From hayley at endlessalgae.net  Fri Jan  2 11:29:16 2009
From: hayley at endlessalgae.net (Hayley Mcclellan)
Date: 2 Jan 2009 06:29:16 -0500
Subject: Happy New Year!
Message-ID: <E1LIiEV-0000TB-Hv@li17-239.members.linode.com>

Happy New Year! 



<a href="http://www.roflposters.com">Motivational Posters</a>




From MGlenn at cco.state.oh.us  Tue Jan  6 14:37:01 2009
From: MGlenn at cco.state.oh.us (Michael Glenn)
Date: Tue, 06 Jan 2009 09:37:01 -0500
Subject: Test Message
Message-ID: <4963263E.33FD.002C.1@cco.state.oh.us>

Hello; just upgraded my email security, and I wanted to make sure it wasn't munching this mailing list.

Thanks.



From jetadmin at gmail.com  Wed Jan  7 04:21:47 2009
From: jetadmin at gmail.com (Eric Rothweiler)
Date: Tue, 6 Jan 2009 23:21:47 -0500
Subject: OES linux time drifts into the future.
In-Reply-To: <493D3501020000850005F10C@FS-LIN-OES>
References: <493D3501020000850005F10C@FS-LIN-OES>
Message-ID: <1d6cdac70901062021u695eb38ew6d574b99d732ae3b@mail.gmail.com>

Trying to start GW with --show via a startup script? I never used
--show with my GW agents on Linux (and don't currently support it so I
can't easily check myself) - don't you need to have a session logged
in to use --show?

Eric

On Mon, Dec 8, 2008 at 2:53 PM, joea at j4computers.com
<joea at j4computers.com> wrote:
> Oh, there is another oddity.   I have several simple scripts, to start GroupWise agents (with --show), which work fine when invoked from command line.    I put these in /etc/scripts and have them ln'd  in /etc/init.d/rc3.d and /etc/init.d/rc5.d, as S91blah S92blah, which should work just fine.   Don't seem to run on startup.  I do have an S90startvnc, in there, and that runs fine on startup.
>
> Yet, I can say /etc/init.d/rc5.d/S9blah and they work fine.

From joea at j4computers.com  Wed Jan  7 11:26:26 2009
From: joea at j4computers.com (joea at j4computers.com)
Date: Wed, 07 Jan 2009 06:26:26 -0500
Subject: OES linux time drifts into the future.
In-Reply-To: <1d6cdac70901062021u695eb38ew6d574b99d732ae3b@mail.gmail.com>
References: <493D3501020000850005F10C@FS-LIN-OES>
	<1d6cdac70901062021u695eb38ew6d574b99d732ae3b@mail.gmail.com>
Message-ID: <49644B12020000850005F35A@FS-LIN-OES>

>>> On 1/6/2009 at 11:21 PM, "Eric Rothweiler" <jetadmin at gmail.com> wrote:
> Trying to start GW with --show via a startup script? I never used
> --show with my GW agents on Linux (and don't currently support it so I
> can't easily check myself) - don't you need to have a session logged
> in to use --show?
> 
> Eric

Normally, yes.  And kill GW agents when one logs out.  But with a VNC session running, and starting GW after that is up, --show will display to that screen.  There may be a little "magic" involved, memory fails.   I will go over again, when situations allow, and post, if you have interest.

joe a.




From oliver at owch.ca  Thu Jan  8 07:13:24 2009
From: oliver at owch.ca (Oliver Wilcock)
Date: Thu, 8 Jan 2009 02:13:24 -0500 (EST)
Subject: how to correct schema problem
In-Reply-To: <mailman.177.1229697502.3853.novell@netlab1.oucs.ox.ac.uk>
References: <mailman.177.1229697502.3853.novell@netlab1.oucs.ox.ac.uk>
Message-ID: <57927.205.211.162.3.1231398804.squirrel@shonsu.owch.ca>

I was unable to make LUM work correctly and I traced it to confusion about
gidNumber (and uidNumber) in the schema.  But I don't know how to fix it.

After puzzling over why LUM considers every user and every group to have
uid=0 and gid=0, I tried some ldapsearches and discovered that requests
for gidNumber and uidNumber don't return results.

I compared relevant attributes in the working tree to problem tree. 
gidNumber appears twice in the problem tree and is confused with groupID /
GID.

ldapsearch -LLL -x -H ldaps://server -D cn=admin,o=mea -W -b "cn=schema"
-s base "*"

unhealthy result:
attributeTypes: ( 2.16.840.1.113719.1.1.4.1.24 NAME ( 'groupID' 'gidNumber' )
 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-NDS_NAME 'GID'
X-NDS_NONR
 EMOVABLE '1' )

healthy tree:
attributeTypes: ( 2.16.840.1.113719.1.1.4.1.24 NAME 'groupID' SYNTAX
1.3.6.1.4
 .1.1466.115.121.1.27 SINGLE-VALUE X-NDS_NAME 'GID' X-NDS_NONREMOVABLE '1' )


Any idea how to fix this?


