Interoperability with NetWare |
Consider the following information when determining whether to use Gateway Service for NetWare or Client Service for NetWare on your Windows 2000–based network to access NetWare services. In general, if you intend to create or indefinitely maintain a heterogeneous environment composed of both Windows 2000 and NetWare servers, consider using Client Service for NetWare. If you intend to migrate gradually from NetWare to Windows 2000 or if you want to reduce administration, consider using Gateway Service for NetWare.
Client Service for NetWare provides the following advantages:
Client Service for NetWare allows you to establish user-level security rather than share-level security. With Client Service for NetWare, you can allow users access to individual user home directories (directories where individual user data resides) that are stored on a NetWare volume. Users can then map to their home directory plus any additional volumes to which they have been granted user-level security. On the other hand, to allow users access to individual home directories with Gateway Service for NetWare, you would need to give each user a separate drive letter.
Client Service for NetWare communicates directly with NetWare servers, avoiding the potential bottleneck caused by excessive traffic moving through a single network connection.
However, Client Service for NetWare has the following disadvantages:
For each user, you must create and manage separate user accounts for both Windows 2000 and NetWare. However, you do not need to manage the accounts separately if you are using an additional product. For Windows NT 4.0, Directory Service Manager eliminated the need to create separate user accounts on bindery-based servers. At this writing, this tool works only with Windows NT 4.0 and supports only bindery-based servers. For information about updates, see "Additional Resources" later in this chapter.
With Client Service for NetWare, you must install and maintain additional Client Service for NetWare software on each Windows 2000 Professional workstation.
Servers running Windows 2000 and servers running NetWare 5.0 use TCP/IP as the native protocol. However, Client Service for NetWare requires you to use IPX (through NWLink) and does not enable you to restrict IPX to a certain portion of your network. Even if you have clients on only one subnet running the IPX protocol, you might need to route IPX throughout your network.
Gateway Service for NetWare provides the following advantages:
With Windows 2000 Gateway Service for NetWare, the gateway service becomes the central interface for user access to NetWare Service for NetWare and you can perform all Windows 2000 user account management within the Gateway Service for NetWare user interface. You can secure regular share-level permissions and assign users or groups to the access control list (ACL) of each share.
With Gateway Service for NetWare, you can give clients access to NetWare resources without installing NetWare client software. Thus, you do not need to deploy and maintain network client software (such as Client Service for NetWare) on multiple client computers.
With Gateway Service for NetWare, you can isolate the IPX protocol to your local area network, so you do not have to route IPX throughout your network.
However, Gateway Service for NetWare has the following disadvantages:
With Gateway Service for NetWare, all Windows 2000 users access NetWare resources as if they were the same NetWare user. Gateway Service for NetWare assigns drive letters to separate NetWare files or directories, and then Windows 2000 share-level access is applied to the entire share. Therefore, the only way to provide user-level security using Gateway Service for NetWare is to assign separate drive letters for each user. Because users need to reserve some drive letters for local drives, mapped drives, and other applications, user-level security is impractical if you have a large number of users (more than twenty).
Using Gateway Service for NetWare, the Windows 2000 Server–based computer must act as a gateway between client computers and NetWare servers. All requests for NetWare services are processed through a single gateway connection, creating a potential bottleneck. However, in some cases, Gateway Service for NetWare performs better than Client Service for NetWare; for example, if most of your traffic is SMB rather than NCP traffic.