18.1 Overview of File Services

The file service components in OES include the following:

  • FTP Services: Lets users securely transfer files to and from OES servers.

  • NetWare Core Protocol: Provides NetWare Core Protocol (NCP) access to NCP volumes (including NSS volumes) that you define on OES server partitions.

  • NetStorage: Provides network and Web access to various file services through common file service protocols, such as CIFS.

    The NetStorage server doesn’t actually store files and folders. Rather, it provides access to other file services that support the native TCP/IP protocol.

  • Novell AFP: Provides native Macintosh access to files stored on an NSS volume on an OES server.

  • Novell CIFS: Provides native Windows (CIFS and HTTP-WebDAV) access to files stored on an NSS volume on an OES server.

  • Novell iFolder 3.9.22: Provides a Web-based and network-based repository (Novell iFolder server) that stores master copies of locally accessible files on the OES server.

  • Novell Samba: Provides Windows (CIFS and HTTP-WebDAV) access to files stored on an OES server’s file system.

The file service components in OES are generally compatible. However you cannot run Novell Samba on the same OES server as Novell AFP, Novell CIFS, or Domain Services for Windows, which is not reviewed as a file service, but includes an alternative Samba file service instead of Novell Samba.

18.1.1 Using the File Services Overviews

Each graphical overview in the following sections introduces one of the OES file service components. If visual presentations help you grasp basic concepts, continue with the following overviews. If you prefer to skip the overviews, go to Section 18.2, Planning for File Services.

18.1.2 FTP Services

OES 2015 SP1 offers a level of integration between eDirectory and Pure-FTP that allows users to authenticate to eDirectory for FTP access to the server. You simply select the Novell FTP Server pattern in the OES 2015 SP1 installation, then make sure the users needing access are LUM-enabled and have access rights to the areas on the server they need to use. You can also migrate an existing FTP server configuration from a NetWare server to OES 2015 SP1.

For migration instructions and a brief FAQ, see Migrating FTP to OES 2015 SP1 in the OES 2015 SP1: Migration Tool Administration Guide.

For documentation on Pure-FTP, visit the Pure-FTP Web site.

18.1.3 NetWare Core Protocol

NetWare Core Protocol (NCP) is the technology beneath many of the network services for which NetWare is famous.

In OES, NCP is also available on Linux. The Novell NCP Server for Linux provides the rich file services that Novell is known for. Windows and Linux users who run Novell Client software can access data, manage files and folders, map drives, etc., using the same methods as they do on NetWare servers.

Figure 18-1 illustrates the basics of NCP file services. For more information on how NCP can help you manage access to network resources, see Access Control and Authentication.

Figure 18-1 NCP Services for Linux and NetWare

The following table explains the information illustrated in Figure 18-1.

Table 18-1 NCP Access

Access Methods

Authentication

NCP Services

Access is through an NCP client—specifically, the Novell Client.

All file service access is controlled by eDirectory authentication.

Files are stored on NetWare or NCP volumes that the administrator has created.

The same core set of NetWare file attributes are available on both Linux and NetWare.

18.1.4 NetStorage

NetStorage makes network files available anywhere, any time.

Common Network File Storage Problems

Network file access is often confusing and frustrating to users, as illustrated in Figure 18-2.

Figure 18-2 Common Network File Storage Problems

The following table explains the information illustrated in Figure 18-2.

Table 18-2 NetStorage Access Solutions

Access Methods

Authentication

Target File Systems

Solution: NetStorage

Browser or PDA access is critical to those who must travel. However, access method support varies widely among file service providers.

Authentication helps protect information assets, but having diverse authentication methods leads to frustration and lost productivity.

Having diverse file storage services only adds to the complexity and confusion.

Novell NetStorage ties all of these issues together with an easy-to-administer, easy-to-use solution.

NetStorage

NetStorage on OES provides local and Web access to files on many systems without requiring the Novell Client (see Figure 18-3).

Figure 18-3 How NetStorage Works on OES

The following table explains the information illustrated in Figure 18-3.

Table 18-3 NetStorage on Linux

Access Methods

Authentication

NetStorage Server

Target Servers

Users have read and write access to files from

  • Windows Explorer: Enabled by the HTTP protocol with WebDAV extensions.

  • Browsers: Users can access files directly by connecting to the NetStorage server.

  • PDAs: PDA users with network connections can access their files as well.

Access is granted through login script drive mapping (NCP server required) or through Storage Location Objects.

