Cool Solutions

New Capabilities in Storage Manager 5.1 for Active Directory Add Management Flexibility and Enhance Product Performance

buckgashler

By:

December 14, 2016 3:09 pm

Reads:715

Comments:0

Score:Unrated

Print/PDF

The release of Micro Focus Storage Manager 5.1 for Active Directory introduces some impressive new capabilities designed to ease the management of your ever-growing network-stored data. With the ability to now manage data across Active Directory forests, flexibility in how provisioned home folders are named, provisioned group folders owned by multiple groups with access permissions specific to their group membership, and more, this is a release that Storage Manager for Active Directory customers are going to want to deploy right away.

This article provides an overview of each of the new features in Micro Focus Storage Manager 5.1 for Active Directory. For a more detailed explanation of these new features, refer to the Micro Focus Storage Manager 5.1 for Active Directory Administration Guide.

Event Monitor Scope

Past versions of the Storage Manager Event Monitor would monitor not only Active Directory events pertaining to user- and group network-stored data, but also non-applicable events as well. For example, the Event Monitor would monitor Group objects as they were created by Microsoft Exchange for distribution lists. Monitoring events such as these would burden the Event Monitor and could slow down the response time for Storage Manager to take action following applicable network file system events.

The new Event Monitor Scope feature lets you “scope” the segments of the forest or domain that the Event Monitor will monitor by specifying what areas of the forest or domain to include and exclude. A scoped segment of the forest to include might be specific containers or groups.

Use the new Scope feature to specify which areas of the Active Directory domain or forest are to be included and excluded from event monitoring.

Use the new Scope feature to specify which areas of the Active Directory domain or forest are to be included and excluded from event monitoring.

Managed Path Naming Attribute

No longer dependent on the name of the sAMAccountName attribute value, which might or might not be a descriptive name of the user or group, you can now choose from among multiple attributes for the user or group folder name.

For some organizations, having the default sAMAccountName attribute as the means of naming home folders is not desirable. A school that generates student accounts using an account provisioning system for example, might generate a student account and sAMAccountName such as SA74556, rather than a more descriptive name such as William Sanders. To allow Storage Manager to create a home folder with a name like WSanders, rather than SA74556, you can now select a different attribute from the drop-down list.

Any single-value AD Attribute can be selected.

Any single-value AD Attribute can be selected.

Once you have saved the policy, you can use an account provisioning system such as NetIQ Identity Manager to automatically populate the selected attribute with the desired folder name and then Storage Manager will automatically provision the home folder based on this attribute setting. Using the example above, the home folder name would be WSanders rather than SA74556.

For existing users whose home folders you would like to change to a new attribute value, you would follow the same procedures, followed by performing an Enforce Policy Path Management Action.

Multi-Principal Group Storage Policies

This new policy type allows for multiple groups to access a shared group folder, with each group having different sets of permissions to the group folder.

Each group’s access to these folders is dependent on the security group object’s security principal. For example, one group’s access could be RO, another’s could RW, and another’s could be FUL. Based on their support for multiple security principals, these folders are known as “Multi-Principal Managed Paths,” and they are issued through new policy types known as “Multi-Principal Collaborative Storage” policies.

Multi-Principal Managed Paths are owned and accessed by Active Directory security groups with the same group prefix name separated by a suffix separator, and then distinguished by a unique security separator.

In the example above, multiple security groups at an auto parts manufacturing company are set up to access a shared folder.

In the example above, multiple security groups at an auto parts manufacturing company are set up to access a shared folder.

The permissions for each security group are specified in the Provisioning Options page of the policy.

The permissions for each security group are specified in the Provisioning Options page of the policy.

Cross-Forest Data Management

With the release of Storage Manager 5.0 for Active Directory earlier this year, we introduced the ability to migrate user and group data from one Active Directory forest or domain to another using the Active Directory to Active Directory Cross-Empire Data Migration subsystem. One of the requirements for doing so is establishing a trust relationship between Active Directory forests or domains.

With the release of version 5.1, we allow you to leverage the trust relationship to manage data between the two forests or domains. The User and Group objects must reside in the primary forest, but these objects’ data can be managed in the secondary forest’s network file system.

In the example above, Storage Manager is managing data residing in forestb.org for users that reside in the cctec.com AD forest.

In the example above, Storage Manager is managing data residing in forestb.org for users that reside in the cctec.com AD forest.

For example, a User Home Folder policy assigned to User objects in Forest A can be set to a target path in Forest B. Similarly, data residing in the file system of Forest A can me moved, copied, or vaulted to Forest B through an operation.

Faster Data Copying

In version 5.0, we were able to speed up data copying and migrations through multi-threaded copying. For version 5.1, we’ve extended this copying capability to any management task involving data movement.

Downloading the Software

Storage manager 5.1 for Active Directory is available for download here. If you already have Storage Manager 5.0 for Active Directory, you will not need an updated license. You will need to update your Agents and the SMAdmin administrative interface. If you want to utilize the new Event Monitor Scope feature, you will need to update the Event Monitor.

0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this post.
Loading...

Tags: , ,
Categories: File & Networking Services, File Reporter, Open Enterprise Server, Storage Manager, Technical

0

Disclaimer: This content is not supported by Novell. It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test it thoroughly before using it in a production environment.

Comment

RSS