Docstoc

JAR Novell

Document Sample
JAR Novell Powered By Docstoc
					Introduction to Novell
DirXML ™

                                          www.novell.com

                Joe Skehan
                Senior Product Manager,
                Net Directory Services
                Novell, Inc.
                jskehan@novell.com
Vision…one Net
  A world where networks of all types—corporate and public,
  intranets, extranets, and the Internet—work together as
  one Net and securely connect employees, customers,
  suppliers, and partners across organizational boundaries


Mission
  To solve complex business and technical challenges with
  Net business solutions that enable people, processes, and
  systems to work together and our customers to profit from
  the opportunities of a networked world
            Managing Rising Complexity

                                   Cost to manage
                IT complexity




                                              Potential cost to manage
Magnitude




                                          Ability to manage




                            Time
    The Premise
   NOS        Database       Messaging      Internet


                                 Novell        IBM
 UNIX NIS      MS SQL          GroupWise®   SecureWay


  Active                       Microsoft
                DB/2                         iPlanet
 Directory                     Exchange


  Novell                         Lotus
                Oracle                      eDirctory
eDirectory™                     Domino




                         DirXML™
    Novell Identity Provisioning
               Business Policies and Practices




  Identity     Networking    Access    Application
                                                      Collaboration      …     …
Provisioning    & Storage   Security   Provisioning




                                            DirXML                    Identity Integration


                                        eDirectory™                   Identity Repository
Identity Integration

  Connects together systems that don’t talk to each other
  XML provides the normalization layer

  Transforms data
  • Syntax—09/06/01 vs. 06/09/01
  • Meaning—HR change to access system
    XSLT provides the methods

  Enforces Authority
  • Who and what have access and control to what data
  • Fully distributed support
  eDirectory provides support
     Employee Provisioning Example




                                          Windows 2000
  Lotus Notes         PeopleSoft        Server Management
Domino Directory       Oracle        Microsoft Active Directory
Server Platform    Server Platform       Server Platform
  Employee Provisioning Example                       (cont.)




                                                Windows 2000
  Lotus Notes             PeopleSoft          Server Management
Domino Directory            Oracle         Microsoft Active Directory

                   Identity Provisioning
Server Platform         Server Platform        Server Platform
      Common Provisioning Paths

                                    HR
Phase I                           e-mail
                                   NOS



                                              Building Security
Phase II           Applications                    PBX
                    Databases                    Facilities




            OS’s                  Customers                       PKI
Phase III
          Identity Provisioning Goals
• Provide solutions that customers clearly
• See as meeting a need and providing value
       Offer a whole car, not just a really cool
        engine
       An x-wing fighter, not a bunch of legos
•   Reduce implementation time
       Show clear, short-term ROI
•   Establish a “stake in the ground” in
    specific markets
      Mercury
      Identity Provisioning for Employees

• Employee Provisioning will be the first entry
• Product offerings focused on phase-one
  “implementability”
• Employee Provisioning Offering integrates
• HR, e-mail, NOS, and directories
     HR = PeopleSoft and SAP
     E-mail = Exchange, Notes, and
      GroupWise®
     NOS = NT, Windows 2000 and NetWare
     Directories = eDirectory and Active
      Directory
       Identity Integration Drivers, Current
• Active Directory             • PeopleSoft
• eDirectory                   • SAP HR
• NT Domain
• LDAP                         • Delimited Text
      iPlanet, SecureWay,     • JDBC
       OpenLDAP,                    Oracle, SQL Server,
       CriticalPath, Siemens         DB/2,Informix
• x.500                        • MQ Series

• Exchange                     • Password Sync
• Lotus Notes                          NT, AD, eDirectory
• GroupWise
      Identity Integration Drivers, Futures
In engineering   In planning   To be scoped
MQ Series        NDS/Bindery   Lawson           HIPPA (HL7)
NIS              Entrust &     Navision         Nortel PBX
                 Verisign
Cisco Secure     PS Student    Oracle           Siemens PBX
ACS              Admin         Financials
Avaya (Lucent)   SyncML        PeopleSoft CRM   Remedy
PBX                            (Vantive)
Honeywell        RACF          SAP Sales and
Security                       Dist
x.500            ACF/2         Siebel
Banner           AS/400        JD Edwards
SIF              Top Secret    Passport
       Provisioning Console

• Phase 1—Delivered with Redstone
    Filterconfiguration GUI
    Rules management GUI



• Phase 2—Pioneer
    Admin add/remove/configure (workflow)
    User self management
    Status GUI
    Auditing/reconciliation
    Workflow integration (currently with Metastorm)
       Redstone

• Updated engine
      July   ‘02


•   Data flow and configuration GUI
•   Support for XP and AIX
•   Status log update
•   Updated drivers
•   Build refresh
     Voyager I and II

•Multi-level password
management support           Admin     User
                            Password Password
•Use only what you need       Reset     Set
•Built on Redstone engine       Redstone
•Password
Synchronization shipping      Password Sync
today for eDirectory, NT
& AD
     DirXML 1.1

