Operating System
Windows 2000 Professional in a UNIX Environment
Scenario Guide & Walkthrough
Abstract
This scenario guide outlines procedures to install and configure the Microsoft® Windows® 2000
Professional operating system in a UNIX server-based network. Specifically, it focuses on
planning and deploying Windows Services for UNIX client services.
© 2000 Microsoft Corporation. All rights reserved.
THIS IS PRELIMINARY DOCUMENTATION. The information contained in this
document represents the current view of Microsoft Corporation on the issues
discussed as of the date of publication. Because Microsoft must respond to
changing market conditions, it should not be interpreted to be a commitment on the
part of Microsoft, and Microsoft cannot guarantee the accuracy of any information
presented after the date of publication.
This document is for informational purposes only. MICROSOFT MAKES NO
WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT.
Microsoft, Active Directory, Windows, Windows NT and the Windows logo are
registered trademarks of Microsoft Corporation.
Other product or company names mentioned herein may be the trademarks of their
respective owners.
Microsoft Corporation • One Microsoft Way • Redmond, WA 98052-6399 • USA
0200
CONTENTS
INTRODUCTION .......................................................................... 1
Services for UNIX Scenario Requirements
2
Scenario Tasks
2
SPECIAL CONSIDERATIONS WHEN INSTALLING WINDOWS 2000
PROFESSIONAL IN UNIX ENVIRONMENTS ............................... 3
INSTALLATION OF SERVICES FOR UNIX .................................. 6
CONFIGURING FILE SHARING ................................................... 8
Overview
8
Using Client for NFS
8
Configuring Client for NFS
8
Advanced Options
9
USING FRONT PAGE SERVER EXTENSIONS ON UNIX-BASED
SERVERS ................................................................................... 11
CONFIGURING PRINTERS ........................................................ 12
Overview
12
Using Print Services for UNIX
12
Advanced Options
13
CONFIGURING TELNET AND FTP CLIENT SERVICES ............. 15
Overview
15
Installing and Using Telnet Client
15
Installing and Using FTP Client
17
CONFIGURING INTERNET EXPLORER TO USE UNIX-BASED
PROXY SERVERS ...................................................................... 21
Overview
21
Advanced Options
21
SUMMARY ................................................................................. 22
For More Information
22
INTRODUCTION
To understand the features in Windows Services for UNIX, consider the Web
experience of Litware, a fictional small-to-medium-sized company. What started
three years ago as a few static Web pages managed by a part-time webmaster on a
single UNIX machine turned into a large, dynamic site with a full-time UNIX
administrator, a staging Web server, a “live” Web server, and a UNIX-based proxy
server for secured Internet access for the Web developers.
Litware’s founder and president Kathryn Wilson has mandated that Litware’s
Internet site become a central focus for all of Litware’s departments. All of
Litware’s departments are responsible for developing and posting their content
to the Internet staging site. In addition, all of Litware’s 500 users must have
Internet access through the UNIX-based proxy server.
As a member of Litware’s three-person IS Department, you need to:

Connect all of Litware’s users to the UNIX-based systems for content
development and management through NFS file sharing and telnet terminal
access.
 Give Litware’s users access to the high capacity printer that is connected to the
staging server.
 Configure desktops for Internet access through the UNIX-based proxy server.
 Find a way to simplify content development on the UNIX platform for their end
users.
These tasks pose a challenge for Litware because the IS Department has no UNIX
experience. The full-time UNIX administrator has no Windows experience, and is
so busy with the Internet site to help them with integrating the internal network with
the UNIX systems. Somehow you have to bridge the Windows-UNIX divide with no
in-house, cross-platform expertise.
Fortunately, Microsoft provides tools to help bridge this divide. Microsoft is
committed to UNIX interoperability and has provided a number of tools to allow
administrators of Windows-based networks to operate with UNIX systems without
having to know UNIX. As we examine how Litware solves these common problems,
we will see how you can use some of the tools that Microsoft provides to solve your
own real-world problem in integrating with UNIX.
This scenario guide is not a comprehensive resource on UNIX interoperability tools
from Microsoft; there are many more tools not covered by this guide. In addition,
this is not a guide to learning UNIX; there are many excellent resources on learning
UNIX, especially from O’Reilly and Associates (http://www.ora.com).
Microsoft Windows 2000 Professional in a UNIX Environment
1
Services for UNIX Scenario Requirements
This guide builds on existing Windows 2000 deployment materials. For detailed
information on deploying Windows 2000 Professional please refer to the
Deployment Planning Guide at
http://www.microsoft.com/windows2000/library/resources/reskit/dpg/default.asp
Before installing Windows 2000, read the first section “Special Considerations
When Installing Windows 2000 Professional in UNIX Environments.”
Scenario Tasks
In this guide you will perform the following tasks.
Setup and Management Tasks







2
Microsoft Windows 2000 Professional in a UNIX Environment
Special Considerations When Installing
Windows 2000 Professional in UNIX
Environments
Installation of Services for UNIX
Configuring File Sharing
Using FrontPage Server Extensions on
UNIX-based Servers
Configuring Printers
Configuring Telnet and FTP Client
Services
Configuring Internet Explorer to use
UNIX-based Proxy Servers
SPECIAL
CONSIDERATIONS
WHEN INSTALLING
WINDOWS 2000
PROFESSIONAL IN UNIX
ENVIRONMENTS
Litware’s installation of Windows 2000 will differ only slightly from other installations.
When installing Windows 2000 in a UNIX environment you will need to be sure that
you install the correct network protocol and services when installing Windows 2000
Professional. See below for required and optional network components:
Required Components
Component
Purpose
TCP/IP Protocol
Needed to provide network connectivity to
UNIX hosts
Optional Components
Component
Purpose
SNMP Service
Used for Network Management Platforms
(HP OpenView, Tivoli)
Simple TCP/IP Services
Provides basic TCP/IP services such as
Echo, Quote of the Day, Discard, Daytime,
and Character Generator
Print Services for UNIX
Allows connectivity to UNIX controlled
Printers (LPR)
These components can be installed during Windows installation, or after installation.
These components can also be specified for automatic installing. See the Windows
2000 Professional documentation on Automated Installs.
To Install TCP/IP after installation:
1.
Log on as an Administrator. If you log on using an account that does not have
administrative privileges, you may not be able to install the components.
2.
Click Start, point to Settings, point to Network and Dial up Connections, and
click the LAN connection.
3.
On the Status dialog, click Properties to see the network properties.
4.
Click Install.
5.
Click Protocol and choose Add.
6.
From the list of available protocols, select Internet Protocol and click OK as
shown below.
Microsoft Windows 2000 Professional in a UNIX Environment
3
7.
If you need to change the default TCP/IP properties, select Internet Protocol in
the list of components and click Properties.
8.
When you have finished, click OK to close the network properties dialog. You
may be prompted to restart your computer. TCP/IP is now installed.
To install additional network services after installation:
4
1.
Locate My Network Places on the Desktop. Right-click and choose
Properties.
2.
From the Advanced menu, click Optional Network Components.
3.
You will see a list of Categories like this:
Microsoft Windows 2000 Professional in a UNIX Environment
4.
To install SNMP, click Management and Monitoring Tools.
5.
To install Simple TCP/IP Services, click Networking Services, click Details,
select Simple TCP/IP Services and click OK.
6.
To install Print Services for UNIX, choose Other Network File and Print
Services.
7.
After selecting the components, click Next.
8.
Locate the Windows 2000 Professional installation when prompted and click
OK. The additional services are now installed.
Microsoft Windows 2000 Professional in a UNIX Environment
5
INSTALLATION OF
SERVICES FOR UNIX
6
This procedure covers the basic installation of Services for UNIX.
1.
Obtain Services for UNIX 2.0 from your reseller.
2.
Insert the CD into the CD ROM Drive.
3.
If the Setup program does not invoke automatically, click Start, click Run, click
Browse and find the CD-ROM drive. Locate SETUP and click it. Choose OK,
then Choose OK again. When SETUP is invoked, the Services for UNIX
Wizard appears as shown below.
4.
On the next screen, enter your name, your company name, and the unlock
code (found on the yellow sticker on your CD-ROM jewel case) and click Next.
5.
Read the End-User License agreement thoroughly. When you are finished,
click “I accept the terms of the license agreement” if you accept and click Next.
6.
