JSC 36381

MARCH 30, 2000

Baseline

iii

INTERNATIONAL SPACE STATION

Operations Local Area Network (OPS LAN)

Interface Control Document

02/00

The contents of this document are intended to be consistent with the tasks and products
to be developed by International Space Station participants. The SSC Operations Local
Area Network (OPS LAN) Interface Control Document shall be implemented on new
activities and may be implemented on existing projects by an authorized change
request. Implementation is performed by the Station Support Computers (SSC) project.
This document is under the control of the Station – Portable Onboard Computer
Control Board (S-POCCB) and any changes shall be approved by the Chairman or
delegated authority.

Prepared by

___________________________

George S. Dobek

United Space Alliance

Engineer

Station Support Computers

Approved by

___________________________

Neil A. Woodbury

National Aeronautics and Space Administration

Chairman

Station–Portable Onboard Computer Control

Board

___________________________

Mark L. Swaby

United Space Alliance

Lead Engineer

Station Support Computers

JSC 36381

MARCH 30, 2000

Baseline

INTERNATIONAL SPACE STATION

Operations Local Area Network (OPS LAN)

Interface Control Document

02/00

SUPPORT POLICY

Independent network users of the Operations Local Area Network (OPS LAN) are
strongly encouraged to supply the Station Support Computer (SSC) engineering staff
their task-specific software for integration into the applicable SSC software load.
Benefits lie in ensuring crew familiarity with a standard load and providing software
redundancy, as the SSC client load will reside on multiple laptops.
If approved by the Station – Portable Onboard Computer Control Board (S-POCCB) to
connect a uniquely configured payload laptop to the OPS LAN, network users are
obligated to rigorously adhere to guidelines contained within this document. Network

users must not assume that SSC engineers will be available to troubleshoot or repair
network anomalies associated with uniquely configured payload laptops.

JSC 36381

MARCH 30, 2000

Baseline

vii

INTERNATIONAL SPACE STATION

DL42 / Station Support Computers

Operations Local Area Network

Interface Control Document

02/00

Table Of Contents

1 OVERVIEW........................................................................................................1-1

1.1 Topology.................................................................................................................................1-1
1.2 Networking Protocols ..........................................................................................................1-1

1.2.1 NetBEUI ............................................................................................................................1-1
1.2.2 TCP/IP ..............................................................................................................................1-1

1.3 Network Devices...................................................................................................................1-2

1.3.1 File Server .........................................................................................................................1-2
1.3.2 SSC Clients........................................................................................................................1-2
1.3.3 Early Communication System/Orbital Communication Adapter (ECS / OCA) ..1-2
1.3.4 Orbital Communication Adapter (OCA) Router ........................................................1-3
1.3.5 Mass Access Computer Equipment (MACE) ..............................................................1-3
1.3.6 Printer................................................................................................................................1-3

1.3.6.1 File Server Parallel Port ............................................................................................1-3
1.3.6.2 IP Addressable Printing ...........................................................................................1-3
1.3.6.3 Direct LPT Hookup...................................................................................................1-3

1.3.7 RF Access Point................................................................................................................1-4
1.3.8 Other Network Devices ..................................................................................................1-4

1.3.8.1 Medical Equipment Computer (MEC)...................................................................1-4
1.3.8.2 Bar Code Reader........................................................................................................1-4
1.3.8.3 Video Teleconferencing Machine (SSCVT)............................................................1-4

1.4 RF CONNECTIVITY............................................................................................................1-4

1.4.1 RF Network Adapter.......................................................................................................1-5
1.4.2 RF Access Point................................................................................................................1-5

1.5 CABLED CONNECTIVITY ................................................................................................1-5

JSC 36381

MARCH 30, 2000

Baseline

viii

2 STANDARDS....................................................................................................2-1

2.1 Timekeeping Standard ........................................................................................................2-1
2.2 Device Naming Convention ...............................................................................................2-1

2.2.1 Windows NT Domain.....................................................................................................2-1
2.2.2 Devices ..............................................................................................................................2-1
2.2.3 Windows Networking Workgroups.............................................................................2-2
2.2.4 Drive Sharing ...................................................................................................................2-2

2.2.4.1 File Server Hard Drive Sharing...............................................................................2-2
2.2.4.2 File Server CD Drive Sharing ..................................................................................2-2
2.2.4.3 Client Hard Drive Sharing .......................................................................................2-2
2.2.4.4 Client CD Drive Sharing ..........................................................................................2-2

2.3 Drive Mapping Summary ...................................................................................................2-3
2.4 Home Directory Policy.........................................................................................................2-3
2.5 TCP/IP Communication.......................................................................................................2-4

2.5.1 Subnet Mask .....................................................................................................................2-4
2.5.2 Default Gateway ..............................................................................................................2-4
2.5.3 HTTP Information Protocol ...........................................................................................2-4
2.5.4 Internet Accessibility.......................................................................................................2-4

2.6 Radio Frequency (RF) Networking....................................................................................2-5

2.6.1 RF Setup ............................................................................................................................2-5
2.6.2 RF LAN Parameters ........................................................................................................2-5

2.7 Network Database ................................................................................................................2-5
2.8 CD-ROM Recording Issues.................................................................................................2-5
2.9 3Com Etherlink III LAN PC Card Configuration...........................................................2-5
2.10 Further References..............................................................................................................2-5

3 OPERATION SUPPORT .................................................................................3-1

3.1 OPS LAN CAPABILITIES...................................................................................................3-1

3.1.1 Procedures Viewing ........................................................................................................3-1
3.1.2 Timeline Events Viewing................................................................................................3-1
3.1.3 Databases Access and Management .............................................................................3-2

JSC 36381

MARCH 30, 2000

Baseline

3.1.3.1 IMS...............................................................................................................................3-2
3.1.3.2 HazMat .......................................................................................................................3-2

3.1.4 Crew Mail (E-Mail) Handling........................................................................................3-2
3.1.5 General Network Support..............................................................................................3-3

3.1.5.1 OPS LAN Time Synchronization ...........................................................................3-3
3.1.5.2 File Server Data Backup ...........................................................................................3-3
3.1.5.3 Printing .......................................................................................................................3-3

3.1.6 Hosting Crew Support Applications ............................................................................3-3
3.1.7 Web-based Services Support..........................................................................................3-3

3.1.7.1 Inventory Management System (IMS) ...................................................................3-4
3.1.7.2 Execute Package (EP)................................................................................................3-4

3.2 FILE SERVER SERVICES ...................................................................................................3-4

3.2.1 Activity Record Manager (ARM) ..................................................................................3-4
3.2.2 Computer Browser ..........................................................................................................3-4
3.2.3 Internet Information Server (IIS) Admin Server .........................................................3-4
3.2.4 Messenger .........................................................................................................................3-4
3.2.5 Microsoft SQL Server ......................................................................................................3-4
3.2.6 Norton AntiVirus Auto-Protect.....................................................................................3-5
3.2.7 Net Logon .........................................................................................................................3-5
3.2.8 PC Card Director .............................................................................................................3-5
3.2.9 Procedure Manager (PM) ...............................................................................................3-5
3.2.10 Schedule ..........................................................................................................................3-5
3.2.11 Ultrabac ...........................................................................................................................3-5
3.2.12 Windows Internet Naming Service (WINS) ..............................................................3-5

3.3 Operational Issues ................................................................................................................3-6

3.3.1 Web Browser Security Policy.........................................................................................3-6

4 ADMINISTRATION........................................................................................4-1

4.1 Administrator Accounts.......................................................................................................4-1
4.2 User Accounts ........................................................................................................................4-1
4.3 Services Accounts..................................................................................................................4-1

JSC 36381

MARCH 30, 2000

Baseline

4.4 Special Purpose Accounts ...................................................................................................4-1

4.4.1 KFX ....................................................................................................................................4-1
4.4.2 OCAGround .....................................................................................................................4-1
4.4.3 Guest Account..................................................................................................................4-2

4.5 Groups.....................................................................................................................................4-2

4.5.1 Global Groups ..................................................................................................................4-2
4.5.2 Local Groups ....................................................................................................................4-2

4.6 Sharing Resources.................................................................................................................4-3
4.7 NTFS Permissions.................................................................................................................4-3
4.8 File Server Security...............................................................................................................4-6

4.8.1 FAT16 Partition (C: Drive) .............................................................................................4-6
4.8.2 NTFS Partition (D: Drive)...............................................................................................4-6

4.9 Client Security .......................................................................................................................4-7
4.10 Logon Scripts .......................................................................................................................4-7
4.11 Scheduled Events................................................................................................................4-8

4.11.1 OPS LAN Time Synchronization.................................................................................4-8
4.11.2 Updates Unpacker.........................................................................................................4-8

4.12 Virus Scanning ....................................................................................................................4-9
4.13 User Profiles and System Policies ...................................................................................4-9
4.14 Trust Relationships ............................................................................................................4-9
4.15 User Rights Policies..........................................................................................................4-10
4.16 Auditing..............................................................................................................................4-12
4.17 File Backups .......................................................................................................................4-12
4.18 Software Updates..............................................................................................................4-13

4.18.1 Autoloader....................................................................................................................4-13
4.18.2 Late Update Disk .........................................................................................................4-13
4.18.3 Real Time Update ........................................................................................................4-13

4.19 Software Distribution ......................................................................................................4-14

JSC 36381

MARCH 30, 2000

Baseline

Appendices

HARDWARE TECHNICAL DATA.................................................................A-1

A.1 ThinkPad Model 760 - Technical Guide & Configuration .........................................A-1

A.1.1 BIOS .................................................................................................................................A-1
A.1.2 ThinkPad Type 9546/9547 – Features and Locations ..............................................A-1
A.1.3 SSC IRQ Plan..................................................................................................................A-1
A.1.4 CMOS Settings ...............................................................................................................A-1

A.2 Calluna PC Hard Card .......................................................................................................A-2
A.3 3Com Network Card...........................................................................................................A-3
A.4 Proxim RangeLAN2 Model 7400 RF Network Adapter...............................................A-4
A.5 Proxim RangeLAN2 Model 7520 Access Point..............................................................A-5
A.6 Quatech DSP-200/300 Dual Channel RS422/485 PC Card...........................................A-5
A.7 Greystone Peripheral Type Adapter TA-50 ...................................................................A-5
A.8 SanDisk PC Card II ATA (85MB) ....................................................................................A-6
A.9 Adaptec 1460 SCSI Interface.............................................................................................A-6
A.10 Epson Stylus 800 Color Printer.......................................................................................A-6
A.11 Mass Access Computer Equipment (MACE)...............................................................A-7
A.12 Certified Recordable Compact Discs ............................................................................A-7

REFERENCES ...................................................................................................... B-1

B.1 SSC Engineering Staff........................................................................................................B-1
B.2 Technical Manuals ..............................................................................................................B-1
B.3 Related NASA Documents................................................................................................B-2
B.4 Related Web Sites................................................................................................................B-2

GLOSSARY.......................................................................................................... C-1

ACRONYMS........................................................................................................D-1

LAN CONFIGURATION DETAILS................................................................E-1

JSC 36381

MARCH 30, 2000

Baseline

xii

CHECKLISTS .......................................................................................................F-1

F.1 PAYLOAD CONFIGURATION CHECKLIST FOR OPS LAN CLIENT.................. F-1

Tables

ABLE

2-1 SSC C

LIENT

RIVE

APPING

UMMARY

....................................................................2-3

ABLE

4-1 OPS LAN GLOBAL GROUPS ..................................................................................4-2

ABLE

4-2 OPS LAN LOCAL GROUPS.....................................................................................4-3

ABLE

4-3 SHARED RESOURCE PERMISSIONS....................................................................4-3

ABLE

4-4 NTFS DIRECTORY-LEVEL PERMISSIONS...........................................................4-5

ABLE

4-5 NTFS FILE-LEVEL PERMISSIONS .........................................................................4-6

ABLE

4-6 USER LOGON SCRIPT FILE #1...............................................................................4-7

ABLE

4-7 USER LOGON SCRIPT FILE #2...............................................................................4-8

ABLE

4-8 REGULAR USER RIGHTS POLICIES...................................................................4-11

ABLE

4-9 SSC OPS LAN AUDITING POLICY.....................................................................4-12

JSC 36381

MARCH 30, 2000

Baseline

Introduction

Purpose

This document formally defines the Operations Local Area Network (OPS LAN) and all
operational interface requirements. The OPS LAN ICD provides details of the
network’s hardware, software, and connectivity configuration.

