NetSentinel-C Network Locks

RAM International
5225 Avenida Encinas Suite E
Carlsbad, CA 92008
Telephone: (760) 431-3610
Toll Free: (800) 726-7789
Fax: (760) 431-5214

Table of Contents
1

ii

Network Lock Utilities

1.1

The NetSentinel Security Server

1.2

RAM Security

1.3

Monitor (WINMON)

1.4

RAM Safe Utility

12

1.5

NetMedic

15

1 NetSentinel-C Lock Utilities

There are five utility programs that work in conjunction with the Net-C network lock:
1. Security Server - a background program that acts as a license manager for the
network lock.
2. RAM Security - a utility that allows you to view the number of active licenses on
the network lock.
3. Monitor - a program that allows you to view how many licenses are currently
checked out and release licenses from users in the event of an accidental disconnect.
4. RAM Safe - a utility used to update the lock remotely when you purchase
additional licenses.
5. NetMedic a utility provided by Rainbow Technologies to troubleshoot
communication problems with a network lock.
Please note that these utilities refer to the network lock as a key and that lock
and key may be used interchangeably throughout this chapter.

1.1

The NetSentinel Security Server

The Security Server is a background program that is responsible for tracking license
usage and processing queries submitted by the protected products of RAM
International. This Server must be running on your network in order for the RAM
International products to run.
1.1.1

Server Command Line Options

When running the Security Server, the following command line options can be used to
specify options for the server application. When and where you should use them is
described under the sections for each operating system.
/N:<string>
/BI:<num>
/W:<string>
/AT:<nnn>
/ST

1.1.2

Sets the name displayed by the Monitor program for this server.
Overrides TCP/IP default broadcast mask (255.255.255.255).
Specifies password for the Delete User License feature.
Sets the timing delay in Milliseconds between each instruction sent to the
NetSentinel key. Default is auto-detection(/AT:0), but for Novell file
servers running on a fast system, /AT:50 or /AT:100 is recommended.
Uses the strict time-out feature, which revokes a network license if the
license has not queried the server for more than 15 minutes.

Running the NLM Server

This version of the Security Server (NSRVNI.NLM) runs as a NetWare Loadable

Module (NLM) that can be loaded and unloaded without rebooting the file server. The
3

Security NLM Server supports IPX/SPX only. You can run the program from
AUTOEXEC.NCF or from the system console.
To load the Security Server from the system console:

1. Connect the network lock to a parallel port on your server.

Load the server program from the command line by typing load followed by the
Security Servers full pathname and any desired command line options. (The NSRVNI
file is located on the RAM Structural System CD-ROM in the \Hardware Locks\NetC\Servers directory.) For example, the following command loads the Security Server
from the search path of the file server and sets the name of the server to SERVER1:
load nsrvni /N:SERVER1
To run the Security Server automatically whenever the file server is booted:

1. Connect the network lock to a parallel port on your server.

1.

Add a line to load the server program, including any desired options, to the file
servers AUTOEXEC.NCF file.

2.

Reboot the file server.

To stop the server program:

At the command prompt, type unload followed by the server programs name. The
Security Server will tell you if there are any licenses in use, and will ask for
confirmation before unloading.
1.1.3

Running the Win32 Server

The Win32 Security Server (NSRVGX.EXE) supports NetBIOS, NetBEUI, NWLink

(Microsoft IPX/SPX compatible protocol) and TCP/IP protocols. The Win32 Server
supports whatever NetBIOS transports are installed under the NetBIOS interface. More
than one NetBIOS may be present at the same time.
To run the Win32 Security Server program:

1. Connect the network lock to a parallel port on your server.

2. From the Start Menu, select Run
3. Type NSRVGX, preceded by its path and followed by any command line
parameters. For example, if you accepted the default directory, and you want to set
the Release User License password to Password you would type:
c:\Program Files\Ram\Locks\nsrvgx /W:Password

To unload the Win32 Security Server, simply close the program.

