Slashdot Mirror

What do you mean you can't get it? You can get it (56bit) free, here. If you want 128bit it costs $2 a seat and if you want NAM, I think it costs $26 per seat. If you can't find a local reseller call Novell. It is available and, apparently, has been for more than a year.

This is an excellent question. One that I have done a couple of AskSlashdots on in the past. I too encountered a similar situation where, I would like to use Linux but was not interested in yet another authentication mechanism. Nor was I slightly interested in managing, potentially, thousands of workstation user lists individually. I wanted a mechanism that was more reliable and functionally scalable than NIS and I wanted it to be usable by all systems. Basically I wanted a single directory for the entire enterprise.

I have done a lot of research on the subject and extensive testing. Naturally I would have preferred a free solution, which suggested that OpenLDAP would be the solution of choice. But there are numerous issues with OpenLDAP.

One big problem is that it does not scale well. Sure it can handle massive volumes of users but, redundancy and more importantly distribution or replication are not yet adequate for enterprise use. This is also compounded by the fact that I also had to tie in Windows 2000 systems and applications. While active directory claims to be LDAP compliant, it is broken from a standards perspective. This severely limits the use of Active Directory as the central directory, not to mention the fact that it requires add-on software from Microsoft in order to authenticate *nix systems against it. Furthermore, because of Microsoft's proprietary extensions it is not possible to use OpenLDAP as a replacement for Active Directory.

Thus far, the best that I have found is Novell's eDirectory. There is also a second Novell package that is required if you will also be integrating Windows 2000 and Active Directory, you cannot eliminate Active Directory. The second package is Novell Authentication Management (NAM). This allows eDirectory to manipulate and synchronize Active Directory to eDirectory pretty seamlessly.

eDirectory runs on almost any platform. It runs on Netware, Windows 2000, Solaris, AIX and most importantly Linux. It is super scalable and easily handles distribution and replication. It offers authenication management for just about any platform and it has reasonable support from various application developers.

If you use Windows 200 apps like Exchange 2000 you still *have* to run Active Directory as well as eDirectory but, with the NAM package there is no need to ever manage Active Directory. All of the management is done in eDirectory and anything that needs to go into Active Directory is automatically pushed there.

Novell also has a product which I have not yet tried. It is an XML based add-on to eDirectory. Basically it will handle synchronizing other various directories to eDirectory. For instance, if you run SAP or some such application that has it's own authenticatioin system, the XML product will perform two way synchronization between eDirectory and your applications native directory. This propogates any changes made in one directory to the other.

You can get a free copy of eDirectory for Linux here. (Registration required) It's not the free solution that I had hoped for but, it seems to be the best around and it isn't too expensive for enterprise level software.

Quoth biglig: If you rent software, it's on the books as an expense.

If you "buy" software, it's on the books as a Capital Expenditure, i.e. an asset.

Soooo, given a choice which one will the bean counters choose?

I beleive that what you are looking for can be found here or here.

ConsoleOne is a graphical, cross platform GUI tool that allows you to do pretty much every thing. Add, Delete, Create, Modify, Search, Extend the schema, etc.

There's also the ICE (Import, Convert, Export) tool which allows you to import, convert and export data from LDIF or other LDAP servers. ICE is available in a GUI and command line version.

eDirectory is also managable through a browser, and if you use their DirXML product you can basically take any data from any system and expose it through LDAP.

Novell's eDirectory is redistributable for developers. If you do development work, check all their goodies at their development site. You'll find LDAP class libraries, tools etc.

The evaluation copy of eDirectory can be found here and includes the tools mentioned.

ConsoleOne is a graphical, cross platform GUI tool that allows you to do pretty much every thing. Add, Delete, Create, Modify, Search, Extend the schema, etc.

There's also the ICE (Import, Convert, Export) tool which allows you to import, convert and export data from LDIF or other LDAP servers. ICE is available in a GUI and command line version.

eDirectory is also managable through a browser, and if you use their DirXML product you can basically take any data from any system and expose it through LDAP.

Novell's eDirectory is redistributable for developers. If you do development work, check all their goodies at their development site. You'll find LDAP class libraries, tools etc.

The evaluation copy of eDirectory can be found here and includes the tools mentioned.

TSIA.
The fact is there's a niche between small business (Microsoft products) and Fortune 100 (*Nix) where Novell's products reside quite comfortably.
And eDirectory is a full-featured LDAP implementation in its own right. Not to mention the free version for Linux! (Registration required).

Hey, whad'ya know, I see that /. is filtering out the quotes in the link.

