Configuring NetWare 4 for the Mobile User
Articles and Tips: article
Novell Consulting Services (Europe)
01 Jul 1994
This Application Note discusses the issues involved in configuring NetWare 4 for use by mobile users, including those users based on a fixed PC, users of portable computers, and remote users attaching via NetWare Connect. It lists pertinent NET.CFG parameters and login script identifiers and gives examples of how they can be used to facilitate network usage by mobile users.
Many organizations have installed networks as information utilities. These networks link desktop computers in all departments and locations with shared resources and databases. Users need to be able to access these resources regardless of their location.
Building such an environment presents the organization's network administrators with several challenges. Novell now provides very powerful functionality in NetWare Directory Services with which to construct a consistent set of facilities for this class of users.
This Application Note will cover the issues involved in the configuration of NetWare 4 for use by mobile users. It will detail the types of mobile users, considerations involved, and features available for this purpose in NetWare 4.01 and above.
Definition of a Mobile User
For the purpose of this AppNote, a mobile user is any LAN user who does not always work in the same location or at the same PC. They may move from one desk to another, from one building to another, or from one office to another in the course of their work. The connection between the mobile user's PC and his or her principal office LAN may be via a local cabling topology such as Ethernet or Token Ring, an asynchronous connection, or, in the case of larger organizations, across a wide area network (WAN).
This AppNote will not cover the other type of user often described as "mobile." This user is one who accesses the office LAN via the use of remote control dial-in solutions. Remote Node access, via NetWare Connect, will be discussed since the method of connection is so similar to that used when connecting to a LAN.
The term static user will be used as the antonym of "mobile user" to describe a user who always works at the same PC in the same location.
Mobile User Types
The following types of mobile user will be considered:
Notebook or Laptop PC with docking station
Notebook or Laptop PC with LAN adapter
NetWare Connect Remote Node
Hybrid mobile user
Fixed PC. A mobile user of a "fixed PC" is a user who does not carry his or her own portable computer but instead makes use of machines permanently located at the offices of their company or organization.
In this instance, the user logs in from a machine which has been made available for his or her use. Examples of this type of user might include university students, airline check-in staff, or computer auditors.
Notebook or Laptop PC with Docking Station. A user who carries a portable computer which may be used separately from, or in conjunction with, the LAN.
When a connection to the LAN is required, this will be provided by the use of an optional docking station into which the portable computer is inserted. Once docked, the portable computer behaves exactly as if it were a standard static PC. The docking station is usually equipped with a full-sized keyboard and color monitor and is configured with a network interface card.
Notebook/Laptop with LAN Adapter. A user who makes use of a portable computer which also has an adapter to enable connection to the LAN.
Parallel port adapters are well known for providing an easy-to-use facility to allow mobile users to connect to an Ethernet or Token Ring LAN via BNC or RJ45 connections. Recent PCMCIA developments now provide an Ethernet or Token Ring card on a credit-card-sized adapter which enables direct connection to the LAN. The PCMCIA solution has the advantage of not requiring the use of the PC's parallel port and is therefore capable of operating at native LAN speeds.
NetWare Connect Remote Node. A user who accesses the LAN via an internal or external modem which enables dialling into a NetWare server running Novell's NetWare Connect software.
NetWare Connect consists of a set of NLMs which provide asynchronous connectivity for users of the LAN who may wish to access a modem pool for dial-out or dial-in use. When connected via NetWare Connect the user is considered to be a Remote Node to the LAN and performs all network access via the modem and asynchronous connection. The Remote Node software consists of an ODI driver for the asynchronous port and a dial configuration utility which replace the usual network interface card (NIC) driver on the user's PC.
This type of Remote Node access can be contrasted with remote control solutions which do not perform network access via the modem. These instead take control of a PC or PC-card on the LAN and pass only keystrokes and screen images across the asynchronous connection. Remote Node access provides more transparent connection to the LAN using drivers as described above.
Hybrid Mobile User. A user who uses more than one of the above types of system to provide added flexibility.
For example, a mobile user may make use of a notebook computer which is: (a) connected to a docking station when the user is in his/her usual office; (b) connected to the LAN via a parallel port adapter when visiting another office; and (c) connected via NetWare Connect in offices where direct links to the LAN are not available. Configurations for these types of users will vary greatly but may be based upon the information provided for each of the preceding user types.
The following list outlines the main considerations which need to be taken into account when configuring access to the LAN for mobile users:
Access to Applications
Access to Application Data
Access to the Home Directory
Access to Printers
Access to Applications
This involves providing access to a set of business applications which the mobile user requires when performing his/her work. Applications may include word processing, database and spreadsheet as well as custom in-house or third-party software. NetWare 4.x provides mechanisms to establish access to the business applications required by the mobile user.
