Forgot your password?
typodupeerror
Operating Systems Software The Internet Windows

Dealing with Directory Dilemmas? 44

Posted by Cliff
from the choosing-the-right-index dept.
Bardaris asks: "In my work environment, I maintain a large number of Novell, and Windows servers. Although Novell is the dominant OS, vendor applications are increasingly making the change from Novell based apps, to single NT4/Win 2k servers. This has put a strain on my PDC. Currently the MS boxes are outnumbering my Novell 30 to 22, with more Win 2k servers in the coming months, as each application vendor has found it cheaper to dictate a sole Win server for their app, rather than sharing nicely on Novell. Now I've been tasked with assessing what to do with the Windows environment. My preference leans to eDirectory and dirXML to contain and maintain the Microsoft proliferation, but what of my NT4 PDC. Should I upgrade to Active Directory (if so, how)? Leave it as is until the last possible moment, whatever that may be? Is there a better way? I highly doubt I can sell a Linux/Samba solution, given the current state of the server environment and political climate here in my company, so that's not one of my options. I'm wondering if other Slashdot readers have ran across similar problems and how they tackled this issue."
This discussion has been archived. No new comments can be posted.

Dealing with Directory Dilemmas?

Comments Filter:

  • It is not that big a deal, buy a book. Get on it.

  • by invisik (227250) * on Monday May 10, 2004 @04:36PM (#9110401) Homepage
    Clearly stay on eDirectory. You will eventually have Linux servers in the house, and that's a great way to integrate everything you are running.

    You probably want to upgrade your NT boxes, if for no other reason then updates/security issues. If you can't bring them to NetWare or Linux, I'd consolidate as many as possible on Windows 2003 and plan your migration to other platforms.

    I would also recommend calling your local Novell office for a personalized look at your situation and some better price offerings.

    Good luck! Should be fun, if nothing else...!

    -m
  • by haplo21112 (184264)
    Dump Novell, consolidate to Active Directory and W2K/2K3, and get on with your life. Running multiple NOSes is a waste of time and effort on your part.
    • by NanoGator (522640) on Monday May 10, 2004 @04:51PM (#9110550) Homepage Journal
      "Dump Novell, consolidate to Active Directory and W2K/2K3, and get on with your life."

      Do you think they'd be running multiple OS's if they could consilidate? Man I hate answers like this.
    • by FreeLinux (555387) on Monday May 10, 2004 @05:03PM (#9110666)
      It's funny that everywhere I have seen someone make the move from Novell to Windows 2000/2003 they replace one Netware server with three Windows servers. And, they still have twice as many problems as they did before they switched. The solution is always the same, add more Windows boxes.

      Not for me thanks, I've had enough.
      • How I got to this state of events... Most of my major applications were running on a single Novell server for years. I had moved from v3.12 to 5.1 without incident. Suddenly in the past two years all the vendors decided a stand alone windows server was the way to go and et voila, instant Windows server farm. Every vendor wants their own server for their app, and the powers that be, do not want to change this scenario. Most of the crap I have on the floor is vendor drive. i.e Here's our product make it fit

        • Yeah, but this state of affairs still doesn't mean instant server farm...You just need to plan it a bit better.

          Lots of SQL driven apps - put in one big-ass SQL box. That box is redundant power/fans/array/network - everything. Then the individual apps all get a DL360 or equivalent.

          Same goes for your TS applications.

          If you really want to have some fun, one big-ass box for SQL, and another big-ass box with VM-Ware hosts to take the place of all those DL360s. You don't need a server-farm (in fact you'd ra
          • Try that in the "real world" and you will find that your application vendors will not support that kind of configuration. You also find that the performance of many of these apps are so freekin bad that they NEED their own box. Case in point: Intraspect (now Vignette BCS.)
            • Have done it in the real world, and have found that reminding the vendor who the customer is normally helps.

              That Intraspect webpage has all the right buzzwords, but I've never heard of it. For content management I always used Documentum, and for intranet stuff, a decent web programmer with templates.

              Point taken...some app vendors do try and insist on devoted box for their application, but competition is a good thing. "You know...I could go with company y instead "

              And I LOATHE SQL patching...you can serv
    • This is NOT flamebait, just because someone is advocating a microsoft solution.

      Windows Server has several tools that assist in integrating NDS and Microsoft's AD as well as services for Unix.

      Furthermore Windows can give you a single sign-on to all of the Novell and Windows resources. With Samba some services can also tie in with the Windows authentication.

      Linux clients can use Samba to connect to both the Windows and Novell resources if configured correctly.

      Although it may not be feasible to dump all t
  • Be a salesman (Score:1, Flamebait)

    by perljon (530156)
    I highly doubt I can sell a Linux/Samba solution, given the current state of the server environment and political climate here in my company, so that's not one of my options.

    You can't sell it because you don't believe in it. It has nothing to do with the server environment and the political climate at your company. The best sells men sell things they strongly believe in. If you really want to be able to sell what you suspect is the best solution, sell yourself first.
    • I've got to believe that you can sell it if you use the fact that NOVELL is become a large Linux play. Why not use NOVELLs solution running under Linux initially??????