Scope

This document is directed toward OPS LAN developers and users, including, but not
limited to:

Station crewmembers

ISS project developers

Application programmers

Procedure writers

Mission support personnel

Responsibility and Change Authority

DL42/Station Support Computers (SSC) is tasked with the implementation and
administration of the OPS LAN. The Station-Portable Onboard Computers Control
Board (S-POCCB) is responsible for documentation support and coordination of all OPS
LAN operations. Signature and change authority belongs to and is delegated by the
S-POCCB Chairman.

JSC 36381

MARCH 30, 2000

Baseline

1-1

Overview

The OPS LAN Interface Control Document describes the architecture, operation and
management of the ISS operations laptop computer network. The OPS LAN is capable
of facilitating routine electronic data processing tasks, such as data transfer / storage,

procedure viewing, electronic mail (e-mail) and general office automation.

1.1

Topology

The OPS LAN uses a multipoint Ethernet bus topology for network communications. It

implements both the IEEE 802.3 (Standard Ethernet) and 802.11 (Radio Frequency)
connectivity standards. Prior to the arrival and installation of the U.S. Lab Coax
Ethernet at Mission 5A, network communication is restricted solely to RF.
Refer to the S-POCCB Manifest and Usage web page (see Appendix B.4) for details
about the OPS LAN topology for upcoming missions.

1.2

Networking Protocols

Networking protocols are collections of rules and procedures governing
communication among the computers and network devices (nodes) of the network. The
SSC OPS LAN utilizes NetBEUI and TCP/IP, as supplied by Microsoft, for network

communication protocols.

1.2.1

NetBEUI

NetBEUI (NetBIOS Extended User Interface) is a very fast but nonroutable protocol,
usually used on Microsoft networks. It is Microsoft’s extension of IBM’s NetBIOS
protocol standard. NetBEUI is self-tuning and self-configuring, and it is suitable for

small Local Area Networks, such as the OPS LAN. The NetBEUI protocol uses
NetBIOS broadcasts to locate other computers on the network; computers that are
not on the physical network (i.e., that require a router to reach), or that do not have a
NetBIOS name, are not accessible via NetBEUI.

1.2.2

TCP/IP

TCP/IP (Transmission Control Protocol / Internet Protocol) is the most common
network protocol in the world, and it is the current default protocol Windows NT
uses to connect to other systems. TCP/IP is a routable protocol; that is, a computer
need not be located on the local physical network to be accessed. Each OPS LAN
node is assigned a unique address, which is called the node’s IP address. Chapter 2
provides details about the network’s IP address scheme.

Chapter

JSC 36381

MARCH 30, 2000

Baseline

1-2

1.3

Network Devices

The structure of the OPS LAN will extend to include the File Server, various client
laptops, RF access points, a mass storage device, printers, routers. and any other device
that might need to interact with the network. The following sections describe devices
already planned for deployment. For the latest information about network devices and

their software content, consult the S-POCCB Manifest and Usage web page (see
Appendix B.4 ).

1.3.1

File Server

The OPS LAN File Server is an IBM ThinkPad 760XD laptop computer equipped
with the SSC server software load. The software load includes Microsoft’s Windows

NT Server operating system. Initially, the File Server will be located and operated in
the Service Module (SM). After Mission 5A, the File Server will be moved to the U.S.
Lab module and attached to a 10Base2 Ethernet cable. The SSC File Server may be
referred to by its assigned NetBIOS name, FServer.

1.3.2

SSC Clients

SSC OPS LAN Clients, like the File Server, are IBM ThinkPad 760XD laptops. SSC
Clients contain the SSC client software load, which includes Microsoft’s Windows
95b (OSR2). As early as Mission 2A.1, several network capable laptops will be left
aboard the ISS. These IBM ThinkPad laptop computers will communicate via RF
network adapter cards. After Mission 5A, when the majority of OPS LAN
components are be moved to the U.S. Lab, clients in the Service Module (SM) and
Russian FGB will continue to be serviced by RF network coverage. SSC Clients may
be referred to by their NetBIOS names, SSC1, SSC2, ..., SSC9.

1.3.3

Early Communication System/Orbital Communication Adapter

(ECS / OCA)

The Early Communication System laptop is an IBM ThinkPad 755C attached to an
on-site docking station in which the Orbital Communication Adapter (OCA) card
and Video Teleconferencing System (VTS) card are installed. It is configured with
an RF PC card to participate in OPS LAN activity. The configuration and software
capabilities of this laptop will be tailored for ECS functionality. At crew arrival, the
ECS/OCA is the primary mode of uplink and downlink between the ground and the
OPS LAN, transferring data at a rate of 128 KB/sec. in either direction. At Mission

5A.1, an OCA Router will arrive to provide true network communication between
the ISS and ground. Following the installation of the OCA Router, the ECS/OCA
will be relegated to a backup role, until it is offloaded from the ISS. The SSC
ECS/OCA may be referred to by its NetBIOS name, OCA1.

JSC 36381

MARCH 30, 2000

Baseline

1-3

1.3.4

Orbital Communication Adapter (OCA) Router

After Mission 5A.1, a router will replace the ECS/OCA to provide a true network
connection between the ground and OPS LAN. This means that ground personnel
will be able to log into the OPS LAN domain and participate in network activity.
This OCA Router will be an IBM ThinkPad 760XD mounted on an IBM SelectaDock
I docking station and connected to the coax backbone in the U.S. Lab. Uplink
transfer rates are expected to be on the order of 3 MB/sec. Downlink will be via the
Payload Downlink path and could be as high as 6 MB/sec. The OCA Router may be

referred to by its NetBIOS name, OCA2.

1.3.5

Mass Access Computer Equipment (MACE)

To accommodate increasing requirements for data storage, an array of high-capacity
SCSI storage devices will be connected to the File Server, in the U.S. Lab. In addition
to extra hard disk drives, the array will include CD, DVD and tape backup

technology. The MACE will arrive onboard on the ISS in the Mission 7A-8A
timeframe.

1.3.6

Printer

The primary OPS LAN printer is an Epson Color Stylus 800, which has been
modified for low gravity operation. Plans call for a backup printer, as soon as

manifesting constraints permit. Three possible methods of printing are anticipated:
over the network to the parallel port on FServer, directly to the printer through its

network IP address, or by attaching the printer to a local client.

1.3.6.1

File Server Parallel Port

Beginning at Mission 2R, an Epson Color Stylus 800, which has been adapted for
low gravity operation, will be cabled from its Centronics parallel port to the
parallel port on the OPS LAN File Server.

1.3.6.2

IP Addressable Printing

After the coax backbone is installed in the U.S. Lab, the Epson Color printer will
be connected to the network using its Epson Multiprotocol Ethernet Interface
card (Part #C823572). Utilities from Epson allow an OPS LAN client to directly
address and print to a networked Epson Color printer. The Epson Status
Monitor 2



utility detects the printer over the Ethernet. The Epson Net!



utility

configures the printer’s Epson Multiprotocol Ethernet Interface card for TCP/IP
communication.

1.3.6.3

Direct LPT Hookup

In extraordinary circumstances, the Epson printer might be detached from the
network and connected directly to a laptop’s parallel port.

JSC 36381

MARCH 30, 2000

Baseline

1-4

1.3.7

RF Access Point

After Mission 5A, two RF access points will be attached to the coax backbone in the
U.S. Lab. An access point is a MAC layer bridge that relays data packets between
devices on the coax backbone and RF nodes, which are primarily SSC Clients
equipped with RF network adapters. One access point utilizes a directional antenna
aimed down the central corridor of the ISS. The other access point, communicating
omnidirectionally with a dipole antenna, will be placed at the opposite side of the
U.S. Lab.

1.3.8

Other Network Devices

Other devices may be added to the OPS LAN to facilitate special projects, such as
medical experiments, inventory management, and payload operations. The SSC
Management Plan (See Appendix 0) provides potential users with guidelines for
petitioning the S-POCCB to modify the OPS LAN configuration. The following project

devices have been approved for OPS LAN connectivity.

1.3.8.1

Medical Equipment Computer (MEC)

Medical Equipment Computers are laptops configured for supporting the Crew
Health Care System (CHeCS). Periodically, a MEC will attach to OPS LAN as a
client device to transfer CHeCS data.

1.3.8.2

Bar Code Reader

The Inventory Management System (IMS) utilizes a number of handheld bar
code readers to scan and store information about most items aboard ISS. Bar

code readers are assigned unique IP addresses and communicate with FServer

applications via RF. If OPS LAN connectivity is unavailable, the bar code
readers may store inventory information for later upload to FServer.

1.3.8.3

Video Teleconferencing Machine (

SSCVT)

When the OCA Router replaces the ECS/OCA machine, Video Teleconferencing
will be lost. Hence, a new Video Teleconferencing Machine will be manifested at
5A.1 to assume this capability, with Early KU activation scheduled to occur

sometime between 5A.1 and 7A. For improved real-time operations relative to
video quality, the VT will be connected to the coax backbone in the U.S. Lab.

1.4

RF CONNECTIVITY

RF communication links, which operate in the 2.4 GHz frequency band (2.4 – 2.484
GHz), behave in the same manner as standard LAN cable bus topology. Advertised
throughput via RF PC cards is 12MB/min; actual data throughput is predicted to be
between 3.5 and 5.5 MB/Min.

JSC 36381

MARCH 30, 2000

Baseline

1-5

To immunize against RF interference and unauthorized eavesdropping, Spread
Spectrum technology (also know as “Frequency Hopping”) is employed. In Frequency
Hopping, the radio signal “hops” from frequency to frequency within a specified band

(ISM 2.4000 – 2.4825) over a set time. Both the transmitter and receiver know the
hopping pattern which is called a “channel”. Proxim RangeLAN2 products provide 15
frequency hopping sequences that are orthogonal patterns. (Consult the Proxim
RangeLAN2 Technical Reference Guide for further details.) RF connectivity depends
on RF Network Cards and RF Access Points for wireless transfer of network packets.
See Table 2-4 for RF parameter settings required for the OPS LAN.

1.4.1

RF Network Adapter

OPS LAN laptops may use a RangeLAN2 7400 PC card for RF communication
between laptops and RF access points. The network adapter is a Type II PC card
(PCMCIA) device. Attached to the Model 7400 version is an omnidirectional dipole
antenna that may be mounted to the lid of the laptop. The resulting assembly
configuration is:

7400 card + Dipole antenna = 7401 RF Card Assembly

The RangeLAN2 PC card has 2 diagnostic light emitting diodes (LEDs). A green
LED flashes whenever another station is transmitting on the channel; a yellow LED
flashes whenever the local RF station is transmitting. Appropriate drivers for the
network card, based on the laptop’s operating system, have been incorporated into
the respective software loads. See Section A.4 for technical data.