Here it is again in plain text for your cut'n'pasting pleasure:
https://download.novell.com/ICSLogin/?"http://do wn load.novell.com/download.jsp?cat=NDS&pid=646&targe t=sdExpLic.jsp"

I've got to disagree with your assesment that Novell is not a key industry player. Novell's eDirectory is the premier directory solution in a market that includes Active Directory, iPlanet, OpenLDAP, and others. Microsoft's attempt to cover for their weak directory solution do not in any way detract from the importance of a good directory.

And to answer the original question, eDirectory is the new name for Novell's NDS, a mature yet still evolving directory service that is fully LDAPv3 compliant. As it has been available for so long, there are MANY third-party tools and utilities available to manage it (such as Bindview or JRBUtils) in addition to Novell's own tools and utilities. Novell's eDirectory management utilities include import/export tools built in to ConsoleOne (an admittedly heavyweight Java-based management console) as well as BulkLoad, a command-line LDAP utility that uses LDIF files for command input. These utilities permit import/export of userids in LDIF format, as well as the migration of data between LDAP servers.

eDirectory is fully cross-platform, currently running on Netware, NT, 2000, Linux, Solaris, and Tru64 UNIX. It's been demonstrated at tradeshows with databases of up to one BILLION user accounts. Features of the latest version, 8.6, include persistent searches, dynamic groups, and live backup. The next release is expected to include UDDI, SOAP, and DSML 2.0 support.

Novell is practically giving eDirectory away at a list price of $2/user or less. They are actually giving it away for VARs and developers that wish to bundle eDirectory as the dedicated directory for their applications.

Oh, and if you wish to stay with open source options, look on Freshmeat.net for OpenLDAP - it includes a set of client utilities that should fit at least some of your requirements. Freshmeat should also have other LDAP clients, including browsers.

Novell's NDS works very well. Heck, even CNN (scroll to bottom of page) uses it!

Novell's NDS works very well. Heck, even CNN (scroll to bottom of page) uses it!

This is fixed in NetWare 5. When an app blows up, the memory space used is cleared. If you're talking about kernel drivers, yea, the console locks, but it's the same thing in Linux (kernel panic) and NT (BSOD). But at least NetWare has protection. Does Linux? Does NT?
I do agree on the file permissions point you made. Unix really needs a enterprise class file system; it's been far too long. NTFS is somewhere in between unix and NetWare.

But I have done my work in the IT-support dept. and I think that many would agree that this system would be a lot better in many cases.
I have seen to many times people doing all the "don't do's" like writing down the password and putting it on the desk, keyboard, monitor. and forcing them to change the password once in a while makes it even worse, like they use a name followed by a number and then they just increment the number when the have to change the password.
The lack of a single signon often amplifies this problem.

I feel it necessary to point out that OpenMail is definitely NOT the *only* platform to support a whole slew of outlook features. Novell's Groupwise 6 product supports despite what MS may want it's clients to believe. In addition to the technical features it is a LOT cheaper than Exchange. For those people who seem to buy into the MS line that Novell is old and outdated, I must laugh at them. Our Netware servers run rings around our NT boxes in terms of uptime and speed. Netware also now runs Apache, and I have heard that they are currently hard at work at porting PHP as well.

I feel it necessary to point out that OpenMail is definitely NOT the *only* platform to support a whole slew of outlook features. Novell's Groupwise 6 product supports despite what MS may want it's clients to believe. In addition to the technical features it is a LOT cheaper than Exchange. For those people who seem to buy into the MS line that Novell is old and outdated, I must laugh at them. Our Netware servers run rings around our NT boxes in terms of uptime and speed. Netware also now runs Apache, and I have heard that they are currently hard at work at porting PHP as well.

I feel it necessary to point out that OpenMail is definitely NOT the *only* platform to support a whole slew of outlook features. Novell's Groupwise 6 product supports despite what MS may want it's clients to believe. In addition to the technical features it is a LOT cheaper than Exchange. For those people who seem to buy into the MS line that Novell is old and outdated, I must laugh at them. Our Netware servers run rings around our NT boxes in terms of uptime and speed. Netware also now runs Apache, and I have heard that they are currently hard at work at porting PHP as well.

Make me something that doesn't suck,and I'll pay for it, don't force me to upgrade every 20 minutes to a more bloated piece of crap...

Unfortunately, if I write software that doesn't suck, doesn't need patches, and does what you want, you'll buy one copy (Netware 3, WinZip, Eudora) and in 2 years I'll be bankrupt.

If I write software with tons of broken features and requiring constant upgrades for 'compatibility' and security (SAP, QuickBooks, and Windows 95), I'm guaranteed plenty of repeat customers.

