background image

Troubleshooting

Different  System Access Permissions

Product Manual

U7613-J-Z815-6-76

©

 S

ie

m

ens

 Ni

x

d

o

rf

 I

n

fo

rm

a

ti

o

ns

s

y

s

te

m

e A

G

 19

95 

P

fad

D

:\

O

761

3e

6\

u76

13

e.

k

1

1

3. Other — You can assign access permissions to files and directories that you own for 

all UNIX system users other than yourself and the users in your group. Depending on 
your needs, you can allow these other users to read or change your files and directories 
or you can prevent such access. Restricting access to others does not affect your own 
access to the files and directories.

When a user attempts to access a file or directory, access to the server is allowed or denied 
depending on the permissions assigned to that user.

11.3.1.5

Understanding UNIX System Access Permissions

You can use the udir command to check the current UNIX system access permissions of 
any file or directory. The Modes column of the udir command shows the UNIX system 
access permissions for each file and directory. These access permissions are displayed as 
three sets of three access permissions each. The first set shows the user/owner access 
permissions. The second set shows the group access permissions. The third set shows the 
access permissions provided to other UNIX system users.  Following are the access 
permissions abbreviations and their meanings:

The following access permissions rarely appear in a display but are described here for 
completeness:

Permission

Description

   r

Permission to display or read the file or directory.

  w

Permission to modify or write to the file or to create or remove files in the 
directory.

  x

Permission to execute the file or move to the directory. Client application 
files do not need execute permission because they execute under the client 
computer’s operating system, not the UNIX system.

  -

The relevant permission is denied.

  l

Mandatory locking is enabled.

Permission

Description

  s

Whenever a file with this permission is executed, regardless of who 
executes it, the invoked process takes on the identity of the file’s owner 
(or group) for the duration of the execution.

  t

If space is available, a text file with this permission stays in swap space 
after execution. This permission speeds UNIX system program loading.

Summary of Contents for Advanced Server UNIX V4.0

Page 1: ...Edition April 1999 Advanced Server UNIX V4 0 Overview and Installation ...

Page 2: ...nless otherwise noted No part of this document may be reproduced or transmitted in any form or by any means electronic or mechanical for any purpose without the express written permission of AT T and Siemens AG 1985 1998 AT T All rights reserved 1985 1998 Microsoft Corporation All rights reserved AT T is a registered trademark of AT T Corporation Microsoft MS MS DOS Windows and Windows NT either a...

Page 3: ...dvanced Server for UNIX is also used in abbreviated form as AS X as well as sometimes as AS U or Advanced Server All of these terms are synonymous for the same product The description of the entire Advanced Server for UNIX product covers several manuals The Concepts and Planning manual provides information on the structure and function ality of Advanced Server for UNIX and describes among other th...

Page 4: ...sly with Advanced Server for UNIX or LAN Manager servers and with NetWare servers It also contains installation and configuration instructions for NetWare Connectivity 1 1 Target group This manual is intended for the system and network administrator who is responsible for installing configuring and operating Advanced Server for UNIX The network administrator is known as the administrator in this m...

Page 5: ...apter Configuring Advanced Server for UNIX contains among other things the steps necessary for configuring and for starting NetBIOS and Advanced Server for UNIX You should consult the chapter Administration guidelines if you want to change the role of the server for example if you have installed and configured Advanced Server for UNIX Among other things the chapter also describes how to enable a C...

Page 6: ...ed Server for UNIX 1 4 Notational conventions The following notational conventions are used in this manual Convention Usage Italics in the main body of text denote file variable and program names as well as commands and options in continuous text Bordered Courier indicates extracts from files Courier denotes system output Courier semi bold denotes user input in a sample dialog indicates a key or k...

Page 7: ... entitled Shared resources contains information on which network resources of Advanced Server for UNIX can be shared The section entitled Services introduces the services provided by Advanced Server for UNIX The section Connection management explains the terms sessions as well as connection This section also provides information on the security concept of Advanced Server for UNIX The manual entitl...

Page 8: ...work Provided they are authorized every client can access every server system in the local network Advanced Server for UNIX also supports so called trust relationships between domains which permit the user to access resources in other domains 2 2 Shared resources The resources provided by a server system for the network are known as shared resources Shared resources are protected against unauthori...

Page 9: ... 15 characters Username The administrator provides each user in a network with a unique username for identification Users from other domains with which there is a trust relationship are addressed with domain name username Sharename The administrator assigns a unique sharename to each shared resource on a server Network name UNC name The network name consists of the server s computer name and the s...

Page 10: ...server name is stored automatically in the lanman ini file on the server It is part of the network name and may only be changed after the installation using special utility programs For further information please refer to the section entitled Changing server attributes in the chapter entitled Administration guidelines The server name consists of up to fifteen characters letters from a to z numbers...

Page 11: ...art of the network name The sharename consists of up to twelve characters letters no umlauts numbers and special characters For MS DOS clients the sharename must comply with the MS DOS conventions Example The command net share sf1 c u1 public is used by the administrator to share the directory u1 public as a resource for the network sf1 is the sharename of this resource The character string c must...

Page 12: ... topic The default domain name consists of the first eleven characters of the system name plus the suffix dom e g the domain name of the server server1 would be server1 dom The domain name consists of up to fifteen characters letters from a to z numbers from 0 to 9 and the special characters _ The domain name may only be changed following installation using special utility programs Please refer he...

Page 13: ...s are not displayed with the ls command To do this use the ls a command You must try to ensure that these files are only handled under OS 2 If you delete or copy the files under UNIX you should also delete or copy the shadow file accordingly It is not possible to copy these files with their attributes from an Intel based to a RISC based UNIX system using UNIX commands as the internal formats do no...

Page 14: ...type f name ea print do newfile echo eafile sed s ea EA echo rename eafile to newfile mv eafile newfile done Advanced Server for UNIX will only find the extended attributes of a file if the associated hidden shadow file has the same prefix as is set in the current Advanced Server for UNIX configuration instance It would be best to change the file and directory names and the registry parameters whe...

Page 15: ...is resource for use in the local network The directory must have been created beforehand otherwise the administration interface reports an error The character string c must always precede the resource pathname on the Advanced Server for UNIX Access information is assigned to shared directories using net perms which is stored in the AS X database acl For example using net perms c u1 public1 grant g...

Page 16: ...nly one user at a time can access a file Advanced Server for UNIX maps the interfaces available under the MS DOS OS 2 Windows Windows for Workgroups Windows 95 98 and Windows NT operating systems to UNIX mechanisms in order to manipulate files and directories For further information please refer to the manual entitled Concepts and Planning 2 2 5 Shared printer resource As an administrator it is po...

Page 17: ...e she assigns the network name server1 sp1 with lpt1 using the command in the MS DOS naming conventions net use lpt1 server1 sp1 The user can now work on lpt1 for all print jobs as he she would on a local printer For Windows NT Style Printing the sharing of a printer with UNIX commands is no longer recommended For further information please consult the manual entitled Concepts and Planning 2 2 6 I...

Page 18: ...g the function DosMakeNmPipe PIPE srvp reference and waits using the function DosConnectNmPipe reference for a connection to be set up _dos_open to the client process The client process under MS DOS OS 2 Windows Windows for Workgroups Windows NT or Windows 95 98 opens the named pipe with _dos_open server1 PIPE srvp cfd and data can now be exchanged between the processes The character must always b...

Page 19: ...sends a message to the network name of the mailslot server1 mailslot ms The developer implements this in the program sources for client processes using the API functions in compliance with MS DOS and OS 2 naming conventions In the reading program using DosMakeMailslot mailslot ms and in the writing program using DosWriteMailslot server1 mailslot ms The following calls are used in the processes on ...

Page 20: ...ate when accessing networks and hard disks and maximum number of logon attempts 2 3 2 Auditing Important activities in the network are recorded by this service These include starting and stopping the server user sessions and utilization of shared resources by specifying the username and time This list can be displayed if required Service Comments Alerter Auditing Replicator Netlogon Timesource SNM...

Page 21: ...ver User accounts can be maintained on each server using the single system image SSI the accounts is thus centrally managed and distributed The netlogon service ensures that there is an identical copy of the user account on the primary domain controller and the backup domain controllers of the domain The netlogon service also processes the logon procedures of the clients If you are using the Netlo...

Page 22: ...2 3 8 Browser The browser service extends the announce messages that normally occured in the LAN Manager X environment every 60 seconds This new mechanism consists of a system of hierarchically ordered browser programs that are used for searching domains servers and resources within the network The browser service function is provided in the Explorer File Manager and Windows Print Manager Relevant...

Page 23: ... up between the servers in a domain likewise local sessions exist on the server The command net session shows all current sessions The MAXCLIENTS parameter restricts the number of sessions that can exist simultaneously See also section Parameters in chapter Lanman ini File in this manual 2 4 2 Connection to a resource If the client user successfully connects to a resource first time from a server ...

Page 24: ...elationship between the two domains there is no need to create the user account a second time You can also access the resources in the other domain if you are a legitimate user in your domain For further infor mation please refer to the Concepts and Planning manual 2 5 Administration of Advanced Server for UNIX The administrator manages and controls the shared resources users and their permis sion...

Page 25: ...ed For this reason the Windows NT Server Tools are supplied with Advanced Server for UNIX Special NT Server Tools have been developed for the Windows client Since they have the same functionality a standard administration interface is available to you on all clients and workstations 2 6 Programming interface API Advanced Server for UNIX provides a programming interface application programming inte...

Page 26: ...ncluded in delivery package MS Network Client MS DOS V3 0 included in delivery package MS LAN Manager MS DOS V1 1 not included in delivery package MS LAN Manager MS DOS V2 0 not included in delivery package MS LAN Manager MS DOS V2 1 not included in delivery package MS LAN Manager MS DOS V2 2c included in delivery package MS LAN Manager OS 2 V1 1 not included in delivery package MS LAN Manager OS ...

Page 27: ...g the product LAN1 Vx The product LAN1 is not supplied with Advanced Server for UNIX The commands referred to i e udir uren and uchmod cannot be used on all clients In this case you should use the corresponding UNIX commands 2 7 2 Role of the server You can install Advanced Server for UNIX and LAN Manager X in a domain with Windows NT servers Only one Advanced Server for UNIX or Windows NT server ...

Page 28: ...e printer spooler to a printer that is connected to a client shared client printer The share table and usernames are saved in a different format if required this data can be converted manually for the new version The MS DOS notation must be used with the command net for example options may only be introduced with the character For shared directories c must always be specified with the command net ...

Page 29: ...nstead of serve e g server1 srv In order to start a UNIX program from the PC you should now use the command netrun extended MS DOS client instead of uexec In the case of an update installation the configuration of Versions 2 0 and 2 2 can be adopted Server attributes such as server role server name etc can be changed afterwards with a utility program The servers and clients can be located in diffe...

Page 30: ... role of primary domain controller in a domain The server roles of member server and standalone server have been omitted In an upgrade the member server is given the role of backup domain controller and the standalone server is given the role of primary domain controller The share level security concept is no longer supported In the upgrade installation the server is given the server role of prima...

Page 31: ...ke Explorer File Manager and Print Manager as well as by the net view command Support for UNIX quotas configurable Name Space Mapping Mapping of long file names to DOS 8 3 naming conventions Mixed Case Support Configurable support for uppercase in file and directory names New utilities accget accadm and userget Interoperability with Windows NT 4 0 and Windows 95 98 Configuration of NetBIOS For fur...

Page 32: ...lient manually A Windows NT compatible WINS service is available with Advanced Server for UNIX V4 0 This makes it much more easy to operate the server and clients in a routed environment Registry Most of the Advanced Server for UNIX configuration is stored in a binary Registry file The configuration can now be done via the Windows Registry Editor SMB Signatures SMB signing provides a message authe...

Page 33: ...s for all AS X commands new manual pages for new utilities printadm promote repladm userrights other utilities accadm accget addclipr addserver asxcheck asxinfo asxperf asxpwexp asxregview delclipr delserver setdomainlang setlang setspooler userget asxregview enhancements Improved asxinfo and asxcheck utilities New HOMEDIRDRIVE option for the net user command New options o and M for acladm utility...

Page 34: ...for non root users if supported by the file system Implemented Level II Oplocks to improve co operation with NT clients NetBIOS keep alive timeout is now configurable and changed from1 minute to 30 minutes to reduce the number of frames on the network New NetBIOS tunables NBRFCMAXDGMS and NBRFCMAXFRAGS NBRFCKALIVE tunable now used to set the keep alive timeout in minutes Default changed to 30 minu...

Page 35: ... tasks when Advanced Server for UNIX is started The following sections contain a short description of these processes and their tasks The number of processes depends on the current configuration which is stored in the lanman ini file and in the Registry 3 1 1 Communication between the processes Data which is required by all Advanced Server for UNIX processes is stored in a shared memory segment Th...

Page 36: ...emon process generated from the process lmx ctrl for processing tasks from several workstations daemon process for the service Netlogon for synchronization between different servers Single System Image SSI trust relationships daemon process for alarm messages Alerter service daemon process for Browser service daemon process for the replicator service daemon process for Windows Internet Naming Serv...

Page 37: ...76 The following diagram clarifies the cooperation between Advanced Server for UNIX processes on a server started with the default configuration Advanced Server for UNIX processes lmx browser lmx ctrl lmx dmn lmx srv 1 lmx srv n 1 lmx srv n PC PC Shared memory PC PC PC PC lmx alerter ...

Page 38: ...requests from the workstations and distributes the connection requests to the existing server process lmx srv or if necessary generates a new server process The mslot task receives the mailslot requests and passes them on to the server It also processes the announce requests from other servers This task transmits the mailslot messages to the application processes on the server which can then be re...

Page 39: ...service network logon security It also synchro nizes the individual servers single system image SSI and is used for trust relationships This process is started by the process lmx ctrl when Advanced Server for UNIX is being initialized The lmx alerter process This daemon process manages the alerter function If not disabled it is started automati cally when AS X is started The lmx browser process Th...

Page 40: ... 2 workstations using this process The process lmx extd The lmx extd program is installed and configured with the installation of the software package asxsnmp This process sets up the connection between the SNMP service and Advanced Server for UNIX it informs the SNMP agent when Advanced Server for UNIX starts and stops The lmx nvalert process This process is not supported by Siemens Advanced Serv...

Page 41: ...ications controllers Depending on the UNIX system implemented there are different connection options communications controllers and card drivers are required several communications controllers can be implemented simultaneously The NetBIOS component of the operating system kernel is implemented in the streams architecture The library NB Lib in Advanced Server for UNIX allows access to the NetBIOS s...

Page 42: ...NIX the application programming interface API is implemented using local interprocess communication LIPC Advanced Server for UNIX processes use the same interface The requests are mapped to streams pipes in the operating system kernel The following diagram shows that the Advanced Server for UNIX processes and the appli cation processes access the same interface Local communication The named pipes ...

Page 43: ... with Advanced Server for UNIX V4 0 4 1 Advanced Server for UNIX delivery package All of the software for Advanced Server for UNIX is contained on CD ROM in package format PKG An overview of this is given on the next page Advanced Server for UNIX Version 4 0 and later is only supplied on CD ROM Key diskettes are no longer used for installation The following manuals are available for Advanced Serve...

Page 44: ...ual pages for Advanced Server for UNIX asxdocs Online documentation and Acrobat Reader asxsnmp Advanced Server for UNIX SNMP extension for TransView Extensible Agent asxdebug This package is only intended for the Siemens Support Service 4 2 Hardware and software requirements Before installation users must check that the following hardware and software requirements are met 4 2 1 Hardware requiremen...

