Services for Macintosh
Connecting Mac users to your Windows NT system? They won't have to change their Mac habits at all.
October 31, 1996
NT 4.0 adds some new twists to a familiar component
Windows NT Server's Services for Macintosh integrates Macs with NT. Mostenterprises have a few Macs that run applications ranging from graphics andillustration packages to word processing and relational databases. Services forMacintosh turns your NT server into a file-and-print server for those Macs: Youcan store Mac documents on your NT server and print them to an AppleTalk printeror server-attached printer via NT's print queues. To ease the integration ofyour AppleTalk and NT networks, Services for Macintosh also provides AppleTalkrouting and Microsoft's encrypted authentication service.
Unfortunately, NT 4.0 does not provide a single interface for managingServices for Macintosh. Using a combination of Server Manager, File Manager(yes, it's still in NT 4.0), the Network Control Panel applet, a MacFile ControlPanel applet, and optionally a command-line utility, you can configure allaspects of Services for Macintosh. File Manager is the only GUI utility whereyou can set Mac file associations. By default, the Start Menu does not referenceFile Manager when you install NT Server 4.0. To access File Manager, click Runfrom the Start Menu, enter winfile, and click OK. If you've already installedServices for Macintosh, you see a new menu option, MacFile, in File Manager, asin Screen 1. From this menu, you can configure aspects of the file system that Services for Macintosh uses.
From these utilities, you can install and configure Services for Macintoshand AppleTalk routing (Network Control Panel), create new Mac-accessible volumes(Server Manager and File Manager), set Mac application-specific fileassociations (File Manager), and see which Mac users are connected to yourserver and what files they have open (MacFile Control Panel applet). The MacFileControl Panel applet also lets you set some general service options for Servicesfor Macintosh, such as which authentication method to use, how many users canconnect to the server, and what name the server appears as on your Mac client'sChooser.
Let's examine the features of Services for Macintosh, how to install andconfigure file-and-print services (including AppleTalk routing and Microsoftauthentication), and how to connect to an NT server from your Mac. I'll alsoreview some rules about Mac file naming on NT servers, and how to keep it fromgetting ugly.
Services for Macintosh Features
Services for Macintosh provides file-and-print services to your Mac clients.With these services installed, your NT 4.0 server emulates an AppleShare server.To your Macs, your NT server is an AppleShare server. When you installServices for Macintosh, you see two new services in the Services Control Panel:File Server for Macintosh, which provides file services, and Print Server forMacintosh, which handles print serving functions to the Mac.
To provide Mac file services, you use Server Manager or File Manager tocreate Mac-accessible volumes on your NT server's hard drives. These volumes areNT folders that must exist on an NT File System (NTFS) partition that isaccessible to both PC and Mac clients. Because Macs use different filepermissions for AppleShare resources, Services for Macintosh includes options inboth Server Manager and File Manager to manage these volumes and assignMac-specific file permissions to NTFS files and folders.
Two configuration options support Mac printing services. The first is touse NT Server's printer utilities to capture a networked, AppleTalk-basedPostscript printer. This option lets you spool print jobs from the NT Serverprint spooler. Most Macs run a local print spooler, so you need to disable thisfeature on your clients if you want NT Server to capture your AppleTalkprinters.
The second print option lets you connect any printer to the serial orparallel ports of your NT Server. You can use this configuration to share theprinter with both PC and Mac clients. If the printer doesn't use Postscript, theMacintosh Print Server will convert the job to the printing language the printersupports.
Installing File-and-Print Services
Anyone who's ever had to install and configure Novell NetWare for MacintoshNetWare loadable modules (NLM-an NLM is equivalent to an NT service) with itscryptic load commands, will love the speed at which you can get Services forMacintosh running on NT Server 4.0. All the GUI-based utilities areself-explanatory and include good context-sensitive Help.
In just a few steps, you can install Services for Macintosh, includingconfiguring AppleTalk Phase 2 routing. From the Control Panel, select Services,and click Add. Scroll down the list, highlight Services for Macintosh,and click OK. When the system prompts you for the location of your NT Serverdistribution files, enter the location and click Continue.
