Thursday, December 22, 2005

Try the latest KDE 3.5 without recompiling SuSE 10

Do you want to take the latest KDE 3.5 Desktop for a ride, but don't know where to turn to get more information on uprading your desktop? If you're a SuSE user you're in luck! Not only does SUSE make it easy in general to upgrade programs with its YaST system administration program, SUSE is one of the few distributions for which there are already pre-complied binary packages so you don't need to compile the desktop yourself.

Read more in this article by Steven J. Vaughan Nichols


Tuesday, December 20, 2005

SuSE Linux - Business Class vs Consumer Class

I recently had a conversation with Mike, the local Novell Category Specialist on the differences between SLES and NLD vs SuSE Linux. He told me the same answers that are in this Novell Cool Solutions document written by Rick Holzer.

Read more...

The initial differences between SUSE Linux (previously called SUSE Linux Professional) and Novell Linux Desktop (NLD) / SUSE Linux Enterprise Server (SLES) are listed here:

http://www.novell.com/products/suselinux/comparative.html

"Effectively, NLD and SLES have a long life cycle of seven years, which is guaranteed. While SUSE Linux has a short life cycle where we offer a "tradition" (not a guarantee) of security fixes for two years.

Because of this long life cycle, software vendors and hardware vendors will certify their SUSE Linux products against SLES and NLD, which is not done for SUSE Linux. Furthermore, Novell will not open a support ticket on SUSE Linux for the same reason."

  • NLD is a sub set of SUSE Linux. NLD does not include any server packages.
  • NLD and SLES do not include any beta packages.
  • NLD is better integrated than SUSE Linux. An example would be that when one clicks on a link in an email in NLD, the appropriate application will open for that link. This can be done with SUSE Linux, but you have to set it up.
  • SLES is a subset of SUSE Linux. SLES does not include any desktop productivity packages, just server packages.
  • SLES is refined to meet ISV certification requirements, as well as has minor addons such as an LDAP configuration module in YaST.

Thursday, December 15, 2005

How to enable Linux Remote Administration

Remote Linux administration is easier than ever before! Linux Author Emmett Dulaney walks you through the set-up process using SuSE as an example.

Read more...


Friday, December 09, 2005

Installing SuSE Linux 10 on a Laptop


Earlier I posted two links on SuSE Linux 10 Step by Step Install.
I'm adding this great article by Steven J. Rosen about installing SuSE Linux 10.0 on a laptop which includes information on getting a Wireless card to work with the NDISWrapper.

Read More...

"All in all, SUSE Linux 10.0 OSS is the best Linux system I've used. It's easy to install and has a large selection of both desktop and server software. It has been extremely stable during my use. It is clearly an excellent choice for Linux beginners, with its fine documentation, easy installation, and comprehensive graphical configuration tools, while also offering software selection and powerful tools for the experienced user. So stop reading this article and get busy -- go get SUSE Linux and install it!" - Steven

Thursday, December 08, 2005

Novell eDirectory Questions and Answers

Every few months Novell releases the eDirectory Q & A list. This is an excellent document. It's like being in a room with a Novell Engineer and just listening to a Q & A session. Anyone who administers Novell eDirectory will learn something from this document.

Here are a few examples:
The list goes on and on so make sure you take a few minutes and examine some of these excellent documents.

Wednesday, December 07, 2005

Just say No to Microsoft

Slashdot - Check out this new book, "Just Say No to Microsoft: How to Ditch Microsoft and Why It's Not as Hard as You Think".

Read more

And check out Get Off Microsoft!

"For many people who don't know better, they expect that a blue screen of death and monthly patching is part of a standard computing environment. Just Say No to Microsoft: How to Ditch Microsoft and Why It's Not as Hard as You Think is an interesting read that will open the eyes of those users to a cheaper, more secure and robust open source solution.

The books main charges are that Microsoft has been far too predatory and that Bill Gates is not the technical genius that he is made out to be. Microsoft's questionable business tactics are not without ethical lapses, but it must noted that Microsoft is simply one in a long line of companies that have used their size and deep pockets to quash the competition. Microsoft is not alone and joins companies such as American Airlines, Ford and General Motors, Wal-Mart and more that have engaged in practices that while good for their stockholders, have not been good for the competition.

Two of the companies that Microsoft has been accused of destroying are Novell and WordPerfect. Yet much of the blame for the demise of these two companies goes to their management that did not know how to properly market their products nor deal with a competitor such as Microsoft. This is not meant to imply that Microsoft is blameless, rather that Novell and WordPerfect had plenty of opportunities to fend off Microsoft, yet did not rise to the challenge."

======
I'm all for using alternatives to Microsoft!
- Bucky

Monday, December 05, 2005

Have you seen the new Toolbox for NetWare? TBX.NLM

I was reading fellow IT Blogger SysAdmin1138's blog about Toolbox and then read one of the comments from Alex. Toolbox has been replaced with TBX.NLM. This is a very cool utility and acts like a quick DOS or Linux type shell to manage NetWare files. This utility ships with NetWare 6.5 and I was surprised that even while working at Novell, I never knew about this.

Read more from TID 10099359

On NetWare 6.5:
To get a list of commands, load TBX.NLM then type "?" or "tools" or "man".

Also while you're at it check out CPQFM.NLM originally from Compaq. This is a must have for managing files direct from the NetWare console.

Enjoy,
- Bucky

Thursday, December 01, 2005

Novell 4 Q Earnings surpassed expectations

Earnings are out. I stated earlier today that analysts expected Novell to earn 3 cents per share for the quarter on $300.39 million in revenue; and 9 cents per share for the year on $1.18 billion in revenue.

In after hours trading Novell shares rose to $7.90 after Novell said it lost $5 million, or a penny per share on revenue of $320.3 million. Excluding charges, Novell would have earned $33 million, or 7 cents a share.

Revenue was up. Sales of Novell's version of Linux are finally getting off the ground, increasing by about 400% year over year, while total sales and operating profitability are greater than they've been in some time

I expect Novell shares will climb in the next few days.

- Bucky

Novell 4 Q Earnings Report Due Today Dec 1

Novell reports its fiscal fourth quarter earnings today after market close. Analysts expect the Waltham, Mass.-based networking software maker to earn 3 cents per share for the quarter on $300.39 million in revenue; and 9 cents per share for the year on $1.18 billion in revenue.

Novell laid off officially 600 employees last quarter (I know it was more than 600) in restructering plans. They also announced Ron Hovsepian as President. Ron has a great reputation in and out of Novell. I hope this helps their management pains. They've lost some great Open Source management this last quarter.

The biggest problem in a nutshell is the legacy NetWare business is falling faster than the growth business of Open Source and Identity Mangement is able to keep up with. Novell technology is great and I think it's awesome that they have acquired SuSE and Ximian, two leading Open Source companies. The strategy of creating Open Enterprise Server, the mix of NetWare and Linux is great. It makes it much easier for Legacy NetWare Administrators like myself to ease into Open Source. We get the same Browser Based Management products and eDirectory to work with Linux. Very nice Novell!

However what about the customers that have no strategy to go Open Source? For example one of my former customers, EDAW headquartered in San Francisco with an operation here in Denver, had no wish to go Open Source and this fueled the fire to drop Novell and go Microsoft. I see this happening too often. In the next two years EDAW will be migrating from Novell and GroupWise to Microsoft and Exchange.

Still I think the TCO to go Open Source and stick with Novell is a sound strategy. I have hope in Novell. Yes I'm a Novell Supporter! Now if Novell can get their Management and Marketing Strategy in place I will have more warm fuzzies for the future.

