command window.
This allows DOS-intrinsic commands such as COPY, TYPE, etc., to use the
print driver.
The following instructions explain how to set up NT to support this. These
instructions also set up the NT system to support the printer driver for DOS
applications.
1 Edit the AUTOEXEC.NT file, found in the
%SYSTEMROOT%\SYSTEM32 directory, adding the DOS printer

driver for your specific printer. Add the printer driver after the following
line:
%SYSTEMROOT%\SYSTEM32\VLMSUP.EXE
Make sure that you copy the printer driver to the path you specify in the
AUTOEXEC.NT file.
2 Save a copy of the WINNT_DIRECTORY\SYSTEM32\CONFIG.NT file
with another filename, such as CONFIG.PRT.

3 Edit the new CONFIG file, adding the DOSONLY command to the file.
4 Continue the setup process using the instructions for your specific version
of Windows NT.
4a Create a shortcut to the COMMAND.COM program, found in the
WINNT_DIRECTORY\SYSTEM32 directory.
4b Right-click the shortcut icon and then click Properties.
4c On the Program property page, click Windows NT and enter the
paths for the CONFIG and AUTOEXEC files that you created in
Steps 1 and 2.
4d Double-click the shortcut icon. A DOS window will open.
Only DOS applications can be run from this window, but anything that is
printed will be rendered by the printer driver that you installed. Any DOS
commands that affect the print driver must be entered in this window. DOS
applications can be started by any method.
56

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Disabling NetWare Login Dialog Boxes Brought Up by

the Print Provider
If users log in to a workstation but do not log in to NetWare and they have
NetWare printers installed, they will be prompted to log in to NetWare once
by the QMS print provider and once by the NDPS print provider. These login
dialog boxes can be disabled if desired.
Windows NT/2000/XP
Windows NT/2000/XP has two registry setting options for disabling login
dialog boxes:
If you set
HKLM\SOFTWARE\Novell\Print\Delay Login\Delay Login=1
the print provider tells Windows that the printer is a NetWare printer even
though the user is not authenticated. Then, the provider waits for an action
that requires authentication is detected before displaying a login dialog
box.
If you set
HKLM\SOFTWARE\Novell\Print\Never Login\Never Login=1
the print provider never displays the NetWare login dialog, and print jobs
sent prior to authentication fail. A message similar to the following is
displayed:
"Error writing to \\TREE\QUE.context: A write fault
occurred on the network. Do you wish to retry or cancel
the job?"
Windows 95/98
Windows 95/98 has two registry setting options for disabling login dialog
boxes:
If you set
HKLM\SOFTWARE\Novell\Print\Never Login\Never Login=1
the print provider never displays the NetWare login dialog. Print jobs will
succeed, but the printer will go offline. To print, you must log in to

103-000159-001
December 7, 2001
Novell Confidential
57
Manual
99a
38
July 17, 2001
NetWare and then manually turn the printer online by opening the
Printers folder, right-clicking the printer, and deselecting Print Offline.
If you set
HKLM\SOFTWARE\Novell\Print\Never
Login\UserDialupSettings=1
the print provider sets Never Login to the dial-up connection settings and
attempts to print.
NOTE: This functionality is available only in Windows 95B or later.
58

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Login Script Commands and

Variables
This appendix lists login script commands alphabetically and by the type of
tasks the commands perform. It also contains a list of identifier variables used
in login scripts.
Before implementing any commands or variables, make sure you understand
basic login script conventions. See Login Script Conventions on page 59
and Using Identifier Variables on page 62.
NOTE: Commands that work only on DOS or Windows 3.x workstations have not
been included. These commands include CLS, COMSPEC, DOS VERIFY,

MACHINE, NOSWAP, and SWAP. For information on using these commands, see
the help file that accompanies the Novell ClientTM for DOS and Windows 3.x
software.
Login Script Conventions

The following table explains the conventions you should follow when creating
login scripts.
Convention
Explanation
Minimum login script
No minimum. All types of login scripts are optional. Login scripts

can vary from one line to many. There are no required
commands.
Case
Either uppercase or lowercase is accepted. Exception: identifier

variables enclosed in quotation marks and preceded by a
percent sign (%) must be uppercase. See Using Identifier
Variables on page 62.

103-000159-001
December 7, 2001
Novell Confidential
59
Manual
99a
38
July 17, 2001
Convention
Explanation
Characters per line
Maximum 512 characters per line, including any variables after

they are replaced by their values; 78 characters per line
(common screen width) is recommended for readability.
Punctuation and symbols
Type all symbols (#, %, ", _) and punctuation exactly as shown

in examples and syntax.
Commands per line
Use one command per line. Start each command on a new line;
press Enter to end each command and start a new command.
Lines that wrap automatically are considered one command.
Sequence of commands
Generally, enter commands in the order that you want them to

execute, with the following restrictions:
ATTACH commands (NetWare 3 only) must precede related
MAP commands to avoid prompting the user for a username/
password during login (see ATTACH on page 69).
If you use # (see # on page 67) or @ (see @ on page 68) to
execute an external program, the command must follow any
necessary MAP commands. If sequence is not important, group
similar commands, such as MAP and WRITE commands,
together to make the login script easier to read.
Blank lines
Blank lines dont affect login script execution. Use them to

visually separate groups of commands.
Remarks (REMARK, REM,

asterisks, and semicolons)
Lines beginning with REMARK, REM, an asterisk (*), or a

semicolon (;) are comments, which dont display when the login
script executes (see REMARK on page 83).
Use remarks to record the purpose of each command or group
of commands or to temporarily keep certain lines from
executing.
Identifier variables
60
Type identifier variables exactly as shown. To display the value

of an identifier variable as part of a WRITE command, you must
enclose the identifier in quotation marks and precede it by a
percent sign (%). See Using Identifier Variables on page 62.

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Convention
Explanation
NDS Attribute Values
Any NDS attribute value can be read from a login script,

including extended names. The syntax for accessing NDS
attributes is identical to common script variables with a few
exceptions:
The NDS attribute must be at the end of the string.
If multiple variables are required, they must be in separate
strings.
You must use the actual NDS attribute value names. You
cannot use localized names or nicknames. Some common
NDS attribute names are listed in Using Identifier Variables
on page 62.
You must have the Read right to read the value of objects
other than values associated with your own User object.
If the name contains a space, you can replace it with an
underscore (_) but it is not required. Both of the following
examples are correct syntax:
map n %home directory
map n %home_directory.
NDS Object Mappings
NDS objects such as cluster-enabled volumes can be mapped

in the login script using the objects fully distinguised name and
context preceeded by a leading dot (.).
To map to a cluster-enabled volume, you would use the
following syntax:
MAP N:= .NDS object's fully distinguished name
including context
For example:
MAP N:= .cluster2_vol1.xyz.provo.novell
For more information on mapping, see MAP on page 80.

103-000159-001
December 7, 2001
Novell Confidential
61
Manual
99a
38
July 17, 2001
Using Identifier Variables

Many login script commands allow you to take advantage of identifier
variables to make login scripts more efficient and flexible.
Use identifier variables to enter a variable (such as LAST_NAME) rather than
a specific name (such as Smith) in a login script command. When the login
script executes, it substitutes real values for the identifier variables.
By using the variable, you can make the same login script command
applicable to multiple users.
When using variables within login script commands, observe the following
conventions:
Type the variable exactly as shown.
To use environment variables as identifiers, enclose them in angle
brackets (< >).
Identifier variables are used most often with commands such as
IF...THEN, MAP, and WRITE. They can also be used with commands
that you can specify a path for, such as COMSPEC.
Identifier variables can be placed within literal text strings in a WRITE
statement. However, the identifier variable must be in uppercase letters
and preceded by a percent sign. (Literal text is the text that is displayed
on the screen, such as Sales report is due today. Literal text must be
enclosed in quotation marks.)
For example, using the %LAST_NAME variable substitutes the users actual
last name for the LAST_NAME variable in the command when the user logs
in. For example,
WRITE "HELLO, "%LAST_NAME
displays the following message on Bob Smiths workstation screen when he

logs in:
Hello, SMITH
Using the %GREETING_TIME variable displays the time of day. If Bob

Smith logs in during the morning, both of the following lines display the same
message (Good morning, SMITH) on his screen:
WRITE "Good "; GREETING_TIME;", "; LAST_NAME
WRITE "Good %GREETING_TIME,%LAST_NAME"
62

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The following table lists the identifier variables.

Category
Identifier Variable
Function
Date
DAY
Day number (01 through 31)
DAY_OF_WEEK
Day of week (Monday, Tuesday, etc.)
MONTH
Month number (01 through 12)
MONTH_NAME
Month name (January, February, etc.)
NDAY_OF_WEEK
Weekday number (1 through 7; 1=Sunday)
SHORT_YEAR
Last two digits of year (99, 00, 01)
YEAR
All four digits of year (1999, 2000, 2001)
AM_PM
a.m. or p.m.
GREETING_TIME
Time of day (morning, afternoon, evening)
HOUR
Hour (12-hour scale; 1 through 12)
HOUR24
Hour (24-hour scale; 00 through 23)
MINUTE
Minute (00 through 59)
SECOND
Second (00 through 59)
CN
Users full login name as it exists in NDS
LOGIN_ALIAS_CONTEXT
"Y" if REQUESTER_CONTEXT is an alias
FULL_NAME
Users unique username. It is the value of the

FULL_NAME property for both NDS and binderybased NetWare. Spaces are replaced with
underscores.
LAST_NAME
Users surname in NDS or full login name in

bindery-based NetWare
LOGIN_CONTEXT
Users context
LOGIN_NAME
Users unique login name (long names are

truncated to eight characters)
Time
User

103-000159-001
December 7, 2001
Novell Confidential
63
Manual
99a
38
Category
Identifier Variable
Function
User (contd.)
MEMBER OF "group"
Group object that the user is assigned to
NOT MEMBER OF "group"
Group object that the user is not assigned to
PASSWORD_EXPIRES
Number of days before password expires
REQUESTER_CONTEXT
Context when login started
USER_ID
Number assigned to each user
FILE_SERVER
NetWare server name
NETWORK_ADDRESS
The internal number assigned by the network

specifying where a device can be located in the
network cabling system
MACHINE
Type of computer (IBM_PC, etc.)
NETWARE_REQUESTER
Version of the NetWare RequesterTM for OS/2 or

VLMTM users
OS
Type of operating system on the workstation
OS_VERSION
Operating system version on the workstation
P_STATION
Workstations node number (12-digit

hexadecimal)
PLATFORM
Workstations operating system platform
SHELL_TYPE
Version of the workstations DOS shell; supports

NetWare 2 and NetWare 3 shells and NetWare 4
Requester for DOS.
SMACHINE
Short machine name (IBM*, etc.)
STATION
Workstations connection number
WINVER
Version of the workstations Windows operating

system
DIALUP
0 = Not using dialup
Network
Workstation
NetWare
MobileTM
1 = Using NetWare Mobile Client dialup profile

OFFLINE
0 = Not offline
1 = Disconnected login
64
July 17, 2001

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Category
Identifier Variable
Function
DOS
Environment
<variable>
Any DOS environment variable can be used in

angle brackets. To use a DOS environment
variable in MAP, COMSPEC, and FIRE
PHASERS commands, add a percent sign (%) in
front of the variable.
Miscellaneous
ACCESS_SERVER
Shows whether the access server is functional

(TRUE = functional; FALSE = nonfunctional)
ERROR_LEVEL
An error number (0 = no errors)
%n
Replaced by parameters the user enters at the

command line with the login utility
See Login Parameters with %n Variables on
page 65.
Object Properties
property_name
You can use property values of NDS objects as

variables. Use the property values just as you do
any other identifier variable. If the property value
includes a space, enclose the name in quotation
marks.
To use a property name with a space within a
WRITE statement, you must place it at the end of
the quoted string:
WRITE"Given name=%GIVEN_NAME"
IF"MESSAGE SERVER"="MS1" THEN MAP INS
S16:=MS1\SYS:EMAIL END
Login Parameters with %n Variables

Some variables in a login script can be indicated by a percent sign (%)
followed by a number from 0 through 9.
NOTE: Only four variables (%2 through %5) can be changed in the login screen.
When a user logs in, additional parameters can be entered that the login utility
passes to the login script. The login utility then substitutes these parameters
for any %n variables in the login script. These variables are replaced in order
by the parameters the user entered when logging in.
The %0 variable is replaced by the name of the NetWare server entered in the
login dialog box, and %1 is replaced by the users fully distinguished login

103-000159-001
December 7, 2001
Novell Confidential
65
Manual
99a
38
July 17, 2001
name. The remaining variables change, depending on what the user types
when executing the login utility. The %n variables must precede all command
line options.
The SHIFT on page 86 login script command allows you to change the order
in which these %n variables are substituted.
Login Scripts Commands by Task

This list identifies which specific login script commands to use, depending on
what you need your login scripts to accomplish.
Network Connection and Access to Resources

ATTACH (page 69)
CONTEXT (page 70)
DRIVE (page 71)
MAP (page 80)
TREE (page 89)
Login Script Execution

BREAK (page 70)
FIRE or FIRE PHASERS (page 73)
GOTO (page 74)
IF...THEN (page 75)
INCLUDE (page 78)
NO_DEFAULT (page 82)
PAUSE (page 82)
PROFILE (page 83)
SCRIPT_SERVER (page 84)
SHIFT (page 86)
66

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Workstation Environment
SET (page 84)
SET_TIME (page 86)
Text File Usage

@ (page 68)
# (page 67)
DISPLAY (page 71)
EXIT (page 72)
FDISPLAY (page 72)
TERM (page 88)
WRITE (page 90)
Other
LASTLOGINTIME (page 80)
REMARK (page 83)
#
Use the # command to execute a program that is external to the login script.
The # command executes an external program and waits until it is finished
running before continuing with other login script commands.
This command fails when
The given directory is invalid
Proper security rights are lacking
The executable file cannot be found
Insufficient workstation memory is available to load the file
IMPORTANT: Use the @ command instead of the # command to run an external
program from a login script if that external program will remain open for any length
of time. Otherwise, the login script will remain open until that external program is
closed. (Login scripts cannot be edited while they are open.)

103-000159-001
December 7, 2001
Novell Confidential
67
Manual
99a
38
July 17, 2001
Command Format
# [path] filename [parameter]
Replace path with a drive letter or, if you have specified NOSWAP on the
command line or in the login script, you can replace variable with a full
directory path beginning with the NetWare volume name.
Replace filename with an executable file (files that end in .EXE, .COM, or
.BAT, for example). It isnt necessary to include the extension, but doing so
can speed up the execution of the external program.
Replace parameter with any parameters that must accompany the executable
file.
Example
You can use Automatic Client Update (ACU) to update Novell ClientTM
software without having to physically visit each workstation and manually
update the software.
ACU uses a text file that can be called from the login script. To call this file
from the login script for a workstation running Novell Client for Windows
NT/2000, place one of the following commands in the login script:
#Z:\PUBLIC\INSTALL\NTCLIENT\SETUPNW.EXE /ACU
or
#\\[SERVER]\[VOLUME]\PUBLIC\INSTALL\NTCLIENT\SETUPNW.EXE
/ACU
@
Use the @ command to execute a program that is external to the login script
and then continue with the script (similar to the Startup group). Enter the @
command followed by the name of the file that you want to execute.
IMPORTANT: Use the @ command instead of the # command to run an external
program from a login script if that external program will remain open for any length
of time. Otherwise, the login script will remain open until that external program is
closed. (Login scripts cannot be edited while they are open.)
This command fails when

The given directory is invalid
Proper security rights are lacking
68

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The executable file cannot be found

Insufficient workstation memory is available to load the file
Command Format
@ [path] filename [parameter]
Replace path with a drive letter.

Replace filename with an executable file (files that end in .EXE, .COM, or
.BAT, for example). Do not include the extension.
Replace parameter with any parameters that must accompany the executable
file.
Examples
If you want to start the GroupWise program from within the login script, you
must have a search drive mapped to where the GroupWise application is
stored. Enter the following command in the login script:
@GRPWISE5
You do not need to enter a path in this case, because the executable program
file for GroupWise 5 (GRPWISE5.EXE) is located in a search drive.
If you do not have a search drive mapped to the directory where the program
is located, include the path to that directory in the command. For example, if
the program to run GroupWise 5 is located in the APPS directory on drive G,
use the following command:
@SYS:\APPS\GRPWISE5
ATTACH
Establishes a connection between a workstation and a NetWare server. If the
server is not in the current tree, a bindery connection is made.
In networks running NetWare 3 or earlier versions, use the ATTACH
command to connect to multiple file servers. In NetWare 4 and later, users no
longer need to attach separately to multiple servers and do not need to use the
ATTACH command. If users want to connect to multiple trees, use the TREE
command (see TREE on page 89).
HINT: To create persistent drive mappings, use the MAP command (see MAP on
page 80).

103-000159-001
December 7, 2001
Novell Confidential
69
Manual
99a
38
July 17, 2001
BREAK
Use BREAK ON to allow the user to terminate execution of the login script.
The default is BREAK OFF. If BREAK ON is included in a login script, the
user can press Ctrl+C or Ctrl+Break to abort the normal execution of the login
script.
NOTE: When the BREAK option is ON, type-ahead keyboard input is not saved to
the buffer.
Command Format
BREAK ON|OFF
CONTEXT
Use CONTEXT to set a users current context in the NDS tree. Similar to the
CX utility in DOS, you can enter a complete name to move down through the
context, or you can use periods to move up toward the root of the tree.
However, CONTEXT does not support all options that the CX workstation
utility does; CONTEXT only sets the context.
Command Format
CONTEXT context
To change the current NDS context, replace context with the context that you
want the user to see after login.
Example
To change the context to the Organizational Unit SALES, under the
Organization NOVELL_US, add the following line to the login script:
CONTEXT .SALES.NOVELL_US
You can type a single period instead of a container name to indicate that you
want to move up one level.
For example, if you are in the context SALES.NOVELL_US and you want to
move up one level to the context NOVELL_US, add the following line to the
login script.
CONTEXT .
To move up two levels, enter two periods, etc.

70

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
DISPLAY
Use DISPLAY to show the contents of a text file when the user logs in.
When you use DISPLAY, all characters in the file, including any printer and
word processing codes, appear. This command works best with an ASCII file.
To display only the text and suppress codes, use FDISPLAY on page 72.
NOTE: If the given path does not exist or if the file is not found, no error message
appears on the screen when the user logs in.
Command Format
DISPLAY [path] filename
Replace path with either a drive letter or a full directory path beginning with
the NetWare volume name.
Replace filename with the complete name (including the extension) of the file
that you want to display.
Example
Suppose you put messages in a file called SYSNEW.TXT in the
SYS:PUBLIC\MESSAGES directory, and you want your users to see the
messages when they log in on Monday. Add the following lines to the
container login script:
IF DAY_OF_WEEK="Monday" THEN
DISPLAY SYS:PUBLIC\MESSAGES\SYSNEWS.TXT
END
DRIVE
Use DRIVE to change the default drive while the login script is executing.
If this command is not included in the login script, the default drive will be set
to the first network drive, which is often assigned to the users home directory
upon login.
If you dont want the default drive to be the first network drive, map a drive
in the login script to the directory you want to be the default; then use the
DRIVE command to change the default drive.

103-000159-001
December 7, 2001
Novell Confidential
71
Manual
99a
38
July 17, 2001
Instead of specifying a drive letter such as F: or G:, you can use an asterisk
followed by a number n to represent the nth network drive (for example, *3).
This allows drive letters to reorder themselves automatically if previous drive
mappings are deleted or added.
Command Format
DRIVE [drive |*n]
Replace drive with a local or network drive letter, or replace n with a drive
number. The use of either is dependent on their already being assigned within
the login script.
Example
Suppose a user will be working on only one project for several days and the
files for that project are located on drive S:. Use the DRIVE command to set
the default drive to S: so that the user doesnt have to change the default drive
manually after each login.
First, make sure drive S: is mapped to the correct directory in the users login
script. Then enter the following command in the login script:
DRIVE S:
EXIT
Use EXIT to terminate execution of the login script.
IMPORTANT: You cannot use EXIT in a login script to stop the login script and
execute a program. EXIT only terminates the execution of the login script. If you
want to execute a program after exiting the login script, you must use two
commands: # on page 67 or @ on page 68 followed on the next line by EXIT.
FDISPLAY
Use FDISPLAY to show the text of a word processing file when the user logs
in.
To display both the text and the printer and word processing codes of a file, or
to display an ASCII file, see DISPLAY on page 71.
When you use FDISPLAY to display a word processing file, the text is filtered
and formatted so that only the text is displayed. FDISPLAY will not display
tabs.
72

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NOTE: If the given path does not exist or if the file is not found, no error message
appears on the screen when the user logs in.
Command Format
FDISPLAY [path] filename
Replace path with either a drive letter or a full directory path beginning with
the NetWare volume name.
Replace filename with the complete name (including the extension) of the file
that you want to display.
Examples
Suppose you put messages in a file called SYSNEWS.TXT in the
SYS:PUBLIC\MESSAGES directory, and you want your users to see this file
on their screens when they log in on Monday.
Add the following lines to the container login script:
IF DAY_OF_WEEK="Monday" THEN
FDISPLAY SYS:PUBLIC\MESSAGES\SYSNEWS.TXT
END
FIRE or FIRE PHASERS

FIRE or FIRE PHASERS emits a phaser sound by playing the
PHASERS.WAV sound file.
Use this command to generate the phaser sound whenever a user logs in. Use
FIRE or FIRE PHASERS with the IF...THEN command to make the sound
execute a different number of times depending on the circumstances of the
login.
Command Format
FIRE n soundfile
Replace n with the number of times that you want this sound to occur.
Replace soundfile with the name of the sound file that you want to play when
this command is executed. (The sound file variable cannot be used on DOS
workstations.) You can use any .WAV or platform-compatible sound file.

103-000159-001
December 7, 2001
Novell Confidential
73
Manual
99a
38
July 17, 2001
Examples
The following line executes the phaser sound four times upon login:
FIRE 4
The following line executes the rifle sound three times upon login:
FIRE 3 RIFLE.WAV
To use a variable as the number of times to fire, use % before the variable, as
follows:
FIRE %variable
For more information about using variables, see Using Identifier Variables
on page 62.
GOTO
Use GOTO to execute a portion of the login script out of the regular sequence.
Set BREAK ON in your login script before experimenting with GOTO loops
so that you can break out of a login script if necessary. See BREAK on page
70.
IMPORTANT: Do not use GOTO to enter or exit a nested IF...THEN (page 75)
statement. This usage causes problems for the program.
Command Format
GOTO label
Use label to indicate where the login script should continue executing.
Example
To execute a loop of commands, include the following lines in the login script.
In this case, the commands to be executed are labeled AGAIN (as indicated in
the second line).
SET X="1"
AGAIN:
SET X=<X> + "1"
;see compound strings for this
WRITE <X>
IF <X> < "9" THEN GOTO AGAIN
74

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The GOTO command looks at the value of <X> (a DOS environment

variable). If the value of <X> is less than 9, then <X> increments by 1 and
GOTO loops back to the AGAIN label. When <X> gains the value of 9, the
IF...THEN test becomes false, the GOTO is ignored, and the script continues
normally.
IF...THEN
Use IF...THEN to perform an action only under certain conditions.
An example of a conditional statement is
IF MEMBER OF "CLERKS"
In this statement, some action is performed if the user who logged in belongs
to the Group object named CLERKS.
The following is a different type of conditional statement:
IF DAY_OF_WEEK="MONDAY"
In this statement, the equal sign (=) indicates the relationship between the
variable (DAY_OF_WEEK) and its value (Monday). Note that the value
(Monday) is inside quotation marks.
When using IF...THEN statements, be aware of the following syntax rules:
Use AND or OR to include two or more conditionals in an IF...THEN
statement.
Values of conditional statements must be enclosed in quotation marks.
Values of conditional statements are compared with the assumption that
the values are characters, not numeric values. The value of 21, therefore,
would be considered greater than the value of 100 when comparing these
two characters. To ensure the system properly calculates numeric values
instead of character values, use the VALUE modifier in the IF...THEN
statement.
The ELSE statement is optional.
IF, ELSE, and END must be on separate lines. THEN does not need to be
on a separate line.
If you include a WRITE command as part of the IF...THEN command,
the WRITE command must be on a separate line.

103-000159-001
December 7, 2001
Novell Confidential
75
Manual
99a
38
July 17, 2001
IF...THEN statements can be nested (up to 10 levels). However, GOTO

should not be used in a nested IF...THEN statement to enter or exit from
the body of an IF...THEN statement.
If your IF...THEN statement consists of only one line, you do not need to
include END even if that line wraps. If your IF...THEN statement must
be on more than one line (for example, if you used ELSE or WRITE,
which must be on separate lines), you must include END.
Six relationships are possible between the elements of an IF...THEN
statement. Represent these relationships with the following symbols:
= Equals
< > Does not equal
> Is greater than
>= Is greater than or equal to
< Is less than
<= Is less than or equal to
Command Format
IF conditional [AND|OR [conditional]] THEN
commands
[ELSE
command]
[END]
Replace conditional with identifier variables. For information about identifier

variables, see Using Identifier Variables on page 62.
Replace commands with any login script commands that you want to be
executed if the specified condition is true.
Examples
If you place the following command in a login script, the message Status
report is due today appears when the user logs in on Monday and
Have a nice day! on other days:
IF DAY_OF_WEEK="MONDAY" THEN
WRITE "Status report is due today."
ELSE
WRITE "Have a nice day!"
END
76

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The following lines mean If the hour (on a 24-hour scale) is greater than or
equal to 12, then write afternoon:
IF VALUE HOUR24>="12" THEN
WRITE "afternoon"
END
The following command executes the CAPTURE utility on the fourth day of
the week (Wednesday):
IF NDAY_OF_WEEK="4" THEN
#CAPTURE Q=FAST_Q NB TI=10 NFF
END
The following example shows nested IF...THEN statements. Notice that there
are two IF statements, so each one must have its own END statement:
IF DAY_OF_WEEK="MONDAY" THEN
MAP *6:=VOL1:APPL\WP
IF MEMBER OF CLERKS THEN
WRITE "Your report is due immediately!"
END
END
Conditionals can be joined with commas, the word AND, or the word OR to
form compound conditionals.
The first line of the following IF...THEN statement is a compound conditional
that means If it is the evening of the first day of the month:
IF GREETING_TIME="EVENING" AND DAY="01" THEN
WRITE "The system will be backed up tonight."
END
An IF...THEN statement can include several commands that must be executed

if the conditional is true.
The following example shows two commands that are executed on Tuesdays:
a WRITE command that displays a message about a staff meeting, and an
INCLUDE command that tells the login script to process any commands or
messages contained in the file SYS:PUBLIC\UPDATE.TXT.
IF DAY_OF_WEEK="TUESDAY" THEN
WRITE "Staff meeting today at 10 a.m."
INCLUDE SYS:PUBLIC\UPDATE.TXT
END

103-000159-001
December 7, 2001
Novell Confidential
77
Manual
99a
38
July 17, 2001
INCLUDE
Use INCLUDE to execute independent files or another objects login script as
a part of the login script currently being processed.
These subscripts can be text files that contain valid login script commands
(any of the commands explained in this appendix) or login scripts that belong
to a different object you have rights to.
Text files that contain login script commands, as well as other objects login
scripts, can be used as subscripts. Use these subscripts to supplement the main
login script.
You can create and edit text file subscripts using any text editor. Subscripts do
not need to have any particular filenames or extensions.
The INCLUDE command executes the login script commands contained in
the subscript. It does not display the text of the subscripts.
INCLUDE nesting is limited only by available memory. This means that one
subscript file can include another subscript file, which can include yet another
subscript file, etc. In DOS, however, the maximum number of subscript files
that you can nest is 10.
If the subscript is a text file, users must have at least File Scan and Read rights
to the directory containing the subscript.
If you are using another objects login script as a subscript, users must have
the Browse right to the object whose script you are including and the Read
right to the objects Login Script property.
Command Format
INCLUDE [path]filename
or
INCLUDE object_name
To use a text file as a subscript, replace path with either a drive letter or a full
directory path beginning with the NetWare volume name.
Replace filename with the complete name (including the extension) of the text
file.
To execute another objects login script as part of a login script, replace
object_name with the name of the object whose login script you want to use.
78

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Examples
To execute a text file called SCRIPT.NEW (located in volume VOL1) as a
subscript, add the following line to your main login script:
INCLUDE VOL1:ADMIN\USERS\SCRIPT.NEW
Suppose you are creating a container login script for all users under the
Organizational Unit object SALES_LA. You recently created a container
login script for users under the Organizational Unit object SALES_PV.
Youve decided that the SALES_LA users could use the same login script as
the SALES_PV users, but with a few more drive mappings.
In the SALES_LA login script, you could add the additional drive mappings
and then use the INCLUDE command to execute the entire SALES_PV login
script as a part of the SALES_LA login script, as follows:
1. Create an alias for the SALES_PV Organizational Unit in the
SALES_LA Organizational Unit.
2. Add this line to the SALES_LA Organizational Units login script:
INCLUDE .SALES_PV_ALIAS.SALES.NOVELL_US
The following figure illustrates how the INCLUDE command executes the
SALES_PV login script as part of the SALES_LA login script.

103-000159-001
December 7, 2001
Novell Confidential
79
Manual
99a
38
July 17, 2001
LASTLOGINTIME
Use LASTLOGINTIME to display the last time the user logged in.
If you include this command in the login script, the time of the last login is
displayed on the workstation screen.
Command Format
LASTLOGINTIME
MAP
Use MAP to map drives and search drives to network directories or to map to
NDS objects such as cluster-enabled volumes.
If you use MAP to automate drive map assignments during execution of the
login script, users dont need to map drives every time they log in.
If you do not want the result of each mapping to be displayed as it is executed,
add the MAP DISPLAY OFF command at the beginning of the login script.
When all drive map assignments have been completed, add the line MAP
DISPLAY ON and MAP to your login script. This sequence provides a
cleaner display for users as they log in.
Instead of specifying drive letters such as F: or G:, you could use an asterisk
followed by a number n to represent the nth network drive. For example, if the
first network drive is F: then using MAP *3:= would assign H: {1 2 3 = F G
H}. Or, if the first network drive is D:, then using MAP *4:= would assign G:
{1 2 3 4 = D E F G}.
This allows drive letters to reorder themselves automatically when local
drives are removed or added or when the first network drive is changed. This
also allows users to log in from workstations with a different number of local
drives than their regular workstation.
You can map a local drive (usually A: through C:) to a network directory, but
you cannot access the local drive until you remove the network drive mapping.
Do not map over the local drive containing the Windows directory.
Do not map a drive to a network drive such as a CD-ROM drive.
80

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Command Format
MAP [[options]|[parameters][drive:=path]
Replace drive with any valid network drive letter, local drive letter, or search
drive number.
Replace path with either a drive letter, a full directory path, a Directory Map
object, or an NDS object such as a cluster-enabled volume.
More than one command can be on the map line if the commands are separated
by a semicolon ( ; ), as shown in the following example:
MAP *1:=SYS:PUBLIC;*2:=SYS:PUBLIC\DOS
When mapping a drive to a directory on an NDS server, begin the path with
either the Volume object name or server\volume.
When mapping to a directory on a bindery-based server or to an NDS server
that isnt the current server, begin the path with the servers name.
When mapping to an NDS object, use the objects fully distinguised name
preceeded by a leading period (.).
Replace option with one of the following:
DISPLAY ON|OFF determines whether drive mappings are displayed on
the screen when the user logs in. The default setting is ON. This option is
valid only in login scripts.
ERRORS ON|OFF determines whether MAP error messages are
displayed when the user logs in. MAP ERROR OFF must be placed
before MAP commands in the login script. The default setting is ON. This
option is valid only in login scripts.
Replace parameter with one of the following:
INS inserts a drive mapping between existing search mappings.
DEL deletes a drive mapping, making that drive letter available for other
mapping assignments.
ROOT or R maps a fake root. Windows NT and Windows 2000 are
always mapped to the root. Some applications require their executable
files to be located in a root directory.
Because you might not want users to have rights at the root directory, you
can map a fake root to a subdirectory instead.

103-000159-001
December 7, 2001
Novell Confidential
81
Manual
99a
38
July 17, 2001
The Windows NT/2000 native environment forces a map root on all

drives. To prevent a forced map root in a Windows NT/2000
environment, set the MAP ROOT OFF = 1 environment variable. All
drives are then mapped as specified, and only explicit map root drives are
rooted.
C (CHANGE) changes a search drive mapping to a regular mapping or a
regular mapping to a search drive mapping.
P (PHYSICAL) maps a drive to the physical volume of a server rather
than to the Volume objects name.
A Volume object name might conflict with a physical volume name. (For
example, object ACCT is an Accounting volume, but there is also a
physical volume named ACCT.) Therefore, if you prefer to map a drive
to the physical volume name, use MAP P.
N (NEXT) maps the next available drive when used without specifying a
drive number or letter.
NO_DEFAULT
Use NO_DEFAULT in a container or profile login script if you do not want
the default user login script to run and you do not want to create any user login
scripts.
NOTE: If you have created a user login script for a user, that login script executes
whether or not the NO_DEFAULT command is in the container or profile login
script.
Command Format
NO_DEFAULT
PAUSE
Use PAUSE to create a pause in the execution of the login script.
You can add PAUSE to the login script following a message so that the user
has time to read the message before it scrolls off the screen.
If you include PAUSE, the message Strike any key when ready...
appears on the workstation screen. NetWare Login then waits for a key to be
pressed before it executes the rest of the login script.
82

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Command Format
PAUSE
PROFILE
Use PROFILE in a container script to set or override a users assigned or
command line-specified profile script. This is useful when defining a group
profile.
Command Format
PROFILE profile_object_name
Example
To override the profile script assigned to a user, and to cause the user to
execute a PROFILE script called team_profile, use the following command:
PROFILE team_profile
REMARK
To include explanatory text in the login script or to keep a line from being
executed during testing, begin a line with REMARK, REM, an asterisk ( * ),
or a semicolon ( ; ). Any text that follows these symbols is ignored when
NetWare Login executes the login script. Remarks do not appear on the
screen.
IMPORTANT: This command and its associated text must be the only entry on a
line. Placing remarks on the same line as other login script commands can cause
errors.
If a remark is several lines long, begin each line with the remark keyword.
Command Format
REM[ARK] [text]
or
* [text]
or

103-000159-001
December 7, 2001
Novell Confidential
83
Manual
99a
38
July 17, 2001
; [text]
Replace text with the comment you want to include in the login script.
Example
The following are examples of explanatory text that you might use with the
REMARK command and its variants:
* This is Richards login script
; Mapped network drives follow:
REM The next mapping is a fake root.
REMARK This login script is for new users.
SCRIPT_SERVER
NetWare 2 and NetWare 3 users can use SCRIPT_SERVER to set a home
server where the bindery login script is read from.
SCRIPT_SERVER has no effect on NetWare 4 and later users.
Command Format
SCRIPT_SERVER server_name
SET
Use SET to set an environment variable to a specified value.
When you use SET in a login script, you must enter quotation marks (" ")
around values.
If a variable is set to a path that ends in a backslash and double quote (\"), these
two characters are interpreted as an embedded quote preceded by an escape
character. To avoid this problem, use two backslashes before the ending
double quotes (\\").
You do not need to include SET commands in login scripts. For example, you
might decide place some SET commands in the workstations
AUTOEXEC.BAT file. Where you use SET commands depends upon your
individual needs.
84

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
This command does not work in a login script if the DOS workstations
environment is too small. In this case, you should set the environment size in
the CONFIG.SYS file.
After you use the SET command to set a value for an environment variable,
you can use that variable in other login script commands.
To include an environment variable as an identifier variable in a command,
enclose the name of the variable in angle brackets (for example, <emailuser>).
Command Format
[TEMP] SET name="value"
Replace name with an environment parameter that identifies the environment

you want to change.
Replace value with identifier variable substitutions. Values must be enclosed
in quotation marks.
To change the environment for the login script, but not for the workstation
itself after the login script has finished executing, use the optional keyword
TEMP.
Examples
You can use SET to make a prompt display the current directory path (such as
F:\HOME\MARY>) rather than just the drive letter. To do this, add the
following line to the login script:
SET PROMPT="$P$G"
$P lists the current directory path and $G displays a greater-than sign (>).
To set a path for a program called DAILY, which is in the REPORTS
subdirectory under drive G:, you would add the following line:
SET PATH="G:\REPORTS\DAILY"
This sets the variable PATH to G:REPORTS\DAILY.

Setting the variable PATH in the login script removes any search drives
previously assigned. Use SET PATH only before you map search drives. SET
PATH also overwrites any paths set in the users AUTOEXEC.BAT file.
To display this path, you can include PATH as an identifier variable in a
WRITE command by enclosing the variable (not the value) in angle brackets.

103-000159-001
December 7, 2001
Novell Confidential
85
Manual
99a
38
July 17, 2001
For example, the following line displays My path is

G:\REPORTS\DAILY:
WRITE "My path is ";path
To include an environment variable in a MAP command, precede the variable

with a percent sign (%). For example, you could include the following lines in
a login script to set and map a drive to the variable NWS:
SET NWS="C:\XYZ"
MAP S16:=%<NWS>
SET_TIME
Use SET_TIME to set the workstation time equal to the time on the NetWare
server that the workstation first connects to.
If you set SET_TIME to OFF in the login script, the workstation time does not
update to the servers time.
Command Format
SET_TIME ON|OFF
SHIFT
Use SHIFT to change the order in which %n variables are interpreted in the
login script. SHIFT allows users to enter login parameters in any order. For
more information on %n variables, see Login Parameters with %n Variables
on page 65.
You can shift up to 10 login script variables from %0 to %9.
When users execute NetWare Login, they can include additional parameters.
Each of these parameters is assigned a %n variable; in this way, the
parameters real value can be substituted for the %n variable that appears in
the login script.
In the login script, you can add SHIFT with a positive or negative number to
move the variables in either direction. For example, SHIFT -3 moves each %n
variable three positions to the right.
86

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Command Format
SHIFT [n]
Replace n with the number of places that you want the variable to shift. The
default is SHIFT 1.
Examples
When Mary logs in, she wants to access her word processing program, change
the way it is set up, and map a drive to her work directory called ACCNTS.
Mary also has a command in her login script to map a drive to her
DATABASE directory, but she does not need it today. The commands in
Marys login script are shown here:
:LOOP
IF "%2"="WP" THEN
SET WP="\U-CML\B-10\D"
MAP S16:=SYS:APPL\WP\SETUP
END
IF "%2"="ACCNTS" THEN MAP G:=SYS:ACCNTS
IF "%2"="DATABASE" THEN MAP S16:=SYS:APPL\DATABASE
SHIFT
IF "%2"<>"" THEN GOTO LOOP
(In the last line,

IF "%2" < >
is followed by closed quotation marks, which means If %2 isnt blank.)

With these commands in her login script, and assuming a command line login,
Mary can log in to the primary file server (named FS1) using her username,
MARY, as follows:
LOGIN FS1\MARY WP ACCNTS
The parameters in Marys login command are given the following values:
%0=FS1
%1=MARY
%2=WP
%3=ACCNTS
Marys login script looks for %2, which is WP, and sets the word processing
environment. Then the login script shifts the variables one to the left so that

103-000159-001
December 7, 2001
Novell Confidential
87
Manual
99a
38
July 17, 2001
%2 now becomes ACCNTS. Upon executing the loop, the login script maps a
drive to the ACCNTS directory.
Mary could also change the order of her login command without affecting the
way her work environment is set up, as follows:
LOGIN MARY ACCNTS WP
The parameters in this login command are given the following values:
%0=FS1
%1=MARY
%2=ACCNTS
%3=WP
In this case, Marys login script looks for %2, which is now ACCNTS. The
login script maps a drive to the ACCNTS directory. Then the login script shifts
the variables to the left so that %2 now becomes WP.
Upon executing the loop, the login script sets the word processing
environment.
TERM
This command is normally used only for Application Launcher scripts, a
component of ZENworksTM for Desktops.
You can use the TERM command in a login script to stop the login script and
return an error code.
You can also use TERM in an IF...THEN statement, so that the login script
stops and an error code is returned only if an IF statement is true (that is, a
certain condition exists). If the IF statement is false (that is, a condition
doesnt exist), the login script skips the TERM command and continues
executing.
Because TERM stops the login script, be sure to put this command either at
the end of the login script or at a point within the script where you intend
execution to stop. Do not nest the TERM command in the login script.
If you add TERM to a container login script, it prevents other profile or user
login scripts from running. If you put TERM in a profile login script, it
prevents the user login script from running.
88

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Command Format
TERM nnn
Replace nnn with an error level. Any error level between 000 and 999 is valid.
Example
If you want the login script to exit and return an error code of 718, you can add
the following statement to the login script:
TERM 718
TREE
The TREE command can be used only with clients that support multiple NDS
tree attachments.
Use TREE to attach to another NDS tree within the network and to access its
resources.
The TREE command changes the focus of the login script so that all NDS
object references in subsequent script commands (for drive mappings, print
captures, etc.) apply to the NDS tree specified in the TREE command.
You can include multiple TREE commands within a login script, either to
attach to additional trees or to switch the login scripts focus back to a tree
that the user is already attached to.
Command Format
TREE tree_name[/complete_name[;password]]
Replace tree_name with the name of the NDS tree that you want the user to
attach to.
Replace complete_name with the users complete name (Distinguished Name)
for the NDS tree that the user is attaching to. The complete name establishes
the users context in the tree. If you do not include the complete name, the user
is prompted for a complete name when the TREE command is executed from
the login script.
Replace password with the correct password for that user and tree. If the
username and password are the same as the primary login username and
password, you can omit the password and not be prompted for it.

103-000159-001
December 7, 2001
Novell Confidential
89
Manual
99a
38
July 17, 2001
IMPORTANT: Use caution when including passwords in a login script. It is more
secure to eliminate the password. Then, at the point in the login script where the
TREE command is executed, the user is prompted for the password.
Example
To attach the user with the complete name MRICHARD.ACME (whose
password is BUTTERFLY) to an NDS tree named CORP, add the following
line to the login script:
tree corp/.mrichard.acme;butterfly
WRITE
Use WRITE to display messages on the workstation screen when a user logs
in to the network. Text that you want to display must be enclosed in quotation
marks (" ").
There are several ways to display variables in the text message. The way you
enter the variable in the WRITE command determines the display format, as
follows:
If you type the identifier variable as shown, with no special punctuation,
only the variable is displayed on the screen.
If you enclose the identifier variable inside quotation marks, precede the
variable with a percent sign (%) and type it in uppercase letters. This
method is often used to combine regular text with an identifier variable,
because both the text and the variable can be enclosed in the same
quotation marks.
To join several text strings and identifier variables into a single display
without enclosing the variables in quotation marks, use a semicolon (;)
between the text and the variables.
If you have several WRITE commands, each one appears on a separate
line on the users workstation. However, if you put a semicolon at the end
of all but the last WRITE commands, the commands all appear as one
continuous sentence or paragraph (although they might wrap onto
additional lines on the workstations screen).
90

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Text strings can include the following special characters:

Character
Meaning
\r
Causes a carriage return
\n
Starts a new line of text
\"
Displays a quotation mark on the screen
\7
Makes a beep sound
In addition to the semicolon, you can use other operators to form compound
strings (in other words, to join text and identifier variables into one command).
These operators are listed in the following table, in order of precedence:
Operator
Meaning
*/%
Multiply, divide, modulos
+-
Add, subtract
>> <<
Shift left or right (1000 >> 3 becomes 1)
Command Format
WRITE "[text][%identifier]" [;][identifier]
Replace text with the words you want to display on the screen.
Replace identifier with a variable you want to display, such as a users login
name. See Using Identifier Variables on page 62 for a complete list of
variables.
Examples
To display the message Hello, add the following line to the login script:
WRITE "Hello"
To display the users surname along with a greeting, add the identifier
LAST_NAME to the command. To do this, either join the text and the
identifier with a semicolon (;) or include the variable in the quotation marks
with the text.

103-000159-001
December 7, 2001
Novell Confidential
91
Manual
99a
38
July 17, 2001
For example, either of the following lines displays Hello, Smith when
user Bob Smith logs in:
WRITE "Hello, ";%LAST_NAME
WRITE "Hello, %LAST_NAME"
To make a beep sound occur while the phrase Good morning appears on
the screen, add the following line to the login script:
WRITE "Good %GREETING_TIME \7"
92

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

You can create login scripts from these sample login scripts using NetWare
Administrator. Using a sample login script can help reduce syntax errors,
reducing the time it takes you to create your login scripts.
For more information on how to create login scripts, see Creating Login
Scripts from a Sample or Existing Login Script on page 34.
IMPORTANT: You must modify these sample login scripts to match the server
Sample Container Login Script

The container login script should contain any information that applies to all
users. By using some or all of the commands included in the following sample
container login script, you might find it easier to plan and create your own
container login scripts.
For more detailed information about each type of login script command, see
Login Script Commands and Variables on page 59.
MAP DISPLAY OFF
MAP ERRORS OFF
MAP *1:=%HOME_DIRECTORY
IF "%1"="ADMIN"THEN MAP *1:SYS:SYSTEM
IF OS = "WIN95" THEN
MAP P:=SYS:PUBLIC
ELSE
MAP INS S1:=SYS:PUBLIC
MAP INS S2:=SYS:PUBLIC\%MACHINE\%OS\%OS_VERSION
END

103-000159-001
December 7, 2001
Novell Confidential
93
Manual
99a
38
July 17, 2001
IF OS = "WINNT" THEN
MAP P:=SYS:USERS\%LOGIN_NAME\WINNT
MAP INS S16:=SYS:APPS\WINAPPS\WINNT
SET TEMP = "P:\USERS\%LOGIN_NAME\WINNT\TEMP"
END
MAP
MAP
MAP
MAP
INS S16:=VOL1:APPL\LOTUS
INS S16:=SYS:EMAIL
M:=VOL1:SHARED
N:=VOL1:MODEMS
MAP O=SYS:DOC
IF MEMBER OF "MANAGERS" THEN
MAP *3:=VOL1:PROJECTS\REPORTS
END
Sample Profile Login Script

If you have groups of users with identical login script needs, you can create a
Profile object and then create a login script for it. Then you can assign each
user to be a member of that object.
The following sample login script shows an example of a profile login script
you might create for users in the Profile object ACCOUNTING. This profile
login script would execute after the container login script had executed.
MAP
MAP
MAP
MAP
MAP
DISPLAY OFF
ERRORS OFF
INS S16:=VOL1:APPL\DB
*5:=VOL1:ACCOUNTS\NEW
*6:=VOL1:ACCOUNTS\RECORDS
@GRPWISE5
MAP DISPLAY ON
MAP
WRITE
IF DAY_OF_WEEK="FRIDAY" THEN
WRITE "Weekly progress report is due today."
FIRE 2
END
94

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Sample User Login Script

The following sample login script is an example of a login script created for
user Mary. The user login script executes after the container and profile login
scripts have executed. In addition, a user login script prevents the default login
script from executing for this specific user.
Therefore, you should consider whether any commands in the default login
script are necessary for setting the users environment. If so, determine
whether those commands should be placed into one of the other login scripts
(container, profile, or user).
MAP DISPLAY OFF
MAP ERRORS OFF
MAP *7:=VOL1:MARY\PROJECTS\RESEARCH
MAP *8:=VOL1:FORMS
REM Mary needs access to FORMS while shes on the
REM troubleshooting team.
SET WP="/u-mjr/b-5"
SET USER="mrichard"
#SEND /A=N
Sample Default Login Script

The default login script executes the first time User object Admin logs in. It
also executes for any users who do not have user login scripts.
You cant modify the default login script because it is coded into the Novell
LOGIN utility. Instead, you can create container, profile, or user login scripts.
The following sample of the default login script lists its contents and lets you
find out more information about each command in the default login script.
MAP DISPLAY OFF
MAP ERRORS OFF
MAP *1:=%FILE_SERVER\SYS:
MAP *1:=%FILE_SERVER\SYS:%LOGIN_NAME
IF "%LOGIN_NAME"="SUPERVIS" OR "%LOGIN_NAME"="ADMIN" THEN
MAP *1:=%FILE_SERVER\SYS:SYSTEM
MAP INS S1:=%FILE_SERVER\SYS:PUBLIC
MAP INS S2:=%FILE_SERVER\SYS:PUBLIC\%MACHINE\%OS\%OS_VERSION
MAP DISPLAY ON
MAP

103-000159-001
December 7, 2001
Novell Confidential
95
Manual
96

103-000159-001
December 7, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
July 17, 2001
38
Troubleshooting Issues
This appendix provides troubleshooting information for known issues.
HINT: If you do not find a solution to your issue here, check the Readme file that
accompanied the software as well as the Novell Support Connection information

database (http://www.support.novell.com).
Windows 95/98 Issues

The following issues will help you troubleshoot Novell ClientTM for Windows
95/98. For additional issues, check the Novell Client Readme.
Installation
Drag-and-Drop Operations Do Not Work Immediately after Installation
Drag-and-drop operations between applications on the desktop might not

work immediately after the client is installed and the workstation is rebooted.
To solve this problem, reboot again to ensure proper registration of the
ActiveX* controls included in the client.
NDPS Required on NetWare 5.1
An update to NDPS is required to solve a client hang. Install the

DPRPCNLM.NLM file, dated 22Nov2000 or later. This update is included in
NetWare 5.1 Support Pack 3. Refer to TID 10062546.
Update Required on NetWare 4.11 and NetWare 4.2 Servers
NetWare 4.11 and NetWare 4.2 servers require an update on the server prior
to the installation of this Novell Client. The server update information is

103-000159-001
December 7, 2001
Novell Confidential
97
Manual
99a
38
July 17, 2001
located in TID 2952441. This update addresses an issue in which a file opened
once by different threads (one open in each thread) in an application and then
closed leaves an instance of the file open, even after exiting the application.
This problem could cause the server to run out of memory or hang.
IP with IPX Compatibility Dependency
When using the IP with IPXTM Compatibility client configuration, make sure
that the TCP/IP stack has been configured with a TCP/IP gateway. This can
be configured through DHCP or defined locally. The IPX Compatibility
driver and IP routing will not work properly without a TCP/IP gateway
configured. Under Windows 95/98, the gateway can be configured by opening
the TCP/IP Properties page from the Network Properties page. If your network
is configured to use DHCP, you do not need to configure the gateway locally.
IP with IPX Compatibility Needs Migration Agent
If you are using the IP with IPX Compatibility configuration on the client and
are trying to connect to servers running IPX only, make sure that you have
configured a Migration Agent (MA) on the network.
For more information on setting up a Migration Agent on the network, see the
NetWare 5 documentation (www.novell.com/documentation). To
troubleshoot a Novell Clients MA visibility or configuration, enter
CMDINFO at the DOS prompt. This command should list all configured or
discovered MAs, depending on the IPX compatibility configuration.
ZENWorks for Desktops 2 Remote Management Does Not Work after Upgrading to Novell
Client for Windows 95/98 Version 3.31
If you upgraded Novell Client software and chose to update Remote

Management during installation, Remote Management will not function if you
do not have ZENworksTM for Desktops 3. If you have inadvertently upgraded
Remote Management and do not have ZENworks 3 for Desktops, do the
following:
1 Uninstall Novell Client for Windows 95/98 version 3.31.
2 Install a previous version (with the Remote Management option selected)
of Novell Client for Windows 95/98.

This replaces the Remote Management functionality.
3 Install Novell Client for Windows 95/98 version 3.31 without selecting
Remote Management.
98

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Installing ZENWorks for Desktops 2 Remote Management and Novell Client Software
Version 3.31 on a New Workstation
If you have new workstations that require ZENworks for Desktops 2 Remote
Management and Novell Client for Windows 95/98 version 3.31, do one of the
following.
Install Remote Management Using an Application Object
Remote Management.
2 Use the NAL Remote-OS Application Object to install Remote
Management.
Install Remote Management Using a Previous Version of the Client
1 Install a previous version of Novell Client for Windows 95/98.
This installs the Remote Management functionality.

Remote Management.
Login
MFC42.DLL Error
Novell Client runs with MFC42.DLL version 4.21.7022 or later. MFC42.DLL

version 6.00.8267.0 is installed when you install Novell Client. If an older
version is installed over the version installed by Novell Client, the client login
fails with an error message similar to the following:
The ordinal 6453 could not be located in the dynamic link
library MFC42.DLL.
The actual message might vary, depending on the version of MFC42.DLL you
are using.
To recover from this error, reinstall the correct version of MFC42.DLL. You
can find the correct file on the ZENworks CD at
D:\PRODUCTS\WIN95\IBM_ENU\MFC42.DLL
Copy the .DLL to the following directory on your workstation:
C:\WINDOWS\SYSTEM

103-000159-001
December 7, 2001
Novell Confidential
99
Manual
99a
38
July 17, 2001
Login Restrictions Set for IPX/SPX Prevent User from Logging In
Symptom: Login restrictions are set for IPX/SPXTM and the node address.
When the administrative workstation is reset, the new client files are
automatically updated and the reboot prompt is displayed. After restarting, the
workstations that are placed in the restriction list as being able to log in as
Admin and which now have the new client cannot log in and no administration
of the server can be done.
Cause: This is a problem with preferring the IP protocol. The allowed
addresses assigned in NDS are IPX addresses. If the server is bound to IP,
the clients are designed to prefer this protocol by default. The result is that the
client is attempting to log in to the server using IP but the address is restricted
to only allow IPX addresses, causing an authentication failure. This is due to
the IP address not being stored in NDS.
Solution: Do not bind IP to the server until static IP addresses have been
assigned. Or, change your protocol preference to IPX.
Dial-Up Networking
Dial-Up Networking over IP: SLP Configuration
In order to use SLP name resolution with dial-up networking, you must add
the directory agents IP address to the directory agent list on the Novell
NetWare Client Properties Service Location tab.
Properties.
2 Click the Service Location tab.
3 Add the directory agent IP address to the directory agent list and then
click OK.
Dial-Up Networking over IP: Unable to See the Network
If you are using dial-up networking on the client and are unable to log in or
browse the network, do the following:
1 Make sure that you can resolve NetWare 5 or later IP server names.
For dynamic discovery of servers, make sure that your client can locate
an SLP Directory Agent. The agent can be configured statically or it can
be configured through DHCP if your dial-up host supports DHCP and is
configured with the proper Discovery Agent.

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
By default, the client uses DHCP to locate a Discovery Agent. (This

assumes that a Discovery Agent is configured on the dial-up host
network.)
The client uses an NWHOST file, if present, which contains server names
and their addresses. This might be a preferred way to run your client. (The
file is created in the NOVELL\CLIENT32 directory on the workstation.)
The client also supports DNS names. After connecting to the dial-up host,
make sure that your DNS server is working properly by attempting to
ping your server using its DNS name. If the ping was successful, then use
that same DNS name as your server name in the login dialog.
HINT: Isolate the problem down to name resolution by using an IP address
instead of the server name. If the login works, the problem is in name resolution.
2 Make sure that the IP stack is still functioning properly by pinging known
active IP nodes that are on the dial-up host network.

3 If you are using IP with Compatibility Mode on the client and cannot see
any IPX servers, make sure that the clients Migration Agent is configured
properly.
See Dial-Up Networking with Compatibility Mode on page 101.
Dial-Up Networking with Compatibility Mode
In order to use Compatibility Mode to locate IPX services over a dial-up

connection, you should statically configure the Migration Agent on the
Compatibility Mode Driver property page.
NOTE: If your dial-up host supports DHCP Inform requests and is configured to
hand out Migration Agents, you shouldnt need to set the Migration Agent statically.
1 Click Start > Settings > Control Panel.

2 Double-click Network > Compatibility Mode Driver (CMD).
3 Uncheck the Use DHCP check box and then add a Migration Agent, using
an IP address in dotted format (for example: 137.65.1.5).

You can also use a DNS name, keeping in mind the dial-up environment
that you are using.
4 Press OK to save the changes.
Troubleshooting Issues 101

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Printing
Do Not Configure a Local NPRINTER with Interupts
Do not configure a local NPRINTER with interrupts. Use the default Polled
Mode instead.
Windows NT/2000/XP Issues

The following issues will help you troubleshoot Novell Client for Windows
NT/2000 and Novell Client for Windows XP. For additional issues, check the
Novell Client Readme.
Installation
IPX Compatibility Mode and the IPX Internal Network Number
Workstations using IPX Compatibility Mode cannot have an IPX internal

network number configured. If you have configured an IPX internal network
number on your workstation and you plan to install the Novell IP Client with
IPX Compatibility Mode, then remove the IPX internal network number
before installing the client.
(Windows NT-Only) Errors Resulting from a Custom Installation of Novell Client for
Windows NT
We recommend that you use the Typical Installation option for most
installations of Novell Client software. If you are installing Novell Client and
you select Custom Installation, note that the Novell IP gateway is not
compatible with NetWare IP or CMD (IPX Compatibility Mode Driver).
Using Remote Management with ZENworks for Desktops
If you plan to use Remote Management, make sure that Workstation Manager
is installed on all workstations that will be managed remotely.
NDPS Required on NetWare 5.1
An update to NDPS is required to solve a client hang. Install the

DPRPCNLM.NLM file, dated 22Nov2000 or later. This update is included in
NetWare 5.1 Support Pack 3. Refer to TID 10062546.

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Update Required on NetWare 4.11 and NetWare 4.2 Servers
NetWare 4.11 and NetWare 4.2 servers require an update on the server prior
to the installation of this Client. The server update information is located in
TID 2952441. This update addresses an issue in which a file opened once by
different threads (one open in each thread) in an application and then closed
leaves an instance of the file open, even after exiting the application. This
problem could cause the server to run out of memory or hang.
TCP/IP Source Path Parameter for Unattended Installation
The TCP/IP Source Path parameter has been added to the unattended network
installation. This parameter is not included in Novell Client Install Manager.
To use this parameter, you must add it manually to the UNATTEND.TXT file:
!TCPIP_SOURCE_PATH = path
This parameter is used with Automatic Client Upgrade (ACU) to upgrade an

IP client. Specify the full path to the source files for the Microsoft TCP/IP
installation files. If this parameter is not specified, the location where the ACU
was run from will be used as the default.
Additionally, all parameters to configure TCP/IP are available as well. These
are the same parameter names that are specified by Microsoft for use during
an unattended operating system install. They should be added under the
Novell Client section of the unattend file.
For more information on unatteded network installations, see Installing
Clients from the Network on page 19.
Password Issues
We recommend that administrators configure NT workstations to not use any

of the Microsoft password restrictions available in User Manager. Novell
Client for Windows NT/2000/XP works best if password restrictions are left
up to NDS.

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Login
MFC42.DLL Error
Novell Client runs with MFC42.DLL version 4.21.7022 or later. MFC42.DLL

version 6.00.8267.0 is installed when you install Novell Client. If an older
version is installed over the version installed by Novell Client, the client login
fails with an error message similar to the following:
The ordinal 6453 could not be located in the dynamic link
library MFC42.DLL.
The actual message might vary, depending on the version of MFC42.DLL you
are using.
To recover from this error, reinstall the correct version of MFC42.DLL. You
can find the correct file on the ZENworks CD at:
D:\PRODUCTS\WINNT\I386\LIBS32\MFC42.DLL
Copy the .DLL to the following directory on your workstation:
%SystemRoot%\system32
Copying MFC42.DLL will fail if some component is using the file. If the copy
fails, try renaming %SYSTEMROOT%\SYSTEM32\MFC42.DLL to
%SYSTEMROOT%\SYSTEM32\MFC42.OLD and then try copying the new
version again.
Login Restrictions Set for IPX/SPX Prevent User from Logging In
Symptom: Login restrictions are set for IPX/SPX and the node address. When
the administrative workstation is reset, the new client files are automatically
updated and the reboot prompt is displayed. After restarting, the workstations
that are placed in the restriction list as being able to log in as admin and which
now have the new client cannot log in and no administration of the server can
be done.
Cause: This is a problem with preferring the IP protocol. The allowed
addresses assigned in eDirectoryTM are IPX addresses. If the server is bound
to IP, the clients are designed to prefer this protocol by default. The result is
that the client is attempting to log in to the server using IP but the address is
restricted to only allow IPX addresses, causing an authentication failure. This
is due to the IP address not being stored in eDirectory.
Solution: Do not bind IP to the server until static IP addresses have been
assigned. Or, change your protocol preference to IPX.

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Login Script
CAPTURE Execution in a Login Script
If you use a login script that contains an external CAPTURE command using
CAPTURE.EXE, the screen might go blank with a blinking cursor in the
upper-left corner. The capture eventually executes and the screen returns to
normal.
This happens if Windows NT or Windows 2000 is set to full screen when
the CAPTURE command is executed from the login script. Although the
system might be working correctly, a slow server performing the capture with
a blank screen may make it appear otherwise.
To correct this problem, do the following:
1 Double-click My Computer and then click Control Panel > MS-DOS
Console.
2 In the Console Windows Properties dialog box, click the Options tab.
3 From the Display Options group, click Window.
Login Script Command SET_TIME ON/OFF Behaves Differently on NT
Novell Client for Windows NT/2000/XP Properties > Advanced Settings

contains a Set Station Time property.
When this setting is On, the workstation time is always synchronized with the
network during GINA Login. The login script SET_TIME command has no
effect on time synchronization, because the time is being synchronized before
the script command is processed.
When the setting is Off, the SET_TIME ON script command will have an
effect when scripts are run and the workstation time will be synchronized with
the network.
Windows 2000 and XP both ignore the SET_TIME script command
regardless of the client property setting Set Station Time=On|Off' and update
the time/date to the Netware Server Time/Date at Gina Login only.
Subsequent script executions do not make any difference as the script
command seems to be ignored.

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
MAP.EXE
The MAP.EXE utility might function improperly if the computers DOS

environment size is too small. If you encounter problems while running
MAP.EXE, increase the DOS environment size by adding or editing the
SHELL= line in the WINNT\SYSTEM32\CONFIG.NT file. For example:
SHELL=%SYSTEMROOT%\SYSTEM32\COMMAND.COM /E:2048
MAP.EXE was not designed as a Windows NT/2000/XP executable and,

therefore, does not recognize drives mapped to NT servers as network drives.
Consequently, MAP will not list NT network drives. The Windows NT NET
USE command can be used to correctly connect and list network drives for
both NetWare and NT servers.
MAP.EXE Might Fail When Mapping a Drive to a Novell eDirectory Object on Windows NT
MAP.EXE is not IP-aware for eDirectory objects. As a result, MAP.EXE

might fail if you try to use it to map a drive to an eDirectory objectfor
example, with a command like the following:
MAP N .mydir.organization.company
The failure will result in a message such as the following:

MAP-4.13-195: Directory [N .mydir.organization.company cannot
be located
This error can be avoided by using one of the following solutions:

Use MAP N SERVER\VOL:\DIRECTORY instead of MAP N
.mydir.organization.company.
Unbind IP from the server that the eDirectory object points to.
Configure the Protocol Preferences of Novell Client property page to use
IPX only.
Drive Mappings Automatically Root Mapped
In Windows NT/2000, all drive mappings made using the NetWare Login are
root mapped. Because of this, programs cannot access directories above the
directory that the drive is mapped to. This feature affects only MAP
commands performed in a login script. Once Windows NT has been started,
NT allows you to map only to the root.

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
You can turn off the default by adding SET MAPROOTOFF="1" as the first
line in the login script. This will globally force all NT workstations using the
login script to not map root drives.
Or, you can perform the following procedure on a local workstation:
1 Right-click My Computer.
2 Click Properties > Environment.
3 Enter MAPROOTOFF as a variable.
4 Set the value of the MAPROOTOFF variable to 1.
5 Click Select.
Errors When Reconnecting Permanent Drive Mappings to Servers in Different Directory
Trees
In Windows NT 4.0, users might encounter an error when restoring permanent

drive mappings to NetWare servers in different trees. These mappings will be
authenticated through Novell eDirectory. The user might get an Invalid
Password prompt when restoring these drives. This is not because the
password is invalid but because the client does not have a valid context for the
secondary tree.
If this problem occurs, enter the default context for all eDirectory trees on the
Client tab of the Novell Client Configuration page. This is accessed by rightclicking Network Neighborhood and then clicking Properties > Services >
Novell Client for Windows NT > Properties.
Permanent Connections
If you have a permanent drive mapping that conflicts with a drive mapping
made in your login script, a dialog box appears indicating that an error
occurred while reconnecting the drive and that the local device name is
already in use. One of the options in this dialog box has some confusing
results. If you check Do Not Try to Restore the Connection in the Future, and
then click Yes or OK, the drive mapping made from your login script is
removed.
If you do not check this check box, the drive mapping from your login script
is preserved. This is a bug in Windows NT. By default, Windows NT removes
any mappings on that drive letter without checking to see whether the existing
drive mapping is the same path as the permanent connection.

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Printing Issues
NDPS and NetWare 5
You might experience difficulties printing through NDPS if your network

connection is dropped and later auto-reconnects. You could receive the
following error messages:
Error writing to <printer>: Space to store the file waiting
to be printed is not available on the server.
A write fault occurred while printing.
To resolve this problem, you must download and install NetWare 5 Support
Pack 2 or later. Then complete the following:
1 At the server console, load NDPSM.NLM to load NDPS Manager on the
server.
2 From the NDPS Manager main menu, click Printer Agent List.
3 Select a Printer Agent.
4 Once the Printer Agent information is displayed, click Configuration:
(See Form).
5 From the configuration screen, change the Security Level from High to
Medium.
Remote Access Services Issues

Supporting a Large Number of Remote Access Services (RAS) Users
If you support a large number of RAS users in your network and you
experience problems with users not being able to log in because of insufficient
NetWare connections, try setting the Watchdog configuration parameters so
that connections time out quickly when RAS connections terminate
abnormally.
SLP Requirements for Server Name Resolution from RAS Clients
If you rely on SLP to provide the resolution of server names to IP addresses in

your network and your RAS server does not forward IP multicast packets
between the client and the network, then you must set up and configure SLP
Directory Agents.
You can configure SLP Directory Agents through the Novell Client property
pages or through DHCP.

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
IPX Compatibility Requirements for RAS Client
IPX Compatibility Mode requires the services of SLP. For more information,
see SLP Requirements for Server Name Resolution from RAS Clients on
page 108.
Before installing the Novell IP Client with IPX Compatibility support, make
sure that the RAS Client is configured to perform only IP networking over the
RAS connections.
Restoring RAS Connections and IPX Compatibility
You must restart your workstation before re-establishing a RAS connection if

The RAS server assigns your client a different IP address during each
RAS connection
You are using IPX Compatibility Mode to run IPX applications or to
connect to IPX servers from your Novell IP Client
You can avoid the changing address problem over RAS connections if you
statically configure the IP address that your workstation uses over the dial-up
adapter.
IPX Compatibility
IPX Compatibility and Multiple Network Attachments
You should be aware that limitations of the IPX stack present in Windows NT
and limitations of 16-bit IPX/SPX applications complicate operations of
multihomed workstations. These limitations impose additional configuration
requirements to make use of the services of IPX Compatibility from your
multihomed Novell IP Client.
Workstations connected to the network through more than one network
attachment are considered to be multihomed workstations. LAN connections
and RAS connections qualify as network attachments.
On Windows NT, the IPX stack does not allow IPX applications to detect
more than one network attachment to segments with the same network
number. This limitation forces you to configure different IPX Compatibility
Network Numbers (also known as CMD Network Numbers) for each adapter
used by your workstation to access the network if you want to allow your
Novell IP Client to simultaneously access IPX Servers through each one of the
adapters. For example, you could allow IPX Compatibility to use the default

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
IPX Compatibility Network Number over the LAN adapter but configure a
different network number for IPX Compatibility to use over the RAS
connection (WAN adapter). You should be aware that nodes utilizing IPX
Compatibility on the same network should be configured to use the same
network number in order to directly communicate when using Client/Server
IPX applications.
The IPX stack arbitrarily selects a network attachment for 16-bit IPX/SPX
applications because those applications expect to operate on workstations with
only one network attachment. For this reason, you might find that your 16-bit
IPX/SPX applications are capable of communicating over your LAN adapter
only when you also have a RAS connection over a WAN adapter.
If you have a multihomed Novell IP Client and you want to use the service of
IPX Compatibility over only one of the network attachments and you are
getting unwanted results, then you can disable IPX Compatibility over the
other network attachments. For example, if you have a workstation connected
to the corporate network through LAN adapter A and connected to a lab
network through LAN adapter B, and IPX Compatibility only seems to work
over LAN adapter B, you can force IPX Compatibility to work over LAN
adapter A by opening the IPX Compatibility property page, selecting LAN
adapter B, and unchecking the Enabled check box.
IPX Compatibility and Changing IP Addresses
When the IP address of a given interface changes, you might not be able to
restore the connections that you had to IPX servers from your Novell IP
Client, or your IPX/SPX applications might stop working. If this occurs, you
will have to restart your workstation to recover.
IP interface addresses can change because of TCP/IP manual configuration
changes, because a DHCP lease expires and is renewed with a different
address, or because your network connection goes down and then back up
(such as when you re-establish a RAS connection).
You can avoid the changing address problem over RAS connections if you
statically configure the IP address that your workstation uses over the dial-up
adapter.
DOS Utilities Supported Only When Used with IPX or IP Compatibility Mode
DOS utilities (CX, MAP, CAPTURE, etc.) are supported only when used with
IPX or IP Compatibility Mode. Use the equivalent GUI-based utilities when
accessing resources that are available only from IP servers.

103-000159-001
December 7, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Software Compatibility Issues

Microsoft SMB Client Support over IPX
Novell Client for Windows NT/2000/XP coexists with the Microsoft SMB
Client over IPX networks. The Microsoft SMB Client utilizes NetBIOS when
communicating over IPX, which increases the utilization of your network.
If you want to prevent the Microsoft SMB Client from communicating over
NetBIOS, modify your workstation configuration by unbinding the
workstation and server from NWLink NetBIOS in the Network Properties
page.
Microsoft File and Print Services
Novell Client for Windows NT software does not work with Microsoft File
and Print Services for NetWare (FPNW). This is because FPNW advertises
itself as a NetWare 3.12 server but does not emulate a NetWare 3.12 server. It
more closely emulates a NetWare 2.2 server. When the client attaches, it
attempts to use features that are available on NetWare 3.12 servers. Since
FPNW does not support these features, the client is unable to use FPNW.
A fix is available from Microsoft, but Novell testing indicates that the fix still
does not provide a complete solution.

103-000159-001
December 7, 2001
Novell Confidential
Manual

103-000159-001
December 7, 2001
Novell Confidential
99a
38
July 17, 2001
Novell Licensing Services Administration Guide
Novell
NetWare 6
www.novell.com
N O V E L L L I C E N S I N G S E RV I C E S
August 30, 2001

Novell Confidential
Manual
99a
June 14, 2001
37
Contents
Overview
Understanding Novell Licensing Services
Key NLS Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

Examples of NLS Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
How NLS Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Installing Novell Licensing Services
21
Guidelines for Installing NLS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

Installing NLS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Verifying That NLS Is Installed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Using Novell Licensing Services
23
Managing License Certificates . . . . . . . . . . . . . . . . . .

About Single Certificates . . . . . . . . . . . . . . . . . . .
About Envelopes . . . . . . . . . . . . . . . . . . . . . . .
Installing License Certificates. . . . . . . . . . . . . . . . .
Deleting a License Certificate . . . . . . . . . . . . . . . .
Moving a License Certificate . . . . . . . . . . . . . . . . . . .
Assigning Licenses to a Server . . . . . . . . . . . . . . . . .
Modifying or Deleting Server Assignments. . . . . . . . . . . .
Viewing Information about License Certificates and Containers
Using SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . .
About SNMP and NLS . . . . . . . . . . . . . . . . . . . .
Why You Need a Management Console . . . . . . . . . . .
Three Configuration Files for SNMP . . . . . . . . . . . . .
Implementing SNMP . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Troubleshooting Novell Licensing Services

Tips. . . . . . . . . . . . . . . . . . . . . . . . . . .
Unable to get a server base license . . . . . . . .
No access to license units . . . . . . . . . . . . .
The system erroneously reports duplicate licenses
Error Codes and System Messages . . . . . . . . . .
Error Code C0001002 Displays . . . . . . . . . .
Error Code C0001005 Diplays . . . . . . . . . . .
TIDs . . . . . . . . . . . . . . . . . . . . . . . . . .
23
23
24
24
25
25
26
26
26
27
27
27
28
28
31
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Contents

103-000138-001
August 30, 2001
Novell Confidential
31
31
31
32
33
33
34
34
Manual
99a
37

103-000138-001
August 30, 2001
Novell Confidential
June 14, 2001
Manual
99a
38
July 17, 2001
Overview
Novell Licensing Services (NLS) that ships with NetWare 6 supports the
User Access License (UAL) model. User objects gain access to network
services by connecting to the network instead of to servers. These User objects
receive a permanent license unit that allows them to access network services
at any time and from any workstation attached to the network.
For information on NLS concepts and how NLS works, see Understanding
Novell Licensing Services on page 9.
For information on the User Access Model, see User Access Licensing for
NetWare.
When you install or upgrade to NetWare, the server installation software
automatically installs NLS, but not the license certificates. You must install
the license certificates either during the installation or at a later time.
For information on installing or upgrading NLS, see Installing Novell
Licensing Services on page 21.
License certificates enable users to access network resources, including
NetWare servers. Typically, the server installation program installs license
certificates for NetWare and other selected NLS-enabled products. You can
use iManage, Novells browser-based management tool, to install additional
license certificates and to manage license units for NLS-enabled products.
You can also create metered certificates and then use ZENworksTM to manage
applications that are not NLS-enabled.
To set up and configure iManage to install and maintain licensing, see
iManage 1.0 and iMonitor 1.5 for Novell eDirectory 8.6 for more information.
For information on troubleshooting, see Troubleshooting Novell Licensing
Services on page 31.
Overview

103-000138-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
This documentation does not cover information about policy managers and
license certificates for specific products. Refer to product-specific
documentation for that information.

103-000138-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Understanding Novell Licensing

Services
Since NLS is integrated with eDirectoryTM, you need to be familiar with the
basics of eDirectory, especially eDirectory objects, partitions, and replicas of
partitions.
Key NLS Terms on page 9
How NLS Works on page 17
Key NLS Terms

Understanding the following terms will help you maintain licensing and
license units on your network.
Novell Licensing Services (NLS)Software components and
technology that provide a balance between your companys need to
manage and access license units and a software manufacturers need for
enforcement of licensing requirements.
NLS consists of the following components:
License Service Providers (LSPs)
NLS clients
eDirectory objects (License Service Provider objects, License
Certificate objects, and License Container objects)
License Service Provider (LSP)Licensing software that you install
and run on NetWare servers. This software is contained in the
NLSLSP.NLM program running on a NetWare 4.11 or later server.

103-000138-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
An license service provider provides the actual licensing service. It

handles requests from NLS clients and maintains the license certificates,
which are stored within eDirectory.
When you install NetWare and licensing certificates, NLS
Installs the license service provider software on the server
Creates an License Service Provider object (NLS_LSP_servername)
in the eDirectory tree
You can also use NetWare Deployment Manager to accomplish these two
tasks.
IMPORTANT: You must have an license service provider running on a server with
a writable replica of each partition. This requirement applies to partitions that

containor will containLicense Certificate objects. If a partition does notor will
notcontain a license certificate, that partition does not require a server running
an license service provider.
The replica can be a master or read/write replica. You can run license service
providers on other servers without replicas as long as they can communicate with
the license service provider that has a writable replica. The server with the writable
replica can make changes to the eDirectory database on the other server's behalf.
NLS_LSP_servernameAn object in eDirectory.

This objects existence in the tree is one indication that NLS is configured
to run on a server and that a server is a license service provider.
Both the NetWare server installation software and NetWare Deployment
Manager install the license service provider software on the server and
create a corresponding License Service Provider object
(NLS_LSP_servername) in the eDirectory tree.
License service provider objects are created in the same context as the
server running the license service provider software (NLSLSP.NLM).
The License Service Provider object stores configuration information
about an license service provider running on the server: a transaction
database name, information about how to search for a license certificate
(whether to search to the partition root or to the root of the tree),
notifications concerning unlicensed access and service problems, and
other associated data.
NLS adds an attribute on the NCP Server object. This attribute points to
the license service provider so that NLS has a link between the NCPTM
Server object and the license service provider.
10

103-000138-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NLS clientSoftware that requests licensing services from license

service providers.
An NLS client runs on client workstations and on NetWare servers. (The
client can run on either a workstation or a server or on both the
workstation and the server.) This software supports 32-bit Windows* and
NetWare Loadable ModuleTM (NLMTM) platforms. When you install NLS
on a server, all of the files that enable an application to use NLS are
copied to the SYS:\PUBLIC and SYS:\SYSTEM directories on the
server.
Other than the client software, no additional files need to be installed on
client workstations. Applications written to use NLS load client libraries
that communicate with NLS components running on a NetWare server.
If a 32-bit Windows NLS client has an existing connection to a NetWare
server running an license service provider, the client communicates
directly with the license service provider. If the client does not already
have a connection to a server running an license service provider, the
client searches from the servers context upward in the eDirectory tree for
an license service provider.
An NLM client does not search. It simply examines the current
connection.
See Examples of NLS Clients on page 16 for more information.
License unitA component of a license certificate.
When you purchase a product, you purchase one or more license units for
it. For example, a 100 Additive User License for Novell
BorderManagerTM Firewall Services 3 contains 100 license units,
allowing 100 users to access BorderManager services.
NLS supports digital license units that are available from installed
License Certificate objects. NLS also supports metered license
certificates that are managed through ZENworksTM functionality.
License certificates are installed from files. Typical filename extensions
are
.NLF (for NetWare, BorderManager, and other Novell products)
.CLS (for NetWare for Small Business)
.KEY (activation keys)
IMPORTANT: A license unit or a license certificate is not the license itself.
Licenses are specified in your license agreement. Although NLS helps you stay in
compliance with the license agreement, you are bound by the terms and conditions
of your software agreement.

103-000138-001
August 30, 2001
Novell Confidential
11
Manual
99a
38
July 17, 2001
License Certificate objectAn object in eDirectory; represents a

license certificate.
License certificates correspond to the printed license statement that is
typically included in the packaging for software products. The icon for a
License Certificate object looks like a single sheet of paper representing
a license certificate. When you view the object in iManage, the object
typically displays the serial number or certificate name, as shown below:
Certificates can be secure or unsecure:

A license certificate is a digital license that is secured by secrets. For
additional security, NetWare license certificates are digitally signed.
They cannot be modified. License certificates usually come from a
software vendor.
A metered certificate does not have secrets; it is an unsecure license
certificate. ZENworks functions as the NLS client and requests
license units on behalf of applications. Metered certificates are
usually created by network administrators.
NLS creates a License Certificate object when you install license
certificates for NLS-enabled applications or when you create metered
certificates.
When you install or create a license certificate, you choose the context
(location in an eDirectory tree) for this object.
License certificates contain policies and are managed by a policy
manager.
Activation KeyA sequence of numbers and letters; allows you to
complete the installation of a license certificate for a product you
purchased.
All license certificates require an activation key. Software vendors
usually include the activation key in a .KEY file along with the certificate.
This combination enables the Activation Key to be installed
automatically during installation. However, if the installation program
can't locate an Activation Key, a prompt allows you to enter it.
EnvelopeAn .NLF file that contains one or more license certificates; a
convenient way of packaging multiple license certificates to be
distributed as a single file.
12

103-000138-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Because multiple license certificates can exist in an envelope, envelopes

allow you to install several license certificates at the same time.
Envelopes can contain an embedded activation key for license
certificates.
A sample envelope file is 4234171D.NLF.
License Container objectAn object in eDirectory; contains one or
more License Certificate objects.
A License Container object is a special container object in eDirectory.
(Other container objects include [Root] or Tree, Country, Organization,
and Organizational Unit.)
License Container objects are named using publisher, product, and
version. For example, Corel* WordPerfect* version 9 could appear as
follows in a tree:
When you install a license certificate or create a metered certificate, NLS

creates a License Container object and a License Certificate object. (If a
license container already exists, NLS places the additional license
certificate in that existing container.)
Using iManage, you can view License Container objects as they appear
in the eDirectory tree.
Licensing modelThe way a vendor allows its customers to use its
licensed products.
NLS can support many models of licensing. For example:
Nonconcurrent connections in BorderManager
Server Connection Licensing (SCL) in NetWare 4 and NetWare 5
User Access Licensing (UAL) for Novell Cluster ServicesTM and
NetWare 6
For information about the licensing model for the product that you use,
refer to the product-specific documentation.

103-000138-001
August 30, 2001
Novell Confidential
13
Manual
99a
38
July 17, 2001
PolicyAn electronic representation of a term or condition in your

license agreement. Policies are contained in license certificates. For
example, a certificate for a company could include the following tags for
policies:
Each license unit is consumable.
Each license unit allows nodal reuse. (A user can use it multiple
times from different workstations.)
The certificate does not require an license service provider
assignment.
Duplicate certificates can be installed (an important tag for Master
License Agreement accounts).
The certificate is an evaluation license certificate.
The certificate has a soft stop. (The policy allows users to use the
service even though a license unit is not available. However, a
network administrator receives notification that the company is out
of compliance.)
The certificate uses secrets.
The certificate is digitally signed.
A policy is tied to a license certificate and a policy manager, not to the
licensing service. A policy can be flexible, simply by changing (or
replacing) a license certificate.
Policy Manager (Gatekeeper)Code that makes decisions based on
requests from a licensing service.
A policy manager
Is part of the application
Makes the application NLS-enabled
Requests licenses from NLS
Receives responses from NLS regarding availability of license units
Decides whether to grant access to certain program functionality
Informs the license service provider when a license unit is no longer
being used
Contains mechanisms (policy) for handling errors concerning failed
requests for license units
14

103-000138-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Each NLS-enabled product has its own policy manager. The policy
manager for NetWare differs from the policy manager for
BorderManager. Both of these policy managers differ from the policy
manager for a third-party software manufactures application.
Because each application or service supports a different policy, you might
have many policy managers running on a network.
NotificationA message that informs you about the licensing service or
a problem concerning your compliance with the terms and conditions
licensing agreement.
System Alert notifications inform a designated person that one of the
following has occurred:
An eDirectory communication error related to the licensing service
An eDirectory schema error related to the licensing service
A transaction logging error
Out of Compliance notifications inform a designated person that your
company is out of compliance with the terms and conditions of your
licensing agreement.
By default, the designated person is whoever installs the license
certificate. You can modify (change, delete, add) objects that receive
notifications. Multiple network users or groups can receive notifications.
Notifications are sent through the NetWare Broadcast utility and
(optionally) SNMP.
Unlicensed accessAn allowance beyond the number of license units
purchased.
Software manufacturers can allow unlicensed access (a grace condition)
on their license certificates. This functionality allows users to continue
using the product while you purchase and install more license certificates.
NOTE: Unlicensed access does not grant licenses. The terms and conditions of
your license agreement specify how the product is to be used.
To see how a product handles unlicensed access, refer to the productspecific documentation.
StopA policy in a License Certificate object.
A hard stop policy informs users that they are out of compliance with
the terms and conditions of the license agreement. A hard stop
prevents users from accessing a license unit. The hard stop could
result from all available license units already being in use.

103-000138-001
August 30, 2001
Novell Confidential
15
Manual
99a
38
July 17, 2001
NOTE: NLS is a service. The terms and conditions of your license agreement
determine how the product is to be used.
A soft stop policy informs users that they are out of compliance but
allows them to continue using license units under certain conditions.
A no stop policy ignores situations in which no license units are
available. NLS keeps track of the overage by logging the
noncompliance, but does not inform or warn the user.
Examples of NLS Clients

Example 1: NLS Client Software on a Client Workstation
At your Windows 2000 workstation you want to use OptionsPlus, an NLSenabled application. After you click the icon for OptionsPlus, that application
loads on your client workstation.
OptionsPlus then requests a license unit. The NLS component (a .DLL file
linked to OptionsPlus software) locates a license service provider (an NLS
component running on a server). That license service provider searches
eDirectory for a License Certificate object that has license units available.
The license service provider responds to the NLS client in OptionsPlus and
allows you to use the application.
Example 2: NLS Client Software on a Server
When starting a server, NetWare loads and runs eDirectory and license service
provider, two necessary components of the NLS system.
Before completing its bootup, NetWares policy manager uses NLS client
software (an NLM library for NLS) to request a server base license from the
license service provider.
The license service provider then queries eDirectory for a license certificate.
If a license unit is available, the license service provider then grants the
request for the policy manager, and the NetWare server is allowed to run.
NLS itself does not enforce licensing. Instead, it checks out a license unit or
returns the appropriate error condition to the application. The policy manager
part of the application then determines whether the user can use the
application or how the error condition is reported.
16

103-000138-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Example 3: Metering
A client workstation requests an application that is not NLS-enabled.

ZENworks, integrated with NLS, requests a license unit on behalf of the
application.
Depending on the response from NLS, Application Launcher in ZENworks
chooses whether or not to load the application. Therefore, Application
Launcher can be configured to request license units for applications that are
not NLS-aware.
How NLS Works

The following figure illustrates how NLS Works.
2
The LSP searches the eDirectory

tree for a License Container
object with available licenses.
Licensing-enabled software
requests a license.
License Container object

License Certificate
License Service
Provider
The LSP indicates license
availability.
The LSP checks out a license

from a License Container object
for software to use.
The following list describes how License Service Providers (license service
providers) handle requests from NLS clients by interacting with the
eDirectory database.
1. An application issues a request to the NLS client.
In NetWare, for example, the server requests a license unit on behalf of
the user that is connecting to the server. The server issues this request to
the NLS client.
2. The NLS client library packages the request from the application and
submits it to an license service provider.

103-000138-001
August 30, 2001
Novell Confidential
17
Manual
99a
38
July 17, 2001
In NetWare, for example, the NLS client communicates with the license
service provider on that server.
3. The license service provider examines the request and determines
whether it can fill the request. It does this by checking the eDirectory
context of the requesting client for the specific information or license unit
being requested.
In NetWare, for example, the license service provider searches the users
context for a NetWare license unit.
4. If the requested resource is available, the license service provider fills the
request. If the license service provider cannot fill the request, it searches
for a resource. Where an license service provider starts its search for a
resource depends on what the requesting application has specified.
The license service provider can check the next-higher context in
eDirectory for the requested resources. The license service provider
continues to search until it reaches the [Root] or Tree of the partition or
the top of the tree, depending on how the license service provider is
configured.
In NetWare, for example, the license service provider starts in the users
context and searches up the eDirectory tree for a user license.
The following figure illustrates how an license service provider searches
for a license certificate in the User Access Licensing model.
18

103-000138-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
License
certificate
Server
User
Begins
searching
here
In this example, the user accesses the network from context .E.C.A. To
search for a license unit, the license service provider begins its search in
the users context.E.C.A The license service provider searches up the
tree to context A and finds an available license unit.
5. The license service provider returns status to the client library.
In NetWare, for example, if the license service provider finds a NetWare
license unit, it returns a successful status to the library. Otherwise, it
returns an error code.
6. The library returns status to the application.
In NetWare, for example, the library returns licensing status to the server.
7. The application determines action based upon the status of license units.
In NetWare, for example, the server determines an action. If the status is
successful, the server allows a connection to the server. Otherwise, the
server allows a grace connection if one is available, or denies service if a
grace connection isnt available.

103-000138-001
August 30, 2001
Novell Confidential
19
Manual
20
99a
38

103-000138-001
August 30, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001

This chapter discusses
Guidelines for Installing NLS on page 21
Installing NLS on page 22
Verifying That NLS Is Installed on page 22
Guidelines for Installing NLS

Prepare the network.
If you are upgrading a server, the server should have a read/write replica
of the partition where the NetWare 6 server will be installed.
Provide fault tolerance.
Two servers running NLS in a partition provide fault tolerance. If one
server goes down, the other provides required licensing services.
We recommend that the master replica be on one of these servers.
Upgrade existing NLS.
Before installing NetWare 6, ensure that your servers have the following
Support Packs installed.
NetWare Version
Support Pack
NetWare 4
NetWare 4 Support Pack 6a or later
NetWare 5.0
NetWare 5.0 Support Pack 4 or later
NetWare 5.1
NetWare 5.1 Support Pack 2 or later

103-000138-001
August 30, 2001
Novell Confidential
21
Manual
99a
38
July 17, 2001
NOTE: If you are running NetWare for Small Business or NetWare for Growing
Business, you should install the corresponding Support Pack before upgrading to
NetWare 6.
Know where to install NLS.

For more information, see Guidelines for Installing License Certificates
in the User Access Licensing for NetWare Guide.
Installing NLS
When you install or upgrade to NetWare 6, NLS is automatically installed. For
a NetWare 6 server in a new eDirectory tree, no other action concerning the
licensing service is required.
For fault tolerance, you should have NetWare 6 (or NLS) running on a second
server in same partition as the other server.
NLS-enabled applications can use the licensing service. See the productspecific documentation for information about implementing the licensing
services for that product.
Verifying That NLS Is Installed

1 At the server console GUI, click Novell > Install, and then look for an
NLS entry.
If NLSLSP.NLM is running on the server, enter the following at the

server console:
modules nls*
22
If NLS_LSP_servername is a leaf object in eDirectory, vew this

object in iManage.

103-000138-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

You can manage NLS functionality in iManage, the Novell browser-based
management tool, to complete the following tasks:
Managing License Certificates on page 23
Deleting a License Certificate on page 25
Moving a License Certificate on page 25
Modifying or Deleting Server Assignments on page 26
Viewing Information about License Certificates and Containers on
page 26
You can still use NetWare Administrator to administer NLS.
You can also use SNMP to view information about your network and
licensing. See Using SNMP on page 27.
Managing License Certificates

You can install license units contained within a single license certificate or an
envelope.
About Single Certificates

When a certificate for an NLS-aware application is installed, NLS adds a
License Container object to the tree and a License Certificate object to that
container object. You select the context or location in the eDirectoryTM tree for
that License Container object.
You install license certificates by accessing envelope files (.NLF).

103-000138-001
August 30, 2001
Novell Confidential
23
Manual
99a
38
July 17, 2001
If you purchase and install additional license certificates, they will also be
added to the eDirectory tree as objects in the appropriate License Container
object.
About Envelopes
An envelope is an .NLF file containing one or more license certificates. (The
envelope might have just one certificate because it also contains other
information associated with the productfor example, information for NISenabled installations.)
Envelopes let you install more than one license certificate at a time into
License Container objects. For example, if you have purchased three products
in a suite, you can use an envelope to simultaneously install license certificates
for all three products.
When adding license certificates to the eDirectory tree, you should know
where in the tree you want to install the license certificate. This location or
context will determine who can use the license units associated with that
license certificate. For more information on placing licenses, see Guidelines
for Installing License Certificatesin User Access Licensing for NetWare.
Installing License Certificates

1 In iManage, click License Management > Install License.
2 Navigate to and select a license file, and then click Next.
The file might be on a diskette in drive A: or on a CD-ROM.

A sample path and filename for a license certificate is
A:\LICENSE\43D211.NLS. A sample path and filename for an envelope
is A:\LICENSE\.43D23E.NLF.
The file, usually linked to an activation file (key), automatically retrieves
the password (if one is available).
3 Select the licenses to install, and then click Next.
Each license includes the user licenses and a server license. Each server
must have a server license associated with it.
If the licenses are to be installed in different contexts, you should install
the licenses one at a time.
If you choose to install a server license and one is already assigned to the
server, the server license install will fail.
24

103-000138-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
4 Fill in the following fields:
Location: Browse to or enter the context where you want the licenses
installed. User licenses should be installed at or above the user's context.
You might want to install the licenses high in the tree so that they will be
available to more users. Server licenses should be installed at or above the
server's context.
Server Assignment: If you are installing a server base license, the Server
Assignment field displays. Browse to or enter the fully distinguished
name of the Server object you want the license assigned to.
Enter an Activation Key: This field displays only if you are required to
provide an activation key to unlock a license. You can either enter the key
as text or select an activation key file to be read from a disk.
The results of installing the licenses appears.
5 To install another license or to reinstall a license that failed, click
Continue; otherwise, click Done.
Deleting a License Certificate

1 In iManage, click License Management > Delete License.
2 Navigate to and select a license to delete, and then click Next.
3 Confirm that this is the license to delete and click OK.
Moving a License Certificate

1 In iManage, click License Management > Move a License.
2 Navigate to and select a license to move, and then click Next.
3 Navigate to and select the context where you want to move the license to,

A results screen displays showing the result of the moving the certificate.
4 Click OK.

103-000138-001
August 30, 2001
Novell Confidential
25
Manual
99a
38
July 17, 2001
Assigning Licenses to a Server

Each server needs a server license. You need to install a server license only if
you did not install licenses during the installation process or if the server
license was deleted. To install a server license certificate, follow the steps in
Installing License Certificates on page 24.
Modifying or Deleting Server Assignments

1 In iManage, click License Management > Manage License Properties.
Enter the fully distinguished name of the Server object you want the
license assigned to.
Delete a server assignment by removing the server information from

the field.
4 Click Done.
Viewing Information about License Certificates and

Containers
When you install a license certificate or create a metered certificate, a License
Certificate object is added to the eDirectory database. NLS also adds a License
Container object, if one doesn't already exist, and places the License
Certificate object in that container.
Using iManage, you can view information about licenses and their usage for
the License Certificate container or license.
1 In iManage, click License Management > Manage License Properties.
3 Select a tab to display the information you want to view.
26

103-000138-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Using SNMP
You can use SNMP to find out about licensing service events on your network.
About SNMP and NLS

SNMP is a management interface and high-level protocol. General-purpose
protocols such as IPXTM, TCP/IP, and UDP can host SNMP. NLS takes events
and errors, wraps them in one of these protocols, and sends them to a
management utility or console.
For example, suppose you instruct SNMP to raise an event whenever a license
unit is conveyed to a User object. Every time a license unit is conveyed,
SNMP sends a packet to a management console. The console registers that
event. As network administrator, you can view these packets at the
management console.
With SNMP, you can send out a wide variety of different events. NLS
provides a list of events and errors that the licensing service can send out
notifications on. As network administrator, you choose the events that you are
interested in. You can turn off all events, turn them all on, or turn on selected
events.
For example, NLS sends broadcast messages. Using SNMP, you can send an
SNMP message with the same content to a management console.
In short, SNMP enables you to be aware of what's happening on the network.
Why You Need a Management Console

An SNMP management productfor example, OpenView* or
ManageWise resides on the network and registers itself as the
management console. An SNMP agent (SNMP.NLM) runs on a NetWare
server. The SNMP pieces on each server send the SNMP datagrams to the
console. You use the console to track what's happening on the network.
You can place the management console anywhere on the network. This
console reads the SNMP packets and displays their contents to you, as the
network administrator. Typically these consoles are run on client computers
for convenience, but that functionality can be implemented on any computer
on the network.

103-000138-001
August 30, 2001
Novell Confidential
27
Manual
99a
38
July 17, 2001
Three Configuration Files for SNMP

NLS uses three configuration files for SNMP. The configuration files allow
the various systems which provide SNMP information to tailor that
information to your needs as you manage the network. All three files are
installed into SYS:\ETC.
SNMP.CFG lets you add descriptive strings that might be included in SNMP
packets. These packets provide you with specific information, such as server
name, computer hardware description, location, and whom to contact in case
of an issue.
NLSTRAP.CFG lets you specify which NLS events and errors you want to
track. NLSTRAP.CFG has a list of all possible events that NLS could ever
send out. The file contains two lines for each event. The first line is a
description. The second line enables or disables notification for that event. If
the line begins with a pound sign (#), no message is sent.
By default, all lines (events) are commented out. To see an event, you edit
NLSTRAP.CFG. The file contains a description at the top about the format and
what to do with each value. You just turn on what you want to see.
If NLSTRAP.NLM detects an event that is enabled in the NLSTRAP.CFG file,
NLSTRAP.NLM calls routines provided by SNMP.NLM to place the SNMP
packet on the network.
TRAPTARG.CFG lets you specify all targets (or receivers) that are to receive
SNMP trap messages generated by the SNMP agent (SNMP.NLM). It pairs
targets with a protocol for SNMP packet addressing. For example, a server
named PUFFIN in the IPX section of TRAPTARG.CFG instructs NLS to send
SNMP messages to server PUFFIN using IPX.
Implementing SNMP
1 Edit NLSTRAP.CFG to set events that you want to monitor.
Specify parameters by using a parameter keyword followed by the

desired parameter value. Then unload and reload NLSTRAP.NLM. (The
changes won't take effect until you reload NLSTRAP.NLM.)
2 Edit SNMP.CFG.
3 Edit TRAPTARG.CFG to specify all targets that are to receive SNMP trap
messages.
4 Run the management console.
28

103-000138-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
5 Load SNMP.NLM on a server.
SNMP.NLM (the SNMP agent) provides the APIs and framework to

allow SNMP to work on NetWare. SNMP.NLM traps events, generates
SNMP messages about the trapped events, and sends the messages to the
management console.
6 At the management console, view the SNMP messages.

103-000138-001
August 30, 2001
Novell Confidential
29
Manual
30
99a
38

103-000138-001
August 30, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
Troubleshooting Novell Licensing

Services
This chapter contains tips, information about system messages and error
codes, and a list of Technical Information Documents.
Tips on page 31
Error Codes and System Messages on page 33
TIDs on page 34
Tips
Unable to get a server base license
Problem: The server console displays Unable to get a Server Base license.
Action: Delete and reinstall the license certificate. If you use iManage, you
must manually make a server assignment during the installation of the licenses
certificate. (If you are an MLA account, do not make a server assignment.)
No access to license units

If License Service Provider objects are not well placed in the eDirectoryTM
tree. Some NLS clients might not have access to licensing services
Place license certificates as close as practical to the actual users but high
enough in the eDirectory tree so that everyone who needs to access them can
do so.
Consider the following guidelines:

103-000138-001
August 30, 2001
Novell Confidential
31
Manual
99a
38
July 17, 2001
Place server license certificates so that NLS servers do not have to

traverse slow WAN links to access license units.
Place user certificates so that NLS dos Not have to traverse WAN links
when users are authenticating to the tree.
Place at least one License Service Provider object in a container near the
root of the tree. Also, consider loading license service provider software
on servers that many or most users log in to in the eDirectory tree. These
two actions distribute requests for license units.
Identify license certificates that many users throughout the eDirectory
tree will use. Place these license certificates in a context near the root of
the eDirectory tree.
Identify license certificates that a small group will use. Place these license
certificates in the same eDirectory context as those users' objects.
Identify license certificates that larger groups will use. Place these
certificates in the eDirectory context that represents the root-most context
for the group.
The system erroneously reports duplicate licenses

Problem: The system reports that duplicate licenses are installed in the
eDirectory tree.
Possible cause: In a using earlier versions of NLS, you installed a license
certificate, deleted it, and then reinstalled it elsewhere in the eDirectory tree.
When the earlier NLS dredge process walks the eDirectory tree and looks for
certificates, the dredge encounters the deleted certificate and considers it a
duplicate.
Solution: If that license certificate was the only certificate in the License
Container object, delete the License Container object where the certificate was
installed and deleted. (Dont delete the License Container object if it contains
other license certificates.)
Solution: Deploy the current version of NLS by installing the NetWare 4
Support Pack 6a and NetWare 5 Support Pack 4 on you servers.
32

103-000138-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Error Codes and System Messages

Many messages for Novell Licensing Services are self-documenting;
information that you need appears on-screen with the message. Additional
information about error codes are provided below. Other error codes are
provided in NLSLSP Messages in System Messages.
Error Code C0001002 Displays

Possible Problem
Possible Solutions
You removed and reinstalled

eDirectoryTM.
See TID 2941280.
The Server object and [Public] dont

have enough rights.
Make sure that the Server object

(NLS_LSP_server) has the Browse
right to the License Certificate objects.
Make sure that the Server object has
the Read property right to All
Properties.
Make sure that [Public] has the Browse
right to the License Container object
where the license certificates are
stored. See TID 2943750.
You deleted the server base license (a

License Certificate object).
Reinstall the license certificates. See

TID 2943405.
You removed the read/write replica

from the NLS server. (The NLS server
is running NLSLSP.NLM. Its the server
that shows up in NetWare Administrator
as NLS_LSP_server.)
See TID 2949634.
Two NetWare 5 servers contain a

replica of the [Root] or tree partition.
See TID 2950971.

103-000138-001
August 30, 2001
Novell Confidential
33
Manual
99a
38
July 17, 2001
Error Code C0001005 Diplays

Possible Problem
Possible Solution
The license certificate requires a server

assignment but doesnt have one.
Assign a server. See Modifying or

Deleting Server Assignments on page
26.
TIDs
The following TIDs might help you resolve some issues relating to NLS on
your network. The TIDs are available at www.support.novell.com/servlet/
knowledgebase.
34
TID
Description
2943405
What to do when the server is unable to obtain a valid server

base license
2944797
Installing MLA certificates
2925689
Renaming a server
2943157
Moving a server to a different NDS context
2949634
Responding to a C0001002 message

103-000138-001
August 30, 2001
Novell Confidential
Novell
iFolder
www.novell.com
1.0
November 21, 2001

Novell Confidential
Manual
99a
July 17, 2001
38
Contents
Contents
Welcome to Novell iFolder
What Is Novell iFolder? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Installing Novell iFolder on NetWare 5.1

Server Requirements. . . . . . . . . . .
Client Workstation Requirements . . . .
Browser Requirements . . . . . . . . . .
Installing Novell iFolder on NetWare 5.1 .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Installing Novell iFolder on NetWare 6

Server Requirements. . . . . . . . . .
Client Workstation Requirements . . .
Browser Requirements . . . . . . . . .
Installing Novell iFolder on NetWare 6 .
Post-Installation Tasks . . . . . . . . .
Subcontainer Searches. . . . . . .
LDAP over SSL . . . . . . . . . . .
Port 389 and Clear Text Passwords
.
.
.
.
13
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
19
Installing Novell iFolder on Windows NT 4.0 or Windows 2000

Server Requirements. . . . . . . . . . . . . . . . . . . . . .
Client Workstation Requirements . . . . . . . . . . . . . . .
Browser Requirements . . . . . . . . . . . . . . . . . . . . .
Configuring the iFolder Web Site on Windows NT 4.0 . . .
Configuring the iFolder Web Site on Windows 2000 . . . .
13
14
14
14
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
19
19
19
20
22
22
24
24
25
Installing Novell iFolder on Novell Cluster Services
25
26
26
26
30
30
33
Post-Installation Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
Using Novell iFolder
37
Managing Novell iFolder Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

Using the Conflict Bin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
Contents

103-000132-001
November 21, 2001
Novell Confidential
Manual
Using the Server Management Console

Removing an iFolder Account . . . .
Restoring a Users Folder . . . . . .
Changing LDAP Settings . . . . . .
Optimizing Your iFolder Server . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
99a
July 17, 2001
38
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

103-000132-001
November 21, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
38
39
40
40
40
Manual
99a
38
July 17, 2001

Novell iFolderTM 1.0 is a file storage and management solution to the
universal problems associated with storing and retrieving data. With iFolder
you have the latest version of your data when you need it and where you need
it from any computer that you regularly use. And if you are not at a computer
that you regularly use, you can still access and manage your files if you have
an Internet connection and a Java-enabled browser.

103-000132-001
November 21, 2001
Novell Confidential
Manual
99a

103-000132-001
November 21, 2001
Novell Confidential
38
July 17, 2001
Manual
99a
July 17, 2001
38

Novell iFolderTM gives you automatic, secure, and transparent
synchronization of files between your hard drive and the iFolder server, which
results in easy access to personal files anywhere, anytime.
Being able to access your files from any computer from any location
eliminates the editing mistakes and menial updating tasks that frequently
occur when your local machine is not accessible from different access points.
The following figure illustrates how the iFolder server is accessed from
different computers or locations.
Office
Laptop
John Home
Home
Novell
iFolder
Server
John Home
LDAP Directory
John Home
John Home
Your iFolder Files
through a Browser
Kathy Home
Sam Home

103-000132-001
November 21, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
What Is Novell iFolder?

There are three components to Novell iFolder:
iFolder server software
iFolder runs on NetWare 5.1, NetWare 6, Windows NT* 4.0, and
Windows 2000 servers.
Once you have installed the iFolder server software on your server, your
users can install the iFolder client in order to access their iFolder files, and
you can access the Server Management Console and the default iFolder
Web site to manage your iFolder user accounts.
From the Server Management Console, you can perform administrative
tasks for all your iFolder user accounts. From the iFolder Web site, your
iFolder users will download the iFolder client software. It is also where
you can access the Java* applet and view your iFolder files from a
browser. The iFolder Web site is meant to be customized to fit your
companys look, feel, and business needs.
iFolder client software
Novell iFolder client is compatible with Windows* 95, 98, 2000, NT, and
ME workstations.
The iFolder client must be installed on every workstation that you will use
to access your iFolder files.
The following three items are created when iFolder is installed on the
workstation:
A shortcut pointing to your iFolder directory (located in My
Documents\iFolder\userid\Home) appears on your desktop.
The iFolder icon looks like this:
The iFolder directory, located on your computers hard drive, is

where you will keep your files. Once a file is placed in the iFolder
directory and synchronized out to the iFolder server, you can see it
from all workstations that you are logged in to that have the iFolder
client installed. Applications associated with the files in the iFolder
directory must be installed at the local workstation. For example, if
you have a Microsoft* Word document in your iFolder directory, you
10

103-000132-001
November 21, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
need to have the application installed on your workstation in order to

access that file. Any changes that are made in this directory, from any
workstation, are uploaded to the iFolder server. The frequency of the
uploading can be determined by either the user or the network
administrator.
The iFolder icon appears in the system tray of your workstation.
When you right-click the iFolder icon located in the system tray, you
get a menu giving you access to your iFolder preferences and an
activity status screen displaying what transactions are taking place
between the client workstation and the iFolder server. The activity
screen can also be accessed by double-clicking the iFolder icon. If
the iFolder client is in the process of transfering files to or from the
iFolder server, the icon will look like a folder with a moving arrow,
indicating the direction of the transfer.
A user account is automatically created on your iFolder server.
This account is created the first time the user logs in to the iFolder
server. When the account is created, iFolder asks you for a username
and a password. Next, iFolder asks you if you want to encrypt your
data. If you decide to encrypt your data, you are then prompted for a
pass phrase. This pass phrase is used to encrypt files that are
uploaded or downloaded to the server.
If you uninstall the iFolder client, the user account is never deleted
on the server. This must be done via the Server Management
Console. For more information, see Using the Server Management
Console on page 38.
iFolder Java applet
The iFolder Java applet runs in Internet Explorer or Netscape*. From the
browser, you can access your iFolder files from a computer that does not
have the iFolder client installed.
These three piecesthe iFolder server software, the iFolder client software,
and the Java applet work together seamlessly to provide you with instant
access to any iFolder files stored on your hard drive from anywhere in the
world.
If you are installing Novell iFolder on NetWare 5.1, follow the instructions in
Chapter 2, Installing Novell iFolder on NetWare 5.1, on page 13.
If you are installing Novell iFolder on NetWare 6, follow the instructions in
Chapter 3, Installing Novell iFolder on NetWare 6, on page 19.

103-000132-001
November 21, 2001
Novell Confidential
11
Manual
99a
38
July 17, 2001
If you are installing Novell iFolder on Windows NT 4.0 or Windows 2000,

follow the instructions in Chapter 4, Installing Novell iFolder on Windows
NT 4.0 or Windows 2000, on page 25.
If you are installing Novell iFolder on Novell Cluster Services, follow the
instructions in Chapter 5, Installing Novell iFolder on Novell Cluster
Services, on page 33.
12

103-000132-001
November 21, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Installing Novell iFolder on NetWare

5.1
Before you begin the iFolderTM installation, make sure that you have met the
following iFolder server, client, and browser requirements.
Server Requirements
NetWare 5.1 server with Support Pack 3 installed.
NetWare Support Packs are available at the Consolidated Support Pack
Home Page (http://support.novell.com/csp/csplist.html).
An LDAP v3 enabled directory, such as NDS eDirectoryTM 8.5. (Other
LDAP v3 compliant directories will also work.)
If you are using the same server for LDAP and iFolder, you must install
NDS eDirectory 8.5 or later on your server.
10 MB of free space on the SYS: volume where you plan to install
iFolder.
256 MB of RAM.
If your LDAP server is not the same server as your iFolder server, and you
want LDAP over SSL, copy the trusted root certificate (usually called
ROOTCERT.DER) from your LDAP server to the SYS:Public directory
of your iFolder server. (Remember where you copied this because you
will be prompted for its location during the iFolder installation.)
If you have a DNS name configured for your iFolder server, verify that
the DNS name and its corresponding IP address are in the
SYS:ETC\HOSTS file of your iFolder server.

103-000132-001
November 21, 2001
Novell Confidential
13
Manual
99a
38
July 17, 2001
Client Workstation Requirements

Novell iFolder is compatible with Windows 95, 98, 2000, NT, and ME
workstations. The iFolder client is very small and will take only about 2 MB
of free space on your workstation.
IMPORTANT: If you are installing the iFolder client on a Windows 95 workstation,
you must have the Winsock 2 update from Microsoft installed. This update can be
downloaded from the Microsoft Web site (http://www.microsoft.com/Windows95/
downloads/contents/WUAdminTools/S_WUNetworkingTools/W95Sockets2/
Default.asp).
Browser Requirements
You can use either Netscape 4.7 or later or Internet Explorer 5 or 5.5 to
download the iFolder client. Netscape 6 is not supported with this release.
IMPORTANT: Although you can use either Netscape or Internet Explorer (IE) to
download the iFolder client, IE 5 or 5.5 must be installed on every workstation

where you plan to install the iFolder client.

Novell iFolder uses the Apache Web server version 1.3.20. Apache uses port
80, which happens to be the same port that NetWare Enterprise Web server
(the default NetWare Web server) uses. In order to run the Apache Web server,
you must unload the NetWare Enterprise Web server before you can install
iFolder. If you want to run both the Apache Web server and the NetWare
Enterprise Web server, you must set the secondary IP address prior to the
iFolder installation and assign either the Apache or Enterprise Web server to
that secondary IP address.
1 On your workstation, map a Novell drive to the SYS: volume on the
server where you plan to install iFolder and Apache.

IMPORTANT: Apache must be installed on the SYS: volume.
2 Locate the iFolder software that you downloaded and double-click the
iFolder Apache server executable (ApacheiFolderServer.EXE) for

NetWare.
3 Read the Welcome screen and click Next.
4 Click Yes to accept the licensing agreement.
14

103-000132-001
November 21, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
5 Enter your username and the name of your company, and then click Next.
6 Browse to the drive letter that you mapped in Step 1 and then click Next.
HINT: In order to install Novell iFolder on multiple servers from the same
workstation, you must delete the directory that represents your last installation. To
do this, go to C:\Program Files\Installshield Installation Information. If there are
multiple directories, look at the their creation timestamps and delete the one that
was created at the time that you performed your last installation. After you delete
this directory, you should be able to install Novell iFolder on another server from
the same workstation.
7 (Conditional) If Apache is already installed on your server, choose one of
the following options and then click Next:
Overwrite the existing Apache installation on your server and install

Apache and iFolder.
Leave the existing Apache installation on your server and install only
iFolder.
Exit the install.
8 (Conditional) If you chose to overwrite an existing Apache installation,
or if Apache was not previously installed on your server, enter the DNS
name or the IP address of the server, your e-mail address, and then click
Next.
9 Enter the IP address of your LDAP server in the LDAP Host field.
10 Enter the LDAP port you want to use.
If you are using port 389, the LDAP Group object must be marked to
Allow Clear Text Passwords. To verify this, launch ConsoleOneTM and
locate the context where your server resides, right-click the LDAP Group
object, click Properties, and check Allow Clear Text Passwords.
HINT: Choose port 389 if you want to use LDAP without SSL encryption or if your
LDAP server does not support SSL. Port 389 is also a good choice if iFolder and
LDAP are running on the same server (no communication or data is being
transferred across the wire, so no encryption is necessary).
Choose port 636 if you want to use SSL, which provides your network with
encryption and security when data is transferred across the wire. If you choose port
636, make sure you have copied the ROOTCERT.DER file from your LDAP
servers SYS:PUBLIC directory to your iFolder server prior to the iFolder
installation.
11 (Conditional) If you have chosen port 636, enter the path to the LDAP
trusted root certificate.

103-000132-001
November 21, 2001
Novell Confidential
15
Manual
99a
38
July 17, 2001
This will be the path to the SYS:Public directory where you copied the
ROOTCERT.DER prior to the installation. For more information, see
Server Requirements on page 13.
12 Enter the LDAP login DN context.
This is the context of the container where your User objects are located.
iFolder allows you to enter multiple contexts. After each context, insert a
semicolon. Do not put any spaces between the contexts.
13 (Optional) If you want iFolder to search all subcontainers below the
specified LDAP login DN context, make sure you check the Subcontainer
Search check box.
14 (Conditional) If you checked the Subcontainer Search check box, you
must do one of the following:
Assign the CN property to the Public object.

To assign the CN property to the Public object, continue with the next
step.
Create an LDAP proxy user.

To create an LDAP proxy user, follow the instructions in Step 16 on
page 17.
15 (Conditional) Assign the CN property to the Public object.

IMPORTANT: Any rights assigned to the Public object are automatically inherited
by all other objects in the NDS tree. You might not want to assign the CN property
to the Public object if these rights will cause a security risk. If your iFolder server
is outside the firewall and you do not want the CN property assigned to all objects
in your NDS tree, you can also use an LDAP Proxy Username to search the
subcontainers of your tree.
15a Launch ConsoleOne.

15b Right-click your Tree object and then click Properties.
15c Click NDS Rights > Public object > Assigned Rights > Add Property.
15d Check the Show All Properties check box located at the bottom of the
screen, select the CN property from the list, and then click OK.
15e Check the Inheritable check box and then click OK > Apply > Close.
Continue with Step 17.
16

103-000132-001
November 21, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
16 (Conditional) Create an LDAP proxy user.

16b Create a user without a password.
16c Right-click your Tree object and then click Properties > NDS Rights
> Add Trustee.

16d Select the User object you just created and then click OK.
16e When the Rights Assigned to Selected Object dialog box appears,
click Add Property.

16f Check the Show All Properties check box, select the CN property
from the list, and then click OK.

16g Click OK > Apply > Close.
16h Right-click the LDAP Group object in your NDS tree and then click
Properties > General.

16i Click the Browse button next to the Proxy Username field, select the
user that you just gave trustee rights to, and then click OK.
The user now appears in the Proxy Username field.
16j Click Apply > Close.
17 Click Next in the iFolder setup.
18 (Conditional) If you are using a secondary LDAP server, enter the LDAP
information for that server.

Fill in this information only if you have two LDAP directories that
contain usernames that need iFolder accounts. For example, suppose you
have one LDAP directory that contains all your employee usernames and
another LDAP directory that contains all your vendor usernames and you
want the users from both directories to have iFolder accounts. You would
enter the information for a secondary LDAP server.
19 Enter the path to the directory where you want the iFolder user data to be

20 Enter the names of all the administrators who need rights to modify
iFolder user account information via the Server Management Console

HINT: The Admin names must have user accounts in your LDAP directory.
If you are entering more than one name, separate the usernames with a
semicolon, not spaces. For example, if you wanted users jsmith and

103-000132-001
November 21, 2001
Novell Confidential
17
Manual
99a
38
July 17, 2001
admin to have rights to administer the Server Management Console, you

would enter admin;jsmith.
21 If prompted, enter the IP address or the DNS name of your server and then
click Next.
22 Click Finish to complete the installation.
If you are using only one IP address, to start Novell iFolder you can
reboot your server (this will run the edited AUTOEXEC.NCF) or
enter the following commands at the server console:
search add sys:\Apache
search add sys:\Apache\iFolder\Server
STARTIFOLDER
If you are using two IP addresses, edit the AUTOEXEC.NCF file and
enter the following lines after the search add
sys:\Apache\iFolder\Server command line:
set command line prompt default choice=on
set command line prompt time out=60
Also enter ? in front of the STARTIFOLDER command line.
Once you have edited the AUTOEXEC.NCF, to start Novell iFolder
you can reboot your server (this will run the edited
AUTOEXEC.NCF) or enter the following commands at the server
console:
search add sys:\Apache
search add sys:\Apache\iFolder\Server
STARTIFOLDER
Novell iFolder is now installed on your NetWare 5.1 server. To learn more
about Novell iFolder, go to Chapter 6, Using Novell iFolder, on page 37.
18

103-000132-001
November 21, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

Server Requirements
10 MB of free space on the SYS: volume where you plan to install
iFolder.

IMPORTANT: If you are installing the iFolder client on a Windows 95 workstation,
you must have the Winsock 2 update from Microsoft installed. This update can be
Default.asp).


103-000132-001
November 21, 2001
Novell Confidential
19
Manual
99a
38
July 17, 2001

1 Do a Custom install of NetWare 6.
For instructions on installing NetWare 6, see the NetWare 6 Overview and

Installation Guide.
2 During the NetWare 6 installation, select iFolder as one of the products
that you want to install.

3 (Conditional) If prompted, resolve port conflicts or assign secondary IP
addresses.
If you are installing iFolder with no other Web products, you will not see
this screen.
4 When prompted, enter the following information:
User data
Enter the path to the directory where you want the iFolder user data
to be stored on the iFolder server.
Admin names
Enter the names of all the administrators who need rights to modify
iFolder user account information via the Server Management
Console.
HINT: The Admin names must have user accounts in your LDAP directory.
If you are entering more than one name, separate the usernames with
a semicolon, not spaces. For example, if you wanted users jsmith and
admin to have rights to administer the Server Management Console,
you would enter admin;jsmith.
Network domain
Enter the IP address or the DNS name of your server.
Admins e-mail addresses
5 At this point, if you do not want to configure any LDAP settings, you can
finish the NetWare 6 installation. No post-installation tasks are required.

To learn more about iFolder once it is installed, see Chapter 6, Using
Novell iFolder, on page 37.
If you would like to configure your LDAP settings, continue with Step 6.
20

103-000132-001
November 21, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
6 (Optional) Continue with the NetWare 6 installation until you get to the
Summary screen at the end of the NetWare 6 installation.

The Summary screen lists all the products that you have selected to install
with NetWare 6.
7 At the Summary screen, click NetWare 6 > iFolder > Configure > Primary
LDAP Settings.
8 Enter the following LDAP information for your primary LDAP server:
LDAP Host
Enter the IP address of your LDAP server in the LDAP Host field.
IMPORTANT: If you change your IP address here and your LDAP server is
configured with SSL encryption, there will be some post-installation

configuration required after the NetWare 6 installation. For more information,
see LDAP over SSL on page 24.
LDAP Port
Enter the LDAP port you want to use.
Allow Clear Text Passwords. For more information, see Port 389
and Clear Text Passwords on page 24.
HINT: Choose port 389 if you want to use LDAP without SSL encryption or if
your LDAP server does not support SSL. Port 389 is also a good choice if
iFolder and LDAP are running on the same server (no communication or data
is being transferred across the wire, so no encryption is necessary).
encryption and security when data is transferred across the wire. If you
choose port 636, there will be some post-configuration required after the
NetWare 6 installation. For more information, see LDAP over SSL on page
24.
LDAP Login DN Context

This is the context of the container where your User objects are
located. iFolder allows you to enter multiple contexts. After each
context, insert a semicolon. Do not put any spaces between the
contexts.
Subcontainer Search
If you want iFolder to search all subcontainers below the specified
LDAP login DN context, check this option.
IMPORTANT: If you selected to do subcontainer searches, there will be
some post-installation configuration required after the NetWare 6 installation.

For more information, see Subcontainer Searches on page 22.

103-000132-001
November 21, 2001
Novell Confidential
21
Manual
99a
38
July 17, 2001
9 (Conditional) If you have a secondary LDAP server, click Secondary
LDAP Settings.
10 Enter the settings for the secondary LDAP server.
HINT: You will fill in the same information for the secondary LDAP server as you
did for your primary LDAP server. To review the primary LDAP server instructions,
see Step 8 on page 21.
11 Finish the NetWare 6 installation and then reboot your server.

12 (Conditional) If you have a DNS name configured for your iFolder server,
verify that the DNS name and its corresponding IP address are in the
SYS:ETC\HOSTS file of your iFolder server.
If you chose to do subcontainer searches, port 389, or if you want LDAP over
SSL, continue with the next section, Post-Installation Tasks.
IMPORTANT: These post-installation tasks are not optional. If you disreguard
them, iFolder will not function properly.
If your iFolder selections do not require post-installation tasks, see Chapter 6,

Using Novell iFolder, on page 37 to learn more about Novell iFolder.
Post-Installation Tasks
Complete the appropriate post-installation tasks.
Subcontainer Searches
To allow iFolder to do a subcontainer search, you must do one of the
following:
Assign the CN property to the Public object
Create an LDAP proxy user
22

103-000132-001
November 21, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Assign the CN Property to the Public Object

IMPORTANT: Any rights assigned to the Public object are automatically inherited
by all other objects in the Novell eDirectoryTM tree. You might not want to assign
the CN property to the Public object if these rights will cause a security risk. If your
iFolder server is outside the firewall and you do not want the CN property assigned
to all objects in your eDirectory tree, you can also use an LDAP Proxy Username
to search the subcontainers of your tree.
1 Launch ConsoleOneTM.
2 Right-click your Tree object and then click Properties.
3 Click NDS Rights > Public object > Assigned Rights > Add Property.
4 Check the Show All Properties check box located at the bottom of the
screen, select the CN property from the list, and then click OK.
5 Check the Inheritable check box and then click OK > Apply > Close.
Novell iFolder is now installed and running on your NetWare 6 server. To

learn more about Novell iFolder, go to Chapter 6, Using Novell iFolder, on
page 37.
Create an LDAP Proxy User
1 Launch ConsoleOne.
2 Create a user without a password.
3 Right-click your Tree object and then click Properties > NDS Rights >
Add Trustee.
4 Select the User object you just created and then click OK.
5 When the Rights Assigned to Selected Object dialog box appears, click
Add Property.
6 Check the Show All Properties check box, select the CN property from
the list, and then click OK.

7 Click OK > Apply > Close.
8 Right-click the LDAP Group object in your NDS tree and then click
Properties > General.

9 Click the Browse button next to the Proxy Username field, select the user
that you just gave trustee rights to, and then click OK.
The user now appears in the Proxy Username field.
10 Click Apply > Close.

103-000132-001
November 21, 2001
Novell Confidential
23
Manual
99a
38
July 17, 2001
Novell iFolder is now installed and running on your NetWare 6 server. To

learn more about Novell iFolder, go to Chapter 6, Using Novell iFolder, on
page 37.
LDAP over SSL

If your LDAP server is not the same server as your iFolder server, and you
want LDAP over SSL, you need to export your LDAP servers trusted root
certificate and then copy it to your iFolder server.
This certificate (ROOTCERT.DER) should be located in your LDAP servers
SYS:PUBLIC directory. Copy the trusted root certificate to the
SYS:Apache\iFolder\Server directory on your iFolder server.
For instructions on exporting a trusted root certificate, see the Novell
Certificate Server Administration Guide (http://www.novell.com/
documentation/lg/crt221ad/index.html) > Managing Novell Certificate Server
> Exporting a Trusted Root or Public Key Certificate.
Port 389 and Clear Text Passwords

1 Launch ConsoleOne and locate the context where your server resides.
2 Right-click the LDAP Group object and then click Properties > Allow
Clear Text Passwords.
24

103-000132-001
November 21, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Installing Novell iFolder on Windows

NT 4.0 or Windows 2000
Server Requirements
A Windows NT 4.0 server with Service Pack 6A or later installed or a
Windows 2000 server with Service Pack 1 installed.
Microsoft Service Packs are available at the Microsoft Web site (http://
updates.zdnet.com/products/pr_13616.htm).
IIS 4 or later installed.
An LDAP v3 enabled directory, such as NDS eDirectoryTM 8.5. (Other
LDAP v3 compliant directories will also work.)
256 MB of RAM.
If you want to have LDAP over SSL encryption when the iFolder server
communicates with the LDAP server:
For NetWare, go to the SYS:PUBLIC directory of your LDAP server
and copy the LDAP Root Certificate, ROOTCERT.DER, to your
iFolder server.
For other operating systems, export the LDAP servers root
certificate and then copy it to your iFolder server.
Get an SSL certificate and install it onto your iFolder server.

103-000132-001
November 21, 2001
Novell Confidential
25
Manual
99a
38
July 17, 2001
You can do this in either of two ways: 1) If you have your own certificate
server, such as Novell Certificate Server, then you can get a certificate
from your server, or 2) You can go to a certificate vendor, such as Entrust*
or VeriSign*, and purchase a certificate from them.
For more information on installing and creating SSL certificates for IIS 4,
go to the Microsoft Product Support Services Web site (http://
support.microsoft.com/support/kb/articles/Q228/9/91.ASP).
For information on SSL certificates for IIS 5, go to the Microsoft Product
Support Services Web site (http://support.microsoft.com/support/kb/
articles/Q228/8/36.ASP).

IMPORTANT: If you are installing on a Windows 95 workstation, you must have
the Winsock 2 update from Microsoft installed. This update can be downloaded
from the Microsoft Web site (http://www.microsoft.com/Windows95/downloads/
contents/WUAdminTools/S_WUNetworkingTools/W95Sockets2/Default.asp).

Installing Novell iFolder on Windows NT 4.0 or Windows

2000
1 Stop the Internet Information Server (IIS).
26
For Windows NT 4, go to Control Panel > Services > IIS Admin

Services > Stop.
For Windows 2000, go to Control Panel > Administrative Tools >

Services > IIS Admin Service > Stop.

103-000132-001
November 21, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
2 Locate the iFolder software that you downloaded and double-click the
iFolder IIS server executable (IISiFolderServer.EXE).

3 Read the Welcome screen and click Next.
4 Click Yes to accept the licensing agreement.
5 Enter your username and the name of your company, and then click Next.
6 Browse to the location where you want iFolder to install the setup files

7 Enter the IP address of your LDAP server in the LDAP host field.
8 Enter the LDAP port you want to use.
Allow Clear Text Passwords. To verify this, launch ConsoleOneTM and
locate the context where your server resides, right-click the LDAP Group
object, click Properties, and check Allow Clear Text Passwords.
HINT: Choose port 389 if you want to use LDAP without SSL encryption. Port 389
is also a good choice if LDAP and iFolder are running on the same server or if your
LDAP server does not support Secure Socket Layer (SSL).
encryption and security when data is transferred across the wire. If you choose port
636, you must create and install an SSL certificate for your iFolder server prior to
the iFolder installation. For more information, see Server Requirements on page
25.
9 If you have chosen port 636, enter the path to the LDAP Root Certificate.
This is the path to the place where you copied the SSL certificate prior to
the installation. For more information, see Server Requirements on
page 25.
10 Enter the LDAP login DN context.
11 Enter the context of the container where your User objects are located.
iFolder lets you enter multiple contexts. After each name, insert a
semicolon. Do not put any spaces between the names.
12 (Optional) If you want iFolder to search all subcontainers below the
LDAP login DN context, make sure you check the Subcontainer Search
check box.
13 (Conditional) If you are doing a subcontainer search, you must assign the
CN property to the Public object or create an LDAP proxy user.

103-000132-001
November 21, 2001
Novell Confidential
27
Manual
99a
38
July 17, 2001
If you are assigning the CN property to the Public object, continue

with the next step.
Any rights assigned to the Public object are automatically inherited
by all other objects in the NDS tree. You might not want to assign the
CN property to the Public object if these rights will cause a security
risk. If your iFolder server is outside the firewall and you do not want
the CN property assigned to all objects in your NDS tree, you can
also use an LDAP Proxy Username to search the subcontainers of
your tree.
If you are creating an LDAP proxy user, continue with step Step 15.
14 (Conditional) To assign the CN property to the Public object, follow these
instructions:
14b Right-click your NDS Tree object and then click Properties.
14c Click NDS Rights > Public object > Assigned Rights > Add Property.
14d Check the Show All Properties check box, select the CN property
from the list, and then click OK.

14e Check the Inheritable check box.
14f Click Apply > OK.
Continue with Step 16.

15 (Conditional) To create an LDAP proxy user, follow these instructions:
15b Create a user without a password.
15c Right-click your NDS tree object and click Properties > NDS Rights
> Add Trustee.

15d Browse to your NetWare server, select the LDAP Group object, and
click Apply > OK.

HINT: When you add this user as a trustee of the tree, just accept the default
Compare and Read rights.
15e Right-click the LDAP Group object and then click Properties >
General.
15f Click the Browse button next to the Proxy Username field and
browse to the user that you just gave trustee rights to.
28

103-000132-001
November 21, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
15g Double-click the user so that the name appears in the Proxy
Username field.
15h Click Apply > OK.
16 Click Next in the iFolder setup.
17 (Conditional) If you are using a secondary LDAP server, enter the LDAP
information for that server.

18 Enter the path to the directory where you want the iFolder user data to be

19 Enter the names of all the administrators who need rights to modify
iFolder user account information via the Server Management Console

If you are entering more than one name, separate the usernames with a
semicolon, not spaces. For example, if you wanted John Smith and user
Admin to have rights to administer the Server Management Console, you
would enter admin;jsmith.
20 If prompted, enter the IP address or the DNS name of your server.
21 Click Finish to complete the installation.
22 Restart the IIS server.
After Novell iFolder is installed, you have a few things left to configure
through the Internet Services Manager in order for the iFolder Web site and
the Java applet to work correctly.
If your iFolder server is running Windows NT 4.0, follow the instructions in
Configuring the iFolder Web Site on Windows NT 4.0 on page 30.
If your iFolder server is running Windows 2000, follow the instructions in
Configuring the iFolder Web Site on Windows 2000 on page 30.

103-000132-001
November 21, 2001
Novell Confidential
29
Manual
99a
38
July 17, 2001
Configuring the iFolder Web Site on Windows NT 4.0

1 Launch the Internet Services Manager by clicking Start > Windows NT
4.0 Option Pack > Microsoft Internet Information Server > Internet
Service Manager.
2 Right-click the Default Web Site icon and then click Properties > Home
Directory.
3 Set the local path.
For example, if you installed iFolder on your C: drive, then you would
enter
C:\inetpub\wwwroot\iFolder\DocumentRoot
HINT: Enter this path in exactly as you see it, except for the drive letter. What drive
letter you enter depends on where you installed iFolder.
4 From the Permissions drop-down box, select Script.

5 Click Documents.
6 Check the Enable Default Documents check box and then click Add.
7 Enter index.html into the text field and click OK.
Novell iFolder in now installed on your Windows NT 4.0 server. For more
information about Novell iFolder, go to Chapter 6, Using Novell iFolder, on
page 37.
Configuring the iFolder Web Site on Windows 2000

1 Launch the Internet Services Manager by clicking Start > Settings >
Control Panel > Administrative Tools > Internet Services Manager.

2 Right-click the Default Web Site icon and click Properties > Home
Directory.
3 Set the local path.
For example, if you installed iFolder on your C: drive, then you would
enter
C:\inetpub\wwwroot\iFolder\DocumentRoot
HINT: Enter this path in exactly as you see it, except for the drive letter. What drive
letter you enter depends on where you installed iFolder.
4 Check the Script Source Access check box.

5 From the Execute Permissions drop-down box, select Scripts Only.
30

103-000132-001
November 21, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
6 Click the Documents tab.

7 Check the Enable Default Documents check box.
8 Click the Add button.
9 Enter index.html into the text field and click OK.
Novell iFolder in now installed on your Windows 2000 server. For more
information about Novell iFolder, go to Chapter 6, Using Novell iFolder, on
page 37.

103-000132-001
November 21, 2001
Novell Confidential
31
Manual
32
99a

103-000132-001
November 21, 2001
Novell Confidential
38
July 17, 2001
Manual
99a
38
July 17, 2001
Installing Novell iFolder on Novell

Cluster Services
Before you set up Novell iFolderTM on Novell Cluster ServicesTM, you should
already have a basic understanding of how Novell Cluster Services works. A
short overview is provided in the Novell Cluster Services Overview and
Installation Guide (http://www.novell.com/documentation/lg/ncs/
index.html).
NOTE: Novell Clustering Services runs only on NetWare.
To configure Novell iFolder on Novell Cluster Services, complete the

following steps:
1 Meet the iFolder NetWare server, client, and browser requirements.
For NetWare 5.1, follow the instructions beginning with Server

Requirements on page 13.
For NetWare 6, follow the instructions beginning with Server

Requirements on page 19.
2 Install iFolder on all NetWare servers in the cluster that you want to run
iFolder.
For NetWare 5.1, follow all steps of the procedure in Chapter 2,

Installing Novell iFolder on NetWare 5.1, on page 13.
For NetWare 6, follow all steps of the procedure in Chapter 3,

Installing Novell iFolder on NetWare 6, on page 19.
Once iFolder is installed on your clustered servers, continue with the next
section, Post-Installation Tasks.

103-000132-001
November 21, 2001
Novell Confidential
33
Manual
99a
38
July 17, 2001
Post-Installation Tasks
For NetWare 5.1 servers, create an NSS volume on your shared

storage disk system, commonly referred to as a storage area network
or SAN.
This is the volume that will contain all your iFolder user data and
accounts. The size of this volume will vary according to how many
iFolder users you plan to have and the amount of data they will be
storing.
For more information, see NetWare Cluster Services (http://
www.novell.com/documentation/lg/ncs/index.html) > Installation
and Setup > Settting Up NetWare Cluster Services > Create Cluster
Volumes.
For NetWare 6 servers, create an NSS volume on a pool. If a pool

already exists, make sure there is enough space on the pool for the
NSS volume that you plan to make.
For more information on creating pools and NSS volumes, see
Novell Cluster Services (http://www.novell.com/documentation/lg/
ncs6p/index.html).
For NetWare 5.1 servers, cluster-enable the NSS volume that you just
created.
This involves assigning an IP address to the cluster-enabled volume.
Remember this IP address; youll need it later.
For more information, see NetWare Cluster Services (http://
www.novell.com/documentation/lg/ncs/index.html) > Installation
and Setup > Settting Up NetWare Cluster Services > Create ClusterEnabled Volumes.
For NetWare 6 servers, cluster-enable the pool you created in Step 1.

(cluster-enabling the pool automatically custer-enables the NSS
volume that you created on the pool).
This involves assigning an IP address to the cluster-enabled pool.
Remember this IP address; youll need it later.
34

103-000132-001
November 21, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
For more information, see Novell Cluster Services (http://

www.novell.com/documentation/lg/ncs6p/index.html) > Installation
and Setup > Setting Up Cluster Services.
3 Create a folder on the cluster-enabled volume.
4 Choose one iFolder server in the cluster and go to the
SYS:Apache\iFolder\Server directory and edit the

HTTPD_NW_ADDITIONS.CONF file.
The following parameters for the LDAP Host, iFolderServerRoot, and the
Virtual Host must be modified in two places in the
HTTPD_NW_ADDITIONS.CONF file. One listing is for the unsecured
port (usually 80) and the other listing is for the secured port (usually 443).
Both parameters must be modified.
Make the following adjustments:
Set the LDAP Host to the IP address or DNS name that you assigned
to the cluster-enabled volume.
Set the iFolderServerRoot to the folder that you created on the

cluster-enabled volume.
For example, if your cluster-enabled volume was called
SHAREDVOL and you had created a folder on that volume called
NIFDIR, you would set the iFolderServerRoot to
SHAREDVOL:\NIFDIR.
Set the Virtual Host to the IP address or DNS name that you assigned
5 Save your edits and then copy the edited
HTTPD_NW_ADDITIONS.CONF file to every iFolder server in the

cluster.
6 Choose one iFolder server in the cluster and go to the
SYS:Apache\iFolder\Server directory and edit the HTTPD.CONF file.

7 Modify the following parameters:
Locate the Listen parameter. Set this parameter to the IP address of

the cluster-enabled volume by either adding a new Listen parameter
or by modifying an existing one.

103-000132-001
November 21, 2001
Novell Confidential
35
Manual
99a
38
July 17, 2001
Locate the ServerName parameter. By default, this parameter

displays the IP address of the server. Replace this IP address with the
IP address or DNS name of the cluster-enabled volume.
Locate the SecureListen ipaddress "SSL CertificateIP" parameter.

Change the IP address that is listed to the IP address or DNS name of
the cluster-enabled volume.
8 Save your changes to the HTTPD.CONF file and then copy it to every
iFolder server in the cluster.

9 Next, edit the AUTOEXEC.NCF file on every iFolder server in the
cluster and comment out the line that reads startifolder.

The startifolder command allows iFolder to start by default when you
reboot your server. However, when you use iFolder in a clustered
environment, iFolder is started by NetWare Cluster Services.
10 From the workstation, Launch ConsoleOneTM.
11 Browse to your cluster container object.
12 Right-click the cluster volume resource and then click Properties > IP
Address.
13 Verify that the IP address that appears is the one that you have assigned

14 In the Properties dialog box, click Scripts > Cluster Resource Load Script.
15 Add the following commands to the end of the existing load script:
startifolder
16 Apply.
17 Click Scripts > Cluster Resource Unload Script
18 Add the following commands to the beginning of the existing unload
script:
stopifolder
delay 2
19 Click Apply > Close.
Novell iFolder is now installed. For more information on using Novell iFolder,
see Chapter 6, Using Novell iFolder, on page 37.
36

103-000132-001
November 21, 2001
Novell Confidential
Manual
99a
July 17, 2001
38

This chapter covers the following three topics:
Managing Novell iFolder Accounts on page 37
Using the Server Management Console on page 38
Optimizing Your iFolder Server on page 40
Managing Novell iFolder Accounts

Once Novell iFolderTM is installed and running on your server, your users can
download and install the iFolder client. The first time the iFolder client is
installed, a user account is automatically created on your iFolder server. For
more information on how the iFolder server and client software work together,
see What Is Novell iFolder? on page 10.
After iFolder has been installed on your server, you have access to the
following two Web sites:
The default iFolder Web site
This site contains the iFolder Client Quick Start Guide and other
important information about Novell iFolder. It is also where users will
download the iFolder client and access their iFolder files via a browser.
You can modify this page to fit your companys internal needs.
To access the default iFolder Web site, enter the IP address or the DNS
name of your server into a browser.
The Server Management Console
The Server Management Console lets you manage your users iFolder
accounts. From this site, you perform administrative tasks and manage
the activity between the server and the iFolder clients. Access the Server

103-000132-001
November 21, 2001
Novell Confidential
37
Manual
99a
38
July 17, 2001
Management Console by opening a browser and entering https://

ifolderserverip/iFolderServer/Admin.
IMPORTANT: The Server Management Console URL is case sensitive.
For more information, see the next section, Using the Server Management
Console.
Using the Conflict Bin

The iFolder client has a feature called the Conflict Bin. A user will rarely need
to access this option, however, it is useful for you to undestand how this
feature works. The following scenario illustrates how the conlict bin works.
Suppose that John is one of your iFolder users. John has installed the iFolder
client installed two computers: computer A and computer B. At some point in
the day, John disconnects both of these computers from the network and
ontinues to work. While he is working, he makes a change to one of his iFolder
files on computer A. He then reconnects computer A to the network in order
to synch the changes up to the iFolder server.
As John continues to work, he decides to make another change to that same
file, but this time, he uses computer B. Then, John reconnects computer B to
the network to synchronize the new change.
When computer B reconnects to the network and synchs up the change to the
iFolder server, the change that John made on computer A would be over
written with the change that John made to that same file from computer B. In
this case, the change that he made to his iFolder files from computer A would
be lost. To prevent data lose, iFolder saves the overwritten file to the Conflict
Bin. John can access the Conflict Bin by double-clicking the iFolder icon
located in the system tray.
Using the Server Management Console

In order to access the iFolder user account information, you must log in to the
Server Management Console with your administrative username and
password.
The Server Management Console lets you manage your users iFolder
accounts. From this site, you perform administrative tasks and manage the
activity between the server and the iFolder clients. Access the Server
Management Console by opening a browser and entering https://
ifolderserverip/iFolderServer/Admin.
IMPORTANT: The Server Management Console URL is case sensitive.
38

103-000132-001
November 21, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Once you are logged in, you can view and modify iFolder accounts as well as
set specific policies for your iFolder clients and server.
You can perform the following tasks in the Server Management Console:
View general server information
View and Modify LDAP settings
View user account information
As an administrator, you can remove a user account, change a users disk
storage quota on the iFolder server, and set specific policies for individual
users.
View iFolder client connections
Configure user policies
You can determine what policies will be applied to the iFolder clients. For
example, you can enforce policies so that your iFolder users do not have
the option to change them.
You can also hide certain iFolder client options. For example, if you
enforce and hide the option to request encryption of the iFolder data, the
data will be encrypted and the user will be unaware of the transaction.
Things that are hidden do not appear in the iFolder client dialog boxes.
Configure server policies
You can regulate server behavior, such as how much disk space will be
allotted to each iFolder client or how much time will pass before a session
times out.
For instructions about specific administrative tasks in the Server Management
Console, see the following:
Removing an iFolder Account on page 39
Restoring a Users Folder on page 40
Changing LDAP Settings on page 40
Removing an iFolder Account

1 Click User Accounts.
2 Select the user ID that you want to remove, scroll to the bottom on the list,
and then click Remove User.

3 Click Yes to confirm the removal of the user account.

103-000132-001
November 21, 2001
Novell Confidential
39
Manual
99a
38
July 17, 2001
Restoring a Users Folder

If a user wants to recover data from a deleted or corrupted file, you can restore
his folder to a secondary iFolder server and from there he can access his files.
1 At the Server Management Console, click User Accounts.
2 Roll your mouse over the users ID and look at the ID that appears in the
bottom of your browser.

3 Restore this folder from a backup tape to a secondary iFolder server that
the user can attach to and restore the files.
Changing LDAP Settings

You can change your LDAP settings by clicking the LDAP link, located on the
left-hand side of the Server Management Console.
Optimizing Your iFolder Server

You can optimize the performance of your iFolder server in the following
ways:
Add more RAM to your server.
Increase the threads. (This only applies to Apache Web Servers running
on NetWare.)
For optimal performance, we recommend one thread per client; however,
in terms of scalability, iFolder has been tested up to 25 clients per thread.
Change the amount of disk space alloted to your iFolder users.
Be careful; allotting large amounts of disk space to users could decrease
the iFolder servers performance.
Change the default sync delay parameters if you have thousands of users
and you need to improve the iFolder server performance.
Current defaults:
5-second delay after file activity
20-second server polling interval
To improve performance, make the following changes:
30-second delay after file activity
1-minute server polling interval
40

103-000132-001
November 21, 2001
Novell Confidential
Novell NetDrive Administration Guide
Novell
NetWare 6
www.novell.com
N E T D R I V E A D M I N I S T R AT I O N G U I D E
September 4, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Contents
Contents
Installing Novell NetDrive

Workstation Requirements . . . . . . . . .
Workstation and Protocol Compatibility
Application Compatibility . . . . . . . .
Installing NetDrive . . . . . . . . . . . . .
9
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Using Novell NetDrive
.
.
.
.
.
.
.
.
10
10
10
11
13
Adding a Site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Mapping a Drive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Copying Files. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Using NetDrive in a Thin-Client Environment
17
Troubleshooting FTP Problems
19
Contents

103-000170-001
September 4, 2001
Novell Confidential
Manual
99a

103-000170-001
September 4, 2001
Novell Confidential
38
July 17, 2001
Manual
99a
38
July 17, 2001

Novell NetDrive is an easy-to-use Internet client that lets you access your
NetWare 6 servers over standard Internet protocols, such as WebDAV and
FTP. NetDrive does not rely on the Novell ClientTM in order to map network
drives.

103-000170-001
September 4, 2001
Novell Confidential
Manual
99a

103-000170-001
September 4, 2001
Novell Confidential
38
July 17, 2001
Manual
99a
38
July 17, 2001
Novell NetDrive lets you to map a network drive to any NetWare 6 server
without using Novell ClientTM software. This means that with NetDrive, you
can access and modify your files from any workstation using just an Internet
connection. Once a network drive is mapped, the drive letter that you assigned
during the mapping appears in Windows* Explorer and functions just like
those that are mapped through Novell Client.
You can connect to your NetWare 6 servers through any of the following
protocols:
iFolderUse this protocol if you are connecting to iFolderTM servers in a
thin-client environment. For more information, see Chapter 3, Using
NetDrive in a Thin-Client Environment, on page 17.
FTPFTP (file transfer protocol) is a common protocol used to transfer files
via the Internet.
WebDAVWebDAV (Web-based Distributed Authoring and Versioning) is a
set of extensions to the HTTP protocol which lets users collaboratively edit
and manage files located on Web servers. For information about WebDAV, see
the WebDAV Home page (http://www.webdav.org).
IMPORTANT: The protocol that you decide to use must be configured on the
NetWare 6 server that you are connecting to.

103-000170-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Workstation Requirements
You need only 2 MB of available space on your hard drive to install and run
the NetDrive client.

Review the following table for information on what protocols are supported
with your workstation operating system.
IMPORTANT: If you are installing the NetDrive client on a Windows 95
workstation, download the Winsock 2 update from Microsoft*. This update can be
Default.asp).
Table 1

Protocol
Workstation
iFolder
Windows NT* and 2000
FTP
Windows 95, 98, ME, NT, and 2000
WebDAV (HTTP)
Windows 95, 98, ME, NT, and 2000
WebDAV + SSL (HTTPS)
Windows NT and 2000
Application Compatibility
Make sure you have the following conditions set if you are running the
following applications with NetDrive:
ZoneAlarmSet the Internet security level to medium to allow NetDrive
to access the Web server.
F-Secure Anti Virus and KasperSky Anti VirusIf you are using
Windows NT or Windows 2000 and NetDrive, disable the anti-virus
software only while using NetDrive. Otherwise, your workstation might
hang.
10

103-000170-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Installing NetDrive
1 Double-click NETDRIVE.EXE located in the NetDrive directory at the
the root of the NetWare 6 Client CD.

2 Follow the installation instructions.
When you click Finish on the last installation screen, Windows Explorer
launches and the following shortcuts appear in an Explorer window: Help
on NetDrive, NetDrive, and Uninstall NetDrive.
3 Double-click the NetDrive shortcut icon.
From the NetDrive Main Window that appears, you can create new sites,
map network drives, and configure and manage the Web sites that you
have mapped drives to.
To learn more about using NetDrive to map drives, see Chapter 2, Using
Novell NetDrive, on page 13.

103-000170-001
September 4, 2001
Novell Confidential
11
Manual
12
99a

103-000170-001
September 4, 2001
Novell Confidential
38
July 17, 2001
Manual
99a
July 17, 2001
38

Once NetDrive is installed, you can perform many basic tasks within the
NetWare Main Window.
Adding a Site
1 In the NetWare Main Window, click New Site.
2 Enter the name of your site and the URL for the NetWare 6 server in the
appropriate fields of the New Site dialog box.

If you omit the FTP or HTTP suffix from the URL, then NetDrive
defaults to FTP. To override the port for HTTP servers, append the port
number to the end of the URL (for example, http://
www.someserver.com:8888 specifies a port of 8888).
If you want to connect with WebDAV and SSL encryption, add HTTPS
to the beginning of the URL. (This option is only available for Windows
NT/2000 workstations.)
3 Click Finish.
At this point, you have only created a site. To actually map a drive and connect
to a NetWare 6 server, continue with the next section Mapping a Drive on
page 14.

103-000170-001
September 4, 2001
Novell Confidential
13
Manual
99a
38
July 17, 2001
Mapping a Drive
Once you have created a site and clicked Finish, the name of your site and the
URL of your NetWare 6 server are automatically generated in the NetDrive
Main Window; however, you still need to complete the following steps before
you can connect to a NetWare 6 server.
1 From the Server Type drop-down list, select the protocol that your
NetWare 6 server is using, and then select the drive letter that you want to
use for the mapped drive.
Check the Anonymous/Public Logon check box (usually used for

NetWare 6 servers running FTP).
Uncheck the Anonymous/Public Logon check box and then enter

your username and password.
3 (Conditional) If you are connecting with the iFolderTM protocol, enter a
pass phrase.
This is used to encrypt your files as they are transferred over the Internet.
4 (Optional) Click the appropriate check boxes to enable any of the
following:
Save your password
Connect to your mapped drives upon login
Add mapped drive to the Tray Connect menu
5 (Optional) To configure downloading, caching, and file locking
properties for your NetDrive site, click the Advanced button.

6 Click Connect.
As soon as NetDrive maps the drive, Windows Explorer launches with the
drive letter that you mapped appearing in the left pane.
HINT: If you have problems getting a directory listing or connecting to a NetWare
6 server running FTP, enter the IP address of the server instead of the URL. If the
problem persists, enable passive mode by clicking the Advanced button in the
NetDrive Main Window > Advanced > PASV - Passive Mode > OK. Then try
connecting to the Web server again.
Once NetDrive has successfully connected to the NetWare 6 server, the

Monitor dialog box appears. It provides you with connection status, file
transfer statistics, and a connection log.
14

103-000170-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Copying Files
To copy files, copy or cut and paste files as you normally would in Windows
Explorer. To disconnect from the server, right-click the Drive icon in Explorer
and click Disconnect.
WARNING: Since a connection can be interrupted in the middle of a file transfer,
you should always keep a backup copy of files that are transferred or modified on
your server.

103-000170-001
September 4, 2001
Novell Confidential
15
Manual
16
99a

103-000170-001
September 4, 2001
Novell Confidential
38
July 17, 2001
Manual
99a
38
July 17, 2001
Using NetDrive in a Thin-Client

Environment
NetDrive lets you access your iFolderTM files in a thin-client environment. If
you are accessing your virtual desktop through one of the following
applications running on your thin-client server, you can use NetDrive to
access your iFolder server and files:
Terminal Services Client
Citrix* MetaFrame
Novell OnDemand ServicesTM
To access your iFolder files, do the following:
1 Install NetDrive on your thin-client server. NETDRIVE.EXE is located at
the root of the NetWare 6 Client CD.

For instructions, see Installing NetDrive on page 11. Although
NetDrive is normally installed on a workstation, in this scenario, you will
install it on your server. The installation process is the same for
workstations and servers.
NOTE: You will need 3 MB of available space on your server to install NetDrive.
2 Log in to your workstation and double-click the NetDrive icon.

3 From the workstation, map a drive to your iFolder server.
For instructions, see Mapping a Drive on page 14.
Using NetDrive in a Thin-Client Environment

103-000170-001
September 4, 2001
Novell Confidential
17
Manual
18
99a

103-000170-001
September 4, 2001
Novell Confidential
38
July 17, 2001
Manual
99a
38
July 17, 2001

The following are troubleshooting tips that should help when you encounter
FTP errors.
If you cant create files using Microsoft Word, your NetWare 6 FTP
server that is running FTP might not support filenames that have the tilde
(~). To configure NetDrive to remove or replace tildes when connecting
to your FTP Web server, click your FTP site in the NetDrive Main
Window and then click Advanced > File Names.
If you cant create a directory in Windows Explorer, your NetWare 6 FTP
server might not support spaces in filenames.
If you cant connect to your NetWare 6 FTP server, check to make sure
that
Your username and password is correct (remember that they are case
sensitive).
Your Internet connection is still active.
Your URL is entered correctly. For anonymous logins, specify an email address because many FTP servers require the e-mail address as
the password.
To specify an e-mail address, in the NetDrive Main Window click
File > Program Settings > General.
If the directory listing is empty for your FTP site, try flushing the
directory cache. To do this, in the NetDrive Main Window click File
> Program Settings > Cache > Flush Directory Listing upon Each
Connection.
If the problem persists, change the server type from Auto Detect to
the actual server type. To do this, click your FTP site in the NetDrive
Main Window and then click > Advanced > Advanced > Host Type.

103-000170-001
September 4, 2001
Novell Confidential
19
Manual
99a
38
July 17, 2001
If you cant copy a file from an FTP mapped drive, check the Drive
Monitor Log window for FTP/HTTP status responses.
If you cant find a file on your NetWare 6 FTP server, flush your directory
cache. To do this, in the NetDrive Main Window click File > Program
Settings > Cache > Flush Directory Listing upon Each Connection.
If you cant rename your files, it might be because your NetWare 6 FTP
server doesnt support this functionality.
If you are unable to map a network drive, remove the lastdrive=g
statement in your NetWare 6 FTP servers CONFIG.SYS file and then
restart your server.
If you get a TCP/IP connection error and you are using the ZoneAlarm
firewall, make sure the security level is set to medium or disable
ZoneAlarm.
20

103-000170-001
September 4, 2001
Novell Confidential
QuickStart
Rev 99a
44
August 22, 2001
Novell
NetStorage
Q U I C K S TA R T
NetStorage Overview and Installation

Novell NetStorage is a feature of NetWare 6 that provides simple Internet-based access to file
storage. NetStorage is a Net services software solution that is a bridge between a companys
protected Novell network and the Internet. It gives users secure file access from any Internet
location, with nothing to download or install on the users workstation. Files and folders on a
Novell network can be accessed using either a browser or Microsoft* Web Folders.
Novell NetStorage includes the following features:
Lets users securely copy, move, rename, delete, read, and write files between any Internetenabled machine and a Novell network.
Eliminates the need to e-mail or copy data from one machine to another.
Supports Internet standards such as HTTP, HTTPS, HTML, XML, and WebDAV.
Provides a gadget for NetWare WebAccess so users can get access to network files and
folders by clicking on a gadget on the NetWare WebAccess page.
INSTALLING NETSTORAGE
NetStorage can be installed as an optional component during the NetWare 6 installation or it can
be installed after the NetWare 6 installation. It is not generally necessary to install NetStorage
on every NetWare 6 server on your network. For most networks, you need NetStorage installed
on only one server; this might vary depending on the size of your organization and your
organizations needs.
During the NetStorage installation, you are prompted for configuration information that is
necessary for NetStorage to function properly. If you decide to change the NetStorage
configuration, you must reinstall NetStorage and specify the configuration changes during the
installation.
103-000182-001
August 29, 2001

Novell Confidential
QuickStart
Rev 99a
44
August 22, 2001
System Requirements
If you have met the requirements for NetWare 6 and have NetWare 6 installed, you have met
almost all of the system requirements for NetStorage.
The following list specifies the system requirements for installing and running Novell NetStorage:
At least one NetWare 6 server in the eDirectoryTM tree where NetStorage will be installed
A Netscape* Navigator* 4.7 or later or Internet Explorer 5.0 or later browser or Microsoft
Web Folders
Installing Novell NetStorage during the NetWare 6 Installation
1 Start the NetWare 6 installation and continue through the install until you get to the screen
requiring you to choose either the Express or the Custom installation.
2 Select the Custom installation option.
You must select the Custom installation option to install NetStorage during the NetWare 6
installation. You cannot install NetStorage during an Express installation.
You are given the option of installing a new server or ugrading an existing server. NetStorage
can be installed using either of these options.
Continue through the installation until you get to the screen that lists the components that
can be installed with NetWare 6.
3 Check the box for the NetStorage Component along with the other components you want
installed with NetWare 6, and then click Next.
Continue to the NetStorage Install screen.
4 Specify the IP address or DNS name of a server in your eDirectory tree that has the master
replica or a read/write replica of eDirectory.
The primary eDirectory server URL is required for NetStorage to function properly. This does
not necessarily have to be the IP address or DNS name of the server where NetStorage is to
be installed.
When a user attempts to log in, NetStorage searches the eDirectory database on the server
you specify for the User object. If the User object is found, NetStorage attempts to
authenticate the user to eDirectory.
If you know the eDirectory context for the users that will use NetStorage, you can add that
context to the URL by inserting a colon (:) between the IP address or DNS name and the
eDirectory context. The context is optional. If no context is specified, NetStorage searches
the entire eDirectory tree on the primary eDirectory server for User objects.
For example, if the IP address of the server is 127.0.0.1 and the eDirectory context for your
users is personnel, then you would add 127.0.0.1:personnel to the field.
103-000182-001
August 29, 2001
QuickStart
Rev 99a
44
August 22, 2001
5 (Optional) Specify IP addresses or DNS names of servers in other eDirectory trees that have
at least read/write eDirectory replicas, or specify the same IP address or DNS name you used
for the primary eDirectory server but with a different context.
You can add two alternate eDirectory server IP addresses or DNS names and context settings.
These alternate settings are used to allow NetStorage to find User objects that exist in
contexts other than what you specified for the primary eDirectory server. The alternate
settings also allow NetStorage to find User objects with the same name in different
eDirectory trees. The alternate URL and context settings are optional, but can help provide
users with an additional level of access to NetStorage.
6 (Optional) Specify the IP address or DNS name and the port number that you assigned to
Novell iFolderTM.
If you are installing NetStorage during the NetWare 6 installation, you can click the Back
button to go back and view the screen where the IP address and port number assignments
were made. This does not necessarily have to be the IP address or DNS name of the server
where NetStorage is to be installed.
The iFolder DNS name or IP address and the port number are optional but, if specified, will
allow NetStorage users to access and manipulate files and directories on the iFolder server.
Installing Novell NetStorage after the NetWare 6 Installation
If you did not install NetStorage during the NetWare 6 installation, you can install it later by
completing the following steps:
1 Insert the NetWare 6 Operating System CD into your NetWare 6 server.
You might need to load CDROM.NLM on the server to access the NetWare 6 Operating System
CD.
2 From the Novell menu on the NetWare 6 console GUI, select Install.
3 Click Add and then browse to the root of the NetWare 6 Operating System CD.
4 Select the PRODUCT.NI file and click OK.
5 Check the NetStorage component check box and deselect all other components or products
unless you specifically want to install them.
6 Continue with Step 4 on page 2 to complete the NetStorage installation.
IMPORTANT: If you install NetStorage after the NetWare 6 installation, you must restart your
NetWare 6 server after completing the NetStorage installation.
103-000182-001
August 29, 2001
QuickStart
Rev 99a
44
August 22, 2001
STARTING AND USING NOVELL NETSTORAGE

Once you install NetStorage, it will start automatically when you start your NetWare 6 server. If
NetStorage is not accessible, restart the NetWare 6 server where NetStorage is installed. Also,
the date and time on the server running NetStorage should be reasonably close (within a few
hours) of the date and time on the machine being used to access NetStorage.
To access NetStorage, do the following:
1 Start your browser or Microsoft Web Folders and enter the URL for NetStorage.
The URL is http://server_ip_address/oneNet/NetStorage/. Replace server_ip_address with
the IP address or DNS name of the NetWare 6 server where you installed NetStorage or the
IP address you chose for the Apache-based services during the NetWare 6 installation.
If you specified a port number other than port 80 for Apache-based services during the
NetWare 6 installation, you must also specify that port number with the URL.
For example, if the IP address for NetStorage is 127.1.1.1 and the port number is 51080, then
you would specify 127.1.1.1:51080/oneNet/NetStorage/.
2 Enter your username and password.
NetStorage uses your eDirectory username and password, so you dont need to remember or
use a separate username or password.
The NetStorage Web page displays the network files and folders currently accessible for each
user. NetStorage reads the users NetWare login script to determine drive mappings, reads
eDirectory User object properties to determine the path to the users home directory, and then
displays a list of files and folders based on mapped drives and home directories.
If you specified alternate IP addresses or DNS names of servers in other eDirectory trees during
the NetStorage installation, NetStorage reads the User object properties in the other eDirectory
trees and displays those home directories also. This is useful if a user normally logs in to more
than one eDirectory tree and you want that user to have access to additional home directories in
different eDirectory trees using NetStorage. The User object name must be the same for each
eDirectory tree.
NetStorage reads the users login script only from the primary eDirectory server specified during
the installation and displays the users drive mappings only based on that login script.
You can use many of the same conventions for expanding and contracting folders and opening
files that are available in Windows Explorer. To create new folders or copy, delete, rename,
move, or download existing files or folders using a browser, click the Down arrow next to the file
or folder.
103-000182-001
August 29, 2001
QuickStart
Rev 99a
44
August 22, 2001
Clicking the Folder View button in the browser window displays folders in another column and
lets you expand and contract folders. The Text View only displays the files and folders in the
current directory and does not let you expand or contract folders.
Local files and folders are not accessible using NetStorage. Also, mapping drives or changing
login scripts is not permitted.
Copyright 2001 Novell, Inc. All rights reserved. No part of this publication may be reproduced, photocopied, stored on a retrieval system,
or transmitted without the express written consent of the publisher. eDirectory and iFolder are trademarks and NetWare and Novell are
registered trademarks of Novell, Inc. in the United States and other countries. All third-party products are the property of their respective
owners. A trademark symbol (, TM, etc.) denotes a Novell trademark; an asterisk (*) denotes a third-party trademark.
103-000182-001
August 29, 2001
Novell Storage Services Administration Guide
Novell
NetWare 6
www.novell.com
N O V E L L S TO R A G E S E RV I C E S
August 30, 2001

Novell Confidential
Manual
99a
July 17, 2001
38
Contents
Introducing Novell Storage Services
Overview
NSS Features and Benefits . . . . . . . . . . . . . . . . . . . .

NSS Management . . . . . . . . . . . . . . . . . . . . . . .
Combine Logical Volumes in a Single Storage Pool . . . . . .
Create Logical Volumes . . . . . . . . . . . . . . . . . . . .
Exceed the Limit of Volumes in a Storage Pool (Overbooking)
Deactivate/Activate Logical Volumes and Storage Pools . . .
Fast Error Correction and Data Recovery . . . . . . . . . . .
Immediately Save Data to Disk . . . . . . . . . . . . . . . . .
Retain Previously Saved Files (Snapshot) . . . . . . . . . . .
Transaction Tracking System (TTS) . . . . . . . . . . . . . .
Review the Modified File List . . . . . . . . . . . . . . . . . .
Use Clustering Feature . . . . . . . . . . . . . . . . . . . . .
Enable File Compression . . . . . . . . . . . . . . . . . . . .
Prevent Access to Deleted Files (Data Shredding). . . . . . .
Set Up User Space Restrictions . . . . . . . . . . . . . . . .
Set Up Directory Space Restrictions . . . . . . . . . . . . . .
Use CD-ROMs as Read-only Logical Volumes. . . . . . . . .
No Additional Memory Required for Mounting Volumes . . . .
Redirect Data from Unreliable Blocks (Hot Fix) . . . . . . . .
Repair Storage Pools Instead of Individual Volumes . . . . . .
Mirror Partitions. . . . . . . . . . . . . . . . . . . . . . . . .
Stripe Data Across Storage Devices (RAID) . . . . . . . . . .
Features Not Currently Supported by NSS . . . . . . . . . . .
NSS Architecture . . . . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Setting Up and Configuring Novell Storage Services

System Requirements . . . . . . . . . . . . . . . . . . . .
Setting Up Novell Storage Services . . . . . . . . . . . . .
Updating NSS Volumes . . . . . . . . . . . . . . . . .
Transaction Tracking System (TTS) . . . . . . . . . . .
Setting the Cache Buffers . . . . . . . . . . . . . . . .
Using ConsoleOne to Configure Novell Storage Services
.
.
.
.
.
.
10
10
10
10
11
11
11
11
12
12
12
12
12
13
13
13
13
13
14
15
15
16
17
17
19
.
.
.
.
.
.
.
.
.
.
.
.
Contents

103-000141-001
August 30, 2001
Novell Confidential
19
19
19
21
21
25
Manual
Setting Up ConsoleOne on a Workstation . . . . . .

Configuring Disk Space . . . . . . . . . . . . . . .
Renaming a Storage Pool . . . . . . . . . . . . . .
Renaming a Logical Volume . . . . . . . . . . . . .
Increasing the Size of a Storage Pool . . . . . . . .
Deleting NSS Pools or Logical Volumes . . . . . . .
Reviewing and Restoring Deleted Logical Volumes .
Changing the Purge Delay Setting. . . . . . . . . .
Creating a Traditional Volume . . . . . . . . . . . .
Increasing the Size of a Traditional Volume . . . . .
Renaming a Traditional Volume . . . . . . . . . . .
Deleting a Traditional Volume . . . . . . . . . . . .
Dismounting a Traditional Volume . . . . . . . . . .
Repairing a Traditional Volume . . . . . . . . . . .
Setting Up File Snapshot . . . . . . . . . . . . . . . .
Converting Traditional Volumes to Logical Volumes . .
Volume Conversion . . . . . . . . . . . . . . . . .
Modifying NDS Objects . . . . . . . . . . . . . . .
Setting Up User Space Restrictions . . . . . . . . . . .
Setting Up Directory Space Restrictions . . . . . . . .
Mounting a Logical Volume . . . . . . . . . . . . . . .
Deactivating/Activating NSS Pools and Volumes . . . .
Salvaging and Purging Deleted Files . . . . . . . . . .
Using NetWare Backup Services . . . . . . . . . . . .
Rebuilding NSS Storage Pools and Volumes . . . . . .
NSS Server Console Commands . . . . . . . . . . . .
Online Help Commands . . . . . . . . . . . . . . .
NSS Configuration Information Commands . . . . .
Other NSS Commands . . . . . . . . . . . . . . .
DOS FAT Commands . . . . . . . . . . . . . . . .
Other Volumes That NSS Creates . . . . . . . . . . .
CD-ROMs As Logical Volumes . . . . . . . . . . .
DOS Partitions As Logical Volumes . . . . . . . . .
99a
July 17, 2001
38
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Viewing Storage Objects
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
26
26
34
34
34
35
35
36
37
38
38
39
39
39
42
43
43
45
45
46
46
46
47
47
48
49
49
49
49
53
53
53
54
57
Viewing Storage Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

Viewing Your NSS Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
View Partitioned Free Space . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
Troubleshooting
61

103-000141-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

As your network structure grows, you need larger storage capacity, more
efficient file management, and faster volume mounting speed. For example,
you might need large volumes for numerous directories and files, or have
numerous files open simultaneously. Novell Storage ServicesTM (NSS) is a
64-bit file storage and management system that meets your file system needs.
It is a seamless, scalable, and flexible storage and file system that lets you
continually configure, mount, and maintain large volumes and numerous files
without disrupting the work of end users.
This book is divided into the following sections:
For a description of NSS, see Chapter 1, Overview, on page 9.
For setup and configuration information, see Chapter 2, Setting Up and
Configuring Novell Storage Services, on page 19.
For information about monitoring the status of your storage objects and NSS
configuration, see Chapter 3, Viewing Storage Objects, on page 57.
For troubleshooting information, see Chapter 4, Troubleshooting, on page
61.

103-000141-001
August 30, 2001
Novell Confidential
Manual
99a
38

103-000141-001
August 30, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
Overview
Novell Storage ServicesTM is a storage and file system that provides an
efficient way to use all of the space on your storage devices. NSS is best used
with systems that require the ability to store and maintain large volumes and
numerous files or large databases.
Novell Storage Services is the default storage and file system for NetWare 6.
You use it to create, store, and maintain both traditional and NSS volumes. The
NSS volumes are called logical volumes. When you install NSS, it creates a
storage pool SYS: and an equal sized volume SYS:.
To mount a volume, the traditional file system scans every file and directory.
Then to provide quick access to the files, NetWare stores all the meta data in
memory. File system scanning slows the mounting speed. Storing the meta
data for all files requires more memory as the number of files increase.
NSS speeds up the mounting process by not scanning the entire file system
when you mount volumes. The memory requirements are lower because NSS
does not load Meta data into the memory until you access the files.
You do not run VREPAIR on NSS volumes when the file system crashes
because NSS keeps a journal of all file system transactions. After the crash,
NSS scans the journal to ensure that all transactions are either completed or
undone. This way volumes do not require any repair when you mount them
again after the crash.
NSS uses free space from multiple storage devices. This lets you create
unlimited volumes and store up to 8 trillion files in a single volumeup to 8
terabytes in size. NSS also lets you mount up to 255 volumes simultaneously.
IMPORTANT: In NetWare 5, NSS runs parallel with the traditional NetWare file
system. In NetWare 6, NSS is the primary storage and management system.
However, you can continue to maintain traditional partitions and volumes along
with NSS. Although this documentation focuses primarily on NSS storage pools
Overview

103-000141-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
and logical volumes, it includes instructions for setting up and maintaining

traditional volumes.
NSS Features and Benefits

This section describes the features and benefits of NSS.
NSS Management
ConsoleOneTM is the primary utility used to configure and maintain both
traditional and NSS logical volumes. See Using ConsoleOne to Configure
Novell Storage Services on page 25.
NOTE: NWCONFIG and NSS Menu are not compatible with some of the NetWare
6 NSS features. Use ConsoleOne for all NSS configuration and management
procedures.
Combine Logical Volumes in a Single Storage Pool

NSS uses storage pools. A storage pool is a specified amount of space you
obtain from all your storage devices. Then you place all NSS logical volumes
into the storage pool. This way you do not have to limit the number of volumes
you have in a partition. You can have only one storage pool on a partition, but
you can place unlimited logical volumes in the storage pool. The size of
logical volumes cannot exceed the size of the storage pool.
Create Logical Volumes

The volumes you create from NSS storage pools are called logical volumes.
A logical volume is a volume that is either set to a specific size, or one that can
grow dynamically according to the amount of physical space assigned to the
pool. This lets you add and store any size or any number of files you need
without having to create other partitions. You can add any number of volumes
to a storage pool as long as you have available physical space in the pool.
10

103-000141-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Exceed the Limit of Volumes in a Storage Pool (Overbooking)

Individual logical volumes cannot exceed the size of a storage pool. However,
you can create numerous volumes in a storage pool. Individual logical
volumes must be smaller than the storage pool, but the sum of multiple logical
volumes can exceed the pool size. This feature, called overbooking, can be an
efficient way to manage your file system.
For example, you might have a number of users who are individually assigned
to volumes with a limited amount of space for each volume. You can assign
volumes that collectively exceed the pool size if not all users fill up their
volumes. Essentially, the users can borrow space from other volumes in the
pool as long as there are volumes that are not filled to the limit. This way it is
not always necessary to add more disk space when some users reach or exceed
their volume limit.
Deactivate/Activate Logical Volumes and Storage Pools

You might need to temporarily prevent user access to storage pools or volumes
to do maintenance. Instead of bringing down the server, you can deactivate
individual storage pools to run the REBUILD and VERIFY utilities. When
you deactivate a storage pool, users will not have access to any of the volumes
in that pool. The REBUILD and VERIFY utilities generate log files to the root
of the DOS drive.
Fast Error Correction and Data Recovery

NSS quickly recovers data after a file system crash. Instead of scanning an
entire volume for corruption, NSS quickly replays the latest set of changes to
make sure they were written correctly. The file system either recovers the
changed information, or it returns the data to its original settings before the
transaction began. This is beneficial for applications such as mail services
because there is less server down time.
Immediately Save Data to Disk

The Flush Files Immediately feature saves your file data to disk immediately
after you close the file instead of waiting for the next flush cycle. This ensures
that your data is not at risk of being lost between flush cycles.
Overview

103-000141-001
August 30, 2001
Novell Confidential
11
Manual
99a
38
July 17, 2001
Retain Previously Saved Files (Snapshot)

The File Snapshot feature allows your backup utility to keep a consistent copy
of all files. This is done by having the file system keep an original copy of all
open files. For example, when your system backs up or crashes at a time when
you are modifying a file, the backup could contain both old and new data.
Snapshot captures the most recent closed copy of the file. This way, if you lose
data between the backup cycles, you still have a solid copy of the previously
saved file.
Transaction Tracking System (TTS)

Transaction Tracking SystemTM protects database applications by backing out
transactions that are incomplete due to a system failure. TTSTM can be
available on either all traditional or all NSS logical volumes. It cannot be
available on all volumes if you use both types of volumes. If your system uses
both traditional and logical volumes, by default it can only work on traditional
volumes. If you want to use it on logical volumes on a system that has both,
you must enter DISABLE TTS on the AUTOEXEC.NCF then enable the
feature on each logical volume you want it on. Unlike traditional volumes,
TTS does not apply to logical volumes by default. To enable it on logical
volumes, enter nss/transaction=volname.
Review the Modified File List

The Modified File List is a list of files that changed since the previous backup.
The backup utility accesses this list instead of searching the entire file system.
Use Clustering Feature

Some storage devices exist in a storage area network (SAN). These devices
can be shared by multiple servers in a cluster. For more information about
clustering, see Novell Cluster Services Overview and Installation.
Enable File Compression

NSS supports file compression. This lets you decide whether to compress the
files in your volumes to create additional space. Once you enable file
compression, you cannot turn it off without recreating the volumes.
12

103-000141-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Prevent Access to Deleted Files (Data Shredding)

The Data Shredding feature overwrites purged disk blocks with random
patterns of hexidecimal characters. This prevents unauthorized users from
using a disk editor to access purged files. You can place up to seven data shred
patterns over deleted data.
Set Up User Space Restrictions

User space restrictions let you limit the space users have on volumes. This is
beneficial for systems that accommodate a large number of users, such as
students. When you create volumes, you can select the user space restriction
option in ConsoleOne.
Set Up Directory Space Restrictions

Directory space restrictions let you limit the space users can have in a
directory or subdirectory.
Use CD-ROMs as Read-only Logical Volumes

NSS has full CD-ROM support for ISO9660 and Macintosh* HFS formats.
No Additional Memory Required for Mounting Volumes

When you mount volumes using the traditional NetWare file system, it scans
every file and directory during the mounting process. Then it loads all the files
into memory for quick access. If you increase the number or size of files, you
need additional memory to maintain the performance level you want.
NSS does not require large amounts of memory to mount volumes because it
does not scan the entire file system during the mounting process. After the
mounting is complete, NSS does not load files into memory until you access
them. Therefore, no additional memory is required when you add files and
mount volumes.
Overview

103-000141-001
August 30, 2001
Novell Confidential
13
Manual
99a
38
July 17, 2001
Redirect Data from Unreliable Blocks (Hot Fix)

As your file system constantly reads and writes data to disk, some disk storage
blocks lose their ability to reliably store data. NSS uses Hot Fix to prevent data
from being written to unreliable blocks.
Hot FixTM redirects the original block of data (still in memory) to the Hot Fix
Redirection Area of the partition where the data can be stored correctly. To
redirect a block of data, the operating system records the address of the
defective block. Then the server no longer attempts to store data in that block.
If you do not enable Hot Fix when you create a partition, then no Hot Fix
object is created and no data redirection can occur. You need to set up Hot Fix
when you create the partition. To add Hot Fix later, you must delete the
volumes from the partition, add Hot Fix, then restore the volumes from a
backup.
The Hot Fix feature is combined with partition mirroring. When you select
Hot Fix, you also enable mirroring for that partition.
Hot Fix redirection can occur during a write request, a read request, or a readafter-write verification. The following are conditions of data redirection:
Write redirection occurs when the disk reports an error during a write
request. The system marks the block as bad and redirects the data to a
different block.
Read redirection occurs when a disk error happens during a read request.
If the disk is mirrored, the system retrieves the data from the mirrored
disk and redirects the data on the primary disk. If the disk is not mirrored,
the data is lost, and the block is marked as unusable.
Read-after-write-verify redirection occurs after data is written to disk.
The data on disk is then read and compared to that in memory. If the two
dont match, the system marks the block as bad and redirects the data to
a different block.
By default, 2 percent of a disks space is set aside as the Hot Fix Redirection
Area. You can increase or decrease this amount.
If Hot Fix is enabled, then it is always active unless the disk fails or the
redirection area is full. You can view Hot Fix activity in MONITOR by
selecting Storage Devices and then a Hot Fix partition. For information on
using MONITOR, see MONITOR in the Utilities Reference.
14

103-000141-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
You can specify no Hot Fix Redirection Area when you create disk partitions.
Having no Hot Fix Redirection Area saves partition space. This might be
useful on large RAID systems that provide a method of fault tolerance.
IMPORTANT: If Hot Fix is not enabled, then the partition will not have the fault
tolerance provided by NetWare. Data on corrupted sectors of the disk wont be

redirected to the Hot Fix Redirection Area. In addition, you cannot mirror partitions
that do not use Hot Fix. It is easiest to enable Hot Fix when you create the partition.
To add Hot Fix later, you must delete all the volumes on the partition.
Repair Storage Pools Instead of Individual Volumes

You use VREPAIR to fix traditional volumes. For instructions on using
VREPAIR, see VREPAIRUtilities Reference. For logical volumes, you use
repair utilities called VERIFY and REBUILD on the storage pools that
contain the logical volumes. For instructions on rebuilding logical volumes,
see Rebuilding NSS Storage Pools and Volumes on page 48.
VERIFY checks the file system integrity for an NSS pool by searching for
inconsistent data blocks or other errors. This utility indicates if there are
problems with the file system.
REBUILD verifies and uses the existing leaves of an object tree to rebuild all
the other trees in the system. You need to deactivate pools (and all the volumes
in the pools) before you run Rebuild so users cannot access the volumes you
are rebuilding.When you deactivate a storage pool, all the volumes in the pool
automatically deactivate.
These utilities are not the same as VREPAIR. You should use REBUILD only
as a last resort to recover the file system after data corruption. When you use
REBUILD and VERIFY, a log file is generated to the root of the DOS drive.
Mirror Partitions
You can protect your data by mirroring your partitions. Mirroring stores the
same data on separate disks using the same controller channel. Using
ConsoleOne, you can mirror both traditional and NSS partitions.
The following is a list of requirements for mirroring partitions:
Mirrored partitions must have the same partition type as you mirror the
partition to. In other words, you can only mirror NSS partitions to other
NSS partitionsthe same applies to traditional partitions.
Overview

103-000141-001
August 30, 2001
Novell Confidential
15
Manual
99a
38
July 17, 2001
You can only mirror partitions. However, you might want to mirror an
entire storage pool. Because you can have only one storage pool on a
partition, the only way to mirror that storage pool is to mirror all of the
partitions the pool resides on.
To mirror partitions, you need to select an option that makes the partitions
compatible for mirroring when you create themyou cannot change that
mirroring option after you create a partition. You can mirror to an existing
group or create a new mirror group for the partition. You cannot combine
mirror groups (existing groups with multiple mirrored partitions).
Mirrored partitions must have compatible data area size. This means the
new partition must be at least the same size or slightly larger than the
other partitions in the group. For example, the physical size (combined
data and hot fix size) must be at least 100 KB bigger, but no more than
120 MB bigger than the data size of the existing partitions in the mirror
group.
The file system adjusts the Hot Fix size to the legal ranges in order to
make the data area identical to the other partitions in the mirror group.
Mirrored partitions must have the same sharable for clustering status.
The partitions you add to a group cannot be part of an existing group
they must be individual mirrored objects.
Stripe Data Across Storage Devices (RAID)

NSS lets you create an additional storage device by striping data across
multiple disk drives on your system. This option, called RAID, is a software
configuration that emulates an actual hardware RAID 0 system. This RAID
configuration occurs at the software level instead of using a RAID machine.
You set up a RAID device by obtaining space from all your physical storage
devices then putting segments on the combined space. A RAID segment is the
amount of space you obtain from each storage device. You can have up to
eight segments on a RAID device. The file system places data on the RAID
disks sequentially. This is called disk striping. The RAID stripe size is the
amount of data the file system places on a disk before moving to the next disk.
You can use the software RAID 0 on both logical and traditional volumes.
16

103-000141-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Important Information about NSS RAID

Each element in the RAID configuration should come from a different
device. NSS will let you obtain RAID elements from the same device, but
this will severely impede the performance of your file system.
Currently, the NSS RAID supports RAID 0.
The stripe size ranges between 4 KB and 256 KB in increments of 2 KB.
Features Not Currently Supported by NSS

The following features are available in the traditional NetWare file system but
are not currently supported by NSS:
Block suballocation
Auditing
File name locks
Data migration
NSS Architecture
With NSS, you can use storage pools, logical volumes, traditional volumes,
and remote devices to maintain your file system. You store logical volumes in
storage pools on NSS partitioned space. You store traditional volumes directly
in space partitioned for traditional volumes. The following diagram illustrates
the NSS configuration with the available file system options:
Overview

103-000141-001
August 30, 2001
Novell Confidential
17
Manual
Figure 1
99a
38
July 17, 2001
Novell Storage Services Configuration
Free
Space
Storage
Devices
CD-ROM
Free Space = Storage Deposit
Partitioned Free Space
Free
Space
Free
Space
Storage
Pool
Storage
Pool
Free
Space
Volume size
can equal
storage pool
size
Logical
Vol1
18
Logical
Vol2
Logical Traditional NSS

volume volume
Vol3
(Read-Only)

103-000141-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Setting Up and Configuring Novell

Storage Services
Novell Storage ServicesTM installs automatically when you install
NetWare 6. This section provides instructions for setting up and configuring
Novell Storage Services (NSS) after the installation. It also contains
information about configuring and maintaining traditional partitions and
volumes.
System Requirements
A server running NetWare 6
A least 10 MB free space to create an NSS storage pool and logical
volume
Setting Up Novell Storage Services

Updating NSS Volumes
After you upgrade to NetWare 6 and reboot the server, you need to update
your NSS volumes. NSS volumes from previous releases will not function
until you update them to NetWare 6 volumesthey do not upgrade
automatically.
Checking the NDS Status
Before you update NSS volumes, you must ensure that NDS is running
properly; otherwise, the upgrade process might remove your trustees. To
check ensure NDS is running, you need to check the time stamp for the
backlink process.

103-000141-001
August 30, 2001
Novell Confidential
19
Manual
99a
38
July 17, 2001
Do the following to ensure NDS is running:

1 Use iMonitor to determine that the upgrade process is complete.
1a Open iMonitor in a network browser by entering the IP address of the
server followed by /nds. For example: http://155.555.1/nds.

1b Click Agent Process Status > External Reference Status.
1c Make sure the time stamp (under the Time column) shows a time
after the time you began the upgradespecifically when NDS

unloaded during the upgrade. The following graphic provides and
example of the time stamp:
If the time stamp shows a time earlier than when you began the
upgrade, the backlink process is not complete. Repeat Step 1a
through Step 1c until the backlink is complete.
20

103-000141-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Upgrading NSS Volumes
To upgrade NSS volumes, enter one of the following commands at the

NetWare 6 server console:
NSS /ZLSSVOLUMEUPGRADE=volumename
Transaction Tracking System (TTS)

Transaction Tracking protects database applications by backing out
transactions that are incomplete due to a system failure. TTS can be available
on either all traditional or all NSS logical volumes. It cannot be available on
all volumes if you use both types of volumes. If your system uses both
traditional and logical volumes, by default it can only work on traditional
volumes. If you want to use it on logical volumes on a system that has both,
you must enter DISABLE TTS on the AUTOEXEC.NCF then enable the
feature on each logical volume you want it on. Unlike traditional volumes,
TTS does not apply to logical volumes by default. To enable it on logical
volumes, enter the following command at the server console:
nss/transaction=<volname>.
Setting the Cache Buffers

A cache buffer is a block (4 Kb) of NetWare server memory (RAM) that
temporarily stores data. When you install NSS, it consumes 60 percent of the
the cache buffers by default.
The following are options for changing the cache buffers:
You can set a maximum of 1048576 cache buffers.
You can set the buffers in percentages rather than integers.
Use the following commands at the server console to set your cache buffers or
tune your cache parameters. You can set or tune cache buffers at anytime.

103-000141-001
August 30, 2001
Novell Confidential
21
Manual
Task
99a
Purpose
Command
Set number of cache buffers This sets the minimum number of

cache buffers allocated for NSS file
system access. The default and
minimum number of cache buffers is
512. The range is 256 to 1048576.
nss/
MinBufferCacheSize=
value
Look up cache buffers
To quickly look up cache buffers, the

cache uses a hashing algorithm that
maps names to buckets. Sometimes
multiple names map to the same
bucket. When this occurs, all names
must be searched to determine if the
entry is in the cache. The number of
entries in the hash table is proportional
to the amount of free memory available
when you load NSS.
nss/NumHashBuckets
Set cache buffers for

traditional file system
You can set the minimum number of

cache buffers that NSS allocates for
traditional file system access. To
accomplish this, NSS returns pages to
the operating system. This occurs until
the operating system has enough
pages, or until NSS reaches the
minimum number of pages. The
default is 1024. The range is 1024 to
1048576.
nss/
MinOSBufferCacheSize
Set the cache for file and

directory entries
This sets the number of Name cache

entries. NSS keeps a cache of the file
and directory names it recently looked
up. This speeds up opening files and
path searches. The default is 2111.
The range is 3 to 65521.
nss/NameCacheSize
Set name cache to on or off
This sets Name Cache to ON or OFF.

The default is ON.
nss/(No)NameCache
Use percentages instead of This sets the buffers to percentages

integers for cache balancing rather than integers for dynamic
balancing of free memory for the buffer
cache. The default is ON. Use this
switch with /MinBufferCacheSize.
22
July 17, 2001
38
nss/(No)CacheBalance

103-000141-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Task
Purpose
Command
Set the amount of cache

NSS takes from the
traditional file system
This is the percent of cache between

NSS and the server. The
CacheBalance percentage determines
how many cache blocks NSS will take
from the traditional file system for its
own cache. A high cache balance
percentage will impede the
performance of the traditional file
system. A low cache balance will
impede the performance of NSS. We
recommend that you set the cache
balance parameter to equal the
percentage of the total disk space you
allocate for NSS. However, do not
exceed 80 percent. You might want to
initially set the parameter at 50 percent
and adjust this number as necessary.
The default is 60 percent. The range is
from 1 to 99 percent.
nss/
CacheBalance=value
Limit the number of cache

buffers
This is the maximum number of cache

buffers you want. Every time you do a
cache balance, limit the number of
cache buffers to this amount.
nss/
cacheBalanceMaxBuffer

103-000141-001
August 30, 2001
Novell Confidential
23
Manual
99a
July 17, 2001
38
Task
Purpose
Command
Show the cache hit ratio at

the server console
This is the number of cache hits

divided by the number of attempts to
get a file cache buffer from the cache.
Any amount above 90 percent is good.
This means the system is spending
less time going to the disk to retrieve
data. Lower numbers indicate NSS
needs more memory. If this occurs,
you might want to set the cache
balance percentage higher.
nss/CacheHit
Cache hit is the number of times that

NSS finds the desired file block in the
cache buffers.
Cache miss is the number of times that
NSS does not find the desired block in
the cache buffers.
If you allocate more memory to NSS,
the cache hit percentage increases.
You can add more memory by adding
more physical memory, increasing the
cache balance, or increasing the
minimum number of cache buffers for
NSS. We do not recommend lowering
the minimum number of OS cache
buffers.
Set the number of
Authorization cache entries
24
This parameter specifies the number

of cache buffers that will be used to
speed up authorization requests. If
many trustees have been set on
different files and directories, we
recommend that you increase this
number. The default is 1024. The
range is 16 to 50000.
nss/AuthCacheSize

103-000141-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Task
Purpose
Command
Determine how often NSS

rebalances the amount of
cache it uses
This timer lets you determine how

often (in seconds) NSS will rebalance
the amount of cache it uses according
to the total amount of memory on the
server. If you have difficulty loading
NLMs because of low memory, you
might want to lower this timer setting. A
lower setting forces NSS to rebalance
more often. If your server is stable, you
might want to increase this timer so
NSS does not work as hard; this will
ensure the cache remains balanced.
NSS checks the total number of cache
buffers to determine if the
CacheBalance percentage is met. It
then adjusts the timer to provide the
appropriate number of cache buffers.
The default is 30. The range is 1 to
3600.
nss/CacheBalanceTimer
Set the flush time for

modified cache buffers
This sets the flush time for modified

cache buffers in seconds. The default
is 1 second. The range is 1 to 3600
seconds.
nss/BufferFlushTimer
Show cache buffer statistics
This shows the cache buffer statistics.
nss/CacheStats
Reset cache statistics
This command lets you clear the

current statistics and start over. This is
useful for checking the results of
changes to the system.
nss/reset
Using ConsoleOne to Configure Novell Storage Services

ConsoleOneTM is the primary utility you use to configure and maintain
partitions, storage pools, and volumes in NSS. To open ConsoleOne and
access the options you need, complete the following:
1 Open ConsoleOne.
2 Open the tree you want to work with.
3 Right-click on the server object you want.
4 Click Properties.

103-000141-001
August 30, 2001
Novell Confidential
25
Manual
99a
38
July 17, 2001
This opens the ConsoleOne interface where you can access the snap-ins
for managing NSS. The NSS configuration features are in the Media
snap-in.
Setting Up ConsoleOne on a Workstation

To use ConsoleOne on a client workstation, you need to load ConsoleOne 1.3
or later. Then you must copy the NSS JAR files from your server to your client
machine.
1 Copy these three NSS JAR files to your local LIB directory:
public\mgmt\consoleone\1.3\lib\nssadmin.jar
public\mgmt\consoleone\1.3\lib\nssc1lib.jar
public\mgmt\consoleone\1.3\lib\nssjavalib.jar
2 Copy these two JAR files to your local RESOURCES directory:

public\mgmt\consoleone\1.3\resources\nssadminres.jar
public\mgmt\consoleone\1.3\resources\nssc1libres.jar
3 Copy the following JAR file to your local SNAPINS directory:

public\mgmt\consoleone\1.3\snapins\nssadminreg.jar
Configuring Disk Space

To set up the NSS storage and file system, complete the following tasks in the
given order:
1. Create a RAID device (optional).
See Creating a RAID Device on page 27.
2. Create partitions.
See Creating a Partition on page 29.
3. Mirror partitions.
See Creating a Partition on page 29.
4. Create storage pools.
See Creating a Storage Pool on page 31.
5. Create logical and traditional volumes.
See Creating a Logical Volume on page 32 and Creating a Traditional
Volume on page 37.
26

103-000141-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Creating a RAID Device
NSS lets you create a RAID 0 device by striping data across multiple drives
on your system. This RAID configuration occurs at the software level. You
can use this RAID feature for both logical and traditional volumes.
Important information about NSS RAID
Each element in the RAID configuration should come from a different
device. NSS will let you obtain RAID elements from the same device, but
this will severely impede the performance of your file system.
Currently, the NSS RAID supports RAID 0. This means there is no disk
redundancy. If one element in the RAID device malfunctions, the entire
configuration is unusable.
NSS RAID can accommodate a maximum of eight segments (amount of
space used from each device) on a device per RAID 0 logical device.
The stripe size (amount of data the file system places on one device before
moving to the next device) ranges between 4 KB and 256 KB in
increments of 2 KB.
1 From ConsoleOne, open the tree you want.
2 Right-click on the server object and select Properties.
3 Click Media > Raid Devices > New.
4 Enter the amount of space you want to obtain from each storage device in
megabytes.
5 Select a segment size.
6 Select a stripe size.
7 Select a RAID type.
The RAID type indicates the method of how data is striped across the
different disks.
8 Click Next.
9 Select the devices you want to use for the RAID configuration.
You can select one or more devices, but select only the ones you want to
use for the RAID configuration.
10 Click Finish.
The file system first creates a virtual device unit, then creates a RAID
device.

103-000141-001
August 30, 2001
Novell Confidential
27
Manual
99a
38
July 17, 2001
Deleting a RAID Device
When you delete a RAID device, the file system deletes all the partitions and
volumes from all physical storage devices used in the RAID configuration.
3 Click Media > Raid Devices.
4 Select the Raid device you want to delete.
5 Click Delete.
The file system displays a warning message to ensure you want to delete
the RAID device.
6 Click Yes or No.
Increasing the Size of the RAID Device
You can increase the size of a RAID device by adding more segments from
another storage device. You should not place more than one RAID segment on
a disk; this will severely impede the performance of your file system.
1 From ConsoleOne, click Media > Raid Devices.
2 Select the RAID device you want to increase.
3 Click Increase Size.
4 Select the device you want to add to the RAID configuration.
5 Click Finish.
After you add another physical storage device to your RAID device, you
must restripe the configuration. This stripes the data to the other device
you added.
NOTE: The file system performance might slow down during the restriping
process. Make sure you add all the physical storage devices you want to the RAID
device before you click Restripe.
6 Click Restripe.
The Restripe option recognizes new devices in your RAID configuration

and distributes the data across all the devices.
28

103-000141-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Marking a Device as Sharable for Clustering
Some storage devices exist in a storage area network (SAN). These devices
can be shared by multiple servers in a cluster.
IMPORTANT: The system hardware does not specify disk drives to come up
automatically as sharable for clustering or not sharable for clustering. You must
manually set different devices according to the configuration of your storage
system.
The following is important information about making drives Sharable for

Clustering:
All portions of an NSS pool must be on a storage device using the
Sharable for Clustering feature. This means if you have a storage pool that
spans multiple devices, all these devices must be either sharable for
clustering or not.
The Sharable for Clustering option is not available for devices that
contain the storage pool SYS: or Volume SYS:.
ConsoleOne does not provide the Sharable for Clustering option for
devices that contain traditional partitions and volumes.
When you add partitions to a mirror group, all partitions in that group
must be either sharable for clustering or not.
3 Click Media > Devices.
4 Select a device.
5 Select Sharable for Clustering.
6 Click OK.
Creating a Partition
The first task for setting up NSS is to create partitions on your storage devices
for the NSS storage pools and logical volumes.
2 Right-click the server object and select Properties.
3 Click Media > Partitions > New.
4 Select a device to create a partition on.

103-000141-001
August 30, 2001
Novell Confidential
29
Manual
99a
38
July 17, 2001
5 Select the type of partition you want to create (NSS, Traditional, Remote
Storage Device).
6 Enter the size of the partition in bytes (B), kilobytes (KB), megabytes
(MB), or gigibytes (GB).

7 To reserve space for the Hot Fix error correction feature, select Hot Fix
and enter the amount of space or percentage you want to reserve.

Mirrored partitions must be compatible in data area size. This means the
other partitions in the group. The physical size (combined data and Hot
Fix size) of the partition must be at least 100 KB, but no more than 120
MB larger than the data size of the existing partitions in the mirror group.
8 To mirror the partition, select Mirror and select one of the following
options:
Create New Mirror. This option means you are making the partition
capable of being part of a mirror group. You do not actually create
the group until you add another mirrored partition to the partition you
are creating.
Existing Mirror Group. (If you select this option, also select the ID
of the mirrored partition.) This shows a list of existing mirror groups
that are compatible in data area size. This option lets you add this
new partition to one of the mirror groups in the list.
9 Select a label for the partition (optional).

10 Click OK.
Deleting a Partition
When you delete a partition you remove all volumes and data on that partition.
If the partition is mirrored, the other partitions in the mirror group will retain
the data from the deleted partition. If you want to delete a mirrored partition,
you must unmirror that partition before you delete it.
Unmirror a partition
3 Click Media > Partitions > Mirror.
4 Select the partition you plan to delete, click Remove.
This removes the partition from the mirror group. You can now delete the
partition.
30

103-000141-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Delete a Partition
3 Click Media > Partitions.
4 Select the partition you want to delete, click Delete.
Creating a Storage Pool
After creating and setting up your partitions, you can create storage pools
within the partitions. When you create a storage pool, NSS lets you determine
how much space to use from each storage device on your server.
When you create storage pools, you use partitioned disk space. However, you
can select unpartitioned space. This will create a partition and make the
storage pool the same size of the partition because you can have only one
partition per storage pool.
3 Click Media > NSS Pools > New.
4 Enter a name for the new storage pool and click Next.
5 Select the existing NSS partitions or unpartitioned free space that you
want to use for the pool.

If you select an unpartitioned device, you can double-click on the number
in this column to edit the current amount of space you want to obtain from
the storage devices. The storage pool size will be the total of all devices
in the pool.
6 Enter the size you want from each NSS partitioned space or unpartitioned
space and click Next.

You can select any of these options:
Create a Logical Volume with this same name. Automatically

creates a logical volume when you create the pool.
Sharable for Clustering. Available if Clustering is installed and you

want to use the feature.
Activate. Activates your pool and any logical volumes when you
create the pool. Otherwise, you can activate it later.
7 Click Finish.

103-000141-001
August 30, 2001
Novell Confidential
31
Manual
99a
38
July 17, 2001
Creating a Logical Volume
After creating storage pools, you can create any number of logical volumes for
the storage pools according to the physical space available. When you create
a logical volume, you can either assign it a space or allow it to expand to the
pool size.
The size of a single volume cannot exceed the size of a storage pool. However,
the combined sizes of multiple volumes can exceed the size of the storage
pool. This is called overbooking. For example, you might have an 800 MB
storage pool with eight volumes set at 100 MB each. That is the maximum
amount of space you have in the pool. To overbook the pool, you can add
volumes or increase the size of existing volumes knowing that not all the
volumes in the storage pool will fill up. If the volumes fill up, you need to add
more disk space.
NSS recognizes DOS, Macintosh*, UNIX*, and long name spaces.
3 Click Media > NSS Logical Volumes > New.
4 Enter a name for the volume and click Next.
5 Select the storage pool where you want to store the unpartitioned space or
NSS partitioned space.

If you select unpartitioned space, NSS creates an NSS partition, then the
storage pool, then the volume.
Enter a quota size for the volume if you want to limit the size of the
volume.
Mark Allow volume quota to grow to the pool size if you want the
volume expand to the size of the pool.
7 Click Next.
8 Select the attribute settings you want for the new logical volume from the
following list:
32
Backup. Indicates if the volume should be backed up. Set this flag if
the volume contains data you want to back up. Clear this flag if the
volume is empty or if backing up the data is unnecessary. This
backup option is separate from the third-party backup vendor you

103-000141-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
use. This means your backup system might not recognize this option
whether you select it or not.
Compression. Activates file compression in the logical volumes.
Data Shredding. Activates the Data Shredding security feature. This

feature scrambles any data that you delete to prevent anyone from
accessing the information with a disk reader. Enter the number of
times you want the data shredder to scramble your deleted files. You
can select between one and seven times.
Directory Quotas. Activates a feature that lets you assign a

maximum quota of space a directory can have
Flush Files Immediately. Activates the feature that flushes all data
in a file to disk immediately when you close the file.
Modified File List (MFL). This provides a list of all files modified
since the previous backup. A third-party vendor must implement the
Modified File List feature in order for you to use it.
Salvage Files. Activates the feature that lets you salvage deleted
files. The file system keeps all deleted files in an allocated space until
that space is needed for other data. The Salvage feature tracks the
files and lets you retrieve the data for a time until the space is needed
for other data. You must select this option to salvage the files in the
volume.
Snapshot-File Level (File Snapshot). Activates the Snapshot feature

at the file level. The Snapshot feature allows the backup utility to
capture a snapshot of the last closed version of a file. For example, if
your system backs up or crashes while you have a file open, this
feature will save a copy of the file before you opened it. You might
lose some new information, but you will retain all the previous
information.
User Space Restrictions. Activates the user space restrictions

feature on the volumes you create.
Activate. Activates logical volumes as soon as you create them.
Mount. Mounts logical volumes as soon as you create them.
9 Click Finish.
You can now store and manage files in the NSS system.

103-000141-001
August 30, 2001
Novell Confidential
33
Manual
99a
38
July 17, 2001
Renaming a Storage Pool

You can rename existing storage pools. For example, you might want to assign
a storage pool name that relates to a department name change.
3 Click Media > NSS Pools.
4 Select a pool to rename.
5 Click Rename.
6 Enter a new name for the pool.
7 Click Finish.
Renaming a Logical Volume

You can rename logical volumes. For example, you might want to change the
name of a volume to reflect the department or organization that uses it.
3 Click Media > Logical Volumes.
4 Click Rename.
5 Enter a new name for the logical volume.
6 Click Finish.
Increasing the Size of a Storage Pool

You can increase the size of your storage pools, but you cannot reduce their
size.
4 Select the storage pool you want to increase, then click Increase Size.
5 Select the storage objects you want to obtain the space from.
34

103-000141-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
6 Enter the amount of space you want from each storage object in the Used
column.
7 Click Finish.
Deleting NSS Pools or Logical Volumes

You might need to delete a storage pool or a logical volume to create more free
space for other storage pools. When you delete a logical volume or a
traditional volume from a partition, that partition still owns the space, but you
can reassign the space to another storage pool or traditional file system
volume. When you delete a partition, ownership of the space in that partition
is removed.
After you delete a logical or traditional volume, free space becomes available.
You can assign this space to other storage pools to increase their size. You can
also use the free space (if you removed NSS ownership) for a traditional file
system volume. If necessary, you can restore a volume, see Reviewing and
Restoring Deleted Logical Volumes on page 35. If you delete a storage pool,
you cannot restore any of the volumes in that pool.
3 Click Media > NSS Pools or Logical Volumes.
4 Select the pool or volume you want and click Delete.
Reviewing and Restoring Deleted Logical Volumes

If you delete a volume, the file system removes it from the storage pool.
However, for a specified amount of time, called the Purge Delay time, you can
review and even restore the contents of the volume you deleted. For example,
you might want to restore information in a volume that was deleted in error.
You must retrieve the volume before the delay time elapses; otherwise, the
volume is removed from the system and you can no longer access it.
If you delete a storage pool, you delete all the volumes in that pool. You cannot
restore volumes.
The default setting for the Purge Delay time is two days. After this time
expires, NSS automatically purges the volume.You can change the Purge
Delay time to extend or reduce the time for the automatic purging cycle. See
Changing the Purge Delay Setting on page 36. You can also manually purge

103-000141-001
August 30, 2001
Novell Confidential
35
Manual
99a
38
July 17, 2001
deleted volumes. You purge or restore volumes in the Deleted Logical

Volumes on Pool screen.
4 Click Deleted Volumes.
5 Select one of the following options:
Purge. Click Purge to immediately purge all the deleted volumes.
Prevent Purge/Allow Purge. Click Prevent Purge to stop the

volume purging process. For example, you might want to access the
deleted volume again, or wait until there is less activity on the server.
After you click Pause Purge, the button changes to Allow Purge.
Click this button to purge the volume.
Salvage. Click Salvage to restore the deleted volume.
Refresh. Click Refresh to rescan the volumes that have been deleted
and update the list in the panel.
6 Click Close when you are finished.
Changing the Purge Delay Setting

The default for the Purge Delay setting is two days. This is the amount of time
that you can still access the volume before it is removed from the system. To
change the Purge Delay time, enter the following at the server console:
NSS/logicalVolumePurgeDelay=ddd
In this command, you replace ddd with the actual number of seconds to delay
the auto purge. The default is 172800 (2 days). For example, if you want to
change the Purge Delay time for one day, enter 86400.
The Purge Delay change command is not permanent. You must enter the
command each time you restart the server. If you want to make the new setting
permanent, enter the command in the AUTOEXEC.NCF file.
36

103-000141-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Creating a Traditional Volume

NSS is the default file storage and management system in NetWare 6.
However, you might want to continue maintaining traditional partitions and
volumes in NSS. The following is a list of guidelines for creating traditional
volumes in NetWare 6:
NWCONFIG and NSS Menu are not compatible with NetWare 6. Use
ConsoleOne to create, mount, modify, and rename traditional volumes.
You can use VREPAIR to fix traditional volumes, but you need to use
VERIFY and REBUILD for all logical volumes. For instructions on using
VREPAIR, see VREPAIR in the Utilities Reference.
You cannot put traditional volumes in an NSS storage pool.
If you create a traditional volume in NetWare 6, you cannot access that
volume from previous releases of NetWare.
You can use ConsoleOne to create, mount, and manage traditional volumes.
3 Click Media > Traditional Volumes.
4 Click New.
5 Enter a name for the volume and click Next.
6 Select either partitioned or unpartitioned.
7 Enter a size for the volume in the Used column and click Next.
8 Select a block size from the pull-down menu.
9 Select any of the following options:
Compression. Enables the file system to compress the files in the

volume. You set up file compression when you create volumes. Once
you enable file compression, you cannot turn it off without creating
the volume again.
Migration. Enables the operating system to move infrequently

accessed data to remote areas on your server. This creates space for
new and more commonly accessed data. Selecting this option only
enables the attribute. The data migration feature uses a third-party
software package that does the migration function.

103-000141-001
August 30, 2001
Novell Confidential
37
Manual
99a
38
July 17, 2001
Suballocation. Enables the file system to divide partially used disk

blocks into suballocation blocks of 512 bytes. These blocks can be
used by other data files.
Mount Volume on Creation. Instructs the operating system to

mount the volume when you create it. Otherwise, you can mount it
later.
10 Click Finish.
Increasing the Size of a Traditional Volume

To increase the size of a traditional volume, you need to add another segment
to that volume.
4 Select a volume and click Increase size.
5 Select the storage device you want to obtain space from.
6 Double-click on the Used column next to the selected storage device.
7 Enter the amount of space you want.
8 Click Finish.
Renaming a Traditional Volume

You can rename a traditional volume.
4 Select the volume you want to rename and click Rename.
5 Enter a name.
6 Click Finish.
38

103-000141-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Deleting a Traditional Volume

You can delete traditional volumes.
4 Select the volume you want to delete and click Delete.
Dismounting a Traditional Volume

To repair a traditional volume, you need to dismount that volume.
4 Select the volume you want to dismount and click Dismount.
The button label changes to mount.
Repairing a Traditional Volume

Typically, you can't mount a volume if it has even minor damage.
Occasionally, a damaged volume mounts and causes errors in the process.
Use VREPAIR to correct volume problems or to remove name space entries
from File Allocation Tables (FATs) and Directory Entry Tables (DETs). For
instructions on using VREPAIR, see VREPAIR in the Utilities Reference.
NOTE: If you need to repair an NSS volume, see Rebuilding NSS Storage Pools
and Volumes on page 48.
You can run VREPAIR on a damaged volume while other volumes are
mounted. Following are typical instances when VREPAIR can help:
A hardware failure either prevented a volume from mounting or caused a
disk read error.
NOTE: Although VREPAIR can't fix hardware problems, VREPAIR can sometimes
fix related volume damage.
A power failure caused a corrupted volume.

103-000141-001
August 30, 2001
Novell Confidential
39
Manual
99a
38
July 17, 2001
The server console displays a mirroring error when the server boots. This
mirroring refers to the two copies of FATs and DETs that the operating
system keeps (if disks are mirrored, NetWare keeps four copies).
If a volume fails to mount as the server is booting, VREPAIR loads
automatically and attempts to repair the volume.
When VREPAIR autoloads, it uses the default options. If you want to use an
alternate option, load VREPAIR manually and set the alternate option before
running VREPAIR.
NOTE: If you don't want VREPAIR to automatically repair a volume that won't
mount, use the SET parameter named Automatically Repair Bad Volumes to
change the default.
Prerequisites
The volume you want to repair must be dismounted.

If the volume to be repaired has name space support, the corresponding
VREPAIR name space module (V_namespace.NLM) must be located in
either the SYS:SYSTEM directory or in a search path directory.
Example modules include V_MAC.NLM and V_LONG.NLM.
Procedure
1 At the server console prompt, enter
VREPAIR [volume_name] [logfile_name]
(Optional) Replace volume name with the name of the volume to repair.
If there is only one volume that is dismounted, you don't need to specify
this parameter, since VREPAIR will attempt to repair that volume.
(Optional) If you want to save the error log, replace the logfile_name with
the name of the file you want VREPAIR to create. VREPAIR creates a log
of errors it finds. VREPAIR displays the errors on screen and will write
them to a file if you specify a filename.
When you load VREPAIR, an Options menu is displayed.
2 Accept the default options, or select alternate options, as appropriate.
The first time you try to repair a volume, accept the default options. If the
default options fail to repair the volume, select alternate options.
2a To accept the default options, continue with Step 3.
40

103-000141-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
2b To set alternate options at the Options menu, choose Set VRepair
Options by typing
2 Enter
3 To begin the repair process, choose Repair A Volume from the Options
menu.
If more than one volume is dismounted, select the volume to repair

from those listed.
If only one volume is dismounted, VREPAIR assumes it is the

volume that needs repairing and begins the repair.
As the volume is being repaired, the server console screen displays a

message indicating VREPAIR activity.
4 (Optional) Modify error log settings after the repair has started.
If VREPAIR finds many errors during the repair process, you might want
to change some of the run-time error settings. To modify these settings
after the repair has started, press F1 to display the Current Error Settings
menu.
Select Option 1 if you do not want VREPAIR to pause after each

error.
Select Option 2 if you want VREPAIR to log errors in a text file.
Select Option 3 to stop the repair of the volume.
Select Option 4 to continue with a volume repair after you have

stopped it.
5 When the repair is complete, answer Y when prompted to write repairs to
the disk.
6 If VREPAIR has found errors, run VREPAIR again by repeating Step 2
through Step 6. Repeat until VREPAIR finds no errors.

If you are unable to mount the volume after running VREPAIR several
times, you must delete the volume, re-create the volume using
ConsoleOne.

103-000141-001
August 30, 2001
Novell Confidential
41
Manual
99a
38
July 17, 2001
Setting Up File Snapshot

The File Snapshot feature enables your backup utility to keep an original copy
of all data files. For example, when your system backs up or crashes at a time
when you are modifying a file, the file backup could contain both old and new
data. Snapshot captures the most recent closed copy of the file. This way, if
you lose data between the backup cycles, you still have a solid copy of the
previously saved file.
If you select File Snapshot on a volume, the backup utility copies all the metadata (owner, created date/time, modifier, etc.). During write requests, only the
data that is being written to is copied. NSS recognizes how to return the
appropriate data when read requests come in for the real file or the Snapshot
file.
Use the following NSS command at the server console to enable the File
Snapshot for a volume:
nss/FileCopyOnWrite=<volName>
or
nss/FileCopyOnWrite=all
To disable File Snapshot, enter the following:
nss/NoFileCopyOnWrite
After you set up File Snapshot on your volumes, you need to deactivate the
volumes. Then you need to activate and mount the volumes again to ensure
there are no open files without a snapshot.
To open a snapshot file for backup, you need to set a bit in the requested rights
parameter in addition to READ_ACCESS_BIT. This bit is 0x04000000. It is
defined in the NSS header files as zPR_READ_ACCESS_TO_SNAPSHOT.
The default setting for File Snapshot is when your file system receives an open
for write request, it will wait for the backup open to close the file. If you want
to return an error, the backup open should also set the deny the write bit.
To get information on a snapshot file, use the getInfo command. Any getInfo
call that returns packed information with the RNewStyle bit set in the info
mask is supported. You need to set an additional bit 0x20000000 in the
information mask. This bit is defined at RNSSInfoOnSnapshot in NSS header
files. Both open and getinfo calls require the bit for requested rights and the
bit for additional info mask.
42

103-000141-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The following are some additional calls that return information about File
Snapshot:
GetFileSize
GetFileHoles
You can also use ConsoleOne to select the File Snapshot feature. See
Creating a Logical Volume on page 32.
Converting Traditional Volumes to Logical Volumes

You can convert traditional volumes to logical volumes. This is not an
automatic process or an in-place upgrade. You need to ensure you have
enough space to transition from a traditional volume to a logical volume and
maintain your attributes. The conversion utility is a server command that
copies the data from a traditional volume to an NSS logical volume in an NSS
storage pool. (For example, if you want to move a 2 GB volume, you need to
have at least 2 GB of free space available. The original volume will be
renamed volumename_old. The new logical volume will keep the original
volume name.
Volume Conversion
After you copy the traditional volume to a logical volume, you can restart the
server to ensure the volume converted properly. If the volume converted, you
can remove the traditional volume. After you copy traditional volume data to
a logical volume in NetWare 6, you cannot access the new logical volume in
NetWare 5.1. You would need to either retain the data in the traditional
volume, or copy the data back to the traditional volume.
The volume conversion utility can convert volumes with long names.
The following is a sample command line with all the available parameters for
converting traditional volumes:
vcu /p /l /i /d /r originalVolume nssPool [ds_container [ds_volName]]
/p: Do not print directory file names.
/l: Do not write errors to log file (Dst_Vol:error.out).
/i:Keep file COMPRESS_FILE_IMMEDIATELY_BIT.

103-000141-001
August 30, 2001
Novell Confidential
43
Manual
99a
38
July 17, 2001
/d: Delete original volume if copy process is successful. If you choose to

delete the traditional volume, the new volume will retain the name of the
that volume.
/r: Remove xxx_new NSS volume and restore xxx traditional volume (use
this option if you want to keep the original volume name for the new
logical volume name).
ds_container: Original volume DS container
ds_volumeName: If specified, the vcu conversion utility uses this name
to rename or delete the original volumes DS object. Otherwise, vcu.nlm
uses serverame_originalVolName as the default DS name
The parameters in this list are optional; you can include any of the parameters
in the list.
To convert a volume, you specify the volume to convert and then specify the
NSS pool where you want to store the data from the volume. Enter the
following at the server console:
vcu volume_name pool_name
For example,
vcu apps poolone
In this example, the volume conversion utility copies the data in the volume
apps and places it in Poolone.
If you want to keep the name of the traditional volume and use it for the new
logical volume, enter the following at the server console:
vcu /r xxxx yyyy_old[ds_container[ds_volName]]
In this example, xxxx is the original traditional volume name, yyyy_old is the
modified traditional volume name. If xxxx is longer than 11 characters,
yyyy_old might be VCU0000_old, otherwise yyyy_old will be xxxx_old.
44

103-000141-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Modifying NDS Objects

The volume conversion utility lets you modify the NDS objects and physical
names for both logical and traditional volumes except the VOL SYS. Use the
following commands VCU commands if you want to change the NDS objects
with the volume conversion process.
Volume copy
vcu VCUTargetVolName NSSPoolName [DS_container
DS_NSSPool_name DS_volname]
Volume restore
vcu /r VCUTargetVolName VCUTargetVOlName_old [DS_container
DS_NSSPool_name DS_Volname
Setting Up User Space Restrictions

You can limit the amount of space users can have on a volume. This is
beneficial for systems that accommodate a large number of users, such as
students. You might need to regulate the amount of space each user can have.
When you create volumes, you can select the user space restrictions option.
3 Right-click on the volume that contains the user object you want.
4 Click Properties > Attributes > NSS Attributes.
5 Select User Space Restrictions.
6 Click Users with Space Restrictions.
7 Select the user you want to apply restrictions to.
If the user you want is not in the list, do the following:

7a Click Add.
7b Browse for the user you want.
7c Double-click on the user.
The User Space Restriction dialog box opens. You can enter or
modify the User Space Restriction parameters in this box.

103-000141-001
August 30, 2001
Novell Confidential
45
Manual
99a
38
July 17, 2001
8 Click Modify.
9 Enter or edit the user space amount in the Limit field and click OK.
Setting Up Directory Space Restrictions

You can limit the amount of space occupied by a directory and the files it
contains.
1 Open ConsoleOne.
2 Right-click on the directory you want.
3 Click Properties and then Facts.
4 Select Restrict Size.
5 Enter the amount you want to limit the size to and click Apply.
6 Click Close.
Mounting a Logical Volume

After you set up and configure logical volumes, you can mount them.
3 Click Media > NSS Logical Volumes.
4 Choose the logical volume you want to mount and click Mount.
Deactivating/Activating NSS Pools and Volumes

You might need to temporarily restrict user access to a storage pool or volume.
Instead of bringing down the server, you only need to deactivate the specific
volume or pool. You can deactivate both storage pools and volumes; however,
you can only do maintenance (rebuild and verify) on storage pools. This
means that users will be unable to access any of the volumes in the pool while
you run REBUILD and VERIFY. When you use REBUILD and VERIFY a
log file is generated to the root of the DOS drive. For instructions on running
REBUILD and VERIFY, see Rebuilding NSS Storage Pools and Volumes
on page 48.
46

103-000141-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

3 Click Media > NSS Pools or Logical Volumes.
4 Select the storage pool or volume you want to activate or deactivate.
5 Click Activate or Deactivate.
6 Click Activate when you are ready to restore access to the volume or pool.
Salvaging and Purging Deleted Files

You can salvage files that were deleted by users, or purge deleted files to
improve your file system performance. Deleted files are in a DELETED.SAV
directory in the volumes root directory.
1 In ConsoleOne, open the tree you want.
2 Select the volume that contains the deleted file.
3 Click View > Deleted File View.
The Deleted File section lists the deleted file, the file size, the deletion
date, and the users name.
4 Select the file you want to Salvage or Purge.
5 Click Salvage or Purge on the ConsoleOne Toolbar.
Using NetWare Backup Services

You can use the backup services provided with NetWare (Backup and Restore
Services) to back up your NSS data. For instructions for using Backup and
Restore services, see the Storage Management Services Administration
section in the Storage Management Services Administration Guide.
IMPORTANT: Be sure to use the version of the Target Service Agent (TSA600).
Earlier versions do not work with NSS.

103-000141-001
August 30, 2001
Novell Confidential
47
Manual
99a
38
July 17, 2001
Rebuilding NSS Storage Pools and Volumes

To repair storage pools and logical volumes, NSS uses the VERIFY and
REBUILD utilities.
VERIFY checks the file system integrity for an NSS pool by searching for
inconsistent data blocks or other errors. This utility indicates if there are
problems with the file system.
REBUILD verifies and uses the existing leaves of an object tree to rebuild all
the other trees in the system. You need to deactivate pools (and all the volumes
in the pools) before you run REBUILD so users cannot access the volumes
you are rebuilding.When you deactivate a storage pool, all the volumes in the
pool automatically deactivate.
REBUILD also copies errors and transactions into an error file called
volume_name.rlf at the root of the DOS drive on your server. Every time you
rebuild a particular NSS volume, the previous error file is overwritten. If you
want to keep old error files, move them to another location. You can check the
error file whenever an NSS volume does not come up in active mode after a
rebuild.
REBUILD is not equivalent to VREPAIR. You should use REBUILD only as
a last resort to recover the file system. If you use it to recover from data
corruption, you will likely lose some data in the process.
When you use REBUILD and VERIFY a log file is generated to the root of
the DOS drive.
1 To run rebuild, enter the following command at the server console:
nss/poolrebuild=<poolname>
This verifies and accounts for all blocks in the system. If the volume has
errors, the errors appear on the screen. The NSS volume remains in
maintenance mode; otherwise, it reverts to the active state. You then need
to mount the volume again.
You can also verify a pool by entering nss /verify for a list of pool
names, and then selecting the pool. Verify is a read-only assessment of the
pool.
48

103-000141-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NSS Server Console Commands

Use the following commands at the server console to view NSS information
and perform tasks.
Online Help Commands

Enter nss /help or nss /? to access Help.
NSS Configuration Information Commands

nss /modules Lists the providers, loadable storage subsystems, and
semantic agents.
nss /status Lists the current NSS status.
volumes Lists all NetWare and NSS volumes that are mounted,
including Admin volume.
nss volumes Lists all NSS volumes, including the Admin volume.
Other NSS Commands

nss /Activate=volume_name Activates an NSS volume.
nss /Deactivate=volume_name Deactivates an NSS volume.
nss /Maintenance=volume_name Switches the specified NSS
volume to maintenance mode.
nss /ForceActivate=volume_name Forces an NSS volume to
become active.
nss /StorageAlarmThreshold=value Lets you set the threshold
for a low storage space warning. The default is 10. The range is 0 to
1000000.
nss /StorageResetThreshold=value Lets you reset the
threshold for a low storage space warning. The default is 10. The range is
1 to 1000000.
nss /(No)StorageAlertMessages Turns ON or OFF the low
storage message to users. The default is ON.
nss /NumWorkToDo=value Sets the number of WorkToDo entries
which may be concurrently executing. NSS uses WorkToDo entries for

103-000141-001
August 30, 2001
Novell Confidential
49
Manual
99a
38
July 17, 2001
tasks such as flushing file metadata to disk in the background. Increasing

the number of WorkToDo entries might be useful on a system that is
heavily used. NSS always reserves 20 WorkToDo entries. The default is
40. The range is 5 to 100.
nss /FileFlushTimer=value Sets the flush time for modified open
files in seconds. Increasing this number might reduce the number of
writes to disk; however, it increases the amount of data that will be lost if
the system crashes. The default is 10 seconds. The range is 1 to 3600
seconds.
nss /OpenFileHashShift=value Sets the size of the Open File
hash table (in powers of 2). If many files are used concurrently on the
server, we recommend that you increase this number. The default is 11.
nss /ClosedFileHashShift=value Sets the number of closed
files that can be cached in memory. The default is 512. The range is 1 to
100000.
nss /MailBoxSize=value Sets the size of your mailbox. The default
is 228. The range is 64 to 256.
nss /NumAsyncios=value Sets the number of asynchios entries to
allocate. The default is 2048. The range is 4 - 65536.
Numbonds=value Sets the number of bond entries to allocate. The
default is 5000. The Range is 512 - 2097152.
Salvage Enable salvage of deleted files on volumes.
NoSalvage Disable salvage of deleted files on volumes.
UserSpaceRestrictions Enable user space restrictions on the
volume.
NoUserSpaceRestrictions Disable user space restrictions on the
volume.
DirectoryQuotas Enable directory quotas on the volume.
NoDirectoryQuotas Disable directory quotas on the volume.
DataShredding Specify <vol name> [:<count>]. Enables data
shredding for the volume. This is the number of times you want to shred
data. The default value is 1. The maximum value is 7.
NoDataShredding Disable data shredding on the volume.
50

103-000141-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FlushFilesImmediately Synchronously flush files in the volume

when they are closed.
NoFlushFilesImmediately Disable synchronously flushing files
in the volume.
FileCopyOnWrite Create a copy of files in the volume when they are
open for write.
NoFileCopyOnWrite Do not create a copy of files on the volume
when they are open for write.
UpgradeObjectsOnVolume Upgrade objects on volumes to the
current version.
Transaction= Enable transactional writes in files on the volumes.
NoTransaction= Disable transactional writes in files on the
volumes.
Migration= Enable migration of files on the volumes.
NoMigration= Disable migration of files on the volumes.
AllocAheadBlks=value Set the number of blocks to allocate ahead
on writes. The default is 15. The range is 0 - 63.
Compression Enable file compression on the volume.
NoCompression=volume Disable file compression on the volume.
NoBGCompession Start or stop background compression. Stop
BGCompression will stop all the compression requests in the queue.
CompScreen Start the NSS compression statistics screen.
Pools Shows all of the currently available NSS pools.
PoolAutoActivate Activates specified pools at load time.
PoolAutoDeactivate=pool Leaves specified pools deactivated at
pool load time.
PoolAutoDisplay Displays current pool load time policies.
PoolAutoMaintenance=pool Places specified pools in
maintenance mode at pool load time.
PoolAutoVerify Verifies the specified pools physical integrity at
startup time.
PoolRebuild=pool Rebuild specified pools.

103-000141-001
August 30, 2001
Novell Confidential
51
Manual
99a
38
July 17, 2001
PoolRebuild Select pools from a menu and rebuild them.

PoolVerify=pool Verify the specified pools physical integrity.
PoolVerify Select pools from a menu and verify their physical
integrity.
LogicalVolumePurgeDelayAfterLoad The number of seconds
to delay purging deleted logical volumes. This allows time to reverse the
deletion.
LogicalVolumePurgeDelayAfterContinue The number of
seconds to delay purging a logical volume after clicking continue. After
a volume starts to purge, it cannot be salvaged.
VolumeMaintenance Places a volume into a maintenance mode.
Volumes can be put in maintenance mode, but maintenance only occurs
at the storage pool level.
MFL=volume Enables MFL maintenance for the volumes.
NoMFL=volume Disable MFL maintenance for the volumes.
MFLVerify=volume Get the status of MFL maintenance for the
volumes.
FixMFL MFL maintenance for the volumes.
GetMFLStatus Get the status of MFL maintenance for the volumes.
VolumeAutoActivate Activates volume at load time.
VolumeAutoDeactivate Deactivates volume at load time.
VolumeAutoDisplay Displays current volume load time policies.
ZLSSIOStatus Displays current NSS IO status information.
ZLSSPendingWriteIOs Number of write IOs dropped to the storage
subsystem. (0 = all available) [Value=1000 Range=0 - 3000].
ZLSSVolumeUpgrade Allow the 5.x/ZLSS VolumeUpgrade to the
NetWare 6 format to occur during the installation process.
LVDeleteStatusBasic Displays information about deleted logical
volumes.
LVDeleteStatusSalvagable Displays information about
salvagable logical volumes.
ZLSSPoolScan Scans for and loads all ZLSS pools.
52

103-000141-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
DOS FAT Commands

nss /(No)FATLongNames Enables long filenames on FAT volumes.
The default is ON.
nss /(No)FATLazyWrites Performs lazy writes of FAT. If set to
ON, data that is written will be kept in memory for a specified period of
time before it is also written to FAT. This increases performance. The
default is ON.
nss /FATLazyWriteDelay=value Sets the FAT lazy write delay (in
seconds). When (No)FATLazyWrites is set to ON, you specify how many
seconds you want data kept in memory before it is written to FAT. The
default is 60. The range is 5-180.
nss /FATPartition=partition_type_number Supports up to three
additional partition types containing 16-bit FATs, such as /
FATPartition=12,13.
nss /space Shows the amount of space on pools and their associated
volumes.
NoClassicDirectoryQuotas Turns emulation of traditional
NetWare volumes on or off. The default is off.
Other Volumes That NSS Creates

There are three Loadable Storage Subsystems (LSS) modules: ZLSS.NSS,
CDHFS.NSS, CD9660.NSS, and DOSFAT.NSS. The ZLSS module provides
access to logical volumes created by the user. The CD9660 module allows
access to CD ROM drives as NSS volumes. The DOS FAT module allows
access to FAT 16 and FAT 12 drives.
CD-ROMs As Logical Volumes

When NSS recognizes a CD ROM, it creates a Read-only logical volume for
that CD ROM. This is done automatically when you load the CDROM.NLM.
However, this volume is not added to NDS.
The new CDROM.NLM loads the CD9660.NSS and CDHFS.NSS modules.
The CD9660.NSS module loads the ISO966, CDHFS, and Macintosh
Hierarchical File System (HFS) file formats. Dual formatted CDs are mounted
as two separate volumes. This means both Macintosh and Windows clients
will see the same CD ROM volumes with two different layouts.

103-000141-001
August 30, 2001
Novell Confidential
53
Manual
99a
38
July 17, 2001
The CD9660.NSS module makes the contents of the standard ISO9660

CDROM available as a Read-Only logical volume. If the CDROM is in the
drive when CD9660 loads, it will mount as a logical volume immediately.
The volume name displayed by the NetWare volumes command is the CDROM volume label if one exists. Otherwise, NSS generates a volume name in
this form: CDXXXXXX (where X is a number). This volume functions the
same as any other NetWare volume, except that it is Read-Only.
To load both the CD9660 and CDHFS modules, enter the following at the
server console:
load cd-rom.nlm
To load CD9660.NSS alone, enter the following at the server console:
load cd9660.nss
To load CDHFS.NSS alone, enter the following at the server console:
load cdhfs.nss
To unload CD9660.NSS, enter the following at the server console:
unload cd9660.nss
To unload CDHFS.NSS, enter the following at the server console:
unload cdhfs.nss
The CD ROM unload process dismounts the volumes.
DOS Partitions As Logical Volumes

After you load the DOSFAT.NSS module, any DOS FAT partitions are
dynamically made available as logical volumes. The volume name displayed
by the NetWare volumes command is DOSFAT_X, where X is the drive
letter, for example DOSFAT_C.
The following are some benefits of the DOSFAT.NSS module:
Long filenames (such as DOS filenames for file systems such as OS/2).
This uses the Windows* 95/98 method for placing long names onto a
DOS FAT partition.
NetWare trustee rights. Only users with supervisor rights can access the
volume.
54

103-000141-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NetWare utilities. Any client or server utility that accesses or manages

NetWare volumes can do the same with DOS FAT partitions.
MAP command. NetWare clients can map to the volume and use it as any
other NetWare mapping.
Local partition. Allows access to the local partition.

103-000141-001
August 30, 2001
Novell Confidential
55
Manual
56
99a
38

103-000141-001
August 30, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001

We recommend that you monitor the status of your storage objects and
Novell Storage ServicesTM configuration to ensure they work properly and
have available disk space.
Viewing Storage Devices

You can use ConsoleOneTM to view your storage devices and see which ones
have free space.
3 Click Media > Show Devices.
The left panel lists all the storage devices on your server.
4 Select the device you want.
For information about the Devices screen, click Help.
Viewing Your NSS Configuration

Occasionally, you might need to review the status of your NSS system storage
devices or storage space. This section explains how to use ConsoleOne to
view the status and usage of your storage devices, storage pools, and volumes.
View Partitioned Free Space

You can view the free space on all NSS and traditional partitions. Partitioned
free space is space within an NSS partition that is not occupied by a storage

103-000141-001
August 30, 2001
Novell Confidential
57
Manual
99a
38
July 17, 2001
pool. On a traditional partition, space that is not occupied by a NetWare

volume is free space.
3 Click Media > Free Space.
The left panel lists the storage devices that have free space.
4 Select the device you want.
For information about the Free Space screen, click Help.

Any time the Devices button appears, you can click it to open the Devices
screen.
View the Status of Partitions
You can view the status of both NSS and traditional partitions. For example,
you might want to see what space is available on either type of partition.
4 Select the partition you want.
The left panel lists both the NSS and traditional partitions.
For information about the Partitions screen, click Help.
View the Status of Your Traditional Volumes
You can view the status of traditional volumes. For example, you might want
to look at the size of a particular volume, or see the creation and modification
dates.
The left panel lists all the traditional volumes set up on your server.
4 Select the volume you want.
For information about the Traditional volumes screen, click Help.
58

103-000141-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
View the Status of Your NSS Storage Pools
You can view the status of NSS storage pools. For example, you might want
to see what volumes are in a particular storage pool, or how much space is in
all your storage pools.
The left panel lists the NSS storage pools.

4 Select a storage pool.
For information about the NSS Pools screen, click Help.

When the Show Pool button appears, you can click it to open the NSS Pools
screen.
View the Status of Logical Volumes
You can view the status of logical volumes. For example, you might want to
see if the volume has a space quota. You might also want to see what space is
available on a volume.
3 Click Media > NSS Logical Volumes.
The left panel lists both the storage pools and the logical volumes.
4 Select a volume.
For information about the NSS Logical Volumes screen, click Help.
Any time the Show Volume button appears, you can click it to see the status
of the volume you selected.
View the Quota and Space Usage for Specific Volumes
You can open a screen that shows the status of a specific volume that has a
space quota. You can also view the status of the storage pool that volume is in.

103-000141-001
August 30, 2001
Novell Confidential
59
Manual
99a
38
July 17, 2001

4 Click Properties.
5 Click Statistics > NSS Quota Usage.
This screen shows the volumes quota, amount of spaced used, and the
remaining space. The screen also shows the amount of space used and the
available space on the storage pool.
For information about the NSS Quota Usage screen, click Help.
View and Modify Logical Volume Attributes
You can view and modify the attribute settings for specific volumes. These
attributes include data compression, data shredding, directory and user space
restrictions, and snapshot. For example, you might want to apply some of the
features that were not included during the initial configuration of the volume.
2 Right-click on the server properties and select Properties.
3 Click Media > Logical Volumes > Properties > Attributes > NSS
Attributes.
4 Make any attribute changes you want.
For information about the NSS attributes screen, click Help.
60

103-000141-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Troubleshooting
The following table describes some problems you might experience with
Novell Storage ServicesTM (NSS) and provides suggestions for solving the
problems.
For additional troubleshooting information, see the Novell Knowledgebase at
(www.support.novell.com).
Problem
Explanation
Solution
NSS does not recognize a

Device
NSS recognizes only what the

Media Manager recognizes.
For this release, NSS recognizes

only hard drives and CD ROMs.
NSS does not let you create a Your server might not have
storage pool or logical volume
enough free space to
create more storage pools
or logical volumes.
Ensure you have enough

free space to create
another storage pool or
logical volume. See View
Partitioned Free Space on
page 57.
All logical volumes must be

part of a storage pool.
Before you create a logical

volume, create a storage
pool.
NSS might not own the

free space you want to use
for a storage pool.
Create an NSS partition for

your storage pools and
logical volumes.
Cannot configure a logical

volume
NSS might not own enough free Add another storage

space for another logical volume.
device.
Delete a logical or
traditional volume to free
up space for a storage
pool.
Troubleshooting

103-000141-001
August 30, 2001
Novell Confidential
61
Manual
62
99a
38
July 17, 2001
Problem
Explanation
Solution
Cannot compress a file
You must choose the file

compression option when you
create a logical volume.
Apply the file compression option

to an existing logical volume:
From ConsoleOne, click Media >
NSS Logical Volumes >
Properties > Attributes > NSS
Attributes. Then select
compression.

103-000141-001
August 30, 2001
Novell Confidential
Traditional File Services Administration Guide
Novell
NetWare 6
www.novell.com
T R A D I T I O N A L F I L E S E RV I C E S
August 30, 2001

Novell Confidential
Manual
99a
July 17, 2001
38
Contents
Preface
Overview of Traditional File System

Volume . . . . . . . . . . . . . . . . .
Understanding Mounting a Volume.
Volume Objects in NDS . . . . . .
Understanding Volume Segments .
Directories . . . . . . . . . . . . . . .
Directory Path . . . . . . . . . . .
Fake Root. . . . . . . . . . . . . .
Directory Map Objects . . . . . . .
Optimizing Performance . . . . . . . .
File Compression . . . . . . . . . .
Salvageable Files. . . . . . . . . .
File Purging . . . . . . . . . . . . .
Drive mapping . . . . . . . . . . . . .
Local Drive Mappings. . . . . . . .
Network Drive Mappings . . . . . .
Network Search Drive Mappings . .
How NetWare Protects Network Data .
Security. . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
9
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Planning Directory Structures . . . . . . . . . . .

Directories Created during NetWare Installation
Application Directories . . . . . . . . . . . . .
Data Directories . . . . . . . . . . . . . . . .
Home or Username Directories. . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Storing Non-DOS Files on a Traditional Volume . . . . . . .

Calculating Memory Required for Name Space Support .
Adding a Name Space . . . . . . . . . . . . . . . . . .
Removing Name Spaces . . . . . . . . . . . . . . . . .
Creating a Directory . . . . . . . . . . . . . . . . . . . . .
Creating a Directory Map Object . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Planning
. 9
10
11
11
12
12
13
13
14
14
15
15
16
16
17
17
17
18
19
Setting Up the File System
19
19
20
22
23
25
Contents

103-000180-001
August 30, 2001
Novell Confidential
25
26
26
27
27
27
Manual
99a
July 17, 2001
38
Mapping Drives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Mapping Drives in Windows 95/98, NT/2000 . . . . . . . . . . . . .
Mapping Drives in DOS . . . . . . . . . . . . . . . . . . . . . . . .
Distributing Applications on the Network . . . . . . . . . . . . . . . . .
Security: Rights to Files and Directories. . . . . . . . . . . . . . . . . .
Description of Directory and File Rights . . . . . . . . . . . . . . . .
Adding a Trustee to a Directory or File . . . . . . . . . . . . . . . .
Viewing/Modifying the Inherited Rights Filter for Directories and Files
Setting Directory or File Attributes. . . . . . . . . . . . . . . . . . . . .
Description of Directory and File Attributes . . . . . . . . . . . . . .
Changing Attributes of a Directory or File . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
28
28
28
28
29
30
30
30
31
31
33
35
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Managing
35
35
36
36
37
37
38
38
39
Managing Volumes . . . . . . . . . . . . . .
Viewing Directory and File Information . . . .
Copying or Moving Directories and Files . . .
Salvaging and Purging Files. . . . . . . . . .
Protecting Data: Disk Mirroring and Duplexing
Using Directory Map Objects . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
Optimizing File System Performance

Saving Disk Space with File Compression . . . . .
Enabling File Compression . . . . . . . . . . .
Disabling File Compression . . . . . . . . . . .
Setting File Compression Attributes . . . . . . .
Suspending File Compression . . . . . . . . . .
Saving Disk Space with File Purging . . . . . . . .
Saving Disk Space with Block Suballocation . . . .
Enhancing Disk Response Time With Disk Striping .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Troubleshooting
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
39
40
40
41
41
41
43
Resolving File I/O Errors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43

Resolving Volume I/O Errors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Resolving Problems When the Server Hangs after Mounting Last Volume . . . . . . . . . . . . 44
Resolving Problems When No Volumes Mount . . . . . . . . . . . . . . . . . . . . . . . . . . 45
Resolving Problems When Only Some Volumes Mount . . . . . . . . . . . . . . . . . . . . . 45
Resolving Disk Error Problems When a Volume Is Mounting . . . . . . . . . . . . . . . . . . . 46
Resolving Memory Errors When a Volume Is Mounting. . . . . . . . . . . . . . . . . . . . . . 46
Resolving Volume Mounting Problems Because of Corrupted Directory Entry Tables or File Allocation
Tables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Resolving Volume Mounting Problems Because of Name Space Module . . . . . . . . . . . . 48
Other Troubleshooting Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

103-000180-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Preface
NetWare provides the traditional NetWare file system components and
utilities, such as NetWare partitions, NetWare volumes, and file management
utilities.
Chapter 1, Overview of Traditional File System, on page 9
Chapter 2, Planning, on page 19
Chapter 3, Setting Up the File System, on page 25
Chapter 4, Optimizing File System Performance, on page 35
Chapter 5, Managing, on page 39
Chapter 6, Troubleshooting, on page 43
NOTE: Novell Storage ServicesTM (NSS) is the primary file system. You can
create and use NSS partitions and volumes along with traditional partitions and
volumes. This documentation focuses on traditional file system information.
Functionality pertaining to the NetWare file system continues to evolve.

Consequently, there are sometimes a variety of ways in which a particular
procedure can be performed. There are also various ways in which the file
system itself can be viewed. Novell clients, for example, provide access to file
system features and functionality that were once accessible only through
NetWare utilities. Wherever possible, links have been provided in file system
documentation to let you explore the variety of ways in which you can
complete a task.
Because NSS is the primary file system, many of the links in this document
will access it. For more information about NSS, see Introducing Novell
Storage Services in the Novell Storage Services Administration Guide.
Preface

103-000180-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

103-000180-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

This chapter of the file system documentation explains key aspects of the
traditional NetWare file system and contains the following topics:
Volume (page 9)
Directories (page 12)
Optimizing Performance (page 14)
Drive mapping (page 16)
How NetWare Protects Network Data (page 17)
Security on page 18
Information on volumes, directories, files, and other characteristics of the file
system is presented to give you background needed for the set-up, managerial,
and other procedures described elsewhere in file system documentation. For
instructions on setting up partitions and volumes, see Setting Up and
Configuring Novell Storage Services in the Novel Storage Services
Administrator Guide.
Volume
There are two types of volumes: traditional and logical. Traditional volumes
consist of a fixed amount of physical space on one or more hard disks. Logical
volumes can grow dynamically according the available physical space. This
document focuses on traditional volumes. For information about logical
volumes, see Create Logical Volumes in the Novel Storage Services
Administrator Guide.
A CD-ROM can also be mounted as a volume. See CD-ROMs As Logical
Volumes in the Novel Storage Services Administrator Guide.

103-000180-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
A NetWare server is divided into one or more volumes. The first network
volume is named SYS: and is created during NetWare installation. Using
ConsoleOne, you can create a new volume on any hard disk that has a
NetWare partition. A NetWare server supports up to 64 volumes.
NetWare volumes are subdivided in two ways:
Physically. You divide volumes into volume segments; different
segments of a volume can be stored on one or more hard disks. For
information about volume segments, see Understanding Volume
Segments on page 11.
Logically. You divide volumes into directories containing files or
subdirectories by network supervisors and users who have the appropriate
rights.
The file system is similar to and office filing system. This graphic illustrates
the file system architecture:
Subdirectories
Directories
Volumes
File
NetWare server
Understanding Mounting a Volume

When you boot the NetWare server, each volume is mounted, meaning that
The volume becomes visible to the operating system
The volume's FAT is loaded into memory
Each file block of data takes up one entry in the FAT.
10

103-000180-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Because of this, volumes with a smaller block size require more server
memory to mount and manage.
However, if most of your files are small, a large block size wastes disk
space.
The volume's DET is loaded into memory
If a volume fails to mount, it might be because you have run out of RAM. This
is because the FAT takes up cache buffers.
NOTE: The new file system, Novell Storage Services (NSS), mounts volumes
more quickly and can mount any size volume with 1 MB of memory. NSS volumes
can be used along with traditional NetWare volumes. For information about NSS
and its advantages, see Overview in the Novel Storage Services Administrator
Guide.
Volume Objects in NDS

In NDS, each volume is also a Volume object. Volume objects are leaf
objects that represent a physical volume on the network.
In the Volume object's properties, you can store information about which
NetWare server the physical volume is located on and the volume name
recorded when the volume was initialized at the server (for example, SYS:).
You can also store information such as the volume's owner, space use
restrictions for users, or a description of its use.
You can also view statistical information on disk space availability, block size,
directory entries, name space support, etc.
Understanding Volume Segments

A volume segment is a physical division of a volume. Different segments of a
volume can be stored on one or more hard disks, allowing you to create large
volumes.
A single NetWare partition can only contain eight traditional NetWare
volumes. You can create up to four NetWare partitions per drive (three if the
device also has a DOS partition). Each of these NetWare partitions can only
contain eight volume segments.
By placing segments of the same volume on multiple hard disks, different
parts of the same volume can be read from or written to simultaneously,
speeding up disk input and output.

103-000180-001
August 30, 2001
Novell Confidential
11
Manual
99a
38
July 17, 2001
However, when you spread segments of a volume over several disks, you
should protect the volumes against disk failure by mirroring; otherwise, if a
single disk fails, one or more entire volumes shut down.
You can add segments to a volume, but removing a segment from a volume
destroys the entire volume.
You can increase the size of a traditional volume by adding another hard disk
to the NetWare server, by setting up a NetWare partition on the disk, or by
adding a new NetWare partition to the existing volume as one or more new
volume segments.
Directories
A directory is a place within a volume where you can store files or other
directories. A Directory within a directory is called a subdirectory. Directories
can contain any number of files and subdirectories.
This section contains the following topics:
Directory Path on page 12
Fake Root on page 13
Directory Map Objects on page 13
Directory Path
A directory or file is located by its path, which states where the directory or
file is on a volume. A path includes the volume, directory, and any
subdirectories leading to the file. The following figure shows how to specify
a path. (Listing the server is optional.)
Figure 1
Directory Path Conventions
NetWare server \ Volume : Directory \ (Sub)directory \ Filename
Separate volume and directory

with a colon (:).
Separate all others with a slash (\).
If your network uses more than one client operating system, keep in mind the
conventions of the different systems. For example, NetWare allows 255
12

103-000180-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
characters in a directory path (counting the drive letter and delimiters), but
DOS permits only 127 characters.
Also, some applications restrict the number of characters in the directory path.
For more information, check the application's documentation.
Fake Root
A fake root is a subdirectory that functions as a root directory.
NOTE: Fake roots work with the NetWare DOS Requester, with NetWare shells,
and clients including Windows* 3.x, Windows 95, and Windows NT*. Fake roots do
not work for OS/2* clients. (Under OS/2, all mapped drives are roots, and search
drives don't exist.)
Some applications require their executable files to be located in a root

directory. However, for security, you should not assign users rights at the root
or volume directory level.
NetWare allows you to map a drive to a fake root. This allows you to place
applications in a subdirectory and assign rights to them there.
Thus, to use an application that must be installed at the root, load the files in
a subdirectory and designate it as a fake root directory in the login script using
MAP ROOT.
For example, you might have an application in a FORM directory that must
reside in the root directory of drive P:, but you don't want to put the application
in the root directory for security reasons. You can map a fake root to the
directory and map a search drive to it at the same time by adding the following
line to the login script:
MAP ROOT S16:=P:= SYS:APPL\FORM
You cannot use the DOS CD (change directory) command at the fake root to
return to the original root. To change the fake root back to the original root,
remap the drive.
Directory Map Objects

A Directory Map object represents a particular directory in a file system.
Directory Map objects can point to directories that contain frequently-used
files such as applications.

103-000180-001
August 30, 2001
Novell Confidential
13
Manual
99a
38
July 17, 2001
If you create a Directory Map object to point to an application, users can

access the application by mapping a drive to the Directory Map object.
If the application's location in the directory structure changes, you can update
the object instead of having to change all users' drive mappings.
Optimizing Performance
This section contains the following topics for optimizing file system
performance:
File Compression on page 14
Salvageable Files on page 15
File Purging on page 15
File Compression
One way to conserve disk space is to compress files. Use the following
information as background for using file compression to optimize system
performance:
NetWare maintains the original version of a file during compression.
When compression completes, NetWare replaces the original with the
compressed version of the file, provided no errors occurred. If errors do
occur during compression, NetWare leaves the original version intact.
If you have a CD-ROM volume mounted as a volume, treat it as a readonly volume. Do not use file compression on it.
Compression is a usually a low priority process thread because of
compression's impact on performance. If you flag an item for immediate
compression during peak system usage, performance may deteriorate.
You do not need to separate application files from data files to be
compressed. You can use the SET command to preclude compression of
frequently used applications. For instructions on how to use SET, see SET
in the Utilities Reference.
Monitor compression activity via the SET command's compress screen
parameter.
Backup applications that use Novell Storage Management ServicesTM
(SMSTM) back up and restore compressed files. Other applications may
decompress them.
14

103-000180-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Salvageable Files
Salvageable files are files saved by NetWare, after being deleted by users, that
can be salvaged (recovered).
Salvageable files are usually stored in the directory they were deleted from. If
a user deletes that directory, the salvageable files are saved in a
DELETED.SAV directory located in the volume's root directory.
The user can view a list of deleted files in a directory and recover files by using
ConsoleOneTM. For more information on salvaging files, see Salvaging and
Purging Deleted Files on NetWare Volumes in the ConsoleOne 1.3 User
Guide. Recovered files contain information about who deleted the files and
when they were deleted.
Deleted files are saved until the user deliberately purges them or until the
NetWare server runs out of disk allocation blocks on the volume.
File Purging
When the NetWare server runs out of blocks, it purges deleted files beginning
with the files that were the first deleted. Purged files cannot be salvaged.
Files and directories can also be purged as they are deleted. You can do this
one of two ways:
Use the SET command at the NetWare server to disable the salvageable
file feature. For instructions on how to use SET, see SET in the Utilities
Reference.You do this by setting the parameter named Immediate Purge
of Deleted Files to ON. This increases performance, but at the cost of
losing the salvageable file feature. The default for this parameter is OFF
(this means that by default, files are salvaged when they are deleted
instead of being purged immediately).
Set the Purge attribute for individual files and directories. When a file is
flagged with the Purge attribute, the file is purged when it is deleted.
When a directory is flagged with the Purge attribute, all files in that
directory are purged when the directory is deleted. Such files and
directories can't be recovered.
Use ConsoleOne to manually purge individual files and directories. For
instructions, see Salvaging and Purging Deleted Files on NetWare
Volumes in the ConsoleOne 1.3 User Guide.

103-000180-001
August 30, 2001
Novell Confidential
15
Manual
99a
38
July 17, 2001
Drive mapping
A drive mapping is a pointer to a location in the file system, represented as a
letter assigned to a directory path on a volume.
A path includes the volume, directory, and any subdirectories leading to the
file.
A drive mapping assigns a letter to a path so that the letter can be used instead
of the complete path name.
Drive mappings can be temporary or permanent:
Permanent mappings. To make drive mappings permanent so you can use
them every time you log in, place MAP commands in your login script,
or use the mapping functionality of your client software to make them
permanent, so they will be reconnected every time you log in.
Temporary mappings. To map a drive so you can use it during your
current session, use the NetWare MAP utility from a DOS prompt, or use
the mapping functionality of your client software. If you use MAP from
a DOS prompt, the mapping is only valid until you log out.
For instructions on creating mappings, Creating eDirectory Objects to
Facilitate File Management in the ConsoleOne 1.3 User Guide.
NetWare recognizes these types of drive mappings:
Local Drive Mappings on page 16
Network Drive Mappings on page 17
Network Search Drive Mappings on page 17
Fake Root on page 13
Directory Map Objects on page 13
Local Drive Mappings

Local drive mappings are paths to local media such as hard disk drives and
floppy disk drives.
To change this default (for example, if you are using the NetWare DOS
Requester, you need all of your drives mapped as DOS drives), use the DOS
LASTDRIVE command in your workstation CONFIG.SYS file.
16

103-000180-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Network Drive Mappings

Network drive mappings point to volumes and directories on the network.
Normally, drives F: through Z: are used for network mappings. Each user can
map drive letters to different directories.
To create a network drive mapping, use the MAP command.
Network Search Drive Mappings

Network search drive mappings point to directories containing files such as
applications or files.
Search drive mappings enable the system to locate a program even if it isn't
located in the directory you're working in.
Search drive mappings are numbered, although they also have drive letters.
For example, search drive 1 (or S1) may also be known as network drive Z:.
You can map up to 16 network search drives (letters K: through Z:, starting
with Z:). You can't map a search drive and a regular network drive to the same
letter.
When you request a file and the system can't find it in your current directory,
the system looks in every directory a search drive is mapped to.
The system searches, following the numerical order of the search drives, until
either the program file is found or can't be located.
NOTE: Search drive mappings aren't supported on OS/2 workstations. The search
functionality is provided with the OS/2 PATH, LIBPATH, and DPATH commands.
How NetWare Protects Network Data

NetWare protects data primarily by
Maintaining duplicate file directories.
Redirecting data from bad blocks to reliable blocks on the NetWare
server's hard disk. See Redirecting Bad Blocks in the NetWare Server
Disks and Storage Devices Administration Guide.
Allowing you to mirror and duplex disks. See Creating a Partition in the
NetWare Server Disks and Storage Devices Administration Guide.

103-000180-001
August 30, 2001
Novell Confidential
17
Manual
99a
38
July 17, 2001
Security
Security is one of the most important aspects of file system organization. NDS
rights and the file system's directory and file attributes allow you to determine
who may access what, and whether that access amounts to being able to
merely read a file or modify it.
To use the capabilities described in the NDS area of this documentation, you
might want to organize your approach to designing an appropriately secure
system by doing the following:
1. Clustering directories and files according to who needs access to them. In
other words, use the directory structure to reflect access requirements.
For example, you can structure the hierarchy of directories in such a way
as to take advantage of the inheritance aspect of rights.
Rights can be associated with volumes, directories, and files as a
safeguard against deletion or modification by users. Directory and file
attributes can also be used to control what users can do.
2. Subdividing the user community into groups on the basis of related access
requirements.
Users grouped by role (relative to file access) can be assigned ownership
of directories and files, and users whose roles vary can be assigned rights
on the basis of equivalence.
Users needing a particular kind of access to certain directories and files
can be grouped so that appropriate access belongs to the group (and,
consequently, to each member).
18

103-000180-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Planning
This chapter presents a simple example of a network directory structure to
help you plan your file system. Based on the example and the accompanying
information, you can begin to design a directory hierarchy suitable to your
own needs.
NOTE: You use the Novell Storage ServicesTM (NSS) file system to meet your file
system needs. NSS lets you create and maintain NSS logical volumes along with
traditional NetWare volumes. For information on Novell Storage Services file
system and its advantages, see the Overview in the Novell Storage Services
Administration User Guide.
Planning Directory Structures

This section gives some basic information and suggestions about organizing
directories and files to facilitate network administration:
Directories Created during NetWare Installation on page 19
Application Directories on page 20
Data Directories on page 22
Home or Username Directories on page 23
Directories Created during NetWare Installation

During installation, the following directories pertaining to the file system are
automatically created.
SYS:DELETED.SAV contains files that have been deleted from deleted
directories. Salvageable files are usually stored in the directory they were
deleted from. If a directory is deleted, the salvageable files from the
Planning

103-000180-001
August 30, 2001
Novell Confidential
19
Manual
99a
38
July 17, 2001
deleted directory are moved to the DELETED.SAV directory. Deleted

files can be salvaged if they have not yet been purged.
SYS:ETC contains sample files to help you configure the server.
SYS:LOGIN contains the programs necessary for users to log in to the
network, such as LOGIN.EXE. An NLS subdirectory contains
subdirectories for login message files for each supported language.
SYS:MAIL might or might not contain subdirectories or files. If you
upgrade your server from a previous version of the NetWare operating
system, existing users might still have directories here for their login
scripts, but their login scripts will become properties of the new User
objects. If you create new users after upgrading, the new users will not
have directories in SYS:MAIL
SYS:SYSTEM contains NetWare operating system files as well as
NetWare utilities and programs for the network administrator.
SYS:SYSTEM also has an NLS subdirectory, containing subdirectories
for each supported language for message files.
SYS:PUBLIC allows general access to the network and contains
NetWare utilities and programs for network users. SYS:PUBLIC has
subdirectories for Windows 95 and Windows NT/2000, as well as a
subdirectory called NLS, containing the message files for utilities.
Application Directories
For ease of management, you should keep application files in a directory apart
from the data files. Since the application programs do not normally change,
you can keep one set of application files on backup media and skip the
application directories when you do network backups.
When creating application directories, you should also consider issues related
to ease of distribution, installation, and operational control for network
applications. For more information on creating application directories, see the
ZENworks for Desktops 3.2 (http://www.novell.com/documentation/lg/zdfs/
index.html).
Although you can access applications from local drives, installing them on the
network provides convenient access. Several structures are possible for
application directories:
Create a separate volume for applications with a separate directory for
each application off the root. Make trustee assignments for each
application. Then go into the system or profile login script and map a
search drive to each application.
20

103-000180-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The following figure shows this type of directory structure:

Figure 2
Application Volume
SYSTEM
PUBLIC
LOGIN
MAIL
SYS
NetWare server
WORDPROC
DBAPP
SPRDSHT
APPSVOL
Create a separate directory off volume SYS: for each application. Make
trustee assignments for each application. Then go into the system or
profile login script and map a search drive to each application.
The following figure shows this type of directory structure.
Figure 3
Application Directory off Volume SYS:
WORDPROC
DBAPP
SPRDSHT
SYS
NetWare server
Create a parent directory for applications with subdirectories for each

application. Make trustee assignments for each application. Then go into
the system or profile login script and map a search drive to each
application.
Figure 4
Parent Directory for Applications
APPS
SYS
WORDPROC
DBAPP
SPRDSHT
NetWare
server
Create a parent directory for applications in SYS:PUBLIC.

Because users generally have Read and File Scan rights in SYS:PUBLIC,
you do not need to make trustee assignments or map a search drive.
Planning

103-000180-001
August 30, 2001
Novell Confidential
21
Manual
99a
38
July 17, 2001
However, users can see and use all applications. Use this directory
structure only if you want all users to have access to all applications.
Figure 5
Application Directory in SYS:PUBLIC
APPS
PUBLIC
NetWare
server
WORDPROC
DBAPP
SPRDSHT
SYS
Installing applications in SYS:PUBLIC is not recommended (unless you

create a subdirectory for each application).
Mixing NetWare utilities with application program files complicates the
file structure when you upgrade a network.
An application file might have the same filename as a NetWare utility file
or another applications program file. If so, one file overwrites the other
because two files with the same filename cannot coexist in a directory.
NOTE: Some applications write files to the root. For security reasons you do not
want users working at the root level. Therefore, use MAP ROOT to map a drive to
a fake roota directory or subdirectory in which the user can be assigned rights.
For more information about fake roots, see Fake Root on page 13.
Data Directories
These are work directories for groups and users to keep work files in. You can
also create a directory to transfer files between directories on the network.
Although data can be created and stored in a home or user directory, when data
is stored in a users directory, no other user (except network administrators or
managers assigned file rights) can access it.
Data directories also allow users to share data, create work directories, and
make trustee assignments for groups or users who need access to these
directories.
22

103-000180-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Home or Username Directories

To provide personal workspace for users, create home or username directories.
You can create a parent directory in volume SYS: called HOME or USERS.
Or, you can create a separate HOME or USERS volume. Then you can create
a subdirectory for each user.
The name of each subdirectory should be the username. Usernames can be up
to 47 characters, but DOS displays only 8 characters in a one-level directory
name. The following figure shows this type of directory structure.
Figure 6
Home or Username Directories
HOME
SYS
NetWare server
USERS
SYS
ESAYERS
SWILLIAM
MRICHARD
ELLEN
SAM
MARY
NetWare server
Planning

103-000180-001
August 30, 2001
Novell Confidential
23
Manual
24
99a
38

103-000180-001
August 30, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001

The procedures in this section of the documentation focus on specific tasks
pertaining to system administration. Procedures involve various utilities and
applications that are provided in the Novell Storage Services Administration
Guide.
The most productive use of file system documentation is to identify the task
you want to complete and find an appropriate procedure. Then use links
associated with the procedure to increase your understanding of other ways in
which applications and utilities can be used.
This chapter focuses primarily on setting up directories, files, drives, and
security. For instructions on creating both NSS and traditional partitions and
volumes, see Setting Up and Configuring Novell Storage Services in the
Novell Storage Services Administration Guide. System administrators are
concerned with all of these aspects of the file system. Users will be concerned
with drive mapping and some of the file and directory procedures.
Storing Non-DOS Files on a Traditional Volume

By default, traditional NetWare volumes support DOS naming conventions.
To store non-DOS files, such as for Macintosh* or UNIX* on a NetWare
volume, you must load the appropriate name space NetWare Loadable
ModuleTM (NLMTM) program and add the name space support to that volume.
NOTE: Each name space you add to a traditional NetWare volume requires
additional server memory. If you add name space support to a volume and do not
have enough memory, that volume cannot be mounted. If you have insufficient
memory to mount a traditional volume with a long name space, you might want to
convert the volume to an NSS logical volume. Logical volumes accommodate all
name spaces and require less memory to mount than traditional volumes. For
instructions on converting traditional volumes to logical volumes, see Volume
Conversion in the Novell Storage Services Administration Guide.

103-000180-001
August 30, 2001
Novell Confidential
25
Manual
99a
38
July 17, 2001
The following name space NLM programs are available with NetWare:
MAC.NAM (Macintosh)
LONG.NAM (OS/2, Windows 95/NT/2000)
NFS.NAM (NFS).
An FTAM name space module is available from third-party providers.
Calculating Memory Required for Name Space Support

Use the following formula to calculate the name space memory requirement
for traditional NetWare non-DOS volumes:
0.032 x volume_size (in MB) / block_size (in MB)
Round the size up to the highest number.
For example, adding Macintosh name space to a 100 MB volume with a block
size of 4 MB would require 1 MB of additional memory:
0.032 x 100 MB / 4 = 0.8 MB
Adding a Name Space

Prerequisites
A mounted traditional volume

Sufficient memory
1 Enter the following server console command to load the appropriate name
space:
LOAD [path]name_space
For example, to load the name space module for Macintosh support, enter
the following:
LOAD MAC.NAM
2 Enter the following command to add name space support to the volume:
ADD NAME SPACE name to volume_name

In this example, name is the name space NLM and volume_name is the
name of the volume that will store the non-DOS files.
NOTE: You need to add name spaces only once, not each time you start the
server.
26

103-000180-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
3 To verify that the name space loaded, enter the following command:
VOLUMES
This shows a list of all name spaces.
Removing Name Spaces

You can remove the name space by deleting the volume and re-creating it, or
by using VREPAIR. For instructions on using VREPAIR, see Repairing a
Traditional Volume in the Novell Storage Services Administration Guide.
Creating a Directory
You create directories in ConsoleOneTM. To create a directory, you must have
the Create right for the directory which the new directory will be added to.
Creating a root directory requires that you select the volume object instead of
selecting a parent directory.
For some ideas for directory structures, see Planning Directory Structures
on page 19.
For instructions on creating directories, see Creating a File or Folder in the
ConsoleOne 1.3 Guide.
Creating a Directory Map Object

A Directory Map object represents a particular directory in a file system.
Directory Map objects can point to directories that contain frequently used
files such as applications.
For instructions on creating a Directory Map Object, see Creating a Directory
Map Object in the Console One 1.3 User Guide. For an example of how you
could use Directory Map objects to reduce maintenance of login scripts, see
Using Directory Map Objects on page 41.

103-000180-001
August 30, 2001
Novell Confidential
27
Manual
99a
38
July 17, 2001
Mapping Drives
Mapping Drives in Windows 95/98, NT/2000
See Common Networking Tasks in the Novell Client for Windows
documentation.
Mapping Drives in DOS

Use the command to map drives and search drives to network directories. For
a general description of the MAP command, see MAP in Utilities Reference.
Distributing Applications on the Network

You can install various types of network applications, such as word processing
or spreadsheet programs, to make them available to users. When installing
applications, keep the following in mind:
You need the Create right in the directory where you will be installing the
application.
Follow the instructions in the applications documentation for installing
the application onto a network.
Make sure the application is designed for network (multiuser) use, and
that you observe any licensing restrictions on the number of users who
can access the application.
To allow users to access network-based applications, map search drives
to the directories that contain these applications. To make these search
drives permanent, place them in login scripts, which are executed when
users log in.
If the application requires that it be installed at the root of a volume, but
you would rather install it in a subdirectory for security reasons, you can
map the directory to a fake root. For more information about distributing
applications on the network, see ZENworks for Desktops 3.2 (http://
www.novell.com/documentation/lg/zdfs/index.html).
28

103-000180-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
You can create a Directory Map object that points to an application

directory.
Directory Map objects are useful in login scripts. Instead of mapping a
drive to a specific directory path, you map a drive to a Directory Map
object that points to a directory. For information about Directory Map
objects, see Directory Map Objects on page 13.
Then, if you change the directory path, you need to change only the
Directory Map objects definition.
Keeping program files separate from data files can simplify application
management. Because program files seldom change, for example, you
can keep a backup of program files separate from a data file backup so
that network backup procedures need focus only on data directories.
Data directories for shared data files also provide for single-point backup
and management of shared files.
Security: Rights to Files and Directories

File system security includes assigning trustee rights. To set up rights, see the
following:
Description of Directory and File Rights on page 30
Adding a Trustee to a Directory or File on page 30
on page 30
For information on how to use Windows 95 to set rights, see Common
Networking Tasks in Novell Client for Windows 95 (http://www.novell.com/
documentation/).
For Windows NT, see NetWare File Security in Novell Client for Windows NT
(http://www.novell.com/documentation/).

103-000180-001
August 30, 2001
Novell Confidential
29
Manual
99a
38
July 17, 2001
Description of Directory and File Rights

Trustee rights determine the access users have to directories and files. These
rights can be given to NDS object such as User objects, Group objects,
Organizational Role objects, or container objects.
The following table contains a list and description of rights.
Table 1
Trustee Rights
Right
Allows you to
Access Control
Add and remove trustees and change rights to directories and files.
Create
Create subdirectories and files.
Erase
Delete directories and files.
File Scan
View directory and file names in the file system structure.
Modify
Rename directories and files, and change file attributes.
Read
Open and read files, and open, read, and execute applications.
Supervisor
Grant and exercise all rights listed in this table.
Write
Open, write to, and modify a file.
Adding a Trustee to a Directory or File

Prerequisites
The Access Control right to the directory or file you want to add the
trustee to.
You can add, modify, or delete a trustee in a directory or file using
ConsoleOne. For instructions on adding, modifying, and deleting trustees, see
Administering Rights the Console One 1.3 User Guide.

You can view and modify the Inherited Rights Filter (IRF) for a directory or
file using ConsoleOne. For instructions on viewing or modifying the Inherited
Rights Filter, see Administering Rights the Console One 1.3 User Guide.
30

103-000180-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Setting Directory or File Attributes

To set up attributes and change owners for a directory or file, see the
following:
Description of Directory and File Attributes on page 31
Changing Attributes of a Directory or File on page 33
Changing Attributes of a Directory or File on page 33
For information on how to use Windows 95 to set directory or file attributes,
see Common Networking Tasks in Novell Client for Windows 95 (http://
www.novell.com/documentation/).
Description of Directory and File Attributes

Directory and file attributes assign properties to individual directories or files.
Some attributes are meaningful only when applied at the file level, but some
apply to both the directory and the file levels.
Be careful when assigning directory and file attributes. The attribute applies
to all users.
For example, if you assign the Delete Inhibit attribute to a file, no one,
including the owner of the file or the network administrator, can delete the file.
But any trustee with the Modify right can change the attribute to allow
deletion.
Table 2
Directory and File Attributes
Attribute
code
Description
Applies to
Archive Needed identifies files that have been modified since the
last backup. This attribute is assigned automatically.
Files only
Ci
Copy Inhibit prevents Macintosh users from copying a file. This

attribute overrides Read and File Scan trustee rights.
Files only
Dc
Do not Compress keeps data from being compressed. This

attribute overrides settings for automatic compression of files not
accessed within a specified number of days.
Directories and files
Di
Delete Inhibit means that the directory or file cannot be deleted.

This attribute overrides the Erase trustee right.

103-000180-001
August 30, 2001
Novell Confidential
31
Manual
99a
38
July 17, 2001
Attribute
code
Description
Applies to
Dm
Do not Migrate prevents directories and files from being migrated

from the server's hard disk to another storage medium.
Ds
Do not Suballocate prevents data from being suballocated.
Files only
The Hidden attribute hides directories and files so they cannot be

listed using the DIR command.
Index allows large files to be accessed quickly by indexing files

with more than 64 File Allocation Table (FAT) entries. This
attribute is set automatically.
Files only
Ic
Immediate Compress sets data to be compressed as soon as a

file is closed. If applied to a directory, every file in the directory is
compressed as each file is closed.
Normal indicates the Read/Write attribute is assigned and the

Shareable attribute is not. This is the default attribute assignment
for all new files.
Purge flags a directory or file to be erased from the system as

soon as it is deleted. Purged directories and files cannot be
recovered.
Ri
Rename Inhibit prevents the directory or file name from being

modified.
Ro
Read Only prevents a file from being modified. This attribute

automatically sets Delete Inhibit and Rename Inhibit.
Files only
Rw
Read/Write allows you to write to a file. All files are created with
this attribute.
Files only
Sh
Shareable allows more than one user to access the file at the
same time. This attribute is usually used with Read Only.
Files only
Sy
The System attribute hides the directory or file so it cannot be

seen by using the DIR command. System is normally used with
operating system files, such as DOS system files.
Transactional allows a file to be tracked and protected by the

Transaction Tracking System (TTS).
Files only
32

103-000180-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Attribute
code
Description
Applies to
The Execute Only attribute prevents the file from being copied,
modified, or backed up. It does allow renaming. The only way to
remove this attribute is to delete the file. Use the attribute for
program files such as .EXE or .COM. Make a copy of a file before
you flag it as Execute Only, so you can replace the file if it
becomes corrupted.
Files only
Changing Attributes of a Directory or File

You can change the attributes of a directory or file with ConsoleOne. For
instructions on changing attributes of a directory or file, see Managing Files
and Folders on NetWare Volumes the Console One 1.3 User Guide.
For a list of attributes, see Description of Directory and File Attributes on
page 31.

103-000180-001
August 30, 2001
Novell Confidential
33
Manual
34
99a
38

103-000180-001
August 30, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001

This chapter on file system optimization focuses exclusively on tasks for the
network administrator. Procedures in this section pertain primarily to disk
space utilization, and affect performance only as space utilization affects
network performance.
Saving Disk Space with File Compression

Enabling File Compression on page 35
Disabling File Compression on page 36
Setting File Compression Attributes on page 36
Suspending File Compression on page 37
Enabling File Compression

You can conserve disk space by compressing files. You choose to compress
files when you create volumes. However, once you enable file compression
for a volume, you cannot turn it off. For more information on file compression,
see File Compression on page 14.
IMPORTANT: Do not use file compression on a CD-ROM volume.
You do not need to separate applications from data for file compression. This
is unnecessary because the SET parameter named Days Untouched Before
Compression can eliminate the compression of applications that are used
regularly. This parameter specifies the number of days that must pass without
access to a file before the file can be compressed. The parameter uses the date
the file was last accessed to gauge whether a file should be compressed.

103-000180-001
August 30, 2001
Novell Confidential
35
Manual
99a
38
July 17, 2001
To avoid the overhead of uncompressing files that do not compress well, the
system calculates the compressed size of a file before actually compressing it.
If no disk space will be saved by compression, or if the size difference does
not meet the value specified by the SET parameter named Minimum
Percentage Compression Gain, the file is not compressed. For a general
description of the SET command, see SET in Utilities Reference.
For a file to be uncompressed, there must be enough free space on the volume
to accommodate the uncompressed file size.
For instructions on setting file compression for volumes, directories, and files,
see Setting File Compression Attributes on page 36.
For instructions on enabling or file compression, see Creating a Traditional
Volume in the Novell Storage Services Administration Guide.
Disabling File Compression

File compression is enabled and disabled at the volume level.
If you do not enable file compression when you create a volume, you can
subsequently enable it using the SET utility. Once enabled, however, file
compression cannot be disabled on the volume unless you re-create the
volume.
You can temporarily suspend file compression using the SET commands
Enable File Compression parameter. For a general description of the SET
command, see SET in Utilities Reference.
Setting File Compression Attributes

To set file compression attributes for a volume (including enabling
compression), use SET for instructions on using SET for the file compression
attributes, see Using SET to Set File Compression Attributes for Volumes
on page 36.
Using SET to Set File Compression Attributes for Volumes
Use SET to set file compression attributes for an entire volume. File
compression SET parameters do not affect the volumes file compression is
disabled on.
IMPORTANT: Do not use file compression on a CD-ROM volume.
36

103-000180-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
To change SET parameters, execute the SET command at the server console
prompt.
The following list identifies SET command parameters that affect file
compression. The settings apply to all files and directories in compressionenabled volumes on the server. For the function and range of values associated
with each SET parameter, see SET in Utilities Reference.
Compression Daily Check Stop Hour
Compression Daily Check Starting Hour
Minimum Compression Percentage Gain
Enable File Compression
Maximum Concurrent Compressions
Convert Compressed to Uncompressed Option
Decompress Percent Disk Space Free To Allow Commit
Decompress Free Space Warning Interval
Deleted Files Compression Option
Days Untouched Before Compression
Suspending File Compression

Use SET command's Enable File Compression parameter to temporarily
suspend file compression for a volume. For instructions on using SET to
suspend file compression, see SET in Utilities Reference.
You can also use the MONITOR command to change file compression
parameters. For a general description of MONITOR, see MONITOR in the
Utilities Reference.
While file compression is suspended, files that would have been compressed
are queued and compressed when compression is re-enabled.
Saving Disk Space with File Purging

You can conserve disk space by purging files from volumes. For information
and instructions on purging files, see Deleting NSS Pools or Logical Volumes
in the Novell Storage Services Administration Guide.

103-000180-001
August 30, 2001
Novell Confidential
37
Manual
99a
38
July 17, 2001
You can purge files automatically using SET. For a general description of the
SET command, see SET in Utilities Reference.
Saving Disk Space with Block Suballocation

Use block suballocation to enhance use of disk space.
Block suballocation divides any partially used disk block into suballocation
blocks of 512 bytes. These suballocation blocks can be used by files to share
what would otherwise be unavailable space.
You can set block suballocation only when creating a traditional volume. For
instructions on setting block suballocation on traditional volumes, see
Creating a Traditional Volume in the Novell Storage Services Administration
Guide.
Enhancing Disk Response Time With Disk Striping

For a heavily used volume, you can improve disk response time by
distributing volume segments across multiple disks (disk striping). This
configuration option is called Redundant Array of Inexpensive Devices
(RAID). For background information and instructions, see Creating a RAID
Device in the Novell Storage Services Administration Guide.
If one of the disks fails, the entire volume becomes unavailable. Therefore,
you should mirror or duplex drives containing spanned volumes.
If a disk containing a spanned volume fails, the entire volume must be restored
from a backup across all segments before you can use it again.
The most effective way to distribute volume segments is to do so equally
across the disks. Do not simply fill up a disk, add another, add another, etc.
38

103-000180-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Managing
The procedures in the Managing section of the file system documentation
pertain to network administrators and users. Procedures for viewing directory
and file information, copying, moving, and other routine functions are of
interest to users as well as system administrators. Procedures pertaining to
volume management and the protection of network data necessarily belong to
network administration.
This chapter includes information about viewing and managing directories
and files. It also refers you to the directory and file management procedures in
ConsoleOneTM. Information about Creating and managing partitions and
volumes is provided in the For more information about NSS, see Introducing
Novell Storage Services in the Novell Storage Services Administration Guide.
Managing Volumes
Novell Storage ServicesTM (NSS) is the primary storage and file system. It
supports large volumes and files. Information about the following sections are
in the Setting Up and Configuring chapter of the Novell Storage Services
Administration Guide:
Creating a Logical Volume
Creating a Traditional Volume
Renaming a Logical Volume
Renaming a Traditional Volume
Increasing the Size of a Traditional Volume
Dismounting a Traditional Volume
Deleting NSS Pools or Logical Volumes
Managing

103-000180-001
August 30, 2001
Novell Confidential
39
Manual
99a
38
July 17, 2001
Deleting a Traditional Volume

Repairing a Traditional Volume
Volume Conversion
Viewing Directory and File Information

You can see extended information about a directory or file using ConsoleOne.
For instructions on viewing directory and File information, see Viewing or
Modifying Information about a File or Folder in the ConsoleOne 1.3 User
Guide.
You can see file information such as
Owner and trustees
Attributes, effective rights, and the Inherited Rights Filter (IRF)
Name space
File size
Creation, access, archive, and modify dates
You can see directory information such as
Owner and trustees
Creation date and time
Attributes, effective rights, and the IRF
Disk space limitations
Copying or Moving Directories and Files

You can copy and move files and directories, as you do objects from your
desktop application.
The destination can be in another browser containing the same tree or a
different tree.
To copy or move files, you must have File Scan rights to the source directory,
and you must have the Create right to the destination directory.
To move files, you must also have the Erase right to the source directory,
because moving files includes deleting them from the source directory. For
40

103-000180-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
instructions on copying directories and files, see Viewing or Modifying

Information about a File or Folder in the ConsoleOne 1.3 User Guide.
Salvaging and Purging Files

Files deleted from the NetWare server remain on the disk until the deleted files
are purged. Deleted files can be salvaged any time before they are purged.
Purging frees the space used to store the deleted files on the server's hard disk.
If a disk runs out of free space, NetWare automatically purges the files that
were deleted first. For instructions on salvaging and purging deleted files, see
Salvaging and Purging Deleted Files on NetWare Volumes in the ConsoleOne
1.3 User Guide.
Protecting Data: Disk Mirroring and Duplexing

NetWare allows you to protect your data with disk mirroring or duplexing.
Mirroring stores the same data on separate disks on the same controller
channel; duplexing stores the same data on separate disks on separate
controller channels.
Duplexing is the preferred method since two channels rarely fail
simultaneously.
Do not mirror a partition on a disk to another partition on the same disk. Doing
so is not fault tolerant, even though mirroring allows it.
With multiple partitions on a disk, any partition can be mirrored to any other
disk. This provides considerable flexibility in protecting partitions.
For information on mirroring and duplexing partitions, see Creating a
Partition in the Novell Storage Services Administration Guide.
IMPORTANT: Access the ConsoleOne online help for important information about
mirroring partitions.
Using Directory Map Objects

A Directory Map object represents a particular directory in the file system. For
more information about Directory Map Objects, see Directory Map Objects
on page 13.
Managing

103-000180-001
August 30, 2001
Novell Confidential
41
Manual
99a
38
July 17, 2001

Directory Map objects can be especially useful in login scripts by indicating
directories that contain applications or other frequently used files. For
instructions on creating Directory Map Objects, see Creating a Directory Map
Object in the ConsoleOne 1.3 User Guide.
If you have a directory that contains a word processor, you will probably map
a search drive to that directory in any login scripts you create. If you should
later upgrade to the word processor and rename the directory, you would have
to change the mapping in every login script where that search mapping
appears.
By using a Directory Map object, you could avoid having to make changes to
the login scripts.
First, using ConsoleOne, you could create a Directory Map object called
CURRENT_WPR that points to the word processor directory
(SYS:PUBLIC\WPR\80).
Then, with a MAP command in your login scripts, map a search drive to the
Directory Map object, rather than to the specific directory:
MAP INS S2:=.CURRENT_WPR.SALES.NOVELL_US
For a general description of the MAP command, see MAP in the Utilities
Reference.
When users log in, their search drive is mapped to the CURRENT_WPR
Directory Map object, which points to the directory containing WPR8.0.
Later, if you upgrade to WPR9.0 and change the directory's name to
SYS:PUBLIC\WPR\90, you would change only the Directory Map object to
indicate the new path.
You would not have to change the MAP command in the login script because
the MAP command still indicates the correct Directory Map object.
42

103-000180-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Troubleshooting
This chapter presents various troubleshooting procedures for resolving
problems with traditional volume including the following:
Resolving File I/O Errors (page 43)
Resolving Volume I/O Errors (page 44)
Resolving Problems When the Server Hangs after Mounting Last Volume
(page 44)
Resolving Problems When No Volumes Mount (page 45)
Resolving Problems When Only Some Volumes Mount (page 45)
Resolving Disk Error Problems When a Volume Is Mounting (page 46)
Resolving Memory Errors When a Volume Is Mounting (page 46)
Resolving Volume Mounting Problems Because of Corrupted Directory
Entry Tables or File Allocation Tables (page 47)
Resolving Volume Mounting Problems Because of Name Space Module
(page 48)
Other Troubleshooting Information (page 49)
Resolving File I/O Errors

To resolve a file I/O error, try one or more of the following:
Make sure that the volume (especially volume SYS:) is mounted.
If the volume is out of disk space, error messages will appear on the
Logger Console screen indicating that the volume is almost out of disk
space. Check this screen for messages.
Troubleshooting

103-000180-001
August 30, 2001
Novell Confidential
43
Manual
99a
38
July 17, 2001
Check how much space remains on volume SYS:. If it is low, increase the
size by adding free space.
To increase the amount of free space, do one or more of the following:
Delete extraneous files (if you can log in from a workstation).
Enter SET IMMEDIATE PURGE OF DELETED FILES = ON at the
console prompt and then retry the action.
If you have an additional disk, increase the size of the volume by creating
an additional segment of the volume on the disk.
Resolving Volume I/O Errors

To resolve a volume I/O errors on traditional volumes, try one or more of the
following:
Make sure that all devices that contain the volume are online. (Volumes
can span multiple devices.)
Repair the volume using VREPAIR.
Make sure that the volume is visible.
If you have tried all of the above without success, contact a Novell Support
Provider or the disk drive manufacturer.
Resolving Problems When the Server Hangs after

Mounting Last Volume
To diagnose problems when the server stops processing after mounting the last
volume, identify whether the following conditions exist:
The server network board is not initializing when the server is started
because the board is not installed or seated correctly.
The server network board is not configured correctly.
To resolve problems when the server stops processing after mounting the last
volume, perform the following actions or ensure that the following conditions
exist:
Check the network board configurations of the boards in the server and
the settings shown on the server and make sure that the settings match.
44

103-000180-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Make sure that all server and workstation network boards are seated
properly and that cabling and connections are attached securely.
Make sure that the terminators on cables have the right ohm rating and are
installed correctly. The IBM* PC Cluster sends a broadcast message
during initialization and then stops processing if the network is not cabled
or terminated properly.
Check the network boards in all workstations for correct node address
settings.
Resolving Problems When No Volumes Mount

Volume SYS: contains the NetWare system files and the NLM programs.
If volume SYS: does not mount when the server is booted, then the
AUTOEXEC.NCF file does not execute, LAN drivers do not load, and the
volume does not become part of the eDirectory tree.
To diagnose problems when no volumes mount, identify whether the
following conditions exist:
Volume SYS: is corrupted.
The hard disk containing volume SYS: has failed.
The cable or power to the external hard disks has malfunctioned.
To resolve problems when no volumes mount, do the following:
Repair the volume using the utilities that are appropriate for the volume
type.
Check the cabling and power to the external hard disks. Replace any
faulty components.
Replace the hard disk containing volume SYS:.
Create the partitions and volume SYS:.
Restore the data from a backup copy.
Resolving Problems When Only Some Volumes Mount

To diagnose problems when only some volumes mount, identify whether the
Troubleshooting

103-000180-001
August 30, 2001
Novell Confidential
45
Manual
99a
38
July 17, 2001
The server does not have enough RAM

The disk driver for external drives are not be loaded
To resolve problems when only some volumes mount, do the following:
Add more RAM.
Verify which drivers are loaded.
Resolving Disk Error Problems When a Volume Is

Mounting
To diagnose problems when disk errors occur while a traditional volume is
mounting, identify whether the following conditions exist:
The server does not have enough memory to mount the volume.
The operating system is experiencing directory sector mismatching. This
mismatching can be caused if the media is defective or if the server is
turned off without the DOWN command.
To resolve disk error problems that occur while a volume is mounting, do the
following:
Check the status of the available cache buffers. If the available cache
buffers are fewer than 20%, add more memory to your server.
Minor errors usually correct themselves through normal network use. For
example, if a file allocation table (FAT) entry is wrong, the entry is
updated and corrected the next time the table is written to. If errors do not
correct themselves, repair the volume using VREPAIR.
Resolving Memory Errors When a Volume Is Mounting

To diagnose memory error problems when a traditional volume mounts,
identify whether the following conditions exist:
Volumes take more memory to mount than they require after being
mounted because the mounting process performs consistency checks (for
example, the duplicate copies of all the tables are checked).
Volumes and directory entries grow dynamically. Therefore, if your
server is using most of the RAM (file cache buffers are close to 20% of
the memory) and you dismount a volume, you might not be able to
remount the volume unless additional memory is available.
46

103-000180-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Each additional name space support that you add to a volume increases
the size of the file allocation tables and directory entry tables. Adding
name space support can cause the tables to grow so large that the server
does not have enough RAM to mount the volume.
To resolve memory errors when a volume mounts, perform the following
actions or ensure that the following conditions exist:
Check the status of the available cache buffers. If the cache buffers are
fewer than 20%, add more RAM to your server.
Free up memory by unloading resources.
On volumes using the traditional file system streamline the directory
structure. Each subdirectory takes at least one directory block (by default,
a 4 KB block of memory). Therefore, subdirectories with only one file
require as much memory as directories with 32 files. Check the 4 KB size.
If you combine directories so that most directories have about 32 files and
you then purge the deleted subdirectories and files, you will free up
memory.
Calculate how much memory you need and add memory to the server.
Remove the recently added name space support.
WARNING: This is a destructive step that destroys all the extended file
information. Before taking this step, try to free up enough memory so that the
volume mounts and you can back up the data.
Have all users log out and then unload all NLM programs except the
volumes disk drivers. Dismount any mounted volumes.
To remove the name space on a traditional volume, load VREPAIR and
select Set VRepair Options. Then select the Remove Name Space
Support from the Volume and Write All Directory and FAT Entries Out to
Disk options. Then exit to the main menu. Run VREPAIR > Repair a
Volume on the volume that would not mount.
Resolving Volume Mounting Problems Because of

Corrupted Directory Entry Tables or File Allocation
Tables
To diagnose problems when mismatches exist in the duplicate copies of the
file allocation table (FAT) and directory entry table (DET) on traditional
volumes, identify whether the following conditions exist:
Troubleshooting

103-000180-001
August 30, 2001
Novell Confidential
47
Manual
99a
38
July 17, 2001
A power failure has occurred and the server has not been shut down with
the DOWN command.
A hard disk has failed.
A disk channel error has occurred.
A volume does not dismount when you enter the DISMOUNT command.
Directory information in cache is not completely written to disk.
To resolve problems when mismatches exist in the duplicate copies of the FAT
and DET, do the following:
Run VREPAIR.
Add a UPS system so that the server is shut down automatically when a
power failure occurs.
Replace faulty disks or controllers.
Resolving Volume Mounting Problems Because of

Name Space Module
After a volume has been configured to support more than the DOS naming
convention, the name space NLM program must be loaded before the volume
can be mounted.
To diagnose problems when a traditional volume cannot mount because the
name space NLM program is not loaded, identify whether the following
conditions exist:
The command to load the name space NLM is not in the STARTUP.NCF
file.
The NLM to load the name space has not been copied to the boot
directory of the server.
To resolve problems when a traditional volume cannot mount because the
name space NLM program is not loaded, do the following:
Load the name space NLM program and then mount the volume. Copy
the name space NLM to the server boot directory and add the LOAD
command to the STARTUP.NCF file. The NLM then loads automatically
whenever the server is booted.
Delete the name space configuration from the volume.
48

103-000180-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
WARNING: This is a destructive step that destroys all of the extended file
information.
Back up all non-DOS files.

Load VREPAIR and select Set VRepair Options. Then select the Remove
Name Space Support from the Volume and Write All Directory and FAT
Entries to Disk options. Then exit to the main menu. Run VREPAIR >
Repair a Volume on the volume that would not mount.
Other Troubleshooting Information

For other troubleshooting information on the traditional file system and server
operating system, see Troubleshooting the NetWare Server in the Server
Operating System Administrator Guide.
Troubleshooting

103-000180-001
August 30, 2001
Novell Confidential
49
Manual
50
99a
38

103-000180-001
August 30, 2001
Novell Confidential
July 17, 2001
NetWare Server Disks and Storage Devices Administration Guide
Novell
NetWare 6
www.novell.com
N E T WA R E S E RV E R D I S K S A N D S TO R A G E D E V I C E S
August 30, 2001

Novell Confidential
Manual
99a
38
July 17, 2001
Contents
Server Disks and Storage Devices
Documentation Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . .
Partitioning Disks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Logical Partitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Device and Partition Numbering . . . . . . . . . . . . . . . . . . . . . . . . .
Object Numbers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Device Names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Drivers for Host Adapters and Storage Devices . . . . . . . . . . . . . . . . .
Mirroring and Duplexing . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Redirecting Bad Blocks . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Optimizing Storage Disk Capacity . . . . . . . . . . . . . . . . . . . . . . . .
Improving Disk Reads . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Changing Concurrent Disk and Directory Writes for Faster Reads. . . . . .
Changing the Turbo File Allocation Table (FAT) Wait Time for Faster Reads
Improving Disk Writes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Increasing the Number of Concurrent Writes. . . . . . . . . . . . . . . . .
Changing Disk and Directory Caching for Faster Writes . . . . . . . . . . .
Turning Off Read-After-Write Verification . . . . . . . . . . . . . . . . . .
View a List of Adapters and Devices . . . . . . . . . . . . . . . . . . . . . . .
Checking Available Disk Space . . . . . . . . . . . . . . . . . . . . . . . . .
Checking for Disk Errors . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Adding and Replacing Hard Disks . . . . . . . . . . . . . . . . . . . . . . . .
Adding a Hard Disk to the NetWare Server . . . . . . . . . . . . . . . . .
Replacing a Hard Disk . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Loading Disk Drivers . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Replacing Disk Drivers . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Creating NetWare Partitions . . . . . . . . . . . . . . . . . . . . . . . . . . .
Deleting NetWare Partitions . . . . . . . . . . . . . . . . . . . . . . . . . . .
Activating and Deactivating a Hard Disk . . . . . . . . . . . . . . . . . . . . .
Mirroring and Duplexing Partitions . . . . . . . . . . . . . . . . . . . . . . . .
Mirroring Partitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Unmirroring Partitions . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Recovering Data from an Out of Sync Disk . . . . . . . . . . . . . . . . .
Managing Removable Media Devices . . . . . . . . . . . . . . . . . . . . . .
Mounting a Removable Media Device . . . . . . . . . . . . . . . . . . . .
Dismounting a Removable Media Device . . . . . . . . . . . . . . . . . .
Locking and Unlocking a Removable Media Device . . . . . . . . . . . . .
7
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Contents

103-000179-001
August 30, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
. 7
10
11
12
13
14
16
16
18
21
24
24
25
26
26
27
28
30
30
31
32
32
33
34
35
35
36
36
37
37
37
37
38
38
39
39
Novell Cluster Services Overview and Installation
Novell
Cluster Services
www.novell.com
1.6
O V E RV I E W A N D I N S TA L L AT I O N
August 29, 2001

Novell Confidential
Manual
Rev 99a
9 June 00
28
Contents
Introduction to Novell Cluster Services
Overview
Product Features . . . .
Product Benefits . . . .
Cluster Configuration. .
Cluster Components
9
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Hardware Requirements . . . . . . . . . . . . . . . .
Software Requirements . . . . . . . . . . . . . . . .
Shared Disk System Requirements . . . . . . . . . .
Rules for Operating a Novell Cluster Services SAN . .
Installing or Upgrading Novell Cluster Services . . . .
Novell Cluster Services Licensing . . . . . . . . .
Prepare Cluster Servers for an Upgrade . . . . . .
Run the Installation Program . . . . . . . . . . . .
Setting Up Novell Cluster Services. . . . . . . . . . .
Create Shared Disk Partitions . . . . . . . . . . .
Create NSS Pools . . . . . . . . . . . . . . . . .
Create Cluster Volumes . . . . . . . . . . . . . .
Cluster Enable Pools and Volumes . . . . . . . .
Create Cluster Resource Templates . . . . . . . .
Create Cluster Resources . . . . . . . . . . . . .
Configure Load Scripts . . . . . . . . . . . . . . .
Configure Unload Scripts . . . . . . . . . . . . . .
Set Start, Failover, and Failback Modes . . . . . .
Assign Nodes to a Resource . . . . . . . . . . . .
Configuration Settings . . . . . . . . . . . . . . . . .
Edit Quorum Membership and Timeout Properties.
Cluster Protocol Properties . . . . . . . . . . . . .
Cluster IP Address and Port Properties . . . . . .
Resource Priority . . . . . . . . . . . . . . . . . .
Cluster E-Mail Notification . . . . . . . . . . . . .
Cluster Node Properties . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Installation and Setup
. 9
10
13
14
15
Contents

103-000154-001
August 29, 2001
Novell Confidential
15
15
16
16
17
17
18
19
22
22
24
25
26
28
29
30
32
33
34
35
35
36
38
38
39
41
Manual
Rev 99a
Migrating Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Identifying Cluster and Resource States . . . . . . . . . . . . . . . . . . .
Additional Cluster Operating Instructions . . . . . . . . . . . . . . . . . . .
Installing NetWare on a Server That Will Be Added to an Existing Cluster
Readding a Node to a Cluster That Was Prevously in the Cluster . . . .
Cluster-enabled Volume Connection Required for Some Utilities . . . . .
Some Applications Do Not Fail Over . . . . . . . . . . . . . . . . . . .
Novell Cluster Services Console Commands . . . . . . . . . . . . . . . . .

103-000154-001
August 29, 2001
Novell Confidential
9 June 00
28
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
42
43
45
45
46
46
46
46
Manual
99a
38
July 17, 2001

Novell Cluster ServicesTM is a server clustering system that ensures high
(volumes), applications, server licenses, and services. It is a multinode,
eDirectoryTM enabled clustering product for NetWare 6 that supports
failover, failback, and migration (load balancing) of individually managed
cluster resources.

103-000154-001
August 29, 2001
Novell Confidential
Manual
99a
38

103-000154-001
August 29, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
Overview
Novell Cluster ServicesTM is a server clustering system that ensures high
(volumes), applications, server licenses, and services. It is a multinode
clustering product for NetWare that is enabled for eDirectoryTM and supports
failover, failback, and migration (load balancing) of individually managed
cluster resources.
Licenses for two cluster nodes is included with NetWare 6. Licenses for
additional cluster nodes may be purchased separately.
Product Features
Novell Cluster Services includes several important features to help you ensure
and manage the availability of your network resources. These include:
Support for shared SCSI or fiber channel storage area networks.

Multinode all-active cluster (up to 32 nodes). Any NetWare server in the
cluster can restart resources (applications, services, IP addresses, and
volumes) from a failed server in the cluster.
Single point of administration through a browser-based NetWare Remote

ManagerTM or a Java-based ConsoleOneTM cluster configuration and
monitoring GUI. The browser-based NetWare Remote Manager lets you
remotely manage your cluster.
The ability to tailor a cluster to the specific applications and hardware

infrastructure that fit your organization.
Dynamic assignment and reassignment of server storage on an as-needed

basis.
The ability to automatically notify administrators through e-mail of

cluster events and cluster state changes.
Overview

103-000154-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Product Benefits
Novell Cluster Services allows you to configure up to 32 NetWare servers into
a high-availability cluster, where resources can be dynamically switched or
moved to any server in the cluster. Resources can be configured to
automatically switch or be moved in the event of a server failure, or can be
moved manually to troubleshoot hardware or balance the workload.
Novell Cluster Services provides high availability from commodity
components. Lower costs are obtained through the consolidation of
applications and operations onto a cluster. The ability to manage a cluster from
a single point of control and to adjust resources to meet changing workload
requirements (thus, manually load balance the cluster) are also important
benefits of Novell Cluster Services.
An equally important benefit of implementing Novell Cluster Services is that
you can reduce unplanned service outages and reduce planned outages for
software and hardware maintenance and upgrades.
Reasons you would want to implement Novell Cluster Services include:
Increased availability
Improved performance
Low cost of operation
Scalability
Disaster recovery
Data protection
Shared resources
Shared disk fault tolerance can be obtained by implementing RAID Level 5
on the shared disk subsystem.
An example of the benefits Novell Cluster Services provides can be better
understood through the following scenario.
Suppose you have configured a three-server cluster, with a Web server
installed on each of the three servers in the cluster. Each of the servers in the
cluster hosts two Web sites. All the data, graphics, and e-mail messages for
each Web site is stored on a shared disk subsystem connected to each of the
servers in the cluster. The following figure depicts how this setup might look.
10

103-000154-001
August 29, 2001
Novell Confidential
Manual
Figure 1
99a
July 17, 2001
38
Three-Server Cluster
Web Server 1
Web Server 2
Web Server 3
Web Site A
Web Site C
Web Site E
Web Site B
Web Site D
Web Site F
Fiber Channel Switch
Shared Disk
System
During normal cluster operation, each server is in constant communication

with the other servers in the cluster and performs periodic polling of all
registered resources to detect failure.
Suppose Web Server 1 experiences hardware or software problems and the
users depending on Web Server 1 for Internet access, e-mail, and information
lose their connections. The following figure shows how resources are moved
when Web Server 1 fails.
Figure 2
Three-Server Cluster after One Server Fails
Web Server 1
Web Server 2
Web Site A
Web Site C
Web Site D
Web Server 3
Web Site B
Web Site E
Web Site F
Shared Disk
System
Overview

103-000154-001
August 29, 2001
Novell Confidential
11
Manual
99a
38
July 17, 2001
Web Site A moves to Web Server 2 and Web Site B moves to Web Server 3.
IP addresses and applicable licenses also move to Web Server 2 and Web
Server 3.
When you configured the cluster, you decided where the Web sites hosted on
each Web server would go should a failure occur. In the previous example, you
configured Web Site A to move to Web Server 2 and Web Site B to move to
Web Server 3. This way, the workload once handled by Web Server 1 is evenly
distributed.
When Web Server 1 failed, Novell Cluster Services software
Detected a failure.
Remounted the shared data volumes (that were formerly mounted on Web
server 1) on Web Server 2 and Web Server 3 as specified.
Restarted applications (that were running on Web Server 1) on Web

Server 2 and Web Server 3 as specified.
Transferred IP addresses to Web Server 2 and Web Server 3 as specified.

In this example, the failover process happened quickly and users regained
access to the Internet, Web site information, and e-mail within seconds, and in
most cases, without having to log in again.
Now suppose the problems with Web Server 1 are resolved, and Web Server
1 is returned to a normal operating state. Web Site A and Web Site B will
automatically failback, or be moved back to Web Server 1, and Web Server
operation will return back to the way it was before Web Server 1 failed.
Novell Cluster Services also provides resource migration capabilities. You can
move applications, Web sites, etc. to other servers in your cluster without
waiting for a server to fail.
For example, you could have manually moved Web Site A or Web Site B from
Web Server 1 to either of the other servers in the cluster. You might want to do
this to upgrade or perform scheduled maintenance on Web Server 1, or just to
increase performance or accessibility of the Web sites.
12

103-000154-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Cluster Configuration
Typical cluster configurations normally include a shared disk subsystem
connected to all servers in the cluster. The shared disk subsystem can be
connected via high-speed fiber channel cards, cables, and switches, or be
configured to use shared SCSI. If a server fails, another designated server in
the cluster automatically mounts the shared disk volumes previously mounted
on the failed server. This gives network users continuous access to the
volumes on the shared disk subsystem.
Typical resources might include data (volumes), applications, server licenses,
and services. The following figure shows how a typical fiber channel cluster
configuration might look.
Figure 3
Typical Fiber Channel Cluster Configuration
Network Hub
Network
Interface
Card(s)
Server 1
Sys
Server 2
Sys
Server 3
Sys
Server 4
Sys
Server 5
Sys
Server 6
Fiber
Channel
Card(s)
Sys

Shared Disk
System
Although fiber channel is the recommended configuration, you can configure

your cluster to use shared SCSI. The following figure shows how a typical
shared SCSI cluster configuration might look.
Overview

103-000154-001
August 29, 2001
Novell Confidential
13
Manual
Figure 4
99a
38
July 17, 2001
Typical Shared SCSI Cluster Configuration
Network Hub
Network
Interface
Card
Server 1
SCSI
Adapter
Network
Interface
Card
Sys
Server 2
SCSI
Adapter
Sys
Shared Disk
System
Cluster Components
The following components make up a Novell Cluster Services cluster:
From 2 to 32 NetWare servers configured to use IP, each containing at

least one local disk device (used for a local SYS: volume).
Novell Cluster Services software running on each NetWare server in the

cluster.
A shared disk subsystem connected to all servers in the cluster (optional,

but recommended for most configurations).
High-speed fiber channel cards, cables, and switch or SCSI cards and
cables used to connect the servers to the shared disk subsystem.
14

103-000154-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Hardware Requirements
The following list specifies hardware requirements for installing Novell
Cluster ServicesTM. These requirements represent the minimum hardware
configuration. Additional hardware might be necessary depending on how
you intend to use Novell Cluster Services.
A minimum of two NetWare servers

At least 256 MB of memory on all servers in the cluster (512 MB
recommended for failing multiple applications to the same server)
At least one local disk device (not shared) for volume SYS: on each server
Software Requirements
You must have NetWare 6 running on each cluster server. Ensure the
following requirements are met:
All servers in the cluster configured with the IP protocol and on the same
IP subnet
An additional IP address for the cluster and each cluster resource and
cluster-enabled volume
All servers in the cluster in the same eDirectoryTM tree

103-000154-001
August 29, 2001
Novell Confidential
15
Manual
99a
38
July 17, 2001
Shared Disk System Requirements

A shared disk system (Storage Area Network or SAN) is required for each
cluster if you want data to be highly available. If a shared disk subsystem is
used, ensure the following:
At least 15 MB of free disk space on the shared disk system for creating
a special cluster partition
The Novell Cluster Services installation automatically allocates one
cylinder on one drive of the shared disk system for the special cluster
partition. Depending on the location of the cylinder, the actual amount of
space used by the cluster partition may be less than 15 MB.
The shared disk system is properly set up and functional according to the
manufacturers instructions
Prior to installation, verify that all the drives in your shared disk system
are recognized by NetWare by running the LIST DEVICES command on
each server you intend to add to your cluster. If any of the drives in the
shared disk system do not show up in the list, consult your NetWare
documentation or the shared disk system documentation for
troubleshooting information.
The disks contained in the shared disk system are configured in a

mirroring or RAID 5 configuration to add fault tolerance to the shared
disk system
WARNING: If the disks in the shared disk system are not configured to use
mirroring or RAID 5, a single disk error can cause a volume failure. Novell Cluster
Services software will not protect against such faults.
Rules for Operating a Novell Cluster Services SAN

When you create a Novell Cluster Services system that utilizes shared storage
space (a Storage Area Network or SAN), it is important to remember that all
servers attached to the shared device, whether in the cluster or not, have access
to all of the volumes on the shared storage space unless you specifically
prevent such access. Novell Cluster Services arbitrates access to shared
volumes for all cluster nodes, but cannot protect shared volumes from being
corrupted by noncluster servers.
16

103-000154-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
When working with shared storage, do not attach a noncluster server to the
same shared storage device as a cluster unless you have isolated the storage so
that the noncluster server has access only to its own volumes. Failure to do so
will result in data corruption or volume loss.
Installing or Upgrading Novell Cluster Services

It is necessary to run the Novell Cluster Services installation program when
you
Create a new cluster

Add new nodes to an existing cluster
Upgrade Novell Cluster Services software in an existing cluster
If you are running the Novell Cluster Services installation program to create a
new cluster, the program automatically
Creates a new Cluster object in eDirectory

Installs Novell Cluster Services software on the servers you specify to be
part of your cluster
After running the Novell Cluster Services installation the first time to create a
new cluster, you will need to run the Novell Cluster Services installation again
each time you want to add new servers to your cluster or upgrade Novell
Cluster Services software on an existing cluster.
Novell Cluster Services Licensing

Novell Cluster Services requires a Cluster Server License for each server that
is part of the cluster. The Cluster Server License allows a server to join a
cluster. Cluster Server License objects are created in the same eDirectory
context as the Cluster object.
Cluster Server Licenses for a two-node cluster are already provided with
NetWare 6 and are automatically added during the Novell Cluster Services
installation. You only need additional Cluster Server Licenses if you have a
three-node or larger cluster. Additional Cluster Server Licenses can be
obtained from Novell or from your Novell Authorized ResellerSM.

103-000154-001
August 29, 2001
Novell Confidential
17
Manual
99a
38
July 17, 2001
Prepare Cluster Servers for an Upgrade

If you are upgrading Novell Cluster Services from a previous version and your
cluster has shared storage, you must prepare your cluster servers before
upgrading them to NetWare 6 and before upgrading Novell Cluster Services.
This preparation is necessary to ensure existing shared-volume trustee
assignments can be used after the upgrade.
To prepare cluster servers for an upgrade, from a NetWare client run
NWDEPLOY.EXE from the root of the NetWare 6 Operating System CD to
launch the NetWare Deployment Manager, and then complete the following
steps:
In the NetWare Deployment Manager, open the Network Preparation

Folder and click Prepare a Novell Cluster for Upgrade.
Continue through the screens until you get to the screen that prompts you
to select an existing cluster to prepare for upgrade.
2
3
Specify the cluster name, eDirectory tree, and context for the cluster you
are preparing for upgrade.
Choose whether you want the servers you are going to upgrade to go
down after completing the preparation for upgrading cluster servers. Then
click Next to run the program for preparing cluster servers for upgrade.
Bringing down all cluster servers before an upgrade ensures NSS
volumes on shared storage (your SAN) are deactivated prior to upgrading
to NetWare 6.
If you choose to not bring down all cluster servers after completing the
preparation for upgrading cluster servers, you must do it manually before
upgrading cluster servers to NetWare 6.
Once you have completed the process for preparing cluster servers for upgrade
and upgrading those servers to NetWare 6, continue with the instructions in
Run the Installation Program on page 19.
18

103-000154-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Run the Installation Program

To install Novell Cluster Services, insert the NetWare 6 Operating System CD
in a NetWare client workstation and allow the NetWare Deployment Manager
to automatically launch. You can also run NWDEPLOY.EXE from the root of
the CD to launch the NetWare Deployment Manager. After starting the
NetWare Deployment Manager, complete the following steps:
In the NetWare Deployment Manager, open the Post-Installation Tasks

folder and click Install or Upgrade a Novell Cluster.
Continue through the installation screens until you get to the screen that
prompts you to create a new cluster, add new nodes to an existing cluster,
or upgrade software in an existing cluster.
Click Create a New Cluster, Add New Nodes to Existing Cluster, or

Upgrade Software in Existing Cluster, and then click Next.
The Skip File Copy check box is checked by default and prevents Novell
Cluster Services files from being copied during the installation. The
NetWare 6 installation program automatically copies all Novell Cluster
Services files to every NetWare 6 server. If you want to refresh Novell
Cluster Services files on cluster servers you should uncheck the Skip File
Copy check box. Even though Novell Cluster Services files already exist
on each NetWare 6 server, you still need to run the Novell Cluster
Services installation program to configure and set up cluster nodes.
Leaving the Skip File Copy check box unchecked will cause existing
Novell Cluster Services files to be copied over, but will not otherwise
affect the installation.
Do one of the following:
(If creating) Enter the name for the new Cluster object you are
creating and specify the Directory tree and context where you want
it created. Then click Next and continue with Step 4 on page 20.
NOTE: Do not use periods in cluster names. NetWare and NetWare clients
interpret a period as a delimiter.
(If adding new nodes) Specify the eDirectory tree, context, and name
of the cluster you will add servers to. If you dont know a cluster
name or its context, browse and select one. Then click Next and
continue with Step 4 on page 20.
(If upgrading software) Specify the Directory tree, context, and name
of the cluster where software will be upgraded. Then click Next and
go to Step 7 on page 20.

103-000154-001
August 29, 2001
Novell Confidential
19
Manual
99a
38
July 17, 2001
Enter the name of the server you want to add to the cluster, or browse and
select one from the list, and then click Add to Cluster. Repeat this step for
every server you want to add to the cluster. Then click Next.
You can also remove servers you just added to the cluster by selecting
them from the NetWare Servers in Cluster list and clicking Remove.
When you add a server to a cluster, Novell Cluster Services automatically
detects the servers IP address. If the server you are adding has more than
one IP address, you will be prompted to select the IP address you want
Novell Cluster Services to use.
Enter a uniqe IP address for the cluster.

The cluster IP address is separate from the server IP address and is
required for certain external network management programs to get cluster
status alerts. The cluster IP address provides a single point of cluster
access for NetWare Remote Manager. A Master IP Address resource is
created automatically during the Cluster Services installation that makes
this possible.
The cluster IP address will be bound to the master node and will remain
with the master node regardless of which server is the master node.
(Conditional) If you are creating a new cluster, specify whether your

cluster has a shared disk system and, if so, select the drive where you want
the small cluster partition created. Then click Next.
Novell Cluster Services requires a small cluster partition on the shared
disk system. You are also given the option of mirroring the partition for
greater fault tolerance.
IMPORTANT: You must have at least 10 MB of free space that is not part of an
NSS partition on one of the shared disk drives to create the cluster partition. If no
free space is available, the shared disk drives cant be used by Novell Cluster
Services.
If you previously installed Novell Cluster Services and created a cluster
with the same name, the installation program will detect that a cluster
partition has already been created and this screen will not appear.
20
Choose whether or not you want the servers you are upgrading or adding
to your cluster to start Novell Cluster Services software after the
installation. Then click Next.

103-000154-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
If you choose to not start Novell Cluster Services software on each server
that you upgrade or add to your cluster, you will need to manually start it
after the installation or you will need to reboot cluster servers to
automatically start it.
You can manually start Novell Cluster Services by running LDNCS at the
server console on each cluster server.
If you are installing or upgrading a two-node cluster or not adding
additional nodes to a two-node cluster, continue with Step 9 on page 21.
(Conditional) Specify the location of the Cluster Server License files or

browse and select a path, then click Add.
Since licenses for a two-node cluster are included with NetWare 6, this
screen only appears if you are installing or upgrading a three-node or
larger cluster.
If you are installing a three-node or larger cluster, you can obtain
additional Cluster Server Licenses from Novell or from your Novell
Authorized Reseller.
You are given the option of installing without licenses. If you choose to
install without licenses and you have a cluster with more than two nodes,
you will need to manually install the licenses at a later date using
iManage. Novell Cluster Services will not function without the proper
licenses in place.
Continue through the final installation screen.
If you are creating a new cluster, the installation program will create
a new Cluster object in eDirectory and install Novell Cluster
Services software on the servers you specified to be part of your
cluster.
If you are adding new nodes to an existing cluster, the installation

program will install Novell Cluster Services software on the servers
you are adding to your cluster.
If you are upgrading Novell Cluster Services software on an existing

cluster, the installation program will upgrade cluster software on all
servers in the cluster.

103-000154-001
August 29, 2001
Novell Confidential
21
Manual
99a
38
July 17, 2001
Setting Up Novell Cluster Services

If you created a new cluster, you now need to create and configure cluster
resources. You might also need to create shared disk partitions if they do not
already exist and, if necessary, configure all shared disk system pools and
volumes to work with Novell Cluster Services. You might also need to cluster
enable the shared disk system pools and volumes.
While ConsoleOne is the recommended tool for creating shared disk
partitions, NSS pools, and volumes, NetWare Remote Manager can also be
used. NetWare Remote Manager currently does not provide all the features for
managing network storage that are available in ConsoleOne.
Create Shared Disk Partitions

Before creating disk partitions on shared storage (storage area network or
SAN), Novell Cluster Services must be installed. You should carefully plan
how you want to configure your shared storage prior to installing Novell
Cluster Services.
Using ConsoleOne
Start ConsoleOne and authenticate to the eDirectory tree where the

Cluster object resides.
ConsoleOne runs faster on a client than a server. From a NetWare client,
go to the SYS:PUBLIC\MGMT\CONSOLEONE\1.2\BIN directory on a
server in the cluster and run CONSOLEONE.EXE.
We recommend running ConsoleOne from the server that is your primary
NetWare connection.
2
3
In the left pane, right-click the Cluster object or the Server object of a
server in the cluster and then click Properties.
On the Media tab, click Devices and then select the Device where you
want to create the shared partition. Ensure the Sharable for Clustering
check box is checked for the device.
If a device is marked as sharable, all partitions on that device will
automatically be sharable.
Device names are not changeable and might be labeled something like
0x2 or 0x1.
22

103-000154-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
If Cluster Services was previously installed and shared disk partitions

were already created, the Partitions List field will include this
information.
4
5
On the Media tab, click Partitions >New, and then select the device where
you want to create the partition (the same device you selected in the
previous step).
Specify the size of the partition and click OK to create it.
Continue with Create NSS Pools on page 24.
On this screen you should also ensure NSS is selected as the partition type
(this is the default) and ensure the Hot FixTM and Mirror check boxes are
checked and that Create New Mirror Group is selected.
In NetWare Remote Manager, the same process for creating a shared disk
partition is also used to create an NSS pool and volume. NetWare Remote
Manager currently does not allow you to create multiple volumes on a pool. If
you want to create multiple volumes on a pool, use ConsoleOne.
Using NetWare Remote Manager
In NetWare Remote Manager, in the left column under the Manage Server
section, select Volumes.
This is same screen that appears when you start NetWare Remote
Manager.
Under Partition Management, click Disk Partitions.

A screen appears that displays a list of devices that are currently
accessible to servers in the cluster. For each device, the list displays the
partitions, NSS pools, volumes, and free space on that device.
3
4
5
Find the device that corresponds to your shared storage system and click
Create on the free space where you want to create the partition.
Under Novell Storage Services, click Create a New Pool and Volume.
Specify the pool size and name, the volume name, and volume attributes.
Since only one pool exists in each partition, the pool size you specify will
be the size of the partition that gets created. The volume that is created
will be allowed to grow to the pool size.
The Prepare Volume for Use by Novell Clustering Services check box is
currently not functional and does not need to be checked.
Click CREATE to create the partition, NSS pool, and volume.

103-000154-001
August 29, 2001
Novell Confidential
23
Manual
99a
38
July 17, 2001
Create NSS Pools

The new Storage Pools feature in NSS gives you more flexibility in planning
and configuring your storage to work with Novell Cluster Services. More than
one cluster-enabled volume can now be part of a single cluster resource, and
volumes can dynamically grow as needed to take advantage of free disk space.
Only one NSS pool can be created on a partition. Storage pools must be
created prior to creating and cluster-enabling volumes. To learn more about
NSS pools, see Creating a Storage Pool in the Novell Storage Services
Using ConsoleOne
1
2
In ConsoleOne, on the property page of the Server object, click the Media
Tab and select NSS pools.
Click New, specify the name and type of pool you want to create, and then
click Next.
ZLSS is the default pool (LSS) type and should be the type used with
Novell Cluster Services.
Select the partition you just created and then click Next > Finish to create
the pool.
The Activate on Creation check box is checked by default. This will cause
the pool to be activated as soon as it is created. If you uncheck the check
box, you will have to manually activate the pool later before it can be
used.
Depending on your network configuration and the size of you eDirectory
tree, it could take a while for the pool information to be updated in
eDirectory. You can ensure the pool information is updated immediately
in eDirectory by selecting the pool from the pools list under the Media tab
and then clicking Update NDS.
Repeat the above steps for each additional pool you want to create on
shared storage.
Continue with Create Cluster Volumes on page 25.
The same procedure for creating shared disk partitions using NetWare Remote
Manager is used to create NSS pools. To create an NSS pool on shared storage
using NetWare Remote Manager go to Step 1 on page 23.
24

103-000154-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Create Cluster Volumes

If you plan on using a shared disk system in your cluster and need to create
new NetWare pools or volumes after installing Novell Cluster Services, the
server used to create the volumes should already have NSS installed and
running. NSS is the default file system for NetWare 6.
Using ConsoleOne
1
2
In ConsoleOne, on the property page of the Server object, click the Media
tab and select NSS Logical Volumes.
Click New, enter the name of the volume you want to create, and then
click Next.
Each shared volume in the cluster must have a unique name.
Select the pool where you want the volume to reside and either enter a
quota for the volume or check the check box to allow the volume to grow
to the pool size. Then click Next.
The quota is the maximum possible size of the volume. If you have more
than one volume per pool, you should enter a quota for each volume
rather than allowing multiple volumes to grow to the pool size.
Review and change volume attributes as necessary, and then click Finish
to create the volume.
You might want to check the Flush Files Immediately check box. This
will help ensure the integrity of volume data. Checking the Flush Files
Immediately check box will improve file system reliability but will
hamper performance. You should consider this option only if necessary.
Depending on your network configuration and the size of you eDirectory
tree, it could take a while for the voume information to be updated in
eDirectory. You can ensure the volume information is updated
immediately in eDirectory by selecting the volume from the volumes list
under the Media tab and then clicking the Update NDS button
Repeat the above steps for each cluster volume you want to create.
Depending on your configuration, the new volumes will either mount

automatically when resources that require them start or will have to be
mounted manually on individual servers after they are up.
IMPORTANT: If you have a volume that is not being managed by Novell Cluster
Services, the volume will need to be mounted before you can access it. The
MOUNT ALL command in AUTOEXEC.NCF will no longer mount all NSS volumes

103-000154-001
August 29, 2001
Novell Confidential
25
Manual
99a
38
July 17, 2001
by default. In the AUTOEXEC.NCF file of the server where the volume is to be

mounted, add separate MOUNT commands followed by the volume name for each
of the noncluster volumes you want to mount.
The same procedure for creating shared disk partitions using NetWare Remote
Manager is used to create cluster volumes. To create a cluster volume on
shared storage using NetWare Remote Manager go to Step 1 on page 23.
Cluster Enable Pools and Volumes

If you have a shared disk system that is part of your cluster and you want the
pools and volumes on the shared disk system to be highly available to
NetWare clients, you will need to cluster enable those pools and volumes.
Cluster enabling a pool or volume allows it to be moved or mounted on
different servers in the cluster in a manner that supports transparent client
reconnect.
With this release of Cluster Services, cluster-enabled volumes no longer
appear as cluster resources. NSS pools are resources, and load and unload
scripts apply to pools and are automatically generated for them. Each clusterenabled NSS pool requires its own IP address. This means that each clusterenabled volume does not have an associated load and unload script or an
assigned IP address.
The first volume you cluster enable in the pool automatically cluster enables
the pool where the volume resides. Once a pool has been cluster enabled, you
will need to cluster enable the other volumes in the pool if you want them to
be mounted on another server during a failover.
When a server fails, any cluster-enabled pools being accessed by that server
will fail over to other servers in the cluster. Because the cluster-enabled pool
fails over, all volumes in the pool will also fail over, but only the volumes that
have been cluster enabled will be mounted. Any volumes in the pool that have
not been cluster enabled will have to be mounted manually. For this reason,
volumes that arent cluster enabled should be in separate pools that are not
cluster enabled.
If you want each cluster-enabled volume to be its own cluster resource, each
volume must have its own pool.
Some server applications dont require NetWare client access to volumes, so
cluster enabling pools and volumes might not be necessary. Pools should be
deactivated and volumes should be dismounted before being cluster enabled.
26

103-000154-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Using ConsoleOne
1
2
3
4
Browse and select the Cluster object.

Click File > New > Cluster > Cluster Volume.
Browse and select a volume on the shared disk system to cluster enable.
Enter an IP address for the volume.
This is only required for the first volume to be cluster enabled in the pool.
This IP address will be assigned to the pool where the volume resides.
Checking the Online Resource after Create check box will cause the
volume to automatically mount once it is created.
(Optional) Change the default name of the virtual Server object.

When you cluster enable a pool, a virtual Server object is automatically
created and given the name of the Cluster object plus the cluster-enabled
pool. For example, if the cluster name is cluster1 and the cluster-enabled
pool name is pool1, then the default virtual server name will be
cluster1_pool1_server.
If you are cluster enabling a volume in a pool that has already been cluster
enabled, the virtual Server object has already been created, and you cant
change the virtual Server object name.
(Optional) Change the default name of the cluster-enabled Volume object.

When you cluster enable a volume, a new object is automatically created
and given the name of the Cluster object and the volume name. For
example, if the cluster name is cluster1 and the volume name is vol1, then
the default cluster-enabled Volume object name will be cluster1_vol1.
Ensure the Define Additional Properties check box is checked, click

Create and then continue with Set Start, Failover, and Failback Modes
on page 33.
1
2
3
4
In NetWare Remote Manager, in the left column under the Clustering

section, select Cluster Config.
At the bottom of the screen under Create New Objects, click New Cluster
Volume.
Select the volume you created in the previous section and click Select.
Enter the IP address you want to assign to the cluster-enabled volume.

103-000154-001
August 29, 2001
Novell Confidential
27
Manual
99a
38
July 17, 2001
All other fields on this screen should be automatically updated. You can
change or edit the information in the fields as desired. See Step 5 on page
27 and Step 6 on page 27 for more information.
This is only required for the first volume to be cluster enabled in the pool.
This IP address will be assigned to the pool where the volume resides.
Checking the Auto-Online check box will cause the resource to
automatically start once it is created.
Click the Save button to create the volume resource and then continue
with Set Start, Failover, and Failback Modes on page 33.
When the volume resource is brought online, the pool will automatically be
activated. You dont need to activate the pool at the server console.
Create Cluster Resource Templates

Templates simplify the process of creating similar or identical cluster
resources. For example, templates are helpful when you want to create
multiple instances of the same resource on different servers. You can create
templates for any server application or resource you want to add to your
cluster.
Novell Cluster Services currently provides templates for DHCP, GroupWise,
and NetWare Enterprise Web Server, as well as a generic IP SERVICE
template. The generic IP SERVICE template can be used when configuring
certain server applications to run on your cluster. You can edit and customize
any of the templates for your specific needs.
Using ConsoleOne
1
2
3
4
Browse and select the Cluster object where you want to create a cluster
resource template.
From the menu bar, click File > New > Cluster > Cluster Resource.
Enter a name for the new cluster resource template.
Check the Create Resource Template check box.
This option lets you create a cluster resource template instead of a cluster
resource.
28
Check the Define Additional Properties check box, and then continue
with Configure Load Scripts on page 30.

103-000154-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
To finish creating a cluster resource template, you need to configure load

and unload scripts, set failover and failback modes and, if necessary,
change the node assignments for the resource template.
1
2
3
4
5
On the left column under the Clustering section, click Cluster Config.
At the bottom of the screen above Create New Objects, click New Cluster
Resource.
Enter a name for the new cluster resource template.
Check the Create Resource and the Define Additional Properties check
boxes and then click Apply.
Continue with Configure Load Scripts on page 30.
Create Cluster Resources

Cluster resources must be created for every resource or application you run on
servers in your cluster. Cluster resources can include Web sites, e-mail servers,
databases, and any other server-based applications or services you want to
make available to users at all times.
Using ConsoleOne
1
2
3
Browse and select the Cluster object you want to create resources for.
Click File > New > Cluster > Cluster Resource.
Enter a name for the new cluster resource.
IMPORTANT: Do not use periods in cluster resource names. NetWare and

NetWare clients interpret a period as a delimiter.
5
6
7
If a template exists for the resource you are creating, enter the template
name in the Inherit From Template field, or browse and select it from the
list. If a template does not exist, check the Define Additional Properties
check box.
(Conditional) Check the Online Resource after Create check box if you
want the resource to automatically start on the master node as soon as it
is created and configured.
Click Create.
(Conditional) If you are not using a template for the resources, continue

103-000154-001
August 29, 2001
Novell Confidential
29
Manual
99a
38
July 17, 2001
1
2
3
4
At the bottom of the screen under Create New Objects, click New Cluster
Resource.
Enter a name for the new cluster resource.
If a template exists for the resource you are creating, select it from the list
and then click Apply. If a template does not exist, check the Define
Additional Properties check box and then click Apply.
The default selection for this field is No Template.
(Conditional) If you are not using a template for the resource, continue
If you are not using a template, you must complete the process for creating the
cluster resource by configuring load and unload scripts, setting failover and
failback modes and, if necessary, changing the node assignments for the
resource.
If you are using a template for this resource, additional resource configuration
is performed automatically by the template.
More information on configuring GroupWise, NDPS, NetWare Enterprise
Web Server and many other applications is available at Novells
documentation Web site (http://www.novell.com/documentation/lg/ncs6p/
index.html).
Configure Load Scripts

A load script is required for each resource, service, or disk pool in your cluster.
The load script specifies the commands to start the resource or service on a
server, or to mount the volume on a server.
You can use any commands in the load script that would be used in a .NCF file
run from the server console. If you dont know which commands to add to
your load script, consult the documentation for the application or resource.
Load scripts are automatically created for disk pools when you cluster enable
them. Because of this, it might not be necessary to configure or change the
load script for a pool.
30

103-000154-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Using ConsoleOne
1
2
Select the Load Script tab on the resource property page.

Edit or add the necessary commands to the script to load the resource on
the server.
Some commands may require command line input. You can add << to a
command to indicate command line input. For example, a script
command might read
LOAD SLPDA <<Y
This means that when SLPDA is loaded, it will receive a Y at the
command line, presumably to a question that needs a Yes answer. If more
inputs are required, they can be continued on subsequent lines, as follows:
LOAD SLPDA <<Y
<<Y
<<N
The string can be up to 32 characters.
Specify a timeout value.

The default is 600 seconds, or 10 minutes. The timeout value determines
how much time the script is given to complete. If the script does not
complete within the specified time, the resource becomes comatose.
1
2
3
4
From the list of Resources, select the desired resource or resource
template.
On the Resource Information screen, click Loading.
Edit or add the necessary commands to the script to load the resource on
the server.
For more details on load script commands see the instructions above on
configuring load scripts using ConsoleOne.
Specify the Load Timeout and click Apply to save the script.
This is the same as the timeout value described in the above instructions
on configuring load scripts using ConsoleOne.

103-000154-001
August 29, 2001
Novell Confidential
31
Manual
99a
38
July 17, 2001
Configure Unload Scripts

Depending on your cluster application or resource, you can add an unload
script to specify how the application or resource should terminate. An unload
script is not required by all resources or applications, but it can ensure that
during a failback or manual migration, a resource unloads before it loads on
another node. Consult your application vendor or documentation to determine
if you should add commands to unload the resource.
Unload scripts are automatically created for disk pools when you cluster
enable them. Because of this it might not be necessary to configure or change
the load script for a pool.
Using ConsoleOne
1
2
Select the Unload Script tab on the resource property page.

Edit or add the necessary commands to the script to unload the intended
resource on the server.
You can use any commands used in a .NCF file run from the server
console. If you dont know which commands to add, consult the
documentation for the application or resource you want to unload.
Specify a timeout value and click Apply to save the script.

The default is 600 seconds, or 10 minutes. The timeout value determines
how much time the script is given to complete. If the script does not
complete within the specified time, the resource becomes comatose.
1
2
3
4
5
32
From the list of Resources, select the desired resource.
On the Resource Information screen, click Unloading.
Edit or add the necessary commands to the script to unload the intended
resource on the server.
Specify the Load Wait Time and click Apply to save the script.

103-000154-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Set Start, Failover, and Failback Modes

You can configure the start, failover, and failback of cluster resources to
happen manually or automatically. With the resource Start Mode set to AUTO,
the resource automatically starts on a server when the cluster is first brought
up. If the resource Start Mode is set to MANUAL, you can manually start the
resource on a server when you want, instead of having it automatically start
when servers in the cluster are brought up.
With the resource Failover Mode set to AUTO, the resource automatically
starts on the next server in the Assigned Nodes list in the event of a hardware
or software failure. If the resource Failover Mode is set to MANUAL, you can
intervene after a failure occurs and before the resource is moved to another
node.
With the resource Failback Mode set to DISABLE, the resource does not fail
back to its most preferred node when the most preferred node rejoins the
cluster. If the resource Failback Mode is set to AUTO, the resource
automatically fails back to its most preferred node when the most preferred
node rejoins the cluster. Set the resource Failback Mode to MANUAL to
prevent the resource from moving back to its preferred node when that node
is brought back online, until you are ready to allow it to happen.
The preferred node is the first server in the list of the assigned nodes for the
resource.
Using ConsoleOne
1
2
In ConsoleOne, right click the resource object and select Properties, then
select the Policies tab on the property page.
(Conditional) Check the Ignore Quorum check box if you dont want the
cluster-wide timeout period and node number limit enforced.
The quorum default values were set when you installed Novell Cluster
Services. You can change the quorum default values by accessing the
properties page for the Cluster object.
Checking this box will ensure the resource is launched immediately on
any server in the Assigned Nodes list as soon as any server in the list is
brought online.
Choose the Start, Failover, and Failback modes for this resource.
The default for both Start and Failover modes is AUTO, and the default
for Failback mode is DISABLE.

103-000154-001
August 29, 2001
Novell Confidential
33
Manual
99a
38
July 17, 2001
Check the Master Only check box to ensure the resource runs only on the
master node in the cluster.
If the master node in the cluster fails, the resource will fail over to
whichever node becomes the master.
Click Apply to save changes.
1
2
3
4
On the Resource Information screen, click Policies.
Check or uncheck the Ignore Quorum check box as desired.
See the instructions above on setting resource Start, Failover, and
Failback modes using ConsoleOne for more details.
5
6
Select the Start, Failover, and Failback modes for this resource.
Check or uncheck the Master Only check box.
If the Master Only box is checked, the resource will run only on the server
designated as the Master node in the cluster.
Click Apply.
Assign Nodes to a Resource

When you create a resource on a cluster or cluster enable a volume or pool,
the nodes in the cluster are automatically assigned to the resource or the
volume or pool. The order of assignment is the order the nodes appear in the
resource list. You can assign or unassign nodes to the resource or the volume
or pool, or change the failover order.
Using ConsoleOne
1
2
Select the Nodes tab on the resource property page.

From the list of unassigned nodes, select the server you want the resource
assigned to and click the Right-arrow button to move the selected server
to the Assigned Nodes list.
Repeat this step for all servers you want assigned to the resource. You can
also use the Left-arrow button to unassign servers from the resource.
34

103-000154-001
August 29, 2001
Novell Confidential
Manual
3
4
99a
July 17, 2001
38
Click the Up- and Down-arrow buttons to change the failover order of the
servers assigned to the resource or volume.
Click Apply to save node assignment changes.
1
2
3
4
5
On the Resource Information screen, click Nodes.
Select or type in the nodes that you want assigned to this resource.
Click Apply to save node assignment changes.
Configuration Settings
Depending on your needs and cluster setup, some additional configuration
may be required for you to effectively use Novell Cluster Services. This
additional configuration might consist of changing the values on some of the
properties for the Cluster object and the Cluster Node objects.
Edit Quorum Membership and Timeout Properties

You can edit Quorum Membership and Timeout properties using either
ConsoleOne or NetWare Remote Manager.
Using ConsoleOne
1
2
3
Right-click the Cluster object.

Click Properties.
Select the Quorum tab on the Cluster Object Property page.
1
2
3
Select the Cluster object name.
Click Quorum.

103-000154-001
August 29, 2001
Novell Confidential
35
Manual
99a
38
July 17, 2001
Membership
The Quorum Membership is the number of nodes that must be running in the
cluster before resources will start to load. When you first bring up servers in
your cluster, Novell Cluster Services reads the number specified in the
Membership field and waits until that number of servers is up and running in
the cluster before it starts loading resources.
Set the Membership value to a number greater than 1 so that all resources
dont automatically load on the first server that is brought up in the cluster. For
example, if you set the Membership value to 4, there must be four servers up
in the cluster before any resource will load and start.
Timeout
Timeout specifies the amount of time to wait for the number of servers defined
in the Membership field to be up and running. If the timeout period elapses
before the quorum membership reaches its specified number, resources will
automatically start loading on the servers that are currently up and running in
the cluster. For example, if you specify a Membership value of 4 and a timeout
value equal to 30 seconds, and after 30 seconds only two servers are up and
running in the cluster, resources will begin to load on the two servers that are
up and running in the cluster.
Cluster Protocol Properties

You can use the Cluster Protocol property pages to view or edit the transmit
frequency and tolerance settings for all nodes in the cluster, including the
master node. The master node is generally the first node brought online in the
cluster, but if that node fails, any of the other nodes in the cluster can become
the master.
Using ConsoleOne
1
2
3
Right-click the Cluster object.

Click Properties.
On the Cluster Object property page, select the Protocol tab.
This tab has two pages: Settings and Internals. The Internals page lets you
view the script used to configure the cluster protocol settings, but not
change it. Use the Settings page to make changes to cluster protocol
properties.
36

103-000154-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
1
2
3
Click Protocol.
Heartbeat
Heartbeat specifies the amount of time between transmits for all nodes in the
cluster except the master. For example, if you set this value to 1, nonmaster
nodes in the cluster send a signal that they are alive to the master node every
second.
Tolerance
Tolerance specifies the amount of time the master node gives all other nodes
in the cluster to signal that they are alive. For example, setting this value to 4
means that if the master node does not receive an Im alive signal from a
node in the cluster within four seconds, that node is removed from the cluster.
Master Watchdog
Master Watchdog specifies the amount of time between transmits for the
master node in the cluster. For example, if you set this value to 1, the master
node in the cluster transmits an Im alive signal to all the other nodes in the
cluster every second.
Slave Watchdog
Slave Watchdog specifies the amount of time the master node has to signal that
it is alive. For example, setting this value to 5 means that if the nonmaster
nodes in the cluster do not receive an Im alive signal from the master within
five seconds, the master node is removed from the cluster and one of the other
nodes becomes the master node.
Max Retransmits
This option is not currently used with Novell Cluster Services but will be used
for future versions.

103-000154-001
August 29, 2001
Novell Confidential
37
Manual
99a
38
July 17, 2001
Cluster IP Address and Port Properties

The Cluster IP address is assigned when you install Novell Cluster Services.
The Cluster IP address normally does need to be changed, but can be if
needed.
The default cluster port number is 7023, and is automatically assigned when
the cluster is created. The cluster port number does not need to be changed
unless a conflict is created by another resource using the same port number. If
there is a port number conflict, change the Port number to any other value that
doesnt cause a conflict.
Using ConsoleOne
1
2
3
Right-click the cluster object.

Click Properties.
On the Cluster Object property page, select the Management tab.
1
2
3
Click IP Address.
Resource Priority
The Resource Priority allows you to control the order in which multiple
resources start on a given node when the cluster is brought up or during a
failover or failback. For example, if a node fails and two resources fail over to
another node, the resource priority determines which resource loads first.
This is useful for ensuring that the most critical resources load first and are
available to users before less critical resources.
Uusing ConsoleOne
1
2
3
38
Right-click the cluster object.

Click Properties.
On the Cluster Object property page, select the Resource Priority tab.

103-000154-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
To change the priority for a resource, select the resource in the list and
then click the Increase or Decrease button to move the resource up or
down in the list.
This lets you change the load order of the resource relative to other cluster
resources on the same node.
You can also select a resource and then click the Selected button to reset
the resource back to its default load order.
Click the Apply button to save changes made to resource priorities.
1
2
3
4
Click Resource Priorities.
To change the priority for a resource, assign it a number between 0 and
65535.
65535 is the maximum value and 0 is the minimum value. Setting a
resource priority to 65535 ensures the resource loads before other
resources with lower priority settings. Setting the resource priority to 0
ensures the resource loads last after all other resources have loaded. The
default resource priority setting is 0.
If you assign multiple resources the same priority, the start order of those
resources is random.
Click the Apply button to save changes made to resource priorities.
Cluster E-Mail Notification

Novell Cluster Services can automatically send out e-mail messages for
certain cluster events like cluster and resource state changes or nodes joining
or leaving the cluster.
You can enable or disable e-mail notification for the cluster and specify up to
eight administrator e-mail addresses for cluster notification.
Using ConsoleOne
1
2
Right-click the cluster object

Click Properties.

103-000154-001
August 29, 2001
Novell Confidential
39
Manual
3
4
5
99a
38
July 17, 2001
On the Cluster Object property page, select the Notification tab.

Check or uncheck the Enable Cluster Notification Events check box to
enable or disable e-mail notification.
If you enable e-mail notification, add the desired e-mail address in the
field provided and click the button next to the field to add the address to
the list. Repeat this process for each address you want on the notification
list.
If you enable e-mail notification, specify the type of cluster events you
want administrators to receive messages for.
To only receive notification of critical events like a node failure or a
resource going comatose, check the Receive Only Critical Events check
box .
To receive notification of all cluster state changes including critical
events, resource state changes, and nodes joining and leaving the cluster,
check the Verbose Messages check box.
To receive notification of all cluster state changes in XML format, check
the XML Messages option. XML format messages can be interpreted and
formated with a parser that lets you customize the message information
for your specific needs.
Click the Apply button to save changes made.
1
2
3
4
Select the Cluster object name and click Email Reporting.
Add the desired email addresses in the fields provided.
Specify the type of cluster events you want administrators to receive
messages for.
Specify a 1 or a 0 to disable email notification.
Specify a 2 (Critical) to only receive notification of critical events like a
node failure or a resource going comatose.
Specify a 4 (Verbose) to receive notification of all cluster state changes
including critical events, resource state changes, and nodes joining and
leaving the cluster.
Specify an 8 to receive notification of all cluster state changes in XML
format. XML format messages can be interpreted and formated with a
40

103-000154-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
parser that lets you customize the message information for your specific
needs.
Click the Apply button to save your changes.
Cluster Node Properties

You can view or edit the cluster node number or IP address of the selected
node or view the context for the NetWare Server object.
Using ConsoleOne
1
2
3
Select the Cluster object and right-click the desired cluster node on the
right side of the ConsoleOne display screen.
Click Properties.
On the Cluster Node property page, select the Node tab.
1
2
3
Select the Cluster node name.
Click IP Address or Node Number.
(Node) Number+IP Address
Number+IP Address specifies the cluster node number and IP address for the
selected node. If the cluster node number or IP address changes for the
selected node, the new information is not automatically updated in eDirectory.
Edit the information and click Apply to update the information in eDirectory.
NCP Server
The NCP Server field is used to view the context for the NetWare Server
object. This field cannot be edited.

103-000154-001
August 29, 2001
Novell Confidential
41
Manual
99a
38
July 17, 2001
Migrating Resources
You can migrate resources to different servers in your cluster without waiting
for a failure to occur. You might want to migrate resources to lessen the load
on a specific server, to free up a server so it can be brought down for scheduled
maintenance, or to increase the performance of the resource or application by
putting it on a faster machine.
Migrating resources allows you to balance the load and evenly distribute
applications among the servers in your cluster.
Using ConsoleOne
Browse and select the Cluster object that contains the resource you want
to migrate.
Resources must be in a running state to be migrated.
2
3
Ensure the right half of ConsoleOne displays the Cluster View State by
selecting View > Cluster State from the menu at the top of the screen.
In the Cluster Resource List, select the resource you want to migrate.
The Cluster Resource Manager screen appears, displaying the server the
selected resource is currently running on and a list of possible servers to
which you can migrate resources.
Select a server from the list and click Migrate to move the resource to the
selected server.
1
2
3
On the left column under the Clustering section, click Cluster

Management.
Select the cluster resource you want to migrate.
Select a server from the list and then click Migrate to move the resource
to the selected server.
If you select a resource and click Offline, the resource will be unloaded from
the server. It will not load on any other servers in the cluster and will remain
unloaded until you load it again. This option is useful for editing resources
because resources cant be edited while loaded or running on a server.
42

103-000154-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Identifying Cluster and Resource States

Both the Cluster State view in ConsoleOne and the Cluster Management link
in NetWare Remote Manager give you important information about the status
of servers and resources in your cluster.
Cluster servers and resources display in different colors, depending on their
operating state. When servers and resources are green, they are in a normal
operating condition. When a server that has been part of the cluster is red with
a break in the icon, it has failed. When a resource is red, it is waiting for
administrator intervention. When a server is gray with no break in the icon,
that server is not currently a member of the cluster, or its state is unknown.
When a resource is blank or has no colored icon, it is unassigned, offline,
changing state, or in the process of loading or unloading.
The yellow ball in the middle of the server icon designates the master server
in the cluster. The master server is initially the first server in the cluster, but
another server can become the master if the first server fails.
The Epoch number indicates the number of times the cluster state has
changed. The cluster state will change every time a server joins or leaves the
cluster.
Clicking on the Event Log tab in ConsoleOne gives you a detailed history of
your cluster. Every time the cluster state changes, a new event is added to the
Event Log. You can sort the events in the log by clicking on the column
headings of the table. You can reverse the sort order by pressing the Shift key
while clicking on a column heading. The Event Log is stored on the special
cluster partition that was created during the Novell Cluster Services
installation, which ensures it is always available. You can also save the Event
Log to a file.
Clicking on the HTML Report tab in ConsoleOne in the Cluster State view
screen launches a more detailed report of the state of your cluster. You can
view this report or save it to an HTML file for printing or viewing with a
browser.
The following table identifies the different resource states and gives
descriptions and possible actions for each state. The possible actions describe
steps for using ConsoleOne to complete each action. You can also use the
NetWare Remote Manager to perform the same actions. In NetWare Remote
Manager, in the left column under the Clustering section, click Cluster
Management and then select the desired resource.

103-000154-001
August 29, 2001
Novell Confidential
43
Manual
44
99a
38
July 17, 2001
Resource State
Description
Possible Actions
Alert
Either the Start, Failover,

or Failback mode for the
resource has been set to
Manual. The resource is
waiting to start, fail over,
or fail back on the
specified server.
Click the Alert status

indicator and depending
on the resource state,
you will be prompted to
Start, Failover, or
Failback the resource.
Comatose
The resource is not

running properly and
requires administrator
intervention.
Click the Comatose

status indicator and
offline the resource.
Once resource problems
have been resolved, the
resource can be put back
online (returned to the
running state).
Loading
The resource is in the

process of loading on a
server.
None.
NDS_Sync
The properties of the

resource have changed
and the changes are still
being synchronized in
eDirectory.
None.
Offline
Offline status indicates

the resource is shut
down or is in a dormant
or inactive state.
Click the Offline status

indicator and if desired,
click the online button to
load the resource on the
best node possible, given
the current state of the
cluster and the
resources preferred
nodes list.
Quorum Wait
The resource is waiting

for quorum to be
established so it can
begin loading.
None.

103-000154-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Resource State
Description
Possible Actions
Running
The resource is in a
normal running state.
Click the Running status

indicator and choose to
either migrate the
resource to a different
server in your cluster, or
unload (offline) the
resource.
Unassigned
There isnt an assigned

node up that the
resource can be loaded
on.
Click the Unassigned

status indicator and if
desired, Offline the
resource. Offlining the
resource will prevent it
from running on any of its
preferred nodes should
any of them join the
cluster.
Unloading
The resource is in the

process of unloading
from the server it was
running on.
None.
Additional Cluster Operating Instructions

The following instructions provide additional information for operating
Novell Cluster Services.
Installing NetWare on a Server That Will Be Added to an Existing

Cluster
1 Install fiber-channel hardware.
NetWare will automatically detect and load the proper drivers when it
installs.
2
3
4
5
Install NetWare, including the latest Service Pack, on the new server.
Reboot the server.
Install Novell Cluster Services on the new server.
(Conditional) If you have changed the failover order, add the new server
to the failover list.
By default, Novell Cluster Services will include all nodes on the failover
list, including newly added nodes.

103-000154-001
August 29, 2001
Novell Confidential
45
Manual
99a
38
July 17, 2001
Readding a Node to a Cluster That Was Prevously in the Cluster

1 If necessary, install NetWare, including the latest service pack on the
server using the same node name and IP address.
If the Cluster object for the server is still present, use ConsoleOne to
delete the object.
You can do this by going to the Cluster container, selecting the node in the
right frame, and pressing Delete.
Run the Novell Cluster Services installation.

The node will assume its former identity.
Cluster-enabled Volume Connection Required for Some Utilities

Because Novell Cluster Services uses NDS to find objects and resolve names,
you must first establish a client connection to a cluster-enabled volume for it
to be visible to certain utilities.
Do this by browsing to and selecting the eDirectory Volume object using
Windows Explorer.
Some Applications Do Not Fail Over

Although all NetWare 6 applications will run on a cluster node, not all
applications are capable of being configured as a cluster application and failed
over to a new node.
Novell Cluster Services Console Commands

Novell Cluster Services provides several server console commands to help
you perform certain cluster related tasks. The following table lists the clusterrelated server console commands and gives a brief description of each
command. To execute a cluster console command type CLUSTER followed by
the command. For example, if you want to display cluster statistics, type
CLUSTER STATS DISPLAY at the server console. You can also type HELP
CLUSTER at the console prompt to get information on the commands and
their functions.
46

103-000154-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Cluster Console Command
Description
ALERT {resource}{YES/NO}
The resource start, failover, or failback mode

is set to manual and the resource is waiting to
start on a node, or fail over or fail back to
another node. Specify the resource name in
the command and use the YES or NO switch
to specify whether or not you want the
resource to fail over, fail back, or start.
CVSBIND {ADD, DEL}{resource}{IP address} Enables applications that rely on the bindery
or bindery emulation to access a virtual server
on the cluster. Specify the resource name for
the cluster application and the IP address for
the virtual server. Use the ADD or DEL switch
to enable or disable bindery access to the
virutal server.
DHCP {context}
Specifies the eDirectory context where DHCP

configuration information is stored. This
command is useful if you have problems
getting DHCP to function properly on a
cluster.
DOWN
Removes all cluster nodes from the cluster.

Has the same effect as executing the
CLUSTER LEAVE command on every server
in the cluster.
JOIN
Adds the node where the command is

executed to the cluster and makes the node
visible to other servers in the cluster. Cluster
Services software must already be installed
on a node for it to join the cluster.
LEAVE
Removes the node where the command is

executed from the cluster. The node will not
be visible to other servers in the cluster.
MIGRATE {resource}{node name}
Migrates the specified resource from the node

where it is currently running to the node you
specify in the command. The node you
migrate the resource to must be running in the
cluster and also be in the resources assigned
nodes list.

103-000154-001
August 29, 2001
Novell Confidential
47
Manual
48
99a
38
July 17, 2001
Cluster Console Command
Description
OFFLINE {resource}
Unloads the specified resource from the node

where it is currently running.
ONLINE {resource}{node name}
Starts the specified resource on the most

preferred node that is currently active. You
can start the resource on a different node by
specifying that node in the command.
POOLS
Lists the NSS pools on the shared disk

system that are accessible by Novell Cluster
Services.
RESOURCES
Lists all resources that currently exist in the

cluster. The resources do not have to be
online or running.
RESTART {seconds}
Restarts Cluster Services software on all

servers in the cluster.
STATS {Display, Clear}
Reports the node number, node name, and

heartbeat information. You must switch to the
log console screen to see cluster statistics.
STATUS {resource}
Reports the status of the specified resource.

This includes the number of times the
resource has been migrated or failed over to
another server, the resource state, and the
node where the resource is currently running.
VIEW
Displays the node name, cluster epoch

number, master node name, and a list of
nodes that are currently members of the
cluster.

103-000154-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

103-000179-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

With NetWare, you can create up to four NetWare (or other) partitions on one
hard disk. The primary storage and file system for NetWare is Novell Storage
ServicesTM (NSS). For information about the NSS file system, see Introducing
Novell Storage Services in the Novell Storage Services Administration Guide.
After you create partitions on your storage devices, you can create volumes
where you place your data files. There are two types of volumes you can
create: traditional NetWare volumes and NSS logical volumes. For more
information about NSS logical volumes see Create Logical Volumes in the
Novell Storage Services Administration Guide.
To maintain and modify your storage and file system, you use your server
console, ConsoleOneTM, and MONITOR utilities. In ConsoleOne, you can
create, modify, and purge partitions and volumes. MONITOR provides
important disk use and file statistics. You can use MONITOR to review disk
usage and availability. You can also use it to review data block placement and
redirection. For instructions on using MONITOR, see MONITOR in Utilities
Reference.
To optimize your server's storage devices, follow the general
recommendations found in Optimizing the File System Performance on
page 21.

103-000179-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

103-000179-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Overview of Server Disks and Storage

Devices
Server hard disks and remote storage devices (such as tape drives and CDROM drives) are all managed by the NetWare operating system.
Hard disks are divided into partitions, including one DOS partition and at least
one NetWare partition per server. A hard disk can also contain other partitions,
such as a UNIX* partition. For general information about disk partitions, see
Partitioning Disks on page 10 and Logical Partitions on page 11.
All storage devices and individual disk partitions are identified by numbers
assigned by the NetWare operating system Media Manager. The same number
represents the same device in all NetWare utilities or console commands. For
an explanation of the device numbering system, see Device and Partition
Numbering on page 12.
All storage devices require drivers. The NetWare Peripheral ArchitectureTM
(NWPA) divides device drivers into two types: a custom device module
(CDM) that drives the device itself and a host adapter module (HAM) that
drives the adapter the device is attached to. For more information, see Drivers
for Host Adapters and Storage Devices on page 16.
To increase data fault tolerance, you can mirror partitions to partitions on other
disks. For information about mirroring, see Mirroring and Duplexing on
page 16. NetWare also includes a feature called Hot FixTM which redirects any
information stored on corrupted blocks to uncorrupted blocks. See
Redirecting Bad Blocks on page 18.
Overview of Server Disks and Storage Devices

103-000179-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Partitioning Disks
You can divide a NetWare server hard disk into units called disk partitions.
You can also leave free (unassigned) space on a disk.
NOTE: A NetWare disk partition is not related to an NDS partition.
One of the server's hard disks must contain a DOS partition. This is the
primary boot partition where server.exe is stored. You need only one boot
partition per server. You also need to keep a SYS: volume. The file system
creates this volume automatically when you install NetWare.
A hard disk can contain as many as four partitions, including a DOS partition,
multiple NetWare partitions, or non-NetWare partitions (such as Windows*
NT* or UNIX). The disk can also contain free space assigned to the Novell
Storage Services (NSS) file system.
A NetWare partition consists of a data area and can also contain a Hot FixTM
Redirection Area used for disk sector sparing (maintaining a spare sector per
track in case another sector becomes defective). The logical sector 0 of a
NetWare partition is the first sector of the data area available to applications,
such as the traditional NetWare file system. This data area is referred to as a
logical partition. See Logical Partitions on page 11.
The following figures illustrate some of the ways hard disks can be
partitioned.
Figure 1
NetWare and DOS Partitions on One Disk
SYS: Volume
(1 disk segment)
NetWare
Partition
Data1: Volume
(1 disk segment)
Data2: Volume
(1 disk segment)
Hot Fix
Redirection Area
10
NetWare
Partition
DOS
Partition

103-000179-001
August 30, 2001
Novell Confidential
Manual
Figure 2
99a
38
July 17, 2001
DOS Partition on First Disk, NetWare and Non-NetWare Partitions on Second Disk
Disk 1
Disk 2
SYS: Volume
(1 disk segment)
Data1: Volume
(1 disk segment)
DOS Partition
(Entire Disk)
NetWare
Partition
Data2: Volume
(1 disk segment)
Hot Fix
Redirection Area
UNIX
Figure 3
Non-NetWare
Partition
Disk with One NetWare Partition and Free Space Assigned to NSS
Disk
Free Space
NSS
File System
NetWare
Partition
DOS
Partition
Logical Partitions
Server hard disks can contain up to four partitions. Each partition contains a
data area, where the file system resides, and can contain another data area,
called the Hot Fix/mirror object, which is used to manage mirroring and Hot
Fix redirection.
The entire NetWare partition, including both the data area and the Hot Fix/
mirror object, is called the physical partition.
The data area of the partition is called the logical partition.

103-000179-001
August 30, 2001
Novell Confidential
11
Manual
99a
38
July 17, 2001
If you do not use Hot Fix and mirroring, the entire physical partition is the
logical partition.
Figure 4
Logical and Physical Partitions on a Server Disk
Disk
NetWare
Logical
Partition
Hot Fix
Redirection Area
NetWare
Physical
Partition
DOS
Partition
The logical partition contains four redundant copies of the volume definition
table (VDT). Each table contains a list of all volume segments in that partition.
A segment is the amount of space you obtain from a storage device. Four
copies are maintained for fault tolerance. If a disk error occurs and one table
is corrupted, the file system can detect and correct the error.
The rest of the logical partition can contain any number of volume segments.
Device and Partition Numbering

All storage devices, disk partitions, and logical partitions are identified by
object numbers assigned by the NetWare operating system Media Manager.
In addition, the Media Manager assigns device names to physical devices and
adapters called object numbers.
These object numbers and device names are consistent across all NetWare
utilities and console commands so that you can easily identify the objects and
devices.
12

103-000179-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Object Numbers
Object numbers are hexadecimal numbers assigned to devices, adapters,
media, partitions, and divisions of a partition (such as the Hot Fix redirection
area).
If you mirror partitions, each logical partition in the mirrored set has the same
object number as the other partitions in the set.
Object numbers are not sequential or persistent. New numbers can be assigned
when the server is restarted. But the same object number represents the same
entity in any NetWare utility. For example, if you type LIST DEVICES at the
server console prompt, you would see a list of storage devices, such as the
following (the first number in each line is the Hexidecimal object number):
0x0001: [V312-A0-d4:0] iomega jaz 1GB rev:H.72
0x0003: [V025-A1-D1:0] WDC AC22100H
0x0002: [V025-A2-D2:0] NEC CD-ROM DRIVE:282 rev:3.07
Likewise, in MONITOR, if you select Available Options > Storage Devices,

you would see a list of storage devices, partitions, and adapters similar to the
following:
0x0001: [V312-A0-d4:0] iomega jaz 1GB rev:H.72
0x0000: [V025-A1] Novell IDE Host Adapter Module
0x0003: [V025-A1-D1:0] WDC AC22100H
0x0002: [V025-A2-D2:0] NEC CD-ROM DRIVE:282 rev:3.07
0x0006: DOS Partitioned Media
0x0008: NetWare Partition
0x000A: Non-Mirrored Partition
In the MONITOR example, object number 0x0001 represents an Iomega Jaz

drive, just as it did in the LIST DEVICES display.
Note that a physical NetWare partition is identified as NetWare Partition and
a logical partition is identified either as Non-Mirrored Partition or Mirrored
Partition.
Mirroring messages use the logical partition object number to report that hard
disks are being remirrored or unmirrored.
For instructions on using MONITOR, see MONITOR in the Utilities
Reference.

103-000179-001
August 30, 2001
Novell Confidential
13
Manual
99a
38
July 17, 2001
Partition examples
The following are example partition entries with the device information:
Unpartitioned - D:0x1-1
Unpartitioned indicates that the device is unpartitioned.
D:0x is the device number.
-1 is the chunk number. (A unique number that this is the first
unpartitioned segment on device 1.)
NSS-P:0x15-1
NSS-P:0x15-1 indicates that this is an unassigned NSS partition.
P:0x15 is the partition ID.
-1 is the chunk number (this will always be 1 because it consumes the
entire partition).
Traditional P:0x15b-2
Traditional indicates that this is a traditional volume with unassigned
space.
-P:0x1b is the partition number of the traditional partition ID.
-2 is the chunk number indicating that this is the second piece of free
space in this unused partition.
If the object ID number contains a P, the partition does not have a mirror
object ID. The selected object has an unmirrored physical partition ID.If the
object ID number contains an M, the partition is mirrored. The ID number
following the M is the ID of the mirror group instead of an individual
partition.For example, M:0x14-1 indicates that the partition exists on the
group of partitions represented by the mirror ID 0x14. Traditional - M:0x1c-1
indicates that the traditional partition exists on the group of mirrored partitions
represented by mirror ID 0x14.
Device Names
Devices such as hard disks and adapters are identified not only by a
nonpersistent object number, see Object Numbers on page 13, but also by a
permanent device name. When a hard disk fails, the failure message includes
the device name so you can identify the disk or adapter.
14

103-000179-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
To see a list of storage devices and their names, execute the LIST STORAGE
ADAPTERS command at the server console prompt. The screen lists each
device adapter, followed by a list of devices driven by that adapter. In the
following example, the first line identifies an IDE disk adapter. The second
line identifies a hard disk operated by that adapter:
[V025-A0] NOVELL IDE HOST ADAPTER MODULE
[V025-A0-D1:0] QUANTUM FIREBALL_TM3840A
The bracketed letters and numbers at the beginning of each line are the device
name. The device name identifies the adapter or device, as follows:
[V025-A0-D1:0]
Vendor Number
Adapter Number
Device Number
Logical Unit Number
Vendor number. A unique number specific to the device vendor.

Adapter number. The instance of the adapter in the server. In the
example, A0 identifies the first instance of an adapter installed in the
server. Adapter numbers are unique. The second adapter installed in the
server will have adapter number A1, even if the adapter is of the same
type as adapter A0.
Device number. The number of the disk or other device. For a SCSI disk,
this is the target ID, usually set by a jumper on the hard disk. For an IDE
disk, this number represents the bus from the IDE controller. IDE
numbers range from D0 through D3, representing the primary, secondary,
tertiary, or quaternary bus.
Logical unit number (LUN). The LUN identifies individual devices
when more than one device is attached to one bus. For example, one IDE
bus might be attached to two disks, a master and a slave. LUN 0
represents the master and LUN 1 represents the slave. However, because
disk manufacturers rarely use the logical unit number to identify hard
disks, the LUN almost always appears as 0.
The Device name represents the device in all Novell utilities and console
commands, including MONITOR, LIST DEVICES, etc.
Fault tolerance systems such as Hot Fix use the Device name to report that
data blocks on disks have relocated.

103-000179-001
August 30, 2001
Novell Confidential
15
Manual
99a
38
July 17, 2001
Drivers for Host Adapters and Storage Devices

All storage devices require drivers. The NetWare Peripheral Architecture
(NWPA) divides device drivers into two kinds: a custom device module
(CDM) that drives the device itself and a host adapter module (HAM) that
drives the adapter has been attached to. The following are two types of drivers:
Custom Device Module (CDM)
CDMs drive storage devices, including autochangers, that are attached to
the host adapter bus.
CDMs are device-specific. For example, if there are three different types
of storage devices attached to the host adapter (such as a CD-ROM drive,
a SCSI hard drive, and an autochanger) then a specific CDM for each type
of device must be installed.
Host Adapter Module (HAM)
A HAM is the driver component associated with the host adapter
hardware. HAMs provide the functionality to route requests to the bus
where a specified device is attached.
HAMs are adapter-specific. For example, if a third-party adapter is
installed in the server, a HAM developed specifically for that adapter
must be installed.
Loading HAMs and CDMs is much like loading other device drivers, but
instead of loading one .dsk file for both the adapter and device, you load one
.ham file for the adapter and one .cdm file for each type of device attached to
that adapter.
When you want to connect a new hardware device to the host bus adapter, you
need to load only the appropriate CDM for that hardware device (in addition
to the HAMs and CDMs already loaded, and assuming a compatible adapter
is installed).
Mirroring and Duplexing

You can protect the data mirroring or duplexing disk partitions.
Mirroring stores the same data on separate disks on the same controller
channel; duplexing stores the same data on separate disks on separate
controller channels. Duplexing can also use two different drivers. Duplexing
is the recommended method because two channels rarely fail simultaneously.
16

103-000179-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
In the following illustration, several smaller disks are mirrored to partitions on

one larger disk.
Disk 4
Disk 3
Mirrored to
partition 3
Disk 2
Mirrored to
partition 2
NetWare
Partition 2
Disk 1
Mirrored to
partition 1
NetWare
Partition 1
Disk 0
Mirrored to
partition 0
NetWare
Partition 3
NetWare
Partition 0
To mirror partitions you must enable Hot Fix. For information about Hot Fix,
see Redirecting Bad Blocks on page 18.
With Hot Fix enabled, a section of the partition is set aside as the Hot Fix/
Mirror object, which holds data tables for both Hot Fix and mirroring. The
tables store information about which data blocks are bad, which blocks have
been redirected, which partitions are mirrored, and whether the partitions are
synchronized or not.
Setting up Hot Fix is much easier when you create the partition. To add Hot
Fix after you create a partition and add volumes, you must delete the volumes
from the partition, add Hot Fix, then restore the volumes from a backup. When
you restore volumes from a backup, make sure you have enough space on the
partition to accommodate the volumes after you add Hot Fix to the data area.
The following are important concepts for mirroring partitions:
Mirrored partitions must have the same partition type of mirror group as
the group you assign it to. This means that NSS partitions can be mirrored
only to other NSS partitions. The same criteria applies to traditional
partitions.
Mirrored partitions must be compatible in data area size. This means the
other partitions in the group. The physical size (combined data and Hot
Fix size) of the partition must be at least 100 KB, but no more than 120
MB larger than the data size of the existing partitions in the mirror
group.(Note: The file system adjusts the Hot Fix size within the legal

103-000179-001
August 30, 2001
Novell Confidential
17
Manual
99a
38
July 17, 2001
ranges in order to make the data area identical to the other partitions in the
group.)
Mirrored partitions must have the same sharable status.
Partitions you add to a mirror group cannot be part of any other mirror
group. They must be standalone Mirror objects.
The partitions you add must include the Mirror and Hot Fix options. You
select these options when you create the partition; you cannot add the
options later.
When you select Hot Fix, mirroring is automatically selected. You cannot
mirror partitions that do not have a Hot Fix Redirection Area.
Although you can mirror one partition to as many as eight other partitions,
mirroring two partitions is usually sufficient fault tolerance for most
systems.
If a mirrored disk fails and cannot be accessed by the server, you can
unmirror the hard disks and salvage the volume from the functional disk.
See Recovering Data from an Out of Sync Disk on page 37.
If you want to remove a hot-plug mirrored disk without bringing down the
server, you must unmirror the disk first. See Unmirroring Partitions on
page 37.
For information about how to set up mirroring and duplexing, see Mirroring
and Duplexing Partitions on page 37.
Redirecting Bad Blocks

Due to the constant reading and writing of data to disk, some disk storage
blocks lose their capacity to store data. NetWare uses Hot Fix to prevent data
being written to unreliable blocks.
The Hot Fix feature redirects the original block of data (still in memory) to the
Hot Fix Redirection Area of the NetWare partition. Once the operating system
records the address of the defective block in a section of the partition area, the
server will not attempt to store data in the defective block.
Hot Fix redirection can occur during a write request, a read request, or a readafter-write verification.
Write redirection occurs when the disk reports an error during a write
request. The system marks the block as bad and redirects the data to a
different block.
18

103-000179-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Read redirection occurs following a disk error during a read request.

If the disk is mirrored, the system retrieves the data from the mirrored
disk and redirects the data on the primary disk. If the disk isn't mirrored,
the data is lost, and the block is marked as bad.
Read-after-write-verify redirection occurs after data is written to disk.
The data on disk is then read and compared to that in memory. If the two
don't match, the system marks the block as bad and redirects the data to a
different block.
By default, 2% of a disk's space is set aside as the Hot Fix Redirection Area.
You can increase or decrease this amount when you create a partition.
If Hot Fix is enabled, it is always active unless the disk fails or the redirection
area is full. You can view Hot Fix activity in MONITOR by selecting Storage
Devices and then a Hot Fix partition.
Figure 5
Hot Fix
If verification fails,
then data is written
to the Hot Fix
Redirection Area.
Block 201
1
Data
Block 201
is bad.
Server RAM
Hot Fix
Redirection Area
Data
2
Location of the bad
block is recorded.
Disk
You can specify no Hot Fix Redirection Area when you create disk partitions.
Having no Hot Fix Redirection Area saves partition space. Eliminating the
Hot Fix Redirection Area might be recommended for large (Redundant Array
of Inexpensive Devices (RAID) systems that provide their own means of fault
tolerance.

103-000179-001
August 30, 2001
Novell Confidential
19
Manual
99a
38
July 17, 2001
However, if Hot Fix is not enabled, the partition will not have the fault
tolerance. Data on corrupted sectors of the disk will not be redirected to the
Hot Fix Redirection Area.
For instructions on how to specify no Hot Fix redirection area, see Creating a
20

103-000179-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Optimizing the File System

Performance
NetWare provides several methods for improving the performance of your
file system. For a list of general guidelines for conserving disk space and
improving disk performance, see Optimizing Storage Disk Capacity on
page 21.
To improve disk reads and writes, see Improving Disk Reads on page 24 and
Improving Disk Writes on page 26. You can also increase the speed of disk
reads and writes by striping volume segments across multiple disks. Disk
striping is called Redundant Array of Inexpensive Disks (RAID). For more
information about RAID, see Stripe Data Across Storage Devices (RAID) in
the Novell Storage Services Administration Guide.
The following is a list of suggestions for saving disk space:
Compressing files. See File Compression in the Traditional File Services
Permanently deleting files. See Salvaging and Purging Files in the
Traditional File Services Administration Guide.
Optimizing Storage Disk Capacity

There are several options for increasing the capacity of your storage disks. The
following is a list of options you can use to improve your file system storage
capacity:
Enable block suballocation if you are using the traditional NetWare file
system. This eliminates having unused data blocks on your volumes. This
feature works only on traditional partitions and volumes. Block
suballocation is enabled by default, but can be disabled when the volume
Optimizing the File System Performance

103-000179-001
August 30, 2001
Novell Confidential
21
Manual
99a
38
July 17, 2001
is created. If block suballocation has been disabled, enable it in

ConsoleOneTM when you create a partition. For information about
enabling block suballocation, see Creating a Partition in the Novell
Storage Services Administration Guide. Once block suballocation is
enabled, you cannot disable the feature without recreating the volume.
If you use block suballocation, set your file block size to 64 KB. The
larger block size causes the system to transfer more data at one time so it
improves performance.
Keep at least 1000 free blocks on each NetWare volume that has
suballocation enabled. Free blocks are disk blocks that have no files
stored in them. If the number of free blocks is low, the suballocation will
increase server utilization.
To find the number of free blocks, in MONITOR select Available Options
> Volumes. Select the name of the volume you want. Press Tab to expand
the information window and note the value of the Free Blocks statistic.
For instructions on using MONITOR, see MONITOR in Utilities
Reference.
You can save partition space and increase performance by eliminating the
Hot FixTM redirection area on a partition. However, once Hot Fix is
eliminated from a partition, you cannot add it again without first deleting
the volumes on the partition. Once Hot Fix is gone, the partition will no
longer be fault tolerant, unless the hard disk itself provides a means of
fault tolerance. Data on corrupted sectors of the disk won't be redirected
to the Hot Fix redirection area. In addition, you will not be able to mirror
the partition.
Turn off Read-After-Write-Verify in MONITOR. For instructions on
using MONITOR, see MONITOR in Utilities Reference.
Read-After-Write-Verify is almost always provided by the hard disk
itself. Use the Read-After-Write-Verify feature in MONITOR only if your
hardware does not provide this feature but does support softwarecontrolled Read-After-Write-Verify.
See Turning Off Read-After-Write Verification on page 28.
If you have a 16-bit disk adapter, make sure you increase the number of
reserved buffers below 16 MB. Use the SET command or MONITOR to
set the parameter Reserved Buffers Below 16 MB to its upper limit, 300.
The parameter is found in MONITOR > Available Options > Server
Parameters > Memory. Remember that too many reserved buffers can
22

103-000179-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
prevent large volumes from mounting. As soon as possible, upgrade the

system to a newer board that can access higher memory. For instructions
on using the SETcommand, see SET in Utilities Reference. For
instructions on using MONITOR, see MONITOR in Utilities Reference.
Use a driver that supports scatter gather functionality.
Provide at least one device large enough to hold a core dump of the
server's memory. A core dump cannot span devices.
If a volume is comprised of two or more segments, each segment should
be on a different disk. If the volume is made of more than one segment on
one disk, the volume spans between the two segments, slowing
performance.
If you use file compression, make sure you enable the option at a time
when there is little server activity.
For example, make sure that the Deleted Files Compression Option
parameter is not set to 2, which would cause compression whenever a file
is deleted but not purged. Make sure that users have not flagged their
directories IC, which enables immediate compression. Use the SET
command to make sure that compression is scheduled to start and stop at
the appropriate times.
You can enable fault tolerance protection by mirroring or duplexing the
SYS volume, because it contains the core NetWare files. See Mirroring
and Duplexing Partitions on page 37.
Keep 10% free space in any NetWare volume, except SYS where there
should be 20% free space.
WARNING: Do not fill up your SYS volume. This could damage your entire file
system. The Transaction Tracking System, which protects NDS, will shut down
compromising the NDS replicas on the server.
To keep enough free space on volumes, try the following suggestions:

Use MONITOR to check each volume's disk space regularly.
Use the Volume Low Warning Threshold parameter to specify when
you will be warned that a volume is running out of disk space. Set the
parameter in MONITOR. For instructions on using MONITOR, see
MONITOR in Utilities Reference.
Move any user files or print queues to another volume.
Don't store replicas on servers with low disk space.

103-000179-001
August 30, 2001
Novell Confidential
23
Manual
99a
38
July 17, 2001
CD-ROM drives can create large index files. Don't use or mount the
CD-ROM unless you have enough space.
Limit the size of auditing files. (Auditing works only on traditional
NetWare partitions.)
Improving Disk Reads

On a server that is read-intensive, the following procedures can improve the
speed of disk reads.
Changing Concurrent Disk and Directory Writes for Faster Reads on
page 24.
Changing the Turbo File Allocation Table (FAT) Wait Time for Faster
Reads on page 25.
For instructions on using MONITOR, see MONITOR in Utilities Reference..
Changing Concurrent Disk and Directory Writes for Faster Reads

Use this procedure if your server is slow to respond to read requests.
NOTE: This procedure requires that you decrease the values of the Maximum
Concurrent Disk Cache Writes parameter and the Maximum Concurrent Directory
Cache Writes parameter. Although decreasing these values increases the speed
of read requests, it might decrease the speed and efficiency of write requests.
1 From the MONITOR Available Options, select Server Parameters > File
Caching.
NOTE: You can also set file caching parameters with the SET command in
MONITOR.
2 Decrease the value of Maximum Concurrent Disk Cache Writes.
If the parameter is currently set to the default value of 50, try setting the
value to 10.
3 Press ESC to return to the list of categories and then select Directory
Caching.
A list of Directory Caching parameters appears in the upper window.
4 Decrease the value of Maximum Concurrent Directory Cache Writes.
If the parameter is currently set to the default value of 10, try setting the
value to 5.
24

103-000179-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
5 Increase the value of Directory Cache Buffer Non Referenced Delay.
This parameter specifies how long a directory entry must be cached

before it can be overwritten. Increasing this value causes the system to
allocate more directory cache buffers and thus speeds up directory access.
If the parameter is currently set to the default value of 5.5 seconds, try
setting the value to 60 seconds.
6 Press Esc until you return to Available Options.
Changing the Turbo File Allocation Table (FAT) Wait Time for Faster
Reads
When a program randomly accesses a file that contains more than 64 file
allocation table (FAT) entries, the file system builds a turbo FAT index for the
file so that the information in the file can be accessed quickly.
The Turbo FAT Re-Use Wait Time parameter specifies how long a turbo FAT
index remains in memory after the indexed file is closed. When the turbo FAT
index is in memory, files can be opened and information accessed faster.
If network users frequently access files larger than 64 blocks, use this
procedure to increase the time the index is kept in memory.
System. For instructions on using MONITOR, see MONITOR in Utilities

Reference..
A list of File System Parameters displays in the upper window.
NOTE: You can also set file system parameters with the SET command in
MONITOR.
2 Scroll down the File System Parameters list to Turbo FAT Re-Use Wait
Time.
The scroll thumb to the right indicates that you can use the arrow keys to
scroll the list.
3 Increase the value of FAT Re-Use Wait Time.
You must specify the value in seconds.

If the parameter is currently set to the default value of 329.5 seconds (5
minutes 29.6 seconds), try setting the value to 600 seconds (10 minutes).
The changed value is now persistent.

103-000179-001
August 30, 2001
Novell Confidential
25
Manual
99a
38
July 17, 2001
Improving Disk Writes

For a write-intensive server, the following procedures can improve the speed
of disk writes.
Increasing the Number of Concurrent Writes on page 26.
Changing Disk and Directory Caching for Faster Writes on page 27.
Turning Off Read-After-Write Verification on page 28.
Increasing the Number of Concurrent Writes

You can increase the speed and efficiency of disk cache writes by increasing
the number of write requests that can be executed at one time.
To determine whether you need to increase the number of concurrent writes,
first compare the number of dirty cache buffers to the total number of cache
buffers. These statistics are found on the General Information screen in
MONITOR. Dirty cache buffers contain data that has not yet been written to
disk.
The ratio of dirty cache buffers to total cache buffers is an indicator of the
efficiency of disk cache writes. If the number of dirty cache buffers is greater
than 70 % of total cache buffers, increase the number of concurrent write
requests.
For an explanation of file caching, see Setting the Cache Buffers in the Novell
NOTE: Increasing the number of concurrent disk cache writes slows disk cache
reads. You might want to balance the speed of disk writes and reads to meet the
needs of users. If your server's processing load is write-intensive, you can favor
disk writes. If it is read-intensive, favor disk reads.
Caching. For instructions on using MONITOR, see MONITOR in

MONITOR.
2 Increase the value of Maximum Concurrent Disk Cache Writes.
If the parameter is currently at the default value of 50, try increasing it to

100. The changed value is now persistent.
26

103-000179-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Changing Disk and Directory Caching for Faster Writes

Use this procedure if network users frequently make many small write
requests and the server is slow to respond to the requests.
Caching. For instructions on using MONITOR, see MONITOR in

MONITOR.
2 Increase the value of Dirty Disk Cache Delay Time.
This parameter specifies how long the system waits before writing a notcompletely-dirty cache buffer to disk.
If the value is low, the system writes to disk more frequently, but writes
fewer requests each time. If the value is high, the system waits longer
before writing to disk, but executes more write requests with each
operation. A higher value provides greater efficiency in writing to disk.
If the parameter is currently at the default value of 3.3 seconds, try
increasing the value to 7 seconds.
3 Press Esc to return to the list of parameter categories and then select
Directory Caching.
A list of Directory Caching Parameters appears in the upper window.
The scroll thumb to the right indicates that you can use the arrow keys to
scroll the list.
4 Increase the value of Dirty Directory Cache Delay Time.
This parameter specifies how long the system keeps a directory table
write request in memory before writing it to disk.
IMPORTANT: Increasing the parameter provides slightly faster performance, but
can increase the chance of directory tables becoming corrupted.
If the parameter is currently at the default value of 0.5 second, try

increasing the value to 2 seconds.
5 Increase the value of Maximum Concurrent Directory Cache Writes.
This parameter determines how many write requests from directory cache
buffers are executed at one time. Increasing this value increases the
efficiency of directory cache write requests.

103-000179-001
August 30, 2001
Novell Confidential
27
Manual
99a
38
July 17, 2001
NOTE: Increasing the number of concurrent directory cache writes decreases the
speed of directory cache reads. Balance the speed of writes and reads to meet the
needs or your users.
If the parameter is currently at the default value of 10, try increasing the
value to 25. The changed value is now persistent.
Turning Off Read-After-Write Verification

Read-After-Write Verify is almost always provided by the hard disk. If your
hard disk provides read-after-write verification, you might want to disable the
software version of read-after-write verification in order to nearly double the
speed of disk writes.
WARNING: Turning off read-after-write verification can increase the risk of data
corruption on the server's hard disk. You should use the following procedure only
if your disks provide read-after-write verification and are reliable or if your disk
subsystem provides data fault tolerance through mirroring or appropriate RAID
level.
Prerequisites
Hard disks that provide their own means of read-after-write verification.

Procedure
1 From the MONITOR Available Options, select Storage Devices.
A list of Registered Storage Objects appears. The device information

associated with a highlighted storage device appears in the upper window.
You can verify the type of storage device in the Device Type field.
2 Select the desired hard disk from the list.
The Drive Status window appears. The Read After Write Verification
field indicates whether the feature is turned On or Off.
3 Press Enter to access the Read After Write Verification options.
4 To change Read After Write Status, select Disable Verify.
5 Press Esc to return to Available Options.
NOTE: You can also disable read-after-write verification by setting the Enable Disk
Read After Write Verify SET parameter to OFF. However, this setting affects only
those disks loaded after the parameter value is changed. It does not change the
setting for currently loaded disks.
28

103-000179-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
File System Management

It is important to monitor disk space regularly and keep a log to track disk
usage over time. For instructions on checking disk space, see Viewing Storage
Objects in the Novell Storage Services Administration Guide.
Adding a hard disk to the server requires both installing and partitioning the
disk, as well as loading disk drivers.
For information about adding conventional hard disks and loading disk
drivers, see Adding a Hard Disk to the NetWare Server on page 32.
NetWare partitions can be created on any hard drive and can coexist
with other partitions such as DOS or UNIX. For information about
creating and deleting traditional NetWare partitions, see Creating a
Disk space not assigned to NetWare partitions can be used for the Novell
Storage ServicesTM (NSS) file system. For information about creating
NSS partitions, storage groups, and volumes, see Setting Up and
Configuring Novell Storage Services in the Novell Storage Services
To determine the operating status of your disk subsystem and to activate or
deactivate a storage device, see Activating and Deactivating a Hard Disk on
page 36.
To increase the fault tolerance of your server, you can mirror the data from a
NetWare partition on one disk to NetWare partitions on other disks. When you
mirror partitions over different disk channels or host bus adapters, this is
called duplexing. The process for mirroring and duplexing is the same. To
mirror and unmirror partitions or to recover data from mirrored partitions, see
Mirroring and Duplexing Partitions on page 37.
Removable media devices can be mounted and locked or unlocked using
MONITOR, See Managing Removable Media Devices on page 38.

103-000179-001
August 30, 2001
Novell Confidential
29
Manual
99a
38
July 17, 2001
View a List of Adapters and Devices

To see a list of server hardware devices, type the following at the server
console prompt:
LIST DEVICES
To see a list of storage adapters and the devices they drive, at the server
console prompt enter:
LIST STORAGE ADAPTERS
The screen lists each adapter, followed by a list of devices driven by that
adapter.
To see a list of CDMs bound to a particular device, at the server console
prompt enter:
LIST STORAGE DEVICE BINDINGS object_number
Find the object number by executing the LIST DEVICES command; the
object number is the first number on each line in the list. Do not enter the
0x000prefix.
For example, this command lists CDMs for device 0x0001:
LIST STORAGE DEVICE BINDINGS 1
Checking Available Disk Space

You should monitor available disk space regularly and keep a log so you can
track disk usage over time. This information helps you make the best use of
your disk space management options, such as adding a new hard disk,
compressing files, and migrating data to an offline system such as an optical
disc library.
HINT: You might want to enter the disk space information on a spreadsheet to
create a graph of disk usage over time.
1 From the MONITOR Available Options, select Volumes.
A list of mounted volumes appears. Volume information is displayed for

the highlighted volume in the upper screen.
2 Press Tab to expand and activate the Volume Information window.
The scroll thumb at the right of the window indicates that the list of
Volume parameters is scrollable.
30

103-000179-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
3 Scroll to Disk Space and note the available disk space for the volume and
record it in a log.
4 Press Tab to return to the list of Mounted Volumes. Check additional
volumes as necessary.
6 Repeat this procedure weekly for each volume.
Checking for Disk Errors

MONITOR indicates how many data blocks have been redirected by Hot
FixTM because of bad sectors on the disk. Review Hot Fix statistics regularly
to detect disk problems before they cause loss of data.
IMPORTANT: When the number of available Hot Fix redirection blocks is 10 or
fewer, NetWare broadcasts warning messages. If you receive these messages, the
Hot Fix redirection area is nearly full and the disk is in danger of failing. Take
immediate corrective action.
Follow this procedure to review the Hot Fix statistics in MONITOR.

NOTE: Some hard disks perform their own redirection automatically, independent
of the NetWare Hot Fix mechanism. The MONITOR statistics reflect only Hot Fix
redirection.
1 Load MONITOR at the server console prompt.
For instructions on using MONITOR, see MONITOR in the Utilities

Reference.
2 Select Storage Devices, then select a Hot Fix partition.
3 Press Tab to expand the information window.
The window displays several Hot Fix statistics.

The following statistics indicate how much data redirection is taking
place:
Total Hot Fix Blocks Available: The total number of blocks within the
Hot Fix redirection area, whether used or not.
Used Hot Fix Blocks: The number of blocks holding redirected data.
Number of Available Hot Fix Blocks: Remaining unused blocks in the
Hot Fix redirection Area.

103-000179-001
August 30, 2001
Novell Confidential
31
Manual
99a
38
July 17, 2001
System Hot Fix Blocks: The number of blocks in the Hot Fix redirection
area set aside for Hot Fix and Mirroring tables. These blocks are used to
manage both Hot Fix and mirroring.
The number of available Hot Fix blocks equals the total number of Hot
Fix blocks, minus the used and system Hot Fix blocks.
4 Note the number of used Hot Fix blocks and compare it to the total
number of blocks and the number of available blocks.

If the number of redirected blocks is zero or very low, and if it has not
changed since you last reviewed the statistics, you do not need to take
corrective action.
If the number of redirected blocks has increased substantially since you
last reviewed the statistics, or if the number is over half the total number
of redirection area blocks, back up the data on the hard disk and
troubleshoot the disk, controller, and host bus adapter.
If the number of redirected blocks has increased slightly since you last
reviewed the statistics, monitor the server closely and be prepared to
troubleshoot the hardware if necessary.
Adding and Replacing Hard Disks

The following procedures explain how to add or replace conventional hard
disks in the NetWare server and how to load or replace disk drivers.
Adding a Hard Disk to the NetWare Server on page 32
Replacing a Hard Disk on page 33
Loading Disk Drivers on page 34
Replacing Disk Drivers on page 35
Adding a Hard Disk to the NetWare Server

Prerequisites
All users logged out of the server

Access to the documentation that came with the hard disk
Access to the documentation that came with the computer
32

103-000179-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Procedure
Use the following procedure to install an additional hard disk in a functioning

NetWare server.
1 Follow the instructions that came with your hard disk to install the disk
and associated hardware, such as a disk adapter and cable. If necessary,

configure the computer to recognize the new disk
Refer to the documentation that came with the computer for more
information about configuration methods and requirements.
2 Start the server.
3 From ConsoleOneTM, click Media > Devices > Scan for Devices.
You must load a driver if you have installed a new disk adapter along with
the hard disk. For instructions on loading drivers, see Loading Disk
Drivers on page 34.
After you install the new hard disk you can use ConsoleOne to configure
the disk. For more information about configuring the disk, see Setting Up
and Configuring Novell Storage Services in the Novell Storage Services
Replacing a Hard Disk

If a hard disk becomes unreliable or unusable, follow this procedure to remove
the disk from the network.
If you have been backing up your data consistently and verifying its integrity,
you will be able to reload data for the volumes affected by the disk failure.
1 If the bad disk was mirrored, check the sys$log.err file to see which disk
in the mirrored set failed.

The error log contains a message stating that a device has been
deactivated due to a device error. It includes the device name, which is a
series of letters and numbers within brackets. See Device Names on
page 14.
2 If possible, make a backup copy of the data on the hard disk.
Make sure the backup copy contains uncorrupted versions of all files and
directories on the hard disk.
3 From ConsoleOne, click Media Traditional Volumes or Logical Volumes
depending on which volumes you have on the disk.

103-000179-001
August 30, 2001
Novell Confidential
33
Manual
99a
38
July 17, 2001
4 Select a volume that is on the disk you are replacing, click Dismount.
Repeat this step for all volumes on the disk.

6 Select a partition that is on the disk you are replacing, click Mirror.
7 Select a partition, click Remove.
This removes the partition from the mirror group. Repeat steps 6 and 7 for
each partition that is on the disk you are replacing.
8 Remove the hard disk and install the replacement.
Use the instructions that came with the hard disk.

9 Turn on power and restart the server.
If the failed disk contained the only copy of the server operating system,
refer to your backup software to determine whether you can restore
NetWare and the file system from a backup or whether you must reinstall
NetWare.
If you use Storage Management Services (SMS) as your backup
application, you must reinstall NetWare, then restore files from a backup.
See Restoring Data from a Server in the Storage Management Services
After you install the new hard disk you can use ConsoleOne to configure
the disk. For more information about configuring the disk, see Setting Up
and Configuring Novell Storage Services in the Novell Storage Services
Loading Disk Drivers

If you add or replace a hard disk adapter on your NetWare server, you must
load the corresponding disk driver.
Loading a disk driver enables communication between the disk controller and
the server's CPU.
Load the disk driver once for each disk adapter you want to support.
Follow the instructions that accompany the driver. Most NetWare disk drivers
have a help file that appears on the screen as you highlight the driver. Refer to
these descriptions to determine which driver to load.
34

103-000179-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
IMPORTANT: Some drivers do not have a description file (a configuration file
that's appended to the driver). These drivers have to be loaded manually at the
system console. To load these drivers, follow the screen prompts or press F1 for
help.
For general information about .cdm and .ham modules, see Drivers for Host
Adapters and Storage Devices on page 16.
Replacing Disk Drivers

The conventional way to replace a disk driver is to unload the driver, thus
dismounting all the volumes, then load the new driver and remount the
volumes. If you are following this process, be sure you replace a driver only
when users won't need to access the volumes.
You can replace one instance of a driver that has been loaded multiple times
by using the REMOVE STORAGE ADAPTER command at the server
console.
NetWare also supports hot replace disk drivers that can be replaced without
dismounting volumes or otherwise interrupting the server's operation. If you
are replacing such a driver, simply load the new driver at the server console
prompt. The server loads the new driver immediately and unloads the old
driver without dismounting volumes or otherwise interrupting service.
If you aren't sure whether your disk driver is a hot replace driver, try loading
the new driver without unloading the existing driver. You will receive an error
message if the driver can't be replaced without first unloading the old driver
and dismounting volumes.
Creating NetWare Partitions

NetWare partitions can be created on any hard drive and can coexist with other
partitions such as DOS, Windows* NT* UNIX*. Disk space not assigned to
NetWare partitions can be used for the Novell Storage Services file system.
When there is a DOS partition on the drive, it should always be the first
partition. The NetWare partition should always be the last partition on the
drive.
You can have as many as four partitions on the same drive, including multiple
NetWare partitions.

103-000179-001
August 30, 2001
Novell Confidential
35
Manual
99a
38
July 17, 2001
If you have partitions from previous versions of NetWare that you are no
longer using, you can delete them and create a new NetWare partition. (See
Deleting NetWare Partitions on page 36 for more information.)
WARNING: When creating a disk partition, never specify a partition size larger
than the actual size of the disk. If you specify a larger size, NetWare will eventually
try to use the excess disk space. When it determines there is no corresponding disk
location, it deactivates the volume stored on the disk.
For instructions on creating partitions, see Creating a Partition in the Novell

Deleting NetWare Partitions

This section explains how to delete traditional NetWare partitions. For
information about deleting NSS partitions, storage groups, and volumes, see
Setting Up and Configuring Novell Storage Services in the Novell Storage
Services Administration Guide.
NOTE: The partition table displays partitions such as OS/2*, UNIX, and XENIX* as
Unknown Partition Type #. Don't delete these unknown partition types unless you
know what is on them.
Some machine vendors such as COMPAQ* create a small partition that setup and
configuration utilities can be run from. Don't delete this partition.
For instructions on deleting partitions, see Deleting a Partition in the Novell

Activating and Deactivating a Hard Disk

Use this procedure to determine the operating status of your disk subsystem
components and to activate or deactivate a storage device. (When you
deactivate a disk, its volumes are dismounted.)

Reference.
You can verify the type of storage device in the Device Type field.
NOTE: Storage devices are listed in hierarchical order to reflect each object's
dependencies. In descending order, each object is indented to indicate that it is a
36

103-000179-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
child to the object above it. In ascending order, parent objects appear immediately
above the highlighted object.
2 Select the appropriate hard disk from the list.
The Drive Status window appears. The Operating Status field indicates
whether the device is activated or deactivated.
3 Press Enter to access the Operating Status options.
4 To change the operating status of the disk, highlight either Activate or
Deactivate and press Enter.

If you attempt to deactivate a disk that has mounted volumes, you receive
a confirmation prompt. If you confirm that you want to deactivate the
disk, the volumes are dismounted.
Mirroring and Duplexing Partitions

The process for mirroring and duplexing is the same. The term mirroring is
used in all menus to refer to both mirroring and duplexing.
Mirroring Partitions
For instructions on mirroring partitions, see Creating a Partition in the Novell
Unmirroring Partitions
You must unmirror mirrored partitions before you can delete a partition or
conduct surface tests on a disk.
For instructions on unmirroring partitions, see Deleting a Partition in the
Novell Storage Services Administration Guide.
Recovering Data from an Out of Sync Disk

Once a hard disk is unmirrored, its status is listed as either Not Mirrored or
Out of Sync on the Disk Partition Mirroring Status list.
When a hard disk is listed as Out of Sync, the operating system does not
recognize any volume information on it. Use this procedure to recover data
from an Out of Sync partition.

103-000179-001
August 30, 2001
Novell Confidential
37
Manual
99a
38
July 17, 2001

4 Select a Partition that contains the data you want to recover, click Mirror
> Resync.
This initiates the resynchronization process for the mirror group that
contains the partition you selected.
Managing Removable Media Devices

Mounting a Removable Media Device
Use this procedure to mount a removable media device, such as a CD-ROM
drive.
Before you mount a CD-ROM volume, make sure you have enough space or
else consider making it read-only. The associated indexing files create
substantial overhead.

Reference.
Use the Device Type field to verify the type of storage device.

2 Select the appropriate CD-ROM or other removable media device from
the list.
The Drive Status window appears. The Removable Drive Mount Status
field indicates whether the device is mounted or dismounted.
3 To change the mount status of the device, select the Removable Drive
Mount Status field.

The Change Mount Status window appears.
38

103-000179-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
4 Select Mount Drive.

Dismounting a Removable Media Device

Use this procedure to dismount a removable media device, such as a CD-ROM
device.

Reference.
Check the Device Type field to verify the type of storage device.

the list.
The Drive Status window appears. The Removable Drive Mount Status
field indicates whether the device is mounted or dismounted.
3 To change the mount status of the device, select Removable Drive Mount
Status field.
The Change Mount Status window appears.
4 Select Dismount Drive.
Locking and Unlocking a Removable Media Device

Use this procedure to lock or unlock a removable media device, such as a CDROM device. (When a removable media device is locked, the media can be
ejected only by using a software switch.)
1 From the MONITOR. Available Options, select Storage Devices.

Reference.

103-000179-001
August 30, 2001
Novell Confidential
39
Manual
99a
38
July 17, 2001

Check the Device Type field to verify the type of storage device.

the list.
The Drive Status window appears. The Change Lock Status field
indicates whether the device is locked or not locked.
3 To change the lock status of the device, select the Removable Drive Lock
Status field.
The Change Lock Status window appears.
4 Select either Lock Drive or Unlock Drive.
40

103-000179-001
August 30, 2001
Novell Confidential
Storage Management Services Administration Guide
Novell
NetWare 6
www.novell.com
S TO R A G E M A N A G E M E N T S E RV I C E S
August 29, 2001

Novell Confidential
Manual
99a
July 17, 2001
38
Contents
Preface
Overview
Backup Services . . . . . . . . . . . . . . .
SMS Components . . . . . . . . . . . .
Supported Storage Devices and Drivers .
Storage Management Engine (SME) . . .
Storage Management Data Requester . .
Memory Requirements . . . . . . . . . .
Backup Files . . . . . . . . . . . . . . .
Backup Types . . . . . . . . . . . . . .
Customizing Your Backup . . . . . . . .
Scan Data Sets . . . . . . . . . . . . . .
Keeping a Backup Logbook . . . . . . .
Planning a Backup Schedule . . . . . . .
Preparing to Back Up . . . . . . . . . . .
Determining an Appropriate Backup Type
Backups and eDirectory . . . . . . . . .
Backups and the File System. . . . . . .
Backups and Clusters . . . . . . . . . .
Target Service Agents (TSAs) . . . . . .
Restore Services . . . . . . . . . . . . . . .
How SMS Restores Data . . . . . . . . .
Restore Options . . . . . . . . . . . . .
Restoring eDirectory and the File System
Restoring Cluster-enabled Pools . . . . .
Session Files . . . . . . . . . . . . . . . . .
Log and Error Files . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
SBCON Guidelines. . . . . . . . . . . . . . . . . . . . . . . . .
Before Loading the Backup Software . . . . . . . . . . . . . . .
Before Running the Backup Software . . . . . . . . . . . . . . .
Customizing the NetWare Server as the Backup Server . . . .
Loading Controller and Storage Device Drivers on the Server .
Loading the Target Service Agents. . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Setting Up
. 9
10
12
12
13
15
15
16
16
19
21
21
22
23
23
27
29
30
31
32
34
35
37
37
38
41
Contents

103-000134-001
August 29, 2001
Novell Confidential
42
43
43
43
44
45
Manual
99a
Loading SBCON . . . . . . . . . . . . . . . . . . . . .
Prerequisites . . . . . . . . . . . . . . . . . . . . .
Unloading SBCON . . . . . . . . . . . . . . . . . . .
Loading NWBACK32 . . . . . . . . . . . . . . . . . .
Exiting NWBACK32 . . . . . . . . . . . . . . . . . . .
Backing Up Data . . . . . . . . . . . . . . . . . . . .
Prerequisites . . . . . . . . . . . . . . . . . . . . .
Backing Up from the Server . . . . . . . . . . . . .
Backing Up from a Workstation . . . . . . . . . . .
Backing Up Cluster-enabled Pools from the Server .
Backing Up a Workstation . . . . . . . . . . . . . .
Changing Your Target . . . . . . . . . . . . . . . . . .
Changing a Target at a Server. . . . . . . . . . . .
Changing a Target at a Workstation . . . . . . . . .
Restoring Data . . . . . . . . . . . . . . . . . . . . .
Restoring Data from a Server . . . . . . . . . . . .
Restoring Data from a Workstation . . . . . . . . .
Restoring eDirectory . . . . . . . . . . . . . . . . .
eDirectory Restore Session Types . . . . . . . . .
Completing the eDirectory Restore . . . . . . . . .
Restoring Cluster-enabled Pools . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Managing
46
46
47
47
48
49
49
50
55
56
59
61
61
61
62
62
68
69
73
78
80
81
Prerequisites for SBCON Tasks .

Jobs . . . . . . . . . . . . .
Storage Devices . . . . . . .
Spanning Storage Media . .
Log and Error Files . . . . .
July 17, 2001
38
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Optimizing
81
82
86
92
93
101
Compressed Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101

Host Server Performance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102
Troubleshooting
105
Common Backup Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Preface
Novell Storage Management ServicesTM (SMSTM) is a collection of software
programs that provides backup and restore services. These services are
performed by a collection of components that are independent of operating
systems and hardware.
You can backup SMS Targets such as Novell eDirectoryTM, binderies, the file
system, cluster-enabled pools or an individual workstation's hard disk onto a
media that can be stored off-site. If you have a hardware failure, natural
catastrophe, corrupted data, or incorrectly deleted or changed data, you can
recover a previous version of the data.
Preface

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38

103-000134-001
August 29, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
Overview
Backup services is an essential piece of the Novell Storage Management
ServicesTM (SMSTM) software, a collection of services that provides backup,
restore, and data migration. These services are performed by various
components and are independent of operating systems and hardware.
This chapter discusses the following:
Backup Services on page 9
SMS Components on page 10
Restore Services on page 31
Session Files on page 37
Backup Services
Storage Management Services (SMS) allows you to back up SMS targets such
as eDirectoryTM, the file system, cluster-enabled pools, or hard disks on
individual workstations to media such as a tape drive for off-site storage, and
gives you a periodic view (daily, weekly, monthly) of your data. Then in case
of hardware failure, natural catastrophe, corrupted data, or incorrectly deleted
or changed data, you can retrieve a previous version of the data.
Backup services provides information on supported devices, the SMS
architecture, memory requirements, types of backup offered, customizable
options, schedules, how to back up eDirectory, how to back up the file system
(both traditional NetWare file system and Novell Storage ServicesTM), how
to back up cluster-enabled pools, and how to use Target Service Agents (TSA).
Overview

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The following topics are discussed in this section:

Backup Types on page 16
Customizing Your Backup on page 16
Keeping a Backup Logbook on page 21
Preparing to Back Up on page 22
Backups and eDirectory on page 23
Backups and the File System on page 27
Backups and Clusters on page 29
SMS Components
Storage Management Engine (SME) for backup and restore operations.
Novell provides the SBCON utility as a basic SME for NetWare.
See Storage Management Engine (SME) on page 12 for more
information.
Storage Management Data Requester (SMDR) for passing
communication between the backup program (see Storage Management
Data Requester on page 13) and the TSA software (see Target Service
Agents (TSAs) on page 30.)
Storage device interface is used to pass information between the SME
and the storage device.
Device drivers are used to control the behavior of the storage devices.
Target Service Agents (TSAs) pass requests and commands between the
SME and server or eDirectory database, and prepare the data for the SME.
TSA600.NLM must be loaded on the server where the data is to be
backed up.
See Target Service Agents (TSAs) on page 30 for more information.
TSAProxy (TSADOS for DOS workstation) is used to register the
workstation with the host server. TSAProxy also identifies and keeps
track of the stations waiting to be backed up. It receives "I am here"
messages from workstations available to be backed up. The TSAProxy
10

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
keeps the names of these workstations in an internal list and displays the
list, allowing you to select a target for a backup or restore procedure.
The SBCON process involves two machines:
The host server is typically the NetWare server running the backup
program. The SMS components will include the backup engine, the
SMDR, the Storage Device Driver, the tape device, and the required
Target Service Agents.
A target server is the NetWare server that contains the data to be backed
up or restored. Depending on the data to be backed up, the appropriate
Target Service Agent must be loaded.
Target Software
Host Software
Server
NetWare 6
T
S TSA600
A
Server
NetWare 6
Storage Management Engine (SME)
Storage Management Data Requester (SMDR)
NDS
T
S TSANDS
A
Storage Device Driver
NetWare 6
T
S TSA600
A
DOS
T Partition
S
A TSADOSP
Server
Storage Device
SBCON can also be loaded and used on one machine.

SBCON uses an application on the host server to communicate with modules
on target devices. The application reads the information from the target device
and sends it to a storage medium, such as a tape drive.
Overview

103-000134-001
August 29, 2001
Novell Confidential
11
Manual
99a
38
July 17, 2001
Supported Storage Devices and Drivers

SBCON supports 0.25-inch, 4mm, and 8mm storage devices. If you are using
4mm tape, use only DDS (Digital Data Storage)-certified, computer-grade
tapes.
IMPORTANT: To ensure reliable operations, pretest all media storage devices
that are not Novell certified with the appropriate NetWare device driver and SBCON
backup and restore utility.
Use the driver files recommended by your hardware manufacturer.

The Storage Management Engine (SME) is central to the SMS architecture.
The SME communicates with the network clients to back up and restore
information.
SBCON has three modules:
User interface - Creates a job and submits to the NDS Queue.
Q Manager (QMAN) - Takes the job from the NDS Queue which is ready
for execution.
Engine - Completes the job.
Q Manager facilitates multiple job scheduling plus other features. Loading Q
Manager automatically loads the backup engine. The user interface can be
loaded after you load the Q Manager. See Setting Up on page 41 for
information on Q Manager.
SME
User Interface
NDS Queue
1
Q Manager
2
1 User Interface creates a job and submits to the NDS queue

2 Q Manager takes the job from the NDS Queue which is ready for execution
3 The engine
12

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Storage Management Data Requester

The Storage Management Data Requester (SMDR) is the communication
module in the SMS architecture. It provides transparent access to SMS
services in an intranet as it allows access to local or remote SMS services. The
SMDR APIs are used by SBCON and other third-party applications as well.
SMDR uses TCP Port Number 413.
Features of SMDR
The features of the SMDR 6.00 include the following:

Protocol Independence: SMDR 6.00 is protocol independent and does not
depend on Sequenced Packet ExchangeTM (SPXTM) or Internetwork Packet
ExchangeTM (IPXTM) protocols. From NetWare 5.1 onwards, the requester also
uses TCP/IP for communicating with other SMDRs. Although SMDR 6.00
can be configured to support TCP/IP, SPX/IPXTM, or TCP/IP and SPX/IPX,
both protocols are supported by default. SMDR versions prior to 5.00 use the
SPX protocol.
If cluster-enabled pools are to be backed up or restored, use SLP as the
discovery mechanism.
The protocols can be specified in the configuration file, SMDR.CFG (see
Using the SMDR Configuration File on page 14 for more information).
NDS Registration and Name Resolution: SMDR creates an SMS Remote
Procedure Call (RPC) object in eDirectory. The default tree of the server (the
tree in which the server is present) is used for eDirectory registration.
The SMS RPC object is defined with the following attributes:
Common Name - Name of the server on which the SMDR is located
Status - Indicates whether the SMDR is active or inactive
Protocol - List of protocols for which the SMDR has listeners
Version - Version number of the SMDR
Services - List of services registered with the SMDR
The SMDR creates an instance of this RPC class at the SMDR Context
location in the server's default tree. The SMDR Context is specified in the
SMDR.CFG file, which can be edited at any given time.
Multiple SMDRs are grouped together to reduce the search scope in
eDirectory. A SMDR Group object defines this search scope. This group
Overview

103-000134-001
August 29, 2001
Novell Confidential
13
Manual
99a
38
July 17, 2001
represents an instance of a predefined group class in the eDirectory schema.

