ITG Release 5.5, April 2004 Configuring Microsoft Telnet Server for Use with the ITG Command Engine Contents Overview Windows 2000 Server o Install the Microsoft Services for UNIX o Configure the shell startup and login scripts o Configure the MS Telnet server o Start the MS Telnet server service Windows 2003 Server o Configure the shell startup and login scripts o Configure the MS Telnet server o Start the MS Telnet server service Overview Microsoft has of late been increasing its support for interfacing with UNIX systems. In particular, the Microsoft Telnet server has been updated and standardized in recent offerings, to the point where some Windows 2000 and Windows 2003 versions can be successfully integrated with ITG’s Command Engine. This document describes the necessary MS Telnet server configuration required to enable remote execution from ITG. As an overview, the key point is configuring the MS Telnet server to invoke a UNIX command shell. By default, the MS Telnet server invokes a DOS command shell for execution processing. ITG’s Command Engine cannot automate DOS interactions, so some settings must be adjusted to instead invoke a UNIX “sh” shell (or “sh” derivative). The supported UNIX shell for Windows is Cygwin BASH, a free UNIX BASH environment available from Cygwin (http://www.cygwin.com). This document assumes BASH is already available on the Windows server. Supported Environments: Windows 2000 Server (with Microsoft Services for UNIX version 3.0 or higher) Windows 2003 Server Windows 2000 Server By default, a “light” version of the MS Telnet server is provided with the Windows 2000 Server OS (as well as with some version of Windows NT). ITG does not support this default version; it has a couple of significant limitations. First, it diverges from the Telnet protocol standard in some important aspects regarding how output is sent to the client, making it very difficult, if not impossible, to automate the processing of the output. (See http://dbforums.com/arch/96/2002/8/480404 for some additional information.) Second, the default version is meant for very basic use – it only allows 2 simultaneous telnet sessions. But Microsoft does release a set of utilities entitled “Services for UNIX”. The Telnet server provided in version 3.0 (or higher) of the Services for UNIX (hereafter abbreviated as “SFU”) is a much better implementation that seems to have resolved the shortcomings of the previous versions. As a result, setting up your Windows 2000 Server to use the MS Telnet server involves 4 steps: Install SFU 3.0 (or higher) Configure the shell startup and login scripts Configure the MS Telnet server Start the MS Telnet server service Install the Microsoft Services for UNIX Important Note: ITG is certified only for version 3.0 or higher of the SFU. 1. Insert the install disk and start the installation. A standard install wizard will open: 2. Click the Next button. In the next page, choose to “Add or remove” components: 3. Click the Next button. The next page displays the available components. You only need the Telnet Server component, which is in the Remote Connectivity folder. Make sure this is enabled (should not show the X icon). All other components can be “deselected” by clicking the DOWN arrow icon and choosing the X option: Note that the SFU also includes its own set of UNIX components, the “Interix GNU Components”. Interix is a POSIX environment that, in the future, might be integrated with ITG to obviate the need for Cygwin BASH. Currently, however, the ITG Command Engine does not support the Interix shells, so BASH is still a necessity. 4. Click the Next button through the next wizard screens until the installation commences. When complete, you may be asked to restart the server. Other than that, the MS Telnet server is installed and ready to be configured. Note that this new Telnet server is installed over the default Telnet server that was provided with the Windows 2000 OS. Configure the shell startup and login scripts For the MS Telnet server to successfully invoke the BASH shell as the command shell, two scripts must be created: Shell startup script, “cygnus.bat” Login script, “login.cmd” 1. Configure the shell startup script (“cygnus.bat”) i) Choose a location for the startup script. Convention dictates that this script be located in the Cygwin root directory. In this example, assume the Cygwin root directory is located at C:\Program Files\cygwin\. ii) You will also need the path to the Cygwin \bin\ directory. In this example, assume the Cygwin \bin\ directory is located at C:\Program Files\cygwin\H-i586-cygwin32\bin\. iii) In the Cygwin root directory, create a batch file named “cygnus.bat”, with the following contents: @ECHO OFF SET MAKE_MODE=UNIX SET PATH=C:\PROGRA~1\cygwin\H-I586~1\bin;%PATH% echo thank you bill >nul bash -login -noediting -noprofile -i *Note: It still seems important to specify the PATH in this script, even if the system environment path already includes the Cygwin \bin\ directory. *Note: The line “echo thank you bill >nul” is a trick to get around a bug that prohibited the shell from starting. For more information, visit http://www.cygwin.com/ml/cygwin/2002-01/msg01395.html. *Note: It is a good idea to type the above text manually into the “cygnus.bat” file using a standard ASCII text editor like Notepad or VI, rather than cutting and pasting. Some MS Word non-ASCII characters are not recognized by the command shell, and can lead to mysterious errors! 2. Configure the login script (“login.cmd”) A login “cmd” script is required during Telnet session initiation. This can be as simple as a single-line “echo” statement, or it can perform additional functionality upon session startup if desired. In the Cygwin root directory, create a cmd file named “login.cmd”, with the following contents (replace the echo string with any desired message): echo 'welcome to <machine name>' Configure the MS Telnet server Configuring the MS Telnet server requires two steps: Edit the Telnet server registry entry to specify the shell startup and login scripts. Run the SFU administration utility to configure the Telnet server settings. 