Slashdot Mirror

Remember, this is Novell we're talking about. They have software that makes any Intel box a NAS device, they just haven't bothered letting the world know it exists. Boot from the NetDevice CD and have a NAS device in fifteen minutes. Sweet.

You could probably get ZenWorks to do all of that right now and store it on your own server if you have an "always on" connection for it. ZenWorks is fully integrated with a directory service and is accessible via LDAP and XML. What more could you need?

Also see ZENworks Keeps Handheld Costs Down, Security Up

You could probably get ZenWorks to do all of that right now and store it on your own server if you have an "always on" connection for it. ZenWorks is fully integrated with a directory service and is accessible via LDAP and XML. What more could you need?

Also see ZENworks Keeps Handheld Costs Down, Security Up

Windows 2000 client features that only work with a Windows 2000 server - eg, publishing application to users desktop with group policy

We do app management by workstation and by user with Novell's ZENworks. It works very well.

The Flying Boy Add

Don't know if the other clips on this page are as good, but they look well made.

I wonder why you don't see a bigger push from Novel about their products. I don't remember seend a Novel add recently, yet these clips look very profesional.

The Flying Boy Add

Don't know if the other clips on this page are as good, but they look well made.

I wonder why you don't see a bigger push from Novel about their products. I don't remember seend a Novel add recently, yet these clips look very profesional.

Novel has a list of a couple of opensource programs ported to netware including apache, perl and ldap.

NetWare admins have to laugh when they read stories like this. NetWare has been self-tuning for many years.

Have you considered Novell's eDirectory it would do you proud, if your budget allows. It's not free but, it isn't expensive either.

-- Do you count?

Point for Point:

GroupWise *is* great. No one really cheers for it because there are such a small percentage of people using it (who _understand_ why its designed the way it is) compared to Exchange and Notes. It's really a well-orchestrated collection of small, well-thought-out design choices.

Well, I've been using and administering GW for around 7 years, I'd hope by this point in time I'd "..._understand_..." GroupWise.

GroupWise does some things that have no equal in the open source world; the unified client with its Universal Inbox is a major one. The concept of an "item" with a type (rather than separate notes/appointments/tasks/documents that don't get along) that can be easily changed into another type of item is lost with Exchange completely.

What's your point, and how many times have you REALLY had to convert an email into an appointment? I really don't see the usefulness of this in almost any environment - especially when GroupWise training support is so hard to find nowadays, many of my users would just create another item, than try to figure out how to convert one to the other...

Other MAJOR features missing (or inferior) in Exchange include:
- FULL-TEXT server-side indexing of the ENTIRE post office database, including documents and all types of items (appointments/notes/tasks/phone messages/other third-party types of items/etc). This full-text indexing is turned on by default and is accessible in the client with one button & allows for a high degree of specificity.

Again I don't see how this is beneficial in a production environment. Rarely is this indexing used, and I have email clients (Mozilla for example), that index a mailbox as the data is downloaded. So who cares if it indexes the post office in the middle of the night, I don't use the index then, I use it when I'm opening/reading my email, and when I'd have access to indexes created when, for example, I download my email...

And document management: Most environments don't need this functionality. Since GroupWise still does not support the restoration of individual mailboxes, or documents without having to restore the entire post office, I sure would not consider implementing it...

- The PROXY function that allows average users give one-click access to parts of their mailbox to other users, even across post offices and domains

This is a nice feature, but in most cases overkill for what most people need. A shared folder is more than sufficient in most cases. I'm not going to consider a "major" feature, something maybe 1% of my users MIGHT use.

- Server-side rules that are ALWAYS server-side rules. (There are no client-side settings anymore; everything lives on the server. You can do local caching now for improved speed/less network traffic/offline capability & for "reliability" (like the post office ever goes down??))

GroupWise's rules still don't work right. For example: try getting a rule to handle an email based on the contents of the headers. Cant be done. Try getting GroupWise to do anything to an email without a subject line, again, cant be done...

- ROAMING PROFILES. A user can log into another workstation and as long as they are authenticated to NDS GroupWise will automatically load and access their mailbox...

I've had very few circumstances where a user moved to another PC for a long period of time, and did not need access to other applications on the old pc. Web based access to email works very well, for users who need temporary access to their mailbox from a PC that is not their primary , in addition you don't clutter the second PC with a cached copy of that user's mailbox (whereas you do with the GroupWise client).

The completely RSA-encrypted & Stac-compressed post office backend is nice. Oh, and the client-server and server-server connections have ALWAYS been encrypted. Now they use even use SSL if you want.

So, I can do the same thing with the simple to setup S/IMAP (SSL & IMAP). The fact that the backend is encrypted: I know of very few circumstances where you cannot trust the administrator who runs the email server, and where the illusion of security with the backend encryption might be beneficial (ie: the NSA and FBI come to mind). The fact of the matter is, the illusion of security granted by this backend encryption only hinders my job (it makes the data I am working with, mostly inaccessable). This backend encryption is easily defeated by taking a copy of the post office (ie: from tape for example), and building a secondary/development/testing system with it. Now I have access to this email at my leisure, from an unmonitored, non-audited environment...

- And the fact that the database engines (agents) RUN ON NT, LINUX, AIX, SOLARIS, 2000 and NETWARE should count for something!