Any number of such groups can exist in eDirectory. The SMDR can become
a member of one or more groups by registering its object's (SMS RPC object)
context.
When SMDR requires name resolution, it searches all members of the SMDR
Group at SMDR Group Context. The SMDR Group Context and SMDR
Group are specified in the SMDR.CFG file.
Name Resolution Using SAP: SMDR can also be configured to use Service
Advertising Protocol (SAP) for locating other SMDRs in an IPX environment.
Each SMDR advertises the server name where it is loaded using service type
0x23F. But in an IP environment, NDS and Service Location Protocol (SLP)
replaces SAP.
Name Resolution Using SLP: SMDR can also be configured to use Service
Location Protocol (SLP) for locating other SMDRs. This enables SMDRs to
locate other SMDRs running on servers that belong to different trees. Every
SLP enabled SMDR will register itself in the smdr.novell domain when
loaded. The SLP enabled SMDRs will query this domain for locating
registered SMDRs.
SLP, SAP, and NDS discovery mechanisms are enabled by default.
Using the SMDR Configuration File
The SMDR.CFG file is a text file located in the SYS:\ETC\SMS\ directory on

your server.
You can modify the configuration file from the command prompt by entering:
LOAD SMDR NEW
The SMDR Configuration screen is displayed where you can make the
required modifications.
SMDR Configuration Problem
If you try to load SBCON when you have not set the SMDR on a server with
the corresponding eDirectory objects and configuration, SBCON will
autoload the SMDR and prompt you for configuration information. (This
screen is hidden by the SBCON screen). To rectify this problem, press
Alt+Esc to allow the SMDR to complete its setup before loading SBCON.
14

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If NetWare Common Install is used to install SMS (see Customizing the

NetWare Server as the Backup Server on page 43 for more information), this
problem will not occur. If the SMDR is explicitly loaded for the first time, the
screen for configuration information will not be hidden.
Memory Requirements
To run SBCON, the host server requires the following:
A minimum of 3 MB free memory for SBCON
Memory required to run NetWare 6 (currently 256 MB RAM)
Memory required to run the clients
If 3 MB of memory is not available, try setting the storage buffers lower than
the default and still run SBCON.
Backup Files
Each backup session produces three types of files:
Data files are copied to the selected storage media.
Log files are produced by the engine during backup and restore. Log files
are placed in a directory on the host server and accessed through the
SBCON Main Menu or from a Windows* 95, 98, 2000 or Windows NT*
workstation using NWBACK32.
Error files are produced by the engine while backing up. Error files are
placed in a directory on the host server and accessed through the SBCON
Main Menu or from a Windows 95, 98, 2000 or Windows NT workstation
using NWBACK32.
Both log and error files contain information such as the date, time, and
media identification for a session. But the error file also contains a list of
any errors that occurred during the backup session, such as files that were
not backed up (see Log and Error Files on page 93 for more information
on these files). The log and error files are labeled with the same
description you give the session.
Overview

103-000134-001
August 29, 2001
Novell Confidential
15
Manual
99a
38
July 17, 2001
Backup Types
SBCON has three types of backup sessions:
Full backupBacks up the entire file system of the selected target
regardless of whether the data has changed since the last backup, and
clears the Modify bit after the backup.
Differential backupAvailable only for the file system; backs up only
data that has been changed since the last full or incremental backup.
When you perform a differential backup, the modify bit is not cleared
after the backup. All files modified since the last full backup are included
in the backup (unless they have been deleted). Each differential backup
uses more media and is slower than an incremental backup because it
backs up more files.
IMPORTANT: Do not interchange differential backups and incremental backups.
If you do, the differential backup will not contain all changes since the last full
backup. Use full backups interspersed with differential backups or full backups
interspersed with incremental backups.
Incremental backupAvailable only for the file system; backs up only

data that has been changed since the last full or incremental backup
(whichever was last). Incremental backup sessions back up only files that
have the modify bit set (that is, files that changed since the last full or
incremental backup session when the modify bit was cleared).
Customizing Your Backup

All backup types contain advanced options to allow you to customize your
backup. These options allow you to
Choose subsets of data to back up
You can choose specific subsets of a data set to exclude from or include
in the backup session by selecting major resources, such as volumes, files,
directories, or path.
See Exclude and Include Options on page 17.
Specify how to scan what you are backing up
See Scan Data Sets on page 19.
16

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Exclude and Include Options
Whenever you perform a custom backup or restore, you can use the exclude
and include options to select subsets of what you want to back up.
Whether you use exclude or include usually depends on the size of the data
you want to back up, compared to the size of the data you do not want to back
up.
Exclude
To back up most of the file system structure or eDirectory tree structure while
omitting only a small part, use the exclude option to omit the part you do not
want to back up. Everything that you do not specifically exclude is included.
After you exclude part of the structure such as a volume, directory, or
container, you cannot include any subdirectories, files, or objects beneath that
excluded volume, directory, or container.
Include
To back up a small part of the file system structure, use the include option to
specify the data you want. Everything you do not specifically include is
excluded.
When you select only part of the file system structure to include (such as a
volume), all directories, subdirectories, and files under that selection are
included in the backup by default.
In the figure given below, volume SYS: is selected as an include option. All
other areas of the file system structure are excluded from the backup. You can
exclude some subdirectories or files beneath your selection if necessary.
SYS
HOME
Public
Mail
System
Login
NetUsers
Appl
Project
A2ZCO
Widget.exe
Report
January.prj
February.prj
March.prj
Proposal
Tessier.Inc
Nu_Artco
Karl
Mary
Directories
Subdirectories
Files
Thomas
Directories
Subdirectories
Files
Overview

103-000134-001
August 29, 2001
Novell Confidential
17
Manual
99a
38
July 17, 2001
The same principle applies when you specify a directory with the include
option. The figure below shows that all directories, subdirectories, and files
under the NetUsers directory are included in the backup. All other areas of the
file system structure are excluded from the backup.
SYS
HOME
Public
Mail
System
Login
NetUsers
Project
A2ZCO
Widget.exe
Report
January.prj
February.prj
March.prj
Proposal
Tessier.Inc
Nu_Artco
Karl
Appl
Mary
Directories
Subdirectories
Files
Thomas
Directories
Subdirectories
Files
The reverse is true when you select a major TSA resource, a directory, or a file
as an exclude option. All other areas of the file system structure are included
in the backup.
Combining Include and Exclude Options
By combining the include and exclude options, you can control what is backed
up.
For example, the following command sequence results in volume HOME
being included in the backup with the exception of the MARY directory and
the WIDGET.EXE file.
Include major TSA resources HOME:
Exclude directories (full path): HOME:NETUSERS/MARY
Exclude path/files HOME:NETUSERS/KARL/PROJECT/WIDGET.EXE
18

103-000134-001
August 29, 2001
Novell Confidential
Manual
SYS
HOME
99a
Public
Mail
System
Login
NetUsers
Appl
July 17, 2001
38
Project
A2ZCO
Widget.exe
Report
January.prj
February.prj
March.prj
Proposal
Tessier.Inc
Nu_Artco
Karl
Mary
Directories
Subdirectories
Files
Thomas
Directories
Subdirectories
Files
Scan Data Sets

You can specify a different type of data set to be scanned.
A data set is a group of data that can be manipulated by SBCON. Each data
set in the file system structure can be classified as a parent or a child, and each
class includes different types of data items.
Within SBCON, a parent might be a server, eDirectory, a volume, or a
directory. A child is a file, which is the lowest level of the directory structure.
The unit below a parent is not necessarily a child; it might be another parent,
or the line might end with the parent. The unit above a child must always be a
parent.
Overview

103-000134-001
August 29, 2001
Novell Confidential
19
Manual
SYS
HOME
99a
Public
Mail
System
Login
NetUsers
Appl
July 17, 2001
38
Project
A2ZCO
Widget.exe
Report
January.prj
February.prj
March.prj
Proposal
Tessier.Inc
Nu_Artco
Training
Workbook
Viewgraph
Script
Schedules
June
July
August
Karl
Mary
Thomas
Manuals
Widget.Co
chapt.1
chapt.2
chapt.3
chapt.4
appx.A
appx.B
glossary
index
Acme.Inc
pamphlet
art
maps
plans
Parents (all units above final)

Children (final units only)
Items in a data set for either a parent or child should be items that do not
frequently change. You might choose to exclude from the backup session one
or more items in the data set of your target.
Overwriting a Parent or Child
SBCON allows you to overwrite all existing parents or children. Children can
be overwritten only if the date on the data set on the hard disk is more recent
than the date of the data set backup.
20

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Keeping a Backup Logbook

Keep a hard copy log of your backups in case your online log and error files
become corrupted. The log should contain the following information:
Source backed up (such as the server or workstation name)
Full path for session log and error files directory
Full path for backed-up data
Label of the media on which the backup is stored
Description of the session
Name or initials of the person performing the backup
Date and time of the backup session
Planning a Backup Schedule

Before you begin backup procedures, plan a backup schedule based on your
needs. Consider such factors as the number of users and frequency of changes
to files.
You can perform different types of backups on different schedules:
DailyPerform an incremental or differential backup after the close of
business. If revisions are heavy and rapid, consider several backup
sessions each day.
WeeklyPerform an incremental or differential backup after the close of
business on the last day of the week for three of the four weeks in the
month.
MonthlyPerform a full backup on the last business day of the month
(for example, the last Friday).
Major changesPerform a full backup before and after you change your
configuration, and before and after you upgrade your server to a new
version of NetWare.
Application changesPerform a custom backup before and after you
modify applications.
Overview

103-000134-001
August 29, 2001
Novell Confidential
21
Manual
99a
38
July 17, 2001
Preparing to Back Up
Careful planning can help you minimize the impact of data loss. Before you
back up, consider the following:
What should be backed up
Where to back up
Backup type
Who should back up
When to back up
How to prepare for a backup
How to track backup
Open Files Backup
TSA600.NLM supports backup of open files on Novell Storage Services

(NSS) volumes if the CopyOnWrite feature is enabled.
To enable CopyOnWrite on a single NSS volume, do the following:
nss /FileCopyOnWrite=volume_name
2 Dismount and remount the volume.
2a To dismount the volume, enter
dismount volume_name
2b To remount the volume, enter
mount volume_name
To enable the feature on all NSS volumes, enter
nss /FileCopyOnWrite=all
Continue with the next sections to prepare for the backup session.
22

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

Each type of backup has a different effect on the backup and restore process.
When planning your backup schedule, consider all of the following variables
before determining which schedule is right for you.
Media usage and backup speed. This helps increase the speed of the restore.
Restoring after incremental backups. If you have performed full and
incremental backups and need to restore data, you must restore the last full
backup as well as all subsequent incremental backups.
Restoring after differential backups. If you have performed full and
differential backups and need to restore data after an unexpected loss, restore
only the last full and differential backup.
Backups and eDirectory

The best way to protect your eDirectory database is to use replicas.
Replication, however, is not sufficient protection for a single server network
or when all copies of the replicas are destroyed or corrupted. In these
instances, if the eDirectory data has been backed up regularly, the eDirectory
tree structure can be restored using SMS.
You can back up the entire tree or a selected section of the tree starting with a
particular container. You can back up the schema and schema extensions.
Trustee assignments are backed up as part of the file system.
You cannot back up partition information. If the eDirectory tree structure
becomes corrupted and you restore the eDirectory data, all data is restored to
one partition, [Root]. You need to repartition that portion of the tree.
It is important that you keep a written copy of the tree structure and the
partitions. You can use the DSMISC.LOG file that is backed up with the file
system as part of the server-specific information.
This section discusses the following:
Managing Distributed Database on page 24, Server Interdependence
on page 24, Object ID Numbers on page 24, Placeholder (Unknown)
Objects on page 25, and Schema Backup on page 24
Backup Software for eDirectory on page 25
Setting Rights to Back Up Portions of the eDirectory Tree on page 26
Frequency of Backup on page 27
Overview

103-000134-001
August 29, 2001
Novell Confidential
23
Manual
99a
38
July 17, 2001
Distributed Database
The network of servers that comprise an eDirectory tree structure continually

exchange updates and other time-sensitive information. The eDirectory
database exists as a set of files that are stored in the SYS: volume and are
hidden so they are not accidentally tampered with or deleted.
The eDirectory database files cannot be backed up, as was the case with
bindery files in NetWare 3.12 or earlier versions.
Server Interdependence
eDirectory is not server-centric, and neither are its backup and restore
processes. Backing up eDirectory, for example, backs up data that is spread
out over multiple servers. SMS Directory database backups gather all the
necessary eDirectory data.
To handle the necessary links and dependencies between objects, the backup
and restore system must be able to navigate the entire eDirectory tree
structure.
Object ID Numbers
In NetWare, a random ID number is assigned when an object is created.

NetWare uses object ID numbers to keep track of information such as users'
trustee rights to directories and files in the file system. These object ID
numbers are stored in the directory entry table (DET) of each file and directory
and are server-centric.
When NetWare is backed up, SMS-compatible products store the objects' fully
distinguished names on the backup media, not the objects' ID numbers. If an
object with the same distinguished name as on the backup media already exists
in the eDirectory tree structure, its object ID is not overwritten during a
restore. If an object with the same name does not already exist in the
eDirectory tree structure, it is assigned a new object ID when it is restored.
This occurs on every server where the object is used.
Schema Backup
The schema is backed up automatically with a full eDirectory backup. You can
also choose to back up the schema separately using a custom eDirectory
backup.
24

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Placeholder (Unknown) Objects
Whenever insufficient information is known about an object, such as when

one of its mandatory attributes is missing, eDirectory creates as a placeholder
an Unknown object.
During a restore session of the eDirectory database information, Unknown
objects are created when restoring an object that has an access control list
(ACL) or any other attribute that refers to other objects that do not currently
exist in the eDirectory tree structure.
This condition is common in a restore, because only one object can be restored
at a time. When this condition arises, an Unknown object is created until the
real object is restored.
For example, User object User1 has been given property and object rights to
User object User2. If User1 and User2 are deleted and only User2 is restored,
an object named User1 will be created but it will have a base class of
Unknown. This occurs because the access control list of User2 lists User1,
which was not restored. The Unknown object is used as a placeholder in the
tree. If User1 is later restored, it will replace the Unknown object.
If the restore session does not include the object for which the placeholder was
created, the object remains in the eDirectory tree structure as type Unknown.
Expect to see Unknown objects after a restore session if all network resources
such as servers, volumes, and users are not in place before the restore session
starts.
Objects that remain unknown after a restoration is completed are objects for
which eDirectory could not resolve the dependencies.
In this case, you can do one of two things:
1. Delete the Unknown objects and re-create the original object.
2. Perform a selective restore to overwrite the Unknown objects.
Backup Software for eDirectory
In order to back up the eDirectory database, the TSANDS.NLM software must

be loaded on one server in the eDirectory tree structurepreferably the server
containing a replica of the largest partition.
For large or complex networks, you can improve performance by loading the
TSANDS.NLM software for a particular partition. This minimizes network
Overview

103-000134-001
August 29, 2001
Novell Confidential
25
Manual
99a
38
July 17, 2001
traffic during the backup process and improves performance when the backup
program performs name resolution across the eDirectory tree structure.
The version of TSANDS.NLM that ships with NetWare allows selective
backup and restoration of an eDirectory tree structure.
HINT: Not all third-party backup applications support this selective backup and
restoration. Check with the application vendor for details on product features.
In SBCON, you can begin the backup of the eDirectory database from any
server in the eDirectory tree structure. The backup process continues from that
point downward to the end of that portion of the tree. If the selected container
is [Root], the entire eDirectory tree structure is processed.
This allows you to back up the entire eDirectory tree structure or subsets such
as a single branch, a single container, or even a single leaf object. Also, a scan
option allows backup of only those objects for which the backup user has the
Supervisor right.
When you back up eDirectory, we recommend that you back up the eDirectory
tree structure in one session whenever possible. Although partial eDirectory
backups and restores are possible, numerous precautions and additional issues
must be noted. See Partial eDirectory Restores on page 79 for more
information.
Setting Rights to Back Up Portions of the eDirectory Tree
The network administrator can assign backup administrators with limited

rights to the eDirectory tree structure.
For example, suppose in your company you have three Organizational Units
that need to be backed up (East, West, Mid). You could create three User
objectsBackAdmin1, BackAdmin2, and BackAdmin3and give them
rights to the Organizational Unit that they are responsible to back up.
You then create a TSANDS.CFG file that lists the fully distinguished name of
the contexts where the backup administrators' rights begin. It would look
similar to the following:
.OU=East.O=Acme
.OU=West.O=Acme
.OU=Mid.O=Acme
Backup administrators have rights to back up the eDirectory tree structure

beginning only at the context listed, and the rights continue until the tree stops
or the rights are filtered out. Backup administrators should use a custom
26

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
eDirectory backup to back up the portions of the tree for which they have
rights.
The network administrator assigns the Supervisor right to the backup
administrators for the section of the eDirectory tree structure that they are
responsible to back up. The network administrator then needs to create a
TSANDS.CFG file that lists the fully distinguished names of the containers
where each of the backup administrators' rights begin. The TSANDS.CFG file
should be saved in the SYS:SYSTEM\TSA directory of the server.
Frequency of Backup
In general, the eDirectory database should be backed up on a weekly basis.

The frequency of this backup depends on how often changes and updates are
made to the eDirectory tree structure. For a tree that changes often, you might
want to perform an eDirectory backup every time you do a full backup of all
servers on the network.
IMPORTANT: Always back up eDirectory prior to major tree modifications.
To get a full backup, the entire eDirectory tree structure needs to be

functioning, meaning that all partitions are synchronizing normally. An
eDirectory tree cannot be backed up entirely if any replicas of any partition are
offline.
Backups and the File System

Back up your volumes so that in the case of hardware failure, natural
catastrophe, or accidental change or deletion of files, you can restore the file
system to a previous state and not lose the data.
To back up file system data, an appropriate SMS TSA must be loaded on each
server for which a file system backup is to be created (see Loading the Target
Service Agents on page 45). To back up file system information, make sure
your backup application can handle the NetWare file system name spaces,
extended attributes, trustee rights, compression, etc.
Once the device drivers for your backup hardware and the SMS TSA software
is loaded, you can run the backup program of your choice (see Loading
SBCON on page 46).
Overview

103-000134-001
August 29, 2001
Novell Confidential
27
Manual
99a
38
July 17, 2001
Trustee Assignments
Trustee assignments are stored as part of the file system as an ID. They are
backed up by default when the file system is backed up with the SMS TSA
software. If a User object is deleted and then re-created or restored, its object
ID changes. This is why the SMS TSA module uses fully distinguished names
for objects to back up the trustee rights from the file system. If a User object
is deleted and re-created with a new ID, the user's trustee assignments in the
file system can be restored.
As long as an object with the same name on the backup media exists in the
eDirectory tree structure when the file system is restored, the TSA can interact
with eDirectory to rebuild the directory entry table (DET) to reflect new object
ID numbers.
For additional information about object ID and trustee issues, see Restoring
eDirectory on page 69.
Server-Specific Information
Server-specific information such as the replica information, ID information,

name spaces loaded, and system configuration is stored on the volume SYS:.
This information is backed up as part of the file system as a single resource.
This resource includes the following five files:
SERVDATA.NDS contains server-specific eDirectory data.
DSMISC.LOG contains a replica list and replica types on the server at
backup.
STARTUP.NCF contains a disk driver, name spaces, and SET
parameters.
AUTOEXEC.NCF contains load modules and the NetWare operating
system configuration.
VOL$INFO.TXT contains volumes on the server, name spaces loaded,
compression, and migration information.
You can also choose to back up this information individually. The information
is not restored unless you specifically choose to restore it. It does not need to
be restored unless you have lost the SYS: volume. In that case, you must
replace the hardware and restore this information. For more information, see
Restoring the Entire eDirectory Tree Structure on page 72.
28

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Backups and Clusters

Novell Cluster ServicesTM allows you to configure up to 32 NetWare servers
into high-availability cluster, where resources can be dynamically switched or
moved to any server in the cluster. Consolidation of applications and
operations on a cluster has benefits such as lower costs, scalability, and
increased availability. See the Novell Cluster Services documentation (http://
www.novell.com/documentation) for more information.
For a cluster to work as a high-availability system, the file system, the
applications, and services that run on the cluster should be clusterenabled.SBCON supports backup and restore of cluster-enabled pools. In
addition, the backup session can be automatically recovered in case of a
failover or failback condition.
NOTE: Backup and restore of cluster-enabled pools is not supported in NetWare
versions earlier than NetWare 6.
SBCON supports automatic recovery of backup sessions if failover or failback

occurs. The backup engine reconnects to the Target Service Agent and
resumes the backup from where it had terminated. Various cluster options like
Enable Auto-Recovery and Retry Interval are provided by SBCON. You can
use the default values or reset the values while submitting the backup job. The
engine begins the reconnection attempts after waiting for a configurable time,
and then retries at regular intervals until the connection is re-established or the
number of retries has expired.
After the connection is re-established, the internal structures of the TSA are
built and the recovered session is continued from where it had terminated.
User intervention is not required during the recovery period. You can view the
status in the Session Report screen.
Consider the following before preparing for backup and restore of clusterenabled pools:
Use TSA600.NLM to backup or restore cluster-enabled pools. (See
Target Service Agents (TSAs) on page 30 for details.)
If SBCON is loaded on a cluster node and a backup session for a clusterenabled pool is submitted, the session cannot be recovered if a failover or
failback condition occurs on the host server.
SBCON can backup and restore only one cluster-enabled pool per
session. This is because the engine is connected to the cluster pool instead
of the server.
Overview

103-000134-001
August 29, 2001
Novell Confidential
29
Manual
99a
38
July 17, 2001
If a cluster server is chosen as the target, only noncluster volumes will be

backed up. You have to back up each pool individually.
You might abort an ongoing backup job with the intention of resubmitting
the same job later. In such situations, the job will not restart from where
it was terminated; it will restart from the beginning.
For more information, see Backing Up Cluster-enabled Pools from the
Server on page 56.
Target Service Agents (TSAs)

In SMS, a target is any machine on the network that requires backup.
Examples of targets include SQL database engines, eDirectory databases,
workstations, and NetWare servers.
Through specific TSAs, SBCON allows you to back up the information that
exists on the following targets. These TSAs are listed in general as follows:
Table 1
Target Services and Their Corresponding Target Service Agents

Target Service
Corresponding Target Service

Agent
NetWare 6
TSA600
Windows 95 and 98 workstation
W95TSA
Windows 2000 and Windows NT

workstation
Windows NT TSA
MAC workstation
MACTSA
GroupWise data
GWTSA
OS/2 machine
OS/2 TSA
A Target Service Agent (TSA) is a software module that understands how to

scan, read, and write the target data. The primary functions of an SMS TSA
are to prepare the target data for backup or restoration, and to communicate
with the storage management engine (SME). For example, an SMS TSA for a
NetWare server understands name spaces, file and directory attributes,
security privileges, etc., for the data on that server.
30

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The TSA packages data from the target and presents it to the SME in a generic
format. This allows one SME to interact with many types of TSAs.
NetWare 6 provides TSA600.NLM, with the following features:
Supports backup and restore of traditional NetWare file system and NSS
file system
Supports backup and restore of cluster-enabled pools (see Backups and
Clusters on page 29)
Recovers the backup session in failover and failback conditions
Provides the caching feature for optimizing backup performance (see
Customizing Backup on page 53.) The TSA will scan the data sets prior
to the engine request and commit the data set information to the cache.
When the request comes in, the data is read from the cache instead of from
the disk
NOTE: To use this feature, ensure that your backup engine supports the scan-
ahead option. If the option is enabled without appropriate changes to the engine,
unexpected results may occur. Also note that performance might vary from engine
to engine.
Restore Services
Restore services provides information on how SMS restores data from
eDirectory, volume SYS: and other volumes, single servers, multiple servers,
and the eDirectory tree structure.
Use SBCON to retrieve and reinstate data you have backed up to storage
media. You restore data if it has been lost or corrupted since a backup was
made.
A restore session restores data from a backup. The restore session produces
the requested data, which is retrieved from the storage media and restored to
the location you specify. If an error occurs during the restore session, an error
message is appended to the error file on the host server.
How SMS Restores Data on page 32
Restore Options on page 34
Restoring eDirectory and the File System on page 35
Restoring Cluster-enabled Pools on page 37
Overview

103-000134-001
August 29, 2001
Novell Confidential
31
Manual
99a
38
July 17, 2001
How SMS Restores Data

During a restore session, SBCON reads the backup storage media, and the
Target Service Agent (TSA) compares the media data set to the existing hard
disk data set. The Target Service Agent evaluates each data set according to
the following criteria:
Is this data set a subset of what is being restored?
Is this data set found on the hard disk?
Which parts of the data set are subject to restoring?
Is this data set a parent or a child, and is the Overwrite parameter set to
Yes or No?
If the parameters for a child are set to Overwrite Only if Newer, does the
backup copy have a more recent date than the existing copy?
32

103-000134-001
August 29, 2001
Novell Confidential
Manual
BEGIN
99a
July 17, 2001
38
END
Go to backup session
on storage media.
no
Is
there
another data set
to read?
yes
Read data set.
Overwrite
data set?
Is the
data set to
be
renamed
yes
only if newer
no
yes
no
ignore
Rename the dataset

Is
data set
a subset of what
youre
restoring?
restore
Compare date of
data set on media
to date of
data set on disk.
yes
no
Open mode
option
ignore
Is
date of
data set on media
the newer
date?
yes
no
Is
data set
on the
hard disk?
yes
no
Open mode
option
ignore
Open mode
option
restore
Is
data set
a parent or
a child?
parent
Consult
"Overwrite"
parameters for
parent
restore
child
Consult
"Overwrite"
parameters for
child
Overview

103-000134-001
August 29, 2001
Novell Confidential
33
Manual
99a
38
July 17, 2001
Restore Options
For a custom restore session, you can specify exactly which data to restore.
Several options work together to allow you maximum flexibility in your
restore session. These options allow you to do the following:
Choose subsets of data to restore
Open mode options
Overwrite an existing parent (such as a container) or child (such as an
object)
Subsets of Data to Restore
You can choose specific subsets of a backup session to include in or exclude

from the restore session by selecting major resources (such as volumes,
server-specific info, or containers) or minor resources (such as directories,
paths, files, or objects).
For more information about including and excluding, see Customizing Your
Backup on page 16.
Open Mode Options
Open mode options allows you to customize data for restore. File system data
can either be included or excluded for the session. The speed of the restore
depends on the options you set.
Overwriting Existing Parents or Children
Be careful when you perform a selective restore and choose whether to

overwrite existing parents or children, especially eDirectory objects. Objects
such as groups and users have references to other objects in the eDirectory tree
structure that will be affected by a selective restore.
For example, suppose a part of the eDirectory tree structure gets corrupted and
several users are deleted from the tree. There is a group that contains those
users, but once the users are gone, the group purges the membership list to
remove those users; the group, however, continues to exist in the eDirectory
tree structure.
If you perform a selective restore and choose not to overwrite existing objects,
the group membership list remains empty even if you restore the users. You
need to either add the users manually to the group membership list or restore
the original group.
34

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

The only way to ensure that your eDirectory database can be fully restored is
through partition replication, with replicas of the entire database on multiple
servers.
On a single-server network, you need to rely more heavily on backing up the
data because you do not have replicas to restore information.
If part of the eDirectory tree structure, including partitions and replicas, exist
when the eDirectory database information is restored, those partitions and
replicas will be restored also, and you will not need to repartition the tree.
In case of corrupted data, follow these general steps:
1. Delete the corrupted eDirectory data.
2. Allow time for the deletion to propagate throughout the network. The
allotted time depends on the size of the data to be backed up, the size of
your network, the number of servers you have, and the number of
containers and users you have.
3. Restore the eDirectory data.
A replica containing the object does not have to be on the server. The
eDirectory database creates external reference when necessary.
NOTE: An external reference is a pointer to an eDirectory object not found locally
on the server; it is used to authenticate and reference objects that are not local to
the server.
There are specific recovery procedures for the following scenarios:

Loss of a Volume Other Than SYS: on page 35
Loss of the SYS: Volume or an Entire Server on page 35
Loss of the Entire eDirectory Tree on page 37
Loss of a Volume Other Than SYS:
Loss of a volume other than SYS: does not affect eDirectory. The only
requirement is to restore the file system data and trustee rights.
Loss of the SYS: Volume or an Entire Server
A hard disk failure involving the SYS: volume affects the entire server and
halts all NetWare operating system activities. Because the eDirectory files are
Overview

103-000134-001
August 29, 2001
Novell Confidential
35
Manual
99a
38
July 17, 2001
stored on volume SYS:, losing SYS: is equivalent to removing NetWare and

eDirectory from the file server. You must reinstall NetWare and eDirectory
before you restore your data.
The procedures for this scenario are divided into two cases:
Loss of the only server in a single-server network.
Loss of a single server in a multiple-server network.
Single-Server Network
In a single-server network, server failure brings all network operations to a

halt. The same situation exists if the failure affects only the hard disks
containing the SYS: volume.
Since there are no replicas in a single-server network, you cannot recover any
eDirectory information from a replica.
Use the following general steps to restore the server:
1. Repair or replace the failed hardware.
2. Reinstall NetWare.
3. Restore eDirectory from an SMS backup. (See Restoring Data on page
62.)
4. Restore the file system. (See Restoring Data on page 62.)
Multiple-Server Network
In a multiple-server environment, it is possible for one server to go down and

for the rest of the servers in its replica list to remain intact. The same situation
exists if the hard disks containing volume SYS: on one server gets damaged,
causing the failure of the entire server.
2. Restore SERVDATA.NDS (the server-specific eDirectory information)
for the failed server to another server on the network. (See Restoring
Data on page 62.)
3. Reinstall NetWare, including restoring the SERVDATA.NDS file
(located in SYS:) to the original server.
4. Restore eDirectory. (See Restoring Data on page 62.)
36

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
5. Restore the file system. (See Restoring Data on page 62 and Custom
File System Restore on page 74.)
6. Restore any replicas that were removed from the server.
Loss of the Entire eDirectory Tree
If all servers on a network are destroyed because of a disaster, you must

perform a complete restore of NetWare, eDirectory, and file system data.
IMPORTANT: We recommend that you document your eDirectory tree structure;
the location of Server objects, partitions, and replicas; and record bindery context
settings and other relevant information.
Use the following general steps to restore the eDirectory tree structure:
2. Reinstall NetWare on the first server.
3. Install NetWare on remaining servers to create a skeleton of the tree.
4. Restore eDirectory. (See Restoring eDirectory on page 69.)
5. Restore the file system to all servers. (See Custom File System Restore
on page 74.)
6. Re-establish partition boundaries and distribute replicas.
Restoring Cluster-enabled Pools

Restore of cluster-enabled pools is similar to a normal restore session (see
Restoring Data on page 62.)
NOTE: Auto recovery of the restore session on failover or failback is currently not
supported.
Session Files
Whenever you back up or restore files/directories, a log and corresponding
error files are created for that particular session on the server on which you are
executing the job. The .LOG file is the session file for that particular job.
The need to create a session file arises when you are restoring the data on a
server other than the one you backed up from. The server should possess the
session ID of all the jobs that are present on the tape so that the SME can
restore it. These session IDs are created from the .LOG files. See Creating
Session Files on page 98.
Overview

103-000134-001
August 29, 2001
Novell Confidential
37
Manual
99a
38
July 17, 2001
Log and Error Files

The files of the backup session are stored in a default directory (such as
SYS:SYSTEM\TSA\LOG). If you prefer, you can create your own directory
for the log and error files as long as it resides on the host server.
The files of the restore session are stored in the directory
(SYS:SYSTEM\TSA\RESTORE). You cannot modify the location for the
files.
The files can be accessed through the SBCON Main Menu or from a Windows
95, 98, 2000 or Windows NT workstation using NWBACK32.
The error file is labeled with the same description that you give the restore
session (such as Friday's Full Backup) and is accessed through the Log/Error
File Administration option of the SBCON Main menu.
HINT: You might want to create individual log directories for the different types of
backup or restore session targets or different organizational units. For example,

you could create one directory for workstation backups and another for server
backups.
SBCON keeps a list of all the log and error files. These lists show
The description you enter for the session.
The date and time the session was begun or, in the case of a delayed
backup session, the time the session was scheduled.
The name of the target the data was backed up from.
Log File
The log file is created on the host server the first time a particular set of data
is backed up. This file contains the following:
The session date and time and the description you entered.
The target from which the data was backed up for a backup session.
The target that was backed up and the location on the server where the
data was restored to during a restore session.
Media set identification information.
The area of the file system structure that was backed up or restored
(volume name, directory name, etc.).
The names of files that were backed up or restored.
The numerical location of the data on the storage media.
38

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Error File
The error file is created on the host server the first time a particular set of data
is backed up. It contains a list of any errors that occurred during a backup or
restore session.
This file contains the following:
The area of the file system structure that was backed up or restored.
The total number of parents and children that were backed up or restored.
The names of files that were not backed up or restored, along with any
error messages or information.
Skipped data sets (any file that is open when a session begins, is not
backed up or restored, and is listed as a skipped data set).
Overview

103-000134-001
August 29, 2001
Novell Confidential
39
Manual
40
99a
38

103-000134-001
August 29, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
Setting Up
In addition to being able to back up data from a server with SBCON, you can
use a Windows 95, 98, 2000 or Windows NT workstation to perform your
backups using the graphical interface.
How to customize the NetWare server as the backup server. See
Customizing the NetWare Server as the Backup Server on page 43.
How to load the backup software. See Loading Controller and Storage
Device Drivers on the Server on page 44, Loading the Target Service
Agents on page 45, and Loading SBCON on page 46.
How to unload the backup software. See Unloading SBCON on page
47.
How to back up your data. See Backing Up from the Server on page 50,
Customizing Backup on page 53, or Backing Up from a Workstation
on page 55.
How to restore your data. See Customizing Restore on page 66, or
Restoring eDirectory on page 69, and Restoring a Volume Other Than
SYS: on page 69.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
41
Manual
99a
38
July 17, 2001
SBCON Guidelines
Before you set up and begin backups, follow these guidelines to make backups
easier and to avoid problems later.
Log in. You will have limited success backing up and restoring if you log
in without the Supervisor right.
For security reasons, many SBCON options are limited to the network
administrator.
Reserve disk space for temporary files. Make sure you have disk space
available (1 to 2 MB) on the target server's volume SYS: to accommodate
log and error files.
SBCON creates temporary files on the target server during backup. If you
have linked UNIX* files or files with extended attributes, the temporary
files might be larger than 1 MB.
Do not mount or dismount volumes during a backup or restore
session. The data might be corrupted or an association might occur at the
host server.
Use the correct name space and name space formats. If you do not use
the correct name space and name space formats when entering paths and
file names, files can't be restored.
Name spaces: DOS, FTAM, Macintosh, NFS, OS/2
Name space formats:
For Macintosh, use Volume::directory:directory:filename
For all others, use Volume:/directory/directory/filename
Exit SBCON before unloading drivers. If you unload a manually
loaded driver (such as aha1740.dsk or aspitran.dsk) before exiting
SBCON, you might cause the host server to abend.
Use original case for non-DOS names. Non-DOS pathnames and
filenames are case-sensitive. NetWare recognizes DOS pathnames and
filenames in uppercase only. If you're not sure of the original case, refer
to your log file.
42

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Before Loading the Backup Software

Before you load the backup software on the server or on a Windows machine,
you need to configure a server to execute your backups.
Determine the following:
The tree to which the server belongs which must be made the current tree
The full eDirectoryTM context of the server
Before Running the Backup Software

Before backing up software, in general you must:
Load the controller and storage device drivers on the server. See Loading
Controller and Storage Device Drivers on the Server on page 44.
Load the TSAs on a server, workstations, or both. See Loading the
Target Service Agents on page 45.
Load the backup engine on the server or the workstation. See Loading
SBCON on page 46 or Loading NWBACK32 on page 47.
Customizing the NetWare Server as the Backup Server

SMS allows you to configure a NetWareserver as a backup server while
installing NetWare 6. It also allows you to create NDS Backup Queue and
SMDR Group objects.
To customize the settings while running the Install program, do the following:
1 In the Final List of Products to be Installed dialog, click Customize.
2 Select Storage Management Services from the list of NetWare Services >
click Configure.
The SMS Setup dialog box with default values for NDS Backup Queue
and SMDR Group objects displays.
3 Enter the name of the eDirectory tree where the SMS objects will be
created.
4 Enter the name of the backup server and the context.
5 Accept the default for the SMDR Group context where the SMDR Group
object is to be created, or enter a new context.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
43
Manual
99a
38
July 17, 2001
The SMDR Group object is where all NetWare and workstation SMDRs
are registered for name resolution purposes.
6 Accept the default name of the Backup Queue where all backup jobs will
be submitted, or enter a new name and context.
Loading Controller and Storage Device Drivers on the Server

Controller and device drivers control the mechanical operation, such as read,
write, forward, back, and stop of various storage devices and media.
Ensure that you have installed the storage device controller and storage device
according to the hardware manufacturer's instructions.
When NetWare 6 is installed, the device drivers are placed in the
startup.ncffile automatically.
Whenever you want to add new drivers, you can either place them in
STARTUP.NCF or use the following steps:
1 At the server console prompt, enter:
LOAD PATH
LOAD PATH
CONTROLLER_DEVICE_DRIVER_NAME(S)
STORAGE_DEVICE_DRIVER_NAME(S)
For example, to load the drivers from drive C:, enter:

LOAD SCSI154X.HAM PORT=24
LOAD SCSIHD.CAM
LOAD SCSI2TP.CDM
2 In NWCONFIG, select Driver Options > Configure Disk and Storage
Device Drivers > Discover and Load Additional Drivers [or] Select an
Additional Driver.
3 (Conditional) If you loaded HAM drivers, or if you added an external
device, enter the following at the server console prompt:

LIST DEVICES
4 To register the storage device with the system, enter the following at the
server console prompt:

SCAN FOR NEW DEVICES
NOTE: If you load the drivers from the STARTUP.NCF file, you do not need to use
the SCAN FOR NEW DEVICES command.
44

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Loading the Target Service Agents

Target Service Agents are loaded on servers and workstations. If you want to
back up a server, load the TSA on the server. Ensure that the controllers and
device drivers are loaded.
Table 2
Server Console Commands for Backup and Restore of Various Target Services
To Back Up or Restore
At This Console
Enter This Command
NetWare 6
Host server
LOAD TSA600
eDirectory database
NetWare 4 or later server (preferably a

server with a copy of the largest
partition)
LOAD TSANDS
DOS partition on NetWare
Host server
LOAD TSADOSP
OS/2*, UNIX, and

Macintosh* workstations
Host server
LOAD TSAPROXY
Target workstation
See the documentation that

came with the OS/2, UNIX, and
Macintosh workstation software.
Windows 95 and 98
Target workstation
W95TSA.EXE (installed with the

Novell ClientTM). See the online
help for more information.
Windows 2000 and NT
Target workstation
TSAPREFS.EXE,
TSAMAIN.EXE (installed with
the Novell Client). See the
online help for more information.
Follow these general steps when backing up or loading the software:

Backing up the eDirectory database. Load TSANDS.NLM once on the
server with a replica of the largest partition.
Backing up the file system. Load TSA600.NLM for its server and on
every server to be backed up.
Backing up cluster-enabled pools. Load TSA600.NLM on the target
server and the backup servers.
Backing up workstations. Load the appropriate TSA on the workstation.
For more information about backing up workstations such as UNIX,
OS/2, or Macintosh, see the documentation included with the client
software.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
45
Manual
99a
38
July 17, 2001
Loading the files when the server starts. Place the commands in the
server's STARTUP.NCF, and in the workstation's NET.CFG file,
AUTOEXEC.BAT file (for DOS), or Startup folder (for OS/2).
Loading SBCON
You can load SBCON from the server command line.
If you use NWBACK32 on a client, you do not need to load SBCON.
SMSSTART
TSA600.NLM, TSAPROXY.NLM, and SMDR.NLM modules are

loaded with default configuration values.
SBSC.NLM, QMAN.NLM, SMSDI.NLM and TSANDS.NLM must be
manually loaded on need basis; SBSC.NLM, QMAN.NLM,
SMSDI.NLM when storage devices are used, and TSANDS.NLM for
backup and restore of eDirectory.
2 Load SBCON by entering
LOAD SBCON
Prerequisites
Controller and storage device drivers are loaded on the server.
See Loading Controller and Storage Device Drivers on the Server on
page 44.
SMDR.NLM, TSA600.NLM, SMSDI.NLM, QMAN.NLM, SME.NLM,
SBSC.NLM, and SBCON.NLM are installed on the server.
They should have been installed automatically during NetWare 6
installation.
Each NLMTM listed above is in the search path.
TSA is loaded on each machine to be backed up.
See Loading the Target Service Agents on page 45.
46

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Unloading SBCON
To ensure maximum memory utilization and throughput, you should unload
backup software and other Storage Management ServicesTM (SMSTM) modules
when you are finished performing your backup. That way, more memory will
become available on your host or target.
1 Exit SBCON from the Main Menu.
Press Esc until you reach the SBCON Main Menu; then press Esc again
and confirm the prompt.
2 Unload all the modules by entering the following command at the server
console:
SMSSTOP
Unloads all the previously loaded SMS modules.

WARNING: The system displays a warning message on the console if you
attempt to unload a module being used by another NLM. If you continue, your
server might abend.
Loading NWBACK32
1 Log in to the desired eDirectoryTM tree structure.
If this is the first time you have used NWBACK32, go to Step 2 on page
47 Otherwise, go to Step 3 on page 48.
2 (Conditional) If this is the first time you have used NWBACK32, do the
following:
2a Log in to the server running the backup engine.
2b Enter your user name and password.
2c Configure eDirectory information.
Tree Name. Enter the name of the eDirectory tree you will be using
to backup and restore data.
SMDR Context. Enter the context you created during the server
configuration.
SMDR Group Context. Enter the context you created during the
server configuration.
Check the SAP (IPX) box if you want to use IPX. Uncheck the box
for IP.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
47
Manual
99a
38
July 17, 2001
3 Run NWBACK32.EXE from SYS:PUBLIC.
The following screen appears.
You are now ready to back up data. Go to Backing Up Data on page 49 to

continue.
Exiting NWBACK32
1 Exit NWBACK32 from the Quick Access window.
2 Unload all the modules loaded on the server by entering the following
command at the server console:

SMSSTOP
48

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Backing Up Data
You can use SBCON to create a tape backup of the eDirectory database or of
the file system on your servers or workstations. The prerequisites listed here
use SBCON as the Storage Management Engine (SME).
Prerequisites
Understand the process for loading SBCON.
See Loading SBCON on page 46
Ensure that you know the workstation password if you are backing up a
workstation. For DOS workstations, make sure the Target Service Agent
was loaded with the /Password parameter instead of the /Trust parameter,
as explained in Table 2 on page 45.
Set the backup server and its tree as the primary resource using the Novell
Client. This lets you view the tape devices in NWBACK32.
If you are backing up the eDirectory database, ensure that eDirectory
synchronization and communication are functioning properly.
Before starting the backup, make sure eDirectory is fully functional. This
means that all partitions are synchronizing correctly.
If your backup host and targets communicate across a WAN, check the
status of the WAN links to verify that they are operating properly.
If you are backing up the file system, make sure you have Read and File
Scan rights to the directories/files you are backing up.
Ensure that you know what type of backup you want to perform: full,
differential, or incremental.
For more information, see Backup Types on page 16.
If you use the Advanced Options, ensure that you know the file system
structure of the target you are backing up. You will be prompted for the
paths to the volumes and directories that you want to include in or exclude
from your backup.
Ensure that you have loaded the drivers for your specific device and
controller board.
Ensure that the required files for your target are loaded.
Ensure that you have loaded the SBCON files for your specific target.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
49
Manual
99a
38
July 17, 2001
Ensure that media is inserted into your storage device.

You can back up your data two ways: from a server using SBCON or from a
Windows workstation using NWBACK32.
Backing Up from the Server

When you back up your data from one server to a target server or workstation,
you should use the command line.
1 Load the SBCON modules.
See Loading SBCON on page 46.

2 Click Main Menu > Job Administration > Backup.
3 Click Target Service to select the NetWare server running your backup or
restore Target Service Agent.

To be able to select the server, you need to load the correct Target Service
Agent (TSA). See Loading the Target Service Agents on page 45.
If you do not see the target you want on the list, check for these possible
causes:
50
The correct Target Service Agent is not loaded on either the host or
the target. See Server Console Commands for Backup and Restore
of Various Target Services on page 45 for LOAD commands.
Network traffic is heavy. Press Esc to return to the Main Menu, and
then press Enter again. Your target should now be listed.

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
4 Select a target from the Target Services list.
The following table describes the targets that can be selected for backup.
If you are Backing Up
Then Select
Cluster-enabled pools
The cluster-enabled pool you want to back up
The file system
The server whose file system you want to back

up
The eDirectory database
The server with TSANDS loaded
A workstation
The workstation's host server, and then the

workstation
Server-specific
information
The server whose server-specific information

you want to back up, and then choose to back up
the file system.
5 When prompted, enter the username (and context, if required) for the
target.
If SBCON rejects the username you entered, you probably need to
include the context where the User object is located. For example, instead
of entering ADMIN as the username, enter
.CN=ADMIN.O=company_name or .ADMIN.company_name.
You must include the context in the username at this point if the username
you use exists in an eDirectory container that is different from the bindery
context set on the server running the engine.
6 (Conditional) If requested, enter the password for the target.
SBON will take a few moments to attach to that target.

If you select the default values on this form, a full backup of the source is
performed. Otherwise, if you want to perform an incremental or
differential backup, select Advanced Options.
7 Click What to Backup and press Enter.
8 Press Insert, select the volumes and files you want to back up from the
screen, and press Esc.

The selected volumes and files appear in the List Resources screen.
9 Enter a descriptive name for the backup session in the Description field.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
51
Manual
99a
38
July 17, 2001
This is a descriptive name of the job, which will help you identify the
specific backup session; if a restore is necessary, you can easily identify
the session you need. There is no special requirement for what to enter as
the session description.
HINT: You might want to include the full path of the data (for example,
SYS:HOME\REPORTS\JULY.02) which you will need to know if a restore session
is necessary.
10 Click Device/Media Name and select a device.
A list of available objects is displayed in the Select a Device screen.

If you accept the default value, the engine selects the device and media
which you have designated as the default.
NOTE: If there is only one media type available, it will be treated as the default.
If your device has more than one storage device attached, select an
available device from the list. If the device contains multiple media,
select the media for the backup.
If the storage media does not have a label, SBCON displays a message
saying that the media cannot be identified. Set the label before selecting
it for a backup job.
11 Select Advanced Options.
For more details, see Customizing Backup on page 53.

12 Select Append Session.
This option appears only if your device supports appending to previous

sessions on the media.
Accept the default YES if you want to preserve all sessions on the media.
The backup session is appended to the media at the end of the previous
session. Each appended session has separate backup and error logs.
If you want to overwrite the data on the media, enter NO. The media
rewinds and existing data is overwritten by the next backup.
HINT: Labeled media is not considered empty media. No sessions are necessary
on the media for you to set the Append option to Yes.
Delete the log and error files for any session you overwrite to avoid trying to restore
a session that no longer exists.
13 Press Enter to save the settings and continue with the backup.
WARNING: If you are appending a backup session to a media set (two or more
tapes), use the tape with maximum space.
52

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
14 To return to the Main Menu, press Esc until you back out to the Main
Menu.
15 To exit SBCON, press Esc again and answer the confirmation prompt.
Customizing Backup
You can customize your backup using the Advanced Backup Options form
when you use SBCON at the server to launch your backup program. This form
allows you to specify exactly what you want to back up data. It could be the
server, the eDirectory database, workstation, directory, or file. You can even
specify subsets of groups. The Advanced Backup Options form activates only
after you have selected at least one of the resources (directory/file). Select
Advanced Options from the Backup Options form to perform advanced
backup sessions. See Backing Up from the Server on page 50.
HINT: SBCON displays prompts and messages at the bottom of the screen. For
example, you can press F1 for help at any time.

If you want to perform a series of backups and restores and need to change your
target, see Changing Your Target on page 61.
A custom backup allows you to specify exactly what you want to back up:
server, volume, the eDirectory database, workstation, directory, or file.
To customize a backup, do the following:
1 Select Backup Options > Advanced Options.
2 Select Backup Type.
By default, Storage Management Engine (SME) performs a full backup.

See Backup Types on page 16. Differential and incremental backups
are not interchangeable. See Planning a Backup Schedule on page 21.
IMPORTANT: If you choose to include migrated data, ensure that your backup
media capacity matches the jukebox media capacity.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
53
Manual
99a
38
July 17, 2001
3 Select Subsets of What To Backup.
The default setting means that everything in the Subsets of What You
Want to Backup screen is backed up.
Include/Exclude TSA ResourcesIncludes or excludes resources such
as servers or volumes.
Include/Exclude DirectoriesIncludes or excludes directories.
Include/Exclude FilesIncludes or excludes files.
Include/Exclude path/filesIncludes or excludes pathnames and files.
4 Select Scan Options.
The How to Scan What you are Backing Up screen appears.

If you do not want to accept the default (nothing will be excluded),

type Y (Yes) and press Enter.
Choose to exclude subdirectories, hidden files, system files, etc.
Enable the Scan-ahead option, if required.
6 Press Esc to Finish.
For information about how SBCON scans data, see Scan Data Sets on
page 19.
7 Select Execution Time.
The Edit Date and Time screen appears. You can choose the default date
and time shown for the backup to begin, or you can type a new date and
time. You can change the month/day/year and hour/minute/second fields.
The engine should initiate the rescheduled job.
To schedule the job to run another time, press Enter and go to Step 8 on
page 54. Otherwise, go to Step 7 on page 54.
8 (Optional) Select Scheduling.
RescheduleSelect Yes to reschedule.

Rerun IntervalSpecify the duration in terms of elapsed time and days,
months or years to rerun an already scheduled job.
The Edit Date and Time screen appears. You can specify the number of
days, months, or years after which an already scheduled job will run.
54

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The day, month, or year you enter should not be the actual date when you
want the job to run; rather, it is the duration after which the job gets
executed.
Example
If you have scheduled a job to run on 03/20/1999 and want to rerun the
job after two months and at the same time, then the Rerun Interval field
should be the following:
Year: 0, Month: 2, Day: 0
Hour: 0, Minute: 0, Second: 0
Rerun CountSpecify the number of times you want to rerun a job after
the current execution.
Keep Finished jobsSelect Yes to keep the job in the queue after
execution so that it can be rescheduled when you need it.
NOTE: If you are performing a series of backups or restores and need to change
your target, follow the procedures in Changing Your Target on page 61.
Backing Up from a Workstation

When you load the backup software from a workstation to the target server or
workstation, you are using the graphical interface.
To back up from a Windows workstation, do the following:
1 Run NWBACK32.
See Loading NWBACK32 on page 47.

2 At the Quick Access window, click Backup.
3 Select what you want to back up.
3a Double-click What to Backup.
3b Click eDirectory, NetWare Servers, or Workstations.
3c Double-click a server to back up.
3d Enter the username and password to authenticate to the server.
A list of resources to back up appears, such as volumes and files.

3e Click the resources to back up.
3f Click OK to finish.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
55
Manual
99a
38
July 17, 2001
4 Select where you want your backup data to go.

4a Double-click Where to Backup.
4b Change to the correct eDirectory tree structure and context by
clicking the Change to Context button on the toolbar.

4c Double-click Queues.
4d Select a Queue object from the list.
4e Right-click the server to open the drop down box.
4f Click Submit the Job.
This step allows you to submit the job to a queue on the chosen server
or on the chosen media type.
Queue. Double-click to expand the queue.
Server. Double-click to expand the queue, double-click to select a
server, and then right-click to submit the job.
Media. Double-click to expand the queue, double-click to select a
server, double-click to view a list of devices, double-click to view a
media list, and then right-click to submit the job.
Backing Up Cluster-enabled Pools from the Server


3 Click Target Service to select a cluster-enabled pool name.
To be able to select the target, you need to load the correct Target Service
causes:
56

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
target.
SBCON will take a few moments to attach to that target.

differential backup, select Advanced Options. For more details on the
Advanced options, see Customizing Backup on page 53.

SYS:HOME\REPORTS\JULY.02), which you will need to know if a restore session
is necessary.

Setting Up

103-000134-001
August 29, 2001
Novell Confidential
57
Manual
99a
38
July 17, 2001
11 Select Advanced Options and set the desired values for all the fields.

NOTE: If you set Enable Auto Recovery to NO in Cluster Options, the remaining
options become invalid.

WARNING: To append a backup session to a media set (two or more tapes), use
the tape with maximum space.
14 To return to the Main Menu, press Enter and then press Esc until you back
out to the Main Menu.

58

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Backing Up a Workstation
To back up the workstation (the target), a Target Service Agent (TSA) must
be loaded on the workstation. (See Loading the Target Service Agents on
page 45.)
You can select the directories to back up or back up the entire workstation.
Windows 95 and 98 Workstation
Make sure that the W95TSA is installed and configured. It is a part of the
Novell Client modules (checkbox for Target Service Agent).
NOTE: If W95TSA is installed and registered, a shield-like icon appears in the
system tray and indicates Novell TSA (Listening) message. You will also see an
SMS screen popup when you log in to NetWare.
1 At the target workstation, register with the W95TSA.

1a Double-click the shield-like icon that appears in the system tray.
The Novell Target Service Agent for Windows Properties box

appears.
1b Enter your user name and password for TSA.
1c Enter the server name that will be servicing this Windows client.
1d Select the disk drive you want to register.
1e (Recommended) Check Auto Register. This automatically registers
your workstation with the server after you restart.

1f Click OK.
1g Restart your workstation.
The TSA must be installed and registered with the host server, along with
the TSA username and password.
2 At the host server, load TSAPROXY.
3 Select the NetWare server running the target service agent.
4 Follow the procedure from Step 3 on page 50 to complete your backup.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
59
Manual
99a
38
July 17, 2001
Windows 2000 and Windows NT Workstation
Make sure that the NT TSA is installed and configured. It is a part of the
Novell Client modules (checkbox for Novell Target Service Agent).
The Windows NT TSA has two parts:
TSA Service (TSAMAIN.EXE) is a service that waits for and acts when
there is a request from the backup engine.
TSAPrefs (TSAPREFS.EXE) allows an NT administrator to set
preferences and monitor the activities of the TSA Service.
1 Right-click Network Neighborhood and then click Properties > Novell
Target Service Agent > Properties.

2 Click Preferences and fill in the following fields:
Workstation: Enter the name of the workstation.

Preffered Server: Enter the name of the server on which you want to
connect. This server must have TSAProxy installed.
Protocol: Select SPX/IPX or TCP/IP.
Events to Log: Check the items you want to log: Connection,
Registration, Security, or Service.
Allow Backup User: This grants the backup user rights depending on the
group.
Auto Register: This automatically registers the Windows workstation
with the server after you restart.
3 Click Registration.
4 Check the fields in the Registration page and, if correct, click Register.
If information in any of the fields is incorrect, click Withdraw and return

to the Preferences page to change the information. Then repeat Steps 4
and 5.
5 Click Connections.
6 Check the fields in the Connections page and then click OK.
If you need to add or change information, click Apply.

You can also delete connections in this page under Current Connections
and then click Apply.
60

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Changing Your Target

Any time you are performing a series of backup or restore sessions, you might
need to change your target. This can be easily done from the SBCON Main
Menu either at the command line or from the Windows workstation using
NWBACK32.
If you do not specify a new target, SBCON automatically selects the target
used during the last session and continues without asking you to make a
selection.
Ensure that you have met the prerequisites detailed in Prerequisites for
SBCON Tasks on page 81.
Load the required TSA. (See Loading the Target Service Agents on
page 45.)
Changing a Target at a Server

1 Select Main Menu > Change Target to Back Up From or Restore To.
2 Select one server.
3 From the list of Target Service Agents, select a target.
If the target you select includes more than one TSA loaded, SBCON will
show you a list of their full names.
4 Enter the username and password for the target you just selected.
The target is successfully changed.
Changing a Target at a Workstation

1 Run NWBACK32.

You can use the toolbar to open this window if preferred.

3 Double-click What to Backup.
4 Double-click Workstations (or NetWare Servers).
5 Select the workstation (or server) to use as the target.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
61
Manual
99a
38
July 17, 2001
Restoring Data
Use SBCON to restore information from tape backup. These procedures use
SBCON as the Storage Management Engine (SME).
Know the username and password for the target server or workstation to
which you want to restore data.
Know the session description that you want to restore. You can get this
information from your session log and error files. (See Session Files on
page 37.)
For an Advanced Options restore session, ensure that you know the file
system structure of the data you are restoring. You will be prompted for
specific paths and filenames while setting the restore options.
If you restore the server-specific information from the file system backup
of the failed server to a functioning server or location, you can use the
VOL$INFO.TXT file as a reference for this information.
If you want to restore data to a new location (different from where the
original data was located), you must specify the full path to both the
original data and the new location. If the new location does not exist,
SBCON will create a new file system structure.
You can get the original path from your backup logbook or from the
session log files if you noted the path at the time the backup was
performed.
Replace faulty hardware or correct the problems that caused data loss (if
applicable).
Ensure that media is inserted in your storage device.
You can restore data either from the server command line or from a Windows
Restoring Data from a Server

1 Load the drivers for your specific device and controller board.

page 44.
2 Load the appropriate Target Service Agents.
62

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
3 Load SBCON.

4 Select Main Menu > Job Administration > Restore.
The Restore Options screen appears.
5 Select Target Service and then the NetWare server running your backup
and restore Target Services Agent.

This is the name of the server or workstation on which you want to restore
your data. Before selecting it, you must load the correct TSA. See
Loading the Target Service Agents on page 45.
causes:
The proper TSA is not loaded on the target.
Network traffic is heavy. In these circumstances, it might take

SBCON a few moments to detect all the targets. Press Esc to return
to the Main Menu, and then press Enter again. Your target should
now be listed. From the Target Services list, select a target.
If the target you select has more than one TSA loaded, SBCON shows
you a list of their full names in the Backup/Restore Target Services on
This Server.
NOTE: When you are trying to connect to a different server, SBCON uses the
same username and password you gave the first time. It prompts only if it fails.
The following table lists the target services and their associated datasets.
Target Service to Restore
Dataset to Select
Cluster-enabled pool
The cluster-enabled pool that you backed up
File system
The server whose file system you want to restore
eDirectory database
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
63
Manual
99a
38
July 17, 2001
Dataset to Select
Workstation
The workstation's host server and then the

workstation
Server-specific
information

you want to restore and then the file system to
restore
6 When prompted for the target username, enter your username (and
context if required) as the network administrator for the target.

include the context of where the user object is located. For example,
instead of entering ADMIN as the username, enter a complete name such
as .CN=ADMIN.O=COMPANY_NAME or .ADMIN.COMPANY_NAME.
exists in an eDirectory container that is different from the context set on
the server running SBCON.
7 If a password is requested, enter the password for the target.
SBCON will take a few moments to attach to the target. Wait for the
confirmation box, and then press any key to continue.
8 Enter a descriptive name for the restore session in the Description field.
The descriptive name of the job will help you identify the session.
9 Select the device and media for restore by pressing Enter at the Device/
Media Name field and decide where you want to restore from.
If you enter *.* (DEVICE NAME.MEDIA NAME), the engine selects
the device and media that it encounters first.
indicating that the media cannot be identified. You should set the label
before selecting it for a backup job.
10 On the Select a Session screen, select the Session to Restore.
WARNING: TSA600.NLM backs up files in compressed or uncompressed format
as specified by the user. However, if you try to restore a compressed file to a
64

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
volume without compression, the file is corrupted and no error message is

displayed.
11 Specify the path to the session log file of the session you want to restore.
Use one or more of the following methods:
Press Enter to accept the default; then go to Step 12 on page 65.
Press Insert to select from a list of directories, press Esc to return to

the previous window, and then go to Step 12 on page 65.
Press Backspace over the path shown (or a portion of the path), type
in a new directory or path, and then go to Step 12 on page 65.
Press Insert any time during this process to choose parts of the existing
path from a list.
NOTE: At the present, it takes the default. This will be implemented in the future
release.
12 When a list of sessions is displayed, select the session you want to restore.
If the media on which the data resides is not loaded on the device you
choose, you will be prompted to insert the correct media.
13 Select Advanced Options to make the selective restore.
The Advanced Restore Options screen appears. See Customizing

Restore on page 66. You can perform the advanced restore, specify the
execution time, reschedule the job, etc., using this form.
14 Complete the Advanced Restore Options form.
15 Press Esc and answer the prompt at the Submit Job screen to begin the
restore session.
16 Press Alt+Esc to view the activity log screen.
If the job execution starts and is not successfully completed, the error
messages appear on this screen. The activity log file ACTIVITY.LOG is
located at the server's SYS:\SYSTEM\TSA\LOG directory.
17 To view the Run Time Status of a job, select Job Administration >
Current Job List > job name.

18 When the restore session finishes, your screen display reads the
following:
The restore process was completed normally.
19 To return to the Main Menu, press Esc as required.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
65
Manual
99a
38
July 17, 2001
The Esc key allows you to exit SBCON one screen at a time until you
reach the Main Menu. If you want to exit SBCON, answer the
confirmation prompt.
NOTE: To unload SBCON and applicable Target Service Agents, see Unloading
SBCON on page 47.
Customizing Restore
Using the Advanced Restore Options form at the server, you can perform a
custom restore of the database you need.

3 Select Rename Data Sets to restore data to a location different from the
backup location.
4 At the Restore Datasets to a Different Location screen, do the following:
4a Press Insert to select the namespace type.
4b Enter the source path (where the data originally was backed up
from).
4c Enter the destination path you want the data restored to, in the entry
box.
Both the source and destination paths must include the volume names (for
network server) or the hard disk drive letter (for example, C:\) for
workstations.
IMPORTANT: When you specify a particular portion of the file structure as the
source location, it does not necessarily mean that this will be the only data
restored. What is restored can be influenced by the include and exclude settings
on the Subsets of What You Want to Restore form. If you do not want to overwrite
any subdirectories that might exist in the area you have included, you must
specifically exclude them by their full path.
5 Select Subsets of What to Restore.
Use this screen to specify which parts of the file structure you want to
restore. Various data sets to be included or excluded are listed in this
form. You can include or exclude any or all items listed. For more
information about including and excluding items, see Exclude and
Include Options on page 17.
66

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The screen lists major and minor resources. Default indicates that none of
that type of subset has been specified.
6 To specify a subset, do the following:
6a Select any item on the screen.
6b Edit the Include or Exclude screens using Insert and Enter.
6c Press Esc to save changes.
6d To view a list of values associated with major TSA resources (for
example, server or volumes) select either the include or exclude line.

The Selection List Options form appears. Any value you previously
selected is shown on the form. If you did not select a value, the form
is blank.
6e To select a value for this major resource, press Insert and select the
value from the list that appears by pressing Enter.

7 Select Open Mode Options and select parts of the backed up data
structure to be restored.
The backed-up data set contains various types of data that are listed on the
screen. By default, all the types of data are included in the restore.
7a To exclude a particular type of data from the restore, select that line
and type Y.
7b When all the data items are selected correctly, press Esc.
8 Specify whether to overwrite the existing parent by typing Y (Yes) or N
(No).
For more information, see Overwriting a Parent or Child on page 20.
9 Specify whether to overwrite the existing child by typing Y (Yes) or N
(No).
10 Specify the execution time.
11 Select Scheduling to reschedule the job.
12 Press Esc as required and then select Yes to confirm the Submit Job?
prompt.
The job is submitted and is listed in the Current Job List menu.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
67
Manual
99a
38
July 17, 2001
Restoring Data from a Workstation

When you restore data, you are copying your backed up data to a server or
workstation.
1 Run NWBACK32.

You can run the NWBACK32 program (NWBACK32.EXE) from
SYS:PUBLIC.
2 At the Quick Access window, click Restore.
3 Click What you Want to Restore.
3a Double-click What to Restore.
3b Select the context.
3c Double-click Queues and select the queue.
3d Double-click Servers and select a server.
3e Double-click Devices and select a device.
3f Double-click the device to view the media list.
3g Select a medium.
4 Click where you want the restored data to go.
4a Double-click Where to Restore.
4b Select eDirectory, NetWare Servers, or Workstations.
4c Click the server to which you want to restore your data.
4d Enter your username and password to authenticate to the server.
4e Click OK.
5 Submit the restore job by clicking Restore > Submit the Job on the
toolbar.
6 (Optional) Click Next to display more information about the restore.
68

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Restoring eDirectory
The procedures in the following sections are performed at the beginning of the
restore process.
Restoring a Volume Other Than SYS: on page 69
Restoring Volume SYS: in a Single-Server Network on page 69
Restoring Volume SYS: in a Multiple-Server Network on page 70
Restoring the Entire eDirectory Tree Structure on page 72
Restoring a Volume Other Than SYS:
WARNING: Do not delete the Volume object for the failed volume from the
eDirectory tree structure. The Volume object preserves any references that other
objects (such as Directory Map and Queue objects) might have to that volume. If
the Volume object is deleted and you have objects that depend on this volume, you
must re-establish the relationships through a selective eDirectory restore. See
Custom eDirectory Restore on page 73.
1 Bring down the server.

2 Correct the problem.
3 Bring the server back up and re-create the volume.
4 Perform an advanced file system restore.
See Customizing Restore on page 66 for the procedure.

Restoring Volume SYS: in a Single-Server Network
eDirectory information from a replica. After repairing or replacing the failed
hardware, you must restore the entire NetWare environment, including
eDirectory, from an SMS backup.
To restore a single SYS: volume, do the following.
1 Correct the problem that caused volume SYS: to fail.
2 Reinstall NetWare and eDirectory.
When NWCONFIG asks for the names for Organization objects

immediately under the [Root] object, use the same names that existed
before in the eDirectory tree. Otherwise you will end up with new, empty
containers in the restored eDirectory tree structure.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
69
Manual
99a
38
July 17, 2001
Make sure disk partitions are at least as large as they were before, and that
the volumes are defined as before.
3 Restore eDirectory using Customizing Restore on page 66.
Restoring Volume SYS: in a Multiple-Server Network
To restore SYS: volumes on several servers, do the following.

1 Restore the server-specific eDirectory information file
(SERVDATA.NDS) to another server on the network following the

custom (advanced) file system restore (see Customizing Restore on
page 66).
By default, the file is placed into the SYS:SYSTEM\server_name
directory on the server you have selected.
2 Use the DSMISC.LOG file (part of the information restored with the
server specific information) to see if the failed server had a master replica
of any partition.
3 If the failed server had a master replica of any partition, select the server
you want to hold the master replica and load DSREPAIR on that machine.
3a Select Available Options > Advanced Options Menu.
3b Select Replica and Partition Operations.
NOTE: Use the NDS Manager utility to perform regular partition operations.
3c Select the partition you want to edit.

3d To see the list of servers that have replicas of that partition, select
View Replica Ring.

3e Press Esc.
3f Select Designate This Server as the New Master Replica.
3g Repeat Steps 3a through 3f for each master replica that the failed
server contained.
4 (Conditional) If the failed server contained any replicas, remove them.
4a Select Available Options > Advanced Options > Replica and
Partition Operations.
4b Select the partition the server held replicas of.
4c Select View Replica Ring.
4d Select the name of the failed server.
70

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
4e Select Remove This Server from the Replica Ring.

4f Enter the supervisor name and password.
4g Select Yes to continue.
5 Exit DSREPAIR.
6 Reinstall NetWare.
6a Begin the installation.
6b When prompted for DS install, select Create a New DS Tree and
complete the installation.

6c Load NWConfig and remove DS.
6d Install DS, when prompted for DS install and select Install into an
Existing Tree.
6e When prompted to choose a eDirectory tree structure, press F5.
This allows you to choose to restore the SERVDATA.NDS file to the

failed server.
6f To specify the path where the SERVDATA.NDS file exists, press F3
and enter the path.

HINT: If the information fits on a diskette, you can save the information on a
diskette instead of another server on the network.
6g Press Enter to accept the path.

6h Log in to the server that contains the SERVDATA.NDS file.
6i Log in to the eDirectory database.
6j If the START.NCF file of the failed server is different from the
default, you can edit the default file.

6k You now can choose from the following:
To continue the install and not copy the files from install, but use
the backup tapes to finish restoring the information, press Enter.
To go back to the previous screen, press Esc.
To copy the files from install and then restore the files from tape,
press F3.
7 Restore the file system using Restoring Data on page 62.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
71
Manual
99a
38
July 17, 2001
Restoring the Entire eDirectory Tree Structure
To restore an entire network from a full backup in a multiple-server

environment, do the following:
1 Reinstall NetWare on the first server.
By default, this server will hold the master replica of the [Root] partition.
When NWCONFIG asks for the names of Organization objects
before in the eDirectory tree.
In NWCONFIG, select Directory Options > Directory backup and restore
options to obtain the information.
Otherwise you will end up with new empty containers in the restored
eDirectory tree.
When this installation is complete, you will have a working eDirectory
tree containing one NetWare server with a master [Root] partition.
2 Add name spaces as required.
3 Install the remaining servers to complete a skeleton of your network.
Before restoring a full eDirectory session, you should create a skeleton of

your network.
All servers and volumes should be up and running.
The eDirectory objects should exist in the eDirectory tree in the same
context as before. (NWCONFIG prompts you for the container in
which you want each server to be placed.)
Make sure all servers are communicating with one another.
Make sure time synchronization is working properly.
NOTE: If you can get some, but not all of the servers backed up, you can still
proceed with the restoration. However, you might see errors and experience
problems due to eDirectory objects having dependencies that cannot be resolved.
The User object (Admin or equivalent) used to create the backup session
must exist in the same container with the same password and eDirectory
rights as when the backup was performed.
Once this step is completed, you still have just one partition: [Root].
Because of the NWCONFIG program defaults, you now have two
replicas of that partition. These are stored on the second and third servers
you installed.
4 Restore eDirectory on one server using Restoring Data on page 62.
72

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
eDirectory Restore Session Types

You can choose to restore eDirectory in one of the following ways:
Single Server or an Entire Tree Restore on page 73
Custom eDirectory Restore on page 73
Custom File System Restore on page 74
Server-Specific Information Restore on page 76
Single File or Directory Restore on page 76
Single Server or an Entire Tree Restore
1 Restore the entire eDirectory session from your SMS backup.
You will have no session file to work from at this point. Choose the option
to restore without session files.
2 Continue through Step 15 on page 65 to Step 19 on page 65 to restore
eDirectory.
Custom eDirectory Restore
To perform a custom eDirectory restore, do the following.

1 Enter SBCON at the server console prompt.
2 Select Job Administration.
3 Select Restore Options > Advanced Restore Options > Subsets of What
to Restore.
4 To specify a subset, do the following.
4b Edit the Include or Exclude screen using Insert and Enter.
4c Press Esc to save your changes.
5 Specify whether or not to overwrite the existing parent or child.
A parent is a container. A child is an object, which is the lowest level of

If you want to overwrite the parent or child that exists on the hard disk,
regardless of whether the existing version or the backed-up version has
the latest date, accept YES for parent, child, or both.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
73
Manual
99a
38
July 17, 2001
If you do not want to overwrite the parent or child that exists on the hard
disk, regardless of whether the existing version or the backed-up version
has the latest date, select the option (parent or child or both), and enter N.
6 Continue through Step 14 on page 65 to Step 19 on page 65.
Custom File System Restore
To perform a custom file system restore, do the following.

2 Select Job Administration > Restore Options > Advanced Restore
Options > Subsets of What to Restore.

The screen lists major and minor resources. The word DEFAULT
indicates that none of that type of subset has been specified.
4 (Conditional) If you want to exclude certain types of data from the restore
session, select Job Administration > Restore Options > Advanced Restore
Options > Open Mode Options, and then edit the form.
The backed-up data set contains the various types of data items listed on
the screen. By default, all types of data items are included in the restore.
If you want to exclude any item, select it and enter Y. Press Esc when you
are finished editing the form.
5 (Optional) Restore data to a different workstation or location on a
different NetWare server.

5a Back up the data from the server where it resides.
5b Exit to the Main Menu.
5c Select Change Target to Back Up From or Restore To screen from
the Main Menu.

See Changing Your Target on page 61.
6 (Optional) Restore data to a different workstation or location within the
backed-up server's file system structure.
74

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Follow these important rules about restoring to a new location:
When you specify a particular portion of the file system structure as

the source location, it does not necessarily mean that this will be the
only data restored. You can influence what is restored by using the
Include and Exclude options on the Choose Subsets Of What You're
Restoring screen (Job Administration > Restore Options > Advanced
Restore Options > Subsets of What to Restore).
You can restore only to a new location in the name space that is
supported by the drive you are restoring to.
OS/2 workstation onlyOn an HPFS drive you can rename only in

the OS/2 name space, and on a FAT file system you can rename only
in the DOS name space. However, SBCON displays both names
spaces in the log file even though only one is valid.
If you do not want to overwrite any subdirectories that might exist in

the area you have included, you must specifically exclude them by
their full path.
6a Go to Subsets of what you want to restore, press Enter, and then
Insert, select the name space you want, and enter the name you used
for your backup at the Enter the Data Set Name field.
6b Enter the full directory path of the source including the volume
name.
6c Enter the full directory path to the new destination.
6d Press Esc to save your changes.
NOTE: The eDirectory Target Service Agent (TSANDS) does not support
restoration of data to a different location.
7 Specify whether to overwrite the existing parent or child.
A parent might be a server, a volume, or a directory. A child is a file,

which is the lowest level of the file system structure.
the latest date, accept YES for parent or child or both.
If you don't want to overwrite the parent or child that exists on the hard
has the latest date, select the option (parent or child or both), enter N.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
75
Manual
99a
38
July 17, 2001
If you want to overwrite the child that exists on the hard disk only if the
date of the backed-up copy on the media is later than the date of the copy
on the hard disk, select Overwrite Existing Child and select the option.
Server-Specific Information Restore
To view and restore server information, do the following.

1 Select Main Menu > Job Administration > Restore Options > Advanced
Options > Subsets of What to Restore > Include Major TSA Resources.
The Selection List Options screen appears and is empty.
2 Press Enter to see the Selection List Options. Press Insert to see the server
specific information.
3 Select the Server-Specific Info and press Enter.
Esc returns you to the Selection List Options.

This will return you to the Choose Subset of the Session to be Restored
screen.
4 Complete the form and press Esc.
This will return you to the Restore Options screen.

5 Complete the Restore Options form and press Esc.
The server-specific information will be restored to the

SYS:SYSTEM\failed_server_name directory of the server on which you
are running SBCON.
Single File or Directory Restore

2 Enter the full path and name of the file or directory, including full
directory and volume names.

The following options appear:
Include/Exclude directories (full path)
Include/Exclude files
Include/Exclude path/files
76

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
3 Press Insert and enter the name space for the name space format you used
when entering the file or directory name.

The name space allows SBCON to correctly interpret the path
information entered earlier in this menu in either the directory field or the
location field.
IMPORTANT: If files are restored to a new location, the name spaces must be the
same or an error message will occur.
You can restore to a new location only in the name space that is supported
by the drive to which you are restoring.
The supported name spaces are DOS, FTAM, Macintosh, NFS, and long.
SBCON provides a list of the name spaces currently loaded on the target
to which you are restoring.
For example, if you are restoring to a new Macintosh location, enter a
path, (for example, SYS::test:monday) and then enter Macintosh
as your name space.
4 (Optional) Restore to a new location (located in Rename Data Sets).
4a Enter the source path, including the volume name, to the target
directory (a location different from where the data was backed up).
Enter Volume:/directory/directory
4b If the new location you are restoring to is a different NetWare server,
do the following:
1. Back up the data from the server where it resides.
2. Exit to the Main Menu.
3. Change your target to the server you want to restore the data to.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
77
Manual
99a
38
July 17, 2001
Completing the eDirectory Restore

If you restored the eDirectory database to volume SYS:, you should complete
the restoration for the following to make sure the eDirectory database is
working properly:
Volume Other than SYS:
To finish restoring eDirectory on a volume other than SYS:, do the following.

1 Bring the server up.
2 (Optional) Verify proper restoration of the data, trustee assignments, file
ownership, and other related information by spot-checking some of the

restored directories and files.
To finish restoring eDirectory on a server, do the following.

1 Restore the full file system following Restoring Data on page 62.

To finish restoring eDirectory on multiple servers, do the following.

1 Restore replicas to the server.
The DSMISC.LOG file, which is created when the SERVDATA.NDS is

restored, contains the partition and replica information that resided on the
failed server at the time of the backup. This will show you what replicas
were on the server when it failed.

Commands that might be helpful include RIGHTS /T /S (displays users,
groups and other objects that have explicit trustee assignments in a
directory and its subdirectories) and NDIR (displays owners and other
NetWare file information).
78

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Entire Tree
To finish restoring eDirectory on the tree, do the following.

1 Restore the file system information to each server following Restoring
Data on page 62.

2 Re-create partitions and replicas.

Partial eDirectory Restores
Certain conditions might arise in special cases involving the backup and
restoration of eDirectory information.
The SMS TSA software allows you to do selective restores from the backup
media. However, partial restoration of eDirectory from a backup can have
many subtle consequences, particularly when only a single object or a selected
group of objects is restored.
For partial eDirectory restores, keep these two main issues in mind:
Object ID numbersIf you restore objects that no longer exist in the
eDirectory tree, those objects receive new ID numbers when restored.
New object IDs affect file system trustees, print queue directories, user
mail directories, etc.
If you restore objects on top of objects that exist in the eDirectory tree,
the objects do not receive new ID numbers. These objects' current
attribute and property information is overwritten with previous
information from the SMS backup.
Objects that depend on other objectsIn the eDirectory schema,
objects are defined to have certain attributes. Some of these attributes are
mandatory (meaning they must contain a value); others are optional.
For some eDirectory objects, the value for a particular attribute is a
reference to another object upon which the object depends. For example,
Queue object has a Queue Directory attribute that contains the file system
path to the queue directory. It also has a Host Server attribute that
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
79
Manual
99a
38
July 17, 2001
identifies the file server on which the queue directory resides. This
information is used to determine the physical location of the resource.
The specifics of restoring objects vary depending on what type of object
is involved and whether the object's dependencies are physical entities
(servers and volumes) or logical entities.
In some cases, you can simply restore an object and everything will work
fine. In other cases, an object might be restored but not be functional
unless you first restore its dependent objects.

Restore of cluster-enabled pools is similar to a normal restore session.
See Restoring Data on page 62.
supported.
80

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Managing
After you install and load SBCON, you can manage your jobs, data, devices,
reports, and so on either from the server or workstation. Though the screens
might look different, you can perform the same tasks in each interface.
Be sure to read Prerequisites for SBCON Tasks on page 81 before
performing any tasks in this section.
Administering Jobs on page 82
Storage Devices on page 86
Erasing or Retaining Media on page 90
Spanning Storage Media on page 92
Log and Error Files on page 93
Creating Session Files on page 98
Verifying Backup Data on page 99
Prerequisites for SBCON Tasks

Before you can manage any backup tasks, ensure the following:
Drivers for your specific device and controller board are loaded.
SBCON files for your specific target are loaded.
The media is inserted into your storage device.
You can see the SBCON Main Menu on your server console or the Quick
Access window on your Windows 95, 98, 2000 or Windows NT
workstation.
Managing

103-000134-001
August 29, 2001
Novell Confidential
81
Manual
99a
38
July 17, 2001
Jobs
The backup or restore jobs created by you can be administered anytime. You
can delete, hold, reschedule, abort, or enable a job.
Administering Jobs
Jobs can be managed either from the server or from the workstation.
From the Server
On the SBCON Main Menu at the server, the Current Job List option gives you
a job management facility where you can delete a job, hold a job, or enable it
if it has been disabled after a job failure. You can even monitor the status of
the backup/restore jobs you have submitted.
Current Job List provides the following information about all jobs submitted.
The name of the server from which the job was submitted. If you
initiated the job from the client, locate the workstation name. See
Viewing the Job Queue on page 83.
The job name that you entered on the Backup Options form. The job
name can be renamed using the Job Details screen if you are rescheduling
it to run another time and you want to change the name. See Viewing Job
Details on page 84.
The Hold status. If you want to prevent a prescheduled job from
execution, you can put it on Hold. See Postponing a Job on page 85.
The job status, whether it finished the execution of the request, or if
it was submitted for execution at a later time. Other statuses are: active
currently, could not run, processing, failed, and success. The log of each
of these status reports can be viewed using the log and error reporting. For
more details see Log and Error Files on page 93.
From a Workstation
From Job Administration at the Quick Access window of a Windows

workstation or at the toolbar, you can access the current list of jobs. If you
select a job, you can see the properties, which include the following:
General properties contains fields for the Job Name, Job Type,
Submitted By, Entry Open, and Serviced By. These fields are the same as
the Job Details screen at the server.
Static properties contains fields for the Job Status, Job Submitted At,
Execution Time, and Job's Rescheduled Count.
82

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Dynamic properties contains data that indicates how much data has been
backed up along with the filenames. This dialog box appears when a job
is running and SBSC is loaded on the server.
Enable job allows you to start a job that has been disabled.
Delete the job allows you to remove a job.
Start/Hold the job allows you to start a job that is in the hold state or
place it on hold if it is not in a hold state.
Reschedule options contains fields for changing the backup schedule.
Abort cancels an active job.
Viewing the Job Queue on page 83
Viewing Job Details on page 84
Postponing a Job on page 85
Viewing the Job Queue
You can view the job queue from the server or a workstation.
From the Server
1 Select Main Menu > Job Administration > Current Job List.
The Queue Jobs screen displays a list of all jobs, showing each job name,
hold status, status of the job, and name of the server from where the job
was submitted.
From a Workstation
1 At the Quick Access window, click Job Administration
2 Double-click the context of the queue location.
3 Double-click Queues.
A list of jobs appears.

4 (Optional) Select a job from the list > right-click and then click Dynamic
Properties to view the dynamic properties of the job.

You can also view the properties using the toolbar. Click Job
Administration > Properties.
Managing

103-000134-001
August 29, 2001
Novell Confidential
83
Manual
99a
38
July 17, 2001
Viewing Job Details
This screen gives you all the details of the job you submitted including job
name, the time the job was submitted, and the time the job should be executed.
You can also schedule the job to run at a predefined time again after its
execution.
You can view job details from the server or a workstation.
From the Server
2 Select one of the jobs listed and press Enter.
The Job Details screen appears displaying the following information:
84
Job NameA descriptive name of the job for your identification.

You can change the name if you want to reschedule the job and run
it again.
Disabled Indicates whether the job is disabled. If it is, this field

displays Yes; if enabled, it displays No. Updates to this field depend
on the job status. If the job status is Could Not Finish, the
message is Yes. You can perform the required troubleshooting and
change this field to No, subsequently allowing the job to execute.
After completion of the job, the Disabled field indicates Yes.
Submitted ByThe name of the server where you have submitted

the job. If you submitted the job from a client, it displays the name of
the workstation and is the same as the Owner in the Queue Jobs
screen.
Submitted atThe date and time the job was submitted. The
execution time could be different depending upon the specifications
you defined in Execution Time and Scheduling Options in the same
screen.
Entry OpenThe status is Yes when the job is active and No when
it is inactive. This is one of the fields that is updated automatically.
Execution TimeAn option to give the time and date when you
want the job to run. It is the same as the Execution Time in the
Advanced Backup Options form.

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Serviced ByThis indicates the name of the server where the job is
to be executed. From a single server, you can submit jobs to various
servers. This field indicates which job is serviced by which server.
This field is active only when the job is active; otherwise, it indicates
None.
Scheduling OptionsYou can schedule the same job to run at

another time. For information, see Customizing Backup on page
53.
Session ReportPress Enter at this field to view the session log

report or the session error report for the particular session you
selected. The same information can be seen in the Error Log File
where it gives a log of all the jobs. For information, see Viewing a
Log File on page 93.
From a Workstation
1 At the Quick Access window, click Job Administration.
2 Double-click the context.
4 Select the job from the list.
5 Right-click the job and then Dynamic Properties to view the dynamic
properties of the job.

(Optional) You can view the properties using the toolbar. Click Job
Postponing a Job
This task lets you to place a job on hold from either the server or a workstation.
From the Server
The Queue Jobs screen appears with a list of jobs.

2 Select a job and press Tab.
The job is on hold if Hold is displayed in the column. If no status is

displayed, it is ready for execution at the time you configured it. Press Tab
to toggle holding a job.
Managing

103-000134-001
August 29, 2001
Novell Confidential
85
Manual
99a
38
July 17, 2001
From a Workstation
4 Select the job to place on hold.
5 Right-click the job and then click Start/Hold the Job.
(Optional) You can also hold the job using the toolbar. Click Job
Administration > Start/Hold the Job.
Storage Devices
The Storage Device Administration option of the SBCON Main Menu at the
server or the Device Administration button at a Windows workstation lists the
devices and the media you can access.
You can perform the following administrative tasks:
Checking the Device Status on page 86
Changing the Device Label on page 87
Viewing the Media List on page 88
SBCON supports autoloader, which holds multiple media within a magazine.
Every magazine has slot numbers given by the manufacturer and each slot
holds a single medium. This is extremely useful when you are backing up a
large server. If one medium is fully written, the SME automatically writes to
the other available media.
IMPORTANT: Any media under a device becomes inaccessible if a job is running
on it because it is reserved by the engine. Any job scheduled to be executed at that

instance will fail.
Checking the Device Status
The Device Status screen displays information about the current status of a
device, such as read, write, and format from the server or workstation. It also
gives information on the storage capacity.
86

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
From the Server

1 Select Main Menu > Storage Device Administration.
2 Select a device and press Insert.
3 Select Utilities > Device Status.
The Device Status screen is displayed listing the following information:
Current OperationIndicates whether the device is currently

reading, writing, formatting the media, or none of these.
Device ModeIndicates whether the device is selected for reading,

writing, or both.
Maximum CapacityIndicates the total storage capacity of the

media currently present in the device.
4 Press Esc when you are finished to return to the Main Menu.
From a Workstation
1 At the Quick Access window, click Device Administration.
4 Double-click the preferred queue.
5 Double-click Servers.
6 Double-click the preferred server.
7 Double-click Devices.
8 Right-click the device and then click Properties to view the Device Label
or Device Type.
(Optional) You can also view the properties using the toolbar. Click
Device Administration > Properties.
Changing the Device Label
The default names for storage devices are controlled by the device
manufacturers. These names are often not descriptive, so you change the name
of the device during multiple backup sessions. However, this change is
temporary, and it is lost after a reboot. If you have several devices, it might be
difficult to remember which name goes with which device. For this reason,
renaming storage devices is helpful.
Managing

103-000134-001
August 29, 2001
Novell Confidential
87
Manual
99a
38
July 17, 2001
You can change a device label from the server or a workstation.

From the Server
2 Select a device name and press Insert.
3 Select Utilities > Change the Device Label.
4 Enter the new name in the field.
5 Press Esc as required to return to the Main Menu.
From a Workstation
8 Right-click the device to change.
9 Click Properties > Device Label.
10 Change the name in the Device Label field.
11 Click OK.
Viewing the Media List
This task allows you to view your list of devices from the server or a
workstation.
88

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
From the Server

A list of devices is displayed.

If no device is displayed in the list, run LIST DEVICES at the server
prompt.
2 Select a device name and press Enter.
The List of Media screen appears displaying the following information:
SlotThe slot number given by the manufacturer.
Media nameThe name of the media, which can be changed using

the Utilities menu. See Erasing or Retaining Media on page 90.
NumberThe sequential number of the media (tape) in a particular

backup set. SBCON automatically labels and appends an
incremental number to any backup session that spans multiple media.
HINT: It takes a lot of time to display the media in an Autoloader. However, once
the media list is displayed, press Tab to access it. This will not rescan the device
for new media. Press Enter only when you remove or add media.
From a Workstation
8 Right-click the preferred device.
9 View the media list.
Managing

103-000134-001
August 29, 2001
Novell Confidential
89
Manual
99a
38
July 17, 2001
Erasing or Retaining Media
This task erases media headers, erases all data on the media, or retentions
media in tape devices.
The following table describes all media options.
Option
Explanation
Change the Media Label
This is permanent. Blank media (tape) does not have a label. Before
submitting a job to the media, you need to label it.
Erase the Media
This option erases the tape completely. It might take up to two hours,
depending on the size of the media.
Erase the Media Header
This is a quick method of making the media appear blank. Although it

is less secure than erasing all the data, this method is quick and
effective.
Media Status
This option lets you view the status of the media.
Move the Media
This option moves the media from one slot of an autoloader to another
slot. It is not a valid operation on a single media device.
Retention of Media
This option is for tape devices that allow retention (for example, 0.25inch cartridges). This rewinds the tape, which might resolve a problem
reading the tape. An error appears if the driver does not support this
method on the device.
From the Server


2 Select one device from the list.
3 Select one media and press Insert.
4 Select Utilities > Erase the Media [or] Retention of Media.
From a Workstation
90

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
8 Right-click the media > click Erase Media [or] Retension.
(Optional) You can also use the toolbar. Click Device Administration >
Media > Erase Media [or] Retension.
Checking the Media Status in a Device
This task lets you check the status of a particular media type from either the
server or a workstation.
From the Server
4 Select Utilities > Media Status.
A screen is displayed listing the following information:
Number in Media SetThe sequential number of the media within

a particular media set.
SBCON automatically labels and appends an incremental number to
any backup sessions that span multiple media.
Creation timeThe time the current media label was first used on
this media.
Mount statusWhether the media is Mounted (ready for reading or

writing). There are two status messages:
Mount Pending: The request to mount is waiting to be processed.
Not Mounted: The media not ready to access.
Managing

103-000134-001
August 29, 2001
Novell Confidential
91
Manual
99a
38
July 17, 2001
Media modeWhether the media is selected for reading, writing or

both, or whether the mount request is pending.
Media typeThe type of media in the device, such as 4mm DDS

(Digital Data Storage) tape, or 8mm tape.
Total capacityThe total capacity of the media, if known.

Sometimes it is not displayed, depending on the media manager.
The type of media manager controls the display of the total capacity
of the media.
From a Workstation
1 Click Device Administration at the Quick Access window.
8 Right-click the preferred media > Properties > Media Status.
Spanning Storage Media

If the storage media you are using does not have enough space for the entire
backup, SBCON will span the media, prompting you to insert additional
media when the first medium is full.
HINT: Always have extra media on hand in case the backup session spans more
than one medium.
SBCON designates the first media as label #1 and increments any subsequent
medium with the same label.
WARNING: To help safeguard your network, SBCON disconnects from the target
when a delayed backup is complete. If the delayed backup session cannot fit on
the media, SBCON prompts you to insert additional media. If additional media are
not inserted, the backup does not finish and SBCON does not disconnect, thereby
compromising security.
92

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Log and Error Files

SBCON keeps a list of all the log and error files, which show specific
information about the backup and restore session. See Session Files on page
37 for more information.
You can manage these files as follows:
View information contained in the log and error files.
See Viewing a Log File on page 93 and Viewing an Error File on
page 94 for information.
Create these files.
See Creating Log and Error Files on page 96 for information.
Change the location of these files.
See Setting the Location of Backup Log and Error Files on page 96 for
information.
Delete these files.
See Deleting the Log Files on page 97 for information.
Viewing a Log File
This task lets allows you to view your log file for backup and restore
information from either the server or a workstation. The log file is created on
the host server the first time data is backed up or restored and contains details
about the session.
From the Server
1 From the SBCON Main Menu, select Log File Administration > View a
Log File.
2 If necessary, set the location of the log and error files for a backup session.
(This option is not supported for a restore session.)

To set the location, use one or more of the following methods:
Press Enter to accept the default location, and then go to Step 3 on

page 94.
Press Insert to select from a list of network directories, select a

directory, and then press Esc to return to the previous window, and
then go to Step 3 on page 95.
Managing

103-000134-001
August 29, 2001
Novell Confidential
93
Manual
99a
38
July 17, 2001
To change the directory, delete the existing directory path and type a
new one, and then go to Step 3 on page 94.
You can also press Insert during this process to select existing parts
of the path from a list.
The backup log displays all supported name space types. The DOS name
space is the first in the group. A right-angle bracket (>) appears next to
the file creator's name space type.
If you have linked UNIX files, SBCON retains both symbolic and hard
links created under the NFS name space type, but links are not listed in
the backup log. Restoring the original file restores associated links.
3 To return to the Main Menu, press Enter and then Esc.
reach the Main Menu. If you want to exit SBCON, press Esc again and
answer the confirmation prompt.
From a Workstation
1 At the Quick Access window, click Reports
6 Right-click the preferred server.
7 Select Session Report.
The server displays where the report is located.

Viewing an Error File
An error file records any errors that occurred during the backup or restore
session. (See Session Files on page 37.) It can be viewed from the server or
a workstation.
94

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
From the Server

1 From the SBCON Main Menu, select Log File Administration > View an
Error File.


page 95.
Press Insert to choose from a list of network directories, choose a

directory, press Esc to exit and then go to Step 3 on page 95.
Restore errors are appended to a session's backup error file. A Restore

Session Begins message marks the beginning of the restore errors,
if any exist.
If you linked UNIX files, symbolic and hard links created under the NFS
name space type might not be restored if the pathname is not recognized.
When this happens, the error file contains messages similar to the
following:
Error restoring namespace specific information of
XXXX:tmp/hosts in NFS namespace, error 0x7!
Unable to allocate directory handle for XXXX:tmp/test!
3 When you are finished viewing the file, press Esc.

respond at the confirmation prompt.
From a Workstation
1 At the Quick Access window, click Reports.
Managing

103-000134-001
August 29, 2001
Novell Confidential
95
Manual
99a
38
July 17, 2001

7 Select Error Report.
Creating Log and Error Files
If you do not know what is on the media, or you have lost or deleted the log
and error files, you can re-create them.
To create a log or error file, see Creating Session Files on page 98.
Setting the Location of Backup Log and Error Files
Every time you do a backup, you are required to set a location (or directory
path) for the log and error files. The restore log and error files are always
located in the directory, SYS:SYSTEM/TSA/RESTORE.
You can set the location when requested in the backup procedures, or you can
use the following method prior to beginning the backup procedures.
1 From the SBCON Main Menu, select Log File Administration > Set
Location of Log and Error Files.

2 Set the location using one or more of the following methods:
Press Enter to accept the default location, and then press Esc to return
to the Main Menu.

directory, and press Esc twice to return to the Main Menu.
a new directory or path, press Enter, and then press Esc to return to
the Main Menu.
3 Press Esc when finished to return to the Main Menu.
96

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Deleting the Log Files
SBCON allows you to overwrite sessions and reuse storage media.

When you delete the log file for a session using the following procedure, you
automatically delete the corresponding error file as well.
To prevent outdated session information from taking up disk space and to help
prevent confusion when you select sessions to view or restore, delete the
session log files for any session that has been overwritten.
NOTE: You cannot delete log and error files at the workstation.
To delete the log and error files from the server, do the following.
Log File.
2 If you have not set the location of log and error files, do so now using one
or more of the following methods:

page 97.
Press Insert to select from a list of directories, select a directory, press

Esc to return to the previous window, and then go to Step 3 on page
97.
a new directory or path, and then go to Step 3 on page 97.
You can also press Insert during this process to select existing parts of the
path from a list.
3 Select the description of the session that you have overwritten (or plan to
overwrite) and press Delete.

A confirmation prompt is displayed.
4 To delete the log and error file for that session, click Yes.
Managing

103-000134-001
August 29, 2001
Novell Confidential
97
Manual
99a
38
July 17, 2001
Creating Session Files
and error files, you can re-create them from either the server or a workstation.
From the Server
1 From the SBCON Main Menu, select Job Administration > Create
Session File.
The Session Files Options screen appears.
2 Enter a descriptive name.
3 Select the media you will be using.
If you have only one loaded, press Enter to accept the default.
4 To verify the media, press Enter.
SBCON reads the media and shows you the selected session.
5 Confirm the creation of the session files.
If the session selected is the session you want for log and error file
creation, click Yes, Create Files for This Session.
If the session selected is not the session you want for log and error file
creation, click No, Go to the Next Session.
If you elect to create session files, they will be created in the location you
chose.
From a Workstation
1 At the Quick Access window, click Create Session.
4 Select the preferred queue.
6 Select the preferred server.
8 Select the preferred device.
98

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
9 Select the preferred media.

10 Right-click the job and select Submit the Job.
11 Check the appropriate fields in the Submission of Job dialog box.
Verifying Backup Data
This option allows you to check the data on the media from either the server
or a workstation to make sure it has been backed up properly, and to check
later that the data is valid and can be restored.
You can verify the backup data in two ways:
If you know what sessions are on the media and you have the log and error
files, you can select the session from the list.
If you do not know what sessions are on the media, and if you are not sure
the log and error files still exist, you should create the session files.
From the Server
1 Select Main Menu > Job Administration > Verify
The Verify Options screen appears.

2 Enter a descriptive name for the verify job.
3 Select the device and media of the job.
You can also manually enter this in the form device name.media name.
4 Press Enter in the Session to Restore field.
A list of all backup sessions is displayed in the Select a Session screen.

5 Select a session from the list.
6 Submit the job after confirming the Submit Job? prompt.
7 Select Job Administration > Current Job List.
8 Select the job you have submitted.
If there were no problems with the verification or the data, the Run Time
Status screen displays the following message:
The verification process was completed normally.
Managing

103-000134-001
August 29, 2001
Novell Confidential
99
Manual
99a
38
July 17, 2001
From a Workstation
1 At the Quick Access window, click Verify.
2 Double-click the context if necessary.
8 Double-click the preferred device.
9 Right-click the preferred media.
10 Select Submit the Job.
11 In the Submission of Job dialog box, click the session.
12 Click Finish.
100 Storage Management Services Administration Guide

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Optimizing
This chapter discusses the following topics:
Whether you should compress your files before backup. See
Compressed Files on page 101.
How to increase speed when backing up your files. See Host Server
Performance on page 102.
How to enhance or optimize server performance. See Setting Minimum
Packet Receive Buffers on page 103.
How to synchronize memory between your media and your server. See
Setting Reserved Buffers Below 16 MB on page 103.
Compressed Files
WARNING: SBCON and file compression should not be run simultaneously.
Because the default time for both delayed SBCON sessions and compression is
midnight of the current day, change one of these defaults to another time
immediately.
If you want to perform a delayed backup that includes files flagged for
compression, schedule the delayed backup after the compression time to allow
time for the compression to be completed.
When a NetWare 6 volume is mounted, file compression is set to On by

default. When you perform a backup, you can specify whether to keep already
compressed files in a compressed state for the backup, or back them up in a
decompressed state.
Optimizing 101

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
To help you make a decision about whether to compress or decompress your

backed up data, follow these guidelines:
Backups are faster if files already compressed are left compressed.
Compression is not supported in some environments (such as a NetWare
3.11 server, a DOS workstation, or Novell Storage ServicesTM). If you
intend to restore a file that is currently compressed to an environment that
does not support compression, back it up in a decompressed state.
The SBCON utility has no compression feature, so it cannot compress a
file that is currently decompressed.
If volume compression is turned on and you back up compressed files in
a decompressed state, restore speed is degraded if you overwrite existing
files.
To improve restore speed, delete the files you no longer want from the
hard disk before restoring them from the backup media. If you back up
compressed files in a compressed state, restore speed is not affected.
You might run out of disk space if you restore decompressed files to a
volume that compresses files.
Host Server Performance

The speed of the SBCON utility depends upon the configuration of the host
server and whether the server is backing up its own data or that of another
server or workstation.
For information on server configuration and setting parameters, see
Communications Parameters and File Caching Parameters under SET in
NetWare Utilities Reference.
A server backing up its own data runs about twice as fast as a server backing
up data from another server.
This section includes four options using LOAD and SET commands that can
enhance your host server's performance.

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Setting Minimum Packet Receive Buffers
Packet receive buffers represent the space in the server memory dedicated to
handling network traffic. If the buffers are set too low, the server performance
may be degraded.
To reset the packet receive buffers at the server console prompt, include the
following SET command in the STARTUP.NCF file:
SET MINIMUM PACKET RECEIVE BUFFERS = X
The x represents the number of buffers. Set two buffers for each user on the
system. The minimum is 10. The changes will take effect immediately.
Setting Reserved Buffers Below 16 MB
If your storage device driver requires memory below 16 MB and the server has
more than 16 MB available to it, you must reserve memory below 16 MB for
the driver.
To change the reserve memory at the server console prompt, include the
following command in the STARTUP.NCF file:
SET RESERVED BUFFERS BELOW 16 MEG=X
Replace the x with a number between 8 and 300. The default is 200.
Setting Maximum Subdirectory Level and Minimum Cache Buffers
If you change the maximum subdirectory level in the server's STARTUP.NCF

file, you must also change the minimum cache buffer. The default maximum
subdirectory level is 25.
To change the cache buffers at the server console prompt, include the
following commands in the AUTOEXEC.BAT file:
SET MINIMUM FILE CACHE BUFFERS=X
SET MAXIMUM DIRECTORY CACHE BUFFERS=X
This command changes the minimum and maximum directory in MONITOR

> Available Options > Server Parameters. The changes will take effect
immediately.
Optimizing 103

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38

103-000134-001
August 29, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
Troubleshooting
Common Backup Problems

The media owner is unidentified
Possible Cause:
Action:
Media is blank or was written in a non-SIDF format.

See Checking the Media Status in a Device on page 91.
Backup speed is slow

Possible Cause:
Action:
Compressed files are being backed up in a decompressed format.

See Compressed Files on page 101.
Restore speed is slow

Possible Cause:
File compression and SBCON are running at the same time.

Compressed files are being overwritten with decompressed files.
Action:
See Host Server Performance on page 102.
The target you want is not listed

Possible Cause:
Action:
Possible Cause:
Action:
The Target Service Agent isn't loaded on the desired target.

See Backing Up Data on page 49.
Insufficient time to list the targets.
Allow more time for the software to find the target.
Possible Cause:
The host and target are physically far apart and network traffic is heavy.
Action:
Wait to perform a backup during nonpeak hours or when fewer users are
logged in.
Troubleshooting 105

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Data is corrupted, but no error message was given

Possible Cause:
Action:
Compressed files were restored to a volume without compression.

See Step 10 on page 64.
You (the network administrator) can't back up a workstation

Possible Cause:
The /Password option is set and is denying access to data on the workstation.
Action:
See Setting Rights to Back Up Portions of the eDirectory Tree on page 26.
Possible Cause:
Action:
Backup was attempted from two different servers at the same time. One
succeeded and the other one failed.
Check to make sure all necessary backup software is installed loaded.
A backup does not contain all changes

Possible Cause:
Action:
Differential and incremental backups were combined.

Use one or the other of these types in conjunction with full backups. See
Backup Types on page 16.
Changed files are not recognized

Possible Cause:
Action:
The modify bit was cleared after the last customized backup, so changed files
are not recognized.
See Backup Types on page 16.
Unable to find the session log file you want

Possible Cause:
Action:
It might be in a different directory or you might have deleted it accidentally.

See Deleting the Log Files on page 97.
Pressing Insert on a device list does not produce a media list at the server
Possible Cause:
Action:
No medium has been selected.

Use the Select option at the bottom of the screen.
The Time Form Is Invalid message displays when you try to schedule a delayed
backup
Possible Cause:
Action:
The date has been entered incorrectly in the time form.

Check that the scheduling has been entered correctly.

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Files were restored but the error file contains a message specifying which name
space formats were not restored
Possible Cause:
Action:
The file attributes and name space formats are not configured on the volume
you restored to.
Check to make sure you selected the correct name space.
Can't list devices or see the Session/Error Report from the client and the message
Unable to Establish Communication with Server appears
Possible Cause:
Action:
A client-server communication problem.

Check whether SBSC is loaded on the server. If not, load it.
If SBSC is already loaded, unload and reload it again.
Troubleshooting 107

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38

103-000134-001
August 29, 2001
Novell Confidential
July 17, 2001
Novell
NetWare 6
www.novell.com
S TO R A G E M A N A G E M E N T S E RV I C E S
August 29, 2001

Novell Confidential
Manual
99a
July 17, 2001
38
Contents
Preface
Overview
Backup Services . . . . . . . . . . . . . . .
SMS Components . . . . . . . . . . . .
Supported Storage Devices and Drivers .
Storage Management Engine (SME) . . .
Storage Management Data Requester . .
Memory Requirements . . . . . . . . . .
Backup Files . . . . . . . . . . . . . . .
Backup Types . . . . . . . . . . . . . .
Customizing Your Backup . . . . . . . .
Scan Data Sets . . . . . . . . . . . . . .
Keeping a Backup Logbook . . . . . . .
Planning a Backup Schedule . . . . . . .
Preparing to Back Up . . . . . . . . . . .
Backups and eDirectory . . . . . . . . .
Backups and the File System. . . . . . .
Backups and Clusters . . . . . . . . . .
Target Service Agents (TSAs) . . . . . .
Restore Services . . . . . . . . . . . . . . .
How SMS Restores Data . . . . . . . . .
Restore Options . . . . . . . . . . . . .
Restoring Cluster-enabled Pools . . . . .
Session Files . . . . . . . . . . . . . . . . .
Log and Error Files . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
SBCON Guidelines. . . . . . . . . . . . . . . . . . . . . . . . .
Before Loading the Backup Software . . . . . . . . . . . . . . .
Before Running the Backup Software . . . . . . . . . . . . . . .
Customizing the NetWare Server as the Backup Server . . . .
Loading Controller and Storage Device Drivers on the Server .
Loading the Target Service Agents. . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Setting Up
. 9
10
12
12
13
15
15
16
16
19
21
21
22
23
23
27
29
30
31
32
34
35
37
37
38
41
Contents

103-000134-001
August 29, 2001
Novell Confidential
42
43
43
43
44
45
Manual
99a
Loading SBCON . . . . . . . . . . . . . . . . . . . . .
Prerequisites . . . . . . . . . . . . . . . . . . . . .
Unloading SBCON . . . . . . . . . . . . . . . . . . .
Loading NWBACK32 . . . . . . . . . . . . . . . . . .
Exiting NWBACK32 . . . . . . . . . . . . . . . . . . .
Backing Up Data . . . . . . . . . . . . . . . . . . . .
Prerequisites . . . . . . . . . . . . . . . . . . . . .
Backing Up from the Server . . . . . . . . . . . . .
Backing Up from a Workstation . . . . . . . . . . .
Backing Up Cluster-enabled Pools from the Server .
Backing Up a Workstation . . . . . . . . . . . . . .
Changing Your Target . . . . . . . . . . . . . . . . . .
Changing a Target at a Server. . . . . . . . . . . .
Changing a Target at a Workstation . . . . . . . . .
Restoring Data . . . . . . . . . . . . . . . . . . . . .
Restoring Data from a Server . . . . . . . . . . . .
Restoring Data from a Workstation . . . . . . . . .
Restoring eDirectory . . . . . . . . . . . . . . . . .
eDirectory Restore Session Types . . . . . . . . .
Completing the eDirectory Restore . . . . . . . . .
Restoring Cluster-enabled Pools . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Managing
46
46
47
47
48
49
49
50
55
56
59
61
61
61
62
62
68
69
73
78
80
81
Prerequisites for SBCON Tasks .

Jobs . . . . . . . . . . . . .
Storage Devices . . . . . . .
Spanning Storage Media . .
Log and Error Files . . . . .
July 17, 2001
38
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Optimizing
81
82
86
92
93
101
Compressed Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101

Host Server Performance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102
Troubleshooting
105
Common Backup Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Preface
Novell Storage Management ServicesTM (SMSTM) is a collection of software
programs that provides backup and restore services. These services are
performed by a collection of components that are independent of operating
systems and hardware.
You can backup SMS Targets such as Novell eDirectoryTM, binderies, the file
system, cluster-enabled pools or an individual workstation's hard disk onto a
media that can be stored off-site. If you have a hardware failure, natural
catastrophe, corrupted data, or incorrectly deleted or changed data, you can
recover a previous version of the data.
Preface

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38

103-000134-001
August 29, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
Overview
Backup services is an essential piece of the Novell Storage Management
ServicesTM (SMSTM) software, a collection of services that provides backup,
restore, and data migration. These services are performed by various
components and are independent of operating systems and hardware.
Backup Services on page 9
Restore Services on page 31
Backup Services
Storage Management Services (SMS) allows you to back up SMS targets such
as eDirectoryTM, the file system, cluster-enabled pools, or hard disks on
individual workstations to media such as a tape drive for off-site storage, and
gives you a periodic view (daily, weekly, monthly) of your data. Then in case
of hardware failure, natural catastrophe, corrupted data, or incorrectly deleted
or changed data, you can retrieve a previous version of the data.
Backup services provides information on supported devices, the SMS
architecture, memory requirements, types of backup offered, customizable
options, schedules, how to back up eDirectory, how to back up the file system
(both traditional NetWare file system and Novell Storage ServicesTM), how
to back up cluster-enabled pools, and how to use Target Service Agents (TSA).
Overview

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

Backup Types on page 16
Customizing Your Backup on page 16
Keeping a Backup Logbook on page 21
Preparing to Back Up on page 22
Backups and eDirectory on page 23
Backups and the File System on page 27
Backups and Clusters on page 29
SMS Components
Storage Management Engine (SME) for backup and restore operations.
Novell provides the SBCON utility as a basic SME for NetWare.
See Storage Management Engine (SME) on page 12 for more
information.
Storage Management Data Requester (SMDR) for passing
communication between the backup program (see Storage Management
Data Requester on page 13) and the TSA software (see Target Service
Agents (TSAs) on page 30.)
Storage device interface is used to pass information between the SME
and the storage device.
Device drivers are used to control the behavior of the storage devices.
Target Service Agents (TSAs) pass requests and commands between the
SME and server or eDirectory database, and prepare the data for the SME.
TSA600.NLM must be loaded on the server where the data is to be
backed up.
See Target Service Agents (TSAs) on page 30 for more information.
TSAProxy (TSADOS for DOS workstation) is used to register the
workstation with the host server. TSAProxy also identifies and keeps
track of the stations waiting to be backed up. It receives "I am here"
messages from workstations available to be backed up. The TSAProxy
10

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
keeps the names of these workstations in an internal list and displays the
list, allowing you to select a target for a backup or restore procedure.
The SBCON process involves two machines:
The host server is typically the NetWare server running the backup
program. The SMS components will include the backup engine, the
SMDR, the Storage Device Driver, the tape device, and the required
Target Service Agents.
A target server is the NetWare server that contains the data to be backed
up or restored. Depending on the data to be backed up, the appropriate
Target Service Agent must be loaded.
Target Software
Host Software
Server
NetWare 6
T
S TSA600
A
Server
NetWare 6
Storage Management Data Requester (SMDR)
NDS
T
S TSANDS
A
Storage Device Driver
NetWare 6
T
S TSA600
A
DOS
T Partition
S
A TSADOSP
Server
Storage Device
SBCON can also be loaded and used on one machine.

SBCON uses an application on the host server to communicate with modules
on target devices. The application reads the information from the target device
and sends it to a storage medium, such as a tape drive.
Overview

103-000134-001
August 29, 2001
Novell Confidential
11
Manual
99a
38
July 17, 2001
Supported Storage Devices and Drivers

SBCON supports 0.25-inch, 4mm, and 8mm storage devices. If you are using
4mm tape, use only DDS (Digital Data Storage)-certified, computer-grade
tapes.
IMPORTANT: To ensure reliable operations, pretest all media storage devices
that are not Novell certified with the appropriate NetWare device driver and SBCON
backup and restore utility.
Use the driver files recommended by your hardware manufacturer.

The Storage Management Engine (SME) is central to the SMS architecture.
The SME communicates with the network clients to back up and restore
information.
SBCON has three modules:
User interface - Creates a job and submits to the NDS Queue.
Q Manager (QMAN) - Takes the job from the NDS Queue which is ready
for execution.
Engine - Completes the job.
Q Manager facilitates multiple job scheduling plus other features. Loading Q
Manager automatically loads the backup engine. The user interface can be
loaded after you load the Q Manager. See Setting Up on page 41 for
information on Q Manager.
SME
User Interface
NDS Queue
1
Q Manager
2
1 User Interface creates a job and submits to the NDS queue

2 Q Manager takes the job from the NDS Queue which is ready for execution
3 The engine
12

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Storage Management Data Requester

The Storage Management Data Requester (SMDR) is the communication
module in the SMS architecture. It provides transparent access to SMS
services in an intranet as it allows access to local or remote SMS services. The
SMDR APIs are used by SBCON and other third-party applications as well.
SMDR uses TCP Port Number 413.
Features of SMDR
The features of the SMDR 6.00 include the following:

Protocol Independence: SMDR 6.00 is protocol independent and does not
depend on Sequenced Packet ExchangeTM (SPXTM) or Internetwork Packet
ExchangeTM (IPXTM) protocols. From NetWare 5.1 onwards, the requester also
uses TCP/IP for communicating with other SMDRs. Although SMDR 6.00
can be configured to support TCP/IP, SPX/IPXTM, or TCP/IP and SPX/IPX,
both protocols are supported by default. SMDR versions prior to 5.00 use the
SPX protocol.
If cluster-enabled pools are to be backed up or restored, use SLP as the
discovery mechanism.
The protocols can be specified in the configuration file, SMDR.CFG (see
Using the SMDR Configuration File on page 14 for more information).
NDS Registration and Name Resolution: SMDR creates an SMS Remote
Procedure Call (RPC) object in eDirectory. The default tree of the server (the
tree in which the server is present) is used for eDirectory registration.
The SMS RPC object is defined with the following attributes:
Common Name - Name of the server on which the SMDR is located
Status - Indicates whether the SMDR is active or inactive
Protocol - List of protocols for which the SMDR has listeners
Version - Version number of the SMDR
Services - List of services registered with the SMDR
The SMDR creates an instance of this RPC class at the SMDR Context
location in the server's default tree. The SMDR Context is specified in the
SMDR.CFG file, which can be edited at any given time.
Multiple SMDRs are grouped together to reduce the search scope in
eDirectory. A SMDR Group object defines this search scope. This group
Overview

103-000134-001
August 29, 2001
Novell Confidential
13
Manual
99a
38
July 17, 2001
represents an instance of a predefined group class in the eDirectory schema.

Any number of such groups can exist in eDirectory. The SMDR can become
a member of one or more groups by registering its object's (SMS RPC object)
context.
When SMDR requires name resolution, it searches all members of the SMDR
Group at SMDR Group Context. The SMDR Group Context and SMDR
Group are specified in the SMDR.CFG file.
Name Resolution Using SAP: SMDR can also be configured to use Service
Advertising Protocol (SAP) for locating other SMDRs in an IPX environment.
Each SMDR advertises the server name where it is loaded using service type
0x23F. But in an IP environment, NDS and Service Location Protocol (SLP)
replaces SAP.
Name Resolution Using SLP: SMDR can also be configured to use Service
Location Protocol (SLP) for locating other SMDRs. This enables SMDRs to
locate other SMDRs running on servers that belong to different trees. Every
SLP enabled SMDR will register itself in the smdr.novell domain when
loaded. The SLP enabled SMDRs will query this domain for locating
registered SMDRs.
SLP, SAP, and NDS discovery mechanisms are enabled by default.
Using the SMDR Configuration File
The SMDR.CFG file is a text file located in the SYS:\ETC\SMS\ directory on

your server.
You can modify the configuration file from the command prompt by entering:
LOAD SMDR NEW
The SMDR Configuration screen is displayed where you can make the
required modifications.
SMDR Configuration Problem
If you try to load SBCON when you have not set the SMDR on a server with
the corresponding eDirectory objects and configuration, SBCON will
autoload the SMDR and prompt you for configuration information. (This
screen is hidden by the SBCON screen). To rectify this problem, press
Alt+Esc to allow the SMDR to complete its setup before loading SBCON.
14

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If NetWare Common Install is used to install SMS (see Customizing the

NetWare Server as the Backup Server on page 43 for more information), this
problem will not occur. If the SMDR is explicitly loaded for the first time, the
screen for configuration information will not be hidden.
Memory Requirements
To run SBCON, the host server requires the following:
A minimum of 3 MB free memory for SBCON
Memory required to run NetWare 6 (currently 256 MB RAM)
Memory required to run the clients
If 3 MB of memory is not available, try setting the storage buffers lower than
the default and still run SBCON.
Backup Files
Each backup session produces three types of files:
Data files are copied to the selected storage media.
Log files are produced by the engine during backup and restore. Log files
are placed in a directory on the host server and accessed through the
SBCON Main Menu or from a Windows* 95, 98, 2000 or Windows NT*
Error files are produced by the engine while backing up. Error files are
placed in a directory on the host server and accessed through the SBCON
Main Menu or from a Windows 95, 98, 2000 or Windows NT workstation
using NWBACK32.
Both log and error files contain information such as the date, time, and
media identification for a session. But the error file also contains a list of
any errors that occurred during the backup session, such as files that were
not backed up (see Log and Error Files on page 93 for more information
on these files). The log and error files are labeled with the same
description you give the session.
Overview

103-000134-001
August 29, 2001
Novell Confidential
15
Manual
99a
38
July 17, 2001
Backup Types
SBCON has three types of backup sessions:
Full backupBacks up the entire file system of the selected target
regardless of whether the data has changed since the last backup, and
clears the Modify bit after the backup.
Differential backupAvailable only for the file system; backs up only
data that has been changed since the last full or incremental backup.
When you perform a differential backup, the modify bit is not cleared
after the backup. All files modified since the last full backup are included
in the backup (unless they have been deleted). Each differential backup
uses more media and is slower than an incremental backup because it
backs up more files.
IMPORTANT: Do not interchange differential backups and incremental backups.
If you do, the differential backup will not contain all changes since the last full
backup. Use full backups interspersed with differential backups or full backups
interspersed with incremental backups.
Incremental backupAvailable only for the file system; backs up only

data that has been changed since the last full or incremental backup
(whichever was last). Incremental backup sessions back up only files that
have the modify bit set (that is, files that changed since the last full or
incremental backup session when the modify bit was cleared).
Customizing Your Backup

All backup types contain advanced options to allow you to customize your
backup. These options allow you to
Choose subsets of data to back up
You can choose specific subsets of a data set to exclude from or include
in the backup session by selecting major resources, such as volumes, files,
directories, or path.
See Exclude and Include Options on page 17.
Specify how to scan what you are backing up
See Scan Data Sets on page 19.
16

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Exclude and Include Options
Whenever you perform a custom backup or restore, you can use the exclude
and include options to select subsets of what you want to back up.
Whether you use exclude or include usually depends on the size of the data
you want to back up, compared to the size of the data you do not want to back
up.
Exclude
To back up most of the file system structure or eDirectory tree structure while
omitting only a small part, use the exclude option to omit the part you do not
want to back up. Everything that you do not specifically exclude is included.
After you exclude part of the structure such as a volume, directory, or
container, you cannot include any subdirectories, files, or objects beneath that
excluded volume, directory, or container.
Include
To back up a small part of the file system structure, use the include option to
specify the data you want. Everything you do not specifically include is
excluded.
When you select only part of the file system structure to include (such as a
volume), all directories, subdirectories, and files under that selection are
included in the backup by default.
In the figure given below, volume SYS: is selected as an include option. All
other areas of the file system structure are excluded from the backup. You can
exclude some subdirectories or files beneath your selection if necessary.
SYS
HOME
Public
Mail
System
Login
NetUsers
Appl
Project
A2ZCO
Widget.exe
Report
January.prj
February.prj
March.prj
Proposal
Tessier.Inc
Nu_Artco
Karl
Mary
Directories
Subdirectories
Files
Thomas
Directories
Subdirectories
Files
Overview

103-000134-001
August 29, 2001
Novell Confidential
17
Manual
99a
38
July 17, 2001
The same principle applies when you specify a directory with the include
option. The figure below shows that all directories, subdirectories, and files
under the NetUsers directory are included in the backup. All other areas of the
file system structure are excluded from the backup.
SYS
HOME
Public
Mail
System
Login
NetUsers
Project
A2ZCO
Widget.exe
Report
January.prj
February.prj
March.prj
Proposal
Tessier.Inc
Nu_Artco
Karl
Appl
Mary
Directories
Subdirectories
Files
Thomas
Directories
Subdirectories
Files
The reverse is true when you select a major TSA resource, a directory, or a file
as an exclude option. All other areas of the file system structure are included
in the backup.
Combining Include and Exclude Options
By combining the include and exclude options, you can control what is backed
up.
For example, the following command sequence results in volume HOME
being included in the backup with the exception of the MARY directory and
the WIDGET.EXE file.
Include major TSA resources HOME:
Exclude directories (full path): HOME:NETUSERS/MARY
Exclude path/files HOME:NETUSERS/KARL/PROJECT/WIDGET.EXE
18

103-000134-001
August 29, 2001
Novell Confidential
Manual
SYS
HOME
99a
Public
Mail
System
Login
NetUsers
Appl
July 17, 2001
38
Project
A2ZCO
Widget.exe
Report
January.prj
February.prj
March.prj
Proposal
Tessier.Inc
Nu_Artco
Karl
Mary
Directories
Subdirectories
Files
Thomas
Directories
Subdirectories
Files
Scan Data Sets

You can specify a different type of data set to be scanned.
A data set is a group of data that can be manipulated by SBCON. Each data
set in the file system structure can be classified as a parent or a child, and each
class includes different types of data items.
Within SBCON, a parent might be a server, eDirectory, a volume, or a
directory. A child is a file, which is the lowest level of the directory structure.
The unit below a parent is not necessarily a child; it might be another parent,
or the line might end with the parent. The unit above a child must always be a
parent.
Overview

103-000134-001
August 29, 2001
Novell Confidential
19
Manual
SYS
HOME
99a
Public
Mail
System
Login
NetUsers
Appl
July 17, 2001
38
Project
A2ZCO
Widget.exe
Report
January.prj
February.prj
March.prj
Proposal
Tessier.Inc
Nu_Artco
Training
Workbook
Viewgraph
Script
Schedules
June
July
August
Karl
Mary
Thomas
Manuals
Widget.Co
chapt.1
chapt.2
chapt.3
chapt.4
appx.A
appx.B
glossary
index
Acme.Inc
pamphlet
art
maps
plans
Parents (all units above final)

Children (final units only)
Items in a data set for either a parent or child should be items that do not
frequently change. You might choose to exclude from the backup session one
or more items in the data set of your target.
Overwriting a Parent or Child
SBCON allows you to overwrite all existing parents or children. Children can
be overwritten only if the date on the data set on the hard disk is more recent
than the date of the data set backup.
20

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Keeping a Backup Logbook

Keep a hard copy log of your backups in case your online log and error files
become corrupted. The log should contain the following information:
Source backed up (such as the server or workstation name)
Full path for session log and error files directory
Full path for backed-up data
Label of the media on which the backup is stored
Description of the session
Name or initials of the person performing the backup
Date and time of the backup session
Planning a Backup Schedule

Before you begin backup procedures, plan a backup schedule based on your
needs. Consider such factors as the number of users and frequency of changes
to files.
You can perform different types of backups on different schedules:
DailyPerform an incremental or differential backup after the close of
business. If revisions are heavy and rapid, consider several backup
sessions each day.
WeeklyPerform an incremental or differential backup after the close of
business on the last day of the week for three of the four weeks in the
month.
MonthlyPerform a full backup on the last business day of the month
(for example, the last Friday).
Major changesPerform a full backup before and after you change your
configuration, and before and after you upgrade your server to a new
version of NetWare.
Application changesPerform a custom backup before and after you
modify applications.
Overview

103-000134-001
August 29, 2001
Novell Confidential
21
Manual
99a
38
July 17, 2001
Preparing to Back Up
Careful planning can help you minimize the impact of data loss. Before you
back up, consider the following:
What should be backed up
Where to back up
Backup type
Who should back up
When to back up
How to prepare for a backup
How to track backup
Open Files Backup
TSA600.NLM supports backup of open files on Novell Storage Services

(NSS) volumes if the CopyOnWrite feature is enabled.
To enable CopyOnWrite on a single NSS volume, do the following:
nss /FileCopyOnWrite=volume_name
2 Dismount and remount the volume.
2a To dismount the volume, enter
dismount volume_name
2b To remount the volume, enter
mount volume_name
To enable the feature on all NSS volumes, enter
nss /FileCopyOnWrite=all
Continue with the next sections to prepare for the backup session.
22

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

Each type of backup has a different effect on the backup and restore process.
When planning your backup schedule, consider all of the following variables
before determining which schedule is right for you.
Media usage and backup speed. This helps increase the speed of the restore.
Restoring after incremental backups. If you have performed full and
incremental backups and need to restore data, you must restore the last full
backup as well as all subsequent incremental backups.
Restoring after differential backups. If you have performed full and
differential backups and need to restore data after an unexpected loss, restore
only the last full and differential backup.
Backups and eDirectory

The best way to protect your eDirectory database is to use replicas.
Replication, however, is not sufficient protection for a single server network
or when all copies of the replicas are destroyed or corrupted. In these
instances, if the eDirectory data has been backed up regularly, the eDirectory
tree structure can be restored using SMS.
You can back up the entire tree or a selected section of the tree starting with a
particular container. You can back up the schema and schema extensions.
Trustee assignments are backed up as part of the file system.
You cannot back up partition information. If the eDirectory tree structure
becomes corrupted and you restore the eDirectory data, all data is restored to
one partition, [Root]. You need to repartition that portion of the tree.
It is important that you keep a written copy of the tree structure and the
partitions. You can use the DSMISC.LOG file that is backed up with the file
system as part of the server-specific information.
Managing Distributed Database on page 24, Server Interdependence
on page 24, Object ID Numbers on page 24, Placeholder (Unknown)
Objects on page 25, and Schema Backup on page 24
Backup Software for eDirectory on page 25
Setting Rights to Back Up Portions of the eDirectory Tree on page 26
Frequency of Backup on page 27
Overview

103-000134-001
August 29, 2001
Novell Confidential
23
Manual
99a
38
July 17, 2001
Distributed Database
The network of servers that comprise an eDirectory tree structure continually

exchange updates and other time-sensitive information. The eDirectory
database exists as a set of files that are stored in the SYS: volume and are
hidden so they are not accidentally tampered with or deleted.
The eDirectory database files cannot be backed up, as was the case with
bindery files in NetWare 3.12 or earlier versions.
Server Interdependence
eDirectory is not server-centric, and neither are its backup and restore
processes. Backing up eDirectory, for example, backs up data that is spread
out over multiple servers. SMS Directory database backups gather all the
necessary eDirectory data.
To handle the necessary links and dependencies between objects, the backup
and restore system must be able to navigate the entire eDirectory tree
structure.
Object ID Numbers
In NetWare, a random ID number is assigned when an object is created.

NetWare uses object ID numbers to keep track of information such as users'
trustee rights to directories and files in the file system. These object ID
numbers are stored in the directory entry table (DET) of each file and directory
and are server-centric.
When NetWare is backed up, SMS-compatible products store the objects' fully
distinguished names on the backup media, not the objects' ID numbers. If an
object with the same distinguished name as on the backup media already exists
in the eDirectory tree structure, its object ID is not overwritten during a
restore. If an object with the same name does not already exist in the
eDirectory tree structure, it is assigned a new object ID when it is restored.
This occurs on every server where the object is used.
Schema Backup
The schema is backed up automatically with a full eDirectory backup. You can
also choose to back up the schema separately using a custom eDirectory
backup.
24

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Placeholder (Unknown) Objects
Whenever insufficient information is known about an object, such as when

one of its mandatory attributes is missing, eDirectory creates as a placeholder
an Unknown object.
During a restore session of the eDirectory database information, Unknown
objects are created when restoring an object that has an access control list
(ACL) or any other attribute that refers to other objects that do not currently
exist in the eDirectory tree structure.
This condition is common in a restore, because only one object can be restored
at a time. When this condition arises, an Unknown object is created until the
real object is restored.
For example, User object User1 has been given property and object rights to
User object User2. If User1 and User2 are deleted and only User2 is restored,
an object named User1 will be created but it will have a base class of
Unknown. This occurs because the access control list of User2 lists User1,
which was not restored. The Unknown object is used as a placeholder in the
tree. If User1 is later restored, it will replace the Unknown object.
If the restore session does not include the object for which the placeholder was
created, the object remains in the eDirectory tree structure as type Unknown.
Expect to see Unknown objects after a restore session if all network resources
such as servers, volumes, and users are not in place before the restore session
starts.
Objects that remain unknown after a restoration is completed are objects for
which eDirectory could not resolve the dependencies.
In this case, you can do one of two things:
1. Delete the Unknown objects and re-create the original object.
2. Perform a selective restore to overwrite the Unknown objects.
In order to back up the eDirectory database, the TSANDS.NLM software must

be loaded on one server in the eDirectory tree structurepreferably the server
containing a replica of the largest partition.
For large or complex networks, you can improve performance by loading the
TSANDS.NLM software for a particular partition. This minimizes network
Overview

103-000134-001
August 29, 2001
Novell Confidential
25
Manual
99a
38
July 17, 2001
traffic during the backup process and improves performance when the backup
program performs name resolution across the eDirectory tree structure.
The version of TSANDS.NLM that ships with NetWare allows selective
backup and restoration of an eDirectory tree structure.
HINT: Not all third-party backup applications support this selective backup and
restoration. Check with the application vendor for details on product features.
In SBCON, you can begin the backup of the eDirectory database from any
server in the eDirectory tree structure. The backup process continues from that
point downward to the end of that portion of the tree. If the selected container
is [Root], the entire eDirectory tree structure is processed.
This allows you to back up the entire eDirectory tree structure or subsets such
as a single branch, a single container, or even a single leaf object. Also, a scan
option allows backup of only those objects for which the backup user has the
Supervisor right.
When you back up eDirectory, we recommend that you back up the eDirectory
tree structure in one session whenever possible. Although partial eDirectory
backups and restores are possible, numerous precautions and additional issues
must be noted. See Partial eDirectory Restores on page 79 for more
information.
Setting Rights to Back Up Portions of the eDirectory Tree
The network administrator can assign backup administrators with limited

rights to the eDirectory tree structure.
For example, suppose in your company you have three Organizational Units
that need to be backed up (East, West, Mid). You could create three User
objectsBackAdmin1, BackAdmin2, and BackAdmin3and give them
rights to the Organizational Unit that they are responsible to back up.
You then create a TSANDS.CFG file that lists the fully distinguished name of
the contexts where the backup administrators' rights begin. It would look
.OU=East.O=Acme
.OU=West.O=Acme
.OU=Mid.O=Acme
Backup administrators have rights to back up the eDirectory tree structure

beginning only at the context listed, and the rights continue until the tree stops
or the rights are filtered out. Backup administrators should use a custom
26

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
eDirectory backup to back up the portions of the tree for which they have
rights.
The network administrator assigns the Supervisor right to the backup
administrators for the section of the eDirectory tree structure that they are
responsible to back up. The network administrator then needs to create a
TSANDS.CFG file that lists the fully distinguished names of the containers
where each of the backup administrators' rights begin. The TSANDS.CFG file
should be saved in the SYS:SYSTEM\TSA directory of the server.
Frequency of Backup
In general, the eDirectory database should be backed up on a weekly basis.

The frequency of this backup depends on how often changes and updates are
made to the eDirectory tree structure. For a tree that changes often, you might
want to perform an eDirectory backup every time you do a full backup of all
servers on the network.
IMPORTANT: Always back up eDirectory prior to major tree modifications.
To get a full backup, the entire eDirectory tree structure needs to be

functioning, meaning that all partitions are synchronizing normally. An
eDirectory tree cannot be backed up entirely if any replicas of any partition are
offline.
Backups and the File System

Back up your volumes so that in the case of hardware failure, natural
catastrophe, or accidental change or deletion of files, you can restore the file
system to a previous state and not lose the data.
To back up file system data, an appropriate SMS TSA must be loaded on each
server for which a file system backup is to be created (see Loading the Target
Service Agents on page 45). To back up file system information, make sure
your backup application can handle the NetWare file system name spaces,
extended attributes, trustee rights, compression, etc.
Once the device drivers for your backup hardware and the SMS TSA software
is loaded, you can run the backup program of your choice (see Loading
SBCON on page 46).
Overview

103-000134-001
August 29, 2001
Novell Confidential
27
Manual
99a
38
July 17, 2001
Trustee Assignments
Trustee assignments are stored as part of the file system as an ID. They are
backed up by default when the file system is backed up with the SMS TSA
software. If a User object is deleted and then re-created or restored, its object
ID changes. This is why the SMS TSA module uses fully distinguished names
for objects to back up the trustee rights from the file system. If a User object
is deleted and re-created with a new ID, the user's trustee assignments in the
file system can be restored.
As long as an object with the same name on the backup media exists in the
eDirectory tree structure when the file system is restored, the TSA can interact
with eDirectory to rebuild the directory entry table (DET) to reflect new object
ID numbers.
For additional information about object ID and trustee issues, see Restoring
eDirectory on page 69.
Server-Specific Information
Server-specific information such as the replica information, ID information,

name spaces loaded, and system configuration is stored on the volume SYS:.
This information is backed up as part of the file system as a single resource.
This resource includes the following five files:
SERVDATA.NDS contains server-specific eDirectory data.
DSMISC.LOG contains a replica list and replica types on the server at
backup.
STARTUP.NCF contains a disk driver, name spaces, and SET
parameters.
AUTOEXEC.NCF contains load modules and the NetWare operating
system configuration.
VOL$INFO.TXT contains volumes on the server, name spaces loaded,
compression, and migration information.
You can also choose to back up this information individually. The information
is not restored unless you specifically choose to restore it. It does not need to
be restored unless you have lost the SYS: volume. In that case, you must
replace the hardware and restore this information. For more information, see
Restoring the Entire eDirectory Tree Structure on page 72.
28

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Backups and Clusters

Novell Cluster ServicesTM allows you to configure up to 32 NetWare servers
into high-availability cluster, where resources can be dynamically switched or
moved to any server in the cluster. Consolidation of applications and
operations on a cluster has benefits such as lower costs, scalability, and
increased availability. See the Novell Cluster Services documentation (http://
www.novell.com/documentation) for more information.
For a cluster to work as a high-availability system, the file system, the
applications, and services that run on the cluster should be clusterenabled.SBCON supports backup and restore of cluster-enabled pools. In
addition, the backup session can be automatically recovered in case of a
failover or failback condition.
NOTE: Backup and restore of cluster-enabled pools is not supported in NetWare
versions earlier than NetWare 6.
SBCON supports automatic recovery of backup sessions if failover or failback

occurs. The backup engine reconnects to the Target Service Agent and
resumes the backup from where it had terminated. Various cluster options like
Enable Auto-Recovery and Retry Interval are provided by SBCON. You can
use the default values or reset the values while submitting the backup job. The
engine begins the reconnection attempts after waiting for a configurable time,
and then retries at regular intervals until the connection is re-established or the
number of retries has expired.
After the connection is re-established, the internal structures of the TSA are
built and the recovered session is continued from where it had terminated.
User intervention is not required during the recovery period. You can view the
status in the Session Report screen.
Consider the following before preparing for backup and restore of clusterenabled pools:
Use TSA600.NLM to backup or restore cluster-enabled pools. (See
Target Service Agents (TSAs) on page 30 for details.)
If SBCON is loaded on a cluster node and a backup session for a clusterenabled pool is submitted, the session cannot be recovered if a failover or
failback condition occurs on the host server.
SBCON can backup and restore only one cluster-enabled pool per
session. This is because the engine is connected to the cluster pool instead
of the server.
Overview

103-000134-001
August 29, 2001
Novell Confidential
29
Manual
99a
38
July 17, 2001
If a cluster server is chosen as the target, only noncluster volumes will be

backed up. You have to back up each pool individually.
You might abort an ongoing backup job with the intention of resubmitting
the same job later. In such situations, the job will not restart from where
it was terminated; it will restart from the beginning.
For more information, see Backing Up Cluster-enabled Pools from the
Server on page 56.
Target Service Agents (TSAs)

In SMS, a target is any machine on the network that requires backup.
Examples of targets include SQL database engines, eDirectory databases,
workstations, and NetWare servers.
Through specific TSAs, SBCON allows you to back up the information that
exists on the following targets. These TSAs are listed in general as follows:
Table 1
Target Services and Their Corresponding Target Service Agents

Target Service
Corresponding Target Service

Agent
NetWare 6
TSA600
Windows 95 and 98 workstation
W95TSA
Windows 2000 and Windows NT

workstation
Windows NT TSA
MAC workstation
MACTSA
GroupWise data
GWTSA
OS/2 machine
OS/2 TSA
A Target Service Agent (TSA) is a software module that understands how to

scan, read, and write the target data. The primary functions of an SMS TSA
are to prepare the target data for backup or restoration, and to communicate
with the storage management engine (SME). For example, an SMS TSA for a
NetWare server understands name spaces, file and directory attributes,
security privileges, etc., for the data on that server.
30

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The TSA packages data from the target and presents it to the SME in a generic
format. This allows one SME to interact with many types of TSAs.
NetWare 6 provides TSA600.NLM, with the following features:
Supports backup and restore of traditional NetWare file system and NSS
file system
Supports backup and restore of cluster-enabled pools (see Backups and
Clusters on page 29)
Recovers the backup session in failover and failback conditions
Provides the caching feature for optimizing backup performance (see
Customizing Backup on page 53.) The TSA will scan the data sets prior
to the engine request and commit the data set information to the cache.
When the request comes in, the data is read from the cache instead of from
the disk
NOTE: To use this feature, ensure that your backup engine supports the scan-
ahead option. If the option is enabled without appropriate changes to the engine,
unexpected results may occur. Also note that performance might vary from engine
to engine.
Restore Services
Restore services provides information on how SMS restores data from
eDirectory, volume SYS: and other volumes, single servers, multiple servers,
and the eDirectory tree structure.
Use SBCON to retrieve and reinstate data you have backed up to storage
media. You restore data if it has been lost or corrupted since a backup was
made.
A restore session restores data from a backup. The restore session produces
the requested data, which is retrieved from the storage media and restored to
the location you specify. If an error occurs during the restore session, an error
message is appended to the error file on the host server.
How SMS Restores Data on page 32
Restore Options on page 34
Restoring eDirectory and the File System on page 35
Restoring Cluster-enabled Pools on page 37
Overview

103-000134-001
August 29, 2001
Novell Confidential
31
Manual
99a
38
July 17, 2001
How SMS Restores Data

During a restore session, SBCON reads the backup storage media, and the
Target Service Agent (TSA) compares the media data set to the existing hard
disk data set. The Target Service Agent evaluates each data set according to
the following criteria:
Is this data set a subset of what is being restored?
Is this data set found on the hard disk?
Which parts of the data set are subject to restoring?
Is this data set a parent or a child, and is the Overwrite parameter set to
Yes or No?
If the parameters for a child are set to Overwrite Only if Newer, does the
backup copy have a more recent date than the existing copy?
32

103-000134-001
August 29, 2001
Novell Confidential
Manual
BEGIN
99a
July 17, 2001
38
END
Go to backup session
on storage media.
no
Is
there
another data set
to read?
yes
Read data set.
Overwrite
data set?
Is the
data set to
be
renamed
yes
only if newer
no
yes
no
ignore
Rename the dataset

Is
data set
a subset of what
youre
restoring?
restore
Compare date of
data set on media
to date of
data set on disk.
yes
no
Open mode
option
ignore
Is
date of
data set on media
the newer
date?
yes
no
Is
data set
on the
hard disk?
yes
no
Open mode
option
ignore
Open mode
option
restore
Is
data set
a parent or
a child?
parent
Consult
"Overwrite"
parameters for
parent
restore
child
Consult
"Overwrite"
parameters for
child
Overview

103-000134-001
August 29, 2001
Novell Confidential
33
Manual
99a
38
July 17, 2001
Restore Options
For a custom restore session, you can specify exactly which data to restore.
Several options work together to allow you maximum flexibility in your
restore session. These options allow you to do the following:
Choose subsets of data to restore
Open mode options
Overwrite an existing parent (such as a container) or child (such as an
object)
Subsets of Data to Restore
You can choose specific subsets of a backup session to include in or exclude

from the restore session by selecting major resources (such as volumes,
server-specific info, or containers) or minor resources (such as directories,
paths, files, or objects).
For more information about including and excluding, see Customizing Your
Backup on page 16.
Open Mode Options
Open mode options allows you to customize data for restore. File system data
can either be included or excluded for the session. The speed of the restore
depends on the options you set.
Overwriting Existing Parents or Children
Be careful when you perform a selective restore and choose whether to

overwrite existing parents or children, especially eDirectory objects. Objects
such as groups and users have references to other objects in the eDirectory tree
structure that will be affected by a selective restore.
For example, suppose a part of the eDirectory tree structure gets corrupted and
several users are deleted from the tree. There is a group that contains those
users, but once the users are gone, the group purges the membership list to
remove those users; the group, however, continues to exist in the eDirectory
tree structure.
If you perform a selective restore and choose not to overwrite existing objects,
the group membership list remains empty even if you restore the users. You
need to either add the users manually to the group membership list or restore
the original group.
34

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

The only way to ensure that your eDirectory database can be fully restored is
through partition replication, with replicas of the entire database on multiple
servers.
On a single-server network, you need to rely more heavily on backing up the
data because you do not have replicas to restore information.
If part of the eDirectory tree structure, including partitions and replicas, exist
when the eDirectory database information is restored, those partitions and
replicas will be restored also, and you will not need to repartition the tree.
In case of corrupted data, follow these general steps:
1. Delete the corrupted eDirectory data.
2. Allow time for the deletion to propagate throughout the network. The
allotted time depends on the size of the data to be backed up, the size of
your network, the number of servers you have, and the number of
containers and users you have.
3. Restore the eDirectory data.
A replica containing the object does not have to be on the server. The
eDirectory database creates external reference when necessary.
NOTE: An external reference is a pointer to an eDirectory object not found locally
on the server; it is used to authenticate and reference objects that are not local to
the server.
There are specific recovery procedures for the following scenarios:

Loss of a Volume Other Than SYS: on page 35
Loss of the SYS: Volume or an Entire Server on page 35
Loss of the Entire eDirectory Tree on page 37
Loss of a Volume Other Than SYS:
Loss of a volume other than SYS: does not affect eDirectory. The only
requirement is to restore the file system data and trustee rights.
Loss of the SYS: Volume or an Entire Server
A hard disk failure involving the SYS: volume affects the entire server and
halts all NetWare operating system activities. Because the eDirectory files are
Overview

103-000134-001
August 29, 2001
Novell Confidential
35
Manual
99a
38
July 17, 2001
stored on volume SYS:, losing SYS: is equivalent to removing NetWare and

eDirectory from the file server. You must reinstall NetWare and eDirectory
before you restore your data.
The procedures for this scenario are divided into two cases:
Loss of the only server in a single-server network.
Loss of a single server in a multiple-server network.
In a single-server network, server failure brings all network operations to a

halt. The same situation exists if the failure affects only the hard disks
containing the SYS: volume.
eDirectory information from a replica.
2. Reinstall NetWare.
3. Restore eDirectory from an SMS backup. (See Restoring Data on page
62.)
4. Restore the file system. (See Restoring Data on page 62.)
In a multiple-server environment, it is possible for one server to go down and

for the rest of the servers in its replica list to remain intact. The same situation
exists if the hard disks containing volume SYS: on one server gets damaged,
causing the failure of the entire server.
2. Restore SERVDATA.NDS (the server-specific eDirectory information)
for the failed server to another server on the network. (See Restoring
Data on page 62.)
3. Reinstall NetWare, including restoring the SERVDATA.NDS file
(located in SYS:) to the original server.
4. Restore eDirectory. (See Restoring Data on page 62.)
36

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
5. Restore the file system. (See Restoring Data on page 62 and Custom
File System Restore on page 74.)
6. Restore any replicas that were removed from the server.
Loss of the Entire eDirectory Tree
If all servers on a network are destroyed because of a disaster, you must

perform a complete restore of NetWare, eDirectory, and file system data.
IMPORTANT: We recommend that you document your eDirectory tree structure;
the location of Server objects, partitions, and replicas; and record bindery context
settings and other relevant information.
Use the following general steps to restore the eDirectory tree structure:
2. Reinstall NetWare on the first server.
3. Install NetWare on remaining servers to create a skeleton of the tree.
4. Restore eDirectory. (See Restoring eDirectory on page 69.)
5. Restore the file system to all servers. (See Custom File System Restore
on page 74.)
6. Re-establish partition boundaries and distribute replicas.

Restore of cluster-enabled pools is similar to a normal restore session (see
Restoring Data on page 62.)
supported.
Session Files
Whenever you back up or restore files/directories, a log and corresponding
error files are created for that particular session on the server on which you are
executing the job. The .LOG file is the session file for that particular job.
The need to create a session file arises when you are restoring the data on a
server other than the one you backed up from. The server should possess the
session ID of all the jobs that are present on the tape so that the SME can
restore it. These session IDs are created from the .LOG files. See Creating
Session Files on page 98.
Overview

103-000134-001
August 29, 2001
Novell Confidential
37
Manual
99a
38
July 17, 2001
Log and Error Files

The files of the backup session are stored in a default directory (such as
SYS:SYSTEM\TSA\LOG). If you prefer, you can create your own directory
for the log and error files as long as it resides on the host server.
The files of the restore session are stored in the directory
(SYS:SYSTEM\TSA\RESTORE). You cannot modify the location for the
files.
The files can be accessed through the SBCON Main Menu or from a Windows
95, 98, 2000 or Windows NT workstation using NWBACK32.
The error file is labeled with the same description that you give the restore
session (such as Friday's Full Backup) and is accessed through the Log/Error
File Administration option of the SBCON Main menu.
HINT: You might want to create individual log directories for the different types of
backup or restore session targets or different organizational units. For example,

you could create one directory for workstation backups and another for server
backups.
SBCON keeps a list of all the log and error files. These lists show
The description you enter for the session.
The date and time the session was begun or, in the case of a delayed
backup session, the time the session was scheduled.
The name of the target the data was backed up from.
Log File
The log file is created on the host server the first time a particular set of data
is backed up. This file contains the following:
The area of the file system structure that was backed up or restored
(volume name, directory name, etc.).
The names of files that were backed up or restored.
The numerical location of the data on the storage media.
38

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Error File
The error file is created on the host server the first time a particular set of data
is backed up. It contains a list of any errors that occurred during a backup or
restore session.
This file contains the following:
The area of the file system structure that was backed up or restored.
The total number of parents and children that were backed up or restored.
The names of files that were not backed up or restored, along with any
error messages or information.
Skipped data sets (any file that is open when a session begins, is not
backed up or restored, and is listed as a skipped data set).
Overview

103-000134-001
August 29, 2001
Novell Confidential
39
Manual
40
99a
38

103-000134-001
August 29, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
Setting Up
In addition to being able to back up data from a server with SBCON, you can
use a Windows 95, 98, 2000 or Windows NT workstation to perform your
backups using the graphical interface.
How to customize the NetWare server as the backup server. See
Customizing the NetWare Server as the Backup Server on page 43.
How to load the backup software. See Loading Controller and Storage
Device Drivers on the Server on page 44, Loading the Target Service
Agents on page 45, and Loading SBCON on page 46.
How to unload the backup software. See Unloading SBCON on page
47.
How to back up your data. See Backing Up from the Server on page 50,
Customizing Backup on page 53, or Backing Up from a Workstation
on page 55.
How to restore your data. See Customizing Restore on page 66, or
Restoring eDirectory on page 69, and Restoring a Volume Other Than
SYS: on page 69.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
41
Manual
99a
38
July 17, 2001
SBCON Guidelines
Before you set up and begin backups, follow these guidelines to make backups
easier and to avoid problems later.
Log in. You will have limited success backing up and restoring if you log
in without the Supervisor right.
For security reasons, many SBCON options are limited to the network
administrator.
Reserve disk space for temporary files. Make sure you have disk space
available (1 to 2 MB) on the target server's volume SYS: to accommodate
log and error files.
SBCON creates temporary files on the target server during backup. If you
have linked UNIX* files or files with extended attributes, the temporary
files might be larger than 1 MB.
Do not mount or dismount volumes during a backup or restore
session. The data might be corrupted or an association might occur at the
host server.
Use the correct name space and name space formats. If you do not use
the correct name space and name space formats when entering paths and
file names, files can't be restored.
Name spaces: DOS, FTAM, Macintosh, NFS, OS/2
Name space formats:
For Macintosh, use Volume::directory:directory:filename
For all others, use Volume:/directory/directory/filename
Exit SBCON before unloading drivers. If you unload a manually
loaded driver (such as aha1740.dsk or aspitran.dsk) before exiting
SBCON, you might cause the host server to abend.
Use original case for non-DOS names. Non-DOS pathnames and
filenames are case-sensitive. NetWare recognizes DOS pathnames and
filenames in uppercase only. If you're not sure of the original case, refer
to your log file.
42

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

Before you load the backup software on the server or on a Windows machine,
you need to configure a server to execute your backups.
The tree to which the server belongs which must be made the current tree
The full eDirectoryTM context of the server
Before Running the Backup Software

Before backing up software, in general you must:
Load the controller and storage device drivers on the server. See Loading
Controller and Storage Device Drivers on the Server on page 44.
Load the TSAs on a server, workstations, or both. See Loading the
Target Service Agents on page 45.
Load the backup engine on the server or the workstation. See Loading
SBCON on page 46 or Loading NWBACK32 on page 47.
Customizing the NetWare Server as the Backup Server

SMS allows you to configure a NetWareserver as a backup server while
installing NetWare 6. It also allows you to create NDS Backup Queue and
SMDR Group objects.
To customize the settings while running the Install program, do the following:
1 In the Final List of Products to be Installed dialog, click Customize.
2 Select Storage Management Services from the list of NetWare Services >
click Configure.
The SMS Setup dialog box with default values for NDS Backup Queue
and SMDR Group objects displays.
3 Enter the name of the eDirectory tree where the SMS objects will be
created.
4 Enter the name of the backup server and the context.
5 Accept the default for the SMDR Group context where the SMDR Group
object is to be created, or enter a new context.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
43
Manual
99a
38
July 17, 2001
The SMDR Group object is where all NetWare and workstation SMDRs
are registered for name resolution purposes.
6 Accept the default name of the Backup Queue where all backup jobs will
be submitted, or enter a new name and context.
Loading Controller and Storage Device Drivers on the Server

Controller and device drivers control the mechanical operation, such as read,
write, forward, back, and stop of various storage devices and media.
Ensure that you have installed the storage device controller and storage device
according to the hardware manufacturer's instructions.
When NetWare 6 is installed, the device drivers are placed in the
startup.ncffile automatically.
Whenever you want to add new drivers, you can either place them in
STARTUP.NCF or use the following steps:
1 At the server console prompt, enter:
LOAD PATH
LOAD PATH
CONTROLLER_DEVICE_DRIVER_NAME(S)
STORAGE_DEVICE_DRIVER_NAME(S)
For example, to load the drivers from drive C:, enter:

LOAD SCSI154X.HAM PORT=24
LOAD SCSIHD.CAM
LOAD SCSI2TP.CDM
2 In NWCONFIG, select Driver Options > Configure Disk and Storage
Device Drivers > Discover and Load Additional Drivers [or] Select an
Additional Driver.
3 (Conditional) If you loaded HAM drivers, or if you added an external
device, enter the following at the server console prompt:

LIST DEVICES
4 To register the storage device with the system, enter the following at the

NOTE: If you load the drivers from the STARTUP.NCF file, you do not need to use
the SCAN FOR NEW DEVICES command.
44

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Loading the Target Service Agents

Target Service Agents are loaded on servers and workstations. If you want to
back up a server, load the TSA on the server. Ensure that the controllers and
device drivers are loaded.
Table 2
Server Console Commands for Backup and Restore of Various Target Services
To Back Up or Restore
At This Console
Enter This Command
NetWare 6
Host server
LOAD TSA600
eDirectory database
NetWare 4 or later server (preferably a

server with a copy of the largest
partition)
LOAD TSANDS
DOS partition on NetWare
Host server
LOAD TSADOSP
OS/2*, UNIX, and

Macintosh* workstations
Host server
LOAD TSAPROXY
Target workstation
See the documentation that

came with the OS/2, UNIX, and
Macintosh workstation software.
Windows 95 and 98
Target workstation
W95TSA.EXE (installed with the

Novell ClientTM). See the online
help for more information.
Windows 2000 and NT
Target workstation
TSAPREFS.EXE,
TSAMAIN.EXE (installed with
the Novell Client). See the
online help for more information.
Follow these general steps when backing up or loading the software:

Backing up the eDirectory database. Load TSANDS.NLM once on the
server with a replica of the largest partition.
Backing up the file system. Load TSA600.NLM for its server and on
every server to be backed up.
Backing up cluster-enabled pools. Load TSA600.NLM on the target
server and the backup servers.
Backing up workstations. Load the appropriate TSA on the workstation.
For more information about backing up workstations such as UNIX,
OS/2, or Macintosh, see the documentation included with the client
software.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
45
Manual
99a
38
July 17, 2001
Loading the files when the server starts. Place the commands in the
server's STARTUP.NCF, and in the workstation's NET.CFG file,
AUTOEXEC.BAT file (for DOS), or Startup folder (for OS/2).
Loading SBCON
You can load SBCON from the server command line.
If you use NWBACK32 on a client, you do not need to load SBCON.
SMSSTART
TSA600.NLM, TSAPROXY.NLM, and SMDR.NLM modules are

loaded with default configuration values.
SBSC.NLM, QMAN.NLM, SMSDI.NLM and TSANDS.NLM must be
manually loaded on need basis; SBSC.NLM, QMAN.NLM,
SMSDI.NLM when storage devices are used, and TSANDS.NLM for
backup and restore of eDirectory.
2 Load SBCON by entering
LOAD SBCON
Prerequisites
Controller and storage device drivers are loaded on the server.
page 44.
SMDR.NLM, TSA600.NLM, SMSDI.NLM, QMAN.NLM, SME.NLM,
SBSC.NLM, and SBCON.NLM are installed on the server.
They should have been installed automatically during NetWare 6
installation.
Each NLMTM listed above is in the search path.
TSA is loaded on each machine to be backed up.
46

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Unloading SBCON
To ensure maximum memory utilization and throughput, you should unload
backup software and other Storage Management ServicesTM (SMSTM) modules
when you are finished performing your backup. That way, more memory will
become available on your host or target.
1 Exit SBCON from the Main Menu.
Press Esc until you reach the SBCON Main Menu; then press Esc again
and confirm the prompt.
2 Unload all the modules by entering the following command at the server
console:
SMSSTOP

WARNING: The system displays a warning message on the console if you
attempt to unload a module being used by another NLM. If you continue, your
server might abend.
Loading NWBACK32
1 Log in to the desired eDirectoryTM tree structure.
If this is the first time you have used NWBACK32, go to Step 2 on page
47 Otherwise, go to Step 3 on page 48.
2 (Conditional) If this is the first time you have used NWBACK32, do the
following:
2a Log in to the server running the backup engine.
2b Enter your user name and password.
2c Configure eDirectory information.
Tree Name. Enter the name of the eDirectory tree you will be using
to backup and restore data.
SMDR Context. Enter the context you created during the server
configuration.
SMDR Group Context. Enter the context you created during the
server configuration.
Check the SAP (IPX) box if you want to use IPX. Uncheck the box
for IP.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
47
Manual
99a
38
July 17, 2001
3 Run NWBACK32.EXE from SYS:PUBLIC.
The following screen appears.
You are now ready to back up data. Go to Backing Up Data on page 49 to

continue.
Exiting NWBACK32
1 Exit NWBACK32 from the Quick Access window.
2 Unload all the modules loaded on the server by entering the following
command at the server console:

SMSSTOP
48

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Backing Up Data
You can use SBCON to create a tape backup of the eDirectory database or of
the file system on your servers or workstations. The prerequisites listed here
use SBCON as the Storage Management Engine (SME).
Prerequisites
Understand the process for loading SBCON.
See Loading SBCON on page 46
Ensure that you know the workstation password if you are backing up a
workstation. For DOS workstations, make sure the Target Service Agent
was loaded with the /Password parameter instead of the /Trust parameter,
as explained in Table 2 on page 45.
Set the backup server and its tree as the primary resource using the Novell
Client. This lets you view the tape devices in NWBACK32.
If you are backing up the eDirectory database, ensure that eDirectory
synchronization and communication are functioning properly.
Before starting the backup, make sure eDirectory is fully functional. This
means that all partitions are synchronizing correctly.
If your backup host and targets communicate across a WAN, check the
status of the WAN links to verify that they are operating properly.
If you are backing up the file system, make sure you have Read and File
Scan rights to the directories/files you are backing up.
Ensure that you know what type of backup you want to perform: full,
differential, or incremental.
For more information, see Backup Types on page 16.
If you use the Advanced Options, ensure that you know the file system
structure of the target you are backing up. You will be prompted for the
paths to the volumes and directories that you want to include in or exclude
from your backup.
Ensure that you have loaded the drivers for your specific device and
controller board.
Ensure that the required files for your target are loaded.
Ensure that you have loaded the SBCON files for your specific target.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
49
Manual
99a
38
July 17, 2001
Ensure that media is inserted into your storage device.

You can back up your data two ways: from a server using SBCON or from a
Windows workstation using NWBACK32.
Backing Up from the Server

When you back up your data from one server to a target server or workstation,
you should use the command line.

3 Click Target Service to select the NetWare server running your backup or
restore Target Service Agent.

To be able to select the server, you need to load the correct Target Service
causes:
50

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The following table describes the targets that can be selected for backup.
If you are Backing Up
Then Select
Cluster-enabled pools
The cluster-enabled pool you want to back up
The file system
The server whose file system you want to back

up
The eDirectory database
A workstation
The workstation's host server, and then the

workstation
Server-specific
information

you want to back up, and then choose to back up
the file system.
target.
SBON will take a few moments to attach to that target.

differential backup, select Advanced Options.

Setting Up

103-000134-001
August 29, 2001
Novell Confidential
51
Manual
99a
38
July 17, 2001
SYS:HOME\REPORTS\JULY.02) which you will need to know if a restore session
is necessary.



WARNING: If you are appending a backup session to a media set (two or more
tapes), use the tape with maximum space.
52

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
14 To return to the Main Menu, press Esc until you back out to the Main
Menu.
Customizing Backup
You can customize your backup using the Advanced Backup Options form
when you use SBCON at the server to launch your backup program. This form
allows you to specify exactly what you want to back up data. It could be the
server, the eDirectory database, workstation, directory, or file. You can even
specify subsets of groups. The Advanced Backup Options form activates only
after you have selected at least one of the resources (directory/file). Select
Advanced Options from the Backup Options form to perform advanced
backup sessions. See Backing Up from the Server on page 50.
HINT: SBCON displays prompts and messages at the bottom of the screen. For
example, you can press F1 for help at any time.

If you want to perform a series of backups and restores and need to change your
target, see Changing Your Target on page 61.
A custom backup allows you to specify exactly what you want to back up:
server, volume, the eDirectory database, workstation, directory, or file.
To customize a backup, do the following:
1 Select Backup Options > Advanced Options.
2 Select Backup Type.
By default, Storage Management Engine (SME) performs a full backup.

See Backup Types on page 16. Differential and incremental backups
are not interchangeable. See Planning a Backup Schedule on page 21.
IMPORTANT: If you choose to include migrated data, ensure that your backup
media capacity matches the jukebox media capacity.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
53
Manual
99a
38
July 17, 2001
3 Select Subsets of What To Backup.
The default setting means that everything in the Subsets of What You
Want to Backup screen is backed up.
Include/Exclude TSA ResourcesIncludes or excludes resources such
as servers or volumes.
Include/Exclude DirectoriesIncludes or excludes directories.
Include/Exclude FilesIncludes or excludes files.
Include/Exclude path/filesIncludes or excludes pathnames and files.
4 Select Scan Options.
The How to Scan What you are Backing Up screen appears.

If you do not want to accept the default (nothing will be excluded),

type Y (Yes) and press Enter.
Choose to exclude subdirectories, hidden files, system files, etc.
Enable the Scan-ahead option, if required.
6 Press Esc to Finish.
For information about how SBCON scans data, see Scan Data Sets on
page 19.
7 Select Execution Time.
The Edit Date and Time screen appears. You can choose the default date
and time shown for the backup to begin, or you can type a new date and
time. You can change the month/day/year and hour/minute/second fields.
The engine should initiate the rescheduled job.
To schedule the job to run another time, press Enter and go to Step 8 on
page 54. Otherwise, go to Step 7 on page 54.
8 (Optional) Select Scheduling.
RescheduleSelect Yes to reschedule.

Rerun IntervalSpecify the duration in terms of elapsed time and days,
months or years to rerun an already scheduled job.
The Edit Date and Time screen appears. You can specify the number of
days, months, or years after which an already scheduled job will run.
54

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The day, month, or year you enter should not be the actual date when you
want the job to run; rather, it is the duration after which the job gets
executed.
Example
If you have scheduled a job to run on 03/20/1999 and want to rerun the
job after two months and at the same time, then the Rerun Interval field
should be the following:
Year: 0, Month: 2, Day: 0
Hour: 0, Minute: 0, Second: 0
Rerun CountSpecify the number of times you want to rerun a job after
the current execution.
Keep Finished jobsSelect Yes to keep the job in the queue after
execution so that it can be rescheduled when you need it.
NOTE: If you are performing a series of backups or restores and need to change
your target, follow the procedures in Changing Your Target on page 61.
Backing Up from a Workstation

When you load the backup software from a workstation to the target server or
workstation, you are using the graphical interface.
To back up from a Windows workstation, do the following:
1 Run NWBACK32.

3 Select what you want to back up.
3a Double-click What to Backup.
3b Click eDirectory, NetWare Servers, or Workstations.
3c Double-click a server to back up.
3d Enter the username and password to authenticate to the server.
A list of resources to back up appears, such as volumes and files.

3e Click the resources to back up.
3f Click OK to finish.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
55
Manual
99a
38
July 17, 2001
4 Select where you want your backup data to go.

4a Double-click Where to Backup.
4b Change to the correct eDirectory tree structure and context by
clicking the Change to Context button on the toolbar.

4c Double-click Queues.
4d Select a Queue object from the list.
4e Right-click the server to open the drop down box.
4f Click Submit the Job.
This step allows you to submit the job to a queue on the chosen server
or on the chosen media type.
Queue. Double-click to expand the queue.
Server. Double-click to expand the queue, double-click to select a
server, and then right-click to submit the job.
Media. Double-click to expand the queue, double-click to select a
server, double-click to view a list of devices, double-click to view a
media list, and then right-click to submit the job.
Backing Up Cluster-enabled Pools from the Server


3 Click Target Service to select a cluster-enabled pool name.
To be able to select the target, you need to load the correct Target Service
causes:
56

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
target.
SBCON will take a few moments to attach to that target.

differential backup, select Advanced Options. For more details on the
Advanced options, see Customizing Backup on page 53.

SYS:HOME\REPORTS\JULY.02), which you will need to know if a restore session
is necessary.

Setting Up

103-000134-001
August 29, 2001
Novell Confidential
57
Manual
99a
38
July 17, 2001
11 Select Advanced Options and set the desired values for all the fields.

NOTE: If you set Enable Auto Recovery to NO in Cluster Options, the remaining
options become invalid.

WARNING: To append a backup session to a media set (two or more tapes), use
the tape with maximum space.
14 To return to the Main Menu, press Enter and then press Esc until you back
out to the Main Menu.

58

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Backing Up a Workstation
To back up the workstation (the target), a Target Service Agent (TSA) must
be loaded on the workstation. (See Loading the Target Service Agents on
page 45.)
You can select the directories to back up or back up the entire workstation.
Windows 95 and 98 Workstation
Make sure that the W95TSA is installed and configured. It is a part of the
Novell Client modules (checkbox for Target Service Agent).
NOTE: If W95TSA is installed and registered, a shield-like icon appears in the
system tray and indicates Novell TSA (Listening) message. You will also see an
SMS screen popup when you log in to NetWare.
1 At the target workstation, register with the W95TSA.

1a Double-click the shield-like icon that appears in the system tray.
The Novell Target Service Agent for Windows Properties box

appears.
1b Enter your user name and password for TSA.
1c Enter the server name that will be servicing this Windows client.
1d Select the disk drive you want to register.
1e (Recommended) Check Auto Register. This automatically registers
your workstation with the server after you restart.

1f Click OK.
1g Restart your workstation.
The TSA must be installed and registered with the host server, along with
the TSA username and password.
2 At the host server, load TSAPROXY.
3 Select the NetWare server running the target service agent.
4 Follow the procedure from Step 3 on page 50 to complete your backup.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
59
Manual
99a
38
July 17, 2001
Windows 2000 and Windows NT Workstation
Make sure that the NT TSA is installed and configured. It is a part of the
Novell Client modules (checkbox for Novell Target Service Agent).
The Windows NT TSA has two parts:
TSA Service (TSAMAIN.EXE) is a service that waits for and acts when
there is a request from the backup engine.
TSAPrefs (TSAPREFS.EXE) allows an NT administrator to set
preferences and monitor the activities of the TSA Service.
1 Right-click Network Neighborhood and then click Properties > Novell
Target Service Agent > Properties.

2 Click Preferences and fill in the following fields:
Workstation: Enter the name of the workstation.

Preffered Server: Enter the name of the server on which you want to
connect. This server must have TSAProxy installed.
Protocol: Select SPX/IPX or TCP/IP.
Events to Log: Check the items you want to log: Connection,
Registration, Security, or Service.
Allow Backup User: This grants the backup user rights depending on the
group.
Auto Register: This automatically registers the Windows workstation
with the server after you restart.
3 Click Registration.
4 Check the fields in the Registration page and, if correct, click Register.
If information in any of the fields is incorrect, click Withdraw and return

to the Preferences page to change the information. Then repeat Steps 4
and 5.
5 Click Connections.
6 Check the fields in the Connections page and then click OK.
If you need to add or change information, click Apply.

You can also delete connections in this page under Current Connections
and then click Apply.
60

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Changing Your Target

Any time you are performing a series of backup or restore sessions, you might
need to change your target. This can be easily done from the SBCON Main
Menu either at the command line or from the Windows workstation using
NWBACK32.
If you do not specify a new target, SBCON automatically selects the target
used during the last session and continues without asking you to make a
selection.
Load the required TSA. (See Loading the Target Service Agents on
page 45.)
Changing a Target at a Server

1 Select Main Menu > Change Target to Back Up From or Restore To.
2 Select one server.
3 From the list of Target Service Agents, select a target.
If the target you select includes more than one TSA loaded, SBCON will
show you a list of their full names.
4 Enter the username and password for the target you just selected.
Changing a Target at a Workstation

1 Run NWBACK32.

You can use the toolbar to open this window if preferred.

3 Double-click What to Backup.
4 Double-click Workstations (or NetWare Servers).
5 Select the workstation (or server) to use as the target.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
61
Manual
99a
38
July 17, 2001
Restoring Data
Use SBCON to restore information from tape backup. These procedures use
SBCON as the Storage Management Engine (SME).
Know the username and password for the target server or workstation to
which you want to restore data.
Know the session description that you want to restore. You can get this
information from your session log and error files. (See Session Files on
page 37.)
For an Advanced Options restore session, ensure that you know the file
system structure of the data you are restoring. You will be prompted for
specific paths and filenames while setting the restore options.
If you restore the server-specific information from the file system backup
of the failed server to a functioning server or location, you can use the
VOL$INFO.TXT file as a reference for this information.
If you want to restore data to a new location (different from where the
original data was located), you must specify the full path to both the
original data and the new location. If the new location does not exist,
SBCON will create a new file system structure.
You can get the original path from your backup logbook or from the
session log files if you noted the path at the time the backup was
performed.
Replace faulty hardware or correct the problems that caused data loss (if
applicable).
Ensure that media is inserted in your storage device.
You can restore data either from the server command line or from a Windows
Restoring Data from a Server

1 Load the drivers for your specific device and controller board.

page 44.
2 Load the appropriate Target Service Agents.
62

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
3 Load SBCON.

5 Select Target Service and then the NetWare server running your backup
and restore Target Services Agent.

This is the name of the server or workstation on which you want to restore
your data. Before selecting it, you must load the correct TSA. See
Loading the Target Service Agents on page 45.
causes:
The proper TSA is not loaded on the target.
Network traffic is heavy. In these circumstances, it might take

SBCON a few moments to detect all the targets. Press Esc to return
to the Main Menu, and then press Enter again. Your target should
now be listed. From the Target Services list, select a target.
If the target you select has more than one TSA loaded, SBCON shows
you a list of their full names in the Backup/Restore Target Services on
This Server.
NOTE: When you are trying to connect to a different server, SBCON uses the
same username and password you gave the first time. It prompts only if it fails.
The following table lists the target services and their associated datasets.
Dataset to Select
Cluster-enabled pool
The cluster-enabled pool that you backed up
File system
The server whose file system you want to restore
eDirectory database
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
63
Manual
99a
38
July 17, 2001
Dataset to Select
Workstation
The workstation's host server and then the

workstation
Server-specific
information

you want to restore and then the file system to
restore
6 When prompted for the target username, enter your username (and
context if required) as the network administrator for the target.

include the context of where the user object is located. For example,
instead of entering ADMIN as the username, enter a complete name such
as .CN=ADMIN.O=COMPANY_NAME or .ADMIN.COMPANY_NAME.
exists in an eDirectory container that is different from the context set on
the server running SBCON.
7 If a password is requested, enter the password for the target.
SBCON will take a few moments to attach to the target. Wait for the
confirmation box, and then press any key to continue.
8 Enter a descriptive name for the restore session in the Description field.
The descriptive name of the job will help you identify the session.
9 Select the device and media for restore by pressing Enter at the Device/
Media Name field and decide where you want to restore from.
If you enter *.* (DEVICE NAME.MEDIA NAME), the engine selects
the device and media that it encounters first.
indicating that the media cannot be identified. You should set the label
before selecting it for a backup job.
10 On the Select a Session screen, select the Session to Restore.
WARNING: TSA600.NLM backs up files in compressed or uncompressed format
as specified by the user. However, if you try to restore a compressed file to a
64

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
volume without compression, the file is corrupted and no error message is

displayed.
11 Specify the path to the session log file of the session you want to restore.
Use one or more of the following methods:
Press Enter to accept the default; then go to Step 12 on page 65.
Press Insert to select from a list of directories, press Esc to return to

the previous window, and then go to Step 12 on page 65.
in a new directory or path, and then go to Step 12 on page 65.
Press Insert any time during this process to choose parts of the existing
path from a list.
NOTE: At the present, it takes the default. This will be implemented in the future
release.
12 When a list of sessions is displayed, select the session you want to restore.
If the media on which the data resides is not loaded on the device you
choose, you will be prompted to insert the correct media.
13 Select Advanced Options to make the selective restore.
The Advanced Restore Options screen appears. See Customizing

Restore on page 66. You can perform the advanced restore, specify the
execution time, reschedule the job, etc., using this form.
14 Complete the Advanced Restore Options form.
15 Press Esc and answer the prompt at the Submit Job screen to begin the
restore session.
16 Press Alt+Esc to view the activity log screen.
If the job execution starts and is not successfully completed, the error
messages appear on this screen. The activity log file ACTIVITY.LOG is
located at the server's SYS:\SYSTEM\TSA\LOG directory.
17 To view the Run Time Status of a job, select Job Administration >
Current Job List > job name.

18 When the restore session finishes, your screen display reads the
following:
The restore process was completed normally.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
65
Manual
99a
38
July 17, 2001
reach the Main Menu. If you want to exit SBCON, answer the
confirmation prompt.
NOTE: To unload SBCON and applicable Target Service Agents, see Unloading
SBCON on page 47.
Customizing Restore
Using the Advanced Restore Options form at the server, you can perform a
custom restore of the database you need.

3 Select Rename Data Sets to restore data to a location different from the
backup location.
4 At the Restore Datasets to a Different Location screen, do the following:
4a Press Insert to select the namespace type.
4b Enter the source path (where the data originally was backed up
from).
4c Enter the destination path you want the data restored to, in the entry
box.
Both the source and destination paths must include the volume names (for
network server) or the hard disk drive letter (for example, C:\) for
workstations.
IMPORTANT: When you specify a particular portion of the file structure as the
source location, it does not necessarily mean that this will be the only data
restored. What is restored can be influenced by the include and exclude settings
on the Subsets of What You Want to Restore form. If you do not want to overwrite
any subdirectories that might exist in the area you have included, you must
specifically exclude them by their full path.
5 Select Subsets of What to Restore.
Use this screen to specify which parts of the file structure you want to
restore. Various data sets to be included or excluded are listed in this
form. You can include or exclude any or all items listed. For more
information about including and excluding items, see Exclude and
Include Options on page 17.
66

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The screen lists major and minor resources. Default indicates that none of
that type of subset has been specified.
6 To specify a subset, do the following:
6b Edit the Include or Exclude screens using Insert and Enter.
6c Press Esc to save changes.
6d To view a list of values associated with major TSA resources (for
example, server or volumes) select either the include or exclude line.

The Selection List Options form appears. Any value you previously
selected is shown on the form. If you did not select a value, the form
is blank.
6e To select a value for this major resource, press Insert and select the
value from the list that appears by pressing Enter.

7 Select Open Mode Options and select parts of the backed up data
structure to be restored.
The backed-up data set contains various types of data that are listed on the
screen. By default, all the types of data are included in the restore.
7a To exclude a particular type of data from the restore, select that line
and type Y.
7b When all the data items are selected correctly, press Esc.
8 Specify whether to overwrite the existing parent by typing Y (Yes) or N
(No).
For more information, see Overwriting a Parent or Child on page 20.
9 Specify whether to overwrite the existing child by typing Y (Yes) or N
(No).
10 Specify the execution time.
11 Select Scheduling to reschedule the job.
12 Press Esc as required and then select Yes to confirm the Submit Job?
prompt.
The job is submitted and is listed in the Current Job List menu.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
67
Manual
99a
38
July 17, 2001
Restoring Data from a Workstation

When you restore data, you are copying your backed up data to a server or
workstation.
1 Run NWBACK32.

You can run the NWBACK32 program (NWBACK32.EXE) from
SYS:PUBLIC.
2 At the Quick Access window, click Restore.
3 Click What you Want to Restore.
3a Double-click What to Restore.
3b Select the context.
3c Double-click Queues and select the queue.
3d Double-click Servers and select a server.
3e Double-click Devices and select a device.
3f Double-click the device to view the media list.
3g Select a medium.
4 Click where you want the restored data to go.
4a Double-click Where to Restore.
4b Select eDirectory, NetWare Servers, or Workstations.
4c Click the server to which you want to restore your data.
4d Enter your username and password to authenticate to the server.
4e Click OK.
5 Submit the restore job by clicking Restore > Submit the Job on the
toolbar.
6 (Optional) Click Next to display more information about the restore.
68

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Restoring eDirectory
The procedures in the following sections are performed at the beginning of the
restore process.
Restoring a Volume Other Than SYS: on page 69
Restoring Volume SYS: in a Single-Server Network on page 69
Restoring Volume SYS: in a Multiple-Server Network on page 70
Restoring the Entire eDirectory Tree Structure on page 72
Restoring a Volume Other Than SYS:
WARNING: Do not delete the Volume object for the failed volume from the
eDirectory tree structure. The Volume object preserves any references that other
objects (such as Directory Map and Queue objects) might have to that volume. If
the Volume object is deleted and you have objects that depend on this volume, you
must re-establish the relationships through a selective eDirectory restore. See
Custom eDirectory Restore on page 73.
1 Bring down the server.

2 Correct the problem.
3 Bring the server back up and re-create the volume.
4 Perform an advanced file system restore.
See Customizing Restore on page 66 for the procedure.

Restoring Volume SYS: in a Single-Server Network
eDirectory information from a replica. After repairing or replacing the failed
hardware, you must restore the entire NetWare environment, including
eDirectory, from an SMS backup.
To restore a single SYS: volume, do the following.
1 Correct the problem that caused volume SYS: to fail.
2 Reinstall NetWare and eDirectory.
When NWCONFIG asks for the names for Organization objects

before in the eDirectory tree. Otherwise you will end up with new, empty
containers in the restored eDirectory tree structure.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
69
Manual
99a
38
July 17, 2001
Make sure disk partitions are at least as large as they were before, and that
the volumes are defined as before.
3 Restore eDirectory using Customizing Restore on page 66.
Restoring Volume SYS: in a Multiple-Server Network
To restore SYS: volumes on several servers, do the following.

1 Restore the server-specific eDirectory information file
(SERVDATA.NDS) to another server on the network following the

custom (advanced) file system restore (see Customizing Restore on
page 66).
By default, the file is placed into the SYS:SYSTEM\server_name
directory on the server you have selected.
2 Use the DSMISC.LOG file (part of the information restored with the
server specific information) to see if the failed server had a master replica
of any partition.
3 If the failed server had a master replica of any partition, select the server
you want to hold the master replica and load DSREPAIR on that machine.
3a Select Available Options > Advanced Options Menu.
3b Select Replica and Partition Operations.
NOTE: Use the NDS Manager utility to perform regular partition operations.
3c Select the partition you want to edit.

3d To see the list of servers that have replicas of that partition, select
View Replica Ring.

3e Press Esc.
3f Select Designate This Server as the New Master Replica.
3g Repeat Steps 3a through 3f for each master replica that the failed
server contained.
4 (Conditional) If the failed server contained any replicas, remove them.
4a Select Available Options > Advanced Options > Replica and
Partition Operations.
4b Select the partition the server held replicas of.
4c Select View Replica Ring.
4d Select the name of the failed server.
70

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
4e Select Remove This Server from the Replica Ring.

4f Enter the supervisor name and password.
4g Select Yes to continue.
5 Exit DSREPAIR.
6 Reinstall NetWare.
6a Begin the installation.
6b When prompted for DS install, select Create a New DS Tree and
complete the installation.

6c Load NWConfig and remove DS.
6d Install DS, when prompted for DS install and select Install into an
Existing Tree.
6e When prompted to choose a eDirectory tree structure, press F5.
This allows you to choose to restore the SERVDATA.NDS file to the

failed server.
6f To specify the path where the SERVDATA.NDS file exists, press F3
and enter the path.

HINT: If the information fits on a diskette, you can save the information on a
diskette instead of another server on the network.
6g Press Enter to accept the path.

6h Log in to the server that contains the SERVDATA.NDS file.
6i Log in to the eDirectory database.
6j If the START.NCF file of the failed server is different from the
default, you can edit the default file.

6k You now can choose from the following:
To continue the install and not copy the files from install, but use
the backup tapes to finish restoring the information, press Enter.
To go back to the previous screen, press Esc.
To copy the files from install and then restore the files from tape,
press F3.
7 Restore the file system using Restoring Data on page 62.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
71
Manual
99a
38
July 17, 2001
Restoring the Entire eDirectory Tree Structure
To restore an entire network from a full backup in a multiple-server

environment, do the following:
1 Reinstall NetWare on the first server.
By default, this server will hold the master replica of the [Root] partition.
When NWCONFIG asks for the names of Organization objects
before in the eDirectory tree.
In NWCONFIG, select Directory Options > Directory backup and restore
options to obtain the information.
Otherwise you will end up with new empty containers in the restored
eDirectory tree.
When this installation is complete, you will have a working eDirectory
tree containing one NetWare server with a master [Root] partition.
2 Add name spaces as required.
3 Install the remaining servers to complete a skeleton of your network.
Before restoring a full eDirectory session, you should create a skeleton of

your network.
All servers and volumes should be up and running.
The eDirectory objects should exist in the eDirectory tree in the same
context as before. (NWCONFIG prompts you for the container in
which you want each server to be placed.)
Make sure all servers are communicating with one another.
Make sure time synchronization is working properly.
NOTE: If you can get some, but not all of the servers backed up, you can still
proceed with the restoration. However, you might see errors and experience
problems due to eDirectory objects having dependencies that cannot be resolved.
The User object (Admin or equivalent) used to create the backup session
must exist in the same container with the same password and eDirectory
rights as when the backup was performed.
Once this step is completed, you still have just one partition: [Root].
Because of the NWCONFIG program defaults, you now have two
replicas of that partition. These are stored on the second and third servers
you installed.
4 Restore eDirectory on one server using Restoring Data on page 62.
72

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
eDirectory Restore Session Types

You can choose to restore eDirectory in one of the following ways:
Single Server or an Entire Tree Restore on page 73
Custom eDirectory Restore on page 73
Custom File System Restore on page 74
Server-Specific Information Restore on page 76
Single File or Directory Restore on page 76
Single Server or an Entire Tree Restore
1 Restore the entire eDirectory session from your SMS backup.
You will have no session file to work from at this point. Choose the option
to restore without session files.
2 Continue through Step 15 on page 65 to Step 19 on page 65 to restore
eDirectory.
Custom eDirectory Restore
To perform a custom eDirectory restore, do the following.

2 Select Job Administration.
3 Select Restore Options > Advanced Restore Options > Subsets of What
to Restore.
5 Specify whether or not to overwrite the existing parent or child.
A parent is a container. A child is an object, which is the lowest level of

the latest date, accept YES for parent, child, or both.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
73
Manual
99a
38
July 17, 2001
If you do not want to overwrite the parent or child that exists on the hard
has the latest date, select the option (parent or child or both), and enter N.
Custom File System Restore
To perform a custom file system restore, do the following.

2 Select Job Administration > Restore Options > Advanced Restore

The screen lists major and minor resources. The word DEFAULT
indicates that none of that type of subset has been specified.
4 (Conditional) If you want to exclude certain types of data from the restore
session, select Job Administration > Restore Options > Advanced Restore
Options > Open Mode Options, and then edit the form.
The backed-up data set contains the various types of data items listed on
the screen. By default, all types of data items are included in the restore.
If you want to exclude any item, select it and enter Y. Press Esc when you
are finished editing the form.
5 (Optional) Restore data to a different workstation or location on a
different NetWare server.

5a Back up the data from the server where it resides.
5b Exit to the Main Menu.
5c Select Change Target to Back Up From or Restore To screen from
the Main Menu.

6 (Optional) Restore data to a different workstation or location within the
backed-up server's file system structure.
74

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Follow these important rules about restoring to a new location:
When you specify a particular portion of the file system structure as

the source location, it does not necessarily mean that this will be the
only data restored. You can influence what is restored by using the
Include and Exclude options on the Choose Subsets Of What You're
Restoring screen (Job Administration > Restore Options > Advanced
Restore Options > Subsets of What to Restore).
You can restore only to a new location in the name space that is
supported by the drive you are restoring to.
OS/2 workstation onlyOn an HPFS drive you can rename only in

the OS/2 name space, and on a FAT file system you can rename only
in the DOS name space. However, SBCON displays both names
spaces in the log file even though only one is valid.
If you do not want to overwrite any subdirectories that might exist in

the area you have included, you must specifically exclude them by
their full path.
6a Go to Subsets of what you want to restore, press Enter, and then
Insert, select the name space you want, and enter the name you used
for your backup at the Enter the Data Set Name field.
6b Enter the full directory path of the source including the volume
name.
6c Enter the full directory path to the new destination.
6d Press Esc to save your changes.
NOTE: The eDirectory Target Service Agent (TSANDS) does not support
restoration of data to a different location.
7 Specify whether to overwrite the existing parent or child.
A parent might be a server, a volume, or a directory. A child is a file,

which is the lowest level of the file system structure.
the latest date, accept YES for parent or child or both.
If you don't want to overwrite the parent or child that exists on the hard
has the latest date, select the option (parent or child or both), enter N.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
75
Manual
99a
38
July 17, 2001
If you want to overwrite the child that exists on the hard disk only if the
date of the backed-up copy on the media is later than the date of the copy
on the hard disk, select Overwrite Existing Child and select the option.
Server-Specific Information Restore
To view and restore server information, do the following.

Options > Subsets of What to Restore > Include Major TSA Resources.
The Selection List Options screen appears and is empty.
2 Press Enter to see the Selection List Options. Press Insert to see the server
specific information.
3 Select the Server-Specific Info and press Enter.
Esc returns you to the Selection List Options.

This will return you to the Choose Subset of the Session to be Restored
screen.
4 Complete the form and press Esc.
This will return you to the Restore Options screen.

5 Complete the Restore Options form and press Esc.
The server-specific information will be restored to the

SYS:SYSTEM\failed_server_name directory of the server on which you
are running SBCON.
Single File or Directory Restore

2 Enter the full path and name of the file or directory, including full
directory and volume names.

The following options appear:
Include/Exclude directories (full path)
Include/Exclude files
Include/Exclude path/files
76

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
3 Press Insert and enter the name space for the name space format you used
when entering the file or directory name.

The name space allows SBCON to correctly interpret the path
information entered earlier in this menu in either the directory field or the
location field.
IMPORTANT: If files are restored to a new location, the name spaces must be the
same or an error message will occur.
You can restore to a new location only in the name space that is supported
by the drive to which you are restoring.
The supported name spaces are DOS, FTAM, Macintosh, NFS, and long.
SBCON provides a list of the name spaces currently loaded on the target
to which you are restoring.
For example, if you are restoring to a new Macintosh location, enter a
path, (for example, SYS::test:monday) and then enter Macintosh
as your name space.
4 (Optional) Restore to a new location (located in Rename Data Sets).
4a Enter the source path, including the volume name, to the target
directory (a location different from where the data was backed up).
Enter Volume:/directory/directory
4b If the new location you are restoring to is a different NetWare server,
do the following:
1. Back up the data from the server where it resides.
2. Exit to the Main Menu.
3. Change your target to the server you want to restore the data to.
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
77
Manual
99a
38
July 17, 2001
Completing the eDirectory Restore

If you restored the eDirectory database to volume SYS:, you should complete
the restoration for the following to make sure the eDirectory database is
working properly:
Volume Other than SYS:
To finish restoring eDirectory on a volume other than SYS:, do the following.

1 Bring the server up.

To finish restoring eDirectory on a server, do the following.

1 Restore the full file system following Restoring Data on page 62.

To finish restoring eDirectory on multiple servers, do the following.

1 Restore replicas to the server.
The DSMISC.LOG file, which is created when the SERVDATA.NDS is

restored, contains the partition and replica information that resided on the
failed server at the time of the backup. This will show you what replicas
were on the server when it failed.

78

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Entire Tree
To finish restoring eDirectory on the tree, do the following.

1 Restore the file system information to each server following Restoring
Data on page 62.

2 Re-create partitions and replicas.

Partial eDirectory Restores
Certain conditions might arise in special cases involving the backup and
restoration of eDirectory information.
The SMS TSA software allows you to do selective restores from the backup
media. However, partial restoration of eDirectory from a backup can have
many subtle consequences, particularly when only a single object or a selected
group of objects is restored.
For partial eDirectory restores, keep these two main issues in mind:
Object ID numbersIf you restore objects that no longer exist in the
eDirectory tree, those objects receive new ID numbers when restored.
New object IDs affect file system trustees, print queue directories, user
mail directories, etc.
If you restore objects on top of objects that exist in the eDirectory tree,
the objects do not receive new ID numbers. These objects' current
attribute and property information is overwritten with previous
information from the SMS backup.
Objects that depend on other objectsIn the eDirectory schema,
objects are defined to have certain attributes. Some of these attributes are
mandatory (meaning they must contain a value); others are optional.
For some eDirectory objects, the value for a particular attribute is a
reference to another object upon which the object depends. For example,
Queue object has a Queue Directory attribute that contains the file system
path to the queue directory. It also has a Host Server attribute that
Setting Up

103-000134-001
August 29, 2001
Novell Confidential
79
Manual
99a
38
July 17, 2001
identifies the file server on which the queue directory resides. This
information is used to determine the physical location of the resource.
The specifics of restoring objects vary depending on what type of object
is involved and whether the object's dependencies are physical entities
(servers and volumes) or logical entities.
In some cases, you can simply restore an object and everything will work
fine. In other cases, an object might be restored but not be functional
unless you first restore its dependent objects.

Restore of cluster-enabled pools is similar to a normal restore session.
See Restoring Data on page 62.
supported.
80

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Managing
After you install and load SBCON, you can manage your jobs, data, devices,
reports, and so on either from the server or workstation. Though the screens
might look different, you can perform the same tasks in each interface.
Be sure to read Prerequisites for SBCON Tasks on page 81 before
performing any tasks in this section.
Administering Jobs on page 82
Storage Devices on page 86
Erasing or Retaining Media on page 90
Log and Error Files on page 93
Creating Session Files on page 98
Verifying Backup Data on page 99
Prerequisites for SBCON Tasks

Before you can manage any backup tasks, ensure the following:
Drivers for your specific device and controller board are loaded.
SBCON files for your specific target are loaded.
The media is inserted into your storage device.
You can see the SBCON Main Menu on your server console or the Quick
Access window on your Windows 95, 98, 2000 or Windows NT
workstation.
Managing

103-000134-001
August 29, 2001
Novell Confidential
81
Manual
99a
38
July 17, 2001
Jobs
The backup or restore jobs created by you can be administered anytime. You
can delete, hold, reschedule, abort, or enable a job.
Administering Jobs
Jobs can be managed either from the server or from the workstation.
From the Server
On the SBCON Main Menu at the server, the Current Job List option gives you
a job management facility where you can delete a job, hold a job, or enable it
if it has been disabled after a job failure. You can even monitor the status of
the backup/restore jobs you have submitted.
Current Job List provides the following information about all jobs submitted.
The name of the server from which the job was submitted. If you
initiated the job from the client, locate the workstation name. See
Viewing the Job Queue on page 83.
The job name that you entered on the Backup Options form. The job
name can be renamed using the Job Details screen if you are rescheduling
it to run another time and you want to change the name. See Viewing Job
Details on page 84.
The Hold status. If you want to prevent a prescheduled job from
execution, you can put it on Hold. See Postponing a Job on page 85.
The job status, whether it finished the execution of the request, or if
it was submitted for execution at a later time. Other statuses are: active
currently, could not run, processing, failed, and success. The log of each
of these status reports can be viewed using the log and error reporting. For
more details see Log and Error Files on page 93.
From a Workstation
From Job Administration at the Quick Access window of a Windows

workstation or at the toolbar, you can access the current list of jobs. If you
select a job, you can see the properties, which include the following:
General properties contains fields for the Job Name, Job Type,
Submitted By, Entry Open, and Serviced By. These fields are the same as
the Job Details screen at the server.
Static properties contains fields for the Job Status, Job Submitted At,
Execution Time, and Job's Rescheduled Count.
82

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Dynamic properties contains data that indicates how much data has been
backed up along with the filenames. This dialog box appears when a job
is running and SBSC is loaded on the server.
Enable job allows you to start a job that has been disabled.
Delete the job allows you to remove a job.
Start/Hold the job allows you to start a job that is in the hold state or
place it on hold if it is not in a hold state.
Reschedule options contains fields for changing the backup schedule.
Abort cancels an active job.
Viewing the Job Queue on page 83
Viewing Job Details on page 84
Postponing a Job on page 85
Viewing the Job Queue
You can view the job queue from the server or a workstation.
From the Server
The Queue Jobs screen displays a list of all jobs, showing each job name,
hold status, status of the job, and name of the server from where the job
was submitted.
From a Workstation
1 At the Quick Access window, click Job Administration
2 Double-click the context of the queue location.
A list of jobs appears.

4 (Optional) Select a job from the list > right-click and then click Dynamic
Properties to view the dynamic properties of the job.

You can also view the properties using the toolbar. Click Job
Managing

103-000134-001
August 29, 2001
Novell Confidential
83
Manual
99a
38
July 17, 2001
Viewing Job Details
This screen gives you all the details of the job you submitted including job
name, the time the job was submitted, and the time the job should be executed.
You can also schedule the job to run at a predefined time again after its
execution.
You can view job details from the server or a workstation.
From the Server
2 Select one of the jobs listed and press Enter.
The Job Details screen appears displaying the following information:
84
Job NameA descriptive name of the job for your identification.

You can change the name if you want to reschedule the job and run
it again.
Disabled Indicates whether the job is disabled. If it is, this field

displays Yes; if enabled, it displays No. Updates to this field depend
on the job status. If the job status is Could Not Finish, the
message is Yes. You can perform the required troubleshooting and
change this field to No, subsequently allowing the job to execute.
After completion of the job, the Disabled field indicates Yes.
Submitted ByThe name of the server where you have submitted

the job. If you submitted the job from a client, it displays the name of
the workstation and is the same as the Owner in the Queue Jobs
screen.
Submitted atThe date and time the job was submitted. The
execution time could be different depending upon the specifications
you defined in Execution Time and Scheduling Options in the same
screen.
Entry OpenThe status is Yes when the job is active and No when
it is inactive. This is one of the fields that is updated automatically.
Execution TimeAn option to give the time and date when you
want the job to run. It is the same as the Execution Time in the
Advanced Backup Options form.

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Serviced ByThis indicates the name of the server where the job is
to be executed. From a single server, you can submit jobs to various
servers. This field indicates which job is serviced by which server.
This field is active only when the job is active; otherwise, it indicates
None.
Scheduling OptionsYou can schedule the same job to run at

another time. For information, see Customizing Backup on page
53.
Session ReportPress Enter at this field to view the session log

report or the session error report for the particular session you
selected. The same information can be seen in the Error Log File
where it gives a log of all the jobs. For information, see Viewing a
Log File on page 93.
From a Workstation
4 Select the job from the list.
5 Right-click the job and then Dynamic Properties to view the dynamic
properties of the job.

(Optional) You can view the properties using the toolbar. Click Job
Postponing a Job
This task lets you to place a job on hold from either the server or a workstation.
From the Server
The Queue Jobs screen appears with a list of jobs.

2 Select a job and press Tab.
The job is on hold if Hold is displayed in the column. If no status is

displayed, it is ready for execution at the time you configured it. Press Tab
to toggle holding a job.
Managing

103-000134-001
August 29, 2001
Novell Confidential
85
Manual
99a
38
July 17, 2001
From a Workstation
4 Select the job to place on hold.
5 Right-click the job and then click Start/Hold the Job.
(Optional) You can also hold the job using the toolbar. Click Job
Administration > Start/Hold the Job.
Storage Devices
The Storage Device Administration option of the SBCON Main Menu at the
server or the Device Administration button at a Windows workstation lists the
devices and the media you can access.
You can perform the following administrative tasks:
Checking the Device Status on page 86
Changing the Device Label on page 87
Viewing the Media List on page 88
SBCON supports autoloader, which holds multiple media within a magazine.
Every magazine has slot numbers given by the manufacturer and each slot
holds a single medium. This is extremely useful when you are backing up a
large server. If one medium is fully written, the SME automatically writes to
the other available media.
IMPORTANT: Any media under a device becomes inaccessible if a job is running
on it because it is reserved by the engine. Any job scheduled to be executed at that

instance will fail.
Checking the Device Status
The Device Status screen displays information about the current status of a
device, such as read, write, and format from the server or workstation. It also
gives information on the storage capacity.
86

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
From the Server

2 Select a device and press Insert.
3 Select Utilities > Device Status.
The Device Status screen is displayed listing the following information:
Current OperationIndicates whether the device is currently

reading, writing, formatting the media, or none of these.
Device ModeIndicates whether the device is selected for reading,

writing, or both.
Maximum CapacityIndicates the total storage capacity of the

media currently present in the device.
From a Workstation
8 Right-click the device and then click Properties to view the Device Label
or Device Type.
(Optional) You can also view the properties using the toolbar. Click
Device Administration > Properties.
Changing the Device Label
The default names for storage devices are controlled by the device
manufacturers. These names are often not descriptive, so you change the name
of the device during multiple backup sessions. However, this change is
temporary, and it is lost after a reboot. If you have several devices, it might be
difficult to remember which name goes with which device. For this reason,
renaming storage devices is helpful.
Managing

103-000134-001
August 29, 2001
Novell Confidential
87
Manual
99a
38
July 17, 2001
You can change a device label from the server or a workstation.

From the Server
2 Select a device name and press Insert.
3 Select Utilities > Change the Device Label.
4 Enter the new name in the field.
5 Press Esc as required to return to the Main Menu.
From a Workstation
8 Right-click the device to change.
9 Click Properties > Device Label.
10 Change the name in the Device Label field.
11 Click OK.
Viewing the Media List
This task allows you to view your list of devices from the server or a
workstation.
88

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
From the Server


If no device is displayed in the list, run LIST DEVICES at the server
prompt.
2 Select a device name and press Enter.
The List of Media screen appears displaying the following information:
SlotThe slot number given by the manufacturer.
Media nameThe name of the media, which can be changed using

the Utilities menu. See Erasing or Retaining Media on page 90.
NumberThe sequential number of the media (tape) in a particular

backup set. SBCON automatically labels and appends an
incremental number to any backup session that spans multiple media.
HINT: It takes a lot of time to display the media in an Autoloader. However, once
the media list is displayed, press Tab to access it. This will not rescan the device
for new media. Press Enter only when you remove or add media.
From a Workstation
8 Right-click the preferred device.
9 View the media list.
Managing

103-000134-001
August 29, 2001
Novell Confidential
89
Manual
99a
38
July 17, 2001
Erasing or Retaining Media
This task erases media headers, erases all data on the media, or retentions
media in tape devices.
The following table describes all media options.
Option
Explanation
Change the Media Label
This is permanent. Blank media (tape) does not have a label. Before
submitting a job to the media, you need to label it.
Erase the Media
This option erases the tape completely. It might take up to two hours,
depending on the size of the media.
Erase the Media Header
This is a quick method of making the media appear blank. Although it

is less secure than erasing all the data, this method is quick and
effective.
Media Status
This option lets you view the status of the media.
Move the Media
This option moves the media from one slot of an autoloader to another
slot. It is not a valid operation on a single media device.
Retention of Media
This option is for tape devices that allow retention (for example, 0.25inch cartridges). This rewinds the tape, which might resolve a problem
reading the tape. An error appears if the driver does not support this
method on the device.
From the Server


4 Select Utilities > Erase the Media [or] Retention of Media.
From a Workstation
90

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
8 Right-click the media > click Erase Media [or] Retension.
(Optional) You can also use the toolbar. Click Device Administration >
Media > Erase Media [or] Retension.
Checking the Media Status in a Device
This task lets you check the status of a particular media type from either the
server or a workstation.
From the Server
4 Select Utilities > Media Status.
A screen is displayed listing the following information:
Number in Media SetThe sequential number of the media within

a particular media set.
SBCON automatically labels and appends an incremental number to
any backup sessions that span multiple media.
Creation timeThe time the current media label was first used on
this media.
Mount statusWhether the media is Mounted (ready for reading or

writing). There are two status messages:
Mount Pending: The request to mount is waiting to be processed.
Not Mounted: The media not ready to access.
Managing

103-000134-001
August 29, 2001
Novell Confidential
91
Manual
99a
38
July 17, 2001
Media modeWhether the media is selected for reading, writing or

both, or whether the mount request is pending.
Media typeThe type of media in the device, such as 4mm DDS

(Digital Data Storage) tape, or 8mm tape.
Total capacityThe total capacity of the media, if known.

Sometimes it is not displayed, depending on the media manager.
The type of media manager controls the display of the total capacity
of the media.
From a Workstation
1 Click Device Administration at the Quick Access window.
8 Right-click the preferred media > Properties > Media Status.
Spanning Storage Media

If the storage media you are using does not have enough space for the entire
backup, SBCON will span the media, prompting you to insert additional
media when the first medium is full.
HINT: Always have extra media on hand in case the backup session spans more
than one medium.
SBCON designates the first media as label #1 and increments any subsequent
medium with the same label.
WARNING: To help safeguard your network, SBCON disconnects from the target
when a delayed backup is complete. If the delayed backup session cannot fit on
the media, SBCON prompts you to insert additional media. If additional media are
not inserted, the backup does not finish and SBCON does not disconnect, thereby
compromising security.
92

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Log and Error Files

SBCON keeps a list of all the log and error files, which show specific
information about the backup and restore session. See Session Files on page
37 for more information.
You can manage these files as follows:
View information contained in the log and error files.
See Viewing a Log File on page 93 and Viewing an Error File on
page 94 for information.
Create these files.
See Creating Log and Error Files on page 96 for information.
Change the location of these files.
See Setting the Location of Backup Log and Error Files on page 96 for
information.
Delete these files.
See Deleting the Log Files on page 97 for information.
Viewing a Log File
This task lets allows you to view your log file for backup and restore
information from either the server or a workstation. The log file is created on
the host server the first time data is backed up or restored and contains details
about the session.
From the Server
Log File.


page 94.

directory, and then press Esc to return to the previous window, and
then go to Step 3 on page 95.
Managing

103-000134-001
August 29, 2001
Novell Confidential
93
Manual
99a
38
July 17, 2001
The backup log displays all supported name space types. The DOS name
space is the first in the group. A right-angle bracket (>) appears next to
the file creator's name space type.
If you have linked UNIX files, SBCON retains both symbolic and hard
links created under the NFS name space type, but links are not listed in
the backup log. Restoring the original file restores associated links.
3 To return to the Main Menu, press Enter and then Esc.
answer the confirmation prompt.
From a Workstation
1 At the Quick Access window, click Reports
7 Select Session Report.
The server displays where the report is located.

Viewing an Error File
An error file records any errors that occurred during the backup or restore
session. (See Session Files on page 37.) It can be viewed from the server or
a workstation.
94

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
From the Server

1 From the SBCON Main Menu, select Log File Administration > View an
Error File.


page 95.
Press Insert to choose from a list of network directories, choose a

directory, press Esc to exit and then go to Step 3 on page 95.
Restore errors are appended to a session's backup error file. A Restore

Session Begins message marks the beginning of the restore errors,
if any exist.
If you linked UNIX files, symbolic and hard links created under the NFS
name space type might not be restored if the pathname is not recognized.
When this happens, the error file contains messages similar to the
following:
Error restoring namespace specific information of
XXXX:tmp/hosts in NFS namespace, error 0x7!
Unable to allocate directory handle for XXXX:tmp/test!
3 When you are finished viewing the file, press Esc.

respond at the confirmation prompt.
From a Workstation
1 At the Quick Access window, click Reports.
Managing

103-000134-001
August 29, 2001
Novell Confidential
95
Manual
99a
38
July 17, 2001

7 Select Error Report.
Creating Log and Error Files
and error files, you can re-create them.
To create a log or error file, see Creating Session Files on page 98.
Setting the Location of Backup Log and Error Files
Every time you do a backup, you are required to set a location (or directory
path) for the log and error files. The restore log and error files are always
located in the directory, SYS:SYSTEM/TSA/RESTORE.
You can set the location when requested in the backup procedures, or you can
use the following method prior to beginning the backup procedures.
1 From the SBCON Main Menu, select Log File Administration > Set
Location of Log and Error Files.

2 Set the location using one or more of the following methods:
Press Enter to accept the default location, and then press Esc to return
to the Main Menu.

directory, and press Esc twice to return to the Main Menu.
a new directory or path, press Enter, and then press Esc to return to
the Main Menu.
96

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Deleting the Log Files
SBCON allows you to overwrite sessions and reuse storage media.

When you delete the log file for a session using the following procedure, you
automatically delete the corresponding error file as well.
To prevent outdated session information from taking up disk space and to help
prevent confusion when you select sessions to view or restore, delete the
session log files for any session that has been overwritten.
NOTE: You cannot delete log and error files at the workstation.
To delete the log and error files from the server, do the following.
Log File.
2 If you have not set the location of log and error files, do so now using one
or more of the following methods:

page 97.
Press Insert to select from a list of directories, select a directory, press

Esc to return to the previous window, and then go to Step 3 on page
97.
a new directory or path, and then go to Step 3 on page 97.
You can also press Insert during this process to select existing parts of the
path from a list.
3 Select the description of the session that you have overwritten (or plan to
overwrite) and press Delete.

A confirmation prompt is displayed.
4 To delete the log and error file for that session, click Yes.
Managing

103-000134-001
August 29, 2001
Novell Confidential
97
Manual
99a
38
July 17, 2001
Creating Session Files
and error files, you can re-create them from either the server or a workstation.
From the Server
1 From the SBCON Main Menu, select Job Administration > Create
Session File.
The Session Files Options screen appears.
2 Enter a descriptive name.
3 Select the media you will be using.
If you have only one loaded, press Enter to accept the default.
4 To verify the media, press Enter.
SBCON reads the media and shows you the selected session.
5 Confirm the creation of the session files.
If the session selected is the session you want for log and error file
creation, click Yes, Create Files for This Session.
If the session selected is not the session you want for log and error file
creation, click No, Go to the Next Session.
If you elect to create session files, they will be created in the location you
chose.
From a Workstation
1 At the Quick Access window, click Create Session.
4 Select the preferred queue.
6 Select the preferred server.
8 Select the preferred device.
98

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
9 Select the preferred media.

10 Right-click the job and select Submit the Job.
11 Check the appropriate fields in the Submission of Job dialog box.
Verifying Backup Data
This option allows you to check the data on the media from either the server
or a workstation to make sure it has been backed up properly, and to check
later that the data is valid and can be restored.
You can verify the backup data in two ways:
If you know what sessions are on the media and you have the log and error
files, you can select the session from the list.
If you do not know what sessions are on the media, and if you are not sure
the log and error files still exist, you should create the session files.
From the Server
1 Select Main Menu > Job Administration > Verify
The Verify Options screen appears.

2 Enter a descriptive name for the verify job.
3 Select the device and media of the job.
You can also manually enter this in the form device name.media name.
4 Press Enter in the Session to Restore field.
A list of all backup sessions is displayed in the Select a Session screen.

5 Select a session from the list.
6 Submit the job after confirming the Submit Job? prompt.
7 Select Job Administration > Current Job List.
8 Select the job you have submitted.
If there were no problems with the verification or the data, the Run Time
Status screen displays the following message:
The verification process was completed normally.
Managing

103-000134-001
August 29, 2001
Novell Confidential
99
Manual
99a
38
July 17, 2001
From a Workstation
1 At the Quick Access window, click Verify.
2 Double-click the context if necessary.
8 Double-click the preferred device.
9 Right-click the preferred media.
10 Select Submit the Job.
11 In the Submission of Job dialog box, click the session.
12 Click Finish.

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Optimizing
Whether you should compress your files before backup. See
Compressed Files on page 101.
How to increase speed when backing up your files. See Host Server
Performance on page 102.
How to enhance or optimize server performance. See Setting Minimum
Packet Receive Buffers on page 103.
How to synchronize memory between your media and your server. See
Setting Reserved Buffers Below 16 MB on page 103.
Compressed Files
WARNING: SBCON and file compression should not be run simultaneously.
Because the default time for both delayed SBCON sessions and compression is
midnight of the current day, change one of these defaults to another time
immediately.
If you want to perform a delayed backup that includes files flagged for
compression, schedule the delayed backup after the compression time to allow
time for the compression to be completed.
When a NetWare 6 volume is mounted, file compression is set to On by

default. When you perform a backup, you can specify whether to keep already
compressed files in a compressed state for the backup, or back them up in a
decompressed state.
Optimizing 101

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
To help you make a decision about whether to compress or decompress your

backed up data, follow these guidelines:
Backups are faster if files already compressed are left compressed.
Compression is not supported in some environments (such as a NetWare
3.11 server, a DOS workstation, or Novell Storage ServicesTM). If you
intend to restore a file that is currently compressed to an environment that
does not support compression, back it up in a decompressed state.
The SBCON utility has no compression feature, so it cannot compress a
file that is currently decompressed.
If volume compression is turned on and you back up compressed files in
a decompressed state, restore speed is degraded if you overwrite existing
files.
To improve restore speed, delete the files you no longer want from the
hard disk before restoring them from the backup media. If you back up
compressed files in a compressed state, restore speed is not affected.
You might run out of disk space if you restore decompressed files to a
volume that compresses files.
Host Server Performance

The speed of the SBCON utility depends upon the configuration of the host
server and whether the server is backing up its own data or that of another
server or workstation.
For information on server configuration and setting parameters, see
Communications Parameters and File Caching Parameters under SET in
NetWare Utilities Reference.
A server backing up its own data runs about twice as fast as a server backing
up data from another server.
This section includes four options using LOAD and SET commands that can
enhance your host server's performance.

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Setting Minimum Packet Receive Buffers
Packet receive buffers represent the space in the server memory dedicated to
handling network traffic. If the buffers are set too low, the server performance
may be degraded.
To reset the packet receive buffers at the server console prompt, include the
following SET command in the STARTUP.NCF file:
SET MINIMUM PACKET RECEIVE BUFFERS = X
The x represents the number of buffers. Set two buffers for each user on the
system. The minimum is 10. The changes will take effect immediately.
Setting Reserved Buffers Below 16 MB
If your storage device driver requires memory below 16 MB and the server has
more than 16 MB available to it, you must reserve memory below 16 MB for
the driver.
To change the reserve memory at the server console prompt, include the
following command in the STARTUP.NCF file:
SET RESERVED BUFFERS BELOW 16 MEG=X
Replace the x with a number between 8 and 300. The default is 200.
Setting Maximum Subdirectory Level and Minimum Cache Buffers
If you change the maximum subdirectory level in the server's STARTUP.NCF

file, you must also change the minimum cache buffer. The default maximum
subdirectory level is 25.
To change the cache buffers at the server console prompt, include the
following commands in the AUTOEXEC.BAT file:
SET MINIMUM FILE CACHE BUFFERS=X
SET MAXIMUM DIRECTORY CACHE BUFFERS=X
This command changes the minimum and maximum directory in MONITOR

> Available Options > Server Parameters. The changes will take effect
immediately.
Optimizing 103

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38

103-000134-001
August 29, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
Troubleshooting
Common Backup Problems

The media owner is unidentified
Possible Cause:
Action:
Media is blank or was written in a non-SIDF format.

See Checking the Media Status in a Device on page 91.
Backup speed is slow

Possible Cause:
Action:
Compressed files are being backed up in a decompressed format.

See Compressed Files on page 101.
Restore speed is slow

Possible Cause:
File compression and SBCON are running at the same time.

Compressed files are being overwritten with decompressed files.
Action:
See Host Server Performance on page 102.
The target you want is not listed

Possible Cause:
Action:
Possible Cause:
Action:
The Target Service Agent isn't loaded on the desired target.

See Backing Up Data on page 49.
Insufficient time to list the targets.
Allow more time for the software to find the target.
Possible Cause:
The host and target are physically far apart and network traffic is heavy.
Action:
Wait to perform a backup during nonpeak hours or when fewer users are
logged in.
Troubleshooting 105

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Data is corrupted, but no error message was given

Possible Cause:
Action:
Compressed files were restored to a volume without compression.

See Step 10 on page 64.
You (the network administrator) can't back up a workstation

Possible Cause:
The /Password option is set and is denying access to data on the workstation.
Action:
See Setting Rights to Back Up Portions of the eDirectory Tree on page 26.
Possible Cause:
Action:
Backup was attempted from two different servers at the same time. One
succeeded and the other one failed.
Check to make sure all necessary backup software is installed loaded.
A backup does not contain all changes

Possible Cause:
Action:
Differential and incremental backups were combined.

Use one or the other of these types in conjunction with full backups. See
Backup Types on page 16.
Changed files are not recognized

Possible Cause:
Action:
The modify bit was cleared after the last customized backup, so changed files
are not recognized.
See Backup Types on page 16.
Unable to find the session log file you want

Possible Cause:
Action:
It might be in a different directory or you might have deleted it accidentally.

See Deleting the Log Files on page 97.
Pressing Insert on a device list does not produce a media list at the server
Possible Cause:
Action:
No medium has been selected.

Use the Select option at the bottom of the screen.
The Time Form Is Invalid message displays when you try to schedule a delayed
backup
Possible Cause:
Action:
The date has been entered incorrectly in the time form.

Check that the scheduling has been entered correctly.

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Files were restored but the error file contains a message specifying which name
space formats were not restored
Possible Cause:
Action:
The file attributes and name space formats are not configured on the volume
you restored to.
Check to make sure you selected the correct name space.
Can't list devices or see the Session/Error Report from the client and the message
Unable to Establish Communication with Server appears
Possible Cause:
Action:
A client-server communication problem.

Check whether SBSC is loaded on the server. If not, load it.
If SBSC is already loaded, unload and reload it again.
Troubleshooting 107

103-000134-001
August 29, 2001
Novell Confidential
Manual
99a
38

103-000134-001
August 29, 2001
Novell Confidential
July 17, 2001
iPrint Administration Guide
Novell
NetWare 6
www.novell.com
I P R I N T A D M I N I S T R AT I O N G U I D E
August 31, 2001

Novell Confidential
Manual
99a
July 17, 2001
38
Contents
Contents
Simplify Printing Using iPrint
Understanding iPrint
The Novell iPrint Solution . . . . . . . . .

Scenario 1: Printing across the Internet
Scenario 2: Mobile Users . . . . . . . .
Scenario 3: Printing Instead of Faxing .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Setting Up iPrint on Your Server
10
11
11
12
13
Installing iPrint . . . . . . . . . . . . . . . . . .
iPrint System Requirements . . . . . . . . . . .
Setting Up DNS for the Print Services Manager .
Enable DNS on the Print Services Manager .
Add the DNS Name to the DNS Name Server
Configuring iPrint . . . . . . . . . . . . . . . . .
Using iManage for Network Management . .
Configuring iPrint Printers . . . . . . . . . .
Disabling iPrint Services . . . . . . . . . . .
Enabling iPrint on All Printers. . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Client Requirements . . . . . . . . . . . . . . . .
Using the Default Printer Lists Generated by iPrint
Creating Location-based Printing . . . . . . . . .
Using ZENworks to Distribute iPrint . . . . . . . .
Auto-client Update . . . . . . . . . . . . . . . . .
Saving Passwords for Secure Printers . . . . . . .
Uninstalling the Novell iPrint Client. . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Setting Up iPrint on Client Workstations
13
14
14
15
15
15
15
16
16
17
19
Customizing iPrint
19
20
20
21
21
22
22
23
Setting Up Location-based Printing

Creating Location-based Maps .
Creating Printer Lists . . . . . .
Customizing the HTML Interface . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Contents

103-000136-001
August 31, 2001
Novell Confidential
23
23
26
27
Manual
5
A
July 17, 2001
38
Printer Availability on Workstations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Printer Driver Default Install Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
27
28
Setting Up a Secure Printing Environment
31
Secure Printing Using SSL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
31
Configuring the HTML Interface
33
iPrint Client HTML Interface Description . .

Internet Explorer Browser Customization
Netscape Browser Customization . . . .
HTML Parameters . . . . . . . . . . . . . .
call-back-url . . . . . . . . . . . . . . .
debug . . . . . . . . . . . . . . . . . .
driver-options . . . . . . . . . . . . . .
error-type . . . . . . . . . . . . . . . .
file-path-name . . . . . . . . . . . . . .
job-list . . . . . . . . . . . . . . . . . .
job-list-options . . . . . . . . . . . . . .
persistence. . . . . . . . . . . . . . . .
printer-url. . . . . . . . . . . . . . . . .
result-type . . . . . . . . . . . . . . . .
target-frame . . . . . . . . . . . . . . .
Supported Operations Strings . . . . . . . .
op-client-interface version . . . . . . . .
op-client-is-printer-installed . . . . . . .
op-client-version-info. . . . . . . . . . .
op-job-cancel . . . . . . . . . . . . . .
op-job-get-info . . . . . . . . . . . . . .
op-job-hold . . . . . . . . . . . . . . . .
op-job-hold-release . . . . . . . . . . .
op-printer-get-info . . . . . . . . . . . .
op-printer-get-status . . . . . . . . . . .
op-printer-install . . . . . . . . . . . . .
op-printer-list-all-jobs . . . . . . . . . .
op-printer-pause . . . . . . . . . . . . .
op-printer-purge-jobs . . . . . . . . . .
op-printer-remove . . . . . . . . . . . .
op-printer-resume . . . . . . . . . . . .
op-printer-send-file . . . . . . . . . . . .
op-printer-send-test-page . . . . . . . .
99a
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

103-000136-001
August 31, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
33
34
35
36
36
36
37
37
37
38
38
38
39
39
39
40
41
41
41
41
42
42
42
43
43
43
44
44
44
44
45
45
45
Manual
99a
38
July 17, 2001

iPrint is Novells next generation of printing software that lets users to print
from anywhere to anywhere. Utilizing the Internet Printing Protocol
standarad, iPrint lets users use their Web browser to install printers on their
workstations. Once installed, users can print to iPrint printers through their
applications just like any other printer. These printers can be located down the
hall or across the ocean.
The following chapters provide information you need to implement iPrint:
Chapter 1, Understanding iPrint, on page 9
Chapter 2, Setting Up iPrint on Your Server, on page 13
Chapter 3, Setting Up iPrint on Client Workstations, on page 19
Chapter 4, Customizing iPrint, on page 23

103-000136-001
August 31, 2001
Novell Confidential
Manual

103-000136-001
August 31, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
July 17, 2001
38
iPrint lets mobile employees, business partners, and customers access printers
from a variety of remote locations using existing Internet connections.
Whether users are located in an office building, telecommuting from home, or
attending a sales meeting in another country, iPrint ensures that they can print
documents quickly, easily, and reliably.
Using a Web browser, users point to a Web page that displays the available
printers. By clicking a printer, the iPrint client is installed (if not installed
previously), the printers driver is downloaded, and a printer is created in the
users Printer folder, enabling the user to print to the printer from any
application on his or her desktop.
iPrint uses the Internet Printing Protocol (IPP), an industry standard, to
eliminate the complexities of printing over the Internet and to make locationbased printing a reality.
The benefits of IPP include the following:
Uses simple protocol
Provides broad vendor support
Works over local networks and the Internet
Provides for print data encryption (SSL, TLS)
Provides a standard print protocol for all platforms (Windows*,
Macintosh*, Linux*, UNIX*, etc.)
For more information about IPP, see the documents available at the Printer
Working Group (http://www.pwg.org/ipp/index.html) Web site.

103-000136-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
In addition to the benefits of IPP, Novells implementation of iPrint adds the

following value:
One Net printing for global access
Print driver download and installation
Location-based printing
Browser-enabled print interface
Customizable user interface
Secure information transfer
Using iPrint, mobile users no longer have to hunt down administrators to find
out a printers name and context and the required print driver. Instead, mobile
users use a Web browser to locate nearby printers and download and install the
latest print drivers. Companies can reduce communication costs by reducing
the need to fax documents between offices. Instead, companies can use their
existing Internet connections to print documents to remote printers.
For secure printing needs, iPrint integrates with Novell eDirectoryTM to
ensure that only authorized users can access the printer. Users are challenged
with their eDirectory username and password. Print data is also encrypted to
ensure that sensitive print data is kept secure and unaltered.
The Novell iPrint Solution

Novell iPrint utilizes the NDPS infrastructure, while improving the users
print experience. The Novell implementation of the Internet Printing Protocol
comprises three components:
A print provider and a set of browser plug-ins that are installed on a users
workstation. The Novell ClientTM is not required.
The IPPSRVR.NLM runs on a NetWare server. When an NDPS printer
is configured as an IPP printer, the print services manager automatically
loads this NLMTM on the server.
A set of HTML pages are provided to install the iPrint client software and
printers as well as to view and manage print jobs. These pages are
customizable. For more information, see Chapter 4, Customizing
iPrint, on page 23.
After setting up iPrint for your network, the system easily expands to support
the following scenarios.
10

103-000136-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Scenario 1: Printing across the Internet

John is an employee working at home who wants to send a document to a
printer at his office. John does not remember how to dial into the companys
network, but he has access to the Internet.
1. After the administrator has set up iPrint, he will need to enable a port on
his firewall to allow access to the companys intranet from the Internet.
For security, the administrator should enable port 443, which uses SSL.
Port 443 requires users to authenticate using their eDirectory username
and password. If a user does not have an eDirectory account, then the
administrator can use the unsecured port 631.
2. John points his Web browser to the URL, http://server_IP_address_
or_DNS_name:443/ipp.
3. From the Web page, John selects the printer to install. The iPrint client is
automatically downloaded and installed on the computer. The printer
driver is also downloaded and the printer installed in the workstations
Printer folder.
4. From any application on his home computer, John can now print to the
companys printer.
Scenario 2: Mobile Users

Gail is visiting her companys branch office in Dallas, Texas. She needs to
print a presentation for an upcoming meeting. Outside of the office she is
using is a printer, but she does not know the printers name, eDirectory
context, make, model, or required print driver. Gail has used iPrint in a
different branch office and she knows that a link to iPrint is available from the
companys intranet Web page.
1. Gail connects her laptop to the company network, clicks the iPrint link on
the companys intranet Web page, and then clicks a link for the branch
office she is visiting. A map of the branch office and iPrint printers
displays.
2. Gail locates the office she is using and clicks the printer icon just outside
the office door.
3. The print driver is dowloaded and a printer is created in the users Printer
folder. She didnt need to install the iPrint client software again because
she had used iPrint previously at a different branch office.
4. From her presentation application, Gail prints her presentation for the
upcoming meeting.

103-000136-001
August 31, 2001
Novell Confidential
11
Manual
99a
38
July 17, 2001
Scenario 3: Printing Instead of Faxing

Dan has just returned to his hotel room in Chicago after visiting with some
clients. While checking his email, he is reminded that he needs to submit a
color report to his boss in the corporate office in New York. The report is due
by 8 a.m.Although he could send the report by fax, he wants a high-quality
printout in color and he does not want to incur additional telephone charges.
1. Using his Web browser, Dan accesses the Internet and logs in to the
companys intranet. Using the iPrint map pages, he locates an iPrint color
printer adjacent to his boss office.
2. After downloading and installing the print driver, Dan uses his
application to send the report to the printer.
3. Dan returns to the iPrint Web page and clicks the printer again to display
printer management options. He monitors the printer job list to see that
his print job is completed.
4. Finally, Dan sends an e-mail to his boss telling him that the report is
available at the printer.
12

103-000136-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

iPrint is based on the Novell Distributed Print ServicesTM (NDPS)
architecture. In order to use iPrint, you must have NDPS installed and
configured. If you do not have an NDPS system set up, refer to the Novell
Distributed Print Services Administration Guide for more information.
The following sections will assist you in preparing NDPS to work with iPrint
Installing iPrint on page 13
iPrint System Requirements on page 14
Setting Up DNS for the Print Services Manager on page 14
Configuring iPrint on page 15
Installing iPrint
If you chose to install iPrint/NDPS during the NetWare 6 installation, iPrint
software components were automatically installed on the server. If iPrint was
not installed during the installation, you need to install it by completing the
following steps.
1 From the GUI screen on the server, click Novell > Install.
2 If an iPrint/NDPS entry is listed, iPrint is already installed. If an entry
does not exist, click Add.

3 Insert the NetWare 6 Operating System CD into the drive.
4 Browse to the PRODUCT.NI file at the root of the CD.
5 Follow the installation prompts to install iPrint/NDPS.

103-000136-001
August 31, 2001
Novell Confidential
13
Manual
99a
38
July 17, 2001
iPrint System Requirements

Before you set up iPrint, you must have the following:
NDPS Broker:Provides network support services. For more information,
see Creating NDPS Brokers in the Novell Distributed Print Services
Print Services Manager: Provides a platform for printer agents. When
IPP printing is configured for a printer, the print services manager loads
the IPP software, IPPSRVR.NLM.
For more information, see Creating NDPS Manager in the Novell
Distributed Print Services Administration Guide.
NDPS Printer Object: Represents the printer and is associated to a
printer agent that combines the functions previously performed by a
printer, print queue, print server, and spooler.
For more information, see Creating NDPS Printers in the Novell
Distributed Print Services Administration Guide.
iManage : Provides browser-based management of Novell eDirectoryTM.
For more information on iManage, see Novell iManage Administration
Guide.
Setting Up DNS for the Print Services Manager

Each server that is running the print services manager loads IPPSRVR.NLM
when iPrint is enabled for a printer associated with that manager. Prior to
configuring printers for iPrint, you should configure a DNS name for each
print services manager. This lets you move the print services manager to a
different server while maintaining the iPrint URLs for the associated printers;
otherwise, iPrint will no longer work.
To correctly enable DNS for each print services manager, first Add the DNS
Name to the DNS Name Server on page 15 and then Enable DNS on the
Print Services Manager on page 15.
NOTE: If DNS is not set up for the print services manager and the manager is
moved to another server, users will have to reinstall their iPrint printers.
If a DNS name is added to the print services manager after iPrint is set up, iPrint
printers enabled before the DNS will not use the DNS name until the manager is
restarted.
If users install printers prior to the DNS name being added, their printing will work
only until the IP address of the print services manager changes. Then users will
have to reinstall their printers.
14

103-000136-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Enable DNS on the Print Services Manager

To configure a DNS name for the print services manager, use the print services
manager startup switch.
Syntax
NDPSM NDPS_Manager_Object_Name /dnsname=NDPS_Manager_DNS_Name
Example
NDPSM PrintManager1 /dnsname=Printing.MyCompany.Com
where PrintManager1 is the print services manager name and

Printing.MyCompany.Com is the desired DNS name.
Add the DNS Name to the DNS Name Server

After you enable the DNS name on the print services manager, you need to add
the DNS name to your DNS name server. For more information, see the Novell
DNS/DHCP Services Administration Guide.
Configuring iPrint
Using iManage for Network Management
iManage is a Web-based management utility to administer eDirectory objects.
For information on using and configuring iManage, see the Novell iManage
Administration Guide. Once iManage is installed and configured, you can
manage iPrint. This includes the ability to create, delete, and modify printers
and other NDPS objects.
The iPrint Management plug-in for iManage works only with Internet
Explorer 5.5 with Service Pack 2.
If you encounter a "Page Not Found" error while running iManage, do the
following:
1 Check that you are running Internet Explorer 5.5 with Service Pack 2
installed.
2 From Internet Explorer, click Tools > Internet Options > Advanced.
3 Uncheck Show Friendly HTTP Error Messages.

103-000136-001
August 31, 2001
Novell Confidential
15
Manual
99a
38
July 17, 2001
Configuring iPrint Printers

Complete the following steps for printers that are already set up in NDPS. For
more information on creating an NDPS printer, see Creating NDPS Printers
in the Novell Distributed Print Services Administration Guide.
1 From iManage, click iPrint Management > Manage Printer.
2 Browse to and select the printer you want to enable IPP printing for.
3 Click Client Support > IPP Support.
4 Check the Enable IPP Access check box.
The URL that appears in the Accepted IPP URL(s) box is the URL used
when the printer is created on a workstation. This is also the URL you
should use when creating map. For more information, see Using the
iPrint Map Designer on page 23.
5 (Optional) For secure printing, check the Require Security check box.
This requires users to authenticate to eDirectory using their usernames

and passwords.
6
7 Click Apply or OK to update the printer settings.
The IPPSRVR.NLM is automatically loaded on the server where the printers

print services manager is running.
Disabling iPrint Services

2 Browse to and select the Printer you want to modify.
4 Uncheck the Enable IPP Access check box.
16

103-000136-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Enabling iPrint on All Printers

To enable iPrint on all printers associated with a print services manager,
complete the following:
1 From iManage, click iPrint Management > Enable iPrint Access.
2 Browse to and select the print service manager you want to enable IPP
printing for.
3 To enable all printers associated with this print services manager, check
the first check box next to Enabled. To select printers individually, check
the check boxes next to the printers in the Enabled Column that you want
iPrint enabled for.
4 (Optional) To enable all printers associated with this print services
manager to use Secure printing, check the first check box next to Secure.
To select secure printers for specific printers, check the check boxes next
to each printer in the Secure column.
For more information on implementing SSL, see Secure Printing Using
SSL on page 31.

103-000136-001
August 31, 2001
Novell Confidential
17
Manual
18

103-000136-001
August 31, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
Setting Up iPrint on Client

Workstations
In order for users to use iPrint, they need to install the Novell iPrint Client
software and a printer. When a user selects a printer to be installed by iPrint,
iPrint checks to see if the Novell iPrint Client software is installed and installs
it if necessary. Then the printer driver is downloaded, and the printer is
installed in the users Printer folder.
iPrint Client files and printers can be installed from a Web page, or they can
be distributed using ZENworksTM. For more information on using ZENworks,
see Using ZENworks to Distribute iPrint on page 21.
This chapter helps you with the following:
Client Requirements on page 19
Using the Default Printer Lists Generated by iPrint on page 20
Creating Location-based Printing on page 20
Using ZENworks to Distribute iPrint on page 21
Uninstalling the Novell iPrint Client on page 22
Client Requirements
In order for iPrint to work properly, workstations should have the following:
Windows 95/98/ME or Windows NT*/2000
Web browser with Java Script* enabled and
Microsoft Internet Explorer 5.0 or later
Netscape 4.76 (iPrint is not supported on Netscape 6)

103-000136-001
August 31, 2001
Novell Confidential
19
Manual
99a
38
July 17, 2001
Using the Default Printer Lists Generated by iPrint

To enable users to use iPrint, you must give them the iPrint URL, which is
http://server_IP_ address_or_dns_name:631/IPP.
For example, if the DNS name is printing.mycompany.com, then the user
would access IPP from the following URL:
http://printing.mycompany.com:631/ipp
If users need to print through a secure port using SSL, they should use port
443. This requires users to authenticate using their eDirectoryTM usernames
and passwords. Using the above example, this URL would be the following:
https://printing.mycompany.com:443/ipp
From a Netscape or Internet Explorer browser, users enter the URL provided.
A Web page displays a listing of available printers they can install and a link
to install the client software. Users should select Install iPrint client software
to install the client pieces required. If they try to install a printer before
installing the iPrint client software, they are prompted to install the client
software first.
If you associate a printer driver with a printer being installed, the driver is
automatically installed on the users workstation. If the driver already exists,
the driver is overwritten even if it is a newer driver.
After installing a printer, it is added to the users Printer folder. Users can print
to the printer by selecting the printer from any application. For more
information on using Resource Management Systems in NDPS to distribute
and update printer drivers, see Designating Printers to Be Automatically
Installed in the Novell Distributed Print Services Administration Guide.
Creating Location-based Printing

Location-based printing lets users select printers based on location by using a
list view or a map. Using a list view, printer locations can be displayed by
building, office location, eDirectory context, etc. You can configure the lists
in a way that best suits the users needs.
For more information, see Creating Printer Lists on page 26.
Using the iPrint Map Designer, you can create maps of printer locations by
using drag-and-drop technology. Once the maps are created, they can be
20

103-000136-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
posted on a Web server for users to access. As users view the maps, they find
a printer close to their location to install and then click a printer icon. The
client software (if not yet installed) and the printer are installed on their
workstation.
For more information, see Using the iPrint Map Designer on page 23.
Using ZENworks to Distribute iPrint

You can use ZENworks to distribute the Novell iPrint Client and printers to
users workstations. Following the ZENworks instructions, you take a
snapshot of a workstation before installing the client and another snapshot
after. ZENworks creates a list of files to install and makes the necessary
changes to the Windows Registry.
You could also use ZENworks to install an HTML file on the users
workstations that would take them to your iPrint Web site. This would save
you from having to distribute a URL to your users. Many other
implementations are at your fingertips depending on your specific needs. For
more information on using ZENworks, see the ZENworks (http://
www.novell.com/documentation) documentation.
Auto-client Update
Periodically, users will need to update their Novell iPrint client. When a user
boots his machine, iPrint checks the default printer to ensure the user is using
the latest Novell iPrint Client. When needed, a newer client is installed. Using
a configuration file, you can control how this update takes place.
An IPRINT.INI file is located in SYS:\LOGIN\IPPDOCS on each server
where iPrint is installed is This file controls if the user should be prompted
before the updated client is installed or if the updated client should be installed
without user intervention. When the client is installed without user
intervention, the user will still see the installation program.
Using a text editor, edit the IPRINT.INI file to reflect the settings you want.
Information on the different settings is contained in the file.
IMPORTANT: The IPRINT.INI file should be synchronized across all servers
running where iPrint and a NDPS Manager are running.

103-000136-001
August 31, 2001
Novell Confidential
21
Manual
99a
38
July 17, 2001
Saving Passwords for Secure Printers

When users print to a secure printer, they are prompted for the eDirectory
username and password. Users can select to have their workstation remember
their password for printing. For Windows NT/2000 users, passwords are saved
on a per-user basis.
By default the Remember Password feature is enabled. To disable it, use a text
editor to edit the SYS:\LOGIN\IPPDOCS\IPRINT.INI file to reflect the
settings you want. Information on the settings is contained in the file.
IMPORTANT: The IPRINT.INI file should be synchronized across all servers
running where iPrint and a NDPS Manager are running.
Uninstalling the Novell iPrint Client

To remove the Novell iPrint Client, use Remove Programs option in the
Windows Control Panel or use the uninstall program that is available under the
Novell iPrint program group in the Start menu.
22

103-000136-001
August 31, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Customizing iPrint
This chapter describes how to customize iPrint for your company by using the
iPrint Map Designer and modifying the HTML pages and iPrint Client
interface.
Setting Up Location-based Printing on page 23
Customizing the HTML Interface on page 27
Printer Availability on Workstations on page 27
Printer Driver Default Install Options on page 28
Setting Up Location-based Printing

Using the iPrint Map Designer tool, you can quickly create a map showing
printer locations. The tool lets you import floor plans that can be used to drag
and drop printers to actual locations. These maps are then published on a Web
server so users can install printers that are closest to their location.
Creating Location-based Maps

Prerequisites
Microsoft Internet Explorer 5.5 or later

Novell iPrint Client installed on the workstation
Using the iPrint Map Designer
Use the iPrint Map Designer to create location-based maps using background
images of your buildings. Once the map is created, you must use the iPrint
Map Designer to modify or update your maps. Changes to a map file that are
Customizing iPrint

103-000136-001
August 31, 2001
Novell Confidential
23
Manual
99a
38
July 17, 2001
made outside of the iPrint Map Designer are not supported. If you need to add
links to a map, you should create a frameset file and then display the map file
in one frame and display your links in a different frame.
Creating a Map
1 Copy all of your background images (maps) to
SYS:LOGIN\IPPDOCS\IMAGES\MAPS on the server.

File types that can be used for background images are .JPEG, .GIF, and
.BMP.
Using a mapped drive, open

SYS:LOGIN\IPPDOCS\MAPTOOL.HTM in Microsoft Internet
Explorer.
Open http://server_address:port/login/ippdocs/maptool.htm where

server_address is the servers IP address or DNS name of the server
where the printer agent is running.
3 Click Background and select an image from
SYS:LOGIN\IPPDOCS\IMAGES\MAPS.
4 To add a printer to the map, select the Printer icon and the printer size.
5 Drag and drop the printer onto the map in the design area.
6 Next to the Printer List field, click the Browse icon and enter the IP
address or DNS name of the server where the print services manager is
running.
7 From the Printer list, select the printer agent you want associated with this
printer icon.
If the printer is not listed, then you have not enabled IPP for the printer.
See Configuring iPrint Printers on page 16 for more information.
The Printer URL and Mouse Over Text is automatically filled in with the
printer agent information.
Printer URL: The URL created for the printer when IPP is enabled for
the printer. You should not need to change the URL.
Mouse Over Text: By default, displays the printer agents name. You can
override this information by entering the text you want to display when a
user moves the mouse over the Printer icon.
24

103-000136-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
8 (Optional) In the Printer Caption field, enter the information to display,
using Enter to parse the information onto multiple lines.

9 Repeat Step 4 through Step 8 and to add additional printers to your map.
10 To edit a printers information, click the desired printers icon and then
edit the printer information fields.

To deselect a Printer icon while in the map, click anywhere in the design
area.
11 Click Save, and save the Map to SYS:LOGIN\IPPDOCS.
WARNING: If you click Refresh or exit Internet Explorer without saving the map,
all changes since the last time the map was saved will be lost.
To retrieve and modify an existing map file, click Open and browse to the
directory where the map is located.
Adding Printers from Different Print Service Managers
You can add printers from different print services managers to the same map.
Add the printers from the first print services manager. Then click the Browse
icon and select a different manager.
If you need to add or modify printers from a previously used print services
manager, click a Printer icon from that manager and the Printer List will be
populated with printers from that manager.
Hosting the Maps on a Web Server
After creating your maps, you need to post them on a Web server. Copy the
contents of the \IPPDOCS directory and its subdirectories to the Web server
in order for your maps and iPrint to work properly. You can link to your maps
from your companys internal Web page or send the URL out to your users.
Customizing iPrint

103-000136-001
August 31, 2001
Novell Confidential
25
Manual
99a
38
July 17, 2001
Using the Keyboard with iPrint Map Designer
You can use the keyboard to create maps using iPrint Map Designer. The table
below lists the tasks to complete and the corresponding keystrokes required.
Table 1
Using the Keyboard

Task
Press
Move between fields
Tab
Insert printer icon
Insert key
Before you can insert a priner, your focus

must be the design area.
Move printer icon within the design area
Arrow keys
Select a field
Enter
Creating Printer Lists

Printer lists allow users to select printers using categories that are meaningful
to them. For example, you could create a list of printers by building location,
department names, eDirectory Context, etc.iPrint provides a defalut list of
printers organized by print services manager. To create a custom list you will
have to use an HTML editor and create links to the printers IPP URL. This
URL is displayed when you enable IPP for a printer.
To view a printers URL, do the following:
2 Browse to and select the printer you want.
The printers URL is displayed under Accepted IPP URL.
26

103-000136-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Customizing the HTML Interface

You can edit any of the HTML files provided or you can create your own to
customize iPrint for your environment. The HTML files are installed in the
SYS:LOGIN\IPPDOCS directory. For information on the HTML interface,
see Appendix A, Configuring the HTML Interface, on page 33.
Some examples of ways to present printers to users are located in the
SYS:LOGIN\IPPDOCS\EXAMPLES directory:
Example 1 shows a fully graphical interface for locating and installing
printers using standard HTML. This type of approach can also be created
using the iPrint Map Designer. For more information, see Using the
iPrint Map Designer on page 23. Using your Web browser, view this
example from
SYS:\LOGIN\IPPDOCS\EXAMPLES\EXAMPLE1\INNERWEB.HTM
Example 2 shows a lower maintenance approach for locating and
installing printers using standard HTML. Using your Web browser, view
this example from
SYS:\LOGIN\IPPDOCS\EXAMPLES\EXAMPLE2\INNERWEB.HTM
Printer Availability on Workstations

You might want printers to remove themselves automatically from a
workstation. For example, you have a printer in your lobby for customers to
use. When the customer leaves, you want the printer to be removed from the
customers laptop. Setting the persistence of the printer allows you to
automatically remove the printer when the customer reboots his laptop.
Complete the following to set the persistence of a printer:
1 Using a text editor, open SYS:\LOGIN\IPPDOCS\INST.HTM.
2 Edit the file by searching for "persistence=".
The setting occurs twice: once for Internet Explorer and once for
Netscape browsers.
3 Replace the printer setting value, located after the comma (,) with reboot.
4 Save the file.
Customizing iPrint

103-000136-001
August 31, 2001
Novell Confidential
27
Manual
99a
38
July 17, 2001
Printer Driver Default Install Options

You can change the default options for the printer driver when it is installed
on the workstation. For example, you might want the printer driver default for
paper size to be 8-1/2 x 11. This means every time the printer and
corresponding driver is installed on a workstation, the paper size is set at 8-1/
2 x 11. If this printer is being deployed in a company like a law office, you
might want the printer driver to default to 8-1/2 x 14 so users will not have to
change this setting when they print.
Complete the following steps to change the printer driver default settings:
1 Using a text editor, open SYS:\LOGIN\IPPDOCS\INST.HTM.
2 Edit the file by searching for PARAM NAME= .
The setting occurs twice: once for Internet Explorer and once for
Netscape browsers.
3 Replace the value= setting located after the colon(:) with the value you
want.
Table 2
28
Driver Default Setting Options

Printer Setting
Acceptable Parameter Values
Orientation
landscape, portrait
Paper size
letter, lettersmall, tabloid, ledger, legal,

statement, executive, A3, A4, A4small, A5,
B4, B5, folio, quatro, 10x14, 11x17, note,
env_10, env_12, env_14, csheet, dsheet,
esheet, env_dl, env_c5, env_c4, env_c3,
env_c65, env_b5, env_b6, env_italy,
env_monarch, env_personal, fanfold_us,
fanfold_std_german, fanfold_lgl_german,
iso_b4, japanese_postcard, 9x11, 10x11,
15x11, env_invite, letter_extra, legal_extra,
tabloid_extra, A4_extra,
letter_extra_transverse, a_plus, b_plus,
letter_plus, A4_plus, A5_transverse,
B5_transverse, A3_extra, A5_extra,
B5_extra, A2, A3_transverse,
A3_extra_transverse
Copies
Enter the number of copies you want

printed.

103-000136-001
August 31, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Printer Setting
Acceptable Parameter Values
Color
yes=color
no or false=monochrome
Duplex
simplex, horizontal, vertical
Collate
yes or true=collate
no=do not collate
4 Save the file.
Customizing iPrint

103-000136-001
August 31, 2001
Novell Confidential
29
Manual
30

103-000136-001
August 31, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
Setting Up a Secure Printing

Environment
Setting up a secure printing environment can be done on three different levels.
Access Control lets you assign users to a User, Operator or Manager role
to control printers, print services managers, and brokers. For more
information, see Managing Printing Security in the Novell Distributed
Print Services Administration Guide.
Printer Security For more information, see Setting Printer Security
Levels in the Novell Distributed Print Services Administration Guide.
Using SSL with iPrint requires users to authenticate before installing
and printing to a printer. For more informaiton, see Secure Printing
Using SSL on page 31.
Secure Printing Using SSL

Secure printing takes advantage of SSL, which requires users to authenticate
using their eDirectory usernames and passwords. Users authenticate once
per eDirectory tree per session. The print data is encrypted, and all print
communication uses port 443. Without secure printing, the printer is available
to anyone inside the firewall on the network and the print data is not
encrypted. Secure printing works in conjunction with the security level set for
the printer.
The following table shows how access is determined, depending on the level
of printer security and if secure printing is enabled or disabled.
Setting Up a Secure Printing Environment

103-000136-001
August 31, 2001
Novell Confidential
31
Manual
Table 3
99a
38
July 17, 2001
Effects of Printer Security with Secure Printing Enabled
Printer Security Level Secure Printing Disabled (No SSL)
Secure Printing Enabled (With SSL)
Low
Full access
eDirectory authentication
Medium
Check of users effective rights
eDirectory authentication and

check of user's effective rights
High
Users must use SSL and

authenticate to eDirectory
eDirectory authentication, check

users effective rights, and
connection verification
Users will receive an error if they

do not use SSL
For more information on Printer Security Levels, see Setting Printer Security
Levels in the Novell Distributed Print Services Administration Guide.
32

103-000136-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

This appendix discusses the HTML parameters and operations used in the
iPrint interface. This information is provided to give developers insight into
how to customize their HTML files.
Using this information, HTML developers can edit iPrint Web pages to
customize them for their companies.
The iPrint HTML files are located in the SYS:\LOGIN\IPPDOCS directory.
iPrint Client HTML Interface Description

The list of operations and identifiers is the same for each browser. The printer
name and the operation to be performed are required parameters for all
operations except op-client-interface version on page 41 and op-clientversion-info on page 41. All other parameters are operation-specific or
optional. Operation-specific parameters that are used out of context are
ignored.
If the desired output from the plug-in is HTML, a frameset needs to be used.
This is to prevent some browsers from failing when they try to write to the
document that invoked the plug-in. The name of the frame to receive the
HTML page generated by the plug-in can be passed in using the target frame
option. This target frame needs to be a named frame in the same frameset as
the frame invoking the plug-in.

103-000136-001
August 31, 2001
Novell Confidential
33
Manual
99a
38
July 17, 2001
Internet Explorer Browser Customization

HTML Script Example on page 34
HTML Code Example on page 35
HTML Script Example
The ExecuteRequest() operation simplifies HTML coding when working with

Internet Explorer. It lets you pass/get information from the iPrint without
having to reload a Web page.
A result type called object is implemented and should be used only in
conjunction with ExecuteRequest(). You can use ExecuteRequest and have it
return results via HTML, URL, message box, or cookie. All data can be passed
via the ExecuteRequest() second parameter. The first parameter is the
operation. Both of the parameters are strings.
Syntax:
variable=variable.ExecuteRequest("operation_string",additional_operation
strings);
<object ID=iPrintAccess classid=clsid:36723f97-7aa0-11d48919-ff2d71d0d32c>
</object>
<script Language="javascript1.1">
var pStatus;
var params;
params = "printer-url=" + printerNameHere + "&resulttype=object"
pStatus=iPrintAccess.ExecuteRequest("op-printer-get-status",
params);
alert(pStatus);
</script>
34

103-000136-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
HTML Code Example
The following defines the interface between HTML pages and the browser
plug-in. The HTML element <OBJECT> is used to invoke the Internet
Explorer plug-in (IENIPP.OCX).
<OBJECT ID=TESTID
CLASSID="clsid:36723f97-7aa0-11d4-8919-FF2D71D0D32C"
CODEBASE=v:\src\work\bart\ipp\ieNIpp\final\novipp.ocx>
<PARAM NAME=operation VALUE=op-printer-get-status>
<PARAM NAME=printer-url VALUE=http://100.100.100.100/ipp/
lpr>
<PARAM NAME=result-type VALUE=html>
<PARAM NAME=target-frame VALUE=displayFrameName>
</OBJECT>
Netscape Browser Customization

The following defines the interface between HTML pages and the browser
plug-in. The HTML element <EMBED> is used to invoke the Netscape plugin (NPNIPP.DLL).
<EMBED TYPE=application/x-Novell-ipp
width=100
height=30
operation=op-printer-get-status
printer-url=http://1100.100.100.100/ipp/lpr
result-type=html
target-frame=displayFrameName
>

103-000136-001
August 31, 2001
Novell Confidential
35
Manual
99a
38
July 17, 2001
HTML Parameters
The following parameters can be used to enhance the iPrint HTML pages. The
parameters are used in the HTML files as PARAM NAME=parameter
VALUE=identifier statements.
call-back-url (page 36)
debug (page 36)
driver-options (page 37)
error-type (page 37)
file-path-name (page 37)
job-list (page 38)
job-list-options (page 38)
persistence (page 38)
printer-url (page 39)
result-type (page 39)
target-frame (page 39)
call-back-url
Used to target the results from the onchange JavaScript function associated
with selecting jobs from the job list. The JavaScript function causes the
browser to reload the indicated control frame passing the list of selected jobs
as a parameter.
Example:
PARAM NAME=call-back-url VALUE=CONTROL.HTM
debug
If debug is set to True, message boxes with debug and profiling information
are displayed.
Example: PARAM NAME=debug VALUE=true
36

103-000136-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
driver-options
As a printer is being installed, the plugi-n can optionally set some default
driver options. For a list of driver options, see Table 2, Driver Default Setting
Options, on page 28
Example:
PARAM NAME=driver-options
VALUE=papersize:A4;duplex:vertical;color:false
error-type
Used to tell the plug-in how to report errors associated with the requested
operation. The plug-in has the ability to return the errors in.
Option
Description
none
No response.
msgBox
Display results in a message box.
html
Display results as an HTML page generated by the plug-in.
cookie
Put the error information in a cookie.
url
Pass the results as a url parameter.
The plug-in defaults to the same reply mechanism that is specified in resultstype if error-type is not specified.
Example:
PARAM NAME=error-type VALUE=html
file-path-name
Specifies a printer ready file that can be passed to the plug-in for printing. This
mechanism bypasses the print provider and the print driver. The printer does
not need to be installed on the workstation to use this operation.
Example:
PARAM NAME= file-path-name VALUE=directory path\filename

103-000136-001
August 31, 2001
Novell Confidential
37
Manual
99a
38
July 17, 2001
job-list
The plug-in can perform several operations on jobs. job-list is a commadelimited string of job IDs to indicate which jobs to operate on. A job list with
the job ID of -1 is equivalent to selecting all jobs
Example:
PARAM NAME=job-list VALUE=3,5,7
job-list-options
When the plug-in creates the HTML for job-list, it can add buttons to allow
the user to hold, resume, delete, or display information for selected jobs. This
parameter is used to specify which buttons to display and support.
The following are the possible buttons:
op-job-hold (page 42)
op-job-hold-release (page 42)
op-job-cancel (page 41)
op-job-get-info (page 42)
Example:
PARAM NAME=job-list-options VALUE= op-job-hold,op-job-holdrelease,op-job-cancel, op-job-get-info
persistence
Printer installation can be temporary or permanent. If not specified,
persistence defaults to persistent. Persistence is used to indicate the duration
the printer is to be installed for. The choices include the following:
38
Option
Description
persistent
Printer will not be removed.
volatile-reboot
Printer will be removed as the workstation reboots.
volatile-date-time
Printer will be removed at the indicated time (year,

month, day, hour, minute).

103-000136-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Examples:
PARAM NAME=persistence VALUE=volatile-reboot
PARAM NAME=persistence VALUE=volatile-date-time:2001,3,22,8,30
printer-url
Indicates which printer the operation should be directed to.
Example:
PARAM NAME= printer-url VALUE=ipp://DNS name/ipp/printername
result-type
Used to tell the plug-in how to report the results of the requested operation.
The plug-in has the ability to return the results in one of the following ways:
Option
Description
none
No response.
msgBox
Displays results in a message box.
html
Displays results as an HTML page generated by the

plug-in.
cookie
Puts the results in a cookie.
url
Passes the results as a url parameter.
The plug-in defaults to none if results-type is not specified.

Example:
PARAM NAME=result-type VALUE=html
target-frame
Used to specify the name of the frame in which to put the results and/or error
information into. If the operation results type is url, the target frame will be the
one reloaded with the indicated URL.
Example:
PARAM NAME=target-frame VALUE=FrameName

103-000136-001
August 31, 2001
Novell Confidential
39
Manual
99a
38
July 17, 2001
Supported Operations Strings

All requests to the plug-in have two required parameters. The first is
operation, and the second is results-type. All operations except op-clientinterface-version and op-client-version-info require the parameter printer-url.
All requests support the optional parameter error-type.
With the exception of op-printer-send-test-page and op-printer-remove the
printer does not need to be installed to use the following operations:
op-client-interface version (page 41)
op-client-is-printer-installed (page 41)
op-client-version-info (page 41)
op-job-cancel (page 41)
op-job-get-info (page 42)
op-job-hold (page 42)
op-job-hold-release (page 42)
op-printer-get-info (page 43)
op-printer-get-status (page 43)
op-printer-install (page 43)
op-printer-list-all-jobs (page 44)
op-printer-pause (page 44)
op-printer-purge-jobs (page 44)
op-printer-remove (page 44)
op-printer-resume (page 45)
op-printer-send-file (page 45)
op-printer-send-test-page (page 45)
40

103-000136-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
op-client-interface version
Description:
Determines a version associated with the plug-ins HTML

interface. Can also determine if a client upgrade needs to be
invoked or for any other client plug-in/HTML file compatibility
issues.
Required
information:
None
Supported
return types:
URL, Cookie
op-client-is-printer-installed
Description:
Determines if the indicated printer is installed on the

workstation.
Required
information:
Printer URL
Supported
return types:
URL, Cookie
op-client-version-info
Description:
Determines the version of the Novell iPrint Client files running

on the workstation.
Required
information:
None
Supported
return types:
Cookie, URL, Object
Description:
Deletes the indicated jobs.
Required
information
Printer URL, job-list
Supported
return types:
None, Message box, HTML, URL, Cookie
op-job-cancel

103-000136-001
August 31, 2001
Novell Confidential
41
Manual
99a
38
July 17, 2001
op-job-get-info
Description:
Gets job information for indicated jobs. The information

returned depends on the printer's capabilities. This information
can include job name, ID, owner, size, bytes processed, hold
until, priority, time created, time started printing, and time
finished printing.
Required
information:
Supported
return types:
Message box, HTML, URL, Cookie
Description:
Put sa hold on the indicated jobs. A job that is printing might not
be held.
Required
information:
Supported
return types:
op-job-hold
Supported parameter is indefinite.
op-job-hold-release
42
Description:
Removes the hold on the indicated jobs.
Required
information:
Supported
return types:

103-000136-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
op-printer-get-info
Description:
Gets additional information about the printer. The information

returned depends on the printer's capabilities. This information
can include printer location, printer make and model, and
supported document formats (PDLs).
Required
information:
Printer URL
Supported
return types:
op-printer-get-status
Description:
Gets status information from the indicated printer. The

information returned depends on the printers capabilities.
Status can include printer state, printer state reasons, printer
state message, printer accepting jobs, and printer job count.
Required
information:
Printer URL
Supported
return types:
op-printer-install
Description:
Installs the indicated printer to this workstation.
Required
information:
Printer URL
Optional
information:
driver-options, persistence
Supported
return types:

103-000136-001
August 31, 2001
Novell Confidential
43
Manual
99a
38
July 17, 2001
op-printer-list-all-jobs
Description:
Lists jobs for this printer.
Required
information:
Printer URL
Supported
return types:
op-printer-pause
Description:
Pauses the printer. If results are requested for this operation,

the op-printer-get-status operation is executed to provide the
new printer status.
Required
information:
Printer URL
Supported
return types:
op-printer-purge-jobs
Description:
Deletes all jobs for this printer.
Required
information:
Printer URL
Supported
return types:
op-printer-remove
44
Description:
Deletes the indicated printer from this workstation.
Required
information:
Printer URL
Supported
return types:

103-000136-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
op-printer-resume
Description:
Resumes the printer. If results are requested for this operation,

the op-printer-get-status operation is executed to provide the
new printer status.
Required
information:
Printer URL
Supported
return types:
op-printer-send-file
Description:
Sends a printer-ready file to this printer.
Required
information:
Printer URL, file-path-name
Supported
return types:
op-printer-send-test-page
Description:
Sends a test page to this printer.
Required
information:
Printer URL
Supported
return types:

103-000136-001
August 31, 2001
Novell Confidential
45
Manual
46

103-000136-001
August 31, 2001
Novell Confidential
99a
38
July 17, 2001
Novell Distributed Print Services Administration Guide
Novell
NetWare 6
www.novell.com
N O V E L L D I S T R I B U T E D P R I N T S E RV I C E S
August 31, 2001

Novell Confidential
Manual
99a
July 17, 2001
38
Contents
Welcome to Novell Distributed Print Services
11
Understanding Novell Distributed Print Services
13
Overview of NDPS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Bi-directional Feedback and Control . . . . . . . . . . . . . . . . . . .
Configurable Event Notification. . . . . . . . . . . . . . . . . . . . . .
Tight Integration with eDirectory . . . . . . . . . . . . . . . . . . . . .
Automatic Printer Driver Download and End User Convenience . . . . .
Printer and Job Configuration Options . . . . . . . . . . . . . . . . . .
Job Scheduling Options . . . . . . . . . . . . . . . . . . . . . . . . .
Protocol Independence . . . . . . . . . . . . . . . . . . . . . . . . . .
Compatibility with Multiple Clients, Applications, and Operating Systems
Support for Existing Printers (Full Backward Compatibility) . . . . . . .
Comparing NDPS with Queue-Based Print Services . . . . . . . . . . . .
Understanding NDPS Printers . . . . . . . . . . . . . . . . . . . . . . . .
Understanding the Architecture of NDPS . . . . . . . . . . . . . . . . . .
Understanding Printer Agents . . . . . . . . . . . . . . . . . . . . . . . .
Understanding the NDPS Manager . . . . . . . . . . . . . . . . . . . . .
Where to Place NDPS Managers. . . . . . . . . . . . . . . . . . . . .
Understanding Printer Gateways. . . . . . . . . . . . . . . . . . . . . . .
Understanding the Broker . . . . . . . . . . . . . . . . . . . . . . . . . .
Understanding the Service Registry Service . . . . . . . . . . . . . . .
Understanding the Event Notification Service . . . . . . . . . . . . . .
Understanding the Resource Management Service . . . . . . . . . . .
Where to Place NDPS Brokers . . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Planning the Migration to Novell Distributed Print Services

Establishing a Planning Base . . . . . . . . . . .
Assessing Your Current Printing Environment .
Identifying Critical Planning Issues . . . . . . .
Designing Your New System . . . . . . . . . .
Determining Your Implementation Strategy . . . .
General Transition Guidelines . . . . . . . . .
Making the Transition Gradually . . . . . . . .
Maintaining Your Queues during the Transition
Understanding Your Implementation Options .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
13
14
15
16
16
17
17
17
17
18
19
20
21
22
24
25
25
27
28
29
31
32
35
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Contents

103-000137-001
August 31, 2001
Novell Confidential
35
36
37
39
40
40
41
42
44
Manual
Using Legacy Printers and NDPS Gateways . . . . .

Printing through Third-party Gateways . . . . . .
Printing through the Novell Gateway . . . . . . .
Using Printers with Embedded NDPS Technology . .
Migration Scenarios . . . . . . . . . . . . . . . . . .
Migrating from Queue-Based Printing to NDPS . .
Migrating from IPX-Based NDPS to IP-based NDPS .
Migrating an IPX-Based Third-Party Gateway to IP
Migrating a Printer in RP Mode to IP . . . . . . .
Migrating a Printer in QServer Mode to IP . . . . .
Migrating from NFS to NDPS . . . . . . . . . . . . .
NetWare-to-UNIX Printing . . . . . . . . . . . . .
UNIX-to-NetWare Printing . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
44
45
46
47
48
48
50
51
51
53
53
54
55
57
Managing Printers
58
59
60
60
60
60
61
61
62
63
63
64
65
65
67
68
69
69
69
70
70
70
71
Managing Print Jobs. . . . . . . . .

Viewing Print Job Information . .
Deleting Print Jobs . . . . . . . .
Changing the Order of Print Jobs
Moving Print Jobs . . . . . . . .
Modifying Print Jobs . . . . . . .
July 17, 2001
38
Setting Up a New NDPS Printing System

Getting Started . . . . . . . . . . . . . . . . . . . .
Setting Up NDPS on Your Servers . . . . . . . . . .
Rights Required for Configuring NDPS Installation
Using iManage . . . . . . . . . . . . . . . . . . .
Changing the Location of a Broker . . . . . . . .
Updating the AUTOEXEC.NCF File . . . . . . . .
Creating NDPS Brokers . . . . . . . . . . . . . . . .
Creating NDPS Manager . . . . . . . . . . . . . . .
Creating NDPS Printers . . . . . . . . . . . . . . . .
Prerequisites . . . . . . . . . . . . . . . . . . . .
Procedure . . . . . . . . . . . . . . . . . . . . .
Configuring LPR Printers . . . . . . . . . . . . . . .
Setting Up NDPS Printers to Service Legacy Queues
Configuring Queue-Based Printers . . . . . . . . . .
Using Bindery Reference Queues . . . . . . . . .
Printing from Macintosh Workstations . . . . . . . .
Setting Up LPR Clients on UNIX . . . . . . . . . . .
Preparing Client Workstations to Use NDPS . . . . .
Installing the Novell Client . . . . . . . . . . . . .
Enabling NDPS on a Previously Installed Client . .
Adding NDPS Printers . . . . . . . . . . . . . . .
Removing CAPTURE Statements . . . . . . . . .
99a
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

103-000137-001
August 31, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
71
72
72
72
73
73
Manual
99a
Installing Printers on Workstations . . . . . . . . . . .

Designating Printers to Be Automatically Installed .
Designating a Default Printer . . . . . . . . . . . .
Using Remote Printer Management . . . . . . . . . .
How Remote Printer Management Works . . . . .
Accessing Remote Printer Management . . . . . .
Setting Up Printer Configurations . . . . . . . . . . .
Creating Configurations . . . . . . . . . . . . . .
Configuration Options . . . . . . . . . . . . . . .
Modifying Configurations . . . . . . . . . . . . . .
Setting Configuration Locks . . . . . . . . . . . .
Optimizing Event Notification. . . . . . . . . . . . . .
Notification Types. . . . . . . . . . . . . . . . . .
Delivery Methods . . . . . . . . . . . . . . . . . .
Configuring Job-Owner Notification . . . . . . . .
Configuring Interested-Party Notification . . . . . .
Setting Print Job Spooling . . . . . . . . . . . . . . .
Supporting Queue-Based Client Workstations . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Managing the Print Services Manager

Optimizing Fault Tolerance. . . . . . . . . .
Modifying the Database Backup Options .
Restoring a Database from eDirectory . .
Moving the NDPS Manager . . . . . . . . .
NDPS Manager Startup Switches . . . . . .
July 17, 2001
38
74
75
75
75
76
76
77
78
78
80
81
82
82
83
83
84
85
86
87
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Managing the Broker

Adding or Updating Brokered Resources . . . . . . . . .
Adding Banner Pages . . . . . . . . . . . . . . . . . . .
Adding Banners to the Resource Management Service
What Printer Types Support What Kind of Banner . . .
Creating Banner Files . . . . . . . . . . . . . . . . .
Adding or Updating Printer Drivers. . . . . . . . . . . . .
Prerequisite . . . . . . . . . . . . . . . . . . . . . . .
Procedure. . . . . . . . . . . . . . . . . . . . . . . .
Enabling Event Notification Delivery Methods . . . . . . .
Enabling and Disabling Brokered Services . . . . . . . .
Reconfiguring an NDPS Broker . . . . . . . . . . . . . .
Prerequisites . . . . . . . . . . . . . . . . . . . . . .
Procedure. . . . . . . . . . . . . . . . . . . . . . . .
Broker Startup Switches . . . . . . . . . . . . . . . . . .
87
88
88
88
89
91
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Contents

103-000137-001
August 31, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
91
92
93
93
93
96
96
96
97
98
99
99
100
101
Manual
99a
Managing Printing Security

Setting Printer Security Levels . . . . . . . . . . . . . . . . . . . . . . .
Setting Access Control for NDPS Printers. . . . . . . . . . . . . . . . . .
Printer Access Control Roles . . . . . . . . . . . . . . . . . . . . . .
Assigning Printer Access Control Roles through NDPS Printer Objects.
Assigning Printer Access Control Roles through User Objects . . . . .
Planning Your Printer Connections and Locations for Better Security. .
Setting Access Control for NDPS Manager . . . . . . . . . . . . . . . . .
NDPS Manager Access Control Role . . . . . . . . . . . . . . . . . .
Assigning the Manager Role for NDPS Managers. . . . . . . . . . . .
Setting Access Control for NDPS Brokers. . . . . . . . . . . . . . . . . .
Broker Access Control Roles . . . . . . . . . . . . . . . . . . . . . .
Assigning Managers for NDPS Brokers . . . . . . . . . . . . . . . . .
103
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Troubleshooting Your Print System

Initial Troubleshooting Steps . . . . . . . . . . . . . . . . . . . . . . . .
A1. Attempt to resolve the error and try again . . . . . . . . . . . . . .
A2. Try some quick fixes . . . . . . . . . . . . . . . . . . . . . . . . .
A3. Determining your printing environment . . . . . . . . . . . . . . .
A4. All queue-based environment . . . . . . . . . . . . . . . . . . . .
A5. All NDPS environment . . . . . . . . . . . . . . . . . . . . . . . .
A6. Mixed NDPS and queue-based environment . . . . . . . . . . . .
Narrowing Your Focus. . . . . . . . . . . . . . . . . . . . . . . . . . . .
B1. Send job to same printer from other workstations . . . . . . . . . .
B2. Has workstation printed to this printer before? . . . . . . . . . . .
B3. Gather information on setup and configuration . . . . . . . . . . .
B4. Has printing ever worked with the current configuration? . . . . . .
Determining Your Platform When Problem Affects Only One Workstation .
C1. Are queues being serviced by an NDPS printer? . . . . . . . . . .
C2. All queue-based printing. . . . . . . . . . . . . . . . . . . . . . .
C3. Queue-NDPS integration . . . . . . . . . . . . . . . . . . . . . .
C4. Look in iManage for NDPS Printer objects . . . . . . . . . . . . .
Isolating Printing Problems Affecting Only One Windows Workstation . . .
D1. Check status of printer in Windows Control Panel . . . . . . . . .
D2. Check to see what network object the installed printer is servicing .
D3. Check status of printer in NDPS Manager. . . . . . . . . . . . . .
D4. Determine problem from error message. . . . . . . . . . . . . . .
D5. NetWare queue object. . . . . . . . . . . . . . . . . . . . . . . .
D6. Are queues going to an NDPS printer? . . . . . . . . . . . . . . .
D7. Queue-NDPS integration . . . . . . . . . . . . . . . . . . . . . .
D8. All queue-based printing. . . . . . . . . . . . . . . . . . . . . . .
D9. Printer is set for working offline . . . . . . . . . . . . . . . . . . .
D10. Other possibilities . . . . . . . . . . . . . . . . . . . . . . . . .
July 17, 2001
38
104
105
105
107
107
108
108
108
109
110
110
110
111

103-000137-001
August 31, 2001
Novell Confidential
112
113
113
114
114
115
115
116
117
117
117
117
118
119
119
119
119
120
121
121
121
121
121
122
122
122
122
122
Manual
99a
38
Tracking Jobs from a Workstation . . . . . . . . . . . . . . . . . . . . . .

E1. Pause output of NDPS printer . . . . . . . . . . . . . . . . . . . .
E2. Check job list in iManager . . . . . . . . . . . . . . . . . . . . . .
E3. Resume printer output . . . . . . . . . . . . . . . . . . . . . . . .
E4. Job printed this time but nothing was changed. . . . . . . . . . . .
E5. Job did not print and is still in the job list . . . . . . . . . . . . . . .
E6. Job did not print but is no longer in the job list . . . . . . . . . . . .
Checking Printer Output and Using Test Files . . . . . . . . . . . . . . . .
F1. Check availability of network printer . . . . . . . . . . . . . . . . .
F2. Check for error messages . . . . . . . . . . . . . . . . . . . . . .
F3. Test file prints but jobs from application do not. . . . . . . . . . . .
F4. Job is being held in spooler . . . . . . . . . . . . . . . . . . . . .
F5. Job did not print but is no longer in the job list . . . . . . . . . . . .
Printing Problems Affecting All Users . . . . . . . . . . . . . . . . . . . .
G1. Determine severity and scope of printing problems . . . . . . . . .
G2. No print jobs are printing from any networked printer . . . . . . . .
G3. No print jobs are coming from a specific printer . . . . . . . . . . .
G4. Jobs are printing slowly or are corrupted . . . . . . . . . . . . . .
G5. Check status of NDPS Printer in iManage . . . . . . . . . . . . . .
G6. A problem is identified in an error message . . . . . . . . . . . . .
G7. Jobs are getting to the job list but the printer is unable to print them
Problems Integrating with Queue-Based Components . . . . . . . . . . .
H1. Check the printer's spooling configuration . . . . . . . . . . . . . .
H2. Reconfigure spooling for this printer . . . . . . . . . . . . . . . . .
H3. Check the job list for the queue . . . . . . . . . . . . . . . . . . .
H4. Make sure the job is being redirected to the queue properly. . . . .
9
A
July 17, 2001
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
123
124
124
124
125
125
125
126
127
127
127
127
127
128
130
130
130
130
131
131
131
132
133
133
133
133
Selecting the Correct Gateway to Use
135
Using Third-party Gateways . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
136
Configuring Remote Printers
137
Configuring Remote Printers Using NPRINTER . . . . . . . . . . . . . . . . . . . . . . . . .

Configuring Remote Printers Running in RP Mode . . . . . . . . . . . . . . . . . . . . . . .
Configuring Remote Printers Running in LPR Mode . . . . . . . . . . . . . . . . . . . . . . .
137
139
140
Contents

103-000137-001
August 31, 2001
Novell Confidential
Manual
10
99a
38

103-000137-001
August 31, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001

Novell Distributed Print ServicesTM (NDPS) offers improvements over
Novell's legacy queue-based print service architecture. NDPS was designed to
handle the increased complexity of managing modern printers in a network
environment and to exploit the new functionality offered by these printers.
The power and versatility of NDPS will help you get the most out of your
printing resources, whether you're in a small workgroup or an enterprise-wide
system.
NDPS works in conjuction with iPrint to allow true location-based printing.
With iPrint, users use their Web browser to locate and install printers and their
print drivers on their workstations. NDPS provides the infrastructure to move
the print jobs between the workstations and the printers.
NDPS is fully compatible with your existing queue-based printing resources,
which means that you can make the transition from your legacy printing setup
gradually.
For more information about migrating your queue-based system to NDPS, see
the Chapter 2, Planning the Migration to Novell Distributed Print Services,
on page 35.
The following information will assist you in understanding and setting up
NDPS:
Chapter 1, Understanding Novell Distributed Print Services, on page
13
Chapter 2, Planning the Migration to Novell Distributed Print Services,
on page 35
Chapter 3, Setting Up a New NDPS Printing System, on page 57
Chapter 4, Managing Printers, on page 71

103-000137-001
August 31, 2001
Novell Confidential
11
Manual
99a
38
July 17, 2001
Chapter 5, Managing the Print Services Manager, on page 87

Chapter 6, Managing the Broker, on page 91
Chapter 8, Troubleshooting Your Print System, on page 111
12

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Understanding Novell Distributed

Print Services
Novell Distributed Print ServicesTM (NDPS) is the default and preferred
print system in NetWare. It is designed to handle the increased complexity
of managing printing devices in any type of network environment, ranging in
size from small workgroups to enterprise-wide systems. NDPS allows you to
use iManage, Novells Web-based management tool. You can also designate
those printers for automatic installation on user workstations, without any
action by your users.
NDPS replaces the existing queue-based printing technology. You don't have
to set up print queues, printer objects, or print servers, and link them together.
Instead, all of your management tasks are focused on the printer itself, which
can be configured as an eDirectoryTM object.
To better understand how NDPS works, read the following sections:
Overview of NDPS on page 13
Comparing NDPS with Queue-Based Print Services on page 19
Understanding NDPS Printers on page 20
Understanding the Architecture of NDPS on page 21
Overview of NDPS
NDPS is the default and preferred print system in NetWare. Novell's legacy,
queue-based print system is also fully supported, which allows your users to
continue printing as they always have until you complete the transition to
NDPS. NDPS provides full support for IP-based as well as IPXTM-based
printing, giving you a wide variety of system configuration options to fit your
organization's specific needs.

103-000137-001
August 31, 2001
Novell Confidential
13
Manual
99a
38
July 17, 2001
Some of the most significant features of NDPS include the following:

Bi-directional Feedback and Control on page 14
Configurable Event Notification on page 15
Tight Integration with eDirectory on page 16
Automatic Printer Driver Download and End User Convenience on
page 16
Printer and Job Configuration Options on page 17
Job Scheduling Options on page 17
Protocol Independence on page 17
Compatibility with Multiple Clients, Applications, and Operating
Systems on page 17
Support for Existing Printers (Full Backward Compatibility) on page
18
Bi-directional Feedback and Control

Novell Distributed Print Services lets clients and printers exchange
information about printers and print jobs. For example, this interchange
allows users and administrators to get real-time information about a printer
such as
Its status
For example, it reports such information as whether the printer needs
toner or paper, whether it is online, and whether the lid is open.
Its configuration properties and features
For example, does it support color? Duplexing? How many pages has it
printed since it was last serviced?
NDPS also lets you view information about a print job's properties and status,
including
The number of copies being printed
Job hold and scheduling information
Notification when the job has actually been completed
14

103-000137-001
August 31, 2001
Novell Confidential
Manual
is the printer available?

what is the status of the printer?
what features are available?
how many copies are printing?
what media is being used?
has the job actually printed out?
99a
38
July 17, 2001
printer is available
toner is low
duplex, tabloid-size, color, . . .
five copies will be printed
upper tray, transparency
job has been printed
The bi-directional feedback provided by NDPS is limited only by the bidirectional capabilities of the printer itself. In many cases, NDPS actually
enhances information provided about printers that do not have bi-directional
capabilities.
Configurable Event Notification

With Novell Distributed Print Services, you can customize event notification.
Event notification allows you to specify who should be notified of an event or
problem, and how that person should be notified. It also allows you to identify
the specific events or problems that you want notification messages sent for.
For example, you can configure notification so that the owner of a print job
will receive a screen pop-up message when the job has actually been printed.
Print 5 copies of this job at the
color printer on the second floor at
3 p.m. and notify the department
admin when it is complete.
You can also ensure that the printer operator is notified when a problem such
as a paper jam occurs on the printer. Notification methods provided by NDPS
include pop-up screen messages, e-mail, and log file records, while thirdparties can develop other mechanisms such as beeper notification if they wish.

103-000137-001
August 31, 2001
Novell Confidential
15
Manual
99a
38
July 17, 2001
Tight Integration with eDirectory

Novell Distributed Print Services is designed to take full advantage of Novell
eDirectory. Integration with eDirectory allows you to create a single
eDirectory objectan NDPS Printer objectto represent each printer on the
network. As a Printer object, printers become as secure as the other objects in
the tree, and they are just as easy to manage.
In the eDirectory tree, printers can be conveniently grouped. For example, you
can group and manage all of your printers by department, workgroup, or
location. You can also search for printers with specific capabilities, because
those capabilities are properties of the NDPS printer object.
Automatic Printer Driver Download and End User Convenience

Not only does NDPS make printer management easier for you as an
administrator, it also makes printing easier for end users. NDPS provides a
database that includes drivers for most printers in common use today. From
this database, you can select drivers you want to be automatically installed on
client workstations when a user adds a printer. This eliminates the need for
users to provide the printer driver themselves. You can add drivers to this
database as they become available.
Printer driver database
Add
drivers
Server
Workstation
Auto-download
drivers
An NDPS client can also modify printer configurations. For example, a user
can configure a printer to use a different size paper or to print a cover page.
Users can change the properties of any installed printer that the administrator
has not locked. Also, using NDPS, users can view the current status of any
available printer to see how many print jobs are waiting to be printed before
they send their jobs. These NDPS features help make end-user printing easier
and more effective than the methods of the past.
16

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
From this list, you can select drivers you want to be automatically downloaded
and installed on client workstations. You can add drivers to this database as
they become available.
Printer and Job Configuration Options

The NDPS interface supports many printer options in common use today,
while the open architecture of NDPS allows printer manufacturers to add their
own custom interfaces for specific printers. This means that as new printer
features become available, you can access them through NDPS.
Job Scheduling Options

NDPS allows you to configure and schedule print jobs to be processed
according to time of day, job size, or media availability.
Protocol Independence
The entire NDPS architecture is protocol independent. NDPS can be used in
an IPX-based environment, a pure TCP/IP environment, or a combination of
both. The third-party gateways being developed to work with NDPS are also
protocol independent.
Most printers that support TCP/IP today do not have a discovery protocol like
SAP for IPX-based networks. The Service Locator Protocol (SLP) will
eventually be embedded in printers and will provide a discovery protocol that
can be used with NDPS.
Compatibility with Multiple Clients, Applications, and Operating

Systems
NDPS provides an enhanced Windows* client to take advantage of all of the
advanced features provided by NDPS. All clients that are not NDPS-aware
can still print to NDPS printers, and you can use all of your existing
applications with NDPS. Although your queue-based print clients won't be
able to take full advantage of the advanced features available in NDPS, they
won't lose any of the printing ability they have now. This backwardcompatibility feature of NDPS makes it well-suited for heterogeneous
networks.

103-000137-001
August 31, 2001
Novell Confidential
17
Manual
99a
July 17, 2001
38
Non-enhanced clients
NDPS
printer
DOS
OS/2
NON-NDPS
PRINT JOBS
Queue
Mac
Unix
Enhanced clients
Windows NT/2000
NDPS-aware
printer
Windows 95/98/ME
Server
ADVANCED NDPS FEATURES
Support for Existing Printers (Full Backward Compatibility)

NDPS lets you preserve your investment in your existing printing resources.
All clients can print to legacy printers. All currently available printers can be
used in NDPS environments. In fact, major printer manufacturers have
developed gateways for their existing printers to enable them to take
advantage of many new features available with NDPS.
18

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Comparing NDPS with Queue-Based Print Services

The architecture of Novell legacy queue-based print services was based on the
creation and linking of three components: printers, print queues, and print
servers. Setting up queue-based printing was often a complex task. In order to
print, users first had to capture the printer port. Then the client would redirect
the data to a file in a print queue, where it was stored while waiting to be sent
to a printer by the print server.
With NDPS, printer, print queue, and print server functions are combined into
a single entity called a Printer Agent. The need to create print queues has been
eliminated, and users send print jobs directly to printers.
Even though NDPS does not require queues, your networks might continue to
include queue-based printers and clients not currently supported by NDPS.
The backward compatibility of NDPS allows you to continue using these
queue-based services and resources transparently, as is illustrated in the
following scenarios:
You can print through NDPS to an existing queue, allowing you to access
systems that require a queue connection (for example, mainframe systems
using NetWare HostPrint and certain proprietary systems).
NDPS can service existing queues, allowing you to use NDPS on the
server even though your client platform is not currently running NDPS.
This allows you to install and run NDPS while you are changing your
client workstations to NDPS.
For a discussion of NDPS support for legacy printing, see Supporting QueueBased Client Workstations on page 86.
The following table summarizes the major differences between NDPS and
queue-based printing services.
Queue-Based (Legacy) Print Services
Novell Distributed Print Services
Administrators create and link print queues,

printers, and print servers, and users submit print
jobs to the queues. These three objects must be
maintained separately once the system is in place.
Administrators create Printer Agents, allowing

users to submit print jobs directly to printers. All
management functions are centered on the printer
itself.
Uni-directional communications only. Feedback

consists of pop-up windows reporting a
nonconfigurable set of events.
Bi-directional communications supported.

Configurable event notification includes e-mail,
pop-up windows, event logs and other methods,
including third-party methods such as beepers and
faxes. Events reported are limited only by a printer's
capability.

103-000137-001
August 31, 2001
Novell Confidential
19
Manual
99a
38
July 17, 2001
Queue-Based (Legacy) Print Services
Novell Distributed Print Services
Does not accommodate add-ons or extensions

from third parties.
Extensible framework for print devices, including

snap-in interfaces.
Administrators must create and configure Printer

objects manually. Plug-and-print public access
printing not available.
Plug-and-print option available for installing public

access printers using specially designed third-party
gateways.
Understanding NDPS Printers

NDPS printers can be any of the following types:
Network-direct printers using a gateway provided by a third-party printer
manufacturer
Remote printers using RP, LPR, or queue-based protocols
Local printers attached directly to a file server
Any printer, regardless of its physical type or connection mode, can be
configured as either a public access printer or a controlled access printer.
The following table compares the two types of printers.
Issue
Public Access Printers
Controlled Access Printers
Integration with
eDirectory
Not associated with an eDirectory

Printer object.
Associated with an eDirectory Printer

object.
Availability
Immediately available to everyone on

the network. Can be made
automatically available through thirdparty gateways or embedded
solutions.
Available only to network users who

have rights assigned to them.
Administration
Require minimal administrative

action.
Created and administered as an

eDirectory object.
Network security
No network security.
Full range of network security options

through eDirectory.
Event notification
Provide only job event notification.
Full range of event and status

notification options including e-mail, popup windows, event logs and third-party
methods, such as beepers and faxes.
20

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Understanding the Architecture of NDPS

The architecture of Novell Distributed Print Services ensures the scalability of
the printing environment, allowing you to print in LAN, WAN, and enterprise
document production environments. It also allows you to print to devices
ranging from simple dot-matrix printers to laser printers and large-scale
production devices.
eDirectory Object &

BROKER.NLM
Broker
NDPS Manager
Services
SERVICE
REGISTRY
PA
EVENT
NOTIFICATION
Printer Agent:
embedded
type
RESOURCE
MANAGEMENT
PA
3rdparty
gateway
PA
NDPS
gateway
eDirectory Object
& NDPSM.NLM
Printer Agent:
server-based
type
PH.NLM &
PDS.NLM
Third-party
gateway
NDPS-enabled
printer
Server
To understand exactly how NDPS works, you need to understand its major
architectural components. See the following sections for information on the
various components:
Understanding Printer Agents on page 22
Understanding the NDPS Manager on page 24
Understanding Printer Gateways on page 25
Understanding the Broker on page 27

103-000137-001
August 31, 2001
Novell Confidential
21
Manual
99a
38
July 17, 2001
Understanding Printer Agents

Before a printer can be incorporated into a NDPS printing environment, it
must be represented by a Printer Agent. No Printer Agent can represent more
than one printer, and no printer can be represented by more than one Printer
Agent.
The Printer Agent lies at the heart of NDPS, combining the functions
previously performed by a printer, print queue, print server, and spooler into
one intelligent and simplified entity.
The Printer Agent can be any of the following:
A software entity running on a server that represents a printer attached to
a server or workstation.
PA
PA
Server
Workstation
A software entity running on a server that represents a network-attached

printer.
PA
Server
Networkattached
printer
An entity embedded within a network-attached printer.

Networkattached
printer
22
PA

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
A Printer Agent provides the following services:

It manages the processing of print jobs and many operations performed
by the printer itself.
Manages job processing

PA
job
job
Client
Printer
It answers queries from network clients about a print job or document, or

about the attributes of the printer.
Client
query
Answers client
queries
PA
reply
It generates event notification so that interested parties can be notified of

job completion, printing problems, errors, or changes in the status of a
print job, document, or printer.
Notifies Users
PA
error
Client
error
Printer
For information about other major NDPS components, see the following:

103-000137-001
August 31, 2001
Novell Confidential
23
Manual
Broker
99a
38
July 17, 2001
NDPS Manager
Services
SERVICE
REGISTRY
EVENT
NOTIFICATION
RESOURCE
MANAGEMENT
PA
3rdparty
gateway
PA
NDPS
gateway
Understanding the NDPS Manager

A NDPS Manager provides a platform for Printer Agents that reside on the
server. An NDPS Manager must be created as an object in the eDirectory tree
before you can create server-based Printer Agents.
The NDPS Manager object stores information used by the NetWare Loadable
ModuleTM (NLMTM), NDPSM.NLM. You can manually load this NLM at the
server console.
A single NDPS Manager can control multiple Printer Agents. (There is no
hard limit.)
A specific NDPS Manager can be loaded only on one server. If it controls a
local printer, it must be loaded on the server that the local printer is attached to.
While you can perform some configuration and management tasks directly
through the NDPS Manager console interface, iManage is the main tool for
performing these tasks.
Broker
NDPS Manager
Services
SERVICE
REGISTRY
EVENT
NOTIFICATION
RESOURCE
MANAGEMENT
24
PA
3rdparty
gateway
PA
NDPS
gateway

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Where to Place NDPS Managers

Use the following guidelines to determine where and when to place an NDPS
Manager.
Only one NDPS Manager can be loaded per server. Load this resource
only on servers configured to service print jobs. The only exception to this
rule is any server which has a printer connected directly to it. In that case,
the NDPS Manager must be loaded on that server as well.
Whenever possible, place the NDPS Manager and the printers it controls
on the same LAN segment for optimal performance.
Whenever possible, consider assigning your Printer Agents to more than
one NDPS Manager so that the print load will be spread over multiple
servers. This will facilitate load balancing and reduce the possibility of a
single point of failure which would disable all printing on your network.
Understanding Printer Gateways

Gateways allow NDPS clients to send jobs to printers that are not NDPSaware (that is, printers that are not equipped with embedded NDPS Printer
Agents). You select and configure a printer gateway when you create a new
Printer Agent.
Gateways translate NDPS queries or commands to printer-specific language
that the physical printer can use. This is possible because gateways are
configured to know the specific type (make and model) of printer being used.
The following diagram illustrates a typical gateway configuration.
Third-party gateway
NDPS
client
Printer
Agent
Gateway
PA
GW
NDPS
server
Existing
printer
Third-party gateways are developed by printer manufacturers to support

printers directly attached to the network. Because these gateways are

103-000137-001
August 31, 2001
Novell Confidential
25
Manual
99a
38
July 17, 2001
developed to interact with specific proprietary printers, they can provide a

wider array of information and offer options that are not available for the
generic Novell gateway. Some third-party gateways provide utilities that can
be configured to automatically create Printer Agents when one of their printers
is attached to the network.
For more information, see Chapter 9, Selecting the Correct Gateway to Use,
on page 135.
The Novell gateway (illustrated below) supports LPR/LPD and IPP printing,
local and remote printers, including those using NPRINTER or queue-based
technology as well as those configured with RP mode enabled in IPX
environments or LPR mode enabled in TCP/IP environments.
Printer
Agent
PA
Novell Gateway
PDS
NDPS
server
PH
Local printer
attached to
server
NPRINTER
attached to
workstation or
remote server
The Novell gateway is designed to be used with printers that don't have an
embedded Printer Agent and don't yet have a proprietary, third-party gateway
provided for them by their manufacturers.
RP printers are those that support Novell's legacy Remote Printer protocol. It
is supported by many network-attached printers. LPR is a UNIX*-based
printing protocol used by network-attached printers in TCP/IP environments
to service jobs submitted to print queues.
26

103-000137-001
August 31, 2001
Novell Confidential
Manual
Broker
99a
38
July 17, 2001
NDPS Manager
Services
SERVICE
REGISTRY
EVENT
NOTIFICATION
RESOURCE
MANAGEMENT
PA
3rdparty
gateway
PA
NDPS
gateway
Understanding the Broker

The Broker provides three network support services not previously available
in NetWare: the Service Registry Service (SRS), Event Notification Service
(ENS), and Resource Management Service (RMS).
While these services are invisible to end users, network administrators should
be aware of them. NDPS uses these services in the following ways:
Service Registry Service. The Service Registry allows public access
printers to advertise themselves so that administrators and users can find
them. This service maintains information about device type, device name,
device address, and device-specific information such as the manufacturer
and model number. See Understanding the Service Registry Service on
page 28.
Event Notification Service. This service allows printers to send
customizable notifications to users and operators about printer events and
print job status. The Notification Service supports a variety of delivery
methods including NetWare pop-up, log file, e-mail, and programmatic.
See Understanding the Event Notification Service on page 29.
Resource Management Service. This service allows resources to be
installed in a central location and then downloaded to clients, printers, or
any other entity on the network that needs them. The Resource
Management Service supports adding, listing, and replacing resources
including printer drivers, printer definition (PDF) files, banners, and
fonts. See Understanding the Resource Management Service on page
31.

103-000137-001
August 31, 2001
Novell Confidential
27
Manual
Broker
99a
July 17, 2001
38
NDPS Manager
Services
SERVICE
REGISTRY
EVENT
NOTIFICATION
RESOURCE
MANAGEMENT
PA
3rdparty
gateway
PA
NDPS
gateway
Understanding the Service Registry Service

The Service Registry allows public access printers to advertise themselves so
that administrators and users can find them. This service maintains
information about device type, device name, device address, and devicespecific information such as the printer manufacturer and model number.
Service Registry
Broker
Public Access Printer

type
name
address
manufacturer
model number
etc.
Administrator
User
Before Novell Distributed Print Services (NDPS), each printer had to

periodically advertise its availability through the Service Advertising Protocol
(SAP), which was effective but created a lot of traffic on the wire.
The Service Registry Service helps minimize the network traffic problem
created by many printers advertising through the SAP. (For information on
turning off the SAP, see the documentation for your printer.) When you attach
a public access printer to the network, it registers with the SRS. When an
application or user wants to use a printer, it can contact an SRS and retrieve a
list of all registered printers on the network.
28

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NOTE: For IPX, the SRS uses SAP type 8202; for IP environments, it uses
Multicast.
Through the SRS, plug-and-print public access printers, as well as those

created manually, are immediately made available to users.
If there are multiple Service Registries running on the network, they
synchronize automatically. This synchronization allows users to choose public
access printers anywhere on the network.
In addition to printer information, the SRS also maintains lists of other
services available, such as Event Notification Services and Resource
Management Services. For more information, see Understanding the Event
Notification Service on page 29, Understanding the Resource Management
Service on page 31, and Enabling and Disabling Brokered Services on
page 98.
Understanding the Event Notification Service

Novell Distributed Print Services (NDPS) printers can be configured to
provide event notification regarding print jobs and printer status.
Administrators can configure event notification for interested parties, that is,
non-job-owners that you wish to be notified of a defined printer or server
event that occurs during the processing and printing of a job. See Configuring
Interested-Party Notification on page 84 for more information.
Notification Service
printer events,
print job status,
etc.
Broker
screen
pop-up
User
log
file
e-mail 3rd-party
notify
Operator

103-000137-001
August 31, 2001
Novell Confidential
29
Manual
99a
38
July 17, 2001
The Event Notification service supports both consumers of events (users) and
suppliers of events (printers). Users can register with the ENS by identifying
the types of events they want to be notified about, while the printer can register
the kinds of events it is capable of reporting. For example, the administrator
for a specific printer (by default a Manager of that printer) can designate an
Operator to be notified if the printer runs out of paper or if the toner is low.
Similarly, users can be notified when their jobs have finished printing.
Delivery Methods
The availability of the following delivery options is dependent on which of

them you have enabled. (See Enabling Event Notification Delivery
Methods on page 97 for more information.)
Pop-up notification. Messages will pop up on the screen for individuals
designated to receive them. (Pop-up notification is always enabled when
the ENS is enabled.)
SMTP notification. Messages will be sent to the recipient through SMTP
(Simple Mail Transfer Protocol) in IP-based systems.
Log file notification. Messages are written to a file at a designated
location on a NetWare server that the recipient has rights to.
Programmatic notification. Two programmatic notification delivery
methods are shipped with NDPS: SPXTM and RPC.
The open architecture of NDPS allows third parties to develop additional
delivery methods as well.
NDPS is enabled to work with SNMP. In addition, some third-party gateways
are SNMP-enabled independently of the NDPS software.
For more information about other brokered services, see the following:
Understanding the Service Registry Service on page 28
Understanding the Resource Management Service on page 31
30

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Understanding the Resource Management Service

This service allows resources to be installed in a central location and then
downloaded to clients, printers, or any other entity on the network that needs
that resource. It provides a single place where a variety of file types are stored
for immediate access by Novell Distributed Print Services (NDPS). The
Resource Management Service (RMS) supports adding, listing, and replacing
resources including printer drivers, printer definition files (PDFs), banners,
and fonts.
Resource Management Service
Broker
Allows adding,
listing,
or replacing
of . . .
drivers
banners definition
files
Resources
The Resource Management Service allows you to add, list, and replace the
following resources:
Banners (see Adding Banner Pages on page 92)
Windows printer drivers (see Adding or Updating Printer Drivers on
page 96)
Benefits
Some of the benefits offered by the Resource Management Service include

Improved resource sharing
More manageable resource distribution and updating

103-000137-001
August 31, 2001
Novell Confidential
31
Manual
99a
38
July 17, 2001
Automatic printer driver download from a central repository

Plug-and-print printer availability
Availability of network resources to applications through a common
interface
For more information about other brokered services, see the following:
Understanding the Service Registry Service on page 28
Understanding the Event Notification Service on page 29
Where to Place NDPS Brokers

Although the distribution of your Brokers is not really a critical issue initially,
you will probably want to give some thought to this issue as you do your
preliminary planning. You will not need to create a Broker on all of your
servers, but you will want your Brokers sufficiently well distributed so that
your brokered services (Service Registry Service, Event Notification Service,
and Resource Management Service) will be readily available on the system
when needed. When possible, you should run the Broker on the same server
as the NDPS Manager.
As you gain experience with your new system, you might want to add or delete
Brokers to optimize the efficiency of your system or to store your brokered
resources (maintained in the Resource Management database) where you want
them.
Given Novell's minimum design requirements, at least one Broker object
should be created at each physical WAN location. To clarify this statement,
let's take a quick look at the three services offered by the Broker object:
Service Registry Service (SRS), Event Notification Service (ENS), and
Resource Management Service (RMS). These services are transparent to end
users, administrators must be aware of them and understand how they affect
printing, LAN traffic, and the minimum implementation requirements needed.
Service Registry Service: The Service Registry Service allows public access
printers to advertise themselves so that end users can find them. This service
maintains information about device type, device name, device address, and
device-specific information such as the printer manufacturer and model
number. For more information, see Understanding the Service Registry
Service on page 28.
The following table summarizes the issues and recommendations regarding
SRS.
32

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Issue
Recommendations
Reliability of server / fault

tolerance
On multi-server networks, enable

at least two SRS per
network.Network traffic (network
layout) Enable at least one SR
per site (WAN link).
Memory
1MB base for SR, an additional

10KB per resource added (such
as NDPS Manager)
Event Notification Service: NDPS printers can be configured to provide

event notification of print jobs and printer status. Administrators can
configure event notification for all interested parties. That is, non-job owners
as well can be notified of a defined printer or server event which occurs during
the processing and printing of a job. For more information, see
Understanding the Event Notification Service on page 29
Here are the issues and recommendations relating to ENS.
Issue
Recommendations
Number of trees
Enable at least one ENS per tree.

tolerance
On multiserver networks, enable

at least two ENs per tree.
Performance
Enable additional ENS as

needed.
Methods availability
Make sure that the methods you

need are enabled for each ENS
you have installed. Novell
provides NetWare pop-up, log
file, e-mail, and programmatic
methods. Third parties can
develop other types of notification
methods as well.
Resource Management Service: This service allows resources to be installed

in a central location and then downloaded to clients, printers, or any other
entity on the network that needs that resource. It provides a single place where

103-000137-001
August 31, 2001
Novell Confidential
33
Manual
99a
38
July 17, 2001
a variety of file types are stored for immediate access by NDPS. For more
information, see Understanding the Resource Management Service on page
31.
34
Issue
Recommendations
Number of trees
Enable at least one RMS per tree.

tolerance
On multiserver networks, enable

at least two RMS per tree. Be
sure to keep the databases
synchronized after you have
created them
Disk Space
Allow 50 MB for each RMS to

ensure adequate space for
resources added in the future.
Size may vary considerably
depending on the number of
languages, platforms, and drivers
your system supports.

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Planning the Migration to Novell

Distributed Print Services
There is no single ideal strategy for implementing the Novell Distributed
Print ServicesTM (NDPS) printing system or for upgrading your current
queue-based system to take advantage of the many printer management and
ease-of-use features provided by NDPS. However, the information provided
in this section will help you understand the planning issues you should
consider and the migration scenarios available to make a successful transition.
Once the transition to NDPS is complete, you can follow the steps in the iPrint
Administration Guide to set up and configure iPrint.
Because NDPS provides full support for IP-based as well as IPXTM-based
printing, it offers a wide variety of system configuration options to fit your
organization's specific needs. Novell's legacy, queue-based print system is
also fully supported, which allows your users to continue printing as they
always have until you complete the transition to NDPS.
If you have not already done so, read in the Chapter 1, Understanding Novell
Distributed Print Services, on page 13 before you proceed further to ensure
that you understand the terms and concepts discussed in this section.
Establishing a Planning Base

The key to a successful move to NDPS lies in understanding both what you
are starting with and what you want when you have completed your move. As
part of this understanding process, you should also anticipate the critical
issues and decisions you will need to deal with as you implement the
transition.

103-000137-001
August 31, 2001
Novell Confidential
35
Manual
99a
38
July 17, 2001
Establishing your planning base consists of the following tasks:

Assessing Your Current Printing Environment on page 36
Identifying Critical Planning Issues on page 37
Designing Your New System on page 39
Assessing Your Current Printing Environment

Beginning with NetWare 5, NDPS became the default and preferred print
system while still offering compatibility with Novells legacy, queue-based
print system. Because both printing systems are supported, your users can
continue printing as they always have until you complete the transition to
NDPS.
For information about the differences between queue-based print services and
NDPS, see Chapter 1, Understanding Novell Distributed Print Services, on
page 13.
Your first planning task should be to determine what kind of printing system
you currently have. You can then begin narrowing down your options for how
to proceed. In nearly all cases, your system will consist of one or more of the
following:
NetWare Legacy (Queue-Based) Printing SystemIf your current
printing solution is based on the NetWare legacy, queue-based system,
you will find information on upgrading to NDPS in Migrating from
Queue-Based Printing to NDPS on page 48.
NetWare 3.x Printing SystemIf you currently have a NetWare 3.1x
server bindery and file system and you are using a relatively small
number of printers, you should consider implementing your NDPS
system from scratch and then deleting all of your legacy printing objects.
However if your system is large and you do not want to create your NDPS
printing system from scratch, you can implement an NDPS printing
system on your network using the process described in Migrating from
Queue-Based Printing to NDPS on page 48.
NetWare for UNIX or NFS Printing SystemSeveral scenarios can be
used to incorporate NDPS into environments that use NFS* Print
Services:
NetWare-to-UNIX Printing on page 54
UNIX-to-NetWare Printing on page 55
36

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Migrating any of these configurations to NDPS will result in simpler and

more reliable printing, in addition to the benefits inherent in using NDPS.
Non-NetWare SystemIf you are implementing a new Novell network
from scratch, or if you are changing over from a different networking
system altogether (such as Windows* NT*, Windows 2000, 3COM*, or
LAN Manager*), you should implement NDPS as your printing solution.
If any of your current printers or print clients require queues, the
backward compatibility of NDPS allows you to integrate those printers
and clients into your system. In all other cases, we recommend that you
use an all-NDPS printing setup.
Identifying Critical Planning Issues

The transition to your new printing system will go much more smoothly if you
have identified the major issues involved before you begin the process. The
following items provide a starting point for accomplishing this. We suggest
that you develop your own checklist of issues, using the following as a starting
point.
Which Protocol(s) Will Be Used (IP and/or IPX)? on page 37
When Will Clients Be Upgraded? on page 38
How Much Network Security Will Be Needed? on page 38
How Will Brokered Services Be Distributed? on page 38
Which Protocol(s) Will Be Used (IP and/or IPX)?
A prominent feature of NetWare is support for IP-based communication and

system technologies. Selecting the protocol family (IP, IPX, or both) to be
used by a network has a direct impact on the way you must configure your
printers for NDPS. NetWare provides a rich variety of print configurations so
that one or more print systems and one or more protocol families may be
employed to best accomplish the goals of a system.
In NetWare, NetWare Core ProtocolTM (NCPTM) communication can travel on
top of IPX or on top of IP in a configuration referred to as Pure IP (the IP NCPs
are no longer IPX packets encapsulated inside IP). All applications that use
NCP and do not interface directly with IPX or SPXTM can operate as Pure IP
applications.
NetWare also supports existing applications that directly access IPX-based
protocols (make IPX/SPX or SAP calls) through its Compatibility Mode

103-000137-001
August 31, 2001
Novell Confidential
37
Manual
99a
38
July 17, 2001
(CMD). Compatibility Mode is implemented as a set of system components

that allow IPX client or server applications to locate and communicate with
their IPX counterparts without IPX packets being visible on the wire.
Compatibility Mode components translate SAP advertise and query requests
into their SLP equivalents, allowing IPX applications to dynamically
advertise and/or discover without generating IPX traffic on the wire.
All NDPS components are IP-aware and IPX-aware, so they do not rely on
Compatibility Mode to implement IP-based communication.
When Will Clients Be Upgraded?
If you have a fairly large number of workstation clients, you might find it
inconvenient to try to upgrade them to NDPS all at once. Because NDPS
allows you to implement all of the server management components while
allowing your workstation users to continue to print to queues just as they
always have, you can upgrade these clients at a pace that suits your needs
while you take advantage of the management benefits NDPS provides
immediately. See Making the Transition Gradually on page 41 for more
information.
How Much Network Security Will Be Needed?
NDPS is tightly integrated with eDirectoryTM to maximize both the security

and ease-of-management that eDirectory provides. The level of security you
desire for each of your printers can be as flexible as you want it to be, ranging
from total public access to tightly controlled access. Printer security for
controlled access printers is ensured through the assignment of the Manager,
Operator, and User access control roles. For more information, see Chapter 7,
Managing Printing Security, on page 103.
How Will Brokered Services Be Distributed?
While the distribution of your Brokers is not a critical issue initially, you will
probably want to give some thought to this issue as you do your preliminary
planning. You will not need to create a Broker on all of your servers, but you
will want your Brokers sufficiently well distributed so that your brokered
services (Service Registry Service, Event Notification Service, and Resource
Management Service) will be readily available on the system when needed. As
you gain experience with your new system, you may want to add or delete
Brokers to optimize the efficiency of your system or to store your brokered
resources (maintained in the Resource Management database) where you want
them.
38

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
For guidelines on when and where to enable various brokered services, see
Chapter 6, Managing the Broker, on page 91.
Designing Your New System

As a final planning step, before you begin the implementation process, you
should create a written record of all the network resources and components
that will be incorporated into your new printing system (printers, servers,
workstation clients, routers, etc.). Then, you should draw a diagram of how
these components will fit together in your modified eDirectory tree.
The steps to designing your NDPS system are described below:
Make a record of your printing resources.
Write a list that you can refer to as you make a diagram of your eDirectory
tree. This record helps you to include all of the printing resources you
need for your network when you start to create the eDirectory objects.
For example, you might record that you have two printers for one location
on your network. One will be used for everyone in the office, and the
other is used only by the production team. This information can guide you
in creating your diagram.
Create a diagram of the new eDirectory tree.
We recommend that you create a diagram of the printing layout you want
to implement in your new system. The diagram will help you simplify and
reorganize your setup.
The diagram you create can take a variety of forms. Drawing a tree
diagram is the most common. You can also create a list that includes all
the objects that will be in the tree. Or you might prefer to create an
organization chart with responsibilities and resources listed by each
name.
The diagram should be centered on the printers and the NDPS Manager.
(Keep in mind that only one NDPS Manager can be loaded on a server.)
Although there are other items that might be included in the diagram, such
as the NDPS Broker; printer users, managers, and Operators; or printer
configuration information, the printers and the NDPS Manager are all that
is necessary at this stage. Place the printers in the appropriate areas. Place
an NDPS Manager on the server that you want to handle the Printer
Agents that correspond with those printers.

103-000137-001
August 31, 2001
Novell Confidential
39
Manual
99a
38
July 17, 2001
Determining Your Implementation Strategy

Now that you have done some initial information-gathering, identified the
major issues you will face, and created a diagram of the new eDirectory layout
you want to implement, you can now consider your strategy for implementing
your new or upgraded NDPS system.
If you have not already done so, be sure to read Chapter 1, Understanding
Novell Distributed Print Services, on page 13 in the before you proceed.
General Transition Guidelines on page 40
Making the Transition Gradually on page 41
Maintaining Your Queues during the Transition on page 42
Understanding Your Implementation Options on page 44
General Transition Guidelines

The following guidelines generically apply to any transition scenario and
should expedite your decision process.
NDPS provides simple and reliable configurations for Pure IP
environments. You will need to use a gateway that supports IP like the
Novell gateway or a third-party gateway.
Migrate the server side first, then migrate your end-users gradually. A
sensible approach to deploying NDPS into a system is to first replace the
server components of your legacy printing system with the NDPS server
components. Since the NDPS Manager (NDPSM.NLM) and the Print
Server (PSERVER.NLM) can run simultaneously on a server, this
transition can be accomplished one queue/printer at a time. Users can then
be gradually switched to print directly to NDPS printers instead of
queues.
This transitional configuration would look this way:
PA
Novell
client
40
Queue
NDPS
Printer Agent

103-000137-001
August 31, 2001
Novell Confidential
Printer
Manual
99a
38
July 17, 2001
See Maintaining Your Queues during the Transition on page 42 for

more details on this printing configuration.
Eventually, only a few queues serviced by NDPS Printer Agents will
remain to support your DOS and Windows DOS-box printing needs,
while most printing will be through the following basic NDPS
configuration and its variations, which will be explained in Using
Legacy Printers and NDPS Gateways on page 44.
Determine which gateway you will use. For more information about
available gateways, see Chapter 9, Selecting the Correct Gateway to
Use, on page 135.
Making the Transition Gradually

If you are using a queue-based printing system, you can continue to use your
existing system without modification. Because of the advantages provided by
NDPS, however, we recommend that you begin the transition as soon as it
becomes convenient.
In general, we suggest you make the move gradually, and begin by
implementing the NDPS server components and management features. This
strategy allows you to set up your new printers and optimize the distribution
of your brokered resources while your end users continue printing through the
same queues they always have. Then, when you are satisfied that your NDPS
printing components are set up and configured the way you want them, you
can begin upgrading your end users to the new system gradually.
If you will be implementing iPrint, the Novell Client 32TM is not required.
Instead, users install a browser plug-in that allows them to install printers and
print drivers to their workstations. See the Novell Client for Windows for more
information.
Advantages to Running NDPS on the
Server
Additional Advantages of Running

NDPS on Clients also
Easier (and in many cases, the only

way) to support Pure IP
Automatic driver download when a

user logs on to the network
(assuming that you have
implemented this Remote Printer
Management function)
Custom printer management tools
Remote workstation printer

management

103-000137-001
August 31, 2001
Novell Confidential
41
Manual
99a
38
July 17, 2001
Advantages to Running NDPS on the

Server
Additional Advantages of Running

NDPS on Clients also
Simpler management and

configuration
Local printer installation and

management integrated into native
operating system facilities
Advanced error reporting and

troubleshooting tools for
administrators
Public access printing
Queues no longer needed

Potentially less network traffic
Improved error reporting and
troubleshooting tools for users
Advanced job-related event
notification
Maintaining Your Queues during the Transition

NDPS Printer Agents, either embedded into printers or running as part of an
NDPS Manager, can be configured to retrieve jobs from queues in addition to
accepting jobs from NDPS users.
PA
Novell
client
Queue
NDPS
Printer Agent
Printer
Maintaining your queues allows you to gradually migrate users to NDPS

because users' workstations can continue to print to existing queues and be
moved to NDPS as time permits. Workstations can even be configured to print
to both queues and NDPS printers.
In addition to allowing for a gradual transition to NDPS, this configuration is
also the only support currently available for DOS and Windows DOS-box
printing and for handling printing requests from other systems such as UNIX
or Macintosh*. It also allows Novell clients to submit jobs to NetWare queues,
providing these clients with access to NDPS-managed printers.
42

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
After you have created NDPS Printer objects to represent the printers that are
still servicing queues, you can delete your legacy Print Server and Printer
objects (but not your Queue objects) if you want, reducing the number of
objects in your tree you need to manage.
In most cases, you will want to upgrade your administrator workstations to
NDPS first because NDPS allows administrators to quickly benefit from its
advanced capabilities such as automatic printer driver download, extended job
management, and event notification.
Administrators can accomplish much of the migration remotely by removing
the CAPTURE statements from users' login scripts and installing NDPS
printers on their workstations using the NDPS Remote Printer Management
functionality. For more information, see Chapter 1, Understanding Novell
Distributed Print Services, on page 13.
Advantages to Maintaining Your Queues Disadvantages to Maintaining Your
While Transitioning to NDPS
Queues While Transitioning to NDPS
Allows gradual migration to NDPS
Users printing through queues don't

have access to the NDPS advanced
features
Allows administrators quick access to

NDPS management tools
Two levels of indirection for queue

users
Supports clients not directly

supported by NDPS (UNIX,
Macintosh, OS/2*, DOS)
Requires management of both NDPS

printers and legacy queues
Supports NetWare 4 clients

103-000137-001
August 31, 2001
Novell Confidential
43
Manual
99a
38
July 17, 2001
Understanding Your Implementation Options

Possible scenarios for printing with NetWare range from maintaining a legacy
queue-based system (available only for IPX-based systems), to integrating
NDPS into a heterogeneous print system, to implementing a pure NDPS
printing system in a Pure IP environment. A wide range of heterogeneous
configurations exist between all IPX and Pure IP systems, and between allqueue-based and all-NDPS systems. However, becoming one hundred percent
Pure IP and utilizing the most advanced printing features of NetWare implies
full deployment of NDPS.
Keep in mind that there is no requirement to modify current NetWare printing
configurations immediately, and any modifications you make may be
implemented gradually (see Making the Transition Gradually on page 41).
Your available implementation options are described in the following
sections:
Using Legacy Printers and NDPS Gateways on page 44
Using Printers with Embedded NDPS Technology on page 47
Using Legacy Printers and NDPS Gateways

Gateways allow NDPS clients to send jobs to printers that are not NDPSaware (that is, printers that are not equipped with embedded NDPS Printer
Agents). You select and configure a printer gateway when you create a new
Printer Agent.
You can implement NDPS through two types of gateways: third-party
gateways and the generic Novell gateway. Each type of implementation is
described here.
44

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Printing through Third-party Gateways

A third-party gateway is designed specifically for a printer or printer family.
NDPS Manager
Novell
client
PA
3rdparty
gateway
Printer
Agent
Printer
This scenario requires two components running on a NetWare server: the

NDPS Manager and the third-party gateway. The NDPS Manager is an
integral part of NDPS and implements a platform on which to run Printer
Agents. The third-party gateway is provided by the printer manufacturer for a
specific printer or class of printers.
Printer Agents (unless embedded in the printer itself) are created to run on the
NDPS Manager to front-end printers which do not contain NDPS capabilities
and make them appear to users and administrators as full NDPS printers. The
NDPS Manager uses NDPS to communicate with users and administrators on
one end, but requires a gateway to communicate with the printer on the other.
Some printer manufacturers have developed proprietary mechanisms for
dynamically discovering their printers and for providing comprehensive
access to their printers' capabilities. Gateways developed by these printer
manufacturers can be snapped in to the NDPS Manager to give NDPS
administrators and users enhanced access to the printers.
Different levels of NDPS functionality are available depending on the actual
implementation of a specific gateway and the capabilities of the protocols
used by the gateway.
Advantages of Printing through a Third- Disadvantages of Printing through a
Party Gateway
Third-Party Gateway
Might support Pure IP
Currently not all existing printers have

third-party gateways
Might provide pseudo plug-and-print

capabilities
Some manual configuration might be

required

103-000137-001
August 31, 2001
Novell Confidential
45
Manual
99a
38
July 17, 2001
Advantages of Printing through a Third- Disadvantages of Printing through a

Party Gateway
Third-Party Gateway
Feedback and control as good as the

protocols used by the gateway
Simple administration
Printing through the Novell Gateway

For legacy and specialized printers that are not supported by third-party
gateways, NetWare includes a generic Novell gateway that allows the NDPS
Manager to communicate with print devices using the LPR/LPD protocol on
IP, the Internet Printing Protocol, and the RP protocol on IPX.
NDPS Manager
Novell
client
PA
Printer
Agent
Novell
gateway
Printer
Using the Novell gateway, jobs can also be written to a queue as a way to route
them to a different print system or to network printers set up in QServer mode.
46
Advantages of Printing through the

Novell Gateway
Disadvantages of Printing through the

Novell Gateway
Support for Pure IP via LPR as well as

support for IPX
Some manual configuration required

during the creation of the Printer
Agent
Feedback and control as good as the

protocol employed
Typically less printer information

available than with third-party
gateways

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Using Printers with Embedded NDPS Technology

As printers with embedded NDPS technology become more available, this
will become the optimal configuration and achieve the most powerful NDPS
capabilities.
PA
Novell
client
NDPS-embedded
printer
With this configuration, administrators and end-users can directly interact

with print devices. This configuration requires printers to have an embedded
NDPS Printer Agent. A Printer Agent is the NDPS component that receives
and processes NDPS printer and job requests and provides a standard interface
to all NDPS users and administrators regardless of the type of printer it
represents. As with other printing solutions, in order for users to print, these
printers must be installed on the users' workstations. Administrators can
remotely install these printers for users by using NDPS Remote Printer
Management functionality. Many printer manufacturers are working to embed
NDPS into their next generation of printers.
Advantages of using Printers with
Embedded NDPS Technology
Disadvantages of using Printers with

Embedded NDPS Technology
True plug-and-print capability
At present, limited availability of fully

enabled NDPS printers
Peer-to-peer printing
Exceptional feedback and control
Simplest administration

103-000137-001
August 31, 2001
Novell Confidential
47
Manual
99a
July 17, 2001
38
Migration Scenarios
The following scenarios will help you better understand the process for
making the transition to a NDPS environment that will best meet your printing
needs.
Migrating from Queue-Based Printing to NDPS on page 48
Migrating from IPX-Based NDPS to IP-based NDPS on page 50
Migrating from NFS to NDPS on page 53
Migrating from Queue-Based Printing to NDPS

Most queue-based printing in NetWare networks is currently realized through
one of the following configurations:
QServer-mode
printer
RP-mode
printer
2
NPRINTER.EXE
Novell client
Queue
3
Print Server
Printer attached to
workstation
4
Printer attached to server
(local printer)
When migrating to NDPS from any of these configurations, you should first
consider the protocols, connection methods used, and potential need to
configure the printer in determining which gateway to use. If a third-party
gateway is used, the resulting configuration would look as follows:
48

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
NDPS Manager
PA
Novell
client
3rdparty
gateway
Printer
Agent
Printer
The Novell gateway provides a straightforward migration path. The NDPS

configurations corresponding to the queue-based printing configurations
illustrated earlier, as well as an additional configuration for Pure IP support,
are shown in the following illustration:
Queue
QServer-mode
printer
See Important
note below
1
RP-mode
printer
2
NDPS Manager
Novell client
NPRINTER.EXE
PA
Printer
Agent
Novell
gateway
Printer attached to
workstation
4
(local printer)
LPR/LPD
printer

103-000137-001
August 31, 2001
Novell Confidential
49
Manual
99a
38
July 17, 2001
The first NDPS configuration above is not recommended because a back-end

queue is still required, increasing network traffic and delaying job completion.
In addition, while transitioning to NDPS, there would be two queues in the
print path as shown in the following illustration:
NDPS Manager
Novell client
PA
Queue
Printer
Agent
Novell
gateway
Queue
QServer-mode
printer
If you are migrating a QServer-mode printer, we recommend that you

reconfigure it for LPR as in configuration #5 or RP as in configuration #2 if
possible. Choose configuration #5 if the network supports IP and the printer
supports LPR/LPD. Choose configuration #2 if the network supports IPX and
the printer supports RP. Configurations #3 and #4 are available if the printer
does not support LPR or RP, but you still want to benefit from many NDPS
features without the need for a queue. Notice that configurations #2 through
#5 require you to configure the print device to enable a new protocol.
Notice that if the NPRINTER.EXE in configuration #3 is running on a
NetWare client, it is possible to realize IP-only printing to a remote printer,
though not Pure IP. However, if IP is desired, configuration #5 is preferable
and is Pure IP.
Migrating from IPX-Based NDPS to IP-based NDPS

IPX
NDPS
IP
NDPS
NDPS 3.0, which is included in NetWare 6, is written to support IP natively.

All communication between NDPS clients and NDPS back-end services will
automatically switch to use the protocol or protocols available at the client and
server. Thus, much of the effort to switch to an IP network will consist of
configuring the clients and servers to use IP only. (This is normally done
during the installation process.) However, there are some protocols used by
50

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NDPS gateways to communicate with printers that have inherent IPX

dependencies. This section provides guidelines for switching these
configurations to use IP-based protocols. None of the changes described will
require the clients' installation and configuration to change.
The following scenarios are described in this section:
Migrating an IPX-Based Third-Party Gateway to IP on page 51
Migrating a Printer in RP Mode to IP on page 51
Migrating a Printer in QServer Mode to IP on page 53
Migrating an IPX-Based Third-Party Gateway to IP

NDPS Manager
PA
3rdparty
gateway
Printer
Agent
Printer
Several third-party gateways support both IPX-based and IP-based

communication to printers. The process to switch a third-party gateway to use
IP is likely to differ from gateway to gateway and should be explained in each
gateway's documentation. If a specific third-party gateway doesn't support IP,
you might need to use the Novell gateway.
Migrating a Printer in RP Mode to IP

NDPS Manager
PA
Printer
Agent
RP
Novell
gateway
RP-mode
printer

103-000137-001
August 31, 2001
Novell Confidential
51
Manual
99a
July 17, 2001
38
The Remote Printer protocol (RP) is inherently IPX-based. Configurations

using printers in remote printer mode can use one of the following
configurations to conform to an IP setting:
LPR/LPD-mode
printer
2
Printer
Agent
NDPS Manager
PA
PA
RP-mode
printer
Migration
Agent
LPR
3rdNovell RP
party
gateway gateway LPT/COM
IP
NPRINTER.EXE
1
Printer
Printer attached to
IP CMD client

(local printer)
As stated before, the best way today to communicate to a printer with NDPS
is through a third-party gateway. If you plan to reconfigure a printer to support
IP, you should check whether a third-party gateway for that printer has become
available.
Option #2 is simpler and offers better performance than option #3, but it
requires the printer to support LPR/LPD mode and have IP configured.
Options #4 and #5 are also simple, but they might not be a viable option in
some settings because they require the printer to be directly attached to a
workstation or server. Of the three options, only #5 maintains a Pure IP
environment.
Option #3 requires an isolated IPX segment to exist in the network.
Communication with this segment can be filtered and/or translated by a
Migration Agent, thus maintaining the IP segments free of IPX
communication. The advantages of option #3 are that it doesn't require any
changes to the current printing configuration and doesn't add much overhead
to networks that already manage isolated IPX segments.
52

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Migrating a Printer in QServer Mode to IP

NDPS Manager
PA
Printer
Agent
Novell
gateway
Queue
QServer-mode
printer
The best alternatives for this scenario to support IP are to (1) use a third-party
gateway (see Migrating a Printer in RP Mode to IP on page 51) or (2)
reconfigure the Novell gateway to communicate with the printer through a
different protocol altogether. If neither of these options are feasible, the
following configuration is available to isolate the IPX traffic generated by
printers in QServer mode:
NDPS Manager
PA
Printer
Agent
Novell
gateway
Queue
Migration
Agent
QServer-mode
printer
The advantages of this option are that it doesn't require any changes to the
current printing configuration and doesn't add much overhead to networks that
already manage isolated IPX segments.
Migrating from NFS to NDPS

Several scenarios can be used to incorporate NDPS into environments that use
NFS Print Services:
NetWare-to-UNIX Printing on page 54
UNIX-to-NetWare Printing on page 55
In most cases, migrating one of these configurations to NDPS will result in
simpler and more reliable printing, in addition to the benefits inherent in using
NDPS. This section discusses how NDPS can be used to replace or work with
NFS Print Services.

103-000137-001
August 31, 2001
Novell Confidential
53
Manual
99a
July 17, 2001
38
NetWare-to-UNIX Printing
The following shows how to route jobs from NetWare out to a UNIX system.
This configuration is as follows:
NLM
Novell
client
Print
server
Queue
NetWare-to-Unix
printer gateway
Unix
host
Printer
Again, by replacing the Print Server and NetWare-to-UNIX Printer Gateway

with the NDPS Manager, the following configuration is possible:
NDPS Manager
Novell
client
PA
Queue
Printer
Agent
Novell
gateway
Printer
Unix
host
The Novell gateway uses LPR to communicate with the UNIX host.
Eventually the clients can also be switched to NDPS, yielding the following
configuration:
NDPS Manager
Novell
client
PA
Printer
Agent
Novell
gateway
Unix
host
54
Printer

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
UNIX-to-NetWare Printing
This configuration uses the NFS Print Services to route print jobs from a
UNIX system into NetWare. The following is a common use of the UNIX-toNetWare Printer Gateway:
UNIX
system
UNIX-to-NetWare
printer gateway
Queue
Printer
Print
server
As discussed in Maintaining Your Queues during the Transition on page 42,

a Printer Agent can be set to service queues, enabling one of the following
setups:
PA
Printer
Agent
UNIX
system
UNIX-to-NetWare
printer gateway
Printer
Queue
PA
Printer with
embedded
Printer Agent
This configuration allows administrators to route jobs out of UNIX systems

into NDPS using the same mechanism they use today, while giving them
extended capabilities to manage the printers that service those jobs.

103-000137-001
August 31, 2001
Novell Confidential
55
Manual
56
99a
38

103-000137-001
August 31, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
Setting Up a New NDPS Printing

System
Creating a new Novell Distributed Print ServicesTM (NDPS) system will
not automatically disable your current printing setup. Users can continue to
print just as they always have until you decide to replace old printing setup
with NDPS. You can do this gradually or all at once.
Before setting up your new NDPS printing system, we recommend that you
read Chapter 2, Planning the Migration to Novell Distributed Print Services,
on page 35.
Creating NDPS Brokers on page 61
Creating NDPS Manager on page 61
Creating NDPS Printers on page 62
Setting Up NDPS Printers to Service Legacy Queues on page 65
Configuring Queue-Based Printers on page 65
Printing from Macintosh Workstations on page 68
Setting Up LPR Clients on UNIX on page 69
Preparing Client Workstations to Use NDPS on page 69
For information on setting up printing in other situations, see Appendix A,
Configuring Remote Printers, on page 137.

103-000137-001
August 31, 2001
Novell Confidential
57
Manual
99a
38
July 17, 2001
Getting Started
The following tasks are basic to creating a new NDPS printing system. These
steps assume that NetWare is installed and running.
1. Create an NDPS Broker, if one does not exist.
The Broker provides three network support services: the Service Registry
Service, Event Notification Service, and Resource Management Service.
See Creating NDPS Brokers on page 61 for more information.
2. Create an NDPS Manager.
The NDPS Manager is used to create and manage server-based Printer
Agents (similar to the way PSERVER is used on servers to manage
printing resources in legacy printing). You must create an NDPS Manager
on each server you will be controlling NDPS printers from.
See Creating NDPS Manager on page 61 for more information.
3. Create one or more NDPS Printer Agents.
NDPS printers must be represented by a logical entity known as a Printer
Agent. You will need to create one for each printer.
The Printer Agent lies at the heart of NDPS, combining the functions
previously performed by a printer, print queue, print server, and spooler
into one intelligent and simplified entity.
For more information, see Understanding Printer Agents on page 22.
Create a controlled access printer (NDPS Printer Object).While any
printer, regardless of its physical type or connection mode, can be
configured as either a public access printer or a controlled access printer,
we recommend you create an NDPS priner when possible.
For more information, see Creating NDPS Printers on page 62.
4. Install a client on each workstation.
iPrint: If you will be implementing iPrint, the Novell iPrint Client (a
set of browser plug-ins) will need to be installed on each workstation.
For more information on setting up workstations to work with iPrint,
see Setting Up iPrint on Client Workstations in the iPrint
Printing for UNIX and Macintosh: Unix and Macintosh users can
print to NDPS using LPR. See Printing from Macintosh
58

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Workstations on page 68 and Setting Up LPR Clients on UNIX

on page 69 for more information.
Novell Client 32: The Novell Client is required in order for NDPS
features to be available on your client workstations. Other clients can
print to NDPS printers through the backward compatibility feature,
but only NDPS clients can take full advantage of the advanced
features offered by NDPS.
See Preparing Client Workstations to Use NDPS on page 69 for
more information.
NOTE: If users will be accessing printers through iPrint, you do not need to
install the Novell Client. For more information on iPrint, see Setting Up iPrint
on Client Workstations in the iPrint Administration Guide.
5. Install printers on individual workstations.

You can do this in any of the following ways:
If you are using iPrint, see Setting Up iPrint on Client Workstations
in the iPrint Administration Guide for more information.
Designate printers to be automatically installed on users'
workstations through the NDPS Remote Printer Management feature
available through iManage. See Designating Printers to Be
Automatically Installed on page 75 for more information.
Install printers manually on each workstation using the Windows
Add Printer function in the Printers folder.
Setting Up NDPS on Your Servers

During the initial installation and setup process, there are some issues you
should be familiar with:
Rights Required for Configuring NDPS Installation on page 60
Using iManage on page 60
Changing the Location of a Broker on page 60
Updating the AUTOEXEC.NCF File on page 60

103-000137-001
August 31, 2001
Novell Confidential
59
Manual
99a
38
July 17, 2001
Rights Required for Configuring NDPS Installation

You must have the Supervisor right at the root of the tree because the schema
will be modified. In order to install the resource database (in the SYS:NDPS\
RESDIR directory), the administrator must also have file system rights (rights
to the volume) where it will be installed.
After the schema has been extended, a user installing another Broker must
have at least Read, Write, Modify, and Create rights for the container where
the Broker will reside.
Using iManage
To set up NDPS you will need to use iManage, a browser-based management
tool for eDirectory. For more information about setting up iManage, see the
Novell iManage Administration Guide.
Changing the Location of a Broker

NDPS allows you to customize your printing setup for maximum efficiency.
You might occasionally want to change the location of one or more Brokers.
For example, you might want a Broker to be in a different eDirectory
container. If you want to change the location of a Broker after it has been
created, you can use NetWare Administrator to move the Broker object into
the desired container, provided you have Supervisor or equivalent rights to the
new container.
Updating the AUTOEXEC.NCF File

After creating a Broker, you should add the following command to the
AUTOEXEC.NCF file to automatically load the broker when the server is
started.
load broker brokername.context
For more information about the managing the Broker, see Chapter 6,
Managing the Broker, on page 91.
60

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Creating NDPS Brokers

Each eDirectoryTM tree should have at least one NDPS Broker. You might
want to create additional Brokers in certain situations. For example, you might
want to create a Broker on a local server for each site on a wide area network
(WAN). See Where to Place NDPS Brokers on page 32 for information on
broker placement.
1 In iManage, click iPrint Management > Create Broker.
2 Fill in the fields.
Click help for explanations about the fields.

3 Click OK.
To modify the Broker properties, click Manage Broker, and then select the
Broker you want to modify.
Creating NDPS Manager

A NDPS Manager provides a platform for Printer Agents that reside on the
server. An NDPS Manager must be created as an object in the eDirectory tree
before you can create server-based Printer Agents.
ModuleTM (NLMTM), NDPSM.NLM. You can manually load this NLM at the
server console.
A single NDPS Manager can control any number of Printer Agents.
local printer, it must be loaded on the server the local printer is attached to.
While you can perform some configuration and management tasks directly
through the NDPS Manager console interface, iManage is the main tool for
performing these tasks.
Ensure you have at least Read, Write, Modify, and Create rights for the
container where the NDPS Manager object will be reside.
1 In iManage, click iPrint Management > Create Print Services Manager.

103-000137-001
August 31, 2001
Novell Confidential
61
Manual
99a
38
July 17, 2001
IMPORTANT: If you move the NDPS Manager to a different server, its database
will move also. As a result, local printers assigned to this NDPS Manager will no
longer work. To avoid this, you can assign a DNS name to the Manager before
creating Printer Agents associated to it using the /dnsname= startup switch. For
more information, see NDPS Manager Startup Switches on page 89.
Any printer you designate as a local printer when you are configuring Printer
Agents assigned to this NDPS Manager must be directly attached to this server.
3 Click OK.
4 To autoload the NDPS Manager when you bring up the server, add the
following line to your server's AUTOEXEC.NCF file:

load ndpsm NDPS_Manager_name_and_context
For example:
load ndpsm .sales_manager.corp.acme
To modify the Print Services Manager properties click Manage Print Services
Manager, and then select the Manager you want to modify.
For a discussion of Access Control roles, see Setting Access Control for
NDPS Manager on page 108.
Creating NDPS Printers

NDPS printers can be either public access or controlled access. For an
explanation of each type, see Understanding NDPS Printers on page 20. In
most cases, we recommend that you make all of your NDPS printers
controlled access printers as soon as possible in order to take full advantage of
the management and security benefits offered by eDirectory.
Before you can create an NDPS printer, you must first have created an NDPS
Manager on your server. See Creating NDPS Manager on page 61 for more
information.
After creating an NDPS Manager, you can create NDPS printers. Some thirdparty gateways have server-based utilities that can be configured to search for
new printers attached to the network and to automatically create Printer
Agents to represent them. For more information about gateways, see
Selecting the Correct Gateway to Use on page 135.
NDPS printers added to the eDirectory tree by iManage are referred to as
controlled access printers. As eDirectory objects, access to them is controlled
and they are no longer available directly as public access printers. They are
available to the workstation user only through the eDirectory object list
instead of through the list of public access printers.
62

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Prerequisites
Have at least Read, Write, Modify, and Create rights for the destination
container where its associated Printer object will reside
Be designated as a Manager of the NDPS Manager that will control this
Printer Agent
Have a Broker running
Have an NDPS Manager object created
Procedure
1 In iManage, click iPrint Management > Create Printer.

3 Click OK.
4 Select the printer driver for each client operating system.
These drivers will be automatically downloaded to users' workstations

when they install this printer in the future.
If you choose a Windows 3.x driver but not a Windows 95/98/ME or
Windows NT/2000 driver, a 16-bit driver will be selected. Normally this
will not create problems.
Since the list of printer drivers shipped with this product is limited, you
can add drivers to the Resource Management Service database. (See
Adding or Updating Printer Drivers on page 96 for more information.)
If the driver you need is not in the drivers list, rather than adding it to the
RMS, you can select [None] at the top of each list. Users will then be
asked to provide a disk with the appropriate driver the first time they
install this printer on their workstations.
5 Click Continue.
Workstation users can now select the printer and print to it.

103-000137-001
August 31, 2001
Novell Confidential
63
Manual
99a
38
July 17, 2001
Configuring LPR Printers

UNIX, Macintosh, and other LPR clients can print to iPrint printers using
LPR.
IMPORTANT: In order for LPR to work, the printer agent name cannot contain
spaces. If it does, you will need to rename the printer agent or select a different
printer.
1 In iManage, click iPrint Management > Manage Printer.

2 Browse to and select the printer you want to enable LPR printing for.
3 Click Client Support > LPR Support.
4 Check the Enable LPR/LPD Client Support check box.
The LPR Host and LPR Printer/Queue fields display information required
when setting up printing for Macintosh, UNIX, or other LPR clients.
LPR Host: The server name where the Print Services Manager is
running.
LPR Printer/Queue:The same as the printer agent's name. The printer
agent name cannot have any spaces in its name; otherwise, LPR will not
work properly.
5 (Optional) Enable the following options:
Filter All LF to CRLF and Append FF to Jobs: Checking this check

box changes bytes in the LPR data stream of all incoming LPR print jobs
from Line Feeds to Carriage Returns with Line Feeds and appends a Form
Feed to the end of the print job. Typically, these changes are made at the
LPR client; however, if you are sure of your users' configurations, you can
implement this option.
Address Ranges: Add an address range only if you want to restrict access
to this printer to LPR clients within the address range. When the list is
empty, all addresses are allowed to print (default).
64

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Setting Up NDPS Printers to Service Legacy Queues

In many cases, you will want to continue using print queues while you make
the transition to NDPS. This strategy is discussed in detail in Making the
Transition Gradually on page 41. For information on how to set up your
NDPS printers to service legacy queues, see Supporting Queue-Based Client
Workstations on page 86.
Configuring Queue-Based Printers

Users can submit jobs through NDPS to printers and print systems that still
require queues, such as the following:
Printers controlled by PSERVER.NLM (either locally attached or
attached directly to the network) running on servers that have not been
upgraded to NDPS
Printers attached directly to the network that are configured for queueserver mode
Mainframe systems using NetWare HostPrint and certain proprietary
systems
The following procedure allows you to configure the Printer Agent to redirect
print jobs to a NetWare queue.
HINT: While this procedure allows you to connect to queue-based printers
controlled by NetWare servers in the current eDirectory tree, you might also need
to create one or more bindery reference queues to provide access to printers
controlled by a NetWare 3 file server and printers controlled by a NetWare 4 or
NetWare 5 server in a different tree. For more information, see Using Bindery
Reference Queues on page 67.
1 In NetWare Administrator, select the container where you want the NDPS
Printer object to reside.

2 From the Object menu, click Create > NDPS Printer.
3 Enter a name in the Printer Name field.
4 At the Printer Agent Source field, select Create a New Printer Agent, and
then click Create.

5 Confirm the Printer Agent name (default is the name of the new printer
you are creating) and browse to select the NDPS Manager you want to
assign it to.

103-000137-001
August 31, 2001
Novell Confidential
65
Manual
99a
38
July 17, 2001
6 At the Gateway Types window, select the Novell Printer Gateway.
For more information about using gateways, see Selecting the Correct
Gateway to Use on page 135.
7 Configure the Novell PDS by selecting the Printer Type and Port Handler
Type, and then click OK.

8 At the Connection Type field, select Forward Jobs to a Queue and then
click Next.
The Port Type options are grayed when you select the Queue connection
type.
9 Provide the Queue Name and Queue User Name.
Browse for the target print queue. If no queues are listed, none exist in the
current context. Browse the tree to find a queue in a different context. The
queue you select must exist in the current tree, or else you will need to
create a bindery reference queue in your own container to allow access to
the actual queue. See Using Bindery Reference Queues on page 67.
The user you specify might need to log in to the server that this queue
resides on. This user must have full rights to manage this queue.
10 Click Finish.

when they install this printer in the future. Select a driver for each
operating system.
12 Click Continue.
The main browser window appears with your new controlled access
printer listed.
66

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
You can select it from the browser to complete the following tasks:
Assigning Printer Access Control Roles through NDPS Printer

Objects on page 107
Optimizing Event Notification on page 82
Using Bindery Reference Queues

While we strongly urge you to upgrade all of your printers to NDPS as soon
as possible, you might still want to provide your users with access to queuebased printing resources for a variety of reasons. While connecting to queuebased printers can be accomplished directly when you configure a Printer
Agent, you might need to create one or more bindery reference queues to
provide access to the following:
Printers controlled by a NetWare 3 file server
Printers controlled by a NetWare 4 or NetWare 5 server in a different tree
A bindery reference queue serves as a pointer to a real NetWare queue. After
you have created a bindery reference queue, you can then configure a Printer
Agent to send jobs to that queue just as you would if the queue actually resided
on another server in the same tree. The following discussion explains how to
accomplish this procedure using NetWare Administrator.
If a bindery reference queue already exists, you can use it with NDPS with no
modification. A new reference Queue object does not need to be created in
eDirectory.
Prerequisites
The print queue you want to reference must already exist on the server
you want to point to
A bindery object of the same name as the one you are using must exist on
that server and must have rights to the print queue you are referencing
Procedure
The following procedure lets you reference a bindery queue and make it
available to NDPS printers.
1 In NetWare Administrator, select the container where you want the
reference queue to reside.

2 From the Object menu, click Create > Print Queue.

103-000137-001
August 31, 2001
Novell Confidential
67
Manual
99a
38
July 17, 2001
3 In the Create Print Queue dialog box, select Reference a Bindery Queue.
Notice that the dialog changes when you select this option.
4 (Optional) If you want to assign a bindery reference queue name different
from the queue's name on the legacy server, enter the reference name in
the Print Queue Name field.
If you do not want to assign a reference name, leave the field blank.
5 Click the browser button to select a bindery server and queue.
6 Click List Only Attached Servers to specify whether you want this option
turned on or off.
To see a list of all available servers, turn off this option. Select the name
of the server you want to attach to. Log in to this server at the prompt.
7 Double-click the server you want to use.
If you are not attached, you must authenticate to that server.

To complete this procedure, a bindery object of the same name as the one
you are using must exist on that server and must have rights to the print
queue you are referencing.
If no queue names appear, no queues have been defined on that server.
8 Select the queue you want to create a reference for and click OK.
9 Click Create.
10 Return to Step 9 on page 66 of the procedure for Configuring Queue-
Based Printers on page 65 as a controlled access printer.

Now that this queue is created, you can configure a Printer Agent to service
jobs from a queue or to submit jobs to a queue.
Printing from Macintosh Workstations

Macintosh users can submit print jobs to NDPS using LPR. This entails using
the Macintosh Desktop Printer Utility to set up a printer on the MacInstosh
client and enabling LPR support for the printer. To enable LPR printer support,
see Configuring LPR Printers on page 64.
NOTE: When using LPR printing, printer agent names cannot include spaces.
1 In the Macintosh Desktop Printer Utility, select LPR Printer.

2 If necessary, select any appropriate PPD files.
68

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
3 Enter the printer address information.
LPR Address: Enter the DNS name or IP address of the server where the
NDPS printer agent is running. This is the LPR Host address displayed
when enabling LPR for a printer.
Queue: Enter the printer agent name. This name may not include spaces.
This is the LPR Printer/Queue name displayed when enabling LPR for a
printer.
4 Click Create and save the printer to a desired location on the Macintosh.
Setting Up LPR Clients on UNIX

The implementation of LPR printing in UNIX systems varies greatly.
Typically, UNIX or LPR users will know how to set up LPR Printing (BSDstyle printing) on their system. In order to complete the configuration, users
will need to know the LPR Host and the LPR Printer/Queue information
provided in iManage.
Preparing Client Workstations to Use NDPS

If you will not be using iPrint, you will need to install the Novell Client that
accompanies NetWare. The Novell Client is required in order for NDPS
features to be available on your client workstations.
The NDPS components of the Novell Client require approximately 800 KB of
random access memory (RAM). If you select the Custom install option, make
sure you have enabled NDPS.
The following sections will help you implement the Novell Client on users
workstations.
Installing the Novell Client

For specific instructions on installing the Novell Client, see the Novell Client
for Windows documentation.

103-000137-001
August 31, 2001
Novell Confidential
69
Manual
99a
38
July 17, 2001
Enabling NDPS on a Previously Installed Client

If you have previously installed the correct version of the Novell Client on one
or more Windows workstations but you did not enable NDPS at that time, you
will need to add go to your network properties and add the service Novell
Distributed Print Services.
On Windows 3.x workstations, you must reinstall the Client to enable NDPS.
Adding NDPS Printers

For a discussion of how to add printers automatically to your NDPS client
workstations, see Designating Printers to Be Automatically Installed on
page 75.
You can install printers manually at individual workstations using the Add
Printer wizard.
Removing CAPTURE Statements

Existing CAPTURE statements should be removed from your NDPS clients
for NDPS to be fully enabled. These statements might exist in container or
user login scripts, in batch files, or other locations. After you have tested your
new system thoroughly, you can safely remove these statements.
70

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Managing Printers
Although the default settings in Novell Distributed Print ServicesTM
(NDPS) allow your users to print without further configuration being
necessary, you will probably want to modify some of those settings so that you
can manage your printing resources most effectively. While most tasks can be
done in iManage, some tasks will require you to use NetWare Administrator.
Installing Printers on Workstations on page 74
Using Remote Printer Management on page 75
Setting Up Printer Configurations on page 77
Creating Configurations on page 78
Optimizing Event Notification on page 82
Setting Print Job Spooling on page 85
Supporting Queue-Based Client Workstations on page 86
Managing Print Jobs

The following sections provide specific information about the NDPS print job
management features. All of the procedures listed below can be performed
either through NetWare Administrator or through the Novell Printer Manager.
Users designated as Managers or Operators for a printer can perform these
tasks for all jobs routed to that printer; individual job owners can only perform
these tasks for their own print jobs.
Managing Printers

103-000137-001
August 31, 2001
Novell Confidential
71
Manual
99a
38
July 17, 2001
Viewing Print Job Information

You can view information about individual print jobs waiting to be processed
by a specific printer by using the following procedure.
1 In iManage, click Print Management > Manage Printer.
2 Browse to and select the printer the job was sent to.
3 Click Printer Control > Jobs.
Information about the print jobs is displayed.
Deleting Print Jobs

Administrators can delete any print job after it has been submitted if the job
has not yet started printing. Users can delete only their own print jobs.
NDPS allows you to delete a print job from the jobs list by using the following
procedure.
1 In iManage ,click Print Management > Manage Printer.
4 Check the checkbox next to the job you want to delete.
5 Click delete.
Changing the Order of Print Jobs

Occasionally, you might need to print a job sooner than other jobs that have
already been submitted to a printer and are awaiting servicing. Administrators
can move jobs up or down the list. Users can only move jobs down the list.
Administrators can reorder any print job after it has been submitted if the job
has not yet started printing. Users can reorder only their own print jobs.
The following procedure explains how this is done.
4 Check the checkbox next to the job you want to modify.
5 Click Promote to move a print job up the list.
72

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Moving Print Jobs

NDPS allows operators and job owners to copy or move a print job to another
printer. The target printer must be running on the same server (managed by the
same NDPS Manager) as the printer on which the job currently resides. Also,
the target printer must be compatible with the driver that formatted the job. For
example, if a job was formatted with an HP5si driver, it should not be copied
or moved to an HP LaserJet* III.
Administrators can copy or move any print job after it has been submitted if
the job has not yet started printing. Users can copy or move only for their own
print jobs.
To move a print job using iManage, do the following.
4 Check the checkbox next to the job you want to modify.
5 Click Move to move the print job to another printer in the list.
Modifying Print Jobs

You can modify a print job in two ways:
Modifying the printer configuration
Before the job is submitted, you can modify the printer configuration on
your workstation. Then every time you send a job to that printer, those
modifications will be used. For information, see Modifying
Configurations on page 80.
Modifying the specific job
When a job is submitted, it inherits the properties of the installed printer's
configuration. The configuration of the job can then be modified, if
needed, by the job's owner or the printer's Operator.
When jobs are modified, additional configurable properties are available
which are not included in the original printer configuration. For example,
the job can be delayed, and advanced attributes can be viewed and
modified.
Managing Printers

103-000137-001
August 31, 2001
Novell Confidential
73
Manual
99a
38
July 17, 2001
Administrators can modify any print job after it has been submitted if the job
has not yet started printing. Users can modify only their own print jobs.
To modify a job, do the following.
1 In NetWare Administrator, select the printer the job was sent to from the
browser window, and then click Jobs/Job List.

If you want to see a list of jobs already processed and being retained, click
the Show Retained Jobs option.
2 Select the job you want to modify.
3 Click Job Configuration > Job Options and then select Configurations
from the drop-down list.

4 Select the properties you want and click OK.
Installing Printers on Workstations

You can install printers on NDPS workstations in either of the following ways:
By designating printers to be automatically installed on user workstations
through the Remote Printer Management feature available in iManage.
See Using Remote Printer Management on page 75 for more
information.
By allowing Windows workstation users to install printers on their
workstation by using the Windows Add Printers wizard in the Windows
Printers folder.
Certain drivers (mostly older drivers) will not work when the printer name/
port name has a long name (32 characters or more). The port name looks
something like \\TREE_NAME\SERVER_NAME\installed_printer_name.
To resolve this problem for NDPS, a new flag has been added to the Windows
registry that will allow for printer names to be less than 31 characters in length
so that old applications can still print. The key is as follows:
HKEY_LOCAL_MACHINE\Software\NDPS\RPM\TruncatePrinterNames
0 = use long names
1 = truncate the printer names
74

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Designating Printers to Be Automatically Installed

While NDPS allows users to download and install printers on their
workstations, it also allows administrators to designate printers to be
downloaded and installed automatically. These printers then appear on the
user's installed printers list with no action required by the user.
You can designate a printer to be installed automatically by using the Remote
Printer Management feature in iManage. See Using Remote Printer
Management on page 75 for more information.
Designating a Default Printer

When you use the Remote Printer Management (RPM) feature to designate a
printer for automatic installation on each user workstation, you can also
designate that printer to be the default for users in the same context
(container). This way, the user never has to install or configure that printer or
designate it as the default. Instead, a configured default printer is installed
automatically on each workstation.
The assignments made through the RPM are limited to the specific container.
They do not flow down to subcontainers.
Even though you designate a printer as the default, users can specify a
different default printer if they want.
Using Remote Printer Management

While NDPS allows users to download and install printer drivers on their
workstations, the Remote Printer Management feature also allows
administrators to designate printers to be downloaded and installed
automatically. These printers then appear in the Windows Printer Folder for
the user's workstation. Administrators can also use this feature to remove
printers, assign a printer to be the default printer, and update printer drivers
from the NDPS Resource Management Service database (RESDIR).
Remote Printer Management configures printing on workstations based on a
User object, group membership, and container.
Managing Printers

103-000137-001
August 31, 2001
Novell Confidential
75
Manual
99a
38
July 17, 2001
How Remote Printer Management Works

After a printer has been designated for automatic installation on a user's
workstation, this information is stored on the eDirectory container object
where the administrator has configured it. When a user logs in after the
machine is rebooted, the workstation's client software checks the container
object where the User object resides for the Remote Printer Management
configuration. The client software compares time stamps stored on the
workstation and in eDirectoryTM to determine whether any changes have
occurred. If the time stamp is different, action is taken, and the printer list on
the client is automatically updated to match the printer list maintained by
eDirectory on the container.
If the client finds a printer designated for installation that has not yet been
installed, it is automatically installed.
If a currently installed printer is added to the Printers to Remove list, that
printer will be uninstalled automatically.
If you designate a different printer to be the default in the Remote Printer
Management list, the change will be automatically made on each client
when it logs in.
If the Do Not Update Workstations control is checked, you can update the
Remote Printer Management configuration, but no changes will occur on
the workstation.
When you install a printer using Remote Printer Management, its installed
name will be limited to no more than 31 characters (including the periods).
The name will be broken off at a logical point from the beginning of the
installed name. This will not affect the ability of the printer to service jobs.
The reason that names are limited to this length is that some applications
cannot handle printer names of over 31 characters.
Accessing Remote Printer Management

Remote Printer Management can be accessed in any of the following ways
using NetWare Adminsitrator. Somewhat different functionality is available at
each location.
From the Tools menu in NetWare Administrator.
By selecting the NDPS Remote Printer Management option from this
menu, you can manage printers in all containers for which you have the
Supervisor right at the container object.
76

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
From the Details page for the Container object

By pressing the NDPS Remote Printer Management button from this
page, you can manage printers for this container only.
From the Details page for a specific printer
By pressing the NDPS Remote Printer Management button from this
page, you can remotely manage that printer.
From Users and Groups
Setting Up Printer Configurations

If you use configurations wisely, they can help you manage your system more
effectively. You can also create configurations that will help workstation users
meet their specific printing needs efficiently and conveniently.
Configurations are properties assigned to a NDPS Printer object that specify
how the printer will handle print jobs. For example, configuration properties
can specify the number of copies to print, event notification, what kind of
media to use, job priority, banner instructions, and whether to hold or retain a
job and for how long.
NDPS automatically assigns a default configuration to all NDPS Printer
objects when they are created. However, administrators can modify that
configuration or create new configurations for use by workstation users.
NDPS Printer objects can have multiple configurations. When a user installs
a printer on his or her workstation, that user chooses one of those
configurations. Each time a job with a particular configuration is submitted,
the printer will handle the job according to the instructions contained in that
configuration.
When a job is submitted, it inherits the properties of the installed printer's
configuration. The configuration of the job can then be modified, if needed,
by the job's owner or a printer Operator. When configurations are modified at
the individual job level, additional configurable properties are available which
are not included in the original configuration. For example, the job can be
delayed, and advanced attributes can be viewed and modified.
Creating Configurations on page 78
Configuration Options on page 78
Managing Printers

103-000137-001
August 31, 2001
Novell Confidential
77
Manual
99a
38
July 17, 2001
Modifying Configurations on page 80

Setting Configuration Locks on page 81
Creating Configurations
Use the following procedure in NetWare Administrator to create a new
configuration based on the current Default Configuration.
1 Select the NDPS Printer object that you want to create a configuration for.
2 Click the Configuration button.
The Printer Configurations window in that dialog lists the Default Printer
Configuration and any other configurations that have been created for this
printer in NetWare Administrator.
3 Click Create.
4 Enter the name you want to assign to this configuration.
5 Assign the configuration properties you want for print jobs.
For specific information about these tabs, see Configuration Options on

page 78.
If you want to lock certain configuration properties so that workstation
users cannot modify them, see Setting Configuration Locks on page 81.
6 Click OK in the Printer Configuration dialog box.
7 Click OK in the NDPS Printer Details dialog box.
Your new configuration will not be saved until you have done this.
Configuration Options
The following sections describes the configuration options available in NDPS.
General Properties
Copies: The number of copies that will be printed for this configuration.
Max Copies: The maximum number of copies that a user can print using
this printer.
Priority: The priority assigned to jobs using this configuration.
Max Priority: The maximum priority (Low, Medium, High) set by the
administrator for jobs using this printer. This setting determines when the
78

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
job will print in relation to other jobs with different priorities sent to this
printer.
Banner: A list of banner pages users can select from. Banner pages will
be printed at the beginning of print jobs using the configuration. (If
multiple copies of a document are printed, the banner page will only be
printed at the beginning of the first copy.)
If your client, printer, and server are not all configured for the same
language, you may experience problems with the output of your banner
pages, such as the job name being corrupted. If you are working in this
type of mixed environment, you should consider not using banner pages.
Medium: The medium (form) on which jobs can be printed without
stopping the printer to mount a different medium (form). The default on
the printer is Any Medium, which allows jobs to be printed using the
currently mounted medium regardless of media specified in the job data.
If a medium is specified for this configuration, and a different medium
(anything other than Any Medium) is mounted on the printer, this
condition will cause the printer to pause for the given amount of time
(default is 15 minutes) or until the new media is mounted. If this Job Wait
Time expires, the job is placed on hold and returned to the spooling area.
Media are mounted by the administrator or Operator at the Printer
Control/Control pull-down menu of NetWare Administrator.
Job Hold Properties
Operator Hold. Jobs do not print until the Operator releases them.
User Hold. Jobs do not print until the user who submitted the job releases
it.
Delay Printing Until. Jobs do not begin printing until the time and date
specified.
Pause Printer on Job Start. Force the printer to pause at the beginning
of jobs submitted using this configuration. The message entered is sent to
the printer Operator. Only an Operator can release the pause. (By default,
the printer will resume printing after a 15-minute pause if an Operator
does not intervene. This setting can be changed at the server console by
changing the Configuration setting Job Wait Time.)
Pause Printer on Job End. Force the printer to pause after printing each
job that is submitted using this configuration. The message entered is sent
to the printer Operator. Only an Operator can release the pause. (By
default, the printer will resume printing after a 15-minute pause if an
Managing Printers

103-000137-001
August 31, 2001
Novell Confidential
79
Manual
99a
38
July 17, 2001
Operator does not intervene. This setting can be changed at the server
console by changing the Configuration setting Job Wait Time.)
Retain Job No Longer Than. The maximum amount of time that jobs
using this configuration can be retained after printing before being
deleted (Minutes, Hours, Days, Years). By default, jobs are not retained.
Retain Job For. The amount of time that a job using this configuration
should be retained (regardless of when it is printed) until it is deleted
(Minutes, Hours, Days, Years).
Event Notification Properties
By specifying event notification for a printer configuration, you allow job

owners to receive notification of printer or job events that occur during the
processing and printing of a job. Notification configured in this way is sent by
pop-up message box only.
Print job notification allows you to designate the event types for which
notification messages should be generated (warnings, errors, or reports). For
more information, see Optimizing Event Notification on page 82.
In NetWare Administrator, administrators can use the Access Control feature
to configure event notification for interested parties, that is, non-job-owners
you wish to be notified of specific events. See Configuring Interested-Party
Notification on page 84 for more information. At the workstation, individual
users can use the Novell Printer Manager to configure event notification
pertaining to their own jobs only. See Configuring Job-Owner Notification
Modifying Configurations
To modify an existing configuration, complete the following procedure.
1 At the main NDPS Printer Details window in NetWare Administrator,
click the Configuration button.

2 In Printer Manager, select the printer you want to work with and then
select the Printer/Configuration option.

The Printer Configurations window lists the default printer configuration
and any other configurations that have been created for this printer in
NetWare Administrator.
3 Select the configuration you want to modify and click Modify.
80

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
4 Assign the configuration properties you want for print jobs.
For specific information about these tabs, see Configuration Options on

page 78.
If you want to lock certain configuration properties so that workstation
users cannot modify them, see Setting Configuration Locks on page 81.
5 Click OK in the Printer Configuration dialog box.
6 Click OK in the NDPS Printer Details dialog box.
Your changes will not be saved until you have done this.
Setting Configuration Locks

Properties of the Default Printer Configuration can be locked by the
administrator to be nonconfigurable; that is, they cannot be modified or
overridden by the user. Locked properties can be either of the following:
Maximum limits. Certain properties, those that specify limits, are always
locked: Maximum Copies, Maximum Priority, and Retain Job No Longer
Than. Even if the Manager does not specify a limit for these properties,
they are grayed out and inaccessible to users who are modifying their own
configurations.
These properties relate to a range in which the maximum value in that
range is specified. For example, if the default configuration has a locked
property limiting the maximum number of copies of a job that can be
printed to five, any number of copies up to five is allowed, but a job
calling for 10 copies will be rejected.
Individual locked properties. Many properties are tied to a specific
setting. For example, you can lock the priority of jobs to be printed using
this configuration, or designate a specific banner page that must be used
when jobs are submitted.
Once a default configuration property has been locked, it will be locked for all
jobs submitted to that printer and for all new configurations created for that
printer as well, whether that configuration has been created with NetWare
Administrator or by a workstation user when creating a new configuration for
an installed printer.
Any job submitted to an old configuration must conform to the new locked
property or the job will be rejected.
Managing Printers

103-000137-001
August 31, 2001
Novell Confidential
81
Manual
99a
38
July 17, 2001
Use the following procedure to lock one or more properties for a printer.
2 Browse to and select the printer you want to lock a property on.
3 Click the Configuration tab.
4 Check the check boxes of the properties you want to lock.
5 Click OK.
Optimizing Event Notification

In NetWare Administrator, administrators can configure event notification for
users who want to be notified of a defined printer or server event that occurs
during the processing and printing of a job.
For example, the administrator for a specific printer (by default a Manager of
that printer) can designate an Operator to be notified if the printer runs out of
paper or if the toner is low.
Notification Types
In NetWare Administrator, administrators can configure two types of event
notification:
Job-owner notification. You can configure event notification for job
owners only through the printer's Configuration dialog box. When
notification is part of a configuration, the owner of a job submitted to a
printer with that configuration will receive the notification specified. For
more information, see Configuring Job-Owner Notification on page 83.
At the workstation, individual users can use the Novell Printer Manager
to configure event notification pertaining to their own jobs.
Interested-party notification. You can use the Access Control
Notification feature to configure notification to be sent to a printer's
Managers, Operators, or other interested parties about specified events,
normally those that require intervention of some kind.
Because this feature is tied to the Printer Access Control feature, it allows
you to restrict the list of individuals who will be receiving this notification
as much as you want. For more information, see Configuring InterestedParty Notification on page 84.
82

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Delivery Methods
The availability of the following delivery options are dependent on which of
them you have enable. See Enabling Event Notification Delivery Methods
Pop-up notification. Messages will pop up on the screen of individuals
designated to receive them. Users designated for pop-up notification must
have a default server defined in their User Environment specified in
NetWare Administrator. They also must be currently authenticated to that
server or they will not receive notification.
SMTP notification. Messages will be sent to the recipient through SMTP
(Simple Mail Transfer Protocol) in IP-based systems.
Log file notification. Messages are written to a file at a designated
location on a NetWare server that the recipient has rights to. This is
especially useful for keeping a record of printing events for auditing
purposes (such as job completions, how often the toner ran out, etc.).
Programmatic notification methods. Two programmatic notification
delivery methods are shipped with NDPS: SPXTM and RPC.
Third-party notification methods. The open architecture of NDPS
allows third parties to develop additional delivery methods.
Configuring Job-Owner Notification

Job-owner notification can be configured for specific print jobs or for printer
configurations. This section provides procedures for each method.
Notification for Specific Print Jobs
Configuring notification for a specific print job can be done as follows.

1 From the main Printer Control view of the printer's Details page, click
Jobs/Job List.
2 (Conditional) If you want to see a list of jobs being retained and not
currently scheduled for processing, click Show Retained Jobs.

3 Click Options and select Configurations from the drop-down list.
4 Click Notification.
5 Select the notification methods and events you want.
6 Click OK.
Managing Printers

103-000137-001
August 31, 2001
Novell Confidential
83
Manual
99a
38
July 17, 2001
Notification for a Configuration
The following procedure explains how to configure job-owner notification by

modifying an existing configuration. You can also configure job-owner
notification when creating a new configuration.
1 In NetWare Administrator, select the printer that you want to configure.
2 Click the Configuration button.
The Printer Configurations window lists the default printer configuration

and any other configurations that have been created for this printer in
NetWare Administrator.
3 Select the configuration you want to modify and click Modify.
4 Click the Notification tab.
5 Click the icon representing the method you want to use.
7 Click OK.
Configuring Interested-Party Notification

The following procedure allows you to specify the users who will receive
event notification for a NDPS Printer object, the method of notification, and
the types of events they will receive notification for.
1 In NetWare Administrator, select the Printer you want to configure.
2 Click the Access Control button.
Three roles are available: Manager, Operator, and User.

3 Select the role you want to configure Access Control notification for.
4 Select the object you want to configure notification for and click
Notification.
5 Click the icon representing the method you want to use.
7 Click OK.
84

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Setting Print Job Spooling

Although NDPS has eliminated the need to send print jobs through queues,
jobs submitted to NDPS printers will often need to be stored somewhere when
the printer is already processing other jobs or when the job is on hold or retain
status. Job spooling allows you to specify where you want jobs to be stored
while they await processing.
By default, the spooling area for a printer is located on the same volume as the
database for the NDPS Manager supporting that printer. However, the
Spooling Configuration option allows you to spool jobs to a different location
through the following procedure.
Job spooling as used by NDPS offers greater simplicity and management
convenience than queue-based printing. In NDPS, spooling requires only that
a directory be designated where jobs can be stored while awaiting processing.
You can modify job spooling at any time, even when a job is already being
processed.
The following procedure explains how to optimize job spooling.
2 Browse to and select the printer you want to enable Access Control for.
3 Click Configuration > Spooling.
4 Modify the spooling information.
Spooling Location: Specify the path where print job data will be stored
while waiting to be printed. By default, the spooling area for a printer will
be located in the same volume as the database for the NDPS Manager
supporting that printer.
Available Disk Space: The amount of disk space available on the
volume.
Limit Disk Space: To limit the amount of disk space to be used for
spooling, check the check box and sent the limits you want.
Spooling Space: The total amount of disk space in kilobytes (KB) you
want to set aside for print job spooling.
Retained Job Space: The amount of disk space in kilobytes (KB) you
want to set aside for holding retained print jobs. This amount should be
sufficiently less than the total spooling space to ensure that new print jobs
can be processed efficiently.
Managing Printers

103-000137-001
August 31, 2001
Novell Confidential
85
Manual
99a
38
July 17, 2001
There are four common job scheduling algorithms available: First In,
First Out, Print Shortest Job First, Minimize Media Changes, Backward
Compatibility.
5 Click OK.
Supporting Queue-Based Client Workstations

If your network includes clients like Macintosh and OS/2 that are not able to
send jobs to Printer Agents directly, the backward compatibility of Novell
Distributed Print Services (NDPS) allows these clients to submit jobs to the
same queues they always have. Then the Printer Agent can retrieve jobs from
these queues and print them.
If you want a printer to service legacy queues, here's how to set it up.
1 In iManage click iPrint Management > Manage Printer.
3 Click Client Support > QMS Support.
4 Modify (add to/delete from) the Service Jobs from NetWare Queues list.
5 Click OK or Apply to save the settings.
86

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

necessary, you will probably want to modify some of those settings so that you
can manage your printing resources most effectively.
Optimizing Fault Tolerance on page 87
Moving the NDPS Manager on page 88
NDPS Manager Startup Switches on page 89
Optimizing Fault Tolerance

The NDPS Manager uses a database to store information about the printers it
controls. This database is backed up and replicated in eDirectoryTM. The
database is automatically backed up, by default, once a day. You can modify
the backup options or manually backup the database using server console
interface for the Manager.
If the database fails to load through normal mechanisms, you can retrieve the
database from eDirectory and load the NDPS Manager on any other server in
IMPORTANT: You cannot restore a database from eDirectory to the same server
that it was backed up from. In order to restore a database from eDirectory to its
original source server, you must first restore it to a different server, and then back
the database up to eDirectory from that server. You can then restore it to its original
server.
Place Book Title Here

August 31, 2001
Novell Confidential
87
Manual
99a
38
July 17, 2001
Modifying the Database Backup Options

1 At the server console, go to the Available Options menu for the NDPS
Manager.
2 Select NDPS Manager Status and Control > Database Options.
3 Modify the desired settings.
4 Escape back out to the Available Options menu.
Restoring a Database from eDirectory

1 At the server where you want to restore the database, enter
load ndpsm /dbvolume

See NDPS Manager Startup Switches on page 89 for more information.
2 Select the name of the NDPS Manager whose database you want to
restore.
If the server with the original database is up and running, its name will
appear in this menu. If the server is down, no server name will appear
here. The only Source option available will be eDirectory (existing jobs
will be lost).
3 Select the source of the backup you want to restore.
In most cases, you will be selecting eDirectory as the source.

You will be prompted to select a volume.
4 Select the volume where you want the database placed.
The restored database is then copied to the location you selected.
Moving the NDPS Manager

Sometimes it is necessary to move the NDPS Manager from one server to
another. If you assigned a DNS name to the NDPS Manager, you should
update the DNS entry with the new IP Address the Manager is running on.
1 If the NDPS Manager is currently running, exit the Manager.
WARNING: All printing associated with this NDPS Manager will cease and waiting
print jobs will be lost.
2 At the other server console enter
load ndpsm
88

August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If you need to use a startup switch, see NDPS Manager Startup

Switches on page 89.
3 Select the NDPS Manager object you want to load.
A specific NDPS Manager can run only once.

You will be prompted to download the database, and the Manager will
start running.
NDPS Manager Startup Switches

Syntax :
load ndpsm NDPS_Manager_name_and_context /startup
parameter
Example:
load ndpsm .sales_manager.corp.acme /
dbvolume=sales_sys
The following table lists the startup switches you can use when loading
NDPSM.NLM.
Startup Parameter
Description
nodatabase
Load the NDPS Manager without

opening the database. The Database
Options menu is displayed which lets
you examine, backup, restore,
resynchronize, and uninstall the
NDPS Manager database. See
Understanding the NDPS Manager
on page 24 for more information
about the NDPS Manager database.
noipx
The NDPS Manager will not support

the IPXTM protocol.
noip
The NDPS Manager will not support

the IP protocol.

August 31, 2001
Novell Confidential
89
Manual
99a
38
July 17, 2001
Startup Parameter
Description
dbvolume=full_DNS_volume name
Download the database from NDS

and reconnect pointers to the local
server where the command is
executed. This is useful for moving
the NDPS Manager to a new volume.
dbvolume=nocheck
The NDPS Manager will not validate

that the database volume is local.
This is used with Clustering.
setens=broker_name
Set the Event Notification Service to

the specified broker for all printers
associated this NDPS Manager.
setrms=broker_name
Set the Resource Management

Service to the specified broker for all
printers associated this NDPS
Manager.
qloadbalance
The NDPS Manager evenly

distributes the waiting print jobs
among printers that are ready. This is
used when pooling printers.
iprinton
The IPP attribute is turned on for all

printers associated with the
associated NDPS Manager.
dnsname=NDPSM_DNS_name
This sets a DNS name to an NDPS

Manager object. You will need to
include the DNS information in your
DNS lookup tables.
If you included the DNS Name before
deploying printing with this manager,
then you can easily move the NDPS
Manager to another server without
disrupting printing.
NOTE: The DNS name must be
assigned before printing on the NDPS

Manager is deployed.
90

August 31, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Managing the Broker

necessary, you will probably want to modify some settings so that you can
manage your printing resources most effectively.
Adding or Updating Brokered Resources on page 91
Adding Banner Pages on page 92
Adding or Updating Printer Drivers on page 96
Enabling Event Notification Delivery Methods on page 97
Enabling and Disabling Brokered Services on page 98
Reconfiguring an NDPS Broker on page 99
Broker Startup Switches on page 101
Adding or Updating Brokered Resources

The following procedure explains how to add banner pages, printer drivers,
and printer definition (NPD) files to the resource database available through a
Broker's Resource Management Service.
Resources cannot be installed from multiple diskettes. If a printer driver or
other resource is shipped on more than one diskette, copy the files to a
directory on a hard disk or network drive and install it from there.
Managing the Broker

103-000137-001
August 31, 2001
Novell Confidential
91
Manual
99a
38
July 17, 2001
To add new resources through the Resource Management Service, do the

following.
1 Make sure the Resource Management Service is enabled either in
iManage or by going to your server console and viewing the Broker status
screen.
2 In iManage, click Manage Broker and then browse to and select the
Broker you want to work with.

3 Click Resource Management Service and then the resource you want to
work with.
4 Add or delete resources.
5 Click OK.
Adding Banner Pages

Banner pages are pages that are printed at the beginning of a print job and that
normally contain job identification information. In NDPS, banner pages can
be configured for PostScript*, PCL*, and text formats.
NDPS provides you with a variety of options for creating and selecting banner
page designs. You can choose from several ready-to-use banner page designs,
or you might create a unique design that includes your company's logo, a
drawing, or even a photograph.
When you add a new banner, it will be immediately available for printer
configurations. If you want a banner page to be printed, you can select which
banner design you want to use at the General tab on the Configuration page.
The Configuration page lists only banners available in the format your printer
supports. For example, if you are using a PostScript printer, only banners in
PostScript format will be available at the General configuration page.
Each banner page includes the following information in an information box at
the bottom of the page: Job Name, Job Owner, Time Printed, Date Printed.
If your client, printer, and server are not all configured for the same language,
you might experience problems with the output of your banner pages, such as
the job name being corrupted. If you are working in this type of mixed
environment, you should consider not using banner pages.
Banners are added to the resource database through the Broker's Resource
Management Service.
See the following topics for information about specific tasks associated with
using banners.
92

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Adding Banners to the Resource Management Service

screen.
2 In iManage, click Manage Broker and then browse to and select the
Broker you want to work with.

3 Click Resource Management Service > Banners.
4 Add or delete banners.
5 Click OK.
What Printer Types Support What Kind of Banner

A list of supported banners is supplied by both the Novell Gateway (through
the PDS) and third-party gateways. The gateway first determines which file
extension (.PCL, .PS, or .TXT) is appropriate for the way the Printer object (or
Printer Agent) was configured during creation. It then queries the associated
Broker for a list of banner page files with that extension. For a list of formats
supported by a specific NDPS printer, go to the main Printer Details page and
click the Features button.
Creating Banner Files

Administrators with knowledge of printer languages can create custom
banners for use with NDPS. NDPS currently supports three types of custom
banners:
PCL (.PCL extension). See Creating a PCL Banner on page 94.
PostScript (.PS extension). See Creating a PostScript Banner on page
95.
Generic text (.TXT extension). See Creating a Generic Text File on
page 95.
Managing the Broker

103-000137-001
August 31, 2001
Novell Confidential
93
Manual
99a
38
July 17, 2001
All custom banners that are created should have one of these extensions.
When creating custom banners, keep in mind that complex banners will
increase the print time for jobs. Here are some tips for creating an efficient
banner:
Use internal/resident printer fonts instead of rasterized system fonts.
When using graphics, use vector graphics when possible. Bitmaps take up
a lot more space.
Avoid half-toned images.
Creating a PCL Banner
A working knowledge of the Hewlett Packard* (HP*) PCL printer language

is needed in order to create a custom PCL banner. The easiest way to create a
PCL banner is to create the banner using an application like WordPerfect or
MS Write. Be sure to leave the lower third of the custom banner page blank
because NDPS will overlay the following information in a PCL banner page:
Job Name
Job Owner
Time Printed
Date Printed
1 After formatting the banner page, print the banner document to a file
using the appropriate PCL printer definition.

The driver properties will have to be changed from printing to a port/
network to printing to a file on disk. All PCL banners must have the .PCL
extension.
2 Remove the form feed and reset commands in the file that was printed to
disk.
You will need a binary editor to remove the form feed and any reset
commands from the file. The form feed and reset commands will be in the
overlay that NDPS provides. A form feed in PCL is a decimal 12 (hex
0C). There are several possible reset commands that need to be removed.
Decimal 27, 69 (hex 1B,45) is the printer reset in PCL. The following
Universal Exit Command (UEL) also needs to be removed:
Decimal 27,37,45,49,50,51,52,53,88
(Hex 1B,25,2D,31,32,33,34,35,58)
Once the form feed and reset are removed, you have a banner file that can
be used with NDPS.
94

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
3 Add the banner to the Resource Management Service.
See Adding or Updating Brokered Resources on page 91 for more

information.
Creating a PostScript Banner
A working knowledge of the Adobe* PostScript printer definition language is

needed in order to create a custom PostScript banner. The easiest way to create
a PostScript banner is to create the banner using an application like
WordPerfect or MS Write. Be sure to leave the lower third of the custom
banner page blank because NDPS will overlay the following information in a
.ps banner page:
Job Name
Job Owner
Time Printed
Date Printed
1 After formatting the banner page, print the banner document to a file
using the appropriate PostScript printer definition.

The driver properties will have to be changed from printing to a port/
network to printing to a file on disk. All PostScript banners must have the
.PS extension.
2 Using a text editor, remove the PostScript operator called showpage from
the file that was printed to disk.

The driver will probably have a procedure that includes the showpage
command. (The showpage command will be in the overlay that NDPS
provides.) Sometimes showpage is embedded in another function within
the driver and you will have to use care in removing it.
3 Add the banner to the Resource Management Service.
See Adding or Updating Brokered Resources on page 91 for more

information.
Creating a Generic Text File
A generic text banner must have a .TXT extension. The banner can be
formatted in any printer language. NDPS will not overlay any additional
information on this banner page.
Managing the Broker

103-000137-001
August 31, 2001
Novell Confidential
95
Manual
99a
38
July 17, 2001
Adding or Updating Printer Drivers

A printer driver is a software entity that directly supports a physical printer,
enabling it to carry out the functions it is intended to perform.
Hardware vendors develop printer drivers, which are specific to each printer.
Most printers require different printer drivers for each operating system they
interact with. NDPS allows you to view a complete list of printer drivers
currently loaded in the Broker's Resource Management Service (RMS)for
Windows, and to add additional printer drivers from diskettes and Windows
.CAB files.
NDPS ships with only English-language drivers. To make drivers in other
languages available for installation on workstations, you will first need to add
those drivers to the RMS through the procedure described in this section.
While the majority of printer drivers in common use today can be used with
NDPS, some cannot. A few drivers do not work on a network at all, while
others might not contain an index file or have an index file that is incorrectly
formatted. If you attempt to add a printer driver to the Resource Management
Service from a diskette and receive an error message stating that a printer
driver cannot be found, you should contact the driver's vendor.
Prerequisite
Printer drivers cannot be installed to the Resource Management Service from
multiple floppy disks. If a printer driver is shipped on more than one disk,
copy the files to a directory on a hard drive or network drive and install the
driver from there.
Procedure
screen.
2 In iManage, click Manager Broker and then select the Broker you want to
work with.
3 Click Resource Management Service and then the type of printer driver
you want to add.

4 Add or delete printer drivers to the list.
96

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
When adding a resource, you will need to browse to the location of the
print drivers .INF file. If the file contains multiple print drivers, you will
need to select the drivers you want to add to RMS.
5 Click OK or Apply to save your changes to the database.
The drivers will not be added to the database until you do this.
The process described above might not work if the driver installation .INF file
uses subdirectory paths in filename designations within the copy files sections
of the .INF file. This format is not currently supported by NDPS. There are
two possible solutions for this problem:
Look for an .INF file that does not use this format for filenames. Often
one may exist in a subdirectory of the installation disk.
Edit the .inf file and remove path information from filenames. Then
ensure that all the files are in the same directory as the .INF file.
Enabling Event Notification Delivery Methods

The NDPS Broker provides an Event Notification Service (ENS) that allows
printers to send customized notifications to users and operators about printer
events and print job status. ENS supports a variety of delivery methods,
including pop-up messages, log files, e-mail and programmatic. Third parties
can also develop additional methods.
The Event Notification Service allows you to enable delivery methods such as
e-mail and third-party methods not provided directly with NDPS. The
executable files for these methods have an .ENM extension (filename.ENM)
and must be added to the server\SYS:SYSTEM directory or another location
in the server's search path.
For more information about Event Notification, see Understanding the Event
Notification Service on page 29.
1 Be sure the Event Notification Service is enabled by going to your server
console and viewing the Broker status screen.

2 In NetWare Administrator, select the Broker you want to work with.
3 Select the Event Notification view.
4 Click the Load or Unload button.
WARNING: Do not unload the RPC and SPXTM Programmatic Notification
methods. These are needed for communication between printers and the
workstation Printer Manager utility to occur and for driver download to take place.
Managing the Broker

103-000137-001
August 31, 2001
Novell Confidential
97
Manual
99a
38
July 17, 2001
5 Specify the ENM filename for the notification method you want to load.
This ENM must be in your server\SYS:SYSTEM directory or in another

location in your server's search path in order to be loaded.
The Broker object will load this notification method automatically in the
future.
Enabling and Disabling Brokered Services

When NDPS is initially installed, the three network services provided by the
NDPS Broker are automatically enabled on the Broker object. As your
printing needs grow or change and you add additional Brokers to your
network, you might want to disable certain services provided through a Broker
on a specific server and allow them to be provided through a different Broker
(to save disk space on the first server, for example), or you might want to
enable services on a Broker that are currently disabled. This procedure
explains how these tasks are performed.
1 In NetWare Administrator, select the Broker object you want to work
with.
2 Click the button for the service you want to enable or disable.
3 At the Service Status line, select either Enable or Disable.
The service is now either enabled or disabled. If disabled, services will

need to be provided by a different Broker.
Printer Agents using the services that were disabled will automatically
search for another Broker on the network that will provide these services,
so normally these printers should continue to be available for processing
jobs.
However, if you want to specify a preferred Broker for a Printer Agent to
use for these services, you must do this from each NDPS printer's Printer
Control page in NetWare Administrator by selecting Features/Services.
If a Broker is unloaded and then is brought back up, Printer Agents that
have designated that Broker as their preferred service provider will not be
automatically reconnected to it. In order to reconnect to the preferred
service provider, you must either unload each Printer Agent and bring it
back up, or unload the NDPS Manager that controls the affected Printer
Agents and bring it back up, thus bringing up all the Printer Agents with
it.
98

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
If the Resource Management Service cannot be enabled, check for one of

the following problems:
The Broker object does not have rights to access the RMS data
storage area (the default is NDPS\RESDIR\). Use NetWare
Administrator to grant the Supervisor right to the Broker for that
subdirectory.
The RMS data storage area has a directory name that is longer than
eight characters or includes invalid characters.
Reconfiguring an NDPS Broker

In most instances, the default configuration for the three support services it
provides will result in satisfactory performance. However, in certain
circumstances you might want to change that configuration. Here are a couple
of examples:
As you gain experience with your NDPS setup, you might want to
reconfigure the default properties assigned to the Broker.
If disk space on your volume is limited, you might want to move the
managed resources database accessed by the Resource Management
Service to a different volume on the same server or to a different server in
the same eDirectory tree where more disk space is available. (The default
location for the RMS resources is server\SYS:NDPS\RESDIR\)
Prerequisites
To reconfigure a Broker, you must have at least Read, Write, and Modify
rights for the container where the Broker resides.
If you change the location of your Resource Management Service
database, you need to have rights to the new location.
If you change the location of your Resource Management Service
database, you need to have an existing Resource Management Service
database directory to point to when you specify the volume for the RMS
during this process. The path you specify must point to a directory that
currently exists and that already contains resources. (The RMS data
storage area must not have a directory name that is longer than eight
characters or includes invalid characters.) If you point to an empty
directory, you will receive an error message from the server when loading
Managing the Broker

103-000137-001
August 31, 2001
Novell Confidential
99
Manual
99a
38
July 17, 2001
the Broker saying that the Broker cannot be enabled. (You can copy
resources from another RMS to this directory if you want.)
Procedure
The following procedure explains how to reconfigure an existing Broker
object or move your brokered resources to a different location.
1 In NetWare Administrator, select the Broker object you want to
reconfigure.
2 If you want to change the location of your resources, complete the
following:
2a Click Resource Management.
2b Enter in the resource path you want to use for storing these resources.
You might need to assign the Broker all rights (Supervisor right) to
the new area.
3 If you want to modify the Access Control list, click Access Control and
add or remove users from the Managers list.

See Managing the Broker on page 91 for more information.
4 If you want to enable or disable your Service Registry, click Service
Registry Service.
See Enabling and Disabling Brokered Services on page 98 for more
information.
5 If you want to load or unload Notification methods, click Event
Notification.
See Enabling Event Notification Delivery Methods on page 97 for
more information.
100 Novell Distributed Print Services Administration Guide

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Broker Startup Switches

Syntax:
load broker broker_name_and_context /
startup_parameter
Example:
load broker .sales_manager.corp.acme /
dbvolume=sales_sys
The following lists the startup switches you can use when loading
BROKER.NLM.
Startup Parameter
Description
noui
Loads the Broker without displaying the user

interface.
noipx
The NDPS Manager will not support the IPXTM

protocol.
noip
The NDPS Manager will not support the IP

protocol.
allowdup
The NLMTM will not check for two brokers using the
same Broker object.
Managing the Broker 101

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38

103-000137-001
August 31, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
Managing Printing Security

NDPS is designed to take full advantage of eDirectoryTM. You receive all the
benefits of eDirectory security and the easy management provided by the
industry's most advanced and robust directory service. The Access Control
feature for NDPS allows you to specify the access each User, Group, or
container object will have to your NDPS printing resources.
Access control roles are mutually exclusive, even though the same individual
might need to perform tasks reserved for different roles. For example, only
printer Managers can add or delete printer Operators or printer Users. In a
similar way, Managers and Operators must also be designated as Users for a
printer before they can submit print jobs to it.
In actual implementation, the NDPS defaults prevent most problems that
might occur from these distinctions. For example, a printer Manager is
automatically designated an Operator and User as well, while an Operator of
a printer is automatically designated a User of that printer also. You cannot
remove the User role from an Operator, and you cannot remove the Operator
and User roles from a Manager.
The creator of an NDPS object is automatically granted privileges for all
available roles for the type of object being created.
The following sections illustrate some of the security issues and features you
might find useful as you plan your NDPS setup.
Setting Printer Security Levels on page 104
Setting Access Control for NDPS Printers on page 105
Setting Access Control for NDPS Manager on page 108
Setting Access Control for NDPS Brokers on page 110
Managing Printing Security 103

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Setting Printer Security Levels

Printer security levels affect how rights to a printer are determined and
enforced. The default security level is Medium. With sensitive print data, you
might want to set the security level to High; however, performance will be
effected.
Printer Security Level
Secure Printing Enabled
Low
Security is enforced by the client

applications only
Medium (default)
Security is enforced by NDPS

Manager if print data integrity is
involved. Otherwise, security is
enforced by the client
applications.
High
Security is enforced by the NDPS

Manager for all operations.
To set a printers security level, do the following:

3 Click the Access Control > Security.
4 Select the level of security you want for the printer.
5 Click OK or Apply to save your changes.

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Setting Access Control for NDPS Printers

Printer security is ensured through the assignment of the Manager, Operator,
and User access control roles and by the strategic placement of your printers
and printer configurations.
You can assign multiple Printer objects to represent a single Printer Agent.
You can then make different access control assignments to each Printer object.
This can be an especially useful option if you want to allow users in different
containers to use the same printer, because each group of users can be given
different rights to the printer.
A physical printer cannot be a controlled access printer and a public access
printer at the same time. However, if you delete all the Printer objects
representing a Printer Agent, that printer will become a public access printer.
The following sections discuss security options for NDPS printers in more
detail.
Printer Access Control Roles on page 105
Assigning Printer Access Control Roles through NDPS Printer Objects
on page 107
Assigning Printer Access Control Roles through User Objects on page
107
Planning Your Printer Connections and Locations for Better Security
on page 108
Printer Access Control Roles

Different User, Group, or Container objects can have different access rights to
the same printer. For example, if you want only certain users to be able to send
jobs to a particular printer, you can specify which users should have access and
what access roles each will have.
The following table describes the rights and privileges associated with each of
the NDPS Printer access control roles.

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Role
Description
Manager
NDPS tasks performed exclusively by the Printer Manager are those that
require the creation, modification, or deletion of NDPS Printer objects, as well
as other eDirectory administrative functions. Printer Managers are
automatically designated as printer Operators and Users as well, so they can
perform all tasks assigned to the Operator role. Typical Manager functions
include the following:
Modifying and deleting Printer objects
Adding or deleting Operators and Users for a printer
Adding other Managers
Configuring interested-party notification
Creating, modifying, or deleting printer configurations
Operator
Printer management tasks performed by the Operator include the following:

Performing all of the functions available through the Printer Control page
Pausing, restarting, or reinitializing printers
Reordering, moving, copying, and deleting jobs
Setting printer defaults, including locked properties
Configuring print job spooling
Operators cannot create, modify, or delete eDirectory objects or perform other
eDirectory administrative functions.
User
NDPS tasks performed by Users include the following:

Submitting print jobs
Managing print jobs they own (Users cannot copy, move, reorder, or
remove jobs they do not own)
To simplify administration, the container a printer resides in is automatically
assigned as a User for that printer, so all users in that container and its
subcontainers can use that printer without being added to the list. You can
delete the container from the list if you want to limit access to certain users,
groups, or roles.

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Assigning Printer Access Control Roles through NDPS Printer

Objects
Different User, Group, or container objects can have different access rights to
the same printer. For example, if you want only certain users to be able to send
jobs to a particular printer, you can specify which users should have access and
what access roles each will be given.
3 Click the Access Control tab.
4 Add or delete Users, Groups, or Container objects to the different Access
Control roles.
5 Click OK.
Assigning Printer Access Control Roles through User Objects

In addition to configuring access control through NDPS printers, you can also
configure access control through User objects.
The following procedure assumes that you are modifying the attributes for an
existing User. You can also adapt this procedure if you are creating a new User
object.
1 From the NetWare Administrator browser's Object menu, select the User
object you want to configure access control for, and then click NDPS
Printer Access Control.
A list of available NDPS printers is displayed with icon representations
of the three NDPS Access Control roles: User, Operator, and Manager.
2 Select the printer that you want to assign this user an access control role
for.
3 Check the roles you want this user to be assigned for this printer.
If you check Manager, this user is automatically assigned Operator and

User roles as well. Operator and User roles are assigned independently.
Keep in mind that a User object must be assigned the access control role
of User in order to submit print jobs to that printer.
4 (Optional) Click the Event Notification button to configure event
notification for this user.

5 Click OK.

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Planning Your Printer Connections and Locations for Better Security

Depending on your organization's needs, the network administrator can attach
printers directly to NetWare servers or to the network. Both types of setup
can provide security and administrative advantages. The ideal combination for
each installation is different and will change as needs change. Be sure to
consider the advantages of each approach when you set up your network.
Connecting the printer to the server places the two resources in close
proximity to each other. If the server is in a secure location, this means that the
printer is locked up with the server. This might be an advantage. For example,
your company might use that printer to print confidential documents. Having
the printer in a secure location protects these documents.
Because most printers are already network-enabled, the most common type of
network setup includes printers attached directly to the network. This allows
the printer to be placed in a convenient location for all users, and places it
away from the server for security reasons. Users who use the printer normally
will not have access to the server console. Security is still maintained by
requiring users to use a password to log in to the network before they can use
the printer.
Setting Access Control for NDPS Manager

NDPS Manager security is ensured through the assignment of the Manager
access control role.
NDPS Manager Access Control Role

The only access control role available for the NDPS Manager is that of
Manager. The following table explains the tasks performed by the Manager
role.

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Role
Description
Manager
NDPS tasks performed exclusively by the Manager are those that require the
creation, modification, or deletion of eDirectory objects, or that involve other
eDirectory administrative functions. Typical Manager functions include the
following:
Creating Printer Agents and NDPS Manager objects
Adding or deleting Operators and Users for a printer
Configuring interested-party notification
Creating, modifying, or deleting printer configurations
Assigning the Manager Role for NDPS Managers

The following procedure explains how to make Manager assignments for your
NDPS Manager objects.
1 In iManage, click iPrint Management > Manage Print Service Manager.
2 Browse to and select the Print Service Manager you want to enable
Access Control for.

4 Add or delete Users, Groups, or Containers to the Manager role.
5 Click OK

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Setting Access Control for NDPS Brokers

Broker security is ensured through the assignment of the Manager access
control role and by the optional assignment of a password to the Broker.
Broker Access Control Roles

The access control roles available to the NDPS Broker are Manager and Public
Access User. The following table explains the roles
Role
Description
Manager
NDPS tasks performed exclusively by the Broker Manager are those that
require the creation, modification, or deletion of Broker objects, as well as
those that involve other eDirectory administrative functions. Typical Manager
functions include the following:
Creating, modifying, and deleting Broker objects
Enabling or disabling brokered services
Adding resources to the Resource Management Service
Assigning or changing a Broker password
Public Access User
A public access user is a role assigned to all individuals on the network who
are users of printers receiving services and resources provided by the Broker.
This role is assigned by default and does not require specific administrative
action by the Broker Manager.
Assigning Managers for NDPS Brokers

The following procedure explains how to make Manager assignments for your
NDPS Broker objects.
1 In iManage, click iPrint Management > Manage Broker.
2 Browse to and select the Broker you want to enable Access Control for.
4 Add or delete Users, Groups, or Containers to the Manager role.
5 Click OK.

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Troubleshooting Your Print System

This chapter focuses on troubleshooting issues that might arise with Novell
Distributed Print ServicesTM (NDPS) printing. It also presents general
principles that can be of value for a variety of network printer configurations,
and it provides help for troubleshooting problems with the printer itself.
Troubleshooting Your Print System 111

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Initial Troubleshooting Steps

Chart A
NDPS Troubleshooting
INITIAL PRINTING PROBLEM
Attempt to resolve
the error and try
again.
SEE NOTE
Are
there any error
messages on printer,
server, or client?
YES
A1
NO
Try some quick

fixes.
SEE NOTE A2
Determine printing
environment.
SEE NOTE
All queue-based
SEE NOTE
A4
All NDPS
SEE NOTE
GO TO
A5
A3
Mixed NDPS and

queue-based
SEE NOTE
Don't know
A6
CHART B

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
A1. Attempt to resolve the error and try again

With many printing problems, an error will be reported on the printer, the
client trying to print, or the server. If an error condition exists, use the
information provided to try to resolve the problem and then try again. If the
error is on the printer, see your printer's operating manual.
A2. Try some quick fixes

Many times, printing problems occur due to simple or temporary conditions.
The following are some common quick-fix techniques.
If the problem is limited to a single workstation client, try the following:
Check the printer's job list to ensure the job is getting to the spooling area.
Review what has changed since the printer was working properly.
Check printer forms and job configurations.
If the problem is affecting other workstation clients, try the following:
Check Printer Information in the Novell Printer Manager for NDPS error
messages.
Look for printer error conditions (such as beeps or LCD panel lights) and
printing error messages.
Turn the printer off and on.
Check the printer's cabling.
Look for messages on the server console.
Check the printer's job list to ensure the job is getting to the spooling area.
Review what has changed since the printer was working properly.
Check printer forms and job configurations.
Search the online Novell Support ConnectionTM for known issues.
Make sure you have the most current NDPS software.

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
A3. Determining your printing environment

If there is no obvious solution to the problem, then you will need to begin
analyzing your printing system. In order to find the problem, the printing
environment being used must be identified.
NetWare provides two printing environments: the legacy queue-based printing
(see A4. All queue-based environment on page 114) and NDPS (see A5.
All NDPS environment on page 115). Either print system can be used alone
or the two can be used together (see A6. Mixed NDPS and queue-based
environment on page 115). Here are some ways to determine your printing
environment:
User. If the client platform is DOS, Macintosh, OS/2, or UNIX, these
clients are not directly supported by NDPS and can only print to a
network printer by submitting jobs to queues or use LPR printing. For
more information, see Setting Up LPR Clients on UNIX on page 69.
If the client platform is Windows, then they can be using either NDPS or
queues. Check the printer configuration under the Windows control panel
and check its network setting. Identify the network object being printed
to and determine if it is a Queue object or an NDPS Printer object.
Server files. At the server console look to see if the following are loaded:
NDPSM.NLM (the server is using NDPS)
PSERVER.NLM (the server has been, or still is, using queue-based
printing)
iManage. Load iManage and look at printing object configurations to
determine printing setup.
A4. All queue-based environment

If clients are submitting jobs to NetWare queues and the jobs are sent to the
printer through the PSERVER.NLM, then you are using queue-based printing.
Printing in a queue-based system consists of submitting jobs to a queue, from
which the print server sends the job to the printer based on the settings of the
Printer object. In queue-based printing, a problem usually occurs in one of
three general areas:
Getting the print job into the print queue
Transferring the job to the printer in the proper format
Printing the job properly

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
For more information, see Troubleshooting General Printing Problems (http:/

/www.novell.com/documentation/lg/nw51/printenu/data/hlgnvvum.html) in
NetWare 5.1 Queue-Based Print Services.
A5. All NDPS environment

If you have the new client software and are submitting jobs to the printer
through Printer Agents and a Print Device Subsystem, then you are using
NDPS. See Narrowing Your Focus on page 116 for more information.
A6. Mixed NDPS and queue-based environment

For backward compatibility, it is possible to be using both queue-based
printing and NDPS together. Here are the two ways this can happen:
Clients such as DOS, Macintosh, OS/2, and UNIX are unaware of NDPS
and are unable to submit jobs to NDPS Printer Agents directly. The clients
must therefore send jobs to a print queue. An NDPS Printer Agent can be
configured to emulate a print server and service jobs from the queue to an
NDPS printer.
Some network printers can receive jobs only from a NetWare queue and
print server (for example, remote printers). If a client is configured to
send jobs only to a Printer Agent, the Printer Agent might be configured
to transfer the job to a queue where it can be serviced by a print server.
Because two different print systems are being used, the problem could exist in
either print system. See Narrowing Your Focus on page 116 to continue.

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Narrowing Your Focus

Chart B
START HERE
Gather information
on setup and
configuration.
SEE NOTE
Send job to same

printer from other
workstation(s).
B3
SEE NOTE
B1
NO
Has
printing ever
worked with the current
configuration?
NOTE B4
YES
SEE
CHART G
NO
Can
other users print to
the printer from their
workstations?
YES
Has
workstation
printed to this printer
before?
NOTE
NO
Gather information
on setup and
configuration.
B2
YES
GO TO
CHART C

103-000137-001
August 31, 2001
Novell Confidential
SEE NOTE
B3
Manual
99a
38
July 17, 2001
B1. Send job to same printer from other workstations

Try printing to the same printer from one or more different workstation. This
will help you narrow your search to the specific workstation or to the whole
printing system.
B2. Has workstation printed to this printer before?

Has this workstation submitted jobs to this printer that printed successfully?
Is this a new setup?
Is this the first time printing was attempted from this workstation since
any changes were made?
Has this setup been working before and now is not?
If this is a new setup or a new configuration, then something might not be
configured.
If a job sent from this workstation has been printed successfully before, go to
Determining Your Platform When Problem Affects Only One Workstation
on page 118 to further track the problem.
B3. Gather information on setup and configuration

The initial setup might have been done incorrectly. Refer to Creating NDPS
Printers on page 62 for more information.
B4. Has printing ever worked with the current configuration?

Have any users been able to print jobs from their workstations using this
configuration? Determine the following:
Is this a new setup?
Is this the first time printing since any changes were made?
Has this setup been working before and now is not?
If this is a new setup, or a new configuration then something might not be
If other users have been printing successfully, then go to Tracking Jobs from
a Workstation on page 123 to further track the problem.

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Determining Your Platform When Problem Affects Only

One Workstation
Chart C
DETERMINE WORKSTATION'S PLATFORM
DOS, Mac, UNIX

(legacy, non-NDPS
clients)
Windows
GO TO
NO
Are
queues being
serviced by an NDPS
printer?
NOTE C1
Don't know.
SEE NOTE
C4
YES
Go to
Troubleshooting
General Printing
Problems in QueueBased Print
Services.
SEE NOTE C2
Go to Chart H.
SEE NOTE
C3

103-000137-001
August 31, 2001
Novell Confidential
CHART D
Manual
99a
38
July 17, 2001
C1. Are queues being serviced by an NDPS printer?

Clients running on DOS, Macintosh, OS/2, and UNIX platforms are either
queue-based, meaning that they print to network printers by redirecting jobs
to a queue, or set up for LPR printing. You will need to determine whether the
network printer is being serviced by a queue-based print server (such as
PSERVER.NLM) or if NDPS is redirecting jobs through a Printer Agent.
C2. All queue-based printing

If clients are submitting jobs to a queue that is being serviced by a print server,
then the printing environment is all queue-based. For more information, see
Troubleshooting General Printing Problems (http://www.novell.com/
documentation/lg/nw51/printenu/data/hlgnvvum.html) in NetWare 5.1
Queue-Based Print Services.
C3. Queue-NDPS integration

The clients are unaware of NDPS and are unable to submit jobs to NDPS
Printer Agents directly. The clients must therefore send jobs to a print queue.
An NDPS Printer Agent can be configured to emulate a print server and
service jobs from the queue to a NDPS printer. See Supporting Queue-Based
Client Workstations on page 86 for more information. Then go to Printing
Problems Affecting All Users on page 128.
C4. Look in iManage for NDPS Printer objects

Load iManage and look to see if any NDPS Printer objects are defined.
If no NDPS Printer objects are defined, there should be a Print Server
object. Check the configuration of the print server to if the queue is
configured to be serviced by it.
If there are NDPS objects defined, look at the Printer objects to see if they
are configured to emulate a print server and service jobs from a queue.

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Isolating Printing Problems Affecting Only One

Windows Workstation
Chart D
START HERE
Check Status of
printer in Windows
Control Panel.
SEE NOTE D1
Status is good.
Check to see what

network object
installed printer is
servicing.
SEE NOTE
Printer is set for

working offline
D9
SEE NOTE
SEE NOTE
Are
queues going to
an NDPS printer?
D3
NOTE
Status is not good.
NO
D6
Go to Chart H.
SEE NOTE
CHART E
D7
Go to
Troubleshooting
General Printing
Services.
SEE NOTE D8
Determine problem
from error message.
SEE NOTE
D10
D5
YES
GO TO
SEE NOTE
Netware Queue
object
Check Status of
printer in NDPS
Printer Manager.
Status is good.
Other possibilities
D2
NDPS object
(controlled access
printer or public
access printer)
SEE NOTE
Status is not good.
D4

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
D1. Check status of printer in Windows Control Panel

Printing from a Windows environment introduces several complexities which
might or might not be related to the network or the printer. Some problems can
be found and resolved right in the Windows environment. Check the status of
the printer in the Windows Control Panel to see if any problems are evident.
D2. Check to see what network object the installed printer is

servicing
Determine the network object print jobs are being redirected to.
1 Select the Printers folder from the Windows Control Panel or the Start/
Settings menu.
2 Select the installed printer and click File/Properties (or use the right-click
Properties option).
3 Click the Details tab.
4 Look at Print to the Following Port.
Identify the network object being printed to and determine if it is a Queue

object or an NDPS Printer object.
D3. Check status of printer in NDPS Manager

If the job did not appear in the job list, view information about the specific
installed printer using the NDPS Health Monitor.
D4. Determine problem from error message

D5. NetWare queue object

This printer is queue-based, meaning that the print driver prints to network
printers by redirecting jobs to a queue.

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
D6. Are queues going to an NDPS printer?

The next thing you need to know is whether the network printer is being
serviced by a queue-based print server (such as PSERVER.NLM) or if NDPS
is redirecting jobs through a Printer Agent. Load iManage and look to see if
any NDPS Printer objects are defined.
If no NDPS Printer objects are defined, there should be a Print Server
object. Check the configuration of the print server to see if the queue is
configured to be serviced by it.
If there are NDPS objects defined, look at the Printer objects to see if they
are configured to emulate a print server and service jobs from a queue.
D7. Queue-NDPS integration

The clients are submitting jobs to a print queue which is then being serviced
by NDPS Printer Agents. See Problems Integrating with Queue-Based
Components on page 132 for more information.
D8. All queue-based printing

If clients are submitting jobs to a queue that are being serviced by a print
server, then the printing environment is all queue-based. For more
information, see Troubleshooting General Printing Problems (http://
www.novell.com/documentation/lg/nw51/printenu/data/hlgnvvum.html) in
NetWare 5.1 Queue-Based Print Services.
D9. Printer is set for working offline

Under certain circumstances, the printer might be set for working offline. This
can happen if Windows loses communication with the network, for example.
A user can also set it offline. If the printer is set to work offline, reset it to
online and try to print. If you cannot set the printer to online, then Windows
has lost communication with the network print system. Reboot the
workstation and if the condition still exists, check the client's connection to the
network.
D10. Other possibilities

Other negative status flags.

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Tracking Jobs from a Workstation

Chart E
START HERE
Pause output of
NDPS printer.
SEE NOTE
E1
Resend the print

job.
Check job list in

NetWare
Administrator.
SEE NOTE
SEE
CHART F
SEE NOTE
No
E2
Yes
Does print job appear

in the job list?
Resume printer
output.
SEE NOTE
E3
E6
No
Is job still in
job list?
Recheck the job list.
No
Yes
Yes
SEE NOTE
Did job print?
E5
SEE NOTE
E4

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
E1. Pause output of NDPS printer

One method of troubleshooting is putting stops in the printing process and
then resending a job and testing how far in the process the job gets. The first
stop you can make is pausing the printer output.
Pausing printer output is a common technique used when troubleshooting
printing; it forces NDPS to spool your print job and save it as a file. Stopping
and evaluating the printing process midway helps you to identify early
problems and limits your troubleshooting to a few components.
To pause printer output for a controlled access printer, do the following:
1 Locate the NDPS Printer object in iManage.
2 Double-click the NDPS Printer object to open its Details page.
3 Click the Pause Output button.
The Pause Output button changes to a Resume Output button.
E2. Check job list in iManager

You can view the job list for a NDPS printers from iManage, the server
console, or the workstation Printer Manager. To view the job list from
iManage, see Managing Print Jobs on page 71.
The job list for a public access printer can be viewed from either the server
console or the Novell Printer Manager.
E3. Resume printer output

To resume printer output for a controlled access printer, do the following:
1 In iManage, click Manage Printer and then select the NDPS printer you
want to control.
2 Click the Resume Output button.
The Resume Output button changes to a Pause Output button.

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
E4. Job printed this time but nothing was changed

If the job printed now, there is no authoritative explanation as to why it didn't
print the first time. If you followed these steps, no configurations have been
changed; the job was only paused and released. Try printing the job again and
see if normal printing continues. If not, try pausing the printer again and see if
any other symptoms occur.
E5. Job did not print and is still in the job list
If the job does not print and is still in the job list, then check for job holds,
delays, and priority settings.
E6. Job did not print but is no longer in the job list
If the job did not print, but it is not in the job list, then the job was sent to the
printer and no error was reported back to the system. Check these issues:
Are you are checking the correct physical printer?
Are you are using the correct print driver in your application?
Are your drivers and printers talking the same language (for example
Postscript or PCL)?

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Checking Printer Output and Using Test Files

Chart F
START HERE
Check availability of
network printer.
SEE NOTE
F1
Pause output of
NDPS printer.
SEE NOTE
SEE NOTE
F2
No
Does print job

appear in the job list?
NOTE
SEE NOTE
E1
Yes
Resume printer
output.
SEE NOTE
E2
E3
F5
No
Is the job still in

the job list?
Recheck the job list.
No
Did the job print?
Yes
Yes
SEE NOTE
F4
SEE NOTE

103-000137-001
August 31, 2001
Novell Confidential
F3
Manual
99a
38
July 17, 2001
F1. Check availability of network printer

Make sure that the printer is set to accept jobs. In iManage, verify that input is
not paused.
F2. Check for error messages

Also confirm that your NDPS objects are configured properly.
F3. Test file prints but jobs from application do not

If the test file prints but jobs from the application do not, then there is a
problem with the way the job is being formatted by the application or handled
by the driver. Reinstall the current print driver provided by the printer
manufacturer. Also try printing from different applications to determine
whether one application works while another does not. If this is the case, the
problem is related to the application itself.
F4. Job is being held in spooler

The job is being held in the job spooler. Check for job holds, delays, and
priority settings. If one of these conditions exists, change the status to print the
job. If the job prints, then see F3. Test file prints but jobs from application do
not on page 127.
F5. Job did not print but is no longer in the job list
If the job did not print but it is not in the job list, then the job was sent to the
printer and no error was reported back to the system. Make sure you are
checking the right physical printer.

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
Printing Problems Affecting All Users

103-000137-001
August 31, 2001
Novell Confidential
July 17, 2001
Manual
99a
July 17, 2001
38
Chart G
START HERE
Determine degree of
printing problems.
SEE NOTE
No print jobs are

printing from any
networked printer.
SEE NOTE
G1
No print jobs are

coming from a
specific printer.
G2
SEE NOTE
Jobs are printing

but are slowed or
corrupted.
G3
SEE NOTE
Determine printing
environment.
SEE NOTE
A3
Printer Agent is
pulling jobs from a
queue.
SEE NOTE
Printer Agent is
submitting print
.jobs to a queue.
A4
SEE NOTE
Go to
Troubleshooting
General Printing
Services.
No
Go to
CHART E
Printer receiving
jobs from an NDPS
Printer Agent.
A6
Printer is a q-based
printer serviced by
a Print Server
SEE NOTE
See
Yes
Don't know.
A6
Check Status of
NDPS printer in
NetWare
Administrator.
CHART H
Do print
jobs
appear in the job
list?
NOTE E2
See Note
G4
SEE NOTE
No
G5
Does
the NDPS status
screen show
any errors?
Yes
G7
See Note
G6

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
G1. Determine severity and scope of printing problems

If printing is affecting all users, determine the degree of severity of the
printing problems. Can no users print from specific printers, or are no jobs
printing from any network printer? Or are jobs printing, but printing slowly?
G2. No print jobs are printing from any networked printer

If no users can print at all from any network printer, the problem is probably
a universal problem such as
The printing system is disabled or printing system files are unloaded.
The servers are in a critical state due to problems with memory, disk
space, LAN connections, etc.
The LAN has a bottleneck or is otherwise dysfunctional.
G3. No print jobs are coming from a specific printer

If the printing problem is limited to a certain printer, then the problem is either
at the printer itself or the configuration of the printer. Continue to determine
which printing environment you are using.
G4. Jobs are printing slowly or are corrupted

Jobs might be printing but are either slow or appear corrupt.
Slow Printing
There are several explanations for slow printing.

If only one workstation is having problems with slow printing, the application
might be generating the output for the printer. This can cause a long delay
before the job is even sent to the spooler. Look at the print status of the
application to determine if this is the case.
If all workstations are having the problem, one of the following conditions
might exist:
Interrupt conflicts might exist between the port and another device.
Configure the printer for no interrupts (polled mode).
The baud rate might be slow (serial printers).

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
XON/XOFF might need to be enabled (serial printers).

Your hardware (cable, port, printer) might be faulty.
Job Corruption
If jobs are printing in pieces, the printer might not have sufficient memory to
hold the entire page to be printed. If it does not, it will print the part of the page
it has in memory and continue printing on the next page. This problem occurs
when printing jobs that contain large graphics.
G5. Check status of NDPS Printer in iManage

From iManager, click Manage Printer and then select the NDPS printer you
want to check. View the information on the Printer Control page.
G6. A problem is identified in an error message

Try to determine problem from the status or error message and resolve it.
Make sure that job input or output is not paused.
Check for any details that are grayed out and not available; these might
show you a problem.
G7. Jobs are getting to the job list but the printer is unable to print
them
Do the following:
Make sure there are no holds or delays.
Make sure the printer is configured properly.
Check the status of the gateway if one is being used. (A gateway is always
needed unless the Printer Agent is embedded in the printer itself.)
See Tracking Jobs from a Workstation on page 123 for more information.

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Problems Integrating with Queue-Based Components

Chart H
PROBLEM: Jobs sent through a
queue are not printing.
PA
Non-NDPS
Client
Queue
NDPS Printer
Agent
NDPS Printer
Printer is receiving jobs from an NDPS

Printer Agent which is pulling the print jobs
from a queue.
Reconfigure
spooling.
Check Printer Agent

job list.
SEE NOTE
SEE NOTE
E2
H2
NO
Are print jobs

getting to Printer Agent
job list?
NO
Is the
job spooling
configured with the
correct queue
name?
Check spooling
configuration of the
printer.
SEE NOTE
H1
YES
See
YES
CHART E
Check job list for

queue.
SEE NOTE
Make sure jobs are

redirected to queues
correctly.
SEE NOTE
NO
Are print jobs in

queue job list?
H4
YES
H3
Make sure NDPS

printer input is not
paused.
SEE NOTE E3
Or reconfigure
spooling.
SEE NOTE

103-000137-001
August 31, 2001
Novell Confidential
H1
Manual
99a
38
July 17, 2001
H1. Check the printer's spooling configuration

Make sure the printer is configured to service the queue you are expecting the
job to go to. See Setting Print Job Spooling on page 85 for more
information.
H2. Reconfigure spooling for this printer

The spooling configuration specifies a different queue than the one you want
this printer to service. See Setting Print Job Spooling on page 85 for
information on how to configure job spooling.
H3. Check the job list for the queue

Make sure the job is actually getting to the queue.
H4. Make sure the job is being redirected to the queue properly
Many applications are not designed for network printing. CAPTURE is a
command line utility that configures print job redirection from applications
not designed for NetWare print services.

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38

103-000137-001
August 31, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001

Gateways allow Novell Distributed Print ServicesTM (NDPS) clients to
send jobs to printers that are not NDPS-aware (that is, printers that are not
equipped with embedded NDPS Printer Agents). You select and configure a
printer gateway when you create a new Printer Agent.
The following diagram illustrates a typical gateway configuration.
Third-party gateway
NDPS
client
Printer
Agent
Gateway
PA
GW
NDPS
server
Existing
printer
Third-party gateways are developed by printer manufacturers to support

printers directly attached to the network. Because they are developed to
interact with specific proprietary printers, can provide a wider array of
information and offer options that are not available for the generic Novell
gateway. Some third-party gateways provide utilities that can be configured to
automatically create Printer Agents when one of their printers is attached to
the network.

103-000137-001
August 31, 2001
Novell Confidential
135
Manual
99a
38
July 17, 2001
The Novell gateway supports most printers and provides support for other
print systems. The gateway supports LPR/LPD printing and IPP printing. LPR
is a UNIX-based printing protocol used by network-attached printers in TCP/
IP environments to service jobs submitted to print queues.
Using Third-party Gateways

A number of printer vendors have created their own gateways to run with
Novell Distributed Print Services. The documentation for implementing these
gateways is available at the Novell DeveloperNet Web site (http://
developer.novell.com/devres/nest/ndpsdown.htm).

