View
219
Download
1
Category
Tags:
Preview:
Citation preview
Novell® Storage Managerfor eDirectory
Doug OuztsTechnical Trainer
douzts@condreycorp.com
© Novell, Inc. All rights reserved.2
Agenda
• Novell Storage Manager for eDirectory• Overview• Technical Components • Installation Requirements
• Interactive Lab Exercises
Novell Storage Manager for eDirectoryOverview and Technical Requirements
© Novell, Inc. All rights reserved.4
File SystemsIdentity-Driven Data Management
Identity
Novell eDirectory
MicrosoftActive Directory
Identity-driven and Policy-based File Management
• Provisioning• De-provisioning• Role-based management
• Provisioning• De-provisioning• Lifecycle File Storage
Management• Automate manual processes• Business alignment based
on policies
• Storage Hardware Platforms• Storage Area Networks•Windows Server 2008•Windows Server 2003• Open Enterprise Server
(Linux) & NetWare
Novell Storage Manager
Event
Event
Policy
Policy
© Novell, Inc. All rights reserved.5
Provision Role-Based
Data
Manage Renames
CreateUser
Set / Manage File Rights
Lifecycle ManagementBased on Identity and Policy
Vault Files
Deferred Delete
Delete Immediate
Inactive User Policy
Automate Transfers & Moves
Delete User
HR
NSM Global Reports and File Reporter
Integration
Reports
Manage Quota
Provision Storage
Manage Environment
Attribute
© Novell, Inc. All rights reserved.6
NSM Policy-Driven Automation
Acme
San Francisco Boston
Server65
BOS-Policy
SFO-Policy
Server21
Server37
• Provisioning/Placement
• Load-Balancing
• Restructuring
• Migration
• De-Provisioning/Vaulting
VaultServer
• Renaming Server4
• Tiering
© Novell, Inc. All rights reserved.7
Novell Storage ManagerPolicy Architecture
PolicyAssociations
Personal Storage Management
Rules
Collaborative Storage Management
Rules
© Novell, Inc. All rights reserved.8
Global Statistics ReportsOrphaned Home Directory Candidates
© Novell, Inc. All rights reserved.9
Getting Existing Storage ManagedConsistency Check Report
© Novell, Inc. All rights reserved.10
Getting Existing Storage ManagedConsistency Check Report
© Novell, Inc. All rights reserved.11
Create Policy and Bring Storage into Compliance
© Novell, Inc. All rights reserved.12
Enforce Policy Path – Migrate Storage
© Novell, Inc. All rights reserved.13
Identity-Driven Data MigrationsEnforce Policy Path Option
BSmith
RJones
KJackson
RCroom
DWyatt
BSmith
RCroom DWyatt
RJones
KJackson
NetwareStorage Policy
CORP
LA SAC SF
OES Linux
OES Linux
OESNW\VOL1:\USERS
OESLINUX\VOL1:\USERS
© Novell, Inc. All rights reserved.14
Identity-Driven Data MigrationsEnforce Policy Path Option
BSmith
RJones
KJackson
RCroom
DWyatt
BSmith
RCroom DWyatt
RJones
KJackson
NetwareStorage Policy
CORP
LA SAC SF
OES Linux
OES Linux
OESNW\VOL1:\USERS
OESLINUX\VOL1:\USERS
© Novell, Inc. All rights reserved.15
RJones
KJackson
BSmith
RCroom
DWyatt
Seamless Migration of Users Data to OES Linux with No Downtime
Migrate Data
Netware
You Are Moving …
Storage Policy
BSmith
RJones
KJackson
RCroom
DWyatt
CORP
LA SAC SF
OES Linux
OES Linux
Identity-Driven Data MigrationsEnforce Policy Path Option
OESNW\VOL1:\USERS
OESLINUX\VOL1:\USERSAdmin issues the “Enforce Policy Path” option, which will move data.
© Novell, Inc. All rights reserved.16
Policy Path Redistribution• Add one or more target paths to existing NSM Policy• Distribute data to new paths based on distribution type• Allows you to quickly free up disk space on existing volumes by re-
distributing data to new target paths.