1.4.2

RF Access Point

Each RF access point is a 7520 RangeLAN2/AP-II MAC layer bridge that connects to
the coax backbone. Each unit requires a separate power source. The dipole antenna
relays RF packet communication between the backbone and RF-equipped laptops. It
filters at a rate of 14,8000 packets/sec. Access point parameters, such as channel
number and IP address are configurable through a web management tool or a null
modem cable to a laptop. All access point parameters will be preset prior to flight

and will not be changed on-orbit.

1.5

CABLED CONNECTIVITY

The OPS LAN 10BASE2 cable backbone relies on RG-58 coax cabling, BNC connectors
and terminators. Coaxial cable has several advantages, including high resistance to
electromagnetic interference (EMI), a history of reliable service, and durability.
Details concerning Ethernet cabling between ISS modules are forthcoming.

JSC 36381

MARCH 30, 2000

Baseline

2-1

Standards

The information presented in this chapter is based on the deliberations and decisions
made by the S-POCCB (Station – Portable Onboard Computer Control Board).
Standards chosen for naming and identifying OPS LAN components are subject to

change.

2.1

Timekeeping Standard

OPS LAN timekeeping devices will be set to and adjusted for GMT (Greenwich Mean

Time) without adjustments for daylight savings. Microsoft Windows refers to this time
zone as GMT Monrovia/Casablanca.

2.2

Device Naming Convention

To facilitate management of the OPS LAN, logical identification schemes have been
adopted. This section delineates naming conventions, based on the NetBIOS protocol,
for the various network devices. All names are case-insensitive. Although presented in
upper-case in this document, names entered on the OPS LAN may be typed with either
upper-case or lower-case letters.

2.2.1

Windows NT Domain

When logging into the OPS LAN, the name of the Windows NT Domain is: opslan.

This entry is not case-sensitive.

2.2.2

Devices

The following NetBIOS naming criteria are implemented:

Device Type

NetBIOS Name

Clients

–

SSC#
MEC#

OCAs

–

OCA#

File Server

–

FSERVER

(# assigned by S-POCCB)

Remaining network devices, such as printers, access points and IMS handheld bar
code readers, are not assigned NetBIOS names.

Chapter

JSC 36381

MARCH 30, 2000

Baseline

2-2

2.2.3

Windows Networking Workgroups

Because every networked Windows NT-based computer (including Windows 95
computers) is a member of a workgroup, clients must be assigned to a workgroup.
Member computers of a particular workgroup are visible in Network
Neighborhood. SSC clients, including the ECS/OCA, will be members of the

SSC

workgroup. Any MEC client will be assigned to workgroup

CHeCS.

2.2.4

Drive Sharing

Where deemed appropriate the contents of a laptop’s local hard drive or a CD in the
laptop’s CD drive may be shared out to all other networked users. The OCA
operator needs this access to permit file transfers between the MCC and individual
client machines.

2.2.4.1

File Server Hard Drive Sharing

The File Server’s FAT16 partition (C Drive) is shared across the network to every

user to read, and to crewmembers to modify. Only the OCA login ID receives a
mapping to the File Server’s C Drive.
The D: Drive on the OPS LAN File Server (FServer) is shared across the network.

D: Drive partition is formatted in NTFS, which grants access to individual
directories and files. Letter K is mapped to the root of FServer’s D: Drive and

appears in Windows Explorer as:
“K on FSERVER”

2.2.4.2

File Server CD Drive Sharing

The CD Drive on the File Server is shared across the network to all users. The
ECS/OCA machine (OCA1) maps to and utilizes the File Server’s CD drive, since

OCA1 does not have its own local CD drive.

2.2.4.3

Client Hard Drive Sharing

The entire local hard drive of an SSC Client laptop, rather than individual folders
and directories on the drive, should be shared across the network. The default
windows format (C, usually) will be used. The hard drive shares of network

client machines will appear in Windows Explorer as:
“C on SSCn”

2.2.4.4

Client CD Drive Sharing

The CD Drive on SSC clients is not shared out to the network.

JSC 36381

MARCH 30, 2000

Baseline

2-3

2.3

Drive Mapping Summary

Though not required since Network Neighborhood provides resource access, any
shared hard disk resource can be assigned a drive letter for convenience. For
consistency, each SSC client laptop will follow the drive mapping standards defined
below. Note that each laptop will not be mapped to its own internal drive. (See Table

2-1 SSC Client Drive Mapping Summary).

Drive

Function

Floppy

Local Hard Drive

CDROM

PC Card

Reserved – Local Device

Reserved – User’s Home Directory on FServer (i.e., …\HomeDir\Shep)

Reserved – Local Device

J:
K:

D on FServer

Reserved – Client/Server applications

MEC_C

Reserved

OCA1_C

OCA2_C

SSC1_C

SSC2_C

SSC3_C

Reserved – Mass Access Computer Equipment

Table 2-1

SSC Client Drive Mapping Summary

2.4

Home Directory Policy

Personal data will be stored in a folder created for each crewmember in the
D:\HomeDir directory, on the File Server. A special share, using the user’s login name
followed by a dollar sign (<username>$), uniquely defines the location of the personal

JSC 36381

MARCH 30, 2000

Baseline

2-4

folder. When the crewmember logs in, the drive letter H: is automatically mapped to
the crewmember’s personal home directory folder (see 4.2 Logon Scripts).

2.5

TCP/IP Communication

As noted earlier, OPS LAN communicates in the language of the Internet, TCP/IP
(Transport Control Protocol/Internet Protocol). A system of logical addresses (as

opposed to network adapter hardware addresses) identifies each host, or end station on
a TCP/IP network. The logical ID, called an IP address, consists of four numbers, called
octets, which are separated by periods. The pattern of octets in an IP address, called a
class, along with a subnet mask, uniquely identifies the host, as well as the network
segment the host resides in. Proprietary Table E-1 OPS LAN IP ADDRESS SUMMARY
and Proprietary Table E-2 OPS LAN ASSIGNED NETWORK PARAMETERS list
specific IP address allocation.

2.5.1

Subnet Mask

Although an IP address is a single value, it contains two pieces of information: the
network ID and the host ID of the computer or TCP/IP device. The subnet mask is a
32-bit value that allows the recipient of IP packets to distinguish the network ID
portion of the IP address from the host ID.

2.5.2

Default Gateway

The File Server is designated as the network default gateway, until the arrival of the
onboard OCA router.

2.5.3

HTTP Information Protocol

HTTP (Hypertext Transport Protocol) is a distributed, collaborative, hypermedia
information system associated with TCP/IP. HTTP technology enables what is
commonly referred to as the World Wide Web. Web pages are files consisting of
images, audio clips, video clips, animation or text written in the Hypertext Markup
Language (HTML). Every OPS LAN laptop is equipped with the Microsoft Internet
Explorer (MSIE) for viewing and interacting with HTML web pages that might be
posted on the Internet, the OPS LAN File Server (See Section 3.1.7 Web-based

Services Support) or locally, as with graphical help files.

2.5.4

Internet Accessibility

At the present time, OPS LAN users are unable to communicate with the Internet.
Conversely, users on the Internet will not be able to directly address the OPS LAN.

JSC 36381

MARCH 30, 2000

Baseline

2-5

2.6

Radio Frequency (RF) Networking

2.6.1

RF Setup

Each device operating with a RangeLAN2 RF network adapter must be set up in

either a “station” or “master” mode. The SSC File Server (FServer) will function as

the RF master until the RF Access Points arrive onboard Station.

2.6.2

RF LAN Parameters

Proprietary Table E-3 RF PARAMETERS SUMMARY lists device settings for the RF
portion of OPS LAN. Refer to Proxim reference manuals (see Appendix B-1) for

detailed explanation and impact of each setting. Security IDs must match for an RF
system to work. The S-POCCB will configure the flight hardware settings preflight.
OPS LAN users with their own RF network hardware should submit their flight
hardware to the S-POCCB to have the appropriate RF security ID set. Ground
systems (i.e., SSTF) may have their own security IDs independent of the S-POCCB.

2.7

Network Database

To minimize file server disk usage and database support requirements, Microsoft SQL
Server has been implemented as the primary database resource. No other database
product will be supported on the OPS LAN File Server without prior approval of the

S-POCCB.

2.8

CD-ROM Recording Issues

Consult the appropriate S-POCCB web page for the latest information regarding

recommended CD hardware and software recording processes. (See Appendix B.4)

2.9

3Com Etherlink III LAN PC Card Configuration

In an effort to support both Windows 95 and Windows NT, the 3Com Ethernet
adapter’s EPROM settings have specific requirements. (See Appendix B.4)

2.10

Further References

Users are encouraged to visit the Station Portable Onboard Computer Control Board
home page (See Appendix B.4) frequently for the latest information about the latest
configuration and deployment of the OPS LAN.

JSC 36381

MARCH 30, 2000

Baseline

3-1

Operation Support

3.1

OPS LAN CAPABILITIES

Onboard tasks that OPS LAN actively supports include:

•

Procedures viewing

•

Timeline event viewing

•

Database access and management

•

Crew mail (E-Mail) handling

•

General network support

•

Hosting crew support applications

•

Web-based services support

3.1.1

Procedures Viewing

The Manual Procedure Viewer (MPV) is an OPS LAN application that manages and
exhibits Operations Data File (ODF) procedures. The ODF procedure system
includes the SODF (ISS-specific procedures) and the PODF (payload-specific
procedures). These procedures are a set of instructions used by ground controllers
and the station crew to fulfill specific tasks that are needed to operate and maintain
station systems, payloads, and attached vehicles under both nominal and off-
nominal conditions. All procedures files for MPV will reside on the File Server.
Management and updates of MPV data will be done manually from the ground

until Mission 5A, when some automated tools become available. A Solaris version
of the MPV will reside on the PCS as a backup in a standalone mode. In a
contingency situation, using the PCS commanding function from the ground,
manual procedure files can be sent up over S-Band transmission to the Command
and Control (C&C) MDM and transferred to a PCS via a file transfer script. A
secondary option is moving the files via removable media (Ex. PC Card) from the
File Server.

3.1.2

Timeline Events Viewing

The Onboard Short Term Plan (OSTP) Activity Records will reside on the File
Server. The Plan will be viewable from the OSTP Viewer on the SSC Clients. The
Activity Record Manager (ARM) required to support the OSTP will also reside on
the File Server.

Chapter

JSC 36381

MARCH 30, 2000

Baseline

3-2

3.1.3

Databases Access and Management

Utilizing the OPS LAN, crewmembers will be able to access database information
from anywhere in the ISS. Database systems supported by the OPS LAN include
IMS and HazMat.

3.1.3.1

IMS

Equipment and material aboard the International Space Station will be cataloged
and stored in Microsoft SQL databases that will reside on the OPS LAN File
Server. The Inventory Management System (IMS) controls placement and use of

Station equipment and parts. The IMS will be a Web-based system using
Microsoft Internet Information Server (IIS) and Microsoft SQL Server.
Modifications to the IMS database will be downlinked daily to keep the ground
records synchronized. Server database updates can be sent via the OCA.

3.1.3.2

HazMat

The Hazardous Material (HazMat) database lists potentially harmful substances
that may be encountered aboard the ISS. At present, HazMat is a Microsoft
Access application; to conform to S-POCCB standards (see Section 2.7), HazMat

will be hosted on SQL Server.

3.1.4

Crew Mail (E-Mail) Handling

Currently, Microsoft Outlook 98 is installed on SSCs to support crew email
operations on-orbit. The manner in which Space Station crews create, send, and
receive email messages is identical to how email is managed on the ground.

