Getting Started with Password Policies
Novell Cool Solutions: Tip
By Aaron Burgemeister
Digg This -
Posted: 1 Feb 2006
A reader recently asked:
"Our network runs NetWare 6.5 and AD. It seems that NetWare is being pushed out by all the Microsoft products. The problem is that the main way we use Netware is for file servers. We have the user directories and shares on our Netware servers. The Novell client is used on all workstations in order to authenticate to eDirectory, but we still have to maintain our AD accounts as well.
Our IT department would like to implement some additional Novell products to justify keeping NetWare around (because we just like it the best!). One of the first things we would like to do is start using Password Policies. Keep in mind, we have no other Novell products loaded, so it seems there will be several things to be loaded on the server and maybe even workstations to get started. So any advice on the best way to get started would be greatly appreciated."
And here's some advice on the issue from Novell's Aaron Burgemeister ...
Password policies are superbly easy and offer a wide variety of customization for complexity, expirations, history, and compatibility. And yes, synchronization to other systems via another of our products works very well.
Here's the basic procedure to follow for implementing a Password Policy:
- Load iManager. It should be on your 6.5 servers. If not, download the Mobile iManager version to run on your workstations from download.novell.com.
- Download the IDM plug-ins for iManager. This will get you your Password Management plugins.
- Install the plug-ins according to the documentation.
- In iManager go to the Passwords Role, the Password Policies task.
- Create a new policy (TreePolicy) with the default values and apply it to the Login Policy.Security object. This applies it to the entire tree.
- Customize the policy any way you want.
- Make sure all workstations have the Novell client and make sure they have the NMAS client installed and enabled as well.
- To enable the NMAS client, right-click the red 'N' in Client Properties: Advanced Login: NMAS Authentication: 'On').
- Restart the workstation if necessary.
You should now be abiding by the password policy. You can now use IDM to synchronize passwords easily between your two environments (and any number of other environments you connect to eDirectory). Start using ZENworks if you can. Application distribution and imaging via that product alone should be reason enough to keep your blood the proper color of red. Keep in mind that the common color to represent oxygen-deprived blood is blue ... :-)
As a NetWare alternative, feel free to look into other options including Linux. All of Novell's products (that I know of) including GroupWise, ZENworks, IDM, eDirectory, the Novell Client, iFolder, iPrint, etc. run on Linux as well as NetWare. One of the ideas behind Open Enterprise Server is to have a server (regardless of the kernel ... use your favorite) that runs a multitude of applications, which is what you really want anyway.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com