Page 45: ... new_dir lanman var opt lanman The names of the file systems and the size of available memory can be viewed using the df v or dfspace command The installation procedure also requires free disk space under the var directory during installation from CD ROM Likewise please note that the Advanced Server for UNIX databases also require free disk space under the var directory in large configurations app...

Page 46: ...vanced Server for UNIX This package is only necessary if the machine should run the Advanced Server for UNIX WINS service The SIthreads package is included on the operating system CD with more recent operating system versions This package replaces the previous version DCE THR In this case you should only use the SIthreads package System software version RM200 RM300 RM400 RM600 xxx Reliant UNIX N V...

Page 47: ...nformation first 3 Then install NetBIOS and restart the system 4 The server software of Advanced Server for UNIX can be installed now There are different installation steps for the upgrade installation of Advanced Server for UNIX from previous versions and the new installation of Advanced Server for UNIX 5 You can now install the optional Advanced Server for UNIX software If you do not follow this...

Page 48: ...controller A standalone server should be handled in the same way as a primary domain controller A LAN Manager X server can never be the Primary Domain Controller in a domain with NT servers or computers running Advanced Server for UNIX 1 Stop the primary domain controller 2 Deinstall LAN Manager X or Advanced Server for UNIX 3 Then install Advanced Server for UNIX as the primary domain controller ...

Page 49: ...n deinstalling you have the option to back up the logon scripts for Version 2 2 and later of LAN Manager X The following steps are required for deinstalling both versions Ê Delete LAN Manager X V2 0 or LAN Manager X V2 2 as documented Deinstall the server software and NetBIOS of Versions 2 0 or 2 2 During deinstallation you are given the options of backing up the lanman ini file the user account e...

Page 50: ...account etc and using them for the new version For further information on deinstalling Advanced Server for UNIX please refer to the Overview and Installation manual for the respective version to be deinstalled Ê If you want to install the new version after NetBIOS has been deinstalled you do not need to restart the system Special features of NetBIOS configuration The following applies only if you ...

Page 51: ...names command If there is a name table available in the NBRFC section of the old nbrfc cfg file it is transferred automatically to the names cfg file Please refer to the description in section var opt nbrfc bin mv_names In any case the network interface configuration must be compared visually with the interface sections of the old nbrfc cfg file Please retain the new keyword default For further in...

Page 52: ...is displayed Ê Place the cursor on CD ROM device name and select the device name for the CD ROM drive with CHOICES Then select SAVE to confirm your input A general message about the volume is then displayed Ê Acknowledge with CONTINUE 3 Mark the ASX set in the displayed list with the cursor and then press MARK and ENTER The following message is then displayed Ê Select info to display other informa...

Page 53: ...ackage To confirm your selection press CHOICES Do not select Complete Product If you select this installation will fail Ê Select SIreadmeM or Package The selection field Installation mode provides a choice between automatic and dialog via CHOICES Ê Select the installation mode dialog For information on how to install the asxserver asxtools asxtoolsD asxdocs and msclients packages with the default ...

Page 54: ...1 SIreadmeM 2 nbrfc Once you have successfully installed the nbrfc package for NetBIOS reboot the system 3 asxserver 6 The following packages are optional and can be installed in any sequence asxdocs asxman asxtools asxtoolsD msclients asxsnmp For further information on the optional packages please refer to the section Installing optional packages From this point on the individual packages are ins...

Page 55: ... the English files to opt readme asx GB Please observe the information in these files for the next steps The README files are always located under this path The manual page files are numbered consecutively e g the first file for Advanced Server for UNIX V4 0 is stored in the path opt readme asx D man400 Since the package is a general UNIX package which is used by different products the package can...

Page 56: ...om the data medium set up NetBIOS for all network controllers in the system automatically and generate a new UNIX kernel This process will be displayed on the screen though it may take a little time The configuration data is stored in the var opt nbrfc conf interfaces cfg file during installation If a file already exists it will not be overwritten If you are installing a backup domain controller t...

Page 57: ...nted out default do not forget to uncomment the line To ensure that the primary domain controller can be found if this server is a WINS client Ê Edit the file var opt nbrfc conf wins cfg and add the appropriate WINS server addresses For detailed information on configuring name resolution refer to section Configuring NetBIOS Name Resolution In any case you should now reboot the system before procee...

Page 58: ...ackage replaces the previous version DCE THR In this case you should only use the SIthreads package 4 8 1 Preparing the installation If the servers of the domain are distributed over several subnetworks ensure that NetBIOS can resolve the names For details on configuring NetBIOS name resolution please refer to the section Configuring NetBIOS Name Resolution The individual installation steps depend...

Page 59: ...roller from Version 2 x Upgrade installation of a backup domain controller from Version 2 x Upgrade installation of a primary domain controller from Version 3 5 or 4 0 Upgrade installation of a backup domain controller from Version 3 5 or 4 0 New installation of a primary domain controller New installation of a backup domain controller 4 8 1 1 Installation steps Before starting the installation be...

Page 60: ...with the default configuration The steps for interactive installation are presented on the following pages Normally you will choose this installation Output language The output language configuration is used to specify the output language of the UNIX commands net and elfread and of the Windows Administrative Tool EventViewer The output language does not affect the builtin names of Advanced Server ...

Page 61: ...n the server name is retained from the previous version if possible The server name must not be modified manually in the lanman ini file or in the Advanced Server Registry under any circumstances Please refer to the chapter entitled Administration guidelines for further infor mation on how to change the server name after installation Server role During a new installation the role of the server has...

Page 62: ...ain names In the case of an upgrade installation the domain name is automatically incorporated from the previous installation if possible The domain name must not be modified manually in lanman ini under any circum stances Please refer to the chapter entitled Administration guidelines for further infor mation on how to change the domain name after installation Name of the primary domain controller...

Page 63: ... always used So it could happen that AS X 3 5 was an english backup domain controller in a german Windows NT domain You should use joindomain to repair your domain The domain language of a primary domain controller is evaluated when the databases of the primary domain controller are initialized Changing the domain language has no effect without re initializing those databases re initialization mea...

Page 64: ...tled Administration guidelines for further information on how to change the domain language after installation Windows NT style Printing One of the new features in Advanced Server for UNIX Version 4 0 is Windows NT style printing This feature means that you can manage Advanced Server for UNIX print operations in the same way as Windows NT Advanced Server computers can store printer drivers for Win...

Page 65: ... X Version 2 x e g user account is taken over If the servers of the domain are distributed over several subnetworks ensure that NetBIOS can resolve the names For details on configuring NetBIOS name resolution please refer to the section Configuring NetBIOS Name Resolution Ê Log on as system administrator root Ê Start the installation procedure as described in the section Installing from CD ROM wit...

Page 66: ...er role is incorporated from the previous version if possible Domain name The domain name is incorporated from the previous version if possible Name of the administrator On a primary domain controller the builtin administrative account Administrator is always used During an upgrade installation from Version 2 x the account Admin is mapped to Administrator automatically Administrator s password The...

Page 67: ...em provides you with the option of starting the server immediately with the message NOTICE To upgrade the saved data from LM X 2 x you have to start the server Do you want to start the Advanced Server y n Ê Enter y to start the server during the installation or n to start it manually after the instal lation Upgrade of the accounts database lmxupgrade If you have started the server the upgrade is e...

Page 68: ...domain controller can be resolved by the local NetBIOS Please refer to the section Installing NetBIOS on how to accomplish this For the upgrade installation of a backup domain controller proceed as follows Ê Log on as system administrator root Ê Start the installation procedure as described in the section Installing from CD ROM with cdinst Ê Select the asxserver package under AS X Stop the server ...

Page 69: ...rporated from the previous version if possible Domain name The domain name is incorporated from the previous version if possible Name of the primary domain controller The name of the old primay domain controller must be confirmed here Enter the name of the primay domain controller or press Enter to select old primary name Name of the administrator The name of an administrative account on the prima...

Page 70: ... n Ê Enter your selection Start the server To complete the upgrade installation the saved access permissions must be transferred from the previous version The account data the users and groups is transferred automat ically from the primary domain controller To do this the backup domain controller must set up a connection with the primary domain controller For this purpose both the primary domain c...

Page 71: ...ng the command net accounts sync If there are problems transferring the account data you may have to call var opt lanman bin joindomain to re establish the connection again Ê If the account data has been updated on this backup domain controller the access permissions must be created for Advanced Server for UNIX Call var opt lanman bin lmxupgrade YA Watch the output of the command for files and dir...

Page 72: ...e message Please enter the language or press ENTER if it is ENGLISH Ê Enter the output language Interface name of the spooler used by the server The system now displays all configurable spoolers and outputs the message Please enter the interface name or press ENTER if it is spool interface Ê Enter the interface name of the spooler Server name The server name is incorporated from the previous insta...

Page 73: ...g the domain language after the installation is only possible with loss of all user and group accounts Use var opt lanman bin joindomain to perform this task Windows NT style Printing When there have been shared printers from a previous installation you now have to decide how to upgrade these printers The system displays some information and the message You can choose to disable Windows NT style p...

Page 74: ...can happen that the database is reported corrupt See the detailed description below If the primary domain controller of the domain you want to join is located in a different subnet you have to ensure that the domain name and the server name of the primary domain controller can be resolved by the local NetBIOS Please refer to the section Installing NetBIOS on how to accomplish this Although this na...

Page 75: ... interface Ê Enter the interface name of the spooler Checking the accounts database During the installation the accounts database from the previous version is checked If some corruption is detected the accounts database is replicated from the primary domain controller In this very special case the server name the administrator on the primary domain controller the administrator password and the dom...

Page 76: ... Enter to select administrator Ê Enter the name of an administrative account Administrator s password The password of the account Administrator is incorporated from the previous version In the case of database corruption the password of the administrative account has to be entered here twice Enter the password for administrator Re enter password Domain Language The domain language is incorporated ...

Page 77: ...ection Start the server The installation is now complete The system offers you the option of starting the server immediately Do you want to start the Advanced Server y n Ê Enter y yes or n no 4 8 6 New installation of a primary domain controller The following sections describe how Advanced Server for UNIX is installed as a primary domain controller on a system on which neither LAN Manager X nor Ad...

Page 78: ...ted languages ENGLISH and GERMAN and outputs the message Please enter the language or press ENTER if it is ENGLISH Ê Enter the output language Interface name of the spooler used by the server The system now displays all configurable spoolers and outputs the message Please enter the interface name or press ENTER if it is spool interface Ê Enter the interface name of the spooler Server name The syst...

Page 79: ...nfirmed now or can be re entered Administrator s password The password of the account Administrator has to be entered twice Enter the password for administrator Re enter password Domain Language The system now displays the supported languages ENGLISH and GERMAN and outputs the message Please enter the language or press ENTER if it is ENGLISH Ê Enter the domain language A new AS X database is now c...

Page 80: ...esolved by the local NetBIOS Please refer to the section Installing NetBIOS on how to accomplish this To install a backup domain controller proceed as follows Ê Log on as system administrator root Ê Start the installation procedure as described in the section Installing from CD ROM with cdinst Ê Select the asxserver package under AS X Stop the server Ê Choose y to stop the server Interactive or no...

Page 81: ...the server name Server role The message Enter role primary or backup or press Enter to select primary is displayed Ê Enter the server role backup Name of the primary domain controller The system displays the message Enter the name of the primary domain controller Ê Enter the name of the primary domain controller The primary domain controller must be running and connected to the network Domain name...

Page 82: ...d the name of the primary domain controller can be resolved by the local NetBIOS Refer to the section Installing NetBIOS on how to accom plish this the local server name can be resolved by the NetBIOS of the primary domain controller If the primary domain controller is an Advanced Server for UNIX computer refer to the section Configuring NetBIOS Name Resolution If the primary domain controller is ...

Page 83: ...tion is now complete The system offers you the option of starting the server immediately Do you want to start the Advanced Server y n Ê Enter y yes or n no 4 8 8 After the installation Automatic Start and Stop During the package installation the start and stop scripts of the server are placed into the etc rc2 d and etc rc0 d directories so that Advanced Server for UNIX is automatically started and...

Page 84: ... but are stored in a new lanman ini file A copy of your previous lanman ini file is saved and renamed lanman old For more information about the Advanced Server Registry and the Lanman ini File see the appropriate chapters Converting the german umlauts from previous versions mapnames Starting with Version 3 5B Advanced Server for UNIX uses a new character set As a result some file and directory nam...

Page 85: ...ng PC client software Microsoft LAN Manager Client 2 2c Microsoft Network Client 3 0 TCP IP 32 for Windows for Workgroups 3 11 Update for Windows for Workgroups 3 11 For information on generating client diskettes please refer to the section Installing from CD ROM with cdinst asxtools and asxtoolsD These packages contain the Windows NT Server Tools for the following platforms and are available in G...

Page 86: ...prises approximately 20 Mbytes In order that it can be installed in a file system that has sufficient free disk space you can specify an installation path during installation To generate installation diskettes it is sufficient to install this package on one server only Now install the msclients package with the following steps Ê Log on as system administrator root Ê Establish which file system con...

Page 87: ...der that they can be installed in a file system that has sufficient free disk space you can specify an installation path during installation It is sufficient to install the required language variant of this package on only one of the servers in a domain Now install the asxtools or asxtoolsD package with the following steps Ê Log on as system administrator root Ê Establish which file system contain...

Page 88: ...ormat the package also contains an Acrobat Reader English language for installation on a workstation Install the asxdocs package with the following steps Ê Log on as system administrator root Ê Carry out the installation procedure as described in the section Installing from CD ROM with cdinst Ê Select the asxdocs package under AS X Ê During installation specify the name of the directory where you ...

Page 89: ... The following dialog box is displayed Ê Position the cursor on CD ROM device name and select the device name for the CD ROM drive with CHOICES Then select SAVE in order to confirm your entry You are then given a general message about the volume Ê Acknowledge with CONTINUE 3 Use the cursor to mark the ASX set in the list displayed and then press MARK and ENTER The following is displayed i 1 Proces...

Page 90: ...response files using CHOICES Ê Press SAVE 5 The following selection is displayed for contents of the packages see the section Advanced Server for UNIX delivery package 6 Use the cursor to select the required packages and press MARK Then start the installation with ENTER The installation is started implicitly with pkgadd F2 F3 4 Install Install Installation mode Installation default file name Path ...

Page 91: ...ng answers Please refer to section Installation steps for more information Installation step Parameter Value Stop the server STOPSERVER YES Installation step Parameter Value Parameter Value Interactive or non interactive installation R_INSTTYPE automatic non interactive R_MAPWARNTOERR NO R_INSTTYPE automatic R_PKGNAME Advanced Server 4 0 for UNIX R_VERSION 4 0B0003 R_LMXSPOOLER default R_AUTOSTART...

Page 92: ...ion step Parameter Value Interface of the spooler used by the server R_LMXSPOOLER default the spooler configured in UNIX Installation step Parameter Value Server name SERVERNAME default system name Installation step Parameter Value Server role ROLE Domain name Installation step Parameter Value Domain name DOMAIN default system name with dom Installation step Parameter Value Name of the primary dom...

Page 93: ...NAME and R_VERSION are used for internal purposes The var installation path is used for the asxtools package Default response file for the asxtools package Installation step Parameter Value Parameter Value Administrator s password R_PASSWORD password has to be changed USE_DEFAULT_PASSWD Value Installation step Parameter Value Domain language R_DOMAINLANG ENGLISH Installation step Parameter Value P...

