Chapter 9: Resource Sharing Over A Network

1
Chapter 9 Resource Sharing Over A Network

• A Guide to Operating Systems Troubleshooting
  and Problem Solving

2
Chapter Objectives

• Explain the principles behind sharing disks and
  files on a network
• Explain how to set up accounts, groups, security,
  and disk and file sharing on network server
  operating systems
• Explain how to set up file and disk sharing on
  client operating systems
• Explain how to set up printer sharing on server
  and client operating systems
• Discuss how network and Internet servers are used
  for vast information sharing networks

3
Sharing Disks and Files

• NetWare was one of the first network operating
  systems to enable file sharing through a server
• Downloading a file directly from a file server
  was one of the first methods for sharing files
  and was incorporated in the first version of
  NetWare

4
More Sharing Disks and Files

• Sharing resources quickly blossomed into other
  ways to access files
• making shared drives available on a network
• making each shared drive look just like another
  local drive at the client
• Mapping is a software process that enables a
  client workstation to attach to the shared drive
  of another workstation or server, and to assign
  it a drive letter

5
Sharing Disks and Files Through Network Server
Operating Systems

• NetWare, UNIX, and Windows NT Server are three
  network operating systems
• Each operating system enables the network
  administrator to establish security through
  assigning accounts, account passwords, groups,
  and access privileges

6
NetWare

• With an account and the appropriate security, a
  client can access directories and files within
  NetWare directories
• Commands available to users are contained in a
  directory called PUBLIC
• The SYSTEM directory contains operating system
  files and utilities
• The LOGIN directory has files that users can
  access before they log into a server (such as the
  executable file (LOGIN.EXE)
• Other information important to users is contained
  in home directories

7
NetWare Search Drives

• NetWare recognizes another type of network drive,
  called a search drive
• NetWare can execute a file on a search drive,
  regardless of whether the file is in the main
  directory or in a subdirectory

8
Preparing Server for NetWare

• Prepare the server before it is made available on
  the network
• Set security on each directory, subdirectory, and
  on particular files
• Create an account and account password for each
  user who needs to access the server
• Set up groups as a way to provide shortcuts for
  managing security

Figure 9-1 Sample NetWare directories available
to users
9
NetWare Network Drive Mappings
10
Ways to Map a NetWare Drive

• Use the MAP command from the MS-DOS prompt
• MAP drive volumedirectory\subdirectory for
  regular network drivers
• MAP Svolumedirectory\subdirectory for
  search drives
• Another way to set up the same search drive is to
  put the MAP command in a NetWare login script

11
Sample NetWare Login Script
12
NetWare Shared Drive Restrictions

• Requires a password
• Sets a minimum password length
• Requires that a password is changed within a
  specified interval of time
• Requires that a new password is used each time
  the old one is changed
• Limits the number of unsuccessful attempts to log
  on to an account
• Sets time restrictions that specify when users
  can log on
• Sets intruder detection capabilities

13
Password Restrictions in NetWare Administrator
14
Granting Rights

• Rights are assigned by making a user or group a
  directory or file trustee
• Rights also can be inherited
• Container object - an entity that is used to
  group together resources, such as an
  organizational unit, organization, or country

15
Granting Rights

• Rights control the ability to
• Perform a directory listing
• Create a new directory, subdirectory, or file
• Read the contents of a directory, subdirectory or
  file
• Write to the contents of a file
• Delete a directory, subdirectory, or file
• Change the security associated with a directory,
  subdirectory, or file
• Copy a directory, subdirectory, or file
• Rename a directory, subdirectory, or file

16
UNIX

• Each user account in UNIX is associated with a
  user identification number (UID)
• Users who have common access needs can be
  assigned to a group via a group identification
  number (GID)
• The password file is checked when the user logs
  on resources

17
Password File

• Password file (\etc\passwd) contains the
  following
• The user name, which can be up to eight
  characters long
• An encrypted password or a reference to the
  shadow file, a file that makes it difficult for
  intruders to determine passwords
• The UID
• A GID
• Information about the user
• The location of the users home directory
• A command that is executed as the user logs on,
  such as which shell to use

18
Shadow File

• The shadow file (\etc\shadow) is available only
  to the systems administrator. It contains
  password restriction information
• the minimum and maximum number of days between
  password changes
• Information about when the password was last
  changed
• Warning information about when a password will
  expire
• Amount of time that the account can be inactive
  before access is prohibited

19
Group File

• Contains the name of the group, an encrypted
  group password, the GID, and a list of group
  members
• Every account must be assigned to at least one
  group
• User accounts and groups can be created by
  editing the password, shadow, and group files

20
Creating New User

• Useradd enables the administrator to create a new
  user
• Some possible parameters for Useradd
• c Used for an account description
• d Specifies the users home directory location
• e Specifies an account expiration date
• f Specifies the number of days the account can
  be inactive before access is prohibited
• g Specifies group membership
• s Designates the default shell associated with
  the account
• u Specifies the unique UID

