Winsock RSHD/NT

Copyright Ó 1998 Denicomp Systems All Rights Reserved

Click here to view license information.

Click here to view ordering information.

INTRODUCTION TO WINSOCK RSHD/NT

Winsock RSHD/NT (Remote Shell Daemon) is a service for Windows NT that services the standard rsh and rcp commands. It accepts requests for program execution from the rsh command and file transfers from the rcp command from other hosts on the network via TCP/IP and executes them on the system running Winsock RSHD/NT. It runs under Microsoft Windows NT 3.51 or higher.

Winsock RSHD/NT is similar to the Unix rshd, but provides some special functionality for the Windows environment, such as:

Command requests can come from clients running other operating systems such as Unix or from other Windows systems running Windows NT, Windows 95, or Windows 3.x. You can use the rsh utility that comes with your TCP/IP package or the rsh command in Denicomp Systems’ Winsock RCP/RSH/REXEC package (a separate product). Unix and Windows NT both have their own rsh commands; Windows 95 and Windows 3.x do not. Some third party TCP/IP packages include rsh.

Files can be copied to the system or from the system running Winsock RSHD/NT using the standard TCP/IP rcp command. This includes the rcp command available with Unix or Windows NT or a third party rcp command such as the one found in Denicomp Systems’ Winsock RCP/RSH/REXEC package. Windows 95 and Windows 3.x do not include the rcp command.

 

REQUIREMENTS

Winsock RSHD/NT requires a Intel x86-based system or DEC Alpha based system running Windows NT 3.51 or higher and a network.

Winsock RSHD/NT does not run under Windows 95. There is a version specifically written for Windows 95 called Winsock RSHD/95. Contact Denicomp Systems for more information.

 

SECURITY

The purpose of a Remote Shell Daemon is to service the standard rsh and rcp commands. These commands were designed to be used on a network where users and systems were generally trusted and convenience was more desirable than security.

Since rsh and rcp do not require users to supply passwords before being granted access, there is the risk of unauthorized users being granted access to your system when running Winsock RSHD/NT (or any Remote Shell Daemon, for that matter). This risk is greatly increased if the system running Winsock RSHD/NT is connected to the Internet. Winsock RSHD/NT provides mechanisms for you to determine which hosts and users are granted access to your system. Firewalls can also help to reduce this risk. But the risk of unauthorized access still remains even when these are used because of the lack of password validation.

By installing Winsock RSHD/NT, you are taking this risk of unauthorized access upon yourself. By installing Winsock RSHD/NT, you are agreeing that you will not hold Denicomp Systems responsible for any damage caused by unauthorized access to your system through the standard rsh and rcp commands. Denicomp Systems did not design the rsh and rcp protocols; RSHD/NT simply implements the standard originally designed for Unix systems.

Please review the license agreement included with Winsock RSHD/NT and do not continue with the installation or with using it if you do not accept its terms.

 

WINSOCK RSHD/NT INSTALLATION

As will be explained later, you can install Winsock RSHD/NT as a Windows NT service or as a Windows NT application. A service is a special Windows NT program that automatically starts in the background when Windows NT starts. It runs even when no one is logged on to the NT console. An application is simply a standard Windows NT program that you execute from the Start menu (or Program Manager) or from the NT Command Prompt. Applications only run when someone is logged in to the NT console; when you log out, NT will stop the application.

Normally, you will want to install Winsock RSHD/NT as a service. The only times you would not want to install RSHD/NT as a service would be if you either only wanted to have RSHD/NT running occasionally when you manually start it or you only want to experiment with it and you do not have permission to install it as a service.

If you are going to install RSHD/NT as a service, you must be logged in as a user who has permission to create services. Normally, you will want to do this while logged in as Administrator.

If you received a diskette, insert the Winsock RSHD/NT diskette into your diskette drive. If you are using Windows NT 4.0 or higher, click on Start, then Run. If you are using Windows NT 3.51, from the Windows NT Program Manager menu, select File, then Run. Then type the name of your diskette drive followed by "SETUP". For example, if the diskette is in the A: drive, type "A:SETUP". Then press the Enter key. (This can also be done from a Command Prompt if you prefer).

If you have downloaded a .ZIP file, you probably have already unzipped the file into a directory. From that directory, execute SETUP.EXE. You must not install the software into the same directory where you unzipped the files.

The Winsock RSHD/NT Installation window will then appear. Verify that the drive letter or directory shown in the Source field is correct. If it is not, specify the proper drive or directory.

Specify the directory in which you would like Winsock RSHD/NT to be installed in the Destination field. This will default to the \WRSHDNT directory on the drive where Windows NT is installed. You may change it if you wish. However, if you are installing RSHD/NT as a service, you must install RSHD/NT on a local hard drive, not a network drive. The NT Service Controller cannot access network drives.

If you do not want Winsock RSHD/NT to be installed as a Windows NT Service, uncheck the Install as Service option and it will not be added to the list of Windows NT Services. Winsock RSHD/NT can be run as an application instead of a service if you wish (details on how to do this are provided later).

Press the Install button to begin the installation. Press Cancel if you wish to exit.

Files will be copied to the destination directory. When all files have been copied, if you chose to install RSHD/NT as a service, the installation will ask you whether or not you want Windows NT to start the Winsock RSHD/NT service each time Windows NT starts. Click Yes to start it automatically each time Windows NT starts or No if you want to start the service manually. The Winsock RSHD/NT service will then be installed in Windows NT’s list of services and it will be started.

See the section on Winsock RSHD/NT Utilities for instructions on how to manually start and stop the Winsock RSHD/NT service.

 

REMOVING WINSOCK RSHD/NT

To remove Winsock RSHD/NT, use the Add/Remove Programs applet in the Windows NT Control Panel. Find Winsock RSHD/NT in the list of installed programs, click on it once, then click on the Add/Remove button. Verify that the directory shown is the directory where RSHD/NT is installed and click on the Uninstall button to proceed or Cancel to abort. This will completely remove Winsock RSHD/NT from your system.

If you wish to remove Winsock RSHD/NT manually, you must first stop the Winsock RSHD/NT service, then remove the service from Windows NT’s list of services before deleting the files. From the Windows NT Control Panel, double-click on the RSHD icon. Then, from the Winsock RSHD/NT Control Panel, click on the Service Control button.

From the Winsock RSHD/NT Control menu, first select Stop the Winsock RSHD/NT Service. Then select Remove the Winsock RSHD/NT Service. Removing the service does not actually delete any files. It only removes RSHD/NT from NT’s list of services. You can then delete the Winsock RSHD/NT directory. You should also delete the files WRSHDNT.CPL in the Windows NT System directory (\WINNT\SYSTEM32 for example). This is the Control Panel applet for Winsock RSHD/NT.

You should then also delete the Winsock RSHD/NT registry entries using regedit. The Winsock RSHD/NT registry entries are stored under the registry keys:

HKEY_LOCAL_MACHINE\SOFTWARE\DenicompSystems\WRSHDNT

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RSHDNT

 

RUNNING WINSOCK RSHD/NT AS AN APPLICATION

You can optionally run Winsock RSHD/NT as a Windows NT application instead of a service. This requires that someone log in to Windows NT so that Winsock RSHD/NT starts.

To start Winsock RSHD/NT as an application, execute the following command:

wrshdnt /s

If you are executing this command from the Windows NT Command Prompt, you should use the command:

start wrshdnt /s

If you do not use the start command, you will not have access to that Command Prompt window until Winsock RSHD/NT is stopped. Be sure that you do not already have Winsock RSHD/NT running as a service.

When Winsock RSHD/NT is started, it will display a window where messages about the status of Winsock RSHD/NT will display. The number and type of messages that display depends on the Message Level option in the Winsock RSHD/NT Configuration.

To stop Winsock RSHD/NT, simply close the window or activate the window and press Control-C.

 

WINSOCK RSHD/NT CONFIGURATION

Winsock RSHD/NT will work properly using its default configuration. You only need to configure Winsock RSHD/NT if you wish to change any of the available options, enable security, or use the logging capabilities. By default, no security is enforced and no logging is done

You configure Winsock RSHD/NT by using the Windows NT Control Panel. In the Control Panel, double-click on the RSHD icon to configure Winsock RSHD/NT. In the RSHD/NT applet, you can press <F1> at any time to display help information about the options available.

After changing most Winsock RSHD/NT Configuration options, you do not need to stop and restart Winsock RSHD/NT. It will recognize the change, unless you disable the monitoring of the registry (see below).

 

SECURITY AND LOGS

Security File: (Default: None)

Specify the full path name of the Security File used by Winsock RSHD/NT to enforce security (allow and deny users and hosts). The format of this file is explained in more detail later. If you do not specify a Security File, all users and hosts will be granted access to execute programs and transfer files to and from your system, unless you enable the option that requires remote user names to exist as Windows NT users (see below).

If you do specify a Security File and it does not exist or RSHD/NT cannot access it (because of insufficient permissions), no users or hosts will be granted access. Also be sure to save the Security File as an ASCII text file; if you save it in some other format (such as Write, Word, or Unicode), RSHD/NT will not be able to understand the data in the file.

Also, if you use the Edit Security button, it will start the Windows Notepad and allow you to edit the Security File you specified. However, Notepad automatically appends a .txt file extension to files, so if you do not specify a .txt file extension in the Security File name and you use this button, be sure to use Save As in Notepad to use the name you specified or add the .txt to the end of the name in the Security File field. If you do not, RSHD/NT will not be able to find the file you created; it does not automatically add the .txt extension.

If you do not wish to enforce any security, do not specify a filename.

Must Remote Users be Valid Users on this System? (Default: Unchecked)

If this option is unchecked, user login names sent to Winsock RSHD/NT by rcp and rsh do not need to be valid users on this system. Security is enforced only through the Security File.

If this option is checked, user login names from rcp and rsh must be valid users on this system. If the user is not valid, access will be denied. This is the standard behavior of a rshd. However, if the rcp and rsh commands are being executed from another operating system such as Unix, the user login names may not be the same between systems. If user logins are the same, you can then enable this option for security. If they are different, you should not enable this option.