The Hardware Lock Installation Program puts a link to the Win32 Security Server
program in the startup group so that it will start up automatically when the computer
boots up. If it does not start up on reboot, follow these steps to add it to your startup
group.
To place the Security Server in the Startup Directory:

1. Go to Start Settings Taskbar.

2. Select the Start Menu Programs tab and click Add.
3. When prompted for the location of the item to add, click Browse and browse to the
nsrvgx.exe file, which should be in the Ram\Locks directory.
4. Once the name of the file is in the Create Shortcut dialog box, click Next.
5. In the Select Program Folder dialog box, scroll down and select the Startup folder.
6. Click Next.
7. In the last dialog box, click Finish.
1.1.4

Running the Windows NT/2000/XP Server

This version of the Security Server (NSSRVICE) runs as a service for Windows NT,
Windows 2000 and Windows XP. Like the Win32 Server, this security service supports
NetBIOS, NetBEUI, NWLink, and TCP/IP protocols.
The Network Lock Utilities Installation program automatically installs and starts the
Security Server Service when it is installed on a computer running Windows NT, 2000
or XP. The following instructions are provided in case it is necessary to manually
install or uninstall the service.
Note: You must install the Windows Network Lock Driver to run the Security
Server service.
To install the Security Server as a service:

1. Run the Nssrvice.exe executable at the command prompt with the /I option along
with any other desired command line options, i.e. NSSRVICE /I /N:Server1
/W:Password.
2. After installation, a registry entry for NetSentinel service is created under:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services

3. By default, the service is set up to run automatically the next time you reboot your
system. No user logon is required, unless desired.
To control the NetSentinel service after installation:

After the service has been properly installed, you may reboot your system to start the
NetSentinel service automatically at system boot time. You can also use either the NET
command or the Service applet in the Control Panel to manually control the service.
To use the NET command method, type the following commands at the command
prompt:
5

NET START NETSENTINEL

NET STOP NETSENTINEL

- Starts the service

- Stops the service

To use the Service applet in Control Panel:

1. From the Control Panel, select Services (or Administrative Tools, then Services
if running Windows 2000 or XP). The Services dialog box appears.
2. Select NetSentinel Service.
3. Press the Start or Stop button to start or stop the NetSentinel NT service.
To uninstall the NetSentinel service:

1. Stop the NetSentinel service using either the NET command method or the Services
applet as described above.
2. Run the NSSRVICE.EXE executable with the /U option, i.e. NSSRVICE /U, to
uninstall the service.
3. The registry entry for NetSentinel service under
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services will be
removed after uninstall.

1.2

RAM Security
The RAM Security program allows you to view the status of your lock. While
WINMON will show you how many licenses are in use, RAM Security will show you
how many licenses of each module you actually own.
A shortcut should have been placed on your desktop during installation of the hardware
lock utilities. You can also start this program from the Start Menu by selecting Start Programs - Ram RAM Security.
To view or activate a module, run RAM Security, select the appropriate lock type from
the View menu and follow the instructions in the RAM Security online help for viewing
and activating licenses.

1.3

Monitor (WINMON)
The NetSentinel Windows Monitor program, WINMON, allows you to view the status
of all security servers on your network and their keys, products, and users. You can
view the last access time per user and release licenses from users in the event of an
accidental disconnect. Note that you may establish a password to restrict the use of
the Delete User License feature.

The Monitor program can be customized to your network through the Edit Monitor Map
feature. You may identify the servers by name and protocol, and map to individual keys
(if you have more than one network key), products, and/or users.
The WINMON program runs on a 32-bit Windows workstation. However, the program
can communicate with DOS, NLM, Windows 95/98, and Windows NT/2000 servers.
Although the installation program installs all of the hardware lock utilities on the
network lock server, WINMON can be run on any workstation on the network. To
install this program on a workstation, simply copy the entire contents of the Monitor
folder, or run the Network Lock Utilities installation program and only select the
Monitor component.
1.3.1

Starting the Monitor

Launch the WINMON program as you would any Windows application. A shortcut has
been placed on your desktop for convenience. You can also start the program by going
to the Start Menu - Programs Ram - Locks and selecting the Monitor program. The
monitor first searches for the mapping file (MAPFILE.TXT) to verify which servers
were accessed during the previous session. Then the NetSentinel Monitor screen
should appear.

1.3.2

Viewing the Monitor Screen

The NetSentinel Windows Monitor screen allows you to view the status of all
NetSentinel servers and their keys, products, and users, as defined in the following
paragraphs. We have customized the mapping file to display key and product
information specific to RAM International. For additional mapping information, please
refer to Section 1.3.9.

Server

The name assigned to a Security Server on this network. In addition, the Server
information can include the version, protocol, and node/workstation addresses.

Key

A list of all NetSentinel keys you have currently assigned to the server. If a specified key
supports individual products, the Product list box will be enabled and the keys products
will be selectable. If the key does not support any products, or if All Keys is selected,
the Product list box will be disabled.

Product

A list of products for a specific key. All users assigned to the products are displayed in
the Users list box.

Users

A list of users assigned a license for the specific product mapped to a specific server.
The Last Access Time column details the last time the user accessed the license. The
last access time is given in timer ticks. If the user no longer needs access to the license,
you can delete the license from the user by selecting the user and pressing the Delete
User License button. You only need to release the users base license associated with
their active session. All associated sublicenses will be deleted automatically. See item 3
in Section 1.3.6 for more information on base and sub licenses.

It is recommended that a password be required to access the Delete User License

function. If a password is not set, the server will not require a password to delete
licenses. For additional information, please refer to Server Command Line Options in
the Security Server section.

In addition, you may perform the following actions:

Option

Description

Edit Mapping File

Provides access to the WINMON Mapping

feature. A system administrator can customize
the monitor and map servers, keys, products, and
users.
Updates the display with any new information
entered in the Edit Mapping File.
Exits the Monitor program.

Update Display
Quit

1.3.3

Displaying Servers

1. On the NetSentinel Monitor screen, select the Server list box.

2. Select the server by name or view All Servers. You can view the name of the keys,
products, and users mapped to the specific server.
1.3.4

Displaying Keys

1. On the NetSentinel Monitor screen, highlight the Key list box.

2. Select the key by name or view All Keys. You can view the name of the products
and users mapped to the specific key.

1.3.5

Displaying Products

1. On the NetSentinel Monitor screen, highlight the Product list box

2. Select the product by name or view All Products. You can view the name of the
users mapped to the specific product.
1.3.6

Displaying and Deleting Users

To display all users:

1. The Monitor program does not automatically update information to the screen. To
view the list of current users, from the NetSentinel Monitor screen, select your
server form the Server list box and click Update Display. From the dialog box that
appears, select Update the current server.
2. After the information is updated, select the server, key, and/or product from their
respective list boxes to filter the users listed in the Users list box.
3. Note that each time a RAM Structural System module is opened by one of the
workstations, that user is assigned a unique base license, (indicated by B: before
the users name in the Users list box) indicating that they have access to the lock,
and a sublicense (indicated by S: before the users name in the Users list box) for
that particular module. However, if the user is running either RAM Frame, RAM
Steel, or RAM Foundation, they will receive a sublicense for both that module and
for the Modeler since the Modeler accompanies these modules. The Security Server
then decrements the total licenses available for the appropriate modules.
To delete a users license:

1. Once you have determined which users license to delete, click on their base license
and select Delete User License.
2. If the user has since obtained a new license so that they appear to have two base
licenses assigned to them, the invalid license is generally the one with the smaller
Last Access Time. The one situation when this is not the case is when the last
access time has reached the maximum number of time ticks and has started over
from zero.
Any sublicenses associated with the base license will automatically be deleted.
Note: If a users active license or sublicense is deleted by accident, they will be
forced to exit out of whichever protected module they are running. If they are
running the Modeler, they will be given the opportunity to save first.
1.3.7

Setting Up the Monitor

You can customize the monitor to identify the specific servers, keys, products, and
users for your network. If the mapping file is not customized, the monitor will display
9

users by their workstation number, keys by their Developer ID, and products by their
sub-licenses. RAM International has already customized the mapping file to identify
the key and products by name. It is strongly recommended that you customize the
mapping file to display users by name, rather than by their workstation ID number in
order to efficiently utilize the Delete User License feature. However, if your network
is using TCP/IP and the users IP Address is showing in the Monitor program, you must
have static IP Addresses in order to map them to a users name.
The information entered in each field will filter information in the other fields. For
example, the Server field will filter information in the Key, Product, and Users fields to
reflect the status of a specific server. If All Servers is selected in the Server field, all
the keys will be displayed.
The Key field will filter information displayed in the Product and Users fields. Since the
key you will be using supports multiple products, the Product field will display the
different RAM Structural System modules supported.
To Set Up the Monitor:

1. From the NetSentinel Monitor screen, click on Edit Mapping File.

2. The Edit Monitor Map screen appears.

1.3.8

Viewing the Edit Monitor Map

Transport Type

A type of protocol to search for servers.

