Each NetWare file server includes a small database called a bindery. The bindery is used by the file server to maintain information about various resources on the local network and to help administer network security. Novell's implementation of the bindery uses hidden files that are located in the SYS:SYSTEM directory. The number of hidden files varies with the particular version of NetWare.
Objects
The NetWare operating system maintains a list (in the bindery files) of all objects allowed to access the file server. NetWare also records information about each object. A bindery object can be a user, a user group, a file server, a print server, or any other named entity that might gain access to a file server. Each bindery object record consists of the following information:
| Offset | Content | Type |
|---|---|---|
| 0 | ObjectID | dword |
| 4 | ObjectType | word |
| 6 | ObjectName | byte [48] |
| 54 | ObjectFlag | byte |
| 55 | ObjectSecurity | byte |
| 56 | PropertiesFlag | byte |
Six fields in the object record (Object ID, Object Type, Object Name, Object Flag, Object Security, and Properties Flag) are essential elements of a bindery object. Each is explained below.
The NetWare operating system (not the programmer) assigns a 4-byte Object ID to an object. This number uniquely identifies the object within a particular file server's bindery.
The Object Type classifies an object as a user, a user group, a file server, and so on. The following is a list of well-known object types:
| Description | Object Type |
|---|---|
| WILD | FFFFh (-1) |
| UNKNOWN | 0000h |
| USER | 0001h |
| USER_GROUP | 0002h |
| PRINT_QUEUE | 0003h |
| FILE_SERVER | 0004h |
| JOB_SERVER | 0005h |
| GATEWAY | 0006h |
| PRINT_SERVER | 0007h |
| ARCHIVE_QUEUE | 0008h |
| ARCHIVE_SERVER | 0009h |
| JOB_QUEUE | 000Ah |
| ADMINISTRATION | 000Bh |
| NAS_SNA_GATEWAY | 0021h |
| REMOTE_BRIDGE_SERVER | 0024h |
| ADVERTISING_PRINT_SERVER | 0047h |
| *Reserved | 0000h to 8000h |
*Object Types with numbers up to and including 8000h are reserved by Novell. Companies that want to define a well-known object should contact Novell. Object Types with numbers above 8000h can be defined by developers and used by applications as needed.
The Object Name contains a 48-byte, null-terminated string. The name itself can be 1 to 47 characters long. Only printable characters can be used. An Object Name cannot include spaces or the following characters:
/ (slash) \ (backslash) : (colon) ; (semicolon) , (comma) * (asterisk) ? (question mark)
The Object Flag specifies whether the object is static (00h) or dynamic (01h). A static object exists in a bindery until an application explicitly deletes it with the Delete Bindery Object call. A dynamic object disappears from a file server's bindery when the file server is rebooted. (If an object is a service-advertising server, the object disappears from a bindery when the server ceases to advertise.)
The Object Security determines who can access the object. The low-order nibble determines who can read (scan for and find) the object. The high-order nibble determines who can write to (add properties to or delete properties from) the object. The following values are defined for each nibble:
| Value | Nibble | Definition |
| 0 | 0 0 0 0 | Anyone - Access is allowed to all clients, even if the client has not logged in to the server yet with Login Object (function 23, subfunction 20). |
| 1 | 0 0 0 1 | Logged (in) - Any client can access this object if the client has successfully logged in to the file server using Login Object (function 23, subfunction 20). |
| 2 | 0 0 1 0 | Object - A client can access this object only if the client has identified itself to the file server using the Login Object whose request message contained this object's name, type, and password. |
| 3 | 0 0 1 1 | Supervisor - A client can access this object only if the client has identified itself to the server with the Login Object whose request contained the name and password of the object supervisor or an equivalent object. |
| 4 | 0 1 0 0 | File Server - Only the file server is allowed access to this object. |
For example, an object with the Object Security set to 31h indicates that any user logged in to the file server can read (find) the object, but only the supervisor (or equivalent object) can write (add) a property to the object. This object is also referred to as a "logged read, supervisor write" object.
The Properties Flag indicates whether one or more properties are associated with the object as follows:
Properties and Values
Each bindery object might have one or more properties associated with it. For example, the object DAN (Object Type 0001h) might have the GROUPS_IM_IN, ACCOUNT_BALANCE, and PASSWORD properties associated with it. Note that GROUPS_IM_IN is not the name of a user group to which the object belongs. It is only the name of one category of information associated with that object. In the same way, ACCOUNT_BALANCE is not an actual numerical balance, and PASSWORD is not an actual password. Properties only identify categories of information associated with the object.
A property can have one or more values associated with it. A value associated with the property GROUPS_IM_IN must be the Object ID of a user group to which DAN belongs. The value of the property ACCOUNT_BALANCE must be user DAN's current balance. The value of the property PASSWORD must be DAN's login password.
Properties fall into one of the following two categories:
If a property is an item property, it has a value consisting of a 128-byte ASCII string. The properties ACCOUNT_BALANCE and PASSWORD are item properties. The value associated with ACCOUNT_BALANCE is a monetary balance contained in the first few bytes of the 128-byte string (zeros fill the remaining bytes). With versions of NetWare previous to NetWare v2.1, the value associated with PASSWORD contains a 1- to 128-byte password (zeros fill the remaining bytes). With NetWare v2.1 and above, PASSWORD contains an encrypted value.
Values of set properties are lists of Object IDs that are contained in one or more 128-byte segments, each segment containing between 1 and 32 Object IDs. Each Object ID is a dword (4 bytes). The GROUPS_IM_IN property is a set property. The 128-byte segment associated with GROUPS_IM_IN contains the Object IDs of 1 to 32 user groups to which (in our example) DAN belongs. The values of set properties are always Object IDs grouped into one or more 128-byte segments.
Each property record consists of the following information:
| Offset | Content | Type |
|---|---|---|
| 0 | PropertyName | byte [15] |
| 16 | PropertyFlags | byte |
| 17 | PropertySecurity | byte |
| 18 | ValuesFlag | byte |
Property Name can be from 1 to 15 characters long. Only printable characters can be used. A Property Name cannot include spaces or the following characters:
/ (slash) \ (backslash) : (colon) ; (semicolon) , (comma) * (asterisk) ? (question mark)
A list of well-known Property Names appears at the end of this section.
The Property Flags is a 1-byte field with two bits defined. Bit 0 is the static/dynamic flag defined as follows:
| 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | Definition |
|---|---|---|---|---|---|---|---|---|
| 0 | The property is static | |||||||
| 1 | The property is dynamic |
A static property exists until it is deleted with the Delete Bindery call. A dynamic property is flushed from the file server's bindery when the file server is rebooted.
