3.1 NSMAdmin and Database Access
Historically, the NSMAdmin administrative interface has exclusively used the XML-RPC protocol to perform all interactions with the NSM Engine. As a means of improving performance, beginning with the release of version 4.1, Novell Storage Manager for Active Directory is transitioning from that model and moving towards one that of directly accessing certain resources from the SQL Server database.
Direct database access is now conducted for the following:
-
Pending Events
-
Pending Event Properties
-
Object History
-
GSR Collector Data
This change means that NSMAdmin is no longer only subject to firewall rules regarding the Engine’s listening port (3009 is the default). Instead, greater consideration needs to be given to the environment and how NSMAdmin is used to access it. This also introduces a change in interaction between NSMAdmin and the NSM Engine.
IMPORTANT:NSMAdmin 4.1 and later can authenticate only to a matching NSM 4.1 Engine.
3.1.1 Legacy Environment
In a legacy configuration, NSMAdmin would communicate with the NSM Engine server directly on the WAN, over the Internet, and perhaps through a proxy. In each case, it would ultimately go through a firewall to the NSM Engine server.
Figure 3-1 Legacy NSMAdmin Configuration
3.1.2 New Environment
Given the new requirements of direct database access, NSMAdmin now requires access to SQL Server through a proxy server or firewall, depending on your requirements. If access to SQL Server is allowed over the Internet, the following represents a likely scenario.
Figure 3-2 First New Configuration Option
If access to SQL Server is restricted to the LAN/WAN, the diagram below represents a likely configuration scenario. In this case, it might be necessary for an administrator to connect through a VPN to access and manage Novell Storage Manager. In most cases, it will no longer be possible to manage Novell Storage Manager outside of the corporate network.
Figure 3-3 Second New Configuration Option
