Visitor Stats


Visits today:1
Visits yesterday:46
Visits in this month:707
Visits total:106869
Bots today:5


5. Home Directories

5. HOME DIRECTORIES.


The home directory settings consist of three areas:
- What to do
- Home directory source
- Settings.

 

 

Image

 

 

 

5.1. What to do:

Currently the following options are available, the first two are available in both Homes and MassUser. The others are only available in the licensed version of MassUser.

Homes and MassUser:

- The program can create/repair home directory information (the NDS home attribute, the directory entry, or directory attributes) make sure you set the home directory source and settings.
- The program can delete home directories, it always uses the home directory attribute in NDS. It will delete all files and directory entries in the home directory of a user. Before deleting it it will clear any read-only or delete inhibit flags. There is no confirmation requested or done before a delete. See the chapter "Delete Home directories" for more information on how to do a conditional delete and/or user object delete.
MassUser only:
- Copy home directories - The program uses the home directory attribute as the source of the home directory to copy and you can define the destination with useBelow or a selection file (LDIF or CFL/CSV).
- Find Obsolete directories. For more information see the section "Find Obsolete directories".
- Export home directory attribute. The program will create a LDIF-file with the "dn" and "home directory" attribute. You can use this file as a backup of the home directory attribute.
- Check Home directory. No other settings are required. For more information see the section "Check Home directory".
- Home directory UserSpace/DirectoryQuota Export
- Read homedirectory from disk and compair character case
- check unique Posix home directory (only if the eDirecotory schema contans the correct classes)
- check unique Apple home directory (only if the eDirecotory schema contans the correct classes)
- no operation, only mapping option for extra dir.

5.1.1. Home directory source (repair/create)

There are six options for selecting the source of the home directory.:

- The NDS-home directory attribute

Use this source if the attribute is set and you want to update/change a home directory entry or attributes like trustee rights or quota's.

- Template

Only MassUser and if a template is set on the user page

The program uses homedirectory information of the given template. The rights to the homedirecotry in the template are iignored. The program will use the settings under "Trustee ......"

- HomeDirectory from file

See selection file for more info

- Use Mapping file

see homedirectory mapping file

- Regular Expressions (massuser)

see regular expressions

- Select a volume and optional a "base" directory

The program will add the login name as a subdirectory to this path. Warning: if the login name is longer than 8 characters you need to have long filename support on the home directory volume, there is no check for this. See also extra options path definitions

5.1.2. Home directory source (copy/move)

A copy or move requires two directories, the program will always use the home-directory attribute as the source of the copy, and one of the other homedirectory sources as the destination.
For more information on copy/move see chapter Copy/Move home directories.

5.1.3. Settings for repair/create and copy/move

Not all options ("what to do") need additional settings. But the following will require additional settings: "repair", "copy" and "find obsolete".

do not set the home directory attribute in NDS.

Use this option if you know that the NDS-attribute does not need updated. By leaving it selected even when the information is up to date you will generate a lot of unneeded NDS traffic.

do not create the home directory. (repair/create only)

You can use this option in cases where you know that the directory entry already exists. For example you may want to set this option if you want to update the user-space restrictions or want to set the owner-attribute of all files and directories in a home directory. The program will write an error message to the log-window if a home directory doesn't exist.

Set trustee rights and directory attributes.

The default settings are:

- all file-rights for the user in the home-directory except access-control. (trustee-rights)
- Delete Inhibit and Rename Inhibit directory attribute, so the users can't delete/rename there own home-directory.
By deselecting this option, the program will not set the trustee-rights and/or directory attributes.
Other trustee rights to existing home-directories are always preserved.

5.1.4. Set Owner

This option is useful if you migrate the home-directories from one server to another and you have userspace restrictions turned on. In most cases the owner of the files is changed to the user that moved the data, so userspace restrictions do not work correctly then. When you turn this option on the program will set the owner for all directories and files. This can take a very long time depending on the number of files on the server. If you are using MassUser to copy the data and set the home-directories, in most cases it is best to turn this option off because of the time concern. Once the data has been copied run the program again with this option turned on and it will go back through and set the new owner.

sample settings:

* Select the correct "selection" context/group......
* Check Home directories (is default)
* Select repair home directory
* select Use HomeAttr in NDS for creation Homedir.
* check Do not create directory
* Uncheck the Set trustee rights and directory attribute. (default is checked)
* do not check set userspace and directory quota's (is default)
* check Set Owner.

5.2. Create default home directory.

Select the directory where the program can find the default directory structure. This can be local or the network. See also the free program defstruct on the website and its configuration for more information.

5.3. Set UserSpace Restrictions and/or DirectoryQuota's tab.


On this tab-page you can set the UserSpace restrictions or DiskQuota's. For both options the same conditions are available.


