Sun Java System Portal Server 6 2004Q2 Secure Remote Access Administration Guide |
Chapter 4
NetFileThis chapter describes NetFile and explains its operation. To configure NetFile, see Chapter 10, "Configuring NetFile".
This chapter covers the following topics:
Overview of NetFileNetFile is a file manager application that enables the user to access and operate on remote file systems and directories.
The NetFile component of SRA is available as Java1 and Java2 applets. Users who do not have the Java2 Plugin for their browsers can use the Java1 applet. The Java2 applet has a better interface and increased ease of accessibility.
NetFile provides the following key features:
To configure NetFile, see Chapter 10, "Configuring NetFile".
Supported File Access ProtocolsNetFile allows you to access remote systems using FTP, JCIFS (Windows), and NFS protocols. It includes the following file access protocol features:
- If the user specifies AUTODETECT to add a system, NetFile uses the following sequence to automatically detect which protocol to use:
- Checks the host for FTP server on port 21. If the FTP response contains the string "NetWare", this is considered a NETWARE host.
- Checks the host for NFS server on port 2049.
- Checks the host for Windows on port 139.
- If all of the above fail, a message saying unable to determine the host type is displayed.
The first file system type that is detected is used to connect to the requested host. The host detection order can be changed in the Identity Server administration console.
- NetFile allows users to select the file server and protocol of their choice.
For each of these protocols, the platforms that are supported are listed below.
Enabling Access to NetFileWhen you install SRA, the NetFile service is registered only for the organization that you specified during installation.
To Enable NetFile for Organizations and Users
- Register the NetFile service to the organization that requires NetFile access.
- Create the NetFile policy based on the NetFile service and assign the NetFile policy for organization and role which require access to NetFile.
- Assign the NetFile service to each user who requires access to NetFile.
See the Identity Server Administration Guide for more information on creating and assigning policies and services.
Enabling Logging for NetFileSpecify the log location using the Identity Server Logging service to enable logging for NetFile. The name of the log file is srapNetFile. By default it is located in the /var/opt/SUNWam/logs directory.
Configure UNIX AuthenticationTo Enable Unix Authentication
- Log in to the Identity Server administration console as administrator.
- Select the Identity Management tab from the administration console.
- Select Services from the View drop down menu in the left view pane.
If UNIX shows up in the right view pane, it needs to be registered.
- Register the service by selecting the checkbox next to UNIX and click Register.
- Click the arrow next to UNIX in the left view pane and click Create.
The service template is created.
- Click Save.
- Log out of the administration console.
- Restart the Identity Server as root or the user Identity Server it is configured to run as:
/etc/init.d/amserver startall
- Verify that the doUnix process is running:
ps -ef | grep doUnix
To Configure Unix Authentication
- Telnet to the local host on the configuration port as follows:
telnet localhost 58946
- Type the Unix Helper Listen Port number.
Specify the default value of 57946 for the Listen Port.
- Type the Unix Helper Session Timeout value in seconds.
- Type the Unix Helper Max Sessions value.
A message saying “doUnix configured successfully” is displayed.