|   | |
| Sun Java System Portal Server Secure Remote Access 6 2005Q1 Administration Guide | |
Chapter 10
Configuring NetFileThis chapter describes how to configure NetFile from the Sun Java System Access Manager administration console.
Note
Click Help at the top right corner of the Access Manager administration console, and click SRA Help for a quick reference on all the SRA attributes.
To Configure NetFile Attributes
- Log in to the Access Manager administration console as administrator.
- Select the Identity Management tab.
- Select Organizations from the View drop-down list.
- Click the required organization name. The selected organization name is reflected as the location in the top left corner of the administration console.
- Select Services from the View list box.
- Click the arrow next to NetFile under SRA Configuration.
From here, click the appropriate tab.
The tabs and the attributes that can be configured under each are listed below.
The Hosts TabUsing the Hosts Tab, in the NetFile service, you can perform the following tasks:
Specify the OS Character Set
You can specify the character set used as the default encoding for communicating with hosts. The default value is UTF-8.
Caution
If the character set is not specified correctly, the behavior of the machine and error messages that appear cannot be predicted.
To Specify the OS Character Set
- Log in to the Access Manager administration console as administrator.
- Select the Identity Management tab.
- Select Organizations from the View drop-down list.
- Click the required organization name. The selected organization name is reflected as the location in the top left corner of the administration console.
- Select Services from the View list box.
- Click the arrow next to NetFile under SRA Configuration.
The NetFile page is displayed.
- Click the Hosts tab, subsection Config.
- Scroll to the OS Character Set field and select the character set code.
- Click Save to record the change.
Specify Host Detection Order
To Specify the Host Detection Order
- Log in to the Access Manager administration console as administrator.
- Select the Identity Management tab.
- Select Organizations from the View drop-down list.
- Click the required organization name. The selected organization name is reflected as the location in the top left corner of the administration console.
- Select Services from the View list box.
- Click the arrow next to NetFile under SRA Configuration.
The NetFile page is displayed.
- Click the Hosts tab, subsection Config.
- Scroll to the Hosts Detection Order field and select a host type.
- Use the Move Up and Move Down buttons to change the host detection order.
- Click Save to record the change.
Configure a Common Hosts List
You can configure a list of hosts to be available through NetFile to all remote NetFile users. You need to specify the following information for each host that you add:
Host Name—You can type either the host name or the fully qualified name. If the host name that you have provided matches the host name configured by the user, the two sets of information are merged and the user-specified values override the values that you specified.
For example, suppose you have configured 4 common hosts - sesta, siroe, florizon, and abc. A user configures 3 hosts out of which 2 are sesta and siroe. User-specified values override administrator-specified values in such conflict situations. florizon and abc are also listed in the user’s NetFile, and the user can carry out various operations on those hosts. In case you have listed florizon in the Denied Hosts List, florizon is listed in the user’s NetFile, but no operation can be carried out on florizon.
Host Type—If the user has already added a host that is listed in the Common Hosts list, the user setting takes precedence. If a conflict in the type exists, the shares added by the administrator are not added for that user. If the user and the administrator add the same share, the share is added, but the password set by the user takes precedence.
Encoding—If a conflict exists between the value specified here and the user setting, the user setting takes precedence. If you have specified a blank or invalid setting, the character set of the client OS (user’s machine) is used.
To Configure the Common Hosts List
- Log in to the Access Manager administration console as administrator.
- Select the Identity Management tab.
- Select Organizations from the View drop-down list.
- Click the required organization name. The selected organization name is reflected as the location in the top left corner of the administration console.
- Select Services from the View list box.
- Click the arrow next to NetFile under SRA Configuration.
The NetFile page is displayed.
- Click the Hosts tab, subsection Config.
The NetFile page is displayed.
- To add a common host:
- To delete a common host from the Common Hosts list:
Specify the Default Domain
You can specify the default domain that NetFile needs to use to contact allowed hosts.
This default domain value is applicable only if the user does not specify a fully qualified host name while adding a host using NetFile.
Caution
Ensure that the Default Domain field is not blank, and that it contains a valid domain name.
