NetWare to Linux Migration Articles
OES2 and Domain Services for Windows
By Donna Moyer
Yes, you read that correctly: OES2 SP 1 now includes Domain Services
for Windows (DSFW). This innovative idea was announced two years
ago at BrainShare and is finally here. In a nutshell, this technology
allows eDirectory servers running OES2 (Linux kernel) to appear
as Active Directory Domain controllers. This is not about synchronization
as we have done with Identity Manager. It is about enabling your
users access to AD authentication and services using their eDirectory
user name and password. For instance, OES2 SP 1 will help when:
- Your
eDirectory users need to access an Active Directory domain. OES2
SP 1 allows you to create a one-way interdomain trust between
the DSFW and AD domains.
- You want to streamline your workstation
deployments by removing the Novell Client. If you maintain multiple
images for workstations depending on the services your users
need, you may have users who have to access services such as
file and print from the Novell side of the house. Instead of
relying on the Novell client, with DSFW your users can authenticate
using native Windows.
- You need Active Directory for authentication
to a new application. DSFW supports Kerberos authentication,
so, depending on the application involved, it may not be necessary
to implement an AD domain on Windows just to provide these services.
Simply create a new Active Directory domain in your existing
eDirectory tree. (We can't
guarantee it will work for all applications but a look at this
prior to implementing an AD infrastructure might be worth the
time.)
- Administrators want to continue using
the management tool of their choice. Administrators can manage basic user functions
with the tool they are most familiar with—iManager or the
MMC. OES2 and Domain Services for Windows
So what are the limitations of OES2 SP 1? You should take into
consideration that:
- Management user objects by either management
tool is limited to basic user operations. You will be
able to do basic management tasks such as creating users or deleting
users. However, you will not be able to use iManager or MMC to
modify more granular user settings or attributes.
- OES2 SP 1 is
limited to the Linux kernel. Keep in mind that as OES moves forward,
the new goodies will be on Linux and will not be supported on
NetWare.
Additionally, if you remove the Novell Client, you should be aware
of the following impacts:
- No login script import mechanisms. Some
organizations use very complex and powerful login scripts. While
the functionality can be recreated using the Microsoft Group
Policy Editor, there are no import mechanisms.
- No access to salvage
and purge commands or ability to set the delete-inhibit and rename-inhibit
attributes. You can always do this for your users, but
if they are used to doing these tasks for themselves, you may
need to keep the Novell client around.
- No access to NetWare servers or
previous versions of OES Linux servers unless CIFS is implemented. If you need this functionality and don't want to implement CIFS,
you may need to keep the Novell client.
The bottom line? OES2 SP 1 is great news for Novell customers
who need to implement Active Directory for specific tasks but who
do not want to incur the cost and management of supporting two
directories.
© Copyright 2008, Uptime NetManagement, Inc.
Article Source: http://www.uptimenmi.com/
You have my permission to reprint and distribute this article as long as it
is distributed in its entirety, including all links and copyright information.
This article is not to be sold or included with anything that is sold.
About the Author:
Donna Moyer is Principal/Senior Network Consultant of Uptime NetManagement,
Inc. (http://www.uptimenmi.com/). Uptime is a Novell Gold Solutions partner
providing technology solutions, customized training, and consulting services.
If you are interested in finding out exactly what Novell can do for your
business, or are seeking to maximize the benefits from your current Novell
systems, call us today at 610-621-1244!
|