I'll post the Novell Fourth Quarter year end here later today.

- Bucky

Friday, November 25, 2005

Thanksgiving with Novell

Novell: What's there to be thankful for?

Article by Dave Kearns, Network World

"It's a good time to pause and reflect on what we - Novell users, Novell employees and (sadly, too many these days) former Novell employees - have to be thankful for."

Read more

Happy Thanksgiving!
(I'm very thankful)
- Bucky (Former Novell Employee)

Wednesday, November 23, 2005

eWeek Review - GroupWise 7 Retains Client Edge

With GroupWise 7.0, Novell Inc. has simplified information management for users, maintaining GroupWise's excellent pedigree as an enterprise-class messaging and collaboration application.

"eWEEK Labs' tests show that it delivers considerable value, particularly in the way the GroupWise client exposes the platform's excellent workflow tools without sacrificing ease of use and learning. The GroupWise family also includes GroupWise Messenger, an instant messaging server and client."

Read more

"Like IBM's Lotus Notes and Microsoft's Exchange, Novell's GroupWise client/server architecture provides an excellent environment for managing collaboration on tasks and documents. Novell has done a good job of refining the user interface in this release of GroupWise, making information more accessible and easier to organize. Client support for Mac OS X and Linux operating systems sets GroupWise apart from its competition, as does support for both Outlook and Evolution clients."

More info

Monday, November 21, 2005

How to monitor bandwidth consumption

I came across this article that talks about a nifty tool called MRTG (Multi Router Traffic Grapher). MRTG is a tool to monitor the traffic load on network-links. MRTG generates HTML pages containing graphical images which provide a LIVE visual representation of the traffic.

I've been onsite to companies using this cool tool and it's a great way to watch amd monitor your bandwidth consumption. Best of all... It's free! Well it's freely available under terms of the GNU General Public License. This tool works and operates on Windows, Linux, and yes... even NetWare servers!


- Bucky

Friday, November 18, 2005

Linux Marches On

"Step by step, the foundation underpining Linux just gets stronger and stronger."

1. Open Invention Network

2. Open Source Development Labs Patent Commons Reference Library

3. LPI announced 100,000 delivered Linux professional exams.

"Linux Torvalds once told me that Linux was like a flood that rises at a rate that you don't see if you're staring at it, but will surprise you if you haven't been paying attention. That's exactly what's happening."

Read more

- Steve Hamm

Thursday, November 17, 2005

SuSE Linux 10 Step by step install

Installing SuSE Linux 10 couldn't be easier with this step by step Installation guide including screen shots.

First choose your download site here.

Next follow the SUSE Linux 10 Installation guide:
http://www.novell.com/products/suselinux/installation.html

There. Very easy!

- Bucky

Wednesday, November 16, 2005

Backup Exec Java Admin Console fails to connect

Here is another issue that I came across.

The Java Administration Console for Backup Exec 9.0/9.1 for NetWare Servers fails to connect to the media server and no error is displayed.

On July 27, 2005, the certificate for the Sun Java Cryptography Extension component that is included with the Backup Exec (tm) 9.0/9.1 for NetWare Servers product expired. After this certificate expires, the Backup Exec Java Administration Console stops when it attempts to connect to the media server, and cannot be used to manage the media server.

Fix:
This issue is permanently resolved by applying the Backup Exec 9.0/9.1 for NetWare Servers - Java Administration Console JCE Update:
http://support.veritas.com/docs/278129

More information: This is related to one of my earlier posts from July.

Veritas Backup Exec Job doesn't start after changing password

I've been struggling with this issue. We had to change the Veritas Backup Exec for NetWare 9.1 backup user password. Since then the backup jobs don't even start. So.. I wrote a TID on this.

Fact:

NetWare 6.5 SP2

Veritas Backup Exec for NetWare 9.1

No Veritas Support Document found for this solution.


Symptom:

Tried to start a backup job but the job failed since changing
the backup user password.
Backup Exec Log File from Job server: HLTCLX2
Could not connect to HLTCLX.NetWare File System/HLTCLX/SYS:.
The login credentials may be incorrect.
All selections for this device will be skipped.
Job completed: With ERROR - Could not connect to HLTLAK.NetWare File 
System/HLTLAK/Server Specific Info:.
The login credentials may be incorrect.
All selections for this device will be skipped.

On NetWare Console Screen received following errors:
11-14-2005
7:00:50 pm: DS-10551.13-269
Severity = 1 Locus = 17 Class = 19
Intruder lock-out on account .backup.Admin.MyCompany

Change:Network Administrator UserID and Backup User ID password had to be changed.
After changing the password received the above errors.
Tried changing the password again, and was successful
logging into Backup Exec Administration Console.
However still received the above errors.

Cause:Backup Exec uses it’s own proprietary database as well
as the Novell eDirectory Database. Even though the password was
changed in eDirectory the password has to be the same on the
Backup Exec User Password Database.

Fix:How to delete the Backup Exec User Password Database and create
new users to match the eDirectory database

  1. Exit out of the Backup Exec Administration Console
  2. Type  :BESTOP  to halt Veritas Backup Exec at the NetWare Console
  3.  Map a drive to SYS:\BKUPEXEC\JOBDATA
  4. Rename the two files used for the User Password Database –   
    userpass.dat and userpass.idx
  5.  Type :BESTART at the NetWare server Console
  6.  Switch to the Backup Exec Administration Console and
    select Jobs : Backup Menu : Make Selections
  7. Press the Spacebar so all selections are highlighted in red.
    Press F2 and put in the userid and password that matches the userid used in eDirectory.  
    This will create and update new userpass database files for Backup Exec and NetWare.
  8. Check the SYS:\BKUPEXEC\JOBDATA directory and verify that there are new userpass.* files. 

Tuesday, November 15, 2005

NetWare Server Uptime Screen Shots - Cool!


Check out this Cool Solutions Article with these Novell NetWare Screenshots showing NetWare Uptime! NetWare can be such a workhorse!

http://www.novell.com/coolsolutions/trench/241.html

Monday, November 14, 2005

How a Linux Distro Saved Hard Disk Data

Life in the trenches! This is a great feature of using Linux! I've done this before.

http://www.linuxjournal.com/article/8661

Our search-and-rescue expert is back to share how he recovered a master boot record and reclaimed lost data.

This article describes how, using a typical Linux distro (SuSE 8.0, in this case) it was possible to recover the master boot record and, with it, his friend's daughter's data.

Saturday, November 12, 2005

Clarification on KDE and GNOME

In an earlier post, it was stated that Novell will now standardize on GNOME as the Desktop for all versions of SuSE Linux.
See my earlier POST

From the Novell PR Website - Novell SuSE Linux "will continue to ship with both the GNOME and KDE desktop environments. In upcoming versions of Novell enterprise applications, the default desktop environment will be GNOME. When customers install Novell Linux products, they will be given the option to choose either the GNOME or KDE environment during the installation process. If the user makes no explicit choice, GNOME will be installed."

See the full Novell PR Blog here.

So GNOME will be the new default. Presently GNOME is the default on Novell Linux Desktop, but on the SuSE Linux Professional and SLES9 the default is KDE. I guess this is no big deal, but to some Linux die-hards it's kind of like a big war. KDE vs GNOME!

I'm used to KDE on the Servers and GNOME as my desktop...

