Network Plus 2005 In Depth
.pdf
462 Chapter 10 NETWARE-BASED NETWORKING
NET+ |
Below the root is an organization object. The organization object branches out in a hierarchi- |
3.1cal arrangement of OUs (organizational units, or containers). As in Active Directory, an OU’s purpose is to logically subdivide the tree and hold other objects that belong together. OUs can organize users and resources by geographical location, department, professional function, security authorization, or other criteria significant to the particular network. For example, if the organization under the root of the Sutkin Manufacturing Company’s eDirectory tree is called “Sutkin,” the OUs might be called “Maintenance,” “Inventory,” “Packing,” “Shipping,” “Information Services,” “Accounting,” and so on. On the other hand, if Sutkin Manufacturing is a small company with only a handful of users and other resources in the Maintenance, Inventory, Packing, and Shipping Departments, these users and resources may be grouped in a larger OU called “Operations” and departments within the “Operations” OU may be distinguished through the use of groups.
Figure 10-6 compares two ways of grouping objects. It’s usually possible to arrange an eDirectory tree for an organization a number of different ways. The hierarchy of resources and organizational units is something network administrators must plan carefully.
FIGURE 10-6 Ways of grouping objects in an eDirectory tree
A CLOSER LOOK AT THE NETWARE 6.5 OS |
Chapter 10 463 |
NET+ |
Moving away from the root of the tree, branch objects lead to either more branch objects or |
3.1leaf objects. As you have learned, a leaf object is an object in the directory tree that does not contain other objects. For example, a printer queue is a leaf object because it handles only the printer queue. A user is a leaf object because it does not contain or manage any objects other than the network user it represents. Several kinds of leaf objects exist. You will typically deal with user-related leaf objects, such as users, groups, profiles, templates, and aliases. You will also deal with printer-related leaf objects, such as printers, queues, and print servers. Some Novell packages, such as GroupWise, introduce other kinds of leaf objects into the tree. Nevertheless, all Novell products integrate with the eDirectory structure to allow easy, centralized administration. Figure 10-7 depicts a more complex eDirectory tree with several branch and leaf objects. (Compared to an eDirectory tree you might find in a large corporation, this example is still greatly simplified.)
FIGURE 10-7 A more complex eDirectory tree
Naming Conventions
Each object in an eDirectory tree has a context that indicates where that object belongs in the tree. A context consists of an object’s OU names, arranged from most specific to most general, plus the organization name. Periods separate the OU names within the context. You can envision the context as a kind of address for locating an object.
464 Chapter 10 NETWARE-BASED NETWORKING
NET+ |
Contexts may be expressed in two ways: typeful and typeless. The typeful notation is a rela- |
3.1tively lengthy way of expressing context that includes identifiers for the organization and OUs. (It is similar to the distinguished name in Windows Server 2003.) For example, a user named Phil who works in the Receivables area of the Accounting (“Acctg”) department of Sutkin Manufacturing in Figure 10-7 would have a typeful context of OU=Receivables. OU=Acctg.O=Sutkin. In this typeful context, “OU” stands for “organizational unit” and “O” stands for “organization.” The LDAP standard uses typeful names, too, though LDAP notation uses commas rather than periods to separate organization and organizational unit names.
A typeless notation eliminates the “OU=“ and “O=“ symbols. In the preceding example, Phil’s typeless context would be Receivables.Acctg.Sutkin. Both the typeful and the typeless contexts indicate that Phil is a member of the Receivables organizational unit, which is located in the Acctg organizational unit, which is part of the Sutkin organization.
In a large corporation with a complex eDirectory tree, a user’s context can quickly become very long. Users do not always have to know or provide their context, however. Instead, the workstation support group or network administrator can configure users’ client software to assume by default the context and the organization to which each user belongs. Users can then log on to their organizations with only a user name. In the preceding example, a user named Phil with the typeful context of OU=Receivables.OU=Acctg.O=Sutkin would simply type “phil” when prompted for his user name. This is similar to using a relative distinguished name in Windows Server 2003.
Now that you understand the way NetWare 6.5 organizes and manages objects in eDirectory, you are ready to plan and perform a NetWare installation.
Planning for Installation
NET+
3.1
The importance of planning for installation cannot be overemphasized. Poor planning results in more work for the installer, potential downtime for users, and headaches for whomever supports the server after installation. The following list summarizes the critical pre-installation decisions you should make. As you will see, the list is very similar to the decisions that you must make before installing Linux and Windows Server 2003; whereas Windows Server 2003 deals in Active Directory, NetWare focuses on the eDirectory tree.
