Novell Open Enterprise Server
Klaus Huebner Novell DeutschlandSenior Category Specialist
Novell
Open Enterprise Server: the Future of NetWare® and NLS
Open Enterprise Server: The Best of Both Worlds
NetWare StrengthsMature Enterprise Services
Large Customer Base
Strong Enterprise Community
Linux StrengthsApplication Support
Partner Support
Strong Open Source Community
The Combined Solution
NovellOpen Enterprise Server
The Best of NetWare
The Best of Linux
© February 28, 2005 Novell Inc.4
Coexistence: With Existing Infrastructure
NetWare
OES
Linux
NetWare
4.2 NetWare 5.1
NetW
are 6.0
NetWare 6.5Win 2000/3
Win
NT
Seamless file services integration (Windows, NetWare, Unix, Linux)
Directory synchronization (NT, AD, eDirectory, etc)*
Directory Services AdditiveNW 4.x: NDS 6.21NW 5.x: NDS 7.62c, 8.58NW 6.x: eDir 8.7.0, 8.7.1
Linux and Windows desktop support
* Requires additional purchase
© February 28, 2005 Novell Inc.5
Linux Adoption Projections
57% of all companies
have current plans to
introduce Linux to their
server OS environments.-The Yankee Group, 2004
What is new ?Klaus Huebner / NovellSenior Category Specialist
© February 28, 2005 Novell Inc.7
Open Enterprise ServerNetworking Application Services for the Enterprise
CIM-based management and providers. Server health monitoring integrated into iManager.
Net Storage, Virtual OfficeWeb Experience
Browser-based single point of administration for all OES Services.
Novell Client™ experienceDesktop Integration
Server-based install with Express and Custom options. Red Carpet Daemon pre-configured to use a Novell hosted Red Carpet Enterprise™ server with patches and updates
RPM & Red Carpet™
Install and Patch/ Update Services
Unified web access experience with gadgets to all OES Services. Use Tomcat and a Java Virtual Machine. Include exteNd and MySQL for ISVs.
iManagerAdministration Services
Support IPP standards-based printing for Windows, Mac and Linux clients. Using web-based maps, users can quickly find and install printers.
eDirectory™Identity Services
Personal file backup and anytime/anywhere access. Granular file trustee rights management and virtual storage mgt.
iPrintPrint Services
Clustering / high availability for NetWare and LinuxNovell ClusteringHigh Availability
Login script support, file access, background authentication, iPrint, iFolder available both on Windows and Linux desktops
CIM & iManager
Health Monitoring Services
eDirectory. Web address book w/search and self-administration.
Novell iFolder®, NSSFile Services
What's new for NetWare
© February 28, 2005 Novell Inc.9
What is new in NetWare for OES NetWare?
• Open Source• bash• mono• rpm• OpenWBEM CIMOM• syslog• python• Red Carpet (rcd, rug)
• Hardware• PCI-X• USB enhancements – Multi LUN• MSI (Messaged-Signaled Interrupts)• ACPI 2.0• NXBit Support
• Internal debugger✟ Soft break points✟ Improved SMP support✟ Protected memory improvements
• Other• Search NetWare registry• Fast reboot (failover)• Reboot watchdog – configurable
© February 28, 2005 Novell Inc.10
NetWare 6.5 SP3 and OES-NetWare
NetWare 6.5 Service Pack 3:
• All Bug fixes and patches for NetWare incl. SP1 and SP2
• iManager 2.0.2 updates
• Virtual Office updates
• WebSearch Updates
NetWare OES:
• All Bug fixes and patches for NetWare incl. SP1 and SP2
• iManager 2.5
• Virtual Office 1.1 (?)
• QuickFinder
What's new for Linux
© February 28, 2005 Novell Inc.12
OES Linux – Storage
OES on Linux can use native Linux file systems• EXT2
• EXT3
• Reiser
• Others – POSIX
NSS is now part of OES• Novell Storage Services™ (NSS)
Affordable SAN's• iSCSI Initiator available as part of SLES9
NCP™ server is also now part of OES• Will work with existing Novell Client 32™
© February 28, 2005 Novell Inc.13
OES Linux – Clustering & Migration
NetWare backup components on Linux• SMS
• SMDR
• TSAFS
High Availability for Linux• Novell Cluster Services
– NetWare only
– Linux only
– Hybrid NetWare/Linux
Migration• Migration Wizard & Server Consolidation Utility will be combined
– Migration team working on Linux desktop port
© February 28, 2005 Novell Inc.14
OES Linux – Installation & Configuration
Installation & Service Configuration• Entire installation integrated with YAST
– All services can be installed unconfigured
• Service configuration handled through YAST interface
– Configuration file creation / edits
– IP Addresses & Ports
– Usernames & Passwords
– etc.
