Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science

Overview - Community

advertisement 
ITG Release 5.5, April 2004
Configuring Microsoft Telnet Server for Use with the
ITG Command Engine
Contents

Overview

Windows 2000 Server
o Install the Microsoft Services for UNIX
o Configure the shell startup and login scripts
o Configure the MS Telnet server
o Start the MS Telnet server service

Windows 2003 Server
o Configure the shell startup and login scripts
o Configure the MS Telnet server
o Start the MS Telnet server service
Overview
Microsoft has of late been increasing its support for interfacing with UNIX systems. In particular, the
Microsoft Telnet server has been updated and standardized in recent offerings, to the point where some
Windows 2000 and Windows 2003 versions can be successfully integrated with ITG’s Command Engine.
This document describes the necessary MS Telnet server configuration required to enable remote execution
from ITG. As an overview, the key point is configuring the MS Telnet server to invoke a UNIX command
shell. By default, the MS Telnet server invokes a DOS command shell for execution processing. ITG’s
Command Engine cannot automate DOS interactions, so some settings must be adjusted to instead invoke a
UNIX “sh” shell (or “sh” derivative).
The supported UNIX shell for Windows is Cygwin BASH, a free UNIX BASH environment available from
Cygwin (http://www.cygwin.com). This document assumes BASH is already available on the Windows
server.
Supported Environments:


Windows 2000 Server (with Microsoft Services for UNIX version 3.0 or higher)
Windows 2003 Server
Windows 2000 Server
By default, a “light” version of the MS Telnet server is provided with the Windows 2000 Server OS (as
well as with some version of Windows NT). ITG does not support this default version; it has a couple of
significant limitations. First, it diverges from the Telnet protocol standard in some important aspects
regarding how output is sent to the client, making it very difficult, if not impossible, to automate the
processing of the output. (See http://dbforums.com/arch/96/2002/8/480404 for some additional
information.) Second, the default version is meant for very basic use – it only allows 2 simultaneous telnet
sessions.
But Microsoft does release a set of utilities entitled “Services for UNIX”. The Telnet server provided in
version 3.0 (or higher) of the Services for UNIX (hereafter abbreviated as “SFU”) is a much better
implementation that seems to have resolved the shortcomings of the previous versions.
As a result, setting up your Windows 2000 Server to use the MS Telnet server involves 4 steps:
 Install SFU 3.0 (or higher)
 Configure the shell startup and login scripts
 Configure the MS Telnet server
 Start the MS Telnet server service
Install the Microsoft Services for UNIX
Important Note: ITG is certified only for version 3.0 or higher of the SFU.
1.
Insert the install disk and start the installation. A standard install wizard will open:
2.
Click the Next button. In the next page, choose to “Add or remove” components:
3.
Click the Next button. The next page displays the available components. You only need the Telnet
Server component, which is in the Remote Connectivity folder. Make sure this is enabled (should not
show the X icon). All other components can be “deselected” by clicking the DOWN arrow icon and
choosing the X option:
Note that the SFU also includes its own set of UNIX components, the “Interix GNU Components”.
Interix is a POSIX environment that, in the future, might be integrated with ITG to obviate the need for
Cygwin BASH. Currently, however, the ITG Command Engine does not support the Interix shells, so
BASH is still a necessity.
4.
Click the Next button through the next wizard screens until the installation commences. When
complete, you may be asked to restart the server. Other than that, the MS Telnet server is installed and
ready to be configured. Note that this new Telnet server is installed over the default Telnet server that
was provided with the Windows 2000 OS.
Configure the shell startup and login scripts
For the MS Telnet server to successfully invoke the BASH shell as the command shell, two scripts must be
created:
 Shell startup script, “cygnus.bat”
 Login script, “login.cmd”
1.
Configure the shell startup script (“cygnus.bat”)
i) Choose a location for the startup script. Convention dictates that this script be located in the
Cygwin root directory. In this example, assume the Cygwin root directory is located at
C:\Program Files\cygwin\.
ii) You will also need the path to the Cygwin \bin\ directory. In this example, assume the
Cygwin \bin\ directory is located at
C:\Program Files\cygwin\H-i586-cygwin32\bin\.
iii) In the Cygwin root directory, create a batch file named “cygnus.bat”, with the following
contents:
@ECHO OFF
SET MAKE_MODE=UNIX
SET PATH=C:\PROGRA~1\cygwin\H-I586~1\bin;%PATH%
echo thank you bill >nul
bash -login -noediting -noprofile -i
*Note: It still seems important to specify the PATH in this script, even if the system
environment path already includes the Cygwin \bin\ directory.
*Note: The line “echo thank you bill >nul” is a trick to get around a bug that prohibited
the shell from starting. For more information, visit
http://www.cygwin.com/ml/cygwin/2002-01/msg01395.html.
*Note: It is a good idea to type the above text manually into the “cygnus.bat” file using a
standard ASCII text editor like Notepad or VI, rather than cutting and pasting. Some MS
Word non-ASCII characters are not recognized by the command shell, and can lead to
mysterious errors!
2.
Configure the login script (“login.cmd”)
A login “cmd” script is required during Telnet session initiation. This can be as simple as a
single-line “echo” statement, or it can perform additional functionality upon session startup if
desired.
In the Cygwin root directory, create a cmd file named “login.cmd”, with the following contents
(replace the echo string with any desired message):
echo 'welcome to <machine name>'
Configure the MS Telnet server
Configuring the MS Telnet server requires two steps:
 Edit the Telnet server registry entry to specify the shell startup and login scripts.
 Run the SFU administration utility to configure the Telnet server settings.
3.
Edit the MS Telnet server registry
Unfortunately, no interface was provided for specifying the shell startup script, so this must be
done directly in the windows registry. This is a simple operation – only two parameters need to be
updated.
i)
Go to Start  Run, enter “regedt32”, and click OK.
ii) When the registry window opens, go to HKEY_LOCAL_MACHINE  SOFTWARE 
Microsoft  TelnetServer  1.0. When you highlight the “1.0” folder, the parameter list
will be displayed in the right-hand panel of the registry window:
*Note: You’ll see a separate registry entry for “TelnetServerWin2K”. This is the registry for
the default Telnet server that came with the Windows 2000 OS. When you installed the SFU
Telnet server, it overwrote this default Telnet server, but apparently its registry entries do not
get cleaned up. Just leave this “as is”; it doesn’t impact the usage of the Telnet server
installed from SFU.
iii) Double-click on the “LoginScript” entry. Enter the full path to the login script you created
above, and then click OK to apply the change. In this example, it is
C:\PROGRA~1\cygwin\login.cmd
iv) Double-click on the “Shell” entry. Enter the full path to the shell startup script you created
