Setting Up and Managing Novell Native File Access for UNIX

This section explains how to set up and manage Native File Access for UNIX. It includes information on the following:

• Configuration Methods
• Configuring Server General Parameters
• Migration
• NFS Server
• NIS Server

Configuration Methods

Novell Native File Access for UNIX can be configured using ConsoleOne^TM and also by setting the file-based configuration parameters of the various components.

ConsoleOne-Based Configuration

To start ConsoleOne from the client, complete the following steps.

IMPORTANT:  Before starting ConsoleOne, ensure that you run NFSSTART on the server that you want to administer.

1. Start ConsoleOne from the server where Native File Access for UNIX is installed.

2. Click NFSAdmin and then the login toolbar icon.

3. Enter the tree name, context name, authorized username, and authorized password.

4. Click OK.

5. Enter the hostname or IP address and then click OK.

   IMPORTANT:  To log in successfully, make sure that your file server name and hostname are the same and that you have logged in to the tree of the server you want to administer. You will not be able to administer a NetWare NFS Services 3.0 on NetWare 5.1 from ConsoleOne on NetWare 6.

Figure 2
Novell Native File Access for UNIX Objects

WARNING:  After the Novell Native File Access for UNIX installation, two objects are created in the tree: NISUser / NISUserDef and NISSERV_Servername. These objects should not be deleted.

File-Based Configuration

The configuration (.CFG) files are used to configure the services. All of these files have the following format:

Within the .CFG files, a pound sign (#) indicates a comment.

In addition to these configuration files, there are specific files for exported volumes for the NFS Server and for the migration utility. All the configuration files are usually located in the SYS:\ETC directory. To configure the modules, you need to change the desired parameter value in the corresponding .CFG file and restart the module.

NOTE:  In a cluster environment, the configuration files will be located in the ETC directory of the shared volume.

Configuring Server General Parameters

The server general parameters required by Native File Access for UNIX are located in the NFS.CFG file. These parameters are common to NFS and NIS. When modifying this file, make sure you stop the services using nfsstop and restart using nfsstart.

File-Based Configuration of Server General Parameters

The following table lists the configuration parameters in NFS.CFG.

Table 1. Novell Native File Access for UNIX General Parameters

ConsoleOne-Based Configuration of Server General Parameters

This section explains the following tasks:

• Viewing the Server General Parameters
• Configuring the Server General Parameters

Viewing the Server General Parameters

1. In the ConsoleOne main menu, right-click the server you want to configure and then click Properties.

   The following panel appears:

   Figure 3
   Server General Parameters Panel
   

   These are the general parameters. The fields are read-only.

   Host Name---The name of the NetWare server.

   IP Address---The primary IP address of the NetWare server.

   Subnet Mask---The subnet mask that, when added to the IP address, provides the IP network number.

   Server Name---The name of the NetWare server.

   Operating System---The version of the operating system being used by the host.

   Context---The context or logical position of the server within the eDirectory tree.

   Tree---The current eDirectory tree.

   Time Zone---The world time zone reference for your area. The time zone is used for time stamps and to set time synchronization. The time zone reference is set during the NetWare installation.

Configuring the Server General Parameters

1. In the ConsoleOne main menu, right-click the server you want to configure and then click Properties > Directory Access.

   The following panel appears:

   Figure 4
   Server General Parameters - Directory Access Panel
   

   This panel contains the parameters that can be configured to set the directory access of NetWare NFS Server.

2. Modify the following Directory Access parameters as necessary:

   NDS---Sets the access to eDirectory.

   Search Root---Lists the Fully Distinguished Name of containers from where the search should start for users and groups only. The names are separated by commas. Make sure that the parameter has valid values whenever the eDirectory structure changes.

   NIS---Enables remote NIS.

   Enable NIS Client---Specifies whether the NIS Client is enabled or not.

   NIS Server---Specifies the remote NIS server name.

   NIS Domain---Specifies the domain served by that remote NIS.

3. Click OK.

4. Modify the following parameters as necessary:

   SNMP Alert Level---The level of SNMP alerts reported to SNMP management stations. Select an alert level from the drop-down list. You can also turn off SNMP reporting from this list.

   • None---Suppresses SNMP reporting.
   • Critical---Warns you about urgent problems that require immediate action to prevent widespread failure.
   • Major---Warns you about serious problems that require prompt action to prevent failure of the object and possibly some related objects.
   • Minor---Provides information about problems that can be addressed as work schedules permit.
   • Informational---Provides descriptive information that can be used for such things as trend analysis and planning.

