Kbase 19914: Configuration of Telnet Server to Run Progress Utilities
| Autor |
Progress Software Corporation - Progress |
| Acesso |
Público |
| Publicação |
17/09/2008 |
|
SUMMARY:
Certain versions of Microsoft Windows 2000 include a Telnet Server
service for remote administration. This solution describes the operation of the command-line tool used for configuration, and the
basic security required to log on.
EXPLANATION:
Telnet is a service that allows a Telnet client to connect across a network and access a command session. This is similar to the way UNIX allows incoming shell connections.
Use of Microsoft Telnet Server service allows you to connect to
A Windows NT machine and perform certain Progress database administration tasks without having to have Progress installed on the client itself. You use a batch file like proenv.bat that will setup the relevant environmental settings for the session.
The Telnet Server Service Administration tool includes options that
you can use to start, stop, or get information about Windows 2000.
It is command-line based and to run the tool, click Start > Run >
type tlntadmn.exe at the Open Telnet Server service box > click OK.
Here, you can get a list of current users, terminate a user's session, and change Telnet Registry settings.
Unlike many Telnet services, the Microsoft Telnet Server service
offers a method of secure logon using NTLM security.
Most services allow for only a clear text logon which sends your password across the network in an unencrypted form. This means that anyone monitoring network traffic can capture your account name and password.
Depending on the security you require, you must change the NTLM
value selecting from within the admin tool as follows:
3) Display / change registry settings
7) NTLM
Setting NTLM to:
0 - Disables Windows NT LAN Manager (NTLM)
authentication.
1 - Attempts NTLM first, and then uses clear text
authentication.
2 - Uses NTLM authentication only.
Changes to the NTLM value require the Telnet server be stopped and restarted.
Other useful information:
- Logons to the Telnet server are considered to be local
connections, therefore in order to log on to the server, the
user account must be able to log on locally.
- File permissions are based on NTFS file system security. If you
have partitions using the FAT or FAT32 file system on your
server, any user that has access to Telnet can gain access to
all resources on these volumes.
sorour 29-jun-2000