5.1 Upgrading AFP File Services to OES
5.1.1 About AFP File Services in OES 2
Starting with OES 2 SP1, the AFP file services that were previously available only on NetWare® through the Native File Access Protocols (NFAP) service have now been ported to OES as Novell® AFP.
The Novell AFP service lets users on Macintosh workstations access and store files on OES 2 SP1 and later servers with NSS volumes without installing any additional software, such as the Novell Client™ (see Figure 5-1).
Figure 5-1 How Novell AFP Works
The following table explains the information illustrated in Figure 5-1.
|
Access Points |
Authentication |
AFP File Services |
|---|---|---|
|
eDirectory™ users on Macintosh workstations have native access to the OES 2 server. |
All file service access is controlled by LDAP-based authentication through the eDirectory LDAP server. Although shown separately, eDirectory could be installed on the OES 2 server. |
Of course, the same files can also be accessed through other OES file services (such as NetStorage) that connect to Linux volumes. |
5.1.2 Platform Differences in AFP File Services
The differences in AFP services on NetWare and OES 2 are summarized in the following table.
Table 5-1 Platform Differences in AFP File Services
|
Feature Description |
AFP for NetWare |
AFP for OES |
|---|---|---|
|
Administering |
Limited to starting and stopping the server. See |
Ability to configure AFP server parameters through iManager. See |
|
Filenames and Paths |
sys:\etc\ctxs.cfg sys:\etc\afpvol.cfg sys:\etc\afptcp.log |
/etc/opt/novell/afptcpd/afpdircxt.conf /etc/opt/novell/afptcpd/afpvols.conf /etc/opt/novell/afptcpd/afptcpd.conf /var/log/afptcpd/afptcp.log |
|
Installation |
Customized installation during installation of NetWare 6.5. See, |
Installation through YaST along with associated dependencies. See |
|
Simple Password support |
Yes |
No |
|
Universal Password |
Yes. Limited to 8 characters. |
Yes. Over 8 characters. |
|
Upgrade/migration support |
Not Applicable |
Support to upgrade AFP from NetWare to OES. See |
|
Mac versions supported |
Classic Mac, Mac OS* 10.3, 10.4 and 10.5 |
Mac OS 10.3, 10.4 and 10.5 |
|
Cross-protocol locking |
Supported among AFP, CIFS, and NCP™. |
Supported among AFP, CIFS, and NCP. |
|
Authentication methods |
Clear text |
Clear text Two-Way Random Key Exchange Random Exchange Diffie-Hellman Exchange |
|
Dynamic detection of volumes |
Yes |
Yes, but the AFP server needs to be reloaded. |
|
Choosing volumes to be exported |
Yes |
No. Exports all the volumes. |
|
Support for 64-bit architecture |
No |
Yes |
5.1.3 Planning to Transfer AFP Services
The OES 2 SP3 Migration Tool supports transferring AFP file services from NetWare to OES 2 SP3. The process is quite straightforward, but there are, of course, some planning steps that you must take to ensure a successful upgrade.
Requirements
Table 5-2 AFP Source and Target Server Requirements
|
Source Server |
Target Server |
|---|---|
|
NetWare 5.1 or later |
OES 2 SP3 |
|
The Novell AFP service pattern is installed but not configured. |
|
Data can be moved independently of the service. Users can always see what they have rights to see. |
Limitations
The OES 2 SP3 Migration Tool does not support transferring AFP services across eDirectory trees. However, AFP services can be effectively transferred by first moving the data to an OES 2 SP3 target server in the other tree, and then configuring AFP on the target server.
For details, see Migrating Data to a Server in a Different Tree
in the OES 2 SP3: Migration Tool Administration Guide and Installing and Setting Up AFP
in the OES 2 SP3: Novell AFP For Linux Administration Guide.
Universal Password
Although Simple Passwords were an option with AFP on Netware, Novell AFP requires Universal Password, as listed in Section 5.1.2, Platform Differences in AFP File Services.
The process of upgrading AFP services to OES ensures that a Universal Password policy is assigned to all of the eDirectory contexts listed for AFP users on the NetWare server. If users currently have a Universal Password policy assigned, the tool checks for compliance with AFP requirements and modifies the policy if required.
5.1.4 Upgrading AFP
You can use either of the two migration types offered by the Migration Tool to transfer AFP file services from NetWare to OES 2:
-
Consolidate: If you are transferring just the AFP service and associated data to an OES 2 SP3 server, you should perform a consolidation migration. For more information, see Section A.1.1, Consolidating Selected Data or Services.
-
Transfer ID: If you are transferring an entire NetWare server, including the AFP service and associated data, to an OES 2 SP3 server, you should transfer the entire server configuration. For more information, see Section A.1.2, Transferring an Entire NetWare Server.
To transfer Novell AFP from NetWare to OES 2, follow the instructions in Migrating AFP from NetWare to OES 2 SP3 Linux
in the OES 2 SP3: Migration Tool Administration Guide.
5.1.5 Post-Upgrade Checks
Verify Upgrade Success
After the process is complete, be sure to complete the instructions in Verifying the Migration Process
in the OES 2 SP3: Migration Tool Administration Guide.
Preparing for the First Login
You must do two things to ensure that users can authenticate seamlessly to the transferred AFP service:
-
Restart eDirectory with the environment variable NDSD_TRY_NDSLOGIN_FIRST set to TRUE.
-
Make sure that each user logs in for the first time by using either the Diffie-Hellman Exchange or clear-text authentication method.
For more information, see Cross-Platform Issues
in the OES 2 SP3: Migration Tool Administration Guide.