From bbrush at gmail.com  Thu Jan  8 07:22:53 2009
From: bbrush at gmail.com (Bill Brush)
Date: Thu, 8 Jan 2009 01:22:53 -0600
Subject: how to correct schema problem
In-Reply-To: <57927.205.211.162.3.1231398804.squirrel@shonsu.owch.ca>
References: <mailman.177.1229697502.3853.novell@netlab1.oucs.ox.ac.uk>
	<57927.205.211.162.3.1231398804.squirrel@shonsu.owch.ca>
Message-ID: <167f4090901072322t5e6c060fsb1a32df9a313b6af@mail.gmail.com>

On Thu, Jan 8, 2009 at 1:13 AM, Oliver Wilcock <oliver at owch.ca> wrote:

>
> Any idea how to fix this?

I'm no eDir expert, but for something with this much potential to bork
things up, I'd be on the phone with Novell.

Bill

From TJohnson at lancaster.wnyric.org  Fri Jan  9 21:47:25 2009
From: TJohnson at lancaster.wnyric.org (TJohnson at lancaster.wnyric.org)
Date: Fri, 9 Jan 2009 16:47:25 -0500
Subject: iPrint Print Manager problem
In-Reply-To: <167f4090901072322t5e6c060fsb1a32df9a313b6af@mail.gmail.com>
References: <mailman.177.1229697502.3853.novell@netlab1.oucs.ox.ac.uk><57927.205.211.162.3.1231398804.squirrel@shonsu.owch.ca>
	<167f4090901072322t5e6c060fsb1a32df9a313b6af@mail.gmail.com>
Message-ID: <OFD37594D4.CD29C92F-ON85257539.0077A407-85257539.0077B328@lancaster.wnyric.org>

I am setting up a clustered iprint environment on our test network in
preparation for production implementation and I have run into a problem.
Here is the setup:

All server are virtual on a XenServer 5.0 host

3 server in tree, all SLES10 SP2/OES2 SP1 with latest patches, SLP, DNS,
etc. working with no issues.

2 node NCS cluster with a 20GB native ext3 cluster resource for iPrint,
resource starts and fails over no problem.

Driver store was created and i have added a driver which I see on the
iprint resource mount point (i.e. /mnt/iprint/var/opt/novell/iprint/resdir)

When I create the print manager the object gets created but the print
server will not start I get an error in /var/log/messages that ipsmd
experienced error 506D0201 while creating the print manager database.

Attempts to restart the print manager causes a seg fault.

I have tried to delete and recreate the print manager using the DNS and IP
address of the cluster resource but same result.

Version of novell-iprint-server is:  6.0.20081215-0.3

I have googled on several error numbers and there are TIDS regarding issues
with previous version of novell-iprint-server from April 2008, I am
wondering if this is an OES2 SP1 specific issue.

Any help would be greatly appreciated.

T2

Confidentiality Notice: This electronic mail transmission is intended for the personal and confidential use of the designated recipient(s) named above. This message may contain confidential student or personnel data or an attorney-client communication and as such is privileged and confidential. If you are not the intended recipient, you are hereby notified that you have received this message and any attached documents in error, that any review, dissemination/disclosure, copying, distribution, or taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this transmission in error, please notify the sender immediately by e-mail and delete the original message and documents. Thank you for your cooperation.

From peschmid at mpsomaha.org  Tue Jan 13 19:18:30 2009
From: peschmid at mpsomaha.org (Patrick Schmidt)
Date: Tue, 13 Jan 2009 13:18:30 -0600
Subject: ATT Live
Message-ID: <496C94A7.664C.00E4.0@mpsomaha.org>

We were going to send a couple of people to Brainshare this year. Now the boss is looking at ATT Live. I'm lovin' that idea, but I have a couple of questions:

Is this the first one? Seems like they've been held in the past, but I don't remember for sure.

Has anyone been?

There are a lot of great sessions, how many can you get in the conference? In other words, how long do they last?

Is there any hands on or is it all lecture, demo, Q & A and note taking?

Thanks

--------------------------------------------------
Patrick Schmidt
Millard Public Schools
Network Support Specialist
(402)715-6278
peschmid at mpsomaha.org 
---------------------------------------------------


From geoffreycarman at gmail.com  Tue Jan 13 19:20:53 2009
From: geoffreycarman at gmail.com (Geoffrey Carman)
Date: Tue, 13 Jan 2009 14:20:53 -0500
Subject: ATT Live
In-Reply-To: <496C94A7.664C.00E4.0@mpsomaha.org>
References: <496C94A7.664C.00E4.0@mpsomaha.org>
Message-ID: <993788ac0901131120m30c08f8bk3c59fbcac5aa9a1a@mail.gmail.com>

They had one in December in Provo.  So not the first.  Never gone, so no idea.

On Tue, Jan 13, 2009 at 2:18 PM, Patrick Schmidt <peschmid at mpsomaha.org> wrote:
> We were going to send a couple of people to Brainshare this year. Now the boss is looking at ATT Live. I'm lovin' that idea, but I have a couple of questions:
>
> Is this the first one? Seems like they've been held in the past, but I don't remember for sure.
>
> Has anyone been?
>
> There are a lot of great sessions, how many can you get in the conference? In other words, how long do they last?
>
> Is there any hands on or is it all lecture, demo, Q & A and note taking?
>
> Thanks
>
> --------------------------------------------------
> Patrick Schmidt
> Millard Public Schools
> Network Support Specialist
> (402)715-6278
> peschmid at mpsomaha.org
> ---------------------------------------------------
>
> _______________________________________________
> Novell mailing list
> Novell at netlab1.oucs.ox.ac.uk
> http://netlab1.usu.edu/mailman/listinfo/novell
>



-- 
Geoffrey Carman
geoffreycarman at gmail.com

From geoffreycarman at gmail.com  Tue Jan 13 19:20:53 2009
From: geoffreycarman at gmail.com (Geoffrey Carman)
Date: Tue, 13 Jan 2009 14:20:53 -0500
Subject: ATT Live
In-Reply-To: <496C94A7.664C.00E4.0@mpsomaha.org>
References: <496C94A7.664C.00E4.0@mpsomaha.org>
Message-ID: <993788ac0901131120m30c08f8bk3c59fbcac5aa9a1a@mail.gmail.com>

They had one in December in Provo.  So not the first.  Never gone, so no idea.