- Bucky

Friday, November 11, 2005

Helping Employees Get the Most out of Technology

Novell Cool Solutions Article:
Technology provides numerous benefits to organizations on many levels. Increased efficiency, faster processing, higher productivity, and improved profitability are just some of the rewards for those that accept and integrate improving technology. The biggest challenge for technology, especially the introduction of new office productivity software, is twofold. The first is management's concern of maximizing the use of the software to improve productivity, and the second is the continuous learning required for updates and upgrades of the existing software tools. Initially, every organization views their decision to invest in technology and software as a wise one. But technology becomes a challenge and obstacle for the organization when attempting to simply keep up with new features and competitive forces. As a result, the initial investment made is quickly perceived as an unnecessary expense.

Read More

Thursday, November 10, 2005

How does Linus Torvalds pronounce Linux?

How does Linus pronounce the word, "Linux"?
Click here to find out:
http://www.pctech101.com/linux.mp3

Teen Sex and the Linux Desktop

Blog from Nat Friedman of Novell:

"The [Linux desktop] has become a lot like teenage sex," Matthew Szulik, Red Hat CEO, said recently. "A lot of people are talking about it but not many people are doing it."

On September 15th The National Center for Health Statistics published a report with some handy graphs illustrating the incidence of sexual intercourse among teenaged Americans.

These graphs report that by age 19, 69% of American males and 77% of American females have had sexual intercourse. In fact, by age 17, about half of all teenagers have taken a ride on the wild elmo.

So, I don't know if Matthew has teenaged children or not, but if he does, I hope he's paying more attention to his Linux teams!

- Nat

Wednesday, November 09, 2005

Gartner Report - Novell's Restructuring Offers Clearer View of Strategy

Recent announcements offer some clarity about how Novell intends to address the market. But the company must back up its stated strategy by offering further details on its intended direction for its products and services.

Gartner Report

Got Mac's? NetWare and Mac's just got easier!

Prosoft updates NetWare support for Apple Mac's
Check out Dave Kearns latest Novell Tips

This is a pure IP client - no AppleSoft needed (which all Novell-developed clients required). Nothing needs to be installed on the server - just load the new client on your Mac, and you can immediately connect to a NetWare 5.1 or higher server.

Among the features in this version of the client are:

* Support for files larger than 4G bytes on servers that are running NetWare 6 SP3 or later (NSS volumes only).

* NetWare Core Protocol packet signing for enhanced security.

* Directory mount-root support (allows a sub-directory on a volume to be mounted as if it were the root of the volume on the client), and the support of billions of volumes and directories.

* File system access control list support (for viewing trustee rights).

NetWare does ship with Native File Access for the Macintosh, but that uses Apple File Protocol for authentication not native NetWare authentication services, which have much stronger security.

Tuesday, November 08, 2005

Free Linux eBooks

Pssst. I have a secret place to download free Linux eBooks.

http://www.pctech101.com/pcebooks.php

This is the benefit of keeping up with my blog site. Once in awhile you get information that will actually help you.

Keep reading... ;-)
- Bucky

Thursday, November 03, 2005

Document Your NetWare 6.5 Installation

From Novell Cool Solutions: Henny van der Ben shares a template he uses when installing NetWare 6.5. It walks you through the NetWare installation process and prompts you for your settings as you install it.

http://www.novell.com/coolsolutions/tip/16149.html

Download the Template File here

Wednesday, November 02, 2005

Say it isn't so... Novell Denver Sales Office closing!

Novell is definately making some cutbacks! Besides me losing my job at Novell, I just heard today that the Novell Denver DTC Sales Office is now closed.

This is both good news and bad news. The good news is that Novell finally is making some tough decisions to cut costs and remain profitable. Novell Stock should go up which should please shareholders. We still have some very good talent with the Denver Sales Team and the Category Specialists - Mike, Bob, and David. We still will have the Novell Training and Advanced Technical Training, just not at the Novell Office.

For information on how to contact the Rocky Mountain Sales team contact Elaine Lawrence at 801-321-7345 or elawrence@novell.com

I recommend subscribing to the Novell Colorado Announcements Listserver

The bad news is I'm not sure what type of marketing message this sends to customers in the Rocky Mountain Region.

- Bucky

Tuesday, November 01, 2005

Creating a Windows Image that works on anything

This is a great article by Andrew White. I had to pass it on.

http://www.novell.com/coolsolutions/trench/11664.html

"This image "should" work on just about anything. We use it on everything from PIII340 up to the latest P4's, laptops and so far it's never failed to boot. You may need to have some drivers disks handy (sound and graphics are usually not found by default).

"

Monday, October 31, 2005

iManager 2.5 Configuration - Cool Solutions

Check out this new Cool Solutions Article on iManager 2.5

http://www.novell.com/coolsolutions/feature/16129.html

iManager is designed for both end users and administrators. The common experience for both these types of users is logging on to a web site and having the proper identity, authentication and security provided via eDirectory.

For the end user, the Console interface shows specific tasks, such as creating users, changing passwords, and various other delegated tasks.

For the administrator, the Console interface shows additional specific tasks, such as setting up groups, defining Roles and Tasks, and directory-specific administration tasks.

Summary of Customer Benefits

Here are some of the customer benefits that Novell iManager provides:

  • Strengthens the business value of Novell products and solutions by providing a unified management interface
  • Reduces customer barriers to adoption of Novell products and solutions
  • Reduces customer administration and training costs via a web-based access to network resources
  • Increases overall console quality via focused effort
  • Developer-friendly - administration interfaces can be easily created, with little or no development experience
  • Flexible - it goes beyond Novell-only usage, and it provides support for partner offerings

Other value propositions for iManager include:

  • Role based services for delegation of administrative tasks
  • Object selector
  • Common look and feel
  • Multi-platform installation of a web environment
  • Leveraged Authentication
  • Localization
  • Model-view-controller architecture
  • Easy plug-in deployment

Friday, October 28, 2005

Troubleshooting iManager on NetWare

I've received a few calls where iManager 2.02 doesn't work when accessing it through the browser.

https://serveripaddress/nps/iManager.html

For iManager to install and work properly, the following items must be functioning on the server.

See the full troubleshooting steps in TID 10090732

1. SSL (Server Certificates)
2. LDAP over SSL
3. Tomcat
4. Apache

You shouldn't troubleshoot Tomcat or Apache, until you verify that SSL and LDAP is working correctly.
I'm going to add some quick hints.

1. Check for Server Certificates
In ConsoleOne verify the following certificate objects exist in the same context as Server1.
SAS Service - Server1
SSL CertificateIP - Server1
SSL CertificateDNS - Server1
Download PKIDIAG from the Novell Support Site: Search on PKIDIAG.NLM

2. LDAP over SSL
Check the LDAP Server and LDAP Group Object.
Download an LDAP Browser to check correct connection.
Verify that ports 389 and 636 are open on the server. Unload NLDAP and reload NLDAP and check that the SAL nlm's autoload with NLDAP.
load DSTRACE.NLM and use the ldap filter. (See TID 10059954, LDAP Article)


Once you can connect with the LDAP browser over authenticated SSL you're ready to check if TOMCAT is loading properly.

3. Verify that Tomcat is loading properly

Troubleshooting Tomcat consists of loading TOMCAT4 and viewing the logger screen for errors.

To stop Tomcat type at the server console TC4STOP. Wait about a minute and then type TOMCAT4. Tomcat will take two to three minutes to complete loading. When done the following line should appear on the Logger screen.

INFO: JK2: ajp13 listening on /0.0.0.0:9010

If you do not see the ajp13 listening on port 9010 message, then Tomcat is not loading properly or is still in the process of coming up.



4. Verify that Apache is loading properly

Verify the Apache Server is running. On NetWare 6.5 it will show up as a screen labeled "Apache 2.0.4x for NetWare". You can also go into TCPCON and verify that ports 80 and 443 are listening. To stop the Apache web server on NetWare 6.5 is AP2WEBDN and then AP2WEBUP.

Look at - SYS:\APACHE2\CONF\HTTPD.CONF
Verify there is an INCLUDE statement the same as below.

Include sys:/tomcat/4/conf/nps-Apache.conf

Also you may want to check that NILE.NLM is loaded in the correct order and is in fact loading correctly.



More info:
Cool Solutions http://www.novell.com/coolsolutions/qna/14586.html


Wednesday, October 26, 2005

AdRem manages NetWare and OES servers from a single console

Most Novell customers use AdRem Free Console instead of RconJ or RConsole. Well AdRem just released Server Manager 5.0 and it's well worth taking a look.
Read the following article for all the features then go and download it.

AdRem manages NetWare and OES Servers from a single console

Check out AdRem Server Manager 5.0

Tuesday, October 25, 2005

What Red Hat said about Novell and SuSE

Read what Dave Kearns said about what Red Hat said about Novell and SuSE.

Nice article...

"What Lowery was perhaps too polite to point out was Novell's utter dominance of Red Hat in the areas of identity management, network management and collaboration services. Szulik's comments may well be the desperate remarks of a CEO who sees his company's lead slipping away. Linux may not be in your future plans, but if it is then SuSE Linux (via OES) is by far the best choice for your network."

Tuesday, October 11, 2005

NetWare 6.5 Support Pack file mixup

There was an inadvertent mixup in the build process for some of the files that are included in post-NW65SP3 patches and the current shipping NW65SP4. Here is a list of those files and how to make sure the most current ones are being loaded on the server:

TID 10098928

Wednesday, September 21, 2005

FYI NetWare 6.5 SP4 NSS corruption issue

Novell has discovered a serious NSS corruption issue with NetWare 6.5 SP4 when running the rebuild option. In certain cases the overflow beasts containing trustee or compression metadata may be truncated out of the NSS database causing the loss of trustees or even compressed files.

There is a tool being prepaired called FIXOVFT to help repair the trustee link to the overflow beast. Watch for the fix / patch soon. I'll post a link here on my blog site. There is discussion about removing NetWare 6.5 SP4 and re-releasing SP4 with the fixed rebuild option.

Loss of compressed files will have to be restored. Trustees will need to be recreated or restored from backup.

NetWare 6.5 SP4 was released August 30, 2005.

Saturday, September 10, 2005

When to use YaST2, YOU or Red Carpet

What are the differences between updates, patches and packages. When do we use Red Carpet/rug? When do we use YAST2 or YOU to install them?

More information can be found in this Cool Solutions article by Stomfi.

Also check out my past Blog post on how to patch SLES9 and OES Linux.

- Bucky

Thursday, September 08, 2005

Wednesday, August 31, 2005

NetWare 6.5 SP4 and OES SP1 Available

The NetWare and Open Enterprise Server Supports Packs are available for downloads.
This Support Pack contains updates for components contained in the NetWare 6.5 product. The purpose of this Support Pack is to provide fixes that have all been tested together.

Applying this Support Pack upgrades all of your NetWare 6.5 components to OES NetWare, except for iManager. iManager 2.02 is not upgraded to iManager 2.5, but updates for iManager 2.02 or 2.5 are installed, depending on which version is installed.

What's new in OES SP1?

NetWare 6.5 SP4 and OES SP1 Overlays:

OES Linux SP1 Overlays and iso

Open Enterprise Server Linux SP1 Overlays and ISO files are avaiable.

What's New in OES SP1 and download information

To patch an existing Linux Open Enterprise Server, download the following required images:
oessp1linux1.iso
oessp1linux2.iso
oessp1linux3.iso

If you want to install a new server running Open Enterprise Server with Support Pack 1, download the complete installation set of images
http://download.novell.com
oessp1linux1.iso
oessp1linux2.iso
oessp1linux3.iso
oessp1lnx5sles92.iso
oessp1lnx6sles93.iso
oessp1lnx7sles94.iso

Optional ISO Images: the following ISO images contain source code and are not required during the installation.
oessp1linux4.iso
oessp1lnx8sles95.iso
oessp1lnx9sles96.iso

If you already have a copy of SUSE LINUX Enterprise Server 9 and want to install Open Enterprise Server for Linux, download the following required images:
oessp1linux1.iso
oessp1linux2.iso
oessp1linux3.iso

(In addition to the these images, you need your original SUSE LINUX Enterprise Server 9 for x86 architecture CDs.)

When burning the images to a CD, label the CDs as detailed below. The installation process prompts you to insert the relevant CD using the label name.

CD Image CD Label Name
oessp1linux1.iso Open Enterprise Server SP1 CD1
oessp1linux2.iso Open Enterprise Server SP1 CD2
oessp1linux3.iso Open Enterprise Server SP1 CD3
oessp1linux4.iso Open Enterprise Server SP1 CD4
oessp1lnx5sles92.iso SUSE CORE Version 9 CD 1
oessp1lnx6sles93.iso SUSE CORE Version 9 CD 2
oessp1lnx7sles94.iso SUSE CORE Version 9 CD 3
oessp1lnx8sles95.iso SUSE CORE Version 9 CD 4
oessp1lnx9sles96.iso SUSE CORE Version 9 CD 5

New Novell Client 4.91 SP1 is available

Novell Client for Windows v4.91 Support Pack 1

This Support Pack contains updates for Novell Client for Windows v4.91 only.

Download nc491sp1.exe

Obtain the Novell 4.91 Client from http://download.novell.com

NetWare CIFS Denial of Service Vulnerability

Description:
A vulnerability has been reported in NetWare, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an unspecified error in CIFS.NLM when handling password lengths and can be exploited to cause crash the service.

The vulnerability has been reported in NetWare 5.1, 6.0, 6.5 SP2 and 6.5 SP3.

NOTE: The "worm_rbot.ccc" worm, which exploits a Windows vulnerability, may reportedly trigger this vulnerability.

Solution:
Apply CIFS update.


Tuesday, August 30, 2005

IP Subnetting

If you're persuing any certification such as CCNA, MCSE, CNE, LPI, or CLP be it Cisco, Microsoft, or Linux, you're going to get test questions on IP Subnetting.

I've come across some web sites that give good tutorials for IP Subnetting:
CertCities.com Linux Certification

Test Question Example:
You have been allocated a 130.16.0.0 IP address for your network. At present we need 13 subnets. In the future we will need to allow for the expansion up to 28 subnets. You need to be able to connect up to 2000 IP addresses available in each subnetwork.

Devise an IP addressing scheme, giving the subnetwork, first host, last host and broadcast IP addresses for each subnet. Also specify the subnet mask you would use.
Use the methodology described next.
You will need to
i. Determine the required number of bits to borrow for subnetting.
ii. Determine the subnet mask
iii. Determine all subnet network addresses
iv. Determine the addresses of the first host, last host and broadcast on each subnet.
You need to include all the calculations and explanations for each item; no marks will be awarded for any unjustified correct answers.

Answer:
Range: 130.16.8.1 to 130.16.15.254
Broadcast: 130.16.15.255

Now, the others from the calc is:
2 - 130.16.16.1 to 130.16.23.254
3 - 130.16.24.1 to 130.16.31.254

More info:
The number of subnets will define how many bits of the IP address you need to use for the network portion of the address, and the number of hosts per subnet will define how many bits of the IP address you need to use for the host portion of the address.

Okay... you're given the Class B address 130.16.0.0. Normally, for a Class B address, 16 bits are used for the network portion and 16 bits are used for the host portion. At present, we need 13 subnets, but we must be prepared for future expansion. Therefore, we should allocate 28 subnets (yes, ignore the 13 subnet part - it's there to make sure you're reading the whole question correctly). That means we need to steal, at a minimum, 5 bits that we would normally use for host addresses and use them for subnets. Why 5 bits? Because 2 to the 5th power is equal to 32 (2 to the 4th power only gives 16 subnets... 2 to the 6th power gives 64 subnets). Even discounting the "all-zeros" and "all-ones" subnets, we still have 30 subnets we can use.

Okay, so how many bits does that leave us for host addresses for each of those subnets? Well, we used to have 16 bits... but we stole 5 for subnets. Is 11 bits enough to handle 2000 IP addresses per subnet? Let's calculate... 2 to the 11th power is 2048 - minus 2 addresses for the network address and broadcast address, and we've got 2046 available IP addresses per subnet. Barely enough!

Back to the subnet portion... how do you get the increase of 8 for each range? Here's how I look at it:

A /16 mask (normal Class B) has 1 big subnet, with an "increase" of 256 per range.
A /17 mask (stealing one bit for subnets) makes 2 subnets (provided you can use the all-zeros and all-ones subnets), with an "increase" of 128 per range.
An /18 mask makes 4 subnets, with an "increase" of 64 per range.
A /19 mask makes 8 subnets, with a 32 increase per range.
A /20 mask makes 16 subnets, with a 16 increase per range.
A /21 mask (stealing 5 bits, which is what you have), makes 32 subnets, with an 8 increase per range. Your calculations are accurate.

Thursday, August 18, 2005

How to patch SLES9 and OES Linux

Knowing how to correctly update your Novell/SUSE Linux system is crucial in keeping the system healthy and up to date. Different distributions use different update technologies to provide updates.

Guide to patching Novell / SUSE Linux Distributions

  • Novell Open Enterprise Server
OES is updated using Red Carpet/rug. YaST Online Update is not used to update OES.

  • SUSE Linux Enterprise Server
SLES is updated officially using YaST Online Update (YOU). In order to update via YOU, a current maintenance contract is required.

Access to updates via YOU is gained through the SUSE Portal at portal.suse.com. SUSE Portal accounts can be created for free off the Portal home page. Once an account is created, products can be activated by clicking the Manage Registrations link.

YOU is run by starting YaST and then selecting Software > Online Update.
  • Novell Linux Small Business Suite 9
NLSBS is updated using Red Carpet/rug. Inside of Red Carpet/rug, apply updates to keep the system current.
  • Novell Linux Desktop 9
NLD 9 is updated with Red Carpet/rug using the update functionality.


More documents:
How to register and receive updates

Patching Open Enterprise Server Frequently Asked Questions(FAQ)

Checking for a support pack on a Linux Desktop or Server

Updating SUSE Linux Enterprise 9 - A list of YOU Servers

How to Mirror OES Server Patches with ZENworks Linux Management

Updating Open Enterprise Server

Subscribing to Channels in OES

OES Patch Channel not visible

Patching OES Linux when just using SLES9 without OES services with YOU

rug / Red Carpet FAQ

Terminology:
ZLM - ZENworks Linux Management
Red Carpet - SUSE Linux Update Utility - GUI
rug - Red Carpet command line Upgrade Utilty
YOU - YaST Online Update
YaST - Yet another Support Tool

Info:

The URL for OES updates is https://update.novell.com/data.

To see if the OES service is already added, enter rug service-list at the terminal.

If the OES service isn't present, add it with rug sa https://update.novell.com/data

See TID 10097537 (rug / Red Capet FAQ) for more information on Patching OES linux with rug.

Tuesday, August 16, 2005

News from Premium Service August 2005

August 15, 2005
Issue 8, Volume 5

Newsletter


I will be posting two newsletters each month on this blog. This is the 2nd newsletter for the month of August.

August is becoming a very busy month for Novell. This month Novell ships several new products including GroupWise 7, ZENworks 7, Novell Security Manager 6. In addition Novell is shipping Open Enterprise Server SP1. Novell also opened up Suse Linux with OpenSUSE.org.

- Bucky

Monday, August 15, 2005

Novell Ships GroupWise 7

WALTHAM, Mass.—15 Aug 2005—Novell today announced that Novell® GroupWise® 7 is now available worldwide. Novell GroupWise is the most secure and reliable collaboration platform in the industry and runs on multiple operating system platforms. GroupWise 7 delivers significant advances to increase end-user productivity such as integrated e-mail and instant messaging, enhanced Microsoft* Outlook* support and a pre-bundled license of SUSETM Linux Enterprise Server. As a result, customers benefit from reduced costs and increased productivity as GroupWise 7 manages mission-critical collaboration functions.

Press Release

For more information about GroupWise, visit http://www.novell.com/groupwise

Saturday, August 13, 2005

Novell August Newsletter

This newsletter is a collection of information from Novell. It is provided to give you insight on how Novell can help.

What is the benefit to you? The biggest benefit is it provides links into Novell's website that can provide you with more information. Information that will help you pro-actively plan and manage your network environment; links where you can find tools, answers and solutions.

Novell August Newsletter

  • SUPPORT ISSUES & INFORMATION
  • Virus Warnings
  • Technical Information Documents
  • New Files
  • Cool Solutions
  • Advanced Technical Training
  • Support Life Cycle
  • Novell In The News

Thursday, August 11, 2005

Open Enterprise Server (OES) SP1 - What's New

Open Enterprise Server Support Pack 1 (OES SP1) is scheduled for release on August 31, 2005.
Here is a cool solutions article that gives a quick overview on what's new with this release.

http://www.novell.com/coolsolutions/feature/15728.html

  • iFolder 3.0
  • Improved NSS performance on Linux
  • Novell Client for Linux
  • iPrint enhancements, including iPrint client for Macintosh
  • Improved Migration Capabilities
  • Includes SLES9 SP2, NetWare 6.5 SP4, Novell Client for Windows 4.91 SP1

Novell Press Release

- Bucky

Best quote of day

Best quote of the day from LinuxWorld:




Novell said at the show that it--and its channel partners--can now resell support for the popular MySQL database. Waltham, Mass.-based Novell joins Dell, which said on Monday that it will offer MySQL Network, the subscription support for MySQL.

"This gives us a much broader reach than before. This is a big vote of confidence because we're still a modest-sized company," said Zack Urlocker, vice president of marketing for MySQL, Cupertino, Calif.

Some solution providers said having big-name support backup is critical. For example, Santa Barbara, Calif.-based Novacoast is a VAR and integrator but also ends up doing custom application work for customers, said CTO Adam Gray.

"Having Novell or Dell support helps us better support the customers,” Gray said. “They're both 24 hours a day, and if I'm up at three in the morning fixing something, it's nice to have that."





Keep in mind the support offerings when you choose your vendors!

- Bucky

Wednesday, August 10, 2005

iPrint Troubleshooting

Geoffry Carmen posted an excellent article on iPrint Troubleshooting at Novell Cool Solutions.

http://www.novell.com/coolsolutions/feature/15685.html

In this article he mentions many troubleshooting techniques. He also recommends using a secondary IP Address and assigning it to iPrint.

"It is probably a good idea to get an IP address assigned to your iPrint service, since you can move it via a cluster, or even in case of a server failure. If all your users install printers that point at a service address (like iprint.yournetwork.com) instead of a server address (serverA.yournetwork.com), when you move it around, your clients will not need to reinstall the printer. If the IP of the service changes, then the printers look like new printers."

You can assign it as a Secondary IP address. At the console type:

add secondary ipaddress 10.0.0.5

Tuesday, August 09, 2005

Novell Announcements at LinuxWorld

Novell has made some announcements at LinuxWorld SF

Novell LinuxWorld Pressroom

A one-hour press conference will be held at 11 AM MT on Tuesday, August 9th. Audio of the call will be archived and available on the Novell Pressroom Website.

More Novell in the News

LinuxWorld San Francisco August 8-11.

OpenSUSE details emerge

SUSE Professional 9.3 and Beta10 is truly opensource - check out www.opensuse.org

Open Enterprise Server Support Pack 1 (OES SP1) will be available Aug. 31

I Want GroupWise!

Feeling pressure to move away from GroupWise and Novell? Check this web site out!

www.iwantgroupwise.com

Novell GroupWise is a cross-platform, corporate e-mail system that provides secure messaging, calendaring, scheduling, and instant messaging. GroupWise also includes task management, contact management, document management, and other productivity tools. GroupWise can be used on your desktop at work, in a Web browser anywhere you have an Internet connection, and even on wireless devices. Your GroupWise system can run on NetWare, Linux, Windows, or any combination of these operating systems. GroupWise users can access their mailboxes from desktops running Linux, Windows, or Macintosh; in a Web browser anywhere an Internet connection is available; and even on wireless devices.

Did you know with GroupWise 7, it's very easy to use GroupWise as a backend system to MS Outlook?

Take a look at the GroupWise 7 links through this website.



I Want NetWare!

Microsoft's release of Windows 2003 indirectly raises the question of solution selection between Novell and Microsoft. While improvements have been made to Win2003 in specific areas (particularly closing some security holes and a redesigned Web server), it still suffers from architecture and administration weaknesses which lead to deficiencies in the areas of scalability, openness, administration and security. In addition, the level of features and number of services that are available with Win2003 out-of-the-box are minimal when compared to those available with NetWare® 6.5.

www.iwantnetware.com


Monday, August 08, 2005

How to obtain a coredump from NetWare

Only force a coredump with system hangs at the worst moment of the hang.
To force a coredump in NetWare hold down these four keys:
SHIFT SHIFT ALT ESC and at the prompt type ".c "

Otherwise wait for the ABEND to happen but first prep the server:

1. Turn off ASR (Automatic System Recovery) in BIOS of server.
2. SET AUTO RESTART AFTER ABEND = 0
3. Follow TID 10083803

Coredump type? - - Choose 2
1) Full (all server memory)
2) Full w/o cache (all server memory except file cache)

Compress coredump? (compression will use less disk space, but is slower) -- Choose 1
1) Yes
2) No


4. Rename COREDUMP.IMG to COREBUCKY1.IMG (or something)
5. Send to Novell FTP Host and email Bucky or your Novell Support Person.

ftp://ftp.novell.com/incoming

6. If possible email Bucky or your Novell Support Person a CONFIG.TXT report and ABEND.LOG file.

:LOAD CONFIG /ALL

sys:system\config.txt
sys:system\abend.log

It is possible to automate the process of collecting a coredump by following TID 10076467 and using DBNET6.NLM and DIAG500.NLM which is included with NetWare 6.5 SP2 and later.

Here is an example of a coredump.ncf file:
===================================================
set auto restart after abend = 0
set cpu hot timeout amount = 0
unload diag500
?load dbnet6
?load diag500 -AUTODUMP -COMPRESS -d NETWORK -h 192.168.1.192
#on remote server 192.168.1.192, load imghost vol2: (volume sys: is default)
====================================================

Article - Novell OES provides ties with NetWare and Linux

This is an interesting article from NetWork World / NWFusion.

"Based on our tests, we think OES is a major breakthrough in Novell's long-stated intention to marry its directory and administrative applications to Linux. OES layers a highly competitive directory service onto Linux, provides decidedly evolved administrative and management components and offers very good, egalitarian client support."

Friday, August 05, 2005

Top Issues at Novell

Top Issues at Novell:

  • The Server Migration and Server Consolidation utilities have been merged into one product under the name Server Migration Consolidation Toolkit (SMCT). It is downloadable off the internet.

  • For customers running with IBM Blade servers, we have been seeing an issue where people will lose access to the keyboard for their server. Engineering is working on a version of CIOS.NLM to fix this.

  • Mac directories with a trailing period (.) have a sharing violation when backup programs try to back them up. The backup programs skip these files. The problem is that files with the trailing period are being incorrectly shared between namespaces. Watch for a new patch.

  • Watch for a new MM.NLM that fixes a performance issue on Mirrored NSS partitions. It will increase performance by 80 to 90 %.
  • Watch for a new PARTFIX.NLM utility. I have the latest utility if you need this. Just email me.
- Bucky

Volume will not mount after upgrade to NW65SP3

The following information is taken from TID's and a customer issue that I'd like to pass on:

Symptoms:
Customer upgraded server from NetWare 6.5 SP2 to SP3 and now they cannot mount their volumes. They cannot see their volumes.

ERROR: Partition size exceeds device capacity.

SYS volume will mount but will deactivate quickly

Symptoms very similar to TID 10093547

Fact:
Customer using IBM Hardware or Dell Hardware with PERC2.HAM and PERC2.CDM drivers v2.80
Dell PowerEdge 2650
IBM X series server model 225, 235, 345
This has been seen using the SCSIHD.HAM drivers also.

Error appears upon reboot and then the server hangs

TROUBLESHOOTING: back rev the perc2.ham and perc2.ddi or scsihd.ham and scsihd.ddi to nw65sp2 level drivers. This has worked on several servers.

Cause: One possible cause is that the new .HAM drivers fixed a problem in reported capacity, but the partitions have not yet been updated to accept the correct values.

Fix and Solution:
Run the PARTFIX.NLM utility with the /s switch first, then to repair use the /r switch.
Or check with Novell Support or myself to obtain the latest PARTFIX utility.

Once partfix is run, do a MM SCAN FOR NEW PARTITIONS to allow Media Manager to find the new partition, then do LIST PARTITIONS (look at the logger screen for output).

Also see TID 10096719 - Cannot see Pools after upgrading.

- Bucky

Thursday, August 04, 2005

Novell Q&A

Here's a list of Questions and Answers by Novell System Administrators on NetWare, eDirectory, OES, and more.

These two lists are recent, but also go all the way back to 2000.
Take a quick look.

eDirectory Q&A

OES Linux / NetWare Q&A


- Bucky


Friday, July 29, 2005

GroupWise PDA Sync with Windows Smartphone

Thanks to Joe from EDAW in Denver for the following:

Novell has released a Service Pack to the 1.0 version of GroupWise PDA Connect. Based on some initial tests, this version seems to work well for synchronizing the new Windows Smartphone devices with GroupWise.

I should clarify that Microsoft has two different versions of their mobile OS. The version that runs on Pocket PC devices (i.e. like the new hp iPaq phones) is supported by GW PDA Connect. The version that runs on non-PDA cell phones is not supported (i.e. like the Motorola MPx 200 series).

One slight curve ball comes during installation. You get an option which mobile OS to select (Palm OS, Pocket PC, and Pocket PC 2003). Even though the iPaq runs the 2003 version, when I chose this option, the software did not install correctly on the handheld. When I tried just Pocket PC, it worked fine.

GW PDA Connect is a free download from Novell and works far better than any of the third party GW sync solutions that I've tried (Intellisync and Nexis).


The latest Hotsync Manager for Palm devices and ActiveSync for Pocket PC devices must be installed on the host computer to provide the conduits to the PDA before installing GW PDA Sync.

Thursday, July 21, 2005

Urgent - eDir 8.7.3.6 has been withdrawn

eDirectory 8.7.3.6 or edir8736.exe has been withdrawn from the download site due to an issue that could lead to a loss of data in the eDirectory Database.

If you have not upgraded to IR6, Novell currently recommends that you wait for eDirectory 8.7.3 SP7. That patch will have a fix for this problem. Contact me if you're interested in the Field Test Patch before it goes public.

Related TID's:

More details:
There's a defect that could potentially lead to database corruption. I want to stress that NO customers have experienced corruption to date. In order to experience corruption, a customer would have to meet the following conditions:

1. They would need to have ten thousand or move values on an entry. Moreover, the problem is only with certain attributes. The attributes are the following:


ACL
Inherited ACL
Facsimile Telephone Number
EMail Address
Postal Address
Telephone Number
O
OU
C
L
Network Address
Replica
Transitive Vector


2. The customer would have to run a database repair and disable the "Database Structure Check'.

Is there a way to test for the high values on an entry? Yes there are two ways.

1. Use LDAP - see TID 10098331

2. Use DSBROWSE -CV See TID 10081054

The possibility of entries being incorrectly removed was the reason that eDirectory 8.7.3 IR6 was removed from the public download site.

If you have eDirectory 8.7.3 IR6 installed and entries that meet the error condition, it's possible that a DS Repair could incorrectly remove these problematic entries. If you have IR6 installed, you should take the following precautions:

  • Do not disable the "Database Structure Check" option. If you have problematic entries and leave this enabled, you'll get -150 errors in DS Repair. The entries will not be removed.
  • Make sure to enable the option to use a "Temporary NDS Database" during the repair. If you see messages in the log about entries being purged, do not save the change
  • Test for high values on an entry using LDAP or DSBROWSE -CV9000
- Bucky


Urgent - Java (JCE) will expire on July 28

Novell has identified two products which will be affected by this certificate expiration and recommend that you follow the instructions in the TID's below to avoid interruptions to your business.

DirXML 1.x: (Only Java drivers using SSL and running in a Remote Loader configuration will be affected) - See TID 10098323

ZEN for Servers: (Only encrypted distributions running on any version of ZenWorks Server Management are affected) TID 10098334


Symptom:
Java base driver running within remote loader will not start when configured to use SSL.

On July 28th, 2005, the JCE 1.2.1 will no longer work with the DirXML 1.1a framework. Specifically when running a Java-based driver within the remote loader and have SSL enabled. The solution provided by Sun is to upgrade the 1.2.1 JCE to 1.2.2. To reiterate, this is only a problem with Java base driver shims run within remote loader using SSL to the engine. All other shim are unaffected (including the eDirectory driver).

http://java.sun.com/products/jce/index-122.html

This is a quote from the SUN Website .

"The Java Cryptography Extension (JCE) 1.2.1 is an optional package for J2SE 1.2.x and 1.3.x that provides a framework and implementations for encryption, key generation, key agreement, and Message Authentication Code (MAC) algorithms."

In ZENworks Server Management we employ the JCE to encrypt Distributions. Expiration will render these types of distributions unusable on July 27, 2005. For more information from Sun see Sunalert

- Bucky

Wednesday, July 20, 2005

Use iMonitor instead for eDirectory Health Checks

iMonitor is the preferred tool to check the health of eDirectory. iMonitor is a browser based utility that has it's own http stack on the server. Since eDirectory runs on many platforms, it is in our best interest to become familiar with this valuable tool.

Yes, I still use DSREPAIR to do a quick check on Synchronization, but what if I need a check on Linux?

To access iMonitor, perform the following steps:

  1. First ensure that the iMonitor executable is running on the eDirectory server. (NDSIMON.NLM on NetWare, ndsimonitor on Linux)
  2. Open your Web browser.
  3. In the address (URL) field, enter:

http://server's_TCPIP_address:port/nds

For example:

http://137.65.135.150:8008/nds


Useful Documents on running iMonitor:
  1. iMonitor Basics
  2. More iMonitor Basics
  3. Using iMonitor for eDirectory Health Checks
  4. Using iMonitor for Advanced Troubleshooting
  5. iMonitor in-depth
  6. iMonitor on Linux with eDirectory
- Bucky

Tuesday, July 19, 2005

How often should I run DSREPAIR?

At some onsite visits I have seen NetWare Administrators use CRON jobs to run unattended DSREPAIR's. This is not good! I love this quote, "you don't check your oil level by draining it all out, you use the dipstick."

If you are going to do a repair, you shouldn't use the Unattended option unless you have a really good reason, and those essentially don't exist anymore. If you need to fix something try to fix that one thing instead of throwing your entire database through the DSRepair blender. Usually, things will be okay if you run the repair but some rare situations could cause pain and suffering you will not want to deal with. Don't hammer nails with shotguns ... find problems and troubleshoot them specifically if at all possible. Learn to use iMonitor effectively.

DSRepair is not a maintainence tool, it's a fix tool. Using it properly requires that you understand the problem first - don't use it for a shotgun approach to troubleshooting, as you will nearly always get yourself in deeper by doing that.

Check out these two very good articles on DSREPAIR
  1. Using DSREPAIR Appropriately
  2. More about DSREPAIR
- Bucky

Monday, July 18, 2005

Synthetic Time on Non-NetWare Platforms

The previous article mentioned that NetWare servers will display a warning message on the console when synthetic time is being used. But how about other platforms that eDirectory runs on, such as Windows and Linux? Since eDirectory runs as a service on these platforms there is no console for it to use. There are two ways in which you can determine if synthetic time is being used: health check option in iMonitor or via SNMP reporting.

Article by Peter Kuo

Saturday, July 09, 2005

Treating Synthetic Time with Respect

Many of us have encountered the infamous "Synthetic time is being issues on partition XYZ". Synthetic time occurs when the modification timestamp (MTS) on at least one object in the partition is set to a time that is in the future. We know the general fix is to declare a new time epoch -- even DSRepair tells you that in its log file when it detects objects with future MTSs. However, what is less commonly known is the side-effect of such an action.

Peter Kuo shares a couple of nifty ways to address synthetic time problems, depending on how far in the future the Modification Time Stamp is (years versus hours).

Check out this Novell Cool Solution

Friday, July 08, 2005

News from Premium Service July 2005

There are two Newsletters every month on this blog. This is the second newsletter for the month of July.

News from Premium Service

- Bucky

Thursday, July 07, 2005

The Novell GroupWise 7.0 Public Beta

The Novell GroupWise 7.0 Public Beta has started. Whether you are testing GroupWise in your environment for the first time, or have been using it for years, we welcome you and your comments on our latest version, GroupWise 7.

Download the GroupWise 7.0 Beta now!

Novell GroupWise Sequoia includes several new and exciting features to help increase user productivity and server scalability, as well as new APIs for developers to create more powerful add-on products.

- The user experience provides a fresh look, more powerful features and minimal retraining for users switching between the various clients, or upgrading from GroupWise 6.5.

- A new, colorful calendar interface and navigation highlight the Win32 client.

- The Linux and Mac clients now include rules, a spell checker and junk mail handling.

- Agent scalability has been increased with the addition of IP connections between agents and gateways and improved multi-processor support.

- A new SOAP interface allows server side access of data for partners writing applications.
All of this comes with the same leading security and reliability that GroupWise is known for.

Preview of the Novell GroupWise 7 Client

Preview of Novell GroupWise 7 WebAccess



Wednesday, July 06, 2005

Goodbye Microsoft and Red Hat, Hello Novell and ROI

If you're a county goverment tasked with providing services for half a million citizens—and you have a very finite number of taxpayer dollars to do it—you're going to want to make the most of your limited IT budget. It's not surprising then that Jefferson County, Colorado was looking at Linux and open source applications to serve its 3,500 employees in 46 locations in the Denver metro area.

