|[an error occurred while processing this directive]||
Posted on 3 Oct 2003
Doug Anderson is the Product Manager for Novell Account Management. He was one of the founding fathers of Cool Solutions in 1996, and over the years has written some of the most popular and enduring articles in GroupWise Cool Solutions. It's great to have Doug writing Cool stuff again.
Lemme splain. No, there is too much, lemme sum up. I guess I could go into all the history of Novell Account Management, the 5 different products that have preceded version 3.0, how Account Management relates to DirXML, all that stuff, but I think we'll save that for a different day. For now, what I really want to do is tell you 5 features you really have to know about NAM, 5 things we think set NAM 3.0 apart and make it compelling.
Feature Number One: SCRIPTS
Sure, you can use scripts with most products (including DirXML). But NAM 3.0 is developed from the ground up to not only use built in scripts that ship with the product out of the box for your provisioning needs, but also to let you plug in any script you've already written, seamlessly, effortlessly to enhance the provisioning process.
Let's face it, you've been using your stuff a lot longer than you've been using our stuff. So we've designed NAM to let you use that "add user" Windows Script, and that "home directory" SHELL script that you've been using for 10 years, and that OS/390 Dataset with a REXX script sitting around. We supply a set of perfectly useful, comprehensive scripts, but we fully expect you expand them incorporating your own. It's all about you and automating your enterprise they way you want with what you all ready have.
Feature Number Two: PASSWORDS
Anywhere NAM goes, passwords go. There are three different ways passwords can go: Redirection: On OS/390 and Unix/Linux you have the option to have your login and change password requests redirected to eDirectory.
Redirection with local security system failover: In addition to redirection on all platforms that support redirection we have added the ability to have the password, once successfully authenticated against your eDirectory password, pushed into the local security system so just in case the backhoe digs up the fiber between your mainframe and everything else (except the users who want to login), your users can still login and be producting.
Replication: Unix/Linux and Windows can also be configured to do what we call Password Replication. Password changes get replicated to connected systems on a password change event.
Either way, to a user, passwords are synchronized, everywhere. Which is what you want, right?
What about those applications that need passwords? NAM also as an extensive set of authentication API's you can use for custom native applications as well Apache, IIS web modules. There are even samples to integrate SASL, TACACS and even SSH on Unix systems to enable your enterprise to authenticate everything out of eDirectory with a single password for your users.
Feature Number Three: FAN-OUT
Called Platform Sets, this is a simple concept. You can manage myriad platforms from one manager, making NAM unusually scalable. We've had installations where we've run 600 Unix servers and 300 Linux servers from a single manager (and it works). Maybe I've undersold this a bit here. We're all about understatement.
Feature Number Four: PLATFORM COVERAGE
Platforms, Platforms everywhere. Windows NT, Windows 2000, Windows XP, Windows 2003 even, Unix, Solaris, AIX, HP-UX, Free BSD, Linux on Redhat, SuSE, and Debian, OS/390 on RACF, Top Secret, and ACF/2. Coming very soon, AS/400. All out of the box, all right now (well, except for the coming soon one). And the bonus is, if you've got, say, PeopleSoft as your HR system feeding events into eDirectory, NAM consumes it, and feeds it to any and all of the platforms listed.
Feature Number Five: OPEN/EXTENSIBLE
You can build an amusement park, or just a playground. It's your call. NAM is wide-open. It can be your out-of-the-box, tactical application, or a set of tinker toys from which you can build a strategic, enterprise-wide solution. It's your world, you paint it.