No, GroupWise does not FULLY support all of those environments, only Windows and NetWare (fully), and Solaris and AIX (with diminishing support: the latest GW client for AIX or Solaris is GW5.2, the GW Unix agent was last updated in May of 1999, to version 5.5). Either way, it still REQUIRES a Win32 environment to administer it (ConsoleONE snapins for GroupWise don't exist on other platforms)...

, and the web access client in GW6 supports WAP, HDML, Compact HTML, PQA & std. HTML (with or without Java) OUT OF THE BOX. no third-party software is needed.

Whop dee doo. Most users will never use these wiz-bang features (HDML, Compact HTML, PQA, WAP), all they want to do is read their email. Again, I'm not going to design my messaging system around a feature that maybe 1% of my users might find usefulness out of...

- Did I mention the fully-indexed document management system with database-like functionality & user-specified permissions?

Did I mention that this is useless in an environment where the users don't know how to use it, and that GroupWise training options/materials are diminishing, not growing...

- oh, and GW6 has other stuff like native load-balancing and fault-tolerance. GW was originally WordPerfect Office way before Outlook even existed, so the basic functionality of the Exchange+Outlook combo was there several years ago. Now Novell is basically quietly adding the latest features and enhancements to it without a lot of fanfare. And you don't hear about it that much because It Works. (And unfortunately, Novell doesn't have the equivelant of a Steve Jobs running the company)

No this does not just work. Its implementation is flaky, with support just starting to reach what I would consider beta quality on GroupWise 6 with NetWare 6, with expensive hardware (SANs etc...)... Overall, consulting and support from other than Novell is also minimal.

GroupWise is a very capable system. I am totally underwhelmed with any of the open source solutions (or even the pieces) I've seen that try to duplicate groupware (all types). There are some great ideas out there, but none that I've seen so far come close to matching the rich set of features a package like groupwise can give you.

The features are poorly cobbled together, and as a collection of features, diminish the overall quality of the systems. For example, in order to support HTML formatted emails in the GroupWise client, I have to allow GroupWise to create/store TWO copies of the email in the Post Office (see my previous posting regarding a link to back this claim up).

I will give up GroupWise when something better actually comes along. Believe me, I'm always looking (I'm not entirely happy with how Novell is handling groupwise updates & support at the moment, but considering their size compared to Microsoft they really aren't doing THAT bad of a job)... But no other product has surfaced yet that makes me want to dump GroupWise.

No single product has surfaced, but many independent products put together do come very close, and are far closer to providing stable standards support then GroupWise is...

I'll tell you you're full of crap.

Well, I am feeling a little bloated today, but I didn't think much of it until now.

SNIP

*Actually, yes they DO have STABLE standards support (POP3, IMAP) I use them EVERY SINGLE FREAKING DAY. In fact, I have over 20 clients right now running pop3 on groupwise, without any problems. Its just as stable as my freebsd mail servers

In addition to the frequently broken POP3 and IMAP support, lets not forget the broken HTML formatted message support as well: in order for GroupWise to support HTML formatted messages, it requires TWO copies of the message be stored in the user's mailbox. One in MIME decoded format, and the other MIME encoded. To summarize the issue with an example: If my user gets a 10MB email, GW consumes around 22-25MB of disk space to store it (MIME-encoded messages are about 1.33 to 1.5 times the size of the unencoded message/attachments - which is the reason it's around 22-25, instead of 20). Dont give me the bullshit about how GW compresses the message. Most email attachments these days are already compressed, and you cant compress something twice and expect to gain anything more than MAYBE 1 or 2% (and thats streaching it).

I have setup many companies for either GroupWise, Exchange, or Unix based POP3/IMAP email systems as well. The most stable is the Unix based one, next comes Exchange, then comes GroupWise. Personally, I perfer Unix, and many times thats all my customers need. In the rare exception, Exchange is setup because they want calendering solutions that work. The GroupWise systems are only setup if they have an existing NetWare deployment, and are not intrested in re-investing into Unix technology.

*You Admin them through the same utility! What do you call integration?

Simple, when I can tell my users: "Your email and login passwords are the same."

Novell cannot, plain and simple. Sure I can try to use the kludgy LDAP interface on the POA (which still does not work right, even though they tried to patch a few things in GW6SP2), but my users still have to use a separate GW password for remote mode. Many of my users and clients use GW remote...

*Give me one example of "administrative control over the mailboxes" that exchange, sendmail, or whatever has over the mailboxes that groupwise does not.

I'd dig up my list, but this argument is getting tiring, here's two examples off the top of my head:
The ability to stop any user from RECEIVING emails once they've reached their mailbox size quota.
The ability to stop users from SENDING emails from a POP3 or IMAP mailbox (using the GWIA as their outbound SMTP server), once their mailbox has reached its quota.

*Bah. Buy an open file agent for your backup software!! Even without an open file agent, I have restored groupwise post office's successfully using both arcserve and backup exec. But yes, you should buy the open file agent to ensure you get a proper backup. (and yes, this same problem happens in exchange. With this agent, backups are extremely reliable.

Oh, like the OFA that comes with Arcserve's backup software? That POS crashes the server with EVERY NetWare SP release, even the latest ones....

