Using LMHOSTS with Dynamic Name Resolution
`Specifying Remote Serverssewers in LMHOSTS
`Computer names can be resolved outside the local broadcast area if computer
`name and IP
`
`address mappings are specified in the LMHOSTS file. For example, suppose the
`computer
`named.ClientA.wants to connect to the computer named.ServerB, which is outside
`of its IP
`
`broadcast area. Both Windows NT computers are configured with Microsoft
`TCP/IP.
`Under aserieta strict b—node broadcast protocol, as defined in RFCs 1001 and
`1002, ClientA's name
`query request for ServerB would fail (by timing out), because ServerBSewerB
`is located on a remote
`
`subnet and.does not respond.to ClientA's broadcast requests. So an alternate
`method is
`
`provided for name resolution” Windows NT'maintains a limited.cache of computer
`name and IP
`
`address mappings, which is initialized at system startup. When.awerks%atéeflg
`workstation needs to resolve
`
`the cache is examined first and, if there is no match in the cache,
`a name,
`Windows NT uses
`
`b—node broadcast name resolution. Tfthislf this fails,
`
`the LMHOSTS file is
`
`used. Tfig this last method
`fails,
`the name is unresolved, and an error message appears.
`This strategy allows the LMHOSTS file to contain a large number of mappings
`without requiring
`a large chunk of static memory to maintain an infrequently used cache. At
`system startup,
`the
`name cache is preloaded only with entries from LMHOSTS tagged with the #PRE
`keyword. For
`example,
`the LMHOSTS file could contain the following:
`102T54T94w91——aeeeant&flg——#aeeeant&ng——server
`102T54T94T94——payrell——#payrell——server
`102T54T94794——steekqaete——#PRE——#steek—qaete——server
`
`In_this example, the server named stockquote is preloaded into the name cache,
`because it is
`
`tagged with the #PRE keyword. Entries in the £MHeSTSLIVIHOSTS file can
`represent Windows NT
`Workstation.computers, Windows NT Server computers,
`or Windews§Mndows
`for Workgroups 3.11 computers running Microsoft TCP/IP. There is no need to
`distinguish
`between different platfermsptatforms in LMHOSTS.
`Note
`
`lANg§§ Manager servers,
`
`The Windows NT tag #PRE allows backward compatibility- with LAN Manager 2.x
`LMHOSTS
`
`files and offers added flexibility in Windows NT. Under lAN;§§ Manager,
`# character identifies
`
`the
`
`a comment, so all characters thereafter are ignored. But #PRE is a valid tag
`for Windows NT.
`
`Petitioner Sipnet EU S.R.O. - Exhibit 1018 - Page 151
`
`

`
`In.the above example,
`would be
`
`the servers named accounting, payroll, and printqueue
`
`resolved only after the cache entries failed to match and after broadcast
`queries failed to locate
`thenu After nonpreloaded.entries are resolved, their mappings are cached for
`a period of time
`for reuse.
`
`Windows NT limits the preload name cache to 100 entries by default. This limit
`only affects
`entries marked with #PRET—£fyee lf you specify more than 100 entries, only
`the first 100 #PRE entries
`
`will be preloaded. Any additional #PRE entries will be ignored at startup but
`willwill be resolved
`
`when the system parses the LMHOSTS file after dynamic resolution fails.
`Finally, you can reprime the name cache by using the nbtstat —R command to
`purge and
`reload the name cache, reread the LMHOSTS file, and.insert entries tagged with
`theggg #PRE
`keyword. Use nbtstat to remove or correct preloaded entries that may have been
`mistyped or
`any names cached by successful broadcast resolutionrfi
`Setting Up LNIHOSTS 6of8
`102.54.94.91 accounting
`102.54.94.94 payroll
`102.54.94.97 stockquote
`102.54.94. 102 printqueue
`#accounting server
`#payroll server
`#PRE #stock quote server
`#print server in Bldg 10
`
`Using LMHOSTS with Dynamic Name Resolution
`Designating Domain Controllers Using #DOM
`The most common use of LMHOSTS is for locating remote servers for file and
`print services.
`But for Windows NT, LMHOSTS can.alsc>be used to find domain controllers running
`TCP/IP in
`routed environments. Windows NT primary domain controllers (PBGSPDCS) and
`backup domain
`controllers (BBGsBDCS) maintain the user account security database and manage
`other
`
`network—related services. Because large Windows NT domains can span multiple
`£P;§ subnets, it
`is possible that routers could separate the domain controllers from one
`another or separate
`other computers in the domain from domain controllers.