      Create a test case for Samba after that is successful, then say good bye to MS.

      I've got to think that if NOVELL is already in use,then NOVELL as a replacement answer even though it is on top of Linux has to be politically possible??
  • by FreeLinux (555387) on Monday May 10, 2004 @04:41PM (#9110449)
    eDirectory and dirXML are definitely the way to go unless you plan to eliminate Novell form your network. As for the upgrade path to Active Directory? Microsoft's Active Directory has already decided that for you.

    If you plan to continue using the same NT domains then you must upgrade your PDC to AD first. You will then be on Active Directory but, your BDCs will still work. You can then upgrade you BDCs at your leisure but, you shouldn't plan on taking a year to upgrade them either. There are issues that will arise over time that would be more easily handled if your BDCs were Active Directory DCs.

    Luckily for you, Novell has seen the Linux light even if your employer or software vendors have not. I would recommend that you press your vendors for Linux versions of their applications and make lots of noise about switching to a vendor that does support Linux, even if it is only a bluff. Over time they too will start offering support for the Linux platform too. Novell, eDirectory and Linux. Now that's a nice network.
    • IMHO, this is indeed the way to go. Keep in mind you can consolidate AD and NDS management, as far as user accounts/group memberships with Novell's Account Management (use 3.0 not 2.1!)Ultimately that product will roll into IDM (Identitly Management/DirXML).Dir/XML can get costly as a project if you plan on linking more than just AD and NDS accounts but the payoff can be so sweet!
  • by droid_rage (535157) on Monday May 10, 2004 @04:43PM (#9110470) Journal
    You've got One NT4 domain, 52 servers, and out of those, 22 of them are Novell, but most of those are going away, right?
    Since you've already got an NT4 domain, your easiest bet is to upgrade to Win2k/2k3 AD. If you've got s single domain, and no trusts, this is simple. if you upgrade your NT4 PDC to Win2k/2k3, it will automatically promote it to an AD DC. Now, it's important to learn something about AD, and you really should have multiple DCs for fault tolerance and load balancing, but this is all pretty easy. Microsoft even has free guides to help you out [microsoft.com].
  • Stay with Novell (Score:4, Interesting)

    by zulux (112259) on Monday May 10, 2004 @04:44PM (#9110476) Homepage Journal

    Stay with Novell.... basically because Active Driectory is a one-platform one-trick pony.

    Active Driectory is like having a diesel car when everybody else has regular cars - you're stuck buying your diesel from the truck stop, where everybody else can fuel up where they'd like.

    Plus AD sucks - it's getting better, in the same way Windows XP is beter than Windows 98 - it just sucks a little bit less.

    • Active Driectory is like having a diesel car when everybody else has regular cars - you're stuck buying your diesel from the truck stop, where everybody else can fuel up where they'd like.

      Ok - I'll have fun with this one (need some flamebait anyway) - yeah just like diesel, cheaper, fewer greenhouse gasses, better gas milage. Plus every gas station I go to has diesel available anyway.

      To be slightly more fair, diesel also has a higher ammount of particulate that may be even worse on the environment than

    • by duffbeer703 (177751) *
      AD is awesome... it is the cheapest way to integrate LDAP into your environment with Windows clients.

      The sucky thing is the Microsoftized Kerberos implementation... they modified the specs some to break interoperability. I've heard of people using standard Kerberos with Windows or MS Kerberos with something else, but have never seen and documentation.
      • by LordMyren (15499)
        having just setup kerberos as my authentication gateway, and ldap running on top of that, yes, i agree.

        it took about a month of on and off fiddling to get ldap and kerberos up, then get ldap running on top of kerberos.

        and then i realized i couldnt do a simple bind. and i spent another month getting saslauthd working (and patching fixing and modifying everything i'd done before to make it right).

        ldap + kerberos is a very in depth detail. but its the right way to go. i was suprised microsoft actually fo
      • AD is awesome... it is the cheapest way to integrate LDAP into your environment with Windows clients.

        You obviously haven't tried to use those LDAP services for anything but AD or you'd know that it's way more horribly implemented than the Kerberos...
  • Stay on Novell (Score:3, Informative)

    by bolix (201977) <bolixNO@SPAMhotmail.com> on Monday May 10, 2004 @05:10PM (#9110736) Homepage Journal
    Novell eDirectory and the DirXML ADS driver will facilitate integration with the x.500 standards compliant (for once) ADS 2k3/MS-LDAP.

    If you need an interim solution, talk to Interix [interix.com]. They can make ADS talk to anything.
  • by perrin5 (38802) on Monday May 10, 2004 @05:16PM (#9110787) Homepage
    is of course to march into your manager's office when he's not there, get your swingline stapler back, and burn the place to the ground.
  • still running on Novell? I thought that was gone a long time ago. I think the last time I touched a Novell server was in 1994.
  • specifically, i'd check monster.com [monster.com] - so i could get a new job. and in my exit interview, i'd state that my primary reason for leaving was because people were choosing technology based on uninformed politics instead of a decent understanding of technology.