Quite frankly, I don't know of any database vendor that recommends using a OFA to backup their database. They recommend using the tools they provide to dump the database to another medium (ie: spare disk, or even straight to tape), and Novell does not provide a tool to do this, without constantly babysitting it. I wouldn't recommend anyone backup a live DB using an OFA. My major concern: The OFA essentially takes a copy of the DB/file at that instant in time, not taking into consideration the fact that it may be "snapshotting" a file in the middle of a series of writes related to each-other, among other issues...

* What kind of report are you looking for? I get the GWIA logs mailed to me ever night from over 20 of my groupwise clients, those logs tell me every internet mail transaction that took place. What more do you want?

Well, good for you. I want logs that are summarized for me automaticly. I want logs that tell me who sent messages to who in POA to MTA to POA activity. I want the ability to run whatever report I need to run against a mailbox, and the ability to write my own reports (ie: see how many users have unread mail that is 60 days old, see how many .mp3 files are floating around, see how many users have setup proxy rights incorrectly etc...) Like what I can do with say for example the Exim SMTP daemon, and an associated IMAP daemon ... One of the core ideas that goes with enterprise systems management is automation. Well, that's very difficult to do with the kludgy tools that Novell offers with GW.

Novell's solutions are a dying breed, as a result, I rarely recommend them (unless the customer already has a significant Novell infrastructure). Novell's BorderManager product doesn't support standards that have been out for YEARS, GroupWise fails to support what are now considered basic features everywhere else, and NetWare still requires DOS to boot/run! Whenever I speak to a Novell rep about these issues, they just point at the developers and claim that internal politics are dictating what Novell does now...

- I use IMAP and POP3 through GWIA for 700+ users, off one box. It's been up 60 days, and that's because we moved offices two months ago.

Well, good for you. Novell discontinued support for GW 5.5 on the 1st of this month. Clearly you are able to run discontinued software, and clearly I'm not... I didn't have these problems when I ran GW5.5, in-fact IMAP and POP3 support was stable. Well I'm on GW6sp2/NW51sp5, and it's not stable - plain and simple... Neither in my production nor development environments.

- Maybe not, but I manage them using the same utility. Nobody has anything better, really. And because of the way the post office works, you have to communicate with a specific server agent, not just any server in the tree, so integrating passwords wouldn't really help any, unless you have no tape backups. ;p

What a bullshit answer. With GW's separate username/password database, that makes for two authentication databases that I must maintain (top-down rebuilds of the entire fscking database, etc...) . For Novell to sell their eDirectory product as the be-all to end-all, their failure to integrate their two flagship products just shows where Novell is headed... If MS can integrate Exchange with ActiveDirectory, why cant Novell integrate GW with NDS - Novell's only been trying for, what, about 5 years now...

And, yes there is something better out there. I've tested multiple S/POP3 and S/IMAP daemons on the Linux platform that can authenticate to LDAP databases just as easily as /etc/shadow, among other back-ends... What I haven't yet found is a good iCal server, other than that, I've found everything else I need to replace GroupWise with a stable cross-platform backend...

- What complete bullshit. In NWAdmin, I can control every option of the GroupWise client, I can set it remotely, and I can grey out the option so the user can't change it. What the can't you do? You want to add rules or specific proxy access, just go in to their box with the client, and do it.

NWAdmin, I see you haven't been cursed with ConsoleONE yet (ConsoleONE is Novell's replacement for its aging NWAdmin structure). You lucky sap! Wait until you see the cruft ConsoleONE has to offer - I ended up having to dedicate one PC to Console One, and another to NWAdmin and everything else I run...

Back to controlling the mailbox though; No you cant control every aspect of the mailbox with NWAdmin or ConsoleONE (you've never been able to). You get control over some parts, but then not others... It's inconsistent, and quick frankly, I've resorted to tweaking the Win32 registry to get to the options I need to change...

- Not based on my experience with Backup Exec 9.0. Even if you don't use the GWTSA's, you just make everyone access the post office over IP, instead of file access, and backup the directory. The files locked by the agent can be rebuilt from the files that will never be locked.

You're trying to backup a live mailbox! You'll love what GW6 has in store for you (no it's not yet fixed in GW6sp2). I have a 60 user PO, with aprox 100MB in each users mailbox, and the PO currently takes about 32GB (yes, that's 32GB) of disk space - you do that math (hint: it should only consume about 6GB...)... No, we don't use document libraries, and no none of the GWChecks fix it - no the ones run by me, Novell, or the consultant we brought in to try to fix it... Of-course I inherited this problem from a previous administrator, which means I stopped backing up a live system, and started shutting down the entire mail system to reliably back it up...

- Hmmmm... I've never cared about getting a report, really. Besides, GWCheck is for repairing the system, not reporting. But since I don't know what kind of reports you'd like, I'll leave this one alone.

No, GWCheck is also for reporting on the system as well. It's the only window into what's in the encrypted GroupWise message store - short of changing my users passwords and logging in as them... For example; I need to know things such as how many .tiff, .jpeg, .mp3 attachments there are, reports like this are things I can easily get out of other messaging systems...

- Groupwise is *great*. No, I don't work for Novell. Yes, I do administer a 2000 user enterprise system that runs Groupwise 5.5. We don't even need a dedicated e-mail guy, even for all 2000 users. And it doesn't even take up a big chunk of my time. I have 15 domains, 22 post offices, two internet gateway agents, and WebAccess set up. No issues, anywhere.