21
Usermod Groupadd

• Parameters associated with an account can be
  modified by using the usermod command
• Groups are created using the groupadd
• Two inputs associated with this command
• g parameter
• group string

22
UNIX File Permission

• Read, write, and execute
• Executable programs can have a special set of
  permissions
• Set User ID (SUID)
• Set Group ID (SGID)
• Permissions are granted on the basis of three
  criteria
• ownership
• group membership
• other (or World)

23
Permissions in UNIX

• The chmod command which is used permissions, has
  two different formats, symbolic and octal
• Symbolic format specifies three parameters
• the permission
• who has the permission
• the actions to be taken on the permission
• Octal permission format assigns a number based on
  the type of permission and its owner, group, and
  other

24
Sharing Windows NT Server

• Set up the following
• Groups
• Local group - used to manage resources using GUI
  tool
• Global group - consists of user accounts, and
  can be made a member of a local group using GUI
  tool
• Account policies
• User accounts
• Permissions
• Shared disks and folders
• Domain - a grouping of servers in a particular
  geographic area

25
Managing Shared Resources Using Local and Global
Groups
Figure 9-4 Managing shared resources using local
and global groups
26
Creating a Global Group in Windows NT Server 4.0
27
Windows NT User Accounts

• Created through the User Manager for Domains
• Require a password
• Set a minimum password length
• Require that a password is changed within a
  specified interval
• Require that a new password is used each time the
  old one is changed
• Limit the number of unsuccessful attempts to log
  on
• Set time restrictions
• Set intruder detection capabilities
• Specify which workstations an account can be
  accessed from
• Control remote access to a server

28
Windows NT Server 4.0 Account Policies
29
File Systems

• Windows NT Server recognizes two main files
  systems File Allocation Table (FAT) and NT File
  System (NFTS)
• Files that are shared to the network are set up
  in NTFS, which has better security FAT can offer
  security through MS-DOS
• Disk volumes, folders, and files can be accessed
  through the network by creating shares
• Share - an object that is given a name and made
  visible to network users

30
Share Permissions

• Four Share permissions
• No access the specified groups and users have
  no access
• Read the specified groups and users can read
  and execute files
• Change the specified groups and users can read,
  add, modify, execute, and delete files
• Full Control the specified groups and users
  have full access to the files and folders,
  including the ability to take ownership or change
  permissions

31
Setting Up a Shared Folder
32
Accessing and Sharing With Macintosh

• Mac OS offers two ways to connect to shared
  resources on a network
• Chooser
• Network Browser
• Mac OS uses the terminology mount when accessing
  a shared disk volume over the network
• Mac Network Browser presents an interface that is
  similar to a Windows drop-down or scroll box
• Mac OS have two users already defined Owner and
  Guest

33
Using the Chooser
34
Creating a New User

• Create a new user
• Provide the users name
• Provide a password
• Enable the user to change her or his password (an
  optional check box)
• Enable sharing and allow the user to link to
  programs on the computer
• After a user is created, it can be added to one
  or more groups

35
Privileges

• Four kinds of privileges
• None No access to files
• Read only Access to read the contents of files
  only
• Write only Access to write files but not to
  open them
• Read Write Access to open and write files
• Privileges can be assigned to any of four types
  of users
• Owner - Users
• Groups - Everyone

36
Accessing and Sharing with UNIX

• UNIX computers can access resources on other
  computers that support the Network File System
  (NFS)
• UNIX client accesses the shared disk or folder
  through its mount command
• The NFS server acts as a two-way utility, because
  it also permits a Windows NT Server or NT
  Workstation to access a computer running UNIX

37
UNIX Share Permissions

• These permissions include
• Root includes all permissions and is similar to
  full control
• Read-write encompasses permissions to mount the
  shared disk or folder, read the contents, and
  modify the files and folders
• Read-only gives permission to mount the shared
  resources, but only to read the contents of files
  and folders
• No access prevents mounting the shared disk or
  folder

38
Accessing and Sharing With Windows 3.11

• First Windows-based client operating system to
  truly share disks and directories
• Offers the ability to configure sharing when you
  first install the OS
• Setup program contains a Network Setup used to
  configure the operating system for network access

39
Setting Up File and Printer Sharing During
Windows 3.11 Installation
40
Sharing a Directory in Windows 3.11
41
File Sharing in Windows 3.11

• Enable file sharing to share a disk, directory,
  or file for others to access
• Share Directory Dialog Box
• Provide the share name
• Make sure the path is correct to the share or
  enter the path in the Path box
• Enter a comment to describe the share
• Determine if you want to offer the share each
  time you boot the computer
• Specify the security to place on the share
• Specify a password for the type of access
• Confirm the password

42
Windows 3.11 Security

• Read-Only clients can read the contents of
  files and directories and copy them, but clients
  cannot modify files and directories
• Full clients can read, copy, add, remove, and
  modify files and directories
• Depends on Password clients must enter a
  password for the type of access, Read-only or Full

