3.11 Configuring Cross-Protocol File Locks for NCP Server

Enabling cross-protocol locks turns on the cross-protocol checking for physical record locks. This lets you concurrently run applications from Samba clients, Novell AFP clients, Novell CIFS clients, and NCP clients, so each recognizes when the other has the file in use. Enabling cross-protocol locks enables file share modes. File share modes allow an application to specify whether or not it allows other clients to read and/or write the file while it is using it. Commonly, this is used to allow other clients to read the same file but not write to it while the primary client is using it. Without share modes, applications incorrectly assume that they have exclusive access to a file.

NCP Server has an internal byte-ranging mechanism to prevent potential data corruption when files on NSS and NCP volumes are accessed by NCP clients. Cross-protocol file locking uses the Linux Advisory byte-range lock to prevent potential data corruption when files are accessed by non-NCP file access protocols and by other applications that directly access the files with POSIX APIs. By default, cross-protocol file locking is enabled (CROSS_PROTOCOL_LOCKS = 1) on OES 2015 SP1 servers. Cross-protocol file locking is enforced globally for all NCP and NSS volumes on the server.

Cross-protocol locks are enabled by default.

Non-NCP file access protocols include Novell Samba, Novell CIFS, and Novell AFP. Applications include any application or service that accesses data on an NCP volume or NSS volume, such as SSH, FTP, restore, scripts, antivirus, database, management tools, and so on.

For example, for any application that directly accesses files with POSIX APIs, you must enable CROSS_PROTOCOL_LOCKS in order for the Linux Advisory byte-range locks to work and prevent any potential data corruption.

NOTE:Disabling cross-protocol file locking can cause data corruption if any application or non-NCP file access protocol accesses the same data that is accessed via NCP. We recommend that you do not disable cross-protocol file locking, even if NCP is the only active file access protocol.

For better performance, you can disable cross-protocol file locking if you are not using non-NCP file access protocols and the files are not directly accessed by other applications. However, this is not recommended, because disabling cross-protocol file locking can cause data corruption.

3.11.1 Using Novell Remote Manager for Linux to Configure Cross-Protocol Locks

  1. In a Web browser, access Novell Remote Manager for Linux on the server, then log in as the root user.

    The URL is the IP address of the server (such as 192.168.1.1) and port 8009.

    https://192.168.1.1:8009
    
  2. Select Manage NCP Services > Manage Server to view the Server Parameter Information.

  3. Click the link for the CROSS_PROTOCOL_LOCKS setting.

  4. In New Value, type a 0 (disable) or 1 (enable), then click Change.

  5. On the Server Parameter Information page, verify that the new setting is displayed for the CROSS_PROTOCOL_LOCKS parameter.

3.11.2 Editing the /etc/opt/novell/ncpserv.conf File to Configure Cross-Protocol Locks

You can enable or disable cross-protocol locks support in the /etc/opt/novell/ncpserv.conf configuration file. Support is enabled by default.

To enable cross-protocol locks:

  1. Open the /etc/opt/novell/ncpserv.conf configuration file in a text editor.

  2. Add the CROSS_PROTOCOL_LOCKS option with the value of 1 as follows:

    CROSS_PROTOCOL_LOCKS 1
    
  3. Save the file.

  4. Restart the NetIQ eDirectory (ndsd) daemon by entering the following commands:

    rcndsd stop
    
    rcndsd start
    

To disable cross-protocol locks:

  1. Open the /etc/opt/novell/ncpserv.conf configuration file in a text editor.

  2. Modify the setting from 1 to 0 for the CROSS_PROTOCOL_LOCKS option as follows:

    CROSS_PROTOCOL_LOCKS 0
    
  3. Save the file.

  4. Restart the NetIQ eDirectory (ndsd) daemon by entering the following commands:

    rcndsd stop
    
    rcndsd start