Chapter 4 NFS Server

This chapter describes how to set up and manage NFS Server on Windows 95 or Windows NT.

You can read background and procedural information throughout this chapter, or you can use the following references to go directly to a specific topic.

• "About NFS Server"

• "Enabling NFS File Services"

• "NFS Server on Windows NT"

• "Logging NFS Server Events on Windows NT"

• "NFS Server on Windows 95"

• "Logging NFS Server Events on Windows 95"

About NFS Server

NFS Server enables an NFS client to share directories, files, and devices with other Microsoft Windows and UNIX users connected to the network. The NFS Server runs as a daemon on a Windows 95 system and as a service on a Windows NT system.

The computer running the NFS Server program shares computer resources with other users on the network by "exporting" a folder or a device, such as a CD-ROM drive. Once the resource is exported, a coworker can mount that folder or device and access it from another Windows computer or from a UNIX workstation.

Enabling NFS File Services

The installation program automatically adds the Solstice NFS File Sharing as a network service for Windows NT systems and Solstice File and Printer Sharing for Windows 95 systems. The following instructions are provided in the event this component is removed and you need to add it again.

To Enable File Sharing on Windows NT

1. Click the Start button, point to Settings, click Control Panel, and then double-click Network.

   The Network dialog box opens.

2. Click the Services tab and click Add.

3. Select Solstice File Sharing and click OK.

   You return to the Network dialog box. Solstice File Sharing is added to the list of network services.

4. Select Solstice File Sharing, and then click Properties.

   The Solstice File Sharing Configuration window opens.

5. On the NFS Server tab, do the following:

   1. Verify that Enable Solstice NFS Server is selected.

      If not, click the option to select it.

   2. (Optional) Keep the Log NFS Server Activity option selected so that you have continuing access to the log of NFS Server activity and problems.

6. Click OK.

   You may be prompted to insert the Windows NT CD-ROM.

7. Click OK again.

8. Click Yes when asked if you want to restart your computer.

To Enable File and Printer Sharing on Windows 95

1. Click the Start button, point to Settings, click Control Panel, and then double-click Network.

   The Network dialog box opens.

2. Click Add.

   The Select Network Component Type dialog box opens.

3. Select Service and then click Add.

   The Select Network Service dialog box (Figure 4-1) opens.

   Figure 4-1 Select Network Service Dialog Box

   
   

4. In the Manufacturers list, select SunSoft, and in the Network Services list, select Solstice File and Printer Sharing (Figure 4-2).

   Figure 4-2 Selecting Solstice File and Printer Sharing

   
   

5. Click OK.

   You return to the Network dialog box. The Solstice network services you installed appear in the list of installed network components.

6. In the list of installed network components, select Solstice File and Printer Sharing and click Properties.

7. On the NFS Server tab, do the following:

   1. Verify that Enable Solstice NFS Server is selected. If not, select the option to ensure that NFS Server starts when Windows starts.

   2. (Optional) Keep the Log NFS Server Activity option selected (recommended) to get access to the log of NFS Server events.

8. Click OK.

   You return to the Network dialog box.

9. Click OK again.

   Windows 95 will inform you that you must restart Windows for your changes to take effect.

10. Click Yes when offered to restart Windows.

NFS Server on Windows NT

On Windows NT, NFS Server runs as a service. This allows NFS Server to run in the background without requiring that the user who provides the service be logged in.

By default, NFS Server is set to be started manually under the system Administrator's account (Local System Account.) You can change the setting to have NFS Server start automatically.

The NFS Sharing property sheet is accessible only to NT Power Users and above and is not displayed in accounts of ordinary users. The Sharing property sheet is accessible by means of two commands:

• The Properties command in the File menu in Windows Explorer

• The Sharing command after right-clicking a selected folder on a local drive

NFS Server supports only Version 2 of NFS over UDP.

NFS Server does not support file locking/sharing.

Running NFS Server

By default, the local system account is the Administrator's account. You must be logged in as an Administrator or as an NT Power User with Full Control access rights to carry out the following procedures.

To Start NFS Server from the Local System Account

1. Click the Start button, point to Settings, click Control Panel, and then double-click Services.

2. Select Solstice NFS Server and proceed as follows:

   • To start the service manually, click Start.

   • To start the service automatically, click Startup, select Automatic, click OK and then click Start.

3. Click Close.

   NFS Server will start the next time you start Windows NT.