After NT copies the appropriate distribution files, click Close in theNetwork dialog. The system updates the network bindings and prompts you to enterthe default zone and routing information for the default network adapterinstalled on your server. Screen 2 shows the dialog for configuring thisinformation. If you have multiple adapters installed, you need to configure eachone for AppleTalk routing. If your NT Server connects to a network that has anAppleTalk router already defined, the system automatically locates the defaultzone for that network adapter. When you finish configuring Services forMacintosh, click OK and restart your server so the changes can take effect.
After you install Services for Macintosh, you can set up printers for yourMac clients. From the Start Menu, choose Settings, and select Printers.Double-click the Add Printer icon, select My Computer, and click Next. If youare installing the printer on the NT server's serial or parallel port, choosethe appropriate port number and click Next. To capture a networked AppleTalkPrinter, click Add Port, select AppleTalk Printing Devices, and click New Port.
A list of available zones appears. Double-click the zone where yourAppleTalk printer resides. NT Server will scan the zone and return a list of allprinters available. Select the printer to capture, click OK, and click Next tocontinue.
Choose the correct printer manufacturer and model, and click Next. Now youmodify the printer name as it appears in your Windows-based applications,confirm the name, and click Next.
To share access to this printer with other Windows clients, enter a shareName and select the Windows platforms that need drivers. The system will promptyou to print a test page to verify connectivity to the printer.
Finally, the system prompts you to enter the path to your NT Serverdistribution files and copies the appropriate printer drivers to your server.The new printer now appears in the Printers windows.
AppleTalk Routing
NT Server 4.0 supports AppleTalk Phase 2 routing. When you install Servicesfor Macintosh, the AppleTalk protocol installs and binds to any NICs on yourserver. Services for Macintosh supports Ethernet, Token Ring, Fiber DistributedData Interface (FDDI), and LocalTalk network topologies. If you have Macintoshnetwork on LocalTalk, a PC-based LocalTalk card lets you connect the networkdirectly to your NT server. Check the Hardware Compatibility List for supportedcards.
AppleTalk Phase 2 routing uses network number ranges to represent a segment(a physically contiguous network). With TCP/IP network addresses, this rangecorresponds to the network portion of an IP address. No two ranges can overlapon a given AppleTalk network--Figure 1 shows a network with two separateranges. Two numbers separated by a dash (e.g., 10-15) can represent networkranges on an AppleTalk router such as NT Server. Network numbers can range from1 to 65,279. This range tells the router which network addresses to advertise onthe attached segment. When designing a large AppleTalk network, use as small arange as possible on each segment to conserve network address space.
Each network number can accommodate up to 253 node numbers. A node numbercorresponds to the host portion of an IP address. Mac nodes on an AppleTalksegment are dynamically assigned node numbers when they start. This combinationof network number range and node number uniquely identifies an AppleTalk deviceto the network.
For example, if a given network segment has only 50 Mac nodes, you can useone network number, such as 10, represented as the range of 10-10. Thisrepresentation means the network 10-10 can accommodate up to 253 nodes. If yournetwork segment has 500 Mac nodes, you need more than one network number range.For example, 10-11 encompasses two 253-node address ranges.
AppleTalk's concept of zones lets you logically group AppleTalkresources. In LocalTalk-based networks, you can have only one zone per physicalsegment. Ethernet, Token Ring, and FDDI allow multiple zones on one segment. Asyou saw when installing Services for Macintosh, if a default zone definitionexists on the segment connected to the NT server, the system automaticallydetects it. You can define new zones and new network ranges by setting up yourNT server as an AppleTalk seed router.
NT Server as a Seed Router
For each physical AppleTalk network segment in your network, you must haveone seed router. It provides the segment's network number range and defaultzone. If multiple AppleTalk routers are on a segment, only one needs to be aseed router. By double-clicking Services for Macintosh in the Services ControlPanel, you can configure NT Server 4.0 as either a plain router or a seedrouter. Use the plain router configuration if you already have a seed routerconnected to the server on your AppleTalk segment. Configure the server as aseed router if no other seed routers are providing network number and zoneinformation on the segment.
From the Mac's Perspective
After you install Services for Macintosh on your NT server, you can sharefile and printer resources with your Mac clients. First install the MicrosoftUser Authentication Module (UAM) to give your Macs the same level of securitythat NT affords its Windows-based clients.