`The #DOM keyword can be used in LMHOSTS files to distinguish a Windows NT domain
`controller from a Windows NT Workstation computer, a LAN Manager server, or
`a Windows for
`
`Workgroups computer. To use the #DOM tag,
`mapping in
`LMHOSTS with the #DOM keyword, aeelena colon, and the domain in which the
`domain controller
`
`follow the name and IP address
`
`participates. For example:
`
`Petitioner Sipnet EU S.R.O. - Exhibit 1018 - Page 152
`
`

`
`102.54.94.97 treydc #DOM:treycorp #The—treyeerpThetreycorp PDC
`Using the #DOM keyword to designate domain controllers adds entries to a
`special internetinfernef
`group name cache that is used to limit internetwork distribution of requests
`intended for the
`
`local domain controller. When domain controller activity such as alegena logon
`request occurs,
`the
`
`request is sent.on.the special internet.group:name. Tnlg the local IP—broadcast
`area,
`the request
`
`is sent only once and picked up by any local domain controllersei However,
`if you use #DOM to
`specify domain controllers in the LMHOSTS file, Microsoft TCP/IP uses
`datagrams to also
`ferwardfonivard.the request to domain controllers located on remote subnets.
`Examples of such domain controller activities include domain controller
`pulses (used for
`account database synchronization),
`master browser
`
`logon authentication, password changes,
`
`list synchronization, and other domain management activities.
`For domains that span subnets, LMHOSTS files can be used to map important
`members of the
`
`domain using #DOM? The following lists some guidelines for doing this.
`QT
`
`'=For each local LMHOSTS file on a Windows NT computer that is amemberg
`member in a domain,
`there should be #DOM entries for all domain controllers in the domain that
`are located on
`
`remote subnets. This ensures that logon authentication, password changes,
`browsing, and
`so on all work properly for the local domain. These are the minimum entries
`necessary to
`allow a Windows NT system to participate in a Windows networking internetwork.
`
`gh
`
`l For local LMHOSTS files on all servers that can be backup)domain.controllers,
`?here
`should be mappings for the primary domain controller's name and IP address,
`plus
`mappings for all other backup domain controllers. This ensures that promoting
`abaekapa backup to
`primary domain controller status does not affect the ability to offer all
`services to members
`of the domain.
`
`-Ia
`
`Eftrustl If trust relationships exist between domains, all domain controllers
`for all trusted domains
`should also be listed in the local LMHOSTS file.
`
`gh
`
`' For domains that you want to browse from your local domain,
`_
`LMHQSTS files
`should contain at least the name and IP address mapping for thetile primary
`domain controller
`
`the local
`
`Petitioner Sipnet EU S.R.O. - Exhibit 1018 - Page 153
`
`

`
`in the remote domainefi Again, backup domain controllers should also be
`included so that
`
`promotion to primary domain controller does not impair the ability to browse
`remote
`domains.
`
`For small to1nediun1sized.networks with fewer than 20 domains, asinglea.singie
`common LMHOSTS
`
`Setting up LN|HosTs 7of8
`
`file usually satisfies allglé workstations and servers on the internetwork.
`To achieve this, systems
`should use the Windows NT replicator service to maintain synchronized local
`copies of the
`global LMHOSTS or use centralized.LMHOSTS files, as described in the following
`section.
`
`€hapter—6—Setting—Up—LMHGSTS
`Names that appear with #D9MinDOM in LMHOSTS are placed in a special domain
`name list in
`
`NetBIOS over TCP/IP. When a datagram is sent to this domain using the
`BGMA%N<§GDOMAlN<lC> name,
`the name is resolved first via WINS or broadcast. The datagram is then sent
`to all the
`
`addresses on the list from.LMHOSTS, and.there is also a broadcast on the local
`subnet.
`
`Important
`To browse across domains, for Windows NT Advanced Server 3.1 and Windows NT
`3.1, each
`computer must have an entry in its LMHOSTS file for the primary domain
`controller in each
`
`domain. This remains true for Windows NT version 3.5 clients, unless the
`Windows NT Server
`
`computer is also version.3.5 and, optionally, offers WINS name registration.
`However, you cannot add.an.LMHOSTS entry for a Window NT Server that is a DHCP
`client,
`because the IP address changes dynamically. To avoid problems, any domain
`eentrellerscontrollers
`
`whose names are entered in LMHOSTS files should have their IP;§ addresses
`reserved as static
`
`addresses in the DHCP database rather than running as DHCP clients.
`Also, all Windows NT Advanced.ServerSewer 3.1 computers in a domain and its
`trusted domains sheuld
`
`shouid.be upgraded to version.3.5, so that browsing across domains is possible
`without
`LMHOSTS.
`
`Using LMHOSTS with Dynamic Name Resolution
`Using Centralized LMHOSTS Files
`With Microsoft TCP+4IP, you can include other LMHOSTS files from local and
`remote
`
`computers. The primary LMHOSTS file is always located in the
`\
`\SYSTEM32\BRI¥ERSDRlVERS\ETT3directory on the local computers. Most networks
`will also have an
`
`Petitioner Sipnet EU S.R.O. - Exhibit 1018 - Page 154
`
`

`
`LMHOSTS file maintained by the network administrator, so administrators
`should maintain one
`
`or more global LMHOSTS files that users can rely on. This is done using #INCLUDE
`statements rather than copying the global file locally. Then use the
`replicator servieesenzice to
`distribute multiple copies of the global fileflle(s) to multiple servers for
`reliable access.
`
`To provide a redundant list of servers maintaining copies of the same LMHOSTS
`file, use the
`
`#BEG$NBEGlN ALTERNATE and #END_ALTERNATE keywords. This is known.as a block
`inclusion,
`
`which allows multiple servers to be searched for a valid copy of aspeeifieg
`specific file. The following
`example shows the use of the #INCLUDE and #_=ALTERNATE keywords to include
`a local
`
`LMHOSTS file (in the €+%PRl¥ATE—direetery++——c;\PRlv/—\TE directory):
`
`
`
`#BEGINALTERNATE
`
`#INCLUDE \\treydc\public\lmhosts #source for global file
`#INCLUDE \\treybdc\public\lmhosts #backup source
`#INCLUDE \\leealsvr%pablielocaIsvl.§pubIic\lmhosts %%£backup source
`#END: ALTERNATE
`Important
`This feature should never be used to include a remote file from a redirected
`
`drive, because the LMHGSTS
`LMHCDSTS file is shared between local users who have different profiles and
`different logon
`scripts, and.even.on.single—user systems, redirectedwiriveinappings can change
`between
`
`logon sessions.
`In the above example,
`subnets from the
`
`the servers treydc and treybdc are located on remote
`
`computer that owns the file. The local user has decided to include a list of
`preferred servers in aleeal
`a local LMHOSTS file located in the C:\PRl¥ATEPRlVATE directory. During name
`resolution,
`the
`Windows NT system first includes this private file,
`LMHOSTS file from one
`
`then gets the global
`
`of three locations: treydc, treybdc, or localsvr. All names of servers in the
`#INCLUDE
`
`statements must have their addresses preloaded using the #PRE keyword+£
`otherwise,
`the
`
`#INCLUDE statement will be ignoredvfi
`The block inclusion is satisfied if one of the three sources for the global
`LMHOSTS is available
`
`and none of the other servers are used. Tfnelf no server is available, or for
`some reason the
`
`LMHOSTS file or path is incorrect, an event is added to the event
`indicate that the block
`inclusion failed.
`
`log to
`
`Petitioner Sipnet EU S.R.O. - Exhibit 1018 - Page 155
`
`

`
`GHAP$ER—¥
`
`J Setting Up LNIHOSTS 8of8
`102.54.94.97 treydc #PRE #DOM:treycorp
`102.54.94.99 treybdc #PRE #DOM:treycorp
`102.54.94.98 localsvr #PRE #DOM:treycorp
`#primary DC
`#backup DC in domain
`#INCLUDE c:\private\lmhostS #include a local lmhosts
`
`UsingUsmg the MiereseftMlcrosoft FTP Server Serviee
`Servlce
`
`The Microsoft FfP§g§ Server service allows other computers using the FfP§g§
`utility to connect to
`this computer and transfer files. The FfP§g§ Server service supports a%%g;;
`Windows NT ftp client
`commands. Non—Microsoft versions of FfP§g§ clients may contain.commands that
`are not
`
`supported. The FfP£g§ Server service is implemented.as a multithreaded.Win32
`service that
`
`complies with the requirements defined in Requests for Comments
`and 1123.
