Novell Home

Surviving UImport and Creating Long Home Directories

Novell Cool Solutions: Feature
By David Stagg

Digg This - Slashdot This

Posted: 7 Nov 2000
 

The Situation
Working in a School Division at this time of year can cause some headaches like creating some 6800 user objects in multiple contexts in two days. This past summer we adopted a new naming standard that has long names for the user object (login name) and home directories. Previously we have used an eight (8) character login name identifier that required a fair amount of work to handle all of the exceptions that name collisions generated. This name standard change is also implemented as we are planning on implementing NIMS for student based e-mail and needed to establish a name system that will provide a unique e-mail address across the entire School Division. One key goal was to avoid having to manage student names centrally, as there are only two full time and one half time staff supporting the 22 sites, 60 servers, 1200 workstations and 7500 users.

The Problem
Creating Multiple Users is not something that NWAdmin is setup for. Creating long Home Directory names is something that UImport.exe can not do. UImport's limitation was discovered at the last minute with students arriving in the schools in two days. Having been teaching the NetWare Administrator 5.1 courses I tried to dig up detailed information on the new Bulkload.NLM without success. After some quick research on the web I was only able to identify a few utilities that would cost too much (that poor School system reality). Although a Developer and having subscribed to Novell DeveloperNet for some time now, I have not had enough time to properly dig into the NetWare Developer Kits to quickly develop an application to meet this need. (I expect to resolve that over the coming months.) Faced with finding a way to meet the new standards or roll back the entire timeline, I fell back to my DOS batch processing days to come up with a series of steps that met our immediate needs using UImport.exe and Rights.exe.

The Solution
Although this is a working solution, the time to explain the process does take longer than the actual implementation. This is at best a work around to avoid the limitations of 16 bit DOS code. The program UImport.exe was last updated in October 1997 and Rights.exe was last updated in March 1997. Both of these programs are pre-NetWare 5.x and therefore do not handle long directory names. Currently there is no batch/command line utilities that do support long names properly. The result is that any solution that uses these utilities to work with long directory names will be kludgy at best. This solution is no exception. So with that warning in mind lets look at how these utilities can be used to get the job done.

Since UImport can not create directories with long names I used it only to create the User Objects with all the correct values, including the Home Directory property with the correct long name. I used a batch file to create the long named Home Directories. I used another batch file to pass the short directory name and long User name to Rights.exe to set the correct permissions for the assigned user. By the time all this was sorted out I created one more top level batch file to make sure that I did everything in the correct order and did not miss a step - I had to setup users for 19 different sites. The actual order I ran this process in was to generate the Directories first, then create the Users and finally assign the User the correct rights with another batch file.

The UImport Control File

UImport is showing its age. In addition to the problem handling long directory names, UImport relies on a Template object named "USER_TEMPLATE" to set default properties. The use of this template is optional. There is no ability to select a template with a different name or from a different context. One thing to note here is that the documentation talks about a User object with this name, but I have used Template objects as well. The template object must exist in the same context that UImport is creating users for. On our systems, I just create a temporary Template object by copying one of our regular templates and naming it: "USER_TEMPLATE". This object is removed after all users are created. UImport also has a limited set of properties that will be copied from a Template or can be input from a data file. If you type in "UIMPORT /?" at a command line you can get a list of the properties that UImport is able to handle. For our scenario here is a sample control file named "CONTROL.CTL":

Import Control
Name Context="OU=School.OU=TechJr.OU=Region.O=District"
User Template=Y

    Create Home Directory=N
    Import Mode=B
    Separator=,

Fields

    Name Full Name

Last Name

    Given Name E-mail Address

Password

    Department Home Directory

Since UImport can not create long Home Directories, we are not creating them with this tool. The Home Directory property will be filed with the correct value from the student data set. We are using a template object to fill in default information that is common to all users being created; Profile, Account Restrictions, Password Restrictions, Group Membership and so on.