Now if you'll excuse me, I need to go buy a $100 ink cartridge for my $30 printer.

http://a957.g.akamai.net/7/957/3680/v0001/standard s.ieee.org/reading/ieee/std/lanman/802.1D-1998.pdf

For background reading, you might consider some of these articles:

Source Routing and the Spanning-Tree Protocol
http://developer.novell.com/research/appnotes/1991 /august/01/apv.htm

Understanding Spanning-Tree Protocol
http://www.cisco.com/univercd/cc/td/doc/product/rt rmgmt/sw_ntman/cwsimain/cwsi2/cwsiug2/vlan2/stpapp .htm

Understanding Spanning Tree Protocol -- the Fundamental Bridging Algorithm
http://www.oreillynet.com/lpt/a//network/2001/03/3 0/net_2nd_lang.html

Metro vendors question Spanning Tree standard
http://www.nwfusion.com/archive/2001/123588_08-06- 2001.html

That's not entirely true. Caldera did purchase the assets of Digital Research from Novell, and begain a lawsuit against Microsoft, and settled for ~$250M. They must have needed the money badly because they settled, even though their case seemed very strong and an eventual win almost guaranteed. During this time Lineo (nee Caldera) did sell embedded solutions based on the DR-DOS code base. They also purchased the Arachne web browser for DOS, ported it to their Linux offering and sold it as DR-WebSpider. At the time they sold both DR-DOS and Linux based embedded packages, targeting the Kiosk market. They also made the source to DR-DOS (Caldera OpenDOS) available for the first release or two but closed it back up due to lack of interest, the difficulty of getting the build environment setup and business reasons.

DR-DOS lives on as the bootstrap for Novell Netware and I'm sure that there were a few other clients for embedded DOS (IIRC Kavouras used it, I can't remember others). DR-DOS, AFAIK, is still available for download and personal use, and Caldera has packaged it for use with DOSEmu. So while they did use DR-DOS for the lawsuit money (A perfectly valid and appropriate lawsuit if there ever was one) they also based the beginnings of their embedded offerings on it. Lineo is one of the better embedded companies right now, gunning for Wind River's marketshare, they are not going away.

Further DR-DOS history links

• http://www-cs-students.stanford.edu/~kkoster/micro soft/caldera.html
• http://www2.gol.com/users/joewein/dri.html

If M$ is sincere, this is of course welcome news.

The problem is that M$ have a history of promising "initiatives" of this nature, then never following through once the smoke has cleared a bit.

And that's assuming it isn't just pure FUD, as in this lovely example.

sPh

From their online propaganda:

The interactive nature of the Internet enables e-businesses to gather information about consumers in unprecedented amounts. While many e-businesses maintain privacy policies -- and post them for users to see -- the fact that this personal information is being collected and shared without the knowledge and permission of the consumer has some individuals and advocacy groups calling for government intervention.

Novell's digitalme is the first major effort by a large, multi-national corporation to give consumers the ability to control their personal information and manage their online relationships. With digitalme, management of online relationships is put firmly in the control of the user.

We call this new orientation toward consumer empowerment, meBusiness, and it ushers in a revolutionary new age of commerce on the Internet. A world where every person is empowered to manage their relationships with individuals and businesses by controlling how their personal information is shared, used and maintained on the Net. A world where every e-business is systematically enabled to responsibly use, and on request, purge customer information. All of which is designed to lead to less intrusive marketing, more trust in online relationships, respect for personal privacy and greater acceptance of e-commerce as a viable alternative to brick and mortar retailing.

When this thing launched I seem to recall Novell positioning it as a universal login to websites through online authentication. Now that seems to be dropped and a simple keychain function used instead. Whatever the case it's all built on Novell's awesome NDS (called "eDirectory" this week) technology which gives it some street-cred. NDS is the most mature directory service out there and scales awesomely, very flexible and at this point pretty mature. MS's projects are, well lets just say "quality is a journey" at MS and with Sun, well Jini sure is nifty!

Anyway, an interesting third example of this increasingly debated service.