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Configuring Remote Printers

The NDPS gateway allows you to configure all of your current remote
printers so that they will work just as they always have, whether they are
attached to a workstation or a remote file server or are directly attached to the
network running in RP mode. A remote printer controlled by an NDPS Printer
Agent will emulate a legacy print server (PServer Emulation) and will no
longer require PSERVER.NLM.
We recommend that you reconfigure your direct-connect printers currently
configured for Queue Server mode to run in RP mode so that they can take
advantage of the advanced features NDPS provides.
For detailed information, see the following:
Configuring Remote Printers Using NPRINTER on page 137
Configuring Remote Printers Running in RP Mode on page 139
Configuring Remote Printers Running in LPR Mode on page 140
Configuring Remote Printers Using NPRINTER

Use the following procedure to configure a new Novell Distributed Print
ServicesTM (NDPS) printer attached to a workstation client or remote server
that is running NPRINTER.EXE or NPRINTER.NLM.
1 In NetWare Administrator, select the container where you want the NDPS
Printer object to reside.

2 From the Object menu, click Create > NDPS Printer.
The name should distinguish it from other printers on your system.
Configuring Remote Printers 137

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
4 In the Printer Agent Source field, select Create a New Printer Agent and
click Create.
assign it to.
6 In the Gateway Types window, select the Novell Printer Gateway.
7 Configure the PDS by selecting the Printer Type and Port Type and then
click OK.
8 Configure the Connection Type as Remote and specify the Port Type as
LPT, COM, or Other. Then click Next.

9 In the PServer Emulation field, modify or use the default SAP Name,
specify a Printer Number, if needed, and specify any address restrictions

you want to impose for this printer. Then click Next.
10 Configure the Controller Type and Interrupts, if needed, and then click
Finish.

operating system.
12 Click OK.
printer listed.

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
13 At the workstation or remote server that this printer is attached to, run
NPRINTER and select the SAP name specified in Step 10.

Workstation users can now select the printer and print to it.
Configuring Remote Printers Running in RP Mode

These instructions are for configuring a printer attached directly to the
network and running in RP mode, unless that printer is an HP printer.
If you are using a direct-connect printer configured for Queue-Server mode,
we recommend that you reconfigure that printer to RP mode and then
configure it as a NDPS printer using RP. This allows you to gain the
management benefits of NDPS while eliminating a Queue object from your
system.
1 From the browser's Object menu for the organization or organizational
unit, click Create > NDPS Printer.

click Create.
assign it to.
5 In the Gateway Types window, select the gateway you want to use.
6 Configure the Novell PDS by selecting the Printer Type and Port Type,
and then click OK.

7 Configure the Connection Type as Remote and specify the Port Type as
LPT, COM, or Other. Then click Next.

8 In the PServer Emulation field, modify or use the default SAP Name,
specify a Printer Number, if needed, and specify any address restrictions

you want to impose for this printer. Then click Next.
9 Configure the Controller Type and Interrupts, as needed, then click
Finish.

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

operating system.
11 Click Continue.
Configuring Remote Printers Running in LPR Mode

Use the following procedure to configure a remote printer running in LPR
mode in TCP/IP environments, unless that printer is an HP printer.
LPR will work only if TCP/IP is configured correctly.
1 From the browser's Object menu for the organization or organizational
unit, click Create > NDPS Printer.

click Create.
assign it to.
5 In the Gateway Types window, select the Novell gateway.
6 Configure the Novell PDS by selecting the Printer Type and Port Type,
and then click OK.

7 Configure the Connection Type as Remote LPR/TCPIP and specify the
Port Type as LPT, COM, or Other. Then click Next.

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

operating system.
9 Click Continue.
printer listed.

103-000137-001
August 31, 2001
Novell Confidential
Manual
99a
38

103-000137-001
August 31, 2001
Novell Confidential
July 17, 2001
Novell eDirectory 8.6 Quick Start
Novell
eDirectory
www.novell.com
8.6
Q U I C K S TA R T S B O O K L E T
November 30, 2001

Novell Confidential
QuickStart
Rev 99a
August 22, 2001
44
Contents
Novell eDirectory Overview . . . . . . . . . . . . . . . . . . . . . . . 7
Supported Platforms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
For More Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Installing or Upgrading Novell eDirectory on NetWare . . . . . . 9

System Requirements. . . . . . . . . . . . . . . .
Hardware Requirements . . . . . . . . . . . . . .
Forcing the Backlink Process to Run . . . . . . . . .
Installing Novell eDirectory on NetWare . . . . . . .
Prerequisites . . . . . . . . . . . . . . . . . .
Updating the eDirectory Schema . . . . . . . . .
Installing a Support Pack. . . . . . . . . . . . .
Installing eDirectory. . . . . . . . . . . . . . .
Lost Trustee Assignments on NFS Gateway Volumes
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
9
10
10
11
11
11
13
14
15
Installing or Upgrading Novell eDirectory on Windows NT/2000 17

System Requirements. . . . . . . . . . . . .
Hardware Requirements . . . . . . . . . . .
Forcing the Backlink Process to Run . . . . . .
Installing Novell eDirectory on Windows NT/2000
Prerequisites . . . . . . . . . . . . . . .
Updating the eDirectory Schema . . . . . .
Installing eDirectory . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
17
17
18
19
19
20
20
Installing Novell eDirectory on Solaris . . . . . . . . . . . . . . . . 23

System Requirements. . . . . . .
Software Requirements . . . . . .
Hardware Requirements . . . . .
Forcing the Backlink Process to Run
Prerequisites . . . . . . . . . .
Installing eDirectory on Solaris . .
configuring eDirectory on Solaris .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
23
23
23
24
25
25
26
Installing Novell eDirectory on Linux . . . . . . . . . . . . . . . . . 29

System Requirements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Software requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Hardware Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
160-000267-001
November 30, 2001
QuickStart
Forcing the Backlink Process to Run .

Prerequisites . . . . . . . . . . .
Installing eDirectory on Linux . . . .
ConfigurinG eDirectory on Linux . .
Rev 99a
August 22, 2001
44
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
160-000267-001
November 30, 2001
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
30
31
31
32
QuickStart
Rev 99a
44
August 22, 2001
Novell
eDirectory
8.6
Q U I C K S TA R T
Novell eDirectory Overview

Novell eDirectoryTM is a highly scalable, high performing, secure directory service. It can store
and manage millions of objects, such as users, applications, network devices, and data. Novell
eDirectory natively supports the directory standard Lightweight Directory Access Protocol (LDAP)
version 3 over Secure Socket Layer (SSL).
Novell eDirectory provides the basic foundation for the directory service, which provides
replication and partitioning capabilities, along with other utilities. Additional packages that
build upon this basic directory structure, such as DirXMLTM and Account Management, are also
available separately to increase functionality.
SUPPORTED PLATFORMS
NetWare
Windows* NT*
Windows 2000
Solaris*
Linux*
FOR MORE INFORMATION
For more information on Novell eDirectory, refer to the following sources:
Product information (http://www.novell.com/products/nds)
Product support (http://support.novell.com)
Online forums (news://forums.novell.com)
Product catalog (http://www.novell.com/catalog)
Product documentation (http://www.novell.com/documentation)
000-0000-000
November 30, 2001

Novell Confidential
QuickStart
Rev 99a
44
000-0000-000
November 30, 2001
August 22, 2001
QuickStart
Rev 99a
44
August 22, 2001
Novell
eDirectory
8.6
Q U I C K S TA R T
Installing or Upgrading Novell eDirectory

on NetWare
Use the following instructions to install or upgrade Novell eDirectoryTM on a NetWare server.
Novell eDirectory for NetWare can co-exist with the following NDS or eDirectory versions:
NetWare 4.11 or 4.2 with NDS 6.09 or later
NetWare 5 with Support Pack 5 or later, and NDS 7.47 or later (but earlier than NDS 8)
NetWare 5 with Support Pack 5 or later, and NDS 8.51 or later
NetWare 5.1with Support Pack 1 or later
NDS eDirectory 8.5 on Windows* NT*, Windows 2000, NetWare, Solaris*, Linux*, or Tru64
UNIX*
Novell eDirectory 8.6 on Windows* NT*, Windows 2000, NetWare, Solaris*, or Linux*
SYSTEM REQUIREMENTS
If you are using RCONSOLE, a ConsoleOneTM administrator workstation with the following:
A 200 MHz or faster processor
A minimum of 64 MB RAM (128 MB recommended)
The Novell ClientTM that shipped with NetWare 5 or later.
The Novell Cryptography Support Modules (Novell International Cryptographic
Infrastructure [NICI] 1.5.1 or later), available from the product CD or from the Novell
Cryptography Web site (http://www.novell.com/products/cryptography).
Administrative rights to the eDirectory tree so that you can modify the schema.
000-0000-000
November 30, 2001

Novell Confidential
QuickStart
Rev 99a
44
August 22, 2001
HARDWARE REQUIREMENTS
Hardware requirements depend on the specific implementation of eDirectory.
For example, a base installation of eDirectory with the standard schema requires about 74 MB of
disk space for every 50,000 users. However, if you add a new set of attributes or completely fill
in every existing attribute, the object size grows. These additions affect the disk space,
processor, and memory needed.
Two factors increase performance: more cache memory and faster processors.
For best results, cache as much of the DIB Set as the hardware allows.
eDirectory scales well on a single processor. However, Novell eDirectory 8.6 takes advantage of
multiple processors. Adding processors improves performance in some areas, for example, logins
and having multiple threads active on multiple processors. eDirectory itself is not processorintensive, but it is I/O-intensive.
The following table illustrates typical system requirements for eDirectory for NetWare:
Objects
Processor
Memory
Hard Disk
100,000
Pentium* III 450-700 MHz

(single)
384 MB
144 MB
1 million
Pentium III 450-700 MHz (dual)
2 GB
1.5 GB
10 million
Pentium III 450-700 MHz (2 to 4) 2 GB +
15 GB
Requirements for processors might be greater than the table indicates, depending upon
additional services available on the computer as well as the number of authentications, reads,
and writes that the computer is handling. Processes such as encryption and indexing can be
processor-intensive.
Of course, faster processors improve performance. Additional memory also improves
performance because eDirectory can then cache more of the directory into memory.
FORCING THE BACKLINK PROCESS TO RUN
Because the internal eDirectory identifiers change when upgrading to Novell eDirectory, the
backlink process has to update backlinked objects for them to be consistent.
10
000-0000-000
November 30, 2001
QuickStart
Rev 99a
44
August 22, 2001
Backlinks keep track of external references to objects on other servers. For each external
reference on a server, the backlink process ensures that the real object exists in the correct
location and verifies all backlink attributes on the master of the replica. The backlink process
occurs two hours after the database is open and then every 780 minutes (13 hours). The interval
is configurable from 2 minutes to 10,080 minutes (7 days).
After migrating to eDirectory, we recommend that you force the backlink to run by issuing a SET
DSTRACE=*B command from the server console. Running the backlink process is especially
important on servers that do not contain a replica.
INSTALLING NOVELL EDIRECTORY ON NETWARE
If your eDirectory tree does not have a Novell Certificate ServerTM, the eDirectory installation
program does the following:
Creates a Security container object for the entire eDirectory tree
This object is created at the top of the eDirectory tree and must remain there.
Creates an Organizational Certificate Authority (CA) object
Places the Organizational CA object in the Security container
Only one Organizational CA object can exist in an eDirectory tree. Because you must not move
this object from one server to another, ensure that the first eDirectory server is the one that you
intend to permanently host the Organizational CA object.
Prerequisites
If you are installing into a tree that has NetWare 5 servers, each NetWare 5.0 server must be
running NetWare 5.0 Support Pack 5 or later. Each NetWare 5.1 server must be running NetWare
5.1 Support Pack 1 or later.
If you are upgrading eDirectory on a NetWare 5.1 server, the NetWare 5.1 server must be running
NetWare 5.1 Support Pack 2a or later.
Updating the eDirectory Schema
To upgrade an existing NetWare 5.x server to eDirectory into an existing tree, update the
eDirectory schema by running DSREPAIR on the server that has the master replica of the Tree
partition.
IMPORTANT: If the master replica of the Tree partition resides on a Windows NT/2000 server,
follow the instructions in Updating the eDirectory Schema on page 20.
11
000-0000-000
November 30, 2001
QuickStart
Rev 99a
44
August 22, 2001
If one or both of the following conditions exist, you must run DSREPAIR.NLM before installing the
first eDirectory server in your tree:
Any NetWare 5 server in your eDirectory tree is eDirectory 8.
Your first installation of eDirectory 8.6 is on a NetWare 5 server that does not hold a writable
replica of the root partition.
To update the eDirectory schema:
1 Copy the appropriate DSREPAIR.NLM file from the product CD to the SYS:\SYSTEM directory
of the server that contains the master replica of the Tree partition.
Table 1
For This Version of

NetWare
With This Version of NDS
Copy
4.11 or 4.2
6.09 or later
PATCHES\DSREPAIR\
NW4X\DSREPAIR.NLM
5.0 or later
NDS 7 version 7.47 or later
PATCHES\DSREPAIR\
NW5X\DSREPAIR.NLM
5.0 or later
8.11 or 8.17
Not supported
5.0 or later
8.51 or later
PATCHES\DSREPAIR\
NWNDS8\DSREPAIR. NLM
2 At the server console of the master replica of the Tree partition, load DSREPAIR.NLM.
3 Select Advanced Options Menu > Global Schema Operations.
4 Enter the Administrators name (for example, .Admin.VMP) and password.
5 Select Post NetWare 5 Schema Update > Yes.
DSREPAIR.NLM updates the schema and posts the results to the DSREPAIR.LOG file.
Ignore errors associated with adding object classes. DSREPAIR.NLM is simply applying the
Post NetWare 5 Schema Update changes to each object.
6 Copy the appropriate patch version of DSREPAIR.NLM to each NetWare server in the
eDirectory tree.
Use Table 1 as a reference. Having a correct version on each server ensures that the schema
needed for eDirectory is properly maintained when DSREPAIR.NLM is run in the future.
If you use an earlier version of DSREPAIR.NLM and select Rebuild Operational Schema,
schema enhancements made by the Post NetWare 5 Schema Update will be lost. To resolve
lost schema enhancements, run DSREPAIR.NLM according to the following table.
12
000-0000-000
November 30, 2001
QuickStart
Rev 99a
44
August 22, 2001
If you are running DSREPAIR.NLM from

here
Do this
A server that holds a writable replica of

the root partition
Reapply the Post NetWare 5 Schema Update

to your eDirectory tree.
From any other server
Click Advanced Options > Global Schema

Operations > Request Schema from Tree.
This action resynchronizes the schema from the root of the tree.
7 Close DSREPAIR.NLM before installing eDirectory on the server.
If DSREPAIR.NLM is loaded, the server might not restart.
Installing a Support Pack
Table 2
Before installing eDirectory on this server Install this support pack

NetWare 5
NetWare 5 Support Pack 6a
NetWare 5.1
NetWare 5.1 Support Pack 2a or later
1 (Conditional) Download the latest support pack to the NetWare 5.x server.
For example, download to SYS:\.
If you purchased a support pack CD from Support Connection, skip this step.
2 (Conditional) Expand the support pack.
For NW51SP1.EXE, the support pack might take several minutes to verify an ARJ-SECURITY
envelope. After verification, the support pack creates an NW5SPX directory and places
subdirectories and files there.
If you purchased a CD from Support Connection, skip this step. The support pack is already
expanded.
3 At the server console, start NWCONFIG.NLM.
4 Select Product Options > Install a Product Not Listed.
5 Press F3 (F4 if you're using RCONSOLE) > specify the path to the expanded Support Pack files,
such as SYS:\NW5SP4.
13
000-0000-000
November 30, 2001
QuickStart
Rev 99a
44
August 22, 2001
6 Select options.
Follow the online instructions to install the support pack.
During installation, the support pack might prompt you concerning extending the schema.
Although you have already extended the schema for eDirectory, you most likely need to
extend the schema for other functionality, such as Novell Licensing Services.
7 Take the server down, then restart it.
If you checked the Reboot Server option in Step 6, the server automatically restarts.
Installing eDirectory
1 (Conditional) If you are upgrading eDirectory, do the following:
1a In the AUTOEXEC.NCF file, comment out the lines that load virus scanners, database
applications such as Sybase* or Oracle*, backup applications, and other programs that
rely on files being continually open and volumes being mounted.
During the eDirectory installation, the software must dismount volumes so that trustee
assignments can be migrated.
Be aware that virus scanners and other programs might be embedded inside other
products, for example, ZENworksTM, ManageWiseTM, and BorderManagerTM.
1b Restart the server and verify that the programs and applications referred to in Step 1a
are not running.
HINT: If you uncompress the volume you are installing eDirectory on, the install will finish
quicker.
2 (Conditional) If you have an IP-only environment, load IPXSPX.NLM.
NWCONFIG.NLM looks to Btrieve* for the product list. Btrieve subsequently requires IPXTM.
Loading IPXSPX.NLM allows Btrieve to load. When you reboot the server, IPXSPX.NLM does
not reload, so you have an IP-only environment again.
3 At the server console, load NWCONFIG.NLM.
4 Select Product Options > Install a Product Not Listed.
5 Press F3 (F4 if you're using RCONSOLE) > enter the path to the eDirectory files under the NW
directory, for example, SYS:\NW.
Follow on screen prompts concerning license agreements, the readme file, and tips.
After files are copied, the server automatically restarts and begins to install components for
ConsoleOne and Novell Certificate Server.
6 Enter the administrators login name (for example, Admin.VMP).
IMPORTANT: This window might close before you enter this information. If it does, toggle
(Alt+Esc) to the screen and enter the information. Otherwise, the installation will not be
complete.
14
000-0000-000
November 30, 2001
QuickStart
Rev 99a
44
August 22, 2001
7 Follow the online instructions concerning the Certificate Server, LDAP, languages,
components, and products to install.
8 When the installation is completed, restore the lines that you commented out in Step 1a on
page 14 > restart the server by clicking Yes.
Repeat this procedure for each NetWare server you want to upgrade to eDirectory for NetWare.
Lost Trustee Assignments on NFS Gateway Volumes
The eDirectory installation process does not upgrade trustee assignments on NFS Gateway
volumes. If you are hosting NFS Gateway volumes on a server upgraded to eDirectory, those
trustee assignments are mapped to non-existent trustees.
To delete the inaccurate trustee assignments, complete the following steps:
1 On the server, load UNICON > authenticate to eDirectory.
2 Select Start/Stop Services > NFS Gateway Server > Del.
3 From a workstation, log in to the server > delete the file SYS:\NFSGW\SFSxxxx.DAT.
4 At the server, load UNICON again > authenticate to eDirectory.
5 Select Start/Stop Services > NFS Gateway Server.
You will need to manually create new trustee assignments for eDirectory objects to any NFS
Gateway volumes.
15
000-0000-000
November 30, 2001
QuickStart
Rev 99a
44
16
000-0000-000
November 30, 2001
August 22, 2001
QuickStart
Rev 99a
44
August 22, 2001
Novell
eDirectory
8.6
Q U I C K S TA R T
Installing or Upgrading Novell eDirectory

on Windows NT/2000
Use the following instructions to install or upgrade Novell eDirectoryTM on a Windows* NT* or
Windows 2000 server.
SYSTEM REQUIREMENTS
A Windows NT server 4.0 with Service Pack 4 or later (or Windows 2000 Server) and an
assigned IP address.
A Pentium* 200 with a minimum of 64 MB RAM (128 MB recommended) and a monitor color
palette set to a number higher than 16.
(Optional) One or more workstations running one of the following:
Novell ClientTM for Windows 95/98 3.0 or later
Novell Client for Windows NT 4.5 or later
NT client
Administrative rights to the NT/2000 server and to all portions of the eDirectory tree that
contain domain-enabled User objects. For an installation into an existing tree, you need
administrative rights to the Tree object so that you can extend the schema and create
objects.
For example, a base installation of eDirectory with the standard schema requires about 74 MB of
disk space for every 50,000 users. However, if you add a new set of attributes or completely fill
in every existing attribute, the object size grows. These additions affect the disk space,
processor, and memory needed.
000-0000-000
November 30, 2001

Novell Confidential
QuickStart
Rev 99a
44
August 22, 2001
For best results, cache as much of the DIB Set as the hardware allows.
eDirectory scales well on a single processor. However, Novell eDirectory 8.6 takes advantage of
multiple processors. Adding processors improves performance in some areas, for example, logins
and having multiple threads active on multiple processors. eDirectory itself is not processorintensive, but it is I/O-intensive.
The following table illustrates typical system requirements for Novell eDirectory for Windows NT
and Windows 2000:
Objects
Processor
Memory
Hard Disk
10,000
Pentium* III 450-700 MHz (single)
384 MB
144 MB
1 million
2 GB
1.5 GB
10 million
Pentium III 450-700 MHz (2 to 4)
2 GB +
15 GB
Requirements for processors might be greater than the table indicates, depending upon
additional services available on the computer as well as the number of authentications, reads,
and writes that the computer is handling. Processes such as encryption and indexing can be
processor-intensive.
Because the internal eDirectory identifiers change when upgrading to eDirectory, the backlink
process has to update backlinked objects for them to be consistent.
Backlinks keep track of external references to objects on other servers. For each external
reference on a server, the backlink process ensures that the real object exists in the correct
location and verifies all backlink attributes on the master of the replica. The backlink process
occurs two hours after the database is open and then every 780 minutes (13 hours). The interval
is configurable from 2 minutes to 10,080 minutes (7 days).
After migrating to eDirectory, we recommend that you force the backlink to run by issuing a SET
DSTRACE=*B command from the server console. Running the backlink process is especially
important on servers that do not contain a replica.
18
000-0000-000
November 30, 2001
QuickStart
Rev 99a
44
August 22, 2001
INSTALLING NOVELL EDIRECTORY ON WINDOWS NT/2000

Novell eDirectory 8.6 for NT upgrades NT servers running NT Service Pack 4 or later and
eDirectory 8.35 or later.
If no eDirectory tree exists, you can install eDirectory 8.6. The installation program creates an
eDirectory tree.
If your eDirectory tree does not have a Novell Certificate ServerTM, the eDirectory installation
program does the following:
Creates a Security container object for the entire eDirectory tree
This object is created at the top of the eDirectory tree and must remain there.
Creates an Organizational Certificate Authority (CA) object
Places the Organizational CA object in the Security container
Only one Organizational CA object can exist in an eDirectory tree. Because you must not move
this object from one server to another, ensure that the first eDirectory server is the one that you
intend to permanently host the Organizational CA object.
Prerequisites
Because NTFS provides a safer transaction process than a FAT file system provides, you can
only install eDirectory on an NTFS partition. Therefore, if you only have FAT file systems,
do one of the following:
Create a new partition and format it as NTFS.
Use Disk Administrator. Refer to Windows NT Server User Guide for more information.
Convert an existing FAT file system to NTFS, using the CONVERT command.
If your server only has a FAT file system and you forget or overlook this process, the
installation program prompts you to provide an NTFS partition.
If you are installing eDirectory for NT/2000 into an eDirectory tree that has NetWare and
NT/2000 servers, each NetWare server must be running one of the following:
NetWare 4.2 with NDS 6.09 or later
NetWare 6
Each NT/2000 server must be running eDirectory 8.0 or later.
19
000-0000-000
November 30, 2001
QuickStart
Rev 99a
44
August 22, 2001
Updating the eDirectory Schema

To upgrade an existing tree, run DSREPAIR on the server that contains the master replica of the
Tree partition.
IMPORTANT: If the master replica of the Tree partition resides on a NetWare server, follow the
instructions in Updating the eDirectory Schema on page 11.
The eDirectory installation program checks the existing schemas version. If the schema has not
been upgraded, the installation program instructs you to run DSREPAIR, then discontinues.
1 Copy PATCHES\DSREPAIR\ NTNDS8\DSREPAIR. DLL from the product CD to the directory
where you installed eDirectory, for example, G:\NOVELL\NDS.
This file is version 8.35.
2 Start NDSCONSOLE by running NDSCONS.EXE.
This file is in the directory where you installed eDirectory.
3 Select DSREPAIR from the NDS Service list.
4 Enter -ins in the Startup Parameters field > click Start.
After the schema has been updated, the status field next to the DSREPAIR module in
NDSCONSOLE will be blank.
5 To see the results of the schema update, select DSREPAIR in NDSCONSOLE.
6 Click Start > File > Open Log File > Open.
The last entry of the log file will contain the results of the schema update.
Installing eDirectory
1 At the NT/2000 server, log in as Administrator or as a user with administrative privileges.
2 Run SETUP.EXE from the NT directory on the product CD.
3 Select which components to install.
You can install the components separately or together.
Install Novell Directory Services
This option installs eDirectory in an NT/2000-only or mixed NetWare/NT/2000 server
environment.
Follow the online instructions in the Installation Wizard.
SLP Directory Agent
Installs SLP Directory Agent, which allows you to control the collection and
dissemination of network service information through advanced features.
20
000-0000-000
November 30, 2001
QuickStart
Rev 99a
44
August 22, 2001
Follow the online instructions in the Installation Wizard. Select the type of setup you
want to install:
Directory: Use eDirectory to manage, configure, and store Directory Agents, scopes,
and services.
Local: The Directory Agent and its associated scopes and services are stored and
configured through the local machine.
Install ConsoleOne
This option installs ConsoleOneTM 1.3.
Follow the online instructions in the Installation Wizard.
The installation program checks for the following components. If a component is missing or is an
incorrect version, the installation program automatically launches an installation for the
component.
Novell Client for Windows NT/2000
For more information on the Novell Client for Windows NT, see the Novell Client for Windows
online documentation (http://www.novell.com/documentation/lg/client/docui/
index.html).
Novell licensing
Evaluation licenses (http://www.novell.com/products/edirectory/licenses/eval_861.html)
are available.
21
000-0000-000
November 30, 2001
QuickStart
Rev 99a
44
22
000-0000-000
November 30, 2001
August 22, 2001
QuickStart
Rev 99a
44
August 22, 2001
To begin a QuickStart (English): Click in the box under the word Novell. Insert QuickStart and Title elements. 2. Type the product name. 3. Insert the HeadQS element and type the title of your card.
4. Put in your product version: Click Special > Variable > select the variable named Version > Edit Definition > enter the version number > click Done > Done. It will appear as background text replacing
Version X.X.
For a card thats part of a booklet: Use Special > Master Page Usage to change to using First master page on the first page of the card. It doesnt show the part number, since part number will be
noted in the front of the booklet.
Novell
eDirectory
8.6
Q U I C K S TA RT
Installing Novell eDirectory on Solaris

This section contains the minimum system requirements for Novell eDirectoryTM on Solaris*, basic
installation commands, and a brief description of the eDirectory configuration utilities.
SYSTEM REQUIREMENTS
All recommended Solaris OS patches are available at the SunSolve* Online Web page (http://
sunsolve.sun.com)
Solaris 2.6 (with patch 105591-07 or later)
Solaris 7 (with patch 106327-06 or later for 32-bit systems)
Solaris 7 (with patch 106300-07 or later for 64-bit systems)
Solaris 8 (with patch 109461-02 and patch 108827-10 or later)
74 MB of disk space to install eDirectory. Additional disk space required based on data.
SOFTWARE REQUIREMENTS
Netware Time Protocol
ConsoleOne 1.3 or later
Two factors increase performance: more cache memory and high end processors.
For best results, cache as much of the DIB Set as the hardware allows up to 2GB.
eDirectory scales well on a single processor. However, eDirectory 8.6 takes advantage of multiple
processors. Adding processors improves performance in some areas, for example, logins and having multiple
000-0000-000
Instructions for International. For SINGLE cards: 1. After importing SGML, click the BookQS element in the "Structure View" window. 2. Select QuickStart in the "Elements" window and click
Wrap. 3. Right-click the BookQS element in the "Structure View" to bring up menu, and select Unwrap. 4. Highlight the Front element in the "Structure View" and delete it. 5. Right-click the nested
QuickStart element in the "Structure View" to bring up menu, and select Unwrap. 6. You can continue with print prep and creating PostScript and PDF, even though the file is not completely valid
because the ID on the QuickStart element is missing. Thats okayit will not affect the appearance of the document, so PostScript and PDF will be correct. For cards in a booklet: To remove part
number from f irst page, use the master page "First."
November 30, 2001

Novell Confidential
QuickStart
Rev 99a
44
August 22, 2001
threads active on multiple processors. eDirectory itself is not processor-intensive, but it is I/O-intensive.
The following table illustrates typical system requirements for Novell eDirectory for Solaris.
Objects
Processor
Memory
Hard Disk
100,000
Sun* Enterprise 220
384 MB
144 MB
1 million
Sun Enterprise 450
2 GB
1.5 GB
10 million
Sun Enterprise 4500 with multiple 2 GB +

processors
15 GB
Requirements for processors might be greater than the table indicates, depending upon additional services
available on the computer as well as the number of authentications, reads, and writes that the computer is
handling. Processes such as encryption and indexing can be processor-intensive.

Because the internal eDirectory identifiers change when upgrading to Novell eDirectory, the backlink
Backlinks keep track of external references to objects on other servers. For each external reference on a
server, the backlink process ensures that the real object exists in the correct location and verifies all backlink
attributes on the master of the replica. The backlink process occurs two hours after the database is open and
then every 780 minutes (13 hours). The interval is configurable from 2 minutes to 10,080 minutes (7 days).
After migrating to eDirectory, start the ndstrace process by issuing the ndstrace -l >log& command,
which runs the process at the background. You can force the backlink to run by issuing the ndstrace -c
SET DSTRACE=*B command from the ndstrace command prompt. You can then unload the ndstrace
process by issuing the ndstrace -u command. Running the backlink process is especially important on
servers that do not contain a replica.
24
000-0000-000
November 30, 2001
QuickStart
Rev 99a
44
August 22, 2001
PREREQUISITES
eDirectory Server must be installed on all servers that you want to place an eDirectory replica on.
Meet the System Requirements on page 23.
Enable the Solaris host for multicast routing on the server on which you are installing the product.
Enter the following command to check whether the host is enabled for multicast routing:
/usr/bin/netstat -nr
The following entry should be present in the routing table:
224.0.0.0 host_IP_address
If the entry is not present, log in as root, and enter the following command to enable multicast routing:
route add -net 224.0.0.0 -net 224.0.0.0 netmask 240.0.0.0 hme0
NICI 2.3 is a pre-requisite for installing eDirectory. eDirectory prompts for the installation of NICI 2.3
if it is not installed. The NOVLniu0-2.3.0 package contains NICI 2.3.
For secure Novell eDirectory operations, you will need the NICI Foundation Key file. You can obtain
an evaluation license file from the Novell eDirectory Eval License Download (http://www.novell.com/
products/edirectory/licenses/eval_861.html) Web site. If you do not use the NICI Foundation Key, you
will not be able to create Certificate Authority and Key Material objects.
If you have more than one server in the tree, the time on all the network servers should be
synchronized. Use Network Time Protocol (NTP) to synchronize time.
If you are installing a secondary server, all the replicas in the partition where you have installed the
product should be in the On state.
INSTALLING EDIRECTORY ON SOLARIS
Use the nds-install utility to install eDirectory components on Solaris systems. This utility is located in the
Setup directory on the CD for the Solaris platform. The utility adds the required packages based on the
components you select to install.
To install eDirectory components on Solaris systems:
1 Log in as root on the host.
2 Enter the following command from the setup directory:
nds-install
3 When prompted, accept the license agreement.
The installation program displays a list of Novell eDirectory components that you can install.
25
000-0000-000
November 30, 2001
QuickStart
Rev 99a
44
August 22, 2001
4 Specify the option for the component you want to install. The appropriate packages are installed on the
Solaris host.
Table 3 lists the packages installed for each eDirectory component.
Table 3
eDirectory Component
Packages Installed
Description
eDirectory Server
The eDirectory replica server will

NDSbase, NDScommon,
be installed on the specified server
NDSsecur, NDSsecutl,
NDSmasv, NDSserv,
NDSimon, NDSrepair, NDSslp
and NDSdexvnt.
Administration Utilities
NDSadmutl, NDSsecutl,
NDSbase, and NLDAPbase
The Novell Import Conversion

Export and LDAP Tools utilities
will be installed on the specified
workstation
Management Console for

eDirectory
NDSbase, NDSslp, NovLC1,

C1JRE, NDSadmutl,
NLDAPbase, and NDS set of
packages
The management console for

eDirectory will be installed on the
specified workstation
NMAS (Novell Modular

Authentication Service)
server
NDSnmas
The NMAS server components

and the configuration utilities will
be installed on the specified server.
5 If you are prompted, enter the complete path to the NICI Foundation Key file.
You will be prompted to enter the complete path to the NICI Foundation Key only if the installation
program is not able to locate the file in the default location (/var, the mounted license diskette, or the
current directory).
IMPORTANT: Before you begin to use Novell eDirectory, ensure that SLP has been installed for the
eDirectory tree to be advertised. To determine the advertisement of the eDirectory tree, enter the following:
/usr/bin/slpinfo -s "ndap.novell//(svcname-ws==*tree_name.)/"
CONFIGURING EDIRECTORY ON SOLARIS
1. Use the ndsconfig utility to configure eDirectory.
To create a new tree, enter ndsconfig new -t corp-tree -n o=company -a
cn=admin.o=company
To add a replica into an existing tree, enter ndsconfig add -t corp-tree -n
o=company -a cn=admin.o=company
To remove a replica, enter ndsconfig rm -a cn=admin.o=company
26
000-0000-000
November 30, 2001
QuickStart
Rev 99a
44
August 22, 2001
2. Use the ldapconfig utility to modify, view, and refresh LDAP object attributes.
3. Use the nmasconfig utility to configure NMAS and the policy-based authentication methods (log in
methods).
4. Use the pkiconfig utility to create the following Novell PKI Objects:
Organizational Certificate Authority (CA)
Server Certificates (Stored as Key Material Objects (KMO))
User Certificates
Security Container
SAS Service object
27
000-0000-000
November 30, 2001
QuickStart
Rev 99a
44
28
000-0000-000
November 30, 2001
August 22, 2001
QuickStart
Rev 99a
44
August 22, 2001
To begin a QuickStart (English): Click in the box under the word Novell. Insert QuickStart and Title elements. 2. Type the product name. 3. Insert the HeadQS element and type the title of your card.
4. Put in your product version: Click Special > Variable > select the variable named Version > Edit Definition > enter the version number > click Done > Done. It will appear as background text replacing
Version X.X.
For a card thats part of a booklet: Use Special > Master Page Usage to change to using First master page on the first page of the card. It doesnt show the part number, since part number will be
noted in the front of the booklet.
Novell
eDirectory
8.6
Q U I C K S TA RT
Installing Novell eDirectory on Linux

This section contains the minimum system requirements for Novell eDirectoryTM on Linux*, basic
installation commands, and a brief description of the eDirectory configuration utilities.
SYSTEM REQUIREMENTS
Linux 2.2 and glibc 2.1.3 (Recommended glibc 2.2)
74 MB of disk space for minimum of 50,000 users. Additional disk space required based on data.
SOFTWARE REQUIREMENTS
Netware Time Protocol
ConsoleOne
ConsoleOne 1.3 or later
200 MHz processor (a faster one is recommended)
For best results, cache as much of the DIB Set as the hardware allows up to 2GB.
eDirectory scales well on a single processor. However, eDirectory 8.6 takes advantage of multiple
processors. Adding processors improves performance in some areas, for example, logins and having multiple
threads active on multiple processors. eDirectory itself is not processor-intensive, but it is I/O-intensive.
The following table illustrates typical system requirements for eDirectory for Linux:
000-0000-000
Instructions for International. For SINGLE cards: 1. After importing SGML, click the BookQS element in the "Structure View" window. 2. Select QuickStart in the "Elements" window and click
Wrap. 3. Right-click the BookQS element in the "Structure View" to bring up menu, and select Unwrap. 4. Highlight the Front element in the "Structure View" and delete it. 5. Right-click the nested
QuickStart element in the "Structure View" to bring up menu, and select Unwrap. 6. You can continue with print prep and creating PostScript and PDF, even though the file is not completely valid
because the ID on the QuickStart element is missing. Thats okayit will not affect the appearance of the document, so PostScript and PDF will be correct. For cards in a booklet: To remove part
number from f irst page, use the master page "First."
November 30, 2001

Novell Confidential
QuickStart
Rev 99a
August 22, 2001
44
Objects
Processor
Memory
Hard Disk
100,000
Pentium* III 450-700 MHz

(single)
384 MB
144 MB
1 million
2 GB
1.5 GB
10 million
Pentium III 450-700 MHz (2 to 4) 2 GB +
15 GB
Requirements for processors might be greater than the table indicates, depending upon additional services
available on the computer as well as the number of authentications, reads, and writes that the computer is
handling. Processes such as encryption and indexing can be processor-intensive.

Because the internal eDirectory identifiers change when upgrading to Novell eDirectory 8.6, the backlink
Backlinks keep track of external references to objects on other servers. For each external reference on a
server, the backlink process ensures that the real object exists in the correct location and verifies all backlink
attributes on the master of the replica. The backlink process occurs two hours after the database is open and
then every 780 minutes (13 hours). The interval is configurable from 2 minutes to 10,080 minutes (7 days).
After migrating to eDirectory, start the ndstrace process by issuing the ndstrace -l >log& command,
which runs the process at the background. You can force the backlink to run by issuing the ndstrace -c
SET DSTRACE=*B command from the ndstrace command prompt. You can then unload the ndstrace
process by issuing the ndstrace -u command. Running the backlink process is especially important on
servers that do not contain a replica.
30
000-0000-000
November 30, 2001
QuickStart
Rev 99a
44
August 22, 2001
PREREQUISITES
eDirectory Server must be installed on all servers that you want to place an eDirectory replica on.
Meet the System Requirements on page 29.
Enable the Linux host for multicast routing on the server on which you are installing the product. Enter
the following command to check whether the host is enabled for multicast routing:
/bin/netstat -nr
The following entry should be present in the routing table:
224.0.0.0 0.0.0.0
If the entry is not present, log in as root, and enter the following command to enable multicast routing:
route add -net 224.0.0.0 netmask 240.0.0.0 dev -interface
NICI 2.3 is a pre-requisite for installing eDirectory. eDirectory prompts for the installation of NICI 2.3
if it is not installed. The NOVLniu0-2.3.0 package contains NICI 2.3.
For secure Novell eDirectory operations, you will need the NICI Foundation Key file. You can obtain
an evaluation license file from the Novell eDirectory Eval License Download (http://www.novell.com/
products/edirectory/licenses/eval_861.html) Web site. If you do not use the NICI Foundation Key, you
will not be able to create Certificate Authority and Key Material objects.
If you have more than one server in the tree, the time on all the network servers should be
synchronized. Use Network Time Protocol (NTP) to synchronize time.
If you are installing a secondary server, all the replicas in the partition where you have installed the
product should be in the On state.
INSTALLING EDIRECTORY ON LINUX
Use the nds-install utility to install eDirectory components on Linux systems. This utility is located in the
Setup directory on the CD for the Linux platform. The utility adds the required packages based on the
components you select to install.
To install eDirectory components on Linux systems:
1 Log in as root on the host.
2 Enter the following command from the setup directory:
nds-install
31
000-0000-000
November 30, 2001
QuickStart
Rev 99a
44
August 22, 2001
3 When prompted, accept the license agreement.

The installation program displays a list of eDirectory components that you can install.
4 Specify the option for the component you want to install. The appropriate RPMs are installed on the
Linux host.
Table 4 lists the RPMs installed for each eDirectory component.
Table 4
eDirectory Component
Packages Installed
Description
eDirectory Server
The eDirectory replica server will

NDSbase, NDScommon,
be installed on the specified server
NDSsecur, NDSsecutl,
NDSmasv, NDSserv,
NDSimon, NDSrepair, NDSslp
and NDSdexvnt
NDSadmutl, NDSsecutl,
NDSbase and NLDAPbase
The Novell Import Conversion

Export and LDAP Tools utilitites
will be installed on the specified
workstation
Management Console for

eDirectory
NDSbase, NDSslp, NovLC1,

C1JRE, and NDS set ot
packages
The management console for

eDirectory will be installed on the
specified workstation
NMAS (Novell Modular

Authentication Service)
server
NDSnmas
The NMAS server components

and the configuration utilities will
be installed on the specified server.
5 If you are prompted, enter the complete path to the NICI Foundation Key file.
You will be prompted to enter the complete path to the NICI Foundation Key only if the installation
program is not able to locate the file in the default location (/var, the mounted license diskette, or the
current directory).
IMPORTANT: Before you begin to use eDirectory, ensure that SLP is installed for the eDirectory tree to be
advertised. To determine the advertisement of the eDirectory tree, enter the following:
/usr/bin/slpinfo -s "ndap.novell//(svcname-ws==*tree1.)/"
CONFIGURING EDIRECTORY ON LINUX
1. Use the ndsconfig utility to configure eDirectory.
To create a new tree, enter ndsconfig new -t corp-tree -n o=company -a
cn=admin.o=company
To add a replica into an existing tree, enter ndsconfig add -t corp-tree -n
o=company -a cn=admin.o=company
32
000-0000-000
November 30, 2001
QuickStart
Rev 99a
44
August 22, 2001
To remove a replica, enter ndsconfig rm -a cn=admin.o=company

2. Use the ldapconfig utility to modify, view, and refresh LDAP object attributes.
3. Use the nmasconfig utility to configure NMAS and the policy-based authentication methods (log in
methods).
4. Use the pkiconfig utility to create the following Novell PKI Objects:
Organizational Certificate Authority (CA)
Server Certificates (Stored as Key Material Objects (KMO))
User Certificates
Security Container
SAS Service object
33
000-0000-000
November 30, 2001
QuickStart
Rev 99a
44
34
000-0000-000
November 30, 2001
August 22, 2001
Novell Native File Access Protocols Installation and Administration Guide
Novell
NetWare 6
www.novell.com
N O V E L L N AT I V E F I L E A C C E S S P R O TO C O L S
I N S TA L L AT I O N A N D A D M I N I S T R AT I O N G U I D E
September 4, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Contents
Contents
Preface
Overview
11
Native Protocols . . . . . . . . . . . . . . . . .
Network Neighborhood and Macintosh Chooser.
Understanding Passwords . . . . . . . . . . . .
Local Password. . . . . . . . . . . . . . . .
Domain Controller Password . . . . . . . . .
NetWare Password . . . . . . . . . . . . . .
Simple Password . . . . . . . . . . . . . . .
Get Started . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

NetWare Server Prerequisites . . . . . . . . . . . .
Administrator Workstation Prerequisites . . . . . . .
Computer Prerequisites . . . . . . . . . . . . . . .
Installing the Software during the Server Installation
Installing the Software after Server Installation . . .
Before You Begin . . . . . . . . . . . . . . . . .
Accessing the Software. . . . . . . . . . . . . .
Installing the Software . . . . . . . . . . . . . . . .
Starting and Stopping Services . . . . . . . . . . .
Whats Next? . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
11
12
12
12
12
13
13
13
15
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Using ConsoleOne to Create Simple Passwords . . . . . . . .

Using NetWare Remote Manager to Create Simple Passwords .
Creating Simple Passwords for Multiple Users . . . . . . . .
Creating a Simple Password for a Single User . . . . . . . .
Managing Users and Rights to Network Resources . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Assigning Simple Passwords
15
17
17
18
18
18
18
20
24
25
27
Contents

103-000162-001
September 4, 2001
Novell Confidential
28
29
30
31
31
Manual
99a
Whats Next? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
31
Working with Macintosh Computers
33
Administrator Tasks . . . . . . . . . . . . . . . . . . . . . . . . .
Creating Simple Passwords for Several Macintosh Users. . . .
Editing the Context Search File . . . . . . . . . . . . . . . . .
Creating a Guest User Account . . . . . . . . . . . . . . . . .
Renaming Volumes . . . . . . . . . . . . . . . . . . . . . . .
Macintosh End User Tasks . . . . . . . . . . . . . . . . . . . . .
Accessing Network Files . . . . . . . . . . . . . . . . . . . . .
Logging In to the Network as Guest . . . . . . . . . . . . . . .
Changing Passwords from a Macintosh Computer . . . . . . .
Assigning Rights and Sharing Files from a Macintosh Computer
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
33
33
34
35
35
36
36
37
37
37
41
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Setting Up Novell Native File Access Protocols in a NetWare 6 Cluster

Prerequisites . . . . . .
Setting Up for Macintosh
Setting Up for Windows .
Whats Next? . . . . . .
.
.
.
.
.
.
.
.
.
.
Working with Windows Computers

Administrator Tasks . . . . . . . . . . . . . . . . . . . . . . . . . .
Specifying Contexts in the Context Search File . . . . . . . . . .
Providing Network Access to Domain Users. . . . . . . . . . . .
Customizing the Network Environment Using a Configuration File
Viewing Configuration Details . . . . . . . . . . . . . . . . . . .
Windows User Tasks . . . . . . . . . . . . . . . . . . . . . . . . .
Accessing Files from a Windows Computer . . . . . . . . . . . .
Mapping Drives from a Windows Computer . . . . . . . . . . . .
Changing Passwords from a Windows Computer . . . . . . . . .
July 17, 2001
38
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
41
41
42
43
47
47
47
48
48
51
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Features of Novell Native File Access for UNIX . . . . . . . .

Overview of Native File Access for UNIX . . . . . . . . . . .
NFS Server . . . . . . . . . . . . . . . . . . . . . . . .
Network Information Service . . . . . . . . . . . . . . .
UNIX User Management Using eDirectory . . . . . . . .
ConsoleOne-Based Administration . . . . . . . . . . . .
Novell Cluster Services Support . . . . . . . . . . . . . .
Administration Utilities . . . . . . . . . . . . . . . . . . .
Upgrade Utility . . . . . . . . . . . . . . . . . . . . . . .
Setting Up and Managing Novell Native File Access for UNIX
Configuration Methods . . . . . . . . . . . . . . . . . . .
Configuring Server General Parameters. . . . . . . . . .
Migration . . . . . . . . . . . . . . . . . . . . . . . . . .
NFS Server . . . . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Working with UNIX Machines
51
52
52
54
55

103-000162-001
September 4, 2001
Novell Confidential
55
57
57
59
63
65
66
67
68
69
69
71
74
82
Manual
99a
38
NIS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Setting Up Novell Native File Access for UNIX with Novell Cluster Services
Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Configuring the Properties of Cluster Volume Resource . . . . . . . . .
Component-Specific Configuration . . . . . . . . . . . . . . . . . . .
Location of Configuration Files . . . . . . . . . . . . . . . . . . . . . .
Starting and Stopping Native File Access for UNIX with Cluster Services
July 17, 2001
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Contents

103-000162-001
September 4, 2001
Novell Confidential
.
.
.
.
.
.
.
. 94
112
112
113
116
117
117
Manual
99a
38
July 17, 2001

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Preface
This book is divided into the following sections.
Chapter 1, Overview, on page 11An explanation of the benefits of
Novell Native File Access Protocols and the concepts required to
understand its implementation.
Chapter 2, Installing Novell Native File Access Protocols, on page
15Instructions for meeting the prerequisites and installing the software.
Chapter 3, Assigning Simple Passwords, on page 27Instructions for
creating passwords and managing users for Macintosh* and Windows*
computers.
Chapter 4, Working with Macintosh Computers, on page 33
Instructions for simplifying the task of setting up and managing
Macintosh workstations. Also includes instructions that describe how
Macintosh end users access files on the network with Novell Native File
Access Protocols.
Chapter 5, Working with Windows Computers, on page 41
Instructions for simplifying the task of setting up and managing Windows
workstations. Also includes instructions that describe how Windows end
users access files on the network with Novell Native File Access
Protocols.
Chapter 6, Setting Up Novell Native File Access Protocols in a NetWare
6 Cluster, on page 51An explanation of the concepts relating to Novell
Cluster ServicesTM and instructions for configuring Novell Native File
Access Protocols for Macintosh and Windows computers in a clustered
environment.
Chapter 7, Working with UNIX Machines, on page 55Instructions
for setting up Novell Native File Access Pack for UNIX* computers.
Preface

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
10

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Overview
Novell Native File Access Protocols let Macintosh, Windows, and UNIX
install any additional softwaresuch as Novell ClientTM software. The
software is installed only on the NetWare server and provides "out of the box"
network access. Just plug in the network cable, start the computer, and you
have access to servers on your network. No client configuration, no client
software, no problem.
NetWare
Server
CIFS
AFP
NFS
IP
CIFS
AFP
NFS
Windows
MAC
UNIX
Native Protocols
Novell Native File Access Protocols enable the NetWare server to use the
same protocol (referred to as native) as the client workstation to copy, delete,
move, save, and open files. Windows workstations perform these tasks using
the native Common Internet File System (CIFS) protocol, and Macintosh
workstations use the native Apple* Filing Protocol (AFP). UNIX computers
use the Network File System (NFS*) protocol.
Overview

103-000162-001
September 4, 2001
Novell Confidential
11
Manual
99a
38
July 17, 2001
Network Neighborhood and Macintosh Chooser

Enabling native protocols on NetWare means that users can access files, map
network drives, and create shortcuts to NetWare servers using the native
methods available in their specific operating system. Windows users can use
their familiar Network Neighborhood. Macintosh users can use Chooser or the
Go menu to access network files and even create aliases. Because the NetWare
server is running native protocols, users can copy, delete, move, save, and
open network filesjust like they would if they were working locally.
Network Neighborhood
Chooser
Understanding Passwords
To understand how Novell Native File Access Protocols incorporate the
security of NetWare, you must understand the different types of passwords
used in networkinglocal, domain controller, NetWare, and simple.
Local Password
The Windows operating system requires a username and password to log in to
the computer. This password, called the local password, is stored locally on
the computers disk drive.
Domain Controller Password

Windows networking uses a domain controller to restrict access to the
network. When Windows users log in to the network using a Domain
Controller, they are required to enter a username and password for
authentication. This password, called the domain controller password, is
stored on the domain controller computer on the network.
12

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NetWare Password
To access the network, each user must have a network account created
specifically for them. This account is called a User object. It consists of a
NetWare username and a corresponding NetWare password. When the
workstation is running Novell Client software, the user logs in by entering the
NetWare username (including context) and password. NetWare usernames
and passwords are stored securely on NetWare servers.
Simple Password
Another password, called the simple password, is required to provide access
to workstations not running Novell Client software. Just like the NetWare
password, the simple password is stored on the network. Each user must have
a simple password to access network resources using native protocols.
When users access a network resource using their native methods (such as My
Network Places or Chooser), they enter their NetWare username and the
simple password. The username and password are verified by NetWare, and
if they are correct, access is granted to the network resource.
Get Started
Novell Native File Access Protocols are easy to install on a NetWare 6 server.
Follow the instructions beginning in Chapter 2, Installing Novell Native File
Access Protocols, on page 15 to get started.
Overview

103-000162-001
September 4, 2001
Novell Confidential
13
Manual
14
99a
38
July 17, 2001

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Installing Novell Native File Access

Protocols
To install the Novell Native File Access Protocols, you must complete the
following:
1. Prepare the NetWare 6 server according to the instructions in NetWare
Server Prerequisites on page 15.
2. Set up a client workstation following the instructions in Administrator
Workstation Prerequisites on page 17.
3. Make sure that the computers to access the network are running a
supported version of the operating system as described in Computer
Prerequisites on page 17.
4. Install the software following the instructions in Installing the Software
after Server Installation on page 18.
After installing Novell Native File Access Protocols, you must create simple
passwords before users can access network resources. For instructions, see
Chapter 3, Assigning Simple Passwords, on page 27.
NetWare Server Prerequisites

The server must have the following configuration to run Novell Native File
Access Protocols.
HINT: Check the server configuration at the server console by entering
NWCONFIG; then select Product Options > View.
NetWare 6 server operating system

(For Macintosh only) Macintosh Name Space loaded on each traditional
volume before installing Novell Native File Access Protocols.

103-000162-001
September 4, 2001
Novell Confidential
15
Manual
99a
38
July 17, 2001
To load Macintosh Name Space to a volume, enter the following

commands at the server console:
LOAD MAC.NLM
ADD NAME SPACE MACINTOSH TO VOLUME volume_name.
(For Macintosh only) AFP.NLM and APPLETLK.NLM must be
unloaded from the server (if loaded).
If BorderManagerTM Enterprise Edition version 3.5 or later is running in
the same tree as the NetWare server, the Login Policy Object (LPO) must
be created by completing the following procedure.
Creating the Login Policy Object
1 Log in to the server running BorderManager.
2 Run the NetWare Administrator utility located in the public\win32\
directory.
3 From the Object menu, click Create > Login Policy > OK.
4 (Conditional) If the server running BorderManager does not have a local
NDS replica, complete the following:

4a From NetWare Administrator, select the Security container and the
LPO.
4b Click Trustees of This Object > Add Trustee.
4c Select the Server object of the server running BorderManager.
4d Deselect all Object rights.
4e Click Selected Properties > SAS: Policy Credentials.
4f From Property Rights, click Read/Write > OK.
16

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Administrator Workstation Prerequisites

To install, set up, and administer Novell Native File Access Protocols, make
sure that at least one workstation meets the following requirements:
Windows workstation running one of the following:
Windows 95/98 running Novell Client for Windows 95/98 version
3.21.0 or later. Download the client software. (http://
www.novell.com/download/)
Windows NT/2000 running Novell Client for Windows NT/2000
version 4.80 or later. Download the client software. (http://
Client NICI 1.5.7 (Strong Encryption) version 1.5.7. Download the NICI
software. (http://support.novell.com/)
NICI is required to perform password administration using
ConsoleOneTM. It must be installed only on the Administrator
Workstation. NICI (Weak Encryption) will work for user authentication
but does not support changing passwords from a Windows workstation.
Computer Prerequisites
To access NetWare servers running Novell Native File Access Protocols,
computers must be connected to the network, properly configured to run TCP/
IP, and must be running one of the following operating systems:
Mac OS version 8.1 or later, Mac OS X
Windows 95/98/ME, Windows NT* version 4, Windows 2000
Windows computers must be running Client for Microsoft Networks,
which is a standard Windows component that is installed by selecting
Control Panel > Network > Add > Client > Microsoft.
Any version platform capable of NFS v2 or NFS v3 such as UNIX,
Linux*, and Free BSD.
For more information on computers running NFS, see the Chapter 7,
Working with UNIX Machines, on page 55.

103-000162-001
September 4, 2001
Novell Confidential
17
Manual
99a
38
July 17, 2001
Installing the Software during the Server Installation

Novell Native File Access Protocols are part of the NetWare 6 server
installation program. Instructions are located in the NetWare 6 Overview and
Installation Guide.
If you did not install the software during the NetWare 6 server installation, you
can install it by following the steps beginning with Installing the Software
after Server Installation on page 18.
Installing the Software after Server Installation

Novell Native File Access Protocols can installed after installing a NetWare 6
using NetWare Deployment Manager or the Graphical Server Console screen.
Each method provides an easy-to-follow installation program that guides you
through the required steps.
Before You Begin

1 Obtain the NetWare 6 Operating System CD.
2 Make sure that your NetWare server meets the prerequisites described in
NetWare Server Prerequisites on page 15.

3 Set up an Administrator Workstation by meeting the prerequisites
described in Administrator Workstation Prerequisites on page 17.
Accessing the Software

From the NetWare 6 Server Console
1 At the NetWare 6 server console, enter STARTX to launch the graphical
server console.
2 Click Novell > Install.
3 From the Installed Products screen, click Add.
4 Enter the path to the NetWare 6 Operating System CD and select the
PRODUCT.NI file.
The installation program begins.
18

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
From NetWare Deployment Manager

1 At the Administrator Workstation, log in to the destination server that will
run the Novell Native File Access Protocols.

2 Insert the NetWare 6 Operating System CD.
3 Run NetWare Deployment Manager (NWDEPLOY.EXE) located on the
root of the NetWare 6 Operating System CD.

4 Click Post-Installation Tasks > Install NetWare 6 Products.
5 At the Product Selection screen, check the Novell Native File Access
Protocols checkbox.
6 Click Next.
The installation program begins.

103-000162-001
September 4, 2001
Novell Confidential
19
Manual
99a
38
July 17, 2001
Installing the Software

1 Select to install Macintosh, UNIX, and/or Windows components.
2 Click Next.
3 (Conditional) If you choose to install the Windows component (CIFS),
complete the following steps:

3a Log in as a user with the Supervisor right.
You must specify the full context for the user.

3b Enter the Server Name and Server Comment that will appear in
Network Neighborhood.
20

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The Server Name must be 11 or fewer characters and must be

different from the actual NetWare server name. The Server
Comment is optional.
3c Specify whether to enable UNICODE.
When checked, this option enables Unicode characters used in

double-byte languages.
NOTE: To support Unicode, an additional file named UNINOMAP.TXT must
be created and saved in the SYS:\ETC directory. When the -UNICODE value
is set to ON, the UNINOMAP.TXT file is used to resolve Unicode-to-ASCII
"no-map" problems.
To specify "no-map" cases in the UNINOMAP.TXT file, enter the first Unicode
value to watch for and then the second value representing the ASCII
replacement code. For example:
0178 98
20AC CC
encountered, the system uses the ASCII substitution character specified in
the file.
3d Select one of the following and click Next.
If users will authenticate using NDS, select Local.
If users will authenticate using a Domain, select Domain.

103-000162-001
September 4, 2001
Novell Confidential
21
Manual
99a
38
July 17, 2001
For Windows users, there are two types of authentication methods

available with Novell Native File Access: Local and Domain. Local
authentication requires a simple password to log in to a NetWare
server, but a simple password is not required for Domain
authentication.
When Novell Native File Access Protocols are configured for
domain authentication, it is not possible to change the simple
password or the NetWare password using Windows native Change
Password feature. To change the password, you must use Windows
domain management utilities.
3e (Optional) Specify the IP address to be attached to the Windows
(CIFS) protocol.
The default is to bind all IP addresses to the CIFS protocol.

3f (Optional) Specify additional NetWare volumes or folders that you
want to appear as share points in Network Neighborhood.
22

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
To specify a new share point, click New and then enter the path to the
directory, a name, and a description. The directory name must end
with a backslash (\). For example, SYS:\SYSTEM\.
3g Specify the NDS contexts for all Windows users who need access to
the server.
The list of NDS contexts are maintained in the CIFSCTXS.CFG file

that can also be updated after installation. For more information, see
Specifying Contexts in the Context Search File on page 41.

103-000162-001
September 4, 2001
Novell Confidential
23
Manual
99a
38
July 17, 2001
4 (Conditional) If you choose to install the Macintosh component (AFP),

4a From the Administrator Workstation, log in as a user with the
Supervisor right.
4b Open the SYS:ETC\CTXS.CFG file in a text editor.
4c Enter the contexts of each Macintosh user that requires access to the
server. For example:

sales.hongkong.acme
graphics.ny.acme
sales.ny.acme
The Native File Access Protocols software will search each context
in order until it finds the User object. For more information on
editing the CTXS.CFG file, see Editing the Context Search File on
page 34.
4d Save the file.
4e (Optional) Rename a volume by editing the
SYS:ETC\AFPVOL.CFG file.
5 Read the Summary Window and then click Finish.
Starting and Stopping Services

Each time the server starts, Novell Native File Access Protocols are loaded
from commands in the AUTOEXEC.NCF file. You can also load and unload
the service from the server console.
Starting and Stopping the Macintosh (AFP) Protocols
1 At the server console, enter AFPSTRT to load the Macintosh (AFP)
protocols on the server.

Any changes in the configuration files are applied when the protocols are
loaded.
2 At the server console, enter AFPSTOP to unload the Macintosh (AFP)
protocols.
24

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Starting and Stopping the Windows (CIFS) Protocols

1 At the server console, enter CIFSSTRT to load the Windows (CIFS)
protocols.
Any changes in the configuration files are applied when the service is
loaded.
2 At the server console, enter CIFSSTOP to unload the Windows (CIFS)
protocols.
Whats Next?
After completing the installation, you need to assign simple passwords to
users before Windows and Macintosh users can access the network. Proceed
to Chapter 3, Assigning Simple Passwords, on page 27.

103-000162-001
September 4, 2001
Novell Confidential
25
Manual
26
99a
38
July 17, 2001

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

Windows, Macintosh, and UNIX users must have a User object and simple
password before they can access network resources using native protocols.
A User object specifies attributes and information about which network
resources the user can access. User objects are created using ConsoleOneTM.
For more information about creating User objects, see the ConsoleOne Users
Guide. (http://www.novell.com/documentation/lg/consol12d/index.html)
A simple password lets users log in to the network without any client software.
To log in to the network, users are prompted from their operating systems
native network access method, such as Network Neighborhood or Chooser, to
enter their username and simple password.
Simple passwords can be easily created for one or many users by using one of
the following procedures.
Create simple passwords for a single user by following the instructions in
Using ConsoleOne to Create Simple Passwords on page 28.
Create simple passwords for one or more users by following the
instructions in Using NetWare Remote Manager to Create Simple
Passwords on page 29.
After setting up Novell Native File Access Protocols, you can manage
network access by following the instructions in Managing Users and Rights
to Network Resources on page 31.

103-000162-001
September 4, 2001
Novell Confidential
27
Manual
99a
38
July 17, 2001
Using ConsoleOne to Create Simple Passwords

ConsoleOne lets you create simple passwords for users one at a time by
completing the following procedure.
1 From the Administrator Workstation, log in as a user with the Supervisor
right.
Make sure that the Administrator Workstation meets the prerequisites
2 Run CONSOLEONE.EXE (located in
\PUBLIC\MGMT\CONSOLEONE\1.2\BIN\).
Novell ConsoleOne
3 Right-click the User object and then click Properties.

4 Click the Login Methods tab and select Simple Password.
5 Click Assign Simple Password.
6 Enter the simple password in the fields provided.
If the simple password is different than the NetWare password, the user
would enter the simple password when accessing the network with native
protocols and would enter the NetWare password when logging in with
the Novell ClientTM software.
7 Click Apply.
8 Repeat these steps to create a simple password for each user that requires
network access using Novell Native File Access software.
28

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Since you have created simple passwords for User objects in NetWare, those
users can now use native access methods (Network Neighborhood, Chooser,
etc.) to access network resources. When prompted, they will enter their
NetWare username (without context) and the corresponding simple password.
Using NetWare Remote Manager to Create Simple

Passwords
You can use NetWare Remote Manager (previously known as NetWare
Management Portal) to create simple passwords for users one at a time and
you can use it to create simple passwords for many network users.
1 Run NetWare Remote Manager following the instructions described in
the NetWare Remote Manager Administration Guide.

HINT: To run NetWare Remote Manager, enter the IP address of the server into
the URL field of an Internet browser.
2 From the left frame, click Manage eDirectory > NFAP Security.

103-000162-001
September 4, 2001
Novell Confidential
29
Manual
99a
38
July 17, 2001
Creating Simple Passwords for Multiple Users

1 Select an option to identify the users to receive simple passwords.
Select all User objects in a context by typing in the context in the

NDS Context field.
Select all User objects in the NDS tree by clicking Traverse Context
Tree for User Objects.
NOTE: Searching the entire NDS tree may take several minutes.
2 Select an option for choosing and communicating the password to the
user.
Send an e-mail to each user notifying them of their simple password

by clicking Send Password to User.
To use the Send Password to User feature, you must first use the
Access Mail Notification Control Page to set up NetWare Remote
Manager to perform e-mail notification.
The Access Notification Control Page is available by clicking the
configuration icon on the top of the screen. For more information, see
the NetWare Remote Manager Administration Guide.
Specify a common password by clicking User Supplied Password

and entering a password in the field provided.
The text entered in this field is used as the password for all selected
users receiving simple passwords.
3 (Optional) Use a script file to test the results before processing.
Before you commit to assigning simple passwords, you can run and
review a script file to make sure that you get the desired results.
3a Click an option for selecting User objects and an option for choosing
and communicating the passwords as described above.

3b Click Generate Script File and type a filename in the field provided.
3c Click Start.
3d Open and review the script file using a text editor.
3e Repeat the above steps until the script file contains the appropriate
information.
3f Click Process Script File and type the filename of the script in the
field provided.
4 Click Start to process the commands.
30

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Creating a Simple Password for a Single User

1 In the Username.Context field, type the username and context of the user
to receive the simple password.

2 In the New Password field, type the text to be used as the simple
password.
3 Click Set.
You will need to notify the user of the password
Managing Users and Rights to Network Resources

ConsoleOne helps you manage Novell Native File Access Protocols for each
computer platform (Macintosh, Windows, and UNIX). You can create users
and groups, assign and restrict rights to directories, and view the rights of
specific users.
To provide rights to network access, do the following:
1 From the Administrator Workstation, log in to the NetWare server
running Novell Native File Access Protocols.

You must use a Windows workstation that meets the prerequisites as
2 Run CONSOLEONE.EXE located in
\PUBLIC\MGMT\CONSOLEONE\1.2\BIN\.
3 Set up and manage rights as described in the Console One User Guide
(http://www.novell.com/documentation/lg/consol12d/index.html).
Whats Next?
You have now installed the software and set up passwords so Macintosh and
Windows users can access files on the network with no additional software.
For an explanation of how Macintosh users access network files and for more
information on managing Macintosh workstations, see Chapter 4, Working
with Macintosh Computers, on page 33.
For an explanation of how Windows users access network files and for more
information on managing Windows workstations, see Chapter 5, Working
with Windows Computers, on page 41.
To set up access for UNIX workstations, see Chapter 7, Working with UNIX
Machines, on page 55.

103-000162-001
September 4, 2001
Novell Confidential
31
Manual
32
99a
38
July 17, 2001

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

This chapter is divided into two sectionstasks administrators can perform
and tasks end users can perform using Macintosh computers.
Administrator Tasks
There are several ways that you can simplify your administration tasks and
customize how Macintosh workstations interact with the network.
Creating Simple Passwords for Several Macintosh Users

You can create simple passwords for users one at a time using ConsoleOneTM,
but if you want to create passwords for many Macintosh users, there is a
quicker way. You can add the CLEARTEXT option to the LOAD AFPTCP
command at the server console. For example:
LOAD AFPTCP CLEARTEXT
When the CLEARTEXT option is added to the AFPTCP command, users
logging in to the server from a Macintosh workstation are prompted to provide
their NDS username and NDS password. Once the NDS password is
verified, a simple password is automatically created and stored in NDS. The
simple password is the same as the NDS password.
The CLEARTEXT option is meant to be a temporary way to create simple
passwords for many Macintosh users. After Macintosh users have created
simple passwords, the AFPTCP NLM should be loaded without the
CLEARTEXT option.
WARNING: The CLEARTEXT option allows unencrypted passwords to be sent
over the network. If you are concerned about someone capturing your password
over the network, you should not use this option. Instead, you should manage
passwords using ConsoleOne on the Administrator Workstation.

103-000162-001
September 4, 2001
Novell Confidential
33
Manual
99a
38
July 17, 2001
Editing the Context Search File

A context search file allows Macintosh users to log in to the network without
specifying their full context. The context search file contains a list of contexts
that are searched when no context is provided or the object cannot be found in
the provided context. When the Macintosh user enters a username, the server
searches through each context in the list until it finds the correct User object.
Macintosh allows only 31 characters for the username. If the full NDS context
and username are longer than 31 characters, you must use a search list to
provide access.
HINT: Macintosh users do not need to enter a context or have an entry in the
context search file if their User objects are placed in the same container as the
Server object.
If User objects with the same name exist in different contexts, the first one in
the context search list will be used.
To edit the context search file, do the following:
1 Using any text editor, edit the CTXS.CFG file stored in the SYS:\ETC
directory of the server running Novell Native File Access Protocols.
2 On separate lines, enter the contexts to search.
For example, if you had users with full NDS distinguished names such as
Robert.sales.acme, Maria.graphics.marketing.acme,
Sophia.graphics.marketing, and Ivan.marketing.acme, then you would
enter the following contexts to the CTXS.CFG file:
sales.acme
marketing.acme
3 Save the file in the SYS:\ETC directory.
The file is read the next time a Macintosh user logs in.
When Macintosh users log in, they enter only a username and the simple
password. The system finds the User object in the context specified in the
CTXS.CFG file.
34

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Creating a Guest User Account

Novell Native File Access Protocols let you create a Guest User object.
Macintosh users are accustomed to being able to log in as Guest with no
password required.
1 From the Administrator Workstation, use ConsoleOne to create a User
object named Guest.

2 Determine and assign the appropriate rights to the Guest object by
double-clicking the Guest object and then clicking Rights to Files and
Folders.
3 Remove the ability for the user to change the password by clicking
Restrictions and then unchecking Allow User to Change Password.

4 Enable the Guest account by adding the full NDS context of the Guest
object to the context search file as described in Editing the Context

Search File on page 34.
5 Unload and reload the AFPTCP.NLM program with the GUESToption to
make the Guest button available on the login screen.

Any Macintosh user can now log in as Guest with no password and receive the
access rights assigned to the Guest object.
Renaming Volumes
Volumes can be renamed so that they appear in Chooser under a different
name.
1 Using any text editor, create a file named AFPVOL.CFG.
2 On separate lines, enter the current name of the volume and, in quotes, the
new name of the volume. For example:

server1.sys "System Volume"
server1.img "Graphics"
#The above volume contains image files.
NOTE: The pound sign (#) marks a line as a comment.
3 Save the file in the SYS:\ETC directory of the server running Novell
Native File Access Protocols.

Once the volume has been renamed, it keeps the name even if you delete
the file and restart the server. To return to the previous name, repeat these
steps and rename the volume to its original name.

103-000162-001
September 4, 2001
Novell Confidential
35
Manual
99a
38
July 17, 2001
For example:
System volume "server1.sys".
4 Unload and reload the AFPTCP.NLM program.
Volumes will appear to Macintosh users with the new volume names.
Macintosh End User Tasks

Accessing Network Files
Once the Novell Native File Access Protocols are properly configured on the
server, Macintosh users can use Chooser to access files and directories each
time they are required or they can create an alias on the desktop that is retained
after rebooting.
1 In Mac OS 8 or 9, click the Apple menu > Chooser > AppleTalk > Server
IP Address.
In Mac OS X, click Go > Connect to Server.
2 Enter the IP address or DNS name of the NetWare server, and then click
Connect.
3 Enter the username and password, and then click Connect.
4 Select a volume to be mounted on the desktop.
Although you now have access to the files, mounting the volume to the
desktop does not make it available after rebooting.
5 (Optional) Create an alias to the desired volume or directory.
Aliases are retained after rebooting.

5a Click the NetWare server icon.
5b Click File > Make Alias.
The alias icon appears on the desktop.
36

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Logging In to the Network as Guest

If the network administrator has set up the Guest User object account as
described in Creating a Guest User Account on page 35, Macintosh users
can log in to the network as Guest with no password required.
IP Address.
Connect.
3 Click Guest Login > Connect.
The Guest user has rights to access network resources as configured by the
network administrator.
Changing Passwords from a Macintosh Computer

Macintosh users can change their passwords. When they change their simple
password, their NDS password is automatically synchronized.
IP Address.
Connect.
3 Enter the username.
4 Click Change Password.
5 Enter the old password and the new password, and then click OK.
Assigning Rights and Sharing Files from a Macintosh Computer

Although using ConsoleOne from the Administrator Workstation is the
recommended method for managing rights, Macintosh users have some file
sharing and management capability using Chooser.
HINT: For more information on how to use ConsoleOne to set up and manage
rights, see the ConsoleOne Users Guide (http://www.novell.com/documentation/lg/

consol12d/index.html) or view the ConsoleOne online Help.

103-000162-001
September 4, 2001
Novell Confidential
37
Manual
99a
38
July 17, 2001
NetWare Rights versus Macintosh Rights
Using Chooser to access network files and folders is fairly consistent with the
Macintosh environment, but there are some differences between NetWare and
Macintosh file sharing. Macintosh users can view the sharing information
about specific folders by clicking Get Info/Sharing.
Inherited Rights and Explicit Rights
The Macintosh file system uses either inherited rights (which use enclosing
folders privileges) or explicit rights (which assign rights to a group or user).
A folder in the Macintosh file system cannot have both inherited and explicit
rights.
NetWare uses both inherited and explicit rights to determine the actual rights
that a user has. NetWare allows a folder (or directory) to hold file rights for
multiple groups and users. Because of these differences, Macintosh users will
find that access rights to folders and files might function differently than
expected.
NetWare uses inherited rights, so Macintoshs "Use Enclosing Folder's
Privileges" is automatically turned off. When a Macintosh user views the Get
Info/Sharing dialog box for a NetWare folder, only the User/Group
assignments are visible if there is an explicit assignment on the folder. If the
NetWare folder inherits User/Group rights from a parent group or container,
those rights are not displayed in the dialog box, nor will there be any
indication that the folder is inheriting rights from a group or container.
Owner, User/Group, and Everyone Rights
Because NetWare allows multiple groups and users to have rights to a single
folder, users are not able to delete rights assignments using the Apple
Macintosh interface. Users can add assignments to allow basic file sharing,
but more complex rights administration must be done using the NetWare
utilities such as ConsoleOne.
When specifying Owners, Users, and Groups, there is no way to select from
current groups. You must enter the correct NetWare name and context (fully
distinguished NDS name).
HINT:
file.
38
No context is required if the context is specified in the context search

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Owner Rights
In the Apple File Sharing environment, an owner is a user who can change
access rights. In the NetWare environment, users can change access rights if
they have been granted the Access Control right for the folder. In NetWare, an
owner means the one who created the file. A NetWare owner has no rights by
virtue of ownership. In the NetWare environment, the owner is the current
user if he has Access Control rights to the folder.
If the user does not have Access Control rights, the NetWare owner will be
shown if the NetWare owner is not the current user. If the current user does
not have rights to change access and is also the NetWare owner, a message to
"Use NetWare Utility" is displayed in the Owner field.
In Apple File Sharing, there can be more than one owner. If you change the
owner, Access Control rights are added to the new owner, but are not remove
from the current owner. In NetWare, there are two ways to have Access
Control rights: (1) have the Access Control right and (2) have the Supervisor
right. Adding a new owner only adds the Access Control rights, not the
Supervisor right. If the current owner already has the Supervisor right through
other NetWare utilities, that right will remain. The Supervisor right also gives
full file access rights. This means that if you are the current user and have the
Supervisor right, you also have read/write access and you cannot change those
rights.
Display only allows for one owner. If multiple users have file access rights,
only the current user is shown in the Owner field. This means you could
change the owner (which in NetWare simply means adding the Access
Control right to the new user) and when you open the file sharing dialog box
again, you will be listed as the Owner, even though you have just given
ownership or the Access Control right to someone else.
User / Group
Only one User/Group can be displayed for a folder, although NetWare allows
multiple users and groups to be assigned file access rights. If both Users and
Groups have access to a NetWare folder, Groups are displayed before Users.
The Group with the most access rights is preferred over Groups with lesser
access rights. Only users or groups with explicit rights (not inherited rights)
are shown in the User/Group field. Users and Groups with inherited rights are
not shown in the dialog box nor is there any indication that there are Users and
Groups with inherited rights.

103-000162-001
September 4, 2001
Novell Confidential
39
Manual
99a
38
July 17, 2001
Adding a group or user does not remove the current group or user; it simply
adds the rights to the group or user specified. If the user enters the wrong user
or group name, the user gets no feedback. If multiple users or groups are
assigned to the folder, it is possible that the user is unable to see the user or
group that was just assigned. It could be very difficult to know if the rights
assignment worked or not.
Rights set through this interface are inherited by the folder's subfolders. It is
impossible to manage all inherited rights from the Macintosh interface.
(Although not recommended, you could set the inherited rights filters from the
NetWare utilities to turn off inherited rights.)
Everyone
Assignment of rights to Everyone acts like the Macintosh user expects, with
the exception that Everyone's rights are inherited. In NetWare, the object that
represents the rights of any authenticated user is used to set Everyone's rights.
Everyone's rights can change from folder to folder, but once they are set, they
are inherited by subfolders.
40

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

This chapter is divided into two sectionstasks administrators can perform
and tasks end users can perform using Windows computers.
Administrator Tasks
There are several ways that you can simplify your administration tasks and
customize how Windows workstations interact with the network.
Specifying Contexts in the Context Search File

During the installation, you specified the NDS contexts of Windows users
that required access to the network. These contexts are saved in the context
search file. When the Windows user enters a username, the Novell Native
File Access Pack component running on the server searches through each
context in the list until it finds the correct User object.
NOTE: In Domain mode, if User objects with the same name exist in different
contexts, each user object attempts authentication in order until one succeeds with
the corresponding password.
You can add or remove contexts by editing the context search file.
1 Using any text editor, edit the CIFSCTXS.CFG file stored in the
SYS:\ETC directory of the server running Novell Native File Access

Protocols.
2 On separate lines, enter the full contexts to search.
For example if you had users with full NDS distinguished names such as
Robert.sales.acme, Maria.graphics.marketing.acme,

103-000162-001
September 4, 2001
Novell Confidential
41
Manual
99a
38
July 17, 2001
Sophia.graphics.marketing, and Ivan.marketing.acme, then you would

enter the following contexts to the CIFSCTXS.CFG file:
sales.acme
marketing.acme
3 Save the file in the SYS:\ETC directory.
4 At the server console, enter CIFSSTOP to unload the current context
search file.
5 Enter CIFSSTRT to load the new context search file and apply the
changes.
When Windows users log in, they enter only a username and the simple
password. The system finds the User object in the context specified in the
CIFSCTXS.CFG file.
NOTE: Remember that users must have a simple password before they can
access the network.
Providing Network Access to Domain Users

You can provide access to users from an existing NT domain by importing
them into NDS.
1 Configure the Novell Native File Access Protocols software for Domain
authentication.
Importing users from an NT domain is not supported in Local Mode. In
Local Mode, the main NetWare Remote Manager page is displayed
rather than the NFAP Import Users page.
2 Run NetWare Remote Manager following the instructions described in
the NetWare Remote Manager Administration Guide in the NetWare 6

documentation. (http://www.novell.com/documentation/lg/nw6p)
The NetWare Remote Manager is launched by entering the IP address of
the server into the URL field of an Internet browser.
3 In the left frame, click Manage eDirectory > NFAP Import Users.
4 Browse to the NDS Context that you will import the users into.
Any time you reach a valid context for importing users, a Start button will
appear.
5 Click Start to import users.
42

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The context that you select will be automatically written to the

CIFSCTXS.TXT file, which contains all the contexts of all users.
Status of the import is given on the interval that you select.
6 When the import is complete, click Done to clear the screen.
Customizing the Network Environment Using a Configuration File

1 Log in to the server running the Novell Native File Access Protocols.
2 Change to the SYS:\ETC\ directory.
3 Edit CIFS.CFG using a text editor.
Enter the desired parameters following the rules for syntax.

4 Save the CIFS.CFG file to the same directory (SYS:\ETC).
Configuration File Parameters
The following parameters can be set in the SYS:\ETC\CIFS.CFG file to

customize the user experience for your environment.
HINT: Any parameter can be excluded by placing a # at the beginning of the
command line. If the parameter is excluded, the default value is used.
-SERVERNAME
The name of the server running Novell Native File Access Protocols. The
length can be a maximum of 15 characters. This name is displayed in Network
Neighborhood. This server name must be different from the NetWare Server
name.
Value: Server_Name
Default: None
-COMMENT
The comment associated with the server name listed above. This comment is
displayed when viewing details.
Value: Comments
Default: None

103-000162-001
September 4, 2001
Novell Confidential
43
Manual
99a
38
July 17, 2001
-AUTHENT
The method of authentication used by Novell Native File Access Protocols.

DomainClients are members of a domain. A Windows domain
controller performs user authentication.The username and password on
the domain controller must match the username and password used to log
in to the Windows workstation.
LocalClients are members of a workgroup. The server running Novell
Native File Access Protocols performs the user authentication. The
username and password on NetWare must match the username and
password used to log in to the Windows workstation.
Value: Domain | Local
Default: Local
-DOMAIN
The domain or workgroup that the server will belong to.

Value: Domain_Name
Default: Workgroup
-WORKGROUP
The domain or workgroup that the server will belong to. Workgroup and
Domain can be used intergchangeably.
Value: Workgroup_Name
Default: Workgroup
-PDC
The PDC server name and static IP address. This is needed if the PDC is on a
different subnet. This option should be used only when there is a valid reason
for overriding WINS or DNS.
NOTE: The address of the PDC must be static; otherwise, if the PDC reboots and
the address changes, the server running Novell Native File Access Protocols will
not be able to contact the PDC.
Value: PDC_Name Address

Default: None
44

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
-PDCNAME
The PDC server name. If the PDC and server running Novell Native File
Access Protocols are on different subnets, clients must use DNS name
resolution to find the server. PDCNAME does not include the IP address.
Value: PDC_Name
Default: None
-WINS
Address of WINS server to be used to locate the PDC, if the PDC and server
running Novell Native File Access Protocols are on different subnets.
Value: IP_Address
Default: None
-ATTACH
Bind the CIFS protocol to the IP address specified. For multiple addresses,
repeat the command as needed.
Value: IP_Address
Default: Bound to all addresses.
-SHARE
Allow any volumes or directories on the server to be specified as shared points

and to be accessible via the Network Neighborhood. If no -SHARE line is
specified (or is commented out), then all mounted volumes are displayed.
Localpath is the path to the server volume or directory which becomes the
root of the sharepoint. This path must end with a backslash (\).
Sharename is the name by which the sharepoint is known to the Windows
computers.
Connection Limit is the number of connections allowed to the sharepoint
(0 is unlimited).
Comment is a description for the sharepoint that appears in Network
Neighborhood or My Network Places.
Value: Localpath Sharename Connection Limit Comment
Default: All mounted volumes are shared.

103-000162-001
September 4, 2001
Novell Confidential
45
Manual
99a
38
July 17, 2001
-UNICODE
When On (enabled), this command enables Unicode characters (used in

double-byte languages).
Value: On | Off
Default: Off (disabled)
IMPORTANT: To support Unicode, an additional file named UNINOMAP.TXT
must be created and saved in the SYS:\ETC directory. When the -UNICODE value
is set to On, the UNINOMAP.TXT file is used to resolve Unicode-to-ASCII "nomap" problems.
To specify "no-map" cases in the UNINOMAP.TXT file, enter the first Unicode
value to watch for and then the second value representing the ASCII replacement
code. For example:
0178 98
20AC CC
encountered, the system uses the ASCII substitution character specified in the file.
Sample Configuration File

#This name will display in Network Neighborhood with the
#following comment.
-SERVERNAME NW6-NNFAP
-COMMENT Server running Novell Native File Access Protocols
#Novell Native File Access Protocols is configured to use
Local #authentication.
-AUTHENT LOCAL
#The workgroup name is ONENET.
-WORKGROUP ONENET
#When this volume is mounted, the local path CIFSVOL:\ will
appear as a sharepoint named Graphics Volume with unlimited
connections (0) and its corresponding comment.
-SHARE CIFSVOL:\ Graphics Volume 0 Lots of image files
46

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Configuration File Shortcuts
You can enter the following commands at the server console to modify the
configuration file.
CIFS SHARE ADD localpath sharename
connectionlimit comment adds a new sharepoint and also adds
the command to the CIFS.CFG file.
CIFS SHARE REMOVE sharename removes the sharepoint and
comments it out of the CIFS.CFG file.
Viewing Configuration Details

You can view details about how Novell Native File Access Protocols are
configured by entering the following commands at the server console.
CIFS INFO displays operational information.
CIFS SHARE displays all active sharepoints.
CIFS SHARE sharename displays information about a specific
sharepoint.
Windows User Tasks

When Novell Native File Access Protocols are properly configured, Windows
users can access files, map drives, and change passwords on NetWare servers.
Accessing Files from a Windows Computer

From a Windows computer, you can access a file and folder each time it is
required or you can map drives and create shortcuts that are retained after
rebooting.
1 Enter your username (no context) and local password to log in to the
computer.
2 Access the network by clicking the network icon.
In Windows 2000 or Windows ME, click My Network Places >

Computer Near Me. In Windows 95/98, click Network Neighborhood.
3 Browse to the workgroup or domain specified during the Novell Native
File Access software installation.

4 Select the server running Novell Native File Access Protocols.

103-000162-001
September 4, 2001
Novell Confidential
47
Manual
99a
38
July 17, 2001
Although it is the same computer, the Novell Native File Access server
name is not the same as the NetWare server name. For more information,
ask your network administrator.
HINT: You can enter the server name or the server IP address in Find Computer
to quickly access the server running Novell Native File Access software.
5 Browse to the desired folder or file.
Mapping Drives from a Windows Computer

1 Enter your username and local password for Microsoft* Networking.
2 Click Map Network Drive.
There are several ways to access Map Network Drive. For example, you
can use the Tools menu in Windows Explorer or you can right-click
Network Neighborhood.
3 Browse to or enter the following path:
\\server_running_Novell_Native_File_Access_softw
are\sharepoint | volume | directory\
4 Select the server running Novell Native File Access Protocols.
Although it is the same computer, the Novell Native File Access server
name is not the same as the NetWare server name. For more information,
contact your network administrator.
5 Complete the on-screen instructions for mapping the drive.
Changing Passwords from a Windows Computer

Windows users can change and synchronize their local password and their
simple password. When users change the local password, they also change and
synchronize their simple password.
From a Windows 2000/NT Computer
1 Press Ctrl+Alt+Delete.
2 Click Change Password.
3 In the Domain field (or the Log On To field in Windows 2000), enter the
name of the server running Novell Native File Access Protocols.

If your Windows computer is running Novell ClientTM software, click
Show All Resources and select the appropriate server.
48

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
4 Enter the username, old password, and new password as prompted.
The NetWare password and the simple password will be synchronized

only if the old simple password matches the NetWare password. If they
are different, the NetWare password will not be changed and access to the
network will be denied. To change and synchronize the NetWare
password, you must use the Administrator Workstation running Novell
Client software.
From a Windows 95/98/ME Computer
1 Change the local password.
1a Click Start > Control Panel > Passwords.
1b Click Change Passwords > Change Windows Password.
1c Enter the username, old password, and new password as prompted.
2 Change the simple password.
2a Click Start > Run.
2b Enter
NET PASSWORD
server_running_Novell_Native_File_Access_soft
ware
For example:
NET PASSWORD NetWare1
WARNING: The Windows NET PASSWORD utility sends unencrypted text
(called clear text) over the network. If you are concerned about someone
capturing your password over the network, you should manage passwords
using ConsoleOneTM from the Administrator Workstation. For more
information on why this issue exists, contact Microsoft Corporation.
2c Enter the same username, old password, and new password when
prompted.
The NetWare password and the simple password will be
synchronized only if the old simple password matches the NetWare
password. If they are different, the NetWare password will not be
changed and access to the network will be denied. To change and
synchronize the NetWare password, you must use the Administrator
Workstation running Novell Client software.

103-000162-001
September 4, 2001
Novell Confidential
49
Manual
99a
38
July 17, 2001
For Computers Using Domain Authentication
If the computer is configured to use domain authentication, then the password

checking is done by the domain controller. The password can be changed
using the Windows administration tools for a domain controller. For more
information, contact your network administrator.
50

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Setting Up Novell Native File Access

Protocols in a NetWare 6 Cluster
NetWare 6, Novell Cluster ServicesTM software, and Novell Native File
Access Protocols provides high availability, scalability, and security to your
network while reducing administrative costs associated with managing client
workstations.
This chapter describes how to set up a NetWare 6 clustered environment so
that Macintosh and Windows computers can use Novell Native File Access
Protocols to access files on the network.
NOTE: For information on setting up UNIX computers to use Novell Native File
Access Protocols in a clustered NetWare 6 environment, see Chapter 7, Working

with UNIX Machines, on page 55.
Prerequisites
Before installing Novell Native File Access Protocols in a clustered
environment, make sure that you have met the following prerequisites:
Novell Cluster Services 1.6 installed on NetWare 6 servers
For information on configuring Novell Cluster Services, see Novell
Cluster Services Overview and Installation.
NetWare 6 configured as described in NetWare Server Prerequisites on
page 15
Administrator workstation configured as described in Administrator
Workstation Prerequisites on page 17
Novell Native File Access Protocols installed on each server in the cluster
that you want users to access. Follow the instructions in Installing the
Software after Server Installation on page 18

103-000162-001
September 4, 2001
Novell Confidential
51
Manual
99a
38
July 17, 2001
Setting Up for Macintosh

To set up the Macintosh portion of Novell Native File Access Protocols in an
environment running Novell Cluster Services, complete the following:
1 Load AFPTCP.NLM on all servers in the cluster by entering LOAD
AFPTCP at the server system console.

HINT: You can add this command to the AUTOEXEC.NCF file of each server.
2 Cluster-enable the shared-disk volumes by following the procedures
described in the Cluster Services documentation. (http://

www.novell.com/documentation/lg/ncs/index.html)
3 (Optional) Rename cluster-enabled volumes so Macintosh users will see
the same volume name regardless of what server has the volume
mounted.
For instructions, see Renaming Volumes on page 35.
Volumes are displayed as "ServerName.VolumeName." If the server fails
over, the user sees the next failover server with the same volume name.
For example, Server1.VOL1 becomes Server2.VOL1. Renaming each
ServerName.VolumeName to a common name displays the common
name regardless which server is providing the volume. For example,
renaming Server1.VOL1 to Graphics, Server2.VOL1 to Graphics, and
Server3.VOL1 to Graphics displays Graphics regardless which server is
providing VOL1.
Macintosh clients should now be able to access files on the server cluster by
entering the IP address or server name of the cluster-enabled volume.
NOTE: Novell Native File Access Protocols does not support automatic reconnect
for Macintosh computers. If the network connection between a Mac computer and
one of the servers in the cluster fails, the user must reconnect using the same IP
address for the cluster-enabled volume.
Setting Up for Windows

To set up the Windows portion of Novell Native File Access Protocols in an
environment running Novell Cluster Services, complete the following steps:
1 Remove the CIFSSTRT.NCF command from each servers
AUTOEXEC.NCF file.
2 Create a Cluster Resource object that corresponds with the Novell Native
File Access Protocols support for Windows.
52

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
2a Log in as a user with the Supervisor right to a server in the cluster.

2b Run ConsoleOneTM located in
SYS:\PUBLIC\MGMT\CONSOLEONE\1.2\BIN\.
2c Select the Cluster Resource object.

2d Click File > New > Cluster > Cluster Resource.
2e Name the Cluster Resource (for example, Native_File_Access).
2f Enter CIFS Server in Inherit From Template.

2g Click Create.
3 Follow the instructions and substitute variables in the template to
customize the resource for your environment.

103-000162-001
September 4, 2001
Novell Confidential
53
Manual
99a
38
July 17, 2001
Whats Next?
With the NetWare 6 cluster configured with Novell Native File Access
Protocols, Macintosh and Windows users can receive the benefits of a
clustered environmentwithout needing additional client software.
For an explanation of how Macintosh users access network files and for more
information on managing Macintosh workstations, see Working with
Macintosh Computers on page 33.
For an explanation of how Windows users access network files and for more
information on managing Windows workstations, see Chapter 5, Working
with Windows Computers, on page 41.
54

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

Novell Native File Access for UNIX* provides an NFS Server that lets
UNIX workstations access and store files on NetWare servers. It is an
implementation of the Network File System (NFS) protocol. The required
software components are installed and run only on the NetWare servers; no
additional software is required on the UNIX workstations. UNIX users attach
to NetWare storage using NFS over the TCP/IP protocol. They can mount the
exported network storage and use it as their own file system.
The traditional NetWare file system is supported only on NFS version 2. The
NSS file system, however, is supported on NFS versions 2 and 3. NFS Server
provides mount protocol versions 1, 2, and 3 over UDP. The NFS Server
supports NFS protocol versions 2 and 3 on UDP and TCP.
Native File Access for UNIX also provides a complete Novell eDirectoryTMenabled Network Information Services (NIS) with which UNIX and NetWare
users can be administered from a single point, namely eDirectory. NIS
maintains its information in eDirectory and integrates the user information so
that the eDirectory User object also represents the NIS user.
Features of Novell Native File Access for UNIX

Novell Native File Access for UNIX includes the following features:
NFS Server
Network File System (NFS) enables UNIX users to access a NetWare file
system as if it were a local directory on the UNIX workstation. Any client
that supports the NFS protocol can also access NetWare files using the
NFS Server.
See NFS Server on page 57.

103-000162-001
September 4, 2001
Novell Confidential
55
Manual
99a
38
July 17, 2001
Network Information Services

NIS is a yellow pages service widely implemented in UNIX
environments. NIS on NetWare acts as a central repository for NIS
information by storing them as eDirectory objects that can be centrally
maintained and administered.
See Network Information Service on page 59.
UNIX User Management
With the implementation of NIS over eDirectory, there exists only one
user/group in the network which contains both eDirectory information
and UNIX information. This brings up the user management to single
point, namely eDirectory.
See UNIX User Management Using eDirectory on page 63.
ConsoleOne-Based Administration
By using ConsoleOnes snap-in utility for Native File Access for UNIX,
you can administer and manage the services.
See ConsoleOne-Based Administration on page 65.
Cluster Services Support
To achieve high availability of services, Native File Access for UNIX can
be run on Novell Cluster ServicesTM.
See Novell Cluster Services Support on page 66.
Upgrade Utility
The upgrade utility helps to retain the configurations of previous
installations of NetWare NFS Services (versions 2.x and 3.x) during a
NetWare 6 upgrade.
See Upgrade Utility on page 68.
56

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Overview of Native File Access for UNIX

NFS Server
Network File System (NFS) enables UNIX users to access a NetWare file
system as if it were a local directory on the UNIX workstation. Any client that
supports the NFS protocol can also access NetWare files using the NFS
Server.
This section uses the UNIX operating system as the example when referring
to the remote NFS client. The following figure shows an example of the NFS
Server file sharing process.
Figure 1
NFS Server Functionality
NetWare Server
SFO-ARGOS
UNIX Host
MADRID
2
This path
(/vol/memos)
is exported
for access
by the UNIX
host MADRID.
The UNIX host

MADRID mounts
the exported path.
This path is now

accessible as if it
were a local
directory.
Making the NetWare File System Available to NFS Clients
Before UNIX users can access the NetWare file system, it must be made
available to the UNIX workstations. This process is called exporting the file
system. When exporting, you can define who should access the information
and how it is accessed by specifying the trusted systems and export options.
For example, you can restrict the access to specific UNIX workstations, export
the directory as Read-only, etc.

103-000162-001
September 4, 2001
Novell Confidential
57
Manual
99a
38
July 17, 2001
Accessing the NetWare File System from NFS Clients
After exporting the NetWare file system from a NetWare server, you must
mount the exported file system on the UNIX workstation for normal access.
This process is called mounting the file system. Mounting a NetWare file
system from a UNIX workstation consists of the following:
Creating a mount point
A mount point is an empty directory you create. This directory becomes
the access point for the NetWare file system. If you choose an existing
directory as a mount point, the contents of the existing directory become
unavailable until you unmount the remote file system.
Mounting the NetWare directory
Most UNIX systems use the MOUNT command to mount a remote file
system.
After these steps are complete, UNIX users can access the NetWare file
system by accessing the local mount point. Different UNIX systems can use
slightly different commands or user interfaces to mount a remote file system.
Accessing the NFS Server from the Web
The Web-NFS component of the NFS software enables direct Web access to
data on NFS servers. It defines a new NFS URL that complements HTTP. The
format is as follows:
NFS://Hostname or IP Address
Using this URL, browsers with Web-NFS support can access data from any
server.
Web-NFS extends NFS to support operations over a WAN. With Web-NFS,
clients can obtain file handles more easily without going through the
portmapper or the mount protocols. This makes it firewall-friendly and
enables NFS operations across WANs and the Internet. It also improves
performance over a WAN by reducing the number of turnarounds.
For each NFS server, only one of the exported paths can be enabled for WebNFS access.
58

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NFS Server Access Control
NetWare and UNIX use different methods for controlling access to files.
Although both have similar directory and file security, NetWare security is
more elaborate. At a basic level, both systems assign access controls to similar
user types.
The access control mode is known as Independent Mode wherein there are no
rights/permissions mappings. NFS Client rights apply to NFS client access
and NetWare rights apply to NetWare client access.
For information about NFS Server configuration and management, see NFS
Server on page 82.
Network Information Service

Network Information Service (NIS) software lets you administer both UNIX
and NetWare from a single point, namely eDirectory.
NIS is a yellow pages service widely implemented in UNIX environments.
NIS contains common information about users, groups, and hosts and other
information that any client might require. This information could include a list
of network hosts, protocol information, and even non-standard information
that is likely to benefit from a centralized administration like phone lists.
NIS maintains its information in eDirectory and also integrates the user/group
information so that the eDirectory User/Group object also represents the NIS
user/group. In the eDirectory-enabled NIS, all NIS-related information is
stored as eDirectory objects. The NetWare NIS can also be set up to work in
the various NIS configurations available.
NetWare Implementation of NIS: In the NetWare implementation of NIS,
individual NIS Records, NIS Maps, NIS Domains, and NIS Servers are
eDirectory objects with additional custom attributes defined to accommodate
the NIS-specific information.
NetWare NIS is installed as part of the Native File Access for UNIX
installation, and the NIS Server eDirectory object is created with the name
NISSERV_ServerName in the default bindery context of the server or in the
Server's eDirectory Context.

103-000162-001
September 4, 2001
Novell Confidential
59
Manual
99a
38
July 17, 2001
This NISSERV_ServerName is the main NIS Server eDirectory object. It

maintains a list of all the NIS Domains it is serving. To view and edit the list,
do the following:
1 Right-click NISSERV_Servername object.
2 Click Properties.
3 Click the Memberships Tab to display the list of NIS Domains served by
this NIS Server object.

4 Click the Others Tab to view the IP Address of the NetWare server where
NIS server is installed.

NIS Information on eDirectory
NIS Domain
The NIS system organizes nodes into administrative segments called domains.
The NIS domain exists only in the local environment and usually covers a
single network. An NIS domain is a hierarchical structure; hence it is stored
as a container in eDirectory. NIS does not impose any strict rules on domain
naming; however, each domain must have a unique name.
An administrative NIS domain could be a company or a division of a
company. Many administrators using DNS choose to relate their NIS domain
name to their DNS domain name, but this is not necessary.
NIS Maps
NIS stores all the common information pertaining to a domain as a set of NIS
Maps. Users can access the information in these NIS maps. In the eDirectoryenabled NIS, these maps are stored as containers under the NIS domain
container. A migration utility is available to create the NIS maps under a
specified domain. The NIS Server supports both standard and custom maps.
Standard NIS Maps: Standard maps are created from the standard NIS text
files.
The following standard maps are supported. They are classified according to
the type of records they contain.
Ethers MapA source of information about the Ethernet addresses (48-bit)
of hosts on the Internet. The Ether objects (ieee802Device) store information
about the Ethernet address and hostname.
60

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Bootparams MapA source of information for various boot parameters.

The Boot objects store information about the boot parameters of the various
devices that are running. If the Bootparams text filename is to be migrated
from the ConsoleOne, it should be named bootp.
Hosts MapContains one entry for each IP address of each host. If a host has
more than one IP address, it will have one entry for each. The Hosts objects
store the IP address and hostname as distinguished values of CN, and aliases
and nicknames are stored as other values of CN attributes.
Netgroup MapA source of information about Net Group parameters. It
provides the abstraction of net groups.
Networks MapContains a single object for each network. The Network
objects store network names as distinguished values of CN, and aliases and
nicknames are stored as other values of CN attributes.
Protocols MapContains one object for each protocol. The Protocols
objects store protocol names as distinguished values of CN, and aliases and
nicknames are stored as other values of CN attributes.
RPC MapContains one object for each Remote Procedure Call (RPC)
program name. The RPC objects store RPC program names as distinguished
values of CN, and aliases and nicknames are stored as other values of CN
attributes.
Services MapContains an object for each service. The Services objects
store service names, ports, and protocols as distinguished values of CN, and
aliases and nicknames are stored as other values of CN attributes.
Passwd MapMaintains the details of the users such as UID, Username,
home directory etc.
Group MapMaintains the details of the groups present such as GID, Group
name, and Group members.
Ypservers MapMaintains a list of NIS slave servers which can also serve
the NIS domain.
Custom NIS Maps: You can use NIS to store any common configuration
information that is valuable to NIS clients. Maps you create in addition to the
standard NIS maps are called custom maps. For example, you can create an
NIS map that provides an employee phone list.
You can create custom maps by creating a text file that contains the relevant
configuration information. After creating the text file, you convert it into an
NIS map through migration.

103-000162-001
September 4, 2001
Novell Confidential
61
Manual
99a
38
July 17, 2001
To create a phone list map, you would begin by creating a text file containing
each employee's name and phone number. An NIS map text file must conform
to the following rules:
Each data line begins a new entry key.
The backslash character (\) at the end of a line appends the next line to the
current line.
The pound sign (#) at the beginning of a line tells the converter to ignore
the line.
Blanks separate the key and the value. Therefore, you must use
underscores to replace all other blanks within the key, such as the space
between an employee's first and last names. Blanks are acceptable within
the key values such as the phone list.
The following is an example of the phone list text file:
# This is the text file for the phone list map.
Janice_SmithMS 881-1456
Bob_SpillerMS 235-6777
Jim_Miller MS 769-8909
Various NIS Configurations
NIS can be configured in the following ways:

NIS Master Server
NIS Slave Server
NIS Client
NIS Master Server
The master server is the true single owner of map data. It is responsible for all
map maintenance and distribution to slave servers. Once an NIS map is built
on the master, the new map file is distributed to all slave servers for that
domain, through the client-server relationship. You must, therefore, make all
the modifications only on the master. The master maintains a list of slave
servers within its domain in the form of a map named Ypservers.
62

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NIS Slave Server
You can set up read-only copies of the NIS database on secondary servers. The
secondary servers are referred to as slaves. When the server is set up as an NIS
slave, it contacts the master NIS server and requests a complete copy of the
NIS maps on that server.
Once the slave server is set up, you dont need to manage the update process
manually. The slave servers periodically query the master and request an
update when the slave detects a more recent time stamp on the master. A slave
server can be added to the Ypservers map in the master.
We recommend that you set up at least one slave server for each NIS domain.
The slave server can then function as a standby if the master server goes down,
although it might not be necessary in all networks. Slave servers can also be
used for load distribution in the network. A master NIS server for one domain
can also function as a slave NIS server for another domain.
NIS Client
NIS client enables users to query NIS map information from NIS servers.
For more information on setting up and managing NIS, see NIS Server on
page 94.
UNIX User Management Using eDirectory

With the implementation of NIS over eDirectory, there exists only one user/
group in the network which contains both eDirectory information and UNIX
information. This brings up the user management to single point, namely
eDirectory.
For this purpose, the eDirectory schema has been extended and the relevant
user information is placed in the eDirectory Library. The User object now
stores UNIX information such as UID, GID, password, home directory, and
shell on eDirectory.
By default, UNIX users /groups are looked for within the containers specified
by the parameter SEARCH_ROOT in the configuration file NFS.CFG. The
search is recursive within the containers specified by this parameter. In case
the parameter does not contain any value, then the search is done under the
default bindery or servers context.
When a set of users/groups are migrated to eDirectory from a UNIX server,
corresponding User/Group objects are created /updated in eDirectory. During

103-000162-001
September 4, 2001
Novell Confidential
63
Manual
99a
38
July 17, 2001
migration, if the UNIX user or group is not present, a new eDirectory User or
Group object is created with default NetWare rights. If the User or Group
object exists, the user or group's UNIX-related information is updated by
default during the migration.
User and Group Information
NetWare and UNIX both use the same User and Group objects to get the
information they need.
When a user/group makes a request to access one of the services, it searches
for the User object on eDirectory by default. The services can also be
configured to look for users and groups from a remote NIS database.
Information about UNIX Users and Groups
The user information includes the following:

Username
UNIX User Identification Number (UID)
Home directory
Preferred shell
UNIX Group Identification Number (GID)
Comments
The Group Information includes the following:
Group name
Group Identification Number (GID)
Users present in this group
A typical UNIX system stores user account information in the /ETC/
PASSWD file and stores group information in the /ETC/GROUP file. You can
migrate this data directly into eDirectory using the migration utility.
UNIX Usernames, Group Names, and ID Numbers
Each user uses a username to log in to the system. The UID identifies file and
directory ownership information. The user's UID can be a number between 0
and 65,535, with the numbers 0 through 99 usually reserved. (0 is usually
assigned to the Superuser.)
64

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NFS group names also have identification numbers. The range of numbers is
between 0 and 65,535, with the numbers 0 through 99 reserved. The GID
identifies the user as a member of the primary group identified by that GID.
User Home Directories
The home directory is the absolute pathname of the user's home directory on
UNIX machines.
User Preferred Shells
The shell information identifies the path of the shell program that runs when
the UNIX user logs in to the system. You can set the login account to run any
program when a user logs in to the system, but the program typically creates
an operating system working environment.
Handling UNIX User Passwords
The current implementation does not migrate the existing UNIX password
field in the password map.
Before migrating the users and groups, remove the password field ("*", "x",
or "!") from the corresponding text file and then migrate. After doing this, you
can set the UNIX password from the UNIX machine. This is done by making
the UNIX machine an NIS client to the NetWare machine, logging in as that
NIS user and running an NIS client utility named YPPASWD to set the UNIX
password.
For information about UNIX user management, see Migration on page 74.
ConsoleOne-Based Administration
You can use ConsoleOne to perform the following Native File Access for
UNIX tasks:
Configure the server's global parameters
Start and stop services
Configure and manage services
Configure error reporting
Monitor performance and adjust parameters affecting performance
Configure user and group UNIX information
For more information, see ConsoleOne-Based Configuration on page 69.

103-000162-001
September 4, 2001
Novell Confidential
65
Manual
99a
38
July 17, 2001
Novell Cluster Services Support

In a non-cluster environment, if the server running Native File Access for
UNIX fails, then UNIX users will not be able to use this service until the
NetWare server is up. To achieve high availability, you can run Native File
Access for UNIX on Novell Cluster ServicesTM.
The product is installed on all the required nodes in the cluster. Cluster
enabling is achieved by storing the required configuration files on the shared
disk in the cluster. Native File Access for UNIX then accesses these files
through an always or highly available virtual IP address. NFS/NIS clients
must, therefore, use the virtual IP Address for NFS mounts and issuing NIS
client calls. In case the server where the services are currently running fails,
the shared disk volume with configuration files automatically remounts along
with the virtual IP on a designated node in the cluster.
Native File Access for UNIX supports only active-passive mode on the
cluster. This means that only one node in the cluster will be running NFS
Services.
Running Novell Native File Access for UNIX on Novell Cluster Services
provides the following benefits:
There is no need to replicate configuration information as the
configuration files are stored on the shared disk.
Services can be automatically restarted without user intervention in case
of a node failure in a cluster.
The services can be migrated and controlled between the various nodes in
the cluster using ConsoleOne.
Since the cluster volume is the same regardless of which server it is
mounted on, no configuration information is lost or out of date.
For information on configuring Native File Access for UNIX on Novell
Cluster Services see Setting Up Novell Native File Access for UNIX with
Novell Cluster Services on page 112.
66

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The following administration utilities are provided with Novell Native File
Access for UNIX:
SCHINST
This utility is run automatically during the installation of Native File Access
for UNIX. This utility extends the schema necessary for storing the UNIX
information of objects. If the directory services are reinstalled or if the
NISUserDef/NISUser object is deleted, run this utility manually. The syntax
is as follows:
schinst [ -f filename]
The -f filename is an optional parameter. It is the name of the file that contains
the list of schema files that need to be extended. If a filename is not specified,
the default file, SYS:\ETC\UNIXSCH, is used.
SCHINST takes the administrator's FDN and password as input for extending
the schema.
SCHINST extends the UAM schema only if N4S schema is not already
extended in the tree. If N4S is present, SCHINST will not extend the UAM.
It creates NISUserDef object if N4S schema is available or else creates
NISUser object if UAM schema is extended. It also adds the UNIX Profile of
the root user as UID=0, GID=1, Home Directory=/home to this object. It
updates the parameter NIS_ADMIN_OBJECT_CONTEXT in the
configuration file NFS.CFG with the context where the object is present.
To extend UAM schema deliberately when N4S schema is already present in
the tree, execute the following command after stopping the NFS services
running (use nfsstop):
schinst -n
NOTE: You also have to run nisinst after this.
All log messages generated by SCHINST are written to the

SYS:\ETC\SCHINST.LOG file. All information regarding schema extension
can be found in SYS:\SYSTEM\DSMISC.LOG.

103-000162-001
September 4, 2001
Novell Confidential
67
Manual
99a
38
July 17, 2001
NISINST
This utility creates an eDirectory object with the name

NISSERV_Servername by default or whatever name was specified with the s option. NIS Server uses this object to store the domains served by the NIS
Server. NIS Server validates every request against the list of domains
specified in this object. It serves the request only when the domain in the
request is present in the above list. The syntax is as follows:
nisinst [-s name] [-x context]
The parameter -s is optional. It specifies the name to be given to the nisserver

object. The parameter -x is also optional. It specifies the context where the
object should be created in eDirectory.
Run the NISINST manually, if the nisserver object is deleted.
IMPORTANT: If directory services are removed, you need to comment the
SEARCH ROOT parameter in NFS.CFG and do the following:
nfsstop
schinst
nisinst
nfsstart
Upgrade Utility
The upgrade utility (NFAUUPGR.NLM) is automatically invoked to upgrade
the default configuration of NetWare NFS Services 2.x or 3.0 when you
choose Native File Access for UNIX while upgrading the operating system
from NetWare 4.x or NetWare 5.x to NetWare 6.
When invoked during installation, the upgrade utility retains the existing
configuration into the new configuration files, NFS.CFG, NIS.CFG, and
NFSSERV.CFG located in SYS:\ETC. The existing configuration files
NFSTHOST, and NFSEXPRT are retained.
During installation, if N4S schema is detected, then some of the features
available for the UAM schema will not be available. Some such features are,
multiple domain support, RFC2307 compliance for NIS, starting and stopping
NIS services from ConsoleOne. To enable these features, you need to extend
the new schema by executing schinst -n.
68

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Setting Up and Managing Novell Native File Access for

UNIX
This section explains how to set up and manage Native File Access for UNIX.
It includes information on the following:
Configuration Methods (page 69)
Configuring Server General Parameters (page 71)
Migration (page 74)
NFS Server (page 82)
NIS Server (page 94)
Configuration Methods
Novell Native File Access for UNIX can be configured using ConsoleOneTM
and also by setting the file-based configuration parameters of the various
components.
ConsoleOne-Based Configuration
To start ConsoleOne from the client, complete the following steps.

IMPORTANT: Before starting ConsoleOne, ensure that you run NFSSTART on
the server that you want to administer.
1 Start ConsoleOne from the server where Native File Access for UNIX is
installed.
2 Click NFSAdmin and then the login toolbar icon.
3 Enter the tree name, context name, authorized username, and authorized
password.
4 Click OK.
5 Enter the hostname or IP address and then click OK.
IMPORTANT: To log in successfully, make sure that your file server name and
hostname are the same and that you have logged in to the tree of the server you
want to administer. You will not be able to administer a NetWare NFS Services 3.0
on NetWare 5.1 from ConsoleOne on NetWare 6.

103-000162-001
September 4, 2001
Novell Confidential
69
Manual
Figure 2
99a
38
July 17, 2001
Novell Native File Access for UNIX Objects
WARNING: After the Novell Native File Access for UNIX installation, two objects
are created in the tree: NISUser / NISUserDef and NISSERV_Servername. These
objects should not be deleted.
File-Based Configuration
The configuration (.CFG) files are used to configure the services. All of these
files have the following format:
PARAMETER_NAME = VALUE
Within the .CFG files, a pound sign (#) indicates a comment.

In addition to these configuration files, there are specific files for exported
volumes for the NFS Server and for the migration utility. All the configuration
files are usually located in the SYS:\ETC directory. To configure the modules,
you need to change the desired parameter value in the corresponding .CFG file
and restart the module.
NOTE: In a cluster environment, the configuration files will be located in the ETC
directory of the shared volume.
70

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Configuring Server General Parameters

The server general parameters required by Native File Access for UNIX are
located in the NFS.CFG file. These parameters are common to NFS and NIS.
When modifying this file, make sure you stop the services using nfsstop
and restart using nfsstart.
File-Based Configuration of Server General Parameters
The following table lists the configuration parameters in NFS.CFG.

Table 1
Novell Native File Access for UNIX General Parameters
Parameter
Default Value
Description
NDS_ACCESS
Lets you set the default access to eDirectory or NIS. To

set the default access to eDirectory and retrieve all
information from eDirectory, set this parameter to 1. (This
is the default value.) Set this parameter to 0 to retrieve
information from NIS server.
NIS_CLIENT_ACCESS
Lets you enable or disable NIS client. By default, NIS

client access is enabled. To disable NIS client access, set
this parameter to 0.
NIS_DOMAIN
Sets the NIS domain for NIS client access. No default

can be provided.
NIS_SERVER
Provides the NIS server servicing the domain. If a specific

server is needed for the domain, this parameter must be
set. Otherwise, the NIS server is discovered using the
broadcast.
No default can be provided.
SEARCH_ROOT
Contains a list of fully distinguished names of containers

separated by commas. These containers indicate where
the search for users and groups should start.
The NDSILIB module uses this parameter. The value can
be either 25 containers or a string whose length should
not exceed 2000 bytes, whichever is less.
If you do not set any search containers, search will start
from the bindery and then in the servers default context.

103-000162-001
September 4, 2001
Novell Confidential
71
Manual
99a
38
July 17, 2001
ConsoleOne-Based Configuration of Server General Parameters
This section explains the following tasks:

Viewing the Server General Parameters (page 72)
Configuring the Server General Parameters (page 73)
Viewing the Server General Parameters
1 In the ConsoleOne main menu, right-click the server you want to
configure and then click Properties.

The following panel appears:
Figure 3
Server General Parameters Panel
These are the general parameters. The fields are read-only.

Host NameThe name of the NetWare server.
IP AddressThe primary IP address of the NetWare server.
Subnet MaskThe subnet mask that, when added to the IP address,
provides the IP network number.
Server NameThe name of the NetWare server.
Operating SystemThe version of the operating system being used by
the host.
72

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
ContextThe context or logical position of the server within the

eDirectory tree.
TreeThe current eDirectory tree.
Time ZoneThe world time zone reference for your area. The time zone
is used for time stamps and to set time synchronization. The time zone
reference is set during the NetWare installation.
Configuring the Server General Parameters
1 In the ConsoleOne main menu, right-click the server you want to
configure and then click Properties > Directory Access.

Figure 4
Server General Parameters - Directory Access Panel
This panel contains the parameters that can be configured to set the
directory access of NetWare NFS Server.
2 Modify the following Directory Access parameters as necessary:
NDSSets the access to eDirectory.

Search RootLists the Fully Distinguished Name of containers from
where the search should start for users and groups only. The names are
separated by commas. Make sure that the parameter has valid values
whenever the eDirectory structure changes.
NISEnables remote NIS.

103-000162-001
September 4, 2001
Novell Confidential
73
Manual
99a
38
July 17, 2001
Enable NIS ClientSpecifies whether the NIS Client is enabled or not.

NIS ServerSpecifies the remote NIS server name.
NIS DomainSpecifies the domain served by that remote NIS.
3 Click OK.
4 Modify the following parameters as necessary:
SNMP Alert LevelThe level of SNMP alerts reported to SNMP

management stations. Select an alert level from the drop-down list. You
can also turn off SNMP reporting from this list.
NoneSuppresses SNMP reporting.
CriticalWarns you about urgent problems that require immediate

action to prevent widespread failure.
MajorWarns you about serious problems that require prompt

action to prevent failure of the object and possibly some related
objects.
MinorProvides information about problems that can be addressed

as work schedules permit.
InformationalProvides descriptive information that can be used

for such things as trend analysis and planning.
Each level incorporates the information from the levels listed above it.
For example, if you select Minor, you also receive messages about major
and critical alerts.
Migration
If you already have an UNIX NIS Server (text-based) and you want the new
NetWare NIS Server to serve the same data served by the old NIS server, you
can copy all those text files into the specified location and then run the
migration utility to create eDirectory entries for a specified domain.
The migration utility creates the Domain object in the default context as well
as two other containers in the same context with the names domainname_U
and domainname_G. During the migration, the utility searches for existing
eDirectory users and groups under the containers specified by the
SEARCH_ROOT configuration parameter (specified in NFS.CFG) and,
based on the migration option specified, modifies the UNIX information of
those objects. If the objects are not found, the users are migrated to
74

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
domainname_U and the groups are migrated to domainname_G. The rest of

the data is migrated under the Map objects created under the Domain object.
IMPORTANT: The User and Group objects will not be created under the passwd
and group Map object. They will spread across the eDirectory tree and
DomainName_U, DomainName_G depending upon the SEARCH_ROOT
configuration parameter.
Maps can be migrated using the following three options:

UPDATE(Default) Updates all existing objects' information with the new
information. If no objects exist, it creates new ones.
REPLACEDeletes all existing objects and creates new ones. For passwd
and group maps, the old objects are not deleted.
MERGERetains all existing objects' information and logs them as
conflicting records in the MAKENIS.LOG file. If no objects exist, it creates new
ones.
Before migrating the users and groups, remove the password field ("*", "x",
or "!") from the corresponding text file and then migrate. After doing this, you
can set the UNIX password. This is done by making the UNIX machine an
NIS client to the NetWare machine, logging in as that NIS user, and running
an NIS client utility named YPPASWD to set the UNIX password.
NOTE: The password for a migrated UNIX user (one who already has the
password) cannot be set from an NIS client. A password can be set only for users
who do not have a password.
For more information on UNIX user management, see UNIX User

Management Using eDirectory on page 63.
File-Based Migration
Migration, by default uses the makefile SYS:ETC/NIS/NISMAKE, which

contains the location of the text file for every map. The general syntax of the
migration utility is:
makenis [-r resultfilename -[r]d domainname [-n context] [-f
nismakefilename] {[mapname -[l|b]p line or byte object in
mapname]...}
NOTE: All options should be used only in the specified order.
In general, to create a domain and migrate data or to use the existing

domain object, use the following format:
makenis -d domainname
The parameter domainname is mandatory.


103-000162-001
September 4, 2001
Novell Confidential
75
Manual
99a
38
July 17, 2001
To capture the results of the migration, use the following format:

makenis -r resultfilename -d domainname
To remove the existing domain data and then migrate, use the following
format:
makenis -rd domainname
To specify the context where you want to create your Domain object and
data, enter it as the contextname:
makenis -d domainname -x contextname
Edit the context parameter by prefixing each of the dots in the Relative
Distinguished Names with a backslash (\) to distinguish them from
eDirectory names.
To specify an NIS makefile other than the default SYS:ETC/NIS/
NISMAKE, use the following format:
makenis -d domainname -f makefilepath
To specify the text files that you want to migrate, modify the NIS
makefile. The NIS makefile is in the following format:
map name
full path
parameters (if any)
The comment character is the pound sign (#).

If nothing is specified, all the files in the makefile are migrated.
For each map, you can specify the SECURE parameter so that only
requests coming from secure ports are able to access the data. You can
also specify the migration options: UPDATE, REPLACE, or MERGE.
For the Password map, you can specify two additional parameters: -u uid
(which stops users with a UID less than a particular value from migrating
to eDirectory) and AUTOGEN (which generates a UID from the program
itself).
You must specify the text file in the full path in DOS name format.
To migrate specific maps, use the following format:
makenis -d domainname mapname1, mapname2
To migrate a map from a particular offset in a specified map text file, use
the following format:
makenis -d domainname mapname -lp lineoffset
Or
makenis -d domainname mapname, -bp byteoffset
76

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Line offset is used to start migration from a particular line from the map
text file. If the migration fails while migrating large maps, instead of
migrating it again from the beginning, you can specify the byteoffset to
start from the offset specified in the migration log file. For more details
on this offset, refer to the description of the configuration parameter
FILEMARK_LOG_FREQ in NIS.CFG.
ConsoleOne-Based Migration
1 In the left panel of ConsoleOne, click The Network.
2 Select the servers tree where you want to manage the domains and maps.
3 Click the toolbar M icon.

Figure 5
Migration Panel
4 To migrate a domain, enter the NetWare Host Name/IP Address, Domain
Name, and Domain Context.

5 To set the NIS Server as master for this specified domain, check Set the
Specified Host As Master Server.

6 In the Master Server Info section, check Clear Existing Maps if you want
to clear the maps already present.

103-000162-001
September 4, 2001
Novell Confidential
77
Manual
99a
38
July 17, 2001
7 Click the radio button for the type of the migration you want to perform:
Replace, Update, or Merge.

8 To set the NIS Server as Slave Server, enter the Master Server Name/IP
Address in the Slave Server Info section.

9 To migrate the domain for default maps, click Migrate.
The available default maps are ethers, hosts, networks, protocols, RPC,
services, passwd, group, netgroup, and bootparams. By default, these
files should be present in SYS:\ETC\NIS.
10 To migrate the domain for specific maps, click Advanced to go to the
Map Information panel.

Figure 6
Map Information Panel
10a Click either Default Maps or Other Maps.

10b Select the desired maps from the list, deselect the maps you do not
want to migrate, and click OK.

11 To modify an existing map or add a new map, click Add to go to the Add
Map panel.
78

103-000162-001
September 4, 2001
Novell Confidential
Manual
Figure 7
99a
38
July 17, 2001
Add Map Panel
11a Enter the Map Name and the Text File name.
11b If you want to enable secure access to the map, click Secure.
11c In the Comment Character box, enter the comment character present
in the specified text file and click OK.

The default comment character is #.
12 Click Migrate.
Managing Users and Groups
You can add and modify the information of a User or Group object that
already exists in eDirectory.
Modifying User Information
1 In the left panel of the ConsoleOne main menu, click the eDirectory tree
where the object resides.

If you do not find the tree, click Novell Directory Services and then select
the tree and log in to it.
2 Double-click the container named domainname_U, where the User
objects reside.
The User objects under this particular container appear.
3 Right-click the User object whose properties you want to change and
click Properties.
The following panel appears, displaying the various tabs that should be
specified to add and modify the user information in eDirectory.
All the tabs except the UNIX Profile tabs are standard forms.

103-000162-001
September 4, 2001
Novell Confidential
79
Manual
Figure 8
99a
38
July 17, 2001
UNIX Profile Tab of User Properties Panel
4 To modify the UNIX user profile, click UNIX Profile and specify the
information in the following fields:

User IDThe users UNIX UID.
Primary GroupThe group ID (GID) of the group this user belongs to.
To enter the GID of the user, click Browse and select the appropriate
group.
Login ShellThe preferred login shell of the user.
Home DirectoryThe home directory the user wants to be placed in
while logging in to the system.
CommentsAny other comments that the user might want to specify.
Reset UNIX PasswordUse to reset the users UNIX password.
5 Click Apply > OK.
Modifying Group Information
1 In the left panel of the ConsoleOne main menu, click the eDirectory tree
where the object resides.

If you do not find the tree, click Novell Directory Services and then select
the tree and log in to it.
2 Double-click the container domainname_G, where the Group objects
reside.
The groups under this particular container appear.
80

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
3 Right-click the Group object whose properties you want to change and
click Properties.
The following panel appears, showing the various forms which should be
specified to add and modify the group information in eDirectory.
All the forms except the UNIX Profile form are standard forms.
Figure 9
UNIX Profile Tab of Group Properties Panel
4 To modify the UNIX group profile, click the UNIX Profile tab and
specify the information in the following field:

Group IDThe groups UNIX GID.
5 Click Apply > OK.
Adding a New User or Group
To add a new user, do the following:

1 In the left panel of the ConsoleOne main menu, click the context where
you want to add the new user.

2 Select File > New, and then click User.
3 Enter the user information.

103-000162-001
September 4, 2001
Novell Confidential
81
Manual
99a
38
July 17, 2001
To add a new group, do the following:

1 In the left panel of the ConsoleOne main menu, click the context where
you want to add the new group.

2 Select File > New, and then click Group.
3 Enter the group information.
To make this newly added user/group an NIS User and NIS Group record, add
the attribute nisUserGroupDomain to the object. This attribute holds a list of
the domains to which that record belongs.
IMPORTANT: When any update to a UNIX profile is done from ConsoleOne,
execute NFSSTOP and NFSSTART, for NFS server to get the modified UNIX
information.
Managing Migration Utility Log Files
When the migration utility, makenis is executed, the log file

MAKENIS.LOG is created by default in SYS:\ETC\NIS. This file records
messages that provide following information:
The containers added such as domainname container, domainname_U
(for users), domainname_G (for groups)
The maps added and attached to the container
Parsing statistics for each map. For example, the number of records read,
migarated, conflict and invalid records
Conflicting record details are logged
NFS Server
The NFS Server uses the following files:
NFSSERV.CFG which contains the configuration parameters
NFSEXPRT which contains the exported path information
NFSTHOST which contains the trusted hosts list for the exported path
For more information on NFS Server, see NFS Server on page 57.
82

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
File-Based Management for NFS Server

NFS Server Configuration Parameters
The following table lists the parameters that can be set in NFSSERV.CFG:
Parameter
Default Value
Range
Description
REQ_Q_FULL_ALERT
90
20 - 99
Minimum percentage of request

queue utilization which triggers an
SNMP alert.
REQ_CACHE_FULL_ ALERT
90
20 - 99
Minimum percentage of request

cache utilization which triggers an
SNMP alert.
OPEN_FILE_CACHE_
FULL_ALERT
90
20 - 99
Minimum percentage of open file

cache utilization which triggers an
SNMP alert.
OPEN_FILE_CACHE_ ENTRIES
512
32 - 1024
Number of open file cache entries.
CACHE_AGING_ INTERVAL
60
0 - 2000
Duration (in seconds) the NFS

server keeps a file's information in
cache memory. The value 0
disables the open file cache.
REQ_CACHE_ ENTRIES
256
64 - 512
Number of request cache entries.
CACHE_WRITE_ THROUGH
NO
YES / NO
Indicates whether cached data

should be written to disk
immediately.
TYPE_OF_ TRANSPORT
BOTH
TCP, UDP, or
BOTH
Whether the NFS Server should

support TCP, UDP, or BOTH.
NFS_VERSION
0/2/3 (0 =
Both, 2 = only
V2, and 3 =
only V3)
Indicates which version of NFS

protocol should be currently
supported.
NFS_UMASK
022
000 - 777
File mode creation mask for default

UNIX permissions.
NFS_V2_THREADS
1 -150
Number of NFS Server threads

servicing the NFS 2 protocol.

103-000162-001
September 4, 2001
Novell Confidential
83
Manual
99a
38
July 17, 2001
Parameter
Default Value
Range
Description
NFS_V3_THREADS
1 - 150
Number of NFS Server threads

servicing the NFS 3 protocol.
MOUNT_V2_THREADS
1 - 150
Number of threads servicing Mount

V2 requests.
MOUNT_V3_THREADS
1 - 150
Number of threads servicing Mount

V3 requests.
NFS_V2_TCP_SEND_Q_
ENTRIES
30
1 - 150
Size of the TCP send queue for the

NFS V2 protocol.
NFS_V3_TCP_SEND_Q_
ENTRIES
30
1 -150
Size of the TCP send queue for the

NFS V3 protocol.
NFS_V2_RECV_Q_ENTRIES
20
1 - 150
Size of the receive queue for the

NFS V2 protocol.
NFS_V3_RECV_Q_ENTRIES
20
1 - 150
Size of the receive queue for the

NFS V3 protocol.
LOG_DIR
SYS:\ETC
Directory where the NFS Server

creates the log file.
LOG_FILE
NFSSERV
The name of the NFS server log file.

A .LOG extension is automatically
added to the file.
LOG_LEVEL
84
1 = Error
Messages,
2 = Warning
Messages,
4 = Information
Messages
The log level indicates the types of

messages to be logged. You can
either choose one of these or a
combination of these. To get the
combination, add two or more log
levels. For example, to get Error and
Information Messages, set the Log
level to, 5= (1+4). By default, you
will get all the messages.

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Exporting NetWare Volumes and Directories
The Export Path information file, NFSEXPRT, contains the list of the paths
that are exported from the system. It also gives the specified properties for the
exported path.
This file contains one exported path per line. The format of each line is as
follows:
ExportedPath isReadonly anonymousAccess mode webccess
Exported PathThe directory path to be exported. For example /nfsvol.

isReadOnlySpecifies whether to export the path in read-only mode or
not. Values = 1 (read-only), 0.
anonymousAccessSpecifies whether anonymous access to the
exported path is allowed or not. Values = 1, 0.
modeSpecifies the rights and permission mapping modes for the
directory. Novell Native File Access for UNIX supports independent
mode (value 512).
WebSpecifies if Web access is allowed for this exported path. At any
point in time, only one path can be enabled for Web access.
Example of an exported path:
/nfsvol 0 1 512 0
NFS Trusted Host File
The NFSTHOST file contains the list of all the trusted hosts that can access
the exported directory. This is specified in conjunction with the NFSEXPRT
file.
The format of every line is as follows:
Exported Path Host Name Access-Type Host/Hostgroup
Exported PathGives the directory path to be exported. For example,

/nfsvol.
Host NameGives access to the client host named by the user. To give
access to all hosts, select (*).

103-000162-001
September 4, 2001
Novell Confidential
85
Manual
99a
38
July 17, 2001
Access Type (1, 2, 3)Specifies the type of access to be granted to a

specific host. The values it can take are as follows:
Trusted 1
RootAccess 2
ReadWriteAccess 3
Host/Hostgroup (1, 0)This field shows whether the Host Name
specified is a Host or a Hostgroup. This field should always be set to 1
(Host).
Example of an exported directory:
/nfsvol nfs-sun2 3 1
/nfsvol * 3 1
/nfsvol * 2 1
/nfsvol * 1 1
Removing an Exported Path
To remove an exported path, delete the corresponding directory entries from

the files NFSTHOST and NFSEXPRT.
Getting the UNIX information from Remote NIS
For file system sharing by NFS server, the UNIX user and group information
is obtained from eDirectory by default. This can be modified so that UNIX
information is obtained from a remote NIS server. To set this, do the
following:
1 Run NFSSTOP.
2 In the NFS.CFG file, set the parameters as follows:
NDS_ACCESS=0
NIS_CLIENT_ACCESS=1
NIS_DOMAIN= nis domainname
NIS_SERVER= servername which is servicing the specified domain
3 Run NFSSTART.
4 Load NFSSERV.
86

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Starting and Stopping NFS Server
To start NFS Server enter at the system console, enter:

load nfsserv
To stop NFS Server enter at the system console, enter:
unload nfsserv
ConsoleOne-Based Management for NFS Server
This section describes how to manage the NFS Server from ConsoleOne.
NFS Server General Configuration Parameters
1 After logging in, click the server you want to administer from the list of
servers under NFSAdmin in the ConsoleOne left panel.

The NFS Server toolbar icon and the NFS Server on the menu bar are
displayed.
2 To administer NFS Server, click NFS Server on the menu bar and then
click Options.
The following panel, which shows the NFS Server basic parameters and
their default values, appears.
Figure 10
General Parameters in NFS Server Options Panel

103-000162-001
September 4, 2001
Novell Confidential
87
Manual
99a
38
July 17, 2001
Request Q Alert LevelAfter what percentage of request queue

utilization an SNMP alert is sent. Default = 90. Range = 20 - 99.
Request Cache Alert LevelAfter what percentage of request cache
Open File Cache Alert LevelAfter what percentage of open file cache
Number of Open File CacheNumber of files the NFS server can have
open simultaneously. Default = 512. Range = 32 - 1024.
Open File Aging IntervalHow many seconds the NFS server keeps a
file's information in cache memory. When a file is held in cache, NetWare
users cannot access it. Larger values produce better performance, but they
also make NetWare users wait longer to access files that are being
manipulated by NFS. Default = 60. Range = 0 - 2000. Open File Caching
is disabled at 0.
Number of Request Cache EntriesNumber of requests that can be
held in cache memory. Default = 256. Range = 64 - 512.
Enable Cache Write ThroughWhether cached data should be written
to disk immediately or not. By default, the data is not written
immediately.
Transport ModeWhich transport mode NFS Server should support.
The modes could be UDP, TCP, or Both. Default = Both.
NFS Protocol VersionVersion of the NFS protocol to be loaded. The
values are 0/2/3.
NFS File Creation MaskFile mode creation mask in Independent
Mode for default UNIX permissions of files and directories created from
the NetWare side.
4 To specify the advanced parameters, click Advanced on the NFS Server
Options panel.
The following panel, which shows the NFS Server advanced parameters
and their default values, appears.
88

103-000162-001
September 4, 2001
Novell Confidential
Manual
Figure 11
99a
38
July 17, 2001
Advanced Parameters in the NFS Server Options Panel
NFS V2 ThreadsNumber of NFS Server threads servicing the NFS 2

protocol. Default = 5. Range = 1 - 150.
NFS V3 ThreadsNumber of NFS Server threads servicing the NFS 3
Mount V2 ThreadsNumber of NFS Server threads servicing the
Mount V2 Requests. Default = 1. Range = 1 - 150.
Mount V3 ThreadsNumber of NFS Server threads servicing the
Mount V3 Requests. Default = 1. Range = 1 - 150.
NFS V2 TCP Send Q EntriesSize of the TCP send queue for the NFS
2 protocol. Default = 30. Range - 1 - 150.
NFS V3 TCP Send Q EntriesSize of the TCP send queue for the NFS
3 protocol. Default = 30. Range = 1 - 150.
NFS V2 Q EntriesSize of the receive queue for the NFS 2 protocol.
Default = 20. Range = 1 - 150.
NFS V3 Receive Q EntriesSize of the receive queue for the NFS 3

103-000162-001
September 4, 2001
Novell Confidential
89
Manual
99a
38
July 17, 2001
Log File PathDirectory that NFS Server creates the log file in. Default
directory is SYS:\ETC.
Log File NameName of the NFS Server Log File. Default name is
NFSSERV. A .LOG extension is automatically added.
NFS Server Log LevelIndicates the types of messages to be logged.
6 Click OK.
Exporting NetWare Volumes and Directories
Exporting a directory enables NFS client users to view NetWare volumes and
directories as part of the client file system.
You can export a NetWare path and manage it.
1 Make sure you have added the NFS name space, and then select Export
New Path from the NFS Server drop-down list.

The Export New Path panel appears.
Figure 12
NFS Server Export New Path Panel
2 To export a new directory, click the Browse icon in the upper-right corner
of the panel.
The Export Path panel appears.
90

103-000162-001
September 4, 2001
Novell Confidential
Manual
Figure 13
99a
38
July 17, 2001
Browse Panel for exporting NetWare Volumes and Directories
3 Double-click the server name to see the volumes with NFS name space.
4 Select the volume or directory you want to export and click OK.
5 On the Export New Path panel, modify the following fields as necessary:
Export PathPath of the directory to be exported.

Access Control ModeThe access control mode that applies to this
directory: independent mode.
Read-OnlyIndicates whether user access is limited to read-only.
Selecting No (the default) provides all users with read/write access.
Selecting Yes limits users to read-only access. If Yes is specified, even
users on hosts identified as trusted are limited to read-only access. The
same also applies to root users. To override this option, enter the name of
that host in the Hosts with Read-Write Access field.
Anonymous AccessIndicates whether the users Nobody and Nogroup
can access the exported path. Selecting Yes (the default) provides these
users with access. Selecting No denies access.
Web AccessEnables WebNFS access for the selected directory when
checked. At any point in time only one of the exported paths can be
enabled for Web Access.
6 Click Add Trustee. Enter the hostname that you want to give exported
directory/volume access to.

An asterisk (*) will give access to all the hosts.
You can also specify the type of access you want to give to the host.

103-000162-001
September 4, 2001
Novell Confidential
91
Manual
99a
38
July 17, 2001
7 Click the Trustee name on the Export New Path panel to set their access
rights.
Hosts with Root AccessThe host whose users with root privileges
have Admin rights to the exported directory. Select this field to display a
list of these hosts. If a host with access is not specified as having root
access, root users on that host have the rights of the NFS user Nobody.
Hosts with Read-Write AccessThe hosts with access whose users
have read/write access to the exported path. Select this field to display a
list of these hosts.
8 To remove a host from the Trustee list, select the trustee and click
Remove Trustee.
Modifying the Exported Path
1 In the left panel of the ConsoleOne main menu, click the server that you
want to administer.
The Export icon appears in the right panel.
2 Double-click Exports to see the currently exported path.
3 Right-click the exported path you want to modify and then click
Properties.
You can now see the properties of the exported path and modify them.
4 Make the changes as required and then click OK.
Removing an Exported Path
want to administer.
2 Double-click Exports to see the currently exported path.
3 Right-click the exported path you want to delete and then click Remove.
92

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Getting the UNIX information from Remote NIS
For file system sharing by NFS server, the UNIX user and group information
is obtained from eDirectory by default. This can be modified so that UNIX
information is obtained from a remote NIS server. To set this, do the
following:
1 Run NFSSTOP.
2 Set the parameters in the NFS.CFG file as follows by following Steps 1
to 5 in Configuring the Server General Parameters on page 73.
NDS_ACCESS=0
NIS_CLIENT_ACCESS=1
NIS_DOMAIN= nis domainname
NIS_SERVER= servername which is servicing the specified domain
3 Run NFSSTART.
4 Load NFSSERV.
Starting and Stopping NFS Server from ConsoleOne
1 Click NFSAdmin and log in to the server that you want to administer.
2 Click the S icon on the toolbar to start/stop the NFS Server. The
background color of the S icon indicates the status of the NFS Server
Software.
Refreshing the Exported Paths View
If the NFSEXPRT file is modified outside ConsoleOne, then to view the

current contents of the file, do the following:
want to administer.
2 Right-click Exports and then click Refresh to view the currently exported
paths.

103-000162-001
September 4, 2001
Novell Confidential
93
Manual
99a
38
July 17, 2001
Managing NFS Server Log Files
When NFS Server service is running it logs messages into a log file named
NFSSERV.LOG created by default in SYS:\ETC. This file records messages
that provide following information:
When and where the serivices are started and stopped
Clients where the exported volumes are mounted.
NIS Server
There is an NIS Server object in eDirectory called NISSERV_Servername.
This object is created during installation. Migration utility adds the domain
details to this object when a domain is migrated. NIS Server will service the
list of domains present in this object.
For information about NIS, see Network Information Service on page 59.
File-Based Management for NIS Server
NIS Server Configuration Parameters
The configuration parameters required for NIS Services is available in the file
NIS.CFG. The following table lists the parameters in NIS.CFG.
Table 2
NIS Parameters
Parameter
Default Value
Description
NIS_SERVER_CONTEXT
The eDirectory context where the NIS server

object is created. It holds all the domain
FDNs, and the NIS server reads the domains
from here.
NIS_SERVER_NAME
The name by which the NIS server will be

referenced. By default the NISINST utility will
create an object named
NISSERV_ServerName.
INTERDOMAIN_RESOLUTION
94
Specifies whether interdomain resolution is

allowed or not. If allowed, DNS is contacted
for hostname resolution even if NIS is not
running. This is used for host maps only.

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Default Value
Description
FILEMARK_LOG_FREQ
100
Puts the file in the log after parsing the

specified number of records. This is used by
the migration utility when the administrator
wants to migrate maps which have large
records.
After transferring a number of records
successfully, an index is maintained. If a
transfer breaks, it can start from the index
kept previously.
LOG_FILE_PATH
SYS:ETC\NIS
The path in the NetWare server where you

want to write the log file for migration.
MAX_LOG_MSG
5000
Upper limit of number of log messages that

can be logged. The information is specific to
each log file. By default the last 5000
messages are displayed.
If the number of log messages is set to n, the
last n messages are retained.
NIS_LOG_LEVEL
The log level indicates the types of messages

to be logged. You can either choose one of
these or a combination of these. To get the
combination, add two or more log levels. For
example, to get Error and Information
Messages, set the Log level to, 5= (1+4). By
default, you will get all the messages.
MAP_REFRESH_DEFAULT
24:00:00
Specifies the default time interval for

refreshing the maps by synchronizing the
maps in the slave server with the master.
NIS_ADMIN_OBJECT_
CONTEXT
The context where the NIS Admin object will

be created.

103-000162-001
September 4, 2001
Novell Confidential
95
Manual
99a
38
July 17, 2001
Setting Up a NetWare Server as a NIS Master

1 Copy the NIS related text files required for the domain from the
UNIX machine (which are available in /ETC in UNIX) into

SYS:\ETC\NIS.
2 (Conditional) If you want to set up other NIS server as slave to this NIS
server, do the following:

2a Create a text file called YPSERV in SYS:\ETC\NIS. For every slave
server enter the hostname of the slave server in this file in the
following format:
slaveserverhostname1 slaveserverhostname1
NOTE: The first field should not be IP Address.
2b Enter the YPSERVERS map entry in SYS:\ETC\NIS\NISMAKE
with its path in the following format:

YPSERVERS SYS:\ETC\NIS\YPSERV
3 Migrate the domain. For migration information, see File-Based
Migration on page 75.

4 Load NISSERV.NLM. Now the NetWare NIS Server is setup as Master
NIS Server.
5 (Conditional) If the map data in NIS master is modified anytime, and the
changes done needs to be updated in the slave servers immediately then

execute the following command:
yppush -d domainname [-v] mapname
NOTE: The changes done on the NIS master are automatically updated on the
slave servers periodically.
Setting Up a NetWare Server as NIS Slave Server

1 While setting up the UNIX machine as the master, add the NetWare
server name to the slave server list.

2 In the NetWare server, make sure that the parameter
NIS_CLIENT_ACCESS=1 in the file SYS:\ETC\NFS.CFG.

3 Set the domain to the one that is being served by the UNIX NIS server,
using the following command:

ypset domainname hostname
96

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
4 Make sure NISSERV.NLM is loaded.

5 Run MKSLAVE, to setup the NetWare machine as slave, with the
following parameters:
mkslave -d domainname -m master [-x contextname]
Setting Up a NetWare Server as NIS Client

1 Run NFSSTOP.
2 In the NetWare server, make sure that the parameter
NIS_CLIENT_ACCESS=1 in the file SYS:\ETC\NFS.CFG.

3 Run NFSSTART.
4 Set the default domain by entering
ypset domainname hostname/IP_address
ConsoleOne- Based Management for NIS Server

Nis Server Configuration Parameters
To Configure The Parameters Required For Nis Services, Right-click The

Nisserv_servername > Click Properties. A Panel Similar To The Following
Appears:
Figure 14
Nis Server-general Parameters Panel

103-000162-001
September 4, 2001
Novell Confidential
97
Manual
99a
38
July 17, 2001
Map Refresh Frequency The Frequency At Which All The Records Of

The Map Should Be Refreshed. Range = 1 To 2400 Hours (100 Days).
Log File PathThe Path In The Netware Server Where You Want To Write
The Nis Log Files.
Maximum Log MessagesThe Maximum Number Of Log Messages That
Can Be Logged. The Information Is Specific To Each Log File. By Default
The Last 5000 Messages Are Displayed. If The Number Of Log Messages Is
Set To N, The Last N Messages Are Retained.
Log File Error LevelThe Level Of Error Messages Written To The
Audit.log File. Select An Error Level From The Drop-down List.
Enable Interdomain ResolutionCheck This Box To Allow Interdomain
Resolution. Dns Is Then Contacted For Hostname Resolution For Nis Client
Calls On Host Maps Only.
Viewing Domains Served By NIS Server
To View The Domains Served By The Nis Server Right-click
Nisserv_servername > Click Properties > Memberships Tab. A Panel Similar
To The Following Appears.
Figure 15
Nis Server: Membership Panel
You Can Add Or Delete Domains From This Panel. For More Details, See The
Online Help.
98

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Setting Up a NetWare Server As a NIS Master

1 Copy the NIS related text files required for the domain from the
UNIX machine (which are available in /ETC in UNIX) into

SYS:\ETC\NIS.
2 (Conditional) If you want to set up other NIS server as slave to this NIS
server, do the following:

2a Create a text file called YPSERV in SYS:\ETC\NIS. For every slave
server enter the hostname of the slave server in this file in the
following format:
NOTE: The first field should not be IP Address.
2b Enter the YPSERVERS map entry in SYS:\ETC\NIS\NISMAKE
with its path in the following format:

YPSERVERS SYS:\ETC\NIS\YPSERV
3 Migrate the domain. For migration information, see ConsoleOne-Based
Migration on page 77.

4 Start NISSERV.
5 (Conditional)You can use the YPPUSH utility to update the Slave NIS
Server.
The YPPUSH utility copies a new version of the named NIS map from
the master NIS server to the slave NIS servers. The YPPUSH utility is
normally run only on the master NIS server after the master databases are
changed and the changes need to be updated in the NIS slave servers
immediately. The YPPUSH utility first constructs a list of NIS slave
server hosts by reading the NIS map Ypservers within the same domain.
Then a transfer map request is sent to the NIS server on each host.

103-000162-001
September 4, 2001
Novell Confidential
99
Manual
99a
38
July 17, 2001
Right-click NISSERV_Servername > click Update Slave Server . A panel

similar to the following appears:
Figure 16
YPPUSH Dialog Box
Enter the required details such as HostName or IP Address of the Master

Server, Domain Name, and Map Name. For more details, see the online
help.
NOTE: The changes done on the NIS master are automatically updated on the
slave servers periodically.
Setting up a NetWare Server As a NIS Slave Server

1 While setting up the UNIX machine as the master, add the NetWare
server name to the slave server list.

2 In the left panel of ConsoleOne, click The Network.
3 Select the server tree where you want to manage the domains and maps.
4 Click the M icon on the toolbar to display the Migration panel.
5 To migrate a domain, enter the NetWare Host Name/IP Address, slave
Domain Name, and context where the domain object is to be created.

6 To set the NIS Server as slave for this specified domain, uncheck Set the
Specified Host As Master Server.

7 Enter the Master Servers Name /IP Address in the Slave server
information.
8 To migrate the domain, click Migrate.
100 Novell Native File Access Protocols Installation and Administration Guide

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Configuring eDirectory Objects to be Served by NIS Server
NIS Server recognises eDirectory users/groups as NIS users/group only if

they have a UNIX profile attached to them. To configure existing eDirectory
user/group objects to be served by NIS Server, complete the following steps.
1 Choose the eDirectory User/Group object > right-click Properties >
UNIX Profile. Enter the required fields in this page and move to the Other
tab.
2 In the Other tab, choose Add > nisUserGroupDomain attribute.
3 Browse and select the NIS Domain Object to which you want to
attach these Users and Groups.

This is a multi-valued attribute and you can attach as many NIS Domains
to this as you want. These Users and Groups now belong to these NIS
Domains and will be listed under all these domains.
4 Verify if the eDirectory Context under which these User and Groups exist
is listed in the NIS Domain object. Right-click Domain Object >

Properties > Memberships tab.
You can also create new NIS maps and NIS map records under NIS
domain object as you create normal eDirectory objects.
NOTE: No objects will be there under the passwd and group map objects in the
domain.
Working with UNIX Machines 101

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Managing NIS Data on eDirectory
After migration the NIS maps and records will be available as objects under
the migrated NIS domain object.
Figure 17
Maps under the Migrated Domain
When a client call is made to this domain, the NIS Server will list the data
present under the corresponding domain object. However, for user/group
details, it will look for users and groups belonging to the domain under the
contexts specified by an attribute of the domain object.
To view the list of contexts where the users and groups will be located, rightclick Domain object > click Properties > Membership Tab. A panel similar to
the following appears.

103-000162-001
September 4, 2001
Novell Confidential
Manual
Figure 18
99a
38
July 17, 2001
Domain Properties Panel
In case the NetWare NIS Server is a slave for a domain and the master NIS
server for that domain is changed to some other server; to get the updates from
the new master, you need to change the NIS master server name for the
domain object present in the NetWare NIS slave server.
Right-click Domain object > click Change Master. A panel similar to the
following appears:
Figure 19
Change Master Dialog Box
Enter the IP address of the new NIS master server. The NIS slave server will
now contact the new master server for updates on all the maps under this
domain.

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
You can view the properties for each map. Right-click Map object > click
Properties. A panel similar to the following appears:
Figure 20
General Map Properties Panel
Map MasterThe name of the master server serving this map.

Map Last ModifiedThe last time the map was modified by adding or
removing records.
Is Map SecureSets the secure flag of the map when checked.
DescriptionAny general comments that you want to record.
Click each map to perform operations on it and to see the records present
under the map.
To add an object to a map, right-click the map in the left panel, click New,
select the object and then specify the details of the object in the dialog box.
While the panels for records on the same map are the same, they differ from
map to map.

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Administering Maps
The following figures show the main map panels and are followed by
procedures for using each panels basic fields. Using these panels, you can
view or modify the map records properties. The standard fields remain the
same.
Figure 21
Ethers Map Records Properties Panel
This panel shows the Ethernet address of the host.

The standard address form is x:x:x:x:x:x, where x is a hexadecimal number.
Click the icon to enter the Ethernet address of the host, and then click Apply
> OK.

103-000162-001
September 4, 2001
Novell Confidential
Manual
Figure 22
99a
38
July 17, 2001
Boot Map Records Properties Panel
1 To add the devices boot parameter, click Add, enter the boot parameter
of the device in the Boot Parameter field, and then click Apply > OK.
2 To delete the devices boot parameter, select the boot parameter of the
device in the Boot Parameter field, and then click Delete > Apply > OK.

103-000162-001
September 4, 2001
Novell Confidential
Manual
Figure 23
99a
38
July 17, 2001
Host Map Records Properties Panel
1 To add the host address, click Add, enter the IP address of the host, and
then click Apply > OK.

The network addresses are written in the conventional decimal dot
notation.
2 To delete the host address, select the hosts IP address from the IP
Address field, and then click Delete > Apply > OK.

103-000162-001
September 4, 2001
Novell Confidential
Manual
Figure 24
99a
38
July 17, 2001
Netgroup Map Records Properties Panel
To add a netgroup address, enter the name of the Map Record, browse the icon
for the Map Name, enter the description of the map, and then click Apply >
OK.
Figure 25
Network Map Records Properties Panel

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
1 To enter the IP network number, click Browse, enter the network number,
and click OK.

2 To enter the IP netmask number, click Browse, enter the netmask number,
click OK, enter the description of the record, and then click Apply > OK.
Figure 26
Protocols Map Records Properties Panel
1 Enter the protocol number and a brief description of the record.

2 Click Apply > OK.

103-000162-001
September 4, 2001
Novell Confidential
Manual
Figure 27
99a
38
July 17, 2001
RPC Map Records Properties Panel
1 In the ONC RPC Number field, enter the RPC number of the program.
2 Enter a brief description of the record.
3 Click Apply > OK.
Figure 28
Services Map Records Properties Panel

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
1 In the IP Service Port field, enter the port number that this service is
available on.
2 In the IP Service Protocol field, enter the protocol used to access the
specified service.
4 Click Apply > OK.
Figure 29
General Map Records Properties
1 In the Map Record field, specify the map record using the following
format:
key record
2 Enter the map name that the record belongs to.

4 Click Apply > OK.
Starting and Stopping NIS Server from ConsoleOne
Right-click NISSERV_Servername object > click Start/Stop Services.

NOTE: You can also start and stop the NIS Services by using the NIS Server
menu. Make sure you refresh ConsoleOne after you change the status of NIS using
the menu.

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Setting Up Novell Native File Access for UNIX with

To get the full benefit of using Novell Native File Access for UNIX with
Novell Cluster ServicesTM, the software must be installed and configured to
work in a cluster environment.
This section describes the following:
Prerequisites (page 112)
Configuring the Properties of Cluster Volume Resource (page 113)
Component-Specific Configuration (page 116)
Starting and Stopping Native File Access for UNIX with Cluster Services
(page 117)
Prerequisites
Before installing Native File Access for UNIX with cluster support, create a
shared volume and a Cluster Volume object.
1 Create a shared volume using NWCONFIG > NSS volumes.
NOTE: Do not use the name nfsclust because it is a reserved word.
2 To create a Cluster Volume object from ConsoleOne, complete the
following:
2a Select the Cluster object.
2b Click File > New > Cluster > Cluster Volume.
2c Browse and select the shared volume.
2d Enter the secondary IP address or the virtual IP address associated
with the cluster.

The address will be in the following format:
AAA.BBB.CCC.DDD
2e Check the Define Additional Properties check box and click Create.
2f Set the Start, Failover, and Failback Modes.
2g Verify the order of the servers in the nodes list.
2h To save the changes to the Cluster Volume object, click OK.

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
IMPORTANT: After the shared volume servername_shared vol name is cluster-
enabled, ConsoleOne renames it to cluster object name_shared vol name.

ConsoleOne creates a virtual server associated with the shared volume called
cluster object name_shared vol name_SERVER.
ConsoleOne also creates a Cluster Volume object called shared vol
name_SERVER in the Cluster object container.
3 Install Native File Access For UNIX on all the nodes in the cluster.
4 If the NFS Services are running, run NFSSTOP. Remove NFSSTART
from AUTOEXEC.NCF.
5 Delete all the NISSERV_servername objects in eDirectory.
6 Run nisinst -s shared vol name_SERVER from one of the nodes in the
cluster. Modify the IPAddress attribute of this newly created

NISSERVER object to the virtual IP Address.
7 In the shared volume which is cluster-enabled for the Native File Access
for UNIX, make a directory named ETC.

8 From the node, where Step 6 was executed, copy the following files from
SYS:\ETC to the ETC directory on the shared volume.
nfs.cfg
nis.cfg
nisserv.cfg
nfsexprt in case of upgrade from NetWare 4.1 or 5.1
nfsthost in case of upgrade from NetWare 4.1 or 5.1
nfsstart.ncf from SYS:\SYSTEM
nfsstop.ncf from SYS:\SYSTEM
Configuring the Properties of Cluster Volume Resource

Load and Unload Script
To customize your specific NetWare NFS Services configuration, edit the IP

addresses and volume-specific commands in the load and unload scripts of the
cluster volume object to which you are going to associate NFS Services.
Select and right-click the Cluster Volume object and then click Properties to
find the Cluster Resource Load Script and Cluster Resource Unload Script.
Following are the formats for these scripts.

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Load Script
To the load script, add the following at the end of the existing script:
nfsclust AAA.BBB.CCC.DDD shared vol name shared vol
name_SERVER
shared vol name:\ETC\NFSSTART
Unload Script
To the unload script, add the following at the beginning of the existing script:
shared
unload
unload
unload
vol name:\ETC\NFSSTOP
nfsclust
nfsadmin
pkernel
Setting the Start, Failover, and Failback Modes
The following table explains the different resource modes.

Mode
Setting
Description
Start
AUTO, MANUAL
AUTO allows Native File

Access for UNIX to
automatically start on a
server when the cluster is
first brought up.
MANUAL lets you
manually start Native File
Access for UNIX on a
server whenever you
want.
Default = AUTO

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Mode
Setting
Description
Failover
AUTO, MANUAL

Access for UNIX to
automatically start on the
next server in the
Assigned Nodes list in
the event of a hardware
or software failure.
MANUAL lets you
intervene after a failure
occurs and before Native
File Access for UNIX is
moved to another node.
Default = AUTO
Failback
AUTO, MANUAL,
DISABLE

Access for to UNIX
automatically move back
to its preferred node
when the preferred node
is brought back online.
MANUAL prevents
Native File Access for
UNIX from moving back
when that node is
brought back online until
you are ready to allow it
to happen.
DISABLE causes Native
File Access for UNIX to
continue running in an
online state on the node it
has failed to.
Default = DISABLE
To view or change the Start, Failover, and Failback modes, do the following:
1 In ConsoleOne, double-click the cluster object container.
2 Right-click the cluster resource object shared vol name_SERVER and
select Properties.

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
3 Click the Policies tab on the property page.

4 View or change the Start, Failover, or Failback mode.
Component-Specific Configuration
The procedure to configure the components of Native File Access for UNIX
is much the same as when you configure the components without cluster
services. However, some points must be kept in mind while configuring the
following components:
NFS Server (page 116)
Network Information Service (page 116)
For the location of the configuration files for Native File Access for UNIX
with and without Cluster Services, see Location of Configuration Files on
page 117.
NFS Server
While configuring the NFS Server, note the following:

Export only the shared volumes from NFS Server. For exporting other
shared volumes, make sure you mount those volumes in the load script by
adding the following before the nfsclust entry:
mount volumename volid = 253 or lesser than this number
After this, deactivate and dismount them in the unload script:

dismount volumename
When mounting from an NFS client, use the virtual IP address of the
cluster volume object.
For more information on configuring the NFS Server, see ConsoleOneBased Management for NFS Server on page 87.
Network Information Service
While configuring the NIS clients, note the following:

Bind the NIS clients to NIS server running on the cluster using a virtual
IP address.

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Location of Configuration Files

Most of the configuration files are now located in the shared volumes ETC
directory. The following table lists the location with and without the cluster
services.
Table 3
Location of Configuration Files
Filename
Without Cluster Services
With Cluster Services
NFS.CFG
SYS:\ETC
shared_vol_name:\ETC
NIS.CFG
SYS:\ETC
NFSSERV.CFG
SYS:\ETC
NFSEXPRT
SYS:\ETC
NFSTHOST
SYS:\ETC
Log file for NFSSERV (default is

NFSSERV.LOG)
SYS:\ETC
NISMAKE
SYS:\ETC\NIS
SYS:\ETC\NIS
NFSSTART.NCF
SYS:\SYSTEM
NFSSTOP.NCF
SYS:\SYSTEM
Starting and Stopping Native File Access for UNIX with Cluster
Services
1 To start NFS Services, from Cluster ConsoleOne, click Cluster Object >
View > Cluster State > Cluster Vol Object Online.

2 To stop NFS Services, from ConsoleOne, click Cluster Object > View >
Cluster State > Cluster Vol Object Offline.

For additional information on setting up and configuring Novell Cluster
Services, see the Novell Cluster Services documentation. (http://
www.novell.com/documentation/lg/ncs/index.html)

103-000162-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

103-000162-001
September 4, 2001
Novell Confidential
Server Communications Administration Guide
Novell
NetWare 6
www.novell.com
8.5
S E R V E R C O M M U N I C AT I O N S
August 30, 2001

Novell Confidential
Manual
99a
July 17, 2001
38
Contents
Server Operating System Communications
Understanding Network Communications

Identifying Devices . . . . . . . . .
Finding Services . . . . . . . . . .
Moving Packets . . . . . . . . . .
Coordination . . . . . . . . . . . .
IP Addressing . . . . . . . . . . .
IP Subnetting . . . . . . . . . . . .
IPX Addressing. . . . . . . . . . .
ARP . . . . . . . . . . . . . . . .
DHCP . . . . . . . . . . . . . . .
SLP. . . . . . . . . . . . . . . . .
SLP Agents. . . . . . . . . . . . .
Directory Agents . . . . . . . . . .
Service Registration . . . . . .
Service Deregistration . . . . .
Service Request . . . . . . . .
Service Type Request . . . . .
Attribute Request . . . . . . . .
Novell's Enhancements to SLP .
Scope Container Object . . . . . .
How SLP Works . . . . . . . . . .
SLP NDS Objects . . . . . . . . .
SLP Scope Container Object . .
SLP Service Object . . . . . . .
Directory Agent Object . . . . .
NCP Server Object . . . . . . .
SAP . . . . . . . . . . . . . . . .
DNS . . . . . . . . . . . . . . . .
OSPF. . . . . . . . . . . . . . . .
NLSP . . . . . . . . . . . . . . . .
RIP, RIP II . . . . . . . . . . . . .
Time Synchronization . . . . . . .
NDS Replication . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
11
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Contents

103-000145-001
August 30, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
12
13
13
14
14
15
16
16
17
17
18
18
19
19
19
19
19
19
20
20
22
23
23
23
23
24
24
25
25
25
26
27
Manual
99a
July 17, 2001
38
Planning
29
Protocol Selection . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Planning Migration. . . . . . . . . . . . . . . . . . . . . . . . . . . .
Compatibility Mode (CM) . . . . . . . . . . . . . . . . . . . . . . . .
IPX Compatibility Feature Dependencies . . . . . . . . . . . . . .
The Virtual IPX Network Created for the IPX Compatibility Feature .
Migration Agent (MA) . . . . . . . . . . . . . . . . . . . . . . . . . .
Migration Agent Dependencies . . . . . . . . . . . . . . . . . . .
Dynamic Discovery of Migration Agents by IP Systems . . . . . . .
Protocol Stack Options . . . . . . . . . . . . . . . . . . . . . . . . .
IP Install Option . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
IPX Install Option . . . . . . . . . . . . . . . . . . . . . . . . . . . .
IP and IPX Install Option . . . . . . . . . . . . . . . . . . . . . . . .
Servers Installed with MA, IPX and IP. . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Setting Up
30
30
31
31
32
32
35
35
35
35
37
38
39
41
Migrating IPX to IP . . . . . . . . . . . . . . . . . . . . . . . . . .
Migrating to Obtain Internet Connectivity . . . . . . . . . . . . . . .
Migrating to Cut IPX Administrative Costs. . . . . . . . . . . . . . .
Migrating a Section of the Network . . . . . . . . . . . . . . . . . .
Migrating Leaf Networks First . . . . . . . . . . . . . . . . . . . . .
Migrating the Backbone First . . . . . . . . . . . . . . . . . . . . .
Avoiding Inefficient Routing . . . . . . . . . . . . . . . . . . . . . .
Example 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Example 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
SAP/RIP Filters and the Migration Agent Backbone Support Feature
Placing of SLP Directory Agents . . . . . . . . . . . . . . . . . . .
Turning Off Microsoft IPX Networking . . . . . . . . . . . . . . . . .
Migrating To Have an IP Only Network Eventually . . . . . . . . . .
Migrating from IPX to IP without Using the IPX Compatibility Feature
Configuring the Compatibility Mode . . . . . . . . . . . . . . . . . .
Enabling the Migration Agent . . . . . . . . . . . . . . . . . . .
Changing the CMD Network Number . . . . . . . . . . . . . . .
Setting the Preferred IP Address . . . . . . . . . . . . . . . . .
Configuring the Preferred Migration Agent . . . . . . . . . . . .
Setting the SCMD.NLM to Provide IP Backbone Support . . . . .
Configuring for SLP Independent Backbone Support . . . . . . .
Enable Filtering . . . . . . . . . . . . . . . . . . . . . . . . . .
Viewing the Migration Agent List. . . . . . . . . . . . . . . . . .
Updating the Router Table . . . . . . . . . . . . . . . . . . . . .
Viewing the CMD Server Statistics . . . . . . . . . . . . . . . .
Supporting the Network Address Translator . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

103-000145-001
August 30, 2001
Novell Confidential
41
42
42
42
44
46
48
48
49
51
51
52
52
52
53
53
53
54
54
55
55
56
56
56
57
57
Manual
99a
Optimizing
63
Using Large Internet Packets . . . . . . . . . . . . . . . . . .

Using Packet Burst . . . . . . . . . . . . . . . . . . . . . . .
Increasing Maximum and Minimum Packet Receive Buffers . .
Increasing the Maximum Number of Packet Receive Buffers
Increasing the Minimum Number of Packet Receive Buffers.
July 17, 2001
38
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Managing
63
64
65
65
66
67
Overview of Loading and Binding LAN Drivers .

Loading and Binding LAN Drivers . . . . . . . .
Unbinding and Unloading LAN Drivers. . . . . .
Using Logical Boards. . . . . . . . . . . . . . .
Unloading Logical Boards . . . . . . . . . .
Shutting Down and Resetting Logical Boards
Removing Network Boards. . . . . . . . . . . .
Resetting Network Boards . . . . . . . . . . . .
Preventing Cabling Problems . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Contents

103-000145-001
August 30, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
67
68
70
71
71
72
72
73
74
Manual
99a
38

103-000145-001
August 30, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001

NetWare has traditionally used IPXTM and its protocols for network
communication. NetWare 4 supported IP networks through NetWare/IPTM.
The release of NetWare 6 allows a choice of running networks with just IPX,
with both IP and IPX, or with pure IP.
The Internet Protocol comprises a set of publicly available protocols that
provides the means by which computers communicate on the Internet.
IPX comprises a set of protocols that facilitate communication between
computers on NetWare networks.
In order to make IP run on NetWare, the public protocols of IP had to be
incorporated into, and replace, the proprietary protocols in NetWare. Since
NDS is the heart of NetWare, it was used to bring all the Internet Protocols
together in NetWare 6. This makes it possible to configure and maintain the
protocols using NetWare Administrator.
Compatibility Mode (CM) (page 31) maintains backward compatibility with
IPX NetWare systems. You can install a server or client using one of three
methods: IP (with compatibility mode), IPX, or both IP and IPX. CM provides
translation between IP and IPX by recognizing IPX packets and then
determining how to forward them. A Migration Agent (MA) (page 32) on the
server uses CM to bridge IP and IPX networks while maintaining protocol
purity on each of the respective networks.
No other networking software vendor has combined Internet protocols with a
proven networking platform to provide a pure IP networking solution.
Novell has accomplished this because of the flexibility and scalability
inherent in NDS. By extending the NDS schema and adding objects, Novell
has built a network operating system out of publicly available Intenet
Protocols and made it work with IPX for backward compatibility. The Server

103-000145-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Operating System Communications documentation outlines and contrasts the

protocols used in Novell's IP and IPX implementations of NetWare 6.
10

103-000145-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Understanding Network
Communications
Network communications involve many complex operations, but these
operations can be grouped into four major categories:
Identifying Devices (page 12)
For computers to communicate on networks, each must have an address.
Just as postal services are unable to deliver a package without an address,
computers are unable to communicate without an address. Since
computers use numbers for addresses, but humans have an easier time
distinguishing names, computers use protocols to match the number
address to a name.
Finding Services (page 13)
Once a computer has an address and/or name, it can start communicating
with other computers. Its first communication is to let other computers
know what services it has to offer. Then it must find out what services are
being offered by other computers on the network. This is accomplished
by using one of several service advertising and location protocols.
Moving Packets (page 13)
Having discovered other computers' addresses and the services they offer,
a computer can start moving packets between itself and other hosts. To
communicate efficiently, though, computers must know the fastest way to
move data from point A to point B. Computers determine the best route
from computer to computer with routing protocols.
Coordination (page 14)
Finally, network communication depends upon maintaining data
integrity. NetWare servers must coordinate time and NDS replicas to
ensure data integrity on the network. Time servers coordinate their time

103-000145-001
August 30, 2001
Novell Confidential
11
Manual
99a
38
July 17, 2001
with other servers and relay the correct network time to NetWare clients.
NDS replication is similar to time synchronization in that servers must
keep and share accurate information to maintain fault tolerance and
distributed access to the database.
Identifying Devices
Devices on networks must be uniquely identified so that other devices can find
and use their services. Since IPX Addressing (page 16) was designed to be
simple and require little maintenance, it doesn't rely on protocols to enhance
its functionality.
IP Addressing (page 14) and IP Subnetting (page 15) are both more complex,
however, and require maintenance type protocols to make administration
manageable. ARP (page 16) and DHCP (page 17) are two commonly used IP
addressing protocols.
Two kinds of addresses identify hosts on the network: hardware or media
access control (MAC) addresses, and software addresses. IPXTM uses the
MAC address of the Ethernet or token ring network board to identify the host
on the network. Since the MAC and node addresses are the same, there is no
further translation required to identify the host. IP addresses are not the same
as the MAC address of the network board, so IP addresses must be translated
into MAC addresses. Address Resolution Protocol (ARP) translates IP
addresses to MAC addresses on IP networks.
Dynamic Host Control Protocol (DHCP) is an Internet protocol that provides
dynamic distribution of IP addresses to workstations. DHCP helps network
administrators with the task of assigning IP addresses to workstations and
lessens the problems associated with a shortage of IP addresses. There is no
equivalent to DHCP in IPX networks because of the abundance of IPX
addresses and their ability to use the MAC address as the software address.
12

103-000145-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Finding Services
Once a computer is uniquely identified on the network, it can let other
computers know what services it offers, or it can request services from another
computer. There are three service protocols that maintain lists of computers
and the services they offer:
Protocol Name
Protocol Type
Service Location Protocol (SLP)
IP
Service Advertising Protocol (SAP)
IPX
Domain Name Service (DNS)
IP
SLP (page 17), an Internet protocol, and SAP (page 24), an IPX protocol, are
both used to locate and advertise network services.
DNS (page 24) is an Internet standard service that provides IP address-to-host
name resolution. Its primary purpose is to match the name of a computer, such
as host1.novell.com, with its IP address. DNS can also map certain Internet
server services, such as E-mail and Web, to specific hosts.
Host files can also be used on private networks to accomplish IP address-tohost name resolution.
Moving Packets
Computers use and provide services by exchanging packets. Packet exchange
can be accomplished only if the computers know how to move information
amongst themselves. Computers learn the path, or route, to other computers
by using routing protocols such as the following:
OSPF (page 25)
NLSP (page 25)
RIP, RIP II (page 25)
There are two kinds of routing protocols, distinguished by their mode of best
route discovery:
Distance Vector
Link State

103-000145-001
August 30, 2001
Novell Confidential
13
Manual
99a
38
July 17, 2001
Distance vector routing protocols determine the best route from one computer
to another based on the distance, or number of hops, and the time, or ticks, that
separate hosts. Link state routing protocols use a cost metric to determine the
best path between hosts.
Link state routing protocols are generally more accurate and efficient than
distance vector routing protocols and are better suited for traversing WAN
links. The table below shows the protocol and routing types associated with
the routing protocols:
Routing Protocol
Protocol Type
Routing Type
OSPF
IP
Link State
NLSP
IPX
Link State
RIP
IP and IPX
Distance Vector
RIP II
IP
Distance Vector
Open Shortest Path First (OSPF) is a link state IP routing protocol. Its IPX
equivalent is NetWare Link Service ProtocolTM (NLSPTM). Routing
Information Protocol (RIP) is a distance vector routing protocol used for both
IP and IPX routing, but with some variation between protocols. RIP II is a
newer IP routing protocol based on RIP that adds support for a subnet mask.
Coordination
See Time Synchronization on page 26 and NDS Replication on page 27.
IP Addressing
The IP address for a node is a logical address, independent of any particular
hardware, network topology, or media type. The IP address is a 4-byte (32-bit)
numeric value that identifies both a network and a local host or node
(computer or other device) on that network. The 4-byte IP address is usually
represented in dotted decimal notation. Each byte is represented by a decimal
number, and periods separate the bytes, for example, 129.47.6.17.
A conflict arises with Ethernet networks, because IP uses a 32-bit address and
Ethernet uses a 48-bit Ethernet address. To associate the IP address to a
physical address on an Ethernet network, a mapping must occur between the
14

103-000145-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
two types. The Address Resolution Protocol (ARP) maps the IP address to the
physical address. ARP mapping is limited to networks that support hardware
broadcast.
IP Subnetting
One IP network can be divided into smaller networks, called subnets. The
following are reasons to divide your network:
Use multiple mediaIt can be impossible, inconvenient, or too
expensive to connect all nodes to a single network medium when these
nodes are too far apart or already connected to different media.
Reduce congestionTraffic between nodes on a single network uses
network bandwidth. As a result, more bandwidth is required when you
have more nodes. Splitting a network reduces the number of nodes on a
data-link network. Fewer nodes generate less traffic and, as a
consequence, less congestion.
Reduce processor useBecause each node on a network must react to
every broadcast, reducing the number of nodes reduces processor use and
congestion.
Isolate a networkBy splitting a large network into small networks, you
limit the impact of one network's problems on another. Such problems can
include network hardware failures, such as an open Ethernet tap, or
software failures, such as a broadcast storm.
Improve securityOn a broadcast network medium such as Ethernet,
each node on a network has access to all packets sent on that network. By
enabling sensitive network traffic on only one network, other network
monitors can be prevented from accessing this sensitive traffic.
Make efficient use of IP address spaceIf you are using a Class A or B
network number and have multiple small physical networks, you can
divide the IP address space into multiple IP subnets and assign them to
individual physical networks. Another option is to obtain several Class C
network numbers, although this is less desirable.

103-000145-001
August 30, 2001
Novell Confidential
15
Manual
99a
38
July 17, 2001
IPX Addressing
IPX defines its own internetwork and intranode (or intranetwork) addressing.
For intranode addressing, IPX uses the physical address assigned to the
network board. The IPX network address uniquely identifies an IPX server on
an IPX network and individual processes within the server. A complete IPX
network address is a 12-byte hexadecimal number comprising the following
components:
A 4-byte network number (server)
A 6-byte node number (server)
A 2-byte socket number (server process)
The following is an example of a complete IPX network address:
FEDCBA98 1A2B3C5D7E9F 0453
Each number in an IPX address is contained in a field in the IPX header and
represents a source or destination network, node, or socket. The network
number is used only for network-layer operations, namely routing. The node
number is used for local, or same-segment, packet transmission. The socket
number directs a packet to a process operating within a node.
ARP
Unlike IPX, IP addresses are not the same as the hardware address of the
network board, so there must be a way to discover the physical, or media
access control (MAC) address. The Address Resolution Protocol (ARP)
performs this task. When an IP address is mapped to a MAC address, ARP is
used on broadcast networks such as Ethernet, token ring, and ARCnet. When
a node uses IP to send a packet, it must determine which physical address on
the network corresponds to the destination IP address. To find the physical
address, the node broadcasts an ARP packet containing the destination IP
address. The node with the specified destination IP address sends its physical
address back to the requesting node.To speed packet transmissions and reduce
the number of broadcast requests that must be examined by every node on the
network, each node keeps an address resolution cache, or ARP table. Each
time the node broadcasts an ARP request and receives a response, it creates an
entry in its address resolution cache. The entry maps the IP address to the
physical address. When the node sends an IP packet, it looks up the IP address
in its cache and uses the physical address, if found. The node broadcasts an
ARP request only if the IP address is not in its cache.
16

103-000145-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
DHCP
The Dynamic Host Configuration Protocol (DHCP) uses a client-server
structure to provide configuration parameters to hosts. DHCP consists of a
protocol for providing host-specific configuration parameters from a DHCP
server (or collection of DHCP servers) to a host and a mechanism to allocate
network addresses to a host.
When the DHCP server is loaded, it reads its configuration information from
NDS and stores the information in its cache. As the DHCP server assigns
addresses to clients, it updates NDS, adding IP address objects or modifying
their NDS status information. The DHCP server can be configured to maintain
an audit log of this activity.
The administrator can use the DNS/DHCP Administration utility to view
objects to see how addresses have been assigned.
SLP
The Service Location Protocol provides the same function in IP networks as
SAP provides in IPX networks. It registers information in a database and
allows clients to query the database to find services. There are, however, two
principal differences between SAP and SLP:
SLP does not maintain a global database of services. It registers services
only in the local area. It discovers services in the local area via multicast
requests, which are forwarded using NDS replication from network to
network within a site.
SLP assumes that the client is able to locate either services themselves, or
a database server representing those services, using these pan-network
multicasts.
Through Novell's integration of SLP with NDS, local SLP information is
compiled to provide a global representation of all available services on the
network. This provides dynamic discovery of services locally and scalability
in large networks.
The topics listed below explain the components of SLP:
How SLP Works on page 20
SLP Agents on page 18
SLP NDS Objects on page 22

103-000145-001
August 30, 2001
Novell Confidential
17
Manual
99a
38
July 17, 2001
SLP Agents
The three types of agents that NetWare 5 SLP uses are
User agents, which acquire service handles for user applications
Service agents, which advertise service handles
Directory agents, which collect service handles in internetworked
enterprises
Applications running on a computer are represented by a User agent that
understands the service and resource needs of the application. Each network
service is represented by a Service agent, which makes it available to user
agents. SLP dynamically maintains service attributes, so that a User agent can
obtain current information.
Of the agents, the Directory Agents (page 18) have the largest role in NDS
SLP.
Directory Agents
The point of interface between SLP and NDS is the SLP Directory agent. The
Directory agent is a common data storage of network service information
collected through SLP. The Directory agent uses NDS as its database for
network service information that is distributed globally. NDS adds significant
value to SLP by leveraging existing NDS standards for configuring NDS tree
structures, for a central point of administration, and for the ability of NDS to
replicate service information.NDS replication services allow Directory agentto-Directory agent communication. This is unique in SLP implementations
and it facilitates global distribution of SLP database information. NDS replica
services give the Directory agent the ability to access global services from a
local replica. The Directory agent is responsible for processing the following
SLP protocol messages:
Service Registration
Service Deregistration
Service Request
Service Type Request
Attribute Request
These SLP protocol messages either enter, delete, or query information in the
Directory agent's service database.
18

103-000145-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Service Registration
A Service agent forwards all known services to the Directory agent using a
service register request. The register contains the URL, attributes, language
indicator, and a time to live (lifetime). The service registration occurs when
attributes are being updated or modified and once every lifetime period.
Service Deregistration
A Service agent sends a service deregister request to the Directory agent when
the service is no longer available.
Service Request
A User agent sends a service request to the Directory agent when it is looking
for services. The Directory agent returns only those services with a valid
lifetime. The User agent might filter services by providing a predicate list. The
Directory agent must filter services when the predicate list is supplied.
Service Type Request

A user agent sends a service type request to the Directory agent when it is
looking for all service types or all service types within a specific name
authority.
Attribute Request
A User agent sends an attribute request to the Directory agent either for a
specific URL or for a group of URLs specified by the service type.
Novell's Enhancements to SLP

As mentioned previously, once the SLP service information has been stored in
the NDS tree, the normal replication and distribution processing of NDS will
guarantee its global accessibility. Only those Directory agents granted access
rights to the Scope container object will have access to the SLP service
information in that scope.To reduce bandwidth requirements on large
networks, the NetWare SLP Directory agent doesn't use IP multicast. In a
small network, IP multicast is a viable technology that can be coupled with the
SLP user and Service agents to provide acceptable discovery service. As the
network expands, the IP multicast can cause some bandwidth reduction, as

103-000145-001
August 30, 2001
Novell Confidential
19
Manual
99a
38
July 17, 2001
routers must forward the multicast packets to all registered nodes. To solve
this problem, NetWare SLP Directory agents collect the information from
local segments and then establish IP unicast relationships. Although the SLP
RFC defines the Directory agent and its relationship to the user and Service
agents, the specification doesn't address the relationship among multiple
Directory agents. A Directory Agent-to-Directory Agent protocol is
mentioned in the specification, but the work has been left to a future version
of the RFC. NDS, however, provides a solution. The NDS replicated database
can provide authenticated and synchronized information across networks
while preserving network bandwidth.
Scope Container Object

SLP employs the Scope container object which defines a logical grouping of
services. The Scope object allows network administrators to logically group
services according to geographical, geo-political, service type, or any other
administrative criteria in order to control distribution or visibility on the
network. The primary goal of the SLP Scope is to enhance the scalability of
gathering and distributing network service information.
How SLP Works

The following figure illustrates how SLP registers a service provider on a local
segment. Each agent must register its own services. Whether the User agent is
on the server or on a workstation, it can register as a client after it
communicates with the Directory agent to see what services are available.
Once the service is registered with the Directory agent or Service agent, you
can register or deregister the service.
20

103-000145-001
August 30, 2001
Novell Confidential
Manual
Figure 1
User Agent
(Server)
99a
July 17, 2001
38
Service Location Protocol
Directory Agent
Service Agent
User Agent
(Workstation)
Once the application has registered with the SLP User agent, it can look up a
service or get a list of services and read the attributes of a service, using either
blocking calls or synchronous calls. In the IP environment, this information is
pulled out of the Directory agent and put into NDS so that users and
administrators can know what services are available in a local area, provided
the proper security rights are granted.
A Novell client can use the User agent to go into an SLP Directory agent or
Service agent, or into NDS to reach out to other LAN or WAN segments, as
shown in Figure 2 on page 22.
This method does not rely on service information obtained from routers.
Instead, NDS is used for global communication of information. Through this
method, service updates on local segments are just as reliable and dynamic as
on IPX SAP-based networks.

103-000145-001
August 30, 2001
Novell Confidential
21
Manual
Figure 2
99a
38
July 17, 2001
Integrated Network Services Discovery
WAN & LAN Segments

Other Naming
Services
X.500
DNS
LDAP
NDS
(NetWare, NT, Unix)
Local Segments
SrvLoc
Directory
Agent
DHCP
Server
DHCP
Client
IntranetWare
Client
SrvLoc
Service
Agents
SrvLoc User
Agent
SLP NDS Objects

Following are the NDS objects represented by SLP:
Scope container object
SLP Service object
SLP Directory Agent object
The SLP Scope container object represents an SLP scope and is the container
in which SLP Service objects are stored.
SLP Service objects represent a network service discovered through the
Service Location Protocol. They contain all of the SLP information about the
network service, including its network address and attributes.
The SLP Directory Agent object represents an SLP Directory agent.
22

103-000145-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
SLP Scope Container Object

The SLP Scope container object is the storage container for SLP service
information. Each object contains all the SLP Service objects for the specific
scope. The NDS administrator can replicate the container into other partitions
within the tree or within federated trees. The object is a stand-alone entity
within the NDS tree and there is no relationship between its distinguished
name, the tree name, and the scope name. When a Service agent forwards a
service record to a Directory agent within a specific scope, the scope name is
mapped to the Scope object by using the name attribute within the container
object. The SLP Scope object must contain rights to read, write, and browse
the container because the access rights of the Directory Agent object access
are equivalent to the access rights of the Scope object.Because the Scope
object uses distinguished name syntax, the Scope object can be moved to a
different location in the tree and NDS will automatically change all values to
reflect the new location.
SLP Service Object

The SLP Service object is a leaf object that represents a service registration.
SLP Service objects are subordinate to the SLP Scope object and contain all
information supplied by a service registration. SLP Service objects are stored
in the appropriate SLP Scope object according to their scope.
Directory Agent Object

The SLP Directory Agent object is a leaf object that represents a single
instance of a Directory agent. Multiple Directory agents cannot share a single
object. This object defines the Directory agent's configuration, scope, and
security. The Directory agent uses this object to log in to the server and operate
under the access control requirements assigned to the NCP Server object.
NCP Server Object

The NetWare installation program creates an NCP_SERVER object for every
server within the tree. The Directory agent adds an attribute to the
NCP_SERVER class definition called SLP Directory Agent DN. The SLP
Directory Agent DN contains the distinguished name of the Directory Agent
object. It is used as a pointer from the NCP Server object to the Directory
Agent object.

103-000145-001
August 30, 2001
Novell Confidential
23
Manual
99a
38
July 17, 2001
SAP
The Service Advertising Protocol provides the same function in IPX networks
as SLP in IP networks. It registers information in a database and allows clients
to query the database to find services.NetWare servers using IPX use SAP to
advertise their services and network addresses. Routers gather this
information and share it with other routers. Workstations on the network
access the information provided by routers to determine which services are
available on the network and to obtain the IPX address of the services.
Workstations use this information to initiate a session with a service.SAP
makes the process of adding and removing services on an internetwork
dynamic. As servers start up, they use SAP to advertise their services; as they
are brought down, they use SAP to indicate that their services are no longer
available.As a router becomes aware of any change in the internetwork server
layout, this information is broadcast immediately to all neighboring routers.
SAP broadcast packets containing all server information known to the router
are sent periodicallythe default is every 60 seconds. These broadcasts keep
all routers on the internetwork synchronized and provide a means of updating
routing information when a router or server has become inaccessible since the
last broadcast. A server might be inaccessible because a router went down, or
because a router dropped a packet containing a notification that the route to
the server is unreachable. Servers that are inaccessible do not appear in the
SAP broadcast.
DNS
The Domain Name System (DNS) is a distributed database system that
provides hostname-to-IP resource mapping (usually the IP address) and other
information for computers on an internetwork. Any computer on the Internet
can use a DNS server to locate any other computer on the Internet.
DNS is made up of two distinct components:
The DNS hierarchy specifies the structure, naming conventions, and
delegation of authority in the DNS service.
The DNS name service provides the actual name-to-address mapping
mechanism.
24

103-000145-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
OSPF
Open Shortest Path First (OSPF) is an IP link state routing protocol. Link state
routers exchange information about the state of their network connections or
links. Using this information, each router can construct the topology of the
internetwork, and from that derive a routing table consisting of the most
efficient paths between devices.
OSPF offers the following advantages over IP RIP:
Faster convergence of router information tables
First hand routing information
Generates less traffic
No count-to-infinity problem
NLSP
NLSP is an IPX link state routing protocol that was developed to respond to
limitations that arise when implementing IPX RIP and SAP in larger
internetworks, particularly over WAN links. Link state routers exchange
information about the state of their network connections or links. Using this
information, each router can construct the topology of the internetwork and
derive routing information.
NLSP offers the following advantages over IPX RIP
Faster convergence of router information tables
First hand routing information
Generates less traffic
RIP, RIP II
RIP is a distance vector routing protocol used for both IP and IPX routing, but
with slightly different implementations. IP RIP and IPX RIP use similar
processes for discovering, maintaining, and prioritizing routes. They both
send route requests for obtaining routing information and send periodic route
updates to make sure the routing information tables are synchronized. The
major differences between IP RIP and IPX RIP are the protocols they are
associated with, the way they prioritize routes, and the routing table update
interval.

103-000145-001
August 30, 2001
Novell Confidential
25
Manual
99a
38
July 17, 2001
RIP II is an IP routing protocol that includes the following enhancements over

RIP:
Provides a password for authentication
Allows specification of a subnet mask
Allows multicast addressing
Synchronizing time across the network provides a service that maintains
consistent time stamps for enterprise environments with several servers in
different time zones.
Time synchronization provides network time for the following:
File systems
Messaging services
Network applications
NDS Time Servers use TIMESYNC to provide synchronized time for network
services.
If there are fewer than 30 servers on the network, use the default settings of a
single reference time server and a secondary time server.
For more than 30 servers, plan a custom environment using a reference time
server, primary time server, and secondary time servers. You can also specify
which communication method the time servers will use: SAP or a configured
list.
TIMESYNC allows NetWare servers to synchronize their time with an
authoritative external time source, such as an atomic clock, through an
asynchronous connection such as a modem. NTP (Network Time Protocol) is
an Internet Protocol that can be used with TIMESYNC to query authoritative
time servers over the Internet rather than with a dialup connection.
26

103-000145-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NDS Replication
NDS replica synchronization ensures that changes to NDS objects are
synchronized among all replicas of the partition. This means that any server
that holds a replica of a partition must communicate with the other servers to
synchronize a change.
In NetWare 6, NDS replica synchronization is more efficient and produces
less network traffic than previous versions, because instead of automatically
synchronizing replicas, servers are queried to find out if they are synchronized
or not. If a server is out of synchronization, the update is sent. But if the server
is synchronized, there is no need to send the update.

103-000145-001
August 30, 2001
Novell Confidential
27
Manual
28
99a
38

103-000145-001
August 30, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
Planning
As an open standard, pure IP offers flexibility and interoperability, now
available to users of NetWare. Although many customers may use both IP
and IPXTM on their networks, a pure IP network is easier to administer and
more easily integrated with other systems, such as UNIX* and Windows NT*.
New IP migration tools and services in NetWare 6TM make migrating to a pure
IP network managable, even for the largest networks. Whether you choose to
migrate from IPX to IP will largely depend on the goals of your
organization.One of the biggest advantages of migrating a network from IPX
to IP is reduced administrative costs. Migrating from IPX to IP will be most
beneficial for customers already supporting both protocols, and for those
expending a significant portion of their Information Services (IS) budget
managing IPX.
Migrating the network from IPX to IP is not necessary to take advantage of
the increased connectivity of NetWare 6. If you are satisfied with your existing
network infrastructure, but would like to make NetWare services available to
IP clients, you can upgrade servers and clients to NetWare 6 and load both
protocol stacks.
If you are installing or upgrading a server, see NetWare 6 Installation
Guide.
To decide what protocol to use, see Protocol Selection on page 30.
Planning

103-000145-001
August 30, 2001
Novell Confidential
29
Manual
99a
38
July 17, 2001
Protocol Selection
Previous versions of NetWare used Internetwork Packet Exchange (IPX), a
proprietary protocol developed by Novell, for network communications.
NetWare 6 uses TCP/IP (Transmission Control Protocol/Internet Protocol),
IPX, or a combination of both IP and IPX.
With increasing access to worldwide data exchange through the Internet, IP
has become so popular that many companies'networks now require it. But IPX
and IP are two separate protocols. If you run both, you must maintain both.
Administering routers, bridges, switches and other hardware components
required for multiprotocol network communications can prove prohibitive.
Potentially, migrating from IPX to IP could prove costly, and there are some
important considerations. Attempting to move a large number of servers and
clients to NetWare 6 simultaneously won't generally be practical. It may be
neccessary to introduce IP components over time, depending on the size and
complexity of your network. You might choose to upgrade only servers as a
preliminary phase, and later upgrade clients. To understand your migration
options, see Planning Migration on page 30.
Although Novell now recommends the use of pure IP on your network, small,
private networks might be more efficient using an IPX-only implementation.
As you'll see in the discussion regarding addressing, IPX requires no special
address resolution protocolsit can assign addresses dynamically, and
addresses are abundant. IP is better suited for large IP-based networks
attached to the Internet, to WAN links, or where IP is the exclusively required
protocol. If you don't require IP for any of these reasons, and you can use a
pure IPX network, you might find IPX implementation easier to administer.
Planning Migration
However you choose to migrate from IPX to IP, the cost and difficulty usually
associated with a major change such as this is offset by NetWare 6 migration
tools designed to facilitate migration without loss of connectivity or IPX
application support. The migration tools include the following:
Compatibility Mode (CM) (page 31)
Migration Agent (MA) (page 32)
These components can be loaded on the same server. The CMD runs on all
NetWare 6 servers by default. Only one MA is required for each IPX network
connected to the IP backbone.
30

103-000145-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Because most existing NetWare servers have some dependency on IPX

applications and services, NetWare 6 installs with IP running Compatibility
Mode as the default. When you install NetWare 6, you can choose to load with
IPX only, or IP with Compatibility Mode. Although the Compatibility Mode
driver is loaded on the server by default, it remains dormant until the server
receives a request for IPX services. This allows backward compatibility with
IPX while using minimal system resources.
Use of the other components of Compatibility Mode will be determined by
your networking requirenment and existing infrastructure. Each component's
role in a multiprotocol network is described to help you determine if you need
to use it.
Compatibility Mode (CM)

The Compatibility Mode driver (CMD) has two parts, one for the server and
one for the client. At the server, the CMD is viewed as a network adapter. You
can bind both protocols to the CMD and it acts like a router when IPX packets
need to be sent within the server. Otherwise, the CMD patiently waits in the
background, doing nothing and using no resources.
At the workstation, the CMD is invisible because it is an integral part of the
new client. It provides the IP communications link required by an IP client.
Because NetWare 6 is pure IP, there is no need for IPX at the client.
The IPX Compatibility driver's job is to provide IPX connectivity over the IP
network, allowing applications using the IPX stack for communications to
function in an IP network. The IPX Compatibility driver also allows IP
systems to communicate with IPX systems by using the services of Migration
Agents.The IPX Compatibility driver treats the IP network as a virtual IPX
network segment (CMD network segment), by encapsulating IPX datagrams
inside UDP datagrams, and by resolving RIP and SAP requests through the
use of the Service Location Protocol (SLP).
IPX Compatibility Feature Dependencies

If you want to run IPX applications in your IP network, or you need to connect
IP systems with IPX systems, you must ensure that the Service Location
Protocol is enabled across the networks, because the IPX Compatibility
drivers are dependent on the capabilities of SLP. Customers who want to
interconnect IPX and IP systems must introduce at least one Migration Agent
on the network.
Planning

103-000145-001
August 30, 2001
Novell Confidential
31
Manual
99a
38
July 17, 2001
The Virtual IPX Network Created for the IPX Compatibility Feature
The default IPX network number (CMD network number) assigned to the
virtual IPX network created by the IPX Compatibility drivers is
0xFFFFFFFD. If you want to set up Migration Agents to interconnect IP
systems with IPX systems, you must ensure that the CMD network number
does not conflict with the internal IPX network number of a server or with the
IPX network number of a network segment. You must also ensure that IPX
routers are not filtering this address.If you find a system or a segment that
conflicts with the CMD network number, you have the option of overriding
the default CMD network number by modifying the configuration of IP-only
clients and servers. You might find it easier to change the network number of
the conflicting system or segment, rather than trying to override the default
CMD network number.
Migration Agent (MA)

The Migration Agent is a tool that enables communication between IPX and
IP systems. It also enables you to create an IP backbone that interconnects IPX
segments. Use this tool when you want to migrate systems from IPX to IP in
a phased manner without losing connectivity.
The MA takes the IPX requests, which are in an IP packet, and tunnels the IP
packet in an IPX wrapper to be sent out on the IPX wire. The opposite occurs
when an IPX packet is sent across the IP backbone.
In previous versions of NetWare, IP access was provided on NetWare
networks with NetWare/IPTM. NetWare/IP took every packet (all were IPX
packets) and tunneled each in an IP wrapper. This kind of IP tunneling is no
longer needed, because tunneling has been reversed in NetWare 6instead of
tunneling IP packets in IPX with NetWare/IP, IPX packets are now tunneled
in IP packets with the Migration Agent. Now, only the few IPX requests
require tunneling, providing better throughput and efficiency.
The MA serves as a router between the IPX network and the virtual IPX
network segment created by the IPX Compatibility drivers as illustrated in
Figure 3 on page 33.
32

103-000145-001
August 30, 2001
Novell Confidential
Manual
Figure 3
IPX
server
99a
July 17, 2001
38
Migration Agent Interconnecting IP and IPX Nodes
IPX
client
IPX
printer
IPX network
NetWare 5
Migration Agent
Server
CMD network
IP
client
IP
server
More than one MA is needed to enable resiliency and load-sharing, or when

you want to interconnect IPX segments with an IP backbone. Figure 4 on page
34 shows two Migration Agents interconnecting two IPX segments.
Planning

103-000145-001
August 30, 2001
Novell Confidential
33
Manual
Figure 4
IPX
server
99a
July 17, 2001
38
Migration Agents Interconnecting IPX Segments
IPX
client
IPX segment
NetWare 5
Migration Agent
Server
IP
backbone
NetWare 5
Migration Agent
Server
IPX segment
IPX
client
IPX
server
The MA is supported only at the NetWare server. The MA is enabled by

loading the IPX Compatibility driver (scmd.nlm) with the Migration Agent
option. The Migration Agents are then used by the IP systems on the
network.If more than one MA is needed, all Migration Agents must be able to
access the same IPX networks or be able to exchange IPX network
information. Migration Agents exchange IPX network information by
invoking the IP Backbone Support feature, which is accomplished by loading
the scmd.nlm with the backbone support options.
34

103-000145-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Migration Agent Dependencies

To set up an MA, the Service Location Protocol must be enabled across the
networks, because Migration Agents are dependent on the capabilities of SLP.
Dynamic Discovery of Migration Agents by IP Systems

The IPX Compatibility drivers are capable of dynamically discovering
Migration Agents, but you can also choose to statically configure the address
of the MA if more control is desired.The IPX Compatibility driver will
discover an MA if it is in the same IP network, and will give preference to an
MA within the local IP subnet. The address of the MA must be specified in IP
systems that reside in different IP networks.The address of the MAcan be
configured either by manipulating the local configuration files or by
disseminating the information through DHCP.
Protocol Stack Options

The server and client connectivity capabilities are limited by the options
selected when systems are installed. Systems can be installed with the
following protocol options:
IP Only
IPX Only
IP and IPX
The protocol install option determines the binding between protocol stacks
and network adapters. It does not determine which protocol stacks are loaded
in the system. For example, if the IP option is selected, only the TCP/IP stack
is attached to the network adapter.
IP Install Option
Servers installed with IP alone have both the TCP/IP and the IPX stacks
loaded, but only the TCP/IP stack is bound to the network adapter. (Systems
installed with IP and IPX are configured to establish NCP connections over
either the TCP/IP stack or over the IPX stack.) Figure 5 on page 36 shows the
relationship between the protocol stacks when installing a system with IP only.
Planning

103-000145-001
August 30, 2001
Novell Confidential
35
Manual
Figure 5
99a
38
July 17, 2001
IP Only Architecture Diagram
Application APIs
SPX / IPX
NCP
TCP / IP
IPX Compatibility Driver
Network adapters
The IPX stack is loaded on systems installed with IP to give those systems the
ability to execute IPX applications and to connect with IPX systems through
a Migration Agent.
NetWare 6 servers installed with IP only have the following capabilities:
They can establish NCPTM connections with clients installed with one of
the install options that include IP.
They can establish NCP connections through a Migration Agent with preNetWare 6 clients (these clients support only NCP connections over IPX)
or with NetWare 6 clients installed with IPX.
They can execute IPX applications and communicate directly with other
NetWare 6 systems installed with IP.
They can execute IPX applications and communicate through a Migration
Agent with IPX nodes.
NetWare 6 clients installed with IP have the following capabilities:
They can establish NCP connections with servers installed with one of the
install options that include IP.
They can establish NCP connections through a Migration Agent with preNetWare 6 servers (these servers support only NCP connections over
IPX) or with NetWare 6 servers installed with IPX only.
36

103-000145-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NetWare 6 systems installed with IP.
Agent with IPX nodes.
IPX Install Option

These systems have the IPX stack loaded and may also have the TCP/IP stack
loaded. Systems installed with IPX only are configured to establish only NCP
connections over the IPX stack. Figure 6 shows the relationship between the
protocol stacks when a system is installed with IPX alone.
Figure 6
IPX Only Architecture Diagram
Application APIs
SPX / IPX
NCP
TCP / IP
(optional)
Network adapters
NetWare 6 servers installed with IPX have the following capabilities:

They can establish NCP connections with pre-NetWare 6 clients or with
NetWare 6 clients installed with one of the install options that include
IPX.
They can establish NCP connections through a Migration Agent with
NetWare 6 clients installed with IP.
IPX nodes.
Agent with NetWare 6 systems installed with IP.
Planning

103-000145-001
August 30, 2001
Novell Confidential
37
Manual
99a
38
July 17, 2001
NetWare 6 clients installed with IPX have the following capabilities:

They can establish NCP connections with pre-NetWare 6 servers or with
NetWare 6 servers installed with one of the install options that include
IPX.
NetWare 6 servers installed with IP.
IPX nodes.
IP and IPX Install Option

These systems have the TCP/IP and IPX stacks loaded. Systems installed with
both IP and IPX are configured to establish NCP connections either over the
TCP/IP stack or over the IPX stack. Figure 7 shows the relationship between
the protocol stacks when installing a system with IP and IPX.
Figure 7
IP and IPX Architecture Diagram
Application APIs
SPX / IPX
NCP
TCP / IP
Network adapters
NetWare servers installed with IP and IPX have the following capabilities:
They can establish NCP connections with pre-NetWare 6 clients or with
NetWare 6 clients without regard for the option used to install it.
IPX nodes.
Agent with NetWare 6 systems installed with IP alone.
38

103-000145-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NetWare clients installed with IP and IPX have the following capabilities:
They can establish NCP connections with pre-NetWare 6 servers or with
NetWare 6 servers installed with one of the install options that include
IPX.
They can establish NCP connections with NetWare 6 servers installed
with IP if the clients are able to obtain IP addresses for those servers.
NetWare 6 servers installed with IP if the clients are only able to obtain
IPX addresses for those servers.
IPX nodes.
Having a NetWare client installed with IP and IPX does not guarantee that the
client will be able to establish an NCP connection with a server installed with
IP without the use of a Migration Agent. The type of address obtained by the
client when trying to connect to a server determines the protocol stack utilized
to establish the connection. Applications that obtain address information from
the bindery will not be able to connect with servers installed with IP if there is
no Migration Agent installed, and if the client is installed with IP and IPX.
Notice that this problem does not exist if the client and the server are installed
with IP alone.
Servers Installed with MA, IPX and IP

The Migration Agent can be enabled only in a NetWare 6 server installed with
both IP and IPX. Figure 8 on page 40 shows the relationship between the
protocol stacks when installing a system with the MA enabled.
Planning

103-000145-001
August 30, 2001
Novell Confidential
39
Manual
Figure 8
99a
38
July 17, 2001
Migration Agent Architecture Diagram
Application APIs
SPX / IPX
NCP
TCP / IP
IPX Router
IPX Compatibility Driver

in Migration Agent Mode
Network adapters
Notice that the MA makes use of the IPX router present in the IPX stack to
route packets between the CMD network and the IPX networks.
NetWare 6 servers installed with the MA enabled are capable of
communicating directly with other systems without regard for the install
option used to install them. They are also capable of routing network traffic
between IP and IPX systems.
40

103-000145-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Setting Up
If you want to migrate from your existing IPX-based network to a NetWare
6 pure IP-based network, you should first read the Planning section. It
discusses Compatibility Mode Drivers (CMD) and Migration Agents (MA),
the building blocks needed to successfully migrate an IPXTM network to
NetWare 6 and pure IP.
Also discussed in the Planning section are the NetWare 6 server and client
installation options. You can install using IP only, IPX only, or IP and IPX.
The following section describes network scenarios that use the building
blocks discussed in Planning. Existing networks will likely be a subset or
superset of the examples presented. Regardless, once you understand how the
building blocks work together, you should be able to architect your own
migration strategy based on your unique network topology.
To install or upgrade a NetWare Server, see NetWare 6 Installation Guide.
To upgrade an existing server using IP only, see Migrating IPX to IP on page
41.
Migrating IPX to IP
There are many reasons to migrate from IPX to IP, but three of the most
important are discussed in the following sections. These sections describe
migration strategies that are effective in meeting the following goals.
Migrating to Obtain Internet Connectivity on page 42
Migrating to Cut IPX Administrative Costs on page 42
Migrating To Have an IP Only Network Eventually on page 52
Setting Up

103-000145-001
August 30, 2001
Novell Confidential
41
Manual
99a
38
July 17, 2001
Migrating to Obtain Internet Connectivity

To add Internet connectivity to NetWare systems, simply upgrade to
NetWare 6 using the IP and IPX option. This upgrade path requires
administration of both IP and IPX networking protocols.Those who choose
this migration path do not have to worry about setting up Migration Agents to
maintain connectivity as they upgrade their systems.
Migrating to Cut IPX Administrative Costs

To migrate networks from IPX to IP and maximize the return on your
investment, you will want to take advantage of the functionality provided by
the IPX Compatibility drivers and the Migration Agents. The IPX
Compatibility feature is critical in this scenario because it allows migration
without losing connectivity and without having to upgrade existing
applications.Administrators wanting to migrate networks using the IPX
Compatibility feature must understand that the IPX Compatibility drivers are
dependent upon the functions of SLP, and that there are costs associated with
setting up an SLP infrastructure. Additionally, setting up an SLP infrastructure
is an investment in the future because SLP is an emerging Internet standard
that will be leveraged by future applications and devices.When using the IPX
Compatibility feature to migrate, start the migration with the leaves of the
network and finish with the backbone of the network, or vice-versa. Complex
network environments are characterized by a backbone formed by a variety of
systems interconnected with a combination of WAN and LAN links. The
following topics describe three ways to migrate:
Migrating a Section of the Network on page 42
Migrating Leaf Networks First on page 44
Migrating the Backbone First on page 46
Migrating a Section of the Network

The steps below describe how to migrate a section of the network. To
complete this procedure successfully, the network section being migrated
must not be used to interconnect other sections of the network using IPX. The
following steps allow upgrading or installing clients and servers in a phased
manner without losing connectivity.
42

103-000145-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
1 Select and upgrade/install some servers to serve as Migration Agents in
the network section to be migrated.

2 Upgrade/Install all servers in the network section using the IP and IPX
option.
3 Upgrade/Install all clients in the network section using the IP only option.
4 Modify the configuration of the servers in the network section to be IP
only.
5 Turn off IPX networking between the selected section of the network and
the rest of the network.

The following figure shows how the steps above are applied in a sample
network.
Figure 9
Migrating a Section of the Network
WAN
link
Server A
Server B
Router
Client A
Client B
Client C
1 Upgrade Server A to NetWare 6 as a Migration Agent.

2 Upgrade Server B to NetWare 6 using the IP and IPX install option.
3 Upgrade Server B to NetWare 6 using the IP and IPX install option.
4 Unbind IPX from the network adapters in server B and load scmd.nlm.
Unbind IPX from the network adapters in server A and reload scmd.nlm
without the Migration Agent option.
5 Turn off IPX routing at the router.
Setting Up

103-000145-001
August 30, 2001
Novell Confidential
43
Manual
99a
38
July 17, 2001
Migrating Leaf Networks First

Migrating leaf networks first reduces the impact of the migration on the IPX
routing infrastructure of the network, and it allows the administrator to focus
efforts on specific sites. However, since the backbone is the last portion of the
network migrated, administrative costs may not be offset as quickly.
The steps below describe how to migrate a network from IPX to IP starting
with the leaf networks first.
1 Identify the nodes and links that form the backbone of the network.
2 Select and upgrade/install some servers in the backbone to serve as
Migration Agents.
3 Select the leaf portion of the network to be migrated. This may be a group
of segments connected to the backbone via a WAN link. Migrate the

selected portion of the network following the steps outlined in Migrating
a Section of the Network on page 42.
4 Repeat Step 3 until all networks connected to the backbone are migrated.
5 Migrate the backbone section using the steps outlined in Migrating a
Section of the Network on page 42.

network.
44

103-000145-001
August 30, 2001
Novell Confidential
Manual
Figure 10
99a
38
July 17, 2001
Migrating a Leaf of the Network First
Servers . . .
Clients . . .
Segment C
Servers . . .
WAN
link
WAN
link
Router B
Router C
Segment B
Se
Router A
Clients . . .
Servers . . .
Clients . . .
Segment A
Servers . . .
Clients . . .
1 Identify Segment C as the backbone.

2 Upgrade/Install two servers in Segment C as NetWare 6 Migration
Agents.
3 Upgrade/install servers in as NetWare 6 Migration Agents to minimize
performance degradation while these segments are being migrated.

4 Migrate Segment A and Segment B, following the steps outlined in
Migrating a Section of the Network on page 42.

5 Turn off IPX routing in routers A and B when all the nodes in the section
have been migrated to IP only.

6 Migrate Segments C and D following the steps outlined in Migrating a

Setting Up

103-000145-001
August 30, 2001
Novell Confidential
45
Manual
99a
38
July 17, 2001
Migrating the Backbone First

Migrating the backbone first alleviates administrative costs associated with
maintaining IPX over the backbone. This migration path requires the
following before IPX routing is disabled on the backbone:
Migration Agents at each of the segments connected to the backbone
Backbone Support feature enabled in the Migration Agents
Migration Agents with the Backbone Support feature enabled can
interconnect IPX segments by exchanging RIP and SAP information and by
routing encapsulated IPX datagrams.
The steps below describe how to migrate a network from IPX to IP starting
with the backbone first.
1 Identify the nodes and links that form the backbone of your network.
2 Select and upgrade/install some servers in each of the segments
connected to the backbone to serve as Migration Agents with the

Backbone Support feature enabled.
3 Migrate the backbone section using the steps outlined in Migrating a

4 Select a leaf portion of the network to migrate. This can be a group of
segments connected to the backbone via a WAN link. Migrate the selected
portion of the network following the steps outlined in Migrating a
5 Repeat Step 4 until all networks connected to the backbone are migrated.
network.
46

103-000145-001
August 30, 2001
Novell Confidential
Manual
Figure 11
99a
July 17, 2001
38
Migrating the Backbone First
Servers . . .
Clients . . .
Segment A
Router A
Servers . . .
Clients . . .
WAN
link
Segment B
WAN
link
WAN
link
Router B
Router C
Segment C
Segment D
Servers . . .
Clients . . .
Servers . . .
Clients . . .
1 Identify Segment B as the backbone.

2 Upgrade/Install one or two servers in segments A, C, and D as NetWare
6 Migration Agents with the Backbone Support feature enabled.Migrate

Segment B (the backbone segment) using the steps outlined in Migrating
a Section of the Network on page 42. Turn off IPX routing in routers A,
B, and C to complete the migration of Segment B. Migrate segments A,
C, and D using the steps outlined in Migrating a Section of the Network
on page 42.
Setting Up

103-000145-001
August 30, 2001
Novell Confidential
47
Manual
99a
38
July 17, 2001
Avoiding Inefficient Routing

The following two examples show problems that you can avoid by carefully
selecting the placement of Migration Agents in the network.
Example 1
The following figure shows a client installed as IP only in Segment C trying
to communicate with an IPX server in Segment A. The IPX server knows that
the client is part of the virtual CMD network and that Routers 1 and 2 present
equally efficient paths to the CMD network server (the Migration Agent
servers present the CMD network route to the routers attached to their network
segment).
Under this scenario, Server A might choose to route packets to Client A
through Router 1, resulting in the packets following the inefficient path shown
by the broken line in the figure.
Figure 12
Sample Network Setup for Example 1
IPX
Server A
Segment A
Router 1
Router 2
Segment B
Segment C
Migration
Agent 1
48
Migration
Agent 2
Client A
IP only

103-000145-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
The problem presented here could be solved by placing a Migration Agent in

Segment A as shown in the foloowing figure. The Migration Server would
then present to Server A the best route to the CMD network and the packets
from Server A to Client A would follow the path shown by the broken line.
Figure 13
IPX
Server A
Migration
Agent 3
Segment A
Router 1
Router 2
Segment B
Segm
Migration
Agent 1
Migration
Agent 2
Client A
IP only
Example 2
Figure 14 on page 50 shows segments A and B interconnected via a WAN link.
Nodes A and B want to communicate, but they can do so only through the
Migration Agent in Segment A. Under this scenario, packets sent between
Node A and Node B are forced to traverse the WAN link twice, as shown by
the broken line, resulting in poor performance.
Setting Up

103-000145-001
August 30, 2001
Novell Confidential
49
Manual
Figure 14
99a
38
July 17, 2001
Migration
Agent
Segment A
WAN
link
Router
Segment B
Client A
Client B
IP only
IPX only
The problem could be solved by placing a Migration Agent in Segment B as

shown in the following figure.
50

103-000145-001
August 30, 2001
Novell Confidential
Manual
Figure 15
99a
July 17, 2001
38
Migration
Agent
Segment A
WAN
link
Router
Segment B
Client A
IP only
Migration
Agent
Client B
IPX only
SAP/RIP Filters and the Migration Agent Backbone

Support Feature
If the Backbone Support feature of the Migration Agents is enabled, then the
SAP/RIP information exchange between these agents can bypass the SAP/RIP
filters that you might have set up in your routers. Refer to the Migration Agent
documentation to learn how to set up SAP/RIP filters using the Migration
Agents.
Placing of SLP Directory Agents

If you set up the SLP infrastructure using Directory agents, and if you rely on
the IPX Compatibility feature to accomplish the migration, you must place
Directory agents so as to minimize the round trip distance between the IP only
nodes and their closest Directory agent. This is necessary to avoid having IPX
applications timing out when they perform RIP or SAP requests.
Setting Up

103-000145-001
August 30, 2001
Novell Confidential
51
Manual
99a
38
July 17, 2001
Turning Off Microsoft IPX Networking

Clients might be set up to use Microsoft Networking over IPX and/or IP. If
clients are set up this way and you want to migrate them from IPX to IP, you
should first enable Microsoft Networking over TCP/IP and then disable
Microsoft Networking over IPX. This might be necessary to reduce the
demand on the services provided by the IPX Compatibility feature.
Migrating To Have an IP Only Network Eventually

Use this migration method when pure IP is desired but there is no immediate
need to remove IPX from the network.This migration path requires migration
of all applications from IPX to IP before IPX is disabled on the
network.Applications are considered IPX applications if they use the
interfaces provided by the IPX stack, or if they specify IPX addresses when
trying to establish NCP connections. The best way to identify IPX
applications is to run them on a test network on which IPX is absent (no IPX
stacks loaded). Many applications let you specify the networking protocol to
use when communicating.NetWare clients must be configured twice during
the course of the migration. The cost of modifying client configurations can
be minimized by taking advantage of the Automatic Client Upgrade feature
for Novell Clients and the Workstation Manager feature of NDS.If you later
discover that applications require IPX, you must switch to one of the other
migration strategies:
Migrating to Obtain Internet Connectivity (page 42)
Migrating to Cut IPX Administrative Costs (page 42)
Migrating from IPX to IP without Using the IPX

Compatibility Feature
The steps below describe how to migrate a network from IPX to IP without
relying on the IPX Compatibility feature.
1 Identify IPX applications and make sure that they can be configured/
upgraded/replaced to run over the TCP/IP stack.

2 Start upgrading/installing your servers and clients using the IP and IPX
option.
3 Start migrating applications from IPX to IP.
52

103-000145-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
4 Turn off IPX networking at the routers when all the IPX applications have
been migrated and all the NetWare servers and clients have been
upgraded/installed using the IP and IPX option.
5 Modify the configuration of the NetWare servers and clients to be IP only
servers and clients.
Configuring the Compatibility Mode

Compatibility Mode can be loaded in two different modes. When you enter the
command, SCMD.NLM, the product is loaded in Compatibility Mode Server
mode. To enable the Migration Agent (MA) use the /MA option.
Enabling the Migration Agent

By default, loading SCMD.NLM makes a server a simple Compatibility Mode
server. To force it to act as a Migration Agent, enter the following command:
Load Scmd.Nlm /ma
The Compatibility Mode will act as a Migration Agent which can

communicate and exchange details about connected Internetwork Packet
Exchange (IPX) service information with similar Migration Agents. This
facilitates connecting disconnected IPX segments across an IP backbone.
Changing the CMD Network Number

This option can be used when the SCMD.NLM is running either in the
Compatibility Mode Server or Migration Agent mode.
By default, the CMD IPX network number is set to FFFFFFFD. This can
either be changed through the Monitor screen or using the SET command line
parameter.
Set Cmd Network Number=XXXXXXX
The SCMD module must be loaded before changing the value. Subsequently,
unload and reload the module for the change to take effect permanently.
Optionally, the CMD network number can be changed dynamically while
loading the module. To do this, at the console prompt type:
Load Scmd /Net=XXXXXXX
IMPORTANT: In NetWare 4.11 this option changes the network number
temporarily. Once you unload and reload without specifying the /Net option, it will
reset to the original network number.
Setting Up

103-000145-001
August 30, 2001
Novell Confidential
53
Manual
99a
38
July 17, 2001
Setting the Preferred IP Address

If multiple IP interfaces are present in the server, you can set the preferred IP
address to be used by CMD. Enter the following command:
Set Preferred IP Address=XX.XX.XX.XX
This option can be used when the SCMD.NLM is running either in the
Compatibility Mode Server mode or Migration Agent mode.
Optionally, the Preferred IP address can be changed dynamically while
loading the module. To do so, at the console prompt type:
Load Scmd /PrefIP=XX.XX.XX.XX
Configuring the Preferred Migration Agent

The CMD server when configured on the network, will register itself with
Service Location Protocol (SLP) and register information about the Migration
Agents. It will query the SLP Server Agent or Directory Agent every five
minutes to refresh its records. CMD clients attached to this server can access
all the services that the server can access. This option can be used only when
SCMD.NLM is running in CMD Server mode.
If there are any Migration Agents available on the network, the CMD server
will discover the registered Migration Agent from the SLP database and
register it with the Migration Agent.
IPX services discovered by the Migration Agent are not registered with the
SLP database. The Migration Agent will initially register its own services with
SLP and get information about all the registered services. Once the CMD
server has registered with the Migration Agent, it will get updates from the
Migration Agent through a transfer.
The CMD server algorithm will discover the best Migration Agent registered
with SLP. However, you can statically set the list of Migration Agents by
typing:
Set Preferred Migration Agents List = IP Address/
You can specify a list of preferred migration agents which this node will be
using. The list should not exceed five, should be separated by semi-colons,
and end with a slash (/). For the changes to be effective, unload and reload the
SCMD.NLM.
54

103-000145-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Setting the SCMD.NLM to Provide IP Backbone Support

By default, IP Backbone is enabled when the SCMD.NLM is loaded using the
/MA option. Ensure the following:
Each IPX disconnected network has at least one Migration Agent running
SCMD.
All the Migration Agents should have NetWare Link Service Protocol
(NLSP) routing enabled and should have the same CMD network
number.
SLP visibility exists among all the Migration Agents.
User Datagram Protocol (UDP) communication (Port 2645) is enabled
between all the Migration Agents.
To check whether IP Backbone is working, enter the following command:
Display Servers
This command will display all the services of which the server is aware.
Configuring for SLP Independent Backbone Support

You can configure CMD not to be dependent on SLP to discover other
Migration Agents in the network. By default, the product uses SLP to discover
Migration Agents in the network. To make it SLP independent, enter the
following command at the console prompt:
Set No SLP Option = ON
When the product is operating in the SLP independent mode, you can set the
time for the Migration Agents to exchange discovery information with each
other. The default value is 10 minutes.
NOTE: The time set using this option will not affect the actual service and route
information exchange.
To set the communication time, enter the following command:

Set MA Communication Time = X minutes
The communication time should be the same for all the Migration Agents on
the network.
Setting Up

103-000145-001
August 30, 2001
Novell Confidential
55
Manual
99a
38
July 17, 2001
Optionally, you can load CMD in the SLP-independent mode and set the
communication time for the Migration Agents to communicate with each
other. To do so, at the console prompt type:
Load Scmd /Noslp /Synctime = X minutes
You can specify the Preferred Migration Agents which this node will be using.
To set the Preferred Migration Agent List, enter the following command:
Set Migration Agent List = IP Address/
This list should not exceed five, the IP addresses should be separated by a
semi-colon, and the list should end with a slash (/). Optionally, you can load
CMD specifying the preferred Migration Agents which this node will be
using. To do so, enter the following command at the console prompt:
Load Scmd /ma/ noslp /MAADDR=XX.XX.XX.XX;XX.XX.XX.XX/
Enable Filtering
You can configure the Migration Agent to filter some of the IPX services and/
or networks between two Migration Agents. This option can be used only
when SCMD.NLM is running in Migration Agent mode. Before using the
filtering option, run the FILTCFG utility to set the filters. Refer to the
FILTCFG documentation available at http://www.novell.com/documentation/
lg/nw5/docui/index.html.
To enable filtering, enter the following command:
Scmd /filter
Viewing the Migration Agent List

You can in identify the number of Migration Agents the CMD server knows
at any point. To view the information, enter the following command:
Scmd /MAList
Updating the Router Table

You can update the SAP and RIP information in the Router table using the
following command:
Scmd /Sync
The information will be gathered from the Migration Agents to which the
CMD server is connected, and the Router table will be updated. This option
can be used when the product is running in CMD server mode.
56

103-000145-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Viewing the CMD Server Statistics

You can use the statistics option to view the current status of the CMD server
or Migration Agent. Enter the following command to view the information on
the CMD information screen:
Scmd /stat
If you want the information to be sent to a file, enter the following command:
Scmd /stat [/Dump]
The information will be written in the CMDSTAT.DAT file in the SYS:\ETC\

directory.
You can use the /search option to list the names of the services the CMD server
or the Migration Agent have located. You can also search for the net number
of the CMD server or Migration Agent. Enter the following command:
Scmd /search [NAME=service name] [NET=net number] [/Dump]
The parameter service name can take one of the following values:
The wildcard *, which will locate all the services in the network
The exact name of the service, for example BLR-ENGR3
The name followed by an asterisk (*), for example BLR*
For the parameter net number you can enter FFFFFFF to list all the services
in the network, or you can enter the matching net number.
Supporting the Network Address Translator

Network Address Translation (NAT) provides a transparent routing solution
using the hosts in a private network that can access an external network and
vice versa. IP address translation is required when a network's internal address
cannot be used outside the network either for reasons of privacy or because the
IP addresses are invalid for use outside the network. Since CMD packets have
IP addresses inside their payload, IP address translation cannot work over
NAT without this feature.
The following diagram is an example on how NAT support can be
implemented. The CMD network spreads across the intranet (which uses the
private addressing scheme) and Internet (which uses the public addressing
scheme). A network with NAT enabled at its border is called a private realm.
The network may or may not use private IP addresses. The Internet is called a
Setting Up

103-000145-001
August 30, 2001
Novell Confidential
57
Manual
99a
July 17, 2001
38
public realm. A realm should be assigned a unique name. The next figure
depicts two private routing realms, BLR and Provo, connected by a public
realm to the Internet. To enable CMD communication between BLR and
Provo, use the options mentioned in Configuring CMD to Support NAT on
page 59.
Figure 16
Two private routing realms, BLR and Provo, connected by a public realm to the Internet
Pb-CMD-Clnt
201.1.1.3
Pb-MA
201.1.1.2
201.1.1.1
Internet
NAT Router
172.16.1.1
NAT Router
10.1.1.1
137.65.2.1
Prv-CMD1
172.16.1.4
NAT Realm:
NAT Realm:
Provo
Blr
Prv-MA
172.16.1.2
58
Blr-CM
10.
193.97.92.1
Prv-CMD-Clnt1
172.16.1.3
Blr-MA
10.1.1.2

103-000145-001
August 30, 2001
Novell Confidential
Blr-CMD
10.1.1.3
Manual
99a
38
July 17, 2001
A sample configuration for a section of the network is given below:

Prv-MA
Blr-CMD
PB-CMD-CLNT
NAT realm = Provo
NAT Realm = Blr
Preferred MA List = 172.16.1.2

201.1.1.2
Public IP Address = 137.65.2.2
Public IP Address = 193.97.54.3
NA
Public IP Subnet = 255.255.0.0
Public IP Subnet = 255.255.255.0 NA
Local client number = 172.16.0.0/ Local client number = 0.0.0.0/
NA
The NAT support feature cannot be used when CMD is running in SLPindependent mode. The CMD to MA communication across NAT is not
supported. We recommend that the CMD should be loaded as an MA for such
a communication to happen.
Configuring CMD to Support NAT
To enable the NAT support feature through the SET command, enter the
following command:
Set Cmd Nat Support Option = ON
If SCMD.NLM is running, unload and load the NLM for the changes to be
effective.
To configure CMD to support NAT, as a load line command, enter:
scmd /ma /nat;Public IP Address;Public IP Subnet;Nat Realm
Name;Local IP Network no.1;...Local IP Network no.n /
The load line command is equivalent to using the SET command options given
below. The parameters are explained in NAT Support Configuration
Parameters on page 60.
If the MA is in a public realm, enter the following command to support NAT:
scmd /ma /nat
Here, parameters like Public Address, Private IP Subnet, etc., will be assigned
default values.
Setting Up

103-000145-001
August 30, 2001
Novell Confidential
59
Manual
99a
38
July 17, 2001
You can also use the SET command to configure the CMD for NAT support.
These options are listed below. To assign the public IP address, enter the
following command:
Set Public IP Address = XX.XX.XX.XX
To assign the public IP subnet, enter the following command:

Set Public IP Subnet = XX.XX.XX.XX
To assign the NAT realm, enter the following command:

Set NAT Realm Name = "string"
To assign the local clients IP network numbers, enter the following command:
Set Local Clients IP NetNumber List =
XX.XX.XX.XX;XX.XX.XX.XX/
NAT Support Configuration Parameters
Public IP Address
This is the IP address assigned by the NAT device to a server. Enter the value
in dotted decimal format. By default, the value is set to "0.0.0.0". The public
address is a unique global IP address that is statically configured in the NAT
router.
Public IP Subnet
This is the subnet number of the public IP address assigned by the NAT device
to a server. Enter the value in dotted decimal format. By default, the value is
set to "0.0.0.0".
NAT Realm
This is a realm identifier given to a private routing realm. Enter a string (not
exceeding 30 characters). By default, the value is set to "NONE". The name
should be unique for all private realms.
Local IP Network no.1...Local IP Network no.n
These are a list of IP clients network numbers. Enter the value in dotted
decimal format ; separate each network number by a semi-colon. These
network numbers correspond to clients on the private realm of the CMD
server. You need to specify network numbers of local CMD clients when
CMD clients on the public network are statically pointng to CMD servers or
MAs in the private realm to avoid any errors. If no CMD clients in the public
network are pointing to CMD servers or MAs in the private realm, it is not
necessary to set this parameter.
60

103-000145-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Troubleshooting the NAT Support Feature
If the NAT support feature is not working, check whether:

The Service Location Protocol Directory Agent (SLPDA) has been
loaded on one server and pointed to by all the servers that need to
communicate using NAT.
The NAT router public interface has been set to RIP Receive Only.
All clients in the private realm are pointing to a private interface of the
NAT router.
Default routers are specified on servers.
Set the value for NAT Dynamic mode to pass through to "ON". Also, use
display SLP services to see if the services are visible on both sides of the NAT
router.
Setting Up

103-000145-001
August 30, 2001
Novell Confidential
61
Manual
62
99a
38

103-000145-001
August 30, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
Optimizing
Once your network is running, the protocols associated with IP and IPXTM are
largely responsible for auto-tuning themselves based on network conditions.
There are, however, some settings that you can change to further optimize the
way your server receives and forwards packets. See the following topics:
Using Large Internet Packets on page 63
Using Packet Burst on page 64
Increasing Maximum and Minimum Packet Receive Buffers on page
65
Using Large Internet Packets

Large Internet Packet (LIP) functionality allows the maximum size of
internetwork packets to be increased. (Formerly, the maximum size was 576
bytes.)
In NetWare versions earlier than 4.11, the workstation initiated a negotiation
with the NetWare server to determine an acceptable packet size. If, during this
negotiation, the server detected a router between it and the station, the server
limited the maximum packet size to 576 bytes.
However, some network architecture, such as Ethernet and Token ring, can
support packets larger than 576 bytes. Thus LIP allows the workstation to
determine the packet size based on the maximum size supported by the router.
To implement LIP functionality for a Windows 95/98 or Windows NT
workstation, do the following:
1 Click Start > Settings > Control Panel > Network > NetWare Client >
Properties.
2 On the Advanced Settings tab, select Large Internet Packets and click
ON.
Optimizing

103-000145-001
August 30, 2001
Novell Confidential
63
Manual
99a
38
July 17, 2001
3 Click Large Internet Packet Start Size and enter the size.
4 Click OK.
Using Packet Burst

The Packet BurstTM protocol speeds the transfer of NCPTM data between a
workstation and a NetWare server by eliminating the need to sequence and
acknowledge each packet. With Packet Burst protocol, the server or
workstation can send a whole set (burst) of packets before it requires an
acknowledgment.
Figure 17
Packet Burst Protocol
Without Packet Burst

Packet 1 sent
Packet 1 acknowledged
Client
Packet 2 sent
NetWare
server
Packet 2 acknowledged
With Packet Burst

First burst of packets sent
Acknowledged
Client
Second burst of packets sent
NetWare
server
Acknowledged
By allowing multiple packets to be acknowledged, Packet Burst protocol

reduces network traffic.
Packet Burst protocol also monitors dropped packets and retransmits only the
missing packets.
NOTE: NetWare doesn't require an NLMTM to enable Packet Burst at the server.
64

103-000145-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
For workstations to send and receive Packet Burst data, you must enable
Packet Burst under the NetWare DOS Requester (for DOS or Windows 3.x) or
under the Novell Client Properties, Advanced Settings (for Windows 95 or
Windows NT).
For the procedures, see the help files associated with your client software.
When Packet Burst-enabled servers or workstations transfer data to servers or
workstations that don't have Packet Burst enabled, the data defaults to normal
NCP mode (one-request/one-response).
Increasing Maximum and Minimum Packet Receive

Buffers
Packet receive buffers (also called communication buffers) store incoming
data packets until they can be processed by the server.
The operating system allocates a minimum number of packet receive buffers
as soon as the server boots. The minimum number is specified by the
Minimum Packet Receive Buffers server parameter.
A maximum number of packet receive buffers is specified by the Maximum
Packet Receive Buffers server parameter.
To determine how many buffers the server is currently allocating, refer to the
Packet Receive Buffer value in the General Information window of
MONITOR.
Increasing the Maximum Number of Packet Receive Buffers

If the server is slowing down and losing workstation connections, it might be
running out of packet receive buffers. In this case, you can increase the
Maximum Number of Packet Receive Buffers.
The General Information window of MONITOR displays the total number of
packet receive buffers that are currently allocated.
1 From MONITOR's Available Options, select Server Parameters >
Communications.
A list of Communications Parameters is displayed in the upper window.
The scroll thumb on the right of the window indicates that you can use the
arrow keys to scroll the list.
NOTE: You can also use the SET command to set comunications parameters at
the server console prompt. See Reference > Utilities Reference > Utilities > SET.
Optimizing

103-000145-001
August 30, 2001
Novell Confidential
65
Manual
99a
38
July 17, 2001
2 Scroll down the Communications Parameters list.

3 Select Maximum Packet Receive Buffers.
4 Increase the value of this parameter and press Enter.
A good guideline is to set this value to twice the size of the Minimum
Packet Receive Buffer value. The changed value is now persistent.
For additional suggestions, see the discussion of the Maximum Packet
Receive Buffer parameter in SET Communication Parameters.
Increasing the Minimum Number of Packet Receive Buffers

Use the following procedure to increase the minimum number of packet
receive buffers if the allocated number is higher than 10 and the server doesn't
respond immediately after starting.
1 From MONITOR's Available Options, select Server Parameters >
Communications.
A list of Communications Parameters is displayed in the upper window.
The scroll thumb on the right of the window indicates that you can use the
arrow keys to scroll the list.
NOTE: You can also use the SET command to change parameter values at the
server console prompt. See Reference > Utilities Reference > Utilities > SET.
2 Scroll down the Communications Parameters list.

3 Choose Minimum Packet Receive Buffers.
4 Increase the value of this parameter.
A good guideline is to allocate at least two packet receive buffers for each
workstation connection. The changed value is now persistent.
For additional suggestions, see the discussion of the Minimum Packet
Receive Buffer parameter in SET Communication Parameters.
NOTE: The Minimum Packet Receive Buffers value should be smaller than the
Maximum Packet Receive Buffers value. If it is greater than the maximum value,
the system changes the maximum value to match the minimum value.
66

103-000145-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Managing
Once your network is running, network communications management
involves maintaining the physical connections between machines and
maintaining the drivers that communicate with the network board. To use a
network board, the LAN driver must be bound to the board. The following
topics describe the procedures used to maintain communications between
servers:
Overview of Loading and Binding LAN Drivers on page 67
Loading and Binding LAN Drivers on page 68
Unbinding and Unloading LAN Drivers on page 70
Using Logical Boards on page 71
Removing Network Boards on page 72
Resetting Network Boards on page 73
For ways to prevent physical communication problems, see Preventing
Cabling Problems on page 74.
Overview of Loading and Binding LAN Drivers

After you add a network board to your NetWare server, you must load the
corresponding LAN driver. LAN drivers have .lan extensions.
When you load the LAN driver, you must specify one or more frame types for
the driver. Loading a LAN driver establishes a network connection (if the
server is physically connected to the network cabling). The frame type
specifies how packets will be formatted for transmission across the network.
You can load more than one frame type with each driver.
Managing

103-000145-001
August 30, 2001
Novell Confidential
67
Manual
99a
38
July 17, 2001
Once the LAN driver is loaded, you must bind the LAN driver to a
communication protocol. Binding a LAN driver assigns a network
communication protocol to the driver and the network board. Without a
protocol, the LAN driver can't process packets, and workstations attached to
the cabling scheme from that board can't log in.
The protocol is actually bound to a protocol ID (PID) that is part of a frame
type. Because a frame type can have multiple PIDs, you can bind one LAN
driver and one frame type to multiple protocols. You can also bind the same
protocol to more than one LAN driver.
To load and bind LAN drivers, you can use
NWCONFIG NLMTM
LOAD and BIND commands
If you know the parameters required by the communication protocol, you
can use the LOAD and BIND commands to load and bind LAN drivers at
the server command line. For more information, see BIND and LOAD in
Loading and Binding LAN Drivers

When you bind the IPXTM protocol to a board, you specify the cabling
scheme's IPX external network number.
The IPX external network number is a hexadecimal number. This number
must be the same for all boards cabled together that use the same frame type.
The IPX external number must be different from the number used by boards
of other frame types and must be different from the addresses of other cabling
systems on the network. The cabling scheme's IPX external network number
must also be different from the internal network address for any node on the
network.
The following procedure explains how to use NWCONFIG to load a LAN
driver and bind a protocol.
[LOAD] NWCONFIG
2 Select Driver Options > Configure Network Drivers.
68

103-000145-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
3 If you want NetWare to automatically detect all the drivers that are
compatible with your network boards, select Discover and Load

Additional Drivers; otherwise, skip to Step 5.
NetWare automatically finds the parameter values for the driver, loads the
driver with the parameters, and then discovers the IPX protocol for the
frame type supported for the driver.
NetWare then displays the IPX internal and external network addresses in
a confirmation box.
NOTE: In machines with PCI buses and sometimes in machines with EISA
hardware, NWCONFIG might not detect all the drivers associated with the LAN
adapters. In other cases, NWCONFIG might find more than one compatible driver
for an adapter. When this happens, NWCONFIG displays a message listing the
hardware. The message prompts you to press Enter to see a list of all available
drivers for the hardware. Press Enter, then Go to Step 6.
4 Confirm the addresses.
After you confirm the addresses, NetWare binds the protocol to the driver.
If you want to load additional drivers that are not autodetected, continue
with Step 5.
5 To select a driver from all the available drivers, choose Select an
Additional Driver.
The screen displays a list of all available drivers.
6 Select the driver you want to load, or, if the driver is not on the list, press
<Insert>.
If you press <Insert> to load an unlisted driver, follow the screen prompts.
If you select a listed driver, continue with Step 7.
NOTE: For some drivers, a message might appear indicating that the driver must
be loaded manually (at the console prompt). To load a driver manually, follow the
screen prompts or press <F1> for more information.
7 Choose Select/Modify Driver Parameters.
The screen displays a window where you can set values for driver
parameters. Depending on the driver you selected, a window containing
protocol options might also be displayed. The cursor is active in the
protocol options window, if it is displayed.
8 If the window containing protocol choices is displayed, check the
protocol you want to use.

9 If you checked TCP/IP, enter the IP address and the IP mask.
Managing

103-000145-001
August 30, 2001
Novell Confidential
69
Manual
99a
38
July 17, 2001
10 Use the down arrow key to move the cursor to the parameter window;
enter parameter values as needed.

Press <F1> for help if necessary.
In some cases, the system displays a pop-up list of values for the field
from which you select the desired value. In other cases, you must type in
a value and press <Enter> to move to the next field.
You can also specify a specific frame type if desired. If you do not specify
a particular frame type, all frame types are loaded automatically, but only
those found on the network are actually bound to the driver.
11 (Optional) To specify a particular frame type for an Ethernet driver, press
<F3> to display a list of frame types. Use the arrow keys to move up and
down the list. Press <Enter> to select a frame type. When finished, press
<Esc>.
12 When finished, press <F10> to save the values and exit the window.
The system loads the LAN driver and then displays a confirmation
window containing the command line to bind the protocol with the
specified frame type.
At this point, you can either confirm binding of the protocol with the
specified frame type or change the frame type.
13 To bind the protocol, press <Enter>. To display the command line with a
different frame type, press <F3>, then press <Enter> when the desired
frame type is displayed.
NWCONFIG automatically places the LOAD and BIND commands in the
autoexec.ncf file.
Unbinding and Unloading LAN Drivers

To remove a communication protocol from a board and driver, you can use the
UNBIND console command. If you have loaded the driver more than once,
specify the board you want to unbind. See UNBIND in Utilities Reference.
When the protocol is unbound, users attached to the cabling scheme of the
board can't log in. If users are already logged in, they receive a message when
they attempt to access the server.
To unload a LAN driver, use the UNLOAD command or NWCONFIG. See
NWCONFIGUNLOAD in Utilities Reference.
70

103-000145-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Using Logical Boards

A LAN driver can be loaded with multiple frame types. Each instance of a
LAN driver and an associated frame type is one logical board. Therefore,
while there might be only one physical network board in the server with one
LAN driver, there can be multiple logical boards.
For example, if your server contains an NE2000TM board, you can load the
NE2000 LAN driver with frame types Ethernet_802.2 and Ethernet_II. In this
situation there is one physical board and one LAN driver, but there are two
logical boards.
In older versions of NetWare, you could not unload individual logical boards.
To remove a particular logical board, you had to unload the LAN driver, which
in turn deactivated all network adapters associated with the LAN driver, and
also unloaded all the frame types associated with the driver. You then had to
reload the driver for each board you wanted to use and each frame type you
wanted to keep. On large networks this process was extremely time
consuming.
In NetWare, you can now unload, shut down, and reset individual logical
boards, and also remove or reset individual adapters associated with a LAN
driver.
Unloading Logical Boards

1 Determine the logical board number or name.
A name can be assigned to a logical board when the board is loaded with
the LOAD command. If no name was assigned to the board, you can
determine the logical board number by using MONITOR.
1a At the server console prompt, load MONITOR.
1b Select LAN/WAN Drivers and highlight the desired LAN driver.
A screen is displayed containing the logical board numbers and other

data associated with the driver. Note the logical board number you
want to unload.
2 Enter the following at the server console prompt:
REMOVE NETWORK INTERFACE board_number | board_name
Specify either the logical board number or the board name. NetWare
unloads the logical board and deletes its resources.
Managing

103-000145-001
August 30, 2001
Novell Confidential
71
Manual
99a
38
July 17, 2001
Shutting Down and Resetting Logical Boards

You can shut down a logical board without removing its resources. In this
case, you can restart the board, if needed, without reloading and binding the
LAN driver.
1 Determine the logical board number or name.
A name can be assigned to a logical board when the board is loaded using
the LOAD command. If no name was assigned to the board, you can
determine the logical board number by using MONITOR.
A screen is displayed containing logical board numbers and other

data associated with the driver. Note the logical board number you
want.
SHUTDOWN NETWORK INTERFACE board_number | board_name
Specify either the logical board number or the board name.

3 To restart the logical board, enter the following at the server console
prompt:
RESET NETWORK INTERFACE board_number | board_name
NOTE: Resetting the logical board does not reset the network board.
Removing Network Boards

If you want to remove a network board and there is only one instance of the
board in the server, you can simply unload the LAN driver and physically
remove the board. Unloading the LAN driver releases the memory resources
used by the board and driver. See UNLOAD in Utilities Reference.
However, if you have several boards of the same kind in the server, and you
want to remove just one, removing the LAN driver would disable all the
boards. You would then have to reload and bind the LAN driver for each board
that remained in the server.
Use the following procedure to unload one board while keeping other boards
of the same type enabled.
72

103-000145-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
1 Determine the filename and the instance number for the board you want
to remove.
The filename is the name of the LAN driver, such as ne2000.lan.
The board instance number is the number of the board if there is more
than one board of the same type installed in the server.
A screen displays the instance number and other data for boards
associated with the driver. Note the instance number for the board
you want to remove.
REMOVE NETWORK ADAPTER filename,
[board_instance_number]
The network driver and its resources are deleted.
Resetting Network Boards

WARNING: Resetting a network board stops whatever work the board is doing
and resets it to a clean state.
Network boards will reset themselves automatically if something goes wrong.

About one reset a day is normal. A great number of resets, such as one reset a
minute, usually indicates a hardware problem.
Resets are included in the LAN statistics displayed in MONITOR.
Sometimes it is useful to reset a board manually if you suspect a problem with
the hardware. Resetting the network board also resets the logical boards
associated with the network board. (But resetting the logical board does not
reset the network board). Use the following procedure to reset a board.
1 Determine the filename and the instance number for the board you want
to reset.
The filename is the name of the LAN driver, such as ne2000.lan.
The board instance number is the number of the board if there is more
than one board of the same type installed in the server. If there is only one
instance of the board, you do not need the board instance number.
Managing

103-000145-001
August 30, 2001
Novell Confidential
73
Manual
99a
38
July 17, 2001
A screen displays the instance numbers and other data for boards
associated with the driver. Note the instance number for the board
you want to remove.
RESET NETWORK ADAPTER filename,
[board_instance_number]
Include the board instance number only if there are multiple instances of
the same adapter in the server.
Preventing Cabling Problems

Use the proper cabling for your network topology as specified by IEEE.
Make sure cable segments do not exceed the recommended lengths.
Make sure cable segments are properly terminated for the type of cabling
being used.
Make sure terminators and in-line cable connectors are working properly.
If you are not sure whether a terminator or connector is working properly,
replace it. If the new components work properly, discard the old ones.
Make sure there are no breaks in the cable or shield. Use a time delay
reflectometer (TDR), a LANalyzer, or a volt ohm meter (VOM) to test
cabling for breaks in the cable conductor or shield.
Make sure cabling is routed away from devices that produce high electric
or magnetic fields, such as fluorescent lights, microwaves, radar, X-rays,
copy machines, etc.
74

103-000145-001
August 30, 2001
Novell Confidential
TCP/IP Administration Guide
Novell
NetWare 6
www.novell.com
TCP/IP
August 30, 2001

Novell Confidential
Manual
Rev 99a
18 April 00
27
Contents
About This Guide
Understanding
11
The TCP/IP Suite of Protocols . . . . . . . . .

Overview of TCP/IP Protocol Usage . . . . . .
Transport Layer Protocols . . . . . . . . . . .
UDP. . . . . . . . . . . . . . . . . . . . .
TCP . . . . . . . . . . . . . . . . . . . . .
Internet Protocol . . . . . . . . . . . . . . . .
Path Maximum Transfer Unit . . . . . . . .
Assigning IP Network Addresses . . . . . . .
Historic IP Address Classes . . . . . . . .
Identifying Network Classes . . . . . . . .
Selecting an Appropriate Address Class . .
Reserved IP Addresses . . . . . . . . . .
Physical and IP Addresses. . . . . . . . . . .
IP Address to Physical Address Translation
Creating Subnets. . . . . . . . . . . . . . . .
Subnet Addresses and Masks . . . . . . .
Subnet Zero . . . . . . . . . . . . . . . .
Variable Size Subnets . . . . . . . . . . .
Assigning Subnet Addresses . . . . . . . .
Broadcast Addresses . . . . . . . . . . . .
Multicast Addresses . . . . . . . . . . . .
Routing . . . . . . . . . . . . . . . . . . . . .
Error and Control Messages . . . . . . . . . .
Router Discovery Protocol . . . . . . . . . . .
Router Discovery Messages . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Novell TCP/IP
11
13
15
16
17
18
19
21
22
24
25
25
26
26
28
29
32
32
33
34
34
35
37
37
38
39
Selective Acknowledgement . . . . . . .
Large Windows. . . . . . . . . . . . . .
TCP Defend Fin Attack. . . . . . . . . .
Classless IP Addresses . . . . . . . . .
Multihoming . . . . . . . . . . . . . . .
Load Balancing and Fault Tolerance .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Contents
NetWare TCP/IP Administration Guide

103-000151-001
August 30, 2001
Novell Confidential
40
40
41
41
41
42
Manual
Multiple Default Gateway . . . . . . . . . . . . .

Dead Gateway Detection . . . . . . . . . . . . .
Probe Interval . . . . . . . . . . . . . . . . .
Probe Timeout . . . . . . . . . . . . . . . . .
Path MTU Black Hole Detection and Recovery . .
Provision of Non-ARPable Secondary IP Address
.
.
.
.
.
.
18 April 00
27
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Configuring Boards . . . . . . . . . . . . . . . . . . . . .
Loading INETCFG . . . . . . . . . . . . . . . . . . . .
Configuring a LAN Board . . . . . . . . . . . . . . . .
Adding a New Board Driver or NLM File to Your System
Enabling or Disabling a LAN Board . . . . . . . . . . .
Deleting a LAN Board . . . . . . . . . . . . . . . . . .
Enabling TCP/IP . . . . . . . . . . . . . . . . . . . . . . .
Binding Protocols . . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Setting Up
43
43
44
44
44
45
47
SET Parameters
47
48
48
50
50
51
51
52
53
Configuration Using SET Options . . . . . . . . .

ARP Cache Stale Timeout . . . . . . . . . . .
ARP Cache Update Timeout. . . . . . . . . .
BSD Socket Default Buffer Size . . . . . . . .
Discard Oversized Ping Packets. . . . . . . .
Discard Oversized UDP Packets . . . . . . .
IP Address Duplicates . . . . . . . . . . . . .
Large Windows . . . . . . . . . . . . . . . .
Largest Ping Packet Size . . . . . . . . . . .
Largest UDP Packet Size . . . . . . . . . . .
Maximum Packet Receive Buffers . . . . . . .
Maximum Pending TCP Connection Requests
Minimum Packet Receive Buffers . . . . . . .
Path MTU Black Hole Detection and Recovery
Selective Acknowledgement . . . . . . . . . .
TCP Diagnostic Services . . . . . . . . . . .
TCP Defend Fin Attacks . . . . . . . . . . . .
TCP Defend Land Attacks . . . . . . . . . . .
TCP Defend SYN Attacks . . . . . . . . . . .
TCP IP Maximum Small ECBs. . . . . . . . .
TOS Value . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
Rev 99a
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Configuring RIP . . . . . . . . . . . . . . . . . . . . . . . .
Configuring OSPF . . . . . . . . . . . . . . . . . . . . . . .
Basic OSPF Configuration . . . . . . . . . . . . . . . . .
Advanced OSPF Configuration . . . . . . . . . . . . . .
Configuring Load Sharing over Equal-Cost OSPF Routes
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Protocols
53
53
54
54
54
54
55
55
55
55
56
56
56
57
57
57
57
58
58
58
58
59

103-000151-001
August 30, 2001
Novell Confidential
60
63
65
66
68
Manual
Rev 99a
Configuring Static Routes for LANs . . . . . . . . . . . . . . . .

How to Configure a LAN Static Route . . . . . . . . . . . . .
Configuring a Default Gateway (LAN Static Route) . . . . . .
Comparing Different Default Gateway Configuration Methods .
Enabling Dead Gateway Detection . . . . . . . . . . . . . . .
Configuring Dead Gateway Detection . . . . . . . . . . . . .
Configuring Load Balancing . . . . . . . . . . . . . . . . . . . .
Configuring Fault Tolerance . . . . . . . . . . . . . . . . . . . .
Configuring Router Discovery . . . . . . . . . . . . . . . . . . .
Configuring Type of Service (TOS) . . . . . . . . . . . . . . . .
Enabling TOS. . . . . . . . . . . . . . . . . . . . . . . . . .
Assigning a TOS Value . . . . . . . . . . . . . . . . . . . . .
Configuring ARP . . . . . . . . . . . . . . . . . . . . . . . . . .
Disabling ARP . . . . . . . . . . . . . . . . . . . . . . . . .
Enabling Proxy ARP . . . . . . . . . . . . . . . . . . . . . .
Enabling ARP Timer . . . . . . . . . . . . . . . . . . . . . .
Configuring ARP Cache Update Timeout . . . . . . . . . . .
Configuring ARP Cache Stale Timeout. . . . . . . . . . . . .
Configuring Directed Broadcast Forwarding . . . . . . . . . . . .
Enabling Directed Broadcast Forwarding. . . . . . . . . . . .
Configuring Source Route Packet Forwarding . . . . . . . . . . .
Configuring BOOTP Forwarding . . . . . . . . . . . . . . . . . .
Configuring EGP . . . . . . . . . . . . . . . . . . . . . . . . . .
Configuring Multiple Logical Interfaces. . . . . . . . . . . . . . .
Merging Two Networks When the Connecting Router Fails . .
Reassigning IP Addresses . . . . . . . . . . . . . . . . . . .
Adding New Nodes to a Full Subnet . . . . . . . . . . . . . .
Configuring a Secondary IP Address . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Managing
69
69
71
73
74
74
75
75
76
77
77
77
78
79
80
80
80
81
81
81
82
82
83
84
85
86
86
86
89
Using the TCPCON Utility . . . . . . . . . . . . . . . . . .

Viewing TCP/IP Configuration Information . . . . . . . . . .
Determining Whether a Remote TCP/IP Node Is Reachable
Monitoring Error Counters . . . . . . . . . . . . . . . . . .
Monitoring TCP/IP Information . . . . . . . . . . . . . . . .
Checking the TCP/IP Routing Table . . . . . . . . . . .
Monitoring the Configured TCP/IP Protocols . . . . . . .
18 April 00
27
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Troubleshooting
89
90
91
91
92
92
92
93
Troubleshooting Tools . . . . . . . . . . . . . . . . . .
Troubleshooting Checkpoints . . . . . . . . . . . . . .
Common Problems. . . . . . . . . . . . . . . . . . . .
LAN Connectivity Problems . . . . . . . . . . . . .
Router Cannot Ping a Remote Router or the Internet
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Contents

103-000151-001
August 30, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
93
94
95
96
98
Manual
Rev 99a
Routing Table Maintenance Problems . . . . . . . . . . . . . . . . .

IP Address Duplication across Machines . . . . . . . . . . . . . .
Server Not Responding under Heavy Stress Conditions . . . . . . .
Load Not Balanced across NICs although LB is enabled in INETCFG
Network Traffic Is Not Balanced across NICs . . . . . . . . . . . . .
Losing INETCFG Configuration Information upon Rebooting . . . . .
Loss of Secondary IP Address upon Deleting Any Binding . . . . . .
18 April 00
27
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Planning
98
100
100
100
101
101
101
103
Configuration Decisions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103
TCP/IP Database Files

Configuring Database Files
HOSTS File . . . . . .
NETWORKS File . . .
PROTOCOL File . . . .
SERVICES File . . . .
107
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

103-000151-001
August 30, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
107
108
109
110
111
Manual
99a
38
July 17, 2001
About This Guide

This guide provides the information you need to configure and manage the
Novell TCP/IP networking software. In addition to planning information,
this guide provides troubleshooting tips, techniques, and tools, as well as the
symptoms of and solutions to commonly occurring problems with the TCP/IP
components.
About This Guide

103-000151-001
August 30, 2001
Novell Confidential
Manual
10
99a

103-000151-001
August 30, 2001
Novell Confidential
38
July 17, 2001
Manual
99a
38
July 17, 2001
Understanding
This chapter introduces TCP/IP and provides an overview of the TCP/IP suite
of protocols.
The following are discussed here:
The TCP/IP Suite of Protocols on page 11
Overview of TCP/IP Protocol Usage on page 13
Transport Layer Protocols on page 15
Internet Protocol on page 18
Assigning IP Network Addresses on page 21
Physical and IP Addresses on page 26
Creating Subnets on page 28
Routing on page 35
Error and Control Messages on page 37
Router Discovery Protocol on page 37
The TCP/IP Suite of Protocols

The protocols in the TCP/IP suite roughly correspond to a network
communications model defined by the International Organization for
Standardization (ISO). This model is called the Open Systems Interconnection
(OSI) reference model. The OSI model describes an ideal computer network
system in which communication on the network occurs between processes at
discrete and identifiable layers. Each layer on a given host provides services
to the layers above it and receives services from the layers below it. Figure 1
Understanding

103-000151-001
August 30, 2001
Novell Confidential
11
Manual
99a
July 17, 2001
38
illustrates the seven layers of the OSI reference model, as defined by ISO, and
the roughly corresponding layers of the TCP/IP protocol suite.
Figure 1
OSI Reference Model
TCP/IP Protocol Suite
OSI Reference Model

Layer
Function
Application
Presentation
Session
Transport
Network
Data Link
Physical
Protocol
FTP
TELNET
SMTP
SNMP
DNS
UDP
TCP
RIP
ICMP
IP
OSPF
RARP
ARP
Ethernet
Token
Ring
EGP
Other
Media
The layering system allows the developers to concentrate their efforts on the
functions in a given layer. It is not necessary for designers to create all the
mechanisms to send information across the network. They have to know only
what services the software needs to provide to the layer above it, what services
the layers below it can provide to the software, and which protocols in the
suite provide those services.
Table 1 lists some of the more common protocols in the TCP/IP suite and the
services they provide.
Table 1
12
TCP/IP Protocols
Protocol
Service
Internet Protocol (IP)
Provides packet delivery services (routing)

between nodes.
Internet Control Message

Protocol (ICMP)
Provides transmission of error and control

messages between hosts and routers.

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Protocol
Service
Address Resolution Protocol

(ARP)
Maps IP addresses to physical addresses.
Transmission Control Protocol

(TCP)
Provides reliable data-stream delivery service

between end nodes.
User Datagram Protocol (UDP)
Provides unreliable datagram delivery service

between end nodes.
File Transfer Protocol (FTP)
Provides application-level services for file

transfer.
TELNET
Provides terminal emulation.
Routing Information Protocol

(RIP)
Enables the exchange of distance vector

routing information between routers.
Open Shortest Path First

(OSPF)
Enables the exchange of link state routing

information between routers.
Exterior Gateway Protocol

(EGP)
Enables the exchange of routing information

between exterior routers.
Overview of TCP/IP Protocol Usage

Applications developed for TCP/IP generally use several of the protocols in
the suite. The layers of the protocol suite is also known as the protocol stack.
User applications communicate with the top layer of the protocol suite. The
top-level protocol layer on the source computer passes information to the
lower layers of the stack, which in turn pass it to the physical network. The
physical network transfers the information to the destination computer. The
lower layers of the protocol stack on the destination computer pass the
information to higher layers, which in turn pass it to the destination
application.
Each protocol layer within the TCP/IP suite has various functions; these
functions are independent of the other layers. Each layer, however, expects to
receive specific services from the layer beneath it, and each layer provides
specific services to the layer above it.
Figure 2 on page 14 shows the TCP/IP protocol layers. The layers at the same
level on the source and destination computers are peers. For example, the
application on the source computer and the application on the destination
Understanding

103-000151-001
August 30, 2001
Novell Confidential
13
Manual
99a
38
July 17, 2001
computer are peers. Each layer of the protocol stack on the source computer
communicates with its peer layer on the destination computer. From the
perspective of the software developer or user, the transfer takes place as if the
peer layers sent their packets directly to one another.
Figure 2
TCP/IP Model
Source Host
Destination Host
Application
Application
Messages or
Streams
Transport
Transport
Datagrams
(UDP) or
Segments (TCP)
Internet
Internet
IP Datagrams
Network
Interface
Network
Interface
Network Frames
Network Hardware
An application for transferring files with TCP, for instance, performs the
following operations to send the file contents:
1. The Application layer passes a stream of bytes to the Transport layer on
the source computer.
2. The Transport layer divides the stream into TCP segments, adds a header
with a sequence number for that segment, and passes the segment to the
Internet (IP) layer. A checksum is computed over the TCP header and
data.
14

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
3. The IP layer creates a packet with a data portion containing the TCP
segment. The IP layer adds a packet header containing source and
destination IP addresses.
4. The IP layer also determines the physical address of the destination
computer or intermediate computer on the way to the destination host. It
passes the packet and the physical address to the Data-Link layer. A
checksum is computed on the IP header.
5. The Data-Link layer transmits the IP packet in the data portion of a datalink frame to the destination computer or an intermediate computer. If the
packet is sent to an intermediate computer, steps 4 through 7 are repeated
until the destination computer is reached.
6. At the destination computer, the Data-Link layer discards the data-link
header and passes the IP packet to the IP layer.
7. The IP layer checks the IP packet header. If the checksum contained in the
header does not match the checksum computed by the IP layer, it discards
the packet.
8. If the checksums match, the IP layer passes the TCP segment to the TCP
layer.
9. The TCP layer computes a checksum for the TCP header and data. If the
computed checksum does not match the checksum transmitted in the
header, the TCP layer discards the segment. If the checksum is correct and
the segment is in the correct sequence, the TCP layer sends an
acknowledgment to the source computer and passes the data to the
application.
10. The application on the destination computer receives a stream of bytes,
just as if it were directly connected to the application on the source
computer.
Transport Layer Protocols

The Transport layer of the TCP/IP protocol suite consists of two protocols,
UDP and TCP. UDP provides an unreliable connectionless delivery service to
send and receive messages. TCP adds reliable byte stream-delivery services
on top of the IP datagram delivery service.
The ports numbered between 1 and 1,023 are well-known port numbers. For
dynamically bound ports, an application requests that UDP assign a port to
Understanding

103-000151-001
August 30, 2001
Novell Confidential
15
Manual
99a
38
July 17, 2001
identify which port the process uses. The port must be in the range of 1,024 to
65,535.
UDP
UDP identifies applications through ports. The protocol defines two types of
protocol ports: well-known port assignments and dynamically bound ports.
For well-known port assignments, certain UDP port numbers are reserved for
particular applications. Then the application can direct UDP datagrams to that
port.
UDP enables multiple clients to use the same port number and different IP
addresses. The arriving UDP datagrams are delivered to the client that
matches both the destination port number and address. (A socket consists of
an IP address and the port number.) If there is no matching client or if the
ICMP destination is unreachable then a port unreachable message is sent and
the packet is dropped.
The UDP datagram is encapsulated in an IP datagram that, in turn, is
encapsulated in physical frames. Figure 3 on page 17 shows a UDP datagram
encapsulated in an IP datagram, which, in turn, is encapsulated in an Ethernet
frame. It also illustrates how the concept of layering, discussed at the
beginning of this section, affects the construction of packets sent across the
network.
16

103-000151-001
August 30, 2001
Novell Confidential
Manual
Figure 3
99a
38
July 17, 2001
A UDP datagram encapsulated in an IP datagram which, in turn, is encapsulated in an Ethernet

frame
UDP
Header
Source
Port
Destination
Port
UDP
Data
UDP
Data
UDP Datagram
IP
Header
IP Datagram
Frame
Header
Ethernet
CRC
Ethernet Frame
In this example, the IP address transmits the IP datagram to the node. At that
destination, the IP software extracts the UDP datagram and delivers it to the
UDP-layer software. The UDP-layer software delivers the UDP data through
the destination port to the receiving application. The process at that port uses
the data in the UDP datagram. The UDP datagram also contains a source port
to ensure that the destination process can reply correctly.
TCP
For applications that must send or receive large volumes of data, unreliable
datagram delivery can become burdensome. Application programmers might
have to develop extensive error handling and status information modules to
track the progress and state of data transfer for every application. The TCP/IP
suite of protocols avoids this problem by using TCP, a reliable byte-stream
delivery protocol. TCP establishes a connection between two applications and
sends a stream of bytes to a destination in exactly the same order that they left
the source. Before transmission begins, the applications at both ends of
transmission obtain a TCP port from their respective operating systems. These
are analogous to the ports used by UDP. The application initiating the transfer,
known as the client side, generally obtains a port dynamically. The application
Understanding

103-000151-001
August 30, 2001
Novell Confidential
17
Manual
99a
38
July 17, 2001
responding to the transfer request, known as the server side, generally uses a
well-known TCP port. The client side is typically the active side and initiates
the connection to the passive server side.
Like the UDP datagrams, TCP segments are encapsulated in an IP datagram.
TCP buffers the stream by waiting for enough data to fill a large datagram
before sending the datagram. The stream is unstructured, which means that
before transmission of data, both the sending and receiving applications must
agree on the meaning of the contents of the stream. The TCP protocol uses
full-duplex transmission. Full duplex means that two data streams can flow in
opposite directions simultaneously. Thus, the receiving application can send
data or control information back to the sending application while the sending
application continues to send data.
The TCP protocol gives each segment a sequence number. At the receiving
end of the connection, TCP checks successive sequence numbers to ensure
that all the segments are received and processed in the order of the sequence
numbers. The receiving end sends an acknowledgment to the sender for the
segments received. TCP enables the sender to have several outstanding
segments before the receiver must return an acknowledgment. If the sending
node does not receive an acknowledgment for a segment within a certain time,
it retransmits that segment. This scheme, called positive acknowledgment with
retransmission, ensures that the stream delivery is reliable.
Internet Protocol
In the TCP/IP protocol suite, all packets are delivered by the IP datagram
delivery service. Packet delivery is not guaranteed by this service. A packet
can be misdirected, duplicated, or lost on the way to its destination. The
service is connectionless because all packets are transmitted independently of
any other packets. This is in contrast to a telephone network, for instance,
where a connection is established and maintained.
To keep track of the delivery status, TCP/IP applications using the IP
datagram delivery service expect to receive replies from the destination node.
IP defines the form that packets must take and the ways that packets are
handled when they are transmitted or received. The form the packet takes is
called an IP datagram. It is the basic unit of information that is passed across
a TCP/IP network. The IP datagram consists of a header and a data section.
The header section contains the sender's (source) IP address and the receiver's
(destination) IP address and other information. Figure 4 on page 19 shows the
general form of an IP datagram.
18

103-000151-001
August 30, 2001
Novell Confidential
Manual
Figure 4
99a
38
July 17, 2001
Basic frame of an IP Datagram
IP Datagram Data
IP Datagram Header
Header
Information
Source IP
Address
Destination
IP Address
Options
Data
The IP address for a node is a logical address and is independent of any

particular hardware or network topology. It has the same form, regardless of
the media type. The IP address (version 4) is a 4-byte (32-bit) numeric value
that identifies both a network and a local host or node (computer or other
device) on that network. The 4-byte IP address is usually represented in dotted
decimal notation. Each byte is represented by a decimal number, and periods
separate the bytes, for example, 129.47.6.17.
The Data-Link layer transmits IP packets in the data section of its physical
frame. Because IP supports a 64-KB packet length, an IP datagram might not
fit in a data-link frame. Also, in traveling to its destination, a datagram can
traverse many different media with different physical frame lengths. An IP
router might have to forward a packet across media in which the inbound and
outbound frame lengths differ.
To handle these potential problems with packet transmission, IP specifies a
method for breaking datagrams into fragments. The fragments are
reassembled when they arrive at the final destination. Reassembling
fragments reconstructs the entire IP datagram.
Path Maximum Transfer Unit

The maximum transfer unit (MTU) is the largest amount of data that can be
transferred across a given physical network. For local area networks, such as
Ethernet, the MTU is determined by the network hardware. For wide area
networks that use serial lines to interconnect packet switches, the MTU is
determined by software.
The Path MTU is the smallest of all MTUs, for the hops along a path from the
source host to the destination host. The Path MTU governs the size of the
Understanding

103-000151-001
August 30, 2001
Novell Confidential
19
Manual
99a
July 17, 2001
38
largest IP packet that can be sent across the path without fragmentation. This
feature conforms to RFC 1191.
This feature is automatically enabled when you enable TCP/IP.
Path MTU Discovery Process
There are two advantages to this feature. The Path MTU avoids fragmentation
anywhere along the path and it reduces the protocol overhead.
The Path MTU discovery process prevents fragmentation between two
routers. Figure 5 illustrates a sample Path MTU discovery process, followed
by an example of the steps involved.
Figure 5
A sample Path MTU discovery process
Host B,
4150 MTU
Host A,
4150 MTU
PPP, 1500 MTU
Token
Ring
Router 2
Token
Ring
Router 1
The following describes the steps involved in the sample Path MTU discovery
process illustrated above:
1. Host A opens a File Transfer Protocol (FTP) connection to Host B.
2. Host A and Host B negotiate the maximum segment size (MSS) during
their connection. This is the largest TCP segment that a host can send
across a network. The MSS in Figure 5 is 4,110 bytes, which is 4,150
bytes minus 40 bytes for the IP and TCP headers.
3. Host A sends a 4,150-byte packet to 4,110 bytes of data and 40 bytes of
header information to Host B. The Don't Fragment (DF) flag in the IP
header is set to yes in Host A.
4. Router 1 receives the packet from Host A. Then Router 1 determines that
the packet is larger than 1,500 bytes, which is the maximum packet size
that can be sent over a PPP network.
5. Router 1 sends Host A an ICMP destination unreachable error message.
This message indicates that Router 1 must fragment packets larger than
1,500 bytes.
20

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
6. Host A receives the error message from Router 1. In response, it adjusts

the maximum segment size to 1,460 bytes.
7. Host A resends the data from Step 3. Each packet consists of 1,460 bytes
of data and 40 bytes of header information.
8. Router 1 accepts the packets and forwards them to Router 2, which then
sends them on to Host B.
Assigning IP Network Addresses

IP network addresses should be assigned by one person at your company. We
recommend that a network administrator assign IP network addresses.
Therefore, to obtain a new address, see your network administrator or if you
are a network administrator this section would help you assign IP network
addresses.
For a node using the TCP/IP protocol suite to communicate with other nodes,
including nodes on other private networks and on the Internet, an IP network
address is required. Your IP network address could be determined in one of the
following ways:
If you are accessing the Internet through an Internet Service Provider
(ISP), you can be assigned an IP address by your ISP.
If you are connected directly to the Internet community or if you cannot
connect to the Internet using the registered IP address range you were
assigned by your ISP, contact the following organization:
Network Solutions, Inc.
Attn.: InterNIC Registration Services
505 Huntmar Park Dr.
Herndon, VA, USA 20170
E-mail: hostmaster@internic.net
Web address: http://nic.ddn.mil or http://192.112.36.5
If your network is not attached to the public Internet community, you can
select an arbitrary IP network number. However, if you plan to attach your
network to the Internet later, you should use the guidelines in RFC 1918.
Understanding

103-000151-001
August 30, 2001
Novell Confidential
21
Manual
99a
38
July 17, 2001
The addresses for all the nodes on the network must meet the following
criteria:
All addresses within a network must use the same prefix. For example,
any node on network 129.47 must have an address in the form 129.47.x.x.
Each node must have a unique IP address.
Historic IP Address Classes

Each 4-byte IP address is divided into two parts:
A network portion, which identifies the network
A host portion, which identifies the node
IP addresses are differentiated into three classes, based on the two most
significant bits of the first byte. This is done so that routers can efficiently
extract the network portion of the address.
This division can occur at any one of three locations within the 32-bit address.
These divisions correspond to the three IP address classes: Class A, Class B,
and Class C. Regardless of address class, all nodes on any single network
share the same network portion; each node has a unique host portion.
Class A Addresses
A Class A IP address consists of a 1-byte network portion followed by a 3-byte

host portion, as shown in Figure 6 on page 23. The highest-order bit of the
network portion is always set to 0. Thus, within an internetwork, there can be
a total of 126 Class A networks (1 through 126), with more than 16 million
nodes in each (networks 0 and 127 are reserved).
The format of a Class A address is as follows:
0nnnnnnn.hhhhhhhh.hhhhhhhh.hhhhhhhh
where n represents the network address and h represents the host address.
Class A addresses contain 7 bits of network address and 24 bits of host
address.
22

103-000151-001
August 30, 2001
Novell Confidential
Manual
Figure 6
38
July 17, 2001
A Class A IP address
3 Bytes
1 Byte
99a
Network
Address
Host Portion
Class B Addresses
A Class B IP address consists of a 2-byte network portion followed by a 2-byte

host portion, as shown in Figure 7. The two highest-order bits of the network
portion are always set to 10. Thus, within a single internetwork there can be
approximately 16,000 Class B networks (128.0 through 191.255), with more
than 65,000 nodes in each.
The format of a Class B address is as follows:
10nnnnnn.nnnnnnnn.hhhhhhhh.hhhhhhhh
Class B addresses contain 14 bits of network address and 16 bits of host
address.
Figure 7
A Class B IP address
2 Bytes
10
Network
Address
2 Bytes
Host Portion
Class C Addresses
A Class C IP address consists of a 3-byte network portion followed by a 1-byte

host portion, as shown in Figure 8 on page 24. The three highest-order bits of
the network portion are always set to 110. Within a single internetwork, there
can be approximately 2 million Class C networks (192.0.0 through
223.255.255), with up to 254 nodes in each.
Understanding

103-000151-001
August 30, 2001
Novell Confidential
23
Manual
99a
38
July 17, 2001
The format of a Class C address is as follows:

110nnnnn.nnnnnnnn.nnnnnnnn.hhhhhhhh
Class C addresses contain 21 bits of network address and 8 bits of host
address.
Figure 8
A Class C IP address
3 Bytes
110
1 Byte
Network
Address
Host Portion
Identifying Network Classes

The first byte of an IP address identifies which of the three network classes
that address belongs to. The ranges for that first byte are as follows:
Class A: 1 to 126 (1.h.h.h to 126.h.h.h)
Class B: 128 to 191 (128.n.h.h to 191.n.h.h)
Class C: 192 to 223 (192.n.n.h to 223.n.n.h)
An IP address beginning with 154 is a Class B address. The first two bytes of
the address are represented by n for the network portion of the address, and the
last two bytes are represented by h for the host portion. For example, an IP
address of 154.1.0.3 means the IP network portion is 154.1.0.0 and the host
portion on that network is #.#.0.3.
The network portion of an IP address should be the same for all nodes on that
network. Each node connected to the network must have a unique IP host
address assigned to it.
HINT: The key to selecting a number for the host portion of the IP address is to
ensure that the number selected is unique, that is, that no other host on the network
has the same IP address.
24

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Selecting an Appropriate Address Class

When selecting an IP address class, you must decide on both network numbers
and host address portions. Because the first 1, 2, or 3 bits of the IP address
determine how the entire address is to be interpreted and where the division
between the network address and host address portion is to occur, you should
know the consequences of your choice. When deciding on a network class,
you should consider the number of IP nodes to be supported on your network
and the number of networks you plan to configure.
For example, if you use Class C addresses (the first 3 bits of the IP address are
110 binary), then you are restricted to 254 nodes. However, the number of
nodes available can be altered by using subnets. Before selecting an IP address
class, see Creating Subnets on page 28.
Reserved IP Addresses
The IP addressing rules reserve the following types of IP addresses for special
purposes:
Network addressesIP addresses in which the host portion is set to all
zeros. For example,129.47.0.0 is the network address (or network
number) for a Class B network. Network addresses identify networks
rather than nodes on a network. By convention, no node is ever assigned
a host portion consisting of all zeros.
Broadcast addressesAddresses in which the host portion is set to all
ones. A packet with a broadcast address is destined for every node on the
network. By convention, no node is ever assigned a host portion
consisting of all ones.
Loopback addressesAddresses that cause the protocol software to
return data without sending traffic across a network. Network address
127.0.0.0 and all host addresses on that network (for example, 127.0.0.1)
are reserved.
Multicast addressesAddresses that are used to send packets to a group
of hosts or routers. They range from 224.0.0.1 to 239.255.255.255.
Reserved addressesAddresses in which the network portion consists
of all zeros or all ones.
Understanding

103-000151-001
August 30, 2001
Novell Confidential
25
Manual
99a
38
July 17, 2001
Physical and IP Addresses

Each node has a physical address for the specific hardware device that
connects it to a network. For instance, a physical address on an Ethernet
network is a 6-byte numeric value, such as 08-00-14-57-69-69. It is assigned
by the manufacturer of the Ethernet interface hardware. X.25 networks, which
conform to the specification of the ITU-T (International Telecommunications
Union, Telecommunications sector), previously CCITT, use the X.121
standard for physical addresses, which consist of 14-digit numbers.
NOTE: Physical addresses are also called media access control (MAC)
addresses. Throughout the rest of this section, all references to MAC or physical
addresses assume physical addresses on Ethernet, token ring, or FDDI networks.
Since IP uses a 32-bit address and Ethernet uses a 48-bit Ethernet address
there is a conflict. To associate the IP address to a physical address on an
Ethernet network, a mapping must occur between the two types. The address
resolution protocol (ARP) provides a mapping between the two different
forms of addresses.
IP Address to Physical Address Translation

Each physical medium has its own physical address for nodes on that medium.
The physical addresses are also called MAC addresses. Ethernet and token
ring networks use 6-byte MAC addresses. ARCnet uses a 1-byte MAC
address.
IP addresses are independent of the hardware. When an IP packet is
transmitted on the network, it is first encapsulated within the physical frame
used by that network. Figure 9 shows an IP packet encapsulated in an Ethernet
frame. The IP packet contains an Internet address for a node, but the Ethernet
frame must have a physical address for it to be delivered on the data-link
network. Therefore, the sending node must be able to map an IP address to a
physical hardware address.
Figure 9
A packet encapsulated in an Ethernet frame
IP Datagram
Preamble
Destination
Address
Source
Address
Packet
Type
Packet Data
Ethernet
CRC
Frame Data
Frame Header
Ethernet Frame
26

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Mapping Internet Addresses to Physical Addresses
When an IP address is mapped to a physical, or MAC, address, ARP is used

on broadcast networks such as Ethernet, token ring, and ARCnet. When a
node uses IP to send a packet, it must determine which physical address on the
network corresponds to the destination IP address. To find the physical
address, the node broadcasts an ARP packet containing the destination IP
address. The node with the specified destination IP address sends its physical
address back to the requesting node.
Address Resolution Cache
To speed packet transmissions and reduce the number of broadcast requests

that must be examined by every node on the network, each node keeps an
address resolution cache. Each time the node broadcasts an ARP request and
receives a response, it creates an entry in its address resolution cache. The
entry maps the IP address to the physical address.
When the node sends an IP packet, it looks up the IP address in its cache and
uses the physical address, if found. The node broadcasts an ARP request only
if the IP address is not in its cache.
ARP Cache Update Timeout
ARP Cache Update Timeout is a configurable parameter used to specify the

timeout period for an entry to be removed from the ARP table, if the entry has
not been updated. The ARP Cache Update Timeout value should be greater
than or equal to the ARP Cache Stale Timeout value.
ARP Cache Stale Timeout
ARP Cache Stale Timeout ia a configurable parameter used to specify the

timeout period for an entry to be removed from the ARP table, if the entry has
not been used for some time. The ARP Cache Stale Timeout value should be
less than or equal to the ARP Cache Update Timeout value.
Understanding

103-000151-001
August 30, 2001
Novell Confidential
27
Manual
99a
38
July 17, 2001
Creating Subnets
One IP network can be divided into smaller networks, called subnets. The
following are reasons to divide your network:
Use multiple mediaIt can be impossible, inconvenient, or too
expensive to connect all nodes to a single network medium when these
nodes are too far apart or already connected to different media.
Reduce congestionTraffic between nodes on a single network uses
network bandwidth. As a result, more bandwidth is required when you
have more nodes. Splitting nodes into separate networks reduces the
number of nodes on a data-link network. Fewer nodes generate less traffic
and, as a consequence, less congestion.
Reduce CPU useReducing CPU use on connected nodes is similar to
reducing congestion. More nodes on a network cause more broadcasts on
that network. Even if a broadcast is not sent to a particular node, each
node on a network must react to every broadcast before deciding to accept
it or discard it.
Isolate a networkBy splitting a large network into small networks, you
limit the impact of one network's problems on another. Such problems can
include network hardware failures, such as an open Ethernet tap, or
software failures, such as a broadcast storm.
Improve securityOn a broadcast network medium such as Ethernet,
each node on a network has access to all packets sent on that network. By
enabling sensitive network traffic on only one network, other network
monitors can be prevented from accessing this sensitive traffic.
Make efficient use of IP address spaceIf you are using a Class A or
B network number and have multiple small physical networks, you can
divide the IP address space into multiple IP subnets and assign them to
individual physical networks. Another option is to obtain several Class C
network numbers, although this is less desirable.
For more information about creating subnets, see the following:
Subnet Addresses and Masks on page 29
Subnet Zero on page 32
Variable Size Subnets on page 32
Assigning Subnet Addresses on page 33
Broadcast Addresses on page 34
Multicast Addresses on page 34
28

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Subnet Addresses and Masks

Communication between a node on a local subnet and a node on a different
subnet is similar to communication between nodes on two different networks.
To a user, routing between subnets is transparent. Internally, the IP software
recognizes any IP addresses that are destined for a remote subnet and sends
those packets to the router on that subnet.
As in network-to-network communication, the routing information for
communication between subnets is maintained in the routing table (by IP).
When a network is divided into subnets, the host address portion of the IP
address is divided into two parts, just as the IP address itself is divided into
two parts. The host address portion specifies both the subnet of the IP network
and the node on that subnet.
The 4-byte IP address consists of a network address and a host portion, as
shown in Figure 10.
Figure 10
A 4-byte IP address
<Network Address>
Network Address
<Subnet Address>
<Host Address>
Host Portion
For instance, if a network has the Class B IP network address portion 129.47,
the remainder of the IP address can be divided into subnet addresses and host
addresses. Controlled by the local network administrator, this division allows
the most flexibility for network development at the local site. For example, the
subnet address could comprise 4 bits of the remaining 2 bytes. This allows 15
subnets, each with 4,094 nodes. Or, in another case, the subnet address could
comprise 8 bits, allowing 255 subnets (a subnet address of all ones is not
valid), each with 254 nodes.
NOTE: NetWare routing software supports the use of all zeros in the subnet field
(subnet zero). However, a subnet field with all ones denotes all subnets of a
particular network; therefore, a subnet field with all ones cannot be used as a local
IP address.
Figure 11 on page 30 shows a single IP network divided into two subnets. The
router shown has physical attachments and IP addresses on both subnets
(129.47.128.1 and 129.47.192.1). It might also have physical devices and IP
addresses (nn.nn.nn.nn) connecting it to other networks.
Understanding

103-000151-001
August 30, 2001
Novell Confidential
29
Manual
Figure 11
99a
38
July 17, 2001
A single IP network divided into two subnets
129.47.192.254
129.47.192.253
Subnet
Address: 192(1100)
129.47.193.1
129.47.192.1
Subnet Mask for Network Address
129.47.0.0:
255.255.240.0 or 0xFF.0xFF.0xF0.0x00
(11111111.11111111.11110000.00000000)
Router
All Other
Networks
129.47.128.1
129.47.129.1
129.47.128.254
Subnet
Address: 128(1000)
129.47.128.253
A subnet mask indicates how the host portion of the IP address is divided into
a subnet address and a local host portion. The network mask is a 32-bit number
with all ones for all network and subnet address portions, and all zeros for the
host field. With a Class B network portion of 129.47 and a 4-bit subnet
address, for instance, the subnet mask consists of 20 ones and 12 zeros. In
essence, a subnet mask locally extends the network address portion of an IP
address and reduces the host portion.
Table 2 on page 31 shows an example of a Class C subnet with an IP address
of 200.2.1.209. To create a subnet address, bits are taken from the local host
portion. As the size of the subnet mask increases, the number of hosts
decreases and the number of subnets increases.
30

103-000151-001
August 30, 2001
Novell Confidential
Manual
Table 2
99a
July 17, 2001
38
Subnet Masks with Class C Addresses

Class C IP
Address
200.2.1.209
Network
Number
Subnet
Number
Host
Number
Available Networks,
Subnets, and Hosts
FF.FF.FF.0
200.2.1.0
None
0.0.0.209 1 network, 0 subnets, and

254 hosts
FF.FF.FF.E0
200.2.1.0
200.2.1.192
0.0.0.17
7 subnets and 30 hosts

per subnet
FF.FF.FF.F0
200.2.1.0
200.2.1.208
0.0.0.1
15 subnets and 14 hosts

per subnet
Figure 12 shows examples of IP network addresses, their relationship to the

subnet mask, and the corresponding subnets.
Figure 12
Examples of IP network addresses
Subnet Address
Local Host Portion
Network Address
Subnet
Mask:
11111111.11111111.11110000.00000000
129.47.128.254: 10000010.00111001.10000000.11111110 IP Address on Subnet 128

129.47.129.01:
10000010.00111001.10000001.00000001 IP Address on Subnet 128
129.47.192.254: 10000010.00111001.11000000.11111110 IP Address on Subnet 192

129.47.193.01:
Understanding

103-000151-001
August 30, 2001
Novell Confidential
31
Manual
99a
38
July 17, 2001
Subnet Zero
Subnet zero is a subnet with all the bits in the subnet field of the IP address set
to 0. For example, subnet 130.57.0.0, with a mask of 255.255.240.0, is a
subnet zero of network 130.57, as shown in Figure 13 on page 32.
Figure 13
A subnet zero
Subnet Address
Local Host Portion
Network Address
Subnet
Mask:
11111111.11111111.11110000.00000000
130.57.0.1:
The official IP specification reserves the subnet addresses with all zeros and
all ones and does not allow them to be used as subnet addresses. However, this
policy wastes one subnet in the IP address space. To counteract this limitation,
Novell's TCP/IP implementation enables the use of subnet zero.
Variable Size Subnets

The subnets of a network can have different length subnet masks, called
variable length subnet masks. These subnets are called variable because the
size, or length, of the subnet varies from subnet to subnet.
A subnet mask defines the number of bits that can be used to define the subnet
and the number of bits to define the host. As the subnet mask increases, the
number of hosts on a subnet decreases. As the subnet mask decreases, the
number of hosts that can be defined increases.
Some network configurations have individual subnets with a large number of
hosts and other subnets with a small number of hosts. Using the same subnet
masks on all subnets can mean either of the following:
The mask is too small and you do not have enough subnet numbers for all
your subnets.
The mask is too big and you do not have enough host IDs for all your
hosts on a subnet.
If the mask is too small or too big, use a variable size subnet. By varying the
size of the subnet mask used on a network, you can match the number and size
of subnets to your configuration.
32

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
For example, subnet 16 of network 130.57.0.0 with mask 255.255.240.0,

130.57.16.0, can be further divided into 16 sub-subnets with 256 hosts each.
(Actually, this division creates 15 sub-subnets with 254 hosts each because
sub-subnet 130.57.31.0, host 0, and host 255 are not used.)
NOTE: OSPF and RIP II recognize subnet masks and support variable size
subnets. RIP I does not work when the network is partitioned into variable length
subnets because RIP I assumes that all subnets belonging to the same network
use the same subnet mask.
Assigning Subnet Addresses

HINT: Because RIP I packets do not carry subnet mask information, the RIP I
routing protocol imposes several restrictions on the use of subnets. If you are using
RIP I, use the same subnet mask for all subnets belonging to the same network.
Using RIP II lifts this restriction.
If you are installing the routing software on a network with subnets, use the
subnet mask already established for the network.
Subnet addresses and host addresses are typically assigned in numeric order,
where both the subnet and host addresses are assigned from the right edge of
their field. By this method, the border between the subnet address and the host
address becomes fixed when the first subnet (subnet address = 1) is assigned.
If the number of hosts on a subnet or the number of subnets required exceeds
the limits of the subnet mask, using this method makes it difficult to adjust the
subnet mask because each host must be renumbered.
To prepare for changes in the size of the subnet mask, RFC 1219 suggests that
subnets be assigned from the left of the subnet address field, and that hosts be
assigned, in numeric order, from the right of the host address field. In this way,
the subnet bits become a mirror image of the host bits. (You must still select
an initial subnet mask and use it for all subnets in the network.) For example,
to apply this method to a Class B IP network with a subnet mask of
255.255.255.0, you assign subnet addresses as follows:
1000 0000 (Decimal 128)
0100 0000 (Decimal 64)
1100 0000 (Decimal 192)
0010 0000 (Decimal 32)
...
0000 0001 (Decimal 1)
0000 0010 (Decimal 2)
0000 0011 (Decimal 3)
0000 0100 (Decimal 4)
Understanding

103-000151-001
August 30, 2001
Novell Confidential
33
Manual
99a
38
July 17, 2001
Then, you assign host addresses on each subnet as follows:

...
Using this method leaves a buffer zone between the subnet and host addresses,
which enables future network growth.
The method of assigning subnet addresses described in this section
summarizes the method suggested in RFC 1219, On the Assignment of
Subnetwork Numbers. For a complete description of this method, refer to RFC
1219.
Broadcast Addresses
There are four types of broadcast addresses: directed broadcasts, subnet
directed broadcasts, all-subnets directed broadcasts, and limited broadcasts. A
directed broadcast has a destination IP address with the network portion of the
IP address set to Class A, B, or C network, and the host field set to all ones.
Directed broadcasts are sent to all hosts on the specified network.
If the network is divided into subnets, each subnet has a subnet directed
broadcast. A subnet directed broadcast has an IP address with the network
field set to the network identifier, the subnet field set to the subnet identifier,
and the host field set to all ones.
An IP address with both the subnet and host field set to all ones is interpreted
as a broadcast directed to all the subnets on the network. That is, the first router
on the specified network broadcasts the IP address to one of its subnets. If
broadcast forwarding is enabled, the receiving routers in that network forward
the broadcast to other subnets.
An IP address with all bits set to 1, that is 255.255.255.255, is called a limited
address. It is directed to all hosts on the subnet from which the broadcast
originated.
Multicast Addresses
A multicast address is used to send packets to a group of hosts or routers. A
packet with a multicast address is received by all hosts and routers belonging
to that multicast group. Class D addresses are reserved for multicast addresses.
They range from 224.0.0.1 to 239.255.255.255.
Novell's TCP/IP implementation uses five multicast addresses. Two are used
by OSPF to multicast packets to OSPF routers. These addresses are 224.0.0.5
34

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
and 224.0.0.6. Two are used by Router Discovery messages to multicast router
advertisements and solicitation messages. These addresses are 224.0.0.1 and
224.0.0.2. RIP II uses multicast address 224.0.0.9.
Routing
The term routing refers to the transmission of a datagram from one node to
another on the same or a different network. The route refers to the path that is
chosen to transmit an IP datagram from its origin to its destination, based on
the IP addresses contained in the datagram.
When a datagram is sent to a node on another network, the network portions
of the source and the destination IP addresses are different. When the packet
is received by a router that connects the source to the destination network, the
router forwards the packet on the correct interface to reach the destination, as
shown in Figure 14 on page 36. Two networks are connected if at least one
router is attached to both networks.
Understanding

103-000151-001
August 30, 2001
Novell Confidential
35
Manual
Figure 14
99a
38
July 17, 2001
How the router connects the source to the destination network
Token Ring
Network
130.58.0.0
Ethernet
Network
130.58.1.1
140.88.0.0
Router
140.88.12.1
140.88.3.4
130.58.1.2
Each host has a default router or a list of routers in other networks. When IP
sends a datagram the following happens:
1. IP searches the routing table of the sending node for a default route or a
path to the destination IP address.
2. IP extracts the address of the default router or next-hop router from the
route entry.
3. IP requires ARP to map the next-hop address to its hardware address.
4. IP transmits the packet to the next hop.
5. IP repeats Steps 1 through 4 until the final destination is reached.
36

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Error and Control Messages

Another protocol in the TCP/IP suite is the Internet Control Message Protocol
(ICMP). ICMP packets contain information about errors and control on the
network: inoperative nodes and gateways, packet congestion at a gateway, and
so on. The IP software, rather than the application, interprets an ICMP
message. The IP software then takes the appropriate action with respect to the
ICMP message, independently of the application. Because an ICMP message
might need to travel across several networks to reach its destination, it is
encapsulated in the data portion of an IP datagram.
ICMP is also used to test connectivity between two nodes. The originating
node uses PING to send an ICMP echo request and waits for an ICMP echo
response from the destination.
Router Discovery Protocol

The Router Discovery Protocol, an extension to Internet Control Message
Protocol (ICMP), allows hosts to discover routers on their networks and
determine which router to use as the default router. When a host needs to send
a packet to another network, it first sends the packet to a router that forwards
the packet toward the destination. To accomplish this, the host needs to know
where the routers are on its network and which one to send packets to.
When you configure the router discovery mechanism, the router advertises
itself with periodic ICMP router advertisement messages. Then the host
listens to this message and decides whether to use a router as the default router.
You can configure the host to solicit the router advertisement on attached
networks. All participating routers then reply to the inquiry. By collecting
those replies, the host discovers the routers on the network and determines
which router to use.
A host might not select the best router (the router with the optimal path) to
forward packets to a specific destination. When a router receives a packet
from a host that is better forwarded to another router on the network, the router
uses an ICMP Redirect message to notify the host of the optimal path.
NetWare routing software provides both host and router implementations of
the Router Discovery Protocol. The mode of operation of the Router
Discovery Protocol is determined by whether the IP Packet Forwarding
parameter is enabled. If IP Packet Forwarding is enabled, the Router
Discovery Protocol will send Router Advertisement messages. If IP Packet
Understanding

103-000151-001
August 30, 2001
Novell Confidential
37
Manual
99a
38
July 17, 2001
Forwarding is disabled, the Router Discovery Protocol will send Router

Solicitation Messages. these messages are explained in the next section.
Router Discovery Messages

The two message types that are used by the Router Discovery Protocol to
communicate between hosts and routers are discussed in the following
sections.
ICMP Router Advertisement Message
The ICMP Router Advertisement Message is ICMP message type 9. This

message is used by routers to advertise their presence on the network and is
broadcast or multicast to all hosts on the network.
This message type carries the IP address of the router and its preference level.
Hosts use the preference level to determine which router to use for forwarding.
The router with the highest preference becomes the default router. A value of
0x80000000 indicates the router is not to be used. Routers with this value are
used only when other routers send ICMP Redirect messages to the host.
ICMP Router Solicitation Message
The ICMP Router Solicitation Message is ICMP message type 10. Hosts use
this message to solicit router advertisements from all participating routers on
the network.
Router Discovery Multicast Address
Router Discovery uses two IP multicast addresses. The IP address 224.0.0.1 is

reserved to multicast the Router Advertisement Message to the hosts. The IP
address 224.0.0.2 is reserved to multicast the Router Solicitation Message to
the routers. If the network does not support multicast, then broadcast address
255.255.255.255 is used for both the Router Advertisement and Router
Solicitation messages.
38

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Novell TCP/IP
The Novell TCP/IP stack consists of the following five NetWare Loadable
ModuleTM (NLMTM) programs:
BSDSOCK.NLM provides the BSD standards sockets interface.
TCP.NLM provides the transport layer TCP and UDP interfaces.
TCPIP.NLM provides IP, ICMP, IGMP, Routing and other networking
layer protocols.
NETLIB.NLM is a library of the entire stack.
INETCFG.NLM allows you to configure the stack with the help of
TCPCFG.NLM. The configuration is stored in SYS:\ETC\TCPIP.CFG
and SYS:\ETC\NETINFO.CFG. Please note, an abend may cause the
corruption of both of the above two .CFG files. So always take a back up
of the files.
The Novell TCP/IP software is now multiprocessor (MP) enabled and
multithreaded. The transport layer (TCP & UDP) is completely MP enabled
so that the stack can process any TCP/UDP connections on any processor.
These features are aimed at taking advantage of the multiple processors
available and at making the stack scale more than what it does on a uniprocessor machine.
The stack provides you with the TCP/IP protocols as per the Request For
Comments. NetWare 6 gives you the following new features:
Selective Acknowledgement (page 40)
Large Windows (page 40)
TCP Defend Fin Attack (page 41)
Classless IP Addresses (page 41)
Novell TCP/IP

103-000151-001
August 30, 2001
Novell Confidential
39
Manual
99a
38
July 17, 2001
Multihoming (page 41)

Multiple Default Gateway (page 43)
Dead Gateway Detection (page 43)
Path MTU Black Hole Detection and Recovery (page 44)
Provision of Non-ARPable Secondary IP Address (page 45)
Selective Acknowledgement
The Selective Acknowledgment (SACK) is a mechanism that includes a
retransmission algorithm which helps overcome weak links on the TCP/IP
stack.
The selective acknowledgment extension uses two TCP options. The first is
an enabling option, SACK-permitted, which can be sent in a SYN segment to
indicate that the SACK option can be used once the connection is established.
The SACK-permitted option is a two-byte option.
The second option is the SACK option itself, which can be sent over an
established connection once both the sender and the receiver have
successfully negotiated the SACK-permit option. Whenever there is loss of
data, the data receiver can send the SACK option to acknowledge the out-oforder segments.
For more information on this, see Selective Acknowledgement on page 57.
Large Windows
The Large Windows option allows windows larger than 2**16. It defines an
implicit scale factor, which is used to multiply the window size value found in
a TCP header to obtain the true window size which can go up to a maximum
limit of 1 GB.
This Large Window option is negotiated while establishing the connection.
For more information on this, see Large Windows on page 55.
40

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
TCP Defend Fin Attack

The TCP Defend Fin Attack solution provides a simple, single tuning option,
the Minimum Threshold parameter. In the TCP stack, the wait states
(FIN_WAIT1, FIN_WAIT2, CLOSED_WAIT, LAST_ACK and CLOSING)
are arranged in ascending order of importance by considering which of the
states are less risky to terminate. The order is static.
The stack assumes that there is no risk in terminating all connections in a less
important state. According to the arrangement of states, if a less important
connection is over using resources then it is selected. Alternately, if an
important state is over using and the less important states do not dominate, it
would be selected for reset only. At any given point in time a Minimum
Threshold number of connections will be permitted.
For more information on this, see TCP Defend Land Attacks on page 58.
Classless IP Addresses
The Novell TCP/IP stack implements Classless Inter-Domain Routing
(CIDR). It is now possible to bind to supernetted addresses with non natural
subnet masks. CIDR also allows binding to one or more interfaces. The
NetWare system bound to a system in a supernetted IP address environment
acts as an end node. In such a scenario, forwarding is disabled.
Multihoming
Multihoming enables an interface to assume multiple IP addresses on the same
network. Multihoming can be used for all IP networks bound to a router. This
is irrespective of whether the networks are bound to the same interface or to
different interfaces. The most common use of multiple addresses on the same
network is to enable a Web server to operate as though it were several Web
servers. One application is to use each secondary IP address to point to a
different Web page on the same Web server, depending on the Domain Name
System (DNS) name that is used to reach the server.
Multihoming is also commonly used with network address translation (NAT),
the proxy server, and the virtual private network (VPN). In all cases, the
secondary IP address can be configured on the same interface that has the
primary IP address. Or the secondary address can be configured on a different
interface. When there are multiple interfaces, the secondary address is
associated with the interface that is bound to the network that uses the same
Novell TCP/IP

103-000151-001
August 30, 2001
Novell Confidential
41
Manual
99a
38
July 17, 2001
address. If the secondary address is not valid on any of the networks bound to
existing interfaces, the address is rejected and an error message is produced.
Load Balancing and Fault Tolerance

With this release, the multihoming feature is extended to help configure the
stack for load balancing and fault tolerance at NIC/Link level. The TCP/IP
stack also provides mechanisms for the administrator to group those NICs
which are similar in characteristics to facilitate load balancing and fault
tolerance across them.
For NetWare 6, TCP/IP has two levels of enabling load balancing and fault
tolerance, one at the system level and another at the local group level. To
benefit from the feature make sure that you have fully enabled it, at both the
levels.
Five types of multihoming configurations are provided:
Single NIC Multiple IP Addresses (Different IP Addresses)In this type
of multihoming the client to server traffic can be distributed across the routers.
The required level of load balancing can be achieved through static routers and
dynamic DNS. Any dynamic algorithm would take care of the fault tolerance
aspect. In the case of a static route configuration the Multiple Default Gateway
with Dead Gateway Detection support would also help achieve the same
results.
Multiple NIC Multiple IP Address (Different IP Network)This is a
normal configuration of a router. All the configuration and the advantages
gained by the previous type of multihoming are applicable here also. In
addition, load balancing server-to-client traffic across the NICs and routers is
also possible. This can be achieved with the help of multipath routing.
Multiple NIC Multiple IP Address (Same IP Network)This type of
multihoming allows for both server-to-client and client-to-server load
balancing and fault tolerance at the Link level. This type of multihoming is
especially helpful in those cases where Route level load balancing and fault
tolerance are not required and become an overhead. Once this type of
multihoming is supported on the server side, the outgoing traffic load is NIC
based on various parameters such as the destination IP address and
interference lead. During NIC failure, the lead is automatically distributed
among the remaining NICs to achieve fault tolerance.
42

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Multiple NIC Single IP AddressHere the clients use the same IP address
to communicate with the server. This is achieved through using the round
robin method of distributing the NIC addresses for the ARP requests sent by
the clients. This solution avoids the extra configuration and transparently
achieves the load balancing for incoming packets. During a NIC failure, the
server sends a message to the clients to forcefully use them as the other
interface's MAC address.
Secondary IP Address (Multiple Logical Hosts)With this type of
multihoming it is possible to create multiple logical hosts belonging to the
same network. In a multihoming setup where multiple NICs are grouped to
support a single network, the secondary IP address with this type of
configuration supports an option to select one of the NICs in the group. By
using the non-ARPable option, these addresses can be used as virtual IP
addresses for load balancing solutions. Through this option, the same IP
address can be configured on all servers and the load balancer can distribute
the client load across these servers.
For more information on this, see Configuring Load Balancing on page 75
and Configuring Fault Tolerance on page 75.
Multiple Default Gateway

This feature stretches the existing Default Gateway (Default Router) feature,
by allowing you to configure multiple default gateways on your network.
When a default gateway goes offline, the Dead Gateway Detection feature
detects this and uses the Multiple Default Gateway list to switch to the next
preferred default gateway, making your network fault tolerant.
For more information on this, see Configuring a Default Gateway (LAN
Static Route) on page 71.
Dead Gateway Detection

This feature is used with the Multiple Default Gateway feature. When the
current default gateway goes offline, this feature detects the failure and
automatically enables the next preferred default gateway from the Multiple
Default Gateway list to act as the current default gateway. When a dead default
gateway with a higher preference is again online, this feature detects this and
switches back to the default gateway with the higher preference.
For more information on this, see Enabling Dead Gateway Detection on
page 74 and Configuring Dead Gateway Detection on page 74.
Novell TCP/IP

103-000151-001
August 30, 2001
Novell Confidential
43
Manual
99a
38
July 17, 2001
Probe Interval
This configured parameter lets you fine-tune the performance of the Dead
Gateway Detection feature by modifying the time interval (in seconds) at
which probes are sent to the default gateway to determine whether it is
functional or not.
For more information on this, see Configuring Probe Interval on page 74.
Probe Timeout
This configured parameter sets the time interval (in seconds) after which the
next probe is sent to the default gateway, when there is no reply received by
the gateway for the previously sent probe.
For more information on this, see Configuring Probe Timeout on page 75.

This feature provides the facility to detect a connection failure due to black
hole routers and helps to recover such connections.
Whenever a router gets a datagram with Don't Fragment (DF) bit set in its
header and the packet size is greater than the next MTU the router cannot
forward the packet. In such a case, the router sends an ICMP Destination
Unreachable DF bit set message to the host.
Often routers do not send such a message. Instead they ignore the datagram.
Typically, an IP datagram cannot be forwarded because its maximum segment
size is too large for the receiving server and the Don't Fragment bit is set in the
header of the datagram. Routers that ignore these datagrams and send no
message are called PMTU black hole routers. Some routers might silently
drop large frames, even when the DF bit is not set. Firewalls are often
misconfigured to suppress all ICMP messages.
To respond effectively to black hole routers, the Novell TCP/IP stack now
provides a Path MTUBH Detect feature. Path MTUBH Detect recognizes
repeated unacknowledged transmissions and responds by turning off the Don't
Fragment bit. After a datagram is transmitted successfully, the MTUBH
Detect feature reduces the maximum segment size and turns the Don't
Fragment bit on again.
44

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The feature specifies the maximum transmission unit size of an interface. Each
media type has a maximum frame size that can't be exceeded. The Link layer
is responsible for discovering this MTU and reporting it to the protocols above
it.
For more information on this, see Path MTU Black Hole Detection and
Recovery on page 57.
Provision of Non-ARPable Secondary IP Address

This feature lets you add a secondary IP address which will not reply to any
of the ARP requests coming from the network.
For more information on this, see ARP Cache Stale Timeout on page 53 and
ARP Cache Update Timeout on page 54.
Novell TCP/IP

103-000151-001
August 30, 2001
Novell Confidential
45
Manual
46
99a

103-000151-001
August 30, 2001
Novell Confidential
38
July 17, 2001
Manual
99a
38
July 17, 2001
Setting Up
This chapter describes how to set up the basic components of Novell TCP/
IP. For this release, only LAN configurations are supported.
The following topics are discussed:
Configuring Boards on page 47
Enabling TCP/IP on page 51
Binding Protocols on page 52
Configuring Boards
Configuring, or reconfiguring, a board involves choosing a driver for the
board, assigning a name to the board, and configuring the board parameters.
When you select and configure a LAN board, you are actually configuring one
or more physical interfaces that correspond to individual connections over
which packets are routed. Configuring a board causes the driver associated
with the board to load each time you initialize the router.
Most drivers that are compatible with NetWare software have a driver
description file that defines the hardware parameters necessary for the driver
to operate with the board you select. This filesometimes called the .LDI file
also specifies the valid range of values for each parameter. If a driver has
an .LDI file, the parameters associated with that driver are presented in the
Board Configuration menu; you simply choose a value for each parameter. If
a driver has no.LDI file, you must enter the required values in the Board
Parameters field.
Setting Up

103-000151-001
August 30, 2001
Novell Confidential
47
Manual
99a
38
July 17, 2001
Loading INETCFG
To load INETCFG at from the server prompt enter
inetcfg
The Internetworking Console interface is displayed. For the next set of
operation you need to select options on the Internetworking Console screens.
Configuring a LAN Board

To configure a board, complete the following steps:
1 Load INETCFG and then click Boards.
2a If you are configuring a new board:
Press Ins to display the list of available drivers.
Scroll through the list of available drivers and select the driver that
corresponds to the type of new LAN board you are installing in your
system. If the driver you need is not in the list, refer to Adding a
New Board Driver or NLM File to Your System on page 50.
2b If you are changing an existing board configuration:
Select that board.
Press Enter to see the configured parameters of the board.
Change the required parameters. (The name can not be

changed.)
3 The Configured Boards screen is displayed.

NOTE: If you are doing a new configuration, no existing boards are shown.
Otherwise, boards that have already been configured are shown.
The Configured Boards screen displays a list of configured boards with

some or all of the following information:
48
Board NameName you assign to the board.
DriverName of the driver associated with the board.
IntInterrupt request level (IRQ) used by the board.
IOAddrBase input/output port address for the board.
MemAddrBase memory address used by the board.

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
SlotNumber of the slot where the board is installed.
StatusStatus of the board, which is Enabled by default.
CommentAny comments that you enter about the board or its

configuration.
NOTE: Not every board-driver configuration requires all this information; in fact,
some configurations require other, link-specific parameters that are not shown in
the Configured Boards screen. These parameters are displayed in the Board
Configuration menu, as described in the following steps.
If the board driver has an .LDI file, the parameters you need to configure
for the board are displayed as separate fields in the menu.
If the board driver has no .LDI file, only the Board Name, Board
Parameters, and Comment fields are provided as a means for entering the
parameters manually.
4 Specify the board parameters by doing one of the following:
If the driver selected has a description file, the parameters are listed
as separate fields. You must highlight each field one at a time and
select the appropriate value for the parameter from the displayed list.
HINT: Use the context-sensitive help text if you need an explanation of any
parameter. Highlight the parameter and press F1 to display the help text.
Press Esc to exit the help screen. When in doubt, accept the default values.
If the driver selected does not have a description file, the Board
Configuration Without A Driver Description File menu is displayed.
You must type the parameters in the Board Parameters field; use the
following as an example:
PORT=300 INT=3
These parameters are appended to the LOAD driver line.

5 Press Esc to return to the Configured Boards screen; save your changes
when prompted.
The Configured Boards screen now shows the board you just configured.
Note that the board status is Enabled; you can use the Tab key to toggle
between Enabled and Disabled. To ensure that the board is loaded,
continue with the next step.
6 Press Esc to return to the Internetworking Configuration menu; save your
changes when prompted.

7 If you want these changes to take effect immediately, perform the
following actions.
Setting Up

103-000151-001
August 30, 2001
Novell Confidential
49
Manual
99a
38
July 17, 2001
LAN boards with a single network interface need no further

configuration; however, an enabled driver is not loaded unless a protocol
is bound to it.
After a data-link protocol has been associated with the board, select
Reinitialize System or restart the router to make the changes take effect.
If there are any conflicts with the hardware parameters of other boards,
one or more messages describe them. You must determine whether the
conflicts are acceptable or whether they interfere with the operation of the
router and, if necessary, resolve them.
Adding a New Board Driver or NLM File to Your System

2 Press Ins to display the list of available drivers.
3 Press Ins again.
All the available Novell certified drivers will appear on the screen.
4 Select the driver and then press Enter.
NOTE: You can also use this screen for copying drivers and NLM files from a
floppy diskette to the SYS:/SYSTEM directory.

To add a driver to the list of available drivers, insert the diskette containing the
driver in one of the disk drives, specify the complete path and filename of the driver
(for example, A:\NEWDRV\DRIVER) and then press Enter. The driver and its
description file, if any, are copied into the SYS:SYSTEM directory. (Note that the
file extension is not required.)
5 Configure the new board as described in Configuring a LAN Board on
page 48.
Enabling or Disabling a LAN Board

2 Select the board you want to enable or disable and press Tab.
The screen displays the board's new status (Enabled or Disabled).

IMPORTANT: If you disable a board that uses an AIO or CAPI driver and you
reinitialize the system, then all other boards that use the same driver will also be
disabled. If this happens, you must restart the server to reload all instances of the
driver that were loaded for another product in AUTOEXEC.NCF (without
INETCFG). However, the board loaded in AUTOEXEC.NCF will remain inoperable
until you restart the server or until you enter the LOAD command at the console
50

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
and reinitialize the system. To avoid this problem, use INETCFG to load both
drivers.
3 Press Esc to return to the Internetworking Configuration menu.
Deleting a LAN Board

1 Load INETCFG and then click Boards
2 Select the board you want to delete and press Del.
A message is displayed indicating that deleting the board also deletes all
existing binds to the board's interfaces.
3 When prompted, select Yes to delete the board.
The board is removed from the list of configured boards.

5 Reinitialize system for the changes to take place.
Enabling TCP/IP
1 Load INETCFG and then click Protocols.
2 Select TCP/IP from the list of protocols.
3 In the TCP/IP screen, enable or disable the following:
TCP/IP
IP Packet Forwarding
OSPF
LAN Static Routing
Dead Gateway Detection
SNMP Manager
DNS Resolver
Load Balancing
Fault Tolerance
Filter Support
NAT Implicit Filtering
Expert Configuration
Setting Up

103-000151-001
August 30, 2001
Novell Confidential
51
Manual
99a
38
July 17, 2001
You can further set the detailed configuration of each of the above fields.
For more information of how to configure TCP/IP, see chapter Chapter 3,
Setting Up, on page 47.
Binding Protocols
1 Load INETCFG and then click Binding.
2 Select a protocol.
Here you need to enter data in terms of Protocol, Interface/Group, Status

and Identifier. There might be instances when you need to enter data in
the screens still to come and that is reflected here.
3 Enter the relevant parameter information in the Binding TCP/IP to a LAN
interface screen and then click Configure TCP/IP Bind options.

4 Either set both the Group Interface for LB/FT and Set as Primary
Interface to Yes or set the first one to No.

Setting the first to No enables RIP Bind Options, OSPF Bind Options and
Expert TCP/IP Bind Options. Choose the relevant screen and enter the
data into it.
52

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
SET Parameters
This chapter discusses how to use SET parameters to change some of the
default parameters or enable/disable the various features provided in Novell
TCP/IP stack.
Configuration Using SET Options

The following SET options allow you to configure certain parameters from the
command line on the host. The SET options are entered at the server console
as commands, and the configuration changes made this way are applied to the
whole system rather than to an individual interface.
ARP Cache Stale Timeout

Syntax
set arp entry expiry time = n
Description:
Specifies a timeout period (in seconds) for a cache table entry

to be removed from the ARP cache table if the entry has not
been used for some time.
Range:
240 to 14400 (seconds)
Default:
300
SET Parameters

103-000151-001
August 30, 2001
Novell Confidential
53
Manual
99a
38
July 17, 2001
ARP Cache Update Timeout

Syntax:
set arp entry update time = n
Description:
Specifies a timeout period for a cache table entry to be

removed from the ARP cache table if the entry has not been
updated.
Range:
240 to 14400 (seconds)
Default:
300
BSD Socket Default Buffer Size

Syntax:
set bsd socket default buffer size in bytes = n
Description:
Sets the BSD Socket default send and receive buffer sizes.
Range:
4096 to 65536 (bytes)
Default:
32768
Discard Oversized Ping Packets

Syntax:
set discard oversized ping packets = string
Description:
Enable or disable discarding ping packets of size larger than

the current ping packet size that is set to be received.
Range:
On | Off
Default:
On (enabled)
Discard Oversized UDP Packets
54
Syntax:
set discard oversized udp packets = string
Description:
Enable or disable discarding UDP packets of size larger than

the current ping packet size that is set to be received.
Range:
On | Off
Default:
On (enabled)

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
IP Address Duplicates
Syntax:
set allow ip address duplicates = string
Description:
Binds the IP address even if it conflicts with another node in the

network. (TCP/IP normally will not allow you to bind IP
addresses that conflict with other nodes in the network.)
Range:
On | Off
Default:
Off (disabled)
Syntax:
set tcp large window option = string
Description:
Enable or disable the Large Window option.
Range:
On | Off
Default:
On (enabled)
Large Windows
Largest Ping Packet Size

Syntax:
set largest ping packet size = n
Description:
Set the size of the largest ping packet that can be received.
Range:
0 to 65535 (bytes)
Default:
10240
Largest UDP Packet Size

Syntax:
set large udp packet size = n
Description:
Set the size of the largest UDP packet that can be received.
Range:
0 to 65535 (bytes)
Default:
16384
SET Parameters

103-000151-001
August 30, 2001
Novell Confidential
55
Manual
99a
38
July 17, 2001
Maximum Packet Receive Buffers

Syntax:
set maximum packet receive buffers = string
Description:
Allocate the maximum packet receive buffers to the server.

This option can be set in the AUTOEXEC.NCF file. You can
also use this option to fine-tune the server when it is stressed.
Range:
50 to 3303820 (packets)
Default:
10000
HINT: If you want to see the current value, do not assign any variable to set the
parameter.
Maximum Pending TCP Connection Requests

Syntax:
set maximum pending tcp requests = n
Description:
Set the maximum number of pending TCP connections.
Range:
128 to 4096
Default:
128
Minimum Packet Receive Buffers

Syntax:
set minimum packet receive buffers = string
Description:
Allocate the minimum packet receive buffers to the server.

This option can be set in the AUTOEXEC.NCF file. You can
also use this option to fine-tune the server when it is stressed.
56
Range:
10 to 32768 (packets)
Default:
2000

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

Syntax:
set tcp path mtu black hole detection and recovery = string
Description:
Enable or disable the Path MTU Black Hole Detection and

Recovery option.
Range:
On | Off
Default:
Off (disabled)
Selective Acknowledgement
Syntax:
set tcp sack option = string
Description:
Enable or disable the SACK option.
Range:
On | Off
Default:
On (enabled)
TCP Diagnostic Services

Syntax:
set tcp diagnostic services = string
Description:
Enable or disable the echo, discard and chargen TCP

diagnostic services on the NetWare system.
Range:
On | Off
Default:
Off (disabled)
TCP Defend Fin Attacks

Syntax:
set maximum wait states = n
Description:
Enable or disable defense against Fin attacks.
Range:
1 to 100000
Default:
0 (disabled)
SET Parameters

103-000151-001
August 30, 2001
Novell Confidential
57
Manual
99a
38
July 17, 2001
TCP Defend Land Attacks

Syntax:
set tcp defend land attacks = string
Description:
Enable or disable defense against land attacks.
Range:
On | Off
Default:
On (enabled)
TCP Defend SYN Attacks

Syntax:
set tcp defend syn attacks = string
Description:
Enable or disable defense against SYN attacks.
Range:
On | Off
Default:
Off (disabled)
TCP IP Maximum Small ECBs

Syntax:
set tcp ip maximum small ecbs = string
Description:
Change the maximum number of small ECBs on the server.

You can also use this option to fine-tune the server when it is
stressed.
Range:
512 to 65534 (packets)
Default:
1024
Syntax:
set tos for ip packets = n
Description:
Specifies a TOS value for all the outgoing IP datagrams

through this interface.
TOS Value
Assign a value to set the TOS and the precedence bits of the
IP header for outgoing packets. To set only TOS bits, use a
value between 0 and 15. To set the TOS and the precedence
bits, use a value between 0 and 127.
58
Range:
0 to 127
Default:

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Protocols
The Novell TCP/IP software provides a set of configurable parameters with
which you can modify operational characteristics of the Internet Protocol (IP).
You can select its routing protocol and configure it to run over a LAN. In
NetWare 6, configuration over WAN connections is not supported.
To configure IP, you enable the protocol, set its parameters, and bind it to a
network interface. You configure all IP parameters from the Internetworking
Configuration utility (INETCFG).
To understand what decisions must be taken before you configure TCP/IP
beyond its most basic configuration, refer to Appendix A, Planning, on page
103.
NOTE: The configuration you specify with INETCFG does not take effect
automatically. To activate the configuration, save your changes and press Esc until
you see the Internetworking Configuration menu. You can then select Reinitialize
System > Yes to activate your changes.
The following are discussed in this chapter:

Configuring RIP on page 60
Configuring OSPF on page 63
Configuring Static Routes for LANs on page 69
Configuring Load Balancing on page 75
Configuring Fault Tolerance on page 75
Configuring Router Discovery on page 76
Configuring Type of Service (TOS) on page 77
Configuring ARP on page 78
Configuring Directed Broadcast Forwarding on page 81
Protocols

August 30, 2001
Novell Confidential
59
Manual
99a
38
July 17, 2001
Configuring Source Route Packet Forwarding on page 82

Configuring BOOTP Forwarding on page 82
Configuring EGP on page 83
Configuring Multiple Logical Interfaces on page 84
Configuring a Secondary IP Address on page 86
Configuring RIP
RIP is probably the most common IP routing protocol in use. It is widely
available and presents few obstacles to interoperability with other IP
internetworks, most notably the Internet.
RIP performs sufficiently well in small IP internetworks that have simple
architectures and few routers. However, RIP reveals its limitations in the large,
complex internetworks that have become common in government and privatesector organizations throughout the world. Its most apparent limitations are
the following:
All subnets must be contiguous
RIP routes are limited to 15 hops
To overcome or ease some of these limitations, the internetworking
community developed various enhancements to RIP. RIP II, for example, is an
enhanced version of RIP that supports variable-length subnet masks. It carries
a field that contains the subnet mask of the destination network. RIP II also
supports the use of subnet zero, whose addresses were reserved under the
original IP specification. When configuring RIP on your router, you can run
RIP I, RIP II, or both on a single interface.
NOTE: Not all third-party routers support RIP II.
You can also enable poison reverse on an interface. This is a mechanism that
causes RIP to advertise a route back through the same path from which it
learned the route, but with a hop count of 16that is, unreachable. Although
poison reverse prevents routing loops, the unreachable routes carried in each
RIP packet increase the bandwidth consumed by RIP traffic. This increase
becomes significant in large internetworks.
RIP enables you to assign a cost value between 1 and 15 to each network
interface you configure. This enables you to establish a preferred route
according to the type of network media connected to the interface. For
60

August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
example, you might want to increase the cost of an interface that uses a slow
link so that, given the choice, RIP uses the interface to a faster, less costly link.
The default cost for each interface is 1. Do not increase this value on an
interface unless you want to discourage its use as an eligible routing path.
When choosing an IP routing protocol, consider the following guidelines:
If the IP internetwork is small and uses no routing protocol besides RIP,
continue using RIP.
To configure RIP on the router, see Configuring RIP on page 60.
However, if the network will continue to grow and perhaps become part
of a larger IP internetwork, you should consider migrating the network
from RIP to OSPF.
If the internetwork uses variable-length subnets or has third-party routers
that support RIP II, use RIP II or OSPF.
To configure RIP II, see Configuring RIP on page 60. To configure
OSPF, see Configuring OSPF on page 63.
If the internetwork has some third-party routers that support RIP II and
others that do not, use RIP I and RIP II.
For instructions on enabling RIP I and RIP II simultaneously on a
network interface, see Configuring RIP on page 60.
If you are currently building a large IP internetwork, use OSPF.
You can also run RIP and OSPF concurrently; for more information, see
Configuring OSPF on page 63.
To enable RIP routing on the router and to configure RIP on a network
interface, do the following:
1 Load INETCFG and then select Protocols > TCP/IP
2 Make sure RIP routing is enabled globally by setting the RIP field to
Enabled.
This is the default setting.
If you want to disable RIP routing on a single interface, set the Status
parameter in the RIP bind options to Disabled. This action is described in
Step 3.
3 Press Esc twice to return to the Internetworking Configuration menu and
then select Bindings > an existing binding > RIP Bind Options.
Configure the following parameters:
Protocols

August 30, 2001
Novell Confidential
61
Manual
99a
38
July 17, 2001
StatusStatus of RIP routing on this interface. RIP routing is

enabled by default; to disable RIP routing only on this interface,
select this parameter, then select Disabled.
RIP VersionVersion of RIP to use on this interface. Select one of

the following options:
RIP IStandard version of RIP used by most IP routers and end
nodes. This is the default option.
RIP I & RIP IIBoth versions of RIP. Select this option if your
internetwork has nodes that support both RIP I and RIP II.
RIP IIEnhanced version of RIP that supports variable-length
subnet masks.
RIP ModeMode of the RIP version you selected in RIP Version.

NormalCauses the router to send and accept RIP packets, RIP I,
RIP II, or both.
Receive OnlyCauses the router to only receive RIP packets.
Send OnlyCauses the router to broadcast, in RIP packets, only the
entries in its own routing table.
Some end nodes learn routes only by listening to RIP, even if portions
of the internetwork run OSPF. Select Send Only if you want the
router to broadcast the OSPF routes in its RIP I packets so that every
end node can learn all available routes.
The RIP Bind Options menu also includes the following parameters:
Cost of Interface
Originate Default Route
Poison Reverse
Split Horizon
Update Time
Expire Time
Garbage Time
RIP II Options
IMPORTANT: Because the default settings for these parameters are suitable for
most IP networks, you should change them only for a specific purpose. Incorrectly
62

August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
configuring these parameters can increase routing traffic or cause loss of

connectivity on your network.
4 Press Esc until you are prompted to save your changes, and then select
Yes.
6 If you want these changes to take effect immediately, select Reinitialize
System > Yes to activate your changes.
Configuring OSPF
OSPF was developed to satisfy the need for a scalable, open-standards routing
protocol for large IP internetworks. It is a link state protocol that provides
highly efficient routing and fast convergence.
OSPF makes large internetworks more manageable by enabling you to
partition them into administrative domains called areas. Areas impose a
hierarchy to the internetwork. All OSPF areas are connected to a central
backbone area by an Area Border Router (ABR). The ABR shares OSPF
routing information between the area and the backbone.
When configuring an OSPF area, you assign to it a 4-byte decimal number
called the Area ID. You also indicate which of the router's network interfaces
belong to the area and whether the area is a stub area.
Novell TCP/IP supports the use of virtual links between OSPF routers. A
virtual link patches together a partitioned backbone. It creates a direct pointto-point link between the ABRs that connect the partitioned backbone areas
through the transit area.
Most IP internetworks in use today are not pure OSPF networks; that is,
portions of these internetworks still employ other routing protocols, such as
RIP. OSPF uses an Autonomous System Boundary Router (ASBR) to import
and propagate routing information from these protocols. ASBRs are always
located on the border of an OSPF domain. When configuring OSPF, you can
enable your router to operate as an ASBR. For an ASBR to import RIP routes
learned through an interface, RIP must be enabled on that interface.
Each OSPF router has its own Router ID, a 4-byte number that uniquely
identifies the router and enables it to participate in informational exchanges
with neighboring routers. The default Router ID is the IP address of the first
interface bound to IP on the router. Although INETCFG enables you to change
Protocols

August 30, 2001
Novell Confidential
63
Manual
99a
38
July 17, 2001
the Router ID, you should use the default unless you need a simpler numbering
scheme for administrating several hundred routers on an internetwork.
HINT: If you are using an unnumbered point-to-point interface, we recommend
that you configure a unique router ID.
Optionally, OSPF can be configured to authenticate its packets by providing

an authentication key an 8-byte, alphanumeric passwordin each OSPF
packet header. OSPF authentication gives you administrative control over
which routers participate in link state exchanges on the internetwork. A router
without proper authentication is excluded from these exchanges and,
essentially, from performing any OSPF routing whatsoever. Novell TCP/IP
enables you to provide authentication for an area and to provide an
authentication key for each network to which the router is connected. By
default, authentication is turned off.
OSPF enables you to assign a cost value to each network interface you
configure. This enables you to establish a preferred route according to the type
of network media connected to the interface. For example, you might want to
increase the cost of an interface that uses a slow link so that, given the choice,
OSPF uses the interface to a faster, less costly link.
Like RIP, OSPF can run over most WAN connections, depending on which
call type you use. On-demand calls, for example, typically use static routes
instead of an active routing protocol.
IMPORTANT: An active routing protocol, such as OSPF, should not be used on
an on-demand link because it will periodically bring up the link and will cause the
link to continue to stay up.
Permanent calls on an IP network typically use a routing protocol, such as

OSPF or RIP, to communicate routing information. However, they can also
use static routes to conserve bandwidth. OSPF can also run over a
nonbroadcast multiaccess network, such as X.25 or frame relay, but you must
provide the IP address of the peer OSPF router at the other end of each
connection.
HINT: Novell TCP/IP enables you to run OSPF and RIP on the same router, but
under normal circumstances, you should run them separately on different

interfaces. Although an ASBR must run both protocols so that it can import RIP
routes and propagate them to other OSPF routers, you should not run both on too
many other routers in your OSPF domain. Doing so consumes additional network
bandwidth and router memory, and might even create routing loops.
The extent to which you must configure OSPF depends on the characteristics
of your network, such as its size and topology, and whether it uses other IP
64

August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
routing protocols besides OSPF. To help you configure only what is necessary,
this section provides the following procedures:
Basic OSPF configuration
Advanced OSPF configuration
Basic OSPF Configuration

To enable OSPF routing on the router and to configure OSPF on a network
interface, do the following:
1 Load INETCFG and then select Protocols > TCP/IP
2 Select the OSPF field and then Enabled.
This action enables OSPF routing globally on the router. If you want to
disable OSPF routing on a single interface, set the Status parameter to
Disabled as described in Step 3.
3 Press Esc repeatedly to return to the Internetworking Configuration menu
and then select Bindings > an existing binding > OSPF Bind Options.
The Status field indicates whether OSPF routing is active on this
interface. OSPF routing is enabled by default; to disable OSPF routing
only on this interface, select Status, then select Disabled.
The OSPF Bind Options menu also includes the following parameters:
Cost of Interface
Area ID
Priority
Authentication Password
Hello Interval
Router Dead Interval
Neighbor List
most IP networks, you should change them only for a specific purpose.
Misconfiguring these parameters can increase routing traffic or cause loss of
4 Press Esc until you return to the Internetworking Configuration menu.
Select Yes if you are prompted to save your changes.
Protocols

August 30, 2001
Novell Confidential
65
Manual
99a
38
July 17, 2001
System > Yes.
Advanced OSPF Configuration

To configure advanced OSPF features, do the following:
1 Load INETCFG and then select Protocols > TCP/IP.
2 Select OSPF Configuration.
The OSPF Configuration menu is displayed and includes the following

parameters:
Router ID
Virtual Link Configuration
IP Load Sharing
IMPORTANT: Most network configurations do not require you to change these
parameters.
3 To configure an ASBR, select Autonomous System Boundary Router >
Enabled.
Enabling this parameter enables the router to operate as an ASBR. In this
capacity, the router advertises non-OSPF routes, such as those generated
by RIP and EGP. In addition, static routes and direct routes to the OSPF
domain are advertised. This is necessary to preserve connectivity
throughout an internetwork that uses routing protocols other than OSPF.
This parameter should be configured only on routers that connect an
OSPF area to an area that uses a different routing protocol.
Do not enable this parameter on an internetwork that uses only OSPF.
Doing so causes unwanted traffic on the route.
4 To configure an OSPF area, select Area Configuration and continue with
Step 5. Otherwise, go to Step 11.

The OSPF Areas menu is displayed.
This menu lists the IDs of all areas to which the router belongs. If you
have not configured an OSPF area on this router, the only area listed is
0.0.0.0, the backbone area.
5 Select an existing area or press Ins to create a new area.
6 Configure the following area parameters:
66

August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Area IDFour-byte decimal number that identifies the area. For

example, a valid Area ID is 85.8.0.11. However, the Area ID does not
have to be an IP address. You can enter any number, but it must be in
the format of an IP address. If you enter a hexadecimal number,
INETCFG converts it to decimal.
For the router to belong to an area, the Area ID that identifies that
area must be assigned to at least one of the router's interfaces. You
assign an Area ID to an interface in Step 8.
AuthenticationSwitch that enables or disables authentication for

the area.
If you enable authentication on this router, you must enable
authentication on all other routers in the area. Also, all interfaces
belonging to that area must have an authentication key. You provide
the authentication key in Step 8.
Route AggregationNetwork number of a group of networks that is

aggregated into one network number. Press Ins to assign the Network
and Mask values of this network number. Because supernetting is not
supported, the aggregated network must be the same length as the
natural mask of the network class.
Area TypeType of OSPF area, which can be Normal or Stub. All

routers in the same area must agree on the area type.
NOTE: The backbone area (0.0.0.0) cannot be a stub area.
Stub CostCost of the default route advertised to the stub area. This
parameter is used only if the Area Type is set to Stub.
Yes.
8 Press Esc until you return to the Internetworking Configuration menu,
then select Bindings > an existing binding > OSPF Bind Options.
9 If you are configuring an OSPF area, configure the following area
parameters:
Area IDID of the area to which this interface belongs. Press Enter
to determine the list of available areas. Use the Up-arrow and Downarrow keys to select an area, and then press Enter to select it.
Authentication PasswordEight-byte password that authenticates

the router's OSPF packets to the area to which this interface belongs.
Valid characters are 0 to 9, A to Z, a to z, underscore, and dash.
Protocols

August 30, 2001
Novell Confidential
67
Manual
99a
38
July 17, 2001
This parameter is required only if you enabled the Authentication

parameter for the area you select, as described in Step 6 on page 66.
IMPORTANT: Not all interfaces within the same area are required to have
the same authentication key; however, all interfaces connected to the same
network must have the same authentication key.
Yes.
System > Yes.
Configuring Load Sharing over Equal-Cost OSPF Routes

IP maintains multiple equal-cost OSPF routes. Load sharing enables a router
to divide traffic over equal-cost routes. The router can have several next hops
available toward any destination. With this configuration, the router can
divide the traffic among the various equal-cost routes to the destination. As a
result, load sharing increases the effective bandwidth of an end-to-end path. In
addition, it can improve the traffic distribution on an internetwork.
NOTE: Load sharing is performed only on equal-cost routes learned from OSPF.
You enable load sharing within OSPF. IP maintains a maximum of four equalcost routes to each destination network. The OSPF equal-cost routes are
maintained internally and are not displayed in TCPCON.
IMPORTANT: Because OSPF networks tend to be large and complex, we
recommend that you do not manually adjust the cost of the interface to create
equal-cost routes. It is best to let OSPF automatically determine the equal-cost
routes to the destination network.
To configure load sharing on the router do the following:

1 Load INETCFG, and then select Protocols > TCP/IP.
2 Select OSPF > Enabled.
3 Select OSPF Configuration.
4 Select IP Load Sharing > Enabled.
Yes.
68

August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
System > Yes.
Configuring Static Routes for LANs

Static routes are useful if you want to do any of the following on your network:
Eliminate routing traffic, which increases the bandwidth available for
data.
Limit user access to one portion of the network. For example, if a static
route for a network is configured on a router, any packets that are received
by the router are forwarded only to the destination network specified by
that static route.
Gain access to isolated areas of the network, which is useful if dealing
with legacy network topologies.
Gain access to a network more than 15 hops away.
Use a static route as a backup route to dynamic routes.
HINT: Use this procedure to configure static routes when the next hop router is on
the same LAN as the router you are configuring.
How to Configure a LAN Static Route

To configure a static route for a LAN do the following:
1 Load INETCFG, and then select Protocols > TCP/IP
2 Configure the following static route parameters:
LAN Static RoutingEnables LAN static routing on the router.

Select this field, and then select Enabled.
LAN Static Routing TableEntry point to the LAN static route

configuration parameters.
Press Ins and configure the following parameters:
Route TypeSelect Network or Host if you want the destination at
the other end of the static route to be a single IP host or an IP network
(that is, a group of hosts). Or, you can select Default Route. If the
router must forward a packet for which it can find no destination in
its routing table, it sends the packet to the address specified by the
next hop for the default route. This type of blind forwarding keeps a
Protocols

August 30, 2001
Novell Confidential
69
Manual
99a
38
July 17, 2001
packet on the network until a router can forward it to its final

destination.
IP Address of Network/HostEnter the address of the destination
network or host. To select from a list of symbolic network or host
names and addresses, press Ins. The list of symbolic network names
and addresses comes from the SYS:\ETC\NETWORKS file. The list
of symbolic host names and addresses comes from the
SYS:\ETC\HOSTS file.
Subnetwork MaskIf the destination is an IP network, the subnet
mask of that network.
Next Hop Router on RouteExplicit destination of the next hop.
Enter the IP address of the next-hop router. To select from a list of
symbolic hostnames and addresses, press Ins.
Metric for This RouteNumber of hops to the destination. This
metric is directly proportional to the cost of the route. Given two
routes to the same destination, the router chooses the lower-cost
route.
If you want to use the static route as a backup route to a dynamic
route, select a value that is higher than the cost associated with the
dynamic route. This selection ensures that the dynamic route remains
the preferred route under typical conditions.
Do not set this metric value to 16 unless you want to disable the
route.
Type of RouteSpecify whether the static route is active or passive.
This parameter specifies whether the next hop router for this route
actively advertises the route to this network.
Usually, static routes are not advertised and are categorized as
passive routes. When a route is marked as active, TCP/IP expects the
next hop router to advertise the route regularly. If a router stops
advertising an active route, TCP/IP assumes the route is no longer
available and deletes it from the routing table.
If the static route is active and the router discovers a lower-cost
dynamic route to the same destination, it uses the lower-cost route
instead of the active static route. If the lower-cost route becomes
unavailable, the router returns to using the active static route.
3 Press Esc twice, and then select Yes to save your changes.
70

August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
4 Optional: Disable the routing protocol on this interface to reduce routing
traffic.
4a Select Bindings > an existing binding.
4b Select RIP Bind Options > Status > Disabled
4c Press Esc and then select OSPF Bind Options > Status > Disabled
4d If your router has multiple interfaces and you want to disable them,
repeat these steps for each interface.

Yes.
System > Yes.
Configuring a Default Gateway (LAN Static Route)

You can configure multiple default gateways and provide a fault tolerant
solution on your network. When the Dead Gateway Detection feature is
enabled and a default gateway goes off-line, the Multiple Default Gateway list
is used to switch to the next preferred default gateway, thereby reducing the
downtime of your network.
To configure the Dead Gateway Detection, see Configuring Dead Gateway
Detection on page 74. The various ways of configuring multiple default
gateways are explained below. The implications of using different methods for
configuring multiple default gateways are also given in Table 3 on page 73.
Using INETCFG to Add a Default Gateway
To configure multiple default gateways using Internetworking Configuration,

see How to Configure a LAN Static Route on page 69.
Using BIND to Add a Default Gateway
To add a new default gateway using BIND, enter the following command at
the server prompt:
bind ip board name addr=x.x.x.x mask=x.x.x.x
gate=x.x.x.x cost=n
Protocols

August 30, 2001
Novell Confidential
71
Manual
99a
38
July 17, 2001
board name is the name of the interface board that you assigning as the default
gateway. addr is the IP address of the board. mask is the subnet mask address
associated with the IP address of the board. gate is the IP address of the
gateway, and cost is the value associated with the gateway and is also the
primary routing metric for this gateway.
Using TCPCON to Add a Default Gateway
1 Load TCPCON and then select IP Routing Protocol.
2 Select Proceed, press Ins, and configure the following parameters:
DestinationPress Ins to display a list of symbolic network names from

the SYS:\ETC\NETWORKS file. Select Default here.
Next HopEnter the IP address of the gateway.
InterfaceEnter the interface index value through which the next hop of
this gateway should be reached.
CostEnter the primary routing metric for this gateway.
Yes to return to the IP Routing Table screen.

Configuring RIP to Add a Default Gateway
1 Load INETCFG and then select Bindings > an existing TCP/IP binding >
RIP Bind Options.

2 Select Originate Default Route and enable this option.
Yes.
System > Yes.

These advertisements from the router are picked up and used by an end node
to add a default gateway on it. This is possible only when RIP is enabled on
the end node.
Configuring Router Discovery to Add a Default Gateway
You can configure Router discovery options on a system to add a default

gateway. These systems advertise themselves as a gateway and answer queries
72

August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
from end nodes. End nodes use it to locate a gateway on their network. To
configure Router Discovery, see Configuring Router Discovery on page 76.
Comparing Different Default Gateway Configuration Methods

The table below explains the implications of using different methods for
configuring multiple default gateways and describes the priorities associated
with each method.
Table 3
Comparison of Default Gateway Configuration Methods
Metric or Cost Assigned to Default Gateway

Configuration
Method Used to Add
Multiple Default
Better Than the Cost of
Equal to the Cost of Current Worse Than the Cost of
Gateways
Current Default Gateway
Default Gateway
Current Default Gateway
Using INETCFG to Will be added to the

Add a Default
Default Gateway list and
Gateway (page 71) will be made the default
gateway.
Will not be made the

default gateway, but entry
will be added to the
Default Gateway list.

Using BIND to Add

a Default Gateway
(page 71)


Using TCPCON to Will be added to the

Add a Default
gateway.
Will be added to the

will be made the default
gateway.
Will not be added to the

will not be made the
default gateway.
Configuring RIP to Will be added to the

Add a Default
gateway.

default gateway.

default gateway.
Configuring Router
Discovery to Add a
Default Gateway
(page 72)
Has the least priority. Will

be added to the Default
Gateway list but will not be
made the default gateway
until the default gateways
added through INETCFG,
TCPCON, BIND, or RIP
are absent.

are absent.
Will be added to the

will be made the default
gateway.

are absent.
Protocols

August 30, 2001
Novell Confidential
73
Manual
99a
38
July 17, 2001
Enabling Dead Gateway Detection

1 Load INETCFG and then select Protocols > TCP/IP.
2 Select Dead Gateway Detection > Enabled.
Yes.
System > Yes.
Configuring Dead Gateway Detection

You can fine-tune the performance of the Dead Gateway Detection feature.
Probe Interval is the time (in seconds) at which probes would be sent to the
default gateway to determine whether it is functional or not.
The valid range of values for Probe Timeout is from 10 to 1800 seconds.
Default value is 30 seconds.
Probe Timeout is the time interval (in seconds) after which the next probe is
sent to the default gateway, when there is no reply received by the gateway for
the previously sent probe.
The valid range of Probe Timeout values is from 1 to 20 seconds. Default
value is 2 seconds.
Configuring Probe Interval
1 Load INETCFG and then select Protocols > TCP/IP > Dead Gateway
Detection Configuration.
2 Select Probe Interval and then enter a value in seconds.
Yes.
System > Yes.
74

August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Configuring Probe Timeout

1 Load INETCFG and then select Protocols > TCP/IP > Dead Gateway
Detection Configuration.
2 Select Probe Timeout and then enter a value in seconds.
Yes.
System > Yes.
Configuring Load Balancing

Before you configure load balancing check whether you have bound the
desired NIC. If not, go to Binding Protocols on page 52 to do so.
1 Load INETCFG and select Protocols.
2 Select TCP/IP from the list of Protocols.
3 Select Load Balancing and enable it.
This switch is for the complete system. You still have to configure load
balancing on your network.
4 Select Load Balancing Configuration.
5 Configure Load Balancing Interval and Configure Individual Groups.
6 In Configure Individual Groups, select the network listed and enable load
balancing.
Configuring Fault Tolerance

Before you configure fault tolerance check whether you have bound the
desired NIC. If not, go to Binding Protocols on page 52 to do so.
1 Load INETCFG and select Protocols.
2 Select TCP/IP from the list of Protocols.
3 Select Fault Tolerance and enable it.
This switch is for the complete system. You still have to configure fault
tolerance on your network.
Protocols

August 30, 2001
Novell Confidential
75
Manual
99a
38
July 17, 2001
4 Select Fault Tolerance Configuration.

5 Configure Fault Detection Interval, Minimum Error Level and Configure
Individual Groups.
6 In the Configure Individual Groups, select the network listed and enable
fault tolerance.
Configuring Router Discovery

Both IP routers and end nodes can use the ICMP Router Discovery Protocol.
Routers use it to advertise themselves as an IP router and to answer queries
from end nodes. End nodes use it to locate an IP router on their network. Your
system acts as a router when Packet Forwarding is enabled for IP and acts as
an end node when Packet Forwarding is disabled for IP.
NOTE: For an end node to locate an IP router by this method, it must also support
the ICMP Router Discovery Protocol.

To configure router discovery on an interface do the following:
1 Load INETCFG and then select Bindings > an existing binding > Expert
TCP/IP Bind Options > Router Discovery Options.

2 Select the Status field > Enabled.
3 Select Destination Address.
This is the method by which the IP router or end node sends router
discovery packets.
4 Select one of the following options:
BroadcastSends the packets to all nodes on the network.
Router Discovery MulticastSends the packets to an IP multicast

address used specifically for router discovery exchanges. The
packets are received only by nodes that understand this multicast
address.
Yes.
System > Yes.
76

August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Configuring Type of Service (TOS)

Using TOS, you can set the type of service for the IP data packets going out
through an interface over a network.
Assign a value to set the TOS and the precedence bits of the IP header for
outgoing packets. To set only TOS bits, use a value between 0 and 15. To set
TOS and precedence bits, use a value between 0 and 127.
The valid range of values for TOS is from 0 to 127. Default value is 0, which
indicates normal TOS. The four TOS bits are minimize delay (0x10),
maximize throughput (0x08), maximize reliability (0x04), and minimize
monetary cost (0x02).
This value is set only if TOS is enabled for this interface, otherwise, the TOS
value set using SET options will be used. To see how to use SET options, see
Configuration Using SET Options on page 53.
NOTE: The TOS value for outgoing IP datagrams can be set by an application
using the WINSOCK API SetSockOpt. The value set by an API takes the highest
preference followed by the value set using the method shown in Assigning a TOS
Value on page 77, and then the value set using SET options.
Enabling TOS
TCP/IP Bind Options.

2 Select TOS, then select Enabled.
Yes.
System > Yes.
Assigning a TOS Value

TCP/IP Bind Options.

2 Select TOS Value and then enter a value.
Yes.
Protocols

August 30, 2001
Novell Confidential
77
Manual
99a
38
July 17, 2001

System > Yes.
Configuring ARP
IP routers and end nodes use ARP to determine the physical address of a node
to which they want to send a packet. ARP is enabled by default. For one node
to send a packet to another, the sending node must know the physical address
of the destination node. The sending node, knowing only the destination IP
address, first checks its ARP table for an entry that maps the destination IP
address to the destination physical address. If the sending node finds the entry,
it inserts the physical address into the packet and sends it. If the sending node
does not find the entry in its ARP table, it broadcasts an ARP address request
to the network. The destination node replies to the request with its own
physical address, which the sending node uses to send the packet and adds to
its ARP table for future use.
ARP Cache Update Timeout is the time period (in seconds) for an entry to be
removed from the ARP table, if the entry has not been updated. This value can
be set only for a primary interface, and if ARP Timer is enabled. ARP Timer
is disabled by default. For best performance, set the ARP Cache Update
timeout value to be greater than or equal to the value of ARP Cache Stale
Timeout.
The valid range of values for ARP Cache Update Timeout is from 240 to
14400 seconds. Default value is 300 seconds.
ARP Cache Stale Timeout is the time period (in seconds) for an entry to be
removed from the ARP table, if the entry has not been used for some time. If
multihoming is enabled then we can set this value for a primary IP interface if
they are grouped for load balancing and fault tolerance. In all other cases this
can be set on all IP interfaces. ARP Timer is disabled by default. For best
performance, set the ARP Cache Stale Timeout value to be lesser than or equal
to the value of ARP Cache Update Timeout.
The valid range of values for ARP Cache Stale Timeout is from 240 to 14400
seconds. Default value is 300 seconds.
An IP router uses Proxy ARP when devices attached to one of its interfaces do
not support IP subnetting and are unaware that they must go through the router
to reach devices on other subnets of the same IP network. A router using Proxy
ARP replies to ARP requests intended for devices on other subnets, but does
78

August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
so only if the device is reachable through the router. To determine whether the
device is reachable, the router examines its own routing table.
Proxy ARP is required on the parent network of a stub subnet. The parent
network has an IP address range that includes the IP address range of the stub
subnet. The router responds to ARP requests sent on the parent network on
behalf of devices on the stub subnet.
When both the parent and stub subnet are bound to IP interfaces, the router can
detect the parent/stub subnet and automatically enable Proxy ARP for the
appropriate interfaces. Even if Proxy ARP is not required, and not
automatically enabled, you can still force it to be enabled with the Force Proxy
ARP parameter.
You must enable Force Proxy ARP on each LAN interface on which the router
must reply to ARP requests for destinations it can reach. Force Proxy ARP is
disabled on each interface by default.
Disabling ARP on page 79
Enabling Proxy ARP on page 80
Enabling ARP Timer on page 80
Configuring ARP Cache Update Timeout on page 80
Configuring ARP Cache Stale Timeout on page 81
Disabling ARP
TCP/IP Bind Options > ARP Options.

2 Select Use of ARP > Disabled.
Yes.
System > Yes.
Protocols

August 30, 2001
Novell Confidential
79
Manual
99a
38
July 17, 2001
Enabling Proxy ARP


2 Select Force Proxy ARP > Enabled.
Yes.
System > Yes.
Enabling ARP Timer


2 Select ARP Timer and then select Enabled.
Yes.
System > Yes.
Configuring ARP Cache Update Timeout


2 Select ARP Cache Update Timeout and then enter a value in seconds.
Yes.
System > Yes.
80

August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Configuring ARP Cache Stale Timeout


2 Select ARP Cache Stale Timeout, then enter a value in seconds.
3 Press Esc until you are prompted to save your changes, then select Yes.
System and select Yes to activate your changes.
Configuring Directed Broadcast Forwarding

A directed broadcast is a broadcast intended for all nodes on a nonlocal
network. For example, the broadcast address 255.255.255.255 reaches all
nodes on a network; the directed broadcast address 128.1.255.255 is intended
for all nodes whose network address is 128.1.0.0. A router not directly
attached to 128.1.0.0 simply forwards the directed broadcast packet to the next
hop. A router on network 128.1.0.0if it has directed broadcast forwarding
enabledaccepts and forwards the packet to all nodes whose network address
is 128.1.0.0. Routers connecting subnets of 128.1.0.0 also accept and forward
the packet to the nodes on their respective subnets.
IMPORTANT: For all nodes on network 128.1.0.0 to receive the directed
broadcast, each router attached to network 128.1.0.0 must have Directed
Broadcast Forwarding enabled.
Enabling Directed Broadcast Forwarding

1 Load INETCFG and then select Protocols > TCP/IP > Expert
Configuration Options.
2 Select Directed Broadcast Forwarding > Enabled.
Yes.
System > Yes.
Protocols

August 30, 2001
Novell Confidential
81
Manual
99a
38
July 17, 2001
Configuring Source Route Packet Forwarding

Source route packets enable you to determine the route a packet takes to reach
its destination. This feature is disabled by default.
2 Select Forward Source Route Packets. Enabled to permit forwarding IP
source route packets.

Yes.
System > Yes.
Configuring BOOTP Forwarding

BOOTP is a protocol that enables end nodes to receive their IP addresses from
a BOOTP server at startup time. If your internetwork has a BOOTP or DHCP
server, you can configure your IP router to accept and forward BOOTP or
DHCP requests to that server.
Configuration Options > BootP Forwarding Configuration.

2 Select BootP Server List and then press Ins.
3 Enter the IP address of the BOOTP or DHCP server at the prompt, or
press Ins to display a list of symbolic hostnames and addresses from the
SYS:\ETC\HOSTS file.
The server address appears in the BOOTP Servers screen.
4 Press Esc.
5 Select BootP Packet Forwarding > Enabled.
6 If you want to record the activity of the BOOTP forwarder, select Log
Operation and then select one of the following options:
82
Log to BootP ScreenLogs BOOTP activity to the BOOTP screen.

This is a separate screen that you can select and monitor from the
NetWare console. The information logged to this screen is not saved
to a file.

August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Log to FileLogs BOOTP activity to the SYS:\ETC\BOOTP.LOG

file by default. To use a different file, type its full path name in the
Log File field.
7 If you do not want to record the activity of the BOOTP forwarder, select
Do Not Log.
Yes.
System > Yes.
Configuring EGP
The Exterior Gateway Protocol (EGP) is an exterior routing protocol that is
supported by the TCP/IP software. Exterior routing protocols exchange
information between different Autonomous Systems (ASs). The local EGP
gets the information about its own AS from the local Interior Gateway
Protocols (IGPs). Usually, exterior routing protocols are used only when
different companies or commercial services are being connected.
The information EGP receives from the IGP must be explicitly configured.
The exterior routing protocol shares only the information specified in the
outgoing route filters. This is desirable because you generally want to limit the
information exchanged between different ASs.
To configure EGP do the following:
2 Select EGP > Enabled.
3 Select EGP Configuration and configure the following parameters:
Autonomous SystemEnter the autonomous system number. It

identifies the autonomous system to which the router belongs. The
router establishes an EGP neighbor relationship with routers in other
autonomous systems.
Maximum Neighbors to AcquireEnter the maximum number of

concurrent EGP neighbors with which this router can exchange EGP
network reachability information.
Protocols

August 30, 2001
Novell Confidential
83
Manual
99a
38
July 17, 2001
Neighbor ListSelect this field to add, modify, or delete EGP

neighbors. This router attempts to establish a relationship with the
configured EGP neighbors to exchange network reachability
information. Press Ins. Configure the following parameters:
Neighbor's AddressPress Ins to display a list of symbolic
hostnames from the SYS:\ETC\HOSTS file. Select a host here or
enter the address.
Neighbor's Autonomous SystemEnter the number of the
autonomous system to which this EGP neighbor belongs. The router
is able to be a neighbor with the EGP peer only when the router and
the EGP peer are in different autonomous systems.
Yes.
System > Yes.
Configuring Multiple Logical Interfaces

Novell TCP/IP allows you to bind more than one IP network to a LAN board.
The networks can operate as separate logical interfaces. The ability to
configure multiple logical interfaces simplifies the task of managing a
growing network in the following ways:
You can merge network when a there is a router failure.
For a description, see Merging Two Networks When the Connecting
Router Fails on page 85.
You can move hosts from one IP network to another without losing
connectivity.
For a description, see Reassigning IP Addresses on page 86.
You can add new nodes to a nearly full subnet.
For a description, see Adding New Nodes to a Full Subnet on page 86.
To attach more than one IP network to a LAN board, bind IP to the board as
many times as necessary; then supply a different IP address for each network.
Configuring multiple logical interfaces is different from multihoming, which
enables you to bind multiple addresses belonging to the same IP network to
84

August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
the same interface or different interfaces. To configure multihoming, see

Configuring a Secondary IP Address on page 86.
Merging Two Networks When the Connecting Router Fails

Suppose a router that connects IP networks 130.81.0.0 and 167.10.0.0 fails.
For simplicity, assume that the physical medium is Ethernet. If the router
cannot be repaired quickly, you can temporarily fix the problem by completing
1 Join the two networks into a single network segment using a barrel
connector, a repeater, or other appropriate means.

2 Find a system operating Novell TCP/IP connected to the joined network.
3 Load INETCFG and select Protocols > TCP/IP.
4 Set IP Packet Forwarding to Enabled ("Router").
Yes.
7 Select Bindings and then bind IP to the joined network twice.
7a Select an existing binding to an interface connected to the joined
network.
7b Set Local IP Address to an available host address on the first
network. In this example, enter an available host address on the

130.81.0.0 network.
7c Press Esc and then save your change when prompted.
7d Press Ins to create a new binding and select the same interface
connected to the joined network.

7e Set Local IP Address to an available host address on the second
network. In this example, enter an available host address on the

167.10.0.0 network.
Yes.
System > Yes.
Protocols

August 30, 2001
Novell Confidential
85
Manual
99a
38
July 17, 2001
Reassigning IP Addresses
Suppose you must change network number 89 to 130.57. If the system does
not have multiple logical interfaces, you must change all IP addresses on
network 89 at the same time or lose connectivity to any host that did not have
its address changed.
With multiple logical interfaces, you can assign the new IP addresses
gradually. Networks 89 and 130.57 can coexist on the same network segment
until the transition is complete. The router interfaces, attached to both logical
networks, forward packets for each network and route packets between the
two.
Adding New Nodes to a Full Subnet

Suppose you want to add several new nodes to a subnet that has no more
available IP addresses. Assume that the network has enough free connectors
available to physically attach the nodes.
First, you assign a new subnet number to the cable so that both subnets share
the cable. Then to add new nodes, you bind their IP address to the new logical
subnet. The router whose interface is bound to both subnet addresses provides
connectivity between the two subnets and to the rest of the internetwork.
Configuring a Secondary IP Address

A secondary IP address can be configured on the same interface that has the
primary IP address.
When multiple interfaces exist, the secondary address is associated with the
interface that is bound to an address that is on the same network. If there are
more than one interface on the same network, then you can select the interface
to add the secondary IP address. If the secondary address is not valid on any
of the networks bound to existing interfaces, the address is rejected and an
error message is produced.
To configure a secondary IP addresses, do the following:
1 Add a secondary IP address by entering the following at the command
prompt:
add secondary IPAddress x.x.x.x noarp prompt
86

August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Noarp is used to add the secondary IP address as the non-ARPable one.

If you dont use noarp, it will be added as ARPable. Prompt allows you
to select from the available interfaces. If you dont use prompt, it will be
added to the first bound interface of the same network.
2 Delete the secondary IP address by entering the following command:
del secondary IPAddress x.x.x.x

3 Display the secondary IP addresses by entering the following command:
display secondary IPAddress
Protocols

August 30, 2001
Novell Confidential
87
Manual
88

August 30, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
Managing
This chapter describes the diagnostic utilities used to manage the Novell
TCP/IP software. These utilities enable you to manage, optimize, and
troubleshoot the product and its connections. The following topics are
discussed here:
Using the TCPCON Utility on page 89
Viewing TCP/IP Configuration Information on page 90
Determining Whether a Remote TCP/IP Node Is Reachable on page 91
Monitoring Error Counters on page 91
Monitoring TCP/IP Information on page 92
Using the TCPCON Utility

TCPCON is an NLMTM utility that provides access to statistics and
information about the status of various components of the TCP/IP protocol
suite. TCPCON uses SNMP to access this information from any local or
remote system on the network. TCPCON operates over TCP/IP and IPXTM
networks.
To launch TCPCON, enter LOAD TCPCON at the system console prompt.
To monitor a remote system, select SNMP Access Configuration, change the
Transport Protocol option to TCP/IP, and set the Host option to the IP address
of the remote host you want to monitor. Press Esc to exit and save the options.
If details from that remote host are displayed, there is a bidirectional route
available.
Managing

103-000151-001
August 30, 2001
Novell Confidential
89
Manual
99a
38
July 17, 2001
You can use TCPCON to perform the following tasks:

Monitor activity in the TCP/IP network segments of your internetwork
Display configuration information and statistics about the following
TCP/IP protocolsIP, ICMP, UDP, TCP, OSPF, and EGP
Display the IP routes currently known to a TCP/IP node
Display the network interfaces supported by a TCP/IP node
Access the trap log maintained by SNMPLOG (for the local system only)
Access TCP/IP information in any remote protocol stack supporting the
TCP/IP Management Information Base (MIB)
HINT: TCPCON requires SNMP to be loaded on the remote host; otherwise, you
receive an error message that the host is unavailable. Another cause of the Host
unavailable message might be a routing error. To check for errors in the routing
table, accept the default value of 127.0.0.1 in the Host option under SNMP Access
Configuration. Select Routing Table to view the routing information table that the
routing software has received from routing protocols (RIP and OSPF) or static
routes. Compare this to the address topology of the network.
Viewing TCP/IP Configuration Information

To see how TCP/IP is configured, load TCPCON and select the following
options:
SNMP Access Configuration to view and change SNMP access
configuration
Protocol Information to view and change the run-time configuration of
TCP/IP protocols
IP Routing to view, change, and create IP routes
Statistics to view detailed TCP/IP statistics
Interfaces to view information about network interfaces
Display Local Traps to view the local system SNMP trap log
90

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Determining Whether a Remote TCP/IP Node Is

Reachable
To determine whether a remote node is reachable, run an Echo test by doing
the following:
1 Load PING
2 Specify the remote node address in the Host Name field.
3 Specify the number of seconds between each transmission in the Seconds
to Pause between pings field.

4 Specify the packet size to be transmitted in the IP Packet Size to send in
Bytes field.
5 Press Esc to begin transmitting.
If you receive an echo reply packet, the remote node is reachable.
Monitoring Error Counters

Error counters are monitored to make sure they are not increasing rapidly,
because a rapid increase indicates a problem. For information about
troubleshooting these problems, see Troubleshooting on page 93. You can
monitor error counters for TCP/IP interfaces in the following ways:
Use MONITOR to view counters such as Checksum Errors, Send and
Receive Packet Errors, and interface-specific errors. To view these
counters, load MONITOR and select LAN/WAN information >
interface you want to view.
Use TCPCON to view the following TCP/IP counters:
IP Errors
IP Address Errors
Unknown Protocol Errors
Local Errors
Reassembly Failures Detected
Fragmentation Failures Detected
To view these counters, load TCPCON and select Statistics > IP > More
IP Statistics.
Managing

103-000151-001
August 30, 2001
Novell Confidential
91
Manual
99a
38
July 17, 2001
Monitoring TCP/IP Information

Monitoring TCP/IP information can give you a clear view of the status of your
TCP/IP network and whether the router is configured properly to run
efficiently in the network. This information can also be helpful in
troubleshooting and optimizing of the network.
Checking the TCP/IP Routing Table

To check the TCP/IP routing table and information associated with each route,
load TCPCON and select IP Routing Table > Proceed > entry you want to
view.
The IP Routing Table window shows you all known TCP/IP destination
networks and the following information about each item:
IP address of the destination
IP address of the next hop router
Type of the route (direct, remote)
Primary cost for the route
Interface used to reach a route
The IP Route Information window expands on this by showing information
about the mask used, the routing protocol through which the destination was
learned, and the age of the route.
Monitoring the Configured TCP/IP Protocols

You can view, and sometimes change, the configuration of TCP/IP protocols
configured for use in your router. You can reach this information by loading
TCPCON and selecting Protocol Information. You can configure and view
statistics and other information for the following protocols:
EGP
ICMP
IP
OSPF
TCP
UDP
For additional information about each protocol, press F1 to access online help.
92

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Troubleshooting
This chapter contains IP troubleshooting information that is divided into three
categories:
Troubleshooting Tools on page 93
Troubleshooting Checkpoints on page 94
Common Problems on page 95
If a problem that is general in nature occurs, the procedure described in
Troubleshooting Checkpoints will help you isolate and resolve the problem.
Troubleshooting Tools
TCPCON is an NLMTM utility that provides access to statistics and
information about the status of various components of the TCP/IP protocol
suite. It uses SNMP to access this information from any local or remote system
on the network. TCPCON operates over TCP/IP networks. Use TCPCON to
monitor a remote system.
You can use TCPCON to perform the following tasks:
Display configuration information and statistics about the following
TCP/IP protocols: IP, ICMP, UDP, TCP, OSPF, and EGP
Display the IP routes currently known to a TCP/IP node
Display the network interfaces supported by a TCP/IP node
Access TCP/IP information in any remote protocol stack supporting the
TCP/IP Management Information Base (MIB)
Troubleshooting

103-000151-001
August 30, 2001
Novell Confidential
93
Manual
99a
38
July 17, 2001
Troubleshooting Checkpoints
To isolate and resolve TCP/IP problems, do the following:
1 To verify that IP is bound to the desired interfaces with the correct
addresses and masks for your internetwork. Load TCPCON Select

Protocols > IP > IP Addresses.
Use INETCFG to make any required corrections.
2 To check the routing table for routes to the required network. Load
TCPCON and select IP Routing Table > Proceed, and then press Enter
If routes are missing, verify that the required routing protocols have been
enabled and bound to the correct interfaces in INETCFG. Also verify that
the routing protocol in use on an interface is correctly configured on other
routers that are accessible through that interface.
3 To verify that static routing is configured if other third-party routers that
do not use RIP or OSPF are connected on the network. Load INETCFG
and select Protocols > TCP/IP > LAN Static Routing
4 To verify that the IP Packet Forwarding statistic is set to Enabled. Load
INETCFG and select Protocols > TCP/IP > IP Packet Forwarding

Use INETCFG to make any required corrections and then reinitialize the
system.
5 Use PING or TPING to test connectivity.
Perform Step 1 through Step 4 on any routers that cannot be reached. Start
with the router that is closest to the local node.
6 Verify that all client software has the Default Router parameter
configured to match the IP address of the network board inside the router
that is connected to the local segment.
7 Load TCPCON for the following IP statistics:
Local errors (memory error)
IP errors (unexpected protocol errors)

Check the configuration of other IP nodes on the network. Reduce IP
traffic or use a network analyzer to identify the source of invalid
packets.
IP address errors (misdirected packets)

Check the Address Translation tables on other IP nodes to determine
the source of the errors.
94

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Unknown protocol errors (unsupported IP clients)

Load the required applications.
No route found (router failure)

Check the configuration of the routing protocols.
8 Load TCPCON for the following ICMP statistics:
Destination unreachable (network failure)

Use a network analyzer to determine the unreachable destination.
Check that the routers on the path to the destination advertise the
route.
Time exceeded (network failure)

Reduce the excessive delays by reducing the size of the internetwork
or increasing the speed of WAN links.
Redirects (router failure)

Check that all routers on the network are properly configured and
advertising routes. Verify that the correct Default Router is
configured on the clients.
9 To verify that all configuration options are set correctly. Load INETCFG
and select View Configuration
Common Problems
This section discusses the following common problems and their potential
solutions:
LAN Connectivity Problems on page 96
Router Cannot Ping a Remote Router or the Internet on page 98
Routing Table Maintenance Problems on page 98
IP Address Duplication across Machines on page 100
Server Not Responding under Heavy Stress Conditions on page 100
Server Not Responding under Heavy Stress Conditions on page 100
Load Not Balanced across NICs although LB is Enabled in INETCFG
on page 100
Network Traffic Is Not Balanced across NICs on page 101
Troubleshooting

103-000151-001
August 30, 2001
Novell Confidential
95
Manual
99a
38
July 17, 2001
Losing INETCFG Configuration Information upon Rebooting on page

101
Loss of Secondary IP Address upon Deleting Any Binding on page 101
LAN Connectivity Problems

The router does not forward IP packets
Verify that the IP Packet Forwarding statistic is set to Router Enabled in
TCPCON (Protocols > IP). If routing is not enabled, enable IP Packet
Forwarding under Protocols in INETCFG, and then issue the
REINITIALIZE SYSTEM command.
A TCP/IP host cannot reach the router on the local network
Verify that the network portion of the IP address and the subnet mask
are the same on the router and the host.
Verify that the router and host use the same frame type.
Use PING from the router to verify connectivity to the
TCP/IP host and verify that the IP Address Translation table has an
entry for the host.
If there is no entry, use MONITOR to check the status of the LAN
driver.
TCP/IP host and check for Echo Requests in TCPCON (select
Statistics > ICMP).
If the value of the Echo Requests statistic is not incrementing, check
the IP statistics for errors and perform Step 7 on page 94 in
Troubleshooting Checkpoints.
TCP/IP host and check for Echo Replies in TCPCON (select
Statistics > ICMP).
If the value of the Echo Replies statistic is not incrementing, verify
that IP is bound to the host's interface with the correct address and
mask. Also, verify that the interface driver is loaded with the correct
frame type. If required, check the IP statistics for errors and perform
Step 7 on page 94 in Troubleshooting Checkpoints.
96

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
A TCP/IP host cannot reach a remote host

Verify that the IP address and mask are proper.
Verify that the local TCP/IP host has the local router listed as the
default router.
Verify that each router has a routing protocol enabled and that it has
not been disabled on the interface.
Starting at the local router, verify that each router has a route to the
remote host's network.
Verify that there are no filters capable of blocking IP traffic
configured on any routers along the path.
Verify that the remote host has a route to the local host's network.
Using PING, verify that the remote host can reach each router on the
path to the local TCP/IP host.
Starting at the router closest to the remote host, verify that each
router has a route to the local TCP/IP host's network.
The router cannot initiate IP traffic to a remote router through a LAN
interface
Verify that IP is bound to the right interface with the correct address
and mask.
Check whether the interface driver is loaded with the correct frame
type.
Check whether a route exists to the network on which the destination
router resides. This can be done through the IP Routing Table
window of TCPCON. If the destination router is accessible, also
verify that it has a route to the source router's network.
A TCP/IP host cannot reach another host when Fault Tolerance is
disabled and the NIC that was handling the data transfer has gone down
Make sure the NIC is grouped for load balancing and fault tolerance.
Make sure that fault tolerance is enabled for the group.
To verify that NIC is grouped, do the following:
1 Load INETCFG and select Bindings > TCP/IP.
2 Select Configure TCP/IP Bind Option.
3 Make sure that the Group interface for LBFT is set to Yes.
Troubleshooting

103-000151-001
August 30, 2001
Novell Confidential
97
Manual
99a
38
July 17, 2001
To check that fault tolerance is enabled, do the following:

2 In the screen that appears, fault tolerance should be enabled.
This could be for the complete system. You still need to verify whether
Fault Tolerance is enabled for the particular Net Group.
3 Select Fault Tolerance Configuration > Configure Individual Group.
4 Select the particular Net Group and check whether fault tolerance is
enabled for it. If not, set it to Yes.
Router Cannot Ping a Remote Router or the Internet

Load TCPCON and verify select IP Routing Table that there is a destination
that is specified as the default route. If there is no default route, you must
configure it. Load INETCFG to permanently configure the default route.
2 Select the Interface Group for your WAN card.
3 Select WAN Call Destination.
4 Select WAN Call Destination press Ins and then select the WAN card
defined earlier.
5 Select Static Routing Table option and press Ins.
The Static Routing entry sets up the default route that points to the
Internet Service Provider (ISP).
6 Select Route to Network or Host > Default Route.
7 Press Esc to save your changes and exit the menus.
8 For the changes to take effect, reinitialize the system.
Routing Table Maintenance Problems

Routes are not exchanged on a LAN.
Use INETCFG to verify that the IP Packet Forwarding option is
enabled.
Use INETCFG to verify that a routing protocol has been enabled.
Use INETCFG to verify that the routing protocol has not been
disabled on an interface.
98

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Use TCPCON to examine the routing table and determine which

routes are missing.
Check TCPCON for IP errors.
Check TCPCON for ICMP errors.
If you are using RIP, then in INETCFG under Bindings, verify that
the RIP Mode option is not set to Send Only or Receive Only.
If the RIP Version option is set to RIPII, verify that the other routers
also support RIP II.
Verify that no route filters are configured that would block route
information packets for that interface.
If you are using OSPF, verify that the following conditions have been
met:
Routers in the area have the same Authentication Type configured.
All routers on the same network have the same Authentication
Password configured for the interface to the network.
All routers on the same network have the same Hello Intervals
configured for the interface to the network.
The state of each neighbor is either two-way or full in TCPCON
(select Protocol Information > OSPF > Neighbors). If it is not, one of
the two conditions described next will occur. Refer to the next two
paragraphs for an explanation of the corrective actions required.
In TCPCON, there is a router link state advertisement for each router
in your area (select Protocol Information > OSPF > Link State
Advertisements). If these advertisements are not present, verify that
the missing router is active and the correct area ID is configured for
the network interface.
In TCPCON, the number of link state advertisements, Area
Boundary Routers, and Autonomous System Boundary Routers are
the same for each router in your area (select Protocol Information >
OSPF > Areas). Verify that the problem routers are active. Bring
down any router whose routing database is not synchronized with the
databases of its routing neighbors. If the problem persists, reduce the
size of your network or add more memory to the router.
Routes are not exchanged on a LAN.
Verify that the broadcast address is correct.
Troubleshooting

103-000151-001
August 30, 2001
Novell Confidential
99
Manual
99a
38
July 17, 2001
RIP routes are not accessible to hosts on OSPF networks.

Check the status of the Autonomous System Boundary Router
statistic in TCPCON (select Protocol Information > OSPF).
Verify that no filters are configured that would block access to the
network.
IP Address Duplication across Machines

When you are trying to bind an IP address, you get an error message
stating a conflict for the IP address.
Set allow ip address duplicates command off under
SET parameters.
Server Not Responding under Heavy Stress Conditions

Increase the following using the SET command options:
Maximum Packet Receive Buffers (page 56)
Minimum Packet Receive Buffers (page 56)
TCP IP Maximum Small ECBs (page 58)
Load Not Balanced across NICs although LB is Enabled in INETCFG

Load balancing might have been enabled only for the system and not for the
particular group. Check whether you have grouped multiple NICs and enabled
load balancing for them.
To check that load balancing is enabled at group level, do the following:
In the screen that appears load balancing should enabled. This is for the
complete system. You still need to verify whether load balancing is
enabled for the particular Net Group.
2 Select Load Balancing Configuration > Configure Individual Group.
3 Select the particular Net Group and check whether load balancing is
enabled for it. If not, set it to Yes.
100 NetWare TCP/IP Administration Guide

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Network Traffic Is Not Balanced across NICs

If the application is binding to the local host (0.0.0.0), the data is always
sent through the Primary. So the Primary should be inside the LBFT
group for the load to be evenly balanced.
Check whether the interface designated as Primary is within the group or
not. If not, either group the Primary interface or make one of the group
members Primary.
If the application is not bound to the local host, then the data is always
sent through the host where the application is bound. To load balance in
this case, make sure that this host is inside the LBFT Group.
To check whether a particular binding is part of the LBFT Group, do the
following:
2 In the screen that appears, select the Configure TCP/IP Bind option.
3 Make sure that the group interface for LBFT is set to Yes.
Losing INETCFG Configuration Information upon Rebooting

This could happen if the server abended while being configured. This corrupts
the file SYS:\ETC\TCPIP.CFG. Delete this file and copy a backup of the
previous configuration.
Loss of Secondary IP Address upon Deleting Any Binding

This could happen if more than one interface are using the same driver. If this
is the case, never delete any of the bindings. Always disable them if you dont
want to use them.
Troubleshooting 101

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a

103-000151-001
August 30, 2001
Novell Confidential
38
July 17, 2001
Manual
99a
38
July 17, 2001
Planning
This appendix explains what decisions must be made before you can configure
TCP/IP beyond its most basic configuration.
Configuration Decisions
How you configure TCP/IP beyond the most basic configuration depends on
the following decisions:
Whether a multiprocessor server can use this version of TCP/IP
The TCP/IP stack distributes the connection across all processors
uniformly resulting in packet processing on different processors in
parallel. The TCP/IP stack has been multiprocessor (MP) enabled for
processing TCP and UDP packets.
Whether to use the computer as a router or an end node (that is, a
host)
The IP Packet Forwarding parameter, which controls IP packet routing, is
enabled by default. This parameter permits your computer to operate as
an IP router. When you want your computer to operate as an end node
only, disable this parameter.
Whether to use Routing Information Protocol (RIP), Open Shortest
Path First (OSPF), or a mixed RIP-OSPF environment
RIP and OSPF are IP routing protocols. If you already have IP routers in
your network environment, use the same routing protocol they use. If
your network currently has no other routers, use OSPF.
To configure your router as a RIP router, see Configuring RIP on page
60.
Planning 103

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
To configure your router as an OSPF router, see Configuring OSPF on

page 63.
To configure a mixed RIP-OSPF environment, refer to both of the
preceding procedures.
Whether to use static routes on a router
Static routes are useful for reducing routing traffic, providing security,
accessing isolated networks, and operating as backup routes on routers.
Static routes are required for on-demand connections.
To configure static routes on a router, see Configuring Static Routes for
LANs on page 69.
Whether to filter routes or various TCP/IP packets
Enable filters when you want to do either of the following:
Control access to any services, such as File Transfer Protocol (FTP),
on your network
Reduce the bandwidth consumed by routing traffic
To configure TCP/IP filters, you must enable the Filtering Support
parameter in INETCFG and then load the Filter Configuration utility
(FILTCFG).
Whether to configure router discovery
Router discovery enables end nodes to find an IP router on their network.
If your computer is operating as a router, it can advertise itself
periodically as a router. If your computer is operating as an end node, it
can send queries to locate a router.
To configure router discovery, see Configuring Router Discovery on
page 76.
Whether to disable Address Resolution Protocol (ARP) or enable
Proxy ARP
ARP is a LAN protocol that maps Internet addresses to physical
addresses. IP routers and end nodes use ARP to determine a destination
node's physical address.
An IP router using Proxy ARP replies to ARP requests it receives through
an interface on behalf of an end node on a network attached to another
interface.
To change the default settings of ARP and Proxy ARP features, see
Configuring ARP on page 78.

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Whether to enable the router to forward directed broadcasts

A directed broadcast is a broadcast intended only for a subnet rather than
all nodes on the network.
To enable directed broadcast forwarding, see Configuring Directed
Broadcast Forwarding on page 81.
Whether to configure the router or end node as a BOOTP forwarder
The BOOTP protocol enables end nodes to obtain an IP address at startup time. If there is a BOOTP or Dynamic Host Configuration Protocol
(DHCP) server on your internetwork, any IP routers that are configured
to act as a BOOTP forwarder accept and forward BOOTP or DHCP
requests to the server. The BOOTP or DHCP server then assigns an IP
address to the end station.
To configure BOOTP forwarding, see Configuring BOOTP
Forwarding on page 82.
Whether to configure multiple logical interfaces on a single board
Using multiple logical interfaces enables you to bind more than one IP
network to a LAN board. Each binding operates as a separate logical
interface.
To configure multiple logical interfaces on a board, see Configuring
Multiple Logical Interfaces on page 84.
Whether to use multihoming
Multihoming enables an interface to be bound to multiple IP addresses on
the same network. Multihoming can be used for all IP networks bound to
a router, whether the networks are bound to on the same interface or
different interfaces.
The most common use of multiple addresses on the same network is to
enable a Web server to operate as though it is several Web servers. In this
application, each secondary IP address is used by a different virtual host
on the same Web server. The Domain Name System (DNS) can be used
to access these virtual hosts using unique hostnames.
Multihoming is also commonly used with network address translation
(NAT), the proxy server, and the virtual private network (VPN).
To configure multihoming, see Configuring a Secondary IP Address on
page 86.
Planning 105

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a

103-000151-001
August 30, 2001
Novell Confidential
38
July 17, 2001
Manual
99a
38
July 17, 2001
TCP/IP Database Files

This appendix describes how the database files of the TCP/IP stack should be
configured.
Configuring Database Files

TCP/IP uses four database files in the SYS:\ETC\directory to convert internal
data, such as IP addresses, into more identifiable and workable names.
HOSTS File (page 108) maps hostnames to IP addresses
NETWORKS File (page 109) maps network names to network addresses
PROTOCOL File (page 110) maps protocol names to IP protocol
numbers
SERVICES File (page 111) maps service names to TCP and UDP ports
The user interface for TCPCON and other NLM files uses these database files.
To inform TCP/IP of names and addresses of local nodes and networks, you
must add that information to these files. The files are cached in memory so that
disk access is avoided during lookup. Because of this, TCP/IP takes up more
memory. If this is not desirable, keep the size of the database small or simply
delete the files.
TCP/IP finds the following four database files in the SYS:\ETC\directory:
These files are described in the sections following this discussion.
If you are configuring TCP/IP for the first time, we recommend that you start
by copying the sample database files from SYS:\ETC\SAMPLES to
SYS:\ETC. This provides you with some examples to refer to as you add your
own entries, and also provides TCP/IP with the PROTOCOL and SERVICES
files.
TCP/IP Database Files 107

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
You can modify these files with a standard text editor from any NetWare
client, or you can use EDIT.NLM from the NetWare system console. The
following sections describe the formats of the files, which are compatible with
the same files on standard 4.3BSD UNIX* systems. The examples in the
sample files can also help you create your own entries.
The files have the same names and format as the files on UnixWare* systems
and other UNIX systems. You can use FTP to transfer the files from a UNIX
host.
Each database file describes a table. Each line of the file describes a separate
table entry. Blank lines and comments are ignored. Comments begin with a
pound sign (#) anywhere in a line and include the pound sign and any
characters following it on the same line.
IMPORTANT: Do not use the sample addresses provided in the database files if
you are connected to the Internet; these addresses are for example only.
HOSTS File
The SYS:\ETC\HOSTS file contains information about the known hosts on
the IP internetwork. Typically, it is centrally administered and distributed to
all local hosts. Its format, as shown in Figure 15, is identical to /etc/hosts on
UNIX systems. Each entry provides information about a single host. An entry
cannot extend beyond one line.
Figure 15
Sample HOSTS File
The HOSTS file entry has the following format:

IP_address host_name [alias [...]]

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
The IP_address is a 4-byte address in standard dotted decimal notation. Each

byte is a decimal, hexadecimal, or octal value and is separated by a period.
Hexadecimal numbers must start with the character pair 0x or 0X; octal
numbers must start with 0.
The host_name is the name of the system associated with this IP address. The
name cannot contain a space, tab, pound sign (#), or end-of-line character.
Each hostname must be unique.
The alias is another name for the same system. Typically, this is a shorter
name. A single host can have from 1 to 10 aliases. For example, the host sales
could have the following address and aliases:
129.0.9.5 sales sa saleshost
The sample file SYS:\ETC\SAMPLES\HOSTS is included with the TCP/IP

software. When you are configuring TCP/IP for the first time, copy the sample
HOSTS file from SYS:\ETC\SAMPLES to SYS:\ETC. You then edit the
SYS:\ETC\HOSTS file. You can change your configuration at any time by
editing your existing SYS:\ETC\HOSTS file.
NETWORKS File
The SYS:\ETC\NETWORKS file contains information about the networks in
your internetwork. Each entry provides information about one network. An
entry cannot extend beyond one line. Figure 16 shows a sample NETWORKS
file.
Figure 16
Sample NETWORKS File
The NETWORKS file entry has the following format:

network_name network_number [/network_mask] [alias [...]]

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The network_name is the name of the network associated with this network
number. The name cannot contain a space, tab, pound sign (#), or end-of-line
character. The network name must be unique.
The network_number is the number of the network. Hexadecimal numbers
must start with the character pair 0x or 0X. The network_number can be
specified with or without trailing zeros. For example, the addresses 130.57
and 130.57.0.0 denote the same IP network.
The network_mask is the subnet mask of the network. Like IP addresses, it can
be specified in octal, decimal, or hexadecimal notation. This field is optional.
If not specified, the subnet mask is deduced from existing routing table entries.
The alias is another name for the same network; you can specify up to 10
aliases for a network.
The sample file SYS:\ETC\SAMPLES\NETWORKS is included with the
TCP/IP software. When you are configuring TCP/IP for the first time, copy
the sample NETWORKS file from SYS:\ETC\SAMPLES to SYS:\ETC. Then
edit the SYS:\ETC\NETWORKS file. You can change your configuration at
any time by editing your existing SYS:\ETC\NETWORKS file.
PROTOCOL File
The SYS:\ETC\PROTOCOL file, as shown in Figure 17, contains information
about the known protocols used on the internetwork. Each line provides
information about one protocol. An entry cannot extend beyond one line.
NOTE: The PROTOCOL file is called PROTOCOLS on UNIX systems. The name
is shortened to PROTOCOL because of the DOS eight-character limit.

Figure 17
Sample PROTOCOL File

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
The PROTOCOL file entry has the following format:

protocol_name protocol_number [alias [...]]
The protocol_name is the name of the Internet protocol associated with this
protocol number. The name cannot contain a space, tab, pound sign (#), or
end-of-line character.
The protocol_number is the number of the Internet protocol.
The alias is an alternate name for the protocol.
The sample file SYS:\ETC\SAMPLES\PROTOCOL is included with the
TCP/IP software. When you are configuring TCP/IP for the first time, copy
the sample PROTOCOL file from SYS:\ETC\SAMPLES to SYS:\ETC. You
can then edit the SYS:\ETC\PROTOCOL file. You can change your
configuration at any time by editing your existing SYS:\ETC\PROTOCOL
file.
SERVICES File
The SYS:\ETC\SERVICES file, as shown in Figure 18, contains information
about the known services used on the IP internetwork. Each entry provides
information about one service. An entry cannot extend beyond one line.
Figure 18
Sample SERVICES File
The SERVICES file entry has the following format:

service_name port_number /protocol_name [alias [...]]
The service_name is the name of the service associated with this port number
and protocol name. The name cannot contain a space, tab, pound sign (#), or

103-000151-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
end-of-line character. These are generally Application-layer, Presentationlayer, or Session-layer services, such as TFTP, FTP, SMTP, and TELNET.
The port_number is the number of the Internet port used by the service.
The protocol_name is the protocol with which the service is associated. This
is generally a Transport- or Network-layer protocol, such as TCP or UDP. You
must put a slash between the port number and the protocol name (for example,
SMTP 25/TCP MAIL).
The alias is an alternate name for the service.
The sample file SYS:\ETC\SAMPLES\SERVICES is included with the TCP/
IP software. When you are configuring TCP/IP for the first time, you should
copy the sample SERVICES file from SYS:\ETC\SAMPLES to SYS:\ETC.
You can then edit the SYS:\ETC\SERVICES file. You can change your
configuration at any time by editing your existing SYS:\ETC\SERVICES file.

103-000151-001
August 30, 2001
Novell Confidential
NetWare FTP Server Administration Guide
Novell
NetWare 6
www.novell.com
6.0
N E T WA R E F T P S E RV E R
August 29, 2001

Novell Confidential
Manual
99a
July 17, 2001
38
Contents
Preface
Overview
Features of the NetWare FTP Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Setting Up
13
Upgrading from NetWare 5.1 to NetWare 6.0 . . . . .

Configuring FTP Server . . . . . . . . . . . . . . . .
Configuring FTP Server from NetWare Web Manager.
Configuring Server Settings . . . . . . . . . . . .
Configuring Security Settings. . . . . . . . . . . .
Configuring User Settings . . . . . . . . . . . . .
Configuring Log Settings . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Managing
13
14
19
21
22
23
24
25
FTP Server Startup. . . . . . . . . . . .

Creating an Anonymous User . . . .
Viewing the Active Sessions Display .
Using the FTP Server from an FTP Client
Starting an FTP Session . . . . . . .
Accessing a Remote Server . . . . .
Paths Formats . . . . . . . . . . . .
Quote Site Commands . . . . . . . .
Name Space and Filenames . . . . .
Administering the NetWare FTP Server .
Multiple Instances of the FTP Server
Intruder Detection. . . . . . . . . . .
Access Restrictions . . . . . . . . .
Anonymous User Access . . . . . .
FTP Log Files. . . . . . . . . . . . .
Active Sessions Display . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Configuring with Cluster Services

Running FTP Server in Active/Active and Active/Passive Modes
Editing FTPSERV.CFG Configuration Files . . . . . . . . . . .
Editing AUTOEXEC.NCF Files. . . . . . . . . . . . . . . . . .
Novell Cluster Services Configuration and Setup . . . . . . . .
Creating a Cluster Volume Object . . . . . . . . . . . . .
Configuring FTP Server Load and Unload Scripts . . . . .
Setting FTP Server Start, Failover, and Failback Modes . . . .
25
26
26
26
26
28
31
31
32
33
33
34
34
37
38
42
45
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Contents

103-000172-001
August 30, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
45
45
46
48
48
49
50
Manual
99a
38
July 17, 2001
FTP Server Messages
53
NWFTPD Messages. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
FTPUPGRD Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
53
55

103-000172-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Preface
Welcome to the NetWare FTP Server Administration Guide. NetWare FTP
Server software provides FTP service for transferring files to and from
NetWare volumes. You can perform file transfers from any FTP client by
using the FTP server to log in to a Novell eDirectoryTM tree. After logging
in, you can navigate to other NetWare servers (in the same eDirectory tree)
even if they are not be running FTP service.
Preface

103-000172-001
August 30, 2001
Novell Confidential
Manual
99a
38

103-000172-001
August 30, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
Overview
NetWare FTP Server software is based on the standard ARPANET File
Transfer Protocol that runs over TCP/IP and conforms to RFC 959. You can
perform file transfers from any FTP client by using the FTP Server to log in
to the Novell eDirectoryTM tree.
Features of the NetWare FTP Server

The main features of NetWare FTP Server software include the following:
Multiple instances of NetWare FTP Server software
Multiple instances of NetWare FTP Server software can be loaded on the
same NetWare server, providing different FTP services to different sets of
users.
See Multiple Instances of the FTP Server on page 33.
FTP access restrictions
FTP access can be restricted at various levels through various types of
access rights.
See Access Restrictions on page 34.
Intruder detection
An intruder host or user who tries to log in using an invalid password can
be detected and restricted.
See Intruder Detection on page 34.
Remote server access
FTP users can navigate and access files from other NetWare eDirectory
servers in the same eDirectory tree and from remote IBM* servers,
Overview

103-000172-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
whether or not the remote servers are running NetWare FTP Server
software.
See Accessing a Remote Server on page 28 and Table 5, Login
Parameters, on page 15.
Anonymous user access
An Anonymous user account can be set up to provide users with basic
access to public files.
See Anonymous User Access on page 37.
Special Quote Site commands
These NetWare-specific commands can be used to change or view some
of the NetWare server-specific parameters.
See Quote Site Commands on page 31.
Firewall support
When the FTP client is behind a firewall and the FTP server cannot
connect to the FTP client, NetWare FTP Server software supports passive
mode data transfer and the configuration of a range of passive data ports.
See Table 7, Firewall Support Parameters, on page 17.
Active Sessions display
Details of all the active FTP instances at a particular time such as a list of
all instances, details of each instance, all sessions in an instance, and all
details of each session can be viewed.
See Viewing the Active Sessions Display on page 26.
Name space support
NetWare FTP Server software can operate in both DOS and long name
spaces. The FTP user can dynamically change the default name space by
using one of the Quote Site commands.
See Quote Site Commands on page 31.
Simple Network Management Protocol error reporting service
Simple Network Management Protocol (SNMP) traps are issued when an
FTP login request comes from an intruder host or from a node address
restricted through Novell eDirectory. The traps can be viewed on the
management console.
10

103-000172-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FTP logs
The FTP service maintains a log of various activities: FTP sessions,
unsuccessful login attempts, active sessions details, and system error and
FTP server-related messages.
See FTP Log Files on page 38
Welcome banner and message file support
NetWare FTP Server software displays a welcome banner when an FTP
client establishes a connection as well as a message file when a user
changes the directory in which the file exists.
See Table 8, Welcome Banner and Message Files Parameters, on page
17.
NetWare Web Manager based management
NetWare Web Manager is a browser-based management tool used to
configure and manage NetWare Web Services (such as NetWare
Enterprise Web Server and NetWare Web Search Server) using a local
database, LDAP, or Novell eDirectory.
The NetWare Web Manager interface can also be used to administer (start
and stop) the FTP server as well as to configure the server, security, user,
and log settings. These settings can then be modified from a client
workstation using an Internet browser.
You can also get information such as the current server status by viewing
different logs through the Web Manager interface.
The Web Manager URL is https://servername: port_number (default port
number = 2200).
See Configuring FTP Server from NetWare Web Manager on page 19.
Cluster Services Support
NetWare FTP Server can be configured with Novell Cluster ServicesTM to
achieve high availability. Running FTP Server on Novell Cluster Services
provides benefits such as automatic restart without user intervention in
case of a node failure in cluster.
See Configuring with Cluster Services on page 45.
Upgrade Utility
The Upgrade utility helps in upgrading the configuration of FTP Server
when upgrading from NetWare 5.1 to NetWare 6.
See Upgrading from NetWare 5.1 to NetWare 6.0 on page 13.
Overview

103-000172-001
August 30, 2001
Novell Confidential
11
Manual
12
99a
38

103-000172-001
August 30, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
Setting Up
This chapter discusses the following sections:
Upgrading from NetWare 5.1 to NetWare 6.0 (page 13)
Configuring FTP Server (page 14)
Configuring FTP Server from NetWare Web Manager (page 19)
Upgrading from NetWare 5.1 to NetWare 6.0

The upgrade utility (FTPUPGRD.NLM) is automatically invoked to upgrade
the default configuration of NetWare FTP Server when you choose NetWare
FTP Server while upgrading the operating system from NetWare 5.1 to
NetWare 6.0.
If invoked during installation, FTP Upgrade utility upgrades the default
configuration file, ftpserv.cfg located in SYS:\ETC.
To upgrade a specific configuration of FTP Server, execute the following
command in the system console, and specify different configuration files in
SYS:\ETC.
FtpUpgrd -c cfg filename
Setting Up

103-000172-001
August 30, 2001
Novell Confidential
13
Manual
99a
38
July 17, 2001
Configuring FTP Server

Before you start the NetWare FTP Server software, you should configure it by
setting the configuration parameters in the configuration file. The default
configuration file is SYS:/ETC/FTPSERV.CFG. The parameters in this
configuration fils are commented with their default values.
When the NetWare FTP Server is started, the IP address of the host
(HOST_IP_ADDR) and the port number of the NetWare FTP Server
(FTP_PORT), as defined in the configuration file, are used to bind to and
listen for FTP client connection requests. If these parameters are not defined
in the configuration file, the FTP Server binds to all configured network
interfaces and the standard FTP ports.
Multiple instances of the NetWare FTP Server can run on a single machine
with different IP addresses, or port numbers. The various parameters in the
configuration file along with the default values are described in the following
tables:
Table 1
Multiple Instances Parameters
Parameter
Default Value
Description
HOST_IP_ADDR
IP address of the host
The IP address of the host that

the FTP Server software is being
loaded on
FTP_PORT
21 (Standard FTP port)
The port number that the FTP

server should bind to and listen
for connection requests from
Table 2
FTP Session Parameters
Parameter
Default Value
Description
MAX_FTP_SESSIONS
30
Maximum number of FTP

sessions that can be active at any
point of time.
Minimum value is 1
IDLE_SESSION_TIMEOUT
14
600 (seconds)
Duration in seconds that any

session can remain idle. The
session will never time out if the
value is set as negative.

103-000172-001
August 30, 2001
Novell Confidential
Manual
Table 3
99a
38
July 17, 2001
Anonymous User Access Parameters
Parameter
Default Value
Description
ANONYMOUS_ACCESS
No
Specifies whether anonymous

user access is allowed.
Valid values are Yes and No.
ANONYMOUS_HOME
SYS:/PUBLIC
The Anonymous users home

directory.
ANONYMOUS_PASSWORD_R
EQUIRED
Yes
Specifies whether to ask for an

Email ID as the password for
Anonymous user to log in.
Table 4
Access Restrictions Parameters
Parameter
Default Value
Description
RESTRICT_FILE
SYS:/ETC/FTPREST.TXT
FTP Server can define access

restrictions to various levels of
users, hosts, etc. These
restrictions are defined in a file,
which can be specified here.
Table 5
Login Parameters
Parameter
Default Value
Description
DEFAULT_USER_HOMESERVER
Server where FTP is running
The name of the server that the

default home directory is on.
DEFAULT_USER_HOME
SYS:\PUBLIC
The default home directory of the

user.
IGNORE_REMOTE_HOME
No
Specifies whether to ignore the

home directory, if it is on a remote
server, and go to the default
directory.
Setting Up

103-000172-001
August 30, 2001
Novell Confidential
15
Manual
99a
38
July 17, 2001
Parameter
Default Value
Description
IGNORE_HOME_DIR
No
Specifies whether to ignore the

home directory and go to the
default directory.
SEARCH_LIST
Table 6
A list of fully distinguished names

of containers in which FTP users
are be looked for, separated by
commas. The length of this string
including the commas should not
exceed 2048 bytes. You can
specify a maximum of 25
containers.
Intruder Detection Parameters
Parameter
Default Value
Description
DEFAULT_NS
Long
The default name space.

The valid values are DOS and
LONG.
INTRUDER_HOST_ ATTEMPTS 20
The number of unsuccessful log

in attempts for intruder host
detection.
When set to 0, intruder host login
detection is disabled.
INTRUDER_USER_ATTEMPTS
The number of unsuccessful log

in attempts for intruder host
detection.
When set to 0, intruder host login
detection is disabled.
HOST_RESET_TIME
10
Time interval in minutes during

which the intruder host is not
allowed to log in.
USER_RESET_TIME
Time interval in minutes during

which the intruder user is not
allowed to log in.
16

103-000172-001
August 30, 2001
Novell Confidential
Manual
Table 7
99a
38
July 17, 2001
Firewall Support Parameters
Parameter
Default Value
Description
PASSIVE_PORT_MIN
Minimum port number used for

establishing passive data
connection.
The port value range is 1 to
65534.
The minimum value should
always be less than or equal to
the maximum value.
PASSIVE_PORT_MAX
65534
Maximum port number used for

establishing passive data
connection.
The port value range = 1 to
65534.
The maximum value should
always be greater than or equal
to the minimum value.
Table 8
Welcome Banner and Message Files Parameters
Parameter
Default Value
Description
WELCOME_BANNER
SYS:/ETC/WELCOME.TXT
When the FTP client establishes

a connection, the content of this
file is displayed.
MESSAGE_FILE
MESSAGE.TXT
When the user changes the

directory, the contents of this file
are displayed. For this, the file
with that name should exist in the
directory.
Setting Up

103-000172-001
August 30, 2001
Novell Confidential
17
Manual
Table 9
99a
38
July 17, 2001
FTP Logs Parameters
Parameter
Default Value
Description
FTP_LOG_DIR
SYS:/ETC
The directory where log files will

be stored.
NUM_LOG_MSG
3200
Maximum number of messages

that will be logged in each log file.
LOG_LEVEL
Indicates the level of messages

logged. These are:
1= ERROR
2= WARNING
4= INFORMATION
The following combinations can
be given.
3= ERROR, WARNING
5=ERROR, INFORMATION
6= INFORMATION, WARNING
7=ERROR, WARNING, and
INFORMATION
FTPD_LOG
FTPD
FTPD.LOG file is automatically

created. This file contains all the
internal system related
information encountered by the
FTP server.
AUDIT_LOG
FTPAUDIT
FTPAUDIT.LOG file is
automatically created. This file
contains details about the login
activities of the user
INTRUDER_LOG
FTPINTR
FTPINTR.LOG file is
contains information about
unsuccessful login attempts
STAT_LOG
FTPSTAT
FTPSTAT.LOG file is
contains details about all active
sessions.
18

103-000172-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Configuring FTP Server from NetWare Web Manager

You can use the NetWare Web Manager for administering FTP Service from
client- side.
To do this, enter the following URL to display the Service Selector panel (the
default port number is 2200):
https://remote_server_name : port_number
Figure 1
Service Selector Panel
In the Service Selector panel, select NetWare FTP Server to display the
Service Manager panel.
Setting Up

103-000172-001
August 30, 2001
Novell Confidential
19
Manual
Figure 2
99a
38
July 17, 2001
Service Manger Panel
In the Service Manager panel you can view the Server Preferences menu,
which provides links to the configuration pages of FTP Server by clicking the
Server Preferences icon at the top of the panel.
When you click this icon, the initial main panel displays FTP Server On/off
Panel. You can start or stop NetWare FTP Service from the client side by
clicking either of the buttons.
20

103-000172-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Configuring Server Settings

1 In the Server Preferences menu, click Server Settings.
Figure 3
Server Settings Panel
2 Specify the FTP Server settings. For specific information about each
parameter, refer the online help.
3 Click Save to save your settings or click Reset to retain the previous
settings.
Setting Up

103-000172-001
August 30, 2001
Novell Confidential
21
Manual
99a
38
July 17, 2001
Configuring Security Settings

1 In the Server Preferences menu, click Security.
Figure 4
Security Panel
2 Specify the FTP Server Security settings. For specific information about
each parameter, refer the online help.
3 Click Save to save your settings or click Reset to clear your settings.
22

103-000172-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Configuring User Settings

1 In the Server Preferences menu, click User Settings.
Figure 5
User Settings Panel
2 Specify the FTP Server User Settings. For specific information about each
parameter, refer the online help.
3 Click Save to save your settings or click Reset to clear your settings.
Setting Up

103-000172-001
August 30, 2001
Novell Confidential
23
Manual
99a
38
July 17, 2001
Configuring Log Settings

1 In the Server Preferences menu, click Log Settings.
Figure 6
Log Settings Panel
2 Select the type of log messages from the Log Messages of Type drop
down list, and enter the Number of Log messages. For specific information
about each parameter, refer the online help.
3 Click Save to save your settings or click Reset to retain previous settings.
24

103-000172-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Managing
FTP Server Startup on page 25
Using the FTP Server from an FTP Client on page 26
Administering the NetWare FTP Server on page 33
FTP Server Startup

The FTP Server software can be loaded from the NetWare server using the
following command:
nwftpd
The server takes the default configuration file SYS:/ETC/FTPSERV.CFG. On

installation, this configuration file has all the parameters, commented, with
their default values.
To start the NetWare FTP Server software with a different configuration file
(for example, MYCONFIG.CFG), place the file in the SYS:/ETC directory
and enter the following at the command line:
nwftpd -c myconfig.cfg
NOTE: If there is any change in the .CFG file, nwftpd should be reloaded.
Managing

103-000172-001
August 30, 2001
Novell Confidential
25
Manual
99a
38
July 17, 2001
Creating an Anonymous User

To create an anonymous user, enter
nwftpd -a [-c Configfile]
The server takes the anonymous user home directory from the configuration
file and displays it on the screen with the option to modify the directory.
NOTE: The -a option modifies the configuration file for anonymous user access.
For this change to take place, reload nwftpd.
Viewing the Active Sessions Display

To load the Active Sessions Display utility, enter
ftpstat [-p port number]
The server takes a port number that the HTTP browser should connect to in
order to view the NetWare FTP active sessions. The default port is 2500.
Using the FTP Server from an FTP Client

Starting an FTP Session on page 26
Paths Formats on page 31
Accessing a Remote Server on page 28
Quote Site Commands on page 31
Name Space and Filenames on page 32
Starting an FTP Session

Users can start an FTP session from a workstation running the FTP client
software using the following command:
ftp hostname | IP Address
where hostname is the name of the server in the DNS or IP address of the
NetWare server running the FTP service. The FTP client then prompts the user
for a username and password.
26

103-000172-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The following are the session-based details and are not tied to individual user
logins: bytes sent, bytes received, session duration, files sent, files received,
and current Novell eDirectoryTM context.
For more details, see Table 2, FTP Session Parameters, on page 14.
Logging In to the eDirectory Tree
A user can login to the FTP server either by specifying the username with full
context or with a context relative to the default context (which is the context
of the NetWare server where FTP is running). If the context is not specified,
the FTP server searches for the user only in the current session context.
If a user with an expired password attempts to log in to the FTP server, a
message stating that the password has expired is returned after the user logs
in. Logging in with an expired password uses the grace logins. If all the grace
logins of the user expire, the user cannot log in and receives an error message.
After the user logs in, the FTP server places the user in the user's eDirectory
home directory (if defined) and attaches the user to the server where the home
directory resides.
If the home directory is not defined or cannot be located, the FTP server places
the user in the default user home directory specified in the configuration file.
The DEFAULT_USER_HOME_SERVER parameter can be used to specify
the name of the server where the default user home directory is located. If the
parameter is not specified, by default the FTP server considers the default user
home directory to be on the server where the FTP server is running.
A user is placed in the default user home directory under the following
conditions:
If IGNORE_DIR_HOME = Yes.
If IGNORE_REMOTE_HOME = Yes, and the users home directory is
on a remote server.
Logging In to an IBM Server
To log in to a remote IBM server, the user should have a user account in that
server.
To log in to the IBM server from FTP client, the user should start an FTP
session using FTPHost and should give the username in the following format:
@IBMservername.username
Managing

103-000172-001
August 30, 2001
Novell Confidential
27
Manual
99a
38
July 17, 2001
To log in to an IBM server from a browser, the following format should be

used:
ftp //+IBMserver+username:password@FTPHost
For logging in as anonymous user, the user name and password can be
omitted:
ftp //+IBMservername@FtpHost
After logging in to an IBM server, the user is placed in the home directory in
that IBM server.
While logging in to an IBM server, the user is not authenticated to the
eDirectory tree. So, navigation between IBM servers and eDirectory servers
is not possible.
Accessing a Remote Server

The double slash (//) indicates that the user wants to access a remote server.
The name of the remote server must be the first entry after the double slash.
Navigating to eDirectory Servers
After logging in to the eDirectory tree, users can access files and directories
on a remote NetWare server whether or not the server is running Novell FTP
Server software.
The NCPTM protocol lets you transfer files and navigate to and from remote
eDirectory servers.
28

103-000172-001
August 30, 2001
Novell Confidential
Manual
Figure 7
99a
38
July 17, 2001
How a NetWare FTP Server Accesses Remote NetWare Servers
Workstation running
FTP client software
1
FTP
A user uses FTP to connect to

the local NetWare FTP Server.
Remote NetWare server
(running NetWare 4.1 or later)
without the FTP service
News Feed
NCP
After logging in to
the FTP server, the
user accesses the
remote server from
the command line.
Local NetWare server

running the
FTP service
The user can now

access files on the
remote NetWare
server.
To navigate to remote servers, enter

cd //remote server name/volume/directory pathname
File operations such as get, put, and delete can be used on the remote server,
even without changing directory path to that server. For example:
get //remote_server_name/volume/directory path/filename
If the current directory is on a remote server and the remote server goes down,
the user is placed in the home directory in the home server. If the home server
is not available, the user is placed in the default user home directory.
Navigating to IBM Servers
After logging in to the eDirectory tree, users can access files and directories
on a remote NetWare server whether or not the server is running Novell FTP
Server software.
The NetWare FTP Server uses the AFTP Gateway component of NetWare
SAA to access remote IBM servers.
Managing

103-000172-001
August 30, 2001
Novell Confidential
29
Manual
Figure 8
99a
38
July 17, 2001
How a NetWare FTP Server Accesses Remote IBM Servers
Workstation running
FTP client software
1
A user uses FTP to connect

to the local IBM server.
FTP
Remote IBM server
FTP of NetWare SAA
2
After logging in to
the FTP Server, the
user accesses the
remote server from
the command line.
Local NetWare server

running the
FTP service
The user can now

access files on the
remote IBM server.
The IBM server that the user logs in to first will be considered the home server.
Once logged in to an IBM server, the user can navigate to other remote IBM
servers which identify the user with the same username and password. To
navigate to remote servers the following format should be used:
cd //IBM server name/path
File operations such as get, put, and delete can be done only when the user is
currently in that server.
If the current directory is on a remote server and the server goes down, the user
is placed in the home directory in the home server. If the home server is not
available, the remote server is made the home server. If the current directory
is in the home server and the server goes down, the user is logged out.
30

103-000172-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Paths Formats
The volume and directory path name must be specified in following format:.
//server_name/volume_name/directory_path
To navigate to different volumes, enter:

cd /volume_name
To switch back to home directory, enter:

cd ~
To switch to home directory of any user, enter:

cd ~user_name
Quote Site Commands

The SITE command enables FTP clients to access features specific to the
NetWare FTP Server.
The SITE command has the following syntax:
QUOTE SITE [SLIST | SERVER | HELP | CX {CONTEXT} | LONG |
DOS | OU]
NOTE: The settings done through Quote Site Comments is valid only for
current session.
These commands are unique to the NetWare FTP service and are not standard
FTP commands.
A list of quote site commands and their descriptions are given below:
Command
Description
SLIST
Lists all the NetWare servers within the eDirectory tree
SERVER
Lists all NetWare servers in the current eDirectory

context and its sub-OUs.
For example, SITE SERVER displays all NetWare
servers in the current context.
HELP
Displays the help file related to the Quote Site

commands. It gives the syntax, and description of all site
commands.
Managing

103-000172-001
August 30, 2001
Novell Confidential
31
Manual
99a
38
July 17, 2001
Command
Description
CX
CX without a context displays the current context of the

FTP Server
CX with a context as an argument sets the current
eDirectory context to a given value. For example:
cx ou=test sets the context to the OU test using the
relative context
cx.ou=test.o=acme sets the context to the OU test using
the absolute context
CX with the argument ~ ,resets the context back to users
context
OU
Shows all the organizational units relative to the current

context
OU enables users to display the eDirectory organizations
(containers) below the current eDirectory context.
LONG
Changes the configured namespace to the LONG name

space.
DOS
Changes to the configured name space to the DOS name

space.
DOS changes the configured name space to the DOS
name space. This change takes place only for the
current session. All NetWare volumes support the DOS
name space.
Name Space and Filenames

FTP Server software supports DOS and LONG name space. The default name
space is configured in the configuration file. FTP users can also change it
dynamically using the QUOTE SITE DOS command or the QUOTE SITE
LONG command.
NOTE: The namespace changed using Quote Site command is in effect only in the
current status.
The default configured name space is LONG.

