2/9/2021
`
`An Introduction to NetWare Directory Services
`
`Novell is now a part of Micro Focus
`
`LOGIN
`
`United States, Eng/ish
`
`CHAHGE
`
`Products
`
`Services & Support
`
`Partners
`
`Communities
`
`About Us
`
`Ho w to Buy
`
`Search
`
`An Introduction to NetWare Directory
`Services
`
`Articles and Tips: artide
`
`GAMAL B. HERSON
`Senior Technical Ed~or
`Systems Research
`
`01 Apr 1993
`
`Support Home
`
`Download
`Help yourself
`let us help
`
`Contribute
`
`CUstomer Center
`
`Netware Directory Services (NOS) is a globally distributed network database that replaces the bildery used in previous
`versions of Netware. This AppNote introduces the basic concepts behind NOS, discussing NOS objects and properties and
`telling hoW Root, Container, and leaf objects form the Directory tree. t also explains about NOS partitions and replicas,
`bindery cornpatibil~. and time synchronization.
`
`~ Introduction
`-+ OvefView of Netware Directory Services
`-+ NOS Objects
`-+ How Objects Form the Directory Tree
`-+ Managing the NOS Database
`~ Bindery Compatibility
`-+ Network Time Synchronization
`~ To Plan Your Tree
`
`Introduction
`
`The most noticeable new feature of Netware 4.0 is its globally distributed Directory. NetWare Directory Sefvices (NOS) is
`more than just a global naming service; ~ also provides an easily managed and more secure network environment. With NOS,
`~ is now possible to integrate a diverse network of resources into a single, easy-t<HJse environment.
`
`Note The term "Directory" (with a capital D) refers specifically to the global, distributed database provided in NetWare 4.0.
`The NOS Directory is different from the file system directory and ~s structure.
`
`This AppNote introduces the basic concepts behind Netware Directory Services. Alter giving a quick ovefview of NOS, it
`discusses NOS objects and properties and explains how these objects form the Directory tree. t also explains about NOS
`partitions and repi cas, bindery compatibiley, and time synchronization.
`
`The next AppNote in this issue builds on these ooncepts and provides guidelines for planning your own Directory tree. H also
`gives detailed examples of settilg up a small, medium-sized, and large Directory tree.
`
`Overview of NetWare Directory Services
`
`Netware Directory Services is a global, distributed, and replicated database. As part of Netware 4 0, NOS maintains
`information about all network resources (users, groups, servers, volumes, printers, and so on) i1 a hierarchical tree structure.
`Network resources can be organized in the tree independent of their physical location. Thus network users can access any
`network resource they have rights to, ~t having to know the exact location of that resource.
`
`The Directory replaces the Netware bindery, which served as the system database for previous versions of Netware. Rather
`than supporting a single server (as the bindery did), NOS supports an entire network of servers. Distributing the network
`database allows all servers to easily access all network information. tt also allows the database to be replicated, thus
`minimizing the risK of a silgle point of failure.
`
`Netware 4.0 provides compatibility~ bildery-based versions of Netware through the bindery emulation feature of NOS.
`
`NOS is based on parts of the CCITT X.500 standard. By nof locKing NOS stricUy into this proposed standard, Novell allows for
`future expansion of the Directory and of the possible services ~ can provide.
`
`Network-Wide login
`
`With NOS, users no longer need to logil or attach to specific servers. Instead, they can login to the netwo/'lc. For example, a
`user could log in to the network by typing:
`
`llOGIN GHERBON
`
`instead of
`
`llOGIN servername/GHERBON
`
`Once logged in to the network, users can access any service or resource they have rights to, without having to expliciUy login
`or attach to other servers. The users will be transparenUy attached to the server on Which the specified service resides. NOS
`handles all of the address resolution issues in the bacKground, so users are shielded from the cornplexey of having to
`
`Micro Focus uses cookies to ensure you get the best possible online experience.
`
`~ .... _____ .....
`
`Continue
`
`)
`
`https://support.novell.corn/techcenter/artides/ana19930402.htrnl
`
`1/14
`
`RingCentral Ex-1018, p. 1
`RingCentral v. Estech
`IPR2021-00574
`
`