Bit 1 is the item/set flag defined as follows:
| 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | Definition |
|---|---|---|---|---|---|---|---|---|
| 0 | The property is an item | |||||||
| 1 | The property is a set |
The bindery process interprets the value of an item property as a 128-byte string. The bindery process interprets the value of a set property as a series of Object ID numbers, each 4 bytes long. For example, the following bit combination indicates a set property that is static:
| 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
|---|---|---|---|---|---|---|---|
| 1 | 0 |
Property Security determines who can access the property. The low-order nibble determines who can scan for and find the property. The high-order nibble determines who can add value(s) to the property. The following values are defined for each nibble:
| Value | Nibble | Definition |
|---|---|---|
| 0 | 0 0 0 0 | Anyone - Access is allowed to all clients, even if the client has not yet logged in to the server with Login Object (function 23, subfunction 20). |
| 1 | 0 0 0 1 | Logged (in) - Any client can access this object if the client has successfully logged in to the file server using Login Object (function 23, subfunction 20). |
| 2 | 0 0 1 0 | Object - A client can access this object only if the client has identified itself to the file server using the Login Object whose request message contained this object's name, type, and password. |
| 3 | 0 0 1 1 | Supervisor - A client can access this object only if the client has identified itself to the server with the Login Object whose request contained the name and password of the object supervisor or an equivalent object. |
| 4 | 0 1 0 0 | File Server - Only the file server is allowed access to this object. |
For example, 31h indicates that any user logged in to the file server can find and read the property, but only the supervisor can add value(s) to or change the property. This property is also referred to as a "logged read, supervisor write" property.
The Values Flag indicates whether the property has a value associated with it.
The following is a list of well-known properties and the property type and the object type(s) that can possess each property:
| Property Name | Type | Associated Objects |
|---|---|---|
| LOGIN_CONTROL | Item | Any object that can log in |
| ACCOUNT_SERVERS | Set | Any object of type FILE_SERVER |
| ACCOUNT_BALANCE | Item | Any object that can log in and be charged |
| PASSWORD | Item | Any object that can log in |
| SECURITY_EQUALS | Set | Any object that can log in |
| GROUP_MEMBERS | Set | Objects (users) that are members of some named group (a property that is normally attached to an object of type USER_GROUP) |
| GROUPS_IM_IN | Set | Objects (groups) with a set property GROUP_MEMBERS where this object's ID appears (a property that is normally attached to an object of type USER) |
| NET_ADDRESS | Item | An object of type FILE_SERVER or any other "advertised" object |
| IDENTIFICATION | Item | Any object (a property that is informational and is usually attached to objects of type USER or USER_GROUP) |
| OPERATOR | Set | Any object |
| MANAGERS | Set | The SUPERVISOR object |
A property or object is visible only if a caller has read privileges to the item. Otherwise, the item will not be revealed when a caller scans the bindery.
Workgroup Managers
NetWare v2.1 and above supports the workgroup manager concept. Many large organizations need workgroup managers because several groups share a single file server, but each group wants autonomous control over its own users and data. For example, a writing department and an editing department may want to use the same file server, but each may also want to have control over its own users and data. The function of a workgroup manager is similar to that of the network supervisor with certain limitations. The workgroup manager can create and delete users and groups and administer data resources, but only for part of the user database (bindery) and only for part of the logical file system.
A new set property, called MANAGERS, can be added to the SUPERVISOR object. Any object that is security equivalent to an object listed in the MANAGERS property is considered a workgroup manager. The MANAGERS property is "read supervisor" and "write supervisor." If the MANAGERS property does not exist, no objects are considered workgroup managers.
Workgroup managers, like the network supervisor, are allowed to create objects in the bindery. All newly-created objects have a set property called OBJ_SUPERVISORS. This property is "read object" and "write supervisor" and is initialized to contain a single element: the Object ID of the workgroup manager who created the object. If an object does not have the OBJ_SUPERVISORS property, the object is assumed to have been created by the network supervisor.
The meaning of supervisor access changes in relation to bindery object access. A caller is now considered the supervisor of a target object if the caller is security equivalent to an object that appears in the target object's OBJ_SUPERVISORS property. An object's supervisor can do anything to the object that the system supervisor can do, including reading and modifying supervisor-level properties, deleting the object, and so on.
Workgroup managers, therefore, have certain rights and abilities beyond those of normal users. They can create new objects in the bindery; they can control the login restriction properties (such as login times, password length restrictions, and account balances) of the users they create. They cannot, however, control these parameters on their own account, unless they are included in the OBJ_SUPERVISORS property of their own user object.
Workgroup managers do not have extra rights in the directory tree. They must be granted rights in the standard way by an entity (usually the supervisor) who has sufficent rights to grant access rights to appropriate portions of the directory tree. Like other users, workgroup managers can only grant rights to other users (including users they have created) in directories where they have parental rights.
A user is considered a workgroup manager if the user is security equivalent to any object listed in the MANAGERS property of the supervisor. A user is considered to have supervisor rights over a specific object if the user is security equivalent to anything listed in the object's OBJ_SUPERVISORS property. Therefore, a user could become a supervisor of a specific object without being a workgroup manager.
The workgroup manager concept is two-tiered: The network supervisor creates workgroup managers, and workgroup managers create and manage users. Workgroup managers cannot create other workgroup managers; the relationship is not hierarchical. The bindery treats workgroup managers as peers. More complex relationships can be created by controlling the places in the directory tree where workgroup managers are given rights, effectively creating hierarchical relationships in the data they control.
Workgroup managers supplement, but do not replace, the network supervisor. The network supervisor maintains absolute control over the network. The network supervisor and all objects that are security equivalent to the supervisor can still make the same calls they could before NetWare implemented workgroup managers.
A workgroup manager cannot add an object to a group that is "write supervisor" unless the manager is the supervisor of both the group and the object. This restriction ensures that a workgroup manager cannot create a new user and then make the user security equivalent to the system supervisor. Workgroup managers can do the following:
| v2.x | v3.x | v4.x | v5.x |
Request Format
* SubFuncStrucLen = 8 + ObjectNameLen + PropertyNameLen + MemberNameLenOffset Content Type (request header) 6 FunctionCode (23) byte 7 SubFuncStrucLen * word (Hi-Lo) 9 SubFunctionCode (65) byte 10 ObjectType word (Hi-Lo) 12 ObjectNameLen byte 13 ObjectName byte[ObjectNameLen] 13+ObjectNameLen PropertyNameLen byte 14+ObjectNameLen PropertyName byte[PropertyNameLen] 14+ObjectNameLen + PropertyNameLen MemberType word (Hi-Lo) 16+ObjectNameLen + PropertyNameLen MemberNameLen byte 17+ObjectNameLen + PropertyNameLen MemberName byte[MemberNameLen]
Reply Format
Offset Content Type (reply header)
Completion Code
0 0x00 Successful 150 0x96 Server Out Of Memory 232 0xE8 Write To Group 233 0xE9 Member Exists 234 0xEA No Such Member 235 0xEB Property Not Set Property 236 0xEC No Such Set 240 0xF0 Illegal Wildcard 248 0xF8 No Property Write 251 0xFB No Such Property 252 0xFC No Such Object 254 0xFE Directory Locked 255 0xFF Hard Failure
Remarks
This call allows a client to add a member (object) to a group property of some object.
The Object Type, Object Name, and Property Name cannot contain wildcard characters. The name and type of the member object to be added cannot contain wildcard characters.
Object Name, Property Name, and Member Name must all exist in the bindery before this call is made.
The property must be of type set. If the set property has "write supervisor" security, a calling client must be an object supervisor of both the object and the new member of the set.
This call can be used by clients with write privileges to the specified property.
