Administrator Tasks for Native File Access for Macintosh Services

Native File Access for Macintosh provides several ways to simplify your administration tasks and customize how Macintosh workstations interact with the network:


Creating Simple Passwords for Several Macintosh Users

You can create simple passwords for users one at a time using ConsoleOne®. But if you want to create passwords for several Macintosh users at once, you can add the CLEARTEXT option to the LOAD AFPTCP command at the server console. For example:

LOAD AFPTCP CLEARTEXT

When the CLEARTEXT option is added to the AFPTCP command, users logging in to the server from a Macintosh workstation are prompted to provide their NDS® username and NDS password. Once the NDS password is verified, a simple password is automatically created and stored in NDS. The simple password is the same as the NDS password.

The CLEARTEXT option is meant to be a temporary way to create simple passwords for many Macintosh users. After Macintosh users have created simple passwords, the AFPTCP NLMTM should be loaded without the CLEARTEXT option.

WARNING:  The CLEARTEXT option allows unencrypted passwords to be sent over the network. If you are concerned about someone capturing your password over the network, you should not use this option. Instead, you should manage passwords using ConsoleOne on the Administrator Workstation.


Editing the Context Search File

A context search file allows Macintosh users to log in to the network without specifying their full context. The context search file contains a list of contexts that are searched when no context is provided or the object cannot be found in the provided context. When the Macintosh user enters a username, the server searches through each context in the list until it finds the correct User object.

Macintosh allows only 31 characters for the username. If the full NDS context and username are longer than 31 characters, you must use a search list to provide access.

HINT:  Macintosh users do not need to enter a context or have an entry in the context search file if their User objects are placed in the same container as the Server object.

If User objects with the same name exist in different contexts, the first one in the context search list will be used.

To edit the context search file, do the following:

  1. Using any text editor, edit the CTXS.CFG file stored in the SYS:\ETC directory of the server running Novell® Native File Access Protocols.

  2. On separate lines, enter the contexts to search.

    For example, if you had users with full NDS distinguished names such as Robert.sales.acme, Maria.graphics.marketing.acme, Sophia.graphics.marketing, and Ivan.marketing.acme, then you would enter the following contexts to the CTXS.CFG file:

    sales.acme
    graphics.marketing.acme
    marketing.acme

  3. Save the file in the SYS:\ETC directory.

    The file is read the next time a Macintosh user logs in.

When Macintosh users log in, they enter only a username and the simple password. The system finds the User object in the context specified in the CTXS.CFG file.


Creating a Guest User Account

Novell Native File Access Protocols let you create a Guest User object. Macintosh users are accustomed to being able to log in as Guest with no password required.

  1. From the Administrator Workstation, use ConsoleOne to create a User object named Guest.

  2. Determine and assign the appropriate rights to the Guest object by double-clicking the Guest object and then clicking Rights to Files and Folders.

  3. Remove the ability for the user to change the password by clicking Restrictions and then unchecking Allow User to Change Password.

  4. Enable the Guest account by adding the full NDS context of the Guest object to the context search file as described in Editing the Context Search File.

  5. Unload and reload the AFPTCP.NLM program with the GUESToption to make the Guest button available on the login screen.

Any Macintosh user can now log in as Guest with no password and receive the access rights assigned to the Guest object.


Renaming Volumes

Volumes can be renamed so that they appear in Chooser under a different name.

  1. Using any text editor, create a file named AFPVOL.CFG.

  2. On separate lines, enter the current name of the volume and, in quotes, the new name of the volume. For example:

    server1.sys "System Volume"
    server1.img "Graphics"
    #The above volume contains image files.

    NOTE:  The pound sign (#) marks a line as a comment.

  3. Save the file in the SYS:\ETC directory of the server running Novell Native File Access Protocols.

    Once the volume has been renamed, it keeps the name even if you delete the file and restart the server. To return to the previous name, repeat these steps and rename the volume to its original name.

    For example:

    System volume "server1.sys".

  4. Unload and reload the AFPTCP.NLM program.

Volumes will appear to Macintosh users with the new volume names.