Chapter
4, NetWare Networking with Windows 2000
Chapter
4, Lesson 1
Introducing
IPX and NWLink
1. Introduction
A. Novell developed IPX specifically for use with its NetWare
network operating system.
1. Unlike TCP/IP, the IPX standards were not
cooperatively developed or published and remain the sole property of Novell.
B. When Microsoft began integrating networking capabilities into
Windows, NetWare compatibility was considered a crucial factor.
1. Originally, it was agreed that Novell
would supply a Windows client for NetWare that would be included with Windows.
2. After this client failed to materialize,
Microsoft developed its own NetWare clients, including a set of protocols it
called NWLink IPX/SPX/NetBIOS Compatible Transport Protocol (NWLink), which was
designed to be fully compatible with IPX.
2. Introducing
IPX
|1| A. In its basic architectural structure, the IPX protocol suite is
somewhat similar to TCP/IP.
1. The IPX protocol for which the suite is
named is a connectionless network layer protocol that performs most of the same
functions that Internet Protocol (IP) does in the TCP/IP
suite.
2. Like IP, IPX encapsulates transport layer
data, addresses it, and routes it to its destination on the network.
B. Scale is the primary difference between TCP/IP and IPX.
1. TCP/IP was designed to support any type
of computer on any type of network.
2. IPX was designed for use on local area
networks (LANs) because NetWare is strictly a LAN operating system.
|2| C. The most obvious indication that IPX was designed for LANs is
that it does not have its own self-contained address space, as IP does.
1. IPX uses node addresses to identify
network interfaces on a network and network addresses to identify LANs.
a. The node addresses are the data-link layer
hardware addresses coded into the computers’ network interface adapters.
b. NetWare randomly assigns network addresses
during installation, or the network administrator can assign them manually.
2. There is no need for a network registrar
or a separate node addressing system with IPX because it is limited to private
LANs.
D. The greatest shortcoming of IPX is its incompatibility with the
Internet.
1. When NetWare was first developed, the
Internet was a small, experimental project.
2. When the Internet became popular in the
mid–1990s, most software manufacturers modified their product lines to make
them Internet-compatible.
a. Microsoft, for example, adopted TCP/IP as
the default networking protocols for Windows, replacing NetBIOS Extended User
Interface (NetBEUI).
3. However, Novell stuck with its IPX
protocols for several more years.
4. NetWare 5.0 enabled the operating system
to run natively using TCP/IP, eliminating IPX from the network completely.
a. Many networks still run earlier versions
of NetWare that need IPX, and NetWare compatibility is still a Windows issue.
5. If you have NetWare servers on your
network, you must install additional software components on your Windows
systems for them to access resources on those servers.
3. IPX
Protocols
A. Like TCP/IP, the IPX protocol suite consists of several
protocols operating at different layers of the Open Systems Interconnection
(OSI) reference model, all of which work together to provide a nearly complete
protocol stack.
|3| B. Data-link layer protocols
1. IPX has no data-link layer protocols of
its own; it relies completely on the standard LAN protocols used at the
data-link layers, such as Ethernet and Token Ring.
2. The only important factor when combining
Windows and NetWare on the same LAN is the selection of the correct frame type
in the NetWare clients and servers.
3. NetWare supports four Ethernet frame
types:
a. Ethernet 802.3. The original default
frame type for all NetWare versions up to and including 3.11; also known as
“raw Ethernet”
(1) This frame lacks any means of identifying
the network layer protocol that generated the information in the frame’s Data
field.
(2) Consequently, this frame type can only be
used on a NetWare network running only IPX at the network layer.
(3) If you have Windows computers running
NWLink on your network, you should not use this frame type.
b. Ethernet 802.2. Conforms more precisely
to the Ethernet protocol standards published by the Institute of Electrical
and Electronics Engineers (IEEE); is the default frame type for NetWare
versions 3.12 and later
(1) You can use this frame type with any
products that support IPX at the network layer (including Windows).