• Service management handled through iManager
– iFolder Server Admin
– Virtual Office Admin
– Cluster Administration etc.
© February 28, 2005 Novell Inc.15
OES Linux – Remote Management
Novell Remote Manager for Linux✟ HTTPSTK process
✟ Runs in USERSPACE✟ Up even if Apache is down✟ Modeled after the NetWare Remote Manager
✟ Not a direct port of NORM
OES InstallationsKlaus Huebner / NovellSenior Category Specialist
17
Install: Express or Custom
Express Custom
• Single server eDirectory tree
? Tree Name? Admin name? Admin context? Admin password
• LDAP server• All preconfigured to use
the local LDAP server• Default ports• Default options
• New or existing eDirectory tree• Admin name• Admin pwd• Admin context• LDAP server• Any or All products• All services which are LDAP clients
can point to other LDAP servers• Confirm default ports• Confirm default options• Additive install• Uninstall
© February 28, 2005 Novell Inc.18
Install Options
Install with Linux
Install for Linux (after Linux is already installed)
Install with NetWare
Install for NetWare (after NetWare is already installed)
© February 28, 2005 Novell Inc.19
Install With Linux
SLES 9
CD1(Boot)
CD2 CD3 CD4 CD5 CD6
new install existing Linux server
or
new install existing Linux server
or
CD2 CD3 CD4 CD5 CD6OES+ SLES9
SP1
SLES9
SP1CD2
SLES9
SP1CD3
OES with SLES 9 SP1
© February 28, 2005 Novell Inc.20
Install With NetWare
NetWare 6.5 (SP 2 Overlay)
OES with NetWare (6.5 SP3)
Products CD
(Boot)
new install existing 5.x, 6.x server
or
new install existing 5.x, 6.x server
or
OS CD
(Boot)
Products CD
(Boot)
OS CD
(Boot)
© February 28, 2005 Novell Inc.21
Install For NetWare(NetWare already installed)
OES for NetWare
SP3 CDexisting 6.5
server
© February 28, 2005 Novell Inc.22
Migration Tools Capabilities
Supported Sources• NetWare 4.2, 5.1, 6.0, 6.5 (eDirectory, NDS®, NSS, Traditional NetWare FS)
• Windows NT 4 (NT Domains, NTFS)
• Windows 2000/2003 (AD, NTFS)
Supported Destinations• OES-NetWare
• OES-Linux
Capabilities• Users (including user space restrictions)
• Groups
• File system (trustees and ownerships)
• Containers (users and groups only)
• Printing (stretch goal)
OES Files-/ Print-ServicesKlaus Huebner / NovellSenior Category Specialist
24
Linux Architecture
Virtual File Services (VFS)
Logical Volume Manager (LVM)
Device Drivers LAN Drivers
EXT3 Reiser XFSNFS
(client)SAMBA(client)
NetworkProtocols
User
Kernel
Applications and Services
25
Yet Another File System?
EXT2EXT3ReiserXFSJFS
UFSVeritasGFSGPFSPolyServe
etc.
26
NSS on Linux Architecture
Virtual File Services (VFS)
Enterprise Volume Management System (EVMS)
Device Drivers
EXT3 Reiser XFS
NSS
User
Kernel
Media Manager Logic
Posix SemanticAgent
EdirHandler
_AdminManagement
Upcall
NCPSamba
27
OES Services - Storage
OES on Linux can use native Linux file systems• EXT2• EXT3• Reiser• Others – POSIX
NSS is now part of OES• Novell Storage Services™ (NSS)
NCP™ server is also now part of OES• Will work with already installed “ Novell Client™”
Migration• Migration Wizard• Server Consolidation Utility
28
Unique NSS Features - ACLs
NSS Linux/Unix
Supervisor (grant ACLs to others) Set UID (advanced)
Read Read
Write Write
Create -
Erase -
Modify (change file attributes) -
FileScan (view) -
Access Control (change ACLs) -
Note: in NSS, X (execute) is a file attribute, not a right.
