Novell is now a part of Micro Focus

Using Novell Beans for NetWare, how do you...

Articles and Tips: qna

01 Dec 2001


Q.

Using Novell Beans for NetWare, how do you go about setting user log-on time restrictions on an User object? I remember with ActiveX it was setting a few bytes. More specifically, the information I need to know is what data type the value is. I am able to see two values "Logon Time Restrictions Map_DATA" and "Logon Time Restrictions Map_Length."

What are these? I see that Map_Data is 255 characters long (it's mapped to SQL type varchar when using ODBC drivers), but do I set it with bytes or characters? Lastly, is there some type of Novell Bean data type (like NWValue, or NWTimeStamp) that I can use? Will I need to set that Map_Length as well?

A.

The "Login Allowed Time Map" is of data type NWValueOctet String. The data length is 84 bytes.

This is how it works:

  • The 84 byte string represents 7 days

  • 1 week: 84 chars

  • 1 day: 12 chars

  • 4 hours: 2 chars = 1 byte in hex representation

  • Each bit represents 30 minutes (0= No login, 1= Login OK).

Counting starts with Sunday 0am. Be aware that eDirectory is a global system and user attributes are stored once for the system. The values passed in must be adapted to your local time zone. In this case, you should get your time zone's offset from GMT and shift the login time values appropriately.

I will explain this further with the help of an example. Suppose we have set up the time restrictions for a user using the NWadmin or the Console One utility and from there we read the value for that user. Suppose the server return the following string that begins like this:

"00FF80 ..."

This is hex-representation; therefore the fragment represents following three bytes:

x0, xff (255), and x80 (128).

In bit representation, this sample appears as:

00000000 11111111 10000000

Each bit stands for a 30 minutes interval, with each byte representing 4 hours. The bit=0 means "Login denied" and bit=1 means "Login allowed." Hence, in our sample, our user may not login for the first 8*30min segments (i.e., Sunday 0:00am-3:59am GMT), then he's allowed to login for 9*30min segments (i.e., Sunday 4:00am-8:29am), and denied access for the next 3.5 hours until 11:59am.

From this example you can see that the first byte (8 bits) stands for the first 4 hours (in eight 30min-segments) of the week (i.e., Sunday 0:00am-3:59am). The 2nd byte then stands for Sunday 4:00am-7:59am), and accordingly, the 3rd byte stands for Sunday 8:00am-7:59am).

This whole calculation is without the time zone offset, but refers to GMT (Greenwich Mean Time). Let's now assume you live somewhere in the US and have GMT-8h as your time offset. The first byte of the attribute still stands for Sunday 0:00am-3:59am GMT, which in your case you need to convert that offset into your numbers by subtracting 8 hours (GMT-8h). Hence the first byte now stands for Sat 16:00-19:59h your local time.

* Originally published in Novell AppNotes

Disclaimer

The origin of this information may be internal or external to Novell. While Novell makes all reasonable efforts to verify this information, Novell does not make explicit or implied claims to its validity.

© Copyright Micro Focus or one of its affiliates