On Tue, Jan 13, 2009 at 2:18 PM, Patrick Schmidt <peschmid at mpsomaha.org> wrote:
> We were going to send a couple of people to Brainshare this year. Now the boss is looking at ATT Live. I'm lovin' that idea, but I have a couple of questions:
>
> Is this the first one? Seems like they've been held in the past, but I don't remember for sure.
>
> Has anyone been?
>
> There are a lot of great sessions, how many can you get in the conference? In other words, how long do they last?
>
> Is there any hands on or is it all lecture, demo, Q & A and note taking?
>
> Thanks
>
> --------------------------------------------------
> Patrick Schmidt
> Millard Public Schools
> Network Support Specialist
> (402)715-6278
> peschmid at mpsomaha.org
> ---------------------------------------------------
>
> _______________________________________________
> Novell mailing list
> Novell at netlab1.oucs.ox.ac.uk
> http://netlab1.usu.edu/mailman/listinfo/novell
>



-- 
Geoffrey Carman
geoffreycarman at gmail.com

From bbrush at gmail.com  Tue Jan 13 20:01:35 2009
From: bbrush at gmail.com (Bill Brush)
Date: Tue, 13 Jan 2009 14:01:35 -0600
Subject: ATT Live
In-Reply-To: <496C94A7.664C.00E4.0@mpsomaha.org>
References: <496C94A7.664C.00E4.0@mpsomaha.org>
Message-ID: <167f4090901131201i48adbf98p612f3a70e09d456c@mail.gmail.com>

I went to one a couple years ago.  It was a good experience IMO.

It's kind of Brainshare-lite in that you have the same technical
topics, although they were longer sessions, and there were plenty of
hands-on stuff; however all the after-hours stuff was much smaller
scale, and there were no vendors.  The food was good, but again it
wasn't the ridiculously sumptuous feasts at the Salt Palace.

>From a pure technical training aspect you're going to get more
in-depth about a few subjects at the cost of being able to get
sessions about literally anything you want.  There's still very good
variety though so it's not a huge issue.

I would check the topic list, verify it has what you want to learn
about, and if it does then sign up.  The developers are all right
there in the building next door so if the presenter can't answer a
question they can get someone who can.

Bill

On Tue, Jan 13, 2009 at 1:18 PM, Patrick Schmidt <peschmid at mpsomaha.org> wrote:
> We were going to send a couple of people to Brainshare this year. Now the boss is looking at ATT Live. I'm lovin' that idea, but I have a couple of questions:
>
> Is this the first one? Seems like they've been held in the past, but I don't remember for sure.
>
> Has anyone been?
>
> There are a lot of great sessions, how many can you get in the conference? In other words, how long do they last?
>
> Is there any hands on or is it all lecture, demo, Q & A and note taking?
>
> Thanks
>
> --------------------------------------------------
> Patrick Schmidt
> Millard Public Schools
> Network Support Specialist
> (402)715-6278
> peschmid at mpsomaha.org
> ---------------------------------------------------
>
> _______________________________________________
> Novell mailing list
> Novell at netlab1.oucs.ox.ac.uk
> http://netlab1.usu.edu/mailman/listinfo/novell
>

From peschmid at mpsomaha.org  Tue Jan 13 22:14:57 2009
From: peschmid at mpsomaha.org (Patrick Schmidt)
Date: Tue, 13 Jan 2009 16:14:57 -0600
Subject: ATT Live
In-Reply-To: <167f4090901131201i48adbf98p612f3a70e09d456c@mail.gmail.com>
References: <496C94A7.664C.00E4.0@mpsomaha.org>
	<167f4090901131201i48adbf98p612f3a70e09d456c@mail.gmail.com>
Message-ID: <496CBE04.664C.00E4.0@mpsomaha.org>

Thanks for the info, it looks like it's going to happen. I've always enjoyed Brainshare but could have done without a lot of the marketing type sessions, so this is going to be a good time. I doubt they'll have that coffee bar, though ...

>>> Bill Brush <bbrush at gmail.com> 1/13/2009 2:01 PM >>>
I went to one a couple years ago.  It was a good experience IMO.

It's kind of Brainshare-lite in that you have the same technical
topics, although they were longer sessions, and there were plenty of
hands-on stuff; however all the after-hours stuff was much smaller
scale, and there were no vendors.  The food was good, but again it
wasn't the ridiculously sumptuous feasts at the Salt Palace.

>From a pure technical training aspect you're going to get more
in-depth about a few subjects at the cost of being able to get
sessions about literally anything you want.  There's still very good
variety though so it's not a huge issue.

