NT networking code ported to UNIX is the answer

As a Windows NT specialist, you have an appointment with a potential client. You arrive and speak with the office manager. They want PC networking: file and print sharing. Looking around the office, you see several PCs and some dumb terminals. The office manager takes you to the server. Instead of what you expect to see (a Microsoft login), you see a console with the following display:

SCO OpenServer (TM) Release 5 (server1.office.com) (tty01)

login:

The office manager explains that the company's primary software runs on SCO OpenServer, and they have several dumb terminals, serial and parallel printers, and PCs connected. Their SCO machine is near capacity on CPU cycles and memory, and they want to add an NT server for a new office application. They ask if you can install an NT server and network the PCs, maintain access to the SCO machine for logging on to their character-based applications, and let the PCs print to all the SCO printers.

Meeting the Criteria
As you contemplate your client's requirements, you browse through materials for PC to UNIX connectivity. Everything requires third-party software on the PC including PC versions of NFS, PC Interface, PC TCP/IP, Line Print Daemon (LPD), and Line Print Remote (LPR). Do these products allow PC to UNIX printing, UNIX to PC printing, file sharing, and login controls?

A simple way to provide these capabilities is Advanced File and Print Server (AFPS) from SCO. AFPS is NT networking code ported to UNIX by AT&T, the company that created UNIX in the late '60s. SCO AFPS provides PC access to UNIX for file sharing, printing from Windows to UNIX printers, and printing from UNIX to Windows printers. AFPS provides NetBIOS networking over TCP/IP and NetBEUI on an Ethernet or Token-Ring adapter. Your SCO machine will appear as a network peer when you select Network Neighborhood on your Windows 95 or NT 4.0 machine. The SCO machine also will appear when you connect to shares on Win3.1 or NT 3.51 using File Manager.

On the SCO side, the OS must be version 5 (3.2V5.0 or later) with networking (Open Server Enterprise). To determine the OS version, log on as root (the equivalent of Administrator) and run the uname -X command. Remember that all UNIX commands and filenames are case sensitive. Look for the line that says Release =. If it shows Release = 3.2v5.0.0 or 3.2v.5.0.2 or a later version, you have a version that will run with AFPS. You must also have TCP/IP configured and operational before you install AFPS.

You can deploy AFPS as the Primary Domain Controller (PDC) in a network comprising other AFPS machines, NT Servers, LAN Manager for UNIX computers, or LAN manager for OS/2 servers. AFPS can serve as a Backup Domain Controller (BDC) to other AFPS computers or NT servers. AFPS cannot function as a standalone server; it must operate as a PDC or BDC. Clients for AFPS include Win95, NT 3.51 and 4.0, Windows for Workgroups (WFW) 3.11, Win3.1, DOS, OS/2, and LAN Manager Client.

AFPS does not support Dynamic Host Configuration Protocol (DHCP) and Windows Internet Name Service (WINS), although a release due out later this year will support these technologies. AFPS includes the NT Server Tools for managing the NT Domain including User Manager for Domains, Server Manager, and Event Viewer. These tools are available in a share from the SCO machine, and you can install them on a client system (they do not run on UNIX). Screen 1 shows the Server Manager, which manages services on the SCO AFPS Server.

Installing AFPS
Installing AFPS is straightforward. The distribution medium is a CD-ROM. You must log on as root, which you can do through the SCO GUI or from a character-based program, scoadmin. You can access 12 logon sessions from the console, and the GUI is available on session 2. Press Ctrl+Alt+F2 to start session 2. The GUI operation will be natural for most Windows users. Be aware this environment is Motif, not Windows. They are not exactly the same. When you log on, you will see a small window with the options Continue my last session and Start a new session. To avoid resetting previous window settings to defaults, choose Continue and click OK.

Double-click the Software Manager icon to run the software install function. Click Software, and then click Install New. A pop-up window lets you install AFPS from the current host or a remote host. The current host is the default; click Continue. A pop-up window inquires about the installation media. Click on the drop-down box and select CD-ROM (if SCSI, SCSI CD-ROM will display). The system will then search the CD-ROM for available software. Click SCO Advanced Print and File Server from the product list, and click Full installation. You will see a prompt for license information. This entry is case sensitive, and the information can consist of both upper and lower case. Be sure to enter the license information exactly as it is printed on the Certificate of License and Authentication.

As the installation progresses, the system will prompt you for Advanced Server name (default is SCO system name), Server role (PDC, if no PDC is available), Server locale (new option for English, French, or German), PDC's Advanced Server name (not applicable if you're installing PDC), domain name (default DOMAIN), and administrative password (which can be the same as the root password).

The installation will relink the UNIX kernel. Device drivers are linked into the kernel at this point. Reboot the system when installation is complete, and bring the system to multiuser mode. You are now ready to use AFPS.

Using AFPS
If the PC users require logon access to the UNIX machine to run character-based applications, you must install TCP/IP and Telnet on your client systems. Microsoft provides Telnet in TCP/
IP, but only a limited version. With AFPS 3.5.2, SCO provides TermLite, a program that supports Telnet and vtp, a virtual terminal emulator that runs over NetBEUI and TCP NetBIOS. These tools provide SCO ANSI (console) emulation and work very well. Double-click the Network Neighborhood icon. You'll see the SCO UNIX server.

SCO provides a command line interface for the net command. For details on the net command, enter net from the root prompt (usually a #) on a non-GUI screen. For help on a net command, the syntax is similar to DOS. Simply type

net ?

or

net access ?

The net command encompasses a series of options including access, accounts, admin, auditing, config, continue, device, file, group, help, helpmsg, localgroup, logoff, logon, password, pause, perms, print, send, session, share, start, statistics, status, stop, time, trust, user, version, and view. You can pipe the output of these commands into a pager such as the more command or the UNIX pg command. Pagers let you send data on the screen one screen page at a time. The pg command allows movement up and down within the document displayed on the screen. If you have a PC on the network at this point, try running net view on the SCO system to see whether the PC is visible to the SCO machine. Remember, the PC must have file or print sharing enabled.

Now you can create shares from the command line with the net share command. The syntax is not intuitive to either the NT or UNIX guru. To create shares, the syntax is

net share sharename=devicename

To share directory /u/gene on the UNIX machine as a share named gh, enter the command

net share gh=c:/u/gene

UNIX people will shake their heads at the c:, and DOS people can't figure the / instead of \. This requirement is the sort of cross-operating-system problem you can run into in heterogeneous systems. UNIX uses the / character as the separator for directory path names, and NT uses the \.

You can use the SCO GUI to view shares, create new shares, or stop shares. From the GUI, double-click System Administration, double-click the filesystems folder, and double-click the Filesystem Manager icon. When the Filesystem Manager window appears, it will list the files (directories) shared through AFPS or through NFS. If the window displays Export status of filesystems on , you are looking at an NFS display. To get the AFPS share status, click View, Export Status, View Advanced Server Shares, and OK. The window will display Advanced Server share status of filesystems on . The directory names, share names, and comments are displayed in a scroll box. To share a directory, click Export, Advanced Server, and Share. Enter the directory name (or click Select to search for a directory), share name, and an optional comment, and click OK.

To stop sharing a directory, highlight a shared directory and click Export, Advanced Server, and Stop Sharing. A pop-up window will ask for confirmation: Stop sharing . Are you sure? Click OK. (The confirmation message is unusual for UNIX, which is not known for "Are you sure" messages.)

Defining Users
The next step is to set up users. You can set up UNIX users, Windows network users, or users with access to both a UNIX login and Windows networking. All three options are appropriate for certain users. Dumb terminal users are not networked and therefore cannot use Windows networking. Windows users whose work is confined to word processing and spreadsheets on their local PCs might need file and print sharing but no UNIX login. Users with PCs who do both UNIX work and Windows work need both.

In the scenario we started with, the client has UNIX users established on the UNIX system. The only step necessary to put these users on the network is to change one piece of their SCO UNIX login account (SCO's AFPS is integrated into the Administration GUI).

