Chapter 13: Manage Novell Web Services

Novell Network Management: NetWare 6

Chapter 13: Manage Novell Web Services

Objectives:

This chapter concerns performing backup and restores in a NetWare 6 environment. The objectives important to this chapter are found on page 13-1:

Identify the Purpose of Novell Web Services
Install, Configure, and Manage Enterprise Web Server
Install and Configure NetWare FTP Server

Concepts:

Identify the Purpose of Novell Web Services

The chapter presents a list of components of Novell web services:

NetWare Enterprise Web Server - Novell's web server product, provides standard web services, can work with eDirectory to authenticate requests from users outside your network
Apache Web Server for NetWare - A free web server provided with NetWare 6 (Versions are available for UNIX and Windows systems on the Internet). This web server is installed by default in a NetWare 6 installation, and some Novell services use it by default.
Tomcat Servlet Engine for NetWare - The nonprofit Apache group developed this product to provide access to web applications.
NetWare FTP Server - A server for NetWare to provide file transfer services.
Web Distributed Authoring and Versioning (WebDAV) - As discussed earlier in the course, HTTP is for read-only access. WebDAV adds the capability to write, edit, search, and collaborate on files stored on a web server.
NetWare Web Manager - Provides access to the web services to manage and configure them.

The chapter explains that the services listed above provide interfaces to NetWare for the web and net based services described earlier in the text:

iFolder
iLogin
iManager
iPrint
Web Search
Portal Services

Install, Configure, and Manage Enterprise Web Server

The procedure for installing Novell's Enterprise Web Server begins with an instruction that is not always made clear. You install from the NetWare installation CD. To do so, while the server is running, put the CD in your CD drive, go to the server console, and enter the command CDROM. This will mount the CD, making it accessible from the install command in the GUI.

Some advice is offered about installation options. It is possible to allow LDAP service to use clear text passwords. This would allow your LDAP server to accept unencrypted data as well as unencrypted passwords. This is probably not a good idea, if you are at all concerned about security for passwords and data.

To run the Novell Enterprise Web Server, the console command is NSWEB. To stop the web server, the command is NSWEBDN.

NetWare Web Manager

We have used NetWare Web Manager in other chapters. We are reminded here that the default port for it is 2200. This is only a default, and can be changed if desired. Whichever port is used, you should make sure that your firewall software allows traffic on that port.

From the server console prompt, you can start web services by executing the NSWEB command. The text explains that this command runs NVXALLUP.NCF. (The name of this file is a bit cryptic. It relates to the word NOVONYX, which is a carryover from earlier web products offered from Novell and Netscape.) Once the services are up and running, you can use NetWare Web Manager to configure them.

As noted in other chapters, you can access the NetWare Web Manager with a browser. Use HTTPS protocol to access port 2200 (or the port you configured), at either the IP address of the server running web services, or the domain name of that server.

You must authenticate to the Web Manager as an administrator.

Configuring Enterprise Web Server with Web Manager

Web Manager provides a selection of configuration controls for your web serve. Among them are:

On and Off buttons - Obviously, these are for turning the web server on or off. As with other services, remember that the web server is a service, not a physical device.
View Server Settings - Server settings fall into two types. Technical settings are saved in MAGNUS.CONF, and content settings are saved in OBJ.CONF.
Restore Configuration - This can overwrite your current configuration files with backup copies of them.
Performance Tuning - Use this to make changes to the server's technical settings.
Encryption On/Off

As illustrated in your text, when the web server software is installed, a default directory (primary directory) for web documents is created on the server. It is located at sys:\novonyx\suitespot\docs. You may configure the server to use some other directory as the default. Novell recommends using a directory on a volume other than SYS:.

Whatever directory you specify as the default, your users need not know it exists. Whatever directory you make the default directory, any document you place in that directory will appear to users as being at the root of the server. For example, you might place a document called FAQ.HTML in the default location.

Actual path to file: servername\sys:\novonyx\suitespot\docs\faq.html

Address user types in browser: http://servername/faq.html

Another way of saying this is that the URL for your server points directly to the default directory for that server.

Any subdirectory that you place in the default directory will appear to users as a directory off the root of the server. This saves users from having to remember the actual long pathname, and it gives you an element of security. Another advantage exists: if you move your files to another location, you need only tell the server the name of the new default directory. Users need not be involved.

To change the primary document directory:

Open Web Server Manager
Select the web server
Log in as necessary
In the Assistant frame (left side), select View Server Settings
In the Content frame, locate and select Primary Document Directory
In the Primary Directory field, enter the full pathname of the directory you want to use as the primary document directory.
Save and apply the changes.

Install and Configure NetWare FTP Server

Most browsers support FTP. One way to use FTP with a browser is to contact the FTP server on a network, using the name of the server, and opening the address request with ftp:// instead of http://.

The procedure to install the FTP server is no different from the procedure to install the web server. The only difference is which product to choose for installation.

The FTP server is configured by settings saved in this file: SYS:\ETC\FTPSERV.CFG. The settings are created and saved by using FTP Server Manager, which is accessed through NetWare Web Manager. Some configuration options are listed below:

On and Off buttons - The text mentions that you can also turn the FTP server on with the command NWFTPD. You can turn it off with the command UNLOAD NWFTPD.
Server Settings - Use this to set the port number for the FTP server, and other settings.
Security - Use this to configure intruder detection and time allowed to user sessions.
User Settings - Use this to set the default login directory for FTP users.

If you intend to provide FTP access to users who are not logged in to your system, you will want to enable anonymous user access. This requires that you create a user in your Tree called anonymous, and grant appropriate eDirectory and file system rights to that user. It also requires that you configure three settings through FTP Server Manager:

Allow anonymous access: YES or NO (default: NO)
Anonymous users home directory: volume:/directory/subdirectory (default: SYS:/PUBLIC)
Require e-mail address for password: YES or NO (default: YES)

Rights may be assigned to containers, users, domains, and hosts. The possible rights are:

DENY- No access to the FTP server
READONLY - Gives read-only access
NOREMOTE - Prevents remote access
GUEST - Gives only Guest access to the user (Novell does not define what this means)
ALLOW - Gives full access to the FTP server

Overlapping rights assignments are possible. In the case of multiple assignments, read the lines in sequence to see what rights are actually in effect. For example, the text suggests that the following rights may be granted by three lines in the SYS:/ ETC/FTPREST.TXT file.

*.baker ACCESS=ALLOW
This means anyone in baker or below has full rights. Everyone in the Tree seems to have rights.

*.novell.baker ACCESS=DENY
This means that no one from novell down has any rights. Other containers in bakers still have their rights from the line above. So this line limited the rights granted above.

.user1.novell.baker ACCESS=READONLY
This means that one specific user (user1) in novell is granted Read Only rights. This line opened up the restrictions set in the line above for one user. Viewing the three lines from this user's perspective, first he had full rights, then he had none, and now he has Read Only.