UNIX and NT Integration with SCO Advanced File and Print Server

NT networking code ported to UNIX is the answer

As a Windows NT specialist, you have an appointment with a potential client. You arrive andspeak with the office manager. They want PC networking: file and print sharing. Looking around theoffice, you see several PCs and some dumb terminals. The office manager takes you to the server.Instead of what you expect to see (a Microsoft login), you see a console with the following display:

SCO OpenServer (TM) Release 5 (server1.office.com) (tty01)

login:

The office manager explains that the company's primary software runs on SCO OpenServer, and theyhave several dumb terminals, serial and parallel printers, and PCs connected. Their SCO machine isnear capacity on CPU cycles and memory, and they want to add an NT server for a new officeapplication. They ask if you can install an NT server and network the PCs, maintain access to theSCO machine for logging on to their character-based applications, and let the PCs print to all theSCO printers.

Meeting the Criteria
As you contemplate your client's requirements, you browse through materials for PC to UNIXconnectivity. Everything requires third-party software on the PC including PC versions of NFS, PCInterface, PC TCP/IP, Line Print Daemon (LPD), and Line Print Remote (LPR). Do these products allowPC to UNIX printing, UNIX to PC printing, file sharing, and login controls?

A simple way to provide these capabilities is Advanced File and Print Server (AFPS) from SCO.AFPS is NT networking code ported to UNIX by AT&T, the company that created UNIX in the late'60s. SCO AFPS provides PC access to UNIX for file sharing, printing from Windows to UNIX printers,and printing from UNIX to Windows printers. AFPS provides NetBIOS networking over TCP/IP and NetBEUIon an Ethernet or Token-Ring adapter. Your SCO machine will appear as a network peer when you selectNetwork Neighborhood on your Windows 95 or NT 4.0 machine. The SCO machine also will appear when youconnect to shares on Win3.1 or NT 3.51 using File Manager.

On the SCO side, the OS must be version 5 (3.2V5.0 or later) with networking (Open ServerEnterprise). To determine the OS version, log on as root (the equivalent of Administrator) and runthe uname -X command. Remember that all UNIX commands and filenames are case sensitive. Look for theline that says Release =. If it shows Release = 3.2v5.0.0 or 3.2v.5.0.2 or a later version, you havea version that will run with AFPS. You must also have TCP/IP configured and operational before youinstall AFPS.

You can deploy AFPS as the Primary Domain Controller (PDC) in a network comprising other AFPSmachines, NT Servers, LAN Manager for UNIX computers, or LAN manager for OS/2 servers. AFPS canserve as a Backup Domain Controller (BDC) to other AFPS computers or NT servers. AFPS cannotfunction as a standalone server; it must operate as a PDC or BDC. Clients for AFPS include Win95, NT3.51 and 4.0, Windows for Workgroups (WFW) 3.11, Win3.1, DOS, OS/2, and LAN Manager Client.

AFPS does not support Dynamic Host Configuration Protocol (DHCP) and Windows Internet NameService (WINS), although a release due out later this year will support these technologies. AFPSincludes the NT Server Tools for managing the NT Domain including User Manager for Domains, ServerManager, and Event Viewer. These tools are available in a share from the SCO machine, and you caninstall them on a client system (they do not run on UNIX). Screen 1 shows the Server Manager, whichmanages services on the SCO AFPS Server.

Installing AFPS
Installing AFPS is straightforward. The distribution medium is a CD-ROM. You must log on asroot, which you can do through the SCO GUI or from a character-based program, scoadmin. You canaccess 12 logon sessions from the console, and the GUI is available on session 2. Press Ctrl+Alt+F2to start session 2. The GUI operation will be natural for most Windows users. Be aware thisenvironment is Motif, not Windows. They are not exactly the same. When you log on, you will see asmall window with the options Continue my last session and Start a new session. Toavoid resetting previous window settings to defaults, choose Continue and click OK.

Double-click the Software Manager icon to run the software install function. Click Software,and then click Install New. A pop-up window lets you install AFPS from the current host or a remotehost. The current host is the default; click Continue. A pop-up window inquires about theinstallation media. Click on the drop-down box and select CD-ROM (if SCSI, SCSI CD-ROM willdisplay). The system will then search the CD-ROM for available software. Click SCO AdvancedPrint and File Server from the product list, and click Full installation. You will see a promptfor license information. This entry is case sensitive, and the information can consist of both upperand lower case. Be sure to enter the license information exactly as it is printed on the Certificateof License and Authentication.