When the user changes the name space, the change affects only those volumes
that support the specified name space. If the LONG name space is not
32

103-000172-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
supported on a specific volume, users must follow the DOS file naming
conventions of using no more than eight characters for the name plus no more
than three additional characters for the extension.
In both name spaces, the user views the response to the ls or Dir in the
NetWare format only. Format of the directory listing is as follows:
type rights owner size time name
where the above variables stand for:
Type: Type of file, where {-} indicates a file and {d} indicates a directory
Rights: Effective NetWare rights of the user to this file or directory.
Owner: NetWare user who created this file or directory. In case the
mapping of objects and the owner's name is not found, the object ID is
displayed.
Size: The size, in bytes, of the file or directory. In case of a directory, it is
always 512.
Time: The modification date and time of the file or directory.
Name: The name of the file or directory in the current name space.
Administering the NetWare FTP Server

This section discusses the administering the following:
Multiple Instances of the FTP Server on page 33
Intruder Detection on page 34
Access Restrictions on page 34
Anonymous User Access on page 37
FTP Log Files on page 38
Active Sessions Display on page 42
Multiple Instances of the FTP Server

Multiple instances of the FTP server can be initialized if the NetWare server
has multiple network interface cards. Each FTP server should have a unique
IP address and port number combination. Each FTP server instance can have
its own configuration file and access restrictions file, and can listen on
different IP addresses and port numbers.
Managing

103-000172-001
August 30, 2001
Novell Confidential
33
Manual
99a
38
July 17, 2001
The IP address of the host (HOST_IP_ADDR) and the port number

(FTP_PORT) as defined in the configuration file are used to bind to and listen
for FTP client connection requests. The configuration file can be specified
while starting the FTP server. If these parameters are not defined in the
configuration file, the default IP address and the standard FTP port number are
used.
For more details, see Table 1, Multiple Instances Parameters, on page 14.
Intruder Detection
A user is considered an intruder when the number of unsuccessful log in
attempts is greater than those specified by the parameter
INTRUDER_USER_ATTEMPTS in the configuration file. Similarly, a host/
client machine is considered an intruder when the number of consecutive login
failures for any user from that host is greater than the configured limit
specified by the parameter INTRUDER_HOST_ATTEMPTS.
If a successful login is encountered before the attempts limit is reached, the
login failures count is reset to zero.
When a user becomes an intruder, his account is locked out for an interval of
time specified by the parameter USER_RESET_TIME in the configuration
file.
When a host becomes an intruder, access to the FTP Server is denied for that
host machine for an interval of time specified by the parameter
HOST_RESET_TIME in the configuration file.
Access Restrictions
The FTP service enables you to specify access restrictions for a user, a client
host, and the IP address of a client host. The access restrictions are specified
in the restrictions file, which can be configured (RESTRICT_FILE). Access
restrictions can be specified at various levels and multiple access rights are
allowed.
34

103-000172-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Restriction Levels
The following table describes the supported levels of access restrictions.

Restriction Level
Description
Container
Restriction can be specified for any eDirectory

container. This will control all the users in that
container and its sub-OUs.
Container level: Restriction can be specified for
any eDirectory container. This will control all the
users in that container and its sub-OUs.
*.container name
The asterik (*) indicates the container level
restriction. The container should be a fully
distinguished name.
User
Restriction can be specified for a particular user.

.user name
The period (.) indicates user level restriction. The
user name should be a fully distinguished name.
Domain
Restriction can be specified at the domain level.

This will control all the hosts in that domain and
its sub domains. The following is the RESTRICT
file format:
DOMAIN= domain name
The DOMAIN= key word indicates the domain
level restriction.
The domain restrictions will not work if the host
does not have a DNS entry.
Host
Restriction can be specified for a particular host

machine.
ADDRESS= host name/IP address
The ADDRESS= key word indicates the host
level restriction. The host name or IP address of
the host can be specified.
The DNS configuration should be proper for
address and domain name restrictions.
Managing

103-000172-001
August 30, 2001
Novell Confidential
35
Manual
99a
38
July 17, 2001
Access Rights
The following table describes the permitted access rights.

Access Right
Description
DENY
Denies access to the FTP Server for that client.
READONLY
Gives read-only access to the client.
NOREMOTE
Restricts access to remote server navigation.
GUEST
Gives only Guest access to the user. guest users are

those users who cannot navigate to remote servers.
A guest user has access only within the guest users
home directory and subdirectories.
ALLOW
Gives normal FTP access without restriction.
Keywords
The following table describes the possible keywords.

Keyword
Description
ADDRESS=
Restricts a particular node. The IP address or

machine name can be used.
DOMAIN=
Restricts a particular Domain.

The asterisk (*) should be used for container level
restrictions.
ACCESS=
Is mandatory for each line. It should be followed by

access rights.
Restrict File
The format and organization of the restrict file is as follows:

Each line should have one entity name and corresponding access rights.
The rights of the entities will be assigned according to the order of the
RESTRICT file. If different rights apply to the same entity, the latest
entities that appear in the RESTRICT file will be taken.
36

103-000172-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
All rights specified in the same line will be applied to that entity.
If the RESTRICT file does not exist or is empty, the access is given to all
users without any restrictions.
Example 1
*.novell
*.testou.novell
.user1.testou.novell
ACCESS=ALLOW
ACCESS=DENY
ACCESS=READONLY
User1 at testou will be allowed read-only rights. The other users at

testou.novell will be denied the right. However, all other OUs at .novell will
be allowed.
Example 2
*.testou.novell
*.novell
ACCESS=DENY
ACCESS=ALLOW
All OUs at .novell will be allowed because both rights apply to testou and the
later would be taken.
Example 3
ADDRESS=Clientmachine1.blr.novell.com ACCESS=NOREMOTE
.user1.novell ACCESS=READONLY
The user1 logging from clientmachine1 will have read-only and no remote
access.
For more details, see Table 4, Access Restrictions Parameters, on page 15
Anonymous User Access

NetWare FTP Server software supports an anonymous user account. This
account provides people with access to public files. Access to the Anonymous
user account can be enabled or disabled by setting the
ANONYMOUS_ACCESS parameter in the configuration file. By default, the
parameter is set to No. The path of the Anonymous user's home directory can
be specified in the configuration file, in the ANONYMOUS_HOME directory
parameter.
An Anonymous user account can be created by loading the FTP server with
the -a option. This creates the Anonymous user, creates the home directory
(if it is not available), and assigns access rights to the Anonymous user. The
Managing

103-000172-001
August 30, 2001
Novell Confidential
37
Manual
99a
38
July 17, 2001
administrator name and password are then taken from the screen and the
Anonymous user is created in the eDirectory tree at the default context. Also,
the configured anonymous home directory is displayed on the screen with an
option to modify it.
If the administrator does not specify a home directory, then the default
directory is taken. The Anonymous user will have only Read and File Scan
rights to the default directory. If the administrator specifies the anonymous
home directory, then the directory is created and the Anonymous user will
have Read, File Scan, Create, Delete, and Modify rights to that directory.
For more details, see Table 3, Anonymous User Access Parameters, on page
15.
FTP Log Files

The FTP server has four log files for recording different activity information.
All the log files are created in the FTP_LOG_DIR directory specified in the
configuration file. The amount and type of information logged is controlled by
the LOG_LEVEL parameter defined in the configuration file.
The log levels indicate bits for which any combination can be give
1= ERROR
2= WARNING
4= INFO
If the LOG_LEVEL = 3, then error messages and warning messages will be
logged. If LOG_LEVEL = 4, then error messages and warning messages will
be logged.At default value of LOG_LEVEL = 7, all messages will be logged.
The parameter NUM_LOG_MSG is used to specify the maximum number of
messages that can be logged into each of the log files. Once this limit is
exceeded the log files are overwritten and the old messages are lost.
All these log files can be viewed from NetWare Web Manager.
Audit Log File
The Audit log contains details about the login and activities of the user. The
default path is SYS:/ETC/FTPAUDIT.LOG. The file has entries for login,
logout and other file system related operations like mkdir, rmdir, put, set, and
delete.
38

103-000172-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The general Audit log format is

Log Level:Thread ID:Date Time:IPaddress:Username:message
Viewing Audit Log File from NetWare Web Manager

1 In the NetWare Web Manager Service Selector panel, click NetWare FTP
Server.
2 In the Service Manager panel, click the Server Status icon.
3 In the Server Log panel, click View Auditor Trail Log to display the
following panel.
Figure 9
Audit Trail Log Panel
Statistics Log File
The Statistics log file contains details of all active sessions in the log file. The
default path is SYS:/ETC/FTPSTAT.LOG.
The Statistics log file maintains three record types, each of which is separated
by a comma.
TRANSFER: Contains information related to the data transfer
USER: Contains information related to users logged in/out
FAILURE: Contains information about the number of failures during data
transfer
Managing

103-000172-001
August 30, 2001
Novell Confidential
39
Manual
99a
38
July 17, 2001
Viewing Statistics Log file from Web Manager

1 In the NetWare Web Manager Service Selector panel, click the NetWare
FTP Server.
3 In the Server Log menu, click View Statistics Log link to display a panel

Figure 10
Statistics Log Panel
Intruder Log File
The Intruder log file contains information about unsuccessful login attempts.
The default path is SYS:/ETC/FTPINTR.LOG. The following information is
recorded in the file:
The address of the machine where the login originated
The time of the attempted access
The login name of the user
The general Intruder log format is:
ErrorLevel: Date Time : Client IPaddress : UserName :
message
40

103-000172-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If the parameter INTRUDER_HOST_ATTEMPTS = 0 then intruder detection

is disabled.
Viewing Intruder Detection from Web Manager
FTP Server.
3 In the Server log panel, click View Intruder Log to display a panel similar
to the following:
Figure 11
Intruder Log Panel
System Log File
The System log file contains all the internal system-related information
encountered by the FTP Server.
The general System log file format is
Error: Thread ID: Date Time: Message
For more details, see Table 9, FTP Logs Parameters, on page 18
Managing

103-000172-001
August 30, 2001
Novell Confidential
41
Manual
99a
38
July 17, 2001
Active Sessions Display

To load the Active Sessions Display utility, enter
ftpstat [-p port number]
Enter the port number that the HTTP browser should connect to in order to
view the NetWare FTP Active Sessions:
http://servername:port/
The default port is 2500.

You can directly view the active sessions information using NetWare Web
Manager.
FTP Server.
3 In the Server Status menu, click View Server Status to display the View
Server Status panel.

4 Click the View Server Status button in the panel to view the FTP Instance
Panel.
Figure 12
42
FTP Instance Panel

103-000172-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The FTP Instance panel appears displaying active sessions of the FTP
server. You can view details such as the total number of active session, IP
address, port number, number of sessions, peak bandwidth, and
configuration.
Managing

103-000172-001
August 30, 2001
Novell Confidential
43
Manual
44
99a
38

103-000172-001
August 30, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001

Before configuring NetWare FTP Server with Novell Cluster ServicesTM,
NetWare FTP Server must be installed on each server in your cluster that will
run it. NetWare FTP Server is selected by default during the NetWare 6.0
installation, and might already be installed.
Running FTP Server in Active/Active and Active/Passive

Modes
Running NetWare FTP Server in the ACTIVE/ACTIVE mode is the
recommended configuration because it provides faster recovery after a failure.
In this mode, FTP Server runs simultaneously on multiple servers in the
cluster. When a Web server fails, the FTP sites on that server fail over to other
FTP servers in the cluster. Only FTP sites move in ACTIVE/ACTIVE mode.
NetWare FTP Server can also be run in ACTIVE/PASSIVE mode. In this
mode, FTP Server runs on only one node in the cluster at a time. When a Web
server fails, FTP Server starts on other specified nodes in the cluster, and the
FTP sites that were on the failed server fail over to other nodes in the cluster.
This makes ACTIVE/PASSIVE mode marginally slower because FTP Server
has to load on other servers in the cluster before FTP sites can fail over.
Editing FTPSERV.CFG Configuration Files

The configuration file FTPSERV.CFG is created by default during the FTP
Server installation and is placed in the SYS:\ETC directory. A separate
FTPSERV.CFG file exists for each FTP Server that is installed on the cluster.
Each FTPSERV.CFG file contains a line that specifies the IP address assigned
to the FTP server. By default, the IP address assigned to the FTP server is the
same IP address that is assigned to the NetWare server where the FTP server
resides.

103-000172-001
August 30, 2001
Novell Confidential
45
Manual
99a
38
July 17, 2001
A separate unique IP address must be assigned to the FTP server so that it can
move with the FTP server during failover and failback. Edit the
FTPSERV.CFG file and change the HOST_IP_ADDR line to specify the
unique IP address you want to assign to the FTP server. For example, if the
unique IP address you want to assign to the FTP server is 123.45.67.012, the
line would read Host_IP_ADDR=123.45.67.012.
Assigning a unique IP address to the FTP server allows it to bind to the unique
IP address instead of to the IP address of the local host.
FTPSERV.CFG also contains a line that specifies the default home directory
for FTP users. This home directory must reside on a volume on the shared disk
system. The volume where the home directory resides doesn't have to be
cluster enabled.
Edit FTPSERV.CFG and change the DEFAULT_USER_HOME line to
specify the user home directory and volume on the shared disk system. For
example, if the user home directory on the shared volume is SHARE1:/
HOME, the line would read DEFAULT_USER_HOME=SHARE1:HOME.
Editing AUTOEXEC.NCF Files

If you are running NetWare FTP Server in ACTIVE/PASSIVE mode, it should
be launched from the FTP Server Cluster Resource load script. For more
details, see Novell Cluster Services Overview and Installation (http://
www.novell.com/documentation/).
If you are running FTP Server in ACTIVE/ACTIVE mode, it should be
launched from the AUTOEXEC.NCF file of each NetWare server in the
cluster that will run FTP Server.
Add the following lines in the order specified to the AUTOEXEC.NCF file of
each NetWare server in the cluster that will run FTP Server in ACTIVE/
ACTIVE mode:
ADD SECONDARY IPADDRESS A.B.C.D NOARP
NWFTPD
LOAD DELAY.NLM
DELAY 5
DEL SECONDARY IPADDRESS A.B.C.D
Replace A.B.C.D with the unique IP address you assigned the FTP server.
46

103-000172-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If you are running multiple FTP servers on your cluster, repeat the ADD and
DEL SECONDARY IPADDRESS lines for each FTP server, because each
FTP server requires its own IP address. Also, each FTP server must have its
own uniquely named configuration file which specifies the FTP server's IP
address and shared volume directory. Running FTP Server in ACTIVE/
ACTIVE mode is required if you plan to run more than one FTP Server on the
same NetWare server.
For example, if you have three FTP servers on your cluster, you can create
three configuration files named FTPSERV1.CFG, FTPSERV2.CFG, and
FTPSERV3.CFG and then copy them to the SYS:\ETC directory of each
NetWare server in the cluster that will run the FTP servers. Each configuration
file contains the IP address and shared volume directory for its corresponding
FTP server. In this example, you would add the following lines to the
AUTOEXEC.NCF file of each server in the cluster that will run the three FTP
servers in ACTIVE/ACTIVE mode:
ADD SECONDARY IPADDRESS
NWFTPD -C FTPSERV1.CFG
LOAD DELAY.NLM
DELAY 5
DEL SECONDARY IPADDRESS
A.B.C.D NOARP
A.B.C.D NOARP
A.B.C.D NOARP
A.B.C.D
A.B.C.D
A.B.C.D
DELAY.NLM provides enough time for the FTP server to load before the
secondary IP addresses are deleted. The delay time might need to be altered to
ensure enough time is allotted.
IMPORTANT: If you are also running Netscape* Enterprise Server in ACTIVE/
ACTIVE mode on the same server, be sure to add the lines in the above example
before the NSWEB command.

103-000172-001
August 30, 2001
Novell Confidential
47
Manual
99a
38
July 17, 2001
Novell Cluster Services Configuration and Setup

Once FTP Server is installed, you must create and configure an FTP server
resource in Novell Cluster Services for each FTP server that will run in your
cluster. This includes configuring load and unload scripts; setting Start,
Failover, and Failback modes; and assigning the FTP server resource to
specific nodes in your cluster.
Creating a Cluster Volume Object

Before you start using FTP Server with cluster support, create a shared volume
and a Cluster Volume object.
1 Create a shared volume using NWCONFIG > NSS volumes.
2 Create a Cluster Volume object in ConsoleOne by completing the
following:
2a Select the Cluster object.
2b Click File > New > Cluster > Cluster Volume.
2c Browse and select the shared volume.
2d Enter the secondary IP address or the virtual IP address associated
with the cluster.

The address will be in the following format:
AAA.BBB.CCC.DDD
2e Check the Define Additional Properties check box and click Create.
2f Set the Start, Failover, and Failback Modes.
2g Verify the order of the servers in the nodes list.
2h To save the changes to the Cluster Volume object, click OK.
IMPORTANT: After the shared volume servername_shared vol name is cluster-
enabled, ConsoleOne renames it to cluster object name_shared vol name.

ConsoleOne creates a virtual server associated with the shared volume called
cluster object name_shared vol name_SERVER.
ConsoleOne also creates a Cluster Volume object called shared vol
name_SERVER in the Cluster object container.
48

103-000172-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Configuring FTP Server Load and Unload Scripts

Select and right-click the Cluster Volume object and then click Properties to
find the Cluster Resource Load Script and Cluster Resource Unload Script.
Load and unload scripts are required by Novell Cluster Services to start and
stop the FTP server.
1 To the load script, add the following at the end of the existing script:
NSS /ACTIVATE=VOLUME
MOUNT VOLUME
ADD SECONDARY IPADDRESS A.B.C.D
NWFTPD
2 To the unload script, add the following at the beginning of the existing
script:
UNLOAD NWFTPD
DISMOUNT VOLUME /FORCE
NSS /FORCEDEACTIVATE=VOLUME
DEL SECONDARY IPADDRESS A.B.C.D
Replace VOLUME in both the load and unload scripts with the name of
the shared disk volume where webroot exists. Replace A.B.C.D with the
secondary IP address assigned to the FTP server cluster volume object.
This is the IP address that will move with the FTP Server during failover
and failback. The NWFTPD command is omitted in ACTIVE/ACTIVE
mode.

103-000172-001
August 30, 2001
Novell Confidential
49
Manual
99a
38
July 17, 2001
Setting FTP Server Start, Failover, and Failback Modes

The following table explains the different FTP Server resource modes.
Mode
Settings
Description
Start
AUTO, MANUAL
AUTO allows FTP Server

to automatically start on a
designated server when
the cluster is first brought
up.
MANUAL lets you
manually start the FTP
Server on a specific
server whenever you
want.
Default = AUTO
Failover
AUTO, MANUAL

to automatically move to
the next server in the
Assigned Nodes list in
the event of a hardware
or software failure.
MANUAL lets you
intervene after a failure
occurs and before FTP
Server is moved to
another node.
Default = AUTO
50

103-000172-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Mode
Settings
Description
Failback
AUTO, MANUAL,
DISABLE

to automatically move
back to its preferred node
when the preferred node
is brought back online.
MANUAL prevents FTP
Server from moving back
when that node is
brought back online until
you are ready to allow it
to happen.
DISABLE causes FTP
Server to continue
running in an online state
on the node it has failed
to.
Default = DISABLE
To set FTP Server Start, Failover, and Failback modes, do the following:
1 In ConsoleOne, double-click the cluster object container.
2 Right-click the cluster resource object shared vol name_SERVER and
select Properties.
3 Click the Policies tab on the property page.
4 View or change the Start, Failover, or Failback mode.

103-000172-001
August 30, 2001
Novell Confidential
51
Manual
52
99a
38

103-000172-001
August 30, 2001
Novell Confidential
July 17, 2001
Manual
99a
July 17, 2001
38
FTP Server Messages
NWFTPD Messages
Failed to bind to FTP port
Source:
Explanation:
Possible Cause:
Action:
NWFTPD.NLM
The port that the FTP Server is trying to bind to is busy.
Another instance of the FTP Server or another application is bound to the port.
Unload the application that is bound to the port, bind the FTP Server to a
different port, or delete the busy port from TCPCON.
Failed to initialize Anonymous user

Source:
Explanation:
NWFTPD.NLM
The FTP Server failed to create an Anonymous user.
Possible Cause:
Incorrect data was entered to create the user.
Action:
Enter nwftpd -a [-c Configfile].
Failed to add Anonymous User object to NDS

Source:
Possible Cause:
Action:
NWFTPD.NLM
The user entered has insufficient rights.
Ensure that the user has sufficient rights.
Failed to generate an ObjectKeyPair

Source:
Possible Cause:
Action:
NWFTPD.NLM
FTP Server Messages

103-000172-001
August 30, 2001
Novell Confidential
53
Manual
99a
38
July 17, 2001
Failed to open configuration file

Source:
Possible Cause:
Action:
NWFTPD.NLM
The configuration file is not available at specified location.
Verify if the configuration file is available at the specified location.
Unable to find default configuration file

Source:
Possible Cause:
Action:
NWFTPD.NLM
Configuration file is not available at default location (SYS:/ETC).
Verify if the configuration file is availabl at the default location.
Unable to locate Anonymous user in default context

Source:
Possible Cause:
Action:
NWFTPD.NLM
Anonymous use does not exist at the FTP Server's context
Run nwftpd -a to create anonymous user and reload nwftpd.
USAGE : nwftpd [-c <Config File>] [-a]

Source:
NWFTPD.NLM
Source:
Possible Cause:
Source:
Action
Possible Cause:
Action:
54
The user might have tried to load nwftpd.nlm with wrong usage.
Load nwftpd.nlm by typing only nlm name for default configuration file, or
ftpupgrd [-c Config File] for specific configuration file name or
nwftpd [-a] for creating anonymous user.

103-000172-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
FTPUPGRD Messages
Could not create the .cfg file.
Source:
Possible Cause:
Action:
FtpUpgrd.nlm
Configuration file does not exist for ftp server upgrade, or existing
configuration file has read only access.
Modify the file access if it is read only or specify proper configuration file
name with ftpupgrd [-c Config File] usage.
Could not create the FTP Server Restriction file.

Source:
Possible Cause:
Action:
FtpUpgrd.nlm
Restriction file does not exist for ftp server upgrade, or existing Restriction
file has read only access.
Modify the file access if it is read only or specify proper restriction file name.
Failed to upgrade.
Source:
Possible Cause:
Action:
FtpUpgrd.nlm
Configuration file does not exist for FTP server upgrade, or existing
configuration file has read only access, or restriction file does not exist for ftp
server upgrade, or existing Restriction file has read only access
Modify the file access if it's read only or specify proper configuration file
name with ftpupgrd [-c Config File] uusage. Modify the file
access if it is read only or specify proper restriction file name
Correct Usage: ftpupgrd [-c <Config File>]

Source:
Possible Cause:
Action:
FtpUpgrd.nlm
USER might have tried to load FtpUpgrd.nlm with wrong usage.
Use specified user ftpupgrd [-c <Config File>]
FTP Server Messages

103-000172-001
August 30, 2001
Novell Confidential
55
Manual
56
99a
38

103-000172-001
August 30, 2001
Novell Confidential
July 17, 2001
Novell DNS/DHCP Services Administration Guide
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Legal Notices
Novell, Inc. makes no representations or warranties with respect to the contents or use of this documentation, and
specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose.
Further, Novell, Inc. reserves the right to revise this publication and to make changes to its content, at any time,
without obligation to notify any person or entity of such revisions or changes.
Further, Novell, Inc. makes no representations or warranties with respect to any software, and specifically disclaims
any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc.
reserves the right to make changes to any and all parts of Novell software, at any time, without any obligation to
notify any person or entity of such changes.
This product may require export authorization from the U.S. Department of Commerce prior to exporting from the
U.S. or Canada.
Copyright 1993-2001 Novell, Inc. All rights reserved. No part of this publication may be reproduced,
photocopied, stored on a retrieval system, or transmitted without the express written consent of the publisher.
U.S. Patent No. 5,157,663; 5,349,642; 5,455,932; 5,553,139; 5,553,143; 5,572,528; 5,594,863;
5,608,903;5,633,931; 5,652,859; 5,671,414; 5,677,851; 5,692,129; 5,701,459; 5,717,912; 5,758,069; 5,758,344;
5,781,724;5,781,724; 5,781,733; 5,784,560; 5,787,439; 5,818,936; 5,828,882; 5,832,274; 5,832,275; 5,832,483;
5,832,487;5,850,565; 5,859,978; 5,870,561; 5,870,739; 5,873,079; 5,878,415; 5,878,434; 5,884,304; 5,893,116;
5,893,118;5,903,650; 5,903,720; 5,905,860; 5,910,803; 5,913,025; 5,913,209; 5,915,253; 5,925,108; 5,933,503;
5,933,826;5,946,002; 5,946,467; 5,950,198; 5,956,718; 5,956,745; 5,964,872; 5,974,474; 5,983,223; 5,983,234;
5,987,471;5,991,771; 5,991,810; 6,002,398; 6,014,667; 6,015,132; 6,016,499; 6,029,247; 6,047,289; 6,052,724;
6,061,743; 6,065,017; 6,094,672; 6,098,090; 6,105,062; 6,105,132; 6,115,039; 6,119,122; 6,144,959; 6,151,688;
6,157,925; 6,167,393; 6,173,289; 6,192,365; 6,216,123; 6,219,652; 6,229,809. Patents Pending.
Novell, Inc.
Provo, Utah 84606
U.S.A.
www.novell.com
Novell DNS/DHCP Management Utility Administration Guide
September 2001
103-000164-001
Online Documentation: To access the online documentation for this and other Novell products, and to get
updates, see www.novell.com/documentation.

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
Novell Trademarks
NetWare is a registered trademark of Novell, Inc. in the United States and other countries.
Novell is a registered trademark of Novell, Inc. in the United States and other countries.
Novell eDirectory is a trademark of Novell, Inc.
Third-Party Trademarks
All third-party trademarks are the property of their respective owners.

103-000164-001
September 4, 2001
Novell Confidential
July 17, 2001
Manual
99a
38

103-000164-001
September 4, 2001
Novell Confidential
July 17, 2001
Manual
99a
38

103-000164-001
September 4, 2001
Novell Confidential
July 17, 2001
Manual
99a
38

103-000164-001
September 4, 2001
Novell Confidential
July 17, 2001
doc_tpl.fm
Rev 99a
28 October 99
Contents
About This Guide.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Documentation Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Trademark Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Understanding .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Overview of DNS/DHCP Services . . . . . . . .

DNS . . . . . . . . . . . . . . . . . . . . . . .
DHCP . . . . . . . . . . . . . . . . . . . . . .
DNS/DHCP Management Utility . . . . . . . . .
Understanding the eDirectory Schema Extension
DNS/DHCP Global eDirectory Objects. . . . . .
New eDirectory Objects for DNS . . . . . . . . .
DNS Zone Object . . . . . . . . . . . . . . .
DNS Resource Record Set Object . . . . . .
DNS Resource Records . . . . . . . . . . .
DNS Server Object . . . . . . . . . . . . . .
eDirectory Objects for DHCP. . . . . . . . . . .
Subnet Object . . . . . . . . . . . . . . . .
Address Range Object . . . . . . . . . . . .
IP Address Object . . . . . . . . . . . . . .
DHCP Server Object . . . . . . . . . . . . .
Subnet Pool Object . . . . . . . . . . . . . .
Understanding DNS . . . . . . . . . . . . . . .
DNS Hierarchy . . . . . . . . . . . . . . . . . .
Domains and Subdomains . . . . . . . . . .
Domain Names . . . . . . . . . . . . . . . .
Domain Delegation . . . . . . . . . . . . . .
IN-ADDR.ARPA Domain . . . . . . . . . . .
DNS Name Service . . . . . . . . . . . . . . .
Name Servers . . . . . . . . . . . . . . . .
Resource Records . . . . . . . . . . . . . .
Traditional DNS . . . . . . . . . . . . . . . . .
DNS within eDirectory . . . . . . . . . . . . . .
DNS Master File . . . . . . . . . . . . . . .
Understanding DHCP . . . . . . . . . . . . . .
IP Address Allocation . . . . . . . . . . . . . .
Dynamic BOOTP Allocation . . . . . . . . .
Dynamic DHCP Allocation . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Contents

103-000164-001
September 4, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
15
16
18
20
21
21
22
23
23
23
24
24
25
25
26
26
26
27
27
29
30
30
31
31
31
32
34
36
38
39
40
40
40
doc_tpl.fm
Manual Allocation . . . . . . . . . . . . . . . .
Lease Options . . . . . . . . . . . . . . . . . .
Managing the Database . . . . . . . . . . . . . . .
DHCP Options . . . . . . . . . . . . . . . . . . . .
Assigning Options . . . . . . . . . . . . . . . .
DHCP Options for eDirectory . . . . . . . . . .
NetWare/IP Options . . . . . . . . . . . . . . .
Dynamic DNS . . . . . . . . . . . . . . . . . . . .
Compatibility with BOOTP . . . . . . . . . . . . . .
Using a BOOTP Relay Agent . . . . . . . . . . . .
Virtual LAN Environments . . . . . . . . . . . .
SNMP Event Generation . . . . . . . . . . . . . .
DHCP Auditing . . . . . . . . . . . . . . . . . . .
Console and Debug Logs . . . . . . . . . . . .
Understanding the DNS/DHCP Management Utility.
Overview of Interface Interaction . . . . . . . . . .
The DNS/DHCP Management Utility Interface .
Taskbar . . . . . . . . . . . . . . . . . . . . .
Roles and Tasks . . . . . . . . . . . . . . . . .
Object Creation Rules . . . . . . . . . . . . . .
Planning .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Rev 99a
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
eDirectory Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Planning a DNS Strategy . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Planning Zones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Novell DNS Server as a Primary Name Server . . . . . . . . . . . . . . .
Novell DNS Server as a Secondary Name Server (to a Non-Novell Master)
Configuring a DNS Server to Forward Requests . . . . . . . . . . . . . . . .
Forwarding Requests for Unknown Addresses . . . . . . . . . . . . . . .
Restricting Forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Setting Up the IN-ADDR.ARPA Zone . . . . . . . . . . . . . . . . . . . . . .
Registering Your DNS Server with Root Servers . . . . . . . . . . . . . . . .
Planning a DHCP Strategy . . . . . . . . . . . . . . . . . . . . . . . . . . .
Network Topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Migrating from Another DHCP Solution . . . . . . . . . . . . . . . . . . .
Initiating the DHCP Service . . . . . . . . . . . . . . . . . . . . . . . . .
eDirectory Implementation . . . . . . . . . . . . . . . . . . . . . . . . . . .
Lease Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Considering the Length of Leases . . . . . . . . . . . . . . . . . . . . . .
Controlling Client Access to Leases . . . . . . . . . . . . . . . . . . . . .
IP Address Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Identifying Your Addresses . . . . . . . . . . . . . . . . . . . . . . . . .
Subnetting Your Addresses . . . . . . . . . . . . . . . . . . . . . . . . .
Assigning Addresses Manually . . . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
28 October 99

103-000164-001
September 4, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
41
41
42
43
43
44
45
46
47
47
48
49
50
50
51
52
52
53
54
55
57
57
58
59
59
59
60
60
61
61
61
62
62
62
63
63
64
65
67
67
67
68
68
doc_tpl.fm
Rev 99a
28 October 99
Representing Addresses in eDirectory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68

Restricting Address Assignment to Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
Hostnames . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
Setting Up .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
Configuring DNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Required eDirectory Rights to Manage DNS/DHCP Configuration . . . . . . . .
DNS/DHCP Scope Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Importing DNS Configuration Information . . . . . . . . . . . . . . . . . . . . .
Setting Up DNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
DNS Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Loading the DNS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Configuring Clients to Use DNS . . . . . . . . . . . . . . . . . . . . . . . .
Detailed DNS Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Creating a DNS Server Object . . . . . . . . . . . . . . . . . . . . . . . . .
Modifying a DNS Server Object . . . . . . . . . . . . . . . . . . . . . . . .
Starting/Stopping the DNS Server . . . . . . . . . . . . . . . . . . . . . . .
Creating a Zone Object . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Creating a Primary DNS Zone Object . . . . . . . . . . . . . . . . . . . . .
Creating a Secondary DNS Zone Object . . . . . . . . . . . . . . . . . . . .
Creating an IN-ADDR.ARPA Object . . . . . . . . . . . . . . . . . . . . . .
Creating a Primary IN-ADDR.ARPA Zone Object . . . . . . . . . . . . . . .
Creating a Secondary IN-ADDR.ARPA Zone Object . . . . . . . . . . . . . .
Modifying a Zone Object . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Creating Resource Records . . . . . . . . . . . . . . . . . . . . . . . . . .
Modifying Resource Records . . . . . . . . . . . . . . . . . . . . . . . . . .
Configuring DNS Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Configuring an eDirectory Server to Forward Queries to Root Name Servers .
Configuring a Cache-Only Server . . . . . . . . . . . . . . . . . . . . . . .
Configuring to Support Child Zones . . . . . . . . . . . . . . . . . . . . . .
Configuring DHCP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Importing DHCP Configuration Information . . . . . . . . . . . . . . . . . . . .
Setting Up DHCP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
DHCP Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Setting Global DHCP Preferences . . . . . . . . . . . . . . . . . . . . . . .
Setting Global DHCP Options . . . . . . . . . . . . . . . . . . . . . . . . .
Setting Global DHCP Defaults . . . . . . . . . . . . . . . . . . . . . . . . .
Viewing the DHCP Options Table . . . . . . . . . . . . . . . . . . . . . . .
Creating a DHCP Server Object . . . . . . . . . . . . . . . . . . . . . . . .
Creating a Subnet Object. . . . . . . . . . . . . . . . . . . . . . . . . . . .
Creating Subnet Address Ranges . . . . . . . . . . . . . . . . . . . . . . .
Creating IP Address Objects . . . . . . . . . . . . . . . . . . . . . . . . . .
Loading the DHCP Server . . . . . . . . . . . . . . . . . . . . . . . . . . .
Configuring Clients to Use DHCP . . . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Contents

103-000164-001
September 4, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
71
71
73
74
74
75
75
75
76
76
77
78
78
79
79
80
80
81
82
83
84
85
85
85
86
86
87
88
88
88
89
89
90
91
91
92
92
93
94
doc_tpl.fm
Detailed DHCP Configuration . . . . . . . . . . . . . . . . . . . .

Modifying a DHCP Server Object . . . . . . . . . . . . . . . .
Starting/Stopping the DHCP Server . . . . . . . . . . . . . . .
Modifying an Existing Subnet Object . . . . . . . . . . . . . .
Modifying a Subnet Address Range Object . . . . . . . . . . .
Modifying an Existing IP Address Object . . . . . . . . . . . .
Creating a Subnet Pool Object . . . . . . . . . . . . . . . . .
Modifying a Subnet Pool Object . . . . . . . . . . . . . . . . .
Configuring Special Features . . . . . . . . . . . . . . . . . . . .
Configuring a DNS Server to be Authoritative for Multiple Zones
Configuring a Multi-Homed Server. . . . . . . . . . . . . . . .
Configuring Dynamic DNS . . . . . . . . . . . . . . . . . . . .
Configuring Multiple Logical Networks . . . . . . . . . . . . . .
Configuring for Auditing . . . . . . . . . . . . . . . . . . . . . . .
Configuring DNS Auditing . . . . . . . . . . . . . . . . . . . .
Viewing the DNS Audit Trail Log. . . . . . . . . . . . . . . . .
Viewing the DNS Event Log . . . . . . . . . . . . . . . . . . .
Configuring DHCP Auditing . . . . . . . . . . . . . . . . . . .
Viewing the DHCP Audit Trail Log . . . . . . . . . . . . . . . .
Viewing the DHCP Event Log . . . . . . . . . . . . . . . . . .
NAMED Command Line Options . . . . . . . . . . . . . . . . . .
DHCPSRVR Command Line Options . . . . . . . . . . . . . . . .
Optimizing
Rev 99a
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
28 October 99
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
94
95
96
97
98
100
101
102
102
103
103
103
104
104
105
105
106
108
108
110
111
112
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
Optimizing DNS Performance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115

Optimizing DHCP Performance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
Managing
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117
DNS/DHCP Management Utility . . . . . . . . . .

Installing the DNS/DHCP Management Utility. . .
Prerequisites . . . . . . . . . . . . . . . . . .
Launching the DNS/DHCP Management Utility
Using the DNS/DHCP Management Utility . . . .
Managing DNS . . . . . . . . . . . . . . . . . .
Managing DHCP . . . . . . . . . . . . . . . . .
Events and Alerts . . . . . . . . . . . . . . .
Auditing Server Activity . . . . . . . . . . . . . .
Troubleshooting .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
117
118
118
118
119
119
120
120
121
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123
DNS . . . . . . . . . . . . . . . . . . . . . . . . .
Troubleshooting Checkpoints . . . . . . . . . .
Common Configuration Problems . . . . . . . .
Common Operational Problems . . . . . . . . .
Troubleshooting Windows 95 TCP/IP Problems .
10
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

103-000164-001
September 4, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
123
123
124
125
128
doc_tpl.fm
Using the "-F" Command Line Option for DNIPINST.NLM . .

Server Access to DNS/DHCP Locator Object Not Required .
DHCP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Troubleshooting Checkpoints. . . . . . . . . . . . . . . . .
Common Operational Problems . . . . . . . . . . . . . . .
Releasing and Renewing DHCP Addresses . . . . . . . . .
Rev 99a
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
28 October 99
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Contents

103-000164-001
September 4, 2001
Novell Confidential
.
.
.
.
.
.
134
134
135
135
136
139
11
doc_tpl.fm
12
Rev 99a

103-000164-001
September 4, 2001
Novell Confidential
28 October 99
Manual
99a
July 17, 2001
38
About This Guide

This document describes the concepts of the Domain Naming System (DNS)
and the Dynamic Host Configuration Protocol (DHCP), the setup and
configuration of these functions, and how to use Novell DNS/DHCP Services
in NetWare 6.
The audience for this document is network administrators. This
documentation is not intended for users of the network.
Conventions
In Novell documentation, a greater-than symbol (>) is used to separate actions
Trademark Conventions
In this documentation, a trademark symbol (, TM, etc.) denotes a Novell
trademark. An asterisk (*) denotes a third-party trademark.
About This Guide

103-000164-001
September 4, 2001
Novell Confidential
13
Manual
14
99a
38

103-000164-001
September 4, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
Understanding
This chapter describes the eDirectoryTM schema extension, the Domain Name
System (DNS), and the Dynamic Host Control Protocol (DHCP) server, and it
explains their eDirectory-related functions. This chapter also provides
information about the DNS/DHCP Management Utility.
Overview of DNS/DHCP Services

Novell DNS/DHCP Services in NetWare 6 integrates the Domain Name
System (DNS) and Dynamic Host Configuration Protocol (DHCP) into the
eDirectory database. Integrating these services into eDirectory provides
centralized administration and enterprise-wide management of network (IP)
addresses, configuration, and hostnames.
The DNS/DHCP Management Utility provides a Web interface to manage the
objects created to support DNS and DHCP. The DNS/DHCP Management
Utility functions as a Web-based utility and runs in a browser window. It does
not require a Novell client or any installed component as a prerequisite. It
shares a common interface with other utilities that are based on the eDirectory
Management (iManage) framework, and is thus tightly integrated with
Netware 6.
NOTE: In this document, the term host refers to a network device that requires an
IP address and might have a hostname.
For more overview information, refer to:

DNS on page 16
DHCP on page 18
DNS/DHCP Management Utility on page 20
Understanding

103-000164-001
September 4, 2001
Novell Confidential
15
Manual
99a
38
July 17, 2001
DNS
The DNS software in Novell DNS/DHCP Services integrates DNS
information into the eDirectory database. Previously, DNS used Btrieve* as its
database for configuration information. Integrating DNS with eDirectory
moves all the information currently held in Btrieve files into eDirectory.
Integrating DNS with eDirectory greatly simplifies network administration by
enabling you to enter all configuration information into one distributed
database. Furthermore, the DNS configuration information is replicated just
like any other data in eDirectory.
Integrating DNS with eDirectory also enables an update interaction between
DNS and DHCP through the Dynamic DNS (DDNS) feature. When a host is
assigned an IP address by DHCP, the DNS information can be automatically
updated to associate the hostname with the new address when the DDNS
feature is active.
By integrating DNS into eDirectory, Novell has shifted the concept of a
primary or secondary zone away from the server to the zone itself. Once you
have configured the zone, the data is available to any of the Novell DNS
servers you choose to make authoritative for the zone. The Novell DNS server
takes advantage of the peer-to-peer nature of eDirectory by replicating the
DNS data.
Novell DNS/DHCP Services interoperates with other DNS servers. The
Novell DNS server can act as either a master DNS server or a secondary DNS
server in relation to non-Novell DNS servers. The Novell DNS server can act
as the master DNS server and transfer data to non-Novell secondary servers.
Alternatively, one Novell DNS server can act as a secondary DNS server and
transfer data from a non-Novell master server. All Novell DNS servers can
then access the data through eDirectory replication.
Novell DNS/DHCP Services provides the following DNS features:
All DNS configuration is done in eDirectory, facilitating enterprise-wide
management.
A Novell DNS server can be a secondary name server to another zone
(DNS data loaded into eDirectory through a zone transfer), or it can be a
primary name server (on which you configure DNS data using the DNS/
DHCP Management Utility).
DNS data can be read in from a BIND Master file to populate eDirectory
for convenient upgrades from BIND implementations of DNS.
16

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
DNS data can be exported from eDirectory into BIND Master file format.
Root server information is stored in eDirectory and shared by all
eDirectory-based DNS servers.
Zone transfers are made to and from eDirectory through Novell servers
and include interoperability with non-eDirectory-based DNS.
A Novell DNS server can be authoritative for multiple domains.
Novell DNS servers maintain a cache of data from eDirectory so they can
quickly respond to queries.
A Novell DNS server can act as a caching or forwarding server instead of
an authoritative server for zones.
Novell DNS/DHCP Services supports multihoming.
Novell DNS/DHCP Services software supports round-robin processing
of responses to queries with multiple Address records (A records) for a
domain name.
The DNS software in Novell DNS/DHCP Services conforms to BIND 4.9.5
and supports the standards of the Internet Request For Comments (RFCs) in
the following list:
RFC 819Domain Naming Convention for Internet User Applications
RFC 920Domain Requirements
RFC 974Mail Routing and Domain System
RFC 1032Domain Administrator's Guide
RFC 1033Domain Administrator's Operations Guide
RFC 1034Domain Names - Concepts and Facilities
RFC 1035Domain Names - Implementation and Specification
RFC 1036Standard Interchange of USENET Messages
RFC 1101DNS Encoding of Network Names and other Types
RFC 1122Requirements for Internet Hosts - Communications Layers
RFC 1123Requirements for Internet Hosts - Application and Support
RFC 1183New DNS RR Definitions
RFC 1535A Security Problem and Proposed Correction with Widely
Deployed DNS Software
Understanding

103-000164-001
September 4, 2001
Novell Confidential
17
Manual
99a
38
July 17, 2001
RFC 1536Common DNS Implementation Errors and Suggested Fixes

RFC 1537Common DNS Data File Configuration Errors
RFC 1591Domain Name System Structure and Delegation
RFC 1597Address Allocation for Private Internets
RFC 1627Network 10 Considered Harmful (Some Practices Shouldn't
Be Codified)
RFC 1713Tools for DNS Debugging
RFC 1884IP Version 6 Addressing Architecture
RFC 1886DNS Extensions to Support IP Version 6
RFC 1912Common DNS Operations and Configurations Errors
RFC 2010Operations Criteria for Root Name Servers
RFC 2052A DNS RR for Specifying the Location of Services (DNS
SRV)
DHCP
A NetWare 6 DHCP server automatically assigns IP addresses and other
configuration information to clients upon request or when the clients are
restarted. Automatic assignment of configuration information reduces the
amount of work required to configure and manage a large IP network.
Furthermore, integrating DHCP with eDirectory enables you to enter all
configuration information into one distributed database. This greatly
simplifies network administration and provides for the replication of DHCP
configuration information.
DHCP provides for both static and dynamic configuration of IP clients. Static
configuration enables you to assign a specific IP address and configuration to
a client with a specific machine or MAC address. When DHCP assigns IP
addresses dynamically, IP clients are assigned an IP address that is chosen
from a range of available addresses. You can use dynamic address assignment
when you are not concerned about which IP address a particular client uses.
Each IP client that requests an address assignment can also use the other
DHCP configuration parameters.
DHCP can limit the amount of time a DHCP client can use an IP address. This
is known as the lease time. You can use the lease time to allow a large number
of clients to use a limited number of IP addresses.
18

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
DHCP is based on BOOTP and maintains some backward compatibility.

Novell DHCP servers can be configured to respond to requests from BOOTP
clients.
Novell DNS/DHCP Services provides the following DHCP features:
All DHCP configuration is done in eDirectory, facilitating enterprisewide management.
DHCP options can be set at three levels:
Enterprise level
Subnet level
Specific client level
The configuration utility has import/export functions that support the
following:
Populating eDirectory from an existing Novell DHCP Server 2.0
DHCPTAB file or from a BOOTPTAB file (for Novell BOOTP)
Saving configuration information out of eDirectory
You can configure the level of SNMP event trap generation using the
DNS/DHCP Management Utility for all events, major events only, or no
events.
Client assignment policy options (to support mobile clients that move
around the network) include:
Allow Duplicate
Delete Duplicate
No Duplicate
You can use the DNS/DHCP Management Utility to maintain a hardware
exclusion list to deny service to unwanted devices by their MAC
addresses.
The DHCP software updates eDirectory to record all address assignments
to LAN clients.
You can use Dynamic DNS (DDNS) to update DNS with information
about addresses assigned and rescinded.
The DHCP software enables the server to cache addresses and other
configuration information from eDirectory for quick response.
Understanding

103-000164-001
September 4, 2001
Novell Confidential
19
Manual
99a
38
July 17, 2001
The DHCP software has one DHCP server NetWare Loadable ModuleTM
(NLMTM) file that supports both LAN and remote access clients.
You can configure the DHCP server to ping an address to verify that no
other device is using it before assigning the address to a client.
Provides fault tolerance as follows:
A server can survive a temporary local eDirectory service outage and
recover automatically.
DHCP configuration is replicated like other eDirectory data.
DHCP auditing can help diagnose problems. Each incidence of address
deletion, addition, and rejection is recorded.
Novell DNS/DHCP Services supports the features that were previously
provided by Novell DHCP Server 2.0 and supports the standards of the RFCs
in the following list:
RFC 2131Dynamic Host Configuration Protocol
RFC 2132DHCP Options and BOOTP Vendor Extensions
RFC 2241DHCP Options and Novell Directory Services
RFC 2242NetWare/IP Domain Name and Information
Novell DNS/DHCP Services also supports the BOOTP standards of the RFCs
in the following list:
RFC 1497BOOTP Vendor Information Extensions
RFC 1534Interoperation Between DHCP and BOOTP
RFC 1542Clarifications and Extensions for the Bootstrap Protocol
Refer to DHCP Options on page 43 for a list of all supported DHCP options.
DNS/DHCP Management Utility

The DNS/DHCP Management Utility is a Web-based utility used to configure
and manage eDirectory-based DNS and DHCP. eDirectory is used as a
database to store the administered IP address and name service objects.
The DNS/DHCP Management Utility can run on any browser workstation and
does not require a Novell client or any installed component as a prerequisite.
20

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
It operates within the common eDirectory Management Framework

(iManage) and is thus tightly integrated with Netware 6.
For more detailed information about the DNS/DHCP Management Utility,
refer to Understanding the DNS/DHCP Management Utility on page 51.
Understanding the eDirectory Schema Extension

The eDirectory schema extension defines additional objects needed for DNS
and DHCP.
For more information, refer to:
DNS/DHCP Global eDirectory Objects on page 21
New eDirectory Objects for DNS on page 22
eDirectory Objects for DHCP on page 24
DNS/DHCP Global eDirectory Objects

When you select Novell DNS/DHCP Services during NetWare 6 installation,
the eDirectory schema is extended to enable the creation of DNS and DHCP
objects, and the following objects are created:
DNS/DHCP Locator object
DNS/DHCP Group object
RootSrvrInfo Zone
Only one copy of these objects exists in an eDirectory tree. The DNS servers,
DHCP servers, and DNS/DHCP Management Utility must have access to
these objects.
The DNS/DHCP Group object is a standard eDirectory group object. The
DNS and DHCP servers gain the rights to DNS and DHCP data within the tree
through the Group object. When the DNS/DHCP Management Utility is used
to create DNS and DHCP servers, the servers have the rights required to
access data.
The DNS/DHCP Locator object contains global defaults, DHCP options, and
lists of all DNS and DHCP servers, subnets, and zones in the tree. The DNS/
DHCP Management Utility can display these objects without having to search
the tree by using the Locator object. The Locator object is basically hidden by
the DNS/DHCP Management Utility.
Understanding

103-000164-001
September 4, 2001
Novell Confidential
21
Manual
99a
July 17, 2001
38
The RootSrvrInfo Zone is a Zone object, an eDirectory container object that

contains resource record sets for the DNS root servers. The resource record
sets contain Address records and Name Server records that provide pointers
for DNS queries to the root servers. The RootSrvrInfo Zone object is the
equivalent of the BIND db.root file.
New eDirectory Objects for DNS

The following new eDirectory objects support DNS:
DNS Zone object
DNS Resource Record Set object
DNS Name Server object
Figure 1 shows an example of a tree of DNS objects.
Figure 1
eDirectory Objects for DNS
Novell
San Jose (SJF)
DNS Zone
Object
DNS Server
novell_com.sjf.novell
RRSet
Objects
22
Admin
novell_com
NS
NS2
MX
MXN

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
DNS Zone Object

The DNS Zone object is a container object that contains all the data for a single
DNS zone. A Zone object is the first level of the DNS zone description. A
Zone object can be contained under an Organization (O), Organizational Unit
(OU), a Country (C), or a Locality (L).
Multiple DNS domains can be represented within eDirectory by using
separate, independent DNS Zone objects. A network administrator can
support multiple DNS domains on a single NetWare server by creating
multiple DNS Zone objects and assigning the server to serve those zones.
The DNS Zone object contains data that correlates to a DNS Start of Authority
(SOA) resource record (RR), a member list of all eDirectory-based DNS
servers that serve the zone, and Dynamic DNS (DDNS) server information.
The DNS name space hierarchy is not represented within the eDirectory
hierarchy. A zone and its child zone might appear as peers within the
eDirectory hierarchy, even though they have a parent-child relationship within
the DNS hierarchy.
DNS Resource Record Set Object

The DNS Resource Record Set (RRSet) object is an eDirectory leaf object
contained within a DNS Zone object. An RRSet object represents an
individual domain name within a DNS zone. Its required attributes are a DNS
domain name, a DNS address class, and a Time-to-Live (TTL) record.
Each domain name within a DNS zone object has an RRSet object. Each
RRSet object has one or more resource records beneath it containing
additional information about the domain, including a description of the object
and version information.
DNS Resource Records

A DNS resource record (RR) is an attribute of an RRSet that contains the
resource records type and data of a single RR. RRs are configured beneath
their respective RRSet objects. Resource records describe their associated
RRset object.
The most common resource records are Address (A) records, which map a
domain name to an IP address, and Pointer (PTR) records, which map an IP
address to a domain name within an IN-ADDR.ARPA zone.
Understanding

103-000164-001
September 4, 2001
Novell Confidential
23
Manual
99a
38
July 17, 2001
DNS Server Object

The DNS Server object (or Service object) is different from the NetWare Core
ProtocolTM (NCPTM ) Server object. A DNS Server object can be contained in
an Organization (O), Organizational Unit (OU), Country (C), or Locality (L).
The DNS Server object contains DNS server configuration parameters,
including the following:
Zone List
DNS Server IP Address
Domain Name of the DNS Server
DNS Server Options
Forwarding List
No Forwarding List
eDirectory Objects for DHCP

The following new eDirectory objects support DHCP:
Subnet object
Address Range object
IP Address object
DHCP Server object
Subnet Pool object
Figure 2 on page 25 shows a basic configuration of the DHCP objects. This
structure might be used for a small to medium size network.
24

103-000164-001
September 4, 2001
Novell Confidential
Manual
Figure 2
99a
July 17, 2001
38
eDirectory Objects for DHCP
(O)=NOVELL
(OU)=SAN JOSE
DHCP Server
Subnet Attr: Bldg8_1ST_FLOOR

Subnet Attr: Bldg8_2ND_FLOOR
Subnet (1.2.3.0)
Subnet (1.2.4.0)
SUBNET_A
SUBNET_B
IP Address
(1.2.3.2)
Subnet Pool:
Subnet A
Subnet B
IP Address
(1.2.3.1)
Subnet Address
Range
(1.2.3.10-254)
1ST_FLOOR_CLIENTS
IP Address
(1.2.4.2)
IP Address
(1.2.4.1)
Subnet Address
Range
(1.2.4.100-254)
2ND_FLOOR_CLIENTS
(O)
= Organization
(OU)
= Organizational Unit
Subnet Object
The Subnet object represents a subnet and is the most fundamental DHCP
object. The Subnet object can be contained in an Organization (O), an
Organizational Unit (OU), a Country (C), or a Locality (L). The Subnet object
acts as a container object for the IP Address and Address Range objects. A
Subnet object's specific DHCP options and configuration parameters apply to
the entire subnet and override global options.
Address Range Object

The Address Range object is primarily used to denote a range of addresses to
create a pool of addresses for dynamic address assignment or to identify a
range of addresses to be excluded from address assignment. Optionally, the
Address Range object stores the start of a hostname that can be assigned to
clients when addresses are assigned.
Understanding

103-000164-001
September 4, 2001
Novell Confidential
25
Manual
99a
38
July 17, 2001
You can use multiple Address Range objects under a Subnet object. You can
also specify different range types, such as a range for dynamic address
assignment, a range for BOOTP clients, or a range to be excluded from the
subnet.
IP Address Object
The IP Address object represents a single IP address. The IP Address object
must include an address number and an assignment type. The address can be
assigned manually, automatically, or dynamically, or it can be excluded from
DHCP address assignment.
You must use the DNS/DHCP Management Utility to configure IP Address
objects that are manually assigned or excluded from assignment. For
dynamically or automatically assigned client addresses, DHCP creates an IP
Address object under the subnet where the address is assigned.
An IP address can be assigned to a client based on the client's MAC address.
These IP Address objects can also receive specific DHCP options.
When configuring an individual IP Address object, you can provide specific
options that override global options or those set at the subnet level. When you
create or modify an IP Address object manually, you can also create the
necessary DNS resource records.
DHCP Server Object

The DHCP Server object represents the DHCP server and contains a
multivalued attribute listing of the subnet ranges the DHCP server is
servicing. The DHCP server also contains all server-specific configuration
and policy information. A DHCP Server object can be contained in an O, OU,
C, or L.
Subnet Pool Object

The Subnet Pool object provides support for multiple subnets through a DHCP
or BOOTP forwarder by identifying a pool of subnets for remote LAN address
assignments. A Subnet Pool object can be contained in an O, OU, C, or L.
DHCP servers are not required to be on the local subnet to which they assign
addresses. If desired, they can be deployed centrally and service remote
subnets. Initial DHCP/BOOTP Discover requests, however, are not sent to a
26

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
DHCP server unless a DHCP/BOOTP forwarder that is on the same computer

as the client has been configured to forward the addresses.
The Subnet Pool object contains a list of subnet object references and
comments.
Understanding DNS
The Domain Name System (DNS) is a distributed database system that
provides hostname-to-IP resource mapping (usually the IP address) and other
information for computers on an internetwork. Any computer on the Internet
can use a DNS server to locate any other computer on the Internet.
DNS is made up of two distinct components, the hierarchy and the name
service. The DNS hierarchy specifies the structure, naming conventions, and
delegation of authority in the DNS service. The DNS name service provides
the actual name-to-address mapping mechanism.
DNS Hierarchy on page 27
DNS Name Service on page 31
Traditional DNS on page 34
DNS within eDirectory on page 36
DNS Hierarchy
DNS uses a hierarchy to manage its distributed database system. The DNS
hierarchy, also called the domain name space, is an inverted tree structure,
much like eDirectory.
The DNS tree has a single domain at the top of the structure called the root
domain. A period or dot (.) is the designation for the root domain. Below the
root domain are the top-level domains that divide the DNS hierarchy into
segments.
Listed below are the top-level DNS domains and the types of organizations
that use them. Below the top-level domains, the domain name space is further
divided into subdomains representing individual organizations.
Understanding

103-000164-001
September 4, 2001
Novell Confidential
27
Manual
Table 1
99a
July 17, 2001
38
Top-Level DNS Domains

Domain
Used by
.com
Commercial organizations, as in novell.com
.edu
Educational organizations, as in ucla.edu
.gov
Governmental agencies, as in whitehouse.gov
.mil
Military organizations, as in army.mil
.org
Nonprofit organizations, as in redcross.org
.net
Networking entities, as in nsf.net
.int
International organizations, as in nato.int
Additional top-level domains organize domain name space geographically.

For example, the top-level domain for France is fr. Figure 3, DNS
Hierarchy, on page 28 illustrates the DNS hierarchy.
Figure 3
DNS Hierarchy
root
com
novell
28
ucla
edu
gov
whitehouse
mil
army
org
net
int
redcross

103-000164-001
September 4, 2001
Novell Confidential
nsf
fr
Manual
99a
38
July 17, 2001
Domains and Subdomains

A domain is a label of the DNS tree. Each node on the DNS tree represents a
domain. Domains under the top-level domains represent individual
organizations or entities. These domains can be further divided into
subdomains to ease administration of an organization's host computers.
For example, Company A creates a domain called companya.com under the
.com top-level domain . Company A has separate LANs for its locations in
Chicago, Washington, and Providence. Therefore, the network administrator
for Company A decides to create a separate subdomain for each division, as
shown in Figure 4, Domains and Subdomains, on page 29.
Any domain in a subtree is considered part of all domains above it. Therefore,
chicago.companya.com is part of the companya.com domain, and both are
part of the .com domain.
Figure 4
Domains and Subdomains
root
com
Company A
(companya.com)
chicago
(chicago.companya.com)
providence
(providence.companya.com)
washington
(washington.companya.com)
host1
(host1.washington.companya.com)
Understanding

103-000164-001
September 4, 2001
Novell Confidential
29
Manual
99a
38
July 17, 2001
Domain Names
The domain name represents an entity's position within the structure of the
DNS hierarchy. A domain name is simply a list of all domains in the path from
the local domain to the root. Each label in the domain name is delimited by a
period. For example, the domain name for the Providence domain within
Company A is providence.companya.com, as shown in Figure 4, Domains
and Subdomains, on page 29 and the list below.
Note that the domain names in the figure end in a period, representing the root
domain. Domain names that end in a period for root are called fully qualified
domain names (FQDNs).
Each computer that uses DNS is given a DNS hostname that represents the
computer's position within the DNS hierarchy. Therefore, the hostname for
host1 in Figure 4 on page 29 is host1.washington.companya.com.
Domain Delegation
Domain delegation gives an organization authority for a domain. Having
authority for a domain means that the organization's network administrator is
responsible for maintaining the DNS database of hostname and address
information for that domain.
A group of domains and subdomains for which an organization has authority
is called a zone. All host information for a zone is maintained in a single,
authoritative database.
For example, the companya.com. domain is delegated to Company A, creating
the companya.com. zone. There are three subdomains within the
companya.com. domain:
chicago.companya.com.
washington.companya.com.
providence.companya.com.
The Company A administrator maintains all host information for the zone in
a single database and also has authority to create and delegate subdomains.
For example, Company A's Chicago location has its own network
administrator. The companya.com administrator delegates the
chicago.companya.com zone to the Chicago location and no longer has
authority over it. Company A now has two zones: companya.com and
chicago.companya.com.
30

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
companya.com, which has authority over companya.com,

washington.companya.com, and providence.companya.com zones
chicago.companya.com, which has authority over the
chicago.companya.com zone
IN-ADDR.ARPA Domain
The IN-ADDR.ARPA domain (or zone) provides mapping of IP addresses to
names within a zone, enabling a client (or resolver) to request a hostname by
providing an IP address. Some security-based applications require this
function, also known as reverse-lookup.
The file that stores the IN-ADDR.ARPA data is made up of Pointer records
and additional name server records, including Start of Authority (SOA)
records, similar to other DNS zone files. Within the IN-ADDR.ARPA zone
file, IP addresses are listed in reverse order, and in-addr.arpa is appended to
the address. A query for a host with an IP address of 1.2.3.4 would require a
PTR query with the target address of 4.3.2.1.in-addr.arpa.
DNS Name Service

DNS uses the name service component to provide the actual name-to-IP
address mapping that enables computers to locate each other on an
internetwork. The name service uses a client-server mechanism in which
clients query name servers for host address information.
Name Servers
DNS name servers maintain a database of information about hosts in a specific
zone. Each DNS zone must include a name server containing authoritative
information about all hosts within the zones it supports. A DNS name server
can be either a primary name server or a secondary name server.
In addition to local host information, name servers maintain information about
how to contact other name servers. Name servers in an internetwork are able
to contact each other and retrieve host information. If a name server does not
have information about a particular domain, the name server relays the request
to other name servers up or down the domain hierarchy until it receives an
authoritative answer for the client's query.
Understanding

103-000164-001
September 4, 2001
Novell Confidential
31
Manual
99a
38
July 17, 2001
Primary Name Servers
One DNS name server in each administrative zone maintains an authoritative

database of hostname and address information for an entire domain. This
name server is the primary name server, and the domain administrator updates
it with hostnames and addresses as changes occur.
All name servers maintain information about how to contact name servers that
are at higher or lower levels within the DNS hierarchy. The process of
maintaining information about name servers in higher-level domains is called
linking to the existing DNS hierarchy. The administrator also enters
information into the database about name servers in lower-level domains
when creating a subdomain.
Secondary Name Servers
Secondary name servers have read-only copies of the primary name server's
DNS database. Secondary name servers provide redundancy and load
balancing for a domain.
Periodically, and when a secondary name server starts up, the secondary name
server contacts the primary name server and requests a complete copy of the
primary name server's DNS database. This process is called a zone transfer.
If necessary, a primary name server can also function as a secondary name
server for another zone.
Resource Records
Resource records (RRs) contain the host information maintained by the name
servers and make up the DNS database. Different types of records contain
different types of host information. For example, an Address record provides
the name-to-address mapping for a given host, while a Start of Authority
(SOA) record specifies the start of authority for a given zone.
A DNS zone must contain several types of resource records for DNS to
function properly. Other RRs can be present, but the following records are
required for standard DNS:
Name server (NS)Binds a domain name with a hostname for a specific
name server
The DNS zone must contain NS records for each primary and secondary
name server in the zone. The DNS zone must contain NS records to link
the zone to higher- and lower-level zones within the DNS hierarchy.
32

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Start of Authority (SOA)Indicates the start of authority for the zone.

The name server must contain one SOA record specifying its zone of
authority.
Canonical name (CNAME)Specifies the canonical or primary name for
the owner. The owner name is an alias.
Address (A)Provides the IP address for the zone.
For example, the name server for a zone must contain the following:
An SOA record identifying its zone of authority
An NS record for the primary name server within the zone
An NS record for each secondary name server within the zone
An A record that maps each name server specified in the NS records to an
IP address
Table 2 lists the types of resource records and their field differences.
Table 2
Resource Record Types and Field Differences

RR Type
Field Differences
IP Address, eDirectory context, comments, and version
AAAA
IPV6 address
AFSDB
Subtype and hostname fields
CNAME
Domain name of aliased host
HINFO
CPU and OS fields of up to 256 characters each
ISDN
ISDN address and subaddress fields
MB
Mailbox address domain name
MG
Mail group member domain name
MINFO
Responsible mailbox and error message mailbox
MR
Mail rename mailbox
MX
Reference and exchange fields
NS
DNS server domain name
Understanding

103-000164-001
September 4, 2001
Novell Confidential
33
Manual
99a
38
July 17, 2001
RR Type
Field Differences
PTR
Domain name
PX
Preference, Map 822 (domain name), and Map x400 fields

(domain name in X.400 syntax)
RP
Responsible person's mailbox and TXT RR domain name
RT
Preference and Intermediate fields
SRV
Service, proto, priority, weight, port, and target fields
TXT
Text field for up to 256 characters in multiple strings
WKS
Protocol and bit map fields
X25
PSDN address
Traditional DNS
In the past, DNS has been administered by building a database of information
that includes all of a zone's resource records into a textual file. Novell's earlier
support of DNS used Btrieve as its database. Other vendors also use large files
to store the information required for a DNS zone. The administration of these
files is difficult and cumbersome.
Figure 5 on page 35 represents a traditional DNS strategy. A zone, such as
novell.com, uses a master DNS server to handle queries about the entities
within it. A DNS server might support more than one zone, and it would
probably have at least one secondary server for backup (redundancy) or loadsharing purposes. The master DNS server provides DNS name service for two
zones: novell.com and other.com. The secondary DNS server provides backup
support for the novell.com zone, and the other secondary DNS server provides
backup support for the other.com zone.
Additionally, each name server maintains separate copies of the zone data for
primary and secondary support. When changes occur, all of these files require
updating with zone transfers, which greatly increases network bandwidth use.
34

103-000164-001
September 4, 2001
Novell Confidential
Manual
Figure 5
99a
July 17, 2001
38
Traditional DNS Structure
Master
DNS Server
Secondary
DNS Server 1
(novell.com)
Replica:
novell.com
Secondary
DNS Server 2
(other.com)
Replica:
Replica:
novell.com
Resource
Records
SOA
Zone:
novell.com
Resource
Records
A
NS SOA
Resource Records
MX A
CNAME
NS SOA
A
MX A
A
CNAME
NS
A
A
MX
A
A
CNAME
.
.
A
A
.
A
A
.
.
A
.
A
.
.
.
other.com
Replica:
other.com
Resource
Records
SOA
Zone:
other.com
Resource
Records
A
SOA NS
Resource
Records
MX
A
CNAME
NS
SOA
MX A
A
A
NS CNAME
A
A
MX
A
A
CNAME
.
.
A
A
.
A
A
.
.
A
.
A
.
.
.
The file storing the RRs for a zone might have hundreds or thousands of
entries for different types of resources, such as users' addresses, hosts, name
servers, mail servers, and pointers to other resources.
When a client initiates a request to resolve a domain name to an IP address
(perhaps by using an Internet browser or by sending e-mail), the client sends
a query to the name server specified in the client's configuration. The name
server that receives the query searches its authoritative zone information for
the desired record. If the record cannot be found, the name server will forward
the query up the hierarchy to the name server above it for resolution.
When updates are made to the master name server, the entire contents of the
database file must be copied to any secondary name servers.
Understanding

103-000164-001
September 4, 2001
Novell Confidential
35
Manual
99a
38
July 17, 2001
DNS within eDirectory

Novell has integrated DNS into eDirectory by extending the eDirectory
schema and creating new eDirectory objects to represent zones, RRSets, and
DNS name servers. Integrating these new objects into eDirectory simplifies
the administration of DNS, enabling centralized administration and
configuration.
A Zone object is an eDirectory container object that holds RRSet objects,
which are leaf objects. A DNS Server object is a leaf object. For detailed
information about these objects, refer to New eDirectory Objects for DNS
on page 22.
By integrating DNS into eDirectory, Novell has shifted away from the
traditional concept of primary or secondary DNS name servers to the concept
of a primary or secondary zone.
In traditional DNS, all configuration changes are made on a single primary
name server. When changes have been made, the secondary name servers
request transfers of the changes from the primary name server. This process is
called a zone transfer. The master-slave approach has several disadvantages,
the most significant being that all changes must be made at the primary server.
Using the primary and secondary zone concept, Novell's approach allows
changes from anywhere in the network through eDirectory, which is not
dependent on one server. Zone data is stored within eDirectory and is
replicated just like any other data in the eDirectory tree.
Novell's DNS supports the traditional primary-secondary DNS name server
approach to moving DNS data in and out of eDirectory. Although all Novell
servers can recognize DNS data after the data is placed in the directory
through eDirectory replication, only one server is required for a zone transfer.
The server assigned to perform this function in a secondary zone is called the
Zone In DNS transfer.
In a secondary zone, the Zone In server is responsible for requesting a zone
transfer of data from the external primary name server. The Zone In server
determines which data has changed for a zone and then makes updates to
eDirectory so that other servers are aware of the changes.
The Designated DNS (DDNS) server is a server identified by the network
administrator to perform certain tasks for a primary zone. The DDNS server
for a primary zone is the only server in that zone that receives DNS updates
from a NetWare 6 DHCP server to perform Dynamic DNS (DDNS) updates.
36

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
These updates cause additions and deletions of resource records and updates
to the zone's serial number.
Figure 6 illustrates a Novell server as the primary DNS name server and
primary and secondary zones within eDirectory. In this example, there are two
primary zones. Any of the Novell DNS servers assigned to a zone are able to
respond to queries for the zone. For each zone, one server is designated by the
administrator to act as the DDNS server. In this example, Server1 is the
Designated DNS server for Zone 1 and Server3 is the Zone In server for the
secondary zone called Foreign Zone. Server 2 provides DNS services for Zone
1 and Zone 2, but does not perform DDNS updates or zone transfers. Server 3
occasionally requests zone transfers from the foreign server and places the
modified zone data into eDirectory, where any of the Novell servers can
respond to queries for it.
Figure 6
Novell Server As a Primary DNS Server
DNS Server
(non-Novell)
NDS
Zone 2
Foreign
Zone
Zone 1
Novell
DNS Server 1
Novell
DNS Server 3
Novell
DNS Server 2
Understanding

103-000164-001
September 4, 2001
Novell Confidential
37
Manual
99a
38
July 17, 2001
Figure 7 shows a representation of eDirectory objects within a DNS zone.

Figure 7
DNS Zone
(Locality)=Chicago
DNS Zone
DNS Server
chicago.company.com
RRSet
(host)
RRSet
(host2)
RRSet
(printer)
RRSet
(mail server)
DNS Master File

A DNS master file contains resource records that describe a zone. When you
use the DNS/DHCP Management Utility to build a zone, the DNS objects and
their attributes translate into resource records for that zone.
You can use the DNS/DHCP Management Utility to import a DNS master file
if it conforms to IETF RFCs 1035, 1036, and 1183 and is in BIND master file
format. A sample DNS master file is shown in the following example.
$ORIGIN sjf.novell.com. @
soa
sjfns.sjf.novell.com. Smith.novell.com (
1996091454 3600 300 604800 86400
)
ns
sjfns.sjf.novell.com.
ns ns.novell.com.
5 sjf-mx.idz.sjf.novell.com. $ORIGIN
sjf.novell.com.sjfns
a
123.45.67.89bsmith
123.45.68.103; End of file
38

103-000164-001
September 4, 2001
Novell Confidential
mx
a
Manual
99a
38
July 17, 2001
Understanding DHCP
The Dynamic Host Configuration Protocol (DHCP) uses a client-server
structure to provide configuration parameters to hosts. DHCP consists of a
protocol for providing host-specific configuration parameters from a DHCP
server (or collection of DHCP servers) to a host and a mechanism to allocate
network addresses to a host.
NOTE: In this document, the term host refers to a network device that requires an
IP address and might have a hostname.
When the DHCP server is loaded, it reads its configuration information from
eDirectory and stores the information in its cache. As the DHCP server assigns
addresses to clients, it updates eDirectory, adding IP address objects or
modifying their eDirectory status information. The DHCP server can be
configured to maintain an audit log of this activity. For information about
maintaining an audit log of DHCP server activity, refer to Configuring DHCP
Auditing on page 108.
The network administrator can use the DNS/DHCP Management Utility to
view objects to see how addresses have been assigned.
IP Address Allocation on page 40
Managing the Database on page 42
DHCP Options on page 43
Dynamic DNS on page 46
Compatibility with BOOTP on page 47
Using a BOOTP Relay Agent on page 47
SNMP Event Generation on page 49
DHCP Auditing on page 50
Understanding

103-000164-001
September 4, 2001
Novell Confidential
39
Manual
99a
38
July 17, 2001
IP Address Allocation
Allocation of IP addresses, either temporary or permanent, is one of the two
primary services provided by DHCP. The client requests an IP address, and the
DHCP server (or collection of DHCP servers) provides an address and
guarantees not to give that address to another client within a specified time.
Additionally, the server tries to return the same address to the client each time
the client requests an address. The period of time over which an IP address is
allocated to a client is called a lease.
DHCP supports three methods of IP address allocation:
Dynamic BOOTP allocation
Dynamic DHCP allocation
Manual (or static) allocation
A network can use one or more of these methods. The network administrator
decides which methods to use.
Dynamic BOOTP Allocation

Dynamic BOOTP enables a DHCP server to assign permanent addresses to
BOOTP clients from a pool of addresses. No manual configuration of the
client is required prior to address allocation.
Dynamic DHCP Allocation

Dynamic DHCP allocation is the only method enabling automatic reuse of
addresses no longer required by a client. Dynamic DHCP allocation is useful
for assigning an address to a client that will be connected temporarily to the
network or for sharing a limited number of IP addresses among a group of
clients that do not require permanently assigned IP addresses.
Dynamic DHCP allocation is also useful for assigning an IP address to a new
client installed on a network on which IP addresses are scarce and must be
reclaimed when older hosts are removed. An additional benefit to dynamic
DHCP allocation is that when a client's lease is renewed, the DHCP server
refreshes the client's configuration.
40

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Manual Allocation
Use Manual or static allocation to assign addresses to DHCP or BOOTP
clients using the DNS/DHCP Management Utility. A specific IP address is
assigned to the client based on an identifier such as the client's hardware or
MAC address.
Manual allocation of DHCP eliminates the error-prone method of manually
configuring hosts with IP addresses in networks for which IP address
management without DHCP is desired. Manual allocation can be permanent
or set to expire at a future time. When you manually allocate addresses, you
can also create corresponding DNS Resource Records, thereby eliminating
another error-prone activity.
Lease Options
A client acquires a lease for a fixed period of time. The length of the lease
could be a number of hours or days, or it could be for an indefinite period.
After a lease for an IP address has been granted, a client can issue a request to
extend its lease. The client can also issue a message to the server to release the
address back to the server when the address is no longer required.
If a network has a scarcity of IP addresses and must reassign them, the DHCP
server will reassign an address when the lease has expired. The server uses
configuration information to choose addresses to reuse. For example, the
server might choose the least recently assigned address for reassignment.
After receiving an address assignment, the host determines whether the
address is in use by another host before accepting the address.
IMPORTANT: Address duplication sometimes occurs with Windows 95 clients. If
a Windows 95 client receives a response indicating that the assigned address is in

use by another device, a message indicates the IP address conflict. However, the
client does not send a DHCPDECLINE message as required by RFC 1534, section
4.4.1.
To minimize the chance of address duplication, the DHCP server can be

configured to ping an address to test its validity before assigning it to a host.
If the server receives a response from another device (indicating ownership of
the address), the current address assignment is withdrawn so that another
address can be assigned to the host.
Understanding

103-000164-001
September 4, 2001
Novell Confidential
41
Manual
99a
38
July 17, 2001
Managing the Database

The Lease Time attribute of the Subnet object enables a dynamic DHCP client
to specify a lease time for the entire subnet. Lease expiration time can be
modified for each manual IP address allocation.
An IP address can be returned to a DHCP server for one of the following
reasons:
The address is explicitly released by a DHCP client.
The address is implicitly released because the lease has expired.
An assigned lease is canceled by the DNS/DHCP Management Utility.
If a DHCP client requests an IP address on the same subnet again before the
previously assigned address expires, the same address is provided. If the IP
address assignment is for a different subnet but the client already has a valid
IP address entry in the DHCP server database, three possible actions can
occur, depending on the IP Address Assignment Policy attribute of the DHCP
server. The three possible actions are listed in Table 3.
Table 3
IP Address Assignment Policy
IP Assignment Policy
DHCP Server Action
Delete Duplicate
If the client moves to another subnet supported by the same DHCP server,
delete any previous IP address assigned to the client, release the original
address back to the pool, and assign a new address.
Allow Duplicate
If the client moves to another subnet, assign the new address and leave the
old address unchanged in the database.
No Duplicate
If the client moves to another subnet and the old address is still valid, do not
assign a new address.
The address deletion might delete a permanent IP object that is dynamically

or manually assigned. Therefore, a client with a Delete Duplicate policy can
have a walking manual IP object, but it cannot walk out of the service scope
of a single DHCP server. For a DHCP server to assign an address to a walking
manual IP object, the address assignment must be from a DHCP server's
reserved Subnet Address Range with Range Type set to Dynamic DHCP,
Dynamic BOOTP and DHCP, or Dynamic DHCP with Automatic Hostname
Generation.
42

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
The DHCPSRVR.NLM software supports local address assignments that

obtain IP addresses from multiple local subnets. For example, a DHCP server
might have multiple IP addresses bound to one of its network interface cards.
Each address is a server address on a separate subnet. No special configuration
of the eDirectory database is required.
The DHCPSRVR.NLM software also supports remote address assignments
that obtain IP addresses from multiple remote subnets. This feature requires
all such subnets to be identified with a Subnet Pool object.
DHCP Options
Novell DNS/DHCP Services supports vendor options, DHCP options, and
BOOTP parameters as defined in Internet RFC 2132 with a few exceptions.
Novell DNS/DHCP Services supports new options defined for NetWare over
TCP/IP and existing NetWare/IP options.
NOTE: The following options are not supported in this release of Novell DNS/
DHCP Services: 56, 57, 60, 66, and 67. Although options 66 and 67 are not
supported, the equivalent BOOTP parameter function is provided.
Assigning Options
DHCP and BOOTP options can be assigned at three levels:
Globally
At the subnet level
IP address level
The DHCP server's options inheritance rules specify that options assigned at
the lowest level override options set at a higher level. For example, options
have been assigned at all three levels for the client on the subnet, as shown in
Table 4.
Table 4
Example of DHCP Options Assignment

Level
Option
Value
Global
1, Subnet Mask
255.255.0.0
3, Router
132.57.3.8
4, Time Server
129.23.120.5
Understanding

103-000164-001
September 4, 2001
Novell Confidential
43
Manual
99a
July 17, 2001
38
Level
Option
Value
Subnet
1, Subnet Mask
255.254.0.0
5, Name Server
10.73.57.251
7, Log Server
10.73.58.2
13, Boot File Size
1024
7, Log Server
Null
13, Boot File Size
256
IP Address
Table 5 lists the effective options for the client with the IP address referred to
in the preceding table.
Table 5
Client's Effective Options

Option
Value
1, Subnet Mask
255.254.0.0
3, Router
132.57.3.8
4, Time Server
129.23.120.5
5, Name Server
10.73.57.251
7, Log Server
Null
13, Boot File Size
256
DHCP Options for eDirectory

Novell has defined three DHCP options for eDirectory. These options
eliminate the need to provide this information each time users log in.
Option 85 provides the IP address of one or more eDirectory servers for the
client to contact for access to the eDirectory database. Option 86 provides the
name of the eDirectory tree the client will be contacting. Option 87 provides
the eDirectory context the client should use.
Refer to Internet RFC 2241, DHCP Options for Novell Directory Services,for
more detailed information about using these options in NetWare 6.
44

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NetWare/IP Options
Novell uses option codes 62 and 63 in the DHCP packet for Netware/IP.
Option 62 contains the Netware/IP domain name.
Option 63, the IPX Compatibility option, contains general configuration
information such as the primary DSS, preferred DSS, and the nearest servers.
Option 63 provides additional information in the form of sub-options, listed in
Table 6.
Table 6
IPX Compatibility Suboptions

Suboption
Codes
Meaning
If the value of this field is 1, the client should perform a NetWare

Nearest Server Query to find out its nearest NetWare/IP server.
Provides a list of up to five addresses of NetWare Domain SAP/

RIP servers.
Provides a list of up to five addresses of the nearest NetWare/IP

servers.
Indicates the number of times a NetWare/IP client should

attempt to communicate with a given DSS server at startup.
Indicates the amount of delay in seconds between each

NetWare/IP client attempt to communicate with a given DSS
server at start-up.
10
If the value is 1, the NetWare/IP client should support NetWare/

IP Version 1.1 compatibility.
11
Identifies the Primary Domain SAP/RIP Service server (DSS) for

this NetWare/IP domain.
12
Identifies network number of the virtual IPX network created by

the IPX Compatibility feature.
13
The IPX Stale Time suboption specifies the minimum interval in

minutes that must expire before hosts try to refresh their
Migration Agent addressing information.
14
Specifies the addresses of one or more Migration Agent servers

for the IP nodes to use for communicating with IPX Nodes.
Refer to Internet RFC 2242, NetWare/IP Domain Name and Information, for
more detailed information about using these Netware/IP options.
Understanding

103-000164-001
September 4, 2001
Novell Confidential
45
Manual
99a
38
July 17, 2001
Dynamic DNS
The Dynamic DNS (DDNS) feature of Novell DNS/DHCP Services provides
a way to update DNS with accurate Address (A) records and Pointer (PTR)
records for address assignments made by a DHCP server. Address (A) records
map a domain name to an IP address. A Pointer (PTR) record specifies a
domain name that points to some location in the domain name space.These
resource records are required so that both name-to-address and address-toname DNS resolutions can be made. DDNS eliminates the need for further
error-prone configuration of DNS for each host address change.
Enable DDNS by configuring a subnet address range with the Always Update
parameter set to on. You must also specify a zone reference in the Subnet
object so that the DHCP server can determine which zone to update.
When DDNS is active, the DHCP server updates the DDNS server for the
zone, adding or deleting the corresponding Address and Pointer records. The
DHCP server also notifies the DDNS server when leases expire, causing the
A and PTR records to be deleted. If a lease is renewed, no action occurs
because none is necessary.
Only subnet address ranges whose assignment type is either Dynamic DHCP
or Dynamic BOOTP and DHCP can use the Dynamic DNS update feature. For
a DDNS update to occur, the Always Update parameter of the range must be
enabled and a DNS zone must be specified to link the Zone object to the
subnet. When these conditions are met, the DHCP server initiates a dynamic
DNS update when assigning an address to a client.
When the DHCP server grants a lease to a client that is subject to DDNS
updates, the server updates its database and eDirectory to store the transaction.
The DHCP server also contacts the DNS server and submits a request for a
DNS update.
For DDNS updates, the DNS server requires the fully qualified domain name
(FQDN) and the IP address of the client. The DHCP server knows the IP
address, but it must assemble the FQDN from the hostname and the subnet's
domain name.
The DNS server usually maintains two resource records for each client. One
maps FQDNs to IP addresses using A records. The other maps the IP address
to the FQDN using PTR records. When DDNS is enabled and a client receives
an address from the DHCP server, the DNS server updates both of these
records.
46

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
When a client loses or ends its lease and is subject to DDNS updates, the DNS
server receives the DDNS update request and deletes the PTR and A records
associated with the client.
Compatibility with BOOTP

DHCP is based on the Bootstrap Protocol (BOOTP) and maintains some
backward compatibility. BOOTP was designed for manual configuration of
the host information in a server database. Novell has extended support for
BOOTP to provide Dynamic BOOTP support. A pool of addresses can be set
up for BOOTP address assignment so that each BOOTP address does not have
to be configured separately.
From the clients' point of view, DHCP is an extension of BOOTP, enabling
existing BOOTP clients to interoperate with DHCP servers without requiring
any change to the clients' initialization software. Some new, additional options
optimize DHCP client-server interaction.
There are two primary differences between DHCP and BOOTP. DHCP
defines methods through which clients receive IP addresses for a specified
period of time, enabling serial reassignment of addresses to different clients.
There is no concept of a lease time in BOOTP; address assignments (even in
Dynamic BOOTP) are permanent. Additionally, DHCP provides a method for
a client to acquire all the IP configuration parameters it requires to operate.
If multiple servers service a single subnet, only one server, the principal server
can be designated as an automatic BOOTP server.
Another difference between the two protocols is a change in terminology to
clarify the meaning of the Vendor Extension field in BOOTP messages. With
DHCP, this field is called the Option field.
Using a BOOTP Relay Agent

A BOOTP relay agent (also known as a forwarder) is an Internet host that
passes DHCP messages between DHCP clients and DHCP servers in a subnet
environment. The forwarder usually resides on an IP router; however, any
Novell server on a subnet can run the BOOTPFWD.NLM. The DHCP service
in Novell DNS/DHCP Services provides relay agent functions as specified in
the BOOTP protocol specification (Internet RFC 951).
Understanding

103-000164-001
September 4, 2001
Novell Confidential
47
Manual
99a
38
July 17, 2001
When a client starts up, it sends a UDP broadcast message, called a Discover
packet, to address 0xFFFFFFFF over port 67 requesting an address.
The forwarder has an IP address on the network and acts like a DHCP server,
listening for Discover packets from clients on its LAN that are meant for a
DHCP server. The forwarder must be configured with the destination address
of the actual DHCP server on a different LAN segment that will provide
DHCP service.
The DHCP server must be configured to serve the subnet on which the
forwarder is located. The DHCP server must have a subnet address range to
provide service.
After receiving a Discover packet from a client, the forwarder reformats the
packet and sends it to the DHCP server. The DHCP server responds to the
forwarder with an Offer packet containing an address for the client.
When the forwarder receives the Offer packet from the DHCP server, the
forwarder contacts the client and provides the IP address and lease
information.
NOTE: The BOOTP protocol, unlike DHCP, does not provide a mechanism for a
client to accept only a single offer of an IP address; therefore, the DNS/DHCP

Management Utility allows only the server that is specified as the default server in
a Subnet object to be assigned to any address ranges that include BOOTP
addresses. If you want to assign other servers to the address ranges, you should
change the address range type so that it doesn't include BOOTP. If the range type
includes BOOTP, you will not be allowed to change the DHCP server assigned to
the range.
Virtual LAN Environments

In environments using a virtaul LAN (VLAN), multiple subnets might be
defined on one physical subnet. For example, one physical subnet might
contain several Class C addresses to form a larger address range than allowed
for a Class C address. To accommodate a VLAN environment, a Subnet Pool
object must be configured on the DHCP server to bind the multiple subnets
together.
If a forwarder forwards client requests from a physical subnet with multiple
subnet bindings and these subnets are bound to a single subnet pool, the
collection of addresses available in configured subnet address ranges are
available to all clients (DHCP or BOOTP) on that physical subnet. This is the
primary use of the subnet pool.
48

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Clients that are on the same subnet as the DHCP server do not have to be
configured for the subnet pool if the server is bound to all local subnet
addresses, or if the server has an address on each local subnet.
SNMP Event Generation

You can use the DNS/DHCP Management Utility to set up SNMP event
generation in the case of critical, major, warning, or minor events. The default
setting is Major, which causes the server to log all major and critical events.
Critical events are those that cannot or should not be ignored by the network
administrator. Major events denote a significant change in the state of the
server processing. Warning and Minor events are logged for maintenance and
diagnosis only. Warning and Minor events should not be turned on unless a
problem has developed.
All Critical and some Major events are logged on the local server console.
The following warning events can be logged or trapped for SNMP event
generation:
An eDirectory update to the subnet failed, causing degraded operation
(incomplete transactions are logged to a local file named
DHCPLOG.LOG).
SNMP recovered from an internal fault and the error code was logged.
A subnet was not configured and addresses are not available, causing
degraded operation.
The following minor events are logged and/or trapped for SNMP event
generation:
A Decline was generated against an IP address.
All logged file transactions have been reprocessed (operational).
Major events are logged or trapped for SNMP event generation. For example,
when the DHCPSRVR NLM is loaded and the server is operational and ready
for LAN-based clients.
The following events are logged or trapped for SNMP event generation:
The logger cannot open the recovery log file or is having difficulty
opening it. (The server is inoperative.)
The main thread cannot process lease expiration. (The server is
inoperative.)
Understanding

103-000164-001
September 4, 2001
Novell Confidential
49
Manual
99a
38
July 17, 2001
DHCP Auditing
Auditing can be used to perform an analysis of historical data and to help
diagnose operational difficulties. Auditing uses a Btrieve database to store and
manage data enabling meaningful trend analysis.
When auditing is enabled, every incidence of address deletion, addition, and
rejection is recorded in the audit log. The beginning and end of each session
is marked to help make sense of the audit log. The beginning session contains
records defining the session in terms of addresses already assigned.
Additionally, other major events or alert situations that cause SNMP traps are
also audited. Other incoming DHCP requests are also logged, including
honored renewal requests and those rejected or dropped.
Console and Debug Logs

The following types of console log entries are generated by both DNS and
DHCP:
Load success or failure
Unload results normal or abnormal
Major SNMP events
For each NetWareAlert message generated, an entry is provided in the /
SYSTEM/SYS$LOG file.
The DHCP server provides a foreground screen log of every packet received
and each reply generated to maintain continuity with the DHCP 2.0 server.
The screen provides a useful real-time indication of DHCP 3.0 server
operations.
The DHCP server has a debug log feature (primarily used by Novell technical
support and engineering groups) that records the exchange of DHCP messages
to a screen log or the DHCPSRVR.LOG file (in ASCII text) in the server's
\ETC\DHCP directory. When loading the DHCPSRVR, the administrator can
use one of three flags to activate the debug log feature.Table 7, Debug Log Use of Flags, on page 51 explains the use of the flags.
50

103-000164-001
September 4, 2001
Novell Confidential
Manual
Table 7
99a
38
July 17, 2001
Debug Log - Use of Flags

Flag
Use
-d1
Turns on a background screen log of DHCP packets
-d2
Turns on a background screen log of Debug statements and DHCP

packets
-d3
Turns on a background screen log of Debug statements and DHCP

packets and writes the log to the server's
\ETC\DHCP\DHCPSRVR.LOG file
Understanding the DNS/DHCP Management Utility

This section provides information about the DNS/DHCP Management Utility,
the Web-based utility used to configure and manage eDirectory-based DNS
and DHCP.
The DNS/DHCP Management Utility can run on any browser workstation and
does not require the Novell client or any installed component as a prerequisite.
It operates within the common eDirectory Management framework and is
thus tightly integrated with Netware 6.
Separate Web-based utilities provide configuration and management for the
two major functions of the DNS/DHCP Management Utility: IP address
management and name service management. Each utility is self-contained and
can provide the functions necessary to conduct address or name management.
eDirectory is used as a database to store the administered IP address and name
service objects.
The Locator object is created at the time of Netware 6 installation, if you
choose the DNS/DHCP option. The Locator object serves as the catalog for
most of the DNS and DHCP objects; therefore, the DNS/DHCP Management
Utility is not required to search or scan the entire eDirectory tree to collect all
the DNS and DHCP objects for initial tree display.
The creator of the Locator object should grant Read and Write rights to this
object to the network administrators. They will use the DNS/DHCP
Management Utility to create, update, or delete any DNS or DHCP objects.
This allows the contents of the Locator object to be updated when necessary.
For more information, refer to Overview of Interface Interaction on page 52.
Understanding

103-000164-001
September 4, 2001
Novell Confidential
51
Manual
99a
38
July 17, 2001
Overview of Interface Interaction

The DNS/DHCP Management Utility manages one eDirectory tree at a time.
When the DNS/DHCP Management Utility is started in the browser, the first
interface screen you see is the login screen. You are prompted to enter your
username, password, eDirectory context and the eDirectory tree whose objects
you wish to manage.
Administration authentication in the DNS/DHCP Management Utility is
based on the common authentication mechanism provided by the underlying
eDirectory Management Framework (iManage) architecture.
To manage objects in a different eDirectory tree, you must log in to the utility
again, specifying the eDirectory tree you want to access. Your login identity
is displayed on the top of the screen.
The DNS/DHCP Management Utility Interface

The DNS/DHCP Management Utility is a Web-based utility and runs within a
Web browser window.
In the DNS/DHCP Management Utility, DNS and DHCP administration are
role-based services managed through a set of predefined roles and tasks.
52

103-000164-001
September 4, 2001
Novell Confidential
Manual
Figure 8
99a
38
July 17, 2001
The DNS/DHCPManagement Utility Interface
The main screen has three parts: a taskbar on the top of the screen that displays
icons for top-level management functions and is part of the common iManagebased utilities in Netware 6, a left panel that displays roles, tasks and other
administrative functions, and a main panel that allows you to manage rolebased and administrative tasks. For more information on the taskbar, refer to
Taskbar on page 53. For more information on roles and tasks, refer to Roles
and Tasks on page 54.
Taskbar
The DNS/DHCP Management Utility shares a common taskbar with other
Netware 6 products that are based on the eDirectory Management
Framework. Figure 9 on page 54 shows the iManage taskbar.The taskbar
displays the following icons:
Home: Takes you to the home page of the utility
Exit: Allows you to logout of the utility
Understanding

103-000164-001
September 4, 2001
Novell Confidential
53
Manual
99a
38
July 17, 2001
Roles and Tasks: Displays the roles and tasks on the left panel
Administration: Enables you to carry out role intallation and role
management
Help: Launches global help for the utility
Figure 9
The iManage Taskbar
Each button on the taskbar has roll-over help associated with it; if you position
the cursor over the icon, the icon's name appears on the task bar, to the right
of the Help icon.
Roles and Tasks

The DNS and DHCP services have been logically organized into roles and
tasks in a way that is intuitive to network administrators. Each role consists of
a set of tasks arranged in a hierarchical and top-down manner that is easy to
administer.
To view the roles, click the Roles and Tasks icon on the taskbar.
At the top level, there are two roles that you can install and manage: DNS
Management and DHCP Management. The tasks under each of these roles are
logically arranged in a top-down manner. A role, depending on its current
state, is preceded by a plus or a minus sign. An administrator can expand a role
such as DNS Management to see the tasks it contains or collapse it for a more
concise view. This can be done by clicking the plus/minus sign next to the role.
The organization of roles and tasks follows the containership rules of object
creation and manipulation in DNS and DHCP. For example, if you expand the
DNS Management role on the left pane, the logical tasks this role contains
54

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
appear under it. At the top is the task DNS Server Management . This is
followed by DNS/DHCP Scope Settings that allows you to specify the
location of the Locator object, and the administrative scope for the session. At
the following level is Zone Management, which provides the next level of
DNS entity management that is, managing zones handled by DNS Servers.
Finally Resource Record Management allows you to manage resource records
contained within a zone.
Each task is associated with a set of operations that appear in a drop-down
menu on the main panel when you click on the task..
For example, to create a new DNS zone, click DNS Management > Zone
Management. This launches the Zone Management window on the main panel
of the screen. Select Create Zone from the drop-down menu and click OK.
This opens the Create New Zone window where you can proceed with the task
of creating a new zone.
Object Creation Rules

There are certain rules that govern the creation and manipulation of objects in
the DNS/DHCP object hierarchy.
Subnet and Subnet Pool objects can be created under O, OU, L, or C objects.
Subnet Address Range and IP Address objects must be created beneath the
Subnet container object. However, because of the IP address of an IP Address
object, the subnet address range and IP Address objects can be contained
within a subnet address range's address block. The DNS Zone object, DNS
Server object, and DHCP Server object can be created in the context of an O,
OU, L, or C.
All DNS and DHCP objects are created as NDS objects and are subject to
NetWare Administrator convention.
Some objects, such as DHCP server, DNS server, DNS zone, Subnet, and
Subnet Pool, can be created in any context.
After a new DNS or DHCP object has been created, the DNS/DHCP
Management Utility grants the objects Read and Write rights to the Locator
object.
For fast and efficient searching, the distinguished names of newly created
zones, DNS servers, subnets, and DHCP servers are added to the
corresponding attribute of the Locator object. Renaming or deleting these
objects is automatically performed by NDS because of the built-in feature for
NDS distinguished names.
Understanding

103-000164-001
September 4, 2001
Novell Confidential
55
Manual
56
99a
38

103-000164-001
September 4, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
Planning
This chapter provides a summary of issues for you to consider as you plan and
design your implementation of and maximize the DNS and DHCP capabilities
of the Novell DNS/DHCP Services software.
eDirectory Considerations
When installed and configured, the DNS and DHCP servers extend the
eDirectoryTM schema to create new objects with which to administer and
control their services. The DNS/DHCP Group and Locator objects are central
to Novell's implementation of DNS and DHCP.
For information on installing the DNS/DHCP Management Utility, refer to
Installing the DNS/DHCP Management Utility on page 118.
We recommend that you place the DNS/DHCP Group, DNS/DHCP Locator,
and the RootServerInfo Zone objects in a separate partition that is accessible
from and replicated to all points of the network where Netware 6 DNS/
DHCP servers are located. Although changes to the DNS/DHCP Group and
Locator objects occur infrequently (only when you add or delete new servers,
zones, or subnets), all Netware 6 DNS/DHCP servers and the DNS/DHCP
Management Utility require access to these objects.
Consider the following eDirectory issues to maintain optimal performance
when providing DNS and DHCP services on your NetWare network:
Where to locate the DNS/DHCP Group and Locator objects
Where to locate DNS and DHCP servers
What replication strategy to employ
How to provide fault tolerance
Planning

103-000164-001
September 4, 2001
Novell Confidential
57
Manual
99a
38
July 17, 2001
Plan to create an Organizational Unit (OU) container object near the top of
your eDirectory tree. The location of this container object should be easily and
widely accessible. Locate the DNS/DHCP Group and Locator objects and the
RootServerInfo Zone object under the container object.
Plan to create an Administrator Group object under this container also. An
administrator group should have Read and Write rights to all DNS/DHCP
Locator object attributes except the global data and options fields. Members
of this group can use the DNS/DHCP Management Utility to create and
modify DNS and DHCP objects.
IMPORTANT: A network administrator can access only his or her administrative
domain which might not include the DNS/DHCP Locator object. By creating an
administrative group, you enable administrators who are group members to use the
DNS/DHCP Management Utility.
Plan to locate your DNS and DHCP servers at locations where they are
geographically close to the hosts that require their services. Plan to have one
DHCP server in each partition of your network to minimize any WAN
communications problems caused by normal load, configuration changes, or
replication.
Replicate the partition containing the DNS/DHCP Group and Locator objects
to all parts of the network that use DNS/DHCP services to ensure access in the
event of system unavailability or hardware problems.
When planning your DNS replication strategy, consider that replication is
employed for load balancing when you provide multiple name servers within
the DNS zone.
Well-planned replication is the best way to provide fault tolerance for DNS/
DHCP services.
Planning a DNS Strategy

Plan to install and operate a primary name server and at least one secondary
name server. Secondary name servers provide load balancing and robustness
to your DNS implementation.
When you configure your zone, the primary name server is considered
authoritative for the zone, meaning that it contains the most up-to-date
information about the zone and all the hosts within it.
A secondary name server receives its zone data from the primary name server.
When it starts up and at periodic intervals, the secondary name server queries
58

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
the primary name server to determine whether the information it contains has
been changed. If the zone information in the secondary name server is older
than the zone information in the primary name server, a zone transfer occurs
and the secondary name server receives the zone information from the primary
name server.
Planning Zones
If you are running a primary name server and providing DNS service for a
zone, the size or geography of your network might require creating subzones
within the zone.
Keep the zone data as a separate partition, and replicate the partition to all
places on your network where you have a name server for the zone. Doing so
enables independent replication of the zone data and also provides a degree of
fault tolerance in the case of server down time.
Novell DNS Server as a Primary Name Server

You must install the Novell DNS server as a primary name server to have
authoritative control over your zone and to take advantage of Dynamic DNS
(DDNS), the dynamic updating of DNS by DHCP.
When operating the Novell DNS server as a primary name server, you use the
DNS/DHCP Management Utility to make configuration changes. When you
operate a primary name server, the zone data can receive dynamic updates
from DHCP servers. Non-Novell secondary name servers can transfer data in
from the Novell primary name server.
Novell DNS Server as a Secondary Name Server (to a Non-Novell

Master)
If you plan to operate secondary DNS servers using Novell DNS/DHCP
Services software to a non-Novell master name server, one Novell secondary
name server must be specified as the Dynamic DNS (DDNS) or zone in
server. The DDNS server receives zone transfer information from the nonNovell master server and provides updates to eDirectory. Other Novell
secondary name servers can then access the information within eDirectory.
Reasons for operating a Novell secondary name server to a non-Novell master
name server include:
Planning

103-000164-001
September 4, 2001
Novell Confidential
59
Manual
99a
38
July 17, 2001
You are using a master DNS server and do not want to designate it as a
primary name server because of the responsibility it entails.
This approach is easy to implement in your existing DNS model.
You want to install more secondary name servers to provide better load
balancing.
You want to gradually make the transition to operating a primary name
server.
Configuring a DNS Server to Forward Requests

If a name server cannot answer a query, it must query a remote server. You can
configure primary or secondary name servers to act as forwarders. When you
designate a server to be a forwarder, all off-site queries are first sent to the
forwarder.
Forwarders that handle the off-site queries develop a robust cache of
information. The forwarder probably can answer any given query with
information from its cache, eliminating the need to make an outside query to
a remote server.
When you decide to make a server a forwarder, configure the other servers in
your zone to direct their queries through the forwarder. When a forwarder
receives a query, it checks its cache for the information. If the information is
unavailable, the forwarder issues a query to the root server.
Forwarding Requests for Unknown Addresses on page 60
Restricting Forwarding on page 61
Forwarding Requests for Unknown Addresses

When you configure your name servers, you provide information about where
to forward requests that the servers cannot answer. If you are configuring to
use forwarders, you provide the names and IP addresses of servers above your
location in your domain. Configure your other name servers to issue queries
to the forwarders for queries they cannot answer.
Even if you are using forwarders, a name server that does not receive a timely
response from its forwarder eventually attempts to query a root server directly.
60

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Restricting Forwarding
If you have a primary name server with subdomains below it and the primary
name server is not aware of the subdomains, the name server sends queries to
external name servers.
You can configure your primary name server to not forward queries for
specified internal subdomains to external name servers. Instead, the primary
name server sends a negative response to any queries for the internal
subdomains.
Setting Up the IN-ADDR.ARPA Zone

Just as the data in your name server provides mapping of names to Internet
addresses, the IN-ADDR.ARPA zone provides mapping of addresses to
names. However, in the structure of the IN-ADDR.ARPA zone, the IP address
appears in reverse. For example, an IP address of 100.20.30.4 in the san-jose.
novell.com domain would be 4.30.20.100.in-addr.arpa in the INADDR.ARPA subdomain.
Registering Your DNS Server with Root Servers

If you plan to operate a primary DNS name server, you must register your
name server with your parent domain. Not all your name servers need to be
registered, but we recommend registering one-third to one-half of your name
servers (up to a maximum of 10) with the parent domain. These servers are
queried by servers outside your domain. The remaining name servers are
queried only by hosts within your domain that are configured to query them.
If you provide DNS service for other domains and provide an authoritative
name server for those domains, you must also register those domains.
To register a domain (and subdomain), you must contact the network
administrators of the parent domain (com, for example) and the in-addr.arpa
domain. Provide the administrators with the name of the domain name server
and the name of the domain and any subdomains for which it is authoritative.
If you are setting up a new domain, you also need to provide the IP address of
any server you want to register.
InterNIC is the organization that registers domain names for the ROOT, com,
org, net, edu, and gov domains. To obtain the form for domain registration
Planning

103-000164-001
September 4, 2001
Novell Confidential
61
Manual
99a
38
July 17, 2001
from InterNIC, contact them at http://rs.internic.net. You can also obtain the
form for in-addr.arpa domain registration from the same location.
Detailed information about the registration process is available from the
InterNIC web site. You can also use the InterNIC web site to research domain
names to ensure that the name you want is not already registered and to obtain
additional information and help.
Planning a DHCP Strategy

This section provides information to help you plan your DHCP strategy. When
planning your implementation of DHCP, consider the following issues:
Your existing network topology, that is, how you set up your routers and
subnets, provides a basic configuration for the distribution of DHCP
resources such as Subnet objects, Subnet Address Range objects, and IP
Address objects.
Your existing eDirectory implementation should be incorporated into
your planning. Place the Locator object near the top of your eDirectory
tree where it can be easily accessed by all servers.
The length of time you set for your leases affects traffic on the network.
Network Topology
Your existing network topology provides a basic configuration for the
distribution of DHCP resources. There are two paths, however, depending on
whether you are migrating from an existing DHCP solution or you are
installing and configuring DHCP for the first time.
Migrating from Another DHCP Solution on page 62
Initiating the DHCP Service on page 63
Migrating from Another DHCP Solution

You can import your existing Novell DHCP 2.0 database or BOOTP-based
configuration files using the DNS/DHCP Management Utility. The import
function enables you to specify the context into which you import the data.
62

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Initiating the DHCP Service

If you are planning to use DHCP for the first time, you must gather a
significant amount of information. You need to make a list of all hosts to be
served by the DHCP server. You must include all devices that use network
addresses in every segment of your network. You must also compile lists of IP
address assignments.
Organize your lists of hosts and IP addresses by geographic location. For
example, if your network is spread over a WAN, make a list for each location
to help you organize the distribution of DHCP resources.
You must have a list of all permanently assigned network addresses. You
might also want to make a list of devices that are to be denied IP addresses and
those hosts that are to receive strict limitations on leases.
After you gather the necessary information, you need to create the necessary
objects to represent this information. This is done by creating subnet address
ranges for contiguous network addresses and other, more specific information.
You will probably have a separate subnet address range for each LAN segment
of your network. You will also create objects of subnets and DHCP servers.
eDirectory Implementation
Plan to create an Organizational Unit (OU), Country (C), or Locality (L)
container object near the top of your eDirectory tree. Plan to locate the DNS/
DHCP Group and Locator objects under the container object.
The DNS/DHCP Locator object must be easily accessible to all DHCP servers
on the network. Plan to have multiple routes for DHCP servers to access the
DNS/DHCP Group object.
Create Subnet objects to represent each LAN segment. Then create one or
more Subnet Address Range objects to represent all your contiguous strings
of IP addresses.
Place the NetWare Core ProtocolTM (NCPTM) servers that will provide DCHP
service near the data to be updated and close to a writable partition. For fast
access and availability, a DHCP server should be on the same LAN as or
geographically close to the writable partitions the DHCP server uses.
When a DHCP server makes or modifies address assignments, the database is
updated. The partition where this database is stored should have at least two
writable replicas. Only one replica might be unsafe because of fault tolerance
Planning

103-000164-001
September 4, 2001
Novell Confidential
63
Manual
99a
38
July 17, 2001
considerations, but three might be too costly in terms of eDirectory

performance.
Lease Considerations
Many factors must be considered when you decide how long to set your client
leases. Issues you must consider include the following:
Your site's and clients' usage patterns
Your network's goals
Availability of servers
Availability of network (IP) addresses
Another important consideration is that clients attempt to renew their leases
half-way through the lease duration. The longer the lease, the longer it takes
for client configuration changes to be registered with the DHCP server. It also
takes longer for the server to realize that a previously assigned address is no
longer in use.
Another issue to consider concerns outages and access to the DHCP server. If
a client loses access to its DHCP server before renewing its lease, it must stop
using the network after the lease expires. If a client is turned on and connected
to the network at the time of the outage, however, the lease does not expire.
The longest lease provided by a DHCP server determines the length of time
you might have to wait before configuration changes can be propagated within
a network. This length of time could mean manually restarting every client or
waiting the amount of time required for all leases to be renewed before the
changes take effect. If your site policy is to turn workstation power off at the
end of the day, clients could acquire configuration changes at least once per
day.
NOTE: All lease considerations refer to DHCP clients or devices only. For clients
or devices that use BOOTP, you must bring down the device and restart it to
acquire any new configuration changes.

Considering the Length of Leases on page 65
Controlling Client Access to Leases on page 67
64

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Considering the Length of Leases

When considering the length of leases, ask these questions:
Will the default of three days work well in your environment?
The default of three days provides a good balance between a long-lease
and a short-lease duration.
Do you have more users than IP addresses?
If you have more users than IP addresses, keep leases short to allow
access to more users. A short lease could be 15 to 30 minutes, two to four
hours, or even a matter of days.
If your site's usage pattern shows that all clients request an address every
day and you have half as many addresses as users, lease times in hours or
minutes would provide access to more users.
Do you provide support for remote access?
If your site has mobile users or provides remote access to clients, plan to
provide service for these clients on a specific subnet. Providing support,
including special options the clients might require, makes network
administration of the clients easier.
Do you support a minimum lease time?
If your site's usage pattern indicates that your users typically use an
address for only one or two hours, that should be your minimum lease
time.
How many clients do you plan to support?
Shorter leases support more clients, but shorter leases also increase the
load on the DHCP server and network bandwidth. A lease of two hours is
long enough to serve most users, and the network load should be
negligible. A lease of one hour or less might increase network load to a
point that requires attention.
How fast are your communications connections between your clients and
the DHCP server?
By locating a DHCP server in close proximity to its users, the network
load should be neglible over LAN connections. If a DHCP server must
communicate over WAN links to provide service to clients, slowdowns
and time-outs might occur.
How long does your typical server outage last?
Planning

103-000164-001
September 4, 2001
Novell Confidential
65
Manual
99a
38
July 17, 2001
If your typical server outage lasts two hours, a lease of four hours would
avoid loss of lease to clients that were active at the time of the server
outage.
We recommend setting your lease times to twice the length of a typical
server outage.
The same recommendation applies to communications line outages. If a
communications line is down long enough that leases expire, you might
see a significant network load when the service is restored.
How long can your clients operate without access to the DHCP server?
If you have users who require a lease for important job functions, consider
lease times for them that are twice the length of a maximum server
outage. For example, if your DHCP server were to go down on Friday
evening and require the entire workday Monday to be restored, that would
be an outage of three days. In this case, a six-day lease covers that
situation.
Do you have users who advertise their IP addresses for services they
render?
If you have users setting up Web pages or archiving data for others to
access, they want addresses that do not change. You might want to assign
permanent addresses for these users instead of assigning long lease times
(three weeks or two months, for example).
The relevant length of time is the maximum amount of time you want to
allow a client to keep an address, even if the host computer is turned off.
For example, if an employee takes a four-week vacation and you want the
employee to keep his or her address, a lease of eight weeks or longer is
required.
Table 8 lists examples of lease times and reasons why these times were
chosen.
Table 8
66
Lease Time Examples

Lease Time
Rationale
15 minutes
Keeps the maximum number of

addresses free when there are more
users than available addresses, but
results in significant traffic and
frequent updates to eDirectory

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Lease Time
Rationale
6 hours
Covers a DHCP server outage of 6

hours
12 hours
Ensures that retraction of address

assignment takes less than one day
3 days
Used by many sites simply because

of software defaults
6 days
Affords a weekend server outage

without losing leases
4 months
Enables students to keep their

address over a summer vacation, for
example
Controlling Client Access to Leases

There usually is a trade-off when an attempt is made to control specific client
access to leases. Typically, you would manually configure each client and
dedicate an IP address permanently to each client. Novell's DHCP server,
however, provides control based on the client's hardware address.
IP Address Availability
This section describes how to identify your IP addresses, how to subnet your
addresses, what to do with addresses assigned by other sources, and how to
restrict address assignments to clients.
Identifying Your Addresses

If you have been using a previous version of Novell DHCP, another vendor's
product, or another method of tracking your IP address information,
information about your addresses should be close at hand. We recommend
verifying the accuracy of your IP address records by performing a site audit to
prevent communication problems.
If you are unsure of the range of your IP addresses, we recommend contacting
your Internet Service Provider (ISP) or checking other records you have on
file.
Planning

103-000164-001
September 4, 2001
Novell Confidential
67
Manual
99a
38
July 17, 2001
Subnetting Your Addresses

One of the more difficult configuration tasks concerns configuring your
routers if you have multiple subnets. Each might require one or more subnets,
depending on your router configuration. Create a Subnet object for each LAN
segment that requires dynamic IP address assignment.
Assigning Addresses Manually

Your site might have devices, such as servers and printers, that have addresses
assigned by means other than DHCP. Assign addresses to these devices
manually.
You also must provide these devices with any specific configuration
information they might require. If you want to provide configuration using
DHCP, the device must be capable of acting as a DHCP client. You can assign
a static address to a device and still provide configuration information using
DHCP.
To ensure that the assigned addresses are not used by DHCP, use the DNS/
DHCP Management Utility to exclude the addresses from assignment. You
can use the utility to exclude single addresses or entire ranges from address
assignment.
Representing Addresses in eDirectory

IP addresses are represented by IP Address objects under Subnet container
objects. Novell DNS/DHCP Services stores address information and attributes
of these objects, such as hostnames, hardware addresses, the time when an
address lease will expire, and fully qualified domain names (FQDNs), in
eDirectory. You can view this information using the DNS/DHCP Management
Utility.
Restricting Address Assignment to Clients

By using static address assignment, you can ensure that a device, capable of
acting as a BOOTP or DHCP client, receives the same address from the DHCP
server each time it is started. You can also explicitly exclude an address
assignment to a device based on the device's hardware address. This is done
by setting DHCP Global Preferences. To invoke the DHCP Global
Preferences window, click DHCP Global Configuration > DHCP Global
Preferences.
68

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Hostnames
Every host on your network that uses the Internet or that can be reached from
the Internet should have a name. Each resource record has a hostname field.
Some simple rules are required for hostnames for conformance to accepted
Internet standards. Hostnames are called labels and can have alphabetic and
numeric characters. A hyphen is allowed if it separates two character strings.
Labels might not be all numbers, but they can have a leading digit. Labels
must begin and end only with a letter or digit.
Planning

103-000164-001
September 4, 2001
Novell Confidential
69
Manual
70
99a
38

103-000164-001
September 4, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
Setting Up
This document provides information about configuring DNS and DHCP, and
importing and exporting database information.
Configuring DNS
The DNS/DHCP Management Utility provides a common Web-based
interface for configuring both DNS and DHCP.
For information on installing the DNS/DHCP Management Utility, refer to
Installing the DNS/DHCP Management Utility on page 118.
For DNS configuration instructions, refer to:
Importing DNS Configuration Information on page 74
Setting Up DNS on page 74
Detailed DNS Configuration on page 76
Configuring DNS Features on page 85
Required eDirectory Rights to Manage DNS/DHCP

Configuration
To manage Novell DNS/DHCP Services, administrators require sufficient
eDirectoryTM rights, depending on the type of operation to be performed.
Administrators who will add new objects and modify existing objects require
Add rights to the appropriate eDirectory container object. The following table
summarizes rights requirements for creating new configuration objects and
modifying existing objects.
Setting Up

103-000164-001
September 4, 2001
Novell Confidential
71
Manual
99a
July 17, 2001
38
DNS/DHCP Objects
Object Rights
All Property Rights
Locator object
Browse
Supervisor
Group object
Browse
Supervisor
Existing objects
Supervisor
Supervisor
Administrators who manage a given set of DHCP subnets or DNS zones

require rights to create or delete IP addresses, ranges of addresses, or resource
record sets. The following table lists the rights requirements of administrators
who perform these tasks.
DNS/DHCP Objects
Object Rights
All Property Rights
Locator object
Browse
Read
Group object
Browse
Read
Existing objects
Browse, Create, Delete
Supervisor
Administrators or users who need to view DNS/DHCP configuration require

rights as summarized in the following table.
72
DNS/DHCP Objects
Object Rights
All Property Rights
Locator object
Browse
Read
Group object
Browse
Read
Existing objects
Browse
Read

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
DNS/DHCP Scope Settings

For better performance results with the DNS/DHCP Management Utility
particularly in a distributed DNS/DHCP set-up, you should configure the
DNS/DHCP Scope Settings for the session before you proceed with other
administrative tasks.
If you do not configure the DNS/DHCP Scope Settings for the session, you
will receive a warning before every task you attempt to perform that the Scope
Settings are not set. You can however, still proceed with the task.
Setting the scope of the DNS/DHCP services involves two specifications for
the session: the eDirectory context of the Locator object, and the
administrative scope of the session. Specifying the eDirectory context of the
Locator object at the start of the session significantly improves performance
because it eliminates the need to search for the Locator object. Specifying the
administrative scope of the session also improves performance significantly
because it restricts the retrieval of DNS/DHCP objects for viewing to the
scope you specify.
The DNS/DHCP Scope Settings you configure for a session last as long as the
session lasts. If you start a fresh session, you have to configure the DNS/
DHCP Scope Settings afresh.
IMPORTANT: If you configure DNS/DHCP Scope Settings for a session for either
DNS Management or DHCP Management, the settings apply across the session
to both roles.
To configure DNS/DHCP Scope Settings, complete the following steps:

1 Click DNS Management or DHCP Management > DNS/DHCP Scope
Settings to open the DNS/DHCP Scope Settings window.

2 Enter the eDirectory context of the DNS/DHCP Locator object.
3 Enter the eDirectory context of the container object that will provide the
administrative scope of the current session.

NOTE: If you enter only the eDirectory context of the DNS/DHCP Locator object
and not the administrative scope of the current session, you can proceed with
administrative tasks without inviting a warning message. Performance however, is
further optimized if you also define the administrative scope.
4 Click OK.
Setting Up

103-000164-001
September 4, 2001
Novell Confidential
73
Manual
99a
38
July 17, 2001
Importing DNS Configuration Information

You can use the Novell DNS/DHCP Management Utility to import existing
DNS configuration information. The DNS information should be in DNS
BIND Master file format.
To import existing DNS configuration information using the Management
Utility, complete the following steps:
1 Open the DNS/DHCP Management Utility in a browser window.
2 Click DNS Management > Import DNS File.
This opens the Zone Management window in the main panel.

3 Select Import Zone from the drop-down menu > Click OK.
This opens the Import DNS Zone window.

4 Enter the eDirectory context of the server or browse to select it.
5 From the Select DNS Server name, select a target DNS Server that will
subsequently manage the zone data.

6 Choose either Primary or Secondary to specify the Zone type. If you
choose Secondary as Zone type, you must type the IP address of the zone
server so that zone transfers can take place.
7 Enter the DNS BIND formatted filename in the DNS Bind File field. You
can also browse to select the file to import from the Choose File dialog
box.
8 Click OK to import the file.
9 Click Import.
Setting Up DNS
This section provides the following procedures required to accomplish a basic
DNS setup:
DNS Prerequisites on page 75
Loading the DNS Server on page 75
Configuring Clients to Use DNS on page 75
Creating a DNS Server Object on page 76
Creating a Primary DNS Zone Object on page 79
74

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
DNS Prerequisites
The following steps must be completed before setting up DNS:
1. Install Novell Netware 6 on the selected server or servers.
2. Install iManage on the Netware machine.
3. Install Internet Explorer 5.0.
Loading the DNS Server

After you have created and set up a DNS Server object and a DNS Zone
object, enter the following command at the DNS server console:
LOAD NAMED
After NAMED.NLM is loaded, the DNS server can respond to queries for the
zone. For more detailed information about NAMED.NLM command line
options, refer to NAMED Command Line Options on page 111.
After NAMED.NLM is loaded, you can use the DNS/DHCP Management
Utility to start and stop the DNS Server. For more information on starting and
stopping the DNS server, refer to Starting/Stopping the DNS Server on page
78.
Configuring Clients to Use DNS

NOTE: This section does not describe how to enable all the available features. For
detailed configuration information, refer to Detailed DNS Configuration on page
76.
To configure Windows NT or Windows 95 client workstations to use DNS,

1 At the client desktop, click Start > Settings > Control Panel, and then
double-click Network.
The Network window opens, listing the network components installed on
the client workstation.
2 Select TCP/IP, then click Properties.
The TCP/IP Properties window is displayed.

3 Click the DNS Configuration tab.
4 Provide a hostname and domain name for each client.
Setting Up

103-000164-001
September 4, 2001
Novell Confidential
75
Manual
99a
38
July 17, 2001
5 Enter the IP address of DNS servers for this client in the search order of
preference, then click OK.

The client can now send DNS queries to the DNS name server.
Detailed DNS Configuration

This section provides detailed information about configuring DNS objects
using the DNS/DHCP Management Utility. All the procedures in this section
assume that you have already launched the utility and used the eMFrame
administration options to install the two role-based services, DNS
Management and DHCP Management. The procedures in this section are:
Creating a DNS Server Object on page 76
Modifying a DNS Server Object on page 77
Creating a Zone Object on page 78
Creating a Primary DNS Zone Object on page 79
Creating a Secondary DNS Zone Object on page 79
Creating an IN-ADDR.ARPA Object on page 80
Creating a Primary IN-ADDR.ARPA Zone Object on page 80
Creating a Secondary IN-ADDR.ARPA Zone Object on page 81
Modifying a Zone Object on page 82
Creating Resource Records on page 83
Modifying Resource Records on page 84
Creating a DNS Server Object

Use the DNS/DHCP Management Utility to create and set up a DNS Server
object for each DNS server you plan to operate.
To create and set up a DNS Server object, complete the following steps:
1 Click DNS Management > DNS Server Management to open the DNS
Server Management window in the main panel.

2 Select Create Server from the drop-down menu > click OK to open the
Create DNS Server window.

3 Enter a server name, or browse to select a server from the eDirectory tree.
76

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
4 Enter a unique host name for the DNS server object.

5 Enter a domain name for the server object.
6 Click Create.
A message indicates that the new DNS server was created.
Modifying a DNS Server Object

After you create a DNS Server object you can modify its configuration
parameters. To do so, complete the following steps:

2 Select Modify Server from the drop-down menu > click OK to open the
Modify DNS Server window.

3 Select the DNS Server.
4 Click OK.
You are led through a set of steps that allow you to modify the following DNS
Server configuration parameters:
List of Zones: Lists the names of the zones that the server controls. This
field cannot be edited.
DNS Server IP Address: Lists the set of domains and subdomains that the
server controls. This field cannot be edited.
DNS Server Domain name: Lists the domain name of the DNS server.
DNS Server Comments: You can type comments about the DNS server in
this box. This is an optional parameter.
Forward List: Specifies a list of IP addresses of DNS servers.
- To add servers to the Forward List, click Add > Enter the IP Address of
the server > click OK.
- To remove servers from the Forward List, select the IP Address of the
server from the Forward List > Click Delete.
No Forward List: Specifies a list of hostnames whose unresolved queries
will not be forwarded to other DNS servers.
To add servers to the No Forward List, click Add > Enter the name
of the server > click OK.
To remove servers from the Forward List, select the domain name of
the server from the No Forward List > Click Delete.
Setting Up

103-000164-001
September 4, 2001
Novell Confidential
77
Manual
99a
38
July 17, 2001
Events Log: Specifies the degree of event data the server is to collect.
Major or critical events denote a significant change in the state of server
processing. To configure the event log, choose from the following
options:
None: Turns off event logging (default)
Major Events: Logs only critical events
All: Logs both major and minor events
Audit Log: Check Enable Audit Trail Log to log audit trails and events.
Starting/Stopping the DNS Server


2 Select Start/Stop Server from the drop-down menu > click OK to open the
DNS Server Start/Stop Services window.

3 Select the DNS server.
4 Click OK.
5 Depending on the state of the DNS Server module, any one of the
following will now appear:
Failure notification message: This appears if the DNS Server module

(NAMED.NLM) is not loaded. In order to start the server, load the
DNS Server module through the system console.
Start button: If the DNS Server module is loaded but in STOP mode,
click to start the DNS server.
Stop button: If the DNS Server module is loaded but in START

mode, click to stop the DNS server.
NOTE: To use the Start/Stop DNS service, NAMED.NLM must be loaded.
Creating a Zone Object

The DNS Zone object is an eDirectory container object that comprises
Resource Record Set (RRSet) objects and resource records. This section
provides information about how to create a Secondary DNS Zone object and
an IN-ADDR.ARPA Zone object. For information about how to create a
Primary DNS Zone object, refer to Creating a Primary DNS Zone Object on
page 79.
78

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Creating a Primary DNS Zone Object

After you create a DNS Server object, use the DNS/DHCP Management
Utility to create and set up a Primary DNS zone. For information about how
to create a secondary DNS Zone object refer to Creating a Secondary DNS
Zone Object on page 79. For information about how to create an INADDR.ARPA Zone object, refer to Creating an IN-ADDR.ARPA Object on
page 80.
To create a primary DNS Zone object, complete the following steps:
1 Click DNS Management > Zone Management to open the Zone
Management window in the main panel.

2 Select Create Zone from the drop-down menu > click OK to open the
Create DNS Zone window.

3 Choose Create New Zone.
4 Enter the eDirectory context for the zone or browse to select it.
5 Enter a name for the zone object.
6 Under Zone Type, choose Primary (default).
7 Select a DNS server from the Assign Authoritative DNS Server drop-
down menu.
or
Enter a unique host name in the Name Server Host Name box and
optionally, select a domain from the Domain drop-down menu.
8 Click Create.
A message indicates that the new primary zone has been created.
Creating a Secondary DNS Zone Object

After you create a DNS Server object, you can use the DNS/DHCP
Management Utility to create and set up Secondary DNS Zone object. To
create a Secondary DNS Zone object, you must provide the IP address of the
DNS server that will perform zone in transfers for the secondary zone.
To create a secondary DNS Zone object, complete the following steps:


Setting Up

103-000164-001
September 4, 2001
Novell Confidential
79
Manual
99a
38
July 17, 2001
3 Choose Create New Zone.

5 Enter a name for the zone object.
6 Under Zone Type, choose Secondary.
7 Enter the IP address of the DNS server that will provide zone out transfers
for this secondary zone.

down menu. This is an optional parameter.

or
optionally, select a domain from the Domain drop-down menu.
9 Click Create.
A message indicates that the new secondary zone has been created.
Creating an IN-ADDR.ARPA Object

After you create a DNS Server object, you can use the DNS/DHCP
Management Utility to create and set up an IN-ADDR.ARPA Zone object. An
IN-ADDR.ARPA can be either a Primary IN-ADDR.ARPA Zone object or a
Secondary IN-ADDR.ARPA Zone object. For more information about
creating a Primary IN-ADDR.ARPA Zone object, refer to Creating a
Primary IN-ADDR.ARPA Zone Object on page 80. For more information
about creating a Primary IN-ADDR.ARPA Zone object, refer to Creating a
Secondary IN-ADDR.ARPA Zone Object on page 81.
Creating a Primary IN-ADDR.ARPA Zone Object

To create a Primary IN-ADDR.ARPA Zone object, complete the following
steps:


3 Choose Create IN-ADDR.ARPA.
80

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
5 Enter the IP address of the zone in the Zone Domain Name field. The IN-
ADDR.ARPA zone name is displayed.

6 Under Zone Type, choose Primary (default).
down menu.
or
optionally, enter a domain name or select it from the Domain drop-down
menu.
8 Click Create.
A message indicates that the new Primary IN-ADDR.ARPA Zone object

has been created.
Creating a Secondary IN-ADDR.ARPA Zone Object

To create a Secondary IN-ADDR.ARPA Zone object, complete the following
steps:


3 Choose Create IN-ADDR.ARPA.
5 Enter the IP address of the zone in the Zone Domain Name field. The IN-
ADDR.ARPA zone name is displayed.

6 Under Zone Type, choose Secondary.
down menu.
or
optionally, enter a domain name or select it from the Domain drop-down
menu.
8 Type the IP Address of the DNS server that will provide zone-out
transfers for this secondary zone.
Setting Up

103-000164-001
September 4, 2001
Novell Confidential
81
Manual
99a
38
July 17, 2001
9 Click Create.
A message indicates that the new Secondary IN-ADDR.ARPA Zone

object has been created.
Modifying a Zone Object

After you have created a Zone object, you can modify it and provide more
detailed configuration information.
To modify a new Zone object's attributes, complete the following steps:

2 Select Modify Zone from the drop-down menu > click OK to open the
Modify DNS Zone window.

3 Select the DNS Zone object from the drop-down menu.
4 Click OK.
You can now modify the following DNS Zone configuration parameters:
Zone Type: Specifies whether the zone will be a Primary or a Secondary
zone.
Zone Master IP Address: To change a Primary zone to a Secondary zone,
click the Secondary zone box and provide the IP address of the Primary
DNS Server in the Zone Master IP Address field.
Available DNS Servers: Specify the server to which the zone is to be
assigned > click Add. The server will then be displayed in the
Authoritative DNS Servers field.
Authoritative DNS Servers: To delete a DNS server assignment to a zone,
select the server to be removed from the field, then click Remove.
Add All: Click this to add available DNS servers to a zone.
Remove All: Click this to remove available DNS servers from a zone.
Designated DNS Server: Designates a server for the zone if more than one
DNS server is assigned to a zone. This server will be responsible for
getting DHCP updates for the zone, if the zone is a Primary zone.
Comments: Use this field to provide comment information about the
zone. This is an optional parameter.
82

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Modify Zone Out Filter: Specifies a list of IP addresses or networks

authorized to do zone out transfers from this zone. Use the Add and
Delete buttons to add or remove particular IP addresses and networks.
Zone Master: Specifies the name of the DNS zone.
E-mail Address: Specifies the e-mail address for the zone.
Serial Number: Use this field to set a date and revision number for the
Start of Authority.
Interval values: Choose from the following values:
- Refresh: Enables the user to specify, in minutes, the time in which the
secondary name server downloads a copy of the zone data to the
primary name server. The default is 180 minutes.
- Retry:Specifies, in minutes, the time that a secondary name server waits
after a failed download before it tries to download the zone database
again. The default is 60 minutes.
- Expire: Specifies, in hours, the time that a secondary name server
continues to try to download a zone database. The default is 168 hours.
- Minimal TTL: Specifies, in hours, the minimum TTL for a resource
record. This parameter determines how long a DNS server retains an
address mapping in cache. The default is 24 hours.
Creating Resource Records

A resource record is a piece of information about a domain name. Each
resource record contains information about a particular piece of data within
the domain.
To create a new resource record, complete the following steps:
1 Click DNS Management > Resource Record Management to open the
Resource Record Management window in the main panel.

2 Select Create Resource Record from the drop-down menu > click OK to
open the Create Resource Record window.

3 From the Select Domain Name drop-down menu, select the domain
where the resource record is to be created.

4 Optionally, from the Select Host Name drop-down menu, select the name
of the host server. This binds a domain name with a hostname for a
specific name server.
5 Click OK to specify the Resource Record type.
Setting Up

103-000164-001
September 4, 2001
Novell Confidential
83
Manual
99a
38
July 17, 2001
6 Choose the Resource Record Type (RR Type) from the available options
under the Others drop-down menu and enter appropriate Resource

Record data corresponding to the type chosen.
7 Click Create.
For more information on Resource Record Types, refer to Table 2, Resource

Record Types and Field Differences, on page 33.
NOTE: Start of Authority (SOA) is defined as part of a Zone object's attributes, and
a Pointer (PTR) record is created automatically when any new A resource record
or IPv6 (AAAA) resource record is created if the IN-ADDR.ARPA zone exists.
Modifying Resource Records

To modify a resource record, complete the following steps:
1 Click DNS Management > Resource Record Management to open the
Resource Record Management window in the main panel.

2 Select Modify Resource Record from the drop-down menu > click OK to
open the Modify RR Set - Resource Record window.

3 From the Select Domain drop-down menu, select the domain that
contains the host or RR Set.

4 From the Select Host drop-down menu, select the host or RR Set that
contains the Resource Record.

5 You can modify the properties of either the entire RR Set or a single
record in the RR Set.

To modify the RR Set, complete the following steps:
Click Modify RR Set to open the Modify RR Set window.
Enter the name of the eDirectory object to be associated with the RR

Set in the Associated eDirectory Object box, or browse to select it.
Optionally, type comments about the RR Set object in the Comments

box.
Click Done to close the Modify RR Set window.
To modify a single Resource Record, complete the following steps:
84
From the Select Resource Record drop-down menu, select the

Resource Record.
Click OK to view the domain, the hostname and the Type

information associated with the Resource Record.

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
You can now modify the Resource Record Data of all but the
following types of resource records:
- A (or IPv4)
- AAAA (or IPv6)
6 Click Done to save the changes.
Configuring DNS Features

This section provides procedures to help you configure the DNS features of
Novell DNS/DHCP Services. The procedures in this section are:
Configuring an eDirectory Server to Forward Queries to Root Name
Servers on page 85
Configuring a Cache-Only Server on page 85
Configuring to Support Child Zones on page 86
Configuring an eDirectory Server to Forward Queries to Root Name

Servers
When you install Netware 6, the root server information is automatically
loaded into your system. No procedure is required to configure your system to
forward queries to the root name servers.
Configuring a Cache-Only Server

A cache-only server should be located between the clients that require address
resolution and any DNS name servers that communicate over the Internet.
Configure DNS clients to forward their queries to the cache-only server, and
configure the cache-only server to forward its queries to a DNS server (or
servers) attached directly to the Internet.
To configure a server to function as a cache-only server, follow the
instructions to create a DNS server in Creating a DNS Server Object on
page 76. After you have created the DNS Server object, do not assign any
zones for it to serve. Configure this server to forward its queries to a DNS
server
Setting Up

103-000164-001
September 4, 2001
Novell Confidential
85
Manual
99a
38
July 17, 2001
Configuring to Support Child Zones

If you are supporting child zones, you must configure the glue logic or glue
records to associate the child zones with the parent zone.
The parent zone contains a referral to the child zone, meaning that its zone
information contains an Name Server (NS) record that names the zone server
for the child zone and an Address record that specifies the IP address for the
child zone's DNS name server.
When configured, queries to the parent zone for names within the child zone
are returned with the child zone's referral records. The requester can then
query the child zone's name server directly.
Configuring DHCP
To manage an organization's IP address database, you must define the global
address pool in the form of Class A, B, and C network addresses. The
addresses available to a network are managed by the DNS/DHCP
Management Utility and logically organized into the following types of
objects:
Subnet
Subnet Address Range
IP Address
DHCP Server
Subnet Pool
The Novell DHCP server views an organization's network as a collection of
DHCP objects.
For DHCP configuration instructions, refer to:
Importing DHCP Configuration Information on page 87
Setting Up DHCP on page 88
86

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Importing DHCP Configuration Information

You can use the DNS/DHCP Management Utility to import existing DHCP
configuration information. The DHCP information should be in DHCP
version 2.0 or 3.0 file format.
To import existing DHCP configuration information, complete the following
steps:
1 Open the DNS/DHCP Management Utility in a browser window.
2 Click DHCP Management > Global DHCP Configuration to open the
Global DHCP Configuration window in the main panel.

3 Select Import DHCP Configuration from the drop-down menu > Click
OK to open the Import DHCP Configuration File window.

4 Enter the eDirectory context or browse to select it.
5 Enter the name of the DHCP Configuration File or browse to select it.
6 Click OK.
7 The DHCP Subnet configuration information is displayed.
To add an available DHCP Subnet to the list of selected subnets, click

Add.
To include all available DHCP Subnets to the list of selected subnets,

click Add All.
To delete a subnet from the list of selected subnets, click Remove.
To delete all subnets from the list of selected subnets, click Remove
All.
8 Click OK.
The selected subnets are now imported.
Setting Up

103-000164-001
September 4, 2001
Novell Confidential
87
Manual
99a
38
July 17, 2001
Setting Up DHCP
This section provides the following procedures required to accomplish a basic
DHCP setup:
DHCP Prerequisites on page 88
Setting Global DHCP Options on page 89
Creating a DHCP Server Object on page 91
Creating a Subnet Object on page 91
Creating Subnet Address Ranges on page 92
Creating IP Address Objects on page 92
Loading the DHCP Server on page 93
Configuring Clients to Use DHCP on page 94
This section does not describe how to enable all the available features. For
more information refer to Detailed DHCP Configuration on page 94
DHCP Prerequisites
The following steps must be completed prior to setting up DHCP:
1. Load Netware 6 on the selected server or servers.
2. Install iManage.
3. Install Internet Explorer 5.0.
Setting Global DHCP Preferences

You can use Global Preferences to add, delete, or modify global data, such as
global DHCP options and global DHCP defaults. For more information about
setting global DHCP options, refer to Setting Global DHCP Options on
page 89. For more information about setting global DHCP defaults, refer to
Setting Global DHCP Defaults on page 89. For more information about
configuring the DHCP Options Table, refer to Viewing the DHCP Options
Table on page 90.
88

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Setting Global DHCP Options

To define a global DHCP option:

2 Select Set Global Preferences from the drop-down menu > click OK to
open the Global DHCP Preferences window.

3 Click Modify to open the DHCP Options window.
4 The DHCP Options you can configure globally are listed in the Available
DHCP Options list box. To configure an option, complete the following

steps:
Select it from the Available DHCP Options list box and click Add.
Enter the required supporting information as prompted.
5 Click Done to close the DHCP Options window.
The global DHCP Option you added or configured now appears in the
Global DHCP Options list.
To remove a global DHCP option


3 Check the Select column of the DHCP option you want to remove and
click Delete.
The global DHCP Option you deleted is now removed from the Global
DHCP Options list.
Setting Global DHCP Defaults

To define a global DHCP default:

2 Select Set Global Preferences from the drop-down menu > Click OK to
Setting Up

103-000164-001
September 4, 2001
Novell Confidential
89
Manual
99a
38
July 17, 2001
3 Click Next to open the Excluded Hardware Addresses list in the Global
DHCP Defaults window.

This list contains the MAC addresses of clients that should not receive IP
addresses from DHCP servers. These exclusions apply to all DHCP
servers in the eDirectory tree.
4 Click Next to open the Included Hardware Addresses list in the Global
DHCP Defaults window.

This list contains the MAC addresses of clients that will receive IP
addresses from DHCP servers.
IMPORTANT: The Excluded and Included Hardware Addresses lists are mutually
exclusive. You are expected to configure only one of these lists and ensure that the
other list is empty.
5 Click Add > Enter the MAC Address of the client > Specify the hardware
type.
6 Click OK.
The MAC address is added to the Excluded Hardware Addresses list.
Viewing the DHCP Options Table

The DHCP Options Table provides a list of parameters that can be defined for
use on the network. After an option is defined,you can assign a value to the
option using Global DHCP Options.
To view a DHCP option:


3 Click Next > Next to open the DHCP Options Table window that lists
both the system-defined and user-defined DHCP options.

4 Click Done to return to the home page.
90

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Creating a DHCP Server Object

You use the DNS/DHCP Management Utility to create and set up a DHCP
Server object. A DHCP Server object can be created or located under any of
the following objects:
Organization (O)
Organization Unit (OU)
Country (C)
Locality (L)
To create and set up a DHCP server object, complete the following steps:
1 Click DHCP Management > DHCP Server Management to open the
DHCP Server Management window in the main panel.

2 Select Create Server from the drop-down menu > click OK to open the
Create DHCP Server window.

3 Enter the name of the server or browse to select it.
4 Click Create.
A message indicates that the new DHCP Server Object has been created.
Creating a Subnet Object

You use the DNS/DHCP Management Utility to create and set up a DHCP
Subnet object for each of the subnets to which you will assign addresses.
To create and set up a Subnet object, complete the following steps:
1 Click DHCP Management > Subnet Management to open the Subnet

2 Select Create Subnet from the drop-down menu > click OK to open the
Create Subnet window.

3 Enter a unique subnet name.
4 Select the eDirectory context where the new subnet record will be stored.
5 Enter a subnet address, a subnet mask, and the name of a default DHCP
server in the fields provided.

The default DHCP server field designates the principal DHCP server for
a subnet. This server is assigned all address ranges created under the
Setting Up

103-000164-001
September 4, 2001
Novell Confidential
91
Manual
99a
38
July 17, 2001
subnet, unless a different server is specified when the range is created.

The default server also is the only server that responds to BOOTP
requests for the subnet.
6 Click Create.
A message indicates that the new subnet has been created.

IP address objects are simultaneously created to exclude routing and
broadcast addresses.
Creating Subnet Address Ranges

You use the DNS/DHCP Management Utility to create and set up Subnet
Address Range objects for each pool of addresses you want to be dynamically
assigned by DHCP.
To create and set up a Subnet Address Range object, complete the following
steps:
1 Click DHCP Management > Address Range Management to open the
Address Range Management window in the main panel.

2 Select Create Address Range from the drop-down menu > click OK to
open the Create Subnet Address Range window.

3 From the drop-down menu, select the subnet for which the address range
is required.
4 In the Address Range Name field, type the name of the Subnet Address
Range.
5 Type the Start Address and End Address to specify the lower and upper
limits of the subnet address range.

6 Click Create.
A message indicates that the new subnet address range has been created.
Creating IP Address Objects

You use the DNS/DHCP Management Utility to create and set up any IP
Address objects to be assigned to specific devices or to be excluded from
dynamic assignment. Create an IP Address object for each such device or
address. Assigning a specific address to a client requires you to specify the
client's media-access control (MAC) address or Client ID.
92

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If you have set up subnets and subnet address ranges, you are not required to
set up individual IP addresses unless you want to perform manual address
assignment or exclude addresses from assignment.
To create and set up an IP Address object, complete the following steps:
1 Click DHCP Management > IP Address Management to open the IP
Address Management window in the main panel.

2 Select Create IP Address from the drop-down menu > click OK to open
the Create IP Address window.

3 From the drop-down menu select the subnet for which the IP address will
be created.
4 Enter the IP address.
5 Choose an assignment type for the IP address object. Assignment types
for an IP Address object are Dynamic, Manual and Exclusion. If the IP

address is dynamically assigned by the DHCP server, it will be
automatically displayed.
Valid types that can be created manually are Manual and Exclusion. A
manual assignment type must have either a MAC Type or a Client
Identifier for the IP address object to be created.
Client Identifier uniquely identifies the client.
MAC Type specifies the MAC address type.
MAC Address specifies the hardware address of the NIC (Network
Interface Card).
6 Click Create.
A message is displayed indicating that the new IP Address object has

been created.
Loading the DHCP Server

To load a DHCP Server object, complete the following steps:
1 Create a DHCP Server object. For more information, refer to Creating a
DHCP Server Object on page 91.

2 Create a Subnet object, and assign a default DHCP server to it. For more
information, refer to Creating a Subnet Object on page 91.

3 Enter the following command at the DHCP server console:
LOAD DHCPSRVR
Setting Up

103-000164-001
September 4, 2001
Novell Confidential
93
Manual
99a
38
July 17, 2001
After you load DHCPSRVR.NLM, the DHCP server can respond to client
requests and assign IP addresses. For information about other command line
options, refer to DHCPSRVR Command Line Options on page 112.
After DHCPSRVR.NLM is loaded, you can use the DNS/DHCP Management
Utility to start and stop the DHCP Server. For more information on starting
and stopping the DHCP server, refer to Starting/Stopping the DHCP Server
on page 96.
Configuring Clients to Use DHCP

To configure Windows 95 and Windows NT* client workstations to use
DHCP, complete the following steps:
1 At the client desktop, click Start > Settings > Control Panel, and then
double-click Network.
The Network window is displayed, listing the network components
installed on the client workstation.
2 Click TCP/IP and click Properties.
The TCP/IP Properties window opens.

3 Select Obtain an IP Address Automatically > click OK.
The next time the client starts up, it will send a request to the DHCP server for
an IP address.
IMPORTANT: Any client configuration settings override the configuration received
from a DHCP server. The only exception is the hostname parameter set on the
DNS Configuration tab of TCP/IP Properties window.
Detailed DHCP Configuration

This section provides detailed information about configuring DHCP objects
using the DNS/DHCP Management Utility.
Refer to Setting Up DHCP on page 88 for information about setting up
DHCP and creating DHCP objects. The following sections provide detailed
information about modifying DHCP objects:
Modifying a DHCP Server Object on page 95
Modifying an Existing Subnet Object on page 97
Modifying a Subnet Address Range Object on page 98
94

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Modifying an Existing IP Address Object on page 100

Creating a Subnet Pool Object on page 101
Modifying a Subnet Pool Object on page 102
Modifying a DHCP Server Object

Refer to Creating a DHCP Server Object on page 91 for information about
creating a DHCP Server object. After a DHCP Server object has been created,
you can modify its configuration parameters by completing the following
steps:

Modify DHCP Server window.

3 Select the DHCP Server object from the drop-down menu.
4 Click OK.
You are led through a set of steps by which you can modify the following
parameters:
Subnet Address Range Serviced by the Server: This displays

information about the range of addresses that can be dynamically
assigned by the server.
Subnet Serviced by the Server: This displays information about the

subnet to which the server can assign addresses.
Comments: You can type comments about the DHCP server in this
box. This is an optional parameter.
Set SNMP Traps Option: SNMP traps control DHCP server event
trapping. Choose from the following options:
- None: Turns off SNMP traps
- Major Events: Traps only critical events (default)
- All: Traps both major and minor events
Management applications such as Novell ManageWise software
help you monitor traps.
Setting Up

103-000164-001
September 4, 2001
Novell Confidential
95
Manual
99a
38
July 17, 2001
Audit Trail and Alerts Option: Auditing allows you to analyze

historical data and diagnose operational difficulties. Choose from the
following options:
- None: Disables auditing
- Major Events: Audits only major events such as SNMP traps
(default)
- All: Audits all events
Enable Audit Trail Log: Check this to log audit trails and events.
Mobile User Option: The DHCP server can be configured to support

mobile users such as laptop users. Choose from the following
options:
- No Mobile Users Allowed: Disables support for mobile users
- Allow Mobile Users but Delete Previously Assigned Address:
Deletes previously assigned addresses while granting an address
to a mobile user (default)
- Allow Mobile Users but Do Not Delete Previously Assigned
Address: Caches previously assigned addresses while granting an
address to a mobile user
Ping Address: Check this to ping an address to ensure that the

address is not in use before it is assigned. Note that enabling ping
increases traffic on the network.
Starting/Stopping the DHCP Server


2 Select Start/Stop Server from the drop-down menu > click OK to open the
DHCP Server Start/Stop Services window.

3 Select the server from the Select DHCP Server drop-down menu.
4 Click OK.
5 Depending on the state of the DHCP Server module, any one of the
following will now appear:
96
Failure notification message: This appears if the DHCP Server

module (DHCPSRVR.NLM) is not loaded. In order to start the
server, load the DHCP Server module through the system console.
Start button: If the DHCP Server module is loaded but in STOP

mode, click to start the DHCP server.

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Stop button: If the DHCP Server module is loaded but in START

mode, click to stop the DHCP server.
NOTE: To use the Start/Stop DHCP service, DHCPSRVR.NLM must be loaded.
Modifying an Existing Subnet Object

For information about creating a Subnet object, refer to Creating a Subnet
Object on page 91. After a subnet object has been created, you can modify its
configuration parameters by completing the following steps:
1 Click DHCP Management > Subnet Management to open the Subnet

2 Select Modify Subnet from the drop-down menu > click OK to open the
Modify Subnet window.

3 Select the Subnet object from the drop-down menu.
4 Click OK.
parameters:
DNS Zone for Dynamic Update: Specifies the DNS zone where
dynamic updating will occur. The specified DNS zone is then
notified of any changes to the subnet.
Domain Name: Specifies the domain name that will be combined

with the hostname received from the client computer. This name will
be given to DNS during dynamic DNS update. The domain name
must be part of the zone specified for dynamic DNS.
Subnet Pool Preference: Specifies the subnet pool to be used by the

subnet. This parameter setting is optional. Subnet pools enable the
DHCP server to assign addresses to multiple logical networks on a
single physical network. A subnet pool groups logical networks.
Default DHCP Server: Specifies a default DHCP server that will

assign address ranges for the subnet. This server is also the only
server that will respond to BOOTP requests for the subnet.
Comments: Provides an area for comment information about the

subnet. This is an optional parameter.
Lease Type: Specifies the length of time for an address assignment.

A lease type can be permanent or timed. Permanent leases never
expire; the client is assigned an IP address for an indefinite period.
Timed leases are defined in days, hours, and minutes. Timed leases
expire, unless the client renews the lease.
Setting Up

103-000164-001
September 4, 2001
Novell Confidential
97
Manual
99a
38
July 17, 2001
Set Boot Parameter Options: Check this to specify the Server

Address, Server Name, and Boot File Name for the BOOTP service.
This information, provided at boot time, includes the address and
name of a server the client can contact for a boot image, as well as a
boot filename.
Other DHCP Options: To configure an option, complete the

following steps:
Click Modify to open the DHCP options page that list the
available DHCP Options.
Select the DHCP option and provide the necessary DHCP
information.
Click Add.
To remove a DHCP option:
Check the Select column of the DHCP option you want to
remove > click Delete
Modifying a Subnet Address Range Object

Refer to Creating Subnet Address Ranges on page 92 for information about
creating a Subnet Address Range object. After a Subnet Address Range object
has been created, you can modify its configuration parameters by completing
1 Click DHCP Management > Address Range Management to open the
Address Range Management window in the main panel.

2 Select Modify Address Range from the drop-down menu > click OK to
open the Modify Subnet Address Range window.

3 From the Select Subnet drop-down menu, select the subnet that contains
the address range to be modified.

4 From the Select Address Range drop-down menu, select the address
range to be modified.
5 Click OK.
address range parameters:
98
Range Type: indicates the range of addresses used by the DHCP

server in response to requests from clients.

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
From the Select Range Type drop-down menu, choose one of the
following:
Dynamic DHCP: A range of addresses used by the DHCP server
to assign addresses to clients making only DHCP requests. If the
Dynamic DHCP range type is assigned, the DNS Update Option
parameter can be enabled. If Always Update is selected, the
DHCP server will update DNS as dynamic addresses are
assigned and released
Dynamic BOOTP: A range of addresses used by the DHCP
server to assign addresses to clients making only BOOTP
requests.
Dynamic BOOTP and DHCP: A range of addresses used by the
DHCP server to assign addresses to clients making either DHCP
or BOOTP requests. If the Dynamic BOOTP and DHCP range
type is assigned, the DNS Update Option parameter can be
enabled. If Always Update is selected, the DHCP server will
update DNS as dynamic addresses are assigned and released.
Dynamic DHCP with Automatic Host Name Generation: A
range of addresses used by the DHCP server to assign addresses
to clients making only DHCP requests. Hostnames for this pool
will be generated and entered into the DNS system. Hostnames
are provided to clients as a DHCP option. If you choose this
option, ensure that you create the corresponding INADDR.ARPA zone.
Excluded: A range of addresses that is excluded by the DHCP
server while assigning IP addresses.
If the Dynamic DHCP with Automatic Host Name Generation range
type is assigned, the Auto Host Name Starts With parameter can be
set. This parameter appends a unique integer to the hostname,
generating a unique hostname for each client.
Additionally, the name of the DHCP Server can be specified by
selecting it from the DHCP Server drop-down menu.
Comments: Type your comments about the Subnet Address Range in

this box. This is an optional parameter.
Setting Up

103-000164-001
September 4, 2001
Novell Confidential
99
Manual
99a
38
July 17, 2001
Modifying an Existing IP Address Object

Refer to Creating IP Address Objects on page 92 for information about
creating IP Address objects. After an IP Address object has been created, you
can modify its configuration parameters by completing the following steps:
1 Click DHCP Management > IP Address Management to open the IP
Address Management window in the main panel.

2 Select Modify IP Address from the drop-down menu > click OK to open
the Modify IP Address window.

3 Select the subnet that contains the IP address to be modified.
4 Select the IP Address.
5 Click OK.
IP Address object parameters:
Assignment Type: Specifies Exclusion or Manual IP address

assignment types.
- Exclusion: Address objects are created to identify IP addresses to
be excluded from DHCP server address assignment. An Excluded
assignment type designates that the IP address will not be used.
- Manual: Address objects are created to identify an IP address to be
assigned to a device. A client identifier or MAC address must be
configured for the manual address so that the DHCP server can
identify the appropriate client. Manual assignment types specify
client identifiers, MAC types, MAC addresses, or hostname
parameters.
Client Identifier: Uniquely identifies the client.
MAC Type: Specifies the MAC address type.

- 15, Frame Relay
- 16, Asynchronous Transfer Mode (ATM)
- 17, HDLC
- 18, Fibre Channel
- 20, Serial Line
100 Novell DNS/DHCP Management Utility Administration Guide

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
MAC Address: Specifies the hardware address of the NIC (Network

Interface Card).
Host Name: Specifies the name of the host server.
Associated eDirectory Object : Use this field to select another object

in the eDirectory database to maintain a reference to. For example,
identify a user who typically uses the device associated with this
address.
Comments: You can type comments about the address object in this
box. This is an optional parameter.
Lease Expiration Option: A lease type can be permanent or timed.

Permanent leases never expire; the client is assigned an IP address
for an indefinite period. Timed leases are defined in days, hours, and
minutes. Timed leases expire, unless the client renews the lease.
Last Used: Displays when the IP address was last used.
Other DHCP Options: Use this to add, delete, update, or specify

default DHCP options for a manually assigned address type. Default
is used to display DHCP options inherited from global preferences
and the Subnet object that the address object is under.
Creating a Subnet Pool Object

A Subnet Pool object is a logical group of related Subnet objects of the same
type. A Subnet Pool object can be created or located under any of the
following objects:
Organization (O)
Organization Unit (OU)
Country (C)
Locality (L)
To create a new Subnet Pool object, complete the following steps:
1 Click DHCP Management > Subnet Pool Management to open the Subnet
Pool Management window in the main panel.

2 Select Create Subnet Pool from the drop-down menu > click OK to open
the Create Subnet Pool window.

3 Enter a unique subnet pool name in the Subnet Pool Name field.
Setting Up 101

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
4 Enter the eDirectory context where the subnet pool record will be placed.
5 Click OK.
A message indicates that the new subnet pool object has been created.
Modifying a Subnet Pool Object

Refer to Creating a Subnet Pool Object on page 101 for information about
creating subnet pool objects. After a subnet pool object has been created, you
can modify its configuration parameters by completing the following steps:
1 Click DHCP Management > Subnet Pool Management to open the Subnet
Pool Management window in the main panel.

2 Select Modify Subnet Pool from the drop-down menu > click OK to open
the Modify Subnet Pool window.

3 Select the subnet object.
4 Click OK.
You can modify the Subnet Type configuration parameter. You can add a
subnet to a subnet pool or remove a subnet from the pool.
To add a subnet to a subnet pool, complete the following steps:
Click Add.
Select the subnet.
Click OK.
To remove a subnet from a subnet pool, complete the following steps:
Select the subnet.
Click Delete.
Configuring Special Features

This section describes how to configure Netware 6 to use the special features
of Novell DNS/DHCP Services. The following configuration tasks are
described:
Configuring a DNS Server to be Authoritative for Multiple Zones on
page 103
Configuring a Multi-Homed Server on page 103

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Configuring Dynamic DNS on page 103

Configuring Multiple Logical Networks on page 104
Configuring a DNS Server to be Authoritative for Multiple Zones

A Netware 6 DNS server can be authoritative for multiple zones. There is no
limit to the number of zones a Netware 6 server can support other than those
mentioned in Optimizing DNS Performance on page 115. Those limitations
have to do with the total number of objects.
When you configure a zone, the Assign Authoritative DNS Server field in the
Create New Zone task is the one that specifies the DNS server that will support
the zone.
Configuring a Multi-Homed Server

A multi-homed server is a server with more than one IP address. In an Internet
environment, a multi-homed server is a single server connected to multiple
data links, which may be on different networks.
When using a DNS server with more than one IP address, you must use an
address that is bound to the server, and that address must match the address
used in the NS and A resource records for the zone.
NOTE: An NS resource record specifies a domain name for an authoritative name
server for the specified class and domain.
Configuring Dynamic DNS

Dynamic DNS (DDNS) provides automatic updating of DNS with Address
and Pointer records for addresses and hostnames assigned using the DDNS
feature. To use DDNS, the following configuration must already exist:
The DNS Zone object to receive DHCP updates must already be created.
Subnet Address Range objects that will use DDNS must be set to range
type Dynamic BOOTP and DHCP or Dynamic DHCP.
To activate the DDNS feature, complete the following steps:
1 Select the Subnet object of the Subnet Address Range on which you want
to activate DDNS and specify a zone in the DNS Zone for Dynamic
Update.
Setting Up 103

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
2 Select the desired Subnet Address Range and ensure that the range type
is set to Dynamic BOOTP and DHCP or Dynamic DHCP.

3 Set the DNS update option to Always Update.
4 Click Save.
Configuring Multiple Logical Networks

When you configure multiple logical networks, also known as virtual local
area networks (VLANs), you associate each individual LAN or Subnet object
with a Subnet Pool object. The Subnet object you associate with the Subnet
Pool object can be created prior to creating the Subnet Pool object, or an
existing subnet can be modified.
To configure multiple logical networks or VLANs, complete the following
steps:
1 Create a Subnet Pool object.
For detailed information about creating a Subnet Pool object, refer to

Creating a Subnet Pool Object on page 101.
2 Select a Subnet object or create and configure a new Subnet object.
3 Click Subnet Pool Management > Modify Subnet Pool and add the subnet
to the subnet pool with which to associate the subnet object.

4 Click OK.
5 Repeat Step 2 through Step 4 for each subnet you want to associate with
the Subnet Pool object.
Configuring for Auditing

You configure DNS and DHCP for auditing by using the DNS/DHCP
Management Utility as described in:
Configuring DNS Auditing on page 105
Viewing the DNS Audit Trail Log on page 105
Viewing the DNS Event Log on page 106
Configuring DHCP Auditing on page 108
Viewing the DHCP Audit Trail Log on page 108
Viewing the DHCP Event Log on page 110

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Configuring DNS Auditing

To configure a DNS server to audit activities, complete the following steps:

Modify DNS Server window.

3 Select the DNS Server.
4 Click OK.
5 Click Next > Next > and select Major Events or All under Event Log.
6 Check the Enable Audit Trail Log check box.
7 Click OK.
Viewing the DNS Audit Trail Log


2 Select Audit Trail Log from the drop-down menu > Click OK to open the
DNS Server Audit Trail Log window

3 Select the server from the Select DNS Server drop-down menu.
4 Modify the Starting Date and Ending Date in the appropriate fields, if you
want to filter the Audit Period.

The following date formats are accepted:
mm-dd-yyyy
mm/dd/yyyy
mm.dd.yyyy
mm dd yyyy
mmm dd yyyy
mmddyyyy
m-d-yyyy
m/d/yyyy
m.d.yyyy
m d yyyy
mmm d yyyy
m-d-yy
Setting Up 105

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
m/d/yy
m.d.yy
m d yy
mmm d yy
where yy represents the last two digits of the year and mmm the first three
letters of the name of the month, for example Jan, Feb etc.
5 Click OK.
This opens the DNS Audit Trail Log table that lists the following data:
Entry Time: Date and time the event occurred.
Type: Type of event.
IP Address: IP Address at which the event occurred.
Domain Name: Domain Name at which the event occurred.
6 To define a view filter on the Audit Trail Log, click the Display Options
button.
You can now filter events on the following parameters:
Start Date: to set a start date for monitoring the DNS audit trail.
End Date: to set an end date for monitoing the DNS audit trail.
Agent Ready. The SNMP (Simple Network Mail Protocol) agent is

ready to receive or transmit requests.
Query Received. The DNS server acknowledges the receipt of a

query by making an entry in the log file.
Query Forwarded. The DNS server forwards a query to a client or

another DNS server.
Response Received. The DNS server responds to a query from a

client or another DNS server.
Viewing the DNS Event Log


2 Select Event Log from the drop-down menu > Click OK to open the DNS
Event Log window.


103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

mm-dd-yyyy
mm/dd/yyyy
mm.dd.yyyy
mm dd yyyy
mmm dd yyyy
mmddyyyy
m-d-yyyy
m/d/yyyy
m.d.yyyy
m d yyyy
mmm d yyyy
m-d-yy
m/d/yy
m.d.yy
m d yy
mmm d yy
5 Click OK.
This opens the DNS Event Log table that lists the following data:
Entry Time: Date and time the event occurred.
Severity: Severity of the event - critical, major, warning and

informational.
State: State of the server - operational, degraded and inoperative.
Description: Description of the event that occurred.
6 To define a view filter on the DNS Event Log, click the Display Options
button.
Start and end date settings regulate the time recorded by the event
logger.
Setting Up 107

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Severity options define which event levels are recorded: critical,

major, warning, and informational.
State settings define the condition of events recorded: operational,

degraded, and inoperative.
Configuring DHCP Auditing

You can configure a DHCP server for auditing using the Audit Trail and Alerts
Option.
To configure a DHCP server to audit activities, complete the following steps:

Modify DHCP Server window.

3 Select the DHCP Server from the Select DHCP Server Name drop-down
menu.
4 Click OK > Next > and check the Enable Audit Trail Log check box.
5 Click OK.
Viewing the DHCP Audit Trail Log


2 Select Audit Trail Log from the drop-down menu > click OK to open the
DHCP Server Audit Trail Log window.


mm-dd-yyyy
mm/dd/yyyy
mm.dd.yyyy
mm dd yyyy
mmm dd yyyy
mmddyyyy

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
m-d-yyyy
m/d/yyyy
m.d.yyyy
m d yyyy
mmm d yyyy
m-d-yy
m/d/yy
m.d.yy
m d yy
mmm d yy
5 Click OK.
This opens the DHCP Audit Trail Log table that lists the following data:
Entry Time
IP Address
Type
Status
Host name
Hardware Address
Client ID
Lease Type
6 To define a view filter on the DHCPAudit Trail Log, click the Display
Options button.
Start Date: to set a start date for monitoring the DHCP audit trail.
End Date: to set an end date for monitoring the DHCP audit trail.
Transaction Type: manual, dynamic, automatic, exclusion,

unauthorised or IPCP, and Fix Host Dynamic.
Setting Up 109

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Viewing the DHCP Event Log


2 Select Event Log from the drop-down menu > click OK to open the
DHCP Event Log window.

3 Select the server from the Select DHCP Server drop-down menu.

mm-dd-yyyy
mm/dd/yyyy
mm.dd.yyyy
mm dd yyyy
mmm dd yyyy
mmddyyyy
m-d-yyyy
m/d/yyyy
m.d.yyyy
m d yyyy
mmm d yyyy
m-d-yy
m/d/yy
m.d.yy
m d yy
mmm d yy
5 Click OK.
This opens the DHCP Event Log table that lists the following data:
Entry Time: Date and Time the event occurred.
Severity: Severity of the event (critical, major, warning and

informational).
State: State of the server (operational, degraded, and inoperative).
Description: Description of the event that occurred.

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
6 To define a view filter on the DHCP Events Log, click the Display
Options button.
Start Date: to set a start date for monitoring the DHCP Event Log.
End Date: to set an end date for monitoring the DHCP Event Log.
Severity defines the severity level of the event: critical, major,

warning, and informational.
State settings define the condition of events recorded: operational,

degraded, and inoperative.
NAMED Command Line Options

To start a DNS server, enter the following command at the server console
prompt:
LOAD NAMED
The command line parameters listed in the following table are also supported.
Table 9
NAMED Command Line Options

Parameter
Function
-a
Turns on auto-detect of new zones (default

setting)
-b
Turns off auto-detect of new zones
-f <scrpt.txt> [context]
Creates multiple zones using a text file in BIND

bootfile format; specifying context enables
zones to be created anywhere in the eDirectory
tree
-h
Displays help information
-l
Enables a DNS server to login as an

administrator to acquire rights required to create
and delete zones from the command line
-m <file.dat> [context]
Imports file.dat and creates a new primary zone;

specifying context enables zones to be created
anywhere in the eDirectory tree
Setting Up 111

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Function
-q
Disables verbose mode for debug messages

(default setting)
-r <zone name>
Deletes and removes an existing zone from the

zone database
-rp <characters>
Replaces listed characters with a dash (-) in host

names for which resource records are
dynamically created
-s [zone name]
Prints status information; zone name is optional
-u <file.dat>
Imports file.dat and updates the contents of a

previously created zone
-v
Enables verbose mode for debug messages
-zi <zone name>
Forces named zone for zone-in transfer
You can issue the LOAD NAMED command repeatedly to invoke different
command line options. The NAMED.NLM software is loaded only on the first
instance.
DHCPSRVR Command Line Options

To start a DHCP server, enter the following command at the server console
prompt:
LOAD DHCPSRVR
The command line parameters listed in the following table are also supported.
Table 10
DHCPSRVR Command Line Options

Parameter
Function
-d1
Turns on a background screen log of DHCP

packets
-d2
Turns on a background screen log of Debug

statements and DHCP packets

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Function
-d3
Turns on a background screen log of Debug

statements and DHCP packets and writes the log to
the server's \ETC\DHCPSRVR.LOG file
-h
Displays command line syntax
-py
Specifies the global polling interval in y minutes
-s
Forces server to read from and write to the master

replica
Setting Up 113

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38

103-000164-001
September 4, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
Optimizing
You can optimize the performance of Novell DNS/DHCP Services software
by using state-of-the-art servers. We highly recommend that you use a server
with a 200 MHz (or higher) Pentium* processor with 64 MB of memory. If
your network configuration is large, more memory might provide improved
performance.
For optimum performance, the designated server should be the most powerful
server available. The designated server is the only server in a given tree that
performs Dynamic DNS updates and zone transfers of secondary zone
information.
The I/O subsystem of the servers can also be an issue for server performance.
If you use both DNS and DHCP functions of Netware 6, you will increase
the number of eDirectoryTM objects and thereby increase the disk space
requirements of your SYS: volume.
Because the DNS and DHCP servers cache the required eDirectory data from
disk into system memory, access to this information is not slowed.
Optimizing DNS Performance

Although there is no limit to the size of a zone when you configure DNS, we
recommend that you limit the size of any zone to no more than 5,000 objects.
If you have a zone with more than 5,000 objects, dividing the objects between
two zones will improve performance.
Optimizing DHCP Performance

Although there is no limit to the size or number of subnets when you configure
DHCP, we recommend that you limit the number of objects within a single
Optimizing 115

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
subnet to no more than 2,048. A Novell DHCP server can support several large
subnets in a DHCP-only configuration. However, the higher the number of IP
Address objects supported, the greater the impact on DHCP server run-time
performance.

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Managing
This document provides information about installing and using the DNS/
DHCP Management Utility to perform management tasks.
DNS/DHCP Management Utility

The DNS/DHCP Management Utility is a Web-based utility that enables
network administrators to set up and manage DNS (DNS Service) and DHCP
(DHCP Service) and the eDirectoryTM objects created for DNS and DHCP.
IMPORTANT: Before you can use the DNS/DHCP Management Utility, the
eDirectory schema must be extended to create the DNS/DHCP Group and Locator
objects and to create the RootSrvrInfo zone. The eDirectory schema is extended
when you activate Novell DNS/DHCP Services from the Customize Server
window during the installation of Netware 6.
The DNS/DHCP Management Utility provides the following management

functions from the browser workstation:
Importing and exporting configuration to and from eDirectory
Creating, updating, reading, or browsing configuration information
Viewing DNS and DHCP server status, events, and alerts
After the software installation, existing DNS information is converted to
master file format and can be imported to the server where Netware 6 has been
installed. You must use the DNS/DHCP Management Utility to import any
existing DHCP information. If you have no existing configuration information
to import, you must use the DNS/DHCP Management Utility to create the
necessary objects to support your network. If you have imported configuration
information, use the DNS/DHCP Management Utility to create the DNS and
DHCP server objects prior to operation.
Managing 117

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Installing the DNS/DHCP Management Utility

Prerequisites
Hardware Requirements
Pentium II processor. Pentium III recommended.

SVGA display
256 MB of RAM (minimum)
50 MB DOS partition (minimum). 1GB recommended.
50 MB of available disk space (minimum). 1GB recommended.
SYS volume of size 2 GB (minimum); 4 GB default.
Software Requirements
Novell Netware 6
iManage
Internet Explorer 5.0 and above
Launching the DNS/DHCP Management Utility

To launch the DNS/DHCP Management Utility, complete the following steps:
1 Open Internet Explorer from any machine running Windows 95/98/NT/
2000.
2 Type the following URL in the address bar of the Internet Explorer
window:
https:\\xxx.xxx.xxx.xxx:2200\eMFrame\iManage.html
where xxx.xxx.xxx.xxx is the IP Address of the Netware machine.
3 To login to the DNS/DHCP Management Utility, enter the following
details:
- username
- eDirectory context
- password
- eDirectory tree
4 Click the Roles and Tasks icon in the taskbar.

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The DNS/DHCP Management Utility roles appear in the left pane.

To manage DNS services, click DNS Management and choose from the
available options.
To manage DHCP services, click DHCP Management and choose from
the available options.
Using the DNS/DHCP Management Utility

You must have sufficient rights to use the DNS/DHCP Management Utility.
All network administrators must have Read and Write rights to the container
where the DNS/DHCP Locator and Group objects are located.
Administrators also must have Read and Write rights to the specific containers
they manage. For example, if your company has offices in Chicago,
Washington, and Providence, all administrators would require Read and Write
rights to the container storing the Locator and Group objects. However, the
administrator in Chicago would require Read and Write rights only to the
Chicago part of the tree for the following objects:
DNS and DHCP server objects
DNS Zone object
Subnet container object
Subnet Pool object
It might be convenient to create an eDirectory group object for administrators
and grant that object the necessary rights.
Managing DNS
Managing DNS is managing primary and secondary zones. When beginning
configuration, it might be better to import the data, especially if you have a
large zone. Doing so reduces the chances of error.
If you are using Dynamic DNS (DDNS), when a client receives an address
assignment from the DHCP server, a request is made to update eDirectory. The
only way to override DDNS is by using the DNS/DHCP Management Utility.
After you have installed and configured your zones, you must still use the
DNS/DHCP Management Utility to assign a DNS server to service the zones.
Managing 119

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Managing DHCP
After configuring your DHCP servers and beginning to provide DHCP
services, you can also perform auditing or generate SNMP traps.
Deciding which DHCP options to use depends on your implementation. Refer
to DHCP Options on page 43 for information about available DHCP and
BOOTP options.
Managing DDNS is complicated because each Subnet Address Range type
requires a different configuration. Each type's configuration requirements are
described later in this chapter.
It is important to understand the difference between static (or manual) and
dynamic address assignment. If you use static address assignment, you must
use the DNS/DHCP Management Utility to assign permanent IP addresses to
the clients in your tree. If you are using dynamic address assignment, the
DHCP server assigns the address to a client when it starts.
You can deny address assignment to clients based on hardware address-based
exclusion.
Events and Alerts

You can configure the DNS and DHCP servers to maintain a history of server
activity in the events log. Events are activities that are considered significant,
such as the loading or unloading of the server or problems the server
encounters. The events logged depend on the parameters set on the server.
You can configure DNS and DHCP servers to log major events, all events, or
none (the default).
Event logs can be saved for future reference. When you are logging events, it
is important to pay attention to the event log size. Event logs grow rapidly,
especially if you are experiencing or researching problems. Event logs should
be maintained or purged regularly to control the amount of disk space used.
You can launch the CSAUDIT management utility by typing CSAUDIT at the
server console.
Refer to Configuring for Auditing on page 104 for information about
configuring event logging and viewing the event logs.

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Auditing Server Activity

The audit trail log records a history of activity logged by DNS and DHCP
servers. You can use the Audit Trail log to diagnose network trends. A DNS
audit trail would include a history of DNS queries and the hosts requesting
them. A DHCP audit trail would include a history of address assignments,
including which host had an address during a given period of time and a list
of addresses that had already been in use when pinged.
Refer to Configuring DNS Auditing on page 105 for information about
configuring a DNS server for auditing. Refer to Configuring DHCP
Auditing on page 108 for information about configuring a DHCP server for
auditing.
Managing 121

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38

103-000164-001
September 4, 2001
Novell Confidential
July 17, 2001
Manual
99a
July 17, 2001
38
Troubleshooting
This chapter contains troubleshooting information for DNS and DHCP.
DNS
This section provides the following troubleshooting information for DNS:
Common Configuration Problems on page 124
Common Operational Problems on page 125
Troubleshooting Windows 95 TCP/IP Problems on page 128
Using the "-F" Command Line Option for DNIPINST.NLM on page
134
Server Access to DNS/DHCP Locator Object Not Required on page
134
If you experience problems related to DNS or TCP/IP, you can use the
following steps to begin troubleshooting.
1. Run the WINIPCFG utility to determine your IP address, then ping your
address from a functioning client.
If you do not receive a response, your client's TCP/IP stack is not
functioning. One of the following problems might be the cause:
The client's TCP/IP stack might be incorrectly configured.
The client did not receive an IP address from DHCP properly.
Troubleshooting 123

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The IP address is already in use by another client.

2. Ping an IP address on your local network.
If this approach fails, one of the following conditions might be the cause:
The client you pinged is not operational.
The LAN is experiencing problems.
Your client's TCP/IP stack is experiencing problems.
3. Ping an address on a different network or on the internet.
If this approach fails but the preceding steps were successful, the problem
is probably related to your router or your client's default router. If you are
using DHCP, the default router configured for the DHCP server for each
client is probably incorrectly configured.
4. Verify name resolution within your network. Ping a domain name within
your company's network.
If this approach fails, the default DNS server configured for your TCP/IP
stack is invalid, or the DNS server is not functioning. If you are using
DHCP, the DNS server that is configured on the DHCP server is not
properly configured.
5. Verify name resolution through the internet. Ping a host on the internet,
such as novell.com.
If this approach fails, your company's DNS server (that forwards DNS
requests to the Internet) is not functioning, or the Internet DNS server to
which your DNS server forwards requests is not functioning.
Common Configuration Problems

If you experience problems with DNS, check the following configuration
problems.
1. Check the consistency of glue records that are shared between parent and
child zones. Make sure that Name Server (NS) and Address (A) records
within the parent zone match those in the child zone.
2. Keep the IP addresses of the root name servers configured in the
RootServerInfo zone updated. Changes to this information are not
automatically propagated through a domain; you must enter them
manually. The most recent update of root name server information is
available through FTP at ftp://rzs.internic.net/domain/named/root.

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
3. Verify consistency between Pointer records in the IN-ADDR.ARPA

domain and other domains.
4. If you change the IP address of a name server, ensure that the parent zone
reflects that change.
5. Verify that you have configured a name server to correctly serve every
zone.
6. Verify that zone transfers are occurring properly. Ensure that the
secondary name server can identify the primary name server.
7. If you cannot access a particular host, verify that PTR records exist. When
you create a zone, always select Yes when prompted to create a
companion zone. If you created a companion zone, verify that the IP
address and hostname are correct.
Common Operational Problems

Internet RFC 1912 provides information about common operational errors
found in both the operation of DNS servers and the data the DNS servers
contain. The following list describes the most common operational errors that
occur.
ProblemHosts cannot access a particular system. You changed the IP
address for this system recently, but the secondary name server has not yet
been updated.
CauseThe Start of Authority (SOA) record's serial number was not
properly incremented. Without the serial number increment, the
secondary name server does not recognize when a change has been made.
This is usually not a problem with eDirectoryTM-based DNS because the
serial number is incremented automatically. With UNIX systems, failure
to increment the serial number is the most common cause of DNS errors.
The secondary server does not automatically test for changes in the SOA
record. Any changes in the SOA record must be accompanied by a change
in the SOA record serial number.
SolutionDo not change the SOA record serial number manually with
eDirectory-based DNS. If the primary server is not eDirectory-based, you
might need to change the serial number manually for the secondary server
to recognize that a change has occurred.
ProblemYou cannot access a particular host.
Troubleshooting 125

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Cause 1When you created a new zone, the PTR records were not
created or the PTR records have been deleted or changed.
Solution 1When you configure a zone, always select Yes when
prompted to create a companion zone. If you created a companion zone,
verify that the IP address and hostname are correct. Checkers can easily
catch neglected PTRs. For further information, refer to RFCs 1537 and
1713.
Cause 2The host is down or is unreachable.
Solution 2Use PING to locate the connectivity problem. If the problem
exists in your domain, make the necessary repairs to restore connectivity.
Cause 3The name server for that domain is not configured with
information for the host.
Solution 3Configure the name server for that domain with information
for the host.
ProblemYou cannot access a host in a different domain using its
domain name, but you can access it using its IP address.
CauseThe IP address or CNAME alias entry of the host's primary or
secondary name server was changed, but the parent domain was not
informed of the change. The address information in the glue record
maintained by the parent domain has become invalid. Another possible
cause is that the original address information in the glue record for the
local zone is invalid or missing.
SolutionWhen you configure a new zone, always enter the IP address
when prompted. Verify that all parent zones have the same address
information.
ProblemNonlocal hosts cannot find the primary domain server for a
subdomain and, therefore, cannot access hosts in that subdomain.
CauseThe IP address of a subdomain's primary server does not match
the hostname and IP address configured in the parent domain for the
subdomain's primary server.
SolutionVerify that the hostname and IP address for the subdomain's
primary server configured in the parent domain is valid and matches the
information configured in the subdomain.
ProblemA particular host cannot access other hosts.
CauseThe resolv.cfg file (or equivalent) of the host does not contain the
correct domain name or name server address.

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
SolutionEnter the correct domain name or name server address in the

hosts's resolv.cfg file (or equivalent).
ProblemHosts cannot access an entire external domain.
Cause 1The root name server information is invalid; therefore, the root
servers are unreachable. For non-eDirectory systems running DNS,
changes to this information are not automatically propagated through a
domain; you must enter the changes manually.
Solution 1Verify that the IP addresses of the root name servers
configured in the RootServerInfo zone are correct. The most recent
update of root name server information is available through FTP at ftp://
rzs.internic.net/domain/named/root.
Cause 2The hostname or IP address was not resolved because the
delegation to the zone is incorrect.
Solution 2Configure the correct hostname or IP address information
for the zone in eDirectory.
Cause 3The hostname or IP address was resolved to the wrong value.
Solution 3Change the hostname or IP address information for the zone
to the correct value in eDirectory.
Cause 4The name server information of the primary name server of the
domain is incorrect or missing in the root name servers.
Solution 4Verify that the domain is properly registered with the
INTERNIC, the organization that configures the name server information
of the domain.
Cause 5The name server for the domain is down or is unreachable.
Cause 6The root name server for the domain is down or is unreachable.
Cause 7You do not have sufficient rights to access the zone.
Solution 7Contact the network administrator for the zone and obtain
sufficient rights to access the zone.
Problem: After you create or modify a Resource Record object, the
change is not reflected in the server cache and the zone transfer fails.
Troubleshooting 127

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Cause 1: The Zone SOA serial number is not automatically updated after
the modification is made.
Solution 1: After you modify the Resource Record, change the Zone SOA
serial number manually.
Cause 2: The server cache is not atomically refreshed after modifications
are made.
Solution 2: Unload the NAMED.NLM module and reload it to refresh the
DNS server settings.
Problem: The client is not assigned an IP address.
Cause: The DHCP Server object is not properly configured.
Solution: Make sure you have created the DHCP Server object, at least
one Subnet object, and one Subnet Address Range object. Verify that
when you load the DHCP Server module, DHCPSRVR.NLM, a message
from the Netware system console indicates that the IP database is loaded.
Troubleshooting Windows 95 TCP/IP Problems

This section provides assistance for those troubleshooting TCP/IP problems
on Windows 95* clients. You should have a basic understanding of TCP/IP
and how it is configured for Windows 95.
Using WINIPCFG
The WINIPCFG utility displays a client's current TCP/IP configuration. To

execute this utility, click Start > Run, enter winipcfg , and click Enter.
If the client's IP address was statically assigned and configured, the
information that was entered under TCP/IP Protocols in the control panel's
Network settings is displayed.
If the client was configured to obtain an address using DHCP, the information
displayed was received from the DHCP server that assigned the IP address.
WINIPCFG provides the following information about the client:
Network adapter address
Assigned IP address
Subnet mask
Default gateway (default router)

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Hostname
DNS Server
If the client has obtained an address from a DHCP server, click More Info to
identify the DHCP server, when the lease began, and when it expires. Four
additional buttons provide the following functions:
RenewSends a DHCPREQUEST to the DHCP server, updates the
lease, and updates any assigned values such as a default gateway or DNS
server.
ReleaseSends a DHCPRELEASE to the DHCP server indicating that
the client is giving up its IP address and that the server is free to assign
that address to another client.
Renew AllSends a DHCPREQUEST to all network interfaces to which
the Windows 95 client is configured.
Release AllSends a DHCPRELEASE to all network interfaces to
which the Windows 95 client is configured.
If you want another IP address to be assigned to the client, select RELEASE,
then select RENEW.
Using PING
PING is the most basic utility available to test, verify, and troubleshoot TCP/
IP connectivity within a network. PING sends an ICMP packet to a specific
host with a small amount of data and expects that host to respond with the
same data packet. If you receive a response, both TCP/IP and connectivity
between the two hosts are operational. If you do not receive a response, one of
the following conditions exists:
The host is not up.
A router between the connections is not up.
The client's TCP/IP stack is not functioning.
To run PING, from a DOS prompt enter the command followed by a hostname
or IP address, such as the following:
C:\> ping www.novell.com >
If TCP/IP is operational and connectivity exists between the hosts, you will
receive the following type of response:
Troubleshooting 129

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Pinging www.novell.com [137.65.2.5] with 32 bytes of

data:Reply from 137.65.2.5: bytes=32 time=27ms
TTL=59Reply from 137.65.2.5: bytes=32 time=22ms
TTL=59Reply from 137.65.2.5: bytes=32 time=31ms
TTL=59
If you use the IP address of the host, you will receive the same type of reply.
Using the host's domain name is a good way to determine the host's IP address,
and doing so also causes the client to request DNS name resolution before
sending the ICMP packet. This approach is an excellent way to determine if
DNS name resolution is working. If it is not working, you will receive a
message such as the following:
Unable to resolve www.novell.com.
If DNS name resolution is not working, one of the following conditions might
be the cause:
The DNS server or DNS domain name is not configured properly on the
client.
If using DHCP, the DNS server and/or domain name are not properly
configured on the DHCP server.
The DNS server to which you send DNS name resolution requests is not
functioning.
The PING command has the following syntax:
ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [v TOS] [-r count] [-s count] [[-j host] | [-k hostlist]] [-w timeout] destination list
Table 11, PING Options, on page 130 explains the use of the PING options.
Table 11
PING Options
Option
Meaning
-t
Ping specified host until interrupted
-a
Resolve addresses to hostnames
-n count
Number of echo requests to send
-l size
Send buffer size

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Option
Meaning
-f
Set Don't Fragment flag in packet
-i TTL
Time-To-Live value
-v TOS
Type of service
-r count
Record route for count hops
-s count
Time stamp for count hops
-j host-list
Loose source route along host-list
-k host-list
Strict source route along host-list
-w timeout
Timeout in milliseconds to wait for

each reply
NOTE: You can find unauthorized addresses in an exported DHCP configuration
by searching for IP Address objects with an Assignment Type value of 32. Use
FIND in a text editor to quickly identify addresses that have been marked as
unauthorized.
Using TRACERT
TRACERT can be very useful when you are resolving network-wide TCP/IP
problems. TRACERT traces the route to a specific host and displays all hops
that occur to search for the target host.
To run TRACERT, from a DOS prompt enter the command followed by a
hostname or IP address, such as the following:
C:\> tracert www.novell.com
The TRACERT command has the following syntax:
tracert [-d] [-h maximum_hops] [-j host-list] [-w
timeout] target_name
Table 12, TRACERT Options, on page 132 explains the use of the
TRACERT options.
Troubleshooting 131

103-000164-001
September 4, 2001
Novell Confidential
Manual
Table 12
99a
38
July 17, 2001
TRACERT Options
Option
Meaning
-d
Do not resolve addresses to host

names
-h maximum_hops
Maximum number of hops to search

for target
-j host-list
Loose source route along host-list
-w timeout
Timeout in milliseconds to wait for

each reply
Using ARP
ARP is an advanced utility that should be used only by those who have a
detailed understanding of TCP/IP and must troubleshoot complex problems.
The ARP command enables you to display and modify the ARP cache of a
client.
Following are three examples of use of the ARP command:
ARP -s inet_addr eth_addr [if_addr]ARP -d inet_addr
[if_addr]ARP -a [inet_addr] [-N if_addr]
Table 13, ARP Options, on page 132 explains the use of the ARP options.
Table 13
ARP Options
Option
Meaning
-a
Displays current ARP entries by interrogating the current protocol data. If

inet_addr is specified, the IP and physical addresses for the specified host are
displayed.
-g
Displays current ARP entries by interrogating the current protocol data. If

inet_addr is specified, the IP and physical addresses for the specified host are
displayed.
inet_addr
Specifies an Internet address.
-N if_addr
Displays the ARP entries for the network interface specified by if_addr.
-d
Deletes the host specified by inet_addr.

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Option
Meaning
-s
Adds the host and associates the internet address inet_addr with the physical
address eth_addr. The physical address is given as six hexadecimal bytes
separated by hyphens. The entry is permanent.
eth_addr
Specifies a physical address.
if_addr
If present, specifies the Internet address of the interface whose address

translation table should be modified. If not present, the first applicable
interface is used.
Using NETSTAT
NETSTAT is an advanced utility that should be used only by those who have
a detailed understanding of TCP/IP and must troubleshoot very complex
problems. NETSTAT displays protocol statistics and current TCP/IP network
connections.
The NETSTAT command has the following syntax:
NETSTAT [-a] [-e] [-n] [-s] [-p proto] [-r]
[interval]
Table 14, NETSTAT Options, on page 133 explains the use of the NETSTAT
options.
Table 14
NETSTAT Options
Option
Meaning
-a
Displays all connections and listening ports, but not those of the server side.
-e
Displays Ethernet statistics. This might be combined with the -s option.
-n
Displays addresses and port numbers in numerical form.
-p proto
Shows connections for the protocol specified by proto (either TCP or UDP). If
used with the -s option to display per protocol statistics, proto can be TCP,
UDP, or IP.
-r
Displays the contents of the routing table.
-s
Displays per protocol statistics. By default, statistics are shown for TCP, UDP,
and IP. The -p option can be used to specify a subset of the default.
Troubleshooting 133

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Option
Meaning
interval
Redisplays selected statistics, pausing interval seconds between each

display. Press Ctrl+C to stop redisplaying statistics. If omitted, NETSTAT
prints the current configuration information once.
If you suspect that a LAN card is malfunctioning, use the -e option while
troubleshooting. The -e option displays Ethernet statistics, including discards
and errors.
The -a option provides a detailed display of the active TCP connections of the
port number and network host communicating with that port. This information
is useful when you are attempting to relate TCP port numbers of the various
servers with which the client is communicating.
Using the "-F" Command Line Option for DNIPINST.NLM

DNIPINST.NLM is a backup method of extending the schema and creating
the DNS/DHCP Locator and Group objects and the RootSrvrInfo zone.
DNIPINST.NLM can be used if problems occurred during the Netware 6
installation process. Most administrators will not need to use this NLM.
You can use the "-F" command line option in the DNIPINST.NLM to re-create
the DNS/DHCP configuration objects if the initial attempt to set up Novell
DNS/DHCP Services fails during the configuration object creation stage.
When a failure occurs during the object creation phase, we recommend that
you delete the DNS-DHCP (DNS/DHCP Locator), DNSDHCP-GROUP
(DNS/DHCP Group), and the RootSrvrInfo objects (if they have been
created), then use DNIPINST.NLM with the "-F" flag. When the "-F"
command line option is specified, an initial console message confirms the
action and the eDirectory login window appears. After a successful login, the
object eDirectory context query window is displayed. You can enter the data
and create the objects. If a schema extension error occurs, execute
DNIPINST.NLM in the regular mode.
Server Access to DNS/DHCP Locator Object Not Required

The requirement that the DNS and DHCP servers always have access to the
DNS/DHCP Locator object has been relaxed.
The DHCP server can load without having access to the DNS/DHCP Locator
object. However, the first time the server loads it requires access to the DNS/

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
DHCP Locator object to obtain a copy of any global configuration from the
object. The DHCP server saves a copy of the global configuration in
SYS:\ETC\DHCP\DHCPLOC.TAB.
In subsequent loads, the DHCP server will try to obtain the global
configuration information from the DNS/DHCP Locator object. If the
information is not available, the DHCP server will read the information from
the last saved copy of SYS:\ETC\DHCP\DHCPLOC.TAB. Each time the
DHCP server loads and the DNS/DHCP Locator object is available, the
DHCP server updates the DHCPLOC.TAB file.
The DNS server also does not require access to the DNS/DHCP Locator
object. It has been enhanced to require access to the DNS/DHCP Locator
object only if the NAMED command line arguments are specified to create
zones in eDirectory. The DNS server no longer requires access to the
RootSrvrInfo zone stored in eDirectory. The DNS server now first tries to find
the RootSrvrInfo zone in eDirectory, but if it is not available, the DNS server
uses the copy of the information found in SYS:\ETC\DNS\ROOTSRVR.DAT.
DHCP
This section provides the following troubleshooting information for DHCP:
Common Operational Problems on page 136
Releasing and Renewing DHCP Addresses on page 139
1. Verify that IP hosts with DHCP-assigned parameters operate the same as
when you manually configured them.
If an IP host does not operate the same as when it was manually
configured, verify that the parameters assigned by DHCP are the same as
those when the host was manually configured.
If a node is intermittently inoperable, verify that the node is not using the
same IP address as another IP host. If a duplicate IP address exists, verify
that there is only one DHCP server for the subnet. Also verify that the IP
addresses assigned by the DHCP server are not being used by manual
nodes.
2. Verify that all DHCP hosts can obtain a DHCP lease when required.
Troubleshooting 135

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If DHCP hosts cannot obtain a DHCP lease when required, verify that
enough leases exist to accommodate all hosts that use DHCP. If there are
too few leases, obtain more IP addresses and configure more leases or
reduce the lease time to a few hours. This ensures that more leases are
made available to other clients that are waiting to use the IP addresses.
If a Windows 95 client cannot acquire a lease and responds with the
messageUnable to obtain an IP network address the
client requires a longer timeout. This problem might occur when the
client and DHCP server are separated by one or more routers. To increase
the timeout for Windows 95 clients, obtain a patch from Microsoft. The
patch is dated 2/12/96 and includes a file named VDHCP.386. The patch
itself is named DCHCPUPD.EXE.
3. Verify that the number of leases available for clients does not decrease
when you are using mobile clients.
If the number of leases available for clients decreases when you are using
mobile clients, verify that the mobile clients' lease is released when the
client connects from a remote office or that the mobile client can use the
same lease and the same IP address at the new location.
If the remote office is on a subnet different from that of the local
office and the subnet is serviced by a different DHCP server, verify
that the lease is released by the first server within a reasonable
amount of time after the mobile client moves to the remote office. If
the lease is not released quickly enough, reduce the lease time.
office and the subnet is serviced by the same DHCP server, verify
that the IPAssignmentPolicy attribute of the DHCP server object in
eDirectory is set to DELETE_DUPLICATE. This ensures that only
one lease is in use at a time because the original lease is deleted when
the mobile client requests a new lease.
If the remote office is on the same subnet as that of the local office,
the mobile client should use the same IP address. If the mobile client
does not use the same IP address, verify that there is only one DHCP
server for the subnet.
Common Operational Problems

The following list describes the most common operational errors that occur.
ProblemA node is intermittently inoperable.

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
CauseAn unauthorized DHCP server has been configured by someone

attempting to control or disrupt your network. The unauthorized DHCP
server is assigning IP addresses and other configuration parameters that
have already been assigned to other nodes by an authorized DHCP server.
The result is that nodes are assigned duplicate IP addresses or incorrect
configuration parameters. Incorrect configuration parameters can
interfere with a node's ability to communicate to the network in any
number of ways. Incorrect parameters can even be used to cause a node
to connect to a server that is controlled by an unauthorized user, thereby
allowing the unauthorized user to take control of the client.
SolutionFind the unauthorized DHCP server and disable it or
disconnect it from the network.
ProblemA Windows 95 client cannot acquire a lease and responds with
the message Unable to obtain an IP network address
CauseThe Windows 95 DHCP client has a two-second timeout for the
time between when it accepts an offer of an IP address in a message sent
to the server and the time it expects an acknowledgment of that
acceptance in a reply from the server. Other clients, such as Windows
NT*, have a four-second timeout.
SolutionObtain the DCHCPUPD.EXE patch from Microsoft that
changes the timeout on Windows 95 clients from two seconds to four
seconds. The patch is dated 2/12/96 and includes a file named
VDHCP.386.
ProblemThe use of mobile clients causes fewer leases to be available.
Cause 1The mobile clients' lease is not released when the mobile client
moves to a remote office. This can occur when the remote office is on a
subnet different from that of the local office and the remote subnet is
serviced by a different DHCP server.
Solution 1 Determine the lease time assigned to this client. If the lease
is not released quickly enough, reduce the lease time. Otherwise, have the
client manually release the old IP address before it leaves the local office.
Cause 2The mobile client uses two leases at the same time because it
cannot use the same lease and the same IP address at the new location.
Solution 2Use one of the following solutions:
office and the subnet is serviced by the same DHCP server, verify
that the IPAssignmentPolicy attribute of the DHCP server object in
Troubleshooting 137

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
eDirectory is set to DELETE_DUPLICATE. This ensures that only

one lease is in use at a time because the original lease is deleted when
the mobile client requests a new lease.
If the remote office is on the same subnet as that of the local office,
the client should use the same IP address. If the client does not use
the same IP address, verify that there is only one DHCP server for the
subnet.
ProblemClients work properly when manually configured, but some
functions do not work when using DHCP.
CauseOne or more global client parameters were not configured
properly in DHCP.
SolutionVerify that all parameters assigned by DHCP are properly
configured.
ProblemAt a site with a limited number of leases, many clients cannot
obtain a lease. The leases are not being efficiently shared by all clients
that must use them.
CauseClients are not releasing the leases when they are finished using
them because the lease time is too long.
SolutionReduce the lease time to a few hours so that leases can be made
available to other clients that are waiting to use the IP addresses.
Otherwise, you might need to purchase more IP addresses and configure
more or larger address ranges to make more IP addresses available.
ProblemIt is difficult to identify and manage network resources when
using dynamic DHCP assignments.
CauseThe IP addresses of the clients might change if you use DHCP
continually over a period of time and the lease period is set to a
reasonably low value.
SolutionUse static DHCP assignments when you want to use a specific
IP address assigned to the client for identification and management.
ProblemDHCPSRVR.NLM is loaded and the trace screen has been
activated with the -d flag, but there is no evidence of interaction between
the server and clients, and clients are not receiving IP address
assignments.
CauseThe server is not physically linked to the client's
communications media or the server did not bind its IP protocol to the
interface card, which shares physical media access with the client.

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
SolutionCheck the server's physical connections. Load INETCFG to

ensure that proper binding exists.
ProblemDHCPSRVR.NLM is loaded and the trace screen shows client
packets being received, but the server is not responding and the
REQUEST packets are dropped.
CauseThe server's configuration for its local interfaces does not match
the configuration within the Directory for the same server.
SolutionLoad INETCFG and check to see if the server has a legal IP
address on each local subnet it serves. Also check that each local subnet
is properly configured using the DNS/DHCP Management Utility.
Releasing and Renewing DHCP Addresses

When a host is powered on, it is leased an IP address for a period of time,
depending on the configuration settings of the subnet from which the address
is assigned. If the machine is moved to another network while the original IP
address lease is still valid, the user must release the lease. Other situations
might also require that a lease be released, such as the use of a laptop computer
in different locations of a given network.
Windows 95
To manually release and renew a DHCP-assigned IP address in Windows 95,

1 Select Start, then Run.
2 Type winipcfg and press Enter.
The IP Configuration dialog box is displayed.

3 Click Release All.
The IP Address, Subnet Mask, and Default Gateway fields should display
no addresses.
4 Click Renew All.
New addresses should appear in the IP Address, Subnet Mask, and

Default Gateway fields.
5 Click OK to close WINIPCFG.
Troubleshooting 139

103-000164-001
September 4, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Windows NT
To manually release and renew a DHCP-assigned IP address in Windows NT,

1 Select Start > Programs > MS-DOS Command Prompt.
2 From the DOS prompt, execute the command
ipconfig /release
A message is displayed indicating that the assigned IP address has been
successfully released.
3 From the DOS prompt, execute the command
ipconfig /renew
A message is displayed indicating the new IP address that has been
assigned.
To review DHCP settings,
4 From the DOS prompt, execute the following command to review DHCP
settings:
inconfig /all

103-000164-001
September 4, 2001
Novell Confidential
Internetwork Packet Exchange
Novell
NetWare 6
www.novell.com
I N T E R N E T W O R K PA C K E T E X C H A N G E
August 29, 2001

Novell Confidential
Manual
99a
July 17, 2001
38
Contents
About This Guide
Understanding
11
The IPX Protocol . . . . . . . . . . . . . . . . . . . . . . .

IPX Packet Structure . . . . . . . . . . . . . . . . . . . . .
IPX Addressing. . . . . . . . . . . . . . . . . . . . . . . .
Network Number . . . . . . . . . . . . . . . . . . . . .
Node Number. . . . . . . . . . . . . . . . . . . . . . .
Socket Number . . . . . . . . . . . . . . . . . . . . . .
How IPX Routing Works . . . . . . . . . . . . . . . . . . .
When a Workstation Sends an IPX Packet. . . . . . . .
When a Router Receives an IPX Packet . . . . . . . . .
When a Router Forwards an IPX Packet . . . . . . . . .
IPX Operation over WAN Links . . . . . . . . . . . . . . .
Call Types . . . . . . . . . . . . . . . . . . . . . . . . . .
Permanent Calls . . . . . . . . . . . . . . . . . . . . .
On-Demand Calls. . . . . . . . . . . . . . . . . . . . .
Routed On-Demand Calls . . . . . . . . . . . . . . . .
Routing Types . . . . . . . . . . . . . . . . . . . . . . . .
Static Routes and Services . . . . . . . . . . . . . . . . .
Watchdog Packet Spoofing . . . . . . . . . . . . . . . . .
Header Compression. . . . . . . . . . . . . . . . . . . . .
Compression Slots . . . . . . . . . . . . . . . . . . . .
Compression Packet Types . . . . . . . . . . . . . . .
IPX Route Aggregation. . . . . . . . . . . . . . . . . . . .
Introducing Aggregated Routes into NLSP. . . . . . . . . .
Consistent Use of Routers that Support Route Aggregation .
Interaction with SAP . . . . . . . . . . . . . . . . . . . . .
Metrics Used with Aggregated Routes . . . . . . . . . . . .
IPX Address Mapping Gateway . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Planning
12
13
17
17
19
20
21
21
22
23
24
25
25
25
26
27
28
30
31
32
33
34
35
36
36
36
37
41
IPX Configuration Decisions . . . . . . . . . . . .

NetWare Mobile IPX Configuration Decisions . . .
Mobile Client Driver Selection . . . . . . . . .
Planning for Efficient Use of Your Mobile Client
Deciding Where to Locate a Home Router . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Contents

103-000176-001
August 29, 2001
Novell Confidential
41
45
45
45
45
Manual
Setting Up
99a
38
July 17, 2001
51
Turning Off IPX Packet Forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

How to Turn Off IPX Packet Forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Configuring Static Routes and Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
Configuring Static Routes and Services with NIASCFG . . . . . . . . . . . . . . . . . . . . 54
Configuring Static Routes and Services with STATICON . . . . . . . . . . . . . . . . . . . 56
Configuring Watchdog Spoofing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
How to Configure Watchdog Spoofing on an Interface . . . . . . . . . . . . . . . . . . . . 66
How to Configure Watchdog Spoofing for Call Destinations. . . . . . . . . . . . . . . . . . 66
Configuring Routed or Static On-Demand Calls. . . . . . . . . . . . . . . . . . . . . . . . . . 67
How to Configure Routed or Static On-Demand Calls . . . . . . . . . . . . . . . . . . . . . 68
Configuring IPX and NCP Header Compression . . . . . . . . . . . . . . . . . . . . . . . . . 69
How to Configure IPX and NCP Header Compression on an Interface . . . . . . . . . . . . 70
How to Configure IPX and NCP Header Compression per Call Destination. . . . . . . . . . 71
Configuring NLSP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
How to Configure NLSP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
How to Change the LSP Size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
Configuring RIP and SAP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
How to Configure RIP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
How to Configure SAP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
Accepting and Advertising Services from a Network Not Listed in the Routing Information Table
82
Proxying a NetWare File Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
How to Proxy a NetWare File Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
How to Check the Proxy Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
Configuring the IPX Address Mapping Gateway . . . . . . . . . . . . . . . . . . . . . . . . . 86
Configuring IPX Route Aggregation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
Controlling the Propagation of Type 20 Packets . . . . . . . . . . . . . . . . . . . . . . . . . 89
How to Control Propagation of Type 20 Packets . . . . . . . . . . . . . . . . . . . . . . . 90
Changing the Hop Count Limit for IPX Packets . . . . . . . . . . . . . . . . . . . . . . . . . . 90
How to Change the Hop Count Limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
Balancing Traffic Loads over Equal-Cost Routes . . . . . . . . . . . . . . . . . . . . . . . . . 92
How to Balance Traffic Loads over Equal-Cost Routes . . . . . . . . . . . . . . . . . . . . 93
Configuring SPX Connection Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94
How to Configure SPX Connection Parameters . . . . . . . . . . . . . . . . . . . . . . . . 95
Setting Delay and Throughput for a Slow Link . . . . . . . . . . . . . . . . . . . . . . . . . . 95
How to Set Delay and Throughput for a Slow Link . . . . . . . . . . . . . . . . . . . . . . 97
Configuring IPX for Wireless Connectivity. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
Configuring a Home Router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
Configuring a Mobile Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
Configuring the MacIPX Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105
Configuring and Binding the Gateway Driver . . . . . . . . . . . . . . . . . . . . . . . . . 107
Restricting Gateway Service to Selected Networks . . . . . . . . . . . . . . . . . . . . . . 109

103-000176-001
August 29, 2001
Novell Confidential
Manual
July 17, 2001
38
Managing
111
Using the IPXCON Utility. . . . . . . . . . . . . . . . . .

Using the IPXPING Utility on the Server . . . . . . . . . .
Using the IPXPING Utility on the Workstation . . . . . . .
Syntax . . . . . . . . . . . . . . . . . . . . . . . . .
Parameters . . . . . . . . . . . . . . . . . . . . . . .
Example . . . . . . . . . . . . . . . . . . . . . . . .
Using the SPFCON Utility . . . . . . . . . . . . . . . . .
Main Window . . . . . . . . . . . . . . . . . . . . . .
Interfaces Window . . . . . . . . . . . . . . . . . . .
Connections Window . . . . . . . . . . . . . . . . . .
Spoofing Statistics Window. . . . . . . . . . . . . . .
Viewing NetWare IPX Configuration Information. . . . . .
Determining Whether a Remote IPX Router Is Reachable
Determining Which IPX Services Are Reachable . . . . .
Checking an IPX Network for Inactive Routers . . . . . .
Checking the IPX Routing Table . . . . . . . . . . . . . .
Checking an IPX Network for Duplicate Network Numbers
Checking an IPX Network for Duplicate System IDs . . . .
Determining Where NLSP Is Running in Your Network . .
Finding NLSP Routers with Insufficient Memory . . . . . .
Finding the Designated Router on a LAN . . . . . . . . .
Monitoring Error Counters . . . . . . . . . . . . . . . . .
Viewing the MacIPX Gateway Configuration. . . . . . . .
Viewing MacIPX Gateway Statistics . . . . . . . . . . . .
99a
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Troubleshooting
111
112
113
113
113
114
114
115
115
115
115
116
116
117
117
117
118
118
119
119
120
121
122
122
125
Troubleshooting Tools . . . . . . . . . . . . . . . . . . . . . . . . . . .
IPXCON . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
System Console Commands . . . . . . . . . . . . . . . . . . . . . .
Configuration Tips . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Troubleshooting Checkpoints . . . . . . . . . . . . . . . . . . . . . . .
IPX Checkpoints . . . . . . . . . . . . . . . . . . . . . . . . . . . .
IPX Connectivity Problems (Duplicate ID or Network Number) . . . .
NLSP Checkpoints . . . . . . . . . . . . . . . . . . . . . . . . . . .
Common Problems. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Login Times Out . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Load Balancing over IPX Is Not Working . . . . . . . . . . . . . . . .
Only One IPX Packet Is Sent and Received . . . . . . . . . . . . . .
IPXCON Counters Are Increasing (Duplicate ID or Network Number) .
Error Messages Are Displayed (Duplicate ID or Network Number) . .
NLSP Decision Process Is Running Frequently (Duplicate System ID)
Other Router Names Are Not Displayed . . . . . . . . . . . . . . . .
System Frequently Appears and Disappears on the LAN . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Contents

103-000176-001
August 29, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
125
125
126
127
127
127
129
131
131
132
133
133
133
134
135
135
135
Manual
99a
38
July 17, 2001
Multiple Systems on a LAN Become Unreachable Intermittently . . . . . . .

Connectivity Across a Point-to-Point Link Has Been Lost . . . . . . . . . . .
An NLSP Server on a LAN Cannot Be Accessed . . . . . . . . . . . . . . .
LAN Is Partitioned . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
No Communication Occurs between Two Networks. . . . . . . . . . . . . .
Services Are Inaccessible in the Area . . . . . . . . . . . . . . . . . . . . .
Number of Routes and Services on a System Shows Local Connectivity Only
Services or Routes are Fluctuating Excessively . . . . . . . . . . . . . . . .
Heavy Network-Layer Traffic Occurs on a Point-to-Point Link. . . . . . . . .
Applications Perform Poorly . . . . . . . . . . . . . . . . . . . . . . . . . .
CALLMGR Shows an IPX Circuit but IPXCON Does Not . . . . . . . . . . .
Many Systems Are Entering an Overloaded State . . . . . . . . . . . . . .
Connectivity Is Lost on Only One LAN. . . . . . . . . . . . . . . . . . . . .
NetWare Mobile IPX Client Loses Connectivity to the Server . . . . . . . . .

103-000176-001
August 29, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
138
139
140
141
142
143
144
145
146
147
149
149
150
151
Manual
99a
38
July 17, 2001
About This Guide

This guide provides the information you need to configure and manage the
Novell Internet Access Server 4.1 IPXTM routing software. In addition to
planning information, this guide provides troubleshooting tips, techniques,
and tools, as well as the symptoms of and solutions to commonly occurring
problems for the IPX components of Novell Internet Access Server 4.1.
About This Guide

103-000176-001
August 29, 2001
Novell Confidential
Manual
10

103-000176-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
Understanding
This section describes the processes and protocols that govern Internetwork
Packet ExchangeTM (IPXTM) routing in the NetWare networking
environment. In particular, it examines the mechanics of IPX packet routing
and the administration of routing and service information on an IPX
internetwork.
Each NetWare protocol plays a different role in enabling a NetWare router to
perform its tasks. Media access control (MAC) protocols and IPX provide the
addressing mechanism that delivers packets to their destination. The Routing
Information Protocol (RIP), Service Advertising Protocol (SAP), and
NetWare Link Services ProtocolTM (NLSPTM) protocols provide the means by
which routers gather routing and service information and share it with other
routers on an internetwork.
Although the NetWare Core ProtocolTM (NCPTM) software does not play a
direct role in routing, it does provide session control and packet-level error
checking between NetWare workstations and routers. Similarly, the
Sequenced Packet ExchangeTM (SPXTM) protocol neither routes packets nor
advertises service information, but guarantees delivery of each packet to its
destination.
Figure 1 on page 12 shows how the NetWare protocols correspond to the Open
Systems Interconnection (OSI) reference model. Because this model
represents only a basic framework for networking functionality, not all
NetWare protocols fit neatly into a single functional layer.
Understanding

103-000176-001
August 29, 2001
Novell Confidential
11
Manual
Figure 1
99a
38
July 17, 2001
How NetWare Protocols Correspond to the OSI Reference Model
Application
Presentation
NetBIOS
Applications
Session
NetWare
Applications
SAP
NCP
NetBIOS
Transport
Network
SPX
IPX
Data Link
NLSP
RIP
MAC Protocols
(Ethernet, token ring, ARCnet*)
Physical
The higher-level protocols (NetBIOS, SAP, NCP, SPX, NLSP, and RIP) rely
on the MAC protocols and IPX to handle lower-level communications, such
as node addressing. With the exception of NetBIOS, NCP, and SPX, each of
these protocols plays a role in the operation of IPX routing.
The IPX Protocol

Novell adapted IPX from the Xerox* Network System (XNS*) Internet
Datagram Protocol (IDP). IPX is a connectionless datagram protocol.
Connectionless means that when a process running on a particular node uses
IPX to communicate with a process on another node, no connection between
the two nodes is established. Thus, IPX packets are addressed and sent to their
destinations, but there is no guarantee or verification of successful delivery.
Any packet acknowledgment or connection control is provided by protocols
above IPX, such as SPX. Datagram means that each packet is treated as an
individual entity, having no logical or sequential relation to any other packet.
As shown in Figure 1, IPX operates at the OSI Network layer. As a Networklayer protocol, IPX addresses and routes packets from one location to another
on an IPX internetwork. IPX bases its routing decisions on the address fields
in its header and on the information it receives from RIP or NLSP. IPX uses
this information to forward packets to their destination node or to the next
router providing a path to the destination node.
12

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
For more information about the IPX protocol, refer to

IPX Packet Structure on page 13
IPX Addressing on page 17
How IPX Routing Works on page 21
IPX Packet Structure

The IPX packet is similar to an XNS IDP packet and comprises two parts:
A 30-byte IPX header, which includes the network, node, and socket
addresses for both the destination and the source
A data section, which often includes the header of a higher-level
protocol, such as SPX
The minimum IPX packet sizeexcluding the MAC headeris 30 bytes
(IPX header only). Historically, the maximum size of routed IPX packets has
been 576 bytes (IPX header and data). Until recently, all routed IPX packets
were between 30 and 576 bytes. However, the IPX protocol has always
allowed packet sizes up to 65,535 bytes.
NOTE: Media constraints typically limit the actual maximum packet size allowed to
something less than 65,535 bytes. Ethernet II packets, for example, are limited to
a data size of 1,500 bytes, not including the MAC header.
The IPX header is placed after the MAC header and before the data. Figure 2
on page 14 shows the structure of an IPX packet.
Understanding

103-000176-001
August 29, 2001
Novell Confidential
13
Manual
Figure 2
99a
38
July 17, 2001
IPX Packet Structure
IPX Packet
Checksum (2 bytes)
Packet Length (2 bytes)
Transport Control (1 byte)
MAC Protocol Envelope
Packet Type (1 byte)
MAC Header
Destination Network (4 bytes)

Destination Node (6 bytes)
Destination Socket (2 bytes)
Data
Source Network (4 bytes)

Source Node (6 bytes)
MAC Trailer
Source Socket (2 bytes)

Higher-Level Protocol Headers
Data
The following describes the IPX packet fields:

Checksum Packet integrity check.
The checksum is used by the NetWare SFTTM IIITM software and NetWare
4 software. Older versions of NetWare did not use the IPX checksum and
required that this field be set to 0xFFFF.
Packet Length Length, in bytes, of the complete packet, which is the
length of the IPX header plus the length of the data.
The packet length is at least 30 bytes (for the IPX header).
Transport Control Number of routers a packet has traversed on the way
to its destination.
IMPORTANT: On a traditional, RIP-based IPX router, IPX packets whose
Transport Control field reaches a value of 16 are discarded. With NLSP, an IPX
packet can travel up to 127 hops to reach its destination. You make this possible
by setting the Hop Count Limit parameter from the Novell Internet Access Server
Configuration utility (NIASCFG). This enables you to limit the number of routers
(hops) an IPX packet traverses before it is discarded.
14

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Sending nodes always set the Transport Control field to zero when
building an IPX packet. When a router receives a packet that requires
further routing, it increments this field by one and forwards the packet.
Packet Type Type of service offered or required by the packet.
Novell currently uses the packet types listed in Table 1.
Table 1
Packet Types
Packet Type
Field Value (Hex)
Purpose
NLSP
0x00
NLSP packets
Routing information
0x01
RIP packets
Service advertising
0x04
SAP packets
Sequenced
0x05
SPX packets
NCP
0x11
NCP packets
Propagated
0x14
NetBIOS and other

propagated packets
Destination Network Number of the network to which the destination

node is attached.
When a sending node sets this field to 0x0 (that is, 0x00000000), the
destination node is assumed to be on the same network segment as the
sending (or source) node.
A special case exists when a workstation sends SAP Get Nearest Server
and RIP Get Local Target (or Route Request) broadcast requests at
initialization time. Because the workstation does not yet know which
network it belongs to, it sets both the Source Network and Destination
Network fields to 0 for these requests. When a router receives one of these
requests, it sends a reply directly to the sending workstation, filling in the
Source Network and Destination Network fields with the appropriate
network numbers.
NOTE: IPX does not have a broadcast network number (such as 0xFFFFFFFF).
In addition to network number 0, the numbers 0xFFFFFFFF and

0xFFFFFFFE are reserved for specific purposes. For this reason, they
should not be assigned to any IPX network. For more information about
Understanding

103-000176-001
August 29, 2001
Novell Confidential
15
Manual
99a
38
July 17, 2001
reserved network numbers, refer to Reserved Network Numbers on

page 18.
Destination Node Physical address of the destination node.
Not all LAN topologies use the same size address field. A node on an
Ethernet network requires all 6 bytes to define its address; a node on an
Ammonite network requires only 1 byte.
A node address of 0xFFFFFFFFFFFF (that is, 6 bytes of 0xFF)
broadcasts the packet to all nodes on the destination network.
Destination Socket Socket address of the packet destination process.
Sockets route packets to different processes within a single node. Novell
reserves several sockets for use in the NetWare environment. Refer to
Table 2 on page 20 for a partial list of NetWare socket numbers.
NOTE: IPX does not have a broadcast socket number (such as 0xFFFF).
Source Network Number of the network to which the source node is

attached. If a sending node sets this field to zero, the local network to
which the source is connected is unknown. For routers, the rules that
apply to the Destination Network field also apply to the Source Network
field, except that routers can propagate packets that were received with
this field set to zero.
Source Node Physical address of the source node.
Broadcast addresses are not allowed.
Source Socket Socket address of the process that transmits the packet.
Processes communicating in a peer-to-peer fashion do not need to send
and receive on the same socket number.
On a network of workstations and servers, the server usually listens on a
specific socket for service requests. In such a case, the source socket is
not necessarily the same or even significant. All that matters is that the
server reply to the source socket. For example, all NetWare file servers
have the same socket address, but requests to them can originate from any
socket number.
Source socket numbers follow the same conventions as those for
destination sockets.
Higher-Level Protocol Headers Headers of higher-level NetWare
protocols, such as NCP or SPX. These headers occupy the data portion of
the IPX packet.
16

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
IPX Addressing
IPX defines its own internetwork and intranode addressing. For intranetwork
(node) addressing, IPX uses the physical address assigned to the network
interface board.
The IPX network address uniquely identifies an IPX server on an IPX network
and individual processes within the server. A complete IPX network address
is a 12-byte hexadecimal number comprising the following components:
A 4-byte network number (server)
A 6-byte node number (server)
A 2-byte socket number (server process)
The following is an example of a complete IPX network address:
FEDCBA98 1A2B3C5D7E9F 0453
Each number in an IPX address is contained in a field in the IPX header and
represents a source or destination network, node, or socket. The network
number is used only for Network-layer operations, namely routing. The node
number is used for local, or same-segment, packet transmission. The socket
number directs a packet to a process operating within a node.
For more information about each address component, refer to
Network Number on page 17
Node Number on page 19
Socket Number on page 20
Network Number
The IPX network number is the 4-byte hexadecimal address that serves as the
basis for IPX packet routing. Each network segment on an internetwork is
assigned a unique network number. NetWare routers use this number to
forward packets to their final destination network.
An IPX network number can contain up to eight digits, including zeros.
(Leading zeros are usually not displayed.) For example, 0xFEDCBA98,
0x1234567D, and 0xC7 are all valid network numbers.
With the fast setup feature available from NIASCFG, the routing software can
automatically detect the network number and data-link frame type used on an
Understanding

103-000176-001
August 29, 2001
Novell Confidential
17
Manual
99a
38
July 17, 2001
IPX network. After you configure a board and select a driver during the initial
router configuration, the router sends a RIP all routes request packet to the
network. From the responses it receives, the router determines the network
number and frame type it needs to use.
Reserved Network Numbers
The destination network of an IPX packet is typically an IPX network to

which a unique network number has been assigned. However, three network
numbers0x0, 0xFFFFFFFF, and 0xFFFFFFFEare reserved and cannot be
used to identify a specific network. These numbers have the following
meanings:
0x0 Represents the local network segment. If a router receives a packet
whose destination network number is 0, the packet's source and
destination nodes are attached to the same segment.
0xFFFFFFFF Represents an all routes request between NetWare
routers. If a router receives a packet whose destination network number
is FFFFFFFF, it sends all the routes it knows about to the requesting
router.
0xFFFFFFFE Represents the default route . This is an advertised
destination to which IPX packets with unknown destination networks are
forwarded.
With NetWare routing software, a router that receives an IPX packet with an
unknown destination network can do one of two things: If another router on
the network is advertising 0xFFFFFFFE, the router forwards the packet to that
router. If 0xFFFFFFFE is not advertised on the network, the packet's
destination remains unknown and the router discards the packet.
Both RIP and NLSP have been modified to recognize 0xFFFFFFFE as the
default route. On a RIP network, the default route is typically advertised by a
RIP router that connects the LAN to a larger network infrastructure, such as a
corporate backbone or transit LAN .
The routing software cannot advertise the default route dynamically, but you
can configure the router to advertise it as a static route . To read about static
routes, refer to Static Routes and Services.
18

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Internal Network Number
NetWare 3 servers and NetWare 4 servers have an additional identifier called

an internal network number. This is a unique hexadecimal number between
one and eight digits that is assigned to the server at installation. The internal
network is a logical network that NetWare uses to advertise services and route
IPX packets to the physical networks attached to the server.
The internal network number overcomes some routing and connectivity
limitations inherent in NetWare 2. These are summarized in the following
paragraphs.
A NetWare 2 server selects a primary interface and advertises its services as
reachable through that interface. On a network with more than one server,
packets might travel an extra hop to reach their destination.
A NetWare 2 server loses network connectivity if its primary network
interface board fails, even if the server has Network-layer connectivity
through another interface. Consider a NetWare 2 server with connections to
two networks. The server advertises its services through the primary interface
attached to one of the networks. If that interface fails, workstations attached
to the server through the second network might not be able to log in to the
server.
Node Number
The node number is the 6-byte hexadecimal address that identifies a device on
an IPX network. This device can be a file server, router, workstation, or
printer. The node number is identical to the physical address assigned to the
interface board that connects the device to the network.
The IPX header contains a Destination Node field and a Source Node field.
These fields contain the same destination and source node addresses found in
the MAC header. A NetWare workstation, for example, uses the destination
node address to locate and forward packets to another workstation on the same
network segment.
IPX requires the node number to be unique only within the same IPX network.
For example, a node on network FEDCBA98 can use the number
1A2B3C5D7E9F, and a node on network 1234567D can also use the number
1A2B3C5D7E9F. Because each node has a different network number, IPX
recognizes each node as having a legitimate, unique address.
Understanding

103-000176-001
August 29, 2001
Novell Confidential
19
Manual
99a
38
July 17, 2001
Socket Number
The socket number is the 2-byte hexadecimal number that identifies the
ultimate destination of an IPX packet within the node. This destination is
actually a process such as routing (RIP) or advertising (SAP)that
operates within the node. Because several processes are typically operating at
any given time, socket numbers provide a type of mail slot by which each
process can identify itself to IPX.
A process that must communicate on the network requests that a socket
number be assigned to it. Any packets that IPX receives that are addressed to
that socket are passed to the process. Socket numbers provide a quick method
of routing packets within a node.
Table 2 lists some socket numbers and processes used in the NetWare
environment.
Table 2
NetWare Socket Numbers and Processes

Socket Number
Process
0x451
NCP
0x452
SAP
0x453
RIP
0x455
Novell NetBIOS
0x456
Diagnostics
0x9001
NLSP
0x9004
IPXWANTM protocol
(For information about IPXWAN, refer to IPX
Operation over WAN Links on page 24.)
Socket numbers between 0x4000 and 0x7FFF are dynamic sockets; these are
used by workstations to communicate with file servers and other network
devices. Socket numbers between 0x8000 and 0xFFFF are well-known
sockets; these are assigned by Novell to specific processes. For example,
0x9001 is the socket number that identifies NLSP. Software developers
writing NetWare applications can contact Novell to reserve well-known
sockets.
20

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
How IPX Routing Works

NetWare routers interconnect different IPX network segments and receive
instructions for addressing and routing packets between these segments from
the IPX protocol. IPX accomplishes these and other Network-layer tasks with
the help of RIP, SAP, and NLSP.
For more information about how IPX routing works, refer to:
When a Workstation Sends an IPX Packet
When a Router Receives an IPX Packet
When a Router Forwards an IPX Packet
When a Workstation Sends an IPX Packet

Consider a NetWare workstation that wants to send data to another
workstation. If both workstations share the same network number (both are on
the same segment), the sending workstation addresses and sends packets
directly to the destination workstation's physical address. If the two
workstations have different network numbers (each is on a different segment),
the sending workstation must first find a router on its own segment that can
forward packets to the segment on which the destination workstation resides.
To find this router, the sending workstation broadcasts a RIP packet requesting
the fastest route to the destination segment. The router on the sending segment
with the shortest path to the destination segment responds to the request. In its
response, the router includes its own network and node address in the IPX
header.
NOTE: If the sending node is a router instead of a workstation, the router does not
need to broadcast a RIP request to obtain this information; the router obtains the
information from its internal routing table.
When the sending workstation knows the router node address, it addresses and
sends packets to the destination workstation as follows:
1. The sending workstation places the destination node IPX network
addressnetwork, node, and socket numbersin the corresponding
destination fields of the IPX header.
2. The sending workstation places its own IPX network addressnetwork,
node, and socket numbersin the corresponding source fields of the IPX
header. The sending workstation also fills out all other fields in the
header.
Understanding

103-000176-001
August 29, 2001
Novell Confidential
21
Manual
99a
38
July 17, 2001
3. The sending workstation places the node address of the router that
responded to the RIP request in the Destination Address field of the MAC
header.
4. The sending workstation places its own node address in the Source
Address field of the MAC header.
5. The sending workstation sends the packet.
When a Router Receives an IPX Packet

When a router receives an IPX packet, it performs the following tasks:
1. The router checks the Transport Control field of the IPX packet header.
A RIP router discards the packet if the value in this field is greater than
16.
An NLSP router discards the packet if the value in this field is greater than
the value of the Hop Count Limit parameter.
2. The router checks the IPX header Packet Type field.
Note that if the packet type is 20 (0x14, NetBIOS), the packet is handled
as follows:
a. The router examines the Transport Control field of the IPX header. If
this value is 8 or greater, the router discards the packet. (Propagation
of a NetBIOS packet is limited to eight networks.)
b. The router compares each network number entry in the packet to the
network number of the segment on which the router received the
packet.
If the router finds a match, it discards the packet to prevent multiple
traversals of the same network segment. If the router finds no match,
it performs the next step.
c. The router places the address of the network segment from which the
packet arrived in the next available Network Number field.
d. The router increments the Transport Control field of the IPX header
and broadcasts the packet to all directly connected network segments
that are not represented in the Network Number fields.
3. The router checks the IPX header Destination Address fieldsnetwork,
node, and socket numbersto determine how to route the packet.
22

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If the packet is addressed to the router, the appropriate socket process

handles it internally; otherwise, the router forwards the packet.
NOTE: Packets that must be handled internally are those addressed directly to the
router and those broadcast (destination node = 0xFFFFFFFFFFFF) to any network

segment to which the router is directly connected. Usually, only RIP, SAP, and
diagnostic packets fall into this category.
When a Router Forwards an IPX Packet

When forwarding packets, the router can take one of two possible actions. If
the packet is destined for a network number to which the router is directly
connected, the router performs the following tasks:
1. The router places the destination node address from the IPX header in the
Destination Address field of the MAC header.
2. The router places its own node address in the Source Address field of the
MAC header.
3. The router increments the Transport Control field of the IPX header and
forwards the packet to the destination node segment.
IMPORTANT: If the Transport Control field equals the maximum allowed hop
count before the field is incremented, the router discards the packet. For RIP
routers, the hop count limit is 16; for NLSP routers, this limit can be set to any
number between 8 and 127.
Note also that broadcast packets are never rebroadcast onto the network
segment from which they are received.
If the router is not directly connected to the segment on which the final
destination node resides, it sends the packet to the next router in the path to the
destination node, as follows:
1. The router places the node address of the next router in the Destination
Address field of the MAC header.
The router gets this information from its Routing Information Table.
2. The router places its own node address in the Source Address field of the
MAC header.
3. The router increments the Transport Control field in the IPX header and
forwards the packet to the next router.
Understanding

103-000176-001
August 29, 2001
Novell Confidential
23
Manual
99a
38
July 17, 2001
IPX Operation over WAN Links

For packets to travel between two IPX network segments separated by a
WAN, there must be a connection between the two routers representing each
segment. This connection is represented by the WAN call destination , a
unique name that identifies the router on the other end of the connection.
A WAN connection can be initiated by any of the following methods:
Automatic Established between the local router and the call
destination when IPX is bound to a WAN port. Automatic connections are
established typically at router startup.
Manual Established between the local router and the call destination
by a user from the Call Manager utility (CALLMGR).
Data-initiated Established when the local router needs to send data to
the (remote) router represented by the WAN call destination. This
connection method is characteristic of on-demand calls, which are
described in the following section.
After a WAN connection is established, the routers use the IPXWAN protocol
to negotiate the values or states of various connection characteristics, such as
speed, throughput, routing type, and IPX header compression. These and other
characteristics are negotiated before the routers exchange any routing
information or data.
For more information about IPX operation over WAN links, refer to
Call Types on page 25
Routing Types on page 27
Static Routes and Services on page 28
Watchdog Packet Spoofing on page 30
Header Compression on page 31
24

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Call Types
Associated with each WAN call destination is the call type, which
characterizes the behavior of the call after it is established. Calls can be
permanent or on-demand.
For more information about call types, refer to:
Permanent Calls on page 25
On-Demand Calls on page 25
Routed On-Demand Calls on page 26
Permanent Calls
A permanent call is a connection that remains active between the local router
and the remote router identified by the call destination. A permanent call can
be established automatically from configured protocol-to-board bindings, or
manually from CALLMGR. The call remains active until IPX is unbound
from the interface, or until the connection is disconnected manually from
CALLMGR. If a permanent call fails, IPXRTR tries to reestablish the
connection.
IPX routing and service information crosses permanent calls as required by
the operative routing/service protocol, which can be RIP/SAP or NLSP. If you
do not want routing and service traffic to cross a permanent-call link, the
routing software enables you to configure static routes and services on each
router. This is typically how IPX routers are made aware of remote routes and
services over links that use on-demand calls.
For information about static routes and services, refer to Static Routes and
Services on page 28.
For more information about permanent calls, refer to Understanding in the
routing documentation for NetWare/Link PPP.
On-Demand Calls
An on-demand call is a dedicated, point-to-point connection between two
routers that becomes active only when one router must send user data to the
other. Because the on-demand call relies on configured static routes and
services, no routing or service information crosses the link while the call is
active.
Understanding

103-000176-001
August 29, 2001
Novell Confidential
25
Manual
99a
38
July 17, 2001
With an on-demand call, the link remains inactive until user data needs to
cross it. Workstations needing to reach remote destinations send packets to
their local IPX router advertising the routes, assuming the packets can reach
their destination. The local router stores the packets and tries to establish a
connection to the remote router. After the local router completes the call and
negotiates on-demand service, it forwards the stored packets to the remote
router, which then forwards them to their destination.
NOTE: To avoid activating potentially expensive connections, IPX routers do not
forward type 20 (NetBIOS) packets over on-demand calls.
For more information about on-demand calls, refer to Understanding in the

routing documentation for NetWare/Link PPP.
Routed On-Demand Calls

NetWare routing also enables you to configure a routed on-demand call.
Unlike the standard on-demand call, which relies on statically configured
routes and services, a routed on-demand call runs a routing protocol while the
link is active. When the link goes down, the routes and services made known
by the routing protocol become unavailable.
If no data crosses the link after some period of time, a Data-Link layer timer
triggers the termination of an on-demand call. However, the routing protocol
running over a routed on-demand call resets this timer each time it transmits a
packet. This keeps the link continuously active. To solve this problem, the
routing software uses a similar timer that operates at the Network layer. This
timer is reset only when data packetsnot protocol packetscross the link.
In this way, the routing updates do not keep the link active when no data is
being transmitted.
Routed on-demand calls are well-suited for large corporate networks that have
many branch offices. In this type of internetwork, most of the traffic is
unidirectional: from the branch office to the corporate network. Configuring
each branch office with a single (default) route to the corporate network is
sufficient. When a branch office router establishes a link to the router serving
the corporate network, the routing protocol floods the branch office routes into
the corporate network. This is necessary so that responses to branch office
service requests know how to reach their destination in the branch office
network. As long as the branch office forwards information to the corporate
network, the link remains active. If the link is idle for some predetermined
period of time, it goes down.
26

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
You configure a routed on-demand call the same way you configure a standard
on-demand call with one exception: you must configure a routing protocol to
operate over the link.
Routing Types
IPXWAN negotiates the WAN routing type, which determines which IPX
routing protocolif anyruns over the connection. NetWare routing
supports the following routing types for IPX exchanges over a WAN
connection:
NOTE: The first four routing types operate only between routers; the fifth, WAN
Workstation , operates between a router and a NetWare workstation.
WAN NLSP Uses NLSP to exchange routing and service information

over the connection. This is the most efficientand preferredrouting
type for WAN connections requiring an active routing protocol. A WAN
NLSP connection does not require an IPX network number.
Unnumbered RIP Uses RIP and SAP to exchange routing and service
information over the connection but requires no IPX network number.
Numbered RIP Also uses RIP and SAP to exchange routing and
service information over the connection but does require an IPX network
number.
On-Demand Uses no active routing or service advertising protocol,
but rather a set of static routes and services on each router.
WAN Workstation Enables a NetWare workstation to connect to an
IPX internetwork through a remote router. No routing protocol runs over
the connection, except when the workstation sends a route or service
request to the router.
To choose the most suitable routing type, IPXWAN considers the following
criteria during its negotiation process:
Which versions of the routing software are running on the routers
Earlier versions of the routing software, such as NetWare Multiprocessor
Router PlusTM 2.1x software and NetWare WAN LinksTM 2.0 software,
support only Numbered RIP connections.
Which routing protocolRIP or NLSPis enabled on the WAN
interfaces at each end of the connection
Understanding

103-000176-001
August 29, 2001
Novell Confidential
27
Manual
99a
38
July 17, 2001
For example, two routers running NLSP at their respective WAN

interfaces automatically use the WAN NLSP routing type over the
connection.
Whether a third-party router is running at the other end of the connection
Some third-party routers might support only Numbered RIP connections
for IPX routing over WANs.
Whether the WAN call destination is configured as a permanent call or an
on-demand call
WAN NLSP, Unnumbered RIP, and Numbered RIP operate only over
permanent calls; the On-Demand routing type operates only over ondemand calls.
Static Routes and Services

A static route is a RIP route that is added to the Routing Information Table by
a network administrator, rather than by the active routing protocolin this
case, RIPoperating over a network link. For a WAN connection, a static
route comprises a WAN call destination, the destination IPX network number,
and the route metrics (hops and ticks) to reach the destination. A static service
is a SAP service that is also added manually rather than dynamically by SAP.
A static service comprises a WAN call destination; the service name and type;
the service address network, node, and socket; and the service metrics (hops
and ticks) to reach the destination advertising the service. With the routing
software, you can configure static routes and services for both permanent and
on-demand calls.
When used with permanent calls, static routes and services are useful for
redirecting traffic to a particular network, perhaps for security reasons, and for
conserving bandwidth on slow or low-capacity links. A single static route is
also useful as a default route. In this way, the only routing information
crossing the link is that required by users to access a specified set of services.
When used with on-demand calls, static routes and services are useful for
connections that use expensive telecommunications carriers and for slow links
over which it is undesirable to exchange routing and service information.
Consider an internetwork that connects tens to hundreds of branch offices to a
single main office. Typically, each branch office requires periodic access to
information at the main office. However, it is most likely that the main office
periodically polls the branch offices to get up-to-date information, such as the
day's sales figures. Because a permanent call to each branch office is not
28

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
necessary, connections to the main office need only be low-speed, dial-up

lines. For this reason, the first several minutes of the call should not be taken
up by a flood of routing and service information into a branch office. Nor
should there be a relatively smaller flood of (mostly irrelevant) routing and
service information from a branch office into the main office.
Figure 3 shows a typical configuration for static routes and services over an
on-demand call.
Figure 3
On-Demand Call Between a Branch Office and the Main Office
Configured Static Routes:

AA012123 (Server Internal Network)
AA000000 (Main Office Router Internal Network)
Configured Static Routes:
10000001 (Workstation Network)
10000000 (Branch Office Router Internal Network)
Configured Static Services:

ACCOUNTS
AA012123:000000000001:0451
File Service (SAP Service Type 4)
MAIN_OFFICE_RTR
AA000000:000000000001:0451
Branch Office:
20 Networks,
plus Services
Configured Static Services:

BRANCH_01_RTR
10000000:000000000001:0451
On-Demand Call
Branch Office Router
Name = BRANCH_01_RTR
Internal Network = 10000000
Main Office Router

Name = MAIN_OFFICE_RTR
Internal Network = AA000000
Main Office:
1000 Networks,
plus Services
Network:
10000001
Main Office Accounting Server

Name = ACCOUNTS
Internal Network = AA012123
NetWare Workstation
Network = 10000001
In this configuration, the branch office router, BRANCH_01_RTR, must

know only the addresses and names of a few servers and services. This small
number of extra routes and services is of minimal burden to the branch office
network. The main office router, MAIN_OFFICE_RTR, must keep track of
only a few networks and services from each branch office. This is significantly
better than being flooded with potentially thousands of extra routes and
services that are of no use to the main office network.
Understanding

103-000176-001
August 29, 2001
Novell Confidential
29
Manual
99a
38
July 17, 2001
To configure static routes and services for permanent and on-demand calls,
you can use either of the following utilities:
NIASCFG, which you also use for configuring boards and network
interfaces, and for enabling protocols and bindings on the router. If you
use NIASCFG, you must configure all routes and services manually.
STATICON, the static routes and services configuration utility for IPX.
STATICON discovers which routes and services are available through a
remote router and then adds them automatically to the static routing table
on a local router. Because STATICON gathers and exchanges the
information automatically, it is essential for configuring large numbers of
static routes and services.
Watchdog Packet Spoofing

NetWare servers use the Watchdog protocol to validate workstation
connections periodically. When a workstation is logged in to a server but has
not transmitted a packet for some period of time (the default is 5 minutes), the
server sends a watchdog query packet to the workstation. If the workstation
does not reply with a watchdog response packet after 5 minutes, the server
sends additional queries at specified intervals until 15 minutes have elapsed.
If the workstation still has not replied, the server terminates the connection.
With several workstations operating over an on-demand call, the exchange of
watchdog packets can keep the connection active most of the time. Depending
on the telecommunications carrier you use for the connection, this can become
expensive.
You can avoid this problem by configuring your router to perform watchdog
spoofing . This means that the router captures watchdog query packets on their
way to a workstation and responds on behalf of the workstation without
activating the on-demand call. Because of the spoofing, however, the
workstation's server connection remains occupied unless it logs out. A way to
avoid this is for the remote server to execute a forced logout of all
workstations at a predetermined time (midnight, for example), so that all
server connections are freed for the next day.
Figure 4 on page 31 shows how watchdog spoofing works over an on-demand
call.
30

103-000176-001
August 29, 2001
Novell Confidential
Manual
Figure 4
99a
38
July 17, 2001
Watchdog Spoofing Enabled over an On-Demand Call
Main Office
Router
Branch Office
Router
Watchdog Query:
"Are you still there?"
On-Demand Call
Query Response:
"Yes, I am still here."
Workstation
Main Office
Accounting Server
When watchdog spoofing is enabled on an on-demand call, watchdog packets,

going from a server to a client, cause the router to reply that the workstation
is active without initiating the call. If watchdog spoofing is disabled, an ondemand call is initiated for each watchdog packet that crosses the connection.
Header Compression
NOTE: NCP header compression is not used for NCP packets using the Packet
BurstTM protocol. Because IPX headers are the standard, IPX header compression
is used.
Header compression increases the throughput of IPX and NCP packets over
low-speed serial lines (except for NCP packets using the Packet Burst
protocol). An IPX packet header is 30 bytes and is typically followed by an
upper-layer protocol header, such as an SPX header. Header compression
reduces the size of this combined packet header to just a few bytes.
Header compression is negotiated by the IPXWAN protocol when a call is
established over any WAN connection type. Header compression is not used
on the connection if IPXWAN detects that one of the routers does not support
it. The routers at each end of the connection must have header compression
enabled and must allocate the same number of compression slots.
For more information about header compression, refer to
Compression Slots on page 32
Compression Packet Types on page 33
Understanding

103-000176-001
August 29, 2001
Novell Confidential
31
Manual
99a
38
July 17, 2001
Compression Slots
When you enable header compression, you can also specify the number of
compression slots. A compression slot is a location in router memory that
stores packet header information. The compression algorithm uses this
information to compress outgoingand decompress incomingpacket
headers.
IMPORTANT: You must allocate the same number of compression slots on each
router. If the values are different, the IPXWAN protocol chooses the lesser of the
two.
If too few compression slots are allocated for the number of different-style
packets crossing the connection, the values in the following IPXCON counters
become large:
Initialization Packets Sent
Initialization Packets Received
Uncompressed Packets Sent
Uncompressed Packets Received
The compression algorithm is running efficiently if the number of compressed
packets sent is significantly higher than the values in these counters.
A router sends an uncompressed packet when it is considered beneficial not to
reuse a compression slot.
Allocating too many compression slots has its own consequences. More
memory is required to store all the headers, and the compression algorithm
must scan through more stored headers to find a match for each transmitted
packet. This results in a higher processing load and slower performance.
32

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Compression Packet Types

Five packet types are used to exchange compression-state information about
packets sent over a connection on which header compression is enabled. Three
of these packet typesslot initialization, reject, and acknowledgment
packetsmanage the flow of compressed and uncompressed packets over the
connection; these are the compression protocol packets. The packet type,
along with other information, is indicated in the first byte of a compressed
packet. Compression packet types are defined as follows:
Uncompressed packet A standard, uncompressed IPX or NCP packet.
A router sends an uncompressed packet when the packet cannot be
compressed or a decision was made not to compress it. When the remote
router receives an uncompressed packet, it simply removes the 1-byte
compression header and passes the packet to IPX.
IPXCON tracks uncompressed packets exchanged on a connection in the
Uncompressed Packets Sent and Uncompressed Packets Received
counters.
Compressed packet A compressed IPX or NCP packet. Compressed
packets do not contain the standard packet header. Instead, they contain
the number of a compression slot on the receiving router. This slot
contains the information necessary for the compression algorithm to
decompress the packet header before passing the packet to IPX.
IPXCON tracks compressed packets in the Packets Sent and Packets
Received counters.
Slot initialization packet A compression protocol packet that a router
sends to prepare a compression slot on the receiving router for use.
Initialization packets can prepare new slots or previously used slots for
reuse. The routing software uses two different initialization packets: one
for IPX packets and one for NCP packets.
IPXCON tracks initialization packets in the Initialization Packets Sent
and Initialization Packets Received counters.
Reject packet A compression protocol packet that a router sends when
it receives another compression protocol packet that it does not
understand.
IPXCON tracks reject packets in the Reject Packets Sent and Reject
Packets Received counters.
Understanding

103-000176-001
August 29, 2001
Novell Confidential
33
Manual
99a
July 17, 2001
38
Acknowledgment packet A compression protocol packet that

acknowledges receipt of an IPX slot initialization packet. The
transmitting node continues to send slot initialization packets until it
receives an acknowledgment packet. After receiving the
acknowledgment packet, the transmitting node begins to send
compressed packets.
IPXCON does not track acknowledgment packets.
IPX Route Aggregation

IPX Route Aggregation enables you to introduce routes learned through RIP
into an NLSP backbone in a summarized form. Route aggregation compactly
describes many IPX network numbers simultaneously by using an address and
mask pair. For example, all addresses from C9000000 to C9FFFFFF can be
represented using the address C9000000 and the mask FF000000.
FigureFigure 5 on page 34 shows a typical topology for using route
aggregation, a backbone network with several RIP areas attached. In
FigureFigure 5 on page 34, the information within the backbone is minimized
by having routers R1, R4, R8, and R9 report address summaries for the
attached areas. In this scenario, the default route is the only information about
reachable external addresses that must be transmitted within an attached area.
Therefore, information within the attached areas is minimized.
Figure 5
Aggregated Routes Topology
R10
R9
RIP
R3
R7
R4
NLSP Backbone
R8
R1
R2
RIP
34

103-000176-001
August 29, 2001
Novell Confidential
RIP
Manual
99a
38
July 17, 2001
For more information about IPX route aggregation, refer to

Introducing Aggregated Routes into NLSP on page 35
Consistent Use of Routers that Support Route Aggregation on page 36
Interaction with SAP on page 36
Metrics Used with Aggregated Routes on page 36
Introducing Aggregated Routes into NLSP

Aggregated routes are introduced into NLSP in the same way that external RIP
routes are introduced. There are two methods of introducing aggregated routes
into NLSP:
Aggregated routes are introduced through static configurations. If an
aggregated route is configured for a static routing link, the configured
aggregated route is reported into the NLSP area as soon as IPXRTR binds
to the interface.
Aggregated routes are learned from RIP. An address summary can be
configured for a link, but unless at least one address matches the address
summary, as learned through RIP, the summary is not reported.
For example, if a router is configured with address summaries 572* and 5729*
on a link running RIP and learns from that link that the destination 57285489
is reachable and that no other matching destinations are learned, then the
router reports the aggregated route 572* to the NLSP area. The asterisk
represents a wildcard character. If the router learns that destination 57298381
is reachable, then only 5729* is reported to the NLSP area. If both 57298381
and 57212376 are reachable, then the router reports both 572* and 5729* to
the NLSP area.
Routers always report aggregated routes with the longest match. For example,
if a router is configured with address summaries C9* and C91* and learns that
the destination C9123456 is reachable, then the router reports only the
aggregated route C91*.
Understanding

103-000176-001
August 29, 2001
Novell Confidential
35
Manual
99a
38
July 17, 2001
Consistent Use of Routers that Support Route

Aggregation
Route aggregation into an NLSP area is possible only if all routers in that area
support address summaries. Routers that do not support route aggregation do
not recognize destination addresses for aggregated routes; they forward
packets to the default route or drop packets if no default route is configured.
Because routers that support route aggregation route packets differently from
routers that do not support route aggregation, routing loops can occur.
Therefore, if a router that supports route aggregation detects that the next-hop
router on the path to an aggregated destination is a router that does not support
route aggregation, it will drop the packet.
Interaction with SAP

Without route aggregation, if a service is announced with an address that is not
explicitly reachable, RIP assumes the service is unreachable. When NLSP and
RIP are used with route aggregation, SAP is accepted, provided a packet can
be forwarded to the corresponding network number. A packet can be
forwarded when there is a default route and address summary or when there is
an explicit advertisement of that network number.
This feature is disabled by default. It can be enabled by entering the following
command after IPXRTR.NLM has been loaded:
SET REQUIRED NETWORK FOR SERVICES=ON
Metrics Used with Aggregated Routes

If a router is configured to introduce an address summary into an NLSP area,
it does so, with the number of ticks equal to 1 (as the default), an area count
equal to 6 (as the default), and the ability to configure both parameters with a
different value. The area count is the number of areas through which the route
information is allowed to propagate. As the route information is passed
through each of these areas, the area count is decremented by one. This
enables the initial sending router to control the spread of information through
all NLSP areas that are connected to each other.
Address summaries are not exported from an NLSP area into a RIP cloud
because the capability to express a summarized route within RIP does not
exist. In addition, updating RIP with this capability is not cost-effective
because the default route is sufficient for RIP.
36

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
IPX Address Mapping Gateway

Using the IPX Address Mapping Gateway (IAMG) offers the following three
advantages:
Your hosts can connect to a backbone network even when your local
network numbers are not compatible with the backbone addressing
scheme.
If the routing protocol in the backbone does not support route aggregation
(such as earlier implementations of NLSP), the routing protocol probably
cannot manage the number of network addresses from every customer.
Even if the routing protocol could handle route aggregation, network
numbers might be assigned in a way that does not lend itself to
aggregation. IAMG enables the summarization of routes in a manner
transparent to the routing protocol by mapping many network numbers to
a single number outside the local network. This capability greatly reduces
the number of networks that must be advertised throughout the global
internetwork.
The security of the local intranet is enhanced because local networks are
not advertised throughout the global internetwork.
In Figure 6 on page 38, any packets generated from the client on the customer
network for the backbone have their source IPX network number converted to
the 01014000 gateway address. In addition to mapping a client network
address to an address compatible with the backbone, IAMG converts the IPX
node address to a unique value based on characteristics of the original node
number. Services on the customer network, such as file servers with Novell
Directory Services (NDS) that advertise their network addresses through
SAP and that must be visible in the backbone, are not translated. To be visible
in the backbone network, the services must use a registered backbone address.
All registered source addresses are left untranslated.
Understanding

103-000176-001
August 29, 2001
Novell Confidential
37
Manual
Figure 6
99a
38
July 17, 2001
IAMG Implementation
Gateway Address
01014000
Backbone
Service
Customer
Network
Backbone Network
IPX Address
Mapping Gateway
Backbone
Services
00001234
NetWare
Workstation
NetWare
File Server
The IAMG allows multiple gateways to be connected between the customer

network and backbone network in parallel. All such gateways on a customer's
network share a single gateway address. If a gateway receives a packet from
the backbone network with an unknown mapping on the gateway network, the
packet is forwarded to all other IAMGs advertising the same gateway address.
If necessary, the packet is split into multiple segments using the IPX
fragmentation module so that the packet can be forwarded with a new header
attached.
If not all gateways support the IPX fragmentation specification, the IAMG is
designed to allow the gateways to run in parallel. In this automatic mode of
operation, some packets might be lost during the learn cycle. When the
gateway that created the mapping receives the forwarded data packets from
the backbone, an update reporting the mapping is returned to the gateway that
initially received the packet. Because more packets probably will follow, the
gateway learns the new mapping.
The IAMG discards any packet destined for the gateway that has the broadcast
node address so that outside clients cannot cause an excessive number of
broadcasts within a network. NetBIOS broadcasts (packet type 20) cannot be
used on a network attached to an interface that has the IAMG enabled.
Broadcasts to networks other than the gateway address are allowed.
38

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
When the IAMG is configured, care must be taken to avoid address conflicts.
We recommend using the following configuration guidelines:
Conflicts might occur when token ring and Ethernet interfaces are used
on the same network. For instance, when the NetWare Mobile IPXTM
software and NetWare remote access software assign node addresses,
they set the IEEE Local bit and clear the IEEE Multicast bit. Because
token ring networks use a different bit order (canonical instead of
noncanonical) within the node address, incorrect interpretations can be
made, and locally assigned addresses might conflict with IEEE token ring
addresses. It is also possible for IEEE Ethernet node addresses to conflict
with IEEE token ring addresses, even though the IEEE assigned
addresses are different. You can avoid conflicts by taking the following
precautions:
Use command line switches to load the LAN drivers on the
conflicting segments with the opposite canonical order for the MAC
addresses.
Use a different LAN card.
Because detected conflicts are echoed to the system console, resolve
conflicts by manually reconfiguring the address of the offending
workstation.
If a router supporting IPX WAN client dial-in connections is configured
to use node addresses that use the upper 34 bits of the node address, node
address conflicts can occur. To avoid conflicts, the IPX WAN client router
must have a registered network address for the WAN clients that is not
translated, or it must use a low node address (less than 14 bits) on that
network.
Understanding

103-000176-001
August 29, 2001
Novell Confidential
39
Manual
40

103-000176-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
Planning
This section explains what decisions must be made before you can configure
IPXTM beyond its most basic configuration.
IPX Configuration Decisions

How you configure IPX beyond its most basic configuration depends on the
following decisions:
Whether to turn off IPX packet forwarding or to use the system as an
IPX router
The routing software enables you to turn off IPX packet forwarding on a
NetWare file server. This is useful when you have more than one
NetWare system connecting two or more LANs and you want to free one
of the systems from the task of forwardingthat is, routing IPX
packets between the LANs.
To turn off IPX packet forwarding, refer to Turning Off IPX Packet
Forwarding on page 51.
If you have WAN connections, whether to configure any of the
following:
Static routes and services
Watchdog packet spoofing
Routed or static on-demand calls
IPX and NetWare Core ProtocolTM (NCPTM) header compression
How you configure a WAN connection for IPX depends on how you want
to use the connection and whether you use IPX with PPP, X.25, frame
relay, or asynchronous transfer mode (ATM).
Planning

103-000176-001
August 29, 2001
Novell Confidential
41
Manual
99a
38
July 17, 2001
NOTE: Before you can configure IPX to run over a WAN connection, you must
configure the WAN board, a network interface, and at least one WAN call
destination.
To configure static routes and services for a permanent or on-demand call,

refer to Configuring Static Routes and Services on page 53.
To configure watchdog packet spoofing, refer to Configuring Watchdog
Spoofing on page 65.
To configure routed or static on-demand calls, refer to Configuring
Routed or Static On-Demand Calls on page 67.
To configure header compression, refer to Configuring IPX and NCP
Header Compression on page 69.
Whether to use NLSP, RIP/SAP, or both
NetWare Link Services ProtocolTM (NLSPTM ) software is the Novell link
state routing protocol for IPX internetworks; Routing Information
Protocol (RIP) and Service Advertising Protocol (SAP) are the traditional
NetWare routing and service advertising protocols.
To configure NLSP on your router, refer to Configuring NLSP on page
72.
To configure RIP and SAP on your router, refer to Configuring RIP and
SAP on page 77.
Whether to configure file server proxying on a dedicated router
File server proxying is useful when you have a dedicated routera PC
running Novell Internet Access Server 4.1 over a two-user version of
NetWare 4.11and several NetWare workstations operating on the same
network. Proxying enables the dedicated router to reply to workstations'
Get Nearest Server requests with the name of a NetWare file server
instead of its own. This enables the server, which has multiple connection
slots, to handle simultaneous NCP connection requests from the
workstations.
To configure file server proxying, refer to Proxying a NetWare File
Server on page 84.
42

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Whether to use the IPX Address Mapping Gateway

The IPX Address Mapping Gateway provides the following advantages:
You can connect to a backbone network even when your local
network numbers are not compatible with the backbone addressing
scheme.
If the routing protocol in the backbone does not support route
aggregation, like most implementations of NLSP, the routing
protocol probably cannot manage the number of network addresses
from every user. Even if the routing protocol could handle route
aggregation, network numbers might be assigned in a way that does
not lend itself to aggregation. The IPX Address Mapping Gateway
enables the summarization of routes in a manner transparent to the
routing protocol by mapping many network numbers to a single
number outside the local network.
To use the IPX Address Mapping Gateway, refer to Configuring the IPX
Address Mapping Gateway on page 86.
Whether to use IPX Route Aggregation
IPX Route Aggregation allows your router to compactly report many IPX
networks to a connecting backbone network. IPX Route Aggregation is
most useful when several RIP networks are attached to an NLSP
backbone network. Information in the backbone network is minimized by
having the routers that connect to RIP networks report address summaries
for these networks.
To use IPX Route Aggregation, refer to Configuring IPX Route
Aggregation on page 88.
Whether to change how your router propagates type 20 packets
Type 20 is an IPX packet type that refers to any propagated packet.
NetBIOS packets, for example, are type 20 packets. If your router
processes a large number of type 20 packets, you can control how it
propagates these packets through its interfaces. This can reduce the
amount of traffic on a LAN.
To change how your router propagates type 20 packets, refer to
Controlling the Propagation of Type 20 Packets on page 89.
Planning

103-000176-001
August 29, 2001
Novell Confidential
43
Manual
99a
38
July 17, 2001
Whether to change the hop count limit of outbound IPX packets

This enables you to control the range of outbound IPX packets on your
router.
To control the range of IPX packets, refer to Changing the Hop Count
Limit for IPX Packets on page 90.
Whether to balance traffic loads over equal-cost routes
If your router has two or more network interfaces that can reach the same
destination, it can distribute outbound traffic among those interfaces for
an effective increase in throughput. This is called load balancing .
To configure load balancing over equal-cost routes, refer to Balancing
Traffic Loads over Equal-Cost Routes on page 92.
Whether to configure SPX connection parameters
Some NetWare applications have specific requirements for Sequenced
Packet ExchangeTM (SPXTM) connection timeouts, retry counts, and so
on. If any of these applications are used on your network, you might need
to configure certain SPX parameters to enable these applications to run
properly.
To configure any of these parameters, refer to Configuring SPX
Connection Parameters on page 94.
Whether to change the delay and throughput values on your router
This section explains how to set the delay and throughput values on a
router to avoid connection timeouts over a slow link. This is often
necessary for routers on LANs or bridged network segments that are
separated by slow links.
To change the delay and throughput values, refer to Setting Delay and
Throughput for a Slow Link on page 95.
44

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NetWare Mobile IPX Configuration Decisions

Each of the following is key to the success of NetWare Mobile IPXTM
configuration:
Mobile Client Driver Selection
Deciding Where to Locate a Home Router
Mobile Client Driver Selection

When selecting your driver for the mobile client, verify with the vendor that
the driver is written specifically with mobile operations in mind and that it
supports the following:
PCMCIA card in/card out capability
In-range and out-of-range capability
The NetWare Event Service Layer (NESL)

Planning ahead and knowing the appropriate ways to use NetWare Mobile
IPX will help you to use your mobile client efficiently. We recommend that
you do the following:
Disable background products such as E-mail that poll the network.
Use only data from the network. Keep your executable files on the mobile
client.
Complete operations such as saving files before removing the PCMCIA
card.
Deciding Where to Locate a Home Router

This section helps you choose the best location on your network to configure
the Home Router software. It also explains why more than one Home Router
can provide more efficient network operation in certain environments.
A Home Router forwards every packet destined for the mobile clients it
serves. If the Home Router is located far from both the file server and the
mobile client, and if the mobile client is close to the file server, a packet
Planning

103-000176-001
August 29, 2001
Novell Confidential
45
Manual
99a
38
July 17, 2001
destined for the mobile client travels more hops than necessary before arriving
at the destination, as shown in Figure 7.
Figure 7
Inferior Home Router Placement
Home
Router
LAN 3
Server
Router
LAN 2
Access
Point
LAN 1
Router
Request
Mobile Client
Response
Mobile client request to server
Server response to mobile client through Home Router
Redirected server response to mobile client
46

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The request from the mobile client takes the shortest route to the server. The
response from the server is first forwarded to the Home Router, because the
destination address is the internal network configured for the server on which
the Home Router resides. The router then patches the response with the mobile
client's actual address and forwards the packet to the mobile client. In this
topology, the response takes an inferior path to the mobile client because of
the extra hops taken.
In general, you should install the Home Router in the middle of the network
so that most clients are only a few hops away, as shown in Figure 8. The Home
Router should be located somewhere on the path between the file server and
the mobile clients.
Figure 8
Better Home Router Positioning
LAN 3
Server 2
Router
Server 1
LAN 2
Access
Point
LAN 1
Home
Router
Mobile Client
Planning

103-000176-001
August 29, 2001
Novell Confidential
47
Manual
99a
38
July 17, 2001
The best place to install the NetWare Mobile IPX Home Router software is on
the file server that the mobile clients use most, as shown in Figure 9. In this
way, when mobile clients access the file server, the responses from the file
server are patched with the mobile client's actual location before they ever
leave the server. Therefore, the responses do not travel an extra hop before
reaching the client.
Figure 9
Best Home Router Positioning
LAN 3
Server 2
Router
Server 3
LAN 2
Access
Point
LAN 1
Home
Router
on
Server 1
HINT: We recommend having a Home Router in each operating area. For
example, in a large corporation, you should have a Home Router in marketing,

finance, manufacturing, and so on. This enables mobile client users to connect to
a preferred Home Router.
If the server and mobile clients are located on one side of a WAN link and the
Home Router is on the other side of the link, costly WAN bandwidth is used
unnecessarily. If both networks on each side of a WAN link require NetWare
Mobile IPX, you should have two Home Routersone on each side of the
WAN link. Mobile clients use the closest Home Router, as shown in Figure 10.
48

103-000176-001
August 29, 2001
Novell Confidential
Manual
Figure 10
99a
38
July 17, 2001
Home Router Positioning over WAN Links
Server 1
Server 3
Mobile Client 2
Home
Router 1
Router
Access
Point
Access
Point
WAN Link
Router
Router
Home
Router 2
Mobile Client 1
Server 2
IMPORTANT: When a mobile client is transferred between the two sites over the
WAN and not restarted, the client still uses the original Home Router for
communicationscrossing the WAN if necessaryuntil the mobile client is
restarted.
Planning

103-000176-001
August 29, 2001
Novell Confidential
49
Manual
50

103-000176-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
Setting Up
Novell Internet Access Server 4.1 routing software provides a set of
configurable parameters with which you can modify operational
characteristics of the Internetwork Packet ExchangeTM (IPXTM) network
protocol. You configure all IPX parameters from the Novell Internet Access
Server Configuration utility (NIASCFG).
Turning Off IPX Packet Forwarding

As a typical part of its operation, a NetWare file server forwards (routes) IPX
packets between its network interfaces. By disabling the Packet Forwarding
parameter, you turn off IPX packet forwarding on a NetWare file server. This
is useful when you have more than one NetWare system on a network and you
want to make more computing resources available for file and print services.
A server with IPX packet forwarding disabled still operates as a file server, but
broadcasts only its own services and internal network numbernot those
associated with its network interfaces. A server operating in this way is
sometimes called a multihomed server. Although a multihomed server does
not reply to routing requests from NetWare workstations, it still accepts
incoming RIP and SAP broadcasts to maintain its bindery.
Figure 11 on page 52 shows how the tasks of routing and file service can be
divided between a NetWare file server and a dedicated router on the same
network. Typically, the task of routing IPX traffic between the two
internetworks is shared by the router and the file server. When you disable
IPX packet forwarding on the file server, the dedicated router assumes the task
of routing all IPX traffic. The file server, now free from the tasks of routing
IPX packets and answering route requests, can devote its full processing
resources to file service.
Setting Up

103-000176-001
August 29, 2001
Novell Confidential
51
Manual
Figure 11
99a
38
July 17, 2001
Turning Off IPX Packet Forwarding on a NetWare File Server
NetWare
Router
IPX
Internetwork
IPX
Internetwork
Routed Traffic
IPX
Internetwork
NetWare
Workstation
NetWare
Workstation
File Services
NetWare
Workstation
NetWare
File Server
Packet Forwarding = Disabled
You should turn off IPX packet forwarding if you do not want the server to
forward IPX packets between its interfaces.
For more information about IPX routing and related topics, refer to Chapter 1,
Understanding, on page 11. For more information about NetWare file and
print services, refer to your NetWare documentation.
How to Turn Off IPX Packet Forwarding

Before you begin, you must have at least two NetWare servers, or one
NetWare server and a dedicated router on the same IPX network.
To turn off IPX packet forwarding, complete the following steps:
1 Load NIASCFG, then select the following parameter path:
Select Configure NIAS > Protocols and Routing > Protocols > IPX
2 The Packet Forwarding parameter is already highlighted; select it, then
select Disabled .
52

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
3 Press Esc and save your change.

5 If you want this change to take effect immediately, select Reinitialize
System .
If you want to configure other parameters, do so now, then reinitialize the
system when you are finished.
Configuring Static Routes and Services

A static route is a RIP route that is added to a router's Routing Information
Table by a network administrator rather than by the active routing protocol
in this case, RIPoperating over a network link. With Novell Internet Access
Server 4.1, you can configure static routes and services for both permanent
and on-demand calls.
A permanent call is a connection that remains active between the local router
and the remote router identified by the call destination. An on-demand call is
a point-to-point connection between two routers that becomes active only
when one router must send user data to the router at the other end. On-demand
calls are well-suited for connections that use expensive telecommunications
carriers and for slow links over which it is undesirable to send routing and
service traffic. For more information about permanent and on-demand calls,
refer to Call Types on page 25.
You can configure static routes and services with the following utilities:
NIASCFG With NIASCFG, you must configure all routes and
services manually. To activate the configuration on both routers, you
select Reinitialize System from the Internetworking Configuration menu.
Use NIASCFG to set up WAN call destinations at each end of the
connection and configure static routes and services.
STATICON The static route and service configuration utility for IPX.
STATICON uses the Simple Network Management Protocol (SNMP) to
discover which routes and services are available through a remote router
and adds them to the static routing table on a local router.
Before configuring static routes and services with STATICON, you must
use NIASCFG to set up the WAN call destinations and activate the
configuration by selecting Reinitialize System . You then load
STATICON and configure the static routes and services on the routers.
STATICON configures all routes and services on each router
Setting Up

103-000176-001
August 29, 2001
Novell Confidential
53
Manual
99a
38
July 17, 2001
automatically and allows you to try the static configuration before saving
it to disk. The STATICON configuration becomes active immediately;
you do not need to reinitialize or restart the router.
For more information about static routes and services and related topics, refer
to Static Routes and Services on page 28.
Configuring Static Routes and Services with NIASCFG on page 54
Configuring Static Routes and Services with STATICON on page 56
Configuring Static Routes and Services with NIASCFG

NOTE: If you plan to configure static routing information, we recommend using
STATICON to avoid potential routing loops.
Before you configure static routes and services with NIASCFG, determine the
addresses of the networks or hosts that you want to access. Then set up a WAN
call destination, on each router, to the router at the other end of the
connection.
WARNING: When setting up a call destination, be sure you set the Remote
System ID parameter to the server name of the system initiating the inbound call.
The local system checks each inbound call against the remote system ID.
Configuring Static Routes
To configure static routes with NIASCFG, complete the following steps:

Select Configure NIAS > Protocols and Routing > Bindings > a WAN
interface > WAN Call Destinations.
2 Select a WAN call destination from the list, or press Ins to choose from
a list of available call destinations.

3 Select Static Routes.
A new screen displays any configured static routes.

4 Press Ins , then enter the following information:
54
Network Number Network number that must be accessed for this

on-demand call.
Hops to Network Number of routers crossed to reach the specified

network number. If the network number is in the internal network of
the remote router, specify 1.

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Ticks to Network Number of ticks used to allow a packet to reach

the destination network. Add one tick to this value for each LAN
hop.
5 Press Esc and save your changes.

System .
Configuring Static Services
HINT: If you plan to configure any uncommon services, we recommend using
STATICON to avoid errors.
To configure static services with NIASCFG, complete the following steps:

interface > WAN Call Destinations.
2 Select a WAN call destination from the list, or press Ins to choose from
a list of available call destinations.

3 Select Static Services .
A new screen displays any configured static services.

4 Press Ins, then enter the following information:
Service Name Name of the service to be accessed through the ondemand call. This name, which is typically the server name, is added
to the local service and routing tables.
NOTE: If you need to obtain service name information, use the IPXCON
utility at the remote router. If you use STATICON to configure static services,
this information is obtained automatically.
Service Type SAP service type for this service, expressed as a

hexadecimal number. This is typically the file server type (0004).
Press Ins to display a list of service types.
Service Address Network IPX network number of the service. If

you are specifying a file service or a service on a server or router,
enter the internal network number of that server or router.
Setting Up

103-000176-001
August 29, 2001
Novell Confidential
55
Manual
99a
38
July 17, 2001
Service Address Node Node address where the service resides. If

you are specifying a file service or a service on a server or router,
enter 1 . If you are specifying a NetWare 2 file server, specify the
NIC address of LAN board A.
Service Address Socket Socket number on which this service

listens for service requests. If you are specifying a file service, enter
0x0451 .
NOTE: If you need to obtain service address socket information, use the
IPXCON utility at the remote router. If you use STATICON to configure static
services, this information is obtained automatically.
Hops to Service Number of routes crossed to reach the service.
Ticks to Service Number of ticks needed for a packet to reach the

destination network. Add one tick to this value for each LAN hop.

System .
Configuring Static Routes and Services with STATICON

STATICON provides a fast and error-free way to configure static routes and
services on routers at each end of a point-to-point WAN connection. However,
before loading STATICON, you must use NIASCFG to complete the
following preparatory tasks on each router:
Set up a WAN call destination to the router at the other end of the
connection.
Select Reinitialize System to activate the NIASCFG configuration.
IMPORTANT: For STATICON to operate, the router at the other end of the
connection must either be running Novell Internet Access Server 4.1 or be a thirdparty router that supports IPX SNMP and the IPX Management Information Base
(MIB) variables.
When you load STATICON, the Select Configuration Method menu appears.
Table 3 on page 57 describes each menu option.
56

103-000176-001
August 29, 2001
Novell Confidential
Manual
Table 3
99a
38
July 17, 2001
Select Configuration Method Menu Options
Menu Option
Description
Dynamically Configure Static

Routing Tables
Opens an on-demand call to the remote router and allows you to edit
the local and remote configurations using dynamically obtained
selection lists.
Configure Services from

Gatekeepers
Opens an on-demand call to obtain a list of services available from

a gatekeeper and allows you to select the services you want. The
gatekeeper is normally on the other side of a WAN link.
Configure Local Static Services
Lets you configure static services manually on the local router. This
configuration is nearly identical to the one presented in Configuring
Static Services on page 55.
Configure Local Static Routes
Lets you configure static routes manually on the local router. This
configuration is nearly identical to the one presented in Configuring
Static Routes on page 54.
Write Static Routing Tables to

Permanent Storage
Sends IPX SNMP requests to the local router to put the routing table
information into permanent storage. The router is polled to ensure
that the information is updated.
Restore Static Routing Tables

from Permanent Storage
Sends IPX SNMP requests to the local router to restore routing table
information from permanent storage. The router is polled to ensure
that the information is updated.
The most efficient way to configure static routes and services is to select the
Dynamically Configure Static Routing Tables option. This enables you to
select from the following options:
Autoconfigure Local and Remote Routing Tables Exchanges all
routing and service table information automatically with the remote
router. Select this option if you want an on-demand call to obtain full
routing and service information in the static routing tables. A status
screen shows the progress of the exchange. This exchange might take
significant time to complete if you are working over a slow link or on a
large network.
Configure Local Routing Tables Selectively configures routing and
service tables for the local router from information learned from the
remote router through IPX SNMP requests.
Configure Remote Routing Tables Selectively configures the routing
and service tables for the remote router from information learned from the
local router through IPX SNMP requests.
Setting Up

103-000176-001
August 29, 2001
Novell Confidential
57
Manual
99a
38
July 17, 2001
Write Connection Routing Tables to Permanent Storage Sends IPX

SNMP requests to the local and remote routers to save the current local
and remote routing tables for this connection to permanent storage. Each
router is polled to make sure the operation is completed.
Restore Connection Routing Tables from Permanent Storage Sends
IPX SNMP requests to the local and remote routers to restore the local
and remote static routing tables for this connection from permanent
storage. Each router is polled to make sure the operation is completed.
For more information about configuring static routes and services
dynamically, refer to Selectively Configuring Static Routes and Services on
page 59 and Automatically Configuring Static Routes and Services on page
62.
Checking Write Access on the Remote Router
For STATICON to configure a remote router's routing and service tables, it

must support IPX SNMP and the IPX MIB variables and have SNMP-write
access to the router. If the remote router is running Novell Internet Access
Server 4.1, specifying a Control Community from NIASCFG enables write
access.
To check write access, complete the following steps:
1 Load NIASCFG on the remote router, then select the following parameter
path:
Select Configure NIAS > Protocols and Routing > Manage
Configuration > Configure SNMP Parameters
The Control State field should read Any Community May Write or
Specified Community May Write . If it reads Specified Community May
Write , note the name in the Control Community field. Use this name
when you must provide the name of the SNMP control community in Step
8 on page 59 of Selectively Configuring Static Routes and Services and
Step 8 on page 63 of Automatically Configuring Static Routes and
Services.
3 Exit NIASCFG.
58

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Selectively Configuring Static Routes and Services
Through selective configuration, you can choose specific routes and services
you want to add to a routing table. This feature lets you select from an existing
routing table the routes and services that your router does not have in its table.
You can copy routes to a remote router from a local router, or copy routes to a
local router from a remote router.
To selectively configure static routes and services, complete the following
steps:
1 Load STATICON.
2 Select Dynamically Configure Static Routing Tables .
STATICON displays the on-demand calls of which IPX is currently

aware. It also shows the connection state of each call.
NOTE: The Auto Static Route listed in the display is the nonconfigured static route
to the internal network on the other side of the WAN link. This automatic static route
ensures a route across the link in case normal RIP filtering might prevent such a
route. It must not be deleted.
3 Use the arrow keys on your keyboard to select the WAN call destination
associated with the remote router.

4 If the Status field associated with the call reads Not Connected , press Ins
to connect the call.

5 Wait for the Status field to change to Connected .
This can take several seconds if you are using a dial-up line.
6 Press Enter .
To configure the routing table for the local router, select Configure
Local Routing Tables.
To configure the routing table for the remote router, select Configure
Remote Routing Tables.
8 Enter the SNMP Control Community name associated with the remote
router, or press Enter to accept the default Control Community named

public .
The remote router must have write access enabled. If you need to check
write access, refer to Checking Write Access on the Remote Router on
page 58.
Setting Up

103-000176-001
August 29, 2001
Novell Confidential
59
Manual
99a
38
July 17, 2001
9 If you selected Configure Local Routing Tables , complete the following
steps; otherwise, continue with Step 10 on page 60.

A progress screen appears while the local system reads the currently
configured routes and services.
After the Locally Configured Routes screen appears, you can remove
items from the routing table by highlighting or marking the entries and
pressing Del .
9a Press Ins to add static routes or services to the local routing table.
A progress screen appears while the local system gathers information

from the remote router.
The Selectable Routes and Services screen appears. The routes and
services listed here are from the remote router's table. The list shows
only the routes and services that are not already present in the local
router's table.
9b Mark the routes or services you want to add to the local routing table.
Use the following keys to mark your selections:
F5 Marks the current entry.
Tab Marks all entries that have the same network number as
the currently highlighted entry.
F6 Lets you use wildcard characters (* and ?) to select entries.

If you use F6 , the Select Wild Card Marking Option screen
appears. You can select Match Service Names or Match
Network Numbers . After you make a selection, the Enter
Pattern for Matching screen appears, enabling you to enter the
name or number pattern and wildcard.
9c Press Enter .
The Select Currently Marked Routes and/or Services? screen

appears.
9d Select Yes. Proceed to Step 11 on page 61.
10 If you selected Configure Remote Routing Tables , complete the
following steps:
A progress screen appears while the local system gathers information
from the remote router.
60

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
After the Remote Router's Configured Routes and Services screen

appears, you can remove items from the routing table by highlighting or
marking the entries and pressing Del .
10a Press Ins to add static routes or services to the remote routing table.
A progress screen appears while the local system reads the currently
configured routes and services.
The Selectable Routes and Services screen appears. The routes and
services listed here are from the local router's table. They show only
the routes and services that are not already present on the remote
router's table.
10b Mark the routes or services you want to add to the remote routing
table.
Use the following keys to mark your selections:
F5 Marks the current entry.
Tab Marks all entries that have the same network number as
the currently highlighted entry.
F6 Lets you use wildcard characters (* and ?) to select entries.

If you use F6 , the Select Wild Card Marking Option screen
appears. You can select Match Service Names or Match
Network Numbers . After you make a selection, the Enter
Pattern for Matching screen appears, enabling you to enter the
name or number pattern and wildcard.
10c Press Enter .
The Select Currently Marked Routes and/or Services? screen

appears.
10d Select Yes .
11 Press Esc twice.
STATICON allows you to choose whether to save the static configuration

to disk now or test the configuration first by trying to establish a
connection.
If you want to save the configuration to disk now, continue with Step
12 on page 62.
If you want to test the configuration before saving it to disk, select Do
Not Save the Routing Tables to Permanent Storage.
Setting Up

103-000176-001
August 29, 2001
Novell Confidential
61
Manual
99a
38
July 17, 2001
In this case, the configuration remains in router memory.

If you decide later to save the configuration to disk, return to the Select
Configuration Option For This Call screen and select Write Connection
Routing Tables to Permanent Storage .
The configuration is saved to disk if you did not do any of the following
while testing the configuration:
Restart the router
Delete the WAN call destination from NIASCFG
Unload IPXRTR
12 Select Save the Routing Tables to Permanent Storage .

NOTE: Changes you make from STATICON take effect immediately; you do not
need to reinitialize or restart either router after completing the configuration.
The following message appears after the configuration is saved to disk:

Writing static routing tables for this call to permanent
storage completed successfully in router <router_name
>.
<Press ENTER to continue>
13 Press Enter , then press Esc until you return to the Select Configuration
Method menu.
14 Exit STATICON.
Automatically Configuring Static Routes and Services
Configuring static routes and services automatically lets you copy all the
missing routes from your local router to a remote router and from the remote
router to your local router at the same time.
To automatically configure static routes and services, complete the following
steps:
1 Load STATICON.
2 Select Dynamically Configure Static Routing Tables .
STATICON displays the on-demand calls of which IPX is currently

aware. It also shows the connection state of each call.
62

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

6 Press Enter .
7 Select Autoconfigure Local and Remote Routing Tables .
8 Enter the SNMP Control Community name associated with the remote
router, or press Enter to accept the default Control Community public .

The remote router must have write access enabled. If you need to check
write access, refer to Checking Write Access on the Remote Router.
A progress screen appears as STATICON exchanges routes and services
with the remote router. This might take several minutes if you are working
over a large network or slow link.
The following message appears when the exchange is complete:
Autoconfiguration of Routing Tables between local and
remote Routers completed successfully.
9 Press Enter .
STATICON allows you to choose whether to save the static configuration

to disk now or try the configuration first.
If you want to save the configuration to disk now, continue with Step
10 on page 64 .
If you want to try the configuration before saving it to disk, select Do
Not Save the Routing Tables to Permanent Storage.
In this case, the configuration remains in router memory.
If you decide later to save the configuration to disk, return to the Select
Configuration Option For This Call screen and select Write Connection
Routing Tables to Permanent Storage .
You can do this as long as you do not do any of the following while trying
out the configuration:
Restart the router
Delete the WAN call destination from NIASCFG
Unload IPXRTR
Setting Up

103-000176-001
August 29, 2001
Novell Confidential
63
Manual
99a
38
July 17, 2001
10 Select Save the Routing Tables to Permanent Storage .

NOTE: Changes you make from STATICON take effect immediately; you do not
need to reinitialize or restart either router after completing the configuration.
The following message appears after the configuration is saved to disk:

Writing static routing tables for this call to permanent
storage completed successfully.
11 Press Esc until you return to the Select Configuration Method menu.
12 Exit STATICON.
Configuring Services for a Gatekeeper
A gatekeeper is a special file server that is located in the hub of an

internetwork and is able to see all public services from all connected sites. A
gatekeeper stores routing and services information in its bindery, Novell's
equivalent of a telephone book. Using STATICON, you can obtain a list of
services available from a gatekeeper and select the required services for
advertisement by your local router. For more information about gatekeepers
and binderies, refer to Static Routes and Services on page 28.
To configure services for a gatekeeper, complete the following steps:
1 Load STATICON.
2 Select Configure Services for Gatekeepers .
STATICON displays the IPX Calls screen, a list of on-demand calls of

which IPX is currently aware. It also shows the connection state of each
call.


6 Press Enter .
The Select Configuration Option For This Call screen displays.

7 Select Configure Local Routes and Services .
The Configured Services screen displays.
64

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
8 Press Ins to display a list of gatekeepers.

9 Use the arrow keys to select a gatekeeper, then press Enter .
STATICON displays messages that it is attaching to the selected

gatekeeper and that it is scanning the gatekeeper for services. Service
names are displayed as STATICON discovers them. When the scanning
is completed, a list is displayed of all the services available from the
gatekeeper.
10 Select all the services you want by using the arrow keys to highlight each
desired service, then pressing F5 .

11 Press Enter to confirm your selection of all the marked services.
12 Optionally, press Esc to return to the IPX Calls screen and then repeat
Step 3 on page 64 through Step 11 for another WAN call.

13 Save the information as follows:
If you have collected gatekeeper information for a single WAN call,

press Esc to return to the Select Configuration Option For This Call
screen, then select Write Static Routing Tables to Permanent Storage.
If you have collected gatekeeper information for multiple WAN calls,
press Esc to return to the STATICON main menu, then select Write
Static Routing Tables to Permanent Storage.
14 If necessary, press Esc to return to the Select Configuration Method
menu. Exit STATICON.
Configuring Watchdog Spoofing

When several workstations are operating over an on-demand call, the frequent
exchange of watchdog packets can keep the connection active most of the
time. Depending on the telecommunications carrier you use for the
connection, this can become expensive.
You can avoid this by configuring your router to spoof the watchdog packets.
This means that the router captures watchdog query packets on their way to a
workstation and responds on the workstation's behalf without activating the
on-demand call.
Note, however, that because of spoofing, the workstation's server connection
remains occupied unless the workstation logs out. To avoid this, have the
remote server execute a forced logout of all workstations at a predetermined
time so that all server connections are free for the next day.
Setting Up

103-000176-001
August 29, 2001
Novell Confidential
65
Manual
99a
38
July 17, 2001
For more information about watchdog spoofing and related topics, refer to
Watchdog Packet Spoofing on page 30.
How to Configure Watchdog Spoofing on an Interface
How to Configure Watchdog Spoofing for Call Destinations
How to Configure Watchdog Spoofing on an Interface

By default, watchdog spoofing is enabled for all on-demand WAN
connections. If you want to disable watchdog spoofing on a WAN interface,
interface > Expert Bind Options
2 Select On Demand Spoofing , press Enter , then select Disabled .
3 Press Esc and save your change.
System .
How to Configure Watchdog Spoofing for Call Destinations

By default, watchdog spoofing is enabled for all on-demand WAN
connections. To configure watchdog spoofing for a particular on-demand
WAN call destination, complete the following steps:
interface > WAN Call Destinations
2 Select a call destination.
If you are modifying an on-demand call that has already been

configured, select one from the list.
If you are configuring a new on-demand call, press Ins and choose a
call from the list of available calls.
66

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
3 Select Expert Options .

4 Select On Demand Spoofing .
The default state is Use Default . This means the call uses the spoofing
state to which the interface is currently set.
If spoofing is enabled on the interface but you want to disable it only
for this call, select Disabled.
If spoofing is disabled on the interface but you want to enable it only
for this call, select Enabled.
System .
Configuring Routed or Static On-Demand Calls

Novell Internet Access Server 4.1 enables you to configure a routed ondemand call or static on-demand call for each WAN call destination.
Unlike the standard on-demand call, which relies on statically configured
routes and services at each end of a point-to-point connection, a routed ondemand call runs a routing protocol while the link is active. When the link
goes down, the routes and services made known by the routing protocol
become unavailable.
Typically, a Data-Link layer timer triggers the termination of an on-demand
call after no data has crossed the link for some period of time. Because a
routing protocol running over a routed on-demand call would reset this timer
each time a protocol packet is sent or received, it would keep a link active
because of the protocol data flowing through. To solve this problem, Novell
Internet Access Server 4.1 uses a timer that operates at the Network layer. This
timer is reset only when data packetsnot protocol packetscross the link.
In this way, the routing updates do not keep an on-demand link active when
no data is being transmitted.
NOTE: A minimal (seed) set of static routes and services must be associated with
a routed on-demand call for key server access. Unless the call is known to get
Setting Up

103-000176-001
August 29, 2001
Novell Confidential
67
Manual
99a
38
July 17, 2001
somewhere, the link will not come up. After the link comes up, other services and
routes can be accessed.
For more information about routed and static on-demand calls and related
topics, refer to Call Types on page 25.
How to Configure Routed or Static On-Demand Calls

Before you begin, you must complete the following tasks:
Configure at least one on-demand WAN call destination.
Configure a minimal set of routes and services for key server access.
To configure a routed or static on-demand call, complete the following steps:
Select Configure NIAS > Protocols and Routing > Bindings

2 Select an on-demand call.
If you are modifying an on-demand call that has already been

configured, select one from the list.
If you are configuring a new on-demand call, press Ins and choose a
call from the list of available calls.
The WAN Call Destination Entry screen is displayed.
3 Select WAN Call Destinations .
4 Select a WAN call destination from the list of configured calls, then do
one of the following:

To configure a routed on-demand call, select Routed On Demand from
the pop-up menu, then proceed to Step 5.
To configure a static on-demand call, select Static On Demand from
the pop-up menu, then proceed to Step 6.
By default, on-demand calls are static, and routing traffic over an ondemand call is disabled.
68

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
5 For a routed on-demand call only, do the following:

5a Select RIP Bind Options.
5b Configure the routing protocol you want to run over the call.
If you want to run RIP/SAP:
Select RIP Options .
Set RIP State Override to On .
Configure the other RIP override parameters as necessary.
Press Esc .
Select SAP Options .
Set SAP State Override to On .
Configure the other SAP override parameters as necessary.
If you want to run NLSP:
Select NLSP Options .
Set NLSP State Override to On .
Configure the other NLSP override parameters as necessary.

System .
Configuring IPX and NCP Header Compression

Header compression increases the throughput of IPX and NCP packets over
low-speed serial lines. An IPX packet header is 30 bytes and is typically
followed by an upper-layer protocol header, such as an SPX header. Header
compression reduces the size of this combined packet header to just a few
bytes.
Header compression is negotiated by the IPXWANTM protocol when a call is
established over any WAN connection. Header compression is not used on the
connection if IPXWAN detects that one of the end nodes does not support it.
Setting Up

103-000176-001
August 29, 2001
Novell Confidential
69
Manual
99a
38
July 17, 2001
When you enable header compression, you can also specify the number of
compression slots . A compression slot is a location in router memory that
stores packet header information. The compression algorithm uses this
information to compress outgoingand decompress incomingpacket
headers.
By default, the number of allocated compression slots is 16. In general, a
session between two end points uses one slot; routing information uses one or
two. Each slot can contain an IPX or an NCP header. When no more slots are
available, packet headers are sent uncompressed, or old slots are reused.
For more information about IPX and NCP header compression and related
topics, refer to Header Compression on page 31.
IMPORTANT: To use header compression, the routers at each end of the
connection must have header compression enabled and must allocate the same
number of header compression slots . If the number of compression slots is
different on each router, IPXWAN selects the lesser of the two.
This topic contains the following sections:

How to Configure IPX and NCP Header Compression on an Interface
on page 70
How to Configure IPX and NCP Header Compression per Call
Destination on page 71
How to Configure IPX and NCP Header Compression on an Interface

To configure IPX and NCP header compression on a WAN interface, complete
2 Select Header Compression .
This parameter enables or disables header compression for all IPX

packets sent through this interface. By default, header compression is
enabled on all WAN interfaces; if you want to disable it on the interface,
select Disabled .
3 Select Compression Slots , then enter the number of slots you want to
allocate to this interface.
70

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The more concurrent IPX sessions you use over the interface, the more
compression slots you should allocate.
IMPORTANT: Be careful not to allocate too many compression slots. Memory is
required to store the headers, and the compression algorithm must scan through
stored headers to find a match for each transmitted packet. An excessive number
of slots results in a higher processing load and slower performance.

System .
How to Configure IPX and NCP Header Compression per Call

Destination
By default, header compression is enabled for all WAN connections. To
configure header compression for a particular WAN call destination, complete
interface > WAN Call Destinations
2 Select a call destination.
If you are modifying a call that has already been configured, select
one from the list.
If you are configuring a new call, press Ins and choose a call from the
list of available calls.
3 Select Expert Options .
4 Select Header Compression .
The default state is Use Default . This means the call uses the
compression state to which the interface is currently set.
If compression is enabled on the interface but you want to disable it
only for this call, select Disabled.
If compression is disabled on the interface but you want to enable it
only for this call, select Enabled.
Setting Up

103-000176-001
August 29, 2001
Novell Confidential
71
Manual
99a
38
July 17, 2001
5 Select Compression Slots , then enter the number of slots you want to
allocate to this call.

IMPORTANT: Be careful not to allocate too many compression slots. Memory is
required to store the headers, and the compression algorithm must scan through
stored headers to find a match for each transmitted packet. An excessive number
of slots results in a higher processing load and slower performance.

System .
Configuring NLSP
Novell developed NLSP to meet the demands of large IPX internetworks. As
a link state routing protocol, NLSP offers better performance, reliability, and
scalability than the IPX RIP routing traditionally employed by NetWare
servers.
Unlike RIP and SAP, which periodically broadcast routing and service
information respectively, NLSP transmits routing information only when a
change occurs in a route or service somewhere in the network, or every two
hours whichever occurs first. Because NLSP generates fewer routing
updates than RIP and SAP, it uses less network bandwidth to maintain its
routing database.
To transmit information about its directly connected routers and the links to
those routers, an NLSP router uses Link State Packets (LSPs). By default,
LSPs are 512 bytes, a nominal value that is sufficient for most IPX networks.
If you have a large networkon the order of 4,000 routes and 2,000 services
or moreyou should increase the value of the LSP Size parameter to 1024.
To configure this parameter, refer to How to Change the LSP Size on page
76.
By default, NLSP broadcasts its packets because some LAN drivers do not
properly support multicast , a transmission mode that enables only those
devices listening for a specific multicast packet address to accept the packet.
You can, however, change the NLSP packet transmission mode to multicast
with the MAC Channel parameter. An advantage of using multicast
72

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
transmission is that NLSP packets sent by multicast do not clutter nonrouting

nodes with unnecessary traffic.
NOTE: All NetWare systems on the same LAN must use the same NLSP packet
transmission mode.
NLSP makes large IPX internetworks more manageable by allowing you to

partition them into administrative domains called routing areas . Each routing
area can be identified by up to three area addresses , a unique, 4-byte
hexadecimal number that identifies each NLSP router as being part of a
routing area. Although area addresses are not required, they are available
chiefly for compatibility with future versions of NLSP and do provide some
benefit for large IPX internetworks.
WARNING: Do not configure area addresses unless you must partition a large IPX
internetwork. If you make an error in the address assignments, you can partition
your network inadvertently and lose connectivity between some routers.
Each NLSP router is identified by a unique, 6-byte hexadecimal number called

the system ID . The default system ID comprises a 2-byte constant, 0x0200,
followed by the router's own internal network number. You should not change
the system ID unless you have another numbering scheme in place with which
you can reliably track and manage the NLSP routers on your network. If you
must change a router's system ID, use another unique number, such as the
physical address of one of the router's network interface boards.
Using a default cost value based on media throughput, NLSP chooses the best
route by which to forward IPX packets. Novell Internet Access Server 4.1
enables you to override this value on an interface. By overriding the default
cost, you can establish preferred routes, balance traffic loads among
interfaces, and set up specific traffic flows between routers. For more
information, refer to Balancing Traffic Loads over Equal-Cost Routes on
page 92.
All NLSP routers have a configurable parameter called the Priority . The
router with the highest priority becomes the Designated Router , which
assumes the responsibility for exchanges of link state information on behalf of
all other NLSP routers on the LAN. You do not typically need to change a
router's Priority value; the NLSP routers automatically elect one from
themselves. However, if you want to force a router to become the Designated
Router for its LAN, increase its Priority value to at least 85. The router you
choose should be typically up and should have enough memory to process
NLSP routing information and generate the pseudonode LSP for its LAN. If
you want to prevent a particular router from becoming the Designated Router,
decrease its Priority value.
Setting Up

103-000176-001
August 29, 2001
Novell Confidential
73
Manual
99a
38
July 17, 2001
IMPORTANT: Novell Internet Access Server 4.1 provides a set of convergence
parameters that enable you to customize the operation of NLSP on your router.
The default values for these parameters are sufficient for most IPX networks and
should be changed only on the advice of your technical support representative.
When configuring NLSP on an interface, you can set the NLSP State
parameter to one of two states: On or Off . On enables the router to exchange
NLSP packets freely with other NLSP routers on the attached network. Off
disables NLSP routing on the interface.
How to Configure NLSP on page 74
How to Change the LSP Size on page 76
How to Configure NLSP

If you implement NLSP throughout a large IPX internetwork, or even if you
want to configure NLSP on just a few routers or servers, refer to NLSP
Migration for information about planning your implementation of NLSP.
To configure NLSP on the router, complete the following steps:
2 Select the Routing Protocol parameter, then select NLSP with RIP/SAP
Compatibility .
3 Press Esc to return to the Internetworking Configuration menu, then
select the following path:

Select Bindings > a network interface > Expert Bind Options > NLSP
Bind Options
4 Select NLSP State .
If you want to run NLSP over the interface, select On.

This enables NLSP routing on the interface.
If the interface is on an area boundary, or if you want to filter
incoming RIP or SAP packets at the interface, select Off.
74

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If the router supports two or more interfaces and you want to filter
routes and services to a remote site through this interface:
Select Off .
Enable RIP and SAP on the interface.

To enable RIP and SAP, refer to Configuring RIP and SAP on page
77.
5 Select MAC Channel , then select the NLSP packet transmission mode.
If you select Multicast , NLSP automatically determines the multicast

address. All systems on a network must be set to Multicast ; otherwise,
the systems default to Broadcast , the default state for this parameter.
IMPORTANT: Make sure the driver you are using supports multicast
transmission; drivers that do not support multicast can cause systems to become
unaware of each other.
6 If you want to customize the interface further, configure one or more of
the following parameters:

most NLSP networks, you should change them only for a specific purpose.
Misconfiguring these parameters can increase routing traffic or cause loss of
MTU Override Overrides the Maximum Transmission Unit

(MTU) of the network medium to which this interface is connected.
All outbound packets on this interface use the value you enter. The
default value is 0, which means use the MTU of the network
medium. For example, the Ethernet MTU is 1,500 bytes.
Configure this parameter if you have a bridge or other device on your
network, or if you want to transmit smaller packets over a WAN.
Priority Sets the priority of the NLSP router on the network

segment to which this interface is connected. The default priority is
64; increase this value to at least 85 if you want the router to become
the Designated Router for its LAN; decrease it if you want to prevent
the router from becoming the Designated Router.
Cost Override Overrides the default cost of the network medium

to which this interface is connected. To configure this parameter,
refer to Balancing Traffic Loads over Equal-Cost Routes on page
92.
Pace Override Specifies the maximum number of NLSP packets

that can be sent each second through this interface. On a LAN, the
Setting Up

103-000176-001
August 29, 2001
Novell Confidential
75
Manual
99a
38
July 17, 2001
defaultand maximumpace for NLSP packets is 30 pps; on a

WAN, the NLSP pace is derived from the throughput of the link.
The default value for this parameter is 0, which means do not
override the current pace.
System .
How to Change the LSP Size

The larger the packet a network can carry, the fewer LSPs are required to
propagate an NLSP router's link state information on that network. However,
the LSP used by the router must be no larger than the largest frame size
supported by the network, less 30 bytes for the IPX header. For example, an
ARCnet* LAN can transmit no more than 576 bytes at a time. If you leave
LSP Size at the default value of 1024, the LSP cannot be transmitted across
the LAN because it is too large. The result is that the network is prevented
from converging.
Before you begin, you should know the maximum frame size supported by the
network to which the NLSP router is connected.
To change the size of the LSP that a router transmits, complete the following
steps:
Select Configure NIAS > Protocols and Routing > Protocols > IPX >
Expert Configuration Options
2 Select LSP Size , enter a value between 128 and 4096, then press Enter .
System .
76

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Configuring RIP and SAP

RIP and SAP are the routing and service advertising protocols traditionally
used by NetWare systems to exchange route and service information on an
IPX network. RIP is currently the most common routing protocol used on IPX
networks.
RIP and SAP perform well in small networks that have simple architectures
and few routers. These protocols, however, begin to reveal their limitations in
the large, complex internetworks that are becoming increasingly common
throughout the installed base of NetWare systems.
By default, RIP and SAP packets are broadcast every 60 seconds, even if no
change has occurred anywhere in a route or service. Depending on the size and
speed of the network, these periodic broadcasts can consume a significant
amount of bandwidth and burden NetWare nodes, especially over WAN links.
Novell Internet Access Server 4.1 provides a configurable parameter, Periodic
Update Interval , that enables you to control how often a router broadcasts its
route and service updates. This, along with other configurable parameters,
such as Aging Interval Multiplier, Pace Override, and Packet Size Override,
enables you to fine-tune the operation of RIP and SAP on your router.
However, the default values for these parameters are sufficient for most IPX
networks and should be changed only on the advice of your technical support
representative. A misconfiguration can cause the router to lose routes and
services or even generate more traffic than usual.
When configuring RIP on an interface, you can set the RIP State parameter to
one of three states: Auto, On, or Off. Auto, the default state, enables the router
to accept incoming RIP packets and rebroadcast their routes only if RIPbroadcasting devices, such as NetWare 2 servers, are operating on the attached
network. If those devices are removed from the attached network, the Auto state interface responds by automatically disabling RIP and enabling NLSP.
On enables the router to exchange RIP packets freely with other RIP routers
on the network. Off disables RIP routing on the interface but does not prevent
the router from responding to incoming requests for RIP routes from local
NetWare workstations.
Similarly, you configure SAP on an interface with the SAP State parameter,
which can also assume one of three states: Auto , On , and Off . Auto , the
default state, enables the router to accept incoming SAP packets and
rebroadcast their services only if SAP-broadcasting devices, such as NetWare
2 servers, are operating on the attached network. If those devices are removed
from the attached network, the Auto -state interface responds by automatically
Setting Up

103-000176-001
August 29, 2001
Novell Confidential
77
Manual
99a
38
July 17, 2001
disabling SAP and enabling NLSP. On enables the router to exchange SAP
packets freely with other routers on the network. Off disables SAP advertising
on the interface but does not prevent the router from responding to incoming
requests for services from local NetWare workstations. Additionally, the Off
state still allows the router to import locally advertised services.
NOTE: If you want to filter routes or services between routers, use RIP and SAP.
NLSP routers cannot filter routes or services.
You should avoid running RIP and SAP over WAN connections because of the
cost they incur from periodic transmissions.
How to Configure RIP on page 78
How to Configure SAP on page 80
Accepting and Advertising Services from a Network Not Listed in the
Routing Information Table on page 82
How to Configure RIP

To configure RIP, complete the following steps:
2 Select Routing Protocol , then select RIP/SAP Only .
Select RIP/SAP Only only if your network has no NLSP routers.


Select Bindings > a network interface > Expert Bind Options > RIP Bind
Options
4 Select RIP State .
If you want to run RIP over the interface, select On.

This state is necessary for some third-party products that require RIP to
operate.
If you do not want to run RIP over the interface, select Off.
This state disables backward compatibility with older routers and servers
that use and depend on RIP.
78

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If non-NLSP devices, such as NetWare 2 servers, are operating on the

attached network and you want the router to accept and broadcast
RIP packets received from these devices, select Auto.
Auto is the default state.
5 If you want to customize RIP operation further, configure one or more of

most RIP-based IPX networks, you should change them only for a specific
purpose. Misconfiguring these parameters can increase routing traffic or cause
loss of connectivity on your network.
Periodic Update Interval Measured in 30-second units, determines

the interval at which RIP packets are transmitted through this
interface. The default value is 2 (60 seconds).
Each router on the network segment to which this router is attached
must use the same value for the Periodic Update Interval .
Aging Interval Multiplier Controls how long the router keeps route
information received through this interface. The product of this
parameter and the RIP Periodic Update Interval specifies how long
the router keeps route information from periodic RIP updates
received through an interface.
Increasing the Aging Interval Multiplier slows the rate at which the
router ages the routes in its Routing Information Table. This is
necessary to keep routes that might otherwise be aged out of the
routing table because of dropped RIP updates.
The default value for the Aging Interval Multiplier is 4. For
example, if RIP packets are sent every 60 seconds (Periodic Update
Interval equals 2), the router keeps the route information for 240 (60
x 4) seconds without refreshing it.
must use the same value for the Aging Interval Multiplier .
Pace Override Specifies the maximum number of RIP packets that

can be sent each second through this interface. The defaultand
maximumpace for RIP packets is 9 pps.
Setting Up

103-000176-001
August 29, 2001
Novell Confidential
79
Manual
99a
38
July 17, 2001
Packet Size Override Specifies the size, in bytes, of RIP packets

sent on this interface. The default value is 0, which means do not
override the current value.
Each router on the network segment must use the same RIP packet
size.

System .
How to Configure SAP

To configure SAP, complete the following steps:
2 Select Routing Protocol , then select RIP/SAP Only .

Select Bindings > a network interface > Expert Bind Options > SAP
Bind Options
4 Select SAP State .
If you want to run SAP over the interface, select On.

This state is necessary for some third-party products that rely on SAP to
advertise their services. Setting SAP State to On also enables RIP
routing on the interface.
If you do not want to run SAP over the interface, select Off.
This state disables backward compatibility with older routers and servers
that use and depend on SAP. The router responds to incoming SAP
requests, such as Get Nearest Server, even if SAP is disabled on this
interface.
80

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If non-NLSP devices, such as NetWare 2 servers, are operating on the

attached network and you want the router to accept and broadcast
SAP packets received from these devices, select Auto.
Auto is the default state.
5 If you want to customize SAP operation further, configure one or more of

most RIP-based IPX networks, you should change them only for a specific
purpose. Misconfiguring these parameters can increase routing traffic or cause
loss of connectivity on your network.
Get Nearest Server Requests Override Determines whether the

router accepts or ignores SAP Get Nearest Server requests it receives
through this interface. Select one of the following options:
No Override Do not override the global setting for the router. This
is the default state.
Ignore Ignore Get Nearest Server requests received through this
interface.
Accept Accept Get Nearest Server requests received through this
interface.
Periodic Update Interval Measured in 30-second units, determines

the interval at which SAP packets are transmitted through this
interface. The default value is 2 (60 seconds).
must use the same value for the Periodic Update Interval .
Aging Interval Multiplier Controls how long the router keeps

service advertisements received through this interface. The product
of this parameter and the SAP Periodic Update Interval specifies
how long the router keeps service information from periodic SAP
updates received through an interface. This parameter is a holding
multiplier for the SAP Periodic Update Interval .
The default value for the Aging Interval Multiplier is 4. For
example, if SAP packets are sent every 60 seconds (Periodic Update
Interval equals 2), the router keeps the service information for 240
(60 x 4) seconds without refreshing it.
must use the same value for the Aging Interval Multiplier .
Setting Up

103-000176-001
August 29, 2001
Novell Confidential
81
Manual
99a
38
July 17, 2001
Pace Override Specifies the maximum number of SAP packets

that can be sent each second through this interface. The defaultand
maximumpace for SAP packets is 9 pps.
Packet Size Override Specifies the size, in bytes, of SAP packets

sent on this interface. The default value is 0, which means do not
override.
Each router on the network segment must use the same SAP packet
size.

System .
Accepting and Advertising Services from a Network Not Listed in the

Routing Information Table
Novell Internet Access Server 4.1 routing software includes a SET command
that enables an IPX router to accept and advertise a service from another
network, even if the network number associated with the service is not listed
in the router's Routing Information Table.
The syntax of this command is as follows:
SET REQUIRED NETWORK FOR SERVICES=ON|OFF
To understand how this command works, consider Figure 12 on page 83,

which shows two directly connected IPX routers, one serving a large
backbone network, the other serving a NetWare LAN.
82

103-000176-001
August 29, 2001
Novell Confidential
Manual
Figure 12
99a
38
July 17, 2001
IPX Router Accepting and Advertising Services from a Network Not Listed in the Routing
Information Table
Backbone
Network
LAN Router
NetWare
LAN
Backbone
Router
SAP
NetWare File Server

on Network 0x01234567
Suppose a NetWare server somewhere within the backbone network

advertises its file services, which the backbone router receives as a SAP
packet (Service Type=0x0004 and Network Number=0x01234567, for
example). When the LAN router receives the SAP packet from the backbone
router, it checks its Routing Information Table for the network number
0x01234567.
If the LAN router finds the network number, it adds the associated service
information to its services table and advertises the service to the LAN during
the next SAP broadcast. If the LAN router does not find the network number,
it discards the packet. This function occurs if the following command has been
entered at the LAN router:
SET REQUIRED NETWORK FOR SERVICES=ON
This function is disabled by default. However, if this function has been

enabled by the preceding command, it can be disabled by entering the
following command:
SET REQUIRED NETWORK FOR SERVICES=OFF
If the previous command has been entered, the LAN router will not discard the
packet if it does not find the network number in its Routing Information Table.
If the router does not find the network number, it first checks for the nearest
NLSP level 2 router and then for the RIP default route (0xFFFFFFFE) or an
aggregated route. If the LAN router finds one of these, it adds the associated
service information to its services table. If the LAN router does not find any
one of these, it then discards the SAP packet.
Setting Up

103-000176-001
August 29, 2001
Novell Confidential
83
Manual
99a
38
July 17, 2001
Proxying a NetWare File Server

If you have a dedicated routera PC running Novell Internet Access Server
4.1 over a two-user version of NetWare 4.11and several NetWare
workstations operating on a network, the router can reply with a NetWare file
server's nameinstead of its ownwhen it receives a SAP Get Nearest
Server request. This is called proxying a file server .
Proxying avoids the situation in which several workstations on a network
restart simultaneously, and the only path to a file server is through the
dedicated router. When each workstation restarts, it sends a Get Nearest
Server request to the router. Because the dedicated router cannot support
multiple, simultaneous logins, all but one of the requesting workstations lock
up and fail. Because the proxied file server has multiple connection slots, it
can handle simultaneous NCP connection requests from the workstations.
A dedicated router always replies to Get Nearest Server requests. As a proxy,
the router still replies but gives the proxy name rather than its own. In fact, the
router replies with the server name even if the server is not active.
In addition to having a server proxy on the network, each NetWare
workstation should be configured with a preferred server.
How to Proxy a NetWare File Server on page 84
How to Check the Proxy Configuration on page 85
How to Proxy a NetWare File Server

Before you begin, you must know the name of the NetWare file server you
want to proxy.
To proxy a NetWare file server, complete the following steps:
By default, the Get Nearest Server Requests parameter is set to Accept .
The setting you select applies to all interfaces. You can, however,
override this setting on a particular interface. For a description of how to
configure a network interface, refer to "Setting Up" in the documentation
for the type of WAN interface you are using.
84

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
2 If you want the router to ignore Get Nearest Server requests, set Get
Nearest Server Requests to Ignore .

3 Select Override Nearest Server , then select Enabled .
This parameter enables the router to respond to a workstation's Get

Nearest Server requests with the proxied server name instead of its own
name.
4 Select Nearest Server , then enter the name of a reliable server (one that
is operating most of the time).

System .
How to Check the Proxy Configuration

To make sure the router is proxying for the correct file server, complete the
following steps:
1 At the router console prompt, enter
TRACK ON
2 Display the SAP Tracking screen.

3 Restart one of the NetWare workstations on the network.
4 Watch the SAP Tracking screen for the workstation's Get Nearest Server
request and for the router's reply with the correct server name.
If you supplied the wrong name or the name of a server that the router
cannot reach, the SAP Tracking screen displays the following message:
No response to GNS sent - no route to configured server
<server_name>
5 Return to the router console, then enter

TRACK OFF
Setting Up

103-000176-001
August 29, 2001
Novell Confidential
85
Manual
99a
38
July 17, 2001
Configuring the IPX Address Mapping Gateway

The IPX Address Mapping Gateway allows you to connect to a backbone
network even when your local network numbers are not compatible with the
backbone addressing scheme.
To configure the IPX Address Mapping Gateway, complete the following
steps:
1 Load NIASCFG and select the following parameter path:
2 Select Address Mapping Gateway and select Enabled .
3 Select Address Mapping Gateway Configuration , select Address
Mapping Network Number , and enter the number to which your local
network will be mapped.
NOTE: You must enter a registered address unique to the backbone.
One number is supported for each router. Additionally, this number is

included as part of the SAP name advertised by the IPX Address Mapping
Gateway. The SAP name is used by other gateways to locate gateways
that use the same address mapping network number when a packet with
an unknown reverse mapping is received.
4 Configure the following parameters as needed.
To configure the maximum number of address mappings that is

allocated during router initialization, select Maximum Address
Mapping Entries and enter the desired number of mapping entries.
The default is 1,000 mapping entries.
To configure the amount of time an address mapping is remembered
after the last mapping entry was used, select Address Mapping Hold
Time and enter the desired amount of time in minutes, hours, and days.
After the holding time expires, the mapping is dropped and new packets
must flow from the customer network to the backbone to renew the
mapping. This process allows mapping slots to be reused. The default
hold time for mapping is one hour.
To use outbound RIP filters to determine nonmappable networks, in
addition to manually configuring nonmappable entries, select Use
RIP Filters for Nonmappable Networks and select Enabled.
86

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If the source network number in a packet being forwarded to an IPX

Address Mapping Gateway circuit passes the outbound RIP filter on that
circuit, the packet is not mapped. If the source network number does not
pass a RIP filter, the packet is mapped.
The default is Disabled . When disabled, RIP filters are not used to
determine nonmappable network addresses.
NOTE: If enabled, the RIP filter module must be loaded from the IPX protocol
menu, and the RIP filter must be configured carefully to block the correct network
numbers.
To configure a SAP type list that is used to determine networks that

are nonmappable, select Nonmappable SAP Types and select one of
the predefined SAP types or press Ins to add a new type. To add a new
SAP type, enter the desired SAP type or press Ins and select a SAP type
from the list of known service types.
The SAP tables are scanned for SAP entries with matching SAP types.
After finding all matching SAP types, the IPX Address Mapping
Gateway determines the network numbers on which the services are
found and applies those network numbers to the list of nonmappable
networks.
This option makes configuring nonmappable network numbers easier.
For example, all packets originating from the Novell Directory
ServicesTM (NDSTM ) software or NetWare Mobile IPXTM software
should not be translated. Therefore, SAP types for NDS, NetWare Mobile
IPX, and Timesync are included in the list by default.
NOTE: To avoid mapping NetWare 3.x servers, add SAP type 4 to the list of
nonmappable SAP types.

7 Select the following parameter path:
For LAN interfaces, select Bindings > a LAN interface > Expert Bind
Options .
For WAN interfaces, select Bindings > a WAN interface > WAN Call
Destinations > a call destination > Expert Options .
8 To enable the IPX Address Mapping Gateway on an interface, select Use
For Address Mapping Gateway and select Yes .

When this option is enabled, all packets destined for the interface or WAN
call destination are subject to the address mapping rules.
Setting Up

103-000176-001
August 29, 2001
Novell Confidential
87
Manual
99a
38
July 17, 2001
Configuring IPX Route Aggregation

IPX Route Aggregation enables you to introduce routes learned through RIP
in a summarized form. Route aggregation compactly describes many IPX
network numbers simultaneously by using an address and mask pair. For
example, all addresses from C9000000 to C9FFFFFF can be represented using
the address C9000000 and the mask FF000000.
To configure IPX Route Aggregation, complete the following steps:
1 Load NIASCFG and select the following parameter path:
For LAN interfaces, select Configure NIAS > Protocols and Routing >
Bindings > a LAN interface > Expert Bind Options > Aggregate Routes .
For WAN interfaces, select Configure NIAS > Protocols and Routing >
Bindings > a WAN interface > WAN Call Destinations > a call
destination > Aggregate Routes .
2 Press Ins and configure the following parameters:
2a Select Address Summary and enter the prefix for the network
addresses to be aggregated.
For example, any network beginning with C9, such as C9123829 or
C9823878, can be aggregated using the address summary C9000000
with a mask of FF000000.
2b Select Mask and enter a number with Fs for the part of the mask that
corresponds to the common prefix of all network addresses to be

aggregated and 0s for the rest of the mask.
For example, to summarize all addresses that begin with the same
three numbers, set the mask to FFF00000.
2c Optionally, to advertise an aggregate route only when at least one of
the routes is received, select Type and set it to Dynamic .

For LANs, Type can be set only to Dynamic . If you select Static for
a WAN interface, the aggregate route is always advertised.
Aggregate routes associated with static on-demand WAN calls
should always be set to Static .
NOTE: If Type is set to Dynamic , only routes learned through RIP will trigger
the dynamic aggregate route to be advertised. Routes learned through NLSP
will not trigger the dynamic aggregate route to be advertised. Routers that
have dynamic aggregate routes configured on some interfaces should have
NSLP disabled and RIP enabled on those interfaces.
88

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

Controlling the Propagation of Type 20 Packets

Novell Internet Access Server 4.1 enables you to control the propagation of
type 20 packets with the Advanced Packet Type 20 Flooding parameter. Type
20 is an IPX packet type that refers to any propagated packet. NetBIOS
packets, for example, are type 20 packets.
The Advanced Packet Type 20 Flooding parameter can be set to one of the
following options:
0 Router discards, rather than propagates, any type 20 packet it
receives. This option completely disables type 20 packet propagation.
1 Router receives and propagates type 20 packets through all its
interfaces, regardless of whether some of the interfaces are equal-cost
routes to the same source.
2 Router propagates type 20 packets only through interfaces that do not
lead back to the source of the packets. For example, if Router A receives
a type 20 packet from Router B, Router A forwards the packet only
through interfaces that do not lead back to Router B. This is a packet
forwarding mechanism known as reverse path forwarding .
The router does not propagate type 20 packets through the same interface
from which it receives them. This is known as split horizon , a technique
used with RIP and other distance vector routing protocols.
3 Router propagates type 20 packets the same way as option 2, but does
not forward them across WAN connections.
If you use FILTCFG to configure NetBIOS packet filters, be aware of the
following interactions between these filters and the Advanced Packet Type 20
Flooding parameter:
Setting Advanced Packet Type 20 Flooding to 1 (disabled) overrides the
effect of NetBIOS packet filters operating on any network interface.
Conversely, the action of NetBIOS packet filters on any network interface
overrides the effect of setting the Advanced Packet Type 20 Flooding
parameter to 2 (enabled).
Setting Up

103-000176-001
August 29, 2001
Novell Confidential
89
Manual
99a
38
July 17, 2001
How to Control Propagation of Type 20 Packets

To configure the propagation of type 20 packets from the server console, enter
the following console command:
SET IPX NETBIOS REPLICATION OPTION = [0|1|2|3]
To check the current setting, you can type the command by itself.
To configure the propagation of type 20 packets from NIASCFG, complete the
following steps:
2 Select Advanced Packet Type 20 Flooding and select one of the options
described previously.
System .
Changing the Hop Count Limit for IPX Packets

The Novell Internet Access Server 4.1 routing software enables you to
increase the range of outbound IPX packets with the Hop Count Limit
parameter. The hop count limit is the maximum number of routers (hops) an
IPX packet can traverse before it is discarded. You can set the Hop Count
Limit parameter to any number between 8 and 127; however, the default value
of 64 is sufficient for most IPX networks.
NOTE: The Hop Count Limit parameter applies only to IPX packets. It does not
increase the range of RIP and SAP packets, which are limited to 16 hops, or
NetBIOS packets, which are limited to eight hops.
Before the release of NetWare MultiProtocol Router 3.0 and NetWare 4.1, the
hop count limit for all IPX packets was 16. This limited the size, or diameter,
of IPX networks.
90

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If the diameter of your IPX network is close to the 16-hop limit, you should
run NLSP on the routers at the network boundary to ensure continued
connectivity across the network as it grows. Figure 13 provides a simple,
conceptual view of how this can work.
Figure 13
Running NLSP at the Boundary of a Large IPX Network
5 hops
10 hops
5 hops
NLSP Routers
RIP Routers
NLSP Routers
20 hops
For more information about hop count, IPX routing, and related topics, refer
to Chapter 1, Understanding, on page 11.
How to Change the Hop Count Limit

To change the hop count limit, complete the following steps:
2 Select the Hop Count Limit parameter, enter a value between 8 and 127,
then press Enter .

System .
Setting Up

103-000176-001
August 29, 2001
Novell Confidential
91
Manual
99a
38
July 17, 2001
Balancing Traffic Loads over Equal-Cost Routes

If a NLSP router has two or more network interfaces with routes to the same
destination, it can distribute outbound traffic among those interfaces for an
effective increase in throughput. This is called load balancing or load sharing
.
NLSP uses an assigned path cost to select the best route by which to forward
outbound IPX packets. The higher the throughput of the network medium, the
lower the cost of the route.
Table 4 shows the throughput range and default cost of some typical network
media.
Table 4
Throughput Range and Default Cost of Typical Network Media

Throughput Range
Default Cost
Typical Network Media
0-16 Kbps
61
9,600-baud line
48-64 Kbps
45
ISDN (U.S.)
64-128 Kbps
45
ISDN (Europe)
1-2 Mbps
27
Corvus Omninet (1 Mbps), T1 (1.5

Mbps)
2-4 Mbps
26
E1 (2 Mbps), ARCnet (2.5 Mbps)
4-8 Mbps
25
Token ring (4 Mbps), Corvus Omninet

(4 Mbps)
10-16 Mbps
20
Ethernet (10 Mbps)
16-32 Mbps
19
Token ring (16 Mbps)
64-128 Mbps
14
FDDI (100 Mbps), CDDI (100 Mbps)
You can specify up to eight equal-cost routes to a single destination with the
Maximum Number of Path Splits parameter. Two routes are equal in cost if
the cost to the destination is the same for both routes. To equalize the costs of
two interfaces, you set their Cost Override parameter to the same value. By
default, Cost Override is set to 0 for all interfaces, which means that NLSP
uses the default cost associated with the connected medium and throughput
range listed in Table 4 .
92

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If you configure equal-cost routes on two or more interfaces, make sure the
associated media throughputs fall withinor nearthe same range, as
indicated in Table 4. For example, equal-cost routes between a 10-Mbps
Ethernet link and a 16-Mbps token ring link are viable; equal-cost routes
between a 4-Mbps token ring link and a 16-Mbps token ring link are not.
WARNING: Do not equalize the cost of routes whose throughputs differ greatly;
this can interfere with the operation of IPX applications running over the network.
For more information about load balancing and path cost, refer to Chapter 1,
Understanding, on page 11.
How to Balance Traffic Loads over Equal-Cost Routes

Before you begin, make sure of the following:
NLSP is enabled on all interfaces you plan to configure.
To enable NLSP globally or on one or more interfaces, refer to How to
Configure NLSP on page 74.
The media over which you plan to configure equal-cost routes have the
same or similar throughput ranges.
For a list of throughput ranges and associated media, refer to Table 4 on
page 92.
To configure load balancing over equal-cost routes, complete the following
steps:
2 Select the Maximum Number of Path Splits parameter, enter a value
between 2 and 8, then press Enter .

Selecting a value of 2 or above automatically enables local load balancing
over the specified number of equal-cost routes.
Setting Up

103-000176-001
August 29, 2001
Novell Confidential
93
Manual
99a
38
July 17, 2001
5 Enter a cost for each interface over which you want to balance IPX traffic.
5a Select the following path:
Select Bindings > a network interface > Expert Bind Options >
NLSP Bind Options
5b Select the Cost Override parameter, enter a value between 1 and 63,
then press Enter .

System .
Configuring SPX Connection Parameters

Because some Novell and third-party NetWare applications place unique
demands on the SPX transport protocol, NIASCFG enables you to adjust the
values of the following parameters:
Maximum IPX Socket Table Size Maximum number of concurrent
IPX sockets that can be opened by an application.
SPX Watchdog Abort Timeout Time, in ticks (about 1/18 of a second),
SPX waits without receiving a packet from the other end of a connection
before concluding that the connection is no longer valid.
SPX Watchdog Verify Timeout Time, in ticks, SPX waits without
receiving a packet from the other end of a connection before requesting a
watchdog, or keep-alive, packet.
SPX Ack Wait Timeout Time, in ticks, SPX waits without receiving an
acknowledgment for a data packet it sent, before resending the packet.
SPX Default Retry Count Number of times SPX resends a data packet
if it does not receive an acknowledgment.
The product of this parameter and the SPX Ack Wait Timeout is about
how long it takes for SPX to conclude that the connection is no longer
valid.
Maximum Concurrent SPX Sessions Maximum number of concurrent
SPX sessions that can be opened by an application program.
94

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The default values for these parameters are sufficient for most NetWare
applications. Any application that requires a change to one or more of these
parameters typically tells you so.
How to Configure SPX Connection Parameters

To adjust the value of any SPX connection parameter, complete the following
steps:
IPX/SPX Parameters
The IPX/SPXTM Parameters menu displays the SPX connection
parameters.
2 Enter a new value for each parameter you need to change.
System .
Setting Delay and Throughput for a Slow Link

Delay is the time, in microseconds, to send a byte of information from one
system to another. Throughput is the bandwidth of the network medium that
connects the systems. Together, these parameters characterize a link between
two systems or networks.
On WAN links, delay and throughput are estimated by the IPXWAN protocol.
For this reason, you should not need to change these parameters on routers
operating over a WAN link. On LAN links, the throughput is reported by the
network interface driver; the delay is 200 microseconds, a constant used by all
LAN media.
NLSP uses the delay and throughput values to calculate the number of ticks
for a route to a destination network. The number of ticks associated with a
route is directly proportional to the delay and inversely proportional to the
throughput.
Setting Up

103-000176-001
August 29, 2001
Novell Confidential
95
Manual
99a
38
July 17, 2001
Some NetWare protocols, such as SPX, use the ticks value to calculate
retransmit timers. If you are configuring LAN routers that must communicate
over a bridge, a satellite, or both, you probably need to adjust the delay and
throughput values on the routers. Setting the throughput to match the speed of
the link and increasing the link delay prevent SPX retransmissions and
timeouts between systems separated by a slow link.
Figure 14 shows two NetWare LANs joined by two bridges communicating
over a satellite link. To enable the workstations to communicate with the
router and the systems in the IPX internetwork on the other end of the link,
you set the Throughput Override on each router to 56,000the throughput of
the satellite linkand the Delay Override to 800,000an arbitrary (but
sufficiently high) value to prevent timeouts over the link.
IMPORTANT: Although this configuration enables systems on each end of the link
to communicate through the routers, it does not enable direct workstation-toworkstation communication between the two LANs.
Figure 14
Setting Delay and Throughput for Systems Communicating over a 56-KB Satellite Link
56-KB
Satellite Links
NetWare
Workstation
NetWare
Workstation
IPX
Internetwork
Bridge
NetWare
LAN
NetWare
LAN
NetWare
Router
NetWare
Router
Set Throughput Override to 56,000

and
Delay Override to 800,000
96
IPX
Internetwork
Bridge

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
How to Set Delay and Throughput for a Slow Link

To set delay and throughput on an interface, complete the following steps:
Select Configure NIAS > Protocols and Routing > Bindings > a network
2 Select Delay Override , then enter a value.
By default, this parameter is set to 0, which means the router uses the
default value for LANs or the value estimated by IPXWAN. The valid
range is from 1 to 5,000,000 microseconds. One tick equals 55,000
microseconds, or about 1/18 of a second.
The value you enter overrides the default delay for this interface.
3 Select Throughput Override , then enter a value.
By default, this parameter is set to 0, which means the router uses the
value reported by the LAN driver or estimated by IPXWAN. The valid
range is from 300 to 4,294,967,295 bps.
The value you enter overrides the default throughput for this interface.
System .
Configuring IPX for Wireless Connectivity

In addition to the standard IPX routing software for wired LANs and WANs,
Novell Internet Access Server 4.1 routing software provides wireless
connectivity for portable NetWare workstations through NetWare Mobile
IPXTM software.
NetWare Mobile IPX consists of router and mobile client software that work
in concert to shield network users from the protocol and Network-layer
interruptions that occur when a user changes network interfaces or locations
during a network session.
Setting Up

103-000176-001
August 29, 2001
Novell Confidential
97
Manual
99a
38
July 17, 2001

Configuring a Home Router on page 98
Configuring a Mobile Client on page 99
Configuring the NetWare Mobile IPX Home Router and client software is
straightforward and simple. The only decision you need to make before you
get started is where to locate the Home Router on your network. The next
section helps you determine the best location.
Configuring a Home Router

The Home Router serves as the central connection point between mobile
clients and NetWare servers. To enable mobile clients to establish and
maintain network connections, the Home Router allocates an address from the
server's IPX internal network for use by the mobile clients.
How to Configure a Home Router
To configure a Home Router, complete the following steps:

2 Select Mobile IPX Support , then select Enabled .
NOTE: Selecting Enabled automatically causes client validation on remote
access servers to be disabled. Remote access systems check whether packets

received from a WAN client have the same source IPX node address that was
assigned to the client during the IPXWANTM negotiation phase. Because NetWare
Mobile IPX uses a different filtering method, client validation is turned off to prevent
NetWare Mobile IPX packets being discarded by remote access servers.
3 Select Mobile IPX Configuration and configure the Home Router
parameters.
3a Select Time To Live Override and enter a value, in minutes, from 1
to 10080.
Time To Live Override overrides the mobile client's HR Time To
Live parameter, which defines how long the Home Router serves the
mobile client without receiving a response from the client. Each time
the Home Router receives information from the mobile client, the
Time To Live Override counter is reset to the value you enter here.
A value of 0, the default, disables the override.
98

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
A mobile client cannot obtain a Time To Live value longer than the
one you specify here.
3b The Watchdog Spoofing parameter is enabled by default; to disable
watchdog spoofing on the Home Router, select Disabled .

Watchdog Spoofing controls whether the Home Router answers
NetWare Core ProtocolTM (NCPTM ) watchdog packets on behalf of
a mobile client. If Watchdog Spoofing is enabled, users do not lose
their connections to file servers as they roam out of wireless range.
3c Configure the Broadcast to Virtual Network parameter.
Broadcast to Virtual Network directs the Home Router to forward or

discard broadcast packets destined for the virtual network that the
router uses to communicate with its mobile clients.
If a large number of broadcast packets are being directed at mobile
clients, or if a mobile client's application does not require broadcast,
select Discard . By directing the Home Router to discard broadcast
packets, you reduce the amount of bandwidth used on the network.

System .
Configuring a Mobile Client

To configure a mobile client, you modify the client's STARTNET.BAT and
NET.CFG files. The changes you make to STARTNET.BAT are required for
NetWare Mobile IPX connectivity. Changes to NET.CFG are optional; they
are required only if you want to customize the client's NetWare Mobile IPX
configuration.
How to Configure a Mobile Client

Install the standard client software. For instructions, refer to the NetWare
client documentation.
Install the Novell Internet Access Server 4.1 mobile IPX client.
Setting Up

103-000176-001
August 29, 2001
Novell Confidential
99
Manual
99a
38
July 17, 2001
Configure a mobile client board that is mobile aware and supports

PCMCIA card in/card out capability, in-range and out-of-range
capability, and NESL.
To configure a mobile client, complete the following steps:
1 Open the client's STARTNET.BAT file using a text editor.
A typical STARTNET.BAT file looks something like this:

@ECHO OFF
SET NWLANGUAGE=ENGLISH
CD NWCLIENT
LSL
driver
IPXODI
VLM /ps=server_name
CD \
2 Add the following changes, indicated in bold, in the order shown:

@ECHO OFF
CD NWCLIENT
LSL
NESL
driver
IPXODI /M
VLM /ps=server_name
CD \
NESL must be loaded for the mobile client to be activated. NetWare

Mobile IPX reacts to changes in the system, such as location and the
client's adapter board. The MAC driver is the system module that knows
of these events (for example, out of range of access point coverage, card
insertion or removal, and so on) and notifies IPX of such changes through
NESL.
The IPXODI /M switch enables the NetWare Mobile IPX client
software.
100 Internetwork Packet Exchange

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
A STARTNET.BAT file configured for NetWare Mobile IPX operation

looks something like this:
@ECHO OFF
CD C:\NWCLIENT
LH C:\NWCLIENT\LSL.COM
LH C:\NWCLIENT\NESL.COM
LH C:\NWCLIENT\NE2000.COM
LH C:\NWCLIENT\IPXODI.COM /M
C:\NWCLIENT\VLM.EXE /ps=MY_SERVER
3 Restart the client.

How to Customize Your Mobile Client
This section describes the optional parameters you can add to the Mobile IPX
section of a mobile client's NET.CFG file. The parameters enable you to
customize your NetWare Mobile IPX configuration.
An example of how these parameters are used is provided in Example
NET.CFG File on page 105.
Customizing Home Router Parameters
The following parameters enable you to customize the interaction between a

mobile client and its Home Router:
Preferred HR=Home_Router_Name
This command causes IPXODI to attempt to attach to the specified Home
Router (HR). If the router does not exist or is not specified, the Home
Router closest to the client is used.
This command enables some level of routing optimization to be achieved.
Specifying a Home Router that is the user's preferred server, or specifying
one in an inline routing path between the mobile client and most of its
logged-in servers, causes packets sent back to the client to take a more
direct path because all packets being sent to the client go through the
Home Router first.
HR Time To Live=x (where x = 5 to 10,080 minutes)
Setting Up 101

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
HR Time To Live specifies the time-to-live interval, in minutes, that the

IPXODI module attempts to use with the Home Router. It defines how
long the Home Router serves the mobile client before the router requires
an update from the mobile client. If this is not defined, IPXODI uses a
default value of 30 minutes.
NOTE: HR Time To Live can be overridden by the Home Router's Time To Live
Override parameter.
If the client does not update the Home Router after the HR Time To Live
value runs out, the Home Router stops serving the mobile client. Note that
only NCP watchdog packets, not Sequenced Packet ExchangeTM (SPXTM
) watchdog packets, are handled by the Home Router. If the mobile client
roams out of range and comes back within the amount of time set by HR
Time To Live , the timer is reset automatically; otherwise, if the client is
not back within range when the timer runs out, the mobile client is
dropped.
It is especially important to set HR Time To Live to a large value if the
mobile client is out of network range for a long time. While the time-tolive value is still active in the Home Router, the router responds to server
NCP watchdogs on behalf of the client so that client sessions do not time
out while network connectivity is lost. If this value is too small, the Home
Router stops serving the mobile client before it returns within network
range, and all server connections are lost.
The only reasons the Home Router might not see a NetWare Mobile IPX
watchdog packet from a mobile client are that the client is off, in sleep
mode, or out of range.
Allow HR Change=[On|Off]
This command determines what IPXODI does when the current Home
Router is no longer reachable.
If you set Allow HR Change to On , IPXODI tries to sign on with the first
available Home Router, even if it is not the same as the current one.
If you set Allow HR Change to Off , IPXODI continues trying to
reestablish a connection to the Home Router to which the client is
currently attached.
If Allow HR Change is not defined, IPXODI assumes Allow HR Change
is set to Off ; if it is set to On , and the current Home Router stops
operating, IPXODI obtains a different virtual address while signing on
with a different router. Most applications available today cannot operate

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
gracefully through the address change; as a result, connections might be

terminated.
Specifying an Alternate Board
The NET.CFG parameters described in this section enable you to specify an

alternate board to be used in the portable computer. Alternate board
parameters enable IPXODI to use a second board for mobile communications
if the primary board loses connectivity. The driver for the alternate board must
be specified in the Mobile IPX section of NET.CFG. Note that the equal sign
(=) is optional; however, it can be used to quickly find the parameter values.
IMPORTANT: The first three parameters (Alt Name , Alt Board Number , and Alt
Frame ) must all be specified; if one is missing, no alternate board setting is used.
Additionally, the frame type specified by the Alt Frame parameter must be set
under the Link Driver Heading for the desired alternate board.
Alt Name=Alternate_Driver_Name
Alt Name specifies the name of the driver supporting the alternate board.
Alt Board Number=Alternate_Board_Number
Alt Board Number specifies the Link Support LayerTM (LSLTM ) board
number of the alternate board displayed when the driver loads.
The board number of a driver changes if there is a change in the order of
MAC driver load commands. Therefore, it is important to always load the
primary driver first, followed by the alternate driver, to ensure that the Alt
Board Number parameter always refers to the alternate board.
After the MAC drivers have been loaded, you can get board numbers and
other information by entering the following command:
MAC_Driver_Name
/s
This command displays information about all Open Data-Link

InterfaceTM (ODITM ) drivers currently loaded. The information you see
is similar to the following example:
The following LAN drivers are loaded in memory:
MAC driver name and version information
IRQ 5, Port 300, Mem D0000, Node Address 4096003F53 L
Max Frame 1514 bytes, Line Speed 2 Mbps
Board 1, Frame ETHERNET_II, LSB Mode
Setting Up 103

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Alt Frame=Alternate_Frame_Type
Alt Frame specifies the frame type for the alternate board (for example,
ETHERNET_802.2).
The driver loaded first in STARTNET.BAT becomes the primary driver.
If IPXODI cannot locate the alternate driver during initialization, an error
is issued and only the primary board is used. If there is no primary board
either, IPXODI issues an error and fails to load.
The drivers for both the primary and alternate boards must be loaded
before IPXODI. The driver load order is not important; however, it is
harder to determine the LSL board numbers to enter for the IPX BIND
statement or alternate board configurations if the primary driver is not
loaded first. If PCMCIA adapters are used and the card vendor's drivers
are written to support card in/card out events, or driver initialization
without the PCMCIA card inserted, the PCMCIA cards need not be
inserted into the system until network connectivity is needed.
Here is an example STARTNET.BAT file that shows the load order of the
primary driver, alternate driver, and IPXODI:
@ECHO OFF
CD NWCLIENT
LSL
NESL
primary driver
alternate driver
IPXODI /M
VLM /ps=server_name
CD \
Specifying Watchdog Protocol Operation
The NET.CFG file allows you to specify whether the SPX Watchdog protocol
will be run to validate SPX connections periodically. The one-line entry to
specify the SPX Watchdog protocol behavior follows the Heading
PROTOCOL IPX and has the following format:
SPX WATCHDOGS = ON|OFF
where ON specifies that the Watchdog protocol will be run to validate SPX
connections periodically and OFF specifies that it will not. For more

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
information on the use of the Watchdog protocol, refer to Watchdog Packet

Spoofing on page 30.
Example NET.CFG File
This section provides an example NET.CFG file that shows the format of
mobile client customization parameters.
LINK DRIVER Wireless
FRAME = ETHERNET_802.2
LINK DRIVER Wireless2
FRAME = ETHERNET_802.2
NETWARE DOS REQUESTER
NETWARE PROTOCOL = NDS BIND
FIRST NETWORK DRIVE = F
SHOW DOTS = ON
USE DEFAULTS = ON
VLM = AUTO.VLM
MOBILE IPX
PREFERRED HR = Home_Router_Name
ALT NAME = Wireless2
ALT BOARD NUMBER = 2
ALT FRAME = ETHERNET_802.2
PROTOCOL IPX
SPX WATCHDOGS = OFF
Configuring the MacIPX Gateway

The Novell Internet Access Server 4.1 routing software includes
MACIPXGW.LAN, a LAN driver that enables your router to operate as a
gateway between Internetwork Packet Exchange (IPX) networks and
Macintosh* clients running MacIPX applications on AppleTalk networks.
Macintosh clients use the MacIPX gateway to exchange data with NetWare
clients and to use the resources available on IPX networks.
NOTE: MacIPX provides support for the IPX protocol on Macintosh computers. It
does not enable Macintosh users connected to the IPX network to log in to a
Setting Up 105

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NetWare server or print documents on NetWare printers. Users and developers

must rely on NetWare for Macintosh software for NetWare file and print services.

Configuring and Binding the Gateway Driver on page 107
Restricting Gateway Service to Selected Networks on page 109
You can use the MacIPX gateway if your networks have the following
characteristics:
You have IPX and AppleTalk networks that you want to connect and these
networks are part of a LAN running NetWare 3.11 or later, or the NetWare
MultiProtocol RouterTM 2.0 software or later. The MacIPX gateway must
run on one of these networks.
Your AppleTalk networks support MacIPX clients.
One or more of the networks use only the AppleTalk protocol family to
connect Macintosh clients to the network.
From a user perspective, the MacIPX gateway is required only for Macintosh
users who select the AppleTalk icon in the MacIPX Control Panel. If all
Macintosh users select either the Ethernet or Token Ring icon, and if IPX
traffic is permitted on those networks, then you do not need a MacIPX
gateway.
MacIPX applications automatically select an IPX gateway only when the
gateway is in the zone that contains the Macintosh client running MacIPX. If
this is not the case, use the MacIPX Control Panel to configure MacIPX to
look for IPX gateways in specific zones.
You should locate a MacIPX gateway so that the amount of configuration
required by MacIPX is minimized. For example, if you have an AppleTalk
network for dial-in users that provides service for AppleTalk Remote Access
(ARA), you should ensure that a MacIPX gateway serves the AppleTalk zone
that includes the ARA network so that Macintosh clients using ARA do not
require MacIPX configuration.

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Configuring and Binding the Gateway Driver

Configuring the MacIPX gateway is similar to configuring a typical LAN
board and binding a network protocol to the board.
Ensure that your router has at least 65 KB of RAM available.
Ensure that APPLETLK.NLM is loaded and configured.
Ensure that IPX packet forwarding is turned on.
Know the network number of the IPX network to which the gateway
interface is attached.
Know the number of MacIPX clients that will be served by the gateway.
To configure the MacIPX gateway, complete the following steps:
Select Configure NIAS > Protocols and Routing > Boards > Press Ins
> MACIPXGW
2 Configure the MACIPXGW driver.
2a Select Board Name and assign a name to the gateway driver.
2b Select Gateway Name and assign a name to the MacIPX gateway.
This name is used to advertise the MacIPX gateway on the

AppleTalk network. Because the name appears in the MacIPX
Control Panel, it should be one that users recognize easily.
If you do not provide a name, the MacIPX gateway uses the name of
the router on which the MacIPX gateway is installed.
2c Select Unicast Threshold and enter a value between 1 (the default
value) and 4294967295.

This parameter controls how the MacIPX gateway propagates IPX
broadcast packets to AppleTalk networks.
If you want to send IPX broadcast packets to all AppleTalk
networks with MacIPX clients, enter a number less than the
number of MacIPX clients served by the gateway.
Macintosh systems not running MacIPX applications do not
understand IPX broadcast packets and discard them. When this
Setting Up 107

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
option is used, unnecessary packets are distributed to non-MacIPX

clients on the network.
If you want to send IPX broadcast packets to each MacIPX
client, enter a number equal to or higher than the number of
MacIPX clients served by the gateway.
If the number of clients exceeds this threshold, the MacIPX gateway
starts sending broadcast packets. Using this option can increase
network traffic because a single IPX broadcast packet could become
many AppleTalk unicast packets, depending on the number of
MacIPX clients.
2d If you want to enter a note or comment about the gateway, select
Comment and enter the information.

2e Press Esc to return to the Internetworking Configuration menu; save
your changes when prompted.

3 Bind IPX to the gateway.
Binding IPX to the gateway causes the MacIPX Gateway icon to appear
in the MacIPX Control Panel.
3a Select the following parameter path:
Select Bindings > Press Ins > IPX > the MacIPX interface
3b Select IPX Network Number and enter the network number of the
IPX network to which the interface is attached.


System .

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Restricting Gateway Service to Selected Networks

The MacIPX gateway, by default, serves all AppleTalk networks that make up
the AppleTalk cloud. If you want the gateway to serve only selected
AppleTalk networks, you must use a configuration file called
MACIPXGW.DAT, which resides in SYS:SYSTEM.
You indicate the AppleTalk networks you want the gateway to serveor not
serveby placing commands in MACIPXGW.DAT with the following
syntax:
[exclude | include]
<net_number >[-net_number ]
. . . ]
The first line in the preceding example is a keyword that specifies the
following modes of inclusion:
exclude Directs the MacIPX gateway to serve all AppleTalk networks
except those whose numbers are listed on the following lines.
include Directs the MacIPX gateway to serve only networks whose
numbers are listed on the following lines; this is the default mode if no
keyword is specified.
The AppleTalk networks can appear as a number or range. You specify
additional network numbers or ranges by placing each network on its own
line. For example, a MACIPXGW.DAT file can contain the following
command:
exclude
10-20
This directs the gateway to serve all AppleTalk networks except 10-20 and
100. Alternatively, the MACIPXGW.DAT file can contain the following
command:
include
10-20
This directs the gateway to serve only AppleTalk networks 10-20 and 100,
excluding all others.
NOTE: The network numbers in these examples are AppleTalk network numbers,
not IPX network numbers.
If no MACIPXGW.DAT file is found in SYS:SYSTEM, the MacIPX gateway

serves all AppleTalk networks.
Setting Up 109

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
To restrict gateway service to selected AppleTalk networks, complete the

following steps:
1 Use a DOS ACSII text editor to create a file called MACIPXGW.DAT in
the router's SYS:SYSTEM directory.

2 Place commands in the file using the following syntax:
[exclude | include]
<net_number >[-net_number ]
. . . ]
3 Save and close the file.

4 To put your changes into effect, enter
UNLOAD MACIPXGW
REINITIALIZE SYSTEM

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Managing
This chapter describes how to monitor IPXTM LAN and WAN connections
using the available router management consoles and utilities.
Using the IPXCON Utility

IPXCON is an NLM utility that provides access to statistics and information
about the status of various components of the IPX protocol. IPXCON uses
SNMP over IPX or UDP/IP to monitor remote servers, routers or network
segments.
To launch IPXCON, enter LOAD IPXCON at the system console prompt or
load NIASCFG and follow this path:
Select View Status for NIAS > Protocols and Routing > IPX Protocol Stack
You can use IPXCON to perform the following tasks:
Monitor and troubleshoot IPX routes and network segments throughout
your IPX internetwork
Display the status of any IPX router or network segment on your
internetwork
Display all paths through which IPX packets can flow
Locate all active IPX routers on your internetwork
Display operational circuits for IPX
Monitor remote routers running Novell Internet Access Server router
software
Managing 111

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Using the IPXPING Utility on the Server

The IPXPING.NLM program enables you to check connectivity to an IPX
server on your internetwork.
The IPXPING utility sends a packet request to the target node, an IPX server
or workstation. After the target node receives the packet, it sends an IPXPING
reply packet to the system that sent the request packet.
To use IPXPING, type a command similar to the following at the server
prompt:
load ipxping
The system displays the New Target window. The fields of the New Target
window are described in Table 5.
Table 5
IPXPING New Target Window
Field
Description
Network
Select a target IPX server by entering its internal IPX address.
Node
Select a target IPX server by entering the target node number. You must enter
both the internal IPX address and node number to select the server.
Seconds to pause
between pings
Specify the number of seconds between each packet transmission.
After entering the network address, node address, and number of seconds to
pause between pings, press Esc to start sending request packets. The sending
node continues to send request packets and collect response time statistics
until you press Esc again and exit IPXPING.
Request and reply packets use the same format; each packet contains the
standard IPX header.
To select additional IPX servers, press Insert . Enter the IPX address of the
server in the Address field. Press Esc to start sending packets.

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Using the IPXPING Utility on the Workstation

The program is a DOS utility that determines the time to transport IPX packets
to a specific server and back. IPXODI (or an equivalent IPX interface) must
be loaded before IPXPING can be used. The time is displayed in milliseconds
(although resolution is 1/18 second). The user can specify the number of pings
to send and the interval between sends. A summary of the high, low, and
average times is displayed when the program terminates. The program
terminates when the acknowledgment to the last ping is processed or when the
user presses Ctrl +C or Break .
Syntax
Parameters
Example
Syntax
IPXPING <netaddr> [/s=<size>] [/r=<repeat>] [/d=<delay>]
[/c=<char>]
All parameters except netaddr are optional. If no parameters or an invalid

parameter is entered, help is displayed. The parameters are case-insensitive. A
minus (-) sign can be used instead of a slash (/).
Parameters
The netaddr parameter is the internal network address of the server to ping. It
is an eight-digit hexadecimal value. The server must support the IPX ping
protocol.
The size parameter is the number of data bytes (excluding the IPX PING
header) in the ping data packet. The default size is 100 bytes. The size is
limited by the maximum packet size supported by the driver. If an invalid size
is specified, a packet overflow error occurs.
The repeat parameter is the number of times to send the ping. The default is 1.
The delay parameter is the number of seconds to delay between successive
pings. The default is 1; you can set the value to 0.
The char parameter is the character to fill the ping buffer with. The default
character is P.
Managing 113

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Example
To use IPXPING.EXE, type the following command at the DOS prompt:
ipxping 2e64afe3
The following information is displayed:

IPXPING: estimated time to send a 0.5K packet to 2E64AFE3 is
166 ms.
IPXPING: sent ping packet number 1.
IPXPING: packet 1 response received in 166 ms.
IPXPING: 1 send, 1 received, low 166 ms high 166 ms, average
166 ms.
NOTE: If you don't receive a response to the final ping, press Ctrl+C to terminate
the program. Otherwise, IPXPING will wait until it receives a response.
Using the SPFCON Utility

The SPFCON utility enables you to monitor Sequenced Packet ExchangeTM
(SPXTM ) spoofing statistics. Spoofing is the process of preserving the
transport end point connection by imitating keep alive packets and responding
to watchdog request packets without passing this traffic across on-demand
WAN links. Using SPX spoofing can help you maintain lower costs over ondemand WAN links.
NOTE: SPX spoofing is implemented only on PPP interfaces at this time.
To launch SPFCON, enter the command load spfcon at the NetWare

console server.
Four windows make up the SPFCON user interface. The four windows are
Main Window
Interfaces Window
Connections Window
Spoofing Statistics Window

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Main Window
The Main Window offers two options:
Interfaces enable users to view the spoofing statistics on a per interface
basis
SPX spoofing enables users to view the spoofing statistics of all SPX
connections
Interfaces Window
The Interfaces Window displays a list of WAN interfaces. At this time, only
PPP interfaces will be included on this list. You can select either one or all
listed interfaces. When you select an interface, the Connections Window is
displayed.
Connections Window
The Connections Window displays all connections for the selected interface,
either SPX or NCP. The Connections Window shows each connection's
interface name, source node, destination node, source ID, and destination ID.
Spoofing Statistics Window

The Spoofing Statistics Window displays the SPX and NCP spoofing statistics
for a selected connection. Table 6 describes the fields on this window that
require explanation.
Table 6
Spoofing Statistics Fields
Field
Meaning
Spoofing State
Initial indicates that spoofing has not yet started; active indicates that spoofing
has started and is active; inactive indicates that spoofing has ended because
Remaining Spoofing Time expired.
Number of Spoofing
Started
Indicates the number of times spoofing has been started for this SPX
connection.
Remaining Spoofing
Time
Indicates the time remaining in this spoofing session; when this time expires,
the spoofing state will change to inactive.
Sequence Numbers
Shows the sent and received sequence number.
Managing 115

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Field
Meaning
Acknowledge Numbers
Shows the sent and received acknowledge number.
Allocation Numbers
Shows the sent and received allocation number.
Spoofing packets
Shows the number of packets spoofed.
Keep Alive Packets

Dropped
Shows the number of keep-alive packets dropped during this active spoof
session.
NOTE: In the spoofing statistics fields, Sequence Numbers, Acknowledge
Numbers, Allocation Numbers, and Keep Alive Packets Dropped don't apply for
NCPTM.
Viewing NetWare IPX Configuration Information

To see how Internetwork Packet ExchangeTM (IPXTM ) is configured, load
IPXCON and select the following options:
IPX Router InformationTo view whether the RIP, SAP, and NetWare
Link Services ProtocolTM (NLSPTM ) protocols are configured for this
router.
NLSP InformationTo view NLSP configuration for the system and the
NLSP network.
CircuitsTo view the IPX circuits configured for the router.
Determining Whether a Remote IPX Router Is Reachable

To determine whether a remote router is reachable, you can run an IPX Echo
test. To run an Echo test, load IPXPING and perform the following steps:
1 Specify the target router address in the Network field.
2 Specify the target router node number in the Node field.
3 Specify the number of seconds between each transmission in the Seconds
to pause between pings field.

4 Press Esc to begin transmitting.
IMPORTANT: To run the IPX Echo test, both the machine originating the echo
packets and the machine responding to the echo packets must support IPXPING.
To support IPXPING, both machines must have IPXRTR.NLM, which is included in
NetWare 4.1 software and Novell Internet Access Server 4.1 software.

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Determining Which IPX Services Are Reachable

If you want to know whether a specific IPX service is available, you need to
find out which IPX services are reachable. To determine the services available
to a router, load IPXCON and follow this path:
Select Services > service you want to reach to get information about
If a service is visible, it is reachable. If you want to see information about a
service, select the service and press Enter. The Service Information window
displays Name, Type, Network Number, Node, Socket, and additional path
information for NLSP systems under the selection Destination Information.
Checking an IPX Network for Inactive Routers

You can use IPXCON to identify routers on your network that are inactive
that is, not routingfor some reason. This information can often help you
locate a defective network interface. To check your network for inactive
routers, load IPXCON and follow this path:
Select NLSP Information > Routers
IPXCON lists the NLSP routers known to the system you are monitoring.
Any router labeled Unreachable might either be down or have a defective
network interface. This labeling might also indicate that some other router in
the path has one of these problems.
Any router labeled Overloaded has run out of memory and can no longer
process NLSP routing information.
Routers not labeled Unreachable or Overloaded are operating properly.
Checking the IPX Routing Table

To check the IPX routing table and information associated with each route,
load IPXCON and follow this path:
Select Forwarding > Display entire forwarding table
The Forwarding Table window shows you all known IPX destination
networks. The list shows the following information about each item:
Network number of the destination
Routing protocol through which the destination was learned
Managing 117

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
First hop circuit to the destination

Name of the destination
The Destination Information window expands on this by showing information
about the Next Hop (Name, Circuit, NIC Address), and by giving access to the
services on the destination router that are available to the current router.
If the destination is an NLSP destination, you can determine potential paths to
the destination by selecting Potential Paths.
Checking an IPX Network for Duplicate Network

Numbers
Each external network number that identifies a LAN on your IPX network
must be unique. Incorrect configurations and other problems can cause two
LANs to have the same external network number.
One way in which this can occur is when a bridge connecting two LAN
segments failsa condition known as a split LAN . When the bridge fails,
each segment becomes a separate LAN but retains the same network number.
As a result, routers forwarding packets to that network number see two
destinations and simply choose the nearest one.
To check your network for duplicate network numbers, load IPXCON and
follow this path:
Select NLSP Information > LANs
The LANs are listed in numeric order by network number. To look for
duplicate network numbers, scroll through the list of LANs.
Checking an IPX Network for Duplicate System IDs

To check your network for duplicate system IDs, load IPXCON, select a
system, and select the following path:
Select NLSP Information > System Information > field associated with
Detailed NLSP System Information
Check the numbers associated with Sequence Number Skips; if the number is
increasing, two or more NLSP routers on your network have the same system
ID.

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Determining Where NLSP Is Running in Your Network

If you have migrated your network to NLSP, you can identify which LANs on
your IPX network are using NLSP or RIPor bothas the routing protocol.
If you partitioned your IPX network into routing areas, note the following
points:
The procedure in this section shows only the LANs and NLSP routers that
are within the same routing area as the system you are currently
monitoring.
RIP should be running only on the routers at area boundaries.
To find LANs on which NLSP or RIP is running, load IPXCON, select a
system, and follow this path:
Select NLSP Information > LANs
The Known LANs window displays the following information about each
NetWare LAN of which the local system is aware:
Network Number External network number of the LAN
Throughput Number of Mbps reported by the LAN board
Delay Time, in microseconds, required for packets to reach the LAN
If NLSP is importing RIP routes to a LAN, the entry is labeled RIP Active. If
the entry is labeled Unreachable, the LAN is no longer accessible from the
local system. If there is no label, then NLSP is the only routing protocol
running on the LAN and the LAN is reachable.
You can select one of the LANs to see which NLSP routers are on it.
Finding NLSP Routers with Insufficient Memory

To check your network for routers that have run out of memory, load IPXCON
and follow this path:
Select NLSP Information > Routers
If a router does not have enough memory to process routing information, the
entry is labeled Overloaded.
Managing 119

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
You can also select System Information and check the following information:
Level 1 OverloadedIt should read No. If it reads Yes, the router does
not have enough memory to process routing information.
Detailed NLSP System InformationThe Level 1 Database Overloads
field indicates how many times the router has run out of memory.
Finding the Designated Router on a LAN

The Designated Router is an NLSP router elected by its peers to represent and
keep track of the connectivity of its LAN. The Designated Router handles
exchanges of link state information on behalf of all other NLSP routers on the
LAN. Only broadcast (LAN) circuits have Designated Routers.
To find the NLSP Level 1 Designated Router on a LAN, load IPXCON, select
a system, and follow this path:
Select Circuits > a broadcast circuit
The Circuit Information window appears and displays the name, type, and
state of each circuit.
The Circuit Information window displays, among other information, the name
of the Designated Router and the external network number of the LAN it
represents.
To see more information about the Designated Router, complete the following
steps:
1 Record the name of the Designated Router.
2 Press Esc until you return to the Available Options window.
3 Select SNMP Access Configuration.
4 Select IPX as the Transport protocol.
5 Type the name of the Designated Router in the Host Address field, then
press Enter .
6 Press Esc to return to the Available Options window.
In a few moments, IPXCON begins displaying statistics for the Designated

Router.

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Monitoring Error Counters

Error counters are monitored to make sure they are not increasing rapidly,
because a rapid increase indicates a problem. For information about
troubleshooting these problems, refer to Chapter 5, Troubleshooting, on
page 125. You can monitor error counters for IPX interfaces in the following
ways:
By using MONITOR to view counters such as Checksum Errors, Send
and Receive Packet Errors, and interface-specific errors. To view these
counters, load MONITOR and follow this path:
Select LAN/WAN Information > interface you want to view
By using PPPCON for WAN connections to view the following PPP
counters:
Bad Address Fields
Bad Control Fields
Bad FCS Values
Packets Too Long
To view these counters, load PPPCON and follow this path:
Select PPP Interfaces > interface you want to view > PPP Error Statistics
By using IPXCON to view the following IPX counters:
Too Many Hops
Header Errors
Unknown Sockets
Decompression Errors
Malformed Requests
Compression Errors
Open Socket Failures
Maximum Sockets
To view these counters, load IPXCON and follow this path:
Select IPX Information > Detailed IPX Information
Managing 121

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Viewing the MacIPX Gateway Configuration

To view information about the configuration and operation of a MacIPX
gateway, enter the following command at the server prompt:
LOAD MACIPXGW SHOW=YES
This command does not reload the MacIPX gateway, but instead displays
information about the MacIPX gateway and the AppleTalk networks that it
serves, as in the following example:
MACIPXGW:
Unicast threshold set at 1.
AppleTalk nets this gateway is configured to serve:
10-20
111
2222-2223
3333-3335
AppleTalk nodes registered for IPX broadcasts:

IPX node: 0xffffffffffff
Socket: 0x452
10.238
1501.138
1502.168
Socket: 0x453
The information in the preceding example includes the following items:

The unicast threshold
The network numbers of all AppleTalk networks served by this gateway
All AppleTalk nodes currently registered with the MacIPX gateway for
broadcasts and identified by the IPX socket
Viewing MacIPX Gateway Statistics

To view MacIPX gateway statistics, load MONITOR and select the following
parameter path:
Select LAN/WAN Information > MACIPXGW
A screen displays the statistics explained in Table 7 on page 123.

103-000176-001
August 29, 2001
Novell Confidential
Manual
Table 7
99a
38
July 17, 2001
MacIPX Gateway Custom Statistics
Statistic
Explanation
Received Tickle Packets
Number of tickle packets sent by MacIPX clients served by the gateway.

MacIPX clients send tickle packets to the MacIPX gateway; the gateway
sends IPX broadcast packets back to the clients.
IPX Broadcast Requests from

IPX Stack
Number of IPX broadcast packets sent to the MacIPX gateway by the

IPX stack in the NetWare server +79595or Novell router.
IPX Broadcast Requests from

MacIPX Clients
Number of IPX broadcast packets sent to the MacIPX gateway by the

MacIPX clients that the MacIPX gateway is servicing.
DDP Packets Broadcasted for

IPX Broadcasts
Number of AppleTalk packets sent out as broadcast packets carrying

IPX broadcast packets.
DDP Packets Unicasted for IPX

Broadcasts
Number of AppleTalk packets sent out as unicast packets carrying IPX

broadcast packets.
Received DDP Packets with

Unknown Options
Number of AppleTalk packets received by the gateway that include

unrecognized encapsulation demultiplexing options. This indicates
corrupted packets or incompatible client software. Ensure that your
network cabling is working correctly and that software on the Macintosh
clients is compatible with this version of the MacIPX gateway.
Received DDP Packets with

Wrong Type
Number of AppleTalk packets received by the gateway that include an

incorrect AppleTalk packet type. This indicates the presence of
corrupted packets or incompatible client software. Ensure that your
network cabling is working correctly and that software on the Macintosh
clients is compatible with this version of the MacIPX gateway.
Received Service Requests
Number of requests received by the gateway to provide service to

MacIPX clients.
Transmitted Service Grants
Number of times the gateway granted service to MacIPX clients.
Transmitted Service Refusals
Number of times the gateway refused service to MacIPX clients.
Memory Allocation Failure
Number of times the gateway could not allocate memory. You might
need to add memory to the NetWare server or Novell router to fix this
problem.
Managing 123

103-000176-001
August 29, 2001
Novell Confidential
Manual

103-000176-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
Troubleshooting
This section dicusses IPX troubleshooting information that is divided into four
categories:
Troubleshooting tools
Configuration tips
Troubleshooting checkpoints
Common problems
If a problem that is general in nature occurs, the procedure described in
Troubleshooting Checkpoints on page 127 will help you isolate and resolve
the problem. If a problem with a specific symptom occurs, refer to Common
Problems on page 131.
Troubleshooting Tools
The IPX-specific troubleshooting tools are explained in the following
sections:
IPXCON on page 125
System Console Commands on page 126
IPXCON
IPXCON is a NetWare Loadable ModuleTM (NLMTM) utility that provides
access to statistics and information about the status of various components of
the IPXTM protocol. It uses SNMP to access this information from any local or
remote system on the network. IPXCON operates over IPX and TCP/IP
networks, and uses the User Datagram Protocol (UDP) to run over the
Troubleshooting 125

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
networks. For more information on IPXCON, refer to Chapter 4, Managing,

on page 111.
Enter LOAD IPXCON at the system console prompt. You can use IPXCON
to perform the following tasks:
Monitor and troubleshoot IPX routes and network segments throughout
your IPX internetwork
Display the status of any IPX router or network segment on your
internetwork
Display all paths through which IPX packets can flow
Display operational circuits for IPX
Monitor remote routers running the Novell Internet Access Server 4.1
routing software
System Console Commands

Specific commands are available from the system console prompt that prove
useful in troubleshooting IPX connection problems. The following commands
are examples:
DISPLAY SERVERS
This command lists all known NetWare server names and the number of
hops (IPX routers that must be crossed) to reach each server. This
information is similar to the information shown in the IPXCON
forwarding table, but it is less comprehensive than IPXCON.
DISPLAY NETWORKS
This command shows the IPX network number, the number of hops
needed to reach the network, and the estimated time, in ticks (1/18 of a
second), for a packet to reach a network. The number of known networks
is shown at the end of the list. For NetWare servers, both the internal IPX
network numbers and the cabling network numbers are displayed. This
information is similar to the information shown in the IPXCON services
table, but it is less comprehensive than IPXCON.
RESET ROUTERS
This command resets the IPX routing table in the file server if the table
has become inaccurate or corrupted.

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
TRACK ON
This command displays three types of RIP and SAP information: Server,
Network, and Connection Requests. This information is formatted
according to whether the router/server is receiving the information (IN),
broadcasting the information (OUT), or receiving a connection request.
Refer to Utilities Reference for more details.
Configuration Tips
We recommend the following guidelines for configuring IPX:
Each server and router in the entire internetwork must have a unique
internal internetwork number.
Each LAN in the entire internetwork must have a unique IPX network
number, even if you have configured a PPP unnumbered WAN link that
connects two LANs.
Each WAN in the entire internetwork must have a unique internal
internetwork number.
Observe the procedures described in the following sections when you are
configuring IPX or NLSP for the Novell Internet Access Server 4.1 routing
software:
IPX Checkpoints on page 127
NLSP Checkpoints on page 131
IPX Checkpoints
To isolate and resolve problems with IPX, complete the following steps:
1 Verify that workstations can connect to all desired servers.
If a problem with LAN connectivity occurs, refer to IPX Connectivity

Problems (Duplicate ID or Network Number) on page 129. If you are
using the NetWare Mobile IPXTM software, refer to NetWare Mobile
IPX Client Loses Connectivity to the Server on page 151.
2 Verify that the IPX network number is different for each LAN across a
WAN link.
Troubleshooting 127

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
IMPORTANT: Each LAN segment must have a unique IPX network number. It is
a common error to incorrectly use the same IPX network number on each side of
an unnumbered PPP or WAN link.
3 Verify that all servers and routers in the entire internetwork have unique
internal network numbers.

In addition, each network segment has a unique network number, and all
servers and routers on the same segment must have their interfaces
configured with the same IPX network number.
3a Look at the routing table in IPXCON on any NetWare Link Services
ProtocolTM (NLSPTM ) system in the suspected area (parameter path:

Select NLSP Information > Routers).
Determine whether there are routers that appear and disappear from
the table (these routers might also become unreachable for brief
periods of time). Then establish a remote connection with
RCONSOLE and check for any error messages indicating duplicate
internal network numbers.
Typically, if you can log in to a server, but cannot establish a
connection to the same server using RCONSOLE, then the server is
configured with a duplicate IPX address.
3b Enable SAP on one of the interfaces in a router in the NLSP area.
Between SAP periodic updates, you should see two routers (or more,
if more than one router has the same internal network number) being
listed as unreachable and then reachable. This should occur every 5
to 10 seconds.
4 After you have identified the NLSP systems with the problem, load
IPXCON to determine to which networks the servers or routers are

connected (parameter path: Select NLSP Information > Routers).
5 Select the NLSP router that is the source of the problem. You might need
to select the router several times because its connectivity is intermittent.

If the router is a Novell router, then the internal network number is
probably a duplicate.
6 Change one of the router's internal network numbers and restart the
system.
7 For WAN links, verify that third-party routers use IPXWANTM software
(RFC 1362, 1551, or 1634).

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
To establish an IPX connection to third-party routers over a WAN, the

third-party routers must support IPXWAN; otherwise, problems with
initiating, maintaining, or terminating the IPX connection occur.
8 Verify that the IPX network number is different for each WAN link unless
an unnumbered RIP is used (in which case, the IPX network number is
zero).
IPX Connectivity Problems (Duplicate ID or Network Number)

To isolate and resolve IPX connectivity problems, complete the following
steps:
1 Find the server or router that is connected to the same segment as the
workstation.
If more than one server or router connects the workstation to the network,
look at each system to determine if it has proper connectivity. If the
system with which you are communicating is a server, then use that
system.
2 Check the forwarding table on both systems.
2a If you are on the server or router representing network A, then find
network B in the forwarding table. Load IPXCON (parameter path:

Select Forwarding > Display entire forwarding table).
2b If network B is not displayed in the table, then exit and enter the
forwarding table until it appears.

2c If network B still does not appear in the table, probably a router in the
path either is malfunctioning or has a duplicate system ID.

2d If the route shows up intermittently, then probably a router in the path
has a duplicate system ID.

2e If the route shows up consistently, then look at the route and select
Potential Paths by selecting the network on the Forwarding Table

menu.
3 Make sure that the potential path leads to the correct network by looking
at the intermediate routers.

If a duplicate network number exists, you can determine the location of
the duplicate number from this window.
3a If all the routers in the path seem to be correctly configured, then
write down the addresses of all the LANs and routers in the path.
Troubleshooting 129

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
3b Use IPXPING to check all routers or servers in the end-to-end path
(do this from one side only). Also, check the end points.
If connectivity is occurring from a workstation, make sure that the
workstation can log in to the first server or router in the path or that
it has access through the router in question.
If the connectivity loss is only temporary (for example, you
occasionally get abort retries on the workstation), then let IPXPING
run for several minutes. Check for packet loss during this time, then
examine the router at which packet loss occurred.
It is also possible that a router is malfunctioning in the end-to-end
path. Usually, IPXPING can help you determine where the fault is
occurring.
3c Once you have found the router that has the problem, check its
potential paths.
All downstream routes from the first router to the router that has the
problem should also be potential paths on this router. If this is not the
case and the router does not quickly acquire the downstream routes,
then the system probably has a software error in it. Contact the router
manufacturer's technical support for further assistance. To help
minimize problems like this, you should purchase only NLSPcertified routers.
4 If connectivity loss occurs outside an NLSP area, check each router in the
end-to-end path for an external RIP route.

RIP can be used between NLSP areas. Therefore, it is necessary to check
the end-to-end path in a more tedious way, as follows:
4a Find the next-hop router from each of the servers.
4b Look at that system's forwarding database.
4c Find the next-hop router from that system, and so on, until you have
found where the route leads. Do the same from the other side of the
path as well.
This process is difficult with the current implementation of RIP and
SNMP for Novell, because RIP shows only the next-hop LAN and
Network Interface Card (NIC) address (over LANs) instead of the
internal network number of the system. SNMP cannot receive
packets that are addressed to a NIC; the packets must be addressed to
the internal network number. You must work backward, first finding
all routers attached to the LAN, and then finding the receiving LAN

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
card on each router. One of the routers you should start with is the
next-hop router. Repeat these steps until you find the destination
network number. If you do not find a duplicate network number in
either direction, check each link in the path for errors.
NLSP Checkpoints
To isolate and resolve problems with NLSP, complete the following steps:
1 Determine connectivity.
Verify that all neighbors are displayed under the NLSP Neighbors
option in IPXCON. This will determine whether there is local
connectivity.
Verify that there are sufficient potential paths within each area.
Verify that all LANs are listed in the NLSP LANs table in IPXCON.
Verify that all NLSP routers are listed in the NLSP Routers table in
IPXCON.
2 Determine whether RIP is active.
Verify that the NLSP LANs window indicates that RIP packets are
being absorbed.
Verify that the Circuits table indicates the state of any system.
Common Problems
This topic discusses the following common problems and their potential
solutions:
Login Times Out (page 132)
Load Balancing over IPX Is Not Working (page 133)
Only One IPX Packet Is Sent and Received (page 133)
IPXCON Counters Are Increasing (Duplicate ID or Network Number)
(page 133)
Error Messages Are Displayed (Duplicate ID or Network Number) (page
134)
(page 135)
Troubleshooting 131

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Other Router Names Are Not Displayed (page 135)

System Frequently Appears and Disappears on the LAN (page 135)
Multiple Systems on a LAN Become Unreachable Intermittently (page
138)
Connectivity Across a Point-to-Point Link Has Been Lost (page 139)
An NLSP Server on a LAN Cannot Be Accessed (page 140)
LAN Is Partitioned (page 141)
No Communication Occurs between Two Networks (page 142)
Services Are Inaccessible in the Area (page 143)
Number of Routes and Services on a System Shows Local Connectivity
Only (page 144)
Services or Routes are Fluctuating Excessively (page 145)
Heavy Network-Layer Traffic Occurs on a Point-to-Point Link (page
146)
Applications Perform Poorly (page 147)
CALLMGR Shows an IPX Circuit but IPXCON Does Not (page 149)
Single System Is Entering an Overloaded State (page 149)
Many Systems Are Entering an Overloaded State (page 149)
Connectivity Is Lost on Only One LAN (page 150)
NetWare Mobile IPX Client Loses Connectivity to the Server (page 151)
Re-establishing the Connection (page 151)
Login Times Out

The remote IPX LAN number might have a static route on the dial-in side.
Load STATICON and select Dynamically Configure Static Routing Tables to
dynamically configure local and remote routing tables. To initiate dynamic
configuration with a remote router, the call to that router must be Connected.
Press Ins to use the Make Call option to attempt to make a call to a currently
Not Connected WAN destination.

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Load Balancing over IPX Is Not Working

Add the following line to the workstation's AUTOEXEC.BAT file:
Set loadbalance local lan = on
Verify that the router is configured to use NLSP compatible with RIP/SAP. Set
maximum path splits to 8.
Only One IPX Packet Is Sent and Received

If only one IPX packet is sent and received each time the routing software
attempts to establish a connection, decrease the user data size value so that it
is equal to or less than the size used by the frame relay switch. Also, ensure
that the user data size is equal to or less than the physical receive packet size.
IPXCON Counters Are Increasing (Duplicate ID or Network Number)

The Link State Packets (LSPs) Received counter in IPXCON is
increasing (parameter path: Select NLSP Information > System
Information > Detailed NLSP System Information).
Two NetWare servers or routers have conflicting internal network
numbers and both systems are in the same NLSP area, resulting in a
duplicate NLSP system ID. A number of activities occur when this
situation exists. If router A and router B have the same system ID, both
routers attempt to assert that they own the system ID. First, router A
issues LSPs that supersede router B's LSPs and purges any LSPs of router
B that it does not have. Then, router B does the same to router A. It is
possible that this increases the amount of LSP traffic in the network
considerably, particularly if either router A or router B has many LSPs
(for example, if either router is importing many routes and services).
Change the internal network number of one of the conflicting systems, or
remove one of the systems from the network immediately. For
information about how to find the node that is causing the problem, refer
to IPX Connectivity Problems (Duplicate ID or Network Number) on
page 129.
The Sequence Number Skips counter in IPXCON is increasing on both
routers (parameter path: Select NLSP Information > System Information
> Detailed NLSP System Information).
It is normal for a system to have some sequence number skips, but the
Sequence Number Skips value should not increase after the first five
Troubleshooting 133

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
minutes of a router's operation, unless there is a duplicate NLSP system

ID.
information about how to find the node that is causing the problem, refer
to IPX Connectivity Problems (Duplicate ID or Network Number) on
page 129.
The Own LSP Purges counter in IPXCON (parameter path: Select NLSP
Information > System Information > Detailed NLSP System Information)
is increasing on both routers.
There is a duplicate NLSP system ID, and many systems have fluctuating
counts of routes and services because the services available through one
or the other router become unreachable. If one of the systems in question
can route, then all systems in the network are running the NLSP decision
process frequently.
information about how to find the malfunctioning node, refer to IPX
Connectivity Problems (Duplicate ID or Network Number) on page 129.
Error Messages Are Displayed (Duplicate ID or Network Number)

The console displays the following message:
Router name has the same internal network number of number
but a system ID of system_ID .
A duplicate internal network number has resulted in a duplicate system

ID.
The console displays the following message:
LSP graph inconsistency detected in stored LSP from system
name length number . There has been a memory corruption
or software error.
Cause 1 Errant application is corrupting the NLSP graph or LSP

database.
Contact technical support.

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Cause 2 NLSP has a software error that is either corrupting the graph
or causing the graph to be represented incorrectly.

The NLSP decision process is running frequently.
To observe this symptom, obtain access to a NetWare server or router running
NLSP in the network and enter SET ISUL DEBUG=256 at the system
console prompt. Every time the decision process runs, an entry is displayed at
the system console. If the decision process runs at least every 30 seconds,
there might be a duplicate system ID.
remove one of the systems from the network immediately. For information
about how to find the malfunctioning node, refer to IPX Connectivity
Problems (Duplicate ID or Network Number) on page 129.
Other Router Names Are Not Displayed

If other router names do not display when the DISPLAY SERVERS command
is used, the NLSP Local Area Addresses might be different. Load NIASCFG
and select Configure NIAS > Protocols and Routing > Network Interfaces >
IPX > IPX Expert Configuration option to set the IPX network number and
area mask to zeros.
System Frequently Appears and Disappears on the LAN

A system frequently appears and disappears on the LAN.
Cause 1 .System is not transmitting its packets to the Designated Router
properly.
At the Designated Router, check the Neighbor State Changes option in
IPXCON (parameter path: Select Circuits > a specific circuit > Detailed
Circuit Information) and monitor it for the circuit (LAN).
If the number is increasing but there are no new systems on the network
and systems are not being bound and unbound or restarted, then a local
connectivity problem probably exists.
Troubleshooting 135

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
After you have determined that there is a local connectivity problem,

check whether there are any systems in the Initializing state in IPXCON
(parameter path: Select NLSP Information > Neighbors). You might need
to exit and enter the Neighbors window several times over several
minutes. Also check for any systems that do not have names associated
with them. Any system without a name has not transmitted its LSP to the
Designated Router.
If you find any system that enters the Initializing state, then you have
identified a connectivity problem between that system and the Designated
Router. If you have not identified any such system, then it is still possible
for a router to lose connectivity occasionally. Select the entry in the NLSP
Neighbor table of the router that does not have connectivity (parameter
path: Select NLSP Information > Neighbors). There is an initial holding
time for the system. By default, every system sends a Hello packet on a
LAN every 15 to 20 seconds. You can see whether the Designated Router
is receiving all the Hello packets from the system by comparing the
packets sent to the packets received.
If you still cannot determine the problem with the system, and if you have
the routing software located on the LAN, then load IPXPING at the
console prompt. Set the PING send rate to zero and check to determine
whether packets are being dropped. A packet dropped every once in a
while should not cause concern; however, if more than 1 percent of the
packets are dropped, there is a problem with the router or server. The
problem could be caused by the software or hardware. To determine
whether there is a problem with the software, restart the PC. If the
problem continues, install a new interface board.
Check connectivity between the Designated Router and another system.
The Designated Router might be dropping packets or be the source of the
problem.
Cause 2 Problem with the underlying media.
Look at LAN/WAN information in MONITOR and check for errors. Errors
are specific to the media; therefore, press F1 (for online help) to see what
different errors mean. Most errors indicate that there is a problem with the
server's or router's network interface board. These errors could be caused by
the software or hardware. To determine whether there is a problem with the
software, restart the PC. If the problem continues, install a new interface
board.

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Cause 3 System misconfiguration.

By default, NLSP timers are set so that a system becomes unreachable when
three packets are dropped. Look at the system's configuration to ensure that
this setting has been used.
Cause 4 One or both of the systems are dropping packets.
Check the interface boards to determine whether packets are being dropped
because of insufficient Event Control Blocks (ECBs). Increasing the
maximum number of physical receive packets might help stop the system
from dropping packets. To reach this option load install, select NCF file
options > edit startup.ncf. Increase the maximum number of physical receive
packets to at least 1524. However, the system might be incapable of handling
the system load. In this case, increase the processor power of the system that
is dropping packets, or reduce the load on the server by either removing NLM
files or decreasing the number of users on the system. You can determine
whether the system is using too much CPU processing power by using
MONITOR and viewing utilization.
Cause 5 NLM on the server is not relinquishing control of the CPU
frequently enough.
This is a rare occurrence. To determine whether this is occurring, select
Performance in MONITOR. Look for processes that exceed many millions of
cycles per iteration. You can also determine that an NLM is malfunctioning by
removing the NLM from the server and observing whether the problem is
resolved.
Cause 6 Internal error in NLSP.
If you have exhausted all other possibilities, you should document your
system configuration, number of users, and error frequency and send a copy
of the system configuration (SYS: SYSTEM\CONFIG.TXT), including the
NLSP configuration file (usually located in \ETC\NLSP.CFG), to technical
support.
Troubleshooting 137

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Multiple Systems on a LAN Become Unreachable Intermittently

If multiple systems on a LAN become unreachable intermittently, the
Designated Router might be the source of the problem.
Cause 1 Designated Router does not have enough system memory to
represent the LAN.
To determine whether this is the case, you can check whether the Designated
Router is overloaded when the problem occurs or whether it has been
overloaded in the past. Check the Level 1 Data Base Overloads statistic in
IPXCON (parameter path: Select NLSP Information > System Information >
Detailed NLSP System Information). If the Designated Router does not have
sufficient memory to represent the LAN, then the LAN loses connectivity as
new systems are added. You must then select another system on the network
to become the Designated Router by increasing its priority in NIASCFG and
issuing the REINITIALIZE SYSTEM command. In addition, you must add
memory to the system that was overloaded. You might also want to check
whether other systems in the network are overloaded. Refer to Many Systems
Are Entering an Overloaded State.
Cause 2 Designated Router or some other system on the LAN is causing the
network outage. Another system can cause this problem by electing itself as
the Designated Router on the LAN.
A single malfunctioning system on a LAN might be causing all systems on the
LAN to become unreachable intermittently. Using IPXCON, check the
Designated Router Changes counter for all systems on the LAN (parameter
path: Select Circuits > a specific circuit > Detailed Circuit Information). If a
single system has a large value displayed in the Designated Router Changes
counter, the system probably has connectivity problems with other systems on
the LAN. Check whether the counter increases over time. If the Designated
Router is not being restarted or unbound from a LAN, the counter should not
increase. If the Designated Router Changes counters of all systems on the
LAN are increasing, the system that should be the Designated Router probably
has a connectivity problem. To determine whether the problem is particular to
the system or to the network itself, remove the system from the LAN or
decrease its Designated Router priority.
Cause 3 Two systems are contending to be the Designated Router for the
LAN.
In this case, the Own LSP Purges counter increases (parameter path: Select
NLSP Information > System Information > Detailed NLSP System

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Information). However, unless you are using ARCnet* or some other media
that does not have IEEE addresses, only one system has the highest priority on
the LAN (the MAC address is used as a tie breaker and IEEE addresses are
unique). If necessary, change the priority on one of the contending routers.
Connectivity Across a Point-to-Point Link Has Been Lost

You cannot bring up an IPX point-to-point link, but IP is working.
Cause 1 System on the other end of the link does not support IPXWAN, or
IPXWAN is not supported over the media that you use.
Contact the router manufacturer to verify that its product supports IPXWAN.
Cause 2 Link has excessive errors.
Cause 3 One of the IPXWAN implementations has an error.
Load MONITOR and view LAN/WAN Information under a specific NIC or
LAN adapter. Determine whether the link has excessive errors by viewing
discrepancies in packet error counts.
Issue the SET ISLL DEBUG=ON command and capture the IPXWAN
exchanges. Contact the manufacturer of the router that appears to be in
violation of the IPXWAN specification.
Cause 4 Link has excessive errors.
Load MONITOR and view LAN/WAN Information under a specific NIC or
LAN adapter. Determine whether the link has excessive errors by viewing
discrepancies in packet error counts.
Cause 5 Timers are misconfigured, causing the link to drop packets.
(Typically, the defaults are used for PPP.)
Check in MONITOR under Driver Statistics to determine whether this is the
cause. Set the timers so that the values match those set on the remote node.
Cause 6 System is limited by the amount of memory or by the capacity of
the CPU or bus.
Load MONITOR and view memory utilization to determine if the capacity of
the CPU or memory is limiting the function.
Cause 7 Link itself is corrupting data.
Troubleshooting 139

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If the link is corrupting data, the corrupt LSPs statistic increases. To check
this, load IPXCON (parameter path: Select NLSP Information > System
Information > Detailed NLSP System Information). Even a single corrupt LSP
indicates a serious problem because LSPs are transmitted infrequently. Note
that this counter is a global counter and it is possible that some other media is
corrupting the data link.
An NLSP Server on a LAN Cannot Be Accessed

You cannot access a server on the LAN.
Cause 1 Area address is set to the wrong value.
In this case, the number of destinations (known networks and services)
implies local connectivity only. Also, the Initialization Failures statistic in
IPXCON increases (parameter path: Select Circuits > Detailed Circuit
Information). If you have configured area addresses, make sure that all
systems that should be in communication have the same area addresses.
It is acceptable for systems to have different addresses, if that is the
desired configuration.
Cause 2 RIP is not enabled.
If you are running multiple areas on a LAN and are using RIP to
interconnect the systems, verify that RIP is enabled on those servers that
are interconnecting areas. Load NIASCFG and select Configure NIAS >
Protocol and Routing > Bindings > IPX Binding > Expert Bind Options
> RIP Bind Options > RIP State. If the RIP State is set to Auto in
NIASCFG, there is a small chance that RIP will fail. To avoid having RIP
fail, set RIP State to On.
Cause 3 Hub or bridge has failed.
Use IPXPING to check whether there is data-link connectivity.
Cause 4 LAN board driver does not support multicast, even though the
driver's documentation claims that it does.
Use a driver that supports multicast or set the MAC Channel option to
Broadcast (parameter path: Select Bindings > a specific binding > Expert
Bind Options > NLSP Bind Options).
Cause 5 LAN board has failed. This system does not see other systems
on a LAN, or it does not have any adjacencies in the Up state. However,
it declares itself as being attached to the LAN.

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
In IPXCON, look for a system that is in the Initializing state. If a system

on the LAN appears in the Initializing state on all other systems but has
no neighbors itself, then the system can send but not receive. Check that
system, particularly if it is the Designated Router. Use IPXPING to help
determine the actual source of the problem. An interface board with a
conflicting interrupt is a common source of this problem.
Cause 6 System is declaring itself the owner of the LAN, even though
it is not the owner.
Reinitialize the system.
Cause 7 LAN has become partitioned temporarily during normal
NLSP operation. This should occur only during an NLSP system's
startup, and the error should be corrected within a few minutes.
Verify that the condition does not persist. If it does, check for a hardware
problem or an NLSP software incompatibility with other systems.
Clients running UnixWare software, OS/2 Named Pipes, and NetWare/
IPTM software have problems with connectivity.
The systems are not properly configured. Refer to Chapter 1,
Understanding, on page 11 and Chapter 3, Setting Up, on page 51 for
information about the solution.
LAN Is Partitioned
A LAN is partitioned when there are duplicate LANs or one of the LANs is
declared unreachable in IPXCON (parameter path: Select NLSP Information
> LANs).
Cause 1 A hub or bridge has failed.
Use IPXPING to check whether there is data-link connectivity.
Cause 2 LAN board has failed. This system does not see other systems on
a LAN, or it does not have any adjacencies in the Up state. However, it
declares itself as being attached to the LAN.
In IPXCON, look for a system that is in the Initializing state (parameter path:
Select NLSP Information > Neighbors). If a system on the LAN appears in the
Initializing state on all other systems but has no neighbors itself, then the
system can send but not receive. Check that system, particularly if it is the
Designated Router. Use IPXPING to help determine the actual source of the
problem.
Troubleshooting 141

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Cause 3 System is declaring itself the owner of the LAN, even though it is
not the owner.
Reinitialize the system.
Cause 4 LAN has become partitioned temporarily during normal NLSP
operation. This should occur only during an NLSP system's startup, and the
error should be corrected within a few minutes.
Verify that the condition does not persist. If it does, check for a hardware
problem or for NLSP software incompatibility with other systems.
No Communication Occurs between Two Networks

Connectivity is lost because a router is missing required routes. This
router's table is not consistent with the routing tables of other routers.
The router has not converged because it is configured for multicast and
the driver does not support multicast, even though the driver's
documentation claims that it does. Set the MAC Channel option to
Broadcast (parameter path: Select Bindings > a specific binding > Expert
Bind Options > NLSP Bind Options).
A workstation cannot communicate with a server on a different
connecting LAN, but other systems on the LAN can communicate.
Cause 1 Physical problem on the workstation (for example, a broken
LAN card).
Replace the malfunctioning hardware.
Cause 2 Packet filter that is discarding the system's packets has been
implemented somewhere in the network.
Check each intervening router and correct the filter configurations.
A server cannot communicate with another server on a different
connecting LAN, but other systems on the LAN can communicate.
Cause 1 Server is misconfigured.
Correct the server's configuration and make sure that it has connectivity
by verifying that it has the routes and services typical for your network.
Cause 2 Connectivity exists, but it is so poor that the transports above
IPX cannot maintain connectivity.
Set up an IPXPING test between the two systems. If the rate of dropped
packets is high, the connectivity problem is probably caused by a

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
malfunctioning link between the two networks. To determine which link

has the problem, refer to Applications Perform Poorly on page 147.
Cause 3 There is a duplicate network number. This can cause a
duplicate system ID, provided that both systems are in the same area and
the duplicate network numbers are two internal network numbers on two
NetWare implementations of NLSP. The console probably displays the
following message:
System server_name with internal network number number
has my system ID in it.

Cause 4 Packet filtering has been implemented on a router. This can
cause symptoms similar to those caused by duplicate network numbers
(for example, network A might be visible from network B, but network B
is not visible from network A).
If communication does not occur within an NLSP area, it is usually easy
to determine whether the network fault is caused by packet filtering or a
duplicate network number. Use IPXCON to view duplicate LAN network
numbers (parameter path: Select NLSP Information > LANs). If your
system does not have a matching network number, use FILTCFG to
remove the packet filtering.
Services Are Inaccessible in the Area

Services are inaccessible in the area.
Cause 1 Services are being blocked by filters.
Examine the IPXCON Services option of each router in the path to isolate the
router that is filtering the services.
Cause 2 Network connectivity problems.
Check that the network to which the service is attached exists. If the network
does not exit, look for link connectivity in the path between the area in the
network that is missing the network number and the area that is generating the
service.
Troubleshooting 143

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Cause 3 Service name conflict. This occurs when you have the same
service name and the same type (for example, file server). If the service is a
file service, then the user logging in might not have appropriate rights and,
consequently, the login is rejected.
Use the Services option in IPXCON to verify that the service has the
appropriate network number.
If the service and network numbers are both visible, refer to No
Communication Occurs between Two Networks on page 142.
Cause 4 Under rare circumstances, the server from which you are logging
in has insufficient space to store the service in the bindery.
Increase the disk space on the file server.
Cause 5 If there are many services, a third-party router might be unable to
transmit the entire SAP table before the next periodic update. A third-party
router can start transmitting the services again from the beginning of the table,
instead of completing the current update.
Number of Routes and Services on a System Shows Local

Connectivity Only
The number of routes and services on a system shows that there is local
connectivity only.
Cause 1 If the network to which the system is attached is an NLSP- only
network, and if the system is not configured for RIP mode only, then the
system might not receive RIP updates. If the following message is displayed
at the system console, there is a RIP mode misconfiguration and the two
routers cannot communicate:
Router server_name
claims network number
is really number
Turn on the tracking screens and check to determine whether there are any
RIP and SAP updates being sent to the server. If there are, it is possible
that you need RIP on the network but that you have set the RIP State
option to Off. You can check this by loading IPXCON (parameter path:
Select Circuits > select a circuit name). Check the RIP information to see
whether you have accidentally set RIP State to Off.
If you should be receiving RIP on the network but are not, it is possible
that the other routers on the network have been configured with RIP State

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
set to Off. If this is the case, and if you want to run RIP between the
servers, then set RIP State to On.
Cause 2 Two NLSP systems are configured with different area addresses.
In this case, the Initialization Failures counter in IPXCON should be
increasing (parameter path: Select Circuits > Detailed Circuit Information).
If you are on an area boundary and you are using RIP as the interarea protocol,
configure RIP on both systems on the interface through which they are
communicating.
Cause 3 One of the routers has the RIP State option set to Auto. If you
intended to use RIP for interarea routing on the network, this condition is
potentially serious. If the two NLSP routers are in communication with each
other, they continue to run RIP. However, if they are connected together with
a bridge or hub and that hardware fails and is brought up again sometime later,
NLSP does not detect the condition and RIP does not turn on again.
If you are running RIP and SAP on the network and the routes and services
fluctuate, refer to Services or Routes are Fluctuating Excessively.
Services or Routes are Fluctuating Excessively

The number of routes and services are fluctuating excessively. Some
fluctuation is normal in a large network. Change is occurring constantly as
systems are brought down for maintenance and other reasons. However,
hundreds of routes and services appearing and disappearing indicates a
network error. All the following problems are solved with the same procedure:
Cause 1 Misconfiguration with RIP and SAP.
Cause 2 Problem with a link.
Cause 3 Error in NLSP.
Cause 4 Two systems are competing for a system ID.
Cause 5 LAN is generating errors.
First try to determine which systems are affected. It might be helpful to
determine which services are appearing and disappearing and to trace the
paths backward to their location. If many services are appearing and
disappearing, it might work better to find the set of affected systems. In
either case, you should be able to determine the boundary routers.
Troubleshooting 145

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
In NLSP, this determination is easy to make. Simply look at an affected

system's neighbors to see whether they have the problem, too. Examine
each system as you move outward. If just a single NLSP system is
experiencing the problem, then the cause is probably a local connectivity
problem. Check the system for neighbor state changes and disappearing
services.
Try to determine whether the problem has a boundary. If you see a system
in which one set of routers or services is disappearing and see an adjacent
system in which a different set of routers or services is disappearing, you
probably have found the boundary. Check to determine whether any of
these systems has problems with its neighbors, has fluctuating links, or
has a duplicate system ID.
If you find that the problem is isolated to a LAN, then follow the
procedures described under Multiple Systems on a LAN Become
Unreachable Intermittently on page 138. You might find that one system
that is supplying routing information to the network is losing its
neighbors, particularly the Designated Router. This system is probably
the source of the problem.
If you find that the problem is caused by some interaction with RIP and
SAP, check all systems for consistency on the LAN regarding the
following configurable RIP and SAP parameters in NIASCFG: Packet
Size Override, Periodic Update Interval, and Aging Interval Multiplier
(parameter path: Select Bindings > a specific interface > Expert Bind
Options > RIP (or SAP) Bind Options).
You should never let a periodic multiplier be less than 4. Because of timer
skew, this means that after three packets containing the same route are
dropped, the system loses this route. If any of the previously listed RIP
and SAP parameters are different, you must reconfigure the values. Better
still, use the default values, especially on LANs. Using different values
for the timers is too risky to justify the savings on a LAN.
Heavy Network-Layer Traffic Occurs on a Point-to-Point Link

There is heavy Network-layer traffic on a point-to-point link and you are
using RIP and SAP.
Migrate to NLSP.
There is heavy Network-layer traffic on a point-to-point link and you are
using NLSP.

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Cause 1 Network-layer packets are being retransmitted because there

is a software error or because two important timers are misconfigured in
NIASCFG. The important timers are the Minimum Non-Broadcast LSP
Transmission Interval timer (which indicates the amount of time before
an LSP is retransmitted when there is no acknowledging Partial Sequence
Number Packet [PSNP]) and the Partial SNP Interval timer (parameter
path: Select Configure NIAS > Protocols and Routing > Protocols >
Expert Configuration Options > NLSP Convergence Rate Configuration).
The latter timer should be set to a value much smaller than the value set
for the former timer because it acknowledges LSPs; if it is set too high,
the LSP transmitter responds as if the LSP is lost and retransmits the LSP.
If the problem persists after you reconfigure the timers, call technical
support.
Cause 2 Many changes are occurring in your network because there is
too much RIP activity in your network.
Migrate more of your network to NLSP.
Cause 3 Some systems are sending too many updates.
If possible, migrate more of your network to NLSP.
If you cannot migrate more of your network to NLSP, find the
boundary routers (those that are importing RIP) by looking at the
NLSP LANs window. Increase the Maximum LSP Generation
Interval option on these systems.
Applications Perform Poorly

You are experiencing poor application performance on systems in your
network.
Cause 1 Suboptimal path has been selected by NLSP.
Check the end-to-end path of the connection and make sure that the links
that you thought would be chosen are being used to forward data. In an
NLSP area, look at the Potential Paths window by loading IPXCON
(parameter path: Select Forwarding > a specific destination). Outside an
NLSP area, perform the procedure described in IPX Connectivity
Problems (Duplicate ID or Network Number) on page 129.
If you find an incorrect path caused by RIP, then you can increase the RIP
cost by manually changing the cost of the RIP link. Refer to "Configuring
RIP and SAP" for information about how to do this.
Troubleshooting 147

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Cause 2 Application relies on ticks to retransmit its packets. This should

not happen with the routing software, but it is possible that some other
manufacturer's router does not comply with the ticks value.
If this is the case, increase the cost of the routing software to match the value
of the router in question. This procedure should not affect other paths much,
but it should help to stop the application from retransmitting packets.
Cause 3 Router is in an NLSP area and you have routers with load sharing
enabled. This causes the application to retransmit packets needlessly.
If this is the case, turn off load sharing to see whether the situation improves.
Cause 4 Link speed is too slow. You might be choosing the optimal path,
but throughput is still not adequate.
If you have a Novell router and the protocol is windowed, you might want
to enable the IPX Header Compression option or experiment with PPP
data compression, if it is being used. However, the application might
require more bandwidth than you have available.
Make sure that the problem is not caused by latency. Compression adds
latency, which can slow down protocols that do not have windowing, such
as the Sequenced Packet ExchangeTM (SPXTM ) protocol. Also, older
versions of the NetWare shells do not have windowing. If you experiment
with the Packet BurstTM protocol, you might be able to reduce latency and
increase throughput.
If this is an X.25 problem, you might be able to remove some of the
latency by increasing the X.25 window size, the physical frame size, or
both.
If the previous suggestions do not work, change the type of line that you
have. Some kinds of frame relay lines have relatively low latency, as do
leased lines. X.25 and other WAN technologies sometimes have high
latency. If an X.25 problem exists, you can remove some of the latency
by increasing the X.25 window size, the physical frame size, or both.
Over slow PPP lines, increasing the frame size continually can hurt
performance. Because this can cause packets to be retransmitted, it can
take a long time to transmit a single frame across the link.
Cause 5 Malfunctioning routers in the end-to-end path or a link that is
causing problems in the end-to-end path.
Determine the routers in the end-to-end path and check each router and link
for abnormal behavior.

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Cause 6 Load sharing is enabled between dissimilar paths.

Verify that the two paths have comparable media and data rates.
CALLMGR Shows an IPX Circuit but IPXCON Does Not

CALLMGR shows an IPX circuit but IPXCON does not.
IPXCON does not show a circuit until after IPXWAN has completed
negotiation.
Check the link for errors, and make sure that both sides of the IPX link are
implementing IPXWAN properly.
Single System Is Entering an Overloaded State
A single system is in an overloaded state.

Cause 1 System is running out of memory.
Cause 2 Another system is experiencing database overload. It is possible
that another system in an overloaded state is causing your system to go into an
overloaded state.
On each suspect system, use MONITOR to check whether the Alloc Memory
Pool is set too low. If the value is too low, increase the value set for the Alloc
Memory Pool or remove some applications.
Cause 3 Transient condition on that router.
If the problem persists, the system is running out of memory. If the value is
too low, increase the value set for the Alloc Memory Pool or remove some
applications.
Many Systems Are Entering an Overloaded State

Many systems are entering an overloaded state.
Cause 1 Systems are being overrun with routing information. Possibly the
number of systems in the NLSP area has exceeded the number you originally
intended.
Using IPXCON, look at the number of routers in the area (parameter path:
Select NLSP Information > Routers). Add this number to the number of LANs
in the area. This sum is a good indicator of the amount of memory that is
Troubleshooting 149

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
required by an NLSP area. We recommend that you do not exceed 400 LANs
and routers (total) in any single NLSP area. It is also possible that two areas
have merged when they should not have. Determine whether routers are in the
area that should not be there. Prevent the areas from merging or use area
addresses.
Cause 2 Backbone has been imported multiple times into the NLSP area.
NLSP is careful about the way that it imports external routes and services into
the NLSP network. For example, only the Designated Router on a LAN
imports information. Usually, if two NLSP systems are connected to the same
RIP backbone but they are on different LANs, a conflict does not occur. If RIP
reports two different routes to the same location, only the RIP route with the
shortest hop count is imported into the NLSP network. However, it might be
that most of the backbone is imported more than once. This can occur if there
is more than one equal cost path from the NLSP network to the RIP network.
To determine whether most of the backbone has been imported more than
once, look carefully at all routers that are importing RIP.
Using IPXCON, find the systems that are importing RIP into the NLSP area,
then determine whether RIP Active is displayed for the LAN (parameter path:
Select NLSP Information > LANs). Find the Designated Router in each LAN.
Look at the Forwarding table of each Designated Router. If more than one
Designated Router is on the LAN, this is probably because you have turned
off NLSP on the routers. In this case, you must run NLSP between the routers
to reduce the amount of imported information on each LAN.
Connectivity Is Lost on Only One LAN

Connectivity is not possible on a single LAN, but it is possible on other LANs.
This almost certainly indicates a duplicate network number. Refer to No
Communication Occurs between Two Networks on page 142 for the solution.
Usually, the network number that is the duplicate does not have the
connectivity.
NetWare Mobile IPX Client Loses Connectivity to the Server

The NetWare Mobile IPX client loses connectivity to the server.
If you lose connectivity before you start an operation, you will see messages
such as Access Denied , or it might look as if access is not available on
your network drives. If you lose connectivity after you start an operation, you
will receive a DOS critical error message that asks you whether you want the

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
operation to abort, retry, or fail. The method of reestablishing the connection

depends on whether you lose connectivity before or after you start an
operation. This method is the same for each of the following causes.
Cause 1 The NetWare Mobile IPX client was out of range of wireless
coverage for too long.
Return the client to the range of wireless coverage and reestablish the
connection as explained in Re-establishing the Connection on page 151.
Cause 2 The driver used with NetWare Mobile IPX is not Network Event
Service Layer (NESL) aware, so IPX is not sent the receive notification of
data-link events.
Use only NESL-aware drivers. Reestablish the connection as explained in
Re-establishing the Connection on page 151.
Cause 3 The wireless board was removed when a process was running in
the background or the board was not correctly plugged in. This can happen
when you swap boards.
Simply reinsert the wireless or Personal Computer Memory Card International
Association (PCMCIA) board. Reestablish the connection as explained in
Re-establishing the Connection on page 151.
Cause 4 The PCMCIA board was swapped when the portable was in a lowpower state. This tends to confuse the card and socket services, and events are
not sent to the drivers. This invariably causes computer lockup.
Do not swap the PCMCIA board when the portable is in a low-power state.
Reestablish the connection as explained in Re-establishing the Connection
on page 151.
Re-establishing the Connection
If you lose connectivity before you start an operation, you can usually
reestablish a connection by selecting Open/Save. If the HR Time To Live
timer has expired, selecting Open/Save will not reestablish the connection and
you must log in again.
If you lose connectivity after you start an operation, reestablish your
connection as follows:
In the Windows environment, you are asked to either retry or cancel the
current operation. Selecting Cancel terminates the connection to the
server you were accessing, and you must log in again to reestablish a
Troubleshooting 151

103-000176-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
connection. If you want the operation to be completed, you must select

the Retry option when you return to the network. In the meantime, the
system is unusable. If the HR Time To Live timer has expired, selecting
Retry will not reestablish the connection and you must log in again.
In the DOS environment, you have three options: Abort, Retry, or Fail.
Abort and Fail both terminate the connection to the server you were
accessing, and you must log in again to reestablish a connection. If you
want the operation to be completed, you must select the Retry option
when you return to the network. In the meantime, the system is unusable.
If the HR Time To Live timer has expired, selecting Retry will not
reestablish the connection, and you must log in again.

103-000176-001
August 29, 2001
Novell Confidential
Filter Configuration
Novell
NetWare 6
www.novell.com
F I LT E R C O N F I G U R AT I O N
August 29, 2001

Novell Confidential
Manual
99a
July 17, 2001
38
Contents
About This Guide
Understanding
The Use of Filters . . . . . . . . . . . . . . . . .

Packet Forwarding Filters . . . . . . . . . . . . .
Service Information Filters . . . . . . . . . . . . .
Routing Information Filters . . . . . . . . . . . . .
Outgoing Routing Information Filters. . . . . . . .
Incoming Routing Information Filters. . . . . . . .
IPX Filtering . . . . . . . . . . . . . . . . . . . .
IPX SAP Filters. . . . . . . . . . . . . . . . . . .
IPX RIP Filters . . . . . . . . . . . . . . . . . . .
IPX NetBIOS and Packet Forwarding Filters. . . .
TCP/IP Filtering . . . . . . . . . . . . . . . . . .
IP Routing Information Filters . . . . . . . . . . .
IP Incoming Filters . . . . . . . . . . . . . . .
IP Outgoing Filters . . . . . . . . . . . . . . .
IP Packet Forwarding Filters . . . . . . . . . . . .
AppleTalk Filtering . . . . . . . . . . . . . . . . .
AppleTalk Device Hiding Filters . . . . . . . . . .
AppleTalk Routing Information Filters . . . . . . .
AppleTalk Outgoing Route Filters . . . . . . .
AppleTalk Incoming Route Filters . . . . . . .
AppleTalk Routing Information Filters over AURP .
Source Route Bridge Filtering . . . . . . . . . . .
Protocol ID Filters. . . . . . . . . . . . . . . .
Ring Number Filters . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Planning
. 9
10
11
11
12
13
14
14
15
16
16
17
17
17
18
19
19
20
21
22
23
23
23
23
25
Configuration Decisions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Setting Up
How to Run FILTCFG . . . . . . . .
How to Save Filters to a Text File . .
Configuring IPX Filters . . . . . . . .
How to Configure IPX SAP Filters
IPX SAP Filter Example . . . . .
27
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Contents
103-000178-001
August 29, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
27
29
29
30
33
Manual
How to Configure IPX RIP Filtering . . . . . . . . . . .