I would check the topic list, verify it has what you want to learn
about, and if it does then sign up.  The developers are all right
there in the building next door so if the presenter can't answer a
question they can get someone who can.

Bill

On Tue, Jan 13, 2009 at 1:18 PM, Patrick Schmidt <peschmid at mpsomaha.org> wrote:
> We were going to send a couple of people to Brainshare this year. Now the boss is looking at ATT Live. I'm lovin' that idea, but I have a couple of questions:
>
> Is this the first one? Seems like they've been held in the past, but I don't remember for sure.
>
> Has anyone been?
>
> There are a lot of great sessions, how many can you get in the conference? In other words, how long do they last?
>
> Is there any hands on or is it all lecture, demo, Q & A and note taking?
>
> Thanks
>
> --------------------------------------------------
> Patrick Schmidt
> Millard Public Schools
> Network Support Specialist
> (402)715-6278
> peschmid at mpsomaha.org 
> ---------------------------------------------------
>
> _______________________________________________
> Novell mailing list
> Novell at netlab1.oucs.ox.ac.uk 
> http://netlab1.usu.edu/mailman/listinfo/novell 
>
_______________________________________________
Novell mailing list
Novell at netlab1.oucs.ox.ac.uk 
http://netlab1.usu.edu/mailman/listinfo/novell


From bbrush at gmail.com  Tue Jan 13 22:28:51 2009
From: bbrush at gmail.com (Bill Brush)
Date: Tue, 13 Jan 2009 16:28:51 -0600
Subject: ATT Live
In-Reply-To: <496CBE04.664C.00E4.0@mpsomaha.org>
References: <496C94A7.664C.00E4.0@mpsomaha.org>
	<167f4090901131201i48adbf98p612f3a70e09d456c@mail.gmail.com>
	<496CBE04.664C.00E4.0@mpsomaha.org>
Message-ID: <167f4090901131428p558730b6ib399269bfbc6925@mail.gmail.com>

Well based on my experience, they did have a coffee bar, but no pool
and gaming.  No chair massages either, which I really missed.  :-(

Bill

On Tue, Jan 13, 2009 at 4:14 PM, Patrick Schmidt <peschmid at mpsomaha.org> wrote:
> Thanks for the info, it looks like it's going to happen. I've always enjoyed Brainshare but could have done without a lot of the marketing type sessions, so this is going to be a good time. I doubt they'll have that coffee bar, though ...
>

From jcunningham at upei.ca  Thu Jan 15 03:43:36 2009
From: jcunningham at upei.ca (John Cunningham)
Date: Wed, 14 Jan 2009 23:43:36 -0400
Subject: ATT Live
In-Reply-To: <496C94A7.664C.00E4.0@mpsomaha.org>
References: <496C94A7.664C.00E4.0@mpsomaha.org>
Message-ID: <496E78A8.EFF9.0093.0@groupwise.upei.ca>

Hi Patrick et al,
 
I have the fortunate opportunity to be able to comment on this. I attended my first Novell event, ATT Live in 2006. I was very impressed with the technical content and the access to the developers and helpfulness of the Novell staff managing the event. The sessions are short (100-200 minutes), so they're basically excerpts from the full ATT course from which they originated. Some of the sessions provided the entire ATT course material. For example, you might focus on a couple of core chapters and exercises based on the full-blown, multi-day course, but you have the entire course slide deck, instructor notes and labs for reference. Unfortunately, it's hit and miss as to which sessions provided the entire course content.
 
ATT Live sessions tend to be lecture/demo with supporting labs - quite hands on. Since the number in each sesion is relatively small, Q&A and demos outside the syllabus weren't a problem. At the end of the event, we received a DVD with the presentation slide decks from all the sessions, not just the ones we attended.
 
I was sufficiently impressed that I registered for ATT Live 2007, but due to personal circumstances, I was unable to attend.
 
Since I had a flight already booked (heh heh), I persuaded my department to send me to BrainShare 2008 - my first BrainShare! Well, blown away, I was. Very impressive conference, even more so than the HP Tech Summit that I've attended in Las Vegas or Cisco Networkers which I attended several years ago. However, there was less technical information and more demonstrating upcoming products/features and some sales-type sessions. But, there were definitely useful technical sessions to be found. Unfortunately, it was impossible for me to get registered in any of the ATT courses that I wanted during BrainShare. They must have filled up fast. I had been planning to attend BrainShare 2009, but we'll not go there...
 
Of course, the atmosphere, networking, massages, coffee stop (I've never been so hyped up on caffeine!), vendors and access to Novell internal resources available at BrainShare were outstanding. I was able to pick the big, fat brains of ZENworks and GroupWise developers directly and get some very honest answers that I might not have via other Novell (ie: sales) channels.
 
My biggest disappointment with BrainShare was the Learning Lab: every lab I tried didn't work properly and kind of shook my confidence in those products.
 
I attended the recent ATT Live 2008 in early December. It was a better experience than in 2006 in that there was better access to the sessions I wanted and just as good dissemination of information and access to internal Novell resources. I kinda missed the Novell campus tour but that's ok. There was a very tolerable amount of sales propaganda and good networking opportunities (interpersonal, not technical - their wireless access wasn't working for the first day or so). 
 