Page 94: ...ptional packages including AS X Service Packs from the field support then the server followed by NetBIOS 4 11 1 Deinstalling optional packages To deinstall the Package package carry out the following steps 1 Log on as system administrator root 2 Enter pkgrm Package Ê Confirm with The software of the package is now deleted Ê Repeat the pkgrm Package command for all optional packages installed 4 11 ...

Page 95: ...allation The files and directories of the users are not affected by your decision and will not be deleted The system will ask you if you wish to save or delete the following data User data in the public directories DOSUTIL OS2UTIL LIB and PRINTLOG which was not created when the server was installed Customized print processor scripts Information about shared printers servers and workstations Printe...

Page 96: ... deleted and a new UNIX kernel is generated During this process you will receive a corresponding system wait message The configuration files remain in the var opt nbrfc conf directory and can be saved from there or can be left there for a later reinstallation In this case the reinstallation will use the existing configuration 3 Start the system with the newly generated UNIX kernel or if necessary ...

Page 97: ...ation you need to configure NetBIOS The second section describes how to configure network interfaces so that they can be used by NetBIOS The 3rd section describes how to configure NetBIOS name resolution If not stated otherwise all following descriptions imply that all NetBIOS tuning param eters use predefined values The fourth sections will show how in case of need the behavior of NetBIOS can be ...

Page 98: ...ams messages of limited length On Advanced Server computers NetBIOS services are provided by two STREAMS drivers which are linked to the UNIX kernel during NetBIOS installation NetBIOS Names The NetBIOS name space is flat that is it is not hierarchical so all names within a network must be unique NetBIOS names are 16 characters in length Advanced Server for UNIX as well as Microsoft networking com...

Page 99: ...networks Broadcast name resolution Broadcast name resolution is a NetBIOS over TCP IP mode of operation defined in RFC 1001 1002 as b node This method relies on a computer making IP level broadcasts to register its name by announcing it on the network and to query a name by asking all other computers in the broadcast area Each computer in the broadcast area is responsible for challenging attempts ...

Page 100: ...ning and distrib uting the lists Windows Internet Name Service WINS A computer can use WINS if at least one WINS server is available that contains a dynamic database that maps computer names to IP addresses WINS can be used in conjunction with broadcast name resolution for an internetwork where other name resolution methods are inadequate As described in chapter Implementing WINS WINS is a NetBIOS...

Page 101: ... of a section is the following Syntax of a section in interfaces cfg interface_name active yes no used_by_wins yes no ip_addr default ip_address_ddn brdcast_addr default brdcast_addr_ddn brdcast_list brdcast_list netmask default netmask_ddn Within a section interface_name is the name from ifconfig 1M of the interface configured by this section The name is given inside square brackets ip_address_dd...

Page 102: ...nt NetBIOS from sending and receiving packets over an inactive interface which is UP in the sense of ifconfig 1M because in general it is up to the lower network layers to decide which interface is to be used If all interfaces are deactivated i e have the entry active no the first interface is considered active If the active entry is missing the corresponding network interface is considered active...

Page 103: ...st be given explicitly If an interface is DOWN in the sense of ifconfig 1M the corresponding configuration section is loaded but the interface is set to inactive You can then later use the nbconfig command to activate the interface see below As a general rule the keyword default which is also inserted automatically at creation time of the interfaces cfg file should be used for any of these three p...

Page 104: ...lation you should create a new file with the help of the tool cr_interfaces To add or remove network interfaces Ê Edit the interfaces cfg file Delete sections and or copy existing sections and modify the parameters as appropriate Whenever possible use the default keyword or Ê Save the existing interfaces cfg under a different name and create a new one by typing var opt nbrfc bin cr_interfaces To c...

Page 105: ...n existing file is not overwritten The get_config command reads the interfaces cfg file it does validity checks and displays er ror and or warning messages as appropriate Syntax get_config Use get_config before restarting NetBIOS whenever the interfaces cfg file has changed in order to detect inconsistent or faulty configurations Example output of get_config In order to check a new interfaces cfg ...

Page 106: ... the interface you want to activate or deactivate E D interface name ip address interface name ip address The interface with the specified name interface name or the specified IP address ip address is activated E option or deactivated D option Use the output of a previous nbconfig i command to get the correct name interface_name or IP address ip address of the interface you want to activate or dea...

Page 107: ...cently received NetBIOS datagrams and a list of static mappings from a names cfg file If the name is not found the computer sends name query request packets as broadcast messages on the local subnet These broadcast messages normally cannot pass IP routers If WINS is enabled name resolution works in the following manner h node 1 Try a WINS server 2 Try broadcasting 3 Check the name table To find a ...

Page 108: ... of both files 5 1 3 1 The wins cfg file In file wins cfg you can enter two WINS server addresses by which means the Advanced Server for UNIX computer is configured as a WINS client This file together with a corre sponding template file wins sam is automatically created in var opt nbrfc conf during instal lation of the nbrfc package if it does not already exist To configure an Advanced Server for ...

Page 109: ...ed Server for UNIX to register names with WINS servers If the local machine is running the Advanced Server for UNIX 4 0 WINS service it is recommended to configure both primary and secondary WINS to point to this WINS i e to the local machine WINS client configuration file for nbrfc delete old WINS entries from old configurations var opt nbrfc bin delwins s dev null 2 1 var opt nbrfc bin delwins p...

Page 110: ...e names cfg file Lines with a number sign is the first column are treated as comment empty lines are ignored Each entry must be on a separate line and follow the syntax NetBIOS_name IP_address UN GR Ext1 EXT2 where NetBIOS_name is a name consisting of up to 15 characters case is ignored internally the name is converted to uppercase letters and padded with spaces IP_address is given in dotted decim...

Page 111: ...ompt type nbtstat R The static name table from names cfg is loaded automatically whenever NetBIOS starts e g at system startup To verify that the mappings from names cfg are known to NetBIOS Ê At the command prompt type nbtstat c Sample names cfg to configure static NetBIOS names My address is 144 145 100 10 Primary domain controller of a trusted domain trustpdc 144 145 101 20 UN 00 20 trustpdc do...

Page 112: ... resolution The nbtstat command is used to display diagnostic information about NetBIOS name resolution nbtstat is especially useful for troubleshooting NetBIOS name resolution problems Syntax nbtstat a q RemoteName e Extension nbtstat A IP address nbtstat c n r w nbtstat R Node IpAddress es 144 145 100 010 Scope Id NetBIOS Remote Cache Name Table Name Type Host Address Life sec TRUSTPDC 20 UNIQUE...

Page 113: ... given its IP address specified in dotted decimal notation c Lists the name table of remote NetBIOS names giving the IP address of each name The table contains names from recently received NetBIOS datagrams name cache as well as static mappings Static mapping are recognizeable by a 1 in the Life column n Lists local NetBIOS names names that were registered on the network by the Advanced Server for...

Page 114: ...gistered SMBSERVER 20 GROUP Registered EXAMPLE 00 UNIQUE Registered EXAMPLE DOM 00 GROUP Registered EXAMPLE DOM 1C GROUP Registered EXAMPLE X 00 UNIQUE Registered EXAMPLE BROW 00 UNIQUE Registered EXAMPLE DMN 00 UNIQUE Registered EXAMPLE DOM 1E GROUP Registered EXAMPLE DOM 1B UNIQUE Registered EXAMPLE DOM 1D UNIQUE Registered __MSBROWSE__ 01 GROUP Registered NetBIOS name resolution result Name DOM...

Page 115: ...th a number sign Example var opt nbrfc bin addname TRUSTEDDOM DOM 144 145 47 101 UN 1B Name mappings added with the addname command do no longer exist after NetBIOS is restarted Use the names cfg file if you want to establish permanent name mappings Please note that the number of names that can be stored in the local name table depends on the NBMAXNAMES parameter The delname command deletes one or...

Page 116: ...our domain either as PDC or BDC and WINS is not used keep in mind that similar rules apply for LMHOSTS files For more information about the LMHOSTS file see Windows NT Help and the Microsoft Windows NT Resource Kit Networking Guide 5 1 4 Configuring NetBIOS Tunable Parameters On Advanced Server for UNIX computers NetBIOS services are provided by two STREAMS drivers which are linked to the UNIX ker...

Page 117: ... 0 max 1440 This parameter controls the NetBIOS Keep Alive feature in minutes If set to a value greater than 0 NetBIOS sends periodic transmissions on a session when no other data is being sent for a period of time If the other end does not respond to these messages the session is considered broken after certain TCP IP timers have expired By default NetBIOS sends keep alive messages every 30 minut...

Page 118: ...sters its local NetBIOS names with a WINS server and does name refreshes and name releases To configure an Advanced Server computer as a WINS client set this parameter to 1 and configure primary and secondary WINS server in the wins cfg file NBRFCPRELOAD old 1 new 0 This parameter determines the search order for name resolution If set to 1 NetBIOS searches the internal name table containing local ...

Page 119: ...t support this parameter You will therefore have to use a single correctional release in this case For further details refer to the information supplied in the release notice in the SIreadmeM package l number of outstanding connect indications Specifies the maximum number of simultaneously outstanding connect indications The period of time that normally elapses between the setup being requested an...

Page 120: ...Logging it must be installed and started on the server system Ê Check whether the log files log3admin and log3struct for Logging V3 0 contain entries for Advanced Server for UNIX If necessary incorporate them using an editor Ê After you have entered it using the editor invoke the log3 bin log3adm and log3 log3new commands In this way the entries are incorporated from log3admin to log3admin obj Par...

Page 121: ...the file log3struct Logging V3 0 filename Kbyte chng close default 100 5 1 this is the default destination file for applications without an explicit LOGTYPE declaration LOGFILE filename Kbyte chng close cms_error 50 2 1 compno 16 cmsreport 50 2 1 compno 17 iocs 50 2 1 compno 33 auto 50 2 1 compno 41 sft 50 2 1 compno 55 datasyslog 50 2 1 compno 0xfffffffe syslogd asx 50 2 1 compno 1130010 LOGTYPE ...

Page 122: ... ufs file systems Since both functions use the same mechanisms under UNIX the new functionality is likewise controlled by the UnixQuotas registry parameter The following table clarifies the behavior of Advanced Server for UNIX depending on the different settings for the UnixQuotas parameter UNIX commands are used for quotas to allocate the disk space for the respective UNIX users Should you requir...

Page 123: ...if a UNIX user is assigned to each Advanced Server for UNIX user This is predetermined by setting the following parameter in the registry CreateUnixUser 1 If this parameter has the value 0 all Advanced Server for UNIX users are mapped to a UNIX lmworld user In this case the total disk space quota for all Advanced Server for UNIX users must not be exceeded i e if one Advanced Server for UNIX user e...

Page 124: ... edquota user1 A temporary file with the following contents is opened using the vi editor fs home blocks soft 0 hard 0 inodes soft 0 hard 0 Enter the limits for example fs home blocks soft 11000 hard 15000 inodes soft 0 hard 0 Exit the editor and save the file Ê Enable quotas support for the directory In the etc vfstab file change the line for home for example dev ios0 sdisk000s5 dev ios0 rsdisk00...

Page 125: ...under any circum stances To do this the spooler interface for Advanced Server for UNIX passes on the print job in raw mode Therefore you can use every printer on the UNIX system for Advanced Server for UNIX as long as it is supported by the PC application Before you can use a spooler with Advanced Server for UNIX you must configure printer classes groups and printers You may only use the printers ...

Page 126: ...rinter and printer class using the following commands enable asxp_hpl accept asxp_hpl accept class_1 Ê Check the printer using the command lpstat a lp dclass_1 etc hosts When sharing the printer link the name of the printer here asxp_hpl with the sharename For information on sharing a printer with Advanced Server for UNIX please refer to the Concepts and Planning manual 5 5 2 Configuring SPOOL V4 ...

Page 127: ...sx for Advanced Server for UNIX server xpadd srv srv_asx Ê Activate this spool server with xpchange srv srv_asx stACTIVE siON soON You can also use an existing spool server for AS X Setting up the supervisor The supervisor is responsible for printing jobs which it receives from the spool server The jobs are printed on printers which are controlled by this supervisor Ê Add the supervisor spv_asx to...

Page 128: ...s trans parently default This spool in procedure is comparable to the xpadd job dr file de printer group fc 1 rw command If print data is not printing out as required check whether the same file that has been prepared for printing can be printed to the required printer group from UNIX using the xpadd command For information on how other parameters can be set please refer to the section Changing pa...

Page 129: ...y that each PC receives its own server process This is an acceptable solution in particular for smaller configurations To do this change the settings in the Process Parameters Entries of the Registry of the Advanced Server for UNIX for the keys MaxVCPerProc and MinVCPerProc to 1 In order to obtain a separate process for each PC stop and start the server with the commands net stop server net start ...

Page 130: ...evant client to the TSR program terminate and stay resident clispool or clipcache that the print data is ready for the PC printer under a specific sharename On the client clispool sets up a connection with the informed server resource using the net use command The print data waiting on Advanced Server for UNIX is made available to the PC program print via this connection Shared client printer via ...

Page 131: ...t all printers are available for Advanced Server for UNIX on some UNIX systems If you cannot use the required printer type enter standard clienttype is either CLIPR or PRSRV The default is CLIPR with a client on which clispool or clipcach is running With PRSRV select any system that can make the shared printer resource available for example Windows for Workgroups Windows 95 98 Windows NT or a UNIX...

Page 132: ...ace type the following command addclipr pc2 hplaserjet To add a postscript printer that is attached to the client computer named pc3 and which is shared with the share name printer3 PRSRV interface type the following command addclipr pc3 POSTSCRIPT PRSRV printer3 The device connection for the shared client printer is thus entered in the spooler adminis tration you have now created the printers e g...

Page 133: ... server1 cli This username must not exist in the domain If the system is a server OS 2 Windows NT or UNIX a user with this username must not be located in the local account database Only then the filter program will receive the rights for the user GUEST in the user group GUESTS If a user with this username exists already or if a password has been configured for the shared printer the following ste...

Page 134: ...ce for AT T Spool 5 7 Activating Advanced Server for UNIX 5 7 1 Starting NetBIOS Manual You can start the NetBIOS administration process manually with nbrfc start Automatic During installation a link is set up with rc2 d for starting the NetBIOS administration process automatically 5 7 2 Start Advanced Server for UNIX with NetBIOS The following commands are available for starting Advanced Server f...

Page 135: ...vanced Server for UNIX The following commands are available for terminating Advanced Server for UNIX asx stop command The asx stop command is used to terminate Advanced Server for UNIX the NetBIOS admin istration process and other processes which were initiated using the asx start command This command stops the server without further queries even if connections still exist net stop server command ...

Page 136: ...tomatically 5 7 6 Stopping and starting individual services The services of Advanced Server for UNIX are started with asx start for example You can stop and start the following Advanced Server for UNIX services separately It is recommended to use wins start and wins stop to start and stop the WINS service Start command Stop command Service net start timesource net start netlogon net start alerter ...

Page 137: ...lication programming interface supports the development of programs which access the communication mechanisms LM named pipes and mailslots or which take on administrative tasks The declaration files and libraries listed in the following table are used in this case The API Reference manual and the API manual pages contain detailed descrip tions of declaration files It is recommended to use the path...

Page 138: ...mpiled and linked using the program make with the following makefile The number of Advanced Server for UNIX libraries linked to the object may vary with the API functions you are using All possible libraries are listed in the table above Call Meaning Compiler Linker I usr include lmx llmx lnsl ldl lmproc lext lrpcapi lmsrpc ltask lsam lasusec lasulang lCrun Advanced Server for UNIX declaration fil...

Page 139: ...r name The program setservername is available for changing the name of an Advanced Server Domain name The program setdomainname is available for changing the name of an Advanced Server domain Server role With the program promote you can change the server role without re initializing an existing domain Server name Domain name Server role The program joindomain is available for configuring an Advanc...

Page 140: ... language With setdomainlang you can change the language of predefined objects within a domain Ê You must be logged on as the system administrator root to change server attributes Ê The utility programs for changing the server attributes need to stop the server Therefore inform all users using resources of this server Ê These programs are described in the online manpages for Advanced Server for UN...

Page 141: ...nly Create another directory for each other slice as required and incorporate it into the UNIX file system using the mount command Advanced Server for UNIX generally only processes filenames which do not contain any uppercase letters The filenames are converted to lowercase letters using the o dos parameter Check whether this parameter is set if errors occur You could also configure Advanced Serve...

Page 142: ...e spoolers for which you can process the printer queue with restric tions 6 4 1 SPOOL 4 x or Xprint 6 4 1 1 Stopping and restarting printer queues You can stop a printer queue for Advanced Server for UNIX using the command net print hold This sets all Advanced Server for UNIX print jobs to the status SUSPEND including jobs which have been newly spooled via Advanced Server for UNIX Print jobs spool...

Page 143: ...t be used Each spooler has different parameters For this reason when switching the configured spooler it is necessary to first delete the queues for the old spooler 6 4 1 3 Stopping and restarting print jobs Print jobs can be stopped and restarted using the commands net print job hold and net print job release The status of the specified Advanced Server for UNIX print job is set to SUSPEND or WAIT...

Page 144: ... the printer queue all print jobs are set to the status WAIT Print jobs cannot be set to the status TOP when a printer queue is stopped No error message is output to this effect The net print job last command is not implemented for the SPOOLV4 interface 6 5 Administering using the net admin command This command can be used to administer the specified server For example if the backup_2 server is th...

Page 145: ...the PC tools and then the description of the tools for NetBIOS as well as other system administration tools Finally you should read the information provided in relation to support high availibility configurations 7 1 PC tools The following tools are contained in the DOSUTIL resource 7 1 1 Searching for the Master Browser for a domain in a subnetwork findbrow exe This tool helps you to find the Mas...

Page 146: ...information on the client from which it was called This information is used for diagnostic purposes by the support centers Syntax lmgetinf exe Output parameters The output of the tool provides some internal information on the redirector used for example the root directory the computername the user name and the domain name Master Browser found on NetBIOS adapter no 0 The Master Browser s adapter ad...

Page 147: ...on 2 51 Logon Server Workheuristics null SessionTimeout 45 Char Wait 0 Char Time 0 KeepConnections 600 KeepSearch 600 Max Threads 6 Max Commands 6 NumWorkBuf 2 SizeWorkBuf 4096 MaxWorkCache 0 SizeError 0 NumAlerts 0 NumServices 3 ErrlogSize 0 PrintBufTime 0 NumCharBuf 0 SizeCharBuf 0 Mailslots 1 Char Count 0 wki0_reserved_1 0 wki0_reserved_2 0l wki0_reserved_3 0l wki0_reserved_4 0 wki0_reserved_5 ...

Page 148: ...th within a local and remote subnetwork This is of benefit to the system administrator and to the support centers when searching for errors The findbrow program is based internally on the NetBIOS nbtstat program and therefore uses the same output format Syntax findbrow b broadcast_address name b broadcast_address Search within a certain remote subnetwork indicated by broadcast_address given in dot...

Page 149: ...y means of the name Name 1d in this example DOMAIN1 1d NetBIOS Remote Machine Name Table Name Type Status SERVER1 20 UNIQUE Registered SERVER1 00 UNIQUE Registered SMBSERVER 20 GROUP Registered DOMAIN1 00 GROUP Registered DOMAIN1 1C GROUP Registered SERVER1 X 00 UNIQUE Registered SERVER1 DMN 00 UNIQUE Registered DOMAIN1 1E GROUP Registered SERVER1 BROW 00 UNIQUE Registered DOMAIN1 1B UNIQUE Regist...

Page 150: ...given var opt nbrfc nbrfc cfg is used by default The var opt nbrfc nbrfc cfg file is copied to the tmp directory during removal of an old nbrfc package If you have a copy of this file you can invoke this command at any time in order to convert the name table Sample names cfg file 7 2 3 var opt nbrfc bin names2lm The names2lm command is used to convert a file containing NetBIOS name to IP address m...

Page 151: ...ysis 7 3 1 Access permissions in Advanced Server for UNIX Advanced Server for UNIX stores access permissions for files and directories in its ACL database in the var opt lanman directory In contrast to UNIX permissions which are stored with each file and directory in the file system permissions are stored centrally in Advanced Server for UNIX The ACL database stores access permissions for some res...

Page 152: ...rovide clarification of the terms used in the next section in conjunction with the accget and accadm tools Resource UNIX directory or UNIX file Resource_name UNIX path name of a directory or file Mountpoint UNIX path name under which a UNIX file system is mounted Permission record Entry for a resource with its access permissions in the backup files Backup file Backup file name 7 3 2 Saving access ...

Page 153: ...It is not necessary to start the server if this option is used The default option of accget is s P The access permissions for the specified resource resource_name are stored in the tmp accget dat file When you specify a directory all directories and files under the specified directory are processed including their access permissions Shared resources SHARES and mountpoints are not stored again If a...

Page 154: ...kup files to enable an internal investigation to take place 7 3 3 Editing saved resources and access permissions accadm The accadm tool is used to edit resources and their access permissions The following options are available Syntax accadm help d resource_name r G E S backup file P Pg Fs mountpoint Fe mountpoint Fp mountpoint Fd mountpoint d Deletes d elete the physical entry in the ACL database ...

Page 155: ...ames relative to the mountpoint If a mountpoint is not specified this procedure is implemented for all mounted file systems i e a file called asxperms is created under every mountpoint Fe Displays the content of the mountpoint asxperms file F ilesystem script e numerate Fp The ACL database is updated with the content of the mountpoint asxperms file New entries are added here existing entries are u...

Page 156: ...ions It may happen sometimes that a system administrator has to transfer the data from one file system to another file system e g to a larger disk Usually this task is carried out using UNIX commands In doing so the access permissions of the files and directories which are stored in the Advanced Server for UNIX ACL database are not adapted automatically This task is performed by the acladm program...

Page 157: ... the current user configuration and group configuration for the specified system The command can be invoked for the local system or for a remote server The var opt lanman etc useradd sh_local or var opt lanman etc useradd sh_ name of server file created can be used for restoring a configuration To circumvent the restrictions noted below the file can be modified with the help of an editor Syntax us...

Page 158: ...ger fails e g tiger The system administrator enters the following command on the lion system var opt lanman etc addserver tiger The connected clients have to re establish the connection to the resources to be used While the clients establish the connection under the name tiger they use resources on the lion server After the failed server is operational again the command for deleting the alternativ...

Page 159: ... the mail address Examples fred fred Your password will expire in 10 days steve steveJ lion john lion johnny Your password will expire now 7 4 Compression of the ACL Database Advanced Server for UNIX stores permissions for files and directories into it s ACL database var opt lanman datafiles acl Whereas UNIX permissions of files and directories are part of the file system AS X permissions are stor...

Page 160: ...ompression Depending on the size of the database the compression may take some time Ê Check available disk space In the file system where var opt lanman is located the free space should be at least the size of the ACL database Ê Stop the server net stop server All active connections with clients will be closed Ê Save the actual ACL database e g cp var opt lanman datafiles acl save datafiles Take c...

Page 161: ...in acladm U Ê To remove redundant user entries var opt lanman bin acladm S Please refer to the acladm manual page for the detailed usage of the acladm command Type man acladm at the Advanced Server command prompt Internal database compression is performed directly by the low level database utility blobadm Ê To compress the ACL database var opt lanman bin blobadm q A The method of compressing the A...

Page 162: ...plementing this 2 Activate and deactivate additional server names In the event of a system failing an additional server name is activated online and then deactivated again before the failed system is rebooted to enable the alternative system to be accessed using the same NetBIOS name as the failed system The addserver and delserver tools are responsible for implementing this 3 Transfer shares Sele...

Page 163: ... now operational again the alternative PCs must log off and then connect again after a successful switchover Resources cannot be set up for a system while it is down If the Primary Domain Controller PDC in a domain has failed it will not be possible to modify users and groups for the duration of the down time Access permissions for the failed system can only be updated to the status of the last AC...

Page 164: ...ete existing connections by user of A on B 2 Deactivate servername A on B 3 Deactivate interface of additional A controller on B 4 Deactivate additional controller on B with the IP address of A 5 Export and save access permissions for A data on B 6 Delete shares from A on B if necessary or leave the empty directory as is 7 Switch disks again 8 Remove unused entries from the ACL database on B if ne...

Page 165: ...ows NT Workstation computer Instructions on how to install AS U Administrator on Windows NT Workstation computer Instructions on how to install Windows NT Server Tools on a Windows 95 98 client computer Useful information about running Windows NT Server Tools on Windows 95 98 Instruction on how to install Windows NT Server Tools on a Windows 3 x client computer 8 1 Network Clients Advanced Server ...

Page 166: ... use it to view your current connec tions browse for shared resources and make new connections It is a character based utility you must use the keyboard not a mouse Experienced MS DOS users familiar with Microsoft Network Client commands may prefer to enter commands at the MS DOS command prompt rather than using the pop up interface For more information on using Microsoft Network Client see the Wi...

Page 167: ...computer Ê Log on at an MS DOS client computer as an administrative user Ê Connect to the MSCLIENT share on the Advanced Server by typing the following command at the DOS prompt net use d servername msclient Replace d with the drive letter and servername with the name of the server Ê Change to the drive d that connects to the MSCLIENT share Ê Change to the directory on the shared resource that con...

Page 168: ...pydisk tcp32wfw dsk a To create a diskette for the Update for Windows for Workgroups 3 11 type d images copydisk update dsk a 8 2 1 Using Windows NT Network Client Administrator Advanced Server supports the creation of network installation startup disks using Network Client Administrator from a Windows NT computer Use the Network Client Administrator to perform the following tasks Ê Create a netwo...

Page 169: ...ator 1 Click Start and then Run 2 Type ncadmin in the Run dialog box and click OK 8 2 1 1 Creating Network Installation Startup Disks You can create network installation startup disks for the following network operating systems and clients Windows 95 98 Windows NT Windows for Workgroups version 3 11 Network Client for MS DOS version 3 0 By default Network Client Administrator gives you the option ...

Page 170: ...tion files for the following clients Microsoft Network Client version 3 0 for MS DOS Microsoft LAN Manager version 2 2c for MS DOS Microsoft TCP IP 32 for Windows for Workgroups version 3 11 Using the installation disk set you can install the software manually on each computer These files are included in the MSCLIENTS share You can install this software on any client computer freely For more infor...

Page 171: ... now can create icons for Server Manager User Manager for Domains Policy Editor and WINS Administrator 5 When installation is complete terminate the connection to the ASTOOLS or ASTOOLSD shared resource 8 3 2 Installing AS U Administrator AS X Administration Tool The AS U Administrator enables you to modify the values of certain keys in the Advanced Server Registry This tool can be installed on Wi...

Page 172: ...TOOLS or ASTOOLSD e g server astools d Click on the OK button 3 Click on Start and then point to Settings 4 Click on the Control Panel 5 Double click on Add Remove Programs 6 Select the Windows Setup tab 7 Choose the Have Disk button Specify the directory Win95 on the network drive there must be a srvtools inf file in this directory that contains the Windows NT Server Tools Choose OK 8 Click on th...

Page 173: ...Server Tools you must have adminis trative privilege at the computer you choose to administer 8 3 3 1 Additional Password Prompts When you use Windows NT Server Tools on a Windows 95 98 client computer you will be asked to log on or to enter your password for verification These additional password prompts are necessary to ensure that you have administrative privilege for the server on which you ar...

Page 174: ...T Server tools on a computer running Windows 95 98 Ê To use Server Manager on a computer running Windows 95 98 1 Click on Start point to Programs and then point to Windows NT Server Tools 2 Click on Server Manager 3 Select a computer to administer Or from the Computer menu choose Select Domain to see computers in another domain 8 3 3 6 Using User Manager for Domains Use the following procedure to ...

Page 175: ...on the toolbar 2 In the Properties dialog box click on the Security tab Now you can change the settings for permissions auditing and ownership of the object Note that there are several methods for selecting an object to administer that do not work in Windows 95 98 including the following Administering print queues through the Printers list in My Computer These print queue objects represent print q...

Page 176: ...p lists of accounts it allows the creation of local groups to help manage access to files and directories Event Viewer allows users to view system and application event logs on servers within the domain You can view the security log only if you are logged on as a member of the Administrators group When the Windows NT Server Tools program group is installed on a Windows workstation the File Manager...

Page 177: ...ose Run from the File menu to execute the setup exe program or double click on the setup exe executable If you choose Run the system displays a confirmation box Click on OK to run the file Ê The system displays the Windows NT Server Tools Setup Program window on the client computer Click on Continue Ê Select the Install all files button Windows NT Server Tools will be installed at the root drive i...

Page 178: ...file Ê Edit the autoexec bat file to reflect the following changes The directory containing the Windows NT Server Tools must be on the PATH line If you are in a time zone other than Pacific Standard Time PST copy the time zone statement recommended in the srvtools new vars bat file Add a set tz line to set the time zone For example if you are in Paderborn you would add the following line SET TZ UC...

Page 179: ...th the msclients package Net Command lists the Net commands that are available to administer Advanced Server at the command prompt 9 1 Advanced Server Commands You can use UNIX system commands at the Advanced Server command prompt to perform several administrative tasks The following table lists the UNIX system commands that administrators can use with Advanced Server Complete descriptions of each...

Page 180: ...in the event that errors occur asxperf Used to get a rough overview of the CPU time consumption of Advanced Server and other processes asxpwexp Used to check which Advanced Server users passwords are due to expire and to notify users by electronic mail asxregview Comfortable display and search utility for the contents of the Advanced Server Registry database at the UNIX command prompt blobadm Disp...

Page 181: ... to and from UNIX system user names netevent Used to send administrative or user alerts or to send printing alerts to users submitting print jobs printadm Used to check display modify export and import the printer driver configuration on Advanced Server systems promote Changes the role of an Advanced Server domain controller to be either a primary domain controller or a backup domain controller re...

Page 182: ...Shift JIS S JIS to Extended UNIX Code EUC encoding srvconfig Used to display or modify Advanced Server configu ration information stored in the lanman ini file srvstat Generates an activity monitor that displays statistics which summarize total server usage as well as file and print service requests made by individual users ud Converts text files between MS DOS UNIX system and Macintosh file forma...

Page 183: ...erator privileges that enable them to perform specific tasks These privileges are sufficient to use the Net command to administer a local server at the Advanced Server command prompt However to use the Net command to administer a remote Advanced Server you must be logged on to Advanced Server as an Administrator with full administrative privilege If you have different operators responsible for par...

