Visitor Stats


Visits today:1
Visits yesterday:46
Visits in this month:707
Visits total:106869
Bots today:5


Application package

Zen Application Package.

The appl package has several checks. Due to the complexity of the attributes used in the Application objects, is this package a dll.
This check is not valid for Zen 10 (ZCM) or newer!

The 3 basic checks are:
-
Application and Objects associations
- Object and application associations
- Application chaining

Image

The first two checks do check the App:Associations and the App:Back Link attributes. A user, workstation, group or workstationgroup have only one link to the application, container objecten (organization/organizational unit) can have one or two links to the application opbject. One link for the users in the context and one for the workstations in the context. One or both links should be there.

In case the application has a "back link" to a container object, and the container has no "Association" link to the application, and you want to repair this, the program will ask you which link (user or workstation or both) you want to create.

 

Image

The repair is not done if cancel is selected.

 

The third basic check is the application chaining check. The program check the zenappChainedApplications and zenappChainedAppsBacklink.

IMPORTANT: Preform these basic checks first before you do any of the checks below.

 

NDS/eDirectory ACL's of objects on application and objects:
- ACL's on APP's of objects and servers
- self ACL's on objects for Zen Applications and check for old Launcher Config info.

These checks work differently than checkNDS (the old version), the first check takes the application chaining into account.
Before you do these tests please make sure the basic test are succesfull (no problems anymore).

Image

The first of these ACL-checks, read the associations (App:Bacl Link*) of the application object and does test the ACL-attribute (trustee of this object) of the application to see if the objects are in this ACL-list. Also the App:FS Rights Volume is read for the servers, these servers should also be in the ACL-list. There is also a check on the ACL-list for extra objects that are not in the associationslist or serverlist.

* The program reads all "App:Back Link" attributes of all applications in the zenappChainedAppsBacklink chain.

The second ACL check, check the App:Association attribute, if this attribute is not empty, then it checks then objects ACL for the self-rights on the attribute app:Associations. There is no check on the objects ACL for App:Associations if there are no applications associated (this was in checkNDS, gives lots of warnings, has been disabled here). There is also a check for a ACL on the attribute Launcher Config, this is an old ACL and not needed anymore for Zen 6/7.

 

Application File Rights Inheritance:
- Application filerights check.

Image

This check collects all the filesytem references of the application (and all chained applications) and all the objects associated to the application.

Then it will test the existance of the directory.
If directory exists, then the program will read the trustee assignment to the directory and compair them with the application associactions.
The program will report any missing associations in the trusteelist and all trustees that aren't associations of the application.
There is also a check for the filerights of the trustees and the rightsmask in the application.