To summarize, BrainShare is more glitz, glam and socializing - perhaps aimed more at CIOs, IT managers, partners, consultants, etc. I definitely felt "wooed." ATT Live is for technical staff and is more like a 'boot camp.' I would definitely recommend some familiarity with Novell products before attending ATT Live as they do move at brisk pace. And both years, I came away with an overstuffed binder full of good information to which I still refer on occasion.
 
We can't have a BrainShare, but I think ATT Live is a good alternative. 
 
If I was going to improve ATT Live (are you reading this, Jessica?) I would include the entire ATT course content even if only a section is covered and I would include the VMware/Xen virtual machine images used in the labs (or remind people to bring a suitable USB storage device to copy them). Or even better - a Novell branded USB storage device of sufficient capacity.
The food was better at BrainShare, but still quite acceptable. ;)
 
Hope this helps,
John

>>> On 13/01/2009 at 3:18 pm, "Patrick Schmidt" <peschmid at mpsomaha.org> wrote:
We were going to send a couple of people to Brainshare this year. Now the boss is looking at ATT Live. I'm lovin' that idea, but I have a couple of questions:

Is this the first one? Seems like they've been held in the past, but I don't remember for sure.

Has anyone been?

There are a lot of great sessions, how many can you get in the conference? In other words, how long do they last?

Is there any hands on or is it all lecture, demo, Q & A and note taking?

Thanks


From smf34 at cam.ac.uk  Thu Jan 15 09:56:38 2009
From: smf34 at cam.ac.uk (Simon Flood)
Date: Thu, 15 Jan 2009 09:56:38 +0000
Subject: ATT Live
In-Reply-To: <496E78A8.EFF9.0093.0@groupwise.upei.ca>
References: <496C94A7.664C.00E4.0@mpsomaha.org>
	<496E78A8.EFF9.0093.0@groupwise.upei.ca>
Message-ID: <496F0856.8070500@cam.ac.uk>

On 15/01/2009 03:43, John Cunningham wrote:

> If I was going to improve ATT Live (are you reading this, Jessica?) I would include the entire ATT course content even if only a section is covered and I would include the VMware/Xen virtual machine images used in the labs (or remind people to bring a suitable USB storage device to copy them). Or even better - a Novell branded USB storage device of sufficient capacity.

I don't think Jessica is on this mailing list so I'm forwarding the 
above comment on to her.

Hope this helps,
Simon

From jcunningham at upei.ca  Thu Jan 15 16:41:39 2009
From: jcunningham at upei.ca (John Cunningham)
Date: Thu, 15 Jan 2009 12:41:39 -0400
Subject: ATT Live
In-Reply-To: <496F0856.8070500@cam.ac.uk>
References: <496C94A7.664C.00E4.0@mpsomaha.org>
	<496E78A8.EFF9.0093.0@groupwise.upei.ca> <496F0856.8070500@cam.ac.uk>
Message-ID: <496F2F03.EFF9.0093.0@groupwise.upei.ca>

..I might have bcc:'ed her ;)

>>> On 15/01/2009 at 5:56 am, Simon Flood <smf34 at cam.ac.uk> wrote:
On 15/01/2009 03:43, John Cunningham wrote:

> If I was going to improve ATT Live (are you reading this, Jessica?) I would include the entire ATT course content even if only a section is covered and I would include the VMware/Xen virtual machine images used in the labs (or remind people to bring a suitable USB storage device to copy them). Or even better - a Novell branded USB storage device of sufficient capacity.

I don't think Jessica is on this mailing list so I'm forwarding the 
above comment on to her.

Hope this helps,
Simon
_______________________________________________
Novell mailing list
Novell at netlab1.oucs.ox.ac.uk 
http://netlab1.usu.edu/mailman/listinfo/novell

From smf34 at cam.ac.uk  Thu Jan 15 16:44:46 2009
From: smf34 at cam.ac.uk (Simon Flood)
Date: Thu, 15 Jan 2009 16:44:46 +0000
Subject: ATT Live
In-Reply-To: <496F2F03.EFF9.0093.0@groupwise.upei.ca>
References: <496C94A7.664C.00E4.0@mpsomaha.org>	<496E78A8.EFF9.0093.0@groupwise.upei.ca>
	<496F0856.8070500@cam.ac.uk>
	<496F2F03.EFF9.0093.0@groupwise.upei.ca>
Message-ID: <496F67FE.30500@cam.ac.uk>

On 15/01/2009 16:41, John Cunningham wrote:

> ..I might have bcc:'ed her ;)

Whether you did or didn't she's going to contact you directly.

Hope this helps,
Simon

From joea at j4computers.com  Fri Jan 16 14:22:35 2009
From: joea at j4computers.com (joea at j4computers.com)
Date: Fri, 16 Jan 2009 09:22:35 -0500
Subject: Identity Manager minimum "components"
Message-ID: <497051D3020000850005F43D@FS-LIN-OES>

Looking over IM, for the first time in a while, in prepartation for an imminent meeting on synching data between AD and eDir.
 
Thinking of offering IM as a potential solution.  However, not clear from an skim over, just what needs to be installed for simple data (and passwords, one supposes, as a sweetener) sync.
 
I see
 
IM "metadirectory" system (surely needed)
Web Based Admin Server (surely needed)
Secure Logging Service (?)
User Application server (?)
User Application Browser (?)
Audit (?)
OpenXDAS (?)
User Application SSO integration (?)
other stuff.
 
