1 / 19

22. NT, UNIX and Novell NetWare

22. NT, UNIX and Novell NetWare. Local audit policy Success Failure. •. User login/logout. ü. ü. •. File and object access. ´. ü. •. Use of user rights. ´. ´. •. User and group management. ´. ü. •. Security policy changes. ´. ü. •. Restart/shutdown. ü. ü.

phoebe-stanley
Télécharger la présentation

22. NT, UNIX and Novell NetWare

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 22. NT, UNIX and Novell NetWare

  2. Local audit policy Success Failure • User login/logout ü ü • File and object access ´ ü • Use of user rights ´ ´ • User and group management ´ ü • Security policy changes ´ ü • Restart/shutdown ü ü • Process tracking ü ü \\ freds _ pc Domain \\bills_ pc Domain (my_d) \\server1 (my_d) Domain audit policy Success Failure • User login/logout ü ü • File and object access ´ ü • etc

  3. UNIX file attributes

  4. UNIX • TCP/IP for its communications. • NFS for mounting files over a network. • ICMP (for ping, traceroute, and so on). • RIP (for routing). • ARP (for determination of MAC addresses). • DNS (for determining domain names). • BOOTP (for IP address allocation). • FTP (for file transfer). • TELNET (for remote login). • NIS (for creating domains). • RPC (for remote processing execution). • SMTP (for e-mail). • SNMP (for network management)

  5. Application Application Presentation Application program Presentation Application program Session Session Transport Driver Interface (TDI) Transport Transport UNIX/ UNIX/ NetWare Windows NetWare Windows Internet Internet Network Device (SPX/IPX) (NetBEUI) (SPX/IPX) (NetBEUI) (TCP/IP) (TCP/IP) Interface Specification Network Network (NDIS) NDIS Wrapper Media Access Control Data link Media Access Control Data link NDIS NIC Driver NIC Ethernet/ ATM/ ISDN/ etc. Physical Ethernet/ ATM/ ISDN/ etc. Physical

  6. Application programs NetWare shell (NETx) NCP (network core protocol) SPX/IPX NetWare client: Windows NT, Windows 3.1, ODI (open Unix, OS/2, Mac or DOS data-link interface) NIC (network interface card) software hardware server

  7. Problems with Novell NetWare 3 • It uses SPX/IPX which is incompatible with TCP/IP traffic. • It is difficult to synchronize servers with user information. • The file structure is local to individual servers. • Server architecture is flat and cannot be organized into a hierarchical structure (Bindery services).

  8. NDS • Hierarchical server structure. • Network-wide users and groups. • Global objects. NDS integrates users, groups, printers, servers, volumes and other physical resources into a hierarchical tree structure. • System-wide login with a single password. This allows users to access resources which are connected to remote servers. • NDS processes logins between NetWare 3.1 and NetWare 4/5 servers, if the login names and passwords are the same. • Supports distributed file system.

  9. NDS (cont.) • Synchronization services. NDS allows for directory synchronization, which allows directories to be mirrored on different partitions or different servers. This provides increased reliability in that if a server develops a fault then the files on that server can be replicated by another server. • Standardized organizational structure for applications, printers, servers and services. This provides a common structure across different organizations. • It integrates most of the administrative tasks in Windows-based NWADMIN.EXE program. • It is a truly distributed system where the directory information can be distributed around the tree. • Support for NFS server for UNIX resources. • Multiple login scripts, as opposed to system and user login scripts in NetWare 3.1. • Windows NT support.

  10. Organization Root objects Electrical Mechanical Production Administration Container objects BINS/VOL1 Q_LASER Container objects CD_DISK SYS/VOL2

  11. [ROOT]. This is the top level of the tree. The top of the NDS tree is the [ROOT] object. • C=Country. This object can be used, or not, to represent different countries, typically where an organization is distributed over two or more countries. If it is used then it must be placed below the [ROOT] object. NDS normally does not use the Country object and uses the Organization Unit to define the geographically located sites, such as SALES_UK.[ROOT], SALES_USA.[ROOT], and so on. • L=Locality. This object defines locations within other objects, and identifies network portions. The Country and Locality objects are included in the X.500 specification, but they are not normally used, because many NetWare 4 utilities do not recognize it. When used, it must be placed below the [Root] object, Country object, Organization object, or Organizational Unit object.

  12. Leaf Objects (CN - Common Name) Apart from the container objects (C, O, OU, and so on) there are leaf objects. These are assigned a CN (for Common Name). They include: CN=AFP Server CN=Bindery CN=Bindery Queue CN=Computer CN=Directory Map CN=Group CN=Organizational Role CN=Print Queue CN=Print Server CN=Printer CN=Profile CN=Server CN=User CN=Volume

  13. LP=Licensed Product. This object is automatically created when a license certificate is installed. When used, it must be placed below the [Root] object, Country object, Organization object, or Organizational Unit object. • O=Organization. This object represents the name of the organization, a company division or a department. Each NDS Directory tree has at least one Organization object, and it must be placed below the [Root] object (unless the tree uses the Country or Locality object). • OU=Organization Unit. This object normally represents the name of the organizational unit within the organization, such as Production, Accounts, and so on. At this level, User objects can be added and a system level login script is created. It is normally placed below the Organizational object.

  14. Secondary server Primary server Duplexed traffic MSL adapter MSL adapter NIC NIC Network connections

More Related