UAMs
When you install Services for Macintosh, the installer creates a newMac-accessible Microsoft UAM volume folder on your hard drive. The foldercontains the Microsoft UAM file for installing NT security on Mac clients.
By default, when your Mac logs in to an NT server, the Apple UAM handlesthe logon process, which passes your username and password as clear text (i.e.,not encrypted) to the server. This process is a potential security loopholebecause anyone watching with a network analyzer can easily capture the logonprocess. To prevent this breach, you can use the Microsoft UAM that comes withServices for Macintosh. The Microsoft UAM gives the Mac encrypted NT securityduring the logon process.
To install the Microsoft UAM on your Mac, click the Apple Menu, selectChooser, and click AppleShare. In the Select a File Server dialog, select yourNT server from the list of available AppleShare servers for your zone, as inScreen 3, and click OK.
Enter an existing NT username and password to log on to the server. Selectthe Microsoft UAM volume from the list of Mac-accessible folders, and click OK.The system will mount the folder, which will appear on your desktop as a diskicon. Double-click the disk icon to open the folder--you see the AppleSharefolder.
Open the AppleShare folder, and drag the Microsoft UAM file in this folderto the AppleShare folder in your Mac's System folder. If you don't have anAppleShare folder in the System folder, create one before copying the file.Restart your Mac.
Accessing NT Resources from the Mac
One of the best features of Services for Macintosh is that Mac users don'thave to change their behavior. From the Apple Menu, they can select Chooser toaccess NT Server-based file folders and printers just as they do with any otherAppleTalk resource. To connect to Mac-accessible folders on the server, userscan simply click AppleShare in the Chooser window. A list of zones and availableservers will appear. If you installed the Microsoft UAM, once you select theserver to log on to, you get the option to use the standard Apple or MicrosoftUAM. You then provide a username and password, as in Screen 4, definedon your NT server just as for any other NT user account. After the serverauthenticates you as a valid user, you see a list of Mac-accessible folders tomount. You can choose one or more folders and click a box on each to have thesystem auto-mount them at startup.
Printer connections are also simple to make. From the Chooser, clickLaserWriter to see a list of available printers. Whether you've defined anAppleTalk printer on your NT server or configured a printer directly attached tothe server, the printer will show up in the LaserWriter dialog. Remember,however, that you need to disable the local spooling function on each Macclient, so NT Server can spool printers it has captured. To disable the localspooling, turn off Background Printing on your Mac from the LaserWriterChooser dialog.
Filenames and Associations
A big benefit of Services for Macintosh is that your PC and Mac clients canshare folders and files when you define Mac-accessible folders on your NTserver. However, you need to be aware of some file-naming limitations. AlthoughNTFS partitions support filenames up to 256 characters long, the Mac file systemcan support only up to 31 characters, and DOS clients are limited to 8.3filenames. As a result, Mac, DOS, and NT users sharing and accessingMac-accessible folders on an NT server can cause confusion. NT addresses Macfilename limitations the same way it handles FAT-based clients. So if you storea file in a Mac-accessible folder with a filename longer than 31 characters,Services for Macintosh converts the filename for Mac clients: The file appearson the Mac with the first six characters, then a tilde (~), and a number. Forexample, the filename annual budget for the accounting department.xls becomesannual~1.xls. If you have another file called annual budget for the financedepartment.xls, it becomes annual~2.xls, and so on.
What to Watch For
Overall, Services for Macintosh in NT Server 4.0 is easy to install, easy touse, and relatively problem free. After you get past the myriad of overlappingutilities for controlling Services for Macintosh, you find integrating your Macclients in your NT network easy.
If you have to modify any AppleTalk routing parameters after initiallyinstalling Services for Macintosh, you'll want to note one idiosyncrasy with thesetup routine: After you change a routing configuration, such as changing thedefault zone, NT will prompt you to restart AppleTalk for the changes to takeeffect. Unfortunately, you can't just restart AppleTalk. If you try to stop theAppleTalk device from the Devices Control Panel, you get an error. The easiestsolution is to restart NT Server for your changes to take effect.
About the Author
You May Also Like