Note: The Unix rsh and rcp commands have the ability to specify an alternate user (using the –l option for rsh and the user@ construct with rcp). It is the standard behavior of the Unix rsh and rcp commands to transmit both the alternate name specified on the command line and the actual login name. Both of these will be validated by RSHD/NT.

Message Log: (Default: None)

Specify the full path name of a file where any messages from Winsock RSHD/NT should be stored. The message file is optional. You should only enable the message log when you are trying to find the source of a problem, since the message log can become quite large on an active system.

This option is used in conjunction with the Message Level option. If Message Level is set to a value greater than zero (0), Winsock RSHD/NT will output messages that provide information about its operation. These messages are mostly useful for problem determination.

The message file created is a text file that you can examine at any time using utilities such as TYPE or MORE, or editors such as Notepad. You can clear the message log at any time by simply deleting it.

Message Level: (Default: 0)

Specifies the level of detail of the messages stored in the file specified in the Message Log option. The default level is 0, which will not write any messages to the message log file. Levels 1 through 4 will product increasing amounts of detail (level 1 provides the least detail, level 4 provides the most).

Request Log: (Default: None)

This option allows you to log all requests (programs to be executed) in a file you specify. Each time someone attempts to execute a program through Winsock RSHD/NT, the date and time, the user name, the host name, and the program will be written to this file.

Deny Log: (Default: None)

This option allows you to log all permission violations in a file you specify. Each time someone is denied permission to execute a program or copy a file through Winsock RSHD/NT, the date and time, the user name, the host name, and the program will be written to this file.

Error Log: (Default: None)

This option allows you to log all program execution errors in a file you specify. Each time someone receives an error trying to execute a program through Winsock RSHD/NT, the date and time, the user name, the host name, the program, and error message will be written to this file. These are errors that occur after the user has been granted permission to execute the program. For example, an error would be logged if a program were to be run that did not exist.

 

NOTE: Each of the log files may refer to the same file name if you wish. They will not overwrite each other. Each message is appended to the end of the file. You should be sure to periodically delete the log file(s) because they can get large over time on an active system.

 

RSH OPTIONS

Reject All Incoming RSH Commands? (Default: Unchecked)

If you check this option, all incoming rsh commands will be rejected, effectively disabling the rsh serving capability of RSHD/NT. This is useful if you only want to use RSHD/NT as an rcp server.

If a remote user attempts to issue an rsh command to this system, an error will be returned to the remote user stating that rsh has been disabled.

Attempt Redirection on Every Command: (Default: Checked)

If this option is checked (it is by default), Winsock RSHD/NT will assume that each program executed by rsh is a Windows NT Console application or MS-DOS program and attempt to send its standard output/standard error back to the rsh client and send the standard input from the rsh client to the program.

When you execute a program through Winsock RSHD/NT, it cannot tell whether the program is a Windows graphical application (which has no standard input or standard output) or a console application (character application with standard input and standard output).

If you check this option, you still may execute Windows programs via rsh and they will operate properly. However, unless you specify the special <[WIN]> indicator for Windows programs in the rsh command, there are a few downsides. First, there will be slightly more overhead when executing Windows programs because Winsock RSHD/NT will attempt to capture the standard output/standard error (and there is none). Also, Winsock RSHD/NT will wait for the Windows program to complete before closing the connection, which means the rsh command on the client will not end until the program executed ends. These downsides can be overcome by specifying the <[WIN]> indicator in the rsh command when you do not desire this behavior.

Execute All Commands through Command Shell? (Default: Unchecked)

If you check this option, Winsock RSHD/NT will automatically prefix every program you execute with the default command shell (usually cmd /c).

This is useful if you commonly execute batch files (.BAT or .CMD) or other command scripts for the shell you are using and you do not want to have to specify the shell command in every rsh command.

The default shell command is used as the prefix. This command can be specified in the Default Shell Command field; if no default shell command is specified there, cmd /c is used.

For example, if this option is enabled and you execute the following command from a remote system:

rsh winnt xyz.bat

RSHD/NT will execute the command as:

cmd /c xyz.bat

Disable Detection of Internal Commands (Default: Unchecked)

When you execute a program through Winsock RSHD/NT, it examines the command to determine whether or not it is a command internal to the default command shell (interpreter). If it is, it automatically prefixes the command with the default command shell (specified in the Default Command Shell field).

Some commands are not actually programs; they are interpreted and executed internally by the command shell. In the Windows NT command interpreter (CMD.EXE), some examples of these are DIR, SET, and COPY. If you look on your hard drive, you will not find a DIR.EXE or COPY.EXE. They are part of the NT command interpreter, CMD.EXE.

So, if you tried to execute a DIR command through RSHD/NT, it would not find the program since it doesn’t exist. You would have to tell it to use the command interpreter by executing the command CMD /C DIR.

By default, RSHD/NT examines the command and if it determines that the command is an internal command, it adds the shell command for you. You can disable this by checking this option. All commands will be executed as they are specified in the rsh command.

NOTE: If you check the option Execute All Commands through Command Shell?, this option is irrelevant, since the command shell will be added to the command in all cases.

Default Window Type for Commands: (Default: Normal)

This specifies the default window type to be used when executing commands through Winsock RSHD/NT using the rsh command. The default window type is used when the special window type indicators (<[NORMAL]>, <[MINIMIZE]>, <[MAXIMIZE]>, <[HIDE]>, etc.) are not specified in the rsh command.

The options available are:

Normal: The window for the command will display at its normal size.

Minimized: The window for the command will be minimized (without focus).

Maximized: The window for the command will be maximized.

Hidden: The window for the command will be hidden.

There are a few points you must consider when selecting the default window type:

List of Commands to Allow (File) (Default: None)

This option allows you to specify the name of a file that contains a list of commands that users are permitted to execute on this system through rsh. This allows you to provide strict control over the commands users can execute.

If no filename is specified here, all commands are permitted.

The file must be a plain text file, with each permitted command on a line by itself. Commands in the file should not contain any spaces. Comparison of commands is done only up to the first space or tab character.

When a user executes a command on this system through rsh, RSHD/NT will extract the first part of the command, up to the first space or tab character, and compare that to the lines in the file specified. If it does not exist in the file, the rsh command will be rejected.

Environment Variable File (Default: Blank)

This allows you to specify the name or names of files that contain environment variables that should be made available when programs are executed by RSHD/NT through rsh.

Normally, the environment for programs executed through RSHD/NT comes from the System Environment Variables specified in the System applet in the Control Panel. Those variables are inherited from the Windows NT Service Manager, so if the System Environment Variables are changed, you must reboot the system for them to be propagated to RSHD/NT (if you are running RSHD/NT as a service).

Alternatively, you can create a custom environment for RSHD/NT by entering the environment variables and values in a plain text file. Each line in the text file should have the format:

VARIABLE=VALUE

Each time a program is executed through RSHD/NT by rsh, a custom environment is built from the file or files specified in this parameter, based on the lines in those files.

You can specify a single filename or multiple filenames, with each separated by semi-colons (;). Each file is read in sequence and added to the System Environment Variables inherited by RSHD/NT to create a new environment for the program to be executed. If a variable name appears in multiple files, the last value read will be used.

You may reference previously set environment variables as you do in Windows NT batch files using %VAR%. For example:

PATH=%PATH%;C:\MYPROGS

The filenames should be full path names. There are three special keywords that you can use in the filenames if you wish:

%ruser% - Substitute the login name of the remote user

%luser% - Substitute the login name of the local user

%rhost% - Substitute the host name of the remote host

The %ruser% substitutes the login name of the remote user. This will be the login name the user used to log into the remote host from which the rsh command is being issued, unless the -l option of the rsh command was used to specify a different user; then that user will be substituted.

The %luser% substitutes the login name of the local user on the remote host. Normally, it is the same as %ruser%, unless the -l option of the rsh command was used. Then, this will contain the actual user login used at the remote host.

For example, if you are logged in as "john" on a remote host and you issue the command "rsh -l mary winnt xyz", the %ruser% will substitute "mary" and the %luser% will substitute "john".

The %rhost% substitutes the host name of the remote host, if it is available. That is, RSHD/NT must be able to find the name of the remote host based on its IP address, either by using the HOSTS file or DNS. If it is not found, the IP address will be substituted.

These special keywords allow you to have different environment files for different users if necessary. For example, if you specify the environment variable file:

c:\env\%ruser%.env

When "john" issues an rsh command, RSHD/NT will get the environment from the file "c:\env\john.env". When "mary" issues an rsh command, RSHD/NT will get the environment from the file "c:\env\mary.env".

Also, using the capability to specify multiple files, you can have a single "master" environment, and then only modifications to it by user. For example, you can have a standard set of environment variables in the file "c:\env\master.env" and user-specific modifications in the file "c:\env\%ruser%.env". Your environment variable file field would read:

c:\env\master.env;c:\env\%ruser%.env

First the variables in master.env would be read, then those for the user in %ruser%.env.

The Special "new" Keyword

The format of the environment variable files must be:

VARIABLE=VALUE

But, with one exception. If you specify the word "new" on a line by itself in an environment variable file, it will purge all environment variables set up to that point.

The primary purpose of this would be to remove all variables inherited from the System Environment Variables. It allows you to start with a "clean slate" and set all environment variables from scratch.

Default Command Shell (Default: None, use CMD /C)

This option allows you to specify the default command shell to be used when RSHD/NT detects an internal command or the command shell to be used if the option to Execute All Commands through Command Shell is checked.

You should use this option only if you are using an alternate command shell. By default, RSHD/NT uses the Windows NT command shell CMD.EXE. You must specify all necessary options to the command shell so that it can be prefixed to any command (internal or external).

If you end the shell command with a single quote (') or double quote ("), RSHD/NT will supply the closing quote. This is necessary if the shell program would interpret options to the command executed as its own option. For example, if you are using an NT version of the Bourne shell, you should specify the following as the command shell:

sh -c "

If you do not specify the trailing quote, the sh command will interpret options to the commands you execute instead of passing them to the command.

