A.2 NCPCON SET Parameters

NCPCON provides several SET parameters that can be used to customize your NCP Server configuration. The parameters can be changed by entering set parameter_name while in the NCPCON utility. You can also enter ncpcon set parameter_name at the Linux command line.

The following sections identify the global NCP Server parameters with their default values and valid options:

A.2.1 Directory Cache Management for NCP Server

Parameter Name and Description

Default Value

Value Options

MAXIMUM_CACHED_FILES_PER_SUBDIRECTORY

Controls the maximum number of file entries that can be cached by the system for a given folder in the directory cache.

The NCP engine attempts to cache all files in a subdirectory for better performance, but sometimes memory is insufficient, so the NCP engine handles instances where only some of the file metadata is cached.

Changing this parameter might improve or worsen performance, depending on your usage patterns.

10240

Minimum is 512 files.

MAXIMUM_CACHED_FILES_PER_VOLUME

Controls the maximum number of file entries that can be cached by the system for a given volume in the directory cache.

The NCP engine attempts to cache as many files as possible for better performance, but sometimes memory is insufficient, so the NCP engine handles instances where only some of the file metadata is cached.

Changing this parameter might improve or worsen performance, depending on your usage patterns.

256000

Minimum is 2048 files.

MAXIMUM_LAZY_CLOSE_FILES

Controls the maximum number of file handles that can be lazy closed in the directory cache.

When the NCP engine opens files for a client, it manages one Linux file handle for each file that is opened, regardless of how many clients open the same file. When a file is closed by the client, the NCP engine waits before closing the file just in case a client wants to reopen the file. This is called a “lazy close.”

This parameter controls how many files can be in a lazy close state at one time. If the configured maximum lazy close files number has been reached, the files that are closed by a client also have their Linux file handles immediately closed.

Linux limits how many file handles can be in use at one time (64,000), so setting this number too high can have negative consequences.

4096

16 to 64000

MAXIMUM_CACHED_SUBDIRECTORIES_PER_VOLUME

Controls the maximum number of folder entries that can be cached by the system for a volume in the directory cache.

102400

4096

LOG_CACHE_STATISTICS

Controls whether cache statistics are logged in the ncpserv.log file.

0

0 - Disable

1 - Enable

A.2.2 Dynamic Storage Technology for NCP Server

For information about configuring global policies for DST, see the OES 23.4: Dynamic Storage Technology Administration Guide.

Parameter Name and Description

Default Value

Value Options

DUPLICATE_SHADOW_FILE_ACTION

Controls how duplicate files conflicts are handled.

0

0 - Show duplicate shadow files (default)

1 - Hide duplicate shadow files

2 - Rename duplicate shadow files

3 - Delete duplicate files from shadow area

4 - Move duplicate shadow files to /._DUPLICATE_FILES

DUPLICATE_SHADOW_FILE_BROADCAST

Controls whether broadcast messages are sent to NCP users whenever duplicate files conflicts occur.

1

0 - Disable

1 - Enable

REPLICATE_PRIMARY_TREE_TO_SHADOW

By default, the REPLICATE_PRIMARY_TREE_TO_SHADOW option is set to 1. Ensure this option is always set to 1, so when the existing NSS volumes are configured for DST, the primary volume directory tree structure will get replicated to the shadow volume directory tree. Beginning with OES 2018 SP3, the NSS filesystem is DST aware for new volumes, so the primary volume directory tree structure will always be replicated on the shadow volume directory tree.

1

0 - Disable

1 - Enable

SHIFT_ACCESSED_SHADOW_FILES

Controls whether files are moved from the secondary volume to the primary volume if the volume is accessed twice during a specified elapsed time. Use SHIFT_DAYS_SINCE_LAST_ACCESS to specify the time period. The file is moved after it is closed.

0

0 - Disable

1 - Enable

SHIFT_MODIFIED_SHADOW_FILES

Controls whether files are moved from the secondary volume to the primary volume if the file is modified. The file is moved after it is closed.

1

0 - Disable

1 - Enable

SHIFT_DAYS_SINCE_LAST_ACCESS

Specifies the number of elapsed days during which a file must be accessed twice before it is moved. This applies only if SHIFT_ACCESSED_SHADOW_FILES is enabled.