However, since orbiting crews do not have a direct network or Internet link for
sending or receiving email, their messages are temporarily saved to an Outlook-
unique ‘offline’ folder, or *.ost file. An *.ost file exists for each Station crewmember
mail account, based on the crewmember’s network username; i.e., email from or to
William Shepherd is stored in shep.ost file.
These *.ost files are periodically downlinked and uplinked to the crew via the
Station OCA file transfer system. After the downlinked *.ost files are received by the

ground, the OCA operator will log into the same mail accounts that exist on a JSC
mail server. The mail server will synchronize the downlinked *.ost files with the
ground mail accounts. Email being sent by the Station crew and saved in the *.ost
files will be distributed over JSC networks and the Internet during the
synchronization. New email sent to the crew is also saved to the crew *.ost files
during the synchronization with the mail server. The updated *.ost files, with the
new email, are later uplinked to the Station crew on-orbit to be viewed with MS
Outlook.

JSC 36381

MARCH 30, 2000

Baseline

3-3

3.1.5

General Network Support

3.1.5.1

OPS LAN Time Synchronization

To synchronize timekeeping across the network, the OPS LAN Time
Synchronization utility executes the server-based program Tardis for two
minutes. Tardis broadcasts the server’s current time as the network time source.
A complementary program on the client, K9, accepts the time broadcasts during
this interval and updates the client clock. No automatic clock update is
performed on the File Server’s internal clock. Prior to time synchronization, the

File Server’s internal clock should be checked and manually adjusted to match an
external reference. Time Synchronization operates in two modes. In scheduled
mode, Time Synchronization is automatically initiated as a scheduled task by
Windows NT every day at 12:00 noon GMT. In manual mode, the utility can be
initiated by clicking on a desktop icon on the file server.

3.1.5.2

File Server Data Backup

Portions of the File Server data drive (D:) will be backed up periodically to a PC
Hard Card. The dataset backup, which can be a full or incremental backup

scheme, will occur no later than one week apart. Initial data backup operations
will require crew intervention.

3.1.5.3

Printing

Documents may be printed to an Epson Stylus 800 color printer, which will be
cabled to the File Server’s parallel port after Mission 2R. After Mission 5A, the
printer will be connected to the OPS LAN backbone and addressed through a
unique IP address (see Proprietary Table E-2 OPS LAN ASSIGNED NETWORK

PARAMETERS). There are no plans to configure the File Server as a print server.
Driver software for the Epson Stylus 800 is already contained in every SSC
Client’s load.

3.1.6

Hosting Crew Support Applications

Through the SSC Client load, the crew will be provided many general support

applications. This will include office automation utilities (i.e., word processing,
spreadsheet, etc.) and unique situational awareness tools (i.e., Worldmap,
PingMaster, etc.). For the latest information regarding software manifest details,
consult the Manifest and Usage Information link (See Appendix B.4).

3.1.7

Web-based Services Support

The OPS LAN File Server operates Microsoft’s Internet Information Server (IIS),
which hosts interlinked web pages. These web pages, called virtual directories,
provide a graphical, user-friendly approach to organizing and accessing time-
sensitive information. The following virtual directories are in use.

JSC 36381

MARCH 30, 2000

Baseline

3-4

3.1.7.1

Inventory Management System (IMS)

To execute IMS, enter //fserver/ims in Internet Explorer’s URL address field on

any client laptop.

3.1.7.2

Execute Package (EP)

To execute the EP, enter //fserver/ep in Internet Explorer’s URL address field on

any client laptop.

3.2

FILE SERVER SERVICES

For the latest and complete information regarding services supported by the File
Server, consult the File Server software manifest on the Manifest and Usage
Information link (See Appendix B.4). The following services require additional
clarification or configuration details.

3.2.1

Activity Record Manager (ARM)

The Activity Record Manager integrates uplinked activity records. (Automatic
startup)

3.2.2

Computer Browser

The Windows NT Browser supports browsing computers on the network and being
browsed by other computers. It is the service that gathers and organizes the list of
computers and domains that is displayed in Network Neighborhood. The Browser
maintains an up-to-date list of computers and provides this information to programs
that require it. The File Server is the master browser for the OPS LAN.

3.2.3

Internet Information Server (IIS) Admin Server

Microsoft’s Internet Information Server (IIS) manages and distributes web pages
from the SSC File Server. It handles all Hypertext Transport Protocol (HTTP)
client/server protocol requests for the OPS LAN. An SSC OPS LAN home page
contains a list of common server tasks in the form of hyperlink text. IIS is available
to all projects needing a web interface. Microsoft Internet Explorer is the solely
supported web browser on the OPS LAN. (Automatic startup)

3.2.4

Messenger

Messenger listens to the network and receives pop-up messages, such as printer
notifications that are sent to a name on the network.

3.2.5

Microsoft SQL Server

TBD

JSC 36381

MARCH 30, 2000

Baseline

3-5

3.2.6

Norton AntiVirus Auto-Protect

This service begins the automatic scanning for viruses when the File Server starts.
(Automatic startup)

3.2.7

Net Logon

The NetLogon service provides users with a single access and authentication point

to the OPS LAN NT domain.

3.2.8

PC Card Director

The PC Card Director is an IBM-supplied utility that lets you use a PC Card with
"Plug and Play" capability.

3.2.9

Procedure Manager (PM)

Procedure manager integrates and distributes ODF procedures. (Automatic startup)

3.2.10

Schedule

The Schedule service provides the capability to automatically run file server
applications are predetermined times without crew intervention. See Section 4.11
for a list of scheduled OPS LAN events.

3.2.11

Ultrabac

Ultrabac File Backup could be used to automatically schedule data backups.

Limitations on File Server memory and the requirement of crew intervention with
PC Card handling makes automatically backup scheduling impracticable at this
time. (Manual startup)

3.2.12

Windows Internet Naming Service (WINS)

Because of the flexible and dynamic nature of the OPS LAN (moving OPS LAN

devices between different ISS modules, switching devices between coax and RF
connectivity, exchanging PCMCIA components, etc.), active communication
between clients and the server is necessary to maintain fault-tolerant performance.
Microsoft’s Windows Internet Name Service (WINS), which provides NetBIOS name
to IP address mapping in response to queries from clients, fulfills this need. The OPS
LAN file server maintains the WINS database which tracks the current status of
client availability. Each client device is configured to communicate its presence to
the OPS LAN file server.
When a computer attempts to register a NetBIOS name with the WINS database on
the file server, it is permitted to do so only if the name is not currently reserved in
the WINS database. When a WINS client is shut down in an orderly manner, it
releases its name reservation in the WINS database and the name is marked as
released. After a certain time, a released name is marked as extinct. Extinct names

JSC 36381

MARCH 30, 2000

Baseline

3-6

are maintained for a period sufficient to propagate the information to all WINS
servers, after which the extinct name is removed from the WINS database. If a
computer has released its name through an orderly shutdown, WINS knows that the

name is available and the client can immediately re-obtain the name when it reenters
the network.
If a computer is not shut down in an orderly fashion, its name reservation remains
active in the WINS database. When the computer attempts to reregister the name,
the WINS server challenges the registration attempt. If the computer has changed IP
addresses, the challenge fails and the client is permitted to reregister the name with
a new address. If no other computer is actively using the name, the client is also
permitted to reregister with the name.
All names in the WINS database bear a timestamp that indicates when the
reservation will expire. If a client fails to reregister the name when the reservation
expires, the name is released.
To support true network connectivity to the Mission Control Center (MCC) after
OCA Router arrives onboard, the following static WINS addresses have been added
to the File Server (see Proprietary Table E-4 STATIC WINS ADDRESSES).

3.3

Operational Issues

3.3.1

Web Browser Security Policy

Software and web page developers should be made aware that the Microsoft
Internet Explorer (MSIE) web browser cannot be updated via the automatic
download feature that ordinarily searches the Internet for new controls and plug-
ins. SSC Client laptops are equipped with MSIE for viewing and interacting with
HTML files located on the OPS LAN. MSIE has a built-in feature for acquiring
software modules (JAVA plug-ins, ActiveX controls, etc.) from the Internet for the

purpose of adding features and expanding functionality. However, to ensure the
integrity of SSC software, this feature has been disabled. Developers should submit
a S-POCCB Change Request (CR) to request the modifications needed by MSIE to
support developers’ applications.

JSC 36381

MARCH 30, 2000

Baseline

4-1

Administration

4.1

Administrator Accounts

Two administrator accounts have been established for the OPS LAN NT Domain (see
Proprietary Table E-5 OPS LAN ADMINISTRATOR ACCOUNTS). Ordinarily, most
users will never have to log onto the OPS LAN NT Domain as an administrator, unless
directed to do so for troubleshooting or unplanned maintenance. Contact an SSC
Engineer for further details.

4.2

User Accounts

Anyone desiring access to resources on the SSC OPS LAN must have a valid user

account and know the logon name and password for it. Certain users, such as
crewmembers, will be assigned a home directory, accessible through the H: Drive letter
mapping. See Proprietary Table E-6 OPS LAN USER ACCOUNTS for a list of current
user accounts on the OPS LAN NT Domain.

4.3

Services Accounts

Applications, such as Internet Information Server and SQL Server, run as Windows NT
Services and interact internally with the OPS LAN File Server. These services have
built-in accounts (also referred to as anonymous access), that possess security rights that
allow NTFS disk access. See Proprietary Table E-7 OPS LAN SERVICES ACCOUNTS
for a list of NT services accounts currently running on the File Server.

4.4

Special Purpose Accounts

4.4.1

KFX

To log on to the OPS LAN’s NT domain, the username KFX may be entered only at
the Video Telecon client machine. The OCA Router requires this before providing
the TDRS Link Display to the KFX user.

4.4.2

OCAGround

The OCAGround username may be entered at selected MCC workstations only (see
Proprietary Table E-7 OPS LAN ANONYMOUS ACCESS ACCOUNTS). Until the
OCA Router arrives on-station, this account is used for testing purposes only.

Chapter

JSC 36381

MARCH 30, 2000

Baseline

4-2

4.4.3

Guest Account

Due to security concerns, the Windows NT Guest account is disabled.

4.5

Groups

Groups simplify network administration by assigning access rights and permissions to
a predefined group of users, rather than to a list of individual users. Two types of
groups

4.5.1

Global Groups

A global group consists of several user accounts from one domain, which are

grouped together under an account name. For example, the user accounts of
crewmembers in the OPS LAN NT domain are placed in the Crewmember global
group account. Every member of a global group deserves equal consideration when
assigned permissions for a network resource. See Table 4-1 OPS LAN GLOBAL
GROUPS for a list of current global groups in the OPS LAN NT Domain.

Groups

Description

Crewmembers

All crew members.

Domain Admins

Designated OPS LAN NT Domain administrators.

Domain Guests

All OPS LAN NT Domain guest.

Domain Users

All OPS LAN NT Domain users.

Table 4-1

OPS LAN GLOBAL GROUPS

4.5.2

Local Groups

Local groups can include user accounts and global groups from one or more
domains, grouped together under one account name. A local group can be granted
rights and permissions to use certain resources, such as access to a particular folder,
or to perform certain administrative tasks, such as creating new user accounts. See

Table 4-2 OPS LAN LOCAL GROUPS for a list of current local group in the OPS
LAN NT Domain.

JSC 36381

MARCH 30, 2000

Baseline

4-3

Groups

Description

Account Operators

Members who can administer user and group accounts in the OPS LAN Domain.

Administrators

Members who can fully administer the OPS LAN Domain.

Backup Operators

Members who can bypass directory- and file-level security to back up files.

Guests

Users granted guest access to the OPS LAN Domain.

INET_User

Anonymous IIS User (Needed for SQL Server).

MTS Impersonators

Microsoft Transaction Server trusted process identities.

Print Operators

Members who can administer NT domain printers. (Not performed in OPS LAN)

Replicators

Members who can support directory replication. (Not performed in OPS LAN)

Server Operators

Members who can administer the OPS LAN File Server.

SQLAdmin

SQL Server Database Administrators.

Users

Ordinary OPS LAN Domain users.