This is a little off the subject, but check into Novell's NDS eDirectory combined with their ZENworks 3.2 package. This is a great way to make desktop administration MUCH easier and cheaper. eDir does everything AD purports to do, with these added benefits:

It is cross-platform (eDir can be hosted by 2K/NT/Linux/Netware/Solaris/AIX - Netware is no longer needed at all)

It is much "lighter" than ADS

It does not require you to rip and replace anything - it overlays on top

With the right tools, it will synchronize accounts across disaparate, far-flung servers

it is totally extensible & has very well-documented APIs & lots of really cool LDAP/XML tools for it

and it goes without saying it's much more secure than ADS & easier to set up because of it's maturity. (They're on version 8.5)

ZENworks does:

Policy management based on context, user, group, schedules, whatever you want

application deployment (make an image of a single app configured the way you want and push it out)

workstation image deployment (even unattended at night - WoL)

software/hardware inventory DB w/ ODBC & JDBC connectors

... and it'll work with Win95 all the way through WinXP.

http://www.novell.com/nds
http://www.novell.com/zenworks

Cool, eh? I've used this stuff for a few years and it actually does what it says it's supposed to do! No, I don't work for Novell - I just think their technology is stunning, but their marketing sucks. I want to see this stuff succeed... I'm tired of great technologies dying because no one gives a damn. (Although Linux finally looks to have enough of its own momentum to stick around a very long time, I'm thinking back to dead things like OS/2 which were years ahead of their time.)

Should anyone need someone to help set it up, contact me. :) (or check out my website at http://www.bdpnetworks.com)

This is a little off the subject, but check into Novell's NDS eDirectory combined with their ZENworks 3.2 package. This is a great way to make desktop administration MUCH easier and cheaper. eDir does everything AD purports to do, with these added benefits:

It is cross-platform (eDir can be hosted by 2K/NT/Linux/Netware/Solaris/AIX - Netware is no longer needed at all)

It is much "lighter" than ADS

It does not require you to rip and replace anything - it overlays on top

With the right tools, it will synchronize accounts across disaparate, far-flung servers

it is totally extensible & has very well-documented APIs & lots of really cool LDAP/XML tools for it

and it goes without saying it's much more secure than ADS & easier to set up because of it's maturity. (They're on version 8.5)

ZENworks does:

Policy management based on context, user, group, schedules, whatever you want

application deployment (make an image of a single app configured the way you want and push it out)

workstation image deployment (even unattended at night - WoL)

software/hardware inventory DB w/ ODBC & JDBC connectors

... and it'll work with Win95 all the way through WinXP.

http://www.novell.com/nds
http://www.novell.com/zenworks

Cool, eh? I've used this stuff for a few years and it actually does what it says it's supposed to do! No, I don't work for Novell - I just think their technology is stunning, but their marketing sucks. I want to see this stuff succeed... I'm tired of great technologies dying because no one gives a damn. (Although Linux finally looks to have enough of its own momentum to stick around a very long time, I'm thinking back to dead things like OS/2 which were years ahead of their time.)

Should anyone need someone to help set it up, contact me. :) (or check out my website at http://www.bdpnetworks.com)

1> Novell is using linux in one of their best products (oddly, the one being referred to here - ZENworks is an _AWESOME_ product for managing software distribution. No free software equivalent floating around that I know of - anyone want to point me at something that handles association of users, workstations, and applications in a central directory, remote control/view through the directory, single sign on through the directory, self-heal capable applications, desktop imaging and update snapshotting, and works on Win32 boxes that universities and businesses love so much? It's better in a lab or office environment than on people's 'customizable' machines, but it is a __GREAT__ product.

Personally, I'd rather run linux - but there's too much vertical market software that will _NOT_ run on it. And then there's my cd burner that Adaptec likes and cdrecord doesn't... Or even shrinkwrap with no good replacement - ACT! and Visio were still better than equivalent open source / software freedom movement packages last time I looked at them (three months ago). Depressing, since I've been using linux since i had someone with a 'real' connection make me up 1.2MB floppies of SLS....

Adobe's a member of the BSA.

The BSA has an interesting statement on the DMCA here. This is a response to a Library of Congress rule available here.

Members of the BSA include Adobe, Apple Computer, Autodesk, Bentley Systems, CNC Software/Mastercam, Compaq, Corel Corporation, IBM, Intel, Intuit, Lotus Development, Macromedia, Microsoft, Network Associates, Novell, Sybase, Symantec, and Walker Digital; i.e. most of /.'s favourite hate companies, plus some extras.

These are the guys to line up against. They've been around since the '80s. I suspect that Adobe's lawyers are all BSA stooges. Certainly Adobe's PR department doesn't seem to be toeing the BSA line.

Novell's eDirectory has won Product of the Year in 2000 and 2001 for their directory services from Network Magazine.

I am looking for some more comparisons between the two.

Read about it here: Novell eDirectory Named Product of the Year

Cooperative multitasking? Pfft, even Win9x multitasks better then Mac OS 9. I wouldn't touch it.