Where does the server fit in the eDirectory tree? The place occupied by the server in your network’s eDirectory tree (its context) will depend largely on its function. If this function is merely to allow a group of students to print to a classroom printer, the server might belong to a small organizational unit for that classroom. If the server will provide network access for all of the math instructors at a college, it may belong in the Math organizational unit of your tree. If the server will provide mail services to the entire college, it may have its own organizational unit off the root of the tree called Mail. Clearly, you should develop your organization’s tree and its policies for organizational unit and leaf objects before you begin installation. The server’s place in the eDirectory tree will affect how easily it can be accessed and managed. After you have established the server’s context, you cannot change it.
NET+
3.1
PLANNING FOR INSTALLATION |
Chapter 10 465 |
What name will the server have? Choose a practical, descriptive name that distinguishes the server from all other servers. You might use geographical server names, such as Boston or Buffalo. Alternatively, you might name servers according to their function, such as Marketing or Research. Bear in mind that the server name can (and usually will) differ from its eDirectory organizational unit’s or organization’s name. For example, the Math Department server in a college’s eDirectory structure might be called “MATH_DEPT,” but it might belong to the “Math” organizational unit, which might in turn belong to a larger organizational unit called “TechCollege” under the root.
How many and what kinds of NICs will the server use? Before you begin installing NetWare, you should have driver and diagnostics disks on hand for the server’s NICs. The NetWare installation process will usually find your NIC’s driver in its own set of software drivers, but it may not always be successful in this quest. You should therefore be prepared to supply the NIC software, and the NIC’s IRQ, shared memory address, and I/O base address before beginning the server installation.
What protocols and network services should the server use? You need to know which protocols your network requires. By default, NetWare 6.5 will install and run the TCP/IP protocols, which, as you know, are supported by virtually all modern clients and other NOSs. However, if your network supports legacy technology, you may have to install additional protocols.
What will the Administrator password be? When you install NetWare, you will be asked to provide an Administrator ID and password. In NetWare 6.5, the default Administrator ID is “Admin.” As explained in previous chapters, you should choose a password that is difficult to crack.
What kind of disk controllers does the server have? NetWare’s installation program will attempt to detect the kind of hard disk and CD-ROM drive your server possesses. If the program can correctly identify the hardware, it will install the drivers. Otherwise, it will prompt you to choose drivers from a list or install a driver from a disk. Either way, you should know what kind of disk controllers your server has (you can find this information in the server’s hardware specifications or by viewing BIOS information). Note that the NetWare installation process does not always choose the right controller by default.
How many, how large, and what kind of volumes will the server require? NetWare’s installation program will ask you to identify the size, number, and names of the server volumes. Initially, the program assigns all free space on the hard disk to its default volume, SYS. To add volumes, you must modify the size of SYS (by subtracting the size of the other volumes you intend to create from SYS’s current size).
What server pattern, or type, will the server be? In designing the NetWare installation program, Novell has attempted to predict the types of servers users will want to install. Based on these predictions, Novell selected the services that would be necessary for each type and presented each collection of services as server patterns. Some patterns you can choose to install include a Basic NetWare File Server, a Customized
466 Chapter 10 NETWARE-BASED NETWORKING
NET+
3.1
NetWare Server, or a Pre-Migration Server. If you choose a basic file server, only the key services necessary for sharing, including file system tools and eDirectory, will be installed. If you choose to install a customized server, you can pick any combination of NetWare components to install. A pre-migration server is one that you designate as the recipient of an older server’s data and directory information. Other choices include installing a backup server, Web server, and print server. Some components, such as eDirectory, ConsoleOne, and Remote Manager, are installed by default, no matter which server pattern you choose.
What kind of license do I have? When you purchased the NetWare operating system, you chose a licensing option for your organization. During the installation of the operating system, you will be prompted for the license disk (or file, if you’ve copied it to the server’s hard disk) that came with your NetWare software. NetWare 6.5 licenses can be purchased on a per site (organization), per server, or per user basis. The per site (or organization) mode requires a license for every organization and authorizes all users (up to 250,000 users) at the organization to connect to the NetWare server. The per server licensing mode allows a limited number of clients to access the server simultaneously. In per server mode, any of your organization’s clients may be capable of connecting to the server. The number of concurrent connections is restricted. The per user mode requires a license for every user object or client capable of connecting to the NetWare 6.5 server. Licensing restrictions become more complicated if you are using NetWare’s clustering services, in which several different servers can act as one large server.
How can I remember all of this information? After you have made these decisions, you should create a server installation form and keep it with you during installation. Appendix D offers an example of such a form.