Image

5.3.1. Conditions

- `Fixed value' - all home directories get the same Userspace Restriction or DiskQuota.
- `Set if user has no space restriction set' or `Set if no DirectorySPace restriction is set on homedirecotry' - The program will only set restrictions for users who currently have no restrictions set.
- 'Minimum value unless, all users with a Userspace Rest or Diskquota smaller than the value given, will be set to the value. All users without a restriction/quota or larger value will be left alone.
- `Value is minimum free space' - all users that have a smaller free space, will be modified. If user has no space restriction, then the request is ignored!
- Add value - adds to all restrictions/quotas the given value if max is left blank. You can restrict the restrictions/quota's to a max-value, fill in the value in KB. If a user has no restriction or already has more than the max-value, its restriction will not be modified. By entering a negative number, the userspace restrictions are reduced. Note: No check is done for users using more than they have!
-

5.3.2. Use value from CSV-file

If you have selected a CFL/CSV selection file, you can also use this file for setting the userspace restrictions. All conditions above are valid, only the value used is read from the CSV-file. The max-value cannot be set by the CSV-file, you can leave the value-field blank.

If you want to remove a Userspace restriction or DiskQuota, enter the value 0 (zero).

(For users of versions before 2.14, you now have to enter 0 to remove these restrictions, leaving it blank for deleting restrictions is no longer allowed).
Fill in the amount in KB (multiple of 4Kb).

 

Image

WARNING

Be careful if you set a lot of DirectoryQuotas on a NSS-volume which currently did not have Direcotry Quotas set. This can cause the server to become very slow if there are a lot of subdirectories in the home directories. In this situation it is best to select fewer users at once, and give the server time to process the DirectoryQuota set option. This should be resolved in Netware 6.5.

5.3.3. Delay after set

For the problem above there is an extra option on the User/Dir space tab. If you turn on this setting you can specify how long the program should wait after setting a userspace restriction or directory space limit. The program will wait after every user it updates.

5.4. Apple/Posix

Only available in MassUser and if the schema contains the correct classes.


Image
Here you can define how the program should create/modify the apple and poisx homedirectory.
For the apple and posix homedirectory the simular rules apply for the definition of the homedirectory. The program can not copy/move apple/posix homedirectory data, it can only set the new location!.

Only if user has apple extention (otherwise add class if needed).

The apple-homedirecotry information is stored in an auxiliary class that is added to the user object. The program can add this auxiliary class automatically (with default empty mandatory attributes), or you can skip any user object that does not have an auxiliary class attached to it.
For Posix the program will always add the auxiliary class, This class will also be added if you add the Apple class

5.5. Delete Home directories

Image

5.5.1. Clear homedirectory only.

The homedirectory isn't actually deleted, the directory is only cleared. Any file/directory is deleted even if the file/directory is readonly, delete inhibit.

Image

5.5.2. Delete User acoount too

This option is only available in Homes.exe in MassUser use the User main-tab and select delete action.
Note: The program will not delete any Groupwise account. Be sure there are no other dependencies on the user object. This can be a very dangerous option. The program will warn you if you try to delete more than 10 users at the same time. (note option is not supported in version 3.02).

confirmation will be supported in the future.

5.6. Copy/Move Home directories

The program can copy the home directories of the user(s) to another location. You can copy the files onto the same server or over to another server in the same tree. The copy function will use the long-names for the copy. The DOS-names aren't preserved, so if you have applications that uses the dos-names it may be a problem! The copy option has 6 additional settings on an additional sub-tab page:

- verify data after copy, this will slow-down the copy action dramatically.
- delete after copy, it is actually a move action.
- attributes, if checked the program will also copy the attributes like modifier, creation date etc.
- trustee, if checked the program will copy the trustee assignments.
- Always/Newer, if always is selected, the files are copied even if the file already exists. If newer is selected, only newer or non-existent files are copied.

The program will use the Home Directory attribute of the user as the source and depending on the settings it will use the csv-file/ldif-file information or the given value for the destination (or mappingfile). The program checks to see that source and destination aren't the same, if it didn't in combination with "delete after copy" this could be dissaterous for your data. (since everything would be gone!!).
Warning: There is no test for directory overlap, so don't make the destination a subdirectory of the source or the source a subdirectory of the destination, since this will result in a "endless" loop and it will fill-up the volume.