To Specify the Default Domain
- Log in to the Access Manager administration console as administrator.
- Select the Identity Management tab.
- Select Organizations from the View drop-down list.
- Click the required organization name. The selected organization name is reflected as the location in the top left corner of the administration console.
- Select Services from the View list box.
- Click the arrow next to NetFile under SRA Configuration.
The NetFile page is displayed.
- Click the Hosts tab, subsection Config.
- Scroll to the Default Domain field and type the default domain name.
- Click Save to record the change.
Specify the Windows Domain/Workgroup
This is the default Microsoft Windows domain or workgroup which the users choose to access a Microsoft Windows host.
A user can override this value by specifying a different value while adding a machine.
To Specify the Default Windows Domain or Workgroup
- Log in to the Access Manager administration console as administrator.
- Select the Identity Management tab.
- Select Organizations from the View drop-down list.
- Click the required organization name. The selected organization name is reflected as the location in the top left corner of the administration console.
- Select Services from the View list box.
- Click the arrow next to NetFile under SRA Configuration.
The NetFile page is displayed.
- Click the Hosts tab, subsection Config.
- Scroll to the Default Windows Domain/Workgroup field and type the default domain or workgroup name.
- Click Save to record the change.
Specify the Default WINS/DNS Server
This is the WINS/DNS server NetFile uses to access Microsoft Windows’ hosts.
To Specify the Default WINS/DNS Server
- Log in to the Access Manager administration console as administrator.
- Select the Identity Management tab.
- Select Organizations from the View drop-down list.
- Click the required organization name. The selected organization name is reflected as the location in the top left corner of the administration console.
- Select Services from the View list box.
- Click the arrow next to NetFile under SRA Configuration.
The NetFile page is displayed.
- Click the Hosts tab, subsection Config.
- Scroll to the Default WINS/DNS Server field and type the default Microsoft Windows or DNS server name.
- Click Save to record the change.
Specify Access to Different Types of Hosts
You can specify whether users can access specific hosts such as Microsoft Windows, FTP, NFS or Netware hosts. You can set the option to allow or deny access to each type of host. All these options are enabled by default.
To Specify Access to Different Types of Hosts
- Log in to the Access Manager administration console as administrator.
- Select the Identity Management tab.
- Select Organizations from the View drop-down list.
- Click the required organization name. The selected organization name is reflected as the location in the top left corner of the administration console.
- Select Services from the View list box.
- Click the arrow next to NetFile under SRA Configuration.
The NetFile page is displayed.
- Click the Hosts tab, subsection Access.
- Click the host type to which access is enabled.You can choose to enable:
- Click Save to record the change.
Configure the Allowed Hosts List
By default, users are allowed to access all the hosts through NetFile because of the * entry in this list. If you want to change that, remove the * entry and specify only those hosts to which users need to have access through NetFile, in this list. Alternatively, you can keep the * entry here, and specify the hosts to which you want to deny access in the Denied Hosts list. In that case, all the hosts except the ones specified in the Denied Hosts list are allowed access.
See Configure the Denied Hosts List for details.
To Create the Allowed Hosts List
- Log in to the Access Manager administration console as administrator.
- Select the Identity Management tab.
- Select Organizations from the View drop-down list.
- Click the required organization name. The selected organization name is reflected as the location in the top left corner of the administration console.
- Select Services from the View list box.
- Click the arrow next to NetFile under SRA Configuration.
The NetFile page is displayed.
- Click the Hosts tab, subsection Access.
- Scroll to the Allowed Hosts field. Type the names of the hosts to which you want to allow access in the edit field and click Add.
The host name is added to the Allowed Hosts list box.
- Click Save to record the changes.
Configure the Denied Hosts List
After specifying the list of commonly available hosts under Configure a Common Hosts List, you can also specify a list of hosts to which users are denied access through NetFile.
To Create a Denied Hosts List
- Log in to the Access Manager administration console as administrator.
- Select the Identity Management tab.
- Select Organizations from the View drop-down list.
