The steps shown in the following sections are required to connect a PC client to the Fast Connect server.
To access the Fast Connect Server, each client PC must be configured for NetBIOS over TCP/IP (RFC1001/1002). This can be accomplished for the various clients as shown in the following sections.
If any is missing, add it from your Windows 95 disks.
Additionally, you may wish to enable WINS support, DNS support, and/or GATEWAY support for each client. If so, configure each as needed.
Note: You must be logged in as an Administrator.
If any is missing, add it from your Windows NT CD.
The TCP/IP Properties dialog box has several tabbed panels. Verify the following:
You may also want to configure DNS, WINS Address, and Routing.
You may need to install the TCP/IP protocol. TCP/IP is not included on the Windows 3.11 installation media. You can download a copy of Microsoft TCP/IP-32 3.11b from Microsoft's web site www.microsoft.com.)
To set up the TCP/IP configuration, double-click on Microsoft TCP/IP-32 3.11b. Configure the IP Address, Subnet Mask, Default Gateway, WINS Server(s), DNS, and other options as needed. (LMHOSTS and DNS enablement are available as Advanced options.)
These protocols should have the same LAN adapter number, which should match your TCP/IP interface.
Note: The default installation is IBM OS/2 NetBIOS. Be sure to add IBM OS/2 NetBIOS OVER TCP/IP if not already listed.)
supports the following methods for user authentication:
User administration is dependent on the authentication method selected by Fast Connect administrator. Each type has its advantages and disadvantages. Which method you choose depends on your environment, your administration policy, and the type that you determine would be easiest to administer and use.
AIX-based authentication uses AIX user definitions and passwords. Following session setup, a Fast Connect session gets the authenticated AIX user credentials (UID, GID and Secondary groups set).
The CIFS LM protocol method uses Fast Connect user definitions and encrypted passwords for user authentication. Each user must be defined as an AIX user as well, and share the same user name. Fast Connect encrypts passwords and saves them in its files for use during session setup. Following session setup, a Fast Connect session gets the authenticated user's credentials (UID, GID and Secondary groups set).
This authentication method uses AIX user definitions and NT Server user authentication. Each user must be defined as an AIX user as well. Passthrough authentications is enabled using SMIT, Web-based System Manager or the net command by specifying Passthrough authentication NTserver IPaddress.
During session setup, Fast Connect forwards the session setup request to the NT server. If the NT server authenticates the user, Fast Connect grants access. Following session setup, a Fast Connect session gets the authenticated user's credentials (UID, GID and Secondary groups set).
NetBIOS Name Service (NBNS) for AIX Fast Connect for Windows provides name resolution services. It also supports some functions of Windows Internet Name Service (WINS), such as registration of multihomed name and Internet group name.
To activate NBNS, 'nbns' in the cifsConfig file needs to be set to 1 (The default is 1) and restart the Fast Connect Server.
To turn off NBNS, set nbns = 0 in the cifsConfig file.
Administering NBNS Tasks | ||
---|---|---|
Task | SMIT Fast Path | Command or File |
List names in the NetBIOS Name Table | smit smb | net nblistnames |
Add a NetBIOS Name | smit smb | et nbaddname /name:NetBIOS Name /ipaddress:ip address [/subcode:00-ff]* |
Delete a NetBIOS name in Name Table | smit smb | net nbdelname /name:NetBIOS Name [/subcode:00-ff] |
Delete by Address and by Name | smit smb | net nbdeladdr /name:NetBIOS Name /ipaddress:ipaddress* |
Backup the NetBIOS Name Table to a File | smit smb | net nbbackup [/file:file name] |
Restore a NetBIOS Name Table from Backup File | smit smb | net nbrestore [/file:file name] |
Note: The value of ip address can be any number in IP address range.