Well, that's your opinion, and I'll respect that, but I'll also consider the opinions of my peers that I regularly meet with regarding computer and networking issues. Most of the members in my groups are Novell and Unix fans (zealots in some cases), and nobody seems to be a fan of GroupWise 6...

- I think you're doing something wrong.

That's a pretty bold statement, considering I've had Novell techs and knowledgeable consultants working on the issues as well, and considering they they never got any further than I did (digging through the Support Forums, the online knowledgbase, and the best practices documents - while also pulling from my 7 years of prior experience and training with GW systems)...

GW is a dead-end solution, within no growth potential, and a messaging solution I wouldn't recommend to even my worst enemy... In-fact, my experiences with Exchange pale in comparison to the issues I've had with administering and building GroupWise systems..

What timing... Gotta run, one of my dedicated GroupWise servers just abended again (no, I'm not kidding).

- I use IMAP and POP3 through GWIA for 700+ users, off one box. It's been up 60 days, and that's because we moved offices two months ago.

Well, good for you. Novell discontinued support for GW 5.5 on the 1st of this month. Clearly you are able to run discontinued software, and clearly I'm not... I didn't have these problems when I ran GW5.5, in-fact IMAP and POP3 support was stable. Well I'm on GW6sp2/NW51sp5, and it's not stable - plain and simple... Neither in my production nor development environments.

- Maybe not, but I manage them using the same utility. Nobody has anything better, really. And because of the way the post office works, you have to communicate with a specific server agent, not just any server in the tree, so integrating passwords wouldn't really help any, unless you have no tape backups. ;p

What a bullshit answer. With GW's separate username/password database, that makes for two authentication databases that I must maintain (top-down rebuilds of the entire fscking database, etc...) . For Novell to sell their eDirectory product as the be-all to end-all, their failure to integrate their two flagship products just shows where Novell is headed... If MS can integrate Exchange with ActiveDirectory, why cant Novell integrate GW with NDS - Novell's only been trying for, what, about 5 years now...

And, yes there is something better out there. I've tested multiple S/POP3 and S/IMAP daemons on the Linux platform that can authenticate to LDAP databases just as easily as /etc/shadow, among other back-ends... What I haven't yet found is a good iCal server, other than that, I've found everything else I need to replace GroupWise with a stable cross-platform backend...

- What complete bullshit. In NWAdmin, I can control every option of the GroupWise client, I can set it remotely, and I can grey out the option so the user can't change it. What the can't you do? You want to add rules or specific proxy access, just go in to their box with the client, and do it.

NWAdmin, I see you haven't been cursed with ConsoleONE yet (ConsoleONE is Novell's replacement for its aging NWAdmin structure). You lucky sap! Wait until you see the cruft ConsoleONE has to offer - I ended up having to dedicate one PC to Console One, and another to NWAdmin and everything else I run...

Back to controlling the mailbox though; No you cant control every aspect of the mailbox with NWAdmin or ConsoleONE (you've never been able to). You get control over some parts, but then not others... It's inconsistent, and quick frankly, I've resorted to tweaking the Win32 registry to get to the options I need to change...

- Not based on my experience with Backup Exec 9.0. Even if you don't use the GWTSA's, you just make everyone access the post office over IP, instead of file access, and backup the directory. The files locked by the agent can be rebuilt from the files that will never be locked.

You're trying to backup a live mailbox! You'll love what GW6 has in store for you (no it's not yet fixed in GW6sp2). I have a 60 user PO, with aprox 100MB in each users mailbox, and the PO currently takes about 32GB (yes, that's 32GB) of disk space - you do that math (hint: it should only consume about 6GB...)... No, we don't use document libraries, and no none of the GWChecks fix it - no the ones run by me, Novell, or the consultant we brought in to try to fix it... Of-course I inherited this problem from a previous administrator, which means I stopped backing up a live system, and started shutting down the entire mail system to reliably back it up...

- Hmmmm... I've never cared about getting a report, really. Besides, GWCheck is for repairing the system, not reporting. But since I don't know what kind of reports you'd like, I'll leave this one alone.

No, GWCheck is also for reporting on the system as well. It's the only window into what's in the encrypted GroupWise message store - short of changing my users passwords and logging in as them... For example; I need to know things such as how many .tiff, .jpeg, .mp3 attachments there are, reports like this are things I can easily get out of other messaging systems...

- Groupwise is *great*. No, I don't work for Novell. Yes, I do administer a 2000 user enterprise system that runs Groupwise 5.5. We don't even need a dedicated e-mail guy, even for all 2000 users. And it doesn't even take up a big chunk of my time. I have 15 domains, 22 post offices, two internet gateway agents, and WebAccess set up. No issues, anywhere.

Well, that's your opinion, and I'll respect that, but I'll also consider the opinions of my peers that I regularly meet with regarding computer and networking issues. Most of the members in my groups are Novell and Unix fans (zealots in some cases), and nobody seems to be a fan of GroupWise 6...

- I think you're doing something wrong.

That's a pretty bold statement, considering I've had Novell techs and knowledgeable consultants working on the issues as well, and considering they they never got any further than I did (digging through the Support Forums, the online knowledgbase, and the best practices documents - while also pulling from my 7 years of prior experience and training with GW systems)...