1

0 - Disable

1 to 365 (in days)

REPLICATE_PRIMARY_TREE_TO_SHADOW=<value>

By default, the REPLICATE_PRIMARY_TREE_TO_SHADOW option is set to 1. Ensure this option is always set to 1, so when the existing NSS volumes are configured for DST, the primary volume directory tree structure will get replicated to the shadow volume directory tree.

Beginning with OES 2018 SP3, the NSS filesystem is DST aware for new volumes, so the primary volume directory tree structure will always be replicated on the shadow volume directory tree.

1

0 - Disable

1- Enable

A.2.3 Locks Management for File Access on NCP Server

Parameter Name and Description

Default Value

Value Options

CROSS_PROTOCOL_LOCKS

Controls cross-protocol file locking support between NCP and other protocols, including OES CIFS. Cross-protocol locks help prevent the same file from being concurrently accessed for modifications with multiple protocols. Each recognizes when the other has the file in use.

Turning this option on decreases performance, so do not turn it on unless you plan on sharing files across multiple protocol clients.

1

1 - Enable

0 - Disable

OPLOCK_SUPPORT_LEVEL

Controls NCP opportunistic locking.

Oplocks are locks that allow the client to cache file data for better performance.

2

0 - Disable

1 - Exclusive locks

2 - Shared and exclusive locks

LOCK_RANGE_MASK

1

By default this parameter is turned on. Setting the parameter value to 0 turns off this parameter and does not permit locking beyond the 0x7fffffffffffffff region.

NCP Server has an internal byte-ranging mechanism to prevent potential data corruption when files on NSS and NCP volumes are accessed by NCP clients. Cross-protocol file locking uses the Linux Advisory byte-range lock to prevent potential data corruption when files are accessed by non-NCP file access protocols and by other applications that directly access the files with POSIX APIs. By default, cross-protocol file locking is enabled (CROSS_PROTOCOL_LOCKS = 1) on OES 2015 SP1 and later servers. Cross-protocol file locking is enforced globally for all NCP and NSS volumes on the server.

Non-NCP file access protocol include OES CIFS. Applications include any application or service that accesses data on an NCP volume or NSS volume, such as SSH, FTP, restore, scripts, antivirus, database, management tools, and so on.

For example, when ConsoleOne is used to administer the GroupWise database, GroupWise agents directly access the files. You must enable CROSS_PROTOCOL_LOCKS in order for the Linux Advisory byte-range locks to work and prevent any potential data corruption.

NOTE:Disabling cross-protocol file locking can cause data corruption if any application or non-NCP file access protocol accesses the same data that is accessed via NCP. We recommend that you do not disable cross-protocol file locking, even if NCP is the only active file access protocol.

For better performance, you can disable cross-protocol file locking if you are not using non-NCP file access protocols and the files are not directly accessed by other applications. However, this is not recommended, because disabling cross-protocol file locking can cause data corruption.

A.2.4 Logs of NCP Server Events

Table A-1 Server Parameter Information for Logging NCP Server Events

Parameter Name and Description

Default Value

Value Options

LOG_LEVEL

Controls the nature and types of messages that are logged to the /var/opt/novell/log/ncpserv.log file.

WARN

Each level logs entries for its level and the levels listed above it.

  • NOTHING – Disable logging.
  • ERROR – Log only error messages
  • WARNING – Log warning and error messages
  • INFO – Log informational, warning and error messages.
  • DEBUG – Log informational, warning, debug and error messages.
  • ALL – Log all messages.

LOG_CACHE_STATISTICS

Controls whether cache statistics are logged in the ncpserv.log file.

Turning this setting on causes the NCP engine’s directory cache to output statistics to a log file. Information such as the number of cached files, number of cached directories, number of open files, etc. is logged.

0

0 - Disable

1 - Enable

LOG_IDBROKER_ERRORS

Controls whether ID broker errors are logged in the ncpserv.log file.

0

0 - Disable

1 - Enable

LOG_MEMORY_STATISTICS

Controls whether memory statistics are logged in the ncpserv.log file.

0

0 - Disable

1 - Enable

A.2.5 NCP Communications

Table A-2 Server Parameter Information for Communications

Parameter Name and Description

Default Value

Value Options

FIRST_WATCHDOG_PACKET

Controls how long to wait in minutes of inactivity before checking to see if an NCP connection is still alive.

The server sends an NCP ping packet to the client if it detects no client activity for a specified amount of time. By doing this, the server tries to keep the connection alive. You can configure this parameter if there is any mechanism implemented between the server and the client that would break idle connections.

