novell open enterprise server - ldapwiki.com · linux n e t w a r e 4. 2 n et w ar e 5. 1 n e t w a...

Novell Open Enterprise Server

Klaus Huebner Novell DeutschlandSenior Category Specialist

Novell

Open Enterprise Server: the Future of NetWare® and NLS

Open Enterprise Server: The Best of Both Worlds

NetWare StrengthsMature Enterprise Services

Large Customer Base

Strong Enterprise Community

Linux StrengthsApplication Support

Partner Support

Strong Open Source Community

The Combined Solution

NovellOpen Enterprise Server

The Best of NetWare

The Best of Linux

© February 28, 2005 Novell Inc.4

Coexistence: With Existing Infrastructure

NetWare

OES

Linux

NetWare

4.2 NetWare 5.1

NetW

are 6.0

NetWare 6.5Win 2000/3

Win

NT

Seamless file services integration (Windows, NetWare, Unix, Linux)

Directory synchronization (NT, AD, eDirectory, etc)*

Directory Services AdditiveNW 4.x: NDS 6.21NW 5.x: NDS 7.62c, 8.58NW 6.x: eDir 8.7.0, 8.7.1

Linux and Windows desktop support

* Requires additional purchase


Linux Adoption Projections

57% of all companies

have current plans to

introduce Linux to their

server OS environments.-The Yankee Group, 2004

What is new ?Klaus Huebner / NovellSenior Category Specialist


Open Enterprise ServerNetworking Application Services for the Enterprise

CIM-based management and providers. Server health monitoring integrated into iManager.

Net Storage, Virtual OfficeWeb Experience

Browser-based single point of administration for all OES Services.

Novell Client™ experienceDesktop Integration

Server-based install with Express and Custom options. Red Carpet Daemon pre-configured to use a Novell hosted Red Carpet Enterprise™ server with patches and updates

RPM & Red Carpet™

Install and Patch/ Update Services

Unified web access experience with gadgets to all OES Services. Use Tomcat and a Java Virtual Machine. Include exteNd and MySQL for ISVs.

iManagerAdministration Services

Support IPP standards-based printing for Windows, Mac and Linux clients. Using web-based maps, users can quickly find and install printers.

eDirectory™Identity Services

Personal file backup and anytime/anywhere access. Granular file trustee rights management and virtual storage mgt.

iPrintPrint Services

Clustering / high availability for NetWare and LinuxNovell ClusteringHigh Availability

Login script support, file access, background authentication, iPrint, iFolder available both on Windows and Linux desktops

CIM & iManager

Health Monitoring Services

eDirectory. Web address book w/search and self-administration.

Novell iFolder®, NSSFile Services

What's new for NetWare


What is new in NetWare for OES NetWare?

• Open Source• bash• mono• rpm• OpenWBEM CIMOM• syslog• python• Red Carpet (rcd, rug)

• Hardware• PCI-X• USB enhancements – Multi LUN• MSI (Messaged-Signaled Interrupts)• ACPI 2.0• NXBit Support

• Internal debugger✟ Soft break points✟ Improved SMP support✟ Protected memory improvements

• Other• Search NetWare registry• Fast reboot (failover)• Reboot watchdog – configurable


NetWare 6.5 SP3 and OES-NetWare

NetWare 6.5 Service Pack 3:

• All Bug fixes and patches for NetWare incl. SP1 and SP2

• iManager 2.0.2 updates

• Virtual Office updates

• WebSearch Updates

NetWare OES:

• All Bug fixes and patches for NetWare incl. SP1 and SP2

• iManager 2.5

• Virtual Office 1.1 (?)

• QuickFinder

What's new for Linux


OES Linux – Storage

OES on Linux can use native Linux file systems• EXT2

• EXT3

• Reiser

• Others – POSIX

NSS is now part of OES• Novell Storage Services™ (NSS)

Affordable SAN's• iSCSI Initiator available as part of SLES9

NCP™ server is also now part of OES• Will work with existing Novell Client 32™


OES Linux – Clustering & Migration

NetWare backup components on Linux• SMS

• SMDR

• TSAFS

High Availability for Linux• Novell Cluster Services

– NetWare only

– Linux only

– Hybrid NetWare/Linux

Migration• Migration Wizard & Server Consolidation Utility will be combined

– Migration team working on Linux desktop port


OES Linux – Installation & Configuration

Installation & Service Configuration• Entire installation integrated with YAST

– All services can be installed unconfigured

• Service configuration handled through YAST interface

– Configuration file creation / edits

– IP Addresses & Ports

– Usernames & Passwords

– etc.

