Slashdot Mirror
Novell to support Linux with NDS
One of our readers writes "Check out the press release that says that Novell is porting NDS to Linux. This could mean that Linux will stand a good chance to penetrate the data center--just another step toward world domination. Plus NDS v8 can support a billion directory entries. " Novell is saying it will be availible by calender year 99-keep our fingers crossed.
I just don't see how managing a large organization is possible without NDS. The ability to administer all the user accounts and security from one app makes things such a breeze.
Good going Novell
Last I knew a NetWare server was availble from Caldera. It was NDS 4.11 compatible, it acts just like a netware box to all clients - but runs on a more stable platform
Is it useable now?
What's the difference between them, anyway?
You've got to be kidding.
"Microsoft is really unreliable but Linux is worse." Ken Thompson - father of Unix
Well unless you are running SFTIII, yes its more stable. And if you are using a 3.x product you need to re-boot every so often just to clean up the dirty buffers. I have always like NetWare, but it is still just a file and print server. Most CNx's think a app server is using the network install of office.
I have only installed 5 in the lab so I am unsure of its stability, but its system requirments have gone way up. I only hope it is giving me something for all that extra hardware
...but for more deployment of Linux where I work, it needs to support >8 character user names (I know Redhat allows for that, havent tried others), user groups within groups, extented ACL's and quotas on directories instead of just quotas on user per mount point.
I take it you are talking about 4.x NetWare? 3.x should be restarted about once a month, and thats a Novell recomendation (if you ever have need for their support).
But if you are talking about SFTIII, I have had 99.999% uptime. The only thing that has caused a system down fault is bad memory, it recovers from other hardware errors well. Personally any OS that can be configured in such a way as to "recover" from hardware erros is great.
But just plain NetWare has caused me more abends then just plain Linux seg faults - both more stable then NT, bit Linux edges out Novell.
-T
I'm not that familiar with Zen (used it briefly at a previous job), but what would it do that a clever arrangements of NFS exports, groups, and shell scripts couldn't? (Aside from saving admins from having to create said clever arrangement, I guess.)
That aside, though, it's great to see more corporate acceptance of Linux. I hope this news put a frown on Microsoft's collective face this morning!
Has anyone had any experience with Zenware (also a Novell product)...I believe that Novell would really have a chance at coming back if they ported this product to Linux...from what I have read it is comparable to MS SMS...coupled with NDS...administration in an Enterprise environment would be quite a bit easier...
md
>Support from Novell is fine, but do directory services really fit in with Unix? They only make sense to me if you can't remotely administer your boxes (e.g., DOS, Windows)
They easily fit. The point of a directory is to store all of your user and network information together, in one place, so it's easier to maintain. A NetWare network with 100+ servers and 20k+ users is much nicer to admin than if it was running Unix.
The real power here is the cross platform nature. Need crappy MS stuff because that's all your programmers know? Load up NT. Want real App servers? Solaris to the rescue. Solaris too expensive for everything? Fire up Linux. Leave the file and print to NetWare. Admin it all from the same spot, with one tool. Have 1 username and password for all the boxen.
And I suppose you think using LOADLIN.EXE means Linux is also DOS based?
If you're comparing Netware 3 why not compare it to Linux 0.95, they were released fairly close together as I recall.
See Caldera's NetWare for Linux -- Netware 410 + NDS 611:
i ndex.html
http://www.calderasystems.com/products/netware/
Why is everyone so excited?
Personally any OS that can be configured in such a way as to "recover" from hardware
erros is great.
Most OSes that I've seen recover fairly well from hardware errors. For example, if a disk fails, I've seen HP-UX, OSF1, and Solaris on Intel or Sparc handle it just fine. (Of course, you can't access the data on the disk, and if you lose the OS disk you are out of luck.) Just accessing a bad disk in Linux, even if it's not mounted (fsck, for example), can crash the system.
NDS is cool because it means you can use the same usernames and passwords for both UNIX and Windows systems. Something like NIS will only work with the *NIX's and isn't as secure or robust as NDS.
Unfortunately, NDS is very expensive to implement given Novell's licensing fees. This provides an opportunity for an open source clone of NDS which reimplements NDS's protocol.
Is anyone working on such a beast? Maybe I should if nobody else is.
I know there are open source alternatives to NDS, but why do something incompatible?
Does Novell publish the specifications for NDS?
Cheers,
George
news@lemont.rice.iit.edu
Ummm, anyone care to explain to me why this comment is moderated to -1?