For ease of use, client PCs should be in the same Windows workgroup or NT domain as the Fast Connect server (or vice versa). Windows 3.11, Windows 95, and Windows NT all use WORKGROUP as a default workgroup name, and Fast Connect server initializes itself to use WORKGROUP, also. If your network uses NT domain login authentication, you can configure the Fast Connect server to verify Fast Connect access using the NT domain authentication servers.
Whether you use Workgroups or NT domains, access to Fast Connect is managed by user security. You must set up AIX user accounts for each Windows user who is accessing Fast Connect. It is easiest to use if the user accounts (and passwords) on AIX match the Windows or NT domain user accounts (and passwords).
smit smbcfghatt
To use Workgroups, enter the workgroup name in the Domain Name field.
To use NT domain validation, enter the IP addresses for the NT domain authentication server(s) in the Passthrough Authentication Server and Backup Passthrough Authentication Server fields.
To use Workgroups, enter the workgroup name in the Workgroup field.
To use NT domain validation, go to the Configuration tabbed panel, select Client for Microsoft Networks, and click on Properties. Check the NT domain checkbox, and enter the NT domain name.
Note: Use the OS/2 command LOGON to use NetBIOS services such as network browsing, NET VIEW, and NET USE.
For security reasons, Microsoft has disabled support for nonencrypted (plain text) network passwords in Windows 98 and Windows NT 4.0 (with Service Pack 3 installed). If you want to use plain text passwords on your network, these clients must be upgraded with the following Registry patches.
To install the Windows 98 Enable Plain Text Passwords patch:
REGEDIT4 ; Registry file to allow plaintext passwords on Windows 98 [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VxD\VNETSUP] "EnablePlainTextPassword"=dword:00000001
To install the Windows NT 4.0 Enable Plain Text Passwords patch,
REGEDIT4 ; Registry file to allow plaintext passwords on Windows NT 4.0, SP3 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Rdr\Parameters] EnablePlainTextPassword=dword:00000001
Note: Even with the previous patch installed, all Windows NT 4.0 clients still require the user to type his/her password every time the user first connects to the Fast Connect server (by browsing, mapping drives, etc.). Once the user is successfully connected, additional browsing or drive mapping operations proceed without hindrance. The initial Password Invalid message is because Windows NT 4.0 attempts to use encrypted passwords while connecting to Fast Connect server, rather than plain text passwords.
AIX Fast Connect for Windows supports Browser operations such as Network Neighborhood and NET VIEW. These operations show the user a list of file and printer shares exported by each server.
Network Neighborhood can also be used as a convenient way to map drives. (Right-click on a file share name, then select Map Network Drive from the pop-up menu.)
However, note the following limitations on network browsing:
Network browsing generally works best if the client PC and the Fast Connect server are in the same workgroup/domain.
Normally, PC clients will need to define drive mappings to use the Fast Connect-exported file shares. These drive mappings can be done from Windows or from the DOS command prompt.
You can use the following mechanisms to define/undefine mappings between PC drive letters and Fast Connect file shares. For the sake of the following examples, assume that the NetBIOS servername is cifs01, and that file shares apps and pcdata are defined.
From DOS:
DOS> net help (help info for DOS) DOS> net use H: \\cifs01\home (pre-defined Fast Connect share) DOS> net use F: \\cifs01\apps DOS> copy F:\oldfile H:\newfile (uses previous drive-mappings) DOS> net use F: /delete (delete the drive-mapping)
From Windows:
or
or
For printing, DOS and Windows mappings are somewhat different. For the following examples, assume that Fast Connect server cifs01 has print shares netprint1 and pscolor defined.
For DOS applications, the following simple device-mappings can be used:
DOS> net use LPT1: \\cifs01\netprint1 DOS> net use LPT2: \\cifs01\pscolor
But to support printing from Windows applications, a Windows printer driver needs to be installed, and mapped to the network printer, as follows:
For Windows 3.11, install the desired printer driver through Control Panel, and use the Connect... button to map it to the Fast Connect print share.