• Service management handled through iManager

– iFolder Server Admin

– Virtual Office Admin

– Cluster Administration etc.


OES Linux – Remote Management

Novell Remote Manager for Linux✟ HTTPSTK process

✟ Runs in USERSPACE✟ Up even if Apache is down✟ Modeled after the NetWare Remote Manager

✟ Not a direct port of NORM

OES InstallationsKlaus Huebner / NovellSenior Category Specialist

17

Install: Express or Custom

Express Custom

• Single server eDirectory tree

? Tree Name? Admin name? Admin context? Admin password

• LDAP server• All preconfigured to use

the local LDAP server• Default ports• Default options

• New or existing eDirectory tree• Admin name• Admin pwd• Admin context• LDAP server• Any or All products• All services which are LDAP clients

can point to other LDAP servers• Confirm default ports• Confirm default options• Additive install• Uninstall


Install Options

Install with Linux

Install for Linux (after Linux is already installed)

Install with NetWare

Install for NetWare (after NetWare is already installed)


Install With Linux

SLES 9

CD1(Boot)

CD2 CD3 CD4 CD5 CD6

new install existing Linux server

or

new install existing Linux server

or

CD2 CD3 CD4 CD5 CD6OES+ SLES9

SP1

SLES9

SP1CD2

SLES9

SP1CD3

OES with SLES 9 SP1


Install With NetWare

NetWare 6.5 (SP 2 Overlay)

OES with NetWare (6.5 SP3)

Products CD

(Boot)

new install existing 5.x, 6.x server

or

new install existing 5.x, 6.x server

or

OS CD

(Boot)

Products CD

(Boot)

OS CD

(Boot)


Install For NetWare(NetWare already installed)

OES for NetWare

SP3 CDexisting 6.5

server


Migration Tools Capabilities

Supported Sources• NetWare 4.2, 5.1, 6.0, 6.5 (eDirectory, NDS®, NSS, Traditional NetWare FS)

• Windows NT 4 (NT Domains, NTFS)

• Windows 2000/2003 (AD, NTFS)

Supported Destinations• OES-NetWare

• OES-Linux

Capabilities• Users (including user space restrictions)

• Groups

• File system (trustees and ownerships)

• Containers (users and groups only)

• Printing (stretch goal)

OES Files-/ Print-ServicesKlaus Huebner / NovellSenior Category Specialist

24

Linux Architecture

Virtual File Services (VFS)

Logical Volume Manager (LVM)

Device Drivers LAN Drivers

EXT3 Reiser XFSNFS

(client)SAMBA(client)

NetworkProtocols

User

Kernel

Applications and Services

25

Yet Another File System?

EXT2EXT3ReiserXFSJFS

UFSVeritasGFSGPFSPolyServe

etc.

26

NSS on Linux Architecture

Virtual File Services (VFS)

Enterprise Volume Management System (EVMS)

Device Drivers

EXT3 Reiser XFS

NSS

User

Kernel

Media Manager Logic

Posix SemanticAgent

EdirHandler

_AdminManagement

Upcall

NCPSamba

27

OES Services - Storage

OES on Linux can use native Linux file systems• EXT2• EXT3• Reiser• Others – POSIX

NSS is now part of OES• Novell Storage Services™ (NSS)

NCP™ server is also now part of OES• Will work with already installed “ Novell Client™”

Migration• Migration Wizard• Server Consolidation Utility

28

Unique NSS Features - ACLs

NSS Linux/Unix

Supervisor (grant ACLs to others) Set UID (advanced)

Read Read

Write Write

Create -

Erase -

Modify (change file attributes) -

FileScan (view) -

Access Control (change ACLs) -

Note: in NSS, X (execute) is a file attribute, not a right.


