Using AFPS
If the PC users require logon access to the UNIX machine to run character-based applications,
you must install TCP/IP and Telnet on your client systems. Microsoft provides Telnet in TCP/
IP, but only a limited version. With AFPS 3.5.2, SCO provides TermLite, a program that supports
Telnet and vtp, a virtual terminal emulator that runs over NetBEUI and TCP NetBIOS. These tools
provide SCO ANSI (console) emulation and work very well. Double-click the Network Neighborhood icon.
You'll see the SCO UNIX server.
SCO provides a command line interface for the net command. For details on the net command,
enter net from the root prompt (usually a #) on a non-GUI screen. For help on a net command, the
syntax is similar to DOS. Simply type
net ?
or
net access ?
The net command encompasses a series of options including access, accounts, admin, auditing,
config, continue, device, file, group, help, helpmsg, localgroup, logoff, logon, password, pause,
perms, print, send, session, share, start, statistics, status, stop, time, trust, user, version, and
view. You can pipe the output of these commands into a pager such as the more command or the UNIX pg
command. Pagers let you send data on the screen one screen page at a time. The pg command allows
movement up and down within the document displayed on the screen. If you have a PC on the network at
this point, try running net view on the SCO system to see whether the PC is visible to the SCO
machine. Remember, the PC must have file or print sharing enabled.
Now you can create shares from the command line with the net share command. The syntax is not
intuitive to either the NT or UNIX guru. To create shares, the syntax is
net share sharename=devicename
To share directory /u/gene on the UNIX machine as a share named gh, enter the command
net share gh=c:/u/gene
UNIX people will shake their heads at the c:, and DOS people can't figure the / instead of \.
This requirement is the sort of cross-operating-system problem you can run into in heterogeneous
systems. UNIX uses the / character as the separator for directory path names, and NT uses the \.
You can use the SCO GUI to view shares, create new shares, or stop shares. From the GUI,
double-click System Administration, double-click the filesystems folder, and double-click the
Filesystem Manager icon. When the Filesystem Manager window appears, it will list the files
(directories) shared through AFPS or through NFS. If the window displays Export status of
filesystems on <machine name>, you are looking at an NFS display. To get the AFPS share
status, click View, Export Status, View Advanced Server Shares, and OK. The window will display Advanced
Server share status of filesystems on <machine name>. The directory names, share names,
and comments are displayed in a scroll box. To share a directory, click Export, Advanced Server, and
Share. Enter the directory name (or click Select to search for a directory), share name, and an
optional comment, and click OK.
To stop sharing a directory, highlight a shared directory and click Export, Advanced Server,
and Stop Sharing. A pop-up window will ask for confirmation: Stop sharing <directory>. Are
you sure? Click OK. (The confirmation message is unusual for UNIX, which is not known for "Are
you sure" messages.)
Defining Users
The next step is to set up users. You can set up UNIX users, Windows network users, or users
with access to both a UNIX login and Windows networking. All three options are appropriate for
certain users. Dumb terminal users are not networked and therefore cannot use Windows networking.
Windows users whose work is confined to word processing and spreadsheets on their local PCs might
need file and print sharing but no UNIX login. Users with PCs who do both UNIX work and Windows work
need both.
In the scenario we started with, the client has UNIX users established on the UNIX system. The
only step necessary to put these users on the network is to change one piece of their SCO UNIX login
account (SCO's AFPS is integrated into the Administration GUI).
Let's grant a user access to Windows networking. From the SCO GUI, double-click the System
Administration folder and then the Account Manager folder. To select an account, double-click it.
Notice that the account has a blank entry for Networked Via. Click Change Distribution, which is to
the right of the Networked Via blank entry. A pop-up window will appear with Local Only selected.
Click the black button to the left of Local Only to deselect it, and Advanced Server will appear
(already highlighted) in the box labeled Select Network Distribution Methods. Click OK. Click OK in
the User box. If you installed the SCO box as the BDC, the account change will be synchronized with
the PDC and the account will now appear in User Manager for Domains. Look at the account from User
Manager for Domains to see that the account is disabled, has no full name or description, and is a
member of the Domain Users group. You must enable the account and enter a password to make it usable
for Windows networking.