• Shipped in January
• Updated integration engine, GroupWise driver
  added, driver updates, includes eight drivers
• Unbundled offerings
• Future:
    Integration   engine will continue to be offered
     separately
    Engine and drivers will be sourced to meet specific
     needs
    Continued enhancements
       Purchasing Options
•Generic DirXML Bundle
    NT, AD, eDir, Exchange, Notes, GroupWise, Text & LDAP
    $29 per association
•Add-on Drivers for $10/per association
      PeopleSoft, SAP HR, JDBC & MQ Series
•Individual basic drivers for $6/per association
    NT, AD, eDir, Exchange, Notes, GroupWise, Text & LDAP
    Includes engine for use with the driver only
•Unlimited use of any one driver for $600k (5 million cap)
•License for non-Novell production driver
    $2/per association or $65K unlimited (5 million cap)
    License any 6 drivers and this is included
       DirXML 1.1—What’s New

•   Remote loader
•   Enhanced error logging
•   Command transformation rule
•   Rule chaining
•   Dynamic class loader
•   Licensing enhancement (activation)
•   Driver updates
•   GroupWise driver
     DirXML 1.1
     Remote Loader

• Drivers can run separately from the engine and
  eDirectory
• Two parts:
    Remote    Loader shim
      • Runs with the DirXML engine
      • Provides the connection to the Remote Loader Service
        – IP connection via SSL
      • Java-based
    Remote    Loader service
      • Runs with the remote driver
      • Java & C++ service or daemon
      • Supports any driver
DirXML 1.1
Remote Loader
     Enhanced Error Logging

• DirXML engine and drivers
    Historically,   errors have been written in multiple
     locations
    Errors are now written to the appropriate object:
      • Driver set
      • Publisher
      • Subscriber
    Errors   are still written to log files and the trace
     screen
    This greatly reduces effort needed to find error
     information
          Order of Rule Processing on the
          Subscriber Channel
                                                   The DirXML Engine
Subscriber
  Filter                                 Does an
         Event                                                                       Schema
                                        association
         Cache                                                                       Mapper
                 Convert                  exist?
                  Event                            YES
                    to
                   XML
                                              NO
                               Event                                        Command               Output
                           Transformation                                Transformation       Transformation




                                             Matching Create Placement
                                               Rule    Rule     Rule

                                            Subscriber Add Processor
Order of Rule Processing on the
Publisher Channel

                            Publisher Add Processor



                            Placement Create Matching    Publisher
                               Rule    Rule    Rule        Filter
                                                                              Schema
                                                                              Mapper
 Convert                                         NO
   XML
    to                                        YES
   NDS                                           Does an
              Command                                                Event             Input
                                                association      Transformation   Transformation
           Transformation
                                                  exist?



                                     The DirXML Engine
     DirXML 1.1
     Rule Chaining

• Stylesheets can now be called from an XML rule

• Example is to create a rule that needs to set a
  password using a specific password policy
     Dynamic Class Loader

• In DirXML 1.0, the administrator needed to reload
  the JVM if:
    The classpath changed
    A new .JAR file (Java drivers) is added

• Dynamic Class Loader
    New  .JAR files are loaded upon request
    Reload JVM only if replacing an existing .JAR file
        DirXML 1.1 Activation
• We now produce and ship only one CD for both evaluation
  and licensing
       Includes a 90-day evaluation license
• License fulfillment service (web page)
       Activations licenses generated on demand
       License domain based on the tree (guid)
• DirXML 1.1 current bundle
       Engine activation
       Eight drivers loadable
• Solution bundles
       Engine activation
       Specific drivers loadable
     DirXML Activation

• “Activation” is the process of changing a DirXML
  evaluation product into a to a fully functional
  product installation
• Activator assists customers in notifying Novell
  about:
     Themselves
     The product they are activating
     The “domain” they are activating the product in

• Novell validates that the product has been
  invoiced before it is activated
     Updated Drivers in 1.1

• Active Directory
    Added Exchange 2000 support
    New secure authentication field



• eDirectory
    Renamed   to “eDirectory”
    Obviates the need for remote loader
      • Already remote capable
     Updated Drivers in 1.1          (cont.)


• Exchange
    All ten custom attributes now supported
    All DAPI API attributes now supported on the
     subscriber channel


• Lotus notes
    Multiple   databases now supported from a single
     instance
     Drivers, New, GroupWise

• Included on DirXML 1.1 CD
    Separate   install
• Supports Versions 5.5 and 6.x
• Account provisioning
    Add, Modify, Move, Rename
    Synchronizes attributes

• Requires DirXML 1.1
                           wiN
gear up,
rope in,
and climb on
with Novell
Provisioning
                                   big
solutions




                        pick up your entry card today
                         at the

               Novell Provisioning table
                   in the
                  one Net solutions lab

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:5
posted:11/2/2012
language:English
pages:37