Internal Command List (Default: None, use CMD list)

If you specified a Default Command Shell that has different internal commands than those of the standard Windows NT command shell CMD.EXE, you can specify the internal commands for that shell here. Separate each command with a comma (,). Do not include any spaces. By default, RSHD/NT recognizes the internal commands of the Windows NT command shell.

Internal commands are commands that are interpreted and executed by the command shell. They do not exist as executable files (.EXE or .COM). If RSHD/NT does not recognize a command as an internal command, you must prefix it with the command shell.

You only need to specify this list if you want RSHD/NT to recognize commands internal to your command shell and automatically prefix the command with the appropriate shell command.

If you checked the option to Disable Detection of Internal Commands, this is not necessary and will have no effect.

For example, you could specify:

cd,dir,type

Whenever you execute the command:

rsh winnt dir

It would see that "dir" is in the internal command list and prefix it with the Default Command Shell before executing it.

Buffer Stdout/Stderr Until End of Command? (Default: Unchecked)

Check this option if you want RSHD/NT to buffer (store in a file) the standard output and standard error output of the commands you execute, and then send all of the output when the command completes. When this option is checked, standard input from the rsh command is not passed to the program executed.

Occasionally, this option is necessary when the program executed also uses redirection or pipes.

Execute All RSH Commands As User/Password: (Default: None)

NOTE: You must use Windows NT 4.0 or higher to use this option.

If you specify a user and password here, all commands run through RSHD/NT by rsh will be run in the security context of that user. If these are blank, RSHD/NT runs all commands in the context of the user specified in the Winsock RSHD/NT service setup under Windows NT.

By default, RSHD/NT is installed to run all commands as the special SYSTEM (also known as LocalSystem) user. This is a special NT user that has access to the NT desktop (screen) regardless of who is logged in. However, the SYSTEM user does not have access to any network shares, such as drives or printers. If the programs you run using rsh require access to network resources, you can either change the Winsock RSHD/NT service setup to run the service as a different user or you can specify a user and password in these fields.

The user can be a normal user account or you can create a special account just for the purpose of rsh. It is recommended that you specify that the user’s password does not expire, however. If the user’s password expires, rsh commands will not function until you manually update the RSHD/NT setup with the new password. Windows NT will not update it for you.

The differences between specifying a user in these fields and changing the RSHD/NT service setup are:

- If you change the service setup to run as a non-SYSTEM user, you will no longer see the window of any commands you run through RSHD/NT on the NT system. NT will run them on an invisible desktop. If you specify a user and password in these fields, you will continue to see the window of commands run.

- If you change the service setup to run as another user, access to files copied with rcp will also be done in the context of that user. If you specify a user and password in these fields, rcp copies will continue to be done as the user specified in the RSHD/NT service setup, unless a user is specified in the RCP configuration section (explained later).

If the user is a domain user, you must use the format DOMAIN\User. For example, to specify the user "remote" in the domain ABC, you would enter it here as ABC\remote.

IMPORTANT: If you specify a user and password in these fields, you must run the Winsock RSHD/NT service using the System Account and also enable the option to allow the service to interact with the desktop. This is the default service setup, so if you have not changed it from its initially installed state, no changes are required.

 

RCP OPTIONS

Reject All RCP Copies to This System (Default: Unchecked)

If this option is checked, all attempts to copy files to this system with the rcp command will be rejected with an error message stating that incoming copies are disabled. This allows you to make the system "read only" when using the rcp command. You can also reject copying from the system, essentially disabling the rcp capability of RSHD/NT.

Reject All RCP Copies to From System (Default: Unchecked)

If this option is checked, all attempts to copy files from this system with the rcp command will be rejected with an error message stating that outgoing copies are disabled. This allows you to make the system "write only" when using the rcp command. You can also reject copying to the system, essentially disabling the rcp capability of RSHD/NT.

Preserve Case in Multi-File Copies: (Default: Unchecked)

Specifies whether Winsock RSHD/NT should preserve the case of filenames when files are copied from this system by rcp using wildcards or recursive copies. By default, when the remote system uses a wildcard or recursive copy to get files from this system, Winsock RSHD/NT will convert all directory and filenames to lowercase letters before sending them to the remote system.

Although the Windows NT filesystem is not case sensitive (ABC and abc are the same file), it can store the case of the filename. When copying files via rcp to operating systems that are case sensitive, such as Unix, it is usually most useful to convert all of the names to lowercase letters.

If you do not wish to have all of the names converted to lowercase letters, check this option. The rcp command will then create files in exactly the same case as the names appear in the directory under Windows NT.

Note that this affects only wildcard and recursive copies. When copying individual files, the files will be created in the case you specify in the rcp command.

Automatic End-of-Line Conversion (Default: Never)

This specifies whether or not RSHD/NT should perform any end-of-line conversions on files transferred to or from the NT system using rcp.

Under MS-DOS, Windows 3.x, Windows 95, and Windows NT, lines of text are delimited by carriage return and newline pairs (ASCII 13 and ASCII 10). Under Unix, lines of text are delimited by only newlines (ASCII 10). Often, when copying text files between the two operating systems, it is necessary to convert the end-of-line delimiters to the proper method. RSHD/NT provides a way to automatically do this.

When files are copied from the NT system through RSHD/NT, carriage returns will be removed from all carriage return/newline pairs (i.e. converted to Unix format). When files are copied to the NT system through RSHD/NT, carriage returns will be added to every newline character that is not already prefixed by a carriage return (i.e. converted to NT format).

There are four options available. The option you select affects all rcp copies to this system and all rcp copies from the system. It does not affect the operation of the rcp command on the NT system. It only affects the result of rcp commands that access files on this system from other systems.

No end-of-line conversion will be done. All files will be transferred or received unmodified.

Convert the end-of-line characters on every file copied from or to this system through RSHD/NT.

 

Only convert end-of-line characters in files ending with the specified list of file extensions; any file not ending in the specified extensions will be copied without modification. You must then enter the list of file extensions. Separate each file extension by a comma. Do not include any spaces. You must include the "dot" (.). For example: .TXT,.C,.H,.PRN,.MAK

RSHD/NT will examine the contents of the first block of the file to be sent or received and determine whether or not an end-of-line conversion is necessary. If the first block contains only text characters (letters, numbers, spaces, tabs, carriage returns, newlines, backspaces, escapes, and form feeds), RSHD/NT will perform an end-of-line conversion on the file. If the first block contains any other non-text data, it will be copied without modification.

The size of the first block is specified in the RCP Block Size field.

RCP Home Directory (Default: Blank)

Specifies the starting directory where files will be copied from or to when a relative path name is used in an rcp command (no initial slash or backslash).

This directory must exist if specified. The directory name specified can contain the following special keywords:

%ruser% - Substitute the login name of the remote user

%luser% - Substitute the login name of the local user

%rhost% - Substitute the host name of the remote host

The %ruser% substitutes the login name of the remote user. This will be the login name the user used to log into the remote host from which the rcp command is being issued, unless the @ option of the rcp command was used to specify a different user; then that user will be substituted (e.g. user@host:filename).

The %luser% substitutes the login name of the local user on the remote host. Normally, it is the same as %ruser%, unless the @ option of the rcp command was used. Then, this will contain the actual user login used at the remote host.

For example, if you are logged in as "john" on a remote host and you issue the command "rcp xyz mary@winnt:", the %ruser% will substitute "mary" and the %luser% will substitute "john".

The %rhost% substitutes the host name of the remote host, if it is available. That is, RSHD/NT must be able to find the name of the remote host based on its IP address, either by using the HOSTS file or DNS. If it is not found, the IP address will be substituted.

RCP Block Size: (Default: 512)

Specifies the number of bytes in a block of data that the Remote Copy (rcp) service of Winsock RSHD/NT processes at one time. When files are copied to the system, it reads from the network and writes to the disk in blocks of this size. When files are copied from the system, it reads from the disk and writes to the network in blocks of this size. Note that this is an internal block size only; it does not change any TCP/IP parameters.

RCP Spoofing Prefix: (Default: None)

This specifies the first characters of the rcp command send by the remote host that Winsock RSHD/NT should use when "spoofing" the rcp protocol. With its roots in Unix, the rcp command actually internally executes an rsh command to start rcp on the remote host before transferring files. Winsock RSHD/NT "spoofs" or looks for rcp commands executed through rsh by the remote host and services the rcp transfer.

By default, Winsock RSHD/NT looks for the command prefixes of:

rcp -

/usr/bin/rcp -

/usr/lib/sunw,rcp -

set vms_rcp = 1 ; rcp -

Some rcp commands (especially those on non-Unix and non-Windows systems) may send other commands to initiate the rcp protocol. If yours does, you should enter the command prefix (up to and including the first hyphen) here. The last character should always be a hyphen with nothing after it, including spaces.

Regardless of the spoofing prefix entered, Winsock RSHD/NT will continue to look for the above default prefixes.

Execute All RCP Copies As User/Password: (Default: None)

This option allows you to specify a separate Windows NT user account and password for all rcp copies. Normally, RSHD/NT reads and writes all files as the user specified in the Winsock RSHD/NT service setup under Windows NT.

However, when RSHD/NT is running as the default LocalSystem user so that it has access to the desktop, it accesses all files as this special user. By specifying a user account and password here, you can still run the RSHD/NT service through the LocalSystem account, but control access to files through this user account.

When RSHD/NT services the rcp command, it will essentially log in as this user. It will be able to read and write any files that this user can read and write. If new files are created, they will be owned by this user (not the user on the remote system). So you can control access to files through rcp by modifying the permissions of this user.

The user can be a normal user account or you can create a special account just for the purpose of rcp copies. It is recommended that you specify that the user’s password does not expire, however. If the user’s password expires, rcp copies will not function until you manually update the RSHD/NT setup with the new password. Windows NT will not update it for you.