GW is a dead-end solution, within no growth potential, and a messaging solution I wouldn't recommend to even my worst enemy... In-fact, my experiences with Exchange pale in comparison to the issues I've had with administering and building GroupWise systems..

What timing... Gotta run, one of my dedicated GroupWise servers just abended again (no, I'm not kidding).

2. You may use the NCP Documentation only for providing technical
support services to end users of Novell products and to support Your
development of Derivative Software that does not: a) enable more than
one end user per copy of the Derivative Software to access a NetWare
server; or, b) provide NetWare server functions.

I think you need to take a look at Novell's software before stating that Microsoft is the only way to get these features. Especially because eDirectory will run on Solaris and Linux. Novell is one of the best software companies I've had the pleasure of working with. Their licenses are not so much of a hassle as Microsoft's (in the educational world at least). And they are commited to Linux to the point of building a complete application around it. Oh, and that application happens to be BY FAR the best imaging / hardware inventory solution I have ever seen. So, do a little research Mr. FUD "can't get in the unix world".

I think you need to take a look at Novell's software before stating that Microsoft is the only way to get these features. Especially because eDirectory will run on Solaris and Linux. Novell is one of the best software companies I've had the pleasure of working with. Their licenses are not so much of a hassle as Microsoft's (in the educational world at least). And they are commited to Linux to the point of building a complete application around it. Oh, and that application happens to be BY FAR the best imaging / hardware inventory solution I have ever seen. So, do a little research Mr. FUD "can't get in the unix world".

Well, okay, Novell uses their own version of a Linux kernel, but they've been doing it for more than a year. It's part of their ZENWorks for Desktops package. It makes a bootable Linux partition that will boot to the network and allow the ZENWorks imaging server to force disk images down to the desktop from the network.

*sigh* Time to evangelize a little....
I don't see many people talking about Novell here, or anywhere else, these days and it's a real shame. They pioneered the PC-based local-area-network market! Okay, sure, Xerox was working on the idea first, but Novell actually made some headway with it. *They* are the company that Micro$oft had to beat for years and years. In my opinion, Novell still has a better product than Micro$oft. (Never mind the fact that I'm Novell certified!) And, like I said, Novell has been using Linux boot partitions for way more than a year in corporate environments.
Good luck, Novell. I hope you make a comeback soon.

Thanks,
Jim

Well, okay, Novell uses their own version of a Linux kernel, but they've been doing it for more than a year. It's part of their ZENWorks for Desktops package. It makes a bootable Linux partition that will boot to the network and allow the ZENWorks imaging server to force disk images down to the desktop from the network.

*sigh* Time to evangelize a little....
I don't see many people talking about Novell here, or anywhere else, these days and it's a real shame. They pioneered the PC-based local-area-network market! Okay, sure, Xerox was working on the idea first, but Novell actually made some headway with it. *They* are the company that Micro$oft had to beat for years and years. In my opinion, Novell still has a better product than Micro$oft. (Never mind the fact that I'm Novell certified!) And, like I said, Novell has been using Linux boot partitions for way more than a year in corporate environments.
Good luck, Novell. I hope you make a comeback soon.

Thanks,
Jim

If you dare to travel into the domain of Novell, their ZenWorks system is quite robust. It allows for selective and forced installation, and the packaging system always struck me as quite sophisticated.

If you dare to travel into the domain of Novell, their ZenWorks system is quite robust. It allows for selective and forced installation, and the packaging system always struck me as quite sophisticated.

In Borland compilers, there was an example in the online help demonstrating proper usage of the sound() function... There's a brief description here. And yes, this was really in the help files :)

> Well I doubt it's as good as NDS but we'll let > that one go. A quick comment here if you look at Novell's published comparison you'll see that they basically see two advantages: 1 - better support for hetrogenious environments (which is unquestionable but I eliminated that in the original by requiring all 2000 / XP) 2 - Better support for partial resource decomposition. IMHO for complex resources this is better handled at the DBMS level and not at the directory level. Microsoft lists several counter advantages like built in support for SAP and OneWorld

A Groupwise client, a Novell client, a pcAnywhere type thing to check on remote systems which cannot be replaced by Linux because of the apps that must run on them... ?

You mean like this, this (or this), and this?

A Groupwise client, a Novell client, a pcAnywhere type thing to check on remote systems which cannot be replaced by Linux because of the apps that must run on them... ?

You mean like this, this (or this), and this?

Typical NT Admin responses, "Lock it down!" "Don't let yor users get away with that crap!"

Why make more work for yourself?? Use iFolder for replication of local user data on your file server.

Standard editon supports NT, 2000 and NetWare. Professional edition adds support for Solaris and Linux.

Typical NT Admin responses, "Lock it down!" "Don't let yor users get away with that crap!"

Why make more work for yourself?? Use iFolder for replication of local user data on your file server.

Standard editon supports NT, 2000 and NetWare. Professional edition adds support for Solaris and Linux.

Add to this an effecient backup routine for the server (choose your backup software, make sure you are religious about backup.

>If his thin client catches on fire, it takes like 5 minutes to restore it.

If a workstation sets on fire, you replace it with a backup workstation, pop in a ghost boot disk, and wait for the image to download (could be anything from 5 minutes to 10 hours depending on how crappy your network is :).