See Also
Delete Bindery Object From Set (0x2222 23 66)
Is Bindery Object In Set (0x2222 23 67)
Scan Bindery Object (0x2222 23 55)
| v2.x | v3.x | v4.x | v5.x |
Request Format
Offset Content Type (request header) 6 FunctionCode (23) byte 7 SubFuncStrucLen * word (Hi-Lo) 9 SubFunctionCode (64) byte 10 ObjectType word (Hi-Lo) 12 ObjectNameLen byte 13 ObjectName byte[ObjectNameLen] 13+ObjectNameLen OldPasswordLen byte 14+ObjectNameLen OldPassword byte[OldPasswordLen] 14+ObjectNameLen + OldPasswordLen NewPasswordLen byte 15+ObjectNameLen + OldPasswordLen NewPassword byte[NewPasswordLen]
* SubFuncStrucLen = 6 + ObjectNameLen + OldPasswordLen + NewPasswordLen
Reply Format
Offset Content Type (reply header)
Completion Code
0 0x00 Successful 150 0x96 Server Out Of Memory 197 0xC5 Login Lockout 215 0xD7 Duplicate Password 232 0xE8 Write To Group 236 0xEC No Such Set 240 0xF0 Illegal Wildcard 241 0xF1 Bindery Security 248 0xF8 No Property Write 251 0xFB No Such Property 252 0xFC No Such Object 254 0xFE Directory Locked 255 0xFF Hard Failure, Failure
Remarks
This call allows clients (users) to change an object's (usually their own object's) password. The Object Type cannot be WILD (-1); the Object Name cannot contain wildcard characters.
NetWare v2.0a and below. The PASSWORD property is "supervisor read, supervisor write" security (0x33). However, clients can still make this call, even if they are not logged in as the object whose PASSWORD property is being changed, since the client would need to know the Object Name and the object's current password (Old Password) to log in as that object. For NetWare v2.0a and below, this call will fail if the object does not already have a PASSWORD property. The PASSWORD property is created by the supervisor at the time the (USER) object is created.
NetWare v2.1 and above. The file server requires the PASSWORD property to be "file server read, file server write" security (0x44). Therefore, the file server must create the property. This call, if made by a caller that is supervisor of the object, directs the file server to create the PASSWORD property. When initially creating the PASSWORD property, the caller can pass a null string for the Old Password. NetWare v2.1 and above allows objects of any type to have a PASSWORD property (such as print servers, job servers, and so on).
Any client can use this call to change a password.
See Also
Change User Password (old) (0x2222 23 1)
Verify Bindery Object Password (0x2222 23 63)
| v2.x | v3.x | v4.x | v5.x |
Request Format
Offset Content Type (request header) 6 FunctionCode (23) byte 7 SubFuncStrucLen (5+ObjectNameLen) word (Hi-Lo) 9 SubFunctionCode (56) byte 10 NewSecurity byte 11 ObjectType word (Hi-Lo) 13 ObjectNameLen byte 14 ObjectName byte[ObjectNameLen]
Reply Format
Offset Content Type (reply header)
Completion Code
0 0x00 Successful 150 0x96 Server Out Of Memory 240 0xF0 Illegal Wildcard 241 0xF1 Bindery Security 245 0xF5 No Object Create 252 0xFC No Such Object 254 0xFE Directory Locked 255 0xFF Hard Failure
Remarks
This call allows an object supervisor to change the security level mask of an object in the bindery.
The Object Type cannot be WILD (-1), and the Object Name cannot contain wildcard characters.
Security levels above level 3 (supervisor) cannot be changed with this call.
Only object supervisors can use this call.
See Also
Get Bindery Access Level (0x2222 23 70)
Get Bindery Object Access Level (0x2222 23 72)
| v2.x | v3.x | v4.x | v5.x |
Request Format
Offset Content Type (request header) 6 FunctionCode (23) byte 7 SubFuncStrucLen * word (Hi-Lo) 9 SubFunctionCode (59) byte 10 ObjectType word (Hi-Lo) 12 ObjectNameLen byte 13 ObjectName byte[ObjectNameLen] 13+ObjectNameLen NewPropertySecurity byte 14+ObjectNameLen PropertyNameLen byte 15+ObjectNameLen PropertyName byte[PropertyNameLen]
* SubFuncStrucLen = 6 + ObjectNameLen + PropertyNameLen
Reply Format
Offset Content Type (reply header)
Completion Code
0 0x00 Successful 150 0x96 Server Out Of Memory 240 0xF0 Illegal Wildcard 241 0xF1 Bindery Security 242 0xF2 No Object Read 246 0xF6 No Property Delete 251 0xFB No Such Property 252 0xFC No Such Object 254 0xFE Directory Locked 255 0xFF Hard FailureRemarks
This call allows a client to change the security level mask on a property.
The Object Type cannot be WILD (-1), and the Object Name and the Property Name cannot contain wildcard characters.
This call can be used successfully by clients who have property creation privileges for the specified object and property read and write privileges for the specified property. A client cannot change a property's security to any level above the security level the client has to the property.
See Also
Create Property (0x2222 23 57)
Change User Password (old) 0x2222 23 01
| v2.x | v3.x | v4.x | v5.x |
Request Format
Offset Content Type (request header) 6 FunctionCode (23) byte 7 SubFuncStrucLen * word (Hi-Lo) 9 SubFunctionCode (1) byte 10 UserNameLen byte 11 UserName byte[UserNameLen] 11+UserNameLen OldPasswordLen byte 12+UserNameLen OldPassword byte[OldPasswordLen] 12+UserNameLen + OldPasswordLen NewPasswordLen byte 13+UserNameLen + OldPasswordLen NewPassword byte[NewPasswordLen]
* SubFuncStrucLen = 4 + UserNameLen + OldPasswordLen + NewPasswordLen
Reply Format
Offset Content Type (reply header)
Completion Code
0 0x00 Successful 150 0x96 Server Out Of Memory 214 0xD6 Unencrypted Passwords Not Allowed 240 0xF0 Illegal Wildcard 241 0xF1 Bindery Security 245 0xF5 No Object Create 252 0xFC No Such Object 254 0xFE Directory Locked 255 0xFF Hard Failure
Remarks
This call is an old NetWare 4.6 call. It works the same as Change Bindery Object Password (function 23, subfunction 64), except that it assumes an object of type USER. In other words, this call changes a user's password, but it does not change the password of any other type of object.
See Also
Change Bindery Object Password (0x2222 23 64)
| v2.x | v3.x | v4.x | v5.x |
Request Format
Offset Content Type (request header) 6 FunctionCode (23) byte 7 SubFuncStrucLen (1) word (Hi-Lo) 9 SubFunctionCode (68) byte
Reply Format
Offset Content Type (reply header)
Completion Code
0 0x00 Successful 255 0xFF Failure
Remarks
This call closes the bindery. The file server keeps bindery files open but locked to prevent clients from accessing the bindery directly.
Occasionally, bindery files must be closed so that network functions can take place. When the network is backed up, for example, it is important to back up current bindery files as well. Because files must be closed before they can be backed up, this call allows archive backup programs to temporarily take control of the bindery so that bindery files can be closed, then copied or restored.
