WINDOWS 1002000 PROFESSIONAL RESOURCE KIT [Electronic resources] نسخه متنی

Client Service and Gateway Service

Client Service for NetWare provides client-based NetWare connectivity, and Gateway Service for NetWare acts as a gateway through which multiple clients can access NetWare resources. Both depend on and work with the NWLink protocol, which is automatically installed with either redirector. For more information about NWLink, see "NWLink" later in this chapter.

Client Service uses a subset of Gateway Service code.

Choosing Between Client Service and Gateway Service

If you intend to create or indefinitely maintain a mixed-mode environment composed of both Windows 2000 and NetWare servers, consider using Client Service for NetWare. If you intend to migrate gradually from NetWare to Windows 2000 or if you want to reduce administration, consider using Gateway Service for NetWare.

Advantages of Client Service for NetWare

Client Service provides the following advantages over Gateway Service:

Client Service allows for user-level security rather than share-level security. By using Client Service for NetWare, you can allow users access to individual user home directories (directories where individual user data resides) that are stored on NetWare volumes. Users can then map to their home directories and any additional volumes to which they have been granted user-level security. To allow users access to individual home directories by using Gateway Service you need to give each user a separate drive letter.

Client Service might perform better than Gateway Service. Client Service communicates directly with NetWare servers, avoiding potential bottlenecks caused by excessive traffic moving through a single network connection.

Disadvantages of Client Service for NetWare

Client Service has the following disadvantages:

Client Service requires you to manage multiple user accounts for each user. For each user, you must create and manage separate user accounts for both Windows 2000 and NetWare.

Client Service requires more installation and management overhead. With Client Service, you must install and maintain additional Client Service software on each computer running Windows 2000 Professional.

Client Service requires you to add IPX to your entire network. Servers running Windows 2000 and servers running NetWare 5.0 use TCP/IP as the native protocol. However, Client Service requires you to use IPX (through NWLink), and does not enable you to restrict IPX to a certain portion of your network. Even if clients on only one subnet use IPX, it might be routed through the entire network.

NOTE

---

For detailed information about IPX routing and Windows 2000, see "IPX Routing" in the Microsoft® Windows® 2000 Server Resource Kit Internetworking Guide.

Advantages of Gateway Service for NetWare

Gateway Service provides the following advantages over Client Service:

Gateway Service allows you to manage a single user account for each user. Gateway Service becomes the central interface for user access to NetWare resources and you can perform all Windows 2000 user account management within the Gateway Service user interface. You can secure regular share-level permissions and assign users or groups to the access control list (ACL) of each share.

Gateway Service reduces installation overhead. With Gateway Service, you can give clients access to NetWare resources without installing NetWare client software. Thus, you do not need to deploy and maintain network client software on multiple client computers.

Gateway Service provides protocol isolation for IPX. With Gateway Service, you can isolate the IPX protocol to your local area network (LAN), preventing IPX traffic from passing over wide area links.

Disadvantages of Gateway Service for NetWare

Gateway Service has the following disadvantages:

Gateway Service allows limited user-level security. With Gateway Service, all Windows 2000 users access NetWare resources as if they were the same NetWare user. Gateway Service assigns drive letters to separate NetWare files or directories, and then Windows 2000 share-level access is applied to the entire share. Therefore, the only way to provide user-level security while using Gateway Service is to assign separate drive letters for each user. Because servers need to reserve some drive letters for local drives, mapped drives, and other applications, user-level security is impractical if you have a large number of users.

Gateway Service might not perform as well as Client Service. Using Gateway Service, the Windows 2000 Server-based computer must act as a gateway between clients and NetWare servers. All requests for NetWare services are processed through a single gateway connection, creating potential bottlenecks. However, in some cases, Gateway Service performs better than Client Service (for example, if most of your traffic is NCP rather than CIFS).

When Client Service or Gateway Service is installed on a computer running Windows 2000, NWLink is installed automatically.

Using Client Service for NetWare

Client Service for NetWare is installed on Windows 2000 Professional computers to access NetWare services directly. The computer running Client Service creates NCP protocol packets and passes them directly to the network. The packet is then picked up by the NetWare server.

One example of accessing NetWare resources is to map a drive to a NetWare volume. When a drive is mapped to a NetWare volume, the computer running Windows Professional uses a NetWare account to create a validated connection to the NetWare server.

For example, to create a connection from computer A (running Client Service) to the NetWare NDS volume BVolname.Orgunit.OrgFolder, where B is the name of the NDS tree, Volname.Orgunit.Org is the path to the volume name in the NDS tree, and Folder is a subfolder on the Volname volume. In Windows Explorer, select Tools, and then click Map Network Drive. You can also use the net use command-line utility and specify the path BVolname.Orgunit.OrgFolder for the NetWare resource. For more information about mapping drives, see Windows 2000 Professional Help.

When using Map Network Drive the mapped connection is always persistent if you select the Reconnect at logon check box.

When using the net use command, after the mapped connection is established, it is disconnected only if the computer running Windows 2000 Professional is shut down, if the drive is manually disconnected, or if a network problem prevents access to the NetWare server. The mapped drive is then reestablished when the user logs on to the network.

Using Gateway Service for NetWare

Gateway Service for NetWare is installed on Windows 2000 Server-based computers for Windows 2000 Professional-based computers without a client for NetWare access installed to directly access NetWare services. The Windows 2000 Server-based computers with Gateway Service translate the CIFS packet received from computers running Windows 2000 Professional into NCP packets and sends the request to the NetWare server.

One example of accessing NetWare resources is to map a drive to a NetWare volume. To give Windows-based clients access to a NetWare volume, the Windows 2000 Server-based computer running Gateway Service redirects one of its drives to the NetWare volume and then shares that drive to the Windows-based clients. The gateway uses a NetWare account to create a validated connection to the NetWare server. This connection appears on the computer running Windows 2000 Server as a redirected drive. When you share the redirected drive, it appears to users as a Windows 2000 Server resource, although it is actually a resource on a NetWare server.

For example, to create a gateway from computer A (running Gateway Service) to the bindery-based NetWare volume Server1VolnameFolder, where Server1 is the server name, Volname is the volume on that server, and Folder is a sub-folder on the Volname volume. In the Configure Gateway dialog box, specify Server1VolnameFolder as the NetWare resource, and then specify a share name for Windows 2000-based clients, such as Nw_Folder. Windows clients then refer to this resource as ANw_Folder.

After the gateway connection is established, it is disconnected only if the computer running Windows 2000 Server is shut down, if the administrator disconnects the shared resource or disables the gateway, or if a network problem prevents access to the NetWare server. Logging off the computer running Windows 2000 Server does not disconnect the gateway.