Novell iFolder

Instant access to your files— online, offline, anytime

Mobile

Office

PDA

Alwaysbacked up

Web access from anywhere

Home Backup files on local machines

Synchronize files

Access files from anywhere

Personal files/shared files

30

OES Services - iPrint✟ Linux Client✟ All browsers✟ Pre-set driver defaults✟ Secure Printing

– Encryption– Authorization

✟ Migration– Moving Printer Agents– Moving Print Services Managers

31

Preserving the Novell Experience

Novell Linux

Desktop

Novell Client32

for Windows

OES

(NetWare)

OES

(Linux)

Global Authentication

Login Scripts

Map Drives

Personal Files Backup

Shared Printing

Secure, scalable experience resulting from 2 decades of innovation in the workgroup productivity arena

• eDirectory on Linux srvr

• NSS on Linux srvr• NCP™ on Linux srvr• iPrint Srvr on Linux• iFolder Srvr on Linux• Novell login script

support on Linux srvr

• Background auth on Linux desktop

• Novell login script support on Linux desktop

• iPrint Client on Linux desktop

• iFolder Client on Linux desktop

• Linux printer drivers on NetWare srvr

• Optional NCP support

• Capabilities of (2) and (3) combined

1

2

3

1

4

4

2 3

32

OES Linux Client Overview

✟ Not a direct deliverable with OES✟ Will work if NCP is installed or not✟ Will process login scripts✟ If NCP is not there, it will try to use CIFS

(CIFS.NLM on NetWare, samba on Linux)✟ If CIFS is not there, it will try to use NFS

(NFAP on NetWare, OSS on Linux)✟ Uses PAM: completely configurable

33

OES Linux Client Details

Closed Source

Closed SourceApps

PAM

NCP

NW 5.x

Linux Client

NW 6.x

NCP

CIFS

NFS

NCP

CIFS

NFS

OES NW

NCP

CIFS

NFS

OES Linux

NCP

nfs

samba

pam_script.so

pam_ncp.so

pam_nam.so

LDAP

eDirectory

NFS

CIFS

LDAPNCP

Login Script

map F: ...

mount -t ncp /novell/f/...mount -t nfs /novell/f/...mount -t smbfs /novell/f/...

NCP

34


35


36


OES Cluster ServicesKlaus Huebner / NovellSenior Category Specialist

38

Clustering

Novell Cluster Services™ on Linux• eDirectory Enabled• Full rich HA Clustering solution

Any fast mount Journaled File System• Not just Novell Storage Services• Clustered Parallel File Systems (OCFS2,

Polyserv, Lustre, Etc.)

EVMS integrated• Cluster Volume Broker integrated with EVMS

SUSE Clustering Base• Simple 2 Node only Heartbeat package for

service management.

39

Clusteringcont.

Mixed Clusters• NetWare Kernel OES and Linux Kernel OES in

same cluster• Will not support other versions mixed

Failover Mixed:• ONLY resources that have identical configurations

on both platforms• MySQL, GroupWise® (both still to be proven)

Failover Migrate:• Planning required to migrate a resource from

NetWare to Linux or back for those that are not 100% identical cross platform

• CIFS to SAMBA for example


ISCSI—SANs for the Masses

Full featured SAN

Server clustering

Cost of standard Ethernet LANs

No additional management training


Business Continuity

Geographically separate sites.

System available in seconds

Complete geo site failover

Protect against disasters

cluster site 1

clients

cluster site N

clients

eDirectory

Identity Manager

SAN

User- / Systems Management

Klaus Huebner / NovellSenior Category Specialist


Novell iManagerWeb-based management for the enterprise

Server monitoring and management

Directory management

User and group management

44

OES Services – Linux User Management (LUM)

✟ Manage Linux users via LDAP✟ iManager Create User:

– UID for each user– GID for each group– Primary group for each user

✟ Object with next UID, GID✟ Works with Name Service Switch (NSS)

– uid from LDAP not /etc/passwd– gid from LDAP not /etc/group


Identity Synchronization

*Novell offers many additional drivers

for integration between various other

applications and directories

Integrate and synchronize directory data with Windows NT Domains and with Active Directory

Novell’s is the only Meta Directory product in Gartner’s Magic Quadrant

Manage multiple directories from a single location

User have consistent passwords across systems

sync

NT Domains

Apps

Active

Directory

Apps

Apps

eDirectory

Apps

Other*

Jim Handy


Directory Management

47

PAM and LDAP and eDirectory and NSS = LUM

PAM Enabled Apps

Closed Source

Closed Source

Open Source

Closed Source

Closed Source

Closed Source

PAM

/etc/pam.d/*.conf

<app>.conf<app>.conf

<app>.conf<app>.conf

pam_*.sopam_*.so

pam_*.so

pam_*.sopam_*.so

pam_nam.so

/etc/nam.conf

namcd

LDAP

cache

LDAP(bind)

LDAP(proxy)socket

NSS

/etc/nsswith.conf

pam_*.sopam_*.so

libnss_nam.so

socket

eDir

getFDN() getGUID()

48

LDAP Enabled Apps

Universal Password

PAM Enabled Apps

Closed Source

Closed Source

Open Source

Closed Source

Closed Source

Closed Source

PAM

pam_nam.so

LDAP

LDAP(bind)

eDir

UP pwd

RSA pwd

SP pwd

NMAS

LDAP(bind)

LDAP(SASL)

SASL

samba

Monitoring Klaus Huebner / NovellSenior Category Specialist

50

Health Monitor – Bubble-up Page

??!!!?? AHHH

Klaus Huebner / NovellSenior Category Specialist


Virtual Office

Browser-based access to the most frequently used services

E-mail

Access files from anywhere

Locate anyone

Point-and-click printing

Team collaboration

Change password

Access applications

Team and personal sites

Favorites


Self Service Identity

Users manager their own identity information (phone numbers, name, location, etc)

Eliminate the need to have IT staff manage the details of each end user

Administrators determine the amount of user control

PAM_LDAP

eDirectory

PAM_LDAP / Benötigte Software

Nss_ldap (http://www.padl.com/nss_ldap.html)

Pam_ldap (http://www.padl.com/pam_ldap.html)

Pam-devel (http://www.tuxfinder.com) (Wird nur benötigt, wenn PAM

nicht selber kompiliert wurde)

PAM_LDAP

User Services – File Services / SAMBA

User Services – Print Services

Novell iPrint lets Windows users:

•Quickly locate any local or remote printer using their Web browser.

•Easily install and configure a located printer with the click of a mouse.

•Print to installed printers from any location (including the Web) using an IP

connection.

User Services – Print Services / iPrint

Print Driver Store: This is a repository that stores the drivers

on the NNLS server for your network printers. It is the first

component you configure and is represented by an object in

eDirectory that you create.

Printer Drivers: These are the printer drivers that are stored

in the Driver Store and are automatically installed on workstations

when users select a target printer. Printer drivers exist

as file structures within the driver store and are not represented

by objects in eDirectory.

Printer Objects: These are eDirectory objects you create that

store information about the printers available through iPrint. The

information stored in an object is used each time ist associated printer

is added to a workstation’s list of available printers.

Print Manager: This is a daemon that runs on the NNLS server.

It receives print jobs from users and forwards them to the target

printer when it is ready. It is represented by and controlled through an

eDirectory object that you configure.

iPrint Client: This is a set of browser plug-ins that is automatically installed on a workstation

the first time it interacts with iPrint. It is required to navigate through the iPrint Web pages,

select a target printer, and install the print driver.

63© December 15, 2003 Novell Inc.

LSB (cont.)

Goal: Conform to FHS 2.2 Filesystem Hierarchy Standard

Where do files go?

Executables

Shared Libs

Headers

Man Pages

Conf Files

Variable Data

/etc/init.d/

/opt/novell/bin

/opt/novell/lib

/opt/novell/include

/opt/novell/man

/etc/opt/novell

/var/opt/novell

/etc/init.d/novell-<prod>

/opt/novell/<prod>/bin

/opt/novell/<prod>/lib

/opt/novell/<prod>/include

/opt/novell/<prod>/man

/etc/opt/novell/<prod>/

/var/opt/novell/<prod>

novell open enterprise server - ldapwiki.com · linux n e t w a r e 4. 2 n et w ar e 5. 1 n e t w a...

Documents