 

ADVANCED OPTIONS

Installation Directory: (Default: C:\WRSHDNT)

This is the directory where Winsock RSHD/NT is installed. This will be filled in by the RSHD/NT installation program. If you move RSHD/NT to another location, you must update this.

Initial Working Directory: (Default: C:\WRSHDNT)

This specifies the directory that will initially be considered the current working directory for all commands executed using rsh. It will also be considered the current working directory for all files copied using rcp, unless an RCP Home Directory is specified. If this is blank, then the Installation Directory becomes the initial working directory.

When RSHD/NT starts, it changes to this directory and remains there, unless an rsh request is received to execute the cd or chdir command, which will change RSHD/NT’s working directory.

Note that a cd or chdir command will change RSHD/NT’s working directory for all subsequent commands, regardless of the user or system they are executed from.

Disable Multithreading in RSHD/NT: (Default: Unchecked)

Multithreading allows Winsock RSHD/NT to process multiple requests simultaneously. When multithreading is disabled by checking this option, Winsock RSHD/NT will accept and complete only one request at a time. Other requests received during this time will be queued and executed in the order in which they were received. Normally, you will want multithreading enabled, but you can disable it, for example, to ensure that the system will not become bogged down with requests.

Disable Monitoring of Registry for Changes: (Default: Unchecked)

Normally, Winsock RSHD/NT starts a thread that monitors the Windows Registry for changes to the Winsock RSHD/NT configuration options and if any options are changed, re-reads the registry so that the new options take effect.

If this option is checked to disable the monitoring of the Registry, you must stop and start Winsock RSHD/NT manually (or reboot the system) for the Registry changes to take effect.

You may want the Registry monitoring disabled for security purposes so that no Winsock RSHD/NT options are changed while the system is in operation.

Host IP Address (If Multi-Homed): (Default: None)

If your system is multi-homed (it has multiple network cards, each with its own IP address), you can specify which IP address RSHD/NT will use to listen for requests. If you leave this empty, it will accept requests from any of the IP addresses associated with the system. If you specify one of the addresses of one of the cards (in dotted-decimal format), it will only accept requests routed to that address.

Listen Port: (Default: 514)

Specifies the port number that Winsock RSHD/NT listens to for connections. The standard port for the Remote Shell daemon is 514.

Listen Backlog: (Default: 100)

Specifies the number of requests that can be backlogged when Winsock RSHD/NT is listening for connections. The minimum is 1; the maximum is dependent on the version of Windows NT being used.

WINSOCK RSHD/NT SECURITY FILE

With Unix, security is enforced on remote command execution using a combination of the password file (/etc/passwd), the hosts file (/etc/hosts),and the host equivalency files (/etc/hosts.equiv and $HOME/.rhosts).

Winsock RSHD/NT enforces security through the Security File. The name of this file is specified in the Winsock RSHD/NT Configuration in the Security File entry.

If you specify a Security File name and the file does not exist or the file is completely empty, all hosts and users are denied access.

Conversely, if you do not specify a Security File, all hosts and users are granted access. So if you do not wish to enforce any security, do not specify a Security File name in the configuration file.

Additionally, you can configure Winsock RSHD/NT to ensure that user names on remote hosts are valid on this system. You should only enable this security option if you use consistent user names across all of the systems on your network.

You create the Security File using a text editor. If you are using the Winsock RSHD/NT Control Panel applet, you can click on the Edit Security button to run the Windows Notepad editor to edit the Security File specified in the Security File configuration option.

The Security File consists of lines that specify who may or may not access the system using Winsock RSHD/NT. The following are the options available:

# Any line beginning with # is treated as a comment and is ignored.
+ A plus sign (+) on a line by itself specifies that ALL hosts and users are granted permission. This is useful if you wish to allow many hosts and users, but deny only a few. Use the deny options on subsequent lines.
Host You can specify a host that is granted permission by entering the name of the host on a line by itself. All users on that host are granted permission, unless you specifically deny those users on subsequent lines.
!host You can specify a host that is denied permission by entering an exclamation point (!) followed by the name of the host name of the host on a line. All users on that host are denied permission, regardless of subsequent lines.
+user You can specify a user name that is granted permission by entering a plus sign (+) followed by the user name on a line. Do not put any spaces between the plus sign and the user name. That user will be granted permission regardless of the host (as long as the host is not specifically denied). See below for an explanation of the source of the user name and how it is validated.
-user You can specify a user name that is to be denied permission by entering a minus sign (-) followed by the user name on a line. Do not put any spaces between the plus sign and the user name. That user will be denied permission on all hosts. See below for an explanation of the source of the user name and how it is validated.
+user@host You can specify a user name and a host that is granted permission by entering a plus sign (+) followed by the user name, an at-sign (@), followed by the host name on a line. Do not put any spaces between the plus sign and the user name or before or after the at-sign. That user on the specified host will be granted permission, but only from that host.
-user@host You can specify a user name and a host that is denied permission by entering a minus sign (-) followed by the user name, an at-sign (@), followed by the host name on a line. Do not put any spaces between the minus sign and the user name or before or after the at sign. That user on the specified host will be denied permission, but only when coming from that host.

When specifying the host on the lines in the Security File, you may use either a host name or an IP address (in dotted-decimal format). If you use a host name, that name must be resolvable by TCP/IP, either through the hosts file or through DNS.

You may use wildcard characters when specifying the user and/or host name in the Security File. The wildcard characters that can be used are:

* Matches multiple characters. Example: *.sprynet.com
? Matches a single character. Example: 192.72.124.??
[ ] Matches a list of characters or range of characters. Example: 204.22.6[5-9].*
[! ] Matches characters NOT in a list or range of characters. Example: 204.22.[!5-9]?.*

If the request is coming from a Unix system, the user name is the login name of the user. If the request is coming from a Windows PC or non-Unix operating system, the method of specifying the user name is determined by the implementation of the rsh or rcp command you are using.

Keep in mind that the standard rsh command allows you to override the user login name with the -l option and the standard rcp command allows you to use "user@" before the host name to override the user login name. When the user login is overridden using these methods, the standard Unix rsh and rcp implementations send both the actual login name and the override name specified on the command line. If you are specifying user names in the Security File, keep this in mind.

 

USING THE SECURITY FILE

To effectively use the Security File, you must first understand how it is viewed by Winsock RSHD/NT.

When Winsock RSHD/NT receives a request, it sequentially processes the lines in the Security File to determine whether or not the host and user are granted or denied access. It looks at each line in the Security File until it determines that either the host or the user is specifically denied permission.

Winsock RSHD/NT begins by assuming that permission is denied for the request. It then examines the lines in the Security File to see if any of the lines pertain to this request.

Once Winsock RSHD/NT finds a line that denies access to either the user or the host, it stops looking and denies permission.

If it finds a line that grants permission to the user and/or host, permission is tentatively granted, but it continues to process the lines in the Security File.

If it processes the entire Security File and does not find a line that grants permission to the user and/or the host, permission is denied. If security was tentatively granted at some point and not denied subsequently, permission is granted.

For example, let's say that the following is the contents of the Security File:

jetty

booey

eib

192.56.42.3

+fred@mars

-gary@booey

-jackie

+robin

*.netcom.com

In this example, if any user on the host "jetty" makes a request, permission will be granted, unless the user is "jackie", since "jackie" is denied access from all hosts (-jackie).

If "jackie@jetty" makes a request, Winsock RSHD/NT reads through the Security File and finds the host name "jetty", and tentatively grants permission. However, it continues and finds that the user "jackie" is denied from all hosts, so permission is denied.

Also, if any user on the host "booey" makes a request, they are granted permission unless the user is "gary", since "gary@booey" is specifically denied permission (-gary@booey). All other users on the host "booey" are granted permission except "jackie" (-jackie).

The user "fred" on the host "mars" is granted permission because of the line "+fred@mars". However, since the host "mars" does not appear on a line by itself, no other users on the host "mars" are granted permission except the user "robin", who is granted permission from any host (+robin).

Finally, all users making requests from systems whose host names end in ".netcom.com" are granted permission, unless the user is "jackie", since "jackie" is denied permission from all systems.

 

TROUBLESHOOTING THE SECURITY FILE

If you think you have properly set up the Security File, but you are being denied access when you think you should be granted access, the following provides some tips on determining the cause of the problem:

If these tips do not help, enter a filename in the Message File field and a 4 in the Message Level field in the RSHD/NT Control Panel applet. Then execute rsh or rcp from a system that should be given access, then examine the Message File. It will contain a trace of the steps RSHD/NT is using to validate the remote user and host.

 

RSHD/NT AND NT SECURITY

Under Unix, the Remote Shell Daemon process (rshd) implements security through user equivalence. That is, it is assumed that when an rcp or rsh command is executed by the user "john" on a client system, the user "john" exists on the host system and has the appropriate privileges.

Under Unix, the Remote Shell Daemon process (rshd) runs as the super-user, root. Unix has a feature known as "set user id" or "setuid". When you execute an rsh or rcp, the Unix rshd effectively "becomes" the user passed to it by rcp or rsh.. Any process spawned (rsh ) or file accessed/created (rcp) are done so as if that user were logged on to the system, taking on the security attributes of that user.

Windows NT has a similar capability (called "impersonation" in NT). However, there is a basic, but important difference. In order for a process like RSHD/NT to "become" another user, that user’s password must be supplied. This is incompatible with rcp and rsh - they cannot ask for a password. So it is not possible for RSHD/NT to mirror this feature of Unix’s rshd.

When RSHD/NT is installed by its SETUP program, an NT service is created and is set up to run RSHD/NT as the user System (also known as LocalSystem), which is a privileged account. Any files accessed by RSHD/NT will be accessed as the user System and any programs spawned will be done so as the user System. This means that programs run through rsh will have unrestricted access to the NT system and rcp will have unrestricted access to the files on the NT system.

Although the default System account is privileged (meaning it has access to all resources on the NT system where RSHD/NT is running), the System account does not have access to any network resources, such as shared drives or printers. This is a Windows NT security feature. If you attempt to run a program through rsh that needs to access a network resource, such as a shared drive, or you need to rcp a file on a shared drive and the service is running as System, you will receive errors.