IPX RIP Filter Example . . . . . . . . . . . . . . . . .
IPX NetBIOS and Packet Forwarding Filters . . . . . .
Configuring IPX Packet Forwarding . . . . . . . . . . .
IPX Packet Forwarding Filter Example . . . . . . . . .
Configuring TCP/IP Filters. . . . . . . . . . . . . . . . . .
How to Configure IP Routing Information Filters. . . . .
How to Configure EGP Filters . . . . . . . . . . . . . .
How to Configure OSPF External Route Filters . . . . .
IP Routing Information Filter Example . . . . . . . . . .
IP Packet Forwarding Filters . . . . . . . . . . . . . . .
Configuring AppleTalk Filters . . . . . . . . . . . . . . . .
How to Configure AppleTalk Device Hiding Filtering . .
Example AppleTalk Device Hiding Filter . . . . . . . . .
How to Configure AppleTalk Route Filtering . . . . . . .
AppleTalk Outgoing Routing Information Filter Example
Configuring Source Route Bridge Filters . . . . . . . . . .
Configuring Protocol ID Filters . . . . . . . . . . . . . .
Configuring Ring Number Filters. . . . . . . . . . . . .
103-000178-001
August 29, 2001
Novell Confidential
99a
July 17, 2001
38
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
34
37
39
39
43
46
47
49
52
53
55
60
61
65
66
68
70
70
71
Manual
99a
38
July 17, 2001
About This Guide

This guide provides the information you need to configure and manage
Novell Internet Access Server 4.1 filters.
About This Guide
103-000178-001
August 29, 2001
Novell Confidential
Manual
103-000178-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
Understanding
This chapter describes the Filter Configuration utility (FILTCFG) that you use
to configure filters that selectively discard packets to be sent or received by a
router. Filters let you control the service and route information that is accepted
or advertised by a router.
Filters can be useful when you want to limit specific kinds of traffic to certain
parts of your network topology, or when you want to provide a certain level
of security.
The Use of Filters

The Novell Internet Access Server 4.1 routing software supports filtering to
control the service and route information that is accepted or advertised by a
router. Filters are useful when you want to limit specific types of traffic to
certain parts of your network and when you want to provide a certain level of
security. You use FILTCFG to configure the filters for the Internetwork
Packet ExchangeTM (IPXTM) protocol, IP, AppleTalk*, and the source route
bridge to selectively discard packets sent or received by a router. The
following types of filters are supported:
Packet forwarding Prevents selected data packets from being
forwarded by the router. Packet forwarding filtering is available for IPX
and TCP/IP.
Service information Limits the services added to the service
information (SAP) tables of specified routers. Service information
filtering is available for IPX and AppleTalk.
Routing information Limits the routes added to the routing tables of
specified routers. Routing information (RIP) filtering is available for IPX,
AppleTalk, and TCP/IP.
Understanding
103-000178-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
OSPF Controls the propagation of routing information from non-OSPF

domains (RIP, EGP, and so on) to the OSPF domain.
EGP Defines the routes that a router can share with other EGP peers.
Protocol ID and ring number Filters packets of certain protocol types
received by the bridge (Protocol ID filter), and filters packets received
from specific rings on a token ring network (ring number filter). Both
types of filters are only available for source route bridge.
Table 1 lists the protocol suites and the filter types that you can configure for
each with FILTCFG.
Table 1
Filter Types and Protocol Suites
Protocol Suite
Packet Forwarding
Filters
Service Filters
Route Filters
IPX
AppleTalk
TCP/IP
Bridge Filters
Bridging
Packet Forwarding Filters

Packet forwarding filters limit access to specific services by preventing
selected data packets from being forwarded by the router. These filters provide
the highest level of security because they examine each data packet forwarded
by the router. The filtering is based on the following packet characteristics:
Source interface
Destination interface
Source address
Destination address
Content
Packet forwarding filters do not restrict service advertisement packets sent by
servers. Therefore, restricted users might see advertisements of services even
when they cannot access the service.
10
103-000178-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Although packet forwarding filters provide the highest level of security, they
might affect the performance of the router because the filters are applied to
each data packet received by the router.
Packet forwarding filters are available for IPX and TCP/IP protocols.
Service Information Filters

Service information filters restrict the advertisement or acceptance of
specified services by filtering out information in the data packets that
advertise the services destined for particular parts of the network. These filters
increase security by limiting the visibility of selected services. However,
service information filters provide a lower level of network security than
packet forwarding filters because they only monitor service information
packets. They also reduce the network traffic caused by periodic service
information messages sent by routers.
Service information filters are available for IPX (as outgoing and incoming
SAP filters) and AppleTalk (as device hiding filters).
Routing Information Filters

Routing information filters restrict the exchange of routing information
between routers by limiting the routes added to the routing tables of specified
routers. These filters increase network security by limiting the visibility of
specified networks. However, like service information filters, routing
information filters provide a low level of network security because they only
monitor routing information packets. They also reduce the network traffic
caused by the periodic exchange of routing information messages between
routers.
Routing information filters are available for IPX, AppleTalk, and TCP/IP.
There are two types of routing information filters:
Outgoing routing information filters, which limit the route
advertisements sent out by a router to a specified set of routers
Incoming routing information filters, which limit the acceptance of route
advertisements received by the router from its neighboring routers
For more information about routing information filters, refer to
Outgoing Routing Information Filters on page 12
Incoming Routing Information Filters on page 13
Understanding
103-000178-001
August 29, 2001
Novell Confidential
11
Manual
99a
38
July 17, 2001
Outgoing Routing Information Filters

Outgoing routing information filters limit routing information advertised by a
router to its neighboring routers. When these filters are enabled on a router,
only the allowed routes are advertised to each neighboring router. This hides
specified routes from some routers and from certain parts of the network.
A typical outgoing routing information filter consists of the route to the
destination network and the interface through which filtered advertisements of
the route are sent. The filters affect all routers on the network to which this
interface connects.
Outgoing routing information filters might not affect whether the end stations
that are on the same LAN segment as the filtering router can access the filtered
routes. Because these filters only keep from advertising filtered routes to other
routers but do not affect the filtering router's routing table, the filtering router
delivers all packets that it receives as destined for filtered routes.
End stations at least one router away usually cannot access networks with
routes that are filtered out.
In addition to being able to filter by interface, you can also filter on a WAN
circuit. You can assign filters with specific circuit information, including
remote system ID, remote DTE address, and DLCI number. If the specific
router is connected by the specified circuit information in the filter, then the
filter is applied. Filtering on circuits is supported for X.25, ATM, frame relay,
and PPP.
Figure 1 on page 13 shows two networks; the route for one network has been
filtered.
12
103-000178-001
August 29, 2001
Novell Confidential
Manual
Figure 1
99a
38
July 17, 2001
Outgoing RIP Filters
End Station
E1
Filtering
Router R1
End Station
E2
Filtering
Router R2
(filtered)
Network 1
Network 3
Network 4
Network 2
The route to Network 1 is filtered out in Router R1's advertisement to Network

3. If End Station E2 sends a packet to Network 1, Router R2 drops that packet
because it does not have a route. If End Station E1 sends a packet to Network
1, Router R1 forwards it because it does have a route. End Station E1 can send
a packet to Network 1 only if it has a route to that network. End station E2 can
see only Networks 2, 3, and 4. End station E1 can see both Networks 1 and 2.
When IPX is used, route information filters affect both clients and routers. A
client will make a route request that passes through the same filters as for the
routinely transmitted route information. However, if a client is attached
locally to a router that is performing outbound route information filtering and
the client is using software that can use static routing, the client can send
packets to Network 1 through Router R1 because R1 knows about Network 1
in its routing tables. If only standard IPX route lookups are done (true for a
majority of sites), a path to the filtered networks is not possible.
Incoming Routing Information Filters

Incoming routing information filters limit the routing information accepted by
a router from its neighboring routers.
When incoming routing information filters are enabled on a router, the router
accepts only the allowed routes from each neighboring router, thereby hiding
specified routes from some routers and from certain parts of the network.
However, incoming routing information filters cannot be used to filter out
directly connected networks.
Understanding
103-000178-001
August 29, 2001
Novell Confidential
13
Manual
99a
38
July 17, 2001
A typical incoming routing information filter consists of the destination

network of the route and the interface through which advertisements of the
route are expected to be received.
Incoming routing information filters keep the filtering router from adding
certain routes to its routing table when it receives the information from its
neighbors. The filtering router cannot forward a packet to a filtered route even
if it receives a packet destined for it. In this way, incoming routing information
filters provide a higher level of security than that provided by outgoing routing
information filters.
IPX Filtering
IPX supports the following types of filters:
Outgoing SAP filters
Incoming SAP filters
Outgoing RIP filters
Incoming RIP filters
NetBIOS filters
For more information about IPX filtering, refer to
IPX SAP Filters on page 14
IPX RIP Filters on page 15
IPX NetBIOS and Packet Forwarding Filters on page 16
IPX SAP Filters

Servers and routers on an IPX network exchange information about the name,
type, and location of the various service providers on the internetwork by way
of SAP packets. This information is distributed to users through SAP packets.
By limiting the propagation of this information, SAP filters provide limited
security at the servers and reduce the bandwidth required by the SAP
exchanges.
14
103-000178-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
There are two types of service information filters:

Outgoing SAP filters (service advertisement filters)
Outgoing SAP filters restrict the propagation of the SAP information that
is known to the router. An outgoing SAP filter specifies the service
provider and the potential recipient of the information. The service
provider is defined by a service name and service type. The recipient is
defined as an outbound interface or interface group. The filter is applied
to all servers, users, and routers that would receive the SAP information
through the interface. In large NetWare internetworks, outbound SAP
filtering can save valuable WAN bandwidth, although the NetWare Link
Services ProtocolTM (NLSPTM) protocol might offer greater bandwidth
savings.
Incoming SAP filters (service acceptance filters)
Incoming SAP filters let the router discard information about a particular
service provider. The filtered SAP information is not recorded in the local
SAP information table or propagated to other routers or servers. The SAP
filter includes the service name and service type. An incoming SAP filter
can also specify the source of the SAP information to be filtered. The
source identifies the interface from which the SAP information was
received.
NOTE: SAP filters work only on routers running the RIP and SAP protocols. They
do not work on routers running the NLSP protocol. For filtering to work, either
IPXRTR must be configured for RIP/SAP only, or the bind options on selected
interfaces must be set up to read RIP=Yes , SAP=Yes , and NLSP=No .
IPX RIP Filters

Routers on an IPX network exchange routing information through RIP
packets. By limiting the propagation of this information, RIP filters provide
limited security to IPX networks, reduce the bandwidth required for RIP
updates, and reduce the memory requirements for routing tables.
There are two types of IPX RIP filters:
Outgoing RIP filters
Outgoing RIP filters restrict the propagation of routing information by the
router. An outgoing RIP filter specifies the network to be filtered and the
interface or interface group to which the filter should be applied. The
filter is applied to all servers, users, and routers that receive the RIP
information through that interface or interface group.
Understanding
103-000178-001
August 29, 2001
Novell Confidential
15
Manual
99a
38
July 17, 2001
Incoming RIP filters

Incoming RIP filters let the router discard information about a particular
network. The filtered network is not recorded in the local forwarding
table and cannot be propagated to other routers, servers, or users. The
filter includes the network and the source of the route. The source
identifies the interface or interface group from which the routing
information was received. This is the most effective route filter for
improving security.
WARNING: RIP filters work only on routers running the RIP protocol. They do not
work for routers running the NLSP protocol. Use RIP filters with care because they
can partition a physical network into two or more segments.
IPX NetBIOS and Packet Forwarding Filters

NetBIOS filters allow the router to forward NetBIOS broadcast packets only
on selected interfaces.
IPX packet forwarding filters allow the router to filter a packet based on the
source and destination interface fields, the packet type, and the source and
destination address type. The interface can be specified as an interface or
interface type, and address types can be specified as any address, network, or
node. Some services can be identified by the presence of expected values in
the Packet Type and/or Destination Socket fields.
NOTE: IPX NetBIOS and packet forwarding filters work while using either NLSP or
RIP/SAP routing modes.
TCP/IP Filtering
The TCP/IP protocol supports the following types of filters:
IP outgoing route filters
IP incoming route filters
Outgoing EGP filters
Incoming EGP filters
OSPF external route filters
Packet forwarding filters
For more information about TCP/IP filtering, refer to
IP Routing Information Filters on page 17
IP Packet Forwarding Filters on page 18
16
103-000178-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
IP Routing Information Filters

IP routing information filters let the router restrict the routes that it accepts
from neighbors (incoming filters) and limit the advertised routes (outgoing
filters). The router can use RIP, Open Shortest Path First (OSPF), or Exterior
Gateway Protocol (EGP) to exchange routing information with other
neighboring routers, as follows:
RIP filters control the propagation of routing information and hide the
existence of specific IP networks from other routers.
OSPF filters control the propagation of routing information from nonOSPF domains (RIP, EGP, and so on) to the OSPF domain.
EGP filters define the routes a router can share with other EGP peers.
IP Incoming Filters
IP incoming filters let the router restrict information about the routes it accepts
from its neighbors. Filtered routes are not recorded in the local forwarding
table and cannot be propagated to other routers or hosts. The filter includes the
destination network and the source of the route. The source identifies the
interface, interface group, or WAN connection from which the route
information was received or the address of the router that provided the
information.
You can apply IP incoming filters only to RIP and EGP routes. You cannot
filter routes to directly connected networks. Incoming filters do the following:
RIP incoming filters restrict the acceptance of routing information from
other RIP routers.
EGP incoming filters restrict the routes accepted from the EGP peers.
IP Outgoing Filters
IP outgoing filters restrict the propagation of route information from the
router. You can also use them to control the flow of routes between the routing
protocols. An outgoing filter specifies a route and a potential recipient of the
information. The recipient is an outbound interface, an interface group, a
WAN connection, or the IP address of another router.
Understanding
103-000178-001
August 29, 2001
Novell Confidential
17
Manual
99a
38
July 17, 2001
You can apply IP outgoing filters to RIP, EGP, and OSPF routes. You cannot
filter directly connected networks. The following outgoing IP filters are
available:
RIP outgoing filters restrict the advertising of routing information and
hide the existence of specific IP networks from other routers.
OSPF external route filters define the routes learned from RIP, EGP, or
static routes that are propagated into the OSPF domain.
EGP outgoing filters restrict the routes that are propagated to the EGP
peers.
IP Packet Forwarding Filters

IP packet forwarding filters let the router filter packets selectively, based on
their source and destination interface fields, the packet type, and the source
and destination address type. The interface can be specified as an interface or
interface type, and the address types can be specified as any address, network,
or host. The packet type is identified by the presence of expected values in the
protocol type field of the IP header and in a protocol-specific operator. Packet
forwarding filters recognize the following protocol types:
Internet Control Message Protocol (ICMP)
Transmission Control Protocol (TCP)
User Datagram Protocol (UDP)
NetWare Core Protocol (NCP)
The packet type can be further identified by the TCP/UDP port. You can filter
only TCP packets that initiate a connection; therefore, you can restrict access
to TCP services in a specific location while allowing clients in that location to
access outside TCP services.
18
103-000178-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
AppleTalk Filtering
The AppleTalk protocol supports the following types of filters:
Device hiding filters
Routing information filters
For more information about AppleTalk filtering, refer to
AppleTalk Device Hiding Filters on page 19
AppleTalk Routing Information Filters on page 20
AppleTalk Routing Information Filters over AURP on page 23
AppleTalk Device Hiding Filters

AppleTalk device hiding filters restrict the advertisement of services on a
router's internetwork by filtering out packets that advertise those services.
These filters both prevent users from finding the network addresses of services
and provide a level of network security.
In AppleTalk, the Name Binding Protocol (NBP) lets users access services
such as file servers and printers. Specifically, it allows a user or application to
specify search parameters such as the network entity name and service type,
and a zone in which the search should be done. The search is represented in an
NBP lookup request sent to the appropriate zone where the service might be.
Services matching the search parameters reply directly to the requesting user
or application with the AppleTalk address of the service. Once the user or
application has received the NBP reply, the user or application can use the
AppleTalk address to communicate with the service.
When AppleTalk device hiding filters are enabled on a router, the router drops
the NBP replies for specified services. (That is, it does not deliver the replies
to the client machine or application that requested them.) Thus, the services
are hidden from that part of the network.
A common use of NBP is the Macintosh* Chooser application. The user or
application issues an NBP lookup, specifying a zone and service type of
interest. The lookup is sent to the appropriate zone. All devices or services of
the specified type in the zone respond with an NBP reply. The Chooser
displays the list of available devices, based on the NBP replies it receives.
Using the AppleTalk address supplied in each NBP reply, the user or
application can then communicate with the device or service.
Understanding
103-000178-001
August 29, 2001
Novell Confidential
19
Manual
99a
38
July 17, 2001
If filtering for that device or service location is enabled, the router drops the
NBP reply so that a user or application cannot get the network address of these
services. Without the NBP reply, the application cannot know about the
existence of the device.
NOTE: Device hiding filters provide a low level of security, but they do have
limitations. Because filtering is enabled on a router, if the client machine requesting

the address is on the same network as the service, the NBP reply goes directly to
the client and the router has no opportunity to filter it out. Additionally, if a client
machine knows the address of a specific service, it does not need the NBP reply
to access the service.
You can configure AURP routers to filter service information traveling

through an IP tunnel. If a filter is enabled on the tunnel, all networks accessible
through the tunnel are affected by service information filters configured for
the AURP router.
AppleTalk Routing Information Filters

AppleTalk routing information filters restrict the exchange of routing
information between routers by limiting the routes added to the routing tables
of specified routers. These filters increase security by limiting the visibility of
selected networks or zones and reduce the network bandwidth consumed by
the periodic exchange of routing information between routers. There are two
types of AppleTalk routing information filters:
Outgoing route filters
Incoming route filters
AppleTalk uses Routing Table Maintenance Protocol (RTMP) as its primary
routing protocol. This protocol is similar to the RIP used by TCP/IP and IPX.
The routing tables maintained by RTMP contain an entry for every known
route. These routing tables acquire routing information in two ways:
For directly connected networks, through AppleTalk configuration
For networks not directly connected, through the routing updates from
each of a router's neighboring routers
When all routing information filters are not enabled, an AppleTalk router
learns all the routes known by its neighboring routers through periodic routing
table updates (sent by RTMP). In this way, every router on the internetwork
acquires the routing information from all other routers on the internetwork.
20
103-000178-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Routing information filters are also available over AppleTalk Update-based

Routing Protocol (AURP). In this case, a neighboring router can be either a
network interface (all neighbors directly connected to the cable) or all peers
on the AURP tunnel.
AppleTalk outgoing route filters can be used for networks and zones.
Incoming route filters can be used only for networks.
NOTE: If AppleTalk networks have more than one router between them (such as
for redundant or loop routing), these routers are required to have the same filters
configured (device hiding, outgoing router, or incoming route filters). Configuring
filters in only one router does not filter out the required information.
For more information on AppleTalk routing information filters, refer to

AppleTalk Outgoing Route Filters on page 21
AppleTalk Incoming Route Filters on page 22
AppleTalk Outgoing Route Filters

AppleTalk outgoing route filters limit the routing information advertised by a
router to its neighbors. A typical outgoing route filter consists of a network or
zone (the route) and the interface through which filtered advertisements are
sent. The filters affect all routers on the network to which the interface
connects.
An AppleTalk router learns only about networks that are not directly
connected through its neighbors. Because of this, neighboring routers with
enabled outgoing route filtering can limit the routing information that the
AppleTalk router receives. This effectively cuts off access from one part of the
network to another.
NOTE: If you hide a route from a neighbor, none of the routers on the neighbor's
side of the network has any information about this route.
If the specified action is to deny routes in the filter list, the router ignores all
the route information in the filters going to the designated neighbors, but sends
all other routing information. If the specified action is to permit routes in the
filter list, the router uses only routes designated in the filter list to the specific
neighbors and ignores everything else.
Novell Internet Access Server 4.1 supports zone-based and network numberbased outgoing route filters, as discussed in the following sections.
Understanding
103-000178-001
August 29, 2001
Novell Confidential
21
Manual
99a
38
July 17, 2001
Zone-Based Outgoing Route Filters
Zone-based outgoing route filters limit the advertisement of all routes

associated with a particular zone. A zone is an abstraction of networks into
which many physical networks, including noncontiguous networks, can be
grouped. The main advantage of using zone names in filters is that the filter
does not need to be modified when new networks are added to the zone.
For example, when filters are configured for the Marketing zone, the zone is
made up of only one physical network. As the department grows, more
physical networks are added, but they are still grouped under the Marketing
zone. All filters configured for the Marketing zone are enforced automatically
for all new physical networks added to the zone. This capability greatly
simplifies network management.
NOTE: When you specify a zone from a network that has multiple zones, all set
filters affect the entire network, not just the selected zone.
Network Number-Based Outgoing Route Filters
Network number-based outgoing route filters limit the advertisement of the

routes to specific networks. This kind of filtering gives very explicit control to
the user about which physical network should or should not be advertised to
different neighbors.
You must reconfigure network number-based outgoing route filters when
changes occur in the network topology.
AppleTalk Incoming Route Filters

AppleTalk incoming route filters limit the routing information that a router
accepts and adds to its routing tables.
When these filters are enabled on a router, the router accepts only the allowed
routes from each of its neighboring routers so that specified routes are hidden
from particular routers and from particular parts of the network. Novell
Internet Access Server 4.1 supports only network number-based incoming
route filters.
An incoming route filter consists of a route and the interface through which
the route advertisements are expected to be transmitted. The specified route
can be to a nonextended network or to an extended network.
Directly connected networks cannot be filtered by incoming route filters. If the
specified action is to deny routes in the filter list, the router ignores all the
22
103-000178-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
route information designated in the filters received from the specified

neighbors, but accepts and records all other routing information. If the
specified action is to permit routes in the filter list, the router accepts only
routes designated in the filter list from the named neighbors and ignores
everything else.
AppleTalk Routing Information Filters over AURP

Routing information filters configured for AURP routers affect all AURP
routers on the tunnel in the same way. AppleTalk routers running AURP
cannot filter routes on a per-router basis.
WARNING: You should not change AURP route filters dynamically unless it is
absolutely required. Because AURP routers exchange complete route information
only during connection setup and only send updates to the information thereafter,
changing route filters can cause large volumes of AURP routing information to be
exchanged as the routers adapt to the new filter configuration. During this
information exchange, connectivity over the tunnel can be affected.
Source Route Bridge Filtering

Source route bridge supports the following two types of filters:
Protocol ID filters
Ring number filters
Protocol ID Filters
Protocol ID filters filter out packets of certain protocol types received by the
source route bridge. Protocol ID filtering can help control traffic, balance
bridge loads, and increase security.
Ring Number Filters

Ring number filters filter out packets received from specific rings in a token
ring network. This lets you limit the traffic that crosses a bridge from a source.
Use ring number filters to balance the load among your network bridges and
to increase network security.
Understanding
103-000178-001
August 29, 2001
Novell Confidential
23
Manual
24
103-000178-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
Planning
This chapter explains the decisions you must make before you can configure
filters.
Configuration Decisions
How you configure filters depends on the following decisions:
Whether you want to control access to services on your network
You should enable filtering support if you want to control access to
services on your network. Filters increase security by limiting the
visibility of selected services. Packet forwarding filters provide the
highest level of security.
Whether you want to reduce the bandwidth consumed by unnecessary
routing traffic
Enabling filtering reduces network traffic caused by periodic service
information messages sent by routers.
Planning
103-000178-001
August 29, 2001
Novell Confidential
25
Manual
26
103-000178-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
Setting Up
You use the Filter Configuration utility (FILTCFG) to configure filters that
selectively control which packets will be sent or received by a router. Filters
let you control the service and route information that is accepted or advertised
by a router.
Filters can be useful when you want to limit specific kinds of traffic to certain
parts of your network topology, or when you want to provide a certain level
of security.
How to Run FILTCFG

Before you begin, make sure that the Filter Support option is enabled in the
Novell Internet Access Server Configuration utility (NIASCFG) for each
protocol that needs filtering.
NOTE: When Filter Support is disabled, the protocol operates as if the filter
module is not loaded, and no filtering occurs. However, the changes you make will
have no effect until you enable Filter Support. When Filter Support is enabled, any
changes you make to the filter configurations take effect immediately. It is not
necessary to use the REINITIALIZE SYSTEM command.
To set up and modify filters, complete the following steps:

1 Load FILTCFG.
The Filter Configuration Available Options menu is displayed.

2 Select the protocol for which you want to configure filters.
The main filter menu for the protocol you selected is displayed.
3 Optionally, for IPX and IP filtering, select Global Logging and select
Enabled to log packets that match the Filters or Exceptions definitions.
Setting Up
103-000178-001
August 29, 2001
Novell Confidential
27
Manual
99a
38
July 17, 2001
The header of packets that match the Filters or Exceptions definitions

are logged as long as the global logging status and the filters or exceptions
logging status are both enabled. The logs are viewed using the NetWare
Administrator utility.
4 Select the type of filter you want.
The corresponding option menu is displayed.

5 For each option you select, you can configure the following general
parameters:
Status Specifies the status of the selected filters. Any configured

filters immediately become active (enabled) or inactive (disabled),
depending on your choice.
Action Permits or denies the packet, route, or service listed in the

filter list.
When the action is permitted, the specified filters are accepted; any
filters that are not explicitly permitted are denied. One of the
following occurs:
Packets matching the entries in the Packet Forwarding List are
allowed through.
Services or routes matching the entries in the Outgoing Service/
Routing Information Filter Lists are advertised.
Services or routes matching the entries in the Incoming Service/
Routing Information Filter Lists are accepted.
If the action is denied, the specified filters are denied (the packets are
discarded); any filters that are not explicitly denied are permitted.
Filters Displays a list of filters that are accepted (permitted) or

filtered (denied) on an interface.
You can select a filter from the list and press Enter to modify the
filter or Del to remove it. Press Ins to add a new filter.
Refer to the corresponding section later in this section for the steps
you use to define a filter if you are modifying or adding a filter.
Exceptions Displays a list of exceptions to the Filters list, to which

the Action parameter settingpermit or denydoes not apply.
The Exceptions list is examined before the Filters list. If there is a
conflict between the two lists, the Exceptions list is used. The action
28
103-000178-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
taken on the Exceptions list is always the opposite of the action taken
on the Filters list.
You select a filter from the list and press Enter to modify the filter
or Del to remove it. Press Ins to add a new filter. For example, you
could use a filter to hide all Marketing file servers from Engineering,
except the server named MKTG-DEMO.
6 Press Esc to exit.
NOTE: All filters affecting a primary call are automatically mapped to a configured
backup call. Optionally, the automatic mapping of filtering can be disabled with the
LOAD FILTSRV NOBACKUP command. With automatic mapping of filtering
disabled, you can configure a selective filtering scheme that is specific to the
needs of a backup link. The primary call and its associated backup call should use
the same remote system ID. For information on configuring backup calls, refer to
"Configuring Backup Calls."
How to Save Filters to a Text File

To save your filter information to a text file, complete the following steps:
1 Load FILTCFG.
The Filter Configuration Available Options menu is displayed.

2 Select Save Filters to a Text File, then press Enter.
3 Enter the pathname for the filter file.
For example, enter SYS:\ETC\TEMP . You can also save the filter file
to a floppy disk (for example, A:\filename).
Configuring IPX Filters

The Internetwork Packet ExchangeTM (IPXTM) protocol supports the
following types of filters:
SAP (service information) filters
Outgoing SAP filters (services advertised)
Incoming SAP filters (services accepted)
RIP (routing information) filters
Outgoing RIP filters (routes advertised)
Incoming RIP filters (routes accepted)
NetBIOS and packet forwarding filters
Setting Up
103-000178-001
August 29, 2001
Novell Confidential
29
Manual
99a
38
July 17, 2001
Refer to Understanding for more information.

NOTE: When you configure a filter for a primary WAN call, an equivalent filter is
automatically generated for the backup call. If the primary call should fail, the
backup call is automatically connected.

How to Configure IPX SAP Filters on page 30
IPX SAP Filter Example on page 33
How to Configure IPX RIP Filtering on page 34
IPX RIP Filter Example on page 37
IPX NetBIOS and Packet Forwarding Filters on page 39
Configuring IPX Packet Forwarding on page 39
IPX Packet Forwarding Filter Example on page 43
How to Configure IPX SAP Filters

Before you begin, make sure that filtering support is enabled for IPX in
NIASCFG.
To configure IPX incoming (or outgoing) SAP filtering, complete the
following steps:
1 Load FILTCFG, then select the following parameter path:
Select Configure IPX Filters > Incoming SAP Filters (or Outgoing SAP
Filters )
2 Select Status and toggle the choice to read Enabled or Disabled .
Any configured filters immediately become active (enabled) or inactive

(disabled).
NOTE: It might be easier to configure filters while they are disabled. Otherwise,
you might experience temporary service loss while you are adding and setting up
wildcard filters.
3 Select Action and toggle the choice to permit or deny the services on the
filter list.
This specifies the action taken when an incoming (or outgoing) service
(SAP packet) matches a filter in the filter list. If you select to permit the
services, the SAP information is received from (or broadcast to) the local
30
103-000178-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
networks. If you select to deny the services, the SAP information is not
received from (or broadcast to) the local networks.
NOTE: Changing a filter to permit the services on the filter list when the filter list is
empty denies all services and might produce undesirable results.
4 Select Filters .
This lists the incoming (or outgoing) SAP services that are currently
permitted or denied, according to the Action parameter setting.
5 Modify the service list.
You can select a service from the list and press Enter to modify the
service or Del to remove it. Press Ins to add a new service.
If you are modifying an existing filter, or adding a new filter, modify the
following parameters from the Define Filter menu:
Logging Optionally select Enabled to log packets that match the

Filters or Exceptions definitions.
The header of packets that match the Filters or Exceptions
definitions are logged as long as the global logging status and this
logging status are both enabled. The logs are viewed using the
NetWare Administrator utility.
Service Name Press Ins, then select from a list of unfiltered

NetWare services known to the router, or enter a service name.
NOTE: You can use the asterisk (*) and question mark (?) wildcards. The *
wildcard is equal to zero or more character matches. The ? wildcard is equal
to precisely one character match. For example, SERVER-A* matches ServerA, SERVER-A2, and SERVER-A-MKTG, whereas SERVER-A? matches
only SERVER-A2. You can enter several wildcard characters in a string. We
recommend that you enter exceptions to wildcards first when working with an
enabled filter list.
Service Type Enter a hexadecimal SAP number, or press Ins, then

select from a list of defined IPX service types.
You can use FFFF as a wildcard for any or all types.
Source (or Destination ) Type Press Enter , then select Interface

or Interface Group .
Source (or Destination )Press Enter and specify the source (or
destination) for the filter.
If you specified Interface as the Source (or Destination ) Type ,
select a specific interface on which you want to filter the service. You
Setting Up
103-000178-001
August 29, 2001
Novell Confidential
31
Manual
99a
38
July 17, 2001
can select a LAN interface, a WAN interface, the internal network,

or all interfaces. The default is All Interfaces .
Source (or Destination ) Circuit If you selected a WAN source (or

destination), press Enter to define optional circuit information:
Local Frame Relay DLCI # (for frame relay)The DLCI circuit
number used for calls.
Remote System ID (for PPP, X.25, or ATM)The name of the
remote system server or remote peer associated with this circuit.
Circuit Parameter Type (for X.25 or ATM)The type of virtual
circuit used to establish a connection.
Remote DTE Address (for X.25)The X.121 DTE address assigned
to the specific remote DTE.
Remote ATM Address (for ATM)The address assigned to the
specific remote ATM.
NOTE: If the optional fields are left blank, the filter will match all WAN calls
on the interface. If authentication is not enabled and the optional fields are
specified, the filter will not work.
Comment Enter an optional short description.
6 Press Esc and save the information.

7 Select Exceptions .
This displays a list of exceptions to the incoming (or outgoing) SAP

filters. Depending on the Action parameter setting, services that match a
filter on this list are always or are never accepted (or advertised) by the
router, even if another filter is configured to do the opposite.
8 Modify the exceptions list.
Select a service from the list and press Enter to modify the service or Del
to remove it. Press Ins to add a new service. Refer to Step 5 and Step 6
to modify or add an exception.
9 Press Esc to save the information and return to the Configure IPX Filters
menu.
32
103-000178-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
IPX SAP Filter Example

In this example, two departmental networks are connected to a corporate
network through a WAN link between Router 1 and Router 2. The two routers
use the RIP/SAP routing protocol to communicate with each other. RIP
enables routers to send out periodic updates of service and routing
information. The internetwork topology is shown in Figure 2 below.
NOTE: Either Router 1 or Router 2 can be set up to do the following: RIP/SAP can
be run over the WAN link with an outbound SAP filter and with the NetWare Link
Services ProtocolTM (NLSPTM ) software on the LAN. RIP/SAP can be run on the
LAN with an inbound filter and with NLSP on the WAN. RIP/SAP can be run on the
LAN and WAN links, and both inbound and outbound filtering is enabled. On the
WAN, both ends need to be consistently configured.
Figure 2
IPX SAP Filter Example
Server
SRV-DEPT1
Advertise only
SRV-DEPT1 and SRV-DEPT2
NetWare
Router 1
Department 1
Network
WAN Link
NetWare
Router 2
Corporate
Network
WAN-1 WAN-1
Advertise only
CORP-MAIL
Department 2
Network
Server
CORP-MAIL
Server
SRV-DEPT2
To minimize the load on the WAN link, an IPX SAP filter is configured on
Router 1 and Router 2. This filter cuts down the periodic service information
updates across the WAN link by advertising only a few selected servers. The
clients across the WAN link can access the servers on the other network by
first attaching to these selected servers.
Setting Up
103-000178-001
August 29, 2001
Novell Confidential
33
Manual
99a
38
July 17, 2001
When configuring this example, set the parameters as shown in Table 2.

Table 2
Parameters for IPX SAP Filter Example

Parameter
Value
Router 1 Action
Permit Services
Router 1 Filters:
Filter 1:
Service Name
Service Type
Destination Type
Destination
Destination Circuit
.
SRV-DEPT1
FFFF (All Types)
Interface
WAN-1
All Circuits
Filter 2:
Service Name
Service Type
Destination Type
Destination
Destination Circuit
SRV-DEPT2
FFFF (All Types)
Interface
WAN-1
All Circuits
Router 2 Action
Permit Services
Router 2 Filters:
Service Name
Service Type
Destination Type
Destination
Destination Circuit
CORP-MAIL
FFFF (All Types)
Interface
WAN-1
All Circuits
How to Configure IPX RIP Filtering

NIASCFG.
To configure IPX incoming (or outgoing) RIP filtering, complete the
following steps:
Select Configure IPX Filters > Incoming RIP Filters (or Outgoing RIP
Filters )
34
103-000178-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
2 Select Status and toggle the choice to read Enabled or Disabled.

(disabled).
wildcard filters.
3 Select Action and toggle the choice to permit or deny the networks on the
filter list.
This specifies the action taken on an incoming (or outgoing) network
(RIP packet) in the filter list. If you select to permit networks, the RIP
information is received from (or advertised to) local networks. If you
select to deny networks, the RIP information is not received from (or
advertised to) local networks.
NOTE: Changing a filter to permit the routes on the filter list when the filter list is
empty denies all routes.
4 Select Filters .
This lists the incoming (or outgoing) RIP routes that are permitted or
denied, according to the Action parameter setting.
5 Modify the network list.
Select a filter from the list and press Enter to modify the filter or Del to
remove it. Press Ins to add a new network filter.
If you are modifying an existing filter or adding a new filter, modify the
NOTE: Whenever the internal network number of a server is filtered, the SAPs
from the server are also filtered automatically.

Network Number Enter a 4-byte hexadecimal number that

identifies the IPX network.
Network Mask Enter a 4-byte hexadecimal number that defines

the range of network numbers you want to filter.
Setting Up
103-000178-001
August 29, 2001
Novell Confidential
35
Manual
99a
38
July 17, 2001
A network number/mask pair of 0/0 matches all IPX networks. A 1

bit in the network mask means that bit must be matched. For
example, C9000000/FFFFFF00 matches C90000XX network
numbers.
NOTE: Bit masks do not need to be contiguous for filters.
Source (or Destination ) Type Press Enter , then select Interface

or Interface Group .
Source (or Destination )Press Ins and specify the source (or
destination) of the route information.
If you specified Interface as the Source (or Destination ) Type ,
select a specific interface on which you want to filter the service. You
can select a LAN interface, a WAN interface, the internal network,
or all interfaces. The default is All Interfaces .
If you specified Interface Group as the Source (or Destination )
Type , select the specific interface group on which you want to filter
the service.

6 Press Esc and save the information.
36
103-000178-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
7 Select Exceptions.
Displays a list of exceptions to the incoming (or outgoing) RIP filters.

Depending on the Actions parameter setting, routes that match a filter on
this list are always or are never accepted (or advertised) by the router,
even if another filter is configured to do the opposite.
remove it. Press Ins to add a new network filter. Refer to Step 5 and Step
6 to add or modify a filter.
9 Press Esc to save the information and return to the Configure IPX Filters
menu.
IPX RIP Filter Example

In this example, network clouds are connected to each other through a T1
WAN link and a 256-Kbps WAN link. Packets from specific network ranges
in each cloud take longer to be transmitted through the T1 link than the 256Kbps link because their proximity to the links are different.
To restrict access to the 256-Kbps link to those network ranges that benefit
from it most, and to prevent other networks from accessing this slower link,
outbound filters are configured in the routers attached to the 256-Kbps link. In
this case, Router 1 permits only packets sent to network range 010159xx to be
transmitted through the 256-Kbps link. Router 2 permits only packets sent to
network range 020267xx to be transmitted through the 256-Kbps link.
The internetwork topology is shown in Figure 3 on page 38.
Setting Up
103-000178-001
August 29, 2001
Novell Confidential
37
Manual
Figure 3
99a
July 17, 2001
38
IPX Routing Information Filter Example
T1 WAN
Link
Network
Ranges
Network
Ranges
01013xxx
01014xxx
02029xxx
Router 1
256-Kbps
WAN Link
Router 2
010159xx
020267xx
WAN-1 WAN-1
Permit only
010159xx
Permit only
020267xx

Table 3
38
Parameters for IPX Outgoing Filter Example

Parameter
Value
Router 1 Actions
Permit Networks
Filters:
Network Number
Network Mask
Destination Type
Destination Interface
Destination Circuit
Router 2 Actions
Permit Networks
Filters:
Network Number
Network Mask
Destination Type
Destination Circuit
02026700
FFFFFF00
Interface
WAN-1
All Circuits
01015900
FFFFFF00
Interface
WAN-1
All Circuits
103-000178-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
IPX NetBIOS and Packet Forwarding Filters

IPX packet forwarding filters allow the router to filter a packet according to
the source and destination address fields and the packet type. NetBIOS filters
allow the router to forward NetBIOS broadcast packets only on selected
interfaces.
NOTE: IPX NetBIOS and packet forwarding filters work while using either NLSP or
RIP/SAP routing modes.
Configuring IPX Packet Forwarding

NIASCFG. Otherwise, filtering will not work.
To configure IPX packet forwarding filters, complete the following steps:
Select Configure IPX Filters > NetBIOS and Packet Forwarding Filters
wildcard filters.
3 Select NetBIOS Broadcast Filters Action and toggle the choice to permit
or deny the IPX NetBIOS packets on the listed interfaces.

4 Select NetBIOS Broadcast Filters Interfaces, then press Enter .
This displays a list of interfaces that are permitted or denied for NetBIOS
broadcast. Press Ins to add an interface to the list, or select an interface
and press Del to remove it from the list. You can select a LAN interface,
a WAN interface, the internal network, or all interfaces.
5 Select Interface Groups , then press Enter .
This displays a list of interface groups that are permitted or denied for
NetBIOS broadcast. Press Ins to add an interface to the list, or select an
interface and press Del to remove it from the list.
6 Select Packet Forwarding Filters Action and toggle the choice to permit
or deny the packet forwarding filters on the filter list.

7 Select Filters .
This lists the NetBIOS filters that are permitted or denied, according to
the Action parameter setting.
Setting Up
103-000178-001
August 29, 2001
Novell Confidential
39
Manual
99a
38
July 17, 2001
8 Modify the filter list.
remove it. Press Ins to add a new filter.
Source Interface Type Press Enter and select Interface or

Interface Group as the incoming IPX packet source.
Source Interface Press Enter and select the source from the list of
network interfaces or interface groups.
If you specified Interface as the Source Interface Type , select a
specific interface on which you want to filter the service. You can
select a LAN interface, a WAN interface, the internal network, or all
interfaces. The default is All Interfaces .
If you specified Interface Group as the Source Interface Type ,
select the specific interface group on which you want to filter the
service.
Source Circuit If the source is a WAN interface, press Enter to

modify the following optional circuit information:
40
Destination Interface Type Press Enter and select Interface or

Interface Group as the IPX packet destination.
103-000178-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Destination Interface Press Enter and select a destination from the

list of network interfaces or interface groups.
If you specified Interface as the Source (or Destination ) Interface
Type , select a specific interface on which you want to filter the
service. You can select a LAN interface, a WAN interface, the
internal network, or all interfaces. The default is All Interfaces .
If you specified Interface Group as the Destination (or Source )
Interface Type , select the specific interface group on which you
want to filter the service.
Destination CircuitIf the destination is a WAN interface, press

Enter to modify the following optional circuit information:
Packet Description Press Enter and select from a list of defined

IPX packet types, or press Ins to define a packet type.
Enter the following information to define the type of IPX packet you
can filter:
Name Enter a name for the packet.
Packet Type Enter a 1-byte packet type number in hexadecimal.
The FF wildcard matches all packet numbers.
Destination Socket Enter a 2-byte socket number in hexadecimal.
The wildcard FFFF matches all socket numbers.
Source Address Type Press Enter and select Any Address ,

Network , or Node as the source address type.
Setting Up
103-000178-001
August 29, 2001
Novell Confidential
41
Manual
99a
38
July 17, 2001
Source IPX Address Enter the address if you selected Network or

Node.
Destination Address Press Enter and select Any Address ,

Network , or Node as the destination address.
Destination IPX Address Enter the address if you selected

Network or Node .
A network numbers/mask pair of 0/0 matches all IPX networks. A 1
bit in the network mask means that bit must be matched. For
example, C9000000/FFFFFF00 matches C90000XX network
numbers.

9 Press Esc and save the filter information.

10 Select Exceptions.
This lists the exceptions to the IPX forwarding filters. According to the
Action parameter specified, the packets that match a filter on this list are
always or are never forwarded by the router, even if another filter is
configured to do the opposite.
Press Ins to add a new filter, or select a filter from the list and press Enter
to modify the filter or Del to remove it. Refer to Step 8 on page 40 and
Step 9 on page 42 to modify or add a filter.
12 Press Esc to save the information and exit to the Configure IPX Filters
menu.
42
103-000178-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
IPX Packet Forwarding Filter Example

In this example, an FDDI backbone connects several departments in an
organization. Routers A, B, and C connect the departmental networks to the
backbone. Within the organization, users can access all servers. However, the
Human Resources (HR) servers can be accessed only by HR employees. To
make the HR servers secure, packet forwarding filters are used in addition to
the usual NetWare password security. Note that some of the HR employees
are connected to different networks than the one HR servers are connected to
Figure 4 shows the internetwork topology.
Figure 4
IPX Packet Forwarding Filter Example
HR Employee 1
IPX Node = 59:00001B2700F3
LAN 2
IPX Network 59
LAN 3
IPX Network 55
Router C
Corporate FDDI Backbone

IPX Network 50
Router B
HR Employee 2
IPX Node = 55:00001B2700F0
Router A
LAN 1
IPX Network 53
HR File Server 1
Internal Net = 10
HR File Server 2
Internal Net = 12
Routers B and C do not require filters because users can access all corporate
servers (except for the HR server). Packet forwarding filters are installed on
Router A to block packets from the FDDI interface to the HR servers, except
when the packets are from the nodes 59:00001B2700F3 and
55:00001B2700F0.
Setting Up
103-000178-001
August 29, 2001
Novell Confidential
43
Manual
Table 4
44
99a
38
Parameters for IPX Packet Forwarding Filter Example

Parameter
Value
Action
Deny Packets
Filter List:
Source Interface Type
Source Interface
Source Circuit
Destination Interface Type
Destination Circuit
Packet
Source Address Type
Source IPX Address
Destination Address
Destination IPX Address

Source Interface
Source Circuit
Destination Circuit
Packet
Source Address Type
Source IPX Address
Destination Address
Interface
FDDI
All Circuits
Network
12/FFFFFFFF
All Circuits
<Any>
Network
FDDI
Network
12/FFFFFFFF
Interface
FDDI
All Circuits
Network
10/FFFFFFFF
All Circuits
<Any>
Network
FDDI
Network
10/FFFFFFFF
103-000178-001
August 29, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
Parameter
Value
Exceptions:
Source Interface
Source Circuit
Destination Circuit
Packet
Source Address Type
Source IPX Address
Destination Address

Source Interface
Source Circuit
Destination Circuit
Packet
Source Address Type
Source IPX Address
Destination Address
Node
55:00001B2700F0
All Circuits
Network
10/FFFFFFFF
All Circuits
<Any>
Node
55:00001B2700F0
Network
10/FFFFFFFF

Source Interface
Source Circuit
Destination Circuit
Packet
Source Address Type
Source IPX Address
Destination Address
Node
59:00001B2700F3
All Circuits
Network
12/FFFFFFFF
All Circuits
<Any>
Node
59:00001B2700F3
Network
12/FFFFFFFF
Node
59:00001B2700F3
All Circuits
Network
10/FFFFFFFF
All Circuits
<Any>
Node
59:00001B2700F3
Network
10/FFFFFFFF
Setting Up
103-000178-001
August 29, 2001
Novell Confidential
45
Manual
99a
38
Parameter
Value

Source Interface
Source Circuit
Destination Circuit
Packet
Source Address Type
Source IPX Address
Destination Address
Node
55:00001B2700F0
All Circuits
Network
12/FFFFFFFF
All Circuits
<Any>
Node
55:00001B2700F0
Network
12/FFFFFFFF
July 17, 2001
Configuring TCP/IP Filters

TCP/IP supports the following filters:
Incoming RIP filters (routing information)
Outgoing RIP filters (routing advertisement)
Packet forwarding filters
Incoming Exterior Gateway Protocol (EGP) filters (routing information)
Outgoing EGP filters (routing advertisement)
Open Shortest Path First (OSPF) external route filters
Refer to Understanding for more information.

How to Configure IP Routing Information Filters on page 47
How to Configure EGP Filters on page 49
How to Configure OSPF External Route Filters on page 52
IP Routing Information Filter Example on page 53
IP Packet Forwarding Filters on page 55
46
103-000178-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
How to Configure IP Routing Information Filters

Before you begin, make sure that filtering support is enabled for IP in
NIASCFG under the TCP/IP Protocol menu. Otherwise, filtering will not
work.
To configure IP incoming (or outgoing) RIP filters, complete the following
steps:
Select Configure TCP/IP Filters > Incoming RIP Filters (or Outgoing
RIP Filters )

(disabled).
3 Select Action and toggle the choice to permit or deny the routes in the
filter list.
This specifies the action taken when an incoming (or outgoing) RIP
packet matches a filter on the filter list.
If you select to permit the routes, the matching RIP routes are accepted
(or advertised) by the router. If you select to deny the routes, the matching
RIP routes are not accepted (or advertised) by the router.
4 Select Filters .
This lists the incoming (or outgoing) RIP filters that are permitted or
5 Modify the route list.
You can select a filter from the list and press Enter to modify the filter or
Del to remove it. Press Ins to add a new filter.
Route to Network or Host Specify All Routes , Host , or Network

as the type of route to be filtered.
IP Address of Network/Host Enter a 4-byte IP address in dotted

decimal notation. You do not need to enter this if you selected All
Routes for the Route to Network/Hosts parameter.
Setting Up
103-000178-001
August 29, 2001
Novell Confidential
47
Manual
99a
38
July 17, 2001
Subnetwork Mask Enter a 4-byte mask address in dotted decimal

or hexadecimal notation. Do this only if you selected Network for
the Route to Network/Hosts parameter.
Source (or Destination ) Type Select Interface , Interface Group ,

or Network as the source (or destination) type.
Source (or Destination )Press Enter , then select the source (or
destination) that the route is advertised to or blocked from.
If you specified Interface for the Source (or Destination ) Type
parameter, select a specific interface on which you want to filter the
service. You can select a LAN interface, a WAN interface, or all
If you specified Interface Group for the Source (or Destination )
Type parameter, select the specific interface group on which you
want to filter the service.
If you selected Network for the Source (or Destination ) Type
parameter, type the TCP/IP address and the subnet mask.

Advertised Hop Count Enter a number from 1 to 16.

This option is enabled if the filter is configured to permit or advertise
the route. If you leave this option blank, the TCP/IP routing table is
consulted automatically for the required information. A value of 16
disables the route.
48
103-000178-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001


This displays a list of exceptions to the configured filters. Depending on

the Action parameter setting, packets that match a filter on this list are
always or are never accepted (or advertised), even if another filter is
NOTE: The Exceptions list filters always takes a higher priority than other filters.
remove it. Press Ins to add a new filter. Refer to Step 5 and Step 6 if you
are adding or modifying a filter.
9 Press Esc to save the information and return to the Configure TCP/IP
Filters menu.
How to Configure EGP Filters

IMPORTANT: No routes are accepted by EGP unless EGP filters are configured.
To configure IP incoming (or outgoing) EGP filters, perform the following
steps:
Select Configure TCP/IP Filters > Incoming EGP Filters (or Outgoing
EGP Filters )

(disabled).
filter list.
Setting Up
103-000178-001
August 29, 2001
Novell Confidential
49
Manual
99a
38
July 17, 2001
This specifies the action taken when an incoming (or outgoing) EGP
packet matches a filter on the filter list. If you select to permit the routes,
the matching EGP routes are accepted (or advertised) by the router. If you
select to deny the routes, the matching EGP routes are not accepted (or
advertised) by the router.
4 Select Filters .
This lists the incoming (or outgoing) EGP routes that are permitted or
You can select a filter from the list and press Enter to modify the filter or
Del to remove it. Press Ins to add a new filter.
Route to Network or Host Press Enter and specify All Routes or

Network as the type of route to be filtered.
IP Address of Network/Host Enter an IP address in dotted decimal

notation if you selected Network .
Subnetwork Mask Enter a 4-byte subnet mask address in dotted

decimal or hexadecimal notation.
Source (or Destination ) Type Select Autonomous System , Host

, Interface , Interface Group , or Network .
Source (or Destination )Fill in the following information, based

on what you selected for the Source (or Destination ) Type :
Autonomous System Press Enter , then type the autonomous
system number (from 0 to 65535) from which the route is learned
(source) or advertised (destination).
Host Press Enter , then type the TCP/IP address in dotted decimal
notation.
Interface Press Enter , then select a specific interface on which you
want to filter the service. You can select a LAN interface, a WAN
interface, or all interfaces. The default is All Interfaces .
Interface Group Press Enter , then select an interface group from
the list.
Network Press Enter , then type the TCP/IP address and subnet
mask numbers in dotted decimal notation.
50
103-000178-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

Metric Value Enter a number to be associated with the route.

This option is enabled only if the filter is configured to permit or
advertise the route. If you leave this option blank, the TCP/IP routing
table is consulted automatically for the required information.


Lists the exceptions to the configured filters. Depending on the Action

parameter setting, packets that match a filter on this list are always or are
never advertised (or hidden), even if another filter is configured to do the
opposite.
Filters menu.
Setting Up
103-000178-001
August 29, 2001
Novell Confidential
51
Manual
99a
38
July 17, 2001
How to Configure OSPF External Route Filters

NOTE: OSPF external route filters apply only to routes learned from RIP, EGP, or
static routes.
To configure OSPF external route filters, complete the following steps:
Select Configure TCP/IP Filters > OSPF External Route Filters


(disabled).
filter list.
If permitted, all matching routes are forwarded by the router. If denied,
all matching routes are not forwarded by the router.
4 Select Filters.
This lists the routes that are permitted or denied, according to the Action
parameter setting.
52
Route to Network or Host Press Enter to specify All Routes , Host,

or Network as the type of route to be filtered.
IP Address of Network Host Enter a 4-byte IP address in dotted

decimal notation if you specified Network or Host for the Route to
Network or Host parameter.
Subnetwork Mask Enter a 4-byte mask address in dotted decimal

or hexadecimal notation if you specified Network for the Route to
Network or Host parameter.
103-000178-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Metric Value Enter a metric or cost associated with the route.

This option is enabled only if the filter is configured to permit or
advertise the route. If you leave this option blank, the TCP/IP routing
table is consulted automatically for the required information.


This lists the exceptions to the configured route filter list. Depending on
always or are never permitted or denied, even if another filter is
Filters menu.
IP Routing Information Filter Example

In this example, the Accounting department is connected to the FDDI
backbone by Router C. One of the networks within Accounting is 151.1.0.0
(subnet mask of 255.255.255.0). Because access to this network from outside
the Accounting department is not required, the administrator has selected not
to propagate a route to this network outside the Accounting department.
To hide network 151.1.0.0 from the rest of the organization, an outgoing RIP
filter is configured on Router C.
Because IP supports RIP, OSPF, and EGP, routing filters must always specify
the routing protocol for which the filter applies. In this case, RIP is used by all
routers in the organization, and a RIP routing information filter is configured.
Setting Up
103-000178-001
August 29, 2001
Novell Confidential
53
Manual
99a
38
July 17, 2001
The route being hidden from the rest of the network is defined by the
Accounting department network with IP network address 151.1.0.0. Router
C's connection to the departments outside Accounting is through the FDDI
backbone. The destination from which network 151.1.0.0 is hidden is most
easily defined as the FDDI interface to the backbone. Figure 5 shows the
internetwork topology.
Note that Router C has the route to network 151.1.0.0 in its routing table. If
Router C receives a packet from the FDDI backbone that is destined for
network 151.1.0.0, it forwards the packet.
Figure 5
IP Routing Information Filter Example
IP Network 151.1.0.0
Router C
(FDDI Backbone)
Router A
Router B
External Internetwork
NE2000
Mail Server
54
103-000178-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
When configuring this example, set the parameters as shown in Table 5 .

Table 5
Parameters for IP Outgoing Routing Information Filter Example

Parameter
Value
Action
Deny Routes
Filters:
Route to Network or Host
IP Address of Network Host
Subnet Mask
Destination Type
Destination
.
Network
151.1.0.0
255.255.255.0
Interface
FDDI Interface
IP Packet Forwarding Filters

IP packet forwarding filters let the router filter packets selectively, according
to their type, source, and destination.
Configuring IP Packet Forwarding Filtering
To configure IP packet forwarding filtering, complete the following steps:
Select Configure TCP/IP Filters > Packet Forwarding Filters


(disabled).
3 Select Action and toggle the choice to permit or deny the packets in the
filter list.
If denied, matching packets are not forwarded by the router. If permitted,
matching packets are forwarded by the router.
4 Select Filters .
This lists the packets that are permitted or denied, according to the Action
parameter setting.
Setting Up
103-000178-001
August 29, 2001
Novell Confidential
55
Manual
99a
38
July 17, 2001
5 Modify the packet list.
remove it. Press Ins to add a new packet filter.
If you are modifying an existing filter or adding a new filter, specify the
NOTE: You cannot modify a predefined packet type.
Source Interface Type Press Enter and select Interface or

Interface Group as the source type.
Source Interface Press Enter and select an interface or interface

group from the list.
If you specified Interface as the Source Interface Type , select a
select a LAN interface, a WAN interface, or all interfaces. The
default is All Interfaces .
If you specified Interface Group as the Source Interface Type , select
the specific interface group on which you want to filter the service.
Source Circuit If you selected a WAN interface source, press Enter

to define optional circuit information:
Destination Interface Type Select Interface or Interface Group as

the interface type.
Destination Interface Press Enter and select an interface or

interface group from the list.
If you specified Interface as the Destination Interface Type , select a
56
103-000178-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
select a LAN interface, a WAN interface, or all interfaces. The

default is All Interfaces .
If you specified Interface Group as the Destination Interface Type ,
select the specific interface group on which you want to filter the
service.
Destination Circuit If you selected a WAN interface destination,

press Enter to define optional circuit information:
Packet Type Press Enter and select a packet type from the list.
The Protocol and Port(s) fields are automatically filled in, according
to your packet type selection.
Source Address Type Press Enter and select Any Address , Host
, or Network .
Source TCP/IP Address Enter the address and subnet mask of the
network or host.
Destination Address Type Press Enter and select Any Address ,

Host , or Network .
Destination TCP/IP Address Enter the address and subnet mask of

the network or host.

Setting Up
103-000178-001
August 29, 2001
Novell Confidential
57
Manual
99a
38
July 17, 2001
7 Select Exceptions to display a list of exceptions to the permitted or
denied packets.
This lists the exceptions to the configured packet filter list. Depending on
always or are never permitted or denied, even if another filter is
Filters menu.
IP Packet Forwarding Filter Example
In this example, an organization has an FDDI backbone connecting several

departments within the organization and a link to external networks. Routers
A and C connect the departmental networks to the backbone. Router B
connects the external networks to the backbone. Within the organization,
users can communicate freely across the internetwork. External access is
limited to electronic mail. The internetwork topology is shown in Figure 6 on
page 59.
58
103-000178-001
August 29, 2001
Novell Confidential
Manual
Figure 6
99a
38
July 17, 2001
IP Packet Forwarding Filter Example
Router C
(FDDI Backbone)
FDDI_B
Router A
Router B
NE2000_B
Mail Server
153.5.3.1
Because internal communication is not restricted, packet forwarding filters are

not required on Routers A or C.
Two packet forwarding filters are required on Router B. The first filter ensures
that any packet originating within the organization's internal networks are
forwarded by Router B. The second filter provides access to the corporate mail
server and allows external users to send and receive electronic mail to and
from internal users.
To configure the first filter, the source identifies the packets that originate in
the internal networks. The simplest way to do this on Router B is to identify
all packets received from the FDDI backbone interface. Because internal users
can use any service at any location, the remaining fields in the filter can be
specified as ANY.
The source of the second filter is all packets originating from external
networks. Because the interface NE2000_B is the only connection that Router
B has to the external networks, this can be used to specify the source field for
this filter. SMTP (Simple Mail Transfer Protocol) is selected from the
Setting Up
103-000178-001
August 29, 2001
Novell Confidential
59
Manual
99a
38
July 17, 2001
predefined services list. The allowable destinations are limited to the

corporate mail servers. Host 153.5.3.1 is the only mail server defined.
When configuring this example, set the parameters as shown in Table 6 .
Table 6
Parameters for IP Packet Forwarding Filter Example

Parameter
Value
Action
Permit Packets
Filters List
Filter 1:
Source Interface
Packet Type
Source Address Type
Destination Address Type
Filters List
Filter 2:
Source Interface
Packet Type
Source Address Type
Destination Address Type
Destination TCP/IP Address
Interface
FDDI backbone
Interface
All Interfaces
Any
Any Address
Any Address
Interface
NE2000_B
Interface
All Interfaces
SMTP
Any Address
Host
153.5.3.1
Configuring AppleTalk Filters

AppleTalk supports the following types of filters:
Device hiding filters
Outgoing route filters (routes advertised)
Incoming route filters (routes accepted)
backup call is automatically connected. You can only view primary filters using
FILTCFG. Backup filters do not appear in FILTCFG.
60
103-000178-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Refer to Chapter 1, Understanding, on page 9 for more information.

How to Configure AppleTalk Device Hiding Filtering on page 61
Example AppleTalk Device Hiding Filter on page 65
How to Configure AppleTalk Route Filtering on page 66
AppleTalk Outgoing Routing Information Filter Example on page 68
How to Configure AppleTalk Device Hiding Filtering

Before you begin, make sure that filtering support is enabled for AppleTalk in
To configure AppleTalk device hiding filtering, complete the following steps:
Select Configure AppleTalk Filters > Device Hiding Filters

2 Select Action and toggle the choice to show or hide the devices listed in
the filter list.

This specifies the action taken when an NBP reply packet matches a filter
in the filter list. If you specify to show the devices, the AppleTalk router
forwards only the NBP replies that match a filter in the filter list. If you
specify to hide the devices, the AppleTalk router discards all NBP replies
that match a filter in the filter list.
3 Select Filters .
This displays a list of filters that hide or show devices, depending on the
setting of the Action parameter. The name, type, device location, and
user location are listed for each device filter.
If you are modifying an existing filter or adding a filter, specify the
following parameters in the Define Filter menu:
Device Name Enter an NBP name of up to 32 characters.

Keep the default (=) to select all NBP names. An AppleTalk device
advertises itself on the network according to the Device Name and
Device Type values.
Setting Up
103-000178-001
August 29, 2001
Novell Confidential
61
Manual
99a
38
July 17, 2001
Device Type Press Enter and select from a list of defined

AppleTalk NBP device types, or press Ins to add a new NBP type
with the following information:
Device Type Enter a text string of up to 32 characters.
Device Location Type Specify where the filtered device is located

from the following choices: <Any> (the default), Interface ,
Interface Group , Non-extended Network , Multiple/Extended
Network, Zone , or AURP Tunnel .
Select <Any> to select all device locations to show or hide all
devices to the user location.
Device Location Specify the following parameters, based on what

you selected for Device Location Type :
<Any > or AURP Tunnel This field cannot be edited.
interface, the internal network, or all interfaces. The default is All
Interfaces .
Interface Group Press Enter , then select a network interface group
from the list.
Non-extended Network Press Enter , then type a network number
to identify the nonextended network in which the filtered device is
located.
Multiple/Extended Networks Press Enter , then type the start and
end network numbers for the extended network in which the filtered
device is located. The start number must be greater than zero, and the
end number must be greater than or equal to the start value.
You can enter a specific extended network, or a range of extended
and nonextended networks. For example, for networks 1-9, 10, 1120, 21-30, specifying an extended range of 1-30 will filter all devices
in the 1-9, 10, 11-20, and 21-30 extended networks.
Zone Press Enter , then type the name of the AppleTalk zone in
which the filtered device is located.
62
103-000178-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Device Circuit If you selected a WAN circuit, press Enter to

Remote System ID (for PPP, X.25, ISDN, or ATM)The name of
the remote system server or remote peer associated with this circuit.
User Location Type Select a location type from one of the

following choices: <Any> (the default), Interface , Interface Group
, Non-extended Network , Multiple/Extended Network , Zone , or
AURP Tunnel . Select <Any> if you do not know the location of the
device or if the network location does not matter.
User Location Specify the locations of the users whose access to

the devices must be controlled. Specify one of the following, based
on what you selected for User Location Type :
<Any > or AURP Tunnel This field cannot be edited.
interface, the internal network, or all interfaces. The default is All
Interfaces .
Interface Group Press Enter , then select a network interface group
from the list.
Non-extended Network Press Enter , then type a network number
to identify the nonextended network in which the filtered device is
located.
Multiple/Extended Networks Press Enter , then type the start and
end network numbers for the extended network in which the filtered
device is located. The start number must be greater than zero, and the
end number must be greater than or equal to the start value.
You can enter a specific extended network, or a range of extended
and nonextended networks. For example, for networks 1-9, 10,
Setting Up
103-000178-001
August 29, 2001
Novell Confidential
63
Manual
99a
38
July 17, 2001
11-20, 21-30, specifying an extended range of 1-30 will filter all

devices in the 1-9, 10, 11-20, and 21-30 extended networks.
Zone Press Enter , then type the name of the AppleTalk zone in
which the filtered device is located.
User Circuit If you selected a WAN interface, press Enter to


This lists the exceptions to the device filter list. Depending on the Action
parameter setting, devices that match a filter on this list are always or are
never permitted or denied, even if another filter is configured to do the
opposite.
remove it. Press Ins to add a new filter. Refer to Step 4 and Step 5 to
modify or add a filter to the exceptions list.
All configured filters immediately become active (enabled) or inactive

(disabled).
9 Press Esc to save the information and return to the Configure AppleTalk
Filters menu.
64
103-000178-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Example AppleTalk Device Hiding Filter

FigureFigure 7 on page 65 shows the internetwork topology for an
organization with an FDDI backbone connecting several departments within
the organization and a link to external networks. Routers A and C connect the
departmental networks to the backbone. In general, users can communicate
freely across the internetwork. However, access to printers within the
Accounting department is restricted.
Figure 7
AppleTalk Device Hiding Filter Example
AppleTalk Extended
Network 165170
Zone = Accounting
AppleTalk Extended Network 4145
Router C
Zone FDDI Backbone

Router A

Zone Corporate Servers
All networks within the Accounting department are in Zone Accounting. A

device hiding filter on Router C stops access from specific areas to the
LaserWriter* printers within the Accounting zone.
When configuring this example, set the parameters as shown in Table 7 on
page 66.
Setting Up
103-000178-001
August 29, 2001
Novell Confidential
65
Manual
Table 7
99a
38
July 17, 2001
Parameters for AppleTalk Device Hiding Filter Example

Parameter
Value
Action
Deny
Device Name
= (for all NBP names)
Device Type
LaserWriter
Device Location Type
Zone
Device Location
Accounting
User Location Type
Interface
User Location
FDDI Backbone-Interface connecting to FDDI
User Circuit
All Circuits
How to Configure AppleTalk Route Filtering

Before you begin, make sure that filtering support is enabled for AppleTalk in
To configure AppleTalk routing information filtering for incoming (or
outgoing) route filters, complete the following steps:
Select Configure AppleTalk Filters > Incoming Route Filters (or

Outgoing Route Filters )
2 Select Action and toggle the choice to permit or deny the routes listed in
the filter list.

This specifies the action taken with a route that appears in the filter list.
If you select to permit routes, the AppleTalk router accepts (or advertises)
only the routes from (or to) the networks in the filter list. If you select to
deny routes, the AppleTalk router does not accept (or advertise) specific
routes from (or to) specific networks in the filter list, but does accept (or
advertise) all other entries in the routing table.
3 Select Filters .
This lists the filters that are permitted or denied, according to the Action
parameter setting.
66
103-000178-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If you are modifying an existing filter or adding a filter, specify the
following parameters in the Define Filter menu:
Route to Network (or Route to Network or Zone )Select All

Routes , Non-extended Network , Multiple/Extended Network , or
Zone as the type of route or network to be filtered.
Network Number/Range Enter a network number or a network

range, depending on whether you selected a nonextended or an
extended network. If you select an extended network, you can enter
a single extended network or a range of extended and nonextended
networks.
Zone Name (Outgoing only)Enter the zone name of the

AppleTalk zone to be filtered.
Source (or Destination ) Type Press Enter and select Interface ,

Interface Group , or AURP Tunnel .
Source (or Destination )Press Enter and select the interface or

interface group from the list. This option does not apply for an AURP
tunnel.
If you specified Interface as the Source Type , select a specific
interface on which you want to filter the service. You can select a
LAN interface, a WAN interface, the internal network, or all
Source (or Destination ) Circuit If you selected a WAN circuit,

press Enter to modify the following optional circuit information:

Setting Up
103-000178-001
August 29, 2001
Novell Confidential
67
Manual
99a
38
July 17, 2001

This lists the exceptions to the filter list. Depending on the Action
parameter setting, routes that match a filter on this list are always or are
never permitted or denied, even if another filter is configured to do the
opposite.
remove it. Press Ins to add a new filter. Refer to Step 4 and Step 5 to
modify or add a filter.

(disabled).
9 Press Esc to save the information and return to the Configure AppleTalk
Filters menu.
AppleTalk Outgoing Routing Information Filter Example

In the following example, the Accounting department is connected to the
FDDI backbone by Router C. One of the AppleTalk networks within
Accounting is 165-170. Because access to this network from outside the
Accounting department is not required, the administrator has chosen not to
propagate a route to this network outside the Accounting department. Figure
8 on page 69 shows the internetwork topology.
68
103-000178-001
August 29, 2001
Novell Confidential
Manual
Figure 8
99a
38
July 17, 2001
AppleTalk Routing Information Filter Example
AppleTalk Extended
Network 165170
Zone =
Accounting
Department
Router C
FDDI
AppleTalk Extended
Network 110
Router A
Router B
Extended network 165-170 can be hidden from the rest of the organization if
an outgoing route filter is configured on Router C.
The route being hidden from the rest of the network is extended network 165170. Router C's connection to the departments outside Accounting is through
the FDDI backbone. The destination from which to hide the Accounting
network is most easily defined as the interface to the backbone. Note that no
node or server in the internetwork can see the Accounting network 165-170.
However, nodes in Accounting can see the internetwork routes, but cannot see
any devices on the internetwork.
Table 8
Parameters for AppleTalk Routing Information Filter Example

Parameter
Value
Action
Deny
Filtered Route:
Route to Network or Zone
Multiple/Extended Network
Network Number/Range
165-170
Destination Type
Interface
Destination
FDDI
Setting Up
103-000178-001
August 29, 2001
Novell Confidential
69
Manual
99a
38
July 17, 2001
Configuring Source Route Bridge Filters

Source route bridge supports the following two types of filters:
Protocol ID filters
Ring number filters
Refer to Chapter 1, Understanding, on page 9 for more information.
automatically generated for the backup call. If the primary call fails, the backup call
is automatically connected.

Configuring Protocol ID Filters on page 70
Configuring Ring Number Filters on page 71
Configuring Protocol ID Filters

To configure protocol ID filters, complete the following steps:
Select Configure Source Route Bridge Filters > Protocol ID Filters

2 Select Action and toggle the choice to permit or deny the packets in the
filter list.
This specifies the action taken with a packet that appears in the filter list.
If you select to permit packets, the bridge accepts only the packets in the
filter list. If you select to deny packets, the bridge does not accept the
packets in the filter list.
3 Select Filters .
parameter setting.
4 Modify the packet list.
remove it. Press Ins to add a new packet.
70
103-000178-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Source Interface Press Enter and select an interface from the list
of configured network interfaces. This specifies the network
interface at which incoming data packets are filtered.
Protocol ID Press Enter and select a protocol ID from the list.

Press F3 to modify a protocol ID. Press Ins to define a new protocol
ID and supply the following information:
NOTE: You cannot modify predefined protocol ID entries.
Select Protocol ID Type Select either LLC SAP or 802.2 SNAP,

where LLC SAP is the original IEEE 802.2 1-byte protocol ID, and
802.2 SNAP is an expanded 5-byte protocol ID used with SNAP
SAP.
Name Specify a unique name for the protocol ID.
Value For LLC SAP, enter a 1-byte (up to two hexadecimal digits)
ID. For SNAP SAP, enter up to a 5-byte (10 hexadecimal digits) ID
with a minimum value of 600 (hexadecimal).
Comment Enter an optional short description for the protocol ID.
NOTE: All changes to the filter list take place immediately.

6 Select Status and toggle the choice to read Enabled or Disabled to
specify the status of the protocol ID filters.

(disabled).
7 Press Esc to return to the Configure Source Route Bridge Filters menu.
Configuring Ring Number Filters

To configure ring number filters, complete the following steps:
Select Configure Source Route Bridge Filters > Ring Numbers Filters
2 Select Status and toggle the choice to read Enabled or Disabled to
specify the status of the ring number filters.
Setting Up
103-000178-001
August 29, 2001
Novell Confidential
71
Manual
99a
38
July 17, 2001
This displays the action taken when a packet matches a filter in the filter
list. The only action possible is to select Deny Packets .
3 Select Filters .
parameter setting.
Source Ring Number Enter a number in the range of 1 to FFF

(hexadecimal).

NOTE: All changes to the filter list take place immediately.
6 Press Esc to return to the Configure Source Route Bridge Filters menu.
72
103-000178-001
August 29, 2001
Novell Confidential
Getting Results with Novell Web Services
Novell
NetWare 6
www.novell.com
G E T T I N G R E S U LT S W I T H N O V E L L W E B S E RV I C E S
August 29, 2001

Novell Confidential
Manual
99a
July 17, 2001
38
Contents
Contents
13
Whats in This Documentation? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Path References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Part I
1
Web Services: The Road to One Net
Introducing Novell Web Services
17
Introducing the Web Services Components . . . . . . . . . . . .

NetWare 6 Net Services that Depend on Novell Web Services
NetWare Enterprise Web Server . . . . . . . . . . . . . . . .
Apache Web Server for NetWare. . . . . . . . . . . . . . . .
Tomcat Servlet Engine for NetWare . . . . . . . . . . . . . .
NetWare Web Search Server. . . . . . . . . . . . . . . . . .
FTP Server . . . . . . . . . . . . . . . . . . . . . . . . . . .
WebDAV . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NetWare Web Manager . . . . . . . . . . . . . . . . . . . .
Requirements for Managing Novell Web Services . . . . . . . . .
Web Browser Requirements . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Part II
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
17
18
19
20
21
21
22
22
22
23
23
25
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Modifying Web Manager Preferences

Securing Web Manager . . . .
Using Encryption . . . . . .
Working with Log Files . . . . .
Viewing an Access Log File
Viewing the Error Log File .
.
.
.
.
.
.
.
.
.
.
.
Introducing NetWare Web Manager

Requirements for Using Web Manager . .
When to Use Web Manager . . . . . . . .
Using Web Manager . . . . . . . . . . . .
Accessing the Web Manager Home Page .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
25
26
29
31
33
33
33
34
35
36
Working with the NetWare Enterprise Web Server
Putting the Web Server to Work
41
Contents

103-000133-001
August 29, 2001
Novell Confidential
Manual
Creating Your Own Web Site . . . . . . . . . .

Hosting Multiple Web Servers . . . . . . . .
Accessing Your Web Site . . . . . . . . . .
Adding Content to Your Web Site . . . . . .
How to Publish Content to Your Web Server
Creating Personal Web Sites . . . . . . . .
Securing Your Web Site . . . . . . . . . . . . .
Controlling Access Using eDirectory Mode .
Additional Web-Based Services . . . . . . . . .
Using the NetWare FTP Server . . . . . . .
Using the NetWare Web Search Server . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
July 17, 2001
38
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Starting and Stopping the Web Server . . . . . . . . . .

Setting the Termination Time-out . . . . . . . . . . .
Viewing Server Settings . . . . . . . . . . . . . . . .
Restoring Backup Configuration Files . . . . . . . . . .
Tuning Web Server Performance . . . . . . . . . . . . .
Configuring Maximum Simultaneous Requests . . . .
Enabling Domain Name System Lookups . . . . . . .
Configuring Listen Queue Size . . . . . . . . . . . .
Configuring the HTTP Persistent Connection Time-out
Configuring MIME Types . . . . . . . . . . . . . . . . .
Configuring Network Settings . . . . . . . . . . . . . . .
Changing the Server Name . . . . . . . . . . . . . .
Changing the Server Port Number. . . . . . . . . . .
Changing the Server Binding Address . . . . . . . . .
Changing the Servers MTA Host . . . . . . . . . . .
Modifying Network Settings . . . . . . . . . . . . . .
Customizing Error Responses. . . . . . . . . . . . . . .
What Are the Errors? . . . . . . . . . . . . . . . . .
Setting Up the Response . . . . . . . . . . . . . . .
Restricting Access . . . . . . . . . . . . . . . . . . . . .
Establishing Security . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Managing the Web Server
41
42
42
43
44
45
46
46
47
47
48
49
Managing Server Content
49
49
50
50
51
52
52
53
54
54
55
55
56
56
56
56
57
57
57
58
59
61
Setting the Primary Document Directory

Setting Additional Document Directories
Setting Virtual Document Directories . .
Establishing the Path to the Directory
Providing Public Access . . . . . . .
Setting Server Access . . . . . . . .
Configuring User Document Directories .
Creating a Home Directory . . . . .
.
.
.
.
.
.
.
.
.
.
.
99a
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

103-000133-001
August 29, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
61
62
62
63
63
63
64
64
Manual
99a
Creating a PUBLIC_HTML Directory . . . . . . . .

Adding Users Contexts to the Search Contexts List .
Restarting the Enterprise Web Server . . . . . . . .
Activating User Document Directories . . . . . . . .
Providing Public Access . . . . . . . . . . . . . . .
Web Publishing through WebDAV . . . . . . . . . . . .
Configuring Document Preferences . . . . . . . . . . .
Specifying a Default Home Page . . . . . . . . . . .
Directory Indexing . . . . . . . . . . . . . . . . . .
Server Home Page . . . . . . . . . . . . . . . . . .
About the Temporary Web Site. . . . . . . . . . . .
Default MIME Type . . . . . . . . . . . . . . . . . .
Parsing the Accept Language Header . . . . . . . .
Setting Document Preferences . . . . . . . . . . . .
Forwarding URLs. . . . . . . . . . . . . . . . . . . . .
Setting Up Multiple Web Servers. . . . . . . . . . . . .
Setting Up Hardware Virtual Servers . . . . . . . . .
About Securing a Hardware Virtual Server . . . . . .
Setting Up Software Virtual Servers . . . . . . . . .
About the Drop-Down Lists. . . . . . . . . . . . . . . .
Wildcards Used in the Drop-Down List . . . . . . . .
Assigning a Character Set . . . . . . . . . . . . . . . .
Specifying a Document Footer . . . . . . . . . . . . . .
Customizing Parsed HTML. . . . . . . . . . . . . . . .
Using Cache-Control Directives . . . . . . . . . . . . .
Working with Configuration Styles . . . . . . . . . . . .
Creating a Configuration Style . . . . . . . . . . . .
Editing a Configuration Style . . . . . . . . . . . . .
Applying a Configuration Style . . . . . . . . . . . .
Removing a Configuration Style . . . . . . . . . . .
Listing Configuration Style Assignments . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Using a Directory Service to Control User Access to Network Resources

The Directory Service . . . . .
eDirectory Mode . . . . . .
Local Database Mode . . .
LDAP Mode. . . . . . . . .
Configuring Directory Services .
Using eDirectory Mode . . .
Using Local Database Mode
Using LDAP Mode . . . . .
July 17, 2001
38
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
64
65
65
65
65
66
66
66
67
68
68
68
69
69
70
71
71
72
72
74
74
76
77
78
79
80
80
81
81
82
82
83
Understanding ACL Files
83
83
84
85
85
85
86
86
89
ACL File Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
Contents

103-000133-001
August 29, 2001
Novell Confidential
Manual
Authentication Statements . . . . .
Authorization Statements . . . . .
Default ACL File . . . . . . . . . .
Referencing ACL Files in OBJ.CONF .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
99a
July 17, 2001
38
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Installing Server-Side Programs. . . . . . . . .

Installing CGI Programs . . . . . . . . . . .
Using the Query Handler . . . . . . . . . .
Installing Server-Side JavaScript Programs .
Installing Client-Side Programs . . . . . . . . .
About Tomcat for NetWare . . . . . . . . . . .
Migrating from WebSphere to Tomcat . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Extending Your Server with Programs
90
91
94
96
97
10 Monitoring the Web Server
97
98
101
102
108
109
109
113
Working with Log Files . . . . . . . . . . . . . . . . . . .

Viewing an Access Log File . . . . . . . . . . . . . . .
Viewing an Error Log File . . . . . . . . . . . . . . . .
Setting Log Preferences . . . . . . . . . . . . . . . . .
Archiving Log Files. . . . . . . . . . . . . . . . . . . .
Monitoring Current Web Server Activity . . . . . . . . . . .
Working with the Log Analyzer . . . . . . . . . . . . . . .
Running the Log Analyzer from the Server Status Form
Running the Log Analyzer from the Command Line . . .
Monitoring the Server Using SNMP . . . . . . . . . . . . .
How SNMP Works . . . . . . . . . . . . . . . . . . . .
The Enterprise Web Server MIB . . . . . . . . . . . .
For Additional Information . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
113
113
115
116
118
118
119
120
122
123
123
125
127
Part III Introducing NetWare Web Search Server

11 Introducing NetWare Web Search Server
How NetWare Web Search Works . . . . . .
Components of a Search Site . . . . . . . . .
General Architecture of Web Services . . .
Building a Search Site . . . . . . . . . . . . .
Accessing NetWare Web Search Manager
Taking a Test Run . . . . . . . . . . . . . . .
Customizing Your Web Search Solution . . .
.
.
.
.
.
.
.
131
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
131
133
133
134
135
136
136
12 Whats New with the NetWare Web Search Server
137
13 Planning Your Search Service
139
Search Site Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139

Deciding If You Need More Than One Search Site . . . . . . . . . . . . . . . . . . . . . . . . 140

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Becoming a Search Service Host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141

Using Web Search in a Clustered Environment . . . . . . . . . . . . . . . . . . . . . . . . . 142
Getting Started . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
14 Creating and Managing Search Sites

About Search Sites. . . . . . . . . . . . .
Creating a Search Site . . . . . . . . . . .
Naming a Search Site . . . . . . . . .
Using the Site Alias . . . . . . . . . . .
Storing Site Files . . . . . . . . . . . .
Creating Site Indexes . . . . . . . . . . .
Searching across Multiple Indexes . . .
Defining a New Crawled Index . . . . .
Defining a New File System Index . . .
Generating Indexes. . . . . . . . . . .
Managing Existing Index Files . . . . . . .
Editing an Index . . . . . . . . . . . .
Deleting an Index . . . . . . . . . . . .
Working with the Log File. . . . . . . .
About Indexing Dynamic Web Content. . .
Automating Site Management . . . . . . .
Modifying Default Search Site Settings . .
General Settings . . . . . . . . . . . .
Default Search Settings . . . . . . . .
Default Print Settings . . . . . . . . . .
Default Index Settings . . . . . . . . .
Default Security Settings . . . . . . . .
Modifying Default Search Service Settings
General Services Settings . . . . . . .
Search Services Settings . . . . . . . .
Print Services Settings . . . . . . . . .
Backing Up Your Search Site Files . . . .
145
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Improving Search Results through Intelligent Indexing . . . . . . . .

Excluding Documents from Being Indexed . . . . . . . . . . . . .
Modifying Document Descriptions Returned in a Search Results List .
Improving the Relevance of Search Results . . . . . . . . . . . . . .
Weighted Queries . . . . . . . . . . . . . . . . . . . . . . . . . . .
Ensuring Optimal Search Speed . . . . . . . . . . . . . . . . . . . .
Making Good Use of Document Fields. . . . . . . . . . . . . . . . .
Using the &filter Query Parameter . . . . . . . . . . . . . . . . . . .
Searching XML Documents . . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
15 Optimizing Search Results
169
16 Understanding Templates
169
169
171
171
172
173
174
175
176
177
How Templates Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Contents

103-000133-001
August 29, 2001
Novell Confidential
145
145
146
147
148
148
148
149
151
153
154
154
154
154
155
155
157
157
158
159
161
162
163
163
164
166
167
177
Manual
Exploring the Default Search and Print Templates

Search Page Templates . . . . . . . . . . . .
Search Result Templates . . . . . . . . . . .
Print Result Templates. . . . . . . . . . . . .
Error and Response Message Templates . . . . .
How Templates Use System Memory . . . . . . .
Working with Additional Languages . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
99a
July 17, 2001
38
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Customizing Templates . . . . . . . . . . . . . . . . . .
Customizing the Search Templates . . . . . . . . . .
Customizing Search Result Templates . . . . . . . .
Customizing Print Result Templates . . . . . . . . . .
Customizing Error and Response Message Templates
Testing Your Search and Print Solution . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
17 Customizing Your Search Solutions
185
18 Working with Template Variables and Search Parameters

Guidelines for Using Variables
Search Page Variables . . . .
Search Result Variables . . . .
Print Result Variables . . . . .
Error Message Variables . . .
Response Message Variables.
Search Parameters . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
180
180
181
181
182
182
183
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
185
185
186
187
189
189
191
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Working with Multiple Languages . . . . . . . . .

Specifying Locales within Template Filenames
Understanding Character Set Encodings . . . . .
Unicode and UTF8 . . . . . . . . . . . . . . .
Search Encodings . . . . . . . . . . . . . . .
Response Encodings . . . . . . . . . . . . .
HTML Encodings . . . . . . . . . . . . . . .
Template Encodings . . . . . . . . . . . . . .
Encoding Issues When Printing . . . . . . . .
Languages Included in the Default Templates . .
Where to Go From Here . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
19 Internationalizing Your Search Solution
191
192
193
199
201
203
205
213
213
214
215
216
217
217
218
219
221
221
222
Part IV Appendixes
A
Troubleshooting NetWare Web Search
225
Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225
Additional Assistance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226
Combined Character Sets for Use with NetWare Web Search
10

103-000133-001
August 29, 2001
Novell Confidential
227
Manual
ASCII Character Set . . . . . . . .

Arabic Character Set . . . . . . . .
Chinese (Simplified) Character Set
Chinese (Traditional) Character Set
Cyrillic Character Set. . . . . . . .
European Character Set . . . . . .
Greek Character Set . . . . . . . .
Hebrew Character Set . . . . . . .
Japanese Character Set . . . . . .
Korean Character Set . . . . . . .
Thai Character Set . . . . . . . . .
Turkish Character Set . . . . . . .
Vietnamese Character Set . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
99a
July 17, 2001
38
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
HTTP Methods and eDirectory Trustee Requirements
Managing Users and Groups Using Local Database or LDAP Modes

Creating Users . . . . . . . . . . . . . . . . . . . .
Additional Information about User Entries . . . .
Managing Users . . . . . . . . . . . . . . . . . . .
Finding User Objects . . . . . . . . . . . . . . .
Editing User Information . . . . . . . . . . . . .
Managing User Passwords . . . . . . . . . . . .
Managing User Licenses . . . . . . . . . . . . .
Renaming Users . . . . . . . . . . . . . . . . .
Removing Users . . . . . . . . . . . . . . . . .
Creating Groups . . . . . . . . . . . . . . . . . . .
Managing Groups . . . . . . . . . . . . . . . . . .
Finding Group Entries . . . . . . . . . . . . . .
Editing Group Attributes . . . . . . . . . . . . .
Adding Group Members . . . . . . . . . . . . .
Adding Groups to the Group Members List. . . .
Removing Entries from the Group Members List .
Managing Owners . . . . . . . . . . . . . . . .
Managing See Alsos . . . . . . . . . . . . . . .
Removing Groups . . . . . . . . . . . . . . . .
Renaming Groups . . . . . . . . . . . . . . . .
Creating Organizational Units . . . . . . . . . . . .
Additional Information about Organizational Units
Managing Organizational Units . . . . . . . . . . .
Finding Organizational Units . . . . . . . . . . .
Editing Organizational Unit Attributes . . . . . .
Renaming Organizational Units . . . . . . . . .
Deleting Organizational Units. . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
228
229
230
231
232
233
237
238
239
241
242
242
243
245
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
247
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Controlling Access to Your Server Using Local Database or LDAP Modes
Contents

103-000133-001
August 29, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
247
248
249
249
251
251
252
252
253
253
254
254
256
256
257
257
258
258
259
259
259
260
260
260
262
262
263
265
11
Manual
Controlling Access Using Native eDirectory Mode . . .

Controlling Access with NetWare Web Access Controls
What Is Access Control?. . . . . . . . . . . . . . .
User-Group Authentication . . . . . . . . . . . . .
Host-IP Authentication . . . . . . . . . . . . . . . .
Access Control Files . . . . . . . . . . . . . . . . .
How Does Access Control Work? . . . . . . . . . . . .
Restricting Access . . . . . . . . . . . . . . . . . . . .
Setting Access Control Actions . . . . . . . . . . .
Specifying Users and Groups . . . . . . . . . . . .
Specifying Hostnames and IP Addresses . . . . . .
Setting Access Rights . . . . . . . . . . . . . . . .
Writing Customized Expressions . . . . . . . . . .
When Access Control Is On . . . . . . . . . . . . .
Responding When Access Is Denied . . . . . . . .
Examples of Restricting Access . . . . . . . . . . . . .
Restricting Access to the Entire Server . . . . . . .
Restricting Access to a Directory (Path) . . . . . . .
Restricting Access to a URI (Path) . . . . . . . . .
Restricting Access to a File Type . . . . . . . . . .
Restricting Access Based on Time of Day . . . . . .
Port Number Assignments
12
99a
July 17, 2001
38
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

103-000133-001
August 29, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
265
265
265
266
267
268
268
270
273
273
275
276
276
277
277
278
278
279
281
282
283
285
Manual
99a
38
July 17, 2001

As an integral part of NetWare 6, Novell Web Services makes Novells One
Net (http://www.novell.com/news/onenet/index.html) vision a reality by
providing the enabling Web technologies for many of Novells Net services.
Novell Web Services offers an open-standards development environment built
around
Apache Web Server for NetWare
Tomcat Servlet Engine for NetWare
FTP Server
WebDAV
Whats in This Documentation?

This documentation describes each of the Novell Web Services components
and includes some additional information about NetWare 6 and Novell Web
Services architecture. This book includes documentation for
NetWare Web Manager
Related concepts and procedures for using Novell Web Services with
NetWare 6

103-000133-001
August 29, 2001
Novell Confidential
13
Manual
99a
38
July 17, 2001
Path References
By default, the NetWare Web Search Server is installed to the /NSEARCH
directory located at the root of your servers volume. However, during
installation, you can customize the location where you want Web Search
installed.
Because of this, when referring to the root directory where the NetWare Web
Search Server is installed, the variable name /searchroot will be used.
14

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

This section introduces you to Novell Web Services and how they fit in to
the One Net architecture of NetWare 6. It also introduces you to each of the
Web services components so that you can understand the individual pieces of
Web services.
Upon completing this section, you should be familiar with each of the primary
components of Web services, understand how they fit into the NetWare 6
architecture, and be familiar with how to use and configure each of the Web
Services components.

103-000133-001
August 29, 2001
Novell Confidential
15
Manual
16
99a
38

103-000133-001
August 29, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001

Novell Web Services is a collection of technologies that enable Novells Net
Services products to work.
For example, the Enterprise Web Server is one of the key Novell Web services
components. But it is also the enabling technology for iLoginTM and might also
be used to serve up your department or company Web site.
The marriage of Novells industry leading net services software with Novell
Web Services offer unparalleled opportunities for business exchanges, both
within and between companies.
There is no better medium or infrastructure in place to enable, enhance, and
encourage open communications than the Web. What e-mail has done for
person-to-person communication, the Web does for person-to-department,
department-to-department, company-to-person, and company-to-company
communications.
While your expertise might be in networking technologies, Novell Web
Services are simple to use and ready to run, right out of your NetWare 6 box.
Introducing the Web Services Components

The following diagram is a simplified depiction of the role that Novell Web
Services play as the Web-enabling technologies for Net Services Software,
making the One Net vision a reality.

103-000133-001
August 29, 2001
Novell Confidential
17
Manual
Figure 1
99a
July 17, 2001
38
The Role of Web Services in Supporting Net Services Software
Internet
Laptop
PC
Firewall
Net
Services
iFolder
Web
Sevices
iLogin
Tomcat
Servlet
Engine
eFrame
Web
Search
iPrint
Enterprise
Web
Server
etc.
Portal
Services
Apache
Web
Server
HTTP
Stack
NetWare
NetWare 6 Net Services that Depend on Novell Web Services

Novell is the leading provider of Net Services Software. Net Services
Software is the glue that holds together disparate networks and technologies
for the purpose of simplifying business processes and communications.
As illustrated in Figure 1 on page 18, Novell Web Services provides the
supporting technology for the following net services software included in
NetWare 6:
iFolderTM
iLogin
iPrint
NetWare Web Manager
18

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

NetWare Web Access
GroupWise Web Access
iManage
For details about each of these services, refer to their documentation on the
Novell Documentation Web site (http://www.novell.com/documentation).

The NetWare Enterprise Web Server is an HTTP server used to serve up Web
pages to the Internet, an intranet or extranet. It is optimized to run in the
NetWare environment and is a critical component to building One Net
solutions where all kinds of networks work together to achieve business
results.
You can create a Web to enhance departmental communication, or you can
create a Web that spans your location or company. You can also provide spaces
for your customers, suppliers, vendors, consultants, or any other entities
outside your company who would benefit by having access to specified areas
on your Web. In addition, you can publish information on the Internet so that
the world can see it and contribute to it.
There are traditional categories of Webs, each fulfilling a unique role. While
each Web type is unique in some way, each of them facilitates a single network
and the sharing of information.
The most popular of all Webs is the World Wide Web, available through
the Internet. Hosting a Web server with Internet access requires a
persistent Internet connection. In this environment, information
published to the Web server will be accessible by anyone with a browser.
Most companies host Internet Web sites to publish information about
their products or services and to provide a point of contact with
customers.
A firewall is required to provide security for Web servers with Internet
connections. A firewall prevents users on the Internet from accessing a
companys network-based resources.

103-000133-001
August 29, 2001
Novell Confidential
19
Manual
99a
38
July 17, 2001
Many companies also host their own private intranets. The target
audience of an intranet is the employees. An intranet is the ideal
environment for employees and departments to publish information that
can benefit others in the company.
A company can host both Internet and intranet Web sites. Employees
inside the company can access both, while people outside the company
cant get through the firewall to access the intranet.
An extranet is a combination of public and private Web sites. Extranets
are usually created among companies to expedite communication and
cooperation. For example, a company that relies on a vendor to fill its
orders could create an extranet to allow the vendor to access customer
orders. This way, the vendor could automatically fill orders without
having to wait for user intervention.
For more information about using the Enterprise Server, see Chapter 4,
Putting the Web Server to Work, on page 41.
Apache Web Server for NetWare

Apache Web server is an open-source Web server originally developed by the
not-for-profit Apache Group. The Apache Web server is in use by more than
60% of all Web hosting companies. It is extremely stable and its free!
As an integral part of Novell Web Services, Apache is installed by default
during your NetWare 6 installation and you should not have to manage any
part of it. Apache is a critical component of NetWare Web Services and is used
by the following NetWare 6 Web-based services:
NetWare Web Manager
NetWare Web Search Manager
NetWare Web Search Print and Search Services
NetWare Web Access
iFolder
iManage
To host Web sites and Web applications, see NetWare Enterprise Web
Server on page 19. For additional information about the Apache Web server,
visit http://www.apache.org (http://www.apache.org), or refer to the Apache
documentation available on your server after NetWare 6 installation and
located at volume:\Apache\htdocs\manual.
20

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Tomcat Servlet Engine for NetWare

Also developed by the Apache Group, Tomcat is a servlet engine used to serve
up Web applications. It is also used by several NetWare 6 components,
including the NetWare Web Search Server. If you are a developer working to
create solutions, you will likely work a great deal with Tomcat. If you are not
a developer, you may never have to do anything with Tomcat.
For additional information about Tomcat, including how to migrate IBM
WebSphere applications to Tomcat, see About Tomcat for NetWare on page
109.

Make your data searchable in minutes! From simple search solutions to
complex, revenue-generating search services, NetWare Web Search bridges
all types of networks, from file servers, to intranets, extranets, and the Internet,
by bringing critical information to busy people. It is one of the industrys
fastest and most accurate search engines available today.
Most users care less about where information is stored and more about finding
it, and finding it fast! With staggering terabytes of information on the Internet
and on huge information stores found in most corporations today, Web Search
offers an easy way for users to find highly relevant information at record
speeds.
Installed by default when you install NetWare 6, Web Search is ready to run,
right out of the box. Just point Web Search at the Web or file servers to be
searched, and Web Search generates keyword indexes used to perform timesaving searches.
Through the implementation of a powerfully simple template-based
architecture, you can customize the search forms and search results pages to
get the results you need. By using included parameters, variables, and basic
HTML, Web Search lets you build your own templates from scratch. From
simple search solutions to complex, revenue-generating search services,
NetWare Web Search offers the power to change the way you do your business
by making one net out of file servers, intranets, extranets, and the Internet.

103-000133-001
August 29, 2001
Novell Confidential
21
Manual
99a
38
July 17, 2001
FTP Server
The NetWare FTP Server provides FTP service for transferring files to and
from NetWare volumes. FTP Server can be used to post new Web content to
your Enterprise Web Server, or to post or retrieve documents from your
NetWare file server.
WebDAV
Web-distributed Authoring and Versioning (WebDAV) is an industry standard
protocol. It is an enhancement to the HTTP protocol, turning the Web into a
document database that enables collaborative creation, editing and searching
from remote locations. Whereas HTTP only supports the reading of files,
WebDAV enables documents to be written using HTTP.
Because of WebDAVs versioning control, Web users can use a Web browser
to write, edit and save shared documents without overwriting each others'
work.
HINT: You must be using eDirectory as your directory service and Internet
Explorer as your browser if you want to use WebDAV. For more information about
publishing content to your Web server, see Chapter 6, Managing Server Content,
on page 61.
NetWare Web Manager

NetWare Web Manager is the tool you use to manage all of your Novell Web
Services and to access other Web-based management tools. Using any 4.x or
newer Web browser such as Netscape* Navigator* or Communicator*, you
can manage your Novell Web Services from any place on the Internet.
With Novell eDirectoryTM, you can create and manage user and group
authentication to sensitive information on your server.
22

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Requirements for Managing Novell Web Services

To manage any NetWare Web Service, you need a Web browser, such as
Netscape Navigator or Navigator Gold 3.0 or later, Netscape Communicator,
Internet Explorer or any other browser that supports Java* and JavaScript*.
Web Browser Requirements

You must enable Java or JavaScript in your Web browser because all of the
configuration forms in Web Manager and other management tools require one
or both of these forms of Java to function.
To enable Java in Internet Explorer 4 or later:
1 From the Internet Explorer browser window, click Tools > Internet
Options.
2 Select the Advanced tab.
3 Under Microsoft VM, check JIT Compiler for Virtual Machine Enabled
(Requires Restart).
4 Click OK.
To enable Java in Netscape Navigator:

1 From the browser window, click Options > Network Preferences.
2 Select the Language tab and make sure Java and JavaScript are checked.
3 Click OK.
To enable Java in Netscape Communicator:

1 From the Communicator browser window, click Edit > Preferences.
2 Select the Advanced category in the left column.
3 Check the Enable Java and Enable JavaScript check boxes.
4 Click OK.

103-000133-001
August 29, 2001
Novell Confidential
23
Manual
24
99a
38

103-000133-001
August 29, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001

NetWare Web Manager is a browser-based management tool used to
configure and manage the NetWare Enterprise Web server. But it also serves
as a front door to other NetWare browser-based management tools, such as
NetWare Remote Manager. It can be likened to a Web sites home page with
links to other resources and tools.
HINT: Web Manager and many other Web-based management tools used for
managing NetWare 6 rely on the industry leading Apache Web server. Therefore,
when viewing Web Manager access or error log files, or when shutting down or
restarting Web Manager, you are actually affecting the Apache Server, not the
Using a workstation and Web browser, you can access Web Manager either
locally (from within your WAN or LAN), or from remote locations where you
have Internet access. Web Manager lets you
Manage the Enterprise Web Server
Monitor Web server activity
Set up and manage user authentication and access to information on your
server using Novell eDirectoryTM or local database modes
Access other browser-based management tools such as NetWare Remote
Manager or NetWare Web Search Server (see Table 1, NetWare 6 Webbased Management Tools, on page 26)
Requirements for Using Web Manager

To use Web Manager, you must be using a 4.x or newer Web browser such as
Internet Explorer or Netscape Communicator.
If you have a firewall, you need to configure it to allow the Web Manager port
number to be made available. By default, the port number assigned is 2200.
However, this is configurable during and after NetWare 6 installation. When
changing port numbers, refer to Appendix F, Port Number Assignments, on
page 285.

103-000133-001
August 29, 2001
Novell Confidential
25
Manual
99a
38
July 17, 2001
When to Use Web Manager

There are several management tools included with NetWare 6. Some are Web
or browser-based, and others require a Windows client, as with NetWare
Administrator. And while you can perform basic object management tasks in
eDirectory, Web Managers primary purpose is to provide you with a tool for
configuring and managing Web services.
In addition, Web Manager is a home page to other NetWare management tools,
providing you with one-click access to them.
To help you decide when to use NetWare Web Manager or one of the other
management tools, the following table offers a description of each tool and its
intended use.
Table 1
NetWare 6 Web-based Management Tools
Management Tool
When to Use This Tool
How to Access This Tool
NetWare Web Manager
When you need to manage the

Enterprise Web Server or modify
Web Manager settings.
Enter your Web servers domain

name or IP address, followed by
a colon and the port number,
which by default is 2200.
Example:
https://mycompany.com:2200
Or
https://123.456.789.456:2200
To manage the Web server, click
your servername located under
To manage NetWare Web
Manager settings, click the Admin
Preferences icon in the top frame
of the Web Manager home page.
26

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Management Tool
NetWare Web Manager
When you need to manage

eDirectory trees or objects from a
remote location.

a colon and the Web Manager
port number, which by default is
2200. You can change the port
number during and after NetWare
6 Installation. Refer to Appendix
F, Port Number Assignments,
on page 285 for more
information.
Example:
Or
https://123.456.789.456:2200
From the Web Manager home
page, click your servername
located under Novell Directory
Services.
To manage users an groups
specific to the Enterprise Server,
click the servername under
NetWare Enterprise Web Server,
and then click the Users and
Groups icon in the top frame of
Web Manager.
NetWare Remote Manager
When you need to perform basic

functions on your NetWare
server, such as performance
monitoring, restarting your server,
and so forth.

a colon and the port number,
which by default is 8008.
Example:
Or
https://123.456.789.456:8008

103-000133-001
August 29, 2001
Novell Confidential
27
Manual
99a
38
July 17, 2001
Management Tool
eDirectoryTM iManage
When you need to configure or

manage NDPS or DHCP.

a colon and the port number.
Example:
https://
mycompany.com:port_number
Or
https://
123.456.789.456:port_number
One of the primary advantages of using NetWare Web Manager is that you can
easily configure various services from a remote workstation in your network
or even from a client computer outside of your firewall, provided that you
have dialup access to your network.
Figure 2
Remotely Configuring Novell Web Services
You can use any computer in the

network to access NetWare Web
Manager.
Network
One computer runs both NetWare
Web Manager and other Web
Services.
NetWare Web Manager also allows you to manage user authentication to your
Enterprise Server using eDirectory, local database, or LDAP modes.
NOTE: eDirectory mode handles both authentication and access rights. While you
can use LDAP, we recommend that you use eDirectory. If your Web server will
contain mostly public information and you have little need for authentication, you
28

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
can also use local database mode. For more information, see Chapter 7, Using a
Directory Service to Control User Access to Network Resources, on page 83.
When you install additional Novell Web Services, they can be configured and
managed from within NetWare Web Manager. NetWare Web Manager is
installed when you install NetWare.
After installing NetWare, use a Web browser from a client computer in your
network to access NetWare Web Manager. As you make changes to your
services using Web Manager, modifications are made to various configuration
files on your NetWare server.
HINT: To access Web Manager from outside of your firewall, you would first need
to open the TCP port 443 (HTTPS) to the IP address of your Web server (typically
port 80). You might already have done this to allow regular HTTP traffic to your
companys Web server. Then you would need to open the TCP port you have
assigned to Web Manager. For example, of Web Managers port number was
5500, you would then open TCP port 5500 to the same IP address. In short, you
would have set a TCP Port to 80 for HTTP traffic, another TCP port to 443 for
HTTPS access, and then another port to 5500 for Web Manager access. Refer to
your firewall documentation for more details.
Using Web Manager

The URL you use to navigate to Web Manager depends on the server
hostname and its port number. For example, if the domain name you specified
during NetWare 6 installation was MYSERVER, the URL you would use in
your Web browser would be similar to
https://myserver.mycompany.com:2200
or
https://137.95.65.150:2002
HINT: The default port number for Web Manager is 2200. You can change the port
number from within Web Manager by clicking Admin Preferences from the Web
Manager home page and then entering a new port number. For more information
about available ports, see Appendix F, Port Number Assignments, on page 285.
After entering the URL in your browser and sending the HTTP request to your
server, Web Manager prompts you for your username and password. The
administrator username and password are the same ones used when you
installed NetWare 6.

103-000133-001
August 29, 2001
Novell Confidential
29
Manual
99a
38
July 17, 2001
IMPORTANT: After accessing Web Manager for the first time, we recommend that
you create a new user for managing Web Services. This will help to ensure the
security of your servers from unwanted intruders.
The first page you see when you access Web Manager is called the NetWare
Web Manager home page. It is similar to a home page you might see on the
World Wide Web in that it is a type of front door, or portal, to information and
services. The Web Manager home page links to other Web pages for the Web
services you have installed and are broken down into several service
categories (see The NetWare Web Manager Home Page on page 30).
Depending on the Web services and other Web-based management tools you
have installed, the Web Manager home page includes the following default
Web Service categories:
Novell eDirectory
Figure 3
30
The NetWare Web Manager Home Page

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Admin Preferences: This appears as a button in the top frame of the Web
Manager home page. It lets you configure settings that apply to Web Manager,
such as changing its default port number or working with error and access
logs.
NetWare Enterprise Web Server: Appearing as the first category on the
NetWare Web Manager home page, this category offers a link to the
configuration pages for your Web server where you can manage everything
from eDirectory user authentication to programs and content management.
Novell eDirectory: This link lets you perform basic eDirectory functions such
as creating, changing or deleting user and group objects, and setting access
rights to volumes and directories on your NetWare server. The purpose for this
link is to provide a convenient Web-based access method for eDirectory in
addition to using the client-based ConsoleOneTM.
NetWare Remote Manager: NetWare Remote Manager lets you perform
operations and monitor your NetWare server from a Web browser, anywhere
where you have Internet access.
Your Web Manager might also include NetWare FTP Server, NetWare Web
Search Server, and eDirectory iManage, if you chose to install them.
For more information about configuring Web Manager preferences, see
Chapter 3, Modifying Web Manager Preferences, on page 33.
Accessing the Web Manager Home Page

1 At the server console, type nsweb. The nsweb command executes an
NCF file that runs the server.

Once the NetWare Enterprise Web Server is running, you can use any
browser that supports frames and JavaScript* and has access to the
NetWare Web Server Manager to configure your servers.
2 Open a browser and highlight the URL
http://servername:port number/
3 Substitute servername with the name you gave your server during
installation. Substitute port number with the number assigned during

installation.
4 When prompted, enter the username and password you chose during
installation.
5 Click OK.

103-000133-001
August 29, 2001
Novell Confidential
31
Manual
99a
38
July 17, 2001
NOTE: The default installation modifies the AUTOEXEC.NCF to load the Web
server whenever NetWare is restarted.

To disable autoloading, remove NSWEB from AUTOEXEC.NCF. To load and
unload the Web server, type NSWEB and NSWEBDN respectively, at the system
console.
32

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

NetWare Web Manager has a few preference settings that you can customize,
which include encryption for securing Web Manager, the Web Manager port
number, and working with Web Manager access and error log files.
Securing Web Manager

Keeping intruders out of Web Manager is best accomplished through the use
of encryption and server certificates. By default, encryption is enabled on your
server and a server certificate is created when you install NetWare 6.
But you can take additional steps to help ensure the safety and security of your
servers and data. For example, keep your administrator username and
password well hidden. You might also occasionally change your Web
Manager port number. Using a port number of 49152 or higher is a safe choice.
IMPORTANT: Some ports below 49152 may be in use by other services and
should not be used. Using a four-digit port number between 49152 and 65000 is
the safest choice. However, for a complete list of registered port numbers, visit the
Internet Assigned Numbers Authority (http://www.iana.org/assignments/portnumbers).
To change NetWare Web Managers port number, do the following:

1 From the NetWare Web Manager home page, click Admin Preferences.
2 In the Web Manager Port field, type the port number you want NetWare
Web Manager to use.

3 Click OK.
4 Restart the server for the settings to take effect.
Using Encryption
Secure Sockets Layer (SSL), enabled by default when NetWare Web Manager
is installed, is used to secure NetWare Web Manager by applying encryption
to information going out or coming in to Web Manager. When enabled, you
must use HTTPS to access Web Manager.
Once encryption is enabled, you can then use ConsoleOne to install Public
Key Infrastructure Services (PKIS). When you install the Novell Certificate

103-000133-001
August 29, 2001
Novell Confidential
33
Manual
99a
38
July 17, 2001
Server (during the NetWare installation), a Key Material Object (KMO) was
created by default. A KMO, also called a Server Certificate Object, includes a
server certificate and key pair files.
To enable or disable encryption in Web Manager, do the following:
1 From the NetWare Web Manager home page, click Admin Preferences.
2 Under Encryption, click On to enable, or Off to disable SSL.
3 From the Server Certificates drop-down list, select the Server Certificate
object you want to use for SSL encryption.

4 Click OK.
For more information on installing and configuring the Novell Certificate

Server, refer to the NetWare 6 NetWare 6 Overview and Installation Guide or
Setting Up Novell Certificate Server in the Novell Certificate Server
Working with Log Files

The Apache Web Server logs Web Manager activity, as well as activity by
other Web Services that depend on the Apache Server, such as NetWare
Remote Manager.
Access and error log files indicate who and what has been accessed, and what
errors have occurred on your Apache Web server.
HINT: The Enterprise Web Server maintains its own log files. To view Enterprise
Web Server log files, click your Web server link under NetWare Enterprise Web
Server on the Web Manager home page, and then click the Server Status icon.
The access log files created by Apache are in the default Common Log Format
(CLF) that provides a fixed amount of information about Apache Web Server
activity.
The ERROR log file, located in ADMIN/LOGS in the server root directory,
lists all the errors the server has encountered.
The ACCESS log file, located in ADMIN/LOGS in the server root directory,
records information about requests to the server and the responses from the
server.
34

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
To configure logging options for NetWare Web Manager, do the following:

1 From the NetWare Web Manager home page, click the Admin
Preferences icon > Log Settings.

2 In the Access Log field, type a path to the directory where you want
NetWare Web Manager to store the ACCESS log file.

You can type either an absolute path or a path relative to your server root
directory. Leaving this field blank deactivates access logging.
3 Click OK.

You can view Web Managers active and archived access log files under
Global Enterprise Server Settings.
1 From the NetWare Web Manager home page, click the Admin
Preferences icon > View Access Log.

2 In the Number of Entries field, type the number of lines you want the
access log to display.

3 In the Only Show Entries With field, type the particular word you want to
filter the access log entries for.

HINT: Case is important. If you use this search feature, the Only Show Entries
With field determines how many entries to search, not how many will display.
4 Click OK.
The following is a sample of an access log in the common log file format:
a.nov.com - [16/May/1999:21:18:26 -0800] GET /WebAdmin/
icons/dot.gif HTTP/1.0 200 2575
a.nov.com - [17/May/1999:11:04:38 -0800] GET /WebAdmin/bin/
frames?index+pref HTTP/1.0 204 342
a.nov.com - [20/May/1999:14:36:53 -0800] GET /WebAdmin/
manual/ag/config.htm HTTP/1.0 200 890
arrow.a.com -[20/May/1997:14:36:53 -0800] GET /WebAdmin/
manual/ag/so.gif HTTP/1.0 401 571

103-000133-001
August 29, 2001
Novell Confidential
35
Manual
Table 2
99a
38
July 17, 2001
Descriptions of Each Field in an Access Log File

ACCESS Log Field
Example
Hostname or IP
address of client
user.novell.com
Username
john (username entered by the client for authentication)
Date/time of
request
29/Mar/1998:4:36:53 -0800
Request
GET /WebAdmin/https/ReadAccessLog.jsp
Protocol
HTTP/1.0
Status code
401
Bytes transferred
571
In this case, the hostname is shown because the server is

using DNS lookups; if DNS cannot resolve the name or if
DNS lookups are disabled, the clients IP address would
appear.
Viewing the Error Log File

The ERROR log file contains errors the server has encountered after the log
file was created. It also contains informational messages about the server, such
as when the server was started and who tried unsuccessfully to login to the
server.
1 From the NetWare Web Manager home page, click Global Enterprise
Server Settings > View Error Log.

2 In the Number of Entries field, type the number of lines you want to see.
3 In the Only Show Entries With field, type the particular word that you
want to filter the error messages for.

HINT: As with the Access Log file, case is important. If you use this search
feature, the Only Show Entries With field determines how many entries to search,
not how many will display.
This field is case sensitive.

4 Click OK.
36

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The following is an example of an error log:

[13/May/1999:16:56:51] info: successful server startup
[13/May/1999:16:56:51] info: NetWare Web-Administrator
97.117.0455
[13/Mar/1999:19:08:52] security: for host user.mozilla.com
trying to GET /admin-serv/bin/index, acl-state reports:
access of /usr/suitespot/bin/admin/admin/bin/index denied
by ACL admin-serv directive 3
[13/May/1999 20:05:43] failure: for host ceo.mozilla.com
trying to POST /admin-serv/bin/distadm, cgi-parse-output
reports: the CGI program /usr/suitespot/bin/admin/admin/
bin/distadm did not produce a valid header (program
terminated without a valid CGI header. Check for core dump
or other abnormal termination)

103-000133-001
August 29, 2001
Novell Confidential
37
Manual
38
99a
38

103-000133-001
August 29, 2001
Novell Confidential
July 17, 2001
Manual
II
99a
38
July 17, 2001
Working with the NetWare Enterprise

Web Server
A Web server is a fundamental building block for bridging disparate networks
together into one net. With the NetWare Enterprise Web Server, you can host
Internet, intranet, or password-protected extranets that serve as secure portals
to your companys business processes and information.
The Enterprise Web Server is a key component in building true, one net,
eBusiness solutions. It is a powerful NetWare-ready HTTP server that is ready
to run right out of the box.
You can use the Enterprise Web Server to host all types of Web content, from
simple Web sites containing static HTML files to complex, dynamically
generated Web pages and Web applications that can automate your business
processes and improve communications.
Among other things, the NetWare Enterprise Web Server lets you
Deploy a departmental intranet server using the existing NetWare
network backbone
Publish existing data stored on a NetWare network for consumption by
clients with a browser over the WAN
Use the NetWare server with Microsoft* Office 2000 productivity
applications without the use of client software (other than your Web
browser)
Establish file access control using eDirectoryTM and SSL-based security
Allow users to quickly and easily create and manage their own home
pages
Manage security of sensitive folders and files
Working with the NetWare Enterprise Web Server

103-000133-001
August 29, 2001
Novell Confidential
39
Manual
99a
38
July 17, 2001
Run server-side applications using Java servlets, CGI, scripting, Java

Server Page and Active Server Page technologies
The information in this section will help you become familiar with how to
manage Web server settings, how to publish content to it, and how to add your
own Web applications.
40

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

NetWare Enterprise Web Server provides an important ingredient in bridging
disparate networks. The Web Server is installed by default; but if you chose
not to install it and you want to build One Net solutions, you will need to
install it using NWCONFIG or the NetWare server GUI. For NetWare 6
installation information, see the NetWare 6 Overview and Installation Guide.
The Enterprise Web Server provides all the functionality necessary for
companies, both small and large, to build Web solutions. It offers security and
authentication using directory services.
The Enterprise Web Server also serves as a host for the Tomcat servlet engine,
which is a portable environment for deploying Java applications on NetWare.
IMPORTANT: Tomcat replaces IBMs WebSphere Application Server that was
included with NetWare 5.1. If you have applications deployed using WebSphere on
NetWare, you can use the migration utility included with NetWare 6 to move your
applications to Tomcat. For more information, see About Tomcat for NetWare on
page 109.
The Enterprise Web Server allows Web developers to select development

tools with which to create Web-based applications on the NetWare platform.
Creating Your Own Web Site

You can use any HTML editor to create a Web site, although most functional
corporate Web sites are created by professional designers. But depending on
your needs and resources, your implementation tool can range from any of the
readily available Web site creation programs (some of which are free) to a
team of programmers. Another avenue is to out-source the creation of your
Web site.
Creating personal and departmental Web sites can be simple, requiring only
minutes to assemble. You can use any HTML editor to create the pages of your
Web site.
When you create your home page, save the file as INDEX.HTM or .HTML
and that file will automatically appear when your Web site is accessed. You
can then create links to other pages and graphics with any filenames.
HINT: You can configure the Enterprise Server to recognize a specific filename
and extension so that when a user enters your Web servers URL, it will
automatically display your home page. See Setting the Primary Document
Directory on page 61.

103-000133-001
August 29, 2001
Novell Confidential
41
Manual
99a
38
July 17, 2001
Hosting Multiple Web Servers

You can configure your NetWare 6 server to host multiple Web servers. This
way, a single NetWare 6 server running NetWare Enterprise Web Server can
host all the Web server needs of your company; or, if you are an Internet
Service Provider (ISP), you can host Web sites for your customers. This makes
it easy to allow two or more departments to create their own Web sites without
requiring that they each have a server.
You can host two types of Web servers on your NetWare server:
Hardware virtual servers
Software virtual servers
Each type has its strengths and weaknesses; you should choose the one thats
right for your situation.
For information about setting up hardware virtual servers, see Setting Up
Hardware Virtual Servers on page 71. For information about setting up
software virtual servers, see Setting Up Software Virtual Servers on page
72.
Accessing Your Web Site

If you have already successfully installed NetWare 6 and the Enterprise Web
Server was included in the list of products to install, you can access it right
now. A sample Web page and some sub-pages have been included. You can
remove these pages and replace them with your own content.
HINT: Before replacing the sample Web site, you might want to look through it first.
It is a good place to start for an introduction to all of the Web-based management

tools included with NetWare 6 and includes links to the actual management tools.
To view the sample Web site, open a client Web browser on a workstation in
your network and enter your NetWare servers IP address or DNS name. For
example:
http://server_IP_address
or
http://domain_name
42

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Adding Content to Your Web Site

NetWare Enterprise Web Server has a document root or primary document
directory. By default, the path to the primary document root directory is
SYS:\\NOVONYX\SUITESPOT\DOCS. This is where all of the content for
the sample Web site is stored.
All content placed in this folder is visible to your Web site audience. If
necessary, you can easily specify another directory as the primary document
root directory. (See Setting the Primary Document Directory on page 61.)
Once your Web server is running, you can start posting content for the world
(or your department or company) to see by placing files in the Web servers
primary or additional document directories.
For example, suppose you created a new HTML file called WELCOME.HTM
that included some information about your department that you wanted to
share with other departments in your company. You would then copy the file
to SYS:\\NOVONYX\SUITESPOT\DOCS, which is the Web servers default
primary document directory.
If your servers domain name were SALES.MYCOMPANY.COM, people in
your company would enter the following URL to view the new document.
HTTP://SALES.MYCOMPANY.COM/WELCOME.HTM
You could also then edit the document from the document root directory and
the moment you save your changes, users would see the changes when they
refresh their Web browser or when they view the page for the first time.
As mentioned above, a number of files are stored in the \DOCS root directory.
You should replace these files with your own files. The page you choose as
your home page should be named INDEX.HTML. By default, the Enterprise
Server recognizes this name and will serve it up automatically when a user
points at your servers domain name. However, you can specify an alternate
filename as the default index page. (See Specifying a Default Home Page
on page 66.)
You can also create additional document directories, which is a good idea if
departments want to publish their own content to the company Web site but
when you dont want to give users control of the primary document root. (See
Setting Additional Document Directories on page 62.)
You can follow the same procedures when creating a company Internet site,
intranet site, departmental site, or even a personal site. What differentiates
each of Web site is whether the Web site is placed on the Internet outside the

103-000133-001
August 29, 2001
Novell Confidential
43
Manual
99a
38
July 17, 2001
firewall or on the intranet inside the firewall. Departmental Web sites are
typically a software virtual server where personal Web sites are easily created
by each user.
How to Publish Content to Your Web Server

A Web site on the Internet is typically the place for you to publish information
you want visitors to read. However, a Web site on an intranet is most effective
if employees can participate and share information with others. This makes it
possible for users to communicate within a department, for departments to
share information with other departments, and for company leaders to
communicate with the entire company.
Web content contributors have three options for publishing content to your
Web server:
Mapping a network drive and creating or copying the content to the
desired directory
Using Internet Explorer 5.0 or higher
Using Novell NetDrive to map a drive using FTP or WebDAV
In each case, the administrator must first do something to allow the user to
access directories on your server.
Publish Content Using a Mapped Drive
1 Use ConsoleOneTM to set up access rights to your NetWare server for each
person who will be contributing content to your Web server.

2 Provide users with the correct network path to your server and to the
folders with which they will be working.

HINT: If users want to map a drive without having to install or use the NetWare
client, they can use NetDrive, which is included on the root of your NetWare 6
Client CD. (See Installing Novell NetDrive in the Novell NetDrive Administration
Guide.) Once NetDrive is installed, you can map a drive across the Internet to
folders on your NetWare server. You must have WebDAV enabled. See Web
Publishing through WebDAV on page 66.
44

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Publishing Content Using Internet Explorer

1 Make sure WebDAV is enabled on your Web server. (See Web
Publishing through WebDAV on page 66.)

2 On a client computer, open Internet Explorer.
3 In the Address field, enter your servers domain name, followed by "My
Network". For example:

https://digital.airlines.com/My Network
You can also use your servers IP address. For example:
https://157.168.179.200/My Network
4 Press Enter and, when prompted, enter your directory service username
and password.
To publish content using NetDrive, refer to the Novell NetDrive
Creating Personal Web Sites

Users on your network can also create their own personal Web sites. This
requires no administrative interaction other than making sure you specified a
home directory for users who want to publish their own Web content. If you
have not created home directories, you can easily go into each user directory
and add one using ConsoleOne.
1 Create a PUBLIC_HTML directory in your personal directory.
2 Copy or create a Web page and place the INDEX.HTML file in this
directory.
3 Access the Web site by entering the following URL in your browsers
Address field:
http://servername/~username
or
http://IPaddress/~username

103-000133-001
August 29, 2001
Novell Confidential
45
Manual
99a
38
July 17, 2001
Securing Your Web Site

Because information published on a Web site can be viewed by anyone,
sensitive information should be guarded. Most Web sites on the Internet are
designed for general access, but a company intranet is an ideal environment
for Web site security. Likewise, extranets also demand tight security controls.
Using a directory service, such as eDirectoryTM, you can control access to the
entire server or to parts of the server, such as directories, files, or file types.
NetWare Enterprise Web Server is configured, by default, to run in eDirectory
mode, but you can modify it to run in either local database or LDAP modes.
With eDirectory, you manage access control through the NetWare file system
trustees. When running in local database mode, usernames and passwords are
stored in a simple configuration file and, therefore, are not as secure as using
eDirectory. Running in LDAP mode requires that you have an LDAP server
running and configured in your network.
Controlling Access Using eDirectory Mode

Running in Novell eDirectory mode allows you to restrict access to folders on
your server.
eDirectory mode allows you to restrict access to files, but it does not allow you
to restrict access based on IP address or other criteria. If access must be
restricted based on IP address or other parameters, you must either change
modes and use LDAP or find an alternative method to restrict access, such as
a firewall.
Managing users and groups while running in eDirectory mode is best
accomplished using ConsoleOne. However, you can perform basic eDirectory
tasks from the Users and Groups section of the Enterprise Server pages of Web
Manager, or from the eDirectory link on the Web Manager home page.
Access control is accomplished by restricting access to files in the same way
that you control access to files stored on the file server. For more information,
see Chapter 7, Using a Directory Service to Control User Access to Network
Resources, on page 83.
46

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Additional Web-Based Services

NetWare 6 goes beyond simply providing a Web server and includes all the
functionality for hosting a complete Web environment, including NetWare
FTP server and NetWare Web Search Server.
Using the NetWare FTP Server

The NetWare FTP Server provides File Transfer Protocol (FTP) service for
transferring files to and from NetWare volumes. You can use the FTP
command from a workstation with FTP access to log in to an eDirectory tree.
You can also perform file transfers from any FTP client by using the FTP
Server to log in to the eDirectory tree. After logging in to an eDirectory tree,
you can navigate to other NetWare servers (in the same eDirectory tree) that
might not be running FTP service.
FTP servers provide fast Internet download capabilities and are known most
for their ability to download files that are linked to a Web-based URL.
Another common use for FTP is using its Internet access to provide
collaboration between organizations or companies. For example, Company A
could use FTP to provide a shared rights area with Company B, while
maintaining rights via IP addresses. A set of addresses would be assigned to a
given area and only those addresses would have access to that area. This goes
one step further than user authentication, since you can restrict access on a
user's location as well.
The most common use for FTP today is the automated archival ability. Its
strengths are that it is fast and lightweight, and that archives can be scripted
by many FTP clients. The main purpose is to move data from the live
environment to an archive environment where it is less expensive to store.
Types of information being archived range from Human Resources
information to product code backups. With the emergence and growth of the
Web environment, FTP has been the main medium for backing up large Web
contents or moving content from a staging server to a production environment.
Information on using FTP to transfer files can be found in the Overview
section of the NetWare FTP Server Administration Guide.
HINT: The FTP server can be loaded from the NetWare console using the
command nwftpd. Users can start the FTP session from a workstation running
FTP client software using the command ftp server_name.

103-000133-001
August 29, 2001
Novell Confidential
47
Manual
99a
38
July 17, 2001
Using the NetWare Web Search Server

With the NetWare Web Search Server you can create an enterprise-wide index
of all the information on your intranet or NetWare file servers. You can
organize information spanning multiple servers and file types into a
knowledge base. Using a single interface accessible from any Web browser,
users can access online information whether it exists in HTML, Word*,
Excel*, WordPerfect*, or several other file formats.
For more information, see Chapter 11, Introducing NetWare Web Search
Server, on page 131.
48

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

This chapter describes how to configure NetWare Enterprise Web Server
preferences.
Starting and Stopping the Web Server

Once installed, the Web server runs constantly, listening for and accepting
requests. You can start and stop the server using Web Manager, NetWare
Remote Manager, or the NetWare system console.
1 From the Web Manager home page, click Enterprise Web Server
servername.
2 Click Server On or Server Off.
After you shut down the server, it might take a few seconds for the server to
complete its shutdown process and for the status to change to Off.
If your NetWare is taken offline for any reason, the Web server stops and any
requests it was servicing will be lost.
Setting the Termination Time-out

When you stop the Web server, it stops accepting new connections. Then it
waits for all outstanding connections to complete. The time the server waits
before timing out is configured in the MAGNUS.CONF file. By default it is
set to 3 seconds. You probably do not need to change this value. If you do need
to change the value, add TerminateTimeout seconds to
MAGNUS.CONF, where seconds represents the number of seconds you want
the server to wait before timing out.
The advantage to configuring this value is that you can wait longer for
connections to complete. However, because most servers have connections
open from nonresponsive clients, if you increase the time the server waits, you
will almost always have to wait the full time before your server shuts down.

103-000133-001
August 29, 2001
Novell Confidential
49
Manual
99a
38
July 17, 2001
Viewing Server Settings

From View Server Preferences, you can view your servers technical and
content settings and see if your server is running. The technical settings come
from MAGNUS.CONF and the content settings come from OBJ.CONF.
These files are located in the server root, in the directory HTTP-servername
CONFIG. For more information about the MAGNUS.CONF and OBJ.CONF
files, see the Novell Developer Kit Web site (http://
www.developer.novell.com/ndk/nscomp.htm).
The following explains the servers technical settings:
Server Root: The directory where the server binaries are kept. You first
specified this directory during installation.
Hostname: The URL that clients use as a hostname to access your server.
Port: The port on your system that the server monitors for HTTP requests.
Error Log: The name and path of the servers error log file.
MTA Host: The name of the mail server (used by agents).
NNTP Host: The name of the news server (used by agents).
DNS: Indicates whether DNS is enabled or disabled.
Security: Indicates whether SSL is enabled or disabled.
Asynch DNS: Indicates whether asynchronous DNS is enabled or
disabled.
The servers content settings depend on its configuration. Common server
content settings include the servers document directory, its index filenames,
name and location of its access log, and default MIME type.
Restoring Backup Configuration Files

You can view or restore a backup copy of your configuration files, which
HTTPS-SERVER_ID.ACL
MAGNUS.CONF
OBJ.CONF
WEBPUB.CONF
50

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
AGENT.CONF
MIME.TYPES
ACL files
RDM.CONF
CSID.CONF
PROCESS.CONF
ROBOT.CONF
FILTER.CONF
To Restore (and View) a Backup Copy of Configuration Files
servername > Server Preferences > Restore Configuration.

2 In the Set Number of Sets of Backups field, enter the number of backups
displayed on the form and click Change.

3 To restore a backup version, click Restore.
To restore all files to their states at a particular time, click Restore to Date,
which lists the specific time to which you want to restore.
4 Click OK > Save and Apply.
5 To view a backup version, click View next to that version.
Tuning Web Server Performance

You can configure the servers technical options, including the number of
maximum simultaneous requests, listen queue size, and DNS usage.
To get the number of simultaneous requests, the server counts the number of
active requests, adding 1 to the number when a new request arrives and
subtracting 1 when a request is finished. When a new request arrives, the
server checks to see if it is already processing the maximum number of
requests. If it has reached the limit, it defers processing new requests until the
number of active requests drops below the maximum amount.

103-000133-001
August 29, 2001
Novell Confidential
51
Manual
99a
38
July 17, 2001
Configuring Maximum Simultaneous Requests

You can set the number of maximum simultaneous requests, which is the
number of active requests allowed for the server at one time. If your site is
processing many requests that take many seconds, you might need to increase
the number of maximum simultaneous requests. However, for general Internet
or intranet use, you probably will not need to change the default value (128
requests).
If you need to change the number of maximum simultaneous requests, set the
number before starting the server.
servername > Server Preferences > Performance Tuning.

2 In the Maximum Simultaneous Requests field, enter the number of
requests.
Enabling Domain Name System Lookups

You can configure the server to use Domain Name System (DNS) lookups
during normal operation. By default, DNS is not enabled; if you enable DNS,
the server looks up the hostname for a systems IP address. Although DNS
lookups can be useful for server administrators when looking at logs, they can
affect performance. When the server receives a request from a client, the
clientss IP address is included in the request. If DNS is enabled, the server
must look up the hostname for the IP address of each client that makes a
request.
IMPORTANT: If you turn off DNS lookups on your server, hostname restrictions
wont work and hostnames wont appear in your log files. Instead, youll see the IP
addresses.
You can also specify whether to cache the DNS entries. If you enable the DNS
cache, the server can store hostname information after receiving it. In the
future, if the server needs information about the client, the information is
cached and available without further queries. You can specify the size of the
DNS cache and an expiration time for DNS cache entries. The DNS cache can
contain from 32 to 32768 entries; the default value is 1024 entries. Values for
the time it takes for a cache entry to expire can range from 1 second to 1 year
(specified in seconds); the default value is 1200 seconds (20 minutes).
52

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
To modify DNS settings, do the following:


2 Select No or Yes to enable DNS.
3 Select No or Yes to enable Async DNS.
4 Select No or Yes to cache DNS entries.
5 (Conditional) If you cache DNS entries, enter the number of entries that
you want cached in the Size of DNS Cache field. In the Expire Entries
field, enter the number of seconds at which a cache entry will be deleted.
Configuring Listen Queue Size

The listen queue size is a socket-level parameter that specifies the number of
incoming connections the system will accept for that socket. The default
setting is Incoming Connections.
Normally, you should not change the listen queue size. The default setting is
sufficient in most cases.
If you manage a heavily used Web site, you should make sure your systems
listen queue size is large enough to accommodate the listen queue size setting
from the Server Preferences form. If you do change the listen queue size, make
sure that your system supports the new size. The listen queue size set from the
Server Preferences form changes the listen queue size requested by the server.
If the server requests a listen queue size larger than the systems maximum
listen queue size, the size defaults to the systems maximum.
IMPORTANT: Setting the listen queue size too high can degrade server
performance. The listen queue size was designed to prevent the server from
becoming overloaded with connections it cannot handle. If your server is
overloaded and you increase the listen queue size, the server will only fall further
behind.
To modify the listen queue size, do the following:


2 In the Listen Queue Size field, enter the listen queue size you want.

103-000133-001
August 29, 2001
Novell Confidential
53
Manual
99a
38
July 17, 2001
Configuring the HTTP Persistent Connection Time-out

With HTTP 1.1, a connection can be set to be persistent (similar to Keep Alive
in HTTP 1.0). However, even if a connection is persistent, it still needs to have
a time-out setting or it might consume system resources.
Normally, you should not change the persistent connection time-out. The
default setting is sufficient in most cases.

2 In the HTTP Persistent Connection Time-out field, enter a number
(representing seconds).
Configuring MIME Types

Multipurpose Internet Mail Extension (MIME) types control what types of
multimedia files your e-mail system supports. You can also use MIME types
to specify what file extensions belong to certain server file types (for example,
to designate what files are CGI programs).
Adding a New Mime Type
servername > Server Preferences > MIME Types.

2 From the Category drop-down list, select a category.
Type is the file or application type, Enc is the encoding used for
compression, and Lang is the language encoding.
3 In the Content-Type field, enter the context type that will appear in the
HTTP header.
The receiving client uses the header string to determine how to handle the
file. The standard strings are listed in RFC 1521.
4 In the File Suffix field, enter the file suffix.
This is the file extension that maps to the MIME type. To specify more
than one extension, separate the entries with a comma and do not include
any spaces. Do not map one file extension to two MIME types.
5 Click New Type.
54

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Editing a Mime Type


2 Click Edit next to the category you want to edit.
3 In the Content-Type field, enter the context type.
4 In the File Suffix field, enter the file suffix.
5 Click Change MIME Type > Save and Apply.
IMPORTANT: Do not enter spaces between the file suffixes when you add or edit
a MIME type. If you put a space between them, you might receive an error or your
server might not restart. If this happens, edit your MIME.TYPES file to delete the
space. The MIME.TYPES file is in your server root in the HTTPS-servername/
CONFIG directory. After you have edited the file, from Server Preferences, click
Apply.
Removing a Mime Type


2 Click Remove next to the category you want to remove.
3 Click Save and Apply.
Configuring Network Settings

You can change your servers network settings by using the Server
Preferences page. Following is a brief introduction to each setting and
instructions to modify your network settings.
Changing the Server Name

The server name is the full hostname for your server. When clients access your
server, they use this name. The format for the server name is
servername.yourdomain.domain.
For example, if your full domain name is novell.com, you could install a
server with the name www.novell.com.
If you have set up a DNS alias for your server, use that alias.

103-000133-001
August 29, 2001
Novell Confidential
55
Manual
99a
38
July 17, 2001
Changing the Server Port Number

The server port number specifies the TCP port that the server listens to. The
port number you choose can affect your users. If you use a nonstandard port,
then anyone accessing your server must specify a server name and port
number in the URL. For example, if you use port 8090, users wanting to
access your server from their Web browsers would specify the following:
http://www.novell.com:8090
The standard unsecure Web server port number is 80; the standard secure Web
server port number is 443. Technically, the port number can be any port from
80 to 65535, but because many other services are using other ports, you should
carefully choose your ports.
IMPORTANT: Before changing the Web servers port number, refer to Appendix
F, Port Number Assignments, on page 285.
Changing the Server Binding Address

At times youll want the server to answer to two URLs. Your system must
already be set up to listen to multiple IP addresses. For information on
configuring multiple IP addresses, refer to Setting Up Hardware Virtual
Servers on page 71.
Changing the Servers MTA Host

The servers Message Transfer Agent (MTA) host is the name of the Simple
Mail Transfer Protocol (SMTP) mail server. See the following section,
Modifying Network Settings, for instructions on where to modify your
servers MTA host.
Modifying Network Settings

servername > Server Preferences > Network Settings.

2 In the Server Name field, enter the full hostname or DNS alias of your
server.
3 In the Server Port field, enter the port number of your server.
4 In the Bind to Address field, enter the IP address that is associated with
the specified hostname.
56

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
5 In the MTA Host field, enter the name of your SMTP mail server.
You must enter a valid MTA if you want to use the agent e-mail function.
Customizing Error Responses

You can specify a custom error response that sends a detailed message to
clients when they encounter errors from your server. You can specify a file to
send or a CGI program to run.
Instead of sending back the default file, you might want to send a custom error
response. For example, if a client repeatedly tries to connect to a part of your
server protected by access control, you might return an error file with
information on obtaining an account.
What Are the Errors?

You can customize the response to the following kinds of errors:
Unauthorized: Occurs when users without access permission try to access
a document on the server that is protected by access control.
Forbidden: Occurs when the server doesnt have file system permissions
to read something, or if the server is not permitted to follow symbolic
links.
Not Found: Occurs when the server cant find a document or when it has
been instructed to deny the existence of a document.
Server Error: Occurs when the server is not configured properly or when
a catastrophic error occurs, such as the system running out of memory or
producing a core dump.
Setting Up the Response

Before you can set up the response, you need to write the HTML file to send
or create the CGI program to run.
servername > Server Preferences > Error Responses.

2 From the Editing drop-down list, select the server resource you want to
configure.

103-000133-001
August 29, 2001
Novell Confidential
57
Manual
99a
38
July 17, 2001
3 To choose a specific part of your server, click Browse.

4 To browse files and directories on your server, click Options.
5 To return to the Custom Error Responses form, click Back.
6 To enter the wildcard pattern to edit, click Wildcard.
7 Select the error response you want to customize.
8 In the appropriate field, enter the absolute pathname to the file or CGI
script that you want to return for that error code.

9 Check the CGI box if the file is a CGI program that you want to run.
10 Repeat this process for each error response you want to customize.
11 Click OK.
To remove a customization, return to the form and delete the filename from
the field next to the error code.
Restricting Access
Use the Restrict Access form to configure several features.
When you use Public Directory Designation, youre actually specifying what
files and directories you want to allow public access to. The Public Directory
Designation box lists directories and files that are currently public with
associated prefixes.
For more information on working with additional or virtual document
directories, refer to Setting Additional Document Directories on page 62
and Setting Virtual Document Directories on page 62. For information on
User Document Directories, refer to Configuring User Document
Directories on page 64.
The Password Redirection File allows you to create and display a file that
alerts users their passwords have expired and that they are using grace logins.
When users access this URL, the specified file appears rather than
INDEX.HTML.
When you are in eDirectoryTM mode, file access is determined by eDirectory
rights granted to users. Rights Checking Mode allows you to check rights at a
more granular level. If you have the system check rights at the file level,
system performance will be affected.
58

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Making a File or Directory Public

servername > Server Preferences > Restrict Access.

2 Click Insert File to insert a file or directory.
3 Click Save to save your changes.
Displaying a File Indicating Expired Passwords
1 In the Password Expiration Redirection File field, enter the path to the
location where you have saved (or will) your password expiration
notification file.
The default is \NOVONYX\SUITESPOT\DOCS\NDSDIRECT.HTML.
2 Click Save to save your changes.
If you are using eDirectory, you can use Rights Checking Mode to determine
at what level you want rights checked. Checking File will affect performance.
Establishing Security
When you install the Novell Certificate Server (during the NetWare
installation), a Key Material Object (KMO) is created by default. A KMO,
also called a Server Certificate object, includes a server certificate and key
pair files.
For related information on securing the NetWare Web Manager, refer to
Chapter 3, Modifying Web Manager Preferences, on page 33.
For more information on installing and configuring the Novell Certificate
Server, refer to the Novell Certificate Server Administration Guide (http://
www.novell.com/documentation/lg/crtsrvad/docui/index.html).
If you created a KMO, you can use the following procedure to enable security:
servername > Server Preferences > Encryption On/Off.

This option is available only if you have created a KMO.
2 Under Encryption, click On.
The Port Number field displays 443.

3 Select the KMO you want to use for encryption from the KMO drop-
down list.

103-000133-001
August 29, 2001
Novell Confidential
59
Manual
99a
38
July 17, 2001
4 Click OK.
To affect the changes, restart the Web server by going to the Server
Preferences page and clicking Server Off and then Server On.
HINT: Once you have enabled security on the NetWare Web Manager or
Enterprise Web Server, you must use https:// in the URL to access them.
60

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

You can use the NetWare Web Manager to help manage Web server content.
You can create HTML pages and other files such as graphics or text and then
store those files on your server. When users connect to your server, they can
view your files provided they have access to them.
This chapter describes how your users can contribute content to your Web
server and how you can configure and manage content files and folders.
Setting the Primary Document Directory

You probably dont want to make all the files on your file system available to
remote clients. An easy way to restrict access is to keep all of your servers
documents in a central location, known as the document root or primary
document directory.
Another benefit of the document directory is that you can move your
documents to a new directory (perhaps on a different disk) without changing
any of your URLs, because the paths specified in the URLs are relative to the
primary document directory.
For example, if your document directory is
SYS:NOVONYX\SUITESPOT\DOCS, a request such as http://
www.novell.com/products/info.html tells the server to look for the file
INFO.HTML in SYS:NOVONYX\SUITESPOT\DOCS\PRODUCTS\.
If you change the document root (by moving all the files and subdirectories),
you only have to change the document root that the server uses, instead of
mapping all URLs to the new directory or telling clients to look in the new
directory.
To set your servers primary document directory, do the following:
servername > Content Management > Primary Document Directory.

2 In the Primary directory field, enter the full pathname of the directory that
you want to make the primary document directory.


103-000133-001
August 29, 2001
Novell Confidential
61
Manual
99a
38
July 17, 2001
Setting Additional Document Directories

Most of the time you keep all of your documents in the primary document
directory. But sometimes you might want to serve documents from a directory
outside of your document root. You can do this by setting additional document
directories. By serving from a directory outside of your document root, you
can let someone manage a group of documents without giving them access to
your primary document root.
servername > Content Management > Additional Document Directories.

2 In the URL Prefix field, enter the URL prefix or keyword you want to use
to represent the path.

For example, the URL prefix could be docs.
3 In the Map to Directory field, enter the absolute path of the directory you
want the URL prefix to map to.

The command syntax is volume:\directory\subdirectory.
For example, the path could be
\NOVONYX\MARKETING\PUBDOCS\INDEX.HTML
4 (Optional) Select a configuration style to apply to this directorys
configuration.
5 Click OK.
HINT: When you update information but dont save and apply changes, your
information is retained so that you can view and edit it, even though the changes
have not taken effect.
Setting Virtual Document Directories

A virtual document directory allows you to serve documents from directories
that do not reside on the file server where your Enterprise Web Server is
running but that do exist in the same tree as the server where your Web Server
is running.
IMPORTANT: If your eDirectoryTM User objects for users who need access to their
Virtual Document Directories are in a different container than the eDirectory Server
object (for the NetWare server running the Enterprise Web Server), the containers
that include the User objects with Virtual Document Directories must be in a
partition that is replicated (master or read/write) on the server that the Enterprise
Web Server is running on.
62

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Establishing the Path to the Directory

servername > Content Management > Additional Document Directories.

2 In the URL Prefix field, enter a key word (for example text) to represent
the path to the virtual directory.

3 In the Map to Directory field, specify the path to your documents in the
following format:
servername\volume:\directory\subdirectory
Providing Public Access

To provide public access to the virtual directory in eDirectory mode and restart
the server:

2 Click Insert File and enter the path (or any portion of the path you want
to be public) using the following syntax:

3 Click OK > Save Changes.
4 To effect the changes, click On/Off under Server Preferences to restart the
server.
Setting Server Access

To give the file server that is running the Enterprise Web Server access to the
directory structure of the server where the index file resides, the Enterprise
Web Server file server must be configured as a trustee of that directory. Use
ConsoleOneTM to set the rights.

103-000133-001
August 29, 2001
Novell Confidential
63
Manual
99a
38
July 17, 2001
Configuring User Document Directories

User Document Directories allows you to set up document directories or home
directories for each user in your directory. A great advantage to setting up
home directories is that users can then access their own files using a Web
browser.
For every user that you want to provide a home page for, complete the
following tasks:
Create a home directory for each User object.
Create a PUBLIC_HTML directory in the users home directory and copy
an INDEX.HTML file to it.
Add the users context to the Search Contexts List.
Restart the NetWare Web Manager.
Activate User Document Directories in the Enterprise Web Server.
Make the PUBLIC_HTML directory public.
See the following sections for details on completing the above tasks.
HINT: If you are running the Enterprise Server in eDirectory mode and you have
user objects for users who need access to their document directories, the user
objects should be kept in the same container as the eDirectory server object.
If they are not, then the containers that include these user objects must be in a
partition that is replicated (Master or Read/Write) on the server where the
Enterprise Server is running.
Creating a Home Directory

Using ConsoleOne, create new users in their appropriate contexts. Click
Create Home Directory in the lower portion of the form to create their user
document directories.
Creating a PUBLIC_HTML Directory

Create PUBLIC_HTML directories in the users home directories and copy
INDEX.HTML files to them.
NOTE: You can change the name of the PUBLIC_HTML directory. Should you
choose to change it, make sure all references to this directory name are consistent.
64

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Adding Users Contexts to the Search Contexts List

servername > Users and Groups.

2 Click Insert Context and enter the information for each new context in the
New NDS Context box. Use the following format:
ou=yourdepartment.o=yourcompany
This information is added to the Search Contexts List.
If this context is already set in your AUTOEXEC.NCF file (set Bindery
Context=) you don't need to add it here.
3 Click Save Changes.
Restarting the Enterprise Web Server

Restart the server at the system console. Use the command NSWEBDN to
bring down the Web server and NSWEB to restart it.
Activating User Document Directories

This step activates your users home directories so that when the URL is
entered all that is required is a slash (/) followed by ~usersname in order to
reach a particular users home page.
1 From the Web Manager home page click Enterprise Web Server
servername > Content Management > User Document Directories.

2 To activate the service, click OK.
Providing Public Access


2 Click Insert File and enter the path (or any portion of the path you want
to be public) in the following format:

3 Click OK > Save Changes.
4 To effect the changes, click On/Off under Server Preferences to restart the
server.

103-000133-001
August 29, 2001
Novell Confidential
65
Manual
99a
38
July 17, 2001
Web Publishing through WebDAV

There are various ways of publishing content to your Web server. (See How
to Publish Content to Your Web Server on page 44.) Web-distributed
Authoring and Versioning (WebDAV) is an industry standard protocol and is
an enhancement to the HTTP protocol, turning the Web into a document
database that enables collaborative creation, editing, and searching from
remote locations.
For your users to benefit from WebDAV, it must first be enabled. WebDAV is
enabled by default once you install NetWare 6. But if you need to enable or
disable it, you can do so from NetWare Web Manager.
To enable WebDAV on your Enterprise Server, do the following:
1 From the NetWare Web Manager home page, click NetWare Enterprise
Web Server servername > WebDAV.

2 Under WebDAV State, click On.
3 Click OK.
Configuring Document Preferences

You can configure the following document preferences from the Web
Manager home page by clicking Enterprise Web Server servername > Content
Management > Document Preferences.
Specifying a Default Home Page

If a document name is not specified in a URL, the Web server will look for a
specific filename (or home page) such as INDEX.HTML, and return it to the
Web browser. The filename that the Web Server looks for is configurable
using the Document Preferences page of Web Manager. If the specified
filename cannot be found, the Web browser will display a listing of files and
folders located at the URL.
By default, the Enterprise Web Server defines INDEX.HTML and
HOME.HTML as the default home page filenames, but you can set these to
whatever filename you choose.
66

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If more than one name is specified, the server searches in the order in which
the names appear in this field until one is found. For example, if your index
filenames are INDEX.HTML and HOME.HTML, the server first searches for
INDEX.HTML and, if it doesnt find it, the server then searches for
HOME.HTML.
Directory Indexing
In your document directory, youll probably have several subdirectories. For
example, you might create a directory called PRODUCTS, another called
SERVICES, etc. Its common to provide an overview (or index) of these
directories.
The server indexes directories using the following process:
1. The server first searches the directory for an index file called
INDEX.HTML or HOME.HTML, which is a file you create and maintain
as an overview of the directorys contents. (These defaults can be
configured for the whole server, so your servers files might vary. For
more information, see Specifying a Default Home Page on page 66.)
You can specify any file as an index file for a directory by naming it one
of these default names, which means you can also use a CGI program as
an index if CGI is activated.
2. If an index file isnt found, the server generates an index file that lists all
the files in the document root. The generated index has one of the
following formats:
Fancy directory indexing is fairly detailed. It includes a graphic that
represents the type of file, the date the file was last modified, and the
file size.
Simple directory indexing is less detailed, but also takes less time to
generate.
You can also specify that no dynamic directory listing be generated
if the server looks for index files and cannot find any. If the server
does not find any index files, it will not create a directory listing to
show the user and will return an error message.

103-000133-001
August 29, 2001
Novell Confidential
67
Manual
99a
38
July 17, 2001
Server Home Page

When users first access your server, they usually use a URL such as http://
www.novell.com/. When the server receives a request for this document, it
returns a document called a home page. Usually this file has general
information about your company and links to other documents.
By default the server finds the index file specified in the Index Filenames field
and uses that for the home page. However, you can also specify a file to use as
the home page by selecting the Home Page icon (by the Location field) and
entering the filename for the home page in the field.
About the Temporary Web Site

By default, the Enterprise Web Server includes a temporary Web site. The
purpose of the site is to verify when your Web server is running. But it also
includes information about, and links to, all of the Web-based NetWare 6
management tools.
You can replace the default INDEX.HTM and with your own home page and
remove all of the supporting pages as well. You might want to explore the site
before replacing it with your own content.
To view the temporary Web site, point your Web browser at your Web server
by entering your NetWare servers domain name or IP address. For example:
http://www.digitalairlines.com
or
http://120.140.160.180
Default MIME Type

When a document is sent to a client, the server includes a section that
identifies the documents type, so the client can present the document in the
correct way. However, sometimes the server cant determine the proper type
for the document because the documents extension is not defined for the
server. In those cases, a default value is sent. For information about
maintaining your servers Multipurpose Internet Mail Extension (MIME)
types, see Configuring MIME Types on page 54.
68

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The default is usually Text/Plain, but you should set it to the type of file most
commonly stored on your server. Some common MIME types include the
following:
text/plain
text/html
text/richtext
image/tiff
image/jpeg
image/gif
application/x-tar
application/postscript
application/x-gzip
audio/basic
Parsing the Accept Language Header

When clients contact a server using HTTP, they can send header information
describing the languages they accept. You can configure your server to parse
this language information.
For example, if you store documents in Japanese and English, you could
choose to parse the Accept Language header. When clients that have Japanese
as the Accept Language header contact the server, they receive the Japanese
version of the page. When clients that have English as the Accept Language
header contact the server, they receive the English version.
If you do not support multiple languages, you should not parse the Accept
Language header.
Setting Document Preferences

1 Click Enterprise Web Server servername > Content Management >
Document Preferences.
2 In the Index Filenames field, enter a new index filename.
3 Select the kind of directory indexing you want.
4 Select whether you want users to see a specified home page or an index
file when they access your server. If you select the home page option,
enter the filename of the home page you want in the Index File field.
5 In the Default MIME Type field, enter the default MIME type you want
the server to return if a client accesses a file with an extension that has not
been set up as a MIME type on your server.
6 Select whether or not to parse the accept language header.

103-000133-001
August 29, 2001
Novell Confidential
69
Manual
99a
38
July 17, 2001
Forwarding URLs
Redirection is a method for the server to tell a user that a URL has changed
for example, if you have moved files to another directory or server. You can
also use redirection to send a person who requests a document on one server
to a document on another server.
To map a URL to another server, you must first specify the prefix of the URL
you want the server to redirect. Then, you need to choose which URL to
redirect to. You can redirect to a URL prefix if the directory on the new server
is the same as in the mapped URL; you can also redirect to a fixed URL
(hostname, directory, and filename).
To forward URLs, do the following:
1 Click Enterprise Web Server servername > Content Management > URL
Forwarding.
2 In the URL Prefix field, enter the URL prefix you want to redirect.
For example, if the URL you want to map is http://www.netscape.com/

info/movies, you would type /info/movies in the field.
3 Select whether you want to forward requests to a URL prefix or to a fixed
URL.
If you forward to a URL prefix, the forwarding keeps the full pathname and
substitutes one prefix for another. For example, if you forward http://
www.novell.com/info/docs to a prefix cambridge.com, the URL http://
www.novell.com/info/docs redirects to http://cambridge.com/info/docs.
However, if the directory structure on the new server is not the same as in the
mapped URL, you could forward the URL to a fixed URL. For example, you
could forward http://www.novell.com/info/docs to http://cambridge.com/
new-files/info/docs.
Sometimes you might want to redirect requests for all the documents in one
subdirectory to a specific URL. For example, if you had to remove a directory
because it was causing too much traffic or because the documents were no
longer to be served for any reason, you could direct a request for any one of
the documents to a page explaining why the documents were no longer
available. For example, a prefix on /info/docs could be redirected to http://
www.novell.com/explain.html.
70

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Setting Up Multiple Web Servers

There are two approaches you can take to set up multiple Web servers on your
NetWare server:
Hardware virtual servers
Software virtual servers
Each approach has its strengths and weaknesses; you should choose the one
thats right for your situation.
Hardware virtual servers allow you to map multiple IP addresses to multiple
document roots. For example, if you have two IP addresses, you could map
the first IP address to one document root and the second IP address to a second
document root. Although hardware virtual servers take fewer system
resources than multiple instances of the server, they must also share the same
configuration information. For example, if one hardware virtual server has
enabled security features or Web Publishing, they all must have it enabled.
Software virtual servers give you the ability to map a single IP address to
multiple server names. Each software virtual server can have its own home
page, which allows you to host multiple Web sites from one IP address.
However, in order for software virtual servers to work correctly, the users
accessing the server must use client software that supports the HTTP host
header. Like hardware virtual servers, software virtual servers all must have
the same configuration.
For more information, see Setting Up Hardware Virtual Servers on page 71
and Setting Up Software Virtual Servers on page 72.
Setting Up Hardware Virtual Servers

A hardware virtual server lets your server respond to multiple IP addresses
without your having to install multiple servers. With hardware virtual servers,
you map multiple IP addresses to multiple document roots. For example, if
you have two IP addresses, you could map the first IP address to one document
root and the second IP address to another document root.
Although hardware virtual servers take fewer system resources than multiple
instances of the server, they must also share the same configuration
information. For example, if one hardware virtual server has enabled security
features, they all must have security features enabled.

103-000133-001
August 29, 2001
Novell Confidential
71
Manual
99a
38
July 17, 2001
To set up hardware virtual servers, dothe following:

1 Load and bundle all IP addresses.
2 Enter the following command at the NetWare server console:
add secondary IPaddress IP_address
3 Add the above command to the AUTOEXEC.NCF file after the LOAD
and BIND statements or after INITSYS.NCF if INETCFG is being used

to configure the server.
Hardware Virtual Servers.

5 In the IP Address field, enter the secondary IP address.
6 In the Document Root field, enter the document root. For example,
SYS:NOVONYX\SUITESPOT\DOCS.
7 To secure your hardware virtual server, check the Encryption check box.
See About Securing a Hardware Virtual Server on page 72 for

additional information.
9 Repeat the previous steps for each hardware virtual server.
About Securing a Hardware Virtual Server

For more information on security, refer to Novell Certificate Server
While the Enterprise Web Server doesnt have to be secured for a hardware
virtual server to be secured, you do have to specify a Key Material Object
(KMO) during installation to use encryption. Once the KMO is created, use
Server Preferences > Encryption On/Off to select a KMO.
IMPORTANT: Once you have turned Encryption on, you must use HTTPS to
contact this server rather than HTTP.
Setting Up Software Virtual Servers

A software virtual server is a way to host several Web sites on one computer
without needing to have more than one IP address on the computer. For
example, you can set up your system so that both www.novell.com and
www.cambridge.com resolve to 192.3.4.5, and then set up software virtual
72

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
servers to handle both server names (for example, http://www.novell.com/ and

http://www.cambridge.com). The server can respond differently to requests
depending upon the URL, even though the server only has one IP address.
For example, an Internet service provider (ISP) installs a Web server and then
wants to set up a software virtual server for each of its customers (for example,
customers aaa, bbb, and ccc) so that each customer can have an individual
domain name.
The ISP first configures the Domain Name System (DNS) to recognize that a
customers URL, www.aaa.com, resolves to the ISPs IP address. The ISP then
creates a subdirectory for each company (aaa, bbb, and ccc) in the document
root. These subdirectories contain the files for that company, including the
home page, aaa/HOME.HTML. Next, the ISP sets up software virtual servers.
The URL host would be www.aaa.com and the home page would be aaa/
HOME.HTML. The ISP would do this for each company it services.
Because software virtual servers use the HTTP host header to direct the user
to the correct page, not all client software works with software virtual servers.
Only client software that supports the HTTP host header will work. In the
previous example, the ISP would set up the INDEX.HTML file in the
document root to be an index page that links to all the virtual servers hosted
by the system, so all users could access the home pages.
To set up a software virtual server, do the following:
Software Virtual Servers.

2 Create a directory under the DOCS directory. For example,
SYS:\NOVONYX\SUITESPOT\DOCS\TEST.
3 In the URL Host field, enter the URL host whose custom home page you
want to set up. For example, test/.

4 In the Home Page field, enter the path to the home page you want to use
for this virtual server. For example INDEX.HTML.

If you enter a full path, the server uses that specific document. If you enter
a partial path, the server interprets it as relative to your primary document
directory.
6 If you want to modify preferences on the default home page, click Edit
the Default Home Page at the top of the form.

103-000133-001
August 29, 2001
Novell Confidential
73
Manual
99a
38
July 17, 2001
About the Drop-Down Lists

When working on the International Characters, Document Footer, Parse
HTML, and Cache Control Directives pages of Web Manager and your Web
server, you will find a drop-down box at the top of each page. It works the
same for each of these features.
The drop-down list and associated Browse button let you select specific
resources to be configured.
From the drop-down list, you select a resource to be configured. You can click
Browse to browse your primary document directory, Options to choose other
directories, and Wildcard to configure files with a specific extension.
Wildcards Used in the Drop-Down List

In many parts of the server configuration, you specify wildcard patterns to
represent one or more items to configure. Note that the wildcards for access
control and text search might be different from those discussed in this section.
Wildcard patterns use special characters. If you want to use one of these
characters without the special meaning, precede it with a backslash (\)
character.
Table 3
74
Drop-Down Wildcard Patterns

Pattern
Use
Match zero or more characters.
Match exactly one occurrence of any character.
An or expression. The substrings used with this operator

can contain other special characters such as an asterisk (*)
or a dollar sign ($). The substrings must be enclosed in
parenthesesfor example(a|b|c), but the parentheses
cannot be nested.
Match the end of the string. This is useful in or expressions.
[abc]
Match one occurrence of the characters a, b, or c. Within

these expressions, the only character that needs to be
treated as a special character is the right bracket ( ] ); all
others are not special.

103-000133-001
August 29, 2001
Novell Confidential
Manual
Table 4
99a
38
July 17, 2001
Pattern
Use
[a-z]
Match one occurrence of a character between A and Z.
[^az]
Match any character except A or Z.
*~
This expression, followed by another expression, removes

any pattern matching the second expression.
Drop-Down List Wildcard Examples

Pattern
Result
*.netscape.com
Matches any string ending with the

characters .netscape.com.
(quark|energy).netscape.com
Matches either quark.netscape.com or

energy.netscape.com.
198.93.9[23].???
Matches a numeric string starting with

either 198.93.92 or 198.93.93 and ending
with any three characters.
*.*
Matches any string with a period in it
*~netscape-*
Matches any string except those starting

with netscape-
*.netscape.com~quark.netscape.
com
Matches any host from domain

netscape.com except for the single host
quark.netscape.com.
*.netscape.com~(quark|energy|
neutrino).netscape.com
Matches any host from domain

netscape.com except for hosts
quark.netscape.com,
energy.netscape.com, and
neutrino.netscape.com.
*.com~*.netscape.com
Matches any host from domain.com

except for hosts from the subdomain
netscape.com.

103-000133-001
August 29, 2001
Novell Confidential
75
Manual
99a
38
July 17, 2001
Assigning a Character Set

The character set of a document is determined in part by the language it is
written in. For most Web browsers, you can override the default character set
setting for a document, a set of documents, or a directory by selecting a
resource and entering a character set for that resource.
Most Web browsers can use the MIME type charset parameter in HTTP to
change its character set. If the server includes this parameter in its response,
the Web browser changes its character set accordingly. The following are
some character set examples:
Content-Type: text/html;charset=iso-8859-1
Content-Type: text/html;charset=iso-2022-jp
The charset names recognized by Netscape Communicator are specified in

RFC 1700 (except for the names that begin with x-). These charset names
us-ascii
iso-8859-1
iso-2022-jp
x-sjis
x-euc-jp
x-mac-roman
Additionally, the following aliases are recognized for us-ascii:

ansi_x3.4-1968
iso-ir-6
ansi_x3.4-1986
iso_646.irv:1991
ascii
iso646-us
us
ibm367
cp367
The following aliases are recognized for iso_8859-1:
76
latin1
iso_8859-1
iso_8859-1:1987
iso-ir-100
ibm819
cp819

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
To change the character set, do the following:

International Characters.
2 Select the server resource you want to change the character set for from
the Editing drop-down list.

3 To view the different server resources, click Browse .
4 To type the pattern you want to edit, click Wildcard .
5 In the Character Set field, enter one of the character sets previsously
mentioned in this section.

Specifying a Document Footer

You can specify a document footer, which can include the last-modified time,
for all the documents in a certain section of your server without using serverparsed HTML. This footer works for all files except the output of CGI scripts
or parsed HTML (.SHTML) files.
HINT: If you need your document footer to appear on CGI-script output or parsed
HTML files, enter your footer text into a separate file and add a line of code or
include another server-side to append that file to the page's output.
Document Footer.
2 Select the resource that you want to apply the document footer to from the
Editing drop-down list.

3 Click Browse to view the different server resources.
4 To enter the pattern you want to edit, click Wildcard .
5 In the For Files of Type field, enter the kind of files that you want to
include in the footer. The default is text/html.

6 Select the time format from the drop-down list or enter a date in the
Custom Date Format field.

7 In the Footer Text field, enter the footer text.
The maximum number of characters for a document footer is 765. Type

the string :LASTMOD: if you want to include the date the document was
last modified.

103-000133-001
August 29, 2001
Novell Confidential
77
Manual
99a
38
July 17, 2001

9 To change the footer text, click Deactivate Custom Trailer.
When you change the document footer for an HTML page, the lastmodified date doesnt change.
Customizing Parsed HTML

HTML is normally sent to the client exactly as it exists on disk without any
server intervention. However, the server can search HTML files for special
commands (that is, parse the HTML) before sending documents. If you want
the server to parse these files and insert request-specific information or files
into documents, you must first enable HTML parsing.
1 Click Enterprise Web Server servername > Content Management > Parse
HTML.
2 Select the server resource to edit from the Editing drop-down list.
4 Click Wildcard to enter the pattern you want to edit.
5 Select whether or not you want to activate parsed HTML.
If you activate it, you need to choose whether to activate it with or without
the Exec tag. The Exec tag allows an HTML file to execute an arbitrary
program on the server. You might not want to allow the Exec tag for
security or performance reasons.
6 Select which files to parse.
The default choice is to parse only files with the extension .SHTML. In
this case, all files you want to parse must have the .SHTML extension.
You can have the server parse all of its HTML files. Choosing this option
can slow your servers performance.
78

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Using Cache-Control Directives

Cache-control directives are a way for the Enterprise Web Server to control
what information is cached by a proxy server. By using cache-control
directives, you override the default caching of the proxy to protect sensitive
information from being cached and perhaps retrieved later. For these
directives to work, the proxy server must comply with HTTP 1.1.
For specific directories in your server, you can set the cache-control directives
to one of the following levels:
Public: The response is cacheable by any cache.
Private: The response is cacheable only by a private (non-shared) cache.
No Cache: The response must not be cached anywhere.
No Store: The cache must not store the request or response anywhere in
nonvolatile storage.
Must Revalidate: The cache entry must be revalidated from the
originating server.
Maximum Age (in seconds): The client does not accept a response that
has a greater age than the maximum age.
To set the cache-control directives, do the following:
Cache Control Directives.

2 Select the directory or directories that you want to set cache-control
directives for from the Editing drop-down list.

4 Click Wildcard to enter the pattern you want to edit.
5 Select the level of control you want to set.
The default is public.

6 Click OK.
For more information on HTTP 1.1, see the Hypertext Transfer Protocol
(http://www.ietf.org/html.charters/http-charter.html)(HTTP/1.1
specification [RFC 2068]).

103-000133-001
August 29, 2001
Novell Confidential
79
Manual
99a
38
July 17, 2001
Working with Configuration Styles

Configuration styles are an easy way to apply a set of options to specific files
or directories that your server maintains. For example, you can create a
configuration style that sets up access logging. When you apply that
configuration style to the files and directories that you want to log, you dont
have to individually configure access logging for all the files and directories.
Creating a Configuration Style

1 Click Enterprise Web Server servername > Styles > New Style.
2 In the Style Name field, enter the name you want to give the configuration
style.
3 Click OK.
4 Select a configuration style to edit from the Style drop-down list and then
click Edit This Style.

5 From the list of links available, click the category you want to configure
for your style. You can configure the following information:
80
LCGI File Type: Lets you activate LCGI as a file type. For more
information about working with Web applications, see Chapter 9,
Extending Your Server with Programs, on page 97.
Character Set: Lets you change the character set for a resource. For
more information, see Assigning a Character Set on page 76.
Default Query Handler: Lets you set a default query handler for a
server resource.
Document Footer: Lets you add a document footer to a server

resource. For more information, see Specifying a Document
Footer on page 77.
Error Responses: Lets you customize the error responses that clients
see when they encounter an error from your server. For more
information, see Customizing Error Responses on page 57.
Log preferences: Lets you set preferences for access logs. For more
information, see Working with Log Files on page 113.
Restrict Access: Lets you restrict access to the entire server or parts
of it. For more information, see Restricting Access on page 58.
Server Parsed HTML: Lets you specify whether the server parses
files before they are sent to the client. For more information, see
Customizing Parsed HTML on page 78.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
6 Fill out the form that appears and then click OK.
7 Repeat Step 4 and Step 5 to make any other changes to the configuration
style.
8 Click OK on the form you modified.
9 Click OK on the Edit a Style form.
Editing a Configuration Style

1 Click Enterprise Web Server servername > Configuration Styles > Edit
Style.
2 Select a configuration style to edit from the Style drop-down list.
3 Click Edit This Style.
4 From the list of links available, click the category you want to configure
for your style.

For more information on these categories, see Creating a Configuration
Style on page 80.
5 Fill out the form that appears > click OK.
6 Repeat Steps 4 and 5 to make any other changes to the configuration style.
7 Click OK on the form you modified.
8 Click OK on the Edit a Style form.
Applying a Configuration Style

Once youve created a configuration style, you can apply it to files or
directories in your server. You can specify either individual files and
directories or wildcard patterns, such as *.GIF.
1 Click Enterprise Web Server servername > Configuration Styles > Assign
Style.
2 In the URL Prefix Wildcard field, enter the prefix of the URL that you are
applying this configuration style to.

If you select a directory inside the document root, only enter the path after
the document root. If you enter /* after the directory, you apply the
configuration style to all of the directorys contents.

103-000133-001
August 29, 2001
Novell Confidential
81
Manual
99a
38
July 17, 2001
3 Select the configuration style you want to apply from the Style drop-down
list.
Removing a Configuration Style

Before removing a configuration style, apply the None configuration style to
any files or directories that had the configuration style applied to them. If you
do not apply None before removing the configuration style, you must
manually edit your OBJ.CONF file, search for the configuration style in the
file, and replace it with None. If you dont do this search and replace, anyone
who accesses the files or directories that the deleted configuration style was
applied to will get a server configuration error message.
1 Click Enterprise Web Server servername > Configuration Styles >
Remove Style.
2 Select the configuration style you want to remove from the Remove drop-
down list.
Listing Configuration Style Assignments

After you have created configuration styles and applied them to files or
directories, you can get a list of the configuration styles and where you applied
them.
1 Click Enterprise Web Server servername > Configuration Styles > List
Assignments.
2 To edit a configuration style assignment, click Edit Style Assignment next
to the configuration style name.
82

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Using a Directory Service to Control

User Access to Network Resources
Using a directory service with NetWare Web Services lets you easily control
which of your users can access sensitive data on your NetWare 6 server.
The NetWare Enterprise Web Server lets you choose which directory service
mode you want the Enterprise Server to use. This chapter describes each of the
available directory service modes and how to set them up.
The Directory Service

Directory services are a type of software that allow you to maintain
information, such as contact information or identification information for the
people in your organization. This information is also used when controlling
access to a server and its resources by requiring a user to provide the necessary
username and password when trying to access protected (or nonpublic)
folders.
You can use three directory service modes with the Enterprise Web Server:
eDirectoryTM mode
Local database mode
LDAP mode
NOTE: If you choose local database or LDAP modes, users will be required to
enter fully distinguished names (.username.context.domain) whenever accessing

protected folders.
eDirectory Mode
Novell eDirectory is installed during the NetWare 6 installation. The
Enterprise Web Server provides a native eDirectory integration mode. While
in this mode, users attempting to access any folder that is not designated as a
public folder are required to enter a username and password. This is
accomplished through eDirectorys use of native NetWare file system trustee
assignments.
This means that anywhere that users have Internet access, they can log in from
an HTTP client using their eDirectory usernames and passwords. There is no

103-000133-001
August 29, 2001
Novell Confidential
83
Manual
99a
38
July 17, 2001
need for them to set up a dialup account into your company network. As long
as they can get to the Internet, they can get to their data.
eDirectory is the default directory mode and is ready to go after installation of
NetWare 6. After eDirectory mode is selected,
Use ConsoleOneTM to maintain user and group information.
HINT: You can also use the Users and Groups feature from within the Enterprise
Server manager pages to perform basic eDirectory functions, such as adding,
configuring, or removing User and Group objects. To access users and groups
from the NetWare Web Manager home page, click your Enterprise servername >
then Users and Groups.
Users are required to log in from the Web browser to gain access to
resources contained in nonpublic directories.
Make sure SSL is enabled if you do not want eDirectory passwords
visible to hackers.
NetWare file system trustees assignments are available exclusively to
control access to Web resources.
NetWare Enterprise Web Server access control lists (ACLs) are disabled.
Local Database Mode

The local database is intended for sites running a public access Web site, or a
site in which protected resources are limited and where you dont have a need
to secure any or most of your information. Usernames and passwords are
stored in a simple text file.
Local database mode has the following limitations when compared to
eDirectory:
Rights set up in local database mode dont carry over to your existing
directory service; therefore, you have to maintain and synchronize two
access control lists.
The local database supports no more than 1,000 entries.
The local database cannot be replicated.
84

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
LDAP Mode
If your company is built around LDAP, this mode might make sense for you.
However, we recommend eDirectory as your directory service. eDirectory is
the leading directory service available today and is included with NetWare 6.
For information about implementing LDAP with eDirectory, see LDAP
Services for Novell eDirectory (http://www.novell.com/documentation/lg/
nw6p/ndsedir86/index.html). Before using eDirectory as your LDAP server,
you must first enable unencrypted passwords by opening the properties of
your LDAP Server object using ConsoleOne.
Configuring Directory Services

This section describes how to configure a directory service (or the local
database) for use with the Enterprise Web Server.
IMPORTANT: If you switch to or from local database mode, you need to restart all
Web Services servers, including NetWare Web Manager. Keep in mind that Web
Manager runs on the Apache Web server, which hosts other services, including
iFolderTM. You might want to do this when you know user traffic is low.
Using eDirectory Mode

eDirectory is already configured by default. However, if you for any reason
you need to reconfigure eDirectory mode, follow these steps.
1 From the NetWare Web Manager home page, click Enterprise Web Server
servername > Users and Groups > Configure Directory Service.

2 Select eDirectory.
A dialog box appears to confirm that you want to use eDirectory.

3 Click OK.
4 To add a new search context, click Insert Context .
HINT: This field is optional. However, by specifying the context of your admin user
object, you will not be required to enter your fully distinguished name when
prompted to authenticate to Web Manager or other protected resources.
5 Click Remove Context to remove one or more search contexts.

6 Click Float Context to move the selected context to a higher priority
context.

103-000133-001
August 29, 2001
Novell Confidential
85
Manual
99a
38
July 17, 2001
8 (Conditional) If you change directory service from a local or remote
LDAP directory to eDirectory, you need to restart the Web server.

NetWare Web Manager does not need to be restarted.
HINT: eDirectory does not allow public access to nonpublic folders or files. All
users must be authenticated before receiving any content. Content that is placed
in public directories do not require authentication. For more information on setting
up public directories, see Setting Additional Document Directories on page 62.
Using Local Database Mode


2 Click Local Database.
A dialog box appears to warn you that you will lose your directory service
configuration information.
3 Click OK.
4 In the Base DN field, enter the distinguished name to be used as a suffix
for your local directory and also as the point which directory lookups will
occur from by default.
An example of a suffix that you could enter here is
o= your_company_name, c=US
If you do not enter a value in this field, then your suffix will be a null
string and all searches will begin from the top or root point of the
directory.
Using LDAP Mode


2 Click LDAP Directory Server.
A dialog box appears to confirm that you want to use a directory server.
3 Click OK.
4 In the Host Name field, enter the hostname where the directory server is
running.
You must enter a hostname even if the directory server is running on the
local machine.
86

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
5 In the Port field, enter the default number if your directory server is using
a different port number than the default port number 389.

6 In the Base DN field, enter the distinguished name that will be the point
which directory lookups will occur from by default and will be the
location where all NetWare Web Managers entries will be placed in your
directory tree.
An example of a base DN that you could enter here is
o= you_company_name, c=US
7 In the Bind DN field, enter the bind DN that NetWare Web Manager will
use to initially bind (or log in) to the directory server.

This bind DN requires only Read and Search access to the directory.
Because this DN and the associated password (if any) are easily
compromised, it is best to simply leave this field blank and then set up
your directory server to allow anonymous search access. If you do not
want to allow anonymous search access to your directory, then specify a
bind DN entry here that has only Read and Search access to your
directory.
IMPORTANT: Do not specify your directory servers admin username in this field.
This bind DN is used only to initially search for the username you entered in
NetWare Web Manager authentication dialog box. Once the entry corresponding
to this username is located, NetWare Web Manager rebinds to the directory server
using the retrieved entry. Therefore, if the username you supplied when you first
logged in to NetWare Web Manager does not have access to the directory server,
you will not have any access to the directory server, regardless of the bind DN
information provided in this field.
8 (Optional) In the Bind Password field, enter the password for the bind DN
entry if you have entered a bind DN in the previous field.


103-000133-001
August 29, 2001
Novell Confidential
87
Manual
88
99a
38

103-000133-001
August 29, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001

This chapter describes the access control list (ACL) files and their syntax.
ACL files are text files that contain lists that define who can access resources
stored on your Web server. By default, the Web server uses one ACL file that
contains all of the lists for access to your server. However, you can create
multiple ACL files and reference them in the OBJ.CONF file.
You need to know the syntax and function of ACL files if you plan to
customize access control using the access control API. For more information
on the API, see the Novell Developer Kit Web site (http://
www.developer.novell.com/ndk/nscomp.htm).
Using either local database or LDAP directory modes, you manage access
control through the access control lists (ACL). With Novell eDirectoryTM,
you manage access control through NetWare file system trustees. For more
information, see Chapter 7, Using a Directory Service to Control User
Access to Network Resources, on page 83 and Controlling Access with
NetWare Web Access Controls on page 265.
ACL File Syntax

An ACL file is a text file containing one ACL or more. All ACL files must
follow a specific format and syntax. All ACL files must begin with the version
number they use. There can be only one version line and it can appear after
any comment lines. For example:
version 3.0;
You can include comments in the file by beginning the comment line with the
pound (#) sign.
Each ACL in the file begins with a statement that defines its type. ACLs can
follow one of three types:
Path ACLs specify an absolute path to the resource they affect.
URI (Uniform Resource Indicator) ACLs specify a directory or file.
Named ACLs specify a name that is referenced in resources in the
OBJ.CONF file. The server comes with a default named resource that
allows read access to anyone and write access to users in the local
database or LDAP directory. Even though you can create a named ACL

103-000133-001
August 29, 2001
Novell Confidential
89
Manual
99a
38
July 17, 2001
from the Server Preference forms, you must manually reference the
named ACLs with resources in the OBJ.CONF file.
The type line begins with the letters acl and then includes the type information
in double quotation marks followed by a semicolon. Each type information for
all ACLs must be a unique name, even among different ACL files. The
following lines are examples of several different types of ACLs:
acl "path=C:\Netscape\SuiteSpot\docs\mydocs\";
acl "*.html";
acl "default";
acl "uri=/mydocs/";
After you define the type of ACL, you can have one or more statements that
define the method used with the ACL (authentication statements) and the
people and computers who are allowed or denied access (authorization
statements). The following sections describe the syntax for these statements.
Authentication Statements
ACLs can optionally specify the authentication method the server must use
when processing the ACL. There are two general methods:
Basic requires users to enter a username and password before accessing a
resource.
SSL requires the user to have a client certificate. For this method to work,
the Web server must have encryption turned on.
By default, the server uses the basic method for any ACL that doesnt specify
a method. You can change the default setting by editing the following line in
the MAGNUS.CONF file:
Init fn=acl-set-default-method method=SSL
Each authenticate line must specify what list (users, groups, or both) the server
should use when authenticating users. The following authentication statement,
which would appear after the ACL type line, specifies basic authentication
with users matched to individual users in the database or directory:
authenticate (user) {
method = basic;
};
90

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The following example uses SSL as the authentication method for users and
groups:
authenticate (user, group) {
method = ssl;
};
Any allow or deny statements must match the lists you specify in the
authenticate line. If the line says authenticate (user), the allow or deny line
must also specify users. The following example allows any user whose
username begins with the letters sales:
authenticate (user)
allow (all)
user = sales*
If the last line was changed to group = sales, then the ACL would fail because
there are no groups in the user lists.
Authorization Statements
Each ACL entry can include one or more authorization statements, which
specify who is allowed or denied access to a server resource. Use the
following syntax when writing authorization statements:
allow|deny [absolute] (right[,right...]) attribute qualifier
expression;
Start each line with either allow or deny. Its usually a good idea to deny access
to everyone in the first rule or command you enter and then specifically allow
access for users, groups, or computers in subsequent rules. This is because of
the hierarchy of rules.
For example, if you allow anyone access to a directory called MY_STUFF,
then you have a subdirectory MY_STUFF/PERSONAL that allows access to
a few users. The access control on the subdirectory wont work because
anyone allowed access to the MY_STUFF directory will also be allowed
access to the MY_STUFF/PERSONAL directory. To prevent this, create a
rule for the subdirectory that first denies access to anyone and then allows it
for the few users who need access.
However, in some cases, if you set the default ACL to deny access to
everyone, then your other ACL rules dont need a Deny All rule.
The following line denies access to everyone:
deny (all)
user = "anyone";

103-000133-001
August 29, 2001
Novell Confidential
91
Manual
99a
38
July 17, 2001
Hierarchy of Authorization Statements
ACLs have a hierarchy that depends on the resource. For example, if the
server receives a request for the document (URI) /MY_STUFF/WEB/
PRESENTATION.HTML, the server first looks for an ACL that matches the
file type or any other wildcard pattern that matches the request, then it looks
for one on the directory, and finally it looks for an ACL on the URI. If there is
more than one ACL that matches, the server uses the last statement that
matches.
However, if you use an absolute statement, then the server stops looking for
other matches and uses the ACL containing the absolute statement. If you
have two absolute statements for the same resource, the server uses the first
one in the file and stops looking for other resources that match.
For example, using the ACL hierarchy with the request for the document
/MY_STUFF/WEB/PRESENTATION.HTML, you could have an absolute
ACL that restricts access to the file type *.HTML then the server would use
that ACL instead of looking for one that matches the URI or the path.
version 3.0;
acl "default";
authenticate (user,group) {
prompt="Enterprise Server";
};
allow (write,delete)
user="all";
acl "*.html";
deny absolute (all)
user="anyone";
acl "uri=/my_stuff/web presentation.html";
deny (all)
user="anyone";
allow (all)
user="anyone";
92

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Attribute Qualifier Expressions
Attribute qualifier expressions define who is allowed or denied access based

on their username, group name, hostname, or IP address. The following lines
are examples of allowing access to different people or computers:
user = anyone
user = smith*
group = sales
dns = *.organization.com
dns = *.organization.com or *.accounting_mail.com
ip = 198.*
You can also restrict access to your server by time of day (based on the local
time on the server) by using the timeofday attribute qualifier. For example, you
can use the timeofday attribute qualifier to restrict access to certain users
during specific hours.
Use a 24-hour clock to specify times (for example, use 0400 to specify 4 a.m.
or 2230 for 10:30 p.m.).
The following example restricts access to a group of users called Guests
between 8:00 a.m. and 4:59 p.m.
allow (read)
(group="guests") and
(timeofday<800 or timeofday>=1700);
You can also restrict access by day of the week. Use the following three-letter
abbreviations to specify days of the week: Sun, Mon, Tue, Wed Thu, Fri, and
Sat.
The following statement allows access for users in the Premium group any day
and any time. Users in the Discount group get access all day on weekends and
on weekdays anytime except 8:00 a.m. to 4:59 p.m.
allow (read) (group="discount" and dayofweek="Sat,Sun") or
(group="discount" and (dayofweek="mon,tue,wed,thu,fri" and
(timeofday<0800 or timeofday>=1700)))
or
(group="premium");

103-000133-001
August 29, 2001
Novell Confidential
93
Manual
99a
38
July 17, 2001
Operators for Expressions
You can use various operators in attribute qualifier expressions. You can use
parentheses to delineate the order of precedence of the operators. With user,
group, dns, and ip qualifiers, you can use the following operators:
and
or
not
= (equals)
!= (not equal to)
With timeofday and dayofweek qualifiers, you can use the following additional
operators:
> (greater than)
< (less than)
>= (greater than or equal to)
<= (less than or equal to)
Default ACL File

After installing the server, it uses the default settings in the file
SERVER_ROOT/HTTPACL/GENERATED.HTTPS-SERVERID.ACL.
There is also a file called GENWORK.HTTPS-SERVERID.ACL that is a
working copy that the server uses until you save and apply your changes when
working with the user interface. When editing the ACL file, you might want
to work in the GENWORK file and then use Server Preferences to save and
apply the changes.
The following text is from the default file:
# File automatically written
#
# You may edit this file by hand
#
version 3.0;
acl "agents";
prompt = "Enterprise Server";
};
deny (all)
user = "anyone"
94

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
allow absolute (all)

user = "all";
acl "default";
allow (read,execute,list,info)
user = "anyone";
allow (write,delete)
user = "all";
The default ACL file is referenced in MAGNUS.CONF as follows:

ACLFile absolutepath/generated.https-serverid.acl
You can reference multiple ACL files in MAGNUS.CONF and then use their
ACLs for resources in OBJ.CONF. However, the server uses only the first
ACL file with the Web Publisher and with evaluation of access control for
objects that dont have specific ACLs listed in OBJ.CONF. If youre using the
Server Preference form to do some access control, the first ACL file in
MAGNUS.CONF should point to the file GENERATED.HTTPSSERVERID.ACL. See Referencing ACL Files in OBJ.CONF on page 96
for more information.
General Syntax Rules
Input strings can contain the following characters:

Letters A through Z
Numbers 0 through 9
Period (.) and underscore (_)
If you use any other characters, use double quotation marks (" ") around the
characters.
A single statement can be placed on its own line and be terminated with a
semicolon. Multiple statements are placed within braces. A list of items must
be separated by commas and enclosed in double quotation marks.

103-000133-001
August 29, 2001
Novell Confidential
95
Manual
99a
38
July 17, 2001
Referencing ACL Files in OBJ.CONF

If you have named ACLs or separate ACL files, you can reference them in the
OBJ.CONF file. You do this in the PathCheck directive using the check-acl
function. The line has the following syntax:
PathCheck fn="check-acl" acl="acl_name"
The acl_name is a unique name of an ACL as it appears in any ACL file.

For example, you might add the following lines to your OBJ.CONF file if you
want to restrict access to a directory using the ACL named testacl:
<Object ppath="/usr/ns-home/docs/test/*">
PathCheck fn="check-acl" acl="testacl"
</Object>
In this example, the first line is the object that states which server resource you
want to restrict access to. The second line is the PathCheck directive that uses
the check-acl function to bind the named ACL (testacl) to the object that the
directive appears in. The testacl ACL can appear in any ACL file referenced
in MAGNUS.CONF.
96

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

In addition to serving HTML documents, your server can run programs that
interact with clients. These applications that run on the server are called
server-side applications. Client-side applications are downloaded to the client
and run on the client machine.
Your server can run these types of server-side applications:
Local Common Gateway Interface (LCGI) programs
JavaScript applications
Plug-in programs that use the server plug-in APIs, such as the Netscape
Server Plug-In (NSAPI)
This chapter describes how to install Java applets, CGI programs, and
JavaScript applications onto your server. Plug-ins extend or replace your
servers features. For example, you can use plug-ins to provide a different way
to control access or to log in.
For information on writing and installing plug-ins, see the Novell Developer
Kit Web site (http://www.developer.novell.com/ndk/doc.htm).
Additionally, your server can send server-side JavaScript programs to
clients.This chapter deals mainly with the installation and configuration of
server-side programs.
This chapter also describes the steps for specifying a default query handler
CGI program. A query handler processes text sent to it via the ISINDEX tag
in an HTML file.
Installing Server-Side Programs

JavaScript applications and CGI programs have different strengths and uses.
CGI programs can be written in C, PERL, or other programming languages.
All CGI programs have a standard way to pass information between clients
and servers. JavaScript applications are written in JavaScript, an object-based
scripting language that is easier to learn than an object-oriented programming
language and lends itself to rapid application development.

103-000133-001
August 29, 2001
Novell Confidential
97
Manual
99a
38
July 17, 2001
Each type of program is installed onto the server differently. The following list
summarizes the procedures:
For CGI programs, configure your server to recognize certain files as
CGI-all files with certain filename extensions or all files in specified
directories.
For JavaScript applications, check in each application individually
through the Application Manager, which you can access from the
Programs form or separately.
These installation instructions are described in the following sections.
Installing CGI Programs

Common Gateway Interface (CGI) programs can be created with any number
of programming languages. On a UNIX* machine, youre likely to find CGI
programs written as Bourne shell or PERL scripts. On a Windows computer,
you might find CGI programs written in C++ or batch files. On NetWare,
you might find CGI programs written in NetBasic*, PERL, Novell Script for
NetWare (NSN), or LCGI NLMTM applications.
Regardless of the programming language, all CGI programs accept and return
data in the same manner.
There are two ways to store CGI programs on your server:
1. Specify a directory that contains only CGI programs. All files are run as
programs regardless of the file extensions.
2. Specify that CGI programs are all a certain file type. They will all use the
file extensions .CGI, .EXE, .NLM, or .BAT. The programs can be located
in any directory that the server can serve from.
There are benefits to either implementation. If you want only a specific set of
users to be able to add CGI programs, keep the CGI programs in specified
directories and restrict access to those directories. If you want to allow anyone
who can add HTML files to be able to add CGI programs, use the file type
alternative. Users can keep their CGI files in the same directories as their
HTML files.
If you choose the directory option, your server will attempt to interpret any file
you place in that directory as a CGI program. Similarly, if you choose the file
type option, your server will attempt to process any files with the file
extensions .CGI, .EXE, .NLM, or .BAT as CGI programs. If a file has one of
these extensions but is not a CGI program, an error occurs when a user
attempts to access it.
98

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Specifying a CGI Directory

servername > Programs > CGI Directory.

2 In the URL Prefix field, enter the URL prefix you want to use for this
directory.
The text you enter appears as the directory for the CGI programs in URLs.
For example, if you enter cgi-bin as the URL prefix, then all URLs to
these CGI programs have the following structure:
http://yourserver.domain.com/cgi-bin/program-name
The URL prefix you specify can be different from the real CGI directory
you specify in the next step.
3 In the CGI Directory field, enter the location of the directory as an
absolute path.
This directory doesnt have to be under your document root. This is the
reason that you need to specify a URL prefix in the previous step.
Editing an Existing CGI Directory

2 Under Current CGI Directories, click Edit next to the directory you want
to edit.
3 In the URL prefix field, enter the new prefix.
4 In the CGI directory field, enter the new directory.
Removing an Existing CGI Directory

2 Under Current CGI directories, click Remove next to the directory you
want to remove.

103-000133-001
August 29, 2001
Novell Confidential
99
Manual
99a
38
July 17, 2001
Copy your CGI programs into the directories youve specified.

Remember that any files in those directories will be processed as a CGI
file, so you dont want to put HTML files in your CGI directory.
Specifying CGI as a File Type
servername > Programs > CGI File Type.

2 Select the resource you want to apply this change to from the Editing
drop-down list.
3 Click Browse to choose a part of your server.
4 Click Options to browse files and directories on your server.
5 Click Back to return to the CGI as a File Type form.
6 Click Wildcard to enter the wildcard pattern to edit.
7 Click Yes to activate CGI as a file type.
The CGI files must have the file extension .BAT, .EXE, .NLM, or .CGI. Any
non-CGI files with those extensions will be processed by your server as CGI
files and will cause errors.
Downloading Executable Files
If youre using .EXE as a CGI file type, users will not be able to download
.EXE files as executables.
One solution to this problem is to compress the executable files that you want
users to be able to download, so that the extension is not .EXE. This solution
has the added benefit of shortening the download time.
Another possible solution is to remove .EXE as a file extension from the
MAGNUS-INTERNAL/CGI type and add it to the APPLICATION/OCTETSTREAM type (the MIME type for normal downloadable files). You can do
this by clicking Enterprise Web Server servername > Server Preferences >
MIME Types. However, the disadvantage to this method is that after making
this change, you cannot use .EXE files as CGI programs.
Another solution is to edit your servers OBJ.CONF file to set up a download
directory, where any file in the directory is downloaded automatically. The
rest of the server wont be affected. For directions on setting up this directory,
visit the Netscape Technical Support Knowledge Base (http://
help.netscape.com/kb/server/960513-130.html).
100 Getting Results with Novell Web Services

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Scripting CGI
Refer to the Novell Developer Kit Web site (http://

www.developer.novell.com/ndk/doc.htm) for information on PERL,
NetBasic, NSN, and LCGIs.
Using the Query Handler

You can specify a default query handler CGI program. A query handler
processes text sent to it via the ISINDEX tag in an HTML file.
ISINDEX is similar to a form text field in that it creates a text field in the
HTML page that can accept typed input. Unlike the information in a form text
field, however, the information in the ISINDEX box is immediately submitted
when the user presses Enter. When you specify your default query handler,
you tell your server the program to direct the input to. For an in-depth
discussion of the ISINDEX tag, see an HTML reference manual.
To set a query handler, do the following:
servername > Programs > Query Handler.

2 Select the resource you want to set a default query handler for from the

If you choose a directory, the query handler you specify runs only when
the server receives a URL for that directory or any file in that directory.
3 Click Browse to choose a part of your server.
4 Click Options to browse files and directories on your server.
5 Click Back to return to Query Handler form.
6 Click Wildcard to enter the wildcard pattern to edit.
7 In the Default Query Handler field, enter the full path for the CGI
program you want to use as the default for the resource you selected.
Extending Your Server with Programs 101

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Installing Server-Side JavaScript Programs

To install server-side JavaScript programs, you need to activate server-side
JavaScript for your server and use the Application Manager. This section
includes information on accessing and using the Application Manager to
install server-side JavaScript applications as well as to perform other
functions.
For more information about writing JavaScript applications, see the Novell
Developer Kit Web site (http://www.developer.novell.com/ndk/doc.htm).
You must activate server-side JavaScript before you can use the Application
Manager. Also, put JSAC.EXE and LIBESNSPR20.DLL in your system
directory so that they are in the search path. These files are found in the
NOVONYX/SUITESPOT/BIN/HTTPS directory.
Activating Server-Side JavaScript
If you are using server-side JavaScript applications, you must first activate
server-side JavaScript for your server.
servername > Programs > Server Side JavaScript.

2 Select Yes to activate the server-side JavaScript application environment.
4 When the Activate Server Side JavaScript form appears, click the link to
use the Application Manager.

5 Enter the NetWare Web Manager username and password to use the
Application Manager.
For more information, see Securing the Application Manager on page
104.
For applications written in server-side JavaScript, you can perform the
following administrative tasks with the server-side JavaScript Application
Manager:
Install a new JavaScript application. (You must add an application before
users can run it.)
Modify any of the attributes of an installed application. For example, its
default home page, path to the .WEB file, and type of client-object
maintenance.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Stop, start, and restart an installed application.

Run and debug an active application.
Remove an installed application.
Running the Application Manager
To run the Application Manager, click Enterprise Web Server servername >
Programs > Server Side JavaScript > Application Manager. You can also run
the Application Manager by loading the following URL in your Web browser:
https://server.domain/appmgr
The Application Manager displays all applications currently installed on the
server in a scrolling list in the left frame. Click an application in the scrolling
list.
For the selected application, the right frame displays the following:
Application name (at the top of the frame)
Path of the application .WEB file on the server
Default and initial pages for the application
Number of built-in maximum database connections allowed
External libraries used by the application (if any)
Client object maintenance technique
Status of the application: Active or Stopped (Users can run only active
applications.)
To modify applications, do the following:
1 In the Applications list, select the application you want to modify.
2 Click the task button below the Applications list to perform the specified
action:
Start activates the application.

See Starting, Stopping, and Restarting a Server-Side JavaScript
Application on page 107.
Stop stops the application.


103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Restart restarts the application that was previously started and then
stopped.
Run: Retrieves application-Home form.

See Running a Server-Side JavaScript Application on page 107.
Debug: Retrieves application-Home form.
Modify: Retrieves the specified application form.

See Modifying Installation Parameters on page 106.
Remove: Removes the application.

See Removing a Server-Side JavaScript Application on page 107.
The following explains the buttons and links on the green banner that runs
across the top of the screen:
Configure configures the default settings for Application Manager
Add Application installs a new JavaScript application
Documentation provides further documentation on server-side JavaScript
Help provides instructions for using Application Manager
Securing the Application Manager
If you have disabled Web Managers encryption, intruders can easily intercept
your administrator username and password. Because Application Manager
uses the same administrator username and password, intruders could also
access Application Manager and add, remove, modify, start, stop, or delete
your applications.
You should either enable Web Managers encryption or avoid accessing it
from outside of your companys firewall.
Installing Server-Side JavaScript Applications
You must install (add) an application with the Application Manager before
you can run it. You can install up to 120 JavaScript applications on one server.
servername > Programs > Server Side JavaScript.

2 Click Application Manager.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
3 Click Add Application at the top of the page.

4 In the Name field, enter the name of the JavaScript application.
For specific information on application URLs, see Application URLs

on page 106.
IMPORTANT: Do not give any JavaScript applications the same names as any
subdirectories of your primary document directory. If you do, the server will no
longer correctly process requests from the directory. For example, if you have a
directory server_root/DOCS/BUG and a JavaScript application named Bug, all
requests for any files in the BUG directory (or any of its subdirectories) will attempt
to launch the JavaScript application Bug. The JavaScript application URI takes
precedence.
5 In the Web File Path field, enter the absolute path to the .WEB file for the
application.
6 In the Default Page field, enter the absolute path of the file to send to
clients who do not indicate a specific page for the application.

This page is analogous to INDEX.HTML for a standard URL. This is a
required field.
7 (Optional) In the Initial Page field, enter the absolute path of the page to
run when the application is first started.

This page runs only once during the life of the application and is used to
initialize values and establish database connections.
8 (Optional) In the Built-in Maximum Database Connections field, enter
the maximum number of database connections that this application can

have at one time if you are using the built-in Database object.
9 (Optional) In the External Libraries field, enter the absolute paths of any
libraries to be used with the application.

Libraries installed for one application can be used by all applications on
the server.
10 In the Client Object Maintenance field, select the mode for maintaining
the Client object.

This can be Client-Cookie, Client-URL, Server-IP, Server-Cookie, or
Server-URL.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Application URLs
When you install a server-side JavaScript application, you must enter a name
for it. This name determines the application URL, which clients use to access
a JavaScript application. Application URLs are of the form http://
server.domain/appName/page.html. Server is the name of the HTTP server,
domain is the Internet domain (including the subdomains), appName is the
application name you enter when you install it, and page is the name of the
page in the application.
For example, if your server is named MYSERVER, your domain name is
NOVELL.COM, and the application is called Hello World, the application
URL is HTTP://MYSERVER.NOVELL.COM/WORLD/HELLO.HTML
This is a required field, and the name you enter must be different from all other
application names on the server. The name must include only alphanumeric
characters and cannot include spaces.
IMPORTANT: Before you install an application, make sure the application name
you choose does not usurp an existing URL on your server. All client requests for
URLs that match the application URL are routed to the directory specified for the
.WEB file, circumventing the servers normal document root.
Controlling Access to a Server-Side JavaScript Application
When you install an application, you might want to restrict its use to only
certain users. You can do this by applying a configuration style to the
application. For more information, see Working with Configuration Styles
on page 80.
Modifying Installation Parameters
You can change any of the parameters defined when you installed the
application, except the application name. To change the name of an
application, you must remove the application and then reinstall it.
If you modify the parameters of a stopped application, the Application
Manager automatically starts it. When you modify parameters of an active
application, Application Manager automatically stops and restarts it.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Removing a Server-Side JavaScript Application
Clicking Remove removes the application from the Application Manager, but
does not delete files from the server. At this point, clients can no longer access
the application.
If you delete an application and subsequently want to run it, you must install
it again.
Starting, Stopping, and Restarting a Server-Side JavaScript Application
Start starts an installed application that is stopped. If the application starts

successfully, clients can run the application.
Stop stops an active application. The applications status changes to
stopped, and clients can no longer run the application. You must stop an
application if you want to move the .WEB file or update an application
from a development server to a deployment server.
Restart restarts a running application. For any changes you have made to
take effect, you must restart an application after you compile it.
You can also start, stop, and restart an application by entering a special URL
in the format
http://server.domain/appmgr/
control.html?name=appName&cmd=action
where appName is the application name and action is either stop, start, or
restart.
Running a Server-Side JavaScript Application
There are two ways to run an installed application:

Select the application name in the Application Manager and click Run. A
new Web browser window accesses the application.
Enter the application URL in your Web browser.
If you attempt to run a stopped application (one that is not active), then the
Application Manager tries to start it first.
WARNING: The server should not be unloaded while a server-side JavaScript
application is running because the server can leave the application in an
unpredictable state.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Configuring Default Settings
When you install a new application, the default installation parameters are
used for the initial settings.
You can specify the following default settings:
Installation parameters of .WEB file path, default page, initial page,
maximum number of built-in database connections, external libraries, and
client object maintenance technique. You can specify a default directory
path for your development area and native executables libraries.
Prompts to confirm your action when you remove, start, stop, or restart an
application.
The application trace to appear, when debugging an application, in the
same window as the application, but in another frame or in a window
separate from the application.
Installing Client-Side Programs

Installing client-side programs in your server is relatively easy. There are two
types of client-side programs: Java applets and JavaScript programs.
Client-side Java applets are executable files identified in an HTML document,
retrieved from the server, and executed on the client. The applets can reside
anywhere under your servers primary document root.
Client-side JavaScript programs are created by lines of JavaScript code
embedded in HTML files. The HTML files travel from the server to the client.
Once the files reach the client, the Web browser interprets the JavaScript code
and performs the specified actions.
With LiveConnect you can connect server-side Java and JavaScript
applications or client-side Java and JavaScript applications. For more
information on LiveConnect, on embedding JavaScript in HTML, and on
using client-side JavaScript with other programs, see the Novell Developer
Kit Web site (http://www.developer.novell.com/ndk/doc.htm).

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
About Tomcat for NetWare

Tomcat enables the NetWare Enterprise Web Server to execute Java servlets.
A servlet can be thought of as a server-side applet without a user interface.
Tomcat provides Web application developers with additional functionality.
For example, a servlet could be written and deployed to process data obtained
from a client via an HTML form and the server-side data processing could
manipulate the data and store results in a database. Servlets provide an
alternative to CGI.
For Tomcat documentation, refer to the HTML files found on your NetWare 6
server under SYS:\TOMCAT\33\DOC\INDEX.HTML.
You can also visit http://jakarta.apache.org (http://jakarta.apache.org) for the
latest Tomcat news.
Migrating from WebSphere to Tomcat

If you have been using IBM* WebSphere Application Server for NetWare,
you can migrate your existing Web applications to Tomcat using the migration
utility included with NetWare 6. The Migration Utility creates Tomcat 3.3
Web applications from WebSphere Web applications.
The WebSphere-to-Tomcat Migration Utility is intended for use when
upgrading from a NetWare 5.1 server to a NetWare 6.0 server where
WebSphere 3.02 or WebSphere 3.5.1 has been already installed on the
NetWare 5.1 server.
Step 1: Before Installing NetWare 6
1 At the NetWare console prompt, enter
xmlconfig -export volume:\websphere\migrate.xml adminNodeName NodeName

If WebSphere was installed to another volume or directory other than
volume:\WEBSPHERE, then specify that location instead.
IMPORTANT: You must use the nodes correct name.
This step can be skipped if you are migrating from WebSphere Servlet Engine Only
mode for WebSphere version 3.5.1.
2 Open the MIGRATE.XML file found in the volume:\WEBSPHERE
directory to verify that the export was successful.

Your Web applications should be listed in the MIGRATE.XML file.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Step 2: Upgrading to NetWare 6
Once you have completed the first step, you can proceed with your NetWare
6 server upgrade. (See the NetWare 6 Overview and Installation Guide).
IMPORTANT: All of the WebSphere directories must be preserved on the disk or
made available after the upgrade is performed. Failure to save the directories could
result in deleting your Web applications if you remove NetWare partitions during
Step 3: Running the Migration Tool
Once the upgrade is successfully completed and your server is running, start
the migration utility.
1 Because the migration utility edits the Enterprise Web Servers
OBJ.CONF file, we recommend that you make a backup copy of the file
before running the utility.
2 If WebSphere was not installed to the default directory
(SYS:\WEBSPHERE), edit the MIGRATE_TO_TOMCAT.NCF file with

the correct path.
3 At the NetWare console prompt, enter
migrate_to_tomcat
The migration utility creates a WEB-INF directory in the document root
directory for each WebSphere Web application. In each of the WEB_INF
directories is a WEB.XML file and two additional subdirectories named
CLASSES and LIB.
The JAR files for the Web applications are copied into the LIB directory and
the files that are referenced by the applications class-paths and the
WebSphere system class-path are copied into the classes directory.
Classes and Jar files for your Web applications are then stored in these
directories and the original locations are no longer used.
Additionally, the migration tool adds URL path references to the Enterprise
Web Server OBJ.CONF file. The DBSWITCH.CONF, file found at
volume:\NOVONYX\SUITSPOT\USERDB\DBSWITCH.CONF, is also
edited.
For additional details, refer to the Migration Utility release notes found at the
root of the NetWare 6 Operating System CD in the TOMCAT\33\BIN
directory.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Undoing the Migration
If you change your mind, you can undo the migration by following a few
simple steps.
1 Delete the file volume:\TOMCAT\33\CONF\APPS-
WEBSPHERE.XML.
2 Remove the URL paths from the Enterprise Web Servers OBJ.CONF
file.
3 Delete the WEB-INF directory in the document root of each WebSphere
Web application that was migrated.

4 Remove the entries in DBSWITCH.CONF that point to the added
document root directories.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38

103-000133-001
August 29, 2001
Novell Confidential
July 17, 2001
Manual
10
99a
38
July 17, 2001
Monitoring the Web Server

You can monitor your Web servers activity using one of several methods. You
can view the servers status in real timewhat is happening while you view
it, compared to past performanceby using the Hypertext Transfer Protocol
(HTTP) or the Simple Network Management Protocol (SNMP). You can also
monitor your server by recording and viewing log files.
Working with Log Files

Server log files record your servers activity. You can use these logs to monitor
your server and to help you when troubleshooting. Both the error log file and
the access log file are located in /NOVONYX/SUITESPOT/HTTPSSERVERNAME/LOGS. The error log file lists all the errors the server has
encountered, and the access log file records information about requests to the
server and the responses from the server. You can use the Server Status form
to specify what to include in the access log file. Use the log analyzer to
generate server statistics. You can back up server error and access log files by
archiving them.

You can view the servers active and archived access log files from the Server
Status form.
servername > Server Status > View Access Log.

2 Select the access log file you want to see from the View This Log File
drop-down list.
Active log files for resources and archived log files appear in the list.
3 To limit how much of the access log you see, enter the number of lines
you want to see in the Number of Entries field.

The order of the log entries on the screen is the order in which they were
recorded in the log.
4 If want to filter the access log entries for a particular word, enter the word
in the Only Show Entries With field.
Monitoring the Web Server 113

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Case is important; make sure the case for your entry matches the case of
the word youre searching for.
5 Click OK.
Here is an example of an access log in the common logfile format:

wiley.a.com
wiley.a.com
204 342
wiley.a.com
arrow.a.com
- - [16/Feb/1996:21:18:26 -0800] GET / HTTP/1.0 200 751

- - [17/Feb/1996:1:04:38 -0800] GET /docs/grafx/icon.gif HTTP/1.0
- - [20/Feb/1996:4:36:53 -0800] GET /help HTTP/1.0 401 571
- john [29/Mar/1996:4:36:53 -0800] GET /help HTTP/1.0 401 571
The following table describes the last line of the sample access log.
Table 5
Fields in the Last Line of the Sample Access Log File

Access Log Field
Example
Hostname or IP address of client arrow.a.com (In this case, the hostname is

shown because the Web servers setting for
DNS lookups is enabled; if DNS lookups
were disabled, the clients IP address would
appear.)
RFC 931 information
- (RFC 931 identity not implemented.)
Username
john (Username entered by the client for

authentication.)
Date/time of request
29/Mar/1996:4:36:53 -0800
Request
GET/help
Protocol
HTTP/1.0
Status code
401
Bytes transferred
571

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Here is an example of an access log using the flexible logging format:

wiley.a.com - - [25/Mar/1996:12:55:26 -0800] "GET /index.htm HTTP/1.0" "GET" "/
?-" "HTTP/
1.0" 304 0 - Mozilla/2.0 (WinNT; I)
wiley.a.com - - [25/Mar/1996:12:55:26 -0800] "GET / HTTP/1.0" "GET" "/?-" "HTTP/
1.0" 304 0
- Mozilla/2.0 (WinNT; I)
wiley.a.com - - [25/Mar/1996:12:55:26 -0800] "GET / HTTP/1.0" "GET" "/?-" "HTTP/
1.0" 304 0
- Mozilla/2.0 (X11; I; IRIX 5.3 IP22)
The access log in the flexible logging format looks similar to the access log
using the common logfile format.
Viewing an Error Log File

The error log file contains errors the server has encountered after the log file
was created; it also contains information about the server, such as when the
server was started. Incorrect user authentication is also recorded in the error
log. Use the error log to find broken URL paths or missing files.
servername > Server Status > View Error Log.

2 Enter the number of lines youd like to see in the Number of Errors to
View field if you want to see more or less than 25 lines of the error log at
one time.
The order of the log entries on the screen is the order in which they were
recorded in the log.
3 If youd like to filter the error messages for a particular word, enter the
word in the Only Show Entries With field.

Case is important; make sure the case for your entry matches the case of
the word youre searching for.
4 Click OK.
Here is an example of an error log:

[13/Feb/1996:16:56:51] info: successful server startup
[20/Mar/1996 19:08:52] warning: for host wiley.a.com trying to GET /report.html,
append-trailer reports: error opening
[30/Mar/1996 15:05:43] security: for host arrow.a.com trying to GET /, basicncsa reports: user jane password did not match database
In this example, the first line is an informational messagethe server started

successfully. The second log entry shows that the client wiley.a.com requested
the file REPORT.HTML, but the file wasnt in the primary document directory
on the server. The third log entry shows that the password entered for the user
jane was incorrect.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Setting Log Preferences

You can customize access logging for any resource by specifying whether to
log accesses, which format to use for logging, and whether the server should
spend time looking up the domain names of clients when they access a
resource.
Server access logs can be in common logfile format, flexible log format, or
your own customized format. The Common Logfile Format is a commonly
supported format that provides a fixed amount of information about the server.
The flexible log format allows you to choose (from the Server Status form)
what to log. A customized format uses parameter blocks that you specify to
control what gets logged. Once an access log for a resource has been created,
you cant change its format unless you archive it or create a new access log
file for the resource.
To set access logging preferences, do the following:
servername > Server Status > Log Preferences.

2 Select the resource that you would like to apply custom logging to from
the Editing drop-down list.

3 Select whether to log client accesses.
4 Enter the full path in the Log File field.
By default, the log files are kept in the logs directory in the server root
directory. If you specify a partial pathname, the server assumes the path
is the logs directory in the server root.
5 Under Record, click Domain Names or IP Addresses.
6 In the Format list, select Common Logfile Format, flexible log format
(Only Log option), or Custom Format.

7 (Conditional) If you selected Only Log, you can select any or all of the
following flexible log format items in the checklist:
Client Host Name: The hostname (or IP address if DNS is disabled)

of the client requesting access.
Authenticate Username: The authenticated username is listed in the

access log if authentication is necessary.
System Date: The date and time of the client request.
Full Request: The exact request the client made.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Status: The status code the server returned to the client.
Content Length: The content length, in bytes, of the document sent

to the client.
HTTP Header, Referer: The referer specifies the page from which
the client accessed the current page. For example, if a user was
looking at the results from a text search query, the referer would be
the page that the user accessed the text search engine from. Referers
allow the server to create a list of backtracked links.
HTTP Header, User-Agent: The user-agent informationwhich

includes the type of browser the client is using, its version, and the
operating system its running oncomes from the User-Agent field
in the HTTP header information the client sends to the server.
Method: The request method used.
URI: Universal Resource Identifier. The location of a resource on the

server. For example, for http://www.a.com:8080/special/docs, the
URI is special/docs.
Query String of the URI: Anything after the question mark in a URI.
For example, for http://www.a.com:8080/special/docs?find_this, the
query string of the URI is find_this.
Protocol: The transport protocol and version used.
8 (Conditional) If you selected a custom format, enter your custom format
in the Custom format field.

9 If you dont want to log client access from certain hostnames or IP
addresses, enter the hostname or IP address in the Hostnames and IP

Addresses fields.
Enter a wildcard pattern of hosts that the server should ignore when
recording accesses. For example, use *.netscape.com if you dont want to
log accesses from people whose domain is netscape.com; you can enter
wildcard patterns for hostnames, IP addresses, or both.
10 Click OK.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Archiving Log Files

You can archive the access and error log files and have the server create new
ones.
When you archive log files, the server renames the current log files and then
creates new log files with the original names. You can back up or archive, or
delete, the old log files, which are saved as the original filename followed by
the date and time the file was rotated. For example, ACCESS might become
ACCESS.24APR-04AM
You can archive log files immediately or have the server archive log files at a
specific time on specific days. This information is stored in /NOVONYX/
SUITESPOT/https-servername/LOGS.
Before running the log analyzer, you should archive the server logs.
servername > Server Status > Archive Log.

The Archive Log Files form appears.
To rotate the log files immediately, click Archive.
To archive at specific times on specific days, click Rotate Log At,

select a time from the drop-down menu, and check the days for
archiving to occur.
3 Click OK.
Monitoring Current Web Server Activity

You can monitor your servers usage with the Monitor Current Activity page.
You can see how many requests your server is handling and how it is handling
these requests. If the interactive server monitor reports that the server is
handling a large number of requests, you might need to adjust the server
configuration or the systems network kernel to accommodate the requests.
servername > Server Status > Monitor Current Activity.

2 Click Monitor Server Activity on Port port_number.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The interactive server monitor reports the totals for the following server
values on a new screen:
Bytes Transferred: Number of bytes the server is transferring
Total Requests: Number of requests the server is handling
Bad Requests: Number of bad requests the server is handling
2xx: Number of status codes ranging from 200 to 299 that the server is
handling
handling
handling
5xx: Number of status codes of 500 and higher that the server is handling
xxx: Total number of 2xx, 3xx, 4xx, and 5xx status codes the server is
handling minus time-outs and other errors that returned an HTTP status
code
200: Number of successful transactions the server is processing
302: Number of relocated URL status codes the server is processing
304: Number of requests for which the server tells the client to use a local
copy of a URL instead of retrieving a newer version from the server
401: Number of unauthorized requests the server is handling
403: Number of forbidden URL status codes the server is handling
Working with the Log Analyzer

Use the log analyzer to generate statistics about your server, such as a
summary of activity, most commonly accessed URLs, times during the day
when the server is accessed most frequently, etc. You can run the log analyzer
from the Server Status form or the command line.
Before running the log analyzer, you should archive the server logs. For more
information about archiving server logs, see Monitoring the Server Using
SNMP on page 123.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Running the Log Analyzer from the Server Status Form

servername > Server Status > Generate Report.

2 Enter the name of your server in the Server Name field.
This name appears in the generated report.

3 Select the output typewhether the report will appear in HTML or plain
text format.
4 Select the log file you want to analyze.
5 If you want to save the results in a file, enter an output filename in the
Output File field.

If you leave the field blank, the analyzer prints results on the screen. For
large log files, you should save the results to a file because printing the
output to the screen might take a long time.
6 Select whether to generate the following server statistics:
Total Hits: Total number of hits the server received after access
logging was enabled
304 (Not Modified) Status Codes: Number of times the requesting

client used a local copy of the requested document rather than
retrieving it from the server
302 (Redirects) Status Codes: Number of times the server redirected

to a new URL because the original URL moved
404 (Not Found) Status Codes: Number of times the server couldnt
find the requested document or the server didnt serve the document
because the client was not an authorized user
500 (Server Error) Status Codes: Number of times a server-related

error occurred
Total Unique URLs: Number of unique URLs accessed after access

logging was enabled
Total Unique Hosts: Number of unique client hosts who have

accessed the server after access logging was enabled
Total Kilobytes Transferred: Number of kilobytes the server

transferred after access logging was enabled

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
7 Select whether to generate the following statistics:
Top Number of One-Second Periods: Number of one-second periods

during which requests were highest
Top Number of One-Minute Periods: Number of one-minute periods

Top Number of One-Hour Periods: Number of one-hour periods

Top Number of Users: Number of users that accessed your server,

provided that you included this as an item to log when you enabled
access logging
Top Number of Referers: Number of referers that appear in your log

analysis, provided that you included this as an item to log when you
enabled access logging
Top Number of User Agents: Number of user agents that appear in

your log analysis, provided that you included this as an item to log
when you enabled access logging
Top Number of Miscellaneous Logged Items: Number of

miscellaneous logged items (request method, the URI, and the URI
query) that appear in your log analysis (provided that you included
this as an item to log when you enabled access logging)
To enable access logging, see Setting Log Preferences on page 116.

8 Select whether to generate a list of the following server access statistics:
Most Commonly Accessed URLs: The most commonly accessed

URLs or URLs that were accessed more than a specified number of
times
Hosts Most Often Accessing Your Server: The hosts most often
accessing your server or hosts that have accessed your server more
than a specified number of times
9 Enter the order in which you want to see the results in the Output order
field.
10 Click OK.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Running the Log Analyzer from the Command Line

To analyze access log files from the command line, run the FLEXANLG tool,
which is in EXTRAS/FLEXANLG in your server root directory.
To run FLEXANLG, enter the following command and options at the
command prompt:
flexanlg [ -P ] [-n name] [-x] [-r] [-p order] [-i file]* [ m metafile ]* [ o file][ c opts] [-t opts] [-l opts]
The following describes the syntax. (You can get this information online by
entering flexanlg -h at the command prompt.)
-P: proxy log format
Default:
-n servername: The name of the server
-x : Output in HTML
Default:
-r : Resolve IP addresses to hostnames
Default:
-p [c,t,l]: Output order (counts, time stats, lists) Default:
-i filename: Input log file(s)
Default:
-o filename: Output log file
Default:
-m filename: Meta file(s)
Default:
-c [h,n,r,f,e,u,o,k,c,z]: Count these item(s) Default:
h: total hits
n: 304 Not Modified status codes (Use Local Copy)
r: 302 Found status codes (Redirects)
f: 404 Not Found status codes (Document Not Found)
e: 500 Server Error status codes (Misconfiguration)
u: total unique URL's
o: total unique hosts
k: total kilobytes transferred
c: total kilobytes saved by caches
z: Do not count any items.
-t [sx,mx,hx, xx,z]: Find general stats - Default:s5m5h24x10
s(number): Find top (number) seconds of log
m(number): Find top (number) minutes of log
h(number): Find top (number) hours of log
u(number): Find top (number) users of log
a(number): Find top (number) user agents of log
r(number): Find top (number) referers of log
x(number): Find top (number) for miscellaneous keywords
z: Do not find any general stats.
-l [cx,hx]: Make a list of Default:
c(x,+x): Most commonly accessed URLs
(x: Only list x entries)
(+x: Only list if accessed more than x times)
h(x,+x): Hosts (or IP addresses) most often accessing your
(x: Only list x entries)
(+x: Only list if accessed more than x times)
z: Do not make any lists

103-000133-001
August 29, 2001
Novell Confidential
no
no
no
ctl
none
stdout
none
hnreuokc
c+3h5
server
Manual
99a
38
July 17, 2001
Monitoring the Server Using SNMP

You can monitor your server in real time by using the Simple Network
Management Protocol (SNMP). SNMP is a protocol used to exchange data
about network activity. With SNMP, data travels between a managed device
and a network management station (NMS) where users remotely manage the
network.
A managed device is anything that runs SNMP (for example, hosts or routers).
Your Novell Enterprise Web Server is a managed device. An NMS is usually
a powerful workstation with one or more network management applications
installed. A network management application graphically shows information
about managed devices (which device is up or down, which and how many
error messages were received, etc.).
Every managed device contains an SNMP agent that gathers information
regarding the network activity of the device. This agent is known as the
subagent. Each Web server has a subagent.
Another SNMP agent exchanges information between the subagent and NMS.
This agent is called the master agent. A master agent runs on the same host
computer as the subagents to which it talks. You can have multiple subagents
installed on a host machine. All of these subagents can communicate with the
master agent.
Values for various variables that can be queried are kept on the managed
device and reported to the NMS as necessary. Each variable is known as a
managed object, which is anything the agent can access and send to the NMS.
All managed objects are defined in a management information base (MIB),
which is a database with a tree-like hierarchy.
How SNMP Works

SNMP exchanges network information in the form of protocol data units
(PDUs). PDUs contain information about various variables stored on the
managed device. These variables, also known as managed objects, have
values and titles that are reported to the NMS as necessary. Communication
between an NMS and managed device can take place in one of two forms:
NMS-initiated and managed-device-initiated.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NMS-Initiated Communication
NMS-initiated communication is the most common type of communication

between an NMS and a managed device. In this type of communication, the
NMS either requests information from the managed device or changes the
value of a variable stored on the managed device.
The following steps make up an NMS-initiated SNMP session:
1. The NMS searches the servers MIB to determine which managed
devices and objects need to be monitored.
2. The NMS sends a PDU to the managed devices subagent through the
master agent. This PDU either requests information from the managed
device or tells the subagent to change the values for variables stored on
the managed device.
3. The subagent for the managed device receives the PDU from the master
agent.
4. If the PDU from the NMS is a request for information about variables, the
subagent gives information to the master agent and the master agent sends
it back to the NMS in the form of another PDU. The NMS then displays
the information textually or graphically.
If the PDU from the NMS requests that the subagent set variable values,
the subagent sets these values.
Managed-Device-Initiated Communication
This type of communication occurs when the managed device needs to inform
the NMS of an event that has occurred. A managed device such as a terminal
would initiate communication with an NMS to inform the NMS of a shutdown
or startup. Communication initiated by a managed device is also known as a
trap.
The following steps make up a managed-device-initiated SNMP session:
1. An event occurs on the managed device.
2. The subagent informs the master agent of the event.
3. The master agent sends a PDU to the NMS to inform the NMS of the
event.
4. The NMS displays the information textually or graphically.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The Enterprise Web Server MIB

Each Enterprise Web Server has its own management information base (MIB).
The Enterprise Web Servers MIB is a file called HTTP.MIB, which contains
the definitions for various variables pertaining to network management for the
Enterprise Web Server. These variables are known as managed objects. Using
the Enterprise Web Server MIB and network management software, such as
HP* OpenView*, you can monitor your Web server like all other devices on
your network.
The Enterprise Web Server MIB has an object identifier of netscape 1 (http
OBJECT IDENTIFIER : := { netscape 1 }) and is located in the
server_root\PLUGINS\SNMP\MIBFILES\NETWARE directory.
You can view administrative information about your Web server and monitor
the server in real time using the Enterprise Web Server MIB. The following
table lists and describes the managed objects stored in the HTTP.MIB.
Table 6
HTTP.MIB Managed Objects and Description
Managed Object
Description
httpEntityDescr
Description of the server (includes operating system information)
httpEntityId
Enterprise subtree for vendors (for example, the MIB has an object identifier
of 1.3.6.1.4.1.1450)
httpEntityProtocol
HTTP version number
httpEntityVersion
Server software version number
httpEntityOrganization
Organization responsible for the server
httpEntityLocation
Full path for the server
httpEntityContact
People responsible for the server and contact information
httpEntityAddress
IP address of the machine the server is running on
httpEntityPort
Port number that the server is listening on
httpEntityName
Servers identifier name (for example, server2.a.com)
httpEntityType
Type of server
httpEntityMethods
Methods supported by the server (for example, GET, POST, PUT)

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Managed Object
Description
httpEntityMaxProcess
Maximum number of active processes on the server
httpEntityMinProcess
Minimum number of active processes on the server
httpEntityMaxThread
Maximum number of active threads on the server
httpEntityMinThread
Minimum number of active threads on the server
httpStatisticsPort
Port number that this server is listening on
httpStatisticsAddress
IP address that this server is bound to
httpStatisticsStatus
Server status (up or down)
httpStatisticsNum
ProcessIdle
Number of idle threads
httpStatisticsNum
ProcessProc
Number of threads that are processing requests
httpStatisticsNum
ProcessDns
Number of threads resolving hostnames
httpStatisticsRequests
Number of requests received and generated
httpStatisticsRequest
Error
Number of request errors detected
httpStatisticsIn
Unknowns
Number of unknown messages received/generated
httpStatisticsInBytes
Number of bytes received
httpStatisticsOutBytes
Number of bytes sent by the server
httpStatisticsTimeOut
Number of times the server timed out
httpStatisticsProcess
Num
Number of running processes
httpStatisticsThreadNum
Number of threads running
httpStatisticsNumBytes
Number of bytes sent by the server
httpStatisticsNum2xx
Number of 200-level status requests handled by the server

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Managed Object
Description
httpStatisticsNum200
Number of 200 (Transfer OK) requests
Number of 302 (Moved Temporarily) requests
Number of 304 (Not Modified) requests
Number of 401 (Unauthorized) requests
Number of 403 (Forbidden) requests
For Additional Information

For additional information about the Enterprise Web Server, visit Netscape
DevEdge* (http://developer.netscape.com/docs/manuals/doclist.html).

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38

103-000133-001
August 29, 2001
Novell Confidential
July 17, 2001
Manual
III
99a
38
July 17, 2001
Introducing NetWare Web Search

Server
Make your data searchable in minutes! From simple search solutions to
complex, revenue-generating search services, NetWare Web Search bridges
all types of networksfrom file servers, to intranets, extranets, and the
Internetby bringing critical information to busy people. It is one of the
industrys fastest and most accurate search engines available today.
Upon completing this section, you should know what Web Search can do for
you and how to customize all of the search templates and plan and deploy
enterprise-wide search solutions and services.
Introducing NetWare Web Search Server 129

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38

103-000133-001
August 29, 2001
Novell Confidential
July 17, 2001
Manual
11
99a
38
July 17, 2001
Introducing NetWare Web Search

Server
NetWare Web Search Server offers a powerful full-text search engine you
can use to add search capabilities to your Internet or intranet Web sites.
Compatible with the NetWare Enterprise Web Server, you can create custom
search forms and search result pages either from scratch or by using the
templates provided with NetWare Web Search Server.
With NetWare Web Search Server, you can
Search across multilanguage search sites from a single interface.
Host search services for one or more companies or organizations.
Print large collections of dispersed but related files as a single, coherently
organized document.
Customize the look and feel of search and print results and error and
response messages for each language (or collectively).
Create themes that allow customized templates for each search scenario,
such as a departmental intranet site or a corporate Internet site, each
requiring a custom look and feel.
To conduct searches in multiple languages, NetWare Web Search Server
requires a browser capable of sending search criteria as UTF-8 or Unicode
strings.
How NetWare Web Search Works

Understanding how Web Search handles searches can help explain the role of
templates, variables, and parameters in Web Search. One of the great benefits
of Web Search is the simplicity of customizing it to meet your needs or the
needs of your clients.
The following figure shows what happens when users submit words through
the search template and how Web Search then handles the words to generate
and display search results.

103-000133-001
August 29, 2001
Novell Confidential
Manual
Figure 4
99a
July 17, 2001
38
How NetWare Web Search Handles a Search String
1 Search Form
Search_Site/Index/
Index_File.idx
URL 1
URL 2
URL 3
...
4 Search Result List
3
. . . /Templates/
SearchResultListTemplate.html
<HTML>
<Head>
<I>Time to Search:</I>
$$SearchTime
In this diagram, the user (1) enters a search string such as NetWare 6. The
search string is then searched for in the index file on the Web Search Server
(2). If the search string is located, the Uniform Resource Locators (URLs) and
document titles and descriptions are passed on to the search results template
(3) and displayed to the user (4). The information that is displayed is
determined by the variables included in the search results template, which
means that you can modify what information is actually returned to the user
by adding or removing Web Search variables from the template.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Components of a Search Site

Typically, a search site consists of the following components:
Indexes
Log files
Search and print templates
Scheduled events
A search site name and (optionally) alias
Each of these components are managed through the NetWare Web Search
Manager, which is accessed using a Web browser.
Unlike other search services software, Web Search lets you create search
services that span multiple search sites.
HINT: With Web Search, you can create a duplicate index in each search site that
points to the same index directory. In this manner, all Search Sites can search the
same index in addition to their own indexes.
General Architecture of Web Services

The general architecture of a Web search service is depicted in the following
diagram.
Figure 5
Search Service Architecture
User enters
search query on
www.digitalairlines.com.
2
ISP hosting
www.digitalairlines.com sends query
to Web Search Server.
4
User clicks a search
result to retrieve document from
www.digitalairlines.com.
3
Web Search Server
sends search results list
to user.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
In Figure 5, the user enters a search query in a search form found on

www.digitalairlines.com (1 and 2). When the user clicks the Search button, the
query is sent behind the scenes to the NetWare Web Search Server (3), which
processes the query using index files that were created using the Web Search
Manager.
Web Search then compiles the results of the search into an HTML template,
which could be modified to match the look and feel of
www.digitalairlines.com, and returns them to the users Web browser (4).
When users click a search result link to view the content, they are taken to that
content, whether it is hosted on www.digitalairlines.com or some other Web
site.
Building a Search Site

Using NetWare Web Search Manager, you define a new search site and then
index data found on your NetWare server or content found on any intranet or
Internet Web site that can then be searched using the NetWare Web Search
Server.
Building a search site involves four fundamental tasks:
1. Planning your search site, which includes identifying what will be
searched and how to optimize your search solution based on the content
to be searched.
2. Defining a new search site using Web Search Manager.
3. Building one or more indexes for your search site.
4. Testing your new search site using the default search form and the search
and print result templates.
After completing the first task of planning your site (see Chapter 13,
Planning Your Search Service, on page 139), use the NetWare Web Search
Manager to complete the remaining tasks. The following figure illustrates
these tasks.

103-000133-001
August 29, 2001
Novell Confidential
Manual
Figure 6
38
July 17, 2001
Steps to Creating a Search Site
2
1
99a
Plan your search

site.
Define your search

site.
Build your indexes.
Use NetWare Web

Search form to
perform test
searches.
Repeat this process for each new search site you want to add. A search site can
include files located in one or more directories on a file server, or files located
in one or more directories on a Web server.
Indexing a Web server (or Web site) involves a process known as crawling.
The Web Search Server begins indexing files on a Web server at the directory
level you specify and continues to index along hypertext links until reaching
a dead-end, which occurs when either a linked file cannot be found or when
there are no more links defined.
Accessing NetWare Web Search Manager

NetWare Web Search Manager is the tool you use to create and manage search
sites and their associated indexes.
To run NetWare Web Search Manager, do the following:
1 Type https://domainname:portnumber in your Web browsers
address field, where portnumber is the port number of NetWare Web

Manager and press Enter.
HINT: You must use the HTTPS protocol because NetWare Web Search Manager
uses Secure Sockets Layer (SSL). You can disable encryption from the Admin
Preferences page of NetWare Web Manager (see Securing Web Manager on
page 33).
2 Under NetWare Web Search Server, click the servername link, where
servername is the name of your NetWare Web Search Server.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Taking a Test Run

When you install NetWare Web Manager, the contents of the /searchroot/
DOCS directory located at the root of your servers SYS: volume is indexed
automatically. After restarting your server upon completion of the install, Web
Search Server then automatically performs a crawl of your NetWare Web
Servers /DOCS root directory.
Once you start the Enterprise Web Server, you can open the search page using
your Web browser and perform a search on the contents of the /searchroot/
DOCS directory.
To test NetWare Web Search, do the following:
1. Type http://domainname/novellsearch in your Web
browsers address field and press Enter.
IMPORTANT: The URL is case sensitive. Use the exact case shown above.
2. Type NetWare in the Search field > press Enter.

TOOL TIP The Search form template, SearchTemplate.html, is stored on
your SYS: volume at /searchroot/TEMPLATES. See Customizing Your Web
Search Solution on page 136 for information about how to customize
templates.
Customizing Your Web Search Solution

Once youve defined one or more search sites and created indexes for them,
you can customize your Web Search solution by modifying the default search
form and result and print templates, or by creating a new search solution from
scratch using the variables and parameters described in Chapter 18, Working
with Template Variables and Search Parameters, on page 191.
For more information about modifying the default search form and the search
and print templates to create your own custom search solution, see Chapter 17,
Customizing Your Search Solutions, on page 185.
For more information about building a professional search service, see
Chapter 13, Planning Your Search Service, on page 139.

103-000133-001
August 29, 2001
Novell Confidential
Manual
12
99a
38
July 17, 2001
Whats New with the NetWare Web

Search Server
Since its release in NetWare 5.1, NetWare Web Search Server has been
significantly enhanced with new features and improved usability.
Most significant is the ability to host multiple search sites on your server,
allowing you to create revenue-generating search services or enterprise search
solutions for multiple, independent organizations, departments, or companies
(see Chapter 13, Planning Your Search Service, on page 139).
Search speed, added search parameters and variables for fine-tuning searches,
and embedded documentation in the administrators interface are just a few of
the enhancements and new features included in NetWare Web Search Server.
The following list highlights key new features and enhancements to NetWare
Web Search Server included with NetWare 6:
Takes advantage of NetWare 6 multi-processor (MP) capabilities
Faster indexing and searching, including faster multiword searches and
the ability to crawl several indexes simultaneously
Support for hosting professional search services by letting you create and
manage multiple search sites simultaneously
Support for user-specified languages by displaying search and print
template pages in whatever language users specify in their Web browsers
language preferences
Support for the NetWare Cluster environment, including cluster-save and
active-passive failover
Support for user accessibility
More powerful and easier-to-use Web Search Manager
Increased control over the indexing process by letting you control what is
indexed, including the ability to index only portions of documents by
skipping repetitive sections such as headers, footers, and navigation bars
Improved support for the following file formats: QuattroPro*,
PowerPoint*, RTF, XML, HTML, TXT, and Word*
Support for XML, which significantly improves search results by
enabling Web Search to search only titles of documents, meta tags, etc.
Whats New with the NetWare Web Search Server

103-000133-001
August 29, 2001
Novell Confidential
137
Manual
99a
38
July 17, 2001
Search and print templates redesigned for an enhanced look and feel
New template debugging feature that displays all errors related to
information that is sent or received by a template
Date-based sorting that searches for results according to user-specified
dates
Enhanced search functions, including the ability to search for a specific
filename, path, URL, or file extension, which can be used when you know
the name or path to a specific fileor used to restrict or filter your
searches
Improved operators and parameters for use in generating more accurate
search results

103-000133-001
August 29, 2001
Novell Confidential
Manual
13
99a
38
July 17, 2001
Planning Your Search Service

Whether you are an Internet Service Provider (ISP), an Application Service
Provider (ASP), a Web Presence Provider (WPP), or needing to add search
functionality to your department, company or organization, NetWare Web
Search's new search site hosting features make it easy to host search services,
big or small.
However, Web Search is a search service designed for individual Web sites. It
is not intended to index the entire Internet. But because many Web sites are
comprised of multiple Web servers located across an enterprise, Web Search
was designed to be able to index hundreds, even thousands, of Web sites as
part of a single search solution.
In addition to enterprise search solutions, Web Search can also be set up to
host multiple, independent search sites in an ASP/ISP environment, all from a
single NetWare 6 server. (See Becoming a Search Service Host on page
141.)
This chapter provides suggestions for creating a search service that fits your
particular needs and circumstances. If you are interested in hosting
professional search services, you might want to read the section Becoming a
Search Service Host on page 141.
Search Site Components

A search site typically contains its own indexes, log files, administration
interface, search and print templates, scheduled events, site name, and an
optional alias.
Providing search services involves creating one or more search sites.
A search site is a fully functioning, self-contained search service created for a
particular audience, such as a department, organization, or a specific group of
customers.
Users cannot search more than one search site at a time. A search site typically
contains its own indexes, log files, administration interface, search and print
results pages, and scheduled events. Each search site is given a unique name
and an optional alias name.
Planning Your Search Service 139

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Taking the time to plan your search service strategy can save you time and
money and improve the quality of your service.
When you create a new search site, you create an independent search service,
meaning that it is self-contained and doesnt depend on , or interact with, other
search sites.
Each search site that you create typically contains one or more of the
Indexes: Files that hold key words and associated URLs of Web sites or
file server content that have been indexed, or crawled.
Themes: When applied, a theme instantly adds a common look and feel to
your search page, search and print results pages, and response and error
message pages.
Search and Print Results Templates: Templates that become populated
with the results of a search and then are displayed to the user. Depending
on which templates are used, the level of detail displayed in search and
print results varies.
Scheduled Events: Index management, such as updating or regenerating,
can be automated to occur at specific intervals using the Scheduling
feature.
Deciding If You Need More Than One Search Site

To determine if you need more than one search site, answer the following
questions:
Do you want to host search services for multiple, independent
organizations?
Do you want to consolidate multiple NetWare 5.1 Web Search servers
onto a single machine?
Do you need to prevent users from being able to search across multiple
indexes at the same time?
If you answered yes to any of these, you will likely need to create more than
one search site. For information about creating search sites, see Chapter 14,
Creating and Managing Search Sites, on page 145.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Becoming a Search Service Host

Companies who want customers to find information about their products
outsource this functionality to search service companies to make their
information searchable.
With NetWare Web Search Server, you can offer professional search services
to other companies. Using a single installation of Web Search, you can host
several search sites simultaneously, which means that you could use the same
server to offer search services to several customer Web sites.
HINT: The version of Web Search included with NetWare 6 allows only three
search sites. If you are interested in hosting more than 3 search sites, contact your
Novell sales representative.
For example, suppose you built a corporate Intranet for a company called
Digital Airlines (www.digitalairlines.com), and an extranet for a company
called StudioBrand (www.studiobrand.com). Each of these sites are hosted by
different Web Presence Providers (WPP) in different locations. In both cases,
the sites are created and maintained by Web design companies who work
closely with the WPP.
You offer to handle the search features of both sites. First, you send each Web
design company a few lines of HTML code that displays a basic search form
that includes a search field and related search buttons and instruct them to
place the code wherever they want the search form to appear on the Web sites.
They might use include technology (e.g. server-side includes) to integrate the
search form throughout the Web sites hundreds of HTML pages.
While the Web design companies implement the search forms, you use Web
Search Manager to define the search sites and then to index each Web site.
Both Web sites contain links out to other Web sites that host related content.
Web Search follows those links, too.
Digital Airlines is a very large Web site and is graphic intensive, so you
configure Web Search to ignore certain file types, such as GIF or JPG files. In
addition, you know that the Digital Airlines Web site contains a very thorough
site index, sometimes called a site map, that would serve as an ideal starting
point for Web Search to begin crawling while it generates a site index. So you
enter a starting URL into NetWare Web Manager that points at the site index,
which you know will also improve the quality of search results.
StudioBrand hosts a lot of PDF documents. In fact, PDF files are critical to
StudioBrand customers and so you want to be sure to include PDF as a file
type to be indexed. In addition, there is a significant amount of important text-

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
based information that is separate from the purpose and intent of the PDF files
and they belong to the companys sales department. So you decide to create a
separate index for the sales department.
After working in Web Search Manager, you have created two search sites and
compiled several indexes. You also take a few minutes to set up an update
schedule by which Web Search will automatically generate the indexes in
order to keep them up to date with new information added by both companies
to their Web sites.
After the search sites have been defined, the indexes have been generated, and
the ISPs have added the search forms, customers begin to search each site.
After entering a few keywords, customers click the search button. Behind the
scenes, the keywords are passed across the Internet to your server where
NetWare Web Search Server is installed.
Web Search matches the keywords to keywords found in the indexes you
created. Web Search returns a newly populated template, designed to match
the look of each of the client Web sites, with an ordered list of hits that are
dynamically linked back to the actual data and files that were indexed and that
are hosted on the ISPs servers.
The ISPs are happy about the relief to their servers system resources because
the search processes were handled by Web Search on your server. Digital
Airlines and StudioBrand are pleased because more customers are finding
what they need faster and are happier customers. And you are happy because
you have created residual income by providing a valuable service to your
customers.
Using Web Search in a Clustered Environment

NetWare Web Search Server can be installed in a cluster-safe, active-passive
failover environment.
To install Web Search into a clustered environment, you must do the
following:
Install Web Search to your SAN storage device (or any other mountable,
shared devices) through each server in your cluster. This is so that the
Enteprise Web Server running on each server in your cluster will get
configured to work properly with Web Search. Regardless of how you do
it, all servers in the cluster must have Web Search installed on them.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Ensure that the installation is identical, meaning that installation

directories and install options are identically matched.
Create a search site using the DNS name and IP address of your SAN
device.
Because Web Search can be installed on any mounted volume, you should
install all of Web Search (software and indexes) onto the shared storage
device. In this way, Web Search on both server A and server B will read its
properties, configuration, template, and index files from the same shared
volume.
For more information about clustering, see Novell Cluster Services Overview
and Installation.
Getting Started
Once you have thought out your search service strategy, you can begin
creating and defining your search sites by referring to Chapter 14, Creating
and Managing Search Sites, on page 145.
To learn more about customizing your search service, start by reading Chapter
16, Understanding Templates, on page 177. If you are already familiar with
Web Search and its search and print templates, you might want to skip to
Chapter 18, Working with Template Variables and Search Parameters, on
page 191.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38

103-000133-001
August 29, 2001
Novell Confidential
July 17, 2001
Manual
14
99a
38
July 17, 2001
Creating and Managing Search Sites

This chapter provides detailed information about how to create and manage
your search sites using NetWare Web Search Manager.
About Search Sites

By definition, a search site is a collection of one or more indexes and their
related configuration files. Indexes are at the heart of a search site. An index
is an optimized binary file that contains keywords found in documents hosted
on a Web or file server. Indexes are used by Web Search to return search
results to users Web browsers.
HINT: Web Search allows you to create up to three search sites. However, using
the enterprise version of Web Search (not included with NetWare 6), you can
create as many search sites as your server resources will allow.
For more information, contact your Novell resaler and ask how you can get the
enterprise version of the NetWare Web Search Server.
Before creating search sites, particularly large or mission-critical ones, you

should carefully plan how to configure your search services. A search site that
will be used by a small to medium department in a company requires different
planning than a search site that will serve thousands of customers on an
Internet site.
For information about how to plan an effective search service, see Chapter 13,
Planning Your Search Service, on page 139.
Creating a Search Site

Once you have carefully planned your search service, you can start creating
and configure search sites, and then begin adding indexes to them.
1 From the Web Search Manager Global Settings page, click Add New Site.
2 In the Site Name field, enter a new site name, which is typically the DNS
or domain name of your server.

For more information about site names, see Naming a Search Site on
page 146.
Creating and Managing Search Sites 145

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
3 In the Site Alias field, enter a site alias name, which is typically the IP
address of your server.

See Using the Site Alias on page 147 for more information about
aliases.
4 In the Store Site Files At field, enter the path to where you want the index
and configuration files to be stored.

HINT: You can store the files on any volume on the server where Web Search is
installed, but not on other servers.
5 Click Create.
Naming a Search Site

When a user sends a search query to the Web Search Server, Web Search must
determine which of all of your search sites it should use to handle the
incoming search request.
Web Search uses two methods for determining this:
1. Matching the domain name of the search query with the search site names
available in Web Search
2. Using the SITE=searchsitename query parameter to find matching search
site names
For example, in the following search request, Web Search uses the domain
name search.domainname1.com as the name of the search site:
http://search.domainname1.com/NSearch/SearchServlet?query=find+something
This approach requires that your server be set up to recognize the domain
name search.domainname1.com. Most servers can be set up to recognize and
service multiple domain names in both software and hardware virtual server
configurations (see Setting Up Multiple Web Servers on page 71).
You could also use an IP address to designate the search site. For multiple
search sites, this approach would work only in a hardware virtual server
configuration where each search site has its own unique IP address.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Hosting Multiple Search Sites Using One DNS Name
If you are hosting a search service for two or more customers, you can name
each search site according to the organization or company name of each
customer and then use the &site query parameter when handling search
queries. One of the advantages of using the &site query parameter is that it
allows you to use a single DNS name.
For example, suppose your server's URL was searchit.novell.com. If you were
setting up search services for a company called Digital Airlines and another
company called DemoCity, you could host both services on your single server
and then simply include the &site=digitalairlines and &site=democity query
parameters within the search forms found on www.digitalairlines.com and
www.democity.com.
Queries would be sent from the search forms on each site to the following
URLs:
http://searchit.novell.com/NSearch/SearchServlet?site=digitalairlines
and
http://searchit.novell.com/NSearch/SearchServlet?site=democity
Using the Site Alias

When defining a search site, you are required to give it a site name. But Web
Search administrators can also define an alias that can be used when
identifying a specific search site during a search request.
An alias name typically follows one of two conventions:
1. An IP address: This could be used either in the domain name portion of
a URL or be included in a search query using the &site query parameter.
Using an IP address in place of a domain name to select a search site only
works in a hardware virtual server configuration where each search site
has its own unique IP address.
2. Any other numeric or textual value that can be passed as the value of the
&site query parameter.
For most search sites, the best choice for a site name and site alias is the Web
servers domain name and IP address.
For more information about creating software and hardware virtual servers on
the NetWare Enterprise Web Server, see Setting Up Multiple Web Servers
on page 71.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Storing Site Files

Site files include a set of index and configuration files for each search site.
When you create a new search site, you can specify where you want site files
to be stored, or you can accept the default path which is determined by where
you installed the NetWare Web Search Server.
Site files can be stored on any volume visible to the NetWare server that Web
Search is installed on, regardless of which volume your Web Search Server is
installed on. This includes SAN storage device volumes.
Creating Site Indexes

Web Search creates two types of indexes:
Crawled: Created as Web Search follows (or crawls) hypertext links until
it reaches a dead end. Web Search can crawl one or more Web sites,
specific areas of a Web site, or specific URLs, even down to a specific
filename.
File System: Created as Web Search indexes content on a file server. Web
Search can index one or more paths on multiple volumes, including
Storag Area Network (SAN) storage devices.
Similarly, there are two forms you can use to create an index: Define Crawled
Index, and Define Crawled Index (Advanced).
Define Crawled Index is the standard form for creating either a crawled or file
system index. But the Define Crawled Index (Advanced) form offers more
options than the standard form, including options that override default search
site settings. Both methods are described below.
Searching across Multiple Indexes

Web Search can search across multiple indexes within a single search site.
However, searching a single index is generally faster than searching across
multiple indexes.
HINT: While you can search across multiple indexes within a single search site,
you cannot search across multiple search sites.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Restricting Search Results to Specific Areas
You can restrict search results to specific areas of your file or Web server in
the following ways:
Using multiple indexes and using the &collection=index_name query
parameter.
Using a single index, restrict results to certain URL paths using the
&filefilter=path query parameter.
Using a single index, restrict results to certain values in document fields
by including /fieldname=value with either the query=value or
filter=value search parameters.
HINT: Using the last option requires that indexed documents contain summary
fields such as META tags. This option works for almost any file format that contains
document summary fields, including HTML, XML, PDF, Word*, and WordPerfect*.
For information about preventing Web Search from indexing specific content,
see Excluding Documents from Being Indexed on page 169.
Defining a New Crawled Index

Using the Define Crawled Index Page
1 From the Web Search Manager Global Settings page, click Manage in the
row of the site that you want to work with.

2 Under Define a New Index, click New Crawled Index > Define Index.
3 In the Index Name field, enter a name for your index.
A name can be a word, phrase, or a numeric value. If the site you are
working on contains, or will contain, a large number of indexes, you
might want to utilize a numbering scheme to help you manage multiple
indexes more effectively.
4 Under Web Sites to Crawl, type the URL of the Web site that you want
indexed.
You can enter just the URL, such as www.mycompany.com, or you can
also append a complete path, down to the file level, such as
www.mycompany.com/path/index.html.
5 If desired, add another URL.
6 To add additional URLs, click Add More URLs.
7 Click Apply Settings.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Using the Define Crawled Index (Advanced) Page
The Define Crawled Index (Advanced) page offers some additional options
beyond those available in the standard Define Crawled Index page. Changes
made using this page will override default search site settings.

3 On the Define Crawled Index page, click Advanced Index Definition.
4 In the Index Name field, enter a name for your new index.
5 In the Index Description field, enter an optional description of the index
to be created.
6 Under Web Sites to Crawl, enter the URL of the Web site to be indexed.
HINT: If you enter a filename at the end of the URL, then just that file will be
indexed.
7 In the Subdirectories to Exclude text box, type the directories that you
want Web Search not to index.

For example, /marketing or /sales/doc.
8 To direct Web Search to include or exclude specific file types, click
Extensions to Include or Extensions to Exclude and then enter the

extensions, separating each one with a single space, such as HTM PDF
TXT.
9 To add additional URLs, click Define More Web Sites.
10 To delete a URL, click Remove Web Site.
11 In the Additional URLs text box, enter any other URLs that you want
indexed.
For example, www.mycompany.com/marketing.
This allows you to specify additional pockets of information found on
other Web sites, but not include all of the content of those sites to your
searches.
HINT: When Web Search encounters links found in the pages of Additional URLs
that point to pages specified in Web Sites to Crawl, Web Search follows those
links. All other links that go outside of Web Sites to Crawl are not followed.
12 Under Additional Settings, enter the absolute path to where you want the
index files stored in the Location of Index Files field.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
For example, volume:\searchroot\sites\mysites.

By default, index files are stored at
volume:\searchroot\sites\default\indexes\.
HINT: Changes made to Additional Settings override Default Site Settings.
13 From the Encoding (If Not in META Tags) drop-down list, select the
encoding to be used by files being indexed that do not contain an

encoding specification.
14 In the Maximum File Size to Index field, enter the maximum file size
(in bytes) that Web Search should index.
Files exceeding this size will not be indexed and therefore, will not be
included in search results.
15 In the Maximum Time to Download a URL field, enter a number (in
seconds) before Web Search automatically cancels the indexing of a site.

16 To direct Web Search to pay attention to case of filenames and directory
names, click Yes next to URLs are Case Sensitive.

17 To direct Web Search to crawl dynamic content (URLs containing the
question mark [?]), click Yes next to Crawl Dynamic URLs.

Once you define an index, you must generate it to make it searchable. See
Generating Indexes on page 153.
Defining a New File System Index

Using the Define File System Index Page

2 Under Define a New Index, click New File System Index > Define Index.
3 In the Index Name field, enter a name for your index.
4 In the Server Path to be Indexed field, enter the absolute path to the folder
containing the information that you want indexed.

For example, SYS:\SALES\REPORTS.
5 In the Corresponding URL Prefix field, enter the URL that should be used
by the search results page to access the individual files.

For example, /SALES.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
HINT: For information about defining a URL prefix in the NetWare Enterprise Web
Server, see Setting Additional Document Directories on page 62.
6 To add additional paths, click Add More Paths.

Using the Define File System Index (Advanced) Page

3 On the Define File System Index page, click Advanced Index Definition.
4 In the Index Name field, enter a name for your new index.
5 In the Index Description field, enter an optional description of the index
to be created.
6 In the Location of Index Files field, enter the absolute path to where you
want the index files stored.

For example, SYS:\NSearch\sites\mysites.
By default, index files are stored at volume:\searchroot\sites\site_name\
indexes\.
encoding to be used when indexeing files that do not contain an encoding

specification.
For example, HTML files can specify their encoding with a Content-Type
META tag.
8 In the Maximum File Size to Index field, enter the maximum file size
(in bytes) that Web Search should index.
Files exceeding this size will not be indexed and therefore, will not be
included in search results.
9 Under Path Information, type the absolute path to the folder containing
the information that you want indexed in the Server Path field. For
example, SYS:\SALES\REPORTS.
10 In the Corresponding URL Prefix field, enter the URL that should be used
by the search results page to access the individual files.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
For example, /SALES.

HINT: For information about defining a URL prefix in the NetWare Enterprise Web
Server, see Setting Additional Document Directories on page 62.
11 To exclude specific subdirectories from being indexed, enter their relative
paths in the Subdirectories to Exclude field.

12 To direct Web Search to include or exclude specific file types, click
Extensions to Include or Extensions to Exclude and then type the

extensions, separating each one with a single space, such as HTM PDF
TXT.
13 To add additional paths, click Define More Paths.
14 To delete a path, click Remove Path.
Generating Indexes
Once you define an index, you must generate it before it can be used for
searching. Generating an index is the actual process where Web Search Server
examines file server or Web server content, gathers keywords, titles, and
descriptions and then includes them in the index.

2 Click Generate in the Action column of the index that you want to work
with.
The Active Jobs screen indicates the status of the current indexing job.
When there is no current index job, the status page will read No
indexing jobs are currently running or defined.
3 To cancel the current indexing jobs, click Cancel in the Status column.
You can direct Web Search to automatically update your indexes on specific
dates and at specific times by scheduling events. For more information, see
Automating Site Management on page 155.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Managing Existing Index Files

Once created, an index can then be edited or deleted. You can also view an
indexs log file. (See Working with the Log File on page 154)
Editing an Index
1 From the indexing Management page, click Edit in the Action column of
the index you want to work with.

2 Make any of the changes you need to and then click Apply Settings.
HINT: If you used the Advanced page to create the index, it will appear
automatically. However, you can also click Advanced Index Definition to make
advanced changes to an index you created using the standard Index Definition
page.
3 If you added new paths or URLs, you should regenerate the index to
include the new content.
Deleting an Index
1 From the indexing Management page, click Delete in the Action column
of the index you want to delete.

2 n the Confirm Deletion of indexname page, click Delete Index to proceed,
or click Cancel Deletion.
Working with the Log File

The log file reports what happened during an indexing job. In addition to
reporting when the indexing job started and stopped, it also lists all files that
were indexed, files that could not be found but were linked to, and even errors
that might have occurred during the indexing process.
The purpose of the log file is to help you identify any errors (and their possible
causes) in performance during an indexing job. Log files reveal what was or
was not indexed, the total number of files that were indexed, and the time that
it took to index. Log files also help you determine what might have caused an
index failure.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
To view an indexs log file, do the following:

1 Click View Log in the Action column of the index that you want to work
with.
2 Review the contents of the log file and then either click your browsers
Back button to return to the indexing Management page, or click

Management in the left frame of the Web Search Manager.
About Indexing Dynamic Web Content

Much of the content on the World Wide Web is static HTML, which means
that after a static Web page is created, it remains the same until someone
updates it. By contrast, many newer Web pages are created by Web
applications, including servlets, Java Server Pages (JSP), Common Gateway
Interfaces (CGI), and Pearl Scripts, and are usually created in response to user
input.
An example of dynamic Web content is an eCommerce Web page where items
to be purchased are stored in a virtual shopping cart, the total cost is updated
as users add or remove items from their shopping cart.
Because the content changes regularly, many search engines dont index
dynamic content.
NetWare Web Search includes the ability to index dynamic content. The URL
of dynamic Web content typically includes a question mark (?). You can direct
Web Search to index these URLs by setting the Crawl Dynamic URLs option
to Yes. You could then create a scheduled event that regenerates the specified
indexes every few minutes.
Automating Site Management

You can eliminate a lot of manual work in keeping indexes up to date by using
Web Searchs index scheduling feature. Because the Web and file content you
have indexed will eventually change, you can direct Web Search to update
your indexes on specific dates and at specific times or intervals.
Adding a Scheduled Event
1 After selecting a search site from the Site List, click Scheduling in the left
frame of Web Search Manager.

2 Click Add Event.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
3 Specify the month, days, days of the week, or time (in hours and minutes)
when you want Web Search to run the event.

HINT: To select multiple dates and times, hold down the Ctrl key and click all of
the items you want added. To select consecutive items, click the first item and then
hold down the Shift key and click the last item.
4 Select the type of operation you want performed on your indexes.
Update: Web Search identifies new content on Web or file servers

and updates the index.
Optimize: Web Search improves searching performance by

removing unnecessary content and making the index file more
compact.
Regenerate: Web Search replaces the existing index with a newly

generated one.
5 In the Perform Operations On column, determine whether you want the
chosen operation performed on all indexes or only on specified ones.

HINT: If you have large indexes, you might consider creating multiple events that
update your indexes at varied times. Doing so will minimize CPU utilization.

Editng or Deleting an Event
1 After selecting a search site from the Site List, click Scheduling in the left
frame of Web Search Manager.

HINT: If no events have been scheduled, refer to the procedure above for adding
a scheduled event.
2 To edit a scheduled event, click Edit in the row of the event you want to
modify.
3 Make the desired changes and click Apply Settings.
4 To delete a scheduled event, click Delete in the row of the event you want
to delete.
5 Click Delete Event to confirm the deletion, or click Cancel Deletion.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Modifying Default Search Site Settings

NetWare Web Search Managers home page displays a list of all search sites
that exist on your Web Search server. This home page is called Global Settings
because the changes you make from this page affect all new sites that you
create, and they also affect the functionality of the search and print servlets
that provide the Web Search services.
For example, if you changed the Default Query Encoding under General Site
Settings > General, any new search sites you create would default to the new
setting.
However, you can override default site settings by using the Advanced index
definition pages when defining indexes for your sites.
General Settings
Changes you make to the query, response, and error log settings affect all
newly created search sites.
To modify general default search site settings, do the following:
1 From the Web Search Manager home page, click General under Default
Site Settings.
2 From the Default Query Encoding drop-down list, select an encoding that
represents the character set encoding that most of your user queries will
use.
3 In the Maximum Query Duration field, enter the maximum number of
seconds before Web Search should end a query, regardless of whether a

search has been completed.
This option is one of several methods for letting you protect your servers
resources from processing potential rogue searches, which are sometimes
intended to harm your service by consuming server resources.
4 Under Response Settings, select an output encoding from the Default
Encoding for Response Pages drop-down list.

This setting specifies the encoding Web Search should use when
responding to user queries using the search and print results templates,
and the error and response messages templates.
5 Enter the maximum number of queries in the Refuse Queries if Potential
Hits Exceed field to cancel the processing of search results that might take
a long time to complete.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
6 In the Maximum Log Size field, enter the maximum size (in bytes) that
Web Search will allow the log file to grow to.

Depending on the number of visitors that you search site hosts, log files
can become large. This setting will protect your systems hard drive
resources.
Default Search Settings

To modify default search site settings for search features, do the following:
1 From the Web Search Manager home page, click Search under Default
Site Settings.
2 Under Query Results Settings, enter the number of search results in the
Default Number of Results to Display field that you want displayed on

each search results page.
For example, if you set this to 25 (which is the default setting) and the
number of hits in a return was 200, Web Search would only return 25 hits
per search results page at a time.
3 Set a limit on the number of results allowed at one time on the results page
by entering a number in the Maximum Number of Results to Display

field.
4 Enter the highest number of search results that can be returned to a user
query in the Highest Allowed Result Number field.

5 Under Template Settings, enter a path to where your Web Search
templates are stored in the Templates Directory field.

HINT: The default path is volume:\searchroot\Templates, but if you have created
custom templates or for some reason want to keep your templates elsewhere,
specify the path here so that Web Search knows where the templates are.
6 From the Default Encoding for Templates drop-down list, select the
character set that your templates are written in.

This value will be used even with templates that do not specify an
encoding. Encodings found in templates that do not match the encoding
you specify here will override this encoding.
7 In the Default Search Page Template field, enter the filename of the
search page template you want to use.

If you have created a custom template and want Web Search to use it as
your search page, enter its name in this field.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
8 In the Default Search Results Template field, enter the filename of the
search results template you want to use.

If you have created a custom search results template and want Web Search
to use it as your default search results page, enter its name in this field.
9 In the Template to Use If No Results Returned field, enter the filename of
the template that Web Search should return if no results are found.
10 In the Template to Use If Error Occurs field, enter the filename of the
template that Web Search should return if there are errors while
processing a users query.
Default Print Settings

To modify default search site print settings, do the following:
1 From the Web Search Manager home page, click Print under Default Site
Settings.
2 Under Print Results Settings, enter the number of print results in the
Default Number of Results to Print field that you want displayed on each
print results page.
For example, if you set this to 25 (which is the default setting) and the
number of hits in a return was 200, Web Search would only return 25 hits
per print results page at a time.
3 Set a limit on the number of results allowed at one time on the results page
by entering a number in the Maximum Number of Results to Print field.

4 Enter the highest number of search results that can be returned to a user
query in the Highest Allowed Result Number field.

5 To limit the size of a print job, specify the largest print job size that Web
Search will allow in the Maximum Print Job Size field.

Any users requesting a print job larger than this value will receive a
message informing them that their request was too large.
HINT: This is a useful feature to administrators who want to keep down the size
of print jobs in their own companies, departments, or organizations.
6 To be notified when a print job exceeds a certain size, enter the print job
size in the Print Job Size field.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
By default, this message is sent using the

ResponseMessageTemplate.html file and is intended as a warning to
users that they are exceeding the allowed print job size. It then asks
prompts the user to confirm the print job before continuing.
7 Under Template Settings, enter a path in the Templates Directory field to
where your Web Search templates are stored.

HINT: The default path is volume:\searchroot\Templates, but if you have created
custom templates or for some reason want to keep your templates elsewhere,
specify the path here so that Web Search knows where the templates are.
8 From the Default Encoding for Templates drop-down list, select the
character set that your templates are written in.

This value will be used even with templates that do not specify an
encoding. Encodings found in templates that do not match the encoding
you specify here will override this encoding.
9 In the Default Print Results Template field, enter the filename of the print
results template you want to use.

If you have created a custom print results template and want Web Search
to use it when returning print results, enter its name in this field.
10 In the Template to Use If No Results Returned field, enter the filename of
the template that Web Search should return if no print results match a
users query.
11 In the Template to Use If More Information Is Needed field, enter the
filename of the template to be sent back to users whose print jobs exceed
the size you specify in the Print Job Size field. (See Step 6.)
12 In the Template to Use If Error Occurs field, enter the filename of the
template that Web Search should return if there are errors while
processing a users print query.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Default Index Settings

These settings are intended to make the process of creating indexes
even easier by letting you configure common settings as default
settings. This saves you time by not making you make the same
selections each time you create a new index.
To modify default index settings, do the following:
1 From the Web Search Manager home page, click Index under Default Site
Settings.
2 Select the type of index that you want as the default index type on the
Indexing Management page.

3 Check the URLs Are Case Sensitive check box if you want Web Search
to recognize URLs that are different only in character case, but are
otherwise identical. For example, www.digitalairlines.com verses
www.DigitalAirlines.com.
IMPORTANT: By setting this option to No can help Web Search to avoid indexing
duplicate information, which can come from indexing URLs that are presented
using different cases but actually point to the same information. However, if a Web
server being indexed is configured to differntiate between cases, Web Search
might leave out content that you want indexed.
4 Check the Crawl Dynamic URLs (URLs Containing ?) check box if you
want dynamic content indexed, in addition to static content.

See About Indexing Dynamic Web Content on page 155.
5 Enter a number (in bytes) in the Maximum File Size to Index field to keep
Web Search from indexing files larger than the number you specify.
6 In the Maximum Time to Download a URL field, enter a number (in
seconds) before Web Search automatically cancels the indexing of a site.

encoding to be used when indexeing files that do not contain an encoding

specification.
For example, HTML files can specify their encoding with a Content-Type
META tag.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Default Security Settings

Security settings let you manage access to indexed content by requiring users
to authenticate to a server before seeing search result content.
To modify default search site security settings, do the following:
1 From the Web Search Manager home page, click Security under Default
Site Settings.
2 In the Basis for Authorization drop-down list, choose from the following
options:
Allow All means that although the Login button appears on the
default search page, no authentication will be required to view
information. All results, whether contained in public or private
directories, are returned. Web Search will not ask who the user is.
This doesn't mean that if information is contained in an eDirectory
protected folder that the user will be able to click the link in the
results page and be given access.
Allow Public means that private content will not be returned in the
search results.
User Login means that depending on what you select under

Unauthorized Hits Filtered By, unauthorized search results will be
filtered out either by a results template or by the NetWare Web
Search engine.
IMPORTANT: These settings apply only to file system indexes and to the server
where you have Web Search Server installed.
3 Under Connection Settings, click Yes next to Require HTTPS if you want
to protect usernames and passwords as they are sent across the network
or Internet.
4 Enter a number (in minutes) in the Auto-logout
Time field to direct

Web Search to log users out who have been idle for the specified
period of time.
5 If you need to change the authentication realm string, enter it in the
Authentication Realm String field.

HINT: Specifying the Enterprise Server's authentication realm string in this field
makes it so that once users authenticate to the Enterprise Server, they won't have
to authenticate again when using Web Search to search and access protected
information.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Modifying Default Search Service Settings

Search Service Settings are meant for the administrator of the Web Search
server and are intended to give him global control over all search sites,
including the ability to completely disable searching by turning it off.
They also allow the administrator to control the overall performance of the
Web Search Server.
General Services Settings

General Services Settings affect error log and site list settings for all search
sites.
To modify general services settings, do the following:
1 From the Web Search Manager home page, click General under Services
Settings.
2 Select where you want log results displayed by choosing one of the
following options from the Log Errors To drop-down list:
File: When this option is selected, you can click View next to the Log
Errors To drop-down list and the log results are displayed in your
browser.
Console: You can also view log results at the NetWare system
console by selecting Console, pressing Ctrl+Esc on your server's
keyboard, and then pressing the number corresponding to the Tomcat
servlet engine.
Both: Displays results in both your browser and at the system

console.
HINT: You can access the log file directly by going to

volume:\searchroot\errors.log.
3 To start a new log file each time you restart the Web Search server, click
Yes next to New Log When Services Load.

HINT: You can also delete the log file at the path specified above. The log file will
be recreated on the first instance of a new error, statistics, etc.
4 To limit the size of the log file, enter a file size (in bytes) in the
Maximum Log Size field.
5 To limit the number of indexing jobs that can run at the same time, specify
a number in the Maximum Number of Active Index Jobs field.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
6 In the Default Location of Search Sites field, specify the path to where
you want all search site files to be stored, including index and
configuration files.
Changing this setting won't move existing sites to the new default
location. But all new search sites will be placed here.
7 To direct Web Search to reload configuration files modified manually,
outside of Web Search Manager, click Yes next to the Enable Dynamic
Site Updates field.
If you make changes outside of Web Search Manager, such as modifying
a configuration or properties file, Web Search will re-read those files as
often as you indicate in the Seconds Between Site Updates field.
8 In the Seconds Between Site Updates field, specify how often Web
Search should check for manual changes (changes made outside of Web
Search Manager) to the configuration files.
9 To direct Web Search to reload Web Search templates that have been
modified, click Yes next to the Enable Dynamic Template Updates field.
After making a change to a template from within your HTML editing tool
and saving it on your server, Web Search will re-read the template as often
as you specify in the Seconds Between Template Updates field. That way
you can test your changes almost immediately.
10 In the Seconds between Template Updates field, specify how often Web
Search should reload search, print, results, and error templates.

Search Services Settings

Search Services Settings let you turn print capabilities on or off and manage
debugging and statistics settings.
To modify search services settings, do the following:
1 From the Web Search Manager home page, click Search under Services
Settings.
2 To enable search services for all search sites on your Web Search server,
click Yes next to Enable Search Service.

3 Under Debug Settings, click Yes next to Enable Search Debugging if you
want search debugging turned on.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
following options from the Log Debug Messages To drop-down list:
Debug Messages To drop-down list and the log results are displayed
in your browser.
servlet engine.

console.

6 To limit the size of the log file, enter a file size (in bytes) in the Maximum
Log Size field.

7 Under Statistics Settings, click Yes next to Enable Search Statistics
Logging if you want to an updated log file containing statistics about

searches performed on your Web Search server.
8 In the Seconds Between Statistics Updates field, enter a number
(in seconds) that should elapse between updates of the statistics

log file.
9 For the next three fields, follow Step 4, Step 5, and Step 6 above.
10 In the Log Error If Search Time Exceeds field, enter a number (in
seconds) before Web Search should record the current search as

exceeding the specified time limit on the statistics display. This appears
as the number seven (7) limit portion of the statistics display.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Print Services Settings

To modify print services settings, do the following:
1 From the Web Search Manager home page, click Print under Services
Settings.
2 To enable print services for all search sites on your Web Search server,
click Yes next to Enable Print Service.

3 Under Debug Settings, click Yes next to Enable Print Debugging if you
want print debugging turned on.

following options from the Log Debug Messages To drop-down list:
Debug Messages To drop-down list and the log results are displayed
in your browser.
servlet engine.

console.

6 To limit the size of the log file, enter a file size (in bytes) in the Maximum
Log Size field.

7 Under Statistics Settings, click Yes next to Enable Print Statistics Logging
if you want to an updated log file containing statistics about print requests
performed on your Web Search server.
8 In the Seconds between Statistics Updates field, enter a number (in
seconds) that should elapse between updates of the statistics log file.
9 For the next three fields, follow Step 4, Step 5, and Step 6 above.
10 In the Log Error If Print Time Exceeds field, enter a number (in seconds)
before Web Search should record the current search as exceeding the
specified time limit on the statistics display. This appears as the number
seven (7) limit portion of the statistics display.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Backing Up Your Search Site Files

As with any valuable data, you should make sure that your search site files are
backed up. At minimum, you should back up your index files, which by
default are stored at volume:\searchroot\sites.
However, if you have customized templates, you might also want to back them
up. By default, they are stored at volume:\searchroot\templates.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38

103-000133-001
August 29, 2001
Novell Confidential
July 17, 2001
Manual
15
99a
38
July 17, 2001
Optimizing Search Results

There are a number of ways administrators can optimize the performance of
their search sites and services.
Improving Search Results through Intelligent Indexing

You can improve the accuracy of your search results by following these
indexing guidelines:
When defining and creating your indexes, start with the highest-level
Web Site URLs and File System Paths possible.
If content is showing up in your search results that you dont want
included, try removing some paths or URLs from your defined indexes.
Also, try excluding specific subdirectories that you know or suspect
might contain content that you dont want searched.
If you've indexed too many file types and cluttered your search results, try
removing file types that you dont want indexed by using the Extensions
to Exclude option on the Define Index page or implementing and using
the Robots META tag in your Web sites content and by configuring Web
Search to work with them. See the following section for more
information.
Excluding Documents from Being Indexed

One way to improve search results is to guard what content is actually
indexed, thus clearing a path for relevant information.
Using the Extentions to Include Option
As mentioned above, you can use the Extensions to Exclude option to direct
Web Search to ignore specific filetypes. However, if you can't specify all of
the extensions to exclude, use the Extensions to Include option and specify all
acceptable file extensions. A typical list would specify HTM, HTML, PDF,
TXT, and DOC.
HINT: When entering extensions in the Extensions to Exclude box, separate each
extension by a space or a hard return. Avoid using commas. For example:

htm html pdf txt doc
Optimizing Search Results 169

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Using the Robots META Tag
Another effective way of controlling what Web Search indexes is using the
Robots META tag, a tag inserted into the content that is being indexed by Web
Search.
When a Web-based search engine encounters a document containing the
Robots META tag, the search engine will do as the META tag instructs.
There are four values you can specify in the Robots META tag:
NOINDEX: Indicates that the document is not to be indexed.
NOFOLLOW: Indicates that hypertext links in the document are not to be
crawled.
ALL: Indicates that the document can be indexed and all links can be
crawled.
NONE: Indicates that the document is not to be indexed and that
hypertext links are not to be crawled.
To include the Robots META tag, use this syntax:
<META name="Robots" content="INDEX, value">
You can also use the Robots META tag to exclude specific sections of HTML
documents from your search results. For example, you might not want such
sections as repetitive headers, footers, navigation bars, and server-side
includes to be indexed.
HINT: You could also place these tags in Include files so they never get indexed
at all.
To direct Web Search where to begin skipping content while indexing, do the
following:
1 At the point in your HTML document where you want Web Search to
begin skipping content while indexing, enter the following tag:


2 Just after the content you want skipped, enter the following tag:

3 Save your changes and index (or reindex) the content.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Modifying Document Descriptions Returned in a Search

Results List
Web Search returns descriptions of each hit that is listed on the search results
page. By default, the following information is displayed:
Description field
Summary field
Abstract field
The first 255 characters of the document (beginning with first heading
and skipping links)
The first three fields are created from the content of META tags in HTML
documents. If these tags are not defined, Web Search will try to find the first
heading and begin selecting words. If it cant find a heading, then it begins at
the top of the document and selects the first 255 relevant display bytes as the
description.
Improving the Relevance of Search Results

Web Search utilizes a sophisticated relevance-ranking algorithm. During a
search, Web Search considers
The number of times words appear in a document
The proximity of words in a multiple word search (the closer the words
appear, the more relevant the document will be)
The order of words in a multiple word search (the exact order of words is
more relevant)
The location of words in a document (specifically words that appear in a
META tag, title, body, header, footer, etc.)
The formatting of words in a document (such as bold, font type and size,
etc.)
Query weighting in a multiple query scenario
The number of times words occur within an entire index (for example, the
word the has low relevance)

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
To illustrate how these criteria work, consider the following examples:

Words in bold face are more relevant than regular words.
Words contained in the <Title> tag are more relevant than words
contained within the <body> tag.
Words contained in the Keywords and Description META tags are more
relevant than content words.
Words contained within the <A HREF=> tag used for creating links are
less relevant than words outside of this tag.
A document containing a specified search term multiple times is more
relevant than a document that contains the search term only once.
A word within a 36-point body text is more relevant than within 4-point
footer text.
Documents returned from a query that is weighted at 100% is more
relevant than a 50% weighted query. This is normally used in multiquery
searches where each query has a specified weight, as in query=0;
weight0=; query1=; weight1=.
Weighted Queries
A weighted query is used anytime you want to modify the order or relevance
of certain hits in a users normal search results list or when you want to add
additional search results users might not have identified in their queries.
The following query parameters can be combined to identify a single search
query item:
&filter#=
&filteroperator#=
&operator#=
&query#=
&weight#=
Multiple query items can also be sent as part of a single search request.
You can use this feature to provide profile-enhanced search requests. For
example, the following query returns French product downloads higher up in
the search results list but does not eliminate results of any other language
downloads:
&query0=product+downloads&weight0=100&query1=/
product=french&weight1=90

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
This example directs Web Search to perform two completely separate

searches. The search results from the two queries are then merged based on the
relevance of the individual search results and the weighting of the respective
query that produced them.
Another example might be to give the search results from one index more or
less relevance than the search results of another index when performing a
multiple-index search. For example, the search results from Novell might be
more relevant than the search results from Novonyx.
To send multiple query items, these parameters must be grouped using a
number (#) at the end of the parameter name so they will be interpreted
properly. The numbering should begin at 0 or 1 and increment sequentially for
each additional query item.
Ensuring Optimal Search Speed

Once a search site has been accessed, all of its configuration files are read into
memory. For speed reasons, the search site remains cached in memory until a
period of inactivity has elapsed. The search site is then dynamically removed
from memory until its next use. Because of this, the first time a search site is
accessed is usually the slowest.
However, there are other factors that can affect the performance of your Web
Search services. As with any software, the amout of system resources (CPU,
RAM, and hard drive) available affects Web Search Server performance. Web
Search speed depends on the following factors:
System processor speed
Number of processors
Amount of system memory (RAM)
Number of hosted search sites
Number of indexes within each search site
Number of files included within each index
Number of indexes included within each query
Number of queries performed at one time
Complexity of users queries
Number of search results returned with each results page

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Number of concurrent active indexing jobs

Other functions being performed by your server
Adjusting any of these values can have a significant impact on the
performance of your search services.
As a general guideline, use the fastest CPU possible and include as much
RAM as possible. Although the duration of each user query is very short,
while it is active it consumes an average of 500 KB of memory. Memory
consumption varies widely while the indexer is calculating the final search
results list, depending on the number of possible search results.
Also, try to schedule the regeneration of your indexes during off-peak hours.
That way, they won't interfere with normal user searches. (See Automating
Site Management on page 155.)
If you find that your users frequently enter search words such as to, of, a, the,
in, etc., you might want to consider removing these words before they are
submitted to the Web Search engine.
HINT: A stop-words processor is available in the Enterprise version of Web
Search. Contact your local Novell resale representive for more information.
Making Good Use of Document Fields

A document field is any tag or field in any document that helps to identify the
documents contents. A document field might be a title, heading, or paragraph
contained in an H1, TITLE, or META tag within an HTML document.
Web Search is designed to take advantage of document fields in order to
improve the accuracy and speed of search results.
By design, Web Search always indexes all document fields in many document
types, including HTML, PDF, Word, WordPerfect, XML, etc. Users can then
constrain searches to the contents of any document field.
As a Web Search administrator, you can use document fields to restrict search
results to certain products, categories, authors, titles, keywords, or any other
content belonging to a document field.
This is done using the /fieldname=search_criteria query parameter.
HINT: You might consider sending this information as hidden data using the
&filter= query parameter.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Using the &filter Query Parameter

The &filter query parameter allows Web Search administrators to enhance
searches by adding hidden, additional query details when users submit a
search query. This is an enhancement over previous versions of Web Search,
which required that you use JavaScript to add additional details to search
queries.
The &filter query parameter works just like the &query= parameter and can
be used together using the optional number (#) value. For example, if the
query parameter was &query0=search_criteria, the matching filter parameter
would be &filter0=additional_hidden_search_criteria. This allows the
multiple weighted queries feature to work as designed while allowing
administrators to add additional query details to each query.
Unlike the &query parameter, the &filter parameter can be sent multiple
times. For example, if users search for software patches, you could include the
various products to be searched, which could then improve search time and
accuracy:
query=software patches
filter=/Products=Product257
The resultant URL might appear as follows, but with the HTTP and domain
name prefix:
&query=software+patches&filter=%2FProducts%3DProduct257&filter=%2FProducts%3D
Product16&filter=%2FProducts%3DProduct302
NOTE: All &filter operators are combined using default the &operator=value, AND.
Also, the default Boolean conjunction joining the various filter operators is an OR
search. You can change the default Boolean conjunction by using the
&filteroperator=# query parameter. The pound sign (#) here acts just like the one
used in the #operator=# query parameter.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Searching XML Documents

Web Search provides complete hierarchical searching using the &filter=value
parameter. For example, you can find information in any of the TITLE tags of
an XML document. Or you can restrict Web Search to only the TITLE tag
within the DOCUMENT/SUMMARY hierarchy of an XML document.
The following table shows example uses of the &query=value parameter.
Example Values
Result
search_criteria
Finds search_criteria anywhere in the document.
/<Document*=search_criteria
Finds search_criteria anywhere within any tag that is part of the

DOCUMENT hierarchy.
/<Document<Summary*=search_
criteria
Finds search_criteria within any tag that is part of the

DOCUMENT or SUMMARY hierarchy.
/<Document<Summary<Title=search_
criteria
Finds search_criteria only within the DOCUMENT, SUMMARY,

or TITLE tags.
/<Document*<Title=search_criteria
Finds search_criteria within any TITLE tag, found at any level

within the DOCUMENT hierarchy.
/<*<Title=search_criteria
Finds the search_criteria within any TITLE tag in the document.

103-000133-001
August 29, 2001
Novell Confidential
Manual
16
99a
38
July 17, 2001
Understanding Templates
NetWare Web Search Server utilizes templates to generate search forms and
search and print results as well as user feedback such as error or response
messages.
A template is an HTML document containing one or more Web Search Server
variables. Variables are used to produce dynamic results when a user performs
a search on the search site you have defined.
Templates can be shared across search sites or each search site can point to its
own set of templates.
This chapter describes how templates work and discusses the default NetWare
Web Search Server templates that are included. To learn how to customize the
default templates, see Chapter 17, Customizing Your Search Solutions, on
page 185, and Chapter 18, Working with Template Variables and Search
How Templates Work

As defined above, a template is an HTML document containing one or more
Web Search Server variables. When users search your search site, they use a
Web browser to access the search form template. NetWare Web Search Server
includes a search form template. See Figure 7, The NetWare Web Search
Form As It Appears in a Web Browser, on page 178.
The Search form template, SearchTemplate.html, is stored (by default) on
volume:\searchroot\TEMPLATES. This path might be different if you chose
to install Web Search in another directory.
For more information about customizing templates, see Customizing Your
Web Search Solution on page 136.
Understanding Templates 177

103-000133-001
August 29, 2001
Novell Confidential
Manual
Figure 7
99a
38
July 17, 2001
The NetWare Web Search Form As It Appears in a Web Browser
The Web Search form is used to capture user input, search available search
sites, and then return the results in either a search or print template, which
appears to the user in a dynamically updated HTML document.
Search result templates display hits according to user selections on the search
form. For more information about these search result templates, see Table 8 on
page 181.
There are also templates for each of eleven different languages. For a
discussion about creating templates for international languages, see Chapter
11, Introducing NetWare Web Search Server, on page 131.
After a query is submitted and results are found, Web Search populates a
results template with all relavant results. (See Figure 8 on page 179.)

103-000133-001
August 29, 2001
Novell Confidential
Manual
Figure 8
99a
38
July 17, 2001
A Search Results Page Produced by the Search Results Template, ResultListTemplate.html.
You can also customize the search form to include additional parameters that
allow you to offer more options to your users for more accurate searching.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Exploring the Default Search and Print Templates

NetWare Web Search Server includes several default templates used to create
search forms and to format, display, and print search results for users.
You can use the templates as they are or you can modify them to look and feel
how you want them to. You can also create as many additional templates as
you need or replace the default templates with your own templates.
NetWare Web Search includes the five template categories:
Search Page Templates
Search Result Templates
Print Result Templates
Error Message Template
Response Message Template
The templates are stored at volume:\searchroot\TEMPLATES.
Search Page Templates

NetWare Web Search includes two search page templates that are used to
generate a search page, as described in the following table.
Table 7
Default Search Page Templates

Template Name
Purpose
SearchTemplate.html
Detects the language and country of the

client browser and returns a dynamic
search page in the matching country and
language.
This template also lets users select and
search specific indexes and is the default
search template used by NetWare Web
Search Server.
SearchTemplate.Simple
Same as SearchTemplate.html, except

that this template contains no dynamic
search site variables and can be used
when you dont want to provide users with
a list of all search sites.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Search Result Templates

NetWare Web Search includes several ready-made result templates, as
described in the following table.
Table 8
Default Search Result Templates

Template Name
Purpose
ResultListTemplate.html
Formats and organizes search results

and offers additional sorting functions
to the user.
ResultListNoHitsTemplate.html
Indicates when no hits are found during

a search and offers users a chance to
refine their search.
ResultListTerseTemplate.html
Similar to ResultListTemplate but

returns less information, such as
headings only.
ResultListVerboseTemplate.html
Similar to ResultListTemplate, but

returns more information, such as file
date, time, and language. Additional
sort options are also provided.
Print Result Templates

From the search results page, users have the option of printing all files
matching their search or only those files displayed on the current search results
page. When one of these options is selected, the print result templates
described in the following is displayed.
Table 9
Default Print Result Templates

Template Name
Purpose
PrintResultTemplate.html
Formats and organizes search results

and offers additional sorting functions
to users in a way that is optimized for
printing.
PrintResultNoHitsTemplate.html
Indicates when no hits are found during

a search and offers users a chance to
refine their search.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The print result template formats and organizes search results, optimized for
printing, including a complete table of contents. The table of contents includes
hypertext links for use online.
Error and Response Message Templates

In addition to the print, search, and search result templates, the error and
response message templates are returned when an error occurs or when
information is needed from the user.
The default response message template is returned to convey a specific
message to the user such as "Print job exceeds recommended size limits,"
typically returned when a user attempts to print more content than the Web
administrator has allowed.
The error and response message templates can be found at
volume:\searchroot\TEMPLATES\ErrorMessageTemplate.html and
ResponseMessageTemplate.html.
How Templates Use System Memory

Templates are cached in memory for quick rendering speed. Each template
consumes approximately 10 KB.
Similar to the search site cache, templates remain cached in memory until a
period of inactivity has elapsed. The template is then dynamically removed
from memory until its next use. The first time a template is accessed,
therefore, is normally the slowest.
HINT: Too many templates in the template cache can consume a great deal of
memory. Try to share templates across sites to minimize the impact on system
cache.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Working with Additional Languages

NetWare Web Search includes each of the templates described above in each
of several languages. Using standard encoding practices, you can
internationalize your templates.
Any changes made to the default templates should also be made to the
language templates you will use. For a more complete discussion about
creating a multilingual search solution, see Chapter 19, Internationalizing
Your Search Solution, on page 213.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38

103-000133-001
August 29, 2001
Novell Confidential
July 17, 2001
Manual
17
99a
38
July 17, 2001
Customizing Your Search Solutions

You can quickly create a custom search solution by modifying the default
NetWare Web Search templates. Templates include some fundamental
options for users, but you can add or remove options and modify the form
layout and design to give the search form the look, feel, and function you need.
If you are creating a search service for another companys Web site, you can
modify the templates to match the look and feel of their Web site.
If you are confident in coding with HTML, you can start with the default
search page template to get a feel for the available parameters and then begin
coding completely new search and print templates from scratch.
For more information about the necessary components for building a solution
from scratch, see Chapter 16, Understanding Templates, on page 177 and
Chapter 18, Working with Template Variables and Search Parameters, on
page 191.
Customizing Templates
You can extend the capabilities of NetWare Web Search Server by
customizing the templates.
The first step is to determine which components of Web Search you want to
customize. For example, if you only want to add a few additional search
features to the search page template and modify its background color and table
size, you would modify the SearchTemplate.html or SearchTemplate.Simple
files.
This section discusses how to customize the search, print, and result templates
and how to use available parameters and variables to create a customized
search solution.
Customizing the Search Templates

You can customize the design and functionality of the static or dynamic search
templates by
Modifying HTML code
Adding or removing search parameters
Customizing Your Search Solutions 185

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If you are familiar with HTML, you can quickly modify the design of the
default (dynamic) Web Search template or the static search template. For
example, you can change the colors of the search page or add new custom
graphics.
To modify the functionality of the default Web Search template, you can add
or remove search parameters. Search parameters are used to communicate
with NetWare Web Search. By embedding them in the correct places in your
HTML source, you can extend or limit the functionality of the default Web
Search templates.
For example, if you wanted your users to use a specific set of templates found
in a themes directory, you would add the following HTML code, including the
theme parameter, to the SearchTemplate.html file:
<INPUT TYPE="Hidden" NAME="theme_name" VALUE="$$QueryTemplateTheme">
This sample HTML code tells Web Search to look for templates only in the
specified template directory. All themes are located within the templates
directory specified in Web Search Manager.
For a complete list of available search parameters, see Table 15, Search
Customizing Search Result Templates

NetWare Web Search Server includes several default search result templates
that are used to display hits, provide feedback to a user, or request information
from a user after a search is performed. For more information about the default
search result templates, see Chapter 16, Understanding Templates, on page
177.
You can customize the design and functionality of the default search result
template, the template used when a user selects Normal from the Result List
Format drop-down list in the NetWare Web Search form. For information
about how to access the NetWare Web Search form, see Taking a Test Run
on page 136.
Customizing the default search result template involves
Modifying the HTML code
Adding or removing search result variables

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
default search result template. For example, you can change the colors of the
search page or add new graphics.
To modify the functionality of the default search result template, you can add
or remove search result variables. Search result variables are placed in the
template where you want search results to be displayed.
For example, if you wanted to display the total number of hits returned when
a user performs a search and you wanted the information to appear in the
upper-left corner of the search results page, you would add the following
HTML code to the search result template file:
<tr>
<td>Total Search Results: </td> <td> $$TotalHits</td>
</tr>
After a user performs a search, the $$TotalHits variable would be replaced by

the actual total number of hits found during the search.
The $$TotalHits variable is used to retrieve the total number of hits found
during a search. You can place this variable anywhere in the results list
template to organize the display of information in the way you want.
Default search result templates are located in
volume:\searchroot\TEMPLATES\. For a complete list of search result
variables that you can use to customize default search result templates or to
create new ones, see Table 11, Search Result Variables, on page 193.
Customizing Print Result Templates

NetWare Web Search Server includes two default print result templates: the
default print result template and a "no hits" template. Print result templates are
used to organize and format search results for printing and to provide feedback
to a user when no hits are found. For more information about the default print
result templates, see Chapter 16, Understanding Templates, on page 177.
You can customize the design and functionality of the default print result
template in the same way you customize the search result template by
Modifying the HTML code
Adding or removing print result variables

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
default print result template. For example, you can change the colors of the
print results page or add new graphics to it.
To modify the functionality of the default print results template, you can add
or remove print result variables. Variables are placed in the template where
you want search results to be displayed.
For example, if you wanted to remove the table of contents from the default
print results template, you would remove, or comment out, the following
HTML code in the PRINTRESULTLIST.HTML template, which would
include the $$BeginTOCList variable:
<CENTER><H2>Table of Contents</H2></CENTER>
<p>

$$BeginTOCList[<BIG><B>$$Product</B></BIG>
<DL>]
<DT><A HREF="#$$Bookmark"><BIG>$$Title</BIG></A>
<SPACER TYPE=HORIZONTAL SIZE=20>
<I><SMALL>[$$URL]</SMALL></I>
$$EndTOCList[</DL>]
You could either save your changes in the default print result list template or
you could save it using a new name, thereby creating an alternative template
for users who dont want a table of contents in the print results. To be effective,
you would then have to add a hypertext link in the search result template that
would link to your new template.
Default print result templates can be found at
volume:\searchroot\TEMPLATES. For a complete list of print result variables
that you can use to customize default search result templates or to create new
ones, see Table 12, Print Result Variables, on page 199.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Customizing Error and Response Message Templates

Error and response messages are used to either provide feedback to the user or
to request information from the user.
Error and response message templates are used to display the content of error
and response messages sent by the Web Search Server in response to search or
print errors. Similar to search and print templates, error and response
templates can be customized. However, because the contents of error and
response messages are built into NetWare Web Search Server, you cannot
modify the contents of the messages or the button objects that might appear,
depending on the type of response being generated.
Customizing Error Messages
There are several error messages that can be returned to a user. For example,
when users incorrectly use a search operator in a search form, they might get
the message, "Search Error: Incorrect use of Boolean operator." An error
number might also appear.
While you can utilize HTML tags to format an error message, add or remove
variables to determine what information is shown to the user, or even
reorganize where the messages will appear in the template, you cannot modify
the message itself.
Customizing Response Messages
The same concepts apply to response messages, but response messages return
buttons that a user can click. Which buttons appear are determined by the
NetWare Web Search Server. While you can modify the labels of these
buttons, you cannot determine which buttons will appear, or when.
Testing Your Search and Print Solution

Once youve completed customizing the templates and the search form, you
can test them in your Web browser by pointing to the search form URL and
entering a search string. See Taking a Test Run on page 136 for information
about how to access the NetWare Web Search form.
HINT: Remember that a search cannot be performed until you have defined at
least one index and generated it using NetWare Web Search Manager. Refer to
Web Search Mangers online Help for the steps required in defining and generating
an index. Also, see Chapter 11, Introducing NetWare Web Search Server, on
page 131 for an overview of indexes.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38

103-000133-001
August 29, 2001
Novell Confidential
July 17, 2001
Manual
18
99a
38
July 17, 2001
Working with Template Variables and

Search Parameters
If you are a developer or are comfortable programming in HTML and working
with variables and parameters, you can create an advanced search solution that
your users can use to perform complex searches.
Building an advanced search solution involves the use of search and print
template variables and search parameters to create or customize search and
print templates, and to create or customize one or more search forms.
You must also have used NetWare Web Search Manager to define and
generate one or more indexes.
The Web Search Manager is accessed from NetWare Web Manager. For more
information about using NetWare Web Manager, see Chapter 2, Introducing
NetWare Web Manager, on page 25.
Guidelines for Using Variables

Please note the following guidelines when using variables to either customize
the default templates, or to create new templates from scratch:
Case Sensitivity: All variables are case sensitive. Changing case in a
variable will cause Web Search to ignore the variable.
Variable Formatting: All variables must be used exactly as they appear in
the tables below. Variables always begin with two dollar signs ($$) next
to each other.
Success of a Variable: The inclusion of a variable does not guarantee that
information will be returned after a search is performed. For example,
using the $$Author variable might not return the name of a documents
author if that information is not included in the META tag of the
document.
Internationalizing Templates: If you want to internationalize your
templates, you must create a template for each language you want to
support in your search solution. For more information about languages,
see Chapter 19, Internationalizing Your Search Solution, on page 213.
Working with Template Variables and Search Parameters

103-000133-001
August 29, 2001
Novell Confidential
191
Manual
99a
38
July 17, 2001
For more information about how to implement variables in a search or print

template, or how to implement search parameters in an HTML document to
create a search form, see Chapter 17, Customizing Your Search Solutions,
on page 185.
Search Page Variables

The following table lists all available search page variables that can be used to
extend the functionality of the default search templates (SearchTemplate.html
or SearchTemplate.Simple) or to create new templates from scratch.
Table 10
Search Page Variables
Variable Name
Description
$$BeginCollectionsLoop
Begins the repeating section in the search template where index

information will be written.
$$Collection
The name of the collection.
$$Countervariable_number,
increment_number
Inserts the value of the specified var# counter into the search result
page. All counters initialize to zero. The optional second parameter
specifies the amount to increment or decrement the current value. A
maximum of 10 counters is supported. For example:
$$Counter[1] = insert value of counter #1
$$Counter[1,1] = increment counter #1 by 1 and display the new value
$$Counter[5,-3] = decrement counter #5 by 3 and display the new value
$$EndCollectionsLoop
Ends the repeating section in the search template where index

information will be written.
$$IncludeFile
Automatically pulls in the designated template at the location of this

variable. The included template can contain other template variables,
which will be processed as though they were a part of the original
template. The template name parameter can either be a full FILE:// URL
based on the file system of the server or a relative path based on the
location of the parent template. The template name parameter can be
located within quotation marks. See the SearchResultTemplate.html file
for an example use of this variable.
$$QueryTemplateTheme
Identifies the theme requested by the search client.
$$ResultEncoding
Identifies the encoding used to return the current search results page.

103-000133-001
August 29, 2001
Novell Confidential
Manual
Variable Name
99a
38
July 17, 2001
Description
$$ServerCollectionDescription Inserts the description of a search site as found in the Web Search
Manager.
$$ServerCollectionName
Inserts the name of the search site defined in the Web Search Manager.
$$TemplateName
Identifies the filename of the template.
$$TemplateLocale
Identifies the locale of the template, such as zh_TW.
$$TemplateTheme
Identifies the theme (or theme directory) that you want to place the
template in.
Search Result Variables

The following table lists all available search result variables that can be used
to extend the functionality of the default search result templates or to create
new templates from scratch.
Table 11
Search Result Variables
Variable Name
Description
$$Author
The name of the original author of a document returned in a hit.
$$BeginLoop
End of the header section. Beginning of the repeating body section.

This section is repeatedly parsed until there are no further result
items to process.
$$BeginCollectionsLoop
The beginning of a repetitive section that will be reprocessed for

each search site the user specified in the search query. See also
$$QueryCollection on page 196.
$$BeginFiltersLoop
Loops through filters assigned to the current query item.
$$BeginReturnFieldsLoop
The beginning of a repetitive section that will be reprocessed for

each return field the user specified in the search query. See also
$$QueryReturnField on page 197.

103-000133-001
August 29, 2001
Novell Confidential
193
Manual
99a
38
July 17, 2001
Variable Name
Description
increment_number
Inserts the value of the specified var# counter into the search result
page. All counters initialize to zero. The optional second parameter
specifies the amount to increment or decrement the current value.
A maximum of 10 counters is supported. For example:
$$Counter[1,1] = increment counter #1 by 1 and display the new
value
$$Counter[5,-3] = decrement counter #5 by 3 and display the new
value
$$DateTime[date_format]
The date and time of a hit. This is automatically written in Javas

medium format using the clients locale (all calendars, translations,
date and time formats are observed).
$$DateTime[ ] can use an optional date and time format provided
within the brackets [ ]. The text should conform to the Java
DateFormat syntax.
$$DefaultQueryEncoding
Default encoding of query if not otherwise specified.
$$Description
The abstract, description, or first 255 display bytes of the result

item.
$$EndCollectionsLoop
The end of a repetitive section that will be re-processed for each

search site the user specified in the search query. See also
$$QueryCollection on page 196.
$$EndFiltersLoop
The end of a repetitive section that will be re-processed for each

filter the specified in the search query.
$$EndLoop
End of the repeating body section. Beginning of the footer section.
$$EndReturnFieldsLoop
The end of a repetitive section that will be reprocessed for each

return field the user specified in the search query. See also
$$QueryReturnField on page 197.
$$FileType
Indicates a specific document type. For example, .DOC or .PDF.
$$Filter
Pulls the filter values from the original query.
$$FilterOperator
Pulls the filter operator from the original query.
$$FirstHit
The hit number of the first item in the current result page. Is
displayed using the clients locale.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Variable Name
Description
$$IncludeFiletemplate_name

variable. The included template can contain other template
variables, which will be processed as though they were a part of the
original template. The template name parameter can either be a full
FILE:// URL based on the file system of the server or a relative path
based on the location of the parent template. The template name
parameter can be located within quotation marks. See the
SearchResultTemplate.html file for an example use of this variable.
$$Language
The language of the result item. $$Language is displayed in the

language of the clients locale.
$$LastHit
The hit number of the last item in the current result page. Is
displayed using the clients locale.
$$MoreHits[page#, text]
A conditional text section to be included only if there are additional

hits in the search results that can be retrieved.
If the first section of the conditional text contains a number followed
by a comma (for example, $$MoreHits[3, text to be included]), then
the server will first determine if the designated search results page
exists. If the page# is missing, 1 (the next page) is assumed. If the
designated page is available, the remaining text after the comma
and up to the closing bracket is written to the result page.
Note that the initial number is relative to the current page. That is,
-1 references the page immediately before the current page and 1
references the page immediately after. Zero refers to either the
previous page or the next page.
$$MoreHitsURLpage_number
The URL needed to display another page of search results. The

optional parameter identifies the desired search result page
number. If not provided, 1 is assumed. Note that the page number
is relative to the current page. That is, -1 refers to the page
immediately before the current page and 1 references the page
immediately after. Zero (0) refers to the current page.
The URL is inserted only if the designated page exists.
$$Number
The hit number of the current result item. Possible numbers begin
with 1 and end with $$TotalHits. Is displayed using the clients
locale.

103-000133-001
August 29, 2001
Novell Confidential
195
Manual
99a
38
July 17, 2001
Variable Name
Description
$$NumQueryItems
The number of query items contained within the current query.

While most queries use only 1 query item, it is possible to construct
a query with multiple search criteria, each weighted with a value
between 1 and 100. While the resultant search contains hits from
each of the queries, the search results are organized with the most
relevant hits first (from any of the individual queries).
$$PageNum[page#]
Inserts a user-specified search result page number. The optional

page# parameter identifies the relative page from the current result
page. That is, minus one (-1) refers to the page immediately before
the current page and one (1) references the page immediately after.
Zero (0) refers to the current page.
The page number is inserted only if the designated page exists.
$$PrintURLfirst_hit_number,
number_of_hits]
The URL used to print the hits listed on the current search result
page.
The optional parameters can be specified to define the beginning
search result number and the number of search results to include in
the print job.
The number_of_hits parameter can use the $$TotalHits template
variable.
$$QueryCollection
The names of the indexes the user specified in the search query.
See also $$BeginCollectionsLoop on page 192.
$$QueryCountry
The country requested by the client. Note that this must be an

uppercase, two-character value as specified in ISO 3166-1.
$$QueryDate
The begin date requested by the client.
$$QueryEncoding
Actual query encoding, or the encoding specified during a search

that overrides the default encoding.
$$QueryLanguage
The language requested by the client. Note that this must be a

lowercase, two-character value as specified in ISO 639.
$$QueryNumHits
The number of search results requested by the client.
$$QueryOperator
The type of the current search:

0 = Boolean AND search
1 = Boolean OR search
2 = phrase search

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Variable Name
Description
$$QueryReturnField
The names of the return fields the user specified in the search
query. See also $$BeginReturnFieldsLoop on page 193 and
$$EndReturnFieldsLoop on page 194.
$$QueryTemplate
The template name requested by the client.
$$QueryVersion
The version number of the current query format.
$$Relevance
How closley the result matches the users query, indicated by

percentages (1% to 100%).
$$ResultEncoding
Identifies the encoding used to return the current search results

page.
$$SearchFor
Query entered by the client into the search field.
$$SearchTime
Inserts the amount of time used to process the current search

request. $$SearchTime is displayed using the clients locale.
$$SortByURL[sortfield.sortorder ...] The URL used to show the current result page sorted by one or
more search result fields.
Sort field names include title, author, changedate, filelength,
language, summary, relevance, url, and document_number.
Optional sort orders include ascending and descending.
Sort field and sort order names are separated by a period.
Multiple sort fields are separated by a space.
$$Size
The size of the data pointed to by the result items URL. Is displayed
using the clients locale.
$$TemplateLocale
$$TemplateName
$$TemplateTheme
template in.
$$Title
If a title is not available in documents being searched, $$URL is

used instead; if the URL is unavailable, < title unavailable >
continues to be used.

103-000133-001
August 29, 2001
Novell Confidential
197
Manual
99a
38
July 17, 2001
Variable Name
Description
$$TotalHits
The total number of hits that match the search query. This is not the
same as the number of hits displayed in any particular result page.
Is displayed using the clients locale.
$$URL
URL of the result item.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Print Result Variables

The following table lists all available print result variables that can be used to
extend the functionality of the default print result templates or to create new
templates from scratch. For more information about how to implement
variables in a template (HTML) page, see Chapter 17, Customizing Your
Search Solutions, on page 185.
Table 12
Print Result Variables
Variable Name
Description
$$BeginLoop
End of the header section. Beginning of the repeating body section. This
section is repeatedly parsed until there are no further result items to
process.
$$BeginTOCList[text]
Beginning of the table of contents repeating section. This section is

repeatedly parsed until there are no further TOC result items to process.
This is a conditional text section. The items within the brackets ( [ ] ) are
processed only if the current item represents a change in the depth of the
hierarchy. If $$Product appears within the conditional text, it will be
replaced only if the current item also represents a new product.
$$Bookmark
The HTML anchor name of the current result item. This can be used to
jump from a TOC entry to the corresponding section within the print job.
All bookmark entries begin with novell_print_toc_ and are followed by
the number of the current result item, as in novell_print_toc_1.
increment_number
Inserts the value of the specified var# counter into the search result page.
All counters initialize to zero. The optional second parameter specifies the
amount to increment or decrement the current value. A maximum of 10
counters is supported. For example:
$$Description
The abstract, description, or first 255 display bytes of the result item.

103-000133-001
August 29, 2001
Novell Confidential
199
Manual
Variable Name
Description
$$EndTOCList[text]
End of the table of contents section.
99a
38
July 17, 2001
This is a conditional text section. The items within the brackets ( [ ] ) are
written out each time a result item occurs that decreases the depth of the
hierarchy. If the depth of the current item is several levels less than the
previous item, the text within the conditional text block is written out that
many times.
$$EndLoop
$$IncludeFiletemplate_name

$$Number
The hit number of the current result item. Possible numbers begin with 1
and end with $$TotalHits. Is displayed using the clients locale.
$$Product
The name of the product associated with the current item in the table of
contents.
This displays only if this is the first result item within that product.
See also $$BeginTOCList[text] on page 199.
$$ResultEncoding
$$Title
Title of the result item. For empty titles, <title unavailable> is displayed. Is
localized using the clients locale.
$$TotalHits
The total number of hits that match the search query. This is not the same
as the number of hits displayed in any particular result page. Is displayed
using the clients locale.
$$TemplateLocale
$$TemplateName
$$TemplateTheme
template in.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Variable Name
Description
$$URL
URL of the result item.
$$URLContent
The entire contents of the URL are placed into the template at this
location. The URL contents are not parsed to validate their data type,
formatting, or functionality. Only text/plain and text/html files are printed.
All other files are inserted into the print job as an error message.
Error Message Variables

The following table lists all available error message variables that can be used
to enhance the organization of the default error message template, or to create
new templates from scratch. For more information about how to implement
variables in a template (HTML), see Chapter 17, Customizing Your Search
Solutions, on page 185.
Table 13
Error Message Variables
Variable Name
Description
$$BeginLoop
End of the header section. Beginning of the repeating body section. This
section is repeatedly parsed until there are no further result items to
process.
increment_number
$$ErrorNumber
A numeric version of the error.
$$ErrorMessage
A text version of the error. Generally quite terse.
$$ErrorDescription
A longer version of the message. This might include additional error

details or problem resolution information.
$$EndLoop

103-000133-001
August 29, 2001
Novell Confidential
201
Manual
Variable Name
99a
38
July 17, 2001
Description
$$IncludeFiletemplate_name Automatically pulls in the designated template at the location of this

$$NumQueryItems
The number of query items contained within the current query. While most
queries use only 1 query item, it is possible to construct a query with
multiple search criteria, each weighted with a value between 1 and 100.
While the resultant search contains hits from each of the queries, the
search results are organized with the most relevant hits first (from any of
the individual queries).
$$QueryCollection
The names of the search sites the user specified in the search query. See
also $$BeginCollectionsLoop on page 192 and $$EndCollectionsLoop
on page 192.
$$QueryCountry
The country requested by the client. Note that this must be an uppercase,
two-character value as specified in ISO 3166-1.
$$QueryDate
The begin date requested by the client.
$$QueryDirFilter
For a description of this item, refer to the equivalent search result variable
in Table 11 on page 193.
$$QueryFileFilter
$$QueryKeywordFlag
$$QueryLanguage
The language requested by the client. Note that this must be a lowercase,
two-character value as specified in ISO 639.
$$QueryOperator
The type of the current search:

0 = Boolean AND search
1 = Boolean OR search
2 = phrase search
$$QueryReturnField
The names of the return fields the user specified in the search query. See
also $$BeginReturnFieldsLoop on page 193 and
$$EndReturnFieldsLoop on page 194.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Variable Name
Description
$$QuerySubDirFlag
$$QuerySynonymFlag
$$QueryTemplate
The template name requested by the client.
$$QueryVersion
The version number of the current query format.
$$ResultEncoding
$$TemplateLocale
$$TemplateName
$$TemplateTheme
template in.
Response Message Variables

The following table lists all available response message variables that can be
used to enhance the organization of the default response message templates or
to create new templates from scratch. For more information about how to
implement variables in a template (HTML), see Chapter 17, Customizing
Your Search Solutions, on page 185.
HINT: The repeating variables $$BeginLoop and $$EndLoop should not be used
in a response message and will be ignored if used.

Table 14
Response Message Variables
Variable Name
Description
$$Cancel[text]
If the Cancel button is specified by Server logic, parses and inserts the
conditional text into the response page.
Currently used by PrintServlet when a print job exceeds the print job size
warning limit.
$$Continue[text]
If the Continue button is specified by Server logic, parses and inserts the
Currently used by PrintServlet when a print job exceeds the print job size
warning limit.

103-000133-001
August 29, 2001
Novell Confidential
203
Manual
99a
38
July 17, 2001
Variable Name
Description
increment_number
$$Help[text]
If the Next button is specified by Server logic, parses and inserts the
$$Ignore[text]
If the Ignore button is specified by Server logic, parses and inserts the
$$IncludeFiletemplate_name Automatically pulls in the designated template at the location of this

$$No[text]
$$OK[text]
If the No button is specified by Server logic, parses and inserts the

If the OK button is specified by Server logic, parses and inserts the
Currently used by PrintServlet when a print job exceeds the maximum
print job size.
$$Prev[text]
If the Previous button is specified by Server logic, parses and inserts the
$$ResponseNumber
A numeric version of the response required of the user.
$$ResponseMessage
A text version of the response required of the user. Generally quite terse.
Can often be used as a title.
$$ResponseDescription
A longer version of the message. This might include additional details or

see also type information.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Variable Name
Description
$$ResultEncoding
$$Retry[text]
If the Retry button is specified by Server logic, parses and inserts the
$$TemplateLocale
$$TemplateName
$$TemplateTheme
template in.
$$URL
Inserts the URL to use when the parent button is clicked. This must appear
within the brackets of a buttons conditional text section.
The URL logic is generated by the server.
$$Yes[text]
If the Yes button is specified by Server logic, parses and inserts the
Search Parameters
The following table lists all available search parameters, including required
syntax, a description of their default values, and examples. Each of these
parameters can be used to extend or enhance the functionality of the search
page templates or to create new search page templates from scratch. For more
information about how to implement parameters in an HTML document, see
Chapter 17, Customizing Your Search Solutions, on page 185.
HINT: If you use a parameter but leave its value blank, the default value for that
parameter will be used.

103-000133-001
August 29, 2001
Novell Confidential
205
Manual
Table 15
99a
38
July 17, 2001
Search Parameters
Parameter Name
Value
Description
querynumber
String
The actual search criteria that is passed to the Web

Search Server.
The next four parameters below are combined with
this parameter and are identified by adding the
unique number to them.
Syntax: querynumber=searchcriteria
Example: query0=novell+AND+groupwise
idnumber
String
A document ID that is used to narrow a search. You

can specify more than one ID by using the same
field name more than once.
Syntax: idnumber=documentID
Example: &id0=z1.0010.&id0=z1.0020
Default: None
operatornumber
Integer
Indicates which operator to use between two or

more words in a search.
0 = AND
1 = OR
2 = PHRASE
Syntax: operatornumber=number
Example: operator0=1
weightnumber
Integer
Lets you assign a level of importance to one or more

search criteria. Web Search Server uses this
number along with the relevance number to
determine a search criteria's final relevance and
then orders the results accordingly.
Range: 0 to 100
Syntax: weightnumber=number
Example: weight0=75

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter Name
Value
Description
typenumber
Integer
Indicates the type of search. Options include:

0 = Normal search; 0 is the default.
1 = Searches only the given document numbers.
2 = Root search used by the search tree control
to get the top tree nodes.
3 = Used to get the children of the given
document number.
4 = Searches the descendants of the given
document numbers and is used to narrow a
search or a print request, including all of its
children.
Syntax: typenumber=number
Example: type0=2
Default: 0 (zero)
collections
String
Lets you restrict a search to one or more specified

search sites. The search site name you specify
using this parameter must exactly match the name
of the search site.
You can specify more than one search site by using
the same key word, as in the following:
collection=DocRoot&collection=myCollection.
Syntax: collections=index
Example: collections=Statistics

103-000133-001
August 29, 2001
Novell Confidential
207
Manual
99a
38
July 17, 2001
Parameter Name
Value
Description
date
Integer
Lets you specify a date range to be searched in

milliseconds. The example shows the number of
milliseconds spanning a three-month time frame.
The minus sign (-) before the number indicates
three months back in time.
If you pass a positive number such as
940457147873, then Web Search creates a date
and time based on the number of milliseconds
elapsed since January 1, 1970; 12:00 a.m. The
example number 940457147873 produces the
search start date of October 20, 1999, at 4:05:47
p.m.
Syntax: date=number
Example: date=-7905600000
numhits
Integer
Indicates the number of hits you want returned at

one time in the search results page.
Syntax: numhits=number
Example: numhits=25
Default: 25
starthit
Integer
Indicates the hit number you want Web Search to

begin searching from. If you entered 35 as the
STARTHIT parameter value, Web Search would
return hits beginning with hit number 35.
Syntax: starthit=number
Example: starthit=35
Default: 1
lang
String
Lets you specify a language using the twocharacter, lowercase language value derived from
ISO6391.
Syntax: lang=language_code
Example: lang=ja
Default: en (English)

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter Name
Value
Description
country
String
Lets you specify your country using the twocharacter, uppercase country value derived from
ISO3166.
Syntax: country=country code
Example: country=TW
Default: None
template
String
Lets you specify the specific results template you

want your search results returned in. The following
list of templates are the default templates included
with the Web Search Server. However, your Web
Search Server administrator might have created
custom templates using different names. Check with
your administrator if these templates do not work for
you. You must type the names of these templates
exactly as they appear in this list:
ResultListTemplate.html
ResultListTerseTemplate.html
ResultListVerbose.html
PrintResultTemplate.html
Localized versions for multiple languages can also
be used. See Working with Multiple Languages on
page 213.
Syntax: template=filename
Example: template=ResultList.html
theme
String
The name of the theme, or directory, where a

themes search and print templates are stored.
Syntax: theme=theme_name
Example: theme=Intranet
showfirsthit
Boolean
If true, rather than displaying the search results

page, this parameter automatically goes to the URL
of the first hit on the current page.
Syntax: showfirsthit=value
Example: showfirsthit=True

103-000133-001
August 29, 2001
Novell Confidential
209
Manual
99a
38
July 17, 2001
Parameter Name
Value
Description
retfield
String
Lets you determine the level of detail given about

each result item. The fewer the details, the faster a
search is returned to a user.
Field names include title, author, URL, changedate,
language, summary, relevance, and filelength.
NOTE: Type these fields exactly as they appear.
To specify more than one field, use the RETFIELD

parameter and value, separated by an ampersand
(&) as in the following:
retfield=title&retfield=author
Syntax: retfield=field_name
Example: retfield=title
buttonpressed
String
A button pressed by the user. If this value is part of

the query, then a response message should not be
sent to the client.
Options include Yes, No, OK, Cancel, Continue,
Ignore, Retry, Prev, Next, and Help.
Syntax: buttonpressed=button_name
Example: buttonpressed=Cancel
gettotalhits
Boolean
Lets you enable or disable the total number of hits

parameter. For example, if you set the
GETTOTALHITS parameter to FALSE, the Total
Number of Hits label on the results page will display
0 (zero). Setting this parameter to TRUE will show
the total number of hits found during the search.
Syntax: gettotalhits=value
Example: gettotalhits=false
Default: True

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter Name
Value
Description
retencoding
String
Lets you specify a character set encoding to be

used by all results pages returned to users.
Syntax: retencoding=content type
Example: retencoding=iso-8859-1
Default: UTF8
sortkeys
Integer
Lets you specify the number of sort fields that

should be used to sort the search results.
Syntax: sortkeys=number
Example: sortkeys=1
sortfield
String
Syntax: sortfieldnumber=number
Example: sortfield1=title
Allows you to specify the sort order of results
returned in a results page.
Field names include title, author, URL, changedate,
language, summary, relevance, and filelength.
IMPORTANT: Type these fields exactly as they
appear above.
To specify more than one field, use the SORTFIELD
parameter and value, separated by an ampersand
(&) as in the following:
retfield=title&retfield=author
sortorder
Integer
Lets you specify the alphanumeric ordering of

search result items (hits). Options include the
following:
0= Ascending
1= Descending
2= Default for each field.
Syntax: sortordernumber=number
Example: sortorder1=0

103-000133-001
August 29, 2001
Novell Confidential
211
Manual
99a
38

103-000133-001
August 29, 2001
Novell Confidential
July 17, 2001
Manual
19
99a
38
July 17, 2001
Internationalizing Your Search

Solution
NetWare Web Search Server is capable of handling search queries, search
results, templates, and Web content in many languages and character sets.
Web Search can auto-detect languages and character sets, but to ensure a
complete international search solution, you must identify language, country,
and character information throughout your Web Search implementation.
This chapter discusses all of the issues related to supporting multiple
languages from a single search solution.
Working with Multiple Languages

Customizing your search solution is important only if you want to let your
users conduct language-specific searches. You specify the language of a
template by inserting a language identifier in the META tag of your templates
or HTML files. The language identifier can also be used in Search Results
pages to let users quickly recognize the search results that interest them.
NetWare Web Search Server also lets Web clients specify their locale at the
time the search query is entered. The default Search page illustrates this
feature by auto-detecting a user's locale and selecting the appropriate language
from the Display Language drop-down list. This selection sends two
parameters to the Web Search Server: language and country. The country
parameter is almost always blank. The search engine uses this information to
find locale-specific versions of the templates used to return search results.
To specify the language of a template or of any HTML content that gets
indexed as part of your search site, you must enter a language identifier within
an HTML files header section. For example, if you wanted to identify a
Russian template, you would add the following META tag:
<meta http-equiv="Content-Language" content="ru">
In some cases, such as Traditional and Simplified Chinese, you will need to
use the two-character, uppercase country codes. For example:
<meta http-equiv="Content-Language" content="zh-TW">
<meta http-equiv="Content-Language" content="zh-CN">
Internationalizing Your Search Solution 213

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The first line of the example indicates the Chinese language (ZH) and the
geographic location as Taiwan. The second line of the example indicates the
Chinese language (ZH) but China as the geographic location.
This combination of language and country codes is called a locale. For more
information about locales, refer to Table 16 on page 222.
Specifying Locales within Template Filenames

NetWare Web Search Server consists of three primary servlets: SearchServlet,
PrintServlet, and AdminServlet. Each servlet returns information to the Web
client using server-side templates. Templates are stored on at
volume:\searchroot\TEMPLATES. For more information about templates, see
Chapter 16, Understanding Templates, on page 177.
After determining a Web clients locale, Web Search attempts to locate a
matching search result template. That is, each of the Web Search services
automatically attempts to locate a version of the requested template that most
closely matches the Web clients locale.
IMPORTANT: NetWare Web Search cannot find locale-specific templates without
the two-character language code and the optional two-character country code. See
Table 16 on page 222 for more information about language code syntax.
For example, if a Web client requests to see search results using the
ResultListTemplate.html file and the client is a Chinese language user from
Taiwan and the server is Russian, then Web Search will try to find a ChineseTaiwan version of the template first (ResultListTemplate_zh_TW.html)
because that exactly matches the client's language and country. The following
table lists the template names the system would look up in this example in
order of priority.
Template Name
What Web Search Concludes
1. ResultListTemplate_zh_TW.html
Specific client locale
2, ResultListTemplate_zh.html
Simplified client locale
3. ResultListTemplate.html
Client requested name
4. ResultListTemplate_ru.html
Specific server locale (no simplified

versions)
5. ResultListTemplate_en.html
English language version
Up to the first underscore ( _ )

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If this scenario were reversed so that the search client was Russian and the
server was Chinese (Taiwan), and the client requested the
ResultListTemplate_ja.html template, then the lookup order would follow the
order shown in the following table.
Template Name
What Web Search Concludes
1. ResultListTemplate_ja_ru.html
Specific client locale (no simplified

versions)
2. ResultListTemplate_ja.html
Client requested name
3. ResultListTemplate_ja_zh_TW.html
Specific server locale
4. ResultListTemplate_ja_zh.html
Simplified server locale
5. ResultListTemplate_ja_en.html
English language version
Up to the first underscore ( _ )
All templates undergo this rigorous lookup system. Once a template is located,
its name is stored and associated with the original client locale so that all
subsequent requests for that template from the same locale automatically find
the template without performing the same rigorous lookup.
No further lookups are attempted for that combination of client locale and
template name until the NetWare Web Search Server is restarted. If all
template lookups fail, then an error message is returned to the client
performing the search.
Understanding Character Set Encodings

A character set is a grouping of alphabetic, numeric, and other characters that
have some relationship in common. For example, the standard ASCII
character set includes letters, numbers, symbols, and control codes that make
up the ASCII coding scheme.
A character set encoding is the mapping of a character set to a value that can
be understood and processed by a computer.
NetWare Web Search relies on character set encodings to identify the
characters used when performing a search, reading a template, posting results
to a Web browser, or indexing Web-based content. If the encoding information
is missing in any of these areas, NetWare Web Search uses the default

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
encodings identified in the SearchServlet and PrintServlet properties files.

You can modify these settings using NetWare Web Search Manager.
Because most languages have several encodings that their character sets are
identified by, NetWare Web Search Server supports a wide variety of character
set encodings and encoding aliases.
Some examples of character set encodings include iso-8859-1, shift_jis, big5,
and latin2. The official list of registered encodings is available from the
Internet Assigned Numbers Authority (see Table 16 on page 222). These are
the official names for character sets that can be used in the Internet and can be
referred to in Internet documentation. However, not all IANA-registered
character set encodings are supported by NetWare Web Search Server. Refer
to Table 16 on page 222 for a list of encodings and encoding aliases that are
supported by NetWare Web Search Server.
Unicode and UTF8

Unicode is a 16-bit character encoding standard developed by the Unicode
Consortium. By using two bytes to represent each character, Unicode enables
almost all of the written languages of the world to be represented using a
single character set. Unicode does not require any special processing to access
any character in any language.
This makes Unicode very easy to use when processing text from multiple
languages and scripts. This is the reason NetWare Web Search converts all
external files into Unicode for processing.
As already mentioned, Unicode is two bytes wide for all characters. Although
this is ideal for computer processing, it doubles the size of all single-byte
languages. This has a significant impact on Internet performance. For this
reason, NetWare Web Search also supports an alternate representation of
Unicode known as UTF-8. UTF-8 is a Unicode Transformation Format that
uses sequences of 1 to 6 bytes to represent all the characters in the Unicode
standard. Most notably, ASCII characters are transmitted without any
conversion at all. This means that most Internet content is already in the UTF8 representation. Many Asian languages, however, require three bytes per
character in the UTF-8 format. Other languages can require up to six bytes to
represent each of their characters.
You will have to decide if Unicode or UTF-8 best meets your needs when
creating HTML content, Web Search templates, or search pages.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Search Encodings
The only encodings NetWare Web Search currently supports when performing
a search are Unicode and UTF-8. Therefore, any page that allows Web users
to enter a search must ensure that the results are passed to the server in one of
these two formats. See Template Encodings on page 219 for more
information.
To pass Unicode characters to NetWare Web Search, use the syntax
%uHHHH, where
Percent sign (%) is used as the CGI escape character
Lowercase letter U (u) indicate that the subsequent 4 characters represent
a Unicode value.
Four uppercase H letters (HHHH) indicate four hexadecimal characters
(0-9, A-F)
To pass UTF-8 characters to NetWare Web Search, just use normal ASCII
characters or the syntax %HH... for all other characters, where
% is the CGI escape character
HH indicates two hexidecimal characters (0-9, A-F)
. . . indicates additional %HH groupings that might be required to
properly transmit a character
HINT: If the encoding of the page containing a search form is already set to UTF-
8 or Unicode, most browsers automatically transmit the entered search text

correctly using the designated encoding.
By default, NetWare Web Search uses UTF-8 in its sample search pages.
Response Encodings
One of the many parameters that can be sent when conducting a search is the
encoding that should be used when returning the results back to the browser.
All NetWare Web Search encodings listed in Appendix B, Combined
Character Sets for Use with NetWare Web Search, on page 227 can be used.
If the search result page contains the ability to refine or redo the search, then
the response encoding can significantly impact the possible characters that can
be entered when conducting the next search from this page. For example, if
the user requests results in the iso-8859-1 encoding (HTML's default), then
only iso-8859-1 characters can be entered in the subsequent search from that

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
page. Other characters can still be sent to the Web Search services using the
%uHHHH and %HH formats, but the browser will not allow users to enter
normal text characters other than that supported by iso-8859-1.
Although Web Search can return search results from many languages, some
characters found in titles and descriptions might be returned as question marks
(?) indicating that these characters are not available in the current response
encoding. If a character can be represented in the current encoding but a font
is not available, many browsers will substitute an alternate character such as
an empty box character. Once the appropriate fonts have been installed, these
characters will then display properly.
By default, NetWare Web Search returns all search, print, and administration
pages in UTF-8.
HTML Encodings
Since HTML content can contain text written in many character sets, all
HTML files need to include a tag that identifies the character set encoding. To
identify the encoding of an HTML file (or search template), use the following
META tag at the top of the file's header section:
<meta http-equiv="Content-Type" content="text/html;
charset=Shift_JIS">
In this example, you would replace Shift_JIS with the appropriate Internet
Assigned Numbers Authority (IANA)-assigned encoding value.
It is very important that the CHARSET value accurately represent the
character set encoding that was actually used when the HTML Web content or
Web Search template was created. A correct entry allows Web Search to
accurately interpret and convert the characters in the document. An incorrect
entry prevents Web Search from being able to read the characters as valid data
in the authored language.
IMPORTANT: Improperly identified characters result in garbled text. In some
cases, the Web-based content cannot be properly indexed or printed. In the most
severe cases, the document being read might produce a server-side exception,
which will ultimately discontinue processing the document and perhaps the entire
current operation.
Because Web Search is Unicode-based, when reading templates or when

indexing or printing HTML content, all character encodings are converted
from their source encoding to Unicode for internal processing.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
During indexing, if a document contains characters not supported by the

designated encoding, if the document doesn't have an encoding designation,
or if the designation is inaccurate, the indexer will do its best to recover. But
if it cannot, it might index the information incorrectly or quit indexing that
page entirely.
When reading a template file, Web Search might automatically cease
processing the file if it contains any characters not supported by the current
encoding. It will try to ignore the invalid text and continue, but this might not
be possible.
When displaying search results or when printing HTML content, any
character that does not match the specified response encoding will receive a
question mark (?) in its place when rendered at the browser. Although some
characters are properly supported by the current encoding, the browser might
not have the required fonts to display the characters. In this case, users might
see square boxes representing these characters. This is an indication that the
valid character reached the browser, but the operating system could not
provide a font to properly render the character. The user would than have to
either change fonts or install the correct fonts in order to properly display the
characters.
HINT: If a document does not contain a CHARSET encoding value, the default
encoding for HTML documents is ISO-8859-1, also known as Latin1. The default
encoding for plain text documents is US-ASCII.
Web Search also allows administrators to define the default encodings for
templates, HTML content when printing, and search and print responses.
Refer to the NetWare Web Manager Help for information about changing the
default encodings.
Template Encodings
All HTML documents should include a Content-Type META tag identifying
their character set encodings. The character set encoding allows HTML Web
clients (or browsers) to understand the contents of the file. This tag is also used
by browsers to automatically switch their display system and fonts to correctly
show the Web page's contents. This lets users surf the World Wide Web
without having to constantly change their display system as they encounter
content from various languages and characters sets.
However, because NetWare Web Search lets administrator specify both
template encodings and response encodings, browsers might get confused
when presented with the valid response encoding in the HTTP header and one

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
or more alternate encodings from the Content-Type META tags within the file
that was part of the original Web Search template.
NOTE: $$IncludeFile[ ] templates can also contain their own Content-Type meta
tags.
To solve this problem, NetWare Web Search allows placing the Content-Type
META tag specifying the template's encoding within an HTML comment.
This effectively obscures the original template encoding from the browser, but
still allows Web Search to read the encoding when the template file is
processed.
A sample Web Search template is illustrated below. The Content-Type META
tag has been hidden inside of an HTML comment. This template can be
embedded within other templates using the $$IncludeFile[ ] template variable
without affecting Web Search's ability to distinguish between the various
encodings. This file can also be processed and then sent to a user's Web
browser without conflicting with the response encoding provided by Web
Search in the HTTP response headers.
<html>
<head>



</head>
<body>
Template data here.
</body>
</html>

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Encoding Issues When Printing

When NetWare Web Search processes a print request, it gathers the entire
contents of each file and builds an appended print job page, one file after
another. Each file can contain its own Content-Type META tag identifying its
encoding. Each file's encoding will be used by Web Search to convert that file
into Unicode before being sent out using the response encoding.
Unfortunately, all of these encoding META tags might confuse the browser's
display system. While Web Search has already properly converted the files
into a single response encoding, the browser sees the Content-Type META
tags which direct it to do something else, and gets confused.
The way to solve this problem is to create a print results template that contains
a Content-Type META tag encoding at both the top and bottom of the file,
before and after the various documents get printed. All current browsers take
either the first Content-Type META tag that they encounter or the last.
Constructing a print template with both satisfies all browsers.
Languages Included in the Default Templates

There are additional search and print templates for each of the following
languages:
Chinese (Traditional and Simplified)
English
French
German
Italian
Japanese
Korean
Portuguese
Russian
Spanish
Templates are stored at volume:\searchroot\TEMPLATES.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Where to Go From Here

The following table lists additional resources for learning more about locales,
country and language codes, and encodings.
Table 16
Additional Information Resources
Component
Resource Location
Language and country

codes (locale)
RFC1766 (http://www.ietf.org/rfc/rfc1766.txt)
NOTE: While RFC1766 uses the hyphen character ( - ) to separate language
and country information, Web Search uses the underscore character ( _ ) in
order to conform to the Java convention.
ISO639 (http://www.ics.edu/pub/ietf/http/related/iso639.txt)
ISO3166 (http://www.chemie.fu-berlin.de/diverse/doc/ISO_3166.html)
Character sets
Internet Assigned Numbers Authority (IANA) Character Set registry (http://

www.isi.edu/in-notes/iana/assignments/character-sets)
Unicode
Unicode Consortium home page (http://www.unicode.org/)
UTF-8
"UTF-8: A Transformation Format of ISO10646" (ftp://nis.nsf.net/internet/

documents/rfc/rfc2279.txt)

103-000133-001
August 29, 2001
Novell Confidential
Manual
IV
99a
38
July 17, 2001
Appendixes
This section contains additional information and reference materials related to
several Web service components:
Appendix B, Combined Character Sets for Use with NetWare Web
Search, on page 227
Appendix C, HTTP Methods and eDirectory Trustee Requirements, on
page 245
Appendix D, Managing Users and Groups Using Local Database or
LDAP Modes, on page 247
Appendix E, Controlling Access to Your Server Using Local Database
or LDAP Modes, on page 265
Appendix F, Port Number Assignments, on page 285
Appendixes 223

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38

103-000133-001
August 29, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
Troubleshooting NetWare Web Search

This appendix provides some troubleshooting topics that can help you
overcome search and print performance issues.
Troubleshooting
Characters of descriptions or titles appear as intelligible characters
Possible Cause:
You've probably indexed documents written in multiple languages and

encodings. Web Search can index most of the worlds languages and
encodings. However, Web Search needs to know the encoding of each
document.
Possible Cause:
Some of your documents were probably not tagged with an encoding or were
incorrectly tagged.
Action:
Make sure all of your documents contain the correct Content-Type META tag.
If your international documents do not contain a Content-Type META tag,
either add it or use the Encoding (If Not in META Tags) index definition
option to specify the default encoding.
Several titles or descriptions contain the same text

Possible Cause:
Action:
If search results include duplicate titles or descriptions, your description fields

(description, summary, or abstract) might include boilerplate information.
The more accurate your META tag description fields are, the better your
search results will be. Where possible, consider adding descriptions to your
documents META tags.
Possible Cause:
It could also be that you have indexed the same document more than once, or
several links throughout your Web site might point to the same document but
do so using different character cases each time.
Action:
To solve the latter problem, try using the URLs Are Case Sensitive option to
direct Web Search to turn off case-sensitive crawling. Also, remove any
duplicate backup files you might have and exclude any backup directories
from your index definition.
Troubleshooting NetWare Web Search 225

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Some titles are returned as the URL of the document instead

Possible Cause:
Action:
Web Search pulls document titles from within each document that it indexes.
If your document doesn't have a title, Web Search uses the URL or path of the
document instead. If the URL is unavailable, a Title Unavailable message is
returned.
Make sure all of the documents you index have specifically defined titles.
Additional Assistance
If the problem you are working with doesnt appear in this appendix, visit the
Novell Support Connection Web site (http://support.novell.com).

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Combined Character Sets for Use with

NetWare Web Search
The following tables list the character set encoding names and aliases that
Web Search recognizes when indexing, searching, displaying, or printing
files. This information is a subset of the character names registered by the
Internet Assigned Numbers Authority (IANA).
Whenever possible, the items listed in the first column of each table are the
preferred MIME names listed in the Internet Assigned Numbers Authority
(IANA) Character Sets registry. If a preferred MIME name is not available,
items in the first column represent the primary registered names.
Items in the second column of each table are aliases which are also at times
used to identify that encoding.
Note that not all aliases exactly represent the parent encoding under which
they are listed. In these cases, they overlap significantly enough that they will
be handled identically by the various NetWare Web Search engines.
HINT: Character encodings appear in the exact case specified in the Internet
Assigned Numbers Authority (IANA) Character Sets registry. Some uses of these
encodings are case sensitive. However, NetWare Web Search ignores the case of
these encodings.

103-000133-001
August 29, 2001
Novell Confidential
227
Manual
99a
38
July 17, 2001
ASCII Character Set

Preferred MIME Name or Primary
Registered Name
Encoding Names
US-ASCII (MIBenum: 3)*
ANSI_X3.4-1968
ANSI_X3.4-1986
ASCII
ascii7
iso_646-us
ISO646-US
ISO_646.irv:1991
iso-ir-6
646
us
IBM367
cp367
csASCII
IBM437 (MIBenum: 2011)
ibm-437
cp437
437
csPC8CodePage437
* A MIBenum is a record number corresponding to an entry in IANAs

Management Information Base.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Arabic Character Set

Registered Name
Encoding Aliases
ISO-8859-6 (MIBenum: 9)
ISO_8859-6:1987
ISO_8859-6
iso8859-6
iso8859_6
8859_6
IBM1089
ibm-1089
cp1089
1089
iso-ir-127
ECMA-114
ASMO-708
arabic
csISOLatinArabic
Windows-1256 (MIBenum: 2256)
cp1256
win1256
ms1256

103-000133-001
August 29, 2001
Novell Confidential
229
Manual
99a
38
July 17, 2001
Chinese (Simplified) Character Set

Registered Name
Encoding Aliases
gb2312 (MIBenum: 2025)
csGB2312
gb_2312-80 (MIBenum: 57)
iso-ir-58
chinese
csISO58GB231280
gb2312-80
gb2312-1980
gb-2312-80
gbk
GBK
windows-936
ms936
cp936
cp-936
euc-cn
EUC_CN
euccn
euc-gb

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Chinese (Traditional) Character Set

Registered Name
Encoding Aliases
big5 (MIBenum: 2026)
Big5
windows-950
win950
ms950
csBig5
IBM950 (MIBenum: ????)
ibm-950
cp950
cp-950
950

103-000133-001
August 29, 2001
Novell Confidential
231
Manual
99a
38
Cyrillic Character Set

Registered Name
Encoding Aliases
ISO_8859-5:1988
ISO_8859-5
iso8859-5
iso8859_5
8859-5
iso-ir-144
IBM915
ibm-915
cp915
915
cyrillic
csISOLatinCyrillic
KOI8-R (MIBenum: 2084)
koi8_r
koi8
cp878
cp-878
csKOI8R
win1251
cp1251
ms1251

103-000133-001
August 29, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
European Character Set

Registered Name
Encoding Aliases
cp1252
ms1252
win1252
ansi
ansi-1252
ISO_8859-1:1987
ISO_8859-1
iso8859-1
iso8859_1
8859_1
iso-ir-100
IBM819
ibm-819
CP819
819
l1
latin1
csISOLatin1

103-000133-001
August 29, 2001
Novell Confidential
233
Manual
99a
38

Registered Name
Encoding Aliases
ISO_8859-2:1987
ISO_8859-2
iso8859-2
iso8859_2
8859_2
iso-ir-101
IBM912
ibm-912
cp912
912
l2
latin2
csISOLatin2
ISO_8859-3:1988
ISO_8859-3
iso8859-3
iso8859_3
8859-3
iso-ir-109
IBM913
ibm-913
cp913
913
l3
latin3
csISOLatin3

103-000133-001
August 29, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001

Registered Name
Encoding Aliases
ISO_8859-4:1988
ISO_8859-4
iso8859-4
iso8859_4
8859-4
iso-ir-110
IBM914
ibm-914
cp914
914
l4
latin4
csISOLatin4
cp1250
ms1250
win1250
IBM850 (MIBenum: 2009) (UNICODE)
ibm-850
cp850
850
csPC850Multilingual
ibm-852
cp852
852
csPCp852

103-000133-001
August 29, 2001
Novell Confidential
235
Manual
99a
38

Registered Name
Encoding Aliases
ibm-860
cp860
860
csIBM860
ibm-863
cp863
863
csIBM863
ibm-865
cp865
865
csIBM865

103-000133-001
August 29, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
Greek Character Set

Registered Name
Encoding Aliases
ISO_8859-7:1987
ISO_8859-7
iso8859-7
8859_7
IBM813
ibm-813
cp813
813
iso-ir-126
ELOT_928
ECMA-118
greek
greek8
csISOLatinGreek
cp1253
ms1253
win1253

103-000133-001
August 29, 2001
Novell Confidential
237
Manual
99a
38
Hebrew Character Set

Registered Name
Encoding Aliases
ISO_8859-8:1988
ISO_8859-8
iso8859-8
8859_8
ibm916
ibm-916
cp916
916
iso-ir-138
hebrew
csISOLatinHebrew
win1255
cp1255
ms1255

103-000133-001
August 29, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
Japanese Character Set

Registered Name
Encoding Aliases
ISO-2022-JP (MIBenum: 39)
iso2022-jp
iso-2022-jis
junet
jis
jis_encoding
csJISEncoding
csISO2022JP
ISO-2022-JP-2 (MIBenum: 40)
iso-2022-jp2
csISO2022JP2
Shift_JIS (MIBenum: 17/2024)
sjis
shift-jis
ShiftJis
x-sjis
x-shift-jis
windows-31j
csWindows31J
ms932
cp932
win932
windows-932
MS_Kanji
csShiftJIS
pck
\u30b7\u30d5\u30c8\u7b26\u53f7\u53
16\u8868\u73fe

103-000133-001
August 29, 2001
Novell Confidential
239
Manual
99a
38
July 17, 2001

Registered Name
Encoding Aliases
EUC-JP (MIBenum: 18)
Extended_UNIX_Code_Packed_Form
at_for_Japanese
eucjp
x-euc-jp
euc_jpnew 10/18/99
x-eucjp
eucjis
csEUCPkdFmtJapanese

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Korean Character Set

Registered Name
Encoding Aliases
euc-kr (MIBenum: 38)
euc_kr
euckr
csEUCKR
ks_c_5601-1987 (MIBenum: 36)
ks_c_5601-1989
ksc5601-1987
ksc5601_1987
ksc_5601
ksc5601
5601
korean
csKSC56011987
IBM949 (MIBenum: ????)
ibm-949
cp949
cp-949
949
Windows-949 (MIDenum: ????)
win949
ms949

103-000133-001
August 29, 2001
Novell Confidential
241
Manual
99a
38
Thai Character Set

Registered Name
Ecoding Aliases
IBM874 (MIBEnum: ????)
ibm-874
cp874
874
Windows-874
win874
ms874
Turkish Character Set

Registered Name
Encoding Aliases
ISO_8859-9:1989
ISO_8859-9
iso8859-9
8859_9
ibm920
ibm-920
cp920
920
iso-ir-148
l5
latin5
csISOLatin5
win1254
cp1254
ms1254

103-000133-001
August 29, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
Vietnamese Character Set

Registered Name
Ecoding Aliases
win1258
ms1258
cp1258
cp-1258

103-000133-001
August 29, 2001
Novell Confidential
243
Manual
99a
38

103-000133-001
August 29, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
HTTP Methods and eDirectory Trustee

Requirements
HTTP access to a file or resource in Novell eDirectoryTM mode is evaluated
using NetWare file system trustee assignments, depending on the HTTP
method used. The table below defines the NetWare file system trustee
assignments required to grant access to Web resources using specified HTTP
methods.
This table applies only while running the Enterprise Web Server in eDirectory
mode.
HTTP Method
NetWare Trustee Assignment Required for Access
COPY
Read on source, Create on destination
DELETE
Erase
EDIT
Write
GET
Read
HEAD
File Scan
INDEX
File Scan
MKDIR
Create
MOVE
Erase and Read on source, Create on destination
POST
Read on the CGI executable file
PUT
Create on parent directory if file is being created, or WRITE

if file is being replaced
HTTP Methods and eDirectory Trustee Requirements 245

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38

103-000133-001
August 29, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
Managing Users and Groups Using

Local Database or LDAP Modes
This appendix covers creating and managing User and Group objects while
running in local database or LDAP modes. If you are running the Enterprise
Server in Novell eDirectoryTM mode, refer to Chapter 7, Using a Directory
Service to Control User Access to Network Resources, on page 83.
HINT: If you are using eDirectory mode, you can use ConsoleOneTM to manage
users and groups. If you need to access eDirectory User and Group objects from
a remote location, use NetWare Web Manager. Web Manager lets you add and
remove users and groups and manage access rights.
The procedures outlined in this section refer exclusively to Web Manager as the
directory managment tool for managing User and Group objects while in local
database or LDAP modes. For more information about using eDirectory, refer to the
Novell eDirectory 8.6 Administration Guide.
Creating Users
1 From the NetWare Web Manager home page, click Users and Groups >
organization > New User.

2 In the appropriate fields, enter the requested information. At a minimum,
you must specify the users
Surname
User ID
After entering a users first and surnames, the ID is automatically

generated in the User ID field. You can replace this user ID with an ID of
your own choice if you want.
IMPORTANT: The user ID must be unique. NetWare Web Manager ensures that
it is unique by searching the entire directory begining at the search base (base DN)
to see if the user ID is in use. However, if you use the ldapmodify command line
utility to create a user, be aware that the utility does not ensure unique user IDs. If
duplicate user IDs exist in your directory, the effected users will not be able to
authenticate to the directory.
3 Click Create User to add a user.
For information on editing users, see Managing Users on page 249.

103-000133-001
August 29, 2001
Novell Confidential
247
Manual
99a
38
July 17, 2001
Additional Information about User Entries

The following information might be of interest to the network administrator
concerning creating user entries:
User entries use the inetOrgPerson, organizationalPerson, and person
object classes. For more information on how these are used, search the
Novell Support Connection Web site (http://support.novell.com).
By default, the distinguished name for users is as follows:
cn=full name, ou=organization, ...,o=base organization,
c=country
For example, if a user entry for Sam Warden is created within the
Organizational Unit Engineering, and the directory's suffix is O=Ace
Industry, C=US, then the person's DN is
CN=Sam Warden, OU=Engineering, O=Ace Industry, C=US
However, you can change this format to a UID-based distinguised name.

Suffixes are optional if you are using the local directory. If you did not
configure a suffix for your local directory, then you literally use the string
(quote quote) to represent the search base on calls to ldapsearch.
The values on the user form fields are stored as the following LDAP
attributes:
User Field
Corresponding LDAP Attribute
Given Name
givenName
Surname
sn
Full Name
cn
User ID
uid
Password
userPassword
E-Mail Address
mail
The following fields are also available when editing the user entry:
User Field
Corresponding LDAP Attribute
Title
title
Telephone
telephoneNumber

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Managing Users
From the Manage Users form you can
Find user entries
Change user attribute values
Change the user's password
Manage the user's licenses
Rename the user's entry
Delete the user's entry
Change some, but not all, product-specific information. Web Services
servers add additional forms to this area that allow you to manage
product-specific information. For example, when a Web server is
installed under NetWare Web Manager, then an additional form is added
that allows you to edit settings specific to that server.
The following sections describe these activities in detail.
For more information regarding user entries when using a directory server, see
Additional Information about User Entries on page 248.
Finding User Objects

If you are running in LDAP or local directory modes and you need to edit a
User object, you can quickly search for and retrieve a User object.
1 From the Web Manager home page, click NetWare Enterprise Web Server
servername > Users and Groups.

2 In the Find User field, type some descriptive value for the entry that you
want to edit. You can enter any of the following in the search field:
A name: Type a full name or a partial name
A user ID
A telephone number
An e-mail address: Any search string containing an at (@) symbol is

assumed to be an e-mail address

103-000133-001
August 29, 2001
Novell Confidential
249
Manual
99a
38
July 17, 2001
An asterisk (*): Type an asterisk to see all of the entries currently in

your directory (or achieve the same effect by simply leaving the field
blank)
Any LDAP search filter: Type a search filter to see any string that
contains an equal sign (=) that is considered a search filter
3 In the Format field, select either On-Screen or Printer.

4 Click Find.
The Find All Users Whose Field

This field allows you to build a custom search filter. Use this field to narrow
down the search results returned by Find User.
Find All Users Whose provides the following search criteria:
1. The left drop-down list lets you specify the attribute that the search will
be based on.
The options include the following:
Full Name
Last Name
User ID
Phone Number
E-Mail Address
2. The center drop-down list lets you select the type of search you want to
perform.
Contains: Entries with attribute values containing the specified
search string are returned.
Is: Use this option when you know the exact value of an user's
attribute.
Isn't: Returns all the entries whose attribute value does not exactly
match the search string. For example, if you want to find all the users
in the directory whose names are not Sam Warren, use this option.
NOTE: Using this option can cause an extremely large number of entries to
be returned to you.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Sounds Like: Causes an approximate, or phonetic, search to be

performed. Use this option if you know an attribute's value, but you
are unsure of the spelling. For example, if you are not sure if a user's
name is spelled Sarret, Sarette, or Sarett, use this option.
Starts With: Returns all the entries whose attribute value starts with
the specified search string.
Ends With: Returns all the entries whose attribute value ends with the
specified search string.
3. In the right-most text field, type your search string.
Editing User Information

servername > Users and Groups > Manage Users.

2 Find the user entry you want.
See Finding User Objects on page 249 for more information.

3 Edit the field corresponding to the attribute that you want to change.
HINT: You might want to change an attribute value that is not displayed by the edit
user form. In this situation, use the ldapmodify command line utility.
You can change the users first, last, and full name field from this form; but to
fully rename the entry (including the entrys distinguished name), you need to
use the Rename User form. For more information on how to rename an entry,
see Renaming Users on page 252.
Managing User Passwords

The password you set for user entries is used by the various Web Services for
user authentication. You can create, change, or disable a password.


3 At the top of the User Edit form, click Password.

103-000133-001
August 29, 2001
Novell Confidential
251
Manual
99a
38
July 17, 2001
4 To create or change a password, type the new password and the
confirmation password, and then click Set Password.

5 To disable the password, click Disable Password.
This prevents the user from logging in to a Web Services server without
deleting the user's directory entry. You can reinstate the password by
using the Password Management form to enter a new password.
6 Click General to return to general user information.
Managing User Licenses

To track which Web Services your users are licensed to use, do the following:

2 At the top of the User Edit form, click Licenses.
3 Select the Web Services that you want the user to be able to use.
5 Click General to return to general user information.
HINT: Web Services does not enforce these licenses.
Renaming Users

2 Select the user entry you want.

3 Click Rename User.
4 Type the new name.
If you are using common name-based DNs, specify the users full name.
If you are using UID-based distinguished names, enter the new UID value
that you want to use for the entry.
5 Type the modified given name, surname, full name, or UID in the
applicable fields as is appropriate to match the new distinguished name

for the entry.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If you are using common name-based distinguished names, and you

change the distinguished name to use a new common name, then you
should make sure that this new common name is listed as the first choice
in the list of full names. This ensures that the appropriate name is
displayed when a list showing this entry is generated.
HINT: The rename feature changes only the users name; all other fields are left
intact. In addition, the users old name is still preserved so searches against the
old name will still find the new entry.
When you rename a user entry, you only change the users name; you
cannot use the rename feature to move the entry from one Organizational
Unit to another. For example, suppose you have
Organizational Units for Marketing and Accounting
An entry named Sam Warren under the Marketing Organizational

Unit
You can rename the entry from Samuel Warren to Sam Warren, but you
cannot rename the entry such that Samuel Warren under the Marketing
Organizational Unit becomes Samuel Warren under the Accounting
Organizational Unit.
6 To return to the general information form, click General.
Removing Users


3 Click Delete User > OK.
Creating Groups
servername > Users and Groups > New Group.

2 In the Group Name field, type the group's name.
You can optionally add a description for the group in the Description
field.

103-000133-001
August 29, 2001
Novell Confidential
253
Manual
99a
38
July 17, 2001
3 Click Create Group to add the group and immediately return to the New
Group form.
4 Click Create and Edit Group to add the group and then proceed to the Edit
Group form for the group you have just added.

For information on editing groups, see Editing Group Attributes on
page 256.
Managing Groups
From the Group Edit form you can
Find groups
Change group attributes
Add and delete owners of the group
Add and delete See Also information
Add and delete members of the group
Rename the group
Delete the group
Change the group's description
The following sections describe these activities in detail.
Finding Group Entries

servername > Users and Groups > Manage Groups.

2 In the Find Group field, type the name of the group that you want to find.
You can enter any of the following in the search field:
An asterisk (*): Type to see all of the groups currently residing in

your directory
Any LDAP search filter: Type to see any string that contains an equal
sign (=) that is considered to be a search filter

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
4 Click Find.
5 In the resulting table, click the name of the entry you want to edit.
The Find All Groups Whose Field

This field lets you build a custom search filter. Use this field to narrow down
the search results.
Find All Groups Whose provides the following search criteria:
1. The left drop-down list lets you specify the attribute that the search is
based on.
The options are
Full Name
Description
2. In the middle drop-down list, select the type of search you want to
perform.
Is: Use this option when you know the exact value of a groups
attribute.
Isnt: Returns all the entries whose attribute value does not exactly
match the search string. If you want to find all the groups in the
directory whose names do not contain administrator, use this option.
performed. Use this option if you know an attributes value, but you
are unsure of the spelling. For example, if you are not sure if a
groups name is spelled Sarrets list, Sarettes list, or Saretts list, use
this option.
Starts With: Returns all the entries whose attribute values start with
Ends With: Returns all the entries whose attribute values end with the
3. In the right-most text field, type your search string.

103-000133-001
August 29, 2001
Novell Confidential
255
Manual
99a
38
July 17, 2001
Editing Group Attributes


2 Find the group you want to edit.
See Finding Group Entries on page 254 for more information.

3 In the Group Edit form, change the displayed fields as desired.
HINT: To change an attribute value that is not displayed by the group edit form,
use the ldapmodify command line utility.
Adding Group Members


2 Find the group you want to add members to.

3 Click Edit under Group Members.
A new form is displayed that allows you to search for entries. If you want
to add user entries to the list, make sure Users is shown in the Find dropdown list. If you want to add group entries to the group, make sure Group
is shown.
4 In the right-most text field, type a search string.
Type any of the following:
A user ID: Use if you are searching for user entries
A telephone number
An e-mail address: Any search string containing an at (@) symbol is

assumed to be an e-mail address
An asterisk (*): Type an asterisk to see all of the entries or groups

currently residing in your directory
Any LDAP search filter: Type a search filter to see any string that
contains an equal sign (=) is considered to be a search filter

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
5 Click Find and Add to find all the matching entries and add them to the
group.
If the search returns any entries that you do not want add to the group,
check the box in the Remove from List column. You can also construct a
search filter to match the entries you want removed and then click Find
and Remove.
6 When the list of group members is complete, click Save Changes.
Adding Groups to the Group Members List

You can add groups (instead of individual members) to the groups members
list. Doing so causes any users belonging to the included group to become a
member of the receiving group. For example, if Sam Warren is a member of
the Marketing Managers group, and you make the Marketing Managers group
a member of the Marketing Personnel group, then Sam Warren is also a
member of the Marketing Personnel group.
To add a group to the members list of another group, add the group as if it were
a user entry. See Adding Group Members on page 256 for more information.
Removing Entries from the Group Members List

To delete an entry from the group members list:


3 Click Edit under Group Members.
4 For each member that you want to remove from the list, check the
corresponding box under the Remove from List column.


103-000133-001
August 29, 2001
Novell Confidential
257
Manual
99a
38
July 17, 2001
Managing Owners
You manage a groups owners list the same way as you manage the group
members list. The following table shows you which section to read for more
information.
If you want to
Use the steps in
Add owners to the

group
Adding Group Members on page 256
Add groups to the

owners list
Adding Groups to the Group Members List on page 257
Remove entries
from the owners
list
Removing Entries from the Group Members List on page

257
Managing See Alsos

See alsos are references to other directory entries that might be relevant to the
current group. They allow users to easily find entries for people and other
groups that are related to the current group.
You manage see alsos the same way as you manage the group members list.
The following table shows you which section to read for more information.
If you want to
Use the steps in
Add users to See

alsos
Adding Group Members on page 256
Add groups to See

alsos
Adding Groups to the Group Members List on page 257
Remove entries
from See alsos
Removing Entries from the Group Members List on page

257

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Removing Groups

2 Find the group you want to delete.

3 Click Delete Group > OK.
Renaming Groups


3 Click Rename Group.
4 Type the new group name.
When you rename a group entry, you only change the groups name; you
cannot use the Rename feature to move the entry from one Organizational
Unit to another. For example, suppose you have
Organizational units for Marketing and Engineering
A group named Research and Development under the Engineering
You can rename the group from Research and Development to Development
and Research, but you cannot rename the entry such that Research and
Development under the Engineering Organizational Unit becomes Research
and Development under the Marketing Organizational Unit.
Creating Organizational Units

servername > Users and Groups > New Organizational Unit.

2 In the Unit Name field, type the name of the Organizational Unit.
3 In the optional Description field, you can type a description of the unit.
4 Click Create Organizational Unit.

103-000133-001
August 29, 2001
Novell Confidential
259
Manual
99a
38
July 17, 2001
Additional Information about Organizational Units

The following information might be of interest to the directory administrator:
New Organizational Units are created using the OrganizationalUnit
object class.
The distinguished name for new Organizational Units is of the form:
ou=new organization, ou=parent organization, ...,o=base
organization, c=country
For example, if you create a new Organization called Accounting within

the Organizational Unit West Coast, and your Base DN is o=Ace Industry,
c=US, then the new Organization Unit's DN is
ou=Accounting, ou=West Coast, o=Ace Industry, c=US
Managing Organizational Units

Find Organizational Units
Remove Organizational Units
Edit Organizational Unit attributes
Rename Organizational Units
Delete Organizational Units
Finding Organizational Units

servername > Users and Groups > Manage Organizational Unit.

2 In the Find Organizational Unit field, type the name of the unit you want
to find. You can enter any of the following in the search field:
A name: Type a full name or a partial name.
An asterisk (*): Type to see all of the groups currently residing in

your directory.
Any LDAP search filter: Type to see any string that contains an equal
sign (=) is considered to be a search filter.

4 Click Find.
5 Click the name of the Organizational Unit that you want to find.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The Find All Units Whose Field

This field allows you to build a custom search filter. Use this field to narrow
down the search results that are otherwise returned by Find Organizational
Unit.
Find All Units Whose provides the following search criteria:
1. The left drop-down list allows you to specify the attribute on which the
search will be based.
Unit name
Description
2. In the center drop-down list, select the type of search you want to
perform.
Is: Returns the exact value of an Organizational Unit's attribute.
Isn't: Returns all the entries whose attribute value does not exactly
match the search string. If you want to find all the Organizational
Units in the directory whose name does not contain "Marketing," use
this option.
performed. Use this option if you know an attribute's value, but you
are unsure of the spelling.
Starts With: Returns all the entries whose attribute value starts with
Ends With: Returns all the entries whose attribute value ends with the
3. In the right text field, type your search string.
For more information on how to find an Organizational Unit entry, see
Finding Organizational Units on page 260.

103-000133-001
August 29, 2001
Novell Confidential
261
Manual
99a
38
July 17, 2001
Editing Organizational Unit Attributes


2 Find the Organizational Unit you want to edit.
See Finding Organizational Units on page 260 for more information.

3 In the Organizational Unit edit form, change the displayed fields as
desired.
HINT: It is possible that you will want to change an attribute value that is not
displayed by the Organizational Unit edit form. In this situation, use the ldapmodify
command-line utility.
Renaming Organizational Units

1 Make sure no other entries exist in the directory under the Organizational
Unit that you want to rename.


3 Find the Organizational Unit you want to edit.

4 Click Rename.
5 Type the new Organizational Unit name.
When you rename an Organizational Unit entry, you can only change the
Organizational Units name; you cannot use the Rename feature to move the
entry from one Organizational Unit to another. For example, suppose you have
Organizational units for Marketing and Engineering
An Organizational Unit called User Research under the Marketing
Organizational Unit
You can rename the entry from User Research to User Validation, but you
cannot rename the entry such that User Research under the Marketing
Organizational Unit becomes User Research under the Engineering

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Deleting Organizational Units

1 Make sure no other entries exist in the directory under the Organizational
Unit that you want to rename.


3 Find the Organizational Unit you want to delete.

4 Click Delete > OK.

103-000133-001
August 29, 2001
Novell Confidential
263
Manual
99a
38

103-000133-001
August 29, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
Controlling Access to Your Server

Using Local Database or LDAP Modes
You can control who accesses the files on your Web site. This appendix
discusses the various methods you can use to determine who has access to
specific files or directories on your Web site. If you want to control who can
configure the Web server itself, see Securing Web Manager on page 33.
The NetWare Enterprise Web server can be secured using either Novell
eDirectoryTM or local database modes. While in eDirectory mode, you manage
access control through NetWare file system trustees.
Controlling Access Using Native eDirectory Mode

Novell eDirectory offers unparalleled directory services and is the best choice
for use with NetWare Web Services. eDirectory is one of the easiest and most
powerful directory services available today and is included with NetWare 6.
eDirectory is the default directory service mode for use by the NetWare
Enterprise Web Server. We recommend that you use eDirectory mode.
For a comparison of eDirectory, local database, and LDAP modes for use with
the Enterprise Web Server, see Chapter 7, Using a Directory Service to
Control User Access to Network Resources, on page 83.
Controlling Access with NetWare Web Access Controls

What Is Access Control?
Access control lets you determine who can access the server. There are two
options for controlling access:
User-Group: Requires users to enter a username and password before
accessing the server. Or the server can use client authentication by
checking an LDAP directory for a security certificate before giving
access to a file or set of files on your Web site.
Host-IP: Requires the user to view your Web site from a specific
computer, where the server recognizes the computer by either its
hostname or its IP address.

103-000133-001
August 29, 2001
Novell Confidential
265
Manual
99a
38
July 17, 2001
User-Group Authentication
You can require users to authenticate themselves before getting access to your
Web site. Authentication means that users verify their identity either by
entering a username and password or by using a client certificate installed in
their Web browser. The first method of requiring the username and password
is the traditional method, which can be done with or without encryption. The
second method of using client certificates is the SSL method, which must be
done with encryption on. Refer to the Novell Documentation Web site (http:/
/www.novell.com/documentation) for more information on encryption.
Username and Password Authentication
If you require users to enter a username and password to get access to your
Web site, you store the list of users and groups in an LDAP database, which
can be either a file stored on the Web server computer or an LDAP server on
a remote computer, for example, Novell Directory Services (NDS) using
LDAP or by using NDS directly.
When users attempt to access a file or directory that has User-Group
authentication, the Web browser displays a dialog box asking the user to enter
a username and password. The server can get this information encrypted or
not, depending on whether encryption is turned on for your server.
After entering the username and password, users either see the requested file
or directory listing, or a message denying them access. This following figure
shows the authentication window.
Figure 9
Authentication Window

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
IMPORTANT: If your server doesn't use SSL encryption, the username and
password that the end user types are sent unencrypted across the network.
Someone could intercept the network packets and read the username and
password being sent to the Web server. For this reason, User-Group authentication
is most effective when combined with SSL encryption, or Host-IP authentication, or
both.
Client Certificate Authentication

You can confirm users identities with security certificates before giving the
users access to your Web site. You can do this in the following two ways:
The server can use the information in the certificate as proof of identity.
The server can verify the certificate itself, provided the certificates are
published in an LDAP directory.
When a request comes in and you have client authentication on, the server
performs these actions in the following order:
When the browser sends the certificate, the server checks if the certificate
is from a trusted certificate authority (CA). If not, the server ends the
transaction.
If the certificate is from a trusted CA, the server maps the certificate to a
users entry using the CERTMAP.CONF file.
If the certificate maps correctly, then the Web server follows the ACL
rule, or command, specified for that user. The rule can deny or allow the
request.
Host-IP Authentication
You can limit access to files and directories on your Web site by making them
available only to people using specific computers. You specify hostnames or
IP addresses for the computers that you want to allow or deny. You can use
wildcard patterns to specify multiple computers or entire networks. If you
want to use Host-IP authentication, you must have DNS running in your
network and your computer must be configured to use it.
Users can access the files and directories immediately without entering a
username or password. If the computer doesnt have access, the user will get
a message denying access. You can also customize this message.
HINT: It is possible for more than one person to have access to a computer. For
this reason, Host-IP authentication is most effective when combined with UserGroup authentication. If both methods of authentication are used, the end user will
have to enter a username and password before getting access.

103-000133-001
August 29, 2001
Novell Confidential
267
Manual
99a
38
July 17, 2001
Access Control Files

When you use access control on your Web server, the settings are stored in a
file with the extension .ACL. Access control files are stored in the directory
server_root/server_typeACL, where server-type is the name of the server.
The main ACL filename is GENERATED-HTTPS-server-id.ACL. The
temporary working file is called GENWORK-HTTPS-server-id.ACL. If you
use the Server Manager forms to restrict access, youll have these two files.
However, if you want more complex restrictions, you can create multiple files
and reference them from the MAGNUS.CONF file. There are also a few
features available only by editing the files. For example, you can restrict
access to the server depending on the time of day or day of the week.
You also manually create and edit .ACL files if you want to customize access
control. For example, you might want to use an Oracle* or Informix* database
of users instead of an LDAP database. To do this type of customizing, you
need to use the access control API to program a hook into the servers access
control structure. This API is written in C. For more information on the API,
see the Netscape DevEdge Online site (http://developer.netscape.com).
How Does Access Control Work?

You can control access to the entire server or to parts of the server (directories,
files, file types). When the server evaluates an incoming request, it determines
access based on a hierarchy of rules called access control entries (ACEs), and
then it uses the matching entries to determine if the request is allowed or
denied. Each ACE specifies whether or not the server should continue to the
next ACE in the hierarchy. The collection of ACEs is called an access control
list (ACL).
When a request comes in to the server, the server looks in OBJ.CONF for a
reference to an ACL, which is then used to determine access. By default, the
server has one ACL file that contains multiple ACLs.
For example, suppose someone requests the following URL:
http://www.novell.com/my_stuff/web/presentation.html
The server would first check access control for the entire server. If the ACL
for the entire server was set to continue, the server checks to see if there is an
ACL for the file type .HTML. Then it checks for an ACL for the directory
MY_STUFF. If one exists, it checks the ACE and then moves on to the next
directory. The server continues traversing the path either until it reaches an

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
ACL that says not to continue or until it reaches the final ACL for the
requested URL (in this case, the file PRESENTATION.HTML).
To set up access control for this example using the Server Manager forms, you
could create an ACL for the file only or for each resource leading to the file,
for example, one for the entire server, one for the MY_STUFF directory, one
for the MY_STUFF/WEB directory, and one for the file.
The following sample ACL file illustrates one way to control access to this
resource.
# File automatically written
## You may edit this file by hand#
version 3.0;
# This ACL allows everyone in the local database or LDAP
directory
acl "agents";
prompt = "<Enterprise or News> Server";
};
deny (all)
user = "anyone";
user = "all";# This ACL denies all access to the
my_stuff directory
acl "path=C:\Novonyx\SuiteSpot\docs\my_stuff";
deny (all)
user = "anyone";# This ACL allows access to anyone in
the user database
acl "path=C:\Novonyx\SuiteSpot\docs\my_stuff\web";
allow (all)
user = "anyone";# This ACL allows access to the file to
anyone in the "my_group" group
acl
"path=C:\Novonyx\SuiteSpot\docs\my_stuff\web\presentation
.html";
allow (all)
user = "anyone";
group = "my_group"# This is the default ACL and denies
access to anyone
acl "default";
deny (all)

103-000133-001
August 29, 2001
Novell Confidential
269
Manual
99a
38
July 17, 2001
Restricting Access
This section takes you through the process of restricting user access to
documents on your Web site. The sections following this one describe in detail
each option available when using access control. Keep in mind that most
access control rules use only a subset of the available options.
There is also a section of examples on restricting different resources. You can
review these examples in Restricting Access to the Entire Server on page
278.
To create an access-control rule:

A form appears on which you select and edit an existing access control
rule or specify a new rule by either choosing the resource you want to
apply to the rule (the file, directory, or wildcard pattern you want to
control) or typing a name to assign to the ACL. There are three sections
to this main form:
Pick a Resource: Allows you to specify a wildcard pattern for files or

directories to restrict access to (such as *.HTML) or to specify a
directory or a filename to restrict.
Pick an Existing ACL: Allows you to select an ACL that you've

created.
Type in the ACL Name: Allows you to create named ACLs. Use this
option only if youre familiar with ACL files and the OBJ.CONF
configuration file. Youll need to manually edit OBJ.CONF if you
want to apply named ACLs to resources.
2 In the section you want to modify, from the Editing field select the part of
your Web site (the resource) that you want to control.

For example, you can select Entire Server to set up access control for your
entire server.
HINT: Refer to Table 17 on page 272 at the end of this procedure for an example
list of resources that are typically given limited access control.
3 Click Edit Access Control.

4 Click New Line.
5 Click Deny to select the action you want to apply to the rule.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The bottom frame displays a form where you can select whether you want
to allow or deny access to the users, groups, or hosts youll specify in the
following steps. Select the option you want > click Update.
6 Click Anyone to specify User-Group authentication listed under the
Users/Groups column.
7 Select the options you want > click Update.
See Specifying Users and Groups on page 273 for more detailed
information about each option.
8 Click Anyplace to specify the computers you want to include in the rule.
9 Select the options you want > click Update.
See Specifying Hostnames and IP Addresses on page 275 for more

information about each option.
10 Click All to specify the access rights you want to include in the rule.
Check the access rights in the bottom frame > click Update.
11 Click X under the Extra column to enter a customized ACL entry if you
are familiar with ACL files.

This area is useful if you use the access control API to customize ACLs.
12 Click Update.
13 Check the appropriate box in the Continue column if you want the access
control rule to continue in a chain.

This means the next line is evaluated before the server determines if the
user is allowed access.
14 Check Access Control Is On.
See When Access Control Is On on page 277 for more information.

15 Check Response When Denied if you want the user to be redirected to
another URL if their request is denied.

16 Select Respond with the Following URL > type the URL in the field.
17 Click Update.
See Responding When Access Is Denied on page 277 for more

information.
18 Repeat steps 8 through 17 for each rule you need.
19 Click Submit to store the new access control rules in the ACL file.

103-000133-001
August 29, 2001
Novell Confidential
271
Manual
99a
38
July 17, 2001
If you click Revert, the server removes any changes you made to the rules
from the time you first opened the two-frame window
WARNING: Be cautious when using Revert because you cannot restore your
edits. In most cases, it is probably better to delete the rule lines individually.

Table 17
Example List of Resources That Are Typically Given Limited Access Control
Resource Wildcard
What It Means
default
A named ACL created during

installation that restricts write access,
so only users in the local database or
LDAP directory can publish
documents, for example, by using the
Web Publisher.
Entire Server
One set of rules determines the

access to your entire Web site,
including any virtual servers you have
running. To restrict access to a virtual
server, specify the path of its
document root.
*.html
Controls access to all files with an

.HTML extension.
*.cgi
Controls access to all files with a

.CGI extension.
usr/ns-home/cgi-bin/*
Controls access to all files and

directories in the CGI-BIN directory.
Note that the path is absolute. On NT,
the path must include the drive letter.
agents
A named ACL that restricts access to

all agents. The Web server contains
this ACL by default.
uri=/sales
Controls access to the SALES

directory in the document root. To
specify URIs, create a named ACL.
The following sections describe the options that appear in the bottom frame of
the access control window.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Setting Access Control Actions

You can specify the action the server takes when a request matches the access
control rule.
Allow: The users or computers can access the requested resource.
Deny: The users or computers cannot access the requested resource.
The server goes through the list of ACEs to determine the access. For
example, the first ACE is usually to deny everyone. If the first ACE is set to
continue, the server checks the second ACE in the list. (If Continue is not
checked, everyone would be denied access to the resource.) If the second entry
matches, then the next ACE is used. The server continues down the list until
it reaches either an ACE that doesnt match or that matches, but is set to not
continue. The last ACE that matches is used to determine if access is allowed
or denied. For example, any user in the database can view a file (read access),
but they must be in the Pubs group if they want to publish a file to the server.
Specifying Users and Groups

You can restrict access to your Web site based on the user who requests a
resource. With user and group authentication, users are prompted to enter a
username and password before they can access the resource specified in the
access control rule.
The Web server uses a list of users, who might be sorted into groups, to
determine access rights for the user requesting a resource. The list of users
(and the groups they are included in) are stored either in a database on the Web
server computer or in an LDAP server, such as the Netscape Directory Server.
You should make sure the database has users and groups in it before you set
access control.
You can allow or deny access to everyone in the database, or you can allow or
deny specific people by using wildcard patterns or lists of users or groups.
To configure access control with users and groups, follow the general
directions for restricting access. When you click the Users/Groups column, a
form appears in the bottom frame. The following list describes the options in
the form:
Anyone (No Authentication): Anyone can access the resource without
having to enter a username or password. However, the user might be
denied access based on other settings, such as hostname or IP address.

103-000133-001
August 29, 2001
Novell Confidential
273
Manual
99a
38
July 17, 2001
Authenticated People Only: All users requesting the resource will have to
type a username and password before getting access.
If the username they enter isnt in the database, the access control rule
wont apply to them. However, if the rule says Deny and then a group is
listed, that group is denied, but everyone else in the database could be
allowed depending on if there is another ACL that matches their request.
All in the Authentication Database: Matches any user who has an entry in
the database. To use this option, you must also select Authenticated
People Only.
Only the Following People: Allows you to specify certain users and
groups to match.
User: Matches the individual users you specify.
Group: Matches all users in the groups you specify.
You can list the users and groups of users individually by separating the
entries with commas. Or you can enter a wildcard pattern. To use this
option, you must also select Authenticated People Only.
Prompt for Authentication: Allows you to specify message text that
appears in the authentication window. You can use this text to describe
what the user needs to enter. Depending on the operating system, the user
will see about the first 40 characters of the prompt. Netscape Navigator
and Netscape Communicator cache the username and password and
associate them with the prompt text. This means that if the user accesses
areas (files and directories) of the server that have the same prompt, the
user won't have to retype usernames and passwords. Conversely, if you
want to force users to reauthenticate for various areas, you simply need to
change the prompt for the ACL on that resource.
Authentication Methods: Specifies the method the server uses when
getting authentication information from the client.
Default: Uses the default method you specify in the OBJ.CONF file,
or Basic if there is no setting in OBJ.CONF. If you select Default in
this form, the ACL rule doesn't specify a method in the ACL file.
Default is the best choice because you can easily change the methods
for all ACLs by editing one line in the OBJ.CONF file.
Basic: Uses the HTTP method to get authentication information from
the client. The username and password are only encrypted if
encryption is turned on for the server.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
SSL: Uses the client certificate to authenticate the user. If you use
this method, SSL must be turned on for the server. If you have
encryption on, you can combine basic and SSL methods.
Other: Uses a custom method you create using the access control
API.
Authentication Database: Allows you to select a database that the server
uses to authenticate users. The default setting means the server looks for
users and groups in either the local database or an LDAP directory,
depending on the setting specified in the Administration Server.
However, you can configure individual ACLs to use different databases.
You can specify different databases and LDAP directories in the file
server_root/USERDB/DBSWITCH.CONF and then choose the database
you want to use in the ACL by selecting it in the drop-down list. If you
use the access control API to use a custom database (for example, to use
an Oracle or Informix database), you can type the name of the database in
the Other field in the Users & Groups form.
Specifying Hostnames and IP Addresses

You can restrict access to your Web site based on which computer the request
comes from. You specify this restriction by using wildcard patterns that match
the computers hostnames or IP addresses.
To specify users from hostnames or IP addresses, follow the general directions
for restricting access. Restricting by hostname is more flexible than by IP
address; if a users IP address changes, you wont have to update this list.
Restricting by IP address, however, is more reliable; if a DNS lookup fails for
a connected client, hostname restriction cannot be used.
The hostname and IP addresses should be specified with a wildcard pattern or
a comma-separated list. The wildcard notations you can use are specialized;
you can only use an asterisk (*). Also for the IP address, the asterisk must
replace an entire byte in the address. For example, 198.95.251.* is
acceptable, but 198.95.251.3* is not. When the asterisk appears within an
IP address, it must be the right-most character. For example, 198.* is
acceptable, but 198.*.251.30 is not.
For hostnames, the asterisk must also replace an entire component of the
name. For example, *.novell.com is acceptable, but
*sers.novell.com is not. When the asterisk appears in a hostname, it
must be the left-most character. For example, *.novell.com is acceptable,
but users.*.com is not.

103-000133-001
August 29, 2001
Novell Confidential
275
Manual
99a
38
July 17, 2001
Setting Access Rights

You can set access rights to files and directories on your Web site. In addition
to allowing or denying all access rights, you can specify a rule that allows or
denies partial access rights. For example, you can give people read-only
access rights to your files, so they can view the information, but not change
the files. This is particularly useful when you use the Web publishing feature
to publish documents.
When you create an access control rule, the default access rights are set to all
access rights. To change access rights, click the appropriate link in the Rights
column in the top frame, then check or uncheck the access rights you want to
set for a particular rule. The following list describes each access right you can
check.
Read Access: Lets a user view a file. This access right includes the HTTP
methods GET, HEAD, POST, and INDEX.
Write Access: Lets a user change or delete a file. This access right
includes the HTTP methods PUT, DELETE, MKDIR, RMDIR, and
MOVE.
Execute Access: Applies to server-side applications, such as CGI
programs, Java applets, and agents.
Delete Access: Lets users delete a file or directory.
List Access: Lets a user get directory information. That is, they can get a
list of the files in that directory. This applies to Web Publisher and to
directories that don't contain an INDEX.HTML file.
Info Access: Lets a user get headers (HTTP_HEAD method). This is
mainly used by the Web Publisher.
Writing Customized Expressions

You can enter custom expressions for an ACL. You can use this feature if you
are familiar with the syntax and structure of ACL files. There are a few
features available only by editing the ACL file or creating custom expressions.
For example, you can restrict access to your server depending on the time of
day, day of the week, or both.
The following customized expression shows how you could restrict access by
time of day and day of the week. This example assumes you have two groups
in your LDAP directory: the Regular group gets access Monday through
Friday, 8:00 a.m. to 5:00 p.m. The Critical group gets access all the time.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
allow (read)
{
(group=regular and dayofweek=mon,tue,wed,thu,fri);
(group=regular and (timeofday>=0800 and timeofday<=1700));
(group=critical)
}
For more information on valid syntax and ACL files, see the Help.
When Access Control Is On

You can turn off access control for any part of the server that a user accesses.
For example, you could create an ACL that restricts access to the resource
.HTML. You could then have an ACL for the entire server that is turned off.
In this case, the only time access-control is used is when a user requests any
file or directory in the *.HTML extension.
When you uncheck the option, youll get a prompt asking if you want to erase
records in the ACL. When you click OK, the server deletes the ACL entry for
that resource from the ACL file.
If you want to deactivate an ACL, you can comment out the ACL lines in the
file GENERATED-HTTPS-SERVER-ID.ACL by putting pound signs (#) at
the beginning of each line.
Responding When Access Is Denied

You can choose the response a user sees when denied access. You can vary the
message for each access control object. By default, the user is sent a message
that says the file wasnt found. The HTTP error code "404 Not Found" is also
sent.
To change what message is sent for a particular ACL:
1 In the ACL form, click Response When Denied.
2 In the lower frame, select Respond with the Following URL.
3 In the text field, type a URL or URI to a text or HTML file in your servers
document root that you want to send to users when they are denied access.
Make sure the file doesnt contain references to other files, such as style
sheets or images, because they wont be sent.
4 Click Update.

103-000133-001
August 29, 2001
Novell Confidential
277
Manual
99a
38
July 17, 2001
IMPORTANT: Make sure any users who get the response file have access to that
file. If you have access control on the response file and the user is denied access
to both the original resource and the response file, the server will send the default
denied response.
5 Click Submit in the top frame.
Examples of Restricting Access

This section describes some common examples for restricting access to a Web
server and its contents. Some of these examples assume you set up the default
ACL to deny anyone access to the server. You can also add a deny all line
as the first rule to each of these examples, as done in the example for the entire
server.
Restricting Access to the Entire Server

This example allows access to users in a group called Employees, who access
the server from computers in a sub-domain. There are no access control rules
for other resources on the server. You might use this example if you have a
server for a department and you only want users to access the server from
computers in a specific subdomain of your network.

2 In the section called Pick a Resource, select the entire server from the

The resource must be selected.
4 Click New Line.
5 Click New Line again to create a second rule.
6 Click Deny in the second rule.
7 In the bottom form that appears, select Allow > click Update.
8 Click Anyone in the second rule.
9 In the bottom form, type the group that you want to have access to the
server.
For this example, type Employees in the Group field.
HINT: Note that the two options, Authenticated People Only and Only the
Following People, are checked automatically.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
10 Click Update.
11 Click Anyplace in the second rule.
12 In the bottom form, type a wildcard pattern for the hostnames of the
computers you want to allow.

For example, type *.emp.mozilla.com in the Host Names field.
13 Click Update.
14 Uncheck the Continue box in the second rule of the top frame > click
Submit.
Be sure to restart the server for the changes to take effect. The following text
is the ACL file for this example:
# File automatically written## You may edit this file by
hand#version 3.0;acl "default";deny (all)
user =
"anyone";allow absolute (all)
user = "employees" and
dns = "*.emp.mozilla.com";
Restricting Access to a Directory (Path)

This example lets users in a group called Executives have read access to a
directory and its subdirectories and files on the server. The user called CEO
has full permissions to the directory.
You might use this example if you have a directory on your server that one
person owns (he or she publishes to this directory) and you want one group of
users to read the files. For example, you might have a project owner who
publishes status information for the project team to review.

2 In the section called Pick a Resource, click Browse.
3 In the form that appears, click the link for the directory you want to
restrict.
HINT: If you want to view all files in your server root, click Options on the Choose
a Part of Your Server form > check the List Files As Well As Directories checkbox
> click OK.

5 Click New Line twice to create two rules.

103-000133-001
August 29, 2001
Novell Confidential
279
Manual
99a
38
July 17, 2001
IMPORTANT: Dont edit the default values for the first rule. These values deny all
access to the directory. Youll edit the second rule to allow read access to the
Executives group.
6 Click Deny in the second rule.

8 Click Anyone in the second rule.
9 In the bottom form, type the group you want to have access to the server.
For this example, type Executives in the Group field.

10 Click Update.
11 Click All in the top frame.
12 Uncheck the Write and Delete access rights.
13 Click Update.
14 Click New Line to create a rule for the CEO user.
15 Select Allow.
16 Click Anyone in the third rule.
17 In the bottom form, type CEO in the User field > click Update.
18 Uncheck Continue for both the second and the third rules.
This means that the server ignores any ACLs for directories or files under
the directory you specified above.
19 Click Submit > Save and Apply.
The entry in the GENERATED.HTTPS-serverid.ACL file for this example

looks like this:
acl "path=d:/novonyx/suitespot/docs/senior-staff/";
deny (all)
user = "anyone";
allow absolute (read,execute,list,info)
group = "executives";
user = "ceo";

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Restricting Access to a URI (Path)

This example uses a URI to control access to a single users content on the
Web server. URIs are paths and files relative to the servers document root
directory. Using URIs is an easy way to manage your servers content if you
frequently rename or move all or part of it, for example, for disk space. Its
also a good way to handle access control if you have additional document
roots.
This example gives anyone read access to files and directories in the path
specified by the URI /MY_DIRECTORY. Only one user (yourself in this
example) has full access to the directories and files.
You might use this example if you have several users who publish their
content on your server. The users want to have write access to their content,
and they want anyone to have read/execute access.

2 In the section called Type In the ACL Name, type the URI you want to
control.
For example, type URI=/my_directory. Click Edit Access Control.
The two-frame forms appear.
3 Click New Line to create the first rule that allows all users read access.
4 Click Deny.
6 Click All.
7 Uncheck the Write and Delete access rights.
This means users cant add or remove files, but they can view them and
run any applications in the directories.
8 Click Update.
9 Click New Line to create a rule for the owner of the directory > select
Allow for the second rule.

10 Click Anyone.
11 In the bottom form, type ME in the User field > click Update.
12 Uncheck Continue for both the first and second rules.

103-000133-001
August 29, 2001
Novell Confidential
281
Manual
99a
38
July 17, 2001
This means that the server ignores any ACLs for other URIs, directories,
or files under the URI you specified above.
13 Click Submit > Save and Apply.

looks like this:
acl "uri=/my_directory";
allow absolute (read,execute,list,info)
user = "anyone";
user = "me";
Restricting Access to a File Type

This example controls write and delete access to all files with the extension
.CGI. You might use this example if you only want specific users to create
programs that run on your server. In this example, anyone can run the
programs, but only users in the Programmers group can create or delete them.

2 In the section called Pick a Resource, click Wildcard.
3 In the prompt that appears, type *.CGI > click OK.
This wildcard pattern matches any request that contains a file or directory
with the .CGI extension.
5 Click New Line to create the first rule that will allow all users read access.
6 Click Deny.
8 Click All > uncheck the Write and Delete access rights.
This means users cant add or remove files or directories with the .CGI
extension.
9 Click Update.
10 Click New Line to create a rule that allows write and delete access to the
Programmers group.
11 Select Allow for the second rule.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
12 Click Anyone.
13 In the bottom form, type Programmers in the Group field.
14 Click Update > Submit > Save and Apply.
In this example, both Continue boxes are checked. This means that if a file is
requested, the server will first look at the ACL for the file type, and then it will
continue to look for another ACL that matches, for example, an ACL on the
URI or the path. The server checks ACLs in the following order:
1. Pathcheck Functions in OBJ.CONF: For example, these could be
wildcard patterns for files or directories. The entry in the ACL file would
appear as follows: acl "*.cgi";
2. URIs: For example, a path relative to the document root. The entry in the
ACL file would appear as follows: acl ""uri=/my_directory";
3. Pathnames: For example, an absolute path to a file or directory. The entry
in the ACL file would appear as follows: acl
"path=d:\novonyx\suitespot\docroot1\sales/";
looks like this:
acl "*.cgi";
allow (read,execute,list,info)
user = "anyone";
allow (all)
group = "programmers";
Restricting Access Based on Time of Day

This example restricts write and delete access to the server during working
hours. You might use this example if you dont want people publishing
documents at times when people might be accessing the files. This example
allows users to publish during the evening hours of the week (between 6:00
p.m. and 6:00a.m., Monday through Friday) and all times during the weekend.

2 In the section called Pick a Resource, select the entire server from the
Editing drop-down list > click Edit Access Control.

3 Click New Line.
4 Click Deny.

103-000133-001
August 29, 2001
Novell Confidential
283
Manual
99a
38
July 17, 2001
6 Click All > uncheck the Write and Delete access rights.
This means that if a user wants to add, update, or delete a file or directory,
this rule wont apply and the server will search for another rule that
matches.
7 Click Update.
8 Click New Line to create a rule that restricts the write and delete methods.
9 Select Allow for the second rule.
10 Click the X link to create a customized expression.
11 In the bottom field, edit the existing lines to include the following:
user = "anyone" anddayofweek = "sat,sun" or(timeofday >=
1800 andtimeofday <= 600)
12 You might want to select the entire text element and copy it to memory;
if there are errors, youll have to re-enter the text.

13 Click Update.
The top form will display unrecognized expressions in the Users/Groups

and From Host columns, because you created a custom expression.
14 Click Submit.
If you made any errors in the custom expression, youll get a JavaScript
alert. Correct any changes > click Submit again.
16 Restart your server for the changes to take effect.

103-000133-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Port Number Assignments

Port numbers enable IP packets to be sent to a particular process on a computer
that is connected to the Internet. Some port numbers are permanently
assigned; for example, e-mail data under SMTP goes to port number 25. A
process such as a Telnet session receives a temporary port number when it
starts. The data for that Telnet session goes to newly assigned port number,
and the port number goes out of use when the telnet session ends.
A total of 65,535 port numbers are available for use.
Some port numbers in NetWare 6 can be reasssigned from one net service to
another. Others cannot be reassigned. When adding or removing products or
services from your NetWare 6 installation, or when making new port number
assignments, refer to the following table, which indicates default port
assignments and notes which ports can be reassigned and which cannot.
The symbols used in the table indicate the following:
= The port is configurable
= The port is not configurable
= Dependent on a subsystem
= Availability and dependency cannot be determined
Table 18
Port Assignments and Availability Status, Listed by Product

Product or Service
Apache
Assigned Ports and Availability Status
80
443
Apple* Filing Protocol (AFP)
548
Port Number Assignments 285

103-000133-001
August 29, 2001
Novell Confidential
Manual
Product or Service
BorderManagerTM
99a
38
21
119
443
1040
1045
1959
7070
8080
9090
Common Internet File System (CIFS)
139
CsAudit
2000
DirXMLTM NDS-to-NDS
8090
DirXML Remote Loader
8000
Domain Name Service (DNS)
53
eGuide
389
636
File Transfer Protocol (FTP)
20
21
GroupWise Monitor
July 17, 2001
1099

103-000133-001
August 29, 2001
Novell Confidential
Manual
Product or Service
GroupWise Internet Agent (GWIA)
99a
38
July 17, 2001
25
110
143
389
636
9850
GroupWise Web Access
80
443
7205
iFolderTM
80
389
443
636
iMonitor
80
iPrint
443
631
Lightweight Directory Access Protocol

(LDAP)
389
636
Line Printer Requester (LPR)
515
Media Server
554
Message Transfer Agent (MTA)
3800
7100
7180

103-000133-001
August 29, 2001
Novell Confidential
Manual
Product or Service
99a
38
NetWare Core ProtocolTM (NCPTM)
524
80
443
NetWare File System
20
111
2049
NetWare Graphical User Interface
July 17, 2001
9000
9001
NetWare/IP (NWIP)
396
NetWare Remote Manager (NRM)
80
81
8008
8009
NetWare Web Access
80
Network Time Protocol (NTP)
123
NLSLRUP.NLM
21571
21572

103-000133-001
August 29, 2001
Novell Confidential
Manual
Product or Service
Novell Internet Messaging System

(NIMSTM)
99a
38
July 17, 2001
80
81
110
143
389
443
444
636
Novell Modular Authentication

Services (NMASTM)
1242
Portal Services
80
443
8080
Post Office Agent (POA)
1677
2800
7101
7181
Radius
1812
Remote ConsoleTM DOS
2034
Remote Console Java
2034
2036
2037
Server Compatibility Mode Driver

(SCMD)
2302

103-000133-001
August 29, 2001
Novell Confidential
Manual
Product or Service
99a
38
Service Locator Protocol (SLP)
427
Simple Network Management Protocol

(SNMP)
161
Telnet
23
Tomcat
8080
Virtual Private Network (VPN)
213
353
2010
Web Manager
2200
ZenworksTM for Desktops 3
2544
2638
8039
Zenworks for Servers 2
July 17, 2001
80
443
1229
2037
2544
8008
8009

103-000133-001
August 29, 2001
Novell Confidential
NetWare WebAccess Overview and Installation
Novell
NetWare 6
www.novell.com
N E T WA R E W E B A C C E S S
O V E RV I E W A N D I N S TA L L AT I O N
August 30, 2001

Novell Confidential
Manual
99a
June 14, 2001
37
Contents
Contents
Overview
Installation and Configuration

Installing NetWare WebAccess . . . . . . . . . . . . . . . . . . . .
System Requirements . . . . . . . . . . . . . . . . . . . . . . .
Installing NetWare WebAccess during the NetWare 6 Installation .
Installing NetWare WebAccess After the NetWare 6 Installation. .
NetWare WebAccess Gadgets. . . . . . . . . . . . . . . . . . . . .
NetWare Web Access Gadget Descriptions . . . . . . . . . . . .
Configuring Gadgets . . . . . . . . . . . . . . . . . . . . . . . .
Additional Gadget Configuration . . . . . . . . . . . . . . . . . .
Starting and Using NetWare WebAccess . . . . . . . . . . . . .
9
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Contents

103-000142-001
August 30, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
. 9
10
10
11
12
12
13
14
18
Manual
99a
37

103-000142-001
August 30, 2001
Novell Confidential
June 14, 2001
Manual
99a
38
July 17, 2001
Overview
NetWare WebAccess is a feature of NetWare 6 that allows network
administrators to easily and quickly set up Web access to network resources
for their users with the skills they already have. Most network administrators
do not need additional training to set up and configure NetWare WebAccess
NetWare WebAccess is a Java* servlet or Java application that is based on
Novell Portal Services technology. NetWare WebAccess allows network
users to access their most important resources from any computer without the
need for a NetWare or VPN client when used with Novell iChain.
NetWare WebAccess includes the following:
Gives users access to commonly used network resources from a single
Web site
Allows administrators to support mobile work forces that need network
access from a multitude of devices
Works right out of the box without any complicated Web development
required
Eliminates the need for NetWare or VPN client software
Provides several gadgets for accessing critical network resources,
including:
NetStorage (File Access)
Novell iPrint
E-mail and calendaring (GroupWise, Exchange, Lotus* Notes*,
NIMS, POP3, and IMAP)
Address book that allows users to easily get phone numbers and other
information that is stored in Novell eDirectoryTM.
Gadget for changing passwords
Overview

103-000142-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Provides a customizable WebAccess page so companies can add their

own logo to the NetWare WebAccess site
Is fully cluster enabled, which means that NetWare WebAccess is built to
work with Novell Cluster ServicesTM and can be running and available 24
hours per day 7 days per week.
Gadgets are easily and centrally managed using the Java-based
ConsoleOneTM utility.

103-000142-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

This chapter describes how to install NetWare WebAccess during or after the
NetWare 6 installation, how to configure NetWare WebAccess gadgets, and
how to start and use NetWare WebAccess.
Installing NetWare WebAccess

NetWare WebAccess can be installed as an optional component during the
NetWare 6 installation or it can be installed after the NetWare 6 installation. It
is not generally necessary to install NetWareWebAccess on every NetWare 6
server on your network. For most networks, you need NetWare WebAccess
installed on only one server in each eDirectoryTM tree. This might vary
depending on the size of your organization and your organizations needs.
The NetWare WebAccess installation process automatically does the
following:
Creates a NetWare WebAccess container object in eDirectory in the
context you specify
Installs the software necessary to configure and run NetWare WebAccess
Installs preconfigured gadgets and creates eDirectory objects for those
gadgets in the NetWare WebAccess container
You are given the option during the installation to select which gadgets
you want to enable, and to specify the URL to each gadget.

103-000142-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
System Requirements
If you have met the requirements for NetWare 6 and have NetWare 6 installed,
you have met almost all of the system requirements for NetWare WebAccess.
The following list specifies the system requirements for installing and running
NetWare WebAccess:
At least one NetWare 6 Server in the NDS tree where NetWare
WebAccess will be installed
A Netscape* Navigator* 4.7 or later or Internet Explorer 5.0 or later
browser
Installing NetWare WebAccess during the NetWare 6 Installation

Complete the following steps to install NetWare WebAccess during the
NetWare 6 installation:
1 Start the NetWare 6 installation and continue through the install until you
get to the screen requiring you to choose either the Express or the Custom
installation.
2 Select the Custom installation option.
You are given the option of installing a new server or upgrading an

existing server. NetWare WebAccess can be installed using either of these
options.
You must select the Custom installation option to install NetWare
WebAccess during the NetWare 6 installation. You cannot install
NetWare WebAccess during an Express installation.
Continue through the installation until you get to the screen that lists the
components that can be installed with NetWare 6.
3 Check the NetWare WebAccess component check box along with the
other components you want installed with NetWare 6, and then click
Next.
Continue to the NetWare WebAccess Setup screen.
4 Specify the eDirectory context where you want the NetWare WebAccess
object created, and then click Next.

You can also browse and select the context.
10

103-000142-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
5 Choose which gadgets you want to configure now and which gadgets you
want to configure later by checking or unchecking the check boxes next

to each gadget type. Then click Next and continue through the rest of the
All NetWare WebAccess gadgets are installed automatically when you
install NetWare WebAccess. This screen lets you choose whether to
enable and configure those gadgets now or later. The default is to enable
and configure gadgets later, because during a new server installation the
applications accessed by the gadgets might not have been installed yet. If
you choose to set up gadgets now, you must specify the location (URL)
where you want the gadgets to link to for each application.
If you choose to enable and configure the Mail gadget now, you will need
to specify your e-mail type. You can choose between GroupWise, POP/
IMAP, Exchange, Notes, or NIMS.
If you choose to enable and configure your gadgets later, go to
Configuring Gadgets on page 13 after the NetWare 6 installation is
complete.
Installing NetWare WebAccess After the NetWare 6 Installation

If you did not install NetWare WebAccess during the NetWare 6 installation,
you can still install it afterwards by completing the following steps:
1 Insert the NetWare 6 product CD into your NetWare 6 server.
You might need to load CDROM.NLM on the server to access the

NetWare 6 Product CD.
2 From the Novell menu on the NetWare 6 console GUI, select Install.
3 Click Add and browse to the root of the NetWare 6 product CD.
4 Select the PRODUCT.NI file and click OK.
5 Check the NetWare WebAccess component check box and uncheck all
other components or products unless you specifically want to install

them.
6 Continue with Step 4 and Step 5 on page 11 to complete the NetWare
WebAccess installation.

103-000142-001
August 30, 2001
Novell Confidential
11
Manual
99a
38
July 17, 2001
NetWare WebAccess Gadgets

A gadget represents a window or a link to specific content from the NetWare
WebAccess page. Clicking on a gadget on the NetWare WebAccess page links
you to a preconfigured Web page for the application or service represented by
the gadget.
For example, NetWare WebAccess provides a gadget for Novell NetStorage.
Clicking the NetStorage gadget will connect you to the NetStorage service.
gives users secure file access from any Internet location, with nothing to
download or install on the user's workstation.
NetWare WebAccess gadgets also provide the means for single sign-on to
applications or services. This means that once users authenticate to eDirectory
and launch NetWare WebAccess, they dont need to provide their username
every time they want to gain access to many of the applications or services
accessed through NetWare WebAccess.
NetWare Web Access Gadget Descriptions

The following preconfigured gadgets are included with NetWare WebAccess.
Table 1
NetWare WebAccess Gadget Descriptions
Gadget Name
Description
NetStorage
Provides access to the Novell NetStorage service. NetStorage provides

simple Internet-based access to file storage on a Novell network.
Exchange
Provides access to Microsoft* Exchange calendar and messaging functions.
GroupWise WebAccess
Provides access to Novell GroupWise calendar and messaging functions.
NIMS
Provides access to the Novell Internet Messaging Service.
Notes
Provides access to Lotus Notes calendar and messaging functions.
Web Mail
Provides access to POP or IMAP compliant mail systems.
Address Book
Provides a simplified screen to access phone numbers and other user

information from eDirectory.
Printing
Provides access to Internet printing (Novell iPrint).
Change Password
Links to a page where users can change their passwords.
12

103-000142-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Configuring Gadgets
NetWare WebAccess allows only minor configuration changes to the included
gadgets. The only gadget configuration changes supported in NetWare
WebAccess include editing the URL to the service or application and adding
or removing gadgets from the main NetWare WebAccess Web page. If you
want additional gadgets or the ability to create or customize gadgets, you must
purchase Novell Portal Services.
Gadgets are represented in eDirectory as Gadget objects and are created
during the NetWare WebAccess installation. ConsoleOneTM is required to
make changes to gadget configuration.
1 In ConsoleOne, browse and select the NetWare WebAccess object.
2 On the right side of the ConsoleOne window, right-click the
WebAccess_portalgroup object and then click Properties.

A Property page appears displaying the current configuration settings for
each of the NetWare WebAccess gadgets.
3 Click Configure > Next.
A wizard appears that will take you through the process for configuring
NetWare WebAccess gadgets.
You can also click the Clear Configuration button to clear the current
configuration settings for each gadget.
4 Check or uncheck the check box for each gadget to enable or disable each
NetWare WebAccess service.

If a check box is not checked, that gadget will not appear on the main
NetWare WebAccess page and users will not have access to that service
through NetWare WebAccess.
5 Continue through the wizard to provide the URL and other necessary
configuration information for each service you selected in Step 4.

See Additional Gadget Configuration on page 14 for more specific
information on gadget URLs and other required configuration
information for each gadget.
The Address Book and Change Password gadgets do not require URLs or
any additional configuration.
6 Review the information on the Summary screen and click Finish to save
the gadget configuration changes.

You can also click the Back button to go back through the wizard and
change configuration settings for each gadget.

103-000142-001
August 30, 2001
Novell Confidential
13
Manual
99a
38
July 17, 2001
7 Stop the Tomcat servlet engine by typing tomcat33 -stop at the
NetWare 6 server console and restart it by typing tomcat33.

For gadget configuration changes to take effect, it is necessary to stop and
restart the Tomcat servlet engine on the NetWare 6 server where NetWare
WebAccess is running.
Stopping and restarting the Tomcat servlet engine might disrupt any Web
services using the Tomcat servlet engine on this server.
Additional Gadget Configuration

For NetWare WebAccess gadgets to function properly, they must be
configured correctly. For most of the NetWare WebAccess gadgets, this
configuration includes providing the correct URL and, for a few of the
gadgets, some additional configuration.
Home Page Gadget Configuration
Provide the URL to the home page that will be displayed when users log in to
and access NetWare WebAccess. This page will be displayed along with the
gadgets when you link to the NetWare WebAccess URL. You can create your
own custom page with a company logo or you can use the home page that
comes with NetWare WebAccess. The default home page for NetWare
WebAccess is HOME.HTM and is found in
SYS:WEBAPPS\WEBACCESS\HTML.
Novell iPrint Gadget Configuration
Provide the URL to the Novell iPrint access page. This could be the IP address
or the DNS name for the server and the path to the IPP.HTM file.
You must have NDPS and Novell iPrint installed and configured before
configuring this gadget. For information on Novell iPrint, go to the iPrint
14

103-000142-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NetStorage Gadget Configuration
Provide the URL to access Novell NetStorage. This URL is either the IP
address or DNS name of the server where NetStorage is installed or the IP
address you chose for the Apache-based services during the NetWare 6
installation. If you specified a port number other than port 80 for Apachebased services during the NetWare 6 installation, you must also specify that
port number.
For example, if the IP address of the NetStorage server is 127.0.0.1 and the
port number is 51080, then you would add 127.0.0.1:51080 to the field.
The NetStorage path is oneNet/NetStorage. The path cannot be changed, and
is automatically added to the NetStorage URL by NetWare WebAccess.
There are two possible options for the Default Username field. You can enter
%cn% or leave the field blank.
The %cn% option will cause NetWare Web Access to get the users eDirectory
username and automatically add it to the username field on the NetStorage
login screen. The user will then not be required to enter a username, but will
still be required to enter a password.
If you leave the field blank, the user will be required to enter both a username
and a password.
You must have NetStorage installed and configured before configuring this
gadget. For more information on NetStorage, go to NetStorage Overview and
Installation.
GroupWise WebAcess Gadget Configuration
Provide the URL to GroupWise WebAccess. The URL will be similar to http:/
/IP_address or DNS_name/servlet/webacc. Susbstitute the IP address or DNS
name of the Web server running GroupWise WebAccess.
The %cn% option is useful if the users GroupWise username is the same as
the eDirectory username. %cn% will cause NetWare WebAccess to get the
users eDirectory username and automatically add it to the username field in
GroupWise WebAccess. The user will then not be required to enter a
GroupWise username, but will still be required to enter a password.

103-000142-001
August 30, 2001
Novell Confidential
15
Manual
99a
38
July 17, 2001
and a password. You should use this option if the users GroupWise username
and eDirectory username do not match.
Some additional configuration is required for NetWare WebAccess to function
properly with GroupWise WebAccess. After both NetWare WebAccess and
GroupWise WebAccess are installed on your network, do the following:
1 Copy all NetWare WebAccess templates (.HTT files) from the
SYS:WEBAPPS\WEBACCESS\TEMPLATES folder on the server

where you installed NetWare WebAccess to the directory where the
templates are installed on the server running GroupWise WebAccess.
If Tomcat is the application server used for GroupWise WebAccess, the
path where you need to copy the files to is
SYS:TOMCAT\33\WEBAPPS\ROOT\WEBINF\CLASSES\COM\NOVELL\WEBACCESS\TEMPLATES\TEMPL
ATES\FRAMES.
2 On the server running GroupWise WebAccess, edit the WEBACC.CFG
file and replace the line that reads

Security.UseClientIP.enable=true
with
Security.UseClientIP.enable=false.
The WEBACC.CFG file is normally found in the
SYS:NOVELL\WEBACCESS directory.
For more information on installing and configuring GroupWise WebAccess,
go to the Novell documentation Web site (http://www.novell.com/
documentation).
NIMS Gadget Configuration
Provide the URL to the NIMS server. The URL was created when you
installed and configured NIMS.
The %cn% option is useful if the users NIMS username is the same as the
eDirectory username. %cn% will cause NetWare WebAccess to get the users
eDirectory username and automatically add it to the username field in NIMS.
The user will then not be required to enter a NIMS username, but will still be
required to enter a password.
16

103-000142-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
and a password. You should use this option if the users NIMS username and
eDirectory username do not match.
For more information on installing and configuring NIMS, go to Novells
documentation Web site (http://www.novell.com/documentation).
Web-based E-mail Gadget Configuration
Provide the DNS name or IP address you assigned either the IMAP or POP3
server when you set it up. You also need to provide the DNS name or IP
address of your SMTP server and specify whether your Web-based e-mail
system is configured to use the IMAP or POP3 protocol.
The %cn% option is useful if the users Web-based e-mail username is the
same as the eDirectory username. %cn% will cause NetWare WebAccess to
get the users eDirectory username and automatically add it to the username
field on the e-mail login screen. The user will then not be required to enter an
e-mail username, but will still be required to enter a password.
and a password. You should use this option if the users e-mail username and
For more information on installing and configuring Web-based e-mail, see
your e-mail system documentation.
Lotus Notes Gadget Configuration
Provide the URL for accessing your Notes server. You also need to specify the
protocol that will be used for Notes access (HTTPS provides secure access to
Notes, HTTP does not) and the Notes authentication type (Basic or Form).
The %cn% option is useful if the users Notes username is the same as the
eDirectory username and automatically add it to the username field in Notes.
The user will then not be required to enter a Notes username, but will still be
required to enter a password.

103-000142-001
August 30, 2001
Novell Confidential
17
Manual
99a
38
July 17, 2001
and a password. You should use this option if the users Notes username and
For more information on installing and configuring Notes, see your Notes
documentation.
Microsoft Exchange Gadget Configuration
Provide the URL for accessing your Exchange server.

The %cn% option is useful if the users Exchange username is the same as the
eDirectory username and automatically add it to the username field in
Exchange. The user will then not be required to enter an Exchange username,
but will still be required to enter a password.
and a password. You should use this option if the users Exchange username
and eDirectory username do not match.
For more information on installing and configuring Exchange, see your
Exchange documentation.
Starting and Using NetWare WebAccess

Once you install NetWare WebAccess, it will start automatically when you
start your NetWare 6 server. If NetWare WebAccess is not accessible or not
running, restart the NetWare 6 server where NetWare WebAccess is installed.
1 Start your browser and enter the URL to NetWare WebAccess.
The URL will be http://server_ip_address/webaccess/. Replace

server_ip_address with the IP address of the NetWare 6 server where you
installed NetWare WebAccess or the IP address you chose for the
Apache-based services during the NetWare 6 installation.
If you specified a port number other than port 80 for Apache-based
services during the NetWare 6 installation, you must also specify that port
number with the URL.
18

103-000142-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
For example, if the IP address for NetWare WebAccess is 127.1.1.1 and

the port number is 51080, then you would specify
127.1.1.1:51080/webaccess/.
2 Enter your username and password.
NetWare WebAccess uses your eDirectory username and password, so

you dont need to remember or use a separate username or password.
3 Click on any of the gadgets to access the service or application
represented by that gadget.

103-000142-001
August 30, 2001
Novell Confidential
19
Manual
20
99a
38

103-000142-001
August 30, 2001
Novell Confidential
July 17, 2001
ConsoleOne User Guide

August 29, 2001

Novell Confidential
Manual
99a
June 14, 2001
37
Contents
About This Guide
11
Getting Started
Whats New in This Release? . . .
Why Use ConsoleOne? . . . . . .
Accessibility Improvements . . . .
Snap-Ins from Other Products . . .
Installing and Starting ConsoleOne
Windows . . . . . . . . . . . .
NetWare . . . . . . . . . . . .
Linux . . . . . . . . . . . . . .
Solaris . . . . . . . . . . . . .
Tru64 UNIX . . . . . . . . . . .
13
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Browsing and Finding Objects . . . . . . . . . . . . . . . . . . . . .

Logging In to an eDirectory Tree . . . . . . . . . . . . . . . . . .
Logging Out of an eDirectory Tree . . . . . . . . . . . . . . . . .
Accessing an eDirectory Context through DNS Federation . . . .
Jumping to an Object in the Right Pane . . . . . . . . . . . . . .
Filtering Extraneous Objects from View . . . . . . . . . . . . . .
Finding an Object by Distinguished Name . . . . . . . . . . . . .
Finding an Object by Name and Type . . . . . . . . . . . . . . .
Finding Objects by Property Values . . . . . . . . . . . . . . . .
Creating and Manipulating Objects . . . . . . . . . . . . . . . . . .
Creating an Object . . . . . . . . . . . . . . . . . . . . . . . . .
Modifying an Objects Properties . . . . . . . . . . . . . . . . . .
Modifying Multiple Objects Simultaneously. . . . . . . . . . . . .
Renaming an Object . . . . . . . . . . . . . . . . . . . . . . . .
Moving Objects . . . . . . . . . . . . . . . . . . . . . . . . . . .
Deleting Objects . . . . . . . . . . . . . . . . . . . . . . . . . .
Editing Object Properties. . . . . . . . . . . . . . . . . . . . . . . .
General Characteristics. . . . . . . . . . . . . . . . . . . . . . .
Unique Characteristics of Editing Multiple Objects Simultaneously
Customizing Property Pages . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Administration Basics
13
14
17
17
18
18
21
23
25
27
29
30
31
31
31
31
32
32
32
33
33
34
35
35
35
36
36
36
37
37
38

104-001316-001
August 29, 2001
Novell Confidential
Manual
Organizing Objects into Containers . . . . . . . . . .

Creating an Organization Object. . . . . . . . . .
Creating an Organizational Unit Object . . . . . .
Creating a Locality Object . . . . . . . . . . . . .
Creating a Country Object . . . . . . . . . . . . .
Creating an Alias to an Object . . . . . . . . . . .
Customizing Views . . . . . . . . . . . . . . . . . .
Setting the Top Object in the Left Pane . . . . . .
Showing or Hiding the View Title in the Right Pane
Adjusting the Column Width in the Right Pane . .
99a
June 14, 2001
37
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Creating User Accounts . . . . . . . . . . . . . . . . . . . . . .

Creating a User Object . . . . . . . . . . . . . . . . . . . .
Creating a User Template . . . . . . . . . . . . . . . . . . .
Setting Up Optional Account Features . . . . . . . . . . . . . .
Setting Up a Users Network Computing Environment . . . .
Setting Up Extra Login Security for a User . . . . . . . . . .
Setting Up an Accounting of a Users NetWare Server Usage
Setting Up Login Scripts . . . . . . . . . . . . . . . . . . . . . .
Creating a Login Script . . . . . . . . . . . . . . . . . . . .
Assigning a Profile to a User. . . . . . . . . . . . . . . . . .
Login Time Restrictions for Remote Users . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Managing User Accounts
43
Administering Rights
43
44
44
45
45
45
46
47
47
48
48
49
Assigning Rights Explicitly. . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Controlling Access to the NetWare File System, by Resource . . . . . . . .
Controlling Access to the NetWare File System, by Trustee . . . . . . . . .
Controlling Access to Novell eDirectory, by Resource. . . . . . . . . . . . .
Controlling Access to Novell eDirectory, by Trustee . . . . . . . . . . . . . .
Granting Equivalence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Granting Security Equivalence by Membership . . . . . . . . . . . . . . . .
Granting Security Equivalence Explicitly. . . . . . . . . . . . . . . . . . . .
Setting Up an Administrator Over an Objects Specific eDirectory Properties .
Blocking Inheritance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Blocking Inherited Rights to a File or Folder on a NetWare Volume. . . . . .
Blocking Inherited Rights to an eDirectory Object or Property. . . . . . . . .
Viewing Effective Rights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Viewing Effective Rights to a File or Folder on a NetWare Volume . . . . . .
Viewing Effective Rights to an eDirectory Object or Property . . . . . . . . .
About NetWare Rights. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Descriptions of Rights . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Sources of Rights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
How NetWare Calculates Effective Rights . . . . . . . . . . . . . . . . . . .
38
39
39
40
40
41
41
42
42
42

104-001316-001
August 29, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
50
50
51
52
52
53
54
54
55
55
56
56
56
57
57
58
58
59
59
Manual
99a
Configuring Role-Based Administration
61
Setting Up Role-Based Services . . . . . . . . . . . . . . . . . .

Installing RBS Schema Extensions to Your eDirectory Tree . .
Defining RBS Roles . . . . . . . . . . . . . . . . . . . . . . . .
Creating an RBS Role Object . . . . . . . . . . . . . . . . .
Specifying the Tasks That RBS Roles Can Perform . . . . . .
Assigning RBS Role Membership and Scope . . . . . . . . . . .
Creating RBS Objects for Custom Applications . . . . . . . . . .
Creating an RBS Module Object . . . . . . . . . . . . . . . .
Creating an RBS Task Object . . . . . . . . . . . . . . . . .
Creating an Object That Represents a Non-eDirectory Scope .
June 14, 2001
37
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Extending the Novell eDirectory Schema

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Partitioning and Replicating Novell eDirectory

Managing Partitions . . . . . . . . . . . . . . . . .
Viewing Information about a Partition . . . . . .
Splitting a Partition (Creating a Child Partition). .
Merging a Child Partition with Its Parent Partition
Moving a Partition . . . . . . . . . . . . . . . .
Checking Partition Continuity . . . . . . . . . . .
Managing Replication . . . . . . . . . . . . . . . .
Viewing Replication Information . . . . . . . . .
Adding a Replica . . . . . . . . . . . . . . . . .
Deleting a Replica . . . . . . . . . . . . . . . .
Modifying a Replica. . . . . . . . . . . . . . . .
Replicating Selected Data Only . . . . . . . . .
About Replica States . . . . . . . . . . . . . . . . .
61
62
62
62
63
63
64
65
66
66
69
Defining Custom Object Classes and Properties . . . . . . . . . . . . . . . . . . . .

Defining a Custom Property . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Adding Optional Properties to a Class . . . . . . . . . . . . . . . . . . . . . . . .
Defining a Custom Object Class . . . . . . . . . . . . . . . . . . . . . . . . . . .
Defining and Using Auxiliary Classes . . . . . . . . . . . . . . . . . . . . . . . . . .
Defining an Auxiliary Class . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Extending an Object with the Properties of an Auxiliary Class . . . . . . . . . . . .
Extending Multiple Objects Simultaneously with the Properties of an Auxiliary Class
Modifying an Objects Auxiliary Properties . . . . . . . . . . . . . . . . . . . . . .
Deleting Auxiliary Properties from an Object . . . . . . . . . . . . . . . . . . . . .
Deleting Auxiliary Properties from Multiple Objects Simultaneously . . . . . . . . .
Deleting Unused Classes and Properties . . . . . . . . . . . . . . . . . . . . . . . .
Deleting a Property from the Schema . . . . . . . . . . . . . . . . . . . . . . . .
Deleting a Class from the Schema . . . . . . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
70
71
71
71
72
72
73
74
75
76
76
77
77
77
79
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
80
80
81
81
81
82
85
85
86
86
87
87
87

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
37
June 14, 2001
Managing NetWare Server Resources
89
Viewing and Modifying Server and File System Information . . . . . . . . . . . . .

