Objects in a Directory Tree
An NDS structure that stores information about a network resource (such as a user, group, printer, or volume).
An object consists of categories of information, called properties, and the data in those properties. The information is stored in the Novell Directory database.
Some objects represent physical entities. For example, a User object represents a user and a Printer object represents a printer.
Some objects represent logical entities, such as groups and print queues. Other objects, such as the Organizational Unit object, help you organize and manage objects.
Remember that an object is a structure where information about the entity is stored; it isn't the actual entity.
For example, a Printer object stores information about a printer and helps manage how the printer is used, but it isn't the printer itself.
Types of Objects
Two types of objects make up the Directory tree: container objects and leaf objects.
A subtree, or branch, of the Directory tree consists of a container object and all the objects it holds, which can include other container objects.
Leaf objects are at the ends of branches and don't contain other objects.
The following figure shows how container objects and leaf objects make up the Directory tree.
Figure 55
Objects in a Directory Tree
Container objects hold, or contain, other objects. Container objects are used as a way to logically organize all other objects in the Directory tree.
The [Root] object is also considered a container object, but it is the very first object in the Directory tree, and it cannot be deleted or modified. All other objects, including Organization objects, are contained within the [Root] object.
Container objects are like directories in a file system in that they group related information together. If a container object has objects in it, it is called a parent object.
Types of container objects. There are three types of container objects, described in the following table:
Table 14. Types of Container Objects
| Container object | Abbreviation | Description |
|---|---|---|
Country |
C |
Designates the countries where your network resides and organizes other Directory objects within the country. (See Country object.) |
Licensed Product |
LP |
The Licensed Product container object is created automatically when you install a license certificate or create a metering certificate using NetWare Licensing Services (NLS) technology.When an NLS-enabled application is installed, it should add a Licensed Product container object to the Novell Directory database and a License Certificate leaf object to that container. |
Organization |
O |
A level below the Country object (unless you don't use the Country object), the Organization object helps you organize other objects in the Directory and allows you to set template information for users created in this container. (See Organization object.) |
Organizational Unit |
OU |
A level below the Organization object, the Organizational Unit object helps you to further organize other objects in the Directory and also allows you to set template information for users created in this container. (SeeOrganizational Unit object.) |
Country objects can contain Organization objects or Alias objects (a leaf object, described in the next section).
Organization and Organizational Unit objects can contain Organizational Unit objects or leaf objects.
Types of leaf objects. Leaf objects don't contain other objects. They represent network resources, such as users, computers, printers, and lists. The following table describes leaf objects:
Table 15. Types of Leaf Objects
| Leaf object | Description |
|---|---|
AFP Server |
Represents an AFP server that is operating as a node on your NetWare network and usually also acting as a NetWare router to, and the AppleTalk server for, several Macintosh computers. (See AFP Server object.) |
Alias |
Points to the original location of an object in the Directory. Any Directory object located in one place in the Directory can also appear to be in another place in the Directory by using an Alias. (See Alias object.) |
Application |
Represents a network application. Application objects simplify administrative tasks such as assigning rights, customizing login scripts, and supporting applications. |
Auditing File |
The Novell Directory Services data structure used to manage an audit trail's configuration and access rights. |
Bindery |
Represents an object placed in the Directory tree by an upgrade or migration utility, but that NDS can't identify. This object provides backward compatibility for bindery-oriented utilities. (See Bindery object.) |
Bindery Queue |
Represents a queue placed in the Directory tree by an upgrade or migration utility, but that NDS can't identify. This object provides backward compatibility for bindery-oriented utilities. |
Computer |
Represents a computer on the network. (See Computer object.) |
Directory Map |
Refers to a directory on a volume. (See Directory Map object.) |
Distribution List |
Represents a list of mail recipients. (See Distribution List object.) |
External Entity |
Represents a non-native NDS object that is imported into NDS or registered in NDS. (See External Entity object.) |
Group |
Assigns a name to a list of User objects in the Directory. You can assign rights to the group instead of to each user---the rights transfer to each user in the group. (See Group object.) |
License Certificate |