Okay. So what would you say if I told you that one of the worlds most popular network operating systems is a cooperative multitasking system? While a cooperative multitasking system can increase latency, it has the big advantage that you can really maximise your throughput. Now it's not really fair to say that MacOS sucks simply because it uses a cooperative multitasking scheme. What you could say is that the way MacOS's multitasking scheme is implemented sucks, because too often unimportant processes can hog the cpu while waiting for user input (eg. scolling, resizing windows or making a menu selection). I have a feeling that if those problems had been worked around when the Mac first became multitasked way back when, the need for the MacOS to become preemptively multitasked might not have been quite so great.

Macs Netware is perfectly doable if everyone is willing to work together. (Unfortunately for my PowerBook, the local IT group wasn't willing). Some helpful links I found while trying to solve the problem unilaterally:

• Netware FTP site
• Installation guide at UMass
• FAQ at WTVI
• Troubleshooting at UMD

If you already have Novell, why not use Novell's Single Sign-On? It stores all the other auth credentials in NDS. All the user needs is their NDS password. To make it spiffier, you can add-on the Modular Authentication Services, which will work with smartcards or biometrics.

If you already have Novell, why not use Novell's Single Sign-On? It stores all the other auth credentials in NDS. All the user needs is their NDS password. To make it spiffier, you can add-on the Modular Authentication Services, which will work with smartcards or biometrics.

Consumer portals are the ones with a troubled future, but I think there is a great future in intranet portals. Meaning, portals that let you organize your companies internal information. How many wasted minutes a year are spent by employees looking for the correct HR form, for example?

Most companies have done a great job of web-ifying everything in their company, unfortunately, there are now too many web resources in a company. Portals can help organize that and show an employee only what is important to them.

So, I think products like JetSpeed and the product I'm working on, Novell Portal Services have a bright future.

People who just want a very simple web-experience are going to get AOL, which in effect is a web-portal for internet newbies. I also think that soon people will be able to build their own portal with a much simpler drag and drop metaphor that will be local to their machine or web-hosted in a very simple way. I don't think there is much money in doing that, but I think it will happen.

- Twid

Great. I want my BSD or Linux box to operate as a peer on my NDS or ActiveDirectory architecture.

OK, am I missing something? You want a Linux or BSD box to participate in a NDS or AD tree (rather than just be a client)? For NDS on Linux go get Novell Account Management or Novell eDirectory. For everything else use LDAP.

Great. I want my BSD or Linux box to operate as a peer on my NDS or ActiveDirectory architecture.

OK, am I missing something? You want a Linux or BSD box to participate in a NDS or AD tree (rather than just be a client)? For NDS on Linux go get Novell Account Management or Novell eDirectory. For everything else use LDAP.

It might be hard to make Linux work with Active Directory but not NDS . Novell and Caldera support it very well thank you very much. NDS rocks!

is a groupware alternative.

Take a look at Novell's NDS.
NDS is a distributed database of NetWare accounts, passwords, server metadata, etc.

NDS is far from a general purpose database. Still, reading up on NDS will give you a sense of the issues involved, i.e. how they chose to implement replication, db integrity issues, time sync issues, etc.

Once upon a time there was some NDS-to-ODBC glue that could be used to submit SQL queries to NDS, don't know if it still exists.

Novell hasn't opened up any source worth mentioning, but you can get free (beer) copies of NetWare from your local reseller or education center, just call them up and tell them you need an eval copy of NetWare.

NDS now has a version running on top of Linux, I'm not sure if there is a free eval version available.

NDS is complicated stuff, you really don't see any payback until you've got more then 4-5 servers. But once you've got 20+ servers in 10 sites sharing the same account database, you'll really like it.

With respect to monoculture, there are at least four DNS server implementations out there - BIND 4/8, BIND 9, djbdns and Microsoft. If you're afraid of the BIND monoculture and you're running BIND 8, you do have alternatives. Personally I run BIND 9 on my alpha, which takes care of the monoculture issue for me. :')

Don't forget Novell DHCP/DNS, it comes with NetWare 5. There are more esoteric DNS servers listed here.

I was intending to do something like this, but since its already done I will just add a couple of things...

A wide range of system configurations, changeable without system or user program reorganization. Windows: Only three reboots to install a sound card! Linux: Exchange anything but the kernel without rebooting Microkernels: 8-D

Well I take this to mean 'hot plug' (since dorking with the system/modules is 'system reorganization') which as far as I'm aware linux doesn't support but Win 2k if your HW supports it, AIX, and Solaris do.