   Each level incorporates the information from the levels listed above it. For example, if you select Minor, you also receive messages about major and critical alerts.

Migration

If you already have an UNIX NIS Server (text-based) and you want the new NetWare NIS Server to serve the same data served by the old NIS server, you can copy all those text files into the specified location and then run the migration utility to create eDirectory entries for a specified domain.

The migration utility creates the Domain object in the default context as well as two other containers in the same context with the names domainname_U and domainname_G. During the migration, the utility searches for existing eDirectory users and groups under the containers specified by the SEARCH_ROOT configuration parameter (specified in NFS.CFG) and, based on the migration option specified, modifies the UNIX information of those objects. If the objects are not found, the users are migrated to domainname_U and the groups are migrated to domainname_G. The rest of the data is migrated under the Map objects created under the Domain object.

IMPORTANT:  The User and Group objects will not be created under the passwd and group Map object. They will spread across the eDirectory tree and DomainName_U, DomainName_G depending upon the SEARCH_ROOT configuration parameter.

Maps can be migrated using the following three options:

UPDATE---(Default) Updates all existing objects' information with the new information. If no objects exist, it creates new ones.

REPLACE---Deletes all existing objects and creates new ones. For passwd and group maps, the old objects are not deleted.

MERGE---Retains all existing objects' information and logs them as conflicting records in the MAKENIS.LOG file. If no objects exist, it creates new ones.

Before migrating the users and groups, remove the password field ("*", "x", or "!") from the corresponding text file and then migrate. After doing this, you can set the UNIX password. This is done by making the UNIX machine an NIS client to the NetWare machine, logging in as that NIS user, and running an NIS client utility named YPPASWD to set the UNIX password.

NOTE:  The password for a migrated UNIX user (one who already has the password) cannot be set from an NIS client. A password can be set only for users who do not have a password.

For more information on UNIX user management, see UNIX User Management Using eDirectory .

File-Based Migration

Migration, by default uses the makefile SYS:ETC/NIS/NISMAKE, which contains the location of the text file for every map. The general syntax of the migration utility is:

makenis [-r resultfilename -[r]d domainname [-n context] [-f nismakefilename] {[mapname -[l|b]p line or byte object in mapname]...}

NOTE:  All options should be used only in the specified order.

• In general, to create a domain and migrate data or to use the existing domain object, use the following format:

  makenis -d domainname

  The parameter domainname is mandatory.

• To capture the results of the migration, use the following format:

  makenis -r resultfilename -d domainname

• To remove the existing domain data and then migrate, use the following format:

  makenis -rd domainname

• To specify the context where you want to create your Domain object and data, enter it as the contextname:

  makenis -d domainname -x contextname

  Edit the context parameter by prefixing each of the dots in the Relative Distinguished Names with a backslash (\) to distinguish them from eDirectory names.

• To specify an NIS makefile other than the default SYS:ETC/NIS/NISMAKE, use the following format:

  makenis -d domainname -f makefilepath

  To specify the text files that you want to migrate, modify the NIS makefile. The NIS makefile is in the following format:

  map name    full path    parameters (if any)

  The comment character is the pound sign (#).

  If nothing is specified, all the files in the makefile are migrated.

  For each map, you can specify the SECURE parameter so that only requests coming from secure ports are able to access the data. You can also specify the migration options: UPDATE, REPLACE, or MERGE.

  For the Password map, you can specify two additional parameters: -u uid (which stops users with a UID less than a particular value from migrating to eDirectory) and AUTOGEN (which generates a UID from the program itself).

  You must specify the text file in the full path in DOS name format.

• To migrate specific maps, use the following format:

  makenis -d domainname mapname1, mapname2

• To migrate a map from a particular offset in a specified map text file, use the following format:

  makenis -d domainname mapname -lp lineoffset

  Or

  makenis -d domainname mapname, -bp byteoffset

  Line offset is used to start migration from a particular line from the map text file. If the migration fails while migrating large maps, instead of migrating it again from the beginning, you can specify the byteoffset to start from the offset specified in the migration log file. For more details on this offset, refer to the description of the configuration parameter FILEMARK_LOG_FREQ in NIS.CFG.