As the installation progresses, the system will prompt you for Advanced Server name (default isSCO system name), Server role (PDC, if no PDC is available), Server locale (new option for English,French, or German), PDC's Advanced Server name (not applicable if you're installing PDC), domainname (default DOMAIN), and administrative password (which can be the same as the root password).

The installation will relink the UNIX kernel. Device drivers are linked into the kernel at thispoint. Reboot the system when installation is complete, and bring the system to multiuser mode. Youare now ready to use AFPS.

Using AFPS
If the PC users require logon access to the UNIX machine to run character-based applications,you must install TCP/IP and Telnet on your client systems. Microsoft provides Telnet in TCP/
IP, but only a limited version. With AFPS 3.5.2, SCO provides TermLite, a program that supportsTelnet and vtp, a virtual terminal emulator that runs over NetBEUI and TCP NetBIOS. These toolsprovide SCO ANSI (console) emulation and work very well. Double-click the Network Neighborhood icon.You'll see the SCO UNIX server.

SCO provides a command line interface for the net command. For details on the net command,enter net from the root prompt (usually a #) on a non-GUI screen. For help on a net command, thesyntax is similar to DOS. Simply type

net ?

or

net access ?

The net command encompasses a series of options including access, accounts, admin, auditing,config, continue, device, file, group, help, helpmsg, localgroup, logoff, logon, password, pause,perms, print, send, session, share, start, statistics, status, stop, time, trust, user, version, andview. You can pipe the output of these commands into a pager such as the more command or the UNIX pgcommand. Pagers let you send data on the screen one screen page at a time. The pg command allowsmovement up and down within the document displayed on the screen. If you have a PC on the network atthis point, try running net view on the SCO system to see whether the PC is visible to the SCOmachine. Remember, the PC must have file or print sharing enabled.

Now you can create shares from the command line with the net share command. The syntax is notintuitive to either the NT or UNIX guru. To create shares, the syntax is

net share sharename=devicename

To share directory /u/gene on the UNIX machine as a share named gh, enter the command

net share gh=c:/u/gene

UNIX people will shake their heads at the c:, and DOS people can't figure the / instead of .This requirement is the sort of cross-operating-system problem you can run into in heterogeneoussystems. UNIX uses the / character as the separator for directory path names, and NT uses the .

You can use the SCO GUI to view shares, create new shares, or stop shares. From the GUI,double-click System Administration, double-click the filesystems folder, and double-click theFilesystem Manager icon. When the Filesystem Manager window appears, it will list the files(directories) shared through AFPS or through NFS. If the window displays Export status offilesystems on , you are looking at an NFS display. To get the AFPS sharestatus, click View, Export Status, View Advanced Server Shares, and OK. The window will display AdvancedServer share status of filesystems on . The directory names, share names,and comments are displayed in a scroll box. To share a directory, click Export, Advanced Server, andShare. Enter the directory name (or click Select to search for a directory), share name, and anoptional comment, and click OK.

To stop sharing a directory, highlight a shared directory and click Export, Advanced Server,and Stop Sharing. A pop-up window will ask for confirmation: Stop sharing . Areyou sure? Click OK. (The confirmation message is unusual for UNIX, which is not known for "Areyou sure" messages.)

Defining Users
The next step is to set up users. You can set up UNIX users, Windows network users, or userswith access to both a UNIX login and Windows networking. All three options are appropriate forcertain users. Dumb terminal users are not networked and therefore cannot use Windows networking.Windows users whose work is confined to word processing and spreadsheets on their local PCs mightneed file and print sharing but no UNIX login. Users with PCs who do both UNIX work and Windows workneed both.

In the scenario we started with, the client has UNIX users established on the UNIX system. Theonly step necessary to put these users on the network is to change one piece of their SCO UNIX loginaccount (SCO's AFPS is integrated into the Administration GUI).