© Novell, Inc. All rights reserved.17
Final Report – 100% Compliance
© Novell, Inc. All rights reserved.18
Quota Manager Help Desk Interface
© Novell, Inc. All rights reserved.19
Quota Manager Help Desk Interface
© Novell, Inc. All rights reserved.20
Trustee Analysis Reports
© Novell, Inc. All rights reserved.21
File Type Analysis Reports
© Novell, Inc. All rights reserved.22
File Grooming Rules
© Novell, Inc. All rights reserved.23
Vault on Delete Rules
© Novell, Inc. All rights reserved.24
Moving to a Managed State Based on Identity and Policy
Managing Collaborative Storage
© Novell, Inc. All rights reserved.26
Get Existing Group Storage Managed
© Novell, Inc. All rights reserved.27
Container-Based Collaborative Storage
© Novell, Inc. All rights reserved.28
Provision shared storage and assign rights based on Group Owner and Membership
Novell Storage Manager automatically provisions storage & assigns file system rights for the Project Manager and Team Members
QuotaRights
Project Manager
Team Members
Rights
Rights
Quota
© Novell, Inc. All rights reserved.29
Instructor
Students
Provision class storage and assign rights based on Group Owner and Membership
Novell Storage Manager automatically provisions storage & assigns file system rights for Instructors and Students
Rights
Rights
Quota
© Novell, Inc. All rights reserved.30
Vault on Delete Rules
© Novell, Inc. All rights reserved.31
Migrate Collaborative Storage
© Novell, Inc. All rights reserved.32
Backfill Multiple Groups
Auxiliary StorageExpanding the Scope of User Storage
© Novell, Inc. All rights reserved.34
Expanding the Scope of Managed User Storage
NSM 2.0 has a limited scope of managing one piece of storage per user. (the Home Directory)
Many customers have a need to manage multiple pieces of storage per user.
Manually creating these additional storage locations takes time and resources
A new methodology: Linking the primary home directory policy to one or more auxiliary policies
Separate and independent Policy rules ( Rights, Quota, Templates, Cleanup, Grooming, Vaulting
Completely automated based on directory events tied to the users identity and policy
© Novell, Inc. All rights reserved.35
Auxiliary Storage Policy Examples
• Application folder managed by IT department
• HR folder created for each employee
• Student Records Folder (Portfolio)
• Terminal Services profile folder for each employee
© Novell, Inc. All rights reserved.36
AppData-AUX
OESLX-2
IT Dept
NSM Policy Linking
Linking Auxiliary Policies to a primary policy allows lifecycle management of multiple pieces of storage per object.
Acme
San Francisco Atlanta
ATL-HomeAT-NW1
HR-AUX
OESLX-1
VaultServer
HR Dept
Bob
Bob
Bob
Bob
Technical Components and Requirements
© Novell, Inc. All rights reserved.38
Novell Storage Manager Components
NSM Agent
Storage Policies
NSM Engine
Delegated Work
NSM Event Monitor
Directory Services
• Collaborative Storage Policies
• User Storage Policies
• Auxiliary Storage Policies
• Block Policies
• Server to Server File Copies• Vaulting of Home Folders• File Template Copies