(2) However, this frame type still lacks a
network layer protocol identifier, which means that you cannot use it on a
network running more than one protocol at the network layer, such as a mixed
NetWare/Windows network running both IPX and TCP/IP.
c. Ethernet II. Defined by the original DIX (Digital Equipment
Corporation, Intel Corporation, and Xerox Corporation) Ethernet standard
(1) Includes an Ethertype field that specifies
what network layer protocol generated the information in the frame’s payload
(2) You can use this frame type on a network
running multiple protocols at the network layer, including IPX and TCP/IP.
(3) This is the most commonly used frame type
on mixed Windows/NetWare networks.
d. Ethernet SNAP. Uses the same format as
Ethernet 802.2, except that it includes an additional Subnetwork Access
Protocol (SNAP) header in the Data field
(1) The SNAP header has a field that identifies
the network layer protocol that generated the data carried in the frame,
enabling you to use the frame type on networks running TCP/IP, AppleTalk, or
both, in addition to IPX.
4. In most NetWare clients, the selection of
a frame type is automatic and usually reliable.
5. When you troubleshoot network
communication problems on a Windows/NetWare network, you should check that the
computers are using an appropriate frame type and that they are all using the
same frame type.
C. Internetwork Packet Exchange
1. Like IP, IPX is a networking protocol
that provides a connectionless datagram transfer service and controls the
addressing and routing of data packets within and between networks.
|4| 2. The IPX data encapsulation process adds a
30-byte header to a payload received from a transport layer protocol. The IPX
datagram format is shown in Slide 4.
|5| 3. Functions of the IPX header fields
a. Checksum (2 bytes). A vestige of the
now-unused protocol from which IPX was derived
b. Length (2 bytes). Specifies the length of
the datagram in bytes, including the IPX header and the data
c. Transport Control (1 byte). Specifies the number of
routers the datagram has passed through on the way to its destination; also
known as the hop count
(1) The computer generating the packet sets the
value of this field to 0, and each router increments the field by 1 as it
processes the packet.
(2) If the value reaches 16, the packet is
discarded.
d. Packet Type (1 byte). Identifies the upper
layer protocol that generated the information carried in the Data field
e. Destination Network Address (4 bytes). Identifies the network
on which the destination system is located, using a value assigned by the
operating system or the administrator during NetWare installation
|6| f. Destination
Node Address (6 bytes). Identifies the network interface adapter in the
computer to which the data is to be delivered, using the data-link layer
protocol hardware address
g. Destination Socket (2 bytes). Identifies the
application or process on the destination system for which the information in
the Data field is intended
h. Source Network Address (4 bytes). Identifies the network
on which the source system is located, using a value assigned by the operating
system or the administrator during NetWare installation
i. Source Node Address (6 bytes). Identifies the network
interface adapter in the transmitting computer, using the data-link layer
protocol hardware address
j. Source Socket (2 bytes). Identifies the
application or process on the transmitting system that generated the
information in the Data field
k. Data (variable). Contains the data
generated by the upper layer protocol
4. IPX is responsible for end-to-end
transmissions across an internetwork and is therefore responsible for network
layer addressing and routing, just as IP is.
a. Both these tasks are somewhat simpler than
they are in IP because IPX is working only with private internetworks of
limited size.
(1) For example, IPX discards datagrams after
16 hops, assuming them to be circulating endlessly around the network because
of a routing problem.
(2) IP datagrams generated by a computer
running Windows have a Time to Live (TTL) value that enables them to travel as many
as 128 hops, because processing by literally dozens of routers is a distinct
possibility on the Internet.
5. As with IP, routers on IPX networks use
dynamic routing protocols, such as Routing Information Protocol (RIP), to share
their routing information.
|7| D. Sequenced Packet Exchange
1. SPX is a connection-oriented transport
protocol that is often thought of as a frequent partner to IPX, just as TCP is
to IP.
a. The IPX protocol suite is often referred
to as the IPX/SPX protocols.
b. In actuality, NetWare uses the combination
of IPX and SPX far less frequently than the TCP/IP protocols use the
combination of TCP
and IP.