Jefferson County was already running quite a bit of Linux (mostly Red Hat) and the Novell team in Denver saw an opportunity. Lead by Dan Webster, Named Account Executive, and Mike Friesenegger, Network & Systems Specialist, the team worked with the county to create a major win, both for the citizens of Colorado and for Novell.

Jefferson County will run many of its core applications on Novell SUSE LINUX Enterprise Server 9, including its Electronic Data Management System, Remedy and Oracle applications. The county selected Novell GroupWise over Microsoft Exchange for collaboration and is running the GroupWise Linux client on SUSE LINUX Enterprise Server. Moving to Linux has helped Jefferson County reduce its hardware costs by 50 percent, by replacing large UNIX servers with Intel hardware. The county also reduced its software costs nearly 30 percent with open source products.


Friday, July 01, 2005

Newsletter July 2005

This newsletter is a collection of information from Novell. It is provided to give you insight on how Novell can help.

What is the benefit to you? The biggest benefit is it provides links into Novell's website that can provide you with more information. Information that will help you pro-actively plan and manage your network environment; links where you can find tools, answers and solutions.

See the July 2005 Newsletter for details


SUPPORT ISSUES & INFORMATION

VIRUS Warnings

Technical Information Documents

NEW FILES

Cool Solutions

Advanced Technical Training

Support Life Cycle

Novell In The News


Thursday, June 30, 2005

eDirectory - Explanation of Files

Please review this excellent TID which explains all the NDS or eDirectory files in the sys:\_netware directory and sys:\system directory.

TIP: Remember to backup your eDir / NDS / DIB files regularly with DSREPAIR.
:dsrepair -rc
SYS:\SYSTEM\DSR_DIB\00000000.$DU

More details found in TID 10073559

SYS:\_NETWARE\NDS.01 (Main eDirectory database file)

SYS:\_NETWARE\NDS.RFL\0000001.LOG (Roll forward log)

SYS:\_NETWARE\NDS.DB (Roll back log)

SYS:\_NETWARE\NDS.LCK (NDS Lock file)

SYS:\_NETWARE\ NDSDB.INI (NDS cache configuration file)

SYS:\_NETWARE\NDT.DB (DSRepair temporary database file)

SYS:\_NETWARE\NDT.01 (DSRepair temporary database file)

SYS:\_NETWARE\NDT.RFL\0000001.LOG (DSRepair temporary database file)

SYS:\SYSTEM\DSR_DIB\00000000.$DU (DSRepair database backup)

SYS:\SYSTEM\BACKUP.DS (DSMaint prepare NDS for hardware upgrade)

SYS:\SYSTEM\BACKUP.NDS (NWConfig save local NDS information)

SYS:\SYSTEM\DSREPAIR.LOG (DSRepair log file)

SYS:\SYSTEM\DSTRACE.DBG (Set DSTrace log file)

SYS:\SYSTEM\DSTRACE.LOG (DSTRACE.NLM log file)

Tuesday, June 28, 2005

Post NetWare 6.5 SP3 and OES NW patches

Bucky's List of Post NetWare 6.5 SP3 Patches:

* HP ProLiant Support Pack - 7.30a (non-Novell patch for ProLiant hardware)
http://h18023.www1.hp.com/support/files/server/us/download/22273.html

* eDir 8.7.3 IR 6 + Security Update 8 DS.NLM: 10552.60 Lot's of fixes, see readme.
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2971156.htm
Biggest fix was memory pre-allocation fix. (TID 10097143)
http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097143.htm


* NICI 2.6.7 April 15, 2005 Search on NICI
http://download.novell.com

* NMAS 2.3.8 (ships with eDir 8.7.3.6) - (Fix unable to login issues)
http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097706.htm

* n65nss3a - Post SP3 NSS modules for NetWare 6.5 (Fixes memory cache balance issue)
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2971622.htm

* tsa5up18.exe - Latest SMS and TSA files post NetWare 6.5 SP3
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2971717.htm
 

* 65cifs22 - Update to CIFS on Netware 6.5 SP3
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2971628.htm

* nw65os3a - NetWare 6.5 SP3 Updated SERVER.EXE (only if memory issues appear)
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2971567.htm

* iprntnwpcsp12b -- iPrint NW Post Consolidated Support Pack 12b (Numerous fixes, CPU Hog Abend, see readme)
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2971577.htm

* syscalls3a -- Updated syscalls.nlm to deal with kernel abends
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2971458.htm

* tcp659j -- TCP update for NetWare 6.5
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2971698.htm

* wsock6g -- Winsock update for NetWare 5.1 and 6.x
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2971087.htm

* xnfs3a.exe -- Pose 6.5 SP3 fixes for XNFS (NFS Server)
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2971125.htm
Apply if you're using NFS heavily. Fixes hard links issue


* Notes:
NMAS comes with eDirectory IR6
Apply NMAS 2.3.8 (or greater).
To apply NMAS 2.3.8, you must be running a minimum version of NICI 2.6.7 (found at http://download.novell.com ) and SECUPD8.

You can download NMAS 2.3.8 from the latest eDirectory IR patch ( eDir8736.exe ) Please refer to eDir8736.exe readme for install instructions.

Once eDir8736.exe has been extraced you will find:

SECUPD8 in the following folder:
./security/secupd

NMAS 2.3.8 in the following folder:
./secuirty/nmsrv238



Thursday, June 23, 2005

GroupWise Password Security Issue

I'm not sure if you've heard of this "GroupWise Flaw".
Here are some links that have come through my email inbox. I'm sharing this information with you.

Novell in trouble over GroupWise flaw - ZDNET Australia

Novell GroupWise Plain Text Password Vulnerability

Overview: A Vulnerability exsists in the Novell GroupWise Client that will allow an attacker to identify the id and password of the users GroupWise email account.

Technical Description:
The username and password can be dumped out of memory for the process grpWise.exe while GroupWise is running. Using a tool such a pmdump to dump the memory of the process the username and password are clearly visible in plain text. This can be exploited remotely as well, by using pmdump with something like psexe form Sysinternals

Non Novell Consultant comment:
>>> "David F" 06/22/05 4:27 pm >>>
I ran a PMdump on the Grpwise.exe process. Yes the username and password are in clear text. The grpwise.exe dump was almost 80MB running it the way PMdump showed. I don't see this as much of a security risk as there is nothing in the dump that explcitly tells you, you are looking at a username and password. It is a lot of searching, you can't just type in the word "username" in a find box and find out what you need. You'd need to have implicit knowledge of what you were looking for and the username.

Response from GWAVA:
Other messaging clients operating under the Windows XP platform might also exhibit this vulnerability as it is very common. Please refer to the Recommendations for best practices for reducing your risk for exposure.

Recommendations: Implement screen saver password protection and log out of mail clients when leaving your workstation unattended. Install the patch when it is made available by the vendor. Migrating to Linux based Desktops such as Novell Linux Desktop would also prevent this issue.

Solution - in progress:
Novell is treating this at the Highest Priority. Development is fully engaged in investigating and resolving this issue. Novell will make a public statement once a Patch is available.

This can only be exploited if someone has access to your workstation and is able to run applications against your machine. And of course, if GroupWise is left running unattended.

Workaround: Lock your workstation when you leave your desk OR exit GroupWise when you leave. Locking your Workstation should be common habit anyway or everything on your machine is vulnerable.

- Bucky