above, and then click OK to apply the change. In this example, it is
C:\PROGRA~1\cygwin\cygnus.bat
*Note: Do not change the value of the “DefaultShell” entry. This seems to have an adverse
effect on the proper functioning of the MS Telnet server.
4.
Run the SFU administration utility
The Services for UNIX toolset does provide an interface for administering properties of the Telnet
server such as the authentication mode, port number, number of simultaneous sessions allowed,
etc. The authentication mode must be configured to use “Plaintext” authentication, not NTLM
authentication, to allow the ITG Command Engine to login successfully with a username and
password. The port must be set to the default value “23” for successful connectivity from ITG.
i)
Go to Start Programs  Windows Services for UNIX  Services for UNIX
Administration menu item. This will bring up the administration UI. Select the “Telnet
Server” item in the “Services for UNIX [ local ]” folder. The Telnet server settings will be
displayed in the right-hand panel:
ii) Choose the Plaintext Authentication checkbox. Switch to the Server Settings tab and set
additional settings as desired:
*Note: The mode of operation can be set to either of the two available options, “Console” or
“Stream”, without impact to the ITG Command Engine. If you will also be supporting
manual Telnet sessions, then the “Console” setting provides additional output formatting to
facilitate a human user setting, and is thus recommended.
*Note: The ITG Command Engine requires the use of port 23, the default Telnet port. Make
sure that the Telnet port is set to 23.
Start the MS Telnet server service
Starting and stopping the MS Telnet server is done in the same manner as starting and stopping any other
Windows Service. Just go to the Services control panel (Start  Control Panel  Administrative Tools 
Services menu). To start the service, highlight the row containing “Telnet Server”, and click the Start
button. To stop the service, highlight the same row and click the Stop button.
Windows 2003 Server
The standard configuration of Windows 2003 Server includes an updated version of the MS Telnet server
that works well with the ITG Command Engine. As a result, it is not necessary to separately install the
Services for UNIX utilities.
Setting up your Windows 2003 Server to use the MS Telnet server involves 3 steps:
 Configure the shell startup and login scripts
 Configure the MS Telnet server
 Start the MS Telnet server service
Configure the MS Telnet server
Configuring the MS Telnet server requires two steps:
 Edit the Telnet server registry entry to specify the shell startup.
 Run the SFU administration utility to configure the Telnet server settings.
1.
Edit the MS Telnet server registry
Unfortunately, no interface was provided for specifying the shell startup script, so this must be
done directly in the windows registry. This is a simple operation – only two parameters need to be
updated.
i)
Go to Start  Run, enter “regedt32”, and click OK.
ii) When the registry window opens, go to HKEY_LOCAL_MACHINE  SOFTWARE 
Microsoft  TelnetServer  1.0. When you highlight the “1.0” folder, the parameter list
will be displayed in the right-hand panel of the registry window:
iii) Double-click on the “DefaultShell” entry. Enter the full path to the bash.exe file and then
click OK to apply the change. In this example, it is
C:\cygwin\bin\bash.exe
iii) Double-click on the “Shell” entry and clear the existing value.
iv) Double-click on the “SwitchToKeepShellRunning” entry and clear the existing value.
v) Double-click on the “LoginScript” entry and change to value to
-login -noediting -noprofile -i
2.
Run the Telnet administration utility
A command-line utility called “tlntadmn” is provided for administering properties of the Telnet
server such as the authentication mode, port number, number of simultaneous sessions allowed,
etc. The authentication mode must be configured to use “Password” authentication, not NTLM
authentication, to allow the ITG Command Engine to login successfully with a username and
password. The port must be set to the default value “23” for successful connectivity from ITG.
i)
In a DOS command shell, you can view the current Telnet server settings by simply running
“tlntadmn” with no arguments. The help screen can be displayed by typing “tlntadmn /?” at
the command line:
ii) To configure the Telnet server for “Password” authentication, use
tlntadmn config sec=-NTLM+passwd
iii) To configure the Telnet server for “console” mode, use
tlntadmn config mode=console
*Note: The mode of operation can be set to either of the two available options, “Console” or
“Stream”, without impact to the ITG Command Engine. If you will also be supporting
manual Telnet sessions, then the “Console” setting provides additional output formatting to
facilitate a human user setting, and is thus recommended.
*Note: The ITG Command Engine requires the use of port 23, the default Telnet port. Make
sure that the Telnet port is set to 23.
Start the MS Telnet server service
Starting and stopping the MS Telnet server is done in the same manner as starting and stopping any other
Windows Service. Just go to the Services control panel (Start  Control Panel  Administrative Tools 
Services menu). To start the service, highlight the row containing “Telnet Server”, and click the Start
button. To stop the service, highlight the same row and click the Stop button.
Revision History
Modification
CREATED:
UPDATED
Last Saved:
Author/Editor
Andrew Zenk
Giac Vu
Date
4/19/04
9/24/04
Related documents
Cookies and Telnet
Cookies and Telnet
Attacks on Computer Systems
Attacks on Computer Systems
File - Routing and Switching
File - Routing and Switching
telnet group
telnet group
assignment02 - NOVA Student Web
assignment02 - NOVA Student Web
Internet Vocabulary
Internet Vocabulary
Topic 2 – Lesson 4 Packet Filtering
Topic 2 – Lesson 4 Packet Filtering
Configuring SSH
Configuring SSH
Download
advertisement