To Start NFS Server from a Specific User Account

1. Click the Start button, point to Settings, click Control Panel, and then double-click Services.

2. Select Solstice NFS Server and click Startup.

3. In Log On As, click the option This Account.

4. Either type the account name manually, or click the More (...) button to select the account name from the Names list.

5. Type the password, confirm it, and then click OK.

To Stop NFS Server

1. Click the Start button, point to Settings, click Control Panel, and then double-click Services.

2. Select Solstice NFS Server and click Stop.

   An informational message indicates that the NFS Server service is stopped.

3. Click Close.

Granting Access to Shared Resources on Windows NT

You can grant access to a file or directory by selecting it in Explorer and designating it as an NFS shared folder or device. You can restrict access by system rather than by user, and by specifying Read-Only or Full access rights.

To Share Folders and Drives

1. If necessary, start NFS Server.

   Note that you can export folders and local drives without NFS Server running. However, the exported shares will not become available until you start NFS Server.

2. Start Explorer or My Computer.

3. In My Computer or in the Explorer folders pane, select the device or the folder that contains the files you want to share.

4. Right-click to open the pop-up menu and then click Properties.

   The property sheet for the selected device or folder opens.

5. Click the NFS Sharing tab.

6. Click the Shared As option.

   The name of the selected device or folder appears in the Share Name field. Optionally, replace the name with a name that is meaningful to users when they browse the PC as an NFS Server.

7. Specify the type of access.

   • Read-Only: Users of remote systems can display the contents of the shared folder or drive, or execute any executable therein. They cannot modify or delete any files or folders in the shared folder or drive.

   • Full: Users of remote systems can read, write, execute, and delete the shared folder or drive. These permissions are subject to restrictions that may apply on a folder or file-by-file basis on an NTFS file system.

8. Specify which access restrictions apply.

   • Click Unrestricted if you want to allow all network systems to access the shared folder or device with the type of access specified in Step 7.

   • Click Restricted and then click Access Restrictions. The Access List dialog box opens.

9. Complete the Access List dialog box as follows.

   1. Enter the name of the system whose users may access the shared folder or device, or select from the list of systems.

   2. Click Add.

      The system name appears in the Clients Granted Access field.

   3. Click OK.

      The Access List dialog box closes.

10. Click OK.

    The property sheet closes.

To Remove Access to Shared Resources on Windows NT

1. Start Explorer.

2. In the Explorer folders pane, select the device or the folder for which you want to revoke access.

3. Right-click to open the pop-up menu and then click Properties.

   The property sheet for the selected folder opens.

4. Click the NFS Sharing tab.

5. (Optional) Change the access type.

6. In Access Restrictions, select the Restricted option, and then click the Access List button.

   The Access List dialog box opens.

7. In Clients Granted Access, select the name of the system whose users may no longer access the shared folder or device, and then click Delete.

   If necessary, repeat the previous step for additional systems.

8. When you are finished, click OK to return to the property sheet.

9. Click OK.

   The property sheet closes.

   Users on the systems that were removed immediately lose access to the device or folders.

Viewing Exported Folders and Drives on Windows NT

Folders or local drives that are shared using Windows NT sharing options are recognized by the "folder with hand" icon in the Explorer window. Solstice NFS Server uses a different mechanism for identifying folders or local drives that are shared using NFS Server.

To View a List of Exported Folders and Drives

1. Double-click Network Neighborhood.

2. Double-click Entire Network and then double-click NFS Servers.

3. Browse for your Windows NT system.

4. Double-click the name of your system to display a list of your exported folders and drives.

5. (Optional) To view the share details, right-click an export and click Properties.

   If the export has been shared using NFS Server, then the same NFS Sharing Properties page that was used to specify the sharing attributes, opens.

How NFS Server Handles Access Requests from Remote Hosts

When NFS Server receives an access request from a remote host, it verifies the following.

• The requesting host is allowed access as defined in the NFS Sharing Access Restriction option.

• The access operation is allowed as specified in the NFS Sharing Access Type option (read only or full).

• The account under which NFS Server is running has the permission to perform the operation.

If the answer to any of these verifications is no, access to the exported share is denied. If the answer to all verifications is yes, access to the exported share is granted.

In order to share folders or drives, the user exporting the folder or drive must be an NT Power User or above. The NFS sharing property sheet is not visible to ordinary users. Once shared, the resource remains shared regardless of the current user logged in. Note that folders and drives can be shared using the Microsoft Sharing tab independently of using Solstice NFS Sharing.

