There’s no ‘kind of’ about this. Novell® Open Enterprise Server 11 SP2 IS a big deal. This service pack includes many improvements, some long-awaited and much-requested. Most of these changes increase the convenience for you, the Open Enterprise Server administrator. Below is a list of some of the most important changes and improvements.
We’ve made two changes that ease and speed installation. First, we’ve introduced an express install that helps to install Open Enterprise Server 11 SP2 with minimal user intervention. Also, you can now clone a server running Open Enterprise Server after install or post upgrade.
Management and Monitoring
Dynamic storage technology (DST) now provides a unified quota management system that allows you to manage your disk space usage policy for DST shadow volume pairs. Previously, a unified quotas-management approach wasn’t available and managing quotas in DST was difficult. Now the ncpcon quotas command allows you to add, modify or delete directory quotas or user-space quotas on the primary volume, and then easily set related quotas on the secondary volume based on those settings. The Novell Storage Services™ (NSS) file system independently enforces the quotas set on each volume.
We have replaced the Novell Remote Manager health monitor function, which had caused some stability issues, with Ganglia and Nagios open source health monitoring tools. These tools will not only add to the stability and reliability of Open Enterprise Server 11 SP2, they also allow you to do more. You’ll now have more monitoring features at your disposal.
Other management and monitoring improvements include:
- Novell Remote Manager now includes plugins to monitor and manage Common Internet File System (CIFS) and Apple Filing Protocol (AFP) connections and open files. You can also do this using server-side utilities.
- An NSS Change Owner Utility (nsschown) to identify the files and directories that have obsolete owners.
- In iManager, using the Files and Folders plugin, you can view the effective rights that a trustee has on a folder or file. Using the Users or Groups plugin, you can add or modify rights to files and folders for a user or group on a specified volume.
- The Domain Name System (DNS) and Dynamic Host Configuration Protocol (DHCP) Java Management Console now enables you to delete dynamic leases.
Novell Cluster Services
We’ve made a number of changes in Novell Cluster Services™ (NCS). First, when you change the nodes or failover order in a resource’s Preferred Nodes list, the change takes effect immediately when you click OK or Apply if the resource is running. Previously, you had to take the cluster resource offline and bring it back online before the change would take effect.
Because some clustered services rely on the NetIQ® eDirectory™ daemon (ndsd) to be running and available to function properly, NCS now provides the ability to monitor the status of the eDirectory daemon at the NCS level. (It is disabled by default). You can set the monitor independently on each node. If the eDirectory daemon does not respond to a status request within a specified period, NCS can take one of three configurable remedy actions: an ndsd restart, a graceful node restart or a hard node restart. You no longer have to perform these actions manually or write a script for this.
Additional NCS improvements include:
- You can now get a report of logged events that occurred during a specified time range.
- The DotOutParser utility prints summaries of failed or incomplete events that have been recorded in a specified log file. It also prints output (if any) from any commands that failed or got stuck.
- The My Clusters page in iManager provides the ability to manage the cluster with the IP address of a specified node (preferably the master node) if the master IP address for the cluster object is experiencing problems.
- You no longer need modifications to scripts to support VLAN on Network Interface Card (NIC) bonding.
- We modified the NetWare Core Protocol™ (NCP) Server to refresh its OpenSLP registration of cluster resource virtual NCP servers based on the setting for the eDirectory advertise-life-time parameter.
- You no longer have to stop NCS in order to disable the Shareable for Clustering setting.
File and Storage Services
We’ve introduced better integration with third party anti-virus, backup and hardware security module (HSM) solutions for our file and storage services. We’ve also improved CIFS access support from MAC OSX clients.
Built on the Latest Linux
OES 11 SP2 is built on SUSE Linux SP3. SUSE is the enterprise Linux that thousands of enterprises have come to rely on. With support for new hardware and the latest open source hypervisors, this latest service pack adds even more value to your OES deployment.
Domain Services for Windows
Sites and Subnets
The new sites and subnets feature enables you to configure multiple sites wherein domain controllers can be distributed over different geographical locations. After you configure the sites and subnets feature, when a client tries to log in to a domain, the request goes to the nearest available domain controller, thus ensuring faster domain login.
Novell Client Support
Finally, DSfW can now coexist with the Novell client. Users will now be able to authenticate to a DSfW server using the Novell client. You can now join a workstation pre-installed with the Novell client to a DSfW domain without affecting the DSfW communication.
With the new Novell client support, Windows operations such as domain login, password change, GPO policy, content redirection, roaming profile, folder redirection and advanced login parameters will work.
This feature also enables Novell client features such as login scripts, LDAP contextless login, login with profile and automated login.
Other DSfW changes include:
- You can now configure a DSfW Server as a WINS Server
- Supports Mac OS X 10.8 and Windows 8 clients
- Simple Authentication and Security Layer (SASL) NT LAN Manager Security Support Provider (NTLMSSP) bind support
- DSfW does not install NSS by default. This is to ensure that you use the DSfW server only as a domain controller.
- You can now address Network Time Protocol (NTP)-signed requests from Windows clients with the cross_partition_ntp_setup.pl script.
- There is a brand-new Best Practices Guide
NetIQ eDirectory 8.8 SP8
In addition to several miscellaneous enhancements and bug fixes, eDirectory 8.8 SP8 offers significant scalability and performance enhancements. It now takes full advantage of a server’s processing power, which results in faster processing of changes by several orders of magnitude in a heavily loaded or high identity management use environment. For example, it took one customer 11 months to delete 15 million objects on the previous eDirectory. Using SP8, the same customer deleted 55 million objects in three weeks with minimal tuning.
One of the reasons the customer was able to do this is that SP 8 offers advanced performance tuning. We have exposed settings that were previously static so you can tune eDirectory to your own unique environment.
SP 8 also offers enhanced auditing capabilities. The XDAS Auditing Framework is now bundled in Open Enterprise Server. You can now audit iManager operations. The true guest IP address is also captured for all events.
The new version of eDirectory includes LDAP enhancements that allow for improved integration with LDAP applications. SP8 also includes iManager 2.7 SP7. This new iManager offers transport layer security (TLS) v1.2 support for more secure hand shaking and provides more advanced cryptographic algorithm modes. It also includes updated eDirectory, Novell modular authentication service (NMAS) and PKI plugins to take advantage of the new features in eDirectory 8.8 SP8.
We Hope You Like It
In making updates to Novell Open Enterprise Server 11, we aimed to solve many of the issues that we’ve heard about from you, the users and administrators. We’ve also taken steps to make installing and administering Open Enterprise Server easier and more convenient. If you’d like additional information on any of the items listed here, we’ve updated the documentation, so please see the install guide or relevant administration guide on our documentation site.