This looks far too complicated to get a handle on in an hour but as a start, are the ? marked items optional, depending on need/desires, or required?
 
joe a.


From bbrush at gmail.com  Fri Jan 16 15:11:19 2009
From: bbrush at gmail.com (Bill Brush)
Date: Fri, 16 Jan 2009 09:11:19 -0600
Subject: Identity Manager minimum "components"
In-Reply-To: <497051D3020000850005F43D@FS-LIN-OES>
References: <497051D3020000850005F43D@FS-LIN-OES>
Message-ID: <167f4090901160711i3475e6a9s10406b917ce9eaae@mail.gmail.com>

Basically all you really need for AD syncing are:

One eDirectory (may or may not be a "meta-directory, I just use my
production eDir tree)
One IDM engine (Linux, Windows, or Netware)
One Remote Loader (on a Windows box)
One installation of iManager with IDM plugins (Web based admin server)

Everything else is gravy.  I'd throw in a copy of Designer just to
make life a little easier on you.

Bill

On Fri, Jan 16, 2009 at 8:22 AM, joea at j4computers.com
<joea at j4computers.com> wrote:
> Looking over IM, for the first time in a while, in prepartation for an imminent meeting on synching data between AD and eDir.
>
> Thinking of offering IM as a potential solution.  However, not clear from an skim over, just what needs to be installed for simple data (and passwords, one supposes, as a sweetener) sync.
>
> I see
>
> IM "metadirectory" system (surely needed)
> Web Based Admin Server (surely needed)
> Secure Logging Service (?)
> User Application server (?)
> User Application Browser (?)
> Audit (?)
> OpenXDAS (?)
> User Application SSO integration (?)
> other stuff.
>
> This looks far too complicated to get a handle on in an hour but as a start, are the ? marked items optional, depending on need/desires, or required?
>
> joe a.
>
> _______________________________________________
> Novell mailing list
> Novell at netlab1.oucs.ox.ac.uk
> http://netlab1.usu.edu/mailman/listinfo/novell
>

From James.Taylor at eastcobbgroup.com  Fri Jan 16 15:13:29 2009
From: James.Taylor at eastcobbgroup.com (James Taylor)
Date: Fri, 16 Jan 2009 10:13:29 -0500
Subject: Identity Manager minimum "components"
In-Reply-To: <497051D3020000850005F43D@FS-LIN-OES>
References: <497051D3020000850005F43D@FS-LIN-OES>
Message-ID: <49705DC90200007500042595@inet.eastcobbgroup.com>

All you need to sync AD is the minimum product.
If you an OES license, then everything you need is in the "Bundle Edition" included with the OES entitlement.
Identity Manager has additional functionality provided through additional options, such as the Provisioning Agent and the User Application, but that is not necessary to sync AD.

If you are only syncing AD, with no plans to sync other systems, then there really isn't a need for an Identity Vault, and the one server could be used for all IM functions.

You can hack an AD/eDir sync solution together to get this working, but if you don't have a very strong DS and AD background, along with maybe some reasonable coding skills, I would recommend contracting this to someone that can do it more quickly, efficiently, and ultimately, less expensively that doing it yourself.

I would roughly estimate that on a fairly simple AD/eDir sync, you would spend, at a bare minimum,a week of hands-on (not chronological) to get it going, including requirements analysis (absolutely required) and testing prior to roll-out.  
-jt
 

James Taylor
The East Cobb Group, Inc.
678-697-9420
james.taylor at eastcobbgroup.com
http://www.eastcobbgroup.com




>>> "joea at j4computers.com" <joea at j4computers.com> 1/16/2009 09:22 AM >>> 
Looking over IM, for the first time in a while, in prepartation for an imminent meeting on synching data between AD and eDir.
 
Thinking of offering IM as a potential solution.  However, not clear from an skim over, just what needs to be installed for simple data (and passwords, one supposes, as a sweetener) sync.
 
I see
 
IM "metadirectory" system (surely needed)
Web Based Admin Server (surely needed)
Secure Logging Service (?)
User Application server (?)
User Application Browser (?)
Audit (?)
OpenXDAS (?)
User Application SSO integration (?)
other stuff.
 
This looks far too complicated to get a handle on in an hour but as a start, are the ? marked items optional, depending on need/desires, or required?
 
joe a.

_______________________________________________
Novell mailing list
Novell at netlab1.oucs.ox.ac.uk
http://netlab1.usu.edu/mailman/listinfo/novell



From geoffreycarman at gmail.com  Fri Jan 16 15:32:41 2009
From: geoffreycarman at gmail.com (Geoffrey Carman)
Date: Fri, 16 Jan 2009 10:32:41 -0500
Subject: Identity Manager minimum "components"
In-Reply-To: <49705DC90200007500042595@inet.eastcobbgroup.com>
References: <497051D3020000850005F43D@FS-LIN-OES>
	<49705DC90200007500042595@inet.eastcobbgroup.com>
Message-ID: <993788ac0901160732u1862bd3cqb0db339e85dac305@mail.gmail.com>

I will disagree slightly with James and say that the AD driver is
probably the easiest out of the box install, and is worth attempting
on your own.