Hierarchical structures of information for system administration and decentralization of user activities. Not entirely sure what they mean by this...
I think they mean NDS, Active Directory (which is basically LDAP with a bunch of support) and of course LDAP if you are willing to spend the time to get it to support all the cool stuff NDS does .

First off, you have to seperate old Novell from new Novell. The old Novell from the crunchy 4.x and earlier days bears little to no resemblance to the latest release. New Novell is a pretty slick package and if more prople knew about it

Novell isn't irrelevant and probably never will be. It really isn't so much a server OS as a network OS. It's LDAP compliant and much more. Rumor has it that with 6 due out quite soon (before the end of the year) that the pricing structure will change considerably.

It has user management feature which puts Windows and Unix/Linux to shame. It's network security is unmached. It's stable and reliable. It's web server (in 6) can serve up approximately 10 times the number of pages that a Linux/Apache box can on the same hardware. It's easy to mange. It comes with a whole host of applications, like ZENworks, GroupWise, etc that let you pull off some really slick techo-magic with minimal effort.

If you ignore the price tag, it's nearly perfect. However, due to Novell's pricing structure there are LOTS of networking folks out there who have not had any recent Novell experience. Like me, they are slow to recommend what they don't already know and love. If Novell follows through and restructures their pricing, they may well have a very competitive product

Have you not been paying attention? Novell doesn't have to 'roll NDS stuff into LDAP'... The last two or three revisions of NDS are already FULLY LDAP compatible. eDirectory IS the future of Novell.

Check out http://www.novell.com/products/nds/ ; for more information.
---

1) Why do you say NetWare is NOT cool and cutting edge? For the record, NetWare 5.1 is a modern, 32-bit pre-emptive multiply-threaded SMP OS that outperforms any other file server in the world.*note 1* It's built from the ground up to be a server, something other OSes can't claim. The built-in multi-protocol router can do anything linux can do (including NAT.. it supports IPX, AppleTalk, SNA, etc. out of the box with good, consistent monitoring tools). It has a blazingly-fast JVM built-in. It comes with Netscape Enterprise Server, ships with an SSL key (no need to get one from VeriSign), is bundled with IBM WebSphere (okay, not the greatest, but a good way to develop sites) & has a really cool built-in web-based management tool (Portal) that continues to run even if the rest of the server (incl. Netscape Enterprise Server) has ABENDed (crashed) due to a fault (normally, the server will work around ABENDs as much as possible). That seems pretty modern to me. NetWare costs a little more from the start, but the cost of implementation is lower and return on investment is higher than with NT or Linux (as a file server--kinda like the difference between a Geo and a BMW).

2) NetWare is no longer Novell's key strategical platform, if you've been paying attention. They're betting the house on NDS-enabled Net services that are no longer dependant on Netware. A large chunk of their product line is now based on Java (run anywhere), and you can host NDS replicas on Netware, NT, Linux, Solaris, and Tru64 UNIX. (Click here for a 60-day trial copy!)

Disclaimer: I have never worked for Novell, so my comments are based on my experience with their software and what I perceive them to be doing. I'm a CNE & MCSE (though I don't generally admit the last part) who was a big fan of OS/2, and is also a fan of Linux & the Open Source movement (though you guys have to get off your "high moral horses" and make some software that the average user can USE! Damn, gonna get flamed for that one.)

*note 1* - as far as "serving files," on one processor. Novell has (stupidly) not yet released their version of Netware that will scale file serving threads past one CPU - up until now, it hasn't been that big of a deal, because Netware can drastically outperform NT & ( & somewhat outperform Linux) in file serving on a single CPU. Netware 6 (in beta) will fix this.

One good example of such usage is CNN, which uses NDS for user tracking ("personalization") on their web site. CNN paid nothing for this; Novell gave away the product purely for marketing purposes. (The site used to have "powered by Novell" on every page; I can't see it now.) CNN has pretty stringent requirements for performance. This document has some interesting technical details, such as about scalability. For each user they store a unique ID, a set of indexed attributes (for fast lookup), and an XML stream consisting of user metadata. So they use LDAP mostly as an ID-to-object mapper. For the gory technical details, see Personalizing and Customizing Web Content utilizing NDS eDirectory at CNN.

NDS scales extremely well. Core to its scalability is its flexible multiple-reader/multiple-writer replication system, which supports disconnected operation and grafting multiple trees into "forests" like symbolic links.

NDS is expensive. Unlike NDS Corporate Edition, which is the network-oriented product, NDS eDirectory is not off-the-shelf software -- depending on the application, you pay at least $20K -- although, to be fair, that includes dedicated, on-site consultants and hand-holding all the way. User licenses, on the other hand, are quite cheap.

