NetWare (NCP)
Access Control
Security Management within NetWare depends upon the selected mode:
ÖBindery mode without user authentication
ÖBindery mode with user authentication
ÖNDS mode
The
NOTE:
7You cannot set up access restrictions for the NetWare environment via the
NetWare Bindery Without Authentication
If user authentication is not required, you do not have to specify an authentication server. The Supervisor can log in using the Server password. Other users can log in without password and will be considered to belong to the EVERYONE group.
NetWare server licenses are not required since the
Use the standard NetWare administration tool, (e.g. Filer) to limit
NetWare Bindery With Authentication
If user access control is required, you must specify an authentication server in the Authentication Server parameter. The
Authorized users will have configurable rights to the volumes of the
The authentication procedure reduces the Administrator overhead as there is no need for maintaining a separate user database for the
Authentication to a NetWare 3.x Server
For access to a
ÖIf a user is on the list, the password will be verified If the password is correct, the user will be granted access
ÖIf the password is incorrect, log in will fail
If a user is not on the list, access to the
Default Access Rights
The default access rights in NetWare bindery mode are set up by the following trustee assignments:
ÖThe root of the SYS volume has [EVERYONE] as trustee with File Scan, Read, Write, Create, Modify and Erase rights
ÖThe system and wwwroot folders have all rights except Supervisor filtered. Thus all system files are effectively protected from unauthorized users
NOTE:
7Use Filer to change the default access rights
Setting Security Rigths in NetWare Bindery
The security rights can be set using standard procedures, e.g. Filer.
If you want to make all of the volumes in the
1.Login as Supervisor on the
2.Login as Supervisor on your NetWare Bindery file server and start Filer.
3.Change the current directory to PIONEER<nnnnnn>_NW/SYS:.
4.Remove the [EVERYONE] trustee from the root.
5.Add a new trustee assignment to the root.
If you want to restrict access to one or more volumes but grant all users access to most volumes, limit access to individual resources:
1.Login as Supervisor on the
2.Login as Supervisor on your NetWare Bindery file server and start Filer.
3.Change the current directory to PIONEER<nnnnnn>_NW/SYS:.
4.On the resource you want to protect, set an inherited rights filer and filer ALL rights.
23
<DRB1239>