There is a lot of great stuff on Cool Solutions about the AD driver
specifically.  Aaron Burgemeister (works at NTS) responds on the
forums as ab at novell.com and has written a number of good starting up
articles on teh AD driver.

Look at the forums and Cool solutions if you need help.  (Post here as
well if you like).

Ironically eDir-eDir driver because of a unique twist in the design is
one of the more complex drivers (till you understand the twist, then
you say, "Of course it has to be that way").



On Fri, Jan 16, 2009 at 10:13 AM, James Taylor
<James.Taylor at eastcobbgroup.com> wrote:
> All you need to sync AD is the minimum product.
> If you an OES license, then everything you need is in the "Bundle Edition" included with the OES entitlement.
> Identity Manager has additional functionality provided through additional options, such as the Provisioning Agent and the User Application, but that is not necessary to sync AD.
>
> If you are only syncing AD, with no plans to sync other systems, then there really isn't a need for an Identity Vault, and the one server could be used for all IM functions.
>
> You can hack an AD/eDir sync solution together to get this working, but if you don't have a very strong DS and AD background, along with maybe some reasonable coding skills, I would recommend contracting this to someone that can do it more quickly, efficiently, and ultimately, less expensively that doing it yourself.
>
> I would roughly estimate that on a fairly simple AD/eDir sync, you would spend, at a bare minimum,a week of hands-on (not chronological) to get it going, including requirements analysis (absolutely required) and testing prior to roll-out.
> -jt
>
>
> James Taylor
> The East Cobb Group, Inc.
> 678-697-9420
> james.taylor at eastcobbgroup.com
> http://www.eastcobbgroup.com
>
>
>
>
>>>> "joea at j4computers.com" <joea at j4computers.com> 1/16/2009 09:22 AM >>>
> Looking over IM, for the first time in a while, in prepartation for an imminent meeting on synching data between AD and eDir.
>
> Thinking of offering IM as a potential solution.  However, not clear from an skim over, just what needs to be installed for simple data (and passwords, one supposes, as a sweetener) sync.
>
> I see
>
> IM "metadirectory" system (surely needed)
> Web Based Admin Server (surely needed)
> Secure Logging Service (?)
> User Application server (?)
> User Application Browser (?)
> Audit (?)
> OpenXDAS (?)
> User Application SSO integration (?)
> other stuff.
>
> This looks far too complicated to get a handle on in an hour but as a start, are the ? marked items optional, depending on need/desires, or required?
>
> joe a.
>
> _______________________________________________
> Novell mailing list
> Novell at netlab1.oucs.ox.ac.uk
> http://netlab1.usu.edu/mailman/listinfo/novell
>
>
> _______________________________________________
> Novell mailing list
> Novell at netlab1.oucs.ox.ac.uk
> http://netlab1.usu.edu/mailman/listinfo/novell
>



-- 
Geoffrey Carman
geoffreycarman at gmail.com

From James.Taylor at eastcobbgroup.com  Fri Jan 16 15:53:44 2009
From: James.Taylor at eastcobbgroup.com (James Taylor)
Date: Fri, 16 Jan 2009 10:53:44 -0500
Subject: Identity Manager minimum "components"
In-Reply-To: <993788ac0901160732u1862bd3cqb0db339e85dac305@mail.gmail.com>
References: <497051D3020000850005F43D@FS-LIN-OES>
	<49705DC90200007500042595@inet.eastcobbgroup.com>
	<993788ac0901160732u1862bd3cqb0db339e85dac305@mail.gmail.com>
Message-ID: <4970673802000075000425C9@inet.eastcobbgroup.com>

I don't disagree that the AD driver is easy to install and set up.  My experience is that if you don't have good basis for your setup, and understand it well enough to maintain it properly, then it will eventually come back and bite you  in the nether regions.  It will be a bit of a black box that you don't want to touch because you don't know what might happen if you do.  I've run across systems that someone put together and left, or hasn't touched for a couple of years, and now no one really knows how it was set up anymore.
I'm not saying it's not something that can't be done. I'm just saying it should be well planned, and it should be very carefully implemented with a full understanding of all of the ramifications of the initial installation and the maintenance.
-jt


James Taylor
The East Cobb Group, Inc.
678-697-9420
james.taylor at eastcobbgroup.com
http://www.eastcobbgroup.com




>>> "Geoffrey Carman" <geoffreycarman at gmail.com> 1/16/2009 10:32 AM >>> 
I will disagree slightly with James and say that the AD driver is
probably the easiest out of the box install, and is worth attempting
on your own.

There is a lot of great stuff on Cool Solutions about the AD driver
specifically.  Aaron Burgemeister (works at NTS) responds on the
forums as ab at novell.com and has written a number of good starting up
articles on teh AD driver.

Look at the forums and Cool solutions if you need help.  (Post here as
well if you like).

Ironically eDir-eDir driver because of a unique twist in the design is
one of the more complex drivers (till you understand the twist, then
you say, "Of course it has to be that way").