If "set Owner" is selected, then the creator (=owner) attribute of all directories and files are set to the user of the home directory, even if attributes aren't selected.
The situation "delete after copy" checked, and "do not set home directory attribute" checked will cause a problem, because the home directory attribute of the user points to a non-existent directory.
Any file that couldn't be copied for some reason will not be deleted even if the option "delete after copy" is set!
Warning: The program doesn't check to see if there is enough space to copy, make sure there is enough disk-space and there are no restriction set or that these are sufficient!
This version will only copy the file-data and optionally the (DOS) attributes and Trustees. Mac and NFS information is not copied!
From version 2.19 and up:
After the copy, the program will apply any userspace or directory quota restictions if they are set.
The option "Set Trustee and Directory Attributes" is also processed in this version.

5.7. Find Obsolete directories.

The program first collects all the home directory attributes of the selection. It will then read all the subdirectories given by "Use volume/path selection from below". The program will match the subdirectories with the collected home directory attributes. The program can match home directory definition where the "path" part start with "\":, "\\" or no slash.

On the tab Obsolete, it is possible to select the option "Delete Obsolete Directories". The program will delete the directories that belong to nobody. (In the next version the program will also look at trustees!)
If the option confirmation is selected the program will find the obsolete directories and will show the list. Select all the directories that must be delete and select the button on the right (cross). The green/red checkmark wil select/unselect all directories. The "leave" button is leave this screen and the directories are not deleted.
The option export is not supported yet., and there will be an option for excluding directories in the furture.
Image

5.8. Check home directory attribute.

The program will do three checks. First it will check for the existence of the home directory attribute. Then it will look for "multiple" users of the same home directory (two users have the same home directory). Finally it will check for the existence of the directory.

5.9. Show Home directory UserSpace/DirectoryQuota (MassUser)

The program shows a new window:


Image
You can sort on any column by clicking on the column header. If you want to save the information in a CSV-file, select save. At this point another window will appear where you can select what information you want to save:
Image


You can select which column you want to export. If you check Header line, the program puts a header line in the CSV-file.

If you select Username and User Context and Volume Limit or Directory Quota then the program can also create a CFL-file. You can use the combination of the CFL/CSV-file for updating the UserSpace restriction or Directory Quota.

You have to give the csv-file a name to save as.

5.10. Mapping File (Homes and MassUser)

If there is a one to one relation ship between a context (subtree) and the location of the homedirectory, then a mappingfile can define the relationship. In MassUser the mappingfile can also define the relationship for a posixAccount homeDirectory and apple-homedirectory.

5.11. Read homedir from disk and compair character case

 

Image

 

Sometimes the character case in the eDirectory and the filesystem aren't the same. On Windows/Netware this is not a problem, but if you are using apple and/or unox/linux this will be a problem Sometimes you want to "normalize" the character cases of the homedirectories. There are 5 selection options and 2 extra repair/fix options
.

Update Directory

The program will read the path from the homedirectory attribute, if the case is different, then the path name on het filesystem is updated

Update NDS

The program reads the path name from the filesystem and will update the eDirectory-homedirectory attribute if different

Force Capitals

This will force the user directory to uppercase, and will update the filesystem and eDirectory

Force Lowercase, cap first

This will force the user directory to lowercase, and will then force the first given number of characters to uppercase. 0 will lead to all lowercase. After that it will update the file-system and homeDirectory attribute.

Just cjeck below

This will only do the two other repairs/fixes that are available



Remove trailing space

Sometimes there is a trailing space added to the homedirectory path in the eDirectory (most common due to LDIF import). This is not a problem for windows and the MAP.exe, but not all applications remove this space
If checked, then the program will remove the space

Normalize slashes

It is pefectly legal to use a / of \ in a path definition for homeDirectories in the eDirectory. This option will replace any / to \ in the path definition of the homedirectory attribute in the eDirectory.

5.12. Check unique posix home directory/Check unique apple home directory.

The program will check all the posix or apple homedirectories of the current user selection. The program will report any non-unique directories. There are no additonal settings. This option will only be available if the schema does contain the correct classes.

5.13. on operation, only mapping for extra dir.

If you do want to use the mapping option in combiantion with the extradir, and you don't want to change anything to the users homedirectory, you can select this option. This will enable the mapping option on the ExtraDir main tab and enabled the mapping sub-tab, so you can set the extradir option there.

5.14. Homedirectory from selection file.

to do...

5.15. Homedirectory mapping

This is an option to make the homedirectory mapping conditional on the context where the user object is located in the eDirectory. There is also an extra option where (some part of the) name also definies the homedirecotry path.


First select the mapping file of create a new file (N-button).

5.15.1. Query user tab


Image

This option is only used in combination the the apple/posix options. For just a netware homedirectory you can skip the page (uncheck Attribute query).
On the user query tab you can select with attribute used be used for the query (cn or uniqueid). Then where to look in the attribute value (starts with, contains or ends with)

Fill in the edit window on the right the string to look for then a "=" and then at least two values seperated with a comma, the first value is the GID?? and the second value can be use for substitution in the Apple/Posix path definitions. You can give more values and use those for substitutions. This all is setup for a large primary school.