ConsoleOne-Based Migration

1. In the left panel of ConsoleOne, click The Network.

2. Select the server's tree where you want to manage the domains and maps.

3. Click the toolbar M icon.

   The following panel appears:

   Figure 5
   Migration Panel
   

4. To migrate a domain, enter the NetWare Host Name/IP Address, Domain Name, and Domain Context.

5. To set the NIS Server as master for this specified domain, check Set the Specified Host As Master Server.

6. In the Master Server Info section, check Clear Existing Maps if you want to clear the maps already present.

7. Click the radio button for the type of the migration you want to perform: Replace, Update, or Merge.

8. To set the NIS Server as Slave Server, enter the Master Server Name/IP Address in the Slave Server Info section.

9. To migrate the domain for default maps, click Migrate.

   The available default maps are ethers, hosts, networks, protocols, RPC, services, passwd, group, netgroup, and bootparams. By default, these files should be present in SYS:\ETC\NIS.

10. To migrate the domain for specific maps, click Advanced to go to the Map Information panel.

    Figure 6
    Map Information Panel
    

    1. Click either Default Maps or Other Maps.

    2. Select the desired maps from the list, deselect the maps you do not want to migrate, and click OK.

11. To modify an existing map or add a new map, click Add to go to the Add Map panel.

    Figure 7
    Add Map Panel
    

    1. Enter the Map Name and the Text File name.

    2. If you want to enable secure access to the map, click Secure.

    3. In the Comment Character box, enter the comment character present in the specified text file and click OK.

       The default comment character is #.

12. Click Migrate.

Managing Users and Groups

You can add and modify the information of a User or Group object that already exists in eDirectory.

Modifying User Information

1. In the left panel of the ConsoleOne main menu, click the eDirectory tree where the object resides.

   If you do not find the tree, click Novell Directory Services and then select the tree and log in to it.

2. Double-click the container named domainname_U, where the User objects reside.

   The User objects under this particular container appear.

3. Right-click the User object whose properties you want to change and click Properties.

   The following panel appears, displaying the various tabs that should be specified to add and modify the user information in eDirectory.

   All the tabs except the UNIX Profile tabs are standard forms.

   Figure 8
   UNIX Profile Tab of User Properties Panel
   

4. To modify the UNIX user profile, click UNIX Profile and specify the information in the following fields:

   User ID---The users' UNIX UID.

   Primary Group---The group ID (GID) of the group this user belongs to. To enter the GID of the user, click Browse and select the appropriate group.

   Login Shell---The preferred login shell of the user.

   Home Directory---The home directory the user wants to be placed in while logging in to the system.

   Comments---Any other comments that the user might want to specify.

   Reset UNIX Password---Use to reset the user's UNIX password.

5. Click Apply > OK.

Modifying Group Information

1. In the left panel of the ConsoleOne main menu, click the eDirectory tree where the object resides.

   If you do not find the tree, click Novell Directory Services and then select the tree and log in to it.

2. Double-click the container domainname_G, where the Group objects reside.

   The groups under this particular container appear.

3. Right-click the Group object whose properties you want to change and click Properties.

   The following panel appears, showing the various forms which should be specified to add and modify the group information in eDirectory.

   All the forms except the UNIX Profile form are standard forms.

   Figure 9
   UNIX Profile Tab of Group Properties Panel
   

4. To modify the UNIX group profile, click the UNIX Profile tab and specify the information in the following field:

   Group ID---The group's UNIX GID.

5. Click Apply > OK.

Adding a New User or Group

To add a new user, do the following:

1. In the left panel of the ConsoleOne main menu, click the context where you want to add the new user.

2. Select File > New, and then click User.

3. Enter the user information.

To add a new group, do the following:

1. In the left panel of the ConsoleOne main menu, click the context where you want to add the new group.

2. Select File > New, and then click Group.

3. Enter the group information.

To make this newly added user/group an NIS User and NIS Group record, add the attribute nisUserGroupDomain to the object. This attribute holds a list of the domains to which that record belongs.

IMPORTANT:  When any update to a UNIX profile is done from ConsoleOne, execute NFSSTOP and NFSSTART, for NFS server to get the modified UNIX information.

Managing Migration Utility Log Files

When the migration utility, makenis is executed, the log file MAKENIS.LOG is created by default in SYS:\ETC\NIS. This file records messages that provide following information:

• The containers added such as domainname container, domainname_U (for users), domainname_G (for groups)
• The maps added and attached to the container
• Parsing statistics for each map. For example, the number of records read, migarated, conflict and invalid records
• Conflicting record details are logged

NFS Server

The NFS Server uses the following files:

• NFSSERV.CFG which contains the configuration parameters
• NFSEXPRT which contains the exported path information
• NFSTHOST which contains the trusted hosts list for the exported path

For more information on NFS Server, see NFS Server.

