Communications Server

Network Administration Guide


Chapter 4. Planning for Client/Server Communication

This chapter contains information about planning for SNA API clients for Communications Server and Novell NetWare for SAA.


SNA API Clients

This section contains information specific to SNA API clients.

Installation and Configuration

For information about installing and configuring Communications Server SNA API clients, refer to Quick Beginnings.

Lightweight Directory Access Protocol

Lightweight Directory Access Protocol (LDAP) provides a standard way to access directory services. LDAP enables you to read, search, add, and remove information from centralized or distributed databases. LDAP is similar to the older X.500 Directory Access Protocol (DAP), but without some of the overhead (such as session and presentation OSI layers). You can use LDAP Client Configuration to configure SNA API client information and store it on an LDAP server.

LDAP Client Configuration shows the logical organization and relationships between the clients and their configurations.

For more information on using these major areas, refer to the help panels for LDAP Client Configuration.

Directory Information Tree

The Directory Information Tree (DIT) connects all Directory Service Agents (DSAs) in a predefined model. The model is an extensible hierarchical structure consisting of a number of base objects. A typical LDAP DIT would have a root, under which countries (c) are defined. Below the countries are usually organizations (o), and below an organization are individuals, ( (cn) or (uid) ), or organizational units (ou). For example, an fully-distinguished LDAP entry would be specified as:

c=US, o=company.com, ou=Sales, cn=temp

Client Hierarchy

The client hierarchy is relative to the LDAP DIT you logged in to. You can add users or organizational units to the client hierarchy or delete users or organization units from the client hierarchy.

Configuration Hierarchy

The configuration hierarchy logically shows, through a graphical tree view, the client configuration and all the relationships between the configuration definitions. The configuration hierarchy enables you to create, modify, or remove definitions.

Common API Client for Communications Server for Windows NT and NetWare for SAA

The client shipped with Communications Server permits clients to locate and access IBM Communications Servers and NetWare for SAA (NWSAA) servers in the network.

Install Options for Configuration Location

During installation of the client, the user can choose the client configuration location. There are three choices:

The configuration location contains server lists, user names, and all other client configuration information.

Configuration Locations

Because configuration information is independent of the server type (Communication Server for Windows NT or NetWare for SAA), the information can be stored in either NDS, INI, or LDAP. For example, Communication Servers names and addresses can be stored in NDS, INI, or LDAP for the API client. Since NDS administration programs are only shipped with NetWare for SAA, configuration of SNA API client information in NDS requires that the NetWare for SAA product exist on the network. The common SNA API client enables you to easily integrate different server types on the same network.

Configuration Utility

Use the Set Configuration Options utility to change the client configuration location (INI, NDS, or LDAP) after installation.

Locating Servers

The client enables the user to locate and access IBM Communications Servers and NWSAA servers using both TCP/IP and SPX transport protocols.

TCP/IP

The method used to locate servers using the TCP/IP transport protocol is identical. The network administrator can control access to the servers through server configuration. See "Planning for TCP/IP Scopes" for more information.

SPX

The methods used to locate servers using the SPX transport protocol are different. Locating both IBM Communications Servers and NWSAA servers takes more time than locating only IBM Communications Servers or NWSAA servers.

The Communications Server SNA API client tries to locate IBM Communication Servers first, followed by NWSAA servers. If no NWSAA servers exist in the network or should not be accessed, the user can set an environmental variable to prevent locating NWSAA servers. Setting the variable improves performance in an environment where only IBM Communication Servers are accessed by the SPX transport protocol. The environmental variable is SNA_API_CLIENT_NO_CC. Setting the variable does not affect server location using the TCP/IP transport protocol.

Assigning a Default Local LU

You can assign a default local LU alias for each user through either the INI file configuration or LDAP configuration for 32-bit Windows SNA API clients.

APPC programs can use a default local LU alias rather than specify one directly. When an APPC program issues a TP_START verb with the local LU alias field set to binary zeroes or all ASCII blanks, the APPC API uses the configured default local LU alias.