(1) For example, NetWare file sharing, which
generates much of the traffic in a typical NetWare network, uses the NetWare
Core Protocol (NCP).
c. SPX is relegated to communications
between network print devices, remote console sessions, network backups, and
other relatively infrequent activities.
2. Like TCP, SPX provides reliable delivery
by assigning sequence numbers to packets and acknowledging specific sequences.
a. A computer receiving SPX data verifies
successful delivery of the packets by generating acknowledgment messages and
returning them to the sender.
(1) If an acknowledgment request brings no
response within a specified time, SPX retransmits the request as many as eight
times.
(2) If no response is received, SPX assumes the
connection has failed.
b. Unlike TCP, the original SPX
implementation required a separate acknowledgment for each data packet.
3. Novell has modified SPX over the years,
adding a packet burst mechanism.
a. Packet burst, or burst mode, enables a
computer to transmit multiple data packets without requiring that each packet
be sequenced and acknowledged individually.
b. By enabling the receiving system to
acknowledge multiple packets at once, burst mode can reduce network traffic on
most IPX networks.
c. Additionally, the packet burst mechanism
monitors dropped packets and retransmits only the missing packets.
(1) In Windows 2000, SPX burst mode is enabled
by default.
4. SPXII improves on SPX by enabling it to
perform better on high-bandwidth networks.
a. SPXII allows a greater number of
outstanding packets than SPX.
(1) SPX cannot have more than one outstanding
unacknowledged packet at any time.
(2) SPXII can have as many outstanding packets
as the communicating computers negotiate during connection establishment.
b. SPXII allows larger packets than SPX does.
(1) SPX has a maximum packet size of 576 bytes.
(2) SPXII can use the maximum packet size of
the data-link layer protocol.
(a) For example, on an Ethernet network, SPXII
can use packets as large as 1518 bytes.
5. Because SPX is a connection-oriented
protocol, it performs a handshake before transmitting any application data.
|8| 6. The header that the protocol adds to the
information generated by the application layer protocol is 12 bytes long. The
SPX header format is shown on Slide 8.
|9| 7. Functions of the SPX header fields
a. Connection Control (1 byte). Contains a code that
helps to regulate the bidirectional flow of data between the computers
(1) Indicates, for example, that the packet
contains the end of a message, requires an acknowledgment, or is a system
packet
b. Datastream Type (1 byte). Indicates the function
of the data in the message and the upper layer process for which it is intended
c. Source Connection ID (2 bytes). Contains a unique value
used by the source computer to identify this connection, because two computers
can have multiple connections open between the same sockets simultaneously
d. Destination Connection ID (2 bytes). Contains the unique
value used by the destination computer to identify this connection
|10| e. Sequence
Number (2 bytes). Contains a value that identifies this message’s place in
the sequence of messages that make up the transaction
(1) The destination system uses these values to
place the incoming messages in the proper sequence.
f. Acknowledgment Number (2 bytes). Contains the sequence
number of the next message that the system expects to receive from the
connected system, tacitly acknowledging all the packets with lower sequence
number values
g. Allocation Number (2 bytes). Provides flow control by
specifying the number of packet receive buffers available on the system
h. Data (variable). Contains the information
generated by an application layer protocol
|11| E. NetWare
Core Protocol
1. NCP is NetWare’s primary upper layer
protocol and is responsible for the majority of the traffic traveling between
clients and servers on most NetWare networks.
2. Carries messages that perform a wide
variety of services, including file sharing, printing, directory services
communications, messaging, and data synchronization
3. Is difficult to place in the OSI
reference model because its functions span the transport, session,
presentation, and application layers
4. NCP messages are carried within IPX
datagrams, just like those of SPX.