Table 4-2

OPS LAN LOCAL GROUPS

4.6

Sharing Resources

Disk drives, CD-ROM drives and file folders on OPS LAN clients may be shared to
other users on the network. The File Server generates a list of eligible users and global
groups during the sharing setup. Each of the selected users or groups may be assigned
one of the permission listed in Table 4-3 SHARED RESOURCE PERMISSIONS.

Permission

Usage

Read Only

The contents of the shared resource may be viewed. Program files may be
executed.

Custom

One or more of the following permissions may be selected and assigned: Read

Files, Write to Files, Create Files and Folders, Delete Files, Change File Attributes,

List Files, Change Access Control.

Full Control

All permissions listed under “Custom” are assigned.

Table 4-3

SHARED RESOURCE PERMISSIONS

4.7

NTFS Permissions

The D: drive on the OPS LAN File Server is formatted with the NT File System (NTFS)
and is shared to all users; the K: drive mapping on OPS LAN clients conveniently
accesses this region of the File Server. However, individual directories and files on the
File Server’s D: drive may be assigned access permissions. Table 4-4 NTFS
DIRECTORY-LEVEL PERMISSIONS and Table 4-5 NTFS FILE-LEVEL PERMISSIONS

JSC 36381

MARCH 30, 2000

Baseline

4-4

describe the permissions that may be assigned to Windows NT directories and files.
Determining the effective NTFS permissions for any network resource may be
complicated by a combination of rights assigned to groups and specific individuals.

The following three rules can help predict the effective access permission to a network
resource:

Inheritance
Permissions granted to container objects, such as file folders, are inherited
in any down-line resource. Therefore, newly created subfolders
automatically assume the permissions assigned to its parent folder.
Likewise, new files automatically assume the explicit and implicit
permissions granted to the folder in which they reside.

Explicit Permissions
An explicit permission granted in a container object’s Access Control List
(ACL) overrides inherited permission for the same user or group

Multiple Sources
If a user gains permissions from more than one source, such as belonging
to more than one group with permissions for the same directory, the
user’s permissions are cumulative unless one of the permissions is No

Access.

JSC 36381

MARCH 30, 2000

Baseline

4-5

NTFS Permission
( ) ( )

Meaning

No Access

(none) (none)

Absolutely no access to the directory or its files. Overrides any other NTFS
permissions assigned through other group memberships.

List

(RX) (not specified)

The contents of a directory may be viewed, and subdirectories may be
navigated. Access to the files in these directories is granted elsewhere, by file
permissions.

Read

(RX) (RX)

The entire directory structure may be navigated, the contents of the directory
may be viewed (though not necessarily accessed), and program files may be
executed.

Add

(WX) (not specified)

New subdirectories and files may be added to the directory. Access to files in
the directory is granted elsewhere, in other NTFS permissions.

Add & Read

(RWX) (RX)

New subdirectories and files may be added to the directory. Within the
directory, Read Only access to files and permission to run programs is
granted.

Change

(RWXD) (RWXD)

Contents of directories and files may be viewed, programs may be run, data
files may be added, modified and deleted.

Full Control

(all) (all)

In addition to capabilities granted in the Change permission, the permissions
for that directory and its contents may be changed. Ownership of the
directory and its contents may be taken.

Special Directory

(RWXDPO) (RWXDPO)

NTFS permissions may be set as desired to any combination (see table notes).

Notes:

•

Permissions for subdirectories in the directory

‚

Permissions for files in the directory

Coded permissions: R=Read, W=Write, X=Execute, D=Delete, P=Change Permissions, O=Take
Ownership

Table 4-4

NTFS DIRECTORY-LEVEL PERMISSIONS

JSC 36381

MARCH 30, 2000

Baseline

4-6

NTFS Permission ( )

Meaning

No Access (none)

Absolutely no access to the file. Overrides any other NTFS directory and file
permissions assigned through other group memberships.

Read (RX)

The contents of the file may be viewed. Program file may be executed.

Change (RWXD)

Data files may be edited and deleted.

Full Control (all)

In addition to capabilities granted in the Change permission, the permissions
for that file may be changed and ownership taken.

Special File (RWXDPO)

NTFS permissions may be set as desired to any combination (see table notes).

Notes:

•

Permissions for file

Coded permissions: R=Read, W=Write, X=Execute, D=Delete, P=Change Permissions, O=Take
Ownership

Table 4-5

NTFS FILE-LEVEL PERMISSIONS

4.8

File Server Security

File Allocation Table (FAT) Share security and NTFS File Security are implemented to
protect certain programs and data located on the OPS LAN File Server.

4.8.1

FAT16 Partition (C: Drive)

The C: Drive partition of the OPS LAN File Server is formatted with the 16-bit FAT
file system. Windows NT’s FAT file system is a long filename (LFN)-capable

version of the one normally found in DOS. The OPS LAN Windows NT network
operating system resides on this drive of the File Server. Users who are permitted to
log in at the File Server laptop can directly access the FAT16 drive. Across the
network, the File Server’s C: Drive may be accessed by administrators and the OCA
account only. The OCA account allows the ground controllers the capability of
transferring, repairing or upgrading files located on the C: Drive.

4.8.2

NTFS Partition (D: Drive)

The D: Drive partition of the OPS LAN File Server is formatted with the NT File
System (NTFS). NTFS is a reliable, secure, and tuned file system capable of
supporting volumes up to 16 exabytes. It supports fault-tolerant features such as
transaction-based recovery and hot-fixing bad disk sectors. NTFS security controls
data access at the folder and file level (see Tables 4-1 and 4-2). For these reasons,

users’ home directories and OPS LAN network data are stored to and backed up
from the D: Drive partition.
All users have Change permission on the File Server’s D: Drive, which is accessed
by network clients through the automatically assigned K: Drive letter mapping. The

JSC 36381

MARCH 30, 2000

Baseline

4-7

only restriction involves home directory folders: users that have a home directory
may not access the home directories of other users. The S-POCCB reserves the right
to further restrict directory and file access, as conditions warrant.

4.9

Client Security

Client laptops are formatted with the Windows 95 FAT32 file system in a single

partition. The FAT32 partition, designated the C: Drive, is shared out across the
network. Because data security and integrity cannot be guaranteed on client laptops,
important data should be transferred to a folder on the K: network drive (the D: Drive
on the File Server) for periodic backup and possible restoration.

4.10

Logon Scripts

The OPS LAN Windows NT domain utilizes a separate logon script for each user. The
script defines standard network drive mappings and performs other tasks as required
by the Administrator. Logon scripts are batch files located in the NETLOGON share of
the Primary Domain Controller (C:\WINNT\SYSTEM32\REPL\IMPORT\SCRIPTS\).
Scripts can be modified by using any text file editor, such as NOTEPAD.
No persistent connections will be allowed. A persistent connection is defined as
connections that remain from session to session without an explicit "NET USE" in the
login script. All connections should be from a NET USE via the login script.
Each user’s standard logon script consists of two files. The first file (see Table 4-6 USER
LOGON SCRIPT FILE #1), specified in the User Manager for Domain administration
utility, calls a second batch file (see Table 4-7 USER LOGON SCRIPT FILE #2) in
minimized mode. Actual script activity is performed in the second batch file. This
scheme reduces desktop clutter and prevents display of miscellaneous messages during

execution of the logon script files.

@ECHO OFF

REM Execute user’s logon script in a minimized windows
START /MIN

\\FSERVER\NETLOGON\<username>_LOGON.BAT

Table 4-6

USER LOGON SCRIPT FILE #1

JSC 36381

MARCH 30, 2000

Baseline

4-8

@ECHO OFF
REM Map H to user’s home directory
NET USE H: \\FSERVER\<username>$ /YES > NUL
REM Map K to data drive (D:) on File Server
NET USE K: \\FSERVER\D /YES > NUL
REM Map O to C: Drive on OCA machine
NET USE O: \\OCA1\C /YES > NUL
REM If logging on to the File Server, no further mapping is performed
IF Windows_NT == %OS% GOTO EGRESS
REM Map M to C: Drive on Medical CHeCS machine
NET USE M: \\MEC1\C /YES > NUL

:EGRESS

EXIT

Table 4-7

USER LOGON SCRIPT FILE #2

4.11

Scheduled Events

Certain planned network activities do not require crew intervention. These activities
utilize the WinAT scheduling utility, which consumes a minimum amount of File

Server resources when compared to utilities operating as Windows NT services.

4.11.1

OPS LAN Time Synchronization

Every 24 hours, The Tardis timekeeping utility executes for 2 minutes to synchronize
client laptop clocks to the SSC File Server. The utility K-9 operates on client
machines to receive the timekeeping signal and adjust the internal clock. A desktop

icon provides an immediate execution mode to adjust for clock drift at any other
time of the day. Periodically, correction for File Server clock drifts will be made by
the onboard crew.

4.11.2

Updates Unpacker

During the ECS/OCA timeframe, the ground controllers do not have the capability

to start applications on any laptop other than the ECA/ECS workstation. This
limitation prevents controllers from being able to launch executable or batch files on
the File Server without crew intervention. To overcome this limitation, an
automated software process, called Unpacker, seeks out and runs software update
packages on the File Server. Every 3 hours, beginning at 00:00 midnight GMT,
UnpackNT.exe is scheduled to run on the File Server. Executable update files (exe

JSC 36381

MARCH 30, 2000

Baseline

4-9

or bat) may be uplinked and placed in the File Server Stage Folder (C:\Stage). The
UnpackNT application will then automatically run the uplinked files.

4.12

Virus Scanning

SSC provides Norton AntiVirus scanning software to accomplish virus scanning on
client and server systems. The program will be loaded upon start-up and will run

continuously in the background. The program will be set to examine all disk drives
continuously also. Periodic updates to the virus signature file will be performed by
ground controllers.

4.13

User Profiles and System Policies

A user profile consists of user-specific information contained in the file USER.DAT,
which is one of the two files in the Windows 95 Registry. Optionally, a user profile can
also contain special Windows 95 directories. The benefits of using user profiles are
summarized in this section.
“Roaming” users can log on to the network from any workstation and work with the
same desktop settings as long as the computer is running a Windows 95 32-bit,

protected-mode network client. Roving profiles will be used for crewmembers. The
profile will be maintained on the server in the crewmembers home directory and will
allow crewmembers to roam to any SSC Client, excluding the ECS/OCA workstation,
the MEC, or any other non-SSC client.
Whether profiles are stored locally or on the network, user profiles should be enabled
only for the computers where they will be used. Either system policies or mandatory
user profiles can be used to enforce user settings, but not both. The two methods differ
in the following ways:

•

System policies let you mandate user-specific and computer-specific settings.

Mandatory user profiles let you mandate only user-specific settings.

•

System policies let you selectively determine a subset of user settings to control,

and each user controls the remaining settings. Mandatory user profiles always
control every user-specific setting.

4.14

Trust Relationships

A trust relationship allows users that are authenticated in another NT domain to access
the OPS LAN NT domain. Likewise, a trust relationship might be established to permit
OPS LAN users to access other onboard NT domains. Currently, it is not possible to

establish trust relationships between the SSC domain (“opslan”) and the MCC, as a true
network connection does not exist. When OCA Router arrives onboard, a peer-to-peer
network communication will exist between the MCC and the OPS LAN. This
relationship reduces network protocol overhead caused by trust security, which often
prevents application communication across the TDRS link delay,

JSC 36381

MARCH 30, 2000

Baseline

4-11

User Right

Allows those assigned:

Assigned To:

Access this computer

To connect to the computer through
the network.

Administrators, Everyone

Add workstations to domain

To add workstations to the domain so
that it can recognize the domain’s
user and global accounts.

(none), but this is a predefined right
for all members of the Administrators
and Server Operators local groups
that cannot be revoked.

