www.novell.com integrating netware ® and linux jim henderson novell support sysop novell support...

www.novell.com

Integrating NetWare® and Linux

Jim HendersonNovell Support SysOpNovell Support [email protected]

Brad DosterNovell Support SysOpInsight Network [email protected]

Agenda

• Overview

• Definitions• Assumptions and prerequisites• File system access• Printing• Directory services• Administration tools• Q&A

Overview

• Why integrate Novell NetWare® and Linux?

• How does Linux integrate into a NetWare environment?

• Can I use Linux as a desktop operating system and as a client to NetWare systems?

• What administrative tasks can I perform with Linux?

• During this session, we’ll look at these issues in a live environment

Definitions

• Mount—to connect one file system to another so they appear to be a single file system (this is the UNIX/Linux equivalent to mapping a drive in the DOS/Windows environment)

• NFS—Sun’s NetWork File System

• Ncpfs—NetWare Core Protocol File System (this is the native NetWare file system client for UNIX/Linux workstations)

• NFA—Native File Access, a feature of NetWare 6 and an add-on for NetWare 5.1 that allows access to a NetWare server’s file system using a native file system access protocol for the client rather than the Novell NetWare Core Protocol™ (NCP™)

Assumptions and Prerequisites

• Some familiarity with UNIX-derived operating systems

• Package discussions for Linux will be discussed in terms of RedHat’s distribution of Linux

Packages are available for other distributions, or you can build them from the source code

Assumptions and Prerequisites (cont.)

• In order to use IPX, the Linux kernel must either have the IPX protocol compiled into it directly or compiled to load as a module

Familiarity with building the Linux kernel from source

High-level understanding of Linux kernel modules support

• IPX Internal Network support in the kernel should not be enabled unless you intend to use the MARS_NWE package

File System Access

• What options are available? Depends on the version of NetWare you wish to connect

to

• NetWare 4.x requirements An NCP-aware client

• NCP clients must use IPX, so the Linux workstation needs to have the ipxutils and ncpfs packages installed

The prior installation of Novell NFS Services for NetWare in order to use an NFS-based client

NFS services are administered using the NetWare server console utility UNICON

File System Access (cont.)

• NetWare 5.x requirements An NCP-aware client (ncpfs) NCP clients can use IPX or IP

• If IPX is used, the ipxutils package needs to be installed on the Linux workstation

The installation of Novell NFS Services for NetWare NFS services are administered using Novell ConsoleOne®

with the NFSADMIN snap-in installed Novell’s Native File Access Pack (NetWare 5.1 only) in

order to use an NFS-based client• NFA is administered using ConsoleOne

File System Access (cont.)

• NetWare 6 requirements An NCP-aware client (ncpfs) NCP clients can use IPX or IP; if IPX is used, the ipxutils

package needs to be installed on the Linux workstation Novell Native File Access

• NFA is administered using ConsoleOne Web-based access Web access to files can be achieved through the Novell

iFolder™ web access or the NetStorage functionality of WebAccess using a browser for file upload/download to the server• iFolder access is not synchronized because it is browser-

based

File System Access with ncpfs

• ncpfs package must be installed on the Linux workstation

Version 2.2.0.18-3 and above supports IPX and IP protocols

• For NetWare 4.x and IPX connectivity on 5.x and 6, the ipxutils package must be installed and IPX must be bound to the network card

• Mounted file systems can be configured in /etc/fstab to simplify mounting

• User ID and password can be stored in clear text in ~/.nwclient to save the user time, but this could be a security risk

~ = the user’s home directory

File System Access with ncpfs (cont.)

• ipxutils Used to configure and manage IPX features on

the Linux host ipx_interface is the main utility, used to

configure the primary IPX interface Syntax

ipx_interface add -p eth0 802.2 Some versions of RedHat work more reliably

with manual modifications to the network interface configuration files

man -k ipx for more information


• Binding IPX on Linux workstations Can be done with the linuxconf utility with varying

success Can be done with the ipx_interface utility for the current

session Can be done manually by editing the following files

• /etc/sysconfig/network• /etc/sysconfig/network-scripts/ifcfg-eth0

Sample /etc/sysconfig/network file• NETWORKING=yes• HOSTNAME=redhat.novell.com• IPX="yes"• IPXINTERNALNETNUM="0"

• IPXINTERNALNODENUM="0“• IPXAUTOPRIMARY="on“• IPXAUTOFRAME="on"


• Binding IPX on Linux workstations (cont.) Sample /etc/sysconfig/network-scripts/ifcfg-eth0 file

• DEVICE=eth0• ONBOOT=yes• BOOTPROTO=dhcp• IPXNETNUM_802_2="8022a“• IPXPRIMARY_802_2="no“• IPXACTIVE_802_2="yes“• IPXPRIMARY_802_3="no“• IPXACTIVE_802_3="no“• IPXPRIMARY_ETHERII="no“• IPXACTIVE_ETHERII="no“• IPXPRIMARY_SNAP="no“• IPXACTIVE_SNAP="no“


