
---------------------------
Resharing Network Resources
---------------------------

Overview
--------
A redirected network device can be reshared by the Windows NT server.
For example, if X: is mapped to NWSERVER\VOL1:DIR on machine A, it is
possible to create a Windows NT share, say FOO using X:\ as the path.
A client can now access NWSERVER\VOL1:DIR via \\A\FOO.

This feature is DISABLED by default and can be enabled by setting the
following registry parameter:

  HKEY_LOCAL_MACHINE
      System
         CurrentControlSet
             Services
                 LanmanServer
                     Parameters -> set value "EnabledSharedNetDrives"
                                   to be 1 (this is a DWORD value)

The server service must be stopped and restarted before this change
takes effect.

Restrictions
------------

This feature requires upgrade to Windows NT CSD #003 or later. This
CSD contains a bugfix which is required for this feature to work
properly.

The Windows NT server will not allow resharing of another Windows NT
share. In the example given earlier, if X: is redirected to
\\NTSERVER\SHARE, then it cannot be reshared.

Implementation Issues
---------------------

When using the resharing capabilities of Windows NT, several issues
should be taken into consideration. This section discusses the issues
related to implementing a 'Gateway'.

Firstly, Windows NT Server shares are remembered when created and are
recreated every time the server starts up. This information is stored
in the registry of the machine the server runs on, and hence are per
machine. However, network drives created by any logged on user are
reestablished whenever that user logs on, and hence are per user. As
such, any gateway component that wishes make use of the resharing
capabilities must take the responsibility of reestablishing the
redirections for the server to reshare, and not rely on a user logon.
Typically, this is implemented by having a Windows NT service create
the redirections during system startup.

Note that services are started asynchronously in Windows NT, so the
implementor should take additional steps to ensure that his service
is done with recreating the redirections before the Server starts up.
This can be achieved by making the Server service depend on the
gateway's service (only if the gateway capability is actually used).

Since the gateway component takes responsibility for creating the
redirections, the implementation must provide its own UI, and NOT
rely on the File Manager or NET USE to make such redirections (since
redirections made by the system provided UI are per user). Any drives
used by the gateway will not be available for user redirections, so
the UI supplied should suggest drives the user is not likely to use
(eg from Z:).

The gateway should also provide its own UI to create/delete any
gateway shares. This can be done by calling the NetShareAdd and
NetShareDel APIs. You cannot create such shares from File Manager,
and the ability to do so from NET SHARE has been removed in CSD003.
This is one of the gateway-related fixes, made to alleviate the
potential confusion created by "normal users" sharing drives they
created, valid only for the duration of their logon sessions.

It is up to the implementor of the gateway to decide what credentials
to use when a client accesses the resource (NWSERVER\VOL1:DIR in the
example above) via the gateway share. How this is done will depend on
the security model used by the gateway network. Note that ACLs can be
attached to the gateway share (like any other Windows NT share) to
control access at the share level.