Security Control When Sharing Folders and Drives

By default, NFS Server runs as a LocalSystem service from the system account. Usually, this is the Administrator's account which, also by default, has Full Control access rights. NFS Server does not change existing NT permissions on directories and files. If the remote system has Full access rights to the exported share, NFS Server exports the file system privileges of the local user (that is, the user account under which NFS Server is started) to the remote system. This is important in the case of Windows NT with an NTFS file system where files have been marked with additional security attributes.

In effect, a remote user on an NFS Client who accesses files on a Windows NT machine, has the privileges of the account under which the NFS Server service is started.

Limiting Remote System Access

You can limit the access privileges of users on remote systems as follows.

• Create a user account with limited access rights and permissions and configure NFS Server to run from that account. NFS Server will take on the security attributes specified for that account and export those privileges to the remote system. Refer to the Microsoft Windows NT Workstation or Server documentation for creating user accounts.

• For shared folders and drives that contain important files, restrict access to read-only or restrict access to well-known and trusted hosts.

Logging NFS Server Events on Windows NT

With NFS Server logging enabled, any interaction between the NFS clients and server is written in the Network Event's log file, which by default is named C:\LOGGING.TXT.

Enabling the logging of NFS Server events helps you isolate the problem when:

• A client fails to mount a PC folder or device from a server, and gets no response from that server.

• A client can mount a folder or device from a server, but cannot do anything with that folder or device while getting no error message.

• The error message does not clearly indicate whether the problem exists on the server, on the client, or on both.

You can view NFS Server events in two places:

• In the Solstice Network Event Log window and its associated C:\LOGGING.TXT log file.

• In the Windows NT Event Viewer window.

To Enable NFS Server Event Logging Using Solstice Network Event Log

1. Click the Start button, point to Settings, click Control Panel, and then double-click Network.

2. Click the Services tab.

3. Select Solstice File Sharing and click Properties.

4. Click the Logging tab.

5. Select the options Enable Network Event Log and Save Log Messages To File.

   The default file name is C:\LOGGING.TXT.

6. Click OK and then click Close.

7. Restart Windows NT when prompted.

8. Start the Network Event Log utility by double-clicking its icon in the Solstice Utilities program group.

   The Network Event Log window opens. You can configure event logging by clicking Display and then clicking Configure (see the following directions).

9. Minimize the Network Event Log.

   NFS Server events are recorded and displayed in the Network Event Log window but are not written out to the log file. Only after you exit Network Event Log will C:\LOGGING.TXT be updated with the current status of NFS Server events.

To Configure Network Event Log for NFS Server Events

1. If necessary, start Network Event Log from the Solstice Utilities program group.

2. From the Display menu, click Configure.

3. Complete the Network Event dialog box as follows.

   • (Optional) Adjust the time frame when events should be logged. The default is every 20 minutes.

   • To log the messages locally, click the option Log Messages To File and type the name of the log file (the default is C:\LOGGING.TXT).

   • To log the message on a remote host, click the option Log Messages To Host and type the name of a remote server that runs the syslogd program.

   • Select the severity level of the messages to be logged. Click the Help button to display the Network Event online Help, click the Index tab and type severity to display online information about available severity levels.

4. Click Save.

5. If you will start monitoring NFS Server events now, minimize (do not exit) Network Event Log.

   Messages will appear in the Network Event Log window as they occur. Only after you exit Network Event Log are these messages written into the C:\LOGGING.TXT log file.

To View NFS Server Events Using Event Viewer

1. From the Start menu, point to Programs, point to Administrative Tools, and then click Event Viewer.

2. Choose the Log menu and click Applications.

3. Isolate the events pertaining to NFS Server by choosing the View menu and clicking Filter Events.

4. Scroll through the Source list to view event generators, select Solstice NFS Server, and then click OK.

   NFS Server messages are displayed.

   Double-click an NFS Server message to display more details.

NFS Server on Windows 95

The NFS Server runs as a daemon on Windows 95, and enables the PC client to share folders and local files. The NFS Server supports version 2 of NFS over UDP. NFS Server does not support file locking.

Sharing Directories and Devices

To share PC folders and local drives with other users using NFS Server, the PC user must be running NFS Server and "export" one or more folders or drives, such as a CD-ROM drive. Once the PC user has exported the folders or drives, users from trusted hosts can mount that folder or drive and access it.

The PC user restricts access to the folders or drives by system, rather than by user, and by giving either Read Only or Full access rights.

Running NFS Server

When NFS Server is running, the NFS Server icon appears in the status area.

