Re: [WinMac] Mac DHCP client behaviour with NT4 DHCP Server

concordia1@fuse.net
Wed, 14 Jul 1999 17:57:02 -0400

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Next message: tom lyczko: "[WinMac] recommended NT lists or sites??"
Previous message: concordia1@fuse.net: "Re: [WinMac] Mac DHCP client behaviour with NT4 DHCP Server Service"

WinMac Digest #367 - Wednesday, July 14, 1999

  Mac DHCP client behaviour with NT4 DHCP Server Service
          by "Daniel L. Schwartz" <expresso@snip.net>
  Group permissions question
          by "Christopher Giles, Systems Manager" <filenes@cybercom.net>
  Re: [WinMac] Group permissions question
          by "Bruce Johnson" <johnson@Pharmacy.Arizona.EDU>
  Opening Ports on IIS 4.0
          by "Steven Thomas" <sthomas@ckls.org>
  Re: [WinMac] Mac DHCP client behaviour with NT4 DHCP Server Service
          by <concordia1@fuse.net>

Subject: Mac DHCP client behaviour with NT4 DHCP Server Service
From: "Daniel L. Schwartz" <expresso@snip.net>
Date: Wed, 14 Jul 1999 08:08:37 -0400
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"

Good morning!

From <http://til.info.apple.com/techinfo.nsf/artnum/n58372>, I quote the
last paragraph:

TCP/IP Options (Mac OS 8.6)
---------------------------

For administrators who prefer the 8.1 DHCP client behavior, the TCP/IP
Options control panel will allow users to revert to the old behavior. By
checking the box for "don't retain DHCP lease on shutdown, " the Mac will
always start up with DHCPDISCOVER, and always send a DHCPRELEASE upon
unloading the IP stack.

DAN'S COMMENT:
--------------

This will fix the problem with MacOS 8.5 & 8.5.1's DHCP client and
NT4/Server DHCP Service. The problem was an improper Open Transport 2.0.1 &
2.0.2 startup in an INIT-REBOOT state

ENTIRE ARTICLE:
---------------

TITLE
Open Transport: DHCP Client Behavior Article ID:
Created:
Modified: 58372
5/12/99
5/12/99

---------------------------------------------------------------------------

TOPIC
This article describes the behavior of the DHCP client in different
versions of Open Transport.

---------------------------------------------------------------------------

DISCUSSION
In response to customer feedback, Apple has changed the DHCP client
implementation in MacOS 8.5, and again in MacOS 8.6. A given DHCP client
may behave in unexpected ways with certain DHCP servers. This document is
to aid in troubleshooting DHCP problems by providing a reference for the
expected behavior for each version of Open Transport and the MacOS.

For a complete description of the terms terms used below, and for a
description of the DHCP protocol, see RFC 2131.

Mac OS 8.1 and earlier (Open Transport 1.3.1 and earlier)
---------------------------------------------------------

IP Load
------

Every time the IP stack loads, the DHCP client sends out a DHCPDISCOVER
packet. If the Mac receives no response to this, IP will not load and any
application trying to use IP services will return an error.

Loading IP in this manner does not attempt to keep the same IP address
across reboots. Depending on the DHCP server configuration, the client may
receive a different IP address every time the IP stack loads.

IP Unload
---------

When the IP stack unloads, the DHCP client will send a DHCPRELEASE.

Mac OS 8.5.x (OpenTransport 2.0.1 & 2.0.2)
------------------------------------------

IP Load
-------

The DHCP client was modified in 8.5 so that the client would attempt to
regain the previously assigned IP address if the lease is still active when
the IP stack loads. This makes it much more likely that a machine will
retain the same IP address across reboots.

The IP stack can load in two different states in MacOS 8.5:

INIT
----

A client will start up in the INIT phase when (a) the previous lease has
expired when the client starts up, or (b) there is no previous lease
information (this is the first startup with DHCP, or the previous attempt
to load IP timed out). In the INIT state, the Mac will send out a
DHCPDISCOVER, requesting a lease from any DHCP server on the network.