DeveloperNet is free to join.
http://developer.novell.com
Get the latest code. The NDS support is great
This may be good for those that wants to get Linux into NDS networks, but the community should concentrate on creating a open and free directory service for itself built on open and nonproperity standards. Support Linux Dierctory Project and OpenLDAP: A System Administrator's Vie w of LDAP Linux Directory Services The OpenLDAP Project
The word "available" when issued from Novell usually means it will be made available as "public beta." An actual shipping product probably won't be available until Spring of 2000. This will be at least half a year after NDS v8 for Solaris will have already been a shipping product.
... will dsrepair be ported to Linux too?
Btw, Netware for *nix and NDS for *nix differ in the services they are intended to provide. While Netware for Linux emulates Netware file & print services. NDS for *nix allows NDS authentication to *nix. There is PAM modules already available to do this however. One PAM module will authenticate against an Novell server or as an alternatie the RADIUS PAM module can autheticates against a Novell radius NLM (which authenticates against NDS). The only advantage is being able to have a local replica to authenicate against. This probably is not much of a performance win. In the end, places that need NDS for *nix will probably use one of the PAM or Apache module solutions already available and by the time this is actually *shipping* it may be a product looking for a market instead of the other way around.
Btw, where is the NDS for AIX that would result from the Novell/IBM partnership announced some TWO YEARS ago? Novell has stated for a long time that since NDS is written in C "it is multi-platform" and to expect it "everyplace" really soon. The fact that Novell marketing has thrown around hot-words ("C", "Portable", "multi-platform", "single solution") for such a LONG time doesn't help their reputation much nor the hot-words they are throwing around now. I'm not convinced that just because NDS 8 for Solaris is scheduled to ship at the same time as NDS 8 for NT that they really are "dedicated" (another Novell marketting hot-word) to "*nix." Solaris is far from being "everywhere." And the fact that Novell has claimed "portablity" while leaving *nix ports at DS v6 when DS v7 is out leads me to believe that idiots who buy into replicating to *nix will find themselves in a mess when NDS v9 comes out and it is recommended to upgrade ALL replicas.
Oh, btw... some other questions for your Novell hot-word market rep to answer...
Is ConsoleOne PureJava? Can it run on Linux today? Can it run on Linux today?
What NWadmin plug-in funcationality does ConsoleOne have today? GroupWise? ManageWise? BoarderManager? ZenWorks?
What administration of the Linux box can be done from ConsoleOne? How will it compare with LinuxConf? How will it compare with COAS? Why is ConsoleOne easier/perferable to the web interface access to LinuxConf or COAS?
How much network traffic does DS replication & authentication produce compared to NIS authentication or RADIUS authentication?
And how does a billion user objects translate into 16 bit UIDs?
Until you've worked in an environment with NDS properly implemented, it's hard to get a handle on how much easier it makes life. Single-login would be a godsend to me and I'm working in a well developed NIS+ environment. I just finished another NIS+ course and I would give my left^H^H^H^H^H^H^H^H^H love to have the simplicity of NDS on Linux and Solaris.
The more things that are integrated with NDS (ie Peoplesoft) the easier life seems to get. Plus, with partitioning of the NDS database, you save WAN bandwidth in large companies.
_damnit_
It's my job to freeze you. -- Logan's Run
NDS and other Directory Services may not matter much to nickle and dime shops, but anyone who has to manage more than 10 networked devices can appreciate the ability to do so from a single administration front-end to directory services
Novell has been doing this for years. The only thing keeping Novell from dying as a company, is that they keep making their network adminstration easier through directory services. With NDS 8, Novell Netware 5.0, and Zero Effort Networks (ZEN), you can administer just about every device on your network in about every way imaginable.
Those that have implemented NDS the right way just can't switch to NT, they'd have to increase the number of employees in their IT department by and order of magnitude.
With NDS and ZEN, you can lock down who can login from which specific machines. Have their printers and data resources move automatically based on User and Workstation. Install and distribute software updates. Administer resource quota's, etc. And that is just the start.
With the addition of NDS for UNIX and NT, life is going to get a lot easier for those that have to administer, maintain, and support networks.
I only wish the open source community could deliver 10% of the product that NDS already is. -And I don't mean spending 1000+ hours to configure this-and-that open source tools which already exist... but rather a single intuitive rock-solid directory server with an accompanying intuitive administrative interface.
I had hoped that Caldera's Open Administration System (COAS) would grow to fill this role... but it seems destined to die of neglect and disinterest.