File-Based Management for NFS Server

NFS Server Configuration Parameters

The following table lists the parameters that can be set in NFSSERV.CFG:

Exporting NetWare Volumes and Directories

The Export Path information file, NFSEXPRT, contains the list of the paths that are exported from the system. It also gives the specified properties for the exported path.

This file contains one exported path per line. The format of each line is as follows:

ExportedPath isReadonly anonymousAccess mode webccess

• Exported Path---The directory path to be exported. For example /nfsvol.

• isReadOnly---Specifies whether to export the path in read-only mode or not. Values = 1 (read-only), 0.

• anonymousAccess---Specifies whether anonymous access to the exported path is allowed or not. Values = 1, 0.

• mode---Specifies the rights and permission mapping modes for the directory. Novell Native File Access for UNIX supports independent mode (value 512).

• Web---Specifies if Web access is allowed for this exported path. At any point in time, only one path can be enabled for Web access.

Example of an exported path:

/nfsvol 0 1 512 0

NFS Trusted Host File

The NFSTHOST file contains the list of all the trusted hosts that can access the exported directory. This is specified in conjunction with the NFSEXPRT file.

The format of every line is as follows:

Exported Path Host Name Access-Type Host/Hostgroup

• Exported Path---Gives the directory path to be exported. For example, /nfsvol.

• Host Name---Gives access to the client host named by the user. To give access to all hosts, select (*).

• Access Type (1, 2, 3)---Specifies the type of access to be granted to a specific host. The values it can take are as follows:

  • Trusted 1
  • RootAccess 2
  • ReadWriteAccess 3

• Host/Hostgroup (1, 0)---This field shows whether the Host Name specified is a Host or a Hostgroup. This field should always be set to 1 (Host).

Example of an exported directory:

/nfsvol nfs-sun2 3 1

/nfsvol nfs-sun2 2 1 

/nfsvol nfs-sun2 1 1 

/nfsvol * 3 1 

/nfsvol * 2 1 

/nfsvol * 1 1 

Removing an Exported Path

To remove an exported path, delete the corresponding directory entries from the files NFSTHOST and NFSEXPRT.

Getting the UNIX information from Remote NIS

For file system sharing by NFS server, the UNIX user and group information is obtained from eDirectory by default. This can be modified so that UNIX information is obtained from a remote NIS server. To set this, do the following:

1. Run NFSSTOP.

2. In the NFS.CFG file, set the parameters as follows:

   • NDS_ACCESS=0
   • NIS_CLIENT_ACCESS=1
   • NIS_DOMAIN= nis domainname
   • NIS_SERVER= servername which is servicing the specified domain

3. Run NFSSTART.

4. Load NFSSERV.

Starting and Stopping NFS Server

To start NFS Server enter at the system console, enter:

load nfsserv

To stop NFS Server enter at the system console, enter:

unload nfsserv

ConsoleOne-Based Management for NFS Server

This section describes how to manage the NFS Server from ConsoleOne.

NFS Server General Configuration Parameters

1. After logging in, click the server you want to administer from the list of servers under NFSAdmin in the ConsoleOne left panel.

   The NFS Server toolbar icon and the NFS Server on the menu bar are displayed.

2. To administer NFS Server, click NFS Server on the menu bar and then click Options.

   The following panel, which shows the NFS Server basic parameters and their default values, appears.

   Figure 10
   General Parameters in NFS Server Options Panel
   

3. Modify the following parameters as necessary:

   Request Q Alert Level---After what percentage of request queue utilization an SNMP alert is sent. Default = 90. Range = 20 - 99.

   Request Cache Alert Level---After what percentage of request cache utilization an SNMP alert is sent. Default = 90. Range = 20 - 99.

   Open File Cache Alert Level---After what percentage of open file cache utilization an SNMP alert is sent. Default = 90. Range = 20 - 99.

   Number of Open File Cache---Number of files the NFS server can have open simultaneously. Default = 512. Range = 32 - 1024.

   Open File Aging Interval---How many seconds the NFS server keeps a file's information in cache memory. When a file is held in cache, NetWare users cannot access it. Larger values produce better performance, but they also make NetWare users wait longer to access files that are being manipulated by NFS. Default = 60. Range = 0 - 2000. Open File Caching is disabled at 0.