If you need to restrict access through RSHD/NT or you need to have access to network resources, you have two options.

Option 1:

You can restrict access to files through rcp by specifying a user account and password in the RSHD/NT Control Panel in the option labeled Execute All RCP Copies as User/Password. All files accessed by rcp commands will be accessed as that user. If you restrict access to any files or directories for that user, they will also be restricted for all rcp commands. If you need access to shared drives on your network through rcp, this will also solve the problem, as long as you specify a user who has sufficient privileges to access the necessary shared drives.

You can restrict access to files and resources of programs run using rsh by specifying a user account and password in the RSHD/NT Control Panel in the option labeled Execute All RSH Commands as User/Password. All programs run using rsh will be run in the security context of the user specified. This will also allow the program to access network resources if the selected user has sufficient privileges..

Option 2:

You can change the setup of the RSHD/NT service using the Services applet in the Control Panel. You can specify an account other than System and RSHD/NT will execute with the security attributes of that user. All rcp and rsh commands serviced will be restricted to the privileges of that user.

You can do this with the following procedure. In the NT Control Panel, double-click on Services. Find Remote Shell Daemon in the list of services and click on it once. Then click on the Startup button. Choose This Account and then click on the "..." button. Select the desired user account and click on the Add button, then click on OK. Enter that user's password twice and click on OK. Then click on the Stop button to stop RSHD/NT, then click on the Start button to restart the service.

The downside to the second option is that only the System user has access to the Windows NT desktop. So if you run RSHD/NT as any other user, NT executes the programs on an invisible desktop so you will not see any windows of programs executed through RSHD/NT and you will not be able to use the special "send keys" option of the rsh command. The rsh command will continue to function properly in all other cases, however. Option 1 does not have this problem because the service still runs as System, but the programs will run in the context of the user specified.

In both cases, you can specify the account name of an existing user. However, this can cause problems because you must also specify that user’s password. If that user’s password expires or changes, you must remember to manually change it in the setup at that time or RSHD/NT will not start. NT will not update the Service setup automatically.

An alternative is to set up a new account specifically for the purpose of running RSHD/NT. Specify that the account’s password does not expire so it will not be forced to change. You can then set up the security attributes of that user and they will be inherited by all rsh and rcp commands serviced by RSHD/NT. (This is similar to the way NT’s FTP Server implements security for anonymous users.)

This will then allow you to restrict the files accessible by users using rcp and rsh . It is not totally ideal because all users will be given the same access rights. But it is a necessary compromise because of the basic differences between NT and Unix.

 

USING MAPPED DRIVES/PRINTERS THROUGH RSHD/NT

If you need to access a network resource (such as a shared drive or printer on another system) through RSHD/NT, you must follow the steps in the previous section RSHD/NT and NT Security so rsh or rcp executes in the security context of a user who has access to those resources. By default, RSHD/NT runs as the System user, who does not have access to any network resources.

If you follow the steps in that section, you will then be able to access network resources using their UNC (Universal Naming Convention) names. For example, if there is a directory shared as "CDRIVE" on the system named "SERVER2", you can access it using the path name \\SERVER2\CDRIVE. You do not need to map a drive letter to it; you can access it directly (assuming proper permissions) using its UNC name. For example, to get a directory listing of that directory, you could use:

rsh winnt3 dir \\server2\cdrive

This command would access \\SERVER2\CDRIVE (case is not significant) through RSHD/NT running on the system "winnt3".

Ideally, you should always use UNC path names, but there may be times when it is necessary for you to map a drive letter or LPT port to a network resource through RSHD/NT. If mapped drives or printers are required, there are a few special considerations involved.

You can use NET USE commands in batch files executed through RSHD/NT as long as you remember to delete the map(s) at the end of the batch file. For example:

REM MYTEST.BAT

NET USE F: \\SERVER2\CDRIVE

DIR F:

NET USE F: /DELETE

This is OK because it creates the map, uses it, then deletes it. Since the batch file is executed with a single rsh command, it is executed within a single logon session so the drive letter will be usable throughout the batch file. But if you omitted the NET USE F: /DELETE command, F: would become orphaned and unusable when the batch file ended. The next time you ran the batch file, it would fail.

NOTE: The above batch file could also fail for two other reasons:

 

USING AUTOMAP.INI TO AUTOMATICALLY MAP DRIVES/PRINTERS

If you must use drive letters and LPT ports to access network resources through RSHD/NT and you cannot use UNC path names, your only options are:

The AUTOMAP.INI file allows you to set up drive and printer mappings for use in RSHD/NT. For each rsh and rcp command, RSHD/NT will read this file and map the specified drives and printers, execute the command, then automatically unmap the drives/printers for you so they are usable by the next command and so they do not become orphaned.

The AUTOMAP.INI file is a text file that you can create with a text editor (such as Notepad or EDIT). It must be stored in the RSHD/NT Installation Directory (usually C:\WRSHDNT - check the RSHD Control Panel applet to be sure; look on the Advanced tab).

In the AUTOMAP.INI file, you can specify NET USE commands to establish drive and printer mappings. The syntax of the NET USE command allowed in AUTOMAP.INI file is:

NET USE d: \\system\resource [password] [/USER:user]

 

Where:

d: The drive letter or LPT port (i.e. LPT2:) to be mapped. Specify "*" if you only want to connect to the resource, but not map a drive letter.
   
\\system\resource The UNC path name of the network resource
   
password An optional password, if required to access the resource
   
/USER:user An optional parameter that allows you to specify the user account to use when accessing the resource. If not specified, the current user account is used. That is, the use specified in the RSH User or RCP User fields in the RSHD Control Panel applet or the user specified in the service startup.

This syntax is the basically the same as the standard NET USE syntax, except:

So, if you placed the following lines in AUTOMAP.INI:

NET USE F: \\SERVER2\CDRIVE

NET USE M: \\WESTCOAST\ACCT clancy2 /USER:tom

NET USE LPT4: \\PRSERVER\PRT1

For every rsh and rcp command, RSHD/NT would map F: to \\SERVER2\CDRIVE, M: to \\WESTCOAST\ACCT (using the user "tom" and the password "clancy2"), and LPT4 : to \\PRSERVER\PRT1. It would then execute the command, then unmap the drives and printers automatically. It will do this regardless of whether the command actually uses the mapped drives or printers, since RSHD/NT has no way of knowing whether it will or not.

RSHD/NT will not report a failure if it cannot create any of the maps. Your command may fail because the map is unavailable or inaccessible and that may cause an error to be reported back to you, but the mapping failure itself will not generate an error.

Again, the map would fail if another process already has the drive letter or printer port name in use.

You can also create "sections" in AUTOMAP.INI that allows you to specify different mapping schemes for different users and hosts. Any maps that appear at the beginning of the file that are not under a section heading get mapped for every user from every host.

You can specify sections in the AUTOMAP.INI file for specific users, specific hosts (clients), or specific users on a certain host. You do this by enclosing the specification in square brackets ([ ]) and including the maps under it. The options are:

[+user] - The maps in this section are only executed for "user"

[host] - The maps in this section are only executed for rsh/rcp commands from "host"

[user@host] - The maps in this section are only executed for rsh/rcp commands from user@host

The "user" referred to above is the user received from the client in the rsh/rcp command. This may be the logged on user on the client or it may be overridden with the -l option in rsh or the user@host: specification in the rcp command.

You may use wildcard characters (*, ?) if necessary and you may use IP addresses instead of the host name if you wish. Some examples:

[+john]

[myhost.com]

[10.0.1.*]

[alice@brady.com]

You can specify comments in the AUTOMAP.INI file by using "rem", "#", or ";" at the beginning of a line.

The following is an example of a slightly more complex AUTOMAP.INI file:

 

# These maps are for all users

NET USE F: \\SERVER1\C

NET USE G: \\SERVER1\CDROM

[10.0.1.*]

# These maps are only for users with local IP addresses

NET USE H: \\SERVER2\SECRET

NET USE LPT4: \\SERVER1\HPLASER

[honcho@oursys]

# Only the head honcho can access this

NET USE M: \\MGMT\DATA

 

NOTE: Although the NET USE command is a standard NT command, please realize that AUTOMAP.INI is not a batch file. The NET USE syntax is only used for the purpose of familiarity. RSHD/NT is reading and interpreting lines in the AUTOMAP.INI file - it is not actually executing NET USE commands per se. So you cannot include any other commands besides NET USE in AUTOMAP.INI and you cannot use any other options to NET USE other than those shown here. If you try, the lines will be ignored.

Keep in mind that this is not a complete solution to the problem of using mappings. You still must somehow deal with the fact that Windows NT is not a multi-user system and if another process uses a drive letter, it will not be usable by any other process until the process that created it deletes the map. There is nothing that RSHD/NT can do about this - it is the way Windows NT works.

 

EXECUTING COMMANDS

With Unix, the rsh utility executes the specified program on a remote host and returns the standard output and the standard error output to the rsh command. You can then see the output of the programs on your screen.

When you execute NT console or MS-DOS programs using rsh, you will also see the standard output and standard error output of those programs. NT console and MS-DOS programs are character-based and write output to the standard output/error, which RSHD/NT can capture and return to the remote system.

For example, the following command would display a directory of the C: drive’s root directory on your screen (assuming RSHD/NT’s default configuration is being used):

rsh winnt3 dir c:\\

Note the double backslashes (\\). If this rsh command is being issued from a Unix system, Unix uses the backslash as an "escape" character. To send a single backslash to RSHD/NT, you must specify two.

With Windows graphical programs, there is no such thing as "standard output" and "standard error". Programs execute in graphical windows, so there is no way to return any output using rsh. (There are also some NT console and MS-DOS programs that write directly to the screen and their output cannot be returned either.)

Therefore, when using rsh to initiate programs on a Windows NT system, you will not see any output of graphical programs on your screen (where the rsh command was used). It will display on the Windows NT system that received the request.