To create a new user with access to both UNIX and Windows networking, select Users, Add New
User, from the Accounts manager on the SCO machine. The default creates a UNIX user with Advanced
Server (AFPS) access. To create a user with access to UNIX and Windows, accept the defaults and
click OK to create the user. To create a user without Windows networking access, click Change
Distribution. Click the button next to Local Only in the pop-up window to select Local versus
Advanced Server networking.
To create a user for Windows networking only, create the user from User Manager for Domains on
a client with the NT Server Tools. You can manage all user characteristics on the AFPS Server from
User Manager for Domains on a Windows client, as Screen 2, shows. The user will appear in
the list of UNIX users, but with a login shell of /bin/false. UNIX login shells are the command
interpreters that govern the interface between the user and the operating system. The command
/bin/false is a program that always returns a false or untrue response. If you attempt to log in
with a shell of /bin/false, the login command will get a not logged in response. To convert
this account to a usable UNIX account, change the login shell of /bin/false to a normal login shell
(such as /bin/sh or /bin/ksh). The home directory for a UNIX account is where users start. Their
working directory at the time they log on is their home directory. This directory contains startup
control files such as .profile and .kshrc. These files are analogous to the autoexec.bat file,
except that each user can have a different set of commands in the user's .profile.
Sharing Printers
You can accomplish the UNIX printer sharing from the UNIX command line. For example, suppose you
have a UNIX computer with printers named hplaser1 and hplaser2 and you want to share them to PC
clients. You can share them individually with the following commands:
net share laser1=hplaser1 /print
net share laser2=hplaser2 /print
Or, you can create a printer pool and share them together:
Net share laser1=hplaser1, hplaser2 /print
You can also create printers through the UNIX GUI and share them upon creation, as Screen 3
shows. To share them through the GUI after creation, double-click SystemsAdministration, and click
the Printers folder. Double-click the Printer Manager icon. Highlight a UNIX printer, click
Settings, and select Share printer with Windows Users. Enter a share name, and click OK.
UNIX computers can share printers connected to a Windows PC. After you share the Windows
printer, use the following procedure to access it from UNIX. From the UNIX Printer Manager window,
select Printer, Add Remote, and Windows to bring up the Use Shared Printer on Windows Client
window. Enter a printer name, description (optional), and the printer model (passthrough is
recommended and is the default). Enter the Windows client, the share name (or click Select to get a
list of shared printers), and the optional password. Click OK to make the Windows printer available
to UNIX applications.
Sorting Out the Details
AFPS does some things differently from NT. For instance, an AFPS UNIX machine serving as a BDC
or PDC can become a BDC of another domain without the administrator reinstalling either AFPS or
UNIX. When switching domains, the administrator is warned that the Security Accounts Manager (SAM)
database will be reinitialized. In AFPS, you can create a user on UNIX for Windows networking on the
BDC, and AFPS will update the PDC.
AFPS provides both import and export directory replication. AFPS supports trust relationships,
and you can create trusts through AFPS. Windows networking rules control file permissions as a first
step, and then the system checks UNIX permissions.
AFPS provides file sharing from UNIX to the PCs, but not vice versa. SCO OpenServer provides a
LAN Manager Client that, when used with AFPS, provides bi-directional file sharing. Installation and
management of this feature is discussed in the SCO OpenServer "Guide to Gateways for LAN
Servers."
Solving a Complex Problem
SCO's AFPS is NT networking code that lets an SCO UNIX computer participate in a Microsoft
network as a PDC or BDC. The SCO machine can share files and disk space with the Windows clients.
You can make printers from the SCO UNIX machine available to the Windows clients and Windows
printers available to the SCO UNIX programs.
)
)
Register
Thanks
Anonymous User October 26, 2004 (Article Rating: