NetWare 5.1 Administration

Chapter 1: Introduction to NetWare and NDS

 

Objectives:

This chapter introduces several NetWare concepts and associated terms. Many of the concepts will not be familiar to the casual computer user. The objectives important to this chapter are:

  1. Identify What a Network Is and List Its Components
  2. Identify the Features of NetWare
  3. List the Responsibilities of a Network Administrator
  4. Install the Novell Client Software and Perform the Login Procedure
  5. List the Resources and Services You Administer
  6. Identify the Features of Novell Directory Services (NDS)
  7. Browse the NDS Tree
  8. Identify How the NDS Tree Affects Resource Access

 

Key Concepts:
Identify What a Network Is and List Its Components

A network will consist of several computers that can communicate with each other and share certain devices. Among the items you will find in a network, expect that there must be:

  • one or more servers, which runs a Network Operating System
  • one or more workstations, which are usually computers that run DOS or Windows
  • devices to share, like printers and hard drives
  • Network Interface Cards, or boards
  • a medium to connect the devices, like coaxial cable, fiber optic line, or telephone-style wire

The book illustrates possible devices on a net and defines the terms above on pages 1-2 through 1-4. Review these definitions.

NetWare is a network operating system that is client-server based. Here are some definitions that may be helpful:

  • server - a computer that provides resources to other computers
  • client - a computer that requests the use of a network resource (Under this definition, a workstation is the same thing as a client.)
  • peripheral device - devices that can be shared on a network, such as modems, hard drives, CD-ROMs, and printers
  • Network Interface Board - This is the term Novell uses, but in practice they are often called Network Interface Cards, and abbreviated NICs. (No one says "NIBs".) A NIC is used to physically connect a workstation, server, or peripheral to the network.
  • Communication Media - a NIC (see above) connects to the transmission medium that is used for a given network. If you have cable television, the coaxial cable is the medium, and the coaxial port on your TV acts like a NIC. (The word "medium" is singular, and the word "media" is plural.)

This course, and the related courses in this curriculum, are about Novell NetWare, a suite of software products from the Novell company that are used to create and administer networks. The network administrator should know, in great detail, how the network in structured, what may and may not be on it, and what users are allowed to do.

Several kinds of computers may be connected through NetWare. These computers may be categorized by the operating systems they run. A workstation on a NetWare 5.1 network may run any of the operating systems in the list on page 1-4:

  1. MS or PC DOS - can use IP or IPX protocol
  2. recent versions of Windows (actually, 3.0 or later) - can use IP or IPX protocol
  3. Macintosh operating systems - client available from Prosoft Engineering. Uses IPX protocol.
  4. UNIX® - client available from Novell. Uses IP protocol.
  5. Linux® - client built into versions from Caldera and Red Hat. Uses IPX protocol.

While a system administrator may generally administer a network from any workstation, only workstations of types 1and 2 above can be used for this purpose. (This may change in the near future.) In addition, special modifications need to be made to put Mac and UNIX workstations on a Novell net.

Features of NetWare

NetWare was developed as a product to enable an administrator to connect, manage, and maintain a network, and the network's services.

NetWare is actually a suite of programs. Some run on servers, some run on workstations, and some run on both. NetWare is intended to support the five classic network services:

  • File services
  • Print services
  • Message services
  • Application services
  • Database services

In addition, your text lists ten specific support features found in NetWare:

  1. Provides an open standards Web development platform - this means that it is not vendor specific
  2. Utilizes the Microsoft® client Web development tools and back-end services - complies with Microsoft standards, the largest vendor in the field
  3. Provides a comprehensive set of open standards and collaborative services for corporate computing - again, not vendor specific
  4. Provides a solid Java® application server platform - Java is meant to be a programming language that will produce applications that will run on most operating systems
  5. Includes support for Microsoft FrontPage 2000 extensions and Office 2000 publishing compatibility - support is included for these applications because they are widely used
  6. Offers built-in support for third-party authoring tools with FTP services integrated into the Web server and scripting components - transferring files across IP based networks will continue to be important
  7. Provides improved Web development options with support for JSP, JDBC, ASP, ODBC, and Microsoft's development tools - these are widespread and popular standards for web sites that integrate with databases
  8. Allows users to manage Web-based content and make it secure - this prepares the way for more web based information usage
  9. Enables integrators and Information Technology (IT) teams to more easily deploy vertical solutions integrated with popular development tools and standard languages - support for popular tools, again, leads to less development time and easier maintenance
  10. Makes every NetWare server a repository for Web server content, making the Web server more valuable in an intranet environment - this is even more true in NetWare 6.
List the Responsibilities of a Network Administrator

On page 1-8, you will find a chart of, and explanation of, six duties of a network administrator. You should be familiar with this chart and the meaning of each area of duty.

  • Manage
  • Protect
  • Back up
  • Document
  • Organize
  • Set up
Install the Novell Client Software and Perform the Login Procedure

This chapter asks you to install the Novell Client software on a Windows workstation. This can be done with the Client CD that comes with your book, or by downloading the software from the Novell web site. If using the CD, search it for a file called WINSETUP.EXE. This is a program that will copy the necessary files to their intended locations on a workstation, and will configure the workstation based on your answers to questions it will ask you.

The Client software is necessary for a workstation to be able to log in to a Novell network. The login procedure is the first level of security encountered by a user on the network. Generally, until a user logs in, the user has no rights to any resources on the network. A proper login cannot be accomplished without knowing two things: a user ID, and the password for that user ID. In addition to knowing these things, a user must rely on all network components to function properly.

Assuming that the network and the workstation are functioning well, the text offers three options for performing a login:

  • Use the Novell Client login window, which automatically appears when the workstation boots up.
  • Click the Windows Start button and select a login choice. Depending on your configuration, choices may or may not appear.
  • Right-click the red N icon in the Windows system tray and select NetWare Login.

If none of these options work, you should be aware that the login program on a Windows 95 or 98 workstation is LOGINW95.EXE, and that it is probably stored in the Novell\Client32 directory. On a Windows NT or 2000 workstation, the login program is LOGINWNT.EXE, and it is probably stored in the WINNT\System32 directory.

The text briefly introduces the concept of login scripts, which are files that store commands that are meant to be executed when a user logs in. Login scripts are discussed in detail in another chapter.

List the Resources and Services You Administer

A server on a network provides the users with access to two types of things: resources and services. A resource is a physical entity on the net, like a printer, or a disk drive, or a file. A service is a method or mechanism for getting to the resource.

The bulleted list on pages 1-16 and 17 represents the services this text covers in the greatest detail. The first one listed is Novell Directory Services, or NDS. This is the heart of NetWare. In fact, it did not appear in NetWare before version 4. Essentially, it is a database system for keeping track of resources, users, and other objects on the net.

Having NDS adds improvements that were not in earlier NetWare versions. It allows a single login for a user, even if the user needs resources on several servers. It replaces the bindery, a flat file resource database that was found in earlier versions of NetWare (3.12 and earlier). In bindery systems, the user had to log in to each server that might provide a service to that user.

You should be familiar with the services listed in this section:

  • NDS - discussed below
  • Security - many layers of security are built into NetWare
  • the Network File System - file sharing is a big reason for networks
  • Print Services (we will study Novell Distributed Print Services - NDPS) - the biggest economic reason for networks
  • ZENworks - used to remotely configure, update, and maintain workstations
  • Application Access - running or providing applications from the server
  • Storage Management Services - making backups of programs and data
Identify the Features of Novell Directory Services (NDS)

NDS keeps track of resources on the net as objects. A graphic representation is on page 1-23. Each object in NDS is a collection of information about that resource, like a database record. Within those records are the object's properties, which are like fields (attributes) in a database. Actual values for those properties may be required or optional, and this varies by the type of object. For instance, a User object must be given a value for its User Name property and its Last Name property when it is created. Values for other properties, while useful, are optional.

Two types of objects exist in the Directory: containers and leaves. Think about it the way you think about directories in DOS or Windows. (By the way, when the Novell text uses the word Directory, it means NDS. When it uses the word directory, it may mean a file system directory or some other meaning of the word.) Containers are like DOS directories, in that they contain other objects to organize them. Leaves are objects that are usually resources, and they do not contain other objects. Remember the root of a DOS directory? NDS has one too, but we call it the [Root]. Be very precise about that. The [Root] is unique in an NDS tree. It cannot be moved or renamed, and THERE CAN BE ONLY ONE! (At least, only one in each NDS tree.) Your book calls the [Root] a third class of object, but it is really just a special container. Its characteristics (it doesn't have properties) are reviewed on page 1-26.

Common containers come in three types: Country, Organization, and Organizational Unit, seen on page 1-27. To simplify things, Novell recommends that we do not use Country containers. It is best to start a Directory tree with an Organization just after the [Root] as in the first two examples on page 1-31. The chart on that page is valuable and students should learn the relationships it represents, such as the fact that an Organization may be placed in a Country container, or directly in the [Root], but a Country may only be placed in the [Root] object.

