HP OpenVMS Systems
HP Advanced Server for OpenVMS
This chapter describes how to set up a wide area network (WAN) using one of the TCP/IP transport software products supported by the Advanced Server for OpenVMS software.
This chapter consists of the following sections:
The Advanced Server for OpenVMS software allows you to use one or more of the following methods for wide area network name resolution:
To use them, they must be enabled using the Configuration Manager. You
can enable them through the PWRK$CONFIG.COM command procedure, which
provides access to the Configuration Manager when you answer YES to the
question "Do you want to change server configuration
parameters." To enable one or more of the wide area network
support methods, select the Transports screen and select the
appropriate checkbox. Alternatively, you can run the Configuration
Manager after the server is configured and started, as described in the
HP Advanced Server for OpenVMS Server Administrator's Guide.
6.2 Using the LMHOSTS File in a Wide Area Network
The Advanced Server for OpenVMS software provides the ability to set up a wide area network with the TCP/IP transport through the use of the LMHOSTS file. This file contains a list of domain controllers and member servers in the same domain and also domain controllers in domains that have trusts established with that domain. The LMHOSTS file allows the Advanced Server to participate in a Windows NT wide area network as well.
Unlike a Windows NT Server, the Advanced Server does not support remote LMHOSTS files (called into the Windows NT LMHOSTS file using #INCLUDE). To include the same host names as an existing LMHOSTS file on a Windows NT Server, copy the LMHOSTS file to the Advanced Server then manually insert the entries into the Advanced Server LMHOSTS file.
If you plan to use cluster load balancing in WANs (using DNS for NetBIOS resolution of the Advanced Server cluster alias name), you must remove all entries for the cluster alias from the LMHOSTS file on all systems that will access the Advanced Server cluster and that have enabled DNS for name resolution. For more information on cluster load balancing, refer to the HP Advanced Server for OpenVMS Server Administrator's Guide.
To set up a TCP/IP wide area network, modify the LMHOSTS file, adding the host names and TCP/IP addresses of the domain controllers and member servers in the wide area network that are in the same domain or in domains that have trust relationships with that domain.
The LMHOSTS file must be set up on all domain controllers and member servers in the domain, unless other methods are used to resolve NetBIOS names. Make sure your Advanced Server LMHOSTS file includes entries for all domain controllers and member servers of the domain and domain controllers in domains that have trusts established with that domain.
Note the following when configuring a server that will be a backup domain controller (BDC) or member server in an existing domain: if the LMHOSTS file does not include entries for a primary domain controller (PDC) that is in a different TCP/IP subnet, your server will not be able to find that PDC. Make sure you include entries for that PDC in the LMHOSTS file before running PWRK$CONFIG to join the existing domain. Two entries are required for a PDC:
BDCs periodically retrieve changes to the domain-wide security accounts database from the PDC. If you omit a BDC from the LMHOSTS file on the PDC, the PDC will not notify the BDC that database changes need to be retrieved. Or, if a BDC omits the necessary entries for the PDC, the BDC will be unable to locate the PDC when attempting to retrieve database changes. In either case, the BDC's database will become out of date.
You can modify the LMHOSTS file at any time. As long as the LMHOSTS
file exists, users can establish TCP/IP connections to any server
listed in the file.
6.2.2 The LMHOSTS Directory
You set up a wide area network by supplying the following file on all OpenVMS file servers that are in different subnets:
(The LMHOSTS file has no file extension; include the final dot, as
6.2.3 LMHOSTS File Syntax
In the LMHOSTS file, create a list of nodes by specifying the following line for each node:
address NetBIOSname #PRE #DOM:domain_name
speedy "LANDOFOZ \0x1B"
For example, the following entries should be included in the LMHOSTS file on a BDC that is not in the same IP subnet as the PDC (if the two systems are in the same IP subnet, they can resolve names using broadcasts). In this example, the PDC name is DOMPDC at IP address 10.20.30.40 in the domain LANGROUP:
10.20.30.40 DOMPDC #PRE #DOM:LANGROUP 10.20.30.40 "LANGROUP \0x1B" #PRE
The \0x1B name will be registered only by the PDC for the domain. If a BDC is promoted to PDC, the original PDC will release the \0x1B name, allowing the new PDC to register it; LMHOSTS files on other systems that contain an entry for this \0x1B name must be updated to reflect the IP address of the new PDC.