Server Name

A name assigned to the Security Server. It must be NETINEL.

Search Limit Decimal

The maximum of number of Security Servers to search for a specific Server Name. The
maximum number of servers is 5.
10

Key Name

A name of the NetSentinel key currently assigned to the server.

Key ID Hex Value

The Developer ID for a specific key.

Product Name

The product name assigned to a product or license.

App ID Decimal

The sub-license assigned to a specific product.

User Name

The name you assigned to a workstation ID.

Workstation ID Hex

The workstation used by a specific user. Depending on the protocols used on the
network, this number may be the unique hex number assigned to the workstation, or the
IP address of the workstation.
The options on the Edit Monitor Map screen are as follows:
Command

Description

Add

Adds the name to the selected field.

Delete

Deletes the name from the selected field.

Returns the list in a selected field to the previous
name.
Moves the list in a selected field to the next name.
Saves the changes to the Edit Monitor Map
screen.

Previous
Next
Save Map
Done

1.3.9

Returns to the NetSentinel Monitor screen.

Editing the Monitor Map

You may add and delete information on the servers, keys, products, and users whenever
needed, however you should only need to edit the user information. Numerous changes
can be entered without exiting the screen. However, you must be sure to save the
changes when you exit the screen.
To save your changes and exit, click on Save Map, and then click on Done. You will
return to the NetSentinel Monitor screen. Click on Update Display to view the changes
from the Edit Monitor Map screen.
NOTE: The Edit Monitor Map screen does not update until you check the Update
Display button.

11

Editing the User Name List Box

To Add a User:
1. After a new user has opened one of the RAM modules, select Update Display from
the bottom of the NetSentinel Monitor screen. The users Workstation ID number
will appear in the User List Box.
2. Make note of the users Workstation ID.
3. Select Edit Mapping File from the bottom of the NetSentinel Monitor screen.
4. Select the User Name list box. Click on the Next button near the Workstation ID list
box until User Name? appears.
5. Enter the name of the user in the User Name list box. Click on Add.
6. Enter the Workstation ID associated with the user.
7. Click on Save Map, then click Done.
8. From the NetSentinel Monitor screen, select Update Display. The users name
should replace their Workstation ID number in the User List Box.
9. Continue in a similar fashion for the remaining users.
To Delete a User:
1. Select the User Name list box. Click on the Next or Previous button near the
Workstation ID list box until the specific name and workstation ID appear.
2. Click on Delete.

1.4

RAM Safe Utility

Keep in mind that the network lock is referred to as a key by this utility. The terms
lock and key will be used interchangeably.
The RAM Safe Utility is a program that facilitates updating the network lock once
additional licenses have been purchased. In order to update the network lock that is
protecting any RAM International products, you must provide information about the
key to RAM International. The RAM Safe program displays the specific information
about your lock in the form of a Key ID string. You must communicate this string to a
RAM International associate by telephone, fax or e-mail. You will then receive a
corresponding Update Key string to enter into the RAM Safe program. Then RAM
Safe will reprogram the network lock with the encrypted information in the string.
NOTE: If the network lock is updated using RAM Safe, the Security Server will
need to be restarted before you can continue to access the RAM Structural System
modules.
1.4.1

About Key ID Strings

Key ID strings are character strings that are unique for every key. If you have more
than one network lock, you must run RAM Safe separately for each lock. The Key ID
12

string generated for the key, and the Update Key string you get back for the key, will be
different.
Key ID strings also change every time you run RAM Safe. Do not write down the
string the first time you run RAM Safe and expect to use it again the next time you
upgrade you license count.
1.4.2

Starting RAM Safe

To launch the RAM Safe program you can either use the shortcut that was placed on the
desktop by the installation program or go to the Start menu. Select Programs - Ram
Locks - RAMSafe. The RAM Safe screen appears. Alternatively, RAM Safe can be
launched from the Network Lock Status dialog box in RAM Security.

1.4.3

Displaying the Key ID String

You can communicate your Key ID string to a RAM International associate via
telephone, fax, or electronic mail (KeyUpdate@ramint.com).
To display the Key ID string:

1.
2.
3.
4.

Verify that your network lock is attached to your computers parallel port.
Launch RAM Safe.
Select Find Key from the buttons along the bottom of the screen.
RAM Safe finds the lock and displays the Key ID string in the Key ID field.