For example, if you used the following command:

rsh winnt3 excel

This would start Excel on the NT system named "winnt3" (assuming "excel.exe" was in the PATH). You would see nothing on your screen as a result of starting Excel. Excel would be running on the screen of the NT system named "winnt3".

If you attempt to execute a program that does not exist or Windows returns an error trying to load the program, you will receive a descriptive error message on your screen from Winsock RSHD/NT to tell you that the program was not successfully executed.

Important Note: Winsock RSHD/NT uses the PATH and other environment variables specified in the System Control Panel for the entire system, not for a specific user. If you are trying to execute a program that Winsock RSHD/NT cannot find, check the System environment variables. You can also use an Environment Variable File to change the PATH; see the section on configuring RSHD/NT for more details.

EXECUTING INTERNAL SHELL COMMANDS

Some commands that you can execute at Windows NT’s Command Prompt are not actually programs; they are internally recognized by the command interpreter CMD.EXE. One example of this is the DIR command. If you look in the directory where Windows NT is installed, there will be no DIR.EXE. It is part of CMD.EXE.

In previous versions of Winsock RSHD/NT, you had to prefix these internal commands with "cmd /c". Winsock RSHD/NT now recognizes internal commands and will execute them through the NT command interpreter. Prefixing the commands with "cmd /c" is no longer necessary, although it will still work if you do.

If you are using an alternate command shell, you can specify this shell and its internal commands in the RSHD/NT Control Panel applet. RSHD/NT will then recognize them and prefix them with your command shell.

 

STANDARD INPUT/OUTPUT/ERROR REDIRECTION

You can optionally capture the standard output and standard error output of Windows NT Console or MS-DOS programs through Winsock RSHD/NT with the rsh command. This allows you to display the output of these programs that output to the standard output or standard error on another screen or capture it to a file on another system. It also allows you to send the standard input from rsh to the remote program. This is known as redirection.

By default, Winsock RSHD/NT automatically attempts redirection on every program executed using rsh, to capture the standard output and standard error and send it back to the rsh command, and receive standard input sent to it by the rsh command and provide it to the program executed.

If you mostly execute NT Console or MS-DOS programs through RSHD/NT, this default behavior of automatic redirection is the most useful. However, it does have some downsides when you want to execute graphical programs through RSHD/NT (which do not have standard input/output/error) or you simply do not need redirection even for console or DOS programs.

The downsides to automatic redirection are:

You can control this in two ways, if necessary:

Option 1. If you only occasionally need to use rsh to execute graphical programs or console/DOS programs where you do not want rsh to wait until they complete, you can add the special "<[WIN]>" option in the rsh command. This tells RSHD/NT that it should not attempt redirection on this program only. For example:

rsh winnt "<[WIN]>" excel

This will start Excel on the system named "winnt" and RSHD/NT will not attempt any redirection. The rsh command will end immediately after Excel starts; it will not wait until Excel exits. Without the "<[WIN]>", the rsh command would not end until you closed Excel.

Option 2. If you mostly execute graphical programs or you usually do not want to do redirection on console/DOS programs because you do not care about the output, you should uncheck the option labeled Attempt Redirection on Every Command in the RSHD/NT Control Panel applet. If you uncheck this option, RSHD/NT will not automatically attempt redirection, unless you specify the special "<[CON]>" option in the rsh command. This tells RSHD/NT that it should attempt redirection on this program only. For example:

rsh winnt "<[CON]>" net view

This will run the "net view" command on "winnt" and display the output on your screen. The "net view" command displays information on the standard output.

 

WAITING FOR COMMANDS TO COMPLETE

If you have unchecked the RSHD/NT Control Panel option labeled Attempt Redirection on Every Command, programs executed through rsh will return control back to rsh immediately after the program begins. It will not wait until it completes.

If you want the rsh command to wait until the program finishes executing, you can use the special "<[WAIT]>" option in the rsh command. For example, to execute the command "bkgprint" and wait for it to finish, use:

rsh winnt "<[WAIT]>" bkgprint

 

SENDING KEYSTROKES

Winsock RSHD/NT provides the ability for you to send keystrokes to a graphical Windows application you initiate using the rsh command. It also allows you to specify how the window is to be displayed (i.e., normal, minimized, maximized, or hidden). This provides you with some "remote control" over what the program you run does once it starts.

If you are running the RSHD/NT service as a user other than the default System account, you will not be able to use this function. This is a feature of Windows NT’s security system – only the System user has access to the NT desktop (screen). When the RSHD/NT service is run as a non-System user, NT puts the windows on an invisible desktop and they cannot receive keystrokes. A better option is to use the Execute All RSH Commands as User option in the RSHD/NT Control Panel applet and continue running the service in the System account. This will allow you to use keystrokes.

Also, due to a limitation in Windows NT, you cannot send keystrokes to an application started through Winsock RSHD/NT if there is no one logged in to Windows NT. The program will be executed, but it will not receive the keystrokes. This is again due to NT’s security system. When NT is at a login, the login window is displayed on a special desktop and no other program can gain access to it. NT does this so no other program can attempt to capture your password as you type it.

If you are familiar with Microsoft Visual Basic or the Visual Basic for Applications (VBA) macro language, sending keystrokes s is very similar to the SendKeys capability of those programming languages.

The standard syntax of the rsh command is:

rsh hostname command

This will execute "command" on the host "hostname". Winsock RSHD/NT allows a slight modification of the rsh syntax to send keystrokes. This is compatible with all rsh commands. The alternative syntax for sending keystrokes is:

rsh hostname "<keystrokes>" command

If the first parameter after the host name begins with a less-than sign (<), that parameter is interpreted as keystrokes to be sent to the command specified in the next parameter. The keystrokes must end with a greater-than sign (>). You must also enclose the entire parameter in quotes so special characters and spaces are not interpreted by the operating system.

For example, if you wanted to run the Windows Notepad on the system named "winnt" and type "This is a test" on the first line, the command would be:

rsh winnt "<This is a test>" notepad

If you looked at the winnt's screen, you would see the Windows Notepad with "This is a test" on the first line.

You cannot send keystrokes to all applications. This is beyond Denicomp Systems control. Most applications will allow you to send them keystrokes, but there are a few that will not.

 

SENDING SPECIAL KEYSTROKES

Winsock RSHD/NT also allows you to specify special keys in the keystrokes parameter that cannot normally be typed on a command line, such as embedded Enter keys, function keys, ALT keys, etc.

Keystrokes are sent sequentially as they appear between the "<" and ">". To send a single character, use the character itself. For example, to send the letter "X", use the letter "X". To send the word "hello", just specify those letters.

To specify keys combined with any combination of Shift, Ctrl, and Alt keys, prefix the regular key code to one or more of the following codes:

 

Shift +
Control ^
Alt %

For example, to send the Alt-F keystroke, specify "%F". To send Ctrl-Alt-D, specify "^%D".

To send the Enter key, use the tilde (~).

To specify that the Shift, Ctrl, and/or Alt keys should be held down while several other keys are pressed, enclose the key codes in parentheses ( ). For example, to have the Alt key held down while X and D are pressed, use "%(XD)". You could also use "%X%D", but if the Shift, Ctrl, and/or Alt keys need to be held down for a number of keystrokes, the parentheses can make the string shorter. Also, you would want to use the parentheses if the application detects the release of the Shift, Ctrl, and/or Alt keys and that is not desired.

The following characters have special meaning in the keystroke parameter, so they must be enclosed inside braces ({ }). Some of these special characters have not been explained yet.

Special Character Example Special Character Example
+ (plus) {+} ^ (caret) {^}
% (percent) {%} ~ (tilde) {~}
< (less than) {<} > (greater than) {>}
[ (left sq. bracket) {[} ] (right sq. bracket) {]}
( (left paren) {(} ) (right paren) {)}
{ (left brace) {{} } (right brace) {}}
@ (at-sign) {@}    

To send characters that are not normally displayed when you press a key (such as Enter or Tab) and keys that represent actions rather than characters, use the following special codes:

Key Code Key Code
Backspace {BACKSPACE} or {BS} Break {BREAK}
Caps Lock {CAPSLOCK} Clear {CLEAR}
Del {DELETE} or {DEL} Down Arrow {DOWN}
End {END} Enter {ENTER} or ~
Esc {ESCAPE} or {ESC} Help {HELP}
Home {HOME} Ins {INSERT}
Left Arrow {LEFT} Num Lock {NUMLOCK}
Page Down {PGDN} Page Up {PGUP}
Print Screen {PRTSC} Right Arrow {RIGHT}
Scroll Lock {SCROLLLOCK} Tab {TAB}
Up Arrow {UP} F1 through F16 {F1} through {F16}

You can also specify that a key is to repeat itself a certain number of times, without repeating the key itself in the string. To repeat a keystroke, use the format:

{keystroke number}

Where "keystroke" is the key to repeat, followed by a single space, then the number of times to repeat the key.

For example, to press the down arrow key eight times, use "{DOWN 8}".

To type thirty asterisks (*), use "{* 30}".

 

PAUSING WITHIN KEYSTROKES

Under some circumstances, it may be necessary to pause for a specific time before sending keystrokes to allow a program operation to complete. This is usually necessary when a program ignores keystrokes that have been queued while a long operation takes place (perhaps generating print output, rewinding a tape, performing a complex calculation, etc.).

Within the keystroke list, you can specify pauses by using the special {PAUSE #} keystroke.

This is not actually a keystroke, in that it does not press any key, but it can be included anywhere within the keystroke list. It will pause the specified number of seconds.

For example, the following keystroke list will press Alt-F, P, wait 10 seconds, then press Alt-F, X:

<%FP{PAUSE 10}%FX>

You can specify multiple pauses in the keystroke list if necessary.