Unlike SQL and RDBMS technology, NDS/LDAP is actually a much more focused system for the kind of database systems needed by today's web sites. Relational databases are extremely good at large, repetitive result sets and table joins, but web pages typically only do "short-burst" queries that return just a few results, and often an RDBMS is turned into a glorified ID-to-object mapper. This is precisely what LDAP (and NDS) excels at. (It doesn't hurt, either, that LDAP queries are intrinsically hierarchical.) Site builders should look to LDAP for a more suitable, and much faster, database paradigm.

One good example of such usage is CNN, which uses NDS for user tracking ("personalization") on their web site. CNN paid nothing for this; Novell gave away the product purely for marketing purposes. (The site used to have "powered by Novell" on every page; I can't see it now.) CNN has pretty stringent requirements for performance. This document has some interesting technical details, such as about scalability. For each user they store a unique ID, a set of indexed attributes (for fast lookup), and an XML stream consisting of user metadata. So they use LDAP mostly as an ID-to-object mapper. For the gory technical details, see Personalizing and Customizing Web Content utilizing NDS eDirectory at CNN.

NDS scales extremely well. Core to its scalability is its flexible multiple-reader/multiple-writer replication system, which supports disconnected operation and grafting multiple trees into "forests" like symbolic links.

NDS is expensive. Unlike NDS Corporate Edition, which is the network-oriented product, NDS eDirectory is not off-the-shelf software -- depending on the application, you pay at least $20K -- although, to be fair, that includes dedicated, on-site consultants and hand-holding all the way. User licenses, on the other hand, are quite cheap.

Unlike SQL and RDBMS technology, NDS/LDAP is actually a much more focused system for the kind of database systems needed by today's web sites. Relational databases are extremely good at large, repetitive result sets and table joins, but web pages typically only do "short-burst" queries that return just a few results, and often an RDBMS is turned into a glorified ID-to-object mapper. This is precisely what LDAP (and NDS) excels at. (It doesn't hurt, either, that LDAP queries are intrinsically hierarchical.) Site builders should look to LDAP for a more suitable, and much faster, database paradigm.

[Disclaimer, I work for Novell]

Novell is not Netware, although Netware is still important to us and our customers. Here are some interesting things that Novell has going for Linux folks:

eDirectory for Linux

eDirectory (NDS) is powering the new RedHat network in Red Hat 7. We also have a cool new technology called DirXML that synchronizes directory attributes through XML with other apps.

NIMS

Novell Internet Messaging Server has been ported to Linux. It's a standards-based, very cool mail server. Check it out at myrealbox.

Novell Portal Services

An upcoming product that provides a servlet-based interface between eDirectory and our portal technology or other portals.

JustOn

I'm told that JustOn is one of the biggest sites for trading Porn movies on the internet. How cool is that? (grin)

There is other stuff, but you get the idea...

Anyway, you guys can flame all you want, I love my job. I get to do very interesting things all day long. I have a Debian server at home that I really enjoy working with, and we're a heck of a lot better off financially than many of the .com's you know and love.

-Todd

[Disclaimer, I work for Novell]

Novell is not Netware, although Netware is still important to us and our customers. Here are some interesting things that Novell has going for Linux folks:

eDirectory for Linux

eDirectory (NDS) is powering the new RedHat network in Red Hat 7. We also have a cool new technology called DirXML that synchronizes directory attributes through XML with other apps.

NIMS

Novell Internet Messaging Server has been ported to Linux. It's a standards-based, very cool mail server. Check it out at myrealbox.

Novell Portal Services

An upcoming product that provides a servlet-based interface between eDirectory and our portal technology or other portals.

JustOn

I'm told that JustOn is one of the biggest sites for trading Porn movies on the internet. How cool is that? (grin)

There is other stuff, but you get the idea...

Anyway, you guys can flame all you want, I love my job. I get to do very interesting things all day long. I have a Debian server at home that I really enjoy working with, and we're a heck of a lot better off financially than many of the .com's you know and love.

-Todd

Novell has $1Billion in the bank and no debt (and has been debt-free for quite some time), which is better than most of the dotcoms you hear about every day.

Novell has an HUGE installed base that is generally very happy with their products. Because their products are so technically good, they generally run for YEARS and don't require a constant schedule of patching/upgrading/paying more money for them, which actually works against Novell (in comparison to MS) for revenue.

