Understanding the DS Client
Articles and Tips: tip
Novell Consulting Services
01 Apr 1996
We typically think of a "client" as the workstation software that allows users to login and access network services. However, there is another type of client that is used exclusively by NetWare 4.1 servers. It is called the Directory Services Client or DS Client, and it is used to support server-to-server connections in NetWare 4.1. This NetNote explains what the DS Client is and what it does.
Since NetWare Directory Services is distributed and replicated among the servers in the network, one server often needs to access the NDS information stored in another server. NetWare 4.1 servers use built-in DS Client software to attach and authenticate themselves to other NetWare 4.1 servers. Thus, the servers become clients of the other servers in the NDS tree. The DS Client mechanism provides the interconnectivity needed to support all the NDS multiple server operations and processes.
The replica synchronization process is a good example of how the DS Client is used. This process maintains consistency among all the replicas on a partition even though they are stored on different NetWare 4.1 servers. Replica synchronization requires that the source server authenticate to the target server in order to pass along the NDS updates.
The server-to-server authentication process is initiated as a background authentication procedure. NetWare 4.1 servers use the same protocols as the workstation client software Routing Information Protocol (RIP) and Service Advertising Protocol (SAP) to establish connections and authenticate to the other servers. In NDS, the addresses for other NetWare 4.1 servers are stored in each server's replica pointer table. However, when a server needs to find the route to another server, it uses RIP. For this reason, it's very important that you do not filter RIP packets from your NetWare 4.1 network. If RIP is being filtered, NetWare 4.1 servers will not be able to find each other and synchronize.
The server-to-server DS Client connections authenticate using the distinguished name of the NetWare 4.1 Server object. These connections can be viewed in the MONITOR utility for each NetWare 4.1 server in the NDS tree. They are marked with an asterisk ( * ) to indicate that the connection is not a licensed connection but rather an authenticated Directory Services connection. The other NetWare 4.1 servers performing the name resolution operation do not need to authenticate and therefore use the Not Logged In connection type. (Note that Not Logged In and server-to-server Directory Services connections do not take away from licensed connections.)
Messages related to the DS Client can be viewed on the Directory Services screen at the server console using the SET DSTRACE command with the +VCLIENT (VC) parameter (the DS Client is sometimes referred to as the Virtual Client). The command is entered as follows:
SET DSTRACE = +VCLIENT
* Originally published in Novell AppNotes
Disclaimer
The origin of this information may be internal or external to Novell. While Novell makes all reasonable efforts to verify this information, Novell does not make explicit or implied claims to its validity.