>If you need help on an application, just take your smartcard to your co-workers desk and ask him to look at it

In a company with standard software in the ghost images (which is how any company with more than a handful of computers should be managing the software on their workstations) all the computers have the same basic software. No need for smartcards.

>And from an admin point, I just finished patching 20 boxes for known security holes. Wouldn't it be great to just patch one server?

Seriously, take a look into Symantec Ghost and Zenworks. They'll save you so much time you'll hardly believe it!

One image can serve for hundreds of computers. When you patch a computer all you'll need to do is update the image once (so that new ghost installs already have the fix) and push the upgrade onto clients with Zenworks.

That's going to take you about the same amount of time as patching the server and testing it with a few clients.

If you're worried about people saving their work onto their harddrives, tell them the harddrives are cleaned automatically every login (a little popup box that says its doing this will work wonders for re-inforcement) and that anything you want to keep for more than that session must be saved to the network drive.

Software like DeepFreeze can not only stop 90% of workers screwing up their systems by installing crappy software, but it will also enforce your "don't save to the hard drive" policy. The other 10% who are smart enough to work around DeepFreeze are smart enough to listen to your "don't save to the hard drive" policy because they've seen you ghost machines, and they've seen hard drives crash.

BTW: Bob takes more care of his computer when he knows that if it breaks he doesn't have a computer until its repaired!

If your company requires Unix, a little work with NIS and NFS could do wonders (and ghost will still work, although there's always dd if you're desparate)...

Groupwise. (And no, it doesn't need to run on a Novell server - the daemons run very nicely on NT. And the clients use TCP/IP these days. And, no more Outlook viruses.)

I almost hate to bite on such an obvious troll... but I'd hate to be running anything BUT Netware on anything larger than an 30-pc network. Netware does a fine job of running enterprise-class file and print services. NDS/eDirectory is still THE choice for enterprise directory services, plus it can be hosted off of NT/2K/Linux/Solaris in addition to its native Netware.

I see the point of PHP on Netware as just another option - you can already run Apache & Tomcat on Netware, they are even running the new management pieces of Netware 6. You also already have Perl and Java... and with the licensing model of Netware 6 (user-based, not server- or connection- based as in the past) you can run as many servers as you need. Not really a huge consideration if you have the skills to run Linux, but much cheaper than purchasing 2K or XP + CALs just to run a simple website.

I don't see why you are mentioning BorderManager & port forwarding, though. Yes, perhaps a rabid Novell advocate would refuse to run anything else for the firewall (I am a strong believer in best-of-breed - NT/2K etc do have their place in application hosting) - but why would you need to 'forward port 80' for your linux+apache+php? Unless you think a site can have only one hostname or some such nonsense. I'd use iChain over BorderManager, anyways. I see BorderManager as more of an outbound (forward prox) solution, whereas iChain is targeted more at inbound traffic (reverse proxy).

Their latest products are rather neat - we're just scratching the surface here. If you haven't taken a look *recently*, you really have no idea.

I almost hate to bite on such an obvious troll... but I'd hate to be running anything BUT Netware on anything larger than an 30-pc network. Netware does a fine job of running enterprise-class file and print services. NDS/eDirectory is still THE choice for enterprise directory services, plus it can be hosted off of NT/2K/Linux/Solaris in addition to its native Netware.

I see the point of PHP on Netware as just another option - you can already run Apache & Tomcat on Netware, they are even running the new management pieces of Netware 6. You also already have Perl and Java... and with the licensing model of Netware 6 (user-based, not server- or connection- based as in the past) you can run as many servers as you need. Not really a huge consideration if you have the skills to run Linux, but much cheaper than purchasing 2K or XP + CALs just to run a simple website.

I don't see why you are mentioning BorderManager & port forwarding, though. Yes, perhaps a rabid Novell advocate would refuse to run anything else for the firewall (I am a strong believer in best-of-breed - NT/2K etc do have their place in application hosting) - but why would you need to 'forward port 80' for your linux+apache+php? Unless you think a site can have only one hostname or some such nonsense. I'd use iChain over BorderManager, anyways. I see BorderManager as more of an outbound (forward prox) solution, whereas iChain is targeted more at inbound traffic (reverse proxy).

Their latest products are rather neat - we're just scratching the surface here. If you haven't taken a look *recently*, you really have no idea.

I almost hate to bite on such an obvious troll... but I'd hate to be running anything BUT Netware on anything larger than an 30-pc network. Netware does a fine job of running enterprise-class file and print services. NDS/eDirectory is still THE choice for enterprise directory services, plus it can be hosted off of NT/2K/Linux/Solaris in addition to its native Netware.

I see the point of PHP on Netware as just another option - you can already run Apache & Tomcat on Netware, they are even running the new management pieces of Netware 6. You also already have Perl and Java... and with the licensing model of Netware 6 (user-based, not server- or connection- based as in the past) you can run as many servers as you need. Not really a huge consideration if you have the skills to run Linux, but much cheaper than purchasing 2K or XP + CALs just to run a simple website.