`

`2/9/2021
`
`An Introduction to NetWare Directory Services
`
`Authentication
`
`In NetWare 4.0, users' access to networ1< resources is restricted by the rights they are assigned in the Directory. When a user
`accesses networ1< resources (such as servers, volumes, and printers), authentication occurs in the background. The
`aUthentication process verifies that the user has sufficient rights to use the requested resource.
`
`The network-wide login and background aUthentication that NOS provides effectively locks out unauthorized users and makes
`using the networ1< and accessing resources easier for authorized users. Users need o~y one password to gain access to all
`network resources available to them. Of course, the available resources w~l be i mned to those the user has been granted
`rights to.
`
`A New Mindset
`
`For years, NetWare has relied on the bindery to store and provide al informatiion necessary for the operating system and
`applicatiions. The bindery contailed information about users and groups, valid passwords, rights, attached printers, and other
`network resources. However, adding new users to a server (or especially to several servers) was a tedious, time-consuming
`process.
`
`If you use NOS with NetWare 4.0, you have at your disposal a powerful yet easy-t~se computilg environmen~
`complemented by enhanced secumy and network management capabilities. However, before you can simplify network
`admilistration through the use of NOS, you need to adjust to a completely new mindset. You need to view the network as a
`unified informatiion system rather than a fragmented collection of computers. This new mindset will take some getting used to,
`but n will make enterprise networ1<ing feasible and desirable -even among those from the mainframe world who have argued
`against the use of PC-based networks.
`
`NOS provides for easier management of the networ1< resources listed in the Directory. However, it is important to remember
`that the Directory does not directly control the NetWare file system (volumes, directories, and files). NetWare 4.0 provides
`text-based and graphical utilities to manage both NOS and the file system.
`
`NOS Objects
`
`The NOS Directory tree is formed by placing "objects• in a hierarchical tree structure. NOS objects consist of categories of
`informatiion, known as properoes, and the data included in those properties. This informatiion is stored in the Directory
`database.
`
`The NOS database can contain three types of objects:
`
`Physical objects (such as users and printers)
`
`logical objects (such as groups and print queues)
`
`Other objects (such as Organizatiional Units) designed to help organize and manage the physical and logical objects
`
`It is important to understand that NOS objects are structures that store informatiion, not the actual entity represented by the
`object. For example, a Printer object stores informatiion about a specific printer and helps manage how the printer is used, but
`n is nol the physical printer nself.
`
`Object Properties
`
`As mentiioned above, properties are categories of information stored in the database for NOS objects. Each NOS object has
`properties that contain information about that object. For example, this information may include a use(s telephone number
`and physical address, or the physicallocatiion of a printer.
`
`You enter the informatiion, or values, about the object into data fields for each property. For example, a User object includes
`the foaowing properties:
`
`login Name
`
`Telephone Number
`
`E-mail Address
`
`Password Restrictiions
`
`Group Membership
`
`Address
`
`And others ..
`
`Figure 1 shoWs the relationship between objects, properties, and values.
`
`Figure 1: An NOS object (such as a user) oonsists of numerous properties with corresponding values.
`
`Object Property
`
`Value
`
`User
`
`login NameEMaiiAddressTe!ephone
`Number Address
`
`GHerbonGHerbon@INove!l800-555-43211230ak StreetAnywhere,
`USAxxxx
`
`In many cases, you can enter more than one value for a property. An example is the Telephone Number property for User
`objects. In this property, you can enter values for a use(s office phone number, home phone number, cellular phone number,
`and pager number.
`
`Once the valUes are entered in the object properties, you can perform a search for objects with specific values. For example,
`if you request informatiion that specifies a certain area code, the Directory database could return all telephone numbers that
`contained the specified area code in their properties.
`
`You can also request informatiion on a specific object and receive information on all properties of that object which you have
`access to.
`
`Micro Focus uses cookies to ensure you get the best possible online experience.
`
`~ .... _____ _.
`
`Continue
`
`)
`
`https://support.novell.corn/techcenter/artides/ana19930402.htrnl
`
`2/14
`
`RingCentral Ex-1018, p. 2
`RingCentral v. Estech
`IPR2021-00574
`
`