5.15.2. OU-Mapping tab


Image

On the OU-mapping tab, there are 4 buttons at the bottom.

- Edit (or dubble click a line)
- Add: Creates a new line
- Del: removes the selected line
- Save: saves the mappingfile


On edit and new the program will show the following window:

 

Image

 

First give the context where this mapping must be applied.
Fill in for the different options the correct directory path. Apple and Posix will only be enabled if the schema contains the corrrect classes. Extra in this option is that you can overwrite the global setting for the userdirectoryname. (default cn). Here you can select also the UID (uniqueID). For extra directory there also an option for using an other attribute, you have to set the attribute name on the extra-directory main-tab (for all context you have to use the same attribute).
There are a few extra character sequences you cna use in the path definitions:

%a1,%a2, %a3. %a4, %a5

The program will take the 1 to 5 first character of the user (CN or UID) and replace the %ax with the characters. This can be usefull if you want to put all the users with the same starting character into a subdir.
e.g. somepath\%a1
all users starting with a will be created in somepath\a\username and all starting with k in somepath\k\username

%nn

This is a special situation, %nn will be replaced by the username, but the program will not add the username at the end of the path anymore. This can be usefull if you want to create a path like somepath\username\somedir
define somepath\%nn\hdir.
e,g,
user booj will give somepath\booj\hdir as the homedirectory.

*w1* ...*w<nr>*

This is used in combination with the user query option., w1 is the second value after the = entered on the user query tab. If you did give more values you can use *w2* etc

For Posix there is also an option the set the GID. uitzoeken

See also "Extra options for path definitions" for more complex mapping functions.

5.16. Regular expressions (massuser)

 

Image

The program supports regular expressions based on the full user name (untyped) or commonname.,


Depending on the selection for regular expression some or all the options above are enabled. Here you can select which attribute to use for the regual expression and if you want the user context too for the expression (so you can create "context" sensative mappings)
For every enabled option (netware/apple/posix) you have to give the expression rules.
In the sample below, all users with there names starting with a A until K have there homedirectory on volumeAK and L until Z on volumeLZ. On the general tab the add context settings is unchecked and on the netware tab the following two expression rules are entered. Because regualr expressions are case sensative, there is a check on lowercase and uppercase characters. For the template you have to give the UNC-path. Because a \ has a special meaning in regualr expressions you have to give a double backslash.for every \ you want to enter. (so you need to give 4 \'s in from of the servername 2 between de servername and volume and two between de volume and path. If there are extra subdirectories don't forget to give the extra \.
Image
On edit or dubble click a line and add the program will show:
Image
Enter the expression and enter the "template".
Warning: at the moment the program can't handle a = in the expression and/or template!
On the test tab, you cantest your expressions.
Image
Give the username in the edit box above the Test-button. Press test and the program will show you the result. If there is no match then the program will show an empty result. So you know that your expression isn't correct or you need to add an extra expression.
The program wil evalutate the expressions from top to bottom until it find a match. You can change the order of the expressions with the two blue arrow's on the left. So you can add new exceptions to your rule set and place them at the correct level.
See also chaper Regular expressions, there is a complete overview of the regular expressions and there are a few more samples what you can do.

5.17. Extra options path definitions

In the path part definition of a homedirectory you can use the following special character sequences.

%a1,%a2, %a3. %a4, %a5

The program will take the 1 to 5 first character of the user (CN) and replace the %ax with the characters. This can be usefull if you want to put all the users with the same starting character into a subdir.
e.g. somepath\%a1
all users starting with a will be created in somepath\a\username and all starting with k in somepath\k\username

%nn

This is a special situation, %nn will be replaced by the username, but the program will not add the username at the end of the path anymore. This can be usefull if you want to create a path like somepath\username\somedir
define somepath\%nn\hdir.
e,g,
user booj will give somepath\booj\hdir as the homedirectory.


It is also possible to add some more advanced options in the path definitions. This can also be used in combination with mapping and regular expressions.

%value(attributename)

copy of the first** value of the given attribute of the current user

%substr(attributename,start,length)

a substring of the first value of the attribute (see below)

%strstr(attributename,length)

the first (length) number of characters of the first value of the attribute

%endstr(attributename,length)

the last (length) number of characters of the first value of the attribute


** If a multivalued attribute is given, then the program will only use the first value. It is possible that the eDirectory gives different first values on different runs of the program!

Substr

The program will copy length number of characters from the value of the attribute starting at the given (start) position. The first position character of the value is 1 (one). If there are less character than length in the value form start to end, then the resturned value is shorter than length and is equal to all characters from the start position to the end of the value. If the start position is beyond the end of the value-string then nothing is returned!