Copyright © August 1999, Sun Microsystems, Inc. All Rights Reserved.

Part Number 806-0248-10

AdminSuite 3.0 Release Notes

Contents

Security Implications of Shared User Rights On NIS Master Server

Handling Computers With Multiple Ethernet Addresses

Multiple Computers/Networks Entries for Multiple Aliases in NIS+

Automounted File Systems Not Supported

WebNFS Mount Requires WebNFS Share

Advanced Mount and Share Settings Not Supported During an Add Operation

Out-of-Memory Error

Win95 or Win98 Client Unable to Start

Win95 and Win98 Clients May Show "Out of Environment Space" Error

Password Lost From PDC Account After Name Change

Error Installing AdminSuite Client On Win95 or Win98 Over the Network

Server Name Typographical Error Prevents Log On

Rebuilding the NIS Database

Management Domain Is Invalid or Not Specified

NIS Master Server

Security Implications of Shared User Rights on NIS Master Server

Note: This release note is important only if you are installing AdminSuite on an NIS master server.

One of the security tables for authorization, user_attr, is shared by the local server domain and the NIS domain. The security implications of this sharing is that any administrative access rights granted to a member of the local server domain will also apply to a member of the NIS domain.

The shared security tables are referenced by a line in the /var/yp/Makefile that reads: DIR =/etc.

To separate administrative access between local server and NIS domains, the DIR variable should be changed to point to some directory other than /etc and the NIS master source files from /etc should be copied to this new directory. With the user_attr table for the NIS domain placed in the directory pointed to by DIR, and the user_attr table for the local server domain remaining in /etc, administrative access rights will be separate.

Computers/Networks

Handling Computers With Multiple Ethernet Addresses

If you assign multiple Ethernet addresses to the same computer name, you may need to hand edit the ethers table to modify or delete Ethernet addresses.

Both the ethers table and the hosts table list computer names. However, the ethers table pairs the computer name and Ethernet address; the hosts table pairs the computer name and IP address. There is no way to tell which Ethernet address is intended to go with a particular computer/IP address pair because the IP address, which is the key to making entries with the same computer name unique, is not used in the ethers table.

When the Computers/Networks application reads an ethers table, it always returns the first Ethernet address it finds for a given computer. So, multiple computer entries with the same name will all be shown as having the same Ethernet address. To modify or delete an address other than the first Ethernet address for a given computer name, modify the table manually.

If you delete the entry for a computer with multiple Ethernet addresses, you will remove the name, IP address, and the Ethernet address. To keep the Ethernet address in the ethers table, you must re-enter it manually.

Note that if you add another computer with a name that is already used, the Computers/Networks application will add the entry to the ethers table if you specify an Ethernet address. You will see a warning that other entries with the same computer name exist. Once you add the new entry, you will not be able to modify or delete any but the first entry for a given computer name, except manually.

Multiple Computers/Networks Entries for Multiple Aliases in NIS+

AdminSuite 3.0 reveals a separate entry for each computer or network entered in NIS+ hosts and networks tables. Therefore, if you add a computer (named comp1, for example) to the network and give the computer two alias names, three instances of comp1 will appear in Computers/Networks.

To view the alias names of each computer or network presented, open the properties dialog for each.

Mounts/Shares

Automounted File Systems Not Supported

The Mounts and File System Usage functions in the Mounts/Shares tool do not display information about automounted file systems.

Automounted file systems are those systems that are listed as type autofs in the /etc/mnttab file. For example, the following is a sample of four entries in an /etc/mnttab file: 

/dev/dsk/c0t2d0s2       /files  ufs     suid,rw,largefiles,dev=800012   918156716
/dev/dsk/c0t1d0s0       /files3 ufs     suid,rw,largefiles,dev=800008   918156716
auto.release    /release        autofs  ignore,indirect,intr,nosuid,dev=2cc0001 918156739
auto.import     /import autofs  ignore,indirect,intr,nosuid,dev=2cc0003 918156739
In this example, the /files and /files3 file systems would be displayed in the listings for Mounts and File System Usage, but /release and /import would not be displayed.
 
 

WebNFS Mount Requires WebNFS Share

Under certain conditions, what appears to be a WebNFS mount is not actually a WebNFS mount and may appear as a "**conflict**" in the mount status field.

The conflict occurs when an administrator attempts to mount an NFS shared resource as a WebNFS mount, but the NFS shared resource being mounted was not first shared as a WebNFS share. The mount will succeed but will be an NFS mount, not a WebNFS mount.

