JAR Novell

Document Sample
JAR Novell Powered By Docstoc
					Introduction to Novell
DirXML ™


                Joe Skehan
                Senior Product Manager,
                Net Directory Services
                Novell, Inc.
Vision…one Net
  A world where networks of all types—corporate and public,
  intranets, extranets, and the Internet—work together as
  one Net and securely connect employees, customers,
  suppliers, and partners across organizational boundaries

  To solve complex business and technical challenges with
  Net business solutions that enable people, processes, and
  systems to work together and our customers to profit from
  the opportunities of a networked world
            Managing Rising Complexity

                                   Cost to manage
                IT complexity

                                              Potential cost to manage

                                          Ability to manage

    The Premise
   NOS        Database       Messaging      Internet

                                 Novell        IBM
 UNIX NIS      MS SQL          GroupWise®   SecureWay

  Active                       Microsoft
                DB/2                         iPlanet
 Directory                     Exchange

  Novell                         Lotus
                Oracle                      eDirctory
eDirectory™                     Domino

    Novell Identity Provisioning
               Business Policies and Practices

  Identity     Networking    Access    Application
                                                      Collaboration      …     …
Provisioning    & Storage   Security   Provisioning

                                            DirXML                    Identity Integration

                                        eDirectory™                   Identity Repository
Identity Integration

  Connects together systems that don’t talk to each other
  XML provides the normalization layer

  Transforms data
  • Syntax—09/06/01 vs. 06/09/01
  • Meaning—HR change to access system
    XSLT provides the methods

  Enforces Authority
  • Who and what have access and control to what data
  • Fully distributed support
  eDirectory provides support
     Employee Provisioning Example

                                          Windows 2000
  Lotus Notes         PeopleSoft        Server Management
Domino Directory       Oracle        Microsoft Active Directory
Server Platform    Server Platform       Server Platform
  Employee Provisioning Example                       (cont.)

                                                Windows 2000
  Lotus Notes             PeopleSoft          Server Management
Domino Directory            Oracle         Microsoft Active Directory

                   Identity Provisioning
Server Platform         Server Platform        Server Platform
      Common Provisioning Paths

Phase I                           e-mail

                                              Building Security
Phase II           Applications                    PBX
                    Databases                    Facilities

            OS’s                  Customers                       PKI
Phase III
          Identity Provisioning Goals
• Provide solutions that customers clearly
• See as meeting a need and providing value
       Offer a whole car, not just a really cool
       An x-wing fighter, not a bunch of legos
•   Reduce implementation time
       Show clear, short-term ROI
•   Establish a “stake in the ground” in
    specific markets
      Identity Provisioning for Employees

• Employee Provisioning will be the first entry
• Product offerings focused on phase-one
• Employee Provisioning Offering integrates
• HR, e-mail, NOS, and directories
     HR = PeopleSoft and SAP
     E-mail = Exchange, Notes, and
     NOS = NT, Windows 2000 and NetWare
     Directories = eDirectory and Active
       Identity Integration Drivers, Current
• Active Directory             • PeopleSoft
• eDirectory                   • SAP HR
• NT Domain
• LDAP                         • Delimited Text
      iPlanet, SecureWay,     • JDBC
       OpenLDAP,                    Oracle, SQL Server,
       CriticalPath, Siemens         DB/2,Informix
• x.500                        • MQ Series

• Exchange                     • Password Sync
• Lotus Notes                          NT, AD, eDirectory
• GroupWise
      Identity Integration Drivers, Futures
In engineering   In planning   To be scoped
MQ Series        NDS/Bindery   Lawson           HIPPA (HL7)
NIS              Entrust &     Navision         Nortel PBX
Cisco Secure     PS Student    Oracle           Siemens PBX
ACS              Admin         Financials
Avaya (Lucent)   SyncML        PeopleSoft CRM   Remedy
PBX                            (Vantive)
Honeywell        RACF          SAP Sales and
Security                       Dist
x.500            ACF/2         Siebel
Banner           AS/400        JD Edwards
SIF              Top Secret    Passport
       Provisioning Console

• Phase 1—Delivered with Redstone
    Filterconfiguration GUI
    Rules management GUI

• Phase 2—Pioneer
    Admin add/remove/configure (workflow)
    User self management
    Status GUI
    Auditing/reconciliation
    Workflow integration (currently with Metastorm)

• Updated engine
      July   ‘02

•   Data flow and configuration GUI
•   Support for XP and AIX
•   Status log update
•   Updated drivers
•   Build refresh
     Voyager I and II

•Multi-level password
management support           Admin     User
                            Password Password
•Use only what you need       Reset     Set
•Built on Redstone engine       Redstone
Synchronization shipping      Password Sync
today for eDirectory, NT
& AD
     DirXML 1.1

• Shipped in January
• Updated integration engine, GroupWise driver
  added, driver updates, includes eight drivers
• Unbundled offerings
• Future:
    Integration   engine will continue to be offered
    Engine and drivers will be sourced to meet specific
    Continued enhancements
       Purchasing Options
•Generic DirXML Bundle
    NT, AD, eDir, Exchange, Notes, GroupWise, Text & LDAP
    $29 per association
•Add-on Drivers for $10/per association
      PeopleSoft, SAP HR, JDBC & MQ Series
•Individual basic drivers for $6/per association
    NT, AD, eDir, Exchange, Notes, GroupWise, Text & LDAP
    Includes engine for use with the driver only
•Unlimited use of any one driver for $600k (5 million cap)
•License for non-Novell production driver
    $2/per association or $65K unlimited (5 million cap)
    License any 6 drivers and this is included
       DirXML 1.1—What’s New

•   Remote loader
•   Enhanced error logging
•   Command transformation rule
•   Rule chaining
•   Dynamic class loader
•   Licensing enhancement (activation)
•   Driver updates
•   GroupWise driver
     DirXML 1.1
     Remote Loader

• Drivers can run separately from the engine and
• Two parts:
    Remote    Loader shim
      • Runs with the DirXML engine
      • Provides the connection to the Remote Loader Service
        – IP connection via SSL
      • Java-based
    Remote    Loader service
      • Runs with the remote driver
      • Java & C++ service or daemon
      • Supports any driver
DirXML 1.1
Remote Loader
     Enhanced Error Logging

• DirXML engine and drivers
    Historically,   errors have been written in multiple
    Errors are now written to the appropriate object:
      • Driver set
      • Publisher
      • Subscriber
    Errors   are still written to log files and the trace
    This greatly reduces effort needed to find error
          Order of Rule Processing on the
          Subscriber Channel
                                                   The DirXML Engine
  Filter                                 Does an
         Event                                                                       Schema
         Cache                                                                       Mapper
                 Convert                  exist?
                  Event                            YES
                               Event                                        Command               Output
                           Transformation                                Transformation       Transformation

                                             Matching Create Placement
                                               Rule    Rule     Rule

                                            Subscriber Add Processor
Order of Rule Processing on the
Publisher Channel

                            Publisher Add Processor

                            Placement Create Matching    Publisher
                               Rule    Rule    Rule        Filter
 Convert                                         NO
    to                                        YES
   NDS                                           Does an
              Command                                                Event             Input
                                                association      Transformation   Transformation

                                     The DirXML Engine
     DirXML 1.1
     Rule Chaining

• Stylesheets can now be called from an XML rule

• Example is to create a rule that needs to set a
  password using a specific password policy
     Dynamic Class Loader

• In DirXML 1.0, the administrator needed to reload
  the JVM if:
    The classpath changed
    A new .JAR file (Java drivers) is added

• Dynamic Class Loader
    New  .JAR files are loaded upon request
    Reload JVM only if replacing an existing .JAR file
        DirXML 1.1 Activation
• We now produce and ship only one CD for both evaluation
  and licensing
       Includes a 90-day evaluation license
• License fulfillment service (web page)
       Activations licenses generated on demand
       License domain based on the tree (guid)
• DirXML 1.1 current bundle
       Engine activation
       Eight drivers loadable
• Solution bundles
       Engine activation
       Specific drivers loadable
     DirXML Activation

• “Activation” is the process of changing a DirXML
  evaluation product into a to a fully functional
  product installation
• Activator assists customers in notifying Novell
     Themselves
     The product they are activating
     The “domain” they are activating the product in

• Novell validates that the product has been
  invoiced before it is activated
     Updated Drivers in 1.1

• Active Directory
    Added Exchange 2000 support
    New secure authentication field

• eDirectory
    Renamed   to “eDirectory”
    Obviates the need for remote loader
      • Already remote capable
     Updated Drivers in 1.1          (cont.)

• Exchange
    All ten custom attributes now supported
    All DAPI API attributes now supported on the
     subscriber channel

• Lotus notes
    Multiple   databases now supported from a single
     Drivers, New, GroupWise

• Included on DirXML 1.1 CD
    Separate   install
• Supports Versions 5.5 and 6.x
• Account provisioning
    Add, Modify, Move, Rename
    Synchronizes attributes

• Requires DirXML 1.1
gear up,
rope in,
and climb on
with Novell

                        pick up your entry card today
                         at the

               Novell Provisioning table
                   in the
                  one Net solutions lab

Shared By: