Enhancements to NetWare FTP user searching

(Last modified: 14Mar2006)

This document (10072649) is provided subject to the disclaimer at the end of this document.

goal

Enhancements to NetWare FTP user searching

fact

Novell NetWare 6.5

Novell NetWare 6.0

Novell NetWare 5.1

Novell FTP Services

Novell NWFTPD.NLM

SYS:ETC\FTPSERV.CFG

symptom

FTP users don't want to have to type their full context when logging in.

cause

The NetWare FTP Server was originally designed to use catalog services for contextless login.  However, catalog services was quickly discontinued, so other methods became necessary.

fix

Use the SEARCH_LIST parameter in FTPSERV.CFG.

This list should be populated with fully distinguished contexts.  This means each must begin with a leading dot.  Multiple contexts should be separated by commas, but no spaces.  The SEARCH_LIST field in SYS:ETC\FTPSERV.CFG has a limitation in that the length of this string including the commas should not exceed 2048 bytes or 30 containers.

For example:
SEARCH_LIST=.development.novell,.accounting.novell

Originally, this list was designed to do "flat searches," which means the listed contexts were searched, but their subcontainers were not searched.  The list could easily grow quite long and run up against the size limitations.  In NetWare 6.5 SP5 (OES NetWare SP2) the search list was enhanced to allow subtree searching, provided certain pre-requisites are met (described further below).  Where this is desired, add a :s (colon-s) to the list.

For example:
SEARCH_LIST=.development.novell:s,.accounting.novell

The above example searches .development.novell and all it's subcontainers.  Then it searches .accounting.novell as a flat search.


Pre-Requisites for Subtree searching

Although the SEARCH_LIST is available on NetWare 5.1 and later, subtree searching is only supported on NetWare 6.5 SP5 and later (OES NetWare SP2 and later).

The subtree search depends upon functionality of NDSILIB.NLM, which needs to be loaded and properly initialized before NWFTPD loads (sometimes in FTPSTART.NCF).  NDSILIB can be loaded in AUTOEXEC.NCF or in FTPSTART.NCF.  It also gets loaded (or auto-loaded) during execution of NFSSTART.NCF and GYSTART.NCF.  This NLM is a eDir search library developed initially for the NetWare NFS products.  It must log into eDirectory as a user name "NFAUUser" in order to do the searches.  This user and the schema it depends upon should have been set up during NetWare 6.5 installation.

To check whether NWFTPD.NLM is able to use NDSILIB.NLM, look in the SYS:ETC\FTPD.LOG.  If there is a problem, then while NWFTPD loads and initializes it will log the message, "Sub-tree Search function(s) are not available in the system, working with context level search."

If this error is logged, unload NWFTPD, make sure NDSILIB.NLM is loaded, then load NWFTPD (or FTPSTART.NCF) again.

If the problem persists, check for error messages that occurred when NDSIILIB.NLM loads.  This can be checked in the logger screen after boot up.  If the logger screen no longer holds the messages from boot, NDSILIB can be unloaded and reloaded, but this will require that all services depending on it be stopped temporarily.  The following sequence can be used at the console prompt:

UNLOAD NWFTPD
GYSTOP.NCF
NFSSTOP.NCF
UNLOAD NDSILIB (This was probably already unloaded by the above commands, but do this as insurance.)
NDSILIB
(Switch to the logger screen and check for errors.  If there are errors, search for them in Novell's knowledgebase.)
NFSSTART.NCF (optional, if NFS Server is being used)
GYSTART.NCF (optional, if NFS Gateway is being used)
FTPSTART.NCF (or load NWFTPD)


Methodologies to be aware of:

Keep in mind that NWFTPD will search it's default context before it uses the search list.  The DEFAULT_FTP_CONTEXT can be set in sys:etc\ftpserv.cfg.  If not set there, NWFTPD will use the server's first bindery context, if it has been set.  Otherwise, it will use the NCP Server Object's context.

If a context is listed twice, first as a flat search and then as a subtree search, it will be searched twice.  This allows an administrator to specific a "most likely" user context for a quick search, and potentially avoid too many time-consuming subtree searches.  Conversely, if a context is listed twice, first as a subtree search and then as a flat search, it will be searched only once, as part of the subtree search.

To see how NWFTPD is interpreting the SEARCH_LIST value set in sys:etc\ftpserv.cfg, check the sys:etc\ftpd.log file.  Find the last occurrence of "Search List modified".  Differences between this and the value specified in ftpserv.cfg should be due to either redundancies or failure of NDSILIB.NLM.

.

document

Document Title: Enhancements to NetWare FTP user searching
Document ID: 10072649
Solution ID: NOVL80879
Creation Date: 18Jul2002
Modified Date: 14Mar2006
Novell Product Class:NetWare
Web Services

disclaimer

The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.