Previous | Contents | Index |
The Advanced Server creates an autoshare name using the OpenVMS volume label of the associated OpenVMS disk device. Autoshare names must conform to network resource naming restrictions (no more than 11 characters), with the last character a dollar sign ($), which identifies the share name as a hidden share.
The autoshare name C$ is reserved. By default, Advanced Server defines C$ as an autoshare alias for PWRK$LMROOT:[000000]. If you define another volume as C$, the share name will be rejected. |
When you create shares for directories using the ADMINISTER ADD SHARE command, you can specify any of the following for the device name in the share path:
For more information, see Section 4.3.2, Creating a Share.
Note that when a logical name is specified for the device in the share
path, if you need to move the share later to another device, you simply
assign the same logical name to the new device when you mount the
device. Then users can continue to access the same share in the new
location, as if nothing had changed.
4.2.3.2 Defining Autoshares
Sometimes the autoshare name created by the Advanced Server is not ideal for the situation. The Advanced Server lets you define your own autoshare names. This is useful when:
The server cannot define devices with volume labels that exceed the 11-character limit as autoshares. When the server starts, disk devices with volume labels that exceed the limit are not shared, and an event is recorded in the Advanced Server log file, which is viewable with the ADMIN/ANALYZE command. (For information about using the ADMIN/ANALYZE command, see Section 6.1.4.2, The Advanced Server Common Event Log.)
You use the Autoshare keyword in the LANMAN.INI file to define autoshare names for the server to create in addition to the autoshares that the server creates automatically. Use the NoAutoshare value to specify the names of devices that you do not want to autoshare.
The Autoshare and NoAutoshare parameters function as follows:
If you are running Advanced Server in an OpenVMS Cluster environment, see
Section 4.2.3.6, Autosharing in an OpenVMS Cluster Environment, for information about defining autoshares and preventing
autoshare creation on specific nodes in the cluster.
4.2.3.3 The Autoshare Parameter
The Autoshare keyword in the LANMAN.INI file specifies an alias for the autoshare name created by default for an OpenVMS disk device. Advanced Server creates an autoshare for each mounted OpenVMS disk device when the server starts. To create a more meaningful share name or to map the device name to a DOS format, use the Autoshare keyword in the LANMAN.INI file.
The format of the data associated with the Autoshare value is as follows, where devname_n is the device name (such as DUA2:), and sharename_n is the name of the autoshare:
devname_1=sharename_1, ..., devname_n=sharename_n
For example, the following line specified in the LANMAN.INI VMSSERVER section creates an autoshare named M$ for device DOT$DUA2:, and an autoshare named WORK5$ for device DOT$DUA3:.
AUTOSHARE = DOT$DUA2=M,DOT$DUA3=WORK5 |
As shown in this command example, when adding multiple entries, delimit each entry in the list with a comma. Note that the share name cannot exceed 11 characters. In addition, do not append a dollar sign ($) to the device name; the Advanced Server does this automatically.
Table 4-6, Sample Default Autoshare Names, shows physical device names and volume labels for disk devices mounted on node DOT and the autoshare names that the Advanced Server creates by default.
Device | Volume Label | Autoshare Name |
---|---|---|
DOT$DUA0: | AXPVMS072 | AXPVMS072$ |
DOT$DUA1: | USERS_1 | USERS_1$ |
DOT$DUA2: | USERS_2 | USERS_2$ |
DOT$DUA3: | WORK_DISK055 | None: the volume label exceeds the 11-character limit. |
For example, the values associated with the AutoShare keyword in the LANMAN.INI file appear as follows:
DOT$DUA2=M DOT$DUA3=WORK5 |
The Autoshare parameter directs the Advanced Server to create an autoshare named M$ for device DOT$DUA2: and an autoshare named WORK5$ for device DOT$DUA3:. If an administrator maps a network drive to the hidden share name M$, administrators connecting to M$ are accessing DOT$DUA2:[000000]. When you display the list of hidden shares, these autoshare names will also be listed. These autoshare names may also be used in share paths when creating directory shares.
As shown in Table 4-6, Sample Default Autoshare Names, the Advanced Server did not create an implicit
autoshare for the device DOT$DUA3:, because the volume label
WORK_DISK055 exceeds the 11-character limit. But Advanced Server allows
you to include the device name (DOT$DUA3) in the autoshare list in the
LANMAN.INI file and creates the explicit autoshare WORK5$ for DOT$DUA3:.
4.2.3.4 The NoAutoshare Parameter
The NoAutoshare parameter specifies the OpenVMS device names that should not be automatically shared or available to the Advanced Server. If a device is listed in both the Autoshare list and the NoAutoshare list, the NoAutoshare definition takes precedence.