Life is like an egg better scrambled than fried. -- Ken Sawatari
NDS is not Netware.
Directory Services is where Novell's future lies... and they know it. Netware is dying the death of a product which has little going for it besides its huge installed base, and the addition of NDS
Besides, I was able to access Netware resouces using bindery services back in the days of the pre 1.0 release of Caldera's Linux. If ncpfs ain't there yet why not use the old support for shared bindery resources?
NDS being the future of the company and all, you can't completely knock them for making it hard for others to catch up
I really shouldn't open my mouth here... because it will rapidly end up with a foot in it. I don't know anything about the current state of ncpfs and accessing NDS shared data on a network.
In the end, NDS is pretty damn secure. Even if some of it is security through obscurity.
Life is like an egg better scrambled than fried. -- Ken Sawatari
Netware has never been based on DOS. I may be wrong, but the core proprietary OS which Novell created, and which went on to become Netware probably predates DOS.
I remember reading somewhere that Netware like Banyan Vines was based on one of the old AT&T UNICES. UNIX dumbed down and simplified enough to be easily administered. Of course all of this happened way back when, so both Banyan and Novell ended up creating their own network protocols based off of IP. -But of course incompatible.
http://www.itli brary.com/reference/library/1575211874/ch22/ch22.h tm Is a pretty good history of the evolution of Netware for anyone who is interested.
Life is like an egg better scrambled than fried. -- Ken Sawatari
I don't know why DoxPrint was moderated into hiding. I'd say mail Rob, but the poor guy gets enough mail. Whoever trashed the post--go away, censor.
(For those who didn't see the original post, DoxPrint lets you print to Novell printers over the Network Neighborhood, by having a Linux box in the middle translate between windows prints and Novell prints. Check it out, send me feedback, etc. I'll put together a FAQ once I have some Q to FA.)
Yours Truly,
Dan Kaminsky
DoxPara Research
http://doxpara.netpedia.net
Once you pull the pin, Mr. Grenade is no longer your friend.
---
(Aside from saving admins from having to create said clever arrangement, I guess.)
---
i think you answer your own question here.
edward
"You've got to be kidding."
Why? Properly set up (same as with Linux), I have seen Netware uptimes of 8 months with Mon-Fri loads of 200 users logged in, 20 GB/day files served, 5000 print jobs/day. We have no qualms about leaving Netware servers at sites it takes 2-3 days to get a support person to; the servers run fine with no attention at all for months at a time. And that includes running Btrieve, which is not the most stable NLM in the world.
The key of course is proper setup (and before that , proper network engineering). If you have never worked with a well-engineered Netware setup, you might not have seen what I am describing. But then the same could be said about Linux.
sPh
"I take it you are talking about 4.x NetWare? 3.x should be restarted about once a month, and thats a Novell recomendation (if you ever have need for their support)."
I agree statements to that effect are found in the Novell documentation. However, IMHO that was more of a cover-your-ass recommendation. We used to reboot our 3.11 servers every six months to be safe (assuming no hardware failures or changes); the longest uptime I saw was 9 months. That was with 200 clients on a 486/33 EISA machine, 15 GB total storage at the end (although I also remember having to appear before a division vice-president to justify my request for a massive 1000 MB disk drive!). Admittedly this was with few NLM's running; mostly file and print. But as we ran Win 3.11 off the server (not the swap files), file service was pretty heavy.
As always, YMMV.
sPh
"Well Our Novell servers Do use a DOS base, and as far as I know, Dos is required for Novell 3.1 and 4.11. Given you almost never see the Dos base once you get a Novell server"
Novell uses DOS (typically MS-DOS, although I understand DR-DOS is possible) as a boot loader. After SERVER.EXE loads, you can run the REMOVE DOS command and remove all traces of DOS from memory. At that point you are running pure Netware, not DOS. Netware is it's own operating system, with its own API's, filesystems, and so on.
The use of DOS as a boot loader historically has had many advantages:
A) Most low end Intel boxes do not have a monitor running at the firmware level as do higher end Unix machines (e.g. Sun). This was particularly true back in the 1980-1985 time period when Novell brought the concept of networking to the DOS-tel world. Use of DOS as a boot loader provides an emergency startup capability if the box truely falls over.
B) Simple to install and set up the boot sequence using DOS tools (this applies more to the 3.11 days as most of this is automated today). Plus everyone has a set of MS-DOS 5.0 disks around somewhere.
C) File and directory manipulation tools available under MS-DOS are crude, but simple and usable for the few tasks that need (or needed, as again this is mostly gone with NW 4.x/5) to be done with them.