On the next screen, click Install Now, to install the typical features. This is
appropriate for most installations. For more control over the features that are
installed, click Customize. For more information on custom installations, see
the Services for UNIX documentation. Click Next. Services for UNIX will install.
After installation is complete, you should see the following:
Microsoft Windows 2000 Professional in a UNIX Environment
7.
At this point, you have successfully installed Services for UNIX. See the
Release Notes for any last minute information on Services for UNIX.
Microsoft Windows 2000 Professional in a UNIX Environment
7
CONFIGURING FILE
SHARING
Overview
While developing content for the Internet site, your users will sometimes want to
connect to UNIX volumes using a familiar drag-and-drop interface. Historically, the
division between the UNIX and Windows space has also made file sharing one of
the most difficult requirements to address. In the UNIX space, Network File System
(NFS) is the most common (though not the only) means by which data is shared on
UNIX networks. In the Windows space, Server Message Block (SMB) is the most
common means to access Windows-based resources.
In connecting Windows and UNIX systems for file access, you have two choices:
1. Make UNIX servers expose their resources to SMB-based clients.
2. Make SMB-based clients able to access NFS-based resources.
In practice, this has required either modifying UNIX servers to support non-NFS
clients or using third-party software for accessing NFS resources.
Your UNIX administrator does not have the time, or the inclination to load SMB on
the staging server: It introduces greater complexity and security concerns to the
server. To meet the requirement, you will have to make your Windows clients work
with the UNIX server, not vice-versa.
Services for UNIX has a full NFS client available that integrates with Windows
Explorer. Using Services for UNIX, Windows 2000 Professional users can access
NFS resources just like they access Windows and Novell resources. In addition,
users can map drive letters to NFS volumes and access NFS resources through My
Network Places.
Using Client for NFS
Once you have installed Services for UNIX, the NFS client is automatically enabled.
Users can connect through the Windows Explorer.
To connect using Windows Explorer:
1.
Open Windows Explorer.
2.
On the Tools menu, click Map Network Drive.
3.
In the Drive list, click the drive letter to use.
4.
To locate the NFS share, click Browse, or type the path to the share. You can
specify the path using standard NFS syntax (server_name:/pathname) or
standard UNC syntax (\\server_name\pathname).
5.
If the users’ UNIX username and/or password are different from Windows click
Connect Using a Different User Name, type the user name and password, and
then click OK.
Configuring Client for NFS
Once Services for UNIX are installed, Client for NFS is installed and configured
using the default options. For most basic installations, the default options should be
8
Microsoft Windows 2000 Professional in a UNIX Environment
sufficient. However, if you need to make changes to the configuration, you can use
the Microsoft Management Console (MMC) locally or from a management
workstation to make configuration changes. To use MMC to configure Client for
NFS:
1.
Click Start, point to Programs, point to Windows Services for UNIX, and then
click Services for UNIX Administration.
2.
The MMC will open, showing you this:
3.
Through this interface, you can configure the options for Client for NFS. For
information on the specific parameters that can be configured, see the Client for
NFS help.
Advanced Options
In addition to simple NFS connectivity, Services for UNIX provides options for
enhanced interoperability with complex NFS/NIS environments. Though beyond the
scope of this document, some options you may want to be aware of are:





Server for NFS. Allows UNIX clients to connect to Windows-based resources
using their NFS client software.
Gateway for NFS. Allows non-NFS Windows clients to access NFS resources
by connecting an NFS-enabled Windows Server to NFS resources, and then
sharing those resources as standard Windows shares.
Server for PCNFS. Allows UNIX-style User IDs (UID) and Group IDs (GID) to
be generated for Windows accounts.
Password Synchronization. Allows your users’ Windows and UNIX
passwords to be synchronized. Users can change their password on UNIX
and/or Windows and have their changes propagate to the other platform. For
more information, read “Password Synchronization” in the Services for UNIX
help.
Server for NIS. Allows Windows 2000 domain controllers to manage and
Microsoft Windows 2000 Professional in a UNIX Environment
9
administer NIS Networks. Can be used to provide a single-coherent logon/login
policy and structure to mixed UNIX-Windows 2000 networks.