Back up files and directories

To back up files and directories on the
computer, no matter what his file and
directory permissions are.

Administrators, Backup Operators,
Server Operators

Change the system time

To set the time of the computer’s
internal clock.

Administrators, Server Operators

Force shutdown from a remote
system

(Not currently implemented in
Windows NT 4)

Administrators, Server Operators

Load and unload device drivers

To install and remove device drivers.

Administrators

Log on locally

To log on to the system by typing
their username and password into the
User Authentication dialog box.

Crewmembers

•

, Account Operators,

Administrators, Backup Operators,
Print Operators, Server Operators

Manage auditing and security
log

To specify which files, groups, and
printers to audit. This does not allow
the user to change the audit policy,
only to work within the framework
defined by a member of the
Administrators group. This right also
allows the user to view and to clear
the Security log in the Event Viewer.

Administrators

Restore files and directories

To restore backed-up files and
directories no matter what the
permissions are on these files and
directories.

Administrators, Print Operators,
Server Operators

10.

Shut down the system

To shut down the Windows NT
computer system.

Crewmembers

•

, Account Operators,

Administrators, Backup Operators,
Print Operators, Server Operators

11.

Take Ownership of files or other
objects

To take ownership of any object on
the computer, even if they do not
have sufficient permissions to access
the objects

Administrators

•

Group added to those initially assigned by Windows NT

Table 4-8

REGULAR USER RIGHTS POLICIES

JSC 36381

MARCH 30, 2000

Baseline

4-12

4.16

Auditing

Windows NT Server maintains three event logs to which entries are added in the
background – the System log, the Applications log, and the Security log. The OPS LAN
administrator can set up security auditing of a number of events on NT Server in User
Manager for Domains to help track user access to various parts of the system. To enable

security auditing, pull down the Policies menu and select Audit. Keep in mind that all
of the event logs are limited in size. Currently, the log settings for each log are set to
2048 Kilobytes (64K increments). The following auditing options have been adopted for
the SSC OPS LAN (see Table 4-9 SSC OPS LAN AUDITING POLICY).

Events to Audit

Description

Audited For

Rationale

File and Object Access

Tracks access to a directory or file that has been
selected for auditing under Explorer; tracks
print jobs sent to printers that have been set
auditing under the Printers folder.

No requirement to track, since
most data on file server should
be accessible by crew.

Logon and Logoff

Tracks user logons and logoffs, as a well as the
creating and breaking of connections to servers.

Success, Failure

To track patterns of OPS LAN
usage.

Process Tracking

Records detailed tracking information for
program activation, some types of handle
duplication, indirect object accesses, and
process exit.

Failure Only

To track incidents of application
failure.

Restart, Shutdown, and System

Tracks when the computer is shut down or
restarted; tracks the filling up of the audit log
and the discarding of audit entries if the audit
log is already full.

Success, Failure

To report unavailability of the
network due to shutdown or
restart of file server.

Security Policy Changes

Tracks changes made to the User Rights, Audit,
or Trust Relationship policies.

Success, Failure

To track unauthorized
manipulation of user

Use of User Rights

Notes when users make use of a user right
(except those associated with logons and
logoffs)

No requirement to track.

User and Group Management

Tracks changes in user accounts or groups
(creations, changes, deletions); notes if user
accounts are renamed, disabled, or enabled;
tracks setting or changing passwords.

Success, Failure

To detect tampering.

Table 4-9

SSC OPS LAN AUDITING POLICY

4.17

File Backups

Selected directories on the File Server’s D: Drive will be backed regularly up to a PC
Hard. Data on clients laptops will not be backed-up; therefore, important data should

be transferred to the OPS LAN File Server. Additional backups may be performed if a
new file is uplinked and real-time configuration occurs. As this process requires crew

JSC 36381

MARCH 30, 2000

Baseline

4-13

intervention, backups will be scheduled during periods of low OPS LAN activity. If
necessary, the File Server may be removed from the OPS LAN to shorten the time
needed to perform the backup. The contents of the following directories on the OPS

LAN File Server are earmarked for automatic backup:

•

D:\Admin (OPS LAN administration files)

•

D:\HomeDir (Crew’s home directory)

•

D:\Share (Shared data directory)

•

D:\OOCI\ARM (OSTPV data files)

•

D:\OOCI\MPV\Data (MPV data files)

•

The Windows NT Registry

Ground personnel are capable of updating the backup scheme, as needed.

4.18

Software Updates

SSC software loads can be updated by 3 methods: Autoloader, Late Update Disk, and

Real Time Update.

4.18.1

Autoloader

Autoloader utilizes a bootable program floppy disk and a COTS software Ghost
load image on CD or PC Card Hard Drive to quickly reload an SSC laptop’s hard
drive to a baselined disk image. If necessary, laptop CMOS settings are reset during

this process. Because the contents of the laptop’s hard drive are overwritten,
personal data must be saved or backed up prior to running Autoloader.
For commonality and crew convenience, the S-POCCB encourages the owners of
payload-unique laptops to supply a software reload/restore CD that can be accessed
by Autoloader. SSC engineers can assist with the creation of a disk image CD.

4.18.2

Late Update Disk

For simple load updates during a Shuttle rendezvous, load updates are made with a
PC hard card, which contains a batch file. The PC hard card is inserted in the
laptop’s PCMCIA slot, then a unique desktop icon is clicked. The batch file is
initiated, making the necessary changes to the laptop’s load.

4.18.3

Real Time Update

For data files (i.e., the IMS database) and for off-nominal fixes, changes are uplinked
to the ECS/OCA laptop in real time. From ECS/OCA, the new files are transferred
by the OCA operator to targeted SSC laptops. If a file must be executed to perform a
software update, uplinked files are written to a portable medium (PC Flash Card,
PC Card Hard Drive, etc.). A crewmember will be directed to take the medium to
targeted laptops and execute the appropriate batch file. Uplinked fixes to software

will be tracked on the ground and included in subsequent scheduled updates during

JSC 36381

MARCH 30, 2000

Baseline

4-14

Shuttle Docking Missions to ensure that all affected laptops are consistently
reconfigured.

4.19

Software Distribution

ThinkPads configured with SSC software loads are located in various JSC organizations,
such as the Crew Office and Training Facilities. To facilitate reloads or updates to these

machines, special diskettes are issued to the qualifying organizations. When booted
with these diskettes, the ThinkPads are connected via the JSC Information Network
(JIN) to an SSC file server. The SSC Hard Disk Option Wizard (“SHADOW”) employs
user entries to select the desired software from the SHADOW distribution server and
transfers the load to the ThinkPad’s hard drive. For further information about
performing a SHADOW load, contact an SSC engineer (see Appendix 4.19B.1).
Due to COTS software licensing restrictions, distribution of OPS LAN software loads is
not available to the general NASA community without proper funding for a sufficient

number of licenses.

JSC 36381

MARCH 30, 2000

Baseline

A-1

Hardware Technical Data

A.1

ThinkPad Model 760 - Technical Guide & Configuration

A.1.1

BIOS

Table A-1

IBM ThinkPad 760XD IRQ Settings

A.1.2

ThinkPad Type 9546/9547 – Features and Locations

Front View:

http://servicepac.mainz.ibm.com/eprmhtml/epr2c/5307.htm

Rear View:

http://servicepac.mainz.ibm.com/eprmhtml/epr2c/5308.htm

A.1.3

SSC IRQ Plan

To economically allocate the limited number of system interrupts (IRQs) and to
ensure proper hardware operation and prevent resource conflicts, the 16 interrupts
(IRQs) have been uniformly assigned to specific devices. This IRQ assignment plan
applies to IBM ThinkPad 760XD devices, whether server and client laptop. IRQ
settings are automatically made with the AutoLoader or AutoXD utility. Reference

the current SSC IRQ Plan at:

http://fltproc.jsc.nasa.gov/S-POCCB/Documents/SSC_Pentium.doc

A.1.4

CMOS Settings

To correctly set the CMOS in the IBM ThinkPad 760 BIOS, execute the AutoXD
utility. AutoXD is available from Andy Klausman/USA, (281) 282-3997. CMOS

Appendix

Model

Date

Version

760XD

3/12/98

1.47

760ED

3/12/98

1.54

JSC 36381

MARCH 30, 2000

Baseline

A-2

settings are automatically configured when AutoLoader is used to load an SSC
laptop.

A.2

Calluna PC Hard Card

Data can be written to and read from a PC Card (i.e., CallunaCard), via the ThinkPad
PCMCIA port. Presently, only Calluna model #CT521RM is certified for flight. On SSC

Clients, follow appropriate procedures for removal and insertion of PC Cards to
prevent operating system failure.

Type III PC Card HDD

Product Specification

MODEL NUMBER

CT1040RM

CT521RM
(pictured above)

STORAGE CAPACITY

1040MB

520MB

PHYSICAL CONFIGURATION

Number of Disks

Number of Data Heads

Data Heads (logical)

Cylinders (logical)

2016

1008

Sectors per Track (logical)

Track Density

9000TPI

Recording Method

1,7 PRML

Bit Density

169,520 BPI (max)

RELIABILITY

Seek Time:

Track to Track

2.0 msec

Average

12 msec

Maximum

23 msec

Average Latency

8.0 msec

Data Transfer Rate:

To/From Media

3.70 - 5.92 MB/sec

To/From Interface

20 MB/sec (max)

Start Time

1 sec

Stop Time

1 sec

Buffer Size

128KB

POWER REQUIREMENTS

Voltage

5V +/- 5%

Spin Up

Current 690 mA peak

690 mA peak

Active Current

425 mA

Idle Current

145 mA

135 mA

Standby Current

15 mA

Sleep Current

15 mA

JSC 36381

MARCH 30, 2000

Baseline

A-3

PHYSICAL CHARACTERISTICS

Height

0.41" (10.5mm)

Length

3.37" (85.6mm)

Width

2.13" (54.0mm)

Weight

2.82 oz (80g)

ENVIRONMENTAL RANGE

Operating Temperature

0ºC to 55ºC

0ºC to 50ºC

Non-Operating Temperature

-40ºC to 70ºC

Operating Shock

100G

Non-Operating Shock

300G

PERFORMANCE

MTBF

> 150,000 hrs

Start / Stop Cycles

300,000 min

Data Reliability

<= 1 non-recoverable error in 10e13 bits read

A.3

3Com Network Card

Network Interface

Ethernet IEEE 802.3 10BASE-T + Coax

3C589D PC Card

Dongle

Images

n/a

Physical Dimensions

Length

3.370 in. (85.6 mm)

Width

Type II, 0.197 in. (5.0 mm)

Height

2.126 in. (54 mm)

Weight

0.86 oz (24.4 g)

Environmental Operating Range

Operating temperature

0 to 55

C (32 to 131

Relative humidity

5 to 90% noncondensing

Card Information Structure (CIS) Memory Size

Drivers 4 K, diagnostics 8 K

Network Interface

UTP Cable Requirements:

Category 3 LAN and high-speed data cable (10MBPS) that meets the requirements of EIA/TIA-568 and EIA/TIA
TSB-36 (for example, Anixter



CM-00424BAG-3 or equivalent)

Category 4 extended distance LAN cable (16 Mbps) that meets the requirements of EIA/TIA-568 and EIA/TIA
TSB-36 (for example, Anixter



CM-00424BAG-4 or equivalent)

Category 5 voice and data transmission LAN cable (100 Mbps) that meets the requirements of EIA/TIA-568 and
EIA/TIA TSB-36 (for example, AT&T



type 1061 or equivalent)

Coax Cable Requirements:

Thin Ethernet (coax) connections (50-ohm) require RG58 A/U, 3C530-xxx or equivalent cabling.