 

KEYSTROKE EXAMPLE

The following example, will start Microsoft Word, load a file, print it, then exit.

rsh winnt3 "<%FO\docs\invoice.doc~%FP~%FX>" word

The keystrokes are:

Keystroke String Sent Description
%F Alt-F Drops down the file menu
O O Selects Open
\docs\invoice.doc \docs\invoice.doc Types the filename.
~ Enter Loads the File
%F Alt-F Drops down the file menu
P P Selects Print
~ Enter Accepts the defaults on the Print dialog box
%F Alt-F Drops down the file menu
X X Selects eXit and Word exits

Note that if this example were being run from a Unix system, you would have to use two backslashes (\\) for every one desired backslash because the Unix shells interpret the backslashes as special characters. The command would then be:

rsh winnt3 "<%FO\\docs\\invoice.doc~%FP~%FX>" word

 

KEYSTROKE MACRO FILES

If your keystroke strings get rather long or complex, you can store them in a keystroke macro file so you do not have to specify all of them each time you use the rsh command.

To create a keystroke macro file, you must use a text editor (or a word processor, but be sure to save as an ASCII file). Enter the keystrokes as you would on the rsh command line, with the following exceptions/reminders:

7 Do not enter "<" as the first character in the file or ">" as the last character. All of the characters you enter in the file will be sent.

7 You may press Enter in the file to enter the keystrokes on multiple lines. The line breaks have no effect on the keystrokes. They will be treated as if they were entered all on the same line. That is, you must remember to still use "~" or "{ENTER}" to "press" the Enter key. Pressing Enter in the file will not send the Enter key.

7 You cannot nest keystroke macros. Your macro file cannot contain references to other keystroke macro files.

7 The keystroke macro file must reside on the system running Winsock RSHD/NT. You can create the file on that system or use rcp to copy it to that system before executing the command.

To use a keystroke macro file, enter the at-sign (@) followed by the filename in braces ({ }) where you would normally specify keystrokes on the rsh command line.

You will most likely need to specify a full pathname of the keystroke file on the system running Winsock RSHD/NT, unless you know the working directory of Winsock RSHD/NT on the system running it and the keystroke macro resides in that directory. You may use forward slashes (/) instead of backslashes if you wish; this makes life easier for Unix users because the shell interprets the backslash characters.

For example, if you had a macro in the directory \kbmac\printss.mac on the system running Winsock RSHD/NT, you could use it with this command:

rsh winnt2 "<@{/kbmac/printss.mac}>" excel

This would run "excel" on winnt2 and send the keystrokes stored in the file \kbmac\printss.mac to it.

You can intermix command line keystrokes and macro file keystrokes. That is, you can specify some of the keystrokes on the command line and use some from a macro file. You can also use multiple macro files.

For example, let's say we want to print a file using rsh through a Windows application called "wintiff". We want to store the keystrokes in a macro file, but do not want to store the filename in the macro file because it can change.

To do this you can store the first set of keystrokes in one macro file, specify the filename on the rsh command line, then store the remaining keystrokes in a second file.

For example, let's say the file is "mypic.tif":

rcp mypic.tif winnt2:/tmp

rsh winnt2 "<@{/kb/tif1.mac}\tmp\mypic.tif~@{/kb/tif2.mac}" wintiff

This example copies the file "mypic.tif" to the \tmp directory on winnt2. Then it runs "wintiff" and first sends the keystrokes from the file \kb\tif1.mac. That macro ends when "wintiff" requires a filename. The keystrokes to "type" the filename come from the rsh command line since the tif1.mac has ended. Then it continues by sending the keystrokes in the file \kb\tif2.mac. That is:

@{/kb/tif1.mac} Send keystrokes from \kb\tif1.mac
\tmp\mypic.tif~ Type \tmp\mypic.tif and press Enter
@{/kb/tif2.mac} Send keystrokes from \kb\tif2.mac

 

SPECIFYING THE WINDOW TYPE

Winsock RSHD/NT also allows you to specify the window type of the application being run. Normally, the application is run based on the Default Window Type specified in the RSHD/NT Control Panel applet.

If you want to specify a different method of displaying the application's window, you can specify this inside the keystroke parameter by enclosing the method in square brackets ([ ]).

There are two methods of setting the window type. You can use one of the words shown below or you can use a number. The options are:

Window Option Displays
NORMAL or NORM Normal Display as defined by the application
MINIMIZE or MIN Shows the application as a minimized icon without focus
MINACTIVE or MINA Shows the application as a minimized icon with focus
MAXIMIZE or MAX Maximizes the application on startup
HIDE Hides the application (no icon appears)
0 Same as HIDE
1 Same as NORMAL
7 Same as MINIMIZE
2 Same as MINACTIVE
3 Same as MAXIMIZE

Other numeric values may be used - they correspond to the Windows' ShowWindow API call (for all you programmers).

For example, if you want to run the Windows Notepad maximized, viewing the file "heyyou.txt", you would type:

rsh winnt3 "<[MAXIMIZE]>%FOheyyou.txt~" notepad

This runs the Notepad maximized, then "presses" Alt-F-O (File Open) and types the filename "heyyou.txt" and presses Enter to load it.

If you wanted to run some application that does some task and exits, you could run it minimized using:

rsh winnt3 "<[MINIMIZE]>" bkgprint

Note that Windows does not allow you to send keystrokes to a minimized or hidden application. Therefore, "[MINIMIZE]", "[HIDE]", "[0]", or "[2]" should always appear alone between the "<" and ">". If you specify other keystrokes, the application will not receive them (Windows will beep at you for each keystroke).

 

SHUTTING DOWN AND REBOOTING WINDOWS NT THROUGH RSHD/NT

RSHD/NT internally understands two special commands that allow you to remotely shutdown and reboot the NT system through the rsh command. These commands require the special <[INTERNAL]> or <[INT]> indicators. The commands have the following syntax:

rsh winnt "<[INT]>" shutdown [#]

rsh winnt "<[INT]>" reboot [#]

The [#] are optional. You can specify a number of seconds to delay the shutdown or reboot in this parameter. If you do not specify a number of seconds, it is immediate.

If you are running the RSHD/NT service as a user other than System or you have specified a user in the Execute All RSH Commands as User field,, that user must have permission to shutdown or reboot the system.

For example:

rsh winnt "<[INT]>" shutdown 60 (Shutdown winnt in 1 minute)

 

COPYING FILES USING RCP

Winsock RSHD/NT also provides Remote Copy (RCP) Server capability. This allows you to copy files to and from a system running Winsock RSHD/NT using the rcp command.

The rcp command is commonly found on Unix systems, Windows NT systems, and in some TCP/IP packages for Windows and DOS. If your TCP/IP package does not provide the rcp command, you can use Winsock RCP/RSH/REXEC from Denicomp Systems.

The rcp command is described in more detail in your TCP/IP package manual or with the manual that comes with Winsock RCP/RSH/REXEC. However, here are a few examples of its use.

Important Note: Unlike the standard Unix rcp command and Denicomp Systems’ rcp command (found in the Winsock RCP/RSH/REXEC package), the Windows NT rcp command copies all files with ASCII end-of-line conversion by default. Binary files must be copied using the -b option of NT’s rcp command. If you do not use the -b option on binary files, the contents of the file will be altered on the destination system.

To copy a file from the host named "srvpc" to your PC or Unix system, use:

rcp srvpc:yourfile myfile

The file "yourfile" is copied from the host named "srvpc" to the file on your PC named "myfile". The host "srvpc" could be running either Windows and Winsock RSHD/NT or Unix.

To copy a file from your PC or Unix system to the system named "srvpc", use:

rcp \lists\xmas.doc srvpc:\word\lists

The file \lists\xmas.doc is copied from your system to the file xmas.doc in the directory \word\lists on the system named "srvpc".

To send the entire directory tree from your PC or Unix system to "srvpc", use:

rcp -b -r \share srvpc:\

All of the files and subdirectories in the directory \share are copied to the system named "srvpc". It will create a \share directory in the root directory (\) of srvpc.

If the \share directory contained any subdirectories, they would be created on the other system and all the files in them would also be copied.

To copy all of the files ending with ".xls" from "srvpc" to your PC, use:

rcp -b srvpc:\sheets\*.xls .

This copies all of the files ending with ".xls" in the directory \sheets on "srvpc" to the current directory (.) on your PC.

You can use drive letters if necessary. For example, to copy a file from the A: drive on the "srvpc" to your PC:

rcp srvpc:a:file.txt file.txt

This will copy "file.txt" from the A: drive on "srvpc" to the file "file.txt" on your system.

NOTE: Winsock RSHD/NT allows you to use both slashes (/) and backslashes (\) for directory separators. It will adjust appropriately. This is especially important for Unix users, since backslashes are interpreted by the shell and must be escaped by using two backslashes for every one backslash. Use slashes instead.

 

END-OF-LINE CONVERSION

Winsock RSHD/NT provides a method for you to have end-of-line characters automatically converted in files copied with rcp. Unix systems use a single newline (ASCII 10) character as a line delimiter. Windows NT systems use carriage return (ASCII 13) and newline pairs for line delimiters.

When end-of-line conversion is enabled, RSHD/NT will convert all carriage return/newline pairs to single newlines when files are copied from the NT system. It will add a carriage return to every newline character when files are copied to the NT system.

RSHD/NT can automatically convert end-of-line characters in the following ways:

By default, RSHD/NT does no end-of-line conversion. The data in files sent or received using rcp is not modified.

To perform end-of-line conversions through RSHD/NT, see the section titled Winsock RSHD/NT Configuration for the RCP Option labeled Automatic End-of-Line Conversion.

 

 

WINSOCK RSHD/NT UTILITIES

Winsock RSHD/NT includes two utilities that allow you to control the operation of the Winsock RSHD/NT service.

The first utility is wrshdctl. This can be run in two ways. First, you can use the Service Control button in the Winsock RSHD/NT Control Panel applet. Or you can run it from the RSHD/NT installation directory.

To start it without using the Control Panel, use Start/Run (or File/Run for Windows NT 3.51), then type the name of the RSHD/NT installation directory (usually C:\WRSHDNT), a backslash (\), then "wrshdctl". For example, "C:\WRSHDNT\WRSHDCTL". Or you can get to a Windows NT Command Prompt. Change to the directory where Winsock RSHD/NT is installed using the CD command, then type "wrshdctl".

