Netware access to Windows 2003 64-bit server
We are running a Windows 2003 server (64-Bit) and need file / volume access to a Netware 6.5 server.
A 64-bit client is current not available from Novell and apparently Novell will not be releasing a 64-bit client for Windows.
Is there anyway that we can access files from the Netware server without a Netware 64-bit client?
Someone said that there should be a way to join the Novell server to the Windows domain? Which is also a dark-area to me.
A 64-bit client is current not available from Novell and apparently Novell will not be releasing a 64-bit client for Windows.
Is there anyway that we can access files from the Netware server without a Netware 64-bit client?
Someone said that there should be a way to join the Novell server to the Windows domain? Which is also a dark-area to me.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Not huge ones. You won't have the password change facility, as you have no client, and you won't be able to set Netware file permissions. Standard network drive access, consistent with existing (albeit translated) file permissions should be no different to accessing a Windows server (except maybe faster :)
Plus, you'll get dynamic inheritance instead of static ACL's so you won't have the drawbacks of NTFS, like write permissions moving along with files to folders where users and groups aren't assigned to inherit write permissions.
It won't behave fully like a Windows/NTFS "share" - even though it's CIFS, it doesn't have the little goofy things that Microsoft has determined will be Windows-only by design, despite their claim of CIFS being a "standard."
If it's just for "normal" file access, just because you don't have a Novell client for the specific version of Windows on a device or 2, it's fine, I guess.
The biggest drawback is, if you use Simple Password instead of Universal Password, the password is sent clear-text, just like with NT4, so if you have someone sniffing your network for password traffic, it can be intercepted.
Although theoretically possilble with Universal Password, it's much less likely.
It won't behave fully like a Windows/NTFS "share" - even though it's CIFS, it doesn't have the little goofy things that Microsoft has determined will be Windows-only by design, despite their claim of CIFS being a "standard."
If it's just for "normal" file access, just because you don't have a Novell client for the specific version of Windows on a device or 2, it's fine, I guess.
The biggest drawback is, if you use Simple Password instead of Universal Password, the password is sent clear-text, just like with NT4, so if you have someone sniffing your network for password traffic, it can be intercepted.
Although theoretically possilble with Universal Password, it's much less likely.
There are a number of ways of reversing a universal password (try using the delimited text IDM driver to dump CN & nspmDistrubutionPassword to a text file using IDM), but since the client uses NICI to encrypt it for transmission over the wire you'd need the server's private key to decrypt the transmission. If you've already got that it's pretty much game over anyway, as it would be if you had rights to configure the aformentioned IDM driver.
There has to be a number of ways to reverse a universal password, otherwise it wouldn't be universal... ;)
I didn't say it was "impossible" to reverse, just "less likely" that someone sniffing the LAN will be able to.
Only "real" NetWare passwords are un-crackable (except by brute-force, which is thwarted pretty effectively by intruder lockout)
I didn't say it was "impossible" to reverse, just "less likely" that someone sniffing the LAN will be able to.
Only "real" NetWare passwords are un-crackable (except by brute-force, which is thwarted pretty effectively by intruder lockout)
ASKER
I managed to load CIFSSTRT on the netware server and created a "share folder".
Also included this in the AUTOEXEC.NCF
The CIFS SHARE command indicates that the "share-folder" was successfully been created.
The problem I am experiencing is to log in from the Windows side. After accessing the share-folder, Windows pops-up a login window, but no combination of user-context seems to work.
I have created a new user with "native Windows password control"
I've checked the cifsctxs.cfg file and confirmed that the context is listed
Even tried logging in "context.user" & "password" failed
What is the correct context to use from the Windows workstation?
A few alternatives that I've also tried:
Novell support suggested installing a new squence via ConsoleOne,
Right-click Login Policy under Security, Properties, sequence name: simplepassword
But the SimplePassword Object wasn't on the "left" to move to the "right"
Don't know if this could create any problem ...
As our Windows 2003 server is in domain mode, I followed article 10084607 on Novell support:
Enabling the CFIS signatures and updating the Domain Controller Security Policy
- Microsoft network server: Digitally sign communications (always) value = disabled
- Network security: LAN manager authentication level value = Send LM & NTL use NLMv2 session ...
Please help!
Also included this in the AUTOEXEC.NCF
The CIFS SHARE command indicates that the "share-folder" was successfully been created.
The problem I am experiencing is to log in from the Windows side. After accessing the share-folder, Windows pops-up a login window, but no combination of user-context seems to work.
I have created a new user with "native Windows password control"
I've checked the cifsctxs.cfg file and confirmed that the context is listed
Even tried logging in "context.user" & "password" failed
What is the correct context to use from the Windows workstation?
A few alternatives that I've also tried:
Novell support suggested installing a new squence via ConsoleOne,
Right-click Login Policy under Security, Properties, sequence name: simplepassword
But the SimplePassword Object wasn't on the "left" to move to the "right"
Don't know if this could create any problem ...
As our Windows 2003 server is in domain mode, I followed article 10084607 on Novell support:
Enabling the CFIS signatures and updating the Domain Controller Security Policy
- Microsoft network server: Digitally sign communications (always) value = disabled
- Network security: LAN manager authentication level value = Send LM & NTL use NLMv2 session ...
Please help!
You should be able to just use the userID without context if you followed the instructions alextoft pointed you to, to set search contexts.
It sounds like you've got a simple password issue.
If you don't have "simple password" available in your login policy lists, you need to do something else.
Look higher in your tree, in console one, just below the tree name object. You should have a grey padlock in a red box labeled "Security." That's the security container.
Do you have an object in the security container that's a skeleton-key on a blue box, labeled "Authorized Login Methods?"
If so, expand that and see if one of the methods shown is "Simple Password." If not, you need to install some NMAS methods, including Simple Password. If you don't know how to do that, please post back.
It sounds like you've got a simple password issue.
If you don't have "simple password" available in your login policy lists, you need to do something else.
Look higher in your tree, in console one, just below the tree name object. You should have a grey padlock in a red box labeled "Security." That's the security container.
Do you have an object in the security container that's a skeleton-key on a blue box, labeled "Authorized Login Methods?"
If so, expand that and see if one of the methods shown is "Simple Password." If not, you need to install some NMAS methods, including Simple Password. If you don't know how to do that, please post back.
ASKER
The "Siimple Password" method is not there ..
The only methods listed is:
"Challange Response", "Macintosh Native file access", "NDS" en "Windows Native File Access"
I tried adding a new method, but it only gives a list of TXT files. The Novell support site refers to installation CD 10, path: nmas\nmasmethods
please advise whether this is the correct way to add the method ... "Simple Password"
Regards, Rupert
The only methods listed is:
"Challange Response", "Macintosh Native file access", "NDS" en "Windows Native File Access"
I tried adding a new method, but it only gives a list of TXT files. The Novell support site refers to installation CD 10, path: nmas\nmasmethods
please advise whether this is the correct way to add the method ... "Simple Password"
Regards, Rupert
Hmmm. I wonder if "Windows Native File Access" is the functional equivalent of turning on Simple Password. I don't have 6.5, so I can't tell from experience. All I can do at this point is point you to the documentation.
http://www.novell.com/documentation/oes/native/data/acccz0a.html#acccz0a
http://www.novell.com/documentation/oes/native/data/acccz0a.html#acccz0a
ASKER
Thanks for your suggestions, I honestly think the CIFS module will resolve our problem. I will be testing the scenario later today, and will give feedback ASAP.
Is there any down-side / disadvantage of loading CIFS on the Novell file server, or using it for that matter?
Thanks, Rupert