Three key products have interdependencies that must be considered when properly preparing your network to implement Native File Access Protocols for both CIFS and AFP users. The three products are CIFS/AFP, NMAS™, and NICI. CIFS and AFP depend on Novell Modular Authentication Services™ (NMAS) for name resolution and authentication of NFAP users. NMAS is dependent on NICI for encryption/decryption services. A problem with any of these three products will cause CIFS/AFP users to be denied access to a Novell Netware server.
To properly configure CIFS and AFP, you should
Read Deploying Universal Password in the Novell Password Management Administration Guide.
Novell Netware 6.5 introduces the option to implement a new Universal Password, which replaces the use of the simple password previously required for NMAS authentication. The Universal Password includes the ability to create password policies and removes the need to maintain two separate passwords for NFAP users.
Ensure that the sys:\system\nici\nicisdi.key file (Tree Key) on every NMAS server in the tree is synchronized with the key domain server.
We recommend that not only servers running NMAS, but also all network servers have matching (synchronized) tree keys. See Deploying Universal Password in the Novell Password Management Administration Guide for instructions on how to prepare your NICI environment.
Ensure that NMAS is installed on or added to a NetWare 6.5 server that has a read/write eDirectory replica of the eDirectory partition where the user objects reside.
NMAS is included with NetWare 6.5 and is automatically installed with NFAP. It can be added to NetWare 5.1 with eDirectory 8.7.3 or later. For more information on NMAS, see the NMAS 3.2 Administration Guide.