Creating the Student Data File
One very important tool in this process is a spreadsheet to generate the necessary data and command files to do all this work. The raw student data was generated from the school student database program and I extracted only four (4) pieces of information for each Student:

First Name
Last Name
School Code (for default password) and
Grade

I then imported that data into my spreadsheet (Excel) and generated the other data values that I needed using the string functions, in this case CONCATENATE. I built the dataset to include values for:

A - Login Name - composed of LastName,FirstName and a school abbreviation
NOTE: make sure you have no spaces or periods in the name
B - Full Name - built from the First and Last Name values
C - First Name - the original data
D - Last Name - the original data
E - E-mail Address - using the Login Name and "@ourdomain.ca" on the end
F - Password - the original data (or some default of your choosing)
G - Grade - the original data
H - Home Directory - using the full DN of the Volume, the path with Login Name

After the original data was imported I inserted columns A, B, E and H and put the following formulas in row 1 of each column:

    Cell A1     '=(D1 & C1 & "-TJR")'     this generates the Login Name
    Cell B1     '=(C1 & " " & D1)'     this generates the Full Name
    Cell E1     '=(A1 & "@ourdomain.ca")     this generates the E-mail Address
    Cell H1     '=(".TJR_FS_ACCT.School.TechJr.Region.District:\USER\:" & A1)
    This generates the correct Home Directory path.

After the formulas are entered into row 1, copy them down in each column so that they exist for each of the data rows with student records.

When entering the text for the Home Directory path, verify it as correct. The example above lists the entire Distinguished Name NDS Volume object. The path to where the home directory will be and the user's Login Name is then added at the end. I made a mistake for one school in the path ("Users" instead of "User") and had to update the entire student User Objects with the correct path. Since I had used UImport to create the Users it only took a few minutes to fix the dataset and then run UImport again to update the NDS objects. The big problem is that the error was not identified for two days as being a problem. Best to avoid the problem in the first place if possible.

If I were a student a Tech Junior High (fictitious school), my student record would look like:

StaggDavid-TJR,David Stagg,David,Stagg,StaggDavid-TJR@ourdomain.ca,hello,12, .TJR_FS_ACCT.School.TechJr.Region.District:\USER\StaggDavid-TJR (this is a single line of data)

I saved this file as a comma separated file for the UImport data file called "STUDENTS.CSV". To actually create the users the command is simply:

UIMPORT CONTROL.CTL STUDENTS.CSV > STUDENTS.RPT

This command generates the user objects using the above files and sends all output to a report file so that I can check for errors and handle them after it is complete.

Creating the Directory File
I generate one more file from the student data to create the Home Directories. I inserted a single column at the front and pasted the text "CALL MKDIR.BAT" into the new column and then deleted the last four columns. Although only the Login Name data will be used, deleting the Full, First and Last Name columns will destroy the Login Name since there is a string dependency on that data. It is good for reference in the next file anyway. I save this data set as "USERDIRS.BAT". In excel to keep the formatting (white space between columns) I saved it as a *.PRN file and placed the name in quotes so that Excel would not change the name to "userdirs.bat.prn" on me.

My line in this file would look like:

CALL MKDIR.BAT    StaggDavid-TJR    David Stagg    David    Stagg

The MKDIR.BAT file simple creates the directory on a pre-designated drive. The file contains:

@ECHO OFF
REM Need mapping to T: for this to work.
REM MAP ROOT T:=\\TJR_FS\ACCT\USER

@ECHO ON
MD T:\%1 >> USERDIRS.RPT
@ECHO OFF

In the MKDIR.BAT file I redirected output to a report file so that I could check on the results later and then handle any problems that may have occurred.

Setting the Rights with the Short Directory Name Once the Home Directories are created I need to get the associated short directory name to pass to the RIGHTS.EXE program. Unfortunately RIGHTS.EXE is of the same vintage that UImport is and does not handle long directory names either. To get the information required, I redirected a directory listing to a file. In Win 95/98 a directory listing includes both short and long names so the command:

DIR T: /AD/ON > MKRIGHTS.BAT

will generate a file with the necessary information. The "/AD" will list only directories and the "/ON" will list them in alphabetical order. On a Win NT system you need to add "/X" to get the short name in the directory listing.

DIR T: /AD/ON/X > MKRIGHTS.BAT

The actual columns will be different, but you can edit them in your spreadsheet.