`

`2/9/2021
`
`An Introduction to NetWare Directory Services
`
`File system file rights
`
`NOS object rights
`
`NOS property rights
`
`Previous versions of NetWare had file system directory and file rights, and very limned "access levels" to bindery objects.
`Netware 4.0 adds NOS object and NOS property rights, which determine What you can do within the Directory. For brevity,
`we'll simply call these object and property rights. Since this AppNole deals only wnh NOS, we won1 discuss file system rights
`here.
`
`The concepts about NOS object and property rights summarized here are discussed in greater deta# in the "Understanding
`Directory Selvices Rights• AppNote in this issue.
`
`Because the Directory is a hierarchical tree structure, rights assigned in the Directory flow doWn through the tree. This is an
`important concept to understand When you are designing your Directory tree.
`
`To provide better access control to the pieces of information (properties) contained in NOS objects, object and property rights
`are assigned separately.
`
`Object rights control what a trustee is allowed to do wnh the object. These rights include Browse, Create, Delete,
`Rename, and Supervisor.
`
`Object rights control access to an NOS object as a single piece of the Directory tree, but they do not allow access to
`information stored wnhin that object (ns properties). The only exception is the Supervisor object right, Which applies to
`an objecfs properties as wei as to the object nse".
`Propefty rights control a trustee's access to information associated with the object ~n the object's properties). These
`rights inclUde Cofr4>are, Read, Wme, Add or Delete Se", and Supervisor.
`
`Property rights apply only to NOS object properties, not to the objects themselves. For example, if you include a
`telephone number as a property fora User object, you can prevent anyone else from seeing the specified telephone
`number by not granting them the Read right to that particular property. AI the same time, you can still alloW the person
`to view other properties, such as the user's address. This alloWs flexibilijy in deciding What information others can
`access.
`
`Access Control list The information about Who can access object information is stored in the object nself, in a property
`known as the Access Control list (ACL). The ACL property contains the trustee assignments and the Inherited Rights Filter
`(explained below).
`
`An object's ACL defines Which objects can access that object and ns properties. For example, an object listed in a Printer
`object's ACL is a trustee of that Printer object and therefore has some rights to the printer. To change the trustee's access to
`the Printer object, you would change the trustee's entry in the Printer object's ACL Only trustees wnh the Wme right for the
`ACL property can change the trustee assignments or the Inherited Rights Filter.
`
`Each object listed in an ACL can have different rights to that objecrs properties. For example, if ten users are listed in the
`Modem objecfs ACL as trustees, each of those ten users can have different rights to that Modem object and to ~s properties.
`However, in actual use, ~is likely that at least some of the users wil have the same rights (or at least similar rights) to the
`Modem and its properties.
`
`Inherited Rights Filter. WMe trustee assignments grant access to an object, the Inherited Rights Filter ( RF) prevents rights
`from automatically propagating from one object to another. In the Directory tree, an object can automatically receive, or
`"inherit," rights from ns parent objects. The IRF can be used to block any or all of these inherited rights so that no objects can
`receive them. Every object and property in the Directory can have an lnhemed Rights Filter.
`
`Effective Rights. The oornbination of inherited rights, trustee assignments in an ACL, and security eQUivalences are known
`as effective rights. An object's effective rights are What control ns access to another object and that objecfs properties.
`
`How Objects Form the Directory Tree
`
`NOS operates in a logical organization called the Directory tree. This is so named because objects are stored in a hierarchical
`tree structure. By time-honored oornputer science convention, this structure has the tree growing upside doWn starting with
`the [Roof) object at the top of the tree and branching doWnward.
`
`The Directory tree is made up of three types of objects:
`
`The [Root) object
`
`Container objects
`
`Leaf objects
`
`The [Roof) object is automatically placed at the top of the tree by the NetWare 4.0 installation program. Branches of the
`Directory tree consist of container objects and all of the objects they hold. These container objects can also contai'l other
`container objects. Leaf objects are at the ends of the branches and do not contain any other objects.
`
`Figure 2 illustrates how objects can be laid out to form the Directory tree.
`
`Figure 2: The Directory tree is formed by container objects and leaf objects branching doWn from the {Roof] object.
`
`Micro Focus uses cookies to ensure you get the best possible online experience.
`
`~ .... _____ _.
`
`Continue
`
`)
`
`https://support.novell.corn/techcenter/artides/ana19930402.htrnl
`
`3/14
`
`RingCentral Ex-1018, p. 3
`RingCentral v. Estech
`IPR2021-00574
`
`

`

`2/9/2021
`
`An Introduction to NetWare Directory Services
`
`[Root)
`
`,· --.-
`: Container
`Object
`I
`
`The sections which follow discuss the three types of objects in greater detail.
`
`[Root] Object
`
`The [Rool) object can only be created by the Netware 4 0 instal ation program, wtlich automatically places nat the top of the
`tree. The [Rooq object cannot be renamed or deleted.
`
`Note The [Root) object of a Directory tree should 1101 be confused wnh the root directory in the file system. In the file system,
`the root directory is the first directory on a volume. It bears no relation to the [Root) object of a Directory tree.
`
`The [Rool) object can have trustees, and the [Root) object trustees' rights flow doWn the tree. One example is the User object
`Admin, Wllich is created automatically during installation. By defaun, Admil receives a trustee assignment of Supervisor rights
`to the [Root) object of the Directory tree. This gives Admin all rights to all objects and properties in the tree, so that n can be
`used to initially log i1 and set up the tree.
`
`(For more information about Admin, refer fo the "User Object Admin' section tater in this AppNote.)
`
`The [Rool) object can also be a trustee. However, you should give careful consideration before makilg [Root) a trustee of
`another object If you do, every object in the tree has the same rights as the [Rooq object by virtue of ancestor inheritance. In
`effect, you will have made all users security equivalent to [Root).
`
`Container Objects
`
`Contailer objects hold (or contain) other Directory objects. Container objects are provided as a means of logically organizing
`all other objects in the Directory tree. Just as directories are used to group related files together in a file system, container
`objects are used to group related items in the Directory tree.
`
`There are two kinds of container objects: Organization and Organizational unn. These are explained below.
`
`Note The NOS Directory also supports Country and localny as container objects. In normal usage, however, these container
`objects should not be necessary as they can add unnecessary complexity to your Directory tree. For this reason, we do 1101
`cover these options.
`
`Organization (OJ. An Organization object helps you organize other objects in the Directory tree. n also alloWs you to set
`defauKs for User objects you create in the Organization container.
`
`You can use an Organization object to designate a company, a division of a company, a universny or college wnh various
`departments, or a department wnh several project teams.
`
`Important Use of the Organization object is mandatory. Every Di'ectory tree must contain at least one Organization object.
`Organization objects must be placed one level beloW the [Root) object.
`
`Organizational Unit (OU). An Organizational Unit object helps you to organize leaf objects in the Directory tree. t also allows
`you to set defaults in a login script, and create a user template for User objects you create in the Organizational Unit
`container.
`
`You can use an Organizational Unit object to designate a busiless unit withil a company, a department wnhin a division or
`univeristy, a project team wnhil a departmen~ and so on.
`
`Important Use of Organizational Unit objects is optional in a Directory tree. If used, Organizational unns must be placed one
`level beloW an Organization or another Organizational Unit.
`In the initial Netware 4.0 release, you cannot easily change the name of a container object once n is named. To avoid
`possille problems, you should carefully plan the names of your container objects before implementilg your Directory tree.
`
`leaf Objects
`
`Directory leaf objects are objects that do 1101 contain any other objects. These represent actual network entnies such as users,
`servers printers computers and so on. The sections below list and describe the different types of leaf objects available in
`
`Micro Focus uses cookies to ensure you get the best possible online experience.
`
`~ .... _____ .....
`
`Continue
`
`)
`
`https://support.novell.corn/techcenter/artides/ana19930402.html
`
`4/14
`
`RingCentral Ex-1018, p. 4
`RingCentral v. Estech
`IPR2021-00574
`
`

`

`2/9/2021
`
`An Introduction to NetWare Directory Services
`
`which includes default rights assignments. You can also define a USER_ TEMPLATE object to provide new users with defauH
`settilgs that you have already decided on.
`
`Users with Netware 4.0 workstations (those who use NOS rather than bindery emulation) can be created anywhere in the
`Directory tree. They must know their exact NOS context in order to log in. To make this easier, enter users' context in their
`workstation NET.CFG file when you install their Netware 4 0 workstations. This settilg automatically places them in the
`COITect context every time they login from their workstation.
`
`Users with non-4.0 workstations must be created in the container where the bindery emulation context is set for their pnmary
`server. Remember that bindery emulation is set (by default) for every NetWare 4 0 server that is installed. Non- 4 0 users do
`not need to know their context because they are logging in to a server rather than the Directory tree. (For more informatkJn,
`see 1t1e "Bindery Compa~bility" section of ltlis AppNote.)
`
`Group
`
`A Group object assigns a name to a list of User objects located anywhere in the Directory tree. Use a Group object when you
`want to assign rights to a group as a whole, rather than just individual users. The rights assigned to a Group object are
`granted to individual users who are members of the group, no matter where they are located i1 the Directory tree.
`
`Profile
`
`A Profile oiJject contains a profile script (a lype of login script). The Profile oiJject listed as a property i1 a User oiJject is
`executed when that User oiJjects logs i1 to the network. The Profile object is executed after the system login script, but before
`the user lorjn script.
`
`Create a Profile object for any set of users who need to share common login script commands, but who are not located in the
`same Directory container, or for any users Who are a subset of users in the same contailer.
`
`OrganizatkJnat Role
`
`An Organizational Role object defines a position or role within an organization. An example might be a department manager
`or vice president of sales, and so on. You can assign any User oiJject to be an occupant of the Organizational Role object.
`Any occupant receives the same rights that were granted to the Organizational Role oiJject.
`
`You create an Organizational Role oiJject to assign rights to a particular position in the organization where the person holdilg
`the position might change freQuently, while the actual responsibilities of the position do not change often. t can also be used
`when you have a job where you want different people to handle the same job at different times of the year.
`
`For ex<lfr4)le, suppose you wanted a Print Manager for the Sales department, but you do not want the same person to do the
`job for more than a one- month period. You could create an Organizational Role object called PRINT MANAGER and grant
`that object all object rights to the Printer, Print Queue, and Print Server objects i1 that part of the Directory tree. You might also
`grant the PRINT MANAGER object the property rights to the Print Job ConfiQUration property of users. This alloWs the PRINT
`MANAGER Organizational Role oiJject to manage all printing in the SALES container, without having to grant these rights to
`individual users.
`
`Server -Related Leaf Objects. The following leal objects are related to Netware servers and volumes.
`
`NetWare Server
`
`A Netware Server oiJject represents a server running Netware on your netwo11<. Whenever you install a server in the tree, a
`Netware Server object is automatically created.
`
`Use this oiJject to store information about the server i1 the NetWare Server oiJject's properties. This can include such
`information as the server's location on the wire, the server's physical location, what services the server provides, and so on.
`
`In addition to storing information about the NetWare server, this oiJject affects the netwo11< in that ~ is referred to by several
`other objects in the Directory. One example is the NOS Volume oiJject, which points to the Netware Server object to find a
`physical volume on the netwo11<. Another example is the Directory Map object, which points to the Netware Server object to
`find the file system directory it needs.
`
`The NetWare Server object is also used to tie the physical server on the netwo11< to the Directory tree. Without this oiJject you
`cannol access file systems that reside on the server's volumes.
`
`For ilformational purposes, you can also create Netware Server objects for servers not in the Directory tree (such as 3.11
`servers not in the tree).
`
`Volume
`
`A Volume oiJject represents a physical volume on the network. INSTALL automatically creates a Volume object for every
`physical volume on a server at installation time.
`
`In the Volume objecfs properties, you store information about which NetWare server the physical volume is located on, and
`the name given when the volume was initialized at installation (such as SYS). If you create a Volume object during installation,
`this necessary information is placed in the Volume objecfs properties by default.
`
`Properties i1 the Volume oiJject are also used for mapping drives.
`
`In the Netware Adm nistrator (GUI utility version), you can click on the Volume oiJject icon to display information about the file
`system directories and files located on that volume.
`
`Directory Map
`
`A Directory Map oiJject represents a particular directory path or file in the file system of a given server. This is currently used
`only by the MAP utility. Directory Map objects are especially useful in login scripts, because they can be set to point to
`directories that contain applications or other frequently used files.
`
`For ex<lfr4)le, if you have a directory that contains DR DOS 6.0, you will probably map a search drive to that directory in all
`login scripts you create. If you later decide to upgrade to a newer version of DR DOS and rename the directory, you have to
`change the mappilg in every login script that contains that search mappilg.
`
`By using the Directory Map object, you avoid the necessity of making all these login script changes. Instead, you just change
`the Directory Map object, and all the search mappings in your logil scripts are updated to find the new version automatically.
`
`Printer -Related Leaf Objects. The folloWing leaf oiJjects are related to NetWare's pnnt services. These objects are created
`and controlled using the Netware print uti ities.
`
`Print Queue
`
`A Print Queue object represents a print queue on the netwo11<. You must create a Print Queue oiJject for every pnnt queue on
`
`Micro Focus uses cookies to ensure you get the best possible online experience.
`
`~ .... _____ _.
`
`Continue
`
`)
`
`https://support.novell.corn/techcenter/artides/ana19930402.html
`
`5/14
`
`RingCentra l Ex-1018, p. 5
`RingCentral v. Estech
`IPR2021 -00574
`
`

`

`2/9/2021
`
`An Introduction to NetWare Directory Services
`
`The Printer oiJject represents a physical printing device on the network. You must create a Printer object for every printer on
`the network.
`
`Informational Leaf Objects. The folloWi"lg leaf objects have no effect on netwo11< operation; their sole purpose is to store
`information about netwol1< resources.
`
`AFPServer
`
`AFP Server represents an Apple Talk Fi ing Protocol (AFP}-based server on your NetWare networ1<. Currently, the AFP Server
`leaf object provides no functionality. t can onty be used to store information about the server, such as its network a<l<lress,
`operators, and users.
`
`If you have more than one AFP server on your netwo11< lhat you want to store information about, create a separate object for
`each one. For example, if you have three AFP servers on your network, you would aeate three separate leaf oiJjects (one for
`each server), which you might name AFP _ServerNamef, AFP _ServerName2, and AFP _ServerName3.
`
`Computer
`
`A Computer object represents a non-server computer on the network. This object can represent such things as a wor1<station
`or a router. Use this object to store information about the computer, such as its netwo11< a<l<lress, serial number, or even the
`person the computer is assigned to.
`
`Miscellaneous Leaf Objects. This section lists the remaining types of NOS leaf objects.
`
`Alias
`
`An Alias object refers to another object in the Directory tree and makes ~ appear as if the oiJject that it names actually exists
`in the Directory tree at the point where the Alias is created.
`
`Bindety Objed
`
`A Bildery Object represents a non-NOS object placed in the Directory tree by an upgrade or migration utility. H is used by
`NOS only to provide backward cornpatibijtly with bindery- oriented utijities.
`
`Bindety Queue
`
`A Bildery Queue object represents a non-NOS queue placed in the Directory tree by an upgrade or migration utility. It is used
`by NOS only to provide backward oornpatibility with bindery-oriented utilities.
`
`Unknown
`
`An Unknown object represents an NOS object that has been invai dated and cannot be identified as belonging to any of the
`other object classes.
`
`Possible Directory Tree Configurations
`
`In a Directory tree, you can place container oiJjects and leaf objects in different configurations acoording to what best suits
`your needs. Fogure 3 shoWs several possible configl.l"ations.
`
`Figure 3: Sample configurations for a Directory tree.
`
`~· 1'112.-tton
`
`I
`I
`
`C IQ.ii nl:z:.ttcn
`
`I
`I
`OIQ • na••on ••
`u no
`
`OIIQ•n•z.acn••
`uno
`
`O IIQ•nl;z.aon••
`u no
`
`You are not limited to using only one container oiJject in a Directory tree. Most Directory trees wm have at least several
`container oiJjects. Figure 4 shows a sample Directory tree with several container objects at each level of the tree.
`
`Figure 4: Sample Directory tree with mu/Uple container objeds at different levels.
`
`Micro Focus uses cookies to ensure you get the best possible online experience.
`
`~ .... _____ _.
`
`Continue
`
`)
`
`https://support.novell.corn/techcenter/artides/ana19930402.htrnl
`
`6/14
`
`RingCentral Ex-1018, p. 6
`RingCentral v. Estech
`IPR2021-00574
`
`

