eDirectory is an integral component of the services that make up OES 2. As with NetWare®, service users are created as User objects in eDirectory and authenticate to gain service access.
OES servers exist as Server objects and there are numerous other objects and configurations stored “behind the scenes” in eDirectory that work together to deliver the same functionality that people are accustomed to with NetWare.
eDirectory even provides eDirectory users with access to some services that would normally require the creation of local user accounts on the server itself.
During the install, when you reach the software selections screens, none of the OES services is selected by default.
You can specifically select eDirectory for installation, or, if you select a service that requires eDirectory, eDirectory is automatically selected for installation.
If you are installing into an existing eDirectory tree and you don’t want eDirectory installed on the server, you can deselect it.
When you configure the services that require eDirectory, you enter the information for an eDirectory server in the tree (either the server you are installing or an existing server), including the name, context, and password of an administrative user with rights to install the required objects in the tree.
If you are creating a new eDirectory tree on your network, the first server you install is important for two reasons:
The basic eDirectory tree structure is created during the first installation.
The first server permanently hosts the Certificate Authority for your organization.
When you install eDirectory on a server, the server is configured by default to use eDirectory certificates for HTTPS services, providing a significantly enhanced level of security for the server.
For more information, see Certificate Management
in the OES 2 SP3: Planning and Implementation Guide.
Novell® recommends that all servers in a tree be of the same fully supported eDirectory and OS versions.
OES 2 SP3 includes eDirectory 8.8.6. Where possible, you should upgrade existing servers to eDirectory 8.8.6 before or during the process of introducing OES 2 SP3 into the environment.
For complete information, refer to the Novell eDirectory 8.8 What's New Guide available at www.novell.com/documentation/edir88.
Novell supports eDirectory 8.7.3.9 or later on NetWare to facilitate the transition from NetWare to OES 2. Although they have somewhat different feature sets, these two versions of eDirectory are tested and certified to inter-operate within the same tree.
eDirectory must be hosted on a current fully supported OS. At this time, the only version of NetWare that is under support (limited) is NetWare 6.5.
Earlier versions of DS/eDirectory should be migrated to eDirectory 8.7.3.7 as outlined in Table 1-1, Upgrade Paths from Earlier Versions of NetWare.
Several tools, many of them Web-based, can be used to manage aspects of eDirectory. The primary tools are listed here.
iManager 2.7: A browser-based tool that lets you set up and manage your Novell eDirectory tree; manage eDirectory objects, schema, partitions, and replicas; and create and manage users, groups, and other objects. For more information, see Novell iManager 2.7.4 Administration Guide.
iMonitor:
A browser-based tool that provides cross-platform monitoring and diagnostic capability for all servers in an eDirectory tree. For more information, see Using Novell iMonitor 2.4
in the Novell eDirectory 8.8 Administration Guide.
Novell Remote Manager for OES: A browser-based utility for monitoring server health, changing the server configuration, or performing diagnostic and debugging tasks. Novell Remote Manager (NRM) provides functionality that is not available in other management utilities. For information, see the OES 2 SP3: Novell Remote Manager for Linux Administration Guide.
Novell Import Conversion Export Utility (ICE): You use ICE to:
Import data from LDIF files to an LDAP directory
Export data from the LDAP directory to an LDIF file
Move data between LDAP servers
Perform a schema compare and update
Load information into eDirectory by using a template
Import schema from SCH files to an LDAP directory
For more information, see Novell Import Conversion Export Utility
in the Novell eDirectory 8.8 Administration Guide.
DSBK: This is a thin command line parser that performs the same operations as the Backup eMTool, but it lets you initiate a backup from the server console without logging in first or setting up Role-Based Services.
For more information, see Using DSBK
in the Novell eDirectory 8.8 Administration Guide.
eDirectory Management Toolbox (eMBox): Lets you access all of the eDirectory back-end utilities remotely or on the server and works with Novell iManager to provide Web-based access to eDirectory utilities such as DSRepair, DSMerge, and Service Manager.
For more information, see The eDirectory Management Toolbox
in the Novell eDirectory 8.8 Administration Guide.
Terminal Prompt Configuration Tools. The following tools are also available:
ndsconfig: Lets you configure eDirectory, add an eDirectory replica server to an existing tree, or create a new tree. For usage information, enter man ndsconfig at the terminal prompt.
ldapconfig: On OES servers, only use this when explicitly instructed to in the OES-specific documentation.
nmasinst: Lets you configure Novell Modular Authentication Service (NMAS™) and install login methods. For usage information, enter man nmasinst at the terminal prompt.
General Utilities.
Refer to Novell eDirectory Linux and UNIX Commands and Usage
in the Novell eDirectory 8.8 Administration Guide for a list and description of command line tools along with syntax, and refer to LDAP-Specific Commands
for LDAP-specific commands.
ConsoleOne: This utility is not supported to perform administration tasks on OES 2 server. However, if you have a service that requires ConsoleOne®, such as Novell GroupWise®, it is supported for administration of those applications.