Launching NetWare Management Portal from a Server Object . . . . . . . . . .
Viewing or Modifying Information about a NetWare Server . . . . . . . . . . . .
Viewing or Modifying Information about a Volume. . . . . . . . . . . . . . . . .
Viewing Details on the Contents of a Volume or Folder . . . . . . . . . . . . . .
Viewing or Modifying Information about a File or Folder. . . . . . . . . . . . . .
Modifying Information about Multiple Files, Folders, or Volumes Simultaneously .
Managing Files and Folders on NetWare Volumes . . . . . . . . . . . . . . . . . .
Copying or Moving Files and Folders . . . . . . . . . . . . . . . . . . . . . . .
Creating a File or Folder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Renaming a File or Folder . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Deleting Files and Folders . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Salvaging and Purging Deleted Files on NetWare Volumes . . . . . . . . . . . . .
Salvaging Deleted Files and Folders . . . . . . . . . . . . . . . . . . . . . . .
Purging Deleted Files and Folders. . . . . . . . . . . . . . . . . . . . . . . . .
Controlling Allocation of Volume Space . . . . . . . . . . . . . . . . . . . . . . . .
Restricting a User's Volume Space . . . . . . . . . . . . . . . . . . . . . . . .
Restricting a Folder's Size . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Removing a User's Space Restriction on a Volume . . . . . . . . . . . . . . . .
Removing a Folder's Size Restriction . . . . . . . . . . . . . . . . . . . . . . .
Creating eDirectory Objects to Facilitate File Management . . . . . . . . . . . . . .
Creating a NetWare Server Object . . . . . . . . . . . . . . . . . . . . . . . .
Creating a Volume Object . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Creating a Directory Map Object. . . . . . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
90
90
91
91
92
92
92
93
93
94
94
94
94
95
95
95
96
96
96
96
97
97
98
98
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
100
100
101
102
103
104
104
104
105
105
106
106
106
107
107
107
107
Generating Reports
99
Available Reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
eDirectory General Object Reports . . . . . . . . . . . . . . . . . . . . . .
eDirectory User Security Reports . . . . . . . . . . . . . . . . . . . . . . .
eDirectory User and Group Reports . . . . . . . . . . . . . . . . . . . . . .
Setting Up Reporting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Installing Reporting Services Schema Extensions. . . . . . . . . . . . . . .
Installing Novell-Defined Report Catalogs . . . . . . . . . . . . . . . . . . .
Installing the ODBC Driver for eDirectory on a Windows Computer . . . . . .
Configuring the Data Source Used by a Report Catalog . . . . . . . . . . .
Generating, Printing, and Saving Reports . . . . . . . . . . . . . . . . . . . . .
Specifying the Part of Your eDirectory Tree (Context) to Report On . . . . .
Generating and Viewing a Report . . . . . . . . . . . . . . . . . . . . . . .
Printing a Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Saving a Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Exporting a Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Viewing a Previously Saved Report . . . . . . . . . . . . . . . . . . . . . .
Customizing the Data-Selection Criteria (Query) Used to Generate a Report.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

104-001316-001
August 29, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Manual
99a
June 14, 2001
37
Designing Custom Reports. . . . . . . . . . . . . . . . . . .

Adding JReport Designer to Your ConsoleOne Installation
Creating a Custom Report Catalog . . . . . . . . . . . . .
Creating or Modifying Report Forms . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
. 108
. 109
. 109
. 110
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
10 Troubleshooting
111
ConsoleOne Malfunctions or Wont Start . . . . . . . .

Performance Is Sluggish . . . . . . . . . . . . . . . . .
I Need a Completely Local Installation . . . . . . . . . .
Cant Find the eDirectory Tree That I Want to Log In To.
Newly Created User Cant Log In . . . . . . . . . . . .
Cant Create Volume or Directory Map Object . . . . . .
Cant Abort Partition Operation. . . . . . . . . . . . . .
Problems Generating a Report. . . . . . . . . . . . . .
Field or Option is Disabled . . . . . . . . . . . . . . . .
Known Quirks and Limitations . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
112
113
113
113
113
114
114
114
115
115

104-001316-001
August 29, 2001
Novell Confidential
Manual
10

104-001316-001
August 29, 2001
Novell Confidential
99a
37
June 14, 2001
Manual
99a
July 17, 2001
38
About This Guide

This guide explains what ConsoleOneTM is and how to install, use, and
troubleshoot it.
HINT: This guide covers only the core ConsoleOne capabilities that you get if you
download ConsoleOne from the Novell Free Downloads Site (http://

www.novell.com/download). For information on ConsoleOne capabilities added by
other products, see the documentation for those products.
This guide includes the following sections:

Chapter 1, Getting Started, on page 13
Chapter 2, Administration Basics, on page 29
Chapter 3, Managing User Accounts, on page 43
Chapter 4, Administering Rights, on page 49
Chapter 5, Configuring Role-Based Administration, on page 61
Chapter 6, Extending the Novell eDirectory Schema, on page 69
Chapter 7, Partitioning and Replicating Novell eDirectory, on page 79
Chapter 8, Managing NetWare Server Resources, on page 89
Chapter 9, Generating Reports, on page 99
About This Guide

104-001316-001
August 29, 2001
Novell Confidential
11
Manual
12

104-001316-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
Getting Started
ConsoleOneTM is a Java*-based tool for managing your network and its
resources. By default, it lets you manage:
Novell eDirectoryTM objects, schema, partitions, and replicas
NetWare server resources
If you install other Novell products, additional capabilities are snapped in to
ConsoleOne automatically. For example, if you install Novell eDirectory, the
capability to configure the LDAP interface to eDirectory is snapped in to
ConsoleOne automatically.
This chapter explains whats new in this ConsoleOne release, why you should
use ConsoleOne instead of legacy tools like NetWare Administrator, and how
to install and start ConsoleOne.
In This Chapter
Whats New in This Release? on page 13

Why Use ConsoleOne? on page 14
Accessibility Improvements on page 17
Snap-Ins from Other Products on page 17
Installing and Starting ConsoleOne on page 18
Whats New in This Release?

This release includes several core capabilities that are new since ConsoleOne
1.2d. The following sections elsewhere in this guide describe these
capabilities:
Getting Started

104-001316-001
August 29, 2001
Novell Confidential
13
Manual
99a
38
July 17, 2001
Accessibility Improvements on page 17

Checking Partition Continuity on page 82
In addition, the following capabilities have been enhanced in this release of
ConsoleOne:
Capability
Enhancement
Browsing and Finding

Objects on page 30
If a tree is running NDS eDirectory 8.5 or later and is

configured for DNS federation, you can access
contexts in that tree whether or not you are logged in
to it. This enables you to make rights and
membership assignments across trees.
Creating User Accounts

on page 43
You can now create rights assignments and volume

space restrictions for new users through a template.
Defining and Using

Auxiliary Classes on
page 72
You can now extend individual eDirectory objects

with the properties defined in auxiliary classes.
Previously, only applications could do this.
Viewing and Modifying

Server and File System
Information on page 90
You can now modify the properties of multiple files,

folders, or volumes simultaneously. You can also
launch NetWare Management Portal from the server
object.
Editing Object
Properties on page 36
You can now customize the property pages for each

type of object by reordering, hiding, or showing
individual pages. Your customizations are saved
across ConsoleOne sessions.
Installing and Starting

You can now install and run ConsoleOne on Linux*,
ConsoleOne on page 18 Solaris*, and Tru64* computers in addition to
Windows and NetWare.
Why Use ConsoleOne?

Novell is committed to ConsoleOne as a single management tool and is
working hard to improve its capabilities and performance so you wont need
legacy tools like NetWare Administrator. Following are some of the
advantages of ConsoleOne over legacy tools. A few limitations are also listed
after the advantages.
14

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Advantage
Explanation
Use on a Windows*
computer or a NetWare
server
Because ConsoleOne is Java-based, it can run on Windows, NetWare,

Linux*, Solaris*, and Tru64 UNIX*. The legacy NetWare Administrator, NDS
ManagerTM, and Schema Manager tools run only on Windows.
Manage the latest Novell

products
ConsoleOne lets you manage the latest Novell products and enhancements,
whereas NetWare Administrator and other legacy tools arent being updated
to do so. For example, you can administer DirXML, Single Sign-on, and
Certificate Server only in ConsoleOne.
Browse huge eDirectory

trees
If your tree is running NDS 8 and has containers with thousands of objects,
browsing it in ConsoleOne is faster and more consistent. NetWare
Administrator is slower opening large containers and is limited by available
RAM.
Access eDirectory
resources through DNS
federation
If a tree is running NDS eDirectory 8.5 or later and is configured for DNS
federation, ConsoleOne lets you access contexts in that tree whether or not
you are logged in to the tree. This allows you to treat multiple eDirectory trees
as a single system for purposes of assigning rights and memberships. No
legacy tool exposes this capability. See Browsing and Finding Objects on
page 30.
Create filtered eDirectory

replicas
If your tree is running NDS eDirectory 8.5 or later, ConsoleOne lets you create
filtered replicas that contain only the objects and properties needed for
synchronization with specific applications like PeopleSoft*. No legacy tool has
this capability. See Managing Replication on page 85.
Generate eDirectory
reports
ConsoleOne lets you generate reports on eDirectory objects, users, groups,

and security. No legacy tool has these capabilities. See Generating Reports
on page 99.
Create all eDirectory

object types
ConsoleOne lets you create any object type defined in the schema of your
eDirectory tree, including custom types youve added. NetWare Administrator
can only create object types for which it has snap-ins. See Creating and
Manipulating Objects on page 33.
Modify all object types,

one at a time or several
at once
ConsoleOne lets you generically edit any object property defined in the
schema of your eDirectory tree, including custom properties youve added. No
legacy tool has this capability. ConsoleOne also lets you modify multiple
objects of any class in a single operation, including files and folders on
NetWare volumes. NetWare Administrator lets you do this only on User
objects. See Creating and Manipulating Objects on page 33.
Define and use auxiliary

classes
ConsoleOne lets you define auxiliary classes and extend any eDirectory
object with the properties defined in auxiliary classes. No legacy tool has this
capability. See Defining and Using Auxiliary Classes on page 72.
Getting Started

104-001316-001
August 29, 2001
Novell Confidential
15
Manual
99a
38
July 17, 2001
Advantage
Explanation
Assign ASN.1 identifiers

to classes and attributes
ConsoleOne lets you assign ASN.1 identifiers to object classes and attributes
in the schema of your eDirectory tree. No legacy tool has this capability. See
Defining Custom Object Classes and Properties on page 70.
Set up role-based
administration
ConsoleOne lets you create roles in eDirectory so you can delegate

administrative responsibilities. A role is a list of specific application functions
that a person can perform. For an application function to be added to a role,
it must exist as a task object in your eDirectory tree. For details, see
Configuring Role-Based Administration on page 61.
At the time of this publishing, ConsoleOne also has a few limitations

compared to legacy tools. Most of these will no longer exist in future releases.
Limitation
Explanation
Cant manage print

services
For now, you should use NetWare Administrator to manage network print
services.
Cant remotely repair

eDirectory or check
partition continuity
For now, you should use the legacy NDS Manager tool to remotely repair
eDirectory on individual servers, to check partition continuity, or to abort a
partition operation that was started by another administrator.
Cant generate
eDirectory schema
reports
For now, you should use the legacy Schema Manager tool to generate reports
on the schema of your eDirectory tree, unless you design your own report
forms to generate schema reports in ConsoleOne. See Designing Custom
Reports on page 108.
Cant create or run new

user setup scripts
ConsoleOne lets you create all aspects of user templates except for setup
scripts. Also, ConsoleOne cant execute a setup script when creating a new
user account from a template. You must use NetWare Administrator to
perform these tasks.
Cant manage some

older Novell products
A few older Novell products havent shipped ConsoleOne snap-ins yet, such
as NetWare for SAA*. For now, you can use NetWare Administrator to
manage these products.
Performance can be
sluggish on older
hardware
Because ConsoleOne is Java-based, it can be sluggish when run on older

hardware. If you have the hardware configuration recommended in Installing
and Starting ConsoleOne on page 18, performance is reasonably good. The
biggest performance booster is adding RAM.
Minor user-interface
quirks
ConsoleOne still has a few minor quirks in the user interface. For details, see
Known Quirks and Limitations on page 115.
16

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Accessibility Improvements
ConsoleOne 1.3 includes enhancements in the software and documentation to
make accessibility easier for people with disabilities.
If you are unfamiliar with the control or shortcut keys used in Java software,
you can find a list of these keys at the Swing Component Keystroke
Assignments (http://java.sun.com/j2se/1.3/docs/api/javax/swing/doc-files/
Key-Index.html) Web site.
To navigate in the JavaHelp online help system, you can use the tab keys to
navigate to control icons. JavaHelp loses focus when the text window is
active, although the up and down arrows will scroll the help text. You can also
use the following JavaHelp controls:
Ctrl+T = next link
Ctrl+Shift+T = previous link
Ctrl+Space = activate selected link
JavaHelp 1.1 is currently inaccessible via JAWS screen reader software. To
access JavaHelp with a screen reader, use the IBM Self-Voicing Kit available
from the AlphaWorks (http://www.alphaworks.ibm.com/formula/
selfvoicingkit) Web site.
Snap-Ins from Other Products

If you installed or will install a product that includes ConsoleOne snap-ins and
you want to retain those snap-ins in this release of ConsoleOne, make sure
those snap-ins are installed in the same place as this release of ConsoleOne.
The following are some points to consider:
ConsoleOne 1.2 snap-ins are compatible with this release of ConsoleOne,
but ConsoleOne 1.1 snap-ins arent.
If your product provides only ConsoleOne 1.1 snap-ins, you might want
to install this release of ConsoleOne in a different place than ConsoleOne
1.1. By default, ConsoleOne 1.1 is installed on the NetWare server in
SYS:\PUBLIC\MGMT\CONSOLE1.
Novell products typically install ConsoleOne snap-ins on the SYS
volume of a NetWare server. For example, NDS 8 installs an LDAP snapin in SYS:\PUBLIC\MGMT\CONSOLEONE\1.2.
Getting Started

104-001316-001
August 29, 2001
Novell Confidential
17
Manual
99a
38
July 17, 2001
If you install this release of ConsoleOne on the SYS volume of a NetWare

server, it overwrites ConsoleOne 1.2x and disables ConsoleOne 1.1.
However, existing ConsoleOne 1.2 snap-ins are retained.
If you install this release of ConsoleOne locally on a workstation hard
disk, other products such as eDirectory might not be able to find the right
place to add snap-ins to the installation. In such a case, it is up to you to
move any snap-ins from other products into the new installation.
Installing and Starting ConsoleOne

ConsoleOne is typically installed as part of a larger product, such as Novell
eDirectory or NetWare. If this release of ConsoleOne hasnt been installed by
a larger product, you can install it using the procedure below for your
platform.
In This Section
Windows on page 18
NetWare on page 21
Linux on page 23
Solaris on page 25
Tru64 UNIX on page 27
Windows
You can install and run ConsoleOne locally on a Windows workstation or
server, or you can install it remotely on a NetWare or Windows server and run
it through a mapped or shared drive pointing to that server. If you install
locally on a workstation, other Novell products such as Novell eDirectory
might not be able to add needed snap-ins to your installation. For this reason,
we recommend a server installation.
18

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
System Requirements for Windows

Operating System
One of the following (or later) releases:

Windows 95/98 with Novell ClientTM 3.2
Windows NT*/2000 with Novell Client 4.7
HINT: You can get Novell clients from the Novell Free Downloads Site (http://
RAM
Recommended: 128 MB
Minimum: 64 MB
HINT: 128 MB is required to generate reports in ConsoleOne.
Processor
Recommended: 200 MHz or faster
Disk Space
38 MB (required only for a local installation)
Screen Resolution
Minimum: 800 x 600 with 256 colors
Installing ConsoleOne on Windows
Use this procedure to install ConsoleOne locally on a Windows server or

workstation. To install ConsoleOne remotely on a NetWare server, see
NetWare on page 21.
1 If a previous version of ConsoleOne is running on the Windows
computer, exit it.

2 Insert the CD that contains ConsoleOne, or go to the Novell Free
Downloads Site (http://www.novell.com/download).

3 Browse the CD or Web site until you find the available ConsoleOne
packages > select the package for Windows/NetWare.

HINT: If you are using a CD that runs an installation program and you see an
option to install just ConsoleOne, choose that option and skip to Step 6.
4 If you are using the Web site, download and unzip the ConsoleOne files
to a temporary area. If you are using a CD, skip this step.

5 Run the installation executable file (SETUP.EXE or
CONSOLEONE.EXE).
6 Follow the instructions on the screen to complete the installation.
Getting Started

104-001316-001
August 29, 2001
Novell Confidential
19
Manual
99a
38
July 17, 2001
HINT: If you are installing on a Windows server and you will run ConsoleOne
remotely through drive sharing, dont forget to share the folder where you install
ConsoleOne. Some Novell products require that this share be established before
running the installation program.
Starting ConsoleOne on Windows
If ConsoleOne is installed locally on the Windows computer, simply doubleclick the ConsoleOne icon on the desktop.
If ConsoleOne is installed remotely on a NetWare or Windows server and you
dont have a shortcut to that installation, do the following:
1 In Windows Explorer, find the mapped or shared drive that represents the
server volume where ConsoleOne is installed > browse to the folder

where ConsoleOne is installed.
By default, this is:
Windows
C:\NOVELL\CONSOLEONE\1.2
NetWare
SYS:PUBLIC\MGMT\CONSOLEONE\1.2
IMPORTANT: You must browse for ConsoleOne on a drive that is mapped to a
letter, not a UNC path.
2 In the BIN subfolder, double-click CONSOLEONE.EXE.

3 (Optional) For future use, create a shortcut on your desktop to the remote
CONSOLEONE.EXE file.
For help with navigating and performing basic tasks in ConsoleOne, see
Administration Basics on page 29. If you encounter problems starting or
using ConsoleOne, see Troubleshooting on page 111.
Configuring ConsoleOne Accessibility
To make ConsoleOne accessible to Windows assistive technologies, you must

install the Java Access Bridge. The Java Access Bridge is a technology used
to expose the Java Accessibility API in a Windows DLL so that Windows
assistive technologies can provide access to applications and applets running
with a Java Virtual Machine running on a Windows system which implement
the Java Accessibility API.
To set up the Java Access Bridge for use with ConsoleOne, follow these steps:
20

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
1 Download the Java Access Bridge from the Java Access Bridge (http://
java.sun.com/products/accessbridge) Web site.

2 Unpack the Java Access Bridge into the C:\ACCESSBRIDGE-1_0
directory > run the following command:

C:\ACCESSBRIDGE-1_0\INSTALLER\INSTALL
For more information on installing and configuring the Java Access
Bridge, see the Java Access Bridge Readme (http://java.sun.com/
products/accessbridge/README.txt).
3 Place a copy of the following files in your
NOVELL\CONSOLEONE\1.2\CONSOLEONEEXT directory:
JACCESS-1_3.JAR
ACCESS-BRIDGE.JAR
4 Place a copy of ACCESSIBILITY.PROPERTIES in your
NOVELL\CONSOLEONE\1.2\JRE\LIB directory.
5 Copy the following files to your Windows DLL directory (for example,
C:\WINNT\SYSTEM32 or C:\WINDOWS\SYSTEM):
JAVAACCESSBRIDGE.DLL
WINDOWSACCESSBRIDGE.DLL
NetWare
If you install ConsoleOne on a NetWare server, you can run it locally on that
server or remotely on a Windows computer with a drive mapped to that server.
Installing ConsoleOne on a NetWare server also allows other Novell products
such as eDirectory to add needed snap-ins to your installation.
System Requirements for NetWare
Operating System
NetWare 5 Support Pack 3 or later

HINT: You can get NetWare support packs from the Minimum Patch List site
(http://support.novell.com/misc/patlst.htm).
Processor
Disk Space
38 MB
Screen Resolution
Minimum: 800 x 600 with 256 colors (required only to run locally on the server)
Getting Started

104-001316-001
August 29, 2001
Novell Confidential
21
Manual
99a
38
July 17, 2001
Installing ConsoleOne on NetWare

1 Bring down Java and any Java applications that are running on the server,
including the server GUI.

You can do this by entering JAVA -EXIT at the console prompt.
2 Have all users who are currently running ConsoleOne remotely through a
connection to the server exit their ConsoleOne sessions.

3 At a Windows workstation, map a drive letter to the root of the servers
SYS volume.
4 At the same workstation, insert the CD that contains ConsoleOne, or go
to the Novell Free Downloads site (http://www.novell.com/download).

5 Browse the CD or Web site until you find the available ConsoleOne
packages > select the package for Windows/NetWare.

HINT: If you are using a CD that runs an installation program and you see an
option to install just ConsoleOne, choose that option and skip to Step 8.
6 If you are using the Web site, download and unzip the ConsoleOne files
to a temporary area. If you are using a CD, skip this step.

7 Run the installation executable file (SETUP.EXE or
CONSOLEONE.EXE).
8 Follow the instructions on the screen to complete the installation. When
you are prompted for the location to install to, select the drive that is
mapped to the root of the servers SYS volume.
IMPORTANT: You must select a drive that is mapped to a letter, not a UNC path.
Starting ConsoleOne on NetWare
To start ConsoleOne locally on a NetWare server, enter C1START at the

console prompt.
To start ConsoleOne remotely from a Windows computer with a drive mapped
to the NetWare server, see Starting ConsoleOne on Windows on page 20.
22

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Linux
You can install and run ConsoleOne locally on a Linux computer. You can also
run it from another computer through an X terminal (remote) session, if that
computer has an X windowing subsystem.
System Requirements for Linux
IMPORTANT: This release of ConsoleOne for Linux has been tested only on the
IBM* 1.3 Java runtime environment (JRE). This JRE is included in the ConsoleOne
installation package in case you dont have it. If you do have it, you can choose not
to install it.
Operating System

Red Hat* OpenLinux 6
Caldera* eDesktop 2.4
Caldera eServer 2.3
RAM
Recommended: 128 MB
Minimum: 64 MB
Processor
Disk Space
With JRE: 32 MB
Without JRE: 5 MB
Screen Resolution
IMPORTANT: This release of ConsoleOne is compatible with NDS eDirectory 8.5
and later releases but not with earlier releases. If the ConsoleOne installation
program detects that an eDirectory release earlier than 8.5 is on the machine, it will
abort the installation.
Installing ConsoleOne on Linux

1 If previous versions of ConsoleOne and eDirectory are running on the
Linux computer, shut them down and uninstall them completely from the
system (remove all the associated files).
Downloads site (http://www.novell.com/download).
Getting Started

104-001316-001
August 29, 2001
Novell Confidential
23
Manual
99a
38
July 17, 2001
3 Locate the ConsoleOne installation program (the c1-install file) on the
CD or by downloading it from the Web site as follows:

Source
Steps to Locate the c1-install File
CD
Change to the ConsoleOne/Linux directory.
Web site 1. Click Management > ConsoleOne for Linux.

2. Follow the instructions on the Web site to download the
ConsoleOne package (the c1linux.tar file).
3. Unpack the file you just downloaded (type tar xf
c1linux.tar at the system prompt).
4. Change to the ConsoleOne/Linux directory that was
created by unpacking the download file.
4 Run the ConsoleOne installation program (type c1-install at the
system prompt).
5 Follow the prompts to complete the installation.
IMPORTANT: This release of ConsoleOne for Linux has been tested only on the
IBM 1.3 Java runtime environment (JRE). This JRE is included in the ConsoleOne
installation package in case you dont have it. If you do have it and its already
installed, select No when you are prompted whether to install it.
After ConsoleOne is installed, you can uninstall it at any time by entering the
c1-uninstall command at the system prompt. The c1-install and c1uninstall commands can include some optional parameters for running in
unattended mode or installing/uninstalling individual components. For details
on the command syntax, type c1-install -h or c1-uninstall -h at
the system prompt. For a log of ConsoleOne installation or uninstallation
results, see the corresponding log file created in the /var directory.
Starting ConsoleOne on Linux
At the system prompt of a local session or an X terminal (remote) session,

enter the following command:
/usr/ConsoleOne/bin/ConsoleOne
24

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Solaris
You can install and run ConsoleOne locally on a Solaris computer. You can
also run it from another computer through an X terminal (remote) session, if
that computer has an X windowing subsystem.
System Requirements for Solaris
IMPORTANT: This release of ConsoleOne for Solaris has been tested only on the
Sun* 1.2.2-5a Java runtime environment (JRE). This JRE is included in the
ConsoleOne installation package in case you dont have it. If you do have it, you
can choose not to install it.
Operating System

Solaris 2.6 or 7 with the latest patch
Solaris 8
HINT: You can get Solaris patches at SunSolve Online
(http://sunsolve.sun.com).
Disk Space
With JRE: 64 MB
Without JRE: 10 MB
Screen Resolution
Installing ConsoleOne on Solaris

Solaris computer, shut them down and uninstall them completely from the
system (remove all the associated files).

Getting Started

104-001316-001
August 29, 2001
Novell Confidential
25
Manual
99a
38
Source
CD
Change to the ConsoleOne/Solaris directory.
July 17, 2001
Web site 1. Click Management > ConsoleOne for Solaris.

ConsoleOne package (the c1sol.tar file).
c1sol.tar at the system prompt).
4. Change to the ConsoleOne/Solaris directory that was
system prompt).
IMPORTANT: This release of ConsoleOne for Solaris has been tested only on the
Sun 1.2.2-5a Java runtime environment (JRE). This JRE is included in the
ConsoleOne installation package in case you dont have it. If you do have it and
its already installed, select No when you are prompted whether to install it.
Starting ConsoleOne on Solaris

26

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Tru64 UNIX
You can install and run ConsoleOne locally on a Tru64 UNIX computer. You
can also run it from another computer through an X terminal (remote) session,
if that computer has an X windowing subsystem.
System Requirements for Tru64 UNIX
IMPORTANT: This release of ConsoleOne for Tru64 UNIX has been tested only
on the Compaq* 1.2.2 Java runtime environment (JRE). This JRE is included in the
ConsoleOne installation package in case you dont have it. If you do have it, you
can choose not to install it.
Operating System
Compaq Tru64 UNIX 5.0a or later
RAM
Recommended: 128 MB
Minimum: 64 MB
Disk Space
With JRE: 20 MB
Without JRE: 5 MB
Screen Resolution
Installing ConsoleOne on Tru64

Tru64 UNIX computer, shut them down and uninstall them completely
from the system (remove all the associated files).

Getting Started

104-001316-001
August 29, 2001
Novell Confidential
27
Manual
99a
38
Source
CD
Change to the ConsoleOne/Tru64 directory.
July 17, 2001
Web site 1. Click Management > ConsoleOne for Tru64.

ConsoleOne package (the c1tru64.tar file).
c1tru64.tar at the system prompt).
4. Change to the ConsoleOne/Tru64 directory that was
system prompt).
IMPORTANT: This release of ConsoleOne for Tru64 UNIX has been tested only
on the Compaq* 1.2.2 Java runtime environment (JRE). This JRE is included in the
ConsoleOne installation package in case you dont have it. If you do have it and
its already installed, select No when you are prompted whether to install it.
Starting ConsoleOne on Tru64 UNIX

28

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
In ConsoleOneTM, your network and its resources are presented as a set of
objects that are organized into various containers, with My World at the top.
Use the left pane to expand and collapse containers. Use the right pane to work
with specific resources.
Figure 1
ConsoleOne Management Tool
In general, you perform administration tasks by browsing to an object, rightclicking it, and then selecting an action. The available actions depend on the
type of object. For example, the New Object action is available only on
containers.

104-001316-001
August 29, 2001
Novell Confidential
29
Manual
99a
38
July 17, 2001
This chapter explains how to perform essential tasks like finding objects,
creating and modifying objects, and organizing objects into containers. For
information on common Novell eDirectoryTM object types, see Novell
eDirectory Administration Guide > Object Classes and Properties.
In This Chapter
Browsing and Finding Objects on page 30

Creating and Manipulating Objects on page 33
Editing Object Properties on page 36
Organizing Objects into Containers on page 38
Customizing Views on page 41
Browsing and Finding Objects

In the left pane youll see the "NDS" container, which holds the eDirectory
trees that you are currently logged in to. You can cause additional eDirectory
trees to appear in the NDS container by logging in to those trees. For trees that
are running NDS eDirectory 8.5 or later and are configured for DNS
federation, you can cause specific contexts of those trees to appear in the NDS
container without actually logging in to those trees.
Once you are in an eDirectory tree or context and its objects are listed in the
right pane, you can use the techniques described below to locate the specific
objects you want to manage.
In This Section
Logging In to an eDirectory Tree on page 31

Logging Out of an eDirectory Tree on page 31
Accessing an eDirectory Context through DNS Federation on page 31
Jumping to an Object in the Right Pane on page 31
Filtering Extraneous Objects from View on page 32
Finding an Object by Distinguished Name on page 32
Finding an Object by Name and Type on page 32
Finding Objects by Property Values on page 33
30

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Logging In to an eDirectory Tree

1 Click anywhere in the "NDS" container.
2 On the toolbar, click NDS Authenticate.
3 Fill in the Login dialog box.
HINT: To see a list of the eDirectory trees you can log in to, click the tree icon. If
the tree you want isnt listed, see Cant Find the eDirectory Tree That I Want to
Log In To on page 113.
4 Click Login.
The new tree is added to the NDS container in ConsoleOne.
Logging Out of an eDirectory Tree

1 Click the eDirectory tree that you want to log out of.
2 On the toolbar, click NDS Unauthenticate.
The tree is removed from the NDS container.
Accessing an eDirectory Context through DNS Federation

This procedure works only if the target eDirectory context is in a tree that is
running NDS eDirectory 8.5 or later and is configured for DNS federation.
1 Click anywhere in the "NDS" container.
2 Click View > Set Context.
3 Enter the full DNS name for the eDirectory context that you are trying to
access, including an ending dns and a period (.).

Example: sales.xyz.com.dns.
4 Click OK.
If the DNS name resolves correctly, the eDirectory context you are trying to
access should appear in the NDS container. You can browse and manage
objects in the eDirectory context the same as in any eDirectory tree.
Jumping to an Object in the Right Pane

1 Click anywhere in the right pane.
2 Start typing the name of an object in the current container or view > press
Enter to jump to the object.

104-001316-001
August 29, 2001
Novell Confidential
31
Manual
99a
38
July 17, 2001
Filtering Extraneous Objects from View

Any filters you apply to a view remain in effect for your current ConsoleOne
session only. When you restart ConsoleOne, they are cleared.
1 Click View > Filter.
2 (Optional) In Name, enter a wildcard pattern to apply as a filter on the
object names.
An asterisk (*) is the only wildcard allowed.
Example: xyz* hides all objects except those whose names start with
"xyz."
3 Under Object Type, select the object types you want shown and deselect
those you want hidden.

4 Click OK.
Finding an Object by Distinguished Name

1 In the left pane, click any part of the eDirectory tree that contains the
object.
2 Begin typing the name of the object to go to.
As you type, the Go To dialog box appears.

3 Finish typing the distinguished name of the object.
Click Help for details on using separators and other special characters.
Example: djones.salses.xyz_corp
4 Click OK.
Finding an Object by Name and Type

1 In the left pane, click the eDirectory container that you want to start
searching from.
2 Click Edit > Find.
3 If you want to include subcontainers in the search, select Search
Subcontainers.
4 In Name, enter all or part of the object name.
If you enter only part of the name, include an asterisk wildcard.

Example: johnw*
32

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
5 In Object Type, select the type of object to find.

6 Click Find.
In the search results list, you can right-click objects to perform actions
just like in the ConsoleOne right pane.
Finding Objects by Property Values

1 In the left pane, click the eDirectory container that you want to start
searching from.
2 Click Edit > Find.
3 In Find Type, select Advanced.
4 In the query-building area of the dialog box, specify your search criteria.
Click Help for details.

5 Click Find.
In the search results list, you can right-click objects to perform actions
just like in the ConsoleOne right pane.
Creating and Manipulating Objects

Once you have located the network resources (objects) you want to manage,
you can change their behavior by modifying their properties. You can also
delete, move, and rename objects or create new ones as needed.
In This Section
Creating an Object on page 34

Modifying an Objects Properties on page 35
Modifying Multiple Objects Simultaneously on page 35
Renaming an Object on page 35
Moving Objects on page 36
Deleting Objects on page 36

104-001316-001
August 29, 2001
Novell Confidential
33
Manual
99a
38
July 17, 2001
Creating an Object
1 Right-click the container that you want to create the object in > click New
> click Object.

There are restrictions on the types of objects you can create in different
container types. For details, see the documentation for your particular
task or application.
2 Under Class, select the type of object > click OK.
3 If you get a warning that no snap-in is available to create the object,
complete the appropriate action from the table below, depending on your
level of understanding of the object you are creating.
Understanding Level
Action
Thoroughyou understand
this object type and how its
properties are used.
Click Yes in the warning box.
Minimalyou understand
what the object is but not how
its properties are used in any
detail.
Click No in the warning box > quit this

procedure.
You will be allowed to set the objects

mandatory properties using generic editors.
After creating the object, you can set other
properties using the generic Other property
page.
You will need to install a product that

provides a ConsoleOne snap-in to create
and manage this object type.
4 In Name, enter a name for the new object.
If its an eDirectory object, be sure to follow proper naming conventions.

See Novell eDirectory Administration Guide > Naming Conventions for
details.
5 Specify any other information requested in the dialog box.
Click Help for details. (If you are using generic editors, no details are
available.)
6 Click OK.
34

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Modifying an Objects Properties

1 Right-click the object > click Properties.
2 Edit the property pages you want.
Click Help for details on specific properties. See Editing Object

Properties on page 36 for general information on using property pages.
3 Click OK.
Modifying Multiple Objects Simultaneously

1 Select the objects using one of the following methods:
In the right pane, Shift+click or Ctrl+click multiple objects of the

same type
Click a group or template object to modify its members
Click a container to modify the objects it contains
2 Click File > Properties of Multiple Objects.

3 If you selected a container in Step 1, in the dialog box double-click the
object type that you want to modify; otherwise, skip this step.
4 On the Objects to Modify page, make sure only the objects that you want
to modify are listed.

Add and delete objects as needed.
5 On the other property pages, specify the property values to set for all the
selected objects.
Click Help for details on specific properties.
IMPORTANT: See Editing Object Properties on page 36 for differences in how
property pages work when editing multiple objects.
6 Click OK.
Renaming an Object
1 Right-click the object > click Rename.
2 In New Name, enter the new name.
If its an eDirectory object, be sure to following proper naming

conventions. See Novell eDirectory Administration Guide > Naming
Conventions for details.

104-001316-001
August 29, 2001
Novell Confidential
35
Manual
99a
38
July 17, 2001
3 Click Save Old Name if you want to save the old name of the object.
The old name is stored in the Other Name field of the objects General
Identification property page.
4 Click OK.
Moving Objects
1 In the right pane, Shift+click or Ctrl+click the objects to select them.
HINT: You cant move a container object unless its a partition root. For details,
see Managing Partitions on page 80.
2 Right-click your selection > click Move.

3 Click the browse button next to the Destination field > select the container
to move the objects to > click OK.

4 If you want to create an alias in the old location for each object being
moved, select Create an Alias for All Objects Being Moved.

This allows any operations that are dependent on the old location to
continue uninterrupted until you can update those operations to reflect the
new location.
5 Click OK.
Deleting Objects
1 Shift+click or Ctrl+click the objects to select them.
You can't delete a container object unless you first delete all its contents.
2 Right-click your selection > click Delete.
3 In the confirmation dialog box, click Yes.
Editing Object Properties

You can control an object's behavior by editing its properties. When using
property pages, there are some general characteristics you need to be aware of
as well as some characteristics that are unique to editing multiple objects
simultaneously. You can also customize property pages.
36

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
In This Section
General Characteristics on page 37

Unique Characteristics of Editing Multiple Objects Simultaneously on
page 37
Customizing Property Pages on page 38
General Characteristics
The table below describes the general characteristics of using property pages.
Feature
Notes
OK, Cancel, Apply
These buttons affect all the property pages. OK and Apply save all changes to all
pages (Apply leaves the dialog box open), and Cancel discards all changes on all
pages.
Tabs
Each tab can have multiple property pages. To select the page you want, click the
drop-down list on the tab.
Fields that have this control beside them can have multiple values. To see all the
values, click the control. To enter multiple values, type a value > press Enter > type
another value > press Enter, and so on.
Disabled fields and

options
Fields and options are disabled if:

You dont have rights to modify the associated properties
You need to modify some other setting first to enable the fields or options
Unique Characteristics of Editing Multiple Objects Simultaneously

The table below describes the unique characteristics of using property pages
to edit multiple objects simultaneously.
Feature
Notes
Fields and lists
No values are displayed in fields or lists because the existing values might
be different for each object.
For a single-value field, any value you enter will replace the existing value in
each object when you click OK or Apply.
For a multi-value field or list, any values you enter will be added to the
existing values in each object when you click OK or Apply.

104-001316-001
August 29, 2001
Novell Confidential
37
Manual
99a
38
July 17, 2001
Feature
Notes
Check boxes
Light-gray check boxes with a check in them are neutral. No changes will be
made to these items in the existing objects when you click OK or Apply.
White check boxes and dark-gray check boxes are live. Their settings will
replace the existing settings in each object when you click OK or Apply.
Missing items
Individual fields and options are missing if they apply only to specific object
instances. For example, it isnt necessary to give multiple users the same
last name, so the Last Name field is not displayed when editing multiple
users.
Entire property pages are missing if they havent been designed to allow
editing of multiple objects. For example, the generic Other page isnt
displayed when editing multiple objects.
Customizing Property Pages

For each type of object in ConsoleOne, you can customize the property pages
by rearranging their order or hiding individual pages.
Your customizations are saved and used the next time you start ConsoleOne
on the same computer.
1 Open the properties of an object of the type that you want to customize >
click Page Options.

2 Rearrange the property pages the way you want.
2a To move a tab or page to a different position, select it > click Move
Up or Move Down.
You cant move a page to a different tab.
2b To hide or show a tab or page, select it > click Disable or Enable.
Disabled items appear gray.

3 Click OK.
Organizing Objects into Containers

Once you are in an eDirectory tree, you can organize it by creating various
types of containers and placing objects inside them. Objects in a container are
security equivalent to the container automatically, so make sure you manage
the containers rights accordingly. You can create aliases to provide access to
a single object from multiple containers.
38

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Below are procedures to create common container types and aliases. For
information on creating container types for specific applications, see the
documentation for those applications. For general eDirectory tree design
considerations, see Novell eDirectory Administration Guide > Designing Your
Novell eDirectory Network.
In This Section
Creating an Organization Object on page 39

Creating an Organizational Unit Object on page 39
Creating a Locality Object on page 40
Creating a Country Object on page 40
Creating an Alias to an Object on page 41
Creating an Organization Object

1 Right-click the tree, country, locality, or domain object that you want to
create the organization object in > click New > click Object.
2 Under Class, select Organization > click OK.
3 In Name, enter a name up to 64 characters long.
Make sure to follow proper naming conventions. See Novell eDirectory

Administration Guide > Designing Your Novell eDirectory Network for
details.
Example: XYZ_CORP
4 If you want to assign additional property values as part of the creation
process for the container, select Define Additional Properties.

For example, you might want to create a login script or set up intruder
detection for the container.
5 Click OK.
Creating an Organizational Unit Object

1 Right-click the organization, organizational unit, locality, or domain
object that you want to create the new organizational unit object in > click
New > click Organizational Unit.

104-001316-001
August 29, 2001
Novell Confidential
39
Manual
99a
38
July 17, 2001

Administration Guide > Naming Conventions for details.
Example: Marketing

For example, you might want to create a login script or set up intruder
detection for the container.
4 Click OK.
Creating a Locality Object

1 Right-click the country, locality, domain, organization, or organizational
unit object that you want to create the locality object in > click New >
click Object.
2 Under Class, select Locality > click OK.
3 Fill in the Name and Named By fields.

4 Click OK.
Creating a Country Object

1 Right-click a tree or domain object > click New > click Object.
2 Under Class, select Country > click OK.
3 In Name, enter the two-letter ISO country code.

Example: FR for France

For example, you might want to provide a more descriptive name for the
country.
5 Click OK.
40

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Creating an Alias to an Object

1 Right-click the container that you want to create the alias in > click New
> click Object.

2 Under Class, select Alias > click OK.

Administration Guide > Naming Conventions for details.
Example: SalesVolumeAlias
4 Click the browse button next to the Object field > select the object you
want the alias to represent > click OK.

process for the alias, select Define Additional Properties.

For example, you might want to assign trustees of the alias.
6 Click OK.
Users can use the alias as though it were the actual object that it
represents.
Customizing Views
You can customize the views in the left and right panes in various ways. For
example, you can set a different object than My World at the top of the left
pane, and you can adjust the column width in the right pane. You can also
show or hide the view title in the right pane. In an eDirectory tree, you can
filter objects from view in the right pane. (See Browsing and Finding
Objects on page 30.)
HINT: Most customizations to the left and right pane are lost when you exit
ConsoleOne. Only the window size, position, and view title setting are saved.
In This Section
Setting the Top Object in the Left Pane on page 42

Showing or Hiding the View Title in the Right Pane on page 42
Adjusting the Column Width in the Right Pane on page 42

104-001316-001
August 29, 2001
Novell Confidential
41
Manual
99a
38
July 17, 2001
Setting the Top Object in the Left Pane

The steps to use depend on which object you want to set at the top, as
described in the table below.
Object to Set at the Top
Steps
A container thats below the current top

object
Right-click the container > click Set As

Root.
A container thats above the current top

object
My World
Double-click
in the left pane until
the container appears.
Right-click
in the left pane > click
Show My World.
Showing or Hiding the View Title in the Right Pane

By default, the right pane contains the Console view. You can switch it to the
Partition and Replica view or to another view if one has been added by a snapin. Regardless of which view the right pane contains, you can show or hide the
view title at the top of the right pane.
Your setting to show or hide the view title is saved and used the next time you
start ConsoleOne on the same computer.
To show or hide the view title, click View > Show View Title. A check mark
is added to or removed from the menu item, depending on whether the view
title is being shown or hidden.
Adjusting the Column Width in the Right Pane

1 Move the mouse pointer to the margin between the first and second
columns.
2 When the pointer changes to a sizing arrow, drag the column to the width
you want.
42

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

Setting up a Novell eDirectoryTM user account involves creating a User
object and setting properties to control login and the user's network computing
environment. You can use a template object to facilitate these tasks.
You can create login scripts to cause users to be connected automatically to the
files, printers, and other network resources they need when they log in. If
several users use the same resources, you can put the login script commands
in container and profile login scripts.
In This Chapter
Creating User Accounts on page 43

Setting Up Optional Account Features on page 45
Setting Up Login Scripts on page 47
Login Time Restrictions for Remote Users on page 48
Creating User Accounts

A user account is a User object in the eDirectory tree. A User object specifies
a user's login name and supplies other information used by eDirectory and
NetWare to control the users access to network resources. You can define
user properties ahead of time in a template, before actually creating the User
object.
In This Section
Creating a User Object on page 44

Creating a User Template on page 44

104-001316-001
August 29, 2001
Novell Confidential
43
Manual
99a
38
July 17, 2001
Creating a User Object

1 Right-click the container that you want to create the User object in > click
New > click User.

2 Fill in the New User dialog box.

2a To apply a template during creation of the user object, select Use
Template.
2b To set additional user properties during creation of the user object,
select Define Additional Properties.

3 Click OK.
4 If the Set Password dialog box appears, set the users login password >
click OK.
IMPORTANT: If this dialog box appears and you cancel it, an eDirectory
password (object-key pair) won't be created for the user account and the user
won't be able to log in unless you set up some other means of authentication, such
as an NMAS password. You can set an eDirectory password later on the Password
Restrictions property page of the User object. If you leave the password blank and
click OK, the User object is created with a blank (null) eDirectory password and the
user can log in without entering a password.
Creating a User Template

1 Right-click the container that you want to create the Template object in >
click New > click Object.

2 Under Class, select Template > click OK.
3 Fill in the New Template dialog box.

3a To clone an existing Template or User object, select Use Template or
User.
3b To set template properties immediately after creating the Template
object, select Define Additional Properties.

After clicking OK, youll see property pages that look similar to
those of a User object. Help is available on all the property pages.
4 Click OK.
44

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Setting Up Optional Account Features

After creating a User object, you can optionally set up the user's network
computing environment, implement extra login security features, and set up
an accounting of the users NetWare server usage.
In This Section
Setting Up a Users Network Computing Environment on page 45

Setting Up Extra Login Security for a User on page 45
Setting Up an Accounting of a Users NetWare Server Usage on page
46
Setting Up a Users Network Computing Environment

1 Right-click the User or Template object that you want to set up the
network computing environment for > click Properties.

Use a Template object if you havent created the User object yet.
2 On the General tab, select the Environment page.
3 Fill in the property page.

4 Click OK.
Setting Up Extra Login Security for a User

1 Right-click the User or Template object that you want to set up login
security for > click Properties.

2 On the Restrictions tab, fill in the property pages you want.
Click Help for details on any page.

Page
Use to
Password Restrictions
Set up a login password.
Address Restrictions
Restrict the locations the user can log in from.

104-001316-001
August 29, 2001
Novell Confidential
45
Manual
99a
38
July 17, 2001
Page
Use to
Time Restrictions
Restrict the times when the user can be logged

in. If the user will log in remotely, see Login
Time Restrictions for Remote Users on page
48.
Login Restrictions
Limit the number of concurrent login

sessions.
Set a login expiration and lockout date.
3 Click OK.
4 To set up intruder detection for all the User objects in a container:
4a Right-click the container > click Properties.
4b On the General tab, select the Intruder Detection page.
4c Fill in the property page.

4d Click OK.
Setting Up an Accounting of a Users NetWare Server Usage

1 Right-click the User or Template object that you want to set up the
accounting for > click Properties.

2 On the Restrictions tab, select the Account Balance page.
3 Fill in the property page.

4 Click OK.
5 Use NetWare Administrator to set up one or more NetWare servers to
charge for network services.

See the NetWare Administrator online help for details.
46

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Setting Up Login Scripts

A login script is a list of commands that executes when a user logs in. It is
typically used to connect the user to network resources like files and printers.
Login scripts execute on the user's workstation in the following order:
1. Container login script
2. Profile login script
3. User login script
During login, if the system doesnt find any of these login scripts, it skips to
the next one in the list. If none are found, the system executes a default script
that maps a search drive to the SYS:PUBLIC folder on the user's default
server. The default server is set on the Environment property page of the user
object.
In This Section
Creating a Login Script on page 47

Assigning a Profile to a User on page 48
Creating a Login Script

1 Right-click the object that you want to create the login script on > click
Properties.
To Have the Login Script Apply To
Create It On
One user only
The User object
One or more users that havent been created yet
A Template object
All the users in a container
The container object
A set of users in one or more containers
A Profile object
2 On the Login Script page, enter the login script commands you want.
See Novell Client for Windows > Login Script Commands and Variables
(http://www.novell.com/documentation/lg/noclienu/docui/index.html#../
noclienu/data/ho2m1x3b.html) for details.
3 Click OK.
4 If you created the login script on a profile object, assign the profile to the
users you want as explained below.


104-001316-001
August 29, 2001
Novell Confidential
47
Manual
99a
38
July 17, 2001
Assigning a Profile to a User

1 Right-click the User or Template object that you want to assign the profile
to > click Properties.

2 On the Login Script page, click the browse button next to the Profile field
> select the profile object > click OK.

3 Click OK.
4 Ensure that the user effectively has the Browse right to the Profile object
and the Read right to the Login Script property of the profile object.
See Viewing Effective Rights on page 56 for details.
Login Time Restrictions for Remote Users

On the Time Restrictions property page of a User object, you can restrict the
times when the user can be logged in to eDirectory. (By default, there are no
login time restrictions.) If you set a login time restriction and the user is logged
in when the restricted time arrives, the system issues a warning to log out
within five minutes. If the user is still logged in after five minutes, he or she
is logged out automatically and loses any unsaved work.
If a user logs in remotely from a different time zone than the server processing
the login request, any login time restrictions that have been set for the user are
adjusted for the time difference. For example, if you restrict a user from
logging in Mondays from 1:00 a.m. to 6:00 a.m. and the user logs in remotely
from a time zone that is one hour later than the server, the restriction
effectively becomes 2:00 a.m. to 7:00 a.m. for that user.
48

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Rights are system flags that you can set on individual network resources to
control access to those resources. When you assign rights, you always link
them with a specific user, group, or other Novell eDirectoryTM object that is
the trustee (possessor) of the rights. In ConsoleOneTM, you can grant a trustee
rights to two different kinds of resources:
eDirectory objects
Rights to these resources are stored in and applied by eDirectory. For
details, see Novell eDirectory Administration Guide > eDirectory Rights.
Files and folders on NetWare volumes
Rights to these resources are stored in and applied by the NetWare file
system. For details, see About NetWare Rights on page 58.
When a user tries to access a resource, the system (eDirectory or NetWare)
calculates the users effective rights to that resource. In doing so, the system
checks not only the users explicit rights assignments but also any security
equivalences held by the user and any filters that block the inheritance of
explicit rights assignments. This chapter explains how to perform the tasks
that control users effective rights to resources.
In This Chapter
Assigning Rights Explicitly on page 50

Granting Equivalence on page 53
Blocking Inheritance on page 55
Viewing Effective Rights on page 56
About NetWare Rights on page 58

104-001316-001
August 29, 2001
Novell Confidential
49
Manual
99a
38
July 17, 2001
Assigning Rights Explicitly

When the default rights assignments in your eDirectory tree provide users
with either too much or not enough access to resources, you can create or
modify explicit rights assignments. When you create or modify a rights
assignment, you start by selecting either the resource that you are controlling
access to or the trustee (the eDirectory object that possesses, or will possess,
the rights).
HINT: To manage users rights collectively rather than individually, make a group,
role, or container object the trustee. To restrict access to a resource globally (for all
users), see Blocking Inheritance on page 55. If the resource is a file or folder on
a NetWare volume, you can also control access globally by setting attributes (see
Viewing and Modifying Server and File System Information on page 90).
In This Section
Controlling Access to the NetWare File System, by Resource on page

50
Controlling Access to the NetWare File System, by Trustee on page 51
Controlling Access to Novell eDirectory, by Resource on page 52
Controlling Access to Novell eDirectory, by Trustee on page 52
Controlling Access to the NetWare File System, by Resource

1 Right-click the resource (file, folder, or volume) that you want to control
access to > click Properties.

NOTE: Select a volume or folder to control access to all the resources below it.
2 On the Trustees page, edit the list of trustees and their rights assignments
as needed.
For descriptions of the individual access rights, see About NetWare
Rights on page 58.
2a To add an object as a trustee, click Add Trustee > select the object >
click OK > under Access Rights, assign the trustees rights.

2b To modify a trustees rights assignment, select the trustee > under
Access Rights, modify the rights assignment as needed.
50

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
2c To remove an object as a trustee, select the object > click Delete
Trustee > Yes.

The deleted trustee will no longer have explicit rights to the file or
folder but might still have effective rights through inheritance or
security equivalence.
3 Click OK.
Controlling Access to the NetWare File System, by Trustee

1 Right-click the trustee (the object that possesses, or will possess, the
rights) > select Properties.

2 On the Rights to Files and Folders page, click Show > select the NetWare
volume containing the file system that you want to control access to >
click OK.
The Files and Folders list is filled in with any files and folders that the
trustee currently has rights assignments to on the selected volume.
3 Edit the rights assignments as needed.
For descriptions of the individual rights, see About NetWare Rights on

page 58.
3a To add a rights assignment, click Add > select the file or folder to
control access to > click OK > under Rights, assign the trustees
rights.
3b To modify a rights assignment, select the file or folder to control
access to > under Rights, modify the trustees rights as needed.

3c To remove a rights assignment, select the file or folder to control
access to > click Delete > Yes.

The trustee will no longer have explicit rights to the file or folder but
might still have effective rights through inheritance or security
equivalence.
4 Repeat Step 2 and Step 3 as needed to edit the trustees rights assignments
on other NetWare volumes.

5 Click OK.

104-001316-001
August 29, 2001
Novell Confidential
51
Manual
99a
38
July 17, 2001
Controlling Access to Novell eDirectory, by Resource

1 Right-click the eDirectory resource (object) that you want to control
access to > click Trustees of This Object.

NOTE: Choose a container to control access to all the objects below it.
2 Edit the list of trustees and their rights assignments as needed.

2a To modify a trustees rights assignment, select the trustee > click
Assigned Rights > modify the rights assignment as needed > click
OK.
2b To add an object as a trustee, click Add Trustee > select the object >
click OK > assign the trustees rights > click OK.

When creating or modifying a rights assignment (in the Rights
Assigned To dialog box), you can grant or deny access to the object
as a whole, to all the properties of the object, and to individual
properties. Click Help in the dialog box for details.
2c To remove an object as a trustee, select the object > click Delete
Trustee > Yes.

The deleted trustee will no longer have explicit rights to the object or
its properties but might still have effective rights through inheritance
or security equivalence.
3 Click OK.
Controlling Access to Novell eDirectory, by Trustee

1 Right-click the trustee (the object that possesses, or will possess, the
rights) > select Rights to Other Objects.

2 In the search dialog box, specify the part of the eDirectory tree to be
searched for eDirectory objects that the trustee currently has rights
assignments to.
3 Click OK in the search dialog box.
A dialog box appears showing the progress of the search. When the search
is done, the Rights to Other Objects page appears with the results of the
search filled in.
4 Edit the trustees eDirectory rights assignments as needed.

52

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
4a To add a rights assignment, click Add Object > select the object to
control access to > click OK > assign the trustees rights > click OK.
4b To modify a rights assignment, select the object to control access to
> click Assigned Rights > modify the trustees rights assignment as
needed > click OK.
When creating or modifying a rights assignment (in the Rights
Assigned To dialog box), you can grant or deny access to the object
as a whole, to all the properties of the object, and to individual
properties. Click Help in the dialog box for details.
4c To remove a rights assignment, select the object to control access to
> click Delete Object > Yes.

The trustee will no longer have explicit rights to the object or its
properties but might still have effective rights through inheritance or
security equivalence.
5 Click OK.
Granting Equivalence
A user who is security equivalent to another eDirectory object effectively has
all the rights of that object, both in eDirectory and in the NetWare file system.
A user is automatically security equivalent to the groups and roles that he or
she belongs to. All users are implicitly security equivalent to the [Public]
trustee and to each container above their User objects in the eDirectory tree,
including the Tree object. You can also explicitly grant a user security
equivalence to any eDirectory object.
NOTE: The tasks in this section allow you to delegate administrative authority
through eDirectory rights. If you have administration applications that use RBS
roles, you can also delegate administrative authority by assigning users
membership in those roles as explained in Assigning RBS Role Membership and
Scope on page 63.
In This Section
Granting Security Equivalence by Membership on page 54

Granting Security Equivalence Explicitly on page 54
Setting Up an Administrator Over an Objects Specific eDirectory
Properties on page 55

104-001316-001
August 29, 2001
Novell Confidential
53
Manual
99a
38
July 17, 2001
Granting Security Equivalence by Membership

1 If you havent already done so, create the group or role object that you
want the users to be security equivalent to.

See Creating and Manipulating Objects on page 33 for details.
2 Grant the group or role the eDirectory and NetWare rights that you want
the users to have.

See Assigning Rights Explicitly on page 50 for details.
3 Edit the membership of the group or role to include those users who need
the rights of the group or role.
For a group object, use the Members property page.
For an organizational role object, use the Occupant field on the

Identification property page.
For an RBS role object, use the Members of Role property page.
See Assigning RBS Role Membership and Scope on page 63 for
details.
4 Click OK.
Granting Security Equivalence Explicitly

1 Right-click either the user or the object that you want the user to be
security equivalent to > click Properties.

2 Grant the security equivalence as follows:
If you chose the user, on the Memberships tab select the Security
Equal To page > click Add > select the object that you want the user
to be security equivalent to > click OK.
If you chose the object that you want the user to be security
equivalent to, on the Security Equal to Me page click Add > select
the user > click OK.
The contents of these two property pages are synchronized by the system.
3 Click OK.
54

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Setting Up an Administrator Over an Objects Specific eDirectory

Properties
1 If you haven't already done so, create the user, group, role, or container
object that you want to make a trustee of the objects specific properties.
If you create a container as a trustee, all objects inside and below the
container will have the rights you grant. You must make the property
inheritable or the container and its members will not have rights below its
level.
2 Right-click the highest-level container that you want the administrator to
manage > click Trustees of This Object.

3 On the property page, click Add Trustee > select the object that represents
the administrator > click OK.

4 In the Rights Assigned To dialog box, click Add Property.
5 Deselect the Show All Properties check box.
6 For each property that the administrator will manage, assign the needed
rights.
Be sure to select the Inheritable check box on each rights assignment.
7 Click OK.
8 Click OK in the Properties dialog box.
Blocking Inheritance
In eDirectory, rights assignments on containers can be inheritable or noninheritable. In the NetWare file system, all rights assignments on folders are
inheritable. In both eDirectory and NetWare, you can block such inheritance
on individual subordinate items so that the rights aren't effective on those
items, no matter who the trustee is. One exception is that the Supervisor right
cant be blocked in the NetWare file system.
In This Section
Blocking Inherited Rights to a File or Folder on a NetWare Volume on

page 56
Blocking Inherited Rights to an eDirectory Object or Property on page
56

104-001316-001
August 29, 2001
Novell Confidential
55
Manual
99a
38
July 17, 2001
Blocking Inherited Rights to a File or Folder on a NetWare Volume

1 Right-click the file or folder > click Properties.
2 On the Inherited Rights Filter page, edit the filter as needed.
To block a right, deselect its check box. To let a right flow through, select
its check box. The Supervisor right cant be blocked. The other check
boxes are disabled if you don't have the Supervisor or Access Control
right to the file or folder. For descriptions of the individual rights, see
About NetWare Rights on page 58.
NOTE: This filter wont block rights that are explicitly granted a trustee on this file
or folder, since such rights arent inherited.
3 Click OK.
Blocking Inherited Rights to an eDirectory Object or Property

1 Right-click the eDirectory object > click Properties.
2 On the NDS Rights tab, select the Inherited Rights Filters page.
This displays a list of the inherited rights filters that have already been set
on the object.
3 On the property page, edit the list of inherited rights filters as needed.
To edit the list of filters, you must have the Supervisor or Access Control
right to the ACL property of the object. You can set filters that block
inherited rights to the object as a whole, to all the properties of the object,
and to individual properties. Click Help for details.
NOTE: These filters wont block rights that are explicitly granted a trustee on this
object, since such rights arent inherited.
4 Click OK.
Viewing Effective Rights

Effective rights are the actual rights users can exercise on specific network
resources. They are calculated by the system (eDirectory or NetWare) based
on explicit rights assignments, inheritance, and security equivalence. You can
query the system to determine a user's effective rights to any resource.
56

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
In This Section
Viewing Effective Rights to a File or Folder on a NetWare Volume on

page 57
Viewing Effective Rights to an eDirectory Object or Property on page
57
Viewing Effective Rights to a File or Folder on a NetWare Volume

1 Right-click the file, folder, or volume > click Properties.
Select a volume to view effective rights at the root of the file system.
2 On the Trustees page, click Effective Rights.
3 If the object whose effective rights you want to view isn't shown in the
Trustee field, click the browse button next to the field > select the trustee
you want > click OK.
4 View the effective rights.
For descriptions of the individual rights, see About NetWare Rights on

page 58.
5 Click OK.
Viewing Effective Rights to an eDirectory Object or Property

1 Right-click the eDirectory object > click Trustees of This Object.
2 On the NDS Rights tab, select the Effective Rights page.
3 If the object whose effective rights you want to view isn't shown in the
For Trustee field, click the browse button next to the field > select the
trustee you want > click OK.
4 View the effective rights you want.
You can view effective rights to the object as a whole, to all the properties
of the object, and to individual properties. Click Help for details.
5 Click OK.

104-001316-001
August 29, 2001
Novell Confidential
57
Manual
99a
38
July 17, 2001
About NetWare Rights

This section describes the specific rights that users can have to files and
folders on NetWare volumes, the possible sources of those rights, and how the
NetWare file system calculates users effective rights to files and folders.
In This Section
Descriptions of Rights on page 58

Sources of Rights on page 59
How NetWare Calculates Effective Rights on page 59
Descriptions of Rights
The following table describes the individual rights that a trustee can have to a
file or folder on a NetWare volume.
Right
Description
Supervisor
Grants the trustee all rights to the file or folder and any subordinate items. This
right can't be filtered (blocked) on the current file or folder or on subordinate
items, nor can it be revoked on individual subordinate items.
Read
Grants the trustee the ability to open and read the file or folder and any
subordinate items. This includes the ability to execute program files.
Write
Grants the trustee the ability to open and write to (modify) the file or folder and
any subordinate items.
Create
Grants the trustee the ability to create new items and salvage deleted items
in the folder and any subfolders.
Inheritable
Makes the rights to the selected property flow to all objects below.
Erase
Grants the trustee the ability to delete the file or folder and any subordinate
items.
Modify
Grants the trustee the ability to change the name and attributes of the file or
folder and any subordinate items. The trustee can't see or modify the actual
contents of files.
File Scan
Grants the trustee the ability to see (in a listing or browser) the file or folder
and any subordinate items, including its path back to the root of the volume.
Access Control
Grants the trustee the ability to change the trustee (rights) assignments and
inherited rights filter of the file or folder.
58

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Sources of Rights
A given file or folder can have multiple rights assignments associated with it,
each linked with a different trustee (possessor) of the rights. Rights to a folder
are inherited by the trustee to items within the folder, so the trustee can
exercise the rights on subordinate items without having an explicit assignment
on those items. You can, however, place a filter on individual subordinate
items to block specific rights from being inherited. Such filters apply globally
to all trustees holding the specified rights.
Besides having explicit and inherited rights to a file or folder, a user can also
have rights to a file or folder through security equivalence to another
eDirectory object. For example, if a user is a member of an eDirectory group
or role and that group or role has been granted certain rights, the user
effectively has those additional rights through security equivalence. For more
information, see Novell eDirectory Administration Guide > eDirectory Rights.
How NetWare Calculates Effective Rights

A users effective rights are calculated by NetWare each time the user tries to
access a file or folder on a NetWare volume. You can view a users effective
rights to any file or folder as explained in Viewing Effective Rights on page
56. Following is the process used by NetWare to calculate effective rights.
This process is similar to, but not the same as, the process used by eDirectory
to calculate users effective rights to eDirectory objects and properties. For
information on that process, see Novell eDirectory Administration Guide >
eDirectory Rights.
1. Checks whether the user effectively has the Supervisor right to the
NetWare server where the target file or folder resides. (eDirectory
supplies this information to NetWare.)
If so, the user effectively has all rights in the file system of the server,
and the rest of this process is skipped.
If not, continues with the next step.
2. Determines which eDirectory objects the user is security equivalent to.
(eDirectory supplies this information to NetWare.)
3. Descends to the next level in the file system along the path to the target
file or folder.
HINT: The next level below the NetWare server is the root folder of the volume.

104-001316-001
August 29, 2001
Novell Confidential
59
Manual
99a
38
July 17, 2001
4. Checks whether the user, or any of the objects that the user is security
equivalent to, is assigned the Supervisor right at the current level.
If so, the user effectively has all rights from this level down in the file
system, and the rest of this process is skipped.
If not, continues with the next step.
5. Does the following for the user and each object that the user is security
equivalent to:
a. Checks whether the user (or object) is assigned any non-Supervisor
rights at the current level. If so, sets the effective rights of the user (or
object) to the rights specified in the assignment and skips to Step 6.
If not, continues with the next substep.
b. Removes from the current effective rights any rights that are blocked
by an inheritance filter at the current level.
6. If the current level of the file system is the target file or folder, the users
final effective rights are the sum of his or her current effective rights and
the current effective rights of each object that the user is security
equivalent to. If the target file or folder hasnt been reached yet, returns
to Step 3.
60

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Configuring Role-Based
Administration
ConsoleOneTM gives you the option to extend the schema of your Novell
eDirectoryTM tree to allow the creation of role-based services (RBS) objects.
This enables administration applications to expose their functions as RBS
module and task objects in your tree. You can then create RBS role objects that
define the particular tasks that different users can perform in those
administration applications.
NOTE: This approach to delegating administration works only if you have
administration applications that use RBS objects. You can also delegate
administration using eDirectory rights as explained in Granting Equivalence on
page 53.
In This Chapter
Setting Up Role-Based Services on page 61

Defining RBS Roles on page 62
Assigning RBS Role Membership and Scope on page 63
Creating RBS Objects for Custom Applications on page 64
Setting Up Role-Based Services

Before administration applications can add RBS objects to your eDirectory
tree, the schema of the tree must be extended to allow RBS object types.
Typically, administration applications perform this schema extension
automatically during installation. Regardless, you can complete the procedure
below to ensure that your tree has the needed schema extensions.

104-001316-001
August 29, 2001
Novell Confidential
61
Manual
99a
38
July 17, 2001
Installing RBS Schema Extensions to Your eDirectory Tree

1 Click anywhere in an eDirectory tree.
2 Click Tools > Install.
3 Follow the instructions in the wizard to complete the installation.
Be sure to select Role Based Services on the second screen. Help is

available throughout the wizard.
Defining RBS Roles

RBS roles specify the tasks that users are authorized to perform in specific
administration applications. Defining an RBS role includes creating an RBS
role object and specifying the tasks that the role can perform. In some cases,
administration applications might provide a few predefined RBS role objects
that you can modify.
The application tasks that RBS roles can perform are exposed as RBS task
objects in your eDirectory tree. These objects are added automatically during
installation of one or more administration applications. They are organized
into one or more RBS modules, which are containers that correspond to the
different functional modules of the application.
HINT: If your organization has developed a custom administration application that
uses RBS objects, you can create the RBS objects for it manually as explained in
Creating RBS Objects for Custom Applications on page 64.
In This Section
Creating an RBS Role Object on page 62

Specifying the Tasks That RBS Roles Can Perform on page 63
Creating an RBS Role Object

1 Right-click the container that you want to create the RBS role object in >

2 Under Class, select RBS:Role > click OK.
3 Enter a name for the new RBS role object.
Be sure to follow proper eDirectory naming conventions. (See Novell

eDirectory Administration Guide > Naming Conventions.)
Example: Password Administrator Role
4 Click OK.
62

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Specifying the Tasks That RBS Roles Can Perform

1 Right-click an RBS role or RBS task object > click Properties.
RBS task objects are located only in RBS module containers.

2 On the Role Based Services tab, make the associations you want:
For an RBS role, select the Role Content page > edit the list of tasks
that the role can perform.
For an RBS task, select the Member Of page > edit the list of roles
that can perform the task.
3 Click OK.
Assigning RBS Role Membership and Scope

Once you have defined the RBS roles needed in your organization, you can
assign the membership of each role. In doing so, you specify the scope in
which each member can exercise the functions of the role. Depending on the
administration application associated with the role functions, the scope is
specified either as a context in the eDirectory tree or as an object that
represents some other (non-eDirectory) kind of scope.
HINT: If an administration application defines scope in non-eDirectory terms, it will
extend the schema of your eDirectory tree to include the needed scope object
class. You can then create scope objects as explained in Creating an Object That
Represents a Non-eDirectory Scope on page 66.
1 Right-click either the RBS role object or the object that represents the
users who you want to assign as role members > click Properties.
You can assign users as role members individually or in groups,
organizations, or organizational units. However, if you want each user to
exercise the role within a different scope, you must assign role
memberships individually.
2 On the Role Based Services tab, assign the role memberships you want:
For an RBS role object, select the Members of Role page > edit the
list of members and their scopes as needed.
For a user, group, organization, or organizational unit object, select

the Assigned Roles page > edit the list of role memberships and
scopes as needed.

104-001316-001
August 29, 2001
Novell Confidential
63
Manual
99a
38
July 17, 2001
If you want a single role membership to have multiple, non-overlapping

scopes (such as two different branches of the eDirectory tree), you must
list that role membership multiple times, each with a different scope.
3 Click OK.
Creating RBS Objects for Custom Applications

Typically, administration applications that use RBS objects add the needed
objects to your eDirectory tree automatically during installation. However, if
your organization has developed a custom administration application that uses
RBS objects, you can create the needed RBS objects manually. The following
are the types of RBS objects you can create:
Object Type
Container
or Leaf
Purpose
Example
Module
Container
Represents a module of the

administration application, so that the
applications tasks can be logically
contained and uniquely identified.
An application might have User

and Server modules that each
contain a Create task.
Task
Leaf
Represents a specific application

function.
Reset Login Password.
Scope
Leaf
Represents the scope in which a role

member can exercise the functions of the
role, if the application defines scope in
non-eDirectory terms.
An application that defines scope

in Domain Name Service (DNS)
terms might let you create scope
objects such as:
NOTE: Before you can create a scope
com_xyz
object, its class must exist in the schema

of your eDirectory tree. A scope class is a
subclass of RBS:External Scope.
com_xyz_usa
Represents an administrative role. It lists

the particular application tasks that role
members can perform. See Defining
RBS Roles on page 62 to create this
object type.
For a User Administration

application, you might create roles
such as:
Role
Leaf
com_xyz_usa_ny
Rights Manager
Password Administrator
Employment Data Entry
64

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
In This Section
Creating an RBS Module Object on page 65

Creating an RBS Task Object on page 66
Creating an Object That Represents a Non-eDirectory Scope on page
66
Creating an RBS Module Object

1 Right-click the organization or organizational unit that you want to create
the RBS module object in > click New > click Object.
2 Under Class, select RBS:Module > click OK.
3 In Name, enter a name for the module.

Example: User Administration Module
4 Depending on how the administration application will use the module
object, complete the appropriate steps:

Application Will Read
the Object to
Determine How to
Invoke the Actual
Module?
Steps
No
Click OK. Youre done creating the module object.
Yes
1. Select Define Additional Properties > click OK.

2. On the Information page, specify the modules
URL and software type if they are needed by
the application.
3. On the Path page (Role Based Services tab),
list any other modules required for execution
of this module. Click Help for details.
4. Click OK.

104-001316-001
August 29, 2001
Novell Confidential
65
Manual
99a
38
July 17, 2001
Creating an RBS Task Object

1 Right-click the RBS module container that you want to create the RBS
task object in > click New > click Object.

2 Under Class, select RBS:Task > click OK.
3 In Name, enter a name for the task.

Example: Reset Login Password
4 Depending on how the administration application will use the task object,
complete the appropriate steps:

the Object to
Determine How to
Invoke the Actual
Task?
Steps
No
Click OK. Youre done creating the task object.
Yes

2. On the Information page, specify the
application function (entry point) to be invoked
and any parameters to be passed on
invocation.
3. Click OK.
Creating an Object That Represents a Non-eDirectory Scope

1 If the class of object you will create isnt defined yet in the schema of your
eDirectory tree, use Schema Manager to define it.

See Defining a Custom Object Class on page 71.
IMPORTANT: When completing the Class Creation wizard, be sure to set the
Effective Class flag and select RBS:External Scope as the class to inherit from.
2 Right-click the container that you want to create the scope object in >

3 Under Class, select the object class that represents the non-eDirectory
scope > click OK.
66

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
4 In Name, enter a name for the scope.

Example: DNS Scope com_xyz_usa
5 Depending on how the administration application will use the scope
object, complete the appropriate steps:

the Object to
Determine the Actual
Scope to Enforce?
Steps
No
Click OK. Youre done creating the scope object.
Yes

2. On the property pages, specify the scope
information required by the application. Click
Help for details on specific pages.
3. Click OK.

104-001316-001
August 29, 2001
Novell Confidential
67
Manual
68

104-001316-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
Extending the Novell eDirectory

Schema
The schema of your Novell eDirectoryTM tree defines the classes of objects
that the tree can contain, such as users, groups, and printers. It specifies the
properties (attributes) that comprise each object type, including those that are
required when creating the object and those that are optional. For details, see
Novell eDirectory Administration Guide > Object Classes and Properties and
Schema.
To extend the schema of your eDirectory tree, you need the Supervisor right
to the entire tree. To view the current schema, click anywhere in the tree, then
click Tools > Schema Manager. A list of the available classes and properties
appears, as shown below. Double-click a class or property to see information
about it.

104-001316-001
August 29, 2001
Novell Confidential
69
Manual
Figure 2
99a
38
July 17, 2001
Schema Manager
To extend the schema, see the appropriate section of this chapter.

In This Chapter
Defining Custom Object Classes and Properties on page 70

Defining and Using Auxiliary Classes on page 72
Deleting Unused Classes and Properties on page 77
Defining Custom Object Classes and Properties

You can define your own custom types of properties and add them as optional
properties to existing object classes as needed. (You cant add mandatory
properties to existing classes.) You can also define entirely new classes of
objects that contain both standard and custom properties.
In This Section
Defining a Custom Property on page 71

Adding Optional Properties to a Class on page 71
Defining a Custom Object Class on page 71
70

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Defining a Custom Property

1 Click anywhere in the eDirectory tree whose schema you want to extend.
2 Click Tools > Schema Manager.
3 On the Attributes tab, click Create.
4 Follow the instructions in the wizard to define the new property.
Help is available throughout the wizard.
Adding Optional Properties to a Class

3 On the Classes tab, select the class you want to modify > click Add.
4 In the list on the left, double-click the properties you want to add.
If you add a property by mistake, double-click it in the list on the right.

5 Click OK.
Objects you create of this class will now have the properties you added.
To set values for the added properties, use the generic Other property page
of the object.
Defining a Custom Object Class

3 On the Classes tab, click Create.
4 Follow the instructions in the wizard to define the object class.
Help is available throughout the wizard.

If you need to define custom properties to add to the object class, cancel
the class creation wizard and define the custom properties first as
explained above.

104-001316-001
August 29, 2001
Novell Confidential
71
Manual
99a
38
July 17, 2001
Defining and Using Auxiliary Classes

An auxiliary class is a set of properties (attributes) that are added to particular
eDirectory object instances rather than to an entire class of objects. For
example, an e-mail application could extend the schema of your eDirectory
tree to include an E-mail Properties auxiliary class and then extend individual
objects with those properties as needed. With Schema Manager, you can
define your own auxiliary classes. Then, in the main ConsoleOneTM window,
you can extend individual objects with the properties defined in your auxiliary
classes.
In This Section
Defining an Auxiliary Class on page 72

Extending an Object with the Properties of an Auxiliary Class on page
73
Extending Multiple Objects Simultaneously with the Properties of an
Auxiliary Class on page 74
Modifying an Objects Auxiliary Properties on page 75
Deleting Auxiliary Properties from an Object on page 76
Deleting Auxiliary Properties from Multiple Objects Simultaneously
on page 76
Defining an Auxiliary Class

3 On the Classes tab, click Create.
4 Follow the instructions in the wizard to define the auxiliary class.
Make sure to select Auxiliary Class when setting the class flags. If you
need to define custom properties to add to the auxiliary class, cancel the
Class Creation wizard and define the custom properties first. See
Defining Custom Object Classes and Properties on page 70 for details.
72

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Extending an Object with the Properties of an Auxiliary Class

1 In the main ConsoleOne window, right-click the object > click Extensions
of This Object.
2 Depending on whether the auxiliary class that you want to use is already
listed under Current Auxiliary Class Extensions, complete the

appropriate action:
Auxiliary Class Is Action
Already Listed?
Yes
Quit this procedure.

See instead Modifying an Objects Auxiliary Properties
on page 75.
No
Click Add Extension > select the auxiliary class > click
OK.
3 If a message appears stating that generic editors will be used, click OK.
4 On the screen that appears, set the property values you want.
Depending on which screen youre using, note the following:

Screen
Notes
Extensions tab
(Properties
dialog box)
Both mandatory and optional properties of the

auxiliary class might be listed.
New dialog box
Only mandatory properties of the auxiliary class

are listed.
You must know the syntax of a property to set it

correctly. For details, see Novell eDirectory
Administration Guide > Replicas.
After setting the mandatory properties, you can set
optional properties as explained in Modifying an
Objects Auxiliary Properties on page 75.
5 Click OK.

104-001316-001
August 29, 2001
Novell Confidential
73
Manual
99a
38
July 17, 2001
Extending Multiple Objects Simultaneously with the Properties of an

Auxiliary Class
1 In the ConsoleOne right pane, Shift+click or Ctrl+click the objects to
select them.
The objects dont have to be the same type.
2 Right-click your selection > click Extensions of Multiple Objects.
3 Depending on whether the auxiliary class that you want to use is already
listed under Current Auxiliary Class Extensions, complete the

appropriate action:
HINT: Only those extensions that are common to all the selected objects are
listed. Those that are specific to individual objects arent listed.
Already Listed?
Yes
Quit this procedure.

See instead Modifying an Objects Auxiliary Properties
on page 75. Youll have to modify the objects one at a
time.
No
Click Add Extension > select the auxiliary class > click
OK.
4 If a message appears stating that generic editors will be used, click OK.
5 On the screen that appears, set the property values you want.
IMPORTANT: Each property value you set will be applied to each selected object.
If the property already exists in the object and is single-valued, the existing value
will be replaced. If the property already exists and is multi-valued, the new values
will be added to the existing values.
Depending on which screen youre using, also note the following:
74

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Screen
Notes
Extensions tab

New dialog box
Only mandatory properties of the auxiliary class

are listed.
Administration Guide > Schema.
After setting the mandatory properties, you can set
optional properties as explained below. Youll have
to modify the objects one at a time.
6 Click OK.
Modifying an Objects Auxiliary Properties

1 In the main ConsoleOne window, right-click the object > click Properties.
2 On the Extensions tab, select the property page thats named after the
auxiliary class. If the auxiliary class isnt listed or if theres no Extensions

tab, use the generic Other page.
3 On the screen that appears, set the property values you want. Depending
on which screen youre using, note the following:

Screen
Notes
Extensions tab

Other tab
Only the properties of the auxiliary class that have

already been set are listed. Click Add to set
additional properties.
Administration Guide > Schema.
4 Click OK.

104-001316-001
August 29, 2001
Novell Confidential
75
Manual
99a
38
July 17, 2001
Deleting Auxiliary Properties from an Object

1 In the main ConsoleOne window, right-click the object > click Extensions
of This Object.
2 In the list of current auxiliary class extensions, select the auxiliary class
whose properties you want to delete.

3 Click Remove Extension > Yes.
This deletes all the properties added by the auxiliary class except for any
that the object already had innately.
Deleting Auxiliary Properties from Multiple Objects Simultaneously

1 In the ConsoleOne right pane, Shift+click or Ctrl+click the objects to
select them.
The objects dont have to be the same type.
2 Right-click your selection > click Extensions of Multiple Objects.
3 Depending on whether the auxiliary class whose properties you want to
delete is listed under Current Auxiliary Class Extensions, complete the

appropriate action:
HINT: Only those extensions that are common to all the selected objects are
listed. Those that are specific to individual objects arent listed.
Listed?
Yes
Select it > click Remove Extension > Yes.

This deletes all the properties added by the auxiliary class
except for any that the object already had innately.
No
Cancel the dialog box.

Youll have to delete the auxiliary class from each object
one at a time. See Deleting Auxiliary Properties from an
Object on page 76.
76

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Deleting Unused Classes and Properties

You can delete unused classes and properties (attributes) that arent part of the
base schema of your eDirectory tree. We recommend that you only delete
classes that youve defined and that youre sure arent being used.
ConsoleOne only prevents you from deleting classes that are currently being
used in locally replicated partitions.
In This Section
Deleting a Property from the Schema on page 77

Deleting a Class from the Schema on page 77
Deleting a Property from the Schema

1 Click anywhere in the eDirectory tree whose schema you want to modify.
3 On the Attributes tab, select the property > click Delete > click Yes.
Deleting a Class from the Schema

1 Click anywhere in the eDirectory tree whose schema you want to modify.
3 On the Classes tab, select the class > click Delete > click Yes.

104-001316-001
August 29, 2001
Novell Confidential
77
Manual
78

104-001316-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
Partitioning and Replicating Novell

eDirectory
A partition is a subdivision of your Novell eDirectoryTM tree that can be
stored and replicated as an independent unit across multiple servers. If your
tree is large or spans WAN links, you can partition and replicate it to improve
network performance and fault tolerance. For details, see Novell eDirectory
Administration Guide > Replicas and Partitions.
To perform partition and replication operations, you need the Supervisor right
to the part of the eDirectory tree that you will partition or replicate. In your
tree, the containers that have an icon next to them mark the points where
the tree is partitioned. (Each of these containers is the root of a partition.) At
such points, you can open a special view in the right pane (illustrated below)
to see and configure the replicas of the partition. You can also access similar
views from server objects in the tree.
Figure 3
Partition and Replica View

104-001316-001
August 29, 2001
Novell Confidential
79
Manual
99a
38
July 17, 2001
In This Chapter
Managing Partitions on page 80

Managing Replication on page 85
About Replica States on page 87
Managing Partitions
By default, a small eDirectory tree is stored as a single partition that is
replicated on the first three servers in the tree. The procedures below explain
how to perform further partitioning operations. For concepts and guidelines on
partitioning your tree, see Novell eDirectory Administration Guide >
Guidelines for Partitioning Your Tree and Managing Partitions and Replicas.
In This Section
Viewing Information about a Partition on page 80

Splitting a Partition (Creating a Child Partition) on page 81
Merging a Child Partition with Its Parent Partition on page 81
Moving a Partition on page 81
Checking Partition Continuity on page 82
Viewing Information about a Partition

1 In the left pane, right-click the root container of the partition (it should
have an
View.
icon next to it) > click Views > click Partition and Replica
The right pane displays a list of the servers that the partition is replicated
on, along with the type and state of each replica. For descriptions of the
replica types, see Novell eDirectory Administration Guide > Replicas. For
descriptions of the replica states, see About Replica States on page 87.
2 View more information about the partition, such as when its replicas were
last synchronized.
2a Make sure the partition root is still selected in the left pane.
2b On the toolbar, click Information.
The Partition Information dialog box appears. Click Help for details
on individual information fields.
80

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Splitting a Partition (Creating a Child Partition)

1 Make sure you understand the overall process for creating a partition.
See Novell eDirectory Administration Guide > Creating a Partition.

2 Right-click the container that will be the root of the new (child) partition
> click Views > click Partition and Replica View.

The right pane should display an empty replica list. If the list isnt empty,
the container is already a partition rootselect a different container.
3 On the toolbar, click Create Partition > OK.
Merging a Child Partition with Its Parent Partition

1 Right-click the root container of the child partition (it should have an
icon next to it) > click Views > click Partition and Replica View.
The right pane displays a list of the servers that the partition is replicated
on, along with the type and state of each replica. For descriptions of the
replica types, see Novell eDirectory Administration Guide > Replicas. For
descriptions of the replica states, see About Replica States on page 87.
2 Make sure the child partition is ready to be merged as explained in Novell
eDirectory Administration Guide > Merging a Partition.

3 Make sure the child partitions root container is still selected in the left
pane.
4 On the toolbar, click Merge Partition > OK.
Moving a Partition
1 Make sure the partition is ready to be moved as explained in Novell
eDirectory Administration Guide > Moving Partitions.

2 Select the root container of the partition (it should have an
icon next to
it).
3 Click File > Move.
4 Click the browse button next to the Destination field > select the container
to move the partition into > click OK.

5 (Recommended) Select the Create an Alias for All Objects Being Moved
check box.
6 Click OK.

104-001316-001
August 29, 2001
Novell Confidential
81
Manual
99a
38
July 17, 2001
Checking Partition Continuity

Partition Continuity helps you identify whether any of a partition's replicas are
experiencing synchronization errors. It does this by examining all of the
servers holding replicas of a selected partition and verifying that each server
has the same information for the partition's replica list (or replica ring). This
operation is also known as "walking the replica ring."
If each server holding a replica of the chosen partition does not have an
identical replica list, or if a replica cannot synchronize with the eDirectory
Tree for any reason, the Partition Continuity Table displays one or more errors.
Errors appear as exclamation points inside the replica icons.
The Partition Continuity Table displays the replica list (columns) of each
server (rows) that holds a replica of the chosen partition. To understand the
partition grid, read it horizontally, one server at a time. Each row represents
the replica list of that server.
Figure 4
82
Partition Continuity Table

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
You might also see icons representing unreadable replicas. This does not
necessarily signify that the servers can't talk.It might simply indicated that the
client cannot contact the server for information.
You can check partition continuity in ConsoleOne from the Partition and
Replica View.
1 Click View > Partition and Replica View.
2 Select the partition whose synchronization status you want to view.
3 Click Partition Continuity
Using the Partition Continuity Table
You can use the Partition Continuity table for doing the following:
Viewing Replica Information on page 83
Viewing Server Informations on page 83
Synchronizing Replica Information on page 84
Receiving Updates on page 84
Sending Updates on page 84
Viewing Replica Information
From the Partition Continuity Table, you can view information about a replica,
such as its type, current state, and any synchronization errors.
1 Select a row in the Partition Continuity Table.
2 Click View > Information > Replica.
3 Select the replica (column) you want to view.
4 Click OK.
You can also double-click the replica icon in the table to view replica
information.
Viewing Server Informations
From the Partition Continuity Table, you can view information about a server
and the replicas it holds.
1 Select a row in the Partition Continuity Table.
2 Click View > Information > Server.
You can also double-click the server column in the table to view server
information.

104-001316-001
August 29, 2001
Novell Confidential
83
Manual
99a
38
July 17, 2001
Synchronizing Replica Information
You can synchronize the replica information of every server that holds a
replica of the selected partition with the replica information on the other
servers.
1 Click Repair > Synchronize Immediately.
Receiving Updates
This operation forces the replica on the chosen server to receive all eDirectory
objects from the master replica of the partition. While in process, this
operation marks the replica on the chosen server as a new replica.
The replica state can be seen in the replica list of the server from the Tree View
or the list of Partitions and Servers. The replica's current data will be
overwritten with the data from the master replica.
Although eDirectory automatically synchronizes the directory data among
replicas (so that each replica is sent the most recently updated directory
objects), this operation lets you manually synchronize the directory objects of
replicas if any non-master replicas get out of sync.
Perform this operation if a replica becomes corrupted or has not received
updated data for an extended period of time.
From the Partition Continuity Table, you can identify which replicas are out
of sync with the data of the master replica. They will appear in the partition
grid with an exclamation point (!) on the replica icon.
You cannot select this option from a master replica. The master replica is
assumed to be the most current and accurate copy of the partition. If it's not,
assign one of the other replicas to be the master using the Change Replica
Type operation. The current master replica will be changed automatically to
read/write.
This operation may create a lot of network traffic, so it is best to run this
operation during a period of light network traffic.
1 Click Repair > Receive Updates.
Sending Updates
When you send updates from a replica, the eDirectory objects in that replica
are broadcast from the server the replica resides on to all the other replicas of
the partition, including the master replica.
84

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The other replicas of the partition will combine the new objects sent with the
objects they already have. If the other replicas have data in addition to the data
sent to them, they will retain that data.
Although eDirectory automatically synchronizes the directory data among
replicas (so that each replica is sent the most recently updated directory
objects), this operation lets you manually synchronize the directory objects of
replicas if any replicas get out of sync.
1 Click Repair > Send Updates.
Managing Replication
When you create a new partition, by default eDirectory replicates the partition
on one or more servers in your eDirectory tree. The procedures below explain
how to further configure replication of your trees partitions. For replication
concepts and guidelines, see Novell eDirectory Administration Guide >
Guidelines for Replicating Your Tree and Managing Partitions and Replicas.
In This Section
Viewing Replication Information on page 85

Adding a Replica on page 86
Deleting a Replica on page 86
Modifying a Replica on page 87
Replicating Selected Data Only on page 87
Viewing Replication Information

1 In the left pane, right-click either a server or a partition root (a container
with an
View.
icon next to it) > click Views > click Partition and Replica
Select a server to see all its replicas, no matter which partitions they
replicate. Select a partition root to see all the partitions replicas, no
matter which servers they are stored on.
The right pane displays a list of the replicas you chose, along with the type
and state of each replica. For descriptions of the replica types, see Novell
eDirectory Administration Guide > Replicas. For descriptions of the
replica states, see About Replica States on page 87.

104-001316-001
August 29, 2001
Novell Confidential
85
Manual
99a
38
July 17, 2001
2 View more information on a particular replica, such as its last
synchronization time and any errors.

2a In the right pane, select the replica.
2b On the toolbar, click the Information button.
The Replica Information dialog box appears. Click Help for details
on individual information fields. If there are synchronization errors,
click the question mark next to the error number for details.
Adding a Replica
1 In the left pane, right-click the root container of the partition that you
want to replicate (it should have an

click Partition and Replica View.
icon next to it) > click Views >
The right pane displays a list of the servers that the partition is already
replicated on.
2 On the toolbar, click Add Replica.
3 Next to the Server Name field, click the browse button > select the server
to create the new replica on > click OK.

4 Select the type of replica you want.

5 Click OK.
Deleting a Replica
1 In the left pane, right-click either the server that holds the replica, or the
root container of the partition that the replica is a copy of (it should have
an icon next to it) > click Views > click Partition and Replica View.
The right pane displays a list of the replicas on the selected server or of
the selected partition, along with the type and state of each replica. For
descriptions of the replica types, see Novell eDirectory Administration
Guide > Replicas. For descriptions of the replica states, see About
Replica States on page 87.
2 Make sure you understand the implications of deleting the replica.
See Novell eDirectory Administration Guide > Adding, Deleting, and

Changing the Type of Replicas.
3 In the right pane, select the replica.
4 On the toolbar, click Delete Replica > Yes.
86

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Modifying a Replica
1 In the left pane, right-click either the server that holds the replica, or the
root container of the partition that the replica is a copy of (it should have
an icon next to it) > click Views > click Partition and Replica View.
The right pane displays a list of the replicas on the selected server or of
the selected partition, along with the type and state of each replica. For
descriptions of the replica types, see Novell eDirectory Administration
Guide > Replicas. For descriptions of the replica states, see About
Replica States on page 87.
2 Make sure you understand the implications of changing the replica.
See Novell eDirectory Administration Guide > Adding, Deleting, and

Changing the Type of Replicas.
3 On the toolbar, click Change Replica Type.
4 Modify the replica as needed.

4a To change the replica type, select the type you want.
4b For filtered replica types, see Replicating Selected Data Only on
page 87 below.
5 Click OK.
Replicating Selected Data Only

When adding or modifying a replica as explained above, select a filtered
replica type > click Create/Edit Filter > select only those types of objects and
properties that you want the replica to contain.
For this to work, your tree must be running NDS eDirectory 8.5 or later.
About Replica States

An eDirectory replica can be in various different states depending on the
partition or replication operations it is undergoing. The following table
describes the replica states that you might see in ConsoleOne.

104-001316-001
August 29, 2001
Novell Confidential
87
Manual
99a
38
July 17, 2001
State
Means That the Replica Is
On
Currently not undergoing any partition or replication operations
New
Being added as a new replica on the server
Dying
Being deleted from the server
Dead
Done being deleted from the server
Master Start
Being changed to a master replica
Master Done
Done being changed to a master replica
Change Type
Being changed to a different type of replica
Locked
Locked in preparation for a partition move or repair operation
Transition Move Starting into a partition move operation
88
Move
In the midst of a partition move operation
Transition Split
Starting into a partition split operation (creation of a child partition)
Split
In the midst of a partition split operation (creation of a child partition)
Join
Being merged into its parent partition
Transition On
About to return to an On state
Unknown
In a state not known to ConsoleOne

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

You can manage individual NetWare servers and the file system resources on
both traditional NetWare volumes and NSS volumes. For example, you can
view and modify basic server information, launch NetWare Management
Portal, assign server operators, copy and move files and folders, and salvage
and purge deleted files. You can control volume space allocations (on
traditional volumes only), assign file owners and attributes, make trustee
(rights) assignments, and view volume usage statistics. For background
information on NetWare file systems, see NetWare 5 Documentation >
Traditional Files Services Administration Guide (http://www.novell.com/
documentation/lg/nw51/trad_enu/data/h158rfoc.html) and Novell Storage
Services Administration Guide (http://www.novell.com/documentation/lg/
nw51/nss__enu/data/hn0r5fzo.html).
In ConsoleOneTM, you browse NetWare servers, volumes, folders, and files
like any other objects in your Novell eDirectoryTM tree. Volumes and folders
are container objects that you can expand and collapse. Servers and files are
leaf objects that you can manipulate and set properties for.
In This Chapter
Viewing and Modifying Server and File System Information on page

90
Managing Files and Folders on NetWare Volumes on page 93
Salvaging and Purging Deleted Files on NetWare Volumes on page 94
Controlling Allocation of Volume Space on page 95
Creating eDirectory Objects to Facilitate File Management on page 97

104-001316-001
August 29, 2001
Novell Confidential
89
Manual
99a
38
July 17, 2001
Viewing and Modifying Server and File System

Information
You can view and modify information about NetWare servers, volumes, files,
and folders. For volumes, files, and folders, this information includes
attributes, owners, and time of last modification or backup. You can also
launch NetWare Management Portal from a server object in your eDirectory
tree.
HINT: Attributes control how files and folders are handled during processes like
compression, backup, and migration. They also control access to specific files and
folders, overriding individual trustee (rights) assignments.
For volumes, you can also view current usage statistics and information about
which file system features are enabled and disabled. For servers, you can view
the current status, NetWare version number, and network address. You can
also assign console operators and record information about the resources,
services, and users supported by the server.
In This Section
Launching NetWare Management Portal from a Server Object on page

90
Viewing or Modifying Information about a NetWare Server on page 91
Viewing or Modifying Information about a Volume on page 91
Viewing Details on the Contents of a Volume or Folder on page 92
Viewing or Modifying Information about a File or Folder on page 92
Modifying Information about Multiple Files, Folders, or Volumes
Simultaneously on page 92
Launching NetWare Management Portal from a Server Object

For this to work, the target NetWare server must be running the NetWare
Management Portal software (PORTAL.NLM). This software loads by default
in NetWare 5.1. You must also have a Web browser installed on your
ConsoleOne workstation.
1 In your eDirectory tree, browse to the target NCP Server object.
2 Right-click the NCP Server object > click Launch Portal.
90

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If you get an error message, the target server might not be running
PORTAL.NLM. Otherwise, the NetWare Portal page should appear in your
Web browser. For information on using it, see NetWare 5.1 Documentation >
NetWare Management Portal Utility Guide (http://www.novell.com/
documentation/lg/nw51/port_enu/data/a3l0k9x.html).
Viewing or Modifying Information about a NetWare Server

1 Right-click the NCP server object > click Properties.
2 Use the following property pages to view or modify the information you
want.
Click Help for details on any page.
Page
Use To
General > Identification
View the server status, NetWare version

number, or network address
General > Error Log
View or clear the server error log file
Operators
View or modify the list of users who

have console operator privileges
Resources, Supported Services,

Users
Record the resources, services, and

users supported by the server (for your
information onlythis information is not
used by the system in any way)
3 Click OK.
Viewing or Modifying Information about a Volume

1 Right-click the volume > click Properties.
2 To view or change the volume owner or information about recent volume
events, use the Dates and Times page.

3 To view statistics on volume usage and information about which file
system features are enabled and disabled, use the Statistics page.
4 Click OK.

104-001316-001
August 29, 2001
Novell Confidential
91
Manual
99a
38
July 17, 2001
Viewing Details on the Contents of a Volume or Folder

1 In the left pane, right-click the volume or folder > click Views > Details
View.
The right pane lists the files and folders and their last modification date
and current attribute settings. To resize a column, drag its border.
2 To interpret the information in the Attributes column, see NetWare 5.1
Documentation > Setting Directory or File Attributes (http://

www.novell.com/documentation/lg/nw51/trad_enu/data/
h8gdk9xq.html).
Viewing or Modifying Information about a File or Folder

1 Right-click the file, folder, or volume > click Properties.
Use a volume to access information about the root folder of the file
system.
2 On the Attributes page, view or set the attributes you want.
For details, see NetWare 5.1 Documentation > Setting Directory or File
Attributes (http://www.novell.com/documentation/lg/nw51/trad_enu/
data/h8gdk9xq.html).
3 On the Facts page, view or modify the information you want.

4 Click OK.
Modifying Information about Multiple Files, Folders, or Volumes

Simultaneously
1 In the right pane, Ctrl+click or Shift+click the files, folders, or volumes
to select them.
2 Click File > Properties of Multiple Objects.
If this option is disabled, right-click your selection in the right pane >
click Properties of Multiple Objects.
IMPORTANT: See Editing Object Properties on page 36 for differences in how
property pages work when editing multiple objects.
3 On the Objects to Modify page, make sure only the objects you want to
modify are listed.

Add and delete objects as needed.
92

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
4 On the Attributes page, set the attributes you want.
For details, see NetWare 5.1 Documentation > Setting Directory or File
Attributes (http://www.novell.com/documentation/lg/nw51/trad_enu/
data/h8gdk9xq.html).
5 (Volumes only) On the Dates and Times page, modify the information
you want.
6 On the other pages, modify the information you want.

7 Click OK.
Managing Files and Folders on NetWare Volumes

Once you have browsed into the file system on a NetWare volume, you can
perform the file management task described below.
In This Section
Copying or Moving Files and Folders on page 93

Creating a File or Folder on page 94
Renaming a File or Folder on page 94
Deleting Files and Folders on page 94
Copying or Moving Files and Folders

1 In the right pane, Ctrl+click or Shift+click the files and/or folders to select
them.
2 Press Ctrl+C to copy or Ctrl+X to move.
3 Select the folder or volume to copy or move your selection to.
4 Press Ctrl+V to paste the selection.
5 In the confirmation dialog box, indicate whether to keep users trustee
(rights) assignments to the items during the copy or move operation.

Other file and folder attributes are kept automatically, including the
resource fork of any Mac OS* files.

104-001316-001
August 29, 2001
Novell Confidential
93
Manual
99a
38
July 17, 2001
Creating a File or Folder

1 Right-click the folder or volume that you want to create the new file or
folder in > click New > click Object.

2 Under Class, select File or Directory > click OK.
3 In Name, enter a name for the new file or folder > click OK.
If you create a file using this procedure, it will be empty.
Renaming a File or Folder

1 Right-click the file or folder > click Rename.
2 In New Name, enter a new name for the file or folder > click OK.
Deleting Files and Folders

1 In the right pane, Ctrl+click or Shift+click the files and/or folders to select
them.
2 Press Delete.
3 In the confirmation dialog box, click Yes.
Salvaging and Purging Deleted Files on NetWare

Volumes
You can salvage (recover) files and folders that have been deleted from
NetWare volumes if they havent been purged yet. By default, NetWare
volumes undergo purges periodically, but you can purge specific files and
folders immediately to recover space if needed.
In This Section
Salvaging Deleted Files and Folders on page 95

Purging Deleted Files and Folders on page 95
94

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Salvaging Deleted Files and Folders

1 In the left pane, right-click the volume or folder that the files and folders
were deleted from > click Views > click Deleted File View.
The deleted files and folders appear in the right pane. To resize a column
in the right pane, drag its border.
2 Ctrl+click or Shift+click the files and/or folders that you want to salvage.
3 Right-click your selection > click Salvage.
Salvaging a folder doesnt salvage its contents. You must salvage the
folder first and then salvage its contents.
Purging Deleted Files and Folders

1 In the left pane, right-click the volume or folder that the files and folders
were deleted from > click Views > click Deleted File View.
The deleted files and folders appear in the right pane. To resize a column
in the right pane, drag its border.
2 Ctrl+click or Shift+click the files and/or folders that you want to purge.
WARNING: Purged files and folders cant be recovered. Once you click Purge,
you cant cancel the operation.
3 Right-click your selection > click Purge.
Controlling Allocation of Volume Space

You can restrict the amount of volume space that individual users can use. You
can also place limits on the size that individual folders can grow to.
Currently, you can perform these tasks only on traditional NetWare volumes,
not on NSS volumes.
In This Section
Restricting a User's Volume Space on page 96

Restricting a Folder's Size on page 96
Removing a User's Space Restriction on a Volume on page 96
Removing a Folder's Size Restriction on page 96

104-001316-001
August 29, 2001
Novell Confidential
95
Manual
99a
38
July 17, 2001
Restricting a User's Volume Space

1 Right-click the volume > click Properties > select the Users with Space
Restrictions page.
2 In the User Name column, if the user whose space you want to restrict is
already listed, click the user > Modify.

Otherwise, click Add to add the user.
3 In the dialog box that appears, select Limit Volume Space > enter a space
limit in the field > click OK.

Restricting a Folder's Size

1 Right-click the folder > click Properties.
2 On the Facts page, select Restrict Size.
3 In Limit, enter a size limit in kilobytes.
The limit will be rounded to the nearest 64 kilobytes.

4 Click OK.
Removing a User's Space Restriction on a Volume

1 Right-click the volume > click Properties > select the Users with Space
Restrictions page.
2 In the User Name column, click the user > Delete.
3 Click OK.
The user is now limited only by the available space on the volume.
Removing a Folder's Size Restriction

1 Right-click the folder > click Properties.
2 On the Facts page, deselect Restrict Size.
3 Click OK.
Any size restrictions on parent folders are still operative on this folder.
96

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Creating eDirectory Objects to Facilitate File

Management
When you install NetWare 4.x, 5.x, or 6 on a server, objects are automatically
created in the eDirectory tree to let you manage the server and its volumes.
You can create additional Server and Volume objects to manage the resources
of servers that are in other eDirectory trees or that are running earlier NetWare
versions. You can also create Directory Map objects to facilitate access to
commonly used folders on NetWare volumes.
In This Section
Creating a NetWare Server Object on page 97

Creating a Volume Object on page 98
Creating a Directory Map Object on page 98
Creating a NetWare Server Object

1 Make sure the actual NetWare server is up and accessible on the network.
2 Right-click the container that you want to create the server object in >

3 Under Class, select NCP Server > click OK.
4 In Name, enter the actual name of the NetWare server that this object will
represent.
Example: SALES_SRV
process for this server object, select Define Additional Properties.

For example, you might want to assign one or more users as server
operators.
6 Click OK.
ConsoleOne attempts to find the specified server on the network. If it fails

(for example, if you typed the name incorrectly), the Server object isnt
created.

104-001316-001
August 29, 2001
Novell Confidential
97
Manual
99a
38
July 17, 2001
Creating a Volume Object

1 Make sure the eDirectory tree contains a Server object for the NetWare
server that hosts the volume.

2 Make sure the NetWare server is up and the volume is mounted and
accessible on the network.

3 Right-click the container that you want to create the Volume object in >
click New > Object.

4 Under Class, select Volume > click OK.
5 In the dialog box, enter a name for the Volume object > select the host
server and physical volume that the object will represent.

6 Click OK.
ConsoleOne attempts to find the specified volume on the network. If it

fails, the Volume object isnt created.
Creating a Directory Map Object

1 Right-click the container that you want to create the directory map object
in > click New > click Object.

2 Under Class, select Directory Map > click OK.
3 In the dialog box, enter a name for the directory map object > select the
volume and path that the object will represent.

4 Click OK.
ConsoleOne creates the directory map object whether or not the specified
path actually exists. Make sure it does exist or users wont be able to use
the directory map to map drives.
98

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Generating Reports
This release of ConsoleOneTM includes some predefined report forms that you
can use to generate reports on the objects in your eDirectoryTM tree. Heres an
example of one such report:
Figure 5
Trustee Assignments Report Dialog Box
The predefined eDirectory report forms are packaged into three report catalog
objects that you can add to your eDirectory tree. Other Novell products
might provide additional report catalogs that you can add to your tree. If you
add the JReport* Designer tool (purchased separately) to your ConsoleOne
installation, you can also design custom reports from scratch.
NOTE: Currently, you can generate reports only when running ConsoleOne on a
Windows* computer thats configured as explained in Setting Up Reporting on

page 103. You cant generate reports when running ConsoleOne on a NetWare
server.
Generating Reports

104-001316-001
August 29, 2001
Novell Confidential
99
Manual
99a
38
July 17, 2001
In This Chapter
Available Reports on page 100

Setting Up Reporting on page 103
Generating, Printing, and Saving Reports on page 105
Designing Custom Reports on page 108
Available Reports
The Novell-defined report forms included in this release of ConsoleOne are
described below. Only the core report forms that ship with ConsoleOne are
described. For descriptions of report forms provided by other products (such
as ZENworksTM), see the documentation for those products. Before you can
generate reports using Novell-defined report catalogs, you must complete the
setup described in Setting Up Reporting on page 103.
Some reports forms include one or more subreports. You can ignore these
they are a by-product of the report design. In ConsoleOne lists, subreport
names appear in all lowercase.
In This Section
eDirectory General Object Reports on page 100

eDirectory User Security Reports on page 101
eDirectory User and Group Reports on page 102
eDirectory General Object Reports

This report catalog contains report forms that let you generate reports on the
NetWare servers, print servers, and printers in your eDirectory tree. The
following table describes the general object reports:
Report
Information Provided for Each Object
NetWare File Servers
NetWare server name, status, network address, operating system version,

eDirectory version, list of operators.
Print Servers
Print server name, list of printers serviced by the print server, status of each
printer, print queues used by the print server.
Printers
Printer name, print server that services the printer, list of print queues used by
the printer.
100 ConsoleOne User Guide

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
eDirectory User Security Reports

This report catalog contains report forms that let you generate reports on
eDirectory login and rights security for the users in your eDirectory tree. The
following table describes the user security reports:
Report
Disabled User Accounts
Name of disabled user account, other (unofficial) names of the

user, status of the accounteither disabled or expired
(expiration date and time).
Users Locked by Intruder Detection
Username, whether the user account is locked due to intruder

detection, network address from which login was attempted,
number of failed login attempts, date and time the account will
be unlocked if its currently locked.
Security Equivalence
Username, list of objects that the user is explicitly security

equivalent to (implicit or automatic security equivalences are not
listed).
Template Security Settings
Template object name, security settings that will be applied to

each new User object that is created from the template,
including:
Login password requirements
Whether login is initially disabled
Login expiration date and time
Maximum number of concurrent login sessions allowed
Restrictions on the times when the user can be logged in
Group memberships
Objects that the user is explicitly security equivalent to
Trustees of the User object and their assigned rights
The users assigned rights to his or her own User object
The users assigned rights to other eDirectory objects
The users assigned rights to files and folders on NetWare
volumes
Trustee Assignments
Name of resource (eDirectory object) that the trustee

assignment controls access to, list of trustees (objects holding
rights to the resource) and their assigned rights.
Generating Reports 101

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Report
User Password Requirements
Username, other (unofficial) names for the user, whether a login

password is required, whether the user can change his or her
own password, minimum password length, whether the last
eight passwords must be unique, maximum number of days a
password can be used, number of grace logins allowed, number
of grace logins remaining, password expiration date and time.
Users Not Logged In
Name of user who hasnt logged in for at least 90 days, other

(unofficial) names for the user, last login date and time.
Users with Expired Passwords
Name of user whose password has expired, other (unofficial)

names for the user, password expiration date and time, last
login date and time.
Users with Multiple Workstation Logins Name of user who is logged in from multiple workstations, other
(unofficial) names for the user, number of workstations the user
is logged in from, network addresses of the workstations.
eDirectory User and Group Reports

This report catalog contains report forms that let you generate reports on the
users, groups, and organizational roles in your eDirectory tree. The following
table describes user and group reports:
Report
User Contact List
Username, first name, last name, telephone number, Internet e-mail address,
postal address
Duplicate Common User

Names
Name of duplicate user, number of users so named, first and last name of
each user, context of each user
Group Membership
Group name, general information about the group (owner, description,

location, department, and organization), list of members of the group
Organizational Roles
Organizational role name, description, list of occupants, list of other objects

that are explicitly security equivalent to the organizational role
User Information
Username, first name, last name, employee ID, description, location,

department
User Login Scripts
Username, other (unofficial) names for the user, description of the user,
content of the users login script

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Setting Up Reporting
The reporting setup you need depends on the kind of reports you want to
generate, as summarized in the table below. Steps for completing the reporting
setup are given after the table.
IMPORTANT: Reporting works only if you run ConsoleOne on a Windows
computer with 128 MB of RAM. It doesnt work if you run ConsoleOne on NetWare,
Linux, Solaris, or Tru64. In addition, the eDirectory tree you are reporting on must
contain a NetWare volume to install the report catalog files on. If your eDirectory
tree doesnt contain a NetWare server, you cant set up reporting in ConsoleOne.
To Generate These Reports Complete This Setup
Novell-defined
eDirectory reports, with
minimal customization
1. Install Reporting Services extensions to the schema of your eDirectory

tree.
2. Install the Novell-defined report catalogs in your eDirectory tree.
3. On each Windows computer that you will use to generate reports,
install the ODBC driver for eDirectory and configure the data source
you want.
Reports provided by
other products, such as
ZENworks
See the documentation for the product that provides the reports.
Custom reports designed

from scratch
1. Complete the above setup for generating Novell-defined eDirectory

reports.
2. Add the JReport Designer tool to your ConsoleOne installation as
explained in Designing Custom Reports on page 108.
In This Section
Installing Reporting Services Schema Extensions on page 104

Installing Novell-Defined Report Catalogs on page 104
Installing the ODBC Driver for eDirectory on a Windows Computer on
page 104
Configuring the Data Source Used by a Report Catalog on page 105

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Installing Reporting Services Schema Extensions

1 Click anywhere in an eDirectory tree.
2 Click Tools > Install.
Be sure to select Reporting Services on the second screen. Help is

available throughout the wizard.
Installing Novell-Defined Report Catalogs

1 Select the container that you want to put the Report Catalog objects in.
HINT: You can install the Catalog objects in as many containers as you want. This
lets different organizations or departments configure their reports independently.
2 Click Tools > Install Novell-Defined Reports.

3 Select the report catalogs to install and the location to store the associated
catalog files.
See Available Reports on page 100 for descriptions of the Novelldefined report catalogs.
Click Help for details on selecting the location to store the catalog files.
4 Click Install.
Installing the ODBC Driver for eDirectory on a Windows Computer

1 If ConsoleOne isnt installed locally on the Windows computer, in
Windows Explorer locate the mapped or shared drive that represents the
remote server volume where ConsoleOne is installed.
Otherwise, skip this step.
2 Browse to the folder where ConsoleOne is installed.

Windows
NetWare
3 In the \REPORTING\BIN subfolder, double-click ODBC.EXE.


104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Configuring the Data Source Used by a Report Catalog

1 In the Windows control panel, double-click the ODBC icon.
2 On the User DSN tab, click Add > select the ODBC driver to be used >
click Finish.
Select Novell ODBC Driver for NDS if you want to use eDirectory as
your data source. This is required for the Novell-defined eDirectory
report catalogs.
3 In the Data Source Setup dialog box, enter a name for the data source and
fill in any other information required by your reporting system > click
OK.
The name should match the data source specified in the report catalog.
For the Novell-defined eDirectory report catalogs, enter "NDS
Reporting" as the name and skip the other fields in the dialog box. (They
are ignored by the Novell-defined NDS report catalogs.)
4 Click OK.
Generating, Printing, and Saving Reports

Once you have set up reporting as explained in Setting Up Reporting on
page 103, you can perform the reporting tasks described below. When
performing these tasks, you can use either a Novell-defined report catalog or
a custom report catalog that you have designed.
The first task below applies only if you are using a report catalog that uses the
Novell-defined NDS Reporting data source.
In This Section
Specifying the Part of Your eDirectory Tree (Context) to Report On on

page 106
Generating and Viewing a Report on page 106
Printing a Report on page 106
Saving a Report on page 107
Exporting a Report on page 107
Viewing a Previously Saved Report on page 107
Customizing the Data-Selection Criteria (Query) Used to Generate a
Report on page 107

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Specifying the Part of Your eDirectory Tree (Context) to Report On

1 Right-click the Report Catalog object that you will use to generate the
reports > click Properties.

2 On the Identification page, click the browse button next to the Report
Context field > select the eDirectory container that is to be the top of your
reporting context > click OK.
Select the tree object to report on the entire tree. (This is the default.) All
objects below the selected container will be included in your reports.
The reporting context you set remains in effect for all reports generated
using this report catalog, unless you change it again using this same
procedure.
Generating and Viewing a Report

1 Right-click the Report Catalog object that contains the report form that
you want to use > click Generate Report.

2 Select the report form and query to use.

3 Click OK.
A status box appears while the report is being generated. After the report
is done generating, it appears in the View Report window (this may take
a few moments). You can then print, save, or export the report as
explained below.
Printing a Report
1 Generate the report as explained above.
2 On the toolbar of the View Report window, click Print.
3 Select the print options you want.
4 Click OK.

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Saving a Report
2 On the toolbar of the View Report window, click Save.
3 Enter a name for the report, or select a previously saved report to
overwrite.
4 Click Save.
Exporting a Report
2 On the toolbar of the View Report window, click Export Report.
3 Select the filename, path, and format to export to.

4 Click OK.
Viewing a Previously Saved Report

1 Right-click the report catalog object that was used to generate the report
> click Open Report.

2 Select the form that was used to generate the report.
3 Under Available Reports, select the report.
4 Click OK.
Customizing the Data-Selection Criteria (Query) Used to Generate a

Report
1 Right-click the Report Catalog object that you will use to generate the
report > click Properties.

2 On the Queries page, select the form that you will use to generate the
report.
3 Depending on whats listed under Available Queries, perform the
appropriate action:

104-001316-001
August 29, 2001
Novell Confidential
Manual
Available Queries
Action
Only the default

query is listed
Click Add.
99a
38
July 17, 2001
NOTE: You cant customize the default query on this
page. To customize it, see instead Designing

Custom Reports on page 108.
Additional (nondefault) queries are
listed
Select the query that you want to customize > click

Open.
4 In the query-building dialog box, specify the data-selection criteria that
you want to be used to generate the report.

5 (Optional) Click Generate Report to generate the report immediately
using the criteria you specified.

After viewing the report, close the View Report window and modify the
query further if needed.
6 When you are satisfied with the data-selection criteria you have specified,
click OK in the query-building dialog box.
Designing Custom Reports

To design custom reports, you must complete the general reporting setup (see
Setting Up Reporting on page 103), and then add the JReport Designer tool
(purchased separately) to the ConsoleOne installation that you will use to
design reports. You can then create your own custom report catalogs and
report forms.
In This Section
Adding JReport Designer to Your ConsoleOne Installation on page 109

Creating a Custom Report Catalog on page 109
Creating or Modifying Report Forms on page 110

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Adding JReport Designer to Your ConsoleOne Installation

1 From the Windows computer where ConsoleOne is installed, or from a
Windows computer with a drive mapped to the NetWare server where

ConsoleOne is installed, start a Web browser and go to the Novell
ConsoleOne site (http://www.novell.com/products/consoleone).
2 Locate and click the JReport Designer link.
This should take you to a Jinfonet Web site where you can download a
package called JReport Designer for Novell Reporting Services. This
package is designed to integrate the JReport Designer tool with your
ConsoleOne installation. If you cant find the JReport Designer link on
the ConsoleOne site, check the site again later. At the time of this
publishing, the availability date for JReport Designer hasnt been
finalized.
3 Follow the instructions on the Jinfonet Web site to download and run the
JReport Designer for Novell Reporting Services setup program

(DESIGNER.EXE or SETUP.EXE).
4 Follow the prompts to complete the setup. When you are prompted for the
installation directory, choose the location of your ConsoleOne

installation.
Local Drive
Network Drive
Creating a Custom Report Catalog

1 Right-click the container that you want to create the Report Catalog
object in > click New > click Object.

2 Under Class, select Report Catalog > click OK.
3 In Name, enter a name for the new report catalog object.

Example: Custom XYZ Reports
4 Select the location to store the files associated with the report catalog, and
select the data source to be used by the report catalog.


104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
5 Click OK.
6 In the Add Table dialog box, select the database tables that your report
forms will query > click Add.

Repeat this action as needed.
If you are using the Novell-defined NDS Reporting data source, most of
the database tables correspond to eDirectory object classes.
7 Click Done in the Add Table dialog box.
8 Create the catalogs report forms as explained below.
Creating or Modifying Report Forms

1 Right-click the report catalog object that contains (or will contain) the
report forms > click Properties.

2 On the Forms page, create and modify the report forms you want.

Clicking New or Open on the Forms page starts the JReport Designer
tool. For information on using that tool, see the JReport Users Guide
(http://www.jinfonet.com/help/index.htm).

104-001316-001
August 29, 2001
Novell Confidential
Manual
10
99a
July 17, 2001
38
Troubleshooting
This chapter gives solutions to problems you might encounter when setting up
or using ConsoleOneTM. If this information doesnt solve your problem, you
can try the following contacts:
Contact
Use to Get
Novell Support site (http://

support.novell.com/) or the vendor
you purchased the software from
Free technical support
1-800-NETWARE
Direct, charged Novell technical support
Novell Free Downloads site (http://

ConsoleOne updates
In This Chapter
ConsoleOne Malfunctions or Wont Start on page 112

Performance Is Sluggish on page 113
I Need a Completely Local Installation on page 113
Cant Find the eDirectory Tree That I Want to Log In To on page 113
Newly Created User Cant Log In on page 113
Cant Create Volume or Directory Map Object on page 114
Cant Abort Partition Operation on page 114
Problems Generating a Report on page 114
Field or Option is Disabled on page 115
Known Quirks and Limitations on page 115
Troubleshooting 111

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
ConsoleOne Malfunctions or Wont Start

Possible Cause
Solution
You are starting ConsoleOne

on a Windows computer that
doesnt have the required drive
mapping or Novell client
software.
Make sure you have the system requirements and drive mappings
specified for Windows on page 18.

on a NetWare server that
doesnt have NJCL 2 installed
properly.
Remove the \NJCLV2 folder from SYS:JAVA on your server and

reinstall ConsoleOne. This installs a new copy of NJCL 2 on your server
so that ConsoleOne will work.

on a Linux or Solaris computer
that doesnt have the correct
Java runtime environment
(JRE).
If you chose not to install the JRE during installation of ConsoleOne and
your existing JRE is not the one noted in System Requirements for
Linux on page 23 or System Requirements for Solaris on page 25, you
might want to add the bundled JRE to your ConsoleOne installation
(type c1-install -c jre at the system prompt). If you are sure you
want to run with a different JRE, then set the JRE_HOME or
C1_JRE_HOME environment variable to the location of that JRE.
ConsoleOne determines which JRE to use as follows:
If C1_JRE_HOME is specified, that JRE is used.
If the JRE bundled with ConsoleOne is installed, that JRE is used.
If JRE_HOME is specified, that JRE is used.
Otherwise, ConsoleOne displays an error message and quits.

remotely through an X terminal
session on a computer that
doesnt have an X windowing
subsystem.
If ConsoleOne is installed on a Linux or Solaris computer and you are

trying to run it remotely through an X terminal session, the computer
where you are running the terminal session must have an X windowing
subsystem installed or it wont work. The X terminal session must be
configured to permit transmissions from the remote host and to use the
local X windowing subsystem for display.

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Performance Is Sluggish
Possible Cause
Solution
This is often due to insufficient RAM.

Make sure ConsoleOne is running on the system configuration
Under tight memory conditions,
recommended in Installing and Starting ConsoleOne on
ConsoleOne might gradually slow down. page 18. Adding more RAM is the biggest performance
booster, especially if you are generating reports. If
ConsoleOne has been running for a long time, you might want
to restart it.
I Need a Completely Local Installation

Possible Cause
Solution
The larger product that installed ConsoleOne

might not provide the option to install
ConsoleOne locally on your hard disk.
See Installing and Starting ConsoleOne on page 18.

Make sure to choose a local drive during the installation
procedure.
Cant Find the eDirectory Tree That I Want to Log In To

Possible Cause
Solution
The server that you are

viewing the network through
cant see all the trees.
If you are running ConsoleOne on Windows, set a different server as your

primary server in NetWare Connections (see the red N on the Windows
taskbar). Then redisplay the list of trees in ConsoleOne.
Newly Created User Cant Log In

Possible Cause
Solution
If you cancelled the Set Password dialog box when

creating the User object, an object-key pair
(eDirectoryTM password) wasn't created for the user
account.
Go to the Password Restrictions property page of

the User object and click Change Password to
create an object-key pair (eDirectory password).
Troubleshooting 113

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Cant Create Volume or Directory Map Object

Possible Cause
Solution
The eDirectory tree you

are trying to create the
Volume or Directory Map
object in doesnt contain
a NetWare server.
The tree must contain a NetWare server that hosts a NetWare volume or you
cant create a Volume or Directory Map object in the tree.
NOTE: To provide access from your tree to NetWare file systems in other
trees, you can create NetWare Server and Volume objects in your tree that
point to the NetWare servers and volumes in the other trees. The NetWare
Server objects must be created before the Volume or Directory Map objects.
Cant Abort Partition Operation

Cause
Solution
ConsoleOne doesnt yet have the capability to abort Use the legacy NDS ManagerTM tool.
a partition operation started by another administrator.
Problems Generating a Report

Possible Cause
Solution
Insufficient RAM
Some of the larger reports require a lot of memory to generate. You should
have at least 128 MB RAM on the Windows computer that youre using to
generate the report.
Report catalog is
corrupted
Delete and recreate the Report Catalog object. Then try generating the report
again. To create a Report Catalog object, you must have a NetWare volume
in your eDirectory tree to install the report catalog files on.
You might not have

completed the required
reporting setup
See Setting Up Reporting on page 103.

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Field or Option is Disabled

Possible Cause
Solution
You might need to modify some other

setting before the field or option becomes
available.
Click Help for information about using specific fields and

options.
You might not have rights to access the

information or perform the operation
associated with the field or option.
Check your effective rights to the eDirectory property

associated with the field or option. (See Viewing Effective
Rights on page 56.) If necessary, contact your network
administrator to get the rights you need.
Known Quirks and Limitations

The following are known quirks and limitations of this release of ConsoleOne.
Most of these should no longer exist in future releases.
Quirk or Limitation
Workaround
eDirectory searches return only the first 1,200

objects.
If your search returns 1,200 objects and you

suspect there are more, refine the search criteria to
return fewer objects.
Jumping to an object in the right pane by typing its

name doesnt work if there are more than 1,000
objects in the list.
Use Edit > Find to find the object, or use View >
Filter to hide other object types and then type the
object name.
Selecting large sets of eDirectory objects from a list

of more than 1,000 objects doesnt work.
(ConsoleOne retrieves the list of objects from
eDirectory one chunk at a time and wont let you
select across these invisible chunks.)
Select a smaller set of objects and repeat the

operation as many times as needed to complete
your task.
Applying a change to a multi-value property in

eDirectory doesnt work if the total data size
exceeds 48 KB. For example, deleting 1,000
usernames from a membership list would require
about 48 KB if the average name were 24
characters. (Each character is two bytes.)
Apply the change in smaller chunks.
The count of eDirectory objects in the right pane

(shown in the bottom right corner) is an estimate if
there are more than 1,000 objects.
If your task involves more than 1,000 objects and

an exact count is required, use NetWare
Administrator.
Troubleshooting 115

104-001316-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Quirk or Limitation
Workaround
Not all the values of a multi-value eDirectory

property are shown if there are too many to fit in the
RAM available to ConsoleOne.
Increase the available RAM (try closing all other

programs) and redisplay the list. Currently, Novell
eDirectoryTM returns all the property values to
ConsoleOne at once. A future eDirectory release
will return them one chunk at a time.
Property names in lists are always shown in English.

(ConsoleOne reads them directly from the
eDirectory schema, which is in English only.)
If this prevents you from completing your task, go

to the Novell Web site and submit an enhancement
request. In the meantime, use NetWare
Administrator to complete your task.
Restricting a users volume space or a folders size

doesnt work on an NSS volume.
The ability to restrict space on an NSS volume will

be added in a future release. NetWare
Administrator doesnt have this capability either.
Generating and printing reports doesnt work if

ConsoleOne is running on a non-Windows*
computer.
Run ConsoleOne on a Windows computer with at

least 128 MB RAM.
Most customizations to ConsoleOne views arent

saved across sessions. One exception is that
customizations to object property pages (such as
reordering and hiding pages) are saved.
For details, see Customizing Views on page 41.
When running ConsoleOne on Linux, you cant

This is a problem with Java on Linux and will be
enter more than a couple of values at a time in multi- fixed in a future release. For now, you must enter a
value fields.
couple values, close the properties, reopen the
properties and enter a couple more values, and so
on.
When running ConsoleOne on Solaris, if you click a
link or menu option to go to a URL in a Web browser,
the action fails if Netscape isnt installed and added
to the systems PATH environment variable.
Install Netscape and add the directory where the

Netscape executable file is located to your
systems PATH environment variable.

104-001316-001
August 29, 2001
Novell Confidential
Novell iManage Administration Guide

August 29, 2001

Novell Confidential
Manual
99a
July 17, 2001
38
Contents
About This Guide
Getting Started
System Requirements . . . . . . . . .
Installing iManage . . . . . . . . . . .
Accessing iManage . . . . . . . . . .
Opening iManage in Regular Mode
Opening iManage in Simple Mode .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Managing User Accounts . . . . . . . . .

Creating a User Object . . . . . . . . .
Modifying a User Account . . . . . . .
Organizing Objects into Containers . . . .
Creating an Organization Object . . . .
Creating an Organizational Unit Object.
Creating Group Objects . . . . . . . . . .
Deleting Objects . . . . . . . . . . . . . .
Browsing and Finding Objects . . . . . . .
Using Browse . . . . . . . . . . . . .
Using Search . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Setting Up Role Based Services . . . . . . . . . . . . . . . . .

Installing RBS Schema Extensions to Your eDirectory Tree .
Creating an rbsCollection Container . . . . . . . . . . . . .
Installing Product Packages . . . . . . . . . . . . . . . . .
Modifying RBS Collection Owners . . . . . . . . . . . . . .
Defining RBS Roles . . . . . . . . . . . . . . . . . . . . . . .
Creating an rbsRole Object. . . . . . . . . . . . . . . . . .
Modifying the Tasks That rbsRole Objects Can Perform . . .
Deleting a Role Based Services Object . . . . . . . . . . .
Assigning RBS Role Membership and Scope . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
. 9
. 9
10
10
10
11
Configuring Role Based Services
11
11
12
12
12
13
14
14
14
15
15
17
Troubleshooting
21
21
21
21
22
22
23
24
24
24
27
Associating a Role with a Scope . . . . . . . . . . . . . . . .

Assigning the Tree Root as a Scope . . . . . . . . . . . . . .
Creating Objects with European Characters . . . . . . . . . .
Setting Language Preferences in Internet Explorer . . . .
Setting Language Preferences in Netscape . . . . . . . .
Viewing and Entering Characters in Your Preferred Language
Turning off Friendly HTTP Error Messages . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Contents

103-000182-001
August 29, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
27
28
28
28
28
29
29
Manual
99a

103-000182-001
August 29, 2001
Novell Confidential
38
July 17, 2001
Manual
99a
July 17, 2001
38
About This Guide

iManage is a browser-based tool used for administering, managing, and
configuring Novell eDirectoryTM objects. iManage gives you the ability to
assign specific tasks or responsibilities to users and to present the user with
only the tools (with the accompanying rights) necessary to performs those sets
of tasks.
In NetWare 6, you can use iManage to administer iPrint, DNS/DHCP, and
Novell Licensing Services.
This guide includes the following sections:
Chapter 1, Getting Started, on page 9
Chapter 2, Administration Basics, on page 11
Chapter 3, Configuring Role Based Services, on page 17
In this documentation, a greater than symbol (>) is used to separate actions
About This Guide

103-000182-001
August 29, 2001
Novell Confidential
Manual
99a

103-000182-001
August 29, 2001
Novell Confidential
38
July 17, 2001
Manual
99a
38
July 17, 2001
Getting Started
This section contains the following information:
System Requirements on page 9
Installing iManage on page 9
Accessing iManage on page 10
System Requirements
iManage supports the following browsers:
Internet Explorer 5.5
Netscape* 4.6, 4.7, and 6.1
iManage automatically opens in Simple mode with Netscape 4.6 or 4.7.
For more information, see Opening iManage in Simple Mode on page
10.
Installing iManage
iManage is installed automatically during the NetWare 6 server installation.
During the server installation, the schema is extended to allow for iManages
new Role Based Services extensions.
After the installation, you should configure Role Based Services for your
situation. See Setting Up Role Based Services on page 21 for more
information.
Getting Started

103-000182-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Accessing iManage
You can open iManage in either of the following modes:
Opening iManage in Regular Mode on page 10
Opening iManage in Simple Mode on page 10
Opening iManage in Regular Mode

1 In a Web browser, enter the following in the address (URL) field:
https://servers_IP_address:2200/eMFrame/iManage.html
For example:
https://137.65.135.150:2200/eMFrame/iManage.html
2 Log in using your username, context, password, and eDirectory tree
name.
You will only have access to those features you have rights to. To have
full access to all iManage features, you must log in as Supervisor of the
tree.
Opening iManage in Simple Mode

In Simple mode, iManage provides the same functionality as it does in
Regular mode, but with a simpler Web interface. Simple mode can be used
with screen readers, and provides accessibility features intended to
accommodate persons with disabilities.
Netscape 4.6 and 4.7 automatically open iManage in Simple mode.
1 In a Web browser, enter the following in the address (URL) field:
https://servers_IP_address:2200/eMFrame/Simple.html
For example:
https://137.65.135.150:2200/eMFrame/Simple.html
2 Log in using your username, context, password, and eDirectory Tree
name.
You will only have access to those features you have rights to. To have
full access to all iManage features, you must log in as Supervisor of the
tree.
10

103-000182-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
This chapter explains how to perform essential tasks such as creating and
deleting objects, and using the iManage search and browse features.
In This Chapter
Managing User Accounts on page 11

Organizing Objects into Containers on page 12
Creating Group Objects on page 14
Deleting Objects on page 14
Browsing and Finding Objects on page 14

A user account is a User object in the Novell eDirectoryTM tree. A User object
specifies a user's login name and supplies other information used by
eDirectory and NetWare to control the users access to network resources.
In This Section
Creating a User Object on page 11

Modifying a User Account on page 12
Creating a User Object

1 Click the Roles and Tasks button
2 Click eDirectory Administration > Create Object.

3 Select User from the Available Classes List > click Next.

103-000182-001
August 29, 2001
Novell Confidential
11
Manual
99a
38
July 17, 2001
4 Enter a username and last name for the User object.

5 Specify the name and context of the container you want this User object
created in.
6 Click OK.
Modifying a User Account

To modify the properties of a User object you added in iManage, use
ConsoleOneTM. See Managing User Accounts in ConsoleOne User Guide for
more information.
To assign roles and tasks to a User object, see Assigning RBS Role
Membership and Scope on page 24.
Organizing Objects into Containers

Once you are in an eDirectory tree, you can organize it by creating various
types of containers and placing objects inside them. Objects in a container are
automatically security equivalent to the container, so make sure you manage
the containers rights accordingly.
To modify the rights of a container object you added in iManage, use
ConsoleOne. See Administering Rights in ConsoleOne User Guide for more
information.
Below are procedures to create common container types. For information on
creating container types for specific applications, see the documentation for
those applications. For general eDirectory tree design considerations, see
Designing Your Novell eDirectory Network in Novell eDirectory
In This Section
Creating an Organization Object on page 12

Creating an Organizational Unit Object on page 13
Creating an Organization Object

An Organization container object is created when you first install
eDirectory on a server in your network. As the top-most container under Tree,
it usually holds Organizational Unit objects and leaf objects.
12

103-000182-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Normally, the Organization object represents your company, although you can
create additional Organization objects under Tree. This is typically done for
networks with distinct geographical districts or for companies with separate
eDirectory trees that have merged.
2 Click eDirectory Administration > Create Object.

3 Select Organization from the list of object types > click Next.
4 Specify a name and context for the Organization > click Next.
5 Click OK.
To assign roles and tasks to an Organization, see Assigning RBS Role

Creating an Organizational Unit Object

You can create Organizational Unit (OU) container objects to subdivide
your eDirectory tree. Organizational Units can be created under an
Organization, Country, or another Organizational Unit object.
Often, the Organizational Unit object represents a department, which holds a
set of objects that commonly need access to each other. A typical example is
a set of User objects, along with the printers, volumes, and applications that
those Users need.
At the highest level of Organizational Unit objects, each Organizational Unit
can represent each site (separated by WAN links) in the network.
2 Click eDirectory > Create Object.

3 Select Organizational Unit from the list of object types > click Next.
4 Specify a name and context for the Organizational Unit > click Next.
5 Click OK.
To assign roles and tasks to an Organizational Unit, see Assigning RBS Role

103-000182-001
August 29, 2001
Novell Confidential
13
Manual
99a
38
July 17, 2001
Creating Group Objects

A Group object represents a set of User objects.You can create Group
objects to help you manage sets of User objects.
While container objects let you manage all User objects in that container,
Group objects are for subsets within a container or in multiple containers.
Group objects give you a way to assign roles and tasks to a number of User
objects at the same time. For more information, see Assigning RBS Role
2 Click eDirectory > Create Object.

3 Select Group from the list of object types > click Next.
4 Specify a name and context for the Group > click Next.
5 Click OK.
Deleting Objects
You cant delete a container object unless you first delete all its contents.
2 Click eDirectory Administration > Delete Object.

3 Specify the name and context of object you want to delete.
4 Click OK.
Browsing and Finding Objects

The eDirectory Object Selector page lets you search or browse for objects. In
most entry fields in iManage, you can enter an object name and context, or you
can click the Object Selector button to search or browse for the object you
want. Selecting an object in the eDirectory Object Selector page inserts the
object and the objects context into the entry field.
Use the techniques described below to locate the specific objects you want to
manage.
14

103-000182-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
In This Section
Using Browse on page 15

Using Search on page 15
Using Browse
1 Click the Object Selector button
2 Use the following options to browse for an object:

Option
Description
Lets you move down one level in the tree.

Lets you move up one level in the tree.
Look In
Lets you enter the name of the container whose contents

you want to view.
To use this option, enter the name of the object you want
> click Browse.
Look for Name
Lets you enter the name of an object.

You can use * as a wildcard character in this field. For
example, g* finds all objects starting with g, such as
Germany or Greg, and *te finds all entries ending in te,
such as Kate or Corporate.
To use this option, enter the name you want > click
Browse.
Using Search
1 Click the Object Selector button
2 Click Search.
3 In the Start Search In field, enter the name of the container you want to
search in.
Click Search Sub-containers to include all subcontainers located within
the current container in the search.

103-000182-001
August 29, 2001
Novell Confidential
15
Manual
99a
38
July 17, 2001
4 In the Search For Name field, enter the name of the object you want to
search for.
You can use * as a wildcard character in this field. For example, g* finds
all objects starting with g, such as Germany or Greg, and *te finds all
entries ending in te, such as Kate or Corporate.
5 Click Search.
16

103-000182-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

iManage gives you the ability to assign specific tasks or responsibilities to
users and to present the user with only the tools (with the accompanying
rights) necessary to performs those sets of tasks.
Role Based Services (RBS) gives you a way to focus the user on a specified
set of tasks and objects as determined by their roles. What users see when they
access iManage is based on their role assignments in Novell eDirectoryTM.
Only the tasks assigned to that user are displayed. The user does not need to
browse the tree to find an object to administer; the plug-in for that task
presents the necessary tools and interface to perform the task.
You can assign multiple roles to a single user. You can also assign the same
role to multiple users.
When a user accesses iManage and successfully logs in, the following page is
displayed:

103-000182-001
August 29, 2001
Novell Confidential
17
Manual
99a
38
July 17, 2001
On the left, a list of available roles and tasks that the user has access to is
displayed. As the user selects a task on the left, the tools necessary to execute
the task are displayed on the right.
18

103-000182-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NOTE: The roles and tasks will vary depending on the tree and the user.
Role Based Services is represented by objects defined in eDirectory. The base

eDirectory schema has been extended to accommodate this information. The
new object types are listed in the following table:

103-000182-001
August 29, 2001
Novell Confidential
19
Manual
Object
99a
38
July 17, 2001
Description
rbsCollection
A container object that holds all RBS role and task

objects.
Specifies the tasks that users (members) are

authorized to perform. Defining a role includes
creating an rbsRole object and specifying the tasks
that the role can perform.
rbsRole
rbsRoles can only be created in an rbsCollection

container.
Represents a specific function, such as resetting login
passwords.
rbsTask
rbsTask objects are located only in rbsModule

containers.
rbsScope
Represents the context in the tree where a role will be

performed, and is associated with rbsRole objects.
This object is dynamically created when needed, then
automatically deleted when no longer needed.
WARNING: You should never change the configuration
of an rbsScope object. Doing so will have serious

consequences and could possibly break the system.
rbsModule
Holds rbsTask objects.
In This Chapter
Setting Up Role Based Services on page 21

Defining RBS Roles on page 22
Assigning RBS Role Membership and Scope on page 24
20

103-000182-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Setting Up Role Based Services

Before you can add RBS objects to your eDirectory tree, the schema of the tree
must be extended to allow RBS object types, and you must create an
rbsCollection container to hold all other RBS objects. Typically, the schema
extension is performed automatically during the installation of NetWare 6.
However, you can complete the procedures below to ensure that your tree has
the needed schema extensions, container object, and product packages.
In This Section
Installing RBS Schema Extensions to Your eDirectory Tree on page 21

Creating an rbsCollection Container on page 21
Installing Product Packages on page 21
Modifying RBS Collection Owners on page 22
Installing RBS Schema Extensions to Your eDirectory Tree

1 Click the Configure button
2 Click Role Based Services Setup > Extend Schema.

3 Click OK to add the new Role Base Services schema extensions to the
tree.
Creating an rbsCollection Container

2 Click Role Based Services Setup > Create rbsCollection.

3 Enter a name for the object in the Name field.
4 Specify a container to hold the object in the Container field.
5 Click OK.
Installing Product Packages

2 Click Role Based Services Setup > Install Plug-in.

3 Select the plug-in you want to install.

103-000182-001
August 29, 2001
Novell Confidential
21
Manual
99a
38
July 17, 2001
4 Specify an rbsCollection Container to hold the RBS objects for this plug-
in.
5 Click OK.
Modifying RBS Collection Owners

The user who installed the NetWare 6 server is automatically added as the
owner of the first rbsCollection container at install time. For additional
rbsCollection containers, the user who creates them is automatically assigned
as the owner of the collection.
You can use the Modify rbsCollection Owners page in iManage to delete or
change the owner of an rbsCollection container.
When you make a user an owner of an rbsCollection container, you need to
grant that user the proper eDirectory rights to fully administer that container.
Use ConsoleOneTM to give the new owner supervisor rights to the
rbsCollection container and the objects inside the container (for example, the
rbsRole an rbsTask objects). See Administering Rights in ConsoleOne User
Guide for more information.
2 Click Collection Management > Modify Owners.

3 Specify the name and context of the rbsCollection object you want to
modify > click OK.

4 Add or delete users from the list of owners.
5 Click OK.
Defining RBS Roles

RBS roles specify the tasks that users are authorized to perform. Defining an
RBS role includes creating an rbsRole object and specifying the tasks that the
role can perform and the User, Group, or container objects that can perform
those tasks. In some cases, iManage plug-ins (product packages) might
provide a few predefined RBS roles that you can modify.
The tasks that RBS roles can perform are exposed as rbsTask objects in your
eDirectory tree. These objects are added automatically during the installation
of product packages. They are organized into one or more rbsModules, which
are containers that correspond to the different functional modules of the
product.
22

103-000182-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
For information on assigning members to a role, see Assigning RBS Role

In This Section
Creating an rbsRole Object on page 23

Modifying the Tasks That rbsRole Objects Can Perform on page 24
Deleting a Role Based Services Object on page 24
Creating an rbsRole Object

2 Click Role Management > Create Role.

3 Enter a name for the role in the Role Name field.
4 Specify an rbsCollection to hold the object in the Collection field.
rbsRoles can be created only in an rbsCollection container.

5 (Optional) Enter a description for the role in the Description field.
6 Click Next.
7 Specify the tasks you want assigned to this role > click Next.
8 Specify the name and context of the object (a User, Group, or Container
object) you want this role to be associated with > click Add.
You can add as many Users, Groups, or Containers as you want.
9 Click Next > select the checkbox next to the name of the object or objects
you just added.

10 In the Scope Name field, specify the areas of the tree where the role can
be performed > click Add.

You can assign multiple objects to the same scope, or you can assign
individual scopes for each object.
Uncheck the Inheritable check box if you want this role to be performed
only in this context. If this box is checked, any containers or groups under
this context will inherit the ability to perform this role.
11 Repeat Step 9 and Step 10 for each object you added in Step 8.
12 Click Next > Done.
See Assigning RBS Role Membership and Scope on page 24 for

information on adding members to roles.

103-000182-001
August 29, 2001
Novell Confidential
23
Manual
99a
38
July 17, 2001
Modifying the Tasks That rbsRole Objects Can Perform

Each RBS role has a set of available tasks associated with it. You can choose
which tasks are assigned to a particular role, adding or removing tasks as
necessary.
2 Click Role Management > Modify Role.

3 Click
in the Task column of the role you want to modify.
4 Add or remove tasks from the Assigned Task list.

5 Click OK.
Deleting a Role Based Services Object

2 Click Role Management > Delete RBS Object.

3 Specify the name and context of the RBS role you want to delete.
4 Click OK.
Assigning RBS Role Membership and Scope

Once you have defined the RBS roles needed in your organization, you can
assign members to each role. In doing so, you specify the scope in which each
member can exercise the functions of the role. The scope is the location or
context in the eDirectory tree where this role can be performed.
Roles can be assigned to the following objects:
User
Group
You can create a Group object, assign Users to the Group, then associate
the Group with the role. Every User object in the Group object is then
automatically associated with that role. Groups or containers in the Group
object are not associated with the role, however.
Container
Associating an Organization or Organizational Unit object with a role
automatically assigns ever user in those containers to the role.
With this method, there is no way to exclude specific users in those
containers from the role assignment.
24

103-000182-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
A member can perform multiple roles and tasks. You can also assign the same
task to multiple members.
2 Click Role Management > Modify Role.

3 Click
in the Members column of the role you want to modify.
4 In the Name field, specify an object name (a User, Group, or Container
object) > click Add.

To assign this role to multiple objects, repeat this step as many times as
necessary.
5 In the Name column, select the check box to the left of the object you just
added.
To assign the same scope to multiple members, select the names of all the
members you want to have this scope in the Name column.
6 In the Scope field, specify a scope (Organization or Organizational Unit
object name and context) for a selected Name > click Add.
Every object name you add must have a scope to designate the context in
the tree that will be affected by that object.
7 Click OK.

103-000182-001
August 29, 2001
Novell Confidential
25
Manual
26
99a

103-000182-001
August 29, 2001
Novell Confidential
38
July 17, 2001
Manual
99a
July 17, 2001
38
Troubleshooting
This section contains solutions to problems you might encounter when setting
up or using iManage.
In This Chapter
Associating a Role with a Scope on page 27

Assigning the Tree Root as a Scope on page 28
Creating Objects with European Characters on page 28
Viewing and Entering Characters in Your Preferred Language on page
29
Turning off Friendly HTTP Error Messages on page 29
Associating a Role with a Scope

If you add a member to an rbsRole object, then try to associate that role with
a scope (location in the eDirectoryTM tree) that does not exist, you will get an
error message. Click OK to clear the error message.
In Netscape* 6.1, clicking OK may not clear the error message. To prevent this
from happening, associate roles only with existing scopes.
For more information, see Assigning RBS Role Membership and Scope on
page 24.
Troubleshooting

103-000182-001
August 29, 2001
Novell Confidential
27
Manual
99a
38
July 17, 2001
Assigning the Tree Root as a Scope

When a Role Based Services rbsRole object scope is set to the tree root and
DSREPAIR is run, DSREPAIR invalidates the rbsRole object and makes it
unusable.
This happens only when you make the assignment to the tree root; any other
scope in the tree is fine. To prevent this, do not assign the tree root as a scope.
For more information, see Chapter 3, Configuring Role Based Services, on
page 17.
Creating Objects with European Characters

To create objects containing European characters in iManage, set your
browser locale to any European language. Even if you set your locale back to
English, you can now create and view objects containing European characters.
In This Section:
Setting Language Preferences in Internet Explorer on page 28

Setting Language Preferences in Netscape on page 28
Setting Language Preferences in Internet Explorer

1 Click Tools > Internet Options.
2 Click Language > Add.
3 Select a European language (such as Portuguese or German) > click OK.
Setting Language Preferences in Netscape

1 Click Edit > Preferences.
2 Click Navigator > Languages > Add.
3 Select a European language (such as Portuguese or German) > click OK.
28

103-000182-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Viewing and Entering Characters in Your Preferred

Language
To view and input characters in your preferred language, set your language to
the first language in the list of available languages. If your preferred language
is not available, you will need to install it.
For more information on setting a preferred language in Netscape, see Basic
Setup Information for International Users (http://home.netscape.com/eng/intl/
basics.html#setup).
For more information on setting a preferred language in Internet Explorer, see
Correctly Displaying Web Pages Encoded in Any Language (http://
www.microsoft.com/windows2000/en/server/help/) and Specifying Another
Language or Web-Page Content (http://www.microsoft.com/windows2000/
en/server/help/).
Turning off Friendly HTTP Error Messages

If you encounter a "Page Not Found" error while running iManage in Internet
Explorer 5.5, do the following:
1 Make sure that you are running Internet Explorer 5.5 with Service Pack 2
installed.
2 In Internet Explorer, click Tools > Internet Options > Advanced.
3 Deselect Show Friendly HTTP Error Messages.
4 Click OK.
Troubleshooting

103-000182-001
August 29, 2001
Novell Confidential
29
Manual
30
99a

103-000182-001
August 29, 2001
Novell Confidential
38
July 17, 2001
NetWare Remote Manager Administration Guide
Novell
NetWare 6
www.novell.com
N E T WA R E R E M O T E M A N A G E R
August 30, 2001

Novell Confidential
Manual
99a
June 14, 2001
37
Contents
Introducing NetWare Remote Manager
New Features in NetWare 6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Accessing NetWare Remote Manager

System Requirements . . . . . . . . . . . . . . . . . . . . . . .
Accessing NetWare Remote Manager . . . . . . . . . . . . . . .
Understanding the Layout of NetWare Remote Manager . . . . .
Changing the Configuration of NetWare Remote Manager Views .
Accessing Online Help . . . . . . . . . . . . . . . . . . . . . . .
Accessing Novell Web Pages . . . . . . . . . . . . . . . . . . .
Customizing the Home Page. . . . . . . . . . . . . . . . . . . .
13
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Viewing General Server Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Diagnosing Server Problems. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Monitoring Server Health . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Profiling CPU Utilization and Accessing Additional Debug Options . . . . . . . . . . .
Running and Viewing the Server Configuration Report . . . . . . . . . . . . . . . . .
Managing Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Accessing and Managing Server Volumes and Partitions . . . . . . . . . . . . . . . .
Accessing and Running the Server Console Screens . . . . . . . . . . . . . . . . . .
Monitoring Connections to the Server . . . . . . . . . . . . . . . . . . . . . . . . . .
Viewing or Changing SET Parameters . . . . . . . . . . . . . . . . . . . . . . . . . .
Scheduling Tasks to Run at the Server. . . . . . . . . . . . . . . . . . . . . . . . . .
Viewing Server Console Commands . . . . . . . . . . . . . . . . . . . . . . . . . . .
Viewing Memory Configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Viewing System Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Shutting Down, Resetting, or Restarting the Server . . . . . . . . . . . . . . . . . . .
Managing Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Managing NLM Programs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Viewing and Managing Programs in Protected Memory and Protected Address Spaces
Viewing System Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Viewing NetWare Registry Information . . . . . . . . . . . . . . . . . . . . . . . . . .
Viewing Winsock 2.0 Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Viewing Information about Each Protocol Running on the Server . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Managing Servers Remotely
23
Contents

103-000144-001
August 30, 2001
Novell Confidential
13
14
15
17
21
21
22
23
24
24
28
30
32
35
39
41
44
45
46
46
48
49
50
51
53
54
54
55
57
Manual
Managing Server Hardware . . . . . . . . . . . . . .

Accessing Processor Information . . . . . . . . .
Viewing Storage and Network Adapter Information
Viewing PCI Device Information . . . . . . . . . .
Viewing Hardware Resource Information . . . . .
Managing Novell eDirectory . . . . . . . . . . . . . .
Walking the eDirectory Tree . . . . . . . . . . . .
Viewing eDirectory Partitions and Replicas . . . .
Accessing Other eDirectory Management Tools. .
Using Server Groups . . . . . . . . . . . . . . . . .
Accessing and Managing Other Servers . . . . . . .
June 14, 2001
37
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Troubleshooting Server Problems

Finding CPU Hogs. . . . . . .
Finding High Memory Users . .
Tracing Abend Sources . . . .
Locating Server Process Hogs
Locating Disk Space Hogs . .
Seeing Who Is Using a File . .
99a
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
57
58
59
59
60
60
60
60
60
61
62
63
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

103-000144-001
August 30, 2001
Novell Confidential
63
64
65
66
66
67
Manual
99a
38
July 17, 2001

NetWare Remote Manager is a browser-based utility that you can use to
manage your NetWare server from any network workstation running
Netscape* 4.5 or later, or Internet Explorer 5 or later.
Introducing NetWare Remote Manager (page 9)
Accessing NetWare Remote Manager (page 13)
Managing Servers Remotely (page 23)
Troubleshooting Server Problems (page 63)

103-000144-001
August 30, 2001
Novell Confidential
Manual
99a
38

103-000144-001
August 30, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001

NetWare Remote Manager (PORTAL NLMTM) is a utility that provides most
of the functionality of MONITOR, along with some functionality from other
utilities available at the server console, but is available from a Web browser.
You can use NetWare Remote Manager to monitor your servers health,
change the configuration of your server, or perform diagnostic and debugging
tasks.
For information on accessing, understanding the layout, and configuring
NetWare Remote Manager, see Chapter 2, Accessing NetWare Remote
Manager, on page 13.
The following list includes some of the major tasks that you can perform with
this utility.
Manage your servers health by
Monitoring the health status of one or more servers
Building a group of servers that you can monitor together
Accessing NDS eDirectory health and troubleshooting tools
Configure your server by
Managing disk partitions
Viewing information about all hardware adapters, hardware resources,
and processor data
Uploading and replacing NLM programs, LAN drivers, or disk drivers
Monitoring system disk space and memory resources
Accessing files on volumes and DOS partitions
Managing server connections

103-000144-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Configuring Set parameters

Setting schedules for running console commands
Shutting down, restarting, or resetting a server
Troubleshoot server problems by
Finding CPU hogs
Finding high memory users
Tracing abend sources
Locating server process hogs
Finding disk space hogs
Seeing who is using an open file
New Features in NetWare 6

NetWare Remote Manager is the new name for the utility formerly known in
NetWare 5.1 as NetWare Management Portal.
The overall look and feel for NetWare Remote Manager has been changed to
conform with other Novell Web-based utilities, such as iMonitor and
iManage. For more information about the layout of this utility, see
Understanding the Layout of NetWare Remote Manager on page 15.
The Navigation frames have been renamed and regrouped to better identify
the tasks associated with the links.
New functionality for NetWare 6 (functionality added since the updates to the
PORTAL NLM in the NetWare 5.1 Support Packs) includes the following:
Console Screens link on the Console Screens page
From this link, you open a Java* applet that allows you to view and run
all the console screens just as though you were using the keyboard at the
server console.
Console Commands link
From this link you can access a list of all the console commands. If you
have always wanted to print a list of console commands and make your
own notes about them, viewing and printing is now much easier.
10

103-000144-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Logging in
The default front page for the non-logged-in user is gone. When you point
your browser to the NetWare 6 server, you will see a Login window
before seeing any page in NetWare Remote Manager. For more
information, see Accessing NetWare Remote Manager on page 14.
Admin and Non-admin view
If you log in to NetWare Remote Manager as a user with the Supervisor
right to the Server object, you can access and perform all management
options. If you log in as a user without this right, you can only see the
volumes, directories, and files that you have rights to. You can view files
where you have read access rights and upload files into directories where
you have write access. You will not be able to see or do any of the
management functions.
Disk Partition Operations
As an alternative to using ConsoleOneTM to create, change, or remove
partitions, volumes, and pools, you can use the Disk Partition Operation
features in NetWare Remote Manager. For more information, see
Managing Disk Partitions on page 38.
Profile CPU execution per NLM program
On multiprocessor servers, you can now view how each NLM program is
distributing its activity across the available CPU. For more information,
see Viewing CPU Execution Profile Data by NLM on page 29.

103-000144-001
August 30, 2001
Novell Confidential
11
Manual
12
99a
38

103-000144-001
August 30, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001

This chapter includes the following information:
System Requirements (page 13)
Accessing NetWare Remote Manager (page 14)
Understanding the Layout of NetWare Remote Manager (page 15)
Changing the Configuration of NetWare Remote Manager Views (page
17)
Accessing Online Help (page 21)
Accessing Novell Web Pages (page 21)
System Requirements (page 13)
System Requirements
NetWare 5.1 or later
Netscape 4.5 or later, or Microsoft Internet Explorer 5 or later
PORTAL and HTTPSTK NLMTM programs loaded on the server (These
are loaded by default in the AUTOEXEC.NCF file.)

103-000144-001
August 30, 2001
Novell Confidential
13
Manual
99a
38
July 17, 2001

To access NetWare Remote Manager, complete the following:
1 Open the Web browser at your workstation.
2 Point the browser to the URL of the server you want to manage by
entering the following in the address (URL) field:

http://servers TCP/IP address
For example:
http://137.65.123.11
If you have Domain Name Services (DNS) installed on your network for
server name-to-IP address resolution, you can also enter the servers DNS
name instead of the IP address.
If the NetWare Enterprise Web Server or some other service that is using
port 80 is installed on your server, you need to add the alternate port
number 8008 at the end of the IP address to log in to NetWare Remote
Manager. For example, if your servers IP address is 137.65.123.11, you
would enter 132.65.123.11:8008 in the address field of your browser.
NOTE: The default alternate port number is 8008. If you have changed this value
on the Configuration page, make sure you enter the new port number.
If you want to access NetWare Remote Manager from the outside of a

firewall and the server's private address is unreachable except through
Network Address Translation (NAT) or by proxy, do the following:
Ensure that DNS is configured on your server.
Change the load line for loading the HTTPSTK.NLM to the

following in the AUTOEXEC.NCF file:
LOAD HTTPSTK.NLM /HOSTIDS:1 /SSL /KEYFILE:SSL
CERTIFICATEIP
3 Accept the SSL certificate.

IMPORTANT: You must have SSL 2.0 and SSL 3.0 (where available) enabled in
your browser. Otherwise, the browser will display an error indicating that the page
cannot be displayed.
4 When the login dialog box from your browser appears, enter the required
information.
To have access to all pages necessary to manage your server remotely, log
in as a user with the Supervisor right to the Server object, usually user
Admin or a user with rights equivalent to user Admin.
14

103-000144-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If the Set Bindery Context = line has been removed from the
AUTOEXEC.NCF file, enter the full context of the user you are logging
in as.
If you log in as a user without the Supervisor right to the Server object,
you will see only pages that display the volumes, directories, and files that
you have access to. You can view files (where you have read access) and
upload files into directories where you have write access. You will not be
able to see or do any of the management functions.
After logging in, your session for NetWare Remote Manager remains open
until you close all your browser windows at that workstation.
To log out of NetWare Remote Manager, close all your browser windows at
the workstation you logged in from.
Understanding the Layout of NetWare Remote Manager

The Web page for NetWare Remote Manager has three main frames: the
header frame (top), the navigation frame (left), and the main content frame
(right).

103-000144-001
August 30, 2001
Novell Confidential
15
Manual
Overall Health Indicator
Header Frame
Navigation Frame
99a
38
July 17, 2001
Online Help
Main Content Frame
The header frame contains general information about the server and links to
the Volumes, Health Monitor, and Configuration pages and an Exit link to
close the browser window. The Volumes page is considered the Home page.
The Overall Health indicator also links to the Server Health Monitoring page.
The navigation frame lists general tasks that you can do using NetWare
Remote Manager and links to specific pages for performing those tasks.The
links in the navigation frame change depending on the NLMTM programs that
are loaded on the server.
The information in the main content frame changes depending on which link
you have clicked in the header or navigation frame.
If an information icon appears in the upper-right corner of the page, you can
view help for the page that is displayed in the main content frame.
16

103-000144-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Changing the Configuration of NetWare Remote

Manager Views
To access the NetWare Remote Manager Configuration Options page, log in
to the server as a user with the Supervisor right to the Server object, and then
click the Configure icon in the header frame.
From the NetWare Remote Manager Configuration Options page, you can:
Toggle settings off or on for viewing hidden SET parameters, hidden
console commands, or hidden files or folders; or you can toggle settings
for viewing system files or folders.
These options let you control whether hidden SET parameters, console
commands, or file and system folders and files appear in the lists on Web
pages for NetWare Remote Manager or on the server console.
Viewing hidden parameters or system files and folders can be especially
helpful when you are comparing the configuration of two similar servers.
You can change a hidden SET parameter or use console command using
NetWare Remote Manager or using server console commands, whether or
not the parameter is visible in the list.
Viewing hidden console commands can help you discover undocumented
commands.
Enable or disable the Accessibility option.
This option lets you control whether your browser's pages refresh or
reload manually or automatically; the option also allows you to display
the server's overall health status with text as well as color.
Enabling the accessibility options does the following:
Removes the Refresh button or link from all pages.
Disables the refreshing of the server's overall health status.
Displays the servers overall health with color and with a text
description of good, suspect, or bad.
If you have lost connection with the server, a Page Not Found error
is displayed.

103-000144-001
August 30, 2001
Novell Confidential
17
Manual
99a
38
July 17, 2001
The status information on a specific page or the server's overall

health does not change until you manually reload or refresh the
overall browser view or the specific status page.
To change the browser display after changing the accessibility options,
refresh or reload the Web page in the browser.
Whether the accessibility options are enabled or disabled, you can be
notified of a change in the server's health status through e-mail
notification.
You must set all other accessibility options using the options available in
your Web browser.
Enable or disable the Emergency (Sadmin user) account and set, change,
or clear the password for this account.
If the server is in a state where Novell eDirectoryTM is not functioning
correctly, you can log in to the server as this user and do all the necessary
diagnostic and debugging tasks that do not require eDirectory.
Control HTTP logging.
When instructed by Novell Technical ServicesSM, you can use the Turn
Debug Screen On option to help debug a problem with the HTTPSTK
module. You must also click the Turn Logger On button. The debug
console screen journals debug information for the HTTP stack running on
the server. This log shows every connection to your server and shows
which pages are accessed with a time stamp. You can view information
on every instance of any request from a workstation. By clicking this
button, you effectively turn on the HTTP logging function.
If you want to view detailed information about the access to your server
that was made using the HTTP command, click the View button for the
View Current HTTP Log File option.
The log file contains the following information: an entry number; the date
and time stamp in Greenwich Mean Time (GMT); host name; the
program making the call; the level of the call (whether its done by the
server or by users); and a description of the entry itself with information
including IP address of the source machine making the request, messages,
status, etc.
If logging has been turned off, clicking this button will turn it on.
A plain text file of the log resides at SYS:\HTTPLOG.TXT; however, the
information is much easier to understand when viewed using the View
Current HTTP Log File option because it formats it in a table form. Also,
18

103-000144-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
this file is not viewable while the logging is turned on unless you view it
in NetWare Remote Manager. To view the file in its raw form, logging
must be turned off so the file is no longer open.
The Reset Current HTTP Log File option clears the current log and begins
a new one. Restarting the log is useful if you have made a configuration
change to your server and want to begin a new logging session.
The Log Only Errors to Log File option controls whether only errors or
all requests are logged to the file. When logging only errors to the file, it
will take much longer to fill the file to its maximum size; however, casual
access to the server is not tracked.
The HTTP Log File Rollover Size (in Megabytes) option sets a maximum
size for the HTTP log file. If the available space on your volume SYS: is
limited, you might want to limit the log file to a smaller size. If you want
to gather more information over a longer period of time in the log file, you
might want to increase the rollover size. When the file is full, the file is
deleted and restarted. Automatic rollover guarantees that if logging is on,
the log file always reflects the most recent activity on the server.
IMPORTANT: Nothing is written to this file unless logging is turned on.
Adjust port parameters.

Adjusting the port parameters lets you control which ports HTTP will try
to accept requests on. To return an entry to its previous setting without
having to remember that setting or closing and reopening the page, click
Reset before you click Apply.
Change Minimum Startup Threads values.
The Change Minimum Startup Threads option lets you change from the
default setting to any other number. At least one thread is required and
other threads will be created as needed. These initial work threads will be
built between the server and browser-based clients. Thus, initial
communication begins with two listener threads and 32 work threads. If
32 work threads are used up, HTTPSTK will automatically create
additional threads if needed. Each thread allocates a small piece of system
memory when it is started. If memory is low on your server, you might
want to set this number to 4 and let more threads be created as needed.
Change TCP Keep Alive (in Seconds) default values.
The Change TCP Keep Alive (in Seconds) option lets you change the
access time from the default value.

103-000144-001
August 30, 2001
Novell Confidential
19
Manual
99a
38
July 17, 2001
Unload and reload the PORTAL or HTTPSTK NLM programs.

After you have made changes to the server that require the
PORTAL.NLM or HTTPSTK.NLM to be restarted, or after you have
loaded a newer version of these NLM programs on the server, click the
applicable Restart button to unload and reload the module. A message
appears asking if you are sure you want to restart the module, which
temporarily disables this utility. While the reset is taking place, a page
appears stating that the reset is taking place. When the reset is complete,
the page refreshes to the Configuration page with the changed settings if
you haven't changed the port settings.
IMPORTANT: If you have changed the port settings, remember to use the new
numbers when accessing NetWare Remote Manager.
Access the Mail Notification Control page.

From this page you can specify a primary mail server, an alternate mail
server, up to eight users in the notification list, and a Mail From
identification. You can control which items to be notified about on the
Health Monitor page.
Access the IP Address Access Control page.
From this page you can limit access to NetWare Remote Manger. You can
specify IP addresses for workstations or specify a subnet and subnet mask
for ranges of workstations that you want to give access from. Restricting
access to specific IP addresses or specific subnets can assist you in
securing remote access to your server from NetWare Remote Manager.
For example, if you have static IP addresses (which you could easily
assign to the administrator's workstation), use the Allow Access Only
from the Following IP Addresses option to control administration access.
Only those workstations with a matching IP address can access NetWare
Remote Manager.
If you want a little more flexibility in your IP address assignments, such
as all IP addresses within a subnet mask range, use the Allow Access
Only from the Following IP Subnets option. With this setting, the IP
subnet mask and the IP address are compared with a logical AND
statement. If the IP address matches the subnet specified, you can access
NetWare Remote Manager; if the IP address does not match the subnet,
you won't have access.
This approach works well if you are using DHCP to dynamically allocate
IP addresses. In this scenario, you might not get the same address every
time you call for an IP address. But because the allocated IP address will
20

103-000144-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
fall within the subnet mask range, you will have access to NetWare
Remote Manager. But remember, so will all other workstations that fall
within the subnet mask range. To prevent people on the Internet or users
of other subnets from accessing NetWare Remote Manager, set up your
subnet mask so that only IS workstations can use the specified subnet
mask.
Accessing Online Help

Online help, which provides detailed information and instructions for using
NetWare Remote Manager features, is available for most management tasks
and settings. To access the online help, click the Information icon on the
upper-right portion of the page or next to the specific item link.
Accessing Novell Web Pages

Novell Links on the home page (Volume page) provide quick access to the
following:
Novell Support Web page (http://support.novell.com/) links directly to
the Novell support Web site where you can get current server patch kits
or updates, or locate troubleshooting information. You can also access
this link by clicking the word Novell in the upper-right portion of the
header frame.
Novell Error Codes documentation Web page (http://www.novell.com/
documentation/lg/nwec/docui/index.html) links directly to the
information about Novell Error Codes: what they mean and possible
causes and actions for each.
Novell Product Documentation Web page (http://www.novell.com/
documentation/) links directly to the product documentation for any
shipping Novell product.
Novell Developer Support Web page (http://developer.novell.com/
support/) links directly to the Novell developer support Web site where
you can find tips and suggestions beyond the basics for managing,
troubleshooting, and diagnosing your server.

103-000144-001
August 30, 2001
Novell Confidential
21
Manual
99a
38
July 17, 2001
Customizing the Home Page

You can add text, graphics, and custom links to the home (Volumes) page for
NetWare Remote Manager by creating an HTML file named
PRTLANNC.HTM and placing it in the servers SYS:\LOGIN directory. Any
information in this file appears at the bottom of the home page.
Because this file is included in the HTML code that generates the front page,
do not include the <body> and </body> tags.
This information is displayed only if you are logged in as a user with the
Supervisor right to the Server object, usually user Admin or equivalent.
22

103-000144-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

This chapter includes instructions for the following tasks:
Viewing General Server Information (page 23)
Diagnosing Server Problems (page 24)
Managing Servers (page 32)
Managing Applications (page 50)
Managing Novell eDirectory (page 60)
Managing Server Hardware (page 57)
Using Server Groups (page 61)
Accessing and Managing Other Servers (page 62)
Viewing General Server Information

After accessing the server from your Web browser, you can view the following
information about the server being accessed from the header frame of the
NetWare Remote Manager Web page:
Servers name
Servers overall health status: green (good), yellow (suspect), red (bad) or
black (no connection)
Version of NetWare running on the server
The name of the user you are logged in to NetWare Remote Manager as

103-000144-001
August 30, 2001
Novell Confidential
23
Manual
99a
38
July 17, 2001
Diagnosing Server Problems

NetWare Remote Manager includes several tools to assist you in monitoring
the health and status of your server. When you are familiar with the normal
health and status of your server, diagnosing problems with your server
becomes easier.
Performing the following tasks will help you to become familiar with the
health and status of your servers:
Monitoring Server Health (page 24)
Profiling CPU Utilization and Accessing Additional Debug Options
(page 28)
Running and Viewing the Server Configuration Report (page 30)
Monitoring Server Health

Monitoring the health of your server can help prevent it from getting to a state
in which your users cannot access the server or the data on it.
Using NetWare Remote Manager, you can monitor the servers overall health
and the health of specific item.
The server's overall health is indicated by the color of the circle displayed next
to the server icon in the header frame for NetWare Remote Manager. Green
means the server health is good. Yellow means that the server's health is
suspect. Red means the server's health is bad or has a problem. If the circle
goes black or a message is displayed that the page cannot be found, the
connection to your server might be lost.
The servers overall health is determined by items that are selected in the
Include list on the detailed Server Health Monitoring page. By default, all
items are checked.
If the status of any item that is selected in the Include list changes to yellow
(suspect) or red (bad), the health status indicator light on the header frame
changes to indicate there is a problem. If more than one item changes, the
worst status will indicate the servers overall status. When the status for all
items returns to green (good), then the health light indicator changes back to
green (good).
The servers health status, reported by the health status indicator, is updated
every five seconds, but the graphic refreshes only if the status changes.
24

103-000144-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Monitoring Specific Health Indicators from the Server Health Monitoring Page
To access the Server Health Monitoring page, click the overall health status
indicator or the Health Monitor link in the header frame or click the Health
Monitor link in the navigation frame.
The Server Health Monitoring page shows the health status (green, good;
yellow, suspect; or red, bad) for all known components of the system, as well
as current, peak, and maximum values. When an item is not checked in the
Include column, it is not included when determining the overall server health
and the values for Status, Current, Peak, and Max are not displayed.
The following items are key indicators of your servers health. You can change
the thresholds for the Suspect and Critical values of these indicators.
Work to do response time
Allocated server processes
Available server processes
Abended thread count (if the server has abended and recovered
automatically)
CPU utilization (for each processor, if there is more than one)
Available memory
Packet receive buffers
Available ECBs
Additional items are tracked on the Server Health Monitoring page and are
displayed depending on the NLMTM programs that are loaded on the server.

103-000144-001
August 30, 2001
Novell Confidential
25
Manual
99a
38
July 17, 2001
Configuring Health Thresholds
If you have a server that runs differently than normal, you might want to
configure the suspect and critical threshold values to something other than the
default.
To change the criteria for the suspect (yellow/suspect) and critical (red/bad),
status indicators, do the following:
1 From the Server Health Monitoring page, click Configure Health
Thresholds and then the Description name link for the item you want to
change.
2 Enter the new Suspect or Critical value and click OK.
Configuring E-mail Notification for Server Health Status
Rather than manually checking the status, you can configure NetWare Remote
Manger to send an e-mail to notify you when the servers health status changes
to any value other than green (good).
When you want to be notified about the status of an item, do the following:
1 Check the Notify check box for that item on the Server Health Monitoring
page.
2 Click the Mail Control Panel link on the Server Health Monitoring page.
3 Enter the required information on the Mail Notification Control page and
then click Save.

A primary server and at least one user on the notification list is required.
4 Reload the PORTAL and HTTPSTK NLM programs from the NetWare
Remote Manager configuration page.

4a Click the Configure link in the header frame.
4b Click each of the Restart links for restarting PORTAL.NLM and
HTTPSTK.
Troubleshooting a Suspect or Bad Health Status
If the health status of your server changes to a suspect or bad state, do the
following:
1 Access the Server Health Monitoring page.
2 Look for the specific health item that has changed status.
26

103-000144-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
3 View the information for the item that has changed by clicking the Info
icon for the item.

This information outlines the specific health criteria (thresholds) for
green, yellow, red or statuses in that component. It also provides
suggestions in some cases for what might be going wrong in that
component if a yellow or red indicator is displayed.
4 Perform the recommended or appropriate action for the health item that
has changed.
Monitoring the General Health of a Group of Servers
NetWare Remote Manager lets you build and use server groups. When you
build a server group, you can select Health Monitor and Group Operations and
then build a Multiple Server Health Monitor page that
Shows the overall health for each server in the group according to the key
indicators selected for that server
Lets you access the specific health page for any of the servers in the group
To build a Multiple Server Health Monitor page, do the following:
1 Click the Build Group link in the navigation frame.
2 Build the server group.
3 On the Server Group Operations page, complete the Health Monitor and
Group Operations options.

For a description of the options, see the online help.
4 (Optional) If you want to use this server group later, save the group file
by clicking the Save Group File button and entering a path and filename
for the group. We recommend using a name that represents the group you
built.
IMPORTANT: The specified path for the server group file must be a full path on
the current server that contains the volume name as the first element. For
example:
\SYS\Multiple Health Configuration
VOL1\TEST\HLTHLIST.CFG
5 Click the Multiple Server Health Monitor button.

103-000144-001
August 30, 2001
Novell Confidential
27
Manual
99a
38
July 17, 2001
To view the Multiple Server Health Monitor page for a server group at a later
time, do the following:
1 Click the Load Group File link in the navigation frame.
2 On the Server Group File page, enter the path or browse to the
configuration file for the server group that you previously saved.
3 Click the Build Server Group button.
Profiling CPU Utilization and Accessing Additional Debug Options

The Profiling and Debug Information page lets you view information about
active and suspended threads, their states, the owning NetWare Loadable
ModuleTM (NLM) programs, and execution times.
To access the Profiling and Debug Information page, click the Profile / Debug
link in the navigation frame.
This information can help you identify processes that might be running
abnormally on a server, such as processes that use too much CPU time.
Processes that run abnormally might cause the server to abend. Sometimes
you can temporarily resolve high-utilization problems on the server by
identifying the offending thread and its parent NLM, and then unloading and
reloading the NLM.
From this page, you can do the following:
View the CPU execution profile data by thread (default view)
Access the CPU execution profile data by NLM page
Access the thread information page
Access the Additional Debug Options page
Viewing CPU Execution Profile Data by Thread
When you access the Profiling and Debug Information page, the Execution
Profile Data by Thread table is the default view displayed.
The Thread Name column shows the name of the thread being executed. To
get more information about a specific thread, click the thread-name link for
that thread.
Thread ID and Thread State detailed information is provided mostly to assist
code developers in identifying and debugging problems with their code. At the
28

103-000144-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
administration level, this information is usually helpful in identifying

problems with a specific NLM or with threads causing the server to hang or
run slow.
If the thread was suspended by Abend Recovery, then the information includes
details about the thread state at the time it was suspended.
To get information about the NLM program that owns the thread, click the
NLM program name.
To profile where a thread is spending its time running, click the Execution
Time link for that thread.
Viewing CPU Execution Profile Data by NLM
To view CPU Execution Profile Data by NLM, click the Profile CPU
Execution by NLM link on the Profiling and Debug Information page.
In this view, you can see a 1/2-second profile of the server operating system
as it is executing, the place where it is executing, and the NLM programs that
the processor is spending its time in.
To see where the processor is spending time within a specific NLM, click the
link in the Execution Time column for that NLM. For more information about
the NLM program, click the name for the program.
If the server is idle, the main NLM programs listed will be LSL.NLMTM and
the SERVER.NLM.
The percentage values shown in these tables are a detail of the overall severs
CPU utilization. If Processor 0 utilization is at 10 percent, the information on
this page shows the breakdown of that 10 percent utilization.
Viewing Detailed Thread Information
To view a list of all the threads in the system, click the Thread Information link
on the Profiling and Debug Information page.
This information is usually helpful in identifying problems with a specific
NLM or with threads causing the server to hang or run slow.
To get more information about a specific thread, click the thread-name link for
that thread.

103-000144-001
August 30, 2001
Novell Confidential
29
Manual
99a
38
July 17, 2001
Performing Additional Debug Options
If you are developing modules to run on NetWare and you want to access
additional debug options, click the Additional Debug Options link on the
Profiling and Debug Information page.
On the Additional Debug Options page, you can do the following tasks at the
specific location while the server is still running:
Profile processor execution
Profile calls to a specific procedure
Disassemble code
Dump memory
Dump stack information
Profile processor misaligned memory references
Profile processor branch taken or not taken mispredictions
Profile processor partial register still clocks
Profile processor L2 cache misses
Profile processor divides
Profile processor multiplies
Running and Viewing the Server Configuration Report

Running the server configuration report is especially helpful when you want
to compare the configuration of two different servers or have a record of your
server setting before making any changes.
This report can also be used by Novell Technical ServicesSM to help you
diagnose problems with your server that might be caused by running outdated
NLM programs. When you view the report, you can also print and save the
report for your network documentation.
This report contains the following information:
The contents of all .NCF, .BAT, .CFG, .BAT, ABEND.LOG files
A file listing of the boot directory contents (usually C:\)
A file listing of SYS:SYSTEM directory contents
30

103-000144-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
A list of SET parameters (including Hidden parameters) and current

settings
A list of all the modules currently running on the server
A list of LAN driver configurations
Storage device configuration information
Volume statistics for volumes SYS: and _ADMIN
To run and view a Server Configuration report, click Run Config Report in the
navigation frame and then click View Report on the Server Configuration
Report page.
To send this report to someone from the Server Configuration Report page,
enter the persons e-mail address in the e-mail address field and then click
Send Report.
Before you can Send this report via e-mail, you must set up an e-mail server
and complete the required information on the Mail Notification Control page.
To access the Mail Notification Control Page, click the Configure icon in the
navigation frame and the Access Mail Notification Control Page link on the
NetWare Remote Manager Configuration Options page.
To print or save this report, view the report from the Server Configuration
Report page and then print or save the results using your browsers features.

103-000144-001
August 30, 2001
Novell Confidential
31
Manual
99a
38
July 17, 2001
Managing Servers
Use the following links in the NetWare Remote Manager navigation frame to
accomplish the following server management tasks:
Use this link
To do these tasks
Volumes
Browse the servers file system

View or change File Access
Rights Attributes
View details of directories or files
and create, rename, or delete
them
View an individual file
Upload a file to the server
Download a file from the server
to a local workstation
Perform Text Searches
Mount or dismount volumes
Manage Disk Partitions
Console Screens
Access, view, and run the server

console screens
Connections
View current connections

Clear specific connections
Clear all not logged in
connections
View a list of files in use by any
specific connection
Broadcast messages to all users
or to a specific user
32

103-000144-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Use this link
To do these tasks
SET Parameters
View the SET parameter

categories
Access each SET parameter by
category to view the SET
parameter current value and
associated help and change the
SET value
Save the settings to a text file on
volume SYS:
Control whether hidden SET
parameters are viewable
View SET parameters with
settings that are different from
the server default (modified)
View SET parameters with
values that have been changed
on the server but that will reset
to default values when the
server is restarted (non
persistent)
Schedule Tasks
Schedule server console commands to

run at regularly scheduled intervals
Console Commands
View a list of commands that can

be executed at the server
console and the associated help
Sort the list of console
commands by command name
or the module that registered the
command
Access the Console Screens
link to execute any of the
commands

103-000144-001
August 30, 2001
Novell Confidential
33
Manual
99a
38
July 17, 2001
Use this link
To do these tasks
View Memory Config
View general information about

how your server is using its
memory
Access the Swap File Usage
Information page where you can
view information relating to the
virtual memory page swapping
system on the server, enable or
disable swapping for a volume,
and change the parameters for
swapping virtual memory
Access the NetWare Loadable
Modules Information page
where you can view which NLM
program is using the most
allocated memory
Access the Virtual Memory
Health Information page where
you can view specific
information about the servers
virtual memory
Access the Server Memory
Pools Summary page where you
can view information about each
memory pool in the server
Access the Traditional File
System Cache Statistics page
where you can view cache
statistics for the traditional file
system
View Statistics
Access and view statistics for the

following information:
Network Management
Kernel
LSL
Media Manager
Down / Restart
34
Shut down, reset, or restart the server

103-000144-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Accessing and Managing Server Volumes and Partitions

The Volume Management page is the home page for NetWare Remote
Manager.
You can access this page by clicking the Volumes link in the header frame or
under Manage Server in the navigation frame.
The Volume Management page provides a list of the servers volumes, access
to the servers DOS partitions, and the ability to perform partition
management tasks. From this page, you can do the following:
Browse the servers file system
View or change file access rights attributes
View details of directories or files and create, rename, or delete them
View an individual file
Upload a file to the server
Download a file from the server to a local workstation
Perform text searches
Mount or dismount volumes
Manage disk partitions
Browsing the Servers File System
Using NetWare Remote Manager, you can view the file system on volumes or
DOS partitions; browse directories and files; view and change attributes of
volumes, directories, and files; delete, create, or rename directories; and delete
or rename files.
NOTE: Viewing or changing attributes on an NSS volume is not supported.
However, you can view or change attributes of directories or files on an NSS

volume.
To browse a volume or partition, click the link for the volume or DOS partition
under the Name column.
To move down the tree, click the directory name.
To move up the tree, click the double dots.
To view or download a file, click the filename.
NOTE: The file size column for a directory lists the size of all files in that directory
and any subdirectories.

103-000144-001
August 30, 2001
Novell Confidential
35
Manual
99a
38
July 17, 2001
Changing File Access Rights Attributes
Your eDirectoryTM rights govern your access to directories and files on

NetWare partitions. These rights also regulate your ability to copy files to and
from any given directory. To access the servers DOS partition, change, or
upload files to the server, you must have Supervisor right to the Server object.
When you browse through files and directories on the servers DOS partition,
be aware that setting the Shareable attribute on a DOS file does not have any
effect unless SHARE is loaded in DOS.
To view or change attributes of a directory or file from the Volume
Management page, do the following:
1 Click the volume name link.
2 Browse to the directory or file you want to view or change the attributes
of. View the attributes in the Attribute column.

3 To change the attributes, click the directory or file link under the
Attributes column.
4 Check or uncheck the check box for the attribute you want to set and then
click OK.
Viewing Details of Directories or Files and Creating, Renaming, or Deleting Them
To view the details about a directory, delete a directory and its contents,
rename the directory, or create a subdirectory, do the following:
1 From the Volume Management page, click the volume name link, browse
to the directory, and then click the folder (?) icon to left of the directory
name.
2 From the information page that is displayed, view the information or enter
the information required for the applicable task (if required), and then
click the applicable button for the task you want to perform.
To view the details about a file or to delete or rename a file, do the following:
1 From the Volume Management page, click the volume, browse the
directories to the file, and then click the file (?) icon to the left of the
filename.
2 From the information page that is displayed, view the information or enter
the information required for the applicable task, and then click the
applicable button for the task you want to perform.
36

103-000144-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Viewing Individual Files
If your browser is set up to recognize a certain file extension (for example,

.TXT), you can browse to and click a file of that type to view it directly in
NetWare Remote Manager. Otherwise, you can download any file to your
local machine by clicking the filename and then saving it to a local
workstation and opening it there. (This also applies to the files on the servers
DOS partition.)
Uploading a File to the Server
If you have rights to write to the current directory that you are viewing via
NetWare Remote Manager, you can use the Upload button to copy a file from
your local machine or any other mapped drive to that directory. You can
upload only one file at a time.
Downloading a File from the Server to a Local Workstation
When you are browsing the servers file system via NetWare Remote
Manager, you can download any file to your local machine by clicking the
filename and then saving it to your local workstation. (This also applies to the
files on the servers DOS partition.)
Performing Text Searches
To do a GREP-type search (accepts GREP wildcard characters) through the

files in the current directory or its subdirectories, browse to the directory you
would like to search in. Click the Text Search link. Specify the content,
filename, or extension you would like to search for and check whether you
would like to match the case and search subdirectories. Then click Search.
If the search instructions are valid, the results are display on a page with the
search instructions.You can click the filename in the results list to view or
download it. If nothing is found, no files will be listed under the search
instructions.
If the search instructions are not valid, the page showing the directory you
wanted to search is returned.
Mounting and Dismounting Volumes
You can mount and dismount volumes by clicking the link in the Mounted
status column for a given volume on the Volume Management page. You will
be asked to confirm your choice before the volume dismounts.

103-000144-001
August 30, 2001
Novell Confidential
37
Manual
99a
38
July 17, 2001
You can also click the Mount Volume or Dismount Volume link displayed next
to the volume on the Server Disk Partition Operations page.
If you choose to dismount volume SYS:, the icons used by NetWare Remote
Manager (which reside in SYS:\LOGIN) might not display correctly. When
you remount volume SYS: and reload the page, the icons will display correctly
again.
Managing Disk Partitions
To create, change, or delete a logical (NSS) or traditional NetWare Partition

Pool or volume, click the Disk Partitions link on the Volume page.
The Server Disk Partition Operations page displays the disk layout according
to the physical connections in your server using indentation to indicate where
a volume physically resides. You can see the adapters, devices, partitions,
pools, and volumes at different levels of indentation. If free space is available
for creating a new partition, pool or volume, you can also view it under each
device. A link for creating a volume, mirroring a volume, adding a volume, or
expanding a pool is displayed next to the devices, pools, or volumes listed.
To create a partition or pool, do the following:
1 Locate and click the Create link next to the free space on the device that
you want to create the partition on.

2 Select the type of partition you want to create by clicking the applicable
link.
3 Complete the required fields for the type of partition you are creating, and
then click Create.

To expand a partition or pool, do the following:
1 Locate and click the Expand link next to the pool that you want to expand.
2 Select the Free Disk Space / Free Partition Space link with the space
available that you want to use.

3 Enter the amount of space (in megabytes) that you want to use, and then
click Expand.
38

103-000144-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
To create a volume, do the following:

1 Locate and click the Create link next to the free space on the device that
you want to create the volume on.

2 Select the type of volume to create.
3 Complete the required fields for the type of pool and volume, or partition
and volume you want to create, and then click Create.

To mirror a partition, do the following:
1 Locate and click the Mirror link next to the partition you to want to mirror.
2 Locate and click a free disk space segment from the list displayed.
The operation will begin, and when it is complete the status 100%
mirrored will be displayed.
On the Server Disk Partition Operations page, you can also view and set the
space quota set on each volume.
To change a space quota for a volume, do the following:
1 Locate and click the Space Quota link next to the volume you to want to
change.
2 Click the Volume Space Quota link.
3 Enter the value (in megabytes) of the space size you want to specify, and
then click Apply.

4 Confirm your decision by clicking OK.
Accessing and Running the Server Console Screens

From the Current Screens page, you can access any of the server console
screens with the exception of the X Server - Graphical Console.
To access the Current Screens page, click the Console Screens link in the
navigation frame.
Running the Server Console Screens from the Java Applet
To run any of the console screens through the browser as though you were at
the server console keyboard and view the results, click the Console Screens
link on the Current Screens page. Clicking this link runs a Java applet that
opens a secondary browser window.

103-000144-001
August 30, 2001
Novell Confidential
39
Manual
99a
38
July 17, 2001
From this secondary browser window you can do the following:

Cycle through the screens already loaded at the server console. To do this,
click the >> or << button. (This functions the same as pressing Alt+Esc
on the server console keyboard.) If you access the System Console screen
from the applet window, you can load or unload any necessary module or
enter any necessary console command.
Display a list of current utilities that are running at the server console and
the screens that are active. To do this, click the Screens List button. (This
functions the same as pressing Ctrl+Esc on the server console keyboard.)
Access any of the screens listed. To do this, enter the screen number at the
console prompt or click the Left-or-Right arrow buttons at the top of the
page.
Display or remove the title of each screen while viewing the screen. To
do this, click the Title Bar button. This will toggle the screen title on or
off. (This functions the same as pressing Alt on the server console
keyboard.)
Access the Emergency Console. To do this, click the Emergency Console
button on this page. (This functions the same as pressing Ctrl+Alt+Esc on
the server console keyboard.) This console can be useful when the server
console seems to hang. On the Emergency console, you can abort a
volume mount or open a new console screen to issue necessary
commands such as unloading modules or shutting down the server.
Increase or decrease the font size of the screen displayed. To do this, click
the Font+ or Font- button.
Viewing and Running the Console Screen from HTML Pages
Under the HTML Based Screen Pages heading on the Current Screen page,
you can see a list of screens that are currently running on the server console.
When you click the link associated with each of these screens, you can view
the screen and control the refresh rate only with the Page Refresh Rate dropdown list at the top of the window. The HTML page for the System Console
screen also allows you to enter console commands to be executed at the server
console.
You can control the refresh rate of the different server pages. Refresh on the
System Console page is suspended when you click Execute Command Line.
40

103-000144-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Viewing Console Activity
You can now view on the Logger screen much of the information that used to
be displayed on the System Console screen. This screen is scrollable and can
be saved to a file. To access a list of commands for scrolling and saving to a
file, press F1 while viewing the Logger screen.
Monitoring Connections to the Server

From the Connection Information page, you can do the following:
View connection information and all current connections
Clear specific connections
Clear all not-logged-in connections
View a list of files in use by any specific connection
Send a message to all users or to a specific user
To access the Connection Information page, click the Connections link in the
navigation frame.
Viewing Connection Information
The table in the Connection Manager on the Connection Information page

displays the following information about connections:
Connection Slots Allocated displays the number of slots currently
allocated for use. As connection slots are required on this server that
exceed the current number of slots displayed here, new slots are allocated.
Depending on the server's memory, connection slots are usually allocated
in blocks of 16. Connection slots are allocated as needed by users,
NetWare Loadable Module (NLM) programs, and other services.
Connection Slots Being Used displays the number of connection slots
currently in use. As this number matches or exceeds the Connection Slots
Allocated entry, more connection slots are allocated to the connection
table.
Signing Level displays the level at which NCPTM packet signature
signing is set on the server. NCP packet signatures prevent packet forgery
by requiring the server and the workstation to sign each NCP packet. A
higher packet signature number impacts the performance of your server.
At some point, the need for security might outweigh certain performance
issues.

103-000144-001
August 30, 2001
Novell Confidential
41
Manual
99a
38
July 17, 2001
Login State displays whether users are allowed to log in to the server. To
disable users from being able to log in to the server (for server
maintenance or other reasons), enter DISABLE LOGIN at the System
Console prompt. To allow users to log in to the server, enter ENABLE
LOGIN at the System Console prompt.
The table under the Connections heading on the Connection Information page
displays the following information about connections:
Station displays the connection number for each connection. Connection
0 is the connection used by the server. The server's operating system uses
connection numbers to control each station's communication with other
stations. Remote Manager does not distinguish connections that dont
count against the servers connection limit.
Name displays the name of the user, server, service, or login status and
links to specific information about that user connection such as the login
time, connection number, network address, login status, and files in use.
Clear Connection link is displayed next to the connection name link for
any connection that can be cleared.
Clearing All Not-Logged-In Connections
To clear all user connections that are open but not currently authenticated to
the server, click the Clear All Not Logged In Connections link on the
Connection Information page. The connections cleared can be NLM- or userbased.
You should be careful in clearing NLM-based connections because some
backup NLM programs establish a connection during the server initialization
process and maintain a Not Logged In connection to the server until it is time
to log in and run the backup process. These types of NLM connections will
not be able to re-establish a connection to the server unless the NLM is
manually unloaded and reloaded at the server console, which might prevent it
from functioning properly at the designated time of execution.
If a user reboots a workstation without properly logging out, the server sends
a watchdog packet to that workstation to see if it is still communicating with
the server. The server continues to send watchdog packets until the
workstation logs in again and re-establishes its connection with the server, or
until the watchdog drops the connection because of the lack of response from
the workstation.
42

103-000144-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Clearing Specific Connections
If a users workstation quits working, it usually leaves its connection to the

server open and files open. To clear a specific connection like this and others,
do the following:
1 Click the Connections link in the navigation frame to open the
Connection Information page.

2 On the Connection Information page, locate the specific connection listed
in the Connections table and then click the Clear Connection link next to
the connection.
Viewing a List of Files in Use by Any Specific Connection
To view which files a specific connection has open, do the following:

1 Click the Connections link in the navigation frame to open the
Connection Information page.

2 On the Connection Information page, locate the specific connection listed
in the Connections table and then click the username link.

Sending Messages to Users
Before you shut down, reset, or restart your server for any reason, you might
want to send a message to everyone connected to it.
To send a message to all of the users who are currently logged in to the server
through Novell ClientTM software, enter the message in the Broadcast Message
to Everyone field on the Connection Information page and click Send.
You can enter up to 252 characters and spaces in the message. On Windowsbased workstations, the message will appear in a pop-up dialog box at the
workstation. Broken connections and users that are not logged in through
Novell Client software will not receive the message.
To send a message to a specific user who is currently logged in to the server
through Novell Client software, enter the message in the Send Message field
on the Connection Information page for that user and click Send.

103-000144-001
August 30, 2001
Novell Confidential
43
Manual
99a
38
July 17, 2001
Viewing or Changing SET Parameters

From the Set Parameter Categories page, you can do the following:
View the SET parameter categories
To access the Set Parameter Categories page, click the Set Parameters
Access each SET parameter by category to view the current value for the
parameter or associated help and change the value
To view a setting for a specific parameter in a category, click the name of
the category on the Set Parameter Categories page. To change the value
for that parameter, click the parameter value link, change the value, and
click OK.
We recommend you keep the settings at the default unless you are aware
of the ramification of the changed value.
To view the help for each parameter, click the ? icon next to the parameter
value link.
The help description for each parameter describes what the parameter
controls, lists the range of values that can be set, shows the NLM program
that owns the parameter, and lists the attributes for the file.
Save the settings to a text file on volume SYS: to use as a reference
To save the settings to a text file on volume SYS:, enter a filename with
the .TXT extension in the Save Setting to a File on Volume SYS: field,
and then click Save.
Control whether hidden SET parameters are viewable at the System
Console prompt or in the SET parameters list in NetWare Remote
Manager
To do this, click the View Hidden Set Parameter On or Off button on the
Set Parameter Categories page.
View SET parameters with settings that are different from the server
default (modified)
To do this, click the View Modified Set Parameters button on the Set
Parameter Categories page. This list does not include nonpersistent SET
parameters. When diagnosing a server problem, you might want to review
settings that have been changed from the server default values or compare
them against a server that is working well. If you have more than one
network administrator making changes to your server, using this feature
will help you to know what changes have been made.
44

103-000144-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
View SET parameters with values that have been changed on the server
but that will reset to default values when the server is restarted
(nonpersistent)
To do this, click the View Non-persistent Set Parameters button on the Set
Parameter Categories page. Nonpersistent SET parameters are those
which are not stored in the NetWare Registry.
If you want the changes to nonpersistent Set parameters to be preserved
when the server reboots, you should add a line in the servers
AUTOEXEC.NCF file for setting the parameter.
Scheduling Tasks to Run at the Server

Rather than making a batch file to run specific console commands on the
server at a certain time, you can use the links and the form on the Scheduled
Console Commands page to schedule console commands to run.
To access the Scheduled Console Commands page, click the Schedule Task
To schedule a console command, complete the information in the form and
click Submit.
After scheduling a command, you can view and change the scheduled task
until you delete the schedule. Any console command is valid and you can enter
commands that execute NCF files, load NLM programs, send messages, etc.
To see a list of console commands and the associated help, click the Console
Commands link.
To change an already scheduled console command, select it from the list of
Currently Scheduled Console Commands, change the schedule, and then click
Submit.
To delete a task, select the task from the list of Currently Scheduled Console
Commands and click Delete.
Scheduled task lists are stored in the NetWare Registry, so they will be
preserved when the server is rebooted.

103-000144-001
August 30, 2001
Novell Confidential
45
Manual
99a
38
July 17, 2001
Viewing Server Console Commands

To view a list of commands that can be executed at the server console, click
the Console Commands link in the navigation frame.
To access the server console in order to execute any of these commands from
NetWare Remote Manger, click the Console Screens link.
To view specific syntax or help for each command, click the Info icon next to
the command. Several of the hidden console commands do not have any help
associated with the command.
The default sorting method for this list of commands is by the command name.
If you want the list to be sorted by the module that registered it, click the list
heading Owner.
Viewing Memory Configurations

Viewing the general information can help you understand how your server is
using memory and which programs are using it. Knowing how memory is
used can help you determine whether to add more memory to your server to
increase server performance or unload specific NLM programs that might be
causing memory problems, or change other settings that might allow the
server to use memory more proficiently.
To view general memory information, access the System Memory Information
page by clicking the View Memory Config link in the navigation frame.
The following table describes each statistic shown on the System Memory
Information page.
46
Statistics
Description
Total System Memory
Total amount of server memory.
Original Cache Memory
Amount of server memory after the

NetWare operating system loads and
allocates the memory it needs for its
resources. The rest of the memory in
the system is used for caching
purposes.

103-000144-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Statistics
Description
Current Cache Memory
Amount of server memory after

memory from the server cache pool is
used by kernel NLM programs and
virtual memory allocations.
File System Memory
Amount of server memory in use by the

directory cache buffers in the traditional
NetWare file system.
Reserved Swap Memory
The small footprint of reserved memory

that allows the NetWare operating
system to point to the physical location
of the actual swap file.
Swap File Size
The amount of hard disk space that has

been allocated as a virtual memory
swap file.
If you find that your server is swapping
to virtual memory and its performance
is suffering because of it, add more
memory to the server.
To view the swap file usage
information, click the Swap File Size
link.
NLM Memory
The total amount of memory allocated

by the operating system to the NLM
programs that are loaded on the server.
To view the details of how each NLM
program is using memory, click the
NLM Memory link.
Virtual Memory Pages
Amount of virtual memory the

operating system is using.
To view the health information and
other statistics for virtual memory, click
the Virtual Memory Pages link.
Server Memory Pools Summary link
Accesses the Server Memory Pools

page that shows information for all the
memory pools on the server.

103-000144-001
August 30, 2001
Novell Confidential
47
Manual
99a
38
July 17, 2001
Statistics
Description
Traditional File System Cache

Statistics link
Accesses the Traditional File System

Cache Statistics page that shows
cache statistics for the traditional file
system.
NSS cache statistics are not included in
these statistics.
Current Memory Usage chart
Shows how NetWare server memory

usage is divided between the NetWare
server's cache, the virtual memory
system, and kernel NLM programs.
Viewing System Statistics

Viewing statistics on your server can help you become familiar with how your
server is running at the various levels listed. This information can also help
you to know when to turn system alerts on or off. The following links on the
Server Statistical Information page allow you to view this information:
Network Management Information link accesses the Network
Management Information page that shows a short list of network
management IDs with their corresponding descriptions and current
values.
Kernel Statistical Information link accesses the Kernel Event Counter
Information page that shows the number and type of events that occur
during a sample period on a per-CPU basis.
LSL Statistical Information link accesses the LSL Statistical
Information page that shows the statistics generated and maintained by
the Link Support LayerTM of the NetWare server.
Media Manager Statistical Information link accesses the Media
Manager Information page that monitors requests in the server's disk I/O
subsystem (meaning those requests that actually cause access to disk
media). File system requests that access the file cache are not monitored.
Therefore, it is possible for these statistics to be at zero even when file
requests are occurring.
To access the Server Statistical Information page and view these statistics,
click the View Statistics link in the navigation frame, and then click the
applicable link for the statistic you want to view.
48

103-000144-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Shutting Down, Resetting, or Restarting the Server

Options for shutting down, resetting, or restarting your server are on the Down
Server Options page.
To access the Down Servers Options page, click the Down / Restart link in the
navigation frame.
To shut down, restart, or reset (warm boot) the server, click the applicable
action on the Down Servers Options page, and then confirm your choice.
Using any of these options makes the server shut down normally by writing
all cache buffers to disk, closing all files, updating the appropriate Directory
Entry and File Allocation Tables, exiting the network, and dismounting all
volumes.
WARNING: If volumes are not dismounted normally, data loss could occur.
Resetting the server makes the server shut down normally and then warm
boots the computer. To make the server load automatically after a RESET
command and allow access to the server from NetWare Remote Manager,
enter a line to run SERVER.EXE in the DOS AUTOEXEC.BAT file.
When the browser loses communication with NetWare Remote Manager, the
overall health status indicator will display black with an X through it. When
communication is re-established with the server, the normal health status will
again display the servers status unless the accessibility options for manually
refreshing the server are enabled.
If this page is displayed after a DOWN, RESTART, or RESET command has
been issued to the server, you will be given the option to immediately restart
or reset the server. This will bypass the normal shutting down of the server and
allow you to immediately perform the selected operation.

103-000144-001
August 30, 2001
Novell Confidential
49
Manual
99a
38
July 17, 2001
Managing Applications
When managing applications on your server using NetWare Remote Manager,
use the following links in the navigation frame to help you accomplish the
following tasks:
Use this link
To do these tasks
List Modules
View resource information about

each module loaded on the
server or in an address space
Access more detailed
information about a module, its
flags, resources, and memory
allocation as well as a button to
unload the module
Load an NLM program on the
server
View the search path for loading
a module or .NCF file
Protected Memory
Execute an .NCF file to load

several modules into the same
protected address space
Load specific modules in
protected address spaces
View a list of modules loaded in
a specific address space
View or change the current
memory protection SET
parameter settings
System Resources
View all resource tag types in the

server operating system
View specific details about each
resource
50

103-000144-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Use this link
To do these tasks
NetWare Registry
View key information from the

NetWare registry for this server
View operational information
Run the consistency checker for
the registry
Flush the registry
Winsock 2.0
View Winsock 2 NetWare

settings and statics
Diagnose and debug Winsock
communications problems
Protocol Information
View general and specific information

about each protocol running on the
server
Managing NLM Programs

To view a list of NLM programs and manage them, access the NetWare
Loadable Module Information page by clicking the List Modules link in the
navigation frame.
From the NetWare Loadable Module Information page, you can do the
following:
View a list of all the NLM programs that are loaded on the server or in an
address space
The list of all NLM programs that are loaded on the server is the default
view on this page.
You can sort the list by module name, code/data size, or memory usage.
To do this, click the column heading you want to sort by.
The column totals of this list show how much memory is being used by
all of the NLM programs collectively on the system. This information can
help you better plan for future memory upgrades to the server.
To access detailed information about a module (flags, resources, memory
use details, module dependency list, etc.), as well as an option to unload
the NLM program if there are no module dependencies, click the
modules name link.

103-000144-001
August 30, 2001
Novell Confidential
51
Manual
99a
38
July 17, 2001
To view the allocated memory summary for an individual NLM program,

click the value link in the Alloc Memory column.
This summary indicates how much memory a NetWare Loadable Module
has requested from the system and how much it is currently using. This
information is valuable in determining whether the module is using too
much system memory.
Load an NLM program on the server
To do this, enter the name of the module you want to load in the Load
Module field and then click the Load Module button. If you want to
display the System Console while the NLM program is loading, check the
Display System Console for Module Load check box.
View the search path for loading modules or .NCF file
To do this, click the Module Load Search Path link. If the module cannot
be found, you can change the search path as follows:
To add another search path to the bottom of the search stack, enter
the following command at the server console:
Search Add complete_path
For example: Search Add SYS:\SYSTEM\EXTRAS
To insert a search path into the middle of the search stack, such as to
make a search path the second place that NetWare looks for its files,
enter the following command at the server console:
Search Add number complete_path
For example: Search Add 2 SYS:\SYSTEM\EXTRAS
To find out more about using the Search command, click Console
Commands and then click the Info icon next to Search.
52

103-000144-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Viewing and Managing Programs in Protected Memory and Protected

Address Spaces
To view and manage programs in protected memory and protected address
spaces, access the Address Space Information page by clicking the Protected
Memory link in the navigation frame.
From the Address Space Information page, you can do the following:
Execute an NCF to load several modules into the same protected address
space
To do this, click the Load Modules Protected button. If you want to see
the System Console screen while the NLM program is loading, check the
Display System Console for NCF Execution check box.
Load an individual module into the protected address space
To do this, click the Load Modules Protected button. If you want to see
the System Console screen while the NLM program is loading, check the
Display System Console for Module Load check box.
View information about an address, such as its name, address space, time
since last fault, restart count, and the status for Restartable, Unload,
Remove, and Restart
If there is a button rather than n/a status in these columns, you can do the
following:
Restartable allows you to change the restart state of that address
space.
Unload unloads all modules from the address space.
Remove removes the address space from the server without running
the termination code of modules in that address space.
Restart allows you to reload that address space.
View information about modules running in protected address spaces on
the server
To view a listing of all NLM programs loaded in the protected address
space, click the name link for that address space.
View or change the current memory protection SET parameter settings
To view the settings, click the Memory Protection Set Parameter link to
display the Memory page.
To change a setting, access the Memory page, click the value link for the
setting, enter a new value within the specified range, and then click OK.

103-000144-001
August 30, 2001
Novell Confidential
53
Manual
99a
38
July 17, 2001
Viewing System Resources

Resource tags are used to track things like allocated memory, screens, and
packet receive buffers. When an NLM program wants to check out or allocate
a resource from the system, it passes in a resource tag to the system and the
resource tag is updated to show how much of the resource is in use. When the
resource is returned to the system, the resource tag is again updated to reflect
the change. When an NLM program is unloaded, the resource tags are also
used to ensure that the NLM program returned all of the system resources that
it was using.
To view the resource tags used by the system, access the System Resource
page by clicking the System Resources link in the navigation frame.
From the System Resource page, you can do the following:
View a list of all the Resource tags in use at any given time
Access the details of a resource
To view the details of a resource, click the resource name.
A list is displayed that is sorted by NetWare Loadable Module (NLM) and
then by number in use. The items displayed are a short name for the NLM,
the NLM description, the resource tag description, and the amount of the
resource that is checked out to that resource tag.
Viewing NetWare Registry Information

The NetWare registry is a database of setup and configuration information that
determines how the NetWare server and applications on this server will run.
To view key information from the NetWare registry for this server, view
operational information, run the consistency checker, and flush the registry,
access the Registry page by clicking the NetWare Registry link in the
navigation frame.
Key information shows keys and values for your server, performance, and
other dynamic data.
Operational information shows the overall details about the NetWare registry
for your server.
If any problems are noted when you run the consistency checker, contact a
Novell support provider for actions to take.
Flushing the registry lets you make changes and save them to disk
immediately rather than waiting 30 seconds for them to be copied to disk.
54

103-000144-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Viewing Winsock 2.0 Statistics

Viewing Winsock information can help you understand how the applications
on your server are interacting with the Winsock APIs provided in NetWare.
Error status conditions are distinguished with yellow and red for quick
identification.
To view Winsock resource information, diagnostic and debug information for
sockets, information for transport providers and active name space providers,
and a small set of general statistics, access the NetWare Winsock 2
Communication Framework page by clicking the Winsock 2.0 link in the
navigation frame.
The main content on this page shows the transport providers and active name
space providers, and a small set of general statistics as well as the following
links:
Winsock 2 Resources link
Opens the Winsock 2 Resources page. From this page you can view all
the Winsock resources that are currently in use, open sockets, Winsock 2
events, sockets that are used by a particular application, and protocol
objects within an active session and the number that are active.
To view a list of Winsock 2 sockets in use, click the Winsock 2 Socket
List link.
If an error condition exists (indicated by the status being highlighted
yellow or red), you might want to view the details of that socket. To
view the details of a socket and socket status, click the link for the
socket number you want to view on the Winsock 2 Socket list page.
To view the details of the error, click the Last Error link in the
Detailed Information for Socket Number x page.
To close an individual socket, click the Close Socket button at the
bottom of the socket detail page.
To view a list of all the events used by Winsock 2, click the Winsock 2
Event List link.
This list shows the socket number used by the event, the event
handle, the wait count, the wait status, the owning thread, and the
application that the event is used by.
If a socket number is listed, a link to the details page for that socket
is provided.
The Owning Thread link disassembles the code stack of the thread
that created the event.

103-000144-001
August 30, 2001
Novell Confidential
55
Manual
99a
38
July 17, 2001
To view a list of sockets opened by a specific application, click the link

for the application in the Winsock Applications list.
To view a list of all the session objects created within this protocol object,
click the General WSP Protocol Object link to open the General WSP
Protocol Object Session Map page. On this page, you can access links to
the upper sessions and lower sessions as well as a link to the socket details
page.
To view a list of all the session objects created within the IP protocol,
click the IP Protocol Object link to open the IP Protocol Object Session
Map page. On this page, you can link to the current session and upper
session. Using these links to the sessions, you can map a sockets course
throughout all the Winsock layers.
To view a list of all the session objects created within the SSL protocol,
click the SSL Layered Protocol Object link to open the SSL Layered
Protocol Object Session Map page. On this page, you can link to the
current session, upper session, and lower session. Using these links to the
sessions, you can map a sockets course throughout all the Winsock layers.
Diagnostics and Debug link
Opens the Diagnostics and Debug page that shows five resource lists to
identify, diagnose, and debug Winsock communication problems: 1)
Socket Warning, 2) Session Warning, 3) Socket Waiting, 4) Event
Waiting, 5) Session Linger.
From these lists you can follow active links to error or warning conditions
on your server.
Toggle Counters ON/OFF button
Lets you turn on or off the viewing of global counter information gathered
in the system and view the number of successes and failures.
IMPORTANT: Toggling counters ON adds significant activity to the server
operating system.
For optimal performance, toggle the Winsock diagnostic counts off after
you have gathered the information you need.
Turning the counters on adds the following information to the general
statistics and adds the Global API Counter link to the page:
Bytes Received Successfully
Bytes Transmitted Successfully
Bytes Not Received Due to Error
56

103-000144-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Bytes Not Transmitted Due to Error

Packet Receive Buffers In Use 0
Global API Counters link
Opens the Global API Counters page that lists all of the global counter
information gathered in the operating system.
Viewing Information about Each Protocol Running on the Server

From the Protocol information page, you can view general and specific
information about each protocol running on the server. To access specific
information for a protocol, click the link for the protocol. From the specific
NCP page, you can enable and disable tracking counters for NCP (NetWare
Core Protocol).
Managing Server Hardware

When managing your server hardware using NetWare Remote manager, use
the following links in the navigation frame to help you accomplish the
following tasks:
Use this link
To do these tasks
Processors
View the status and detailed

information about all processors
available on the server
Bring a processor on or offline

103-000144-001
August 30, 2001
Novell Confidential
57
Manual
99a
38
July 17, 2001
Use this link
To do these tasks
Disk / LAN Adapters
View information about the

storage and network adapters
that are installed on the server
and the slots they are in
View additional storage adapter
information, such as statistical
information for the media
manager of the server,
resources registered, and
information for the devices that
are controlled by the adapter
View additional network adapter
information, such as statistics
generated and maintained by
the LSL, resources registered
and counter information, and
frame types and protocols
bound
PCI Devices
View a list of Hardware Instance

Numbers (HIN)
View the Peripheral Component
Interconnect (PCI) configuration
space and hexidecimal offset for
a HIN
Other Resources
View the resource information that

drivers have registered for interrupts
and handlers, non-ISA slots, ports,
Direct Memory Access (DMA)
channels, or shared memory
addresses
Accessing Processor Information

Information about the processor speed as well as the local cache sizes is useful
in determining how much work a processor can do. To access this information,
click the Processors link in the navigation frame to access the Processor
Information page.
From this page, you can view the status and detailed information about all
processors available on the server.
58

103-000144-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Many of the profiling operations in NetWare Remote Manager

(PORTAL.NLM) require at least a Pentium* Pro processor (family 6 or
higher). If the processor is a Pentium III or higher model, the processor serial
number is also displayed.
If more than one processor is present, you can stop and start processors
individually (except for P0) by clicking the corresponding Stop/Start
processor link.
Viewing Storage and Network Adapter Information

To view information about the storage and network adapters that are installed
on the server and the slots they are in, access the Hardware Adapter page by
clicking the Disk/LAN Adapter link in the navigation frame.
If the driver does not register a slot, it is reported as an ISA slot.
To view additional storage adapter information, use the following links:
Storage Statistics button displays statistical information for the media
manager of the server.
Info link displays the resources registered for that adapter.
Name link displays the information for the devices that are controlled by
the adapter.
To view additional Network Adapters information, use the following links:
Storage Statistics button displays the statistics generated and
maintained by the Link Support Layer (LSL) of the server.
Info link displays the resources registered and counter information for
that adapter.
Name link displays the frame types and protocols that are bound to that
adapter.
Viewing PCI Device Information

To view a list of Hardware Instance Numbers (HIN), access the PCI Device
Information page by clicking the PCI Devices link in the navigation frame.
Each HIN represents a hardware device.
To view the Peripheral Component Interconnect (PCI) configuration space
and hexidecimal offset for a HIN, click the specific HIN link.

103-000144-001
August 30, 2001
Novell Confidential
59
Manual
99a
38
July 17, 2001
Viewing Hardware Resource Information

To view the resource information that drivers have registered with the
following hardware resources listed, access the Hardware Resource page:
Interrupts and handlers
Non-ISA slots
Ports
Direct Memory Access (DMA) channels (if applicable)
Shared memory addresses
To access the Hardware Resources page, click the Other Resources link in the
navigation frame.
To display the information that the drivers have registered with the server
operating system for a specific resource, click the specific resource link.
Managing Novell eDirectory

Walking the eDirectory Tree
From the NDS Tree Walker page, you can view the current eDirectory tree.
This page also lets you view details on and delete individual objects in the tree.
WARNING: Be cautious when deleting objects. As an administrator, you can
delete any object and you might accidently delete the Admin object itself. This
prevents any access to the systemincluding administrator access.
Viewing eDirectory Partitions and Replicas

From the NDS Partitions page, you can view information about eDirectory
partitions on the server. The information available is the partition or replica
name, the type of partition or replica, and the current state and name of the
server that the partition or replica exists on.
Accessing Other eDirectory Management Tools

If NDSIMON.NLM is loaded on the server, you can also access the eDirectory
iMonitor utility and DS Trace utilities to manage and troubleshoot eDirectory
on your server. For more information about iMonitor, see Novell iMonitor in
the Novell eDirectory 8.6 Administration Guide.
60

103-000144-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Using Server Groups

NetWare Remote Manager lets you build server groups and perform
operations on those groups. Currently, the only operation you can do with a
group is to monitor server health.
To build a group of servers that you want to monitor from one page, access the
Server Group Selection page by clicking the Build Group link in the
navigation frame.
You must wait a few minutes while NetWare discovers the servers that are
available on your network to monitor and builds a selection page.
After the selection page is built, indicate which servers you want to monitor
by checking the Select All button or clicking the check box next to each server
that you want to include in the group, and then clicking the Build Server
Group link. The Server Group Operation Page is displayed.
To build the Multiple Server Health Monitor page, complete the Health
Monitor and Group Operations information and then click the Multiple Server
Health Monitor button. For more information on monitoring the health of
several servers, see Monitoring the General Health of a Group of Servers on
page 27.
You can save the configuration of the group so you can access this page again
without having to complete the configuration options. To save the
configuration of the group you have selected and completed the configuration
options for, click the Save Group File button.
To access the page at a later time for a server group that you have saved, do
the following:
1 Click the Load Group File link in the navigation frame.
2 On the Server Group file page, enter the path or browse to the
configuration file for the server group that you previously saved.
3 Click the Build Server Group button.

103-000144-001
August 30, 2001
Novell Confidential
61
Manual
99a
38
July 17, 2001
Accessing and Managing Other Servers

To access other servers in your eDirectory tree that have NetWare Remote
Manager loaded, click the Managed Server List link. A list of servers is
provided via SLP (Service Location Protocol).
You can also access the file system of servers that dont have NetWare Remote
Manager loaded that are in your current tree by clicking the Basic File Access
link. Clicking this link loads an additional module called NWRSA (NetWare
Remote Server Access) and then lists other servers not running the
PORTAL.NLM as reported by SLP in the current servers tree (NetWare 5 and
4 servers only). No health monitoring or other administrative options are
available on these servers.
When the list of NetWare servers is first displayed, it might include servers
outside the current tree, as reported by SLP. The question mark (?) icon next
to the server name indicates that the PORTAL.NLM is checking its
availability. The question mark icon changes to a server icon if it is in the
current tree. The question mark icon is removed if the server is not in the
current tree.
The filtering of the server list might take several minutes if the list is long. To
refresh the list, you can reload the page.
62

103-000144-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

You can use NetWare Remote Manager to troubleshoot some server
problems. This chapter includes methods for doing the following:
Finding CPU Hogs (page 63)
Finding High Memory Users (page 64)
Tracing Abend Sources (page 65)
Locating Server Process Hogs (page 66)
Locating Disk Space Hogs (page 66)
Seeing Who Is Using a File (page 67)
Finding CPU Hogs

A CPU hog could be an NLMTM program that is poorly designed or has
become corrupted and, as a result, is using up so much of the server's CPU
cycles that other NLM programs are not able to run properly.
CPU hog problems are indicated on the Server Health Monitoring page by a
suspect or bad status for the CPU Utilization-x indicator.
To track down a CPU hog using NetWare Remote Manager, do the following:
1 Under the Diagnose Server heading, click the Profile/Debug link.
2 Identify the offending thread and Parent NLM.
2a In the Execution Profile Data by Thread table, note the thread and the
Parent NLM that is taking the longest execution time.

2b To see which tasks the thread is trying to perform, do one of the
following:
Click the execution time link.

103-000144-001
August 30, 2001
Novell Confidential
63
Manual
99a
38
July 17, 2001
Click the Execution Profile Data by NLM link and note and the
execution time and module name for the Parent NLM of the first
entry. The first entry will have the highest execution time. Click
the Execution time value.
3 Identify which part of the NLM program is causing the problem by
looking at the Nearest Symbol information.

From here you can trace each procedure including the one that is being
called most often (indicated by the highest Call Count).
4 If possible, unload the offending NLM program to see if the problem
disappears.
Finding High Memory Users

High memory use problems are indicated on the Server Health Monitoring
page by a suspect or bad status for the Available Memory indicator.
To find high memory users using NetWare Remote Manager, do the following:
1 Under the Manage Applications heading in the Navigation frame, click
the List Modules link.

This displays the NetWare Loadable Modules Information page that
shows a list of NLM programs running on the server.
2 On the NetWare Loadable Modules Information page, sort the list
displayed by allocated memory usage by clicking the Alloc Memory

heading.
The NLM program using the most memory will be at the top of the list.
To further track how that module is using memory, you can click the value
link in the allocated memory column to display the Allocation Summary
page for that NLM program.
This page contains the Allocation Summary L!=P information, links to
sort the memory allocation by Resource Tag or size, and a link to display
the object cache information.
64

103-000144-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Tracing Abend Sources

Server abends (abnormal end of a piece of server code) are indicated on the
Server Health Monitoring page by a suspect or bad status for the Abended
Thread Count indicator.
To trace sources of server abends, do the following:
This displays the Profiling and Debug Information page that shows
information about active and suspended threads, their states, the owning
NLM program, and execution times.
2 On the Profiling and Debug Information page, check to see which thread
or program has a Suspended by Abend Recovery state and click the thread
name link for that thread.
This displays the Thread Information page.
3 From the Thread Information page, view the Suspend Description field.
This information should tell you what the thread experienced and when.
You will also be able to see a listing of Registers, Code Executed, and
Stack information that the server was executing at the time the thread
suspended.
If the thread was suspended by the Abend Recovery process, the state of
the thread at the time of the abend is displayed, along with the reason for
the abend and the code that was being executed at the time.
4 Click the stack address and perform some basic stack tracing (if you are
familiar with interpreting assembly code).

You can use this information to look at the NLM information that is
associated with the thread that had the problem. This can help you
determine whether the NLM itself is having a problem or whether it is
having a problem only when certain other NLM programs are running.
5 If possible, unload the NLM to see if the problem disappears.

103-000144-001
August 30, 2001
Novell Confidential
65
Manual
99a
38
July 17, 2001
Locating Server Process Hogs

Server process hogs (or NLM programs that use a lot of server processes) are
indicated on the Server Health Monitoring page by a suspect or bad status for
the Available Server Processes indicator.
To find server process hogs, do the following:
This displays the Profiling and Debug Information page that shows
information about active and suspended threads, their states, the owning
NLM program, and execution times.
2 On the Profiling and Debug Information page, click one of the thread
name links that has a Delayed status.

This displays the Thread Information page.
3 From the Thread Information page, view the Suspend Description field.
This information should indicate what method the thread last used to
yield the processor. A short trace of stack information that the server was
executing at the time the thread suspended is also displayed.
4 Click the stack address and perform some basic stack tracing (if you are
familiar with interpreting assembly code).

You can trace the service process that is in use by the NLM to see how it
is actually using the process and you can look at the stack and see what
the thread is using the service process for.
Locating Disk Space Hogs

To locate disk space hogs (traditional volumes only), do the following:
1 Under the Manage Server heading, click the Volumes link.
This displays the Volume Management page that shows the volumes and
local server partition information.
2 On the Volume Management page, click one of the volumes listed.
This displays a list of all the subdirectories and files that are on that
volume.
3 Sort the listing by disk space usage by clicking the Size heading. The
highest user will be at the top of the sorted list.
66

103-000144-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Seeing Who Is Using a File

When you receive a message that a file has been locked, you can find out who
is using that file by doing the following:
1 Under the Manage Server heading, click the Volumes link.
This displays the Volume Management page that shows the volumes and
local server partition information.
2 On the Volume Management page, click the volume name link and
browse to the file.

This displays a list of all the subdirectories and files that are on that
volume.
3 When you have located the file, click the ? icon to the left of the filename.
This displays the information page for this file, which shows the file lock
information by connection. You can then send a message to the user or
clear the connection for the user.
To clear the connection, click the Connections link, locate the

connection that has the file open, and then click the Clear Connection
link for that user.
To send a message to the user, click the username link in the File
Lock Information by Connection table on the information page for
the file, enter a message in the Send Message field, and then click
Send.

103-000144-001
August 30, 2001
Novell Confidential
67
Manual
68
99a
38

103-000144-001
August 30, 2001
Novell Confidential
July 17, 2001
Utilities Reference
Novell
NetWare 6
www.novell.com
UTILITIES REFERENCE
August 29, 2001

Novell Confidential
Manual
Rev 99a
28 October 99
17
Contents
Overview
Utilities
11
ABORT REMIRROR . . . . . . . . . .
ADD NAME SPACE . . . . . . . . . .
AIOCON . . . . . . . . . . . . . . . .
AIOPDCON . . . . . . . . . . . . . .
ALERT . . . . . . . . . . . . . . . . .
ALIAS . . . . . . . . . . . . . . . . .
ARASCON . . . . . . . . . . . . . . .
ATCON . . . . . . . . . . . . . . . . .
ATMCON . . . . . . . . . . . . . . . .
BIND . . . . . . . . . . . . . . . . . .
CAPITRCE . . . . . . . . . . . . . . .
CAPTURE . . . . . . . . . . . . . . .
CDROM . . . . . . . . . . . . . . . .
CHARSET . . . . . . . . . . . . . . .
Certificate Server. . . . . . . . . . . .
CLEAR STATION . . . . . . . . . . .
CLIB . . . . . . . . . . . . . . . . . .
CLS. . . . . . . . . . . . . . . . . . .
CONFIG . . . . . . . . . . . . . . . .
CONLOG . . . . . . . . . . . . . . . .
ConsoleOne . . . . . . . . . . . . . .
CPUCHECK . . . . . . . . . . . . . .
CX . . . . . . . . . . . . . . . . . . .
DISABLE LOGIN . . . . . . . . . . . .
DISMOUNT . . . . . . . . . . . . . .
DISPLAY ENVIRONMENT. . . . . . .
DISPLAY INTERRUPTS . . . . . . . .
DISPLAY MODIFIED ENVIRONMENT
DISPLAY NETWORKS. . . . . . . . .
DISPLAY PROCESSORS . . . . . . .
DISPLAY SERVERS . . . . . . . . . .
DOWN . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Contents
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
11
12
13
13
14
16
17
18
19
19
23
23
24
25
26
27
28
29
29
31
35
36
37
39
40
41
42
44
45
46
48
49
Manual
DSDIAG (DS DIAGNOSTICS). . . . .

DSMERGE . . . . . . . . . . . . . .
DSREPAIR . . . . . . . . . . . . . .
DTRACE. . . . . . . . . . . . . . . .
EDIT . . . . . . . . . . . . . . . . . .
ENABLE LOGIN . . . . . . . . . . . .
Enhanced SBACKUP . . . . . . . . .
FILTCFG . . . . . . . . . . . . . . .
FILER . . . . . . . . . . . . . . . . .
FLAG . . . . . . . . . . . . . . . . .
FRCON . . . . . . . . . . . . . . . .
FRTRACE . . . . . . . . . . . . . . .
HELP . . . . . . . . . . . . . . . . .
INETCFG . . . . . . . . . . . . . . .
INITIALIZE SYSTEM . . . . . . . . .
INSTALL . . . . . . . . . . . . . . . .
IPXCON . . . . . . . . . . . . . . . .
IPXPING . . . . . . . . . . . . . . . .
IPXS . . . . . . . . . . . . . . . . . .
JAVA . . . . . . . . . . . . . . . . .
KEYB . . . . . . . . . . . . . . . . .
LANGUAGE . . . . . . . . . . . . . .
LIST DEVICES . . . . . . . . . . . .
LIST STORAGE ADAPTERS . . . . .
LIST STORAGE DEVICE BINDINGS .
LOAD . . . . . . . . . . . . . . . . .
LOGIN . . . . . . . . . . . . . . . . .
LOGOUT . . . . . . . . . . . . . . .
MAGAZINE . . . . . . . . . . . . . .
MAP . . . . . . . . . . . . . . . . . .
MEDIA . . . . . . . . . . . . . . . . .
MEMORY . . . . . . . . . . . . . . .
MEMORY MAP . . . . . . . . . . . .
MIRROR STATUS. . . . . . . . . . .
MODULES. . . . . . . . . . . . . . .
MONITOR . . . . . . . . . . . . . . .
MOUNT . . . . . . . . . . . . . . . .
NAME . . . . . . . . . . . . . . . . .
NCS Debug . . . . . . . . . . . . . .
NDPS Broker . . . . . . . . . . . . .
NDPS Manager . . . . . . . . . . . .
NetWare ConnectView . . . . . . . .
NetWare Login . . . . . . . . . . . .
NetWare Remote Manager . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Rev 99a
28 October 99
17
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
50
51
52
55
55
56
57
58
60
61
68
68
68
69
72
72
73
76
76
78
79
80
81
83
85
86
90
92
94
94
98
98
99
100
101
103
117
119
119
119
121
122
122
123
Manual
NIASCFG. . . . . . . . . . . . . .
Novell Printer Manager. . . . . . .
Novell Migration Wizard . . . . . .
NSS . . . . . . . . . . . . . . . .
NSWEB . . . . . . . . . . . . . .
NVXADM . . . . . . . . . . . . . .
NVXWEB . . . . . . . . . . . . . .
NWBACK32 . . . . . . . . . . . .
NWCCON . . . . . . . . . . . . .
NWCONFIG . . . . . . . . . . . .
NWCRPAIR . . . . . . . . . . . .
NWCSTAT . . . . . . . . . . . . .
ORBCMD. . . . . . . . . . . . . .
PING . . . . . . . . . . . . . . . .
PPPCON . . . . . . . . . . . . . .
PPPRNCON . . . . . . . . . . . .
PPPTRACE . . . . . . . . . . . .
PROTECT . . . . . . . . . . . . .
PROTECTION . . . . . . . . . . .
PROTOCOL . . . . . . . . . . . .
PSERVER . . . . . . . . . . . . .
RCONAG6 . . . . . . . . . . . . .
RCONPRXY . . . . . . . . . . . .
RConsoleJ . . . . . . . . . . . . .
REBUILD . . . . . . . . . . . . . .
RECORD . . . . . . . . . . . . . .
REGISTER MEMORY . . . . . . .
REINITIALIZE SYSTEM . . . . . .
REMIRROR PARTITION. . . . . .
REMOVE NETWORK ADAPTER .
REMOVE NETWORK INTERFACE
REMOVE STORAGE ADAPTER .
REPLACE . . . . . . . . . . . . .
REPLAY . . . . . . . . . . . . . .
RESET ENVIRONMENT . . . . . .
RESET NETWORK ADAPTER . .
RESET NETWORK INTERFACE .
RESET ROUTER . . . . . . . . .
RESTART SERVER . . . . . . . .
RIGHTS . . . . . . . . . . . . . .
ROUTE . . . . . . . . . . . . . . .
SCAN ALL . . . . . . . . . . . . .
SCAN FOR NEW DEVICES . . . .
SCRSAVER . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Rev 99a
28 October 99
17
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Contents
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
124
124
125
126
130
130
131
131
135
135
137
137
137
138
139
139
139
140
140
141
143
144
146
148
149
151
152
156
157
158
159
160
161
162
162
163
164
165
166
167
169
176
177
179
Manual
SEARCH . . . . . . . . . . . . . . . .
SECURE CONSOLE . . . . . . . . . .
SERVER. . . . . . . . . . . . . . . . .
SET . . . . . . . . . . . . . . . . . . .
SHUTDOWN NETWORK INTERFACE .
SPEED . . . . . . . . . . . . . . . . .
SPFCON . . . . . . . . . . . . . . . .
SPXCONFG . . . . . . . . . . . . . . .
SPXS . . . . . . . . . . . . . . . . . .
START PROCESSORS . . . . . . . . .
STATICON . . . . . . . . . . . . . . .
STOP PROCESSORS . . . . . . . . .
SWAP . . . . . . . . . . . . . . . . . .
TCPCON . . . . . . . . . . . . . . . .
TECHWALK . . . . . . . . . . . . . . .
TIME . . . . . . . . . . . . . . . . . . .
TIMESYNC . . . . . . . . . . . . . . .
TLI . . . . . . . . . . . . . . . . . . . .
TPING . . . . . . . . . . . . . . . . . .
TRACK OFF . . . . . . . . . . . . . . .
TRACK ON . . . . . . . . . . . . . . .
UNBIND . . . . . . . . . . . . . . . . .
UNLOAD . . . . . . . . . . . . . . . .
UPS_AIO . . . . . . . . . . . . . . . .
VIEW . . . . . . . . . . . . . . . . . .
VOLUME . . . . . . . . . . . . . . . .
VREPAIR . . . . . . . . . . . . . . . .
WAN Traffic Manager . . . . . . . . . .
WMDMMGR . . . . . . . . . . . . . . .
X25CON . . . . . . . . . . . . . . . . .
X25DISP. . . . . . . . . . . . . . . . .
XLOG . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Rev 99a
28 October 99
17
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
LAN Driver Statistics
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
182
183
184
186
250
250
251
252
254
255
256
257
258
260
262
263
264
265
266
267
267
269
272
274
278
278
279
285
286
286
286
287
289
Monitoring Network Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289
Novell Trademarks
307
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Overview
Utilities Reference gives you essential information about NetWare utilities.
For more information about each utility, see the online help for that utility.
For step-by-step instructions to accomplish specific tasks, or for information
on NetWare concepts, follow the cross-reference links listed with the
respective utilities.
Some new utilities have been included with NetWare 6. Some NetWare
utilities have been discontinued, while others have been combined with
related utilities.
Before you can work effectively with NetWare 6 utilities, you must have a
basic understanding about the NDS and Novell eDirectoryTM
infrastructures. For more information, see the online NDS and eDirectory
documentation (http://www.novell.com/documentation/).
In Novell documentation, a greater-than symbol (>) is used to separate actions
In this Utilities Reference, certain command syntax conventions are used. The
following MAP example illustrates several of these conventions, and the
subsequent table lists and explains all the possible conventions.
MAP [P | NP] [option] drive:= [drive:|path]
HINT: Unless specifically noted otherwise in the documentation, text typed at
command line prompts, in configuration files, etc., is not case sensitive and can be
entered in either upper- or lowercase letters.
Overview
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
10
99a
38
July 17, 2001
Convention
Explanation
Boldface
characters
Boldface characters indicate items that you type at the

prompt, such as commands.
Italicized
characters
Italicized characters indicate variables that you replace

with information pertinent to your task.
...
Ellipses indicate that parameters, options, or settings

can be repeated.
[]
An item enclosed in square brackets is optional. You can

enter the command with or without the item.
[[ ]]
Items enclosed by nested square brackets are optional.

But if you use the items within the innermost brackets,
you must also use the items within the outer brackets.
When items are separated by a delimiter bar, you can

use either item, but not both.
{}
Braces indicate that you must choose at least one of the

enclosed options.
<>
Angle brackets enclose a descriptive name for any value

that is provided as output by a computer.
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Utilities
This chapter gives you essential information about NetWare utilities. For
more information about each utility, see the online help for that utility.
For step-by-step instructions to accomplish specific tasks, or for information
on NetWare concepts, follow the cross-reference links listed with the
respective utilities.
ABORT REMIRROR
Purpose
Use at the server console to stop remirroring a logical partition.
Syntax
ABORT REMIRROR logical _partition_number
Parameter
Use to
number
Specify the number of the logical partition you

want to stop remirroring.
NOTE: To view a list of disk partitions, execute the MIRROR STATUS command.
See MIRROR STATUS on page 100.
Example
To stop remirroring logical partition 2, enter
ABORT REMIRROR 2
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
11
Manual
99a
38
July 17, 2001
Topic
See
Restart remirroring
REMIRROR PARTITION on page 157
ADD NAME SPACE

Purpose
Use at the server console to store non-DOS files on a NetWare volume.
IMPORTANT: Before you can use this command, you must load a name space
module. See LOAD on page 86.
Syntax
ADD NAME SPACE [name [TO [VOLUME]] volume_name]
Parameter
Use to
(no parameter)
Display the loaded name spaces.
name
Specify the name of the name space module

you loaded. Supported names are
LONG (OS/2*, Windows* 95, Windows NT*)
MAC (Macintosh*)
NFS (NFS*)
FTAM (FTAM)
FTAM is an add-on module that you can
purchase from another provider.
volume_name
12
Specify the name of the volume you want to

store the non-DOS files on.
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Using ADD NAME SPACE

You need to add a name space only once to a volume with the ADD
NAME SPACE command.
Each time you mount a volume to which you added a name space (for
example, each time you bring up the server), the corresponding name
space module is autoloaded.
NOTE: Because you dont need to add a name space to a volume each time the
server comes up, you dont need to put the ADD NAME SPACE command in the
autoexec.ncf file.
When name space support is added to a volume, another entry is created

in the directory table for the directory and file naming conventions of that
name space (file system).
Topic
See
Adding name space support Adding a Name Space
AIOCON
Purpose
Configure low-level port information. You can use this utility by loading
NIASCFG and following this path:
Select Configure NIAS > Remote Access > Configure Ports
AIOPDCON
Purpose
Create Packet Assembler Disassembler (PAD) profiles used to configure PAD
parameters for X.25 connections. You can use this utility by loading
NIASCFG and following this path:
Select Configure NIAS > Remote Access > Set Up... > Configure AIOPAD
Parameters
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
13
Manual
99a
38
July 17, 2001
ALERT
Purpose
Use at the server console to manage NetWare alerts. You can enable or
disable the display and logging of specific alerts, limit the amount of
information displayed with an alert, and control other aspects of alert
messages.
Syntax
ALERT nmID command ON|OFF
Parameter
Use to
nmID
Specify the nmID number of the alert you want

to manage. This number appears in
parentheses whenever the alert is generated.
For example, server address changes cause a
50019 alert. The alert message includes the
alert ID number in brackets, like this:
[nmID=50019].
command
Specify the functionality to be turned on or off

for the alert.
Valid command values are:
EVENT
LOG
EVERYONE
CONSOLE
BELL
ID
LOCUS
ALERT
NMID
ALL
ON|OFF
14
Enable or disable the functionality of the

command parameter.
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Command Parameter Values

Command
Function
EVENT
Generates an event when the alert is

generated.
LOG
Sends the alert message to a log file.
EVERYONE
Sends the alert to everyone on the network.
CONSOLE
Displays the alert message on the server

console.
BELL
Sounds a warning bell when the alert is

generated.
ID
Displays ID information. This information

appears in some older error and alert
messages but is no longer used.
LOCUS
Displays locus information. This information

appears in some older error and alert
messages but is no longer used.
ALERT
Generates the alert.
NMID
Displays the alert nmID in the alert message.
ALL
Enables or disables the LOG, CONSOLE,

EVERYONE, and BELL commands at the
same time.
Using ALERT
Use ALERT to stop the logging of less important alerts or to prevent the
repeated display of alerts you dont want to see on the server console.
You can specify one command parameter at a time. Repeat the ALERT
command to execute additional command parameters. (The exception is
the ALL command, which lets you set the LOG, CONSOLE,
EVERYONE and BELL commands at the same time.)
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
15
Manual
99a
38
July 17, 2001
Examples
The following command turns off logging, console display, and the
warning bell for everyone on the network for all 50019 alerts (a server
address change alert):
ALERT 50019 ALL OFF
The following command turns off logging of all 50019 alerts.

ALERT 50019 LOG OFF
ALIAS
Purpose
Use at the server console to define an alias. An alias is a user-defined keyword
that represents a string. (The string can include both spaces and punctuation.)
When you enter the keyword at the command line, the server replaces the
word with the string. The keyword remains in effect until you restart the
server.
WARNING: If you are associating a keyword with a command string, make sure
that you do not inadvertently leave out the keyword. If you do leave out the
keyword, the first word in the command string becomes the keyword. If you then try
to execute the command, the server will interpret it as a keyword, not as a
command.
For example, if you enter ALIAS LOAD INSTALL, LOAD becomes a keyword for
INSTALL. If you then try to execute a LOAD command, the server displays a
message saying that INSTALL has been replaced by NWCONFIG.
Syntax
ALIAS [keyword[text]]
16
Parameter
Use to
(no parameter)
Display all defined aliases and the text they

represent.
keyword and text
Assign the keyword to the text.
keyword
Delete the keyword as an alias for the text.
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Using ALIAS
Define an alias to reduce keystrokes or to avoid having to remember
arguments in a long command string.
Examples
In the following example, ALIAS associates the keyword proto with a
command to bind a protocol.
ALIAS PROTO BIND IPX NE3200 NET=12345678
To use the keyword, enter the alias at the server console prompt, instead of the
BIND command:
PROTO
Executing ALIAS with no parameter displays a list of defined aliases, similar

to the following:
1. PROTO alias for <BIND IPX NE3200 NET=12345678>
2. M alias for <MODULES>
To revoke the keyword proto as an alias, you would enter the following at the
ALIAS PROTO
ARASCON
Purpose
Configure AppleTalk* Remote Access Service (ARAS) options. You can use
this utility by loading NIASCFG and following this path:
Select Configure NIAS > Remote Access > Configure Service > ARAS
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
17
Manual
99a
38
July 17, 2001
ATCON
Purpose
Use at the server console to
Monitor the activity of AppleTalk* network segments
Examine the configuration of the local AppleTalk router
Diagnose operational problems in network segments that support
AppleTalk
Verify the connectivity of an AppleTalk router to the rest of the
internetwork
Monitor the status of AppleTalk Update-based Routing Protocol (AURP)
Syntax
[LOAD] ATCON
Using ATCON
When you load ATCON, an Available Actions menu appears. You access
ATCON features from this menu. Menu options are shown in the following
table.
ATCON Menu Options
18
Option
Use to
AURP Information
View the status of the Internetwork Protocol

(IP) Tunnel for AURP and its peers. (Available
only if AURP is enabled.)
Interfaces
View addressing information about interfaces

directly connected to the AppleTalk router.
Log Files
Set logging levels for AppleTalk messages.

View NetWare system log and volume log
files.
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Option
Use to
Lookup Network Entities
Query for services available on the AppleTalk

network.
Packet Statistics
View statistics maintained by the AppleTalk

router.
Protocol Configuration
View the configuration of the AppleTalk

protocol stack. This is a read-only screen.
Routing Table
View the AppleTalk routers Routing Table

Maintenance Protocol (RTMP) table. This table
lists all destinations the AppleTalk router can
reach.
Zones List
View the list of zones known to this AppleTalk

router. This list should be identical to the one
displayed by the Macintosh* Chooser.
ATMCON
Purpose
To verify the configuration of the AppleTalk* router and the connectivity to
the rest of the AppleTalk internetwork.
BIND
Purpose
Use at the server console to link a communication protocol to a network
board and its LAN driver. Unless you link the protocol to the board, the
board cant process packets.
You can also use INETCFG to link the network boards and their LAN
drivers to the communication protocols.
NOTE: Before you bind a protocol to a network board and LAN driver, you must
install the network board and load the LAN driver.
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
19
Manual
99a
38
July 17, 2001
Syntax
BIND protocol [TO] lan driver | board name [driver
parameter...] [protocol parameter...]
Bind Parameters
Parameter
Use to
protocol
Specify the communication protocol.
lan driver | board name
Specify either the LAN driver name or the

network board name.
driver parameter
Identify a particular network board.

If you specified a network board name, you do
not need to specify driver parameters.
If you specified a LAN driver and your server
has more than one instance of the LAN driver
loaded, use a driver parameter to specify the
particular board the driver is running.
For a list of valid driver parameters, see Driver
protocol parameter
20
Specify the protocol parameters required for

the protocol you are binding. See Protocol
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Driver Parameters
Depending on your system, one or more of the following parameters can be

used to identify a particular board.
Parameter
Use to
DMA=number
Specify the DMA channel for the board. Use

the same channel number you did when you
loaded the driver.
FRAME=number
Specify the frame type for the board. Use the

same type you did when you loaded the driver.
INT=number
Specify the interrupt number for the board. Use

the same interrupt number you did when you
loaded the driver.
MEM=number
Specify the memory address for the board. Use

the same memory address you did when you
loaded the driver.
PORT=number
Specify the I/O port for the board. Use the

same I/O port number you did when you
loaded the driver.
SLOT=number
Specify the network board by the lot it was

installed in. Use this parameter with
microchannel and EISA computers. Specify
the same slot number you used when you
loaded the driver.
NODE=number
Specify the node address for the board. This is

a 12-digit hexadecimal number.
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
21
Manual
99a
38
July 17, 2001
Protocol Parameters
Protocol/Parameter
Use to
For IPX protocol:
Specify the IPXTM external network number.

This is the number of the cabling system
attached to the board.
NET=number
If the board is attached to an existing cabling

system, use the same IPX external network
number as used by other boards of the same
frame type attached to this cabling system. Do
not use the same number that was used by
boards of a different frame type.
If the board is attached to a new cabling
system or if it is the first board of its frame type
attached to the cabling system, you can enter
any hexadecimal number of up to eight digits,
as long as the number is different from all other
network numbers.
Remember that all boards of the same frame
type attached to the same cabling system must
use the same IPX external network number for
that cabling system.
For other protocols:
Refer to the documentation
that comes with the protocol.
Or, consult the Novell
Support ConnectionTM Web
site (http://
support.novell.com) or your
Novell Authorized
ResellerSM representative.
Specify the information required by the

particular protocol.
Using BIND
You may not need to use the BIND command unless you want to add new
LAN drivers after the initial server installation.
You can also use INETCFG to load and bind LAN drivers. INETCFG
places the BIND statements in the initsys.cfg file.
If you use only the IPX/SPXTM protocol, you can add the BIND statement
to the AUTOEXEC.NCF file.
22
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Topic
See
Binding a protocol to a driver INETCFG on page 69

Viewing a list of
communication protocols
PROTOCOL on page 141
Loading LAN drivers
LOAD on page 86
CAPITRCE
Purpose
If a problem with a PPP over ISDN connection cannot be traced to the PPP
layer, CAPITRCE can be used to observe and debug negotiation between the
CAPI Manager and its upper and lower layers (the CAPI adaptation layer and
CAPI driver, respectively).
CAPTURE
Purpose
CAPTURE is a command line utility that allows you to print from applications
not designed for NetWare print services. It sets up redirection parameters for
printing output from your workstation; the NetWare DOS RequesterTM
software then redirects the workstation output from an LPT port to the
specified network printer or file.
NOTE: This utility is for use with Novells legacy, queue-based print services.
Novell Distributed Print Services (NDPS) is the default and preferred print
system in NetWare 6. Queue-based printing is fully supported in NetWare 6, which
allows your users to continue printing as they always have until you complete the
transition to NDPS.
For a discussion of NDPS support for legacy printing, see Supporting QueueBased Client Workstations. For information on migrating to NDPS, see Planning
the Migration to Novell Distributed Print Services.
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
23
Manual
99a
38
July 17, 2001
Syntax
CAPTURE [P=printername | Q=queuename] [L=1|LPT1] [options]
Topic
See
Using CAPTURE
Setting Up CAPTURE for Applications Not

Designed for Network Printing (http://
www.novell.com/documentation/lg/nw51/
printenu/data/hzm3nqx9.html)
CDROM
Purpose
Use at the server console to allow a CD-ROM disk to function as a Novell
Storage ServicesTM (NSS) volume. Your NSSTM volume will mount
immediately.
This version of CDROM replaces the version used in previous NetWare
releases. (The previous version of CDROM is now named CDINST.NLM and
should be used only for NetWare 5 installation.)
The NetWare 6 version of CDROM is a simple NetWare module that loads the
following:
NSS
CD9660.NSS
CDHFS.NSS
Syntax
[LOAD] CDROM
You can load NSS, CD9660.NSS, or CDHFS.NSS separately if preferred.

You can use CDINST.NLM as long as CD9660.NSS or CDHFS.NSS are not
loaded at the same time.
24
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Using CDROM
IMPORTANT: Use CD-ROM as a read-only NSS volume. Dont enable block
suballocation or use file compression on the volume.
CDROM wont load unless you have loaded the NWPA.DSK NPA driver
(an I/O device-independent driver that interfaces with the Media
Manager).
CDROM autoloads the NSS modules.
NSS supports CD-ROM volumes mounted with the Macintosh* and ISO
9660 name spaces.
CD9660.NSS supports High Sierra and ISO 9660 formats. The HFS
(Apple*) file system is supported by CDHFS.NSS. To enable HFS
support, load CDROM or CDHFS.NSS.
Topic
See
NSS volumes
Other Volumes That NSS Creates in the NSS

section of the NetWare 6 online documentation
CHARSET
Purpose
Use at the server console to change the code page currently used by the
NetWare server.
Syntax
CHARSET CPxxx [stay]
Parameter
Use to
(no parameter)
Display available code pages.
CPxxx
Specify the code page you want to use on the

server, where xxx is the code page number.
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
25
Manual
99a
38
July 17, 2001
Parameter
Use to
stay
Leave the CHARSET code in memory. If you

do not use the stay option, CHARSET unloads
itself after it changes the code page.
Using CHARSET
The following code pages are supported for NetWare 6: 437, 737, 850, 852,
855, 857, 860, 861, 863, 865, 866, 869.
Topic
See
Changing code pages
Changing Code Pages
Understanding code pages
Code Pages
Certificate Server
Novell Certificate Server enables the use of public keys cryptography and
public key certificates in an eDirectory-enabled network. Certificate Server
allows you to request, manage, and store public key certificates and their
associated key pairs in the eDirectory tree, and establish and manage an
eDirectory tree certificate authority (CA) that is specific to your eDirectory
tree and to your organization.
Certificate Server also works with most commercial certificate authorities and
with the major certificate authority software.Certificate Server optionally
generates PKCS #10 formatted certificate signing requests (CSR) that can be
used by commercial or external CAs.
Certificate Server consists of a PKI NLMTM and a snap-in module to
ConsoleOneTM. A network administrator uses ConsoleOne as the
administration point for Certificate Server.
Certificate Server uses the cryptography services provided by the Novell
International Cryptography Infastructure (NICI). NICI is a modular
infrastructure that offers replaceable cryptography engines. As such, a single
version of Certificate Server can be used in NetWare installations throughout
26
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
the world. Certificate Server derives all supported cryptography and signature
algorithms, as well as supported key sizes from NICI.
For additional information and procedures, refer to the Help system or to the
Novell Certificate Server Administration Guide.
CLEAR STATION
Purpose
Use at the server console to clear a workstation connection.
WARNING: If you use CLEAR STATION while the workstation is in the middle of
a transaction or a file update, files might be saved with incomplete data.
Syntax
CLEAR STATION {n|all}
Parameter
Use to
Specify the connection number of the

workstation you want to clear from the server.
all
Clear all workstation connections to the server.
Using CLEAR STATION

To determine the connection number, from MONITORs Available
Options, select Connections > Connection Information at the server
console or use NLIST on a workstation.
You can use CLEAR STATION either after a workstation has crashed and
left files open on a server or before you need to bring down the server.
CLEAR STATION closes the workstation files and erases the servers
internal tables for the station, including drive mappings not saved in the
login script.
The communication link between server and station is broken.
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
27
Manual
99a
38
July 17, 2001
Topic
See
Removing server resources

from a workstation
Clearing a Workstation Connection
Clearing a workstation
connection from a client that
has Auto Restart enabled
Clearing a Connection That Uses Auto

Reconnect
CLIB
Purpose
The functionality of earlier versions of CLIB has been incorporated into a
server library of C functions. The server library provides an ANSI-compliant
runtime interface for other NetWare Loadable ModuleTM (NLMTM)
programs. You cannot load the server library manually because it is
autoloaded by the server operating system. The server library includes the
following NLM programs, of which clib.nlm is one:
fpsm.nlmA library of functions providing floating-point support for
NLM programs
threads.nlmA library of functions that constitute the NetWare threads
package
requestr.nlmA library of functions that make up the NetWare
requester
nlmlib.nlmA library of functions that provide basic runtime support
for NLM programs, including POSIX-mandated functionality
nit.nlmA library of NetWare interface tools needed by some NLM
programs
clib.nlmThe standard C runtime library containing ANSI-mandated
functions
lib0.nlmThe message library, containing system and error messages
for most of the other server library NLM programs
28
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Using CLIB
CLIB and the other modules of the server library are autoloaded by the server
operating system.
CLS
Purpose
Use at the server console to clear the console screen and move the console
prompt to the top of the screen.
Syntax
CLS
CONFIG
Purpose
Use at the server console to view the following:
NetWare server name, internal network number (server ID), server up
time, and loaded LAN drivers
Driver version numbers, hardware settings, node (station) addresses,
external network number of the cabling scheme, board name, frame type,
and networking protocol for each network board
The servers eDirectory tree and bindery context
Syntax
CONFIG
Using CONFIG
Before installing memory boards, network boards, or host bus adapters,
execute CONFIG to see a list of hardware settings already in use by LAN
drivers.
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
29
Manual
99a
38
July 17, 2001
On some systems, CONFIG may also display information about NetWare

Loadable ModuleTM (NLMTM) programs. The kind and amount of NLM
information depends on the system.
The following is an example of server information that CONFIG returns.
IPX internal network number: 0F42DB87
Server Up Time: 15 Days 17 Hours 7 Minutes 6 Seconds
Novell NE2000
Version 3.65a
December 22, 1997
Hardware setting: I/O ports 300h to 31Fh,
Interrupt 3h
Node address: 00001B2709AF
Frame type: ETHERNET_802.2
Board name: NE2000_1_E82
LAN protocol: IPX network 01010340
Novell NE2000
Version 3.65a December 22, 1997
Hardware setting: I/O ports 300h to 31Fh,
Interrupt 3h
Node address: 00001B2709AF
Frame type: ETHERNET_II
Board name: NE2000_1_EII
LAN protocol: ARP
LAN protocol: IP address 123.45.678.910
mask FF.FF.FF.0 interfaces 1
mask FF.FF.FF.0
interfaces 1
Tree Name: DS_JSBACH
Bindery Context(s):
.novell
Topic
See
Loadable modules
MODULES on page 101

MONITOR on page 103
30
Configuration information
for storage device drivers
MONITOR on page 103
Servers external network

numbers
DISPLAY NETWORKS on page 45
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
CONLOG
Purpose
Capture all console messages generated at the server while CONLOG is
loaded. This includes system messages, eDirectory messages, the console
output of all commands executed, and messages that announce
RCONSOLE connections and disconnections.
Write the messages to the default sys:\etc\console.log file (or to another
file of your choice).
View console messages for useful information although they scroll too
quickly to read.
Reveal errors that might occur during system initialization.
Syntax
[LOAD] CONLOG [FILE=log filename] [SAVE=backup filename]
[ARCHIVE=YES] [ENTIRE=YES] [MAXIMUM=max file size]
[NEXT=hh:mm:ss] | HELP
HINT: Do not include a space before or after the equals sign (=).
Parameter
Use to
HELP
View a description of each CONLOG

command option. You can load CONLOG
using any combination of these options.
FILE=log filename
Specify the log file you want to use if you dont

want CONLOG to write to the default log file
sys:\etc\console.log.
Note: You can change the name of the log file
and store it in another directory. However, most
configuration files are in the sys:\etc.
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
31
Manual
99a
38
July 17, 2001
Parameter
Use to
SAVE=backup file name
Specify the filename in which you want to save

the preexisting console log.
By default, when you load CONLOG or when
the console log file reaches its maximum size,
the server deletes the existing console log file
and creates a new file in its place.
This parameter also enables autoexec.ncf to
load CONLOG without overwriting the previous
console log. Use this parameter at the
command line or in autoexec.ncf if you want to
examine the old console log for
troubleshooting purposes.
The backup file is in turn overwritten when a
preexisting console log is saved just before it is
replaced with a new file.
ARCHIVE=YES
Archive up to 1000 console log files on your

NetWare server.
The first time you load CONLOG with this
option, the server saves the existing console
log file as the console.000 file.
Then each time you load the CONLOG utility
with the ARCHIVE option (or each time the
console log file reaches its maximum when
when CONLOG is loaded with the ARCHIVE
option), the server increments the extension of
the archive file by 1console.001,
console.002, etc.
ENTIRE=YES
Capture the lines already on the screen at the

time CONLOG is loaded.
Without this parameter, CONLOG starts
logging with the next output to the console after
it is loaded.
32
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
MAXIMUM=max file size
Specify the maximum size, in kilobytes, of the

log file.
If the log file exceeds the max file size, it is
deletedor renamed if backup filename was
specified. In either case, logging starts over
with an empty log file.
Important: If a maximum file size is not
specified, there is no limit.
NEXT=hh:mm:ss
Specify the time of day (24-hour clock) with

hour, minutes, and seconds when the server
archives the existing console log and creates a
new file.
This option allows you to know the beginning
time of a backup file or an archive file.
Use this option with SAVE or ARCHIVE.
Using CONLOG
You can view the console log from a workstation with any text editor. Any
logged-in user with the Read right to the sys:\etc directory can view console
log files in this way.
To view the console log file from the server console, use the VIEW utility or
the INETCFG utility.
Console messages can reveal errors that occur during system
initialization.
The command LOAD CONLOG is typically added to the autoexec.ncf
file, as in the following example:
FILE SERVER NAME NETW5_SVR
IPX INTERNAL NET C92556E
LOAD CONLOG
LOAD REMOTE
LOAD RSPX
Where you place the LOAD CONLOG command in autoexec.ncf

determines which console messages the server saves in the console log
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
33
Manual
99a
38
July 17, 2001
file. To record as many console messages as possible, place the LOAD

CONLOG command near the beginning (immediately after the FILE
SERVER NAME, as above). Use EDIT or NWCONFIG to modify the
AUTOEXEC.NCF file.
Examples
To start capturing console messages during system initialization, enter
[LOAD] CONLOG
To load CONLOG but save the current log file as clog.bak and limit the
size of console.log to 100 KB, enter
[LOAD] CONLOG SAVE=CLOG.BAK MAXIMUM=100
To load CONLOG, limit the size of console.log to 200 KB, and schedule
existing console log files for daily archiving at 6:00 a.m., enter
[LOAD] CONLOG MAXIMUM=200 ARCHIVE=YES NEXT=06:00:00
To stop capturing console messages, enter

UNLOAD CONLOG
Topic
See
View console log file
VIEW on page 278

INETCFG on page 69
Edit autoexec.ncf file
34
Using Server Batch Files
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
ConsoleOne
Purpose
Use at a Windows* workstation or a NetWare server to manage your network
and its resources. By default, ConsoleOneTM lets you manage:
eDirectoryTM objects, rights, and schema
NetWare file system resources
If you install other Novell products, additional functionality might be added
to ConsoleOne. For example, if you install NDS 8 or later, LDAP
management functionality is added.
ConsoleOne is designed like a file manager utility: in the left window pane
you browse containers, and in the right window pane you work with the
resources in those containers.
Starting ConsoleOne
To start ConsoleOne on a NetWare server, do either of the following:
On the servertop (server GUI), click Novell > ConsoleOne.
At the system console prompt, type C1START.
To start ConsoleOne on a workstation (Windows 95, 98 or NT*/2000),
1 Map a drive to the SYS: volume of a NetWare server.
2 On the mapped drive, go to PUBLIC\MGMT\CONSOLEONE\1.2\BIN,
and then run CONSOLEONE.EXE.
Topic
See
Why Use ConsoleOne?
ConsoleOne User Guide (http://

www.novell.com/documentation/lg/
consol13/index.html)
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
35
Manual
99a
38
July 17, 2001
CPUCHECK
Purpose
Use CPUCHECK at the server console to display per-processor information,
including processor number, processor clock speed (MHz), processor ID,
processor version and subversion, amount of L1 and L2 cache memory, and
current revision number.
Syntax
CPUCHECK [processor_number...]
Using CPUCHECK
When you run CPUCHECK, the output for a uniprocessor server is similar to
the following:
Processor Speed 199 MHZ, CPUID 619:FBFF
Family 6, Model 1, Stepping 9
L1 cache: 16K Bytes, L2 cache: 256K Bytes
Current Revision: D1
To verify information for a particular processor, specify the processor number.
36
Topic
See
Display information on
processors
DISPLAY PROCESSORS on page 46
Check processors clock

speed
SPEED on page 250
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
CX
Purpose
Use at a workstation to view or change your eDirectoryTM context, or to view
containers and leaf objects in your eDirectory tree structure.
Syntax
CX [new context] [/option...] [/? | /VER]
Parameter
Use to
(no parameter)
View the current context.
new context
Move to a new context or specify the context

you want for an option.
/option
Replace option with any available option. See

CX Options on page 38.
/?
View online help. All other parameters are

ignored when /? is used.
/VER
View the version number of the utility and the

list of files it uses to execute. All other
parameters are ignored when /VER is used.
Using CX
CX is similar to the DOS CD and DIR commands in that CX allows you
to change contexts and view all objects below a given container.
CX doesnt recognize spaces in object names. If you have spaces in
container names, put quotation marks around the names or use
underscores (_) in place of the spaces.
For example, for container CORPORATE ADMIN, type Corporate
Admin or Corporate_Admin.
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
37
Manual
99a
38
July 17, 2001
CX Options
Option
Use to
/R
List containers at the root level, or change

context in relation to the root.
/T
List containers below the current context or a

specified context in a tree structure.
/CONT
List containers at the current context or a

specified context in a vertical list with no
structure.
/A
Include all objects at or below the context. Use

with /T or /CONT.
/C
Scroll continuously through output.
Examples
To see your context in eDirectory before logging in, type
CX
To set a new context from the root

Place a period in front of the new context you type, or
Enter the proper number of trailing periods to reach the root level, or
Use the /R option.
To back up one level in the eDirectory tree, type
CX .
(You must put a space between the command and the trailing period.)
To go down two levels from PROVO.NOVELL to
SYSTEM.ENGINEERING. PROVO.NOVELL, type
CX SYSTEM.ENGINEERING
To change your current context from TESTING. PROVO.NOVELL.US

to SYSTEM.MARKETING. PROVO.NOVELL.US, type
CX .SYSTEM.MARKETING.PROVO.NOVELL.US
or
CX SYSTEM.MARKETING.
38
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
To change to the root when your context is TEST.PROVO.NOVELL,

type
CX . . .
or
CX /R
To change the complete context from TESTING. PROVO.NOVELL to

TESTING.PARIS.NOVELL, type
CX .TESTING.PARIS.NOVELL
To show all containers in the current context, type

CX /CONT
To show all containers in the context SALES.NOVELL in a tree structure,

type
CX .SALES.NOVELL /T
To show all containers and leaf objects in the current context in a tree
structure, type
CX /T /A
DISABLE LOGIN
Purpose
Use at the server console to prevent users from logging in.
Syntax
DISABLE LOGIN
Using DISABLE LOGIN

Use this command to prevent users from logging in when you are making
repairs, backing up files, or loading software.
Users already logged in arent affected. However, a user who logs out
cant log in again until you execute ENABLE LOGIN. See ENABLE
LOGIN on page 56.
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
39
Manual
99a
38
July 17, 2001
DISMOUNT
Purpose
Use at the server console to make a volume unavailable to users.
Syntax
DISMOUNT volume_name
Parameter
Use to
volume_name

dismount.
Using DISMOUNT
DISMOUNT allows you to maintain or repair a volume and to upgrade
disk drivers while the NetWare server is up.
Use this command to dismount all volumes residing on a removable drive
before you remove the drive.
If you are running out of memory and cant add more RAM, consider
dismounting a volume that isnt used often.
Mounted volumes take up memory allocated for file caching and thus
affect server performance.
You can also use NWCONFIG to dismount a volume.
40
Topic
See
Dismounting a volume
Dismounting a Traditional Volume or Creating

a Logical Volume.
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
DISPLAY ENVIRONMENT
Purpose
Use at the server console to display current search paths and current values of
the settable server parameters, along with their default values and range of
valid values.
If you use a color monitor as your console, the parameter name appears in
white and its current value in yellow.
NOTE: DISPLAY ENVIRONMENT displays only settable server parameters that
are not marked as hidden.
Syntax
DISPLAY ENVIRONMENT
Using DISPLAY ENVIRONMENT

DISPLAY ENVIRONMENT lists the servers current search paths first and
then the settable server parameters follow.
The following example illustrates a sample of the command display. Note that
the sample begins with the Communications Parameters, just as SET and
MONITOR do.
PATH=\\BREMEN\SYS\SYSTEM\;C:\NWSERVER;\\BREMEN\SYS\JAVA\BIN\
;\\BREMEN \SYS\JAVA\NWGFX\;
SPX Maximum Window Size: 0
TCP Defend Land Attacks: ON
TCP Defend SYN Attacks: OFF
IP Wan Client Validation: OFF
Allow IP Address Duplicates: OFF
IPX Router Broadcast Delay: 0
Reply To Get Nearest Server: ON
IPX NetBIOS Replication Option: 2
Use Old Watchdog Packet Type: OFF
Number of Watchdog Packets: 10
Delay Between Watchdog Packets: 59.3 seconds
Delay Before First Watchdog Packet: 4 minutes
Console Display Watchdog Logouts: OFF
Maximum Packet Receive Buffers: 500
Minimum Packet Receive Buffers: 128
Maximum Physical Receive Packet Size: 4224
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
41
Manual
99a
38
July 17, 2001
New Packet Receive Buffer Wait Time: 0.1 seconds

IPX CMD Mode Routing: OFF
Load Balance Local LAN: OFF
Garbage Collection Interval: 5 minutes
Alloc Memory Check Flag: OFF
Reserved Buffers Below 16 Meg: 300
Read Ahead Enabled: ON
Read Ahead LRU Sitting Time Threshold: 10 seconds
Minimum File Cache Buffers: 20
Maximum Concurrent Disk Cache Writes: 4000
Dirty Disk Cache Delay Time: 0.1 seconds
Topic
See
List server parameters

DISPLAY MODIFIED ENVIRONMENT on
settings that have been
page 44
modified from default values
Restore server parameter
settings to their default
values
RESET ENVIRONMENT on page 162
Descriptions of settable
server parameters
SET on page 186
Print server parameter

settings to a file
Printing Current Parameter Values to a File
DISPLAY INTERRUPTS
Purpose
Use to display currently assigned hardware interrupts, interrupt handlers (also
called Interrupt Service Routines or ISRs), and interrupt statistics.
Syntax
DISPLAY INTERRUPTS [option]
42
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Option
Use to
(no option)
Display interrupts currently in use.
n ...
Display one or more interrupts by number.
ALL
Display all interrupts.
PROC
Display per-processor interrupt information.
ALLOC
Display allocated interrupts.
REAL
Display interrupts that occurred while the OS

was in real mode and that were then reflected
back to protected mode to be serviced.
Using DISPLAY INTERRUPTS

When a processor is taken offline or when an interrupt handler (ISR) is
removed, the detailed statistics pertaining to that processor or interrupt
handler are, by default, removed from memory.
To retain per-processor interrupt handler statistics for offline processors or to
retain the total interrupt contribution from a previously loaded handler, change
the SET parameter Set Auto Clear Interrupt Statistics to OFF.
Examples
To display interrupts currently in use, enter DISPLAY INTERRUPTS with no
options. The display is similar to the following sample:
Total Interrupt Count For All Processors: 940208
Interrupt 0: OS Allocated Bus Interrupt 292828

Interrupt Handler: Timer 0 Interrupt Handler
Interrupt Handler: Keyboard Interrupt Handler 375
Interrupt Handler: E100B Hardware ISR 94829
Interrupt Handler: NPA Environment 30691
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
43
Manual
99a
38
July 17, 2001

Interrupt Handler: PS/2 Mouse Port Interrupt 1299
Interrupt 39: MPS14.PSM Allocated Local Interrupt 0
Interrupt Handler: APIC Spurious Interrupt Handler
Topic
See
Registered system interrupts and

interrupt information
MONITOR Available Options >

Kernel > Interrupts

Purpose
Use at the server console to display all server parameter settings that have
been modified from default values.
Syntax
Using DISPLAY MODIFIED ENVIRONMENT

DISPLAY MODIFIED ENVIRONMENT displays the current values of the
server parameter settings that have been modified from their default values.
Default values are also displayed. When parameter values are changed, the
new values are persistent.
The following example shows a portion of the command display:
Maximum Concurrent Disk Cache Writes:
Current Setting: 4000
Default Setting: 200
Dirty Disk Cache Delay Time:
Current Setting: 0.1 seconds
Default Setting: 3.3 seconds
44
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Auto Restart After Abend:

Current Setting: 0
Default Setting: 1
Default Tree Name:
Current Setting: DT_BREMEN
Default Setting:
Topic
See
List server parameters and

display their current settings
with defaults and limits
DISPLAY ENVIRONMENT on page 41
Restore server parameter

settings to their default
values
RESET ENVIRONMENT on page 162
Print server parameter

settings to a file
DISPLAY NETWORKS
Purpose
Use at the server console to list all networks and assigned network numbers
that the NetWare servers internal router recognizes.
Syntax
DISPLAY NETWORKS
Using DISPLAY NETWORKS

DISPLAY NETWORKS lists the IPXTM external network numbers of
networks recognized by this server. The following example illustrates a
portion of the command display:
0000000D 2/3
00000016 5/11
00000070 5/11
00000097 6/12
000000ED 5/6
000000F1 3/3
000000FF 2/2
00000101 6/11
00000111 5/11
000003E8 5/11
00000456 6/12
00000666 5/17
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
45
Manual
99a
38
July 17, 2001
Each address is followed by two numbers separated by a slash.

The first number is the number of routing hops between your server and
the network at that address.
The second number is the number of ticks (1/18th of a second) required
to send a packet to that address.
Topic
See
Listing servers on the

network
DISPLAY SERVERS on page 48
DISPLAY PROCESSORS
Purpose
Use at the server console to display the status of all processors installed in the
server computer and available to the NetWare operating system.
Syntax
DISPLAY PROCESSORS [ n ...]
Parameter
Use to
(no parameter)
Display online or offline status of all

processors.
n ...
Specify the number of the processor for which

you want to display status.
By using spaces to separate processor
numbers, you can display the status of more
than one specific processor.
46
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Using DISPLAY PROCESSORS

DISPLAY PROCESSORS lists the online or offline status of all processors.
The following example illustrates the command display when all four
processors are online:
Processor 0
Processor
Processor
Processor
is ONLINE.
1 is ONLINE.
2 is ONLINE.
3 is ONLINE.
If you have a color monitor for your console, the output appears in green for
online processors and in red for offline processor.
Topic
See
Stopping secondary processors
STOP PROCESSORS on page 257
Starting secondary processors
START PROCESSORS on page

255
Starting processors automatically

when Platform Support Module is
loaded
SET Multiprocessor Parameters on

page 218
Adjust load balancing threshold
SET Multiprocessor Parameters on

page 218
Display per-processor interrupts and

interrupt information
DISPLAY INTERRUPTS on page 42
Display per-processor information
CPUCHECK on page 36
Display per-processor information
MONITOR on page 103

Kernel > Processors
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
47
Manual
99a
July 17, 2001
38
DISPLAY SERVERS
Purpose
Use at the server console to view a list of IPXTM servers and services being
advertised by Service Advertising Protocol (SAP) packets.
Syntax
DISPLAY SERVERS [string]
Parameter
Use to
(no parameter)
Display a list of all servers the IPX internal

router is aware of.
string
Specify the name of the server for which you

want to display information.
The string can include an asterisk (*) as the last
character. In this case, the system displays a
list of all servers the names of which begin with
the string.
For example, DISPLAY SERVERS D* displays
a list of all servers with names beginning with
the letter D.
Using DISPLAY SERVERS

DISPLAY SERVERS lists server address names for services such as
File services
eDirectory
Print services
Storage Management ServicesTM (SMSTM)
Services for Structured Query Language (SQL) servers
The following sample shows the beginning of a typical display:
48
AAA
ACAPULCO
AIRBUS
ANATOL
ASSURE1
ASSURE2
BEAST
BANCROFT
BREMEN
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The number listed after the server name indicates the number of routing
hops between this server and the listed servers. Your server is indicated
by 0 hops
Servers more than 16 hops away arent recognized.
DISPLAY SERVERS also displays eDirectory trees and network
addresses. A server can be displayed many times, once for each service
that it advertises.
For example, a NetWare server running IPX would be listed at least twice
because it would use SAP both for eDirectory and for advertising file
services.
Topic
See
Listing networks
DOWN
Purpose
Use at the server console to execute an orderly shutdown of the NetWare
server before either
Turning off power to the server, or
Rebooting NetWare with new parameters or accessing DOS files
Syntax
DOWN
Using DOWN
DOWN ensures data integrity by writing cache buffers to disk, closing
files, and updating Directory tables and File Allocation Tables.
If you turn off power without using DOWN first, changes held in cache
buffers will be lost.
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
49
Manual
99a
38
July 17, 2001
DOWN executes a shutdown.ncf file if one is present.

For example, although most modules, including those in protected
address spaces, unload automatically when you down or restart the server,
some modules might require that you unload them individually first.
You can unload them manually at the server prompt. Or you can simply
place the UNLOAD commands in a shutdown.ncf file. (Run the
MODULES command to determine address spaces for specific modules.)
Topic
See
Bring down the NetWare

server
Starting and Stopping the Server
Restart the server without

rebooting it
RESTART SERVER on page 166
Creating server batch files
Determine the address

MODULES on page 101
space a module is loaded in
DSDIAG (DS DIAGNOSTICS)

Purpose
Document your current eDirectoryTM configuration
Check the health of your eDirectory tree
Diagnose or pinpoint problems
Syntax
[LOAD] [path]DSDIAG
50
Parameter
Use to
path
Specify the path to DSDIAG.NLM if you moved

it from the default directory of SYS:SYSTEM.
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Topic
See
Using DSDIAG
F1 in the utility
DSMERGE
Purpose
Merge the roots of two separate eDirectoryTM trees
Rename a tree to verify that all servers in the eDirectory tree are
responding properly and have the same tree name
View time synchronization information and display the time server for all
servers in the tree
Syntax
[LOAD][path]DSMERGE
Parameter
Use to
path
Specify the path to DSMERGE.NLM if you

moved it from the default directory of
SYS:SYSTEM.
Things to Consider before Merging Trees

Before merging two trees, make sure that time synchronization is
operating correctly, and that both trees are synchronized. DSMERGE
allows the merge to complete if the time on the source tree is behind 5
minutes of the target tree time, but not ahead of the target tree time.
When merging very wide trees with long subordinate names or many
subordinate names (500 or more), the error -251 OS:
ERR_NO_SUCH_PROPERTY is returned. Rename the objects using
shorter names or reduce the number of subordinates.
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
51
Manual
99a
38
July 17, 2001
When preparing a NetWare 4.1x tree for a merge, use DSREPAIR v4.56
or later to import the schema. Previous versions of DSREPAIR import the
schema for NetWare 6 incorrectly.
Partition synchronization operations generally complete quickly after a
merge, but in some cases can take several hours. Use DSREPAIR to check
synchronization status before performing a merge to ensure that replica
synchronization processes are occurring properly.
If you will merge trees where both your source and target tree contain
Security containers, one of the Security containers must be deleted to
successfully complete the merge. The Security container is located in
[Root] of the eDirectory tree. Deleting the Security container could have
serious consequences for the eDirectory tree Certificate Authority and
Key Material objects. See the Novell Certificate Server Administration
Guide for more information on this issue.
Topic
See
Configuring time
synchronization
Network Time Management Administration

Guide
Using DSMERGE
F1 in the utility
DSREPAIR
Purpose
Use at the server console to repair and correct problems in the eDirectoryTM
database. Such problems might include bad records, schema mismatches, bad
server addresses, and external references. DSREPAIR can also perform
advanced changes to the eDirectory schema.
DSREPAIR
Performs structure checks of the database automatically without closing
the database and without user intervention.
Performs index checks.
52
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Repairs the database without closing the database or locking out users.
Reclaims free space by discarding empty records.
If the server abends, use DSREPAIR to verify the integrity of the eDirectory
database after restarting the server.
Syntax
[LOAD][path]DSREPAIR [-U|-A]
Option
Use to
path
Specify the path to DSREPAIR.NLM if you are

not running it from SYS:SYSTEM.
-U
Perform a full unattended repair and exit

automatically upon completion.
-A
Make advanced (and possibly destructive)

replica and partition options available in the
DSREPAIR menus.
DSREPAIR Options
Unattended Full Repair
An unattended full repair performs all possible repair operations that do not
require your input. This is the suggested means of repair unless you are told
by Novell technical support to perform other operations manually.
The log file is displayed by default when the repair completes. The log file is
a text file named DSREPAIR.LOG, stored in the SYS:SYSTEM directory.
Select this option to determine whether this server has synchronized its clock
with other servers on the network. Since replica synchronization depends on
time stamps, replica synchronization can be delayed until time
synchronization is achieved.
When changing a read/write replica to a master, make sure the time
synchronization on the server is working correctly so the changes will happen
in a timely manner.
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
53
Manual
99a
38
July 17, 2001
NOTE: eDirectory operates on synthetic time if true synchronization has not been
accomplished. Synthetic time is generated when the time stamp on a replica of a
partition is ahead of the actual server time. eDirectory conducts its normal
operations fully on synthetic time, but some partition and replication work can be
delayed until time is synchronized.
If time is not synchronized to the network, server clocks are automatically

adjusted in small increments until synchronization is achieved. In this case, no
user intervention is required.
The Time Synchronization option of DSREPAIR generates a warning
message if synchronization has not completed within twelve hours. In this
case, you should troubleshoot your time server configuration.
Report Synchronization Status
This option gets replica synchronization status from all servers that hold
replicas of the same partitions held on this server. It also reports other
eDirectory errors associated with those servers or replicas. Use this option to
determine whether you need to repair replicas, resolve communications
problems, or initiate some other action.
Error code descriptions are in the Novell Error Code online documentation
(http://www.novell.com/documentation/lg/nwec/docui/index.html).
Repairing Network Addresses
Repair Network Addresses (RNA) checks the network address for every
server in the local eDirectory database files by searching the local SAP tables
if IPX is enabled or by using SLP in an IP-only environment.
Each address is then compared to the NetWare Server objects Network
Address property and the address record in each Replica property of every
partition [ROOT] object. If the addresses are different, they are updated to be
the same.
If the server address is not found in the SAP table or through SLP, no other
repair is performed.
54
Topic
See
Using DSREPAIR
F1 in the utility
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
DTRACE
Purpose
DTRACE is a menu-driven trace utility used with U.S. Robotics* ISDN
Allegra adapter with FXPRI.LAN and FXBRI.LAN ISDN drivers.
EDIT
Purpose
Use at the server console to create or modify a text file on either a DOS or
NetWare partition.
Syntax
[LOAD] [path]EDIT [pathname]
Parameter
Use to
path
Specify the path to edit.nlm if you moved it from

the default directory (C:\nwserver)
pathname
Specify the pathname of the file you want to

edit.
Using EDIT
If you dont enter a pathname when you load EDIT, EDIT displays a
dialog box where you can enter the pathname.
You can also press Insert to display a browse window from which you can
select a file. To see the contents of a volume or directory, highlight the
volume or directory name in the window and press Enter. Use the arrow
keys to scroll up and down the list of files and directories. When the file
you want to edit is highlighted, press Enter to select and display the file.
If the file doesnt exist, EDIT displays a prompt asking if the file should
be created.
When you create a new file, the file can be no larger than 8 KB. Each time
you open the file after that, you can increase the file size by up to 4 KB.
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
55
Manual
99a
38
July 17, 2001
You can use EDIT to view read-only files.

EDIT is particularly useful for creating .ncf batch files that automatically
execute server commands.
Topic
See
Creating and editing text

files on the server
Using EDIT to Create and Edit Text and Batch

Files
ENABLE LOGIN
Purpose
Use this command at the server console prompt to
Reenable the login function after using DISABLE LOGIN.
Enable the supervisor account when the account has been locked by the
intruder detection function. (The supervisor account exists only on
bindery-based servers or on NetWare 4 servers when bindery emulation
is active.)
Syntax
ENABLE LOGIN
Using ENABLE LOGIN

You dont need to use ENABLE LOGIN when you start the NetWare server
or workstation. The login function is enabled during the startup process.
56
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Enhanced SBACKUP
Purpose
Use at the server console to back up and restore Storage Management
ServicesTM (SMSTM) targets such as eDirectory, binderies, the file system, or
hard disks on workstations to media for off-site storage.
Starting Enhanced SBACKUP

Certain prerequisites must be met before loading the backup software. See
Storage Management Services Administration Guide in the NetWare 6 online
documentation.
A series of NetWare modules must be loaded in sequence:
1. Type smdr. This loads the backup submitter so the backup software on
the server can communicate with the TSA.
2. Enter the full context of your user name.
3. Enter the administrator password.
4. Type tsa600. This loads the TSA for NetWare 6.
5. Type smsdi.
6. Type qman. This creates a queue.
7. Type sbsc.
8. Type sbcon. This loads the backup engine.
You can also back up data from a Windows* 95* or Windows NT*
workstation by starting NWBACK32 (SYS:public\nwback32.exe).
Using Enhanced SBACKUP

When you type sbcon, the backup engine loads, and the main menu appears.
Make your selections from this screen. Press F1 for Help.
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
57
Manual
99a
38
July 17, 2001
Topic
See
Storage Management Services

in the Storage Management Services
FILTCFG
Purpose
Use at the server console to set up and configure filters for IPXTM, TCP/IP, and
AppleTalk* protocols.
Syntax
[LOAD] FILTCFG
Using FILTCFG
Filters help you control what kind of information is sent and received by a
router by selectively discarding packets of specified types.
Filters help you to limit specific kinds of traffic to a certain part of your
network, or to provide security.
The NetWare operating system provides the following filter types:
Packet forwarding
Service information
Routing information
58
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The following table shows filtering support for protocols:

Table 1
Protocol
Filtering Support for Protocols

Packet Forwarding Filter
Service Information Filter
Routing Information Filter
IPX
AppleTalk
TCP/IP
Packet Forwarding Filters
Packet forwarding filters restrict access to services by filtering data packets

sent by the restricted location to the service location.
Because these filters dont restrict Service Advertising Protocol (SAP)
packets sent by servers, restricted users might see advertisements of services
even when they cannot access the service.
Although these filters provide the highest level of security of all the filters,
they might affect the performance of the router because the filters are applied
to each data packet the router receives.
Service Information Filters
Service information filters restrict service advertisement on a routers

internetwork.
This type of filtering provides low-level security by preventing users from
finding the network addresses of services.
It also reduces the network bandwidth consumed by periodic service
broadcasts.
Service information filters are of two types:
Service advertisement filters limit the service advertisements sent by a
router for a specified set of services to a specified set of networks.
Service acceptance filters limit the acceptance of service advertisements
received by the router for a specified set of services at a specified set of
networks. (By filtering what a router sees, you are restricting the set of
services that are advertised by the router on any other interface.)
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
59
Manual
99a
38
July 17, 2001
Routing Information Filters
Routing information filters restrict the exchange of routing information

between routers by limiting the routes added to the routing tables of specified
routers.
These filters increase network security by limiting the visibility of specified
networks. They also reduce the bandwidth used by the periodic exchange of
routing information between routers.
Routing information filters are of two types:
Route advertisement
Route acceptance
When you add a routing information filter, an implicit server filter is also
added for all services residing on the filtered networks.
FILER
Purpose
Use at a workstation to manage files and directories. FILER works with the
file system; it doesnt affect eDirectory objects.
Figure 1 on page 61 shows the functions of FILER.
60
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
Figure 1
99a
38
July 17, 2001
FILER Functions
Allows you to:

Modify or view files
Change current directory or
server
Modify, add, or view directories
Modify, add, or view
subdirectories
Modify or view rights for files
and directories
View trustees for files and
directories
Allows you to view files or directories
according to a search pattern.
Allows you to set:

Confirmation defaults when
you modify files
File attributes
Notification if extended
attributes are lost
Allows you to set your current

context, volume object, and new path.
Allows you to view:
Owner
Creation date
Creation time
Volume type
Total kilobytes available
Maximum directory entries
Entries available
Allows you to permanently remove

deleted files from the system.
Allows you to retrieve deleted files

that have not been purged.
FLAG
Purpose
Use at a workstation to
View or modify file and directory attributes to determine which
operations can be performed with the file or directory
Modify the owner of a file or directory
View or modify the search mode of executable files to determine how the
program uses search drives when looking for a file
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
61
Manual
99a
38
July 17, 2001
Syntax
SYS:PUBLIC\FLAG.EXE path [[+ | -] attribute...] [/
option...] [/? | /VER]
Parameter
Use to
(no parameter)
If you type FLAG with no parameters, the

attribute status of all the files in the current
directory appears.
path
Specify the path to the file or directory whose

attributes or search modes you want to modify.
+|-
Add attributes to a file or directory with the +

(plus).
Remove attributes from a file or directory with
the - (minus).
If neither + nor - is used, the attributes will be
assigned to the file/directory as specified.
If you add and remove attributes in the same
command, group all + (plus) attributes together
and all - (minus) attributes together.
attribute
Specify one or more file or directory attributes.

See Directory Attributes on page 64 and File
Attributes on page 64.
/option

General FLAG Options on page 63.
/?

/VER

NOTE: For help with tasks, press F1 in the utility.
62
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Using FLAG
Use FLAG options to add or delete directory and file attributes, as defined
in the preceding parameters table.
For attributes that can be applied to directories, see Directory Attributes
on page 64.
For attributes that can be applied to files, see File Attributes on page 64.
When you add or delete multiple attributes, include a space between
attribute abbreviations.
You cant remove the Execute Only attribute. You must delete the file and
then reinstall it.
You can use wildcard characters.
General FLAG Options
Option
Use to
/NAME | GROUP = name
Change the owner of a file or directory.
/D
View details about a file or directory.
/DO
View or modify only directories in the specified

path.
/FO
View or modify only files in the specified path.
/OWNER=name
View all files or directories owned by a user.
/M=mode
Modify search modes of executable files. See

Search Modes for Executable Files on page
66.
/S
Search the subdirectory in the specified path

and any subdirectories below that level.
/C
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
63
Manual
99a
38
July 17, 2001
Directory Attributes
Option
Use to
ALL
Specify the Di, H, Ic, P, Ri, and Sy attributes as

a group. Primarily used to assign directories
these specific attributes.
Di (Delete Inhibit)
Prevent the directory from being deleted.
Dc (Dont Compress)
Prevent the directory from being compressed

(regardless of what the volume is set to).
Dm (Dont Migrate)
Prevent the directory from being migrated to a

secondary backup system (regardless of what
the volume is set to).
H (Hidden)
Prevent the directory from being seen with a

DOS DIR command.
Ic (Immediate Compress)
Compress the directory as soon as the OS can.
N (Normal)
Specify no attributes.
P (Purge)
Purge the directory immediately when the

directory is deleted.
Ri (Rename Inhibit)
Prevent the directory from being renamed.
Sy (System)
Prevent the directory from being seen with a

DOS DIR command; also to prevent it from
being copied or deleted.
Option
Use to
ALL
Specify the A, Ci, Di, H, Ic, P, Ri, Ro, Sh, Sy

and T attributes as a group. Primarily used to
assign files these specific attributes.
A (Archive needed)
Indicate that the file has been modified since

the last backup.
Ci (Copy Inhibit)
Prevent files from being copied. (Only for MAC

files.)
File Attributes
64
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Option
Use to
Dc (Dont Compress)
Prevent a file from being compressed

(regardless of what the volume or directory is
set to).
Di (Delete Inhibit)
Prevent a file from being deleted or copied

over.
Dm (Dont Migrate)
Prevent a file from being migrated to a

secondary backup system (regardless of what
the volume or directory is set to).
Ds (Dont Suballocate)
Prevent an individual file from being

suballocated, even if suballocation is enabled
for the system. Use on files which are enlarged
or appended to frequently, such as certain
database files.
H (Hidden)
Prevent a filename from being displayed with

the DOS DIR command. The file cant be
copied or deleted.
Ic (Immediate compress)
Compress a file as soon as the OS can.
N (Normal)
Specify the Rw attribute.
P (Purge)
Purge a file immediately if the file is deleted.
Ri (Rename Inhibit)
Prevent a file from being renamed.
Ro (Read Only)
Allow a file to only be read; it cant be written to

or deleted (in other words, Ro includes Ri and
Di).
Rw (Read Write)
Allow a file to be read and written to.
Sh (Shareable)
Allow a file to be used by several users

simultaneously.
Sy (System)
Prevent a filename from being displayed with

the DOS DIR command. It cant be copied or
deleted.
T (Transactional)
Protect a file by using the Transaction Tracking

SystemTM.
X (Execute Only)
Prevent a file from being copied or copied over.

This attribute can be given only to .EXE or
.COM files, and cannot be removed.
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
65
Manual
99a
38
July 17, 2001
Search Modes for Executable Files

IMPORTANT: The syntax is /M=mode. Replace mode with a mode number from
the following table.
66
Mode
Use to
Search for instructions in the NET.CFG file (the

default mode).
Search the path specified in the file. If there is

no path, the file searches the default directory,
and then all search drives.

no path, the file searches only the default
directory.

no path, the file searches the default directory;
then if the open request is read only, the file
searches the search drives.
Reserved; dont use.
First search the path specified and then all

search drives. If there is no path, the file
searches the default directory and then all
search drives.
Reserved; dont use.
First search the path specified. If the open

request is read only, the file searches the
search drives. If there is no path, the file
searches the default directory and then all
search drives.
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Status Flags
NOTE: Status flags show attribute information for a file or directory. You cant
change these flags.

Status
Indicates
Cc (Cant Compress)
The file cant be compressed because of

limited space savings.
Co (Compressed)
The file has been compressed.
M (Migrated)
The file has been migrated.
Examples
To add Rw and Ic and remove Di and A from all files in the current
directory, enter
FLAG *.* +R W Ic -Di A
To view attributes for file STUDENTS in directory

SYS:\COURSE\WINTER, enter
FLAG SYS:\COURSE\WINTER\STUDENTS
To give files in drive G: the Hidden attribute, enter

FLAG G:*.* H /FO
To set the search mode to 7 for all executable files in the current directory,
enter
FLAG *.* /M=7
To set the search mode to 1 and assign all files in the current directory the
Read Write attribute, enter
FLAG *.* RW /M=1
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
67
Manual
99a
38
July 17, 2001
FRCON
Purpose
Use FRCON to view NetWare Link/Frame RelayTM interface configuration
and statistical information.
FRTRACE
Purpose
The Frame Relay Trace utility (FRTRACE) can be used locally at the router
or server console, or remotely from a workstation that is running
RCONSOLE.
HELP
Purpose
Use at the server console to view the syntax, a brief description, and an
example of a console command.
Syntax
HELP [console command] [ALL]
Parameter
Use to
(no parameter)
View a list of all console commands.
console command
Specify the name of the console command you

want to view help for.
ALL
View a short description of each console

command.
Press Enter after each description to view the
next description. Press Esc to exit.
68
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Examples
To view help for LIST DEVICES, type
HELP LIST DEVICES
To view a description of each command, type

HELP ALL
INETCFG
Purpose
Use at the server console to set up and customize your internetworking
configuration for IPXTM, IP, and AppleTalk*.
INETCFG simplifies the process of configuring local area networks (LANs)
to work with network and routing protocols supported by NetWare.
Syntax
[LOAD] INETCFG
Using INETCFG
When you load INETCFG, the Internetworking Configuration menu appears,
as shown in the following figure. You access INETCFG features from this
menu.
Menu options are described in the following table.
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
69
Manual
99a
38
July 17, 2001
Option
Use to
Boards
Select and configure boards. To configure a

board, you select a driver, assign a name to the
board, and specify values for the board
parameters.
Each driver that is compatible with NetWare
has a driver description file, sometimes called
the LDI file. The LDI file defines the parameters
necessary for the driver to operate with the
board you select. It also specifies the valid
range of values for each parameter.
If a driver has an LDI file, the parameters are
presented in the Board Configuration window;
you simply select a value for each parameter.
If a driver has no LDI file, you must enter the
values yourself in the Board Parameters field.
Network Interfaces
Applies only to wide area network (WAN)

configurations for multiple interface WAN
boards. (NetWare does not support WANs.)
WAN Call Directory
Applies only to WAN configurations. (NetWare

does not support WANs.)
Protocols
Select and configure network protocols. To

configure a protocol, you select the protocol,
such as IPX or IP, and configure the protocolspecific parameters that pertain to routing,
packet forwarding, etc.
Bindings
Bind a network protocol to an interface.

Configure protocol and interface-specific
parameters, such as frame type, network
number (for IPX), local IP address (for IP),
and zone information (for AppleTalk).
Delete a bound interface from the
configuration.
Manage Configuration
70
Specify Simple Network Management Protocol

(SNMP) information, such as the SNMP device
name, hardware description, physical location,
and human contact for the server or router.
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Option
Use to
View Configuration
View the INETCFG configuration

information file and the console messages
captured during system initialization
Importorexportconfigurationinformationto
or from a diskette.
INETCFG records information in various configuration (.CFG) files located

in SYS:\ETC. Some of these files are present at system startup; others are
created by INETCFG, depending on what you configure. Here is a partial list
of these files:
AURP.CFG
TCPIP.CGF
IPXSPX.CFG
NLSP.CFG
NETINFO.CFG
WARNING: INETCFG creates these files strictly for its own use; do not delete
them or change their contents.
Topic
See
Capturing console
messages
CONLOG on page 31
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
71
Manual
99a
38
July 17, 2001
INITIALIZE SYSTEM
Purpose
Use at the server console to enable the multiprotocol router configuration by
executing all commands in the system NETINFO.CFG file.
Syntax
INITIALIZE SYSTEM
Using INITIALIZE SYSTEM

This command is typically executed from the INITSYS.NCF file during
server startup.
WARNING: Executing INITIALIZE SYSTEM on a system that has already been
initialized can generate errors when the system discovers that the commands in
the NETINFO.CFG file have already been executed.
Topic
See
Server startup
SERVER on page 184
INSTALL
In the NetWare 5 release, the INSTALL utility was replaced by the
NWCONFIG utility.
See NWCONFIG on page 135.
72
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
IPXCON
Purpose
Monitor and troubleshoot IPXTM routers and network segments
throughout your IPX internetwork
View the status of an IPX router or network segment
View all paths through which IPX packets can flow
Monitor remote IPX routers that are running NetWare IPX Router
software
Syntax
[LOAD] IPXCON [/P]
Parameter
Use to
/P
View the Link State Packets (LSPs) received

by the router, if the remote router is running
NetWare Link Services ProtocolTM (NLSPTM).
Using IPXCON
When you load IPXCON, the top of the screen displays a summary of routing
statistics for the selected router. (The following figure shows a partial display
of routing statistics.) The bottom of the screen displays an Available Options
menu.
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
73
Manual
99a
38
July 17, 2001
The following table explains the fields in the summary display. Because
IPXCON is a real-time monitor, these fields are always active, and some
values in the fields change as the router processes IPX packets.
Field
Explanation
Host Address
Name of the router being monitored.
Packets Received
Number of IPX packets received by the

selected router.
Packets Sent
Number of IPX packets sent by the selected

router.
Packets Forwarded
Number of IPX packets forwarded by the

selected router.
Circuits
Number of circuits in use on the router.

A circuit is a logical attachment to a network
segment through which a router can reach
other systems. A circuit can be a local or wide
area connection.
Networks
Number of networks known to the selected

router.
Services
Number of services that can be reached from

the selected router.
The Available Options menu allows access to additional features of IPXCON.

These features are described in the following table.
Option
Use to
SNMP Access
Configuration
Select the server you want to monitor.

You can monitor the local system, which is the
default, or a remote system.
You can monitor the remote system through
IPX or TCP/IP.
You can also set the poll interval to specify how
often the information will be retrieved through
SNMP.
74
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Option
Use to
IPX Information
View statistics for the selected routers IPX

packet routing.
To display additional packet routing statistics,
select Detailed IPX Information from the
bottom of the IPX Information window.
IPX Router Information
View general information about the selected

IPX router.
NLSP Information
View the following NLSP information about the

selected router:
System information
Area addresses
Neighbors
Routers
LANs
LSPs
To view the Link State Packets (LSPs) received
by the system, load IPXCON by typing
[LOAD] IPXCON /P
The LSP option is enabled only if the server is
running NLSP.
Circuits
View circuit information.
Forwarding
View the Forwarding table.
Services
View information for the currently reachable

services.
IPXCON uses Simple Network Management Protocol (SNMP) to

exchange management information and operational statistics with remote
IPX routers.
IPXCON operates over both IPX and TCP/IP networks.
To execute IPXCON automatically each time you boot the server, add the
LOAD IPXCON command after the INITSYS.NCF line in your
AUTOEXEC.NCF file.
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
75
Manual
99a
38
July 17, 2001
IPXPING
Purpose
Use at the server console to check connectivity to an IPXTM server on your
internetwork.
Syntax
[LOAD] IPXPING
Using IPXPING
IPXPING sends an IPX ping request packet to an IPX target node (server
or workstation). When the target node receives the request packet, it sends
back a reply packet.
To select an IPX server or workstation, enter its IPX internal network
number and node number.
You can also specify the number of seconds between each request packet
transmission.
To start sending request packets, press Esc. The sending node continues
to send request packets and collect response time statistics until you press
Esc again to exit IPXPING.
Request and reply packets use the same format; each packet contains the
standard IPX header.
To add other nodes, press Insert and select another server.
IPXS
Purpose
Provides IPXTM protocol to NLMTM programs that require STREAMS-based
IPX.
Syntax
[LOAD] [path]IPXS [LDFILE = [path]filename[.ext]]
76
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
path
Specify the path to IPXS.NLM if you moved it

from the default directory.
LDFILE =
[path]\filename[.ext]
(Optional) Specify a filename that contains the

SAP filtering, SAP and RIP timers, and IPX
configuration parameters.
Note: If you dont specify a filename, IPXS sets
the parameters defined in the IPXSPX.CFG
file.
If you dont specify a file extension, the default
is .CFG.
For example, to load an alternate configuration
file, type
[LOAD] IPXS LDFILE = IPXSPX2.CFG
Using IPXS
NOTE: The IPXSPX.CFG file is modified from the INETCFG utility when you set
SPX/IPXTM parameters.
When you load IPXS, STREAMS is autoloaded.

IPXSPX.CFG contains the Service Advertising Protocol (SAP) filtering,
SAP and Router Information Protocol (RIP) timers, and the IPX
configuration defaults.
You can create multiple configuration files in addition to IPXSPX.CFG.
Use this feature if you frequently alternate between two or more IPX/
SPXTM configurations.
To create multiple configuration files, copy the IPXSPX.CFG file to a
new filename (IPXSPX2.CFG, for example). Then you can change the
IPXSPX.CFG file (by using INETCFG) and still preserve the original
configuration in the IPXSPX2.CFG file.
To load a configuration file other than the default IPXSPX.CFG file, use
the LDFILE option.
For example, if you have a second configuration file called
IPXSPX2.CFG, you can load that configuration by typing
[LOAD] IPXS LDFILE = IPXSPX2
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
77
Manual
99a
38
July 17, 2001
Topic
See
Filtering RIP and SAP

packets using SET
SET on page 186
Filtering RIP and SAP

packets using FILTCFG
FILTCFG on page 58
Setting IPX parameters

using SET
SET on page 186
Setting IPX parameters

using INETCFG
INETCFG on page 69
JAVA
Purpose
Load at the server console to start the Novell JVM for NetWare product.
The Novell JVM product is comprised of several NLMTM programs that let the
NetWare server run Java*-based applications and applets, including multithreaded applications and applications that use a graphical interface.
Syntax
[LOAD] JAVA
Using JAVA
You must load the JVM before you can run Java-based applications and
applets on the server and before you can set necessary environment
variables.
Starting the NetWare servertop automatically loads the JVM.
78
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Topic
See
General information about

NetWare Java-based
components
Java-Based Components of NetWare
Using Java on the NetWare

Server
Using Java on the Server
KEYB
Purpose
Use at the server console to change the console keyboard type to the language
of your keyboard.
The language you specify with KEYB must match the language of your
keyboard, not the server language.
IMPORTANT: Changing the keyboard type causes some keys to represent
different characters. Therefore, do not use this command unless you have the
appropriate keyboard for the language you are specifying and you are familiar with
the keyboards use.
Syntax
[LOAD] [path]KEYB [keyboard_type]
Parameter
Use to
(no parameter)
View a list of available keyboard types.
path
Specify the path to keyb.nlm if you moved it

Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
79
Manual
99a
38
July 17, 2001
Parameter
Use to
keyboard_type
Specify one of the following keyboard types:

Belgium
Brazil
Canadian French
Denmark
France
Germany
Italy
Japan
Latin America
Netherlands
Norway
Portugal
Russia
Spain
Sweden
Swiss French
Swiss German
United Kingdom
United States
U.S. International
Using KEYB
To change the keyboard type, unload KEYB and then reload it, specifying the
new keyboard type parameter.
LANGUAGE
Purpose
Use at the server console to set the language for subsequently loaded modules.
NOTE: LANGUAGE does not change the language of the operating system or of
currently loaded modules.
The LANGUAGE command gives the modules access to directories

containing message files in the specified language. This directory structure is
under sys:system as follows:
sys:system\nls\language_number
80
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Syntax
LANGUAGE [language_name | number] [LIST | REN number
new_name]
Parameter
Use to
(no parameter)
View the current language setting for modules.
language_name | number
Specify a language by its name or number.
LIST
Display a list of language names and numbers.

(Not all languages in the list are supported.)
REN number new_name
Rename a language specified by a language

number. The syntax is:
LANGUAGE REN number new_name
Examples
To set a module to use the German message files, type
LANGUAGE GERMAN
or
LANGUAGE 7
To change the name of Spanish to Espanol, type

LANGUAGE REN 14 ESPANOL
To display a list of language names and numbers, type

LANGUAGE LIST
LIST DEVICES
Purpose
Use at the server console to display a list of the storage devices on the server
and to register new devices with the servers Media Manager database.
A device can be a disk drive, magneto-optical disc drive, CD-ROM, or any
other physical device.
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
81
Manual
99a
38
July 17, 2001
Syntax
LIST DEVICES
Using LIST DEVICES

LIST DEVICES forces a scan for devices , displays the return list of storage
devices, and registers any new devices with the Media Manager database. This
command does not simply read the database.
When you are installing new storage devices, you can load drivers with a no
scan parameter, and then run LIST DEVICES so that drivers will find their
devices simultaneously.
The command output is returned by the device drivers. The information for
each storage device includes the device number and name, as well as
additional information that varies by device and by manufacturer.
Following is an example of a device listing:
0x0001:[V023-A0-D0:0] SEAGATE ST31051N rev:0530
0x0002:[V023-A0-D0:1] NEC CD-ROM DRIVE:500 rev:2.5
The hexadecimal integer at the beginning of the line is the devices Media
Manager object ID.
The bracketed numbers comprise the device name that identifies the storage
device, as follows:
Vendor number. A unique number specific to the device vendor
Adapter number. The instance number of an adapter registered with
Media Manager. In the example, A0 identifies the first instance of an
adapter installed in the server.
Device number. The number of the disk or other device.For a SCSI disk,
this is the SCSI ID, usually set by a jumper on the hard disk.
For an IDE disk, this number represents the bus from the IDE controller.
IDE numbers range from D0 through D3, representing the primary,
secondary, tertiary, or quaternary bus.
when more than one device is attached to one bus.
For example, one IDE bus can be attached to two disks, a master and a
slave. LUN 0 represents the master and LUN 1 represents the slave.
82
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
However, because disk manufacturers rarely use the logical unit number
to identify hard disks, the LUN almost always appears as 0.
The drivers version or revision number appears at the end of the line.
Topic
See
Read the Media Manager

database and display a list
of registered storage
devices and controllers
LIST STORAGE ADAPTERS on page 83
Scan for new SCSI devices

and register them with the
Media Manager
SCAN FOR NEW DEVICES on page 177
Scan for all SCSI devices or

a specified SCSI device and
register new devices with
the Media Manager
SCAN ALL on page 176
Storage device drivers
Determine the operating

status of a storage device
Mounting and dismounting a

CD-ROM device

Purpose
Use at the server console prompt to display a list of registered storage adapters
and the devices they drive. The information is read from the Media Manager
database.
Syntax
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
83
Manual
99a
38
July 17, 2001
Examples
Following is an example of a listing of a servers storage adapter and the
associated storage device:
[V025-A0] NOVELL IDE HOST ADAPTER MODULE
[V025-A0-D1: 0] QUANTUM FIREBALL_TM3840a
The first line in the example identifies an IDE disk adapter. The second line
identifies a hard disk operated by that adapter. The second line is indented to
indicate that the device is associated with the adapter in the preceding line.
The bracketed numbers at the beginning of each line comprise the device
name. The device name identifies the adapter or device, as follows:
Vendor number. A unique number specific to the device vendor.
Adapter number. The instance number of an adapter registered with
NWPA. In the example, A0 identifies the first instance of an adapter
installed in the server.
Device number. The number of the disk or other device.For a SCSI disk,
this is the SCSI ID, usually set by a jumper on the hard disk.
For an IDE disk, this number represents the bus from the IDE controller.
IDE numbers range from D0 through D3, representing the primary,
secondary, tertiary, or quaternary bus.
when more than one device is attached to one bus.
For example, one IDE bus can be attached to two disks, a master and a
slave. LUN 0 represents the master and LUN 1 represents the slave.
However, because disk manufacturers rarely use the logical unit number
to identify hard disks, the LUN almost always appears as 0.
84
Topic
See
Scan devices and register

new devices with Media
Manager
LIST DEVICES on page 81

Media Manager
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Topic
See

the Media Manager


CD-ROM device
LIST STORAGE DEVICE BINDINGS

Purpose
Use at the server console to list all Custom Device Modules (CDMs) bound to
a particular device.
Syntax
LIST STORAGE DEVICE BINDINGS number
Parameter
Use to
number
Specify the object number for the device

whose CDMs you want to list.
To find the object number, enter LIST
DEVICES at the console prompt. The object
number is the first number on the left.
This number is displayed with leading zeros,
for example, 0x0001. Do not include the zeros
on the command line; for example:
list storage device bindings 1
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
85
Manual
99a
38
July 17, 2001
Using LIST STORAGE DEVICE BINDINGS

When you execute the command, the screen displays information similar to
the following:
Device: [V312-A0-D0:0] SEAGATE ST32430N rev:0510
Filter: NetWare Elevator Filter
Filter: NetWare Sector Conversion Filter
Base: Novell SCSI Fixed Disk CDM
HAM: [V312-A0] ADAPTEC PCI Host Adapter Module
The first line specifies the device.

The next lines specify the CDMs associated with the device.
Filters are CDMs that communicate with the storage device. The elevator
filter controls messages to and from the storage device, including scattergather messages. The sector conversion filter converts sector sizes to
standard 512 byte units.
The Base is the essential CDM required to manage communication with
the Host Adapter Module.
Information about CDMs for changers (called Enhancers) might also be
displayed.
The last line identifies the Host Adapter Module for the adapter to which the
device is connected.
LOAD
Purpose
Use LOAD to link loadable modules to the operating system. Loadable
modules include disk drivers, LAN drivers, NLMTM programs, platform
support modules, and name space modules.
Use the LOAD command to load application modules to a protected address
space, a region of logical memory in user mode (ring 3). Protected modules
operate in their own execution environment. You can also mark a protected
address space for restart after cleanup.
IMPORTANT: LAN and disk drivers or the MONITOR utility are not candidates for
protected address space because they must run in the kernel. For example,
MONITOR makes system calls that the call gate doesnt allow between protected
space and the kernel.
86
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Use the LOAD command at the server console to load server NLM programs.
You can also use LOAD at a workstation running the Novell ClientTM to load
client modules. Client NLM programs used by Novell Client load without
parameters.
HINT: In most cases you can load an NLM program by simply entering the name
of the NLM program at the server console prompt. LOAD is implied. For example,
to load monitor.nlm, just enter MONITOR.
The exception is if there is an .ncf file of the same name as the utility. In this case,
you must use the LOAD command. Using LOAD tells the server to load the utility
instead of executing an .ncf file with the same name.
The following information explains the loading process and load parameters,
whether or not you actually use LOAD as part of the command string.
Syntax
[LOAD] [PROTECTED | RESTART | address_space_name]
[path]loadable_module_name [parameter...]
Option
Use to
path
Specify the path to the loadable module if you

moved it from the default directory.
loadable_module_name
Specify the name of the loadable module. To

determine the name, see the documentation
for the loadable module.
parameters
Include parameters for the module you are

loading. Parameters that can be used with
most modules are explained in the following
tables.
Individual modules may have specific
parameters of their own; see the
documentation for the loadable module.
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
87
Manual
99a
38
July 17, 2001
Memory Protection Parameters

Parameter
Use to
protected module_name
Load one module into a new protected address

space. By default the space is named
ADDRESS_SPACEn, where n is a number.
If you want to load more than one module into
the same address space, use the address
space parameter instead of the protected
parameter.
restart module_name
Load one module into a new protected space

with restart functionality. By default the space
is named ADDRESS_SPACEn, where n is a
number.
Restart functionality means that if the protected
space abends, the system closes the space,
cleans up its resources, restarts the space, and
reloads modules into it.
address space =
address_space_name
module_name
Load one module into a new protected address

space with a user-defined name. Use this
command when you want to define your own
name for the space and when you want to load
more than one module into the same address
space.
You can specify only one module at a time to
load into the address space, but you can
repeat the command for each module you want
to load into the space.
Using LOAD
When a module is loaded, it links itself to the operating system and
allocates a portion of the computers memory for its use, thus using
system resources. When modules are unloaded, allocated resources are
returned to the system.
Some modules, such as LAN drivers and disk drivers, need to be loaded
every time the server is booted. To load modules automatically when the
server boots, include LOAD commands in the autoexec.ncf or startup.ncf
file. (See Using Server Batch Files.)
88
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Other modules, such as MONITOR, can be loaded, used, and then

unloaded. Refer to the documentation for the specific module.
You can load modules in protected address space. Because NetWare
supports NLM programs running in user mode (ring 3), server-based
network applications, such as GroupWise or Lotus* Notes* can have
their own execution environment.
You can also load shared libraries such as CLIB in more than one space
(point one copy to two places). Multiple instances share code but have
different data. Because each instance of the module must be loaded at the
same logical address in each address space, that place is reserved across
application spaces when you load the shared library in the first address
space.
When you install system and public files on the server, any .nlm and .lan
modules are copied to sys:system. The .ham and .nam modules are copied
to the boot directory of the server.
The installation of LAN drivers can be best accomplished with
NWCONFIG. This means that NWCONFIG can load, bind, and
configure the drivers and add the LOAD command to the autoexec.ncf
file. See Loading and Binding LAN Drivers and NWCONFIG on page
135.
Examples
To load the NE3200TM driver (without parameters), enter
[LOAD] NE3200
To load the NWCONFIG module, enter

[LOAD] NWCONFIG
To load a module called database.nlm in a protected address space, enter

[LOAD] PROTECTED DATABASE.NLM
To load a module in a protected address space and flag the address space
as restartable, enter
[LOAD] RESTART GRPWISE
The PROTECTED option is not necessary if either RESTART or

ADDRESS SPACE are specified on the command line.
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
89
Manual
99a
38
July 17, 2001
Topic
See
Loading disk drivers
Loading LAN drivers
Loading name space

modules
Storing Non-DOS Files on a Traditional Volume
Loading modules
Loading and Unloading NetWare Loadable

Modules
Using protected address

spaces
Loading Protected Address Spaces

Using Protected Address Spaces
Unloading Protected Address Spaces
LOGIN
Purpose
Use at a workstation to access the network by logging in to a server and
running a login script.
Syntax
LOGIN [server_name/ | tree/][user] [/option...][/? | /VER]
90
Parameter
Use to
(no parameter)
Request a login prompt.
server_name/
Specify the server you want to log in to.
tree/
Specify the tree you want to log in to.
user
Specify the username you want to log in with.
/option

LOGIN Options on page 91.
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
/?

/VER

Using LOGIN
Using LOGIN implies use of the LOGOUT command. That is, using
LOGIN to access an additional server logs you out of all other servers.
To remain logged in to other servers, use the no script (/NS) option.
NOTE: Using the /NS option is similar to using the ATTACH command in
NetWare 3.
To use another objects login script, you need the Read property right to
the Login Script property of that object. This login script replaces the
profile script (if one is specified).
To set your context before you log in, either use the CX command or set
your context in the NET.CFG file using the following statement:
name context = complete_name
NOTE: For OS/2* do not use the equals sign or quotation marks.
LOGIN Options
Option
Use to
/NS
Prevent a login script from running and prevent

you from being logged out of other servers you
are logged in to.
/NB
Prevent the Welcome to NetWare banner from

being displayed during the login process.
/S path | object_name
Specify a login script file.

Replace path with the path to the script.
Replace object name with the object whose
script you want to run.
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
91
Manual
99a
38
July 17, 2001
Option
Use to
/B
Specify a bindery login.
/PR=profile_object_name
Specify the Profile object script you want to

run.
/NOSWAP
Prevent LOGIN from swapping to extended or

expanded memory, or to disk.
SWAP=path
Tells login to swap to this path when external

commands are executed. DOS only.
/TREE
Specify that you want to log in to a tree.
Examples
To log in to server PAYROLL as user MARIE without logging out of
other servers you are logged in to, type
LOGIN PAYROLL/MARIE /NS
To log in to tree TERMINAL as user MARIE, type

LOGIN TERMINAL/MARIE /TREE
To log in to the eDirectoryTM tree as user SAM (if current context is set to
SAMs container), type
LOGIN SAM
To log in as user SAM and specify a Profile object to use as a login script,
type
LOGIN SAM /PR=WPGROUP.NOVELL
LOGOUT
Purpose
Use at a workstation to exit the network or to log out of servers.
Syntax
LOGOUT [server_name | /T][/? | /VER]
92
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
(no parameter)
Exit the network by logging out of all servers

and eDirectoryTM.
server_name
Specify the server you want to log out of if you

want to log out of one server but remain logged
in to other servers or to the eDirectory tree.
/option
Replace option with any available option.
/T
Log out of eDirectory and all servers in the

eDirectory tree, but not out of bindery servers
(NetWare 2 and 3 servers).
/?

/VER

Using LOGOUT
You can use wildcard characters in the server name parameter.
Examples
To log out of all servers, type
LOGOUT
To log out of server MARATHON while remaining logged in to other

servers, type
LOGOUT MARATHON
To log out of all servers that begin with TEST, type

LOGOUT TEST*
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
93
Manual
99a
38
July 17, 2001
MAGAZINE
Purpose
Use at the server console in response to the screen prompts Insert Magazine
and Remove Magazine. The screen prompts refer to media magazines
(hardware devices that hold several pieces of media).
Syntax
MAGAZINE [parameter]
Parameter
Use to
Inserted
Confirm that the media magazine was inserted

in response to the Insert Magazine prompt.
Not Inserted
Confirm that the media magazine was not

inserted in response to the Insert Magazine
prompt.
Not Removed
Confirm that the media magazine was not

removed in response to the Remove Magazine
prompt.
Removed
Confirm that the media magazine was

removed in response to the Remove Magazine
prompt.
MAP
Purpose
View drive mappings
Create or change network or search drive mappings
Map a drive to a fake root directory (for applications that must use a root
directory)
94
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Syntax
MAP [P | NP] [option...] drive:= [drive: | path] [/? | /
VER]
Parameter
Use to
(no parameter)
View drive mappings.
Map to a physical volume. Must be listed first or

second.
NP
Overwrite local or search drives without being

prompted. Must be listed first or second.
option

MAP Options on page 96.
drive:
Specify the drive you want to change.
path
Specify the path you want to map a drive to. To

map to a physical volume on a server that is
not your default server, specify the entire path
(including server, volume, and directory name).
For example,
macbeth/sys:account\pay
(server/volume:directory\subdirectory)
/?

/VER

files it uses to execute. All other parameters
are ignored when /VER is used.
Using MAP
If you dont include drive mappings in your login script, they will have to
be manually recreated each time the user logs in.
You can have up to 26 mappings, including local drives.
Search drive mappings begin with the letter Z and continue backward
through the alphabet.
To map a search drive, use S and a number. (See MAP Options on page
96.)
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
95
Manual
99a
38
July 17, 2001
If you dont want to overwrite existing search drives, use the INS option.
To map to the next available search drive, use S16:=.
MAP Options
Option
Use to
Map to a physical volume. Must be listed first or

second.
Np
Overwrite local or search drives without being

prompted. Must be listed first or second.
Change a regular drive to a search drive, or a

search drive to a regular drive.
DEL
Delete a drive mapping.
INS
Insert a search drive mapping without

replacing an existing mapping.
Map the next available drive to the specified

path.
ROOT
Map a drive to a fake root directory for

applications that require rights in a root
directory.
Do not change master environment.
Examples
To view mappings, type
MAP
To map drive G: to SYS:\HOME\JAN on the current server, type

MAP G:=SYS:\HOME\JAN
To extend the mapping for drive G: above to SYS:\HOME\JAN\

PROJECTS, type
MAP G:=PROJECTS
96
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
To map search drive 4 to PRUFROCK (server) SYS (volume) APP

(directory), type
MAP S4:=PRUFROCK/SYS:APP
To change Y: from a regular NetWare drive to a search drive, type

MAP C Y:
To delete the mapping for drive G:, type

MAP DEL G:
To map drive F: to the DOSGAMES volume of the GAMES directory as

a fake root, type
MAP ROOT F:=GAMES\DOSGAMES:
To map the last possible search drive to IZARD (server) SYS (volume)
PUBLIC (directory), type
MAP S16:=IZARD/SYS:PUBLIC
To map the next available drive to Z:\PUBLIC\DOS\APP from

Z:\PUBLIC, type
MAP N DOS\APP
To map the next available drive to MICHEL/SYS:ACCT\

OLD, type
MAP N MICHEL/SYS:ACCT\OLD
To insert COUNT (server) SYS (volume) PUBLIC (directory) as a new

search drive, type
MAP INS S4:=COUNT/SYS:PUBLIC
To map to PUBLIC\RPTS under Volume object

SYS.ACCOUNTING.ACME.US from the root, type
MAP H:=.SYS.ACCOUNTING.ACME.US:PUBLIC\RPTS
Topic
See
Creating login scripts
Network Services Documentation > Desktop

Management Services > Login Scripts >
Setting Up > Creating Login Scripts
Using Directory Map objects Creating a Directory Map Object
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
97
Manual
99a
38
July 17, 2001
MEDIA
Purpose
Use at the server console in response to the screen prompts Insert Media and
Remove Media.
Syntax
MEDIA [parameter]
Parameter
Use to
Inserted
Confirm that the specified media was inserted

in response to the Insert Media prompt.
Not Inserted
Confirm that the specified media was not

inserted in response to the Insert Media
prompt.
Not Removed
Confirm that the specified media was not

removed in response to the Remove Media
prompt.
Removed
Confirm that the specified media was removed

in response to the Remove Media prompt.
MEMORY
Purpose
Use at the server console to display the total amount of installed memory that
the operating system can address.
Syntax
MEMORY
98
Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
About Memory Addressing

On EISA bus computers, NetWare 3.1 and later versions address
memory above 16 MB.
On microchannel and ISA (AT) bus computers, NetWare (all versions)
can address memory only up to 16 MB.
On PCI bus computers, NetWare can address up to 4 GB.
Topic
See
Enabling the operating

system to address memory
above 16 MB
REGISTER MEMORY on page 152.
MEMORY MAP
Purpose
Use at the server console to display the amount of memory (in bytes) allocated
to DOS and to the server.
Syntax
MEMORY MAP
Using MEMORY MAP

MEMORY MAP displays the memory allocated to DOS and to the servers
memory.
Utilities
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
99
Manual
99a
38
July 17, 2001
MIRROR STATUS
Purpose
View the status of mirrored disk partitions
View the percentage of mirrored data on each partition
Syntax
MIRROR STATUS [logical_partition_number]
Parameter
Use to
(no parameter)
View a list of all logical disk partitions with their

mirroring status.
logical_partition_number
Display the partitions mirrored status and the

devices that make up the members of the
mirror group.
Using MIRROR STATUS

The possible status messages are explained in the following table.
Status
Explanation
Being remirrored
Remirroring is in progress; the percent

completed is displayed.
Fully synchronized
The mirrored partitions have the same data.

Remirroring is complete.
Not mirrored
Disk mirroring was not set up for this partition.

It has no mirrored partner.
Orphaned state
A partition has been removed from a mirrored

group, and the volumes on the partition have
not been renamed. These volumes cannot be
mounted unless they are renamed or
remirrored.
HINT: You can restore the orphaned partition
to its mirrored partner with NWCONFIG.
100 Utilities Reference
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Status
Explanation
Out of synchronization
The partition is out of synchronization with its

mirrored partners and for some reason cannot
be resynchronized.
Topic
See
Mirroring disks
MODULES
Purpose
Use at the server console prompt (or at a workstation running Novell
ClientTM software) to display a list of currently loaded modules. For each
module, the command displays the following information:
The module short name or filename
Color coding that indicates the modules functional group
The address space where the module is loaded
The file from which the module was loaded
A descriptive string or long name for each module
The version number if the module is a disk driver, LAN driver, or NLMTM
program
The date on the module file
Copyright information
Syntax
MODULES [string]
Utilities 101
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
(no parameter)
View a list of all loaded modules.
string
Display a list of all modules with names

matching the string.
The string can also contain an asterisk (*) as
the last character. In this case, the system
displays a list of module names where the
names begin with the string.
For example, MODULES D* displays a list of all
modules beginning with the letter D.
Using Modules
If you are using a color monitor, each module name is displayed in a color that
represents the functional group it belongs to.
Cyan (light blue) module name indicates a module loaded by server.exe
Red module name indicates a module loaded from the startup directory
White module name indicates a module loaded from the autoexec.ncf file
Purple module name indicates a module loaded by other modules
The following example illustrates output of the MODULES command:
CDBE.NLM
(Address Space = OS)
Loaded from internal nlm list.
NetWare Configuration DB Engine
Version 5.00 (Build 28)
April 28, 1998
Copyright 1998 Novell, Inc. All rights reserved.
CPUCHECK.NLM
Loaded from internal nlm list.
NetWare Processor Checking Utility
Version 1.00
April 10, 1998
Copyright 1998 Novell, Inc. All rights reserved.

AHA2940.HAM
Adaptec 7800 Family HAM Driver for NetWare v7.00

Version 7.00
April 22, 1998
Copyright 1997 Adaptec, Inc. All rights reserved.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Topic
See
Loadable modules
LOAD on page 86
UNLOAD on page 272
Loading modules
Loading and Unloading NetWare Loadable

Modules
MONITOR
Purpose
View server statistics and activity
Assess server RAM and processor utilization
Set server parameter values
Print server parameter settings to a file
NOTE: The screen saver and the console-locking features have been removed
from MONITOR and incorporated in the SCRSAVER utility.
Syntax
[LOAD] [path] MONITOR
Parameter
Use to
path
Specify the path leading to MONITOR if you

copied it to a directory other than the default
directory.
Using MONITOR
When MONITOR is first loaded, both the General Information window and
the Available Options menu are displayed.
Utilities 103
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The Available Options menu allows you to access additional server

information, statistics, and settings. At some windows, you can also perform
operations.
The General Information window displays many of the key statistics that
MONITOR reports.
The arrow to the left of the vertical line in the Available Options menu
indicates that the menu can be scrolled.
HINT: For explanations of options on MONITOR menus as well as lists and
statistics, you can press press F1 to access MONITORs online help when you are
running MONITOR at the server console.
You can press Tab to expand and activate any information window. You can
press Tab again to toggle back to a list or menu. The active window is always
highlighted in yellow.
After a period of inactivity at the Available Options menu, the General
Information screen expands by default to allow convenient monitoring of
more critical statistics, as shown in the following figure.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The following table describes the fields of General Information.

Field
Explanation
Operating system version and date The version and release date of the system (upper- left corner of the
screen).
Server server name on network
tree name
The name of the server and the eDirectoryTM tree name.
Utilization
Average of the servers total processing capacity that was used

during the last second (default update interval), expressed as a
percentage. The remainder is spent in the idle loop process.
On a uniprocessor server, this value reflects processor utilization.
On a multiprocessor server, this value is the average utilization of all
active processors. For utilization information about individual
processors, select MONITOR Available Options > Kernel >
Processors.
This utilization value will reflect the changes in system configuration
as they occur, such as an NLMTM program being loaded or
unloaded, or a volume being mounted or dismounted.
Utilities 105
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Field
Explanation
Server Up Time
Time elapsed since the server was most recently started.

This value is displayed in the format DD:HH:MM:SS
(days:hours:minutes:seconds).
Use this information to detect power failures or to determine
whether an intruder brought down the server.
Online Processors
The number of enabled and active processors.
Original Cache Buffers
The original size of the cache buffer pool, which is the number of
cache buffers available when the server is booted. All memory not
used to load NetWare (code plus loader) is assigned to the cache
buffer pool. Memory is borrowed from this pool as needed.
The default size of a cache buffer is a 4096-byte memory page.
Total Cache Buffers
The number of cache buffers currently available for file caching after
allocating memory for NetWare. This number decreases as
modules are loaded or memory is allocated in other ways.
A minimum parameter controls when the server cannot continue to
allocate file cache buffers. An alert can be set to report when the
number of cache buffers approaches this limit.
See SET File Caching Parameters on page 237 for a description
of these parameters. You can set these parameter values in
MONITOR Available Options > Server Parameters > File Caching
Parameters. You can also use the SET utility.
The Disk Cache Utilization option provides additional file cache
buffer statistics for assessing RAM.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Field
Explanation
Dirty Cache Buffers
Number of cache buffers that contain updated data that has not yet
been written to disk. The operating system writes the data to disk
either as soon as the cache buffer is filled or else when the Dirty
Disk Cache Delay Time elapses (default 3.3 seconds).
The trade-off is between allowing small writes to wait the delay time
or reducing the delay time and performing two writes. See Improving
Disk Reads and Improving Disk Writes in the NetWare Server Disks
and Storage Devices Guide. Also, see SET File Caching
Parameters for the Traditional File System on page 232 for
description of the parameter that controls the delay time.
If the number of dirty buffers is frequently above 50% of Total Cache
Buffers, install more RAM for cache.
A disk I/O bottleneck may be indicated if the number of dirty buffers
remains constant and the number of Current Disk Requests remains
high. Consider installing a faster hard disk and controller.
Long Term Cache Hits
Cumulative percentage of requests for disk blocks that were already

in cache.
Use this value to assess overall disk cache utilization. If this value
falls below 90%, install more RAM for cache.
Another field to check as you assess RAM is LRU Sitting Time. See
Tuning File Cache in the Server Memory Administation Guide.
Current Disk Requests
Number of pending disk I/O requests that are queued for service.
Use this value as a measure of the system load for the disk channel.
If this number is consistently high, the disk and controller may be too
slow.
If the number of Dirty Cache Buffers exceeds 50% of Total Cache
Buffers and server performance is slow, consider installing faster
hard disks.
Utilities 107
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Field
Explanation
Packet Receive Buffers
Number of buffers that are available to the file system for holding
client requests until they can be processed. Also referred to as
communication buffers. The buffer size is fixed and is determined by
the network board. The server allocates buffers as needed within
minimum and maximum parameter values.
For a description of these parameters, see SET Communications
Parameters on page 192. You can set these parameter values in
MONITOR Available Options > Server Parameters >
Communications Parameters. You can also use the SET utility.
Directory Cache Buffers
The number of buffers available to the file system to cache the most
frequently requested directory entries. The server allocates more
directory cache buffers as needed within minimum and maximum
parameter values.
For a description of these parameters, see SET Directory Caching
Parameters for the Traditional File System on page 235. You can
set these parameter values in MONITOR Available Options >
Server Parameters > Disk Caching Parameters. You can also use
the SET utility.
Maximum Service Processes
Maximum number of processes (threads or task handlers) the

system will allocate to service client NCPTM requests.
The server creates more service processes as needed within
minimum and maximum parameters. Once memory is allocated for
service processes, it remains allocated even when no longer
required. Each service process requires 4 KB of RAM.
For a description of these parameters, see SET Miscellaneous
Parameters on page 210. You can increase the value of Maximum
Service Processes in MONITOR Available Options > Server
Parameters > Miscellaneous Parameters. You can also use the SET
utility.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Field
Explanation
Current Service Processes
Number of threads or task handlers that are currently allocated to

service client NCP requests.
As the number of client requests increases, the server creates more
service processes within minimum and maximum parameters. As
this value approaches the maximum number that can be created,
server performance will be adversely affected. An alert appears
when the maximum number is reached.
For a description of these parameters, see SET Miscellaneous
Parameters on page 210. You can increase the value of Maximum
Service Processes in MONITOR Available Options > Server
Parameters > Miscellaneous Parameters. You can also use the SET
utility.
Current Connections
Number of current active connections. This includes both licensed

and unlicensed connections. Both licensed and unlicensed
connections are considered active connections. A license for a
NetWare network permits a user to connect to as many servers in
an eDirectory tree as needed. An unlicensed connection doesnt
consume a license.
Connection licenses are no longer managed at the server level.
Under Novell Licensing Services (NLS), the licensable entity is a
NetWare network connection rather than a server connection. See
Understanding Novell Licensing Services in the Novell Licensing
You can view a list of active connections from MONITOR Available
Options > Connections. All connections described as licensed or
unlicensed, authenticated or Not Logged-In, are considered active
connections and are tracked by the server
Open Files
Number of files currently being accessed by the server and by other

clients. Certain files, such as the hidden files that support eDirectory,
are always open.
Utilities 109
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The following table explains what information can be accessed through

MONITOR options.
Menu Option
Use to
Connections
List active connections.

Determine connection statuswhether connections are
licensed or unlicensed, authenticated or Not-Logged-In,
or waiting on a lock.
View clients network address, connection time, number
of requests, kilobytes read, kilobytes written,
semaphores used, and number of logical record locks.
Determine whether logged-in user has additional rights
corresponding to bindery Supervisor rights.
Clear UDP and NCP connections before bringing the
server down.
Send a message to one or more client user connections.
HINT: Press F3 to sort the items in the connection list.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Menu Option
Use to
Storage Devices
List system storage devices, including hard disks,

controllers, adapters, media, magazines, changers, and
slots.
View divisions of the medias capacity given to the
operating system, including partitions, Hot FixTM and
Mirror objects.
View dependencies of each object.
View per-device information, such as Media Manager
object ID, device type, disk size and capacity, sector size,
block size per I/O request, and number of sectors, heads,
cylinders.
Determine whether the device is activated, registered
with Media Manager, marked read-inhibit, writable or
write-protected, reserved by an application, or whether it
has associated I/O methods.
Determine the controller number, the device number
(LUN), the adapter number (instance of loaded driver),
driver used in accessing the device, and driver type (such
as NWPA).
Determine the Hot Fix and Mirror status of the NetWare
partition.
Change the Read After Write Verify status of the hard
disk.
Activate/deactivate a hard disk.
Mount/dismount a removable media device.
Lock/unlock a removable media device. (If locked, the
media can be ejected only by using a software switch.)
Utilities 111
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
Menu Option
Use to
Volumes
View per-volume mount status.
July 17, 2001
See which file system is used on each volume.

View per-volume information on loaded name spaces.
View per-volume information on compression status,
suballocation, file migration status, and number of
migrated files.
See whether volume is read-only.
View per-volume information on block size, sectors per
block, total blocks, and number of free blocks, blocks
dedicated to file allocation table, freeable and
nonfreeable blocks in the salvage system.
View per-volume number of blocks dedicated to directory
entry tables, directory entries, and directory entries in
use.
View amount of space allocated to store long names,
name spaces, and cookies that provide the location of
nearline and offline storage.
LAN/WAN Drivers
List LAN driver instances loaded on the server.

View the LAN driver version, logical board number (LAN
driver instance), and the protocols or frame types bound
to it.
View node and network address.
View generic per-driver counters for total packets
transmitted and received, specific types of receive and
transmit failures, adapter resets, and packets queued for
transmission.
View per-driver counters associated with a specific
method of media access control or topology, such as
those for Ethernet, token-ring, or FDDI.
View per-driver custom counters associated with a
particular type of model of network board. (Check the
documentation that comes with the driver.)
For information on each LAN driver counter, see Appendix
A, LAN Driver Statistics, on page 289.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Menu Option
Use to
Loaded Modules
List modules loaded on the system by name.

Recover unused memory pages (garbage collection) per
module.
View major version, minor version, revision number, and
creation date of the module.
View bytes of memory required to load this module (code,
data, and messages).
View amount of memory requested by the NLMTM for its
use in bytes and nodes.
View the modules load flags.
List resources allocated by the module (resource tags).
View resource tag memory usage.
HINT: Press F3 to sort the modules by bytes of allocated
memory or date of creation, in addition to name.

File Open/Lock Activity
Check a files lock activity and status.

View number of client connections using this file, whether
locked, logged, or open.
Determine number of connections opening this file
requesting read access and write access.
Determine number of connections opening this file
requesting that other stations not be allowed to read or
write to the file.
View which clients have open files.
View mounted volumes and directories on each volume.
View files in a directory.
Utilities 113
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Menu Option
Use to
Disk Cache Utilization
View disk cache block request statistics, including total

cache block requests, the number of times a block
request had to wait because there were no available
cache blocks, long and short term cache hits and dirty
cache hits.
Use the Long Term Cache Hits information (the
percentage of time the operating system retrieves the
data it needs directly from cache) to assess cache
utilization. For explanations and guidelines, see
Assessing Server RAM and Tuning File Cache in the
Server Memory Administration Guide.
HINT: For more information on these statistics, press F1 for
help while in this screen.
System Resources
View server memory usage in bytes for the cache buffer

pool, allocated memory in movable and nonmovable
memory pools, code and data memory, and total server
work memory.
View allocated memory information for the entire system
or for one selected system module.
List tracked resource types and determine which
modules use the resource.
List resource tags and associated modules.
Determine a modules use of resource by type, its owning
module, address space, and amount of resource.
Determine resource usage by owning module, address
space, and resource type.
HINT: Press F3 for sort options for Resource Tags.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Menu Option
Use to
Virtual Memory
View virtual memory by address spaces or swap files.

View the number of NLM programs loaded in each
address space.
View per-address space information, including number of
times the address space faulted and restarted, and
elapsed time since the last fault.
View page faults statistics.
View amount of allocated memory the NLM requested, in
bytes and nodes.
Recover unused memory pages (garbage collection) in
the OS address space.
View amount of mapped physical memory pages backing
the OS address space.
View statistics for page-in and page-out requests.
View information and statistics on swap pages, including
maximum size, minimum size, current size, free file
space, minimum free file space, and used file space.
Utilities 115
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Menu Option
Use to
Kernel
View kernel information by all threads, processors,

interrupts, and busiest threads.
View the list of all threads running on the system
In NetWare 5, all threads running on a NetWare server
are grouped into two categories called NetWare
Application and Java Application. To access NetWare 5
thread information, you select Kernel > Applications >
NetWare Application [or] Java Application.
In NetWare 6, threads are not categorized on the basis of
the application. All threads can be viewed from a
common category in MONITOR called All Threads. To
view NetWare 6 thread information, you simply select
Kernel > All Threads.
See whether a processor is online or offline.
View processing load as a percentage both perprocessor and for all processors combined.
View number of threads bound to online processor.
View number of interrupts fired on processor and the
amount of time spent processing interrupts.
List all registered interrupts.
List all Interrupt Service Routines registered to a selected
interrupt.
View the number of interrupts handled by a specific
Interrupt Service Routine, both per-processor or for all
processors combined.
Determine interrupt type and number of Interrupt Service
Routines executed per-interrupt.
List the busiest threads in the Threads option.
View per-thread information, including parent module,
current state, reason thread is suspended, processor
execution time, threads stack size, soft affinity or hard
affinity.
Server Parameters
Set values for server parameters.

This menu provides the same functionality as the SET
command. For descriptions of parameter categories and
individual parameters, see SET on page 186.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
For a description of the MONITOR Server Parameters, see the tables for each
parameter category in SET on page 186.
Topic
See
Assessing server RAM
Assessing Server RAM
Checking for disk errors
Checking for Disk Errors

Checking Server Error Logs
LAN and WAN driver statistics
Appendix A, LAN Driver Statistics,

on page 289
Clearing workstation connections

CLEAR STATION on page 27
Sending a message to a logged-in

client
Sending Console Messages to

Workstations
Increasing packet receive

(communications) buffers
SET Communications Parameters

on page 192
Increasing Maximum and Minimum
Packet Receive Buffers
Setting values of server parameters
SET on page 186

Setting Server Parameter Values
MOUNT
Purpose
Use at the server console to make a volume available to users.
Syntax
MOUNT volume_name | ALL
Utilities 117
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
volume_name

mount.
ALL
Mount all volumes not mounted.
Using MOUNT
If you set up the AUTOEXEC.NCF file to mount all volumes
automatically each time the server comes up, then you would use the
MOUNT command only if you have dismounted a volume and want to
remount it.
After you replace a removable drive, use this command to mount all
volumes residing on the removable drive.
You can mount and dismount volumes while the server is running.
You can also use NWCONFIG to mount a volume. Select Installation
Options > Volume Options.
Examples
To mount volume STATISTICS, type
MOUNT STATISTICS
To mount all unmounted volumes at once, type

MOUNT ALL
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NAME
Purpose
Use at the server console to display the server name.
HINT: You can also use the SET parameter, Replace Console Prompt with Server
Name = servername, in autoexec.ncf to display the server name with the console
prompt. See SET Miscellaneous Parameters on page 210.
This is very useful where you have multiple server consoles in one location or
access several servers from a single management console.
Syntax
NAME
NCS Debug
Purpose
NCS Debug displays and saves a record of all NCS port activity in an ASCII
text file named NCSTRACE.LOG in the SYS:SYSTEM directory. The size of
the log file is limited to 800 KB. After the file reaches that size, the entries
wrap around to the beginning of the file and logging continues.
NDPS Broker
Purpose
The Broker provides three network support services not previously available
in NetWare: the Service Registry Service (SRS), Event Notification Service
(ENS), and Resource Management Service (RMS). While these services are
invisible to end users, administrators should be aware of them. Novell
Distributed Print ServicesTM (NDPS) uses these services in the following
ways:
Service Registry Service. The Service Registry allows public access
printers to advertise themselves so that administrators and users can find
them. This service maintains information about device type, device name,
Utilities 119
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
device address, and device-specific information such as the manufacturer

and model number.
Event Notification Service. This service allows printers to send
customizable notifications to users and operators about printer events and
print job status. The Notification Service supports a variety of delivery
methods including NetWare pop-up, log file, e-mail (GroupWise), and
programmatic.
Resource Management Service. This service allows resources to be
installed in a central location and then downloaded to clients, printers, or
any other entity on the network that needs them. The Resource
Management Service supports adding, listing, and replacing resources
including printer drivers, printer definition (PDF) files, banners, and
fonts.
Topic
See
Service Registry Service
Understanding the Service Registry

Service
Event Notification Service
Understanding the Event Notification

Service
Resource Management Service
Understanding the Resource

Management Service
Customizing the way your brokered

services are distributed on the
network
Managing the Broker
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NDPS Manager
Purpose
A Novell Distributed Print ServicesTM (NDPS) Manager provides a
platform for Printer Agents that reside on the server. An NDPS Manager must
be created as an object in the eDirectory tree before you can create serverbased Printer Agents.
Using NDPS Manager

ModuleTM (NLM) program named NDPSM.NLM. You can manually load this
NLMTM program at the server console, or it will be automatically loaded when
you create a Printer Agent with NetWare Administrator.
A single NDPS Manager can control multiple Printer Agents. (There is no
hard limit.)
local printer, it must be loaded on the server the local printer is attached to.
A user creating an NDPS Manager must have at least Read, Write, Modify,
and Create rights for the container in which the object will be created.
Topic
See
Creating an NDPS Manager
Creating NDPS Manager
Managing NDPS Manager
Managing Printers
Utilities 121
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NetWare ConnectView
Purpose
NetWare ConnectViewTM opens a View All window whenever the
application is started. The ViewAll window lets you quickly view a list of
managed servers, display and control the servers resources, and view
summary information about them. Server resources include the boards/
drivers, port groups, ports, and remote access services.
To view this data, you need the Simple Network Management Protocol
(SNMP).
NetWare Login
Purpose
Use at a Windows* 3.1x or Windows 95 workstation to
Access an eDirectory tree or a NetWare server
Run a login script
Starting NetWare Login

By default, NetWare Login runs when you start Windows. However, you can
start NetWare Login any time by choosing its icon in Windows.
Depending on your Windows platform, type the appropriate executable
filename: either LOGINW31 or LOGINW95.
Example:
loginw95 /a
An additional parameter, /A, is provided to cause the advanced tabs to appear
in the NetWare Login dialog box.
Open the login window on a Windows 95 workstation by clicking Start >
Programs > Novell > NetWare Login.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Using NetWare Login

Use the options provided in the NetWare Login dialog box or in your Client
32TM settings. For more information, see the online Help for NetWare Login.
Topic
See
NetWare Login dialog box
Online Help within the dialog box
Command-line options
LOGIN on page 90
Client 32 settings
Online Help within the dialog box

Purpose
Use at a workstation through a Web browser to diagnose and manage
NetWare servers. The main tasks that you can complete using this tool are:
Diagnose Server Problems
Manage Servers, Applications, Hardware
Access eDirectoryTM management tools.
Topic
See
For complete information about

accessing and using NetWare
Remote Manager

Utilities 123
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NIASCFG
Purpose
NIASCFG enables you to configure Novell Internet Access Server 4.1
software. You can set up and customize your internetworking configuration
for PPP, IPXTM, IP, AppleTalk*, and the source route bridge.
Novell Printer Manager

Purpose
The Novell Printer Manager allows workstation users to manage all of their
Novell Distributed Print ServicesTM (NDPS) printing tasks including printer
installation, customized printer configuration, and print job management.
Users may also use the Printers folder in Windows* to add NDPS printers and
perform certain printer management tasks.
Novell Printer Manager provides a graphical display of all the NDPS printers
that are currently installed on a workstation. Through an easy-to-use graphical
interface, users can add and configure additional printers for their installed
printers list.
When a user adds a printer to the workstation, the corresponding printer driver
is automatically installed on that workstation. Administrators can specify
printers to be added automatically to workstations through the Remote Printer
Management feature of NDPS (see Using Remote Printer Management).
Users can view real-time status and configuration information about their
printers and print jobs and receive event notification for their print jobs.
Feedback that they can receive includes information about the following:
A printers status
A printers characteristics and properties
A printers features
Printer events that require operator intervention (such as low toner, empty
paper tray, or jammed feed mechanism)
A print jobs status, characteristics, and properties
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Topic
See
Using Novell Printer

Manager
Using the Novell Printer Manager Workstation

Utility (http://www.novell.com/documentation/
lg/nw51/ndps_enu/data/htwn0jb2.html)
Novell Migration Wizard

The Novell Migration Wizard utility lets you copy your NetWare 3.1x
server bindery and file system across the wire and place them in a desired
location in an existing eDirectoryTM tree.
The across-the-wire upgrade (also referred to as a migration) is administered
on a Windows* 95 or Windows NT* workstation.
A complete Help system is built into the utility. In addition, procedures for
using the Novell Migration Wizard can be found in the Migration Wizard
The Novell Migration Wizard is installed as a self-extracting executable from
the following location on the NetWare 6 Operating System CD:
\products\upgrdwzd\upgrdwzd.exe
Topic
See
Novell Upgrade Wizard
Chapter 7, Welcome to NetWare 6, in NetWare

6 Overview and Installation Guide
Utilities 125
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NSS
Purpose
Use the Novell Storage ServicesTM (NSSTM) console commands to do the
following:
Unload NSS
Display NSS module or volume information
Check NSS volume statistics
Change NSS caching
Modify other NSS tunables
Using NSS
To use the NSS console commands, enter the following at the server console:
nss /help or nss /? opens the NSS console Help facility.
nss /modules lists the providers, loadable storage subsystems, and
semantic agents.
nss /status lists the current NSS status.
volumes lists all the NetWare volumes that are mounted and includes
the NSS_Admin volume.
nss volumes lists all the NSS volumes, including NSS_Admin.
NSS Load Commands
To use the NSS load commands, enter the following at the server console:
help opens the NSS console Help facility.
/? opens the NSS console Help facility.
/(No)SkipLoadModules prevents autoloading of all the NSS
modules.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NSS DOS FAT Commands
Use these NSS DOS FAT commands at the server console:

nss /(No)FATInMemory loads the entire FAT into memory for faster
access, regardless of its size. The default is OFF.
nss /(No)FATLongNames enables long filenames on FAT volumes.
The default is ON.
nss /(No)FATLazyWrites performs lazy writes of FAT. The
default is ON.
nss /FATLazyWriteDelay=value sets the FAT lazy write delay (in
seconds). The default is 60. The range is 5 to 180.
nss /FATPartition=partition_type_number supports up to three
additional partition types containing 16-bit FATs, such as /
FATPartition=12,13.
PURGE and SALVAGE Commands
Both PURGE and SALVAGE commands are supported and behave almost the
same in NSS as in previous versions of NetWare.
The SALVAGE command for the traditional NetWare file system and previous
releases of NetWare was either turned on or off for the whole file system. In
NSS, you can turn SALVAGE on or off for each NSS volume.
Use SALVAGE at the server console as follows:
nss /salvage=all enables SALVAGE on all NSS volumes.
nss /salvage=volume_name enables SALVAGE on the NSS volume
you specify.
nss /nosalvage=all disables SALVAGE on all NSS volumes.
nss /nosalvage=volume_name disables SALVAGE on the NSS
volume you specify.
Utilities 127
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NSS Buffer Cache Commands
Use these NSS commands at the server console to change your cache buffers:
nss /MinBufferCacheSize sets the minimum buffer size. The
default is 512. The range is 256 to 1048576. When NSS is loaded, it
requires at least 512 cache buffers.
nss /MinOSBufferCacheSize sets the minimum size for
NetWare. The default is 1024. The range is 1024 to 1048576. We do not
recommend that you set this value below 1024.
nss /NameCacheSize sets the number of Name Cache entries. NSS
keeps a cache of file and directory entry names it has recently looked up.
This speeds up opening files and path searches. The default is 2111. The
nss /(No)NameCache sets Name Cache to ON or OFF. The default
is ON.
nss /(No)CacheBalance sets the buffers to percentages rather than
integers for dynamic balancing of free memory for the buffer cache. The
default is ON. Use this switch with /MinBufferCacheSize.
nss /CacheBalanceTimer sets the cache balance timer in seconds.
NSS checks the total number of cache buffers in the system and
determines if the CacheBalance percentage is met. NSS then gives or
takes the appropriate number of cache buffers. The default is 30. The
range is 1 to 3600.
nss /AuthCacheSize sets the number of Authorization Cache
entries. If many trustees have been set on different files and directories,
we recommend that you increase this number. The default is 1024. The
nss /BufferFlushTimer sets the Flush Time for modified cache
buffers in seconds. The default is 1 second. The range is 1 to 3600
seconds.
nss /CacheStats shows the cache buffer statistics.
Other NSS Commands
Use these NSS commands at the server console to manage NSS:

nss /Activate=volume_name activates an NSS volume.
nss /Deactivate=volume_name deactivates an NSS volume.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
nss /Maintenance=volume_name switches the specified NSS

volume to maintenance mode.
nss /ForceActivate=volume_name forces an NSS volume to
become active.
nss /VerifyVolume=volume_name verifies the specified NSS
volumes physical integrity.
nss /RebuildVolume=volume_name rebuilds the specified NSS
volume.
nss /RebuildVolume allows you to select an NSS volume from the
menu for rebuild.
nss /AutoVerifyVolume=volume_name allows you to verify an
NSS volume at startup.
nss /StorageResetThreshold=value allows you to reset the
threshold for a low storage space warning. The default is 10. The range is
1 to 1000000.
nss /(No)StorageAlertMessages turns ON or OFF the low
storage message to users. The default is ON.
nss /NumWorkToDo=value sets the number of WorkToDo entries
which may be concurrently executing. NSS uses WorkToDo entries for
tasks such as flushing file metadata to disk in the background. Increasing
the number of WorkToDo entries might be useful on a system that is
heavily used. NSS always reserves 20 WorkToDo entries. The default is
40. The range is 5 to 100.
nss /FileFlushTimer=value sets the Flush Time for modified
open files in seconds. Increasing this number might reduce the number of
writes to disk; however, it increases the amount of data that will be lost if
the system crashes. The default is 10 seconds. The range is 1 to 3600
seconds.
nss /OpenFileHashShift=value sets the size of the Open File
hash table (in powers of 2). If many files are used concurrently on the
server, we recommend that you increase this number. The default is 11.
nss /ClosedFileHashShift=value sets the number of closed files
that can be cached in memory. The default is 512. The range is 1 to
100000.
nss /MailBoxSize=value sets the size of your mailbox. The default
is 228. The range is 64 to 256.
Utilities 129
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Topic
See
Using the NSS Administration menus Setting Up and Configuring Novell

Storage Services in the Novell
Storage Services Administration
Guide
NSWEB
Purpose
Use NSWEB and NSWEBDN to start and stop the NetWare Web Manager
and NetWare Enterprise Web Server.
Syntax
NVXWEBUP
NVXWEBDN
NVXADM
Purpose
Use NVXADMUP and NVXADMDN to start and stop the NetWare Web
Manager.
Syntax
NVXADMUP
NVXADMDN
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NVXWEB
Purpose
Use NVXWEBUP and NVXWEBDN to start and stop the NetWare Web
Manager.
Syntax
NVXWEBUP
NVXWEBDN
NWBACK32
Purpose
From a Windows* 95 or Windows NT* workstation, use this graphical utility
to back up or restore Storage Management ServicesTM (SMSTM) targets such as
eDirectoryTM, binderies, the file system, or hard disks. With this utility, you
can do the following:
Back up data
Restore data
Verify what you have backed up or restored
Create new sessions
Manage your devices
Manage your backup or restore jobs
Create log and error reports
Schedule backup or restore jobs
Starting NWBACK32
Certain prerequisites must be met on the backup server before you can start
NWBACK32 on a Windows 95 or Windows NT workstation. Also, if you are
loading NWBACK32 for the first time, the steps are different. See Storage
Management Services Administration Guide in the NetWare 6 online
documentation.
Utilities 131
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
1 Log in to the desired eDirectory tree.

2 Select Network Neighborhood > Novell > Sys:public >Nwback32.
The Quick Access window appears.
Using NWBACK32
The following sections describe how the elements of NWBACK32 work.
There are three methods for using NWBACK32: Quick Access, the toolbar, or
the menu bar. Use the Quick Access window to determine what you want to
back up or restore. Then Quick Access window does not contain as many
features as in the menus or toolbar.
Using the Graphical Interface
Click the preferred button in the Quick Access window:

Backup lets you choose what to back up and where to back up.
Restore lets you choose what to restore and where to restore.
Verify lets you check the data on your media to ensure a successful
backup.
Create Session lets you create you log and error file sessions.
Device Administration lets you monitor the properties of a device.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Job Administration lets you view and change jobs.

Reports lets you view the details of session and error reports.
Exit quits NWBACK32.
When you reach your destination, in most instances you can right-click the last
item. You may also use the menu bar or the toolbar to complete the task.
Using the Menu Bar
The menu bar displays headings for various menus. The tasks in the menus
contains all the features the toolbar uses and more than the Quick Access
menu. To complete a task or manage a job, select one of the following if
preferred:
File contains options for a new session, changing the context, changing
the protocol, or exiting NWBACK32.
Backup contains options for submitting a job, using filters, selecting a
backup type, scheduling a backup, or selecting the backup frequency.
Restore contains options for submitting a job, using the filters, and
scheduling a restore.
Verify contains an option for submitting a job.
Create Session contains an option for submitting a job.
Device Administration contains options for changing device labels or
types, attaching to media, releasing a device, viewing media properties,
erasing the media, moving the media, retension the media, or create a new
media label.
Job Administration contains options for checking properties of jobs,
enabling or deleting jobs, starting or holding jobs, rescheduling a job, or
aborting a job.
Reports contains options for creating new log and error reports.
Using the Toolbar
The toolbar displays buttons for various tasks or topics as follows:

Start a backup initializes your backup job.
Start restore job initializes your restore job.
Start verify session initializes verification of data on the media.
Utilities 133
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Start create session initializes a new session for the job.

Job administration contains options for checking properties of jobs,
enabling or deleting jobs, starting or holding jobs, rescheduling a job, or
aborting a job.
Device administration contains options for changing device labels or
types, attaching to media, releasing a device, viewing media properties,
erasing the media, moving the media, retension the media, or create a new
media label.
Reports lets you create a log or error report.
Run lets you run a report.
Apply filters lets you use the filters you selected in Backup.
Complete differential and incremental backup lets you run these
backup types.
Schedule the job lets you schedule your backup or restore.
Frequency of backup lets you indicate how often to back up.
Change the context lets you change to another context.
IP/IPX lets you change the protocol.
Help displays the Help facility (not yet available).
Exit closes NWBACK32.
Topic
See
Learning how backup and restore

works
Overview
Backing up data
Backup Services
Restoring Data
Restore Services
Loading the backup software

Administering a job or a device
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Administering Jobs
Manual
99a
38
July 17, 2001
NWCCON
Purpose
Use this utility to configure remote access options. To use this utility, load
NIASCFG and select Configure NIAS > Remote Access.
NWCONFIG
Purpose
Modify your NetWare servers configuration
Perform server management operations
Install additional products
Syntax
[LOAD] [path]NWCONFIG
Parameter
Use to
path
Specify the path to NWCONFIG if you moved it

Using NWCONFIG
The following table describes each option found on the NWCONFIG main
menu.
NOTE: For information about NWCONFIG options, press F1 from any
NWCONFIG window.
Table 2
NWCONFIG Installation Options Menu
Menu Option
Use to
Driver Options
Load and unload disk and LAN drivers.
Legacy Disk Options
This functionality has been moved to ConsoleOne.
Utilities 135
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Menu Option
Use to
NSS Disk Options
This functionality has been moved to ConsoleOne.
License Option
Install and remove licenses and re-create licensing objects in the eDirectoryTM
tree.
Copy Files Option
Copy NetWare files to various directories on volume SYS:.
Directory Options
Install and remove eDirectory.

Upgrade NetWare 3 bindery information to the eDirectory tree.
Upgrade mounted volumes into the eDirectory tree.
Back up the eDirectory tree; restore the eDirectory tree after a hardware
upgrade or failure; restore references to the server after the eDirectory tree is
restored.
NCF Files Options
Create and edit the startup.ncf and autoexec.ncf files.

Upgrade a NetWare 3.1x AUTOEXEC.NCF file to meet NetWare 6
requirements.
Multi CPU Options
Select a Platform Support Module (PSM) appropriate for your multiprocessing

server hardware.
Product Options
Install and configure additional NetWare or third-party products; remove

additional products from the server.
Exit
Exit NWCONFIG.
Topic
See
LAN drivers
Disk drivers
NSS
Licensing
eDirectory
Maintaining Novell eDirectory
.NCF files
Overview to Using Server Batch Files
Multiprocessing
NetWare Integrated Kernel
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCRPAIR
Purpose
NWCRPAIR.NCF is a troubleshooting utility that recovers corrupted Btrieve*
files. Corrupted Btrieve files may be the result of a remote access server abend
(terminate program execution abnormally).
Use this utility if you receive an initialization failure when you bring up
remote access with NWCSTAT.
NWCSTAT
Purpose
Use NWCSTAT to display remote access status. You can use this utility by
loading NIASCFG and following this path:
Select View Status for NIAS > Remote Access
ORBCMD
Purpose
Load orbcmd.nlm (the ORB Command utility) at the server console to enable
the Novell Object Request Broker (ORB) on the server. An ORB is
necessary to develop and distribute CORBA*-compliant distributed-object
applications.
The ORBCMD automatically loads other NLMTM programs on the server,
including the Novell JVM, and enables the use of VisiBroker CORBA
commands at the server console.
You must load the orbcmd.nlm before you can use any other ORB-based
application clients, servers, or tools.
Syntax
[LOAD] ORBCMD
Utilities 137
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Using ORBCMD
To use the Novell ORB, you must also start the Smart Agent, which provides
the Novell ORBs directory service and failure detection services. After you
load ORBCMD, enter the following at the server console:
[LOAD] OSAGENT
To distribute and run CORBA-compliant applications on the network or to

provide a development environment for CORBA applications, you will need
the Open Solutions Architecture (OSA) Software Developers Kit (SDK).
The OSA SDK contains the client component of the Novell ORB,
development tools, and Visegenic online documentation for developing and
administering CORBA-compliant Java*-based applications.
You can download a copy of the OSA SDK free of charge from the Novell
DeveloperNet World Wide Web page (http://developer.novell.com) or contact
your Novell Authorized ResellerSM representative.
PING
Purpose
Use at the server console to send an Internet Control Message Protocol
(ICMP) echo request packet to an IP node on your internetwork.
PING determines whether an IP node is reachable on your internetwork.
Syntax
[LOAD] PING
Using PING
PING sends an ICMP echo request packet to an IP node on your
internetwork. If the target node receives the packet, it sends back a reply
packet.
To select an IP node, enter its hostname or IP address in the Host Name
field.
You can also specify the number of seconds between each packet
transmission and the size of the packet, in bytes.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
To start sending packets, press Esc. The sending node continues to send
request packets and collect response time statistics until you press Esc
again to exit PING.
To select additional IP nodes, press Insert. Enter the hostname or IP
address of the node in the Host Name field. Press Esc to start sending
packets.
PPPCON
Purpose
Use PPPCON to view Point-to-Point Protocol (PPP) interface configuration
and statistical information.
PPPRNCON
Purpose
Use PPPRNCON to configure Point-to-Point Protocol Remote Node Service
(PPPRNS) options. You can use this utility by loading NIASCFG and
selecting Configure NIAS > Remote Access > Configure Service > PPPRNS.
PPPTRACE
Purpose
The PPPTRACE utility enables you to debug PPP data link problems.
PPPTRACE fully decodes and displays PPP protocol exchanges. You can also
examine network protocol data that flows through the PPP link in a partially
decoded format.
Because each captured frame is time-stamped to an accuracy of one-tenth of
a second, PPPTRACE can also provide valuable timing information.
Utilities 139
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
PROTECT
Purpose
Use at the server console to load NLMTM programs into a protected address
space when the commands to load the NLM programs are in a .ncf file.
Specify the .ncf file as a parameter to the command.
Syntax
PROTECT filename
Using PROTECT
Use this command when you normally use a .NCF file to load multiple
modules at once, and you want the modules to be loaded into the same
protected address space.
The command creates a protected address space with the same name as the
.ncf file and executes the .ncf file to load all the modules into the space.
For example,
protect grpwise
creates a protected address space called grpwise and reads GRPWISE.NCF to

load modules into the protected space.
IMPORTANT: Remember that not all modules can run in a protected address
space. Some modules, such as LAN and disk drivers, MONITOR, and server.exe,
must run in the kernel address space. For more information, see Modules Not
Allowed in Protected Address Spaces.
PROTECTION
Purpose
Use at the server console to display a list of protected address spaces or to add
or remove restart functionality from an existing address space.
Restart functionality means that if the protected address space faults, the
memory management system automatically closes the space, cleans up its
resources, restarts the space, and reloads modules into it.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Syntax
PROTECTION [RESTART | NO RESTART address_space]
Parameter
Use to
no parameter)
Display a list of address spaces and the

modules loaded into them.
RESTART address_space
Add restart functionality to the designated

address space.
NO RESTART
address_space
Remove restart functionality from the

designated address space.
Using PROTECTION
When you execute PROTECTION without parameters, the server displays a
list of all loaded address spaces. Each address space name is followed by a list
of the modules loaded into the space, with a short description of each module.
If you add restart functionality to an address space, use the Memory Protection
No Restart Interval parameter to prevent the address space from repeatedly
faulting and then restarting. See Memory Parameters on page 207.
PROTOCOL
Purpose
View the protocols registered on your NetWare server
Register additional protocols and frame types
Syntax
PROTOCOL [REGISTER protocol frame id#]
Parameter
Use to
(no parameter)
Display the protocols registered on your

server.
Utilities 141
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
Parameter
Use to
REGISTER
Register a protocol.
July 17, 2001
It is only necessary to use PROTOCOL

REGISTER in unusual cases, such as when
using a new media.
protocol
Specify the protocol name.
frame
Specify the name representing the frame type

that is to be bound to the communication
protocol.
id#
Specify the protocol identification number (also

called a protocol ID, PID, an Ethernet type or
E-type, or an SAP).
This number is a unique, assigned
hexadecimal number that tells the server how
to recognize data coming from a certain
network board through a designated
communication protocol (such as IPXTM).
Using PROTOCOL
LAN drivers automatically register IPX; other protocol stacks register
themselves.
For approved protocol loadable modules, consult your reseller. For the
protocol name, check the documentation that comes with the protocol
module.
LAN drivers automatically register a frame type when they are loaded. If
the LAN driver supports more than one frame type, the frame type is
registered when you load the driver with that frame type.
Topic
See
Binding protocols to a LAN

driver
BIND on page 19.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
PSERVER
Purpose
A print server is a software program that monitors and manages printers and
print queues. PSERVER is the native NetWare print server that takes jobs
from a NetWare print queue and directs them (via NPRINTER) to the assigned
printer. In NetWare 6 software, PSERVER is available only as a NetWare
Loadable ModuleTM (NLMTM) program that can be loaded on a NetWare
server.
NOTE: Multiple PSERVER modules cannot run concurrently on the same
NetWare server.
Print server functions can be managed through the NetWare Administrator

utility or at the server console.
HINT: This utility is for use with Novell legacy, queue-based print services. iPrint
and Novell Distributed Print ServicesTM (NDPS) are the default and preferred print
system in NetWare 6. Queue-based printing is fully supported in NetWare 6, which
allows your users to continue printing as they always have until you complete the
transition to NDPS.
For a discussion of NDPS support for legacy printing, see Supporting QueueBased Client Workstations. For information on migrating to iPrint and NDPS, see
Planning the Migration to Novell Distributed Print Services.
Syntax at Server Console

[LOAD] PSERVER
.CN=printservername.OU=container.O=container
Topic
See
Using PSERVER
See Setting Up Print Serviers (http://

www.novell.com/documentation/lg/nw51/
printenu/data/hx6f2l7r.html#hx6f2l7r) in
NetWare 5.1 Queue-Based Printing
Utilities 143
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
RCONAG6
Purpose
RCONAG6.NLM is the RConsoleJ Agent. Load this NLMTM at the server
console to allow remote console access to the server, using RConsoleJ Client.
Syntax
LOAD RCONAG6 [ENCRYPT] [-Edigest | password IP_port
IPX_port secure_IP_port]
Parameter
Use to
(no parameter)
Load RCONAG6 without command line parameters.

You will be prompted for a password, IP port number,
and IPXTM port number, Secure IP port number.
ENCRYPT
Encrypt the password and create a

SYS:SYSTEM\LDRCONAG.NCF script file if desired.
This script file can be used to load RCONAG6 at startup.
(by inserting LDRCONAG.NCF in AUTOEXEC.NCF).
-Edigest
Specify an encrypted password (digest) that will be used

at the command line.
To use this parameter, you need to load RCONAG6
using the ENCRYPT option.
This parameter is used in the LDRCONAG.NCF file (if
you create the file using the ENCRYPT option).
password
Specify the password you want administrators of the

remote server to use.
IP_port
Specify the IP port number that RCONAG6 will listen for

RConsoleJ or a proxy server on.
The default is 2034.
-1 disables IP listening.
0 allows a dynamically assigned port to be used.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
IPX_port
Specify the IPX port number that RCONAG6 will listen

for a proxy server on.
-1 disables IPX listening.
secure_ IP_port
Specify the Secure IP port number that RCONAG6 will

listen for RConsoleJ on a SSL-based port on.
-1 disables Secure IP listening.
Using RCONAG6
If the target server runs Streams-based SPXTM services, you must load the
spxs.nlm before loading RCONAG6. See Setting Up RConsoleJ in the
Remote Server Management Guide.
Before accessing a target server using RConsoleJ, load RCONAG6 on the
server. When you load RCONAG6, you establish a password that must be
entered when you execute RConsoleJ.
To optimize security, use an encrypted password when loading
RCONAG6.
To encrypt the password, enter
RCONAG6 ENCRYPT
The system prompts for a password. Enter the password. The password is
encrypted and two options are provided:
(Recommend) Create LDRCONAG.NCF, containing the script, to
load RCONAG6.NLM with the encrypted password. This ensures
that your password is in clear text. Additionally, you need not
remember the password to load RCONAG6.NLM with the encrypted
password.
Load the RCONAG6.NLM without creating LDRCONAG.NCF
Utilities 145
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If you want to connect to an SPX server using RConsoleJ, you must also
create a proxy server using RCONPRXY.NLM.
To make RConsoleJ sessions available whenever you boot the server,
enter the following command in the AUTOEXEC.NCF file. (This
assumes you have encrypted the password and created the
SYS:SYSTEM\LDRCONAG.NCF file.)
LDRCONAG
Topic
See
Loading RCONPRXY
RCONPRXY on page 146
Setting up a target server
Setting Up RConsoleJ in Remote Server

Management
Using RConsoleJ
RConsoleJ on page 148
RCONPRXY
Purpose
Load at the server console to create an RConsoleJ proxy server on a NetWare
6 server. RConsoleJ proxy servers allow RConsoleJ to access target servers
using an IPXTM (or IP) connection.
Syntax
[LOAD] RCONPRXY TCP_Port
Parameter
Use to
(no parameter)
Start RCONPRXY without command line parameters.

You will be prompted for a TCP port number.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
TCP Port
This is the TCP port number on which RCONPRXY will

listen for RConsoleJ.
Using RCONPRXY
Use RCONPRXY.NLM to allow RConsoleJ to communicate with an
NetWare 6 server IPX-only.
RCONPRXY creates a proxy server through which RConsoleJ can
communicate with the IPX-only server.
The proxy server must run both IP and Streams-based SPXTM services.
To load Streams-based SPX services on the proxy server, use the SPXS
NLMTM program.
Topic
See
Loading RCONAG6
RCONAG6 on page 144
Setting up a proxy server
See Loading the RConsoleJ Proxy Agent on a

Proxy Server in Setting Up RConsoleJ in the
Remote Server Management Administration
Guide
Using RConsoleJ
RConsoleJ on page 148
Utilities 147
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
RConsoleJ
Purpose
Use at a workstation or server to remotely control a NetWare server.
IMPORTANT: For security reasons, this version of RConsoleJ must be used only
inside firewalls.
Using RConsoleJ
NetWare 6 provides Java*-based remote console utility (RConsoleJ) that lets
you control a NetWare server from a workstation and perform the following
tasks:
Use console commands as you would at the server console
Use NLMTM programs as you would at the server console (for example,
EDIT.NLM to edit files)
Send console commands in the servers native language from the
RConsoleJ Client using Buffer Input
Control the server from another server using RConsoleJ
Upgrade a NetWare server (text-based UI only)
Run a Secure Socket Layer (SSL)-based secure session
You can use the following keystrokes during a remote console session. All
other keys function as if you were at the server console.
To
Press
Access the drop-down list of target

server console screens
Alt+F1
Cycle to the next target server

console screen
Alt+F2
Cycle to the previous target server

console screen
Alt+F3
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Topic
See
RConsoleJ
Remote Server Management
Using RCONAG6
RCONAG6 on page 144
Using RCONPRXY
RCONPRXY on page 146
REBUILD
Purpose
Use REBUILD to recover corrupted Novell Storage ServicesTM (NSS)
volumes. The REBUILD utility salvages the data it finds on your corrupted
NSS volume and recovers it.
NetWare users may be used to using VREPAIR to repair and rebuild
NetWare volumes. VREPAIR still works for traditional NetWare volumes, but
it does not work on NSS volumes. For NSS, you must use REBUILD.
Rebuild verifies and uses the existing leaves of an object tree to rebuild all the
other trees in the system. The NSS volumes that are verified and rebuilt are
placed in maintenance mode. This means the NSS volumes are unusable until
this process is finished, and the volume is remounted.
After running REBUILD, you must run the VERIFY utility. VERIFY
accounts for all blocks in the system. If errors are found, they are reported to
the screen, and the NSS volume is left in maintenance mode. Run REBUILD
again until no errors are found. If errors are not found, the volume is placed
back in the active state. You may have to mount the volume.
NOTE: This utility only protects against system failures, not hardware failures.
Starting and Using REBUILD

Use REBUILD either in the NSS Administration utility or at the command
line.
NOTE: Always back up your data. If an NSS volume exists on several hard disks
and one of the hard disks becomes corrupted, you must create a new NSS volume
or restore your old NSS volume from backup.
Utilities 149
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Rebuild NSS Volumes Using the NSS Administration Menus
To rebuild NSS volumes, do the following.

1 Load NSS.
2 Open the NSS Administration menus, by entering
nss /me
3 Select Utilities > Rebuild NSS Volume.

4 Select the volume to rebuild.
5 Return to Utilities at the main menu and select Verify NSS Volume to
check your volumes integrity.

Rebuild NSS Volumes Using the Server Console
To rebuild NSS volumes at the server console, do the following.

1 Load NSS.
2 Rebuild your NSS volume.
Select one of the following options:
To rebuild a single volume, specifying the name, enter

nss /rebuild=NSS volume_name
The volume you specify will be rebuilt.
To rebuild a single volume by selecting from a list of volume names,

enter
nss /rebuild
A list of volumes appears. Select the preferred volume. You must

enter this command for each volume you want to rebuild.
To rebuild more than one NSS volume at a time, enter

nss /rebuild=NSS volume_name, NSS volume_name
A process runs for each volume up to five NSS volumes.

3 Check the output screen.
This screen indicates the time elapsed, the time remaining, the total
elapsed time, the number of objects processed, etc.
4 Verify your rebuilt NSS volume, by entering
nss /verify=[NSS volume_name]
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If you dont enter the NSS volume name parameter, you will be prompted
to select it.
Topic
See
Maintaining NSS volumes
Setting up NSS volumes
Setting Up and Configuring Novell Storage

Services in the Novell Storage Services
RECORD
Purpose
Use at the server console to record command sequences that you enter at the
console over and over. The RECORD command creates a temporary batch file
on the server. You can then save the temporary batch file as an .NCF file or
delete it from memory.
Syntax
RECORD [ACTION] | [temporary batch file name]
For example:
To
Enter
Begin recording console commands into a memory

batch file called MYLIST1
RECORD START MYLIST1
Close the recording session for the temporary batch

file named MYLIST1
RECORD STOP
Type the command sequences in the session

named MYLIST1
RECORD TYPE MYLIST1
Remove the recorded session named MYLIST1

from server memory
RECORD KILL MYLIST1
Utilities 151
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
To
Enter
Close the recording session and save it as

SYS:SYSTEM\MYLIST1.NCF
RECORD STOP NCF
Execute the list of commands in the MYLIST1

session
REPLAY MYLIST1
Save the MYLIST1 session that has already been

closed to SYS:SYSTEM\MYLIST1.NCF.
RECORD SAVE MYLIST1
July 17, 2001
For information, see REPLAY on page 162.
REGISTER MEMORY
Purpose
Use at the server console to configure the operating system to recognize
installed memory above the amount of memory that is automatically
registered. NetWare 6 can address up to 4 GB.
IMPORTANT: Use the REGISTER MEMORY command only if absolutely
necessary. Manually registering memory can cause memory fragmentation.

Ideally, you should upgrade the system board so that NetWares automatic memory
registration will work.
Before using REGISTER MEMORY, try the following:

Review the CONFIG.SYS or AUTOEXEC.BAT files to make sure
nothing is being loaded on the server that prevents memory recognition:
sometimes a real mode driver or a memory manager stops NetWare from
registering memory above 64 MB.
If your server contains an older network board, such as many ISA and
MCA devices, upgrade to a newer board.
If you have access to the World Wide Web, search the knowledge base at
http://support.novell.com for Register Memory topics.
Syntax
REGISTER MEMORY start_address amount
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
start_address
Specify the hexadecimal address where the

memory youre adding will start. This is the
amount of RAM your server currently
recognizes and addresses.
This number is usually 16 MB (1000000h);
however, the default varies depending on the
machine type.
To obtain the start address, use the MEMORY
command and convert its output to
hexadecimal.
amount
Specify an amount of memory, expressed in

hexadecimal, that is installed beyond the start
address. This number must be divisible by 10h.
Up to 1 GB can be registered at one time.
NOTE: In the preceding table and in the following sections, the h after the number
denotes a hexadecimal number. The d denotes a decimal number.

For example, 1000000h is 1 million in hexadecimal, and 1000000d is 1 million in
decimal.
The hexadecimal numbers A through F correspond to the decimal numbers 10
through 15, respectively.
Using REGISTER MEMORY

NetWare registers all memory that it recognizes according to bus type. On
an ISA bus, NetWare recognizes up to 16 MB. On an EISA or MCA bus,
NetWare recognizes all of the memory that is present. On a computer with
a Peripheral Component Interconnect (PCI) bus, NetWare 6 recognizes
up to 4 GB.
To have the additional memory registered automatically when the server
boots, add the REGISTER MEMORY line to the STARTUP.NCF file.
IMPORTANT: Place the REGISTER MEMORY command before the command to
load disk drivers in the STARTUP.NCF file so that the registered memory will be
available to the SYS: volume.
Failure to register memory before volume Sys is mounted can result in error
messages indicating that the cache memory allocator is out of available memory,
or that there is insufficient memory to mount volumes.
If the memory does not register, check for the following possible errors:
Utilities 153
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
An incorrect hexadecimal value was specified for start address or

amount.
The amount value exceeds the total installed memory. Use the setup
or reference diskette that came with the computer to determine the
total amount of installed memory.
NOTE: You must avoid memory address conflicts. A conflict occurs if an adapter
board uses 16- or 24-bit DMA or Bus-Master DMA.

To resolve this conflict, upgrade to 32-bit bus adapters or use drivers that are
modified and certified to compensate for memory-addressing limitations. Or use
the machines configuration program to move system memory around the adapter
if the program allows.
In some cases, the ISA (16-bit) host adapter driver must be loaded in
memory below 16 MB. To do so, add the following to the startup.ncf file:
LOAD disk_driver
REGISTER MEMORY amount of memory to add
For more information, consult the driver documentation.

Determining the Amount of Memory
The following table lists common start address and amount values for standard
computers.
In the table, total memory = start address + amount of memory to add.
Total Memory
Start Address
Amount of Memory to Add
20 MB
16 MB = 1000000h
4 MB = 400000h
24 MB
16 MB = 1000000h
8 MB = 800000h
28 MB
16 MB = 1000000h
12 MB = C00000h
32 MB
16 MB = 1000000h
16 MB = 1000000h
36 MB
16 MB = 1000000h
20 MB = 1400000h
40 MB
16 MB = 1000000h
24 MB = 1800000h
64 MB
16 MB = 1000000h
48 MB = 3000000h
112 MB
16 MB = 1000000h
96 MB = 6000000h
128 MB
16 MB = 1000000h
112 MB = 7000000h
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Total Memory
Start Address
Amount of Memory to Add
256 MB
16 MB = 1000000h
240 MB = F000000h
400 MB
16 MB = 1000000h
384 MB = 18000000h
1 GB (1000 MB)
16 MB = 1000000h
984 MB = 3D800000h
3 GB (3000 MB)
16 MB = 1000000h
2984 MB = BA800000h
3 GB (3000 MB)
64 MB = 4000000h
2936 MB = B7800000h
REGISTER MEMORY requires that the amount of memory to be registered

is stated in hexadecimal format. If you are adding an amount of memory that
is not in the preceding table, then you need to calculate the amount.
Calculating the Amount of Memory
The following figure illustrates how to calculate the amount of memory you
are adding:
1
MB memory
to add
Number of
bytes in
decimal
Number of
bytes in
hexadecimal
1. Start with the amount of memory you are adding stated in decimal MB.
Obtain this number from the documentation that came with the memory
you are adding.
2. Convert the memory value from MB to bytes.
NOTE: A megabyte of memory is more than a million bytes. One megabyte equals
1,048,576 bytes in decimal.
3. Convert the number of bytes from decimal to hexadecimal notation.

To do this calculation, you can either use a calculator that converts
decimal numbers to hexadecimal, or you can convert manually.
For example, 1 megabyte = 1,048,576d, which is the same as 100000h.
So 1,048,576 bytes in decimal equals 100000 in hexadecimal.
To convert manually, consult a specialized manual.
Utilities 155
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Examples
To add 4 MB of memory above 16 MB, type
REGISTER MEMORY 1000000 400000
To add 24 MB of memory above 16 MB, type

REGISTER MEMORY 1000000 1800000
Topic
See
Editing the startup.ncf file
Displaying the total amount

of memory the server is
addressing
MEMORY on page 98
REINITIALIZE SYSTEM
Purpose
Use at the server console to enable configuration changes made since the
commands in the NETINFO.CFG file were executed.
Syntax
REINITIALIZE SYSTEM
Using REINITIALIZE SYSTEM

REINITIALIZE SYSTEM compares the current NETINFO.CFG file
with the previous one, which became effective the last time you ran the
INITIALIZE SYSTEM or REINITIALIZE SYSTEM command. If
REINITIALIZE SYSTEM finds any new commands in the current
NETINFO.CFG file, it executes them.
REINITIALIZE SYSTEM also informs any Simple Network
Management Protocol (SNMP)-registered NLMTM file that it is
executing. This is a call-back mechanism that enables NLM files that
store configuration information outside the NETINFO.CFG file to know
that changes to the configuration have taken place.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Limitations of REINITIALIZE SYSTEM

REINITIALIZE SYSTEM unloads any NLM affected by a configuration
change. If REINITIALIZE SYSTEM cannot unload the NLM because of
interdependencies with other modules, the configuration change will not
take effect. Additionally, not all NLM files register with SNMP for
notification of REINITIALIZE SYSTEM.
When you create a new configuration or delete an existing configuration,
REINITIALIZE SYSTEM recognizes the change. However,
REINITIALIZE SYTEM may not recognize changes to an already
configured NLM that involve more than loading, unloading, binding, or
unbinding protocol stacks.
IMPORTANT: If you are changing an existing configuration, the most effective
way to ensure the changes are recognized is to bring down the server.
Alternatively, if you know which NLM files have been changed by your
modifications, you can unload them, then execute REINITIALIZE SYSTEM.
Topic
See
netinfo.cfg file
INETCFG on page 69
INITIALIZE SYSTEM
INITIALIZE SYSTEM on page 72
REMIRROR PARTITION
Purpose
Use at the server console to start the remirroring of a logical partition.
Because the server remirrors partitions automatically, you should use
REMIRROR PARTITION only if you have stopped remirroring by using the
ABORT REMIRROR command or something has caused your server to cease
remirroring.
Syntax
REMIRROR PARTITION logical_partition_number
Utilities 157
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
number
Specify the number of the logical partition you want to start

remirroring.
Example
To start remirroring for logical partition 4, type
REMIRROR PARTITION 4
Topic
See
Stopping remirroring
ABORT REMIRROR on page 11
Mirroring and unmirroring

partitions
REMOVE NETWORK ADAPTER

Purpose
Use at the server console to unload one LAN driver when the LAN driver has
been loaded multiple times to support multiple boards.
Syntax
REMOVE NETWORK ADAPTER filename, [board_instance]
Parameter
Use to
filename
Specify the LAN driver name, such as ne2000.lan
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
board_instance
Specify the instance number of the board if there is more

than one board of the same type in the server.
Find the instance number in MONITOR by selecting
LAN/WAN Drivers and highlighting the driver name. The
information window at the top of the screen displays
information about the driver, including Board Instance
Number.
Using REMOVE NETWORK ADAPTER

If there is only one instance of the network board in the server, you do not need
to use REMOVE NETWORK ADAPTER. You can simply unload the LAN
driver using the UNLOAD command or the NWCONFIG utility. Unloading
the LAN driver releases the memory resources used by the board and driver.
Example
REMOVE NETWORK ADAPTER NE2000, 2
REMOVE NETWORK INTERFACE

Purpose
Use at the server console to unload one frame type when there are multiple
frame types loaded with one LAN driver. Each instance of one frame type
loaded with one LAN driver is called a logical board.
When you use REMOVE NETWORK INTERFACE to unload a frame type,
the associated LAN driver with its other frame types remains loaded and
active.
Syntax
REMOVE NETWORK INTERFACE board_number | board_name
Utilities 159
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
board_number
Specify the logical board number. Find the logical board

number in MONITOR by selecting LAN/WAN Drivers
and highlighting the driver name. The information
window at the top of the screen displays information
about the driver, including Logical Board Number.
board_name
Specify the logical board name. A name can be

assigned to a logical board when the board is loaded
using the LOAD command. If no name was assigned to
the board, use the logical board number.
REMOVE STORAGE ADAPTER

Purpose
Use at the server console to remove one instance of a storage driver.
Syntax
REMOVE STORAGE ADAPTER An
Parameter
Use to
An
Specify the driver instance you want to remove.

Find the number by entering the LIST STORAGE
ADAPTERS command at the console. The An number is
enclosed in square brackets to the left of the storage
adapter name. For example:
[V312-A0] ADAPTEC PCI Host Adapter Module
To unload the instance of the driver in the example, you
would enter the following:
REMOVE STORAGE ADAPTER A0
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Using REMOVE STORAGE ADAPTER

If only one instance of the driver is currently loaded, the entire driver is
unloaded.
If multiple instances of the driver are loaded, only the selected instance is
unloaded.
REPLACE
Purpose
Use at the server console to unload and reload a specific module in one step.
Entering this command unloads the module and reloads it using the current
search path order.
To view the ordering of current search paths on the server, enter SEARCH at
the server console.
Syntax
REPLACE MODULE_name
For example, if you have a new MONITOR NLM program that you have
copied to SYS:\SYSTEM, rather than entering
UNLOAD MONITOR
LOAD MONITOR
you only need to enter
REPLACE MONITOR
Utilities 161
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
REPLAY
Purpose
Use at the server console, to execute a list of commands that were recorded in
and saved in a session using the RECORD command.
Syntax
REPLAY [session_name]
For example, if the session was named MYLIST1, enter
REPLAY MYLIST1
For information, see RECORD on page 151.
RESET ENVIRONMENT
Purpose
Use at the server console to reset server parameters that have been modified
to their default values. You can reset all modified parameters or you can
confirm only those resets that you want.
Syntax
RESET ENVIRONMENT
Using RESET ENVIRONMENT

RESET ENVIRONMENT lists the first server parameter with the option of
resetting the current value to the default value or of retaining the modified
value. You can also reset all parameters that have modified settings to their
default values, or else quit the utility.
The following example illustrates part of the command display:
Reset variable TIMESYNC Hardware Clock
(Y)es, (N)o, (A)ll, (Q)uit ?
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Topic
See
List server parameters with current

settings
DISPLAY ENVIRONMENT on page

41
List server parameters with modified

settings
DISPLAY MODIFIED
ENVIRONMENT on page 44
Print server parameters with current

settings to a file.
MONITOR on page 103

Server Parameters
RESET NETWORK ADAPTER

Purpose
Use at the server console to reset a network adapter manually.
WARNING: Resetting a network adapter stops whatever work the adapter is doing
and resets it to a clean state.
Syntax
RESET NETWORK ADAPTER filename, [board_instance]
Parameter
Use to
filename
Specify the LAN driver name, such as ne2000.lan
board_instance
Specify the instance number of the board if there is more

than one board of the same type in the server.
Find the instance number in MONITOR by selecting
LAN/WAN Drivers and highlighting the driver name. The
information window at the top of the screen displays
information about the driver, including Board Instance
Number.
Utilities 163
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Using RESET NETWORK ADAPTER

You might want to reset an adapter manually if you suspect a problem with the
hardware. Resetting the adapter also resets the logical boards associated with
the adapter.
Network adapters reset themselves automatically if something goes wrong.
About one reset a day is normal. A great number of resets, such as one reset a
minute, usually indicates a hardware problem.
Resets are included in the LAN statistics displayed in MONITOR. Select
LAN/WAN Drivers and highlight a driver name. Press Tab to expand the
information window at the top of the screen. Look for Adapter Resets in the
Generic Counters section of the screen.
Example
RESET NETWORK ADAPTER NE2000, 2
RESET NETWORK INTERFACE

Purpose
Use at the server console to restart a logical board that has been shut down
using the SHUTDOWN NETWORK INTERFACE command. See
SHUTDOWN NETWORK INTERFACE on page 250. (A logical board is
an instance of one frame type associated with one LAN driver.)
RESET NETWORK INTERFACE restarts the logical board without requiring
you to reload and bind the LAN driver.
NOTE: Resetting the logical board does not reset the adapter.
Syntax
RESET NETWORK INTERFACE board_number | board_name
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
board_number

board_name

RESET ROUTER
Purpose
Use at the server console to reset the router table in the server if the table
becomes inaccurate or corrupted.
Syntax
RESET ROUTER
Using RESET ROUTER

If several servers or bridges go down, packets sent to or through their
routers are lost. Use RESET ROUTER to update router tables on active
servers.
Normally, the router updates its tables every minute. This command
updates the router table immediately.
Utilities 165
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
RESTART SERVER
Purpose
Use at the server console to bring down the server and then to restart it
immediately after.
Syntax
RESTART SERVER [-parameter]
Parameter
Use to
(no parameter)
Restart the server and invoke all .ncf files.
-ns
Restart the server without invoking the

startup.ncf file.
For example, type:
RESTART SERVER -ns
-na
Restart the server without invoking the

AUTEXEC.NCF file.
Using RESTART SERVER

RESTART SERVER is useful when troubleshooting requires that you bring
down the server frequently. (If you need to bring the server down to reboot it
with new parameters, use DOWN on page 49.)
Topic
See
Restarting the server from

DOS
SERVER on page 184
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
RIGHTS
Purpose
View or modify user or group rights for files
View or modify user or group rights for directories and volumes
Syntax
RIGHTS path [[ + | - ] rights] [/option...] [/? | /VER]
Parameter
Use to
path
Specify the path to the file, directory, or volume

you want to modify or view rights to (you must
always specify a path).
+|-
Add or delete the specified rights. See Using

RIGHTS on page 169.
rights
Specify one or more file or directory rights. See

File and Directory Rights on page 168.
/option

RIGHTS Options on page 167.
/?

/VER

Option
Use to
/C
/F
View the Inherited Rights Filter (IRF).
RIGHTS Options
Utilities 167
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Option
Use to
/I
View the trustee and group rights that created

the inherited rights, and view where the
inherited rights came from.
/NAME=username
View or modify rights for the user or group

listed. Replace username with the name of the
user or group whose rights you want to view or
modify.
/S
View or modify subdirectories below the

current level.
/T
View trustee assignments in a directory.
File and Directory Rights
The following table lists the rights, the letter to use for each right, and what
the right is used for.
Right
Use to
S (Supervisor)
Grant all rights to the file or directory.
R (Read)
Open and read files in the directory.
W (Write)
Open and write to files in the directory.
C (Create)
Create files and subdirectories.
E (Erase)
Erase files and directories.
M (Modify)
Rename files and directories, and change file

attributes.
F (File Scan)
View and search on file and directory names in

the file system structure.
A (Access Control)
Add and remove trustees and change trustee

rights to files and directories.
N (No Rights)
Remove all rights.
REM (Remove)
Remove the user or group as a trustee of the

specified file or directory.
ALL
Add All rights except Supervisor.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Using RIGHTS
If you use + (plus) to add rights, the rights you list are added to the
existing rights.
If you use - (minus) to remove rights, the rights you list are deleted from
the existing rights.
If you add and delete rights in the same command, group all added rights
together and all deleted rights together.
If you list rights without using + or -, the rights you list replace the
existing rights.
You must always specify a path. You can use a period (.) to represent your
current directory.
You can use wildcard characters.
Examples
To set the trustee rights in the current directory for user JANICE to Read,
Write, and File Scan, type
RIGHTS . R W F /NAME=JANICE
To remove user ERNESTO from ALICE/SYS:USERS, type

RIGHTS ALICE/SYS:USERS REM /NAME=ERNESTO
To see where user PATRICKs inherited rights came from for

SYS:USERS/HOME, type
RIGHTS SYS:USERS/HOME /NAME=PATRICK /I
ROUTE
Purpose
Use at the server console on a token ring cabling system to pass frames
(packets) from NetWare through IBM*-compatible source route bridges.
ROUTE enables the operating system to
Keep track of the source routing information in the frames
Configure the source routing information in the frames according to the
parameters with which ROUTE is loaded
NOTE: You must load the token ring LAN driver before you load ROUTE.
Utilities 169
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
ROUTE and most ROUTE parameters can also be configured using the
INETCFG utility. See Configuring Source Route End Station Parameters
with INETCFG on page 174.
Syntax
[LOAD] [path]ROUTE [BOARD=number] [NAME=board_name]
[DEF|GBR|MBR] [TIME=number] [RSP=AR|NR] [CLEAR] |
[REMOVE=number] [XTX=number] [UNLOAD [BOARD=number]]
Parameter
Use to
path
Specify the path to ROUTE.NLM if you moved it

BOARD=number
Specify the board you want to change parameters

on or load ROUTE for. Replace number with the
board number.
If you dont specify a board number, the default is
board number 1, or the board name specified in
the NAME parameter.
The system numbers the boards, using 1 for the
first driver loaded. (Check the order in the
autoexec.ncf file.)
NAME=board_name
Specify the board name.
DEF (Default)
Specify that all Unknown Unicast frames are to be

sent as All Routes Broadcast frames.
If DEF is specified, all frames with addresses not
in the servers Source Routing table are forwarded
as All Routes Broadcast frames.
If DEF is not specified, all frames with addresses
not in the servers Source Routing table are
forwarded as Single Route Broadcast frames.
If ROUTE is already loaded with the DEF
parameter, reloading ROUTE with DEF sends all
Unknown Unicast frames as All Routes Broadcast
frames.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
GBR (General Broadcast

frames)
Specify that all General Broadcast frames are to

be sent as All Routes Broadcast frames.
If this parameter is not specified when ROUTE is
loaded, all General Broadcast frames are
broadcast as Single Route Broadcast frames.
If ROUTE is already loaded with the GBR
parameter, reloading ROUTE with GBR
broadcasts all General Broadcast frames as All
Routes Broadcast frames.
MBR (Multicast
Broadcast frames)
Specify that all Multicast frames are to be sent as

All Routes Broadcast frames.
If the parameter is not specified when ROUTE is
loaded, all Multicast frames are broadcast as
Single Route Broadcast frames.
If ROUTE is already loaded with the MBR
parameter, reloading ROUTE with MBR
broadcasts all Multicast frames as All Routes
Broadcast frames.
TIME=number
Specify how often the Source Routing table

should be updated.
Replace number with a value from 3 to 255
seconds. The default is 10 seconds.
This parameter forces the table to be updated with
a new route if the route isnt used during the
specified time.
It enables ROUTE to determine alternate routes
dynamically when an IBM bridge goes down.
Utilities 171
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
RSP=value (Respond)
Specify how the server should respond to a

broadcast request.
Replace value with one of the following:
NR: Specifies that all Broadcast Requests are to
be responded to directly; a Broadcast Response
isnt required.
AR (the default): Specifies that all Broadcast
Requests are to be responded to with an All
Routes Broadcast frame.
CLEAR
Clear the Source Routing table. Use when an IBM

bridge has gone down and an alternate route is
available.
CLEAR forces a dynamic rebuilding of the table by
sending a default frame to each specific node in
the network.
Use CLEAR to completely clear the Source
Routing table, or use REMOVE to clear only one
node address from the Source Routing table.
REMOVE=number
Remove a specified node address from the

servers Source Routing table.
Replace number with a 12-digit (6-byte)
hexadecimal number.
If you enter fewer than nine digits, ROUTE
prefixes the address with 4000 in hexadecimal.
For example, REMOVE=2 becomes
REMOVE=400000000002.
Use REMOVE when a bridge has gone down.
When you remove the node from the Source
Routing table, you force the server to determine
an alternate route.
XTX=number
Specify the number of times to transmit on a

timed-out route, using the old route.
Replace number with a value between 00 and 255
seconds. The default is 02 times.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
UNLOAD
[BOARD=number]
Use to remove source routing support for a

specified board.
If you dont specify a board number, the default is
1.
Example:
LOAD ROUTE UNLOAD BOARD=2
Note: This parameter does not unload
ROUTE.NLM, but disables source routing only for
the board that you specify.
Using ROUTE
No parameters are required. However, you can load ROUTE a second
time with a specified parameter to change the configuration.
Most of the parameters have default values that should work with simple
configurations for IBM bridges.
If you have parallel IBM bridges, you can change some of the parameters
to reduce traffic on some of the paths.
As frames pass through an IBM bridge, source routing information is
added to the frame header at the Media Access Control (MAC) layer. The
operating systems bridging is done above this layer.
ROUTE can be loaded reentrantly.
If you have two token ring boards in the server, load ROUTE twice.
The second time you load it, use the BOARD or NAME parameter to
specify a particular board.
To change the configuration, load ROUTE with the parameter that
needs to be changed.
Utilities 173
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Configuring Source Route End Station Parameters with INETCFG

You can use INETCFG to load ROUTE and configure many source route end
station parameters.
To use INETCFG, follow these steps.
1 Load INETCFG.
2 Select Internetwork Configuration > Boards to load a token-ring board.
3 Return to the Internetwork Configuration menu and use the Protocols
option to enable Source Route End Station.

4 Return to the Internetwork Configuration menu and select Bindings.
A list of bindings appears.

5 Select an existing binding or press Insert to add a new binding.
A list of enabled protocols appears.

6 Select Source Route End Station.
A list of boards is displayed.

7 Select the token ring board you configured with the Boards option.
The Attach Source Route End Station to an Interface menu appears.

The Source Route End Station parameters are listed in the following
table.
Table 3
Source Route End Station Parameters
Parameter
Use to
Interface Name
(same as
NAME=board_name
command line parameter)
View the name of the interface to which the end station source router is
bound. This field is read-only.
Frame Type
View or modify the source route end station list of frame types.
Press Enter to see the list. Press Insert to select a frame type. Press Delete
to remove a frame type.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
Send Frames with Unknown

Address
(same as DEF [Default]
Specify the type of explorer frame the end station source router sends to
an unknown node address.
Options: Single Route Explorer Frame, All Routes Explorer Frame
Default: Single Route Explorer Frame
Send Broadcast Frames

(same as GBR command
line parameter)
Specify the type of explorer frame the end station source router sends to a
broadcast destination address.
Send Multicast Frames

(same as MBR command
line parameter)
Specify the type of explorer frame the end station source router sends to a
multicast, group, or functional address.
Respond to Broadcast
Request
(same as RSP command
line parameter)
Specify how the end station source router responds to a single route
explorer frame.
Options: Specifically Routed Frame, All Routes Explorer Frame
Default: All Routes Explorer Frame
Route Update Interval

(same as TIME=number
Specify the minimum delay in seconds before the end station source router
updates the route for a given node.
Range: 0 to 65,535 seconds (0=infinite)
Default: 10
NOTE: To remove source route bridge support for the specified board, disable the
binding.
Topic
See
INETCFG
INETCFG on page 69
Source routing and

broadcast frames
IBM Token-Ring Network Architecture

Reference
Utilities 175
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
SCAN ALL
Purpose
Use at the server console to scan all LUNs of all SCSI adapters in the server
or all LUNs associated with a designated SCSI adapter.
IMPORTANT: SCAN ALL forces a scan and takes an order of magnitude longer
to execute than SCAN FOR NEW DEVICES does. SCAN ALL should be used only
when you know that there is an undetected device on a LUN other than LUN0.
Syntax
SCAN ALL An
Parameter
Use to
(no parameter)
Scan all LUNs of all SCSI adapters in the server.
An
Specify the SCSI adapter you want to scan.

Find the An number by entering the LIST STORAGE
ADAPTERS command at the console. The An number is
enclosed in square brackets to the left of the storage
adapter name, for example:
[V312-A0] ADAPTEC PCI Host Adapter Module
To scan all LUNs associated with the adapter in the
example, you would enter:
SCAN ALL A0
Using SCAN ALL

Several utilities perform much the same operation, but they each differ in
some respects.
LIST STORAGE ADAPTERS displays a list of registered storage
adapters and the devices they drive. The information is read from the
Media Manager database.
LIST DEVICES forces a scan for devices , displays the return list of
storage devices, and registers any new devices with the Media Manager
database. This command does not simply read the database.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
SCAN FOR NEW DEVICES forces a scan on LUN0 of SCSI adapters

and registers new devices with the Media Manager so that they are
available to the operating system. This command scans only SCSI
devices.
Topic
See


Manager

Media Manager


CD-ROM device

Purpose
Use at the server console to force a scan on LUN0 of SCSI adapters and to
register new devices with the Media Manager so that they are available to the
operating system.
Syntax
Utilities 177
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Using SCAN FOR NEW DEVICES

Use this utility if you add new devices after you boot your server and the
devices do not then appear with the LIST DEVICES command.
If devices have been added, but the drivers arent loaded in startup.ncf,
use SCAN FOR NEW DEVICES after loading the drivers to register the
devices with the system.
After you boot the server, if NetWare detects new devices, SCAN FOR
NEW DEVICES registers the devices with the operating system. It does
not return a message to the screen.
This command scans only LUN0 of SCSI adapters. To scan all LUNs of
SCSI adapters, use SCAN ALL. However, SCAN ALL should be used
only when you know that there is an undetected device on a LUN other
than LUN0. SCAN ALL may take far more time for to execute than does
SCAN FOR NEW DEVICES. See SCAN ALL on page 176.
SCAN FOR NEW DEVICES does not produce any output.
If you remove a Hot Plug mirrored disk without bringing down the server,
you must execute SCAN FOR NEW DEVICES as soon as you remove
the disk. This lets the system know that the remaining disk in the mirrored
pair is no longer synchronized with a mirrored partner. If you unmirror the
disk before removing it, you do not need to run SCAN FOR NEW
DEVICES.
Topic
See


Manager

the Media Manager.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Topic
See


CD-ROM device
SCRSAVER
Purpose
Use to lock the server console and to activate a screen saver for the console
display.
NOTE: The screen saver and the console-locking features were formerly part of
MONITOR. Separating them from monitor.nlm allows the new utility to protect the
console by using the stronger security of eDirectory authentication.
Syntax
SCRSAVER [option][;option][;option] [...]
When SCRSAVER is loaded, you can use any of the following command
options as console commands.
Command options
Use to
(no parameters)
Default to SCRSAVER AUTO CLEAR DELAY=60;

DELAY=600; ENABLE; ENABLE AUTO CLEAR;
ENABLE LOCK.
ACTIVATE
Override the delay interval and activate the screen

saver immediately.
ACTIVATE also overrides both DISABLE and
ENABLE modes. This means that if you enter
ACTIVATE when the screen saver has been
disabled, the DISABLE mode is changed to ENABLE
so that the screen saver can appear.
Utilities 179
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
Command options
99a
38
July 17, 2001
Use to
AUTO CLEAR DELAY Set the number of seconds to wait before clearing the
unlock dialog box. The range is 1 to 300 and the
default is 60, or one minute.
DELAY
Set the number of seconds to wait before activating

the screen saver. The range is 1 to 7000 and the
default is 600, or 10 minutes.
DISABLE
Disable the screen saver, thereby preventing it from

activating and saving the console display.
DISABLE AUTO
CLEAR
Disable the automatic clearing of the unlock dialog

box. When this command is executed, the unlock
dialog box remains on the screen until it is cleared by
user input.
DISABLE LOCK
Disable the console lock. When the locking feature is

disabled, you can retrieve the console display without
a username or password simply by pressing any key.
ENABLE
Enable the screen saver. When enabled, the screen

saver displays after the keyboard has been inactive
for the number of seconds specified in the DELAY
command option.
ENABLE AUTO
CLEAR
Enable the automatic clearing of the unlock dialog

box after the number of seconds of keyboard
inactivity specified in the AUTO CLEAR DELAY
command option
ENABLE LOCK
Enable the console locking feature. When enabled,

the screen saver requires the username and
password before restoring the console display. The
user object must have appropriate rights
HELP
Display information about command options and

their use.
NO PASSWORD
Unlock the console without requiring a password in

the event that eDirectory becomes unavailable.
You must set this option when you load SCRSAVER.
Otherwise, the console cannot be unlocked when
eDirectory is unavailable.
STATUS
Display the current status of screen saver features

and command options.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Using SCRSAVER
When the screen saver is displayed, a snake-like figureone for each online
processorappears on the blank console screen. The snake for processor 0 is
red and the snake for processor 1, blue, etc. The snakes move randomly on the
screen, and as processor utilization increases, the snakes move faster and their
tails lengthen.
When scrsaver.nlm is loaded, the server console can be in one of three states.
Active. The console is activeyou can enter console commands and
monitor server activity.
Screen Saver. The console can be locked or unlocked.
If the console is not locked, the screen saver appears by default after 10
minutes of inactivity. To retrieve the console display, press any key.
If the console is locked, the screen saver appears by default after one
minute of inactivity. To retrieve the console display, the console must first
be unlocked.
Verifying. SCRSAVER verifies rights to the console through eDirectory
authentication.
To unlock the console, you must supply an eDirectory username and
password. SCRSAVER verifies that the user object has write rights to the
ACL attribute of this particular server.
The chance of eDirectoryTM becoming unavailable is very slim, but you can
load SCRSAVER with the NO PASSWORD option to ensure that you can (if
necessary) unlock the console without a password. (Of course, a password
would still be required when eDirectory was available.)
For example, you might decide to run DSREPAIR in manual mode. In such a
case, the eDirectory database would be locked until there was manual
intervention. If SCRSAVER were also active and locked the console on
schedule, you would have a deadlock situationunlocking the console would
be dependent on eDirectory authenticationand making eDirectory available
for authentication would be dependent on unlocking the console.
If you first load SCRSAVER with NO PASSWORD, you avoid having to
power off the machine or break into the debugger to exit NetWare. To ensure
that SCRSAVER is loaded when the server is started, you can use place
SCRSAVER in the autoexec.ncf file.
Utilities 181
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
SEARCH
Purpose
Tell the server where to look for loadable module files and .ncf files
Add other search paths or delete current search paths
View the current search paths for the operating system
Syntax
SEARCH [ADD [number] path]
or
SEARCH DEL [number]
Parameter
Use to
(no parameter)
View the current search paths.
number
Specify the number of the search drive you

want to add or remove.
path
Specify the complete path of the directory you

want searched. (The default is sys:system.)
Begin the path with a DOS drive letter or a
NetWare volume name.
Using SEARCH
To set search paths each time the server comes up, place the SEARCH
commands in the autoexec.ncf file.
If you execute SECURE CONSOLE, SEARCH is disabled to prevent
modules from being loaded from directories other than the boot directory.
The sys:system search path remains in effect, but you cannot create new
search paths.
Once you execute SECURE CONSOLE, you must bring down the server
and reboot it to create additional search paths.
NOTE: When the server comes up and volume SYS: is mounted, the search path
to the boot partition is deleted.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Example
To display the current server search paths, type
SEARCH
To add vol1:ncf (a network directory) as a search path, type

SEARCH ADD VOL1:NCF
Topic
See
Search drives
Network Search Drive Mappings
SECURE CONSOLE
Purpose
Use at the server console to increase network security by
Preventing loadable modules from being loaded from any directory other
than the boot directoriesSYS:SYSTEM or C:\NWSERVER
Preventing keyboard entry into the operating system debugger
Preventing the server date and time from being changed
Syntax
SECURE CONSOLE
Using SECURE CONSOLE

When you execute SECURE CONSOLE, path specifiers are disabled.
The sys:system search path remains in effect, but you cannot create new
search paths.
Use of SECURE CONSOLE is recommended, especially in securitysensitive environments. SECURE CONSOLE prevents the following
types of breaches in security:
Utilities 183
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Trojan Horse modules. If you dont use SECURE CONSOLE, a

module can be loaded from a DOS partition, a diskette drive, or any
directory on a NetWare volume.
If you allow modules to be loaded from all these drives, anyone who
has access to the server console can load a loadable module. An
intruder could create a module to access or alter any information on
the server, or to change user account information at the server
security level.
Date and Time Modifications. Some security and accounting
features (such as password expiration, time restrictions, intruder
detection, and lockout intervals) depend on date and time for their
enforcement.
If you dont use SECURE CONSOLE, an intruder can change the
date and time at the server and bypass these time-dependent features.
To disable SECURE CONSOLE, use DOWN to bring down the server in
an orderly way, and then reboot the server.
Topic
See
Server console
The Server Console
Screen saver and console

lock
SCRSAVER on page 179
SERVER
Purpose
Use at the server console from the DOS prompt to
Boot the NetWare operating system on your server
Automatically load bound-in modules
Execute the startup.ncf file
Mount volume SYS:
Execute the AUTOEXEC.NCF file
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Syntax
SERVER [parameter]
Parameter
Use to
-s [path]filename.NCF
Specify an alternative to STARTUP.NCF.

Replace filename with the name of the
alternate file. (The file extension must be .NCF)
The system looks for the file in the current boot
directory, unless you specify a path.
-na
Prevent the autoexec.ncf file that you created

in INSTALL from executing.
This parameter is useful if you are changing
drivers or other commands in your
AUTOEXEC.NCF file.
-ns
Prevent the STARTUP.NCF and

AUTOEXEC.NCF files created in INSTALL
from executing.
This parameter is useful for changing the boot
process.
-nl
Prevent the logo (server splash graphic) from

displaying while server components are
loading in the background.
Using SERVER
SERVER is an executable file containing bound-in modules. SERVER
uses DOS as a cold boot loader to boot the NetWare operating system.
From then on, NetWare is in control and loads modules.
If neither of the .ncf files exists, SERVER prompts you for a server name
and an IPXTM internal network number; SERVER then brings up the
console prompt (:).
IMPORTANT: The internal net number is used as a server ID in IP networks as
well as IPX networks. Do not delete it from .ncf files.
To automatically bring up the server when you boot up the machine, you
can place the SERVER command in the autoexec.bat file in your boot
partition.
Utilities 185
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
SERVER executes startup.ncf and autoexec.ncf, if they exist.