If the server configuration includes many disk devices, you may want to specify which devices are not shared automatically. By sharing some devices and not sharing others, you can separate OpenVMS disk resources from Advanced Server resources and reduce unnecessary resource consumption by the server.
The NoAutoshare parameter value is a comma-delimited list of implicit wildcard device references. For example, the following data associated with the NoAutoshare keyword in the LANMAN.INI file specifies search strings DFS*, DAD*, and PWRK$DKB1*:
DFS,DAD,PWRK$DKB1 |
With this data, any OpenVMS device names that begin with the strings
DFS, DAD, or PWRK$DKB1 are not autoshared. If you want to exclude a
specific device and negate the use of the wildcard, include the colon
in the device specification. For example, the
NoAutoshare value PWRK$DKB1: will always apply to a
single device, while the value PWRK$DKB1 can apply to many devices,
such as PWRK$DKB100:.
4.2.3.5 Sharing DECdfs Devices
DECdfs is a DECnet-based layered product that provides OpenVMS users with the ability to use remote disks as if they were directly attached to the local system. By default, Advanced Server does not automatically share devices managed by DECdfs. The LANMAN.INI file contains the following default values associated with the NoAutoshare keyword:
DAD,_DFS |
You cannot assign permissions to DECdfs devices; therefore, if you
override the default and allow the Advanced Server to create an autoshare
for a DECdfs device, users with user or operator privileges cannot
access that device. Access to a shared DECdfs device is restricted to
users in the Administrators group.
4.2.3.6 Autosharing in an OpenVMS Cluster Environment
OpenVMS disk devices mounted clusterwide are offered to users as shared devices (autoshares) by all server nodes in an OpenVMS Cluster system. Devices mounted on a specific server (not clusterwide) are accessible to users connected to that server only.
The LANMAN.INI file contains two types of keywords to define autoshares:
In an OpenVMS Cluster system, you can make a device available clusterwide by using the AutoShare value. You can restrict device availability using the NoAutoshare value.
In addition, you can control the devices to be automatically shared on a single node in the cluster, using the Autoshare_nodename and NoAutoshare_nodename values.
The following examples show how you can share disk devices in an OpenVMS Cluster. For this example, the cluster contains two members: DOT and TINMAN.
Autoshare = PCS524$DKA100=J,PCS524$DKA200=K |
Autoshare_DOT = DUA1001=H,DUA1002=G,DUA1006=I |
Autoshare_TINMAN = DUA1001=H,DUA1002=G NoAutoshare_TINMAN = DUA1006 |
In this example:
The Advanced Server compares the clusterwide definitions with the
node-specific definitions. If the same device is listed in both the
clusterwide and node-specific Autoshare parameters,
the clusterwide definition prevails. The NoAutoshare
parameter uses the union of the clusterwide and node-specific autoshare
lists.
4.2.3.7 Synchronizing Autoshares
By default, each disk device available to the Advanced Server when it starts is assigned an autoshare name. If you mount a disk device after the server has started, you must synchronize the available devices using the SET COMPUTER command, to make the disk device available to the Advanced Server. For example:
LANDOFOZ\\TINMAN> SET COMPUTER TINMAN/AUTOSHARE_SYNCHRONIZE %PWRK-S-AUTOSHRSYNCHED, autoshare synchronization was successful LANDOFOZ\\TINMAN> |
In the OpenVMS Cluster environment, you must enter this command on
every node in the cluster.
4.3 Managing Shared Directories and Files
Advanced Server allows you to create shared and personal shared
directories. Some shares are provided by default.
4.3.1 Default Shares
When you install Advanced Server software, it creates the default shares shown in Table 4-7, Default Shares.
Share Name | Description |
---|---|
USERS | Contains user home directories. This shared directory is created only when logon validation is enabled. |
NETLOGON | Default location for logon scripts. This directory is shared if the Netlogon service is running. |
PWLIC | Client Licensing Software |
PWLICENSE | Client Licensing Software |
PWUTIL | Default location for Advanced Server utilities. |
A share is a shared directory. By sharing a directory, you allow users on the network to access the directory.
Any directory on the server can be shared, including the root directory of a disk device. Users specify the share name when accessing and displaying shares. No two resources on the same server can have the same share name.
When you create a shared directory, you assign access permissions to users and groups. These permissions define the access to the share for the specified users and groups. If you do not specify permissions when you add a share, all users are allowed to access the share.
You can define an OpenVMS system logical name that refers to an OpenVMS
physical device. Then you can specify the logical name when you create
the share using the ADD SHARE command. This allows you to move the
physical structure to another device, redefine the logical name, and
continue to provide access to the structure by the same share name.
Users connected to the share will have to reconnect after this change.
4.3.2.1 Preparing to Share a Directory
When you share directories on a server, it is important to be well organized. If many users access the same directory for different purposes and activities, the directory can become a clutter of unrelated files. If you take the time to create separate directories organized by group and function, it will be easier to keep files organized and to ensure security.