10
Microsoft Windows 2000 Professional in a UNIX Environment
USING FRONT PAGE
SERVER EXTENSIONS
ON UNIX-BASED
SERVERS
Although Litware has some very advanced HTML developers, not everyone is an
expert. Although editing raw HTML in Notepad or the Visual InterDev® Web
development system may suit experts, it poses a barrier to users in other nontechnical departments. For those familiar with Microsoft Office products such as
Word, but have no real HTML experience, the Microsoft FrontPage® Web
development system is an excellent program with a user friendly interface much like
other Microsoft Office products.
To maximize the features of FrontPage, you must load FrontPage Server
Extensions on your HTTP server. Note that FrontPage Server Extensions supports
many platforms, not just IIS on Windows 2000. For a complete list of supported
UNIX platforms, check
http://officeupdate.microsoft.com/frontpage/wpp/serk/inunix.htm. To install
FrontPage Server Extensions on the UNIX HTTP server, provide the link above to
your UNIX administrator. It contains information on download, installation, and
configuration of the software on the UNIX platform.
Once FrontPage Server Extensions are installed on the UNIX server, you can use
the Windows-based FrontPage interface to administer users and access; your UNIX
administrator’s involvement is basically complete.
FrontPage Server Extensions provide a powerful user friendly front-end for
developing Web sites on the UNIX platform. They extend the ease of use of
Windows to the UNIX platform, and allow you to leverage your existing
infrastructure and end-user skill set.
Microsoft Windows 2000 Professional in a UNIX Environment
11
CONFIGURING
PRINTERS
Overview
To connect users to the high-speed printer controlled by the UNIX staging server,
you need to make your Windows 2000 Professional clients work with the UNIX print
server. Along with file sharing, printer sharing is a basic function of network
servers. Configuring your Windows 2000 Professional clients to access printers
controlled by a UNIX server’s Line Printer Daemon (LPD) is a fairly simple process
that requires no changes on the UNIX server, and no more changes on the client
workstation than you would make for connecting to Windows-based or Novell-based
printers. Note that you can connect to UNIX printers without Services for UNIX; the
component that provides this functionality is included in the Print Services for UNIX,
which is part of Windows 2000 Professional itself. See Special Considerations
When Installing Windows 2000 Professional in UNIX Environments above for details
on installing this component.
Using Print Services for UNIX
12
1.
Log on as an Administrator. If you log on using an account that does not have
administrative privileges, you may not be able to install and configure the
components.
2.
Confirm that the printer driver and Print Services for UNIX are installed. See the
Windows 2000 documentation for information on installing a printer driver. See
Special Considerations When Installing Windows 2000 Professional in UNIX
Environments above for information on installing Print Services for UNIX.
3.
Click Start, point to Settings, point to Printers, point to Add Printer, and then
click Next.
4.
Click Local printer, clear the Automatically detect my printer check box, and
then click Next.
5.
Click Create a new port, and then select LPR Port from under the Create a
New Port Type as shown below.
Microsoft Windows 2000 Professional in a UNIX Environment
6.
Click Next, and then provide the following information:
7.
In Name or address of server providing LPD, type the Domain Name System
(DNS) name or Internet Protocol (IP) address of the host for the printer you are
adding. This is information that you will get from your UNIX Administrator.
8.
In Name of printer or print queue on that server, type the name of the printer
as it is identified by the host, which is either the direct-connect printer itself or
the UNIX computer. This is information that you will get from your UNIX
Administrator
9.
Follow the instructions on the screen to finish installing the TCP/IP printer.
10. You have successfully installed a UNIX-based printer on your system.
Advanced Options
Printing to UNIX servers using LPR is a fairly simple process, and there is no
configuration beyond those during installation that need to be configured.
For environments where you want to have UNIX clients connect to Windows 2000
Server printers, you can use the Print Services for UNIX to expose your servers to
UNIX clients using LPR. For more information, please see the Windows 2000
Server documentation. Note that not all versions of UNIX support LPR. Be sure to
confirm that LPR is available with your version of UNIX. See you UNIX vendor’s
documentation for details.
Note, that unlike File and Print Services for NetWare, there is no ability for Windows
Microsoft Windows 2000 Professional in a UNIX Environment
13
2000 Server to connect to UNIX printers and then share them as Windows-based
printers. If you want Windows 2000 Professional-based workstations to print to
UNIX-controlled printers, you must install Print Services for UNIX on the local
workstation.