5. There is also a variation on the
protocol, called the NetWare Core Packet Burst Protocol (NCPB), which enables a
computer to transmit multiple data packets without requiring each one to be
acknowledged individually.
|12| 6. NCP uses headers for request and reply
messages that are slightly different from each other. The NCP Request message
format is shown on Slide 12.
|13| 7. Functions of the NCP Request header
fields
a. Request Type (2 bytes). Specifies the message’s
basic function
b. Sequence Number (1 byte). Contains a value that
identifies this message’s place in the sequence of messages that make up the
transaction
(1) The destination system uses these values to
place the incoming messages in the proper sequence.
c. Connection Number Low (1 byte). Contains a value that
indicates the number of the client’s connection to the server
d. Task Number (1 byte). Contains a unique value
that the computers use to associate request messages with replies
|14| e. Connection
Number High (1 byte). Not used
f. Function (1 byte). Contains a code that
indicates the message’s specific function
g. Subfunction (1 byte). Contains a code that
further defines the message’s function
h. Subfunction Length (2 bytes). Specifies the length of
the Data field
i. Data (variable). Contains
information specific to the type of request, such as the name and location of a
file
|15| 8. Functions of the NCP Reply header fields
(the NCP Reply message format is shown in Slide 15)
|16| a. Reply/Response Type (2 bytes). Specifies the type of
reply
b. Sequence Number (1 byte). Contains a value that
identifies this message’s place in the sequence of messages that make up the
transaction
(1) The destination system uses these values to
place the incoming messages in the proper sequence.
c. Connection Number Low (1 byte). Contains a value that
indicates the number of the client’s connection to the server
d. Task Number (1 byte). Contains a unique value
that the computers use to associate request messages with replies
|17| e. Connection
Number High (1 byte). Not used
f. Completion Code (1 byte). Specifies whether the
associated request succeeded or failed
(1) A value of 0 indicates success; a value
other than 0 indicates failure.
g. Connection Status (1 byte). Indicates whether the
connection between the client and the server is still active
(1) A value of 0 indicates that the connection
is active; a value of 1 indicates that it is not active.
h. Data (variable). Contains information
transmitted by the server in response to the associated request
|18| F. Windows
2000 and NetWare compatibility
1. Windows 2000 includes a complete
collection of NetWare compatibility components in addition to its Windows
networking components.
a. NetWare compatibility components included
with Windows 2000 include NWLink, a client module, and a Directory Service
Migration Tool.
b. When you install NWLink and an appropriate
NetWare client on a computer running Windows, the computer can access files,
printers, and other services on your NetWare servers.
2. NWLink is the IPX counterpart to the
Internet Protocol (TCP/IP) module.
a. NWLink provides all network and transport
layer services, plus additional upper layer functions.
b. NWLink is written to the same interfaces
as TCP/IP, that is, the Network Device Interface Specification (NDIS) interface
at the boundary between the data-link and network layers, and the transport
driver interface (TDI) at the top of the transport layer.
(1) Therefore, NWLink can operate parallel to the TCP/IP module,
using the same NDIS driver below it and the same client above.
|19| (2) One network interface adapter, therefore,
can enable Windows 2000 to participate on both Windows and NetWare networks.
|20| 3. In addition to NWLink, Windows 2000 also
includes a NetWare client, which performs roughly the same services as Client
for Microsoft Networks, but for NetWare.
a. Microsoft Windows 2000 Professional
includes Client Service for NetWare (CSNW), and Microsoft Windows 2000 Server
includes Gateway Service for NetWare (GSNW).
b. Both clients provide basic client access
to NetWare servers, but GSNW includes additional gateway capabilities that CSNW
lacks.
c. You must install NWLink if you want to
use CSNW or GSNW to connect to NetWare servers.
4. The Windows 2000 NetWare networking
components are not the only alternative for NetWare connectivity.
a. Novell produces its own NetWare client
software for Windows, called Novell Client for Windows NT/2000.
b. The Novell client includes its own IPX
protocol module and Open Data-link Interface (ODI) network adapter drivers that
you can use instead of Windows’ own NDIS drivers.