Page 184: ... batch files Enter a net admin command followed by multiple net commands For example to execute multiple net commands on a server named payroll type the following net admin payroll command This creates an administrative command shell from which you subsequently can issue Net commands The prompt changes to include the name of the server you are remotely administering for example payroll Any Net com...

Page 185: ... command itself For example to log the user name jim with the password kahuna on the network you would type net logon jim kahuna You can also ask the Advanced Server to prompt you for your password replacing the password with an asterisk when you type the command In the UNIX operating system the asterisk is a special character and must be preceded by a back slash For example to use the same resour...

Page 186: ...ote connections LPT1 Continuing will cancel the connections Do you want to continue this operation Y N Y You can use the yes and no options with any Net command to anticipate and respond to a prompt For example you are not prompted for confirmation when you type the following net logoff yes 9 2 1 6 Using Abbreviations The command reference pages in this chapter always use the full command names co...

Page 187: ...ecial characters that you may encounter For more information on special characters consult your UNIX system documentation 9 2 1 8 Typing Path Names With UNIX System Net Commands The UNIX system uses a forward slash to separate names in a path This is different from client computers which use back slashes Always precede path names with c when using the Net command When typing path names at a UNIX s...

Page 188: ...be used with the command if desired When a vertical bar separates items within braces or brackets only one of the options must be used For example hold release delete indicates that only one of the three options must be used When an ellipsis appears in a syntax statement it indicates that you can repeat the previous item s For example route devicename indicates that you can specify more than one d...

Page 189: ...mmands net help command options Detailed description of the options of the command you selected Command Descriptions net access Displays or modifies resource permissions on servers Use this command only for displaying and modifying permis sions on pipes and printer queues Use net perms for managing permissions on all other types of resources net accounts Displays the role of servers in a domain an...

Page 190: ...d as net groups net help Provides lists of network commands and topics for which you can get help or provides help for a specific command or topic net helpmsg Provides help for a network error message net localgroup Adds displays or modifies local groups in domains This command also can be typed as net localgroups net logoff Logs a user name off of the network net logon Logs a user name on to the ...

Page 191: ...ns displays a list of services that are running The services that can be started are Alerter Computer Browser Directory Replicator EventLog Net Logon Netrun NvAlert Server Time Source and WINS net statistics Displays or clears the statistics log net status Displays a server s computer name configuration settings and a list of shared resources net stop Stops a network service net time Synchronizes ...

Page 192: ...patible with the protocols defined for NBNS in RFCs 1001 and 1002 It therefore is interoperable with other implementations of these RFCs WINS for Advanced Server is fully compatible with Microsoft WINS client implemen tations including Microsoft TCP IP 32 for Windows for Workgroups 3 11 Windows 95 98 Windows NT Workstation Windows NT Server and the Microsoft Network Client Version 3 0 and with the...

Page 193: ...ll distinguished On the local network the computer name is the name that was supplied either during Advanced Server or Windows NT setup To ensure that both names and IP addresses are unique a computer using NetBIOS over TCP IP registers its name and IP address on the network during system startup A computer can use one or more of the following methods to ensure accurate NetBIOS name resolution in ...

Page 194: ...ee Windows NT Help and the Microsoft Windows NT Resource Kit Networking Guide On a computer running Advanced Server a names cfg file can be used in a way compa rable to the LMHOSTS file see section The names cfg file Advanced Server networking components never use HOSTS files for name resolution 10 1 1 NetBIOS over TCP IP NetBT Name Resolution NetBIOS over TCP IP NetBT is the session layer network...

Page 195: ...roadcast messages to resolve names NetBT also can use LMHOSTS files for name resolution depending on how TCP IP is configured on a particular computer Advanced Server can respond to b node and h node NetBT modes Windows NT supports all of the NetBT modes Client computers can use the modes described in the following sections B Node Broadcast Node The b node mode uses broadcasts for name registratio...

Page 196: ...e The advantages of the m node mode are the following The m node can cross routers Because the b node always is tried first computers on the same side of a router continue to operate as usual if the WINS server is down In theory it should increase local area network LAN performance H Node Hybrid Node The h node mode solves the most significant problems associated with broadcast messages and with r...

Page 197: ...solution Some sites may need to use both b node and p node modes at the same site Although this configuration can work administrators must exercise caution using it only for transition situations Because p node hosts disregard broadcasts and b node hosts rely on broad casts for name resolution the two hosts potentially can be configured with the same NetBIOS name leading to unpredictable results N...

Page 198: ...e p node computers To allow browsing across routers without WINS the network administrator must ensure that the users primary domain has Advanced Server Windows NT Server or Windows NT Workstation computers on both sides of the router to act as master browsers These computers need correctly configured LMHOSTS names cfg files with entries for the domain controllers across the subnet With WINS such ...

Page 199: ...ntermediary either by communicating with the WINS server or supplying a name to IP address mapping from its cache The illustration above shows the relationships among WINS servers and clients including proxies for non WINS computers and replication between WINS servers WINS proxy WINS enabled Non WINS enabled WINS enabled WINS enabled WINS enabled Non WINS enabled Router Router WINS Server WINS Se...

Page 200: ...e WINS server 2 The WINS server responds directly to Client B with Client A s IP address 3 The WINS server responds directly to Client C with Client X s IP address If the WINS server is unreachable the query fails Client B switches to b node and sends the query as a broadcast message on the local subnet Client C responds directly to Client A with Client X s IP address Client A receives the broadca...

Page 201: ...que for each device If WINS is enabled on the client The name registration request is sent directly to the WINS server to be added to the database A WINS server accepts or rejects a computer name registration depending on the current contents of its database as follows If the database contains a different address for that name WINS challenges the current entry to determine whether that device stil...

Page 202: ...the computer so that the two systems can establish a session Name Renewal Client computers periodically are required to renew their NetBIOS name registrations with the WINS server When a client computer first registers with a WINS server the WINS server returns a message that indicates when the client will need to renew its registration as follows Default renewal interval for entries in the WINS d...

Page 203: ...llenge the name when the computer is reconnected If an orderly shutdown did not occur the name registration with a new address causes the WINS server to challenge the registration The challenge fails and the registration succeeds because the computer no longer has the old address If WINS is not enabled on the client When a non WINS computer releases a name a broadcast is made to allow any systems ...

Page 204: ...is not found in the cache the non WINS computer sends name query request packets as broadcast messages on the local subnet These broadcast messages normally cannot pass IP routers If local name resolution fails the local LMHOSTS file is consulted on computers running Microsoft Networking components These processes are followed whether the computer is a network server a workstation or another devic...

Page 205: ...hecked Included in the search are any centralized LMHOSTS files referred to in INCLUDE statements in the local file On Advanced Server computers the name table containing the mappings from the names cfg file normally is consulted at this point 4 Advanced Server computers never use a HOSTS file or DNS for name resolution WINS servers accept and respond to UDP name queries Any name to IP address map...

Page 206: ...S server across a router The WINS proxy caches stores in memory computer name to IP address mappings it receives from the WINS server These mappings are used to respond to subsequent IP broadcast name queries from b node computers on the local subnet The name to IP address mappings that the WINS proxy receives from the WINS server are stored in the WINS proxy cache for a limited time By installati...

Page 207: ...f dial up TCP IP networking servers including the following UNIX system servers that support either of the industry standard point to point protocol PPP or serial line IP SLIP dial up TCP IP networking standards Windows NT remote access service RAS servers Third party remote access service servers that support PPP and or SLIP connections such as those that are available from CISCO 3COM and Bay Net...

Page 208: ...tion of clients in each subnet should be considered first when deciding how many WINS servers are required There is no builtin limit for the number of NetBIOS names that one WINS Server can handle See the following sections Planning for WINS Client Network Traffic Planning for WINS Server Performance and Planning Replication Partners and Proxies Is the WAN bandwidth sufficient to support WINS serv...

Page 209: ...imum of three name registration requests and three entries in the WINS database Any server either NT Server or Advanced Server for UNIX usually registers more NetBIOS names than other WINS enabled clients The name registration requests generated by a server include the following Server component Domain names Browser service name Additional network program and service names 10 2 1 1 WINS Client Tra...

Page 210: ...ibution of this WINS client startup load Roving User Name challenge traffic occurs when a user stops the computer and then moves and starts the computer on a different subnet with another primary WINS server Typically the name registration request is answered with a Wait for Acknowledgment message 100 bytes and the new WINS server assuming the active entry was replicated challenges the IP address ...

Page 211: ...le if your network has multiple hubs connected by relatively slow wide area network WAN links you can configure WINS database replication between WINS servers on the slow links to occur less frequently than replication on the local area network or on fast WAN links This reduces traffic across the slow link and reduces contention between replication traffic and WINS client name queries For example ...

Page 212: ...rs will go on line simul taneously the conservative recommendation is that you plan to include one WINS server and a backup server for every 10 000 computers on the network The maximum rate at which a WINS Server can handle registrations and queries depends almost solely on the CPU performance as long as the media bandwidth is clearly below saturation Adding more CPUs to an Advanced Server compute...

Page 213: ...ver contains addresses for every node on the WAN Another option is to set up a chain of WINS servers where each server is both the push partner and pull partner with a nearby WINS server In such a configuration the two servers at the ends of the chain would be push and pull partners with each other Other replication partners can be established for your site s needs 10 3 Setting Up a WINS Server Ad...

Page 214: ...nbrfc conf interfaces cfg The interface to be used by the WINS server is marked with the line used_by_wins yes For details see section The interfaces cfg file 4 On a connected Windows NT Workstation computer Ê Install WINS Manager to be able to fully administer WINS see below Ê Use the wins command to start and stop the WINS service manually from the Advanced Server command prompt Ê Use the winsad...

Page 215: ...service can become an important aspect Therefore unlike other services within Advanced Server the WINS Service is to some degree able to run independent of all other services although there are some restrictions concerning administration You can start and stop the WINS server manually from the Advanced Server command prompt by using the wins command This command can be used any time regardless of ...

Page 216: ...es to support name registrations name queries etc The configuration of the startup type automatic for the WINS service is equivalent to the existence of a corresponding entry of the service name in the lanman ini file Example of lanman ini file entry server srvservices alerter netlogon browser wins The asx stop command also stops the WINS service If only the SERVER service has to be shutdown for a...

Page 217: ...r network to increase the availability and balance the load among servers When using multiple servers each WINS server should be configured with at least one other WINS server as its replication partner You should have multiple WINS servers installed on your network for the following reasons To distribute NetBIOS computer name query and registration processing load To provide WINS database redunda...

Page 218: ...gistered name is valid without a refresh A WINS client will try to refresh a registered name already after half of the interval is expired If there is no successful refresh within the Renewal Interval the name is marked as released The default is six days Extinction Interval Specifies the interval between when an entry is marked as released and when it is marked as extinct The default is dependent...

Page 219: ...ted as dynamic when they conflict with a new registration or replica This means that if they are no longer valid they will be overwritten by the new registration or replica By default this option is not checked You should have this option checked only a limited period of time The purpose of Migrate On is to ease the process of making a B node an H node WINS client If set the static nature of uniqu...

Page 220: ...d when a WINS server polls another server to get replicated infor mation This can begin when the WINS server is started and is repeated based on the configured update count or time interval or by using WINS Manager to start immediate replication Replication also is triggered when a WINS server reaches a threshold set by the adminis trator This is an update count for registrations and changes In th...

Page 221: ...NS administrator or immediate replication initiated by the WINS administrator using WINS Manager Push partner A push partner is a WINS server that sends a message to its pull partners that the WINS database has changed When the pull partners respond to the message with a replication request the push partner sends a copy of its new WINS database entries to the pull partners The push partner notifie...

Page 222: ...ode to dynamically register the name Static mappings are not recommended for WINS enabled clients Use the Static Mappings command on the Mappings menu in WINS Manager to view add edit delete import or filter static mappings Static entries that are not owned by the currently administered WINS server but replicated from a partner do not show up in the Static Mappings box Once a static name to IP add...

Page 223: ...a address or if none is present it overwrites the oldest registration In Windows NT 3 51 the Domain name type was called Internet group With Windows NT 4 0 the Internet group type has been generalized to include not only group names ending with 0x1C see below Internet group Internet groups are user defined groups that allow you to classify resources such as printers for easy reference and browsing...

Page 224: ... a result no clients not even administrative clients can create files under a UNIX system root share This causes access denied errors Prior to importing static mappings through WINS Manager you must set the parameter IgnoreUnixPermissions to 1 in the Advanced Server Registry You do not have to stop and restart the server Note that the IgnoreUnixPermissions 1 setting is effective only if the UnixQu...

Page 225: ...NS server that owns the entries Use WINS Manager to choose the Show Database command from the Mappings menu By default the Show Database dialog box shows all mappings for the WINS database on the currently selected WINS server You can select a Sort Order option to sort by IP address computer name time stamp for the mapping version ID or type To view only a range of mappings choose the Set Filter b...

Page 226: ...nager to examine the current database backup path and to establish a new one By default WINS performs complete database backups periodically approxi mately every 24 hours to the current or default database backup path For more infor mation see the Help topic Backing Up and Restoring the Database in WINS Manager Help In addition to the backups that occur automatically you may wish to perform manual...

Page 227: ...Server Configuration dialog box You can also clean the database manually To manually scavenge the WINS database choose the Initiate Scavenging command from the Mappings menu The following table describes the results of scavenging a WINS database State before scavenging State after scavenging Owned active names for which the Renewal interval has expired Marked released Owned released name for which...

Page 228: ... Server WINS database Ê Log on to the Advanced Server WINS computer as root Ê Stop the WINS server by typing the following command wins stop Ê Compact the WINS database by typing the following command winsadm c Ê Start the WINS server by typing the following command wins start 10 8 Troubleshooting WINS Servers This section describes some basic troubleshooting steps for common problems and also des...

Page 229: ...ecessary use the asx start command to start the service Resolving common WINS errors To resolve duplicate name error messages Ê Check if the WINS database contains name to IP address mappings for the name If there is a static address record with the name and an inconsistent IP address delete it from the primary WINS server database Or Ê Check the MigrateOn box using the Advanced option in the WINS...

Page 230: ...fails Ê Make sure the path for the WINS backup directory exists To locate the source of Access Denied error messages when connecting WINS Manager to WINS Ê Check that you are logged in as a member of the Administrators group Troubleshooting the WINS Server Database If you have determined that the Windows Internet Name Service is running but you cannot connect to the server using WINS Manager then ...

Page 231: ...tuations in which using them may be appropriate Administrators often can reduce the amount of time required to solve problems by observing the following guidelines Be aware of and familiar with the tools and services that can be used for server trouble shooting Configure the available server utilities to gather the necessary data as a general practice Assess the status of the server at regular int...

Page 232: ...asis for understanding how a normal problem free server appears Over time information that deviates from the norm will be an indication that something has changed and warrants your attention Tools for assessing the status of the server include the following 11 1 1 1 Event Viewer A number of events related to the daily operation of the server can be tracked using Event Viewer These events are maint...

Page 233: ... to recognize and address changes in server operation The following statistics are maintained for the Advanced Server Statistic Description Statistics since Tells when this set of statistics began either at the last server startup or the last time the statistics were cleared Sessions accepted Tells how many times users connected to the server Sessions timed out Tells how many user sessions were cl...

Page 234: ...of administrative activity and should not be deleted Closing Sessions An administrator can disconnect a user from the server at any time Closing a user session does not prevent the user from reconnecting Ê To disconnect a user session from a Windows NT computer or from a Windows client computer using Server Manager 1 Start Server Manager 2 Select the Advanced Server about which you want to view se...