If the domain PDC is a PATHWORKS or Advanced Server for OpenVMS server running on multiple members of an OpenVMS Cluster, only one cluster member will register the \0x1B name (the first to start the NetLogon service). However, if the server stops on that cluster member, the \0x1B name will be released by that cluster member and will then be registered by another cluster member running the server. In this scenario, LMHOSTS files on other systems that contain an entry for this \0x1B name must be updated to reflect the IP address of the cluster member that has registered, and now holds, the \0x1B name. To determine the cluster member that has registered and currently holds the \0x1B name, execute the NBSHOW KNB command at the OpenVMS DCL prompt on each node of the cluster and look for the \0x1B name in the name table that is displayed. The \0x1B name will show up in the name table of only one of the cluster members. The command NBSHOW is a special Advanced Server management command that is defined in the command file SYS$MANAGER:PWRK$DEFINE_COMMANDS.COM; for more information, see Section 5.6, Special Advanced Server Management Commands.
If LMHOSTS files are not updated on all systems to reflect a PDC change, these systems might not be able to find the PDC for the domain. This would affect domain operations adversely.
In environments using trust relationships, the domain controllers in trusting domains must establish a secure communications channel with a domain controller in the trusting domain. This allows a user with an account in one domain to access resources provided by a domain that trusts the user's domain (called pass-through authentication). Therefore, domain controllers in the trusting domain, as well as those in the trusted domain, should list all domain controllers from the other domain in their respective LMHOSTS file. (This assumes other NetBIOS name resolution methods, such as WINS, are not being used.) Each domain controller should also include a \0x1B entry for the PDC of the other domain. In the following example, the domain LANGROUP trusts the domain CORPDOM. The LANGROUP domain consists of the following domain controllers:
The CORPDOM domain consists of the following domain controllers:
To enable the domain controllers in domain LANGROUP to locate a domain controller in domain CORPDOM, include the following entries in the LMHOSTS file located on domain controllers in domain LANGROUP:
184.108.40.206 CORPPDC #PRE #DOM:CORPDOM 220.127.116.11 "CORPDOM \0x1B" #PRE 18.104.22.168 CORPBDC1 #PRE #DOM:CORPDOM 22.214.171.124 CORPBDC2 #PRE #DOM:CORPDOM
Similarly, to enable the domain controllers in domain CORPDOM to locate the domain controllers in domain LANGROUP, include the following entries in the LMHOSTS file located on the domain controllers in domain CORPDOM:
126.96.36.199 LGPPDC #PRE #DOM:LANGROUP 188.8.131.52 "LANGROUP \0x1B" #PRE 184.108.40.206 LGPBDC #PRE #DOM:LANGROUP
The #DOM directive is required in these cases. It explicitly designates
the system as a domain controller in the specified domain. Note that if
you include member servers in the LMHOSTS file (whether they be Windows
NT or Advanced Server member servers), you should omit the #DOM
directive. Member servers are not domain controllers.
6.2.4 Managing the LMHOSTS File
To change the list of available nodes, you can edit the file at any time. Domain controller entries (specified by the #DOM directive) and computer name entries without the #PRE directive are resolved by checking the LMHOSTS file dynamically. This check occurs whenever a name needs to be resolved and is not found in the name cache.
To disable LMHOSTS name resolution, rename all versions of the LMHOSTS file to any name other than LMHOSTS. Or, you can use the Configuration Manager to disable LMHOSTS name resolution. Start the Configuration Manager ($ ADMIN/CONFIG), select the Transports option, and clear the check mark next to the Enable LMHOSTS Resolution option. When you use the Configuration Manager to enable or disable LMHOSTS name resolution, the change is not dynamic; that is, the change will not go into effect until the next time the Advanced Server is started.