If boot properties exist for the mount, they will record the mount as a WebNFS mount. Therefore, it will appear as though there is a conflict between the current mount properties and the boot-time properties. Although this can be confusing, it will not cause any problems. If, in fact, you do want a WebNFS mount, remember to do a WebNFS share first.

Advanced Mount and Share Settings Not Supported During an Add Operation

The Mount and Share wizards in the Mounts/Shares tool do not let you specify advanced mount or share settings.

For example, it is not possible in either the Mount wizard or Share wizard to enable WebNFS access, SetUID mode, or Honor Disk Quotas.

The work around is to use the wizard to define the mount or share At Boot only, and then go back and modify the mount or share properties; specifically:

  1. Use the Mount or Share wizard to start defining a mount or share, as desired.
  2. When you are given the choice to mount or share Now or At Boot, select At Boot.
  3. Specify other mount or share parameters as desired in the wizard.
  4. After finishing the wizard, select the mount or share for which you want to define advanced settings, and then open the Properties dialog.
  5. Specify advanced settings as desired.
  6. If necessary, select the mount or share, and then use the Actions menu to specify Mount At Boot, Mount Now, or Mount Now and At Boot to enable the mount or share at the desired time.

Miscellaneous

Out-of-Memory Error

If you encounter an "OutofMemoryError" error, you will need to restart AdminSuite.

Stop and restart the server, then restart the application:

      % su
Password: <root password for your machine>
   # cd /opt/SUNWseam/3_0/sbin
   # ./admsvr stop
   # ./admsvr start
   # exit
   % cd /opt/SUNWseam/3_0/bin
   % ./admapp &
Once AdminSuite is running, consider reducing the number of User Accounts, Email Aliases, or Computers/Networks you are viewing by filtering them using the View->Filter menu option.

Note: If you must increase the number of objects to view, you can increase the memory allocation pool.

The maximum memory allocation pool for the Java VM is 32 megabytes by default.  To increase the maximum size of the memory pool for admsvr (the manual server startup script), admsvr_3_0 (the boot time server startup script), admapp (the AdminSuite startup script), or all three, you must modify the memory allocation parameter to the Java VM command line in one or more of these startup scripts.

For example, to increase the maximum memory pool size to 48 megabytes:

1.  Log on as root.

2.  Edit one or more of the following files:

3.  For each script, change the line:
JAVA_FLAGS=" -mx32m "
   to
JAVA_FLAGS=" -mx48m "

The new memory pool setting will take effect when you exit and restart AdminSuite, or stop and restart the server, depending on which scripts you edited.  You can increase the maximum memory pool size even more than 48 megabytes by increasing 48 to a higher number, and you can specify different pool sizes for admsvr, admsvr_3_0, and admapp.

Win95 or Win98 Client Unable to Start

When you attempt to start the AdminSuite client from the Start menu, the AdminSuite icon briefly appears in the NT task bar. However, the icon disappears before anything actually starts. This indicates one of two possibilities: an "Out of Environment Error" or a bad environment variable set in the top of the admapp.bat startup script.

To reveal the underlying problem:

  1. Open the admapp.bat file and notice that the last three lines of this startup batch file are:
    echo off
    cls
    exit
  2. Comment out the last three lines by editing them to resemble the following:
    rem echo off
    rem cls
    rem exit

    This will allow you to see any errors that occur without automatically closing the DOS box after errors occur.

  3. Save and run this admapp.bat file from a DOS command line by typing:
    cd c:\PROGRA~1\SUNW\ADMINS~1\bin
    admapp.bat

Ensure the admapp.bat file has VALID values set for the following:

[substitute the actual directory names for the variables in italics, such as adminsuite_basedir]

set WS=adminsuite_basedir
For example: set WS=c:\PROGRA~1\SUNW\ADMINS~1
set JAVA_HOME=jdk or jre install directory
For example: set JAVA_HOME=c:\jdk11~1.7
set CLASSPATH=.;adminsuite_basedir\admswt10.jar;adminsuite_basedir\jcbwt360j.jar;adminsuite_basedir\swingall.jar;adminsuite_basedir\classes
For example: set CLASSPATH=.;c:\PROGRA~1\SUNW\ADMINS~1\admswt10.jar;c:\PROGRA~1\SUNW\ADMINS~1\jcbwt360j.jar;c:\PROGRA~1\SUNW\ADMINS~1\swingall.jar;c:\PROGRA~1\SUNW\ADMINS~1\classes

Win95 and Win98 Clients May Show "Out of Environment Space" Error

Win95 and Win98 AdminSuite clients may show an error that states "Out of Environment Space." This message indicates that the PC needs more memory set aside to hold variables associated with AdminSuite.