D) You are always able to boot a server back to DOS and run minimal utilities (de-upgrade a driver, run a virus scanner, etc.).
Again, there is no absolute reason that DOS has to be used, as once Netware is running all traces of the boot loader are gone. Anything could have been used: CP/M-86, p-System, Forth, you name it. For historical reasons DOS was chosen, but don't let that fool you into thinking that DOS runs under Netware in the same manner as it runs under Windows 95. It doesn't.
sPh
I'm really looking forward to this. I hope they make ZEN available for Linux too.
Read the licensing agreement. You can't use those docs to create server functionality.
Of course, the anything to beat Active Directory argument is one I also subscribe to. It's not like I have to use NDS.
Novell use DOS merely to boot... once NetWare is loaded it does not make use of DOS at all.
I am very excited to see this product... Has any one used the port for Solaris. It was released some time ago, but only for the Sparc platform, because it uses PAM. I have been told that the proof of concept was developed on linux, so I am slightly dismayed that it hasn't been released by now... since Novell's site said by Q2!
Outside of large scale user management, which by no means is trivial, what can NDS offer for *NIX? Novell's idea of authentication is very different from the traditional idea.... authenticate once and then you've got access to whatever you have rights to. I am interested in what functionality NDS can provide in an environment which traditionally has required authentication for each and every connection.... The prospect of kicking off multiple shells/ftp connections/etc and only having to authenticate once would be a interesting thing to implement...
I'm on the client side! I have no control over what the server does.
Note that that's true even if the server is running Unix. If a site doesn't want to support your Linux client, they won't. Besides, any site running a 'legacy' mail system like MS Mail, probably has worse troubles. (Although, even MS Mail had a SMTP gateway.)
At the same time I feel your pain. One reason Macintoshes were purged from corporations in the early 90s, a big reason was because the f*ing Novell admins were too clueless/afraid to set up the Macintosh services. Your information that there isn't a good NetWare client for Unix only serves to reinforce the impression that Novell is still living in the golden era when they had 80% of the market with DOS clients.
--
Business. Numbers. Money. People. Computer World.
This comment appears to have been unfairly moderated. Is someone trying to crush the truth that Client32 is a pain in the ass?
--
Business. Numbers. Money. People. Computer World.
They have. NetWare Core Protocols was released during BrainShare '99.
The original poster did not want server functionality, just client access to a NetWare server.
Oh, gee, look -- another server-side solution.
Y'know, it seems that certain companies are just missing the whole point. Either that, or I'm missing the point. Or we have different points of view about what the point is.
From my point of view, it's really really simple. All I want from Novell/Caldera is a way for me (a user running Linux) to be able to read and write files on a Novell 4.x server. 'cause that's where my MS-Mail and cc:Mail always end up.[0]
What that means is, I want Novell to publish the specifications for the Novell 4.x protocols so that the ncpfs people can write a working Linux client.[1][2]
That's all.
Meanwhile, I guess replacing some Novell servers with Linux servers might help a handful of people. I just wish I were one of them.
[0]No, not both at the same time. But at my last three long-term engagements I've been forced to use MS-Mail, cc:Mail and MS-Mail, respectively.
[1]Yeah, sure, the ncpfs client can talk to Novell 3.x servers. And it can talk to Novell 4.x servers which have the bindery emulation turned on. But I'm on the client side! I have no control over what the server does.
[2]Yeah, sure, Caldera has published "Netware for Linux". They've got lots of nifty documentation about how to set up your x86 2.0.35 Caldera Linux system as a Netware server. Where's the documentation on setting up the client? For that matter, where's the client that actually works right? (Let me guess -- Caldera never actually tested the Netware for Linux client side -- they just ran the server and tested it with Windows 95 clients.)
If the hardware is stable, then the only problems I've seen with NetWare is due to admin misconfiguration. NDS across multiple servers can get especially hairy if the time synchronization isn't setup correctly. I'm used to 130 day uptimes...
Why so short?? We just had an unplanned power outage a few weeks back. Stopped the 3.12 server at 487(!) days; 2 4.1 servers at 2xx (don't know those #'s like the 3.12) and a 4.11 server at 112 days (that was short because it had its only abend in its life and had to be rebooted).OTOH, it also stopped our linux mail server (qmail) which had been up since it was built last fall.
The bottom line is, though, that both--when configured properly--are extremely stable. NT can't claim that....Well, I suppose they could, but it ain't true....