Once the above file "MKRIGHTS.BAT" is generated, I imported it into Excel and stripped out header and trailer information and the columns that did not have the short or long name data. I then added a first column with the text "CALL SETDIR.BAT". This data set was then saved back to "MKRIGHTS.BAT" as a *.prn file as noted above. A sample data line would look like:

    CALL SETDIR.BAT     STAGGD~1     StaggDavid-TJR

The SETDIR.BAT file contains a single line:

RIGHTS T:\%1 RWCEMF /NAME=%2 >> MKRIGHTS.RPT

The file assumes (Yes, dangerous) that T: is mapped as above and the correct default context is set. Since I control the entire process from a Master file I make sure of the settings first.

Master Control - Keeping it all in Order
I created a Master batch file "MKUSERS.BAT" that sets up the correct environment and mapping and then processes each step in order. I liberally include ECHO statements to document what is happening and anything else that I have to do. Once the batch files and control files above are prepared (except for the MKRIGHTS.BAT) the entire process can be kicked off with the command: "MKUSERS".

@ECHO OFF
REM File name: MKUSERS.BAT
REM Control file to guide through the various steps in creating users with Long Home Directory names

REM Step 1 - Verify that control files are created

CLS
DIR /W
ECHO   STEP 1
ECHO.
ECHO Are the data files setup?
ECHO.
ECHO You should have the following files listed above:
ECHO.
ECHO   STUDENTS.CSV - user import data file used by UIMPORT.EXE
ECHO   CONTROL.CTL - control template file used by UIMPORT.EXE
ECHO   USERDIRS.BAT - master file for Home Directory creation
ECHO   MKDIR.BAT - batch file called by USERDIRS.BAT to create a dir
ECHO   SETDIR.BAT - batch file to set Rights on a dir, used later
ECHO.
ECHO   If the first five files do not exist, EXIT now with Control-C, otherwise
PAUSE

REM I could add file existing testing in here?

REM Step 2 - Change Context and map to correct ACCT volume

@ECHO OFF
ECHO   STEP 2
ECHO.
ECHO   Setting correct context and work drive mapping
ECHO.
CX .School.TechJR.Region.Division
MAP ROOT T:=\\TJR_FS\ACCT\USER
ECHO.
ECHO   Is the context and T: drive mapping correct?
ECHO.
ECHO   If not EXIT now with Control-C, otherwise
PAUSE

REM Step 3 - Create Home Directories

ECHO STEP 3
ECHO.
ECHO   Creating Home Directories
CALL USERDIRS.BAT
ECHO.
ECHO   Directory creation has completed.
PAUSE

REM Step 4 - Create and modify directory listing for Rights synchronization later

ECHO STEP 4
ECHO.
ECHO Creating Home Directory listing work file

REM Following line is for Win 9x
DIR T: /AD/ON > MKRIGHTS.BAT
REM Following line is for Win NT
Rem DIR T: /AD/ON/X > MKRIGHTS.BAT

ECHO.
ECHO   MKRIGHTS.BAT file has been created. Start Excel and import this file.
ECHO   Edit the file to remove the middle three columns and header and trailer
ECHO   text lines. Then insert a first column that has "CALL SETDIR.BAT" as
ECHO   a text value for every line. There should be only three columns left. The
ECHO   first column as noted above, the second column with the short directory
ECHO   name and a third column with the long directory name. Once that it done,
ECHO   save the file as a text file with the same name - MKRIGHTS.BAT.
ECHO   Then return here and continue.
ECHO.
ECHO   Are you finished editing the rights batch file? If so
PAUSE

REM Step 5 - Create the Users in NDS

CLS
ECHO STEP 5
ECHO.
DIR /W
ECHO.
ECHO.
ECHO Last Chance! You should have the following files listed above:
ECHO.
ECHO   STUDENTS.CSV - user import data file used by UIMPORT.EXE
ECHO   CONTROL.CTL - control template file used by UIMPORT.EXE
ECHO   SETDIR.BAT - batch file to set Rights on a dir
ECHO   MKRIGHTS.BAT - batch file used later to setup Home rights
ECHO.
ECHO   It is now time to create the users in NDS.
ECHO.
ECHO   To create the users
PAUSE
ECHO.

UIMPORT CONTROL.CTL STUDENTS.CSV > STUDENTS.RPT

ECHO.
ECHO   User creation has completed. Check the STUDENTS.RPT file for errors. ECHO.

REM Step 6 - Assign rights to Home Directories

ECHO STEP 6
ECHO.
ECHO   The final step is to assign rights to each Home Directory.
ECHO.
ECHO   You may wish to check that NDS is synced up before assigning rights.
ECHO   If you are unable to check, wait for a few minutes before proceeding.
ECHO.
PAUSE

CALL MKRIGHTS.BAT

ECHO.
ECHO   Check the MKRIGHTS.RPT file for errors.
ECHO.
ECHO   User creation is now complete.

I create all of the files for a given school site in one subdirectory. By copying the MKUSERS.BAT, MKDIR.BAT, SETDIR.BAT and CONTROL.CTL to each directory I create the template set for each site. I only have to edit the CONTROL.CTL for the context and the MKUSERS.BAT for context and mapping and the files are all set to generate the user setup. All that is required is to create the STUDENTS.CSV and the USERDIRS.BAT from the student data for each site. During the processing above, I have to also edit the MKRIGHTS.BAT file as well.

OOPS I forgot the DOS/Win 3x systems After getting all of the above in place it quickly became apparent that my focus on the Win 9x/NT world missed the reality of a few of our schools that still have some DOS/Win3x systems. (Yes, we still have some of these around, most of them running as RPL systems.) Mapping to the HOME_DIRECTORY property in the DOS environment fails with long path names. It is our intention that these systems will be replaced during the next year with new systems, or they will be turned into MetaFrame clients and the problem will disappear. In the meantime, I chose to work out a short term fix (kludge) to allow these systems to keep functioning. First I took the MKDIRS.BAT file and copied the Last Name data column from the STUDENTS.CSV file into it. If the MKDIRS.BAT file is resorted on the Login Name column first the paste is generally accurate with Last Name and Login Name Matching up. I did verify all records to make sure that this was correct. There should be four columns with the first column having the "CALL SETDIR.BAT" text in it. During the import process make sure that you keep this as a single field or you will have to modify the UImport control file. This generated a data set that looked like:

    CALL SETDIR.BAT    STAGGD~1    StaggDavid-TJR    Stagg

I saved this as "SHORTDIR.CSV" in a *.CSV format from Excel. I modified the CONTROL.CTL file and saved it as SHORTDIR.CTL with the following information:

Import Control

    Name Context="OU=School.OU=TechJr.OU=Region.O=District"
    User Template=N
      Create Home Directory=N
      Import Mode=B
      Separator=,

Fields
    skip
    Middle Initial
    Name
    Last Name

This sets up the short directory name to be stuffed into the Middle Initials property of the User Object with the command:

UIMPORT SHORTDIR.CTL SHORTDIR.CSV > SHORTDIR.RPT

Again all output is redirected to a report file that I can check for errors later.

I chose the Initials field since we currently are not using it at this time and it can hold up to eight characters. This could be a problem later if our standards change. To use this value I then modified the Student Profile Login Script to read as follows:

IF %OS = "MSDOS" THEN BEGIN
MAP ROOT H:=ACCT:\USER\%INITIALS
ELSE

    MAP ROOT H:=%HOME_DIRECTORY
END

Once again this is meant only for a short term fix in our environment.

In Summary
After the initial research and testing of the pieces of this process the actual work almost became anti-climatic. It only took a few hours to get all of the student data out of the various school sites databases and then some additional time to format the data files for this process. The actual user generation depended on the number of students at a given site. The end result was 6,764 student objects and home directories created across the school division in two days. Deadline met and all systems go.

Additional information on UImport can be found at http://support.novell.com/ search for UImport in manuals only.

And in the Future
I hope to look seriously at developing a GUI application the can do all of this without the overhead of formatting all the files during the next few months. Some good Pearl scripting could also be used to take the original data and generate the formatted datasets quickly and easily. If the DOS/Win3x systems are going to persist longer I also would like to look at developing a standalone 16 bit application that will return the short name of a directory when passed the long name. Looking through the code from Novell there is sample C code that outlines that process.

I am open to Questions about any part of this process. Enjoy and may you find the tools to meet your needs when that need arises.

David Stagg
Primary Support Engineer
Novell Canada
E-mail: dstagg@novell.com


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell