Lecture No 01 Novell Products Open Enterprise Server 2 Preview By Haim Malool About Haim Malool Haim Malool is a Networking engineer and IT Consultant for more Than 15 years experience. He is a Ceritified Novell Master engineer and MCSE + Certified Linux professional for Years. Main job Head of Novell-Linux Department at the Ministry of Social Affair Israeli government So What is OES? Novell Open Enterprise Server (OES) is best thought of as a platform for delivery of -level shared network services (file, print, directory, clustering, backup, storage management, PKI, web applications, etc.) and common management tools. OES can run atop either a Linux or a NetWare kernel. Clustered configurations can include nodes with either kernel types, and most services can migrate freely between the platforms. Thus, customers can deploy the platform selection that best suits their needs, as opposed to being locked into a single platform. OES-Linux When installed using a Linux kernel, the product is known as OES-Linux. This uses SUSE Linux Enterprise Server (SLES) as its platform. Atop the SLES install, daemons are added to provide NCP, edirectory, NSS, iprint and other services delivered by OES Main features Preview Novell edirectory is the central, key component of Novell Open Enterprise Server (OES). It provides the following: Centralized identity management The underlying infrastructure for managing your network servers and the services they provide Secure access to network services both within the firewall and from the Web
Management Tools imanager Setting Up Role-Based Services When imanager is installed in connection with OES 2, the administrative tasks available through the Roles and Tasks icon are available to all users until you run the configuration wizard. In this exercise, you create a Role-Based Services (RBS) collection that contains all of the management roles in the tree. When the installation process finishes as outlined below, the edirectory Admin user is the only user configured to perform the administrative tasks available through the Roles and Tasks icon. If you wanted to create other administrative users and assign them a subset of administrative roles, you would need to create additional collections with subsets of roles and assign the other administrative users to them
Novell Remote Manager Norm This Tool is web based Management tool for many aspect of Sles and oes services It is fully integrated with Novell edirectory and vey useful for many sysadmin activities. Yast Yet another setup tool
Universal Password Policies for Users On networks where administrators plan to provide native Windows (CIFS) and native Macintosh (AFP) access to file services on an OES 2 server, Universal Password policies must be assigned to edirectory users needing such access. When you install Novell AFP and Novell CIFS, the OES installation creates Universal Password (UP) policies for each of these services, named AFP Default Policy and CIFS Default Policy, respectively. edirectory allows one UP policy assignment per container. This means that if all of your users reside in the same container, their passwords can be governed by either the AFP or the CIFS policy, but not both. Home Directories on OES 2 On OES 2, home and other data directories can reside in three possible volume types, each of which is presented in this guide. The locations are: Linux POSIX volumes: Your OES 2 lab server already contains a / (root) partition with an empty /home directory (the default location for home directories on Linux servers). NCP volumes that point to Linux POSIX volumes: Your OES 2 server has NCP Server installed so you can create NCP volumes that point to the Linux POSIX * file systems. Novell Storage Services (NSS) volumes: Your OES 2 server is prepared with EVMS to support NSS volumes. (NSS is the native file system on NetWare.) There are important differences between the home directories in each of these locations and in the configuration steps required to create them and set the needed file/directory trustee assignments, etc edirectory Linux Access (LUM) Novell Linux User Management (LUM) is a key component of Novell Open Enterprise Server (OES) and lets you require users who are accessing PAM-enabled services, such as FTP or SSH, on the OES 2 server to authenticate through edirectory.
Novell CIFS on OES 2 Novell CIFS is a Linux implementation of the same technology that allows edirectory users to access Novell file services through Windows networking. Novell CIFS lets Windows users access a Novell Open Enterprise Server 2 server exactly as they would access a Windows file server. 8.0 ifolder 3.8 As a key file service component of Novell Open Enterprise Server (OES), Novell ifolder 3.8 provides a repository on one or more OES 2 servers that stores master copies of locally accessible files.
.0 iprint As the print services component of Novell Open Enterprise Server (OES), Novell iprint provides a powerful and easy-to-implement printing solution that lets your network users print from any Linux, Macintosh, or Windows workstation to any network printer. 10.0 NetStorage As a versatile file services component of Novell Open Enterprise Server (OES), NetStorage provides Web-based access to and management of any files on OES 2 servers, except the ifolder 3 files, which are accessed through the ifolder Web Access Server instead
What's New [Oes2sp1+oes2sp2] Interoperablity With Other Ldap Services - Domain Services for Windows DSFW Domain Services for Windows (DSfW) is a suite of technologies in Open Enterprise Server (OES) 2 SP1 and later that allows Microsoft * Windows users to access OES services through native Windows and Active Directory * protocols. By allowing OES Linux servers to behave as if they were Active Directory servers, this technology enables companies with Active Directory and Novell edirectory deployments to achieve better coexistence between the two platforms. Users can work in a pure Windows desktop environment and still take advantage of some OES back-end services and technology, without the need for a Novell Client on the desktop. Administrators can use either Novell imanager or Microsoft Management Console (MMC) to administer users and groups. Network administrators manage file systems using the native tools of each server, and they can also centrally administer Samba shares on OES Linux/ DSfW servers by using imanager. Administrators can use MMC to create inter-domain trusts between DSFW domains and Active Directory domains. Users can access Novell Storage Services (NSS) volumes on Linux servers by using Samba shares or NTFS files on Windows servers that use CIFS shares. edirectory users can also access shares in trusted Active Directory forests. Domain Services for Windows is not a meta-directory or a synchronization connector between edirectory and Active Directory.. Domain Services for Windows can only run on SUSE Linux Enterprise deployments of Open Enterprise Server 2 SP1 and later Support for common authentication protocols and open standards: DSfW supports common authentication protocols used in the Windows environment, including Kerberos*, NTLM, and SSL/TLS. Single Password Dynamic Storage Technology Volumes Shadowing Understanding Dynamic Storage Technology Each NCP volume exports the subdirectory structure located from its root on down. This is called the volume s directory tree structure, or primary file tree.
Dynamic Storage Technology (DST) for OES 2 Linux is a new feature of NCP Server that allows you to specify a shadow relationship between two volumes, which forms a shadow volume pair. The secondary directory tree structure, or shadow file tree, shadows the primary file tree. IMPORTANT:In the initial release of DST, only NSS volumes are supported for DST shadow volume pairs. DST presents a unified view to users of the subdirectory trees on each volume, as illustrated in Figure 1-1. The primary file tree and secondary file tree have the same directory structure so that each subdirectory appears in both locations as data is moved between the two volumes. The primary tree and the secondary tree are overlaid to create one virtual volume tree that is transparently presented to the users. NCP client and CIFS/Samba users are not aware of the actual physical location of the files. Users access files by connecting to the primary volume. All file operations (such as read, write, rename, delete, and so on) can be performed whether the file actually resides on the primary or secondary location. DST executes the transaction transparently for the user. In general, transactions are executed wherever the file resides. Any file that requires a normal user-level action (copy, delete, and so on) is moved back to the primary for the action to take place, which simplifies the auditing requirements. Some transactions, such as a directory rename, occur in both file trees. Virtualization XEN
Search Engine (QuickFinder) Open Enterprise Server 2 includes the Novell QuickFinder Server. QuickFinder lets you add search functionality to any Web site or internal intranet. It can index and find matches within a wide variety of data types. It also supports rights-based searches so that users see only what they have rights to see, depending on the type of index created and the file system indexed. QuickFinder Server is easy to set up and manage, and is included free with Netware and Novell Open Linux Enterprise Server. For more information on supported platforms, see Table 3-1, Network Operating System. It includes a browser-based administration utility with helpful examples and tips right in the interface. The help system offers additional information and provides links to relevant topics in this manual. Unlike other search engines available on the market today, there are no escalated fees or limits on the number of documents indexed, the number of users who use the service, or the number of user transactionswhen indexing a file system, the QuickFinder engine indexes only what it has rights to see. On NetWare, it has full access to all mounted volumes. On Linux, it has rights to only the files that the wwwrun user and the www group have rights to see.