   Number of Request Cache Entries---Number of requests that can be held in cache memory. Default = 256. Range = 64 - 512.

   Enable Cache Write Through---Whether cached data should be written to disk immediately or not. By default, the data is not written immediately.

   Transport Mode---Which transport mode NFS Server should support. The modes could be UDP, TCP, or Both. Default = Both.

   NFS Protocol Version---Version of the NFS protocol to be loaded. The values are 0/2/3.

   NFS File Creation Mask---File mode creation mask in Independent Mode for default UNIX permissions of files and directories created from the NetWare side.

4. To specify the advanced parameters, click Advanced on the NFS Server Options panel.

   The following panel, which shows the NFS Server advanced parameters and their default values, appears.

   Figure 11
   Advanced Parameters in the NFS Server Options Panel
   

5. Modify the following parameters as necessary:

   NFS V2 Threads---Number of NFS Server threads servicing the NFS 2 protocol. Default = 5. Range = 1 - 150.

   NFS V3 Threads---Number of NFS Server threads servicing the NFS 3 protocol. Default = 5. Range = 1 - 150.

   Mount V2 Threads---Number of NFS Server threads servicing the Mount V2 Requests. Default = 1. Range = 1 - 150.

   Mount V3 Threads---Number of NFS Server threads servicing the Mount V3 Requests. Default = 1. Range = 1 - 150.

   NFS V2 TCP Send Q Entries---Size of the TCP send queue for the NFS 2 protocol. Default = 30. Range - 1 - 150.

   NFS V3 TCP Send Q Entries---Size of the TCP send queue for the NFS 3 protocol. Default = 30. Range = 1 - 150.

   NFS V2 Q Entries---Size of the receive queue for the NFS 2 protocol. Default = 20. Range = 1 - 150.

   NFS V3 Receive Q Entries---Size of the receive queue for the NFS 3 protocol. Default = 20. Range = 1 - 150.

   Log File Path---Directory that NFS Server creates the log file in. Default directory is SYS:\ETC.

   Log File Name---Name of the NFS Server Log File. Default name is NFSSERV. A .LOG extension is automatically added.

   NFS Server Log Level---Indicates the types of messages to be logged.

6. Click OK.

Exporting NetWare Volumes and Directories

Exporting a directory enables NFS client users to view NetWare volumes and directories as part of the client file system.

You can export a NetWare path and manage it.

1. Make sure you have added the NFS name space, and then select Export New Path from the NFS Server drop-down list.

   The Export New Path panel appears.

   Figure 12
   NFS Server Export New Path Panel
   

2. To export a new directory, click the Browse icon in the upper-right corner of the panel.

   The Export Path panel appears.

   Figure 13
   Browse Panel for exporting NetWare Volumes and Directories
   

3. Double-click the server name to see the volumes with NFS name space.

4. Select the volume or directory you want to export and click OK.

5. On the Export New Path panel, modify the following fields as necessary:

   Export Path---Path of the directory to be exported.

   Access Control Mode---The access control mode that applies to this directory: independent mode.

   Read-Only---Indicates whether user access is limited to read-only. Selecting No (the default) provides all users with read/write access. Selecting Yes limits users to read-only access. If Yes is specified, even users on hosts identified as trusted are limited to read-only access. The same also applies to root users. To override this option, enter the name of that host in the Hosts with Read-Write Access field.

   Anonymous Access---Indicates whether the users Nobody and Nogroup can access the exported path. Selecting Yes (the default) provides these users with access. Selecting No denies access.

   Web Access---Enables WebNFS access for the selected directory when checked. At any point in time only one of the exported paths can be enabled for Web Access.

6. Click Add Trustee. Enter the hostname that you want to give exported directory/volume access to.

   An asterisk (*) will give access to all the hosts.

   You can also specify the type of access you want to give to the host.

7. Click the Trustee name on the Export New Path panel to set their access rights.

   Hosts with Root Access---The host whose users with root privileges have Admin rights to the exported directory. Select this field to display a list of these hosts. If a host with access is not specified as having root access, root users on that host have the rights of the NFS user Nobody.

   Hosts with Read-Write Access---The hosts with access whose users have read/write access to the exported path. Select this field to display a list of these hosts.

