google

Hi

I'm looking for some basic information to start some research. I'm a
windows admin that just inherited a network with a novell 5 server but
was planning to upgrade to 6.5. I don't know much yet except that the
server is doing file services and every damn workstation and server
needs local windows accounts which is the pits.

It's a small network with about 6 windows servers, a citrix server,
this novell file server, and about 25 workstations. Historically 2
apps have had issues with their data being on the Novell server, one
has had it's data moved to a windows server. We need as low
maintenance as possible and some including myself have suggested in
this environment we don't really need novell and it is additional
administration and learning for me without much purpose. We don't
have or plan on any linux or unix etc etc but we will be putting in a
MSSQL server eventually and perhaps a notes or exchange server.

It is being suggested by someone that we should not implement active
directory because novell edirectory is better. From what I'm reading,
with a lot of windows servers and workstations doing an
edirectory>active directory integration is the way to go. Is this
true? If that is the case what are the advantages of having novell in
THIS environment because I don't see a lot. If we wanted to do
edirectory/novell services ONLY what novell products would be required
to approach the administration ease of a windows-only network so I
know what to research. Zenworks seems to be for managing the windows
workstations and servers... Which if any novell product can provide
granular security for database servers, etc.? What in general would
we be giving up if we did not have AD? What in general would we be
getting with both as opposed to only AD?

Sorry to be such a n00b If anyone can point me to some general
overview resource or provide a list of the Novell items I need to
research to get me started I'd appreciate it very much.

Thanks

david gersic

It sounds to me like you already made up your mind, and are now looking for
somebody else to help validate your decision.


Sounds like a poor, hard to manage setup.


So what's the cost of your proposed change? What's the ROI? If you don't
know, why not? Is the cost of your proposed change more or less than the
cost of other possible changes that may meet your stated goals/needs and
may (or may not) position you better for future needs? What _are_ your future needs?

"better" is a funny term. It's kinda like arguing that the blue hammer is
"better" than the red one.

I like, use, and support eDirectory. But I also recognize that it's a tool.
It's not a religion. The point of having a tool is to use it. In the case
of technology tools, the point of having the tool is to use it to
accomplish some business related goal.

Certainly there are technical points I could make that one or the other is
"better", but that's not the point. The point is to find out what you're
trying to _do_, then to pick the tools that allow you to accomplish that
with the least cost and highest ROI. That may, or may not, include Novell
technology, Microsoft technology, or technology from some other company.

Maybe, yes. Having MAD in your environment does make your Windows account
management different, and potentially less painful, from what you're doing
now. Having a provisioning system in place that automatically creates,
removes, and synchronizes accounts between your eDir and MAD trees can be
very powerful later when you add something new that requires integration.
Depending on what your business practices are like, it can also
dramitically lower your day to day workload by allowing you to automate the
lifecycle of the user, from new hires getting their accounts created, to
terminations having their accounts suspended or removed, all based only on
somebody that does HR for your business hiring or terminating a person.
There's nobody then running up to your desk at 5:30pm and saying "Oh, we
forgot to tell you, we hired this new guy here and he needs accounts on
systems X, Y, and Z, and he needs them about two hours ago!" or shouting
"We've just fired Bob and you need to make sure he can't log in to any of
the computers! NOW!"

Sound like nirvana? Well, it can be, but it can also be a lot of time and
work invested to get there. Before you can encode business logic in to an
automated provisioning process, you usually have to play detective for a
few months and find out exactly what your business processes actually are.
There's lots of surprises waiting for you, where you will ask somebody what
they do when a new person is hired, and they'll describe some thoroughly
bizarre set of tasks or procedures that they are absolutely convinced are
critical to the organization, but that you've never heard of. Or they'll
describe some policy that doesn't make any sense and you'll have to go find
out what the boss really wants to happen.

Like I said when I started, it sounds like you've already made up your
mind. What's the advantage? Depends on the person using the tools, not on
the tools themselves.

If it were me, in your job, I'd see a huge advantage. I'd be working on the
provisioning system with Identity Manager 2 or Account Management 3, and on
using ZENWorks to manage the workstations and applications.


Can you? You stated that you have a couple of applications that have some
sort of historical problem. Has anybody resolved that yet? Is anybody
working on the vendor to get it resolved? If the problem is Novell's fault,
is anybody working with Novell Support to get the problem resolved?

If you're not going to do MAD, then I'd be having a hard look at ZENWorks
for Desktops. The Dynamic Local User (DLU) policy allows for any user to
walk up to any Win2K or WinXP workstation, and log in. They will have a
Windows account created on the workstation on the fly, which will then be
removed when they log out.

But, that doesn't address your possible plans for MSSql or Exchange. If
you're doing Exchange, you _will_ be doing MAD. So, how are you going to
manage it?

Hopefully this is helpful. Research the tools, certainly, but also research
what you're trying to _do_ with the tools. That's where things get
interesting. Try to keep an open mind about what you're trying to do, and
spend less time on justifying how you want to do it.


--
| David Gersic dgersic_@_niu.edu |
| If anything is used to its full potential, it will break. |
| Email address is munged to avoid spammers. Remove the underscores. |

sami kapanen

not good ;/
Read about Zenworks for Desktops. It gives you a LOT.
Dynamic user accounts & roaming profiles, remote control, application
management, group policies and so on.


I wonder why?
Anyway, Netware 6.5 can also be accessed through CIFS as well, so the
files can be access like from any windows server.

Exchange will give you more maintenance... and virus problems.
Not even considered Groupwise?


Zenworks for Desktops to manage workstations, desktops,
applications,etc.

Then Account Management to manage user accounts if you need to have user
account on some windows servers as well.

AD limits you more to Microsoft. eDirectory works fine on Netware,
Windows, unix and linux platforms.


We have Windows servers only for certain applications, like MS SQL.
All file, print, imaging, www, email and web services are on Netware.


And remember, Zenworks, Groupwise and other products will run on Windows
and Linux too. They don't require Netware.

-sk

Why? What are the business needs driving these decisions?

Why not use, for example MySQL on NetWare?

regards
Marcus