Associate a user in NDS to a NAL Object

Wilson WindowWare Tech Support

WinBatch WinBatch+Compiler WebBatch
Home | Tech Database | Tech BBS | White Papers | Purchase

Associate a User in NDS to a NAL Object
Keywords: 	 Associate a User in NDS to a NAL Object 
Question:
I'm trying to figure out a way to associate a user in NDS to an application object (NAL object). I was able to retrieve what I think is the users associated (App:Back Link) to an application but can't seem to change or add to it.
Here is what I have so far:
AddExtender('WWNWX34I.DLL') ;Ask for the user name to associate to the application userid=AskLine('Specify UserID','UserID to associate to application','') ;Associate user to the .test.AppDev Staging.ZEN.Firm.MLB application object appassoc= nwModifyObject('.test.AppDev Staging.ZEN.Firm.MLB','ADD_VALUE','App:Back Link',userid,0,0,0) ;Return success/failure Message("Confirm", appassoc)
This returns a value of 1, but when I check, nothing has changed.
Any help would be greatly appreciated!
NOTE: I have full rights to the application object and the user IDs that I'm trying to associate. I am able to do this manually through ConsoleOne.
Answer:
Association of apps to users requires modifications to both the user object and the app object in NDS.
The easiest way to figure things out is by experimenting. Use NWADMN32.EXE or ConsoleOne to make changes to objects and then use the sample code from the nwGetObjValue() function to examine the values so that you can see them in the format that WinBatch & the NetWareX extender like to see them. I know that you need to add the user to a list of assiged objects on the app object, you have to add the app object to the list of assigned apps on the user object and you also need to grant the user read trustee rights in the "ACL" attribute of the app object.
The application object attributes that are of interest are "App:Back Link" [SYN_DIST_NAME] and "ACL" [SYN_OBJECT_ACL]. You need to add a user, group or container object's distinguished name to the "App:Back Link" attribute value list. Then you need to make that same user/group/container object a trustee of the application object. The ACL value will look like "[All Attributes Rights]|.MyUser.MyOU.MyO|3", where the "3" indicates the rights [read + compare].
Then, you need to go to the user/group/container object and add the application object's DN value to the list of values for the "App:Associations" [SYN_TYPED_NAME] attribute. This attribute uses both an object DN value as well as two numeric values in the format "obj-name|num1|num2". The object name is a DN value [has a leading dot + full context info]. The num1 value indicates how the object will be presented to the user [in the launcher, on the desktop, on the start menu, in the systray, etc...] and whether it is a run once and/or force run application object. I don't seem to have the full decode of the values on hand, but you can determine it *VERY* easily. For example, a num1 value of 10 is actually the result of performing a bit-wise OR operation on the values 2 and 8, with 10 = 2|8. One of those bit values is for force run and the other is for displaying the app object's icon on the desktop. The value of num2 is always zero.
Finally, after re-reading your code snippet I see that you neglected to call nwModifyObject() with the "*COMMIT*" operator. Please re-read the function documentation for nwModify() object and make sure that you clearly understand part about committing the object modifications to NDS. You can call nwModify() object repeatedly to put multiple change operations into a single change buffer. If you fail to commit those changes, then they all get rolled back and do not get applied to the object in NDS.