8. To remove a host from the Trustee list, select the trustee and click Remove Trustee.

Modifying the Exported Path

1. In the left panel of the ConsoleOne main menu, click the server that you want to administer.

   The Export icon appears in the right panel.

2. Double-click Exports to see the currently exported path.

3. Right-click the exported path you want to modify and then click Properties.

   You can now see the properties of the exported path and modify them.

4. Make the changes as required and then click OK.

Removing an Exported Path

1. In the left panel of the ConsoleOne main menu, click the server that you want to administer.

   The Export icon appears in the right panel.

2. Double-click Exports to see the currently exported path.

3. Right-click the exported path you want to delete and then click Remove.

Getting the UNIX information from Remote NIS

For file system sharing by NFS server, the UNIX user and group information is obtained from eDirectory by default. This can be modified so that UNIX information is obtained from a remote NIS server. To set this, do the following:

1. Run NFSSTOP.

2. Set the parameters in the NFS.CFG file as follows by following Steps 1 to 5 in Configuring the Server General Parameters.

   • NDS_ACCESS=0
   • NIS_CLIENT_ACCESS=1
   • NIS_DOMAIN= nis domainname
   • NIS_SERVER= servername which is servicing the specified domain

3. Run NFSSTART.

4. Load NFSSERV.

Starting and Stopping NFS Server from ConsoleOne

1. Click NFSAdmin and log in to the server that you want to administer.

2. Click the S icon on the toolbar to start/stop the NFS Server. The background color of the S icon indicates the status of the NFS Server Software.

Refreshing the Exported Paths View

If the NFSEXPRT file is modified outside ConsoleOne, then to view the current contents of the file, do the following:

1. In the left panel of the ConsoleOne main menu, click the server that you want to administer.

   The Export icon appears in the right panel.

2. Right-click Exports and then click Refresh to view the currently exported paths.

Managing NFS Server Log Files

When NFS Server service is running it logs messages into a log file named NFSSERV.LOG created by default in SYS:\ETC. This file records messages that provide following information:

• When and where the serivices are started and stopped
• Clients where the exported volumes are mounted.

NIS Server

There is an NIS Server object in eDirectory called NISSERV_Servername. This object is created during installation. Migration utility adds the domain details to this object when a domain is migrated. NIS Server will service the list of domains present in this object.

For information about NIS, see Network Information Service .

File-Based Management for NIS Server

NIS Server Configuration Parameters

The configuration parameters required for NIS Services is available in the file NIS.CFG. The following table lists the parameters in NIS.CFG.

Table 2. NIS Parameters

Setting Up a NetWare Server as a NIS Master

1. Copy the NIS related text files required for the domain from the
   UNIX machine (which are available in /ETC in UNIX) into SYS:\ETC\NIS.

2. (Conditional) If you want to set up other NIS server as slave to this NIS server, do the following:

   1. Create a text file called YPSERV in SYS:\ETC\NIS. For every slave server enter the hostname of the slave server in this file in the following format:

      slaveserverhostname1 slaveserverhostname1

      slaveserverhostname2 slaveserverhostname2

      NOTE:  The first field should not be IP Address.

   2. Enter the YPSERVERS map entry in SYS:\ETC\NIS\NISMAKE with its path in the following format:

      YPSERVERS SYS:\ETC\NIS\YPSERV

3. Migrate the domain. For migration information, see File-Based Migration.

4. Load NISSERV.NLM. Now the NetWare NIS Server is setup as Master NIS Server.

5. (Conditional) If the map data in NIS master is modified anytime, and the changes done needs to be updated in the slave servers immediately then execute the following command:

   yppush -d domainname [-v] mapname

   NOTE:  The changes done on the NIS master are automatically updated on the slave servers periodically.

Setting Up a NetWare Server as NIS Slave Server

1. While setting up the UNIX machine as the master, add the NetWare server name to the slave server list.

2. In the NetWare server, make sure that the parameter NIS_CLIENT_ACCESS=1 in the file SYS:\ETC\NFS.CFG.

3. Set the domain to the one that is being served by the UNIX NIS server, using the following command:

   ypset domainname hostname

4. Make sure NISSERV.NLM is loaded.

5. Run MKSLAVE, to setup the NetWare machine as slave, with the following parameters:

   mkslave -d domainname -m master [-x contextname]

Setting Up a NetWare Server as NIS Client

1. Run NFSSTOP.

2. In the NetWare server, make sure that the parameter NIS_CLIENT_ACCESS=1 in the file SYS:\ETC\NFS.CFG.

3. Run NFSSTART.

4. Set the default domain by entering

   ypset domainname hostname/IP_address

ConsoleOne- Based Management for NIS Server

Nis Server Configuration Parameters

To Configure The Parameters Required For Nis Services, Right-click The Nisserv_servername > Click Properties. A Panel Similar To The Following Appears:

Figure 14
Nis Server-general Parameters Panel

Map Refresh Frequency--- The Frequency At Which All The Records Of The Map Should Be Refreshed. Range = 1 To 2400 Hours (100 Days).