In addition, note the LPR standard for UNIX printing lacks many of the features that
Windows end users have come to expect (fine degree of job control, tray status and
so on). For these two reasons, in environments with printers controlled by UNIX
servers, consider moving them to Windows 2000-based servers, using Print
Services for UNIX to connect your UNIX clients to the printer. This lets your
Windows 2000 users and UNIX users access printers in a familiar way, while
allowing you to install the software only on servers. However, you should confer
with your UNIX Administrator to discuss the issues involved with an infrastructure
change of this nature.
14
Microsoft Windows 2000 Professional in a UNIX Environment
CONFIGURING TELNET
AND FTP CLIENT
SERVICES
Overview
While file and print sharing are requirements common to most network operating
systems, UNIX installations often have the additional requirement of terminal
access for workstations. In this way, UNIX environments bear more similarity to
mainframe (S/390, AS/400) and other legacy systems (VAX/VMS). In addition, in
some environments where NFS is not in use, users must use File Transfer Protocol
(FTP) to access files on the file system of their UNIX server.
Windows 2000 Professional provides both FTP and telnet clients. Services for
UNIX provides a telnet client that contains more features than the Windows 2000
telnet client.
Installing and Using Telnet Client
The Windows 2000 Professional telnet client is automatically installed in the
%WINDIR%\SYSTEM32 (Usually C:\WINNT\SYSTEM32) directory.
If you install Services for UNIX, it will install the telnet client as part of the “Typical”
install and places it in %SFUDIR% (Usually C:\SFU) and retains the Windows 2000
telnet client in %WINDIR%\SYSTEM32.
If you do not need any of the other UNIX services on Services for UNIX (most
notably, the NFS client and the Windows NT® Telnet Server), then the Windows
2000 Professional telnet client is probably adequate for your needs. The Services
for UNIX telnet client has been optimized for use in conjunction with the Windows
NT® Telnet server, most notably allowing it to use NTLM authentication rather than
clear text.
To use the Windows 2000 Professional telnet client, perform the following steps:
1.
Click Start, click Run.
2.
In the Open text-box, type telnet and click OK, as shown here:
Microsoft Windows 2000 Professional in a UNIX Environment
15
3.
The telnet client will now be displayed in a command-prompt style window, like
this:
4.
You are now ready to connect to the remote telnet server.
To use the Services for UNIX telnet client, perform the following steps:
1.
16
Click Start, point to Programs, point to Windows Services for UNIX, and click
the Telnet Client as shown here:
Microsoft Windows 2000 Professional in a UNIX Environment
The telnet client will now be displayed in a command-prompt style window as shown
previously. You are now ready to connect to the remote telnet server.
There are some configuration options available for the telnet client, but the default
configuration should serve most installations. For information on the configurable
options, type “set ?” at the telnet prompt.
Note that there are some security concerns with telnet, because it sends user
credentials in clear text, which is vulnerable to packet capture. If you are using
telnet with Windows 2000 systems only, it is recommended that you use the NTLM
option, which prevents the transmission of user credentials in clear text. If you are
using telnet with UNIX systems, confer with the UNIX administrator as they may be
using a product called SSH (Secure SHell) rather than Telnet. SSH clients are
available for Windows-based systems from third-party vendors.
Warning: Under no circumstances should you use unencrypted telnet on the public
Internet. This represents a significant security risk. If you need telnet access
across the Internet, use a VPN solution, such as L2TP, to secure the connection
across the public network.
Installing and Using FTP Client
FTP has become an integral part of the Internet, along with HTTP. Microsoft has
worked to make FTP access more transparent to users than ever before with
Windows 2000 Professional. Windows 2000 Professional automatically installs a
command line FTP client. More importantly, FTP (as well as HTTP) are integrated
into the Windows Explorer My Network Places to allow users to access FTP
resources as they would access Windows, NetWare, and NFS (when using
Microsoft Windows 2000 Professional in a UNIX Environment
17
Services for UNIX) file shares. Finally, FTP support is included in Internet Explorer
5.0, allowing users to “browse” FTP resources.
To add an FTP server to My Network Places:
18
1.