I've used Linux in a Novell saturated large corporation for the last 3 years. It was great when everything was bindery, but then when we upgraded all the Novell to NDS the Linux box was relegated to being just a web gateway/firewall.
Don't believe the marketing, "Active Directory" is going to suck like nothing has sucked before.
At our work it has. Especially when we were using 4.10. It was crashing all the time.
,some light file sharing, and my test server for mod_perl programs and database connectivty.
Even 5 has had it's kinks. Though I suspect the Novell admin isn't too good at what he does. I have a P200 with 128 Megs of RAM doing DHCP, DNS, mail for 150 users
NetWare doesn't run on a DOS base. It bootstraps off of a DOS kernel. Once NetWare launches, the DOS kernel is put in a little box, patted on the head, and kept out of trouble. It has no role at all in the operation of the OS. On a cool note, NetWare 5 ships with Caldera DR-DOS 7 as a boot stap loader. My NetWare boxes doen't have MSnothin on them now. WooHoo.
Well Our Novell servers Do use a DOS base, and as far as I know, Dos is required for Novell 3.1 and 4.11. Given you almost never see the Dos base once you get a Novell server running (very little maintenance outside of the novell OS) it is nervertheless there.
Totaly agree,
My Novell 4.11 servers go for months without a reboot, the only reason they have to go down is for hardware upgrades. They run everything from GW gateways (mail), fax servers, virus scannners, etc, all on a single box, with a single proceessor, for 60+ clients. My only headache with Novell servers is thier conectivity with the internet (mail, tcp/ip), especially web caching, DNS, and mail (would love to replace these with linux, but corporate culture is still a little stiff)
And yes I eventually moved our btrieve db onto a seperate server just because it's a little, well, unfriendly to the other nlm's
Yes, didn't mean Base as in part of the Novell OS, just is needed for install and boot. (And is handy to configure hardware and such)
Well the more support the better.
Has anyone used Novell for Unix? I use and administer Novell 4.11 at work (servers, firewalls, and VPN's, OH My), and while user management and related issues are good, other things (client 32, ipx/ip, email, etc...) are really unstable (except novell servers which tend to be very stable minus a abend here and there).
Does NDS mix well with *nix permisions and user settings? How is the Admin interface? I would Love to move off of novell for everything but NDS.
This is certainly going to make it easier for companies to adopt Linux. One hurdle has certainly been the inability to have simple management of Linux machines. All of the money that you save in software and licensing are more than offset by the fact that you need to bring in a separate staff to manage the boxes.
If you can integrate the system into existing management tools, however, than you can at least make your Linux design on technical merits and not worry about management costs.
Another big step forward. I know a lot of companies who have been waiting a long time for this.
I use NDS on one of the largest Novell networks I have ever seen and I can't wait to get NDS for Linux. It is the most amazing thing that has ever existed. Now if they can port Zenworks to Linux which allows for remote software installation and client management from one computer life will be good.
Mac OS X 10.2.4, Palm T|T, Apple iPod 5G
DOS OS base? Where? At the server, or at the client? The server is not DOS-based, and they've had wide client OS (including *nix) support for years.
Now if Novell would change their OS base to Linux instead of DOS they could get their market share back._ ________
_______________________________________________
Can We trust the future - Flesh99
At our work it has. Especially when we were using 4.10. It was crashing all the time.
,some light file sharing, and my test server for mod_perl programs and database connectivty.
Even 5 has had it's kinks. Though I suspect the Novell admin isn't too good at what he does. I have a P200 with 128 Megs of RAM doing DHCP, DNS, mail for 150 users
If the hardware is stable, then the only problems I've seen with NetWare is due to admin misconfiguration. NDS across multiple servers can get especially hairy if the time synchronization isn't setup correctly. I'm used to 130 day uptimes...
NDS support in linux is great IMHO. One of the problems I've faced in our network (NetWare, NT, Linux) is finding an economical and efficient way to keep the users managed. NDS everywhere would make me ecstatic.
http://www.bullnet.com
I currently run a 75 node Novell and 40 node NT server envrionment. I have 1800 users hitting one server with over 130gig(native) on a Pentium Pro 200 cpu running Arcserve 6.1, Inoculan 4.0, and Btrive 6.10. This server has been up for over 1 year with no problems. Novell can be VERY stable if its done right. I have also had great results with Linux. I have had my Linux server running for about 4 months without problems. The only thing is that it needs to be rebooted a little more often. Its all in the setup.
just a comment,
xaotic