• Provision Home Folder• Assign Rights• Rename Home Folder• Set / Update Profile Attribute• Clean Up Home Folder• Provision Collaborative
Storage• Delegate Work to Agent
• Create User • Move User • Rename User• Create Group• Add and Remove Member from
Group• Delete User
© Novell, Inc. All rights reserved.39
NSM Engine
Server Component Example
ATL LON
NSM Event
M - DAM - HQM - ATLM - LON
NSM Event
RW- DARW - HQRW - ATLRW- LON
VOL1:\UsersVOL1:\Collaborative
VOL1:\UsersVOL1:\Collaborative
DA
LON
OES2LX1-HQ OES2LX2-HQ
OES2LX-ATLNW65-ATL OES2LX-LON
HQ
ATL
VOL1:\Users
HQ
ProxyAgentAgent
NSM Database
Policies
© Novell, Inc. All rights reserved.40
Novell Storage Manager Create User Event
ATL LON
VOL1:\UsersVOL1:\Collaborative
VOL1:\UsersVOL1:\Collaborative
User
DA
LON
HQ
ATL
VOL1:\UsersVOL1:\Collaborative
NSM EngineNSM Event
M - DAM - HQM - ATLM - LON
NSM Event
RW- DARW - HQRW - ATLRW- LON
OES2LX1-HQ OES2LX2-HQHQ
NSM Database
Policies
Lon Users
OES2LX-ATLNW65-ATL OES2LX-LON
Proxy
Agent Agent
© Novell, Inc. All rights reserved.41
User
DA
LON
HQ
ATL
Novell Storage Manager Create User Event
LONOES2LX-LON
VOL1:\UsersVOL1:\Collaborative
Agent
NSM EngineNSM Event
M - DAM - HQM - ATLM - LON
NSM Event
RW- DARW - HQRW - ATLRW- LON
OES2LX1-HQ OES2LX2-HQHQ
NSM Database
Policies
Lon Users
ATL
VOL1:\UsersVOL1:\Collaborative
VOL1:\UsersVOL1:\Collaborative
OES2LX-ATLNW65-ATL
Proxy
Agent
© Novell, Inc. All rights reserved.42
Novell Storage Manager Create User Event
DA
LON
HQ
ATL
LONVOL1:\UsersVOL1:\Collaborative
User
Agent
NSM EngineNSM Event
M - DAM - HQM - ATLM - LON
NSM Event
RW- DARW - HQRW - ATLRW- LON
OES2LX1-HQ OES2LX2-HQHQ
NSM Database
Policies
Lon Users
ATL
VOL1:\UsersVOL1:\Collaborative
VOL1:\UsersVOL1:\Collaborative
OES2LX-ATLNW65-ATL
Proxy
Agent
OES2LX-LON
© Novell, Inc. All rights reserved.43
User
DA
LON
HQ
ATL
LON
\BSMITH
Novell Storage Manager Create User Event
VOL1:\UsersVOL1:\Collaborative
Agent
NSM EngineNSM Event
M - DAM - HQM - ATLM - LON
NSM Event
RW- DARW - HQRW - ATLRW- LON
OES2LX1-HQ OES2LX2-HQHQ
NSM Database
Policies
Lon Users
ATL
VOL1:\UsersVOL1:\Collaborative
VOL1:\UsersVOL1:\Collaborative
OES2LX-ATLNW65-ATL
Proxy
Agent
OES2LX-LON
© Novell, Inc. All rights reserved.44
Novell Storage Manager Move User Event
ATL LON
User
DA
LON
HQ
ATL
Source
OES2LX-LONOES2LX-ATLNW65-ATL
VOL1:\UsersVOL1:\Collaborative
VOL1:\UsersVOL1:\Collaborative
\BSMITH
Target
NSM EngineNSM Event
M - DAM - HQM - ATLM - LON
NSM Event
RW- DARW - HQRW - ATLRW- LON
OES2LX1-HQ OES2LX2-HQHQ
NSM Database
Policies
Lon Users
© Novell, Inc. All rights reserved.45
User
DA
LON
HQ
ATL
Novell Storage Manager Move User Event
ATL LON
VOL1:\UsersVOL1:\Collaborative
Target
NSM EngineNSM Event
M - DAM - HQM - ATLM - LON
NSM Event
RW- DARW - HQRW - ATLRW- LON
OES2LX1-HQ OES2LX2-HQHQ
NSM Database
Policies
Lon Users
ATL Source
OES2LX-LONOES2LX-ATL
VOL1:\UsersVOL1:\Collaborative
\BSMITH
NW65-ATL
© Novell, Inc. All rights reserved.46
Novell Storage Manager Move User Event
DA
LON
HQ
ATL
User
LON
VOL1:\UsersVOL1:\Collaborative
