Chapter 1 - Introduction to Banyan UNIX Access

Banyan UNIX Access Guide

Chapter 1 - Introduction to Banyan UNIX Access

Introduction

Historically, Banyan has limited administrator access to the UNIX operating system underlying its VINES product. With the release of VINES 7.0, a new feature allowed administrators to log in to UNIX on a server with full root access to the files and directories on that server.

This book describes the files and directories that are available to a user with root access.

This Chapter describes:

Basic UNIX access procedures, including UNIX login and password configuration

The structure of UNIX on a Banyan server

Note: Although Banyan UNIX is based on UNIX System V.4, many changes have been made to the files and directories of UNIX System V.4 during the development of VINES. This book explains many of these differences.

Basics of UNIX Access

To log in to UNIX on a Banyan server, you must fulfill several prerequisites:

The System Maintenance menu of your server must have 12 options, as shown in Figure 1-1. If the menu has only 10 options, you must reinstall the software and choose either "You have access, Banyan does not" or "You and Banyan have UNIX access,"at the Password Installation menu. For more information on installing root access, see the VINES Server Installation Guide.

Figure 1-1. System Maintenance Menu Screen

You must have an established StreetTalk user name and password.

Your name must be on the AdminList of the server. This list is called AdminList@servername@servers, where servername is the name of your server. For example, if your server is named MONEY, your AdminList name is AdminList@money@servers.

You must know the System Maintenance password for your server.

Once you meet these requirements, you can access basic UNIX functions from the System Maintenance menu as follows:

Option 11 allows you to log in to UNIX.

Option 12 allows you to change the UNIX root password and set configuration parameters that affect root password access.

The sections that follow explain these procedures.

To Log in to UNIX

1. Select Option 11 (Access UNIX) from the System Maintenance menu. You are prompted for your StreetTalk name.

2. Enter your StreetTalk name. You are prompted for your StreetTalk password.

3. Enter your StreetTalk password.

Note: You can enter your password up to five times at this screen. If you do not enter the correct password on the fifth attempt, the software pauses for one minute, then returns to the System Maintenance menu.

You are prompted for the root password.

4. Enter the root password.

When you successfully log in to UNIX, your current directory is /disk1/banyan/ss.

Configuring the UNIX Root Password

To change UNIX Access options on a Banyan server, select Option 12 (Configure UNIX Access options) from the System Maintenance menu. You are prompted to enter your StreetTalk user name and password. The user name you enter must be:

A valid user name in the StreetTalk database

On the AdminList@servername@servers of the server you are logging in to.

The screen in Figure 1-2 appears.

Figure 1-2. Configure UNIX Access Menu Screen

The options on this menu let you set:

The current password

Password configuration rules, including the minimum length, the expiration period, and the number of entries in the password history list. (This restricts the re-use of passwords as explained in "Password History List," later in this chapter.

To Change the Current UNIX Access Password

1. Choose 1 (Change UNIX Access Password) at the Configure UNIX Access menu. This prompt appears:

Please enter the old password for root access:

2. Enter the old password. This prompt appears:

Please enter the new password for root access (E to exit):

If you enter E the Configure UNIX Access Menu appears.

3. Enter the new password. This prompt appears:

Please retype new password:

4. Enter the new password exactly as you typed it the first time.

Note: UNIX passwords are case-sensitive.

To Change the Password Configuration

1. Choose 2 (Change Password Configuration) at the Configure UNIX Access menu. This prompt appears:

Please enter root password:

2. Enter the current root password. This prompt appears:

Number of previous root passwords that cannot be re-used(1 - 20,none) [10]:

3. Enter the number of passwords that you want to keep on the password history list (see the next section for more information). This prompt appears:

Minimum Password Length (1-15, none) [none]:

4. Enter the smallest number of characters for a root password on your server. A long password is more secure, but may be more difficult to remember. This prompt appears:

Password expiration in weeks (1 - 52, never) [never]:

This prompt asks you to set an interval after which you will be forced to change the root password on this server.

5. Enter a number of weeks. The system asks you to confirm your choices, as shown below.

Number of passwords to remember: 10

Minimum Password Length: none

Password expiration in weeks: never

Is this information correct (y/n) [y]:

If you enter n, the software returns to step 1. If you enter Y, the Configure UNIX Access menu appears.

Password History List

During the Banyan software installation procedure, and again when you use the Change Password Configuration option, you control how many passwords are kept in the password history list by answering this prompt:

Number of root passwords to remember:

Each time you change your password, the old password is placed on the password history list. If the list is full, the oldest password drops off to make room for the one used most recently. Passwords currently on the password history list cannot be used for UNIX access. Once a password drops off the list, however, you can re-use it.

To illustrate how the password history list works, suppose you ask the system to remember two passwords. Figure 1-3 shows the initial system installation dialogue, and the first UNIX Access password change.

Note: During the initial installation, the password you enter does not appear on the screen. The password is shown on the screen in Figure 1-3 to clarify the example.

Figure 1-3. Adding the First Password to the History List

The old password (Hello) is now on the password history list. This means that you cannot re-use `Hello'. Figure 1-4 shows the password history list after the second and third password changes.