To prevent the Novell logo (server splash screen) from displaying, you
can load SERVER with the -nl (no logo) command option. Otherwise the
graphics screen displays for about 10 seconds while server components
are loading in the background.
HINT: To substitute a different image for the current logo screen, place a file called
NWLOGO.BMP (for machines using a 256-color palette) or NWLOGO16.BMP (for
machines using a 16-color palette) in the same directory as server.exe (must be in
.BMP format).
BIOS limitations on the size and resolutions of the image are 640x480 pixels. The
server will display the 256-color version, if possible; otherwise, the server will use
the 16-color image. If neither is found in the directory, the default logo screen is
displayed.
Topic
See
Restarting server execution

from the console prompt
RESTART SERVER on page 166
Bringing the server down
Editing .ncf files
SET
Purpose
Use at the server console to view and configure operating system parameters.
HINT: You can also modify server parameter values from MONITORs Available
Options, and then Server Parameters or using NetWare Remote Managers, Set
Parameters link.
The default SET parameter values give maximum performance for most
systems. Server parameter values should seldom need to be modified.
Syntax
SET [parameter] = [value]
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter categories:
Common File System Parameters (page 189)

Communications Parameters (page 192)
Directory Services Parameters (page 196)
Disk Parameters (page 201)
Error Handling Parameters (page 203)
Licensing Services Parameters (page 207)
Memory Parameters (page 207)
Miscellaneous Parameters (page 210)
Multiprocessor Parameters (page 218)
NCP Parameters (page 219)
Novell Storage Service Parameters (page 223)
Service Location Protocol Parameters (page 223)
Time Parameters (page 226)
Traditional File Parameters (page 232)
Using SET
Although most default values of the server parameters dont need to be
modified, you might increase the performance of your system by adjusting the
values of certain parameters. Suggestions for improving server performance
can be found in Optimizing the NetWare Server and Setting Server Parameter
Values in the Server Operating System Administration Guide.
Server parameter settings are persistent in NetWare. If the server goes down,
any settings that you have made to tune your server for performance will not
be lost.
Displaying and Changing Current Settings
If you type SET without a parameter, a list of numbered categories

appears. When you select a category, the current settings for the server
parameters in that category appear, along with a brief description of each
parameter, the range of valid values, and the default value.
If you type SET with a parameter but no value, the current setting, range
of valid values, and a brief description of the parameter are displayed.
If you type SET with a parameter and a value, the operating system is
reconfigured according to the specified value.
You can also use the MONITOR utility to modify server parameter values. See
MONITOR on page 103.
Utilities 187
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Entering Parameters
You can modify the values of most SET parameters at the console prompt.
The system is immediately configured to that setting. Any setting in the
AUTOEXEC.NCF file is overridden.
You can enter SET commands that you execute at the console prompt in
the AUTOEXEC.NCF file. When a parameter value is set in this file, the
server configures itself to that setting each time the server is booted
unless the value is modified.
Some commands can be also saved in the STARTUP.NCF file. Use
NWCONFIG to edit both the AUTOEXEC.NCF and the STARTUP.NCF
file.
Parameters that Control the Allocation of Services
Some SET parameters control how the system dynamically allocates services.
Three types of parameters interact to control the allocation of a service:
Maximum limits control the amount of server resources the operating
system can allocate for a particular service.
Minimum limits allow the operating system to allocate a minimum
amount of resources as soon as a request is received.
Low minimum limits slow the growth of a particular service. High
minimum limits allow rapid growth.
For example, if the minimum number of directory cache buffers is set to
20, the system allocates another buffer resource as soon as a request is
madeuntil 20 cache buffers have been allocated.
When 20 directory cache buffers are allocated, the system waits 2.2
seconds (default) when a request comes in, and then allocates another
buffer if the request is still active.
However, if the minimum number of directory cache buffers is set to 40,
the system allocates 40 directory cache buffers before it starts slowing the
growth by waiting 2.2 seconds after each request.
Wait time limits control how rapidly the operating system can allocate a
new resource.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Common File System Parameters

Common File System Parameters contain parameters that apply to both the
NSS file system and the traditional file system. For a description of file system
parameters, see the following table.
Table 4
Common File System Parameters
Parameter
Use to
Maximum Transactions = number
Specify how many transactions can occur at the same time.

Supported values: 100 to 10000
Default: 10000
Maximum Concurrent Directory

Cache Writes = number
Specify how many write requests from directory cache buffers are
put in the elevator before the disk head begins a sweep across
the disk.
Default: 75
A high number creates more efficient write requests. A low
number creates more efficient read requests.
Minimum File Delete Wait Time = time Specify how long a deleted file remains salvageable on the
volume.
Supported values: 0 seconds to 7 days
Default: 1 minute 5.9 seconds
Files deleted for less than this minimum arent automatically
purged even if the volume is full and users cant create new files.
Immediate Purge of Deleted Files =
value
Supported values: ON, OFF

Default: OFF
If this parameter is set to ON, all files are purged immediately
when they are deleted.

= number
Specify the hour when you want the file compressor to stop
scanning enabled volumes for files that need to be compressed.
Default: 6
Hours are specified by a 24-hour clock: 0 = midnight; 23 = 11 p.m.
This parameter can be set in the STARTUP.NCF file.
Utilities 189
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
Compression Daily Check Starting

Hour = number
Specify the hour when you want the file compressor to start
Default: 0
Note: If the Compression Daily Check Stop Hour parameter is the
same as the Compression Daily Check Starting Hour, then the file
compressor starts checking every day at the Compression Daily
Starting Hour time and runs as long as necessary to finish all files
that meet the compressible criteria.
Minimum Compression Percentage

Gain = number
Set the minimum percentage a file must compress to remain in a

compressed state.
Default: 20
Enable File Compression = value
Specify whether file compression is suspended.

Default: ON
ON allows file compression on compression-enabled volumes.
OFF suspends compression; immediate compress requests are
queued until value is reset to ON, when the files meeting criteria
will be compressed.
This parameter can be set in the STARTUP.NCF.
Maximum Concurrent Compressions

= number
Specify the maximum concurrent or simultaneous compressions

allowed.
Default: 2
Concurrent compressions can occur only if there are multiple
volumes.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
Convert Compressed to
Uncompressed Option = value
Specify what the file system does with an decompressed version

of a file after the server has decompressed it.
Supported values:
0 = Always leave the file compressed.
1 = Leave the file compressed until second access if it is read only
once during the time specified by the Days Untouched Before
Compression parameter.
2 = Always leave the file decompressed.
Default: 1
Decompress Percent Disk Space

Free to Allow Commit = number
Specify the percentage of free disk space required on a volume

for file decompression to permanently change compressed files
to decompressed.
Default: 10
This parameter prevents newly decompressed files from filling up
the volume.
Decompress Free Space Warning

Interval = number
Specify the time between alerts when the file system is not
changing compressed files to decompressed because of
insufficient disk space. Setting the interval to 0 turns off the alert.
Supported values: 0 seconds to 29 days 15 hours 50 minutes
3.8 seconds
Default: 30 minutes 57.2 seconds
Deleted Files Compression Option =

number
Specify whether and when deleted files are compressed.

Supported values:
0 = Dont Compress deleted files
1 = Compress deleted files the next day
2 = Compress deleted files immediately
Default: 1
Utilities 191
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
Days Untouched Before

Compression = number
Specify the number of days the system waits after a file was last
accessed before it is compressed.
Default: 14
Communications Parameters
Communication parameters control settings for communication buffers. Four
parameters configure packet receive buffers; four control the watchdog.
Packet Receive Buffers are areas in the servers memory that are set aside
to hold data packets. The packets remain in the buffers while the server
processes them.
You can monitor the current number of allocated packet receive buffers
in MONITORs General Information screen.
Watchdog Packets are used to make sure stations are connected. If the
server doesnt receive a packet from a station within a set time (Delay
Before First Watchdog Packet), a watchdog packet is sent to the station.
If the station doesnt respond within a configurable amount of time
(Delay Between Watchdog Packets), another packet is sent.
If the station doesnt respond to a set number of packets, the server
assumes that the station is no longer connected and clears the stations
connection.
For a description of communications parameters, see Table 5 on page 193.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
Table 5
99a
38
July 17, 2001
Communications Parameters
Parameter
Use to
Maximum Packet Receive Buffers =

number
Specify the maximum number of packet receive buffers the

operating system can allocate.
Default: 5000
Before increasing this parameter, use MONITOR to view the
servers use of packet receive buffers and service processes.
If the number of packet receive buffers is at maximum, increase
this parameter in increments of 10 until you have one packet
receive buffer per workstation.
If you have EISA or microchannel bus master boards in your
server, increase this parameter to provide at least five buffers per
board.
If the board is producing No ECB available count errors, provide
10 buffers per board. Use MONITOR (LAN/WAN Drivers) to
determine if the board is producing errors.
If the number of allocated service processes is at maximum, you
can increase the Maximum Service Processes parameter to
decrease the need for more packet receive buffers.
The value of this parameter should be greater than the value of
the Minimum Packet Receive Buffers parameter. If it is less, the
system increases the value to match that of the Minimum Packet
Receive Buffers parameter.
This parameter can be set in the appropriate startup file.
Utilities 193
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
Minimum Packet Receive Buffers =

number
Specify the minimum number of packet receive buffers the

operating system can allocate. The operating system allocates
this number of buffers as soon as the server boots. You must add
this command to the startup.ncf file. You cannot change the
setting at the console prompt.
Default: 500
Before increasing this parameter, use NetWare Remote Manager
or MONITOR to view the servers use of packet receive buffers.
If you have EISA or microchannel bus master boards in your
server and are receiving No ECB available count errors (see LAN/
WAN Drivers in MONITOR on page 103) right after the server
boots, increase this parameter so that each board can have at
least five packet receive buffers.
If the allocated number is higher than 10 and the server doesnt
respond immediately after booting, increase this parameter.
The value of this parameter must be less than the value of the
Maximum Packet Receive Buffers parameter. If it is greater, the
system increases the value of the Maximum Packet Receive
Buffers parameter to match that of the Minimum Packet Receive
Buffers parameter.
Maximum Physical Receive Packet

Size = number
Specify the maximum size of packets that can be transmitted on

the network. You must add this command to the STARTUP.NCF
file. You cannot change the setting at the console prompt or using
any other utilties.
Default: 4202
The default allows 2 KB (data with the packet header). If you use
token ring or Ethernet boards, the default is acceptable.
If some of your network boards transmit more than 512 bytes of
data per packet, set this parameter for the largest packet size.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
IPX NetBIOS Replication Option =

number
Specify how the IPXTM router handles replicated NetBIOS

broadcasts.
Supported values:
0 = Do not replicate NetBIOS broadcasts
1 = Duplicate broadcasts when there are redundant routes
2 = Suppress duplicate broadcasts
Default: 2
Maximum Interrupt Events = number
Specify the maximum number of interrupt time events (such as

IPX routing) allowed before a thread switch is guaranteed to have
occurred.
Default: 10
Reply to Get Nearest Server = value
Specify whether the server responds to Get Nearest Server

requests from stations trying to locate directory and file servers.
This parameter can be set in the startup.ncf file.
Default: ON
Number of Watchdog Packets =

number
Specify the number of unanswered watchdog packets that the

server sends to a workstation before closing its connection.
Default: 10
Delay Between Watchdog Packets =

time
Specify the amount of time between watchdog packets.

Supported values: 9.9 seconds to 10 minutes 26.2 seconds
Default: 59.3 seconds
After a server sends out the first watchdog packet, it waits the
specified time before sending out succeeding packets if it
receives no reply.
Delay Before First Watchdog Packet

= time
Specify the amount of time the server waits without receiving a

request from a workstation before sending out the first watchdog
packet to that station.
Supported values: 15.7 seconds to 14 days
Utilities 195
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
New Packet Receive Buffer Wait

Time = time
Specify how long the operating system waits after receiving a

request for a packet receive buffer before granting a new buffer.
Supported values: 0.1 second to 20 seconds
Default: 0.1 second
This parameter prevents the system from granting too many
buffers during a sudden peak in usage.
If you have an EISA bus master board in your server, dont
change this parameter.
Console Display Watchdog Logouts =

value
Specify whether a console message is displayed when a

connection is cleared.
Default: OFF
If your network is running smoothly, you dont need to display
watchdog logouts.
If your workstations are having connection problems, the
watchdog logout messages can help you isolate which stations
arent receiving or sending watchdog packets.
Directory Services Parameters

Directory services parameters allow you to do the following:
Control the Novell eDirectoryTM trace file.
Set time intervals for maintenance processes that reclaim disk space,
remove external references, and check the consistency of backlinks.
Set eDirectory synchronization intervals and restrictions.
Specify the number of NCPTM retries before timeout.
Mark the status of other servers in the namebase as UP or DOWN.
Specify bindery services contexts.
Handle security issues.
For descriptions of directory services parameters, see Table 6 on page 197.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
Table 6
99a
38
July 17, 2001
Directory Services Parameters
Parameter
Use to
eDirectory Trace to Screen = value
Enable the eDirectory trace screen; this displays information

about eDirectory events on the monitor.
Default: OFF
eDirectory Trace to File = value
Send messages about eDirectory events to the eDirectory trace

file on volume SYS. The default file is SYSTEM:\DSTRACE.DBG.
Default: OFF
The file path and name can be changed with the eDirectory Trace
Filename parameter.
The file is circular; it grows to a maximum length of approximately
500 KB and then starts to overwrite itself at the beginning of the
file.
If this parameter is set to ON, the trace information is also scrolled
on the screen.
eDirectory Trace Filename =

path\name
Specify the path and name of the eDirectory trace file on volume
Sys.
Maximum length: 254
Default: SYSTEM:\DSTRACE.DBG
eDirectory External Reference Life

Span = number_in_hours
Specify the number of hours unused external references are

allowed to exist before being removed.
Supported values: 1 to 384 hours
Default: 192
External references are local IDs assigned to users when they
access other servers. When users no longer have access, the
external references should be removed.
Utilities 197
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
eDirectory Inactivity Synchronization

Interval = number_in_minutes
Specify the maximum elapsed time between exhaustive

synchronization checks. As soon as you change this value, the
system executes the synchronization check. Synchronization
checks then recur at the specified interval.
Supported values: 2 to 1440 minutes
Default: 30
If the system has replicas across a WAN link, this value should be
set as high as 240 minutes (4 hours) to reduce WAN traffic.
eDirectory Synchronization
Restrictions = value,
version_number_list
Specify which versions of eDirectory the server can synchronize

with.
Supported values: OFF, ON, list of version numbers
(Maximum length of version number list: 131 characters)
Default: OFF
To determine what version is currently loaded on a server, type
MODULES at the server prompt. The eDirectory version number
is displayed under the heading DS.NLM.
If this parameter is set to OFF, the server synchronizes with all
versions available.
If this parameter is set to ON, the server synchronizes only with
those versions specified as parameters to the ON value.
Example: ON,420,421
eDirectory Servers Status = value
Mark the status of all server objects in the local namebase as UP

or DOWN.
Supported values: UP, DOWN
Use this parameter to reset the status of all the servers if the
status of one server isnt accurately recognized by the system.
For example, if a server is up but the system recognizes it as
down, set this parameter to mark all servers as up.
Subsequently, the system would reassess the status of all servers
and change the status to down for those servers that were truly
down.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
eDirectory Janitor Interval =

number_in_minutes
Specify the interval in minutes at which the janitor process is

executed. The janitor process is executed as soon as you change
this value and then recurs at the specified interval.
Default: 60
The janitor process cleans up unused records, reclaims disk
space, and purges objects flagged for deletion.
eDirectory Backlink Interval =

number_in_minutes
Specify the interval in minutes at which backlink consistency

checking is performed. Backlink consistency checking is
executed as soon as you change this value. It then recurs at the
specified interval.
Default: 780
A backlink indicates that an object in a replica has an ID on a
server where the replica doesnt exist.
This process creates needed backlinks and deletes unnecessary
ones.
eDirectory Distributed Reference Link

Interval = number_in_minutes
Specify the interval in minutes at which distributed reference link

consistency checking is performed. Distributed reference link
consistency checking is executed as soon as you change this
value. It then recurs at the specified interval.
Default: 780
A distributed reference link indicates that an object in a partition
has an ID in that partition where the actual object doesnt exist.
This process creates needed distributed reference links and
deletes unnecessary ones.
eDirectory Trace File Length to Zero =

value
Delete the contents of the trace file. This parameter does not
delete the file itself. As soon as the file is cleared, the value of the
parameter resets to OFF.
Default: OFF
To use this parameter, you must also set the eDirectory trace to
file parameter to ON, because the trace file must be open for the
system to delete its contents.
Utilities 199
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
Check Equivalent to Me = value
Enforce checking of the Equivalent To Me attribute on eDirectory

authentication.
Default: OFF
If this parameter is set to ON, DSREPAIR must be used to
synchronize the Equivalence attribute and the Equivalent To Me
attribute.
Setting this parameter to ON might adversely affect
communication performance.
Bindery Context = context;context
Specify one or more containers to be used by eDirectory when it

provides bindery services.
Maximum: 2047 characters, 16 contexts
Multiple contexts are separated by semicolons. Whatever string it
specified is set. To make that string effective for all valid contexts
the container you specify in the context must be present on that
server.
Example:
SET BINDERY CONTEXT = OU=SALES_LA.OU=SALES.
O=NOVELL_US;OU=ACCOUNTING.O=NOVELL
This parameter can be set in the startup.ncf file.
eDirectory Bootstrap Address =

address
Allow eDirectory to operate properly in the absence of SLP. When

SLP is not available to advertise servers and partitions, the local
server uses this value to set the bootstrap address that the server
would use to find its tree and authenticate to it.
Format for IP Address: Use the standard IP format of four
decimal values delimited by periods.
Example: 123.45.67.89 <:524> or 137.65.62.144 (port number is
optional) This number is used for both TCP and UDP
connections.
Format for IPX Address: Use the standard IPX format of
hexadecimal digits representing Network, Node, and Socket.
Example: 12345678:23456789ABCD:0451 or
01010480:00001B1E983A:0451
Defaults apply to any field not present, where default is current
values.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Disk Parameters
Disk parameters control Hot FixTM redirection, as well as other aspects of disk
reads and writes.
For a description of disk parameters, see the following table.
Table 7
Disk Parameters
Parameter
Use to
Sequential Elevator Depth = number
Set the maximum elevator depth for sequential requests.

Media Manager sends the number of sequential requests up to
this value to the same device. When the device contains this
number of requests and another device in the mirror group is
empty, Media Manager begins sending requests to the idle
device.
Default: 8
You can set this parameter in the STARTUP.NCF file.
Enable IO Handicap Attribute = value Enable drivers and applications to inhibit read requests from one
or more devices.
Supported values: ON, OFF.
Default: OFF.
Setting this parameter to ON enables the inhibit attribute to
function. Setting this parameter to OFF prevents the attribute
from functioning.
Do not set this attribute to ON unless instructed to do so by a
device manufacturer.
Mirrored Devices Are Out of Sync
Message Frequency = time
Set the frequency (in minutes) for checking out-of-sync devices.

Default: 28 minutes
Utilities 201
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
Remirror Block Size = value
Set the remirror block size in 4 KB increments. (1=4 KB, 2=8 KB,
8=32 KB, etc.)
Default: 1
Concurrent Remirror Requests =

value
Set the number of remirror requests per mirror object.
Ignore Disk Geometry = value
Create nonstandard and unsupported partitions.
Default: 32

Default: OFF
If you set this parameter to ON before modifying or creating a
partition, the software ignores disk geometry when creating the
partition. This allows you to create nonstandard partitions.
Caution: Setting this parameter to ON may harm other file
systems contained on the disk.
Enable Hardware Write Back = value
Enable hardware write back, if supported.

Hardware write back means that I/O write requests may be
cached at the device and succeeded before data is committed to
the media. Hardware write back usually improves write
performance.
Default: OFF
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
Enable Disk Read After Write Verify =

value
Control whether information written to disk is read back and

compared with the original data.
Default: OFF
Setting this parameter to ON may decrease performance
significantly.
To set this value for currently loaded disks, use the Storage
Devices option of MONITOR on page 103.
Error Handling Parameters

Error handling parameters control the size of error logs and specify what
happens when logs exceed the specified size. They also control how the server
responds to an abend or to an NLMTM that does not unload from a protected
address space.
For descriptions of error handling parameters, see the following table.
Table 8
Error Handling Parameters
Parameter
Use to
Server Log File State = number
Control what happens when the SYS$LOG.ERR file is larger than

the size specified by the Server Log File Overflow Size
parameter.
Supported values:
0 = Leave SYS$LOG.ERR as is
1 = Delete SYS$LOG.ERR
2 = Rename SYS$LOG.ERR
Default: 1
Server Log File Overflow Size =

number
Specify the maximum size of the SYS$LOG.ERR file before the

action specified by the Server Log File State parameter occurs.
Default: 4194304
Utilities 203
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
Boot Error Log File State = number
Control what happens when the BOOT$LOG.ERR file is larger

than the size specified by the Boot Error Log Overflow Size
parameter.
Supported values:
0 = Leave BOOT$LOG.ERR as is
1 = Delete BOOT$LOG.ERR
2 = Rename BOOT$LOG.ERR
3 = Start a new log file whenever the server is restarted
Default: 3
Boot Error Log File Overflow Size =

number
Specify the maximum size to which the BOOT$LOG.ERR file can

grow before the action specified by the Boot Error Log File State
parameter occurs.
Default: 4194304
Boot Error Log = value
Specify which error messages from the console will be saved in

the BOOT$LOG.ERR file.
Default: ON
If you set this parameter to ON, all error messages displayed on
the console will be saved in BOOT$LOG.ERR.
If you set this parameter to OFF, only error messages displayed
during the boot procedure will be saved in BOOT$LOG.ERR.
Hung Unload Wait Delay = number
Specify the amount of time the server waits for an NLM to be

unloaded from a protected address space after the UNLOAD
ADDRESS SPACE command is executed. If the NLM is not
successfully unloaded within this interval, the server displays a
prompt to kill the address space.
Supported values: 0 seconds to 1 minute 58.3 seconds
Default: 30 seconds
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
Auto Restart Down Timeout = number
When the server tries to go down after an abend, it sets a timeout

just in case there is a problem going down. Specify the amount of
time (in seconds) that the server will wait before automatically
restarting.
Supported values: 0 to 600 seconds
Default: 180 seconds
Auto Restart After Abend Delay Time

= number
Specify the amount of time (in minutes) before the server is

brought down after an abend, if the Auto Restart After Abend
parameter is in effect.
Default: 2 minutes
Regardless of what time is set, the server sends a message every
two minutes to warn users that the server will be brought down.
Utilities 205
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
Auto Restart After Abend = value
Specify the systems automatic response to an abend.

Supported values:
0 = The system does not respond to the abend.
1 = After an abend, the system determines the source of the
abend. Based on findings, the system either keeps the computer
running or shuts down the computer and attempts to restart it.
2 = After an abend, the system attempts to recover from the
problem and restart the computer after the time specified by the
Auto Restart After Abend Delay Time parameter.
3 = After an abend, the system immediately restarts the computer.
Default: 1
For values 1, 2, or 3 to take effect, the Developer Option
parameter described in Miscellaneous Parameters on page 210
must be set to OFF.
If the server is to be shut down, the system sends a message
every 2 minutes to warn all connections.
To configure the amount of time the system waits before shutting
down the server, use the Auto Restart After Abend Delay Time
parameter.
After an abend, the screen displays information about the abend.
This information is sent to the ABEND.LOG file on the C: drive.
After the server is shut down and restarted, the ABEND.LOG file
is transferred to SYS:SYSTEM.
Important: Because the server can abend and be restarted
automatically, you should determine whether any abends have
occurred. Periodically check either the ABEND.LOG file or the
Server Up Time field in MONITORs General Information screen.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Licensing Services Parameters

Licensing service parameters control Novell Licensing Service diagnosis
features.
For a description of licensing parameters, see the following table.
Table 9
Licensing Service Parameters
Parameter
Use to
NLSDIAG
Supported values: 19 (string length)

Default: 19
NLS Search Type
Specify the scope of a license certificate search.

Supported values: 0, 1
Default: 0
0 = Search to the root of the tree
1 = Search to the root of the partition
You can set this parameter in either the STARTUP.NCF or
AUTOEXEC.NCF files.
Store NetWare 5 Conn SCL MLA

usage in NDS
Supported Values: ON, OFF

Default: ON
Memory Parameters
Memory parameters control garbage collection, corruption checking, the
amount of memory below 16 MB available to device drivers, and aspects of
protected and virtual memory.
For a description of memory parameters, see Table 10 on page 208.
Utilities 207
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
Table 10
99a
38
July 17, 2001
Memory Parameters
Parameter
Use to
Average Page In Alert Threshold =

value
Specify the point at which the server sends an alert to the console
because excessive memory swapping indicates the server might
be low on memory.
Default: 2000
The value of the parameter is the average number of pages
swapped from disk to memory per second, calculated over the
last five seconds.
If the average page-in rate is high, it means a large amount of
data is being swapped to and from disk, indicating that the server
might be running low on memory.
Memory Protection No Restart

Interval = value
Prevent a server from restarting a protected address space that

continues to fault.
Supported Values: 0 to 60 minutes
Default: 1 minute
If the address space faults, but has already been restarted within
the time period specified by this parameter, the server will not
restart the address space. Restart functionality is disabled for the
address space.
A restartable address space that continues to fault consumes
server resources because the server is forced to continually shut
down and restart the space.
Setting the value to 0 disables the parameter so that the address
space will always be restarted if it faults.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
Memory Protection Fault Cleanup =

value
Enable the server to clean up a protected address space that has

faulted.
Default: ON
If this parameter is ON and a protected address space faults, the
server removes the address space and its NLMTM programs and
returns the resources to the system.
If this parameter is OFF and a protected address space faults, the
server does not remove the address space or return resources to
the system. The situation is left to the abend recovery
mechanism.
Garbage Collection Interval = number Specify the maximum time between garbage collections.
Supported values: 1 minute to 1 hour
Default: 5 minutes
Alloc Memory Check Flag = value
Specify whether the server will check for corruption in the alloc
memory nodes.
Default: OFF
Reserved Buffers Below 16 Meg =

number
Specify the number of file cache buffers reserved for device

drivers that cant access memory above 16 MB.
Default: 300
You must set this parameter in the startup.ncf file. You cannot set
the value at the command line.
Utilities 209
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Miscellaneous Parameters
Miscellaneous parameters do not fit aptly or neatly into other categories. The
functionality is listed below and described in Table 11.
Default response to optional commands
Adding the servers name to the console prompt
Configuring alerts
Controlling alerts for lost or spurious interrupts
Specifying response when invalid parameters are detected
Enabling developer options
Controlling allocation of service processes
Password security
Enabling execution of secure.ncf at startup
Controlling aspects of the kernel, scheduler, and threads
Table 11
Miscellaneous Parameters
Parameter
Use to
Allow Unencrypted Passwords =

value
Control the use of unencrypted passwords. This parameter

provides for backward compatibility with networks services that
do not support encrypted passwords in the NetWare
authentication protocol.
Default: OFF
We strongly recommend that you retain the default OFF setting.
NetWare 3.1x and later versions support encrypted passwords. If
servers on your network run earlier versions of NetWare, set the
value of this parameter to ON.
Warning: Because the use of unencrypted (plaintext) passwords
represents a significant security risk, you should update your
servers, utilities, print servers and NetWare clients to versions
that support encrypted passwords. If you cannot update or
upgrade to a newer version and are willing to assume the security
risk, use the ON setting.
New Service Process Wait Time =

number
Specify how long the system should wait to make an allocation

when it receives a request for another service process.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
Maximum Service Processes =

number
Specify the maximum number of service processes that the

operating system can create. (View the number of service
processes in MONITOR.)
Default: 40
Decrease this parameter temporarily if the server is low on
memory. If the server is always low on memory, add more RAM
for memory.
Increase this parameter if the number of service processes is at
the maximum.
Increasing this number helps only if more than 20 requests are
being delayed simultaneously for a disk I/O to be completed.
Minimum Service Processes =

number
Specify the minimum number of service processes the operating

system can create without having to wait for the time that is
specified by the New Service Process Wait Time parameter to
elapse.
Default: 10
Global Pseudo Preemption = value
Specify whether or not all threads on the server that use the
Traditional File System will also use pseudo preemption.
Default: ON
Set this parameter to ON if you rely on pseudo preemption to
enforce blocking for threads.
Pseudo Preemption Count = number
Specify the number of times threads are allowed to make file read
or write system calls before a relinquish is forced.
Default: 40
If you increase the value too much, the thread could run for its
lifetime.
If you decrease the value too much, every read or write call that
normally would not block might, in fact, end up blocking.
Utilities 211
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
Parameter
Use to
Display Lost Interrupt Alerts = value
Control alert messages about lost interrupts.
July 17, 2001

Default: ON
A lost interrupt occurs when a driver or board requests a service
with an interrupt call and then drops the request before the
processor can respond.
Lost interrupts generate the following message: Interrupt
controller detected a lost hardware interrupt.
This message indicates a hardware or driver problem that could
degrade performance.
Unload all drivers and then reload them one at a time to
determine which driver has a problem. Then contact the vender
of the driver.
Set the parameter to OFF while you are waiting for a resolution.
Display Spurious Interrupt Alerts =
value
Control alert messages about spurious interrupts.

Default: ON
A spurious interrupt occurs when hardware in the server creates
an interrupt that is defined and reserved for another device.
Spurious interrupts generate the following message: Spurious
hardware interrupt <number> detected.
This message indicates a serious error in the hardware.
If your server console displays this message, remove all add-on
boards and run SERVER.
If the message doesnt appear, add the boards one at a time to
determine which hardware is creating the spurious interrupt.
Then contact the vendor.
Set the parameter to OFF while you are waiting for a resolution.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
Display Lost Interrupts Threshold =

value
Specify the minimum number of lost interrupts per second that

must be detected before a lost interrupt alert message will be
displayed on the system console.
Default: OFF
Note: Set Display Spurious Interrupt Alerts must also be set to
ON.
Display Spurious Interrupts

Threshold = value
Specify the minimum number of spurious interrupts per second

that must be detected before a spurious interrupt alert message
will be displayed on the system console.
Default: OFF
Note: Set Display Spurious Interrupt Alerts must also be set to
ON.
Developer Option = value
Control whether options associated with a developer environment

are enabled.
Default: OFF
CPU Hog Timeout Amount = value
Specify the amount of time in seconds to wait before terminating

a thread that has not relinquished control of the processor.
Supported values: 0 to 1 hour
Default: 1 minute
A value of 0 (zero) disables this option.
Utilities 213
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
Display Old API Names = value
Control messages about obsolescent API functions from earlier

versions of NetWare. This parameter can be used as a debugging
tool.
Supported values:
ON = Use if you write your own modules and you are upgrading
your NetWare modules to use newer APIs.
OFF = Use if you arent upgrading modules.
Default: OFF
The following types of messages appear when a module is
loaded that uses the obsolescent APIs:
Module is using old API: SetInterruptVector
Module is using old API: ReturnPermanentMemory
Module is using old API: AllocateReturnablePermMemory
If you receive messages such as these, contact the vender of the
module.
Note: Old API functions are those that have been replaced with
newer, more efficient functions. The old functions workthey are
not obsoletebut they work more slowly.
Old API functions are not limited to NetWare 3 versions. Nor have
all older API functions been replacedmany of them are still in
use.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
Display Relinquish Control Alerts =

value
Control whether messages about processor control are sent to

the server console. This parameter can be used as a debugging
tool.
Supported values:
ON = Use if youre writing your own loadable modules.
OFF = Use if youre not writing your own loadable modules.
Default: OFF
If a module uses the processor for more than 0.4 second without
relinquishing control to other processes, the following types of
messages appear:
process_name Process did not relinquish control frequently.
Module: module_name
Code offset in module: memory_address
Halt System on Invalid Parameters =

value
Specify whether to stop the system when invalid parameters are

detected.
Default: OFF
ON = You want the system to halt when an invalid parameter or
condition is detected.
OFF = You want the system to display an alert and continue
running when an invalid parameter or condition is detected.
Worker Thread Execute In a Row

Count = number
Specify the number of times the scheduler consecutively

dispatches new work before allowing other threads to run.
Default: 10
Worker threads are created by the kernel to perform work for the
kernel itself.
Utilities 215
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
Alert Message Nodes = number
Specify the number of alert message nodes that have been

previously allocated.
Default: 20
You can set this parameter in the startup.ncf file.
Classic Work to do Pre-check Flag
When a classic work to do is scheduled, this flag causes the

scheduler to verify if the work to do is scheduled. If its on the
scheduled list, the operating system will trap.
Replace Console Prompt with Server

Name = value
Control whether the console prompt is replaced with the NetWare

server name.
Default: ON
Sound Bell for Alerts = value
Control whether a bell sounds when an alert message appears on

the console.
Default: ON
Command Line Prompt Time Out =

time
Specify how long an .ncf file waits before executing the default
response to an optional command.
An optional command in an. ncf file is preceded by a question
mark (?). The question mark causes the file to prompt you to
execute the command. For information about optional commands
in .ncf files, see Using Server Batch Files.
Supported Values: 0 to 4294967295 seconds
Default: 10 seconds
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
Command Line Prompt Default

Choice = value
Specify a default response to an optional command in an .ncf file.

An optional command in an .ncf file is preceded by a question
mark (?). The question mark causes the file to prompt you to
execute the command. For information about optional commands
in .ncf files, see Using Server Batch Files.
Default: ON
ON means the default response to the command prompt is Y
(Yes). If the user does not respond to the prompt within a
specified time period, the command is executed by default.
OFF means the default response to the command prompt is N
(No). If the user does not respond to the prompt within a specified
time period, the command is not executed.
To specify the time period before the response is executed, use
the Command Line Prompt Timeout parameter.
Allow Audit Passwords = value
Specify whether passwords can be used to identify auditors.

Default: OFF
Enable SECURE.NCF=value
Execute the secure.ncf file at server startup.

Default: OFF
You can set this parameter in the AUTOEXEC.NCF or
STARTUP.NCF file.
Display Incomplete IPX Packet Alerts

= value
Specify whether alert messages are displayed when IPX receives

incomplete packets. This parameter can be used as a debugging
tool.
Default: ON
Utilities 217
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Multiprocessor Parameters
Multiprocessor parameters allow you to
Set the threshold for load balancing across multiple processors.
Start secondary processors automatically on startup.
Control whether interrupt statistics are removed from memory when a
processor is taken offline or an interrupt handler is removed.
Multiprocessor parameters are described in the following table.
Table 12
Multiprocessor Parameters
Parameter
Use to
System Threshold = number
Adjust the load balancing threshold for multiprocessor servers.

This number controls the main value used in calculating thread
shedding for load balancing across multiple processors. The
optimum value has been preset by Novell.
Default: 1536
Important: The default value is the optimum value. We
recommend that you retain it. If after careful consideration you
decide to change the setting, experiment only in a nonproduction
environment.
Auto Start Processors = value
Start secondary processors on startup.

Default: ON
ON = Secondary processors are automatically started when the
Platform Support Module (PSM) is loaded.
OFF = Secondary processors are not automatically loaded on
bootup. When this is the case, the command START
PROCESSORS must be used at the console prompt to activate
secondary processors.
This parameter is preferably set in the STARTUP.NCF file.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
Parameter
99a
38
July 17, 2001
Use to
Auto Clear Interrupt Statistics = value Specify whether interrupt statistics are removed from memory at
the time a processor is taken offline or an interrupt handler (ISR)
is removed.
Default: ON
To retain per-processor interrupt handler statistics for offline
processors or to retain the total interrupt contribution from a
previously loaded handler (ISR), set the parameter to OFF.
This parameter is preferably set in the STARTUP.NCF file.
NCP Parameters
With NetWare Core ProtocolTM (NCPTM) parameters, you can
Control NCP packets
Control boundary checking
Assign the NCP Server Packet Signature levels
For a description of NCP parameters, see Table 13 on page 220.
Utilities 219
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
Table 13
99a
38
July 17, 2001
NCP Parameters
Parameter
Use to
NCP Packet Signature Option =

number
Control the NCP packet signature level on the server.

Supported values:
0 = Server doesnt sign packets (regardless of the client level)
1 = Server signs packets only if the client requests it (client level
is 2 or higher)
2 = Server signs packets if the client is capable of signing (client
level is 1 or higher)
3 = Server signs packets and requires all clients to sign packets
(or logging in will fail)
Default: 1
NCP Packet Signature prevents packet forgery on servers and
clients using NCP by requiring server and client to sign each NCP
packet.
Note: Because Packet Signature consumes processor resources
and slows performance on both client and server, NCP Packet
Signature is optional.
After starting the server, you can only increase the level of packet
signature. To decrease the level, you must add the SET
command to the startup.ncf file and restart the server.
Enable IPX Checksums = number
Enable IPXTM checksums.

Supported values:
0 = No checksums
1 = Checksum if enabled at the client
2 = Require checksums
Default: 1
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
Enable UDP Checksums on NCP

Packets
Enable checksumming of NCP UDP packets.

Supported values:
0 = No checksums
1 = Checksum if enabled at client
2 = Require checksums
Default: 1
Client File Caching Enabled
This parameter allows or disallows the client side ecaching of

opened files. This parameter is also settable in the
STARTUP.NCF file.
NCP Protocol Preferences = value
When multiple protocols are supported, specify the order in which

eDirectory selects a protocol to use when communicating with
other servers in the replica.
Supported values: IPX, TCP, UDP, none
Default: None
For example, the following command instructs eDirectoryTM to try
TCP first and IPX second when it communicates with another
server:
SET NCP PROTOCOL PREFERENCES = TCP IPX
If only one protocol is supported, that protocol is used by
eDirectory, no matter what values are specified for this parameter.
If multiple protocols are supported, but no value is specified for
this parameter, eDirectory uses the protocols in the order in which
they are loaded.
NCP File Commit = value
Control whether applications can flush pending file writes to disk.

Default: ON
If the value is set to ON then when a File Commit NCP is issued,
a file is sent from cache to disk immediately, instead of waiting for
the cache manager to send it to disk later.
Utilities 221
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
Display NCP Bad Component

Warnings = value
Control whether NCP bad component alert messages are

displayed.
Default: OFF
Reject NCP Packets with Bad

Components = value
Specify whether NCP packets that fail component checking are

rejected.
Default: OFF
Display NCP Bad Length Warnings =

value
Control whether NCP bad length alert messages are displayed.

Default: OFF
Reject NCP Packets with Bad

Lengths = value
Specify whether NCP packets that fail boundary checking are

rejected. This parameter can be used as a debugging tool.
Default: OFF
Maximum Outstanding NCP

Searches = number
Specify the maximum number of NCP directory searches that can

be processed simultaneously.
Default: 51
Normally, only one NCP directory search occurs at a time.
Increase the default only if you use applications that support
multiple outstanding directory search operations and you have
problems with corrupted or invalid directory information.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
Parameter
99a
38
July 17, 2001
Use to
Allow Change to Client Rights = value Control whether a job server can assume the rights of a client for
NCP packet signatures.
Default: ON
Note: Some job servers and third-party applications cant
function without changing to client rights.
Using OFF might prevent some job servers from getting access
to the files they need, but it prevents the forging of a packet
through the job or print server.
Allow LIP = value
Set Large Internet Packet (LIP) support.

Default: ON
Novell Storage Service Parameters

For Novell Storage Service set parameters, see NSS Load Commands on
page 126, NSS DOS FAT Commands on page 127, PURGE and
SALVAGE Commands on page 127, NSS Buffer Cache Commands on
page 128, and Other NSS Commands on page 128.
Service Location Protocol Parameters

The service location protocol parameters define how SLP locates and
distributes information about services that are available on the network.
For descriptions of service location protocol parameters, see Table 14 on page
224.
Utilities 223
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
Table 14
99a
38
July 17, 2001
Service Location Protocol Parameters
Parameter
Use to
SLP TCP = value
Use TCP packets instead of UDP packets when possible.

Supported values: OFF, ON
Default: OFF
SLP Debug = value
Enable SLP debug mode.

Bit 0x01 = COMM
Bit 0x02 = TRAN
Bit 0x04 = API
Bit 0x08 = DA
Bit 0x10 = ERR
Bit 0x20 = SA
Default: 0
SLP DA Discovery Options = value
Use multicast DA advertisements.

Bit 0x01 = Use multicast Directory Agent advertisements
Bit 0x02 = Use DHCP discovery
Bit 0x04 = Use static file SYS:ETC\\SLP.CFG
Bit 0x08 = Scopes Required.
These bits can be ordered together for multiple values.
Default: 3
SLP Multicast Radius = value
Specify an integer describing the multicast radius.

Default: 32
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
SLP Broadcast = value
Use broadcast packets instead of multicast packets.

Supported values: OFF, ON
Default: OFF
SLP MTU Size = value
Specify an integer describing the maximum transfer unit size.

Default: 1472
SLP Rediscover Inactive Directory

Agents = value
Specify the minimum time period in seconds that SLP will wait to
issue service requests to rediscover inactive Directory Agents.
Default: 60
SLP Retry Count = value
Specify an integer value describing the maximum number of

retries.
Default: 3
SLP Scope List = value
Specify a comma-delimited scope policy list.

Max Length: 1023
Default: 1023
SLP SA Default Lifetime = value
Specify an integer value describing the default lifetime in seconds

of service registers.
Default: 900
Utilities 225
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
SLP Event Timeout = value
Specify an integer value describing the number of seconds to wait

before timing out multicast packet requests.
Default: 53
SLP DA Heart Beat Time = value
Specify an integer value describing the number of seconds before

sending the next Directory Agent heartbeat packet.
Default: 10800
SLP Close Idle TCP Connections

Time = value
Specify an integer value describing the number of seconds before

idle TCP connections should be terminated.
Default: 300
SLP DA Event Timeout = value
Specify an integer value describing the number of seconds to wait

before timing out Directory Agent packet requests.
Default: 5
Time Parameters
Time parameters control time synchronization, the TIMESYNC.CFG file, and
time zone settings to ensure that the time reported by all servers is consistent,
or synchronized. For more information, see the Network Time Management
For a description of time parameters, see Table 15 on page 227.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
Table 15
99a
38
July 17, 2001
Time Parameters
Parameter
Use to
TIMESYNC ADD Time Source =

server name
Specify a server as a time source.

Use EDIT, rather than this parameter, to add a server to the time
source list in the TIMESYNC.CFG file.
Maximum: 48 characters
TIMESYNC Configuration File = path Specify the path where the TIMESYNC.CFG configuration file is
located.
Example: SET TIMESYNC CONFIGURATION FILE =
SYS:SYSTEM\TIMESYNC.CFG
TIMESYNC Configured Sources =
value
Specify what time sources the server listens to.

Supported values:
ON = The server ignores SAP time sources and relies on time
sources custom-configured with the TIMESYNC Time Source
parameter
OFF = The server listens to any advertising time source
Default: OFF
TIMESYNC Directory Tree Mode =

value
Control the use of SAP packets in the eDirectoryTM tree.

Supported values:
ON = Time synchronization ignores SAP packets that dont
originate from within the eDirectory tree the server is on
OFF = The server can receive SAP packets from any time source
on the network
Default: ON
Dont set this parameter to OFF if SAP is set to ON. Using OFF
could corrupt the time synchronization for this servers eDirectory
tree.
Utilities 227
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
Parameter
Use to
TIMESYNC Hardware Clock = value
Controls hardware clock synchronization.
July 17, 2001
Supported values:
ON = The primary and secondary time servers set the hardware
clock, and the single reference and reference time servers set
their time from the hardware clock at the beginning of each polling
interval
OFF = Use only if this server uses an external time source (such
as a radio clock)
Default: ON
TIMESYNC Polling Count = number
Specify how many time packets to exchange while polling.

Increasing the number of packets adds unnecessary traffic to the
network.
Default: 3
TIMESYNC Polling Interval = number Specify the long polling interval, in seconds.
Supported values: 10 to 2678400 seconds (31 days)
Default: 600 seconds (10 minutes)
All servers in the same tree must use the same setting.
TIMESYNC REMOVE Time Source =
server_name
Delete a server as a time source.

Use EDIT, rather than this parameter, to delete a server from the
time source list in the TIMESYNC.CFG file.
TIMESYNC RESET = value
Reset time synchronization and clear the time source list.

Use EDIT, rather than this parameter, to reset values in the
TIMESYNC.CFG file and to remove the time source list from the
file.
Supported values:
ON = Selected internal values are reset and the configured server
list is cleared. Flag automatically resets to OFF.
Default: OFF
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
Parameter
Use to
TIMESYNC Restart Flag = value
Control restarts of time synchronization.
July 17, 2001

Default: OFF
Set this parameter to ON only if you want to reload TIMESYNC
without rebooting the server.
TIMESYNC Service Advertising =
value
Control time source advertising.

Supported values:
ON = The single reference, reference, and primary time source
servers advertise using SAP
OFF = Use only if you are using a custom-configured list of time
sources
Default: ON
Note: Secondary time services do not advertise.
TIMESYNC Synchronization Radius

= number
Control the maximum time adjustment (in milliseconds) a server

is allowed while still being considered synchronized.
Supported values: 0 to 2147483647 milliseconds
Default: 2000
Increase this parameter to allow a wider margin of error for time
synchronization between servers.
Important: Lowering the synchronization radius increases the
chance of servers losing synchronization due to randomness
between clocks.
Setting the synchronization radius for under 2000 milliseconds (2
seconds) is not recommended.
Set the synchronization radius for under two seconds only if you
are using an application that uses synchronized time stamps
which do not tolerate a two-second deviation between time
sources.
Utilities 229
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
Parameter
99a
38
July 17, 2001
Use to
TIMESYNC Time Adjustment = [+ or - Specify when a time adjustment will take place.
] hour:minute:second [at month/day/
year hour:minute:second AM or PM] Note: You cannot use this parameter on a secondary time server.
Default: None scheduled
Use this parameter sparingly to correct network-wide time errors.
Default date and time is six polling intervals or 1 hour (whichever
is longer) from the current time.
Misuse of this parameter can corrupt time synchronization and
the order of events on your network.
TIMESYNC Time Source:
server_name
Specify a server as time source. If no server name is entered, the

parameter displays the list of configured servers.
Use EDIT, rather than this parameter, to add a server to the
configuration list in the TIMESYNC.CFG file.
TIMESYNC Type =
type_of_time_source
Specify the default time source type.

Use EDIT, rather than this parameter, to specify the default time
source type in the TIMESYNC.CFG file.
Supported types: reference, primary, secondary, single
reference
Default: Single reference
TIMESYNC Write Parameters = value Specify whether parameters specified by the TIMESYNC Write
Value parameter are written to the configuration file.
Default: OFF
TIMESYNC Write Value = number
Control which parameters are written by TIMESYNC Write

parameters.
Supported values:
1 = Write internal parameters only
2 = Write configured time sources only
3 = Write both parameters and configured time sources
Default: 3
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
Time Zone = time_zone_string
Specifies the time zone string, which indicates:

The abbreviated time zone name
The offset from Coordinated Universal Time (UTC)
The alternate abbreviated time zone name to be used when
daylight saving time is in effect
Default: No Time Zone
This parameter causes UTC time to be recalculated from local
time.
You can set this parameter in the STARTUPCF file.
Default Time Server Type =

type_of_time_source
Specify the default time synchronization server type. This

parameter can be overridden by other time synchronization
parameters.
Supported types: Reference, primary, secondary, single
reference.
Supported types: Reference, primary, secondary, single
reference
Default: Secondary
You can set this parameter in the STARTUPCF file.
Start of Daylight Savings Time =

date_and_time
Specify the local date and time when the change to daylight
saving time should occur.
IMPORTANT: You must set both the start and end of daylight
saving time before either date is actually scheduled.

End of Daylight Savings Time =
date_and_time
Specify the local date and time when the change from daylight
saving time should occur.
Maximum: 79 characters.
IMPORTANT: You must set both the start and the end of daylight
saving time before either date is actually scheduled.
Utilities 231
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
Parameter
99a
38
July 17, 2001
Use to
Daylight Savings Time Offset = [+ or - Control the offset applied to time calculations when daylight
] hour:minute:second
saving time is in effect.
Default: +1:00:00
This parameter causes UTC time to be recalculated from local
time.
Daylight Savings Time Status = value Indicate whether daylight saving time is in effect.
Default: OFF
If this parameter is set to ON, you should also use the Daylight
Savings Time Offset parameter.
Changing the daylight saving time status does not change the
local time.
New Time With Daylight Savings
Time Status = value
Control the adjustment of local time when daylight saving time is

in effect.
Default: OFF
ON = Adjust the local time by adding or subtracting the Daylight
Savings Time Offset parameter.
Traditional File Parameters

Traditional file parameters now contain parameters that were previously
designated as Directory Caching, File Caching, Error Handling, File System,
Locks, and Transistion Tracking
File Caching Parameters for the Traditional File System
File caching allows faster access to frequently used files by holding a file (or
a portion of it) in disk cache memory. Files being read from or written to are
kept in file cache buffers. When the requested data is already in cache, disk
reads are unnecessary.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The number of files kept in memory depends on the number of file cache
buffers allowed. This is determined by the amount of disk cache memory
available and the value of the Minimum File Cache Buffers parameter.
Disk cache memory not only speeds up access to file data, it is used to cache
portions of the eDirectory database. If you want to tune your NetWare server
in general, or eDirectory in particular, tune the file caching parameters. The
key to optimizing cache utilization is to monitor both Long Term Cache Hits
and LRU Sitting Time statistics. Both parameters are found in MONITORs
Available Options > Disk Cache Utilization. (File caching parameters can also
be set from MONITORs Available Options > Server Parameters.)
File caching and directory caching work together, however. In tuning the
server, directory caching and file caching need to be balanced for maximum
performance. See How Directory Caching and File Caching Work Together
on page 236.
Remember also that the file and directory caching parameters in SET apply
only to NetWare servers using the Traditional File System. In contrast, the
Novell Storage ServicesTM (NSSTM) file system provides improved resource
use, requiring less memory to mount multiple volumes.
For information about NSS directory caching parameters, see NSS Buffer
Cache Commands on page 128 and NSS Features and Benefits.
For a description of file caching parameters, see Table 16 on page 233.
Table 16
File Caching Parameters for the Traditional File System
Parameter
Use to
Read Ahead Enabled = value
Specify whether the system conducts background reads to cache

in advance of blocks soon to be requested.
Default: ON
Read-aheads can happen only when sequential file accesses are
occurring.
Read Ahead LRU Sitting Time

Threshold = number
Specify the minimum cache LRU (least recently used) sitting time
for read-aheads to take place.
Supported values: 0 seconds to 1 hour
Default: 10 seconds
Utilities 233
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
Minimum File Cache Buffers =

number
Set the minimum number of cache buffers the operating system

can allow for file caching.
Default: 20
All memory not allocated for other processes is given to disk
cache memory to use for file and directory caching. As memory is
requested for other processes, the server gives up cache buffers.
This limit specifies when the server must stop giving file cache
buffers to other processes.
If you set the minimum too high, other processes might not be
able to allocate necessary memory resources.
For example, a module could fail to load because the server is out
of available memory.
Maximum Concurrent Disk Cache

Writes = number
Specify the number of write requests for changed file data that
can be put in the elevator before the disk head begins a sweep
across the disk.
Default: 50
A high number creates more efficient write requests. A low
number creates more efficient read requests.
Monitor the number of Dirty Cache Buffers displayed on the
Cache Utilization Statistics screen in MONITOR.
If this number is above 70 percent of total cache buffers, optimize
the write speed by increasing this parameter.
Dirty Disk Cache Delay Time = time
Specify how long the system keeps a write request (that does not
fill a cache buffer) in memory before writing the request to disk.
Increasing the time makes disk writing more efficient if your users
make many small write requests.
Decreasing the time can reduce performance drastically, and
reduces the chances of losing data only slightly.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
Minimum File Cache Report

Threshold = number
Specify how few cache buffers can be available before the

operating system warns you that the number of buffers is getting
low.
Default: 2
For example, if the value of the Minimum File Cache Buffers
parameter is set to 20 and this parameter is set to 25, you are
warned when all but 45 cache buffers are allocated for other
processes.
Regardless of how this parameter value is set, the operating
system will issue a warning when it reaches the minimum number
of cache buffers. You receive the following message: Cache
memory allocator exceeded minimum cache buffer left limit.
Directory Caching Parameters for the Traditional File System
Directory caching allows fast access to frequently used directories. A

directory cache buffer is a portion of NetWare server memory (disk cache
memory) that holds entries from the directory table.
A directory entry stays in a cache buffer as long as it is accessed frequently
(default=33 seconds). The system can overwrite the directory entry if the
allocated directory cache buffers are accessed more frequently.
Directory caching and file caching work together, however. In tuning the
server, directory caching and file caching need to be balanced for maximum
performance.
Remember also that the directory and file caching parameters in SET apply
only to NetWare servers using the Traditional File System. In contrast, the
Novell Storage Services (NSS) file system provides improved resource use,
requiring less memory to mount multiple volumes.
For information about NSS caching parameters, see NSS Features and
Benefits and NSS Buffer Cache Commands on page 128.
For a description of directory caching parameters, see Table 17 on page 237.
Utilities 235
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Allocation of Directory Cache Buffers
When the server boots, the system allocates a minimum number of directory
cache buffers (default=20). It creates these buffers immediately when it
receives a request for a new buffer.
The server obtains directory cache buffers by removing a minimal set of file
cache buffers from the file cache during server startup. Additional directory
cache buffers are obtained from the file cache later on if they are needed.
When the minimum number of buffers is allocated and another is needed, the
system must wait a specified amount of time before allocating another buffer.
If necessary, the system allocates buffers until it reaches the maximum. If
enough directory cache buffers are allocated and enough memory is available
for directory caching, all directory tables can be cached in memory.
How Directory Caching and File Caching Work Together
As directory cache buffers increase, file cache buffers decrease. Thus, a

tradeoff exists between directory caching and file caching, and .directory
caching and file caching must be balanced for maximum performance.
If you adjust the system to use too much memory for directory caching, you
can leave too little memory for file caching, and vice versa.
For a description of file caching parameters, see Table 16 on page 233. For a
description of directory caching parameters, see Table 17 on page 237.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
Table 17
99a
38
July 17, 2001
Directory Caching Parameters for the Traditional File System
Parameter
Use to
Dirty Directory Cache Delay Time =

time
Specify how long the system keeps a directory table write request
in memory before writing it to disk.
Supported values: 0 to 10 seconds
Default: 0.5 second
Increasing the delay time gives slightly quicker performance but
increases the probability of the directory tables becoming
corrupted.
Decreasing the delay time slightly reduces the chance of
directory tables becoming corrupted, but can reduce performance
slightly.
A zero setting reduces performance dramatically.
Directory Cache Allocation Wait Time

= number
Specify how long the system must wait after allocating a new
directory cache buffer before it can allocate another buffer.
Supported values: 0.5 second to 2 minutes
During this time, all requests for a new directory cache buffer are
ignored.
If the wait time is too low, peak usage requests cause more
resources than necessary to be allocated to directory caching.
If the wait time is too high, the system is very slow in allocating
the directory cache buffers necessary to service the usual
number of directory requests.
If directory searches seem slow even after the server has been
running for 15 minutes, you should decrease this parameter.
Directory Cache Buffer

NonReferenced Delay = time
Specify how long a directory entry must be cached before it can

be overwritten by another directory entry.
Supported values: 1 second to 5 minutes
Increasing this parameter speeds up directory access. The
system allocates more directory cache buffers, and a directory is
more likely to be cached in memory.
Decreasing this parameter slows directory access but also
reduces the need for directory cache buffers.
Utilities 237
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
Maximum Directory Cache Buffers =

number
Specify the maximum number of cache buffers that the system

can allocate for directory caching.
Default: 500
This parameter keeps the system from allocating too many
directory cache buffers so that memory is available for other
server processes.
Increase this limit if the server responds slowly to directory
searches.
Decrease this limit if too much memory is being allocated for
directory caching.
If users are warned that the server is low on memory, this
parameter should be one of the first to be reduced. (Reboot the
server to return the memory to the cache buffer memory pool.)
When a directory cache buffer is allocated, the allocation is
permanent until the server reboots; the buffers dont return to file
caching when the need for directory cache buffers decreases.
Minimum Directory Cache Buffers =

number
Specify the minimum number of cache buffers that the system

can allocate for directory caching.
Default: 20
The number needs to be high enough that directory searches can
be done quickly, but no higher than necessary.
If the system doesnt need the minimum number of directory
cache buffers, the buffers cant be reallocated to file caching. The
unneeded portion remains unused.
If the server responds slowly to directory searches after it is
booted, monitor the number of directory cache buffers usually
allocated for directory caching.
If the number is significantly higher than this limit, consider
increasing the limit to remove the delay time that normally occurs
while the server is self-configuring. Use MONITOR to view the
current statistics.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
Maximum Number of Internal

Directory Handles = number
Specify the maximum number of directory handles available for

internal NLM programs that use connection 0.
Default: 100
A directory handle is a version of the directory access rights that
is held in cache memory. Caching the access rights speeds
mapping to the rights.
Connection 0 (zero) is the connection number reserved for use by
the server itself and by NLMTM programs operating within the
server.
Each time an NLM using connection 0 accesses a file or directory,
a directory handle is allocated (up to the total specified by this
parameter). This value represents the total number of handles
available to be shared by all NLM programs using connection 0.
Maximum Number of Directory

Handles = number
Specify the maximum number of directory handles available for

each connection.
Default: 20
A directory handle is a version of the directory access rights that
is held in cache memory. Caching the access rights speeds
mapping to the rights.
Each time a connection accesses a file or directory, a directory
handle is allocated (up to the total specified by this parameter).
File Parameters for the Traditional File System
Three parameters control warnings about volumes that are almost full.
Three parameters control file purging. File-purging parameters influence
other parameters, which in turn control warnings about almost-full
volumes.
All deleted files remain on the disk for a specified minimum amount of
time. The system calculates a volumes remaining space by subtracting
the following from the total space:
Actual files
Salvageable files that cant be purged because their Minimum File
Delete Wait Times have not expired
Utilities 239
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
One parameter controls the reuse of turbo FATs.

Ten parameters control file compression.
For a description of file system parameters, see the following table.
Table 18
File Parameters for the Traditional File System
Parameter
Use to
Automatically Repair Bad Volumes =

value
Specify whether VREPAIR runs automatically on a volume that

fails to mount.
Default: ON
File Delete Wait Time = time
Specify when a salvageable file can be purged to create free

space on a volume.
Supported values: 0 seconds to 7 days
Set this parameter as high as is useful for your users, but this
parameter doesnt guarantee that a file remains salvageable.
The system tries to keep at least 1/32 of available space on the
volume free for new files.
This parameter guarantees only that files arent purged to
maintain this free disk space.
Files that havent met this time limit are purged if the volume is full
and the system needs space for a user to create a new file.
When a deleted file remains on the server longer than the File
Delete Wait Time parameter setting, the system marks the file as
purgeable.
When the volume is full of purgeable files and needs free space,
the oldest purgeable files are purged.
Allow Deletion of Active Directories =

value
Specify whether a directory can be deleted when another

connection has a drive mapped to it.
Default: ON
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
Maximum Percent of Volume Space

Allowed for Extended Attributes =
percentage
Limit the portion of volume space used for extended attribute

storage. The setting takes effect only when the volume is being
mounted.
Default: 10
Maximum Extended Attributes per

File or Path = number
Limit the number of extended attributes that can be assigned to a

file or path (subdirectory). This limit applies to all volumes on the
server.
Default: 16
Fast Volume Mounts
Increase the speed at which volumes are mounted.

Default: ON
The operating system checks only the most important fields
during the mounting process. Use this parameter only if volumes
were dismounted normally.
Maximum Percent of Volume Used by

Directory = percentage
Limit the portion of a volume that can be used as directory space.
Maximum Subdirectory Tree Depth =

number
Specify how many levels of subdirectories the system supports.
Default: 13

Default: 25
This parameter can be set in the STARTUP.NCF or in the
AUTOEXEC.NCF file, or at the server console.
Increase the number if your applications support trees deeper
than 25.
Decrease the number if your applications support only shallow
tree structures.
(Some DOS applications cant support more than 10 levels if the
subdirectories have 11-character names.)
Utilities 241
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
Volume Low Warn All Users = value
Have the system notify users when a volume is almost full.

Default: ON
If you choose not to have your server warn users, monitor volume
statistics at least daily with MONITOR.
Volume Low Warning Reset

Threshold = number
Control how much disk space must be freed up before a second

warning is issued that the volume is almost full. (The first warning
is controlled by the Volume Low Warn All Users parameter.)
Supported values: 0 to 100000 blocks
Default: 256 blocks
When a volume is almost full, it can hover at its warning threshold
as users create and delete files.
This parameter controls the minimum amount of space that must
be made available above the threshold before the warning
message disappears.
Example: Assume the volume block size is 4 KB, the Volume
Low Warning Reset Threshold is set to 256, the Volume Low
Warning Threshold is set to 256, and the volume has less than 1
MB of free space.
Given these conditions, the volume must gain at least 1 MB of
free space (for a total of 2 MB of free space) and then dip below
the 1 MB threshold before the system sends another warning that
the volume is almost full.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
Volume Low Warning Threshold =

number
Specify the number of blocks of free disk space that can remain
on a volume before the system issues a warning.
Supported values: 0 to 1000000 blocks
Default: 256 blocks
Consider the following: A block is the minimum space allocated to
a file.; a file can grow only in multiples of the block size.
The blocks physical size is determined when the volume is
created. A volume can be assigned these block sizes: 4 KB, 8 KB,
16 KB, 32 KB, or 64 KB.
For example, if you enter 256 blocks for this parameter and the
volumes block size is 4 KB, the system warns you that the
volume is full when about 1 MB of space is left.
If your volumes are assigned different block sizes, each volume
has a different amount of free space when the warning is issued.
Purge Files On Dismount = value
Have the system purge deleted files on a volume when it is

dismounted.
Default: OFF
Utilities 243
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
Turbo FAT Re-Use Wait Time = time
Specify how long a turbo FAT buffer remains in memory after an

indexed file is closed.
Supported values: 0.3 second to 1 hour 5 minutes 54.6 seconds
Once the wait-time value has passed, the system can allocate the
buffer to another indexed file.
Increase the wait time if
You want the turbo FAT index to remain in memory for long
periods of time, even when the file is closed.
You frequently reopen the same file after a specific delay and
know that another file opened during that delay will reuse the
index.
Decrease the wait time if you want the memory released
immediately to service the next file that needs to be indexed.
When a program randomly accesses a file that contains more
than 64 FAT entries, the system builds a turbo FAT index for the
file so that information is accessed quickly. (NetWare indexes any
randomly accessed file with 64 FAT entries.)
The system doesnt immediately delete the index from its buffer
when the file is closed.
Having the turbo FAT index in memory makes reopening the file
and accessing information faster.

= number
Specify the hour when you want the file compressor to stop
Default: 6
Allow Unowned Files To Be Extended

= value
Specify whether files can be modified when the owner has been
lost or deleted.
Default: ON
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Locks Parameters for the Traditional File System
Locks parameters control

How many open files each workstation can have
How many open files the system can handle
How many record locks each connection can have
How many record locks the system can handle
There are three types of locks:
File locks secure the file and prevent other stations from accessing it.
Physical record locks control data access by multiple users. They prevent
other users from accessing or changing a range of bytes (a record) in a
file. They are sometimes referred to as byte-range locks.
Physical record locks are enforced by the system. If a user tries to access
a range of bytes that is physically locked, the user receives an Access
Denied error message.
Logical record locks also control data access by multiple users. The
application assigns a name to each section of data that needs to be locked.
The application then locks this name whenever it accesses the data.
Logical locks are enforced only to the extent that the application checks
the name each time it needs access to data.
For a description of locks parameters, see the following table.
Table 19
Locks Parameters for the Traditional File System
Parameter
Use to
Maximum Record Locks Per

Connection = number
Control how many record locks a client connection can use at one
time. (Use MONITOR to view how many record locks each
connection is using.)
Default: 500
Increase the value of this parameter when an application cant
lock enough records and fails.
Decrease the value of this parameter if one or more client
connections are using an excessive amount of server resources.
Utilities 245
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
Maximum File Locks Per Connection

= number
Control how many opened and locked files a client connection

can use at one time. (Use MONITOR to view how many opened
and locked files a connection is using.)
Default: 250
Increase the value of this parameter when an application cant
open enough files and fails.
Decrease the value of this parameter if client connections are
using an excessive amount of server resources.
Maximum Record Locks = number
Control how many record locks the operating system can handle.
(Use MONITOR to view how many record locks each client
connection is using on that server.)
Default: 20000
Increase the value of this parameter if users have problems
running applications and receive messages indicating that not
enough record locks are available.
Decrease the value of this parameter if client connections are
using an excessive amount of server resources.
Maximum File Locks = number
Control how many opened and locked files the operating system
can handle. (Use MONITOR to view the number of files that are
open during peak usage.)
Default: 10000
Increase the value of this parameter if the number of open files is
near or equal to the default.
Decrease the value of this parameter to restrict the amount of
available server resources.
Error Handling Parameters for the Traditional File System
Error handling parameters control the size of error logs and specify what
happens when logs exceed the specified size. They also control how the server
responds to an abend or to an NLMTM that does not unload from a protected
address space.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
For descriptions of error handling parameters, see the following table.

Table 20
Error Handling Parameters for the Traditional File System
Parameter
Use to
Volume Log File State = number
Control what happens when the VOL$LOG.ERR file is larger than

the size specified by the Volume Log File Overflow Size
parameter.
Supported values:
0 = Leave VOL$LOG.ERR as is
1 = Delete VOL$LOG.ERR
2 = Rename VOL$LOG.ERR
Default: 1
Volume TTS Log File State = number Control what happens when the TTS$LOG.ERR file is larger than
the size specified by the Volume TTS Log File Overflow Size
parameter.
Supported values:
0 = Leave TTS$LOG.ERR as is
1 = Delete TTS$LOG.ERR
2 = Rename TTS$LOG.ERR
Default: 1
Volume Log File Overflow Size =
number
Specify the maximum size of the VOL$LOG.ERR file before the

action specified by the Volume Log File State parameter occurs.
Default: 4194304
Volume TTS Log File Overflow Size =

number
Specify the maximum size of the TTS$LOG.ERR file before the

action specified by the Volume TTS Log File State parameter
occurs.
Default: 4194304
Utilities 247
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Transaction Tracking Parameters for the Traditional File System
A transaction is a set of write operations that must be completed together

to maintain file and database integrity.
Write operations consist not only of data and data records, but also of
changes to the index and the key structures that are important to an
applications continual operation.
Transaction Tracking SystemTM (TTSTM) software guarantees that a
transaction is written to disk in its complete form or is backed out if
incomplete. This ensures database integrity in case a failure occurs before
a transaction is completed.
For a description of transaction tracking parameters for the Traditional File
System, see the following table.
Table 21
Transaction Tracking Parameters for The Traditional File System
Parameter
Use to
Auto TTS Backout Flag = value
Specify whether a server with transactional files will automatically

back out of incomplete transactions when the server is restarted.
Supported values:
ON = The server backs out incomplete transactions when booting
OFF = The server waits for you to answer a prompt before it
backs out of transactions
Default: ON
You must set this parameter in the STARTUP.NCF file. You
cannot set the parameter at the command line.
TTS Abort Dump Flag = value
Specify whether a file is created to log transactional backout data.

Supported values:
ON = The information is saved in TTS$LOG.ERR
OFF = The information backed out is not saved
Default: OFF
If the parameter is set to ON, the backed-out information is written
to file TTS$LOG.ERR on volume SYS:. You can print the file or
view it with a text editor.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
TTS UnWritten Cache Wait Time =

time
Specify how long a block of transactional data can be held in

memory.
Supported values: 11 seconds to 10 minutes 59.1 seconds
Default: 1 minute 5.9 seconds
Some blocks of transactional data wait for other transactional
blocks to be written first.
If one of these blocks reaches its maximum time limit, other write
requests are held up and this block is written to disk.
TTS Backout File Truncation Wait

Time = time
Specify how long allocated blocks remain available for the TTS
backout file when these blocks are not in use.
Supported values: 1 minute 5.9 seconds to 1 day 2 hours 21
minutes 51.3 seconds
Topic
See
Using NetWare Remote

Manager to set server
parameters
Server Parameters option in the NetWare

Remote Manager Administration Guide
Using MONITOR to set

server parameters
Server Parameters option in MONITOR
Improving server
performance
Server Operating System Administration

Guide > Optimizing the NetWare Server
Editing .NCF files
Server Operating System Administration

Guide
Time synchronization and

the TIMESYNC.CFG file

Guide
Utilities 249
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
SHUTDOWN NETWORK INTERFACE

Purpose
Use at the server console to shut down a logical board without removing its
resources. (A logical board is an instance of one frame type associated with
one LAN driver.)
After you shut down the logical board, you can restart the board, if needed,
without reloading and binding the LAN driver. See RESET NETWORK
INTERFACE on page 164.
Syntax
SHUTDOWN NETWORK INTERFACE board_number | board_name
Parameter
Use to
board_number

board_name

SPEED
Purpose
Use at the server console to display the speed at which the processor is
running.
HINT: The CPUCHECK command provides additional information as well as
processor clock speed. See CPUCHECK on page 36.
Syntax
SPEED
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
About Processor Speed

Processor speed rating is determined by
Processor clock speed (90 MHz, 100 MHz, 200 MHz, 233 MHz, etc.)
Processor type (80486, Pentium*, Pentium Pro, Pentium II, etc.)
Number of memory wait states (0, 1, 2, etc.)
If your computer has a slower rating than you expected, use SPEED to
check the processors speed rating.
For example, entering SPEED for a Pentium II processor running at 333
MHz got the following rating:
Processor speed: 26288
Some computers have an Auto or Common processor speed mode that

can reduce the clock speed to as little as 6 MHz.
For NetWare 6 operation, the processor or processors should be set to
the highest speed. If your machine has a slower rating than expected,
check the processor speed setting. For instructions on how to set the
processor speed, see your computers documentation.
SPFCON
Purpose
The SPFCON utility enables you to monitor Sequenced Packet ExchangeTM
(SPXTM) spoofing statistics.
Spoofing is the process of preserving the transport end point connection by
imitating keep alive packets and responding to watchdog request packets
without passing this traffic across on-demand WAN links.
Using SPX spoofing can help you maintain lower costs over on-demand WAN
links.
Utilities 251
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
SPXCONFG
Purpose
Use at the server console to configure certain SPXTM parameters.
NOTE: These parameters can also be configured from the INETCFG utility.
Syntax
[LOAD] SPXCONFG [option[=value]]
Parameter
Use to
(no parameter)
Load SPXCONFG and display configuration

menu.
option

SPXCONFG Options on page 252.
value
Specify a numerical value for an option.

For information on setting these values, see
INETCFG on page 69.
SPXCONFG Options
Option
Use to
A=
Specify SPX Watchdog Abort timeout (in ticks).
V=
Specify SPX Watchdog Verify timeout (in

ticks).
W=
Specify SPX Ack Wait timeout (in ticks).
R=
Specify SPX Default Retry count.
S=
Specify maximum concurrent SPX sessions.
Q=1
Specify quiet mode (suppresses display of

changed settings).
Display SPXCONFG help screen.
I=
Specify IPXTM maximum socket table size.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Using SPXCONFG
You can use SPXCONFG in your autoexec.ncf file, as a console
command, as a menu utility, or as a configuration file that is invoked by
INETCFG.
If you dont specify a parameter, the following menu appears:
SPX Configuration Control Program
1. SPX Watchdog Abort timeout 540
2. SPX Watchdog Verify timeout 54
3. SPX Ack wait timeout 108
4. SPX Default Retry count 10
5. Maximum concurrent SPX sessions 2048
6. IPX maximum socket table size 1200
You can then select parameters to change.

SPXCONFG changes the configuration of SPX as well as the
STREAMS-based SPXS (SPXII).
If you enabled TCP/IP or AppleTalk* on the server, you can use either
INETCFG or SPXCONFG to set SPX parameters.
When you set the parameters using INETCFG, a load line for
SPXCONFG is automatically added to the NETINFO.CFG file so it runs
each time you bring up the server.
If you have only IPX/SPXTM enabled on the server (and not TCP/IP or
AppleTalk) and you want to use the SPXCONFG parameters each time
you boot the server, place the following command in your autoexec.ncf
file:
[LOAD] [path]SPXCONFG [option[=value]]
Examples
To set SPX options to 1000 ticks for the SPX Watchdog Abort timeout and
suppress the display of changed settings, type
[LOAD] SPXCONFG A=1000 Q=1
Utilities 253
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Topic
See
Setting SPX parameters

with INETCFG
INETCFG on page 69
SPXS
Purpose
Use at the server console to provide STREAMS-based SPXTM protocol
services.
Syntax
[LOAD] [path]SPXS [LDFILE = [path]filename[ext]]
Parameter
Use to
path
Specify the path to SPXS if you moved it from

the default directory.
LDFILE =
[path]\filename[.ext]
Load the data file that contains the SPX timer

defaults and physical packet size tables.
If you dont specify a filename, SPXS sets the
parameters defined in the IPXSPX.CFG file.
If you dont specify a file extension, the default
is .CFG.
Using SPXS
When you load SPXS, the parameters in the IPXSPX.CFG file are set,
unless you specify an alternate configuration filename.
NOTE: The IPXSPX.CFG file is modified from the INETCFG utility when you set
SPX/IPX parameters.
You can create multiple configuration files in addition to IPXSPX.CFG.

Use this feature if you frequently alternate between two or more IPX/SPX
configurations.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
To create multiple configuration files, copy the IPXSPX.CFG file to a

new filename (IPXSPX2.CFG, for example). Then you can change the
IPXSPX.CFG file (by using INETCFG) and still preserve the original
configuration in the IPXSPX2.CFG file.
To load a configuration file other than the default IPXSPX.CFG file, use
the LDFILE option.
For example, if you have a second configuration file called
IPXSPX2.CFG, you can load that configuration by typing
[LOAD] SPXS LDFILE = IPXSPX2
When you load SPXS, STREAMS is autoloaded.
Topic
See

using SPXCONFG
SPXCONFG on page 252

using INETCFG
INETCFG on page 69
START PROCESSORS
Purpose
Use START PROCESSORS at the server console prompt to start one or more
secondary processors when the NetWare 6 server is running on a
multiprocessor computer.
NOTE: Because NetWare is running on processor 0, the boot processor, START
PROCESSORS affects only secondary processors.
Syntax
START PROCESSORS [n...]
Parameter
Use to
(no parameters)
Start all secondary processors.
Utilities 255
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
n...
Specify by processor number the secondary

processors to start.
Using START PROCESSORS

To bring a specific secondary processor online, enter at the console
prompt:
START PROCESSORS 1
A confirmation message is displayed:

Processor 1 is ONLINE.
To bring all secondary processors online, enter at the console prompt:

START PROCESSORS

If you choose to start secondary processors when NetWare boots, use Set
Auto Start Processors = OFF in the startup.ncf file (see Multiprocessor
Parameters on page 218).
To stop secondary processors, see STOP PROCESSORS on page 257.
For more information, see Starting and Stopping Processors.
STATICON
Purpose
You use the Static Routing Configuration utility (STATICON) to open a
connection to a remote IPXTM router and configure static routes and services
at each end of the connection.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
STOP PROCESSORS
Purpose
Use STOP PROCESSORs at the server console prompt to stop one or more
secondary processors in a multiprocessor computer.
NOTE: Because Processor 0, the boot processor, cannot be taken offline while the
server is running, STOP PROCESSORS affects only secondary processors.
Syntax
STOP PROCESSORS [n...]
Parameter
Use to
(no parameters)
Stop all secondary processors.
n...
Specify by number the secondary processors

to stop.
Using STOP PROCESSORS

Run the DISPLAY PROCESSORS command before stopping a secondary
processor to determine the processors status and its number. (See DISPLAY
PROCESSORS on page 46.)
When you stop a processor, the threads that were running on the processor are
automatically migrated to another processor.
If you run STOP PROCESSORS without specifying the identifying number
or numbers of the processors, all secondary processors will be stopped.
For more information, see Starting and Stopping Processors.
Examples
To stop secondary processors 1 and 3, enter
STOP PROCESSORS 1 3

Processor 1 is OFFLINE.
Processor 3 is OFFLINE.
To start secondary processors , see START PROCESSORS on page

255.
Utilities 257
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
SWAP
Purpose
Use at the server console to display information about swap files, to add or
delete swap files, and to specify the parameters of swap files.
Syntax
SWAP [ADD vol_name [parameter = value]] [DEL vol_name]
[PARAMETER vol_name parameter = value]
Parameter
Use to
(no parameter)
Display a screen containing information about

swap files.
ADD vol_name
parameter = value
Create a swap file on the designated volume.

You can specify the following optional
parameters when you create a swap file: MIN=,
MAX=, and MIN FREE=.
These parameters specify the minimum and
maximum size of the swap file and the
minimum free space that must be left on the
volume. Values are in millions of bytes.
If parameters are not included, the following
default values are used:
MIN = 2
MAX = Free volume space
MIN FREE = 5
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
DEL vol_name
Delete a swap file from the designated volume.

If you are using protected address spaces, the
Novell JVM for NetWare product, or any
other application that uses virtual memory, be
sure to keep at least one swap file.
By default a swap file is created on the Sys
volume whenever you start the server. If you do
not want a swap file on Sys, place the SWAP
DEL command in the startup.ncf file before the
command to mount volumes.
PARAMETER = vol_name
parameter = value
Change the parameter values for a swap file on

the designated volume.
You can specify the following parameters:
MIN=, MAX=, and MIN FREE=.
These parameters specify minimum and
maximum size of the swap file and the
minimum free space that must be left on the
volume. Values are in millions of bytes.
Using SWAP
If a swap file is being used when it is deleted, then the swapped data is
moved to another swap file. If there is no other swap file, an error
message is displayed and the file is not deleted.
You can create one swap file per volume. The swap file for the Sys
volume is created by default; you can delete it if necessary.
Data moved to disk by virtual memory will be stored in any available
swap file; it does not matter which volume the swap file is on. Generally,
you will place swap files on the fastest volume or the one with the most
available space.
You can add a swap file to a volume by executing the SWAP ADD
command, even if the volume is not mounted. Once youve added the
swap file, the file will be created when you mount the volume.
When you dismount a volume, the swap file is deleted. To keep a swap
file on that volume, you must create the swap file again. The exception is
the SYS: volume swap file, which is created by default. For convenience,
Utilities 259
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
place the commands to create swap files into the AUTOEXEC.NCF file
so the files will be created each time the server is started.
Swap files are dynamic; they change size as data is swapped in and out of
memory.
Topic
See
Virtual Memory
Virtual Memory
TCPCON
Purpose
View configuration and statistics information about the following TCP/IP
protocols: IP, ICMP, UDP, TCP, OSPF, and EGP
View IP routes known to a TCP/IP node
View network interfaces supported by a TCP/IP node
Access the trap log maintained by SNMPLOG (local systems only)
Use Simple Network Management Protocol (SNMP) over TCP/IP or
IPXTM to access TCP/IP information in any remote protocol stack
supporting the TCP/IP Management Information Base (MIB)
Syntax
[LOAD] TCPCON
Using TCPCON
By default, TCPCON monitors and gathers information from the local
NetWare TCP/IP node.
You can, however, access another TCP/IP node on your internetwork if
you know the symbolic hostname or host IP address of that node.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
When you load TCPCON, the TCPCON main screen appears:
The top of the main screen displays a summary of statistics for the
selected host, as follows:
Field
Explanation
Host
Symbolic host name or IP address of the

selected TCP/IP host (or server name if
accessing a remote node using IPXTM) being
queried. This is the host specified in SNMP
Access Configuration in the Available Options
menu.
Uptime
Amount of time that has elapsed since the

selected host was last initialized.
System
Brief description of the selected host.
IP Received
Number of IP datagrams received from all

interfaces, including those received in error.
IP Sent
Number of datagrams sent to IP for

transmission. This number does not include
datagrams forwarded by this host.
IP Forwarded
Number of IP packets forwarded from one

node to another. This field displays the value
Disabled if this host is not configured to be an
IP router.
TCP Received
Number of TCP segments received, including

those received in error.
Utilities 261
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Field
Explanation
TCP Sent
Number of TCP segments sent, excluding

those containing retransmitted data.
TCP Connections
Number of currently established TCP

connections.
The Available Options menu on the main screen allows access to

additional features of TCPCON, as follows:
Option
Use to
SNMP Access
Configuration
View and modify TCPCON options.
Protocol Information
View protocol information for the selected host.
IP Routing Table
View IP routers known to the selected host.
Statistics
View TCP/IP statistics.
Interfaces
View the network interfaces supported by the

selected host.
Display Local Traps
View the local SNMP trap log maintained by

SNMPLOG.NLM.
TECHWALK
Purpose
Use at the server console to record NetWare configuration information.
Syntax
[LOAD] TECHWALK [console_NLM_name]
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
(no parameter)
Record configuration information for

the NetWare MultiProtocol Router 3.1
INETCFG NLMTM program.
console_NLM_name
Record configuration information for

the specified NLM program.
Using TECHWALK
TECHWALK saves the configuration information for INETCFG (or the
specified NLM program) to a file named SYS:ETC\TECHWALK.OUT. All
enabled items and summary lists are recorded.
You might prefer to exit INETCFG (or the specified NLM program) before
you run TECHWALK. Running TECHWALK takes from 5 to 60 minutes,
depending on your configuration and the network traffic, and dedicates your
machine to the process during that period.
TIME
Purpose
Use at the server console to display
Date and time kept by the NetWare servers clock
Daylight saving time status
Time synchronization information
Syntax
TIME
Using TIME
When you execute TIME, information similar to the following appears on the
console screen.
NOTE: The output is formatted according to your locale configuration.
Utilities 263
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
Figure 2
99a
38
July 17, 2001
TIME Output
TIMESYNC
Purpose
Use at the server console to monitor the internal time on a server to ensure that
the time reported by all servers across the network is consistent, or
synchronized.
TIMESYNC autoloads when the server boots. Under very few circumstances
will you ever load or unload TIMESYNC. You may, however, want to load
TIMESYNC to use an alternate configuration (.CFG) file.
Syntax
[LOAD] [path] TIMESYNC
Parameter
Use to
path
Specify the path to TIMESYNC.NLM if you

You can set TIMESYNC parameters in the configuration file

(TIMESYNC.CFG) or with the SET utility.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Topic
See
Setting time synchronization

parameters
SET Time Parameters on page 226
Network time
synchronization
"Guidelines for Time Synchronization" in

Guide
TLI
Purpose
Use at the server console to provide Transport Level Interface (TLI)
communication services.
Syntax
[LOAD] [path]TLI
Parameter
Use to
path
Specify the path to TLI.NLM if you moved it

Using TLI
To use TLI, you must have one or more protocol service modules loaded,
such as SPXS or IPXS.
TLI also requires STREAMS, CLIB, and CLIB-related modules and
autoloads them if they are not already loaded.
Utilities 265
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
TPING
Purpose
Use at the server console to send an Internet Control Message Protocol
(ICMP) echo request packet to an IP node on your internetwork.
TPING is a command line utility that determines whether an IP target node on
your internetwork is reachable.
Syntax
[LOAD] TPING host [packet_size [retry_count]]
Parameter
Use to
host
Specify the symbolic host name or IP address

of a TCP/IP system on the network.
packet_size
Specify the size, in bytes, of the ICMP packet.
retry_count
Specify the number of times you want to

resend an ICMP packet to the host system if a
reply is not received (default = 5).
Using TPING
TPING sends an ICMP echo request packet to the IP target node. If the target
node receives the request packet, it sends back a reply packet.
If TPING doesnt receive a reply, it resends the request packet the specified
number of times.
When TPING receives a reply, it stops sending requests and displays a
message indicating that the target node is reachable. (If it doesnt receive a
reply, TPING also notifies you.)
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
TRACK OFF
Purpose
Use at the server console to prevent the server from displaying the RIP
Tracking Screen. This screen displays Router Information Protocol (RIP)
traffic on the server.
Syntax
TRACK OFF
Topic
See
RIP Tracking Screen
TRACK ON on page 267
TRACK ON
Purpose
Use at the server console to view the RIP Tracking Screen and make it the
active screen. This screen displays Router Information Protocol (RIP) traffic
on the server.
Syntax
TRACK ON
Using TRACK ON
TRACK ON signals the router to display all server and network routing
(RIP) packets that are received or sent.
TRACK ON displays information about servers, networks, and
connection requests.
Utilities 267
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
This information is formatted according to whether the NetWare server

is
Receiving incoming information (IN)
Broadcasting outgoing information (OUT)
Receiving a connection request
Incoming Information
Incoming information looks similar to the following:

IN [00D0C200:00001B026C09] 10:53:01am 010123C5 11/22 5300DEEF
3/4 00001EF0 5/365
FADE2401 12/98 00001EEE 2/3 C9008617 5/11
The packet is incoming from network address 00D0C200 and from the server
at node address 0001B026C09. The packet was sent at 10:53 a.m.
The columns of data that follow the line labeled IN are network numbers that
the sending server knows about. For example, 010123C5 and 5300DEEF are
the network numbers recognized by the server at address 00001B026C09.
The numbers 11/22 and 3/4 indicate routing information about that network.
For example, the 11/ and 3/ indicate the hop count, or number of hops
(gateways or routers) from the sending server to this network.
NOTE: The maximum number of hops a RIP packet travels is 16.
The /22 and /4 indicate the number of ticks (1/18th of a second) that a packet
took to reach this network from the sending server.
Outgoing Information
Outgoing information looks similar to the following:

OUT [1986DAD0:8941A801] 11:00:01am
00001EEE 2/3 5300DEEF 3/4 00001EF0 5/365
FADE2401 2/3 FEED00BB 4/5 ACCCDDD 5/11
The packet is outgoing from network address 1986DAD0 and from the server
at node address 8941A801. The packet was sent at 11:00 a.m.
The columns of data that follow the line labeled OUT are network numbers
that the sending server knows about. The associated hop and tick count
information is listed after each network. For an explanation of these, see
Incoming Information on page 268.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Connection Request
When a client boots and loads a NetWare RequesterTM (such as DOS

Requester or OS/2* Requester), a Get Nearest Server request is broadcast on
the network the station is cabled to.
Any connected server can receive the message and respond to the station with
a Give Nearest Server response.
The station initially attaches to the first server that responds to the Get Nearest
Server request.
Topic
See
Turning off the RIP Tracking

Screen
TRACK OFF on page 267
Displaying advertised
networks (SAP traffic)
Displaying advertised
servers (SAP traffic)
DISPLAY SERVERS on page 48
Resetting routers
RESET ROUTER on page 165
UNBIND
Purpose
Remove a communication protocol from the LAN driver of a network
board
Disable communication on a specific board
Syntax
UNBIND protocol [FROM] LAN_driver | board_name
[[driver_parameter/]]
Utilities 269
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
protocol
Specify the name of the protocol you want to

unbind.
LAN_driver | board_name
Specify the name of the LAN driver or the

network board from which you are unbinding
the protocol.
driver_parameter
Specify one or more driver parameters if you

have more than one network board of the same
type in your server. See UNBIND Driver
NOTE: Enclose driver parameters in square
brackets.
UNBIND Driver Parameters

Driver parameter
Use to
[DMA=number]
Specify the DMA channel for the board. Use

the same channel you did when you loaded the
driver.
[FRAME=number]
Specify the frame type for the board. Use the

same frame type you did when you loaded the
driver.
[INT=number]
Specify the interrupt for the board. Use the

same interrupt you did when you loaded the
driver.
[MEM=number]
Specify the memory address for the board. Use

the same memory address you did when you
loaded the driver.
[PORT=number]
Specify the I/O port for the board. Use the

same I/O port you did when you loaded the
driver.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Driver parameter
Use to
[SLOT=number]
Specify the network board by the slot that it

was installed in.
Use this parameter with microchannel and
EISA computers. Use the same slot number
you did when you loaded the driver.
[NODE=number]
Specify the node number of the board.
Using Driver Parameters

You must tell the operating system which network board or LAN driver
to unbind the communication protocol from.
If you have multiple boards or LAN drivers, you must unbind each one
separately.
If your server has more than one instance of the LAN driver loaded, use
one or more driver parameters to specify the particular board you are
unbinding.
To prevent a driver from binding automatically when the server boots,
delete the following line from the AUTOEXEC.NCF file:
BIND IPX TO LAN_driver NET=number
Examples
To unbind IPXTM from an NE3200TM driver that has been loaded only
once, type
UNBIND IPX FROM NE3200
To unbind IPX from an NE3200 driver that has been loaded more than
once, using driver parameters to specify the particular network board,
type
UNBIND IPX FROM NE3200 [SLOT=3, FRAME=ETHERNET_II]
Topic
See
Viewing a list of
communication protocols
PROTOCOL on page 141
Utilities 271
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
UNLOAD
Purpose
Unload a module that was previously loaded with the LOAD command
Unload outdated NLMTM programs so that updated modules can be
loaded
You can also use UNLOAD at workstations running Novell ClientTM
software for client modules that have been previously linked with LOAD.
Syntax
UNLOAD NLM_name
UNLOAD ADDRESS SPACE=address_space [NLM_name]
UNLOAD KILL ADDRESS SPACE=address_space
Parameter
Use to
NLM_name
Specify the module you want to unload.
ADDRESS SPACE=
address_space
Specify the address space you want to unload.

This command unloads all modules from the
address space, removes the space, and
returns its resources to the system.
ADDRESS SPACE=
address_space NLM_name
Specify the module you want to remove from

the designated address space. This command
unloads the specified module from the address
space, but does not remove the address
space.
KILL ADDRESS SPACE=

address_space
Remove the specified address space, but

without unloading modules from it first. Use this
command only if you know the address space
cant be unloaded any other way.
IMPORTANT: Before you unload a module, be sure to read the next section,
Unloading Modules.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Unloading Modules
The UNLOAD command unlinks a loadable module from the operating
system that was previous linked to the operating system with the LOAD
command. (See LOAD on page 86.) When you unload a module, all
resources are returned to the system.
To unload a module from an address space, you can specify its address space.
NOTE: If an address is specified without a module, all modules in that address
space will be unloaded.
Keep the following information in mind when unloading LAN drivers, name
space modules, or disk drivers.
LAN Drivers
When you unload a LAN driver, the driver is unbound from all
communication protocols and removed from all network boards it was
linked to.
After a LAN driver is unloaded, users with network boards that require
the unloaded driver receive the following error message:
Network error on Server <fileserver>: Error receiving from
network. Abort, Retry?
If this occurs, do the following:

Retry once to see if an alternate route to the NetWare server is
available on another network.
If the retry fails, retry again after the LAN driver is reloaded and
bound to the communication protocol.
A user who receives the error message must reestablish a connection
within 15 minutes. If the connection is broken for more than 15 minutes,
the server watchdog terminates the stations connection.
If the LAN driver will be unloaded for 15 minutes or longer, have users
log out before unloading the LAN driver.
Name Space Modules
Before unloading name space modules, dismount all volumes that are
using the module. These volumes cannot be remounted until the module
is loaded again.
To permanently delete a name space from a volume before you unload the
name space module, use VREPAIR.
Utilities 273
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Disk Drivers
Before unloading a disk driver, dismount all volumes stored on the hard
disks connected to the controller or host bus adapter.
If you dont dismount the volumes, the system warns you that the driver
is in use and lists the volumes using the driver.
If you override the warning and unload the driver without dismounting
the volumes, the server dismounts the volumes and notifies those who are
using the volumes.
Examples
To unload MONITOR, enter
UNLOAD MONITOR
To unload the CLIB module from the address space for GroupWise,
enter
UNLOAD ADDRESS SPACE=GRPWISE CLIB
To unload all modules from the GroupWise address space and shut down
the address space, enter
UNLOAD ADDRESS SPACE=GRPWISE
To shut down an address space that cannot be unloaded any other way,
enter
UNLOAD KILL ADDRESS SPACE=ADDRESS_SPACE1
UPS_AIO
Purpose
If your uninterruptible power supply (UPS) is connected to the server through
a serial port, use UPS_AIO to provide the software link between your server
and the UPS.
Syntax
[LOAD] [path]UPS_AIO [parameter...]
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
path
Specify the path to UPS_AIO if you

DOWNTIME=number
Specify the amount of time to run on

battery before system shutdown. If
power is restored before this time
elapses, no shutdown will occur. If a
low battery condition occurs before
this time elapses, an immediate
shutdown will occur.
Supported values: 30 seconds
minimum, no practical maximum limit.
Default: 300 seconds
MSGDELAY=number
Specify the elapsed time before a

broadcast message is first sent to
users.
minimum, no practical maximum limit.
Default: 5 seconds
The broadcast message states the
time remaining until shutdown. This
message is generated automatically
by UPS_AIO.
MSGINTERVAL=number
Specify the time interval between

broadcast messages sent to users.
minimum, no practical maximum limit
Default: 30 seconds
The broadcast message states the
time remaining until shutdown. This
message is generated automatically
by UPS_AIO.
Utilities 275
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
DRIVERTYPE=number
Specify the AIO device driver type.

Supported values: 1, 2, 3
Default: 1
The default value of 1 represents the
AIOCOMX driver, which comes with
NetWare. Other drivers might be
represented by other driver type
numbers. Refer to the documentation
that came with the driver.
BOARD=number
Specify the AIO board number.

Supported values: Determined by
the driver manufacturer
Default: 0
To determine the board number, read
the driver information when the
AIOCOMX driver is loaded. This
information includes both the board
and port numbers.
If you do not use the AIOCOMX driver,
refer to the driver documentation to
determine the board number.
PORT=number
Specify the port number.

Supported values: Determined by
the driver manufacturer
Default: 0
To determine the port number, read
the driver information when the
AIOCOMX driver is loaded. This
information includes both the port and
board numbers.
If you do not use the AIOCOMX driver,
refer to your driver documentation to
determine the port number.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Parameter
Use to
SIGNAL_HIGH
Specify the signal_high parameter to

set the normal RS232 signaling state
to high.
Supported values: SIGNAL_HIGH or
no value
Use this parameter only if your UPS
system uses high values, instead of
low values, to determine if power is off
or the battery is low. Most UPS
systems use low values. Refer to your
UPS hardware documentation to
determine whether you need to use
the parameter.
Display a help screen that explains

these parameters. When you use this
parameter, the UPS_AIO module is
not loaded. To load UPS_AIO, you
must execute LOAD UPS_AIO again,
without the ? parameter.
Using UPS_AIO
NOTE: The serial cable between the UPS and the server must be designed for use
with the UPS. Contact the manufacturer of your UPS for information on the correct
cable to use for your system.
You must load an AIO device driver before loading UPS_AIO; the driver
is not loaded automatically. The AIOCOMX driver is included with the
NetWare operating system. If you want to use a different driver, consult
the UPS hardware and driver documentation.
The UPS_AIO module does not allow you to change parameter settings
after loading the module. If you want to change the settings, reload the
module with the new parameter values.
Place the commands to load the device driver and UPS_AIO in your
autoexec.ncf file to load them each time the server comes up.
After you load UPS_AIO, a status screen displays messages about the
current status and activities of the UPS. To toggle between this and other
screens, press Alt Esc. These messages are also logged to
SYS:SYSTEM\SYS$LOG.ERR.
Utilities 277
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
VIEW
Purpose
Use to view a file from the NetWare server console.
NOTE: VIEW does not let you create or modify files. To create or modify a file, use
EDIT on page 55.
Syntax
[LOAD] VIEW [filename]
Parameter
Use to
filename
Specify a file to view.
Using VIEW
If you do not specify a filename, VIEW prompts you for the name.
VOLUME
Purpose
Use at the server console to list mounted volumes.
Syntax
VOLUME [name]
Parameter
Use to
(no parameter)
List general information about all mounted

volumes.
name
Specify the volume you want to display

information about.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Using VOLUME
When you execute VOLUME without the name parameter, a message similar
to the following appears:
Mounted Volumes
SYS
Name Spaces
DOS
Flags
Cp Sa Mg
The output lists each mounted volume, its name spaces, and the flags that are
set for that volume. The three possible flags are:
Cpindicates that file compression is enabled on the volume
Saindicates that block suballocation is enabled on the volume
Mgindicates that migration is enabled on the volume
When you execute volume name, the screen displays more detailed
information about the specific volume, such as the following:
Figure 3
Volume Information
VREPAIR
Purpose
For traditional NetWare volumes, use at the server console to
Correct volume problems
Remove name space entries from Directory Entry Tables
NOTE: You cant use VREPAIR on a mounted volume.
Also, VREPAIR is not used to repair NSS volumes. For NSS volumes, you must
use the REBUILD utility. See REBUILD on page 149.
Utilities 279
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Syntax
[LOAD] [path] VREPAIR [volume_name] [log_filename]
Parameter
Use to
path
Specify the path to VREPAIR.NLM if you

volume_name
Specify the name of a volume to repair.
log_filename
Specify a text filename to log errors into.
Using VREPAIR
For an explanation of the VREPAIR main menu, see VREPAIR
Options on page 282.
If a volume fails to mount when the server is brought up, VREPAIR loads
automatically and tries to repair the failed volume.
If you dont want VREPAIR to automatically repair a volume that wont
mount, load MONITOR, select Server Parameters > File System, and set
the Automatically Repair Bad Volume parameter to OFF. (For more
information, see MONITOR on page 103.)
Use the version of VREPAIR that matches the operating system.
The majority of all problems fixed by VREPAIR are caused by hardware
failures. If a volume frequently needs repair, consider replacing the hard
disk or controller.
HINT: Copy vrepair.nlm and the VREPAIR name space support modules
(v_namespace.nlm) to the boot partition of your server. Then, if volume SYS: fails
to mount, you can load and run VREPAIR from the DOS boot directory.
How VREPAIR Works
Minor problems can occur on a volume if the primary File Allocation Table
(FAT) or Directory Entry Table (DET) becomes corrupted.
VREPAIR compares the primary tables with their mirrored counterparts. (The
operating system keeps two copies of all tables. If hard disks are mirrored,
then four copies are kept.)
VREPAIR checks the sets of mirrored tables for errors. If it finds
inconsistencies, it uses the most correct table entry as the corrected entry.
VREPAIR then writes the corrected entry to both the primary and mirrored
tables.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
VREPAIR may have to delete some corrupted files or tables. For more
information, see Viewing Deleted Files on page 284.
VEPAIR will log bad block information into a file if you specify a log
filename when you load VREPAIR. You can also specify a log filename after
you load VREPAIR, when VREPAIR displays an error.
When to Use VREPAIR
VREPAIR can repair a bad volume that you have dismounted while other
NetWare server volumes are functioning. After you finish running
VREPAIR, you can mount the repaired volume (in most cases).
Use VREPAIR when
A hardware failure either prevented a volume from mounting or caused a
disk read error.
NOTE: Although VREPAIR cant fix hardware problems, it can sometimes fix
related volume damage.
A power failure corrupted a volume.

The server displays memory errors and cant mount a volume after a
name space (such as Macintosh*) is added to the volume.
For this type of problem, either add more memory to the server or use
VREPAIR to remove the newly added name space.
The volume has bad blocks.
The following kinds of errors in FATs or Directory tables signal bad
blocks:
Read errors
Data mirror mismatch errors
Multiple allocation errors
Fatal DIR errors
Write errors
HINT: This information is reported in the log file.
Utilities 281
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
VREPAIR Options
The VREPAIR main screen displays the following menu:

Options:
1 - Repair a volume
2 - Set VRepair options
3 - Exit
Main Menu Selection
Use to
Repair a volume
Begin or continue with volume repair. You can

also use this option to stop a volume repair in
process or change the method of displaying
errors during the repair.
Set VRepair options
Set VREPAIR configuration options.
Exit
Exit VREPAIR.
In the Set VRepair Options menu, there are two settings for each option, a
default option and an alternate option. When VREPAIR autoloads and tries to
repair a volume that will not mount, the default settings are used.
You can configure the VREPAIR alternate options by selecting the associated
option number to toggle between the alternate and default options.
For example, Option 2 settings are Write All Directory and FAT Entries Out
to Disk and Write Only Changed Directory and FAT Entries Out to Disk.
The default for Option 2 is Write Only Changed Directory and FAT Entries
Out to Disk. If you select Option 2, your current VREPAIR configuration
reflects the change from the default to the new setting: Write All Directory and
FAT Entries Out to Disk.
The VREPAIR configuration options are described in Table 22 on page 283.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
Table 22
99a
38
July 17, 2001
VREPAIR Configuration Options
Default Option
Alternate Option
Explanation
1. Quit if a VREPAIR Name

Space Support NLMTM Is
Not Loaded
Remove Name Space

Support From The Volume
These options control whether name space

support for non-DOS files is retained in the
volume tables.
If you add a name space to a volume and
the system doesnt have enough memory,
select Remove Name Space Support From
the Volume. Then select a name space to
delete.
If you remove a name space, the
accompanying extended file information is
destroyed.
For example, if you remove Macintosh
name support, the Macintosh long names,
the finder icons, and the resource forks are
destroyed.
(The DOS name and its data file are kept
and are accessible from DOS
workstations.)
Important: To repair a volume with nonDOS name space entries, VREPAIR must
find the corresponding name space support
modules. (For example, to repair a volume
with the Macintosh name space, you need
to load V_MAC.NLM; to repair a volume
with the OS/2*, Windows* 95, or Windows
NT* name space, load V_LONG.NLM.)
For more information, see Repairing a
Traditional Volume.
2. Write Only Changed

Directory And FAT Entries
Out To Disk
Write All Directory And FAT

Entries Out To Disk
These options control the changes that are

made to the FATs and Directory tables.
If you repair a mirrored or duplexed volume,
select the alternate option to force an
update of all tables on both hard disks.
Utilities 283
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Default Option
Alternate Option
Explanation
3. Write Changes
Immediately To Disk
Keep Changes In Memory

For Later Update
NetWare defaults to writing changes

immediately to disk. In most cases, this
default option speeds the repair.
Disks requiring very few changes will repair
faster if the alternate option is used.
4. Retain Deleted Files
Purge All Deleted Files
These options control whether deleted files

are purged or retained.
If a file is deleted, but not purged, it can be
salvaged.
Purge deleted files if you are concerned
about the amount of disk space being used
to retain deleted files or if you dont want
users to salvage files (for example, for
security reasons).
5. Return to Main Menu
After you select the VREPAIR configuration

options, press menu item 5 to return to the
VREPAIR main menu.
Displaying Errors during Repair
There are run-time options you can modify during the VREPAIR process to
change the way errors are displayed. To view the options, select the main
menu option, Repair a Volume.
Select Option 1 if you do not want VREPAIR to pause after each error.
Select Option 2 if you want VREPAIR to log errors in a text file.
Select Option 3 to stop the repair of the volume.
Select Option 4 to continue with a volume repair after you have
temporarily suspended the repair.
Viewing Deleted Files
The repair operation can create new files containing data that VREPAIR
deleted. You can access these files if you select the default configuration
option, Retain Deleted Files. The files are numbered and named
VRNNNNNN.FIL where N is any number.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
These numbered files are created in any of the following circumstances:

VREPAIR found a filename that has an invalid DOS name. The filename
might contain invalid characters or might be too long.
VREPAIR found that the filename is not unique. (Another file exists with
the same name.)
VREPAIR found a FAT chain without a file showing ownership of it.
NOTE: A file is divided into a series of data blocks that are linked together in a FAT
chain.
No files in the Directory Entry Table (DET) claimed ownership of the

data, so a new filename was generated to point to this data.
VREPAIR might create as many as several thousand of these files. These
numbered files are created in the directory where they were found during the
volume repair operation.
Recovering Files
You might be able to recover some or all of the files deleted by VREPAIR.
Contact Technical Support for more information.
Topic
See
Repairing a volume
Repairing a Traditional Volume or Rebuilding

NSS Storage Pools and Volumes
WAN Traffic Manager

WAN Traffic Manager allows you to manage how and when traffic is sent
across WAN links, thus reducing network costs. It consists of three elements:
WTM.NLM, which resides on each server in the eDirectoryTM tree.
Before eDirectory sends server-to-server traffic, wtm.nlm reads a WAN
traffic policy and determines whether that traffic will be sent.
WAN traffic policies, which are rules that control the generation of
eDirectory traffic. WAN Traffic Policies are text stored as an eDirectory
property value on the NetWare Server object, the LAN Area object, or
both.
Utilities 285
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
WANMAN ConsoleOneTM snap-in which is the interface to WAN Traffic

Manager. It allows you to create or modify policies, create LAN Area
objects, and apply policies to LAN Areas or to servers.
When WAN Traffic Manager is installed, the schema will include a LAN
Area object and three new detail pages on the Server object:
LAN Area Membership
WAN Policies
Cost
A comprehensive Help system is built into the utility. For addition information
and procedures, refer to the Help system.
WMDMMGR
Purpose
WMDMMGR is a windows-based modem script editing tool used to create
and modify modem descriptions and PPP login scripts used with Novell
Internet Access Server 4.1.
X25CON
Purpose
Use X25CON to access interface configuration and statistical information for
all X.25 interfaces reported by the specified host.
X25DISP
Purpose
X25TRACE works with X25DISP to provide a way to analyze the output of
X25TRACE. X25DISP is a DOS executable utility that decodes the
X25TRACE output file and generates an ASCII format file.
X25DISP.EXE is located in sys:system\utils.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
XLOG
Purpose
Use the XLOG utility to help diagnose ISDN-related connection problems
with Eicon* Technology ISDN adapters.
Utilities 287
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
July 17, 2001
38

This appendix contains information on both common and custom LAN driver
statistics.
Monitoring Network Traffic

By comparing information about LAN drivers installed on your server, you
can tell which cabling system is handling the most traffic.
If errors occur frequently on a high-traffic system, you may want to switch
some of the stations on the busy system to a new or less busy cabling system.
To view LAN driver statistics:
[LOAD] MONITOR
2 Select Available Options > LAN/WAN Drivers.

3 Select a LAN driver from the Available LAN Driver menu.
The statistics for the selected LAN driver are displayed. Press Tab > PageUp
or PageDown to scroll through the information in the window.
For more information, see LOAD on page 86.
LAN Driver Statistics 289
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Common LAN Driver Statistics

The generic statistics common to most of the drivers are maintained by two
modules in the NetWare operating system that are autoloaded by LAN
drivers. The modules are:
The Media Support ModuleTM (MSM.NLM)
The Topology Specific ModuleTM (TSM.NLM)
There are three TSMTM modules. The one that is autoloaded will depend
on your servers LAN driver. The three are ETHERTSM (Ethernet),
TOKENTSM (token-ring), and FDDITSM.
These common LAN driver statistics can be viewed with MONITOR. Select
Available Options > LAN/WAN drivers, and then select a driver. The system
displays a window containing both the generic and custom statistics for the
selected driver.
Brief descriptions of the statistics maintained by the MSM module and each
of the TSM modules are found in the following tables:
Table 23, LAN Driver Statistics, on page 291
Table 24, Generic Statistics for Ethernet Drivers That Use
Ethertsm.nlm, on page 294
Table 25, Generic Statistics for Token Ring Drivers That Use
Tokentsm.nlm, on page 296
Table 26, Generic Statistics for FDDI Drivers That Use Fdditsm.nlm,
on page 297
Custom LAN Driver Statistics

Custom statistics describe LAN activity for specific LAN device drivers.
The custom LAN driver statistics can be viewed with MONITOR. Select
Available Options > LAN/WAN drivers, and then select a driver, then press
Tab. The system displays a window containing both the generic and custom
statistics for the selected driver.
Brief descriptions of statistics for selected drivers are found in the following
tables:
Table 27, Custom Statistics for NE2000, NE2, NE2_32, CNE2_32, and
Other Ethernet Drivers, on page 298
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Table 28, Custom Statistics for Token Ring Drivers, on page 303
Table 29, Custom Statistics for IBM Baseband PCN2L Drivers, on
page 305
NOTE: Custom statistics vary, depending on the LAN driver installed. For
statistical information about third-party drivers not listed in the custom statistics
section, check the documentation that comes with the driver.
Table 23
Statistic
Description
Driver Name
The driver name and parameters that correspond to the hardware

settings on the network board.
Version
The current version of the driver.
Logical Board Number
The number which uniquely identifies each time a driver is

registered with the system.
Board Instance Number
The number assigned to each physical adapter for which the

driver has been loaded..
Node Address
The station or node address of the network board in the NetWare

server.
Protocols
The communication protocols bound to the driver with BIND.
Network
The network number assigned to the cabling system the LAN

driver is operating on. Appears only if the IPXTM protocol has
been bound to the board.
Total Packets Transmitted
The number of packets sent from the NetWare server through this
LAN driver since the driver was loaded.
(By comparing this figure with the figures for other LAN drivers,
you can see which driver is handling the most traffic.)
This value is maintained by the TSM module.
Total Packets Received
The number of packets received by the NetWare server sincethe

driver was loaded. This includes file service requests, packets
routed to another network, and packets sent to other IPX sockets
in the NetWare server.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Statistic
Description
Transmit failed, packet too big
A counter that is incremented when the NetWare server tries to

transmit a packet that is too large for the hardware to handle.
Transmit failed, packet too small

transmit a packet that is too small.
Receive discarded, no available

buffers
A counter that is incremented when a device sends a packet to

your NetWare server, but no packet receive buffer is available.
The server allocates more packet receive buffers after each
incident until it reaches its maximum limit (configured with a SET
parameter).
If you are using an EISA or microchannel bus-master board (such
as the NE3200TM board), you will probably need to increase both
the minimum and maximum number of packet receive buffers.
See Minimum Packet Receive Buffers and Maximum Packet
Receive Buffers in SET Communications Parameters on page
192.
No ECB Available Count messages can also indicate that the
driver is not configured correctly or that the TSM module and the
Hardware Specific ModuleTM (HSMTM) are incompatible.
Receive failed, packet too big
A counter that is incremented when the NetWare server receives

a packet that is too big for the provided receive buffers.
Receive failed, packet too small
A counter that is incremented when the NetWare server receives

a packet that is too small.
Currently only the RX-NetTM TSM module maintains this counter.
Receive failed, adapter overflow
A counter that is incremented each time the adapters private

receive buffer pool was exhausted. This causes subsequent
incoming packets to be discarded.This value is maintained by the
HSM module.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Statistic
Description
Transmit failed, Miscellaneous Error
A counter that is incremented when errors with send packets

occur.
This value is maintained by the HSM module.
Receive failed, Miscellaneous Error
A counter that is incremented when errors with receive packets

occur. This value is maintained by the HSM module.
Transmit failed, retried

send a packet but fails because of a hardware error.
The server tries to send the packet until either it succeeds or the
retry setting is reached.
Receive failed, checksum error
A counter that is incremented when the checksum byte at the end

of the packet does not match the sum of the bytes contained in
the packet.
This indicates a data error.
Receive failed, packet length
A counter that is incremented when the packet length received by

the hardware and the length specified by the packet do not match.
Currently only the Ethernet TSM module maintains this counter.
Bytes transmitted modulo 4 GB
The number of bytes, including low-level headers, successfully

transmitted.
Bytes transmitted rollover <times 4

GB>
Upper 32 bits of the Total Send OK Byte Count Low. The Total
Send OK Byte Count High statistic is incremented to 1 when the
Total Send OK Byte Count Low counter reaches 4 GB.
Bytes received modulo 4 GB
The number of bytes, including low-level headers, successfully

received. This value is maintained by the TSM module.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
Statistic
99a
38
July 17, 2001
Description
Bytes received rollover <times 4 GB> Upper 32 bits of the Total Receive OK Byte Count Low.
The Total Receive OK Byte Count High statistic is incremented to
1 when the Total Receive OK Byte Count Low value reaches 4
GB.
This field is maintained by the TSM module.
Transmitted to a group address
The number of packets transmitted with a group or multicast

destination address. This field is maintained by the TSM module.
Received from a group address
The number of packets received with a group or multicast

destination address. This field is maintained by the TSM module.
Adapter resets
The number of times the adapter was reset because of internal

failures or other calls to the Driver Reset routine.
This field is maintained by the HSM module.
Adapter state change time stamp
The time stamp indicating when the adapter last changed

operational state (such as load, shutdown, or reset).
This value is maintained by the MSM module.
Packets queued for transmission
The number of transmit packets (transmit ECBs) that are queued

for the adapter.
This is an indication of throughput overload on transmits.
This field is maintained by the TSM module.
Table 24
Generic Statistics for Ethernet Drivers That Use Ethertsm.nlm
Statistic
Description
Transmit succeeded, single collision
The number of frames involved in a single collision that are

subsequently transmitted successfully.
When the Ethernet controller detects a collision, it backs off and
then retries the transmission.
Transmit succeeded, multiple

collisions
The number of frames involved in more than one collision that are
transmitted successfully.
This happens if the Ethernet controller had to back off more than
once due to collisions.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Statistic
Description
Transmit succeeded, deferred
The number of frames whose transmission was delayed because

of a busy medium.
This happens if another station is transmitting on the wire when
the adapter receives the command to transmit a packet.
Transmit failed, late collision
The number of transmits that had a collision after 512 bits of the
packet were transmitted.
This can be caused by faulty adapters, faulty network equipment,
cables that are too long, or faulty terminators.
Transmit failed, excessive collisions
The number of transmits that were aborted because of too many

collisions.
This usually indicates that a board in the network is bad or
jabbering. (Jabbering means the board has been on the channel
longer than the time needed to transmit the maximum size
packet.)
This condition could also occur in very heavy traffic conditions.
Transmit failed, carrier sense missing The number of transmits aborted because of loss of carrier sense
while transmitting without any collisions.
This is usually caused by a faulty adapter in the network, faulty
cabling, an unterminated cable, or a faulty repeater.
Transmit failed, excessive deferral
The number of transmits aborted because of excessive deferrals.

This is usually caused by a faulty adapter or repeater in the
system that is jabbering on the wire.
It can also occur under very heavy traffic conditions.
Receive failed, bad frame alignment
The number of received frames that were misaligned.

This occurs when the number of octets in the frame is not correct
or the frame does not pass the FCS check.
These bad packets are usually caused by a faulty adapter or
repeater in the system. They can also be caused by a collision.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
Table 25
99a
38
July 17, 2001
Generic Statistics for Token Ring Drivers That Use Tokentsm.nlm
Statistics
Description
AC Errors
This counter is incremented when a ring station receives a

Standby Monitor Present MAC frame with the A/C bits in the
Frame Status field equal to zero without first receiving an Active
Monitor Present MAC frame.
Transmit failed, abort delimiter sent
This counter is incremented when a ring station transmits an

abort delimiter.
An abort delimiter is transmitted when a ring station receives a
frame in which the token bit of the access control field is set to
show Token and not Frame.
A ring station can also transmit an abort delimiter if an internal
hardware error has occurred.
Burst errors
This counter is incremented when a ring station detects the

absence of five half-bit times (a burst-five error).
Other stations will detect a burst-four error followed by idles.
Frame copied errors
This counter is incremented when a ring station recognizes

(receives or repeats) a frame addressed to its specific address
and detects that the FC field A bits are set to 1, indicating a
possible line hit or a duplicate address.
Frequency errors
This counter is incremented when the frequency of the incoming

signal differs from the expected frequency by more than that
specified in Section 7 of IEEE Standard 802.5-1989.
Recoverable internal error
This counts the times a ring station has a recoverable internal

error, which means a ring station is probably marginal.
Last ring status
This code changes each time the ring status changes. Status
codes are reported by the physical hardware.
See the IBM* Token-Ring Network Architecture Reference for the
status code, function, and meaning.
Line errors
This counter is incremented when a frame or token is repeated by

the ring station.
A frame is repeated when a Frame check Sequence error occurs
or a code violation exists between the starting and ending
delimiters of the frame.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Statistics
Description
Transmit failed, lost frame
This counter is incremented when a ring station transmits a frame

that does not return to the station.
The active monitor sends a new token.
Error tokens transmitted
This counter is incremented when a station acting as the active

monitor recognizes an error condition that needs a token
transmitted.
This occurs when the TVX time expires.
Upstream node address
The twelve digits of the upstream node address of the next node
up stream on the ring.
Last ring ID
This contains the value of the local ring ID.
Last beacon type
This contains the value of the last beacon type.
Table 26
Generic Statistics for FDDI Drivers That Use Fdditsm.nlm
Statistic
Description
Configuration State
The attachment configuration for the station or concentrator:

0=isolated; 1=local_a; 2=local_b; 3=local_ab; 4=local_s;
5=wrap_a; 6=wrap_b; 7=wrap_ab; 8=wrap_s; 9=c_wrap_a;
10=c_wrap_b; 11=c_wrap_s; 12=thru
Upstream Node Address
The upstream neighbors MAC address (0 if unknown).
Downstream Node Address
The downstream neighbors MAC address (0 if unknown).
Receive failed, frame error
The number of frames that were detected in error by this MAC

that had not been detected in error by another MAC.
Receive failed, lost frame
The number of instances that this MAC detected a format error

during frame reception such that the frame was stripped.
Ring Management State
Indicates the current state of the Ring Management state

machine:
0=Isolated; 1=Non_Op; 2=Ring_Op; 3=Detect; 4=Non_Op_Dup;
5=Ring_Op_Dup; 6=Directed; 7=Trace
Consecutive LCT failures
The count of the consecutive times the link confidence test (LCT)
has failed during connection management.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Statistic
Description
LEM, link rejected
The link error monitor (LEM) count of the times that a link was
rejected
LEM, total errors
The aggregate link error monitor (LEM) error count.
Connection state
The state of this ports Physical Connection Management (PCM)

state machine:
0=Off; 1=Break; 2=Trace; 3=Connect; 4=Next; 5=Signal; 6=Join;
7=Verify; 8=Active; 9=Maint
Table 27
Custom Statistics for NE2000, NE2, NE2_32, CNE2_32, and Other Ethernet Drivers
Statistic
Description
UnderrunErrorCount
This counter is incremented when the RAM buffer on the network

board is full; the board cannot accept any more packets until the
RAM buffer is cleared.
TransmitTimeoutCount
This counter is incremented when a network board interrupts the

file server with the message that the send bit is lost.
This is a hardware problem caused by faulty cabling, a bad
network board, or a missing terminator.
RxPagingErrorCount
This is a count of the errors that occur when internal buffers on

the board are corrupted.
ReceiveFIFOOverrunErrorCount
This counter is incremented when an incoming packet causes an

overflow because FIFO was not serviced.
ReceiverMissedPacketCount
This counter is incremented when a packet is sent to a network

board that cannot accept the packet because all its receive
buffers are full.
GotNothingCount
This counter is incremented when the file server receives an

interrupt from a network board that is not transmitting or receiving
anything.
This is not serious.
UnsupportedFramePacketCount
This counter is incremented when a packet is received by the

LAN driver with a frame type that hasnt been loaded for the given
board.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Statistic
Description
UnsupportedMulticastCount
This counter is incremented for each multicast packet received by

the board that is not registered with the driver.
BackToBackSendCount
This counter is incremented each time the driver can buffer a

send packet onto the network board while the board is sending a
previous buffer.
Use this counter to track congestion on the network board.
See also EnqueuedSendsCount.
EnqueuedSendCount
This counter is incremented when the driver is unable to transmit

a packet and must put the packet in a queue until the transmitter
is available.
Use the counter to track congestion on the network board.
See also BackToBackSendCount.
HeartBeatError
(NE2100TM, NE1500TTM, or CNEAMDTM) This counter is

incremented when there is a signal quality error.
This function is also known as the heartbeat or Signal Quality
Error (SQE) test.
This counter indicates a hardware problem.
MemoryTimeout
(NE2100, NE1500T, or CNEAMD) This counter is incremented

when there is contention on the bus.
If this counter is incremented, there may be multiple boards in the
server or another bus-mastering device in the server, such as a
LAN or disk channel device.
TxBabblingError
(NE2100, NE1500T, or CNEAMD)This counter is incremented

when there is excessive length in the transmit buffer.
It will increment after 1,519 data bytes have been transmitted
from the buffer.
It indicates that the transmitter has been on the channel longer
than the time required to send the maximum length packet.
If this counter is incremented, it indicates a hardware problem
with the network board in the server.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Statistic
Description
TxUnderflowError

when something else on the bus takes control of the bus while the
LAN driver is putting the data on the wire.
If this occurs, the packet must be retransmitted.
TXBufferError

when there is a problem with the transmit buffer.
This counter is usually incremented when TxUnderflowError is
incremented; it indicates a hardware problem in the server.
RxECBsOver16MegCount
TxECBsOver16MegCount
(NE2100, NE1500T, or CNEAMD) One of these counters is

incremented when either a transmit or receive occurs and the
driver has double buffered the ECB in the reserved buffers below
16 MB in memory.
These boards require double buffering because they have a
physical limitation that prevents them from accessing memory
above 16 MB.
Therefore, if the operating system issues an Event Control Block
(ECB) with a memory address above 16 MB, the board uses
some of the reserved buffers below 16 MB to queue the request.
These are not errors. This value tracks how many ECBs are
redirected to the buffers below 16 MB.
In many cases, this counter can be as high as the total packets
sent and received. This double buffering decreases performance.
If you have more than 16 MB of RAM and a board that is busmastering or using DMA that is not a 32-bit adapter, performance
might be degraded.
PacketUsed2ECBs
(NE2100, NE1500T, or CNEAMD) This counter is incremented if

the Server Maximum Physical Receive Packet Size is set to 1514
bytes (default for NetWare 3.11 servers), and you need to receive
a near-full-size packet. For NetWare 3.12 and 4.x, the default
Maximum Physical Receive Packet Size is 4202.
In this instance, two ECBs are used instead of one, since the
CRC on the end of the packet requires an extra four bytes.
Using two ECBs instead of one may decrease performance
slightly.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Statistic
Description
TransmitRetryCount
(NE3200TM) This counter is incremented when the driver is

unable to transmit a packet after a specified number of times.
This may indicate a hardware problem.
TxClearToSendsErrors
(NE3200) This counter tracks an 82586 error.

There are some conditions when the Clear to Send signal from
the 82586 chip is incorrect.
This counter indicates the number of times the corrective code on
the adapter was executed to work around this condition in the
82586.
TxDMAUnderrunErrors

Contention among the BMIC, 80186, and 82586 can occur on the
adapter, causing the 82586 to assume it did not receive all of the
packet for transmission. The transmit operation must then be
retried.
This counter indicates the number of times the corrective code on
the adapter was executed to work around this condition.
RxDMAOverrunErrors

If two packets are received back-to-back at close to 9.6
microseconds (the minimum Ethernet interframe spacing), then
the chip may report an overrun.
If so, the frames are lost by the chip and the source must
retransmit.
This counter indicates the number of times this error has
occurred.
RxPacketSlideErrors
(NE3200) This counter tracks the number of instances of an

82586 anomaly.
In some conditions, the 82586 might be off by two bytes in the
receive packet descriptors. In this case, the sending station must
retransmit the packet.
This counter indicates the number of times this condition has
occurred.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Statistic
Description
RxDummyRCBUsedErrors

In some cases, the 82586 may attempt to receive data into a
nonexistent receive buffer at the end of its receive buffer list.
To catch this condition and avoid internal data corruption, a
dummy receive buffer is added to the end of the list.
This variable counts the number of times the 82586 attempted to
write into the dummy buffer.
InternalAdapterReset
(NE3200) This counts the number of resets (by the 80186) that
occurred on the adapter due to failures on the adapter.
This counter is incremented when the software corrects itself for
minor problems or if the adapter is in an unknown state.
It is common for this counter to be incremented.
Under normal conditions, more of these errors should occur
during idle time than when the driver is busy.
This counter would only indicate a hardware problem if it
registered thousands of these errors when the network is busy.
MondoFragmentLengthErrors
(NE3200) This counter tracks the number of instances in which

an NLMTM on the server has passed the NE3200 driver an ECB
whose logical memory address could not be translated to a
physical memory address.
You should check other NLM programs on the system and
upgrade them.
If you are still experiencing problems, identify which NLM is
causing the problem and contact the third-party manufacturer of
the NLM.
PollingTimeout
(NE3200) This counter tracks the number of times the adapters

request was put on the queue but was not serviced within 800
nanoseconds (default).
After this occurs, the adapter fires an interrupt.
ResetBecauseHardwareDiedErrors
(NE3200) If the adapter is in an unknown state or stops

transmitting on the host side, the driver increments this counter
and resets or restarts the adapter.
NumberOfInterruptsFired
(NE3200) This counter is incremented each time the adapter had

to fire an interrupt to service a request because the polled request
wasnt serviced.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
Table 28
99a
July 17, 2001
38
Custom Statistics for Token Ring Drivers
Statistic
Description
Bad Correlator Count
(CNTR2000TM, NTR2000TM) This counter is incremented when a

network board responds with a request for data from the file
server that the file server does not have.
The ECB or some other code may be corrupted. Eventually, this
error will abend the server.
If this counter is non-zero, you should try to find the software that
is corrupting the data.
Unknown ARB requests
(CNTR2000, NTR2000) This counts bad Adapter Request Blocks

(ARBs).
Normally the network board (adapter) uses one of four known
commands to communicate with the driver.
If a network board sends a command that is not one of the four,
the driver does not recognize the request.
This error is not a catastrophic error.
Sometimes old adapters send bad ARB requests because of
software problems on the board.
NetWare responds to the network board so that the board will not
hang.
MicroChannel Error Count
(TOKENDMA) This counter tracks the number of times the

adapter had a problem transmitting on the bus.
The adapter interrupt occurred from the firmware on the board.
ECBs Over 16 MB
(TOKENDMA) This counter tracks the number of packets

received that had to use an ECB over 16 MB.
This number should increment only when more than 16 MB of
RAM is used in the server.
DMA Bus Errors Count
(TOKENDMA) This counter is incremented when a DMA transfer

completes with a bus error.
If this counter is incremented, it could indicate a hardware
problem.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Statistic
Description
DMA Parity Errors Count
(TOKENDMA) This counter is incremented when a DMA transfer

completes with a parity error.
If this is incremented, it could indicate a hardware problem.
Command Reject Count
(TOKENDMA) This counter is incremented when the driver sends

a command to the board and the command is either invalid or the
board is still busy processing the previous command.
This number should be zero or a low number.
Tx Timeout Count
(TOKENDMA) This counter is incremented and the adapter is

reset if two seconds elapse before the driver learns from the
firmware that the transmit was or wasnt successful.
This counter shows the driver is successfully recovering from the
lost hardware transmit.
It isnt a problem if this number is incremented.
Transmit Late Count
(TOKENDMA) This counter is incremented when the firmware

reports that the board transmitted more than it actually did.
After this event occurs, the data that wasnt transmitted will be
sent in the next packet.
This problem is more likely to occur on busier networks.
Transmit Defragment Count
(TOKENDMA) This counter tracks how many ECBs are

redirected to the buffer below 16 MB.
The IBM Token-Ring DMA LAN boards are not able to access
memory above 16 MB. Therefore, if the operating system issues
an Event Control Block (ECB) with a memory address above 16
MB, the board uses some of the reserved buffers below 16 MB to
double buffer the ECB.
These are not errors. In many cases, this counter can be as high
as the total packets sent and received. However, this double
buffering decreases performance.
If the system has more than 16 MB of RAM and a board that is
bus-mastering or using DMA that is not a 32-bit adapter,
performance may decrease.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
Table 29
99a
July 17, 2001
38
Custom Statistics for IBM Baseband PCN2L Drivers
Statistic
Description
HotCarrierInterruptCount
(PCN2L) This counter is incremented when the board detects a

carrier longer than expected without a transmit.
This indicates that some board on the network has failed or is
beginning to fail.
No82588InterruptCount
(PCN2L) This counter is incremented each time the server

receives an interrupt from the board, but not from the 82588 chip.
This should happen very seldom, if ever.
WeirdInterruptCount
(PCN2L) This counter is incremented when the server has

received an interrupt from the board, but the board claims not to
have sent one.
This should happen very seldom, if ever.
BadTransmitCompleteInterruptCount
(PCN2L) This counter is incremented for each complete

transmission with no transmit active.
HardTransmitErrorCount
(PCN2L) This counter is incremented when a transmit fails and

the driver retries the transmit.
GotNothingCount
(PCN2L) This counter is incremented when the driver receives

an interrupt from the board indicating that it has completed a
receive but there is no data in the boards receive buffer.
This is not serious.
ReceiveUnderrunErrorCount
(PCN2L) This counter is incremented when the driver finds less

data in the boards buffer than the board reported.
ReceivedShortPacketCount
(PCN2L) This counter is incremented when a packet of fewerthan

17 bytes is received.
BadReceiveConditionCodeCount
(PCN2L) This counter is incremented when the buffer is flushed

because the board hasnt received the incoming packets
properly.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
Novell Trademarks
Access Manager is a registered trademark of Novell, Inc. in the United States
and other countries.
Advanced NetWare is a trademark of Novell, Inc.
AlarmPro is a registered trademark of Novell, Inc. in the United States and
other countries.
AppNotes is a registered trademark of Novell, Inc. in the United States and
other countries.
AppTester is a registered trademark of Novell, Inc. in the United States and
other countries.
AutoPilot is a registered trademark of Novell, Inc. in the United States and
other countries.
Boot Support Module and BSM are trademarks of Novell, Inc.
BorderManager is a trademark of Novell, Inc.
BorderManager FastCache is a trademark of Novell, Inc.
BrainShare is a registered service mark of Novell, Inc. in the United States and
other countries.
Branch Office for NetWare is a trademark of Novell, Inc.
C Network Compiler is a trademark of Novell, Inc.
C Network Compiler/386 is a trademark of Novell, Inc.
C-Worthy is a trademark of Novell, Inc.
C3PO is a trademark of Novell, Inc.
CBASIC is a registered trademark of Novell, Inc. in the United States and
other countries.
CBASIC Compiler is a trademark of Novell, Inc.
CBASIC-16 is a trademark of Novell, Inc.
CBASIC-86 is a trademark of Novell, Inc.
Certified Directory Engineer and CDN are service marks of Novell, Inc.
Novell Trademarks 307
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Certified Internet Architect is a service mark of Novell, Inc.

Certified Internet Business Strategist is a service mark of Novell, Inc.
Certified Internet Manager is a service mark of Novell, Inc.
Certified Internet Professional is a service mark of Novell, Inc.
Certified NetWare Administrator in Japanese and CNA-J are service marks of
Novell, Inc.
Certified NetWare Engineer in Japanese and CNE-J are service marks of
Novell, Inc.
Certified NetWare Instructor in Japanese and CNI-J are service marks of
Novell, Inc.
Certified Novell Administrator and CNA are service marks of Novell, Inc.
Certified Novell Engineer is a service mark of Novell, Inc. and CNE is a
registered service mark of Novell, Inc. in the United States and other
countries.
Certified Novell Instructor and CNI are service marks of Novell, Inc.
Certified Novell Salesperson is a trademark of Novell, Inc.
Certified Web Designer is a service mark of Novell, Inc.
Certified Web Developer is a service mark of Novell, Inc.
Chevron Design is a trademark of Novell, Inc.
Client 32 is a trademark of Novell, Inc.
CLINK is a trademark of Novell, Inc.
Communications Service Manager and CSM are trademarks of Novell, Inc.
Concurrent CP/M-86 is a trademark of Novell, Inc.
Concurrent DOS is a registered trademark of Novell, Inc. in the United States
Concurrent DOS 386 is a trademark of Novell, Inc.
Concurrent DOS CP/M-86 is a registered trademark of Novell, Inc. in the
United States and other countries.
Concurrent DOS XM is a trademark of Novell, Inc.
Concurrent OS is a registered trademark of Novell, Inc. in the United States
Concurrent PC DOS is a registered trademark of Novell, Inc. in the United
ConnectView is a registered trademark of Novell, Inc. in the United States and
other countries.
Connectware is a registered trademark of Novell, Inc. in the United States and
other countries.
ConsoleOne is a trademark of Novell, Inc.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Control Access Printer is a trademark of Novell, Inc.

CoPilot is a trademark of Novell, Inc.
Corsair is a registered trademark of Novell, Inc. in the United States and other
countries.
CP/Net is a registered trademark of Novell, Inc. in the United States and other
countries.
CP/NET-86 is a trademark of Novell, Inc.
CP/NOS is a trademark of Novell, Inc.
Creativity Center is a trademark of Novell, Inc.
Crested Wave Design is a trademark of Novell, Inc.
Custom 3rd-Party Object and C3PO are trademarks of Novell, Inc.
CXI$File is a trademark of Novell, Inc.
DataClub is a trademark of Novell, Inc.
DataClub DSM is a trademark of Novell, Inc.
DDE/Net is a trademark of Novell, Inc.
DDT is a trademark of Novell, Inc.
DDT-68K is a trademark of Novell, Inc.
DDT-86 is a trademark of Novell, Inc.
Dedicated to Serve All LANKind is a registered service mark of Novell, Inc.
in the United States and other countries.
definitelyme is a service mark of Novell, Inc.
DENIM is a service mark of Novell, Inc.
DESPOOL is a trademark of Novell, Inc.
DeveloperNet is a registered trademark of Novell, Inc. in the United States and
other countries.
DeveloperNet Connections is a trademark of Novell, Inc.
digitalme is a trademark of Novell, Inc.
Direct Connect is a service mark of Novell, Inc.
DirXML is a trademark of Novell, Inc.
Display Manager is a trademark of Novell, Inc.
Documenters Workbench is a registered trademark of Novell, Inc. in the
DOS Protected Mode Services and DPMS are trademarks of Novell, Inc.
DOSPLUS is a registered trademark of Novell, Inc. in the United States and
other countries.
EasyProof is a trademark of Novell, Inc.
eDirectory is a trademark of Novell, Inc.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
ElectroText is a trademark of Novell, Inc.

Embedded NetWare is a trademark of Novell, Inc.
Enterprise Certified Novell Engineer and ECNE are service marks of Novell,
Inc.
Enterprise Perspectives is a trademark of Novell, Inc.
Entry Denied is a trademark of Novell, Inc.
Envoy is a registered trademark of Novell, Inc. in the United States and other
countries.
EtherPort is a registered trademark of Novell, Inc. in the United States and
other countries.
EtherPort II is a trademark of Novell, Inc.
EtherPort IIL is a trademark of Novell, Inc.
EtherPort SE is a trademark of Novell, Inc.
EtherPort SE/30 is a trademark of Novell, Inc.
EtherPort SE/30L is a trademark of Novell, Inc.
EtherPort SEL is a trademark of Novell, Inc.
EventBroker is a trademark of Novell, Inc.
Everythings Connected is a trademark of Novell, Inc.
EXOS is a trademark of Novell, Inc.
EXport is a trademark of Novell, Inc.
ExpressFax is a trademark of Novell, Inc.
EZSearch is a trademark of Novell, Inc.
FastPath is a registered trademark of Novell, Inc. in the United States and
other countries.
FaxDirect is a trademark of Novell, Inc.
FaxMan is a trademark of Novell, Inc.
Ferret is a registered trademark of Novell, Inc. in the United States and other
countries.
FileLINK is a trademark of Novell, Inc.
FirstMail is a trademark of Novell, Inc.
Fluency is a registered trademark of Novell, Inc. in the United States and other
countries.
Fluent is a registered trademark of Novell, Inc. in the United States and other
countries.
Fluentlink is a registered trademark of Novell, Inc. in the United States and
other countries.
Fluentstreams is a registered trademark of Novell, Inc. in the United States and
other countries.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Full Service Directory is a trademark of Novell, Inc.

Global MHS is a trademark of Novell, Inc.
Global Network Operations Center and GNOC are service marks of Novell,
Inc.
Global Service Partner & Design is a registered trademark of Novell, Inc. in
the United States and other countries.
Graphics Environment Manager and GEM are registered trademarks of
Novell, Inc. in the United States and other countries.
GroupWise is a registered trademark of Novell, Inc. in the United States and
other countries.
GroupWise XTD is a trademark of Novell, Inc.
Hardware Specific Module and HSM are trademarks of Novell, Inc.
High Availability Server is a trademark of Novell, Inc.
HostAccess is a trademark of Novell, Inc.
HostPublisher is a trademark of Novell, Inc.
HostShare is a trademark of Novell, Inc.
Hot Fix is a trademark of Novell, Inc.
Hub Management Interface and HMI are trademarks of Novell, Inc.
iChain is a trademark of Novell, Inc.
iFolder is a trademark of Novell, Inc.
Indisy is a trademark of Novell, Inc.
InfoCube is a trademark of Novell, Inc.
InForms is a trademark of Novell, Inc.
instantme is a trademark of Novell, Inc.
Instructional Workbench is a registered trademark of Novell, Inc. in the
IntelliMouse is a trademark of Novell, Inc.
interNetWare is a trademark of Novell, Inc.
interNetWire is a registered service mark of Novell, Inc. in the United States
Internetwork Packet Exchange and IPX are trademarks of Novell, Inc.
IPX/SPX is a trademark of Novell, Inc.
IPXODI is a trademark of Novell, Inc.
IPXWAN is a trademark of Novell, Inc.
KnowledgeAgent is a trademark of Novell, Inc.
KnowledgeCast is a trademark of Novell, Inc.
LAN Channel is a trademark of Novell, Inc.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
LAN Ranger is a trademark of Novell, Inc.

LAN Service is a trademark of Novell, Inc.
LAN WorkGroup is a trademark of Novell, Inc.
LAN WorkPlace is a registered trademark of Novell, Inc. in the United States
LAN WorkShop is a trademark of Novell, Inc.
LANalyzer is a registered trademark of Novell, Inc. in the United States and
other countries.
LANalyzer Agent is a trademark of Novell, Inc.
LANmark is a trademark of Novell, Inc.
LANtern is a trademark of Novell, Inc.
Link 68
Link 86
Link Support Layer and LSL are trademarks of Novell, Inc.
LogicSource is a trademark of Novell, Inc.
LX is a trademark of Novell, Inc.
MacIPX is a registered trademark of Novell, Inc. in the United States and other
countries.
MagicSoft is a trademark of Novell, Inc.
ManageWise is a registered trademark of Novell, Inc. in the United States and
other countries.
ManageWise Agent is a trademark of Novell, Inc.
Master CNE is a trademark and MCNE is a service mark of Novell, Inc.
Master CNI is a trademark and MCNI is a service mark of Novell, Inc.
meCard is a trademark of Novell, Inc.
Media Support Module and MSM are trademarks of Novell, Inc.
Mirrored Server Link and MSL are trademarks of Novell, Inc.
Mobile IPX is a trademark of Novell, Inc.
Mobile WorkPlace is a trademark of Novell, Inc.
MP/M is a trademark of Novell, Inc.
MP/M II is a trademark of Novell, Inc.
MP/M-86 is a trademark of Novell, Inc.
Multiple Link Interface and MLI are trademarks of Novell, Inc.
Multiple Link Interface Driver and MLID are trademarks of Novell, Inc.
Multiple Protocol Interface and MPI are trademarks of Novell, Inc.
My World is a registered trademark of Novell, Inc. in the United States and
other countries.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
N-Design is a registered trademark of Novell, Inc. in the United States and

other countries.
Natural Language Interface for Help is a trademark of Novell, Inc.
NDebug is a trademark of Novell, Inc.
NDS Admin is a trademark of Novell, Inc.
NDS Administrator is a trademark of Novell, Inc.
NDS Manager is a trademark of Novell, Inc.
NE/2 is a trademark of Novell, Inc.
NE/2-32 is a trademark of Novell, Inc.
NE/2T is a trademark of Novell, Inc.
NE1000 is a trademark of Novell, Inc.
NE1500T is a trademark of Novell, Inc.
NE2000T is a trademark of Novell, Inc.
NE32HUB is a trademark of Novell, Inc.
NEST is a trademark of Novell, Inc.
NEST Autoroute is a trademark of Novell, Inc.
NetAware is a trademark of Novell, Inc.
NetDevice is a trademark of Novell, Inc.
NetExplorer is a trademark of Novell, Inc.
NetExplorer Plus is a trademark of Novell, Inc.
NetFire is a trademark of Novell, Inc.
NetNotes is a registered trademark of Novell, Inc. in the United States and
other countries.
NetSync is a trademark of Novell, Inc.
NetWare is a registered trademark of Novell, Inc. in the United States and
other countries.
NetWare 3270 CUT Workstation is a trademark of Novell, Inc.
NetWare 3270 LAN Workstation is a trademark of Novell, Inc.
NetWare 386 is a trademark of Novell, Inc.
NetWare 5250 Gateway is a trademark of Novell, Inc.
NetWare 5250 LAN Workstation is a trademark of Novell, Inc.
NetWare Access Server is a trademark of Novell, Inc.
NetWare Access Services is a trademark of Novell, Inc.
NetWare Application Manager is a trademark of Novell, Inc.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NetWare Application Notes is a trademark of Novell, Inc.

NetWare Asynchronous Communication Services and NACS are trademarks
of Novell, Inc.
NetWare Asynchronous Services Interface and NASI are trademarks of
Novell, Inc.
NetWare Aware is a trademark of Novell, Inc.
NetWare Basic MHS is a trademark of Novell, Inc.
NetWare BranchLink Router is a trademark of Novell, Inc.
NetWare C Interface is a trademark of Novell, Inc.
NetWare Care is a trademark of Novell, Inc.
NetWare Classic MHS is a trademark of Novell, Inc.
NetWare Communication Services Manager is a trademark of Novell, Inc.
NetWare Connect is a registered trademark of Novell, Inc. in the United
States.
NetWare Distributed Management Services is a trademark of Novell, Inc.
NetWare Document Management Services is a trademark of Novell, Inc.
NetWare DOS Requester and NDR are trademarks of Novell, Inc.
NetWare Enterprise Router is a trademark of Novell, Inc.
NetWare Expert is a trademark of Novell, Inc.
NetWare Export is a trademark of Novell, Inc.
NetWare Express is a registered service mark of Novell, Inc. in the United
NetWare FleX/IP is a trademark of Novell, Inc.
NetWare Global Messaging and NGM are trademarks of Novell, Inc.
NetWare Global MHS is a trademark of Novell, Inc.
NetWare HostPrint is a registered trademark of Novell, Inc. in the United
States.
NetWare Hub Services is a trademark of Novell, Inc.
NetWare Imaging Services is a trademark of Novell, Inc.
NetWare IPX Router is a trademark of Novell, Inc.
NetWare LANalyzer Agent is a trademark of Novell, Inc.
NetWare Link Services Protocol and NLSP are trademarks of Novell, Inc.
NetWare Link/64 is a trademark of Novell, Inc.
NetWare Link/Async is a trademark of Novell, Inc.
NetWare Link/ATM is a trademark of Novell, Inc.
NetWare Link/Frame Relay is a trademark of Novell, Inc.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NetWare Link/PPP is a trademark of Novell, Inc.

NetWare Link/TI
NetWare Link/X.25 is a trademark of Novell, Inc.
NetWare Loadable Module and NLM are trademarks of Novell, Inc.
NetWare LU6.2 is trademark of Novell, Inc.
NetWare Management Agent is a trademark of Novell, Inc.
NetWare Management Map is a trademark of Novell, Inc.
NetWare Management Portal is a trademark of Novell, Inc.
NetWare Management System and NMS are trademarks of Novell, Inc.
NetWare Message Handling Service and NetWare MHS are trademarks of
Novell, Inc.
NetWare MHS is a registered trademark of Novell, Inc. in the United States
NetWare MHS Mailslots is a registered trademark of Novell, Inc. in the United
NetWare Mirrored Server Link and NMSL are trademarks of Novell, Inc.
NetWare Mobile is a trademark of Novell, Inc.
NetWare Mobile IPX is a trademark of Novell, Inc.
NetWare MultiProtocol Router and NetWare MPR are trademarks of Novell,
Inc.
NetWare MultiProtocol Router Plus is a trademark of Novell, Inc.
NetWare Name Service is a trademark of Novell, Inc.
NetWare Navigator is a trademark of Novell, Inc.
NetWare Notify is a trademark of Novell, Inc.
NetWare Peripheral Architecture is a trademark of Novell, Inc.
NetWare Print Server is a trademark of Novell, Inc.
NetWare Ready is a trademark of Novell, Inc.
NetWare Requester is a trademark of Novell, Inc.
NetWare Runtime is a trademark of Novell, Inc.
NetWare RX-Net is a trademark of Novell, Inc.
NetWare SFT is a trademark of Novell, Inc.
NetWare SFT III is a trademark of Novell, Inc.
NetWare SNA Gateway is a trademark of Novell, Inc.
NetWare SNA Links is a trademark of Novell, Inc.
NetWare SQL is a trademark of Novell, Inc.
NetWare Storage Management Services and NetWare SMS are trademarks of
Novell, Inc.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NetWare Telephony Services is a trademark of Novell, Inc.

NetWare Token-Ring Source Routing Drivers is a trademark of Novell, Inc.
NetWare Tools is a trademark of Novell, Inc.
NetWare UAM is a trademark of Novell, Inc.
NetWare Update is a trademark of Novell, Inc.
NetWare Update/Upgrade is a trademark of Novell, Inc.
NetWare Upgrade is a trademark of Novell, Inc.
NetWare User Authentication Method is a trademark of Novell, Inc.
NetWare Video Services and NVT are trademarks of Novell, Inc.
NetWare WAN Links is a trademark of Novell, Inc.
NetWare/IP is a trademark of Novell, Inc.
NetWire is a registered service mark of Novell, Inc. in the United States and
other countries.
Network Navigator is a registered trademark of Novell, Inc. in the United
States.
Network Navigator - AutoPilot is a registered trademark of Novell, Inc. in the
Network Navigator - Dispatcher is a registered trademark of Novell, Inc. in the
United States.
Network Support Encyclopedia and NSE are trademarks of Novell, Inc.
Network Support Encyclopedia Professional Volume and NSEPro are
trademarks of Novell, Inc.
NetWorld is a registered service mark of Novell, Inc. in the United States and
other countries.
NIMS is a trademark of Novell, Inc.
Novanet is a trademark of Novell, Inc.
Novell is a service mark of Novell, Inc. and a registered trademark of Novell,
Inc. in the United States and other countries.
Novell Academy is a trademark of Novell, Inc.
Novell Alliance Partners Program is a collective mark of Novell, Inc.
Novell Application Launcher is a trademark of Novell, Inc.
Novell AppWorld is a trademark of Novell, Inc.
Novell Authorized CNE is a trademark and service mark of Novell, Inc.
Novell Authorized Education Center and NAEC are service marks of Novell,
Inc.
Novell Authorized Partner is a service mark of Novell, Inc.
Novell Authorized Reseller is a service mark of Novell, Inc.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Novell Authorized Service Center and NASC are service marks of Novell,
Inc.
Novell BorderManager is a trademark of Novell, Inc.
Novell BorderManager FastCache is a trademark of Novell, Inc.
Novell CC is a trademark of Novell, Inc.
Novell Certificate Server is a trademark of Novell, Inc.
Novell Client is a trademark of Novell, Inc.
Novell Connect Services is a trademark of Novell, Inc.
Novell Corporate Symbol is a trademark of Novell, Inc.
Novell Customer Connections is a registered trademark of Novell, Inc. in the
United States.
Novell Distributed AppWare Services and NDAS are trademarks of Novell,
Inc.
Novell Directory Assistance is a trademark of Novell, Inc.
Novell Directory Services and NDS are registered trademarks of Novell, Inc.
Novell Distributed Print Services is a trademark of Novell, Inc. and NDPS is
a registered trademark of Novell, Inc. in the United States and other
countries.
Novell Easy Administration Tool is a trademark of Novell, Inc.
Novell Education Logo is a registered trademark of Novell, Inc. in the United
Novell ElectroText is a trademark of Novell, Inc.
Novell Embedded Systems Technology is a registered trademark of Novell,
Inc. in the United States and other countries and NEST is a trademark of
Novell, Inc.
Novell Enterprise Print Services is a trademark of Novell, Inc.
Novell Gold Authorized Reseller is a service mark of Novell, Inc.
Novell Gold Partner is a service mark of Novell, Inc.
Novell HostPublisher is a trademark of Novell, Inc.
Novell InnerWeb Publisher is a trademark of Novell, Inc.
Novell Internet Access Server is a trademark of Novell, Inc.
Novell Internet Caching System is a trademark of Novell, Inc.
Novell Internet Messaging System is a trademark of Novell, Inc.
Novell IPX/IP Gateway is a trademark of Novell, Inc.
Novell Labs is a trademark of Novell, Inc.
Novell Master CNE is a trademark and service mark of Novell, Inc.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Novell N-Design is a registered trademark of Novell, Inc. in the United States

Novell NE/2 is a trademark of Novell, Inc.
Novell NE/2-32 is a trademark of Novell, Inc.
Novell NE3200 is a trademark of Novell, Inc.
Novell Net Publisher is a trademark of Novell, Inc.
Novell Network Registry is a service mark of Novell, Inc.
Novell Partner Passport is a trademark of Novell, Inc.
Novell Platinum Authorized Reseller is a service mark of Novell, Inc.
Novell Platinum Partner is a service mark of Novell, Inc.
Novell Press is a trademark of Novell, Inc.
Novell Press Logo (Novell Network Symbol) is a registered trademark of
Novell Press Logo (Open Book) is a registered trademark of Novell, Inc. in
Novell Press Logo (teeth logo) is a registered trademark of Novell, Inc. in the
Novell Remote Program Load is a trademark of Novell, Inc.
Novell Replication Services is a trademark of Novell, Inc.
Novell Research Reports is a trademark of Novell, Inc.
Novell RX-Net/2 is a trademark of Novell, Inc.
Novell Security Attributes is a trademark of Novell, Inc.
Novell Service Partner is a trademark of Novell, Inc.
Novell Storage Services is a trademark of Novell, Inc.
Novell Support Connection is a registered trademark of Novell, Inc. in the
Novell Technical Services and NTS are service marks of Novell, Inc.
Novell Technology Institute and NTI are registered service marks of Novell,
Novell Turbo-RX-Net is a trademark of Novell, Inc.
Novell Virtual Terminal and NVT are trademarks of Novell, Inc.
Novell Web Server is a trademark of Novell, Inc.
Novell World Wide is a trademark of Novell, Inc.
NSE Online is a service mark of Novell, Inc.
NSEPro is a trademark of Novell, Inc.
NTR2000 is a trademark of Novell, Inc.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Nutcracker is a registered trademark of Novell, Inc. in the United States and

other countries.
OfficeWare is a trademark of Novell, Inc.
OnLAN/LAP is a registered trademark of Novell, Inc. in the United States and
other countries.
OnLAN/MAC is a trademark of Novell, Inc.
OnLAN/PC is a registered trademark of Novell, Inc. in the United States and
other countries.
Open Data-Link Interface and ODI are trademarks of Novell, Inc.
Open Look is a registered trademark of Novell, Inc. in the United States and
other countries.
Open Networking Platform and ONP are registered trademarks of Novell, Inc.
Open Socket is a registered trademark of Novell, Inc. in the United States.
Open Solutions Architecture is a trademark of Novell, Inc.
Packet Burst is a trademark of Novell, Inc.
PartnerNet is a registered service mark of Novell, Inc. in the United States and
other countries.
PC Navigator is a trademark of Novell, Inc.
PCOX is a registered trademark of Novell, Inc. in the United States and other
countries.
PCterminal is a trademark of Novell, Inc.
PerfectWorks is a trademark of Corel Corporation Limited used under license
by Novell, Inc.
Perform2 is a trademark of Novell, Inc.
Perform3 is a trademark of Novell, Inc.
Personal BASIC is a trademark of Novell, Inc.
Personal NetWare is a trademark of Novell, Inc.
Pervasive Computing is a service mark of Novell, Inc.
Pervasive Computing from Novell is a registered trademark of Novell, Inc. in
Picasso is a trademark of Novell, Inc.
Portable NetWare is a trademark of Novell, Inc.
Portable Operating System Extensions and POSE are trademarks of Novell,
Inc.
Power Bar is a trademark of Novell, Inc.
Preferred Service is a service mark of Novell, Inc.
Premium Service is a service mark of Novell, Inc.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Presentation Master is a registered trademark of Novell, Inc. in the United

Presentation Team is a trademark of Novell, Inc.
Print Managing Agent is a trademark of Novell, Inc.
Printer Agent is a trademark of Novell, Inc.
Public Access Printer is a trademark of Novell, Inc.
QuickFinder is a trademark of Novell, Inc.
QuickPath is a trademark of Novell, Inc.
Red Box is a trademark of Novell, Inc.
Reference Software is a registered trademark of Novell, Inc. in the United
Remote Console is a trademark of Novell, Inc.
Remote MHS is a trademark of Novell, Inc.
Rock the Net is a trademark of Novell, Inc.
Ruler Bar is a trademark of Novell, Inc.
RX-Net is a trademark of Novell, Inc.
RX-Net/2 is a trademark of Novell, Inc.
Santa Clara Systems is a trademark of Novell, Inc.
ScalePack is a trademark of Novell, Inc.
ScanXpress is a registered trademark of Novell, Inc. in the United States and
other countries.
ScreenPlay is a trademark of Novell, Inc.
Script Director is a registered trademark of Novell, Inc. in the United States
Serius is a registered trademark of Serius Corporation, a wholly owned
subsidiary of Novell, Inc.
Serius (Design) is a registered trademark of Serius Corporation, a wholly
owned subsidiary of Novell, Inc.
Serius Business is a registered trademark of Serius Corporation, a wholly
owned subsidiary of Novell, Inc.
Sequenced Packet Exchange and SPX are trademarks of Novell, Inc.
Service Response System is a trademark of Novell, Inc.
Serving FTP is a trademark of Novell, Inc.
SFT is a trademark of Novell, Inc.
SFT III is a trademark of Novell, Inc.
Single Click Sign-on is a trademark of Novell, Inc.
Smart Global Network is a trademark of Novell, Inc.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
SMSTSA is a trademark of Novell, Inc.

SoftSolutions is a registered trademark of SoftSolutions Technology
Corporation, a wholly owned subsidiary of Novell, Inc.
Software Testing Program and STP are trademarks of Novell, Inc.
Software Transformation, Inc. is a registered trademark of Software
Transformation, Inc., a wholly owned subsidiary of Novell, Inc.
Solution City is a registered trademark of Novell, Inc. in the United States and
other countries.
SpeedSearch is a trademark of Novell, Inc.
SpeedStart is a trademark of Novell, Inc.
SPX/IPX is a trademark of Novell, Inc.
StarLink is a registered trademark of Novell, Inc. in the United States and
other countries.
Storage Management Services and SMS are trademarks of Novell, Inc.
SuperSearch is a trademark of Novell, Inc.
System V is a trademark of Novell, Inc.
TCPort is a trademark of Novell, Inc.
Technical Support Alliance and TSA are collective marks of Novell, Inc.
The Fastest Way to Find the Right Word is a registered trademark of Novell,
The Human Device Logo (BrainShare Logo) is a registered trademark of
The Novell Network Symbol is a trademark of Novell, Inc.
The Past, Present, and Future of Network Computing is a trademark and a
service mark of Novell, Inc.
The Power to Change is a trademark of Novell, Inc.
The Smart Way to Manage Your Network is a trademark of Novell, Inc.
The Source for Open Systems is a trademark of Novell, Inc.
Topology Specific Module and TSM are trademarks of Novell, Inc.
Transaction Tracking System and TTS are trademarks of Novell, Inc.
Turbo RX-Net is a trademark of Novell, Inc.
Univel is a trademark of Novell, Inc.
Universal Component System is a registered trademark of Novell, Inc. in the
USL is a trademark of Novell, Inc.
UST is a trademark of Novell, Inc.
ViewMAX is a trademark of Novell, Inc.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Virtual Loadable Module and VLM are trademarks of Novell, Inc.

Visual AppBuilder is a trademark of Novell, Inc.
VoiceWise is a trademark of Novell, Inc.
Web Lessons is a trademark of Novell, Inc.
Whenever is a trademark of Novell, Inc.
WKSH is a trademark of Novell, Inc.
Writers Workbench is a registered trademark of Novell, Inc. in the United
X-WIN is a trademark of Novell, Inc.
XREF is a trademark of Novell, Inc.
XWIN is a trademark of Novell, Inc.
Yes, It Runs with NetWare (logo) is a trademark of Novell, Inc.
Yes, NetWare Tested and Approved (logo) is a trademark of Novell, Inc.
ZENworks is a trademark of Novell, Inc.
Utilities Reference
103-000153-001
August 29, 2001
Novell Confidential
Server Operating System Administration Guide
Novell
NetWare 6
www.novell.com
6.0
S E RV E R O P E R AT I N G S Y S T E M
August 30, 2001

Novell Confidential
doc_tpl.fm
Rev 99a
28 October 99
17
Contents
Server Operating System .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Learning about the NetWare Server
. . . . . . . . . . . . . . . . . . . . . . . . 11
Overview of the NetWare Server. . . . . . . . . . . . . . . . .

NetWare Integrated Kernel. . . . . . . . . . . . . . . . . . . .
The Run Queue. . . . . . . . . . . . . . . . . . . . . . . .
Load Balancing . . . . . . . . . . . . . . . . . . . . . . . .
Concurrency and Parallelism . . . . . . . . . . . . . . . . .
Pre-emption. . . . . . . . . . . . . . . . . . . . . . . . . .
Platform Support Module . . . . . . . . . . . . . . . . . . .
The Server Console . . . . . . . . . . . . . . . . . . . . . . .
NetWare Is Self-Tuning . . . . . . . . . . . . . . . . . . . . .
Java-Based Components of NetWare . . . . . . . . . . . . . .
The Novell JVM for NetWare and the Just In Time Compiler
Setting Up the NetWare Server .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Optimizing the NetWare Server
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
11
12
13
14
15
16
17
18
20
21
21
. . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Changing the Servers Software Configuration . . . . . . . . . . .

Installing, Uninstalling, and Configuring a Server or Other Products
Changing the Language NetWare Uses . . . . . . . . . . . . . . .
Code Pages . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Using Unicode . . . . . . . . . . . . . . . . . . . . . . . . . .
Changing Code Pages . . . . . . . . . . . . . . . . . . . . . . . .
Changing Server Message Files . . . . . . . . . . . . . . . . . . .
Changing NLM Message Files . . . . . . . . . . . . . . . . . . . .
Changing the Server Keyboard Type . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
24
25
26
26
27
29
30
31
32
. . . . . . . . . . . . . . . . . . . . . . . . . . . 33
Applying Patches. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
Matching Performance Capabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
Setting the Load Balancing Threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Contents

103-000148-001
August 30, 2001
Novell Confidential
doc_tpl.fm
Rev 99a
Setting Server Parameter Values . . . . . . . . . . . . . . . . . . . . .

Understanding Server Defaults . . . . . . . . . . . . . . . . . . . .
Finding Current Parameter Values . . . . . . . . . . . . . . . . . .
Printing Current Parameter Values to a File . . . . . . . . . . . . . .
Checking Current Parameter Values with DISPLAY ENVIRONMENT
When to Modify Defaults . . . . . . . . . . . . . . . . . . . . . . . .
When Not to Modify Defaults . . . . . . . . . . . . . . . . . . . . .
Restoring Default Values with RESET ENVIRONMENT . . . . . . .
Monitoring Dynamic Statistics . . . . . . . . . . . . . . . . . . . . .
Using Optional Commands in Startup Files . . . . . . . . . . . . . .
Using SET Commands in Startup Files . . . . . . . . . . . . . . . .
Minimizing Replication Traffic . . . . . . . . . . . . . . . . . . . . . . .
Managing the NetWare Server .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
. . . . . . . . . . . . . . . . . . . . . . . . . . .
Starting and Stopping the Server . . . . . . . . . . . . . . . . . . . .

Starting the Server . . . . . . . . . . . . . . . . . . . . . . . . . .
Bringing Down the Server . . . . . . . . . . . . . . . . . . . . . .
Viewing and Accessing Server Console Screens . . . . . . . . . . . .
Starting and Stopping Processors . . . . . . . . . . . . . . . . . . . .
Displaying Processor Information . . . . . . . . . . . . . . . . . .
Stopping Processors . . . . . . . . . . . . . . . . . . . . . . . . .
Starting Processors . . . . . . . . . . . . . . . . . . . . . . . . .
Using Server Batch Files . . . . . . . . . . . . . . . . . . . . . . . .
Using EDIT to Create and Edit Text and Batch Files . . . . . . . .
Using NWCONFIG to Create and Edit Startup Batch Files . . . . .
Making a Command Optional in a Server Batch (.NCF) File . . . .
Changing Server Name and Internal Address in AUTOEXEC.NCF .
Using Server Utilities and Console Commands . . . . . . . . . . . . .
How to Access Help for Utilities and Console Commands. . . . . .
Using NetWare Loadable Modules . . . . . . . . . . . . . . . . .
Loading and Unloading NetWare Loadable Modules . . . . . . . .
Using Java on the Server . . . . . . . . . . . . . . . . . . . . . . . .
Environment Variables for Java . . . . . . . . . . . . . . . . . . .
Managing NetWare Server GUI . . . . . . . . . . . . . . . . . . .
Securing the Server Console . . . . . . . . . . . . . . . . . . . . . .
Why Should I Use SECURE CONSOLE? . . . . . . . . . . . . . .
Using the SECURE CONSOLE Command . . . . . . . . . . . . .
Using SCRSAVER to Lock the Server Console . . . . . . . . . . .
Unlocking the Server Console . . . . . . . . . . . . . . . . . . . .
Using NCP Packet Signature . . . . . . . . . . . . . . . . . . . . . .
Why Should I Use Packet Signatures? . . . . . . . . . . . . . . .
NCP Packet Signature Options . . . . . . . . . . . . . . . . . . .
Effective Packet Signature . . . . . . . . . . . . . . . . . . . . . .
Recommended Signature Levels . . . . . . . . . . . . . . . . . .
Implementing NCP Packet Signature . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
28 October 99
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

103-000148-001
August 30, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
38
38
40
41
42
42
43
43
43
44
44
45
47
48
48
49
50
52
52
53
54
55
56
57
58
59
60
60
61
62
63
63
65
67
68
68
69
70
70
71
72
72
73
73
doc_tpl.fm
Using the Transaction Tracking System . . . . . . . . .

How TTS Works . . . . . . . . . . . . . . . . . . .
Enabling and Activating TTS . . . . . . . . . . . . .
Using an Uninterruptible Power Supply (UPS) . . . . . .
Preventing Virus Infection . . . . . . . . . . . . . . . .
Monitoring the NetWare Server . . . . . . . . . . . . .
Accessing MONITOR. . . . . . . . . . . . . . . . .
What to Monitor and Why. . . . . . . . . . . . . . .
Displaying Server Alerts . . . . . . . . . . . . . . . . .
Managing Workstation Connections . . . . . . . . . . .
Performing Connection Management Tasks . . . . .
Monitoring Workstation Connections to the Server. .
Sending Console Messages to Workstations. . . . .
Clearing a Workstation Connection. . . . . . . . . .
Disabling and Enabling Logins . . . . . . . . . . . .
Clearing a Connection That Uses Auto Reconnect. .
Controlling Resource Allocation with Locks . . . . .
Performing Common Maintenance Tasks . . . . . . . .
Backing Up Server Data . . . . . . . . . . . . . . .
Checking Server Error Logs . . . . . . . . . . . . .
Checking Disk Drives . . . . . . . . . . . . . . . . .
Reviewing Server Cache Statistics . . . . . . . . . .
Checking Free Space on Server Disks and Volumes
Reviewing User Accounts . . . . . . . . . . . . . .
Testing the Uninterruptible Power Supply . . . . . .
Documenting the Network . . . . . . . . . . . . . .
Performing Preventive Maintenance Tasks . . . . . . .
Preventing Memory Problems . . . . . . . . . . . .
Preventing Power Supply Errors . . . . . . . . . . .
Preventing Static Electricity Problems . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Rev 99a
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
28 October 99
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
77
78
78
81
82
82
83
83
87
89
89
89
91
92
93
93
94
96
96
97
97
97
98
98
98
99
101
101
101
102
Troubleshooting the NetWare Server
. . . . . . . . . . . . . . . . . . . . . .
105
Using a Troubleshooting Methodology . . . . . . .

Keeping Your Servers Patched. . . . . . . . .
Eliminating Obvious Causes . . . . . . . . . .
Gathering Information . . . . . . . . . . . . .
Simplifying the System . . . . . . . . . . . . .
Using Troubleshooting Resources . . . . . . .
Developing Hypotheses and Performing Tests.
Looking for Additional Help . . . . . . . . . . .
Documenting the Solution . . . . . . . . . . .
Creating a Core Dump . . . . . . . . . . . . . . .
Performing a Core Dump to a Local Drive . . .
Sending the Core Dump to Novell . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
105
106
107
107
109
109
111
111
112
112
113
114
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Contents

103-000148-001
August 30, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
doc_tpl.fm
Rev 99a
Troubleshooting Hardware and Network Problems . . . . . . . . . . . . . . . .

Identifying Problems after Installation . . . . . . . . . . . . . . . . . . . . .
Resolving Hard Disk Access Problems . . . . . . . . . . . . . . . . . . . .
Making Computer Memory Available for Network Drivers . . . . . . . . . . .
Troubleshooting the NetWare Server . . . . . . . . . . . . . . . . . . . . . . .
Resolving Abends . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Insufficient Packet Receive Buffers, No ECB Available Count Errors . . . . .
Resolving Slow Server Response . . . . . . . . . . . . . . . . . . . . . . .
Server Console Hangs . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
High Utilization Statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . .
Disk Errors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Resolving Server Memory Problems. . . . . . . . . . . . . . . . . . . . . .
Resolving Locked Device Errors . . . . . . . . . . . . . . . . . . . . . . . .
Resolving Event Control Block Allocation Errors . . . . . . . . . . . . . . .
Resolving Server Console Command Problems. . . . . . . . . . . . . . . .
Resolving Keyboard Locking Problems When Copying Files from CD-ROM .
Monitoring and Resolving Communication Problems . . . . . . . . . . . . . . .
Suspected Multiprocessing Problems . . . . . . . . . . . . . . . . . . . . . . .
Unable to Communicate with Server, -625 Errors . . . . . . . . . . . . . . . . .
Workstations Cant Communicate with Server . . . . . . . . . . . . . . . . . .
Errors Reading from and Writing to Network, Server Cannot Be Found Errors
Connections Dropped Periodically . . . . . . . . . . . . . . . . . . . . . . .
Tips for Resolving General Communication Problems . . . . . . . . . . . .
Admin Account Has Been Deleted or Admin Password Is Unknown . . . . . . .
Preventive Maintenance Tasks . . . . . . . . . . . . . . . . . . . . . . . . . .

103-000148-001
August 30, 2001
Novell Confidential
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
28 October 99
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
114
114
114
115
115
116
121
121
124
125
132
136
143
143
144
145
147
149
150
153
153
156
156
158
158
Manual
99a
38
July 17, 2001
Server Operating System

Welcome to the NetWare Server Operating System Guide. This guide
contains the following chapters:
Chapter 1, Learning about the NetWare Server, on page 11
Chapter 2, Setting Up the NetWare Server, on page 23
Chapter 3, Optimizing the NetWare Server, on page 33
Chapter 4, Managing the NetWare Server, on page 47
Chapter 5, Troubleshooting the NetWare Server, on page 105
For additional information about the server operating system, see the
following table.
If you want to
Refer to
Begin installing the server
NetWare 6 Overview and Installation

Guide
Use a multiprocessing computer as

your server and you want more
information on the higher level of
support for multiprocessing
Decide which protocol to use
Server Communications
Learn about how the Novell

eDirectoryTM database and eDirectory
tree are the foundation for convenient
network administration
eDirectory Concepts in the Novell

eDirectory 8.6 Administration Guide
Server Operating System

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If you want to
Refer to
Decide which file system to use
Novell Storage Services Administration

Guide
Learn more about use of memory by

NetWare
Server Memory Administration Guide
10

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

This chapter contains the following information:
To learn about
See
NetWare Server Operating System

basics
Overview of the NetWare Server on

page 11
NetWare integrated kernel
NetWare Integrated Kernel on page

12
Server console security and interfaces
The Server Console on page 18
How the NetWare server optimizes its

own performance
NetWare Is Self-Tuning on page 20
Java*-based components of NetWare

on page 21
Overview of the NetWare Server

Although it is frequently more convenient to refer to the computer where
NetWare resides as the server, the NetWare server is the network operating
system that is installed on a server class computer. NetWare turns the
computer into a high-performance network platform that provides
connectivity between workstations, printers, mass storage devices, and other
networks such as the Internet. NetWare also provides network users with a
server platform for hosting Java applications.
The NetWare server manages the transmission of data among the network
devices, stores and retrieves data from hard disks, manages one or more file
systems, ensures data integrity, manages printers and printing, and allocates
and manages memory. The NetWare server is designed to operate on either a
uniprocessing or multiprocessing computer.

103-000148-001
August 30, 2001
Novell Confidential
11
Manual
99a
38
July 17, 2001
The principal executable for NetWare, SERVER.EXE, includes bound-in

modules, such as those for Media Manager, NetWare Peripheral
ArchitectureTM (NWPA), and the Link Support LayerTM (LSLTM). When
SERVER.EXE is executed, the NetWare server is loaded into memory, takes
control of the hardware resources, and begins to load its component modules.
NOTE: NetWare uses DOS as a cold boot loader. It does not run on top of DOS.
Because the system is modular, individual modules can be updated without

replacing SERVER.EXE. A new module simply replaces the previous version.
NOTE: The directory in which SERVER.EXE is stored is called the startup
directory or the boot directory. By default, SERVER.EXE is stored in the

C:\NWSERVER directory. Updated modules can be copied to the STARTUP
directory where they will overwrite previous versions or the bound-in versions of the
same modules.
NetWare 6 is based on an integrated kernel. The multiprocessing kernel

(MPK) is completely multithreaded, supports pre-emption, andas an
integrated kernelruns on both multiprocessor and uniprocessor systems.
NetWare supports as many as 32 processors.
Although NetWare 6 has minimum hardware requirements (see System
Requirements in the NetWare 6 Overview and Installation Guide), we
recommend that you provide a high-performance hardware platform so you
can get the full benefit of the power and scalability that NetWare 6 offers.
To ensure that no component of your system hampers the performance of any
other, see also Matching Performance Capabilities on page 34.

The core of the NetWare operating system is the integrated kernel. MPK
(multiprocessing kernel) manages threads, schedules processor resources,
handles interrupts and exceptions, and manages access to memory and the I/O
subsystems.
For explanations and descriptions, see the following:
The Run Queue on page 13
Load Balancing on page 14
Concurrency and Parallelism on page 15
Pre-emption on page 16
Platform Support Module on page 17
12

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The Run Queue

A thread is a stream of control that can execute its instructions independently.
A simpler definition is that a thread is a unit of execution. It is not the code
itself.
HINT: For more information on threads, see Bil Lewis and Daniel J. Bergs
Threads Primer: A Guide to Multithreaded Programming Sun Microsystems, Inc.

Their definition of "thread" has been quoted above.
The kernel maintains a data structure called the run queue which contains
threads that are in a state of readiness. In a uniprocessor system, there is only
one run queue from which the processor can pick up threads for execution.
In a multiprocessing system where more than one processor is available, there
is more than one possible solution. The distribution of threads to multiple
processors could be handled by a global run queue (all processors sharing a
single run queue) or by per-processor run queues (known also as local run
queues or distributed run queues). Or by some combination of both.
To compare the two approaches:
Global run queue. This approach to distributing threads has the
advantage of automatic load balancing. The reason is that no processor
remains idle as long as the run queue has threads ready. However, the
global solution has the drawback of becoming a bottleneck as the number
of processors increases in a system, although under certain scheduling
policies (such as a real time scheduling policy), a global queue might be
necessary.
Per-processor run queue. This approach has the advantage of being able
to exploit cache affinitywhere threads are preferentially scheduled on
the processor on which they last ran. In addition, this approach does not
have the bottleneck problem associated with the global run queue
approach.
With local queues, however, it becomes necessary to ensure that the load
on the processorsthe number of threads in the queuedoes not become
severely imbalanced. A load balancing mechanism is required to handle
load imbalances so that threads do not pile up at one processor while
another processor remains idle.
The NetWare kernel uses the per-processor run queue. As implemented, a
processor can pick up threads for execution only from its local run queue. This
makes the NetWare scheduler highly scalable compared to an implementation
using a global run queue. To address load imbalance, NetWare uses a
sophisticated load balancing algorithm.

103-000148-001
August 30, 2001
Novell Confidential
13
Manual
99a
38
July 17, 2001
Load Balancing
Two important requirements of any load balancing scheme are stability (not
overreacting to small load imbalances) and the ability to distribute the
processing load quickly.
The NetWare scheduler handles the stability requirement by using a threshold.
The threshold determines how much load imbalance is permitted in the system
before the load balancing mechanism kicks in.
Because a low threshold value would have less tolerance for load imbalances
than a higher value, the lower value could lead to excessive thread movement
due to frequent load balancing. A higher value would have more tolerance for
load imbalances, with the result that the load balancing mechanism would be
triggered less often. However, an optimum value of the threshold would
prevent excessive thread migration while addressing load imbalance only as
needed.
The NetWare scheduler periodically calculates the system-wide load and the
mean load and uses the latter to compare loads and to determine whether an
individual processor is overloaded or underloaded.
The load balancing threshold and the calculated mean load are then used to
determine the high and low trigger loads.
A processor is overloaded when its load exceeds the high trigger load.
A processor is underloaded when it is below the low trigger load.
In this situation, the scheduler then moves threads from the overloaded
processor to the underloaded processor with the result that the loads are
balanced. See the following figure for an illustration of the relationship
between the mean load, the load balancing threshold, and the high and low
trigger loads.
14

103-000148-001
August 30, 2001
Novell Confidential
Manual
Figure 1
99a
38
July 17, 2001
Mean Load, Threshold, and High and Low Trigger Loads
High Trigger Load

(determined by Mean and Threshold)
Increasing
Processor
Workload
Threshold
= value
Mean
Low Trigger Load

(determined by Mean and Threshold)
Without the margin provided by the threshold, threads would constantly move
from one processor to another, thereby compromising the productivity of the
system.
WARNING: Although the threshold is configurable, we strongly recommend that
you retain the preset optimum value. If after careful consideration, you decide to
modify the threshold, test it in an isolated system before modifying the value for a
production environment. If you modify the threshold, remember that you can
always reset it at the optimum value.
You can modify the threshold through NetWare Remote Manager. For details,
see Setting the Load Balancing Threshold on page 37.
Concurrency and Parallelism

NetWare has always had threads (typically referred to as processes) but until
NetWare 6 has not exploited the potential for parallelism in multithreaded
code. Multithreading enables multiple paths of parallel execution through the
code path. A software developer identifies tasks that can be performed
concurrently, that are not dependent on being performed in a fixed sequence,
and provides the mechanisms for assigning tasks to multiple threads and for
appropriate synchronization to protect data shared by the threads.
In a uniprocessor environment, multithreaded code allows threads to run
concurrently. This means that one or more threads are active on the same
processor. The threads appear to run at the same timealthough they do not
actually do so. One thread, for example, can be blocking while another thread

103-000148-001
August 30, 2001
Novell Confidential
15
Manual
99a
38
July 17, 2001
is executing code. They are perceived as executing simultaneously because

processors are very fast and time quanta are very small.
On the other hand, it is the availability of hardware systems with multiple
processors that makes it possible to have multiple threads actually running at
exactly the same time on different processors. When threads execute
simultaneously on multiple processors, they are running in parallel.
Multithreaded code allows more efficient processor utilization by exploiting
parallelism.
With NetWare 6, applications can be written to exploit the parallelism
available in multiprocessor (MP) hardware and the support for parallelism in
the server operating system, and your system will benefit from the
performance gains and scaling that server applications such as GroupWise
provides.
NOTE: A single binary supports both uniprocessor and multiprocessor systems
precisely because the NetWare kernel is multithreaded.
Pre-emption
NetWare allows for pre-emption of threads, within constraints. New NetWare
modules can be written to be pre-emptible.
NOTE: Earlier versions of NetWare implemented a nonpre-emptible round-robin
(First-in, First-out) scheduling policy where threads were scheduled to run in the
order that they entered the run queue. On a uniprocessor system, NetWare is fast
and very efficient.
For an application to exploit pre-emption, the code must be explicitly written

to be pre-emptible. Critical section boundaries might be marked by calling
scheduler API functions that signal a critical code section. Critical sectioning
is used to keep program data in a consistent state and to prevent code that
doesnt lend itself to concurrent execution from executing concurrently. A
thread cannot be pre-empted when it is in a critical section.
By default, if an application thread is running, it will not be pre-empted until
the following conditions are met.
The code where the thread is running must be pre-emptable. This is
indicated by a flag set in the modules NLMTM file format. When the code
is loaded into memory, the memory pages are flagged as pre-emptible.
The thread cannot be in a critical section of the code.
The thread has run long enough to qualify for pre-emption. The scheduler
checks the elapsed time with every tick.
16

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Support for pre-emption provides

An execution environment that allows simplified application
development. Developers can rely on the scheduler to handle preemption.
A mechanism that prevents ill-behaved modules from monopolizing the
processor.
The kernel itself is not pre-emptible.
Platform Support Module

Besides NetWare, all that is necessary to enable multiprocessing on a
multiprocessor computer is the Platform Support Module (PSM) for your
specific hardware platform and NetWare. No other modules are required.
NOTE: Use the PSMs that load during installation. The PSMs for NetWare 4.11
SMP.NLM do not work for NetWare 5 or later.
The PSM is an interrupt abstraction for multiple processors. As a device driver

for the processors, it shields NetWare from hardware-dependent or platformspecific details. It enables secondary processors to be brought online and taken
offline.
During installation, NetWare detects multiple processors by reading the MP
configuration table in BIOS and then determines which of the available
NetWare Platform Support Modules (PSMs) matches the MP hardware
platform.
The network administrator then has the option to load the PSM or to run
NetWare on Processor 0 only. The installation program will modify the
STARTUP.NCF file to load the PSM whenever the server is started.
Novell provides MPS14.PSM, which supports any hardware platform that
complies with the Intel* Multiprocessor Specification 1.1 and 1.4. Compaq*
also provides a PSM for its system requirements. Contact Tricord* for
information on their PSM for NetWare.
In addition to scalability, NetWare multiprocessing offers these benefits:
Backward compatibility for applications written for NetWare 4.11
SMP.NLM. In fact, NetWare supports everything written to CLIB in
previous releases. Older application code is simply funneled to
Processor 0.

103-000148-001
August 30, 2001
Novell Confidential
17
Manual
99a
38
July 17, 2001
An integrated multiprocessing kernel (MPK) that also supports

uniprocessing. One binary runs on both uniprocessor and multiprocessor
hardware platforms.
Kernel support for pre-emption. (Applications must be explicitly enabled
by their developers to take advantage of the kernels pre-emption
support.)
Platform support for MPK in a single platform support module.
The Server Console

The server console includes the monitor and keyboard where you view and
control NetWare server activity. From the server console, you can
Shut down and restart the server
Load and unload NLM programs
Monitor server performance
View network traffic
Set configuration parameters
Edit configuration and other batch files
Send messages
The server console also supports more than one interface:
Command line. Commands can be entered at the System Console
prompt, with or without options and parameters. The prompt is indicated
by the server name followed by a colon (:). LOAD is an example of a
server console command.
Character-based menuing. Utilities use menus, lists, and portals. The
key utility for monitoring the serverMONITORis an example of this
interface.
Java-based GUI. The X Server--Graphical Console lets you access
several Java* applications from the server.
From the Desktop menu of the X Server--Graphical Console application,
you can:
Run Java utilities such as ConsoleOneTM, Install, RConsoleJ,
Console Log, Editor, File Browser, NetWare Remote Manager, and
Server Console.
18

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Control settings for the Java environment and GUI backgrounds.

Run any console command.
Close the X Server--Graphical Console application.
To restart the Graphical Console, enter STARTX at the System
Console prompt.
When NetWare is installed, the server console defaults to the Graphical
Console screen. However, you can toggle between screens when you need
access to the command line or if you choose to keep MONITOR loaded. For
the procedure for toggling between console screens, see Viewing and
Accessing Server Console Screens on page 50.
HINT: For information on bypassing the server splash screen or replacing it with a
screen of your own choice, see Starting the Server on page 48 and SERVER in
Be aware of the following console security issues:

Unauthorized access of the server console. Control keyboard access by
requiring the use of a password. See Securing the Server Console on
page 67.
Use the SECURE CONSOLE command to secure your console against
breaches of security. (See SECURE CONSOLE in Utilities Reference.)
You can also use the screen saver and console-locking features in
SCRSAVER. (See SCRSAVER in Utilities Reference.)
Software tampering. An expert could use the built-in debugger to
disable or bypass the security system. To prevent this, use SECURE
CONSOLE.
Hardware tampering. Keep your server in a secure location. An intruder
could disable the power-on password or remove hard disks to access data.

103-000148-001
August 30, 2001
Novell Confidential
19
Manual
99a
38
July 17, 2001
NetWare Is Self-Tuning
In many ways, NetWare is a self-tuning system. It allocates resources
according to need and availability.
Typically, new resources are not immediately allocated when a request is
received. The operating system waits a specified amount of time to see if
existing resources become available to service the request. If resources
become available, no new resources are allocated. If they do not become
available within the time limit, then new resources are allocated.
The time limit ensures that sudden, infrequent peaks of server activity do not
result in permanently allocating unneeded resources.
For example, when the server is started, all free memory is assigned to file
caching. However, as demand increases for other resources (such as directory
cache buffers), the number of available file cache buffers decreases.
The following parameters are dynamically configured by the operating
system:
Directory cache buffers
File locks
Kernel processes
Kernel semaphores
Load balancing for multiple processors
Maximum number of open files
Memory for NLM programs
Router/server advertising
Routing buffers
Service processes
TTSTM transactions
Turbo FAT index tables
In addition to the parameters configured by NetWare, you can adjust the value
of many server parameters to optimize the server for your network. See
Setting Server Parameter Values on page 38.
20

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

NetWare includes the The Novell JVM for NetWare and the Just In Time
Compiler, along with the Java Naming Directory Interface (JNDI) and Java
Class Libraries (NJCL) for Novell, that enable you to run Java-based applets
and applications on the server.
The Java-based components are installed automatically when you install
NetWare. To use Java-based components, you must use TCP/IP. Instructions
for using Java-based components are found in Using Java on the Server on
page 63 and in ConsoleOne in Utilities Reference.
The Novell JVM for NetWare and the Just In Time Compiler
The Novell JVM for NetWare is comprised of several NLM programs that let
the NetWare server run Java-based applications and applets, including multithreaded applications and applications that use a graphical interface.
The JVM can run any application certified as 100% Pure Java, as described by
JavaSoft*. However, applications that are not 100% Pure Java must be ported
to NetWare.
NetWare includes the Symantec* Just In Time Compiler (JIT) to improve the
performance of Java-based applications.
NetWare also includes drivers for popular video cards and a utility that
automatically recognizes and configures your video card during NetWare
installation.
To run the Novell JVM, you need a minimum of 48 MB RAM and at least 128
MB to run graphical applications. The more memory your server has, the more
Java-based applications it can run.
For information about Java Class Libraries for Novell and the Java Naming
Directory Interface (JNDI), see the Novell Class Libraries for Java
documentation at the Novell DeveloperNet Web site (http://
developer.novell.com/ndk/doc/njcl/njcl_enu/data/ha88dsny.html).

103-000148-001
August 30, 2001
Novell Confidential
21
Manual
22
99a
38

103-000148-001
August 30, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
Setting Up the NetWare Server

For information about installing a NetWare server, including hardware and
software requirements and installation instructions, see the NetWare 6
Overview and Installation Guide.
For information about migrating from IPXTM to TCP/IP, see Migrating IPX to
IP in the Server Communications Administration Guide.
After installation, you might want to use these setup procedures:
Changing the Servers Software Configuration on page 24
Installing, Uninstalling, and Configuring a Server or Other Products on
page 25
Changing the Language NetWare Uses on page 26
The servers default language is English, but the server and the clients can
use different languages. For information about the various localized
components and procedures for changing them, see
Code Pages on page 26
Changing Code Pages on page 29
Changing Server Message Files on page 30
Changing NLM Message Files on page 31
Changing the Server Keyboard Type on page 32

103-000148-001
August 30, 2001
Novell Confidential
23
Manual
99a
38
July 17, 2001
Changing the Servers Software Configuration

After installing NetWare, you can make several changes, including
Installing, Uninstalling, and Configuring a Server or Other Products on
page 25
Setting Server Parameter Values on page 38
Changing time synchronization
For more information on changing time synchronization, see Configuring
Timesync on Servers in the Network Time Management Administration
Guide.
Adding or changing volumes
For information about creating logical or traditional volumes, see
Creating a Logical Volume or Creating a Traditional Volume in the Novell
Modifying the eDirectoryTM tree
For information on designing and modifying the Novell eDirectory, see
Designing the eDirectory Tree in the Novell eDirectory 8.6
Before changing the servers configuration, view the current configuration by
entering CONFIG at the System Console prompt or by viewing and printing
the configuration report in NetWare Remote Manager.
The CONFIG command displays the following information:
Server name, internal network number, and server uptime.
Hardware settings, node (station) addresses, external network number of
the cabling scheme, board name, frame type, and communication
protocol for each network board.
The servers eDirectory tree and bindery context.
On some systems, CONFIG might display information about NetWare
Loadable ModuleTM (NLMTM) programs. The kind and amount of NLM
program information depends on the system.
For more information about running CONFIG, see CONFIG in Utilities
Reference.
24

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The configuration report in NetWare Remote Manager is much more complete

and extensive. Printing or saving a copy of this report is a quick and easy
method for documenting your server before you make any changes. For
information about and instructions for creating this report, see Running and
Viewing the Server Configuration Report in NetWare Remote Manager
Installing, Uninstalling, and Configuring a Server or

Other Products
The NWCONFIG utility lets you install, uninstall, and configure other
products such as name space modules and NLM programs.
If you have questions during the installation or configuration of a product,
refer to the documentation that came with the product.
Some products might not have configuration or uninstall options. A message
explaining this is displayed if you try to perform unsupported operations.
1 At the System Console prompt, enter
[LOAD] NWCONFIG
2 Select Product Options > View/Configure/Remove Installed Products.
The list of Currently Installed Products appears. If no products are

currently installed, the list is empty.
To install a product, press Insert and follow the prompts.
To uninstall a product, select the product from the list and press
Delete.
To set configuration options for a product, select the product from the
list and follow the prompts.
For more information, see NWCONFIG in Utilities Reference.

103-000148-001
August 30, 2001
Novell Confidential
25
Manual
99a
38
July 17, 2001
Changing the Language NetWare Uses

The default language for NetWare is English, but other languages are
available. To change the language of your NetWare server and its NLM
programs, see the following sections:
Code Pages on page 26
Changing Code Pages on page 29
Changing Server Message Files on page 30
Changing NLM Message Files on page 31
Changing the Server Keyboard Type on page 32
Code Pages
A code page is a table storing a character set that supports one or more
language scripts. When you press any key on a keyboard, the computer
receives a numeric code that represents that keystroke. Code pages store these
numeric codes. Many personal computer operating systems support multiple
code pages and allow you to switch among them.
For example, DOS uses code page 437 for several languages that use Roman
alphabetical characters, including English, French, and German, but requires
code page 850 for Portuguese. DOS code page 850 (Portuguese) removes the
symbol for f (franc) and inserts an O (acute). Different computer operating
systems use different code pages for the same language. For example, DOS
uses code page 437 for English, but Windows* 95 uses code page 1252.
In a single-byte code page, up to 256 codes are available to represent lowerand uppercase letters, numbers, punctuation marks, and all the mathematical
symbols on your keyboard.
However, 256 codes are not sufficient to represent all the letters and characters
used in the writing systems of every language. Some nonalphabetic writing
systems, such as Chinese, Japanese, and Korean, contain thousands of
characters and require a double-byte code page.
Differences between single-byte and double-byte code pages usually cause
display and readability problems. For example, a document created with
Windows 95 in Japan is probably created with code page 932. The same
document will not look the same when displayed on a Windows 95 computer
using code page 1252 in the United States. Unrecognized characters will be
26

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
replaced with a symbol such as a heart. In the past, these substituted characters
might have caused a database such as Novell eDirectory to fail to recognize
objects.
To help resolve these problems, a convention called Unicode* has been
adopted.
Using Unicode
Unicode is a 16-bit character representation, defined by the Unicode
Consortium, that supports up to 65,536 unique characters. Unicode allows the
characters for multiple languages to be represented using a single Unicode
representation.
Any character that your code page does not understand is substituted in your
display by the 4-digit hexadecimal value of the Unicode character, surrounded
by square brackets, for example: [00FF]
Because eDirectory supports Unicode, substituted characters do not prevent
eDirectory from recognizing an object. For example, your companys
European office might create an Organizational Unit object to represent
Finance in western Europe. They might use DOS code page 852 to make the
generic currency symbol a part of the object name (OU=W-Euro).
When this object is accessed in the United States, using DOS code page 437
or Windows 95 code page 1252, the currency symbol () is replaced by square
brackets surrounding the Unicode number for the currency symbol, [00A4].
eDirectory recognizes the Unicode number, so the object can still be opened
and accessed.
However, the object name (containing the square brackets and unicode
number) will be difficult for users to understand. If the name is too difficult to
interpret, the only solution is to determine which code page was used to create
the object and then view the object using that code page. Changing code pages
can be troublesome; see Changing Code Pages on page 29 for guidelines.
The following table shows ranges of Unicode numbers, with a description of
each range and a list of code pages that might be used to view the character
correctly. However, switching to one of the suggested code pages does not
guarantee that you will see the correct results. For example, characters in the
range 4E00-9FFF (Han Ideographs) are used in Japan, China, and Korea. But
switching to code page 932 (Japanese) does not display the character correctly
if the character is used only in China.

103-000148-001
August 30, 2001
Novell Confidential
27
Manual
99a
38
July 17, 2001
The most reliable way to determine the character is to refer to the Unicode
Standard, Version 2.0. Access the Unicode Web site (http://www.unicode.org)
for more information. The Web site also includes charts of Unicode
characters.
Table 1
Unicode Ranges, Descriptions, and Code Pages
Unicode Range
Description
Geographical
Region
0080 - 00FF
Extended Latin
Western Europe
0100 - 01FF
Extended Latin
Central Europe
1250, 1257
852, 775
0300 - 03FF
Greek
Greece
1253
737
0400 - 04FF
Cyrillic
Russia
1251
855, 866
0590 - 05FF
Hebrew
Israel
1255
862
0600 - 06FF
Arabic
Middle East
1256
864
2500 - 26FF
Line Drawing and Graphics N/A
N/A
Most DOS code

pages
4E00 - 95FF
Han Ideographs
Far East
932, 936, 949,

950
932, 936, 949,

950
AC00 - D7FF
Hangul Syllables
Korea
949
949
FE70 - FEFF
Arabic Presentation Forms
Middle East
N/A
864
FF00 - FFEF
Full- and Half-Width

Variants
Far East
932, 936, 949,

950
932, 936, 949,

950
28
Windows Code
Pages
DOS Code Pages
437, 850,860,
863, 865

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Changing Code Pages

Changing code pages on the NetWare server or on DOS can usually be done
while the computer is operating. However, changing code pages on a
Windows 3.1x or a Windows 95 workstation might require installing
additional software and restarting Windows. For background information
about Unicode and other code pages, see Code Pages on page 26.
To change the code page on
Do the following
NetWare Server
At the System Console prompt, type

CHARSET CPxxx
where xxx is the number of the code page you want
to load.
The following code pages are supported: 437, 737,
850, 852, 855, 857, 860, 861, 863, 865, 866, 869.
DOS
Follow instructions that come with the DOS

operating system.
Windows 3.1x, Windows 95, Windows NT
Follow instructions that come with the operating

system.
You might be required to install a new set of
Unicode translation tables, found on the NetWare
product CD. You will need the following:
UNI_newpage#.platform: Translates the new
code page to Unicode and Unicode to the new
code page
UNI_MON.platform: Converts characters to
lower case to facilitate comparisons
UNI_UPR.platform: Handles uppercase
characters
The following platform extensions are included:
.W16 (Windows 3.1x)
.W32 (Windows 95, Windows NT*)
.DOS (DOS)
For more information on changing code pages using the CHARSET

command, see CHARSET in Utilities Reference.

103-000148-001
August 30, 2001
Novell Confidential
29
Manual
99a
38
July 17, 2001
Changing Server Message Files

English is the default language for both the NetWare operating system and its
NLM programs and utilities.
You specified a language for the server when you installed it. To change the
server language later, you must first copy new language files to the server and
then set the server to the new language and restart the server as follows.
IMPORTANT: This procedure requires you to restart the server because
executing SERVER.EXE sets the server language.
1 (Conditional) If you are copying the files from the NetWare installation
CD-ROM, insert the CD.

[LOAD] NWCONFIG
3 Select Product Options > Choose an Item or Product Listed Above > Add
Additional Language to the Server.

The screen displays a box containing the path from which you last
installed files. Make sure this path is to the language files. The language
files on the NetWare CD are located at
drive or volume:\NW60\INSTALL\NLS\language_id
To get a list of language IDs, enter the following at the System Console
prompt:
LANGUAGE LIST
4 If the path is correct, press Enter; if the path is incorrect, press F3 and type
in the correct path to the language files.

If you are installing the files from another server, type the path to that
server; the system might prompt you for a username and password.
Follow the prompts.
The system displays a window listing groups of language files.
5 Use the arrow keys to move the cursor to the language you want to install
and press Enter.

The system marks the selected language with an X. You can specify
several languages, if desired.
To deselect a language, move the cursor to the language and press Enter
again.
30

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
6 When you have finished selecting languages, press F10.
The system copies the selected language files.

7 Press Esc until the Other Installation Items/Products menu is displayed.
8 Select Change Server Language.
The screen displays a box containing the path from which you last
installed files.
9 Press Enter to accept the path.
The system displays a menu listing the available languages.

10 Select the desired language from the menu.
If this is the first time you have changed the language, the system displays
a prompt specifying the default destination where the language files are
to be placed. The location is the default boot directory, C:\NWSERVER.
The language files must be placed in your boot directory.
11 Accept the default or type the path to your boot directory.
After you specify the boot directory, the system loads the language files.
12 Restart the server for the change to take effect.
Changing NLM Message Files

To change the language for subsequently loaded NLM programs, use the
LANGUAGE command at the System Console prompt. The LANGUAGE
command does not change the language for currently loaded modules.
IMPORTANT: If you change the NLM language without changing the server
language, the NLM still displays some character strings and screen titles in the
server language. For consistent language display, you should also change the
server language as explained in the section, Changing Server Message Files on
page 30.

LANGUAGE LIST
The server displays a list of languages and their ID numbers. Not all
languages in the list are currently supported.
2 Note the name or number of the language you want to use.
LANGUAGE Language_name |number

103-000148-001
August 30, 2001
Novell Confidential
31
Manual
99a
38
July 17, 2001
Any subsequently loaded NLM programs will be displayed in the new

language.
For more information, see LANGUAGE in Utilities Reference.
Changing the Server Keyboard Type

NetWare allows you to use keyboard types other than U.S. English by loading
the KEYB utility. The language you specify with KEYB must match the
language of your keyboard, not language of the server. The keyboard type can
be changed without restarting the server.
IMPORTANT: Changing the keyboard type causes some of the keys on your
keyboard to represent different characters. Do not use this command unless you
have the appropriate keyboard for the language you are specifying and you are
familiar with the keyboards use. Otherwise, you might not know which keys to use
to change the keyboard back to its original language.

[LOAD] KEYB
2 From the list of keyboard types, find the keyboard type that matches the
one you are using.

3 To change the keyboard type to match your keyboard, enter
[LOAD] KEYB keyboard_type
For example:
[LOAD] KEYB GERMANY
For more information, see KEYB in Utilities Reference.
32

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

Optimizing the NetWare server requires staying up-to-date with Novell
Technical Support (http://support.novell.com) and performing one or more of
the following tasks:
To
See
Learn how to obtain the most recent

operating system updates and then
patch your server before you optimize
Applying Patches on page 34
Isolate and resolve bottlenecks by

making sure that your hardware
components are well matched for
power and potential performance
Matching Performance Capabilities

on page 34
Learn how to improve the performance

of your server by changing SET
parameters
Setting Server Parameter Values on

page 38
Identify where you can adjust the value Monitoring the NetWare Server on
of a server parameter and tune your
page 82
server for its particular processing load
Reduce network traffic by managing
the protocols on your server
Minimizing Replication Traffic on

page 45

103-000148-001
August 30, 2001
Novell Confidential
33
Manual
99a
38
July 17, 2001
Applying Patches
Novell makes every attempt to solve problems in the NetWare operating
system software by periodically releasing updates that you can install on your
server. The latest operating system update contains all previous updates, so be
sure to install the most current file. It will keep your operating system current.
The latest operating system updates can be found at the following locations:
In the patch lists on the Novell technical support Web site (http://
www.support.novell.com/filefinder/).
By File Transfer Protocol (FTP): Anonymous FTP to ftp.novell.com.
By Gopher: gopher.novell.com.
On the Novell Support Connection CD (http://
www.support.novell.com/additional/nsc-cd.html): Released monthly on
CD-ROM and sent to subscribers.
For information about installing NetWare patches, read the Readme file
associated with the patch.
Matching Performance Capabilities

Each components performance characteristics can have an effect on the
systems performance as a whole. Bottlenecks can be created by a great
number of subcomponents and component interactions. Protocols create
bottlenecks. Specific software functionality creates bottlenecks. In fact, every
part and process of a system is a potential bottleneck. However, its important
to keep in mind that only one bottleneckthe systems weakest pointcan
exist at one time.
Another point to remember is that all systems have a weak point somewhere.
Your goal is to match the performance capabilities of your systems
components in such a way that no single component hampers the performance
of any other component. Figure 2 on page 35 shows a system with matched
components.
34

103-000148-001
August 30, 2001
Novell Confidential
Manual
Figure 2
99a
38
July 17, 2001
A Well-Designed System
Lower
Performance
Higher
Performance
a b c de
a,b,c,d,e represent the performance capabilities
of each system component
Note that all components in a well-designed system are within the same range
of performance. But in this case, a less than optimum component is cost
effective. The components are so closely matched that upgrading the lowerend component a would not increase performance enough to make it worth the
cost.
Figure 3 shows a poorly designed system with an inefficient mix of low- and
high-performance components.
Figure 3
A Poorly Designed System
Lower
Performance
Higher
Performance
hi j
f,g,h,i,j represent the performance capabilities

of each system component
In this system, components f and g have performance characteristics that are

considerably inferior to components h, i, and j. With component f as the
bottleneck, components h, i, j, and even g are constrained by f so that they run
much more slowly than their designs would otherwise permit. In this system,
the bottleneck is significantly hampering the systems performance.
This is a poorly designed system because the high-performance components
arent able to perform anywhere near their full potential. In fact, because of
the high-performance characteristics of h, i, and j, this system might have cost
more than the system in Figure 3. But it cannot perform as well because of the
greater disparity between its low- and high-performance components.

103-000148-001
August 30, 2001
Novell Confidential
35
Manual
99a
38
July 17, 2001
The unbalanced system in Figure 4 would benefit noticeably if you were to

upgrade component f to the performance level of g. But if you were to upgrade
f to a performance level beyond gas shown in the following figureall
additional performance characteristics in f would be lost because the
bottleneck would move to component g.
Figure 4
Moving the Bottleneck
Lower
Performance
Higher
Performance
hi j
Upgrade f (partial return on investment)
Thus you derive only a partial return on your investment in the upgrade. To
accomplish more than moving the bottleneck, both components must be
upgraded to the level of h before a full return on investment in h, i, and j can
be reached.
It is useless to test any single component of a system to its fullest capacity
without allowing for the possibility that another component is actually
bottlenecking system performance. You can upgrade system components, but
you wont see any significant improvement until you isolate the system
bottleneck, assess its relationship to the performance characteristics of the
entire system, and take appropriate action.
Bottleneck isolation is critical if youre building high-performance systems.
You need to know how and where your system is bottlenecking. Moreover,
you need to know how tightly that bottleneck is coupled with the performance
characteristics of the rest of the system. If the poorly performing component
is in a different performance category than the other components, you might
obtain a greater return on investment by making the necessary upgrades to
move the bottleneck to the highest possible performance level.
This discussion is taken from "Performance Analysis: Isolating the Real
Bottleneck in a System," in the January 1996 AppNotesTM (http://
developer.novell.com/research/appnotes/1996/january/04/index.htm).
36

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Setting the Load Balancing Threshold

The load balancing threshold applies only to multiprocessor servers. Through
extensive testing, Novell has determined the optimum threshold for load
balancing across multiple processorsit addresses serious load imbalance
while avoiding excessive thread migration. Without that play in the load
balancing mechanism, threads would constantly move from one processor to
another.
The optimum threshold has been preset by Novell and, in most cases, it
provides the most efficient processor utilization. Although we strongly
recommend that you do not change the threshold, this value is configurable.
WARNING: Adjusting this threshold should be done only with considerable
research and consultation. Experimenting with different threshold levels can best
be done in an isolated test system. Do not experiment in a production environment.
Remember that you can always return to the optimum setting.
To set the load balancing threshold, complete the following:

1 In NetWare Remote Manager, click the Set Parameters link in the
navigation frame and then click the Multiprocessor link.

2 Click the value link for the System Threshold parameter.
The page displays the current setting and the range of valid values. The
default value is 1536.
3 To change the threshold setting, type a new value in the field and click
OK.
For more information about the value ranges and default setting, see SET
Multiprocessor Parameters in Utilities Reference or the online help for the
parameter in NetWare Remote Manager.
To view CPU utilization by an NLMTM program in NetWare Remote Manager,
click the Profile/Debug link in the navigation frame, and then click the Profile
CPU Execution by NLM link on the Profiling and Debug Information page.

103-000148-001
August 30, 2001
Novell Confidential
37
Manual
99a
38
July 17, 2001
Setting Server Parameter Values

Default values for NetWare server parameters provide maximum performance
for most systems. You should seldom need to modify these values. But when
you need to modify them, we recommend that you first read the topics listed
here.
Understanding Server Defaults on page 38
Finding Current Parameter Values on page 40
Printing Current Parameter Values to a File on page 41
on page 42
When to Modify Defaults on page 42
When Not to Modify Defaults on page 43
Restoring Default Values with RESET ENVIRONMENT on page 43
Monitoring Dynamic Statistics on page 43
Using Optional Commands in Startup Files on page 44
Using SET Commands in Startup Files on page 44
Understanding Server Defaults

NetWare has been tuned for the specific duties of a network server. It has been
thoroughly tested with software tools designed to identify inefficiencies so
they can be eliminated. NetWare gives outstanding off-the-shelf performance.
NetWare is also self-tuning. The following parameters are dynamically
configured by the operating system:
Packet receive buffers
File cache buffers
Directory cache buffers
Memory for NLM programs
Service processes
Kernel processes
Kernel semaphores
Load balancing for multiple processors
File locks
38

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Maximum number of open files

Turbo FAT index tables
TTS transactions
Router/server advertising
To tune the server for its particular processing load, three utilities are available
to check or set server parameter values:
NetWare Remote Manager (PORTAL.NLM) is a Web-based utility that
you run from a workstation. You can use NetWare Remote Manager to
navigate to a specific parameter quickly by clicking Set Parameters, then
selecting the category and value you want to change, and then changing
or resetting the values to the default. For more information, see the
NetWare Remote Manager Administration Guide.
MONITOR is a character-based utility that you must use at the server
console or access through NetWare Remote Manager. MONITOR also
allows you to configure SET parameters from its Server Parameters
option. This means you can set server parameter values from within
MONITOR without memorizing parameter names and their valid values.
For more information, see MONITOR in Utilities Reference.
SET is a command line utility executed at the System Console prompt. If
you are familiar with the names of the server parameters, you might find
that using SET is faster for routine tuning. For more information, see SET
in Utilities Reference.
Most SET parameter values are persistent and are stored in a the NetWare
Registry. A NetWare server retains any settings that have been modified from
the default valueseven when it is taken down and then rebooted, the server
will come up again with all the settings you have made to tune the server.
To ensure that explicit SET parameter changes are perservered, you can add
the command for each change to the STARTUP.NCF or AUTOEXEC.NCF
file. For procedures on editing these files, see Using NWCONFIG to Create
and Edit Startup Batch Files on page 57.

103-000148-001
August 30, 2001
Novell Confidential
39
Manual
99a
38
July 17, 2001
Finding Current Parameter Values

Locating the SET parameter values to check or set them is different is a little
different in each utility (NetWare Remote Manager, MONITOR or SET).
In NetWare Remote Manager
1 Access NetWare Remote Manger.
2 Click the Set Parameters link in the navigation frame.
3 Click a parameter category.
A list of parameters in that category that can be changed is displayed.

If you want to view a description of a parameter, click the Information
icon next to the value.
If you are not sure what category a SET parameter is in, you can view and
search the Configuration report in using NetWare Remote Manager. The
Configuration report lists all the SET parameters by category with their
current settings.
4 Click the value for the parameter you want to change.
The current setting for the parameter and its range of valid values is
displayed.
5 Type the new value in the current value field and click OK.
In MONITOR
MONITOR
2 From the Available Options menu, select Server Parameters.

3 Press F1 for descriptions of the server parameter categories.
4 Press Esc to return to the menu of parameter categories.
5 Select a parameter category.
The parameters are displayed in the upper window. As you highlight the
field for each parameter, a pop-up window displays a description of the
parameter, its current setting, and its range of valid values.
6 When you have finished, press Esc until you return to the Available
Options menu.
40

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
In SET
SET
A numbered list of server parameter categories is displayed.

2 Enter the number associated with the category you want to view.
A list of parameter names is displayed. The name of each parameter

appears highlighted in white with the current setting highlighted in
yellow. The information also includes the limits (or range of valid values),
the .NCF file the parameter can be set in, and a brief description.
If necessary, press any key to display additional parameters in the same
category. Press Esc to exit the category.
3 To select another category, repeat the previous steps.

Most settings for NetWare server parameters are now persistent, whether you
set them using NetWare Remote Manager, MONITOR, or SET. Nevertheless,
you should record your optimum server configuration as part of documenting
your network.
To write current values of settable parameters to a file and print it, complete
the following:
1 Access NetWare Remote Manger.
2 Click the Set Parameters link in the navigation frame.
3 In the Save Settings to a File on Volume SYS: field, accept the default
filename (SETTINGS.TXT) or enter a different filename.

4 Click the Save button to the right of the Save Settings to a File on Volume
SYS: field.
5 Browse to the file on the server and print it.

103-000148-001
August 30, 2001
Novell Confidential
41
Manual
99a
38
July 17, 2001

You can also check parameter values by using two other console commands:
DISPLAY ENVIRONMENT and DISPLAY MODIFIED ENVIRONMENT.
The DISPLAY ENVIRONMENT command displays the current search
paths and the current values of the settable server parameters. (Hidden
parameters are not displayed.)
At the System Console prompt, enter
DISPLAY ENVIRONMENT
The name of each parameter appears highlighted in white. The current

value appears in yellow. The limits (or range of valid values) and the
default setting (if applicable) also appear.
In comparison, the DISPLAY MODIFIED ENVIRONMENT displays
only the server parameters that have values modified from the defaults.
The display is similar to that of DISPLAY ENVIRONMENT. The

difference is that only modified parameters values are shown.
For more information, see DISPLAY ENVIRONMENT and DISPLAY
MODIFIED ENVIRONMENT in Utilities Reference.
When to Modify Defaults

NetWare defaults were chosen after thorough testing to provide both excellent
performance and system balance.
Before modifying defaults, you should track and log performance statistics.
You can do this using NetWare Remote Manager or MONITOR. You will also
find the server log files useful in assessing the servers performance. See
Checking Server Error Logs on page 97.
You can modify default values to
Compensate temporarily for a poorly performing subsystem, allowing the
server to remain in service.
Resolve inefficiencies.
Optimize performance and tune the server for its processing load.
42

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
For example, if your server has a slow hard disk or insufficient RAM, you can
compensate temporarily by modifying defaults. The long-term solution is to
replace the disk or to add RAM. See Matching Performance Capabilities on
page 34.
When Not to Modify Defaults

If you were to modify some defaults, you could sacrifice the systems balance
and performance.
After thorough testing, we recommend, for example, that you do not modify
the default settings of the Load Balancing Threshold or the Transaction
Tracking parameters.
Restoring Default Values with RESET ENVIRONMENT

If you want to restore the default values of the settable server parameters, you
can use the RESET ENVIRONMENT command.
When you run RESET ENVIRONMENT, you are prompted at each changed
server parameter value.
RESET ENVIRONMENT
When the first parameter with modified values appears, you can choose to
reset all values to their defaults or just reset the value of the parameter that is
displayed. Or you can also skip to the next modified parameter.
For more information, see RESET ENVIRONMENT in Utilities Reference.
Monitoring Dynamic Statistics

MONITOR reports many useful statistics and updates most of them every
second with the return values from direct calls to the operating system.
However, not all statistics are of equal value to the network administrator. The
key dynamic statistics are displayed in MONITORs General Information
screen, which appears as soon as MONITOR is accessed. For a description of
these statistics, see What to Monitor and Why on page 83.
NetWare Remote Manager and ConsoleOneTM are other utilities that allow you
to monitor server performance.

103-000148-001
August 30, 2001
Novell Confidential
43
Manual
99a
38
July 17, 2001
Using Optional Commands in Startup Files

During initialization, NetWare executes two server boot files that are created
by the installation process:
STARTUP.NCF. Executes first and loads the servers disk drivers, name
spaces, and some SET parameters. This file resides in the startup
directory, C:\NWSERVER.
AUTOEXEC.NCF. Stores the server name and IPXTM internal network
number (if IPX is installed), loads the LAN drivers and settings for the
network boards, binds the protocol to the installed drivers, and loads other
NLM programs. This file resides in SYS:\SYSTEM.
IMPORTANT: Even if you use IP, the internal network number stored in this file
serves as a unique server ID. IP uses this number to provide passive IPX support
called Compatibility Mode.
An .NCF file executes all the commands within it. However, you can make a
command optional by placing a question mark (?) in front of it. For the
procedure, see Making a Command Optional in a Server Batch (.NCF) File
on page 58.
Using SET Commands in Startup Files

Remember that some SET commands can be executed only from the
STARTUP.NCF file. To find out whether a SET command must be executed
in STARTUP.NCF, see the detailed information for the parameter in NetWare
Remote Manager.
If a SET command is nonpersistent and you want its setting to remain when
the server is restarted, then add the SET command for any nonpersistent
parameters to the STARTUP.NCF file.
When you install the server operating system, the installation process adds
SET commands to the AUTOEXEC.NCF filecommands that control time
zone and daylight savings time information, bindery context, and time server
type.
You can add more SET commands to the AUTOEXEC.NCF file, if desired.
To modify server batch files, you can use NWCONFIG or Editor at the server
console or edit and upload the file using NetWare Remote Manger. When the
server is rebooted, any parameter values set by commands in the
AUTOEXEC.NCF file override previous values for those parameters.
44

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Minimizing Replication Traffic

Careful choice and placement of tree replicas can minimize replication traffic
on the network.
Make sure that the replica containing the User object is on the server
nearest the user.
Do not create more partition replicas than you need. The more replicas,
the more traffic required to synchronize them all.
For more information about optimizing eDirectoryTM, see Designing the
eDirectory Tree or Managing Partitions and Replicas in the Novell eDirectory
8.6 Administration Guide.

103-000148-001
August 30, 2001
Novell Confidential
45
Manual
46
99a
38

103-000148-001
August 30, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
Managing the NetWare Server

Managing the NetWare server operating system involves such tasks as the
following:
Starting and Stopping the Server (page 48)
Viewing and Accessing Server Console Screens (page 50)
Starting and Stopping Processors (page 52)
Using Server Batch Files (page 55)
Using Server Utilities and Console Commands (page 60)
Using Java on the Server (page 63)
Securing the Server Console (page 67)
Using NCP Packet Signature (page 70)
Using the Transaction Tracking System (page 77)
Using an Uninterruptible Power Supply (UPS) (page 81)
Securing the Server Console (page 67)
Preventing Virus Infection (page 82)
Monitoring the NetWare Server (page 82)
Displaying Server Alerts (page 87)
Managing Workstation Connections (page 89)
Performing Common Maintenance Tasks (page 96)
Performing Preventive Maintenance Tasks (page 101)

103-000148-001
August 30, 2001
Novell Confidential
47
Manual
99a
38
July 17, 2001

This section contains information and procedures on starting the server,
bringing it down using an orderly shutdown, and restarting the server without
exiting to DOS.
Starting the Server

To start the server, change to the startup directory (usually C:\NWSERVER)
and enter the following at the servers DOS prompt:
SERVER
HINT: You can also place the command to execute SERVER.EXE in the DOS
AUTOEXEC.BAT file. Then, whenever the server computer is powered up, the
server starts automatically.
When you execute SERVER.EXE, the Novell logo is displayed. To prevent

the Novell logo (server splash screen) from displaying, you can load SERVER
with the -nl (no logo) command option.
If the splash screen is active and you want to see a list of modules as they load,
you can still display the System Console screen by using the following
procedure to toggle between server console screens.
1 Press Alt+Esc, tapping Esc until the System Console screen is displayed.
A list of modules scrolls up the screen. If you have a color monitor, the
color in which each module name is displayed indicates how the module
is loaded.
Cyan (light blue) indicates a module is loaded by SERVER.EXE
Red indicates the module is loaded from the startup directory
White indicates a module loaded from the AUTOEXEC.NCF file
Purple indicates a module is loaded by other modules
2 After the server is running, you can display a list of all loaded modules by
entering the following command at the System Console prompt:

MODULES
The module names are displayed in colors that represent the functional
group they belong to, as described above.
For more information, see SERVER and MODULES in Utilities Reference.
48

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Bringing Down the Server

To ensure data integrity, use the DOWN command at the server console before
turning off power to the server. DOWN writes all cache buffers to disk, closes
all files, updates the appropriate Directory Entry Tables and File Allocation
Tables, and exits the network.
If you want to bring the server down and then restart the server immediately,
without exiting to DOS, use the RESTART SERVER command instead of
DOWN.
If you want to bring down the server and then warm boot the computer, use
the RESET command. To make the server load automatically after a RESET
command, enter a line to run SERVER.EXE in the DOS AUTOEXEC.BAT
file on the server computer.
NOTE: Bringing down or restarting a server during a remote console session
terminates the session.
You can also bring down, restart, or reset the server from a workstation using
the options on the Down/Restart page in NetWare Remote Manager.
Before you bring the server down, you should inform all users to close files
and log out of the server. You can do this using the Broadcast Message to
Everyone field on the Connections page in NetWare Remote Manager or by
using the Connections, Compose a Message (F4) option in MONITOR.
To send a message and shut down the server from the server console, do the
following:
1 Send a message to all logged in users from Monitor.
1a From the Available Options menu, select Connections.
1b Highlight each connection you want to inform and press F5 to mark
it.
1c Press F4 to display a Message Text window.
1d Type the message and press Enter to send the message to the
designated connections.
For example, you might send a message like this:
Please close files and log out from servername
Going down in 5 minutes.

103-000148-001
August 30, 2001
Novell Confidential
49
Manual
99a
38
July 17, 2001
2 Execute one of the following commands at the System Console prompt:

2a To bring down the server and exit to the local operating system, enter
DOWN
You can now shut off power to the system, if necessary.

2b To reboot the server without exiting to DOS, enter
RESTART SERVER
2c To bring down the server and then warm boot the machine, enter
RESET SERVER
Although most modules, including those in protected address spaces, unload

automatically when you bring down or restart the server, some modules might
require that you unload them individually first. You can unload them manually
with the UNLOAD command. Or you can create a batch file called
SHUTDOWN.NCF in the SYS:SYSTEM directory and place the unload
commands in it. If you create SHUTDOWN.NCF, it is executed automatically
whenever you bring down, restart, or reset the server.
For more information, see Using EDIT to Create and Edit Text and Batch
Files on page 56 and UNLOAD, DOWN, and RESTART SERVER in
Viewing and Accessing Server Console Screens

After you start the server, the following screens are available at the server
console by default.
System Console. (Item 1 on Current Screen list) Lets you load or unload
any NLMTM programs to the server, execute console commands, change
SET parameter values, and view current messages sent to the server.
Logger Screen. (Item 2 on the Current Screen list) Lets you view most of
the information that used to be displayed on the System Console screen.
This screen is scrollable and can be saved to a file. To access a list of
commands for scrolling and saving to a file, press F1 while viewing the
Logger screen.
50

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
X Server -- Graphical Console. Lets you access and run the Java
applications listed. To access the list, click Novell on the Graphical
console.
The default screen that is shown when the server is started is the X
Server -- Graphical screen unless you have disabled it.
To load this screen if you have disabled it, enter STARTX at the
System Console prompt.
To close this screen from the GUI menu, click Exit.
To close this screen using the server keyboard, press
Ctrl+Alt+Backspace.
Some NLM programs have console screens associated with them. If you load
one of these NLM programs, then the console screens associated with it are
automatically active at the server console.
To view which screens are active at the server console, press Ctrl+Esc on the
server keyboard. A numbered list of active console screens is displayed. Enter
the number for the screen you want to access.
To cycle through other console screens, press Alt+Esc on the server keyboard,
and then continue to hold Alt down and tap Esc until the screen you want to
access is displayed. Use the title bar at the top of the screen for navigation.
When the X Server -- Graphical Console is displayed, you must release the
keys and start over.
Another screen that is available at the server is the Emergency Console. This
console can be useful when the server console seems to hang. On the
Emergency console, you can shut down the server and exit to DOS, abort a
volume mount, or open a new console screen to issue necessary commands
such as unloading modules.
To access the Emergency Console, press Ctrl+Alt+Esc on the server keyboard.
From this console you can do the following:
Down the file server and Exit to DOS
Cancel a volume mount
Spawn a new command line process (brings up an additional console
screen that you can enter console commands at).
To exit the additional console screen, enter BYE at the console prompt.

103-000148-001
August 30, 2001
Novell Confidential
51
Manual
99a
38
July 17, 2001
Starting and Stopping Processors

This section explains how to start and stop individual processors in a
multiprocessing server. Only secondary processors can be handled this way.
When the Platform Support Module (PSM) is loaded in the STARTUP.NCF
file and the Auto Start Processors SET parameter value (Multiprocessor
category) is set to On, NetWare can start the secondary processors
automatically.
NOTE: Server console commands for processors affect only secondary
processors. Processor 0 cannot be taken offline while the server is running.
You can start or stop secondary processors at any time while the server is
running by using the console commands START PROCESSORS and STOP
PROCESSORS or by clicking the Start Processor or Stop Process link on the
Processor Information page in NetWare Remote Manager. (If you choose to
start secondary processors manually, you can change the value for the Auto
Start Processors SET parameter to Off.) When any secondary processor is
stopped, the associated threads are automatically switched to another
processor.
This section includes the following information:
Displaying Processor Information on page 52
Starting Processors on page 54
Stopping Processors on page 53
Displaying Processor Information

Before starting or stopping a process, you should display the processor
information to determine the status of the processor. Several utilities are
available to display processor information.
1 Click the Processors link in the navigation frame.
2 View the information on the Processor Information page.
From this page you can view whether the processor is online or offline,
start or stop a processor, and view the following information about each
processor:
52
Speed, family, model, and stepping
Feature flags and CPUID

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
L1 and L2 cache
The amount of TLB Instruction and Data entries
Using Server Console Commands
To determine which processors are currently online from the System Console
prompt, run the DISPLAY PROCESSORS command.
To determine processor speed and other generic information, enter the
following at the System Console prompt:
CPUCHECK
For example, with a single processor, the output for CPUCHECK might be
Processor Speed 199 MHZ, CPUID 52C:1BF
Family 5, Model 2, Stepping C
For more information, see DISPLAY PROCESSORS and CPUCHECK in

Using Monitor
Per-processor statistics are also available from MONITOR. From the

Available Options menu, select Kernel > Processors.
Stopping Processors
Processor 0 is the boot processor and cannot be taken offline.
When a secondary processor is taken offline, the threads running on that
processor are switched to another processor automatically.
You can stop processors using NetWare Remote Manager or server console
commands at the System Console prompt.
To bring a secondary processor offline in NetWare Remote Manager, do the

following:
2 Click the Stop Processor link for the applicable processor that you want
to stop.

103-000148-001
August 30, 2001
Novell Confidential
53
Manual
99a
38
July 17, 2001
The following table specifies the commands to use at the System Console to
take a processor offline.
To
Enter
Identify which processors are currently

online and to obtain their ID numbers
DISPLAY PROCESSORS
Take a secondary processor offline
STOP PROCESSORS n
n=processor number
Take two or more (but not all)

secondary processors offline
STOP PROCESSORS n n
Take all secondary processors offline
STOP PROCESSORS
n=processor number
For more information, see DISPLAY PROCESSORS and STOP

PROCESSORS in Utilities Reference.
Starting Processors
The NetWare default is to start secondary processors automatically when the
server boots. If a secondary processor is offline, you can bring in online by
using NetWare Remote Manager or server console commands at the System
Console prompt.
To bring a processor online in NetWare Remote Manager, do the following:

2 Click the Start Processor link for the applicable processor that you want
to start.
The following table specifies the commands to use at the System Console to
bring a processor online.
54

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
To
Enter
Bring a specific secondary processor

online
START PROCESSORS n
Bring two or more (but not all)

secondary processors online
START PROCESSORS n n
Bring all secondary processors online
START PROCESSORS
n=processor number
n=processor number
For more information, see START PROCESSORS in Utilities Reference.

This section explains how to use .NCF batch files to load modules, execute
System Console commands, and configure subsystems. For procedures, see
the following:
Using EDIT to Create and Edit Text and Batch Files on page 56
Using NWCONFIG to Create and Edit Startup Batch Files on page 57
Making a Command Optional in a Server Batch (.NCF) File on page 58
Changing Server Name and Internal Address in AUTOEXEC.NCF on
page 59
A server batch file is an executable file containing server console commands.
You execute the file by entering its name at the System Console prompt.
NetWare then executes all the commands in the file in order.
By default the NetWare installation process creates two batch files that are
always executed whenever the server is booted:
STARTUP.NCFThis file is executed first. It loads the servers disk
drivers and name spaces, and can execute certain server parameters that
cannot be executed anywhere else. This file resides in the servers startup
directory, C:\NWSERVER.
AUTOEXEC.NCFThis file is executed after STARTUP.NCF and
after volume SYS: is mounted. It sets time synchronization parameters
and the bindery context, stores the server name, loads the communication
protocol, loads the LAN drivers and settings for the network boards,

103-000148-001
August 30, 2001
Novell Confidential
55
Manual
99a
38
July 17, 2001
binds the protocol to the installed drivers, loads other NLM programs,
and executes server parameters. This file resides in the SYS:SYSTEM
directory.
In addition, you can create a batch file called SHUTDOWN.NCF in
SYS:SYSTEM to execute commands whenever you shut down the server. The
DOWN command executes SHUTDOWN.NCF automatically whenever the
server is shut down, therefore, you should never include the DOWN command
in the SHUTDOWN.NCF file.
You can create any other batch files you need. Simply create a text file with a
.NCF extension. Place NetWare console commands into the batch file in the
order that you want them executed in.
Using EDIT to Create and Edit Text and Batch Files

NOTE: Each time you save the file, you can increase the file size by up to 4 KB.

[LOAD] EDIT [path]
If you specify a path, include both the directory and filename. The file
must be located on a mounted volume or on a local drive of the server.
If you do not specify a path, the system displays a prompt at which you
can either enter the filename or display a browse window.
To enter the filename, type either the complete file path (volume,
directory, and filename) or just the filename, and press Enter.
If you enter only the filename, the system assumes a default location
of SYS:SYSTEM.
If the file does not exist, EDIT displays a prompt that asks whether
the file should be created. Choose Yes to create the new file or No to
redisplay the filename prompt. If you choose Yes, EDIT displays a
blank screen so you can enter text into the file.
To display the browse window, press Insert.

To see the contents of a volume or directory, highlight the volume or
directory name and press Enter. Use the arrow keys to scroll up and
down the list of files and directories. To display a file, highlight the
filename and press Enter.
2 Create or edit the file as needed.
To get a description of the keystroke to use while using Edit, press F1.
56

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
3 When finished, press Esc. Select Yes to save the file or No to exit the file
without saving changes.

The system redisplays the pathname prompt.
4 To edit or create another file, enter the file pathname. To redisplay the
System Console prompt, press Esc.

For more information, see EDIT in Utilities Reference.
Using NWCONFIG to Create and Edit Startup Batch Files

The following procedure explains how to use NWCONFIG to create or edit
the STARTUP.NCF and AUTOEXEC.NCF files.
[LOAD] NWCONFIG
2 Choose NCF Files Options.
The system displays a menu containing options to create or edit both the
STARTUP.NCF and AUTOEXEC.NCF files and to upgrade a NetWare
3.1x AUTOEXEC.NCF file.
3 Highlight the desired option and press Enter.
If you select the option to upgrade the NetWare 3.1x file, follow the
screen prompts. NWCONFIG compares the file with the current NetWare
configuration and makes changes to the file as necessary. You can edit the
file before saving it.
If you select an option to edit one of the files, the selected file appears in
a window.
If you select an option to create one of the files, the system displays the
existing file, if there is one, in one window and a new file with default
entries in another window, so you can compare the two.
The default entries include only essential contents of the file and reflect
the current system setup. For example, the default entries for
AUTOEXEC.NCF might include time zone information and LOAD and
BIND commands for currently installed LAN drivers, but would not
include custom configuration settings you have in the original file.
The cursor is active in the new file. Press Tab to toggle between the two
files.
4 Edit the new or existing file as necessary.

103-000148-001
August 30, 2001
Novell Confidential
57
Manual
99a
38
July 17, 2001
Editing and navigation keystrokes are listed at the bottom of the screen.
For additional help, press F1.
5 When finished, save the file by pressing F10 and selecting Yes when
prompted. To exit without saving, press Alt+F10. Changes to the file take
effect after you reboot the server.
IMPORTANT: Each time you edit the AUTOEXEC.NCF file or the STARTUP.NCF
file, NetWare saves the previous version as AUTONCF.OLD or STARTNCF.OLD.
For more information, see NWCONFIG in Utilities Reference.
Making a Command Optional in a Server Batch (.NCF) File

By default, an .NCF file executes all the commands within it. However, to
make a command optional, you can place a question mark (?) in front of it.
The question mark causes the .NCF file to pause at the command and prompt
you to execute it. You can respond either Yes or No. You can also specify a
default response.
For example, the following line in the AUTOEXEC.NCF file causes the file
to pause and ask whether to execute the LOAD MONITOR command:
? LOAD MONITOR
When the AUTOEXEC.NCF file is executed, it displays the following

prompt:
LOAD MONITOR? Y
The default response is Yes. If you do not respond to the prompt, the default
response is executed after 10 seconds.
Both the default response and the time period are configurable.
Setting the Default Response
There are two ways to configure the default response to the command prompt:
Specify the default on the command line in the .NCF file. Place the
default response (a Y or N) immediately following the question mark. For
example,
?N LOAD MONITOR
In this example, the default response is N. If the user does not respond to
the prompt, MONITOR is not loaded.
58

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Set the Command Line Prompt Default Choice parameter (Miscellaneous

category) to either On or Off. On means the default response is Y for Yes;
Off means the default response is N for No.
The parameter setting is overridden by a default specified on the
command line.
Setting the Time Period
To configure the time period before the default response is executed, set the
Command Line Prompt Time Out (Miscellaneous category) parameter to a
time in seconds. The default value is 10 seconds.
Changing Server Name and Internal Address in AUTOEXEC.NCF

The servers name is stored in the AUTOEXEC.NCF file. You can change the
server name by editing the file. However, changing the server name in the
AUTOEXEC.NCF file does not affect Novell eDirectory Server objects. You
must use ConsoleOneTM to rename eDirectory Server objects.
IMPORTANT: Be sure to use ConsoleOne to update any references to the former
server name in the eDirectory tree and in the TIMESYNC.CFG file.
The servers internal network number is also stored in the AUTOEXEC.NCF

file. Even if you use Novells Native IP protocol, the internal network number
is used as a server ID and will still be stored in the AUTOEXEC.NCF file. Do
not delete the number.
To change either the server name or the internal network number in the
AUTOEXEC.NCF file, use NWCONFIG or EDIT at the server console, and
then reboot the server.
To use NWCONFIG to change the settings, see Using NWCONFIG to Create
and Edit Startup Batch Files on page 57. To use EDIT, see Using EDIT to
Create and Edit Text and Batch Files on page 56.

103-000148-001
August 30, 2001
Novell Confidential
59
Manual
99a
38
July 17, 2001
Using Server Utilities and Console Commands

This section explains how to access help for server utilities and console
commands, discusses types of NLM programs, and provides instructions for
loading and unloading an NLM at the System Console.
Server utilities are NetWare Loadable Modules (NLM) programs. Some NLM
programs are loaded whenever you start the server, some are loaded by other
NLM programs when they are needed, and some must be loaded manually.
Server console commands are executed by entering the command at the
When you enter a command at the System Console prompt, the command is
stored in the command queue. To repeat a command, press the Up-arrow key
until the desired command is displayed. You can make changes to the
command or press Enter to execute the command. Up to 16 commands can be
saved in the queue.
You can also use the RECORD and REPLAY commands to enter commands
that you enter frequently at the System Console.
For more information, see the following topics:
How to Access Help for Utilities and Console Commands on page 60
Accessing MONITOR on page 83
Using NetWare Loadable Modules on page 61
Loading and Unloading NetWare Loadable Modules on page 62
RECORD and REPLAY in Utilities Reference
How to Access Help for Utilities and Console Commands

For a complete list of all utilities and console commands, with
descriptions, syntax, and examples, see Utilities Reference.
To display a list of console commands on the server console, enter the
HELP
To see online help for a specific console command, enter:
HELP command_name
To see a description for all valid console commands, enter:
HELP ALL
60

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
To display a list of all the console commands in NetWare Remote

Manager, click the Console Commands link in the navigation frame. For
help on a specific command, click the Info icon next to the command.
To see online help for an NLM that displays a menu, such as MONITOR,
load the NLM and then press F1. You can also press F1 at subsequent
menus, lists, and information windows.
Using NetWare Loadable Modules

When loaded, an NLM program is dynamically linked to the operating system
and the NetWare server allocates a portion of memory to it.
The amount of memory an NLM program uses depends on the task. Some
tasks make calls that cause the operating system to allocate more memory. The
NLM uses the memory to perform a task and then returns control of the
memory to the operating system when the NLM is unloaded. When an NLM
is unloaded, all allocated resources are returned to the operating system.
NetWare has five types of NLM programs:
NWPA drivers (.CDM and .HAM extensions) control communication
between the operating system and host adapters.
LAN drivers (.LAN extension) control communication between the
operating system and the network boards.
You can load and unload LAN drivers while the server is running and
while users are logged in.
PSM modules (.PSM extension) provide support for multiple processors
in server class computers.
Management utilities and server applications modules (.NLM and
.EXE extensions) let you monitor and change configuration options.
For example, you can run REBUILD or VREPAIR on a dismounted
volume or use MONITOR to view server statistics.
After you finish your tasks, you can unload the utility and free memory
for other server functions.
Name space support (.NAM extension) lets non-DOS naming
conventions be stored in the directory and file naming system.
Some NLM programs, such as utilities, can be loaded, used, and then
unloaded. Other NLM programs, such as LAN driver and disk driver NLM
programs, must be loaded every time the server is started.

103-000148-001
August 30, 2001
Novell Confidential
61
Manual
99a
38
July 17, 2001
NCF files (STARTUP.NCF and AUTOEXEC.NCF) allow you to store

commands that load NLM programs every time the NetWare server is started.
Most NLM programs included with NetWare are copied to SYS:SYSTEM
during installation. As you acquire additional NLM programs, decide where
you want to copy them. The operating system must be able to find the NLM
programs when a LOAD command is issued.
NLM programs can be copied to any of the following areas:
SYS:SYSTEM directory
Any network directory on the NetWare server
A local drive of the NetWare server
For more information about using NLM programs, see LOAD, UNLOAD,
and SEARCH in Utilities Reference.
Loading and Unloading NetWare Loadable Modules

To load a NetWare Loadable Module (NLM), enter the following at the
System Console prompt:
[LOAD] [path]NLM_name
If the NLM is stored in the SYS:SYSTEM directory or if you have a

server search path to the directory where the NLM resides, enter just the
NLM name (instead of the complete path). For information about server
search paths, see SEARCH in Utilities Reference.
If you want the NLM to be loaded whenever the server boots, add the
command to AUTOEXEC.NCF.
If you want the NLM to be displayed in a language other than English, see
Changing NLM Message Files on page 31.
NOTE: In most cases you can load an NLM by entering just the name of the NLM
at the System Console prompt. The exception is if there is an .NCF file of the same
name as the NLM. In this case, you must use the LOAD command. Using the
LOAD command directs the server to load the NLM instead of executing the file of
the same name. For information about the LOAD command, see LOAD in Utilities
Reference.
To unload an NLM program, enter the following at the System Console

prompt:
UNLOAD NLM_name
62

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
To unload an NLM program from a protected address space, enter the

UNLOAD ADDRESS SPACE = space_name module_name
For more information about loading and unloading modules, see LOAD and
UNLOAD in Utilities Reference. For more information about unloading
modules from protected address spaces, see Unloading Protected Address
Spaces in the Server Memory Administration Guide.
You can also load and unload NLM programs from the server using NetWare
Remote Manager. For more information, see Managing NLM Programs in the
Using Java on the Server

This section explains how to set environment variables for Java, load and
unload JAVA.NLM, and run Java-based applets and applications.
Most of the information you need about JVM for NetWare can be located in
the Novell JVM for NetWare documentation (http://www.novell.com/
documentation/lg/jvm/jvm/data/hkfpc6qr.html).
See the following sections for information about using and managing Javabased components on the NetWare server:
Environment Variables for Java on page 63
Managing NetWare Server GUI on page 65
Environment Variables for Java

The Novell JVM for NetWare is automatically installed when you install
NetWare. The installation process sets default values for key environment
variables. Setting environment variables for Java is necessary to run Javabased applications and applets.
The installation process places some of the variables into the
SYS:\ETC\JAVA.CFG file. The JAVA.CFG file is read whenever you load
Java. You can modify or add to the JAVA.CFG file.
The following table describes some key environment variables. Other key
environment variables for Java are available in the Novell JVM 1.3 for
NetWare in Novell Developer Kit (NDK) documentation (http://
developer.novell.com/ndk/doc/jvm13/jvm13enu/data/hkfpc6qr.html).

103-000148-001
August 30, 2001
Novell Confidential
63
Manual
99a
38
July 17, 2001
Environment Variable
Description
JAVA HOME
Specifies the location of the JVM. The

default value is SYS:\JAVA.
CLASSPATH
Specifies the location of the default

classpath.
XLOCALDIR
Specifies the location of files needed to

support other languages, including
keyboard and font files.
To view current variable values and to set values, follow these steps:
1 To load JAVA.NLM, enter the following at the System Console prompt:
JAVA
2 To view current environment variables and variable values, enter the

ENVSET
When the JAVA.NLM is loaded at the server, you can also view all the
environmental settings using NetWare Remote Manager. Click the Java
Application Information link in the navigation frame, and then click the
Global Environment Settings link.
3 To set a value for the current session, enter the following at the System
Console prompt:
ENVSET VARIABLE=VALUE;VALUE
Make sure there are no spaces on either side of the equal sign or between
values. To set multiple values for variables such as CLASSPATH,
separate the values with semicolons.
The value of a variable set with ENVSET lasts until Java is unloaded.
To append a value to the CLASSPATH variable, use $CLASSPATH to
represent the existing values.
For example:
ENVSET CLASSPATH=$CLASSPATH;SYS:MYCLASSES
4 To make lasting changes to variable values, enter the ENVSET command
line in the SYS:\ETC\JAVA.CFG file.
64

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The JAVA.CFG file is read whenever Java is loaded.

To edit the file, use the Editor in the NetWare GUI, use EDIT at the
System Console prompt, or use a word processing program at a
workstation.
Managing NetWare Server GUI

Managing the NetWare GUI includes the following tasks:
Starting the NetWare GUI (page 65)
Shutting Down the NetWare GUI (page 65)
Accessing the Desktop Menu and Other Console Screens (page 66)
Activating the Desktop Menu (page 66)
Configuring the Desktop Menu (page 66)
Setting Taskbar Properties (page 67)
Starting the NetWare GUI
The NetWare GUI (X Server--Graphical Console) is loaded by default when

the server is started. If you have closed the GUI and want to start it again, enter
the following at the System Console prompt:
STARTX
This loads Novell JVM for NetWare if it is not already loaded, and then loads
the NetWare GUI into memory.
Shutting Down the NetWare GUI
The following are three ways to shut down NetWare GUI. The first two close
the NetWare GUI without shutting down the JVM.
Activate the desktop menu (see Activating the Desktop Menu), and then
click Close GUI > Yes.
Press Ctrl+Alt+Backspace.
To shut down the JVM as well as NetWare GUI, toggle to the System
Console screen (see Accessing the Desktop Menu and Other Console
Screens) and enter
java -exit

103-000148-001
August 30, 2001
Novell Confidential
65
Manual
99a
38
July 17, 2001
Accessing the Desktop Menu and Other Console Screens
To toggle to the next screen, press Alt+Esc.

To display the NetWare screen selection list, press Ctrl+Esc.
Activating the Desktop Menu
To activate the desktop menu in NetWare GUI, click the Novell button in the
lower left-hand corner of the screen.
Configuring the Desktop Menu
Installing Programs
Do the following to install a program into the desktop menu:

1 Copy all the necessary program files to the server.
2 Copy your program's menu files to the desktop menu directory SYS:/
JAVA/LIB/TASKBAR.
If this directory does not exist, you need to create it. For an example of
the file format for a menu file, see SYS:/JAVA/LIB/
TASKBAR.EXAMPLE.
If your menu file uses a resource bundle for internationalization of the
menu strings, copy the resource bundle to the desktop menu directory
SYS:/JAVA/LIB/TASKBAR.
After you install your program, the next time you click the Novell button in
the NetWare GUI, your menu items will appear. You can then start your
program by selecting the appropriate menu item.
Modifying the Menu
You construct the desktop menu by merging any installed menu files and the
custom menu file with the default desktop menu. You can modify the desktop
menu by editing the custom menu file or any of the installed menu files.
To add items to the desktop menu, create a customized.MENU file and copy
it to the SYS:\JAVA\LIB\TASKBAR directory. For an example menu file, see
SYS:\JAVA\LIB\TASKBAR.EXAMPLE.
66

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Removing Installed Menu Items from the Desktop Menu
You can remove either an entire menu file and all the contents, or you can
remove only a single menu item.
To remove a whole menu file, either delete the file or rename it by changing
the extension to something other than .MENU.
To remove a single menu item from the desktop menu, locate the item and
delete it from the menu file.
Setting Taskbar Properties
Currently, the default taskbar property is the stay-on-top property. If you do

not want the taskbar to stay on top, you can change this property by creating
a NAWT.PROPERTIES configuration file and adding the following line to it:
taskbar.stayontop=false
For an example of a properties configuration file, see the

SYS:\JAVA\LIB\NAWT.PROPERTIES.SAMPLE file.
Securing the Server Console

The first principle of securing your server console is physical security. If you
dont provide physical security, nothing else you do matters very much.
The processing unit should be locked in a place where no one can remove it
or reboot it. Some network administrators remove both the keyboard and the
monitor and manage the server remotely by using NetWare Remote Manager
or RCONSOLEJ. We suggest that you also consider using a power-on
password whether you manage at the console or use RCONSOLEJ at a
workstation.
Two features that provide additional security at the console are the following:
The SECURE CONSOLE command. For more information:
Why Should I Use SECURE CONSOLE? on page 68
Using the SECURE CONSOLE Command on page 68
The screen saver console-lock feature. For more information:
Using SCRSAVER to Lock the Server Console on page 69
Unlocking the Server Console on page 70

103-000148-001
August 30, 2001
Novell Confidential
67
Manual
99a
38
July 17, 2001
Why Should I Use SECURE CONSOLE?

After you have provided physical security for your server, you can use the
SECURE CONSOLE command to provide the following security features,
while still allowing you to use the console:
Prevents NetWare Loadable Module programs from being loaded from
any directory other than SYS:SYSTEM or C:\NWSERVER. This means
that no one can load an invasive NLM from a servers diskette drive or
boot partition unless it is already in a search path.
Prevents keyboard entry into the operating system debugger. This
restricts the ability to alter the operating system.
Prevents anyone from changing the date and time. Some security and
accounting features depend on date and time for their enforcement.
When you issue the SECURE CONSOLE command, the server must be
taken down and rebooted to unsecure the console. Now that server
parameter settings are persistent in NetWare 6, you can shut down the
server without losing the settings you made to optimize and tune your
server.
When you use SECURE CONSOLE with the NetWare Remote Manager
or RCONSOLEJ, access is subject to the protections provided by
SECURE CONSOLE.
SECURE CONSOLE does not lock the server console. You can lock the
console by using SCRSAVER. If the console is locked using the consolelocking feature, an intruder can still access the console from a remote
workstation; however, the intruder must still be authenticated to
eDirectory through the SCRSAVER console lock.
HINT: To protect the server console by encrypting the RCONSOLEJ password in
the AUTOEXEC.NCF file, see Loading RConsoleJ Agent at Startup in the Utilities
Reference.
Using the SECURE CONSOLE Command

To secure the server console, enter the following command at the System
Console prompt:
SECURE CONSOLE
To secure the server console whenever the server is booted, add the SECURE
CONSOLE command to the servers AUTOEXEC.NCF file. If the
AUTOEXEC.NCF file loads modules from any directory other than
68

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
SYS:SYSTEM or C:\NWSERVER, then in the .NCF file the SECURE

CONSOLE command must follow the LOAD commands for these modules.
IMPORTANT: To disable SECURE CONSOLE, you must first shut down the
NetWare server and reboot it. If the SECURE CONSOLE command is in the
AUTOEXEC.NCF file, use EDIT or any text editor to remove it before you shut
down the server and reboot it.
For more information on using SECURE CONSOLE, see SECURE

CONSOLE in Utilities Reference.
Using SCRSAVER to Lock the Server Console

The console-locking feature in the SCRSAVER.NLM allows you to require a
password before gaining access to the server console prompt. If a key is
pressed when the console lock is enabled, a dialog box appears. You must then
supply an eDirectory username and password. In addition, the User object
must have the Write right to the access control list (ACL) of the Server object
to gain access to the server console prompt.
When the screen saver is activated, it displays a moving snake for each
processor on the server. Each snake is a different color: the first one is red, the
second is blue, etc. The speed of each snake and the length of its tail are
directly proportional to the processors utilization.
If the console is unlocked, press any key to activate the console. The snake
screen will disappear.
1 To display command options for SCRSAVER, enter the following at the

SCRSAVER HELP
Command options allow you to enable and disable locking, check the
status of the lock options, and change the length of time the console is
allowed to be inactive before the screen saver is activated. The default is
600 seconds (10 minutes).
2 For more information about a command option, enter the following at the

SCRSAVER HELP command_option
3 To load the SCRSAVER module, enter the following at the System
Console prompt:
SCRSAVER [option; option...]

103-000148-001
August 30, 2001
Novell Confidential
69
Manual
99a
38
July 17, 2001
When you load the screen saver, the default is to enable the consolelocking feature and to require a password for access. The corresponding
eDirectory user must have the Write right to the Access Control List
(ACL) of the Server object.
For more information, see SCRSAVER in Utilities Reference.
Unlocking the Server Console

To unlock the server console after locking it using SCRSAVER.NLM,
complete the following:
1 While the screen-saver snake is displayed, press any key on the server
console keyboard.
2 At the Login dialog box, press Enter to select the Username field.
The login box appears only if the console is locked.

3 Enter the username.
The User object must have the Write right to the ACL for the Server
object.
If the username field is blank or if you want to change the username, enter
an eDirectory username and context. Again the User object must have the
required rights.
4 Press Enter again to select the password field.
5 Type the password for the username and press Enter twice.
The screen saver snake disappears and the server console screen appears.
Using NCP Packet Signature

NetWare includes a feature called NCP Packet Signature that protects servers
and clients using the NetWare Core ProtocolTM (NCPTM) services.
NCP Packet Signature prevents packet forgery by requiring the server and the
client to sign each NCP packet. The packet signature changes with every
packet.
Without NCP Packet Signature installed, a user could pose as a more
privileged user and send a forged NCP request to a NetWare server. By forging
the proper NCP request packet, an intruder could gain the Supervisor right to
the Server object and access to all network resources.
70

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NCP packets with incorrect signatures are discarded without breaking the
clients connection with the server. However, an alert message about the
invalid packet is sent to the error log, the affected client, and the server
console. The alert message contains the login name and the station address of
the affected client.
If NCP Packet Signature is installed on the server and all of its workstations,
it is virtually impossible to forge a valid NCP packet.
For additional information about packet signature, see the following:
Why Should I Use Packet Signatures? on page 71
NCP Packet Signature Options on page 72
Effective Packet Signature on page 72
Recommended Signature Levels on page 73
To implement packet signature, see Implementing NCP Packet Signature on
page 73.
Why Should I Use Packet Signatures?

We recommend using NCP Packet Signatures for security risks such as the
following:
You have an untrustworthy user at a workstation on the network
Easy physical access to your network cabling system exists
You have an unattended, publicly accessible workstation on the network
NCP Packet Signature is not necessary for every server installation. You might
choose not to use NCP Packet Signature if you can tolerate security risks in
situations such as the following:
Only executable programs reside on the server
You know and trust all network users
Data on the NetWare server is not sensitive and loss or corruption of this
data would not affect operations

103-000148-001
August 30, 2001
Novell Confidential
71
Manual
99a
38
July 17, 2001
NCP Packet Signature Options

Because the packet signature process consumes CPU resources and slows
performance both for the client and the NetWare server, NCP Packet Signature
is optional.
Several signature options are available, ranging from never signing NCP
packets to always signing NCP packets. NetWare servers and Novell clients
each have four settable signature levels.
The signature options for servers and clients combine to determine the level
of NCP Packet Signature on the network.
You can choose the packet signature level that best meets both your system
performance needs and network security requirements.
NOTE: Some combinations of server and client packet signature levels can slow
performance. However, low-CPU-demand systems might not show any

performance degradation.
Effective Packet Signature

The NCP Packet Signature levels for the server and the client interact to create
the effective packet signature for the network. Some combinations of server
and client levels do not allow logging in.
The following figure shows the interactive relationship between the server
packet signature levels and the client signature levels.
If
Server = 0 Server = 1 Server = 2 Server = 3
Client = 0
Client = 1
Client = 2
Client = 3
Packet signature
No packet signature
No logging in
72

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Recommended Signature Levels

The default NCP Packet Signature level is 1 for clients and 1 for servers. In
general, this setting provides the most flexibility while still offering protection
from forged packets. Following are some examples of situations requiring
different signature levels.
Situation
Example
Recommendation
All information on the server is

sensitive.
If an intruder gains access to any

information on the NetWare
server, it could damage the
company.
Set the server to level 3 and all

clients to level 3 for maximum
protection.
Sensitive and nonsensitive

information reside on the same
server.
The NetWare server has a

directory for executable programs
and a separate directory for
corporate finances (such as
Accounts Receivable).
Set the server to level 2 and the

clients that need access to
Accounts Receivable to level 3.
All other clients remain at the
default, level 1.
Users often change locations and

workstations.
You are uncertain which

employees will be using which
workstations and the NetWare
server contains some sensitive
data.
Set the server to level 3. Clients

remain at the default, level 1.
A workstation is publicly
accessible.
An unattended workstation is set

up for public access to
nonsensitive information, but
another server on the network
contains sensitive information.
Set the sensitive server to level 3

and the unattended client to level
0.
For information on implementing NCP Packet Signature, see Implementing

NCP Packet Signature on page 73.
Implementing NCP Packet Signature

To implement NCP Packet Signature, complete the following procedures:
Setting Server Signature Levels on page 74
Setting Client Signature Levels on page 75
Changing the Signature Level for an NLM on page 76
Setting Packet Signature for Job Servers on page 76

103-000148-001
August 30, 2001
Novell Confidential
73
Manual
99a
38
July 17, 2001
Setting Server Signature Levels
To determine the servers current signature level, enter the following

command at the System Console prompt or view the setting using
NetWare Remote Manager:
SET NCP Packet Signature Option
To set a servers packet signature level, enter the following command at

the System Console prompt or change the setting using NetWare Remote
Manager:
SET NCP Packet Signature Option = number
Replace number with 0, 1, 2, or 3. The default is 1.

For example:
SET NCP Packet Signature Option = 2
Number
Explanation
Server does not sign packets (regardless of the client level).
Server signs packets only if the client requests it (client level is 2 or

higher).
Server signs packets if the client is capable of signing (client level is

1 or higher).
Server signs packets and requires all clients to sign packets or

logging in will fail.
To ensure that the signature level is set each time the server is brought up, you
can add this SET parameter command to your STARTUP.NCF file
You can also use the SET parameter command to change the signature level
from a lower to a higher level or use NetWare Remote Manager.
You cannot change from a higher to a lower level unless you first reboot the
server. For example, if the current signature level is 2, you cant set the
signature level to 1 by using the SET command at the console. To change the
signature level from 2 to 1, you must add the SET command to the
STARTUP.NCF file and then restart the server:
74

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Setting Client Signature Levels
Set client signature levels to 0, 1, 2, or 3. The default is 1. Increasing the value

increases security, but decreases performance.
Number
Explanation
Disabled. Client does not sign packets.
Enabled, but not preferred. Client signs packets only if the server
requests it (server level is 2 or higher).
Preferred. Client signs packets if the server is capable of signing

(server level is 1 or higher).
Required. Client signs packets and requires the server to sign

packets or logging in will fail.
To set DOS or MS Windows client signature levels, add the following

parameter to the workstations NET.CFG file:
signature level = number
To set the Windows 95 or Windows NT client signature level for an individual

workstation, change the parameter setting with the Advanced Settings tab of
Novell NetWare Client Properties, as follows:
1 From the system tray, right-click N.
2 Click Novell Client Properties > Advanced Settings.
3 Select Signature Level from the scrollable list.
You can set the signature level for multiple clients at once by adding the
signature level to the configuration file when you install the clients. For
information about configuring Windows clients, see the Novell Client online
documentation (http://www.novell.com/documentation/).

103-000148-001
August 30, 2001
Novell Confidential
75
Manual
99a
38
July 17, 2001
Changing the Signature Level for an NLM
NLM programs that use the Novell Runtime Libraries are assigned a default
NCP Packet Signature level that corresponds to the current signature level of
the server.
To change the packet signature level for a single NLM, use the following
command syntax when you load the NLM:
[LOAD] NLM [CLIB_OPT]/L number
Replace number with 0, 1, 2, or 3.

Setting Packet Signature for Job Servers
A job server is a server that performs a task and then returns the completed
task. Most job servers are third-party products.
You should be aware that some job servers do not support NCP Packet
Signature. A job server might produce unsigned sessions if one of the
following occurs:
It does not operate on top of DOS
It does not use standard Novell clients
It is not an NLM
It uses its own implementation of the NCP engine (such as embedded
print servers in printers)
Minimizing Risks
To minimize security risks associated with job servers, do the following:

Install queues only on servers with signature level 3.
Do not allow privileged users to put jobs in queues on servers with
signature levels below 3.
Make sure the job servers account is unprivileged.
Disable the job servers ability to change to client rights.
Disabling Change to Client Rights
To prevent a job server from assuming the rights of a client, add the following
SET command to the servers STARTUP.NCF file:
SET Allow Change to Client Rights = OFF
76

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The default is On, because certain job servers and third-party applications
cannot function without changing to client rights. To determine whether the
job server can function without client rights, refer to the documentation that
comes with the job server.
Using the Transaction Tracking System

NetWare includes a transaction-monitoring feature called the Transaction
Tracking SystemTM (TTSTM). If you flag a file as transactional, TTS can
prevent corruption of records in the file by backing out of incomplete
transactions and keeping a record of backed-out data.
NOTE: A file flagged as transactional cannot be deleted or renamed.
TTS can also back out file truncations or extensions and multiple changes to
the same data area during a single transaction. TTS can even back out
interrupted backouts if the NetWare server fails in the middle of backing out
transactions.
But TTS cannot protect against these types of failures for any type of
application that issues record-locking calls and stores information in records,
including traditional databases, some electronic mail applications, and some
workgroup appointment schedulers.
Files that arent organized into discrete records (such as word processing files)
arent protected by TTS.
Transactions on a network can be saved improperly in any of the following
situations:
Power to a server or a workstation is interrupted during a transaction
Server or workstation hardware fails during a transaction (for example, a
parity error on a network board)
A server or workstation hangs (a software failure) during a transaction
A network transmission component (such as a hub, a repeater, or a cable)
fails during a transaction
If the server fails and the file has been flagged transactional, TTS backs out
the transaction when the server comes up again. If a workstation or network
transmission component fails, TTS backs out the transaction immediately.

103-000148-001
August 30, 2001
Novell Confidential
77
Manual
99a
38
July 17, 2001
How TTS Works

The Transaction Tracking System (TTS) can prevent data corruption by
backing out of incomplete transactions and keeping a record of backed-out
data.
TTS guarantees that all changes to a database file are either wholly completed
or not made at all. TTS follows these steps to track transactions:
1. When the application allocates a physical or logical record lock, TTS
infers that the application is making a transaction. At this point, if you
have flagged the file as transactional, TTS begins tracking the transaction
so that the transaction can be backed out if a failure occurs.
2. TTS makes a copy of the original data so the data can be restored if the
transaction fails. A copy of the data is placed in a file external to the
database. This external file contains all transaction backout information;
only the operating system uses it.
3. After the copy of the original data has been written to the backout file,
TTS writes the changed data to the database file.
4. TTS repeats Steps 2 and 3 for additional changes (a single transaction can
consist of a sequence of changes).
5. When all changed data has been written to disk, and the database
application releases physical and logical record locks, TTS infers that the
application has completed the transaction. TTS writes a record to the
backout file, indicating that the transaction is complete, and stops
tracking the transaction.
To learn how to enable and activate TTS, see Enabling and Activating TTS
on page 78.
Enabling and Activating TTS

In NetWare 6, TTS has three possible states:
Disabled
Enabled but inactive
Active
The disabled and inactive states are similar in that TTS operations have no
effect. Only in the active state, do TTS operations have an effect.
78

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Only one file system can have an active TTS. Therefore, if your server is using
both the Novell Storage Service (NSS) file sytem and the Traditional File
System, note the following:
TTS might be enabled on both file systems but it will only be active for
one of them.
By default, the Traditional File System has TTS always enabled.
NSS determines if the Traditional File System has TTS enabled and if this
is the case, it automatically makes TTS inactive on the NSS file system.
Therefore, if any traditional volumes are on your server, TTS on the NSS
file system is automatically disabled or inactive.
If TTS is disabled on the Traditional File System by using the DISABLE
TTS console command, then TTS automatically becomes active on the
NSS file system if it is enabled.
Because the DISABLE TTS command is not persistent, the only way to
persistently allow TTS to be active when it is enabled on NSS volumes is
to put the DISABLE TTS console command in the AUTOEXEC.NCF
file.
By definition, if you have traditional and NSS volumes on the same
server, then it is impossible for TTS to be available on all volumes.
If you only have traditional volumes on your server, then TTS is available
on all volumes.
If you only have NSS volumes on your server, you can enable TTS on all
volumes, but it will not, by default, be enabled on all volumes. To do so
would result in a 4 MB tax on every volume.
You can enabled TTS manually for any volume by entering the following
command at the System Console prompt:
NSS /Transaction=VolName
The NetWare server automatically disables TTS if one of the following
happens:
Volume SYS: becomes full
Volume SYS: is the TTS backout volume.
The NetWare server has insufficient memory to operate TTS

103-000148-001
August 30, 2001
Novell Confidential
79
Manual
99a
38
July 17, 2001
If TTS has been disabled and you have solved the problems that led to its
disabling, enter one of the following at the System Console prompt to enable
it again:
On a server with traditional volumes: ENABLE TTS
On NSS volume: NSS /Transaction=VolName
To enable and manage transaction tracking for individual files on traditional
volumes, use the commands and parameters in the following table.
To
Do the following
Enable transaction tracking for a file.
Use NetWare Remote Manager to flag the file as

transactional. For more information, see Viewing
Individual Files in NetWare Remote Manager
(Note that files flagged as transactional cannot be
deleted or renamed.)
Enable TTS to backout transactions without

displaying confirmation prompts.
Place the following command into the

STARTUP.NCF file and restart the server:
SET AUTO TTS BACKOUT FLAG = ON
If this parameter is set to On (default), the backouts
happen automatically.
If this parameter is set to Off, you will be prompted
to confirm file backouts.
You can also set the parameter with NetWare
Remote Manager > Set Parameters > Traditional
File System.
Log backed out data to the SYS:TTS$LOG.ERR

file.
Execute the following command at the System

Console prompt:
SET TTS ABORT DUMP FLAG = ON
If this parameter is set to On, the transactions are
stored in SYS:TTS$LOG.ERR.
If this parameter is set to Off, the transactions are
backed out, but the server does not provide you
with a record of the backouts.
You can also set the parameter with NetWare
Remote Manager > Set Parameters > Traditional
File System.
80

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Using an Uninterruptible Power Supply (UPS)

An uninterruptible power supply (UPS) is a backup power unit that supplies
uninterrupted power if a commercial power outage occurs. A UPS is an
indispensable part of your network. Not only does it help prevent damage to
your computers from power surges and brownouts, but it also prevents data
loss during power outages.
Both online and offline UPS systems are available:
Online UPS actively modifies the power as it moves through the unit. If
a power outage occurs, the unit is already active and continues to provide
power.
An online UPS is usually more expensive than an offline UPS, but
provides a nearly constant source of energy during power outages.
Offline UPS monitors the power line. When power drops, the UPS is
activated.
The drawback to this method is the slight lag before the offline UPS
becomes active. However, most offline UPS systems are fast enough to
offset this lag.
Because UPS systems can be expensive, most companies attach them only to
the most critical devices, such as NetWare servers, routers, and hard disk
subsystems.
Attaching a UPS to a server enables the server to properly close files and
rewrite the system directory to disk.
Unfortunately, most programs run on the workstation and data stored in RAM
is not saved during a power outage unless each station has its own UPS.
If the UPS doesnt have its own form of surge protection, install a surge
protector to protect the UPS.

103-000148-001
August 30, 2001
Novell Confidential
81
Manual
99a
38
July 17, 2001
Preventing Virus Infection

Keep viruses off the network by educating users about virus dangers and by
enforcing procedures that reduce virus risks, such as the following:
Back up data frequently.
Maintain layers of archived backups so you can retrieve a backup from a
preinfected file.
Keep a write-protected, bootable diskette with the latest virus scan and
removal software for all servers and workstations.
Keep a backup of executable files and flag them Execute Only.
Educate yourself about the infection techniques of the latest viruses.
Educate network users about how to detect viruses.
Warn users of the dangers of viruses. Discourage them from using
diskettes and files that have been in computers away from work.
Teach users to power down their workstations immediately upon
encountering a virus.
Restrict access to a servers diskette drives by locking the server in a
secure room. Put tape over the drive openings to remind you not to use
them unnecessarily.
Avoid using the Admin account when possible. The fewer privileges your
login account has, the less power a virus has to destroy data and to spread.
Monitoring the NetWare Server

Monitoring the server allows you to do the following:
Isolate performance bottlenecks
Optimize server performance
Troubleshoot and resolve server problems
NetWare Remote Manager is a tool for debugging and monitoring the server
from a Web browser at your workstation. You can also access a Java version
of this tool from the server GUI. For more information, see Accessing
NetWare Remote Manager, Managing Servers Remotely, and
Troubleshooting Server Problems in the NetWare Remote Manager
82

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
MONITOR is the key tool for performance monitoring at the server level from
the server console. It runs in the NetWare kernel so that it can make calls
directly to the operating system. Most statistics are updated every second.
Accessing MONITOR
To load MONITOR at the System Console prompt, enter
[LOAD] [path] MONITOR
The LOAD command is necessary only if you have a batch file with the
same name as the NLM. (Using the LOAD command indicates that
MONITOR is a loadable module.)
The path is specified only if you moved the utility from its default
directory SYS:SYSTEM to a directory that does not have a search path.
If MONITOR is running but is not the active screen at the console, there
are two ways to toggle to the MONITOR screen:
Press Alt+Esc. To cycle through other console screens, continue to hold
Alt down and tap Esc until the current MONITOR screen reappears. Use
the bar at the top of the screen for navigation.
Press Ctrl+Esc. To see a numbered list of available console screens and
then enter the number for the NetWare Console Monitor.
To exit MONITOR, use either of the following procedures:
Repeatedly press Esc until the Exit confirmation box appears. Then press
Enter to return to the System Console prompt.
To bring up the Exit confirmation box immediately, press Alt+F10. Then
press Enter to return to the System Console prompt.
What to Monitor and Why

A monitoring utility can be overwhelming in the volume of information and
statistics it provides. To simplify your access to key parameters, MONITORs
General Information includes most of them on one screen, including
performance indicators that pertain to memory utilization and disk I/O.
For an explanation of the interaction of three types of configurable parameters
that control dynamically allocated services, see Monitoring Allocated
Services on page 86. The guidelines allow you to be proactive in maintaining
the level of service your users require.

103-000148-001
August 30, 2001
Novell Confidential
83
Manual
99a
38
July 17, 2001
The Other Information and Statistics to Monitor on page 87 section includes

error logs, available free disk space, and user accounts. To be prepared for
power supply interruptions, test your UPS (uninterruptable power system)
periodically.
Becoming familiar with your servers day-to-day performance and its
characteristic response to its unique load will help you to better interpret the
information and statistics that the monitoring utilities provide.
MONITORs General Information
Most of the important performance indicators that can be used to track,

diagnose, and resolve server problems appear in the General Information
screen in MONITOR. This window is displayed when you load MONITOR.
The following information describes the onscreen performance indicators.

Utilization. Average of the servers total processing capacity that was
used during the last second, expressed as a percentage. The remainder of
the time is spent in an idle loop. Monitor the patterns of utilization.
Does utilization go to 100 percent? Does it reach a plateau or does it peak
for a few seconds and then drop? What time and how frequently does it
peak?
84

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Server Up Time. Amount of time that has elapsed since the server was
most recently started. If your server has Auto Restart enabled, use this
field to determine whether your server has abended and restarted. You can
also use this information to detect power failures or intruders who bring
down the server.
Online Processors. Number of enabled and online processors. The
Platform Support Module (PSM), loaded from STARTUP.NCF, enables
NetWare to use secondary processors in a multiprocessing platform. The
default is to autostart all processors.
Total Cache Buffers. How many cache buffers are currently available for
file caching. This number decreases as you load NLM programs.
Because file caching has a dramatic impact on server performance, you
want this number to be as high as possible.
Dirty Cache Buffers. How many buffers contain data which has been
changed but not yet written to disk.
Monitor this number to see whether it is increasing. If it is, you might
have a bottleneck in the Traditional file system.
Long Term Cache Hits. The cumulative percentage of requests for disk
blocks that were already in cache for the traditional file system. (When
the requested data is already in memory, disk reads dont need to be
made.)
Use this percentage to assess overall disk cache utilization if you are
using the traditional file system. If this value falls below 90%, the disk
thrashes and server performance degrades. The solution is to install more
physical memory (RAM).
Current Disk Requests. How many read requests are pending.
Monitor this number to see whether it is increasing. If it is, a slow hard
disk might be your bottleneck.
Packet Receive Buffers. How much memory is allocated for holding
client requests while the server processes them. The server allocates more
packet receive buffers as needed (within minimum and maximum
values). Buffer size depends on the network adapter.
This number is the result of the interaction of three configurable
parameters. Monitor the current value to ensure that it does not reach the
maximum value.

103-000148-001
August 30, 2001
Novell Confidential
85
Manual
99a
38
July 17, 2001
Maximum Service Processes. How many task handlers the server can
allocate to service client requests. As the number of client requests
increases, the server creates more service processes. When no more
service processes can be allocated, server performance is adversely
affected.
Monitor the current number of service processes to ensure that it does not
reach this value.
Current Service Processes. How many task handlers are currently being
used to service client requests.
Use this number to determine whether the server has enough free task
handlers to service client requests. If the number of current service
processes reaches the maximum, the value of the Maximum Service
Processes (Communications category) parameter must be increased.
Current Connections. Number of active connections, whether licensed
or unlicensed, authenticated or Not-Logged-In.
Open Files. Number of files currently being accessed by the server and
by other clients. Certain files are always open, such as the hidden files that
support eDirectory.
Monitoring Allocated Services
There are limits to resources in every computing environment. NetWare

allocates resources according to need and availability. When a request is
received, the operating system doesnt immediately allocate new resources. It
waits a specified amount of time to see if existing resources become available
to service the demand.
Dynamically allocated services are controlled by the interaction of three types
of settable parameters. If you understand how they work together, you can
interpret the statistics that you monitor and know how to configure the
systems response to demand.
Maximum limits control the amount of server resources the operating
system can allocate for a particular service.
Minimum limits allow the operating system to allocate a minimum
amount of resources as soon as a request is received.
Low minimum limits slow the growth of a particular service. High
minimum limits allow rapid growth.
86

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Wait time limits control how rapidly the operating system can allocate a
new resource.
If resources become available, no new resources are allocated. If they
dont become available within the time limit, new resources are allocated.
The time limit ensures that sudden, infrequent peaks of server activity
dont permanently allocate unneeded resources.
Consider, for example, the allocation of directory cache buffers. If the
minimum number of directory cache buffers is set to 20, the system allocates
another buffer resource as soon as a request is madeuntil 20 cache buffers
have been allocated.
When 20 directory cache buffers are allocated, the system waits 2.2 seconds
(default) when a request comes in, and then allocates another buffer if the
request is still active.
However, if the minimum number of directory cache buffers is set to 40, the
system allocates 40 directory cache buffers before it starts slowing the growth
by waiting 2.2 seconds after each request.
Other Information and Statistics to Monitor
Common maintenance tasks also include the following:

Checking Server Error Logs (page 97)
Checking Disk Drives (page 97)
Reviewing Server Cache Statistics (page 97)
Checking Free Space on Server Disks and Volumes (page 98)
Reviewing User Accounts (page 98)
Testing the Uninterruptible Power Supply (page 98)
Displaying Server Alerts

You can enable the server to display alert messages under various conditions,
such as when NLM programs fail to relinquish control of a processor. Many
alerts are controlled by server parameters that set a threshold when the alert
will be generated. By default, whenever an alert is received, a bell also sounds.
To turn the bell sound off, set the following server parameter in the
Miscellaneous category:

103-000148-001
August 30, 2001
Novell Confidential
87
Manual
99a
38
July 17, 2001
Sound Bell for Alerts = OFF
Available alert parameters are described in the following table.

Condition That Generates Alert
Relevant Parameters
Spurious interrupts are detected
Display Spurious Interrupt Alerts

Spurious Interrupt Alert Threshold
(See SET > Miscellaneous Parameters in
Utilities Reference.)
Lost interrupts are detected
Display Lost Interrupt Alerts

Lost Interrupt Alert Threshold
NLM programs fail to relinquish

control of processor
Display Relinquish Control Alerts

CPU Hog Timeout Amount
Incomplete IPXTM packets are

received
Display Incomplete IPX Packet Alerts
Available file cache buffers are

nearing minimum
Minimum File Cache Report Threshold
A volume is becoming full
Volume Low Warn All Users
(See SET, Display Incomplete IPX Packet

Alerts = value in Utilities Reference.)
(See SET > File Caching Parameters for the

Traditional File System in Utilities Reference.)
Volume Low Warning Threshold

Volume Low Warning Reset Threshold
(See SET > File Parameters for the
Traditional File System in Utilities Reference.)
Many other alerts can be generated by the system, but are not controlled by
server parameters. For example, if the address of a server on the network is
changed, an alert will be broadcast on other server consoles. You can control
these alerts with the ALERT command. See ALERT in Utilities Reference.
88

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Managing Workstation Connections

This section explains how to use utilities and commands for disabling logins,
clearing connections, controlling resource allocation, sending messages, and
working with watchdog packets. See the following:
Performing Connection Management Tasks on page 89
Monitoring Workstation Connections to the Server on page 89
Sending Console Messages to Workstations on page 91
Clearing a Workstation Connection on page 92
Disabling and Enabling Logins on page 93
Controlling Resource Allocation with Locks on page 94
Performing Connection Management Tasks

The tasks for which you can use NetWare Remote Manager or MONITOR
Viewing a list of active workstation connections on the server
Determining which users are logged in
Viewing information about a connection
Configuring a watchdog to monitor connections for activity
Viewing a list of files that the connection has open
Terminating one or more workstation connections
You can also use CLEAR STATION n or CLEAR STATION ALL at
the System Console prompt. For more information about these
commands, see CLEAR STATION in Utilities Reference.
Sending a message to one or more workstations
Monitoring Workstation Connections to the Server

The most effective tool for monitoring workstation connections to the server
is NetWare Remote Manager. For information about monitoring workstation
connections to the server using NetWare Remote Manager, see Monitoring
Connections to the Server in the NetWare Remote Manager Administration
Guide.

103-000148-001
August 30, 2001
Novell Confidential
89
Manual
99a
38
July 17, 2001
To monitor connections to the server from utilities at the server console, see
the procedures in the following table.
To
Do the following
View a list of active server connections.
1. In MONITOR, from the Available Options

menu, select Connections. The list of Active
Connections appears.
Determine which users are logged in.
2. (Optional) Press F3 to re-sort the connection

list.
List items without an asterisk (*) represent
logged-in users.
List items with an asterisk (*) are unlicensed
connections (this means they do not count
against a servers total licenses). These
connections are authenticated to eDirectory but
are not logged in.
View information about a connection:
Connection number
Connection name

menu, select Connections to display the list
of Active Connections.
2. Select a connection from the list.
Elapsed connection time
3. Press Tab to activate the Connection

Information screen in the upper window.
Network node address

Read/write requests
Authentication and license status
4. For an explanation of the information fields

and statistics, press F1.
Files in use
Locks and semaphores in use
Supervisory rights
View a list of files that the connection has open.
Use this procedure when you want to determine
whether a crashed workstation has open files
remaining on the server.
90

menu, select Connections.
2. Select the connection from the list.
3. After determining whether files are open on
the server, press Esc to return to the Active
Connections list.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
To
Do the following
Terminate one or more connections.
See Clearing a Workstation Connection on page

92.
Use this procedure to clear the connection when a

workstation has crashed and left open files on the
server.
Note: Transaction monitoring (TTS) provides
automatic backout for database records or files
stored on the server if a workstation has crashed
and left those files open on the server. Also a file is
protected if the Transaction (T) file attribute is set
for it.
Send a message to one or more workstations.
Use this procedure when you need to warn users to
log out before you down the server.
See Sending Console Messages to Workstations

on page 91.
Sending Console Messages to Workstations

To send a message from the server console to all workstations or to a single
user using NetWare Remote Manager, see Sending Messages to Users in the
To send a message from the server console to all workstations or to a single
user using MONITOR, complete the following:
1 From the Available Options menu, select Connections.
2 Press F8 to display more options on the task bar.
3 On the list of Active Connections, select the connection for the user you
want to send a message to. (Use F5 to mark additional recipients.)

In the Active Connections list, items without an asterisk (*) represent
logged-in users.
4 To display the message composition box, press F4.
5 Type your message in the message box and press Enter to send it.
A confirmation box appears.

6 You can either choose to send the message immediately or you can press
Esc to discard it.

For more information, see MONITOR in Utilities Reference. For information
about receiving and clearing messages at the workstation, see the
documentation for your NetWare client.

103-000148-001
August 30, 2001
Novell Confidential
91
Manual
99a
38
July 17, 2001

To clear a client connection when the workstation has crashed and left open
files on the server, use one of following procedures:
Clearing Specific Connections in the NetWare Remote Manager
Using MONITOR to Clear a Connection on page 92
Using CLEAR STATION to Clear a Connection on page 92.
IMPORTANT: If you clear the connection while the workstation is in the middle of
a transaction or a file update, the files might be saved with incorrect data.
Using MONITOR to Clear a Connection

1 In MONITOR, from the Available Options menu, select Connections.
A list of active connections appears.

2 (Optional) To view a workstations open files, select the workstations
connection.
After viewing files, press Esc to return to the Active Connections list.
3 Clear one or more connections.
To clear one connection, select the connection and press Delete. At

the Clear Connection? prompt, select Yes.
To delete multiple connections, select each connection and press F5

to mark it. Then press Delete. At the Clear Connection? prompt,
select Yes.
To clear all unused (not logged in) connections, press F6.
Deleted connections are no longer listed on the Active Connections list.

For more information, see MONITOR in Utilities Reference.
Using CLEAR STATION to Clear a Connection
If you know the connection number, you can terminate a specific connection
by entering the following at the System Console prompt:
CLEAR STATION n
Replace n with the connection number of the workstation.
92

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
To clear all connections, enter the following at the System Console prompt:
CLEAR STATION ALL
IMPORTANT: The CLEAR STATION ALL command clears all not-logged-in
connections including connections by NLM programs. You should be carefull in

clearing NLM-based connections because some backup NLM programs establish
a connection during the server initialization process and maintain a not-logged-in
connection to the server until it is time to log in and run the process. These type of
NLM-based connections will not be able to re-establish a connection to the server
unless the NLM is unloaded and reloaded at the server.
For more information, see CLEAR STATION in Utilities Reference.
Disabling and Enabling Logins

If you need to make repairs to the server, you can prevent users from logging
in by entering the following command at the System Console prompt:
DISABLE LOGIN
This does not affect users who are already logged in to the network. However,
a user who logs out cannot log in again until you execute ENABLE LOGIN.
To allow users to log in again, enter the following at the System Console
prompt:
ENABLE LOGIN
You can also use ENABLE LOGIN to enable a SUPERVISOR account when
it has been locked by the intruder detection function.
For more information, see DISABLE LOGIN and ENABLE LOGIN in
Clearing a Connection That Uses Auto Reconnect

Novell ClientTM has automatic reconnection capabilities that make a complete
restoration of the user environment after a network failure possible. Because
auto-reconnect is enabled by default, you need to prevent workstations from
reconnecting while you are trying to perform some function on the server.
Novell Client also supports file caching on the client side, which allows files
to be cached as they are read from and written to the server. With the default
settings for the Auto Reconnect Level and the File Cache Level parameters,
Novell Client will restore all files to their actual state before the workstation
connection was cleared (or the server went down).

103-000148-001
August 30, 2001
Novell Confidential
93
Manual
99a
38
July 17, 2001
The workstation monitor displays a message:

Client32: Please wait while Application retries
request to servername. To stop waiting, press Enter.
NetWare will then return an error and try to
reconnect in the background.
You can use a combination of the console commands to prevent clients from
reconnecting long enough to complete your work on the server.
1. To warn users, see Sending Console Messages to Workstations on page
91.
2. To prevent auto-reconnect users from reattaching to the server while you
are working on it, enter DISABLE LOGIN at the System Console prompt
before you clear the connections. See Disabling and Enabling Logins
on page 93.
3. Then use CLEAR STATION to terminate the connection as discussed in
Using CLEAR STATION to Clear a Connection on page 92. With login
disabled, a workstation with auto-reconnect enabled will still try to
reestablish its connection automatically, but the necessary services on the
login server wont be available. (After the connections are cleared,
workstation attachments appear as *NOT-LOGGED-IN entries in
MONITORs Active Connections window.)
4. When you have completed your server tasks, enter ENABLE LOGIN to
allow users to log in again.
HINT: Note that if you dont clear a workstations connection and a communication
failure occurs (such as a broken or unplugged network cable), the workstation will
be able to auto-reconnect when the problem is fixed.
Controlling Resource Allocation with Locks

A lock prevents a file or record from being updated by more than one user at
a time. By controlling the number of file and record locks available to a
workstation or a server, you control access to files and records.
You can increase the number of locks if clients cannot open files. Or you can
limit the number of locks to prevent overuse of file resources.
94

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Preventing Workstations from Overusing File Resources
If you are running out of file resources, use the following SET parameters
(Traditional File System category) to limit the number of locks for the server
and for each connection.
Maximum Record Locks Per Connection = value
Maximum File Locks Per Connection = value
Maximum Record Locks = value
Maximum File Locks = value
Before limiting file and record locks, make sure the workstations have an
adequate number of locks to access the files and records they need. Limiting
needed locks can cause applications to generate errors.
For the server, limit the total number of file and record locks allowed by
decreasing the values of the following parameters:
Maximum Record Locks
Maximum File Locks
For each client, limit the total number of file and record locks allowed by
decreasing the value of the following parameters:
Maximum Record Locks Per Connection
The changes to the parameter values take effect immediately and are
persistent.
Increasing File Record Locks
To provide more file record locks if applications fail either because clients
cannot open enough files or because not enough record locks are available, do
the following:
1 Increase the values of the following (Traditional File System category)
parameters to increase the number of file and record locks allowed for the
server:
Maximum Record Locks
Maximum File Locks
persistent.

103-000148-001
August 30, 2001
Novell Confidential
95
Manual
99a
38
July 17, 2001
2 Increase the values of the following (Traditional File System category)
parameters to increase the number of file and record locks allowed for
each workstation:
Maximum Record Locks Per Connection
persistent.
Performing Common Maintenance Tasks

This section includes information about the following tasks:
Backing Up Server Data (page 96)
Checking Server Error Logs (page 97)
Checking Disk Drives (page 97)
Reviewing Server Cache Statistics (page 97)
Checking Free Space on Server Disks and Volumes (page 98)
Reviewing User Accounts (page 98)
Testing the Uninterruptible Power Supply (page 98)
Documenting the Network (page 99)
Backing Up Server Data

Maintaining a daily backup of the data on your is crucial to the security of your
data.
For information about the backup software included with NetWare, see
Storage Management Services Administration Guide.
96

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Checking Server Error Logs

Check server error logs at least once a week, even if you dont believe there
have been errors. Problems caught early are easier to solve. View the error
logs with EDIT (command line) or Editor (GUI) at the server console or with
a text editor from a workstation.
When needed, NetWare creates the following error logs in SYS:SYSTEM:
BOOT$LOG.ERR for errors generated during the process of starting the
server.
SYS$LOG.ERR for server errors, including system messages, alerts, and
security violations.
VOL$LOG.ERR for volume errors.
TTS$LOG.ERR for data backed out by the Transaction Tracking
System.
ABEND.LOG for information generated by the abend process. This file
is moved to SYS:SYSTEM as soon as the server is started after the abend.
Checking Disk Drives

Once a week check the Storage Devices statistics to make sure that the
operating status of each disk is active. You can do this in MONITOR or in
NetWare Remote Manager by clicking the View Statistics link in the
navigation frame and then selecting the applicable drives you want to view.
If you rarely use the diskette drive on your server, you might want to test the
drive about twice a year to make sure its running properly.
Reviewing Server Cache Statistics

For more information about monitoring and optimizing server memory, see
Optimizing Server Memory in the Server Memory Administration Guide.
For servers using Novell Storage Management, see Setting the Cache Buffers
in the Novell Storage Services Administration Guide.
For servers using the traditional file system, do the following:
1 Review the traditional file server cache statistics weekly.
These statistics are found on the System Memory Information page in

NetWare Remote Manager or on the General Information screen of
MONITOR.

103-000148-001
August 30, 2001
Novell Confidential
97
Manual
99a
38
July 17, 2001
2 Divide the value of Total Cache Buffers by the value of Original Cache
Buffers to determine the percentage of available cache.

Ideally, file server cache should be 70% or more of the total cache.
3 If the percentage falls below 50%, add more memory to the server.
Checking Free Space on Server Disks and Volumes

1 Check server disks and volumes weekly to make sure they have enough
free space.
To determine the amount of free space, load MONITOR and select
Volumes. The Mounted Volumes screen lists all mounted volumes, their
capacity, and the percentage of the volume that is full.
Keep at least 15% to 20% free space on any disk.
Keep at least 20% free space on volume SYS: and at least 10% free space
on other volumes. If volume SYS: fills up, your server hangs.
2 If the free space is less than the recommended values, increase the size of
the volume or remove unneeded files and directories.

You can use REBUILD on NSS logical volumes and VREPAIR on traditional
volumes. See VREPAIR or REBUILD in Utilities Reference.
Reviewing User Accounts

1 Review all users and objects on the network once a month to make sure
that there are no intruders, obsolete accounts, or unauthorized accounts.

2 Make sure accounts are closed for all users who have left the system.
Testing the Uninterruptible Power Supply

If your network has an Uninterruptible Power Supply (UPS), check it twice a
year to make sure its running properly. Choose a time when no users are
logged in to the network.
1 Bring down the server and exit to DOS, but do not turn off the computer.
2 While the computer is still running, unplug it.
If your UPS system is working properly, the computer should continue to

run.
If the server powers off, your UPS batteries are probably low or dead.
Check and replace them.
98

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Documenting the Network

It is important to document your network. Keeping records of network layout,
hardware and software inventory, configuration, repairs, and backup
schedules will save you time and work if you need to rebuild or replace parts
of the network, justify new equipment, or restore the network after a disaster.
You will also need much of this information if you ever need to call Novell
Technical Support. You might want to keep documentation in a notebook or
online in a database.
IMPORTANT: Whether you store your network documentation in a notebook or in
a database, keep multiple copies and update them regularly. Always store one or
more copies offsitealong with your taped backups. Documentation does no good
if its destroyed with the network itself in a major disaster.
Your network documentation should include the following:

Inventory of all hardware and software
Version numbers, serial numbers, warranty information, date purchased,
license information, etc.
Configuration information for workstations
Copies of AUTOEXEC.BAT, NET.CFG (for DOS and Windows 3.1x
clients) or the registry (for Windows 95/98 and Windows NT/2000).
Any standard directory structures.
Configuration information for server
In NetWare Remote Manager, click Run Config Report in the navigation
frame. Click the View Report button. Then print and save the report. This
report contains the following:
Contents of all .NCF, .BAT, .CFG, .BAT, ABEND.LOGS
A file list of the C: directory
A file list of the SYS:SYSTEM directory
A list of all SET parameters and current settings
A list of all the modules currently running on the server
A list of LAN driver configurations
Storage device configuration information
Volume statistics for volume SYS: and _ADMIN

103-000148-001
August 30, 2001
Novell Confidential
99
Manual
99a
38
July 17, 2001
You should also gather the following information:

Services provided by each server, such as file and print, databases,
etc.
General directory structure of each volume.
Configuration information for printers
Map of printer locations, the version of NLM programs, and the dates and
versions of print drivers.
eDirectory tree structure
Print out the eDirectory structure from ConsoleOne or iMonitor.
Document replicas and partitions.
Procedures
Login processes and backup procedures. Most important, procedures for
restoring the system from backups.
Backup information
Rotation schedule of backup media, labeling system, names and phone
numbers of backup operators, and locations of backup disks and tapes.
User information
Login scripts and special menus.
Software and hardware repairs and service calls
Repair records and receipts, service calls log, and solutions in case the
same problem occurs again.
Diagram of network and cable plant
Locations of servers, workstations, printers, routers, hubs, etc.; name of
each element; the kinds of cables and connections.
Changes to the system.
Any updates to the network or its components.
100 Server Operating System Administration Guide

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Performing Preventive Maintenance Tasks

To avoid common server problems, review the following:
Preventing Memory Problems on page 101
Preventing Power Supply Errors on page 101
Preventing Static Electricity Problems on page 102
Monitoring the NetWare Server on page 82
Matching Performance Capabilities on page 34
Documenting the Network on page 99
Preventing Cabling Problems in the Server Communications
Preventing Memory Problems

Make sure you have adequate memory installed on the system.
Modify the NET.CFG file to load only necessary drivers.
Modify the CONFIG.SYS file to load only necessary drivers.
Check the AUTOEXEC.BAT and CONFIG.SYS files to make sure no
memory managers, such as HIMEM.SYS or EMM386.EXE, are being
loaded and that there is no DOS=HIGH statement in either file. Make sure
no DOS device drivers are being loaded.
For information about freeing up memory on a server, see Freeing Server
Memory Temporarily on page 139.
Preventing Power Supply Errors

An inconsistent power source is the most common cause of hardware
problems. It also produces the most devastating results.
Power outages cause workstations, network servers, print servers, and backup
devices to reboot. When this happens, all information stored in RAM is lost
and sometimes hardware is damaged.
Power spikes and brownouts can also cause a variety of hardware errors.
Managing the NetWare Server 101

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
You can have reliable network performance only if you plan for power outages
and fluctuations and protect against them. The following tips can help you do
this:
Add a dedicated power feed and ground line from your breaker box to
critical equipment. Make sure the ground line connects to earth ground.
Install an uninterruptible power supply (UPS) or a standby power system
(SPS) to provide power to critical equipment for 15 minutes after a power
outage.
The capacity of such power supplies is limited, so you might not want to
plug nonvital hardware (such as monitors or printers) into the UPS or SPS
line.
Train users to save data and log out of the network when the power goes
out. Then you can bring down the NetWare server in an orderly manner
without forcing users off the system while the server is running on UPS
or SPS power.
Install a surge suppressor or power conditioner on all power lines that are
used by computers. Many UPS and SPS devices already have this feature.
Do not allow anyone to plug fans, printers, copy machines, vacuum
cleaners, or other motor-driven appliances into the dedicated line or into
any power line with computers.
Insert "dummy plugs" into open outlets to prevent people from plugging
such appliances into computer power sources.
Preventing Static Electricity Problems

An electrostatic discharge (ESD) must equal about 3000 volts before you can
feel it, but sensitive electronic components such as microchips and circuit
boards can be damaged by ESDs of as little as 20 or 30 volts. These small
discharges do not cause a component to fail immediately, but can cause the
component to degrade over time and fail at a later date.
We recommend that you take the following precautions to protect electronic
components from electrostatic discharge:
Ground yourself and your equipment with a proper wrist strap and mat
before working on computers and computer boards. Test grounds daily to
make sure they have not become loose or intermittent.
WARNING: Do not use a wrist strap when working on monitors! They can carry a
large voltage that can reach you through the strap.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Never touch components or integrated chips by their electrical leads.

Do not allow anyone to touch you when you are working on boards that
contain integrated circuits. They might cause a static charge.
Transport and store boards and integrated circuits in static-shielding bags,
usually grey-silver in color. The bags must be in perfect condition
because tiny pin holes will defeat their purpose. Anti-static bags (blue or
pink) do not shield their contents from external static fields and should
not be used.
Keep nonconductors, such as polyester clothing and plastic, away from
open computers and components. Nonconductors are a source of static
charges.
Never place components on any conductive surface, such as metal.
Keep the humidity of any area where you have open computers at 70 to
90 percent. Static electricity problems are more likely to occur in low
humidity.
Managing the NetWare Server 103

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38

103-000148-001
August 30, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001

This chapter contains the following information for troubleshooting your
NetWare server:
Using a Troubleshooting Methodology on page 105
Creating a Core Dump on page 112
Troubleshooting Hardware and Network Problems on page 114
Troubleshooting the NetWare Server on page 115
Monitoring and Resolving Communication Problems on page 147
Suspected Multiprocessing Problems on page 149
Unable to Communicate with Server, -625 Errors on page 150
Workstations Cant Communicate with Server on page 153
Preventive Maintenance Tasks on page 158
Using a Troubleshooting Methodology

Novell Technical Support recommends that you follow the same basic steps
in all troubleshooting efforts. Following a standard procedure helps you solve
technical problems faster and in an orderly way.
The following tasks are those that any Novell Technical Support
representative would ask you to perform if you called Technical Support. By
following these steps on your own, you might be able to resolve problems
without assistance. Then, if you still need to call Technical Support, you will
already have the information prepared for the representatives to solve your
technical problems more quickly.
Keeping Your Servers Patched on page 106
Eliminating Obvious Causes on page 107
Troubleshooting the NetWare Server 105

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Gathering Information on page 107

Simplifying the System on page 109
Using Troubleshooting Resources on page 109
Developing Hypotheses and Performing Tests on page 111
Looking for Additional Help on page 111
Documenting the Solution on page 112
You can find additional tips in TID 2938836, Before Calling Support for OS
Issues at Novells Support Web site (http://support.novell.com/cgi-bin/
search/tidfinder.cgi?2938836).
Keeping Your Servers Patched

Many problems that might occur on your server will have already been solved
by Novell and provided in the form of a patch file. It is essential that you load
all server and client patches.
Novell provides regular Support Packs that contain patches for the complete
operating system and associated products. To locate the latest patches for your
network, see the Minimum Patch List page on the Novell Support Web site
(http://support.novell.com/misc/patlst.htm).
To locate specific patches for SERVER.NLM and updates for other NLMTM
programs, see the Patches and Files page on the Novell Support Web site
(http://support.novell.com/filefinder/). Copy updated NLM programs to the
servers startup directory where they will overwrite the previous versions.
In addition, be sure you use up-to-date drivers for the version of NetWare that
you are using. Use drivers that ship with the product; drivers that are tested,
certified, and made available on the Novells Support Web site (http://
support.novell.com/); or certified drivers released by hardware vendors.
Check product certification bulletins on the DeveloperNet Web site at Novell
Solutions Search (http://developer.novell.com/solutions). In the Software
category, select LAN adapters or WAN adapters to learn which versions are
most recent.
ODITM HSM Specification 3.31 supports NBI (NetWare Bus Interface), HIN
(hardware instance number), instance unload, and industry-standard PCI Hot
Plug technology. Do not mix uses of a driver written to the 3.3x/1.1x ODI
Specification with 3.2 ODI Specification support modules. The LAN driver
certification bulletin will list the specification a LAN driver is written to. In

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
some cases, you will need to contact the IHV (independent hardware vendor)
that wrote the driver.
To verify the compatibility of the ODI modules with the LAN drivers on your
server, download and run DRVSPC.EXE (http://support.novell.com/servlet/
tidfinder/2911341).
NetWare 6 drivers for storage devices and host bus adapters are written to the
NWPA (NetWare Peripheral ArchitectureTM) specification.
Eliminating Obvious Causes

Be sure to eliminate any obvious causes for network problemssuch as
making sure that everything is plugged in and that the power is on. Consider
the following:
Check the Novell Knowledgebase (http://support.novell.com/search/
kb_index.htm) for known problems with software and hardware.
Inventory the hardware and cabling systems to make sure that everything
is plugged in, connected, and terminated properly.
Check for user errors.
Make sure that all hardware is Novell certified. Check the Novell
DeveloperNet Web site (http://developer.novell.com) for a list of
hardware and software products certified to run with NetWare.
Make sure that there are no rights problems. Insufficient rights prevent
you or your users from accessing volumes, directories, and files and from
performing file operations.
Gathering Information
Start gathering information about the context of the problem. Ask the
following questions:
When does the problem happen? For example, a problem that occurs
regularly at midnight could be related to file compression. A problem
occurring in the morning could be related to spikes in network usage as
users log in.
Can you duplicate the problem? Is it constant or intermittent? If
intermittent, at what intervals does it happen?

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Can the problem be associated with other activities happening on the

network at the same time or with specific hardware and software? For
example, does the problem occur only when the network activity is
highest? Does it occur only on certain workstation platforms?
Did anything change shortly before the problem began to occur? For
example, did you install new software?
What components of the network are involvedthe server, some or all of
the workstations, printers, or other peripheral devices?
What error or console messages are displayed? What NLM program is the
source of the message? Check server error logs.
What do configuration and log files reveal? If you need to call Novell
Technical Support, gather information about your server and network,
including log files such as ABEND.LOG, SYS$LOG.ERR, and
VOL$LOG.ERR. Also have your hardware and software configuration
and version numbers available.
To get this information, you can run, view, and send a configuration report
on your server using NetWare Remote Manager. For procedures, see
Running and Viewing the Server Configuration Report in the NetWare
Remote Manager Administration Guide.
If you suspect problems with eDirectory, gather the following
information:
Number of servers in the tree
Structure of the tree
Number of objects per partition
Error messages
Names of servers holding master replicas
Versions of eDirectory on pertinent servers
Compare the affected computers to similar computers. Do some
computers have the problem, while others do not? If so, what is different
between the affected and unaffected computers?

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Simplifying the System

If there is any danger of losing data, back up the system before you do any
further troubleshooting.
Simplify the system and eliminate as many variables as possible to isolate the
source of the problem.
Try running the server without the AUTOEXEC.NCF or STARTUP.NCF
file. You can comment out the commands in the .NCF files, or you can
execute SERVER with the -na or -ns option. (To comment out a
command, type REM and a space at the beginning of the command line.)
For an explanation of these load options, see SERVER in the Utilities
Reference.
Unload all NLM programs. Remove all nonessential products, including
virus scanners and server metering modules, until the server software is
in a basic or default configuration.
Remove or disconnect peripheral devices.
Remove extra network boards or LAN adapters.
When you have simplified the server as much as possible, note whether the
problem happens again. To determine whether the operating system is the
source of the problem, restore each component of the system, one at a time,
checking to see whether the addition of the component generates the problem.
Using Troubleshooting Resources

Novell and other vendors provide research tools you can use to resolve
problems.
For example:
The Novell Knowledgebase (http://support.novell.com/search/
kb_index.htm).
This site contains Technical Information Documents (TIDs), Solutions,
and patches. You can browse by product or search using partial filenames
and wildcards. You might look for the Top 20 Downloads or the most
recently released files.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Novell Support Forms (http://support.novell.com/forums/).

Here you can post technical questions and receive a response from a
Novell Certified System Operator (SysOp). You can also browse
responses that have already been posted.
The Novell DeveloperNet Web site (http://developer.novell.com).
This site contains information about third-party products certified to run
with NetWare. You can use a search facility that is form-based to locate
tested and approved bulletins by category.
Novell user groups, located in most cities and countries. Novell Users
International (NUI) offers NetWare support forums on the World Wide
Web (http://www.nuinet.com/).
Novell Support Forums (http://support.novell.com/pforum/).
Here you can post technical questions and receive a response from a
Novell Certified System Operator (SysOp). You can also browse
responses that have already been posted.
Vendor Web sites that provide information and updated software to
download.
NetWare utilities, such as NetWare Remote Manager or MONITOR.
NetWare Remote Manager can be used from a workstation through a Web
browser. From this utility, you can track down high users of server
memory, server CPU, server processes, server disk space, etc. For more
information about using this utility, see the NetWare Remote Manager
The MONITOR utility can provide important clues to the source of server
or network performance problems. For more information about using this
utility, see MONITOR in the Utilities Reference.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Developing Hypotheses and Performing Tests

After you have gathered information, eliminated obvious causes, or simplified
your system, you can determine what you think is the most likely cause of the
problem. You might develop several hypotheses. If so, decide which is the
most likely, the next mostly likely, etc. Base your hypotheses on the data you
have gathered and on your own experience with the system.
After you have developed your hypotheses, test them, keeping these tips in
mind:
Decide which hypothesis seems the most likely and test this one first. Test
the least likely hypothesis last. The only exception might be a hypothesis
that is very quick and easy to test, in which case you might want to
eliminate it first.
Break down hypotheses into the smallest possible components and test
each one separately. For example, if you suspect the problem is with the
physical network, try to isolate which cable segments, boards, or
connectors might be the source of the problem and then test each one
individually. Test only one component at a time.
Try replacing components. If you suspect a faulty component is causing
the problem, replace it with a component that you know is good. Make
sure that you replace only one component at a time.
Simplify the system. If you have not already done so, try removing
components from the system. If the problem still occurs, you have a
smaller set of components left that can be the source of the problem. If the
problem goes away, start reloading components one at a time. After each
addition, note whether the problem occurs.
Looking for Additional Help

Be prepared, when asked, to tell the Novell Technical Support representative
what troubleshooting steps you have already taken.
Using Novell Authorized Reseller Representatives
Find Service Partners by locality or area. For a list of resellers and distributors
worldwide, check the Novell Support Web site > Partner Services (https://
support.novell.com/partner_services.html).

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Using Novell Support Tools
Novell has additional support tools available. For a list of these tools, see the
Novell Support Web site > Support tools (http://support.novell.com/
tools.html).
Opening a Support Incident
You can open a support incident online. To access the form, see the Novell
Support Web site > Electronic Incident (https://support.novell.com/elecinc/
eiLogin.jsp).
Documenting the Solution

After you resolve a server or network problem, document the solution
thoroughly. The information will be helpful if similar problems occur in the
future. Be sure to document changes to the server or network configuration,
software and hardware updates or additions, new version numbers,
workarounds, etc.
Creating a Core Dump

Novell might request a core dump when a server experiences a lockup or
abend and other troubleshooting has failed to resolve the problem. A core
dump is a copy of a NetWare servers memory at the time the server abended.
Core dumps can be analyzed by Novell engineers and are often the key to
finding software bugs. However, now that servers typically use large amounts
of RAM, creating a core dump is less likely to be a routine troubleshooting
procedure. Your ABEND.LOG file could be equally valuable for diagnosis.
IMPORTANT: You will be expected to install all necessary patches before Novell
requests a core dump. To send a core dump file to Novell, you must first open a
support incident, which will be billable. You will not be charged until the incident is
resolved or closed. If the problem is a Novell bug and no patches were previously
available, then there will be no charge.
The procedure for creating a core dump file follows, but your support
representative can explain it when you call.
You can perform the following types of core dumps:
Full core dump copies all server memory to a local drive or device.
Full core dump minus cache copies all server memory except file cache
(disk cache) to a local drive or device. The cacheless core dump is
smaller, but it provides as much useful information as a full core dump.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
A core dump can be started two ways:

By responding to the core dump choices displayed by NetWare after an
abend has occurred.
The Type? prompt allows you to specify a full core dump or a cacheless
core dump, as explained above.
The Device? prompt allows you to specify a local drive or a DOSwriteable device.
NOTE: Other types of core dumps might become possible in the future. Your
Novell Technical Support representative will inform you if that is the case.
By forcing a core dump by entering .C while in the NetWare debugger.

If the server is not completely frozen, you can enter the debugger by
pressing: Shift+Shift+Alt+Esc.
HINT: Press the left Shift key with the left hand, and press both the right Shift key
and Alt with the right hand. Then press Esc with the most convenient finger of the
left hand.
Then enter .C and the server then displays core dump choices.
When the core dump is finished, enter G to exit the debugger and to
redisplay the System Console prompt. Or enter Q to exit to DOS.
Performing a Core Dump to a Local Drive

After you start the core dump, you are asked to specify the DOS drive letter
and file path that the memory image file will be written to. The size of the full
image file will be approximately equal to the total RAM installed in the server.
For a cacheless core dump, the size of the image file will be approximately
equal to total RAM minus the amount of file cache (disk cache memory).
The drive can be any writable DOS device that contains enough storage space.
But remember that it must be set up not only before the server abends, but
before the server is booted.
When the image is written to a local hard disk on the server, the default name
of the image file is C:COREDUMP.IMG. After the file is on the hard disk, it
can be compressed, copied to diskettes, backed up to tape, or sent by FTP to
ftp.novell.com (if you have opened a support incident).
The image file can also be written to a network drive later, after the server is
up and running. This can be done using IMGCOPY.NLM or any other thirdparty NLM that provides this functionality. To locate IMGCOPY.NLM, use
the search on the Patches and Files page on the Novell Web site (http://
support.novell.com/filefinder/).

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Sending the Core Dump to Novell

Before sending the memory image to Novell, contact a support representative
to open a support incident. You will be assigned to a Technical Support
Engineer who will help you analyze the memory image file. The Technical
Support Engineer will make arrangements to receive the image either in the
regular mail or through the Internet and will advise you on the best media
format to use.
Troubleshooting Hardware and Network Problems

The following sections provide troubleshooting information for resolving
hardware but not really NetWare-related errors.
Identifying Problems after Installation on page 114
Resolving Hard Disk Access Problems on page 114
Making Computer Memory Available for Network Drivers on page 115
Identifying Problems after Installation

If the problem occurred after installation, it might indicate that the network
was installed incorrectly.
Check all network boards for conflicting address and I/O settings.
Each component should be able to work as a standalone system.
Make sure that all cables are fastened securely to all network boards and
network connectors, and that terminating resistors are installed correctly.
Resolving Hard Disk Access Problems

To diagnose hard disk access problems, determine whether any of the
The disk driver has not been loaded.
A hard disk is not installed or cabled correctly.
The communication channel between the controller interface board, the
disk coprocessor board, and the hard disk is not functioning.
The hard disk controller board is not terminated or addressed correctly.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
To resolve hard disk access problems, perform the following actions:

Make sure that the disk driver is loaded. In NetWare Remote Manager,
click the Disk / LAN Adapters link in the navigation frame, and then click
the Info icon for each network board in your server.
Check the cables between the hard disks and the controller boards. Make
sure that Pin 1 of each cable is attached to Pin 1 of each connector.
Check the power cables and make sure that they are seated correctly in
the power sockets on the hard disks.
Check the disk partition and volume information on the hard disk using
ConsoleOneTM or NetWare Remote Manager.
Making Computer Memory Available for Network Drivers

To increase the amount of workstation memory available for network drivers,
do any or all of the following:
Add more memory.
Unload unneeded terminate-and-stay-resident (TSR) programs (DOS
clients only).
Modify the NET.CFG file to load only necessary drivers.
Modify the CONFIG.SYS file to load only necessary drivers.

This section provides troubleshooting suggestions for typical NetWare server
problems such as the following:
Abends
Insufficient Packet Receive Buffer, No ECB Available Count Errors
Slow Response
Console Hangs
High Utilization Statistics
General Server Disk I/O Errors
Disk Space Problems
Memory Problems

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Locked Device Errors

Event Control Block Allocation Errors
Console Command Problems
Keyboard Locking Problems when Copying Files from CD-ROM
Resolving Abends
The NetWare operating system is very resilient, but errors can occur. Serious
problems are usually accompanied by abend (abnormal end) messages. When
an abend message appears, either NetWare or the CPU has detected a critical
error condition and started the NetWare fault handler. NetWare uses abends to
ensure the integrity of operating system data.
When a server abends, users might not be able to log in to the server,
workstations might not be to read from or write to the server, and an abend
message usually appears on the System Console or Logger screen of the server
console. If the NetWare auto-recovery mechanism is enabled (default),
NetWare might restart the server automatically or suspend the offending
process, depending on the nature of the abend.
If there is no abend message on the console, no ABEND.LOG file in
SYS:SYSTEM, and no number in brackets within the System Console
prompt, but users still cant access the server, see Monitoring and Resolving
Communication Problems on page 147. If there is no abend message but the
console is frozen so that you cannot enter commands, see Server Console
Hangs on page 124.
Understanding What Happens When You Get an Abend
When the server abends, it displays an abend message similar to the following:
Abend: SERVER-5.xx-message_number message_string
ADDITIONAL INFORMATION: message
The Additional Information section states the probable cause of the abend. It
indicates where the problem occurred and gives the name of any NLM
associated with the abend. This information helps you determine how to
resolve the abend.
The abend message, along with additional information, is saved in the
ABEND.LOG file on drive C:. As soon as the server is restarted, the
ABEND.LOG file is moved to SYS:SYSTEM.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
You can respond to the abend manually or have the server respond
automatically.
When you respond manually, the server determines the nature of the abend
and displays the appropriate response option on the screen, along with
additional options for bringing down the server or executing a core dump. You
must execute an option to respond to the abend.
When the server responds automatically, it executes the appropriate response
without intervention.
IMPORTANT: Sometimes an abend (or a faulty NLM program) can cause the
server console to stop functioning. In this case, the abend message is not
displayed and you cannot enter commands at the console prompt.
After a server failure, we recommend turning the power off of the computer and
restarting it rather than just exiting to the DOS prompt, C:\NWSERVER, and typing
SERVER again.
Responding to the Abend Manually
The default method of responding to an abend is automatic. (See Responding

to the Abend Automatically on page 120.)
To respond manually to abends, change the following SET parameter (Error
Handling category) to the value shown:
AUTO RESTART AFTER ABEND = 0
This SET parameter controls what the server does after an abend. See the
online help for a description of each value.
When an abend occurs, the server displays a short list of options appropriate
to the nature of the abend. To respond to the abend, you must execute one of
the options by typing the first letter of the option.
The following options could be displayed. Note that several of the options
have the same first letter (such as R, S, or X). In a given abend situation, the
option list will include only one option for any given first letter.
S=Suspend the running process, update ABEND.LOG,
and attempt to down the server
This option appears if the abend was software-detected that is, detected
by the network operating system. It is important to save files, shut down
the server, and try to solve the problem that caused the abend. Review the
ABEND.LOG file to help determine the source of the problem.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
When you execute this option, the server sends a message to users that the
server is going down and advising them to save their files and log out. The
server then stops the running process, updates the ABEND.LOG file, and
attempts to shut down and restart the computer.
The amount of time before the server shuts down and restarts is
determined by the SET parameter AUTO RESTART AFTER ABEND
DELAY TIME. You can set this value from 2 to 60 minutes. The default
is 2 minutes.
You can submit the ABEND.LOG file the the abend log database (http://
abend.provo.novell.com/index.html) at Novell to help you troubleshoot
the abend.
R=Resume the running process, update ABEND.LOG,
and attempt to down the server
This option appears if the abend has detected a hardware problem. Shut
down the server, fix the hardware, run diagnostics, and contact the
harware manufacturer for additional assistance.
When you execute this option, the server sends a message to the users that
the server is going down and advising them to save their files and log out.
The server then resumes the running process, updates the ABEND.LOG
file, and attempts to shut down and restart the computer.
The amount of time before the server shuts down and restarts is
determined by the SET parameter AUTO RESTART AFTER ABEND
DELAY TIME. You can set this value from 2 to 60 minutes.
S=Suspend the running process and update
ABEND.LOG
This option appears if the abend was hardware-detectedthat is, detected
by the processor. All hardware-detected abends have the words processor
exception in the abend message.
These abends include page faults, protection faults, and invalid op codes
stack overflows, double faults, etc. When this option is available, the
server has determined that it cannot return the process to a safe state, but
it does not need to shut down the server immediately to resolve the
problem. You might still need to shut down the operating system and
restart it at a later time.
When you execute this option, the server suspends the currently running
process and updates the ABEND.LOG file, but does not shut down the

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
computer. Server performance might be poor, because a loaded NLM is

probably malfunctioning.
Read the Additional Information part of the abend message to learn which
NLM might be causing the problem. At a convenient time, shut down the
server and restart it. Examine the ABEND.LOG file for more information
about the source of the problem.
You can submit the ABEND.LOG file the the abend log database (http://
abend.provo.novell.com/index.html) at Novell to help you troubleshoot
the abend.
S=Return the running process to a safe state and
update the ABEND.LOG file
Like the previous option, this option appears if the abend was hardwaredetectedthat is, detected by the processor. All hardware-detected
abends have the words processor exception in the abend message.
These abends include page faults, protection faults, and invalid op codes,
stack overflows, double faults, etc. When this option is listed, the server
has determined that it can return the process to a safe state.
When you execute this option, the server returns the running process to a
safe state and updates the ABEND.LOG file, but it does not shut down
the server. In most cases, the server completely recovers and no further
action is necessary.
Y=Copy diagnostic image to disk
Execute this option to perform a core dump that can be examined to
determine the cause of an abend. For information on core dumps, see
Creating a Core Dump on page 112.
X=Restart
This option appears only if DOS has been removed. Execute this option
if you want to restart the server.
If DOS has been removed, the server will not create or update an
ABEND.LOG file.
X=Update ABEND.LOG and then exit
Execute this option if you want to shut down the server and exit to DOS.
If you power off the server without first executing one of the S or R
options to resolve the abend, the server will not update the ABEND.LOG
file.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Otherwise, power off and back on to restart

If the console has been secured, you must power it off and then back on
to restart the server. If you power off the server without first executing one
of the S or R options to resolve the abend, the server will not update the
ABEND.LOG file.
When the server restarts, it moves the ABEND.LOG file from the DOS
partition to the SYS:SYSTEM directory.
Responding to the Abend Automatically
You can require the server to respond automatically to abends. Two automatic
responses are possible.
When both of the following SET parameters (Error Handling category)
are set to the values shown, the server responds to the abend automatically
by evaluating the source of the abend and executing the appropriate S or
R option described in the previous section.
DEVELOPER OPTION = OFF
Because these are the default values of the parameters, the default mode
is to respond to abends automatically.
When both of the following SET parameters are set to the value shown,
the server responds to the abend by shutting down the server and
attempting to restart it.
DEVELOPER OPTION = OFF
Use the following SET parameter to specify how long the server waits after an
abend before attempting to shut down and restart the computer:
AUTO RESTART AFTER ABEND DELAY TIME = minutes
To set the parameter values, use the SET command or MONITOR at the server
console or NetWare Remote Manager from a workstation.
The Developer Option parameter is in the Miscellaneous category.
The Auto Restart After Abend and Auto Restart After Abend Delay Time
parameters are in the Error Handling category.
All parameters can be set in the STARTUP.NCF file.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Because the server responds to the abend automatically, you might not know
when an abend has occurred. Therefore, you should periodically check the
ABEND.LOG file or the Profiling and Debug Information screen in NetWare
Remote Manager (look for Suspended by Abend Recovery status).
Insufficient Packet Receive Buffers, No ECB Available Count Errors

The ECB (event control block) counter is incremented when a device sends a
packet to your NetWare server but no packet receive buffer is available. This
mean a packet has been dropped by the server.
The server allocates more packet receive buffers after each incident until it
reaches its maximum limit (Maximum Packet Receiver Buffer setting).
If you are using an EISA busmaster board (such as the NE3200TM board), you
will probably need to increase both the minimum and maximum number of
packet receive buffers.
For procedures on setting the Minimum Packet Receive Buffers and
Maximum Packet Receive Buffers parameters, see SET > Communications
Parameters in Utilities Reference.
No ECB Available Count messages can also indicate that the driver is not
configured correctly or that the Topology Specific Module (TSM) and the
Hardware Specific Module (HSM) are incompatible. This value is maintained
by the TSM.NLM program.
If the ECB count is increasing and all the packet receive buffers are in use,
take a coredump (see Creating a Core Dump on page 112) and contact
Novell technical support.
Resolving Slow Server Response

To diagnose slow server response problems, identify whether the following
conditions exist:
The workstation network board is slow or faulty.
Network cabling is faulty.
The server network board is slow or faulty.
Too many users are using the network.
The server hard disk is slow or faulty.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The server is low on memory.

The volume has too many deleted files that have not been purged.
Network traffic is extremely high.
The cabling system is experiencing too much interference.
Insufficient directory buffers, cache buffers, or packet receive buffers
have been allocated.
An EISA controller board needs to be configured to use interrupts.
To resolve slow server response problems, perform the following actions:
If a workstation or the server seems slow, insert a new network board into
the slow computer to check performance. If the speed is still below
normal, reinstall the original network board and then replace the cable
attaching the workstation or server to the network.
Check the status of packet receive buffers and service processes.
Compare their values to the maximum allowable values.
To check the health of these values, use NetWare Remote Manager. Click
the Health Monitor link in the navigation frame. Click the links for the
Allocated Server Processes, Available Server Processes, and Packet
Receive Buffers on the Server Health Monitoring page.
Packet receive buffers are used to transmit and receive packets. If the
number of Pack Receive Buffers is increasing, the server operating
system will be sluggish. If the number of Packet Receive Buffers reaches
the maximum and no ECBs are available, the system will become very
sluggish and might not recover.
If the current server process are approaching the maximum, you should
consider increasing the Maximum Server Processes SET parameter
value. If you have only a few available server processes, your server is
probably very busy. You might consider increasing the Minimum and
Maximum Server Process SET Parameter.
To change the values for these parameters, access NetWare Remote
Manager. Click the Set Parameter link in the navigation frame. On the Set
Parameter Categories page, click the following:
Communications link > Current Value link for Minimum Packet
Receive Buffers
Communications link > Current Value link for Maximum Packet
Receive Buffers

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Miscellaneous link > Current Value link for Minimum Service

Processes
Miscellaneous link > Current Value link for Maximum Service
Processes
You can also use MONITOR or the SET commands at the server console.
Check the Hot FixTM status of all hard disks that use the Traditional file
system. To view these status,
Access Monitor.
From the Available Options menu, click Storage Devices.
Verify that all mirrored disks are still mirrored by entering the following
MIRROR STATUS
Purge deleted files.
Access NetWare Remote Manager.
Click the Volumes link in the navigation frame.
Click the Volume Information icon next the volume you want to
delete files on.
Click the Purge Deleted Files button.
You can also set the Purge attribute on files you want to be purged.
Check the LAN driver statistics.
Click the Disk / LAN Adapters link in the navigation frame.
Click the Network Adapter Info link for each network board on the
Hardware Adapters page.
If you are using more than one network board in the server, compare the
boards Total Packets Transmitted statistics. If one board is receiving
most of the traffic, recable the network so that the boards have equal
loads.
Check the CPU usage.
Click the Profile/Debug link in the navigation frame.
Click the Profile CPU Execution by NLM link and look for unusually
high CPU usage.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Check the cabling for interference from fluorescent lights, microwaves,

radar, X-rays, and copy machines. Either move the cable or shield it from
the source of interference.
Take a sniffer or LAN trace of the problem and analyize it.
As a last resort, perform a core dump (see Creating a Core Dump on
page 112) and contact a Novell Support technician.
Server Console Hangs

If the server console locks up so that you cannot enter commands, but there is
no abend message on the System Console or Logger screen, follow these steps
to troubleshoot the problem. If there is an abend message on the screen, see
Resolving Abends on page 116.
1 Verify whether you can toggle among console screens.
If yes, the problem might be caused by high server utilization. See High
Utilization Statistics on page 125. If no, continue with the following
steps.
2 Verify whether the server console hangs when you unload a specific
NLM.
If yes, the NLM is probably the source of the problem. Contact the NLM
vendor.
3 Make sure you are using the latest disk and LAN drivers, BIOS, and
firmware.
If not, update disk and LAN drivers. For information on NetWare drivers,
see Keeping Your Servers Patched on page 106.
4 Verify whether the server console hangs after you mounted the last
volume.
If yes, the network board might not be seated correctly or might not be
configured correctly. Check the board and its configuration and correct
any problems.
5 Verify whether you can you break into the debugger by pressing
Shift+Shift+Alt+Esc on the system console keyboard.

6 If the console is locked, you cant toggle among screens and you cant
enter the debugger, contact Novell Technical Support or your computer

vendor to learn how to generate a nonmaskable interrupt to shut down the
server.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If the problem still occurs, follow the troubleshooting steps in Using a

Troubleshooting Methodology on page 105; search the Novell
Knowledgebase (http://support.novell.com/search/kb_index.jsp); and contact
a Novell Support Provider.
High Utilization Statistics

Network performance is a key concern for network administrators and for
Novell as well. Unfortunately, sometimes there is confusion about
performance indicators and what their statistics mean.
For example, the idea that processor utilization is the key performance
indicator for NetWare is much too simple. Some network administrators are
concerned when the CPU Utilization health status in NetWare Remote
Manager or the Utilization value in MONITORs General Information screen
approaches 100%, on the assumption that the higher the percentage, the worse
NetWares performance is. This is entirely false.
What Is Normal?
Consider first what the Utilization value represents: the average of the servers
total processing capacity that was used during the last second (update
interval). The remainder of the capacity was spent in the idle loop process. In
other words, it is an indication of how much of that time the processor had
something to do. A high utilization value means that NetWare is using that
percentage of the processors capacity and wastes less time doing nothing.
Some processes make efficient use of the processor and as a result might cause
100% utilization. This type of utilization is entirely appropriate. Most of the
time, when utilization moves up to 100%, it means that the thread is using the
processor efficiently. It might stay at 100% for a couple of minutes; this is
normal.
It is not normal, however, when the utilization is at 100% for 15 to 20 minutes
or more, when connections are dropped, or when server performance
deteriorates noticeably. High utilization with these conditions indicates a
problem. If youre not seeing these conditions, your utilization might be
normal, even when its at 100%.
How do you know what is normal for your server? You will recognize
problems if you baseline your server. Know what is normal and know the
difference between a cosmetic problem and a true performance problem. (You
can test for a cosmetic problem by loading or unloading any NLM; this will
cause the processor information to be recalculated.)

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
What Are the Most Common Solutions?
Before troubleshooting high utilization problems, make sure that you have
followed the steps in Using a Troubleshooting Methodology on page 105.
Check the Novell Support Connection Web site (http://support.novell.com)
for NetWare patches or updated NLM programs. Available patches will
contain fixes for reported high utilization problems related to the actual code
of the operating system and eDirectory.
However, a number of high utilization conditions can still result from
problems with configuration, levels of NLM programs, and tuning issues.
One of the first things you might want to do is discover the NLM program and
threads that are using the CPU. To do this, complete the following steps:
1 Access NetWare Remote Manager.
2 Click the Profile/Debug link in the navigation frame.
3 Click the Profile CPU Execution by NLM link.
4 Note the parent NLM program and threads that are taking the longest
execution time.
5 If possible, unload the offending NLM program to see if the problem
disappears.
You can also use the following list of issues to help you resolve problems.
The items in the list are categorized, but are otherwise in no particular order.
The list represents the collective experience of Novell Support
representatives. We recommend that you review each item, using each to
carefully analyze your system. Except for problems new to NetWare 6, you
will be able to resolve the problem on your own in almost every case.
Operating System Issues
Storage Device Issues
Memory Issues
Novell eDirectory Issues
Client Issues

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Operating System Issues
Server resources. Server resources can be divided into LAN, disk, and
processor resources. LAN and disk resources are the number of buffers
available. Processor resources are the number of service processes
available. When a network packet arrives or when a disk read or write is
performed, a buffer should be available to hold the data until a service
process is available to service it. Running low on either buffers or service
processes for even a brief period can cause high utilization on the server
and delay for the users.
To understand how server parameters work together to control the
allocation of server resources, see Monitoring Allocated Services on
page 86.
For the procedure to configure the allocation of packet receive buffers
(communication buffers), see Increasing Maximum and Minimum Packet
Receive Buffers in the Server Communications Administration Guide and
SET > Communications Parameters in Utilities Reference for parameter
descriptions.
For information on controlling the allocation of directory cache, see
Tuning Directory Cache for the Traditional File System in the Server
Memory Administration Guide and SET > Directory Caching Parameters
for the Traditional File System in Utilities Reference.
For setting up and tunning cache buffers in the NSS file system, see
Setting the Cache Buffers in the Novell Storage Services Administration
Guide.
For parameter descriptions, see also the service processes parameters in
SET > Miscellaneous Parameters in Utilities Reference.
We suggest that the server parameters in the following table be set as
indicated to avoid running low on server resources. This is especially
important if you have 100 or more users. To change the following
parameters, you can use NetWare Remote Manager at the workstation or
SET or MONITOR at the server console.
In NetWare Remote Manager, click the Set Parameters link in the
navigation frame > Category > current value for parameter. Enter the
new value and then click OK.
In MONITOR, from the Available Options menu, select server
Parameters > Category > current_value_for_parameter and then press
Enter. Enter the new value, and then do applicable action.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Category
SET Parameter Name and Value
Communications
Minimum Packet Receive

Buffers=value
Recommended value is 2 to 3 per
connection.
Communications
Maximum Packet Receive

Buffers=4000
Traditional File System
Minimum Directory Cache

Buffers=value
Recommended value is 2 to 3 per
connection.
Maximum Directory Cache

Buffers=4000
Miscellaneous
Maximum Service Processes=1000
Miscellaneous
New Service Process Wait

Time=0.3
Processor hog. Determine whether one thread is hogging the processor.

In NetWare Remote Manager, click Profile / Debug link in the navigation
frame. View the data in the Execution Profile Data by Thread table.
In MONITOR, from the Available Options menu, select Kernel Options
> Threads, and then press Enter.
You can set the CPU Hog Timeout Amount to a value lower than the
default. Specify the amount of time in seconds to wait before terminating
a thread that has not relinquished control of the processor. See SET >
Miscellaneous Parameters in Utilities Reference.
IMPORTANT: Use caution when changing this value. You must understand the
impact of what you are changing.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Storage Devices and Adapter Issues
Drivers. See Keeping Your Servers Patched on page 106. For a brief
explanation of NetWare Peripheral Architecture (NWPA), see Drivers for
Host Adapters and Storage Devices in NetWare Server Disks and Storage
Devices Administration Guide.
Free blocks. When using the traditional file system, adequate free blocks
are essential. A free block is a disk block that has no salvageable files
stored there. A file that has been both deleted and purged becomes free
space. Maintain a minimum of 1000 free blocks on each NetWare volume
that has suballocation enabled.
Suballocation, normally a low priority process, uses free blocks to
perform its function. When free blocks are low, suballocation can go into
an aggressive mode. Maintaining over 1000 free blocks will usually
avoid this problem.
To check how many free blocks you have on a volume, do either of the
following:
In NetWare Remote Manager, click Volumes in the navigation frame,
then click the Volume Information icon.
In MONITOR, from the Available Options menu, select Volumes >
the specific volume. Press Tab to view the free blocks information on
the Volume Information screen.
If there are not at least 1000 free blocks on the volume, access NetWare
Remote Manager, click Volumes in the navigation frame, click the
Volume Information icon for the applicable volume, and then click the
Purge Deleted Files button.
This removes all deleted files from the directories and subdirectories and
increases your free disk space.
If you have applications that create large numbers of temporary, files you
might want to set the P (Purge) flag on the directories where these files
are stored. Every temporary file that is created will be put on the deleted
file list. These files are kept on the disk until PURGE is run. You could
also run SET Immediate Purge of Deleted Files=On at the System
Console prompt.
Suballocation. The traditional file system uses a disk block size of 64
KB. It is very important to monitor the disk space. Novell Technical
Support recommends keeping 10% to 20% of the volume space free to

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
avoid suballocation problems. Suballocation does not have any server

parameters to adjust.
To view disk space usage with NetWare Remote Manager, click the
Health Monitor link in the navigation frame and then the Available Disk
Space link on the Server Health Monitoring page. Print the Volume
Information page for your records.
Compression. When using compression in the NSS file system, see the
following procedures, Other NSS Commands in the Novell Storage
When using compression with the Traditional file system, it is essential
to have the server patched. Because it takes processor cycles to compress
and decompress files, compression needs to be monitored carefully to
avoid utilization problems. The default SET File Parameters for the
Traditional File System for compression takes this into consideration.
For example, file compression is set by default to occur during off-hours
or periods of low server usage. Make sure that change have not been made
that are causing high utilization problems.
File decompression occurs on the fly. However, a very large file, such as
100 MB, can take a noticeable amount of time even with a Pentium*
processor.
SET Deleted Files Compression Option=2 causes the immediate
compression of files that have been deleted. This can cause high
utilization because the processor immediately compresses files upon their
deletion.
Directories that are flagged IC (Immediate Compression) can cause
excessive decompression during work hours. Users with disk space
restrictions might flag their home directories to IC in an attempt to save
disk space. This can affect server performance.
To ensure that frequently used files are not compressed, you can specify
an appropriate value for the SET Days Untouched Before Compression
parameter.
To proactively eliminate compression as a possible problem, use SET
Enable File Compression=Off parameter (Common File System
category). This will cause files to be queued for compression but the files
will not be compressed. However, accessing compressed files causes
them to be decompressed.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Memory Issues
Insufficient RAM. Memory resources are critical in a server

environment.
To view buffer cache statistics for the NSS file system, enter the
following command at the System Console prompt:
NSS CACHESTATS
The best indicator for assessing server RAM in a traditional file system is
displayed in the following ways:
In NetWare Remote Manager, click the View Memory Config link in
the navigation frame and then Traditional File System Cache
Statistics link, and view the LRU Sitting Time.
In MONITOR, from the Available Options menu, select Disk Cache
Utilization and view the LRU Sitting Time.
The value of this field should be a minimum of 15 to 20 minutes. A
number lower than this indicates that the servers memory resources
might be low. Another good indicator, Long Term Cache Hits, is
displayed on the same page or screen in either utility.
Also see Resolving Server Memory Problems on page 136.
Novell eDirectory Issues
eDirectory partitions. We recommend having no more than three

replicas of each partition in the tree. Efficient tree design is essential to
avoid utilization problems. Because Novell eDirectoryTM needs to
maintain synchronization among all servers in the replica ring, the more
replicas there are of any partition, the more traffic will be on the wire.
Three replicas are enough to provide fault tolerance and to allow for
eDirectory if a database were to become corrupt.
eDirectory synchronization. To test the possibility that eDirectory
synchronization is the problem, turn off inbound and outbound
synchronization for an hour by setting dstrace=!D60.
After turning synchronization off, wait 5 to 15 minutes to allow the server
to catch up with queued work. Cancel the test by setting dstrace=!E.
eDirectory errors. To test for other errors, run SET dstrace=On.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Client Issues
Hung connections. Check for them and clear them. See Clearing a
Workstation Connection on page 92.
Client software. You can identify client problems by changing SET NCP
SET parameter. For more information, see NCP Parameters in Utilities
Reference.
By setting these server parameters to On, the server displays a warning
each time a bad packet is received at the server. The warning message also
includes the MAC (Media Access Control) addresses of devices where
the packets originated.
These parameters are in the NCP category:
Display NCP Bad Component Warnings=On
Reject NCP Packets With Bad Components=On
Display NCP Bad Length Warnings=On
Reject NCP Packets With Bad Length=On
Update client software.
Cabling. If you have installed high-speed 100 MB network boards, you
might need to upgrade your cabling, too.
Troubleshooting Methodology on page 105; review tips in TID 10011512
Troubleshooting High Utilization (http://support.novell.com/cgi-bin/
search/searchtid.cgi?/10011512.htm); search the Novell Knowledgebase
(http://support.novell.com/search/kb_index.jsp) for High Utilization; and
contact a Novell Support Provider.
Disk Errors
To resolve disk I/O, disk space, and mirroring problems, see the following
sections:
Resolving General Server Disk I/O Errors on page 133
Resolving Server Disk Space Problems on page 133
Mirrored Partitions Do Not Remirror Automatically on page 134
Mirroring Takes a Long Time on page 134
Mirroring Stops Just Before It Is Finished on page 135

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Resolving General Server Disk I/O Errors
To resolve a general disk I/O error on the server, try one or more of the
following remedies:
Check the disk subsystems to make sure that the power is on and the
cables are correctly connected between the controller and the subsystems.
Make sure that the subsystem cables are terminated correctly.
Make sure that the hardware and disks are installed correctly.
Make sure that the current disk drivers loaded are certified for NetWare 6.
Many drivers can be found on the NetWare 6 Operating System CD or on
the master diskettes. Updated drivers might also be available from thirdparty disk driver manufacturers.
Make sure that the interrupt parameters, I/O port settings, slot settings,
etc., for the driver match those for the hardware. Also, make sure that the
custom parameters have been set correctly for your hardware.
Make sure all devices are recognized.
Make sure that the device is visible and has a valid Hot Fix partition.
If you have tried all the preceding suggestions without success, contact your
Novell Support Provider or the drive manufacturer.
Resolving Server Disk Space Problems
To resolve an insufficient disk space error, do one or more of the following:

Delete unnecessary files and directories from the volume.
Change the Minimum File Delete Wait Time SET parameter in your
servers AUTOEXEC.NCF file equal to 0 so that files can be removed
immediately rather than being retained in a salvageable state on the
volume.
Purge deleted files if they cannot be purged automatically. (The deleted
files are using up directory table space.)
Increase the volume size and/or add more disks to the volume.
Increase the percentage of disk space that can be used by a directory.
If the disk or volume does have space available, check the disk drives and
disk channel to see if a failure has occurred.
Delete NLM programs that you no longer use.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Check and adjust or remove any volume restrictions placed upon users.
Check the size of error or log files and delete any that are unnecessary.
Mirrored Partitions Do Not Remirror Automatically
When mirrored partitions become unsynchronized, they should resynchronize

automatically. If partitions do not resynchronize, complete the following
steps:
1 In ConsoleOne, browse and select the tree you want to manage, and then
click the Partition Disk Management icon.

2 Enter the eDirectory tree and context and server information.
3 Click Properties > Media > Mirror > Resync.
4 If the partitions still do not resynchronize, you must re-create the mirrored
set.
4a Determine which disk partition has the data you want to save and
mirror.
4b Delete the other disk partitions.
4c Recreate new partitions in place of the ones you deleted.
4d Mirror the partition containing data to the new partitions.
For information about mirroring, see Creating a Partition in the Novell

Troubleshooting Methodology on page 105, search the Novell
Knowledgebase (http://support.novell.com/search/kb_index.jsp), and contact
Mirroring Takes a Long Time
If partitions are very large, mirroring can sometimes take several hours to
complete; this is normal. The following might help to speed the mirroring
process:
Make sure you are using the latest disk drivers.
Make sure there are no problems related with the hard disks or drivers you
are using.
For known problems with specific hard disks or drivers, contact the drive
vendor to ask if there are ways to speed drive mirroring. For example,

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
some drivers can be loaded with parameters that speed the mirroring
process.
Make sure the Enable Disk Read After Write Verify (Disk category) SET
parameter is set to Off.
Most disk drives provide their own form of read-after-write verification;
therefore, NetWares read-after-write-verify feature is not needed and can
increase the time required to mirror partitions.
If the Maximum Concurrent Disk Cache Writes (Traditional File System
category) parameter is set at the default value or lower, try increasing the
setting.
IMPORTANT: Increasing the value too much can cause some disk controllers or
drivers to fail. You must experiment to see if a larger value speeds the mirroring
process.

Mirroring Stops Just Before It Is Finished
Sometimes, the mirroring process proceeds without error but stops at 99%
completion. To troubleshoot the problem, do the following:
Check whether any faulty disk blocks exist.
If there are faulty disk blocks, troubleshoot and replace the disk if
necessary.
Make sure you are using the latest disk drivers.
Make sure there are no problems related with the hard disks or drivers you
are using.
For known problems with specific hard disks or drivers, contact the drive
vendor.
If the Maximum Concurrent Disk Cache Writes (Traditional File System
category) parameter is set at its highest value, try reducing the setting.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Resolving Disk Error Problems When a Traditional Volume Is Mounting
To diagnose problems when disk errors occur while a Traditional volume is

mounting, identify whether the following conditions exist:
The operating system is experiencing directory sector mismatching. This
mismatching can be caused if the media is defective or if the server is
turned off without the DOWN command.
To resolve problems when disk errors while a volume is mounting, do the
following:
Load MONITOR and check the status of the available cache buffers. If
the cache buffers are fewer than 20%, add more memory to your server.
Minor errors usually correct themselves through normal network use. For
example, if a FAT entry is wrong, the entry is updated and corrected the
next time it is written to. If errors do not correct themselves, run
VREPAIR.
Some problems might be corrected automatically by TTSTM (Transaction
Tracking SystemTM) software.
Resolving Server Memory Problems

To troubleshoot different kinds of server memory problems, to resolve
memory leaks, and to resolve memory problems by freeing memory, see the
following sections:
NetWare Doesnt Recognize All the Memory in the Server on page 137
Server Displays Memory Error Messages on page 141
Resolving Server Memory Leaks on page 137
Freeing Server Memory Temporarily on page 139
Resolving Memory Errors When a Traditional Volume Is Mounting on
page 140

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NetWare Doesnt Recognize All the Memory in the Server
Use the following steps to find the source of the problem.

1 Verify whether you are using the NetWare memory manager or an
external memory manager. Does CONFIG.SYS or AUTOEXEC.BAT

include a DOS=HIGH statement or commands to load memory managers
or DOS device drivers? For example, is there a command to load
HIMEM.SYS or EMM386.EXE? Both are memory managers.
Comment out these statements from CONFIG.SYS or delete
CONFIG.SYS altogether. Comment out these statements from
AUTOEXEC.BAT. (To comment out a command, type REM and a space
at the beginning of the command line.)
If there is a memory manager in the server, NetWare relies upon the
memory manager to determine the amount of available memory instead
of registering the memory itself. Some memory managers in older
computers cannot recognize more than 64 MB of memory. DOS device
drivers take memory away from NetWares memory pool.
Make sure Windows 95 is not being used to boot the server. Windows 95
autoloads memory managers.
2 Make sure the server BIOS is current.
An out-of-date BIOS might be reporting the wrong amount of memory. If

a newer version is available, update the BIOS.
Resolving Server Memory Leaks
A memory leak means that an NLM or set of NLM programs has requested
memory from the server, but has not returned the memory when finished with
it. Over time, the amount of available memory decreases until eventually the
server generates memory error messages. The memory leak might be slow or
fast depending on the amount of memory requested each time.
If you reboot the server, the memory is returned to the memory pool, and the
low memory error messages stop temporarily, until the memory leak ties up
enough memory to generate the error messages again.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
To see if the server has a memory leak, restart the server and then monitor
memory statistics (Total Cache Buffers) over time. When traffic hasnt
increased and no new applications are installed on the server and the statistics
change, use the following steps to find the source of the problem.
1 Load all the latest patches on the server.
Server patches are available from Novells Support Web Site (http://
support.novell.com/misc/patlst.htm) and other locations. See Applying
Patches on page 34 for a list of sources.
2 Restart the server to free memory and establish a baseline for memory
use.
3 View the memory statistics for the module:
3a Access NetWare Remote Manager.
3b Click the List Modules in the navigation frame.
3c Sort the list for memory usage by clicking the Alloc Memory button.
3d Click the value link for allocated memory for each module name you
suspect might be the source of the leak.

Under normal conditions, modules such as SERVER.NLM,
NSS.NLM and DS.NLM are usually at the top of the list.
3e Print this page and use it as a the baseline as you monitor the
modules memory use over time.

4 Repeat Step 3 for each NLM you suspect might be the source of a memory
leak.
5 (Conditional) If the memory error messages occur again, repeat Step 3 to
view the memory statistics for each suspected NLM. Note whether
memory use increased substantially for any of the modules.
If there is a memory leak, one or more modules will show a large increase
in the Bytes in Use value.
6 When you discover the source of the memory leak, contact the module
vendor to tell them about the problem. If possible, update the module or
remove the module from the server.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Freeing Server Memory Temporarily
To free server memory temporarily (until you can add more memory to the
server), do one or more of the following:
On traditional volumes, delete unused files and directories and purge
them.
Shorten the time period before deleted files are purged.
Lower the value of the Minimum File Delete Wait Time SET
parameter (Common File System category).
Change the setting to On for the Immediate Purge of Deleted Files
SET parameter (Common File System category).
Unload any NLM, such as NWCONFIG, MONITOR, backup software,
virus scanners, that is not currently needed.
Dismount traditional volumes that are not being used and reduce the size
or number of volumes that the server supports.
Streamline the directory structure. Every subdirectory in the Traditional
file system takes at least one directory block (by default, a 4 KB block of
memory). Therefore, subdirectories with only one file require as much
memory as directories with 32 files.
If you combine directories so that most directories have about 32 files,
and then purge the deleted subdirectories and files, you will free up
memory.
Try converting volumes from the Traditional file system to the NSS file
system. It requires less memory to mount NSS volumes. For procedures,
see Converting Traditional Volumes to Logical Volumes in the Novell
If you are using the Traditional file system, remove name space support.
Have all users log out, and then unload all modules except the volumes
disk drivers. Dismount any mounted volumes.
To remove the name space, load VREPAIR, select Set VRepair Options
and then select two options: Write All Directory and FAT Entries Out to
Disk and Remove Name Space Support from the Volume. Then run
VREPAIR > Repair a Volume on the volume that would not mount.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
As a last resort, back up all files in the volume, bring down the server, and
reinitialize the volume. Specify a block size of 64 KB and turn the Block
Suballocation option to Off.
(This setting uses a lot of disk space but increases the amount of memory
available.)
Check the AUTOEXEC.BAT and CONFIG.SYS files to make sure no
loaded and that there is no DOS=HIGH statement in either file. Make sure
no DOS device drivers are being loaded.
On NSS volumes, monitor and adjust the cache statistics. For more
information, see Setting the Cache Buffers in the Novell Storage Services
Resolving Memory Errors When a Traditional Volume Is Mounting
To diagnose problems when memory errors while a volume is mounting,

identify whether the following conditions exist:
Traditional volumes take more memory to mount than they require after
being mounted because the mounting process performs consistency
checks (for example, the duplicate copies of all the tables are checked).
Traditional volumes and directory entries grow dynamically. Therefore,
if your server is using most of the RAM (file cache buffers are close to
20% of the memory) and you dismount a volume, you might not be able
to remount the volume unless additional memory is available.
Each additional name space support that you add to a Traditional volume
increases the size of the FATs and DETs. Adding name space support can
cause the tables to grow so large that the server does not have enough
RAM to mount the volume.
To resolve problems when memory errors while a volume is mounting,
perform the following actions or ensure that the following conditions exist:
Check the status of the available cache buffers. If the cache buffers are
fewer than 20%, add more RAM to your server.
Free up memory by unloading resources.
Streamline the directory structure on Traditional volumes. Every
subdirectory takes at least one directory block (by default, a 4 KB block
of memory). Thus, subdirectories with only one file require as much
memory as directories with 32 files.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If you combine directories so that most directories have about 32 files,

and then purge the deleted subdirectories and files, you will free up
memory.
Calculate how much memory you need and add memory to the server.
Note the Cache Buffers settings in the Server Memory Statistics.
If the percentage is below 20%, add more memory.
Remove the recently added name space support.
Have all users log out, and then unload all modules except the servers
disk drivers. Dismount any mounted volumes.
To remove the name space, load VREPAIR, select Set VRepair Options
and select two options: Write All Directory and FAT Entries Out to Disk
and Remove Name Space Support from the Volume. Then on the volume
that would not mount, run VREPAIR, select Repair a Volume.
Server Displays Memory Error Messages
Typical memory error messages include the following:

Cache memory allocator out of available memory
Cache memory allocator out of available memory, size requested was x
bites by NLM_name.
Short term memory allocator is out of memory
Cache memory allocator exceeded the minimum cache buffer limit
If any of these conditions exist, use the following steps to find the source of
the problem:
1 Make sure the server is not loading a memory manager or a DOS device
drivers.
Check the AUTOEXE.BAT and CONFIG.SYS files to make sure no
loaded, and that there is no DOS=HIGH statement in either file. Make
sure no DOS device drivers are being loaded.
Comment out these statements from CONFIG.SYS or delete
CONFIG.SYS altogether. Comment out these statements from

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
AUTOEXEC.BAT. (To comment out a command, type REM and a space

at the beginning of the command line.)
If there is a memory manager in the server, NetWare relies upon the
memory manager to determine the amount of available memory instead
of registering the memory itself. Some memory managers cannot
recognize more than 64 MB of memory. DOS device drivers take memory
away from NetWares memory pool.
Make sure Windows 95 is not being used to boot the server. Windows 95
autoloads memory managers.
2 Make sure the server BIOS is current.
An out-of-date BIOS might be reporting the wrong amount of memory.

Update the BIOS if a newer version is available.
3 Verify that the setting for the Reserved Buffers Below 16 MB SET
parameter (Memory category) is set at 300 or higher.

For older drivers, increase the value to 300 or higher, especially if there
is a CD-ROM or tape device that needs memory below 16 MB.
4 Make sure memory is being registered automatically.
Manually registering memory can cause memory fragmentation. Some

old system boards might require you to register memory manually, but the
better solution is to upgrade to a newer board so that NetWare will register
the memory automatically.
If memory has been registered manually, reboot the server to free memory
and do not manually register memory again. Upgrade the system board if
necessary.
5 Verify whether memory errors occur when a traditional volume is
mounting.
If yes, the server might be low on memory.
To free memory temporarily, see Freeing Server Memory Temporarily
on page 139. To solve the problem, add more RAM.
6 Verify whether the LRU sitting time (in NetWare Remote Manager or
MONITOR), average is more than 15 minutes during peak work hours.

If no, the server might be low on memory.
To free memory temporarily, see Freeing Server Memory Temporarily
on page 139. To use the LRU Sitting Time to tune memory, see Tuning

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
File Cache in the Server Memory Administration Guide. To solve the

problem, add more RAM.
7 Check for memory leaks.
Do the LRU Sitting Time and Long Term Cache Hits gradually decline
over time, even when network traffic has not increased and no new
applications have been installed on the server?
If yes, the server might have a memory leak. See Resolving Server
Memory Leaks on page 137.
Resolving Locked Device Errors

To resolve a locked device error, try one or more of the following:
Wait for a while (sometimes a few hours); the task in process might
complete and free the device.
Retry the action that resulted in the error.
Delete all user connections and disable logins.
For a disk device error, unload NLM programs (other than the device
driver) that might be using the disk. Dismount all volumes on the disk.
If you have tried all of the above without success, contact a Novell Support
Provider or the drive manufacturer.
Resolving Event Control Block Allocation Errors

Event control block allocation system messages can occur when you first start
the server or after the server has been running for some time.
These messages indicate that the server was unable to acquire sufficient
packet receive buffers, usually called event control blocks (ECBs). Running
out of ECBs is not a fatal condition. However, it can indicate either a LAN or
server problem.
Servers that run for several days where high loads occur in peaks might exceed
the set maximum number of ECBs, causing the system to generate ECB
system messages.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If these situations are caused by occasional peaks in the memory demand, you
should probably maintain your current maximum ECB allocation and allow
the message to be generated at those times.
Otherwise, if your server memory load is very high and you receive frequent
ECB allocation errors, try setting your maximum ECB allocation higher. Use
the following SET command in the STARTUP.NCF file:
SET MAXIMUM PACKET RECEIVE BUFFERS=number
Memory allocated for ECBs cannot be used for other purposes.

The minimum number of buffers available for the server can also be set in the
STARTUP.NCF file with the following command:
SET MINIMUM PACKET RECEIVE BUFFERS=number
Resolving Server Console Command Problems

To diagnose server console command problems, identify whether the
Some SET parameters can only be set in the STARTUP.NCF file.
You are not at the System Console screen prompt. Press Alt+Esc to toggle
through the screens.
The server has been shut down.
The server has failed (hung).
The SERVER.EXE file is corrupted.
The network operating system has been configured incorrectly.
To resolve server console command problems, do the following:
Enter the SET parameter in the STARTUP.NCF file and then shut down
and restart the server.
Make sure that all cables are fastened securely to all network boards and
network connectors. Make sure that terminating resistors are installed
correctly.
From a backup, or from the NetWare 6 Operating System CD, copy a new
version of SERVER.EXE to the server boot directory. Have all users close
their files and log out.
Shut down the server, if possible. If not, wait a few minutes after all users
have logged out, and then reboot the server.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Check the hardware configuration on each network board in the server to

make sure that the configuration is correct.
If you recorded network board configurations and they do not agree with
the actual hardware configurations, reload the LAN driver with the
correct parameters or change the hardware settings to match the LAN
driver parameters.
Check all network board settings for possible interrupt and I/O port
conflicts. The server can boot up initially even if the interrupt on a
network board is set incorrectly.
The most common conflict occurs when a network board is set to
interrupt 4 and a printer is connected to the servers serial port, which also
uses interrupt 4.
Run a virus scan on the DOS partition.
Resolving Keyboard Locking Problems When Copying Files from

CD-ROM
To diagnose keyboard locking problems when copying files from CD-ROM,
identify whether the following conditions exist.
If you have a CD-ROM device that shares a SCSI bus with a disk subsystem
containing volumes that network operating system installation files are copied
to (typically volume SYS:), your keyboard might lock while loading drivers
or copying files to the volume. The following figure shows possible
configuration conflicts.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
SCSI
board

!
1
2
3

Remove the CD-ROM device drivers that you used to set up the CD-ROM
drive as a DOS device from your CONFIG.SYS file. This will avoid possible
conflicts when the Operating System CD is mounted as a NetWare volume.
To resolve keyboard locking problems when copying files from the CD, use
the following procedure:
1 Press Alt+Esc until you are at the console prompt.
2 Enter DOWN.
3 Using a text editor, remove the CD-ROM device drivers from your
CONFIG.SYS file.
4 Save the updated CONFIG.SYS file.
5 Using a text editor, remove any references to the CD-ROM drivers from
your AUTOEXEC.BAT file.

6 Save the updated AUTOEXEC.BAT file.
7 Reboot the server by pressing Ctrl+Alt+Del.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
8 (Conditional) If the server doesnt boot automatically from the
AUTOEXEC.BAT file, change to the subdirectory where the

SERVER.EXE file and other boot files are located (the default is
C:\NWSERVER), and enter the following at the DOS prompt:
SERVER
9 (Conditional) If you are using ASPI device drivers (for example, for an
Adaptec* controller), you need to enter one of the following commands:

AHAxxxx
where xxxx specifies the Adaptec board number

or
ASPICD
or
CDNASPI
10 At the console prompt, enter NWPA.

11 (Optional) At the console prompt, enter CD DEVICE LIST.
A list appears with numbers associated with all the devices on your
network. Determine which number is the volume number.
12 At the console prompt, enter
CD9660.NSS
CD MOUNT volume_name|number
13 At the console prompt, enter NWCONFIG.
Monitoring and Resolving Communication Problems

Problems that occur with networking can originate for any of several reasons:
corrupted hardware or software, bad links, not enough memory, etc.
The following are tips for solving network communication problems.
Check all hubs and repeaters to make sure that they are on.
Check concentrators and look for flashing yellow lights that indicate
collisions.
Make sure that all routers are functioning properly and have enough
memory. A router with insufficient memory becomes the weak link in the
chain and can slow down an entire LAN.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Check the cables for proper termination. Make sure that cables are not
running close to sources of interference.
Make sure that the server network board is seated properly and is
initializing.
Make sure that a protocol is bound to each board and check the
configuration of the network boards. Then shut down the server, turn off
the power, and check the actual network board settings:
Make sure that all settings agree with the settings used to load the
driver. If you load the driver with an interrupt that conflicts with the
boards setting, the network board cannot broadcast on the network.
Make sure that the node address on the board is a legal address.
(Addresses 0 and FFFFFFFFFFFF are reserved; do not use them.)
Make sure that the memory range for the I/O ports and memory
addresses do not overlap. If there are conflicts, reconfigure the
equipment so that no conflicts exist.
Make sure that network boards do not conflict with other boards, the
monitor board, or ports in the server. Make sure that no two pieces of
hardware are using the same I/O port, interrupt, or memory address.
Avoid interrupts 2, 9, and 15.
Make sure that the network board works correctly; replace it if it doesnt.
Check the lists of certified products at Novell Solutions Search (http://
developer.novell.com/solutions). In the Hardware Category, select LAN
adapters or WAN adapters to make sure that the adapter works with
NetWare. Make sure that drivers are the latest versions.
Run VOLUMES at the server console. If volume SYS: is not mounted,
mount it. The server does not broadcast to the network until volume SYS:
is mounted.
Check workstation addresses and server node numbers.
Each node address on the network should be unique. Sometimes you can
find the problem by turning off all workstations and then turning them
back on one at a time.
Make sure that workstations are using the correct frame type.
Have a user log in to the network from a workstation. In NetWare Remote
Manager, click the Connections link in the navigation frame.
If the Connections list shows the users login name, the server is receiving
and responding to the workstations request.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If the workstation receives a Server cannot be found error, make sure

that the server and workstation are using the same frame type.
If using 10baseT, try using a cross-cable to connect the server directly to
the workstation. If this solves the communication problem between the
server and workstation, then something on the network is causing the
problem.
Suspected Multiprocessing Problems

If you suspect a multiprocessing problem, complete the following steps. You
will be able to eliminate most probable causes.
1 Make sure the secondary processors are functioning properly.
If the server is already up, stop all processors except Processor 0. In

NetWare Remote Manager, click the Processor link in the navigation
frame. Click the Stop Processor link for each processor online except
processor 0. (Processor 0 cannot not be taken offline.)
If the server is down, bring up the server and then stop all processors.
If the problem still occurs, go to Step 2. If not, go to Step 4.
2 To verify that this is not an interrupt issue, remove the PSM. Then reboot
the server; only processor 0 will start.

The MPS14.PSM, CPQMPK.PSM or *.PSM in the STARTUP.NCF file
is the interrupt abstraction layer and communicates with the APIC
(Advanced Programmable Interrupt Controller) rather than the PIC for
interrupt handing in the machine.
If the problem still occurs, it not a multiprocessing issue. If it no longer
occurs, go to Step 3.
3 Make sure you have the latest machine updates (current ROM BIOS,
etc.).
If you confirm that your hardware is current and the problem still occurs,
its possible that you are using a new version that wasnt available at the
time NetWare 6 was released. Whatever is different about the hardware
requires a newer PSM to work with the machine.
HINT: Problems that occur only in a multiprocessing environments are not
necessarily MP problems. More likely, it is an issue with a piece that has been
loaded in an MP environment and that does not function properly.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
4 Gather information as explained in Using a Troubleshooting
Methodology on page 105. View the STARTUP.NCF and

AUTOEXEC.NCF to determine what software pieces are running. Check
with the software vendors and developers and tell them what steps you
have taken and give them enough information to duplicate the problem.
Unable to Communicate with Server, -625 Errors

Communication problems among servers can generate messages such as
Unable to Communicate with Server or messages that a directory partition
operation cant be completed. If DSTRACE is set to on, -625 errors appear in
the DSTRACE output because the directory cannot be synchronized among
the servers.
Use the following steps to troubleshoot server-to-server communication
problems.
1 Make sure the server is up and can been seen on the network.
If the server is down, restart it.

If the server has abended, troubleshoot the abend. See Resolving
Abends on page 116.
2 Make sure the servers time is synchronized to the network.
To see if server time is synchronized to the network, enter TIME at the

If time is not synchronized, troubleshoot the time synchronization
problem. For general information about time synchronization, see
Network Time Management Administration Guide.
3 Make sure the IPXTM internal network number of the server unique and
the IP addresses unique. Make sure all replicas have the correct address
for each server.
If all the servers in a replica ring cannot communicate with one of the
servers in the ring, there is probably an address problem.
Make sure all addresses are unique. Make sure all replicas have the
correct address for each server. Load DSREPAIR, select Advanced

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Options > Replica and Partition Operations > replica > Display Replica
Information.
4 Make sure all replicas have the correct server name.
Incorrect or duplicate server names in directory replicas make it

impossible to communicate with the server. Make sure all replicas have
the correct name for each server. Load DSREPAIR, select Advanced
Options > Replica and Partition Operations > replica > Display Replica
Information.
If names are not correct, contact a Novell Support Provider for assistance
in renaming servers.
5 If the servers share the same cabling system, make sure addresses are
unique for each cable segment.

If addresses are not unique, change addresses as necessary.
6 Make sure all LAN drivers are loaded and protocols are bound. Make sure
all LAN adapters and drivers are the latest versions.

Load and bind LAN drivers, if necessary. If drivers are not the latest
versions, update the drivers. In addition, search the Novell
Knowledgebase (http://support.novell.com/search/kb_index.jsp) for
known problems with specific adapters. Replace adapters if necessary.
7 Make sure the LAN is functioning.
Ping the servers to see if the connection is active. View LAN statistics
using NetWare Remote Manager or MONITOR to make sure packets are
being sent and received. Review statistics such as packets received and
sent, collisions, and retries.
If the LAN connection is malfunctioning, troubleshoot the physical link
between the servers. See Tips for Resolving General Communication
Problems on page 156.
8 Make sure the routers have enough memory to handle the increase in
packets.
If your servers have just been upgraded from NetWare 3, some routers
might not have enough memory to buffer the increase in packets from
NetWare 3 to NetWare 4, 5, or 6 servers. Make sure the routers have
enough memory.
9 Remove routing filters.
If the servers are using IPX and the routers are filtering SAP types 004,
26b, and 278 packets, remove the filters.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
10 If you are using IPX, reset the servers internal IPX router.
Use the RESET ROUTER command at the System Console prompt to

reset the servers internal IPX router. Troubleshoot other routers.
11 Make sure data can transfer over WAN links.
Are servers separated by 56 KB WAN links?
If yes, this could be the source of the problem. Consider the

following:
Is there a guaranteed transfer rate or does the rate decline when

network traffic is heavy? If the rate declines, the link might not
provide the performance you need to maintain consistent
communication.
Are you trying to transfer large files or an entire replica across the link?
You might be able to synchronize replicas across a 56 KB link, but not
transfer an entire replica.
Do the servers have to traverse more than one 56 KB link?
To solve the problem, you might need to provide faster links.
12 Make sure server utilization is not high.
Do the affected servers have utilization at or close to 100%?

If yes, take steps to reduce server utilization. See High Utilization
Statistics on page 125.
13 Make sure the eDirectory database is not locked.
If DSREPAIR is running, the eDirectory database will be locked. Other

applications might also lock the database while writing to it.
If the database is locked, wait for DSREPAIR or other modules to finish
using the database or shut down the utility or module.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Workstations Cant Communicate with Server

To troubleshoot different kinds of workstation to server problems, see the
following sections:
Errors Reading from and Writing to Network, Server Cannot Be Found
Errors on page 153.
Connections Dropped Periodically on page 156.
Tips for Resolving General Communication Problems on page 156.
Errors Reading from and Writing to Network, Server Cannot Be

Found Errors
When workstations cant communicate with the server, users lose their
connections to the server or cannot log in at all. Users might see Server Cannot
Be Found messages or errors about reading from or writing to the network.
Follow these steps to troubleshoot the problem.
1 Make sure other clients can connect to the server.
If other clients can connect to the server, then the problem is with this
client, not with the server or network. Consider the following:
If the user cannot log in, did the user power off without logging out?
If the user powers off without logging out, the client connection
remains open and the user cannot to log in again until the connection
is cleared. The servers watchdog process retries the connection a
designated number of times, and then the connection times out and
the server clears the connection. After the connection is cleared, the
user can log in again.
Watchdog processes are controlled by Watchdog (Communications
category) SET parameters.
Has the users password expired?

Sometimes users dont understand that they must change their
passwords before they use up their grace logins.
Are there other restrictions on the user account, such as time periods
when the user is not allowed to log in? Check the users properties.
Has intruder lockout been activated?
Is the workstation LAN cable functioning?

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
2 Check whether the server has had an abend.
If the server has had an abend, it displays an abend message on the System
Console screen. If the abend auto recovery process restarted the server,
the message might have scrolled off the screen. Check the ABEND.LOG
log file in SYS:SYSTEM to read the message.
To troubleshoot a server abend, see Resolving Abends on page 116. For
general information about types of server abends, see Understanding
What Happens When You Get an Abend on page 116. To manage the
abend auto recovery process, see Responding to the Abend
Automatically on page 120.
3 Verify whether the server console has hung.
If you cannot enter commands at the System Console prompt, then the
console is hung. In some cases, you wont be able to toggle among server
screens.
Try pressing Ctrl+Alt+Esc. This should display a prompt to shut down the
file server and exit to DOS. If the prompt is not displayed, try entering the
debugger by pressing Shift+Shift+Alt+Esc. If you can enter the debugger,
type q and press Enter to exit to DOS. Then reboot the server. See
Server Console Hangs on page 124 to troubleshoot the problem.
If neither of the commands just described works, the only way to exit the
server is to force a nonmaskable interrupt (NMI) error. Contact a Novell
Support Provider or your computer hardware vendor for assistance.
If you do not have time to obtain the assistance to generate an NMI, you
can power off the server, but this can corrupt operating system files. Try
this measure at your own risk.
4 Verify that volume SYS: is mounted.
Enter VOLUMES at the System Console prompt to display a list of

mounted volumes. If volume SYS: is not mounted, mount it. The server
does not broadcast to the network until volume SYS: is mounted.
5 Make sure no LAN problems exist.
In NetWare Remote Manager, click the Health Monitor link in the

navigation frame, and then click the LAN Traffic link in the Description
column of the Server Health Monitoring page.
View LAN driver statistics to see if packets are being lost or if there are
excessive collisions or retries. To do this in NetWare Remote Manager,

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
click the Disk / LAN Adapters link in the navigation frame, and then click
the name link for each of the network boards in your server.
For tips on troubleshooting communications problems, see Tips for
Resolving General Communication Problems on page 156
If necessary, use LANalyzer or a similar product to monitor network
traffic and isolate the problem.
6 Make sure server utilization is normal.
Check utilization statistics. For help in responding to high utilization, see

High Utilization Statistics on page 125.
If you suspect heavy LAN traffic is causing the problem, try unplugging
the LAN cable. If heavy LAN traffic was the problem, utilization should
drop.
7 Make sure the server has sufficient resources.
Is the server receiving No ECB Available Count messages or messages

about insufficient packet receive buffers?
These messages could indicate that the server is running out of resources.
For help in resolving these errors, see Insufficient Packet Receive
Buffers, No ECB Available Count Errors on page 121.
8 Make sure the eDirectory database is functioning.
Is the eDirectory database closed or locked by another utility, such as

DSREPAIR?
If the eDirectory database is not functioning, the workstation clients will
not display the login screen.
9 Check for -625 or other communication errors at the server.
Are servers receiving -625 or other communication errors?

If so, see Unable to Communicate with Server, -625 Errors on page 150
or see the online documentation Novell Error Codes (http://
www.novell.com/documentation/lg/nwec/docui/index.html) > NDS or
eDirectory Error Codes.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Connections Dropped Periodically

Follow these steps to troubleshoot the problem:
1 Make sure server utilization is normal.
Check utilization statistics. For help in responding to high utilization, see

High Utilization Statistics on page 125.
2 If users are using old Novell clients, upgrade them to the newest version
of the applicable Novell client.

3 Make sure the node number for each workstation is unique.
4 Make sure all network boards in the server and users workstations are
working properly and are using the latest boards and drivers.
Check Novell Knowledgebase (http://support.novell.com/search/
kb_index.jsp) for any known problems with your drivers and boards,
update drivers, and replace boards if necessary.
5 Check all cables to make sure they are firmly connected, terminated
correctly, and not running near any equipment that might cause
interference.
Tips for Resolving General Communication Problems

To resolve general network communication problems, do the following:
Check all hubs and repeaters to make sure they are on. Check
concentrators and look for flashing yellow lights that indicate collisions.
Make sure all routers are functioning properly and have enough memory.
A router with insufficient memory becomes the weak link in the chain and
can slow down an entire LAN.
Check the cables for proper termination. Make sure cables are not running
close to sources of interference.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Make sure the server network adapter is seated properly and is

initializing. Then bring down the server, turn off the power, and check the
actual network board settings:
Make sure all settings agree with the settings used to load the driver.
If you load the driver with an interrupt that conflicts with the boards
setting, the network board cannot broadcast on the network.
Make sure the node address on the board is a legal address.
(Addresses 0 and FFFFFFFFFFFF are reserved; do not use them.)
Make sure that the memory range for the I/O ports and memory
addresses do not overlap. If there are conflicts, reconfigure the
equipment so that no conflicts exist.
Make sure that adapters do not conflict with other boards, the monitor
board, or ports in the server. Make sure no two pieces of hardware are
using the same I/O port, interrupt, or memory address. Avoid interrupts 2,
9, and 15.
Make sure the network adapter works correctly; replace it if it doesnt.
Make sure drivers are the latest versions. Check the lists of certified
products at Novell Solutions Search (http://developer.novell.com/
solutions). In the Hardware Category, select LAN adapters or WAN
adapters to make sure that the adapter works with NetWare. Make sure
that drivers are the latest versions.
Run VOLUMES at the server console. If volume SYS: is not mounted,
mount it. The server does not broadcast to the network until volume SYS:
is mounted.
Check workstation addresses and server node numbers.
Each node address on the network should be unique. Sometimes you can
find the problem by turning off all workstations and then turning them
back on one at a time.
Make sure workstations are using the correct frame type.
Have a user log in to the network from a workstation. In NetWare Remote
Manager, click the Connections link in the navigation frame.
If the Connections list shows the users login name, the server is receiving
and responding to the workstations request.
If the workstation receives a Server Cannot Be Found error, make sure the
server and workstation are using the same frame type.

103-000148-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If using 10baseT, try using a cross-cable to connect the server directly to

the workstation. If this solves the communication problem between the
server and workstation, then something on the network is causing the
problem.
Admin Account Has Been Deleted or Admin Password

Is Unknown
There is only one solution when the Admin account has been deleted or the
Admin password has been lost: contact a Novell Support Provider for
assistance.
To avoid losing the Admin account, we recommend that you create one or
more additional user accounts with the same privileges as the Admin account.
IMPORTANT: Do not assign privileges to the additional accounts by setting up
security equivalence with Admin. The accounts will lose security equivalence if
Admin is deleted.
Preventive Maintenance Tasks

The following sections provide tips for preventing server problems:
Monitoring the NetWare Server on page 82
Matching Performance Capabilities on page 34
Preventing Memory Problems on page 101
Preventing Power Supply Errors on page 101
Preventing Static Electricity Problems on page 102
Preventing Cabling Problems in the Server Communications
Documenting the Network on page 99

103-000148-001
August 30, 2001
Novell Confidential
Novell
NetWare 6
www.novell.com
6.0
S E RV E R M E M O RY
August 30, 2001

Novell Confidential
Manual
99a
July 17, 2001
38
Contents
Understanding Server Memory
Introduction to NetWare Memory. . . . . . . . . . . . . . . . .

Directory Cache Buffers and File Cache Buffers . . . . . . .
Logical Memory Addressing . . . . . . . . . . . . . . . . . . .
Protected Address Spaces . . . . . . . . . . . . . . . . . . . .
Protected Address Spaces and Logical Memory Addressing
Modules Not Allowed in Protected Address Spaces . . . . .
Virtual Memory . . . . . . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Optimizing Server Memory

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Managing Server Memory

Server Memory Management Tools . . . .
Using Protected Address Spaces . . . . .
Loading Protected Address Spaces . . . .
Unloading Protected Address Spaces . . .
Viewing Information about Address Spaces
. 9
10
11
12
12
13
14
17
Assessing Server RAM. . . . . . . . . . . . . . . . . . .

Ensuring That Devices Can Access Memory . . . . . . .
Determining Which Processes Use Too Much Memory . .
Tuning Server Memory . . . . . . . . . . . . . . . . . . .
Tuning File Cache . . . . . . . . . . . . . . . . . . .
Tuning Directory Cache for the Traditional File System
Using Virtual Memory . . . . . . . . . . . . . . . . . . .
Using Swap Files . . . . . . . . . . . . . . . . . . . .
Responding to Disk Thrashing . . . . . . . . . . . . .
Optimizing Garbage Collection. . . . . . . . . . . . . . .
.
.
.
.
.
.
.
17
18
19
20
20
24
26
29
30
31
33
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Contents

103-000147-001
August 30, 2001
Novell Confidential
33
34
35
40
41
Manual
99a

103-000147-001
August 30, 2001
Novell Confidential
38
July 17, 2001
Manual
99a
38
July 17, 2001

Welcome to the Server Memory Administration Guide. This documentation
contains the following information:
Chapter 1, Understanding Server Memory, on page 9
Chapter 2, Optimizing Server Memory, on page 17
Chapter 3, Managing Server Memory, on page 33

103-000147-001
August 30, 2001
Novell Confidential
Manual
99a

103-000147-001
August 30, 2001
Novell Confidential
38
July 17, 2001
Manual
99a
38
July 17, 2001

The NetWare server operating system provides increased memory efficiency
with three important features: logical memory addressing, virtual memory,
and protected memory. The following information is a general introduction to
these and other aspects of NetWare's memory architecture.
Introduction to NetWare Memory on page 9
Logical Memory Addressing on page 11
Protected Address Spaces on page 12
Virtual Memory on page 14
Introduction to NetWare Memory

NetWare 6 requires a minimum of 256 MB of RAM and can access up to 64
GB of RAM. After the SERVER.EXE file is loaded, all remaining memory is
assigned to cache memory and Virtual memory, which is available for
NetWare Loadable ModuleTM (NLMTM) programs and other processes to use.
The memory allocator will only allocate up to 4 GB of memory to cache
memory and the remaining will be using by the virtual memory system. When
data is stored in cache, it is stored in 4 KB blocks called cache buffers.
Recently used data is kept in cache buffers in case it is needed again. Caching
data speeds processing because data can be written to or read from cache
hundreds of times faster than it can be read from or written to disk.
Cache memory is used for all the server's processing needs, such as the
following:
Storing volumes' File Allocation Tables (FAT) and suballocation tables
Storing volumes' directory entry tables

103-000147-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Storing data files for users

Storing NLM programs, such as LAN drivers, disk drivers, and
management utilities
Building hash tables for directory names
Creating protected address spaces
Allocated memory used by NLM programs
Hash table
File allocation table
FAT
Turbo FAT
Suballocation tables
Directory cache
Files and NLM

programs
Temporary
storage
Open
Memory from cache is allocated to an NLM program when requested. When

an NLM program is finished using the memory, it releases the memory and
returns it to cache. NetWare also provides a garbage collection process to
recover unused memory. The garbage collector runs in the background, but
you can manually initiate the process if needed. See Optimizing Garbage
Collection on page 31.
Directory Cache Buffers and File Cache Buffers

There are two kinds of cache: directory cache and file cache.
Directory cache is used only with the traditional NetWare file system, not with
the Novell Storage ServicesTM (NSS) file system. Directory cache stores disk
directory entries. When the server is first installed, NetWare allocates 20
directory cache buffers of 4 KB each. If more buffers are needed, NetWare
tunes the server by increasing the number of directory cache buffers. You can
10

103-000147-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
also tune the number of directory cache buffers yourself, using two server
parameters that establish the minimum and maximum number of directory
cache buffers the server can allocate. For information about tuning directory
cache, see Tuning Directory Cache for the Traditional File System on page
24.
File cache is used with both the traditional file system and the NSS file system.
File cache is a pool of 4 KB memory pages. File cache stores recently used file
data and also parts of the Novell eDirectoryTM database.
In an ideal environment, there is enough memory so that all frequently used
data can be retrieved from file cache rather than from disk.
Monitoring the disk cache utilization statistic can help you estimate whether
your server has sufficient memory to service requests from cache. For
information about optimizing file cache, see Tuning File Cache on page 20.
Logical Memory Addressing

The physical memory of the server is divided into 4 KB blocks, called pages.
When a NLM program wants to store information in memory, it requests
memory pages that are contiguous, so that all the information can be stored in
a sequential group of pages.
As contiguous blocks of memory pages are allocated and then made free,
small segments of memory are often left over. After a while, there are many
such isolated pieces of memory too small to be used. This situation is called
memory fragmentation. When memory is fragmented, the server often cannot
satisfy memory requests even when a lot of memory is available.
NetWare's logical memory addressing scheme helps to prevent memory
fragmentation. The memory management subsystem provides a logical space
manager that lists logical memory addresses from 0 to 4 GB. The logical space
manager lists addresses up to 4 GB even if the server contains only the
minimum 256 MB of RAM.
When an NLM program needs a contiguous block of memory, the operating
system finds a set of logical, contiguous addresses in the logical space.
Because table has so many logical addresses (4 GB), the operating system can
almost always find the contiguous logical memory addresses the NLM
program needs. Then the operating system allocates physical memory which
might or might not be contiguous. The operating system then binds the logical
addresses to the physical addresses.

103-000147-001
August 30, 2001
Novell Confidential
11
Manual
99a
38
July 17, 2001
Protected Address Spaces

Portions of the logical address space are set aside for protected address spaces
(sometimes called user address spaces or ring 3). This protected address space
is a portion of the logical address space that has carefully controlled
interaction with the server operating system. All protected address spaces use
virtual memory. For general information about virtual memory, see Virtual
Memory on page 14.
A key benefit is that you can use protected address spaces to take advantage
of virtual memory or to run untried or troublesome applications. Because any
modules loaded into a protected address space can't corrupt the operating
system or cause server abends, the protected address space provides a safe
place to run applications.
The operating system address space (ring 0) is sometimes called the OS
address space or the kernel address space. The memory protection marshalling
layer, in conjunction with the memory protection subsystem, prevents
modules in a protected address space from having direct access to anything
outside the address space. In particular, the memory protection marshalling
layer serves as the interface between the protected address spaces and the
server operating system. These layers prevent NLM programs in protected
spaces from making calls or passing parameters to the operating system that
would corrupt or fault the core operating system.
You can load modules into a protected address space, unload modules from a
space, delete a space, or kill a space. See Using Protected Address Spaces
on page 34 and Loading Protected Address Spaces on page 35.
Protected Address Spaces and Logical Memory Addressing

Each protected address space has its own set of page translations to provide
logical memory addressing. The memory management subsystem ensures that
the page translations of each protected address space refers to a different set
of physical memory addresses.
Only one set of translations is visible in the memory management subsystem
at a time. When there is more than one protected address space, the memory
management subsystem loads one set of page translations for a specified time
and then replaces it with another.
12

103-000147-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Page
Translations
Address_Space1
Page
Translations
Address_Space2
Memory Management System
Page
Translations
Address_Space3
Replacing visible page translations is part of a context switch. Context

switches take place when the NetWare kernel changes from running one
thread to running another thread.
Modules Not Allowed in Protected Address Spaces

The following NLM programs and executables cannot be loaded into a
protected space:
SERVER.EXE
LAN and disk drivers
Hardware and LAN drivers make calls to the operating system and the
processor that are not allowed from the protected address spaces.
MONITOR
MONITOR makes calls to the operating system that are not allowed from
protected address spaces.
Modules that use interrupt time processing
Modules that use direct operating system interfaces
Modules that import operating system data items
Other modules or applications that aren't designed to run in protected
address spaces

103-000147-001
August 30, 2001
Novell Confidential
13
Manual
99a
38
July 17, 2001
Virtual Memory
NetWare also provides a virtual memory system that swaps little-used data to
disk, thereby freeing memory for more frequently used data. Applications that
run in protected address spaces use virtual memory, as does Java*. The
following illustration shows the amount memory the server can recognize and
what portions the virtual memory system uses.
Memory the server
operating system
can recognize
64GB
Memory used only

by the virtual
memory system
4GB
0GB
Memory used by
the file system,
NLM programs,
and device
drivers and can
be shared with
the virtual
memory system
Virtual memory provides more efficient use of memory and lessens the
likelihood that low memory conditions will cause problems with the server.
Server operating system modules do not use virtual memory, because their
execution cannot be interrupted except at certain locations in these modules.
A periodic aging process assesses available memory to see which data has
been used less recently than the rest. Data that has not been used for some time
can be moved from memory to disk, thereby freeing memory for other uses.
When the data on disk is needed again, it is moved back into available
memory. Because data is swapped in and out of the disk, the available memory
can be used for a larger amount of data than its actual physical capacity would
allow.
14

103-000147-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The memory management subsystem assesses the memory needs of all server
and NLM processes and determines where the freed memory should be used.
The Java Virtual Machine and any modules that are loaded into protected
address spaces use virtual memory. Both the modules and the data they access
are subject to being swapped to disk.
When data is moved from memory to disk, it is stored in a swap file. You can
create one swap file for each NetWare volume. A swap file is created for
volume SYS: by default.
To create a swap file, delete a swap file, change swap file parameters, or view
information about the swap file, you can use NetWare Remote Manager,
MONITOR, or the SWAP command at the System Console prompt. See
Using Virtual Memory on page 26.
Swapping the data between memory and disk requires additional system
resources, but it increases the memory available for use. The availability of the
additional memory can improve overall server performance.

103-000147-001
August 30, 2001
Novell Confidential
15
Manual
16
99a

103-000147-001
August 30, 2001
Novell Confidential
38
July 17, 2001
Manual
99a
38
July 17, 2001

This chapter includes information for completing the following tasks:
Assessing Server RAM (page 17)
Ensuring That Devices Can Access Memory (page 18)
Determining Which Processes Use Too Much Memory (page 19)
Tuning Server Memory (page 20)
Using Virtual Memory (page 26)
Optimizing Garbage Collection (page 31)
Assessing Server RAM

Insufficient physical memory (RAM) in the server is a common cause of a
slow network. To determine whether your server has sufficient physical
memory installed, check the amount of server memory currently available for
disk cache.
1 Click the Health Monitor link in the navigation frame and view the
Available Memory status and values.

2 If the status is Suspect or Bad, view the System Memory Information
page to determine the source of the problem. View the System Memory
Information by clicking the Available Memory link on the Server Health
Monitoring page or clicking the View Memory Config link in the
navigation frame.

103-000147-001
August 30, 2001
Novell Confidential
17
Manual
99a
38
July 17, 2001
In MONITOR
1 View the General Information window and note the percentage for the
Long Term Cache Hits.

2 If the percentage of Long Term Cache Hits falls below 90 percent, add
more RAM to the server.

HINT: If you are unable to add more RAM now, a short-term fix can help. We
suggest unloading unneeded NLMTM programs or removing DOS from memory.
Remember that these actions treat symptoms only and are not long-term solutions.
Ensuring That Devices Can Access Memory

Some older network boards, such as many ISA and MCA devices, cannot
access memory above 16 MB. To make sure these devices have enough
memory below 16 MB, make sure that the following SET command is in the
STARTUP.NCF file:
SET RESERVED BUFFERS BELOW 16 MEG = 300
The default number of buffers is 300. If necessary, you can increase the value,
but remember that too many reserved buffers can prevent large volumes from
mounting. As soon as possible, upgrade the system to a newer board that can
access higher memory. For a discussion of network bottlenecks, see Matching
Performance Capabilities in the Server Operating System Administration
Guide.
NetWare automatically registers memory above 16 MB so the memory can
be recognized by EISA and PCI machines. If memory above 16 MB isn't being
recognized, you can register memory manually using the REGISTER
MEMORY command. For more information, see REGISTER MEMORY in
IMPORTANT: Use the REGISTER MEMORY command only if absolutely
necessary. Manually registering memory can cause memory fragmentation

problems. Ideally, you should upgrade the system board so that the NetWare
automatic memory registration will work.
18

103-000147-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Determining Which Processes Use Too Much Memory

To determine which NLM programs are using excessive amounts of memory,
do the following.
In NetWare Remote Monitor
1 Click the List Modules link in the navigation frame.
2 Sort the list by allocated memory usage by clicking the Alloc Memory
button in the table.

NOTE: SERVER.NLM and NSS.NLM will always be high memory users.
3 View the Allocation Summary page for each NLM that is listed at the top
of the list by clicking the Alloc Memory value link for each NLM.
If the corruption count is anything larger than 0 in the Memory Allocation
Summary L!=P list, the NLM might have a memory leak.
In MONITOR
1 From the Available Options menu, select Loaded Modules.
2 Select a module from the list to display its information and statistics in the
upper window.
3 Press Tab to expand and activate the Module Information window.
4 Check the module's Allocated Memory.
The information includes bytes of memory required to load, allocated

memory bytes in use, percent of memory in use, allocated memory bytes
free, percent of memory free, and the module's load flags. Press F1 for a
description of these statistics.
5 Press Tab to return to the list of loaded modules.
6 Check the memory statistics for other modules.
7 (Optional) Press F4 to free memory allocated for a selected module.
Remember that the memory recovery operation also uses memory.

103-000147-001
August 30, 2001
Novell Confidential
19
Manual
99a
38
July 17, 2001
Tuning Server Memory

NetWare is a self-tuning operating system; however, there are some things you
can do to adjust the server's memory subsystem (as well as other aspects of
server operation) to fine tune its performance.
Before attempting to tune a new server's memory, let the server operate at full
capacity for a week or two to allow NetWare to self-tune. After the server
settles in to a predictable pattern of daily use, you can begin to fine-tune the
server's memory as described in the following sections.
Tuning File Cache on page 20
Tuning Directory Cache for the Traditional File System on page 24
Tuning File Cache

File cache not only speeds access to file data, it is used to cache portions of the
Novell eDirectoryTM database. If you want to tune your NetWare server in
general, or eDirectory in particular, tune the file cache.
Novell Storage Services File System
In NetWare 6, the Novell Storage ServicesTM (NSS) is loaded on the server by

default, but cache memory is not allocated to it unless it is actually running.
NSS uses memory differently that the traditional file system and you must use
specific parameters for tuning your server when using NSS.
To view statistics for cache buffers used by NSS, enter the following
nss /cachestats
For heavy access on an NSS logical volume, the server might incur some
performance issues. NSS has its own caching and parameters to be set during
the loading of the NSS modules. The following are several SET parameters
that you can use to tune the performance of NSS:
Cachebalance controls how much memory is available for NSS to use
for cache. The cachebalance percentage determines how many cache
blocks NSS will take from the traditional file system for its own cache. A
high cache balance percentage will impede the performance of the
traditional file system. A low cache balance will impede the preformance
of NSS. We recommend that you set the cache balance parmeter to equal
the percentage of the total disk space you allocate for NSS. The default is
20

103-000147-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
60 percent. If you are using mostly NSS volumes, you can run at a much
higher percentage, such as 85 to 90 percent.
Closefilecachesize dictates how many closed files are kept in cache. The
recommended minimum is 50,000.
Fileflushtimer and Bufferflushtimer Increasing these parameters from
their defaults helps the caching up to a certain point, but too much
increase causes a throttling problem with writing out the metadata. This
is somewhat dependent on processor speed and disk speed, so you could
try adjusting them for your system. If NSS performance is very poor, 75
might be too high and you could try 50. If performance is just below
normal, you could try increasing the values a little.
To activate these parameters, you can issue the following command at the
startup of NSS, or place it in the AUTOEXEC.NCF file:
nss /cachebalance=80 /fileflushtimer=75 /bufferflushtimer=75
/closedfilecachesize=50000
For more information on setting Cache Buffers for NSS, see Setting the Cache
Buffers in the Novell Storage Services Administration Guide.
Because it is much faster to get data from memory than to get it from disk,
caching frequently requested data increases server performance. The more
RAM installed in the server, the more cache memory is available. Cache hits
occur when a client requests data and the server supplies the data from cache
memory instead of from disk. The least recently used algorithm determines
whether data is kept in cache memory or written to disk.
File cache buffers are organized into a linked list. Most recently used (MRU)
buffers are at the head of the list and least recently used (LRU) buffers are at
the tail of the list. The length of time the oldest buffer has been in the list is
shown as the LRU Sitting Time statistic.
In tuning file cache for the traditional file system, the goal is to determine how
much memory the server needs so that recently accessed data can always be
retrieved from cache. Monitoring the LRU Sitting Time statistic is key to
tuning file cache.
Understanding LRU Sitting Time
The LRU Sitting Time status is updated and displayed once per second. The
statistic is calculated by taking the difference between the current time and the

103-000147-001
August 30, 2001
Novell Confidential
21
Manual
99a
38
July 17, 2001
time stamp of the last block in the cache list. (The time stamp is the time at
which the last block entered the list.) The result is displayed in HH:MM:SS.0
format. The LRU Sitting Time measures the length of time it takes for a cache
buffer at the head of the list to make its way down to the tail, where it becomes
the least recently used (LRU) buffer. Every cache buffer in the list is being
reused within that period of time.
In configurations with excessive cache, the LRU Sitting Time can be very
high, even many hours. In configurations with too little cache, the LRU Sitting
Time can be measured in seconds. The time can vary widely, depending on
circumstances.
On inactive servers, such as those sitting unused overnight or those in lab
environments with long periods of idle time, the LRU Sitting Time statistic is
incremented by one second every second. This is because the LRU Sitting
Time indicates the age of the LRU cache buffer. The LRU Sitting Time
statistic is useless under these circumstances, except to confirm the obvious:
that new data is not being written to the server's cache. This statistic is most
useful during peak workloads when the server's cache is servicing the greatest
number of users and the broadest possible data set.
You can view the LRU Sitting Time statistic using NetWare Remote Manager
or MONITOR.
In NetWare Remote Manager, do the following:
1 Click the View Memory Config link in the navigation frame.
2 Click the Traditional File System Cache Statistics link on the System
Memory Information page.

In MONITOR, from the Available Options menu, select Disk Cache
Utilization.
Calculating Cache Memory Needs
To determine how much file cache your server needs, do the following:
1 Track server resource utilization statistics. Chart the results for daily,
weekly, monthly, period-end, and year-end cycles. Identify recurring

periods of peak workloads.
2 Observe the LRU Sitting Time statistic during peak workload periods of
the day. Keep a record of the lowest LRU Sitting Time during the peak
periods for at least one week, longer if necessary, to see a consistent
pattern.
22

103-000147-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
3 Based on the observations you made of the server's resource utilization
and LRU Sitting Time, determine an average low LRU Sitting Time.
4 Tune the cache. Size the cache in such a way that the server can sustain
an average low LRU Sitting Time of at least 12 minutes during peak

workloads.
For example, if your server's original average low LRU was 7 minutes,
you will need to add enough memory to increase the LRU Sitting Time to
an average low of 12 minutes during peak workloads. This added memory
increases the likelihood that repeatedly used data will still be cached
when the next user request is received.
On the other hand, if the server's original lowest LRU sitting time was 18
minutes, the server has more than adequate cache. You can leave the
excess memory in the server for future growth or remove it and use it
somewhere else.
Setting a File Cache Buffer Alert
You can control when the server alerts you to serious decreases in the number
of available file cache buffers. Use the following SET parameters (Traditional
File System category).
Minimum File Cache Buffers establishes the minimum number of
buffers that will always be reserved for file cache and not made available
for other processes. When this minimum is reached, the server displays
the message Cache memory allocator exceeded minimum.
Minimum File Cache Report Threshold instructs the server to send an
alert before the minimum number of file cache buffers is reached. Set this
parameter to the number of buffers above the minimum at which you
want the server to send an alert. For example, if the Minimum File Cache
Buffers value is 20 and the Minimum File Cache Report Threshold value
is 30, the server sends an alert when 50 file cache buffers are left.
eDirectory
If you suspect that your server is slow in accessing eDirectoryTM, see

Improving eDirectory Performance in the Novell eDirectory 8.6

103-000147-001
August 30, 2001
Novell Confidential
23
Manual
99a
38
July 17, 2001
Tuning Directory Cache for the Traditional File System

The information for tuning directory cache applies only to NetWare servers
using the traditional NetWare file system. Directory cache is not used by the
Novell Storage ServicesTM (NSS) file system.
As directory entries are read and operated upon by a user, NetWare caches the
entries to make repeated use of an entry more efficient. In a default
configuration, NetWare allocates 20 cache buffers of 4 KB each. Each block
read into a cache buffer contains 32 entries.
The default number of buffers is appropriate for only a small number of users.
The tuning strategies in this section can help you tune the directory cache to
meet your network's requirements.
Three Directory Cache Tuning Strategies
Sizing the directory cache depends largely on the characteristics of the

workload the server supports. The key is the frequency and breadth of
directory searches, file opens, closes, and creations.
A low-use scenario involves any number of users in which a small
number of directories are shared or in which each user's activity is limited
to a small region of the directory, such as a home directory.
A high-use scenario involves any number of users, but user activity spans
a very large number of directories and files. An extreme case might be a
document-based system in which document searches routinely traverse
large portions of a very large directory.
Strategy 1: Tuning for Low Use
To handle low memory use, you probably won't need to allocate any more
cache than the NetWare default. By default, NetWare allocates 20 buffers
immediately upon request, followed by a maximum allocation of up to 500
buffers (about 2 MB). This is sufficient for the majority of low-use scenarios.
Strategy 2: Tuning for High Use
To tune for very high use, change the following SET parameters to the values
shown using NetWare Remote Manager, MONITOR, or SET commands at the
MINIMUM DIRECTORY CACHE BUFFERS = 2000
MAXIMUM DIRECTORY CACHE BUFFERS = 4000
24

103-000147-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
In NetWare Remote Manager, click the Set Parameters link in the navigation
frame, click the Traditional File System category link, click the parameter
value link that you want to change, enter the new value, and click OK.
In MONITOR, from the Available Options menu, select Server Parameters >
Traditional File System, select the parameter you want to change, type the new
value, and press Enter.
Strategy 3: Tuning for Name Spaces
When a name space is installed on a traditional NetWare volume, the volume's

Directory Entry Table (DET) must include an additional directory entry for
each file. So, for example, if a volume supports DOS, NFS, and LONG name
spaces, there are three directory entries in the DET for each file instead of just
one.
In such a case, a directory cache buffer with 32 directory entries no longer
represents 32 files, it represents only 10 files, because each file now requires
three directory entries.
This means the efficiency of your directory cache is decreased by a factor
equal to the number of name spaces loaded. Therefore, you might need to add
more memory if you load multiple name spaces. By carefully tuning the
directory cache, you can maintain high performance even under these
conditions.
Before adding name spaces, allow your server to operate in its production
environment for several weeks. This lets NetWare allocate the appropriate
number of directory cache buffers for the native DOS environment.
After this settling-in period, check the Directory Cache Buffer value in the
MONITOR General Information window. This is the highest number of
directory cache buffers allocated since the server was last started.
Use the following formulas to determine the optimum minimum and
maximum number of directory cache buffers.
(# of names spaces, including DOS) x highest number of
Directory Cache buffers since server was last started =
minimum cache buffers
(minimum cache buffers) + 100 = maximum cache buffers

103-000147-001
August 30, 2001
Novell Confidential
25
Manual
99a
38
July 17, 2001
For example, if your server's highest number of Directory Cache buffers since
server was last started is 250, and you want to load one additional name space,
you would calculate the minimum and maximum values of directory cache
buffers as follows:
2 x 250 = 500
500 + 100 = 600
Before loading the additional name space, change the following SET
parameter values using NetWare Remote Manager, MONITOR, or SET
commands at the System Console prompt:
MINIMUM DIRECTORY CACHE BUFFERS
MAXIMUM DIRECTORY CACHE BUFFERS
These settings increase the likelihood that repeatedly used directory cache
buffers will remain in cache and that those buffers will remain in cache longer,
providing the best possible read response times.
Monitoring the New Settings
After you tune the directory cache, let the server operate for a few weeks to
settle in. Then check to see whether the server allocates the additional
directory cache buffers that the new settings allow. If the allocated buffers do
not increase to near the level allowed, then you know that your users' directory
access patterns don't require the additional cache. On the other hand, if your
server uses all the cache you made available, your user community's directory
access patterns might be more intensive than you anticipated.
Using Virtual Memory

NetWare provides a virtual memory system that moves data out of memory
and into a swap file on disk if the data isn't used frequently. Thus, the virtual
memory system ensures that RAM is used more efficiently. It lessens the
likelihood that low memory conditions will cause a problem with the server.
For general information about virtual memory, see Virtual Memory on page
14.
NetWare Remote Manager has several pages that can assist you in monitoring
and managing the use of Virtual Memory system in your server.
26

103-000147-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
To
Do the following in NetWare Remote Manager
View the overall perfomance of the

Virtual Memory system
1. Click the Monitor Health link in the navigation frame.

2. Click the Virtual Memory Performance link on the Server
Health Monitoring page.
3. Click the Info icon for each item listed on the Health Info
table on the Virtual Memory Health Information page
View specific perfomance of the

1. Click the View Memory Config link in the navigation frame.

2. Click the Virtual Memory Page link on the System Memory
Information page.
3. Click the Virtual Memory Cache Pool link to view the
statistics for each cache pool type. For information on each
type of statistic listed, see the online help.
4. Click the Virtual Memory Statistics link to view the following
statistics: Current Available Memory, Free Desired Pages,
Free Lots Pages, Free Minimum Pages, Memory Available
State, Need Free Clean Pages, Need Free Pages, and
Upper Page I/O Threshold. For information on each type of
statistic listed, see the online help.
Change SET parameters

associated with the Virtual Memory
System
1. Click the Set Parameter link in the navigation frame.

2. Click the Memory link in the Category Name table on the Set
Parameter Categories page.
3. Click the value link for each specific Virtual Memory
parameter you want to change.
4. Enter the new value in the Current Value field and click OK.

103-000147-001
August 30, 2001
Novell Confidential
27
Manual
99a
38
July 17, 2001
You can manage the swapping of data by controlling the swap files where the
data is stored on disk. To create, delete, and manage swap files, access
NetWare Remote Manager and complete the tasks in the following table:
To
Learn about the

SWAP command
Click the Console Commands link in the navigation frame and then the SWAP
Info icon on the Console Commands page.
Display the Swap File

Usage Information
page
Click the View Memory Config link in the navigation frame and then the Swap File
Size icon on the System Memory Information page.
Create a swap file on a

designated volume
1. Click the View Memory Config link in the navigation frame and then the
Swap File Size link on the System Memory Information page.
2. Click the No value link in the Swapping Enabled column for the volume
you want to enable.
3. (Optional) On the Enable Swapping page, enter the values you want in the
Minimum Size (2), Maximum Size (5), and Minimum Volume Free Size
fields (free volume space). If you leave these fields blank, the default
values in the parenthesis are used. These parameters specify minimum
and maximum size of the swap file and the minimum free space that must
be left on the volume.
4. On the Enable Swapping page, click the Enable button.
5. If the file is not on volume SYS: add the commands to create swap files to
the AUTOEXEC.NCF file so the files are created each time the server is
started.
The command syntax is SWAP ADD volume_name [parameter=value...]
Optional parameters are MIN, MAX, and MIN FREE.
For example:
SWAP ADD VOL1 MIN=3, MAX=6, MIN FREE=2000
28

103-000147-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
To
Delete a swap file from

a designated volume
2. Click the Yes value link in the Swapping Enabled column for the volume
you want to delete the Swap file from.
3. On the Enable Swapping page, click the Disable button.
If you are using protected address spaces, the Java Virtual Machine, or any
other application that uses virtual memory, be sure to keep at least one swap
file.
If the swap file is being used when it is deleted, then the swapped data is
moved to another swap file. If there is no other swap file and there is not
enough physical memory to move all the swapped data, an error message is
displayed and the file is not deleted.
By default, a swap file is created on the volume SYS:. If you do not want a
swap file on volume SYS:, place the SWAP DEL SYS command in the
STARTUP.NCF file.
Change the parameter

values for a swap file
on a designated
volume
2. Click the link for the value you want to change.
3. On the Enable Swapping page, enter the new values you want.
4. On the Enable Swapping page, click the Change button.
Using Swap Files

You can create one swap file per volume. The swap file for volume SYS: is
created by default; you can delete it if necessary.
Data moved to disk by virtual memory is stored in any available swap file; it
does not matter which volume the swap file is on. Generally, you should place
swap files on the fastest volume, the one with the most available space, or the
one that is used the least.
When you dismount a volume, the swap file is deleted. To keep a swap file on
that volume, you must create the swap file again when the volume is mounted.
The exception is the swap file for volume SYS:, which is created by default.
For convenience, add the commands to create swap files to the
AUTOEXEC.NCF file, so the files are created each time the server is started.
Swap files are dynamic; they expand and contract as data is swapped in and
out of memory.

103-000147-001
August 30, 2001
Novell Confidential
29
Manual
99a
38
July 17, 2001
Responding to Disk Thrashing

The real value of virtual memory is in using a sufficient supply of memory
more efficiently, thereby improving server performance.
If the overall supply of memory is running low, then swapping will occur more
often when virtual memory is in use. If memory is extremely low, the system
might spend a significant amount of its time swapping memory in and out of
disk and have little time to accomplish useful work. This is called disk
thrashing.
In extremely low memory conditions, NetWare moves all the memory from a
protected address space into the swap file, temporarily stopping the modules
within the space. After a period of time, NetWare moves the memory back into
the protected address space and shuts down another space, moving its memory
to the swap file. Without virtual memory, these extremely low memory
conditions would cause processes to fail. With virtual memory, the server
keeps running, although very slowly.
If the Average Clean Free Available State or the Average Page I/O state is
Suspect or Bad on the Virtual Memory Health Information page in NetWare
Remote Manager, your server is experiencing disk thrashing.
If your server is experiencing disk thrashing, you can use the following two
hidden SET parameters (Memory category) to manage the balance between
the virtural memory cache pool and the file system cache pool. Use caution
when changing these parameters, because until you have more than 4 GB of
memory in the server, increasing these parameters will remove memory from
the file system cache pool and cause low memory conditions there.
VM Cache Pool Free Desired Pages, range 0 to 2147483647, default 256
Specifies the number of pages that the viritual memory system cache
needs to operate properly.
VM Cache Pool Free Lots of Pages, range 0 to 2147483647, default 512
Specifies the number of pages that the virtual memory system cache
considers to be excessive. Having an available page count higher than this
number might result in the pages being be given to another cache pool.
You can specify the point at which the server sends an alert to the console
because of excessive memory swapping by using the Average Page In Alert
Threshold Set parameter (Memory category).
30

103-000147-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The value is the average number of pages swapped from disk to memory per
second, calculated over the last five seconds. The default is 2000.
To change the values for this parameter using NetWare Remote Manager, do
the following:
1 Click the Set Parameters link in the navigation frame and then the
Memory Category link on the Set Parameter Categories page.

2 Click the value link for the Average Page In Alert Threshold setting.
3 Enter the new value in the Current Value field and click OK.
When disk thrashing occurs, the complete solution is to add more RAM.
Virtual memory cannot compensate for an overall lack of server memory,
although it can prevent processes from failing and allow a server to continue
to function.
Optimizing Garbage Collection

The NetWare server provides a garbage collection or memory recovery
process that periodically collects alloc memory freed by NLM programs and
returns it to cache.
Garbage collection responds to pressure from the virtual memory system. (For
an explanation of virtual memory, see Virtual Memory on page 14.) The
virtual memory system is checked every 10 seconds.
If pressure on virtual memory is high, then garbage collection is accelerated.
If pressure on virtual memory is low, then garbage collection happens at the
regularly scheduled garbage collection interval. This interval is controlled by
the Garbage Collection Interval server parameter.
To view or change this interval in the NetWare Remote Manager, in the
navigation frame click the Set Parameters link > Memory > Garbage
Collection Interval value link.
Normally, garbage collection happens in the background. The only indicator
that garbage collection has taken place is an increase in the amount of free
memory displayed in MONITOR after garbage collection has freed memory.

103-000147-001
August 30, 2001
Novell Confidential
31
Manual
99a
38
July 17, 2001
However, you can initiate garbage collection manually for individual modules
using the following steps.
1 In MONITOR, from the Available Options menu, select Loaded
Modules.
2 Select the module that you want to garbage collect memory from.
3 Press F4 to garbage collect memory for that module.
HINT: You can also garbage collect memory from protected address spaces. In
MONITOR, from the Available Options menu, select Virtual Memory > Address
Spaces. Then select the desired address space and press F4.
32

103-000147-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

This chapter contains information about the following:
Server Memory Management Tools (page 33)
Using Protected Address Spaces (page 34)
Loading Protected Address Spaces (page 35)
Unloading Protected Address Spaces (page 40)
Viewing Information about Address Spaces (page 41)
Server Memory Management Tools

NetWare provides several tools to help you manage and tune the memory
system:
NetWare Remote Manager (PORTAL.NLM) provides the ability to
monitor the memory used in each of the following categories:
Original Cache Memory
Current Cache Memory
File System Memory
Reserved Swap Memory
Swap File Size
NLM Memory
You can also use NetWare Remote Manager to load and unload modules
in to protected address spaces and change SET parameter values and

103-000147-001
August 30, 2001
Novell Confidential
33
Manual
99a
38
July 17, 2001
access the server console to run MONITOR and execute any console
commands.
In most cases, NetWare Remote Manager is more useful than MONITOR
when diagnosing server memory problems. For more information, see the
The MONITOR utility provides statistics that indicate how efficiently
memory is being used by the server and individual modules. For more
information, see MONITOR in Utilities Reference.
Settable parameters and console commands let you tune the memory
system to achieve optimal performance. For more information, see SET
> Memory Parameters in Utilities Reference.
Using Protected Address Spaces

You can use a portion of server memory called a protected address space to
protect the server operating system from untried or troublesome applications
and to use virtual memory. When applications are loaded into a protected
address space, they can't corrupt the operating system, cause server abends, or
corrupt other applications that are running in other protected address spaces.
All protected address spaces use virtual memory, so running modules in a
protected address space also uses RAM more efficiently.
For general information about protected address spaces and the applications
that can be loaded into them, see Protected Address Spaces on page 12. For
general information about virtual memory, see Virtual Memory on page 14.
Because modules loaded into a protected address space have controlled
interaction with the operating system, all modules that must communicate
with each other by directly importing another modules data or functions
(such as those of an e-mail application or a database) should be loaded
into the same protected address space.
If you load a NetWare Loadable ModuleTM (NLMTM) that depends upon
another module, such as CLIB, the other module will be loaded
automatically into the same address space.
If the same module is loaded into more than one address space, the
module's code will be shared among the address spaces. Therefore,
loading the module into multiple address spaces does not require
additional memory for the module itself. Only data for the required
module is unique for each address space.
34

103-000147-001
August 30, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Even if an NLM is designed to be loaded only once, you can load multiple
copies of the NLM on your server if you load them into different address
spaces.
When you load modules into a protected address space, NetWare assigns
whatever amount of memory the loaded modules need, up to a maximum
size of 512 MB. The maximum size of a protected address space is fixed;
but within that maximum limit, the memory size of the space grows and
shrinks as needed by the modules in the address space.
If you want the server to clean up address spaces that abend, make sure
the Memory Protection Fault Cleanup parameter (Memory category) is
set to the default setting of On. If an address space abends, the server
removes the address space and its modules and returns the resources to
the system.
If the Memory Protection Fault Cleanup parameter is set to Off, the
situation is left to the abend recovery mechanism.
Loading Protected Address Spaces

You can create a protected address space when you load one or more modules.
To load protected address spaces, use the commands in the following table at
the System Console prompt or in NetWare Remote Manager on the Address
Space Information page (access by clicking Protected Memory link in the
navigation frame).

103-000147-001
August 30, 2001
Novell Confidential
35
Manual
99a
38
July 17, 2001
To
Example
Enter this command at the Do this on the Address
System Console prompt
Space Information Page of
Load one module into

the next available
protected address
space
[LOAD] PROTECTED
module_name
1. Type
module_name in
the Load Module
Protected field.
2. (Optional) If you
want to view the
System Console
screen when the
module loads,
check the Display
System Console
for Module Load
check box.
3. Click the Load
Module Protected
button.
36

103-000147-001
August 30, 2001
Novell Confidential
[LOAD] PROTECTED
DATABASE.NLM
Creates a new address
space called
ADDRESS_SPACEn,
where n is a numerical
number, and loads
DATABASE.NLM into it.
Manual
99a
38
July 17, 2001
To
Example
Load one module into

the next available
protected address
space with restart
functionality
[LOAD] RESTART
module_name
Restart functionality
means that if the
protected space
abends, the system
closes the space,
cleans up its
resources, restarts
the space, and
reloads the module
into it.
To prevent the server
from restarting a
memory space that
continues to fault,
use the Memory
Protection No Restart
Interval Set
parameter (Memory
category).
1. Type RESTART
module_name in
the Load Module
Protected field.
want to view the
System Console
screen when the
module loads,
check the Display
System Console
for Module Load
check box.
3. Click the Load
Module Protected
button.
RESTART
DATABASE.NLM
space called
ADDRESS_SPACEn,
where n is a numerical
number, and loads
If the address space
abends, the system will
shut down the space,
restart the space
automatically, and
reload DATABASE.NLM
into it.
want to change
the restart state to
No, click the Yes
button in the
Restartable
column of the
Address Space
Information table.

103-000147-001
August 30, 2001
Novell Confidential
37
Manual
99a
38
July 17, 2001
To
Example
Load one module into a

protected space with a
user-defined name
[LOAD] ADDRESS
SPACE = space_name
module_name
Use this command

when you want to
create your own
name for the space.
want to view the
System Console
screen when the
module loads,
check the Display
System Console
for Module Load
check box.
Also use this

command when you
want to load more
than one module into
the same protected
space.
Repeat the command
for each module you
want to load into the
space.
3. Click the Load

Module Protected
button.
You can also include

the restart option on
the same command
line.
38
1. Type ADDRESS
SPACE = space
_name module_
name in the Load
Module Protected
field.
want to load more
than one module
in the same
space, repeat
Steps 1 through 3
for each module
you want to load.

103-000147-001
August 30, 2001
Novell Confidential
[LOAD] ADDRESS
SPACE = DB_SPACE
DATABASE.NLM
space called
DB_SPACE and loads
[LOAD]
ADDRESS_SPACE =
DB_SPACE RESTART
TEST.NLM
Loads TEST.NLM into
the DB_SPACE address
space and also adds
restart functionality to
the address space.
[LOAD] ADDRESS
SPACE = DB_SPACE
TEST.NLM
Loads the TEST.NLM in
to the same DB_SPACE
address space that the
DATABASE.NLM was
loaded into.
Manual
99a
38
July 17, 2001
To
Example
Load multiple modules

at once using an .NCF
file
PROTECT filename
The command creates a

protected space with the
same name as the .NCF
file and executes the
.NCF file to load all the
modules into the space.
1. Type
NCF_filename
in the Load NCF
File Protected
field.
want to view the
System Console
screen when the
module loads,
check the Display
System Console
for NCF
Execution check
box.
PROTECT LOAD_DB
Creates an address
space called LOAD_DB
and executes
LOAD_DB.NCF to load
modules into the
protected space.
3. Click the Load

NCF File
Protected button.

103-000147-001
August 30, 2001
Novell Confidential
39
Manual
99a
38
July 17, 2001
Unloading Protected Address Spaces

To unload a module from a protected space or to unload the space itself, use
the commands in the following table at the System Console prompt or in
NetWare Remote Manager on the Address Space Information page (access by
clicking Protected Memory link in the navigation frame).
Example
To
Unload a specified
UNLOAD ADDRESS
module from the
SPACE = space_name
specified address space module_name
1. Click the link for

the address
space name.
If the module is loaded

into more than one
address space, this
command removes the
module only from the
designated address
space.
2. Click the link for

name of the NLM
on the NetWare
Loadable
Modules
Information page.
3. Click the Unload
button on the
Information page
for that module.
Unload all modules from

the designated address
space and removes the
space
UNLOAD ADDRESS
Click the Unload button
SPACE = space_name in the Unload column of
the Address Space
Information table for the
address you want to
unload the modules
from.
Remove an address
space without unloading
the modules first
UNLOAD KILL
ADDRESS SPACE =
space_name
Use this command only

if you know the space
can't be unloaded with
the UNLOAD
ADDRESS SPACE
command.
40
Click the Remove button

in the Remove column of
the Address Space
Information table for the
address space you want
to remove.