Log File Path---The Path In The Netware Server Where You Want To Write The Nis Log Files.

Maximum Log Messages---The Maximum Number Of Log Messages That Can Be Logged. The Information Is Specific To Each Log File. By Default The Last 5000 Messages Are Displayed. If The Number Of Log Messages Is Set To N, The Last N Messages Are Retained.

Log File Error Level---The Level Of Error Messages Written To The Audit.log File. Select An Error Level From The Drop-down List.

Enable Interdomain Resolution---Check This Box To Allow Interdomain Resolution. Dns Is Then Contacted For Hostname Resolution For Nis Client Calls On Host Maps Only.

Viewing Domains Served By NIS Server

To View The Domains Served By The Nis Server Right-click Nisserv_servername > Click Properties > Memberships Tab. A Panel Similar To The Following Appears.

Figure 15
Nis Server: Membership Panel

You Can Add Or Delete Domains From This Panel. For More Details, See The Online Help.

Setting Up a NetWare Server As a NIS Master

1. Copy the NIS related text files required for the domain from the
   UNIX machine (which are available in /ETC in UNIX) into SYS:\ETC\NIS.

2. (Conditional) If you want to set up other NIS server as slave to this NIS server, do the following:

   1. Create a text file called YPSERV in SYS:\ETC\NIS. For every slave server enter the hostname of the slave server in this file in the following format:

      slaveserverhostname1 slaveserverhostname1

      slaveserverhostname2 slaveserverhostname2

      NOTE:  The first field should not be IP Address.

   2. Enter the YPSERVERS map entry in SYS:\ETC\NIS\NISMAKE with its path in the following format:

      YPSERVERS SYS:\ETC\NIS\YPSERV

3. Migrate the domain. For migration information, see ConsoleOne-Based Migration.

4. Start NISSERV.

5. (Conditional)You can use the YPPUSH utility to update the Slave NIS Server.

   The YPPUSH utility copies a new version of the named NIS map from the master NIS server to the slave NIS servers. The YPPUSH utility is normally run only on the master NIS server after the master databases are changed and the changes need to be updated in the NIS slave servers immediately. The YPPUSH utility first constructs a list of NIS slave server hosts by reading the NIS map Ypservers within the same domain. Then a transfer map request is sent to the NIS server on each host.

   Right-click NISSERV_Servername > click Update Slave Server . A panel similar to the following appears:

   Figure 16
   YPPUSH Dialog Box
   

   Enter the required details such as HostName or IP Address of the Master Server, Domain Name, and Map Name. For more details, see the online help.

   NOTE:  The changes done on the NIS master are automatically updated on the slave servers periodically.

Setting up a NetWare Server As a NIS Slave Server

1. While setting up the UNIX machine as the master, add the NetWare server name to the slave server list.

2. In the left panel of ConsoleOne, click The Network.

3. Select the server tree where you want to manage the domains and maps.

4. Click the M icon on the toolbar to display the Migration panel.

5. To migrate a domain, enter the NetWare Host Name/IP Address, slave Domain Name, and context where the domain object is to be created.

6. To set the NIS Server as slave for this specified domain, uncheck Set the Specified Host As Master Server.

7. Enter the Master Server's Name /IP Address in the Slave server information.

8. To migrate the domain, click Migrate.

Configuring eDirectory Objects to be Served by NIS Server

NIS Server recognises eDirectory users/groups as NIS users/group only if they have a UNIX profile attached to them. To configure existing eDirectory user/group objects to be served by NIS Server, complete the following steps.

1. Choose the eDirectory User/Group object > right-click Properties > UNIX Profile. Enter the required fields in this page and move to the Other tab.

2. In the Other tab, choose Add > nisUserGroupDomain attribute.

3. Browse and select the NIS Domain Object to which you want to attach these Users and Groups.

   This is a multi-valued attribute and you can attach as many NIS Domains to this as you want. These Users and Groups now belong to these NIS Domains and will be listed under all these domains.

