NDS ACL List Copy



By: jimgoodall

July 17, 2009 9:45 am

Reads: 208

License:
Free

Download NDSACLcopy.zip

NDS ACL list copy is a VB6 tool I have written to automate the copy of large (or small!) trustee lists from one NDS object to another. (I am talking about NDS rights here – not file system rights)

Please be aware this application is written in VB6 (now unsupported by Microsoft) and utilizes the NDAP activex controls available here – http://developer.novell.com/wiki/index.php/ActiveX_NDAP_Controls (now unsupported by Novell) You should consider these facts before using this application in a production environment!

To use this tool:

  1. install it on a Windows Workstation with the Novell Client installed (tested on Windows XP SP2 with Novell Client 4.91 SP4, your mileage may vary!)
  2. launch the application
  3. select a source object (this is the object with the ACL you wish to copy)
  4. tailor the ACL list as required using the Remove Assignment button
  5. select a destination object – the ACL from the source object will be added to the destination objects ACL (existing assignments will remain, except where rights are being explicitly changed in the source ACL)
  6. apply the changes using the Apply button
  7. any errors generated will be written to the errors window, which can be subsequently viewed in notepad for ease of viewing.

Enjoy!

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Tags:
Categories: Cool Tools, eDirectory

Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment.  It just worked for at least one person, and perhaps it will be useful for you too.  Be sure to test in a non-production environment.

5 Comments

  1. By:geoffc

    Since you already have an interface and basic code done, any chance you might consider extending this into a generic attribute copier?

    I.e. Select a user and show the list of attrs, then copy everything selected?

    That would be a really nice GUI tool to have. Ya, i could do it in LDIF, but a UI has value too!

    • By:jimgoodall

      Sure I have most of that code to achieve this already written – my only concern here is that the tool you are talking about would be extremely powerful – it would be stunningly easy to do an awful lot of damage, very very quickly!! At least if you are doing it with LDIF you are not a “wet behind the ears” admin…

      I guess a few “are you really sure you want to do this” prompts would cover that….. along with a prompt to run an NDS backup and the telephone number for Novell Technical Support ;)

      • By:geoffc

        Jim,

        Heck ya! Do it man!

        This is America! We have the right to arm bears! We should be allowed to shoot ourselves in the foot as often as we want, and with automatic weapons too please!

        More seriously (assuming that last comment does not get this post rejected) I think it would be useful, and I would add a preference setting to turn off a warning box, that warns you about the potential issues.

        Like in DSRepair -a, where you Destroy Replica on this server, and you have to type “I agree” in the box, that warns you NTS will NOT bail you out on this one…

        Or on a BB when you want to wipe the device, you have to type “Blackeberry” to move on.

        You could require us to type “Arm the bears” to get past it too! That would be awesome! (Till the Ursine revolutionary party comes after you with a libel charge, and then the anti-Ursine Revolutionary group will try and have you charged under the Patriot Act for encouraging Ursine revanchism. I would take those odds! But then I am a strong supporter of the Ursine rights movement! Equal rights for bears, teddy, polar, brown, black, or grizzly! Though not Hippos! They are very dangerous animals!).

      • By:jimgoodall

        Geoff,

        Here in the UK we consider ourselves more civilized! We would not arm our bears even if we had them! Do Hippos count as bears?

        I have started throwing some code together, although what you are asking for is not as simple as it first sounds, as different attribute syntax require different methods of copy. May take a little while!!

        Maybe I should have a warning that caters for Bears with Arms (or Americans ;o) ) – an action button that will present a picture of Paddington Bear (Google him!) with an Uzzi 9mm in his hand and a smoking hole in his foot… I feel a photoshop moment coming on….

        Cheers

        Jim

  2. By:stephanedaniel

    What is the replacement for the Ndap control that is not supported? Because I have a problem when I want to change the trustee right to a directory that have an accent in it “\\vol1\coco\dédé” for exemple. It allways give me an General API error.

    I use visual basic 2005

Comment