© February 28, 2005 Novell Inc.29
Novell iFolder
Instant access to your files— online, offline, anytime
Mobile
Office
PDA
Alwaysbacked up
Web access from anywhere
Home Backup files on local machines
Synchronize files
Access files from anywhere
Personal files/shared files
30
OES Services - iPrint✟ Linux Client✟ All browsers✟ Pre-set driver defaults✟ Secure Printing
– Encryption– Authorization
✟ Migration– Moving Printer Agents– Moving Print Services Managers
31
Preserving the Novell Experience
Novell Linux
Desktop
Novell Client32
for Windows
OES
(NetWare)
OES
(Linux)
Global Authentication
Login Scripts
Map Drives
Personal Files Backup
Shared Printing
Secure, scalable experience resulting from 2 decades of innovation in the workgroup productivity arena
• eDirectory on Linux srvr
• NSS on Linux srvr• NCP™ on Linux srvr• iPrint Srvr on Linux• iFolder Srvr on Linux• Novell login script
support on Linux srvr
• Background auth on Linux desktop
• Novell login script support on Linux desktop
• iPrint Client on Linux desktop
• iFolder Client on Linux desktop
• Linux printer drivers on NetWare srvr
• Optional NCP support
• Capabilities of (2) and (3) combined
1
2
3
1
4
4
2 3
32
OES Linux Client Overview
✟ Not a direct deliverable with OES✟ Will work if NCP is installed or not✟ Will process login scripts✟ If NCP is not there, it will try to use CIFS
(CIFS.NLM on NetWare, samba on Linux)✟ If CIFS is not there, it will try to use NFS
(NFAP on NetWare, OSS on Linux)✟ Uses PAM: completely configurable
33
OES Linux Client Details
Closed Source
Closed SourceApps
PAM
NCP
NW 5.x
Linux Client
NW 6.x
NCP
CIFS
NFS
NCP
CIFS
NFS
OES NW
NCP
CIFS
NFS
OES Linux
NCP
nfs
samba
pam_script.so
pam_ncp.so
pam_nam.so
LDAP
eDirectory
NFS
CIFS
LDAPNCP
Login Script
map F: ...
mount -t ncp /novell/f/...mount -t nfs /novell/f/...mount -t smbfs /novell/f/...
NCP
34
OES Linux Client Overview
35
OES Linux Client Overview
36
OES Linux Client Overview
OES Cluster ServicesKlaus Huebner / NovellSenior Category Specialist
38
Clustering
Novell Cluster Services™ on Linux• eDirectory Enabled• Full rich HA Clustering solution
Any fast mount Journaled File System• Not just Novell Storage Services• Clustered Parallel File Systems (OCFS2,
Polyserv, Lustre, Etc.)
EVMS integrated• Cluster Volume Broker integrated with EVMS
SUSE Clustering Base• Simple 2 Node only Heartbeat package for
service management.
39
Clusteringcont.
Mixed Clusters• NetWare Kernel OES and Linux Kernel OES in
same cluster• Will not support other versions mixed
Failover Mixed:• ONLY resources that have identical configurations
on both platforms• MySQL, GroupWise® (both still to be proven)
Failover Migrate:• Planning required to migrate a resource from
NetWare to Linux or back for those that are not 100% identical cross platform
• CIFS to SAMBA for example
© February 28, 2005 Novell Inc.40
ISCSI—SANs for the Masses
Full featured SAN
Server clustering
Cost of standard Ethernet LANs
No additional management training
© February 28, 2005 Novell Inc.41
Business Continuity
Geographically separate sites.