4. Verify if the eDirectory Context under which these User and Groups exist is listed in the NIS Domain object. Right-click Domain Object > Properties > Memberships tab.

   You can also create new NIS maps and NIS map records under NIS domain object as you create normal eDirectory objects.

   NOTE:  No objects will be there under the passwd and group map objects in the domain.

Managing NIS Data on eDirectory

After migration the NIS maps and records will be available as objects under the migrated NIS domain object.

Figure 17
Maps under the Migrated Domain

When a client call is made to this domain, the NIS Server will list the data present under the corresponding domain object. However, for user/group details, it will look for users and groups belonging to the domain under the contexts specified by an attribute of the domain object.

To view the list of contexts where the users and groups will be located, right-click Domain object > click Properties > Membership Tab. A panel similar to the following appears.

Figure 18
Domain Properties Panel

In case the NetWare NIS Server is a slave for a domain and the master NIS server for that domain is changed to some other server; to get the updates from the new master, you need to change the NIS master server name for the domain object present in the NetWare NIS slave server.

Right-click Domain object > click Change Master. A panel similar to the following appears:

Figure 19
Change Master Dialog Box

Enter the IP address of the new NIS master server. The NIS slave server will now contact the new master server for updates on all the maps under this domain.

You can view the properties for each map. Right-click Map object > click Properties. A panel similar to the following appears:

Figure 20
General Map Properties Panel

Map Master---The name of the master server serving this map.

Map Last Modified---The last time the map was modified by adding or removing records.

Is Map Secure---Sets the secure flag of the map when checked.

Description---Any general comments that you want to record.

Click each map to perform operations on it and to see the records present under the map.

To add an object to a map, right-click the map in the left panel, click New, select the object and then specify the details of the object in the dialog box.

While the panels for records on the same map are the same, they differ from map to map.

Administering Maps

The following figures show the main map panels and are followed by procedures for using each panel's basic fields. Using these panels, you can view or modify the map record's properties. The standard fields remain the same.

Figure 21
Ethers Map Records Properties Panel

This panel shows the Ethernet address of the host.

The standard address form is x:x:x:x:x:x, where x is a hexadecimal number.

Click the icon to enter the Ethernet address of the host, and then click Apply > OK.

Figure 22
Boot Map Records Properties Panel

1. To add the device's boot parameter, click Add, enter the boot parameter of the device in the Boot Parameter field, and then click Apply > OK.

2. To delete the device's boot parameter, select the boot parameter of the device in the Boot Parameter field, and then click Delete > Apply > OK.

Figure 23
Host Map Records Properties Panel

1. To add the host address, click Add, enter the IP address of the host, and then click Apply > OK.

   The network addresses are written in the conventional decimal dot notation.

2. To delete the host address, select the host's IP address from the IP Address field, and then click Delete > Apply > OK.

Figure 24
Netgroup Map Records Properties Panel

To add a netgroup address, enter the name of the Map Record, browse the icon for the Map Name, enter the description of the map, and then click Apply > OK.

Figure 25
Network Map Records Properties Panel

1. To enter the IP network number, click Browse, enter the network number, and click OK.

2. To enter the IP netmask number, click Browse, enter the netmask number, click OK, enter the description of the record, and then click Apply > OK.

Figure 26
Protocols Map Records Properties Panel

1. Enter the protocol number and a brief description of the record.

2. Click Apply > OK.

Figure 27
RPC Map Records Properties Panel

1. In the ONC RPC Number field, enter the RPC number of the program.

2. Enter a brief description of the record.

3. Click Apply > OK.

Figure 28
Services Map Records Properties Panel

1. In the IP Service Port field, enter the port number that this service is available on.

2. In the IP Service Protocol field, enter the protocol used to access the specified service.

3. Enter a brief description of the record.

4. Click Apply > OK.

Figure 29
General Map Records Properties

1. In the Map Record field, specify the map record using the following format:

   key record

2. Enter the map name that the record belongs to.

3. Enter a brief description of the record.

4. Click Apply > OK.

Starting and Stopping NIS Server from ConsoleOne

Right-click NISSERV_Servername object > click Start/Stop Services.

NOTE:  You can also start and stop the NIS Services by using the NIS Server menu. Make sure you refresh ConsoleOne after you change the status of NIS using the menu.