Incorporating a NeXT computer into a UNIX, AppleTalk, or Novell NetWare network has always been possible, but it hasn't been easy. NeXTSTEP Release 3 includes client software that lets you use your NeXT computer to access files and printers from a Novell NetWare or AppleTalk network. As a bonus, support for Integrated Services Digital Network (ISDN) communication is included.
So, what do you need to do to take advantage of the new connectivity features, and what will you gain as a result? Let's take a look.
Novell NetWare
To access Novell NetWare servers, you first need to do some setup on the NetWare servers. Then you'll be able to use those network files and printers from your NeXT computer(s).
the setup To use the Novell client software, you need a PC network running NetWare 286 (version 2.15 or higher) or NetWare 386 (version 3.1 or higher). You also need to make a physical connection between your NeXT computer(s) and Novell network, either by connecting both to the same Ethernet segment or by using a bridge or IPX router to connect separate segments. On each of the NetWare servers, create a user account for each NeXT user who will access those servers. Make sure the NetWare accounts belong to the group EVERYONE, or the NetWare file and directory permissions won't map correctly to the UNIX permissions. With this minimal setup, you can access the files on the NetWare servers from your NeXT computer(s).
file access
Now that you've set up your NetWare servers, you can use NetWare-Manager, located in /NextAdmin, to enable NetWare access. When you start up NetWareManager, a panel appears asking if you want to enable NetWare. Once you've enabled NetWare, you need to reboot your computer to start the necessary daemons.
When you look in the File Viewer under /Net, you'll see NetWare. All the Novell file servers are listed in this directory. To access files on a Novell server, simply click the name of the server. An authentication panel appears asking you to log into the Novell server. Once you've logged in, you have access to the files on that server. You won't need to authenticate for that Novell server again until you reboot your computer.
You may find yourself logged into a NetWare server as one user and need to access the files as a different user. For example, you might need to log in as a user with Supervisor rights to perform some restricted manipulations on the files. When you log into a NetWare server, you're associating a NeXT user with a NetWare account. With NetWareManager, you can either log into the NetWare server with a different user account, or you can log in a different NeXT user. For example, if you've logged into your NeXT computer as tsmith and have logged into a NetWare server as tracy, you can use NetWareManager to log the NeXT user root into the NetWare server as supervisor. When you use su to gain root access on your NeXT computer, you can then manipulate the NetWare files with Supervisor permissions.
file names When you access files on a NetWare server, you're working with MS-DOS files, not with UNIX files. This has important ramifications for naming and permissions. DOS file names are restricted to eight characters with a three-character extension. Files created from a NeXT computer must meet these naming restrictions.
If, however, you have servers running NetWare 386 version 3.11 and have loaded two NetWare Loadable Modules (NLMs)-the NFS (Network File System) namespace module (NFS.NAM) and the NetWare UNIX Client module (NUC.NLM)-on your NetWare servers, and you add the NFS namespace to the server volumes, UNIX file names are supported. This means that files created on your NeXT computer will retain their names on the NetWare servers. DOS users will see longer names truncated to standard DOS file name format. Note that the UNIX namespace is referred to as the NFS namespace in all Novell documentation and server commands.
file and directory permissions UNIX file and directory permissions are handled differently from permissions in NetWare. Because of this, some translation of permissions goes on to keep files secure. If the volumes on the NetWare servers are using the DOS namespace, files accessed from a NeXT computer appear as if they were owned by the NeXT user (similar to the way files on a removable disk are treated). The only permissions that apply in this situation are the user permissions; group and other permissions aren't set. The user permissions for the file are those set for the NetWare user account you've used to log into the NetWare server.
For details on the equivalence between NetWare and UNIX file and directory permissions for the DOS namespace, see table 1.
table 1: comparing NetWare (DOS namespace) and UNIX permissions
NetWare UNIX file permissions Read (R) and File Scan (F) Read
Write (W) Write
-- Execute
Access Control (A) Assigned to file owner
All others --
directory permissions Read (R) and File Scan (F) Read and execute
Create (C), Erase (E), and Modify (M) Write
Access Control (A) Assigned to directory owner
Supervisory (S) and Write (W) --
If you're using NetWare 386 servers, and you've loaded the NLMs and added the NFS namespace to the volumes, permissions are handled differently. In this situation, you need to set up the files NFSUSERS and NFSGROUP on the NetWare server to map NeXT user IDs and group IDs to NetWare user names and group names. When files are accessed from a NeXT computer in this setup, the UNIX permissions are checked first. If the UNIX permissions allow access, the NetWare permissions are checked to verify access. When the file permissions are changed by a NeXT user, the NetWare permissions are updated, and vice versa.