The preceding list highlights only the most significant installation options. You should also be prepared to read and accept the license agreement, identify your time zone, provide IP address information, and choose any optional authentication services the server may use.
Installing and Configuring a
NetWare 6.5 Server
NET+ |
After you have devised a plan for your NetWare 6.5 installation, you can begin the actual instal- |
3.1lation process. In this section, you will learn about the available options and the decisions you must make when installing and initially configuring your NetWare 6.5 server.
The Installation Process
After thoroughly planning your installation and obtaining the NetWare 6.5 software from Novell, you are ready to create a NetWare 6.5 server. NetWare can be installed from a CD (the most popular method) or another server on the network. If your computer is configured to boot from the CD-ROM drive, you can merely insert the first NetWare installation CD and start
INSTALLING AND CONFIGURING A NETWARE 6.5 SERVER |
Chapter 10 467 |
NET+ the computer. When the computer boots, it will run the INSTALL program from the CD-
3.1ROM. If your computer is not configured to boot from the CD-ROM drive, make sure the server is installed with DOS version 6.22 or higher, and then run the INSTALL program from either a CD-ROM or another server on the network. (Do not attempt to install NetWare from a DOS prompt on a server running a Windows operating system or from the DOS version that comes with Windows.)
The NetWare installation process begins with text-based menus that prompt you to:
Select your language.
Select regional settings.
Accept the Novell Software License Agreement and the JReport Runtime program license agreement from Jinfonet Software ( JReport Runtime is a third-party software package used by NetWare).
Choose whether you want to perform a Default or Manual installation. The Default installation preselects standard server settings and simplifies installation. Manual installation allows you to choose settings specific to your network. If you choose the Default installation, you can still change, add, or remove services or settings later.
Prepare the boot partition.
If you have chosen the Default installation, accept default selections of a 4 GB SYS volume, and auto discovery of LAN, disk, and video drivers.
The program copies the NetWare installation files to your server’s hard disk. Next, it discovers your hardware and loads the appropriate drivers, then copies the NetWare system files. After that, the installation menus are GUI-based and prompt you to:
Choose a pattern, or select the type of server you are installing.
If you selected a Customized NetWare Server, select the components you want to install.
Review the details of the server you’re about to install.
Choose to copy files.
The installation program prompts you to insert a second installation CD-ROM, the NetWare Products CD. After these files have been copied, you need to set up the server. The program will prompt you to:
Name the server.
Enable cryptography.
Specify the network protocols for each network adapter, and in the case of TCP/IP, specify the server’s IP addressing information.
Enter the server’s host and domain name.
Set the server time zone.
Select whether to create a new eDirectory tree or add the server to an existing eDirectory tree.
468 Chapter 10 NETWARE-BASED NETWORKING
NET+ |
Enter eDirectory information (and if desired, create organizational units). |
3.1Choose an Administrator ID and password.
License the NetWare server.
Select the login method, or any additional means of authenticating with an eDirectory tree (other than the default method, which is called the NDS login method).
After you provide this information, the installation program copies files necessary for the security services you selected. Then, it closes the installation files and prompts you to remove any installation CDs or disks and reset the server. If you choose to start the server software automatically upon rebooting, the NetWare NOS loads. If you choose to start the server manually, you must type SERVER at the command prompt and then press Enter to load the NetWare NOS.
By default, the NetWare installation program creates the eDirectory tree (if one didn’t previously exist), a SYS volume, a SYS pool, an administrator user called Admin who has supervisory rights to all objects in the eDirectory tree and all files in the file system, and a group called [Public] that has Browse rights to view all objects in the tree. The following section describes how to create users and groups in NetWare 6.5.
Establishing Users and Groups
Before users can log in to your NetWare network and share resources, you will need to add objects—including user objects—to the eDirectory tree. After adding objects, you may want to modify their properties or even extend the NetWare schema. Such operations can be accomplished by using one of three tools: ConsoleOne, Remote Manager, or iManager.
NOTE
Remote Manager and ConsoleOne are installed by default, no matter which NetWare 6.5 server pattern you choose. However, iManager is considered an optional service. You may either choose the Customized NetWare Server pattern during the first installation, and then select iManager as a desired service, or you may install iManager from the server console after installation.
You can run ConsoleOne, Remote Manager, or iManager from any workstation connected to the same network as the NetWare server. To run ConsoleOne, the computer must have the ConsoleOne client installed and be running the same protocols as the server (for example, TCP/IP or IPX/SPX). In the case of Remote Manager and iManager, the workstation must run the TCP/IP protocol and a Web browser—either Internet Explorer version 5.0 or higher or Netscape, version 4.5 or higher. No matter which tool you choose, you need administrator privileges to the server to create users and groups.