Access to Application Data
This involves being able to provide access to the data used by the business applications mentioned above. The data may be located on the same server or on a different server to the applications themselves. NetWare 4.x provides mechanisms by which the mobile user is able to locate the data which is used by their business applications.
Access to the Home Directory
As well as shared application data, a mobile user will normally also have access to a home directory. This may contain configuration files for applications as well as data which is specific to a particular user. An identifier, which may be used in a NetWare 4.x login script, is able to locate the home directory for a mobile user to allow it to be mapped to a known drive letter.
Access to Printers
Mobile users differ from static users in their use of printers. They require a means of identifying the capabilities of a given printer and its location in relation to where the user is working. NetWare 4.x allows the characteristics of a printer, such as its manufacturer, model and features be coded into the Printer object name or entered as attributes for the Printer object.
The login process by which a user identifies himself/herself to NetWare Directory Services (NDS) requires that a user provides a login name. If the user is in the correct context then he/she will only need to specify the Common Name of the user in order to log in to NDS. NetWare 4.x provides facilities for setting the default name context for each PC. Utilities are also available to locate the user without having to know the full context for that user.
A LAN administrator configuring NetWare 4.x for access by mobile users will need to examine these areas in order to ensure access to the LAN for the mobile user:
Login Script Identifiers
This file, or a file which is similarly named, will be used to load the network components for the mobile user. It is via this file that the mobile user might be presented with a choice asking whether they are directly connected to the LAN. Alternatively, differently-named network startup files might be run from the AUTOEXEC.BAT or STARTNET.BAT, depending on the mobile user's location.
Notebook manufacturers such as IBM, Compaq and Toshiba now provide utilities in their CompuServe support forums which can detect whether or not the notebook computer is located inside its docking station. These utilities return a DOS ERRORLEVEL or set an environment variable to indicate the status.
A simple example for checking whether a Compaq LTE Lite Notebook computer is in its docking station and loading the appropriate drivers might be:
@ECHO OFF REM EX_BOX is the Compaq utility SET DOCKED=Yes EX_BOX IF ERRORLEVEL 1 SET DOCKED=NO CD\NWCLIENT REM Load Link Support Layer LSL REM Load NE2000 driver IF %DOCKED%==Yes NE2000 REM Load NetWare Connect Remote Node drivers IF %DOCKED%==NO NRN IF %DOCKED%==NO DIALCON REM Load IPX IPXODI REM Load VLM VLM
The NET.CFG file is normally located in the C:\NWCLIENT directory for a machine with a local hard disk drive and is used to configure the ODI workstation components and DOS requester. NET.CFG might contain one or more of the options mentioned below to assist in configuring the environment prior to login for the mobile user. A sample NET.CFG can be seen towards the end of this AppNote.
The most important factors here are ensuring that the ODI driver for the card being used is configured correctly and that the NAME CONTEXT setting is appropriate to the PC and its location. The name context setting on a given PC will not always be the same context as that of the mobile user who is logging in. In this case, it may be necessary to run a utility to locate the user's correct context. See below for information on locating the user's context.
ODI Components. Correct choice of options for the LAN adapter being used is necessary to allow the mobile user to connect to the network. In the case of the Fixed PC, the NIC type and jumper settings will always be known. However, for users with external LAN adapters it is particularly important to know which NET.CFG options should be used in which circumstance.
For mobile users who have access to docking stations in several locations, it is suggested that each docking station be configured identically to reduce the management overhead associated with managing several differently configured NET.CFG files. Additionally, hybrid mobile users may have entries for multiple adapters if their PCs are configured to allow LAN access in a number of different ways. For ease of management, it is recommended that a single NET.CFG file be used for this purpose, as can be seen in the examples.
NAME CONTEXT. The NAME CONTEXT option is placed in the NET.CFG of the mobile user's PC to specify a default context setting to be created when the VLM components load. The context is necessary in determining whether a user will have to enter their full name or just their own user name when they login. For example,
NETWARE DOS REQUESTER NAME CONTEXT="OU=NCSE.O=NOVELL"
will allow a user named CN=MJWILLIA.OU=NCSE.O=NOVELL to login using the command:
If the name context was not specified, the user would have to enter their full name, which is considerably less user-friendly.
PREFERRED SERVER. The PREFERRED SERVER option is used in NET.CFG to indicate which server should be attached to before login takes place.