For a summary of the relationship between UNIX and NetWare permissions for the UNIX namespace, see``rules for translating UNIX namespace permissions'' on page 24.
NetWare printers You use NetWareManager to set up access to a NetWare print server from a NeXT computer. Choosing the NetWare Printers command from the Configuration menu brings up a window that lists all the currently configured NetWare printers, as shown in figure 1.
figure 1: listing the NetWare printers
The Create button provides access to the Create Printer panel, which looks very similar to the Create New Printer panel in PrintManager. In this window, you enter the printer a name, select the printer type, and specify the NetWare file server, queue, and print server (figure 2). Once configured, the NetWare printer is available from the Print panel.
figure 2: configuring a NetWare printer
rules for translating UNIX namespace permissions
translating NetWare to UNIX
* NetWare Read (R) and Write (W) attributes are translated to UNIX read and write permissions.
* NetWare File Scan (F) permissions are translated to UNIX read and execute permissions.
* NetWare Create (C) and Write (W) attributes are translated to UNIX write permissions.
* If the user ID isn't listed in NFSUSERS or the group ID isn't listed in NFSGROUP, the user ID or group ID is converted to -2, which corresponds to NOBODY or NOGROUP.
* If the file or directory has the NetWare attribute READ ONLY, all write permissions areremoved.
* If the file or directory has the NetWare attribute TRANSACTIONAL, all write permissions are removed from the parent directory (unless the parent directory is "/").
* For a subdirectory, the presence or absence of NetWare Erase (E) and File Scan (F) rights is duplicated in all files or directories contained in the subdirectory.
translating UNIX to NetWare
* UNIX read file permissions are translated to NetWare Read (R) and File Scan (F) attributes, and UNIX write file permissions are translated to NetWare Write (W), Create (C), and File Scan (F) attributes.
* UNIX read directory permissions are translated to NetWare Read (R) and File Scan (F) attributes, and UNIX write directory permissions are translated to NetWare Write (W) and File Scan (F) attributes.
* The owner of a file or directory is granted the NetWare attribute Access Control (A).
* If the user ID or group ID associated with a file or directory is different from the corresponding ID on its parent directory, the NetWare Inherited Rights Mask (IRM) is set to S---E-F-.
* If permissions on a file are updated from a NeXT computer, the NetWare rights S--CEMF- are retained for the file.
* If permissions on a directory are updated from a NeXT computer, the NetWare rights SRW-EM-- are retained for the directory.
* If the parent of a file or directory isn't "/", the NetWare rights Erase (E) and File Scan (F) are granted if they are set on the parent directory.
* If there are no write permissions for owner, group, or other on the file or directory, the NetWare attribute READ ONLY is set.
creating a file or directory from a NeXT computer
* The owner of the new file is the owner of the parent directory--If the owner has write permission for the parent directory, the owner is granted the NetWare rights Erase (E) and Modify (M) for the new file. If the owner has read and execute permission for the parent directory, the owner is granted the NetWare right File Scan (F).
* The owner of the new file is not the owner of the parent directory but is a member of the group assigned to the parent directory--If the group is granted write permission for the parent directory, the group is assigned EM NetWare rights on the new file. If the group has read and execute permission for the parent directory, the group is assigned File Scan permission on the new file.
* The parent directory of the new file has write permission set for other--If other has write permission on the parent directory, EM NetWare rights are assigned to other on the new file. If other has read and execute permissions on the parent directory, File Scan NetWare rights are assigned to other on the new file.
AppleTalk network system Just as with Novell NetWare, you can access files and printers on an AppleTalk network system from a NeXT computer.
setup To begin, you need an AppleTalk system running on EtherTalk(R) connected to your NeXT network, possibly via a gateway.
Use the Installer application to install the AppleTalk package onto your hard disk from the Release 3 CD-ROM disc. Then use the Preferences application on your NeXT computer to enable access to AppleTalk. Simply click the apple button and then click Enable AppleTalk Networking (figure3). The next time you boot your computer, AppleTalk is enabled.
figure 3: enabling access to AppleTalk
With AppleTalk enabled, you'll see a new directory in the File Viewer under /Net-AppleShare. Under this directory, you'll find a list of the available zones and, beneath each zone, a directory for each of the file servers. If there aren't any zones, the server names appear directly under /Net/AppleShare. Double-clicking a server name brings up a login panel (figure 4). Here you can log in as a registered user or as a guest.
figure 4: logging into an AppleShare file server
file ownership and resource forks Once you've logged in, the AppleShare files show up in the File Viewer. Just as with Novell, because you're no longer looking at UNIX files, there are some things to watch out for. First, all AppleShare files appear to be owned by the logged-in user (much as they do with a removable disk). All the AppleShare Read, Write, and Search permissions are maintained. AppleShare files don't have their own access permissions but inherit the access permissions of their parent folder. A NeXT user can't change the permissions for a specific file on an AppleShare server but can change the permissions on the parent folder. Be forewarned that this affects all the files in that folder.