\BSMITH
Target
NSM EngineNSM Event
M - DAM - HQM - ATLM - LON
NSM Event
RW- DARW - HQRW - ATLRW- LON
OES2LX1-HQ OES2LX2-HQHQ
NSM Database
Policies
Lon Users
ATL Source
OES2LX-LONOES2LX-ATL
VOL1:\UsersVOL1:\Collaborative
\BSMITH
NW65-ATL
© Novell, Inc. All rights reserved.47
Novell Storage Manager Move User Event
DA
LON
HQ
ATL
User
Delegate Work to Agent
LON
VOL1:\UsersVOL1:\Collaborative
Target
\BSMITH
NSM EngineNSM Event
M - DAM - HQM - ATLM - LON
NSM Event
RW- DARW - HQRW - ATLRW- LON
OES2LX1-HQ OES2LX2-HQHQ
NSM Database
Policies
Lon Users
ATL Source
OES2LX-LONOES2LX-ATL
VOL1:\UsersVOL1:\Collaborative
\BSMITH
NW65-ATL
© Novell, Inc. All rights reserved.48
Novell Storage Manager Move User Event
DA
LON
HQ
ATL
User
LON
VOL1:\UsersVOL1:\Collaborative
\BSMITH
Target
NSM EngineNSM Event
M - DAM - HQM - ATLM - LON
NSM Event
RW- DARW - HQRW - ATLRW- LON
OES2LX1-HQ OES2LX2-HQHQ
NSM Database
Policies
Lon Users
ATL Source
OES2LX-LONOES2LX-ATL
VOL1:\UsersVOL1:\Collaborative
\BSMITH
NW65-ATL
© Novell, Inc. All rights reserved.49
Novell Storage Manager Move User Event
DA
LON
HQ
ATL
User
LON
VOL1:\UsersVOL1:\Collaborative
\BSMITH
Status
Target
NSM EngineNSM Event
M - DAM - HQM - ATLM - LON
NSM Event
RW- DARW - HQRW - ATLRW- LON
OES2LX1-HQ OES2LX2-HQHQ
NSM Database
Policies
Lon Users
ATL Source
OES2LX-LONOES2LX-ATL
VOL1:\UsersVOL1:\Collaborative
NW65-ATL
© Novell, Inc. All rights reserved.50
Novell Storage Manager Move User Event with Proxy Agent
DA
LON
HQ
ATL
User
LON
VOL1:\UsersVOL1:\Collaborative
NSM EngineNSM Event
M - DAM - HQM - ATLM - LON
NSM Event
RW- DARW - HQRW - ATLRW- LON
OES2LX1-HQ OES2LX2-HQHQ
NSM Database
Policies
ATL Users
Source
OES2LX-LONOES2LX-ATL
\BSMITH
ATL
NW65-ATL
VOL1:\UsersVOL1:\Collaborative
Proxy
Target
© Novell, Inc. All rights reserved.51
DA
LON
HQ
ATL
User
LON
VOL1:\UsersVOL1:\Collaborative
NSM EngineNSM Event
M - DAM - HQM - ATLM - LON
NSM Event
RW- DARW - HQRW - ATLRW- LON
OES2LX1-HQ OES2LX2-HQHQ
NSM Database
Policies
ATL Users
OES2LX-LON
\BSMITH
OES2LX-ATL
SourceATL
Novell Storage Manager Move User Event with Proxy Agent
NW65-ATL
VOL1:\UsersVOL1:\Collaborative
Proxy
Target
© Novell, Inc. All rights reserved.52
DA
LON
HQ
ATL
User
LON
VOL1:\UsersVOL1:\Collaborative
NSM EngineNSM Event
M - DAM - HQM - ATLM - LON
NSM Event
RW- DARW - HQRW - ATLRW- LON
OES2LX1-HQ OES2LX2-HQHQ
NSM Database
Policies
ATL Users
OES2LX-LON
\BSMITH
OES2LX-ATL
SourceATL
Novell Storage Manager Move User Event with Proxy Agent
NW65-ATL
VOL1:\UsersVOL1:\Collaborative
Proxy
Target
© Novell, Inc. All rights reserved.53
DA
LON
HQ
ATL
User
Delegate Work to Target Agent
LON
VOL1:\UsersVOL1:\Collaborative
NSM EngineNSM Event
M - DAM - HQM - ATLM - LON
NSM Event
RW- DARW - HQRW - ATLRW- LON
OES2LX1-HQ OES2LX2-HQHQ
NSM Database
Policies
ATL Users
OES2LX-LON
\BSMITH
OES2LX-ATL
SourceATL
Novell Storage Manager Move User Event with Proxy Agent
NW65-ATL
VOL1:\UsersVOL1:\Collaborative
Proxy
Target
© Novell, Inc. All rights reserved.54
DA
LON
HQ
ATL
User
LON
VOL1:\UsersVOL1:\Collaborative
NSM EngineNSM Event
M - DAM - HQM - ATLM - LON
NSM Event
RW- DARW - HQRW - ATLRW- LON
OES2LX1-HQ OES2LX2-HQHQ
NSM Database
Policies
Lon Users
OES2LX-LON
ATL
OES2LX-ATLNW65-ATL
VOL1:\UsersVOL1:\Collaborative
Proxy
Target Source
\BSMITH
Novell Storage Manager Move User Event with Proxy Agent
© Novell, Inc. All rights reserved.55
DA
LON
HQ
ATL
User
LON
VOL1:\UsersVOL1:\Collaborative
NSM EngineNSM Event
M - DAM - HQM - ATLM - LON
NSM Event
RW- DARW - HQRW - ATLRW- LON
OES2LX1-HQ OES2LX2-HQHQ
NSM Database
Policies
Lon Users
OES2LX-LONOES2LX-ATLNW65-ATL
VOL1:\UsersVOL1:\Collaborative
Proxy
ATLTarget Source
Novell Storage Manager Move User Event with Proxy Agent
\BSMITH
© Novell, Inc. All rights reserved.56
DA
LON
HQ
ATL
User
LON
VOL1:\UsersVOL1:\Collaborative
NSM EngineNSM Event
M - DAM - HQM - ATLM - LON
NSM Event
RW- DARW - HQRW - ATLRW- LON
OES2LX1-HQ OES2LX2-HQHQ
NSM Database
Policies
Lon Users
OES2LX-LONOES2LX-ATLNW65-ATL
VOL1:\UsersVOL1:\Collaborative
ATLTarget Source
\BSMITH
Proxy
Novell Storage Manager Move User Event with Proxy Agent
© Novell, Inc. All rights reserved.57
DA
LON
HQ
ATL
LON
VOL1:\UsersVOL1:\Collaborative
Status
NSM EngineNSM Event
M - DAM - HQM - ATLM - LON
NSM Event
RW- DARW - HQRW - ATLRW- LON
OES2LX1-HQ OES2LX2-HQHQ
NSM Database
Policies
Lon Users
OES2LX-LONOES2LX-ATLNW65-ATL
VOL1:\UsersVOL1:\Collaborative
Proxy
ATLTarget Source
\BSMITH
Novell Storage Manager Move User Event with Proxy Agent
User
© Novell, Inc. All rights reserved.58
NSM 3.0 Engine Requirements
NSM 3.0 Engine
• OES 2 SP2a or later with an x86 or x64 processor
• eDirectory 8.7.3.9 or later or eDirectory 8.8 SP2 or later
OES 2 Linux
© Novell, Inc. All rights reserved.59
NSM 3.0 Event Monitoring Requirements
NSM 3.0 Event Monitor
OES Linux Linux
• OES 2 SP2a or later with an x86 or x64 processor
• SUSE® Linux Enterprise Server 10 SP2 or later with an x86 or x64 processor (currently does not support SUSE Linux Enterprise Server 11)
© Novell, Inc. All rights reserved.60
NSM 3.0 Agent Requirements
NW – NSS / Traditional
OES NW – NSS / Traditional
OES 2 – NSS
OES 2 – EXT3
OES 2 - Reiser
NSM 3.0 Agent
OES Linux
Server Requirements
Managed Storage
• OES 2 SP2a or later with an x86 or x64 processor
© Novell, Inc. All rights reserved.61
NSMAdmin Requirements
.NET 3.5 Framework
Windows XP SP3 or Windows 2007
Windows Server 2003 SP2 or later
Windows Server 2008 SP1 or later
NSM 3.0Management Interface
61
© Novell, Inc. All rights reserved.62
Schema Extensions
62
• Optional during installation• Schema Not Extended (Limited functionality)
• Creates user object for NSMProxy account• Password policy considerations
• Home directory management only• Option when performing assessments and evaluating• Run Anomaly reports, trustee reports, consistency checks
• Schema Extended (Full functionality)• Creates non-user object for NSMProxy account• Required for managing collaborative and auxiliary storage
© Novell, Inc. All rights reserved.63
Schema Extension Update
63
To update the schema later, you need to:
1. Create a text file named upgrade.dat in the NSM engine config folder on the OES 2 Linux server (/etc/opt/novell/storagemanager/engine/config)
2. Restart the NSM Engine service. This will place engine in setup mode
3. Launch NSMAdmin (Will start in Setup Wizard mode)
4. When prompted, select the option to extend the schema and complete the Wizard configuration
Note: This is a temporary process until a standalone schema update utility is developed for the eDirectory version
NSM 2.5 to NSM 3.0 Migration
© Novell, Inc. All rights reserved.65
Upgrades and Product Availability
• NSM 2.5.1 for eDirectory will continue to be available for the foreseeable future for customers that require a NetWare Engine
• Some bugs reported against 2.5 are only fixed in 3.0 on both eDir and Active Directory releases
• Upgrade/Migration is supported from 2.5 only• 2.0 customers will need to upgrade the Engine to 2.5
© Novell, Inc. All rights reserved.66
NetWare Server
NSM 2.5 Engine
OES 2 Server
NSM 3.0 Engine
eDirectory
Policy Policy Policy
NSM 3.0 Migration
Utility
Metadata
Catalog
NSM 3.0 Install Wizard
Export Import
eDirectory Migration/Upgrade Process
• Moving to 3.0 is really a migration…not an upgrade• OS Change: NW OES 2• Catalog Change: Flat files Database• Policy storage change: DS Database
• Migration tool provided to help customers transition
Catalog
© Novell, Inc. All rights reserved.67
NSM 2.5 to 3.0 Migration Steps• NSM 2.5 to 3.0 Migration
1. Clean up and clear all pending events except the deferred ones2. Shutdown 2.5 Engine and backup current NSM 2.5 Engine files 3. Restart the NSM 2.5 Engine on the Netware server4. Install NSMAdmin 3.0 on workstation (select option to not launch application)5. Run the NSM Migration Wizard to export policies and deferred pending events6. Shutdown NSM 2.5 engine and event monitor(s)7. Install the NSM 3.0 Engine service on the OES 2 SP2 server8. Launch NSMAdmin 3.0 and complete the steps to configure the 3.0 engine and
import the policies and deferred events. When prompted for NSMProxy user, change to NSM3Proxy.
9. Using NSMAdmin, check the policies and verify the deferred events 10. Perform Manage operations to catalog all policy based storage (user, collaborative,
and auxiliary)11. Update Quota Managers setting on policies (required for contextless login)12. Install the NSM 3.0 Event service on server(s) & upgrade Agents to version 3.013. Test policies
Interactive Lab Exercises
Click to edit the outline text formatSecond Outline Level
Third Outline Level
Fourth Outline Level
Fifth Outline Level
Sixth Outline Level
Seventh Outline Level
Eighth Outline Level
Ninth Outline Level
Unpublished Work of Novell, Inc. All Rights Reserved.This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc.
Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.
General DisclaimerThis document is not to be construed as a promise by any participating company to develop, deliver, or market a
product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for Novell products remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.
Recommended