JSC 36381

MARCH 30, 2000

Baseline

A-4

Power Requirements
Operating voltage

+5 V

5% @ 50 mA

Mean time Between Failures (hours calculated)

3C589D-TP PC Card

C (104

F) benign environment

346,440

C (122

F) benign environment

228,608

C (104

F) mobile environment

62,602

C (122

F) mobile environment

53,818

FCC Certification

Part 15, Class B

A.4

Proxim RangeLAN2 Model 7400 RF Network Adapter

Image

Note:

7400 card + Dipole antenna = 7401 RF

Card Assembly

Bus Interface

PCMCIA 2.0, Type II slot

Range

Up to 500’ Indoors
Up to 1000’ Outdoors

Data Rate

1.6 Mbps

Media Access Protocol

RangeLAN2 CSMA/CA

Ethernet Compatibility

Ethernet packet types and Ethernet Addressing

Frequency Band

2.4-2.483 GHz (in the U.S.)
(spread spectrum frequency hopping)

Independent Channels

Output Power

100 mW

Size

PCMCIA Type II card

ETSI Testing

For purposes of ETS 300 328 type testing, the RangeLAN2
7400 PC Card Wireless LAN Adapter was tested in host
computers over a temperature range of +5

C to +35

JSC 36381

MARCH 30, 2000

Baseline

A-5

A.5

Proxim RangeLAN2 Model 7520 Access Point

Image

n/a

Network Interfaces

Ethernet 10BASE2 (Thin) BNC
Ethernet 10BASET (Twisted-Pair)

Data Rate

1.6 Mbps – RangeLAN2
10 Mbps – Ethernet

Media Access Protocol

RangeLAN2 CSMA/CA

Ethernet Compatibility

Ethernet packet types and Ethernet Addressing

Frequency Band

2.4-2.483 GHz (in the U.S.)
(spread spectrum frequency hopping)

Independent Channels

Output Power

100 mW

Size

PCMCIA Type II card

ETSI Testing

For purposes of ETS 300 328 type testing, the RangeLAN2
Access Point was tested in host computers over a temperature
range of –20

C to +55

Operating Temperature

-20

C to +60

UL Listed Power Supply

The RangeLAN 2 Access Point requires an external power
supply. If you have elcted not to purchase the external power
supply from Proxim or need a replacement, you must use only
a UL listed, Class 2 power supply, rated min. 1A at 12VDC.

A.6

Quatech DSP-200/300 Dual Channel RS422/485 PC Card

The DSP-200/300 provides two independent RS-422/RS-485 asynchronous serial
communications interfaces for systems equipped with PCMCIA Type II and/or Type III
expansion sockets. The RS-422/485 serial ports may be configured to operate in either
the full duplex or half duplex mode.

Bus Interface

PCMCIA PC Card Standard 2.1 compliant

Physical Dimensions

Type II PCMCIA card (5mm)

Maximum Baud Rate

120K

Power Requirement

+5V 35.85 mA (typical)

45.87 mA (Maximum)

Connector

Adapter to 2 standard female D-9

A.7

Greystone Peripheral Type Adapter TA-50

The Type Adapter converts any PCMCIA compliant Type I or II card slot to handle
Type III (or thicker) cards as needed. As such, it permits simultaneous use of a Type III
device, such as the Calluna PC Hard Card, and a network adapter. With the Type
Adapter, a PC Card can be inserted for file backups without interrupting File Server
activity on the OPS LAN. Additionally, the TA-50 substantially reduces heat damage
caused by prolonged confinement in the ThinkPad’s unventilated PC Card slot. At the
present time, no PCMCIA slot extender, including the TA-50, is certified for flight.

JSC 36381

MARCH 30, 2000

Baseline

A-6

A.8

SanDisk PC Card II ATA (85MB)

Power Requirements

DC Input Voltage, Commercial

3.3V

5%, 5V

10%

Typical Power Dissipation

Sleep 200

A (3.3V) 500

A (5V)

Read 32-45 mA (3.3V) 46-75 mA (5V)
Write 32-60 mA (3.3V) 46-90 mA (5V)

Temperature

Operating

0 - 60

Non-Operating

-25 – 85

A.9

Adaptec 1460 SCSI Interface

Image

n/a

Data Transfer Rates

Up to 2 MByte/sec PC Card bus rate
Up to 10 MByte/sec synchronous burst rate on SCSI bus

Capacity

Up to 7 daisy-chained SCSI devices

Cable Options

50-pin High-Density (SCSI-2)
50-pin Low-Density (SCSI-1)
DB-25-pin cable offer in kit

Power Consumption

.3 W typical
.2 W standby mode

Size

PC Card Type II

SCSI Data Format

8-bit with automatic parity generation

Termination Power

Internal active termination provided

A.10

Epson Stylus 800 Color Printer

The Color Printer Subsystem (CPS) will consist of the following components:

•

Epson Stylus Color 800 printer, with power interface modified for 120 VDC

•

Zero gravity paper handling input and output trays

•

Parallel data cable

•

Epson Type B Multiprotocol Ethernet Card (Epson

P/N C823572

)

•

Ethernet 10Base2 cable

•

US segment 120 VDC

•

External power supply to convert 28 to 120 VDC in the Russian segments

•

Printer Ink usage constraints include:

♦

Once ink cartridges are installed, the printer must be stored with ink cartridges to prevent clogging.

♦

Printers must be used every two months ot the ink will dry Ink life is 2 years from production date.

JSC 36381

MARCH 30, 2000

Baseline

A-7

Bus Interface

PCMCIA PC Card Standard 2.1 compliant

Printing Speed

B&W – 7 ppm
Color – 8 ppm

Resolution

720 dpi

Network Interface

10Base2, 10BaseT

Weight

14.3 lbs.

Collapsed Size

7.4 in. x 18.7 in. x 10.7 in.

Operating Temperature

10 to 35

Power Requirement

115 VAC 400 Hz
120 VDC
28 VDC (w/external power supply)

Power Consumption

21.5 W – maximum
18.3. W – printing
9.7 W – idle < 10 min.
7.0 W – idle > 10 min.
1.9 W – off

A.11

Mass Access Computer Equipment (MACE)

TBD

A.12

Certified Recordable Compact Discs

TBD

JSC 36381

MARCH 30, 2000

Baseline

B-1

References

B.1

SSC Engineering Staff

Name

Telephone

E-Mail

Dobek, George S.

(281) 244-0210

george.s.dobek1@jsc.nasa.gov

Dorman, Robert A.

(281) 244-0234

robert.a.dorman1@jsc.nasa.gov

Lenio, James A.

(281) 483-5795

james.a.lenio1@jsc.nasa.gov

Michel, John M.

(281) 244-1124

john.m.michel1@jsc.nasa.gov

Qureshi, Saera T.

(281) 483-8125

saera.t.qureshi1@jsc.nasa.gov

Sandison, Douglas P.

(281) 483-7715

douglas.p.sandison1@jsc.nasa.gov

Swaby, Mark L.

(281) 244-1191

mark.l.swaby1@jsc.nasa.gov

B.2

Technical Manuals

Mastering Windows NT Server 4

Sybex, Inc.
1151 Marina Village Parkway
Alameda, CA 94501
510/523-8233
fax: 510/523-6840

http://www.sybex.com
info@sybex.com

RangeLAN2 Technical Reference Guide

Proxim
295 North Bernardo Avenue
Mountain View, CA 94043
415/526-3640

ThinkPad 760XD/XL, 760E/ED/EL User’s
Guide

International Business Machines Corporation
New Orchard Road
Armonk, NY 10504
800/IBM-4YOU

Appendix

JSC 36381

MARCH 30, 2000

Baseline

B-2

B.3

Related NASA Documents

Interface Definition Document for the Orbiter Communications Adapter (OCA)

Kevin Hames/EV21, Project Manager, (281) 483-8592

JSC 28337

Orbital Communications Adapter (OCA) Operations Concept

Fisher Reynolds/DO45, III, Book Manager, (281) 244-1172

JSC 28403

SSC Software Management Plan

Robert A. Dorman/DL42, Book Manager, (281) 244-0234

JSC 48531

B.4

Related Web Sites

Station Portable Onboard Computer Control Board Home Page:

http://fltproc.jsc.nasa.gov/S-POCCB/S-POCCB-HomePage.html-ssi

Manifest and Usage Information:

http://fltproc.jsc.nasa.gov/S-POCCB/Documents/Manifest-and-Usage-Information.html

Portable Etherlink III LAN PC Card Configuration

http://fltproc.jsc.nasa.gov/s-poccb/Documents/3COMCONFIGURATION.doc

Proxim’s Wireless LAN White Papers:

http://www.proxim.com/learn/whiteppr/whatwlan.shtml#how

IBM ThinkPad 760E, 760ED, 760EL, 760XD, or 760XL User's Guide

http://www.pc.ibm.com/us/support/thinkpad/uguide/760x/mmxmst02.html

JSC 36381

MARCH 30, 2000

Baseline

C-1

Glossary

Autoloader

TBD

Backup

TBD

Disk Imaging

TBD

Disk Mapping

TBD

DNS

Domain Name System. This vitally important system provides distributed,
redundant directories that map numeric IP addresses to easy-to-type, easy-to-
remember domain names. (For example, 209.185.180.170 is the numeric IP
address for the whole wide Web.)

Domain

In Windows NT, a logical administrative unit used to simplify network
management. The domain is independent of the network topology. NT
Domains are not the same as an Internet domain.

In the Internet Domain Name System (DNS), a naming convention that
indexes Internet host names in a hierarchical database that can be managed in
a distributed fashion. The term domain was introduced as a standard in 1983.
Domains, as used with regard to DNS, has no relationship to Windows NT
Server domains.

In Proxim RangeLAN2 RF networking, a software code assigned to logically
related RF workstations that defines the size and scope of the complete
wireless network.

ECS/OCA

Early Communication System / Orbital Communication Adapter; the initial
communication system for file transfer between the ground and ISS.

Ethernet

A local area network standard defining a physical medium and its method of
placing data, or packet signaling, on a cable. Based on CSMA/CD and 10
Mbps.

FAT 16 / 32

File Access Table 16-bit / 32-bit; the Microsoft file storage format on Windows
9X (32-bit version) and Windows NT (16-bit version) computers.

Frequency Hopping

A spread spectrum technique by which the band is divided into a number of
channels and the transmissions hop from channel to channel in a pre-specified
sequence.

Fserver

The NetBIOS name assigned to the SSC Ops LAN File Server.

MIME

Multipurpose Internet Mail Extensions. This is a protocol in which an e-mail
header indicates the nature of the content, and which application(s) will be
needed to view, play, or otherwise interact with it.. MIME allows the easy e-
mail transmission of all kinds of data.

NetBIOS

The original network application program interface (API) supported by
Microsoft. NetBIOS was originally developed by IBM.

Appendix

JSC 36381

MARCH 30, 2000

Baseline

C-2

ODF

An Operations Data File (ODF) procedure is a set of instructions used by
ground controllers, the on-board crew and for the on-orbit procedures
executor software to fulfill specific tasks. These are the tasks needed to operate
and maintain station systems, payloads, and attached vehicles under both
nominal and off-nominal conditions.

Packet

The unit of information transmitted over the network, consisting of a
preamble, a destination address, a source address, the data being transmitted,
and a code that allows testing for corrent transmission.

PODF

The PODF is a component of the Operations Data File (ODF) which is the
collection of the operations procedures and reference information required to
perform ISS on-orbit system and payload operations.

Profiles

See Roaming Profiles

Roaming Profiles

TBD

Router

A computer that interconnects two or more distinct networks that utilize
identical or different communication protocols.

Service

Executable programs that Windows NT Server 4.0 runs to provide
functionality to users.