- Click the required organization name. The selected organization name is reflected as the location in the top left corner of the administration console.
- Select Services from the View list box.
- Click the arrow next to NetFile under SRA Configuration.
The NetFile page is displayed.
- Click the Hosts tab, subsection Access.
- Scroll to the Denied Hosts field. Type the names of the hosts to which you want to deny access in the edit field.
- Click Add.
The host name is added to the Denied Hosts list box.
- Click Save to record the changes.
The Permissions TabUsing the Permissions tab, in the NetFile service, you can allow or deny permission for users to perform the following tasks from remote hosts:
This option lets you specify whether a user can use different IDs to connect to hosts using NetFile. In a large organization, users may have multiple user IDs. You may want to restrict users to use a single user ID. In that case, you can disable the Allow Changing User ID option. This prevents all the users in the specific organization from changing their user ID, and limits them to using a single ID (the desktop login ID) to connect to hosts using NetFile. In another situation, a user may have different login IDs on different machines, in which case, you may want to allow the user to change the ID as required.
This option is applicable to NT domains.
If the user specifies an invalid domain name in the User NT Domain name field while adding a system, an error message is displayed. If the user edits the host information later, and specifies an invalid domain name, an error message does not appear.
If the user specifies a domain name, the username and password for that domain also needs to be specified. If the username and password for the host needs to be used, the user needs to remove the domain from the User NT Domain name field.
The permission options are enabled by default.
To Enable/Disable Permissions
- Log in to the Access Manager administration console as administrator.
- Select the Identity Management tab.
- Select Organizations from the View drop-down list.
- Click the required organization name. The selected organization name is reflected as the location in the top left corner of the administration console.
- Select Services from the View list box.
- Click the arrow next to NetFile under SRA Configuration.
The NetFile page is displayed.
- Click the Permissions tab.
- Scroll to the required Allow field and click the checkbox to allow permission.
- Click Save to record the change.
The View TabUsing the View tab, in the NetFile service, you can perform the following tasks:
Specify the NetFile Window Size
You can specify the size of the NetFile window in pixels on the user’s desktop. The default value is 700|400 in pixels. If you enter an invalid value, NetFile uses the default value.
To Specify the Size of the NetFile Window
- Log in to the Access Manager administration console as administrator.
- Select the Identity Management tab.
- Select Organizations from the View drop-down list.
- Click the required organization name. The selected organization name is reflected as the location in the top left corner of the administration console.
- Select Services from the View list box.
- Click the arrow next to NetFile under SRA Configuration.
The NetFile page is displayed.
- Click the View tab.
- Scroll to the Window Size field and type the required window size in pixels.
Type the value in the format 700|400 without any spaces. The coordinates are in the form x|y. No other character should be used as a separator.
- Click Save to record the change.
Specify the NetFile Window Location
You can specify the location where the NetFile window displays on the user’s desktop. The default value is 100|50 in pixels. If you enter an invalid value, NetFile uses the default value.
To Specify the Location of the NetFile Window
- Log in to the Access Manager administration console as administrator.
- Select the Identity Management tab.
- Select Organizations from the View drop-down list.
- Click the required organization name. The selected organization name is reflected as the location in the top left corner of the administration console.
- Select Services from the View list box.
- Click the arrow next to NetFile under SRA Configuration.
The NetFile page is displayed.
- Click the View tab.
- Scroll to the Window Location field and type the required window location coordinates.
Type the value in the format 100|50 without any spaces. The coordinates are in the form x|y. No other character should be used as a separator.
- Click Save to record the change.
The Operations TabUsing the Operations tab, in the NetFile service, you can perform the following tasks:
Specify the Temporary Files Directory
NetFile needs a temporary directory for some file operations such as mailing files. The default temporary directory is /tmp. The temporary files are deleted after the required operation has been carried out.
The specified temporary directory is created if it does not exist on the server.
Ensure that the ID with which the web server is running (such as nobody or noaccess) has rwx permissions for the specified directory. Also ensure that the ID has rx permissions for the entire path to the required temporary directory.
To Specify a Temporary Directory
- Log in to the Access Manager administration console as administrator.