You can then do the following:

Start the Winsock RSHD/NT Service

This starts the Winsock RSHD/NT Service if it is not currently running.

Stop the Winsock RSHD/NT Service

This stops the Winsock RSHD/NT Service if it is currently running. This is useful when you have changed the Winsock RSHD/NT configuration. Stopping and restarting Winsock RSHD/NT will cause it to re-read the configuration options.

Install the Winsock RSHD/NT Service

This installs the Winsock RSHD/NT Service in Windows NT’s list of services. It does not install the files from the Winsock RSHD/NT diskette. It only adds Winsock RSHD/NT to the list of services that Windows NT can execute.

Remove the Winsock RSHD/NT Service

This removes the Winsock RSHD/NT Service from Windows NT’s list of services. It does not delete any files. It only removes it from the list of services. Use the Install option to add it to the list again.

There is another utility included with Winsock RSHD/NT that performs the same operations as wrshdctl, but is a command line oriented utility. It is called ctrlrshd.

This command can be executed from the Windows NT Command Prompt while you are in the Winsock RSHD/NT directory (\WRSHDNT), unless you have included that directory in your path. Its syntax is:

ctrlrshd install [auto | manual [directory]]

ctrlrshd start

ctrlrshd stop

ctrlrshd remove

The install option installs the Winsock RSHD/NT service in Windows NT’s list of services. It does not start Winsock RSHD/NT. You can optionally specify whether you want Winsock RSHD/NT to start automatically each time Windows NT is booted (auto) or if you want to start Winsock RSHD/NT manually when necessary (manual). If you do not specify either, auto is assumed. The directory option is used when you are using the install option and Winsock RSHD/NT is not installed in the current working directory. If it is not, specify the directory name as the third parameter. Note that if you specify a directory, then you must also specify auto or manual.

The start option starts the Winsock RSHD/NT service. Winsock RSHD/NT will begin accepting requests.

The stop option stops the Winsock RSHD/NT service. It will no longer accept requests. This does not remove it from Windows NT’s list of services; it only stops it until you decide to restart it using the start option.

The remove option removes Winsock RSHD/NT from Windows NT’s list of services. It will no longer accept requests and will no longer be available to start or stop. Note that you must first use the stop option if Winsock RSHD/NT is running before removing it.

The remove option does not delete any files; it only removes Winsock RSHD/NT from the list of available services. You can later add it back to the list using the install option.

 

FREQUENTLY ASKED QUESTIONS

I am trying to access a networked drive from a program run through RSHD/NT, but I am receiving "Access Denied" errors. Why?

This occurs because RSHD/NT runs all programs in the security context of the user specified in the RSHD/NT Service setup or in the security context of the user specified in the RSHD/NT Control Panel option labeled Execute All RSH Commands as User/Password.. It does not run the programs as the logged in user on the system from which the rsh command was issued. This is due to differences in the way NT and Unix operate.

By default, RSHD/NT runs all programs as the NT user SYSTEM (also called LocalSystem). This is a special NT user that has access to the NT desktop (screen) regardless of who is logged in. Windows NT does not allow this user to have access to any network resources.

If you need to access network resources, such as networked drives, you will either need to specify a user and password in the RSHD/NT Control Panel option labeled Execute All RSH Commands as User/Password or you need to run the RSHD/NT service as a user other than SYSTEM.

See the section on RSHD/NT and NT Security for additional details.

 

I tried to run a program using rsh and it did not work. It works when I run it from the Start menu on the NT system, but not when run through RSHD/NT. Why?

There could be three possible reasons for this to occur:

7 The program needs to access a network resource, such as a networked drive, printer, or other object, such as a database. If you are running the RSHD/NT Service as the default System user and have not specified an alternate user/password for rsh commands in the RSHD/NT Control Panel, programs run through rsh will not have access to any network resources. Windows NT does not allow the System user to have access to the network. See the previous question and the section on RSHD/NT and NT Security for more details.

7 The program needs some value(s) from the user-specific section of the Windows NT Registry. When you run programs through RSHD/NT, you may not have access to the user-specific portion of the NT Registry (HKEY_CURRENT_USER), even if you have specified a non-System user in either the service startup or RSHD/NT Control Panel. There is no work-around for this problem at this time.

7 There are differences in environment variables. RSHD/NT inherits its environment variables from the NT Service Manager. The NT Service Manager gets its environment variables from the list of System Environment Variables, found in the System applet in the NT Control Panel. It reads these variables when the system boots. Even if you are running RSHD/NT as an alternate user (either specified in the RSHD/NT Control Panel or in the service startup), it still only gets its environment from the System Environment Variables; it never gets them from the user-specific environment variables.

If you have added new System Environment Variables that your program needs, you must reboot Windows NT so that the NT Service Manager restarts and RSHD/NT will inherit the new variables.

If the necessary variables are set up as user-specific environment variables, you can either change them so that they are System Environment Variables (and then reboot) or you can use the Environment Variable File option in the RSHD/NT Control Panel to modify RSHD/NT's environment.

You can compare your interactive environment and RSHD/NT's environment using the following procedure:

- Get to a Command Prompt on the NT system where RSHD/NT is running. Type the following:

set > c:\temp\local.env

This will store the current environment in the file c:\temp\local.env

- Then type:

rsh winnt "set > c:\temp\rshdnt.env"

(where "winnt" is the TCP/IP host name of this NT system). This will store RSHD/NT's environment in the file c:\temp\rshdnt.env.

- Type:

fc c:\temp\local.env c:\temp\rshdnt.env

This will compare the two environments and show you the differences. If there are a large number of differences, you can use the following to pause the output:

fc c:\temp\local.env c:\temp\rshdnt.env | more

If there are differences, you can account for them by either modifying the System Environment Variables using the System applet in the NT Control Panel or by adding the missing variables to a file and specifying that file in the Environment Variable File field in the RSHD/NT Control Panel. See the section in this manual on RSHD/NT Configuration for more details about the Environment Variable File.

 

Why does it sometimes take a few seconds for RSHD/NT to execute a program from an rsh or to copy a file from an rcp command?

This could be due to one of two things. First, it could be due to a slow or inaccessible DNS server if you are using DNS. If you enter a filename in the Security File, Message Log, Request Log, Deny Log, or Error Log fields in the RSHD/NT Control Panel applet, RSHD/NT will attempt to obtain a hostname for the client based on its IP address. If you have specified DNS server(s) in your TCP/IP setup, it will attempt to use them to obtain the hostname. Otherwise, it will use the HOSTS file (e.g. c:\winnt\system32\drivers\etc\hosts).

If the DNS server is down, inaccessible, or simply does not know a hostname for the client's IP address, there could be a long delay before this is determined. If this is the case, there are a few things you can do to resolve the problem:

HKEY_LOCAL_MACHINE\SOFTWARE\DenicompSystems\WREXECDNT\Setup\DisableHostLookup

Create this as a new String Value and set it to a value of "1". This will disable the look up of the client's hostname. However, you will then only see IP addresses in the logs and you may only use IP addresses (no hostnames) in the Security File when this is set to 1.

The second possible cause is not as simple to explain. It is due to a missing "feature" in NT's TCP/IP implementation. Often, your first rsh/rcp will be fast, then subsequent commands will be delayed by a few seconds. This delay is not caused by RSHD/NT. It takes NT a few seconds at times to notify RSHD/NT that there is a connection waiting. RSHD/NT processes the request very quickly once it is notified.

To illustrate this, restart your NT system, then issue an rsh command from another system to the NT system. It will be quick. Then immediately issue another rsh; it will be delayed by a few seconds.

The root of this problem can be explained somewhat, although technical. After you issue the first rsh, the TCP/IP connection (a "socket") is closed and it goes into the TIME_WAIT state, which is normal. You can see this by typing the netstat command on the NT system after you do an rsh to it.

As long as there are closed sockets in the TIME_WAIT state which were created by RSHD/NT, you will experience the delay. It takes up to four minutes (a TCP/IP constant) for them to go out of the TIME_WAIT state. Once they do, the next rsh from the same client will be quick. Then the cycle repeats; you need to wait another four minutes for it to be quick again.

The reason for this is that the NT TCP/IP stack is strictly RFC compliant regarding the TIME_WAIT socket state. Most UNIX TCP/IP stacks, which are derived from BSD, have a non-standard-extension dealing with the TIME_WAIT state and new connections.

BSD-derived stacks allow a new connection request to arrive for a connection that is in the TIME_WAIT state if the new sequence number is greater than the final sequence number from the previous incarnation of the connection. Usually the sequence number for the new incarnation is set to the final sequence number from the previous incarnation plus 128,000.

This feature allows a client and server continually reuse the same port number at each end for successive incarnations of the same connection, but only if the server does the active close, which is always the case with an rshd (or rexecd).

NT's TCP/IP stack does not support this feature and this causes the delay sometimes experienced. The delay is at the TCP/IP stack level and not in Winsock RSHD/NT, so there is no work-around that we can employ to resolve it. It would require a change to NT's TCP/IP stack.

Since it only occurs on subsequent rsh/rcp commands during the TIME_WAIT interval, which is four (4) minutes by default under NT, as long as there are at least four minutes between each rsh/rcp from the same client, the delay will not occur. You can also lessen its effect by changing an NT registry option that allows you to reduce the TIME_WAIT interval from the standard four minutes down to 30 seconds. This registry entry is:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\tcpip\Parameters\TcpTimedWaitDelay

Create this entry as a new DWORD item (or edit if it already exists). Set it to any value between 30 and 300, which represents the number of seconds. The default is 240 (4 minutes). The smallest value allowed is 30 (seconds). You must restart Windows NT after adding/changing this entry for it to take effect.

So, if you set this entry to 30, as long as there are at least 30 seconds between each rsh/rexec from the same client, you will not experience the delay.

 

SUPPORT

Support is available via e-mail through the Internet or Compuserve.

Internet: support@denicomp.com

WWW: http://www.denicomp.com

Compuserve: 71612,2333