I wasn’t able to attend Brainshare, but I had the opportunity to study the slides of a presentation by Jason Williams, Senior Product Manager at Novell, about forthcoming developments in Open Enterprise Server which are due out, as part of an update, in the final quarter of 2008.
I scanned through it identifying things relevant to the work I am involved in and this is what caught my attention. First of all the update promises 64 bit eDirectory, which also mean 64 bit versions of Novell Core Protocol (NCP), Public Key Infrastructure Services (PKI) and Novell Modular Authentication Services (NMAS). All OES Services will hereafter be full 64 bit.
There are a number of developments affecting CIFS and Samba. Common Internet File System (CIFS) is a standard protocol to allow clients to access files via the internet. CIFS is a public or open variation of the Server Message Block protocol developed and used by Microsoft. Implementing CIFS enables clientless access to Novell file storage.
Samba on the other hand takes things further and in addition to implementing the SMB/CIFS network protocols actually emulates features which are proprietary to Microsoft. It can provide file and print services for Microsoft Windows clients and can integrate with a Windows Server domain, either as a Primary Domain Controller (PDC) or as a domain member. It can also be part of an Active Directory domain.
As effectively the implementation of hacked proprietary technology there is the on-going risk that the owner of the proprietary software will change their code and break compatibility - this has happened in previous releases. Now that Samba is implemented as part of so many major Linux distributions with all those development teams committed to maintaining it this is less of a concern than it used to be.
Currently on OES 2 Linux CIFS is implemented as part of Novell Samba. The open source Samba software is included as part of SUSE Linux Enterprise Server. OES 2 Linux uses this base Samba software, but configures it differently and installs additional software to take advantage of enhanced services. Features specific to Samba on OES 2 Linux include:
* eDirectory LDAP authentication
* Support for NSS and NCP
* iPrint Support
Novell considers CIFS support with SAMBA is lacking in the areas of performance, integration and configuration and has indicated that in the forthcoming update to OES 2 Linux they include a Novell engineered SMB/CIFS stack that is “better” than SAMBA, key features will be:
* Support for migration of CIFS from NetWare
* Installation will be via Yast
* Simplified management via iManager
* No longer a requirement for a local eDirectory replica
* Ability to configure multiple user contexts for CIFS access
* Linux User Management (LUM) not required, instead any eDirectory user with universal password enabled will be able to be given access
Currently users have to be LUM enabled to use CIFS, this is one of the steps that complicates the current implementation of CIFS on OES2 Linux. However we may find it puts us in an advantageous position in the future to have already implemented LUM support as this potentially makes it easier to use other Linux based services in the future.
Novell intend to separate out CIFS and Samba creating two product sets:
* Novell CIFS - for customers that just want windows protocol access to their files.
* Domain Services for Windows - for customers who want full Active Directory integration (such as domain membership or domain controller emulation).
Novell has this to say about DSfW:
“Domain Services for Windows (DSfW) is a suite of technologies in Open Enterprise Server (OES) 2 that provides login, authentication and Directory authorization for Windows workstations in eDirectory trees and integrates with existing eDirectory deployments”
It will be built on existing open source technology such as Kerberos and Samba and the aim is to “provide seamless integration between Windows and OES environments while leveraging existing Novell eDirectory deployments.”
It will only work with eDirectory 8.8 sp4 on OES 2 sp1 and installation will create a new DSfW domain controller in a new or existing domain, extending the eDirectory schema with AD schema. It integrates Samba with eDirectory using NT 4 protocols a new Samba back end.
Clearly there are design considerations and a level of complexity involved in implementing DSfW. The aim is better integration with Active Directory and better support for ‘clientless’ Windows workstations.
Some nice new improved migration tools are also in the pipeline. A sneak preview was provided of a new consolidated GUI interface supporting various migration scenarios, e.g. upgrade, migration or consolidation. Supported service migrations are to include file system, eDirectory, DNS, DHCP, iPrint, iFolder, Novell CIFS, FTP, NTP amongst others. The ability to migrate CIFS and iFolder is certainly new.
The new consolidated GUI interface provides a dashboard view of migration process and integrates tasks into a single overall view. It supports advanced migrations not just basic scenarios.
The most exciting capability is “Server ID Swap” which in essence is the ability to migrate the configuration of a running NetWare server to an OES2 Linux server, including eDirectory configuration, eDirectory objects and the file system.
The future for Print Accounting on OES Linux was mentioned. Novell is developing a new API enabling third-party modules to interact with iPrint. Partners such as Papercut Software and Salford Software are ready to port their accounting modules, they are still discussing things with A.N.D. Technogies (PCounter). The Windows Vista iPrint client is still being enhanced and isn’t yet at parity with other platforms.
Other coming developments include LDAP Auditing, Enhanced Directory Monitoring in the LDAP layer and a new version of iFolder with lots of new features (both 32 bit and 64 versions).
Under investigation for the future are Novell Cluster Services support for Virtual Machine clustering (clustering of VM infrastructure) and Dynamic Storage Technology for Windows/NTFS without a dependency on eDirectory, iManager, NCP or NSS.
So all in all there are some great developments coming!
Disclaimer: As with everything else at Cool Solutions, this content is definitely not supported by Novell (so don't even think of calling Support if you try something and it blows up).
It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test, test, test before you do anything drastic with it.