103-000147-001
August 30, 2001
Novell Confidential
UNLOAD ADDRESS
SPACE =
ADDRESS_SPACE1
DATABASE.NLM
Unloads
DATABASE.NLM from
ADDRESS_SPACE1,
but does not remove the
address space unless it
is the last module
loaded.
UNLOAD ADDRESS
SPACE =
ADDRESS_SPACE1
Unloads all the modules
from
ADDRESS_SPACE1,
closes
ADDRESS_SPACE1,
and returns its
resources to the system.
UNLOAD KILL
ADDRESS
SPACE=ADDRESS_SPA
CE1
Removes
ADDRESS_SPACE1
without unloading
modules and returns its
resources to the system.
Manual
99a
38
July 17, 2001
If a module hangs while it is being unloaded with the UNLOAD ADDRESS

SPACE command, the system waits a specified time and then displays the
following error message:
Module_name in address_space did not unload yet.
Killing the address space is the only way to remove
the NLM. Should the address space be killed? Yes/No.
If you answer Yes, the system shuts down the address space without unloading
modules from it. If you answer No, the system waits a specified time and
displays the message again.
You can designate the amount of time before the message appears by setting
the HUNG UNLOAD WAIT DELAY (Error Handling category) parameter.
The default is 30 seconds.
In some circumstances, the server might not completely clean-up an address
space that has faulted. This failure is caused by NLM programs that are not
written to allow external cancellation.
When NetWare cannot clean up an address space after it faults, it sends an alert
message to the server console. If you execute the PROTECTION command,
the address space will be listed as in the clean-up failure state.
Because you cannot unload an address space that is in the clean-up failure
state, you must shut down and restart the server to recover the remaining
resources from the address space.
Viewing Information about Address Spaces

You can see which modules are loaded in which address spaces.
1 Click the Protected Memory link in the navigation frame.
2 View the Address Space Information on the Address Space Information
page.
3 To view the modules that are loaded in a specific address space, click the
Address Space name link for the specific address.

103-000147-001
August 30, 2001
Novell Confidential
41
Manual
99a
38
July 17, 2001
At the System Console Prompt

1 To display a list of loaded modules with their address space names, enter :
MODULES
Each NLM name displayed is followed by the name of the address space
where the NLM resides, the full utility name, version number, date, and
other information. The module names are displayed in the order in which
they were loaded.
2 To display a list of all address spaces, enter
PROTECTION
Each address space name that is displayed is followed by a list of all

modules loaded into that space, with a short description of each module.
In MONITOR
To view additional statistics for address spaces, do the following:

1 From the Available Options menu, select Virtual Memory and then
Address Spaces.
2 Use the arrow keys to select an address space.
The information window displays data about the selected address

space.
To activate and expand the information window, press Tab.
To see a description of each field, press F1.
To exit the window, press Esc twice.
3 Select a specific address space and press Enter to see a list of all modules
loaded into the address space.
42
Use the arrow keys to select a module in the list.
The information window displays data about the selected module.
To activate and expand the information window, press Tab.
To see a description of each field, press F1.
To exit the window, press Esc twice.

103-000147-001
August 30, 2001
Novell Confidential
System Messages
Novell
NetWare 6
www.novell.com
6.0
SYSTEM MESSAGES
August 29, 2001

Novell Confidential
Manual
99a
June 14, 2001
37
Contents
System Messages
Understanding
Scope of Message Documentation.
Error Codes . . . . . . . . . . . .
Message Syntax . . . . . . . . . .
Other Resources for Help . . . . .
11
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
11
12
12
13
Abend: SERVER Messages
15
Authentication Messages for ConsoleOne
17
BOOTPART Messages
21
CAPTURE Messages
23
CLIB Messages
25
CNE2 Messages
27
CNE2000 Messages
29
CNE2_32 Messages
31
CNE3200 Messages
33
CNEAMD Messages
35
CNTR2000 Messages
37
CX Messages
39
DSDIAGNOSTICS Messages
45
DSI Messages
49
DSKSHARE Messages
77
DSREPAIR Messages
79
EDIT Messages
91
Contents
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
FILESYS - File System Messages
99a
37
June 14, 2001
95
FLAG Messages
167
FPSM Messages
179
FTP Server Messages
181
HDETECT Messages
185
ICMD Messages
193
IDEATA.HAM Messages
197
IDECD.CDM Messages
201
IDEHD.CDM Messages
203
INETCFG Messages
205
IPXS Messages
207
LANSUP-DOS Messages
211
LFS - Logical File System Messages
217
Lib0 Messages
223
LOCALSEL Messages
225
LOGIN Messages
227
LOGOUT Messages
253
MAP Messages
259
MONITOR Messages
273
NDPSM Messages
275
NE1000-NW Messages
301
NE2-NW Messages
305
NE2000-NW Messages
309
NE3200-NW Messages
315
NIT Messages
321
NLMLIB Messages
323
NLSLSP Messages
325
Novell Native File Access for UNIX Messages
331
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
37
June 14, 2001
NSS Messages
337
NWCONFIG Messages
343
NWPA Messages
445
NWSNUT Messages
447
NWTAPE Messages
455
Novell Certificate Server Messages
457
Policy Manager Messages
463
PSERVER Messages
475
RConsoleJ Messages
495
RCONAG6 Messages
497
RCONPRXY Messages
499
REQUESTR Messages
501
RIGHTS Messages
503
Runtime Libraries Messages
513
SBCON Messages
517
SERVER Messages
535
SMDR Messages
589
SMSDI Messages
609
SPXS Messages
627
STREAMS Messages
631
TEXTUTIL-utility_name
637
THREADS Messages
673
TIMESYNC Messages
685
TLI Messages
691
TRXNET-DOS Messages
697
TSA600 Messages
701
TSANDS Messages
733
TUI Messages
747
Contents
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
June 14, 2001
37
VREPAIR Messages
749
Shared Messages for LAN Drivers
757
Common Workstation Utilities Error Messages
775
Troubleshooting the Workstation
787
Resolving Workstation Memory Problems. . .

DOS and Window 3.x Workstations . . . .
Windows 95 Workstations . . . . . . . . .
Resolving Workstation Disk Space Problems .
Novell Trademarks
System Messages
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
787
787
788
788
789
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
System Messages
This is a collection of the messages generated by some of the component
modules contained in NetWare. Each message documented might contain an
explanation and one or more possible causes and/or actions for the message.
For information about messages and resources for additional help, see the
following topics.
Scope of Message Documentation on page 11
Error Codes on page 12
Message Syntax on page 12
Other Resources for Help on page 13
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
10
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
Understanding
For information about messages and resources for additional help, see the
following topics.
Scope of Message Documentation on page 11
Error Codes on page 12
Message Syntax on page 12
Other Resources for Help on page 13
Scope of Message Documentation

Novell is striving to write messages that are self-documenting, so they
provide the information you need to understand the status of the networking
system and the actions you need to take to resolve any problems or change the
status.
For this reason (and because of the sheer volume of messages generated by
NetWare), not all messages generated are contained in this documentation.
Additionally, due to the nature of networking systems, it is impossible to
predict all of the causes to the problems that your network is experiencing. We
have provided the following additional tips for finding solutions to the
problems indicated by the messages displayed on your networking system.
See Other Resources for Help on page 13.
Understanding
System Messages
103-000150-001
August 29, 2001
Novell Confidential
11
Manual
99a
38
July 17, 2001
Error Codes
Many messages include an error code that is generated by the software. A
listing of Novell error codes and their descriptions is found in the Error Codes
online documentation (http://www.novell.com/documentation/lg/nwec/docui/
index.htm).
Message Syntax
Most messages displayed at the console or in a DOS utility are strings of text
displayed with a unique identifying code. Usually, this code consists of the
The name of the module that displayed the message (for example, LOGIN
or SERVER)
A product version or platform
A message number
For example, a typical message for LOGIN would appear as follows:
LOGIN-5.10-100: Access has been denied.
Some variation occurs in the format of certain groups of messages. LAN

drivers, for example, include a platform designation instead of a version
number:
NE2000-DOS-001: The LSL is not loaded.
Messages that have this unique identifying code are listed in this
documentation by their source module in numerical order.
Messages that do not have a unique identifying code are listed alphabetically
in the source module after the messages that are listed numerically.
The module version is not included in this document because it is updated
each time a revision or a software patch is made to the module.
12
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Other Resources for Help

The following resources are also available to help resolve an error:
Context-sensitive help. If you are using a NetWare menu utility or
graphical utility, and you want more information about how to complete
a task, press F1 for help.
If you are unsure about how to use a command line utility, type the utility
name with the /? option at the command line. For example, to get help on
the RIGHTS utility, type the following command:
RIGHTS /?
Novell support Web site. You can access information regarding the
support offered by Novell and additional support resources and
information from Novell support Web site (http://support.novell.com/).
Many different support options are available at the Novell support Web
site. Two recommended sites are the Knowledgebase (http://
support.novell.com/search/kb_index.jsp) and the Forums (http://
support.novell.com/forums/). For additional support options, click About
Novell Support (http://support.novell.com/about_support.html).
You can also locate your support options by calling 1-800-858-4000 or
outside the US 801-861-4000.
Customer serviceYou can contact a Novell Authorized ResellerSM
representative for technical assistance.
Most Novell Authorized Resellers have Certified Novell EngineerSM
representatives on staff to assist users with their networking problems.
Hardware documentation Many network problems occur because of
malfunctioning hardware.
If you can isolate a problem to a certain computer component or cable
segment, check the manuals that came with the hardware involved.
Other Novell publications The AppNotesTM publications cover technical
aspects of NetWare-based system design, implementation, and
management. AppNotes is a collection of technical articles published
monthly. These publications are available online (http://
developer.novell.com/research/).
See the information for subscribing online (http://developer.novell.com/
research/howtoorder.htm) or call 1-800-377-4136 or 303-297-2725.
pcode ANWEB when ordering. Or send e-mail to
appnotes@hibbertco.com.
Understanding
System Messages
103-000150-001
August 29, 2001
Novell Confidential
13
Manual
99a
38
July 17, 2001
In addition, numerous networking periodicals give advice on configuring,

managing, and troubleshooting Novell networks.
Troubleshooting hardware and software Specialized hardware and
software packages, such as the NetWare LANalyzer AgentTM software or
NetWare Management AgentTM, are available to help you isolate network
problems.
14
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

The following messages include abend server messages.
Abend: SERVER-4.10-message_number message_string
Source:
Explanation:
SERVER.EXE
Abend (abnormal ending) messages are usually caused by consistency check
errors, but they can be caused by insufficient memory, DMA (direct memory
access) conflicts, hardware and software interrupts, or hardware problems.
If the following abend message appeared,
Abend: SERVER-4.10-2: Error returned by object mapping
routine.
The software module is Abend: SERVER, the version is 4.10, the message
number is 2, and the message string is Error returned by object mapping
routine.
Action:
For information on all abend messages, see Resolving Abends in the Server
Operating System Administration Guide.
SERVER-X-nnnn [nmID1001C]
WARNING! Server name experienced a critical error. The offending process was
suspended or recovered. However, services hosted by this server may have been
affected.
Source:
Explanation:
SERVER.EXE
The server console displays this alert if one or more server processes have
been suspended. It is common to see this alert after the server abends and the
auto abend recovery process has restarted the server. A number in angle
brackets appears after the server console prompt to indicate how many times
a thread or process has been restarted.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
15
Manual
Action:
16
99a
38
July 17, 2001
To troubleshoot server abends, see Resolving Abends in the Server Operating

System Administration Guide.
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

The following messages include authentication messages for ConsoleOne.
A naming exception was thrown
Source:
Explanation:
Possible Cause:
Action:
Java Naming and Directory Interface (JNDI)

The JNDI service provider used by the NDS Administration snap-in returned
a naming error.
The cause of the error is unknown to the NDS Administration snap-in.
Contact a Novell support provider.
Cancelling the Create Authentication Secret dialog...

Source:
Explanation:
Action:
eDirectory Administration Snap-in

This message is a warning that if you cancel the Create Authentication Secrets
dialog box, an obeject-key pair won't be created for the new user account, and
so the user won't be able to log in using the account. Each user account must
have an authentication secret, even if it's only a null (empty) password.
To continue for now without creating an authentication secret,
1. Click Yes in the message box.
The user account will be created, but without an object-key pair. No one
will be able to log in using the account until you complete Step 2.
2. When you are ready to set up a login password (object-key pair) for the
new user account, go to the Password Restrictions property page of the
User object, and then click Change Password.
Action:
To return and create an authentication secret now,

1. Click No in the message box.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
17
Manual
99a
38
July 17, 2001
The Create Authentication Secrets dialog box reappears.

2. Fill in the Create Authentication Secrets dialog box, and then click OK.
If you want, you can leave the Password field blank. This creates an
object-key pair with a null (empty) password. You can go back later and
change the password by clicking the Change Password button on the
Password Restrictions property page of the User object.
Create authentication secret failed
Source:
Explanation:

The system was unable to create the specified authentication secret.
Possible Cause:
You might have typed the username, context, tree, or password incorrectly in
the Create Authentication Secrets dialog box, or your network administrator
might have set up password restrictions that you are unaware of.
Action:
Retry the operation. Make sure you enter the correct information in the Create
Authentication Secrets dialog box. If the operation still doesn't work, contact
your network administrator.
Modify authentication secret failed

Source:
Explanation:

The system was unable to modify the specified authentication secret.
Possible Cause:
You might have typed the username, context, tree, old password, new
password, or password confirmation incorrectly in the Modify Authentication
Secrets dialog box, or your network administrator might have set up password
restrictions that you are unaware of.
Action:
Retry the operation. Make sure you enter the correct information in the
Modify Authentication Secrets dialog box. If the operation still doesn't work,
contact your network administrator.
Logout failed
Source:
Explanation:
Possible Cause:
18

The system was unable to complete the request to log out.
The servers in the specified tree might have gone down, or your connection to
a server in the tree might have been lost.
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
Action:
99a
38
July 17, 2001
If you are trying to log in to the same tree as a different user and your
connection was lost, restore your connection to a server in the tree and then
retry the operation.
If you are just trying to log out of a tree and your connection was lost, you
don't need to do anything, since you are already disconnected from the tree.
The system could not authenticate you to the tree...

Source:
Explanation:

eDirectory could not authenticate you based on the information submitted.
Possible Cause:
You might have typed the username, context, tree, or password incorrectly in
the Login dialog box, or your network administrator might have set up
password restrictions that you are unaware of.
Action:
Retry the operation. Make sure you enter the correct information in the Login
dialog box. If the operation still doesn't work, contact your network
administrator.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
19
Manual
20
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
BOOTPART Messages
The following messages include messages from the BOOTPART.NLM.
A bootable DOS partition was detected but it is too small. NetWare requires a 30 MB
boot (DOS) partition and recommends 50 MB.
Source:
BOOTPART.NLM
Action:
Using Novell's installation software, create a partition that is large enough, or

exit and create a partition.
No bootable partitions were found on the computer's hard disk. NetWare requires a
30 MB boot (DOS) partition and recommends 50 MB.
Source:
BOOTPART.NLM
Action:
Using Novell's installation software, create a partition that is large enough, or

exit and create a partition.
This machine either (1) has no DOS hard disk or (2) has one that has not had SETUP
run on it.
Source:
BOOTPART.NLM
Possible Cause:
The installation software has checked the BIOS but cannot discover a hard
disk.
Action:
Verify that the hard disk is installed, functional, and accessible from DOS.
We have checked your hard disk and it appears that a boot partition exists but the
drive doesn't have enough free disk space to install NetWare.
Source:
BOOTPART.NLM
Action:
Back up files you want to save. Delete the partition, and create a new partition.
BOOTPART Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
21
Manual
Action:
22
99a
38
July 17, 2001
Exit installation. Delete unnecessary files, and run the installation software
again.
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
CAPTURE Messages
The following messages include messages from the CAPTURE.EXE.
CAPTURE-X-163: This workstation does not have enough memory to run CAPTURE.
Source:
Possible Cause:
CAPTURE.EXE
This workstation does not have enough available memory. This utility requires
a minimum of from 235 KB to 275 KB of memory.
NOTE: Execution time increases if limited memory is available.
Action:
Increase the memory that is available to the workstation. See Resolving

Workstation Memory Problems on page 787.
CAPTURE-X-229: The job configuration contains a form that does not exist.
Source:
Possible Cause:
Action:
CAPTURE.EXE
The form specified in the print job configuration might have been deleted.
Modify the print job configuration to specify a form that exists. Or, specify the
form on the command line using the Form= command.
CAPTURE-X-906: The Unicode files cannot be found.

Source:
CAPTURE.EXE
Action:
See message 906: The Unicode files cannot be found. on page 776.
CAPTURE-X-917: This utility was unable to set the context.

Source:
CAPTURE.EXE
Action:
See message 917: This utility was unable to set the context. on page 778.
CAPTURE Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
23
Manual
99a
38
July 17, 2001
CAPTURE-X-918: This utility is trying to access an invalid context.

Source:
Explanation:
Action:
CAPTURE.EXE
This error occurs while performing CAPTURE S=server J=job.
Omit S=server or J=job from the command line.
CAPTURE-X-921: Either the supervisor has locked the bindery or volume SYS: is not
mounted on server name.
Source:
CAPTURE.EXE
Action:
See message 921: Either the supervisor has locked the bindery or volume
SYS: is not mounted. on page 779.
CAPTURE-X-922: Intruder detection lockout has disabled this account.

Source:
CAPTURE.EXE
Action:
See message 922: Intruder detection lockout has disabled this account. on
page 780.
CAPTURE-X-923: An unexpected error has occurred. code
24
Source:
CAPTURE.EXE
Action:
See message 923: An unexpected error has occurred. Error code: code. on
page 780.
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
CLIB Messages
The following messages include messages from the CLIB.NLM.
CLIB-X-001: Assertion failed: assertion, file name, line number. The NLM's author has
requested that this notification be generated based on a specific condition.
Source:
Explanation:
Action:
CLIB.NLM
This is an internal program error.
Use a different version of this NLMTM program. To obtain a different version,
contact the vendor of this NLM program, or contact a Novell support
provider.
CLIB-X-003: Unowned FILE buffer deallocated for file name.

Source:
Possible Cause:
Action:
CLIB.NLM
An NLM has corrupted a file structure.
Use a different version of this NLM program. To get a different version,
contact the vendor of this NLM program.
CLIB-X-004: Unable to initialize new thread group. There may not be enough server
memory, or server memory may be corrupted.
Source:
Possible Cause:
Action:
CLIB.NLM
CLIB was unable to allocate memory for the thread group.
Increase the memory available to the server. See Freeing Server Memory
Temporarily in the NetWare server online documentation.
CLIB Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
25
Manual
99a
38
July 17, 2001
CLIB-X-005: Unable to open standard consoles for new thread group. There may not
be enough server memory, or server memory may be corrupted.
Source:
Possible Cause:
Action:
CLIB.NLM
An error occurred that was not expected by the programmer.
CLIB-X-006: Unable to initialize new thread. There may not be enough server memory,
or server memory may be corrupted.
Source:
Possible Cause:
Action:
26
CLIB.NLM
CLIB was unable to allocate memory for the thread.
Increase memory available to the server. See Freeing Server Memory
Temporarily in the NetWare server online documentation.
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
CNE2 Messages
The following messages include messages from the CNE2.LAN.
A transmit timed out. The cable might be disconnected from the board.
Source:
CNE2.LAN
Action:
See message A transmit timed out. The cable might be disconnected from the
board. on page 770/
The board cannot be found.

Source:
CNE2.LAN
Action:
See message The board cannot be found. on page 770/
The board did not respond to the initialization command.

Source:
CNE2.LAN
Action:
See message The board did not respond to the initialization command. on
page 771.
The board's DMA did not complete.

Source:
CNE2.LAN
Action:
See message The board's DMA did not complete. on page 771.
The board's memory failed the memory test.

Source:
CNE2.LAN
Action:
See message The board's memory failed the memory test. on page 772.
CNE2 Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
27
Manual
99a
38
July 17, 2001
The driver was unable to schedule periodic AES callbacks.
28
Source:
CNE2.LAN
Action:
See message The driver was unable to schedule periodic AES callbacks. on
page 773.
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
CNE2000 Messages
Source:
CNE2000.LAN
Action:
board. on page 770.

Source:
CNE2000.LAN
Action:
See message The board cannot be found. on page 770.

Source:
CNE2000.LAN
Action:
page 771.
The board must be placed in a 16-bit slot.

Source:
CNE2000.LAN
Action:
See message The board must be placed in a 16-bit slot. on page 771.
The board's DMA did not complete.

Source:
CNE2000.LAN
Action:
See message The board's DMA did not complete. on page 771.
CNE2000 Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
29
Manual
99a
38
July 17, 2001

Source:
CNE2000.LAN
Action:
The driver was unable to schedule periodic AES callbacks.
30
Source:
CNE2000.LAN
Action:
See message The driver was unable to schedule periodic AES callbacks. on
page 773.
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
CNE2_32 Messages
The following messages include messages from the CNE2_32.LAN.
Source:
CNE2_32.NLM
Action:
board. on page 770.

Source:
CNE2_32.NLM
Action:
CNE2_32 Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
31
Manual
32
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
July 17, 2001
38
CNE3200 Messages
Source:
CNE3200.LAN
Action:
The board has failed.

Source:
CNE3200.LAN
Action:
See message The board has failed. on page 771.

Source:
CNE3200.LAN
Action:
No interrupt was selected. The board must be reconfigured.

Source:
CNE3200.LAN
Action:
See message No interrupt was selected. The board must be reconfigured. on

page 770.
CNE3200 Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
33
Manual
34
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
CNEAMD Messages
The following messages include messages from the CNEAMD.LAN.
Source:
CNEAMD.NLM
Action:
page 771
The board has a bad CheckSum of the ROM.

Source:
CNEAMD.NLM
Action:
See message 241: The board's ROM has checksum errors. on page 769
The board's IRQ cannot be found.

Source:
CNEAMD.NLM
Action:
See message The board's IRQ cannot be found. on page 772
The board's PORT can not be found.

Source:
CNEAMD.NLM
Action:
See message The board's PORT cannot be found. on page 772
The cable might be disconnected on the board.

Source:
CNEAMD.NLM
Action:
See message The cable might be disconnected on the board. on page 772
CNEAMD Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
35
Manual
99a
38
Unable to allocate memory.
36
Source:
CNEAMD.NLM
Action:
See message Unable to allocate memory. on page 773
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
July 17, 2001
Manual
99a
38
July 17, 2001
CNTR2000 Messages
The following messages include messages from the CNTR2000.LAN.
201: DIR.OPEN.ADAPTER error code = error_bit_number.
Source:
CNTR2000.LAN
Action:
See message 201: DIR.OPEN.ADAPTER error code = error_bit_number.

on page 767
233: The adapter detected a duplicate station during the insertion process.
Source:
CNTR2000.LAN
Action:
See message 233: The adapter detected a duplicate station during the
insertion process. on page 768
235: The adapter cable was disconnected during the insertion process.
Source:
CNTR2000.LAN
Action:
See message 235: The adapter cable was disconnected during the insertion
process. on page 768
236: The ring was beaconing during the insertion process.

Source:
CNTR2000.LAN
Action:
See message 236: The ring was beaconing during the insertion process. on
page 768
237: The adapter is beaconing.

Source:
CNTR2000.LAN
Action:
See message 237: The adapter is beaconing. on page 769

CNTR2000 Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
37
Manual
99a
38
July 17, 2001
239: The cable is disconnected at the board.

Source:
CNTR2000.LAN
Action:
See message 239: The cable is disconnected at the board. on page 769
240: Cable is disconnected at the MAU.

Source:
CNTR2000.LAN
Action:
See message 240: Cable is disconnected at the MAU. on page 769
241: The Auto Removal process reset the adapter.

Source:
CNTR2000.LAN
Action:
See message 241: The Auto Removal process reset the adapter. on page 769
242: The Remove MAC Frame process shut down the adapter.
Source:
CNTR2000.LAN
Action:
See message 242: The Remove MAC Frame process shut down the adapter.
on page 770
An interrupt failed to occur during initialization.
38
Source:
CNTR2000.LAN
Action:
See message An interrupt failed to occur during initialization. on page 770
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
CX Messages
The following messages include messages from the CX.EXE.
CX-X-120: Control characters are not allowed in the command line.
Source:
Explanation:
Action:
CX.EXE
Control character input is not allowed as a CX parameter. The key stroke
sequences <Ctrl>+<C> and <Ctrl>+<Break> will abort the CX command.
Retry the command without using control characters in parameters.
CX-X-215: The context you are trying to change to is invalid. Your current context will
be left unchanged.
Source:
Explanation:
Action:
CX.EXE
After getting a context handle, CX encountered an error when it tried to set the
desired context. CX has terminated.
Make sure that you are using a valid context; then try again.
CX-X-220: An error occurred during CX's attempt to create the context.

Source:
Explanation:
CX.EXE
CX could not create a context handle. CX has terminated.
Possible Cause:
The library call NWCreateContext () failed because of insufficient memory at

the server.
Action:
Temporarily in Server Operating System Administration Guide, then try again.
If the problem persists, contact a Novell support provider.
CX Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
39
Manual
99a
38
July 17, 2001
CX-X-230: An error occurred during CX's attempt to get the object name.
Source:
Explanation:
Action:
CX.EXE
CX could not get general information about a directory object. CX has
terminated.
Try again. Make sure to specify a valid object. If the problem persists, contact
a Novell support provider.
CX-X-240: The context you want to change to does not exist. You tried to change to:
name. Your context will be left unchanged as: name.
Source:
Explanation:
Action:
CX.EXE
The context that was specified must exist in the eDirectoryTM database before
a user can use it. The context did not exist, so CX has terminated.
Make sure to specify a valid context.
CX-X-242: The specified context does not exist.

Source:
Explanation:
Action:
CX.EXE
The context that was specified must exist in the eDirectory database before a
user can use it. The context did not exist, so CX has terminated.
Make sure to specify a valid context.
CX-X-244: The current context is invalid: context name.

Source:
Explanation:
Possible Cause:
CX.EXE
eDirectory allows the user to set a default context in the NET.CFG file
(NAME CONTEXT=).
The context specified during login did not match the context specified in
NET.CFG.
Action:
Specify a valid context by typing CX /R, or by typing CX... with the number
of periods needed to remove all containers in the current context.
Possible Cause:
The context was once valid, but it has since been removed from the Directory
tree.
Action:
Determine whether the context is still in the Directory tree and if it is valid by
typing CX /T at the DOS prompt.
For example, if CX showed the user's context to be ou=test.o=abc, then you
would type CX..., which removes all containers and leaves you at the root.
40
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
CX-X-246: An error occurred in CX's attempt to list the subordinate objects. Error
code: code.
Source:
CX.EXE
Action:
Try the operation again. Also, make sure that no associated problems have
occurred such as the network going down, a connection being lost, or previous
errors having occurred and been ignored. If the problem persists, contact a
Novell support provider. For information about a specific error code, search
the Error Codes online documentation (http://www.novell.com/
documentation/lg/nwec/docui/index.htm).
CX-X-260: An internal system error occurred during CX's attempt to canonicalize the
context: (context name).
Source:
CX.EXE
Possible Cause:
CX attempted to change the context of a given object, but it was unable to find
the object in the given context, or it was unable to create the path in the
Directory tree.
Possible Cause:
This error can also occur if an error has occurred in the program. CX has
terminated.
Action:
Try again. If the problem persists, contact a Novell support provider.
CX-X-300: An error occurred during CX's attempt to get the VLM shell context.
Source:
Explanation:
Action:
CX.EXE
The VLM shell contains the workstation's default context designation. CX
could not get this context and has terminated.
Make sure the user has a valid context designated in the NET.CFG file at the
workstation.
CX-X-810: This utility cannot allocate sufficient memory for the Directory Services
buffer.
Source:
CX.EXE
Action:
Temporarily in the Server Operating System Administration Guide.
CX Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
41
Manual
99a
38
July 17, 2001
CX-X-826: The VLMs are not loaded.

Source:
CX.EXE
Explanation:
The user tried to run CX from a client workstation using a NetWare shell file
(for example NETX.EXE). CX requires the client workstation to be using
VLMs.
Action:
Unload the NetWare shell file from the workstation and run VLM.EXE. Then
retry CX.
CX-X-900: An internal application error has occurred. Error code: code

Source:
CX.EXE
Action:
Resolve the error, then try the task again. For information about a specific
error code, search the the Error Codes online documentation (http://
www.novell.com/documentation/lg/nwec/docui/index.htm).
CX-X-903: The command line syntax is invalid.

Source:
CX.EXE
Action:
See message 903: The command line syntax is invalid. on page 775
CX-X-906: The Unicode files cannot be found.

Source:
CX.EXE
Action:
See message 906: The Unicode files cannot be found. on page 776
CX-X-917: This utility was unable to set the context.

Source:
CX.EXE
Action:
See message 917: This utility was unable to set the context. on page 778
CX-X-920: This utility was unable to allocate number bytes of memory.
42
Source:
CX.EXE
Action:
See message 920: This utility was unable to allocate number bytes of
memory. on page 779
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
CX-X-970: The attempt to open the Unicode table files failed.

Source:
CX.EXE
Action:
See message 970: The attempt to open the Unicode table files failed. on
page 781
CX-X-971: The workstation does not have enough memory to load the Unicode table
files.
Source:
CX.EXE
Action:
See message 971: The workstation does not have enough memory to load the
Unicode table files. on page 781
CX-X-972: Access to the Unicode table files was denied.

Source:
CX.EXE
Action:
See message 972: Access to the Unicode table files was denied. on page 781
CX-X-973: The Unicode table files cannot be found in the NLS directory or in the
search path. Code page: number Country: number
Source:
CX.EXE
Action:
See message 973: The Unicode table files cannot be found in the NLS
directory or in the search path. Code page: number Country: number . on
page 782
CX-X-974: The Unicode table files are corrupt.

Source:
CX.EXE
Action:
See message 974: The Unicode table files are corrupt. on page 783
CX-X-975: The Unicode table files cannot be opened because there are already too
many open files. Close some files or modify your CONFIG.SYS file.
Source:
CX.EXE
Action:
See message 975: The Unicode table files cannot be opened because there are
already too many open files. Close some files or modify your CONFIG.SYS
file. on page 783
CX Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
43
Manual
99a
38
July 17, 2001
CX-X-998: The message file found (utility_name.MSG) is an incorrect version. The

correct version is number. See your network supervisor for assistance.
Source:
CX.EXE
Action:
See message 998: The message file found (utility_name.MSG) is an incorrect

version. The correct version is number. See your network supervisor for
assistance. on page 783
CX-X-999: The message file for this utility cannot be found.
44
Source:
CX.EXE
Action:
See message 999: The message file for this utility cannot be found. on page
784
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The following messages include messages from the DSDIAG.NLM.
DSDiag-x-001: Process data not found. Exiting process.
Source:
Explanation:
Possible Cause:
Action:
DSDIAG.NLM
The report process could not locate its data to initialize the report.
This is an unexpected error.
Unload DSDIAGNOSTICS and then reload it. If the error persists, contact a
Novell support provider.
DSDiag-x-002: Insufficient memory error.

Source:
Possible Cause:
DSDIAG.NLM
This server does not have enough memory to create a report.
Action:
Exit all of the reports that are running except for the current report. Let the
current report run to completion and try again.
Action:

DSDiag-x-003: Could not create initial context.

Source:
Explanation:
Action:
DSDIAG.NLM
An error occurred in the load process. This is an unexpected error.
Check for possible configuration errors and reboot. If this error occurs
repeatedly, contact a Novell support provider.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
45
Manual
99a
38
July 17, 2001
DSDiag-x-004: This NLM requires a newer version of NWSNUT.

Source:
Explanation:
Action:
DSDIAG.NLM
While loading, DSDIAG.NLM determined that the version of nwsnut.nlm
does not support the functionality required by DSDIAG.NLM.
Update the version of nwsnut.nlm on the server.
DSDiag-x-005: This NLM was unable to initialize NWSNUT.

Source:
Explanation:
Possible Cause:
Action:
DSDIAG.NLM
NWSNUT, the support NLM program, returned an error from the initialization
process.
An internal error occurred.
Try the operation again. If the error persists, contact a Novell support provider.
DSDiag-x-006: Unable to register for volume dismount event.

Source:
Explanation:
Action:
DSDIAG.NLM
An error occurred while DSDIAGNOSTICS was trying to register for
operating sytem resources.
Try running DSDIAGNOSTICS again, or reboot the server.
DSDiag-x-007: Unable to allocate memory for process stack.

Source:
Explanation:
Action:
DSDIAG.NLM
This server does not have enough available memory.
DSDiag-x-008: Unable to open screen.

Source:
Explanation:
Action:
46
DSDIAG.NLM
An error occurred while DSDIAGNOSTICS was trying to register for
operating system resources.
Try running DSDIAGNOSTICS again, or reboot the server.
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
DSDiag-x-009: Error writing to log file, log file closed.

Source:
Explanation:
Action:
DSDIAG.NLM
The volume the log file is writing to is unmounted or the removable media (for
example, floppy, CD, or cartridge) is unavailable.
Mount the volume or make sure the removable media is working properly.
DSDiag-x-010: Could not register with the Tool Manager.

Source:
Explanation:
Action:
DSDIAG.NLM
DSDIAGNOSTICS processes data and tracks resources used by each of the
reports and should always be available. This is an unexpected error.
Exit the report, unload DSDIAGNOSTICS and then reload it.
DSDiag-x-011: Maximum NWSNUT portals reached.

Source:
Explanation:
Action:
DSDIAG.NLM
The maximum number of NWSNUT portals is set by the NUT NLMTM and is
version dependent. In this case, that maximum has been reached.
Unload DSDIAGNOTICS reboot the server, and then reload
DSDIAGNOSTICS.
DSDiag-x-012: Unknown command line switch.

Source:
Explanation:
Action:
DSDIAG.NLM
An unknown command line switch was used.
Use only supported switches. For a list of supported switches enter, /?.
DSDiag-x-013: USAGE: No switches.

Source:
Explanation:
Action:
DSDIAG.NLM
No switches are supported in this version of DSDIAGNOSTICS.
Do not use command line switches in this version displayed in the message.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
47
Manual
48
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
DSI Messages
This module contains some messages that are not numbered. These message
are listed alphabetically after the numbered messages.
DSI-X-1: An internal error has occurred. DSI cannot load the message file.
Source:
Explanation:
Action:
DSI.NLM
The DSI.NLM program was unable to load the DSI.MSG message file .
Make sure that the server language is set to 4 (English) for the built-in
messages, or to a different number to correspond to both of the following:
The DSI.MSG file if one is in the boot directory (where SERVER.EXE is
found).
The corresponding SYS:SYSTEM\NLS\X directory on the server.
DSI-X-2: Insufficient memory is available to get a memory resource tag.

Source:
DSI.NLM
Possible Cause:
Insufficient memory at the server would not allow the installation to run.
Action:
Increase the available memory at the server. See Freeing Server Memory
Temporarily in theServer Operating System Administration Guide.
DSI-X-3: An internal error has occurred. DSI cannot insert a predefined entry. Error
description: description.
Source:
DSI.NLM
Action:
Try the operation again. If the problem persists, contact a Novell support
provider.
DSI Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
49
Manual
99a
38
July 17, 2001
DSI-X-4: An internal error has occurred. Predefined entry IDs are out of alignment.
Source:
DSI.NLM
Action:
provider.
DSI-X-5: An initialization internal table failure has occurred.

Source:
Possible Cause:
Action:
DSI.NLM
An internal system error has occurred.
provider.
DSI-X-6: An internal error has occurred. DSI cannot insert a Schema entry. Error
Source:
Possible Cause:
Action:
DSI.NLM
provider.
DSI-X-7: An internal error has occurred. DSI cannot insert a property value. Error
Source:
Possible Cause:
Action:
DSI.NLM
provider.
DSI-X-8: An internal error has occurred. Predefined property IDs are out of alignment.
Source:
Possible Cause:
Action:
50
DSI.NLM
provider.
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
DSI-X-9: An internal error has occurred. The class definition is too large.
Source:
Possible Cause:
Action:
DSI.NLM
provider.
DSI-X-10: An internal error has occurred. DSI cannot insert a class entry. Error
Source:
Possible Cause:
Action:
DSI.NLM
provider.
DSI-X-11: An internal error has occurred. DSI cannot insert a class value. Error
Source:
Possible Cause:
Action:
DSI.NLM
provider.
DSI-X-12: An internal error has occurred. Predefined class IDs are out of alignment.
Source:
Possible Cause:
Action:
DSI.NLM
provider.
DSI-X-14: An internal error has occurred. DSI cannot insert predefined partitions.
Error description: description.
Source:
Possible Cause:
Action:
DSI.NLM
provider.
DSI Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
51
Manual
99a
38
July 17, 2001
DSI-X-15: An internal error has occurred. DSI cannot get time stamps. Error
Source:
Possible Cause:
Action:
DSI.NLM
provider.
DSI-X-16: The Directory Services context could not create DDSCONTEXT. Error
Source:
Possible Cause:
Action:
DSI.NLM
Insufficient memory at the server would not allow INSTALL to run.
DSI-X-17: Insufficient memory is available to allocate a buffer. Error description:

description.
Source:
Possible Cause:
Action:
DSI.NLM
DSI-X-18: An internal error has occurred. This version of DSI does not match the
version of Directory Services you are using. DSI version: number. Directory Services
version: number.
Source:
Possible Cause:
Action:
DSI.NLM
provider.
DSI-X-19: DSI cannot create the Directory database. Error description: description.
Source:
52
DSI.NLM
Possible Cause:
The volume SYS: might not be mounted.
Possible Cause:
The volume SYS: might be corrupted.
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
Possible Cause:
Action:
99a
38
July 17, 2001
The volume SYS: might be out of disk space.

See Resolving File I/O Errors in the Traditional File Services Administration
Guide.
DSI-X-20: The Directory database cannot be opened. Error description: description.

Source:
DSI.NLM
Possible Cause:
The volume SYS: might not be mounted,
Possible Cause:
Action:
Guide..
DSI-X-21: An internal error has occurred. DSI cannot translate a Unicode string to
local. You may have a problem with the Unicode translation files. Error description:
description.
Source:
Possible Cause:
Action:
DSI.NLM
provider.
DSI-X-23: DSI cannot resolve to the master replica of the partition containing context
name. (Error description: description. Make certain that the server containing the
master replica of that context is up and on the network before retrying the installation.
Source:
DSI.NLM
Possible Cause:
The server containing the master replica of the context might not be visible to
this server, or it might be down. The server containing the master replica is
typically the one on which the context was initially created.
Action:
Make sure that the server containing the master replica is running, connected
to the network, and visible from workstations. Also, make sure the server you
are installing has the proper LAN drivers loaded and is bound to the right
network addresses, with the proper frame types.
DSI Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
53
Manual
99a
38
July 17, 2001
DSI-X-24: An internal error has occurred. DSI cannot generate key pair for name. Error
Source:
Possible Cause:
Action:
DSI.NLM
provider.
DSI-X-25: An internal error occurred while DSI was loading system Directory objects.
Source:
Possible Cause:
Action:
DSI.NLM
provider.
DSI-X-26: DSI cannot open the Directory database. Error description: description.
Source:
DSI.NLM
Possible Cause:
The volume SYS: might not be mounted.
Possible Cause:
Action:
Guide.
DSI-X-27: DSI cannot create external reference to server. Error description:

description.
Source:
Possible Cause:
Action:
DSI.NLM
The DSI NLM program probably lost its connection with the server that
contains the master replica of the container context.
Make sure that the server containing the master replica is on the network. Try
reinstalling a couple of more times. If the problem persists, contact a Novell
support provider.
DSI-X-28: An internal error has occurred. DSI was unable to add pseudo server
values. Error description: description.
Source:
Possible Cause:
Action:
54
DSI.NLM
Memory at the server might be insufficient.
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
Possible Cause:
Action:
Possible Cause:
Action:
99a
38
July 17, 2001
Disk space at the server might be insufficient.

Guide.
DSI-X-29: The local Directory Services agent cannot be opened. Error description:
description.
Source:
Explanation:
Possible Cause:
Action:
Possible Cause:
Action:
Possible Cause:
Action:
DSI.NLM
The Novell Directory Services database could not be opened and initialized
properly.
A database corruption has occurred.
Guide.
Traffic on the network might be excessive.
Check the external network traffic between this server and other servers in the
same Directory tree, minimize traffic as much as possible, then retry the
installation.
DSI-X-30: DSI cannot resolve to the master replica of the partition containing context
context. Error description: description.
Source:
Possible Cause:
Action:
Possible Cause:
Action:
DSI.NLM
The server containing the master replica of the partition that contains the
specified context might not be running.
Find out which server contains the master replica of the container's partition.
Typically, this will be the first server on which this container was specified
during installation. Make sure that the server is running and that it is visible
from workstations on the network; then retry the installation
A network connection could not be established to that server.
Establish a connection with the desired server, then retry the installation.
DSI Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
55
Manual
99a
38
July 17, 2001
DSI-X-31: An attempt to place a replica of the partition on this server failed. The
partition that failed is the one that holds this server's container object. Error
Source:
Possible Cause:
Action:
Possible Cause:
Action:
DSI.NLM
Traffic on the network might excessive.
Minimize external network traffic between this server and other servers in the
same Directory tree as much as possible; then retry the installation.
DSI-X-32: An internal error has occurred. DSI cannot add a partition replica. Error
Source:
Possible Cause:
Action:
DSI.NLM
provider.
DSI-X-33: An internal error has occurred. DSI cannot create an internal Directory
context structure. Error description: description.
Source:
Possible Cause:
Action:
DSI.NLM
provider.
DSI-X-34: An attempt to place the master replica of the new partition on this server
failed (Error description: description). The master replica of the new partition is
located on server name, and a read/write replica exists on this server. You can change
the type of the replica on this server to a master replica later by using the Partition
Manager (PARTMGR) utility. The installation should continue normally.
Source:
Explanation:
56
DSI.NLM
A new partition was created on the server containing the most recent parent of
the new context. The new context was created in the new partition; then an
attempt was made to migrate that partition so that it would become a local
partition (on the new server being installed). The attempt to change the local
partition to the master replica and delete the (remote) secondary replica failed.
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
Possible Cause:
Action:
99a
38
July 17, 2001

Continue with the installation. After it is completed, change the read/write
replica to a master replica. You can then delete the replica on the server
identified in the error message. However, this is not absolutely necessary.
DSI-X-35: An NLM version mismatch has occurred. DSI version: number. Directory
Services version: number.
Source:
DSI.NLM
Possible Cause:
The DSI.NLM and DS.NLM have different database versions that don't work
together properly.
Action:
Make sure that the INSTALL.NLM, DS.NLM, DSI.NLM, and SERVER.EXE

are all from the same software release.
DSI-X-37: DSI cannot find a NetWare 4.x server.

Source:
Explanation:
Possible Cause:
Action:
Possible Cause:
Action:
DSI.NLM
The installation program was unable to find the root server.
Traffic on the network traffic might be excessive.
same Directory tree as much as possible; then retry the installation. If the
problem persists, contact a Novell support provider.
The server containing the context into which this server is being installed
suddenly went down.
Make sure the server containing the context is running and retry the
installation.
DSI-X-39: A call to DSAgentOpenLocal failed. Error description: description.

Source:
Explanation:
Possible Cause:
Action:
Possible Cause:
Action:
DSI.NLM
Novell Directory Services was unable to open the local Directory agent
(database handler).
Disk space on the server might be insufficient.
Guide.
same Directory tree as much as possible; then retry the installation.
DSI Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
57
Manual
Possible Cause:
Action:
99a
38
July 17, 2001
An internal error might have occurred.

DSI-X-40: An internal error has occurred. DSI cannot set the bindery context. Error
Source:
Possible Cause:
Action:
DSI.NLM
provider.
DSI-X-41: DSI cannot modify the existing NCP server object. Error description:
description.
Source:
Possible Cause:
Action:
DSI.NLM
provider.
DSI-X-42: DSI cannot delete the existing NCP server object. Error description:
description.
Source:
DSI.NLM
Explanation:
An NCP server object that had the same name as the server being installed was
found in this context. To complete the installation, that object must be deleted
and re-created. An initial attempt at deleting the object was unsuccessful.
Possible Cause:
The object corresponding to the administrator that you logged in as does not
have Delete rights in the current context.
Action:
Make sure you have the Supervisor right in the current context (or to the
nearest parent to the context) where you are installing. If this is not the case,
give yourself Supervisor rights in the context and retry the installation. If the
DSI-X-43: DSI cannot create the NCP server object. Error description: description.
Source:
Explanation:
58
DSI.NLM
An attempt to create the NCP server object in the context specified for this
server was unsuccessful.
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Possible Cause:
The object corresponding to the administrator that you logged in as does not
have Create rights in the context.
Action:
Make sure you have the Supervisor right in the context (or to the nearest parent
to the context) where you are installing. If this is not the case, give yourself
the Supervisor right in the context and retry the installation. If the problem
persists, contact a Novell support provider.
DSI-X-44: DSI's attempt to add a new partition timed out.

Source:
Explanation:
Possible Cause:
Action:
Possible Cause:
Action:
DSI.NLM
An attempt to create a new partition for the new context failed. The new
partition should have been created on the server containing the master
partition for the nearest existing parent context.
The server containing the master might have suddenly gone down.
Make sure that all servers above this one in the tree that contain master
partitions are operating.
same Directory tree as much as possible; then, retry the installation. If the
DSI-X-45: An internal error has occurred. DSI cannot get the volume ID; you are not
logged in to the Directory.
Source:
Possible Cause:
Action:
DSI.NLM
provider.
DSI-X-46: DSI cannot find the local server context. Error description: description.
Source:
Explanation:
Possible Cause:
Action:
Possible Cause:
Action:
DSI.NLM
An attempt to get information from the Directory database failed.
File I/O errors might have occurred.
Guide.
provider.
DSI Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
59
Manual
99a
38
July 17, 2001
DSI-X-47: An internal error has occurred. DSI cannot translate a local string to
Unicode. You may have a problem with the Unicode translation files. Error
Source:
Possible Cause:
Action:
DSI.NLM
provider.
DSI-X-48: An internal error has occurred. The object for volume name cannot be
created. Error description: description.
Source:
Possible Cause:
Action:
DSI.NLM
provider.
DSI-X-49: An internal error has occurred. DSI cannot determine the base class from
RDN. Error description: description.
Source:
Possible Cause:
Action:
DSI.NLM
provider.
DSI-X-50: DSI cannot create object name. Error description: description. Verify that
the context is entered correctly and follows proper containment rules.
Source:
Possible Cause:
Action:
DSI.NLM
provider.
DSI-X-51: An internal error has occurred. DSI cannot create the root partition. Error
Source:
Possible Cause:
Action:
60
DSI.NLM
provider.
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
DSI-X-52: DSI cannot create the Directory database. Error description: description.
Source:
DSI.NLM
Explanation:
An attempt to create the Directory database failed.
Explanation:
The server might have insufficient disk space.
Action:
Possible Cause:
Action:
Guide.
provider.
DSI-X-53: DSI cannot open the record manager. Error description: description.
Source:
Explanation:
Possible Cause:
Action:
Possible Cause:
Action:
DSI.NLM
An attempt to access the Directory database failed.
The Directory database might be locked by another process.
Unload all other NLM programs (such as DSREPAIR) that might be accessing
the database; then, retry the installation.
DSI-X-54: DSI cannot open the Directory database. Error description: description.
Source:
Explanation:
Possible Cause:
Action:
Possible Cause:
Action:
DSI.NLM
An attempt to access the Directory database failed.
The Directory database might be locked by another process.
Unload all other NLM programs (such as DSREPAIR) that might be accessing
the database; then, retry the installation.
DSI Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
61
Manual
99a
38
July 17, 2001
DSI-X-55: An internal error has occurred. The Directory Services bindery is not open,
and must be for the bindery to be upgraded.
Source:
Possible Cause:
Action:
DSI.NLM
provider.
DSI-X-56: Bindery upgrade information cannot be saved to file SWITCH.UPG.

Source:
Possible Cause:
Action:
DSI.NLM
A file I/O error occurred while the program was writing bindery upgrade
information to the SWITCH.UPG Directory file.
Guide.
DSI-X-57: DSI cannot read a previous bindery object. Error code: code.
Source:
Explanation:
DSI.NLM
An error occurred while the program was attempting to read the old bindery
files (SYS:\SYSTEM\NET$OBJ.SYS, SYS:\SYSTEM\NET$PROP.SYS,
SYS:\SYSTEM\ NET$VAL.SYS).
Possible Cause:
The bindery files might be corrupted.
Possible Cause:
The volume might be unreadable.
Action:
Guide. If the problem persists, contact a Novell support provider. For
information about a specific error code, search the Error Codes online
documentation (http://www.novell.com/documentation/lg/nwec/docui/
index.htm).
DSI-X-58: DSI cannot add a previous bindery object. Error code: code. Object: name.
Source:
Explanation:
62
DSI.NLM
An error occurred while the program was adding an old bindery object to the
Directory. This object will not be upgraded correctly even though the
installation might be completed and even though other objects might be
installed correctly. You might have to re-create the object manually later.
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
Action:
99a
38
July 17, 2001
Write down the name of the object that failed, along with the error code.
Complete the installation and re-create the object later. Also, contact a Novell
support provider. For information about a specific error code, search the Error
Codes online documentation (http://www.novell.com/documentation/lg/
nwec/docui/index.htm).
DSI-X-59: DSI cannot map a previous bindery name to a Directory ID. Error code:
code. Bindery object: name.
Source:
Possible Cause:
Action:
DSI.NLM
provider. For information about a specific error code, search the Error Codes
online documentation (http://www.novell.com/documentation/lg/nwec/
docui/index.htm).
DSI-X-62: DSI cannot add a previous bindery property. Error code: code. Object:
name. Property: name.
Source:
DSI.NLM
Explanation:
Action:
Write down the name of the object and property that failed, along with the
error code. Complete the installation, and re-create the object later. Also,
contact a Novell support provider. For information about a specific error code,
search the Error Codes online documentation (http://www.novell.com/
DSI-X-63: DSI cannot add a previous bindery group member. Error code: code.
Object: name. Property: name. Member: name.
Source:
DSI.NLM
Explanation:
Action:
Write down the name of the object, property, and member that failed along
with the error code. Complete the installation, and re-create the object later. If
DSI Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
63
Manual
99a
38
July 17, 2001
necessary, contact a Novell support provider. For information about a specific

error code, search the Error Codes online documentation (http://
DSI-X-64: DSI cannot write a previous bindery property. Error code: code. Object:
name. Property: name.
Source:
DSI.NLM
Explanation:
Action:
Write down the name of the object that failed along with the error code.
Complete the installation, and re-create the object later. Also, contact a Novell
support provider. For information about a specific error code, search the Error
DSI-X-66: DSI cannot get the Directory NCP server object ID. Error code: code. Object:
name.
Source:
Possible Cause:
Action:
DSI.NLM
docui/index.htm).
DSI-X-68: DSI cannot allocate sufficient memory.

Source:
Possible Cause:
Action:
64
DSI.NLM
Increase memory at the server. See Freeing Server Memory Temporarily in the
Server Operating System Administration Guide.
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
DSI-X-69: DSI cannot get Directory information for previous bindery object name.
Error code: code.
Source:
Possible Cause:
Action:
DSI.NLM
docui/index.htm).
DSI-X-74: DSI cannot read a previous bindery property. Error description:

description.
Source:
Explanation:
DSI.NLM
An error occurred while the program tried to read the old bindery files
(SYS:\SYSTEM\NET$OBJ.SYS, SYS:\SYSTEM\NET$PROP.SYS,
Possible Cause:
Possible Cause:
The volume SYS: might be unreadable.
Action:
Guide. If the problem persists, contact a Novell support provider.
DSI-X-75: DSI cannot read a previous bindery property. Error code: code. Object:
name.
Source:
Explanation:
DSI.NLM
An error occurred while the program attempted to read the old bindery files
Possible Cause:
Possible Cause:
Action:
index.htm).
DSI Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
65
Manual
99a
38
July 17, 2001
DSI-X-76: DSI cannot read a previous bindery value. Error code: code. Object: name.
Property: name.
Source:
Explanation:
DSI.NLM
An error occurred while the program tried to read the old bindery files
Possible Cause:
Possible Cause:
Action:
index.htm).
DSI-X-77: DSI cannot read a previous bindery object. Error code: code.
Source:
Explanation:
DSI.NLM
An error occurred while the program attempted to read the old bindery files
Possible Cause:
Possible Cause:
Action:
index.htm).
DSI-X-78: Bindery file SYS:SYSTEM\NET$OBJ.SYS is already open and was not

expected to be.
Source:
Explanation:
Possible Cause:
Action:
66
DSI.NLM
The file NET$OBJ.SYS is in an opened state when it should be closed.
Previous errors might have occurred.
Dismount volume SYS: and remount it. If the problem persists, contact a
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
DSI-X-79: Bindery file SYS:SYSTEM\NET$OBJ.SYS cannot be opened.

Source:
Explanation:
DSI.NLM
An error occurred while the program attempted to open the old bindery file
(SYS:SYSTEM\NET$OBJ.SYS).
Possible Cause:
The bindery file might not exist or is corrupted.
Possible Cause:
Action:
Guide. If the problem persists, contact a Novell support provider.
DSI-X-80: Directory file SWITCH.UPG cannot be opened.

Source:
Possible Cause:
Action:
DSI.NLM
The eDirectory file SWITCH.UPG might be corrupted or unreadable.
Guide..
DSI-X-81: Some old ID's in SWITCH.UPG do not match the bindery. You have probably
upgraded more than once. You must restore the original (first) SWITCH.UPG before
you can downgrade a volume. Even then, some of your trustees, etc. may be
irreversibly corrupted.
Source:
Possible Cause:
Action:
DSI.NLM
The eDirectory file SWITCH.UPG is out of date with the bindery.
Delete the file SWITCH.UPG. You will need to re-create trustees on the
volumes.
DSI-X-82: DSI cannot switch bindery IDs to Directory Services IDs for volume name.
Error code: code.
Source:
Possible Cause:
Action:
DSI.NLM
docui/index.htm).
DSI Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
67
Manual
99a
38
July 17, 2001
DSI-X-83: An attempt to upgrade volume name failed because users were logged in.
Remove all user connections and try the upgrade again.
Source:
Explanation:
Action:
DSI.NLM
A volume cannot be upgraded until all users have logged out of it.
Remove all connections. Retry the installation.
DSI-X-84: DSI cannot allocate sufficient memory for ID tables.

Source:
Possible Cause:
Action:
DSI.NLM
Sufficient memory was not available for INSTALL to run.
DSI-X-86: DSI cannot read the Directory default Supervisor object.

Source:
Possible Cause:
Action:
DSI.NLM
The Directory database might be corrupted or unreadable.
Guide.
DSI-X-87: DSI cannot write the Directory default Supervisor object.

Source:
Explanation:
Action:
DSI.NLM
The Directory database could not be written.
Guide.
DSI-X-88: DSI cannot add attribute NNS domain name to the server context. Error
code: code.
Source:
Possible Cause:
Action:
68
DSI.NLM
An internal eDirectory error has occurred.
docui/index.htm).
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
DSI-X-89: An attempt to remove an extraneous replica of the new Directory partition

replica failed. Error: description. This is not a fatal problem, however, the installation
should continue normally. A read/write replica of the partition will exist on server
name. You may delete this replica after the installation is complete using the Partition
Manager (PARTMGR) utility.
Source:
DSI.NLM
Action:
As stated in the message, you might want to delete the read/write replica after
the installation is complete using the Partition Manager or PARTMGR. For
index.htm).
DSI-X-90: DSI cannot resolve to the root of the Directory tree. Error description:
description. Make certain that a server containing the replica of the root partition is
up and connected to the network.
Source:
DSI.NLM
Explanation:
A replica of the root partition for the Directory tree you are trying to install is
not visible to this server, or internal errors have occurred.
Action:
Make sure a server containing a replica of the root partition is up. Resolve any
network problems that might be present. If this fails, contact a Novell support
provider.
DSI-X-91: DSI cannot resolve to the master partition containing the NCP Server
object. Error description: description. Make certain that this server is up and
connected to the network.
Source:
DSI.NLM
Explanation:
DSI cannot find the NCP Server object for this server in any master Directory
partition replica.
Possible Cause:
The server that contains the master partition (which contains the server object)
is not operating or is not visible on the network from this server.
Action:
Make sure a server containing the master replica of the partition containing the
server object is operating. Resolve any network problems that might be
present. If the problem persists, contact a Novell support provider.
DSI Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
69
Manual
99a
38
July 17, 2001
DSI-X-92: Directory Services API interface versions do not match

DSI internal interface version is: interface_version
DSI API interface version is: DS_access_version_expected
Directory Services API interface version is: DS_access_version
Source:
Explanation:
Action:
DSI.NLM
An incorrect version of one of the listed APIs exists.
Note the version for each API display, and contact a Novell support provider
to find out which version is required.
DSI-X-93: Could not gain access to Directory Services. Either DS.NLM is not loaded
or another NLM has already registered with DS. This could be one of DSI.NLM,
DSMERGE.NLM, or DSREPAIR.NLM.
Source:
DSI.NLM
Action:
Load the DS.NLM, and retry the operation.
DSI-X-94: An internal error has occurred. DSI unable to timestamp schema. Error
Source:
DSI.NLM
Explanation:
An internal system error has occurred at the operation noted in the message.
Action:
Note the error code displayed, search the Error Codes online documentation
(http://www.novell.com/documentation/lg/nwec/docui/index.htm), , and
follow the recommended suggestions. If the problem persists, contact a Novell
support provider.
DSI-X-95: An internal error has occurred. DSI unable to add server to internal list.
Source:
Explanation:
Action:
70
DSI.NLM
For information about a specific error code, search the Error Codes online
index.htm).Retry the operation. If the problem persists, contact a Novell
support provider.
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
DSI-X-96: An internal error has occurred. DSI unable to synchronize schema. Error
Source:
Explanation:
Action:
DSI.NLM
index.htm).Retry the operation. If the problem persists, contact a Novell
support provider.
DSI-X-97: An internal error has occurred. DSI unable to get partition root information.
Source:
DSI.NLM
Explanation:
Action:
Retry the operation. If the problem persists, contact a Novell support provider.
index.htm).
DSI-X-1001: An internal error has occurred. DSI cannot set the bindery services
context. Error description: description. Make certain that TTS is enabled before
retrying the installation.
Source:
DSI.NLM
Explanation:
TTS might be disabled because of insufficient disk space.
Action:
See Resolving Server Disk Space Problems in the Server Operating System
Administration Guide. If you are using a version of NDS previous to NDS 8,
make sure TTS is enabled, and retry the operation. For information about a
specific error code, search the Error Codes online documentation (http://
www.novell.com/documentation/lg/nwec/docui/index.htm).If error persists,
contact a Novell support provider.
DSI-X-1001: This server is not backlinked on server: name.

Source:
Explanation:
DSI.NLM
This server participates in replica operations with the server displayed in the
message.
DSI Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
71
Manual
99a
38
July 17, 2001
Possible Cause:
Novell Directory Services is being removed from the server.
Possible Cause:
Insufficient information exists on the server displayed in the message to

properly delete the server object.
Action:
Please try removing this server from the tree at a later time.
DSI-X-1002: The partition name is in a transitional state. The local server is

participating in a replica operation that involves this partition. Please try removing
this server from the tree at a later time.
Source:
Possible Cause:
Action:
DSI.NLM
Follow the action specified in the message. If the condition persists, contact a
DSI-X-1003: This server cannot communicate with server name. Please try removing
this server from the tree at a later time.
Source:
Possible Cause:
Action:
DSI.NLM
Try removing the server from the tree at a later time. If the condition persists,
DSI-X-1004: Could not change the replica type of the partition name on the server
name. Error description description.
Source:
Possible Cause:
Action:
DSI.NLM
Make sure the server is operating. Wait a few minutes; then retry the operation.
If the error persists, contact a Novell support provider. For information about
a specific error code, search the Error Codes online documentation (http://
DSI-X-1005: Could not delete one of the namebase files. Error description
description.
Source:
Possible Cause:
72
DSI.NLM
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
Action:
99a
38
July 17, 2001
index.htm).
DSI-X-1007: Error code beginning Directory operation.

Source:
DSI.NLM
Action:
index.htm).
DSI-X-1008: Could not change the replica type of the partition. Error description
description.
Source:
DSI.NLM
Explanation:
This condition might exist when Novell Directory Services is being removed
from the server.
Action:
index.htm).Make sure the server is operating. Wait a few minutes; then retry
the operation. If the problem persists, contact a Novell support provider.
Error description getting replica information for partition_name. Unable to make

necessary replica changes during the removal of Directory Services from this server.
Source:
Possible Cause:
Action:
DSI.NLM
(http://www.novell.com/documentation/lg/nwec/docui/index.htm), and
support provider.
Error allocating memory for server certificate.

Source:
Explanation:
Action:
DSI.NLM
The server is out of memory.
DSI Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
73
Manual
99a
38
July 17, 2001
Error create schema. Error description description

Source:
Explanation:
Action:
DSI.NLM
The message indicates the point in the installation process at which the error
occurred.
Note the error code displayed, For information about a specific error code,
documentation/lg/nwec/docui/index.htm), and follow the recommended
suggestions. If the problem persists, contact a Novell support provider.
Error getting server's public key. Error description description.

Source:
DSI.NLM
Explanation:
occurred.
Action:
support provider.
Error getting server's state. Error description description.

Source:
DSI.NLM
Explanation:
This message indicates the point in the installation process at which the error
occurred.
Action:
support provider.
Error upgrading the schema. Error description description.

Source:
74
DSI.NLM
Explanation:
occurred.
Action:
support provider.
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Unable to change the replica type of partition name on server name to master. Error
Description description.
Source:
DSI.NLM
Explanation:
occurred.
Action:
support provider.
Unable to create the NCP server object. Error description description.

Source:
DSI.NLM
Explanation:
occurred.
Action:
support provider.
Unable to get the replica type. Error description description

Source:
DSI.NLM
Explanation:
occurred.
Action:
support provider.
Unable to update the schema in this tree. The installation process will continue. Error
description description
Source:
DSI.NLM
Explanation:
The installation process was unable to upgrade the tree schema to NetWare
4.10 or a later version.
Action:
support provider.
DSI Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
75
Manual
76
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
July 17, 2001
38
DSKSHARE Messages
The following includes messages from the DSKSHARE.DSK.
DSKSHARE-X-005: An internal error has occurred. System data could not be added
to NetWare.
Source:
Explanation:
Possible Cause:
Action:
Possible Cause:
Action:
DSKSHARE.DSK
The program attempted to add the OS/2 adapter board to NetWare using the
function call AddDiskSystem; however, this call failed.
The server does not have enough memory available.
Load the driver again. If the problem persists, contact a Novell support
provider.
DSKSHARE-X-010: An internal error has occurred. The program could not allocate a
disk resource tag.
Source:
Explanation:
Possible Cause:
Action:
Possible Cause:
Action:
DSKSHARE.DSK
The program tried to allocate a disk resource tag, and the call failed.
An internal system error error has occurred.
provider.
DSKSHARE Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
77
Manual
99a
38
July 17, 2001
memory resource tag.
Source:
Explanation:
Possible Cause:
Action:
Possible Cause:
Action:
DSKSHARE.DSK
The program tried to allocate a memory resource tag, and the call failed.
provider.
polling resource tag.
Source:
Explanation:
Possible Cause:
Action:
Possible Cause:
Action:
DSKSHARE.DSK
The program tried to allocate a polling resource tag, and the call failed.
provider.
DSKSHARE-X-025: An internal error has occurred. The program could not get the
16:16 data selector.
Source:
Explanation:
Action:
DSKSHARE.DSK
The program could not set up a 16-bit data selector to the data group.
DSKSHARE-X-030: This device driver is already loaded.

Source:
Explanation:
Action:
78
DSKSHARE.DSK
DSKSHARE can only be loaded once. Because DSKSHARE understands all
OS/2 disk drives, you do not need to load it more than once.
No further action is required.
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
DSREPAIR Messages
The following includes messages from the DSREPAIR.NLM.
DSREPAIR-x-001: Unknown switch pointer.
Source:
Possible Cause:
Action:
DSREPAIR.NLM
An unknown command line switch was entered.
Try the task again using a valid switch.
DSREPAIR-x-002: USAGE: (L LogFileName) (U) unattended mode.

Source:
Possible Cause:
Action:
DSREPAIR.NLM
The user has entered the DSREPAIR command with incorrect syntax.
Try the command again with the indicated syntax. Note: L and U are
optional parameters.
DSREPAIR-x-003: Unable to allocate resource tag: name.

Source:
Possible Cause:
Action:
DSREPAIR.NLM
An error occurred while DSREPAIR was trying to register for the operating
system resources.
Try running DSREPAIR again, or reboot the server.
DSREPAIR-x-004: Unable to register for volume dismount event.

Source:
Possible Cause:
Action:
DSREPAIR.NLM
An error occurred while DSREPAIR was trying to register for OS resources.
DSREPAIR Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
79
Manual
99a
38
July 17, 2001
DSREPAIR-x-005: Unable to allocate memory for DSREPAIR process stack.

Source:
Possible Cause:
Action:
DSREPAIR.NLM
The server does not have enough available memory.
Increase the available memory to the server. See Freeing Server Memory
DSREPAIR-x-007: Unable to open DSREPAIR status screen.

Source:
Possible Cause:
Action:
DSREPAIR.NLM
An error occurred while DSREPAIR was trying to register for OS resources.
DSREPAIR-x-008: Directory Services is loading the local database.

Source:
Explanation:
Action:
DSREPAIR.NLM
When DSREPAIR exits and tries to reload the eDirectoryTM database, the
process might be delayed.
DSREPAIR-x-009: Directory Services remains locked, error code.

Source:
Explanation:
Action:
DSREPAIR.NLM
When DSREPAIR.NLM unloaded and tried to reload the eDirectory database,
the attempt to load the eDirectory failed.
Try running DSREPAIR again. If your attempt is not successful, reinstall
eDirectory on the server.
DSREPAIR-x-010: Process completed.

Source:
Explanation:
Action:
80
DSREPAIR.NLM
This informational message indicates that DSREPAIR has completed its
operation and is unloading from the server.
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
DSREPAIR-x-011: Stack overflow, frame size = hex number, ESP = hex number.
Source:
Possible Cause:
Action:
DSREPAIR.NLM
Try running DSREPAIR again, or reboot the server, then run DSREPAIR
again.
DSREPAIR-x-013: Could not open all of the Directory Services files.

Source:
Explanation:
Action:
DSREPAIR.NLM
Four Directory database files are stored in a secure area of the NetWare
server's volume SYS. These files were found, but DSREPAIR could not
access them.
Try rebuilding the volume using REBUILD (NSS Logical volume) or
VREPAIR (Traditional volume. If this does not solve the problem, reinstall
eDirectory and restore the objects to the Directory if necessary.
DSREPAIR-x-014: Could not establish basic access to record manager.

Source:
DSREPAIR.NLM
Explanation:
A request made to the record manager of the DS.NLM program to gain control
of the database failed.
Action:
Unload then reload eDirectory. If this does not work, reboot the server and try
again.
DSREPAIR-x-015: Could not establish full access to record manager.

Source:
DSREPAIR.NLM
Explanation:
A request made to the record manager of the DS.NLM program to gain control
of the database failed.
Action:
Unload then reload eDirectory. If this does not work, reboot the server and try
again.
DSREPAIR-x-016: Volume SYS is not mounted, cannot access Directory Services

files.
Source:
Explanation:
Action:
DSREPAIR.NLM
The volume SYS: must be mounted to use eDirectory because it contains the
eDirectory database files.
Make sure the volume SYS: is mounted.
DSREPAIR Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
81
Manual
99a
38
July 17, 2001
DSREPAIR-x-017: Cannot initialize directory path to Directory Services files.

Source:
Possible Cause:
Action:
DSREPAIR.NLM
DSREPAIR could not find the directory that contains the eDirectory database
files in volume SYS:.
Make sure volume SYS: is mounted, or run reinstall the server.
DSREPAIR-x-018: Could not rename file: old_filename.

Source:
Possible Cause:
DSREPAIR.NLM
A file of the same name might already exist.
Action:
Run DSREPAIR again.
Action:
If necessary, rebuild the volume using REBUILD (NSS Logical volume) or

VREPAIR (Traditional volume), and then running DSREPAIR again.
Action:
Then try unloading and reloading eDirectory.
Action:
If these actions do not work, reboot the server and try again.
Action:
Your final option is to reinstall the server. If the problem persists, contact a
DSREPAIR-x-019: Could not read from file: filename, offset: offset.

Source:
Explanation:
DSREPAIR.NLM
DSREPAIR could not read a record from the eDirectory database.
Action:

VREPAIR (Traditional volume) then running DSREPAIR again. Then try
unloading and reloading eDirectory.
Action:
Action:
A final option is to reinstall the server. If the problem persists, contact a Novell
support provider.
DSREPAIR-x-020: Could not read entry of name: local_name.

Source:
Explanation:
Action:
82
DSREPAIR.NLM
VREPAIR (Traditional volume and run DSREPAIR again. Then unload and
reload eDirectory.
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Action:
Action:
support provider.
DSREPAIR-x-021: Could not write to file: filename, offset offset

Source:
Explanation:
DSREPAIR.NLM
DSREPAIR could not write a record to the eDirectory database.
Possible Cause:
The volume might be full,
Possible Cause:
The database might be corrupted.
Action:

VREPAIR (Traditional volume then run DSREPAIR again. Then unload and
reload eDirectory.
Action:
Action:
support provider.
DSREPAIR-x-022: Could not insert record for file: filename, offset offset
Source:
Explanation:
DSREPAIR.NLM
Possible Cause:
The volume might be full.
Possible Cause:
Action:

VREPAIR (Traditional volume then running DSREPAIR again. Then try
Action:
Action:
support provider.
DSREPAIR-x-023: Could not read the file size for file: filename
Source:
Explanation:
Action:
DSREPAIR.NLM
DSREPAIR Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
83
Manual
99a
38
July 17, 2001
Action:
Action:
support provider.
DSREPAIR-x-024: Could not update whole value for file: filename, offset offset
Source:
Explanation:
DSREPAIR.NLM
Possible Cause:
The volume might be full
Possible Cause:
Action:

Action:
Action:
support provider.
DSREPAIR-x-025: Could not read whole value for file: filename, offset offset
Source:
Explanation:
DSREPAIR.NLM
Action:

Action:
Action:
support provider.
DSREPAIR-x-026: Could not purge record in file filename, offset offset

Source:
Explanation:
Possible Cause:
Action:
84
DSREPAIR.NLM
DSREPAIR could not purge a record from the eDirectory database.
The database could be corrupted.
VREPAIR (Traditional volume and running DSREPAIR again. Then try
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Action:
Action:
support provider.
DSREPAIR-x-027: Could not allocate number bytes of memory.

Source:
Explanation:
Action:
DSREPAIR.NLM
The server does not have enough available memory.
DSREPAIR-x-028: Error encountered in schema cache DS_NLM_error_number.

Source:
Explanation:
Action:
DSREPAIR.NLM
An internal error occurred in the DSREPAIR NLM program.
DSREPAIR-x-029: Could not insert record for file: filename

Source:
Explanation:
DSREPAIR.NLM
Possible Cause:
The volume could be full.
Possible Cause:
Action:

VREPAIR (Traditional volume, then try again. If the problem persists, contact
DSREPAIR-x-030: Error reading attribute attribute from entry entry.

Source:
Explanation:
Action:
DSREPAIR.NLM
DSREPAIR Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
85
Manual
99a
38
July 17, 2001
DSREPAIR-x-031: Could not truncate the file: filename

Source:
Explanation:
DSREPAIR.NLM
Possible Cause:
The volume could be full.
Possible Cause:
Action:

DSREPAIR-x-032: Internal API version mismatch, DSREPAIR is version number and

DS is version number.
Source:
Explanation:
Action:
DSREPAIR.NLM
The same release of DS and DSREPAIR is needed to run DSREPAIR.
Check the versions of each utility. To do this, do the following:
To check the version numbers of utilities and NDIR, type the VER.
To check the version of the DSREPAIR.NLM, type NDIR
DSREPAIR.NLM /VER.
To check the DS.NLM version, type MODULES at the server console.
Load a newer version of one or both files. If you are not sure about the current
version, contact a Novell support provider.
DSREPAIR-x-033: Could not create or open file: name.

Source:
Explanation:
Possible Cause:
Action:
Possible Cause:
Action:
86
DSREPAIR.NLM
DSREPAIR could not create and open a file.
VREPAIR (Traditional volume then running DSREPAIR again.
No more directory entries are available on the volume.
Use FILER to make sure you have available directory entries.
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
DSREPAIR-x-034: Could not write to file: filename at location address.

Source:
Explanation:
DSREPAIR.NLM
Possible Cause:
Possible Cause:
Action:

VREPAIR (Traditional volume then running DSREPAIR again. If the problem
DSREPAIR-x-035: Internal versions do not match: DSREPAIR.NLM = version, DS.NLM

= version, database files = number
Source:
Explanation:
Action:
DSREPAIR.NLM
The same internal version of DS.NLM and DSREPAIR.NLM and the
eDirectory database is needed to run DSREPAIR.
If the versions of the NLM programs do not match, load the correct versions
of the programs. If the database does not match, then use DSREPAIR.NLM to
upgrade it to the most current version. This is done automatically if the
DS.NLM and DSREPAIR.NLM programs are the same version and the
eDirectory database is one version earlier.
DSREPAIR-x-036: Could not gain access to Directory Services DS.NLM is not loaded.
Source:
Explanation:
Possible Cause:
Action:
DSREPAIR.NLM
The eDirectory database is not accessible.
The DS.NLM is not loaded.
Load the DS.NLM, and then try accessing the database again.
DSREPAIR-x-037: Directory Services API interface versions do not match

DSREPAIR internal interface version is version
DSREPAIR API interface version is: version
DSREPAIR Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
87
Manual
99a
38
July 17, 2001
Directory Services API interface version is: version

Source:
Explanation:
Action:
DSREPAIR.NLM
The version of DSREPAIR does not match with the version DS.NLM.
Get the correct version and try again.
Note: The version's displayed in the message might all have the same value
and still be the wrong version. These versions do not indicate the correct
version. To get the correct version, contact a Novell support provider.
DSREPAIR-x-039: Internal Error, number number.

Source:
Explanation:
Action:
DSREPAIR.NLM
An internal failure occurred in the NLM program.
Reboot the server and try again. If the problem persists, contact a Novell
support provider or the NLM program vendor.
DSREPAIR-x-040: Error writing to log file, log file closed.

Source:
Explanation:
Action:
DSREPAIR.NLM
An error occurred while DSREPAIR was writing to the log file target device,
or the device has no more room. The repair will continue without logging any
more errors to the log file.
DSREPAIR-x-041: This NLM requires a newer version of NWSNUT.

Source:
Explanation:
Action:
DSREPAIR.NLM
While loading, DSREPAIR.NLM determined that the version of the
NWSNUT.NLM does not support the functionally required by the
DSREPAIR.NLM.
Update the version of NWSNUT.NLM on the server.
DSREPAIR-x-042: This NLM was unable to initialize NWSNUT.

Source:
Explanation:
Possible Cause:
88
DSREPAIR.NLM
The support NLM program, NWSNUT, returned an error from the
initialization process.
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
Action:
Possible Cause:
Action:
99a
38
July 17, 2001
Try the operation again. If the error persists, contact a Novell support provider.
The server has insufficient memory.
Temporarily in the Server Operating System Administration Guide. Try the
operation again. If the server has at least 500 KB of free memory, contact a
DSREPAIR-x-043: Unable to create an NWSNUT portal.

Source:
Explanation:
Action:
DSREPAIR.NLM
The server might be out of memory.
Temporarily in the Server Operating System Administration Guide. Try the
operation again.
DSREPAIR-x-044: Could not read from file: name, offset number. Record will be
padded with 0's.
Source:
Explanation:
Action:
DSREPAIR.NLM
DSREPAIR could not read a record from the eDirectory database; however,
rather than aborting the repair, the record is filled with 0's and the repair
operation will continue.
DSREPAIR-x-045: Could not gain access to Directory Services. Another NLM has
already registered with DS. This could be one of DSI.NLM, DSMERGE.NLM or
DSREPAIR.NLM.
Source:
Explanation:
Action:
DSREPAIR.NLM
Only one of the three described NLM programs can be loaded at a time.
Check to see if one of these NLM programs are loaded and unload it. If that
does not resolve the problem, bring down the server and bring it back up. Then
retry the operation.
DSREPAIR Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
89
Manual
99a
38
July 17, 2001
DSREPAIR-x-046: The Schema Tree is corrupt, no repair strategy is available. Remove

the server from the Directory Services Tree and then re-install it.
Source:
Explanation:
Action:
DSREPAIR.NLM
The schema cannot be repaired, and the eDirectory database on this server
cannot operate without it.
Deinstall the server from the tree and reinstall it.
DSREPAIR-x-047: Could not locate one or more Directory Services files.
90
Source:
DSREPAIR.NLM
Action:
If database files are missing, you must deinstall the server from the tree, and
then reinstall the server.
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
EDIT Messages
The following includes messages from the EDIT.NLM.
EDIT-X-7: The file could not be written to disk.
Source:
Explanation:
Action:
EDIT.NLMTM
The EDIT.NLM program was unable to write the file to disk.
Make sure that the volume is mounted. If the problem persists, contact a
EDIT-X-8: The file could not be created.

Source:
Explanation:
Action:
EDIT.NLM
The EDIT.NLM program was unable to create the file.
Make sure that the volume is mounted. If the problem persists, contact a
EDIT-X-9: The file could not be read.

Source:
Explanation:
Action:
EDIT.NLM
EDIT.NLM was unable to read the file from disk.
Make sure that the volume is mounted and that the file exists in the specified
directory. If the problem persists, contact a Novell support provider.
EDIT-X-10: An invalid NetWare file path was specified.

Source:
Possible Cause:
Action:
EDIT.NLM
The directory supplied for the file was invalid.
Make sure the specified directory exists. Type the directory path correctly.
EDIT Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
91
Manual
99a
38
July 17, 2001
EDIT-X-14: The NLM could not allocate a resource tag.

Source:
Possible Cause:
Action:
EDIT.NLM
The server might not have enough available memory.
EDIT-X-16: The NLM could not get the process resource tag.
Source:
Possible Cause:
Action:
EDIT.NLM
EDIT-X-18: The NLM could not get the screen resource tag.
Source:
Possible Cause:
Action:
EDIT.NLM
Increase the memory availble to the server. See Freeing Server Memory
EDIT-X-20: The NLM could not allocate memory for its stack.
Source:
Possible Cause:
Action:
EDIT.NLM
Increase the memory availble to the server. See Freeing Server Memory
EDIT-X-21: The NLM could not open a screen.

Source:
Possible Cause:
Action:
92
EDIT.NLM
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
EDIT-X-23: The NLM was unable to initialize NWSNUT.NLM.

Source:
Explanation:
Action:
EDIT.NLM
An internal system error probably occurred.
EDIT-X-28: The NLM could not allocate memory.

Source:
Possible Cause:
Action:
EDIT.NLM
EDIT Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
93
Manual
94
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001

The following includes messages from the FILESYS.NLM.
FILESYS-X-5: Enable TTS requested by user name on station number.
Source:
Explanation:
FILESYS.NLMTM
The user indicated in the message issued an ENABLE Transaction Tracking
SystemTM (TTTMS) request.
FILESYS-X-14: Allow unowned files to be extended.

Source:
Possible Cause:
Action:
FILESYS.NLM
FILESYS-X-129: AUDIT event number = number. Invalid volume number = number.

Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
An invalid volume number was used during a call to audit the event indicated
in the message.
An internal program error occurred.
Reboot the server. If the problem persists, contact a Novell support provider.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
95
Manual
99a
38
July 17, 2001
FILESYS-X-131: Memory for auditing cannot be allocated. Volume name is being

dismounted.
Source:
FILESYS.NLM
Possible Cause:
The operating system ran out of memory when it tried to start up auditing
while mounting a volume.
Action:
FILESYS-X-132: Error writing to the audit file for volume: name.

Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
The operating system encountered an error when trying to write to the audit
file.
The file system might be failing.
See Disk Errors in the Server Operating System Administration Guide.
FILESYS-X-133: The audit file for volume name is full.

Source:
Possible Cause:
Action:
FILESYS.NLM
The operating system filled up the audit file when it wrote an audit record.
Use AUDITCON to reset the audit file, or increase the maximum size of the
audit file.
FILESYS-X-137: Unable to open file NET$ACCT.DAT to add audit record.

Source:
Explanation:
Action:
FILESYS.NLM
A disk I/O has failed.
FILESYS-X-151: The AUDIT configuration file cannot be opened. Press enter to

continue.
Source:
Explanation:
Action:
96
FILESYS.NLM
The operating system failed when trying to open the AUDIT configuration
file.
Restart the server. If the problem persists, contact a Novell support provider.
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-158: Internal compression error: file `name' volume number intermediate

size number. Offset totals from intermediate file generation (number) and
intermediate file processing (number) mismatch invalidating intermediate file.
Source:
FILESYS.NLM
Possible Cause:
This error resulted from an internal consistency check done by compression to

guarantee the integrity of the data being compressed. During file compression,
an intermediate file is created that describes the compressed version of the file.
The file contains codes describing what should be encoded in the compressed
version of the file. The totals from processing the original file do not match
the totals from processing the intermediate file. This would only be caused by
insufficient memory or by a disk returning corrupted data. The file that was
being compressed will remain uncompressed, and the system will try again
later to compress it.
Action:
No immediate action is necessary. Note the volume number and watch for
more of these same alerts. Also, watch for other errors indicating that the
memory or disk is failing. If these alerts or other data corruption problems
happen often on a particular volume, the disk or hardware supporting the disk
should be repaired or replaced.

size number. Data encode counts from intermediate file generation (encode_count)
and intermediate file processing (encode_count) mismatch invalidating intermediate
file.
Source:
FILESYS.NLM
Explanation:
This is an internal consistency check done by compression to guarantee the

integrity of the data being compressed. The file that was being compressed
will remain uncompressed, and the system will try again later to compress it.
Action:
System Messages
103-000150-001
August 29, 2001
Novell Confidential
97
Manual
99a
38
July 17, 2001

size number. Length/Offset encode counts from intermediate file generation
(number) and intermediate file processing (number) mismatch invalidating
intermediate file.
Source:
FILESYS.NLM
Possible Cause:

integrity of the data being compressed. During file compression, an
intermediate file is created that describes the compressed version of the file.
version of the file. The codes in the intermediate file do not match those found
in the file being compressed. The file that was being compressed will remain
uncompressed, and the system will try again later to compress it.
Action:

size number. Large length/offset encode counts from intermediate file generation
(number) and intermediate file processing (number) mismatch invalidating
intermediate file.
Source:
98
FILESYS.NLM
Possible Cause:

version of the file. The codes in the intermediate file do not match those found
in the file being compressed. The file that was being compressed will remain
uncompressed, and the system will try again later to compress it.
Action:
System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-164: Internal compression error: file name volume number size size.
Shannon Tree depth exceeded 32 generating bit codes uncontainable in a single
LONG.
Source:
FILESYS.NLM
Possible Cause:

a memory hit or a disk returning faulty data. The file that was being
compressed will remain uncompressed, and the system will try again later to
compress it.
Action:
FILESYS-X-165: Internal compression error: file name volume number size size. The
projected size of the compressed file (byte_size) did not match the byte size of the
compressed file (byte_size).
Source:
FILESYS.NLM
Possible Cause:

a memory hit or a disk returning faulty data. The file that was being
compressed will remain uncompressed, and the system will try again later to
compress it.
Action:
System Messages
103-000150-001
August 29, 2001
Novell Confidential
99
Manual
99a
38
July 17, 2001
FILESYS-X-168: Compression: Invalid length or offset.

Source:
Possible Cause:
Action:
FILESYS.NLM
An I/O error has occurred during file compression. The disk drive or disk
hardware might be starting to malfunction. The file that was being compressed
will remain uncompressed and the system will try again later to compress it.
FILESYS-X-170: Error writing to the extended directory space.

Source:
FILESYS.NLM
Explanation:
The operating system was trying to write extended directory information to

disk. When it tried to write the information, it got a disk error. The information
was not written to the disk and will be lost. The information which was lost
might have been extended attribute data.
Possible Cause:
This error might have been caused by a hard disk or channel failure. The disk
might have other data integrity problems.
Action:
Use the warning message that preceded this message to determine the actual
cause and solution of the problem. See Disk Errors in the Server Operating
FILESYS-X-171: Error writing to file (filename not accessible) data stream number.
Write was requested by the SERVER.
Source:
Explanation:
FILESYS.NLM
A write error has prevented the operating system from correctly writing file
data to the disk. Hot Fix was not able to redirect the data to a new block. The
data stream number indicates the name space stream (0=DOS or Macintosh
data fork, 1=Macintosh resource fork). The data was not written to disk and
will be lost.
Possible Cause:
A hard disk or channel failure occurred. The disk could have other data
integrity problems.
Action:
100 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-172: Error writing to file (filename not accessible) data stream number.
Write was requested by user name on station number.
Source:
Explanation:
FILESYS.NLM
will be lost.
Possible Cause:
integrity problems.
Action:
FILESYS-X-173: Error writing to file name data stream number. Write was requested
by the SERVER. File path path.
Source:
Explanation:
FILESYS.NLM
A write error occurred on the system while writing data to disk. Hot Fix was
not able to redirect the data to a new block. The data stream number indicates
the name space stream (0=DOS or Macintosh data fork, 1=Macintosh resource
fork).
Possible Cause:
integrity problems.
Action:
FILESYS-X-174: Error writing to file name data stream number. Write was requested
by user name on station number. File path server/volume.
Source:
Explanation:
FILESYS.NLM
A write error occurred on the system, while writing file data to disk. Hot Fix
was not able to redirect the data to another block on the disk. The data stream
number indicates the name space stream (0=DOS or Macintosh data fork,
1=Macintosh resource fork). The data was not written to disk and will be lost.
Possible Cause:
integrity problems.
Possible Cause:
The designated file was lost or corrupted.
Action:
FILESYS - File System Messages 101
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-175: File read error at offset offset data stream number. Error getting
filename. Read was requested by the SERVER.
Source:
Explanation:
FILESYS.NLM
The server was processing a file-read request. When the server tried to read
the disk block with the file data, a disk-read error occurred. Some data was lost
that could cause the user's applications to fail on reading data from files.
The operating system was unable to determine the name of the file where the
read error occurred because it received additional errors when it tried to read
directory blocks to generate the filename.
The data stream number indicates the name space stream (0=DOS or
Macintosh data fork, 1=Macintosh resource fork.)
Possible Cause:
integrity problems.
Action:
FILESYS-X-176: File read error at offset offset data stream number. Error getting
filename. Read was requested by user name on station number.
Source:
Explanation:
FILESYS.NLM
The system cannot read the file from disk. Some data was lost that could cause
the user's applications to fail on reading data from files.
Possible Cause:
integrity problems.
Action:
FILESYS-X-177: Error reading file name. Offset offset data stream number. Read was
requested by the SERVER. File path path.
Source:
Explanation:
FILESYS.NLM
The operating system was processing a request to read data from a file, and it
encountered an error while reading the data. The file read request will fail,
possibly causing the applications that were requesting the read to fail.
Macintosh data fork, 1=Macintosh resource fork).
102 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Possible Cause:
integrity problems.
Action:
FILESYS-X-178: Error reading file name. Offset offset data stream number. Read was
requested by user name on station number. File path path.
Source:
Explanation:
FILESYS.NLM
When the operating system tried to read existing data from disk, it got a disk
read error. The operating system was unable to determine the name of the file
where the read error occurred because it got additional errors when it tried to
read directory blocks to generate the filename.
Possible Cause:
integrity problems.
Action:
FILESYS-X-179: File write pre-read error. Offset offset data stream number. Error
getting filename. Read was requested by the SERVER.
Source:
Explanation:
FILESYS.NLM
When the operating system tried to write data to an existing file, it got an error
in trying to read existing data from the disk. The new data could not be written
to the disk and will be lost. The operating system was unable to determine the
name of the file where the read error occurred because it got additional errors
when it tried to read directory blocks to generate the filename.
Action:
FILESYS-X-180: File write preread error. Offset offset data stream number. Error
getting filename. Read was requested by user name on station number.
Source:
Explanation:
FILESYS.NLM
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Action:
FILESYS-X-181: File name write preread error. Offset offset data stream number. Read
was requested by the SERVER. File path path.
Source:
Explanation:
FILESYS.NLM
Possible Cause:
integrity problems.
Action:
FILESYS-X-182: File name write pre-read error. Offset offset data stream number.
Read was requested by user name on station number. File path path.
Source:
Explanation:
FILESYS.NLM
Possible Cause:
integrity problems.
Action:
FILESYS-X-184: Error expanding server\volume directory due to disk write errors.

Source:
Explanation:
FILESYS.NLM
The system encountered a disk error while it was trying to allocate a block on
the disk. The station making the request will not be able to create the new file
or directory.
Possible Cause:
integrity problems.
Action:
104 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-185: Error expanding server\volume directory because directory size limit

was exceeded.
Source:
Explanation:
Action:
FILESYS.NLM
The system needs to allocate another directory block on the volume, but the
maximum number of directory blocks has been reached. The server limits the
amount of disk space used for the directory table to between 5% and 50% of
the total space on a volume. This is controlled by the server parameter,
Maximum Percent Of Volume Used By Directory, and it defaults to 13% of
the disk space. The system allocates new directory blocks when a new
directory is created, or when a new file is added to an existing directory, and
it did not have any entries left to track the new file.
See Resolving Server Disk Space Problems and Managing the NetWare
Server in the Server Operating System Administration Guide.
FILESYS-X-186: Error expanding server\volume directory because no more disk

space is available.
Source:
Possible Cause:
Action:
FILESYS.NLM
The system needs to allocate another directory block on the volume, but the
volume is out of disk space. The system tries to allocate new directory blocks
when a new directory is created or when a new file is added to an existing
directory, but in this instance it did not have any entries left to track the new
file.
FILESYS-X-187: Error expanding server\volume directory because no more memory

is available for tables.
Source:
Possible Cause:
Action:
FILESYS.NLM
The system needs to allocate another directory block on the volume, and it
needs to expand the tables that it uses to track the directory within memory.
When the system tried to expand the memory directory tables, there was not
enough memory available to allocate the additional directory block. The
station making the request will not be able to create the new file or directory.
Increase the memory available to the server. See Resolving Server Memory
Problems in the Server Operating System Administration Guide.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-188: Server\volume directory size is getting too large for available

memory. If the directory grows much larger, you may need to add more memory to the
file server.
Source:
Possible Cause:
Action:
FILESYS.NLM
The size of the volume directory table has increased since the volume was
mounted. The next time this volume is mounted, more memory will be used
for the directory tables because a larger hash table will be created. The system
has determined that the amount of memory available in the server is very low,
and there might not be enough memory available to mount this volume again.
See Freeing Server Memory Temporarily in the Server Operating System
FILESYS-X-189: Error writing FAT table for volume server\volume.

Source:
Explanation:
FILESYS.NLM
A write error has prevented the operating system from recording changes
made to the File Allocation Table (FAT). The FAT tracks what disk blocks are
allocated and free; it also records what disk blocks are grouped together to
store a file's data. The server will still have the correct FAT information in
memory, and it still can access the volume correctly. However, when you try
to mount this volume the next time, the FAT information on disk will be
incorrect, and the volume probably will not mount.
Possible Cause:
integrity problems.
Action:
FILESYS-X-190: Error writing to the directory on server\volume.

Source:
Explanation:
FILESYS.NLM
A write error prevented the server from writing updated directory table
information to a directory block. The updated directory information was not
recorded on the disk. When the directory block is flushed from the directory
cache, the server will not be able to read the information from the disk.
Possible Cause:
integrity problems.
Action:
106 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-191: Error reading one copy of the directory on server\volume.

Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
The server maintains two copies of the directory on each volume. An error
occurred while the server was reading from one copy of the directory. The
server was able to read the other copy, and it found the needed information.
integrity problems.
Run VREPAIR when this error first appears. If both directory copies become
corrupted, VREPAIR cannot fix the problem. The possibility of losing data
increases significantly when the system uses only one of the mirrored
directories.
FILESYS-X-192: Error reading both copies of the directory on server\volume.

Source:
Explanation:
FILESYS.NLM
The system was trying to read a directory block from disk, but both the
primary and secondary copies were inaccessible. Because the system could
not read the directory information, it will not be able to process the request that
needed this information.
If this error occurs during the mount process, the volume will not mount
because the system is not able to properly access and update the volume
directory information. The volume tables could become damaged. Data on the
volume could be lost, requiring it to be restored from backup copies.
Possible Cause:
Action:
integrity problems.
See Disk Errors in the Server Operating System Administration Guide. See
Resolving Volume Mounting Problems Because of Name Space Module in the
Traditional File Services Administration Guide.
FILESYS-X-193: Error writing to a newly allocated directory block on server\volume.

Source:
Explanation:
FILESYS.NLM
A write error prevented the server from allocating a new directory block and
writing the directory information to the disk. When this directory block is
flushed from the directory cache, the server will not be able to read the data
from disk when it is needed again.
Possible Cause:
integrity problems.
Action:

System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-194: User name connection number attempted to extend the length of a

file with no owner. Filename: name.
Source:
Explanation:
Action:
FILESYS.NLM
A file needed to be extended; however, because the file had no owner, the
operation was aborted.
Delete the file, or assign the file an owner.
FILESYS-X-231: Insufficient RAM to compress file.

Source:
Explanation:
Possible Cause:
Action:
Possible Cause:
Action:
FILESYS.NLM
The compression system could not allocate enough memory to compress the
file.
The server could be congested.
No immediate action is required. The file will remain uncompressed; the
system will try to compress it later.
The server might not have enough memory to compress a file.
If the message occurs even during periods of low network traffic, the server
probably needs more memory. See Freeing Server Memory Temporarily in the
FILESYS-X-232: Disk I/O error compressing file.

Source:
Possible Cause:
Action:
FILESYS.NLM
A bad I/O has occurred during file compression. The disk drive or disk
hardware might be starting to malfunction. The file that was being compressed
will remain uncompressed, and the system will try again later to compress it.
FILESYS-X-234: Insufficient disk space to decompress file filename for station

number.
Source:
Explanation:
FILESYS.NLM
The disk space required for the decompressed file is not available, so the file
cannot be decompressed.
108 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
Possible Cause:
Action:
99a
38
July 17, 2001
Disk restrictions for the user, volume, or directory could have been assigned,
or the volume could be full. The system will try again later to compress the
file.
FILESYS-X-235: Compressed file filename being decompressed for station number

uses unknown compression format.
Source:
Possible Cause:
Action:
FILESYS.NLM
Each compressed file has a value indicating which compression format it is in.
If NetWare opens a file and does not recognize the compression format, it
cannot decompress the file. This file could be corrupted, or it could be flagged
as compressed when it is not really compressed.
Try restoring the file from a backup.
FILESYS-X-238: Insufficient RAM to decompress file.

Source:
Possible Cause:
Action:
FILESYS.NLM
Insufficient memory is available to decompress the file. The file that was
being decompressed will remain compressed and the system will try again
later to decompress it.
FILESYS-X-239: Unknown error (number) returned from decompress for file filename.
Source:
FILESYS.NLM
Explanation:
This is an internal consistency check done by decompression to guarantee the

integrity of the data being decompressed. The file that was being
decompressed will remain compressed, and the system will try again later to
decompress it.
Action:
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-240: Insufficient RAM to decompress file name.

Source:
Explanation:
Action:
FILESYS.NLM
The system tried to allocate memory to decompress a file and failed. The file
that was being decompressed will remain compressed, and the system will try
again later to decompress it.
Wait until the server is less congested and try again.
FILESYS-X-241: Compressed file is corrupted and unrecoverable.

Source:
FILESYS.NLM
Explanation:
The compressed file has been corrupted on the disk. During decompression,
the integrity of the data describing the compressed file is checked. If any of
the checks fail, data corruption is assumed, and compression cannot be
completed, as is the case here.
Possible Cause:
This error can only be caused by the data changing on the disk. Changed data
can result from one of the following causes:
Magnetic or electronic media close to the disk drive
Failure of the disk drive or supporting hardware
If the disk drive is failing, other files will be corrupted and will not contain the
original data.
Action:
Try restoring the file from an earlier backup. If you cannot restore the data
from a backup, the file is lost.
FILESYS-X-242: Compressed file name is corrupted and unrecoverable.

Source:
Possible Cause:
FILESYS.NLM
The compressed file has been corrupted on the disk. During decompression,
the integrity of the data describing the compressed file is checked. If any of
the checks fail, data corruption is assumed, and compression cannot be
completed, as is the case here. This error can only be caused by the data
changing on the disk. Changed data can result from one of the following
causes:
original data.
Action:
110 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-243: Compressed file name in use by station number is corrupted and

unrecoverable.
Source:
Possible Cause:
FILESYS.NLM
The first block of the compressed file has been corrupted on the disk. During
decompression, the integrity of the data describing the compressed file is
checked. If any of the checks fail, data corruption is assumed, and
compression cannot be completed, as is the case here. This error can only be
caused by the data changing on the disk. Changed data can result from one of
the following causes:
original data.
Action:
FILESYS-X-253: Error prevented preservation of file path during file erase.

Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
The operating system was unable to retain the specified deleted file in a
salvageable state. The file being deleted was purged, and it cannot be
salvaged.
This message should be preceded by a message stating the actual error
condition (such as a disk-write error or out-of-memory error).
Use the message displayed before this one to determine the actual cause of and
solution for the problem.
FILESYS-X-254: DeleteFileToLimbo failed, unable to save migrated file (path).

Source:
Possible Cause:
Action:
FILESYS.NLM
An internal program error has occurred.
Retry the operation. If the problem persists, contact a Novell support provider.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-255: Insufficient directory space (or memory) to preserve path during file
erase.
Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
While trying to delete a file, the server was unable to obtain the needed
directory table space or memory to retain the deleted file in a state in which it
could be salvaged. The file was deleted and purged.
A preceding message on the screen should indicate the cause of this error.
Use the message displayed before this one to determine the actual cause of and
solution for the problem.
FILESYS-X-302: Volume name DOS Type (number) does not match the file server DOS
Type (number).
Source:
Explanation:
Action:
FILESYS.NLM
Different language types can be specified for the file system by the
LCONFIG.SYS file. The default is English. After upgrading the system, you
tried to remount a volume that had a previously specified language type
different from the language type the server is now using. If you do not change
the language for the volume, this error occurs.
If you are using a language type other than English, make sure that the
LCONFIG.SYS and SERVER.MSG are both in the server's boot directory.
If you are trying to change from one of the other languages to English, you
might get errors that need to be fixed by running VREPAIR.
FILESYS-X-305: Directory FAT chain has a hole.

Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
A File Allocation Table (FAT) chain is a list of directory block locations. If the
FAT chain skips a block, a hole appears in the chain. (A hole is a section that
is not sequential.) A hole indicates that the location was never allocated. This
message indicates that while a volume was being initialized, a directory
volume structure initialization routine found that the file allocation table was
not sequential. The FAT value did not match the directory length. The volume
mount was aborted and all resources were returned.
This error probably indicates corruption.
Run VREPAIR and restart the system.
Warning: If the problem persists, make sure a volume backup exists. Delete
the volume, re-create it, and restore the data from the backup.
112 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-306: Error reading in volume directory.

Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
The current directory entry being examined did not have the correct root
subdirectory code number.
Warning: If you delete the volume, all data will be destroyed. You will have
to restore the data from a backup.
If the problem persists, make sure a volume backup exists. Delete the volume,
re-create it, and restore the data from the backup.
FILESYS-X-307: Invalid maximum space defined in subdirectory.

Source:
Possible Cause:
Action:
FILESYS.NLM
The operating system encountered a problem while mounting a volume.
FILESYS-X-308: Subdirectory entry refers to invalid directory block.

Source:
FILESYS.NLM
Explanation:
The operating system encountered a problem while mounting a volume. A test

of the subdirectory first block entry did not return with the correct value.
Possible Cause:
The entry contained a value not equal to zero, indicating the wrong directory
block or corruption.
Action:

System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-309: Not enough memory to validate directory.

Source:
Possible Cause:
FILESYS.NLM
The server had enough memory to read the directory tables, but not enough
memory to validate the directories. Before dismounting the volume, the user
received a warning that the server was running out of memory and that the
volume could not be remounted because it has grown too much. This error
could occur at one of the following points in the volume mount:
After comparing mirrored directory lengths
During setup of extra directory structures
During directory space restriction routines
During directory trustee addition and maintenance routines
Action:
FILESYS-X-310: Mirror copies of the volume directory don't match.

Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
The contents of directory 0 were compared with those of directory 1. The
compare routine found they did not match.
FILESYS-X-312: Insufficient memory for directory tables.

Source:
FILESYS.NLM
Explanation:
One of the steps in volume directory initialization is to request resource tags

and memory for directory tables, directory hash tables, and extended directory
tables.
Possible Cause:
The volume did not mount because the server does not have enough memory
available.
Action:
114 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-313: Invalid deleted file.

Source:
Explanation:
FILESYS.NLM
While checking deleted file directory entries, the system aborted the volume
mount process for one of the following reasons:
The FAT chain check did not return with a successful completion code.
The directory entry file size did not equal zero.
Possible Cause:
Action:

FILESYS-X-314: Invalid available entry.

Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
While scanning the volume directory for valid subdirectories, the system
encountered a subdirectory entry that contained information stating it was a
file.
This error probably indicates corrupted data or a corrupted volume.
FILESYS-X-317: Name space support not loaded.

Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
The name space NLM program did not load properly.
The name space module had not been loaded before you tried to mount the
volume.
Load a correct working version of the name space module before mounting the
volume.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
Possible Cause:
Action:
99a
38
July 17, 2001
The module is corrupted or is the wrong type.

Run VREPAIR on the volume.
FILESYS-X-318: Invalid name space list.

Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
While scanning subdirectory name space list entries, the system found that the
next name space list entry was greater than or equal to the number of defined
name spaces for the volume. Another reason for this error might be the next
entry scanned was greater than the maximum directory entries.
In either case, this error probably indicates corruption.
FILESYS-X-319: Invalid name space list order.

Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
While scanning subdirectory name space list entries, the system found that the
next name space list entries are not in the correct sequence.
FILESYS-X-320: Invalid subdirectory number in trustee directory entry.

Source:
Explanation:
Possible Cause:
FILESYS.NLM
While the system was scanning subdirectory entries, the trustee subdirectory
number was greater than or equal to the number of directory entries. The
trustee subdirectory number is less than zero.
116 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
Action:
99a
38
July 17, 2001

FILESYS-X-321: Invalid suballocation directory entry.

Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
While scanning directory entries, the system found an invalid suballocation
entry.
FILESYS-X-322: Invalid trustee directory entry.

Source:
Explanation:
FILESYS.NLM
While scanning directories in the current volume for trustees, the system
found one of the following problems:
The trustee count was greater than the number of trustee entries.
The trustee count equaled zero.
Possible Cause:
Action:
In either case, this error indicates file system corruption.

System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-323: Deleted file is a subdirectory.

Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
While in the process of initializing the directory volume structures, the system
found that one or both of the members of the work directory (directory flag
and directory file attribute) had their subdirectory bit turned on. What was
thought to be a file was in fact a subdirectory. The directory volume did not
initialize properly and all resources were returned.
This error probably indicates file system corruption.
FILESYS-X-324: Invalid subdirectory number in user restriction directory entry.

Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
While scanning subdirectories on a volume to be mounted, the system found
a subdirectory with a restriction subdirectory number not equal to zero. This
number should always equal zero because it is predefined.
FILESYS-X-325: Invalid user restriction node...too many trustees.

Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
118 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-326: Insufficient memory available for user restriction nodes.

Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
A call for memory from within the set_user_restriction routine failed. This
memory would have been used to create user restriction node IDs.
The server does not have enough memory.
FILESYS-X-327: Invalid directory number code.

Source:
Explanation:
Action:
FILESYS.NLM
The system found that the subdirectory entry it was about to examine did not
have the correct directory number (-4) of user restrictions, trustees, and
deleted file blocks.
FILESYS-X-328: Invalid subdirectory number in file directory entry.

Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
A subdirectory had a number that was greater than or equal to the maximum
number of directory entries.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-329: Directory block is inconsistent...has several subdirectory numbers.

Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
Upon initialization, the subdirectory number vector table should contain a
value of -1 (which is then changed to a zero). If the value residing in the table
is not equal to -1 or 0, the volume mount is aborted and all resources are
returned to the system. In this case, the table contained a different value.
The volume's directory tables have been corrupted.
FILESYS-X-332: Directory tree is circularly linked.

Source:
Explanation:
Action:
FILESYS.NLM
A directory contains a subdirectory that is also its parent.
FILESYS-X-333: Directory tree is too deep.

Source:
Explanation:
Action:
FILESYS.NLM
The maximum subdirectory tree depth of 25 levels has been exceeded.
Change the server parameter, Maximum Subdirectory Tree Depth to be able
to go beyond the default limit of 25. This parameter can be set to a maximum
of 100 levels.
FILESYS-X-335: Length differences on mirror directory chains could not be resolved.

Source:
Explanation:
FILESYS.NLM
120 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
Possible Cause:
Action:
99a
38
July 17, 2001
The amount of directory blocks of directory 0 didn't match the number of

directory 1. The volume mount was aborted because the directory integrity
was disrupted.
FILESYS-X-336: File without trustee definitions had a trustee node.

Source:
FILESYS.NLM
Severity:
This is a warning error, but in most cases it will not cause serious problems.
Explanation:
The information about a given file indicated that the file had specific trustee
assignments, but no trustee assignments could be found.
Action:

FILESYS-X-337: Invalid deleted file block.

Source:
Possible Cause:
Action:
FILESYS.NLM
While scanning subdirectory entries, the system found that the value of the
deleted sequence number of the current block did not equal zero, indicating a
corrupted file system.
FILESYS-X-338: Invalid deleted file trustee node.

Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
A directory entry indicates that trustee assignments exist for the directory, but
none can be found.
The file system is corrupted.
Recreate the directory or run VREPAIR and restart the system.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-342: Invalid extended directory entry FAT chain.
Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
A File Allocation Table (FAT) chain is a list of directory block locations.
This error might indicate file system corruption.
FILESYS-X-343: Invalid extended attribute in directory entry.

Source:
Explanation:
Action:
FILESYS.NLM
An attempt to identify the extended attributes of a directory has failed.
Check the extended attributes of the directory and reset them if necessary.
FILESYS-X-344: Error allocating a directory entry to add a name space root.

Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
The system tried to add a name space root and failed. The
AllocateDirectoryEntry routine found there were no available directory
entries in the subdirectory, so the system tried to extend it.
There were too many directory blocks, or not enough memory was available
for the volume's directory tables.
FILESYS-X-345: UNIX Hard Link flags set with no UNIX name space.
Source:
Explanation:
Action:
FILESYS.NLM
The user tried to create a hard link before loading the UNIX name space.
Load the UNIX name space before creating a hard link.
122 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-346: UNIX Hard Link flags don't match between the name spaces.
Source:
Possible Cause:
Action:
FILESYS.NLM
The name spaces cannot be linked because their flags do not match.
Make sure that the UNIX hard link flags match before trying to link the name
spaces.
FILESYS-X-347: The server is not configured to support this volume's DOS type.
Source:
Possible Cause:
Action:
FILESYS.NLM
The uesr tried to mount a volume whose name space (for example, Macintosh)
has not yet been configured on the server.
Try to mount the volume again after configuring the server to support the
appropriate name space.
FILESYS-X-348: Error creating suballocation file space.

Source:
Possible Cause:
Action:
FILESYS.NLM
This error might indicate file system corruption.
FILESYS-X-350: File is flagged as both compressible and uncompressible.

Source:
Possible Cause:
Action:
FILESYS.NLM
The system does not know whether to perform file compression on a given file
because the file has been assigned both the Immediate Compress (Ic) and
Don't Compress (Dc) attribute.
Use FLAG to remove the Immediate Compress or the Don't Compress file
attribute on the given file.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-351: Error moving trustee node on NetWare 4 file upgrade.

Source:
Possible Cause:
Action:
FILESYS.NLM
An error in rebuilding the directory entry table while upgrading to NetWare 4
or a later version occurred. This might be due to not enough disk space or other
disk problems.
You might need to increase the volume size or repair the volume using
VREPAIR. See Resolving Server Disk Space Problems in the Server
FILESYS-X-352: File marked as migrated, but volume trustees not converted.

Source:
Possible Cause:
Action:
FILESYS.NLM
This is a report of a seeming inconsistency after a volume upgrade. When
migrating data files, the trustee assignments associated with that file have not
been moved but the file is marked as fully migrated.
Perform the migration again or update the trustee assignments manually.
FILESYS-X-410: A subdirectory is named PIPE.

Source:
FILESYS.NLM
Explanation:
PIPE is a reserved DOS name. No subdirectories can have this name or the
volume will not mount. In most instances, NetWare will not allow this name
to be used.
Action:
Rename the subdirectory or contact a Novell support provider for suggestions

on resolving this problem.
FILESYS-X-411: Subdirectory entry refers to invalid directory block.

Source:
Explanation:
FILESYS.NLM
Possible Cause:
A test of the subdirectory first block entry did not return with the correct value.
Possible Cause:
The entry contained a value not equal to zero, indicating the wrong directory
block or corruption.
Action:

124 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-412: Two subdirectories reference the same first directory block.

Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
Two subdirectories reference the same directory block.
FILESYS-X-413: Not enough memory to validate directory.

Source:
Explanation:
FILESYS.NLM
The server had enough memory to read the directory tables, but it did not have
enough memory to validate the directories. Before the volume was
dismounted, you received a warning that the you were running out of memory
and that you could not remount the volume because it had grown too much.
This error could occur at one of the following points in the volume mount:
After comparing mirrored directory lengths.
During setup of extra directory structures.
During directory space restriction routines.
While adding directory trustees.
During maintenance routines.
Action:
FILESYS-X-414: Invalid maximum space defined in subdirectory.

Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-417: File has both do compression and don't compress attributes set.
Source:
Possible Cause:
Action:
FILESYS.NLM
Use FLAG to remove the Ic or Dc attribute on the given file.
FILESYS-X-418: Directory has both do file compression and don't file compress
attributes set.
Source:
Possible Cause:
Action:
FILESYS.NLM
The system does not know whether to perform file compression in a directory
because the directory has been assigned the Immediate Compress (Ic) and
Remove the Ic or the Dc directory attribute.
FILESYS-X-420: File is flagged as both compressible and noncompressible.

Source:
Possible Cause:
Action:
FILESYS.NLM
Remove the Ic or the Dc file attribute on the given file.
FILESYS-X-446: Account number deleted by user number on station number. 1 active

connection terminated.
Source:
Explanation:
Action:
FILESYS.NLM
Someone, probably the network supervisor, has terminated the connection.
If desired, reestablish the connection.
FILESYS-X-470: GetOriginalNameSpace could not find the originating name space.

The DOS name space was assumed. You should run VREPAIR to fix this!
Source:
Possible Cause:
FILESYS.NLM
This error indicates an inconsistent state of the directory table. The server
needed to determine which name space generated the current name of a file.
When it searched for which name space assigned the filename, none of the
126 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
name spaces was marked as the originating name space. NetWare assumes that
the name was generated by the DOS name space.
Action:

FILESYS-X-472: Volume already supports this Name Space.

Source:
Explanation:
FILESYS.NLM
This status messate indicateds that the specified name space has already been
added to the volume. A volume can be configured only once for a specific type
of name space.
FILESYS-X-475: Add name space aborted by the user.

Source:
Explanation:
FILESYS.NLM
This status message indicates that after beginning installation of a name space,
the user opted to discontinue the operation.
FILESYS-X-477: Error reading directory on NameSpace upgrade...volume is left in a

bad state.
Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
This error occurred when an ADD NAME SPACE command was issued.
The error could indicate file system corruption.
Run VREPAIR with the Remove Name Space Support from the Volume
option.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-481: Add name space aborted by the user due to insufficient disk space.
Source:
Possible Cause:
Action:
FILESYS.NLM
There is insufficient disk space to add the desired name space.
Increase the available disk space on the volume. See Resolving Server Disk
Space Problems in the Server Operating System Administration Guide.
FILESYS-X-482: Add name space aborted due to insufficient server RAM.

Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
There is insufficient memory to add the desired name space.
FILESYS-X-483: Error allocating new entry on NameSpace upgrade...volume is left in

a bad state.
Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
An error occurred when an ADD NAME SPACE command was issued.
The error could indicate file system corruption.
Run VREPAIR with the Remove Name Space Support from the Volume
option.
FILESYS-X-484: Error setting entry name on NameSpace upgrade...volume is left in a

bad state.
Source:
FILESYS.NLM
Explanation:
An attempt to set a name space name has failed. The name space will not be
effective, and problems with other name spaces might occur.
Possible Cause:
There might not be enough disk space or system memory to handle the name
space.
128 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Action:
Verify that the system is large enough to handle the name space. Increase the
memory available to the server. See Freeing Server Memory Temporarily in
the Server Operating System Administration Guide.
Action:
Increase the available disk space on the volume. See Resolving Server Disk
Space Problems in the Server Operating System Administration Guide. Then
re-create the volume.
FILESYS-X-485: AddNameSpace error reading volume header...volume is left in a bad

state.
Source:
Explanation:
Action:
FILESYS.NLM
An error occurred when an ADD NAME SPACE command was issued.
FILESYS-X-491: Connection number user name exceeded outstanding NCP directory

search limit.
Source:
FILESYS.NLM
Possible Cause:
The structure that DOS uses to track the current status of a directory search
does not have enough fields to track the file that should be found next on a
NetWare volume. Because of this, NetWare must keep a separate search
structure in server memory that tracks the status of the search and the next file
to be found. DOS does not tell NetWare when it has finished a search, so
NetWare must guess when it can discard the search information that it is
keeping. The number of searches that NetWare will track is controlled by the
server parameter, Maximum Outstanding NCP Searches, which is set to a
default value of 51 per connection. This message indicates that a program tried
to continue a search that NetWare is no longer tracking. Because of this,
NetWare cannot return the next filename that should be found.
Action:
You can increase the number of searches that the server tracks by changing the
server parameter, Maximum Outstanding NCP Searches. However, doing so
will use a lot more memory to track searches. (Searches must be tracked
separately for each connection.) It also might degrade performance if it causes
the number of cache buffers available to be too small.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
If performance is degraded, add additional memory to the server. See Freeing

Server Memory Temporarily in the Server Operating System Administration
Guide. A second solution is to determine which program tried to continue a
search that the server was not tracking. The search method that the program
uses can be modified so that it does not require more than 51 searches to be
tracked. Or, if available, an alternate program could be used.
FILESYS-X-492: You exceeded your outstanding NCP directory search limit.
Source:
Explanation:
Action:
FILESYS.NLM
You cannot search directories beyond a certain depth.
If this error appears often, increase the search limit.
FILESYS-X-495: Insufficient memory available to mount volume. Volume name was

NOT mounted.
Source:
Possible Cause:
Action:
FILESYS.NLM
FILESYS-X-496: The FAT chain used to define the FAT is invalid. Volume name was
NOT mounted.
Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
130 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-497: The FAT chain used to define the FAT overlaps on itself. Volume name
was NOT mounted.
Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
FILESYS-X-498: Error reading in the FAT. Volume name was NOT mounted.
Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
A File Allocation Table (FAT) is an index to one or more disk allocation
blocks in which a file is located.
FILESYS-X-499: The mirror copies of the FAT don't match. Volume name was NOT
mounted.
Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-500: The FAT chain used to define the FAT has an invalid forward
reference. Volume name was NOT mounted.
Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
FILESYS-X-501: A file's FAT chain contains entries out of order. Volume name was
NOT mounted.
Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
A File Allocation Table (FAT) chain is a list of directory block locations. The
data of the file might not be damaged, but the file is invalid due to the sequence
of the data.
FILESYS-X-502: A file's FAT chain collides with another FAT chain.

Source:
Explanation:
Action:
FILESYS.NLM
The File Allocation Table (FAT) chain is a list of directory block locations.
Both files involved are invalid; updates to either file could cause damage to
both of them.
132 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-503: The first entry of a file's FAT chain is invalid. Volume name was NOT
mounted.
Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
FILESYS-X-504: A FAT chain has an invalid next link. Volume name was NOT
mounted.
Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
A File Allocation Table (FAT) chain is a list of directory block locations. This
message indicates that the next link in a FAT chain is invalid.
This error probably indicates file system corruption. .
If this problem occurs during a volume mount, the operating system will try
to load VREPAIR to correct the problem. Run VREPAIR and restart the
system.
FILESYS-X-505: A file with a nonzero length doesn't have a FAT chain. Volume name
was NOT mounted.
Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
This error indicates an invalid file, probably due to corruption.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-507: Invalid directory FAT chain. Volume name was NOT mounted.
Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
There are duplicate extended directory chains (chain0 and chain1). If these
chains do not match for some reason, this error is produced and the volume
will not mount.
FILESYS-X-508: Invalid suballocation node. Volume was NOT mounted.

Source:
Possible Cause:
Action:
FILESYS.NLM
Corruption has occurred in the file system, possibly due to a power outage.
Action:
Also, make sure the server has a good UPS system installed and that the UPS
system is operating properly.
FILESYS-X-509: Suballocation node used by multiple files. Volume name was NOT
mounted.
Source:
Explanation:
FILESYS.NLM
More than one file was using the same block.
Possible Cause:
This error could be due to a variety of causes, including a faulty disk drive or
other hardware problem, premature downing of the server, or data corruption.
Action:
See Disk Errors in the Server Operating System Administration Guide. If you
suspect corruption, run VREPAIR and restart the system.
134 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-510: Suballocation encountered but not enabled on this volume. Volume
name was NOT mounted.
Source:
FILESYS.NLM
Possible Cause:
This error could be due to a variety of causes, including a faulty disk drive or
other hardware problem, premature downing of the server, or data corruption.
Action:
suspect corruption, run VREPAIR and restart the system.
FILESYS-X-511: Suballocation node used on TTS enabled file. Volume name was NOT
mounted.
Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
The ending node of the TTS file was a suballocation node.
Try running VREPAIR.
FILESYS-X-518: System file lock threshold exceeded. Number file open or lock
requests failed.
Source:
Explanation:
FILESYS.NLM
The number indicates the requests that failed to open or lock a file because the
limit was exceeded. The file open or lock requests are not being serviced.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Possible Cause:
The number of open files and file locks on the server exceeded the maximum
specified by the server parameter, Maximum File Locks: number. The default
is 10,000.
Action:
Increase the number of file locks using the SET MAXIMUM FILE LOCKS
command. For more information, see SET in Utilities Reference.
FILESYS-X-519: Station number file lock threshold exceeded. Total violations

number.
Source:
Explanation:
Action:
FILESYS.NLM
The number of open files and file locks on the server for the specified station
exceeded the limit specified. The total violations number indicates the total
number of requests to lock a record that failed.
Use the SET console command to increase the number of file locks per
connection:
SET MAXIMUM FILE LOCKS PER CONNECTION=
Minimum = 10
Maximum = 1000
Default = 250
number
Increasing the number of file locks will increase the amount of memory used
by the server. You might need to increase the available memory on the
workstation. Increase the memory available to the server. See Freeing Server
Memory Temporarily in the Server Operating System Administration Guide.
FILESYS-X-520: System record lock threshold exceeded. Number record lock
requests failed.
Source:
FILESYS.NLM
Explanation:
The number of record locks on the server exceeded the maximum specified.
Applications that lock records will not function properly. The number in the
message indicates the total number of record lock requests for the station that
failed because the limit was exceeded.
Action:
Increase the number of system record locks using the SET console command.
For the syntax and value required, see the parameters for the SET comand SET
MAXIMUM RECORDS LOCKS.
Increasing the number of record locks will increase the amount of memory
required by the server. You might need to increase the available memory on
the server. Increase the memory available to the server. See Freeing Server
Memory Temporarily in the Server Operating System Administration Guide.
136 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-521: Station number record lock threshold exceeded. Total violations

number.
Source:
FILESYS.NLM
Explanation:
The number of record locks on the server for the specified station exceeded
the limit specified. Applications that request record locks do not function
properly until record locks are released by other applications. The total
violations number indicates the number of requests that failed to lock a record
because the record lock threshold limit was exceeded.
Action:
Increase the number of record locks using the SET console command. For the
syntax and value required, see the parameters for the SET comand SET
MAXIMUM RECORD LOCKS PER CONNECTION.
Increasing the number of record locks will increase the amount of memory
required by the server. Increase the memory available to the server. See
Freeing Server Memory Temporarily in the Server Operating System
FILESYS-X-524: RT Data Migrator Default Read Write Support Module has been
changed.
Source:
Explanation:
FILESYS.NLM
This status message indicates that the default support module has been
changed to a new support module.
FILESYS-X-525: Volume name mounted with no Migration NLM loaded, some files
may be inaccessible.
Source:
Possible Cause:
Action:
FILESYS.NLM
The volume was mounted with files that cannot be accessed until the
RTDM.NLM is loaded.
Load RTDM.NLM and the appropriate support module.
FILESYS-X-526: Volume name mounted without a specified Migration Support NLM.

Some files maybe inaccessible.
Source:
Explanation:
Action:
FILESYS.NLM
A volume has been mounted with files that cannot be accessed until the
support module needed to access the files has been loaded.
Load the appropriate support NLM program.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-527: Migrated Data Streams have been corrupted.

Source:
Possible Cause:
Action:
FILESYS.NLM
The data for a migrated file is corrupted.
Replace the corrupted file from a backup.
FILESYS-X-528: Unable to access the Data Migration Look Up Key.

Source:
FILESYS.NLM
Explanation:
Data that was migrated to a writable disk player (or jukebox) for storage
cannot be found. The Data Migration Look Up Key is the pointer that tells
where stored data is located in the CD. The directory entry for the file
containing the data still exists, but no data exists in the file.
Action:
Unless there is a backup of the file, the data is lost. Delete the file from the
directory.
FILESYS-X-529: Unable to get DOS entry for Migrated File.

Source:
Explanation:
Action:
FILESYS.NLM
A migrated file's DOS counterpart cannot be found.
Delete the file that was migrated.
FILESYS-X-530: Collision when Claiming Extended Directory space for a migrated

file.
Source:
Possible Cause:
Action:
FILESYS.NLM
The volume's extended directory space has been corrupted.
138 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-557: Illegal hole in suballocation FAT chain.

Source:
Explanation:
Action:
FILESYS.NLM
A File Allocation Table (FAT) chain is a list of directory block locations. If the
FAT chain skips a block, a hole appears in the chain. (A hole is a section that
is not sequential.) A hole indicates that the location was never allocated.
FILESYS-X-558: Suballocation FAT chain entry exceeds maximum.

Source:
Explanation:
Action:
FILESYS.NLM
FILESYS-X-559: Suballocation FAT already claimed.

Source:
Explanation:
Action:
FILESYS.NLM
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-560: Suballocation out of memory.

Source:
Possible Cause:
Action:
FILESYS.NLM
The operating system was unable to allocate memory for the suballocation
FAT because it is out of memory.
FILESYS-X-574: TTS exceeded the limit of number of active transactions. Number

transactions delayed.
Source:
Explanation:
Action:
FILESYS.NLM
Because the limit of active transactions was exceeded, the Transaction
Tracking System (TTS) must delay additional requests to complete
transactions until the number of active transactions comes within the limit.
If the transaction limit has not been set to its maximum, try increasing the
value (MONITOR > Server Parameters > Transaction Tracking > Maximum
transactions.).
FILESYS-X-575: Transaction aborted for station number task number.

Source:
FILESYS.NLM
Explanation:
Due to a CLEAR STATION command, or some other external connection, the

transaction was aborted and backed out.
Action:
Review the TTS$ERR.LOG file; then you can see what the user was working
on and when it was changed.
FILESYS-X-577: Disable TTS requested by user name on station number.

Source:
Explanation:
FILESYS.NLM
This informational message indicates that the user issued a DISABLE
Transaction Tracking System (TTS) request.
FILESYS-X-578: Server TTS shut down because backout volume name was
dismounted.
Source:
Explanation:
FILESYS.NLM
The informational message is an alert to create a chronological history for
troubleshooting. The Transaction Tracking System (TTS) is automatically
disabled when the backout volume is dismounted.
140 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-579: Error writing to TTS$LOG.ERR file.

Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
A Transaction Tracking System (TTS) error could not be logged in the TTS
error log file.
The volume is probably out of space.
Add more disk space to the volume containing the TTS files. See Resolving
Server Disk Space Problems in the Server Operating System Administration
Guide.
FILESYS-X-580: Error opening or creating TTS$LOG.ERR file.

Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
The Transaction Tracking System (TTS) could not open or create the
TTS$LOG.ERR file, which is a file containing a history of what TTS has done.
The volume might be running out of disk or directory space.
Erase or purge unnecessary files, or add more disk space to the volume
containing the TTS files. See Resolving Server Disk Space Problems in the
FILESYS-X-581: TTS ran out of memory expanding transaction node tables. Number
memory allocation requests failed.
Source:
Possible Cause:
Action:
FILESYS.NLM
The server has run out of memory for more transactions.
FILESYS-X-582: TTS disabled by operator.

Source:
Explanation:
FILESYS.NLM
This informational message indicates that the DISABLE TTS command was
issued from the server's console.
This message is generated to the screen, and to the TTS$LOG.ERR file, just
for a chronological record of when TTS was disabled, and to indicate that it
was disabled by the operator rather than by TTS itself (as is the case when the
TTS runs out of disk space).
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-583: TTS disabled because of error reading backout file.

Source:
Explanation:
Action:
FILESYS.NLM
The Transaction Tracking System (TTS) could not read the backout file. TTS
was disabled because it could not reliably back out any transactions. TTS
protection is gone, but completed transactions are intact.
No further action is required. You can continue without TTS protection.
FILESYS-X-584: TTS disabled because of error writing to file during backout.

Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
The Transaction Tracking System (TTS) had a problem writing to the actual
database for which it was backing out transactions, so it disabled itself to
prevent further problems.
The database is probably corrupted.
Try to determine whether the database application can read the database.
Some database programs have recovery utilities that can detect and repair
corruption.
FILESYS-X-585: TTS disabled because of too many defined volumes.

Source:
Possible Cause:
Action:
FILESYS.NLM
The Transaction Tracking System (TTS) can track transactions on only a
certain number of volumes. This number has been exceeded.
Combine volumes so that the number is within the limit set by TTS.
FILESYS-X-586: TTS disabled because of error writing volume definition information.

Source:
Possible Cause:
Action:
FILESYS.NLM
A hardware failure could have occurred.
See Disk Errors in the Server Operating System Administration Guiden.
FILESYS-X-587: TTS disabled because of error reading backout file during record
generation.
Source:
Possible Cause:
FILESYS.NLM
The Transaction Tracking System (TTS) probably disabled itself because it
failed to generate records to be written to a file. This failure occurred when
142 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
TTS could not read the backout file for some reason. The problem could be a
hardware failure, a power failure, or a corrupted file.
Action:
If you suspect file corruption, delete the file and restore from a backup.
FILESYS-X-588: TTS disabled because of error growing TTS memory tables.

Source:
Possible Cause:
Action:
FILESYS.NLM
See Resolving Server Memory Problems in the Server Operating System
FILESYS-X-589: TTS disabled because of error allocating more disk space for the
backout file.
Source:
Possible Cause:
Action:
FILESYS.NLM
The backout volume is full.
Try adding another drive to the backout volume, deleting or compressing
existing files on the backout volume, or moving files from the backout volume
to another volume. (Increasing disk space on volumes other than the backout
volume will not help.)
FILESYS-X-590: TTS disabled because of directory error on TTS backout file.

Source:
Possible Cause:
Action:
FILESYS.NLM
There is not enough memory space available on the volume for the directory.
Increase the percentage of volume space that can be used by the directory.
FILESYS-X-621: 1 Incomplete Transaction Found. Last record was written at

date_and_time.
Source:
Explanation:
FILESYS.NLM
This informational message indicates that TTS found an incomplete
transaction. Begin TTS was called without a subsequent ABORT or END.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-622: Number Incomplete Transactions Found. Last record was written at

date_and_time.
Source:
Explanation:
FILESYS.NLM
This message indicates that a database has closed improperly. This message
lists the number of incomplete transactions and the time the last complete
record was written.
FILESYS-X-628: Transactions will be backed out and not displayed or logged.

Source:
Explanation:
FILESYS.NLM
This informational message indicates that transactions will be backed out, and
they will not be displayed or logged.
FILESYS-X-631: Error opening file referenced by the backout file on volume name; file
was deleted.
Source:
Explanation:
FILESYS.NLM
This informationl message indicates that the referenced file has been deleted
before the Transaction Tracking System (TTS) could open it to back it out.
FILESYS-X-632: Backout information for transaction number (original write occurred

at time).
Source:
Explanation:
FILESYS.NLM
This informational message is displaying the backout information for the
transaction indicated.
FILESYS-X-633: Error opening file for backout. Completion code = code.

Source:
Possible Cause:
Action:
FILESYS.NLM
This is probably a hardware error.
See Disk Errors in the Server Operating System Administration Guide. For
index.htm).
144 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-634: File has been changed (at time) since this backout file ended (at
time).
Source:
Explanation:
FILESYS.NLM
This informational message indicates that the file has changed since it was
backed out.
FILESYS-X-637: Error reading original data.

Source:
FILESYS.NLM
Possible Cause:
This error might indicate hardware failure or a corrupted Transaction Tracking

System (TTS) backout file.
Action:
suspect file corruption, delete the corrupted file and replace it with a backup.
FILESYS-X-638: Record data in the file before the backout.

Source:
Explanation:
FILESYS.NLM
This is a informational message that states that record data was in the file
before it was backed out.
FILESYS-X-642: Error opening file referenced by the backout file on volume name; file
was deleted.
Source:
Explanation:
FILESYS.NLM
This informational message indicates that the referenced file was deleted
before the Transaction Tracking System (TTS) could open it to back it out.
FILESYS-X-644: File has been changed (at time) since this backout file ended (at
time).
Source:
Explanation:
FILESYS.NLM
This informational message indicates that the file has changed since it was
backed out.
FILESYS-X-645: Hole In File Restored To Offset offset.

Source:
Explanation:
FILESYS.NLM
This informational message indicates that a hole in the file has been restored
to the indicated offset. (A hole is a section that is not sequential.)
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-646: Incomplete transactions referencing unmounted volumes were

preserved.
Source:
Explanation:
FILESYS.NLM
This informational message indicates that not all of the volumes are mounted
yet, so the Transaction Tracking System (TTS) backout file is being saved. An
incomplete transaction occurred on one of these unmounted volumes.
FILESYS-X-653: Error opening backout file.

Source:
Possible Cause:
Action:
Possible Cause:
Action:
FILESYS.NLM
A hardware failure occurred.
A Transaction Tracking System (TTS) backout file is corrupted.
If you suspect file corruption, make sure a file backup exists.
Warning: If you delete the file, all data will be destroyed. You will have to
restore the data from a backup.
Delete the corrupted file and replace it with a backup.
FILESYS-X-656: TTS disabled by operator.

Source:
Explanation:
FILESYS.NLM
This informational message indicates that the DISABLE TTS command was
issued from the server's console.
This message is generated to the screen, and to the TTS$LOG.ERR file, just
for a chronological record of when TTS was disabled, and to indicate that it
was disabled by the operator rather than by TTS itself (as is the case when the
TTS runs out of disk space).
FILESYS-X-657: TTS disabled because of error reading backout file.

Source:
Explanation:
Action:
FILESYS.NLM
The Transaction Tracking System (TTS) could not read the backout file. TTS
was disabled because it could not reliably back out any transactions. TTS
protection is gone, but completed transactions are intact.
No further action is required. You can continue without TTS protection.
146 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-658: TTS disabled because of error writing to file during backout.

Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
The Transaction Tracking System (TTS) had a problem writing to the actual
database for which it was backing out transactions, so it disabled itself to
prevent further problems.
The database is probably corrupted.
Try to determine whether the database application can read the database.
Some database programs have recovery utilities that can detect and repair
corruption.
FILESYS-X-659: TTS disabled because of too many defined volumes.

Source:
Possible Cause:
Action:
FILESYS.NLM
The Transaction Tracking System (TTS) can track transactions on only a
certain number of volumes. This number has been exceeded.
Combine volumes so that the number is within the limit set by TTS.
FILESYS-X-660: TTS disabled because of error writing volume definition information.

Source:
Possible Cause:
Action:
FILESYS.NLM
A hardware failure could have occurred.
FILESYS-X-661: TTS disabled because of error reading backout file during record
generation.
Source:
FILESYS.NLM
Possible Cause:
The Transaction Tracking System (TTS) probably disabled itself because it

failed to generate records to be written to a file. This failure occurred when
TTS could not read the backout file for some reason. The problem could be a
hardware failure, a power failure, or a corrupted file.
Action:
See Disk Errors. If you suspect file corruption, delete the file and restore from
a backup.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-662: TTS disabled because of error growing TTS memory tables.

Source:
Possible Cause:
Action:
FILESYS.NLM
See Resolving Server Memory Problems in the Server Operating System
FILESYS-X-663: TTS disabled because of error allocating more disk space for the
backout file.
Source:
Possible Cause:
Action:
FILESYS.NLM
The backout volume is full.
volume will not help.)
FILESYS-X-664: TTS disabled because of directory error on TTS backout file.

Source:
Possible Cause:
Action:
FILESYS.NLM
There is not enough space available on the volume for the directory.
Increase the percentage of volume space that can be used by the directory.
FILESYS-X-666: TTS cannot allocate sufficient memory.

Source:
Possible Cause:
Action:
FILESYS.NLM
FILESYS-X-667: Error renaming old TTS backout file.

Source:
Possible Cause:
Action:
FILESYS.NLM
A hardware error occurred.
148 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-668: Error creating TTS backout file.

Source:
Possible Cause:
Action:
FILESYS.NLM
The volume does not have enough space to create the Transaction Tracking
System (TTS) backout file.
volume probably will not help.)
FILESYS-X-669: Error hiding TTS backout file.

Source:
Possible Cause:
Action:
FILESYS.NLM
A hardware error occurred before the volume was mounted.
FILESYS-X-670: Error writing volume name information to TTS backout file.

Source:
Possible Cause:
Action:
FILESYS.NLM
FILESYS-X-671: Error writing header information to TTS backout file.

Source:
Possible Cause:
Action:
FILESYS.NLM
FILESYS-X-672: Error manipulating the TTS backout file.

Source:
Possible Cause:
Action:
FILESYS.NLM
FILESYS-X-673: TTS cannot allocate memory to do the transaction backouts.

Source:
Possible Cause:
Action:
FILESYS.NLM
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-674: TTS not initialized.

Source:
Explanation:
Action:
FILESYS.NLM
This informational message indicates that Transaction Tracking (TTS) has not
initialized.
No action is necessary unless you want to initialize transaction tracking.
FILESYS-X-675: TTS has been shut down.

Source:
Explanation:
Action:
FILESYS.NLM
The informational message indicates that TTS has been shut down.
No action is necessary unless you want to initialize transaction tracking.
FILESYS-X-682: Transaction tracking system enabled.

Source:
Explanation:
FILESYS.NLM
This informational message indicates that the Transaction Tracking System
(TTS) has been enabled.
FILESYS-X-683: Transaction aborted for station number task number.

Source:
FILESYS.NLM
Action:
See message FILESYS-X-575: Transaction aborted for station number task

number. on page 140
FILESYS-X-684: Abort transaction attempted on station number and could not occur
because transactions were disabled.
Source:
Explanation:
Action:
FILESYS.NLM
A station requested an abort transaction when TTS was not enabled.
Determine why TTS is disabled. A preceding message will indicate whether
the operating system disabled TTS on its own. Otherwise, disable TTS could
have been entered at the system console.
FILESYS-X-685: Backout information for transaction aborted by station number.

Source:
Explanation:
FILESYS.NLM
This informational message indicates that the backout information for the
transaction was aborted by the station indicated in the message.
150 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-687: Original record data from the backout file (being written back to the
file).
Source:
Explanation:
FILESYS.NLM
This informational message indicates that the original record data from the
backout file is being written back to the file.
FILESYS-X-688: Hole Restored To File At Offset = offset.

Source:
Explanation:
FILESYS.NLM
This inforamational message indicates that a hole in the file has been restored
to the indicated code. (A hole is a section that is not sequential.)
FILESYS-X-694: TTS exceeded the limit of number of active transactions. Number

transactions delayed.
Source:
FILESYS.NLM
Action:
See message FILESYS-X-574: TTS exceeded the limit of number of active

transactions. Number transactions delayed. on page 140
Source:
Possible Cause:
Action:
FILESYS.NLM
Source:
Possible Cause:
Action:
FILESYS.NLM
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-737: Unable to create VOL$LOG.ERR on volume.

Source:
Explanation:
FILESYS.NLM
The system cannot log the error messages it produces to the VOL$LOG.ERR
file. Historical error information for this volume will not be recorded at the
server.
Possible Cause:
The volume was out of room.
Possible Cause:
A disk error occurred.
Action:
FILESYS-X-738: Unable to write to VOL$LOG.ERR on volume.

Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
The system was unable to write to the volume's error file.
A disk failure occurred.
Another message should appear that indicates what went wrong. Correct the
problem according to the information in the message.
FILESYS-X-739: Volume name still operational despite drive deactivation.

Source:
Explanation:
Action:
FILESYS.NLM
One of the disk drives in the volume has gone down. However, the volume's
integrity has not been compromised sufficiently to bring the entire volume
down.
FILESYS-X-740: Volume name dismounted due to drive deactivation.

Source:
FILESYS.NLM
Possible Cause:
A disk driver was unloaded.
Possible Cause:
The operating system initiated the driver unload.
Action:
Possible Cause:
Action:
Possible Cause:
Action:
Make sure the disk driver is loaded.

A disk failure occurred.
The volume is offline and unavailable to users.
Remount the volume.
152 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-745: Attempt to allocate memory to read volume definition tables failed.

Source:
Possible Cause:
Action:
FILESYS.NLM
FILESYS-X-746: Volume name could NOT be mounted. Some or all volume segments
cannot be located
Source:
Possible Cause:
Action:
FILESYS.NLM
The volume specified in the MOUNT command could not be mounted. The
volume has segments on more than one hard disk, and at least one of the hard
disks is not responding.
Make sure all disk drivers have been loaded. See Disk Errors in the Server
FILESYS-X-748: Attempt to allocate memory to hold NetWare partition information

failed.
Source:
Possible Cause:
Action:
FILESYS.NLM
The server does not have enough memory to hold partition information.
FILESYS-X-759: Unable to read volume definition table from NetWare partition on

drive.
Source:
FILESYS.NLM
Possible Cause:
The volume definition table on the specified drive could not be read because
of a disk error. Consequently, the volume could not be mounted.
Action:
Check the disk drive and the cable. See Disk Errors in the Server Operating
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-760: Volume definition table mirror mismatch on drive. NetWare partition

ignored.
Source:
Explanation:
Action:
FILESYS.NLM
Four copies of the Volume Segment Definition table are kept on each NetWare
partition. This error indicates that these copies do not match.
Rename or delete the volume.
FILESYS-X-761: Block allocation size does not match.

Source:
Explanation:
Possible Cause:
Action:
Possible Cause:
Action:
FILESYS.NLM
Two segments of the volume claim different block allocation sizes.
Two volumes on the server have identical names, and a segment from each
volume is causing the error.
Unload the disk driver for the volume that you do not want to rename. Rename
the other volume (the volume that is on the hard disk that still has its disk
driver loaded). Then load the disk driver that you just unloaded. Mount both
volumes.
The volume is corrupted.
FILESYS-X-762: Number of segments in the volume does not match.

Source:
Explanation:
Possible Cause:
Action:
Possible Cause:
FILESYS.NLM
Two segments of the volume claim different numbers of segments.
Two volumes on the server have identical names and a segment from each
volumes.
154 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
Action:
99a
38
July 17, 2001

FILESYS-X-763: Volume flags do not match.

Source:
Explanation:
Possible Cause:
Action:
Possible Cause:
Action:
FILESYS.NLM
Two segments of the volume claim that the volume has different flags.
volumes.
If the volume is corrupted, try renaming or deleting the volume.
FILESYS-X-764: First block for FAT table 0 does not match.

Source:
Explanation:
Possible Cause:
Action:
Possible Cause:
FILESYS.NLM
blocks in which a file is located. Two segments of the volume claim a different
File Allocation Table 0's (or 1's) first block.
volumes.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
Action:
99a
38
July 17, 2001

FILESYS-X-765: First block for FAT table 1 does not match.

Source:
Explanation:
Possible Cause:
Action:
Possible Cause:
Action:
FILESYS.NLM
blocks in which a file is located. Two segments of the volume claim a different
File Allocation Table 0's (or 1's) first block.
volumes.
FILESYS-X-766: First block for directory table 0 does not match.

Source:
Explanation:
Possible Cause:
Action:
Possible Cause:
Action:
FILESYS.NLM
Two segments of the volume claim a different directory table zero's first block.
volumes.
If the volume is corrupted, run try renaming or deleting the volume.
156 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-767: First block for directory table 1 does not match.
Source:
Explanation:
Possible Cause:
Action:
Possible Cause:
Action:
FILESYS.NLM
Two segments of the volume claim a different directory table one's first block.
volumes.
FILESYS-X-768: Volume segment entry number on drive is invalid:

Source:
FILESYS.NLM
Possible Cause:
The Volume Segment table is corrupted.
Possible Cause:
The Volume Segment table does not have a volume name.
Possible Cause:
The volume name is illegal.
Possible Cause:
The block allocation size is illegal.
Possible Cause:
One of the other entry fields is illegal.

Another message should follow this message. It will indicate which field is
illegal. The segment will not be added to the volume tables. If the segment is
needed for mounting the volume, then the volume will not be mounted.
Action:

System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-769: Two volume segments with same sync value have mismatched data.
Source:
Explanation:
Action:
FILESYS.NLM
The values specified by two segments on the volume do not match. Another
message should follow this message to indicate which values do not match.
FILESYS-X-770: Volume has no volume name.

Source:
Possible Cause:
Action:
FILESYS.NLM
The MOUNT or DISMOUNT command was issued, but the volume name
was not specified.
Specify a volume name.
FILESYS-X-771: Volume name name is too short.

Source:
Explanation:
Action:
FILESYS.NLM
A volume name must be at least two characters long.
Make sure that you typed a valid volume name in the MOUNT console
command and that you spelled it correctly.
FILESYS-X-773: Invalid number of volume segments number.

Source:
Possible Cause:
Action:
FILESYS.NLM
During an attempt to mount a volume, the operating system determined that
the volume contained too many segments (there is an eight segment limit).
158 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-774: Invalid volume segment position of position_number of number

segments.
Source:
Possible Cause:
Action:
FILESYS.NLM
The segment position is greater than the number of segments.
FILESYS-X-775: Invalid starting sector offset of number on a drive of size number.

Source:
Explanation:
Action:
FILESYS.NLM
The offset of the starting sector of a partition is greater than the size of the
partition.
FILESYS-X-776: Invalid starting sector offset of number.

Source:
Explanation:
Action:
FILESYS.NLM
The offset of the starting sector is invalid. The sector is probably corrupted.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-777: Invalid segment length of number starting at number on a drive of

size number.
Source:
Explanation:
Action:
FILESYS.NLM
A segment of a partition has too many sectors or has sectors that exceed
allowable size. The segment is probably corrupted.
FILESYS-X-778: Invalid FAT table 0 starting block of number on volume of size

number.
Source:
Explanation:
Action:
FILESYS.NLM
blocks in which a file is located. The FAT table on this volume has an invalid
table zero starting block. The table is probably corrupted.
FILESYS-X-779: Invalid FAT table 1 starting block of number on volume of size

number.
Source:
Explanation:
Action:
FILESYS.NLM
blocks in which a file is located. The FAT table on this volume has an invalid
table one starting block. The table is probably corrupted.
160 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-780: Invalid directory table 0 starting block of number on volume of size

number.
Source:
Explanation:
Possible Cause:
Action:
FILESYS.NLM
A segment on the primary volume has an inconsistency in the starting point of
the directory table of block pointers.
The table is probably corrupted.
Run VREPAIR on the primary volume.
FILESYS-X-781: Invalid directory table 1 starting block of number on volume of size

number.
Source:
Possible Cause:
Action:
FILESYS.NLM
A segment on the mirrored volume has an inconsistency in the starting point
of the directory table of block pointers.
Run VREPAIR on the mirrored volume.
FILESYS-X-782: Reserved area is not zero filled.

Source:
Possible Cause:
Action:
FILESYS.NLM
While mounting a volume, the operating system found that the reserved area
of a segment definition was not zero-filled as it should be. Therefore, the
segment was not included in the volume definition table.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-783: Volume name has multiple sync definitions. All definitions except
number discarded.
Source:
Explanation:
FILESYS.NLM
This informational message indicates that while checking a volume definition
during mounting of the volume, the operating system discarded all unneeded
synchronization values.
FILESYS-X-784: Volume name has multiple definitions for segment number.

Source:
Possible Cause:
FILESYS.NLM
While mounting a volume, the operating system found multiple definitions for
the specified segment, indicating that the current synchronization value is
invalid. The operating system will discard the invalid synchronization value.
FILESYS-X-785: Volume name is missing segment number.

Source:
Possible Cause:
Action:
FILESYS.NLM
While checking a volume definition during mounting of the volume, the
operating system found that a segment was missing. Segments are
consecutively numbered.
FILESYS-X-786: Volume name segment number ends at block number and segment
number starts at block number.
Source:
Possible Cause:
Action:
FILESYS.NLM
The volume segments are not contiguous.
Before troubleshooting the problem, back up all data. Make sure that the
operating system can recognize all disks over which the volume is distributed
and that none have been corrupted. Run VREPAIR and restart the system.
162 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-787: Volume name first segment (number) does not start at block 0.
Source:
Explanation:
FILESYS.NLM
The first segment of a volume must start with block 0. While mounting the
specified volume, which is distributed over multiple physical disks, the
operating system could not find the first segment. The segment that it found is
not the first segment in the volume because it does not begin with block 0.
Possible Cause:
The disk was corrupted.
Possible Cause:
A hardware problem exists on the network.
Action:
Before troubleshooting the problem, back up all data on the affected disk. See
Disk Errors in the Server Operating System Administration Guide.
FILESYS-X-788: Volume name last segment (number) ends at block number instead
of number.
Source:
Explanation:
FILESYS.NLM
This informational message indicates that the segment ends at a block that is
incorrect based on the operating system's calculation of where the segment
begins and how large it is.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-789: Definition for volume name is invalid.

Source:
Explanation:
FILESYS.NLM
This informational message indicates that while mounting one or more
volumes, the operating system found an invalid definition for the specified
volume.
FILESYS-X-790: Volume name not found in existing volumes list.

Source:
Explanation:
FILESYS.NLM
This informational message indicates that the operating system could not find
a volume that it tried to discard.
FILESYS-X-791: Definition for sync number of volume name removed.

Source:
Explanation:
FILESYS.NLM
This informational message indicates that the operating system discarded an
unneeded synchronization value while it was schecking a volume definition
during mounting of the volume.
FILESYS-X-792: Volume name sync number not found in volume's sync list.
Source:
Explanation:
FILESYS.NLM
This informational message indicates that the operating system found that the
value was not in the volume's synchronization list while it was trying to
discard an unneeded or invalid synchronization value.
FILESYS-X-796: Volume name could not be mounted. There are already number
volumes mounted. No more volumes can be mounted.
Source:
Explanation:
Action:
FILESYS.NLM
Mounting another volume would exceed the allowed limit for volumes
concurrently mounted.
Dismount one or more volumes and try the MOUNT server utility again.
FILESYS-X-802: Volume manager error. Volume name not mounted.

Source:
Possible Cause:
FILESYS.NLM
An error prevented the volume from being mounted.
164 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
Action:
99a
38
July 17, 2001

FILESYS-X-817: Unable to initialize system auditing on volume name. Volume mount

aborted.
Source:
FILESYS.NLM
Possible Cause:
The operating system cannot open the audit file.
Possible Cause:
The audit file is already at its maximum size.
Action:
Check the size of the auditing file before continuing.
FILESYS-X-818: Unable to allocate memory to mount volume name.

Source:
Possible Cause:
Action:
FILESYS.NLM
FILESYS-X-820: Overlapping segment entry found starting at offset number on server

for volume name segment number.
Source:
Explanation:
FILESYS.NLM
This informational message indicates that the operating system found an
overlapping disk area when it tried to mount the volume. The operating system
will discard the volume.
FILESYS-X-823: Drive failed while reading in volume information tables.

Source:
Possible Cause:
Action:
FILESYS.NLM
The drive holding the volume had a physical failure while the volume
information tables were being read.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FILESYS-X-825: Total volume size does not match.

Source:
Explanation:
Possible Cause:
Action:
Possible Cause:
Action:
FILESYS.NLM
Two segments of the volume claim different numbers of segments.
volumes.
If the volume is corrupted, run the ConsoleOne and select Volume Options.
166 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
FLAG Messages
The following includes messages from the FLAG.EXE.
FLAG-x-001: Action has been terminated by the operator.
Source:
Possible Cause:
Action:
FLAG.EXE
The FLAG was terminated by pressing <Ctrl>+<C>, <Ctrl>+<Break>, or
<Esc>.
FLAG-x-225: The mode you specified is reserved.

Source:
Possible Cause:
Action:
FLAG.EXE
Mode 4 or 6 was entered. These modes are reserved and cannot be used.
Use modes 0, 1, 2, 3, 5, or 7.
FLAG-x-250: The assigned mode was invalid.

Source:
Possible Cause:
Action:
FLAG.EXE
The mode that was entered was not in the valid range.
Use modes 0, 1, 2, 3, 5, or 7.
FLAG-x-275: Specify a file before assigning a mode.

Source:
Possible Cause:
Action:
FLAG.EXE
The user specified a valid directory path, not a filename. Directories cannot be
assigned modes.
Specify a filename in the command.
FLAG Messages 167
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FLAG-x-300: Access is denied.

Source:
Possible Cause:
Action:
FLAG.EXE
The user might not have adequate rights to access the file or modify directory
attributes.
Use the RIGHTS utility to check the user's rights.
Possible Cause:
The file is in use or the directory attributes are being modified while another
user is modifying the same directory.
Action:
If the user account has adequate rights, make sure that the file is not in use, or
that another user is not currently modifying the directory attributes.
FLAG-x-325: You do not have rights to change file or directory attributes

Source:
Possible Cause:
Action:
FLAG.EXE
The user account does not have the Supervisor or Access Control right to
modify file attributes.
Make sure the user has appropriate user access rights. Use the RIGHTS utility
to find out what the user account rights are at the volume level, grant the
appropriate user access rights, and try the command again.
FLAG-x-350: This utility was unable to set the attributes.

Source:
FLAG.EXE
Possible Cause:
A request to change the attributes for a file or a directory was not successful.
Possible Cause:
The user account does not have the appropriate Supervisor or Access Control
rights to change the attributes.
Action:
Possible Cause:
Action:
Possible Cause:
Action:
Make sure the user has appropriate user access rights.

The file is locked, or the directory attributes are being modified by another
user.
Make sure the file is not in exclusive use by another process.
The file is in use or is corrupted.
Make sure that the file is not corrupted.
168 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
FLAG-x-400: This utility was unable to set the DOS file.

Source:
Possible Cause:
Action:
FLAG.EXE
The file might be corrupted.
Try to read or run the file. If you can, flag the file again. If you can't, the file
is probably corrupted. Get a new copy of the file, then flag the file.
FLAG-x-425: The specified attribute(s) is not supported in this version of NetWare.

Source:
Possible Cause:
Action:
FLAG.EXE
The user specified an attribute that is not supported by the NetWare server
where the file is located.
Get a list of attributes supported by the server where the file is located by
typing FLAG /? at the command line. Make sure to run FLAG from the drive
mapped to the file's location.
FLAG-x-441: The /DO command is not supported for local drives.

Source:
FLAG.EXE
Action:
When referencing local drives, do not use the /DO command line option.
FLAG-x-450: Owners cannot be assigned to local drives or files.

Source:
Possible Cause:
Action:
FLAG.EXE
This attribute is not supported with files on local drives.
When assigning attributes to files on local drives, do not use this attribute.
FLAG-x-450: The attribute_name attribute is not supported for local files.

Source:
FLAG.EXE
Action:
When assigning attributes to files on local drives, do not use the specified
attribute.
FLAG-x-450: The Search mode is not supported for local files.

Source:
FLAG.EXE
Action:
When searching local drives, do not use the search mode in FLAG.
FLAG Messages 169
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FLAG-x-575: This owner was not found.

Source:
Possible Cause:
Action:
FLAG.EXE
The owner specified is not a user on the network.
Make sure that the user typed the owner's name correctly. Make sure that the
owner that the user specified is a current user on the network.
FLAG-x-625: This utility was unable to allocate the volume handle.

Source:
Possible Cause:
Action:
Possible Cause:
Action:
FLAG.EXE
The client workstation is not attached to a server
If the user is using a server version prior to NetWare 4, make sure the client
workstation is attached to the desired server. If the user is using a NetWare 4
or later version server, make sure the client workstation has a drive mapped to
volume and server or to the volume object.
The volume is not mounted or does not exist.
Make sure that the volume is mounted and that the user typed the volume
name correctly.
FLAG-x-650: This utility cannot assign volume attributes in v2.x.

Source:
FLAG.EXE
Action:
When using a NetWare 2 server, do not set volume attributes.
FLAG-x-673: This utility was unable to get the connection information.

Source:
FLAG.EXE
Action:
Retry the command. If the problem persists, contact a Novell support

provider.
FLAG-x-675: This utility was unable to change the volume attributes.

Source:
Explanation:
Action:
FLAG.EXE
Your user account must have the Supervisor or Access Control right to change
attributes.
Find out what the user's account rights are at the volume level by using the
RIGHTS utility. If appropriate, make sure the user has the Supervisor or
Access Control rights. After the user's rights are assessed and reassigned if
necessary, try the command again.
170 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
FLAG-x-700: The Execute Only attribute cannot be assigned to local files.

Source:
FLAG.EXE
Action:
FLAG-x-725: The Private attribute cannot be assigned to local files.

Source:
FLAG.EXE
Action:
FLAG-x-750: The Index attribute is not supported in v3.x or v4.x.

Source:
FLAG.EXE
Possible Cause:
The user tried to use the Index file attribute to flag a file located on a NetWare
3 or NetWare 4 server. This attribute only works on files located on NetWare
2 servers.
Action:
If the files are located on NetWare 3 or NetWare 4 servers, do not use the Index
file attribute.
FLAG-x-775: The Private attribute is not supported in v3.x or v4.x.

Source:
Possible Cause:
Action:
FLAG.EXE
The user tried to use the Private file attribute on a file located on a NetWare 3
or NetWare 4 server. This attribute only works on files located on NetWare 2
servers.
If the files are located on NetWare 3 or NetWare 4 servers, do not use the
Private file attribute.
FLAG-x-800: The Purge attribute is not supported in v2.x.

Source:
FLAG.EXE
Possible Cause:
The user tried to use the Purge file attribute on a file located on a NetWare 2
server. This attribute only works on files located on NetWare 3 and NetWare
4 servers.
Action:
If the files are located on NetWare 2 servers, do not use the Purge file attribute
to flag the files.
FLAG Messages 171
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FLAG-x-819: You cannot assign a user and group at the same time.
Source:
Possible Cause:
Action:
FLAG.EXE
Users and groups must be assigned in separate commands. The user tried to
assign them at the same time.
Try again, assigning users and groups separately.
FLAG-x-825: The Copy Inhibit attribute is not supported in v2.x

Source:
FLAG.EXE
Possible Cause:
The user tried to use the Copy Inhibit file attribute to flag a file located on a
NetWare 2 server. This attribute only works on files located on NetWare 3 and
NetWare 4 servers.
Action:
If the files are on a NetWare 2 server, do not use Copy Inhibit file attribute to
flag the files.
FLAG-x-850: The Delete Inhibit attribute is not supported in v2.x

Source:
FLAG.EXE
Possible Cause:
The user tried to use the Delete Inhibit file attribute to flag a file located on a
NetWare 2 server. This attribute only works on files located on NetWare 3 and
NetWare 4 servers.
Action:
If the files are located on NetWare 2 servers, do not use the Delete Inhibit file
attribute to flag the files.
FLAG-x-875: The Rename Inhibit attribute is not supported in v2.x

Source:
FLAG.EXE
Possible Cause:
The user tried to use the Rename Inhibit file attribute to flag a file located on
a NetWare 2 server. This attribute only works on files located on NetWare 3
and NetWare 4 servers.
Action:
If the files are located on NetWare 2 servers, do not use the Rename Inhibit
file attribute to flag the files.
FLAG-x-876: The Migrate attribute is supported only with NetWare v4.x

Source:
Possible Cause:
Action:
FLAG.EXE
The user tried to set the Migrate attribute on a server that is not a NetWare 4
server. This attribute is supported only on NetWare 4 servers.
Use the Migrate attribute only on a NetWare 4 server.
172 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FLAG-x-877: The Compress attribute is supported only with NetWare v4.x

Source:
FLAG.EXE
Explanation:
The user tried to set the Immediate Compress or Don't Compress attribute on
a server that is not a NetWare 4 server.
Action:
If the server is not a NetWare 4 server, do not use the Immediate Compress or
Don't Compress attribute.
FLAG-x-878: You cannot set both the Immediate Compress and Don't Compress
attributes.
Source:
FLAG.EXE
Possible Cause:
The user tried to set both the Immediate Compress file attribute and the Don't
Compress file attribute. These two file attributes cannot both be set at the same
time.
Action:
Decide whether the file should be compressed or not compressed; then use the
appropriate flag.
FLAG-x-879: Migration is not enabled on the server.

Source:
Possible Cause:
Action:
FLAG.EXE
The user tried to use the Migration capability on a server that is not currently
supporting migration.
Verify the Migration status on the server. If the problem persists, contact a
FLAG-x-880: Compression is not enabled on the server.

Source:
Possible Cause:
Action:
FLAG.EXE
The user tried to use the Compression capability on a server that is not
currently supporting compression.
Verify the Compression status on the server. If the problem persists, contact a
FLAG-x-901: You are not attached to the specified server.

Source:
FLAG.EXE
Action:
See message 901: You are not attached to the specified server. on page 775
FLAG Messages 173
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FLAG-x-903: The command line syntax is invalid.

Source:
FLAG.EXE
Action:
FLAG-x-905: This utility was unable to initialize the country information.

Source:
FLAG.EXE
Action:
See message 905: This utility was unable to initialize the country
information. on page 775
FLAG-x-908: The specified path is invalid.

Source:
FLAG.EXE
Action:
See message 908: The specified path is invalid. on page 776
FLAG-x-909: You are not mapped to the specified drive.

Source:
FLAG.EXE
Action:
See message 909: You are not mapped to the specified drive. on page 777
FLAG-x-910: This utility was unable to parse the specified path.

Source:
FLAG.EXE
Action:
See message 910: This utility was unable to parse the specified path. on
page 777
FLAG-x-911: Directory Services is not active at this time.

Source:
FLAG.EXE
Action:
See message 911: Directory Services is not active at this time. on page 777
FLAG-x-912: The specified file cannot be found.

Source:
FLAG.EXE
Action:
See message 912: The specified file cannot be found. on page 777
174 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FLAG-x-913: The specified directory cannot be found.

Source:
FLAG.EXE
Action:
See message 913: The specified directory cannot be found. on page 778
FLAG-x-914: The specified file or directory cannot be found.

Source:
FLAG.EXE
Action:
See message 914: The specified file or directory cannot be found. on page
778
FLAG-x-915: The specified volume does not exist.

Source:
FLAG.EXE
Action:
See message 915: The specified volume does not exist. on page 778
FLAG-x-916: This utility only supports 25 levels of directories.

Source:
FLAG.EXE
Action:
See message 916: This utility only supports 25 levels of directories. on page
778
FLAG-x-917: This utility was unable to set the context.

Source:
FLAG.EXE
Action:
See message 917: This utility was unable to set the context. on page 778
FLAG-x-925: This utility is not supported on Personal NetWare servers.

Source:
Explanation:
Action:
FLAG.EXE
FLAG does not support drives located on Personal NetWare servers.
Use the Personal NetWare utilities to perform the desired task.
FLAG-x-970: The attempt to open the Unicode table files failed.

Source:
FLAG.EXE
Action:
page 781
FLAG Messages 175
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FLAG-x-971: The workstation does not have enough memory to load the Unicode
table files.
Source:
FLAG.EXE
Action:
FLAG-x-972: Access to the Unicode table files was denied.

Source:
FLAG.EXE
Action:
See message 972: Access to the Unicode table files was denied. on page
781.
FLAG-x-973: The Unicode table files cannot be found in the NLS directory or in the
Source:
FLAG.EXE
Action:
page 782
FLAG-x-974: The Unicode table files are corrupt.

Source:
FLAG.EXE
Action:
See message974: The Unicode table files are corrupt. on page 783
FLAG-x-975: The Unicode table files cannot be opened because there are already too
Source:
FLAG.EXE
Action:
file. on page 783
FLAG-x-998: The message file found (utility_name.MSG) is an incorrect version. The

Source:
FLAG.EXE
Action:

176 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FLAG-x-999: The message file for this utility cannot be found.

Source:
FLAG.EXE
Action:
784
FLAG Messages 177
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
178 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
FPSM Messages
The following includes messages from the FPSM.NLM.
FPSM-X-001: Notice: An 80x87 floating-point emulator is already present. FPSM will
not attempt to register another.
Source:
Explanation:
Action:
FPSM.NLM
The emulator provided by FPSM.NLM is not needed, probably because the
chip provides its own 80x87 floating point emulator.
No action is needed.
FPSM-X-002: Error number registering the 80x87 emulator.

Source:
Possible Cause:
Action:
FPSM.NLM
The FPSM.NLM, clib.nlm, and related programs were not loaded because a
software inconsistency or resource shortage prevented the FPSM.NLM from
registering the floating point emulator.
Note which NLMTM programs that are loaded might interfere with the
FPSM.NLM program's need to register the floating point emulator.
Make sure these NLM programs: clib.nlm, FPSM.NLM, LIB0.NLM,
NIT.NLM, NLMLIB.NLM, REQUESTR.NLM and THREADS.NLM are all
the same version. These NLM programs are usually distributed as a set. To
find a set of these NLM programs, refer to an authorized distribution source,
such as http://support.novell.com.
FPSM Messages 179
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
FPSM-X-004: FPSM failed to allocate its local call gate resource tag. There may not be
enough server memory, or server memory may be corrupted. This is not fatal.
Source:
Explanation:
Action:
FPSM.NLM
This message appears if system memory is low.
Load NLMs in the kernel address space, instead of in a protected address
space. Check server memory and add more memory if necessary. See Freeing
Server Memory Temporarily in the Server Operating System Administration
Guide.
180 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
FTP Server Messages

The following includes messages from the NWFTPD.NLM and
FTPUPGRD.NLM.
Failed to bind to FTP port
Source:
Explanation:
Possible Cause:
Action:
NWFTPD.NLM
The port that the FTP Server is trying to bind to is busy.
Another instance of the FTP Server or another application is bound to the port.
Unload the application that is bound to the port, bind the FTP Server to a
different port, or delete the busy port from TCPCON.
Failed to initialize Anonymous user

Source:
Explanation:
Possible Cause:
Action:
NWFTPD.NLM
The FTP Server failed to create an Anonymous user.
Incorrect data was entered to create the user.
Enter nwftpd -a [-c config_file].
Failed to add Anonymous User object to NDS

Source:
Possible Cause:
Action:
NWFTPD.NLM
FTP Server Messages 181
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Failed to generate an ObjectKeyPair

Source:
Possible Cause:
Action:
NWFTPD.NLM
Failed to open configuration file

Source:
Possible Cause:
Action:
NWFTPD.NLM
The configuration file is not available at specified location.
Verify if the configuration file is available at the specified location.
Unable to find default configuration file

Source:
Possible Cause:
Action:
NWFTPD.NLM
Configuration file is not available at default location (SYS:/ETC).
Verify if the configuration file is availabl at the default location.
Unable to locate Anonymous user in default context

Source:
Possible Cause:
Action:
NWFTPD.NLM
Anonymous use does not exist at the FTP Server's context
Run nwftpd -a to create anonymous user and reload NWFTPD.NLM.
USAGE : nwftpd [-c <Config File>] [-a]

Source:
Possible Cause:
Action:
NWFTPD.NLM
The user might have tried to load NWFTPD.NLM with wrong usage.
Load NWFTPD.NLM by typing only the NLM name for default configuration
file, or ftpupgrd [-c config_file] for specific configuration file
name or nwftpd [-a] for creating anonymous user.
Could not create the .cfg file.

Source:
Possible Cause:
Action:
FTPUPGRD.NLM
Configuration file does not exist for ftp server upgrade, or existing
configuration file has read only access.
Modify the file access if it is read only or specify proper configuration file
name with ftpupgrd [-c config_file] usage.
182 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Could not create the FTP Server Restriction file.

Source:
Possible Cause:
Action:
FTPUPGRD.NLM
Restriction file does not exist for ftp server upgrade, or existing Restriction
file has read only access.
Modify the file access if it is read only or specify proper restriction file name.
Failed to upgrade.
Source:
FTPUPGRD.NLM
Possible Cause:
Configuration file does not exist for FTP server upgrade, or existing
configuration file has read only access, or restriction file does not exist for ftp
server upgrade, or existing Restriction file has read only access
Action:
Modify the file access if it is read only or specify the proper configuration file
name with ftpupgrd [-c config_file] uusage. Modify the file
access if it is read only or specify proper restriction file name.
Correct Usage: ftpupgrd [-c <Config File>]

Source:
FTPUPGRD.NLM
Possible Cause:
The user might have tried to load FTPUPGRD.NLM with wrong usage.
Action:
Use the specified user command ftpupgrd [-c config_file].
FTP Server Messages 183
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
184 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
July 17, 2001
38
HDETECT Messages
The following includes messages from the HDETECT.NLM.
A file copy error occurred. Error: code.
Source:
Possible Cause:
Action:
HDETECT.NLM
The server ran out of disk space, or the hard disk failed.
Verify that the server has enough disk space (a 50MB DOS partition) and that
the hard disk is functional. For information about a specific error code, search
A write error occurred on file filename. Error: code.

Source:
Possible Cause:
Action:
HDETECT.NLM
The server ran out of disk space, or the hard disk failed.
the hard disk is functional. For information about a specific error code, search
An attempt to access DOS on this server was unsuccessful.

Source:
Possible Cause:
Action:
HDETECT.NLM
The server has run out of disk space, or the hard disk has failed.
Verify that the hard disk is functional.
HDETECT Messages 185
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
An error occurred while opening the response file.

Source:
Possible Cause:
Action:
HDETECT.NLM
Installation is using outdated information from older files in the nwupdate
directory.
Make sure that current files are in the nwupdate directory. Exit installation and
begin again.
An error occurred while reading the response file.

Source:
Possible Cause:
Action:
HDETECT.NLM
Installation is using outdated information from older files in the nwupdate
directory.
Make sure that current files are in the nwupdate directory. Exit installation and
begin again.
An error occurred while writing the response file.

Source:
Possible Cause:
Action:
HDETECT.NLM
The server ran out of disk space or the hard disk failed.
the hard disk is functional.
Cannot write file.

Source:
Possible Cause:
Action:
HDETECT.NLM
The server ran out of disk space or the hard disk has failed.
the hard disk is functional.
Directory path either is invalid or does not contain the desired file filename.
Source:
Possible Cause:
Action:
HDETECT.NLM
The path or filename does not exist as you specified it.
Make sure that the directory exists and that the path correctly points to the
filename.
186 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Directory path either is invalid or does not contain the desired file filename. Press
<F3> (or F4>, if applicable) and specify a different path.
Source:
Possible Cause:
HDETECT.NLM
The path or filename does not exist as you specified it.
File filename cannot be opened. Error code.

Source:
Possible Cause:
Action:
HDETECT.NLM
The filename does not exist, or you have incorrectly specified the path.
Make sure that the directory exists or specify a different path. For information
about a specific error code, search the Error Codes online documentation
(http://www.novell.com/documentation/lg/nwec/docui/index.htm).
File filename cannot be read. Error code.

Source:
Possible Cause:
Action:
HDETECT.NLM
Make sure that the file exists or specify a different path. For information about
a specific error code, search the Error Codes online documentation (http://
File filename could not be saved to path.

Source:
Possible Cause:
Action:
HDETECT.NLM
The destination directory does not exist, or you have incorrectly specified the
path.
Make sure that the directory exists and that you have correctly entered the
path.
File filename was not found.

Source:
Possible Cause:
Action:
HDETECT.NLM
Make sure that the file exists or specify a different path.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
No disk driver files (*.HAM, *.CDM) or their description files (*.DDI) were found.
Source:
HDETECT.NLM
Possible Cause:
The directory or files do not exist, or you have incorrectly specified the path.
Action:
Make sure that the directory or files exist and that you have correctly entered
the path.
No HotPlug support module files or their description files (*.HDI) were found at this
path.
Source:
HDETECT.NLM
Possible Cause:
Action:
the path.
No HotPlug support modules were found at path.

Source:
Possible Cause:
Action:
HDETECT.NLM
The directory does not exist. The files do not exist, or you have incorrectly
specified the path.
Make sure that the directory exists and that you have correctly entered the
path.
No LAN driver files (*.LAN) or their description files (*.LDI) can be found. Volume SYS
may be unmounted, or directory SYS:SYSTEM may not contain any driver files.
Source:
HDETECT.NLM
Possible Cause:
Action:
the path.
Action:
Mount volume SYS.
Action:
Copy driver files from the NetWare or third-party CD-ROM to

SYS:SYSTEM.
No LAN driver files (*.LAN) or their description files (*.LDI) were found at this path.
Source:
HDETECT.NLM
Possible Cause:
Action:
the path.
188 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
No LAN driver files (*.LAN) were found at path.

Source:
HDETECT.NLM
Possible Cause:
Action:
the path.
No psm driver files (*.PSM) or their description files (*.MDI) were found.
Source:
HDETECT.NLM
Possible Cause:
Action:
the path.
No PSM driver files (*.PSM) or their description files (*.MDI) were found at this path.
Source:
HDETECT.NLM
Possible Cause:
Action:
the path.
No PSM drivers were found at path.

Source:
HDETECT.NLM
Possible Cause:
Action:
the path.
No sbd driver files (*.NLM) or their description files (*.HDI) were found.
Source:
HDETECT.NLM
Possible Cause:
Action:
the path.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
No Storage driver files (*.HAM, *.CDM) or their description files (*.DDI) were found at
this path.
Source:
HDETECT.NLM
Possible Cause:
Action:
the path.
No Storage drivers were found at path.

Source:
HDETECT.NLM
Possible Cause:
Action:
the path.
Response File Hardware Information is missing.

Source:
Possible Cause:
Action:
HDETECT.NLM
Your customized response file has invalid information about hardware.
Make sure that the response file exists in a specified directory, that you have
correctly entered the path, and that your response file contains valid
information about hardware.
Response File Hardware Mode Information is missing.

Source:
Possible Cause:
Action:
HDETECT.NLM
Your customized response file has invalid information about Hardware Mode.
information about Hardware Mode.
Response File Key string is missing.

Source:
Possible Cause:
Action:
HDETECT.NLM
Your customized response file has invalid information about File Keys.
information concerning File Keys.
190 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Response File Source Information is missing.

Source:
Explanation:
Possible Cause:
Action:
HDETECT.NLM
Novell provides a response file. However, you can specify for the installation
software to use your own custom response file and direct the installation
program to use it (by using the /rf=path parameter). When using this
parameter, you specify the complete path.
You customized a response file and installation is looking for it in an
incorrectly specified directory.
Make sure that the response file exists in a specified directory and that you
have correctly entered the path.
The following driver instance failed to load: string.

Source:
HDETECT.NLM
Action:
Make sure that the selected driver corresponds with the hardware in your
server.
Action:
Verify that the parameters are set correctly for the hardware.
Volume name is out of disk space. File filename cannot be copied.

Source:
HDETECT.NLM
Action:
Verify that the server has enough disk space (500MB NetWare partition) and
that the hard disk is functional.
module name: Unable to allocate memory.

Source:
Possible Cause:
Action:
HDETECT.NLM
The software cannot get memory to create structures. The server does not have
enough memory or has used up its available memory.
If the server does not have 64MB of RAM, add memory.
module name: Unable to create process.

Source:
Possible Cause:
Action:
HDETECT.NLM
The server is unable to create a process that allows HDETECT.NLM to run.
Exit installation and begin again.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
module name: Unable to open screen.

Source:
HDETECT.NLM
Action:
Exit installation and begin again.
192 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
ICMD Messages
The following includes messages from the ICMD.NLM.
ICMD-X-5: Directory directory path name cannot be created. Error: code.
Source:
ICMD.NLM
Action:
index.htm).
ICMD-X-7: DS installation could not be completed. Error code: code.

Source:
ICMD.NLM
Action:
index.htm).
ICMD-X-8: Partitions could not be created. Error code: code.

Source:
ICMD.NLM
Action:
index.htm).
ICMD Messages 193
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
ICMD-X-9: The total space required by files that will be copied (total megabytes to be
copied; total bytes to be copied) is larger than the free space available on the volume
volume name (free space on the volume in megabytes; free space on the volume in
bytes).
Source:
ICMD.NLM
Action:
Delete unnecessary files from the volume, select a different volume, or make
the volume larger.
ICMD-X-10: Config file filename could not be written to. Error: code.
Source:
Possible Cause:
Action:
Possible Cause:
Action:
ICMD.NLM
Volume SYS is not mounted.
Mount the volume.
The hard disk crashed or is inaccessible.
Verify that the hard disk is functional. For information about a specific error
code, search the Error Codes online documentation (http://www.novell.com/
ICMD-X-11: Could not execute console command console command. Error: code.
Source:
ICMD.NLM
Action:
Switch to the console screen to view the problem. For information about a
ICMD-X-13: File or directory directory path cannot be removed. Error: code.

Source:
ICMD.NLM
Action:
index.htm).
ICMD-X-14: The NetWare Loadable Module NLM name could not be located.
Source:
Possible Cause:
Action:
ICMD.NLM
The NLM program is missing or corrupted, could not load its message
database or help file, could not load an NLM program that it depended on, or
could not find one or more symbols that it depended on.
Find out what went wrong by viewing the messages on the console.
194 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
ICMD-X-15: The total space required by files that will be copied (total megabytes to be
copied; total bytes to be copied) is larger than the size of volume volume name (size
of the volume in megabytes; size of the volume in bytes).
Source:
ICMD.NLM
Action:
Select a different volume or make the volume larger.
ICMD-X-17: File filename was not found or is invalid. The new default language
number cannot be set.
Source:
Possible Cause:
Action:
ICMD.NLM
The LCONFIG.SYS file was not found or was corrupted.
ICMD-X-21: A problem occurred while writing to the diskette in drive letter and colon.
The inserted diskette cannot be used.
Source:
Possible Cause:
Action:
ICMD.NLM
The diskette is damaged.
Replace the diskette.
ICMD-X-35: Volumes could not be created. Error code: code.

Source:
ICMD.NLM
Action:
index.htm).
ICMD Messages 195
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
196 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
IDEATA.HAM Messages
The following includes messages from the IDEATA.HAM.
IDEATA.HAM001: This driver is not compatible with the detected bus type
Source:
IDEATA.HAM
Possible Cause:
The driver did not load because the hardware bus type of the server is
incompatible with the bus type the driver was designed to support. The
IDEATA.HAM driver supports IDE/ATA controller cards designed to work on
ISA/EISA machines.
Action:
Use a controller card and compatible .ham driver appropriate for the server's
I/O bus.
IDEATA.HAM003: Insufficient memory to register the object

Source:
Possible Cause:
Action:
IDEATA.HAM
The driver failed to load because there was insufficient memory for the .ham
driver to create the objects necessary to support the controller and attached
devices.
Unload any unnecessary NLM programs and try to reload the driver.
IDEATA.HAM004: Could not load reentrantly

Source:
Possible Cause:
Action:
IDEATA.HAM
The attempt to load the driver reentrantly failed because the driver was unable
to complete reentrant module registration with the NWPA.
Unload any unnecessary .cdm and .ham drivers and try to reload the driver.
IDEATA.HAM Messages 197
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
IDEATA.HAM005: Exceeded the number of allowed load instances

Source:
Explanation:
IDEATA.HAM
This informational message means that you tried to load the .ham driver more
times than allowed. The IDEATA.HAM driver can be loaded four times,
which corresponds to the number of I/O channels currently supported in the
IDE/ATA specification.
IDEATA.HAM006: Insufficient memory to allocate during initialization

Source:
Possible Cause:
Action:
IDEATA.HAM
There is insufficient memory to load and run the driver.
IDEATA.HAM007: Invalid NWPA handle

Source:
Possible Cause:
Action:
IDEATA.HAM
The driver is being passed a bad handle from the NWPA.
Contact Novell Technical Support.
IDEATA.HAM008: None of the parameters matched the known resources

Source:
Possible Cause:
Action:
IDEATA.HAM
The load instance failed because the necessary hardware resources (port and
interrupt values) for configuring the .ham driver were not specified on the
command line.
Reload the driver and specify the appropriate hardware resources.
IDEATA.HAM009: Device not found at the specified port address

Source:
Possible Cause:
Action:
IDEATA.HAM
The driver failed to load because it did not detect any devices at the specified
port address.
Determine the correct port address and reload the driver using this value.
198 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
IDEATA.HAM010: Load failed due to hardware resource conflict

Source:
Possible Cause:
Action:
IDEATA.HAM
The driver could not be loaded because some other driver has reserved one or
all of the hardware resources (port or interrupt) specified for this driver.
Resolve the resource conflict between the competing controllers and reload
the driver.
IDEATA.HAM011: I/O channel registration failed

Source:
Possible Cause:
Action:
IDEATA.HAM
The driver failed to load because channel registration with the server failed.
Unload any unnecessary .cdm and .ham drivers, then reload the driver.
IDEATA.HAM012: Memory allocation error. The driver was unable to allocate an IO

buffer to scan PCI configuration space. The driver needs to scan configuration space
to avoid unsupported controllers.
Source:
Possible Cause:
Action:
IDEATA.HAM
There is insufficient memory to load the driver.
IDEATA.HAM013: A CMD CSA640B ATA/IDE controller is present, so only a single

IDE channel will be supported. Please ensure all IDE devices are attached to the same
channel prior to loading the driver.
Source:
Explanation:
Action:
IDEATA.HAM
This is a warning message that the driver cannot be loaded more than once
because it detected the presence of a CMD CSA640B controller, which only
allows communication with one of its channels safely in NetWare.
Be sure all IDE devices are attached to the same channel, then reload the
server and drivers.
IDEATA.HAM Messages 199
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
200 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
IDECD.CDM Messages
The following includes messages from the IDECE.CDM.
IDECD.CDM001: WARNING! This driver has not been tested with the device_name
device. If you experience problems with this device, contact its manufacturer for an
updated driver.
Source:
Possible Cause:
Action:
IDECE.CDM
The device is not one the driver fully supports, nor is it a device that the driver
excludes. Therefore, the driver is bound to the device to support the generic
(basic) functionality typical of the device class type.
The best action is to contact the manufacturer and obtain a driver that fully
supports the device.
However, barring the idiosyncrasies of the device, this generic driver might
support the device adequately. Until you feel comfortable that this driver
supports the device adequately, do not use it to store critical data.
IDECD.CDM Messages 201
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
202 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
IDEHD.CDM Messages
The following includes messages from the IDEHD.CDM.
IDEHD.CDM001: Warning! The driver did not bind to device_name because it does
not support this device. Contact the manufacturer for a full-function driver.
Source:
Possible Cause:
Action:
IDEHD.CDM
The driver recognizes this device as a known device that it cannot support, not
even generically.
Contact the device manufacturer to obtain the appropriate driver.
IDEHD.CDM002: The driver did not bind to device_name because it could not
determine the appropriate drive geometry
Source:
Possible Cause:
Action:
IDEHD.CDM
The device is not returning necessary information about its geometry. The
device probably does not conform to the standards required of devices that run
with NetWare.
Contact the device manufacturer.
IDEHD.CDM Messages 203
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
204 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
INETCFG Messages
The following includes messages from the INETCFG.NLM.
INETCFG-X-4: Could not get tag for resource allocation.
Source:
Explanation:
Possible Cause:
Action:
INETCFG.NLM
INETCFG could not be loaded because a resource tag could not be allocated
from the NetWare operating system.
Temporarily in the Server Operating System Administration Guide. When
more server memory is available, reload INETCFG.
INETCFG-X-6: Could not initialize user interface.

Source:
INETCFG.NLM
Explanation:
INETCFG could not initialize.
Possible Cause:
Action:
Temporarily in the Server Operating System Administration Guide. When
more server memory is available, reload INETCFG.
INETCFG Messages 205
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
206 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
July 17, 2001
38
IPXS Messages
The following includes messages from the IPXS.NLM.
IPXS-X-1: IPX STREAM module still in use, unloading will have unknown
consequences.
Source:
Possible Cause:
Action:
IPXS.NLM
The IPXS.NLM is being referenced by another NLM program or NetWare
driver. Unloading the module while it is being used might produce unwanted
results.
Wait until the module is not being used, and then retry the unload.
IPXS-X-4: Unable to register module_name device with STREAMS.

Source:
Possible Cause:
Action:
IPXS.NLM
IPXS was unable to register the device with Streams.
If available, see your NetWare Streams developer's documentation.
Otherwise, contact a Novell support provider or application developer.
IPXS-X-9: Unable to open IPX configuration file name. Trying default file name.
Source:
Explanation:
Action:
IPXS.NLM
The specified IPX configuration file could not be opened. The default
configuration file will be used.
None if the default file is opened successfully.
IPXS Messages 207
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
IPXS-X-10: Error number was returned while trying to open filename; unable to
configure RIP, SAP or IPX.
Source:
Explanation:
Action:
IPXS.NLM
The error specified was returned when IPXS attempted to open the file
containing the RIP, SAP, or IPX configuration information. Configuration of
RIP, SAP, or IPX was not accomplished.
IPXS-X-12: Unable to configure IPX for number open IPX sockets, IPXS not loaded.
Source:
Explanation:
Action:
IPXS.NLM
The ipx_init function was unable to configure IPX for the indicated number of
IPX open sockets.
provider.
IPXS-X-13: Unable to configure IPXS for number open IPX sockets, IPXS not loaded.
Source:
Explanation:
Action:
IPXS.NLM
The ipx_init function was unable to configure IPX for the indicated number of
IPX open sockets.
provider.
IPXS-X-14: Invalid format in file name; unable to configure RIP, SAP or IPX.
Source:
Explanation:
Possible Cause:
Action:
IPXS.NLM
IPXS cannot configure RIP, SAP, or IPX due to an incorrect configuration file
format.
The configuration file is corrupted.
Run MONITOR to regenerate the file.
IPXS-X-15: Invalid format in file name; unable to configure IPX.

Source:
Explanation:
Possible Cause:
Action:
IPXS.NLM
IPXS cannot configure IPX due to an incorrect configuration file format.
208 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
IPXS-X-16: Error number was returned while trying to open name; unable to load SAP
restrictions.
Source:
Explanation:
Action:
IPXS.NLM
The specified error was returned while IPXS attempted to open the
configuration file containing the SAP restriction information.
provider.
IPXS-X-17: Bad record format; unable to complete loading SAP restrictions.

Source:
Explanation:
Possible Cause:
Action:
IPXS.NLM
IPXS cannot configure SAP due to an incorrect record format.
IPXS-X-18: Invalid format in file name; unable to configure RIP and SAP.
Source:
Explanation:
Possible Cause:
Action:
IPXS.NLM
IPXS cannot configure RIP and SAP due to an incorrect configuration file
format.
IPXS-X-19: Bad record format; unable to complete loading IPX configuration.

Source:
Explanation:
Possible Cause:
Action:
IPXS.NLM
IPXS-X-20: Bad record value; unable to complete loading IPX configuration.

Source:
Explanation:
Possible Cause:
Action:
IPXS.NLM
IPXS Messages 209
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
IPXS-X-22: Unable to open default IPX configuration file name. Using internal
defaults.
Source:
Explanation:
Action:
IPXS.NLM
The specified IPX configuration file could not be opened. The default
configuration file will be used.
None if the default file is opened successfully.
IPXS-X-23: Bad record format; unable to complete loading RIP/SAP configuration.

Source:
Explanation:
Possible Cause:
Action:
IPXS.NLM
IPXS cannot configure RIP and SAP due to an incorrect configuration file
format.
210 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
LANSUP-DOS Messages
The following includes messages from LADSUP.COM.
LANSUP-DOS-X-001: The LSL is not loaded.
Source:
Explanation:
Action:
LANSUP.COM
The computer must load the Link Support Layer (LSL) before loading the
driver.
Load the LSL; then load the driver, as in the following example:
C:\NWCLIENT\LSL <Enter>
C:\NWCLIENT\LANSUP <Enter>
LANSUP-DOS-X-002: The LSL has no room for a board using frame type.
Source:
Explanation:
Action:
LANSUP.COM
The Link Support Layer (LSL) is configured with resources for a set number
of network boards. (The default is 4.) This number has been exceeded.
Edit the NET.CFG file, and add the MAX BOARDS keyword to reflect the
number of network boards to be loaded, as in the following example:
LINK SUPPORT
MAX BOARDS 6
Unload the driver; then reload it as in the following example:

C:\NWCLIENT\LANSUP /u <Enter>
LANSUP-DOS Messages 211
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
LANSUP-DOS-X-003: Could not find LANSUP MLID to unload.

Source:
Explanation:
LANSUP.COM
The user or another program was trying to unload the LANSUP driver and was
not loaded.
LANSUP-DOS-X-004: A TSR is loaded above the LANSUP MLID.

Source:
Explanation:
Action:
LANSUP.COM
Another TSR (terminate-and-stay-resident) program was loaded after the
LANSUP driver.
The drivers must be unloaded in reverse order, as follows:
C:\NWCLIENT\NETX /u <Enter>
C:\NWCLIENT\IPXODI /u <Enter>
Unload the TSRs; then try to unload the LANSUP driver. You can force the
LANSUP driver to unload from the command line by using the /F switch after
the driver name, as follows:
C:\NWCLIENT\LANSUP /f <Enter>
Use caution when using the /F switch because it could cause the system to
hang.
LANSUP-DOS-X-005: LANSUP MLID could not be unloaded; the operation was
aborted.
Source:
Possible Cause:
Action:
LANSUP.COM
The LANSUP driver could not be shut down and unregistered; consequently,
it cannot be unloaded.
To unload the driver, reboot the system.
LANSUP-DOS-X-006: The adapter did not initialize. LANSUP did not load.
Source:
Possible Cause:
Action:
LANSUP.COM
The LANSUP driver encountered an error while loading.
Corrective action can vary. See the preceding driver-specific message on the
screen for specific information about the error that occurred.
212 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
LANSUP-DOS-X-007: You need another MLID Section Heading in the NET.CFG file in
order to load the MLID again.
Source:
LANSUP.COM
Possible Cause:
The NET.CFG file does not have an individual entry for each driver that is
intended to be loaded. This means that one of the drivers is not loaded into
memory.
Action:
Unload the LANSUP driver. Modify the NET.CFG file to contain a unique
entry for each driver to be loaded. This requires an individual Link Driver
heading in the NET.CFG file for each driver or each instance of the same
driver. Reload the driver.
LANSUP-DOS-X-008: A NET.CFG is required to load the MLID again.

Source:
LANSUP.COM
Possible Cause:
memory.
Action:
driver. Reload the driver.
LANSUP-DOS-X-009: The NET.CFG entry has been ignored.

Source:
LANSUP.COM
Possible Cause:
memory.
Action:
driver. Load the drivers again.
LANSUP-DOS-X-011: The MLID does not support frame type. The protocol keyword
has been ignored.
Source:
LANSUP.COM
Possible Cause:
An unsupported or incorrectly typed frame type has been specified with the
protocol keyword.
Action:
Verify that the frame type assigned in the NET.CFG file under the protocol
keyword is valid.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
LANSUP-DOS-X-012: The protocol keyword must have a frame type. Entry ignored.
Source:
Possible Cause:
Action:
LANSUP.COM
The PROTOCOL keyword entry is incomplete.
Correct the protocol entry in the NET.CFG file. The proper syntax for the
protocol keyword is as follows:
PROTOCOL LANSUP
hex_protocol_ID
frame_type
LANSUP-DOS-X-013: The MLID could not register Protocol ID number for protocol
stack name for frame type frame.
Source:
Possible Cause:
Action:
LANSUP.COM
The Link Support Layer (LSL) is configured with resources for a set number
of Protocol Identifiers. (The default is 4.) This number has been exceeded.
Edit the NET.CFG file, and add the MAX STACKS keyword to reflect the
number of network boards to be loaded, as in the following example:
LINK SUPPORT
MAX STACKS 6
Unload the driver; then reload it as in the following example:

C:\NWCLIENT\LSL /u <Enter>
C:\NWCLIENT\LSL <Enter>
LANSUP-DOS-X-014: This version of the LSL is not supported.

Source:
Explanation:
Action:
LANSUP.COM
The driver the computer is using supports only Link Support Layer (LSL)
versions later than 1.0.
Unload the LSL and replace it with a newer version.
LANSUP-DOS-X-015: The frame type is already active for frame type.

Source:
Possible Cause:
Action:
LANSUP.COM
The frame type is already loaded, and it cannot be loaded repeatedly.
Edit the NET.CFG file to load the frame type only once for a given network
board.
214 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
LANSUP-DOS-X-016: The node address was incorrectly specified in the NET.CFG file.
Source:
Possible Cause:
Action:
LANSUP.COM
The node address override in the NET.CFG file is too long.
Edit the NET.CFG file and correct the node address. The node address must
be less than or equal to 12 hex digits.
LANSUP-DOS-X-017: An invalid keyword was specified in NET.CFG on line number.

Source:
Possible Cause:
Action:
LANSUP.COM
The key word on the line indicated was not recognized.
Edit the NET.CFG file and correct the spelling of the keyword.
LANSUP-DOS-X-018: The frame type specified in the NET.CFG is not supported.

Source:
Possible Cause:
Action:
LANSUP.COM
The frame type specified with the FRAME keyword is not supported by the
driver.
Edit the NET.CFG file and fix frame type.
LANSUP-DOS-X-019: An invalid LANSUP node address is specified in NET.CFG. The

MLID modified the incorrect address bits.
Source:
Possible Cause:
Action:
LANSUP.COM
The node address specified in the NET.CFG file has set reserved bits.
Edit the NET.CFG file and correct the node address.
LANSUP-DOS-X-050: [ISA bus | Microchannel] The board cannot be found.

Source:
Explanation:
Possible Cause:
Action:
Possible Cause:
Action:
LANSUP.COM
If the computer is using an ISA bus network board, the network board was not
found due to one or more of the following conditions:
The network board is not present in the computer.
Make sure the network board is properly seated into the slot.
Another network board is using the same hardware settings as this network
board.
If other network boards are using the same hardware settings, change the
settings and try to reload the driver.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
Possible Cause:
99a
38
July 17, 2001
The network board settings are not the defaults, and they are not defined in the
NET.CFG file.
Action:
If the jumper settings are not the defaults, make sure that they match the
settings in the NET.CFG file.
Action:
If the computer is not using the NET.CFG file, make sure the jumper settings
are set to the defaults.
Possible Cause:
The network board is does not work.
Action:
Replace the network board with one that you know works.
Action:
If the computer is using a microchannel network board, the network board is

not in the computer, or the network board's configuration could not be
obtained, do the following:
Make sure that the network board is properly seated into a slot.
Insert the network board into a slot, and run the Reference diskette to
install it.
LANSUP-DOS-X-051: Board RAM failed the memory test.

Source:
Explanation:
Action:
LANSUP.COM
The memory test on the network board's internal static RAM failed.
Check the network board and other hardware. If necessary, replace the
network board.
216 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

The following includes messages from LFS.NLM.
LFS-X-60: Error writing to the extended directory space.
Source:
LFS.NLM
Explanation:
The operating system was trying to write extended directory information to

disk. When it tried to write the information, it got a disk error. The information
was not written to the disk and will be lost. The information which was lost
might have been extended attribute data.
Possible Cause:
Action:
Use the warning message that preceded this message to determine the actual
cause and solution of the problem. See Disk Errors in the Server Operating
LFS-X-61: Error writing to file (filename not accessible) data stream number. Write
was requested by the SERVER.
Source:
Explanation:
LFS.NLM
will be lost.
Possible Cause:
integrity problems.
Action:
System Messages
103-000150-001
August 29, 2001
Novell Confidential
217
Manual
99a
38
July 17, 2001
LFS-X-62: Error writing to file (filename not accessible) data stream number. Write
was requested by user name on station number.
Source:
Explanation:
LFS.NLM
will be lost.
Possible Cause:
integrity problems.
Action:
LFS-X-63: Error writing to file name data stream number. Write was requested by the
SERVER. File path path.
Source:
Explanation:
LFS.NLM
A write error occurred on the system while writing data to disk. Hot Fix was
not able to redirect the data to a new block. The data stream number indicates
the name space stream (0=DOS or Macintosh data fork, 1=Macintosh resource
fork).
Possible Cause:
integrity problems.
Action:
LFS-X-64: Error writing to file name data stream number. Write was requested by user
name on station number. File path server/volume.
Source:
Explanation:
LFS.NLM
A write error occurred on the system, while writing file data to disk. Hot Fix
was not able to redirect the data to another block on the disk. The data stream
number indicates the name space stream (0=DOS or Macintosh data fork,
1=Macintosh resource fork). The data was not written to disk and will be lost.
Possible Cause:
integrity problems.
Possible Cause:
The designated file was lost or corrupted.
Action:
218 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
LFS-X-65: File read error at offset offset data stream number. Error getting filename.
Read was requested by the SERVER.
Source:
Explanation:
LFS.NLM
The server was processing a file-read request. When the server tried to read
the disk block with the file data, a disk-read error occurred. Some data was lost
that could cause the user's applications to fail on reading data from files.
The operating system was unable to determine the name of the file where the
read error occurred because it received additional errors when it tried to read
directory blocks to generate the filename.
Possible Cause:
integrity problems.
Action:
LFS-X-66: File read error at offset offset data stream number. Error getting filename.
Read was requested by user name on station number.
Source:
Explanation:
LFS.NLM
The system cannot read the file from disk. Some data was lost that could cause
the user's applications to fail on reading data from files.
Possible Cause:
integrity problems.
Action:
LFS-X-67: Error reading file name. Offset offset data stream number. Read was
Source:
Explanation:
LFS.NLM
The operating system was processing a request to read data from a file, and it
encountered an error while reading the data. The file read request will fail,
possibly causing the applications that were requesting the read to fail.
Macintosh data fork, 1=Macintosh resource fork).
System Messages
103-000150-001
August 29, 2001
Novell Confidential
219
Manual
99a
38
July 17, 2001
Possible Cause:
integrity problems.
Action:
LFS-X-68: Error reading file name. Offset offset data stream number. Read was
requested by user name on station number. File path path.
Source:
Explanation:
LFS.NLM
When the operating system tried to read existing data from disk, it got a disk
read error. The operating system was unable to determine the name of the file
where the read error occurred because it got additional errors when it tried to
read directory blocks to generate the filename.
Possible Cause:
integrity problems.
Action:
LFS-X-69: File write pre-read error. Offset offset data stream number. Error getting
filename. Read was requested by the SERVER.
Source:
Explanation:
LFS.NLM
Action:
LFS-X-70: File write preread error. Offset offset data stream number. Error getting
filename. Read was requested by user name on station number.
Source:
Explanation:
LFS.NLM
220 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Action:
LFS-X-71: File name write preread error. Offset offset data stream number. Read was
Source:
Explanation:
LFS.NLM
Possible Cause:
integrity problems.
Action:
LFS-X-73: Volume server\volume out of disk space. There are no deleted files using
disk space.
Source:
LFS.NLM
Possible Cause:
When the volume is out of disk space, this message will be broadcast to all
users on the system. All attempts to write to files will fail because of
insufficient disk space.
Action:
LFS-X-74: Volume server\volume out of disk space. Number KB of disk space is in use
by deleted files. No deleted files have been deleted long enough to purge yet.
Source:
Possible Cause:
Action:
LFS.NLM
When the volume is out of disk space, this message will be broadcast to all
users on the system. All attempts to write to files will fail because of
insufficient disk space. The second line of the message indicates that deleted
files have not yet been purged. The third line indicates that all the deleted files
cannot be purged yet because the preset purge time has not elapsed. Users
might not be able to save files they are using and might lose data.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
221
Manual
99a
38
July 17, 2001
LFS-X-75: Volume server\volume almost out of disk space.

Source:
Possible Cause:
Action:
LFS.NLM
The volume is about to run out of disk space.
Administration Guide. Users should save files currently in use to another
volume or to another server to prevent data loss.
222 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Lib0 Messages
The following includes messages from LIB0.NLM.
Lib0-X-001: It was not possible to register NLMs with Network management. There
may be no NetWare management agent present.
Source:
LIB0.NLM
Explanation:
The Network Management agent (an NLMTM program running on the server)
responsible for gathering statistics on a software module was not available or
did not respond to the lib0 program's attempt to register. The lib0 program will
continue to perform correctly, although Network Management will be unable
to gather statistics on it.
Action:
Use a different version of this NLMTM program. To get a different version,

contact the vendor of this NLM program, or contact a Novell support provider.
Lib0-X-002: Lib0 failed to create call gates in support of user address spaces under
NetWare with memory protection. Lib0 will still support other NLMs, but no NLMs can
be loaded in protected domain until Lib0 is unloaded and reloaded without this
message appearing. Contact your Novell software distributor.
Source:
LIB0.NLM
Explanation:
This message appears if the operating system is NetWare 4.11, which does not
support memory protection. It can also appear if certain functions that
normally run in protected memory could not be registered or if system
memory is low.
Action:
Load NLMs in the kernel address space, instead of in a protected address

space. Check server memory and add more memory if necessary. If the
operating system is NetWare 5 or later and server memory is adequate, contact
a Novell Authorized Reseller or Novell Technical Support.
Lib0 Messages 223
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Lib0-X-003: RegisterTrackedResource() for BSD Sockets failed, rc=number. An

internal system error has occurred. There may not be enough server memory, or
server memory may be corrupted.
Source:
Explanation:
Action:
LIB0.NLM
A call to RegisterTrackedResource() failed. The LIB0.NLM program cannot
load at this time due to memory constraints.
Lib0-X-004: Unable to register console command (name).

Source:
Explanation:
Action:
LIB0.NLM
Lib0 could not register a console command with the server operating system,
probably because memory is low. If memory is adequate, there might be a
problem with the operating system.
Check server memory. If necessary, increase the memory available to the
server. (See Freeing Server Memory Temporarily in the Server Operating
System Administration Guide.) If memory is adequate, contact a Novell
Authorized Reseller or Novell Technical Support.
Lib0-X-081: Lib0 failed to allocate the internal memory resource tag for the Berkeley
Sockets Mutexes. There may not be enough server memory, or server memory may
be corrupted.
Source:
LIB0.NLM
Explanation:
System resources are so low that the library could not provide the needed
memory resource tag.
Action:
Lib0-X-082: Lib0 failed to initialize the Berkeley Socket mutexes. An internal system
error has occurred.
Source:
LIB0.NLM
Explanation:
System resources are so low that the library could not provide the needed
memory.
Action:
224 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
LOCALSEL Messages
The following includes messages from LOCALSEL.NLM.
A NetWare server was not found in the directory specified. Please enter the directory
of the server to upgrade.
Source:
LOCALSEL.NLM
Explanation:
For NetWare 3.x, the default directory for installed server files is C:\SERVER.
For NetWare 4 and later, the default directory is C:\NWSERVER. Files might
have been installed in a different directory.
Possible Cause:
Upgrade software could not find SERVER.EXE in the directory you specified.
Action:
Specify the path to SERVER.EXE. During an upgrade, you can place

upgraded server files into a different directory (for example, C:\NWSERVER)
than the directory you are upgrading from (for example, C:\SERVER).
An error occurred accessing the response file.

Source:
LOCALSEL.NLM
Explanation:
The response file could not be opened or closed, or information was missing
from the response file.
Possible Cause:
You overwrote the default response file with your own response file, and then
specified an invalid path to your response file.
Action:
Start over and enter a correct path to the response file.
LOCALSEL Messages 225
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Error writing to XINITLD.NCF file on DOS partition. Installation cannot proceed.

Source:
Possible Cause:
Action:
LOCALSEL.NLM
The disk is full or inaccessible.
Verify that the target drive is still accessible, is not full, and can be written to.
The country/codepage pair specified is not valid. Country = number, Code Page =
number.
Source:
Possible Cause:
Action:
LOCALSEL.NLM
You specified a code page that does not correspond with the selected country.
Choose a valid code page for the selected country.
The NetWare server in the directory specified is not version 3.1x or 4.1x. The server
cannot be upgraded.
Source:
LOCALSEL.NLM
Possible Cause:
The server operating system you want to upgrade is not NetWare 3.10, 3.11,
or 3.12, NetWare 4.10 or 4.11, or NetWare 5x.
Action:
Upgrade your server operating system to NetWare 3.1x or 4.1x. Then run the
installation software again to upgrade to NetWare 6.
Unable to allocate sufficient memory to proceed.

Source:
Possible Cause:
Action:
LOCALSEL.NLM
Exit the installation, install more memory in the server, and run the installation
software again. The minimum recommended RAM for a NetWare 6 server is
128 MB.
Unable to copy installation scripts. Installation cannot continue.

Source:
Possible Cause:
Action:
Possible Cause:
Action:
LOCALSEL.NLM
The destination drive does not have enough disk space.
Make sure that the destination drive has enough disk space and that you can
write files to the drive.
The installation software is unable to access the CD-ROM.
Make sure the CD-ROM drive is functional.
226 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
LOGIN Messages
The following includes messages from LOGIN.NLM.
LOGIN-X-100: Access has been denied.
Source:
Explanation:
Possible Cause:
Action:
Possible Cause:
LOGIN.EXE
The user has no rights to log in to the network.
The username or password was typed incorrectly.
Log in again and type the username and password correctly.
The username entered does not have an account on the network.
Action:
Make sure that the workstation is logging in to a server or eDirectory tree on

which the user is defined.
Possible Cause:
On multiserver networks using bindery mode, this message might mean that
the user is not on the server to which the NetWare shell connected the
workstation.
Action:
If the user is not attached to the server or network desired, specify the server
or network in the LOGIN command.
Possible Cause:
Action:
The account balance is zero.

Increase the account balance.
LOGIN-X-105: You are trying to attach to your current tree (current tree name: tree
name).
Source:
Explanation:
Action:
LOGIN.EXE
The user cannot reattach (INS) to the same tree.
None required, unless you want to attach to a different tree.
LOGIN Messages 227
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
LOGIN-X-110: You are already in a tree and cannot attach to another tree (current tree:
tree name).
Source:
Explanation:
Action:
LOGIN.EXE
You cannot use INS to attach to a second tree.
Log out and try again.
LOGIN-X-115: The selected tree (name) cannot be found. Error code: code.
Source:
Explanation:
Action:
LOGIN.EXE
LOGIN tried to log the user in to a Directory tree that is either down, is not
responding, or does not exist.
Verify that the Directory tree name was entered correctly and that the network
is up and running. For information about a specific error code, search the Error
LOGIN-X-130: Access has been denied and you have been logged out.
Source:
Explanation:
Possible Cause:
Action:
Possible Cause:
Action:
LOGIN.EXE
The user has no rights to log in to the network.
The username or password was typed incorrectly.
Log in again and type the username and password correctly.
The user does not have an account.
Log in to a server or eDirectory tree where the user is defined.
Possible Cause:
On multiserver networks using bindery mode, this message may mean that the
user is not defined on the server that the NetWare shell connected the
workstation to.
Action:
If the workstation is not connected to the server or network desired, specify

the server or network in the LOGIN command.
Possible Cause:
Action:
The account balance is zero.

Increase the account balance.
228 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
LOGIN-X-140: This account has expired or been disabled by the supervisor.

Source:
LOGIN.EXE
Possible Cause:
The account has expired. The network supervisor can limit a user's account to
a specific period, after which the account expires and is no longer accessible.
Possible Cause:
The account has been disabled. The network supervisor can disable a user's
account for any reason.
Possible Cause:
The user did not type a password correctly. The network supervisor can limit
the number of consecutive failed attempts to log in to a user's account.
Action:
Enable the user's account.
LOGIN-X-150: You could not be authenticated to server name. (code)

Source:
Explanation:
Possible Cause:
Action:
LOGIN.EXE
Authentication means that the workstation attaches and logs the user in to a
server without prompting for the password. In this instance, LOGIN could not
authenticate to the specified server.
The cause of this error is unknown.
Log out and try again. For information about a specific error code, search the
Error Codes online documentation (http://www.novell.com/documentation/
lg/nwec/docui/index.htm).If the problem persists, contact a Novell support
provider.
LOGIN-X-180: The login script contains a misplaced control command.

Source:
Explanation:
Possible Cause:
Action:
Possible Cause:
Action:
LOGIN.EXE
The parser found a control command (such as ATTACH, MAP, or SET) that
LOGIN did not know existed.
The control command was correctly parsed, but in an odd position in the line.
Use the correct syntax.
A programming error exists that prevented LOGIN from using all of the
commands that the parser used. This is the more likely of the two scenarios.
If the error persist, contact a Novell support provider.
LOGIN Messages 229
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
LOGIN-X-200: The MAP command cannot change local drives.

Source:
Explanation:
LOGIN.EXE
Local drives cannot be changed to or from search drives by using MAP.
Possible Cause:
Explanation:
Action:
A MAP CHANGE command was issued within the login script that
referenced a local drive.
Do not try to change local drives using MAP.
LOGIN-X-210: This server is being used to read login scripts. You cannot log out.
Source:
Explanation:
Action:
LOGIN.EXE
LOGIN encountered a LOGOUT command in a login script. LOGIN makes
sure you were trying to log out of the same server that it was using to read the
login script. If that has happened, various errors could occur; for example, the
workstation could hang, or output could be unintelligible.
Determine which login script was being read and the server on which it
resides. Do not try to log out of that server.
LOGIN-X-215: An internal system error occurred during LOGIN's attempt to

canonicalize the context: (name).
Source:
Explanation:
Action:
LOGIN.EXE
LOGIN tried to expand the relative name to a full name.
LOGIN-X-220: Script file name cannot be included.

Source:
Explanation:
LOGIN.EXE
The login script had a include script file name entry, and LOGIN was unable
to include it.
Possible Cause:
No script file exists.
Possible Cause:
The specified path or filename is wrong.
Action:
Make sure that the path and filename specified are correct.
230 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
LOGIN-X-240: This utility was unable to open script file name.

Source:
Explanation:
Possible Cause:
Action:
Possible Cause:
Action:
LOGIN.EXE
LOGIN tried to open the specified script file, but the script file was not found
or it could not be opened.
The script file could not be located.
Make sure that the login script file is in the directory specified.
The user did not have the appropriate rights to access the directory or file.
Make sure the user has appropriate user access rights to the directory and the
file.
LOGIN-X-241: This utility was unable to open profile script script name.
Source:
Explanation:
LOGIN.EXE
LOGIN tried to open the specified script file, but the file was not found or it
could not be opened.
Explanation:
Possible Cause:
Action:
Possible Cause:
Action:
The script file could not be located.

Make sure that the login script file is in the directory specified.
The user did not have the appropriate rights to access the directory or file.
Make sure the user has appropriate user access rights to the directory and the
file.
LOGIN-X-250: This utility was unable to set the default drive to drive letter.
Source:
Possible Cause:
Action:
LOGIN.EXE
An invalid drive was probably specified.
Validate the drive letter indicated in the login script by first mapping the letter
to a valid drive and directory.
LOGIN-X-260: The maximum number of server attachments has been reached.

Source:
Explanation:
Action:
LOGIN.EXE
Each NetWare server can be configured in a variety of ways (for example, as
a 1000-user, 250-user, or 10-user network). Each configuration allows a
certain number of connections.
Try again after a user has logged out of the server.
LOGIN Messages 231
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
LOGIN-X-280: This utility could not get your connection status.

Source:
Explanation:
Action:
LOGIN.EXE
LOGIN failed to verify whether the user was logged in.
Attach using MAP. If this fails, reboot and reestablish all current connections.
LOGIN-X-283: This utility could not get the preferred Directory Services name or
connection ID.
Source:
Explanation:
Action:
LOGIN.EXE
LOGIN could not find the preferred Directory tree.
Verify that the preferred Directory tree or server specified in the NET.CFG file
is correct.
LOGIN-X-285: A network drive could not be found.

Source:
Explanation:
Action:
LOGIN.EXE
LOGIN could not find the first available network drive. If the login attempt
fails (for example, if you have entered an incorrect password or an invalid
username), the drive mapping is placed on this drive. LOGIN exits if it can not
find an available network drive as a fall-back drive.
Make sure the last drive in CONFIG.SYS is set to a drive other than the Z:
drive.
LOGIN-X-287: This utility could not find the preferred server.

Source:
Explanation:
Action:
LOGIN.EXE
LOGIN could not find the preferred server as specified in the NET.CFG file.
Verify that the preferred server in the NET.CFG file is correct.
LOGIN-X-290: This utility was unable to log you out, so you cannot be reattached.
Source:
LOGIN.EXE
Explanation:
Before LOGIN can reattach the user to any server, it must first log the user out.
LOGIN's attempt to log out failed; therefore, it cannot reattach.
Possible Cause:
This error occurs only with the /NS option, which allows the user to remain
logged in to other servers or eDirectory trees when the user is logging in to a
new server or network.
Action:
Try logging out using the LOGOUT utility; then try to log in using the /NS
option.
232 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
LOGIN-X-295: This utility could not create a context.

Source:
Explanation:
Possible Cause:
LOGIN.EXE
LOGIN unsuccessfully tried to allocate a context handle.
Memory at the workstation might be low.
Action:
If you suspect low workstation memory, see message 971: The workstation
does not have enough memory to load the Unicode table files. on page 781
Action:
The context for the user's name in the NET.CFG file is incorrect.
Action:
Make sure context for the user's name in the NET.CFG file is correct and try
again.
LOGIN-X-310: The workstation date and time could not be set.

Source:
Explanation:
Possible Cause:
Action:
LOGIN.EXE
LOGIN could not synchronize the workstation's date or time with the server
or the eDirectory network's date or time.
An internal memory error in the workstation occurred.
Save your work and reboot the workstation. If the error persists, turn off the
workstation. Wait approximately 15 seconds, turn it on, and log in again.
LOGIN-X-320: An operator in the login script attempted to divide by zero.

Source:
Possible Cause:
Action:
LOGIN.EXE
The user did a division by zero in the login script through the DIVISION or
MODULUS arithmetic operators.
Change the login script so that it does not do a division by zero.
LOGIN-X-340: IF statements are nested too deeply. The nesting limit is number levels.
Source:
Explanation:
LOGIN.EXE
The login script can have unlimited IF statements, but the login script is
limited to number of nested IF statements indicated in the message.
Example of four levels of nested IF statements:
IF........
IF.........
IF.......
IF.....
LOGIN Messages 233
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
......
ENDIF
ENDIF
ENDIF
ENDIF
Action:
Where possible, take the IF statements out of the nested format and placing
them after the sequence of nested IF statements.
LOGIN-X-370: The specified search drive does not exist.

Source:
Explanation:
Action:
LOGIN.EXE
When the login script uses a SET COMSPEC= or COMSPEC= command and
a network drive is specified, LOGIN ensures that the specified drive is a
search drive and can be used for the COMSPEC command.
Before issuing the SET COMSPEC or COMSPEC command, do one of the
following steps:
Set the COMSPEC to a local (nonnetwork) search drive.
Map a search drive to the path where the command processor is located.
LOGIN-X-380: The line is too long.

Source:
Possible Cause:
Action:
LOGIN.EXE
A line in the login script exceeded the maximum limit of 254 bytes.
Shorten the line or split the command into two commands so that they have
the same functionality but occur on two lines.
LOGIN-X-400: A network drive cannot be mapped to a drive that is designated as a

local drive.
Source:
Possible Cause:
Action:
LOGIN.EXE
The user tried to map a local drive to volume or directory on the network.
Map the volume or directory from the network to a network drive.
LOGIN-X-410: The supervisor has disabled the login function for this server.
Source:
Explanation:
LOGIN.EXE
This account is locked.
234 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Possible Cause:
The network supervisor can disable the login function temporarily to prevent
users from logging in or attaching during system maintenance. Most likely, the
network supervisor is doing maintenance work and has disabled the server.
Action:
This condition is usually temporary. Try to log in after the login function has
been enabled. If using CAPTURE or NPRINT, attach to another server and use
its printer. Make sure that the SYS: volume is mounted on the server. If the
LOGIN-X-430: The following drive mapping operation could not be completed.

Mapping. The error code was code.
Source:
LOGIN.EXE
Explanation:
The uesr tried to map a drive to a path that does not exist or cannot be found
by LOGIN.
Action:
Make sure to map a drive to a valid path. For information about a specific error
LOGIN-X-440: The operation was attempted on an invalid drive.

Source:
LOGIN.EXE
Possible Cause:
The user tried to manipulate an invalid drive using MAP. For example, if L:
had not been previously mapped, entering MAP DEL L: would produce this
error.
Action:
Make sure that the command is entered correctly in the login script.Make sure
that the drive is mapped correctly.
LOGIN-X-450: This utility was unable to map drive. The limit of 16 search drives was
exceeded.
Source:
Explanation:
Action:
LOGIN.EXE
The workstation is limited to 16 search drives.
Delete an unwanted search drive to make room for the drive to be added. To
delete the drive, use the MAP DEL search_drive or MAP REM search_drive
command.
LOGIN Messages 235
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
LOGIN-X-460: The server that you attempted to map a drive to is not accessible. The
map command was command.
Source:
Possible Cause:
Action:
LOGIN.EXE
The server is probably down. So, LOGIN could not attach to the server.
Verify that the network is up and running and logging in again.
LOGIN-X-470: The specified drive mapping is an invalid path: path.

Source:
Explanation:
Action:
LOGIN.EXE
LOGIN tried to map a drive to a path that does not exist.
Verify that the users are logged in to the server (if it is a bindery server) that
they are trying to map to. Verify that the path exists and that it was typed
correctly.
LOGIN-X-480: The MACHINE NAME command is not supported in DOS versions prior
to DOS 3.1.
Source:
Explanation:
LOGIN.EXE
When using the MACHINE NAME = command in the login script, the
workstation must be running DOS 3.1 or later.
Note: The MACHINE NAME = command is the only command that will
return this error.
Action:
Upgrade to DOS 3.1 or a later version, or do not use the specified command.
LOGIN-X-500: You do not have an account balance.

Source:
Possible Cause:
Action:
LOGIN.EXE
The user does not have an account on this server or in eDirectory.
Obtain an account or reestablish a previous account.
LOGIN-X-520: Your credit limit has been exceeded.

Source:
Possible Cause:
Action:
LOGIN.EXE
LOGIN denied access because the user has no more credit on the server or in
eDirectory.
If appropriate give the user more credit.
236 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
LOGIN-X-530: The line contains no end quote.

Source:
Possible Cause:
Action:
LOGIN.EXE
A line in the login script does not contain an end quote. For example, WRITE
Hello World! is missing the second double quote mark.
Put the end quote in the login script at the end of the specified line.
LOGIN-X-550: The maximum number of connections allowed on this server has been
reached. Wait until another user logs out.
Source:
LOGIN.EXE
Possible Cause:
The user is trying to log in to or attach to a server via the login script, but too
many users are already logged in to the server. The servers come with 5, 10,
1000, or other programmed number of user versions.
Action:
Wait until a user logs out (thus freeing a connection that will allow the user to
log in), or, if this is a recurring problem, upgrade to a server with a greater
number of user connections.
LOGIN-X-560: This utility could not find the label label.

Source:
Explanation:
Possible Cause:
LOGIN.EXE
The label used in the GOTO command was not found.
A common cause of this problem is shown in the following example:
IF FILE_SERVER = 911 THEN GOTO need_help
........
need_hep:
.......
.......
ENDIF
Note that need_help and the label need_hep are spelled differently; therefore,
LOGIN cannot find the label specified by the GOTO command. Also, if the
colon is left off the label name, LOGIN will not know that it is a label and will
not find it.
Action:
Edit the login script. Make sure that the label is spelled correctly and that a
colon follows the label name.
LOGIN Messages 237
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
LOGIN-X-580: Your password has expired and all grace logins have been used.
Source:
Possible Cause:
Action:
LOGIN.EXE
The account is locked because the user did not change an expired password.
The network supervisor can limit the number of times a user can log in with
an expired password.
If desired, unlock the user's account.
LOGIN-X-600: This utility could not interpret the line.

Source:
Explanation:
Action:
LOGIN.EXE
LOGIN could not parse the line indicated in the login script.
Verify that the line has been typed correctly and has the proper syntax.
LOGIN-X-610: The file server does not respond.

Source:
Explanation:
Possible Cause:
LOGIN.EXE
The workstation or user tried to attach to the server, but the server did not
respond.
The server lost power or was shut off before the DOWN command was issued.
Explanation:
When a server is brought down, the DOWN command sends a message to all
other servers informing them that the server is no longer active. However, if a
server is shut off before the DOWN command is issued, all other servers
assume that the server is still active. In this situation, the server name still
appears when the NLIST command is invoked, even though the server is no
longer active. The server can be seen with NLIST up to 15 minutes after it has
lost its power or halts abnormally. This error message appears if the user tries
to log in to or issue a command on the server in question.
Action:
Possible Cause:
Action:
Try the command again when the server has been brought back up.
A broken or loose connection exists on the internetwork between the server
and the server the user tried to attach to.
Make sure the server is connected to the network and try to log in again.
238 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
LOGIN-X-630: The NetWare shell is not loaded.

Source:
LOGIN.EXE
Possible Cause:
The user tried to log in to a server without loading the NetWare NETX or
VLM bindery shell into the workstation's memory. When the workstation is
booted, DOS is loaded into the workstation's memory. The NetWare shell is
then loaded on top of DOS. The shell allows the workstation to communicate
with the server. A user cannot log in to any server on the network unless the
NetWare shell has been loaded into the workstation's memory.
Action:
Give the user a boot diskette that contains both DOS and the NetWare shell
files. Then ask the user to try rebooting the workstation and logging in again.
If the error persists, the boot diskette may be corrupted.
LOGIN-X-640: Server name is part of domain name. This version of LOGIN is not a
NetWare Name Service utility and cannot synchronize passwords in a domain. Use
the NetWare Name Service utility SETPASS to change your password.
Source:
Possible Cause:
Action:
LOGIN.EXE
LOGIN found that a server the user is attached to is a NetWare Name Service
server. This LOGIN version cannot handle NetWare Name Service's
synchronization of passwords.
Use a NetWare Name Service (NNS) version of SETPASS to synchronize
passwords.
LOGIN-X-650: The COMSPEC variable is not supported on this platform.

Source:
Possible Cause:
Action:
LOGIN.EXE
The login script contains a COMSPEC variable.
Do not use the COMSPEC command in the login script when using this
platform.
LOGIN-X-660: The DOS BREAK command is not supported on this platform.

Source:
LOGIN.EXE
Possible Cause:
The login script contains a BREAK variable. BREAK is not supported on this
platform, only in DOS.
Action:
Do not use the BREAK command in the login script when using this platform.
LOGIN Messages 239
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
LOGIN-X-665: The EXIT command followed by a string is not supported on this

machine.
Source:
Possible Cause:
Action:
LOGIN.EXE
The EXIT command was followed by a text string in the user's login script.
Remove the text string that follows the EXIT command in the user's login
script.
LOGIN-X-670: The variable MACHINE NAME is not supported on this platform.

Source:
LOGIN.EXE
Explanation:
The login script contains a MACHINE_NAME variable. MACHINE_NAME

is not supported on this platform, only in DOS.
Action:
Do not use the MACHINE_NAME command in the login script when using
this platform.
LOGIN-X-680: This platform does not support search drives.

Source:
Explanation:
Action:
LOGIN.EXE
The login script contains search-drive mappings.
Do not specify search-drive mappings in the login script when using this
platform.
LOGIN-X-690: Insufficient memory is available to add the variable to the path

environment in mapping: [mapping]
Source:
Explanation:
Action:
LOGIN.EXE
There is not enough room in the master environment.
Increase the size of the master environment. In the CONFIG.SYS file, include
the command SHELL=directory of command.com /e:size of master
environment. For example:
SHELL=C:\COMMAND.COM /E:1024
LOGIN-X-700: The specified path is invalid.

Source:
LOGIN.EXE
Explanation:
When using the DISPLAY or FDISPLAY command in the login script, the
specified file or path was invalid.
Action:
Make sure that the path name is a path. If necessary, correct the path in the
login script.
240 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
LOGIN-X-710: The password could not be changed. Error code.

Source:
Explanation:
Action:
LOGIN.EXE
LOGIN was unable to change the password.
index.htm).
LOGIN-X-720: This utility could not add variable to the local environment variables.
Source:
LOGIN.EXE
Explanation:
This error occurs when you try to map a search drive. LOGIN was unable to
add the variable to the local path environment variable. LOGIN will try to
update the master environment and, upon successful completion, will try to
update its local environment. This error is usually an indication of having too
little memory to allocate the new variables.
Action:
Increase the memory available to the workstation. See Resolving

Workstation Memory Problems on page 787. (Adding more than 640 KB will
not correct this error because 640 KB is the maximum that can be used.)
This is not a serious error; however, you will not be able to access those search
drives as search drives until login has been completed. These drives will still
be mapped as regular drives. Because they were successfully placed in the
master environment, they can become search drives after login has been
completed.
LOGIN-X-725: The context you want to change to does not exist. You tried to change
to: [name]. Your context will be left unchanged.
Source:
LOGIN.EXE
Action:
Verify the name of the context to which you want to change and try logging in
again.
LOGIN-X-730: The context [name] is invalid. Your current context will be left
unchanged.
Source:
LOGIN.EXE
Action:
Verify the name of the context to which you want to change and try logging in
again.
LOGIN Messages 241
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
LOGIN-X-740: This utility could not execute external program name.

Source:
Explanation:
Action:
LOGIN.EXE
The specified file is not executable or has an invalid executable-file format.
Execute an executable file. The files usually have the .EXE or .COM
extension.
LOGIN-X-750: This utility could not execute external program name. You do not have
enough memory space available.
Source:
LOGIN.EXE
Explanation:
For DOS to run a program, it must allocate enough memory to run that
program. Programs that are very large will frequently have this problem.
Possible Cause:
The workstation does not have enough memory to execute the command.
Action:

Workstation Memory Problems on page 787. If running from a shell (such as
the WordPerfect shell), try running LOGIN from the command line.
LOGIN-X-760: This utility could not execute external program name. The program was
not found.
Source:
Explanation:
LOGIN.EXE
LOGIN tried to execute a command using the #command syntax in the login
script. However, the program was not found, and LOGIN could not execute
the command. For example:
#EMAIL
should execute E-mail. If LOGIN cannot find the program, in the current
directory or in the path, it will display this error message.
Action:
Make sure the workstation has a mapping to the directory where the program
is located before you try to execute the program. Make sure that you have
entered the full path name and the name of the program, as in the following
example:
C:\APPS\MAIL\EMAIL
Be sure to copy the program to a location that has a current mapping.
242 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
LOGIN-X-770: This utility could not execute external program name. Either the
environment is too big or the command line is too long.
Source:
Possible Cause:
Action:
Possible Cause:
Action:
LOGIN.EXE
The login script tried to execute a command using the #command. DOS allows
only 128 characters on the command line. If the command is too long, it
cannot be executed when using DOS, and LOGIN will warn you of this
problem.
Limit the external command, or set the environment string length to 128.
The space required for the environment information was greater than 32 KB.
If possible, divide the command into two separate commands executed one
after another.
LOGIN-X-780: This utility could not execute external program name. Error number
occurred.
Source:
LOGIN.EXE
Explanation:
For an unknown reason, LOGIN could not execute the external program.
Action:
To get specifics on the error displayed and on the appropriate procedure,

LOGIN-X-790: The parser string table is full.

Source:
Possible Cause:
Action:
LOGIN.EXE
Internally, the parser used by LOGIN is storing strings. The parser string table
holds a set number of strings. If the table becomes so full that it cannot hold
any more strings, it will report this error.
Try using fewer commands on a single line in the login script.
LOGIN-X-800: The number of script parameters exceeds the program limit (number).
Source:
Explanation:
Action:
LOGIN.EXE
The user has exceeded the number of arguments that can be pass from the
command line to the login script. The correct limit is displayed.
Pass fewer arguments to the login script.
LOGIN Messages 243
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
LOGIN-X-810: An invalid string occurred in an EXIT command. The string contained

more than number characters.
Source:
LOGIN.EXE
Action:
When using the EXIT command to pass a command to COMMAND.COM,

make sure the specified command does not exceed 14 characters.
LOGIN-X-830: You are trying to log in to too many stations simultaneously. The
supervisor has limited the number of connections you may have.
Source:
LOGIN.EXE
Possible Cause:
The user is already logged in with the maximum number of workstations

allowed.
Action:
Log out of one workstation before logging in from another workstation.
Possible Cause:
Action:
The user account is currently being used by the maximum number of users
allowed.
Wait for another user to log out from this account before logging in.
LOGIN-X-840: This utility is unable to set the context to name.

Source:
Explanation:
Action:
LOGIN.EXE
LOGIN was unable to set the context to the context specified.
LOGIN-X-850: You are trying to log in from an unauthorized station. The supervisor
has limited the stations you may log in from.
Source:
Possible Cause:
Action:
LOGIN.EXE
The account was accessed from an unauthorized workstation. A network
supervisor restricted the account to specific workstation workstations.
Access the account only from authorized workstations.
244 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
LOGIN-X-860: You are trying to log in during an unauthorized time period. The
supervisor has limited the times that you may log in.
Source:
Possible Cause:
Action:
LOGIN.EXE
The network supervisor has set specific time periods when the user can use the
server or eDirectory. The user cannot use the server until the next authorized
time period.
Give the user a list of authorized time periods.
LOGIN-X-870: An unknown error was returned during LOGIN's attempt to attach.

(code)
Source:
LOGIN.EXE
Possible Cause:
An error has occurred that the operating system cannot identify; however, this
error message usually indicates that the server or the eDirectory is servicing
the maximum number of logged-in users it can accommodate with the amount
of memory installed.
Action:
Ask some users to log out of the system temporarily. If the error persists,
LOGIN-X-880: An unknown, but correctly parsed, command was found in the login
script.
Source:
Possible Cause:
Action:
LOGIN.EXE
A command in the login script was correctly parsed, but LOGIN could not
recognize what command it was and could not execute it.
Make sure that the command has been entered correctly in the login script. A
script error has probably occurred that was, somehow, parsed correctly.
LOGIN-X-881: This script command is not supported in this platform or configuration.

Source:
Possible Cause:
Action:
LOGIN.EXE
The command could not execute because it is not specific to the platformon
which it is being executed. For example, the TREE command is valid only on
a multi-tree capable client. It would not be valid on Windows NT*, OS/2*, or
when using a Virtual Loadable ModuleTM (VLM).
Remove the invalid platform-specific command from the login script.
LOGIN Messages 245
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
LOGIN-X-890: The specified server is unknown.

Source:
LOGIN.EXE
Possible Cause:
The user mistyped the name of the server, specified a server that is not on the
network, or specified a server that has been brought down for system
maintenance.
Action:
Use NLIST or NETADMIN to list the servers that the station recognizes. Type
the name of the server correctly. If the server has been brought down for
maintenance, try the command after the server has been brought back up.
LOGIN-X-895: The user does not exist in the specified context.

Source:
Possible Cause:
Action:
LOGIN.EXE
The user specified in the command line does not exist.
Specify a valid username in the command line.
LOGIN-X-903: The command line syntax is invalid.

Source:
Possible Cause:
Action:
LOGIN.EXE
The LOGIN command type is not correct.
Type LOGIN /? for help.
LOGIN-X-905: This utility was unable to initialize the country information.

Source:
LOGIN.EXE
Possible Cause:
The shell or VLM failed to load.
Possible Cause:
Some of the memory is corrupted.
Action:
LOGIN-X-915: The specified volume does not exist.

Source:
LOGIN.EXE
Action:
246 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
LOGIN-X-918: This utility was unable to get connection information. Error code:
code.
Source:
LOGIN.EXE
Action:
See message 918: This utility was unable to get connection information.
Error code: code. on page 779
LOGIN-X-919: This utility could not create a connection list. Error code.
Source:
LOGIN.EXE
Action:
See message 919: This utility could not create a connection list. Error code.
on page 779
LOGIN-X-920: This utility does not have enough memory.

Source:
LOGIN.EXE
Explanation:
LOGIN does not have enough workstation conventional memory to execute.
Action:
Free conventional memory by unloading device drivers or other TSA

programs. See message 920: This utility was unable to allocate number bytes
of memory. on page 779
For additional help, see message 971: The workstation does not have enough
memory to load the Unicode table files. on page 781
LOGIN-X-921: Either the supervisor has locked the bindery or volume SYS: is not
mounted.
Source:
LOGIN.EXE
Action:
SYS: is not mounted. on page 779
LOGIN-X-922: Intruder detection lockout has disabled this account.

Source:
LOGIN.EXE
Action:
page 780
LOGIN Messages 247
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
LOGIN-X-923: An unexpected error has occurred. Error code: code.

Source:
LOGIN.EXE
Action:
page 780
LOGIN-X-924: All drives are in use.

Source:
LOGIN.EXE
Action:
See message 924: All drives are in use. on page 780
LOGIN-X-925: This function is not supported on Personal NetWare servers.

Source:
LOGIN.EXE
Action:
See message 925: The server specified is a Personal NetWare server. You
cannot attach to a Personal NetWare server with this utility. Use the Personal
NetWare utilities to access this connection. on page 780
LOGIN-X-970: The attempt to open the Unicode table files failed.

Source:
LOGIN.EXE
Action:
page 781
LOGIN-X-971: The workstation does not have enough memory to load the Unicode
table files.
Source:
LOGIN.EXE
Action:
LOGIN-X-972: Access to the Unicode table files was denied.

Source:
LOGIN.EXE
Action:
248 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
LOGIN-X-973: The Unicode table files cannot be found in the NLS directory or in the
Source:
LOGIN.EXE
Action:
page 782
LOGIN-X-974: The Unicode table files are corrupt.

Source:
LOGIN.EXE
Action:
LOGIN-X-975: The Unicode table files cannot be opened because there are already
too many open files. Close some files or modify your CONFIG.SYS file.
Source:
LOGIN.EXE
Action:
file. on page 783
LOGIN-X-998: The message file found (utility_name.MSG) is an incorrect version. The

Source:
LOGIN.EXE
Action:

LOGIN-X-999: The message file for this utility cannot be found.: Login.msg
Source:
LOGIN.EXE
Action:
784
LOGIN-X-2030: The password for user name on server name has expired.
Source:
Possible Cause:
LOGIN.EXE
The user's account is locked because the password has expired.
The network supervisor can require periodic password changes on accounts to
prevent unauthorized access to the accounts. The network supervisor can also
LOGIN Messages 249
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
assign a grace period during which users can still use their expired passwords
before having to choose new ones.
Action:
Use the SETPASS command to change the password. If the current password
is used during the user's grace period, it must be changed before the grace
period ends. If the grace period expires and a new password has not been set,
the network supervisor will have to change the user account password.
LOGIN-X-2032: The password for user name has expired.

Source:
Possible Cause:
LOGIN.EXE
The user's account is locked because the password has expired.
The network supervisor can require periodic password changes on accounts to
prevent unauthorized access to the accounts. The network supervisor can also
assign a grace period during which users can still use their expired passwords
before having to choose new ones.
Action:
Use the SETPASS command to change the password. If the current password
is used during the user's grace period, it must be changed before the grace
period ends. If the grace period expires and a new password has not been set,
the network supervisor will have to change the user account password.
LOGIN-X-2040: This is your last chance to change your password. You have no grace
logins remaining.
Source:
LOGIN.EXE
Explanation:
This is the last chance the user has to change the password. If the password is
not changed before the user logs out, the user will be denied access to the
server or to the eDirectory tree on the next login attempt, and the network
supervisor will have to change the account password.
Action:
Change the password using SETPASS or other utilities provided by the client
software.
LOGIN-X-2050: The new password was retyped incorrectly.

Source:
Possible Cause:
Action:
LOGIN.EXE
When changing the password, the user was prompted to enter a new password
and then retype it. The user did not type it exactly the same way the second
time as it was typed the first time.
Have the user retype the password again.
250 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
LOGIN-X-2070: The new password has been used previously.

Source:
Explanation:
Action:
LOGIN.EXE
The network supervisor can restrict users from using previous passwords.
Have the user select a password that has not already been used with the
account.
LOGIN-X-2080: New password is too short.

Source:
Possible Cause:
Action:
LOGIN.EXE
The user tried to define a password that is shorter than the minimum length set
by the network supervisor.
Tell the user to use a longer password.
LOGIN Messages 251
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
252 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
LOGOUT Messages
The following includes messages from LOGOUT.EXE.
LOGOUT-X-100: This workstation could not be detached from server name. Error
code: code.
Source:
LOGOUT.EXE
Action:
Try rebooting the workstation to clear all server connections. For information
on the specific error code, search the Error Codes online documentation (http:/
/www.novell.com/documentation/lg/nwec/docui/index.htm). If the problem
LOGOUT-X-150: This utility was unable to get the server name. Error code: code.
Source:
Explanation:
Action:
LOGOUT.EXE
During the process of logging out, LOGOUT searches through the list of
servers the user is attached to and finds the specified server. Because the
workstation does not maintain a list of servers except through the connection
number, LOGOUT takes the connection number and requests the server name.
If LOGOUT does not receive the server name, LOGOUT reports this error and
identifies it by the code shown in the message.
For information on the specific error code, search the Error Codes online
index.htm). If the problem persists, contact a Novell support provider.
LOGOUT-X-160: Logout from server name cannot be completed. Error code: code.
Source:
Explanation:
LOGOUT.EXE
An unexpected error has prevented LOGOUT from allowing the user to log
out from the server indicated in the message.
LOGOUT Messages 253
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
Action:
99a
38
July 17, 2001
index.htm). If the problem persists, contact a Novell support provider.
LOGOUT-X-180: You have only one network connection left. LOGOUT cannot detach
from it.
Source:
Explanation:
LOGOUT.EXE
This information message is notifying the workstation that the user tried to
break the last connection to the network.
LOGOUT-X-190: A default connection cannot be found.

Source:
Explanation:
Action:
LOGOUT.EXE
LOGOUT could not get the default connection identification number.
Log out from a different drive. This changes the default connection to a
different server.
LOGOUT-X-200: You are not attached to any NetWare servers.

Source:
Explanation:
LOGOUT.EXE
This informational message indiates that the user tried to logout of the network
using the LOGOUT command. The workstation was not attached to any
NetWare servers; therefore, logout returned this message.
LOGOUT-X-210: No valid drives are available to assign default to.

Source:
LOGOUT.EXE
Possible Cause:
LOGOUT could not find a valid drive. When LOGOUT completely logs the
user out of all servers, it leaves the user attached to one of them, but it does
not leave the user logged in to it. LOGOUT tries to leave the user mapped to
a valid network, or to a local drive if a network is not found.
Action:
Change to the local drive and try to log in again, or issue the MAP command
to see if any drives are available. If these attempts fail and the user cannot find
the LOGIN.EXE or MAP.EXE program, reboot the workstation and allow the
shell to connect it to a server that contains LOGIN.EXE or MAP.EXE.
254 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
LOGOUT-X-220: You are not attached to server name.

Source:
Explanation:
Action:
LOGOUT.EXE
The user tried to log out of a server that the workstation was not attached to.
Make sure to type the server name correctly.
LOGOUT-X-222: You are not logged in to a Directory Services tree.

Source:
Possible Cause:
Action:
LOGOUT.EXE
The /TR option was used in a LOGOUT command when the user was not
logged in to a Directory tree.
Do not use the /TR option in a LOGOUT command.
LOGOUT-X-230: Default drive cannot be remapped to drive drive.

Source:
LOGOUT.EXE
Explanation:
LOGOUT thought a certain drive was valid, and DOS could not set the default
drive to that letter.
Possible Cause:
When LOGOUT logs the user out of the default server, it leaves the user
attached, but not logged in to the server. LOGOUT tries to leave the user
mapped to a valid network or local drive. LOGOUT tries to find the first valid
drive. If a valid drive is not found, the error message No valid drives are
available to assign default to. is returned. If a valid drive is found, LOGOUT
calls DOS to set the default drive to that drive letter. If DOS cannot locate the
drive that LOGOUT thought was valid, or cannot set the drive to the proper
letter, this message will be returned to the workstation.
Action:
Try issuing the MAP command to see if any drives are available; then change
to that drive with the drive letter: command. If these attempts fail and the user
cannot find the LOGIN.EXE or MAP.EXE program, reboot and allow the
shell to connect the workstation to a server that contains LOGIN.EXE or
MAP.EXE.
LOGOUT-X-295: This utility could not create a context.

Source:
Explanation:
Action:
LOGOUT.EXE
The workstation does not have enough memory to set up the context.
Workstation Memory Problems on page 787.
LOGOUT Messages 255
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
LOGOUT-X-903: The command line syntax is invalid. For help, type LOGOUT /?
Source:
LOGOUT.EXE
Action:
LOGOUT-X-905: This utility was unable to initialize the country information.

Source:
LOGOUT.EXE
Action:
LOGOUT-X-918: This utility was unable to get connection information. Error code:
code.
Source:
LOGOUT.EXE
Action:
See message 918: This utility was unable to get connection information.
Error code: code. on page 779
LOGOUT-X-919: This utility could not create a connection list. Error code.
Source:
LOGOUT.EXE
Action:
on page 779
LOGOUT-X-920: This utility was unable to allocate number bytes of memory.

Source:
LOGOUT.EXE
Action:
memory. on page 779
LOGOUT-X-970: The attempt to open the Unicode table files failed.

Source:
LOGOUT.EXE
Action:
page 781
256 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
LOGOUT-X-971: The workstation does not have enough memory to load the Unicode
table files.
Source:
LOGOUT.EXE
Action:
LOGOUT-X-972: Access to the Unicode table files was denied.

Source:
LOGOUT.EXE
Action:
LOGOUT-X-973: The Unicode table files cannot be found in the NLS directory or in the
Source:
LOGOUT.EXE
Action:
page 782
LOGOUT-X-974: The Unicode table files are corrupt.

Source:
LOGOUT.EXE
Action:
LOGOUT-X-975: The Unicode table files cannot be opened because there are already
too many open files. Close some files or modify your CONFIG.SYS file.
Source:
LOGOUT.EXE
Action:
file. on page 783
LOGOUT-X-998: The message file found (utility_name.MSG) is an incorrect version.

The correct version is number. See your network supervisor for assistance.
Source:
LOGOUT.EXE
Action:

assistance. on page 783.
LOGOUT Messages 257
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
LOGOUT-X-999: Could not find message file LOGOUT.MSG.

Source:
LOGOUT.EXE
Action:
784
258 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
MAP Messages
The following includes messages from MAP.EXE.
MAP-X-100: Access to the server was denied.
Source:
MAP.EXE
Possible Cause:
The user incorrectly entered the username, the password, or both; or the user
tried to attach to a server on which the user is not defined as a user.
Action:
When the utility requests login information, type the username and password
correctly. A user can attach to most servers as GUEST since user GUEST
seldom requires a password.
MAP-X-115: Drive letter: is mapped to a bad directory handle. Try remapping it.
Source:
Explanation:
MAP.EXE
The user tried to delete a drive that had a bad directory handle.
Possible Cause:
This usually occurs because someone has removed the directory, and the user
still had a mapping to that directory.
Action:
If MAP DEL does not remove the drive, try remapping it to another area; then
delete it. For example, if
S4:= T:.[SERVER\SYS:\TOOLS]
and someone deleted the TOOLS directory, try the following:

> MAP DEL T:
Drive T: is used by the following search mapping:
SEARCH4
Do you still want to change it? (Y/N) Y
MAP Messages 259
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Error: drive T: is mapped to a bad directory handle. Try

remapping it.
The mapping for drive T: was NOT deleted.
> MAP T:=SERVER\SYS:
Drive T is in use as a search drive.
Do you want to reassign this search drive? (Y/N) Y
Drive T:=SERVER\SYS:\
Then to delete it, do the following:

> MAP DEL T:
Drive T: is used by the following search mapping:
SEARCH4
Do you still want to change it? (Y/N) Y
The mapping for drive T: has been deleted.
MAP-X-130: Access has been denied and you have been logged out.
Source:
MAP.EXE
Possible Cause:
The user tried to map a drive to a server to which the user was not already
logged in.
Possible Cause:
An invalid username or password was used.
Action:
Retry with a valid username and password.
MAP-X-140: This account has expired or been disabled by the supervisor.

Source:
MAP.EXE
Possible Cause:
The user's account has expired. The network supervisor can limit a user's
account to a specific period, after which the account expires and is no longer
accessible.
Possible Cause:
The account has been disabled. The network supervisor can disable a user's
account.
Possible Cause:
The user did not type the password correctly. The network supervisor can limit
the number of failed attempts to log in to an account. For example, if the
maximum number of failed login attempts for an account is three, and the user
types the password incorrectly on four attempts, the operating system
considers the user an intruder and disables the account.
Action:
Enable the user's account.
260 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
MAP-X-150: You could not be authenticated to server name.

Source:
Possible Cause:
Action:
MAP.EXE
The user tried to map a drive to a Volume object off of the Directory tree to
which the user was not already logged in. An invalid username or password
was used.
Retry with a valid username and password.
MAP-X-195: Directory [name] cannot be located.

Source:
Possible Cause:
Action:
MAP.EXE
The user used an invalid directory name with an INCLUDE or a MAP
command. If this error occurs during login, the incorrect INCLUDE or MAP
command is located in the login script.
Do one or both of the following:
If the error occurs at the network prompt, examine the directory structure;
then make sure all directory names in the MAP command are typed
correctly.
If the message appears during login, use the SYSCON utility to access the
login script and to modify the INCLUDE or MAP command.
MAP-X-200: This utility cannot change local drives.

Source:
Possible Cause:
Action:
MAP.EXE
A MAP CHANGE command was issued that referenced a local drive. Local
drives cannot be changed to or from search drives using the MAP command.
Do not try to change a local drive to a search drive. To make a local drive a
search drive use the SET PATH= DOS command. For information on the
PATH= environment variable, see the DOS user guide.
MAP-X-215: The source drive was not defined. MAP cannot complete this operation.
Source:
MAP.EXE
Possible Cause:
The user tried to map an existing network drive to a network drive that is not
yet defined.
Action:
Reverse the order of the drives in the command. For example, if drive F: is an
existing network drive and the user wants to map drive F: to drive G: (an
undefined drive), use the following command format:
MAP G:=F:
MAP Messages 261
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
MAP-X-260: You have reached the maximum number of server attachments.

Source:
Possible Cause:
Action:
MAP.EXE
Each NetWare server has a limited number of connection slots. A NetWare
server can be configured in various configurations (for example, 1000 user,
250 user, 10 user, etc.). The server has filled all of its connection slots.
MAP-X-287: This utility could not find the preferred server.

Source:
Possible Cause:
Action:
MAP.EXE
An internal problemoccurred.
MAP-X-295: This utility could not create a context.

Source:
Explanation:
Possible Cause:
Action:
MAP.EXE
MAP unsuccessfully tried to allocate a context handle.
The user entered the name context in the NET.CFG file incorrectly, or the
workstation does not have enough memory to set up the context.
Check your NET.CFG file for the correct name context. If you suspect
insufficient workstation memory, increase the memory available to the
workstation. See Resolving Workstation Memory Problems on page 787.
MAP-X-400: You attempted to map a network drive to an unmapped drive or to a local

drive.
Source:
MAP.EXE
Possible Cause:
The path from the command line was to a local drive or was an invalid network
drive (a drive that does not exist on the server).
Action:
Use the SUBST DOS command instead. If the user is trying to map to a
network drive, verify that the path exists and that the user has access to it; then
try the mapping again.
262 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
MAP-X-410: The supervisor has disabled the login function for this server.
Source:
MAP.EXE
Possible Cause:
The user account on the server is locked. The network supervisor can disable
the login function temporarily to prevent users from logging in or from
attaching to the server during system maintenance. Most likely the network
supervisor is doing maintenance work on the server.
Action:
This condition is usually temporary. Try to log in to the server after the login
function has been enabled. If the user is using CAPTURE or NPRINT, attach
to another server and use its printer.
MAP-X-430: The following drive mapping operation could not be completed:

[mapping].
Source:
Explanation:
MAP.EXE
An unexpected error occurred during a mapping attempt.
Possible Cause:
Usually this is an indication of an invalid drive being mapped or of a command

being mistyped.
Action:
Try the command again to verify that the specified drive and path exist. If this
does not work, contact a Novell support provider to get information on the
error.
MAP-X-440: The operation was attempted on an invalid drive.

Source:
Explanation:
Possible Cause:
Action:
MAP.EXE
The user tried to map a drive to a path that is invalid or not locatable.
The user tried to map to a local drive.
Verify the existence of the path specified and make sure that it does not map
to a local drive; then try the mapping again.
MAP-X-500: You do not have an account balance. This server charges for file
services.
Source:
Possible Cause:
Action:
MAP.EXE
The user does not have an account on this server.
Create an account for the user or reestablish a previous account.
MAP Messages 263
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
MAP-X-520: You have exceeded your credit limit for this server.
Source:
Possible Cause:
Action:
MAP.EXE
MAP denied the user access to the server because the user has no more credit
on the server.
Give the user more credit.
MAP-X-550: The maximum number of connections allowed on this server has been
reached. Wait until another user logs out.
Source:
Possible Cause:
Action:
MAP.EXE
Each NetWare server has a limited number of connection slots. A NetWare
2.1x server can have up to 100 users connected. A NetWare 3 server can have
up to 250 users connected. NetWare 4 or later can have up to 1000.
MAP-X-580: Your password has expired and all grace logins have been used.
Source:
Possible Cause:
Action:
MAP.EXE
The user account is locked because the user did not change the expired
password. The network supervisor can limit the number of times a user can log
in with an expired password.
If desired, unlock the user's account.
MAP-X-610: The server did not respond.

Source:
Possible Cause:
MAP.EXE
The server lost power or was shut off before the DOWN command was issued.
When a NetWare server is brought down with the DOWN command, that
command sends a message to all other servers on the internetwork to inform
them that the NetWare server is no longer active on the internetwork.
However, if a NetWare server is shut off before the DOWN command is
issued, all other servers assume that the NetWare server is still on the
internetwork, even though it is not. In this situation, the NetWare server name
still appears with the SLIST command, even though that server is no longer
active on the internetwork.
Possible Cause:
A broken or loose connection exists on the internetwork between this server

and the server the user tried to attach to.
264 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
The NetWare server can be seen with SLIST up to 15 minutes after it has lost
its power, or abends. This error message appears if a user tries to log in to or
issue a command on the NetWare server.
Action:
Try the command again when the NetWare server has been brought back up.
MAP-X-640: Server name is part of domain name. This version of MAP is not a
NetWare Name Service utility and cannot synchronize passwords in a domain. Use
the NetWare Name Service utility SETPASS to change your password.
Source:
MAP.EXE
Possible Cause:
The workstation is using a version of MAP that does not support NetWare
Name Services. The passwords in a domain cannot be synchronized with this
MAP version.
Action:
Use a version of SETPASS that supports NetWare Name Services to change

the password.
MAP-X-680: The search drive command is not supported in OS/2.

Source:
Possible Cause:
Action:
MAP.EXE
The user used a command not supported by OS/2.
When using OS/2, do not attempt to use search drives.
MAP-X-690: There is no room to expand the path environment variable with the
mapping: [name].
Source:
MAP.EXE
Possible Cause:
This error occurs when a user tries to map a search drive. LOGIN could not
add the variable to the local path environment variable. LOGIN attempts to
update the master environment and, upon successful completion, attempts to
update its own local environment. The workstation probably does not have
enough available memory to allocate the new variables.
Action:

Workstation Memory Problems on page 787. (Adding more than 640 KB will
not help, because 640 KB is the maximum that can be used.
This is not a serious error; however, you cannot access those search drives
(that came back with this error) as search drives until login has been
completed. These drives are mapped as regular drives, and because they were
successfully placed in the master environment, they can become search drives
after login has been completed.
MAP Messages 265
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
MAP-X-710: The password could not be changed. (code)

Source:
Possible Cause:
Action:
MAP.EXE
MAP could not change the password for the reason indicated by the error
code.
Contact a Novell support provider. For information about a specific error
MAP-X-830: You are trying to log in to too many stations simultaneously. The
supervisor has limited the number of active connections you may have.
Source:
Possible Cause:
Action:
Possible Cause:
Action:
MAP.EXE
The user could not log in to the NetWare server because the user is already
logged in from the maximum number of workstations allowed. The network
supervisor can limit the maximum number of workstations from which the
user can log in. In this case, the user has used the maximum number.
Log out of a workstation before logging in from another workstation.
The user could not log in to the user account because the account is being used
by the maximum number of users allowed. The network supervisor can limit
the number of users who can be concurrently logged in to a user account. For
example, the supervisor can limit the GUEST account to a maximum of five
concurrent connections.
Wait for someone to log out from this account before you log in.
MAP-X-850: You are trying to log in from an unauthorized station. The supervisor has
limited the stations you are allowed to log in from.
Source:
Possible Cause:
Action:
MAP.EXE
The user tried to access an account from an unauthorized workstation. A
network supervisor can restrict an account to one or more particular
workstations from which users can access the account.
Use only authorized workstations to access the account.
266 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
MAP-X-860: You are trying to login during an unauthorized time period. The
supervisor has limited the time period during which you can log in to this server.
Source:
Possible Cause:
Action:
MAP.EXE
The network supervisor has set specific time periods when the user can use the
server. The user cannot use the server until the next authorized time period.
Notify the user of the restricted time periods.
MAP-X-870: An unknown error was returned during MAP's attempt to attach. (code)
Source:
MAP.EXE
Possible Cause:
An error occurred that the operating system cannot identify. The error number
is identified by code. This usually indicates that the server is servicing the
maximum number of logged-in users it can accommodate with its memory.
Action:
Ask some users to log out. If the error persists, record the error value and
MAP-X-890: The specified server is unknown.

Source:
MAP.EXE
Possible Cause:
The user mistyped the name of the server, specified a server that is not on the
network, or specified a server that is down.
Action:
Using an applicable utility, such as NLIST or NetWare Adminisitrator, list the

servers that the station recognizes. Type the name of the server correctly. If the
server is down, try the command when the server has been brought back up.
MAP-X-903: The command line syntax is invalid. For help, type MAP /?
Source:
MAP.EXE
Action:
MAP-X-905: This utility was unable to initialize the country information.

Source:
MAP.EXE
Action:
MAP Messages 267
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
MAP-X-915: The specified volume does not exist.

Source:
MAP.EXE
Action:
MAP-X-919: This utility could not create a connection list. Error code.
Source:
MAP.EXE
Action:
on page 779
MAP-X-920: This utility does not have enough memory available.

Source:
MAP.EXE
Action:
memory. on page 779
MAP-X-921: Either the supervisor has locked the bindery or volume SYS: is not
mounted.
Source:
MAP.EXE
Action:
SYS: is not mounted. on page 779
MAP-X-922: Intruder detection lockout has disabled this account.

Source:
MAP.EXE
Action:
page 780
MAP-X-923: An unexpected error has occurred. Error code: code.

Source:
MAP.EXE
Action:
page 780
MAP-X-924: All drives are in use.

Source:
MAP.EXE
Action:
See message 924: All drives are in use. on page 780
268 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
MAP-X-925: The server specified is a Personal NetWare server. You cannot attach to
a Personal NetWare server with this utility. Use the Personal NetWare utilities to
access this connection.
Source:
MAP.EXE
Action:
See message 925: The server specified is a Personal NetWare server. You
cannot attach to a Personal NetWare server with this utility. Use the Personal
NetWare utilities to access this connection. on page 780
MAP-X-970: The attempt to open the Unicode table files failed.

Source:
MAP.EXE
Action:
page 781
MAP-X-971: The workstation does not have enough memory to load the Unicode table
files.
Source:
MAP.EXE
Action:
MAP-X-972: Access to the Unicode table files was denied.

Source:
MAP.EXE
Action:
MAP-X-973: The Unicode table files cannot be found in the NLS directory or in the
Source:
MAP.EXE
Action:
page 782
MAP-X-974: The Unicode table files are corrupt.

Source:
MAP.EXE
Action:
MAP Messages 269
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
MAP-X-975: The Unicode table files cannot be opened because there are already too
Source:
MAP.EXE
Action:
file. on page 783
MAP-X-998: The message file found (utility_name.MSG) is an incorrect version. The

Source:
MAP.EXE
Action:

MAP-X-999: The message file for this utility cannot be found.

Source:
MAP.EXE
Action:
784
MAP-X-2030: The password for user name on server name has expired.
Source:
Possible Cause:
Action:
MAP.EXE
The user's account is locked because the password has expired. The network
supervisor can require periodic password changes for accounts to protect them
from access by unauthorized persons. The network supervisor can assign a
grace period during which users can still use their recently expired passwords
before having to choose new ones. The user has exceeded the grace period.
Use the SETPASS command to change the password. Whenever a user is
notified that a password has expired, it must be changed before the grace
period ends. If it is not, the network supervisor must change it for the user.
MAP-X-2032: The password for user name has expired.

Source:
Possible Cause:
MAP.EXE
The user's account is locked because the password has expired. The network
supervisor can require periodic password changes for accounts to protect them
from access by unauthorized persons. The network supervisor can assign a
270 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
grace period during which users can still use their recently expired passwords
before having to choose new ones. The user has exceeded the grace period.
Action:
Use the SETPASS command to change the password. Whenever a user is

notified that a password has expired, it must be changed before the grace
period ends. If it is not, the network supervisor must change it for the user.
MAP-X-2040: This is your last chance to change your password. You have no grace
logins remaining.
Source:
Possible Cause:
Action:
MAP.EXE
If the user does not change the password during this session, the user will not
be able to log in next session.
Change the password.
MAP-X-2050: The new password was retyped incorrectly.

Source:
Possible Cause:
Action:
MAP.EXE
The password typed the second time was different from the password typed
initially.
Try again.
MAP-X-2070: The new password has been used previously.

Source:
Possible Cause:
Action:
MAP.EXE
The user tried to change the password to one the user had used previously. The
network supervisor can require periodic password changes for accounts to
protect them from access by unauthorized persons. The network supervisor
can restrict users from changing their passwords back to words they have used
before.
Select a password that has not already been used with this account.
MAP-X-2080: The new password is too short.

Source:
Possible Cause:
Action:
MAP.EXE
Passwords on this server are required to be a certain minimum number of
characters to be valid. The user entered a password that is too short.
Use a longer password.
MAP Messages 271
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
272 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
July 17, 2001
38
MONITOR Messages
The following includes messages from MONITOR.NLM.
MONITOR-X-60: The NLM could not allocate memory.
Source:
Possible Cause:
Action:
MONITOR.NLM
MONITOR-X-198: The NLM could not allocate a resource tag.

Source:
Possible Cause:
Action:
MONITOR.NLM
MONITOR-X-207: The NLM could not open a screen.

Source:
Possible Cause:
Action:
MONITOR.NLM
MONITOR-X-208: The NLM could not register for event notification.

Source:
Possible Cause:
Action:
MONITOR.NLM
MONITOR Messages 273
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
MONITOR-X-236: This NLM requires a newer version of NWSNUT.NLM.

Source:
Explanation:
Action:
MONITOR.NLM
While loading, MONITOR determined that the version of NWSNUT.NLM
loaded in server memory does not support the required functionality.
Update the version of NWSNUT.NLM on the server.
274 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
NDPSM Messages
The following includes messages from NDPSM.NLM.
NDPSM-X-13: Insufficient memory is available for the NDPS Manager to initialize the
Printer Agents.
Source:
NDPSM.NLM
Action:
Make sure the server has sufficient memory, then retry the operation. For
information on resolving memory problems, see Freeing Server Memory
NDPSM-X-15: An error occurred while creating a new display portal. This is usually
due to a low memory condition.
Source:
Explanation:
Action:
NDPSM.NLM
NDPSTM Manager was unable to create a new display portal.
NDPSM-X-23: Insufficient memory is available to allocate a resource tag for the NDPS
Manager user interface.
Source:
Possible Cause:
Action:
NDPSM.NLM
NDPS Manager's user interface could not initialize because memory at the
server was not sufficient to allocate a resource tag.
NDPSM Messages 275
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NDPSM-X-33: Printer Agent <name> already exists.

Source:
Possible Cause:
Action:
NDPSM.NLM
You are trying to give a Printer Agent a name that is already in use.
Use a unique name.
NDPSM-X-37: The NDPS Manager has lost its connection to queue <name>.
Source:
Possible Cause:
Action:
NDPSM.NLM
One of the following events probably occurred: a router went down, the
volume the queue is on was dismounted, or the server that has the volume with
the queue went down.
Check the status of your routers, the queue volume, and the server.
NDPSM-X-76: Error <code> occurred while reporting an event for Printer Agent
<agent_name> to the notification service.
Source:
NDPSM.NLM
Explanation:
NDPS Manager was unable to report an event at the specified Printer Agent to
the notification service.
Action:
For information about the specific error code, search the Error Codes online
index.htm). If you are unable to resolve the error, contact your Novell
support provider.
NDPSM-X-77: The PDS Gateway associated with Printer Agent <agent_name>

refused a reply with error code <code>. The Printer Agent will be shut down.
Source:
Possible Cause:
Action:
NDPSM.NLM
An internal program error caused the reply to be refused. This could be a
problem in the program itself.
index.htm). If you are unable to resolve the error, contact your Novell support
provider.
276 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NDPSM-X-95: Error <code> occurred while attempting to log in to the network.

Access to the network is denied.
Source:
NDPSM.NLM
Possible Cause:
NDPS Manager was not able to log in to the network because error code was
returned during the attempt.
Action:
provider.
NDPSM-X-96: Error <code> occurred while attempting to read the local volume name
from volume <volume_name>.
Source:
Explanation:
Possible Cause:
Action:
NDPSM.NLM
An internal error prevented NDPS Manager from reading the volume attribute
for the volume specified in the message.
This could be a problem in the program itself.
provider.
NDPSM-X-97: Error <code> occurred while reading a Directory Services context.

Source:
Explanation:
Possible Cause:
Action:
NDPSM.NLM
An internal error prevented NDPS Manager from reading the NDSTM context.
provider.
NDPSM-X-100: Insufficient memory is available to add information portal help.

Source:
Possible Cause:
NDPSM.NLM
The NDPS Manager was unable to add information portal help because of
insufficient memory at the server.
NDPSM Messages 277
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
Action:
99a
38
July 17, 2001
NDPSM-X-104: Error <code> occurred while creating the NDPS Manager database.
Source:
Explanation:
Possible Cause:
Action:
NDPSM.NLM
NDPS Manager was unable to create the database because an error code was
returned.
index.htm).
NDPSM-X-105: Error <code> occurred while changing job storage volume.

Source:
Possible Cause:
Action:
NDPSM.NLM
NDPS Manager was unable to change the job storage volume due to error
code.
provider.
NDPSM-X-106: Insufficient memory is available to initialize the NDPS Manager.

Source:
NDPSM.NLM
Action:
NDPSM-X-107: The NDPS Manager is unable to prompt for a password. This is usually
due to a low memory condition.
Source:
NDPSM.NLM
Action:
278 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NDPSM-X-108: Error <code> occurred while attaching to queues associated with

printer <printer_name>.
Source:
NDPSM.NLM
Possible Cause:
An internal error stopped the NDPS Manager from attaching to the queue that
is associated with the specified printer.
Action:
provider.
NDPSM-X-109: The NDPS Manager is unable to create the queue polling process. This
is usually due to a low memory condition.
Source:
NDPSM.NLM
Action:
NDPSM-X-114: There was not enough room on volume <volume_name> to transfer

the jobs. The operation was aborted.
Source:
Possible Cause:
Action:
NDPSM.NLM
NDPS Manager was unable to transfer the print jobs to volume volume_name
because of a temporary lack of disk space.
Try the task again. You might need to free up some space on the volume.
NDPSM-X-116: The Gateway bound to this Printer Agent has refused the request to
rename the Printer Agent. It will be necessary to unload the Gateway in order to
rename this Printer Agent.
Source:
Possible Cause:
Action:
NDPSM.NLM
Some gateways have an internal dependency on the Printer Agent name that
existed when the gateway bound to the Printer Agent. It will refuse a rename
request for the Printer Agent while it continues to be bound to that Printer
Agent.
Unload the gateway and rename the Printer Agent, then load the gateway
again. (You can do this from the command line.)
NDPSM Messages 279
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NDPSM-X-121: Error <code> occurred while initializing the DPLSV386 library.

Reported version: <version> Expected version: <version>
Source:
Possible Cause:
Action:
NDPSM.NLM
Possible causes include an incorrect, outdated, or incompatible version of the
library. It could also be caused by a low memory condition.
Refer to the explanation that is displayed along with this message.
NDPSM-X-128: Error <code> occurred while attempting to find the next printer agent.
The NDPS Manager will continue to load and service the printer agents that it has
already initialized.
Source:
Possible Cause:
Action:
NDPSM.NLM
The NDPS database and index files might not be synchronized.
From the Database Options menu, select the Resynchronize Database File
option. If the database fails to resynchronize, contact your Novell support
provider. For information about the specific error code, search the Error Codes
docui/index.htm).
NDPSM-X-154: The database file and index file associated with the NDPS Manager
Database are not synchronized. You may select the Resynchronize Database Files
option in the following menu to generate a new Index file.
Source:
NDPSM.NLM
Action:
option. If the database fails to resynchronize, contact a Novell support
provider.
NDPSM-X-163: Error <code> occurred while renaming the printer agent.

Source:
NDPSM.NLM
Possible Cause:
An internal error stopped the process. This could be a problem in the program
itself.
Action:
provider.
280 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NDPSM-X-169: Medium <medium> selected to be removed as a supported medium is

being referenced and can not be removed.
Source:
Possible Cause:
Action:
NDPSM.NLM
You attempted to delete the medium currently selected.
Select a different medium to be the current medium, then delete the other one.
NDPSM-X-190: Error <code> occurred while initializing a printer agent. (NDPS

Manager internal printer agent ID <ID_number>).
Source:
NDPSM.NLM
Possible Cause:
An internal error prevented the Printer Agent from initializing. This could be
a problem in the program itself.
Action:
provider.
NDPSM-X-192: Error <code> occurred while creating printer agent <name>.

Source:
Possible Cause:
Action:
NDPSM.NLM
An internal error prevented creating the Printer Agent. This could be a
provider.
NDPSM-X-193: The NDPS Manager was unable to re-open its database.

Source:
NDPSM.NLM
Action:
Unload the NDPS Manager and then reload it.
NDPSM-X-194: Error <code> occurred while deleting printer agent <name>.

Source:
Possible Cause:
NDPSM.NLM
An internal error prevented deleting the Printer Agent. This could be a
NDPSM Messages 281
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
Action:
99a
38
July 17, 2001
provider.
NDPSM-X-196: The NDPS Manager was unable to launch the housekeeping process.
This is usually due to a low memory condition.
Source:
NDPSM.NLM
Action:
NDPSM-X-197: Error <code> occurred while accessing the NDPS Manager database.
The NDPS Manager cannot continue without access to its database. The NDPS
Manager will be unloaded.
Source:
Possible Cause:
Action:
NDPSM.NLM
An internal error stopped access to the database. This could be a problem in
the program itself.
provider.
NDPSM-X-199: Error <code> occurred while initializing the Managed Object database.
Source:
Possible Cause:
Action:
NDPSM.NLM
An internal error prevented the database from initializing. This could be a
provider.
282 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NDPSM-X-200: A low memory error occurred while initializing the Job Production
Manager.
Source:
NDPSM.NLM
Action:
Temporarily in the Server Operating System Administration Guide. For
information about the specific error code, search the Error Codes online
index.htm).
NDPSM-X-204: The NDPS Manager was unable to initialize an NDS context.

Source:
Explanation:
Action:
NDPSM.NLM
An unspecified error prevented the NDPS Manager from initializing an
NDSTM context.
If you are unable to resolve the problem, contact your Novell support
provider.
NDPSM-X-205: Insufficient memory is available to initialize the NDPS Manager

process list.
Source:
NDPSM.NLM
Action:
NDPSM-X-206: Error <code> occurred while reading the database volume name from
NDS.
Source:
NDPSM.NLM
Possible Cause:
An internal error prevented the NDPS Manager from reading the name. This
could be a problem in the program itself.
Action:
provider.
NDPSM Messages 283
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NDPSM-X-207: Error <code> occurred while reading the database directory path from
NDS.
Source:
Possible Cause:
Action:
NDPSM.NLM
An internal error prevented the NDPS Manager from reading the path. This
provider.
NDPSM-X-208: Error <code> occurred while changing the current scheduler.

Source:
NDPSM.NLM
Possible Cause:
An internal error prevented the NDPS Manager from changing the scheduler.
Action:
provider.
NDPSM-X-215: The NDPS Manager was unable to load the port handler for printer
agent <name>.
Source:
Possible Cause:
Action:
NDPSM.NLM
The Port Handler does not have sufficient rights.
Verify that the Executable Parameter attributes for the Port Handler are set
correctly.
NDPSM-X-222: The index file associated with the NDPS Managers database is
corrupt. You may select the Resynchronize Database Files option in the following
menu to generate a new index file.
Source:
NDPSM.NLM
Action:
option. If the database fails to resynchronize, contact a Novell support
provider.
284 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NDPSM-X-237: Error <code> occurred while opening file <filename>.

Source:
Possible Cause:
Action:
NDPSM.NLM
An internal error prevented the NDPS Manager from opening the file. This
provider.
NDPSM-X-244: Error <code> occurred attempting to delete file <filename>.

Source:
Possible Cause:
Action:
NDPSM.NLM
An internal error prevented the NDPS Manager from deleting the file. This
provider.
NDPSM-X-247: The volume that contains the database for NDPS Manager <name> is
on a remote server or is not mounted. Remote database access is not currently
supported.
Source:
NDPSM.NLM
Action:
Mount the volume containing the database on a local server.
NDPSM-X-248: Error <code> was returned attempting to delete job <job_name>.

Source:
Possible Cause:
Action:
NDPSM.NLM
An internal error prevented the NDPS Manager from deleting the print job.
provider.
NDPSM Messages 285
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NDPSM-X-251: Error <code> occurred registering public access printer <printer> with
the Service Registry Service.
Source:
NDPSM.NLM
Possible Cause:
An internal error stopped the NDPS Manager from registering the printer. This
Action:
provider.
NDPSM-X-265: Error <code> occurred while initializing the user interface.

Source:
NDPSM.NLM
Possible Cause:
An internal error stopped the NDPS Manager from initializing the interface.
Action:
provider.
NDPSM-X-266: An error occurred while creating the key line. This is usually due to a
low memory condition.
Source:
NDPSM.NLM
Action:
NDPSM-X-267: An error occurred while creating the information portal. This is usually
due to low memory condition.
Source:
NDPSM.NLM
Action:
286 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
NDPSM-X-268: The NDPS Manager is unable to create the console background

process. This is usually due to low memory condition.
Source:
NDPSM.NLM
Action:
NDPSM-X-270: The NDPS Manager <name> cannot be found. Verify that the complete
NDPS Manager name is used. For example: LOAD NDPSM .PSMACCOUNTING.ACCOUNTING.NOVELL
Source:
Explanation:
Action:
NDPSM.NLM
The specified NDPS Manager name does not exist.
Reenter the command using a complete name.
NDPSM-X-271: Printer Agent <name> failed to bind to a notification service.

Source:
Explanation:
NDPSM.NLM
This is a warning message. A notification service will be automatically loaded
when one becomes available.
NDPSM-X-272: The NDPS Manager was unable to create the client request manager
process. This is usually due to a low memory condition.
Source:
NDPSM.NLM
Action:
NDPSM-X-279: Error <code> occurred while setting the password generated by the
NDPS Manager.
Source:
NDPSM.NLM
Possible Cause:
An internal error prevented setting the password. This could be a problem in

the program itself.
Action:
provider.
NDPSM Messages 287
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NDPSM-X-280: Error <code> occurred while creating a service registry reference.

Source:
Possible Cause:
Action:
NDPSM.NLM
An internal error prevented the NDPS Manager from creating the reference.
provider.
NDPSM-X-281: The NDPS Manager was unable to launch the connection monitoring
process. Lost connections to the Notification Service, the Service Registry Service,
and the Resource Management Service will not be restored.
Source:
NDPSM.NLM
Action:
Unload and then reload the NPDS Manager.
NDPSM-X-282: Error <code> occurred while accessing Directory Services.

Source:
NDPSM.NLM
Possible Cause:
An internal error stopped the NDPS Manager from accessing eDirectory. This
Action:
provider.
NDPSM-X-283: Unicode translation error <code> occurred.

Source:
NDPSM.NLM
Possible Cause:
An internal error stopped the NDPS Manager from translating the Unicode*.
Action:
provider.
288 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NDPSM-X-284: Error <code> occurred while creating document file <filename>.

Source:
Possible Cause:
Action:
NDPSM.NLM
An internal error stopped the NDPS Manager from creating the file. This
provider.
NDPSM-X-296: The NDPS Manager was unable to submit a task to the housekeeping
process. This is due to a low memory condition.
Source:
NDPSM.NLM
Action:
NDPSM-X-298: Error <code> occurred while writing data to a document file.

Source:
Possible Cause:
Action:
NDPSM.NLM
An internal error prevented the NDPS Manager from writing the data. This
provider.
NDPSM-X-299: Error <code> occurred while registering Printer Agent <name> with
the Service Registry Service.
Source:
Possible Cause:
Action:
NDPSM.NLM
An internal error stopped the NDPS Manager from registering the Printer
Agent. This could be a problem in the program itself.
provider.
NDPSM Messages 289
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NDPSM-X-311: Error <code> was returned by the configuration utility. No changes

were saved.
Source:
NDPSM.NLM
Possible Cause:
An internal error prevented the configuration from being saved. This could be
a problem in the program itself.
Action:
provider.
NDPSM-X-314: The selected job (ID <identifier>) is no longer active.

Source:
Possible Cause:
NDPSM.NLM
The user is trying to delete a job that has finished printing.
NDPSM-X-315: The NDPS Manager database index file was truncated. You may select
the "Resynchronize Database Files" option in the following menu to generate a new
index file.
Source:
NDPSM.NLM
Possible Cause:
This could be the result of a programming error, hard drive corruption, or an

abend with TTS disabled, which may have corrupted the database.
Action:
Go to the Database Options menu and try to resynchronize the database from
there. If this fails, use the Restore Database function from the Backup option.
NDPSM-X-317: The NDPS Manager database data file was truncated. You will need to
restore the database from a backup.
Source:
Possible Cause:
Action:
NDPSM.NLM
The database data file has been corrupted.
Restore the database file from a backup copy.
NDPSM-X-318: The NDPS Manager was unable to read the database index file.
Source:
Possible Cause:
Action:
NDPSM.NLM
The index file may have become corrupted.
Go to the Database Options menu and try to resynchronize the database from
there. If this fails, use the Restore Database function from the Backup option.
290 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NDPSM-X-319: The DPLSV386 library was unable to create an accessorRef. This is

usually due to a low memory condition.
Source:
NDPSM.NLM
Action:
NDPSM-X-321: Error <code> occurred while attempting to give the broker rights to
Directory Services printer object <printer_name>. This will effect notification.
Source:
Possible Cause:
Action:
NDPSM.NLM
The Broker was unable to manipulate the Notification Consumers and
Notification Profile attributes. An internal error may have prevented rights
from being assigned to the Broker. This could be a problem in the program
itself.
Try to assign Supervisor rights to the NDSTM Broker object. For information
about the specific error code, search the Error Codes online documentation
(http://www.novell.com/documentation/lg/nwec/docui/index.htm). If you
are able to resolve the error,
NDPSM-X-327: The NDPS Manager was unable to load the requested scheduler for
Printer Agent <name>. The "first in, first out" scheduler was used in its place.
Source:
NDPSM.NLM
Action:
None. The job will be completed according to the default scheduler.
NDPSM-X-328: Error <code> occurred trying to delete the NDPS Manager database
files.
Source:
NDPSM.NLM
Action:
provider.
NDPSM Messages 291
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NDPSM-X-329: Insufficient memory is available to create a list of Printer Agents.

Source:
NDPSM.NLM
Action:
NDPSM-X-330: Error <code> occurred attempting to shutdown the Printer Agent.

Source:
NDPSM.NLM
Possible Cause:
An internal error prevented shutting down the Printer Agent. This could be a
Action:
provider.
NDPSM-X-332: Insufficient memory is available to create a list of Printer Agent status

details.
Source:
NDPSM.NLM
Action:
NDPSM-X-334: Error <code> was returned attempting to <operation>.

Source:
Possible Cause:
Action:
NDPSM.NLM
An error was returned during the operation shown in the message.
provider.
NDPSM-X-335: Error <code> occurred attempting to change the current medium.

Source:
Possible Cause:
NDPSM.NLM
An internal error prevented changing the medium. This could be a problem in
the program itself.
292 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
Action:
99a
38
July 17, 2001
provider.
NDPSM-X-336: Error <code> occurred adding a medium to the supported media list.
Source:
Possible Cause:
Action:
NDPSM.NLM
An internal error prevented adding the medium. This could be a problem in
the program itself.
provider.
NDPSM-X-339: Error <code> occurred while rebuilding the NDPS Managers database.
Source:
Possible Cause:
Action:
NDPSM.NLM
An internal error prevented the database from being rebuilt. This could be a
provider.
NDPSM-X-340: Error <code> occurred changing the job wait time.

Source:
NDPSM.NLM
Possible Cause:
An internal error prevented changing the time. This could be a problem in the
program itself.
Action:
provider.
NDPSM Messages 293
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NDPSM-X-341: Error <code> occurred attempting to load module <name>.

Source:
Possible Cause:
Action:
NDPSM.NLM
An internal error prevented loading the module. This could be a problem in
the program itself.
provider.
NDPSM-X-342: Error <code> was returned attempting to save the information

returned by the configuration utility.
Source:
Possible Cause:
Action:
NDPSM.NLM
An internal error prevented information from being saved. This could be a
provider.
NDPSM-X-344: Error <code> occurred changing job space limits.

Source:
Possible Cause:
Action:
NDPSM.NLM
An internal error prevented information from being saved. This could be a
provider.
NDPSM-X-345: The job storage volume for printer agent <name> could not be
accessed. The printer agent was shut down.
Source:
Explanation:
Action:
NDPSM.NLM
The storage volume for the specified Printer Agent has been dismounted.
Remount the storage volume.
294 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NDPSM-X-346: Volume <volume_name> is not accessible, printer agent

<agent_name> was not initialized.
Source:
Explanation:
Action:
NDPSM.NLM
The specified volume has been dismounted.
Remount the volume.
NDPSM-X-347: Error <code> occurred attempting to load <module>.

Source:
NDPSM.NLM
Possible Cause:
An internal error prevented the module from loading. This could be a problem
in the program itself.
Action:
provider.
NDPSM-X-348: Printer Agent <name> was unable to allocate memory and was
shutdown.
Source:
Possible Cause:
Action:
NDPSM.NLM
The server has insufficient memory available.
NDPSM-X-349: Error <code> occurred while Printer Agent <name> was opening job
<job>.
Source:
Possible Cause:
Action:
NDPSM.NLM
A file I/O error has probably occurred.
provider.
NDPSM Messages 295
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NDPSM-X-350: The NDPS Manager does not support autoloading of port handlers on
SFT III servers. This must be done from the system console.
Source:
NDPSM.NLM
Action:
SFT III is not supported by NDPS.
NDPSM-X-351: Error <code> occurred while creating the portal.

Source:
Possible Cause:
Action:
NDPSM.NLM
provider.
NDPSM-X-358: Error <code> occurred while saving a backup of the NDPS Manager
database files.
Source:
Possible Cause:
Action:
NDPSM.NLM
A file I/O error has probably occurred.
provider.
NDPSM-X-366: The NDPS Manager is unable to automatically back up its database.

Source:
Possible Cause:
Action:
NDPSM.NLM
296 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NDPSM-X-370: There is no backup to restore from.

Source:
Possible Cause:
Action:
NDPSM.NLM
The NDPS Manager database was not previously backed up, so a database
restore cannot be performed.
None. If a backup copy does not exist, there is no way to restore the database.
In the future, be sure to back up the NDPS Manager database.
NDPSM-X-373: Error <code> occurred while initializing the NDPS Manager.

Source:
Possible Cause:
Action:
NDPSM.NLM
This may be an eDirectory problem.
Run DSREPAIR and try again. For information about the specific error code,
documentation/lg/nwec/docui/index.htm). If you are unable to resolve the
error, contact your Novell support provider.
NDPSM-X-379: Error <code> occurred while trying to discover supported protocols.

Make sure that at least one transport protocol is loaded.
Source:
NDPSM.NLM
Possible Cause:
Neither the IP nor the IPXTM protocol is currently bound to the network card.
Action:
provider.
NDPSM-X-392: Error <code> accessing file server <name>. This is the file server that
currently has the database.
Source:
NDPSM.NLM
Possible Cause:
The NDPS Manager uses a database that must be on the local file server.
Currently, the NDPS Manager's database is stored on a remote file server that
cannot be accessed.
Action:
If you have configured the NDPS Manager for automatic database backup, try
to restore the database from a backup stored in eDirectory. Existing jobs will
be lost, but the need to contact the remote file server is removed. For
provider.
NDPSM Messages 297
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NDPSM-X-394: The NDPS Manager <name> is currently running on another file

server.
Source:
Possible Cause:
Action:
NDPSM.NLM
You specified an NDPS Manager that is not running on the local server.
Either specify an NDPS Manager on the local server, or designate the server
the NDPS Manager is running on.
NDPSM-X-396: Error <code> occurred attaching to file server <name>.

Source:
Possible Cause:
Action:
NDPSM.NLM
A connection cannot be established with the file server you specified. This
problem could have a variety of possible causes.
provider.
NDPSM-X-397: Error <code> occurred while moving the NDPS Manager.

Source:
Possible Cause:
Action:
NDPSM.NLM
A connection problem may account for this failure.
provider.
NDPSM-X-400: Error <code> occurred selecting the volume to receive the database.
Source:
Possible Cause:
Action:
NDPSM.NLM
Error code occurred selecting the volume to receive the database.The volume
you tried to select is not available.
Make sure you specified a volume that exists. For information about the
www.novell.com/documentation/lg/nwec/docui/index.htm). If you are
unable to resolve the error, contact your Novell support provider.
298 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NDPSM-X-401: The object <name> that was selected is not an NDPS Manager.
Source:
NDPSM.NLM
Possible Cause:
This error may simply be the result of a typing mistake made by the user at the
command line. It could also occur if the eDirectory volume object associated
with the NDPS Manager has been deleted, in which case eDirectory will
change the NDPS Manager to an "unknown object."
Action:
Make sure you have typed the command correctly. If this is not the problem
and the volume has been deleted, you will need to associate an NDPS Manager
with an existing volume and re-create the printers that were assigned to it.
NDPSM-X-402: The NDPS Manager was unable to initialize the <protocol_name>

protocol.
Source:
Possible Cause:
Action:
NDPSM.NLM
The protocol stack did not initialize. Your server could have insufficient
memory, or there could be a problem with the protocol stack itself.
Temporarily in the Server Operating System Administration Guide. If memory
is not the problem, refer to the documentation for the protocol stack for
troubleshooting or debugging information.
NDPSM Messages 299
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
300 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
NE1000-NW Messages
The following includes messages from NE1000-NW.LAN.
NE1000-NW-X-025: You cannot load MSM31X on a NetWare 3.10 server.
Source:
NE1000-NW.LAN
Action:
See message 025: You cannot load MSM31X on a NetWare 3.10 server. on
page 761
NE1000-NW-X-026: On a NetWare 3.11 server, you must load LSLENH.NLM before you
load MSM31X.NLM.
Source:
NE1000-NW.LAN
Action:
See message 026: On a NetWare 3.11 server, you must load LSLENH.NLM
before you load MSM31X.NLM. on page 762
NE1000-NW-X-051: Board RAM failed the memory test.

Source:
NE1000-NW.LAN
Action:
See message 051: Board RAM failed the memory test. on page 763
NE1000-NW-X-054: The board did not respond to the initialization command.

Source:
NE1000-NW.LAN
Action:
See message 054: The board did not respond to the initialization command.
on page 763
NE1000-NW Messages 301
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NE1000-NW-X-066-Adapter 1: The cable might be disconnected on the board.

Source:
NE1000-NW.LAN
Action:
See message 066-Adapter 1: The cable might be disconnected on the board.

on page 764
NE1000-NW-X-067: The group bit in the node address override was cleared.
Source:
NE1000-NW.LAN
Action:
See message 067: The group bit in the node address override was cleared.
on page 764
NE1000-NW-X-068: The local bit in the node address override was set.
Source:
NE1000-NW.LAN
Action:
See message 068: The local bit in the node address override was set. on page
764
NE1000-NW-X-071: The matching virtual adapter could not be found.

Source:
NE1000-NW.LAN
Action:
See message 071: The matching virtual adapter could not be found. on page
764
NE1000-NW-X-072: A resource tag is unavailable.

Source:
NE1000-NW.LAN
Action:
See message 072: A resource tag is unavailable. on page 764
NE1000-NW-X-073: Unable to allocate memory.

Source:
NE1000-NW.LAN
Action:
See message 073: Unable to allocate memory. on page 765
NE1000-NW-X-074: The hardware interrupt cannot be set.

Source:
NE1000-NW.LAN
Action:
See message 074: The hardware interrupt cannot be set. on page 765
302 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NE1000-NW-X-075: The MLID cannot be registered with the LSL.

Source:
NE1000-NW.LAN
Action:
See message 075: The MLID cannot be registered with the LSL. on page
765
NE1000-NW-X-076: The polling procedure cannot be added.

Source:
NE1000-NW.LAN
Action:
See message 076: The polling procedure cannot be added. on page 765
NE1000-NW-X-077: The event notification routine cannot be registered.

Source:
NE1000-NW.LAN
Action:
See message 077: The event notification routine cannot be registered. on

page 766
NE1000-NW-X-079: The MLID did not initialize MSMTxFreeCount.

Source:
NE1000-NW.LAN
Action:
See message 079: The MLID did not initialize MSMTxFreeCount. on page
766
NE1000-NW-X-086: The driver parameter block is too small.

Source:
NE1000-NW.LAN
Action:
See message 086: The driver parameter block is too small. on page 766
NE1000-NW-X-087: The media parameter block is too small.

Source:
NE1000-NW.LAN
Action:
See message 087: The media parameter block is too small. on page 766
NE1000-NW-X-091: The hardware configuration conflicts.

Source:
NE1000-NW.LAN
Action:
See message 091: The hardware configuration conflicts. on page 766
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NE1000-NW-X-092: Cannot schedule AES without an HSM routine.

Source:
NE1000-NW.LAN
Action:
See message 092: Cannot schedule AES without an HSM routine. on page
767
NE1000-NW-X-093: Cannot schedule interrupt time call back without an HSM routine.
Source:
NE1000-NW.LAN
Action:
See message 093: Cannot schedule interrupt time call back without an HSM
routine. on page 767
NE1000-NW-X-094: Cannot set hardware interrupt without an HSM routine.

Source:
NE1000-NW.LAN
Action:
See message 094: Cannot set hardware interrupt without an HSM routine.
on page 767
NE1000-NW-X-095: Cannot add polling without an HSM routine.

Source:
NE1000-NW.LAN
Action:
See message 095: Cannot add polling without an HSM routine. on page 767
NE1000-NW-X-200-Adapter 1: The board's DMA did not complete the write.

Source:
NE1000-NW.LAN
Action:
See message 200-Adapter 1: The board's DMA did not complete the write.
on page 767
304 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NE2-NW Messages
NE2-NW-X-025: You cannot load MSM31X on a NetWare 3.10 server.
Source:
NE2-NW.LAN
Action:
page 761
NE2-NW-X-026: On a NetWare 3.11 server, you must load LSLENH.NLM before you
load MSM31X.NLM.
Source:
NE2-NW.LAN
Action:
NE2-NW-X-050: The board cannot be found.

Source:
NE2-NW.LAN
Action:
See message 050: The board cannot be found. on page 762
NE2-NW-X-051: Board RAM failed the memory test.

Source:
NE2-NW.LAN
Action:
NE2-NW Messages 305
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NE2-NW-X-054: The board did not respond to the initialization command.

Source:
NE2-NW.LAN
Action:
on page 763
NE2-NW-X-066-Adapter 1: The cable might be disconnected on the board.

Source:
NE2-NW.LAN
Action:

on page 764
NE2-NW-X-067: The group bit in the node address override was cleared.
Source:
NE2-NW.LAN
Action:
on page 764
NE2-NW-X-068: The local bit in the node address override was set.
Source:
NE2-NW.LAN
Action:
764
NE2-NW-X-071: The matching virtual adapter could not be found.

Source:
NE2-NW.LAN
Action:
764
NE2-NW-X-072: A resource tag is unavailable.

Source:
NE2-NW.LAN
Action:
NE2-NW-X-073: Unable to allocate memory.

Source:
NE2-NW.LAN
Action:
306 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
NE2-NW-X-074: The hardware interrupt cannot be set.

Source:
NE2-NW.LAN
Action:
NE2-NW-X-075: The MLID cannot be registered with the LSL.

Source:
NE2-NW.LAN
Action:
765
NE2-NW-X-076: The polling procedure cannot be added.

Source:
NE2-NW.LAN
Action:
NE2-NW-X-077: The event notification routine cannot be registered.

Source:
NE2-NW.LAN
Action:

page 766
NE2-NW-X-079: The MLID did not initialize MSMTxFreeCount.

Source:
NE2-NW.LAN
Action:
766
NE2-NW-X-086: The driver parameter block is too small.

Source:
NE2-NW.LAN
Action:
NE2-NW-X-087: The media parameter block is too small.

Source:
NE2-NW.LAN
Action:
NE2-NW Messages 307
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NE2-NW-X-091: The hardware configuration conflicts.

Source:
NE2-NW.LAN
Action:
NE2-NW-X-092: Cannot schedule AES without an HSM routine.

Source:
NE2-NW.LAN
Action:
767
NE2-NW-X-093: Cannot schedule interrupt time call back without an HSM routine.
Source:
NE2-NW.LAN
Action:
NE2-NW-X-094: Cannot set hardware interrupt without an HSM routine.

Source:
NE2-NW.LAN
Action:
on page 767
NE2-NW-X-095: Cannot add polling without an HSM routine.

Source:
NE2-NW.LAN
Action:
NE2-NW-X-200-Adapter 1: The board's DMA did not complete the write.

Source:
NE2-NW.LAN
Action:
on page 767
308 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NE2000-NW Messages
025: You cannot load MSM31X on a NetWare 3.10 server.
Source:
NE2000-NW.LAN
Action:
page 761
026: On a NetWare 3.11 server, you must load LSLENH.NLM before you load
MSM31X.NLM.
Source:
NE2000-NW.LAN
Action:
050: The board cannot be found.

Source:
NE2000-NW.LAN
Action:
051: Board RAM failed the memory test.

Source:
NE2000-NW.LAN
Action:
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
054: The board did not respond to the initialization command.

Source:
NE2000-NW.LAN
Action:
on page 763
066-Adapter 1: The cable might be disconnected on the board.

Source:
NE2000-NW.LAN
Action:

on page 764
067: The group bit in the node address override was cleared.
Source:
NE2000-NW.LAN
Action:
on page 764
068: The local bit in the node address override was set.
Source:
NE2000-NW.LAN
Action:
764
071: The matching virtual adapter could not be found.

Source:
NE2000-NW.LAN
Action:
764
072: A resource tag is unavailable.

Source:
NE2000-NW.LAN
Action:
073: Unable to allocate memory.

Source:
NE2000-NW.LAN
Action:
310 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
074: The hardware interrupt cannot be set.

Source:
NE2000-NW.LAN
Action:
075: The MLID cannot be registered with the LSL.

Source:
NE2000-NW.LAN
Action:
765
076: The polling procedure cannot be added.

Source:
NE2000-NW.LAN
Action:
077: The event notification routine cannot be registered.

Source:
NE2000-NW.LAN
Action:

page 766
079: The MLID did not initialize MSMTxFreeCount.

Source:
NE2000-NW.LAN
Action:
766
086: The driver parameter block is too small.

Source:
NE2000-NW.LAN
Action:
087: The media parameter block is too small.

Source:
NE2000-NW.LAN
Action:
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
091: The hardware configuration conflicts.

Source:
NE2000-NW.LAN
Action:
092: Cannot schedule AES without an HSM routine.

Source:
NE2000-NW.LAN
Action:
767
093: Cannot schedule interrupt time call back without an HSM routine.
Source:
NE2000-NW.LAN
Action:
094: Cannot set hardware interrupt without an HSM routine.

Source:
NE2000-NW.LAN
Action:
on page 767
095: Cannot add polling without an HSM routine.

Source:
NE2000-NW.LAN
Action:
200-Adapter 1: The board's DMA did not complete the write.

Source:
NE2000-NW.LAN
Action:
on page 767
223: The board must be placed in a 16-bit slot.

Source:
NE2000-NW.LAN
Action:
See message 223: The board must be placed in a 16-bit slot. on page 768
312 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
224: This board is configured as an NE1000.

Source:
NE2000-NW.LAN
Action:
See message 224: This board is configured as an NE1000. on page 768
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
314 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
NE3200-NW Messages
025: You cannot load MSM31X on a NetWare 3.10 server.
Source:
NE3200-NW.LAN
Action:
page 761
026: On a NetWare 3.11 server, you must load LSLENH.NLM before you load
MSM31X.NLM.
Source:
NE3200-NW.LAN
Action:
050: The board cannot be found.

Source:
NE3200-NW.LAN
Action:
051: Board RAM failed the memory test.

Source:
NE3200-NW.LAN
Action:
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
067: The group bit in the node address override was cleared.
Source:
NE3200-NW.LAN
Action:
on page 764
068: The local bit in the node address override was set.
Source:
NE3200-NW.LAN
Action:
764
070: The board has failed.

Source:
Possible Cause:
Action:
NE3200-NW.LAN
Firmware was downloaded to the network board, but the network board did
not accept commands.
network board.
071: The matching virtual adapter could not be found.

Source:
NE3200-NW.LAN
Action:
764
072: A resource tag is unavailable.

Source:
NE3200-NW.LAN
Action:
073: Unable to allocate memory.

Source:
NE3200-NW.LAN
Action:
074: The hardware interrupt cannot be set.

Source:
NE3200-NW.LAN
Action:
316 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
075: The MLID cannot be registered with the LSL.

Source:
NE3200-NW.LAN
Action:
765
076: The polling procedure cannot be added.

Source:
NE3200-NW.LAN
Action:
077: The event notification routine cannot be registered.

Source:
NE3200-NW.LAN
Action:

page 766
078: The firmware file cannot be read.

Source:
Possible Cause:
Action:
NE3200-NW.LAN
NetWare could not read from the .LAN file on the disk from which it was
loaded.
Check for hardware problems with the disk from which the LAN driver was
loaded.
079: The MLID did not initialize MSMTxFreeCount.

Source:
NE3200-NW.LAN
Action:
766
086: The driver parameter block is too small.

Source:
NE3200-NW.LAN
Action:
087: The media parameter block is too small.

Source:
NE3200-NW.LAN
Action:
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
091: The hardware configuration conflicts.

Source:
NE3200-NW.LAN
Action:
092: Cannot schedule AES without an HSM routine.

Source:
NE3200-NW.LAN
Action:
767
093: Cannot schedule interrupt time call back without an HSM routine.
Source:
NE3200-NW.LAN
Action:
094: Cannot set hardware interrupt without an HSM routine.

Source:
NE3200-NW.LAN
Action:
on page 767
095: Cannot add polling without an HSM routine.

Source:
NE3200-NW.LAN
Action:
236: No RCBs are available for the board to initialize.

Source:
Possible Cause:
Action:
NE3200-NW.LAN
The computer could not initially allocate Receive Control Blocks for this
network board
Set the minimum packet receive buffers (in STARTUP.NCF) to a higher
number.
237: The firmware cannot be initialized.

Source:
Possible Cause:
NE3200-NW.LAN
The network board did not inform the host that it was alive after it was reset.
318 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
Action:
99a
38
July 17, 2001
network board.
238: The firmware cannot be started.

Source:
Possible Cause:
Action:
NE3200-NW.LAN
The network board passed the self-test after being reset, but it did not
download the firmware
Make sure the network board is in a bus-master compatible slot. You may need
to replace the board.
241: The board's ROM has checksum errors.

Source:
Possible Cause:
Action:
NE3200-NW.LAN
The network board failed the self-test. A ROM checksum error occurred.
network board.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
320 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
NIT Messages
The following includes messages from NIT.NLM.
NIT-X-001: NIT failed to allocate an internal memory resource tag. There may not be
enough server memory, or server memory may be corrupted.
Source:
Possible Cause:
Action:
NIT.NLM
A call to AllocateResourceTag() failed. The nitlnlm program cannot load at
this time due to memory constraints.
NIT Messages 321
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
322 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
NLMLIB Messages
The following includes messages from NLMLIB.NLM.
NLMLib-X-013: RegisterTrackedResource() for Service Advertising failed,
rc=number. An internal system error has occurred. There may not be enough server
Source:
NLMLIB.NLM
Explanation:
A call to RegisterTrackedResource() failed. The NLMLIB.NLM program

cannot load at this time due to memory constraints.
Action:
NLMLib-X-015: RegisterTrackedResource() for Remote Server Sessions failed,

rc=number. An internal system error has occurred. There may not be enough server
Source:
NLMLIB.NLM
Explanation:
A call to RegisterTrackedResource() failed. The NLMLIB.NLM program

cannot load at this time due to memory constraints.
Action:
NLMLib-X-022: An error occurred loading the NLM with the /P option. There was
insufficient server memory available.
Source:
Explanation:
Action:
NLMLIB.NLM
A call to Alloc() failed. The NLMLIB.NLM program cannot load at this time
due to memory constraints.
NLMLIB Messages 323
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NLMLib-X-023: An invalid namespace was specified using the /N option. Only the
namespace strings DOS, MAC, NFS, FTAM and OS2 are valid.
Source:
Explanation:
Action:
NLMLIB.NLM
You specified an invalid namespace with the /N option.
Try again, using valid namespace syntax. If the problem persists, contact the
vendor of this NLM program or contact a NetWare support provider.
NLMLib-X-024: Login using the /S option loading the NLM failed: rc = number. An
incorrect username or password may have been used in the login process.
Source:
Explanation:
Action:
NLMLIB.NLM
This message might appear because an incorrect username or password was
used. This error also might appear because of a hardware, cabling, or
insufficient memory problem.
Try the login again, making sure the username and password are valid. Check
the hardware and cabling.
If the error occurs due to a memory problem on the server, increase the
memory available to the server. See Freeing Server Memory Temporarily in
If the problem persists, contact the vendor of this NLM program or contact a
NetWare support provider.
NLMLib-X-026: Select() overflow detected.

Source:
Explanation:
Action:
NLMLIB.NLM
NetWare detected a potential overflow but averted it.
This message is for information only.
324 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
NLSLSP Messages
The following includes messages from NLSLSP.NLM.
NLSLSP.NLM: DUPLICATE LICENSE: license certificate name
Source:
Explanation:
Action:
NLSLSP.NLM
The licensing service detected that a license certificate is installed more than
once.
Remove one or more duplicate license certificates.
NLSLSP.NLM: EVAL LICENSE INSTALLED TWICE. Remove license certificate name

Source:
Possible Cause:
Action:
NLSLSP.NLM
You attempted to install an evaluation license certificate more than once.
Get a new evaluation license certificate.
NLSLSP.NLM: Unable to write license info to NDS. Please check partition partition
synchronization status.
Source:
Explanation:
Possible Cause:
Action:
NLSLSP.NLM
NLS detected an accumulation of unsynchronized data on the license
certificates.
The partition containing the license certificate is not synchronizing properly.
Fix eDirectory synchronization.
NLSLSP Messages 325
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
No licensing system is available. Please install a license service provider.

Source:
Possible Cause:
Action:
Possible Cause:
Action:
Possible Cause:
Action:
Possible Cause:
Action:
NLSLSP.NLM
NLSLSP.NLM is not loaded.
Load NLSLSP.NLM.
eDirectory is not open.
Load DS.NLM. Run DSREPAIR.NLM to make sure that the eDirectory
database is open.
NLSLSP.NLM cannot find the NLS_LSP_servername object in the
eDirectory tree.
Run SETUPNLS.NLM.
The schema is not extended.
Run SETUPNLS.NLM.
Novell Licensing Services (NLSLSP.NLM): Out of memory

Source:
Possible Cause:
NLSLSP.NLM
The operating system failed.
Action:
Reboot the server.
Action:
Add additional memory.
Novell Licensing Services (NLSLSP.NLM): Unable to load Btrieve. Transaction

logging is not operational.
Source:
Explanation:
Possible Cause:
Action:
Possible Cause:
Action:
NLSLSP.NLM
Btrieve could not be loaded to support transaction logging.
Btrieve is not configured properly.
Verify Btrieve configuration.
Loaded network protocols do not support Btrieve.
Load a protocol that supports Btrieve.
Novell Licensing Services (NLSLSP.NLM): Unable to register for events.

Source:
Possible Cause:
NLSLSP.NLM
The operating system failed.
326 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
Action:
Possible Cause:
Action:
99a
38
July 17, 2001
Verify that the operating system is functioning properly.

eDirectory is not functioning properly.
Verify that eDirectory is functioning properly.
Novell Licensing Services (NLSLSP.NLM): An older NLS schema extension has been
detected. If you have not converted your old licensing data, you may do so by running
SETUPNLS.NLM
Source:
Explanation:
Possible Cause:
Action:
NLSLSP.NLM
NLS detected an older schema definition.
A previous version of NLS is installed in the eDirectory tree.
Run SETUPNLS.NLM to convert data and delete the older schema.
Novell Licensing Services (NLSLSP.NLM): The schema has not been extended for
NLS. Please run SETUPNLS.NLM.
Source:
Explanation:
Possible Cause:
Action:
Possible Cause:
Action:
NLSLSP.NLM
The NLS schema extension is not detected.
The schema is not installed.
Run SETUPNLS.NLM.
Novell Licensing Services (NLSLSP.NLM): Unable to verify schema because Directory

Services is not operational at this moment. NLSLSP.NLM will attempt to verify the
schema when the next licensing request is received.
Source:
NLSLSP.NLM
Action:
Novell Licensing Services (NLSLSP.NLM): An older LSP object is associated with this
server. Please run SETUPNLS.NLM.
Source:
Explanation:
Action:
NLSLSP.NLM
NLS detected an NLS_LSP_servername object from an earlier version of
NLS.
Run SETUPNLS.NLM to convert the NLS_LSP_servername object to the
newer version.
NLSLSP Messages 327
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Novell Licensing Services (NLSLSP.NLM): No LSP object is associated with this

server. Please run SETUPNLS.NLM.
Source:
Explanation:
Possible Cause:
Action:
Possible Cause:
Action:
NLSLSP.NLM
NLS is unable to find an NLS_LSP_servername object for the server running
NLSLSP.NLM.
An NLS_LSP_servername object has not been created in the eDirectory tree.
Run SETUPNLS.NLM.
Novell Licensing Services (NLSLSP.NLM): Unable to create/open database file

filename. Error is number. Transaction logging is disabled.
Source:
Possible Cause:
Action:
NLSLSP.NLM
Btrieve is not running or is not working properly.
Verify that Btrieve is loaded and functioning.
Novell Licensing Services (NLSLSP.NLM): EVAL LICENSE HAS BEEN INSTALLED

MORE THAN ONCE. Please remove the following: license certificate name
Source:
Possible Cause:
Action:
NLSLSP.NLM

ONCE ALREADY. Please remove.
Source:
Possible Cause:
Action:
NLSLSP.NLM

ONCE ALREADY.
Source:
Possible Cause:
Action:
NLSLSP.NLM
328 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
Novell Licensing Services (NLSLSP.NLM): DUPLICATE LICENSE FOUND. Please

remove one of the following: license certificate name
Source:
Explanation:
Action:
NLSLSP.NLM
The licensing service detected that a license certificate has been installed more
than once.
Remove one or more duplicate license certificates.
Novell Licensing Services (NLSLSP.NLM): License container data has been

corrupted.
Source:
Possible Cause:
Action:
Possible Cause:
NLSLSP.NLM
NLSLSP.NLM is not functioning properly.
Run NLSTRACE.NLM.
There is a problem with eDirectory.
Action:
Action:
Delete the License Container object and reinstall the license certificates.
WARNING: If you delete the license container, you will lose trending information
concerning license usage.
Some resource, such as memory, could not be obtained. Try rerunning the
application.
Source:
Explanation:
Action:
NLSLSP.NLM
The licensing service failed to get a resource to service a request.
Make sure that the server has enough memory.
The license system has recaptured the licensing units because of a delayed update.
Please rerun the application.
Source:
Explanation:
Possible Cause:
NLSLSP.NLM
The licensing service was unable to verify that the license unit was in use.
Updates did not happen in time to prevent NLS from releasing the license unit.
NLSLSP Messages 329
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
The network is not available for use. Please load the NetWare shell and connect to a
server running the licensing service.
Source:
Explanation:
Action:
NLSLSP.NLM
Licensing clients could not find a server running NLS.
Connect to a server that is running NLSLSP.NLM and retry the operation.
330 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

This section describes the system messages of the various components of
Novell Native File Access for UNIX.
Setting the log file
Source:
Possible Cause:
Action:
MakeNIS
The directory specified when creating the log file might be incorrect.
Check for the validity of the directory path you specified.
Required parameters are missing

Source:
Explanation:
Possible Cause:
Action:
MakeNIS
The domain name is mandatory.
The user has not specified the required parameters.
Enter all the mandatory parameters.
Domain name is missing

Source:
Possible Cause:
Action:
MakeNIS
The user has not specified the domain name.
Enter the domain name.
No make data for map

Source:
Possible Cause:
Action:
MakeNIS
There is no data corresponding to the map in the makefile.
Enter the record corresponding to the map.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
331
Manual
99a
38
July 17, 2001
File is older than corresponding map

Source:
Possible Cause:
Action:
MakeNIS
The text file used for making this map is older than the map that exists on
eDirectory.
Change the time stamp on the text file by saving it again.
Object with same domain name already exists

Source:
Possible Cause:
Action:
MakeNIS
An eDirectory error occurred while adding the specified object.
Check whether the object already exists.
Unable to add users to group objects

Source:
Explanation:
MakeNIS
Users are already present.
Unable to get the host name or IP address of the machine

Source:
Possible Cause:
Action:
MakeNIS
The configuration files containing the host data are not correct.
Check the configuration file.
Opening configuration file

Source:
Possible Cause:
Action:
NIS Installation
Either the file is not present in the specified location or the input is illegal.
Check for the existence of the specified file or the validity of the input.
Reading configuration file

Source:
Possible Cause:
Action:
NIS Installation
It is not the correct configuration file.
332 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
Getting default host names

Source:
Possible Cause:
Action:
NIS Installation
Unable to get the DNS name of the current host.
Check whether entries in relevant configuration files are correct.
Updating the configuration file

Source:
Possible Cause:
Action:
NIS Installation
Either the configuration file is not present or it is corrupted.
Internal error with refresh watchdog

Source:
Possible Cause:
NIS Services
The refresh thread of the NIS Server is failing.
Action:
Unload the NISSERV.NLM and load it again.
Source:
NIS Services
RPC error
Possible Cause:
Action:
There was an error on the RPC client call to NIS Server.

Internal error
Source:
Possible Cause:
Action:
NIS Services
Failure to allocate memory for the domain list of the NIS Server.
Resource failure
Source:
Possible Cause:
Action:
NIS Services
An NIS Server internal error occurred while allocating memory for its internal
structure.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
333
Manual
99a
38
July 17, 2001
Unable to allocate space for domain index list

Source:
Possible Cause:
Action:
NIS Services
Failure to allocate memory for the domain list of NIS Server.
Unable to respond to RPC request

Source:
Possible Cause:
Action:
NIS Services
Failure in sending the RPC response back to the client because of the
PKERNAL.NLM.
Repeat the client call.
Unable to determine current server language

Source:
Possible Cause:
Action:
NFS Server
The language of the server is not set.
Set the language for the NetWare server.
Root not mapped to any user

Source:
Possible Cause:
Action:
NFS Server
No NetWare user has UNIX UID set to zero.
Make sure the schema is extended and the UNIX UID of the Superuser
(admin) is set to zero.
Failed to register with PKERNEL

Source:
Possible Cause:
Action:
NFS Server
NFS Server registration with Portmapper failed.
Unload PKERNEL and load it again.
SVC_REGISTER failed for program, version

Source:
NFS Server
Source:
Product Kernel.
Possible Cause:
Action:
The RPC module cannot register the RPC service program.

Ensure that the program and version number are already registered.
334 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
RPC/UDP receive queues are full, packet dropped

Source:
Possible Cause:
NFS Server
Too many UDP packets have been received and have exceeded the UDP
receive queues capacity in the RPC module. Some UDP packets might be
lost. This could be caused by an increase of activities such as a RPC broadcast
storm.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
335
Manual
336 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
99a
38
July 17, 2001
Manual
99a
38
July 17, 2001
NSS Messages
The following error messages apply to Novell Storage ServicesTM (NSS).
NSS-X-70: Unknown failure during ownership assignment.
Source:
Possible Cause:
Action:
NSS.NLM
An internal error has occurred.
Retry the operation. If the problem persists, contact your Novell support
provider.

Source:
Possible Cause:
Action:
NSS.NLM
provider.

Source:
Possible Cause:
Action:
NSS.NLM
provider.

Source:
Possible Cause:
Action:
NSS.NLM
provider.
NSS Messages 337
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001

Source:
Possible Cause:
Action:
NSS.NLM
provider.

Source:
Possible Cause:
Action:
NSS.NLM
provider.
NSS-X-402: The module name name is already in use.

Source:
Explanation:
Possible Cause:
Action:
NSS.NLM
There is a registration problem with an NSS module.
A module might be corrupted.
Install a new set of NSS NetWare Loadable ModuleTM (NLM) programs. Retry
the operation. If the problem persists, contact your Novell support provider.
NSS-X-628: NSS unable to destroy VOLUME VERIFY process, pid=error code.

Source:
Explanation:
Possible Cause:
Action:
COMN.NSS
NSS tried to clean up some internal processes and could not remove a process.
Contact your Novell support provider.
NSS-X-629: Could not Flush Volume, Can't Verify/Repair.

Source:
Explanation:
Possible Cause:
Action:
COMN.NSS
NSS could not flush caches out to disk.
338 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NSS-X-665: Could not find DOS namespace while renaming deleted files to
DELETED.SAV.
Source:
Explanation:
Possible Cause:
Action:
COMN.NSS
NSS could not find the namespace for a DOS file during purge.
This message is for informational purposes only.
NSS-X-820: Error mounting volume_name, status=error code.

Source:
Explanation:
Possible Cause:
Action:
NWSA.NSS
The NSS volume you specified cannot be mounted.
provider.
NSS-X-821: Error mounting volume_name, status=error code.

Source:
Explanation:
Possible Cause:
Action:
NWSA.NSS
The NSS volume you specified cannot be mounted.
provider.
NSS-X-1405: Error creating Maintenance process, no memory.

Source:
Explanation:
Action:
ZLSS.NSS
There is not enough memory to finish the rebuild process.
Shut down other processes. Retry the operation.
NSS-X-1407: Error, Maintenance command not supported.

Source:
Explanation:
Action:
ZLSS.NSS
Reload NSS. Retry the operation. If the problem persists, contact your Novell
support provider.
NSS Messages 339
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NSS-X-1408: Error adding a purge log Entry, possibly due to MEDIA Errors.
Source:
Explanation:
ZLSS.NSS
An entry could not be added to the purge log file.
Possible Cause:
The hard disk might be full.
Possible Cause:
You might have a bad sector on your hard disk.
Action:
Check your hard disk. Retry the operation. If the problem persists, contact
your Novell support provider.
NSS-X-1429: Unable to initialize authentication information on the root directory of

the volume volume_name, status=error code.
Source:
Explanation:
Possible Cause:
Action:
ZLSS.NSS
NSS tried to create an NSS volume.
provider.
NSS-X-1437: Failed to queue a Read Request at volume block: volume_number file

block: file_number on Volume volume_name.
Source:
Explanation:
Possible Cause:
Action:
ZLSS.NSS
NSS temporarily has no resources available, such as memory.
Retry the operation. If this is a write error, you may have to mount the volume.
If this is a read error, you do not have to mount the volume. If the problem
persists, contact your Novell support provider.
NSS-X-1438: Failed to queue a Read Request at volume block: volume_number file

block: file_number on Volume volume_name.
Source:
Explanation:
Possible Cause:
Action:
ZLSS.NSS
NSS temporarily has no resources available, such as memory.
Retry the operation. If this is a write error, you may have to mount the volume.
If this is a read error, you do not have to mount the volume. If the problem
persists, contact your Novell support provider.
340 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NSS-X-1450: Error reading Volume Data Block error code, status=error code.
Source:
Explanation:
Possible Cause:
Action:
ZLSS.NSS
NSS tried to read an NSS volume.
Check the status message and retry the operation. If the problem persists,
contact your Novell support provider.
NSS-X-1456: ZLSS Object Storage Consumer has failed to Unregister.

Source:
Explanation:
Possible Cause:
Action:
ZLSS.NSS
An NSS consumer could not unregister.
NSS-X-2001: Error getting value of Set Parameter: Auto Restart After Abend.
Source:
Possible Cause:
DOSFAT.NSS
DOSFAT cannot get the server's settable parameter or failed to register the
event with the server.
Action:
Do not load DOSFAT.
Action:
Set Auto Reset After Abend to 0.
NSS-X-2002: Error registering for EVENT_SET_PARAMETER_CHANGED.

Source:
Possible Cause:
DOSFAT.NSS
DOSFAT cannot get the server's settable parameter or failed to register the
event with the server.
Action:
Do not load DOSFAT.
Action:
Set Auto Reset After Abend to 0.
NSS-X-2201: Consumer Failed to accept a Storage Deposit ID.

Source:
Explanation:
Action:
ZLSS.NSS
support provider.
NSS Messages 341
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NSS-X-2208: Unable to add deposit to Storage Bank.

Source:
Explanation:
Action:
ZLSS.NSS
support provider.
NSS-X-2209: Unable to locate deposit to remove from the Storage Bank.

Source:
Explanation:
Action:
ZLSS.NSS
support provider.
NSS-X-2401: Consumer Failed to accept a Storage Deposit ID.

Source:
Explanation:
Action:
ZLSS.NSS
support provider.
342 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
NWCONFIG Messages
The following includes messages from NWCONFIG.NLM.
NWCONFIG-X-1: An attempt to access NWCONFIG messages failed. It is likely that
the message or help files (NWCONFIG.MSG or NWCONFIG.HLP) are out-of-date,
missing, or corrupted.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG.NLM cannot read its message file.
Make sure that the server language is set to 4 (English) for the built-in
messages, or to a different number to correspond to both of the following:
The NWCONFIG.MSG file and NWCONFIG.HLP are in the boot
directory (where server.exe is found)
The corresponding SYS:SYSTEM\NLS\X directory on the server
NWCONFIG-X-2: An attempt to add an option to a menu failed.

Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG was unable to build a menu on the screen. The server might not
have enough available memory.
NWCONFIG Messages 343
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-3: Fatal error: The installation cannot complete successfully. An

attempt to allocate memory failed. You must add (or reconfigure) memory and restart
the installation.
Source:
Explanation:
Action:
NWCONFIG.NLM
Memory is insufficient for NWCONFIG to run.
NWCONFIG-X-4: The disk partition table could not be read.

Source:
NWCONFIG.NLM
Explanation:
NWCONFIG was unable to read the disk partition information from the hard
disk.
Action:
Make sure the disk is visible from DOS. If it is visible, try to read the partition
table with FDISK. If FDISK cannot see the disk, then the disk might be faulty.
If FDISK can see the disk but this error still appears, contact a Novell support
provider.
NWCONFIG-X-5: No information about device number could be obtained.

Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG was unable to read or write the disk partition table on device
number.
NWCONFIG-X-6: No disk partitions are defined on this drive.

Source:
Explanation:
NWCONFIG.NLM
This informational message indicates that the designated disk drive does not
contain a partition table. The server is probably using a new disk that has never
been formatted or partitioned before NWCONFIG will create a partition table.
NWCONFIG-X-7: An attempt to write out partition information failed. Error code: code.
Source:
Explanation:
Action:
NWCONFIG.NLM
While writing the partition information to the disk drive, the operating system
reported an error to NWCONFIG.
344 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
NWCONFIG-X-8: An attempt to add a field to a form failed.

Source:
Explanation:
Possible Cause:
Action:
NWCONFIG.NLM
NWCONFIG was unable to complete an operation to build a screen
presentation.
Memory is insufficient at the server.
NWCONFIG-X-9: An attempt to write out partition table information failed. Error code:
code.
Source:
Explanation:
Action:
NWCONFIG.NLM
While writing the partition information to the disk drive, the operating system
reported an error from NWCONFIG.
information on the specific error code, search the Error Codes online
index.htm).
NWCONFIG-X-10: The block allocation size does not match that of another volume
with the same name.
Source:
NWCONFIG.NLM
Explanation:
NWCONFIG found two volume segments with the same name, but the block
sizes of the two do not match. Two volumes on the same server cannot have
the same name.
Action:
Bring the disks that contain these volumes online one at a time, rather than at
the same time. If one of the volumes is old and no longer needed, delete it to
avoid the problem in the future.
NWCONFIG-X-11: The number of segments in the volume does not match the number
in another volume with the same name.
Source:
Explanation:
NWCONFIG.NLM
NWCONFIG found two volumes with the same name, but the number of
segments in the two do not match. Two volumes on the same server cannot
have the same name.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
Action:
99a
38
July 17, 2001
avoid the problem in the future.
NWCONFIG-X-12: The volume flags do not match those of another volume with the
same name.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG found two volume segments with the same name, but the
volume flags of the two do not match.
avoid the problem in the future. Two volumes on the same server cannot have
the same name.
NWCONFIG-X-13: The total volume size does not match that of another volume with
the same name.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG found two volume segments with the same name, but the
volume sizes of the two do not match.
the same name.
NWCONFIG-X-14: The first block of FAT table 0 of the volume does not match that of
another volume with the same name.
Source:
NWCONFIG.NLM
Explanation:
NWCONFIG found two volumes with the same name, but the FAT tables of
the two do not match.
Action:
the same name.
346 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-15: The first block of FAT table 1 of the volume does not match that of
another volume with the same name.
Source:
NWCONFIG.NLM
Explanation:
NWCONFIG found two volumes with the same name, but the FAT tables of
the two do not match.
Action:
the same name.
NWCONFIG-X-16: The first block of Directory table 0 does not match that of another
volume with the same name.
Source:
NWCONFIG.NLM
Explanation:
NWCONFIG found two volumes with the same name, but the Directory tables
of the two do not match.
Action:
the same name.
NWCONFIG-X-17: The first block of Directory table 1 does not match that of another
volume with the same name.
Source:
NWCONFIG.NLM
Explanation:
NWCONFIG found two volumes with the same name, but the Directory tables
of the two do not match.
Action:
the same name.
NWCONFIG-X-18: A volume was found whose name could not be determined.

Source:
Explanation:
Action:
NWCONFIG.NLM
An invalid volume has been found. This volume has become corrupted.
Delete the volume and, if necessary, restore it from backups. If the problem
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-19: Volume name name must be at least two characters long.

Source:
Explanation:
Action:
NWCONFIG.NLM
A volume name was entered which was shorter than two characters.
Enter a name at least two characters long.
NWCONFIG-X-20: A volume was found with an invalid volume block size of number
KB.
Source:
NWCONFIG.NLM
Explanation:
Action:
Delete the volume. If the data is required, restore it from backups. If the
NWCONFIG-X-21: A volume was found with an invalid number of volume segments

(number). Check to be sure all disk drivers are configured properly.
Source:
NWCONFIG.NLM
Explanation:
Action:
NWCONFIG-X-22: A volume was found with an invalid volume segment position

number of number segments. Check to be sure all disk drivers are configured
properly.
Source:
NWCONFIG.NLM
Explanation:
Action:
NWCONFIG-X-23: A volume was found with an invalid starting sector offset of

number on a drive of size number sectors. Check to be sure all disk drivers are
Source:
NWCONFIG.NLM
Explanation:
Action:
348 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-24: A volume was found with an invalid starting sector offset of

number. Check to be sure all disk drivers are configured properly.
Source:
NWCONFIG.NLM
Explanation:
Action:
NWCONFIG-X-25: A volume was found with an invalid segment length of number

starting at number on a drive of size number. Check to be sure all disk drivers are
Source:
NWCONFIG.NLM
Explanation:
Action:
NWCONFIG-X-26: A volume was found with an invalid FAT table 0, with a starting
block of number out of number total blocks. Check to be sure all disk drivers are
Source:
Explanation:
Action:
NWCONFIG.NLM
Make sure disk drivers are configured correctly. Run VREPAIR. If these
efforts fail, delete the volume. If the data is required, restore it from backups.
NWCONFIG-X-27: A volume was found with an invalid FAT table 1 starting block of
number on a volume of number blocks. Check to be sure all disk drivers are
Source:
Explanation:
Action:
NWCONFIG.NLM
An invalid Traditional volume has been found. This volume has become
corrupted.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-28: A volume was found with an invalid directory table 0 starting block
of number on a volume of number blocks. Check to be sure all disk drivers are
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-29: A volume was found with an invalid directory table 1 starting block
of number on a volume of number blocks. Check to be sure all disk drivers are
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-30: A volume definition was found with a reserved area that is not filled
with zero data. Check to be sure all disk drivers are configured properly.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-31: Due to a memory allocation problem, the volume definitions were

not updated on the disk.
Source:
Explanation:
Action:
NWCONFIG.NLM
There is insufficient memory to accomplish the desired update.
Temporarily in the Server Operating System Administration Guide. Then try
the operation again.
350 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-32: Volume information could not be written because NWCONFIG was

unable to lock disk label.
Source:
NWCONFIG.NLM
Explanation:
The disk is probably being used by another process. A mounted volume might
be using it.
Action:
Wait to see if the process releases the device, then retry the action. If there is
a disk device error, unload NLM programs (except device drivers) that might
be using the disk. Then dismount volumes from the disk. If these efforts fail,
try loading MONITOR, deleting all user connections, and disabling logins.
NWCONFIG-X-33: An error occurred (error code: code) while writing to disk label
sector number.
Source:
Explanation:
Action:
NWCONFIG.NLM
The disk could not be written to. The driver or disk might not be configured
correctly, or a hardware failure might have occurred.
index.htm).
NWCONFIG-X-34: An attempt to expand the mounted volume tables failed. Error

code: code.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG could not write to the disk or allocate memory to expand the
volume FAT and directory tables.
index.htm).
NWCONFIG-X-35: The program could not allocate memory for the volume FAT table.
Source:
Explanation:
Action:
NWCONFIG.NLM
There is insufficient memory to accomplish the desired operation.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-36: The program could not find a free block during FAT block
allocation.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-37: Function FreeFATTable() was called when no FAT table was

allocated.
Source:
Explanation:
Action:
NWCONFIG.NLM
An internal system error has probably occurred.
NWCONFIG-X-38: The program could not lock disk label in order to read volume
information.
Source:
Explanation:
Action:
NWCONFIG.NLM
The disk probably is being used by another process.
NWCONFIG-X-39: An error occurred (error code: code) while reading from disk label,
NetWare disk partition sector number. Error information: description
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG could not read from the disk.
index.htm).
NWCONFIG-X-40: The program could not read the primary FAT entry from a volume.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG could not read from the volume.
See Resolving Volume I/O Errors in the Traditional File Services
352 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
NWCONFIG-X-41: The program could not read the mirror FAT entry from a volume.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG could not read from the volume.
NWCONFIG-X-42: An error occurred while writing name FAT block sequence number.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG could not write to the volume.
NWCONFIG-X-43: The program could not find a free block to which to redirect the FAT
block.
Source:
Explanation:
Action:
NWCONFIG.NLM
The volume might be full or the drive parameters might not be set up correctly.
This message could also indicate a bug in the program.
If possible, try specifying a larger volume size. Also check the drive
parameters. If the problem persists, contact a Novell support provider.
44: End of file was encountered unexpectedly in the FAT file, FAT chain, sequence
number number.
Source:
Explanation:
Action:
NWCONFIG.NLM
45: The program could not find a free block during file system directory block
allocation.
Source:
Explanation:
Action:
NWCONFIG.NLM
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-46: The program could not allocate memory for the file system
directory table.
Source:
Explanation:
Action:
NWCONFIG.NLM
There is insufficient memory to accomplish the desired operation.
NWCONFIG-X-47: An error occurred while writing name file system directory block
sequence number.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG could not write to the volume. This could indicate an internal
system error.
Administration Guide..
NWCONFIG-X-48: The program could not find a free block to redirect the file system
directory block to.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-49: End of file was encountered unexpectedly in the system directory

file, FAT chain at sequence number.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-50: An attempt to read a primary file system directory entry failed.

Source:
NWCONFIG.NLM
Explanation:
An error occurred when the program attempted to read a volume.
Action:

354 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-51: An attempt to read a mirror file system directory entry failed.

Source:
NWCONFIG.NLM
Explanation:
An error occurred when the program attempted to read a volume.
Action:

NWCONFIG-X-52: A file creation error occurred.

Source:
NWCONFIG.NLM
Explanation:
NWCONFIG could not write to a DOS or NetWare disk. If it is a diskette, it

might be bad, write protected, or not inserted correctly. If it is a hard disk, the
proper disk driver might not be loaded, the cabling might not be correct, or the
drive parameters might be set incorrectly.
Action:
Make sure that there is a writable disk. Then check for the possible
explanations listed above. See Resolving Volume I/O Errors in the Traditional
File Services Administration Guide. If the problem persists, contact a Novell
support provider.
NWCONFIG-X-53: An invalid NetWare file path was found in a configuration file record
for the PRODUCTS.DAT file.
Source:
Explanation:
Action:
NWCONFIG.NLM
The SYS:SYSTEM\PRODUCTS.DAT file is corrupted.
Run VREPAIR. If this does not work, delete the corrupted file and reinstall
PRODUCTS.DAT. If the problem persists, contact a Novell support provider.
NWCONFIG-X-54: An attempt to read a file failed.

Source:
NWCONFIG.NLM
Explanation:
NWCONFIG could not read from a DOS or NetWare disk. If it is a diskette,

it might be bad, might not be inserted correctly, or might not contain the
desired file. If it is a hard disk, the proper disk driver might not be loaded, the
cabling might not be correct, or the drive parameters might be set incorrectly.
Action:
Make sure that there is a readable disk. Then check for the possible
support provider.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-55: An attempt to write out the file failed.

Source:
NWCONFIG.NLM
Explanation:
NWCONFIG could not write to a DOS or NetWare disk. If it is a diskette, it

might be bad, write protected, or not inserted correctly. If it is a hard disk, the
proper disk driver might not be loaded, the cabling might not be correct, or the
drive parameters might be set incorrectly.
Action:
Make sure that there is a writable disk. Then check for the possible
support provider.
NWCONFIG-X-56: Fixed-point number representation number is incorrect. The

number must be a single integer or two integers separated by a decimal point.
Source:
Explanation:
Action:
NWCONFIG.NLM
The number entered was not a valid number.
Enter a number of the format 1.2, 3.0, and so forth.
NWCONFIG-X-57: Multiple system volumes exist.

Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG found multiple instances of the system volume (SYS:). This is
probably caused by two physical disks, each containing a SYS: volume.
Because a given server might have only one SYS: volume, take one of the
physical disks offline.
NWCONFIG-X-58: An unclaimed disk segment exists on logical partition number,

starting sector number, size number sectors, name name, type type, flags flags.
Source:
Explanation:
Action:
NWCONFIG.NLM
356 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
NWCONFIG-X-59: A system volume could not be created.

Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG could not write to the disk. The proper disk driver might not be
loaded, the cabling might be not correct, or the drive parameters might be set
incorrectly.
See Disk Errors in the Server Operating System Administration Guide..
NWCONFIG-X-60: Volume name was not found in volume list.

Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG could not read the disk. The proper disk driver might not be
loaded, the cabling might be not correct, or the drive parameters might be set
incorrectly.
NWCONFIG-X-61: An invalid pointer to a segment of existing volume name was

encountered.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-62: The program could not create a new menu or form.

Source:
Explanation:
Action:
NWCONFIG.NLM
This error is probably caused by insufficient memory.
NWCONFIG-X-64: An attempt to display information failed; error code: code. Either

memory could not be allocated or the text does not fit on the screen.
Source:
Explanation:
Action:
NWCONFIG.NLM
An internal system error has occurred. Either the server does not have enough
memory, or the text does not fit on the screen.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
index.htm).
NWCONFIG-X-66: An attempt to find a non-conflicting volume name for free space
failed.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-67: The program was unable to read partition information for logical
partition number.
Source:
Explanation:
Action:
NWCONFIG.NLM
The disk is either offline or it is damaged so that the data has been corrupted.
Restore the data from backup after rebuilding the disk partitions.
NWCONFIG-X-70: Logical partition number, segment number, is not contiguous;

there is an overlap of number sectors.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-71: A new segment does not align correctly with free space. Logical
partition number, new segment offset number, size number (sectors), old segment
type number, offset number, size number.
Source:
Explanation:
Action:
NWCONFIG.NLM
358 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
NWCONFIG-X-73: Two segments with volume name name were found having different
block shift factors (number and number).
Source:
Explanation:
Action:
NWCONFIG.NLM
Two volumes with the same name exist, but their block sizes differ.
the same name.
NWCONFIG-X-74: A resource tag could not be allocated.

Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-75: Error number was returned by the AppendMultiEditText() function.

Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-76: Error number was returned by the MultiEditText function.

Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-77: An invalid parameter was passed to a function at address address.

Source:
Explanation:
Action:
NWCONFIG.NLM
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-78: An attempt to access DOS on this computer was unsuccessful.

Source:
Explanation:
Action:
NWCONFIG.NLM
DOS probably has been removed from this server.
Try bringing up the server without removing DOS. If the problem persists,
NWCONFIG-X-79: File Name contains an incomprehensible version number

(number). The version number should be number.
Source:
Explanation:
Action:
NWCONFIG.NLM
The file is corrupted.
Obtain a new copy of the file.
NWCONFIG-X-80: The program cannot get information about the number of devices
available.
Source:
Explanation:
Action:
NWCONFIG.NLM
The proper disk driver might not be loaded, the cabling might not be correct,
or the drive parameters might be set incorrectly.
NWCONFIG-X-81: The program's attempt to evaluate the driver dependency tree

failed because of an internal error.
Source:
Explanation:
Action:
NWCONFIG.NLM
Get an updated driver or description file. If the problem persists, contact a
NWCONFIG-X-82: The program cannot read the root directory entry.

Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG could not read from the disk. The proper disk driver might not
be loaded, the cabling might not be correct, or the drive parameters might be
set incorrectly.
360 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
NWCONFIG-X-83: The program cannot make a new NUT client.

Source:
Explanation:
Action:
NWCONFIG.NLM
This error message is probably the result of insufficient memory.
NWCONFIG-X-84: Volume name has multiple segments with different optimization

flags (number and number).
Source:
Explanation:
Action:
NWCONFIG.NLM
Two volumes with the same name exist, but their optimization flags are
different.
the same name.
NWCONFIG-X-85: Volume name has multiple segments with different Novell

eDirectory object ID's (number and number).
Source:
Explanation:
Action:
NWCONFIG.NLM
Two volumes with the same name exist, but their object IDs are different.
the same name.
NWCONFIG-X-86: The program cannot get conflict information. Error code: code
Source:
Explanation:
Action:
NWCONFIG.NLM
Try again. If the problem persists, contact a Novell support provider. For
information on the specific error code, search the Error Codes online
index.htm).
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-87: Warning: The disk cannot be locked because it is currently being

used by another process. A mounted volume may be using it. The partition table
cannot be modified at this time.
Source:
Explanation:
Action:
NWCONFIG.NLM
The disk cannot be locked because it is currently being used by another
process. A mounted volume might be using it.
NWCONFIG-X-94: Overlapping disk segments were detected while free segments

were being added.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-95: Abend: The GetVolumeNumber function was called with an

unmounted volume.
Source:
Explanation:
Action:
NWCONFIG.NLM
An internal system error has occurred. The installation process has terminated
prematurely, and NWCONFIG will be unloaded.
NWCONFIG-X-96: Abend: The program attempted to access FAT entry number, but
the highest FAT entry is number.
Source:
Explanation:
Action:
NWCONFIG.NLM
362 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-97: Abend: File block sequence number was not found in the FAT chain
starting at entry number.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-98: Abend: Block number number is invalid for volume name.

Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-99: Abend: An incorrect sequence number was encountered in the FAT

block while a bad block was being redirected.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-100: Abend: The program attempted to assign a FAT block to an

unreachable block.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-101: Abend: An error occurred in the FAT entry sequence of the last
primary FAT block.
Source:
Explanation:
Action:
NWCONFIG.NLM
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-102: Abend: An error occurred in the in FAT entry sequence of last

mirror FAT block.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-103: Abend: The previous volume segment could not be found.

Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG could not read from the disk. The proper disk driver might not
be loaded, the cabling might not be correct, or the drive parameters might be
set incorrectly.
NWCONFIG-X-104: Abend: An invalid volume segment was found in the disk segment
list.
Source:
Explanation:
Action:
NWCONFIG.NLM
Either part of a volume is missing, or the volume segment is corrupted. The
remainder of the volume might be offline.
NWCONFIG-X-106: The operation aborted because CLIB.NLM could not be loaded.

Source:
NWCONFIG.NLM
Explanation:
CLIB.NLM could not be loaded. This could be caused by insufficient memory

or conflicts with exported functions.
Action:
The system console screen should indicate the cause of CLIB not being
loaded. Examine this screen to determine the necessary steps for resolving the
conflict. If the problem is due to insufficient memory, increase the memory
available to the server. See Freeing Server Memory Temporarily in the Server
Operating System Administration Guide. If the problem persists, contact a
364 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
NWCONFIG-X-107: The operation aborted because BTRIEVE.NLM could not be

loaded.
Source:
Explanation:
Action:
NWCONFIG.NLM
BTRIEVE.NLM could not be loaded. This could be caused by insufficient
memory or conflicts with exported functions.
The system console screen should indicate the cause of Btrieve not being
loaded. Examine this screen to determine the necessary steps for resolving the
conflict. If the problem is due to insufficient memory, increase the memory
Operating System Administration Guide. If the problem persists, contact a
NWCONFIG-X-108: The operation aborted because the

SYS:SYSTEM\PRODUCTS.DAT file could not be accessed.
Source:
Explanation:
Action:
NWCONFIG.NLM
To install products, the above file must be accessible.
Make sure volume SYS: is mounted. (Switch to the console screen and enter
volumes.) If it is, restore the PRODUCTS.DAT file from backup or from
some other source; then retry the action. If the problem persists, contact a
NWCONFIG-X-109: BTRIEVE error number occurred while function number was

being executed.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG received an error from Btrieve.
Look up the error in a Btrieve manual and take appropriate action, or contact
NWCONFIG-X-110: This product has no configuration options.

Source:
Explanation:
Action:
NWCONFIG.NLM
There are no options for configuration.
Pressing Enter is not a supported action for this product. Try reinstalling the
product and configure it differently. If the problem persists, contact a Novell
support provider.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-111: This product cannot be removed.

Source:
Explanation:
Action:
NWCONFIG.NLM
The nature of the product prevents it from being removed.
Do not try to remove this product.
NWCONFIG-X-113: File name cannot be written to. One of the following problems may
exist: (1) The target disk is full. (2) The disk is write-protected.
Source:
NWCONFIG.NLM
Action:
Insert a disk with more free space on it. If the disk is write-protected, remove
the write protection.
NWCONFIG-X-114: File name cannot be created. One of the following problems may
exist: (1) The disk is full. (2) The disk is write-protected. (3) The path specification is
invalid.
Source:
NWCONFIG.NLM
Action:
Insert a disk with more free space on it. If the disk is write-protected, remove
the write protection, or specify a different path.
NWCONFIG-X-115: The operation aborted because BTRIEVE.NLM could not be

accessed.
Source:
Explanation:
Action:
NWCONFIG.NLM
Although BTRIEVE.NLM is loaded, Btrieve could not be accessed. The
installation process has terminated prematurely, and NWCONFIG will be
unloaded.
Make sure that the version of BTRIEVE.NLM is compatible with the NetWare
version of NWCONFIG. Unload and reload BTRIEVE.NLM to see if the
problem persists. If the problem persists, contact a Novell support provider.
NWCONFIG-X-116: Warning: The volume will be deleted and all its contents lost if you
indicate Yes in the Confirm box that follows this message.
Source:
Explanation:
Action:
NWCONFIG.NLM
As indicated, this is a warning message.
Select Yes only to delete the volume.
366 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-117: A memory corruption problem has occurred. Program operation

cannot continue.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-118: An attempt to free unallocated memory has failed. Program

operation cannot continue.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-121: The Wait message is too large to be displayed.

Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-124: Warning: The disk partition cannot be locked because it is

currently being used by another process. A mounted volume may be using it. The
partition cannot be modified at this time.
Source:
NWCONFIG.NLM
Action:
NWCONFIG-X-126: The option failed.

Source:
Explanation:
Action:
NWCONFIG.NLM
This is an internal error probably caused by insufficient memory.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-127: The NetWare Loadable Module name could not be loaded.

Source:
Explanation:
Action:
NWCONFIG.NLM
The reason the NLM could not be loaded will be displayed on the system
console screen.
Take action depending upon the message displayed on the system console
screen. If memory could not be allocated, increase the memory available to the
server. See Freeing Server Memory Temporarily in the Server Operating
NWCONFIG-X-128: The program cannot get a process resource tag.

Source:
Explanation:
Action:
NWCONFIG.NLM
This error probably is caused by insufficient memory.
NWCONFIG-X-129: The program cannot get a non-movable memory resource tag.

Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-130: The program cannot get an Alloc resource tag.

Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-131: The program cannot get resource tags.

Source:
Explanation:
Action:
NWCONFIG.NLM
368 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
NWCONFIG-X-132: The program cannot get a screen resource tag.

Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-133: The program cannot get a timer resource tag.

Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-134: The program cannot get an AES resource tag.

Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-135: The program cannot get an IPX Socket resource tag.

Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-136: The program cannot get memory for the installation stack.
Source:
Explanation:
Action:
NWCONFIG.NLM
The server does not have enough memory to complete the installation process.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-137: The program cannot get an event resource tag.

Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-138: The program cannot open a screen.

Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-139: A partition table does not exist on this drive. If you continue and
create a disk partition, the table will be created for you.
Source:
Explanation:
Action:
NWCONFIG.NLM
The installation program does not see a partition table on the drive.
If this is a new drive, or if there is no disk partition on the drive, continue with
the installation. If there is a disk partition and you want to preserve the data on
the drive, indicate No in the box that follows.
NWCONFIG-X-140: This device is not writable.

Source:
NWCONFIG.NLM
Explanation:
The partition table on a read-only device cannot be created nor deleted. The
information on the device cannot be changed.
Action:
No action is necessary, unless you want to create or delete the partition table
on a device that is writable.
NWCONFIG-X-141: No partitions can be viewed on a tape device.

Source:
Explanation:
Action:
NWCONFIG.NLM
Tape devices do not have a partition table.
No action is possible.
370 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
NWCONFIG-X-142: No NetWare partitions are on this CD-ROM device.

Source:
Explanation:
Action:
NWCONFIG.NLM
A CD-ROM device does not have a NetWare disk partition.
The installation program will not show the disk partition table of a CD-ROM
device which has no NetWare partition. Select a different device.
NWCONFIG-X-144: File name cannot be unpacked. Error: description.

Source:
Explanation:
Action:
NWCONFIG.NLM
This error could result from inadequate disk space, from I/O errors, or from
file corruption.
Do one or both of the following:
Get a new distribution diskette, if available.
NWCONFIG-X-145: Four disk partitions are already on this drive.

Source:
Explanation:
Action:
NWCONFIG.NLM
A partition table was designed to have only four entries. You are trying to
define a fifth entry in the partition table.
Determine which three disk partitions are the most important and delete all
others. Retry the action.
NWCONFIG-X-146: No NetWare disk partitions (post-NetWare 286 partitions) are on

this drive. Create one before continuing.
Source:
Explanation:
Action:
NWCONFIG.NLM
The user is trying to edit a partition table that does not contain a NetWare 3.x
or NetWare 4.x disk partition.
Use ConsoleOne to create a partition.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-147: A NetWare disk partition already exists on this drive.

Source:
Explanation:
Action:
NWCONFIG.NLM
A physical disk drive can only have one NetWare partition. This message
appears when attempting to create a NetWare disk partition on a disk that
already has one.
If a new NetWare disk partition must be created, delete the existing NetWare
disk partition. This destroys the data on the current NetWare disk partition.
NWCONFIG-X-148: No free space is available on this drive for a NetWare disk

partition.
Source:
Explanation:
Action:
NWCONFIG.NLM
Either there are no free areas on the disk, or the free areas are too small to be
of any benefit.
Get another disk, or delete one of the existing partitions.
NWCONFIG-X-149: The NetWare disk partition could not be located. The selected
action cannot be completed.
Source:
Explanation:
Action:
NWCONFIG.NLM
The NetWare disk partition was not created correctly.
NWCONFIG-X-150: Warning: No valid entries for volume name were found on disk.
Source:
Explanation:
Action:
NWCONFIG.NLM
Volume name was not found.
Make sure the volume exists and is mounted. Make sure the disk is functioning
correctly; see Disk Errors in the Server Operating System Administration
Guide.
NWCONFIG-X-151: Warning: More than one sync entry exists for volume name.
Source:
Explanation:
Action:
NWCONFIG.NLM
Multiple disk devices are online that contain volumes with the same name.
the same name.
372 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
154: No accessible drives have NetWare partitions. Proceeding to locate NSS

volumes.
Source:
Explanation:
Action:
NWCONFIG.NLM
The installation program cannot find a NetWare disk partition.
If no disk partitions have been created, make one.
156: Volume name already exists. Try another name.

Source:
Explanation:
Action:
NWCONFIG.NLM
A volume name was entered that is already defined on the server.
Use a unique volume name.
NWCONFIG-X-157: Volume name cannot be created.

Source:
Explanation:
Action:
NWCONFIG.NLM
An error probably occurred while allocating memory, or an error occurred
while accessing the disk.
NWCONFIG-X-158: The segment link cannot be located.

Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-159: Warning: Volume name has multiple sync entries. It cannot be

deleted at this time.
Source:
NWCONFIG.NLM
Explanation:
Multiple disk devices are online that contain volumes with the name shown in
the message.
Action:
the same name.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-160: Warning: Adjacent disk segments do not line up.

Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-161: Volume name is currently mounted and cannot be deleted.

Source:
Explanation:
Action:
NWCONFIG.NLM
A volume must be unmounted before it can be deleted.
Dismount the volume; then delete the volume.
NWCONFIG-X-163: A volume must be dismounted before its name can be changed.

Source:
NWCONFIG.NLM
Action:
Dismount the volume; then rename it.
NWCONFIG-X-164: No available NetWare disk partitions are compatible with the

selected drive.
Source:
Explanation:
Action:
NWCONFIG.NLM
No disk partitions were found of suitable size to be mirrored with the selected
disk partition (drive).
Mirroring requires at least two disks that contain disk partitions of the same
size. You might have to install an additional disk to mirror. If this is not the
problem, there might be a disk problem. See Disk Errors in the Server
NWCONFIG-X-165: Warning: The selected NetWare partition contains NetWare

volume information. To complete the selected operation, delete the volume
information.
Source:
NWCONFIG.NLM
Action:
Delete all volumes on the NetWare disk partition before deleting the disk
partition.
374 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-166: THIS NETWARE DISK PARTITION IS CURRENTLY MIRRORED with

other NetWare partitions. You may now choose to remove this partition; however it is
recommended that you first unmirror this partition.
Source:
NWCONFIG.NLM
Action:
Unmirror the NetWare disk partition.
NWCONFIG-X-168: The maximum number of NetWare disk partitions (8) has already
been assigned to this mirrored partition group.
Source:
NWCONFIG.NLM
Action:
Do not try to mirror more than eight disks.
NWCONFIG-X-169: The mirror group contains an unavailable disk partition which

must be removed from the group before any other partitions can be removed.
Source:
Explanation:
Action:
NWCONFIG.NLM
A disk partition in the mirrored group cannot be accessed because it is not
synchronized.
To resynchronize the unsynchronized disk partition, press F3. You might have
to delete the unreachable, unsynchronized drive from the mirror set.
NWCONFIG-X-170: Out-of-sync disk partitions in the group must be removed before

you can proceed.
Source:
Explanation:
Action:
NWCONFIG.NLM
One or more disk partitions are not synchronized. Installation cannot proceed.
Remove the unsynchronized disk partitions.
NWCONFIG-X-171: Volume SYS: must be mounted before you can proceed.

Source:
Explanation:
Action:
NWCONFIG.NLM
Installation cannot be performed until volume SYS: is mounted.
Mount the SYS: volume.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-172: The selected disk cannot be tested at this time. Insufficient

memory is available to begin another test.
Source:
Explanation:
Action:
NWCONFIG.NLM
Either a previous test is being conducted on the disk, or the server does not
have enough memory.
Wait until a previous test is completed. If necessary, increase the memory
NWCONFIG-X-174: The drive is not currently being tested.

Source:
Explanation:
Action:
NWCONFIG.NLM
You tried to stop a test that was not being conducted.
Make sure that the correct drive is selected.
NWCONFIG-X-175: Disk surface testing is currently being done. If you leave

NWCONFIG, the testing will be terminated.
Source:
Explanation:
Action:
NWCONFIG.NLM
You tried to leave NWCONFIG during a surface test.
Wait until surface testing is completed.
NWCONFIG-X-176: Hot Fix is not currently installed on the selected disk. Hot Fix
needs to be installed for this function.
Source:
NWCONFIG.NLM
Explanation:
There is no Hot Fix redirection area on the NetWare partition, or there might
be no NetWare partition at all.
Action:
If there is no NetWare partition, create a NetWare partition from free space.

Be sure to specify a Hot Fix redirection area when you create the partition. If
there is a NetWare partition, but no Hot Fix redirection area, you can add a Hot
Fix redirection area, but you must delete the volumes on the partition. Back up
volume data to another device, delete the volumes, create the Hot Fix
redirection area, then re-create the volumes and restore the data.
376 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
NWCONFIG-X-178: Two volume segments with the same sync value have
mismatched data. message
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG found multiple instances of the same volume. This probably
occurred because two physical disks each contain a volume with the same
name.
Because each volume on a given server must have a unique name, take one of
the physical disks offline. You might have to delete one of the volumes and
then bring the disks online simultaneously.
NWCONFIG-X-179: Volume segment entry number on disk_description is invalid:

reason Check to be sure all disk drivers are loaded and configured properly.
Source:
Explanation:
Action:
NWCONFIG.NLM
A segment of a volume is corrupted.
See Disk Errors in the Server Operating System Administration Guide. You
might have to re-create the volume.
NWCONFIG-X-180: Warning: An overlapping segment entry was found starting at

sector number on name for volume name segment number. Check to be sure all disk
drivers are configured properly, and that multiple volumes do not have the same
name.
Source:
Explanation:
Action:
NWCONFIG.NLM
Disk data might be corrupted, or an internal error might have occurred.
See Disk Errors in the Server Operating System Administration Guide. If the
NWCONFIG-X-181: A mirror mismatch was detected for FAT block sequence number.
Source:
Explanation:
Action:
NWCONFIG.NLM
Errors have occurred in the volume structure.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-182: A FAT table length error has occurred on volume name. There
should be number FAT blocks, but the FAT table length is number blocks.
Source:
Explanation:
Action:
NWCONFIG.NLM
Errors have occurred in the volume structure.
NWCONFIG-X-183: The volume cannot be locked at this time because another

process is using it. Perhaps a surface test is being performed. The selected action
cannot be completed.
Source:
NWCONFIG.NLM
Action:
NWCONFIG-X-184: A mirror mismatch was detected for file system directory block
sequence number.
Source:
Explanation:
Action:
NWCONFIG.NLM
Errors have occurred in the file system.
NWCONFIG-X-185: Volume definition tables on disk_description are out of sync.

Source:
Explanation:
Action:
NWCONFIG.NLM
A disk corruption error has occurred.
NWCONFIG-X-186: Drive name is unusable.

Source:
Explanation:
Action:
NWCONFIG.NLM
Four attempts were made to read information on the drive and all failed.
378 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-187: Warning: The name of volume old_name was changed to both

new_name and second_new_name.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-188: Warning: The name of volume old_name was changed to

new_name and the name of volume old_name was changed to new_name.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-189: Warning: Volume name has multiple sync definitions. (Multiple

volumes have the same name.) All definitions except number have been discarded.
Source:
NWCONFIG.NLM
Explanation:
More than one volume was found with the same name. All definitions but one
were removed from memory. The volumes are still intact on disk.
Action:
NWCONFIG-X-190: Volume name has invalid segment number. This may be due to
multiple volumes having the same name, or one or more drivers not being loaded and
Source:
NWCONFIG.NLM
Explanation:
A volume segment was discovered that is either corrupted or is only a part of

a complete volume.
Action:
Make sure that all segments of the volume are online and drivers are
configured correctly. If this does not solve the problem, see Disk Errors in the
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-191: Two or more volume were found which have the same name.
(Volume name has multiple definitions for segment number.) This could be due to
formerly mirrored volumes being synchronized separately, then brought online
together. If this is the case, unload the drivers or take the server down, and then bring
the separate disks online one at a time. Rename the redundant volumes as they are
brought online, so that there is not a name conflict.
Source:
Explanation:
Action:
NWCONFIG.NLM
More than one volume was found with the same name.
NWCONFIG-X-192: Warning: Volume name is missing segment number. Check to be

sure all disk drivers are loaded and configured properly.
Source:
Explanation:
Action:
NWCONFIG.NLM
An incomplete volume has been discovered. A segment is missing.
Make sure that all segments of the volume are online. Make sure disk drivers
are configured correctly. Troubleshoot the disk. See Disk Errors in the Server
NWCONFIG-X-193: A volume segment mismatch has occurred. Volume name

segment number ends at block number, and segment number starts at block number.
Check to be sure all disk drivers are loaded and configured properly, and that multiple
volumes do not have the same name.
Source:
Explanation:
Action:
NWCONFIG.NLM
Volume segments were discovered that are inconsistent or corrupted.
Make sure that all segments of the volume are online, volume names are
unique, and all disk drivers are configured correctly. See Disk Errors in the
Server Operating System Administration Guide. You might have to delete and
re-create all volumes.
380 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
NWCONFIG-X-194: The first segment of volume name, segment number, does not
start at block 0. Check to be sure all disk drivers are loaded and configured properly,
and that multiple volumes do not have the same name.
Source:
Explanation:
Action:
NWCONFIG.NLM
An incomplete volume was discovered. One or more segments is missing.
Make sure that all segments of the volume are online, all volume names are
unique, and all sure disk drivers are configured correctly. See Disk Errors in
NWCONFIG-X-195: The last segment of volume name, segment number, ends at

block number instead of number. Check to be sure all disk drivers are loaded and
configured properly, and that multiple volumes do not have the same name.
Source:
Explanation:
Action:
NWCONFIG.NLM
A volume segment was discovered that is inconsistent or corrupted.
the Server Operating System Administration Guide. You might have to delete
and re-create all volumes.
NWCONFIG-X-196: The definition for volume name is invalid. Check to be sure all disk
drivers are loaded and configured properly, and that multiple volumes do not have the
same name.
Source:
Explanation:
Action:
NWCONFIG.NLM
A corrupted or incomplete volume was found.
the Server Operating System Administration Guide. You might have to delete
and re-create the volume.
NWCONFIG-X-197: Volume name was not found in the list of existing volumes.
Source:
Explanation:
Action:
NWCONFIG.NLM
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-198: The definition for sync (or instance) number of volume name was
removed.
Source:
NWCONFIG.NLM
Explanation:
Multiple volumes with the same name were found. One of them was discarded
from memory. The data is still intact on disk.
Action:
NWCONFIG-X-199: Volume name sync (or instance) number was not found in the
volume's sync list.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-200: Name change update for volume old_name to new_name is being

completed.
Source:
Explanation:
Action:
NWCONFIG.NLM
The volume name has been changed.
None. This message is for information only.
NWCONFIG-X-207: The name name is reserved and cannot be used for a volume.
Source:
Explanation:
Action:
NWCONFIG.NLM
A volume name was entered that is reserved and cannot be used. The names
currently reserved are PIPE and CON.
Choose a different name.
NWCONFIG-X-208: The volume definition table on name has invalid entries. Check to
be sure all disk drivers are loaded and configured properly.
Source:
Explanation:
Action:
NWCONFIG.NLM
The data on the disk is corrupted or unreadable.
A confirmation question will follow this message. Choosing to fix the volume
definition table will destroy the invalid entries. If you think that valid data
exists on the volumes in question, do not fix the table. See Disk Errors in the
382 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
NWCONFIG-X-209: The selected disk is no longer valid.

Source:
Explanation:
Action:
NWCONFIG.NLM
The installation program can no longer access the disk drive.
NWCONFIG-X-210: This volume is not currently mounted.

Source:
Explanation:
Action:
NWCONFIG.NLM
The program tried to access a volume that was not mounted.
Mount the volume and try again. You might have to mount the volume by
entering mount volume_name at the system console.
NWCONFIG-X-211: Volume name could not be mounted. Refer to the system console
screen for an error report.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG made a request to the operating system to mount the volume, but
the request failed for some reason.
See the console screen error message.
NWCONFIG-X-212: The volume is already mounted.

Source:
Explanation:
Action:
NWCONFIG.NLM
The user tried to mount a volume that is already mounted.
NWCONFIG-X-213: HotFix could not be installed on the drive. Error code: code.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG made a request to the operating system to create Hot Fix on the
drive, but the request failed.
index.htm).
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-214: Drive information could not be read.

Source:
NWCONFIG.NLM
Explanation:
An error occurred when the program attempted to read information from a

disk drive.
Explanation:
Make sure that the drive can be accessed. See Disk Errors in the Server
NWCONFIG-X-214: Hot Fix for the boot partition could not be installed on the drive.
Error code: code.
Source:
Explanation:
Action:
NWCONFIG.NLM
While writing out the Hot Fix information on the boot partition, the operating
system reported an error to NWCONFIG.
NWCONFIG-X-215: The drive could not be set up for mirroring.

Source:
Explanation:
Action:
NWCONFIG.NLM
An error occurred when the program attempted to write mirroring information
to a disk drive.
Make sure that the drive can be accessed, and that a NetWare disk partition
exists on it. See Disk Errors in the Server Operating System Administration
Guide.
NWCONFIG-X-216: You must unmirror the drive before it can be tested.

Source:
NWCONFIG.NLM
Action:
Unmirror the drive.
NWCONFIG-X-218: Warning: The selected disk partition may contain valuable data;
all data on the partition will be lost.
Source:
NWCONFIG.NLM
Explanation:
You made a request to delete a non-NetWare disk partition. This is simply a

warning message.
Action:
Make sure that you want to delete the disk partition before proceeding. The
data is lost if the partition is deleted.
384 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-220: The partition table on drive number appears to be invalid. It is

possible that you have not chosen the correct driver. If valid data does exist on this
drive, and you do not want it destroyed, indicate No in the Confirm box that follows
this message.
Warning: If you indicate Yes to recreating the partition table, all existing partitions
(DOS partitions, NetWare partitions, etc.) will be deleted and all existing disk data will
be lost.
Source:
Explanation:
Action:
NWCONFIG.NLM
The operating system has determined that the partition table is invalid and
cannot be recovered.
Follow the directions in the warning message. Answering Yes to the
confirmation question will create a new disk partition and destroy all data on
the old partition.
NWCONFIG-X-221: This disk partition is out of date with respect to other mirror
groups and must be resynchronized before it can be used.
Source:
Explanation:
Action:
NWCONFIG.NLM
The disk partition cannot be accessed because it is not synchronized.
Resynchronize the disk partition by using F3 in the mirror list.
NWCONFIG-X-225: This segment exists on disk. Its size cannot be modified unless
you delete and reassign it.
Source:
Explanation:
Action:
NWCONFIG.NLM
You are in the Volume Disk Segment List and are trying to edit the size or
name of a segment that is already assigned.
To rename a segment, go to the volume list and edit the volume parameters,
changing the volume name.
NWCONFIG-X-226: The system volume (SYS:) does not exist. Installation cannot be
completed without it.
Source:
Explanation:
Action:
NWCONFIG.NLM
System volume SYS: must be mounted before NWCONFIG.NLM can be
used.
Mount the SYS: volume.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-228: File name is out of date. (Its version numbers are number and
number, the expected values are number and number, respectively.) If you are
installing from diskette, insert a diskette containing an updated file; otherwise,
update the file and reinstall).
Source:
Explanation:
Action:
NWCONFIG.NLM
The specified installation script file is out of date.
Get a current version of the script file.
NWCONFIG-X-230: File copying was cancelled.

Source:
NWCONFIG.NLM
Explanation:
Copying from a diskette has been cancelled.
Action:
NWCONFIG-X-231: Free space cannot be deleted. Move the cursor to a valid volume
entry and then press Del.
Source:
Explanation:
Action:
NWCONFIG.NLM
The user attempted to delete space that is not assigned to an existing volume.
Only volume space can be deleted.
Follow the suggestions in the message.
NWCONFIG-X-232: An error occurred while parsing file name, line number, at or near
word or symbol word_or_character. Error description: description
Source:
Explanation:
Action:
NWCONFIG.NLM
A syntax error occurred in a script or description file.
If you are writing the script or description file, see the documentation. If not,
try again. If the problem persists, contact a Novell support provider.
NWCONFIG-X-233: File name was not found.

Source:
Explanation:
Action:
NWCONFIG.NLM
The specified file was not found during the copy phase.
386 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
NWCONFIG-X-234: The name volume_name already exists in the segments list.

Source:
Explanation:
Action:
NWCONFIG.NLM
The volume name that the segment is being assigned to already exists.
Choose a new name.
NWCONFIG-X-235: File name cannot be opened. Error: description.

Source:
Explanation:
Action:
NWCONFIG.NLM
This error could result from inadequate disk space on a NetWare volume or
from a corrupted diskette.
Administration Guide. If the error occurred while accessing a diskette, make
sure all files can be read from a workstation. If the problem persists, contact a
NWCONFIG-X-236: The maximum number of segments on this disk has been

reached. If you want to add a new segment, first delete another segment.
Source:
Explanation:
Action:
NWCONFIG.NLM
Only one NetWare disk partition can exist on a given disk, and only eight
segments can exist on a given disk partition. The disk already has eight
segments on it.
Delete a segment before creating a new one.
NWCONFIG-X-239: The disk (logical partition number) is locked and cannot be

accessed because another process is using it.
Source:
Explanation:
Action:
NWCONFIG.NLM
Another process or NLM is using the disk partition.
Wait to see if the process releases the device then retry the action. If there is a
disk device error, unload NLM programs (except device drivers) that might be
using the disk and dismount volumes from the disk. If these efforts fail, try
loading MONITOR, deleting all user connections, and disabling logins.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-240: Volume name cannot be locked because another process is using

it. Volume configuration cannot proceed.
Source:
Explanation:
Action:
NWCONFIG.NLM
Another process or NLM is using the volume.
Wait to see if the process releases the device then retry the action. If there is a
disk device error, unload NLM programs (except device drivers) that might be
using the disk and dismount volumes from the disk. If these efforts fail, try
loading MONITOR, deleting all user connections, and disabling logins.
NWCONFIG-X-242: File name cannot be read. Error: description.

Source:
Explanation:
Action:
NWCONFIG.NLM
This error could result from inadequate disk space or from other I/O errors.
Administration Guide. If the error occurred while accessing a diskette, make
sure all files can be read from a workstation. If not, contact a Novell support
provider.
NWCONFIG-X-243: The system volume is too small (number MB, number sectors). It
should be at least number MB (number sectors).
Source:
Explanation:
Action:
NWCONFIG.NLM
The SYS: volume created is less than 25 MB. It should be at least 25 MB.
If possible, make SYS: at least 25 MB. If this cannot be done, continue with
the installation.
NWCONFIG-X-244: The path you specified corresponds to a remote server and is not
supported.
Source:
Explanation:
Action:
NWCONFIG.NLM
You entered a remote server path. Remote paths are not supported.
Enter a local path.
388 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-245: An error occurred during parsing of file name on disk

disk_description, line number, at or near word or symbol name. Error description:
description
Source:
Explanation:
Action:
NWCONFIG.NLM
A syntax error was encountered while reading the above file.
If you are writing the script or description file, follow the specifications for
creating the file. If you are not creating the file, contact a Novell support
provider.
NWCONFIG-X-246: File name cannot be erased. Error: description.

Source:
Explanation:
Action:
NWCONFIG.NLM
This error could result from file I/O errors or from a diskette being writeprotected.
If a diskette is being accessed, make sure it is writable. See Resolving Volume
I/O Errors in the Traditional File Services Administration Guide.
NWCONFIG-X-247: NLM_name did not finish loading in the time allowed (number
seconds). Control will be switched to the system console screen, where you may
either see it finish or enter information to finish loading it.
Source:
Explanation:
Action:
NWCONFIG.NLM
The specified NLM did not load in the time allotted. The NLM might be
working properly and perhaps no error occurred.
To view the system console screen and determine whether an error occurred,
or to enter information, press Enter. If no error has occurred, proceed
normally.
NWCONFIG-X-248: NLM_name did not load. Control will be switched to the system
console screen, where you may see the error.
Source:
Explanation:
Action:
NWCONFIG.NLM
The specified NLM failed to load.
To view the system console screen and determine what error has occurred,
press Enter.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-249: NLM_name did not finish unloading in the time allowed (number
seconds). Control will be switched to the system console screen, where you may
either see it finish or enter information to finish loading it.
Source:
NWCONFIG.NLM
Explanation:
The specified NLM did not unload in the time allotted. You might have to
enter information to complete the unload process.
Action:
To view the system console screen and see if an error occurred, or to enter
information, press Enter. If no error has occurred, proceed normally.
NWCONFIG-X-250: NLM_name did not unload. Control will be switched to the system
console screen, where you may see the error.
Source:
Explanation:
Action:
NWCONFIG.NLM
The specified NLM failed to unload.
To view the system console screen and determine what error has occurred,
press Enter.
NWCONFIG-X-252: Directory directory_name cannot be created. Error: description.

Source:
Explanation:
Action:
NWCONFIG.NLM
The specified directory could not be created.
NWCONFIG-X-254: Directory name cannot be removed. Error: description.

Source:
Explanation:
Action:
NWCONFIG.NLM
The directory is in use or is not empty.
Make sure that the directory is empty before trying to remove it.
NWCONFIG-X-256: NetWare path path is invalid. Specify a fixed or diskette drive path.
Source:
Explanation:
Action:
NWCONFIG.NLM
NetWare paths cannot be used for this operation.
Specify a drive path for a diskette or fixed disk.
390 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
NWCONFIG-X-257: The volume label on this diskette (description) matches the

volume label of one of the installation diskettes. Change the volume label on the
diskette.
Source:
Explanation:
Action:
NWCONFIG.NLM
The volume label on your diskette is the same as a volume label on one of the
NetWare installation diskettes.
Change the volume label on your diskette.
NWCONFIG-X-258: This diskette cannot be written to.

Source:
Explanation:
Action:
NWCONFIG.NLM
The diskette is write-protected or defective.
Make the diskette writable or obtain a new diskette.
NWCONFIG-X-259: A file copy error occurred. Error: description.

Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-260: A write error occurred on file name. Error: description.

Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-261: An attempt to combine files into target file filename failed. Error:
description.
Source:
Explanation:
Action:
NWCONFIG.NLM
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-262: No installation file (*.IPS or PINSTALL.NLM) could be found at path

path.
Source:
NWCONFIG.NLM
Explanation:
The necessary product installation files are not locatable in the specified path.
Action:
Specify a new path that points to the directory containing PINSTALL.NLM or

a file with the extension IPS. If you are loading the file from a diskette, insert
the installation diskette containing this file.
NWCONFIG-X-263: Installation for the selected item has been aborted.

Source:
Explanation:
Action:
NWCONFIG.NLM
This alert is for information only.
None, unless you wish to begin product installation again.
NWCONFIG-X-264: Item name installation has been aborted.

Source:
Explanation:
Action:
NWCONFIG.NLM
None, unless you wish to begin product installation again.
NWCONFIG-X-265: Directory path path is invalid.

Source:
Explanation:
Action:
NWCONFIG.NLM
The path either does not exist or contains invalid characters.
Make sure that the path points to a valid directory and contains no invalid
characters.
NWCONFIG-X-266: Directory path path either is invalid or does not contain the
desired file (name). Press F3 (or F4 if applicable) and enter a different path.
Source:
Explanation:
Action:
NWCONFIG.NLM
The specified path does not exist, or does not contain the file, or contains
invalid characters.
Enter a valid path.
392 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
NWCONFIG-X-267: Directory path path either is invalid or does not contain the
desired file (name).
Source:
Explanation:
Action:
NWCONFIG.NLM
The specified path does not exist, does not contain the file, or contains invalid
characters.
Enter a valid path.
NWCONFIG-X-268: The specified directory path is invalid. Press F3 (or F4 if

applicable) and enter a new path.
Source:
Explanation:
Action:
NWCONFIG.NLM
The specified path either does not exist or contains invalid characters.
Enter a valid path.
NWCONFIG-X-269: The system volume (SYS:) either is not mounted or does not exist.
Source:
Explanation:
Action:
NWCONFIG.NLM
The SYS: volume is either not mounted or not visible to NWCONFIG.
Make sure that the volume is mounted, that all the necessary disk drivers are
loaded, and that the disk is powered on. See Resolving Volume I/O Errors in
the Traditional File Services Administration Guide..
NWCONFIG-X-270: The system volume (name:) is not mounted.

Source:
Explanation:
Action:
NWCONFIG.NLM
You cannot use NWCONFIG.NLM until you have mounted the system
volume.
Mount the volume. Do this at the system console by entering MOUNT
volume_name.
NWCONFIG-X-271: The limit (number) for the number of volumes that may be
mounted at one time has been reached on this server. Dismount another volume
before you mount this one.
Source:
NWCONFIG.NLM
Action:
Follow the suggestions in the message.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-272: One or more partitions on drive number are inconsistent with the
driver geometries (number heads, number sectors, and number cylinders) that
NetWare is using. You may continue and edit the partitions anyway, although this
inconsistency could create problems later on.
Source:
Explanation:
Action:
NWCONFIG.NLM
The size of the partition is not an even multiple of the number of heads,
sectors, and cylinders on the drive.
Although it is possible to continue with the editing, it would be better to recreate the offending partition consistent with the driver geometry that
NetWare is using.
NWCONFIG-X-273: Volume name name already exists. Choose a different name.

Source:
Explanation:
Action:
NWCONFIG.NLM
The volume name displayed in the message already exists.
Choose a different volume name.
NWCONFIG-X-274: Some disk partitions already exist. NWCONFIG will delete them
(including the files, user data, etc.) and create new ones if you confirm Yes in the box
that follows this message. Active (bootable) partitions, such as the DOS boot
partition, will not be deleted, even if you confirm Yes. WARNING: To preserve the data
in non-active partitions, confirm No.
Source:
Explanation:
Action:
NWCONFIG.NLM
Unless you specify otherwise, NWCONFIG will delete all nonbootable DOS
partitions and use the largest area of free space to create a NetWare disk
partition.
If you want the partitions deleted, confirm with Yes; otherwise respond No.
NWCONFIG-X-275: No ending signature (`DRIVER DESCRIPTION END') was found in

file name. The file was ignored.
Source:
Explanation:
Action:
NWCONFIG.NLM
The file is probably corrupted or out of date.
If you need this file, replace it with a version that is current and not corrupted.
394 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
NWCONFIG-X-277: Driver name is loaded multiple times (re-entrantly). All instances

of the driver will be unloaded if you confirm Yes in the menu following this message.
Source:
Explanation:
Action:
NWCONFIG.NLM
Unloading this driver might affect multiple devices that the driver controls.
For instance, a LAN driver might control multiple network boards, or a disk
driver might control multiple disks. If you unload the driver, all the devices
this driver controls will be unavailable to you.
Choose the appropriate action.
NWCONFIG-X-278: No disk driver files (*.DSK, *.HAM, *.CDM) were found.

Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG was unable to access a disk because no disk driver was found.
Copy the needed driver to the boot directory.
NWCONFIG-X-279: No LAN driver files (*.LAN) can be found. Volume SYS: may be
unmounted, or directory SYS:SYSTEM may not contain any driver files.
Source:
NWCONFIG.NLM
Explanation:
NWCONFIG was unable to find a LAN driver. If volume SYS: is mounted, it

contains no driver files.
Action:
If volume SYS: is not mounted, mount the volume and repeat the operation.
You might have to press Insert and install from a diskette.
NWCONFIG-X-280: The driver file (name) could not be found.

Source:
Explanation:
Action:
NWCONFIG.NLM
Either the driver is not present, or the driver name is not spelled correctly.
Specify a correct path to the driver, or specify the correct name of the driver.
NWCONFIG-X-282: Logical name name already exists.

Source:
NWCONFIG.NLM
Explanation:
The name already exists.
Action:
Specify a different name.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-283: The command line string for driver name was too long and could
not be generated.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG has a limited buffer for generating a command line to use when
loading driver files. The parameters you desire require a command line longer
than NWCONFIG can generate.
Load the driver from the system console, providing the parameters by hand.
NWCONFIG-X-284: A value must be entered for parameter name. Enter a value before
you load the driver.
Source:
Explanation:
NWCONFIG.NLM
The specified parameter requires a value as in the example below:
NET=01240000
Action:
Specify the proper value for the parameter.
NWCONFIG-X-285: Value value cannot be interpreted.

Source:
Explanation:
Action:
NWCONFIG.NLM
The specified value has no meaning to NWCONFIG.
Supply a valid value as indicated in the documentation for the indicated
product.
NWCONFIG-X-286: Value value is already in use. Choose another one.

Source:
Explanation:
Action:
NWCONFIG.NLM
The value specified is already in use.
Choose another value (for example, a different interrupt number).
NWCONFIG-X-287: Recoverable parameter dependency errors occurred with

parameter value. You may continue anyway.
Source:
Explanation:
Action:
NWCONFIG.NLM
The value you supplied for a parameter required another parameter that was
not supplied.
None. This message is for information only. NWCONFIG was able to recover
from the error.
396 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-288: A recoverable initialization problem occurred with parameter

value. You may continue anyway.
Source:
NWCONFIG.NLM
Explanation:
The value supplied for a parameter caused a problem, but NWCONFIG was
able to recover from the error.
Action:
None. This message is for information only. NWCONFIG was able to recover
from the error.
NWCONFIG-X-289: Value value is not in the list of acceptable values.

Source:
Explanation:
Action:
NWCONFIG.NLM
An invalid value was entered.
Enter an acceptable value.
NWCONFIG-X-290: Value value is not within the range specified for this parameter.
Source:
Explanation:
Action:
NWCONFIG.NLM
An invalid value was entered.
Enter an acceptable value.
NWCONFIG-X-293: Driver name did not unload correctly. Control will be switched to
the system console screen where you may see the error.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG was unable to determine the cause of the failure to unload.
Switch to the system console screen, where a message will be displayed by the
NetWare server indicating the reason the driver did not unload. Correct the
problem indicated by the server, and retry the operation.
NWCONFIG-X-297: Driver name was successfully unloaded. Press Enter to continue.

Source:
Explanation:
Action:
NWCONFIG.NLM
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-298: Driver name on line number has no FRAME=<frame name>

parameter. All new Ethernet drivers that have no frame specified will now default to
Ethernet 802.2 frame type, whereas they previously used 802.3. Specify a frame
parameter for this driver.
Source:
NWCONFIG.NLM
Action:
If you want a frame type different from the default, you will need to specify it
later.
NWCONFIG-X-300: The network number you entered is the IPX internal network
number of this server; it cannot be used to bind to IPX. Enter a different (unique)
number.
Source:
Explanation:
Action:
NWCONFIG.NLM
The network address and the internal network number cannot be the same
number.
If they are the same, change the internal network number of your server;
otherwise, enter the correct network address for this server.
NWCONFIG-X-301: No LAN drivers are loaded. LAN drivers must be loaded and
bound in order for NWCONFIG to communicate with other v4.x servers and install
Novell eDirectory as part of an existing eDirectory tree.
Source:
NWCONFIG.NLM
Explanation:
NWCONFIG could not communicate with any other servers because no LAN
drivers have been loaded.
Action:
If you want NWCONFIG to see other servers on your network, load and bind
an appropriate LAN driver; then retry the operation.
NWCONFIG-X-302: No volumes were found.

Source:
Explanation:
Action:
NWCONFIG.NLM
There are no known volumes on this server.
If you know that volumes exist on this server, make sure the correct disk driver
is loaded and all necessary disks are powered on and connected properly.
398 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
NWCONFIG-X-304: A physical device or partition in the set you selected is no longer

valid.
Source:
Explanation:
Action:
NWCONFIG.NLM
The device might have been powered off or in some other way made invisible
to NWCONFIG.
Correct the problem and retry the operation.
NWCONFIG-X-305: Driver name was successfully loaded but not bound to any
protocol stacks. Press Enter to continue.
Source:
NWCONFIG.NLM
Action:
To bind the driver to a protocol stack, switch to the system console screen and
use the BIND command.
NWCONFIG-X-306: Driver name could not be loaded because command file name
could not be created. Load this driver manually from the system console.
Source:
Explanation:
Action:
NWCONFIG.NLM
Normally, the program automatically creates this file with the command
parameters in it, and command parameters are read from this file. However,
the LOAD command you entered was too long (over 200 characters), so you
will have to enter the command manually.
Type LOAD driver_name parameters at the system console screen.
NWCONFIG-X-307: Driver name could not be loaded because command file name
could not be written. Load this driver manually from the system console.
Source:
NWCONFIG.NLM
Explanation:
Normally, the program automatically creates this file with the command
parameters in it, and command parameters are read from this file. However,
the LOAD command you entered was too long (over 200 characters), so you
will have to enter the command manually.
Action:
Enter LOAD driver_name parameters at the system console screen.
NWCONFIG-X-308: No disk driver files (*.DSK, *.HAM, *.CDM) were found at this path.
Source:
Explanation:
NWCONFIG.NLM
The indicated files were not found at this location.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
Action:
99a
38
July 17, 2001
If the path points to a diskette drive, make sure that you are using the correct
diskette and that you have inserted it properly into the diskette drive.
Otherwise, specify the correct path to locate these files.
NWCONFIG-X-309: No LAN driver files (*.LAN) were found at this path.

Source:
Explanation:
Action:
NWCONFIG.NLM
The indicated files were not found at this location.
If the path points to a diskette drive, make sure that you are using the correct
diskette and that you have inserted it properly into the diskette drive.
Otherwise, specify the correct path to locate these files.
NWCONFIG-X-310: File name could not be saved to name.

Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG was unable to rename the current version of the file to the save
name. A file of that name already exists in the destination, and it cannot be
replaced.
Delete the file you tried to replace; then save the file you want to move or
rename.
NWCONFIG-X-311: File name could not be copied (error: description). Either the
driver file is not in the path specified or the destination path path is invalid.
Source:
NWCONFIG.NLM
Action:
Make sure that the path contains valid characters, points to a valid directory,
and contains the proper files.
NWCONFIG-X-312: Driver name is currently not loaded.

Source:
NWCONFIG.NLM
Action:
Either load the driver or select another one, as appropriate.
NWCONFIG-X-313: No other volumes exist.

Source:
Explanation:
Action:
NWCONFIG.NLM
No other volumes were found.
If you know other volumes exist, make sure that the disk containing these
volumes is powered on and that the appropriate disk driver is loaded and
visible to the server.
400 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
NWCONFIG-X-314: The limit for maximum number of segments per volume (name)
has been reached for all volumes. This segment cannot be added to any of them.
Source:
Explanation:
Action:
NWCONFIG.NLM
You might create a new volume using this segment, but you might not add it
to any existing volume.
Proceed as appropriate for your situation.
NWCONFIG-X-315: Volume name may contain valuable data that will be lost if you
confirm Yes in the box that follows this message and you save volume changes when
you exit from the volumes list.
Source:
Explanation:
Action:
NWCONFIG.NLM
The volume will be deleted if you select Yes.
NWCONFIG-X-316: Existing data on ALL existing segments of volume name will be

destroyed if you indicate Yes in the Confirm box that follows this message and you
save volume changes when you exit from the (previous) volumes list.
Source:
Explanation:
Action:
NWCONFIG.NLM
The volume will be deleted if you select Yes.
NWCONFIG-X-317: Novell eDirectory tree name is not locatable. It may take a couple
of minutes for the tree to appear in this server's router tables. Wait and try again, or
select a different eDirectory tree.
Source:
Explanation:
Action:
NWCONFIG.NLM
To locate existing Novell eDirectory trees, NWCONFIG must query the
network. It cannot currently locate the specified tree. This information is
normally updated every minute.
Wait and try again, or select a new tree.
NWCONFIG-X-318: Warning: Some volumes are not mounted and will not be
upgraded to Novell eDirectory. You may mount and upgrade them later if you wish.
Source:
Explanation:
Action:
NWCONFIG.NLM
This warning simply indicates that unmounted volumes are not upgraded.
Upgrade volumes as appropriate to your situation.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-319: NWCONFIG cannot get the root directory entry for volume name.
Source:
Explanation:
Action:
NWCONFIG.NLM
The root directory (/) was not readable.
NWCONFIG-X-320: The bindery upgrade failed. Some of the bindery objects will have
to be created and/or trustee rights changed manually later using Novell eDirectory
workstation utilities.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG was unable to convert all of the bindery objects to Novell
eDirectory objects.
You will have to manually create any missing objects after the installation is
complete.
NWCONFIG-X-321: The Directory ID cannot be stamped on volume name.

Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-322: Driver name on line number of the AUTOEXEC.NCF file has no

`FRAME=<frame name>' parameter. All new Ethernet drivers that have no frame type
specified will now default to Ethernet 802.2 frame type, whereas they previously used
802.3. Write down the line number. You will be shown the AUTOEXEC.NCF file after
NWCONFIG is finished checking it, and you may then add a frame parameter for this
driver if it is an Ethernet driver.
Source:
Explanation:
Action:
NWCONFIG.NLM
This error can occur only when a manual installation is being attempted from
the command line. Both frame types are loaded automatically when loading a
driver with the NWCONFIG program.
402 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-323: This option invoked NLM name, which cannot be loaded remotely.
Install this product from the server console.
Source:
Explanation:
Action:
NWCONFIG.NLM
The product installation script for this product has tried to load an NLM.
However, NLM programs cannot be loaded remotely.
The existing product installation script will not work remotely. You will have
to install this product at the server console.
NWCONFIG-X-324: The context you specified is incomplete. Make sure you have
entered at least a company/organization name, or if you have entered the context
manually, make sure the leftmost context specification is O=<name> or OU=<name>.
Source:
Explanation:
Action:
NWCONFIG.NLM
A full directory context is required.
Enter the directory context again.
NWCONFIG-X-325: A password has not been entered for administrator object name.
You must enter a valid password to continue.
Source:
Explanation:
Action:
NWCONFIG.NLM
Other users can accidentally make significant changes to your Novell
eDirectory configuration if this user name is not assigned a password.
Enter an Administrator password.
NWCONFIG-X-326: Administrator name could not be authenticated. Verify that the

administrator name and context are entered completely and correctly and that you
have entered the correct password.
Source:
Explanation:
Action:
NWCONFIG.NLM
The most likely cause of this error is that the name and context have not been
entered correctly.
Examine the name and context entered. Make changes where appropriate.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-327: Context name could not be created. Verify that the context path is
entered correctly and that object name has supervisor rights on the parent of the new
context in eDirectory. Also, if you entered the context name manually, make sure it
follows all the proper containment and syntax rules for a valid full context
specification.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG could not determine the reason that the context could not be
created.
Make sure that the context name follows all syntax rules as indicated in
documentation for Novell eDirectory.
NWCONFIG-X-328: Another object with name name already exists at context context.
This server cannot be installed at that context. Either (1) specify a different context
for this server or (2) from a workstation, delete or rename the conflicting object.
Source:
NWCONFIG.NLM
Action:
Follow the instructions on the screen.
NWCONFIG-X-331: The password was retyped incorrectly. Re-enter the password.

Source:
NWCONFIG.NLM
Action:
Retype the new password correctly to confirm it.
NWCONFIG-X-332: User object name could not be authenticated. Verify that the
complete name is entered correctly and that you have the correct password.
Source:
Explanation:
Action:
NWCONFIG.NLM
An invalid object name or password was entered.
Enter the complete name correctly. If the problem persists, contact a Novell
support provider.
NWCONFIG-X-333: Warning: An attempt to log in to Novell eDirectory failed, because

the server context is not known. eDirectory may be uninitialized, removed, or
corrupted.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG was unable to determine the server context.
Execute DSREPAIR; then install or reinstall Novell eDirectory.
404 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
NWCONFIG-X-334: Enter a new name for object name.

Source:
Explanation:
Action:
NWCONFIG.NLM
You entered an invalid Novell eDirectory object name.
Enter a valid object name.
NWCONFIG-X-335: An object with name name already exists. Choose a different

name.
Source:
Explanation:
Action:
NWCONFIG.NLM
You attempted to assign an object name that already has been assigned to a
Novell eDirectory object.
Choose a new object name.
NWCONFIG-X-336: Driver name could not be loaded because the command line is too
long. Load this driver manually from the system console.
Source:
Explanation:
Action:
NWCONFIG.NLM
The command line exceeded NWCONFIG's internal buffer length for
command lines.
Switch to the system console and load the driver manually, supplying the
necessary parameters.
NWCONFIG-X-337: Warning: Typically, an organization with one or more servers

should have only one tree. Different trees do not share Novell eDirectory information
(servers, print servers, users, etc.). If there are additional trees you will have to go
through an additional login to communicate with other trees (via bindery services).
Make sure you have read the documentation and understand the complexities of
managing a multi-tree internetwork. If you decide that you do want another tree,
confirm Yes in the box that follows this message.
Source:
NWCONFIG.NLM
Action:
NWCONFIG-X-339: You must upgrade the bindery before volumes may be installed in
Novell eDirectory.
Source:
NWCONFIG.NLM
Action:
Upgrade the bindery before trying to install the volumes in Novell eDirectory.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-340: There are users logged into this server. Remove all user
connections and try to install Novell eDirectory again.
Source:
Explanation:
Action:
NWCONFIG.NLM
You cannot install Novell eDirectory while users are logged in to the server.
Clear the users connections and retry the operation.
NWCONFIG-X-341: A console command (command) did not finish executing in the

time allowed (number seconds). Control will be switched to the system console
screen, where you must finish it manually.
Source:
Explanation:
Action:
NWCONFIG.NLM
The reason the command did not completely execute will be shown on the
system console screen.
After correcting the problem, finish the command on the system console
screen; then return to NWCONFIG.
NWCONFIG-X-342: To see a list of existing objects in Novell eDirectory (countries,

organizations, divisions, etc.) when you press Enter, you must first authenticate to
eDirectory. To authenticate, you must (1) enter the administrator name, and (2) enter
the correct password. (Note that if you type the country and company or organization
name, a default administrator name will be created for you.)
Source:
NWCONFIG.NLM
Action:
To see the list, follow the instructions in the message.
NWCONFIG-X-343: NWCONFIG cannot lock the root directory entry for volume name.
Some other process is modifying it.
Source:
Explanation:
Action:
NWCONFIG.NLM
Only one process at a time can modify the root directory entry.
Wait until the other process finishes. If it takes more than a couple of hours,
NWCONFIG-X-345: The program was unable to initialize NWSNUT.NLM.

Source:
Explanation:
NWCONFIG.NLM
The support NLM, NWSNUT, returned an error from the initialization
process. This could be an internal error, or it could be caused by insufficient
memory.
406 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
Action:
99a
July 17, 2001
38
Temporarily in the Server Operating System Administration Guide. If the
server has at least 500 KB of free memory, contact a Novell support provider.
NWCONFIG-X-346: A tree or server with the same name (name) already exists.
Choose a different name.
Source:
Explanation:
Action:
NWCONFIG.NLM
Another Novell eDirectory tree exists on the network with the same name.
Choose a different name for the eDirectory tree.
NWCONFIG-X-347: The tree name must have at least 1 character.

Source:
NWCONFIG.NLM
Action:
Enter a name for the tree, containing at least 1 character.
NWCONFIG-X-348: The total space required by files that will be copied (number MB;
number bytes) is larger than the size of the system volume (number MB; number
bytes). You must either select fewer file groups (if applicable), or expand the size of
system volume SYS: (by recreating it or adding an additional volume segment).
Source:
NWCONFIG.NLM
Action:
Proceed as appropriate for the situation.
NWCONFIG-X-349: The context name must have at least 3 characters (O=name).

Source:
NWCONFIG.NLM
Action:
Enter a name for the context having at least 3 characters.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-350: The total space required by files that will be copied (number MB;
number bytes) is larger than the free space available on the system volume (number
MB; number bytes). Because some files may be overwritten and replaced, you may
have sufficient space, but that cannot be determined at this point.
You may want to do one or more of the following: Select fewer file groups (if
applicable), delete files, purge deleted files, or expand the size of system volume
SYS: (by recreating it or adding an additional volume segment).
Source:
NWCONFIG.NLM
Explanation:
If you are replacing files with this copy operation (that is, if the files you are
copying already exist on the server), then you might have enough space.
Action:
If sufficient space is available, continue with the operation; otherwise, follow

the instructions in the message.
NWCONFIG-X-351: Warning: TIMESYNC.NLM is not currently loaded. You should load

it (from the system console screen) before continuing. Novell eDirectory may have
trouble synchronizing properly if the local time differs from the network time.
Source:
Explanation:
Action:
NWCONFIG.NLM
Novell eDirectory requires that TIMESYNC.NLM be loaded.
Load the TIMESYNC NLM.
NWCONFIG-X-352: Warning: Device number contains volume information for

segment number of volume name. If you want to save this device's volume data,
confirm Yes in the box that follows this message. If you indicate No, the volume data
(on this device only) will be destroyed.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG will delete the volume segment from this device if you select
Yes.
NWCONFIG-X-354: An attempt to create a record for product name in the product

database failed. Error: code.
Source:
Explanation:
NWCONFIG.NLM
The disk space might be full or limited in some fashion so as to prohibit
writing to this file. The file also might be flagged read-only or otherwise made
inaccessible.
408 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
Action:
99a
July 17, 2001
38

Administration Guide. For information on the specific error code, search the
Error Codes online documentation (http://www.novell.com/documentation/
lg/nwec/docui/index.htm).
NWCONFIG-X-355: The network number must be non-zero. Enter a different number.

Source:
Explanation:
Action:
NWCONFIG.NLM
You entered a zero for the network address.
Enter a nonzero number.
NWCONFIG-X-356: The administrator name has too few characters. It should typically
be of the form CN=<name>. [OU=<suborganization>...]. O=<organization>
[.C=<country>].
Source:
Explanation:
Action:
NWCONFIG.NLM
The syntax for the administrator name is incorrect.
Make sure that the name conforms to the specification listed.
NWCONFIG-X-358: This server already contains Novell eDirectory information. If you

want to modify the eDirectory tree structure, use ConsoleOne. Do not try to reinstall
eDirectory unless it is absolutely necessary. However, if you must reinstall, unload
any screen saver that could lock the console, remove eDirectory with volumes
mounted, then repeat this step. After you complete the installation, load DSREPAIR
to delete unclaimed trustees from the volumes, then reinstall all servers that contain
subordinate partitions.
Source:
Explanation:
Action:
NWCONFIG.NLM
Normally, you should not reinstall Novell eDirectory after it has been
installed.
Read the information in the message carefully; then proceed accordingly.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-359: Novell eDirectory has previously been installed on this server. Do

NOT reinstall unless absolutely necessary. eDirectory is a database of information
distributed across multiple servers. If you reinstall, and if this server contains the
only replica of a partition that has links to other subordinate partitions, all
subordinate partition information on OTHER servers will become invalid.
Reinstallation may invalidate some or all trustee access rights and mail directories
(but not file contents) on THIS server.
To skip reinstalling eDirectory, confirm No in the box that follows this message. If you
confirm Yes in the box that follows, you must login to eDirectory to delete the server
object and downgrade volume IDs before reinstallation. If you have volumes that are
not currently mounted, you should switch to the system console (Ctrl+Esc) and
mount them now. After installing the server, load and execute DSREPAIR to delete
unclaimed trustee IDs. Then reinstall all servers that contain subordinate partitions.
Source:
Explanation:
Action:
NWCONFIG.NLM
Normally, you should not reinstall Novell eDirectory after it is been installed.
Read the information in the message carefully; then proceed accordingly.
NWCONFIG-X-360: Warning: do not change the time server type from the default
unless you have carefully read the time services information and understand the
consequences. NetWare 4.x servers may fail to update correctly if time services is
configured improperly.
Source:
Explanation:
Action:
NWCONFIG.NLM
The default time synchronization setup should be modified only if you are
thoroughly familiar with how this product feature works.
Before attempting to change the time server type from the default, review the
documentation on Time Synchronization.
NWCONFIG-X-361: Volume name is out of disk space. File name cannot be copied.
Source:
Explanation:
Action:
NWCONFIG.NLM
There is not enough disk space to complete the installation.
410 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
NWCONFIG-X-365: The Directory ID cannot be removed from volume name.

Source:
Explanation:
Action:
NWCONFIG.NLM
An internal error occurred which prevented clearing of an ID field on the
volume. Perhaps the volume is read-only.
NWCONFIG-X-366: A virtual device does not have a mirror set that can be displayed
or modified.
Source:
Explanation:
Action:
NWCONFIG.NLM
An attempt was made to view the set of mirrored devices corresponding to a
virtual device. A virtual device is a device that does not use standard NetWare
device partitioning, mirroring, and Hot Fix. The device is registered with
NetWare as a logical partition only.
Do not attempt to view the mirrored set, etc. corresponding to this device.
NWCONFIG-X-389: An NCP Server object (or an unknown object) with name name
already exists at context context.
Source:
Explanation:
Action:
NWCONFIG.NLM
All objects of the same type must have unique names within a directory tree
context. There is an existing Server object with the same name and in the same
context as one that is being added.
Change the context or name of the new or existing Server object.
NWCONFIG-X-392: The program cannot allocate a semaphore.

Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-393: The attempt to log in to server name by user username failed.

Error: number
Source:
NWCONFIG.NLM
Action:
Check the conditions listed in the message and verify that all are correct. To
review information for the error code number, see Error Codes in the online
documentation.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-394: No LAN drivers are currently loaded. Installation from a remote

server requires access to the network. A LAN driver must be loaded and bound to a
protocol stack on this server.
Source:
Explanation:
Action:
NWCONFIG.NLM
A network connection is required to install from a remote server. Without a
LAN driver being loaded and bound to a protocol, a network connection
cannot be created.
Load a LAN driver and bind it to a protocol.
NWCONFIG-X-401: Error executing file name. The file cannot be loaded remotely.
Source:
Explanation:
Action:
NWCONFIG.NLM
This error could result from I/O errors, file corruption, or a bad network
connection, or the error could occur because this file must be loaded on the
console.
Verify that this file can be loaded remotely. See Resolving File I/O Errors in
the Traditional File Services Administration Guide.
NWCONFIG-X-402: An attempt to establish a server-to-server session failed. A

server-to-server session must exist in order to access the remote server specified in
the installation source path: path.
Source:
NWCONFIG.NLM
Explanation:
The attempt to establish a server-to-server connection failed. Possible reasons

follow: wrong password for the specified user, this server is unable to see the
other server (router problems, or the other server is down), or this server is not
connected to the same network with the same protocols as the other server.
Action:
Make sure that the other server is up and that this server can see it. Make sure
that the user name and password are correct and that both servers can
understand one another.
NWCONFIG-X-403: ISSLIB.NLM (Install Server To Server I/O Library NLM) must be

loaded in order to access the remote server specified in the installation source path:
path.
Source:
Explanation:
Action:
NWCONFIG.NLM
The attempted operation requires that the file ISSLIB.NLM be loaded. Verify
that this file exists, is executable, and is in the server's search path.
Check for the possible problems listed above. See Resolving Volume I/O
Errors in the Traditional File Services Administration Guide.
412 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
NWCONFIG-X-405: No disk drivers were found by this program; it could not complete
auto mirroring.
Source:
Explanation:
Action:
NWCONFIG.NLM
The disk driver has been unloaded, or a major internal error has occurred.
Backup and reload disk drivers. If the problem persists, contact a Novell
support provider.
NWCONFIG-X-406: This program could not find the other IO engine; it could not
complete auto mirroring.
Source:
NWCONFIG.NLM
Explanation:
Communication between the two IO engines has stopped. This could be

caused by faulty network boards connecting the two computers, a break in the
communication cable, or the other computer being down.
Action:
Check the items listed above, then reboot and reinstall. If the problem persists,
NWCONFIG-X-407: An attempt by this program to allocate memory failed; auto

mirroring could not be completed.
Source:
Explanation:
Action:
NWCONFIG.NLM
This program could not allocate required memory to complete auto mirroring.
NWCONFIG-X-408: This program was unable to get disk driver information; it could
not complete auto mirroring.
Source:
Explanation:
Action:
NWCONFIG.NLM
The disk driver has been unloaded or there is a major internal error.
Back up and reload disk drivers. If the problem persists, contact a Novell
support provider.
NWCONFIG-X-409: This program was unable to get partition information; it could not
Source:
Explanation:
NWCONFIG.NLM
This program is no longer able to see the hard disk.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
Action:
99a
38
July 17, 2001
Verify that the correct disk driver is loaded. Try installing again. If the problem
NWCONFIG-X-410: This program was unable to get redirection information; it could

Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-411: This program was unable to create mirror information; it could not
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-412: This program was unable to get mirror information; it could not
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-413: This program could not find any NetWare partitions on the original
computer; it did not complete auto mirroring.
Source:
Explanation:
Action:
NWCONFIG.NLM
414 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
NWCONFIG-X-414: This program could not find any NetWare partitions on the new
computer; it did not complete auto mirroring.
Source:
Explanation:
Action:
NWCONFIG.NLM
NWCONFIG-X-415: Both computers do not have the same number of NetWare

partitions. This program did not complete auto mirroring.
Source:
NWCONFIG.NLM
Explanation:
Auto mirroring cannot take place if both computers do not have the same
number of NetWare partitions.
Action:
Manually mirror these partitions. Select the Manual option instead of the
Automatic option.
NWCONFIG-X-416: The new server computer's NetWare partition is orphaned, cloned

or non-operational. This program did not complete auto mirroring.
Source:
Explanation:
Action:
NWCONFIG.NLM
There is a problem reading the new server's NetWare partition.
Verify that the correct disk driver is loaded. Select the Manual partition option
and resynchronize the mirrored group.
NWCONFIG-X-417: The new server computer's NetWare partition is already mirrored.

This program did not complete auto mirroring.
Source:
Explanation:
Action:
NWCONFIG.NLM
The program thinks that the new server's NetWare partition is already
mirrored.
The mirror group should be deleted, re-created and mirrored.
NWCONFIG-X-418: The new server's NetWare partition contains a volume. This

program did not complete auto mirroring.
Source:
Explanation:
NWCONFIG.NLM
A partition with a volume cannot be mirrored.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
Action:
99a
38
July 17, 2001
Verify that you are doing what you want done. Back up any needed data from
the new server's NetWare volume; then go to the Create Partition screen and
delete and re-create the offending partition.
NWCONFIG-X-419: The original server's NetWare partition is orphaned, cloned or

non-operational. This program did not complete auto mirroring.
Source:
Explanation:
Action:
NWCONFIG.NLM
There is a problem reading the original server's NetWare partition.
Make sure that the correct disk driver is loaded. Select the Manual partition
option and resynchronize the mirrored group.
NWCONFIG-X-420: The original server's NetWare partition is already mirrored. This

program did not complete auto mirroring.
Source:
Explanation:
Action:
NWCONFIG.NLM
The program thinks that the original server's NetWare partition is already
mirrored.
The mirror group should be deleted, re-created and mirrored.
NWCONFIG-X-421: This program could not add a partition to a mirror group; it could
Source:
Explanation:
Action:
NWCONFIG.NLM
An internal processing error exists.
Make sure that the correct disk driver is loaded. Retry the operation. If the
NWCONFIG-X-422: This program could not set partition HotFix; it could not complete
auto mirroring.
Source:
Explanation:
Action:
NWCONFIG.NLM
There is an internal processing error.
Make sure that the correct disk driver is loaded. Retry the operation. If the
416 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
July 17, 2001
38
NWCONFIG-X-423: The original server computer's NetWare partition is larger than the
new computer's partition; it did not complete auto mirroring.
Source:
Explanation:
Action:
NWCONFIG.NLM
The original server's NetWare partition is larger than the allowed maximum
difference for mirroring.
You can either shrink the original server's partition or increase the new
computer's partition.
NWCONFIG-X-425: Warning: You do not have a disk driver loaded. You need to load
the proper disk driver to complete the installation.
Source:
Explanation:
Action:
NWCONFIG.NLM
The server communicates with the hard disk through a disk driver. If no disk
driver is loaded, installation cannot proceed because it will not have access to
the hard disk.
Load the correct disk driver.
NWCONFIG-X-426: Warning: You do not have a LAN driver loaded. You need to load
the proper LAN driver to complete the installation.
Source:
Explanation:
Action:
NWCONFIG.NLM
The server communicates with the network card through a LAN driver.
Installation could continue, but communication with other servers will not
exist until a LAN driver is loaded.
Load the correct LAN driver.
NWCONFIG-X-427: Warning: You do not have disk drivers loaded on both server
computers. You need to load the proper disk drivers to complete the installation.
Source:
Explanation:
Action:
NWCONFIG.NLM
The server communicates with the hard disk through a disk driver. If no disk
driver is loaded, installation cannot proceed because it will not have access to
the hard disk.
Load the correct disk driver on both computers.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-428: Warning: You do not have LAN drivers loaded on both server
computers. You need to load the proper LAN drivers to complete the installation.
Source:
Explanation:
Action:
NWCONFIG.NLM
The server communicates with the network card through a LAN driver.
Installation could continue, but communication with other servers will not
exist until a LAN driver is loaded.
Load the correct LAN driver on both computers.
NWCONFIG-X-429: You cannot edit/modify the parameters of a currently loaded

driver. If you must modify the parameters, unload the driver and reload it.
Source:
NWCONFIG.NLM
Action:
If the parameters need to be changed, unload the driver and reload it, changing
the parameters as needed.
NWCONFIG-X-432: Warning: For NetWare for OS/2, you need at least one LAN driver
and also a shared LAN driver (TOKENSHR, etc). You need the LAN driver to complete
the installation, and the shared driver to see the network from OS/2.
Source:
NWCONFIG.NLM
Explanation:
If you are sharing a network board between the server and the client, you will
need to load at least two LAN drivers. One LAN driver will be a sharing driver
which will allow the client to have access to the network. The other LAN
driver will be the driver for the installed network board. You might have
multiple real LAN drivers, one for each network board, but only one sharing
driver.
Action:
If you are sharing a network board with the client, load the preselected sharing
driver (TOKENSHR, TOKENLNK, or LANSHARE) and the LAN drivers
corresponding to the installed network boards. If you are not sharing a
network board, load only the LAN drivers corresponding to the installed
network boards.
NWCONFIG-X-433: Warning: You do not have a shared LAN driver loaded. You need
to choose the proper shared driver for OS/2 to see the network.
Source:
Explanation:
NWCONFIG.NLM
If you are sharing a network board between the server and the client, you will
need to load both a real and a sharing LAN driver. The real LAN driver allows
418 System Messages
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
the server to see the network, and the shared LAN driver allows the client to
see the network.
Action:
Load the correct sharing LAN driver. There is a line in the CONFIG.SYS file
that loads the corresponding sharing driver on the client (TOKENSHR,
TOKENLNK, or LANSHARE).
NWCONFIG-X-434: Some NetWare disk partitions already exist. NWCONFIG will

delete them (including the files, user data, etc.) and create new ones if you confirm
Yes in the box that follows this message. Only NetWare (not DOS or other) partitions
will be deleted if you confirm Yes.
WARNING: To preserve the data on existing NetWare partitions, confirm No.
Source:
NWCONFIG.NLM
Action:
Make sure no data will be lost if you confirm Yes to this box. When a disk
partition is deleted all data on that partition is lost. If you wish to delete the
partition, answer Yes. Otherwise, answer No.
NWCONFIG-X-435: Warning: You had TCP/IP configured on the original server. You
will need to load INETCFG.NLM after the installation is completed, and then re-install
TCP/IP support.
Source:
Explanation:
Action:
NWCONFIG.NLM
The TCP/IP installation and configuration has been changed in this version of
NetWare.
Follow the instructions in the message.
NWCONFIG-X-436: Warning: You had APPLETALK configured on the original server.

You will need to load INETCFG.NLM after the install is completed, and then re-install
APPLETALK support.
Source:
Explanation:
Action:
NWCONFIG.NLM
The APPLETALK installation and configuration has been changed in this
version of NetWare.
Follow the instructions in the message.
System Messages
103-000150-001
August 29, 2001
Novell Confidential
Manual
99a
38
July 17, 2001
NWCONFIG-X-438: Some NetWare disk partitions already exist on the new server
computer. NWCONF

Novell Netware 6 Documentation

Hochgeladen von

Dokumentinformationen

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Novell Netware 6 Documentation

Hochgeladen von

Copyright:

Verfügbare Formate

NetWare 6 Readme

October 25, 2001

July 17, 2001

July 17, 2001

July 17, 2001

June 14, 2001

Installation and Upgrade

Before the Installation or Upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

iManage 1.0 and iMonitor 1.5 for Novell eDirectory 8.6

NetWare Enterprise Web Server

NetWare FTP Server

10 NetWare Migration Wizard 6

12 NetWare Web Manager

13 NetWare Web Search Server

14 Novell Advanced Audit Service

15 Novell Certificate Server

16 Novell Client for Windows

17 Novell Cluster Services

June 14, 2001

18 Novell Compatibility Mode Driver

19 Novell eDirectory 8.6 for NetWare

22 Novell International Cryptographic Infrastructure (NICI)

23 Novell Modular Authentication Service (NMAS)

24 Novell Native File Access Protocols

27 Novell Storage Services

31 Storage Management Services (SMS)

Backup and Restore Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

32 Third-Party Adapters, Drivers, and Applications

July 17, 2001

In this documentation, a greater-than symbol (>) is used to separate actions

July 17, 2001

July 17, 2001

The NetWare 6 package consists of the following:

accessibility of the NetWare 6 documentation. Please send your comments to

July 17, 2001

The following core NetWare 6 components are MP-enabled:

The following Novell products are compatible with NetWare 6:

July 17, 2001

Novell Portal Services 1.0

NIAS components that enable NetWare to function as a WAN or RAS

July 17, 2001

Client DOS Utilities

July 17, 2001

Installation and Upgrade

version of the product are not supported.

Before the Installation or Upgrade

Installation and Upgrade

July 17, 2001

Upgrading NetWare 5 Servers with NDS 7 and NSS Volumes

A NetWare 5 server with NDS 7 and NSS volumes is inaccessible after

NetWare 4.11 requires that Support Pack 8 or later be installed before

If your network includes servers running NetWare 5 with NDS eDirectoryTM

Before you install or upgrade to NetWare 6 on an existing network, make sure

July 17, 2001

Deployment Manager and specifically complete Step 3: Prepare for NDS

NetWare Deployment Manager might not run on Windows 2000 computers

Installation and Upgrade

July 17, 2001

During the Installation or Upgrade

July 17, 2001

Installing a NetWare 5.1 Server into a Tree with a NetWare 6 SDI

If the Security Domain Infrastructure server in the NDSPKI:SD Key Server

install the server into the existing NetWare 6 tree.

console or through the NetWare Deployment Manager.