Double-Click My Network Places on the desktop.
2.
Double-Click Add Network Place.
3.
In the Add Network Place Wizard type the URL for the FTP site as shown
below and click Next:
4.
If you are going to access the FTP site as an anonymous user, leave the Log
on Anonymously box checked. Otherwise, uncheck it, and enter your
username as shown below. Click Next.
Microsoft Windows 2000 Professional in a UNIX Environment
5.
Complete the Wizard by entering a friendly, meaningful name in the Enter a
name for this Network Place text box, and click OK.
6.
After you have completed adding the FTP site as a network place, it is present
in the My Network Places pane of Windows Explorer. To connect to the FTP
site, simply click the shortcut and the contents of the FTP site will be shown, as
below:
Microsoft Windows 2000 Professional in a UNIX Environment
19
To connect to an FTP server using the command-line FTP client:
1.
Click Start, then click Run.
2.
In the Open text-box, type FTP and click OK. The FTP client is displayed in a
command-prompt style window.
3.
You are now ready to connect to the remote FTP server.
To connect to an FTP server using Internet Explorer
20
1.
Double-click Internet Explorer on the desktop
2.
Click on the File Menu, choose Open and enter the URL in the Open text-box
as shown below, and click OK. Internet Explorer will now open the FTP site,
with you logged in as “Anonymous”
Microsoft Windows 2000 Professional in a UNIX Environment
CONFIGURING
INTERNET EXPLORER
TO USE UNIX-BASED
PROXY SERVERS
Overview
In moving Litware to the Web, providing desktop connectivity to everyone through
the UNIX-based proxy server is as important as giving access to the staging server.
As part of deploying Windows 2000 Professional, you can use Internet Explorer 5.0
for Internet browsing access. From an administrative standpoint, perhaps the best
feature of Internet Explorer 5.0 is the new “Automatically Detect Proxy Settings”
feature. For networks with a single proxy server, like Litware, this feature allows the
browser to detect and self-configure the proxy settings.
To manually configure Internet Explorer to automatically configure proxy settings:
1.
Double-click the Internet Explorer icon on the desktop.
2.
Click the Tools menu and choose Internet Options.
3.
Click the Connections tab and click the Lan Settings button under Local Area
Network Settings.
4.
Under Automatic Configuration check the Automatically detect settings
option and check Use a proxy server option.
5.
Internet Explorer is now ready to self-configure for your proxy settings.
Advanced Options
Odds are that you will want to automate this process. Using the Internet Explorer
Administration Kit (IEAK), you can customize Internet Explorer to meet your specific
needs. The IEAK is a powerful tool that allows you to configure and control user
settings such as proxy settings, channel settings, home page, custom links and
more. For information on obtaining and using the IEAK, please see
http://www.microsoft.com/windows/ieak/en/default.asp.
Microsoft Windows 2000 Professional in a UNIX Environment
21
SUMMARY
This document shows how to accomplish some of the most basic tasks in
integrating Windows 2000 Professional in a UNIX environment. Services for UNIX
has many more advanced features that allow you to achieve a greater degree of
interoperability and integration. For networks that use services such as NIS or have
multiple UNIX servers, advanced options allow for password synchronization,
integration with NIS, and Single Sign-on by using the Active Directory™ service.
For information on those topics, see the Services for UNIX help file.
Windows 2000 Professional is an ideal platform for networks with UNIX servers,
providing personal productivity applications with nearly seamless integration with
UNIX services. Windows 2000 presents UNIX services such as FTP, NFS, and
LPR with the standard Windows user interface, which requires no retraining for
users already familiar with Windows. And end users do not need to know cryptic
UNIX commands to use UNIX resources; Windows presents these resources in a
format and context already familiar to most users by doing the work behind the
scenes.
For More Information
For the latest information on Windows 2000 Professional, visit the Web site at
http://www.microsoft.com/windows2000.
For the latest information on the Windows Services for UNIX, visit the Web site at
http://www.microsoft.com/windows/sfu.
For in-depth information about Windows Services for UNIX, see the Services for
UNIX help file installed as Help for Services for UNIX in the Windows Services
for UNIX program group, located in %SFUDIR%\help\svcsunix.chm.
22
Microsoft Windows 2000 Professional in a UNIX Environment