Telnet server, Services for unix mmc console, Activestate activeperl 5.6 – Dell PowerVault 725N (Rackmount NAS Appliance) User Manual

Telnet Server

The Telnet server works optimally for most installations. It accepts logins from a variety of clients, including the Telnet clients shipped with Windows 2000,
Windows NT, Windows 95, and Windows 98, as well as a variety of character mode terminal clients from virtually any operating system. In addition, it can be 
configured to meet specific site requirements such as improving security, simplifying logins, and supporting stream or console mode.

Authentication

The SFU Telnet server supports Windows NT LAN Manager (NTLM) for authentication of client logins. NTLM allows users to be automatically authenticated to
the Telnet server based on their Windows NT login. This makes using Telnet completely transparent to users, while ensuring that clear text passwords do not
pass over the network. However, NTLM must be supported on the client side of the login as well.

When users are logged in to a system that is using NTLM login, they are restricted to local drives on that system. If they need to map network resources, they
can do so by explicitly mapping with full credentials.

Administration

The Telnet server is administered using the SFU MMC snap-in or the tnadmin program.

The following options are available:

l

Authentication gives you the choice of NTLM or Username/Password.

l

Auditing allows you to set event logging to a separate log file or to the event log and to specify what events to log.

l

Server Settings allows you to set the following options:

¡

Maximum number of simultaneous connections.

¡

Maximum number of failed login attempts.

¡

Map <Alt> to <Ctrl><a>.

¡

Telnet port.

¡

Console or Stream for mode of operation.

¡

Default Domain Name is the domain name that is automatically added to the login username. The default is ".", which disables this feature.

¡

Idle Session Timeout is the time until an idle session is forcibly disconnected.

¡

Terminate all programs when disconnecting or Continue to run programs started with the command bgjob.

l

Sessions allows you to see data about the currently active sessions (such as user, domain, system, and logon date/time) and to either send a message
to the session or terminate it.

Services for UNIX MMC Console

SFU includes a single MMC for managing all of SFU. The MMC provides a cohesive management interface that allows you to administer all systems on the
network from any console. Further, since SFU supports the Windows management interface (WMI), management can be scripted from the command line.

You can access the MMC Console by selecting Computer Management under System Management on the Advanced Administration Menu. See "

Using the

PowerVault Advanced Administration Menu

" in "NAS Manager."

ActiveState ActivePerl 5.6

SFU includes ActiveState's ActivePerl 5.6, a full-featured port of Perl 5.6 and Perl Script to Windows Powered operating systems. Among other improvements,
ActivePerl 5.6 includes support for fork() emulation at the interpreter level, improving the portability of scripts and modules. ActivePerl also provides full
support for the Windows Script Host, making ActivePerl an excellent tool for system administration tasks.

User Name Mapping

User Name Mapping provides mapping of names between the UNIX and Windows environments. You can configure User Name Mapping from the SFU MMC
Console or by using the NAS Manager to configure properties for the NFS Sharing Protocol. With User Name Mapping, you can create simple maps between
Windows Powered user accounts and corresponding UNIX accounts. You can also use the Advanced Map feature to map accounts with dissimilar names.
Because UNIX user names are case-sensitive, and Windows Powered operating system names are not, the use of User Name Mapping can greatly simplify
maintaining and managing accounts in the two environments. User Name Mapping uses Network Information Service (NIS) or local Personal Computer Network
File System (PCNFS) user and group files to authenticate users. Also, User Name Mapping supports bidirectional one-to-many mapping, allowing you to map a
single UNIX or Windows Powered operating system account to multiple accounts in the other environment. For example, you can map more than one
administrative account in a Windows Powered operating system to the UNIX root account.

Special Mappings

By default, the root user for the UNIX client is mapped to an unmapped user. This setting is commonly known as "root squashing." When an NFS
authentication request is made for a user name mapped to an unmapped user, the result is an anonymous UID and GID (typically -2 and -1, respectively). Any
files created by such a user will show file ownership as an anonymous Windows user.

To create user and group name maps, perform the following steps:

Programming utilities

perl, od, sh, strings

Security utilities

chmod, chown, su

Process and general
utilities

cron, crontab, date, du, kill, nice, printenv, ps, rcmd, renice, sleep, atr, top, uname, wait, which, xargs

NOTE:

To prevent SFU from performing root squashing for specific NFS shares, the UNIX root user and group must be mapped to the Windows

administrator user and group. The "access type" for the NFS share's permissions must also be set to root for each applicable client or client group.