If the message No Sentinel Devices found! appears, make sure the key is firmly
attached to the parallel port, and then try again.
Choose one of the following:
1. Read the Key ID string to a RAM International associate over the telephone.
2. Save the Key ID string to a file. To do so, select Save Key ID. When the directory
window appears, accept the default file name (KEYID.IDN) or rename the file.
Later, you can e-mail or fax this file to RAM International.
Wait to continue the update process until you receive the Update Key string.
13

Note: If you must exit the RAM Safe program before entering the Update Key
string, a new Key ID will be displayed when you re-select the Find Key command.
However, the Update Key will still update your key correctly.
1.4.4

Sending the Key ID String to RAM International

To fax the string to RAM International:

1. Access the Key ID file with a word processing program and print it out.
2. Be sure to include your companys name on your fax and specify whether you
would like to receive the Update Key string via telephone, fax, or e-mail.
3. You can fax your Key ID string to (760) 431-5214.
To e-mail the string to RAM International:

1. Attach the Key ID string file to your e-mail message.

2. You e-mail message should specify your companys name and whether you would
like to receive the Update Key string via telephone, fax, or e-mail.
3. Send you e-mail message to KeyUpdate@ramint.com.
1.4.5

Receiving the Update Key String

Someone at RAM International will read an Update Key string to you over the
telephone, or send it to you via fax or e-mail, depending on your specifications. You
will then enter this string into RAM Safe, so RAM Safe can update your network locks
memory with the new license information.
To update the network lock:

1. If you exited from RAM Safe since you displayed the Key ID string, re-launch
RAM Safe and select Find Key. In the Update Commands field of the RAM Safe
screen, carefully type the Update Key string as given by RAM International. If the
Update Key string is stored in a file, leave the Update Commands field blank.
2. Select Update Key.
3. Warning
Only one hardware lock should be attached to your parallel port
during the Update. Specifically, updating NetSentinel (network) locks that are
cascaded will result in damage to the keys. If you are updating more than one key,
you must run RAM Safe separately for each key.
4. Choose From Command Window (if you have typed the string in) or From File
depending on the location of the Update Key string.
5. Select OK. The update process requires up to a minute to complete.
6. When Update Successful appears, click OK and select Exit from the File menu.
If the update fails:

1. Select Restore to return the keys memory to its original contents. (The Restore
option will be active only if the update failed.)
14

2. Verify that the lock is securely attached to a parallel port.

3. Retry the operation.
NOTE: After updating the network lock, you will need to restart the Security
Server before you will be able to access the RAM Structural System modules.

1.5

NetMedic
The NetMedic Utility is a diagnostic program that can help assess communication
problems with the network lock. If the network lock is installed correctly and can be
accessed by one or more workstations, but a particular workstation is unable to access
the network lock, it may help to run the NetMedic from the workstation that is having
trouble and compare the results with those from a workstation that is not having trouble.
To start NetMedic, select Programs - Ram Locks - NetMedic. The NetMedic
screen appears:

To run the NetMedic:

1. Enter 67ED for the Algo ID in Hex.
2. The Dept Name should be NETINEL.
3. If you have only 1 NetSentinel Security Server running on your network, enter 1 for
Max Servers; otherwise, enter a number between 2 and 5.
15

4.
5.
6.
7.

The Key Type should be Net C.

Check all protocols except Local.
Click Run Diagnostic.
After the program has finished searching your network, click on the disk icon in the
upper left-hand corner to save the results to a file.

The results can be sent to support.locks@ramint.com for evaluation. Be sure to include

a brief description of the problem you are having, including the operation system
running on all machines involved, and if possible, the IP address of the computers
involved (i.e. the server, a workstation that is working, and the workstation that isnt
working).

16

RAM Network Locks

Index
M
Monitor, 6
Customizing the Monitor, 9
Displaying and Deleting Users, 9
Editing the Monitor Map, 11
Starting the Monitor, 7
Viewing the Monitor Screen, 7
N
NetMedic, 15
Network Locks
Future Purchases, 12
R
RAM Network Security, 6
RAM Safe Utility, 12
Key ID Strings, 12
Sending the Key ID String to RAM, 13
S
Security Server, 3
Command Line Options, 3
NLM Server, 3
Win32 Server, 4
Windows NT/2000/XP Server, 5

17