Remote Management with ConsoleOne
Much of the server management that previously required access to the NetWare server console can now be done with NoRM, discussed later in this chapter. NoRM lets you perform most management tasks that normally require access to the server console from a remote workstation or even from across the Internet. However, to manage any version of NetWare 5 or NetWare 6 remotely, you can also use RConsoleJ, which is part of ConsoleOne. Although RConsoleJ does not offer the flexibility of NoRM, it can save significant time by letting you manage servers to which you have a LAN/WAN connection.
NOTE
If you have NetWare 4.x or earlier servers on your network, you will have to use the DOS-based RConsole utility that shipped with these versions of NetWare. Consult your server documentation for more information.
RConsoleJ is a Java applet that provides a server "window" on your workstation from which you can use console utilities, load/unload NLMs, and change server configuration just as if you were using the server's actual keyboard and monitor. Using RConsoleJ enables you to access the server from any workstation on the network, which gives you greater freedom when administering your network.
RConsoleJ requires the IP protocol to connect to NetWare servers remotely. However, if you want to use it to connect to a server that is running IPX only, you can do so by routing RConsoleJ communications through a secondary proxy server, which has both IP and IPX protocol stacks loaded. The proxy server acts as a gateway between RConsoleJ and the IPX server.
Because RConsoleJ is part of ConsoleOne, you can run it from any platform that supports ConsoleOne, including Windows, NetWare, Linux, Solaris, and Tru64.
To set up your network for RConsoleJ, you have to do the following:
Set up the target server, which is the server you want to access remotely.
(Conditional) Install proxy software on an IP server if the target server is only running IPX.
Install RConsoleJ software on the workstation or server from which you want to run the remote console session.
Setting Up the Target Server
The target server is the server whose console you want to access during the remote console session. The target server can be running IP or IPX.
To prepare a target server, complete the following steps:
-
At the server console prompt load the following NLM:
Enter the password you want administrators to use when accessing the target server from RConsoleJ. You do not need an eDirectory password because RConsoleJ does not use eDirectory.
Enter the TCP port number for the unencrypted session. The default value is 2034. If the server communicates using IPX only, enter 1 to disable TCP listening. To enable listening over a dynamically assigned port, enter 0.
Enter the TCP port number for the secure session. The default port number is 2036. Ensure the Key Material object named SSL CertificateDNS has been created.
Enter the SPX port number on which RCONAG6 will listen for a proxy server. The default port number is 16800. If the server communicates using IP only, enter 1 to disable SPX listening. To enable listening over a dynamically assigned port, enter 0.
RCONAG6
NOTE
The secure connection is available only on IP and not on IPX.
(Conditional) Configuring an RConsoleJ Proxy Server
This server will act as a middleman between the RConsoleJ client, which only communicates via IP and a NetWare server running on IPX. To do this, the RConsoleJ proxy server must have both IP and IPX protocol stacks loaded.
-
At the server console prompt, enter the following command:
-
Enter the TCP port number on which RCONPRXY will listen for RConsoleJ. The default value is 2035. To enable listening over a dynamically assigned port, enter 0.
RCONPRXY
Once the NetWare server is running the RConsoleJ proxy agent, the RConsoleJ client can communicate through it with the IPX target server.
(Conditional) Automating RConsoleJ Agents
The default AUTOEXEC.NCF file in NetWare 6.5 will include an optional command that you can uncomment to autoload RConsoleJ modules at startup. However, because loading these modules requires you to specify a remote password, it is more secure to use LDRCONAG.NCF, which lets you encrypt the password so that it cannot be viewed by anyone with access to the AUTOEXEC.NCF. LDRCONAG.NCF includes all the necessary RConsoleJ commands necessary to support RConsoleJ.
To create an encrypted remote password, complete the following steps:
-
Type the following command:
-
Enter the password you want to use for remote console sessions.
-
Enter the other required port information as outlined in the previous section. The system will display the encrypted password value and a message prompting whether the RCONAG6 command should be written to the SYS:SYSTEM\LDRCONAG.NCF file. To include the RCONAG6 command with your encrypted password in the LDRCONAG.NCF file, enter Y.
-
The system places a LOAD RCONAG command into the LDRCONAG.NCF file with the encrypted password as a parameter. To auto-load RCONAG6.NLM with an encrypted password on startup, use either NWCONFIG or EDIT to open the AUTOEXEC.NCF file. At the end of the file, enter the following:
-
Save and exit the AUTOEXEC.NCF file.
RCONAG6 ENCRYPT
LDRCONAG
The server will now automatically load the necessary remote modules and your encrypted password whenever it is started.
Running the RConsoleJ Client
To run RConsoleJ from a supported workstation or NetWare 6.5 server, do the following:
NOTE
If you are running RConsoleJ from a NetWare server, you can start it directly from the server GUI by selecting the Novell button and then selecting Programs and RConsoleJ. You can then continue with step 3.
Open ConsoleOne and browse to the server object you want to control.
Right-click the server object and select Remote Console.
-
In the RConsoleJ screen, shown in Figure 3.2, specify the required information and select Connect.
Figure 3.2 The Remote Console interface from ConsoleOne.
Connection Options: Specify whether you are connecting via Secure or Unsecure IP. If you are using Unsecure IP, you can choose whether to connect directly or through a proxy.
Remote Server: Specify the target server's name for a direct connection or the proxy server's name for a proxy connection. Enter the remote password. The port number will be automatically inserted unless you have changed it from the default.
NOTE
If you are running ConsoleOne from a different server, or if you have installed ConsoleOne locally, you may be prompted to accept an unknown certificate. If so, click OK to accept the certificate and launch the RConsoleJ window.
For more information on using RConsoleJ, see the NetWare 6.5 online documentation.