The UNIX operating system, originally developed in the 1970s at AT&T's Bell Laboratories as a platform for internal software development, is still evolving and growing. In its early days, UNIX was distributed at no cost to academic institutions, so an entire generation of programmers and computer scientists learned their art on UNIX systems in college. Almost all of the Internet software you're familiar with today was developed on UNIX systems, and it's the most common operating system for high-end graphics and engineering workstations manufactured by Sun Microsystems, Hewlett-Packard, and many other companies. The Open Source phenomenon (which is by no means new, but is certainly resurgent) has also produced the no-cost NetBSD, GNU, and Linux UNIX clones, ensuring that a new generation of programmers will continue the traditions of openness, collaboration, and sharing that typify the UNIX community. This section looks at ways to network Windows XP with UNIX-type operating systems. Although many of the examples involve Linux (Red Hat Linux 6.0), most of the examples can be translated to almost any UNIX-type operating system. The SMB/CIFS ProtocolThe Server Message Block (SMB) protocol is the high-level network protocol used for Windows and LAN Manager file and printer sharing. To promote interoperation, Microsoft, the Santa Cruz Operation (SCO), Intel, and other companies began the Common Internet File System (CIFS) initiative to extend SMB networking to other operating systems. CIFS-compatible software packages can be obtained for many varieties of UNIX and Linux. For this chapter, I'll concentrate on just one: the Samba package. SambaCertainly the most popular UNIX-to-Windows networking package, Samba can be a lifesaver for integrated networks. Samba is an open source (read: free) software suite based on the SMB/CIFS protocol. The Samba server program makes it possible for UNIX/Linux computers to share folders and printers that Windows users can access, while the Samba client tools lets UNIX/Linux users access folders and printers shared by Windows computers. (Samba is integrated with Mac OS X, by the way, which is how OS X gets its Windows file-sharing capability.) And, because typing UNIX/Linux is already getting tiresome, I'll just write UNIX from now on, but for this discussion, I mean "UNIX and/or Linux and/or Mac OS X." NOTE You can get more information about Samba and download a version for your UNIX system from www.samba.org. Most Linux distributions include a version of Samba and install it by default. For a good introduction to Samba, visit www.informit.com and search for samba. Skip down to the "Free Library" results, and select Sams Teach Yourself Samba in 24 Hours. After you register or log on, you can purchase the book or read it online for free. (By the way, InformIT is run by one of Que's sister companies.) Samba Client ToolsTo access file services on a Windows server from UNIX, you must know exactly what resources are available from a given host on the network. Samba includes a command-line program called smbclient for just that purpose. This application enables you to list available Windows shares and printers from within UNIX. The command smbclient -L \\lombok for example, lists all the folders and printers shared by the computer named lombok. When you know the name of the desired shared folder, the smbmount command allows you to mount the Windows share on the local Linux file system. The command smbmount //lombok/shareddocs /mnt/winshare -U brian mounts the SharedDocs folder on computer lombok to the local directory /mnt/winshare. The -U switch tells smbclient what username to use when trying to mount the share. You'll be prompted for a password. NOTE If the Windows computer is running Windows XP with Simple File Sharing enabled, you can use any username and password. With Simple File Sharing, all network access is made using Guest credentials. You also can use a Windows printer from a UNIX client. The easiest way to configure a Windows printer on a Red Hat Linux system is to use the Red Hat GUI-based print tool while logged on as root. This way, you can set up an SMB-based printer with a minimal amount of hassle. If you are not using Red Hat Linux, you must edit your /etc/printcap file manually. The number of options involved are beyond the scope of this chapter. A thorough reading of the SMB How-To, available from http://en.tldp.org/HOWTO/SMB-HOWTO.html, is recommended. Samba Server ToolsSamba also includes tools and servers to make your UNIX system look just like a Windows-based network server; this capability lets your Windows computers use files and printers shared by UNIX systems. The parameters for configuring Samba in a server capacity are contained in the file /etc/smb.conf on the UNIX host. The default file included with Samba has comments for every parameter to explain what each one is. Configuring the Samba server is beyond the scope of this book. However, I can offer a few pointers:
When you have finished editing the smb.conf file, you can test to see that the syntax is correct by using the Samba program testparm. testparm checks smb.conf for internal "correctness" before you actually use it in a production environment. By running /usr/bin/testparm you get a printout like the following if all goes well: Load smb config files from /etc/smb.conf Processing section "[homes]" Processing section "[printers]" Processing section "[storage]" Loaded services file OK. Press enter to see a dump of your service definitions You can press Enter to see a dump of all the parameters the server uses to configure itself. When the configuration file is complete and correct, you must stop and restart the smbd service to make the changes take effect. Printing to UNIX Queues from WindowsYou can configure Samba to offer standard Windows shared printer service. As an alternative, Windows XP has built-in support to send output to UNIX-based printers using the lpr protocol. You can install a standard Windows printer whose output is directed to a UNIX system and can use this printer just as you would any local or networked Windows printer.