I don't see why you are mentioning BorderManager & port forwarding, though. Yes, perhaps a rabid Novell advocate would refuse to run anything else for the firewall (I am a strong believer in best-of-breed - NT/2K etc do have their place in application hosting) - but why would you need to 'forward port 80' for your linux+apache+php? Unless you think a site can have only one hostname or some such nonsense. I'd use iChain over BorderManager, anyways. I see BorderManager as more of an outbound (forward prox) solution, whereas iChain is targeted more at inbound traffic (reverse proxy).

Their latest products are rather neat - we're just scratching the surface here. If you haven't taken a look *recently*, you really have no idea.

Sure - some legacy systems may only accept username/password as credentials - but most newer systems will accept digital certificates, biometric authentication, token, kerberos tickets etc etc.

One other method is to use single sign on technology integrated with strong authentication - take a look at Novell Security solutions

These combine single sign on technology with strong authentication against a cross platform directory service.

>Here's a novell idea...

So that's where they're going with GroupWise...

>Here's a novell idea...

So that's where they're going with GroupWise...

It's the French Tax authority that will use, among other things, Novell's eDirectory. e-Directory (formerly known as NDS) contains many features (and it can do what Passport does, too), and it scales to over 40 billion users. Microsoft's Active Directory could never scales a few orders of magnitute worse.

I don't know if and how Microsoft Passport ties into MS Active Directory, but I think it should, as it needs an authentication database back-end, and MAD seems to be a natural choice, for MS.

One thing to be aware of is that centralised identity management is not single sign on; ultimately customers need the freedom to use their authentication credentials to best suit their environment (whether that is uid/pwd pair, digital certificate, token, biometrics, kerberos cert ..) lowering everything down to the lowest common denominator doesn't really sound too much use!

Why They Lie

Novell - eDirectory

Yeah, most of the functionality this guy wants comes bundled in... and I think it's also really important to stress that eDir is a *distributed* *pervasive* database.. that alone marks a clear distinction from other products. (No, not "Pervasive" as in the company...)

If a server tanks, you don't lose any access to your auth info. If multiple servers tank, you STILL don't lose any access to your auth info. There are no single points of failure (note: Active Directory actually has (I believe) up to FOUR single points of failure- you have to manually reassign servers in case one of them crashes in order to have write access to your data. At least this was the case last time I checked it a few months ago.). Most other LDAP implementations are single-server as well. eDir really is as good people say it is... a good case study was CNN when they built a web portal... they were deciding whether or not to build their own custom auth database, but ended up choosing eDir instead because everything was already included. here's the story: CNN eDirectory success story

Similarly, Yahoo! picked eDir & Novell's Portal offering for their business portal... check it out: Yahoo! success story.

Both talk about scalability (replication), LDAP & cross-platform abilities. Anyhow, give it a look. It's really cool. :)

Disclaimer: I do not work for, nor have I ever worked for Novell...

Yeah, most of the functionality this guy wants comes bundled in... and I think it's also really important to stress that eDir is a *distributed* *pervasive* database.. that alone marks a clear distinction from other products. (No, not "Pervasive" as in the company...)

If a server tanks, you don't lose any access to your auth info. If multiple servers tank, you STILL don't lose any access to your auth info. There are no single points of failure (note: Active Directory actually has (I believe) up to FOUR single points of failure- you have to manually reassign servers in case one of them crashes in order to have write access to your data. At least this was the case last time I checked it a few months ago.). Most other LDAP implementations are single-server as well. eDir really is as good people say it is... a good case study was CNN when they built a web portal... they were deciding whether or not to build their own custom auth database, but ended up choosing eDir instead because everything was already included. here's the story: CNN eDirectory success story

Similarly, Yahoo! picked eDir & Novell's Portal offering for their business portal... check it out: Yahoo! success story.

Both talk about scalability (replication), LDAP & cross-platform abilities. Anyhow, give it a look. It's really cool. :)

Disclaimer: I do not work for, nor have I ever worked for Novell...

LDAP is a great idea, but it's only half of the problem - it specifies the cross-platform interface, but not the database to store that information in. OpenLDAP sounds like a step in the right direction.

MS has their ActiveDirectory that fully supports LDAP, but the database is very Windows-centric and you'd be taking on all of Microsoft's security issues related to hosting ANYTHING on a Win2K server.

Really, seriously, definitely have a look at Novell eDirectory (a.k.a. NDS) as your foundation - replicas of NDS partitions can be *hosted* on Solaris, RedHat Linux, Netware, NT and Win2K (note: you do NOT NEED A NETWARE SERVER ON YOUR NETWORK TO RUN eDIRECTORY! :) You can use the proprietary Novell client software for various OSes to access this information, or make standard LDAP calls to it.

NDS (the database part) is dynamically extensible, totally replicated (for performance and auto failover) & almost completely automatic... very little maintenance is required. It supports hooks for almost all OSes for authentication (look at Novell Account Manager for Linux & Solaris, for example) and directly supports smartcards/biometric/SecurID/etc. It's "light" meaning you wouldn't have to dedicate entire servers to host the information. The security is awesome and the you get very fine-grained control over everything. It's relatively inexpensive these days, too. (You can practically get it for free if you're a developer - check the website for a free eval copy, too)

These days, Novell also has all sorts of whiz-bang products (i.e. DirXML) that integrate with eDirectory - do bulk-loads or automatic synchronization of other proprietary directories using your own XML interfaces. They even have a bunch of tools & apps that let you take existing apps and set them up as "single sign on" so you don't have to keep track of multiple passwords for multiple databases.

