Products and Services
ArchiCAD TeamWork over WAN
by Tibor Sárdy, ArchiCAD Development
Case #1: The server and all clients are Macintosh computers
Case #2: The server computer and all clients are Windows computers
Case #3: The clients are Windows and Macintosh computers
How to verify the connection and TCP/IP settings
Introduction
ArchiCAD does not support TeamWork functionality over wide area networks (Internet) natively. However, by using the right combination of the client (the machine where ArchiCAD is running) and server (the computer the TeamWork files and libraries reside on) operating systems you can overcome the inability to open project files via FTP links.
Possible solutions:
There are a couple of options, depending on the client computers you are using:
- MacOS 9 and higher natively support AFP over IP (Apple’s File transfer Protocol over Internet Protocol). With the help of this feature, Macintosh computers can be linked together and use each other’s shared resources over WAN links as they should be in the same LAN (see case # 1). This technology is suitable only for homogenous Macintosh environments.
-If your client is running under Microsoft Windows NT 4.0 or 2000 (see case # 2) you can use a Windows NT Server machine to share the TeamWork files (you can decide to use a workstation computer rather than a server. But keep in mind that a WindowsNT workstation computer can only serve a maximum of 12 concurrent connections).
-If you have a heterogeneous Mac/Windows environment you have to use a Windows 2000 Server computer with services for Macintosh installed to store the TeamWork files (see case # 3).
The cases below assume that TCP/IP is correctly configured in all the computers, so they can connect to each other.
Case #1: The server
and all clients are Macintosh computers
Server Side:
Make sure that the "Enable File Sharing Clients…" check box is checked in the File Sharing Control Panel and share your TeamWork files, as you normally would.
Note: server computer must be running MacOS 9 or higher, because the above service is not available in previous OS versions.
Client Side:
To be able to connect to the shared resource over TCP/IP clients must have MacOS 8.6 or higher.
Open Chooser, choose AppleTalk and click the "Server IP Address…" button.
In the appearing dialog type the IP address of the server machine into the text field and click "Connect". (For information on how to find out the IP address of a computer refer to the "How to verify the connection and TCP/IP settings" section in the end of this document.)
If the connection can be established, the standard "Connect to the file server:" and Shared Resources dialog will appear:
The chosen shared resource will appear on the Desktop, so you can use it just as if it were a regular volume (in the ArchiCAD point of view this means you can sign in and send changes to a TeamWork project stored in this volume).
Case #2: The server
computer and all clients are Windows computers
In this case you will use NetBIOS over TCP/IP to connect two Windows machines.
Simply type the IP address of the computer you want to connect to into the "Address" field. If the connection can be made, the list of shared resources will be displayed in the window. Depending on the security settings on the server computer, you may be asked for a UserID and Password. We highly recommend that you do not share resources without protecting them with passwords (see the Security issues section at the end of this document).
Once you have established the connection, you can use the shared resource as if it were a regular volume (from the ArchiCAD point of view this means you can sign in and send changes to a TeamWork project residing in this volume). You might want to map the share into a local drive letter for easier navigation.
Case #3: The clients
are Windows and Macintosh computers
In this case, the requirements for the server computer are higher and the set-up process is a bit more complicated than the first two cases because we have to provide file access for both Windows and Macintosh computers.
To accomplish this task, share the TeamWork files on an NTFS volume (NTFS is the native file system of WindowsNT, and the only file system format that supports Macintosh accessible volumes) on a Windows 2000 Server or Advanced Server computer. In this case, the use of an NT Workstation or Windows 2000 Professional are not possible because however Windows NT Server supports Mac volumes but the connection to them over TCP/IP is introduced only in Windows 2000 Server.
Share a folder to both Macintosh and Windows clients.
(For detailed information on how to set up a Macintosh accessible volume, see the documentation of your Win2000 server software).
The process of connecting to the shared resource is the very same as it was in the first two cases, except that the all Mac clients will need to have an account in the Windows server.
Security Issues
Publishing sensitive information over the Internet is dangerous. It is highly recommended to make your materials at least password protected instead of sharing with guests and giving change permissions (on the Mac) or with full control for everyone (on Windows), which would allow an unauthorized person to read or even destroy data.
Sending passwords in clear text format over the Internet is also a security problem (it is the way that FTP authentication works!) because they can be easily captured. If you use Microsoft Authentication it is more complicated for intruders to collect and decode the passwords you are using.
From the security point of view, the use of a Macintosh computer is much more secure. MacOS 9 has no remote log in feature that would allow intruders to take over the control of the entire machine (it will change in MacOS X). If you connect from a Mac to a Windows computer and want to use Microsoft authentication rather than Apple’s (the Microsoft authentication is more secure) run the Microsoft UAM installer from the automatically generated Mac accessible volume (Microsoft UAM Volume) on the Windows server.
Once the installation is complete you will have the ability to use the NT authentication.
In this case, the connect to server dialog is looks like this:
If your company’s network is protected with a firewall,
you will have to open a couple of ports on it to allow the
communication mentioned above.
The ports are:
-AppleTalk: PORT 548 (TCP) for AppleTalk session----for Mac clients
-NetBIOS: PORT 139 (TCP) for NetBIOS session (NET USE)----for Windows clients
By opening the above ports you are dramatically weakening the security of your system.
We suggest putting the Windows NT Server into a separate domain to prevent intruders from accessing the entire network.
The protection of a Windows machine from intruders is beyond the scope of this document, since there are entire books dedicated to this single issue.
How to verify
the connection and TCP/IP settings
On Windows, you can ‘ping’ the target computer using the ping command line utility. For the complete syntax of the command type ‘ping /?’ To the command line and hit the enter key.
Example:
C:> Ping www.apple.com 17.254.0.91
Pinging www.apple.com [17.254.0.91] with 32 bytes of data:
Reply from 17.254.0.91: bytes=32 time<10ms TTL=128
Reply from 17.254.0.91: bytes=32 time<10ms TTL=128
Reply from 17.254.0.91: bytes=32 time<10ms TTL=128
Reply from 17.254.0.91: bytes=32 time<10ms TTL=128
Ping statistics for 172.16.2.34:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
To find out the IP address of your computer see the property of the TCP/IP Protocol or type IPCONFIG to the command prompt.
Example:
C:>IPCONFIG
Windows 2000 IP Configuration
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 172.16.254.165
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . : 172.16.0.1
On the Macintosh:
Since the MacOS does not include IP diagnostic utilities such as ping you have to download one from the Internet.
Some Macintosh programs with ping capability:
What Route:
http://crash.ihug.co.nz/~bryanc/whatroute-17-ppc.hqx
IP Net Monitor:
http://www.sustworks.com/site/prod_ipm_download.html
Please also check your computer’s IP address by opening the TCP/IP control panel.
Page last updated: Thursday, June 10, 2004