When the bindery is closed, only the network supervisor or an object that is security equivalent to the supervisor can read from or write to the bindery.
Closing the bindery disables most network functions. Therefore, the time that the bindery is closed should be kept to a minimum.
The bindery will automatically be reopened if the station that closed it disconnects or if the station calls End Of Job (function 24) for task 0.
This call will be unsuccessful if the client is not logged in as the network supervisor or if the bindery is not open.
See Also
Open Bindery (0x2222 23 69)
| v2.x | v3.x | v4.x | v5.x |
Request Format
Offset Content Type (request header) 6 FunctionCode (23) byte 7 SubFuncStrucLen (6+ObjectNameLen) word (Hi-Lo) 9 SubFunctionCode (50) byte 10 StatusFlags byte 11 SecurityLevel byte 12 ObjectType word (Hi-Lo) 14 ObjectNameLen byte 15 ObjectName byte[ObjectNameLen]
Reply Format
Offset Content Type (reply header)
Completion Code
0 0x00 Successful 150 0x96 Server Out Of Memory 231 0xE7 No Disk Track 238 0xEE Object Exists 239 0xEF Illegal Name 241 0xF1 Bindery Security 245 0xF5 No Object Create 252 0xFC No Such Object 254 0xFE Directory Locked 255 0xFF Hard Failure
Remarks
This call creates a bindery object.
Bit 0 of Status Flags should be set if the object being created is dynamic; bit 0 should be cleared if the object being created is static.
The Security Level mask should have the low (search) and high (property create) nibbles set appropriately. A client cannot set security levels to "file server" access.
The Object Name can be up to 47 characters long.
Only supervisors of the specified object can make this service request. Clients in the WORKGROUP_MANAGERS property of an object are also considered supervisors of the object. (See "Workgroup Managers" at the beginning of this section.)
See Also
Delete Bindery Object (0x2222 23 51)
| v2.x | v3.x | v4.x | v5.x |
Request Format
Offset Content Type (request header) 6 FunctionCode (23) byte 7 SubFuncStrucLen * word (Hi-Lo) 9 SubFunctionCode (57) byte 10 ObjectType word (Hi-Lo) 12 ObjectNameLen byte 13 ObjectName byte[ObjectNameLen] 13+ObjectNameLen PropertyFlags byte 14+ObjectNameLen PropertySecurity byte 15+ObjectNameLen PropertyNameLen byte 16+ObjectNameLen PropertyName byte[PropertyNameLen]
* SubFuncStrucLen = 7 + ObjectNameLen + PropertyNameLen
Reply Format
Offset Content Type (reply header)
Completion Code
0 0x00 Successful 150 0x96 Server Out Of Memory 237 0xED Property Exists 239 0xEF Illegal Name 240 0xF0 Illegal Wildcard 241 0xF1 Bindery Security 242 0xF2 No Object Read 246 0xF6 No Property Delete 247 0xF7 No Property Create 251 0xFB No Such Property 252 0xFC No Such Object 254 0xFE Directory Locked 255 0xFF Hard Failure
Remarks
This call creates a new property and attaches that property to the specified object.
The Object Type cannot be WILD (-1); the Object Name and Property Name cannot contain wildcard characters.
Bit 0 of Property Flags should be set if the property is dynamic; bit 1 of Property Flags should be set if the property is a set property. Property Security mask should be constructed according to the instructions for Access Rights located in the introduction to this section.
The Property Security mask attached to the target object regulates which clients can use this call.
See Also
Change Property Security (0x2222 23 59)
Delete Property (0x2222 23 58)
Scan Property (0x2222 23 60)
| v2.x | v3.x | v4.x | v5.x |
Request Format
Offset Content Type
(request header) 6 FunctionCode (23) byte 7 SubFuncStrucLen (4+ObjectNameLen) word (Hi-Lo) 9 SubFunctionCode (51) byte 10 ObjectType word (Hi-Lo) 12 ObjectNameLen byte 13 ObjectName byte[ObjectNameLen]
Reply Format
Offset Content Type (reply header)
Completion Code
0 0x00 Successful 150 0x96 Server Out Of Memory 240 0xF0 Illegal Wildcard 242 0xF2 No Object Read 244 0xF4 No Object Delete 246 0xF6 No Property Delete 251 0xFB No Such Property 252 0xFC No Such Object 254 0xFE Directory Locked 255 0xFF Hard Failure
Remarks
This call removes one object and all its associated properties from the bindery.
The object must be fully specified by both type and name. The Object Type cannot be WILD (-1); the Object Name cannot contain wildcard characters.
Only a client that is object supervisor of the specified object can make this call. Clients are not allowed to remove objects that have "file server" security levels.
See Also
Create Bindery Object (0x2222 23 50)
| v2.x | v3.x | v4.x | v5.x |
Request Format
Offset Content Type (request header) 6 FunctionCode (23) byte 7 SubFuncStrucLen * word (Hi-Lo) 9 SubFunctionCode (66) byte 10 ObjectType word (Hi-Lo) 12 ObjectNameLen byte 13 ObjectName byte[ObjectNameLen] 13+ObjectNameLen PropertyNameLen byte 14+ObjectNameLen PropertyName byte[PropertyNameLen] 14+ObjectNameLen + PropertyNameLen MemberType word (Hi-Lo) 16+ObjectNameLen + PropertyNameLen MemberNameLen byte 17+ObjectNameLen + PropertyNameLen MemberName byte[MemberNameLen]
* SubFuncStrucLen = 8 + ObjectNameLen + PropertyNameLen + MemberNameLen
Reply Format
Offset Content Type (reply header)
Completion Code
0 0x00 Successful 150 0x96 Server Out Of Memory 235 0xEB Property Not Set Property 240 0xF0 Illegal Wildcard 248 0xF8 No Property Write 251 0xFB No Such Property 252 0xFC No Such Object 254 0xFE Directory Locked 255 0xFF Hard Failure
Remarks
This call removes a member from a set property of the specified object.
The object, the property, and the member are specified by name. The Object Type cannot be WILD (-1); the Object Name and Property Name cannot contain wildcard characters.
Clients must have write privileges to the specified property. If the property security is "write supervisor," the client must supervise both the object being deleted and the object containing the affected set property.
See Also
Add Bindery Object To Set (0x2222 23 65)
| v2.x | v3.x | v4.x | v5.x |
Request Format
Offset Content Type (request header) 6 FunctionCode (23) byte 7 SubFuncStrucLen * word (Hi-Lo) 9 SubFunctionCode (58) byte 10 ObjectType word (Hi-Lo) 12 ObjectNameLen byte 13 ObjectName byte[ObjectNameLen] 13+ObjectNameLen PropertyNameLen byte 14+ObjectNameLen PropertyName byte[PropertyNameLen]
* SubFuncStrucLen = 5 + ObjectNameLen + PropertyNameLen
Reply Format
Offset Content Type (reply header)
Completion Code
0 0x00 Successful 150 0x96 Server Out Of Memory 240 0xF0 Illegal Wildcard 241 0xF1 Bindery Security 246 0xF6 No Property Delete 251 0xFB No Such Property 252 0xFC No Such Object 254 0xFE Directory Locked 255 0xFF Hard Failure
Remarks
This call removes one or more properties from the specified object.