Page 235: ...le command at the Advanced Server command prompt 11 1 1 5 Print Subsystem Event Logging Advanced Server maintains a separate print log for each printer share and each UNIX system printer it uses These log files record any message generated because of a printer fault or print job error An administrator should check these log files periodically to determine whether any such errors are occurring The ...

Page 236: ...e number of server errors exceeds a threshold set in the Advanced Server Registry The number of bad access attempts exceeds a threshold set in the Advanced Server Registry The number of bad password attempts exceeds a threshold set in the Advanced Server Registry Errors were encountered during start of the Net Logon service A printer is malfunctioning A print request has been deleted or completed ...

Page 237: ...erver command prompt 11 1 3 2 lmstat The lmstat command interrogates the server s shared memory image to gather a variety of data about the current state of the server This command is especially useful when you want to determine which server process a client session is on Advanced Server is composed of a set of cooperative processes When the server is running enter the following command asx status...

Page 238: ...l when using the UNIX system truss command This command requires a process ID as part of its startup arguments 11 1 3 3 regconfig The regconfig command is used to query or change Advanced Server Registry key infor mation You can use this command to change any value in the registry You also can use the Windows NT Registry Editor and the AS U Administrator to change key values The regconfig command ...

Page 239: ...f any parameter you wish to modify The lanman ini file contains several parameters that you can modify to change Default settings are used for most of these parameters However a certain number of them can be changed overriding the default values set at server installation To display the default settings of the lanman ini file use the following command srvconfig p more This command generates a list...

Page 240: ...f relevance for the configuration and operation of Advanced Server for UNIX and NetBIOS In contrast to asxcheck no check is performed The information is written to the text file xASX logs asxinfo pid This file could be made available to the support staff in the event of any problems For more information about asxinfo type man asxinfo at the Advanced Server command prompt 11 1 3 10 asxperf The asxp...

Page 241: ...u start the server unable to post the name on any network name Reviewing all of the modules involved in the end to end connection between a client and Advanced Server it is easy to see that isolating a problem is the first step for problem solving in a client server networking environment Before assuming that the problem is with the server you must ensure that other networking software is function...

Page 242: ... can be used to monitor the health of the physical network It is worthwhile to check network traffic periodically with one of these devices to see whether there are problems occurring with the physical network Step 2 Verify the Transport Protocol Status If the physical network appears to be functioning properly the next step is to determine whether the various computers on the network can see each...

Page 243: ...isk space in critical file systems such as root or var Insufficient system memory causing excessive swapping CPU bound conditions Unbalanced disk loads Improperly tuned kernel parameters such as maximum number of open files or maximum number of locks Operating system problems usually will affect all or most client computers connected to the server Do not spend much time on this step if you are tro...

Page 244: ... processes each with a unique number displayed at the end of the line may be displayed The server spawns new worker processes based on the number of clients supported by the server As more client sessions are started more lmx srv processes may be started each with a unique process ID and number This is normal If the server is not running use the net start server command at the command prompt Are A...

Page 245: ...sonnel at a later date The following message is particularly indicative of a server problem An Advanced Server for UNIX systems process with pid no unexpectedly terminated This message indicates that a server process has encountered an unexpected error Depending on how your server is configured there may be a core file located on your system If the value of the CoreOk keyword is set to 1 yes in th...

Page 246: ...ction properly If you detect that one of these resources is missing stop and restart the server to determine whether they are shared at server startup If they are not displayed contact your service representative The remaining resources are default resources typically used by clients during logon NETLOGON to connect to home directories USERS and to access utilities or error logs DOSUTIL OS2UTIL PR...

Page 247: ...ccurs ensure that your server has not exceeded the maximum number of clients that it is configured to support This number is indicated by the maxclients parameter in the server lanman ini file It can be displayed using the srvconfig g maxclients command Has the Advanced Server Registry Been Corrupted Execute the regcheck C command to determine whether the internal format of the registry file has b...

Page 248: ...t particular user Also verify that the access permissions on the resource allow the desired action to be performed for example the user has read only permission but is attempting to edit a file Also verify that the maximum user limit for a particular shared resource is not being exceeded 4 On the shared resource check the file attributes and the UNIX system access permis sions If necessary use the...

Page 249: ...ermined by two keywords in the Advanced Server Registry UnixFilePerms and UnixDirectoryPerms Check whether the values assigned to these keywords provide the desired UNIX system protection for your files and directories These keywords are in the following key SYSTEM CurrentControlSet Services AdvancedServer FileServiceParameters For more information see the chapter Advanced Server Registry For more...

Page 250: ...s AdvancedServer FileServiceParameters This will cause Advanced Server to ignore all UNIX system permissions on files except for read only permissions which are translated into read only file attributes when client computers attempt to access files Note that the setting IgnoreUnixPermissions 1 is effective only if the UnixQuotas parameter is set to 0 For more information about the Advanced Server ...

Page 251: ...sions each The first set shows the user owner access permissions The second set shows the group access permissions The third set shows the access permissions provided to other UNIX system users Following are the access permissions abbreviations and their meanings The following access permissions rarely appear in a display but are described here for completeness Permission Description r Permission ...

Page 252: ...w file with the name of the source file The temporary file is then deleted The permissions that have been assigned to a specific file are not assigned to the new file which has the same file name These permissions apply only to the original file which was renamed to the temporary file name and then deleted The updated file is treated as a completely new file by Advanced Server which means it inher...

Page 253: ...olution It can take as long as 12 minutes for the system to update the browse list The administrator can edit the Advanced Server Registry on the backup domain controller to change the value of the BackupUpdate keyword to the value in seconds for which updates are desired Note that increasing the browse update frequency will generate increased network traffic The BackupUpdate keyword is located in...

Page 254: ... to insert the Windows NT CD to obtain the appropriate driver The system will confirm that the printer driver is being uploaded to the Advanced Server Problem Changes made to Windows NT client printers and jobs are not displaying automatically Resolution Manually refresh the screen by pressing F5 key This is required to update the screen whenever you pause resume delete or add printers Problem Pri...

Page 255: ...connected to parallel port LPT1 or PRN on your client computer Print jobs sent to that printer over the network rather than locally do not print although print jobs sent from your owner client computer do print indicating that the printer itself is opera tional Resolution Enter the net use command If the display shows that the LPT1 or PRN port ID is linked to the printer unlink that port ID then l...

Page 256: ... you want to set each unknown file system individually to a specific known file system follow these steps 1 At the UNIX system prompt type this command and press ENTER df n pathname Replace pathname with the name of the path to the unknown file system The system displays the mount point and file system type as specified by the UNIX operating system 2 Set the fsmap parameter in the fsi section of t...

Page 257: ...his program is invoked automatically when the asxserver package is installed or a corresponding service pack When the script has been executed a lock file xASX etc map done is created which prevents a further run The xASX etc mapnames script is started in the background and only terminated fully when the lock file is available The xASX etc mapnames sh script must not be called before this The xASX...

Page 258: ...d asx_wins Start stop script for the WINS service init d ms_srv Start stop script for the server init d nbrfc Start stop script for NetBIOS rclmx Advanced Server for UNIX environment variables rc0 d xxx asx_srv Link to etc init d asx_srv for automatic stop xxx represents K19 for example rc2 d xxx asx_srv Link to etc init d asx_srv for automatic start xxx represents S99 for example rc0 d xxx asx_wi...

Page 259: ...ths Link to var opt lanman bin lmpaths lmshell Link to var opt lanman bin lmshell lmx Link to var opt lanman bin lmx midl Link to var opt lanman bin midl nbrfc Link to var opt nbrfc bin nbrfc nbrfcdiag Link to var opt nbrfc bin nbrfcdiag nbtstat Link to var opt nbrfc bin nbtstat net Link to var opt lanman bin net sjistoeuc Link to var opt lanman bin sjistoeuc ud Link to var opt lanman bin ud unix2...

Page 260: ...libmsrpc so Link to var opt lanman lib libmsrpc so libnbdns so Link to var opt nbrfc lib libnbdns so librpcapi so Link to var opt lanman lib librpcapi so libsam so Link to var opt lanman lib libsam so libtask so Link to var opt lanman lib libtask so msrpc ip_tcp so Link to var opt lanman lib msrpc ip_tcp so msrpc np so Link to var opt lanman lib msrpc np so snmpd lib lmxext so From asxsnmp package...

Page 261: ...ctory for internationalized message texts readme Description of current changes for Support Center regfiles Directory for registry files samsave Directory for saved SAM database files sharefile old Saved list of shared resources from upgrade installation spool Spool directory timex Directory for internal use wins Directory for WINS database Path var opt lanman addon Comment psaddon lp_ops so ATTHP...

Page 262: ...scripts getrole Outputs information on domains and server roles jobdonmsg Sends messages about print jobs to workstations joindomain Administrator command for changing the server domain configuration lmat Starts a program on the server at a particular time lmecho Program with the functionality of net helpmsg Impaths Script for setting internal environment variables lmshare Program with the functio...

Page 263: ...oad Administration script for registry internally used regpreload Internal script for registry administration regshare Internally used for upgrade installation regupgrade Administration script for registry internally used rmacl Deletes ACL information samcheck Checks and repairs the user account database seprimary Used internally by the configuration scripts setdomain Internal program for setdomai...

Page 264: ...pool 4 x interface xprwait Administration script for Spool 4 x interface Path var opt lanman datafiles Comment Directory with Advanced Server for UNIX data accounts lm2 Backup of the LAN Manager X 2 x database accounts lmx LAN Manager X 2 x database not used by Advanced Server for UNIX acl ACL database of Advanced Server for UNIX access control list Builtin Account database of Advanced Server for ...

Page 265: ...onfiguration file for asxpwexp asxregview Command for displaying registry values asxsetup Program for changing the server configuration asxupgrade Upgrade a 2 user demo version to a full version delserver Deletes a servername added with addserver liblmxco so Internal shared library liblmxsup so Internal shared library libXpCLI so 2 Internal shared library for systems with no Spool V4 instal lation...

Page 266: ...rsion libasu850 so Library with functions for code conversion libasulang so Library with functions for code conversion libasusec so Library with security functions libasusjis so Library with functions for code conversion liblmx so Library with Advanced Server for UNIX functions liblmxpsi so Library with internal interface to the Spool system libmsrpc so Library with internal interface for RPC libr...

Page 267: ...r the Netrun service lmx nvalert Program for the Net View Alerter service not supported by Siemens Advanced Server for UNIX lmx repl Program for the Replication service lmx wins Program for the WINS service Path var opt lanman shares Comment Automatically shared directories asu repl Directory for the Replication service asu repl export Export directory for the Replication service asu repl export s...

Page 268: ...terfaces32 or add_interfaces64 depending on the system add_names Internal utility for loading the name table addname Loads static NetBIOS names addwins Internal utility for loading the WINS addresses cr_interfaces Creates the interfaces cfg configuration file del_names Deletes the name table in the driver delname Deletes static NetBIOS names in the driver delwins Internal utility for deleting the ...

Page 269: ...nbtstat64 depending on the system Path var opt nbrfc conf Comment interfaces cfg Configuration of the NetBIOS network interface names cfg Configuration of the NetBIOS name table names sam Sample file for names cfg nbrfcdaemon cfg Configuration of the NetBIOS daemon startup wins cfg Configuration of WINS servers wins sam Sample file for wins cfg Path var opt nbrfc lib Comment libnbdns so Library wi...

Page 270: ...r for UNIX Systems and earlier versions of Advanced Server This chapter provides the following information Overview of the Advanced Server Registry structure Description of Registry Editor Description of AS U Administrator Descriptions of the Advanced Server Registry keys and values For information about the Advanced Server parameters that are stored in the lanman ini file and how lanman ini file ...

Page 271: ...itself which can be data of any length The three parts of value entries always appear in the following order Data types such as REG_SZ or REG_EXPAND_SZ describe the format of the data which can be up to 1 MB Data types from 0 to 0x7fffffff are reserved for definition by the system and applications are encouraged to use these types Data types from 0x80000000 to 0xffffffff are reserved for use by ap...

Page 272: ... are this type ErrorControl REG_DWORD 0x1 REG_EXPAND_SZ An expandable data string which is text that contains a variable to be replaced when called by an application For example for the following value the string SystemRoot will be replaced by the actual location of the directory containing the Advanced Server system files File REG_EXPAND_SZ SystemRoot file exe REG_MULTI_SZ A multiple string Value...

Page 273: ... command prompt and type regedt32 13 2 1 Connecting to a Remote Registry To edit the Advanced Server Registry using the Windows NT Registry Editor you must connect to Advanced Server from the Registry Editor of a remote Windows NT computer To do so use the Select Computer command in the Registry menu of the Registry Editor Connecting to the Advanced Server Registry remotely will result in the disp...

Page 274: ...The hierarchical structure that appears in Registry Editor is similar to the hierarchical directory structures of Windows NT Explorer Your ability to make changes to the registry using Registry Editor depends on your access permissions Generally you can make the same kinds of changes using Registry Editor as your permissions allow for other administrative tools ...

Page 275: ...ws NT Explorer For example Double click a key name to expand or collapse an entry Or click commands from the View and Tree menus to control the display of a selected key and its data Use the mouse or arrow keys to move the vertical split bar in each window to control the size of the left and right panes Click Tile or Cascade from the Window menu to arrange the Registry Editor windows Click Auto Re...

Page 276: ...you must install it on a Windows NT Workstation Versions 3 51 or 4 0 computer serving as administrative network client as described in chapter Installing Network and Administrative Client Software in section Installing AS U Administrator AS X Administration Tool To start AS U Administrator click on its icon or execute the Run command in the Windows NT Start menu In the Select Computer field enter ...

Page 277: ...MasterUpdate BackupUpdate BackupRecovery MoreLog Connected Clients SYSTEM CurrentControlSet Services Netlogon Parameters LogonQuery QueryDelay RelogonDelay SYSTEM CurrentControlSet Services LanmanServer Parameters AutoDisconnect File Name Space SYSTEM CurrentControlSet Services AdvancedServer Mapping FileServiceParameters NameSpaceMapping UniqueSuffixLength MixedCaseSupport TruncatedExtensions Map...

Page 278: ...ceParameters IgnoreUnixPermissions UnixDirectoryCheck UnixFilePerms UnixDirectoryPerms UseUnixLocks RootOwnsFilesCreatedOnNFS UPS Service SYSTEM CurrentControlSet Services UPS Parameters IgnoreSIGPWR PowerFailAddress PowerFailMessage PowerMessageInterval Users Alerts SYSTEM CurrentControlSet Services AdvancedServer AlertParameters AlertAdminOnLicenseOverFlow AlertUserOnLicenseOverFlow SYSTEM Curre...

Page 279: ... subkeys located in the following path HKEY_LOCAL_MACHINE SYSTEM CurrentControlSet Services AdvancedServer Alerter Browser EventLog LanmanServer LanmanWorkstation Netlogon Netrun Replicator UPS WINS The server must be stopped and then restarted in order for most changes to the Advanced Server Registry to take effect The following parameters take effect as soon as they are changed Registry Path SYS...

Page 280: ...ze Retention Registry Path SYSTEM CurrentControlSet Services LanmanServer Parameters SrvComment SrvAnnounce Hidden Registry Path SYSTEM CurrentControlSet Services Netlogon Parameters Pulse Registry Path SYSTEM CurrentControlSet Services Replicator Parameters ExportList ExportPath GuardTime ImportList ImportPath Interval Pulse Replicate UnixDirectoryGroup UnixDirectoryOwner UnixFileGroup UnixFileOw...