File service access is controlled by LDAP-based authentication through the eDirectory LDAP server.

Although shown separately, eDirectory could be running on the OES server.

The NetStorage server receives and processes connection requests and provides access to storage on various servers on the network.

NetStorage on Linux can connect eDirectory users to their files and folders stored in the following locations:

  • Windows workgroup shares (CIFS or Samba shares)

  • Linux POSIX volumes through an SSH connection.

Linux volumes can also be made available as NCP volumes.

Management of NSS volumes on OES through NetStorage requires SSH access to the server. See When Is SSH Access Required?.

18.1.5 Novell AFP

The Novell AFP service lets users on Macintosh workstations access and store files on OES servers with NSS volumes (see Figure 18-4).

Figure 18-4 How Novell AFP Works

Table 18-4 AFP Access

Access Points

Authentication

eDirectory users on Macintosh workstations have native access to NSS volumes on the OES server.

All file service access is controlled by LDAP-based authentication through the eDirectory LDAP server.

18.1.6 Novell CIFS

The Novell CIFS service lets users on Windows workstations access and store files on OES servers with NSS volumes without installing any additional software, such as the Novell Client (see Figure 18-4).

Figure 18-5 How Novell CIFS Works for eDirectory Users

Table 18-5 CIFS Access for eDirectory Users

Access Methods

Authentication

eDirectory users on Windows workstations have two native Windows file access options:

  • CIFS Client Access: Windows Explorer users can access and modify files on the OES server just as they would on any workgroup server share.

  • Web Folder: Users can create Web Folders in Windows Explorer or Internet Explorer.

    Files on the OES server are accessed and maintained with the HTTP-WebDAV protocol.

All file service access is controlled by LDAP-based authentication through the eDirectory server.

Figure 18-6 How Novell CIFS Works for Active Directory Users

Table 18-6 CIFS Access for Active Directory Users

Access Methods

Authentication

Active Directory users gain access to CIFS file services as follows:

  1. The user presents a Kerberos ticket obtained from Active Directory to the Novell CIFS server.

  2. The CIFS server validates the ticket with Active Directory.

  3. After validation, files on the OES server are accessed and maintained through the CIFS protocol.

All CIFS file service access is controlled by Kerberos-based authentication and Active Directory.

18.1.7 Novell iFolder 3.9.22

Novell iFolder 3.9.2 supports multiple iFolders per user, user-controlled sharing, and a centralized network server for file storage and secure distribution (see Figure 18-7).

Figure 18-7 How Novell iFolder Works

The following table explains the information illustrated in Figure 18-7.

Table 18-7 iFolder Access

Access Methods

Authentication/File Encryption

Novell iFolder 3.9.2 Services

Linux, Mac, and Windows workstation users who have the Novell iFolder Client installed can access and modify their files in one or more workstation folders. Changes are automatically synchronized with the iFolder 3.9.2 Enterprise servers.

A Web interface lets users access their files from any computer with an active network or Internet connection.

All file service access is controlled by LDAP- based authentication through the eDirectory LDAP server.

Although shown separately, eDirectory could be installed on the OES server.

Files can be encrypted for transport using SSL connections (HTTPS).

Slave servers can be added as needed, providing the ability to dynamically grow iFolder services without disrupting users.

Local and network copies of each file are automatically synchronized by the Novell iFolder Client and Server pieces.

Additional overview information is available in the Novell iFolder 3.9.2 Administration Guide.

18.1.8 Novell Samba

Novell Samba on an OES server provides Windows (CIFS and HTTP-WebDAV) access to files stored on the OES server (see Figure 18-8).

Figure 18-8 How Samba on OES Works

The following table explains the information illustrated in Figure 18-8.

Table 18-8 Samba Access

Access Methods

Authentication

eDirectory users on Windows workstations have two native Windows file access options (if their eDirectory accounts have been enabled for LUM and Samba):

  • CIFS Client Access: Windows Explorer users can access and modify files on the Samba server just as they would on any workgroup server share.

  • Web Folder: Users can create Web Folders in Windows Explorer or Internet Explorer.

    Files on the OES server running Samba are accessed and maintained with the HTTP-WebDAV protocol.

All file service access is controlled by LDAP-based authentication through the eDirectory LDAP server.

Samba is an open source initiative. In addition to Linux support, Samba initiatives provide support for other platforms such as Apple Computer’s operating systems. More information is available on the Web.