Client Access Services provides Microsoft-compatible networking that lets Windows workstations interoperate with the ClearPath MCP environment similarly to Windows Servers. Client Access Services has the following main features:

File Shares

MCP supports two types of file shares: Normal and Public. Share access can be limited to specified users, groups of users, and IP addresses. Shares can be specified as read-only, which prevent modification to the files accessed using the share.

File access using normal file shares follows the standard MCP file security model. Public shares have a different paradigm, where all users with access can create, rename, and remove files.

Redirector

MCP uses Redirector to connect to other systems. For more information on this feature, see the Client Access Services User Guide.

Authentication

Users are authenticated in both directions (connecting into or from the MCP) using one of the standard Windows algorithms: LM, NTLM (also called NTLMv1), NTLMv2, or Kerberos. The protocol selected for authentication is negotiated between the Windows system and the ClearPath MCP, and is dependent on several factors such as the Windows local security policy and MCP security options. The LANMANLEVEL security option controls the permitted Windows authentication protocol levels.

Signing

Client Access Services interoperates with the Microsoft network protocols which enable digitally signed communications. Security options are available to configure both client and server signing.

For more information, see the Client Access Services User Guide and the Client Access Services Administration Guide.

Logging

Client Access Services logs all session establishment and security violations to the system sumlog. Client Access Services can optionally log successful share accesses and can be configured at the system level or as a share attribute.