• Binding IPX on Linux workstations (cont.) After manually editing the network files, do one

of the following• Reboot by executing

/sbin/shutdown –r now

• Restart the network by executing/etc/rc.d/init.d/network restart


• /etc/fstab syntax SERVER/USER mount-point ncp options Example

bs2002/Linus.brainshare /mnt/bs2002 ncp nodev,nosuid,rw,uid=0,gid=0,mode=666,noauto,multiple• This will mount ALL volumes from the bs2002 server

beneath /mnt/bs2002• Although the server name and mount point are named

the same in this example, there is no requirement for this


• ~/.nwclient syntax SERVER/USER password

• Password can be excluded to have ncpmount prompt• USER can be either a bindery user ID or a Novell

eDirectory™ user ID without the leading period Example

bs2002/Linus.brainshare windozesux Note that the file must live in the user’s home

directory and must be mode 600 (u+rw) for security reasons


• Basic ncpmount command syntax ncpmount -S <servername> [-A <ipaddr>|<dnsname> ]

-U <username> mount-point Example ncpmount -S bs2002 -U .Linus.brainshare

/mnt/bs2002 This prompts for a password unless ~/.nwclient has an

entry for the server/user pair and the permissions are set correctly on this file

For IP-based connections, add the -A parameter to specify the IP address or DNS name of the server

File System Access with NFS and NFA

• Uses standard NFS mount commands and/or nfs entries in /etc/fstab

• IPX cannot be used• Requires NFS client support in the Linux Kernel and

the mount package (which is installed by default)• Exported file system must be defined ahead of time

along with access rights• Mount command syntax

mount -t nfs server:/export-path mount-point Example

mount –t nfs bs2002:/linux /mnt/bs2002/linux

File System Accesswith NFS and NFA (cont.)

• /etc/fstab syntax server:/path mount-point nfs options Example

bs2002:/linux /mnt/bs2002/linux nfs rsize=8192,wsize=8192,timeo=14,intr

Printing

• Printing is handled through queue-based printing services or iPrint (NetWare 6 only)

Queue-based printing requires a bindery context be set up and the queue exist in the bindery context

printtool is used to configure ncp-based printing Authentication can be an eDirectory credential,

but the queue must be a bindery queue ghostscript is used to convert postscript to the

printer’s native language in some cases

Directory Services

• As discussed earlier, eDirectory credentials can be used with the ncp tools

Many additional tools in the ncpfs package allow for manipulation of bindery objects

nwpasswd can be used to change user passwords• Supports eDirectory and bindery accounts

• Some management tasks can be completed through Linux

Administration Tools

• ConsoleOne

• Novell iManage• ncpfs tools• Telnet• Remote GUI

Administration Tools (cont.)

• ConsoleOne 1.3.3 May be used for managing many aspects of the

environment Some snap-ins other than those listed on Novell

site for Linux may work on Linux Unzip the files directly to the /usr/ConsoleOne

directory, then try your luck Only works over IP; SLP must be configured

correctly


• iManage Web-based administration tool NetWare 6 only Role-based administration tool Roles must be defined in advance and assigned

to users through ConsoleOne


• ncpfs package includes several commands

ncopyncpmountncpumountnprintnsendnwauthnwbocreatenwbolsnwboprops

nwfsinfonwfstimenwgrantnwpasswdnwpurgenwrevokenwrightsnwsfindnwtrustee

nwbormnwbpaddnwbpcreatenwbprmnwbpsetnwbpvaluesnwdirnwdpvaluesnwfsctrl

nwtrustee2nwuserlistnwvolinfopqlistpqrmpqstatpserverslistnwmsg


• Telnet A faster alternative to RCONSOLE and RCONJ NetWare server requirements

• NetWare 4.11 or above with TCP/IP bound• REMOTE.NLM is loaded• XCONSOLE.NLM is loaded

Workstation suggestions• Works best from an X-Windows server session• In X-Windows, the NetWare server must be ‘xhost’ed

Telnet connection syntax for an X-Server session• xhost server_ip_address | server_host_name• telnet server_ip_address | server_host_name


• Telnet (cont.) Example of connection syntax for an X server session

• xhost bs2002• telnet bs2002

Telnet keystrokes from an X server session• +/- toggle screens (like NetWare 3.x)• Ctrl-Esc show list of available screens

(like at the console)• Ctrl-x end telnet session• Ctrl-? or Ctrl-w help (good info for non-X windows sessions)

Limitations• Cannot display NetWare server’s GUI screens• On some X servers, if the NumLock key is active, all keystrokes are

ignored• Remote password is encrypted, but the remainder of the session is

transferred in plain text


• Remote GUI Not officially supported, but it (usually) works

• Your mileage may vary NetWare server requirements

• NetWare 5.x or 6 with TCP/IP bound Workstation requirements

• Must be an X-Windows server• NetWare server is ‘xhost’ed


• Remote GUI (cont.) HowTo from your workstation

• xhost server_ip_address | server_host_name• Access the server console via RCONSOLE, RCONJ or Telnet,

then from your remote console sessionUNLOAD JAVA

ENV DISPLAY=your_workstation_ip_address:0

STARTX Limitations

• Your patience—although it can be slow, it’s better than a road trip

• When installing Novell products from the OS CD, the CD must be available to the server locally, or from another NetWare server which it can contact and you can authenticate to

www.novell.com integrating netware ® and linux jim henderson novell support sysop novell support...

Documents