3. Edit the MS Telnet server registry Unfortunately, no interface was provided for specifying the shell startup script, so this must be done directly in the windows registry. This is a simple operation – only two parameters need to be updated. i) Go to Start Run, enter “regedt32”, and click OK. ii) When the registry window opens, go to HKEY_LOCAL_MACHINE SOFTWARE Microsoft TelnetServer 1.0. When you highlight the “1.0” folder, the parameter list will be displayed in the right-hand panel of the registry window: *Note: You’ll see a separate registry entry for “TelnetServerWin2K”. This is the registry for the default Telnet server that came with the Windows 2000 OS. When you installed the SFU Telnet server, it overwrote this default Telnet server, but apparently its registry entries do not get cleaned up. Just leave this “as is”; it doesn’t impact the usage of the Telnet server installed from SFU. iii) Double-click on the “LoginScript” entry. Enter the full path to the login script you created above, and then click OK to apply the change. In this example, it is C:\PROGRA~1\cygwin\login.cmd iv) Double-click on the “Shell” entry. Enter the full path to the shell startup script you created above, and then click OK to apply the change. In this example, it is C:\PROGRA~1\cygwin\cygnus.bat *Note: Do not change the value of the “DefaultShell” entry. This seems to have an adverse effect on the proper functioning of the MS Telnet server. 4. Run the SFU administration utility The Services for UNIX toolset does provide an interface for administering properties of the Telnet server such as the authentication mode, port number, number of simultaneous sessions allowed, etc. The authentication mode must be configured to use “Plaintext” authentication, not NTLM authentication, to allow the ITG Command Engine to login successfully with a username and password. The port must be set to the default value “23” for successful connectivity from ITG. i) Go to Start Programs Windows Services for UNIX Services for UNIX Administration menu item. This will bring up the administration UI. Select the “Telnet Server” item in the “Services for UNIX [ local ]” folder. The Telnet server settings will be displayed in the right-hand panel: ii) Choose the Plaintext Authentication checkbox. Switch to the Server Settings tab and set additional settings as desired: *Note: The mode of operation can be set to either of the two available options, “Console” or “Stream”, without impact to the ITG Command Engine. If you will also be supporting manual Telnet sessions, then the “Console” setting provides additional output formatting to facilitate a human user setting, and is thus recommended. *Note: The ITG Command Engine requires the use of port 23, the default Telnet port. Make sure that the Telnet port is set to 23. Start the MS Telnet server service Starting and stopping the MS Telnet server is done in the same manner as starting and stopping any other Windows Service. Just go to the Services control panel (Start Control Panel Administrative Tools Services menu). To start the service, highlight the row containing “Telnet Server”, and click the Start button. To stop the service, highlight the same row and click the Stop button. Windows 2003 Server The standard configuration of Windows 2003 Server includes an updated version of the MS Telnet server that works well with the ITG Command Engine. As a result, it is not necessary to separately install the Services for UNIX utilities. Setting up your Windows 2003 Server to use the MS Telnet server involves 3 steps: Configure the shell startup and login scripts Configure the MS Telnet server Start the MS Telnet server service Configure the MS Telnet server Configuring the MS Telnet server requires two steps: Edit the Telnet server registry entry to specify the shell startup. Run the SFU administration utility to configure the Telnet server settings. 1. Edit the MS Telnet server registry Unfortunately, no interface was provided for specifying the shell startup script, so this must be done directly in the windows registry. This is a simple operation – only two parameters need to be updated. i) Go to Start Run, enter “regedt32”, and click OK. ii) When the registry window opens, go to HKEY_LOCAL_MACHINE SOFTWARE Microsoft TelnetServer 1.0. When you highlight the “1.0” folder, the parameter list will be displayed in the right-hand panel of the registry window: iii) Double-click on the “DefaultShell” entry. Enter the full path to the bash.exe file and then click OK to apply the change. In this example, it is C:\cygwin\bin\bash.exe iii) Double-click on the “Shell” entry and clear the existing value. iv) Double-click on the “SwitchToKeepShellRunning” entry and clear the existing value. v) Double-click on the “LoginScript” entry and change to value to -login -noediting -noprofile -i 2. Run the Telnet administration utility A command-line utility called “tlntadmn” is provided for administering properties of the Telnet server such as the authentication mode, port number, number of simultaneous sessions allowed, etc. The authentication mode must be configured to use “Password” authentication, not NTLM authentication, to allow the ITG Command Engine to login successfully with a username and password. The port must be set to the default value “23” for successful connectivity from ITG. i) In a DOS command shell, you can view the current Telnet server settings by simply running “tlntadmn” with no arguments. The help screen can be displayed by typing “tlntadmn /?” at the command line: ii) To configure the Telnet server for “Password” authentication, use tlntadmn config sec=-NTLM+passwd iii) To configure the Telnet server for “console” mode, use tlntadmn config mode=console *Note: The mode of operation can be set to either of the two available options, “Console” or “Stream”, without impact to the ITG Command Engine. If you will also be supporting manual Telnet sessions, then the “Console” setting provides additional output formatting to facilitate a human user setting, and is thus recommended. *Note: The ITG Command Engine requires the use of port 23, the default Telnet port. Make sure that the Telnet port is set to 23. Start the MS Telnet server service Starting and stopping the MS Telnet server is done in the same manner as starting and stopping any other Windows Service. Just go to the Services control panel (Start Control Panel Administrative Tools Services menu). To start the service, highlight the row containing “Telnet Server”, and click the Start button. To stop the service, highlight the same row and click the Stop button. Revision History Modification CREATED: UPDATED Last Saved: Author/Editor Andrew Zenk Giac Vu Date 4/19/04 9/24/04