Page 281: ...e Registry path that contains entries for the Advanced Server Alerter service is as follows HKEY_LOCAL_MACHINE SYSTEM CurrentControlSet Services AdvancedServer AlertParameters AlertAdminOnLicenseOverflow REG_DWORD 0 or 1 Specifies whether the server sends an administrative alert message when the maximum allowable number of clients is exceeded Default 0 message will not be sent You can change the v...

Page 282: ...EG_DWORD 0 100 Specifies the number of entries in ACL cache which keeps track of the results or recent access checks performed on Advanced Server resources Default 6 EAFilePrefix REG_SZ Character string Prefix used to name files containing extended attribute data For example by default the extended attributes for file foo are stored in EA foo Default EA EnableSoftCompat REG_DWORD 0 1 or 2 Specifie...

Page 283: ...eate new access control list ForceFileFlush REG_DWORD 0 or 1 Specifies whether to force a UNIX fsync 2 system call when an SMB flush request is received Not forcing fsync 2 system calls can improve file server performance files will be flushed automatically to disk by the UNIX fsflush daemon periodically regardless of the setting of this key Default 0 will not force fsync system call IgnoreUnixPer...

Page 284: ...Default 4096 MaxFileSizeInKB REG_DWORD 100 infinity The maximum file size in KBytes that Advanced Server will allow a user to create on the server Default 100000 MaxZeroFillInKB REG_DWORD 0 infinity MaxZeroFillInKB controls the amount of space in KB that is zero filled when a client performs a zero length write NT clients use zero length writes to pre allocate disk space when copying files On UNIX...

Page 285: ...oups to access files with long file names and file names containing characters that are invalid in DOS space A value of 2 specifies that only UNIX system to Windows NT mapping is enabled This allows Windows NT style clients such as Windows 95 98 Windows NT and OS 2 to access files with file names containing characters that are illegal in Windows NT A value of 3 specifies that both UNIX system to 8...

Page 286: ... feature can be used to distinguished longer file extensions from similar 3 character extensions that were unchanged For example enabling this feature prevents a file named file1 document from being mapped to a file named file xyz doc which could cause some clients to consider this file a Microsoft Word file This key affects only UNIX system to 8 3 file mapping Default 1 Do not replace last charac...

Page 287: ... allows writing only to directories with write permissions a value of 1 allows writing to directories belonging to or created by Advanced Server as determined by checking group memberships of directory and a value of 2 ignores UNIX system directory permissions Default 1 You can change the value of this key using the AS U Administrator The parameters UnixQuotas IgnoreUnixPermissions and UnixDirecto...

Page 288: ...apped Each action counts toward that user s quota an error message is sent to the client when the quota is exceeded Two quotas are supported i node and block quotas for UFS and NFS file systems This is true to the extent of the ability of these file systems to support UNIX system quotas See also the chapter Restricting the user s disk space Default 0 no restriction of disk space The parameters Uni...

Page 289: ... can be changed using AS U Administrator but only to the value 0 or 1 VolumeLabel REG_DWORD 0 or 1 Shows volume lable of physical volume Especially useful for sharing CD ROMs Default 0 show default label This functionality is not supported with the current version of AS X V4 0 WriteBehind REG_DWORD 0 or 1 Specifies whether physical UNIX system writes are performed before or after the server respon...

Page 290: ...cedServer NetAdminParameters NetAdminGroupName REG_SZ Character string The UNIX system group name assigned to the net admin servername c command Default DOS NetAdminPath REG_SZ Character string up to 256 characters The UNIX system path used to find commands submitted by the net admin servername c command Default var opt lanman bin bin usr bin NetAdminUserName REG_SZ Character string The UNIX syste...

Page 291: ...llows Windows NT Version 3 51 clients to administer big endian Advanced Servers Windows NT Version V4 0 or later clients can administer Advanced Server regardless of the setting of this keyword The value of this keyword must be set to 0 in order to install Microsoft Exchange Server correctly on a Windows NT Version 4 0 Server that is a backup domain controller to a big endian Advanced Server prima...

Page 292: ...leUpLevelPrinting REG_DWORD 0 or 1 Specifies whether to disable or enable Windows NT style printing If you chose to disable Windows NT style printing during an upgrade procedure resulting in the setting of this value to 1 then you can enable this feature by changing this value to 0 See chapter Installing Advanced Server for UNIX for more information about Windows NT style printing upgrade Default ...

Page 293: ...4 65535 The maximum amount of data that a client can exchange with the server in one message Default 65535 bytes MaxPrintQueueNameLength REG_DWORD 1 255 characters Provides dynamic control of the allowable length of the name of a printer queue LP subsystem commands currently allow class names to be as large as 255 characters but jobs sent to these classes cannot be controlled and many of the UNIX ...

Page 294: ...fault 1 send a message SizeGcBufferPoolInKB REG_DWORD 1 infinity The buffer size in KBytes allocated for each server process for client files Default 200 KBytes SpoolinAsUnixUser REG_DWORD 0 or 1 The parameter is only evaluated if the configured spooler is SPOOLV4 If the parameter is set to 1 Advanced Server submits the print jobs to the spooler under the user ID of the relevant UNIX user who is m...

Page 295: ...finity Specifies the length of time in milliseconds that the server sleeps when shared memory lock contention occurs The server retries busy locks at intervals specified in this key until the length of time specified in the value of the MaxLockTimeInSeconds key elapses Default 10 milliseconds MaxLockTimeInSeconds REG_DWORD 5 infinity The maximum interval in seconds that a server process waits for ...

Page 296: ...ircuits that each lmx srv process should be able to handle This limit normally is calculated on the fly by Advanced Server using the value of the VCDistribution Registry key and the value of the maxclients parameter in the lanman ini file If this value is non zero its value is used instead of the calculated value Default 0 Use value of VCDistribution key NumCIStructs REG_DWORD 0 infinity Sizes the...

Page 297: ...ess is allowed to run without serving a client before being terminated Default 120 seconds 2 minutes StopOnCore REG_DWORD 0 or 1 Specifies whether the lmx ctrl process is to stop if it finds that an lmx srv process has terminated unexpectedly Default 0 do not stop Advanced Server TimeToDrop REG_DWORD 0 infinity Instable clients can block a processs lmx srv which then cannot answer any more to quer...

Page 298: ...ing lmx srv process or if a new process should be started This key specifies the distribution of sessions over the lmx srv processes Values are entered in sets of three integers separated by commas each set of three number on a new line In each set the first number specifies the number of clients the second is the minimum number of virtual circuits each lmx srv process should support the third is ...

Page 299: ...Server RpcParameters BrowserMaxCalls REG_DWORD 5 infinity The maximum number of open browser sessions that an lmx srv process can support simultaneously Default 20 EventlogMaxCalls REG_DWORD 5 infinity The maximum number of open event log sessions that an lmx srv process can support simultaneously Default 20 Client Range Minimum sessions per lmx srv Maximum sessions per lmx srv 1 19 2 12 20 34 2 2...

Page 300: ...ult 20 SpoolssMaxCalls REG_DWORD 5 infinity The maximum number of print sessions that an lmx srv process can support simulta neously Default 50 SrvsvcMaxCalls REG_DWORD 5 infinity The maximum number of server sessions that an lmx srv process can support simulta neously Default 20 SvcctlMaxCalls REG_DWORD 5 infinity The maximum number of service control sessions that an lmx srv process can support ...

Page 301: ... The number of share entries to read during share list operations Setting this value greater than 1 causes the server to read ahead SHAREENTRY structures from the Registry Default 25 13 5 8 User Service Parameters Entries The Registry path that contains entries for the Advanced Server User Service Parameters is as follows HKEY_LOCAL_MACHINE SYSTEM CurrentControlSet Services AdvancedServer UserServ...

Page 302: ...e system does not assign existing UNIX system user accounts Instead new UNIX system user accounts are generated automatically and assigned to Advanced Server user accounts when they are created Default 0 A new Advanced Server user account can be assigned automatically to an existing UNIX system user account with an equal or similar name provided that the UNIX system user account is not specified i...

Page 303: ...hat should receive administrative alerts Default None CountNotOnNetworkCache REG_DWORD 0 infinity Specifies the number of non running cached clients to which the Alerter service should not send messages When the Alerter service tries to send a popup message to a client NetBIOS name resolution can cause unwanted delays if the client is not on the network To circumvent this problem the Alerter servi...

Page 304: ...ain Default 1800 seconds 30 minutes You can change the value of this key using the AS U Administrator BackupUpdate REG_DWORD 60 infinity Indicates the interval in seconds at which the backup browser refreshes its browse lists with the master browser Default 720 seconds 12 minutes You can change the value of this key using the AS U Administrator This parameter will influence network traffic between...

Page 305: ...supported types of events as follows Application Perflib Perfmon Replicator RemoteBoot Security LSA SC Manager Security Security Account Manager Spooler System Alerter Browser EventLog NetLogon Print Rdr SAM server Service Control Manager Srv Wins workstation Each of the three logfile subkeys for the EventLog service can contain the value entries described in this section The Registry path for the...

Page 306: ...n event under the following types of value entries EventMessageFile REG_EXPAND_SZ Character string Specifies the path and file name for the event identifier text message file CategoryMessageFile REG_EXPAND_SZ Character string Specifies the path and file name for the category text message file The category and event identifier message strings may be in the same file CategoryCount REG_DWORD 0 to inf...

Page 307: ...occur before the server sends an alert to the alertnames list Default 5 You can change the value of this key using the AS U Administrator Hidden REG_DWORD 0 or 1 Specifies whether the server is hidden on the network If the server is not hidden it announces its presence set in the SrvAnnounce and LmAnnounce keys Default 0 server is visible You can change the value of this key using the AS U Adminis...

Page 308: ... requires all of its clients to use SMB signing If a client does not have security signatures enabled it will not be able to connect to a server that requires security signatures Default 0 SrvAnnounce REG_DWORD 1 infinity Specifies the interval in seconds at which the server announces its presence to the network This key has an effect only if the value of the Hidden key is 0 Default 180 3 minutes ...

Page 309: ...pecifies the interval in seconds at which the server checks if linked clients are still active Default 900 15 minutes You can change the value of this key using the AS U Administrator Pulse REG_DWORD 60 3600 1 hour Specifies the interval in seconds for sending update notices when no updates are occurring to the master user accounts database This keyword applies only to a primary domain controller ...

Page 310: ...elogonDelay REG_DWORD 1 infinity Specifies the interval in seconds that a client can wait before logging back on to the server after the server has been stopped and restarted Default 2 You can change the value of this key using the AS U Administrator Scripts REG_EXPAND_SZ Specifies the location of the logon scripts directory Default on primary domain controller SystemRoot var opt lanman shares asu...

Page 311: ...ronize You can change the value of this key using the AS U Administrator 13 12 Netrun Service Parameters The Registry path that contains entries for the Advanced Server Netrun service is as follows HKEY_LOCAL_MACHINE SYSTEM CurrentControlSet Services Netrun Parameters MaxRuns REG_DWORD 1 to 10 Sets the maximum number of netrun requests that can run simultaneously Default 3 RunPath REG_SZ Path up t...

Page 312: ... Default local domain name ExportPath REG_SZ or REG_EXPAND_SZ Pathname Specifies the export path All files to be replicated must be in a subdirectory of the export directory This value is ignored if the value of the Replicate key is set to 2 Import Default C var opt lanman shares asu repl export GuardTime REG_DWORD 0 to one half of Interval Sets the number of minutes an export directory must be st...

Page 313: ...t even when no changes have occurred so that import servers that missed the original update notice can receive the notice The server waits the equivalent of Pulse Interval minutes before sending each repeat notice Default 3 Random REG_DWORD 1 to 120 Specifies the maximum time in seconds that the import servers can wait before requesting an update An import server uses the export server s value of ...

Page 314: ...ed directories Default lmxadmin UnixFileGroup REG_SZ Character string Specifies the UNIX system group account name for replicated files Default DOS UnixFileOwner REG_SZ Character string Specifies the UNIX system user account name for replicated files Default lmxadmin 13 14 UPS Service Parameters Entries The Registry path that contains entries for the Advanced Server Uninterrupted Power Source serv...

Page 315: ...tor PowerMessageInterval REG_DWORD 0 infinity Specifies the interval in minutes at which the server repeats the message sent when it receives a SIGPWR signal A value of 0 would indicate to send the message one time only Default 1 You can change the value of this key using the AS U Administrator 13 15 WINS Service Parameters The registry path that contains entries for the Advanced Server WINS servi...

Page 316: ...e to IP address mappings Existing files using a names cfg format see section The names cfg file can be converted to LMHOSTS format using the tool var opt nbrfc bin names2lm see section var opt nbrfc bin names2lm The Partners subkey has two subkeys Pull and Push under which are subkeys for the IP addresses of all push and pull partners respectively of the WINS server A push partner listed under the...

Page 317: ...If a parameter does not appear in the file or is commented out with a semicolon it is set to its default value Before attempting to change any of the parameters available in the lanman ini file it is useful to understand the relationship between the lanman ini file entries and server defaults Every server parameter has a default setting To display and edit default settings a utility program called...

Page 318: ...begins with a number from 1 to 9 it is decimal When a parameter has no assigned value nothing to the right of the equal sign the value is 0 for a parameter that requires a number and null for a parameter that requires a character string A null value is not valid for all parameters Ê To change a parameter in the lanman ini file 1 Use the srvconfig command to display default settings for the server ...

Page 319: ... man setservername at the Advanced Server command prompt Values any servername of 1 15 characters default null maxclients Identifies the maximum number of simultaneous client sessions that the server must support This number is set by default to 250 It can be increased to a number that is equal to the Advanced Server user licence ProductType Specifies the type of installed Advanced Server for UNIX...

Page 320: ... the mailslot used for periodic server announcements Values A path up to a maximum of 256 characters default MAILSLOT LANMAN Note that back slashes must be doubled on input or else the entire input line must be enclosed in single quotation marks Type text text or text text to enter text with a single back slash appsources The names of the modules that can write to the appli cation log Default The ...

Page 321: ...m commands To change the value of the listenname parameter use the setlang command For more information about this command type man setlang at the Advanced Server command prompt Default var opt lanman shares asu system32 001 domainlang Entry corresponding to the selection of the domain language during installation To change the value of the listenname parameter use the setdomainlang command For mo...

Page 322: ...rver supports numerous clients that all attempt to connect to the server simultaneously and some get refused you should raise the value of this parameter Only applicable if the listenname parameter is being used Values 1 unlimited default 3 lmaddonpath The directory for dynamic libraries bound into the server program and called at various times during server execution as described in the var opt l...

Page 323: ...efault no mapregistryblob Configures whether to use memory mapped file opera tions when accessing the Advanced Server Registry database Values yes no default no mapsamblob Configures whether to use memory mapped file opera tions when accessing the Advanced Server Security Accounts Manager database Values yes no default no maxfilesize The maximum file size in KBytes that the UNIX system redirector ...

Page 324: ...taddonpath The directory in which the Advanced Server looks for dynamic libraries on startup Dynamic libraries found in the directory are bound into the Advanced Server and used to access the various network interfaces on the server computer Values A path up to a maximum of 256 characters default var opt lanman addon networks nethelpfile The location of the help file used by the net help command r...