Let's grant a user access to Windows networking. From the SCO GUI, double-click the SystemAdministration folder and then the Account Manager folder. To select an account, double-click it.Notice that the account has a blank entry for Networked Via. Click Change Distribution, which is tothe right of the Networked Via blank entry. A pop-up window will appear with Local Only selected.Click the black button to the left of Local Only to deselect it, and Advanced Server will appear(already highlighted) in the box labeled Select Network Distribution Methods. Click OK. Click OK inthe User box. If you installed the SCO box as the BDC, the account change will be synchronized withthe PDC and the account will now appear in User Manager for Domains. Look at the account from UserManager for Domains to see that the account is disabled, has no full name or description, and is amember of the Domain Users group. You must enable the account and enter a password to make it usablefor Windows networking.

To create a new user with access to both UNIX and Windows networking, select Users, Add NewUser, from the Accounts manager on the SCO machine. The default creates a UNIX user with AdvancedServer (AFPS) access. To create a user with access to UNIX and Windows, accept the defaults andclick OK to create the user. To create a user without Windows networking access, click ChangeDistribution. Click the button next to Local Only in the pop-up window to select Local versusAdvanced Server networking.

To create a user for Windows networking only, create the user from User Manager for Domains ona client with the NT Server Tools. You can manage all user characteristics on the AFPS Server fromUser Manager for Domains on a Windows client, as Screen 2, shows. The user will appear inthe list of UNIX users, but with a login shell of /bin/false. UNIX login shells are the commandinterpreters that govern the interface between the user and the operating system. The command/bin/false is a program that always returns a false or untrue response. If you attempt to log inwith a shell of /bin/false, the login command will get a not logged in response. To convertthis account to a usable UNIX account, change the login shell of /bin/false to a normal login shell(such as /bin/sh or /bin/ksh). The home directory for a UNIX account is where users start. Theirworking directory at the time they log on is their home directory. This directory contains startupcontrol files such as .profile and .kshrc. These files are analogous to the autoexec.bat file,except that each user can have a different set of commands in the user's .profile.

Sharing Printers
You can accomplish the UNIX printer sharing from the UNIX command line. For example, suppose youhave a UNIX computer with printers named hplaser1 and hplaser2 and you want to share them to PCclients. You can share them individually with the following commands:

net share laser1=hplaser1 /print

net share laser2=hplaser2 /print

Or, you can create a printer pool and share them together:

Net share laser1=hplaser1, hplaser2 /print

You can also create printers through the UNIX GUI and share them upon creation, as Screen 3shows. To share them through the GUI after creation, double-click SystemsAdministration, and clickthe Printers folder. Double-click the Printer Manager icon. Highlight a UNIX printer, clickSettings, and select Share printer with Windows Users. Enter a share name, and click OK.

UNIX computers can share printers connected to a Windows PC. After you share the Windowsprinter, use the following procedure to access it from UNIX. From the UNIX Printer Manager window,select Printer, Add Remote, and Windows to bring up the Use Shared Printer on Windows Clientwindow. Enter a printer name, description (optional), and the printer model (passthrough isrecommended and is the default). Enter the Windows client, the share name (or click Select to get alist of shared printers), and the optional password. Click OK to make the Windows printer availableto UNIX applications.

Sorting Out the Details
AFPS does some things differently from NT. For instance, an AFPS UNIX machine serving as a BDCor PDC can become a BDC of another domain without the administrator reinstalling either AFPS orUNIX. When switching domains, the administrator is warned that the Security Accounts Manager (SAM)database will be reinitialized. In AFPS, you can create a user on UNIX for Windows networking on theBDC, and AFPS will update the PDC.

AFPS provides both import and export directory replication. AFPS supports trust relationships,and you can create trusts through AFPS. Windows networking rules control file permissions as a firststep, and then the system checks UNIX permissions.

AFPS provides file sharing from UNIX to the PCs, but not vice versa. SCO OpenServer provides aLAN Manager Client that, when used with AFPS, provides bi-directional file sharing. Installation andmanagement of this feature is discussed in the SCO OpenServer "Guide to Gateways for LANServers."

Solving a Complex Problem
SCO's AFPS is NT networking code that lets an SCO UNIX computer participate in a Microsoftnetwork as a PDC or BDC. The SCO machine can share files and disk space with the Windows clients.You can make printers from the SCO UNIX machine available to the Windows clients and Windowsprinters available to the SCO UNIX programs.