[KLUG Members] NDS for Linux...disappointing

Tony Gettig members@kalamazoolinux.org
Tue, 24 Jul 2001 14:40:26 -0400 

NDs is definitely a directory, similar to LDAP but different (read: proprietary). With it, an administrator can grant access to just about anything in the tree using the excellent tools provided by Novell. File and printer access are the primary resources, but other Novell products and user access to them are tightly wrapped around the NDS directory. Name any Novell product (GroupWise, Border Manager, Netscape Web Server for NetWare, on and on), and all of them are wrapped around NDS. So no matter how many servers or where they are at, my permissions to access any resource are in the directory. 

With NDS for Linux, (seemingly) all I can do is authenticate to the tree and access the NetWare resources.

Novell does not use SMB. With version 5, they made IP the primary transport. I *think* they rewrote NCP to run natively over IP versus IPX for this. 

As for categories it augments, I had rather hoped NDS would not add to all that, but replace most of it.

Yes, you can do LDAP queries. (I'm doing it for an Intranet app.) I'm just not sure if you can write to it. Maybe I need to explore LDAP a little further in this regard...

At least ConsoleOne (the java management gui) ran well. It is now feasible for me to run Linux as my desktop OS and manage the Novell part of the network. And I just might do that next week. :)

And yes, the bindery was replaced by Novell Directory Services. I remember the days of bindery on a bunch of different servers. Those were dark days compared to directory based administration. In short, the bindery is a database unique to each individual server. If I need to access the resources of three different servers, I need an account on each. The directory eliminates the need to authenticate more than once.

Can OpenLDAP manage file permissions? Admittedly, I could use more knowledge of LDAP. 


Tony Gettig
Network Administrator
Kalamazoo Public Schools



>>> Adam Tauno Williams <awilliam@whitemice.org> 07/24/01 12:59PM >>>
>My first impression of NDS for Linux is one of great disappointment. You can 
>install it, bring your Linux server into the NDS tree, send replicas,
yadda 
>yadda, but here's what you can't do: access the resources (disk space) 

Can you please briefly explain to us NDS ignorant what this means.  I
thought NDS was a directory system (like LDAP).  Does NDS also
incorporate file/print sharing? 

>of your Linux server! After all my effort, I finally found a Novell TID
that
>stated very clearly that NDS for Linux lets you authenticate to the
tree so
>you can access other NetWare resources (volumes). This TID went on to
say
>that if file sharing was necessary, the freely available Samba would

Does Novell use SMB for file/print sharing?  I though they had their own
NCP(?) protocol for this.  The Linux kernel mentions this for mounting
Novel volumes.

>facilitate this. Well gee, no kidding. So then I say to myself, "Self,
what
>good is this NDS for Linux then?". To which I replied, "Not much.".

What NSS catagories does NDS Linux augment?
	passwd
	group
	hosts	
	services
	networks
	protocols
	rpc
	ethers
	automount
	aliases

BTW,  since your have it up and running, does an NDS directory support
LDAP queries?