eDirectory at the University of Michigan
Novell Cool Solutions: Feature
Digg This -
Posted: 17 Mar 2004
The University of Michigan has been using NDS/eDirectory to manage its network resources since 1993 (on September 25, at 11:11:55 p.m. to be exact). They're keeping a good thing going - here's an inside look at how Novell meets their needs. You can get the full story here.
Novell eDirectory is a cross-platform Lightweight Directory Access Protocol (LDAP)-enabled, directory-based identity management system that centralizes the management of user identities, access privileges and many other network resources.
eDirectory stores identity and resource information in an object-oriented hierarchical structure called a tree. The main eDirectory on campus is the Michigan Tree. One of eDirectory's strengths is its ability to delegate administrative authority of branches within the tree. A unit can have complete control over its own branch of the tree but not have any access to other branches. Yet, that unit can still offer services to other branches if desired. This is particularly advantageous in our higher education campus environment where autonomy and collaboration are of equal, yet often conflicting, priority.
|Michigan Tree History and Current State|
The Michigan Tree started life with the installation of a NetWare 4.0 server on September 25, 1993 at 11:11:55pm. NetWare 4.0 was the first version of NetWare to be shipped with eDirectory (called Novell Directory Services [NDS] at the time.) Currently the tree holds servers running many different versions of NetWare including 4.11, 4.2, 5.0, 5.1, & 6.0. It is also capable of holding servers running Windows NT/2000, Linux, AIX, and Solaris. The first release of eDirectory (NDS) was version 4.0. The Michigan Tree currently consists of eDirectory versions 6.x, 7.x, 85.x, 8.6.x, & 8.7.x.
The Michigan Tree serves 55 distinct, individually managed units who run approximately 165 servers cumulatively, hosting approximately 8TB of disk space in total. These units manage, and offer resources, to approximately 22,500 user objects.
Below is a history of extensions that have been added to the Michigan Tree schema.
|NetWare||6 May 2002|
|NetWare 6 SP1||May 2002|
|eDirectory 8.6.2||May 2002|
|iFolder Pro||2 September 2002|
|NetWare 6 Service Pack||2 October 2002|
|ZEN for Servers 3||November 2002|
|NetMail 3.1||April 2003|
|ZENworks for Desktops||4 May 2003|
|eDirectory 8.7||May 2003|
|eDirectory 220.127.116.11||May 2003|
|Kerberos Login Method Beta||1 June 2003|
|NetWare 6.5||October 2003|
|eDirectory 8.7.1||October 2003|
|NetWare 6.5 Service Pack 1a||February 2004|
|eDirectory 8.7.3||February 2004|
Projects are currently underway to integrate the Michigan Tree with other University of Michigan services.
The University of Michigan is currently testing Novell's solution for authenticating to eDirectory using Kerberos. Our testing utilizes the existing MIT Kerberos V system on campus (the UMICH.EDU realm.) The integration of this solution into the Michigan Tree will allow units to offer services to someone on campus without them needing to remember another password. This should allow the unit to offer services to a larger subset of the population.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com