edirectory/novell vs. active directory - Netware

This is a discussion on edirectory/novell vs. active directory - Netware ; Hi I'm looking for some basic information to start some research. I'm a windows admin that just inherited a network with a novell 5 server but was planning to upgrade to 6.5. I don't know much yet except that the ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: edirectory/novell vs. active directory

  1. edirectory/novell vs. active directory

    Hi

    I'm looking for some basic information to start some research. I'm a
    windows admin that just inherited a network with a novell 5 server but
    was planning to upgrade to 6.5. I don't know much yet except that the
    server is doing file services and every damn workstation and server
    needs local windows accounts which is the pits.

    It's a small network with about 6 windows servers, a citrix server,
    this novell file server, and about 25 workstations. Historically 2
    apps have had issues with their data being on the Novell server, one
    has had it's data moved to a windows server. We need as low
    maintenance as possible and some including myself have suggested in
    this environment we don't really need novell and it is additional
    administration and learning for me without much purpose. We don't
    have or plan on any linux or unix etc etc but we will be putting in a
    MSSQL server eventually and perhaps a notes or exchange server.

    It is being suggested by someone that we should not implement active
    directory because novell edirectory is better. From what I'm reading,
    with a lot of windows servers and workstations doing an
    edirectory>active directory integration is the way to go. Is this
    true? If that is the case what are the advantages of having novell in
    THIS environment because I don't see a lot. If we wanted to do
    edirectory/novell services ONLY what novell products would be required
    to approach the administration ease of a windows-only network so I
    know what to research. Zenworks seems to be for managing the windows
    workstations and servers... Which if any novell product can provide
    granular security for database servers, etc.? What in general would
    we be giving up if we did not have AD? What in general would we be
    getting with both as opposed to only AD?

    Sorry to be such a n00b If anyone can point me to some general
    overview resource or provide a list of the Novell items I need to
    research to get me started I'd appreciate it very much.

    Thanks

  2. Re: edirectory/novell vs. active directory

    On 25 May 2004 06:24:33 -0700, Jenny wrote:
    > I'm looking for some basic information to start some research.


    It sounds to me like you already made up your mind, and are now looking for
    somebody else to help validate your decision.


    > I'm a
    > windows admin that just inherited a network with a novell 5 server but
    > was planning to upgrade to 6.5. I don't know much yet except that the
    > server is doing file services and every damn workstation and server
    > needs local windows accounts which is the pits.


    Sounds like a poor, hard to manage setup.


    > It's a small network with about 6 windows servers, a citrix server,
    > this novell file server, and about 25 workstations. Historically 2
    > apps have had issues with their data being on the Novell server, one
    > has had it's data moved to a windows server. We need as low
    > maintenance as possible and some including myself have suggested in
    > this environment we don't really need novell and it is additional
    > administration and learning for me without much purpose.


    So what's the cost of your proposed change? What's the ROI? If you don't
    know, why not? Is the cost of your proposed change more or less than the
    cost of other possible changes that may meet your stated goals/needs and
    may (or may not) position you better for future needs? What _are_ your
    future needs?


    > It is being suggested by someone that we should not implement active
    > directory because novell edirectory is better.


    "better" is a funny term. It's kinda like arguing that the blue hammer is
    "better" than the red one.

    I like, use, and support eDirectory. But I also recognize that it's a tool.
    It's not a religion. The point of having a tool is to use it. In the case
    of technology tools, the point of having the tool is to use it to
    accomplish some business related goal.

    Certainly there are technical points I could make that one or the other is
    "better", but that's not the point. The point is to find out what you're
    trying to _do_, then to pick the tools that allow you to accomplish that
    with the least cost and highest ROI. That may, or may not, include Novell
    technology, Microsoft technology, or technology from some other company.


    > From what I'm reading,
    > with a lot of windows servers and workstations doing an
    > edirectory>active directory integration is the way to go. Is this
    > true?


    Maybe, yes. Having MAD in your environment does make your Windows account
    management different, and potentially less painful, from what you're doing
    now. Having a provisioning system in place that automatically creates,
    removes, and synchronizes accounts between your eDir and MAD trees can be
    very powerful later when you add something new that requires integration.
    Depending on what your business practices are like, it can also
    dramitically lower your day to day workload by allowing you to automate the
    lifecycle of the user, from new hires getting their accounts created, to
    terminations having their accounts suspended or removed, all based only on
    somebody that does HR for your business hiring or terminating a person.
    There's nobody then running up to your desk at 5:30pm and saying "Oh, we
    forgot to tell you, we hired this new guy here and he needs accounts on
    systems X, Y, and Z, and he needs them about two hours ago!" or shouting
    "We've just fired Bob and you need to make sure he can't log in to any of
    the computers! NOW!"

    Sound like nirvana? Well, it can be, but it can also be a lot of time and
    work invested to get there. Before you can encode business logic in to an
    automated provisioning process, you usually have to play detective for a
    few months and find out exactly what your business processes actually are.
    There's lots of surprises waiting for you, where you will ask somebody what
    they do when a new person is hired, and they'll describe some thoroughly
    bizarre set of tasks or procedures that they are absolutely convinced are
    critical to the organization, but that you've never heard of. Or they'll
    describe some policy that doesn't make any sense and you'll have to go find
    out what the boss really wants to happen.


    > If that is the case what are the advantages of having novell in
    > THIS environment because I don't see a lot.


    Like I said when I started, it sounds like you've already made up your
    mind. What's the advantage? Depends on the person using the tools, not on
    the tools themselves.

    If it were me, in your job, I'd see a huge advantage. I'd be working on the
    provisioning system with Identity Manager 2 or Account Management 3, and on
    using ZENWorks to manage the workstations and applications.


    > If we wanted to do edirectory/novell services ONLY


    Can you? You stated that you have a couple of applications that have some
    sort of historical problem. Has anybody resolved that yet? Is anybody
    working on the vendor to get it resolved? If the problem is Novell's fault,
    is anybody working with Novell Support to get the problem resolved?


    > what novell products would be required
    > to approach the administration ease of a windows-only network


    If you're not going to do MAD, then I'd be having a hard look at ZENWorks
    for Desktops. The Dynamic Local User (DLU) policy allows for any user to
    walk up to any Win2K or WinXP workstation, and log in. They will have a
    Windows account created on the workstation on the fly, which will then be
    removed when they log out.

    But, that doesn't address your possible plans for MSSql or Exchange. If
    you're doing Exchange, you _will_ be doing MAD. So, how are you going to
    manage it?

    Hopefully this is helpful. Research the tools, certainly, but also research
    what you're trying to _do_ with the tools. That's where things get
    interesting. Try to keep an open mind about what you're trying to do, and
    spend less time on justifying how you want to do it.


    --
    | David Gersic dgersic_@_niu.edu |
    | If anything is used to its full potential, it will break. |
    | Email address is munged to avoid spammers. Remove the underscores. |

  3. Re: edirectory/novell vs. active directory

    Jenny wrote:

    > I don't know much yet except that the
    > server is doing file services and every damn workstation and server
    > needs local windows accounts which is the pits.


    not good ;/
    Read about Zenworks for Desktops. It gives you a LOT.
    Dynamic user accounts & roaming profiles, remote control, application
    management, group policies and so on.

    > Historically 2
    > apps have had issues with their data being on the Novell server, one
    > has had it's data moved to a windows server.


    I wonder why?
    Anyway, Netware 6.5 can also be accessed through CIFS as well, so the
    files can be access like from any windows server.

    > have or plan on any linux or unix etc etc but we will be putting in a
    > MSSQL server eventually and perhaps a notes or exchange server.


    Exchange will give you more maintenance... and virus problems.
    Not even considered Groupwise?

    > edirectory/novell services ONLY what novell products would be required
    > to approach the administration ease of a windows-only network so I
    > know what to research. Zenworks seems to be for managing the windows
    > workstations and servers... Which if any novell product can provide
    > granular security for database servers, etc.? What in general would


    Zenworks for Desktops to manage workstations, desktops,
    applications,etc.

    Then Account Management to manage user accounts if you need to have user
    account on some windows servers as well.

    > we be giving up if we did not have AD? What in general would we be
    > getting with both as opposed to only AD?


    AD limits you more to Microsoft. eDirectory works fine on Netware,
    Windows, unix and linux platforms.


    We have Windows servers only for certain applications, like MS SQL.
    All file, print, imaging, www, email and web services are on Netware.


    And remember, Zenworks, Groupwise and other products will run on Windows
    and Linux too. They don't require Netware.

    -sk

  4. Re: edirectory/novell vs. active directory


    On 25 May 2004 06:24:33 -0700, google@ejennie.com (Jenny) wrote:

    >We don't have or plan on any linux or unix etc etc but we will be putting in a
    >MSSQL server eventually and perhaps a notes or exchange server.


    Why? What are the business needs driving these decisions?

    Why not use, for example MySQL on NetWare?

    regards
    Marcus


+ Reply to Thread