The other advantage is that Novell has about ten years of lead time over everyone else's directory implementation right now.. I'm lucky enough to have had a chance to play with NDS on several large networks and continue to be amazed at the technology behind it.

more info: http://www.novell.com/edirectory

NDS-AS provides password redirection from lots of platforms to eDirectory. It supports a bunch of different Unix's (and Linux) as well as OS/390 and Windows. It's easy to plug into various webservers, database, and routers since it also ships with an API. Check it out here: http://www.novell.com/products/ndsas/

Novell hasn't gotten much right except their directory services. By far, Novell NDS/E-Directory is the best you can get in the industry. If you just want password management, openldap is good enough. However, if you want better user/group/server/services/application management, give eDirectory a shot. There's nothing else better to manage mid-enterprise corporations. It really does kick ass.

Not that I'm a big fan of their software solutions, but Novell has a new video which may or may not (I don't know for sure either way) become a running commercial ad.


Anyone knows any http link? Thanks.

Not that I'm a big fan of their software solutions, but Novell has a new video which may or may not (I don't know for sure either way) become a running commercial ad. It's very amusing and carries the sentiment of virtually every geek out there. Might be a nice thing to mention to the bosses next time they come up with the "great idea" of digging themselves further into Microsoft products.

Your "homepage" could have e-mail, file&print access across different servers, and applications. Depending on HOW you're accessing the system it'll change how it delivers apps.

For example, if you're on a high-speed LAN it'll figure out what servers are closest to you and deliver apps to your desktop if they're not already installed. If you move to a different office, it'll change to the closest server that has the apps on it.

If you're at a web cafe or on a dial-up connection, it can deliver the SAME apps via a Citrix session automatically without the user having to pay attention to the underlying mechanisms, keeping track of licensing concerns automatically.

This is not just a simple remote "viewing" solution like VNC and it's not a remote "processing, local viewing" solution like X - it's a way to tie together all of the resources (servers, apps, data) you already have in a solution that the users can easily take with them anywhere without having to change to fit the system. Pretty cool.

Go here for more info on synergy.

Unfortunately, they haven't yet put up any screenshots, but the ones I've seen look really cool... here's a 3rd-party article that gives you a better idea of how this works than I can.

(Yes, they embraced Linux a while back, and yes, ZENworks Synergy is supposed to even extend to handhelds. :)

No, I don't work for Novell - I just think they *still* make some damn fine products (even if their marketing does really suck.)

ZENworks and iFolder
But they come from that beFUDdled company that everyone likes to ignore these days, even though they have hellatious solutions to real problems. Linux is great but it can't touch the features available from a platform with a mature and stable directory service. With the directory, you can pick a user and then make their environment and remake it every time they login. You can customize the environment depending on what kind of device they are logging in from or what type of connection they have. But these things wouldn't be useful would they? Just ignore these products. Wait until Microsoft releases version 3! It'll really work then!

ZENworks and iFolder
But they come from that beFUDdled company that everyone likes to ignore these days, even though they have hellatious solutions to real problems. Linux is great but it can't touch the features available from a platform with a mature and stable directory service. With the directory, you can pick a user and then make their environment and remake it every time they login. You can customize the environment depending on what kind of device they are logging in from or what type of connection they have. But these things wouldn't be useful would they? Just ignore these products. Wait until Microsoft releases version 3! It'll really work then!

Things have indeed changed.

When using Windows Explorer from Windows XP Professional with the 4.82 or 4.83 client installed (IP-only and connected to a NetWare server) to copy files from one location to another location on the same server shows 100%-1000% performance decrease compared to Windows 2000 Professional copying the same files.

A cause of this symptom specific to the Windows XP platform has been identified by Microsoft, and is being addressed as a change in NTOSKRNL.EXE for Windows XP.

I think Novell's eDirectory is a possible solution. You can run eDirectory on NetWare® 5.x or above, Windows 2000, Windows NT, Solaris, Linux, or Tru64. There are other Novell products (NDS-AS, DirXML, Zen for Desktops, Novell Account Management, SecureLogin) that extend eDirectory's reach even further.

There is a PAM module available for Linux that lets you log in using NDS (eDirectory) credentials. Other *nix clients should be handled the same. For an NT client you would either need to use Zen for Desktop's Dynamic Local User or you would need to use Novell Account Management. Account Management on NT will redirect the domain into NDS. On 2000, it will synchronize with Active Directory.

The other products I mentioned can take you in other directions. DirXML is a meta-directory synchronization tool. Available conduits include Active Directory, Exchange, LDAP, GroupWise, Lotus Notes, NT Domain, JDBC, Peoplesoft, SAP HR, and Delimited Text.

NDS Authentication Services (NDS-AS) extends NDS (eDirectory) authentication redirection to other platforms, including AIX, FreeBSD, HP-UX, Linux, OS/390, Solaris, and Windows. Note that some of NDS-AS duplicates functionality found in eDirectory or Account Management.

SecureLogin is a single sign-on technology, which may be another way to solve your problem.

To give you a bottom line answer, even if you want to ignore alternate solutions and go with a straight LDAP directory, use eDirectory. It doesn't matter which platform you run it from, Novell has demonstrated billion-user trees on several host OSes.