Introduction
Platforms
Supported Servers
Supported Clients
Supported TCP/IP Stacks

Core Server
Reserved Ports
Mechanism
Master Daemon
Session Master
Session Engine

Naming and Browsing
Security
File Locking
Configuration
Profile Editor
Server Restart

Printing
TCP/IP Client
Minimum Requirements

Naming and Browsing

Naming and Browsing are two separate functions:

• Naming claims NetBIOS names for the server. Those names are used to locate the server during network communications
• Browsing refers to the actions associated with finding machines in workgroups and discovering the availability of directories they wish to share with other machines on the network. These directories are referred to as shares on an SMB server. Browsing lets clients examine the shares provided by computers in different workgroups

The NetBIOS name assigned to the server during naming is independent of both the DNS (Domain Name Service) and HOST name used by the UNIX server.

• Each server has one HOST name
• Each server has zero or more network adapters
• Each network adapter has zero or more IP addresses (typically at least 2: one is the broadcast address)
• There can be zero or more DNS names that map onto an Ip address on the server
• There can be zero or more NetBIOS names that map onto an Ip address on the server

SCO VisionFS will claim NetBIOS names for each IP address that has a corresponding broadcast address. For example a server can have more than one name , but have just one IP address, e.g. A server can be called Clarence by UNIX machines and Alabama by Windows machines, but itÆs IP address is always 192.102.82.100.

Once the server has claimed its NetBIOS names and announced them to all the other machines on the subnet, it must negotiate with the master browser for each workgroup. The master browser is a machine elected to control and register servers in the workgroup that are eligible for browsing. The election process takes place when servers first appear on the network. To participate in browsing a server must first find out who the master browser is and then inform the master browser of its membership. A master browser must exist before browsing is allowed. When negotiations with the master browser are completed, users can browse the shares offered by the server. SCO VisionFS will be able to become a master browser if one is not available.

NetBIOS applications must periodically announce their names to reinforce ownership snf must be able to respond to requests from other applications (e.g. Windows clients). SCO VisionFS uses the NetBIOS naming daemon for this.

Security

The server supports user level security. This means the server attempts to authenticate the client during the initial connection to the server. During this initial connection the client passes a username and password to the server. The server performs the following actions to validate the username on the UNIX server:

• The server checks for the existence of a UNIX account for the connecting user
• If there is an account, attempts are made to verify the password supplied by the client with the one that exists on the UNIX server
• Windows supplies a case insensitive password. To try to match UNIX case-sensitive passwords, SCO VisionFS tries the password with different combinations of case
• If Windows is informed of a password mismatch, it will prompt the user to enter another one
• Once a password is successfully matched, the user is logged onto the server
• If the user does not exist then they maybe allowed on as a guest

Access to shares can be restricted or denied to users depending on which type of authentication they were granted at this stage.

If users have different usernames on their Microsoft Windows PC and the UNIX server, they will not be recognized as the same user. It is desirable therefore, that users have the same username on both the Windows and UNIX machine.

Please note that authentication is not carried out when connecting to shares, at this point the server knows who the connecting user is. This does not however rule out the possibility of granting specific privileges to each share, thereby providing similar functionality to share level security.