Page 325: ...rogram this can be any arbitrary string Default dev inet nb dev inet nbd 0 nbrfc newpoll Specifies whether the new Reliant UNIX poll interface is to be used If Reliant UNIX does not support the new poll the old poll is used automatically Default yes os2searchfix As a result of a AS X fix for NT clients problems have arisen since AS X 4 0A1001 with OS 2 clients displaying files and directories Ther...

Page 326: ...database can become extremely large because of the different names for the individual Net commands Values yes no default yes secsources The names of the modules that can write to the security log Default The server initializes the value of this parameter at startup srvstathelpfile The location of the help file used by the Activity Monitor Default var opt lanman msgfiles 001 srvstat hlp stacksize T...

Page 327: ...stems on the server Values A path up to a maximum of 256 characters default usr lib fs fsmap File system type identifiers that map unknown file systems to known file system types Values a comma separated list of mappings default unknown s5 nfs nfs vxfs ufs sfs ufs hs ufs cdfs ufs memfs ufs fsnosupport Maps unknown file system to specified file system Default s5 remotemounts The names of file syste...

Page 328: ...Name accessalert LanmanServer Parameters AccessAlert alertnames Alerter Parameters AlertNames autodisconnect LanmanServer Parameters AutoDisconnect enablesoftcompat AdvancedServer FileServiceParameters EnableSoftCompat enable_soft_file_ext AdvancedServer FileServiceParameters EnableSoftFileExtensions erroralert LanmanServer Parameters ErrorAlert listenname1 Control ComputerName ComputerName Comput...

Page 329: ...serServiceParameters MinUnixUid1 usrcomment AdvancedServer UserServiceParameters UserComment 1 These values are not displayed by default but can be configured in the Advanced Server Registry Netlogon Section Parameter Mappings to Registry Keys Lanman ini File Parameter Advanced Server Registry Key Name SYSTEM CurrentControlSet Services Value Name logonquery Netlogon Parameters LogonQuery maxclises...

Page 330: ...inUserName alertadmin None obsolete alerterrorlog None obsolete alertmessage None obsolete alerton None obsolete alertprinting None obsolete alerttimeout AdvancedServer AlertParameters ConnectTimeout alertuser None obsolete anncmailslot None lanman ini file appretention Eventlog Application Retention appsources Eventlog Application Sources auditretention Eventlog Security Retention blobmapping Non...

Page 331: ...rs ForceDirectoryAcl forcefileacl AdvancedServer FileServiceParameters ForceFileAcl gcbuffer AdvancedServer Parameters SizeGcBufferPoolInKB getapipe None lanman ini file groupadd None obsolete groupdel None obsolete grpupdate AdvancedServer UserServiceParameters GroupUpdateTime hashsize AdvancedServer ProcessParameters NumHashTables ignoresigpwr UPS Parameters IgnoreSIGPWR ipctries AdvancedServer ...

Page 332: ...erver FileServiceParameters MaxFileSizeInKB maxlocknap AdvancedServer ProcessParameters MaxLockTimeInSeconds maxmsdepth None obsolete maxmsgsize AdvancedServer Parameters MaxMessageSize maxmux LanmanServer Parameters MaxMpxCt maxopenfiles None obsolete maxrawsize AdvancedServer Parameters MaxRawSize maxvcperproc AdvancedServer ProcessParameters MaxVCPerProc maxsvcwait AdvancedServer Parameters Max...

Page 333: ... AdvancedServer UserServiceParameters NewUserShell nfscheck AdvancedServer FileServiceParamaters NfsCheck nfslocks AdvancedServer FileServiceParameters UseNfsLocks nonexistusers Alerter Parameters CountNotOnNetwork Cache nosendtime Alerter Parameters NotOnNetworkCache Timeout numnetsndbufs None obsolete oplocktimeout AdvancedServer FileServiceParameters OplockTimeout packageid None obsolete passmg...

Page 334: ...tParameters AlertAdminOnLicense Overflow sbstelluser AdvancedServer AlertParameters AlertUserOnLicense Overflow schedlogfilename None obsolete secsources Eventlog Security Sources sharefile None obsolete sharegroup None obsolete sharemkdir AdvancedServer ShareParameters MakeUnixDirectories OnShare shareowner None obsolete shareperms None obsolete shmgroup None obsolete shmowner None obsolete shmpe...

Page 335: ...vancedServer FileServiceParameters UseUnixLocks useoplock AdvancedServer FileServiceParameters UseOplocks userremark AdvancedServer UserServiceParameters UserComment ustructs AdvancedServer ProcessParameters NumUStructs uxclosecount AdvancedServer FileServiceParameters UnixCloseCount vcdistribution AdvancedServer ProcessParameters VCDistribution xpstat_dev AdvancedServer Parameters CallXpstatDev v...

Page 336: ...tlist Replicator Parameters ImportList importpath Replicator Parameters ImportPath interval Replicator Parameters Interval logon Replicator ObjectName password None obsolete pulse Replicator Parameters Pulse random Replicator Parameters Random repl_dirgroup Replicator Parameters UnixDirectoryGroup repl_dirowner Replicator Parameters UnixDirectoryOwner repl_dirperms None obsolete repl_filegroup Rep...

Page 337: ...le fsnosupport None lanman ini file maxfstypes None obsolete nfsroot AdvancedServer FileServiceParameters RootOwnsFilesCreated OnNFS ntfs AdvancedServer FileServiceParameters ReportNTFS remotemounts None lanman ini file volumelabel AdvancedServer FileServiceParameters Volumelabel Psi Section Parameter Mappings to Registry Keys Lanman ini Parameter Advanced Server Registry Key Name Value Name maxsp...

Page 338: ...ame maxruns NetRun Parameters MaxRuns runpath NetRun Parameters RunPath Browser Section Parameter Mappings to Registry Keys Lanman ini File Parameter Advanced Server Registry Key Name SYSTEM CurrentControlSet Services Value Name backuprecovery Browser Parameters BackupRecovery backupupdate Browser Parameters BackupUpdate lmannounce LanmanServer Parameters LmAnnounce masterupdate Browser Parameters...

Page 339: ...on software is also required on a server to process services server distri bution alerter This service enables the server to send warning and error messages to a specific list of client users These alarm messages deal with access violations when using shared resources and exceeding important limit values free storage area on the hard disk maximum error rate for network and hard disk access and max...

Page 340: ...r Displays all resources of all servers throughout the network including servers in other domains client A client is a computer which uses the services and shared resources of another computer the server over a local network A client cannot generally provide services to other computers computername Name of a computer within a local network Each computername is unique within a network connection A ...

Page 341: ...llowing actions can be undertaken displaying the shared resources of the server use of the distributed applications on the server by the user LM named pipe LM named pipes also known as OS 2 named pipes are bidirectional commu nication channels for interprocess communication in the local network similar to Berkeley sockets They are not the same as UNIX named pipes lanman ini An Advanced Server for ...

Page 342: ... network Netlogon This service implements Netlogon security If Netlogon is operating on one server in the domain then all usernames and passwords which must be specified by all logged on users in the domain are centrally verified Netlogon runs on all servers participating in Netlogon security This means that the user account databases are copied to all servers in the domain See also trust relation...

Page 343: ... which the original version of the user account database for this domain is maintained The primary domain controller also verifies netlogon requests See also Netlogon trust relationship and backup domain controller Registry A binary file containing server configuration data The registry is Windows NT compatible and can be accessed by the same tools like a Windows NT Registry For Advanced Server pa...

Page 344: ...nclude the workstation service which enables a computer to use shared resources in a local network The server service enables the server to share resources in a network Other services are Netlogon Auditing Net POPUP Netrun Replicator Alerter Browser Timesource WINS and Messenger session A session is opened if a client has successfully logged on to a server A session is required in order to set up ...

Page 345: ...files contained in these directories and additional directories shared printer Printer connected to a server which can be used as a shared resource in the local network The incoming print requests are transferred by the server to the configured system spooler shared program See netrun shared resource A shared resource is a server resource which can be used by the clients via a local network Exampl...

Page 346: ...ps defined in a trusted domain can be given rights and resource permissions in a trusting domain even though those accounts do not exist in the trusting domain s directory database user account Consists of all the information that defines a user to the Advanced Server This includes items such as the user name and password required for the user to log on the groups in which the user account has mem...

Page 347: ...rver provides a Windows NT compatible replicated dynamic database for registering and querying NetBIOS computer name to IP address mappings in a routed network environment Advanced Server WINS is designed to solve the problems that occur with name resolution in complex internetworks workstation See client ...

Page 348: ...DCE Distributed Computing Environment DHCP Dynamic Host Configuration Protocol DLL Dynamic Link Library DNS Domain Name Service EA Extended Attributes of HPFS EUC Extended UNIX Code FQDN Fully Qualified Domain Name HDLC High Level Data Link Control HPFS High Performance File System HS High Sierra ID Identifier IP Internet Protocol IPC Interprocess Communication ISDN Integrated Services Digital Net...

Page 349: ...onnection PC Personal Computer PCL Printer Control Language PDC Primary Domain Controller PDF Portable Document Format PPP Point to Point Protocol PST Pacific Standard Time RAS Remote Access Service RFC Request for Comment RISC Reduced Instruction Set Computer RMS Reliant Monitor Software RPC Remote Procedure Call SAM Security Accounts Manager SAX Software Administration UNIX SID Security Identifi...

Page 350: ...minate and Stay Resident UDP User Datagram Protocol UFS UNIX File System UID User ID UNC Uniform Naming Convention UPS Uninterruptable Power Supply VxFS Veritas File System WINS Windows Internet Name Service WAN Wide Area Network WfW Windows for Workgroups ...

Page 351: ...ion of shared network files printing monitoring network activities and differences to LAN Manager X is included Changes and extensions to the Siemens version are documented in this manual Overview and Installation Advanced Server for UNIX V4 0 API Reference Target group Developers Contents Brief overview of the API functions Detailed information is provided in the API manual pages LAN Manager X V2...

Page 352: ...ing instructions for the Messenger service command reference for network and other client commands notes on setting up shared client printers notes on operating with NetWare Connectivity and troubleshooting MS Network Client V3 0 Installation Guide for Clients Target group Users Contents Additional installation and configuration information for client software and troubleshooting MS Network Client...

Page 353: ...Network Client V2 2 NetWare Connectivity Target group System administrators Contents The basics of NetWare Connectivity installing and configuring NetWare Connectivity troubleshooting and differences in the administration of NetWare Windows NT and LAN Manager ...

Page 354: ...r s Guide SINIX V5 43 System Administration and Hardware Configuration Using SYSADM System Administrator s Guide SINIX V5 43 Commands Volume 1 and 2 Reference Manuals SINIX V5 43 Systemadministrator System Administrator s Guide SINIX AT T Spooler System Administrator s Guide SINIX SPOOL V4 2 User and Administrator Guide SINIX SPOOL V4 2 Reference Manual SINIX SPOOL V4 2 Menus User s Guide ...

Page 355: ... and Administrator Guide Xprint Reference Manual Xprint Menus User s Guide SINIX OBSERVE User Guide SINIX V5 41 Logging V3 0 Target group System administrators and programmers Ordering manuals You can order the specified publication through your local Siemens office ...

Page 356: ...0 announce process 339 API Reference 351 application programming interface API 25 42 339 appsources 320 AS U Administrator installation 171 asxcheck 180 240 asxdocs package installation 88 asxinfo 180 240 asxman package 88 installation 88 asxperf 180 240 asxpwexp 159 180 asxpwexp usr 159 asxregview 180 asxsnmp package installation 86 asxtools package 87 installation 87 asxtoolsD package installati...

Page 357: ...ion 340 end 23 set up 23 ConnectTimeout 282 CoreOk 295 CountNotOnNetworkCache 303 country 321 CreateUnixUser 301 Cumulative Statistics 233 Current Statistics 233 D Debugging Server Problems 237 deinstallation NetBIOS 96 optional packages 94 previous versions 48 sequence 48 94 server 94 delclipr 180 DeletedPrintJobTimeOnQ 292 delserver 158 180 delshmem 180 DisableUpLevelPrinting 292 disk space rest...

Page 358: ...AX 51 delivery package 44 from CD ROM with cdinst 52 hardware requirements 44 manual pages 88 msclients package 86 NetBIOS 55 Network Client Administrator 169 optional packages 85 PC client software 86 procedure 47 sequence 55 SIreadmeM 55 software requirements 46 Windows NT Administrative Tools 169 171 Windows NT Server Tools 172 with the default configuration 89 interface to the spool system key...

Page 359: ...284 MaxIpcTryCount 293 MaxLockTimeInSeconds 295 MaxMailslotReadTime 293 MaxMessageSize 293 MaxMpxCt 308 MaxPrintQueueNameLength 293 MaxRawSize 293 MaxRuns 311 MaxServiceWaitTime 293 MaxSize 305 maxspoolfds 323 MaxVCPerProc 295 MaxVCs 296 MaxZeroFillInKB 284 member server 342 upgrade installation of 48 MemberPrec 316 MemoryMapFiles 284 message POPUP 342 messenger 342 MinSmbWorkerTasks 296 MinVCPerP...

Page 360: ...21 NetlogonMaxCalls 300 netmsgwait 324 netrun 22 343 network 325 Network Client Administrator installation 169 network name 11 newpoll 325 NewUserShell 302 NfsCheck 120 285 NotOnNetworkCacheTimeout 304 NullSessionShares 308 NumCIStructs 296 NumCLIENT_SESSION 296 NumHashTables 296 NumSERVER_SESSION 297 NumUStructs 297 O OBSERVE constraints 163 support 162 Open Resources 235 OplockTimeout 285 option...

Page 361: ...otOwnsFilesCreatedOnNFS 286 RPC 343 RunPath 311 S samcheck 181 239 SamrMaxCalls 300 Scripts 310 secsources 326 security 343 share level 344 user level 346 Security Identifier 153 security signature 308 SendByeMessage 294 server 344 deinstallation 94 server name 139 344 server role 21 139 344 compatibility 27 Server Statistics 233 server system 344 servername add 158 Services 20 services 344 start ...

Page 362: ...10 stacksize 326 standalone server 345 upgrade installation of 48 start Advanced Server for UNIX 134 individual services 136 NetBIOS 134 stop Advanced Server for UNIX 135 individual services 136 NetBIOS 136 StopOnCore 297 subcommands 24 345 SvcctlMaxCalls 300 SyncAclFileOnWrite 286 SyncUnixHomeDirectory 302 sysadm 24 syssources 326 system administrator tools 151 system data backup 142 system name ...

Page 363: ...ndows NT Server Tools installation 172 WinregMaxCalls 300 WINS Windows Internet Name Service dial up TCP IP networking clients 207 names name query request packet 205 name registration request packet 202 negative name registration response 202 positive name query response 202 static names that never expire 202 NetBIOS computer names name registration 201 name release 203 name renewal 202 packets n...

Page 364: ...w and Installation U7613 J Z815 6 76 Siemens AG Information and Communication Products Computer Systems User Documentation UNIX QM4 33106 Paderborn Germany Fax 49 52 51 8 1 52 48 DOCetc pdb siemens de Comments Suggestions Corrections Submitted by ...

Page 365: ...Germany Fax 49 89636 52003 The Siemens Training Center offers consulting for in service training courses and self tuition media on almost all aspects of information technology either on your premises or at a Training Center near you Write to us for information and course programs Courses Consulting Self tuition media Submitted by U7613 J Z815 6 76 ...

Reviews: