Rights Necessary to Install NetWare 6.5
Novell Cool Solutions: Tip
Digg This -
Posted: 24 Jun 2004
To install the first NetWare 6.5 server in an eDirectory tree, the user who installs the server must have the Supervisor right at the [Root] of the eDirectory tree. If installing into a new tree the Admin user that is created during the NetWare 6.5 Install will have full rigthts to the root of the tree. Using the Admin account allows the installer to extend the eDirectory schema for NetWare 6.5 as necessary.
If you are installing the first NetWare 6.5 server into an existing NDS/eDirectory tree, be sure to run the Deployment Manager first to prepare the tree so it is compatible with the new version of eDirectory that comes with NetWare 6.5. This requires access to a server with a Read/Write replica of the Root partition.
Rights Required for Subcontainer Administrators
For security reasons, you might want to create one or more subcontainer administrators with sufficient rights to install additional NetWare 6.5 servers, without granting them full rights to the entire tree. A subcontainer administrator needs the following rights to install a NetWare 6.5 server into the tree:
- Supervisor right to the container where the server will be installed
- Read right to the Security container object for the eDirectory tree
- Read right to the NDSPKI:Private Key Attribute on the Organizational CA object, which is located in the Security container
- Supervisor right to the W0 object located inside the KAP object in the Security container
These rights are typically granted by placing all administrative users in a Group or Role, and then assigning the above rights to the Group or Role.
Many of the products that can be selected to install along with NetWare 6.5 require schema extensions of their own. Currently, only an administrator with rights at [Root] can extend the schema of an eDirectory tree; a subcontainer administrator would not have sufficient rights. One way to work around this is to have a root administrator install a NetWare 6.5 server with all products selected. This would take care of extending the schema for every possible server configuration. Subcontainer administrators could then install subsequent NetWare 6.5 servers without having to worry about schema extensions.
By default, the first three servers installed in an eDirectory partition will automatically receive a replica of the partition. If you are installing a server into a edirectory partition that does not already contain three replica servers then you will need to install the server with an admin with rights to root since this server will automatically receive a replica, in which case admin rights to root are needed.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com