Prevent users from accidentally dragging and dropping folders into other folders – OES11

Here is how to prevent that from happening.

1. Right click on the folder that you want to protect
2. Click on properties
3. Click on Netware Info tab
4. Put check mark on "Rename Inhibit" and "Delete inhibit"
5. Click on apply and OK

Also the command line can be used on OES11 server:

root# attrib /folder/protected_from_rename_delete_etc -s=ri,di

Copy data from NSS to NSS with rights

This command “migfiles” copy data from the NSS volume DATA01:SLX on the source server with the IP address to the tmp directory on the NSS volume DATA01 with verbose output:

root@nbsuse13:DATA01# migfiles -s -V DATA01:SLX -x /media/nss/DATA 01/tmp -i
Enter the username (e.g cn=admin,o=mycompany)
for the server cn=admin,ou=group,o=newbridge
Enter cn=admin,ou=group,o=newbridge password:
Enter the username (e.g root)
for the server : root
Enter root password:
Information: Source volume type is NSS
Information: Given destination path is NSS
Information: Copying /media/nss/DATA01/SLX/ to /media/nss/DATA01/tmp/
Information: Copying /media/nss/DATA01/SLX/a/ to /media/nss/DATA01/tmp/a/
Information: Copying /media/nss/DATA01/SLX/B/ to /media/nss/DATA01/tmp/B/

Cleaning up eDirectory.

Stop the ndsd daemon:

rcndsd stop

Delete the eDirectory configuration file and eDirectory instance file.:

rm -f /etc/opt/novell/eDirectory/conf/nds.conf
rm -f /etc/opt/novell/eDirectory/conf/.edir/instances.0

Delete the eDirectory database:

rm -rf /var/opt/novell/eDirectory/data/dib

Use iManager to delete all the objects from the eDirectory tree, and remove the server from the replica ring.

ConsoleOne – Unknown meaning for error number 0x6f.

The problem was that the login prompt comes up fine. I enter admin and the password, and then then returns: “Unknown meaning for error number 0x6f; Please call a Novell support provider”

Right now, it works. I have done quite a lot of config work on this box but I think it’s because IPV6 was enabled. Not absolutely sure but 99%. That was the last major change I made – ie disabling it.

SUSE/OES11 by default installs it.
Just simply type:
echo “alias net-pf-10 off” >> /etc/modprobe.conf.local
echo “alias ipv6 off” >> /etc/modprobe.conf.local


Edit /etc/sysctl.conf and add this line:
net.ipv6.conf.all.disable_ipv6 = 1


Edit /boot/grub/menu.lst with an editor and add the boot parameter


at the end of the respective line of the kernel-entries.

Also you can use address IP instead of a “tree” name, but this does not work with GroupWise.

Send an email via telnet.

To send an email via telnet just type:

root:~# telnet 25
220 Internet Agent 0.0.3
250 Ok
250 Ok
250 Ok
354 Enter mail, end with "." on a line by itself
ie, type your message or whatever

250 Ok
221 Closing transmission channel
Connection to host lost.

By the way, you will not see any AUTH listed when connecting and doing an ehlo. In addition any attempt to auth will be met with the error:

035.5.1 Error: authentication not enabled

It will not display options for smtp authentication unless a TLS security is used to connect.

Try connecting with:

openssl s_client -connect localhost:25 -starttls smtp

Now you will see the 250-AUTH PLAIN LOGIN on ehlo and you will be able to auth.

When posting logs of the SASL negotiations to public lists, please keep in mind that username/password information is trivial to recover from the base64-encoded form.

You can use one of the following commands to generate base64 encoded authentication information:

Using a recent version of the bash shell:

echo -ne '00username00password' | openssl base64

Some other shells support similar syntax.

Using the printf command:

printf '%s%s' 'username' 'password' | openssl base64
printf '%s%s' 'username' 'password' | mmencode

The mmencode command is part of the metamail software.

root:~# openssl s_client -connect -starttls smtp

and the output:

Compression: 1 (zlib compression)
Start Time: 1373377800
Timeout : 300 (sec)
Verify return code: 18 (self signed certificate)
250 DSN

and then type:

250-SIZE 10240000
250 DSN

auth plain AGpvbGFudGEAam9sYW50YQ==
235 2.7.0 Authentication successful

SMTP Status Codes
You may notice along the way that after typing commands you see responses from the server starting with “250″. 250 is a good thing, and there are a lot of other SMTP status codes you’ll encounter the more you use this technique.
Continue reading “Send an email via telnet.”

How to browse the eDir using ldapsearch.

To browse the eDir use the Linux ldapsearch command:

ldapsearch -x -h "(objectclass=Person)" > all.text

Used filter “objectclass=Person” will out put all records of users to the all.text file

ldapsearch -x -h "(objectclass=Person)" uid fullname mail loginTime passwordEcpirationTime loginTime > selected.text

Used filter “objectclass=Person” and requested records “uid fullname mail loginTime passwordEcpirationTime loginTime” will out put just selected records of users to the selected.text file.

Accessing GroupWise User Accounts.

Is it possible to access someone’s account without user knowing? Yes, it is possible.
This is a easy way:

1. Go to ConsoleOne, right-click the user object then click Properties.
2. Click GroupWise > Account to display the Account page.
3. Fill out the field "LDAP-Authentication:", use an Account with a
known password i.E.
4. Click Ok/Apply

Now you can use the password from “cn=admin” to login as the user.

Mounting a NetWare volume on a Linux box

To mount a NetWare volume on a Linux box, the ncpfs must to be installed on a Linux box.
For a “rpm” distribution:

yum install ncpfs

For a “deb” distribution:

apt-get install ncpfs

then try mount the volume on the Linux box:

ncpmount -A -S name_of_netware_server -V volumin_to_mount -U username.context -P password /mnt

to add this to /etc/fstab please use the following:

nbcs_data_server/xxhr.genacc.ndsadmin /share/Shared/XXHR/EBSPROD ncp volume=data/Shared/XXHR/EBSPROD,uid=ebsprod,gid=dba,mode=660,owner=root,A=nbcs_gisdata_server,passwdfile=/etc/edirpass 0 0

and create an edirpass password file in /etc/edirpass

echo "nbcs_gisdata_server/xxhr.genacc.ndsadmin:password" >> /etc/edirpass