For the mobile user accessing the LAN via a fixed PC, it may be useful to specify a preferred server. However, it is suggested that PREFERRED SERVER should not be used in the NET.CFG of any mobile user accessing the LAN via a portable computer equipped with a LAN adapter. The user might then connect to a server which is not local to him/her, with the result that applications are loaded from a server across the WAN.
PREFERRED TREE. Some organizations may choose to have more than one NDS tree, perhaps in order to make a distinction between a live and test environment. If multiple NDS trees do exist, it is suggested that the PREFERRED TREE option be used to ensure that a connection to the correct NDS tree is made.
User-Friendly Login. As mentioned above, the mobile user's context may not match the NAME CONTEXT setting in the NET.CFG for the PC that they are using. This necessitates changing to the context where the mobile user's object name can be found or logging-in with the full name of the user.
Login Script Identifiers
This section outlines several Login Script Identifiers which may be useful to the LAN administrator. These may be placed in the User, Profile, or Container Login Scripts.
%HOME DIRECTORY. In NetWare 3.x, it is necessary to create a mapping to a home directory which contains an absolute reference to a physical volume and directory. A mapping to a home directory performed as part of a login script was previously represented as, for example:
NetWare 4.x now provides a means to interrogate NDS to retrieve attributes which are stored with the user object. The login script identifier %HOME DIRECTORY (with no underscore between the two words) will provide the full volume and path where the home directory can be found.
To locate the home directory from within a container, profile, or user login script, use the command:
MAP H:=%HOME DIRECTORY
Note: The version of LOGIN.EXE which originally shipped with NetWare 4.01 gives only the volume component of the home directory location. Later versions of LOGIN.EXE (version 4.06 and above) now provide the full information mentioned above. Registered users of NetWare 4.01 will have been sent the NetWare 4 Update CD (Volume 1, Number 1) which contains LOGIN.EXE version 4.08.
%FILE_SERVER. This login script identifier indicates the file server to which the user first attached, usually the 'nearest' server or the server specified in the PREFERRED SERVER statement in the user's NET.CFG. For example, to locate the nearest directory for NetWare utilities, the following line might be used in a login script:
If file servers have been configured to provide the same applications on every server, then this same technique may be used to locate the "nearest" applications. For example:
Other methods for locating applications are discussed in the section below relating to NDS.
%P_STATION. The P_STATION login script identifier returns the physical station address, taken from the mobile user's NIC.
One possible use for the P_STATION identifier might be as a means of identifying the nearest physical printer or queue. A major disadvantage, however, is that the node address of every mobile user workstation and corresponding printer selections would have to be specified in a login script. Another, better approach to consider might be using the %NETWORK identifier.
%NETWORK. The %NETWORK identifier returns the network number of the cable segment to which a workstation is attached. It might be used in a similar manner to the %P_STATION identifier as a method for determining the nearest physical printer, as in this example:
IF "%NETWORK"="EDC10005" #CAPTURE Q=Laser_1st
%REQUESTER_CONTEXT. An identifier which returns the context at the time the VLM components were first loaded.
%LOGIN_CONTEXT. An identifier which returns the context at the time the LOGIN program is executed.
The two above-mentioned context identifiers can be used to determine a user's location in the tree if it is not already known as a result of setting the NAME CONTEXT in NET.CFG.
Locale. A further way of determining the location for a given user is by the %L (Locale) Identifier. Note that this is determined by reading NDS and does not change as the user moves from one location to another. It might therefore be useful as a test to determine whether the user is logged in at his/her main office or is at another location.
Use of Environment Variables in Login Scripts. Where the location of a Fixed PC seldom changes, it is possible to SET a DOS environment variable in the PC's AUTOEXEC.BAT to indicate the physical position of that PC so that decisions may be made based on this information:
IF "%<PCPOSITION<"="INTERNATIONAL" THEN BEGIN< MAP S2:=SYS:APPS\INTCHECKIN ELSE MAP S2:=SYS:APPS\DOMCHECKIN END IF
Or, using Directory Maps:
IF "%<PCPOSITION<"="INTERNATIONAL" THEN BEGIN< MAP S2:=INTAPPS ELSE MAP S2:=DOMAPPS END IF
This example, taken from a configuration used at a European airline terminal, will read the value of the environment variable and map a drive to the correct set of check-in applications for international or domestic flights.
The network address or physical station address identifiers, as mentioned above, might also be used for a similar purpose. The environment variable has the advantage that it will not alter if the network interface card or LAN numbering is changed.