`
`(RFCs) 959
`
`The FfP§g§ Server service is integrated with the Windows NT security model.
`Users connecting to
`the FfP§g§ Server service are authenticated based on their Windows NT user
`accounts and
`
`receiveaccessbased<n1theiruserprofiles.Forthisreason,j1:isrecommended
`that the FfP§g§
`Server service be installed on an NTFS partition so that the fLiesfiles and
`directories made available
`
`via FfP§;§ can be secured.
`€aatéenCauUon
`
`The FfP§g§ Server protocol relies on the ability to pass user passwords over
`the network without
`
`data.encryptiond AeserA11ser'wittiphysical access to the network could.examine
`user passwords
`during the FfP£g§ validation process.
`The following topics are included in this chapter:
`4; Installing the FfP§g§ Server service
`4l Configuring the FfP£T£ Server service
`4; Administering the FfPFTP Server service
`4: Advanced configuration parameters for FfPFTP Server servieeser§[ice
`For information about using performance counters to monitor FfPFTP Server
`traffic, see
`Chapter 8,
`"Using Performance Monitor with TGP$$PTCP[IP Services."
`Ensta444ng—the—FTP—Server—Serv&ee
`. Chapter 7 1of12
`
`_;l§§_H£
`
`® ]
`
`|1 11111111
`|
`|
`|111| |
`These procedures assume that you have installed any necessary devices and
`device drivers.
`
`You must be logged on as a member of the Administrators group for the local
`computer to
`
`Petitioner Sipnet EU S.R.O. - Exhibit 1018 - Page 156
`
`

`
`install and configure the FfPFTP Server servieesengice.
`w7————To install the FTP Server service
`1.
`Choose the Network option in Control Panel.
`2.
`In the Network Settings dialog box, choose the Add Software button to
`display the Add
`Network Software dialog box.
`3.
`In the Network Software box, select TGPIIPTCPZIP Protocol And Related
`Components, and then
`
`choose the Continue button” When.the Windows NT TCP+4IP Installation Options
`dialog box
`appears,ched<theE%P££§ServerServiceoption,andthenchooaetheOKkmmton.
`4.
`When.the message prompts you.to-eenfmnconfirnithat you.are familiar with
`FfP§g§ security, choose
`the Yes button to continue with FfP§g§ Server service installation.
`
`~—————WindewsNT
`
`The File—T—I—ansfeI—PIGteeel—&elies—en—the—ability—Ee—pass—use&—FTP Service
`supports the FTP protocol as described
`passwGIds—eVeI—ehe—neewmk—witheat—data—eaaypeieaw—A
`in HFC 353. The FTP protocol transmits passwords over
`the network in cleartext [e.g., unencryptedl. By running
`this service on this system, you are opening the
`eseIpossibility'of a user with physical access to the—aetw9&%+mayLbe—ableeyour
`network
`
`to examine usen4—passwmds—dwing—FTP—validatienT<A}eusers' passwords as they
`are sent on the wire.
`
`gr; you+++ sulesure you want to continue installing this service?
`5. Whenwnen prompted for the fellfull path to the Windows NT distribution
`files, provide the
`appropriate location, and then choose the Continue button.
`6.
`After the necessary files are copied to your eempute—rcomputer,
`FfP§g§ Service dialog box appears
`so that you can continue with the configuration.procedure as described in the
`next section.
`
`the
`
`The FfP§g§ Server service must be configured in order to operate.
`Note
`
`For disk partitions that do not use the Windows NT file system (NTFS), you
`can apply
`simple read/write security by using the FfP§g§ Server tool in.ehe;gg Control
`Panel as described in
`
`the following section.
`€hapter—4—Using
`the Microsoft FTP Server Service
`Installing the FTP Server Service
`2of12
`
`GenfigaringAfter the FTP SerVer—Serviee—Afeer—ehe—FfP—Ser¥er—servieeSewer
`sengice software is installed on your computer, you must configure it to
`operate. When you configure the FfP§g§ Server service, your settings result
`in one of the
`
`following:
`&;Ik)anonymousP%P££§connectionallowed.Inthiscase,eachusermmstprovide
`a valid
`
`Petitioner Sipnet EU S.R.O. - Exhibit 1018 - Page 157
`
`

`
`Windows NT asemameusername and password. To configure the FfP§g§ Server
`service for this, make
`
`sure the Allow Anonymous Connection box is cleared in the PEPE Service dialog
`box.
`
`1-; Allow both anonymous and Windows NT users to connect . {fig this case, aeserg
`user can choose
`
`to use either an anonymous connection.or aWindewsa.Windows NTaaamm%eusername
`and password. To
`configure the FfP§l§ Server service for this, make sure only the Allow
`Anonymous
`Connection box is checked in the FfPFTP Service dialog box.
`£;AllowonlyanonymousP¥P§;gconnections.Inthiscase,eausercannotconnect
`using a
`Windows NT asemameusername and password. To configure the FfP§g§ Server
`service for this, make
`
`sure both the Allow Anonymous Connections and the Allow Anonymous Connections:
`Only
`boxes are checked in the FfP—ServieeFTP Sengice dialog box.
`If anonymous connections are allowed, you must supply the Windows NT
`asemameusername and
`
`password to be used for anonymous FfP§g§. When an anonymous FfP§g§ transfer
`takes place,
`Windows NT will check the asemameusername assigned in this dialog box to
`determine whether access
`is allowed to the files.
`
`..,. To configure or reconfigure the FfP—ServerFTP Sewer service
`1.
`The FTP Service dialog box appears automatically after the FTP Server
`service software is
`
`installed on your computer.
`—Or—£f
`
`if you are reeenfigaringreoonfiguring the FTP Server service, choose the
`Network option in Control
`Panel.
`In the Tnstalledlnstalied Network Software box, select FTP
`Serversenger, and then choose the
`Configure button.
`
`Using the Microsoft FTP Server Service
`Configuring the FTP Sewer Service
`3of12
`
`20 lU
`
`C:"§users
`Maximum—Genneetiens+—~+die—Timeeat—+miH++—~—guest
`Home TQireeterTll+—4—le—+%—us—er—s———————————J—Qireclury:
`
`I1I1I1L1 I1I1I1I1I1I1I1L1I1L1I1I1I1I1I1 I1 I111
`
`I1 1111
`
`III1 I111
`
`I T
`
`lln u n n u n
`Tl
`Username:
`Password:
`
`BAllew—TQnlTl4—AnenJimeusAllow Qnly Anonymous Connections
`EBBEJ
`
`The FTP Service dialog box displays the following options:
`
`Petitioner Sipnet EU S.R.O. - Exhibit 1018 - Page 158
`
`

`
`Item
`Maximum Connections
`Idle Timeout
`
`Description
`Specifies the maximum number of FfP§g§ users who can connect to
`the system simultaneously. The default value is 2e+ggL the maximum
`is 50. AvalueA value of 0 means no maximum,
`that is, an unlimited
`number of simultaneous users.
`
`When the specified number of concurrent users are logged onto
`the FfP§g§ server, any subsequent attempts to connect willwilt receive
`messages defined by the administratorrfi For information about
`defining custom messages, see "Advanced Configuration
`Parameters for FfP£g§ Server Service" later in this chapter.
`Specifies how many minutes an inactive user can remain
`connected to the FfPFTP Server service. The default value is 10
`
`the maximum is 60 minutes. Efehelf the value is €T2£ users are
`minutes;
`never automatically disconnected.
`Maximum Connections:
`idle Timeout
`
`(min):
`
`Ghapeer—4—UsiHg—the—Mieresef%—FTP—Server—Ser¥iee
`Etee+—Beseriptien
`Home Directory
`Allow Anonymous
`Connections
`Username
`Password
`
`Allow Only Anonymous
`Connections
`
`Specifies the initial directory for users.
`All<fi+1AnenymKfix;——Enables users to connect to the FfP§g§ Server using the user
`Genneeeiens——————name
`
`(or ftp, which is asynenyma synonym for anonymous). Apasswerdg
`anonymous
`password is not necessary, but the user willwill be prompted to
`supply a mail address as the password. By default, anonymous
`connections are not allowed. Notice that you cannot use a
`Windows NT user account with the name anonymous with the FfP
`Egg Server. The anonymous user name is reserved in the FfP£g§
`Server for the anonymous logon function. Users leggingiogging on with
`the username anonymous receive permissions based on the FfP§g§
`Server configuration for anonymous Iogons.
`Usernafiw+———Specifies which local user account to use for FfP§g§ Server users
`who log on under anonymous. Access permissions for the
`anonymous FfP£g§ user will be the same as the specified local user
`account. The default is the standard Guest system account. Tfig you
`change this, you must also change the password.
`Passwerd———Specifies the password for the user account specified in the
`Username box.
`
`Allew—enly—Anenymeus———Allows only the user name anonymous to be accepted.
`Genneetiens——————This
`
`option is useful if you do not want users to log on using their own
`user names and passwords because FfP§g§ passwords are
`unencrypted. However, all users will have the same access
`privilege, defined by the anonymous account. By default,
`option is not enabled.
`
`this
`
`Petitioner Sipnet EU S.R.O. - Exhibit 1018 - Page 159
`
`

`
`Default values are provided.for Maximum Connections, Idle Timeout, and
`2.
`Home Directory.
`Accept the default values, or change values for each field as necessary.
`
`Choose the OK button to close the FfP§g§ Service dialog box and return
`3.
`to the Network
`
`Settings dialog box.
`4.
`To complete initial FfPFTP Server service installation and
`configuration, choose the OK
`button.
`
`AmessageA.message reminds you that you must restart the computer so that the
`changes you made
`will take effect.
`Note
`
`...1.8.2.:.1..—.8fE:.3..§4...
`ag!m1nlstr.atur..
`ernesta 142.1 24.1 ?1 U:UU: 42
`Close
`§..¢cui.:t u
`Refresh
`
`Hyip
`Qffw 34. 4.? 4 Disconnect All
`
`When_you first install the FfP§g§ Server service, you must also complete the
`security eenfigaratien
`confi uration as described in Ehe—fellewing—preeederetue foliowin rocedure
`for users to access g p volumes on yeargg;
`computer.
`
`llJ+>—To configure FfP£g§ Server security
`1.
`AftertheF%P§;gServerhasbeeninstalledandyouhaverestartedControl
`Panel, start the FfP
`
`Egg Server option in Control Panel. Windows NT Server users can also use the
`FfP£E§ menu
`in Server Manager.
`zJ————FTP—User—Sessiens
`
`l|=|;
`T++:ennee4edConnected Users From Time
`
`
`i—'[\)|| Illl
`
`.niii';i=i"i"'W. *=i=i""
`In the FfPFTP User Sessions dialog box, choose the Security button.
`
`¢ nn ml
`
`——————FTP—SerVer—Seeurity—§eguri;y_gga§s
`SeearilTl4—Aeeess—————————T
`PTareieien+—§e+—EE—+gl—Allew—Read
`Eartitiun: F3 afkllnw l3 ead
`File
`
`System Type: HTF3 8
`
`Petitioner Sipnet EU S.R.O. - Exhibit 1018 - Page 160
`
`

`
`3w——£=In the Partition box of the FTP Server Security dialog box, select the
`drive letter you want
`to set security on, and then check the Allow Read or Allow Write check box,
`or both check
`
`boxes, depending on the security you want for the selected partition.
`Repeat this step for each partition.
`Setting these permissions will affect all files across the entire partition
`on file allocation
`
`table (FAT) and high—performance file system (HPFS) partitions. On NTFS
`partitions,
`this
`feature can be used to remove read or write access (or both) on the entire
`
`partition.
`Any restrictions set in this dialog box are enforced in addition to any
`security that might be
`part of the file system. That is, an administrator can use this dialog box
`to remove
`
`permissions on specific volumes but cannot use it to grant permissions beyond
`those
`
`maintained by the file system. For example,
`read—only, no one
`can.write to the partition via FTP regardless of any permissions set in this
`dialog box.
`4.—.=Choose the OK button when you are finished setting security access
`on partitions.
`The changes take effect immediately. The FTT>ServerSen[er service is nowzready
`to operate.
`J
`
`if a partition is marked as
`
`Administeriag—Ehe—FTP Server Serviee
`After initial installation isgg complete,
`automatically started FTP—Server—in;2 the
`background each time the computer is started. Remote computers can initiate
`—an FfP§g§ session
`while the FTP Server service is running on your Windows NT computer. Both
`computers must
`
`the FTP Server service is
`
`be running the TCP+4IP protocol.
`You must be logged on as amembera member of the Administrators group to
`administer the FTP Server.
`
`Remote users can connect to the FTP Server using their account on the FTP
`Server, an
`
`account on the FTP Server ' s domain or trusted domains (Windows NT Server only) ,
`or using
`the anonymous account if the FTP Serversenger service is configured to allow
`anonymous legenslogons.
`When making any configuration changes to the FTP Server (with the exception
`of security
`configuration), you must restart the FTP Server by either restarting the
`computer or manually
`stopping and restarting the server, using the net command or Services icon
`in Control Panel.
`
`TT:———To start or stop the FfP§g§ Server servieesengice
`+—:;Use the Services option_in.Control Panel, or at the-eemmandcommend.prompt
`use the commands
`
`net stop ftpsvc followed by net start ftpsvc.
`
`Petitioner Sipnet EU S.R.O. - Exhibit 1018 - Page 161
`
`

`
`Restarting the service in this way disconnects any users presently connected
`to the FTP Server
`
`without warning—so use the FTP Server option in Control Panel to determine
`if any users are
`connected. Pausing the FTP Server (by using the Services option in Control
`Panel or the net
`
`pause command) prevents any more users from connecting to the FTP Server but
`does not
`
`disconnect the currently logged on users. This feature is useful when the
`administrator wants to
`
`restart the server without disconnecting the current users. After the users
`disconnect on their
`
`the administrator can safely shut down the server without worrying that
`own,
`users will lose
`
`work. When attempting to connect to a Windows NT FTP Server that has been
`paused, clients
`receive theinessage "421.— Serviceznot available, closing control connection."
`Using the Microsoft FTP Server Sewice
`Administering the FTP Server Service
`4of12
`
`Administering the FTP Sewer Service
`Using FTP Commands at the Command Prompt
`When_you install the FTP service, aseta set of ftp commands are automatically
`inséalledlnstalled that you
`can use at the command prompt. For asummarya summary list of these commands,
`see the ftp entry in
`Chapter 11, "Utilities Reference."
`77:———To get help on ftp commands
`1.
`Double—click the Windows NT Help icon in the Program Manager group.
`2.
`In_the Windows NT help window, click the Command Reference Help button.
`
`ah
`
`;£=Click the ftp commands name in the Commands window.
`4.
`Click an ftp command name in the Command Reference window to see a
`description of
`the command, plus its syntax and parameter definitions.
`Using the Microsoft FTP Server Service 50f12
`
`Administering the FTP Server Service
`Managing Users
`Use the FTP Server option in Control Panel to manage users connected to the
`FTP Server and
`
`to set security for each volume on the FTP server. For convenience on Windows
`NT Serversenger
`computers,
`the same dialog box can be reached from Serversenzer Manager by
`choosing the FTP
`menu command.
`
`Tnig the FTP User Sessions dialog box,
`names of
`
`the Connected Users box displays the
`
`connected users,
`connected. For
`
`their system's IP addresses, and how long they have been
`
`users who logged on using the anonymous user name,
`passwords used
`
`the display shows the
`
`Petitioner Sipnet EU S.R.O. - Exhibit 1018 - Page 162
`
`

`
`when they logged on as their user names. Tfthelf the user name contained a
`mail host name (for
`
`example, ernesta@trey—research.com) only the username (ernestaemesta)
`appears. Anonymous
`
`users also have a question mark (;?) over their user icons. Users who have
`been authenticated
`
`by Windows NT security have no question mark.
`GhapEer—4—Using—the—Miereseft—FTP—Server—Serviee
`The PEPE Server allows you to disconnect one or all users with the disconnect
`buttons. Users
`
`are not warned if you disconnect them.
`The FTP Server displays users‘ names as they connect but does not update the
`display when
`users disconnect or when their connect time elapses. The Refresh.button.allows
`you to update
`the display to show only users who are currently connected.
`Choosing the Security button displays the-FfP§g§ Service Security dialog box,
`where you can set
`
`Read and Write permissions for each partition on the FfP§g§ Server, as
`described earlier in this
`
`chapter. You.must set the permissions for each.partition.you.want-FfP§g§1isers
`to have access
`
`to. Efiyeulf you do not set partition parameters , no users will be able to access
`files. If the partition
`uses a secure file system, such as NTFS, file system restrictions are also
`in effect.
`
`In.addition.to-Ff¥LSe&aerFTP Sewer partition security, if a user logs on using
`a Windows NT account,
`access permissions for that account are in effect.