Most of their current product line is cutting-edge, and often is technically superior to ANY alternatives (including Linux/Open Sourced ones!). Their BorderManager product (cache/proxy/auth/rev. proxy/etc.) is excellent. Their GroupWise product (multi-platform Groupware) has been top-notch for years, and I prefer it to Exchange (duh!), Notes, and POP/IMAP-based systems. Netware 5+ (5.1 was released about a YEAR ago--5 has been around for almost 2.5 years) supports the NCP protocol via PureIP (not encapsulated NetBIOS like SMB) and does it with amazing elegance and grace (using SLP to "find" the NDS tree, then walking the tree for information about resources, rather than using broadcasts). And NDS (renamed "eDirectory"), the jewel in their crown, is beautiful. (They're practically GIVING AWAY NDS for Linux, by the way... It'd be really nice to start MANAGING all of those Linux boxes without having to use NIS...)

Smartly, they're putting more of their focus on developing products that leverage NDS (including the ones listed above). Check out stuff like ZENworks (best desktop management software available anywhere), NetPublisher, SingleSignOn, and all of their public/private key infrastructure technology. Additionally, they're porting practically everything (management tools & back-end server components) to Java (remember Java?) as Netware 5 runs Java faster than just about anything.

Their problems have always been (and continue to be) twofold:

1) They lack the mindshare that "exciting" companies have. Even when they are technically innovative, no one thinks of them first because they're still stuck thinking that they only make "old fileservers." Every time MS forces users to upgrade or releases a patch to fix yet another security hole, their mindshare increases. Novell doesn't have those problems (not as many), and so they tend to fade into the background...

2) Novell has always targeted their products toward the "geeks." Their technology is always really cool and cutting-edge, but it is often too complex to easily explain to CIOs/CFOs and other cheif decision makers who rely on traderags and full-page ads to make their choices. I've been working with NDS for about 5 years--5 years ago, it was very difficult to convey to people what a directory WAS, let alone how NDS could save a company tons of money and time. It's hard to capture that technology into a short blurb or advertisement. So the geeks continue to love Novell products, and the CIOs/CFOs continue to steamroll over Novell's stuff with MS's stuff...

Even with all of that said, they'll be around for a while... I was once concerned, but realize there will always be a market for their technology.

(What the hell is up with this micro-sized editor window?)

All of you have forgotten Novell's ace in the hole: Novell Internet Caching System ICS gives Web managers new power to accelerate their media rich Web sites, secure site access, improve management of high-volume sites, filter Web content, and guarantee site up-time. CNN, AT&T, Akamai, and others use it heavily. Check out: http://www.novell.com/products/ics/ ; for more info

Although it reads a little bit like a pro-Netware column, the article at: http://www.novell.com/competiti ve/nds/security.html gives specific steps (with pictures) on how to exploit ADS to gain access to sensitive information in a branch below you.

Hope it helps.

"Although I am no longer needed, I am still tolerated. I am deprecated." -.DM.

Whatever: the point is you want everything in a directory, and you want everything in a single directory.

However lets say, there is some kind of realy top secret group, or project or something - new products or a security force, or internal affairs in a police department. Now, you've set up NDS either physcialy, or logicly, but either way there are things that are defined in a higher level that you want to flow down. Everybody gets Netscape in ZEN, everybody in bldg 17 gets access to some printer. However, since this paricular group is anal about security, they want there own container admin, and dont want higher level admin's inhereting rights. Your buliding admin can still define ZEN profiles, and printers (and groupwise routing rules, and......) but they dont have access to the sensitive information in that container.

So you can have it both ways, a single direcrory, with inhereted profiles for (whatever), and a secure container.

NDS has been around for 7 years. Its proven to work, and proven to work with insanly large trees. ADS is brand spanking new, unproven, and built on flaky grounds (it runs on JET - the DB backend desigined for Access). ADS runs on Windows. NDS runs on Netware, NT, win2k, solaris, linux, AIX, OS/390, and Tru64.

NDS - ADS comparision ADS runs on Windows. NDS runs on Netware, NT, win2k, solaris, linux, AIX, OS/390, and Tru64.

An old one.

An older one.

Some old benchmarks.

BTW sales of Win2K have been abysmal. A fact you don't hear much about, but which lies behind some of Microsoft's actions. (Trying to squeeze more revenue from existing streams.) Go out and look for yourself for some links on that (unfortunately not well enough publicized) story.

Cheers,
Ben

An old one.

An older one.

Some old benchmarks.

BTW sales of Win2K have been abysmal. A fact you don't hear much about, but which lies behind some of Microsoft's actions. (Trying to squeeze more revenue from existing streams.) Go out and look for yourself for some links on that (unfortunately not well enough publicized) story.

Cheers,
Ben