If the Mac client receives no response to the DHCPDISCOVER after about a
16-20 second wait, DHCP will generate a randomly chosen in the range
169.254.0.0 to 169.254.254.255 inclusive and a subnet mask of 255.255.0.0.
There will be no DNS server or gateway address included with the temporary
configuration. The client will attempt to contact a DHCP server at 5 minute
intervals if this happens.

INIT-REBOOT
-----------

If the client's last assigned DHCP lease has not expired, then the client
starts up in the INIT-REBOOT state in an attempt to regain the most
recently used IP address. The Mac will broadcast a DHCPREQUEST asking to
use its last IP address.

The server should respond to a DHCPREQUEST in one of two ways:

1. Server sends the client DHCPACK, which tells the client that it may use
the requested IP address. In this case the client will proceed with a new
lease on the same IP address.
2. Server sends the client DHCPNACK, which tells the client that it may not
use the requested IP address. The client then moves to the INIT state and
sends out DHCPDISCOVER as noted above.

If the Mac begins in the INIT-REBOOT state and receives no response to its
DHCPREQUEST, this attempt to load the IP stack fails and the client will
not have IP services. The state of the client is changed so the next stack
load will start in the INIT state described above.
IP Unload

When the IP stack unloads, the DCHP client will send out a DHCPRELEASE.
This lets the the server know that the client no longer needs the IP
address and frees the server to allocate the address to another client.

Mac OS 8.6 (OpenTransport 2.0.3)
--------------------------------

IP Load
-------

The DHCP client behaves similarly to MacOS 8.5 in that IP initially loads
in the INIT state, and will load in the INIT-REBOOT state (sending out a
DHCPREQUEST) if its previously assigned lease has not expired. However,
unlike MacOS 8.5, if no DHCP server responds and INIT-REBOOT times out, the
machine will automatically revert to the INIT state, send out a
DHCPDISCOVER, and search for another DHCP server on the network.

If there is no response to the DHCPDISCOVER after a few tries, it will pick
a randomly generated IP address as in MacOS 8.5.

IP Unload
---------

When the IP stack unloads, the DHCP client will no longer send a DHCPRELEASE.

Furthermore, once a DHCP lease is obtained, the IP stack will not unload,
regardless of whether or not "Load Only When Needed" is checked (this is
not true for PPP links, since this wouldn't allow users to automatically
hang up after a specified period of idle time). The Mac will only unload
the IP stack if it is shutdown, restarted, or inactivated in the TCP/IP
control panel. In addition, the stack will unload on a PowerBook when it is
put to sleep. Otherwise, it will continue to renew the DHCP lease.

TCP/IP Options (Mac OS 8.6)
---------------------------

Subject: Group permissions question
From: "Christopher Giles, Systems Manager" <filenes@cybercom.net>
Date: Wed, 14 Jul 1999 11:54:16 -0400
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

I posted this to the microsoft.public.windowsnt.mac newsgroup, but
haven't had any replies yet. I'm hoping for a better response here. Any
help or advice would definitely be appreciated. Thanks in advance.

-Chris

"Christopher Giles, Systems Manager" wrote:
>
> I'm looking to set up special permissions on a few large SFM volumes so
> that Domain Users have read-only permissions, and a special subset (call
> it Group X) has read-write permissions.
>
> On one server, I tried this by granting Read access to Domain Users, and
> Full Control to Group X. All members of Group X are also Domain Users,
> but their "Primary Group" is set to Group X.
>
> Unfortunately, when members of this group create a folder on the server,
> the new folder doesn't properly inherit the permissions of its parent.
>
> When I check the security properties of the new folder, the Owner is the
> user that created it, and the permissions are as follows:
>
> Administrators: Full Control
> Domain Admins: Full Control
> Domain Users: Read
> Everyone: Special Access
> (User name): Full Control
> SYSTEM: Special Access
>
> The parent directory is as follows:
>
> Owner: Administrators
>
> Administrators: Full Control
> Domain Admins: Full Control
> Domain Users: Read
> Group X: Full Control
> System: Full Control
>
> So, what is happening here? And what is the proper way of setting
> permissions to achieve my goal?
>
> Any help would be greatly appreciated, as I am about to set up a new
> server and hope to avoid these problems on the new box. Please reply via e-mail.
>
> Thanks.
>
> Chris

Subject: Re: [WinMac] Group permissions question
From: Bruce Johnson <johnson@Pharmacy.Arizona.EDU>
Date: Wed, 14 Jul 1999 09:28:17 -0700
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

You have to add Creator/Owner with Full permissions, too, to the top
folder, then reset the permissions. Also, you don't need to give full
control, only Change control to anyone you just want to give read/write
perms to.