  • each application vendor has found it cheaper to dictate a sole Win server for their app

    How nice. I recall a rather elderly Sun SPARCserver 2000 that handled multiple NFS mounts for a whole network using software and hardware RAID (including serving user home directories), was a web server, a license server, an Oracle development server, ran sshd, and some other stuff I can't remember. It had six 60MHz SuperSPARC CPUs. Granted, it wasn't like riding greased lightning, but it got the job done. Oh, and
    • it's not his call to ORDER them all! I bet he didn't order a third of those! get it! What happens is Maintenance needs something, HR wants something "cool", Executives want cool data mining, Engineering and process control want something else....and all the vendors are primarily windows only. And if you think your're going to get multinationals like peoplesoft or Allen-bradley to support linux you're smoking crack. You could make a mint if you could prove me wrong! But of course the software is so cra
      • And if you think your're going to get multinationals like peoplesoft or Allen-bradley to support linux you're smoking crack.

        Oracle, Parametric Technology Corporation, Sun Microsystems, and IBM are among the large multinationals that support Linux. It's mostly a matter of time before more companies join in.

        he's got no say, but he's the computer guy...so he's gotta keep it up cause it's his JOB!

        This is why IT, especially in the Windows world, is really a crappy terrible job. Among the most overrated p
  • The upcoming Microsoft Virtual Server might ease some of your machine multiplication woes...

    http://www.microsoft.com/windowsserversystem/vir tu alserver/evaluation/vmnews.mspx

  • So long as companies like yours accept it when venders each demand to run on their own windows server, using all the resources instead of tight code, venders will deliver. Put some squeeze on venders, when evaluating versions make sure you count how much hardware you will need, and how compatable they are with what you have. They will get the message if you put pressure on them.

    Don't say your not big enough, because nobody is big enough alone. Start doing it yourself, and get everyone else you know to

    • The problem is that it's preceived as childish to pinch such pennies...and often their engineering won't even negotiate such terms. Also, the price of a server is only a few thousand dollars. Much of the software on these boxes easily runs $100k+ by the time you buy the "enterprise" version. You look like a nagging ninniy when you bring stuff like this up...EVEN THOUGH ITS YOUR JOB! It's simply stuff the management of most companies doesn't want to worry about.

      Hence the guy is here. Trying to figure

  • MacOSX Server has nearly all the abilities os Win2K3 active directory, AT ONE HALF THE PRICE!!

    I priced it out for the small business I was consulting for. A single "new" Win2K3 server (just over $12K) and OS (over $15K) with a 2TB Raid ($12K) came in at $39000,

    A Clustered pair of Xserver Dual CPU G5s ($4K eack X 2) with a 2TB Xraid ($8.5K) WITH THE OS was arround $19K. The OS was the huge money factor, 150 user ver of WIN 2K3 Enterprise server was like $15K All by itself, where the UNLIMITED (yes withou

  • by winchester (265873) on Tuesday May 11, 2004 @03:51AM (#9114624)
    I am getting sick and tired of people constantly recommending Linux as the solution to whatever problem someone has. Face it, people, Linux is a wonderful operating system, and given a choice I would have a Linux box on my desk instead of a Windows one, but as it stands, Linux is not what makes the world go round, Microsoft currently holds that position.

    I agree that that is an unhealthy situation, but blindly recommending Linux for whatever problem someone poses is not the solution to that problem. The same counts for any other-than-Microsoft solution. Understand that sometimes a Microsoft solution is not a bad choice!

    Now to the problem. The first thing you should do is investigate support options for Windows NT, and the possibility of a migration towards Windows Server 2003. While doing so, interoperability with Novell should be high on your priority list.

    Also understand that there is a profound difference between NT4 domains, a Windows 2000 AD domain and a Windows Server 2003 AD domain. Where Microsoft pitched Windows 2000 AD as an enerprise directory, they have now seen their mistakes in doing so, implemented major improvements to the AD and no0w they are selling it as a systems management directory. In other words, if you want an enterprise directory, stick with Novell. If you don't want or need that, go with Windows. Take into account the fact that once you go the full Windows AD route, you are running one or more Kerberos realms, with all the associated problems. Also understand that a proper DNS infrastructure is mandatory for a healthy AD domain. The third point: AD replication. Before implementing anything, make detailed calculations about the amount of directory replication traffic if you run multiple domains (hint: you don't want to, but might need to). This last point doubles in importance when replicating to remote sites over slow wan links.

    • Is it worth going to AD then? We're not going to dump Novell, and neither are the Win boxes going to get any less. I have to think in terms of co-existence, manageability and reliability and disaster recovery of the existing environment and existing tool sets. I didn't mention that I do have a number of Unix boxes that are running mission critical apps as is most of my Win servers, as well as an VM/ESA machine to keep things interesting. Trust me when I say that Selling Linux/Samba is not the route I need
    • Who said Linux? Admittedly, I read at +3, but the 5 posts that I see above yours come in at 3 for Netware, 1 for Windows, and 1 Office Space reference.

Put no trust in cryptic comments.

Working...