The Object Type cannot be WILD (-1); the Object Name cannot contain wildcard characters. The Property Name can contain wildcard characters, if desired; if the property name contains wildcard characters, all properties that match the name string will be removed from the object.
The object and the property's security level masks determine whether a property can be removed. Properties with security levels above that of the requesting client will not be "visible" to the client and, therefore, cannot be read, written to, or deleted by the client.
See Also
Create Property (0x2222 23 57)
| v2.x | v3.x | v4.x | v5.x |
Request Format
Offset Content Type (request header) 6 FunctionCode (23) byte 7 SubFuncStrucLen (1) word (Hi-Lo) 9 SubFunctionCode (70) byte
Reply Format
Offset Content Type (reply header) 8 SecurityAccessLevel byte 9 LoggedObjectID long (Hi-Lo)
Completion Code
0 0x00 Successful 150 0x96 Server Out Of Memory
Remarks
This call returns the client's current security level mask in the bindery; the client can then examine the two nibbles of this mask to determine the client's general bindery rights. The meanings of the two nibbles in the security level mask are explained in the introduction to this section.
The client also has access privileges (read and write) to the object used when logging in. These privileges will not be reflected in the general security access level mask, so the trustee ID number of the object used to log in is also returned to the client as Logged Object ID. The client has supervisor access privileges (0x44) to any object that contains the Logged Object ID in its OPERATORS property.
This call can be used by any client.
See Also
Get Bindery Object Access Level (0x2222 23 72)
| v2.x | v3.x | v4.x | v5.x |
Request Format
Offset Content Type (request header) 6 FunctionCode (23) byte 7 SubFuncStrucLen (5) word (Hi-Lo) 9 SubFunctionCode (72) byte 10 ObjectID long (Hi-Lo)
Reply Format
Offset Content Type (reply header) 8 ObjectAccessLevel byte
Completion Code
0 0x00 Successful 150 0x96 Server Out Of Memory
Remarks
This call returns the client's bindery access level to the specified object. This call becomes valid with the introduction of workgroup managers. Workgroup managers are given certain privileges to bindery objects by the network supervisor or by other objects that have supervisor privileges to bindery objects.
See Also
Get Bindery Access Level (0x2222 23 70)
| v2.x | v3.x | v4.x | v5.x |
Request Format
Offset Content Type (request header) 6 FunctionCode (23) byte 7 SubFuncStrucLen (4+ObjectNameLen) word (Hi-Lo) 9 SubFunctionCode (53) byte 10 ObjectType word (Hi-Lo) 12 ObjectNameLen byte 13 ObjectName byte[ObjectNameLen]
Reply Format
Offset Content Type (reply header) 8 ObjectID long (Lo-Hi) 12 ObjectType word (Hi-Lo) 14 ObjectName byte[48]
Completion Code
0 0x00 Successful 150 0x96 Server Out Of Memory 240 0xF0 Illegal Wildcard 252 0xFC No Such Object 254 0xFE Directory Locked 255 0xFF Hard Failure
Remarks
This call allows a client to map an Object Name to its corresponding unique Object ID number. Object ID numbers are valid only on the server from which they are extracted since each server maintains its own bindery.
The Object Type cannot be WILD (-1); the Object Name cannot contain wildcard characters.
Any client can use this call successfully if the specified object is in the bindery and if the client has read security privileges to the object.
See Also
Get Bindery Object Name (0x2222 23 54)
| v2.x | v3.x | v4.x | v5.x |
Request Format
Offset Content Type (request header) 6 FunctionCode (23) byte 7 SubFuncStrucLen (5) word (Hi-Lo) 9 SubFunctionCode (54) byte 10 ObjectID long (Lo-Hi)
Reply Format
Offset Content Type (reply header) 8 ObjectID long (Lo-Hi) 12 ObjectType word (Hi-Lo) 14 ObjectName byte[48]
Completion Code
0 0x00 Successful 150 0x96 Server Out Of Memory 241 0xF1 Bindery Security 252 0xFC No Such Object 254 0xFE Directory Locked 255 0xFF Hard Failure
Remarks
This call allows a client to map an Object ID number to an Object Name and Object Type. Any client can use this call successfully if an object in the bindery corresponds to the indicated Object ID number and if the client has read privileges to that object.
See Also
Get Bindery Object ID (0x2222 23 53)
| v2.x | v3.x | v4.x | v5.x |
Request Format
Offset Content Type (request header) 6 FunctionCode (23) byte 7 SubFuncStrucLen (2+GroupNameLen) word (Hi-Lo) 9 SubFunctionCode (7) byte 10 GroupNameLen byte 11 GroupName byte[GroupNameLen]
Reply Format
Offset Content Type (reply header) 8 ObjectID long (Hi-Lo)
Completion Code
0 0x00 Successful 150 0x96 Server Out Of Memory 240 0xF0 Illegal Wildcard 241 0xF1 Bindery Security 252 0xFC No Such Object 254 0xFE Directory Locked 255 0xFF Hard Failure
Remarks
This call allows a client to map a name of an object of type GROUP to its corresponding unique Object ID number. This call is a special case of Get Bindery Object ID (0x2222 23 53), which returns the Object ID for an object of any type.
Object ID numbers are valid only on the server from which they are extracted.
Any client can make this call successfully if the specified object exists in the bindery and if the client has search security privileges to the object. The group name cannot contain wildcard characters.
This call was used in shells for NetWare v2.0a and below.
| v2.x | v3.x | v4.x | v5.x |
Request Format
Offset Content Type 6 FunctionCode (23) byte 7 SubFuncStrucLen (2+UserNameLen) word (Hi-Lo) 9 SubFunctionCode (3) byte 10 UserNameLen byte 11 UserName byte[UserNameLen]
Reply Format
Offset Content Type (reply header) 8 UserObjectID long (Hi-Lo)
Completion Code
0 0x00 Successful 150 0x96 Server Out Of Memory 240 0xF0 Illegal Wildcard 252 0xFC No Such Object 254 0xFE Directory Locked 255 0xFF Hard Failure
Remarks
This call returns the User Object ID for the specified User Name. The User Name must be an object of type USER. The User Object ID returned will be stamped on any directories and files the object (user) creates. Developers can use the User Object ID in the Add Trustee To Directory call (function 22, subfunction 13) to give the object access rights to directories.
Developers should avoid using this NetWare call; it is maintained only for compatibility with NetWare v4.61 and below. This call has been replaced by Get Bindery Object Number (0x2222 23 53). Both functions are the same, except that Get User Number assumes an object of type USER.
| v2.x | v3.x | v4.x | v5.x |
Request Format
* SubFuncStrucLen = 8 + ObjectNameLen + PropertyNameLen + MemberNameLenOffset Content Type (request header) 6 FunctionCode (23) byte 7 SubFuncStrucLen * word (Hi-Lo) 9 SubFunctionCode (67) byte 10 ObjectType word (Hi-Lo) 12 ObjectNameLen byte 13 ObjectName byte[ObjectNameLen] 13+ObjectNameLen PropertyNameLen byte 14+ObjectNameLen PropertyName byte[PropertyNameLen] 14+ObjectNameLen + PropertyNameLen MemberType word (Hi-Lo) 16+ObjectNameLen + PropertyNameLen MemberNameLen byte 17+ObjectNameLen + PropertyNameLen MemberName byte[MemberNameLen]
Reply Format
Offset Content Type (reply header)
Completion Code
0 0x00 Successful 150 0x96 Server Out Of Memory 234 0xEA No Such Member 235 0xEB Property Not Set Property 236 0xEC No Such Set 240 0xF0 Illegal Wildcard 251 0xFB No Such Property 252 0xFC No Such Object 254 0xFE Directory Locked 255 0xFF Hard Failure, Failure
Remarks
This call allows a client to check whether an object appears as a member in a set property.