EHNAPPC programs can use a default local LU alias rather than specify one directly. When the local LU field on the AS/400 configuration panel is left blank, the configured default local LU alias is used.

CPI-C programs can use a default local LU alias rather than specify one directly. When the local LU alias field in the CPI-C side record is left blank, and no value has been defined using the APPCLLU environment variable, the CPI-C API uses the configured default local LU alias when initiating a conversation.

Attach Manager started programs can use a default local LU alias rather than specify one directly. When the local LU alias field in the attach manager record is left blank, the Attach Manager uses the configured default local LU alias when processing incoming conversation requests.

Assigning a Default Partner LU

You can assign a default partner LU alias for each user through either the INI file configuration or LDAP configuration for 32-bit Windows SNA API clients.

APPC programs can use a default partner LU alias rather than specify one directly. When an APPC program issues an ALLOCATE verb with the partner LU alias field and the fully qualified partner LU field set to binary zeroes or all ASCII blanks, the APPC API uses the configured default partner LU alias.

CPI-C programs can use a default partner LU alias rather than specify one directly. When the partner LU alias field in the CPI-C side record is left blank, the CPI-C API uses the configured default partner LU alias when initiating a conversation.

Assigning a Default LUA Session Name

You can assign a default partner LU alias for each user through either the INI file configuration or LDAP configuration for 32-bit Windows SNA API clients.

LUA programs, such as 3270 emulators, can use a default LUA session name rather than specify one directly. When a LUA program issues an RUI_INIT or SLI_OPEN verb with the LUA LU name field set to binary zeroes or all ASCII blanks, the RUI/SLI API uses the configured default LUA session name.

Client/Server Data Encryption

Client/server data encryption enables the client to request encryption of the application data in communications between the SNA API client and Communications Server.

Data encryption can be on, off, or optional. Optional data encryption means that encryption is used if it is supported by the server.

Client Server Security

Communications Server enables Windows 95 and Windows NT SNA API clients to use Windows NT domain security to authenticate the client connection to the server without reentering the userid and password. The client must be part of a Windows NT domain, either by participation in a Communications Server domain or logging in locally with a synchronized userid and password.

SNA API client users outside of the Windows NT domain are required to provide the userid and password, either through a prompt or by storing these values in the client configuration file.

The authorized users for client server are maintained in the IBMCSAPI local group, which is located either directly on the Communications Server or on the domain controller where Communications Server participates. This user group is created during installation and can be administered using the Windows NT User Manager application.

You can determine whether the userid and password are required for connection to the server by changing the LogonControl value entry at the server to zero (0), which removes the requirement of the userid and password specification by the client.

Audit trail records of client connections to the server are tracked in the Windows NT Event Log. You can view the records using the Windows NT Event Viewer under the Application log. If you do not want to track client connections to the server, you can change the AuditTrail value entry at the server to zero (0).

You can access the LogonControl and AuditTrail value entries through the Windows NT Registry Editor under the key: HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/IBM SNA Client Services.


Novell NetWare for SAA Clients

Communications Server supports IPX- or TCP/IP-attached clients running emulator software packages that implement Novell's Queue Element/Message Unit (QEL/MU) architecture for 3270 emulation, enabling the clients to access mainframe host data. This includes support for popular client features, including dedicated, pooled, and public LU categories (sometimes referred to as resource types).

Communications Server supports Novell NetWare for SAA clients on Windows 95, Windows NT, Windows 3.1, and OS/2.

TCP/IP, IPX/SPX, or both are required for Novell NetWare for SAA clients to communicate with Communications Server. If you are running IPX, you also need the following software enabled on the server:

If Communications Server is running on a primary or backup controller, users must be given user rights in the IBMCSAPI group to log on locally to the server.


[ Top of Page | Previous Page | Next Page | Table of Contents | Index ]