(1) ODI drivers are not compatible with the
Windows protocol and client modules, so you can use them only on a NetWare-only
network.
(2) NDIS drivers are compatible with both the
Windows and Novell networking components, thereby providing both Windows and
NetWare connectivity.
5. NetWare versions 5.0 and later include native
support for TCP/IP, which enables you to eliminate IPX from the network
entirely.
a. However, Windows CSNW and GSNW do not work
with TCP/IP; they require NWLink.
b. If you use CSNW and GSNW, you must also
enable IPX on your NetWare servers.
c. To access NetWare 5 servers using TCP/IP,
you must use Novell Client for Windows NT/2000.
d. Only the Novell client enables you to run
NetWare’s primary network administration tool, NetWare Administrator.
Chapter
4, Lesson 2
Using the Windows 2000 NetWare Clients
1. Introduction
A. To install the NetWare networking components included with
Windows 2000, you use Network And Dial-Up Connections in Control Panel.
B. When you install CSNW, Windows 2000 automatically installs
NWLink, which is required for CSNW to function.
C. You can also install NWLink by itself and use it for Windows
communications, but this is rarely done.
2. Installing
Client Service for NetWare
A. Before you can install CSNW on a computer running Windows 2000
Professional, you must have a network interface adapter and the appropriate
device driver installed.
1. This creates a Local Area Connection icon
in the Network And Dial-Up Connections window.
2. To install CSNW, you need Administrator
rights to the computer running Windows 2000 Professional.
|21| B. To
install CSNW:
1. Click Start, and then select Network And
Dial-Up Connections from the Settings menu to open the Network And Dial-Up
Connections window.
2. Right-click the Local Area Connection
icon, and then select Properties from the shortcut menu to open the Local Area
Connection Properties dialog box.
3. In the General tab, click Install to open
the Select Network Component Type dialog box.
4. Select Client, and then click Add to open
the Select Network Client dialog box.
5. Click Client Service For NetWare, and
then click OK. When asked if you want to restart the computer, click No to
return to the Local Area Connection Properties dialog box.
a. In the Local Area Connection Properties
dialog box, notice that the NWLink NetBIOS and NWLink IPX/SPX/NetBIOS
Compatible Transport Protocol modules have been automatically installed in
addition to CSNW.
6. Click OK to complete the installation and
close the Local Area Connection Properties dialog box.
7. Restart the computer.
a. To confirm that NWLink is working
properly, at the command prompt, type ipxroute
config to display a table with information about the bindings for which
NWLink is configured.
C. If you plan on running a NetWare-only network—that is, one in
which computers running Windows access only shared NetWare resources—you can do
one of the following:
1. Remove the CSNW and Internet Protocol
(TCP/IP) modules from the Local Area Connection Properties dialog box.
2. Unbind the modules from the network
adapter.
3. Configuring
NWLink
A. In most cases you can use NWLink immediately after installing
it, with no additional configuration.
1. Sometimes you might have to modify the
default NWLink settings, so it is a good idea to know what they represent.
|22| B. To
configure NWLink:
1. Click Start, and then select Network And
Dial-Up Connections from the Settings menu to open the Network And Dial-Up
Connections window.
2. Right-click the Local Area Connection
icon, and then select Properties from the shortcut menu to open the Local Area
Connection Properties dialog box.
3. Select NWLink IPX/SPX/NetBIOS Compatible
Transport Protocol, and then click Properties to open the NWLink
IPX/SPX/NetBIOS Compatible Transport Protocol Properties dialog box.
4. Specify values for any or all of the
Internal Network Number, Frame Type, and Network Number settings, and then
click OK to close the NWLink IPX/SPX/NetBIOS Compatible Transport Protocol
Properties dialog box.
5. Click OK to close the Local Area Connection
Properties dialog box.
C. The internal network number is used for internal routing when
the computer running Windows 2000 is also hosting IPX services.
1. When calculating the best possible route
for transmitting packets to a specified computer, multiple routes with the same
route metrics can create ambiguities for computer hosts.
