1.01k likes | 1.2k Views
UNITED STATES. Understanding NDS for Directory-Enabled Solutions. David Condrey, LAN Systems Manager davidc@clemson.edu Clemson University Jeremy Campbell, Information Resource Consultant jerm@clemson.edu Clemson University. CLEMSON.
E N D
Understanding NDS forDirectory-Enabled Solutions David Condrey, LAN Systems Manager davidc@clemson.edu Clemson University Jeremy Campbell, Information Resource Consultant jerm@clemson.edu Clemson University
CLEMSON Novell Directory Services (NDS) and the Computing Infrastructure U N I V E R S I T Y A real world example: Division of Computing and Information Technology
Background on Clemson information systems Mission and support structure Userid management Network design Server and network access Public access labs Printing Electronic mail Intranet Authentication server Futures Agenda
Background • Large systems background • Strong development shop • Mainframe and open systems expertise • Departmental LANs ruled 90’s until Novell Directory Services (NDS) • NDS populated in Summer 1995 (36,000) • Departmental LANs gone—more centralized management of the network • NDS is centerpiece of security and authentication
Mission • Provide computing infrastructure • Empower users and departments • Provide guidance in selecting solutions based on industry standards • Deploy solutions to meet the needs of institutional computing • Provide user support and training
Defining Groups • Network services • Supports the physical network (routers, hubs, backbone) • LAN systems • Supports application, group, and personal data servers • Client Support Group (CSG) • Supports faculty and staff via Technology Support Providers (TSPs)
Defining Groups (cont.) • Systems Integration Group (SIG) • Supports students and departmental labs • Computer resources • Assists with user account problems • Division of Computing and Information Technology (DCIT) sponsored • College consultants • DCIT sponsored person and college sponsored person(s) that help support the end users of the college
Defining Groups (cont.) • Technology Support Provider (TSP) • Supports faculty/staff end users • Help desk • Sponsored by DCIT to assist end users
Support Structure 2 Computer resources Client support Systems integration • Support is based on a four tier model Problems 3 1 4 TSPs Network services Faculty Staff College consultant LAN systems Students Help desk Resources
Server Strategy and Management • Novell and Windows NT servers maintained by DCIT • DCIT provides hardware and Network Operating System (NOS) • DCIT administers backups • DCIT performs user administration • Group maintains data and security with help of a TSP • Virus protection and software metering
Automatic Userid System (AUS) Personnel Other Admissions NDS MVS AUS Other UNIX
Automating User Maintenance Personnel Other Admissions MVS FTP AUS Old Method Daily UIMPORT run TCP/IP Real-time • Add users • Modify user attributes • Delete users Summer ’97 NDS USRMAINT.NLM
Physical Network Design 100BT Switch Server FDDI T1 Server 100BT Server Server Server Server Server
Every Person Has a Place Organizations ClemsonU Students Misc. Employee A to Z A to Z A to Z
Every Group Has a Place ClemsonU Users Athletics DCIT CAFLS CES Forestry Research Dean's office
Partition Design Students Employee Athletics DCIT A CSO CSG APS B A B Z Z ClemsonU
Use Dedicated “ROOT” Servers forNDS Replicas FDDI (ITC) CU-ROOT-2 100BT Switch R/W for all Group Server Master for all CU-ROOT-1 R/W optional CU-ROOT-3 R/W for users “A” to “Z”
Login Script Design • Based on profile scripts and user scripts • No container scripts • Use base profiles • EMPLOYEE • STUDENT • Base profile includes high level organizational scripts based on membership • Organizational scripts controlled by TSPs • Organization scripts may include departmental scripts managed by others
Script Design & Management .EMPLOYEE.employee.clemsonu .GROUPIFS.employee.clemsonu .AG.cafls.clemsonu .ENG.ces.clemsonu .Forestry.cafls. .BioE.ces. .Civil.ces. ISALAB User Script
Server Timesync Hierarchy Server Server A D Server C Server Server B E External source Prim Secon Ref Prim Secon
Personal Storage (User Data Servers) StudentDn Office, lab, or dial-in Any faculty or staff member EmployeDn Dorm, lab, or dial-in Any student
Personal Data Server Configuration EmployeD(2) StudentD(5) Processor Dual Pro–200 Pentium II–300 Memory 1024MB 512MB Disk 90GB (RAID5) 50GB (RAID5) Replicas None None Home ~11,000 ~25,000 directories Base quota 100MB 25MB
Collaborative Storage—“Group Servers” (Faculty and Staff) EmployeD Group Server1 Group Server2
Collaborative Storage— “Applications Servers” (Students) StudentD Applications Server (N)
Group/App/Root Server Average Configuration Group App Root Pro-200 P-200 P2-300 128MB 64MB 384MB 18GB 9GB 4GB Possible R/W None All replicas 25–250 users 25–250 users 250–800 users*
Collaborative Storage (Faculty and Students) App server EmployeD Group server1 StudentD
Faculty/Student Collaboration • Faculty member wants to put data on the network that students can use • Student submission of work to faculty • Students collaborate on team projects with assistance from faculty member • Students and faculty collaborate on projects or assignments • Publish web pages as a team or class
Faculty and TSP/Client Support Management Read Only Group Server1 Create Only Read Write Teams R/W with Tgroups
Collaborative Storage and Network Bandwidth Group Server1
Outline • Environment for the Virtual PC (VPC) • How the current VPC environment evolved • Mechanics of the VPC • Setting up the computer • Boot time • Login and login script • User Profiles • Software involved • Future directions
Standard Lab • Standard set of applications • Standard operating system • Standard Context-less login • Standard drive mappings • Standard hard drive contents
The Environment as Seen by the Machine Local HardDrive Local Printer StudentDn App server
Goals of the Virtual PC Paradigm • Easy maintenance • Provide global access to password protected network disk space • Allow user to customize his desktop • Same environment (“look and feel”) regardless of location, hardware, or facility ownership
Evolution • Pre-NetWare • Windows 3.11 under NetWare • Windows 95 under NetWare
How It Happens to the User User Profile Login User Profile Logout StudentDn VPC = A series of software manipulations triggered by user login and logout.
Constructing the Machine rebuild • The rebuild disk • REBUILD <location> <pctype> {options} • VLM Client allows it all on one floppy
Boot Time Events • Location, PC type, “ISALAB”, and other environment variables • Some registry updates to ensure default desktop appearance and server failover keys
Contextless Login • Can’t teach end users what a context is • Using commercial product because we needed an immediate solution.
The Login Script • Perform some basic actions • Perform group-specific actions • Perform lab actions • Load profile
Isitcool—Failover Applications Server Attachment ISITCOOL NLM Work- station 1. Using IP, get info from primary app server Isitcool. 2. If attach failure or Isitcool reports no, try next server. 3. Attach to server using NetWare client. YES! Lab 1 NO! Isitcool? NO! Applications Server(n) ISITCOOL NLM ISITCOOL NLM Workstation Disk Image Applications Applications Server(1) Applications Server(2)
Loading the Profile • PC-Rdist is called by the login script • PC-Rdist imports user registry keys from directory mapped to drive U: • First-time lab users get setup • Printers