Let's grant a user access to Windows networking. From the SCO GUI, double-click the System Administration folder and then the Account Manager folder. To select an account, double-click it. Notice that the account has a blank entry for Networked Via. Click Change Distribution, which is to the right of the Networked Via blank entry. A pop-up window will appear with Local Only selected. Click the black button to the left of Local Only to deselect it, and Advanced Server will appear (already highlighted) in the box labeled Select Network Distribution Methods. Click OK. Click OK in the User box. If you installed the SCO box as the BDC, the account change will be synchronized with the PDC and the account will now appear in User Manager for Domains. Look at the account from User Manager for Domains to see that the account is disabled, has no full name or description, and is a member of the Domain Users group. You must enable the account and enter a password to make it usable for Windows networking.

To create a new user with access to both UNIX and Windows networking, select Users, Add New User, from the Accounts manager on the SCO machine. The default creates a UNIX user with Advanced Server (AFPS) access. To create a user with access to UNIX and Windows, accept the defaults and click OK to create the user. To create a user without Windows networking access, click Change Distribution. Click the button next to Local Only in the pop-up window to select Local versus Advanced Server networking.

To create a user for Windows networking only, create the user from User Manager for Domains on a client with the NT Server Tools. You can manage all user characteristics on the AFPS Server from User Manager for Domains on a Windows client, as Screen 2, shows. The user will appear in the list of UNIX users, but with a login shell of /bin/false. UNIX login shells are the command interpreters that govern the interface between the user and the operating system. The command /bin/false is a program that always returns a false or untrue response. If you attempt to log in with a shell of /bin/false, the login command will get a not logged in response. To convert this account to a usable UNIX account, change the login shell of /bin/false to a normal login shell (such as /bin/sh or /bin/ksh). The home directory for a UNIX account is where users start. Their working directory at the time they log on is their home directory. This directory contains startup control files such as .profile and .kshrc. These files are analogous to the autoexec.bat file, except that each user can have a different set of commands in the user's .profile.

Sharing Printers
You can accomplish the UNIX printer sharing from the UNIX command line. For example, suppose you have a UNIX computer with printers named hplaser1 and hplaser2 and you want to share them to PC clients. You can share them individually with the following commands:

net share laser1=hplaser1 /print

net share laser2=hplaser2 /print

Or, you can create a printer pool and share them together:

Net share laser1=hplaser1, hplaser2 /print

You can also create printers through the UNIX GUI and share them upon creation, as Screen 3 shows. To share them through the GUI after creation, double-click SystemsAdministration, and click the Printers folder. Double-click the Printer Manager icon. Highlight a UNIX printer, click Settings, and select Share printer with Windows Users. Enter a share name, and click OK.

UNIX computers can share printers connected to a Windows PC. After you share the Windows printer, use the following procedure to access it from UNIX. From the UNIX Printer Manager window, select Printer, Add Remote, and Windows to bring up the Use Shared Printer on Windows Client window. Enter a printer name, description (optional), and the printer model (passthrough is recommended and is the default). Enter the Windows client, the share name (or click Select to get a list of shared printers), and the optional password. Click OK to make the Windows printer available to UNIX applications.

Sorting Out the Details
AFPS does some things differently from NT. For instance, an AFPS UNIX machine serving as a BDC or PDC can become a BDC of another domain without the administrator reinstalling either AFPS or UNIX. When switching domains, the administrator is warned that the Security Accounts Manager (SAM) database will be reinitialized. In AFPS, you can create a user on UNIX for Windows networking on the BDC, and AFPS will update the PDC.

AFPS provides both import and export directory replication. AFPS supports trust relationships, and you can create trusts through AFPS. Windows networking rules control file permissions as a first step, and then the system checks UNIX permissions.

AFPS provides file sharing from UNIX to the PCs, but not vice versa. SCO OpenServer provides a LAN Manager Client that, when used with AFPS, provides bi-directional file sharing. Installation and management of this feature is discussed in the SCO OpenServer "Guide to Gateways for LAN Servers."

Solving a Complex Problem
SCO's AFPS is NT networking code that lets an SCO UNIX computer participate in a Microsoft network as a PDC or BDC. The SCO machine can share files and disk space with the Windows clients. You can make printers from the SCO UNIX machine available to the Windows clients and Windows printers available to the SCO UNIX programs.

AFPS 3.5.2
SCO
408-425-7222 or 800-726-8649
Web: http://www.sco.com
Price: $995 for a five-user license