0

0 - Disable

1-120(minutes) - Enable

NCP_TCP_KEEPALIVE_INTERVAL

If the client is inactive for a configured amount of time, the server sends a TCP packet to the client to check if the client is still connected to the server or not. If the server does not get an acknowledgement from the client, then the server identifies that the client is not available and clears all the information related to the specific client connection.

8 minutes

3 to 240 (minutes)

DISABLE_BROADCAST

Controls the ability to broadcast messages from the NCP Server.

0

0 - Disable

1 - Enable

A.2.6 NCP Server Environment

Table A-3 Server Parameter Information for the NCP Server Environment

Parameter Name and Description

Default Value

Value Options

LOCAL_CODE_PAGE

Controls which base code page is used by the NCP Server.

This setting defines the local code page used for file and subdirectory names, except for case 89 NCPs that use UTF-8. This value should be set to match the majority of your clients.

Syntax:

LOCAL_CODE_PAGE code_page 

For example:

LOCAL_CODE_PAGE CP437

You can get the complete list by typing the following command at the linux command line:

iconv - - list | more

CP437

Valid language codes

Commonly used values are:

CP437 for the standard English character set.

CP850 for European character sets.

CP932 for Japanese

CP949 for Korean

CP866 for Russian

GBK for simplified Chinese

BIG5 for traditional Chinese

NCP_FILE_SERVER_NAME

This parameter is set by eDirectory when the NCP Server is installed, and must not be modified arbitrarily.

For information, see Section 3.12, Modifying the NCP File Server Name.

Server hostname

This setting must match the server hostname, such as server1.

A.2.7 NCP Volumes

Table A-4 Server Parameter Information for Volume and File Management

Parameter Name and Description

Default Value

Value Options

COMMIT_FILE

This parameter assures an NCP client that all data previously written to a file has been written to disk. Because files must be stored on the physical storage medium before certain actions are attempted, this call provides a checkpoint that guarantees that the file has been flushed from cache and written to disk.

When this parameter is enabled, it calls the Linux fsync command to flush data from cache and write it to the disk, then it returns success to the calling function.

When this parameter is disabled (the default setting), nothing is done, but it returns success to the calling function.

0

0 - Disable

1 - Enable

EXECUTE_ATTRIBUTE_SUPPORT

With this setting turned on, the NCP “execute only” attribute can be associated with the user mode execute bit on a file or subdirectory. With this setting turned on, NCP clients can set or clear this bit.

The Client for Linux uses this bit to represent the user mode execute bit on a file or subdirectory.

1

0 - Disable

1 - Enable

KEEP_NSS_FILE_DELETOR_IDS

This option is for retaining the deletor ID when a file is deleted on NSS volumes.

NCP notifies NSS to provide the identity of the user who initiated the delete. This information is then retained by NSS and available when the file is salvaged, assuming that the Salvage attribute is enabled for the NSS volume when the file is deleted and salvaged.

1

0 - Disable

1 - Enable

SENDFILE_SUPPORT

This option allows the NCP Server to send file read data to the client directly from the Linux Kernel Ring 0 environment, rather than copying it to Ring 3 and then back to Ring 0. Turning on this option gives you a slight performance improvement.

The send file support is not available when encryption is enabled or enforced. That is, setting SENDFILE_SUPPORT=1 with encryption enabled or enforced does not have any impact. Hence, it is recommended to set SENDFILE_SUPPORT=0, when encryption is enabled or enforced. Although for non-encrypted connections (with encryption disabled), SENDFILE_SUPPORT=1 will still be effective.

0

0 - Disable

1 - Enable

SYNC_TRUSTEES_TO_NSS_AT_VOLUME_MOUNT

Controls trustee resynchronization for an NSS volume when it is mounted for NCP.

0

0 - Disable

1 - Enable

VOLUME_GONE_WARN_USERS

Controls whether a message is broadcast to warn users when the volume path is no longer present.

1

0 - Disable

1 - Enable

A.2.8 NCP Volumes Low-Space Warning

Table A-5 Server Parameter Information for Volume Low-Space Warning

Parameter Name and Description

Default Value

Value Options

VOLUME_EMPTY_WARN_USERS

Controls whether a message is broadcast to warn users when no volume space is available.