- Select the Identity Management tab.
- Select Organizations from the View drop-down list.
- Select Services from the View list box.
- Click the arrow next to NetFile under SRA Configuration.
The NetFile page is displayed.
- Click the Operations tab, Traffic subsection.
- Scroll to the Temporary Directory Location field and type the required temporary directory location.
- Click Save to record the change.
Set the File Upload Size Limit
You can specify the maximum size of the files that can be uploaded in this field. If the size of the file being uploaded exceeds the limit specified here, an error message is displayed and the file is not uploaded. The default value is 5 MB. If you enter an invalid value, NetFile resets the value to the default.
You can specify different file upload size limits for different users.
To Set the File Upload Size Limit
- Log in to the Access Manager administration console as administrator.
- Select the Identity Management tab.
- Select Organizations from the View drop-down list.
- Click the required organization name. The selected organization name is reflected as the location in the top left corner of the administration console.
- Select Services from the View list box.
- Click the arrow next to NetFile under SRA Configuration.
The NetFile page is displayed.
- Click the Operations tab, Traffic subsection.
- Scroll to the File Upload Limit field. Type the required size limit in mega bytes.
- Click Save to record the change.
Specify the Search Directories Limit
You can configure the maximum number of directories that can be searched in a single search operation. This limit helps reduce network clogging and increases the speed of access if a number of users are logged in simultaneously. The default value is 100. If you type an invalid value, NetFile resets the value to the default.
Suppose a user has a directory called A. Assume that A has 100 subdirectories. If you specify the maximum directories to be searched as 100, the search operation goes through directory A and stops. The search does not proceed through the other directories in the user’s machine since the limit of 100 was reached with directory A. The search results accumulated until the search limit is reached are displayed to the user along with an error message stating that the search exceeded its limit. To continue the search, the user must manually restart the search at the next directory.
The search operation is carried out in a depth-first manner. This means that the search operation is carried out in all the subdirectories of the directory that the user selected, before moving on to the next directory.
To Specify the Search Directories Limit
- Log in to the Access Manager administration console as administrator.
- Select the Identity Management tab.
- Select Organizations from the View drop-down list.
- Click the required organization name. The selected organization name is reflected as the location in the top left corner of the administration console.
- Select Services from the View list box.
- Click the arrow next to NetFile under SRA Configuration.
The NetFile page is displayed.
- Click the Operations tab, Search subsection.
- Scroll to the Search Directories Limit field and type the required number.
- Click Save to record the change.
Specify Compression
These compression attributes apply only to NetFile Java2.
To Specify the Default Compression Type
- Log in to the Access Manager administration console as administrator.
- Select the Identity Management tab.
- Select Organizations from the View drop-down list.
- Click the required organization name. The selected organization name is reflected as the location in the top left corner of the administration console.
- Select Services from the View list box.
- Click the arrow next to NetFile under SRA Configuration.
The NetFile page is displayed.
- Click the Operations tab, Compression subsection.
- Scroll to the Default Compression Type field.
Choose Zip or GZip
- Click Save to record the change.
The General TabUsing the General tab, in the NetFile service, you can specify the MIME-types configuration file location.
Specify the MIME-types Configuration File Location
This information is required to determine the response content type to send to the client browser. The browser needs this information to determine the application that a file needs to be associated with during a NetFile open or download operation. This is configured during installation.
If the MIME-types file of the Portal Server’s web server needs to be used, specify the location:
portal-server-install-root/SUNWam/servers/instance-name-of-web-server- machine/config
To Specify the Location of the MIME-types Configuration File
- Log in to the Access Manager administration console as administrator.
- Select the Identity Management tab.
- Select Organizations from the View drop-down list.
- Click the required organization name. The selected organization name is reflected as the location in the top left corner of the administration console.
- Select Services from the View list box.
- Click the arrow next to NetFile under SRA Configuration.
The NetFile page is displayed.
- Click the General tab.
- Scroll to the MIME-types Configuration File Location field and type the full path to where the MIME-types configuration file is located.
- Click Save to record the change.