Can't find the information you are looking for here? Then leave a message over on our WinBatch Tech Support Forum.
"\\TreeName\.CN=Userid.OU=Users.O=MyOrg"
The default group I would like to add all users to is named "Share" and it is one level up from the .Users.MyOrg context at the MyOrg level. I have tried every syntax I could think of, but all I get is a 308 error. I could not find any examples in the knowledge base and the example in the book doesn't really show the syntax. I have admin privileges, so it's not a rights issue. Can you give me an example?
Result = nwAddUserToGroup("\\TreeName\.CN=Share.O=MyOrg","\\TreeName\.CN=Userid.OU=Users.O=MyOrg")However, error 308 indicates that there was an error that occurred while modifying the object. Post the contents of WWWBACH.INI [in the Windows directory] after the error has occurred so that I can see the additional diagnostic information that is located in there. That will give a clue as to what operation failed. Group membership changes involve 4 attribute value modifications, with 2 happening on the user and 2 happening on the group. One of those 4 modifications is failing for some reason, I think, and that's where your error 308 comes from.
[NetWare Extender] LastError=FFFFFD9B "NWDSModifyObject() : WWNWX_ModifyNDSObject()"
ERR_SYNTAX_VIOLATION -613 0xFFFFFD9BFor some reason, the attempt to modify the object is resulting in a syntax violation. Normally, this happens when you attempt to add an attribute value to an object but the object's schema definition doesn't include that attribute. However, all of the attributes used by group membership are supposed to be part of the eDirectory base schema definition for user and group objects.
Are you certain that you are actually dealing with regular user & group objects in this case, and not some other type of object that perhaps does not include the necessary attributes?
Adding a user to a group involves the following changes:
On the user object, the group's name is added as a value in the list of values for the "Group Membership" and "Security Equals" attributes.
On the group object, the user's name is added as a value in the list of values for the "Member" and "Equivalent To Me" attributes.
I would recommend that you run a DSREPAIR on your eDir tree and verify that the tree is healthy before any further investigation of this problem is performed. If the problem persists after doing that, then it will be time to look more closely and figure out exactly which attribute modification call is failing. Also, while the problem is still occurring, it would be helpful to know if it is only happening with a specific group, a specific user or with all users & groups in your tree.
Do I need to use the Netware Extender 4X functions instead of NetwareX?
What's the full NetWare version & SP level and NDS version / patch level? Other than NDS7, I don't know enough about your config to be able to set up a proper test case to see if I can find out what's going wrong. I've got every version & SP of NetWare available to work with, I just need to know what you're using so I can make my test environment match your environment as closely as possible.
I extracted out a the segment of code that tries to update the group and modified to attempt to add the group to an existing test userid. I still get the 308 error message. (I changed the names to protect the innocent)
AddExtender('WWNWX34I.DLL') ; NetwareX ErrorMode(@OFF) sTree = "MyTree" sUserid = "Testuser" sObjectSpec = StrCat("\\",sTree,"\.CN=",sUserid,".OU=MyOU.O=MyOrg") If sTree == "MyTree" Then sGroupSpec = StrCat("\\",sTree,"\CN=Share.O=Myorg") Result = nwAddUserToGroup(sGroupSpec,sObjectSpec) IERR = LastError() If IERR <> 0 then TempMsg = StrCat("Error adding Share Group",@CRLF,sObjectSpec," IERR = ",IERR) Message("Add Group Error",TempMsg) Exit Endif Endif
I'll ran on a test server here to see if I can duplicate the problem. My test server is NetWare v5.0 SP6, NDS version is v7.51.
I ran my standard test suite that I use for NetWareX extender development and it perform group membership add & delete operations w/o any problems.
One thing I noticed in your code that might be a problem is the following line:
sGroupSpec = StrCat("\\",sTree,"\CN=Share.O=Myorg")Please note that you're missing the leading dot "." in the object name portion of the UNC spec.
Try changing it to be the following:
sGroupSpec = StrCat("\\",sTree,"\.CN=Share.O=Myorg")The lack of the leading dot "." causes the group name to be interpreted as a RDN value rather than as a DN value, and that, in turn, could be causing nwAddUserToGroup() to be attempting to add the user's object DN name [which you are specifying properly with a leading dot "."] to the values of attributes on an object that is not actually a group object.
I suppose we could but in some additional code to test the object classes of users & groups in order to prevent this sort of problem from happening again, but then that would preclude using nwAddUserToGroup() with any derivative object types that are based on the user & group objects and which might be acceptable for managing with this function.
Article ID: W16542
File Created: 2005:02:18:12:21:22
Last Updated: 2005:02:18:12:21:22