For instruction on connecting to an lpr-based printer, p. 645. Printing to Windows Printers from UNIXYou can also install an LPD server on Windows XP Professional to let UNIX users print to any local printers shared by your computer. (It can print only to local printers installed on and shared by your computer, not to network printers from other machines used by your computer.) To install this service, log on as Administrator (or as a Computer Administrator) and follow these steps:
These steps install the service but, because of an installer glitch, don't make the service start when you boot your computer. You might have to finish the job manually, like this:
Now, UNIX users can send print jobs to your computer by using the command lpr -S computername -P sharename where computername is the DNS name or IP address of your computer, and sharename is the share name of any of your printers. TIP By default, Windows treats incoming print jobs as ASCII text that must be formatted and printed. If the UNIX machine is sending, say, a PostScript file, Windows will print the PostScript source code rather than the document the file represents. UNIX users must use the appropriate -o option to send a "binary" print job in this case. For example, you can enter the following: lpr -S ambon -P Laserjet -o l filename.ps
TelnetThe telnet command is perhaps one of the most well-known UNIX network tools. Telnet provides a remote terminal function and on a UNIX system lets you use a shell or command prompt environment on a remote system across a LAN or the Internet. Windows XP Professional includes a Telnet client for connecting to other systems running a Telnet server. Windows XP supplies a Telnet application, but there's a surprise! This version is a Windows console program, meaning it looks like a Command Prompt window rather than a regular graphical Windows program. It also supports built-in NTLM authentication, so it can securely connect to the Telnet host service provided with Windows XP Professional and Server. To connect to a remote server with Telnetsay amber.somewhere.eduyou can issue the command by choosing Start, Run, or in a command prompt, as follows: telnet amber.somewhere.edu Alternatively, you can simply run the Telnet program without naming a remote host to start it in its "prompt" mode. Type help in prompt mode to see the list of valid commands. To terminate a Telnet session, you can press Ctrl+] and enter the quit command, or simply close the Telnet console window. TIP Microsoft's Telnet client is less than wonderful. You can use the supplied Hyperterminal application, or download free SSH (secure shell) Telnet clients from www.chiark.greenend.org.uk/~sgtatham/putty or www.ssh.com. There are commercial SSH clients as wellsee www.ssh.com and www.datafellows.com. These alternatives don't support NTLM encryption, so they're not secure for connecting to Windows Telnet hosts over the Internet, but the SSH clients are safer for connecting to UNIX hosts over the Internet. The Telnet Host ServiceWindows XP comes equipped with a Telnet server as well as a client. Having both a server and a client sounds like a boon for network managers, as it theoretically lets a remote user connect to and run programs on your Windows XP computer. It could conceivably also let a UNIX user connect to and run programs on a Windows XP computer. This could provide access to industrial-strength command-line management tools including cscript (Windows Script Host) and netsh (Network Shell). It's limited to two simultaneous incoming connections. However, I don't recommend using the Telnet Host Service. As I've mentioned, Telnet is an insecure protocol. The Windows XP Telnet server does use the NTLM password encryption protocol to authenticate users, but this feature can be disabled. The result is that, in the end, using it is more of a risk than a benefit, and you can accomplish the same results by using Windows graphical interface management tools, such as Remote Desktop. If you really want to try it, you must configure and activate it manually:
CAUTION If you enable telnet, I really caution you against permitting connections to the Telnet service from the Internet. You should block incoming connections on TCP Port 23 at your router. Telnet is a prime target of network scanners and hackers, and dictionary attacks on key accounts like Administrator are common. The Berkeley r CommandsMost UNIX operating systems also come equipped with a suite of programs collectively referred to as the "Berkeley r commands." Windows XP includes many of these tools, which are available from the Command Prompt. If you're a UNIX user, you're probably already familiar with these commands. Table 20.4 provides a brief list and description of the r commands provided with Windows XP.
TIP The Berkeley r commands, although very useful, are also inherently insecure because the commands used by these programs are usually passed in plain text through the network. Additionally, these commands are designed to be run in a trusted network where clients are not always required to reauthenticate themselves. This might not always be the case where today's networks are concerned. Because of these inherent vulnerabilities, it's best not to use these commands across the Internet. You might use the Secure Shell package, which replaces all the r commands as well as adds a greater degree of security via strong encryption. SSH also replaces the very insecure Telnet protocol and offers X11-encrypted forwarding. For information on obtaining a free Windows-based client version of SSH, see the tip on page 795. Services for UNIXMicrosoft offers a free set of tools called Services for UNIX (SFU) that provides most all of the utilities you will need to seamlessly glue together a network that includes Windows, UNIX, and Linux computers. You can obtain it via a free download at www.microsoft.com/sfu, or you can order it on CD. SFU is also provided with some Microsoft Developers Network subscriptions. While "vanilla" Windows XP comes with several of the TCP/IP tools that UNIX gurus expect, SFU provides a much more complete toolkit for those who are used to UNIX computers. For example, while Windows XP contains a basic FTP client and a Telnet Server, you'll find enhanced versions of both of these important utilities in SFU 3.5. While some components of SFU are applicable only to Windows 200x Server, most parts that can be installed on Windows XP Professional and put to good use, as I'll explain shortly. NOTE Services for UNIX 3.5 does not work on Windows XP Home Edition. The major components of Services for UNIX Version 3.5 include
Table 20.5 lists the components provided with Services for UNIX. SFU can be installed on Windows 200x Server, Advanced Server, and Windows XP Professional. However, not all components will be installed on Windows XP, as shown in the table.
|