I had a hard time finding something that would list what a user has access to in eDirectory. I then found out about trustee.nlm. It is already part of the NetWare system. If you run it, you see:Syntax:LOAD TRUSTEE [options] SAVE (ALL | path ) outputFileLOAD TRUSTEE [options] RESTORE inputFileLOAD TRUSTEE REMOVE (ALL | path )LOAD TRUSTEE REMOVENULL (ALL | path )LOAD TRUSTEE REMOVEINVALID (ALL | path )LOAD TRUSTEE EFFECTIVE objectName outputFileLOAD TRUSTEE EFFECTIVEDIR objectName outputFileLOAD TRUSTEE EXCESSFILE outputFileLOAD TRUSTEE EXCESSNDS outputFilePress any key to continueAnywho, I needed to find effective directory rights, and needed to do it for all users and groups. I couldn’t figure out how to do this just for the users and groups, so I had to come up with my own solution.From a command prompt on Windoze workstation, I ran:nlist user » list.txtnlist group » list.txtThis prints out all the users and groups from the current context into a file. But it also lists with it several other fields that I didn’t need (i.e. Dis, Log, Exp, Min, etc.)So, awk to the rescue:awk ‘{print $1}’ list.txt » cleanlist.txtThis grabs the first word in the file which happens to be the object name and outputs it to a new file. I also cleaned up the file afterwards for a few comments that were not needed (using vi).Now we have the userlist, but we need to prepend and append the right commands and syntax so it should look like this:trustee effectivedir “cn=BOB.ou=SLC.o=DA1” sys:output.txtI did this by opening the cleanlist.txt in vi, then::g/^/s//trustee effectivedir “cn=/gand:g/$/s// sys:output.txt/gThis is a search and replace command in vi. It searches for the first of the line “^” and prepends it with “trustee effectivedir “cn=” The last command above then searches for the end of line character “$” and appends “sys:output.txt”It hen does this to every line in the file.Finally, I’m going to setup a cron script to run monthly that will create the file with all the rights listed. We can then grep the file for specific volumes or directories.This might be done more easily, but wasn’t able to find anything with Novell’s current tools. Also, this doesn’t account for any other users/objects added later. I’ll need to find something more dynamic if possible.