INSTALLING AND CONFIGURING A NETWARE 6.5 SERVER |
Chapter 10 469 |
NET+ |
To run Remote Manager, point your Web browser to the IP address for the NetWare server |
3.1management interface. By default, this address will be port 8008 on your server. For example, if you gave your NetWare server an IP address of 10.11.11.11, point your browser to the following URL: https://10.11.11.11:8008. The NetWare Remote Manager login window opens, prompting you to log on. Enter the administrator ID and password you chose during installation, and then click Login. From there, you can perform server, volume, and limited eDirectory management.
To start iManager, point your browser to the /nps/imanager.html page on your NetWare server. For example, if your NetWare server’s IP address is 10.11.11.11, point your browser to the following URL: https://10.11.11.11/nps/imanager.html. The NetWare iManager login window opens. Enter the administrator ID and password you chose during installation, and then click Login. After logging on, you can perform unlimited eDirectory management.
The following steps explain how to create a new user object in iManager. Although the same can be accomplished in ConsoleOne or Remote Manager, iManager is the tool Novell recommends for creating and managing user objects.
1.Connect to the iManager URL on your server and log on to the iManager tool as a user with administrator privileges. The iManager window opens, with a list of functions on the left side of the screen.
2.Scroll down the list and click Create User under the Users heading. The Create User window opens, as shown in Figure 10-8.
FIGURE 10-8 The iManager Create User window
470 Chapter 10 NETWARE-BASED NETWORKING
NET+
3.1
3.Enter the user’s user name, first name, last name, and context in the text boxes provided. This is the minimum amount of data you must enter. You may enter additional information, such as the user’s home directory, password, and personal information. A home directory is a directory on the server in which a user can store files. By default, users have full access privileges to files and subdirectories within their home directories. Note that if you do not specify a password for the user name, the user will be able to log on to the network without a password.
4.When you have entered all the user’s information, click OK to create the user object. iManager responds with a message: “Complete: The Create User request succeeded.”
5.Click OK to return to the default iManager window.
Creating a group in NetWare 6.5 is similar to creating an object:
1.Connect to the iManager URL on your server and log on to the iManager tool as a user with administrator privileges. The iManager window opens, with a list of functions on the left side of the screen.
2.Scroll down the list of functions and click Create Group under the Groups heading. The Create Group window opens, as shown in Figure 10-9.
3.Enter a name and context for the group, and then click OK. iManager responds with a message: “Complete: The Create Group request succeeded.”
4.Click Modify to change the default properties of this group. The Modify Object prompt appears, with a drop-down list and a number of text boxes.
FIGURE 10-9 The iManager Create Group window
CLIENT SERVICES |
Chapter 10 471 |
NET+
3.1
5.Select Members (depending on your browser type, this option might appear as a hyperlink or an item in a drop-down list). A Members prompt appears.
6.To search for objects to be included in this group, click the Object Selector icon (which looks like a magnifying glass). The Object Selector window opens.
7.Click the Browse button or tab, depending on your browser, to browse through the eDirectory tree until you find the user objects you want to add to this group.
8.Click the user objects you want to add to the group you have created. When you are finished adding users, click OK to return to the default iManager window.
After you have created eDirectory objects, you may want to change their properties. For example, if one of your staff members changes her last name, you will want to change the last name property within her User object. Or, when an employee leaves the company, you will want to delete his user object. Changing object properties is simply a matter of choosing the “Modify User” or “Modify Group” option in iManager. These functions represent only a fraction of iManager’s capabilities.
TIP
NetWare will not allow you to delete an object that contains leaf objects. If you want to delete an organizational unit, you must first delete all of the objects it contains.
Client Services
NET+ |
NetWare 6.5 provides several ways for different types of clients to access the server and its |
3.1resources. These access methods can be categorized as follows: traditional client access, native
3.2file access, and browser-based access. The following sections briefly describe each method of
3.4NetWare 6.5 client connections.
Traditional Client Access
In previous versions of NetWare, clients running Windows, Macintosh, and UNIX-type of operating systems traditionally connected and accessed NetWare resources via a Novell client specifically designed for that client. For example, a Windows 95 client would run the Novell Client for Windows 95/98. A Windows XP client would use the Novell Client for Windows NT/2000/XP. Novell continues to provide these two software packages for Microsoft clients. They are offered at no extra cost with the NetWare NOS, or they can be downloaded from Novell’s Web site.
To connect to a NetWare server using traditional client software, the client would also need to have installed the appropriate protocol suite (for example, TCP/IP or IPX/SPX). And depending on the server’s configuration, some configuration of the client software may be necessary.