Filter
Top Products
Chapter 2 Inside Mac OS X Server 37
Windows file service provides several ways to manage locks for Windows share points:
• Opportunistic locking offers a way to optimize performance for share points used
only by Windows clients. Opportunistic locking is disabled by default because it is
not compatible with NFS or AFP. Opportunistic locks, which allow clients to do more
dynamic client-side caching, are only enforced by SMB.
• Strict locking enables lock checking every time files are accessed for either read or
write operations. It is useful for applications that do not manage locking. Strict
locking is enabled by default.
Network File System (NFS) Service
NFS is the protocol used for file services on UNIX computers.
The NFS term for sharing is export. You can export a shared item to a set of client
computers or to “World.” Exporting an NFS volume to World means that anyone who
can access your server can also access that volume.
NFS does not support name/password authentication. It relies on client IP addresses to
authenticate users and on client enforcement of privileges—not a secure approach in
most networks. Therefore use NFS only if you are on a local area network (LAN) with
trusted client computers or if you are in an environment that can’t use Apple file
sharing or Windows file sharing. If you have Internet access and plan to export to
World, your server should be behind a firewall.
You can reshare NFS mounts using AFP, Windows, and FTP so that users can access NFS
volumes in a more restricted fashion.
File Transfer Protocol (FTP)
FTP allows computers to transfer files over the Internet. Clients using any operating
system that supports FTP can connect to your FTP file server and download files,
depending on the permissions you set. Most Internet browsers and a number of
freeware applications can be used to access your FTP server.
FTP service in Mac OS X Server supports Kerberos v5 authentication and, for most FTP
clients, resumption of interrupted FTP file transfers. Mac OS X Server also supports
dynamic file conversion, allowing users to request compressed or decompressed
versions of information on the server.
FTP is generally considered to be an insecure protocol, since user names and
passwords are distributed across the Internet in clear text. Because of the security
issues associated with FTP authentication, most FTP servers are used as Internet file
distribution servers for anonymous FTP users. Starting with Mac OS X Server version
10.3, however, FTP supports Kerberos authentication, which offers a secure means for
authenticating to an FTP server.
LL2343.Book Page 37 Thursday, August 14, 2003 5:12 PM