The member being examined, the property, and the object that owns the property must all be specified by name and type. The Object Type cannot be WILD (-1); the Object Name and Property Name cannot contain wildcard characters.
The call will return a Failure Completion Code if the Object Name Length is greater than 47 or if the Property Name Length is greater than 15.
This call can be used by any client with read security privileges for the set property.
See Also
Add Bindery Object To Set (0x2222 23 65)
| v2.x | v3.x | v4.x | v5.x |
Request Format
Offset Content Type (request header) 6 FunctionCode (23) byte 7 SubFuncStrucLen (5) word (Hi-Lo) 9 SubFunctionCode (73) byte
Reply Format
Offset Content Type (reply header)
Completion Code
0 0x00 Calling Station is a Manager 255 0xFF Calling Station is Not a Manager
Remarks
This function checks to see if the calling station has manager privileges in the bindery. A station is a manager if it is a supervisor or if it appears in the MANAGERS property of the supervisor object.
See Also
Scan Property (0x2222 23 60
Read Property Value (0x2222 23 61)
| v2.x | v3.x | v4.x | v5.x |
Request Format
Offset Content Type (request header) 6 FunctionCode (23) byte 7 SubFuncStrucLen * word (Hi-Lo) 9 SubFunctionCode (75) byte 10 Key byte[8] 18 ObjectType word (Hi-Lo) 20 ObjectNameLen byte 21 ObjectName byte[ObjectNameLen] 22+ObjectNameLen NewPasswordLen byte 23+ObjectNameLen NewPassword byte[NewPasswordLen]
* SubFuncStrucLen = 13 + ObjectNameLen + NewPasswordLen
Reply Format
Offset Content Type (reply header)
Completion Code
0 0x00 Password Verification Successful 197 0xC5 Account Locked 254 0xFE Bindery Locked 255 0xFF Password Verification Failed
Remarks
Keyed Verify Password changes the password for a bindery object that requires keyed login.
See Also
Keyed Verify Password (0x2222 23 74)
| v2.x | v3.x | v4.x | v5.x |
Request Format
Offset Content Type (request header) 6 FunctionCode (23) byte 7 SubFuncStrucLen (12+ObjectNameLen) word (Hi-Lo) 9 SubFunctionCode (74) byte 10 Key byte[8] 18 ObjectType word (Hi-Lo) 20 ObjectNameLen byte 21 ObjectName byte[ObjectNameLen]
Reply Format
Offset Content Type (reply header)
Completion Code
0 0x00 Password Verification Successful 197 0xC5 Account Locked 254 0xFE Bindery Locked 255 0xFF Password Verification Failed
Remarks
Keyed Verify Password verifies a password for a bindery object that requires keyed login.
See Also
Keyed Change Password (0x2222 23 75)
| v2.x | v3.x | v4.x | v5.x |
Request Format
Offset Content Type (request header) 6 FunctionCode (23) byte 7 SubFuncStrucLen * word (Hi-Lo) 9 SubFunctionCode (76) byte 10 LastSeen long (Hi-Lo) 14 ObjectType word (Hi-Lo) 16 NameLen byte 17 ObjectName byte[NameLen] 17+NameLen PropertyLen byte 18+NameLen PropertyName byte[PropertyLen]
* SubFuncStrucLen = 9 + NameLen + PropertyLen
Reply Format
Offset Content Type (reply header) 8 Count word (Hi-Lo) 10 Relations long[Count] (Hi-Lo)
Completion Code
0 0x00 Successful 240 0xF0 Illegal Wildcard in Object Name 242 0xF2 No Object Read Rights 254 0xFE Bindery Locked 255 0xFF Hard Failure
Remarks
This request returns a list of up to 32 bindery object IDs (Relations) that are in a set property of the bindery object specified by ObjectName and ObjectType.
LastSeen should be initialized to -1 on the first call to this request. If the Count returned is 32, a subsequent request should be made to determine if there are more relations. LastSeen should be set to the last bindery ID in the Relations array before making the subsequent call.
| v2.x | v3.x | v4.x | v5.x |
Request Format
Offset Content Type (request header) 6 FunctionCode (23) byte 7 SubFuncStrucLen (1) word (Hi-Lo) 9 SubFunctionCode (69) byte
Reply Format
Offset Content Type (reply header)
Completion Code
0 0x00 Successful 255 0xFF Failure
Remarks
This call reopens the bindery files that have been closed with Close Bindery (function 23, subfunction 68).
Occasionally, bindery files must be closed so that network functions can take place. When the network is backed up, for example, it is important to back up current bindery files as well. Because files must be closed before they can be backed up, a Close Bindery call must be made. Archive backup programs can then take temporary control of the bindery so that bindery files can be closed, then copied or restored.
When the bindery is closed, only the network supervisor or an object that is security equivalent to the supervisor can read from or write to the bindery.
Once the backup is complete, the bindery can be reopened with this call.
The bindery will be reopened automatically if the station that closed it disconnects or if the station calls End of Job (function 24) for task 0.
This call will be unsuccessful if the client is not logged in as the network supervisor or if the bindery is already open.
See Also
Close Bindery (0x2222 23 68)
| v2.x | v3.x | v4.x | v5.x |
Request Format
Offset Content Type (request header) 6 FunctionCode (23) byte 7 SubFuncStrucLen * word (Hi-Lo) 9 SubFunctionCode (61) byte 10 ObjectType word (Hi-Lo) 12 ObjectNameLen byte 13 ObjectName byte[ObjectNameLen] 13+ObjectNameLen SegmentNumber byte 14+ObjectNameLen PropertyNameLen byte 15+ObjectNameLen PropertyName byte[PropertyNameLen]
* SubFuncStrucLen = 6 + ObjectNameLen + PropertyNameLen
Reply Format
Offset Content Type (reply header) 8 PropertyValue byte[128] 136 MoreFlag byte 137 PropertyFlags byte
Completion Code
0 0x00 Successful 136 0x88 Invalid File Handle 147 0x93 No Read Privileges 150 0x96 Server Out Of Memory 236 0xEC No Such Set 240 0xF0 Illegal Wildcard 241 0xF1 Bindery Security 249 0xF9 No Property Read 251 0xFB No Such Property 252 0xFC No Such Object 254 0xFE Directory Locked 255 0xFF Hard Failure
Remarks
This call allows a client to retrieve the value associated with the specified property. Property values are stored in a single 128-byte segment. The Segment Number must be set to 1 to read the first segment of a value and must be incremented by one for each subsequent call. The 128-byte segment corresponding to Segment Number is returned to the client.