The second important file difference is resource forks. On Apple computers, files are made up of a resource fork, a data fork, or both. The data fork contains the file contents, while the resource fork holds system information. Data forks show up on a NeXT computer as the file name. Resource forks won't appear in directory listings on a NeXT computer.
On a NeXT computer, unlike on a Macintosh, the application owner is indicated by the file name extension. So if you're accessing a WriteNow document over AppleShare, you'll need to change the name to have a .wn extension to be able to open it in WriteNow on the NeXT computer. Because end-of-line characters aren't translated, paragraphing will be unpredictable.
AppleTalk printers You use PrintManager to set up access to a printer on an AppleTalk network. If AppleTalk is enabled, the Communications pop-up list in the Create Printer panel includes a choice for AppleTalk. Just select the printer type and then indicate the zone and printer you want to access, as shown in figure 5. From this point on, the printer on the AppleTalk network is available through the Print panel.
figure 5: configuring and AppleTalk printer
ISDN network support ISDN support in Release 3 falls into two categories: direct support of networking via ISDN and programming support with the Phone Kit. We address only the networking issues here. For more information on the Phone Kit, see Chapter 13 in NeXTSTEP General Reference: Release 3.
With ISDN, you can log into your network from your home computer (or any other remote computer) and work as if you were connected directly. ISDN communication is much faster than some other solutions, such as SLIP, and setup is a breeze. First, you'll need to set up the appropriate hardware. On each side of the connection, you need an ISDN phone line; a Network Termination Unit (such as an NT1U- 200) with a power supply, available from your phone company; and a Hayes ISDN Extender from Hayes Microcomputer Products, Inc.
configuring the network computer With the hardware equipment installed, you can configure the software. First, log into the machine on your network and start up PhoneManager. Click the Network button, as shown in figure 6.
figure 6: configuring the network computer
In this panel, you specify the host name and Internet address for the remote computer and the local ISDN device. If your network is set up for automatic host addition, the Internet addresses will already be inserted in the appropriate fields. If not, make sure you choose Internet addresses that aren't already in use and are consistent with your network address. When the remote computer calls in via ISDN, it will be identified by the Internet address and host name you choose here, and will be served by the indicated NetInfo domain. You can change the domain if you like.
To add an extra level of security, fill in the fields for Dial in Name and Dial in Password. When the remote computer calls in, users will be required to enter this name and password before they get to the regular login window. The name and password are used exclusively for the ISDN dial-in connection; it's not a regular user account.
Finally, make sure the Accept Connections button is checked. Your computer is now ready to accept incoming calls via ISDN.
configuring the remote computer Now set up the remote computer. Start up PhoneManager and click the Phone button, as shown in figure 7.
figure 7: configuring the remote computer for ISDN
Choose the type of switch used by your phone company-AT&T or Northern Telecom. If the switch is Northern Telecom, you need to enter a Service Profile ID number in the text field. This is used to identify your machine to the switch at your phone company and is typically the phone number of your ISDN telephone line or that number with a two-digit extension. Reboot the computer, and you're ready to go.
making a connection The login window now has a picture of a phone on it, as shown in figure 8.
figure 8: connecting to ISDN
Instead of logging in, click the phone, and the Connect panel appears. Enter the phone number of the network computer and click Connect. A short time later, you'll need to enter the dial-in name and password if they've been set. Then, the regular login window appears, and you can log into the network computer.
Obviously, communicating over a phone line isn't going to be as fast as if you were connected directly. Starting up an application may take as long as three or four minutes. You might want to install any frequently used applications on your local disk to speed things up. Similarly, you might want to copy onto your local disk any files you'll be opening and closing repeatedly and then copy them back when you're done.
There's a second choice for making a remote connection. You can log in locally and then use the PhoneConnector application to call the network. Once connected, you can mount remote file systems. You'll probably find that using the login window to make the connection works better.
changes for UNIX and other networks Incorporating NeXT computers into an existing UNIX network is pretty straightforward. Although there aren't any dramatic changes in how you accomplish this with Release 3, you may find the windows in SimpleNetworkStarter and HostManager a little easier to use.
With the addition of support for Novell, AppleTalk, and ISDN, your connectivity choices have expanded dramatically. As you can see, using any of the new features is quick and easy.
![[Index]](http://enterprise.apple.com/NeXTanswers/images/index.gif)
![[Download]](http://enterprise.apple.com/NeXTanswers/images/Download.gif)