When you add an entry to the LMHOSTS file while the Advanced Server is
running, if the entry includes the #PRE directive, the entry will not
be cached permanently (as directed by the #PRE part of the entry) until
the next restart of the server; however, the change is effective
immedately, as it will be read dynamically when the name next needs to
6.2.5 Using the LMHOSTS Log File
If errors occur when the LMHOSTS file is accessed, the errors are recorded in the following file:
This file is open and being written to while the Advanced Server is running. To close the log file, you must stop the Advanced Server.
To prevent the log file from becoming too large, each error is logged
only once --- the first time it occurs. If an error is found in the log
file, it is not logged again.
6.3 Using WINS in a Wide Area Network
You can configure the Advanced Server as a WINS client. This allows the Advanced Server to use a WINS Server for NetBIOS name registration, resolution, renewal, and release in a wide area network configuration.
For more information on how to use the Configuration Manager to
configure the Advanced Server to use WINS, refer to the HP Advanced Server for OpenVMS Server Administrator's Guide.
6.3.1 Setting up WINS for OpenVMS Clusters
To allow clients that are configured for WINS support to use an Advanced Server alias name to connect to a clustered Advanced Server across a WAN, you must add to the WINS database a static multihomed entry for the Advanced Server alias name.
When adding the static multihomed entry for the Advanced Server alias name, you should enter the TCP/IP address of each node in the OpenVMS Cluster that is running the Advanced Server.
For more information about adding static entries to the WINS database, refer to your WINS product documentation.
If you plan to use DNS name resolution to provide cluster load balancing in WANs, you might need to remove all static entries for the cluster alias from the WINS database. (If Windows 95, Windows 98, or Windows NT clients are configured to use both WINS and DNS for NetBIOS name resolution, they first query the WINS server to resolve the name.) For more information on enabling cluster load balancing in WANs, refer to the HP Advanced Server for OpenVMS Server Administrator's Guide.
You can configure the Advanced Server as a DNS client. This allows the Advanced Server to use a DNS server for NetBIOS name resolution. The Advanced Server uses DNS for name resolution as a last resort if all other methods fail to resolve a NetBIOS name.
DNS name resolution is not provided as a replacement for WINS and/or LMHOSTS but rather as a supplement to them. With DNS, the Advanced Server still uses WINS, LMHOSTS, or broadcast methods for resolving names.
If you have to reinstall the Advanced Server for OpenVMS software, you might first need to remove the Advanced Server for OpenVMS software.
For example, if the Installation Verification Procedure indicated that the software installation procedure failed, you must reinstall the software. But first you might need to remove the Advanced Server software.
For more information about disk space requirements, see Section 1.8.9, Step 9: Check Disk Space Requirements.
This chapter consists of the following sections:
You remove the Advanced Server using the PRODUCT REMOVE command. The removal procedure performs the following operations:
When you remove the Advanced Server data files, the removal procedure will remove the server configuration parameters that are stored as values, and their keys, from the OpenVMS Registry.
To complete this operation, the removal procedure:
To start the removal procedure and remove Advanced Server for OpenVMS software:
$ PRODUCT REMOVE ADVANCEDSERVER
Table 7-1, PRODUCT REMOVE Prompts, tells you how to respond to the prompts that the removal procedure displays.
|At this prompt...||If you want the removal procedure to...||Enter...|
|Do you want to continue? [YES]||Continue||[Return]|
|Information about the use of the Advanced Server may have accumulated in data files. Delete those files? [NO]:||Save the Advanced Server on-disk structure, including the security accounts database (SAM), the share database, and the server configuration parameters in the OpenVMS Registry (see Section 7.3.1, Server Configuration Parameters in the OpenVMS Registry)||[Return]|
|Remove the Advanced Server on-disk structure, including the security accounts database (SAM), the share database, and the server configuration parameters||YES|
|Save clean up tools? [YES]||Save the PWRK$FIXACE and PWRK$DELETEACE tools||[Return]|
|Delete these tools||NO|
|Save a copy of NETBIOS.EXE? [YES]||Save the NETBIOS image and related files so you can restore it later, if necessary.||[Return]|
|Delete the NETBIOS image and related files||NO|