43
Windows 3.11 File Manager

• Configure File Manager to access a disk,
  directory or file
• Open File Manager
• Click Disk menu, Click Connect Network Drive (or
  click the Connect Network Drive icon on the
  button bar)
• In the Connect Network Drive dialog box, select
  the computer and shared directory in the Show
  Shared Directories on and Shared Directories
  boxes
• Assign an unused drive letter
• Specify the path to the shared directory
• Specify whether to reconnect to the share each
  time you log on

44
Browsing the Network with Windows 3.11 File
Manager

• The Connect Network Drive dialog box also
  contains an option to enable browsing for
  domains, workgroups, and computers connected to
  the network
• Windows 3.11 may contend with Windows NT Server
  (and NT Workstation) computers as the Master
  Browser

45
Windows NT System Log
46
Accessing and Sharing With Windows 95/98

• Windows 95/ 98 have nearly the same capabilities
  to access shared disks and folders
• Both also can offer shared resources for other
  network workstations to access
• Share-level access control creates a disk or
  directory share that is protected by share
  permissions
• User-level access control requires the share
  owner to create an access list of groups and users

47
Share Level Access Permissions

• There are three levels of access permissions
• Read-Only
• Full
• Depends On Password
• Read-only and Full permissions can be assigned
  with or without a password
• Default - uses no password
• User-level access specifies access on the basis
  of user accounts and groups

48
Windows 95 and Windows 98 Access Control
49
User and Group Access in Windows 95/ 98

• Three kinds of access
• Read-only
• Full
• Custom
• Before setting up share-level access or
  user-level access, it is necessary to install
  file and printer sharing services

50
Windows 95/98 Custom Share Permissions for
User-Level Access
51
Windows 95/ 98 Drive Mapping

• To map a drive that is shared by another computer
  use the Network Neighborhood utility
• To disconnect a mapped drive, right-click the
  drive in My Computer or Explorer and click
  Disconnect on the menu

52
Installing a Protocol in Windows 2000 Server
53
Sharing Printing Devices in Macintosh

• Mac OS can make a local printer connected to it
  available to others on a network
• Use the Chooser utility
• To share a printer, first install the printer and
  set it up in the Mac OS
• In the Sharing Setup, share this Printer and
  enter a name for the shared printer
• Optional parameters can enable a password
  required by others

54
Sharing Printing Devices in NetWare

• Shared printing in NetWare is accomplished by
  using two different approaches
• queue-based printing
• Novell Distributed Print Services (NDPS)
• In queue-based printing, network administrator
  performs several functions
• install the printer and its driver in NetWare
• create a print queue for the printer
• set up a NDS printer object for NetWare that uses
  NDS
• load the print server on the NetWare server

55
Sharing Printing Devices in UNIX

• The BSD or the SVR4 spooling systems use three
  components for printing
• the lpr print program
• the ldp daemon
• the file, \etc\printcap
• In SVR4, the spooling system consists of the lp
  print program and the lpsched daemon

56
Sharing Printing Devices in Windows 3.11

• Printers are shared in Windows 3.11 by opening
  the Print Manager in the Main program group
• Printer must be installed before it can be shared
• To connect to a shared printer on another network
  computer, open the Printer menu, click Connect
  Network Printer
• Disconnecting from a printer is accomplished by
  highlighting the network printer and clicking
  Disconnect Network Printer

57
Sharing Printing Devices in Windows 95/ 98 and
Windows NT

• Windows 95/ 98 and Windows NT use the Add Printer
  Wizard to set up a printer locally
• Share a printer by first opening the Printers
  folder
• Click Sharing and then click the Shared As
  radio button
• Enter a name for the shared printer and a comment
  to describe it
• In Windows 95/ 98, if share-level access is used
  then you also have the option to require a
  password

58
Sharing a Printer in Windows 98
59
Setting Up Shared Printer Parameters in Windows 98
60
Sharing Printing Devices in Windows NT

• In Windows NT 4.0 there are two printer property
  tabs
• Sharing
• Security
• Windows NT share permissions are
• No Access
• Print
• Manage Documents
• Full Control

61
Windows NT Shared Printer Security
62
Mapping to a Shared Printer

• Open Network Neighborhood and double-click the
  computer that offers the shared printer
• The list of shared resources, right-click the
  printer and click Install from the menu

63
Network and Internet Resource Servers

• NetWare, UNIX, and Windows NT Server can be set
  up as resource servers to provide network and
  Internet resources
• All of these operating systems can act as servers
  for many kinds of functions
• e-mail
• electronic commerce
• videoconferencing
• multimedia
• Client/server applications

64
More About Network and Internet Resource Servers

• A typical client/server application consists of
  three components
• a workstation running a Windows-based operating
  system
• a server from which to run applications
• one or more database servers
• Web servers are another fast-growing
  implementation of NetWare, UNIX, and Windows NT
  Servers

65
Chapter Summary

• Networks were designed to share files other
  resources
• Originally, networks used protocols such as FTP
  to upload and download individual files
• One way to distinguish network-capable operating
  system is by classifying them as server or client
  operating systems