An object, such as a hard disk partition, that can be viewed remotely in the
network neighborhood. Drive letters can be assigned to shares. Share
permissions may be applied to NTFS and FAT volumes.

SODF

The Station Operations Data File (SODF) is the collection of procedures and
reference information that support station onboard operations.

Topology

Basically, the shape of the network. The physical topology of a network is the

layout or actual appearance of the cabling scheme used. The logical topology
of a network describes how the data flows the physical topology. The OPS
LAN is a multipoint, bus topology, where all network devices are linked
together through a single communication medium. The medium may be RF,
coax cable, or both, with access points providing the bridge between media.

JSC 36381

MARCH 30, 2000

Baseline

D-1

Acronyms

ASP

Active Server Pages

BNC

BayoNet Connector

BIOS

Basic Input / Output System

CGI

Common Gateway Interface

CHeCS

Crew Health Care System

CMOS

Complementary Metal Oxide Semiconductor

CPS

Color Printer Subsystem

CPU

Central Processing Unit

CSMA/CA

Carrier Sense Multiple Access/Collision Avoidance

DOS

Disk Operating System

DVD

Digital Video Disc (or, Digital Versatile Disc)

ECS

Early Communication System

FAT

File Allocation Table

FGB

Functional Cargo Block

GMT

Greenwich Mean Time

HTML

HyperText Markup Language

HTTP

HyperText Transport Protocol

IDE

Integrated Device Electronics

IIS

Internet Information Server

IMAP

Internet Message Access Protocol

IMS

Inventory Management System

IOL

ISS OPS LAN

Internet Protocol

IRQ

Interrupt Requests

ISA

Industrial Standard Architecture

ISS

International Space Station

JIN

JSC Information Network

KFX

Ku-Band Frequency Transmission

LAN

Local Area Network

LED

Light Emitting Diode

MAC

Media Access Control

MACE

Mass Access Computer Equipment

MDM

Multiplexor/Demultiplexor

MEC

Medical Equipment Computer

MPV

Manual Procedure Viewer

NASA

National Aeronautics and Space Administration

NAV

Norton AntiVirus

NetBEUI

NetBIOS Extended User Interface

NetBIOS

Network Basic Input/Output System

NTFS

New Technology File System

OPR

Office of Primary Responsibility

OCA

Orbital Communication Adapter

OPS LAN

Operations Local Area Network

OSTPV

Onboard Short-term Timeline Procedure Viewer

Appendix

JSC 36381

MARCH 30, 2000

Baseline

D-2

PCI

Peripheral Component Interconnect

PCMCIA

Personal Computer Memory Card International Association

PCS

Portable Computer System

Radio Frequency

ROM

Read-Only Memory

RTC

Real-Time Clock

SCSI

Small Computer Systems Interface

Service Module

SMTP

Simple Mail Transport Protocol

S-POCCB

Station - Portable Onboard Computer Control Board

SQL

Standard Query Language

SSC

Station Support Computer

SSL

Secure Socket Layer

SSP

Space Station Program

TBD

To Be Determined

TDR(S)S

Tracking and Data Relay (Satellite) System

TCP/IP

Transport Control Protocol / Internet Protocol

URL

Uniform Resource Locator

Win95

Windows 95

WinNT

Windows New Technology

WINS

Windows

JSC 36381

MARCH 30, 2000

Baseline

F-1

Checklists

F.1

PAYLOAD CONFIGURATION CHECKLIST FOR OPS

LAN CLIENT

Submit an S-POCCB CR to request SSC OPS LAN network resources, such as IP

addresses (

http://fltproc.jsc.nasa.gov/s-poccb/Cr-dr/

). Contact the S-POCCB

office for CR system access privileges. Reference Chapters 1-4 of this document
for network connectivity rules and guidelines (e.g: network parameters, IRQ’s
Drive mappings etc.).

Obtain the following from the SSC Office:

_____ ThinkPad 760XD BIOS floppy disk
_____ AutoLoader floppy disk
_____ RF Networking floppy disk

Install the current S-POCCB mandated BIOS v 1.47 (disk version 2.02) on the

ThinkPad 760XD. Execute the following steps to install BIOS:

NOTE

DURING THE EXECUTION OF THE BIOS UPDATE PROGRAM, DO NOT EJECT

FLOPPY DISK, PRESS ANY UNNECESSARY BUTTONS, OR DISCONNECT YOUR

POWER SUPPLY.

_____ Boot laptop from the floppy disk “ ThinkPad 760XGA BIOS Update disk

version 2.02” dated 3/12/98, BIOS ver 1.47.

_____ Select “Update System program”
_____ Follow instructions on screen, at conclusion of update, reboot holding F1

key down.

_____

BIOS version 1.47 and exit.

_____ Pwr Off ThinkPad and eject floppy disk.

Configure the ThinkPad with the S-POCCB mandated CMOS settings using

AutoLoader floppy disk supplied by SSC office. Execute the following steps to
configure CMOS settings:

Appendix

JSC 36381

MARCH 30, 2000

Baseline

F-2

NOTE

DO NOT EJECT FLOPPY DISK, PRESS ANY UNNECESSARY BUTTONS, OR

DISCONNECT POWER SUPPLY DURING COURSE OF PROGRAM.

_____ Boot laptop from the AutoLoader floppy disk and allow program to

execute.

_____ Select Option 2 (“Configure CMOS settings for SSC Client, PCS, MPSD, or

CPSD”)

_____ Allow program to execute.
_____ AutoLoader Reconfiguration Summary
_____

for message “Current CMOS Configuration valid for: SSC Client, PCS,

MPSD or CPSD.”. If not present, contact SSC Office for assistance.

_____ Eject floppy disk and reboot.

Install unique customer software, as required.

The following steps are to be complete after the OPS LAN customer’s unique hard

drive software loading.

Load Proxim RF network card drivers using the following steps:

_____ Use Range LAN2, Win95/NT, P/N 9450.0132 Rev. B floppy disk supplied

by SSC office.

_____ Insert Range LAN2 card (with proper Security ID already set) in socket, let

Win95 detect new hardware.

_____ Let Update Device Driver Wizard search local drives for most current

driver for PROXIM-LAN PC CARD, hit ‘Next’ button to start search for
drivers, hit ‘Finish’ after found

_____

Insert disk labeled ‘Proxim RangeLAN2 required’, dialog appears, just hit
‘OK’

_____

Copying Files …’ dialog, select A:

⇒

Windows builds driver info database

⇒

Keep existing version of SECUR32.DLL (MS Win32 Security Services).

⇒

At the “could not find RL2API.INF on Win95 CD-ROM” message,
select A:\.

⇒

Manually shut down/restart Windows with network card inserted and

floppy disk removed.

JSC 36381

MARCH 30, 2000

Baseline

F-3

NOTE

CONTACT SSC OFFICE FOR YOUR NETWORK PARAMETERS

_____

Specify IP address ( Network Neighborhood | properties) for computer
by selecting TCP/IP

Proxim RangeLAN2 7400 PC Card Adapter |

properties.

⇒

IP Address: _____________,

⇒

Subnet Mask: _______________

_____ Select OK and reboot.

Install RangeLAN2 Site Survey and Configuration tools using the following steps:

_____ Use RangeLAN2,Win95/NT, P/N 9450.0132 Rev. B floppy disk.
_____ Run | a:\setup.exe

_____

Agree to Files to be stored in C:\Program Files\rl2

_____ Reboot when Setup complete.(DO NOT eject RF card)
_____ Launch the RangeLAN2 Site Survey and configuration tool from the start

menu under RangeLAN2 Utilities.

NOTE

CONSULT TABLE 2-4 IN THE OPS LAN ICD TO SET THE CORRECT RF

PARAMETERS (E.G. RF DOMAIN, CHANNEL ETC.)

_____ Click on the configuration button to set correct RF parameters for a

‘Station’ (see table 2-4 in the OPSLAN ICD).

Assign IRQ 10 to RangeLAN2 PC card (follow steps below). If necessary, set

remaining IRQs for the PCMCIA devices that will be plugged into your Flight

load (ex. Flash card(s), network card, etc.) If desired, you may reference the IRQ
Plan approved by the S-POCCB, available from the S-POCCB Web page
(

http://fltproc.jsc.nasa.gov/s-poccb/Documents/SSC_Pentium.doc

_____ Insert card in and select My Computer | Device Manager | Network

adapters | Proxim RangeLan2 | Properties | resources tab.

_____ If required, assign IRQ 10 with I/O range 0270-027F, uncheck the use

Automatic settings check box and Select resource type (IR, I/O range) and
click the change settings button.

_____ Specify correct IRQ and correct I/O range.

_____

No conflicts with other devices and select O.K.

_____ Eject card.

In Network Properties, set the Primary Network Logon to ‘Client for MS

Networks’.

_____

Select Network Neighborhood | properties

JSC 36381

MARCH 30, 2000

Baseline

F-4

_____

Select Clients for Microsoft networks for the primary network logon.

_____

Under the ‘File and Print Sharing’ button, select the appropriate/required

settings.

_____

Sel OK and reboot.

10.

NOTE

CONTACT SSC OFFICE FOR YOUR NETWORK PARAMETERS

In Network Properties, configure your Win95 load network component ‘Client
for MS Networks’ to ‘Logon to WinNT domain’, Domain = _________. Also set
‘Quick logon’ as the logon option.

_____

Select Network Neighborhood | properties.

_____

Select Clients for MS Networks | properties.

_____

Enable ‘Log on to Windows NT domain’ checkbox.

_____

Enter the Domain in the Win NT domain field.

_____

Enable Quick logon radio button under Network Logon option.

_____

Sel OK and reboot.

11.

NOTE

CONTACT SSC OFFICE FOR YOUR NETWORK PARAMETERS.

In Network Properties, set the following parameters:

_____

Select the identification tab and set:
Computername = ____________
Workgroup = _______________

_____

Under the ‘Access Control’ tab, select the ‘User Level access control’ radio

button and enter the Domain name (see Step 8) in the ‘Obtain list of users
and groups from:’ field.

NOTE

YOU WILL BE PROMPTED FOR AUTHENTICATOR TYPE IF NOT CONNECTED

TO THE SSC FILE SERVER. SELECT “WINDOWS NT DOMAIN” AS THE

AUTHENTICATOR; ALSO, REMEMBER TO KEEP THE EXISTING VERSION OF

SECURE32.DLL FILE.

12.

Verify with the OPS LAN ICD the necessary settings for the TCP/IP properties

for Proxim RangeLAN2 7400 PC Card Adapter:

JSC 36381

MARCH 30, 2000

Baseline

F-5

NOTE

CONTACT SSC OFFICE FOR YOUR NETWORK PARAMETERS.

_____

In Network neighborhood | properties select TCP/IP

Proxim

RangeLAN2 7400 PC Card Adapter | properties.

_____

IP address ________________, Subnet mask _______________________

_____

DNS disabled by clicking at the DNS configuration tab.

_____

’Client for Microsoft networks’ and ‘File and print sharing’ check boxes

are enabled by clicking the binding tab.

_____

Select the WINS Configuration tab and verify WINS is enabled.

_____

Specify WINS Server IP address by typing _______________ in the WINS

server search field.

_____

Click the Add button and OK.

_____

Reboot if prompted.

13.

(!!) Under Control Panel | Passwords, User Profiles tab, select the radio button

for ‘all users of this PC use the same preferences and desktop settings’. Under
the Remote Administration tab, the suggested setting is to check the ‘Enable
remote administration of this server’ checkbox.

_____

by logging in as different users of OPSLAN (Shep, Yuri) various times,

that the SSC bitmap does not appear and all users have the same desktop
settings.

14.

Return OPS LAN ICD, Compliance memo and any SSC borrowed hardware to

the SSC office.