`

`2/9/2021
`
`An Introduction to NetWare Directory Services
`
`Organization
`
`I
`I
`
`I
`
`Organization
`
`I
`
`Organizational
`Unit
`
`Organizational
`Unit
`
`I
`
`Organizational
`Unit
`
`I
`
`Organ lzatlonal
`Unit
`
`Although you can have numerous container objects in a DirectQJY tree, you can have only one level of Organization objects.
`
`The number of levels of Organizational Un~ objects you can have is unlimited. However, consider carefully how many levels of
`container objects you need in your Directory tree. The number of levels you have can potentially affects how easily your users
`can login from locations other than their own computer. (This and other important considerations are discussed in the
`"Planning a NetWare 4.0 Directory Tree• AppNote in this issue.)
`
`Figure 5 summarizes What we have discussed so far about NOS objects and how they form the Directory tree.
`
`Figure 5: NOS Directory tree at a glance.
`
`-
`
`RaatObjecl
`
`¥ Autam•lk:"•lly p'-c"ed at lap of ltee
`¥ Cen"l be Ntna med or de .. led
`¥ C • n have ltu st . ... when• riehb
`f bw do wn lhe lt-
`
`VC~n bealrus~o f .anolherobjacl
`
`ConLiiine r Ob~ d
`
`¥ Holds other objects
`¥ UMd lo b;lc•lyoro•nlut • Uotn.r
`obJ-c-1• In 11'1« 11 . .
`
`¥ 0nC'IIIt n.amed, youe.annolc-h•niJCII
`its n. me easily
`
`¥ Ooas not have .a common n.ame
`. . . . ned
`
`¥ T w o m •ln type a:
`
`Oo~~g.a niz..allo n (0) 0 must tt.- .al
`k:.a sl one; c-.an ~e only o n e Seve I
`0 a~~g.an iz..aliarw~ luniil (OU} 0 oplian.al:
`c:.an h•w numerous lewis
`
`Le.afOb jac-l s
`
`¥ Oo not c:ont..ln • nyotherobject.
`¥ R•pre M nl.adual rosourc• s
`¥ Mosl h•ve .a common n.111me (CN)
`.as.~ ned
`
`¥ M.any type~:
`
`0 Volume a
`
`OUsoa rs
`
`0 Groups
`0 Prin ler•
`0 Pr.., lOueuea
`0 OireC'Ior y M.p
`
`I
`
`Micro Focus uses cookies to ensure you get the best possible online experience.
`
`~ .... _____ _.
`
`Continue
`
`)
`
`https://support.novell.corn/techcenter/artides/ana19930402.html
`
`7/14
`
`RingCentral Ex-1018, p. 7
`RingCentral v. Estech
`IPR2021-00574
`
`

`

`2/9/2021
`
`An Introduction to NetWare Directory Services
`In NOS, the term "contexr refers to your current location in the Directory tree. This context is ifr4l0rtant for the DirectOf)' to
`locate specified netwofk resources. Figure 6 shows some examples of DirectOf)' contexts.
`
`Figure 6: An objects Directory ron/Ext indicates its current location in the tree.
`
`O=Nr:>'IMII UO
`
`O UIIAOOCMintlnQ
`
`CN=MA.d.al f'
`
`C:N=RN~
`CN=RI....4Hr
`
`C::N""'-"
`a.. •oso•~
`eN ...........
`
`CN =vvt-br41ng
`(;N:OW•s.ttn
`
`""'"..._...
`
`0\I=~·"V
`CN=S.Jono-s:.
`
`The complete context, or path, from an object to the [Root] of the tree forms the objects complete name. Thus, in Figure 6,
`the complete name of leaf object "WHarding" in Organizational Untt ·sales PV" in Organizational u ntt · sales" in Organization
`"Novell us· would be denoted as:
`
`tHarding.Sales PV.Sales.Novell US
`
`The complete name of each object must be unique.
`
`The name context is also important when logging in. When you log in to the network, you automatically request aUthentication
`sefVices. Based on your current context and the login name you provide, authentication sefVices must find a User object that
`matches your user name. NOS can then use the property values associated wtth your object to validate your password and
`other user account res1Jictions you might have. When this process is successfully completed, you are aUthenticated as a valid
`network user and have full access to all netwofk resources you have access (through lights) to use.
`
`For more information about NOS context and logging in, see the "Using the DOS Requester with NetWare 4.0" AppNote in
`this issue.
`
`Common Names. Most leaf objects in the Directory will have a common name (CN). For User objects, the common name is
`the login name that is displayed in the DirectOf)' tree. For example,