Other Issues. Two other issues to consider for users who are logging in away from a main office environment are the choice of language in which the utilities appear and the time zone in which the mobile user will be working. The current language is decided through the use of the NWLANGUAGE environment variable while the time zone is set in the environment as TZ. Both might be set as part of the AUTOEXEC.BAT or in a user or container login script. It may be of use to include the following lines in the login script to provide verification that these have been set correctly:
WRITE "Your current language is : %<NWLANGUAGE<"< WRITE "Your time zone is : %<TZ<"<
This section examines how the NDS Directory Map object may be used and briefly discusses the use of partition replicas.
Directory Map Object. The NDS Directory Map object provides a means to set up a logical name for an area containing data or applications. The object, which is managed via NETADMIN or NWADMIN, provides the LAN administrator and users with a means to map to an object by name, without having to know its physical location.
Typically, the Directory Map object would be used in a login script, as follows :
where the WordPerfect and Quattro Pro objects have previously been defined by the administrator to reference the locations of the applications being used. If the applications or data are moved to another server, it will only be necessary for the administrator to make a single change so that all users are able to see the files in their new location.
Directory Map objects will be of value to a mobile user of any type, particularly if a known set of applications can be found by name in each of the possible contexts where he/she logs in. Organizations which choose to dedicate certain servers to providing applications may also decide to create a container specifically for Directory Maps and other globally accessible resources.
Printer Object. Like the Directory Map, the Printer object offers a means of creating a relationship between a queue (or queues) and a physical printer or printers. This has the advantage that a standard CAPTURE command can be used throughout the organization to find the nearest available printer of a certain type.
Partition Replicas. Some mobile users may frequently log in to a container whose master partition replica is remote. For these users, it may be beneficial to place local read/write replicas of those partitions on a server close to the mobile user. This will have the effect of increasing the speed of the initial login and of any subsequent accesses to NDS.
The following sample configuration summarizes the important configuration details required for mobile users of NetWare 4.x.
The following lines are added to the AUTOEXEC.BAT file:
SET NWLANGUAGE=ENGLISH SET TZ=GMT+0
The MLID, in this case NE2000, may be loaded automatically or, as outlined above, a procedure could be used to determine whether the PC is docked.
@ECHO OFF CD\NWCLIENT LSL NE2000 IPXODI VLM F: ECHO. LOGIN
The following lines are added to the NET.CFG file. Variable settings can be adapted to your particular situation.
Link Driver NE2000 Frame ETHERNET_802.2 Link Driver PEODI Frame ETHERNET_802.2 Link Driver NRN Port 2f8 Int 3 Frame Ethernet_802.2 Baud 9600 Modem Name Hayes compatible Flow Control 0 Dial Number Modem Init String ATM1 Username MJWILLIA Software Compression Enabled NODE ADDRESS AB0000 NETWARE DOS REQUESTER NETWARE PROTOCOL=NDS,BIND USE DEFAULTS=ON LOAD CONN TABLE LOW=ON AUTO RECONNECT=ON BIND RECONNECT=ON FIRST NETWORK DRIVE=F NAME CONTEXT="OU=LAB.O=NOVELL" PREFERRED SERVER="UK-NCSE-1" PREFERRED TREE=LAB SIGNATURE LEVEL=0 CHECKSUM=0
The login script shown below contains examples of the types of commands described earlier:
WRITE "Login script begin" REM REM User Information REM WRITE "Common Name : %CN" WRITE "Full name : %LAST_NAME" WRITE "Login Name : %LOGIN_NAME" WRITE "" REM REM Location Information REM WRITE "File server : %FILE_SERVER" WRITE "Network : %NETWORK" WRITE "Node : %P_STATION" WRITE "Locale : %L" WRITE "" REM REM Context Information REM WRITE "Requester context : %REQUESTER_CONTEXT" WRITE "Login context : %LOGIN_CONTEXT" WRITE "" REM REM *** Access to Applications *** REM REM Map SYS:PUBLIC to nearest server REM MAP S1:=%FILE_SERVER/SYS:PUBLIC REM REM MAP Applications Directories REM WP and DB are Directory Map objects in the user's context REM MAP S2:=WP MAP S3:=DBREM REM *** Access to Application Data *** REM REM MAP Data Directory REM DBDATA is a Directory Map object in the user's context REM MAP G:=DBDATA REM REM *** Access to the Home Directory *** REM REM MAP Home Directory REM MAP H:=%HOME_DIRECTORY DRIVE H: REM REM *** Access to Printers *** REM REM Capture to Print Queues REM REM Capture LPT1 to a local queue depending on user's location REM IF "%NETWORK"="44000C80" #CAPTURE L=1 Q=Building1.NCSE. IF "%NETWORK"="44000C82 #CAPTURE L=1 Q=Building2.NCSE. REM REM Capture LPT2 to a fixed queue at head office in the REM Resources container REM #CAPTURE L=2 Q=Head_Office.Resources.NCSE. WRITE "Login script end" END
Output from the Login Script
Figure 1 shows sample output displayed on the screen for the login script listed above.