2. When you specify a unique internal
network number, you create a virtual network inside the computer.
a. This creates a single optimum path from
the network to the services running on the computer.
|23| D. The
frame type defines the way the computer’s network interface adapter formats the
NWLink data for transmission over the network.
1. To communicate with NetWare servers, a
computer running Windows 2000 must be configured to use the same frame type as
the servers.
2. By default, NWLink is configured to
automatically detect the frame type used on the network and configure itself
accordingly.
3. During the autodetection process, NWLink
tries each of the frame types for the data-link layer protocol used by the
network interface adapter.
a. For example, on an Ethernet network,
NWLink tries the Ethernet 802.2, Ethernet 802.3, Ethernet II, and Ethernet SNAP
frame types to see which ones it can use to communicate with the other IPX
systems on the network.
b. Computers using Token Ring or Fiber
Distributed Data Interface (FDDI) use two different frame types.
4. When NWLink receives a response from a
NetWare server with one of the frame types, it also receives the network number
associated with that frame type for the network segment on which the client
resides.
5. NWLink then rebinds, using the frame
types from which it received responses.
6. If NWLink detects no network traffic or
detects multiple frame types in addition to the 802.2 frame type, NWLink sets
the frame type to 802.2.
7. Occasionally, the autodetection mechanism
selects an inappropriate network number and frame type combination for the
adapter.
a. Because the mechanism uses the responses it
receives from computers on the same network segment, it might select an
incorrect frame type and network number if the computers responded with
incorrect values.
(1) Incorrect values are usually caused by an
incorrect manual setting on another computer on the network.
8. If the autodetection mechanism selects an
inappropriate frame type and network number for a particular adapter, you can
manually set a frame type in the NWLink IPX/SPX/NetBIOS Compatible Transport
Protocol Properties dialog box.
a. Changing the contents of the Frame Type
box to any value but Auto Detect activates the Network Number box, enabling you
to specify the network number currently used by the network segment to which
the computer is connected.
b. The external network number is a unique
number that represents a specific network segment and associated frame type.
9. All computers on the same network segment
that use a given frame type must have the same external network number, which
must be unique for each network segment.
a. The IPX frame type and network number are
set during the initial NetWare server configuration, so it is best to check a
NetWare server, rather than another client workstation, to determine the
correct Network Number value.
|24| 4. Configuring Client Service for NetWare
A. When you install CSNW in the Local Area Connection Properties
dialog box, the Select NetWare Logon dialog box appears.
1. In this dialog box, you can specify
either a preferred NetWare server to which the client will always connect
first, or a default Novell Directory Services (NDS) tree and context that the
client will use to log in to the network.
a. A preferred server is the NetWare server
to which you are automatically connected when you log on if your network does
not use NDS.
b. The tree
and context define the position of the user object for the user name you use to
log on to an NDS tree.
(1) You set a default tree and context only in
an NDS environment; otherwise, you set a preferred server.
2. You can also specify whether the client
should execute the login scripts associated with the user’s account.
a. You do not have to specify login
parameters for the client during the client installation, however.
(1) You can access the configuration parameters
for CSNW at any time through the CSNW Control Panel created during the client
installation process.
B. When you double-click the CSNW icon in the Control Panel, the
Client Service For NetWare dialog box appears.
1. You can set the Preferred Server, Default
Tree And Context, and Run Login Script Options parameters, as well as configure
the client’s printing behavior.
|25| 5. Using
Gateway Service for NetWare
A. Introduction
1. GSNW included with Windows 2000 Server is
a superset of CSNW.