Right-click on the icon to open the NFS Server menu from which you can:

• Display a list of shared directories and devices

• Suspend the NFS Server temporarily

• Enable or disable NFS Server logging

• Access the NFS Server Help

• Exit NFS Server

Sharing Properties

Use the NFS Server and Logging property sheets for adjusting the default values used by the NFS Server.

Before you can modify these property sheet settings, you must first add Solstice File and Printer Sharing as a network component, if this was not done during the installation process. See "Enabling NFS File Services".

To Start NFS Server

From the taskbar, click the Start button, point to Programs, point to Solstice Utilities, and then click NFS Server.

NFS Server starts and its icon appears in the status area.

To Suspend NFS Server

1. Right-click the NFS Server icon in the status area.

2. Click Suspend.

   Users temporarily lose access to the shared folders and devices.

To Resume NFS Server

1. Right-click the NFS Server icon in the status area.

2. Click Resume.

   Users regain access to the shared folders and devices.

Granting Access to Shared Resources on Windows 95

You can grant access to a file or directory by selecting it in Windows Explorer and designating it as an NFS shared folder or device. You can restrict access to the folder or device by system, rather than by user, and by specifying read and write access rights.

To Grant Access to Shared Resources

1. Start Explorer.

2. In the Explorer folders pane, select the folder that contains the files you want to share, or select a device such as your CD-ROM drive.

3. Right-click and then click Properties in the pop-up menu.

4. On the NFS Sharing tab, select Shared As.

5. (Optional) Replace the name of the folder or the device with a new name.

6. (Optional) Specify the access type.

   • Click Full if you want to grant read, write, execute, and delete rights.

   • Click Read Only to limit the access to reading.

7. (Optional) Specify which access restrictions apply.

   • Click Unrestricted if you want to allow all network hosts to access the shared folder or device with the type of access specified in step 6.

   • Click Restricted and then click the Access List button to limit access to specific hosts.

8. Complete the Access List dialog box as follows:

   • Enter the name of the host whose users may access the shared folder or device, or select it from the list of host names.

   • Click Add. The host name appears in the Clients Granted Access field.

9. Repeat the previous step for additional systems.

10. When you are finished, click OK to return to the Properties sheet.

11. Click OK.

    Users on the selected systems gain immediate access to the shared resources.

To Revoke Access to Shared Resources

1. Start Explorer.

2. In the Explorer folders pane, select the folder (or the device) for which you want to revoke access.

3. Right-click and then click Properties in the pop-up menu.

4. On the NFS Sharing tab, do one of the following:

   • Select Not Shared to revoke access to all users of all hosts specified in the Access List.

   • Click the Access List button to open the Access List dialog box.

5. Select the host whose users should no longer have access to the folder or device, and then click Delete.

6. When you are finished, click OK to return to the Properties sheet.

7. Click OK.

   The Properties sheet closes.

   The selected folder or device is no longer shared and network users immediately lose access.

Logging NFS Server Events on Windows 95

With NFS Server logging enabled, any interaction between the NFS clients and server is written in the NFS log file c:\LOGGING.TXT.

To start NFS Server logging, you must enable both NFS Server logging and Network Event logging.

To Enable NFS Server Logging

If logging of NFS Server events has not been enabled in the Network control panel, you can start the logging manually.

1. Right-click on the NFS Server icon in the status area.

   The NFS Server menu opens.

2. Select NFS Logging if it is not already selected.

3. Start the Network Event Log from the Solstice Utilities program group.

   The Network Event Log window opens.

4. Configure Network Event Log.

5. Minimize the Network Event Log.

   NFS Server events will initially be recorded and displayed in the Network Event Log window and not in the C:\LOGGING.TXT file. Only after you exit Network Event Log will C:\LOGGING.TXT be updated with the current status of NFS Server events.

To Configure Network Event Logging

1. Click the Start button, point to Programs, point to Solstice Utilities, and then click Network Event Log.

   The Network Event Log window opens.

2. On the Display menu, click Configure.

   The Network Event Log dialog box opens.

3. Set the desired options, such as how frequently network events are to be written, the name of the log file, the severity levels of the messages you want to record, and so on.

   Click Help for detailed information on each option.

4. Click Save.

5. Minimize the Network Event Log.

   Activities can be logged as they occur.

To Disable NFS Server Logging

1. Right-click the NFS Server icon in the status area.

   The NFS Server menu opens.

2. Click NFS Logging.

   The check box is no longer selected.