System available in seconds
Complete geo site failover
Protect against disasters
cluster site 1
clients
cluster site N
clients
eDirectory
Identity Manager
SAN
User- / Systems Management
Klaus Huebner / NovellSenior Category Specialist
© February 28, 2005 Novell Inc.43
Novell iManagerWeb-based management for the enterprise
Server monitoring and management
Directory management
User and group management
44
OES Services – Linux User Management (LUM)
✟ Manage Linux users via LDAP✟ iManager Create User:
– UID for each user– GID for each group– Primary group for each user
✟ Object with next UID, GID✟ Works with Name Service Switch (NSS)
– uid from LDAP not /etc/passwd– gid from LDAP not /etc/group
© February 28, 2005 Novell Inc.45
Identity Synchronization
*Novell offers many additional drivers
for integration between various other
applications and directories
Integrate and synchronize directory data with Windows NT Domains and with Active Directory
Novell’s is the only Meta Directory product in Gartner’s Magic Quadrant
Manage multiple directories from a single location
User have consistent passwords across systems
sync
NT Domains
Apps
Active
Directory
Apps
Apps
eDirectory
Apps
Other*
Jim Handy
© February 28, 2005 Novell Inc.46
Directory Management
47
PAM and LDAP and eDirectory and NSS = LUM
PAM Enabled Apps
Closed Source
Closed Source
Open Source
Closed Source
Closed Source
Closed Source
PAM
/etc/pam.d/*.conf
<app>.conf<app>.conf
<app>.conf<app>.conf
pam_*.sopam_*.so
pam_*.so
pam_*.sopam_*.so
pam_nam.so
/etc/nam.conf
namcd
LDAP
cache
LDAP(bind)
LDAP(proxy)socket
NSS
/etc/nsswith.conf
pam_*.sopam_*.so
libnss_nam.so
socket
eDir
getFDN() getGUID()
48
LDAP Enabled Apps
Universal Password
PAM Enabled Apps
Closed Source
Closed Source
Open Source
Closed Source
Closed Source
Closed Source
PAM
pam_nam.so
LDAP
LDAP(bind)
eDir
UP pwd
RSA pwd
SP pwd
NMAS
LDAP(bind)
LDAP(SASL)
SASL
samba
Monitoring Klaus Huebner / NovellSenior Category Specialist
50
Health Monitor – Bubble-up Page
??!!!?? AHHH
Klaus Huebner / NovellSenior Category Specialist
© February 28, 2005 Novell Inc.52
Virtual Office
Browser-based access to the most frequently used services
Access files from anywhere
Locate anyone
Point-and-click printing
Team collaboration
Change password
Access applications
Team and personal sites
Favorites
© February 28, 2005 Novell Inc.53
Self Service Identity
Users manager their own identity information (phone numbers, name, location, etc)
Eliminate the need to have IT staff manage the details of each end user
Administrators determine the amount of user control
PAM_LDAP
eDirectory
PAM_LDAP / Benötigte Software
Nss_ldap (http://www.padl.com/nss_ldap.html)
Pam_ldap (http://www.padl.com/pam_ldap.html)
Pam-devel (http://www.tuxfinder.com) (Wird nur benötigt, wenn PAM
nicht selber kompiliert wurde)
PAM_LDAP
PAM_LDAP
PAM_LDAP
User Services – File Services / SAMBA
User Services – Print Services
Novell iPrint lets Windows users:
•Quickly locate any local or remote printer using their Web browser.
•Easily install and configure a located printer with the click of a mouse.
•Print to installed printers from any location (including the Web) using an IP
connection.
User Services – Print Services / iPrint
Print Driver Store: This is a repository that stores the drivers
on the NNLS server for your network printers. It is the first
component you configure and is represented by an object in
eDirectory that you create.
Printer Drivers: These are the printer drivers that are stored
in the Driver Store and are automatically installed on workstations
when users select a target printer. Printer drivers exist
as file structures within the driver store and are not represented
by objects in eDirectory.
Printer Objects: These are eDirectory objects you create that
store information about the printers available through iPrint. The
information stored in an object is used each time ist associated printer
is added to a workstation’s list of available printers.
Print Manager: This is a daemon that runs on the NNLS server.
It receives print jobs from users and forwards them to the target
printer when it is ready. It is represented by and controlled through an
eDirectory object that you configure.
iPrint Client: This is a set of browser plug-ins that is automatically installed on a workstation
the first time it interacts with iPrint. It is required to navigate through the iPrint Web pages,
select a target printer, and install the print driver.
63© December 15, 2003 Novell Inc.
LSB (cont.)
Goal: Conform to FHS 2.2 Filesystem Hierarchy Standard
Where do files go?
Executables
Shared Libs
Headers
Man Pages
Conf Files
Variable Data
/etc/init.d/
/opt/novell/bin
/opt/novell/lib
/opt/novell/include
/opt/novell/man
/etc/opt/novell
/var/opt/novell
/etc/init.d/novell-<prod>
/opt/novell/<prod>/bin
/opt/novell/<prod>/lib
/opt/novell/<prod>/include
/opt/novell/<prod>/man
/etc/opt/novell/<prod>/
/var/opt/novell/<prod>