2. The server computer can access NetWare
file and print resources just like a workstation running CSNW, but it can also
function as a gateway to those resources, enabling computers running Windows to
access NetWare resources through the Windows 2000 server.
a. GSNW is a bridge between NetBIOS used by
the Windows network and NCP used by the NetWare network.
b. When you enable a gateway on the network,
computers running Microsoft client software can access NetWare files and
printers without having to run NetWare client software locally.
|26| 3. For file access, the gateway server maps
one of its own drives to the NetWare volume and then shares that drive with
other Microsoft clients.
a. The gateway uses a NetWare account on the
computer running Windows 2000 Server to create a validated connection to the
NetWare server.
b. This connection appears on the computer
running Windows 2000 Server as a normal mapped drive.
c. When you share the mapped drive, it
becomes like any other shared Windows network resource.
d. Other computers on the network can access
the drive like any other shared Windows resource, without being aware that the
shared files and folder are actually stored on a NetWare server.
4. After the gateway connection between the
Windows 2000 server and the NetWare server is established, it is disconnected
only if
a. The computer running Windows 2000 Server
is turned off
(1) GSNW runs continually, so logging off the
computer running Windows 2000 Server does not, by itself, disconnect the
gateway.
b. The administrator disconnects the shared
resource or disables the gateway
c. A network problem prevents access to the
NetWare server
5. Accessing NetWare resources through a
gateway is generally slower and less efficient than accessing them directly
using a NetWare client.
a. This is particularly true when you have
many clients accessing NetWare resources through the gateway, because all the
access requests have to go through one GSNW computer and be transmitted again
to the NetWare server.
b. GSNW is intended for the following
circumstances:
(1) Servicing clients that require only
occasional access to NetWare resources
(2) When you are gradually migrating your
network from NetWare to Windows 2000 and want to provide users with temporary
access to resources on a NetWare server before you move them to a Windows
server
6. Advantages of GSNW
a. You do not have to install a NetWare
client and IPX or NWLink on every computer accessing the NetWare resources.
b. You do not have to maintain separate
accounts for all your users on both Windows and NetWare.
B. Installing Gateway Service for NetWare
1. You can install GSNW when you install
Windows 2000 Server, or you can install GSNW later.
a. You must be logged on as a member of the
Administrators group to install and configure GSNW.
b. Before you install GSNW on a computer,
remove any existing client software that is compatible with NCP, including any
Novell client software, from the computer.
|27| 2. To install GSNW after the operating
system installation:
a. Click Start, and then select Network And
Dial-Up Connections from the Settings menu to open the Network And Dial-Up
Connections window.
b. Right-click the Local Area Connection
icon, and then select Properties from the shortcut menu to open the Local Area
Connection Properties dialog box.
c. In the General tab, click Install to open
the Select Network Component Type dialog box.
d. Select Client, and then click Add to open
the Select Network Client dialog box.
e. Click Gateway (And Client) Service For
NetWare, and then click OK. When asked if you want to restart the computer,
click No.
(1) As with CSNW, installing GSNW also causes
Windows 2000 to install the NWLink NetBIOS and NWLink IPX/SPX/NetBIOS
Compatible Transport Protocol modules, if they have not been installed already.
f. Click OK to complete the installation and
close the Local Area Connection Properties dialog box.
g. Restart the computer.
C. Configuring Gateway Service for NetWare
1. As with CSNW, when you install GSNW,
Windows 2000 prompts you to specify a default NDS tree and context or a
preferred server in the Gateway Service For NetWare dialog box.
2. To set a preferred server later, open the
GSNW Control Panel to display the Gateway Service For NetWare dialog box, click
Preferred Server and, in Select Preferred Server, type the name of the NetWare
server you want to use.
a. If you do not want to set a preferred
server, click None.
(1) You are then logged on to the nearest
available NetWare server, and your interaction with the NetWare network is
through that server.
b. If you do not set a preferred server, you
are prompted to set one each time you log on.
3. If you are running NDS, you can specify a
default tree and context in place of the preferred server; you cannot configure
both.
a. If you select a default tree and context,
you can still access NetWare servers that use bindery security.
b. To set a default tree and context, open
the GSNW Control Panel, click Default Tree And Context, and then type the tree
name and the context where your user object is located in the Tree and Context
boxes.