1

0 - Disable

1 - Enable

VOLUME_LOW_WARN_USERS

Controls whether a message is broadcast to warn users when volume space is low.

1

0 - Disable

1 - Enable

VOLUME_LOW_WARNING_RESET_THRESHOLD

Sets the high watermark threshold (in blocks), which is the level where the low watermark threshold is reset, and users no longer receive the low-space message. An NSS block is 4 KB.

128

0 to 100000

VOLUME_LOW_WARNING_THRESHOLD

Sets the low watermark threshold (in blocks) that indicates space is low. An NSS block is 4 KB.

64

0 to 100000

A.2.9 Enabling or Disabling UID Updates

Use the commands in this section to enable or disable the maintenance thread to update UIDs. If users are LUM-enabled, you should update UIDs at least once in every 3 or 4 days.

Table A-6 Server Parameter Information for Enabling or Disabling UID Updates

Parameter Name and Description

Default Value

Value Options

UID_UPDATE_ENABLED

Controls the maintenance thread to update UIDs.

0: Disables UID updates. You can disable UID updates only if all users are non-LUM users.

1: Enables periodic UID updates. Set the frequency of updates by using the UID_UPDATE_PERIOD parameter.

2: Enables a one-time UID update. After updating, the maintenance thread resets the parameter to the previous value.

1

0 - Disable

1 - Enable periodic updates

2 - Enable one-time update

UID_UPDATE_PERIOD

Sets the frequency in hours. This option is applicable only if UID_UPDATE_ENABLED is set to 1.

The maintenance thread completes the previous cycle and then updates according to the new value set.

For example, if the previous value of UID_UPDATE_PERIOD was 45 minutes and the new value set is 30 minutes, the maintenance thread completes the 45-minute cycle first and then updates every 30 minutes.

Default and minimum value: 0.5 (30 minutes or half of an hour)

Maximum: No limits

Examples

ncpcon set UID_UPDATE_ENABLED=0

The maintenance thread does not update UIDs.

ncpcon set UID_UPDATE_ENABLED=1
ncpcon set UID_UPDATE_PERIOD=0.5

The maintenance thread updates UIDs every 30 minutes.

ncpcon set UID_UPDATE_ENABLED=2

Triggers an immediate one-time update of the UID, then resets the value to 1.

A.2.10 Enabling or Disabling Logging eDirectory Object Rename or Delete Events

When an object is deleted or renamed in eDirectory, NCP sends a notification to NSS via IPC and logs the event in the /opt/novell/ncpserv/sbin/objecthistory.txt file. Beginning with OES2015 SP1, this file is renamed to objecthistory.log, moved to /var/opt/novell/log/ directory, and added to the log rotation. You can choose to disable or enable logging of object history events.

Table A-7 Server Parameter Information for Enabling or Disabling Logging eDirectory Object Rename or Delete Events

Parameter Name and Description

Default Value

Value Options

LOG_OBJECT_HISTORY = <value>

0: Disables logging rename or delete eDirectory object events.

1: Enables logging rename or delete eDirectory object events.

1

0 - Disable

1 - Enable

Examples

ncpcon set LOG_OBJECT_HISTORY = 1
ncpcon set LOG_OBJECT_HISTORY = 0

A.2.11 Augmented Size of NCP Verbs 87_20 and 89_20 Replies

Certain NCP verb replies require 64K buffers to be allocated internally from the memory subsystem. If there are a number of such requests, a chunk of memory is allocated and processed for each request.

Continuous allocation and deallocation of a huge chunk of memory buffers makes the memory subsystem busy.

To offload the memory subsystem, a buffer pool is created when the NCP server starts, and a 64K buffer is allocated from the buffer pool for processing and storing the reply data.

Suggestions for configuring the CONN_LBUF_POOL_SIZE parameter.

Specify the memory pool size in MB.

If it is expected that the maximum of "n" number of connections will actively access the NCP server during the peak time at any single point of time, set CONN_LBUF_POOL_SIZE to n/32.

This calculation is based on the assumption that only half of those connections require a 64K buffer to store the reply.

NOTE:Although this parameter can be configured dynamically, it will be effective only after the next restart of ndsd.

Until ndsd is restarted, the existing buffer pool will remain intact and will not be changed to accommodate the new size value.

Pool minimum size: 10 MB

Pool maximum size: 1024 MB

Pool default size: 64 MB