Used with NetWare Licensing Services (NLS) technology to install product license certificates as objects in the Novell Directory database. License Certificate objects are added to the Licensed Product container when an NLSaware application is installed. |
LSP Server |
A leaf object that represents a NetWare® server with the NetWare Licensing Services NLM loaded. |
Message Routing Group |
Represents a group of messaging servers that can transfer messages directly among themselves. (See Message Routing Group object.) |
Messaging Server |
Represents a NetWare MHS server that resides on a NetWare server. A NetWare MHS Server object is automatically created in the Directory tree when you install NetWare MHS on a NetWare server. (See Messaging Server object.) |
NetWare Server |
Represents a server running any version of NetWare. (See NetWare Server object.) |
Organizational Role |
Defines a position or role within an organization. (See Organizational Role object.) |
Print Queue |
Represents a network print queue. |
Print Server |
Represents a network print server. |
Printer |
Represents a network printing device. |
Profile |
Represents a login script used by a group of users who need to share common login script commands but who aren't necessarily located under the same container in the Directory tree, or who are a subset of users in the same container. |
User |
Represents the people who use your network. (See User object.) |
Unknown |
Represents an NDS object that has been corrupted and can't be identified as belonging to any of the other object classes. |
Volume |
Represents a physical volume on the network. (See Volume object.) |
In a Directory tree, you can place container objects and leaf objects in different configurations, according to your company's needs. The following figure shows possible configurations:
Figure 56
Possible Configurations for a Directory Tree
The Country and Organizational Unit objects are optional, but you must include at least one Organization object in your Directory tree.
You aren't limited to using only one container object in a tree; you can use many at each level. The following figure shows an example Directory tree that has several container objects at each level:
Figure 57
Example Directory Tree with Several Container Objects
The path from an object to the root of the Directory tree forms the object's complete name, which is a unique name. Most leaf objects also have a common name. For User objects, the common name is their login name, displayed in the Directory tree. Other leaf objects also have common names displayed in the Directory tree, such as a Printer object name or a Server object name. Container objects don't have common names. They are referred to by their Organizational Unit name, or Organization name, or Country name. An object's complete name consists of its common name (if it has one), followed by a period (.), then the name of the container object, also followed by a period, and on up through succeeding container object names to the root of the tree. For example, in the following figure the complete name for ESAYERS would be ESAYERS.SALES PV.SALES.NOVELL US Figure 58
When querying the Directory, you can supply the object's complete name to receive information that describes that object. Or, you can supply an object's property value and receive a list of object names that have that value. For example, to find all users with a last name of Smith, search for Smith in the last name property of User objects. NDS allows you to refer to objects according to their positions within a tree. When you add an object (such as a server or user) to the network, you place that object in a container object in the Directory tree. The position of the object within its container is its context. For example, in the previous figure, the context for User object ESAYERS is SALES PV.SALES.NOVELL US. When you move from one container object to another, you change contexts. Whenever you change contexts, you must indicate the complete name of the object you are changing contexts to. (If you're changing to a context that includes spaces between words, be sure to include an underscore in place of the space.) If you are referring to an object in the same container object as your User object, then you need only refer to that object by its common name, not its complete name. For example, in the previous figure, if ESAYERS located in SALES PV.SALES.NOVELL US wants information on ESMITH located in the same context, then ESAYERS need only refer to the User object as ESMITH. Each type of object has certain properties that hold information about the object. For example, some User object properties include the login name, password restrictions, and group memberships. Some Profile object properties are the profile name, login script, and volume. The only properties required for objects are those you enter when you create a new object. You must enter a value in each field. Properties you must specify when you create an object are
For example, when you create a Volume object, you must specify the volume's host server.
Many of an object's properties can contain multiple values. For example, the telephone number property, found in many object types, can contain several different telephone numbers. The NETADMIN and NetWare Administrator utilities allow you to see and change properties for any object to which you have sufficient rights. See also Novell Directory Services; Object Rights in Chapter 1 of Supervising the Network.Object Names
Complete and Common Names
Object Contexts
Object Properties