For NetWare, you can generate the server Security report in Novell Remote Manager for NetWare to help track potential security risks. This report shows only the information that the logged-in user is allowed to view. To receive a report with the most helpful information, log in as the Admin user or as a user with eDirectory rights equivalent to Admin.
To generate the Security report for your NetWare server:
Open a Web browser to the Novell Remote Manager, then log in as administrator or equivalent.
In the left navigator, clickto open the Reports/Log Files page.
From this report, you can track the following file system security information:
Granting a user privileges at the root directory of a volume gives that user privileges to the entire volume unless those rights are specifically revoked at a lower level. You should be especially cautious about granting the Access Control right in a root directory. Users with the Access Control right can grant themselves all other rights in any subdirectory on the volume. You can improve network security by granting each user privileges only to the specific directories he or she uses.
User, organization, role, or other eDirectory objects should have only limited access, such as Read and File Scan rights, to common directories on volume sys: such as sys:\public and sys:\login.
As the number of users with rights equivalent to user Admin increases, your security risks multiply. Any time a user with rights equivalent to user Admin leaves a server unattended, anyone can gain access to the server.
For information, see Novell Remote Manager for NetWare Administration Guide for OES.