Figure 1-4. Second and Third Password Changes

After the third password change, the original password (Hello) drops off the password history list. This password can now be re-used.

UNIX Structure on a Banyan Server

The sections that follow provide an overview of the VINES files and directories.

Banyan Software Tree

Figure 1-5 shows all of the directories in the Banyan server.

Figure 1-5. Banyan Software Tree

Organization of this Book

Many of the directories shown in Figure 1-5, such as /etc and /dev, are part of standard UNIX. While these are discussed in some detail in later chapters, most of this manual discusses the Banyan service directories under /disk1/banyan, and the data files associated with the Banyan services.

Major Banyan services, such as StreetTalk (Chapter 3), STDA (Chapter 4) and Intelligent Messaging (Chapter 10), are treated in their own chapters. Other services are grouped in chapters that discuss a particular server function. For example, Chapter 5 discusses directories that offer file services, and Chapter 2 discusses directories that contain software pertinent to the installation and configuration of a Banyan server.

Banyan Services

Banyan's Enterprise Network Services are software systems that store, move, and present information on Banyan networks. There are over 20 different services available for a revision 7.00 Banyan server. Most of this manual is devoted to these services.

Every Banyan service has a home directory in the /disk1/banyan path. This service directory typically holds the service executables, log files, scripts and other files required to monitor and maintain the service. Table 1-1, in the next section, summarizes the service directories and the other subdirectories of /disk1/banyan.

Services also have associated data files. Some services store their data files in the home directory, along with the executables. Other services store data files in separate subdirectories. The discussion of each service, later in this manual, includes the data files associated with the service, and identifies the location of those files.

Service Directories in /disk1/banyan

The directory /disk1/banyan contains a subdirectory for each service available on the Banyan server, and additional subdirectories for various utilities.

The contents of each directory are as follows:

/disk1/banyan/afp

Apple File protocol.

/disk1/banyan/ata

AppleTalk transfer agent.

/disk1/banyan/bfs

Banyan file service.

/disk1/banyan/bms

Banyan Intelligent Messaging service.

/disk1/banyan/bps

Banyan Print service.

/disk1/banyan/comm

Communication services, such as TCP/IP, IPX/SPX, ISDN, Source Level Routing, and ICA communications.

/disk1/banyan/dump

Backup/Restore service.

/disk1/banyan/duptools

Banyan duplication tools and releaseware. The programs in this directory are accessible through the hidden System Maintenance option 3d.

/disk1/banyan/evs

Banyan Event Management service.

/disk1/banyan/fsunix

DOS/UNIX bridge file service.

/disk1/banyan/ftp

File Transfer service. (For internal Banyan use only.)

/disk1/banyan/hcs

Banyan History Collector service.

/disk1/banyan/install

Installation scripts and utilities.

/disk1/banyan/kern

Kernel Configuration utility.

/disk1/banyan/lex

Lexlink Print service.

/disk1/banyan/messages

Message file directories for several Banyan utilities.

/disk1/banyan/nb

Netbios service.

/disk1/banyan/nm

Banyan Network Management service.

/disk1/banyan/rs

File Transfer Service directory. (Banyan internal use only).

/disk1/banyan/sna

3270/sna service.

/disk1/banyan/snm

VINES 5.xx Network Management service.

/disk1/banyan/snmp

Simple Network Management Protocol option.

/disk1/banyan/ss

Server service.

/disk1/banyan/st

StreetTalk Naming service.

/disk1/banyan/stda

StreetTalk Directory Assistance.

/disk1/banyan/sysdiag

ICA System Diagnostics.

/disk1/banyan/util

Utilities used for service management and other Banyan-specific tools.

/disk1/banyan/vcs

VINES Configuration service.

/disk1/banyan/vpa

VINES Proxy Agent.

/disk1/banyan/vs

VINES Security service.

/disk1/banyan/vt

Asynchronous Terminal Emulation service.

/disk1/banyan/wan

Banyan Wide Area Network service.

Common Files in Banyan Service Directories

Certain scripts and log files show up in almost every service directory under /disk1/banyan. These files are listed in Table 1-1.

Table 1-1. Files Common to All Banyan Service Directories

Table 1-1 (Continued). Files Common to All Banyan Service Directories

Common Files in Banyan Service Directories

Certain scripts and log files show up in almost every service directory under /disk1/banyan. These files are listed in Table 1-2.

Table 1-2. Files Common to All Banyan Service Directories

	Basic UNIX access procedures, including UNIX login and password configuration
	The structure of UNIX on a Banyan server

	You must have an established StreetTalk user name and password.
	Your name must be on the AdminList of the server. This list is called AdminList@servername@servers, where servername is the name of your server. For example, if your server is named MONEY, your AdminList name is AdminList@money@servers.
	You must know the System Maintenance password for your server.

	Option 11 allows you to log in to UNIX.
	Option 12 allows you to change the UNIX root password and set configuration parameters that affect root password access.

	A valid user name in the StreetTalk database
	On the AdminList@servername@servers of the server you are logging in to.

	The current password
	Password configuration rules, including the minimum length, the expiration period, and the number of entries in the password history list. (This restricts the re-use of passwords as explained in "Password History List," later in this chapter.