`Using the Microsoft FTP Server Service 6of12
`
`Administering the FTP Sewer Service
`Controlling the FTP Server and User Access
`AnetwerkA network administrator can control several of the FTP Server
`
`configuration variables. One
`such variable, Maximum Connections, can be set by using the Network option
`in Control Panel
`
`to define avalaea value between 0 and 50. Any value from 1 to 50 restricts
`concurrent FTP sessions
`
`to the value specified. AvaleeA value of 0 allows unlimited connections to
`be established to the FfP§g§
`Server until the system exhausts the available memory.
`You can specify a custom message to be displayed when the maximum number of
`concurrent
`
`connections is reached. To do this, enter a new value for MaxClientsMessage
`in the Registry,
`as described in "Advanced Configuration Parameters for FTP Server Service"
`lateriater in this
`
`chapter.
`Using the Microsoft FTP Server Service 7of12
`
`Administering the FTP Server Service
`Annotating Directories
`
`Petitioner Sipnet EU S.R.O. - Exhibit 1018 - Page 163
`
`

`
`You can add directory descriptions to inform-FfP§g§ users of the contents of
`a particular directory
`on the server by creating a file called-7;FTPSVC—;.CKM in the directory that
`you want to
`annotate. Usually you want to make this a hidden file so directory listings
`do not display this
`file. To do this, use File Manager or type the command attrib +h
`....;ftpsvc....;.ckm at the
`command prompt.
`Directory annotation.can.be toggled by FTP users on.a user—by—user basis with
`a built—in,
`site—specific command called ckm. On most FTP client implementations
`(including the
`Windows NT FTP client), users type a command at the command prompt similar
`to quote site
`ckm to get this effect.
`You can set the default behavior for directory annotation.by setting a value
`for
`
`AnnotateDirectories in the Registry, as described in WAdvanced.Configuration
`Parameters for
`
`FTP Serversenzer Service" later in this chapter.
`Using the Microsoft FTP Sewer Service 8of12
`
`Administering the FTP Server Service
`Changing Directory Listing Format
`Some FfP§g§ client software makes assumptions based on the formatting of
`directory list
`information. The Windows NT PEPE Server provides some flexibility for client
`software that
`
`requires directory listing similar to UNIX systems. Users can.use the command
`dirstyle to
`toggle directory listing format between MS—BGS—styleDOSstyle (the default)
`and UNIX—style listings. On
`most FfP£l§ client implementations (including the Windows NT‘FfP£l§ client),
`users type aeemmandg
`command at the command prompt similar to quote site dirstyle to get this
`effect.
`
`You can set the defaaledefautt style for directory liseiagiisting format by
`setting avalaea value for MsDosDirOutput
`in the Registry, as described in "Advanced Configuration Parameters for -PEPE
`Server Service"
`
`later in this chapter.
`Using the Microsoft FTP Sewer Service 9of12
`
`Administering the FTP Sewer Service
`Customizing Greeting and Exit Messages
`You can create customized greeting and exit messages by setting values for
`GreetingMessage and ExitMessageExitNlessage in the Registry, as described in
`"Advanced Configuration
`Parameters for PEPE Server Service" later in this chapter. By default, these
`value entries are not
`
`in the Registry, so you must add them to customize the message text.
`Greeting and.exit messages are sent to users when.they connect or disconnect
`from the FfP§g§
`
`Petitioner Sipnet EU S.R.O. - Exhibit 1018 - Page 164
`
`

`
`Server. When you create custom messages, you can add multiline messages of
`your choice.
`Using the Microsoft FTP Server Service 10 Of12
`
`Administering the FTP Sewer Service
`Logging FTP Connections
`You can log incoming FfP§g§ connections in the System event log by setting
`values for
`
`LogAnonymous and LogNonAnonymous in the Registry, as described in "Advanced
`Configuration Parameters for FfP§g§ Server Service" later in this chapter.
`By default,
`these value
`entries are not in the Registry, so you must add them to log incoming
`connections.
`
`You can specify whether event legggg entries are made for both anonymous and
`nonanonymous
`
`users connecting to the-FfP§g§ Server. You.can.view such.entries in.the System
`event
`log by
`using Event Viewer.
`Ghapter—4é Using the Microsoft FTP Serversewer Service 11 of12
`
`Advanced Configuration Parameters for
`FTP Server—Serviee—Sewer Sengice
`Th