The More Flag will be set to 0xFF if the requested Segment Number is not the last segment in the value and 0 if the Segment Number is the last segment.
The Property Flags byte contains the property's status flags. This byte can be tested to determine whether the property is a set property or an item property and whether the property is static or dynamic.
The Object Type cannot be WILD (-1); the Object Name and Property Name cannot contain wildcard characters.
This call can be used successfully by clients with read privileges to the specified property.
See Also
Is Calling Station a Manager (0x2222 23 73)
Scan Property (0x2222 23 60)
| v2.x | v3.x | v4.x | v5.x |
Request Format
Offset Content Type (request header) 6 FunctionCode (23) byte 7 SubFuncStrucLen * word (Hi-Lo) 9 SubFunctionCode (52) byte 10 ObjectType word (Hi-Lo) 12 OldObjectNameLen byte 13 OldObjectName byte[OldObjectNameLen] 13+OldObjectNameLen NewObjNameLen byte 14+OldObjectNameLen NewObjectName byte[NewObjNameLen]
* SubFuncStrucLen = 5 + OldObjectNameLen + NewObjNameLen
Reply Format
Offset Content Type (reply header)
Completion Code
0 0x00 Successful 150 0x96 Server Out Of Memory 238 0xEE Object Exists 240 0xF0 Illegal Wildcard 243 0xF3 No Object Rename 252 0xFC No Such Object 254 0xFE Directory Locked 255 0xFF Hard Failure
Remarks
This call renames a bindery object. Wildcard characters are not allowed in either the old or new name specifications. The Object Type must not be WILD (-1) and must agree with the Object Type recorded in the bindery. Only an object supervisor can use this call.
| v2.x | v3.x | v4.x | v5.x |
Request Format
Offset Content Type (request header) 6 FunctionCode (23) byte 7 SubFuncStrucLen (8+SearchNameLen) word (Hi-Lo) 9 SubFunctionCode (55) byte 10 LastObjectSeen long (Hi-Lo) 14 SearchObjectType word (Hi-Lo) 16 SearchNameLen byte 17 SearchObjectName byte[SearchNameLen]
Reply Format
Offset Content Type (reply header) 8 ObjectID long (Hi-Lo) 12 ObjectType word (Hi-Lo) 14 ObjectName byte[48] 62 ObjectFlags byte 63 ObjectSecurity byte 64 ObjectHasProperties byte
Completion Code
0 0x00 Successful 150 0x96 Server Out Of Memory 239 0xEF Illegal Name 252 0xFC No Such Object 254 0xFE Directory Locked 255 0xFF Hard Failure
Remarks
This call allows a client to scan the server's bindery to determine what objects are there.
The Search Object Type can be WILD (-1) or can be set to find only a specific type of object.
The Object Search Name can contain wildcard characters.
The Last Object Seen field should initially be set to -1L (long -1). If the client wants to iteratively search through the server's bindery, then successive calls should set the Last Object Seen field to the Object ID field returned by the server on the previous call.
The Object Has Properties field will always be set because all objects have a bindery level property that is used internally by the bindery.
Any client can make this call successfully if the object exists in the bindery and if the client has search privileges to the object.
See Also
Is Bindery Object In Set (0x2222 23 67)
Delete Bindery Object From Set (0x2222 23 66)
Add Bindery Object To Set (0x2222 23 65)
Scan Bindery Object Trustee Paths (0x2222 23 71)
Create Bindery Object (0x2222 23 50)
Delete Bindery Object (0x2222 23 51)
| v2.x | v3.x | v4.x | v5.x |
Request Format
Offset Content Type (request header) 6 FunctionCode (23) byte 7 SubFuncStrucLen (8) word (Hi-Lo) 9 SubFunctionCode (71) byte 10 VolumeNumber byte 11 LastSequenceNumber word (Hi-Lo) 13 ObjectID long (Hi-Lo)
Reply Format
Offset Content Type (reply header) 8 NextSequenceNumber word (Hi-Lo) 10 ObjectID long (Hi-Lo) 14 TrusteeAccessMask byte 15 DirectoryPathLen byte 16 DirectoryPath byte[DirectoryPathLen]
Completion Code
0 0x00 Successful 147 0x93 No Read Privileges 150 0x96 Server Out Of Memory 161 0xA1 Directory I/O Error 240 0xF0 Illegal Wildcard 241 0xF1 Bindery Security 242 0xF2 No Object Read 252 0xFC No Such Object 254 0xFE Directory Locked 255 0xFF Hard Failure
Remarks
This call returns a path on the specified volume (Volume Number) where the specified Object ID is a trustee. The path returned is also known as the trustee path. This call can be used iteratively to determine all paths on a specified volume where the Object ID number appears in a directory's trustee list.
The client should set the Volume Number field to the desired volume number. To map a volume name to its mount number, or to determine which volumes are mounted on a server, use Get Volume Number (function 22, subfunction 5) and Get Volume Name (function 22, subfunction 6) described in the "Directory Services" section.
The client's Sequence Number in the request message should initially be set to -1L (long -1); in successive requests, the Sequence Number should be set to the value returned in Next Sequence Number of the previous reply message.
The Object ID field must contain the number of the object (user) whose trustee directory paths are being sought.
The file server returns the Directory Path in the following format:
volume:directory/subdirectory/subdirectory/. . .
Directory paths are not returned in any special order. The server will return a Directory Path Length of 0 if all directory paths where the object is listed as a trustee have been returned.
A client who is a supervisor (or equivalent) can use this call to investigate the trustee directory rights of any object in the bindery. Any client can use this call to determine its own trustee paths, or the trustee paths of any object (up to 32) to which the client is security equivalent.
See Also
Scan Bindery Object (0x2222 23 55)
| v2.x | v3.x | v4.x | v5.x |
Request Format
Offset Content Type (request header) 6 FunctionCode (23) byte 7 SubFuncStrucLen * word (Hi-Lo) 9 SubFunctionCode (60) byte 10 ObjectType word (Hi-Lo) 12 ObjectNameLen byte 13 ObjectName byte[ObjectNameLen] 13+ObjectNameLen LastInstance long (Hi-Lo) 17+ObjectNameLen PropertyNameLen byte 18+ObjectNameLen SearchPropertyName byte[PropertyNameLen]
* SubFuncStrucLen = 9 + ObjectNameLen + PropertyNameLen
Reply Format
Offset Content Type (reply header) 8 PropertyName byte[16] 24 PropertyFlags byte 25 PropertySecurity byte 26 SearchInstance long (Hi-Lo) 30 ValueAvailable byte 31 MoreProperties byte
Completion Code
0 0x00 Successful 150 0x96 Server Out Of Memory 240 0xF0 Illegal Wildcard 251 0xFB No Such Property 252 0xFC No Such Object 254 0xFE Directory Locked 255 0xFF Hard Failure
Remarks
This call allows a client to scan the properties that are attached to a bindery object.
The Object Type cannot be WILD (-1);the Object Name and the Property Name cannot contain wildcard characters.
The client must set Last Instance to -1L (long -1) the first time this call is used. If the client uses this call iteratively to scan an object's properties, Last Instance must be set to the Search Instance returned by the previous call.