You can add environment space permanently (so the space will remain through subsequent reboots), or temporarily (the space will be added for a specific session only).

To increase environment space permanently:

Add the following line to the CONFIG.SYS file and then restart the system:
shell=c:\command.com /e:2560 /p
Note: If a shell line already exists in the CONFIG.SYS file, then comment out that original line and replace it with the one above.

To increase environment space temporarily:

The two ways to do this depend on whether you start AdminSuite from an MS_DOS prompt command line or from the Start menu.

A. If you are starting the AdminSuite 3.0 client from an MS_DOS prompt command, do the following: 

        DOS>  cd c:\Program Files\Sunw\AdminSuite\bin
        DOS>  command /e:2560
        DOS>  admapp.bat
Note: The first command in A assumes you have installed the AdminSuite client in the default directory. If that is not the case, change to the bin directory where AdminSuite client is installed.

B. If you are starting the AdminSuite 3.0 client from the Start menu, do the following:

  1. Right-click the Start menu and click OPEN.
  2. Double-click the PROGRAMS folder icon.
  3. Double-click the Sun folder icon.
  4. Double-click the AdminSuite folder icon.
  5. Right-click the "AdminSuite Client" icon.
  6. Choose the Properties menu item.
  7. Select the Program tab.
  8. Preface the "Cmd line" text field with the following: command.com /e:2560 /c  so that the entire "Cmd line" field contains: command.com /e:2560 /c c:\Progra~1\Sunw\AdminS~1\bin\admapp.bat.
  9. Click OK
  10. Start AdminSuite 3.0 client from the Start menu.
Note: The directions in B may not work if you placed AdminSuite in other than the default directory. If "Cmd line" is longer than the entry field allows, you will not be able to enter the full command line text. In that case, start AdminSuite from the MS_DOS prompt command, as described in A.

Password Lost From PDC Account After Name Change

If you change the user name on a user account that is managed in both AdminSuite and PC NetLink, the following happens:

Therefore, if you change the user name in an account managed in both Solaris and PC NetLink, inform the user that he or she should log on to NT without a password and set a new password (or the same password as the Solaris password) at that first log on.

Error Installing AdminSuite Client On Win95 or Win98 Over the Network

If you try to install the AdminSuite client on Windows 95 or Windows 98, over the network, depending on how you map the drive, the installation can fail. (There is no problem with installation when you use a local CD.)

If you attempt to map to a high level on the CD, over the network, you will see the message: "An error occurred during the move data process: -113".

To install over the network, map the drive on the local machine to the win32 level on the CD: \products\AdminSuite_3.0\win32. Mapping to a higher level (\products, for example) could cause the error to occur.

Server Name Typographical Error Prevents Log On

If you mistype the name of the server when installing AdminSuite on a Windows client, no one can log on to the server from that client. You must hand edit AdminSuite files to correct the server name.
  1. Open Windows Explorer.
  2. In a text editor, open the file c:\Program Files\Sunw\AdminSuite\etc\AdminScopes.properties.
  3. Correct the server name where it appears in the file.
  4. Save the file.
  5. Exit the text editor.
  6. Start the AdminSuite 3.0 client from the Start menu and log on to the server.

Rebuilding the NIS Database

When you use AdminSuite 3.0 to manage information stored in NIS, the default behavior is to rebuild the NIS databases from their source files whenever you modify those files. You can change this behavior if your local policy conflicts with this -- if, for example, you have a 'cron' job that rebuilds the NIS databases each night.

To change the default behavior:

  1. Open the file /etc/opt/SUNWseam/3_0/server/AdminServer.properties in a text editor.
  2. Locate the admin.directorytable.nis.updateschedule property and set its value:

Management Domain Is Invalid or Not Specified

If AdminSuite cannot set up the domain to manage when you try to start the application, startup fails and the following message appears:

    The management domain is invalid or not specified.

To manually set up the management domain for AdminSuite on a Solaris computer:

1.  Log on as root.
  % su
 Password: <root password for your machine>
2.  Make sure the following directory exists and has the correct permissions:
chmod 777 /var/opt/SUNWseam/3_0/client
3.  Run the script that sets up the management domain:
/opt/SUNWseam/3_0/sbin/scope_setup all
4.  Exit from root.