Before setting up a shared directory, prepare a list of directories you will need to share on the server. Also prepare a list of the users and groups that will require access to each shared directory and the kinds of permissions they will need. Use the worksheets in the Compaq Advanced Server for OpenVMS Concepts and Planning Guide to help you prepare these lists.
When sharing a directory on a server, you specify the names of the users and groups who can access the shared directory by setting share permissions, and who can access the subdirectories and files in the share by setting file and directory access permissions as described in Section 4.3.6, Specifying File and Directory Access Permissions. This allows you to set different permissions for each subdirectory and file in the shared directory.
You can also set up auditing of each type of access and of specific files and directories, as described in Section 4.3.9, Auditing Directory and File Access. This provides event log messages when the files and directories are accessed.
To create a share, you must be a member of the Administrators or Server Operators group, and the associated OpenVMS directory must already exist. If a directory to be shared does not exist, you must create it either on OpenVMS or remotely. To create a directory on the OpenVMS system, use the OpenVMS command CREATE/DIRECTORY. For example, to create the directory [SHARED] on disk device USER1, enter the following OpenVMS command:
$ CREATE/DIRECTORY USER1:[SHARED] |
To secure shared directories effectively, keep the following in mind:
Table 4-8, Share Permissions, shows permissions available for shares and the actions available to users for each permission.
Actions | No Access | Read Access | Change Access | Full Control |
---|---|---|---|---|
Display subdirectory names and file names | X | X | X | |
Display file data and attributes | X | X | X | |
Run program files | X | X | X | |
Go to subdirectories of the directory | X | X | X | |
Create subdirectories and add files | X | X | ||
Change data in and append data to files | X | X | ||
Change file attributes | X | X | ||
Delete subdirectories and files | X | X | ||
Change permissions (Windows NT files and directories only) | X | |||
Take ownership (Windows NT files and directories only) | X |
You can share an existing OpenVMS directory. When you share a directory, you specify its location on the server, including the disk device, the directory name, and the name for the share. The following example shows how to share a directory on the server:
Use the ADD SHARE/DIRECTORY command. For example:
LANDOFOZ\\TINMAN> ADD SHARE/DIRECTORY RAINBOW USER1:[SHARED] - _LANDOFOZ\\TINMAN> /HOST_ATTRIBUTES=(RMS_FORMAT=STREAM) %PWRK-S-SHAREADD, share "RAINBOW" added on server "TINMAN" |
This command adds a directory share named RAINBOW for the directory
USER1:[SHARED]. Files created in this directory will be RMS
stream-format files. Because the /PERMISSIONS qualifier is not included
on the command line, the new share is available to all network users.
4.3.2.4 Creating a Personal Share
When a server is upgraded from PATHWORKS (LAN Manager) to PATHWORKS for OpenVMS (Advanced Server), any V5 personal shares are upgraded and preserved as personal shares. The Advanced Server allows you to create personal shares, which are typically used for sharing a user's OpenVMS login directory. Personal shares are unique in that they are hidden (they will not appear in the list of shares users can display, such as in Network Neighborhood), but the names of personal shares do not end with a dollar sign ($). Thus, when users want to map a drive to their OpenVMS login directory, they specify a personal share name (typically the same as their user name) without having to include a dollar sign in the share name.
Users cannot specify personal shares in the UNC path when connecting to or listing resources. To access such a file or run an application from the personal share, users must specify the device associated with the share. |
A personal share typically points to the root directory of a user's OpenVMS account. For example, network user SCARECROW has a personal share that is mapped to the OpenVMS directory [STRAWMAN] on server TINMAN. If you display the personal shares on TINMAN, the following information appears:
LANDOFOZ\\TINMAN> SHOW SHARES/TYPE=PERSONAL Shared resources on server "TINMAN": Name Type Description ------------ --------- ------------------------------------- STRAWMAN Personal Total of 1 share |
STRAWMAN, the host mapped OpenVMS account, has a login directory defined in the UAF record; for example: DUA1:[000000]STRAWMAN.DIR, or DUA1:[STRAWMAN]. You can use the AUTHORIZE utility to display a system's UAF records. For example:
$ MCR AUTHORIZE UAF> SHOW STRAWMAN Username: STRAWMAN Owner: SYSTEM MANAGER Account: SYSTEM UIC: [360,44] ([PCSA,STRAWMAN]) CLI: DCL Table: DCLTABLES Default: DUA1:[STRAWMAN] LGICMD: LOGIN . . . |
Only users in the Administrators group can display and access all the personal shares on a server.
A user with OpenVMS user accounts on multiple servers in a domain may have a personal share associated with an account on each server. |
Previous | Next | Contents | Index |