Value Available is 0 if the property does not have an associated value and -1 (0xFF) if the property does have a value.
More Properties is 0 if the property is the last property associated with the object and -1 (0xFF) if it is not.
This call can be used successfully by clients that have read privileges for both the target object (Object Name) and the target property (Search Property Name).
See Also
Create Property (0x2222 23 57)
Is Calling Station a Manager (0x2222 23 73)
Read Property Value (0x2222 23 61)
| v2.x | v3.x | v4.x | v5.x |
Request Format
Offset Content Type (request header) 6 FunctionCode (23) byte 7 SubFuncStrucLen * word (Hi-Lo) 9 SubFunctionCode (63) byte 10 ObjectType word (Hi-Lo) 12 ObjectNameLen byte 13 ObjectName byte[ObjectNameLen] 13+ObjectNameLen PasswordLen byte 14+ObjectNameLen Password byte[PasswordLen]
* SubFuncStrucLen = 5 + ObjectNameLen + PasswordLen
Reply Format
Offset Content Type (reply header)
Completion Code
0 0x00 Successful 150 0x96 Server Out Of Memory 197 0xC5 Login Lockout 232 0xE8 Write To Group 236 0xEC No Such Set 240 0xF0 Illegal Wildcard 241 0xF1 Bindery Security 251 0xFB No Such Property 252 0xFC No Such Object 254 0xFE Directory Locked 255 0xFF Hard Failure, Failure
Remarks
This call allows other servers or interested clients to verify the identity of an object (user) or to check the validity of a password. Passwords by convention are defined as strings of up to 127 bytes. The password is assumed to terminate at the first null byte encountered in the password string.
The target Object Type cannot be WILD (-1); the target Object Name cannot contain wildcard characters.
There is an important difference between an object with no password property and an object with a password property that has a null value. If an object has no password property, the server does not allow clients to identify themselves as that object in a Login Object request. If an object has an attached PASSWORD property but the PASSWORD property is null, the server considers the PASSWORD as a match for a null string, and allows clients to log in using that Object Name.
Any client can use this call.
See Also
Change Bindery Object Password (0x2222 23 64)
| v2.x | v3.x | v4.x | v5.x |
Request Format
Offset Content Type (request header) 6 FunctionCode (23) byte 7 SubFuncStrucLen * word (Hi-Lo) 9 SubFunctionCode (62) byte 10 ObjectType word (Hi-Lo) 12 ObjectNameLen byte 13 ObjectName byte[ObjectNameLen] 13+ObjectNameLen SegmentNumber byte 14+ObjectNameLen MoreFlag byte 15+ObjectNameLen PropertyNameLen byte 16+ObjectNameLen PropertyName byte[PropertyNameLen] 16+ObjectNameLen + PropertyNameLen PropertyValue byte[128]
* SubFuncStrucLen = 135 + ObjectNameLen + PropertyNameLen
Reply Format
Offset Content Type (reply header)
Completion Code
0 0x00 Successful 150 0x96 Server Out Of Memory 232 0xE8 Write To Group 236 0xEC No Such Set 240 0xF0 Illegal Wildcard 248 0xF8 No Property Write 251 0xFB No Such Property 252 0xFC No Such Object 254 0xFE Directory Locked 255 0xFF Hard Failure
Remarks
This call allows a client to write a value to an item property. Values of set properties are manipulated with Add Bindery Object To Set (function 2, subfunction 65) and Delete Bindery Object From Set (function 23, subfunction 66). Property values must be kept within a single 128-byte segment.
This call writes out the 128-byte value segment to the Segment Number specified by the client. The first segment of a value is segment 1. Before segment N can be written, segments 1 to N -1 must be written. Once a property value has been established, segments of it can be read or written in a random order.
The More flag provided by the client informs the bindery whether the written segment is the last segment of the value. If the More flag is zero and the current value has segments beyond the segment being written, the bindery will truncate the Property Value and discard the extra segments.
Any client that has write privileges to the target property (Property Name) can make this call.
See Also
Read Property Value (0x2222 23 61)
| v2.x | v3.x | v4.x | v5.x |
Request Format
Offset Content Type (request header) 6 FunctionCode (23) byte 7 SubFuncStrucLen (14+ObjectNameLen) word (Hi-Lo) 9 SubFunctionCode (32) byte 10 NextObjectID long (Hi-Lo) 14 ObjectType long (Hi-Lo) 18 InfoFlags long (Lo-Hi) 22 ObjectNameLen byte 23+ ObjectName byte[ObjectNameLen]
Reply Format
Offset Content Type (reply header) 8 ObjectInfoRtnCount long (Lo-Hi) 12 NextObjectID long (Hi-Lo) 16+ ObjectInfoStruc Structure (see below)
Completion Code
0 0x00 Successful 150 0x96 Server Out Of Memory 239 0xEF Illegal Name 252 0xFC No Such Object 254 0xFE Directory Locked 255 0xFF Hard Failure
Remarks
This call allows a client to scan the server's bindery to determine what objects are there. It will return a list of all objects that match the search criteria. Any client can make this call successfully if the object exists in the bindery and if the client has search privileges to the object.
The NextObjectID field should initially be set to -1L (long -1). If the client wants to iteratively search through the server's bindery, then successive calls should set the NextObjectID field to the NextObjectID field returned by the server on the previous call. If the NextObjectID reply field is equal to -1L, then no more objects are available.
The ObjectType can be WILD (-1) or can be set to find only a specific type of object.
The InfoFlags variable is used to control what information about the objects is returned. The following definitions describe what information is returned depending on which bit is enabled:
#define RtnObjectSecurity 0x10000000
#define RtnObjectType 0x40000000
#define RtnObjectFlags 0x20000000
#define RtnObjectName 0x80000000
The ObjectNameLen is the length of the ObjectName.
The ObjectName is the name of the object to search for and can contain wildcard characters.
The ObjectInfoRtnCount reply field will contain the number of ObjectInfoStrucs returned in the reply.
The NextObjectID reply field will contain the next ID value to request if more objects exist than could be returned in the reply buffer. On the next request to NCP 23 32, set the NextObjectID request field to this value that was returned in the previous NCP call. If the NextObjectID reply field equals -1, then there are no more objects available to get info on.
The ObjectInfoStruc reply field will contain the following elements:
struct ObjectInfoStruc
{
LONG ObjectIDInfo; /* Hi-Lo, Always returned regardless of InfoFlags*/
LONG ObjectType; /* Hi-Lo, Returned if Requested in InfoFlags*/
BYTE ObjectSecurity; /* Returned if Requested in InfoFlags*/
BYTE ObjectName[]; /* ASCIIZ, Returned if Requested in InfoFlags*/
};
The number of ObjectInfoStrucs returned will be indicated by the ObjectInfoRtnCount reply field.
See Also
Is Bindery Object In Set (0x2222 23 67)
Delete Bindery Object From Set (0x2222 23 66)
Add Bindery Object To Set (0x2222 23 65)
Scan Bindery Object Trustee Paths (0x2222 23 71)
Create Bindery Object (0x2222 23 50)
Delete Bindery Object (0x2222 23 51)
Scan Bindery Object (0x2222 23 55)