Security

Security is one of the most important aspects of file system organization. NDS rights and the file system's directory and file attributes allow you to determine who may access what, and whether that access amounts to being able to merely read a file or modify it.

A technical discussion of the security features of the file system appears in the help for NetWare Administrator.

To more fully utilize the capabilities described in the NDS area of this documentation, you may wish to organize your approach to designing an appropriately secure system by

  1. Clustering directories and files according to who needs access to them. In other words, use the directory structure to reflect access requirements.

    For example, you can structure the hierarchy of directories in such a way as to take advantage of the inheritance aspect of rights.

    Rights can be associated with volumes, directories, and files as a safeguard against deletion or modification by users (see Description of Directory and File Rights). Directory and file attributes can also be used to control what users can do (see Description of Directory and File Attributes).

  2. Subdividing the user community into groups on the basis of related access requirements.

    Users grouped by role (relative to file access) can be assigned ownership of directories and files, and users whose roles vary can be assigned rights on the basis of equivalence.

    Users needing a particular kind of access to certain directories and files can be grouped so that appropriate access belongs to the group (and, consequently, to each member).