| Subject | Re: [firebird-support] Re: Cannot connect to database from client over LAN, frustrated please help. |
|---|---|
| Author | Michael Ludwig |
| Post date | 2010-09-11T13:04:45Z |
Helen Borrie schrieb am 10.09.2010 um 08:27 (+1200):
The Release Notes for 2.0.6 have the following statement on page 8:
Change to WNET (“NetBEUI”) Protocol
WNET (a.k.a. NetBEUI) protocol no longer performs client
impersonation. In all previous Firebird versions, remote
requests via WNET are performed in the context of the client
security token. Since the server serves every connection
according to its client security credentials, this means
that, if the client machine is running some OS user from an
NT domain, that user should have appropriate permissions to
access the physical database file, UDF libraries, etc., on
the server filesystem. This situation is contrary to what is
generally regarded as proper for a client-server setup with
a protected database.
Such impersonation has been removed in Firebird 2.0. WNET
connections are now truly client-server and behave the same
way as TCP ones, i.e., with no presumptions with regard to
the rights of OS users.
This is repeated verbatim in the Release Notes für 2.3.1 on page 10.
It doesn't sound like deprecation to me.
Also, scanning those documents for "deprec" doesn't reveal Named Pipes
(alias WNET alias NetBEUI) is deprecated.
So what am I missing?
--
Michael Ludwig
>When has it been deprecated?
> fb_server:d:\path_to\database
>
> or
>
> fb_server:aliasname
>
> The string that Maya (I think) gave you, viz.
> \\fb_server\d:\path_to\database
>
> is not TCP/IP, so ping isn't applicable to it. It is the string for
> the deprecated "NetBEUI protocol" (or, more correctly, Named Pipes
> transport).
The Release Notes for 2.0.6 have the following statement on page 8:
Change to WNET (“NetBEUI”) Protocol
WNET (a.k.a. NetBEUI) protocol no longer performs client
impersonation. In all previous Firebird versions, remote
requests via WNET are performed in the context of the client
security token. Since the server serves every connection
according to its client security credentials, this means
that, if the client machine is running some OS user from an
NT domain, that user should have appropriate permissions to
access the physical database file, UDF libraries, etc., on
the server filesystem. This situation is contrary to what is
generally regarded as proper for a client-server setup with
a protected database.
Such impersonation has been removed in Firebird 2.0. WNET
connections are now truly client-server and behave the same
way as TCP ones, i.e., with no presumptions with regard to
the rights of OS users.
This is repeated verbatim in the Release Notes für 2.3.1 on page 10.
It doesn't sound like deprecation to me.
Also, scanning those documents for "deprec" doesn't reveal Named Pipes
(alias WNET alias NetBEUI) is deprecated.
So what am I missing?
--
Michael Ludwig