Christopher Giles, Systems Manager wrote:
>
> I posted this to the microsoft.public.windowsnt.mac newsgroup, but
> haven't had any replies yet. I'm hoping for a better response here. Any
> help or advice would definitely be appreciated. Thanks in advance.
>
> -Chris
>
> "Christopher Giles, Systems Manager" wrote:
> >
> > I'm looking to set up special permissions on a few large SFM volumes so
> > that Domain Users have read-only permissions, and a special subset (call
> > it Group X) has read-write permissions.
> >
> > On one server, I tried this by granting Read access to Domain Users, and
> > Full Control to Group X. All members of Group X are also Domain Users,
> > but their "Primary Group" is set to Group X.
> >
> > Unfortunately, when members of this group create a folder on the server,
> > the new folder doesn't properly inherit the permissions of its parent.
> >
> > When I check the security properties of the new folder, the Owner is the
> > user that created it, and the permissions are as follows:
> >
> > Administrators: Full Control
> > Domain Admins: Full Control
> > Domain Users: Read
> > Everyone: Special Access
> > (User name): Full Control
> > SYSTEM: Special Access
> >
> > The parent directory is as follows:
> >
> > Owner: Administrators
> >
> > Administrators: Full Control
> > Domain Admins: Full Control
> > Domain Users: Read
> > Group X: Full Control
> > System: Full Control
> >
> > So, what is happening here? And what is the proper way of setting
> > permissions to achieve my goal?
> >
> > Any help would be greatly appreciated, as I am about to set up a new
> > server and hope to avoid these problems on the new box. Please reply via e-mail.
> >
> > Thanks.
> >
> > Chris
>
> * Windows-MacOS Cooperation List *

-- Bruce Johnson University of Arizona College of Pharmacy Information Technology Group

Subject: Opening Ports on IIS 4.0 From: Steven Thomas <sthomas@ckls.org> Date: Wed, 14 Jul 1999 15:24:47 -0500 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"

Our ILL Dept. has recently installed software that needs ports 210 and 2210 open through the MS Proxy firewall. My tech guy says run MSP Client it'll fix everything. It doesn't!

All I get is unable to make connection. I have found the proxy server administrator pannel on the server and the ports box on the winsock server section. I'm just not sure how to proceed. I put in the numbers and used TCP for the protocol, but it still doesn't work. Do I need more info from the software manufacturer, or am I doing something wrong at a more basic level?

(Learning this stuff as I go :-|)

Cordially,

Steven Thomas CKLS Automation Services

Subject: Re: [WinMac] Mac DHCP client behaviour with NT4 DHCP Server Service From: concordia1@fuse.net Date: Wed, 14 Jul 1999 17:57:02 -0400 Mime-version: 1.0 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit

At home, we are using a 3com lanmodem to connect by dhcp from several computers: 3 Macs and 3-4 PCs.

The macs have no problem connecting, sending or receiving mail. Works great. But, the PCs will not upload large mail or any attached files except on the rarest occasions. Anyone know why this happens and how to fix it?

On my husbands, he will switch from ethernet to dialup with his modem to send and it takes no time at all. Does the switching mess up the lanmodem? And if so, why would it affect all PCs and not just his machine? Barb >

* Windows-MacOS Cooperation List *

Next message: tom lyczko: "[WinMac] recommended NT lists or sites??"
Previous message: concordia1@fuse.net: "Re: [WinMac] Mac DHCP client behaviour with NT4 DHCP Server Service"

This archive was generated by hypermail 2.0b2 on Wed Jul 14 1999 - 17:04:04 PDT