Note also that each type of object in the NDS tree has its own icon that appears in graphical representations of the Directory. (Several appear on pages 1-27 and 1-28.) This will be of help when you are looking for an object, creating one, or deleting one.

In understanding what NDS does, it will help to learn the chart on page 1-32. This shows the order of the phases of a request that is being processed in NDS.

  1. A user makes a request for a resource
  2. A server responds to the request
  3. The appropriate object is located in NDS
  4. The physical location on the resource is noted
  5. NDS checks whether this user is a real user, and allowed access to the resource
  6. A service connects the user to the resource

Of course, if any step above fails, the user does not get the resource.

Browse the NDS Tree

Three utilities that a network administrator might use to manage the net are listed on page 1-38. The main differences between them are:

  • NetWare Administrator is a Windows style graphic utility. This utility does not need to be installed on a workstation. It can be run from the server. Using Windows Explorer, browse to SYS:\PUBLIC\WIN32 on a server, then run the NWADMIN32.EXE program that you will find there.
  • ConsoleOne is a Java based utility that can run on a workstation or a server. To install ConsoleOne on a workstation, use Windows Explorer to browse to SYS:\PUBLIC\MGMT\CONSOLEONE\1.2\INSTALL on a server, then run the SETUP.EXE program that you find there. This will install an icon on your desktop for running ConsoleOne.

Either of these utilities may be used to browse the Tree, that is, to search through the NDS Tree to find objects and the information in them.

Identify How the NDS Tree Affects Resource Access

Naming objects in an NDS tree is not as confusing as it seems. Page 1-36 presents a list of terms you will use in referring to objects and various forms of their names. A distinguished name specifies the name of an object, and the name of the container that object exists in, and the name of the container the container exists in, all the way up to, but not including the [Root]. Each name in a distinguished name is preceded by a dot (period). For example:
.VScott.Computer.Baker
could represent a User named VScott, in the container Computer, which is in the container Baker. This is a typeless distinguished name. To be more clear and more precise, we might use a typeful distinguished name: .CN=VScott.OU=Computer.O=Baker
It is the same, except that we have explicitly stated the type of each object, where CN stands for Common Name, which is simply the name a leaf object is given when it is created, OU stands for Organizational Unit, and O stands for Organization. (If we had used a Country in the tree, we would have included .C=US, or something like it.)

A relative distinguished name specifies the path from an object back to a specified point in the tree, not necessarily up to the [Root]. To understand why we would want such a thing, you need to understand a context. A current context is a specific container, the one we are concerned with at any given time. It is analogous to the concept of a current directory in DOS and Windows. Relative distinguished names do not start with periods, but do use them as separators, as above. This way it is easy for the software that uses them to tell the difference. The statement on the bottom of page 1-36 tells us that "a common name is a relative distinguished name". This is true, but it is not accurate. A relative distinguished name tells us every thing we need to know to locate an object, based on our current frame of reference. The object's common name is its relative distinguished name, if and only if our frame of reference is the container that the object is in. If our current context is some other container, a relative distinguished name is longer.

The formula on page 1-54 is helpful in understanding the relationship between these concepts. An object's distinguished name is as described above. A relative distinguished name would be the leftmost part of it (WITHOUT the initial period) up to the name of whatever we consider to be the current context, which would be named by the remainder of the distinguished name. (Do the exercise at the end of the chapter and all will become clear.)

The last concept about naming is another use of the period. When you log in on a workstation, you have to specify a log in name, which the system must find in a context in the Tree. If the workstation is set to log in to your context, you may log in with your common name, since it will be found in the first place the system will look for it (the current context). If, however, the workstation is set to log in to some other context, you may wish to log in with your distinguished name, since that notation specifies unambiguously where to find you in the Tree. This should always work, but it is a lot of typing. A third way of logging in takes advantage of the fact that the Tree is shaped like a pyramid. Assume that I want to log in on your workstation. We both have User objects in the same Tree. Assume my distinguished name is .vincents.novell.instructor.computer_science.baker, while yours is .you.microsoft.student.computer_science.baker. Your workstation is set to log in to the microsoft container. If I log in with my common name, the system will not find me. I can however, use this name:
vincents.novell.instructor..
This notation tells the system to look for a user called vincents, in a container called novell, in a container called instructor, which will be found in the Tree if you look in the place specified by the current context MINUS the two leftmost terms. Each trailing period means to drop one term from the left of the name of the current context, then use the remainder of the current context with the information given. It is actually faster to log in to a stranger's workstation with this method, if you know their context and yours. (There is a fourth way to log in, but I have to teach you about several other concepts first.)