D. Creating a gateway
1. Before you can create a gateway to
NetWare resources using GSNW, you must create a group called NTGATEWAY, either
on your preferred NetWare server or in the NDS tree and context you specified.
a. The NTGATEWAY group must also have a user
account as a member with the permissions needed to access the NetWare resources
you want to share with Windows users.
b. The NetWare user account you use to enable
gateways can be either an NDS account or a bindery account.
(1) If the server will have gateways to both
NDS and bindery resources, you should use a bindery account (which can connect
to NDS resources using bindery emulation).
(2) If you intend to create gateways only to
NDS resources, you can use an NDS account.
E. Enabling gateways in Windows 2000
1. Creating a gateway on a computer running
Windows 2000 Server is a two-step process.
a. First, you enable the gateway, which
provides the means for the client to log on to the NetWare resources.
(1) When you enable a gateway, you must type
the name and password of the user account that has access to the NetWare server
and is a member of the NTGATEWAY group.
(2) You do this only once for each server that
will act as a gateway.
b. Next, you activate a gateway for each
volume or printer you want to share.
|28| 2. To enable a gateway in Windows 2000
Server:
a. Click Start, point to Settings, click
Control Panel, and then click Gateway Service For NetWare.
b. Click Gateway to display the Configure
Gateway dialog box.
c. Select the Enable Gateway check box.
(1) This activates the Gateway Account,
Password, and Confirm Password boxes.
d. In the Gateway Account box, type the name
of the account you created in the NetWare NTGATEWAY group.
e. In the Password and Confirm Password
boxes, type the password for the gateway account, and then click OK to close
the dialog box.
3. You can now share NetWare file and
printing resources over a Windows–based network.
F. Activating gateways
1. The second step in creating the gateway
is to activate a gateway for each volume or printer you want to share.
a. When you activate a gateway, you identify
the NetWare resource to be shared and specify the share name that Windows
clients will use to access the resource.
b. To activate a gateway for a volume, you
use the Gateway Service for NetWare Control Panel.
c. To activate a gateway for a printer, you
use the Add Printer Wizard.
2. If you are activating a gateway to an NDS
resource and the gateway user is a bindery account, use a bindery context name
to identify the resource.
a. If you are using an NDS user account and
you do not plan on also creating gateways to bindery resources, specify the NDS
resource name.
|29| 3. To activate a gateway to a NetWare file
resource:
a. Click Start, point to Settings, click
Control Panel, and then click Gateway Service For NetWare.
b. Click Gateway to open the Configure
Gateway dialog box.
c. Click Add to display the New Share dialog
box.
d. In the Share Name box, type a share name
that Microsoft clients will use to access the NetWare resource.
e. In the Network Path box, type the network
path of the NetWare volume or directory you want to share.
(1) When specifying the value for the Network
Path field, you use Universal Naming Convention (UNC) notation, as in \\netwareserver\netwarevolume.
|30| f. In
the Use Drive
box, type the default drive you want to map to the share, if necessary.
g. Click Unlimited, and then click OK to add
the share to the list in the Configure Gateway dialog box.
(1) You can also click Allow, enter a maximum
number of concurrent users, and then click OK.
h. Repeat steps c–g (steps 3–7 on Slides
29–30) to create additional shares, or click OK to close the Configure Gateway
dialog box.
i. Click OK to close the Gateway Service
For NetWare dialog box.
4. To activate a gateway to a NetWare
printer, you create a network printer in the Printers window in the usual
manner, specifying the name of a NetWare printer instead of a Windows printer,
and then share the printer from its Properties dialog box.
G. Securing gateway resources
1. Security for gateway resources is provided
on two levels:
a. On the computer running Windows 2000
Server and acting as a gateway, you can set share-level permissions for each of
the resources made available through the gateway.
b. On the NetWare server, the NetWare
administrator can assign trustee rights to the user account that is used for
the gateway or to the NTGATEWAY group.
(1) These rights are enforced for all Microsoft
client users who access the resource through the gateway.