Figure 1: Screen output from the sample login script.
Login script begin Common Name : Marcus Full name : Williamson Login Name : Marcus File server : UK-HEATHROW Network : 44000C82 Node : 00001B1D9BFF Locale : Bracknell Requester context : NCSE Login context : NCSE S1: = Z:. [UK-HEATHROW_SYS: \PUBLIC] S2: = Y:. [UK-HEATHROW_SYS:\APPS\WP] S3: = X:. [UK-HEATHROW_SYS: \APPS\DB] Drive G: = UK-HEATHROW_SYS: \APPS\DB Drive H: = UK-HEATHROW_VOL1:\USERS\MARCUS Device LPT1: re-routed to print queue BUILDING2 Device LPT2: re-routed to print queue HEAD_OFFICE.RESOURCES Login script end
NetWare 4.x provides a wide range of features to facilitate access to the LAN for mobile users. Following the examples provided here, it should be possible to configure the LAN to provide user-friendly access to applications, data, and printers for each of the mobile user types described.
For further information concerning NetWare 4.x installation and configuration, the following references may be valuable:
NetWare 4.01 manuals (online or hard copy)
Novell's Guide to NetWare 4.01 Networks(Novell Press)
Novell's Quick Access Guide to NetWare 4.0 Networks (Novell Press)
Novell's Application Notes for NetWare 4.01(Novell Press)
Appendix: Identifiers Available in LOGIN.EXE 4.06 and Above
WRITE "Login script begin" MAP DISPLAY ON WRITE "" WRITE "Access Server : %ACCESS_SERVER" WRITE "Account Balance : %ACCOUNT BALANCE" WRITE "Allow Unlimited Credit : %ALLOW UNLIMITED CREDIT" WRITE "CN (Common Name) : %CN" WRITE "Description : %DESCRIPTION" WRITE "E-Mail Address : %EMAIL ADDRESS" WRITE "Fax : %FACSIMILE_TELEPHONE_NUMBER" WRITE "File Server : %FILE_SERVER" WRITE "Full Name : %FULL_NAME" WRITE "Group Membership : %GROUP MEMBERSHIP" WRITE "Home directory : %HOME DIRECTORY" WRITE "Language : %LANGUAGE" WRITE "L (Locality) : %L" WRITE "Login Context : %LOGIN_CONTEXT" WRITE "Login Name : %LOGIN_NAME" WRITE "Machine : %MACHINE" WRITE "Message Server : %MESSAGE_SERVER" WRITE "Minimum Account Balance : %MINIMUM ACCOUNT BALANCE" WRITE "Network Address : %NETWORK" WRITE "OS : %OS" WRITE "OS Version : %OS_VERSION" WRITE "Password Allow Change : %PASSWORD ALLOW CHANGE" WRITE "Password Expires : %PASSWORD_EXPIRES" WRITE "Password Minimum Length : %PASSWORD MINIMUM LENGTH" WRITE "Password Required : %PASSWORD REQUIRED" WRITE "Password Unique required : %PASSWORD UNIQUE REQUIRED" WRITE "Physical Station : %P_STATION" WRITE "Postal Office Box : %POSTAL 0OFFICE BOX" WRITE "Postal Code : %POSTAL CODE" WRITE "Profile : %PROFILE" WRITE "Requester Context : %REQUESTER_CONTEXT" WRITE "Requester Version : %REQUESTER_VERSION" WRITE "S (State) : %S" WRITE "SA (Street Address) : %SA" WRITE "Security Equals : %SECURITY EQUALS" WRITE "See Also : %SEE ALSO" WRITE "Shell Version : %SHELL_VERSION" WRITE "Station : %STATION" WRITE "Surname : %SURNAME" WRITE "Telephone number : %TELEPHONE NUMBER" WRITE "Title : %TITLE" WRITE "User ID : %USER_ID" WRITE "COMSPEC : %<COMSPEC<"< MAP H:=%HOME_DIRECTORY DRIVE H: WRITE "" WRITE " Login script end"
* Originally published in Novell AppNotes
The origin of this information may be internal or external to Novell. While Novell makes all reasonable efforts to verify this information, Novell does not make explicit or implied claims to its validity.