Installing and updating from a NetWare server with Mac workstations

  • Article ID: 12988
  • Updated: 20 Jun 2013

These instructions describe how to set up a share for a Sophos Anti-Virus Central Installation Directory (CID) on a NetWare server so that Mac OS X computers can install and update from it.

What to do

Setting up the share on the NetWare server

  1. Loading afptcp
    NetWare servers have supported AppleTalk since 1980, but AppleTalk has now been replaced by Apple with AFP (currently at version 3.2). AFP is used by Mac OS X, and is natively supported by NetWare 6.5. It is also supported in NetWare 5.1, via an optional plugin.
    By default the AFPTCP.NLM program should load at startup. If it does not, you must go into the system console and type:
    load afptcp
  2. Creating a Guest account
    The majority of Mac users mount NetWare volumes using a Guest account. This can be set up as follows:
    1. At the administrator's workstation, use Novell ConsoleOne to create a User object named Guest.
    2. Determine and assign the appropriate rights to the Guest object. Double-click the Guest object, and then click 'Rights to Files and Folders'.
    3. Remove the ability for the user to change the password by clicking 'Restrictions' and then unchecking 'Allow User to Change Password'.
    4. Enable the Guest account by adding the full NDS context of the Guest object to the context search file, as described in the next section.
    5. Unload and reload the AFPTCP.NLM program with the 'Guest' option so as to make the Guest button available on the login screen, e.g. type: load afptcp guest
  3. Enabling a context search
    • A context search file allows Mac users to log in to the network without specifying their full NDS context. The context search file contains a list of contexts that can be searched if no context is provided, or if the object cannot be found in the provided context. When a Mac user enters a username, the server searches through each context in the list until it finds the correct User object.
    • On a Mac, you are allowed only 31 characters for the username. If the full NDS context and username are longer than 31 characters, you must use a search list to provide access.
    • If User objects with the same name exist in different contexts, the first one in the context search list will be used.
    To edit the context search file, do as follows:
    1. Using any text editor, edit the file CTXS.CFG which is stored in the SYS:\ETC directory on the server running Novell Native File Access Protocols.
    2. On separate lines, type in the names of the contexts to search.
    3. Save the file in the SYS:\ETC directory.
    The file will be read the next time a Macintosh user logs in.
    When Mac users log in, they enter only a username and the simple password. The system will find the User object in the specified context in the CTXS.CFG file.
  4. Enabling Mac users to have 'simple' passwords
    You can create simple passwords for users one at a time using Novell ConsoleOne.
    If you want to create passwords for several Macintosh users at once, you can add the 'cleartext' option to the 'load afptcp' command at the console. For example, type:
    load afptcp cleartext
    When the 'cleartext' option is added to the 'afptcp' command, users logging in to the server from a Macintosh workstation are prompted to provide their NDS username and NDS password. Once the NDS password has been verified, a simple password is automatically created and stored in NDS. The simple password is the same as the NDS password.
    The cleartext option is a temporary method of creating simple passwords for many Macintosh users. After Macintosh users have created simple passwords, the AFPTCP.NLM should be loaded without the 'cleartext' option.

Mounting the NetWare volume on the Mac

To connect to the Mac CID on the NetWare server, do as follows:

  1. On the Mac computer, select Go|Connect to Server.
  2. Type
    afp://<ip address or name of server>/
  3. Enter a username and appropriate password, or select Guest if this has been enabled.
  4. Select the volume that you want to mount.
  5. The NetWare volume should now be mounted on the desktop.
  6. Browse to the Mac CID.

Sophos AutoUpdate on NetWare

Because of the way in which NetWare servers share data, it is not possible to get the AutoUpdate feature of Sophos Anti-Virus to work completely when the Mac CID is being hosted by a NetWare server. For the AutoUpdate process to work, the NetWare volume on which the CID is hosted will need to be mounted on the Mac system whenever AutoUpdate runs. This cannot be done by the Sophos Anti-Virus application. The NetWare volume must either be mounted permanently, or a cron job must be made which will mount the volume just before the update takes place.

Sophos Update Manager

Sophos Update Manager can be used to manually update the Sophos Anti-Virus.mpkg file in the Mac CID on the NetWare server. To do this, mount the Mac CID on the NetWare server and run the Sophos Update Manager from the CID.

 
If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent

Comments