On Fri, Jan 16, 2009 at 10:13 AM, James Taylor
<James.Taylor at eastcobbgroup.com> wrote:
> All you need to sync AD is the minimum product.
> If you an OES license, then everything you need is in the "Bundle Edition" included with the OES entitlement.
> Identity Manager has additional functionality provided through additional options, such as the Provisioning Agent and the User Application, but that is not necessary to sync AD.
>
> If you are only syncing AD, with no plans to sync other systems, then there really isn't a need for an Identity Vault, and the one server could be used for all IM functions.
>
> You can hack an AD/eDir sync solution together to get this working, but if you don't have a very strong DS and AD background, along with maybe some reasonable coding skills, I would recommend contracting this to someone that can do it more quickly, efficiently, and ultimately, less expensively that doing it yourself.
>
> I would roughly estimate that on a fairly simple AD/eDir sync, you would spend, at a bare minimum,a week of hands-on (not chronological) to get it going, including requirements analysis (absolutely required) and testing prior to roll-out.
> -jt
>
>
> James Taylor
> The East Cobb Group, Inc.
> 678-697-9420
> james.taylor at eastcobbgroup.com
> http://www.eastcobbgroup.com
>
>
>
>
>>>> "joea at j4computers.com" <joea at j4computers.com> 1/16/2009 09:22 AM >>>
> Looking over IM, for the first time in a while, in prepartation for an imminent meeting on synching data between AD and eDir.
>
> Thinking of offering IM as a potential solution.  However, not clear from an skim over, just what needs to be installed for simple data (and passwords, one supposes, as a sweetener) sync.
>
> I see
>
> IM "metadirectory" system (surely needed)
> Web Based Admin Server (surely needed)
> Secure Logging Service (?)
> User Application server (?)
> User Application Browser (?)
> Audit (?)
> OpenXDAS (?)
> User Application SSO integration (?)
> other stuff.
>
> This looks far too complicated to get a handle on in an hour but as a start, are the ? marked items optional, depending on need/desires, or required?
>
> joe a.
>
> _______________________________________________
> Novell mailing list
> Novell at netlab1.oucs.ox.ac.uk
> http://netlab1.usu.edu/mailman/listinfo/novell
>
>
> _______________________________________________
> Novell mailing list
> Novell at netlab1.oucs.ox.ac.uk
> http://netlab1.usu.edu/mailman/listinfo/novell
>



-- 
Geoffrey Carman
geoffreycarman at gmail.com
_______________________________________________
Novell mailing list
Novell at netlab1.oucs.ox.ac.uk
http://netlab1.usu.edu/mailman/listinfo/novell


From geoffreycarman at gmail.com  Fri Jan 16 16:15:39 2009
From: geoffreycarman at gmail.com (Geoffrey Carman)
Date: Fri, 16 Jan 2009 11:15:39 -0500
Subject: Identity Manager minimum "components"
In-Reply-To: <4970673802000075000425C9@inet.eastcobbgroup.com>
References: <497051D3020000850005F43D@FS-LIN-OES>
	<49705DC90200007500042595@inet.eastcobbgroup.com>
	<993788ac0901160732u1862bd3cqb0db339e85dac305@mail.gmail.com>
	<4970673802000075000425C9@inet.eastcobbgroup.com>
Message-ID: <993788ac0901160815i5ed759a4u50588bece07464aa@mail.gmail.com>

I can agree with everything james just said.

I think the distoinction I was trying to make is that the AD driver
may be the easiest on to learn with!

I did make the point well that it is best if you grow the talent in
house.  Even though I am an idm consultant, and if you are in the nyc
region and want to hire us just let me know.

But I would recommend he learn as much as he can on his own as well!!!

On 1/16/09, James Taylor <James.Taylor at eastcobbgroup.com> wrote:
> I don't disagree that the AD driver is easy to install and set up.  My
> experience is that if you don't have good basis for your setup, and
> understand it well enough to maintain it properly, then it will eventually
> come back and bite you  in the nether regions.  It will be a bit of a black
> box that you don't want to touch because you don't know what might happen if
> you do.  I've run across systems that someone put together and left, or
> hasn't touched for a couple of years, and now no one really knows how it was
> set up anymore.
> I'm not saying it's not something that can't be done. I'm just saying it
> should be well planned, and it should be very carefully implemented with a
> full understanding of all of the ramifications of the initial installation
> and the maintenance.
> -jt
>
>
> James Taylor
> The East Cobb Group, Inc.
> 678-697-9420
> james.taylor at eastcobbgroup.com
> http://www.eastcobbgroup.com
>
>
>
>
>>>> "Geoffrey Carman" <geoffreycarman at gmail.com> 1/16/2009 10:32 AM >>>
> I will disagree slightly with James and say that the AD driver is
> probably the easiest out of the box install, and is worth attempting
> on your own.
>
> There is a lot of great stuff on Cool Solutions about the AD driver
> specifically.  Aaron Burgemeister (works at NTS) responds on the
> forums as ab at novell.com and has written a number of good starting up
> articles on teh AD driver.
>
> Look at the forums and Cool solutions if you need help.  (Post here as
> well if you like).
>
> Ironically eDir-eDir driver because of a unique twist in the design is
> one of the more complex drivers (till you understand the twist, then
> you say, "Of course it has to be that way").
>
>
>
> On Fri, Jan 16, 2009 at 10:13 AM, James Taylor
> <James.Taylor at eastcobbgroup.com> wrote:
>> All you need to sync AD is the minimum product.
>> If you an OES license, then everything you need is in the "Bundle Edition"
>> included with the OES entitlement.
>> Identity Manager has additional functionality provided through additional
>> options, such as the Provisioning Agent and the User Application, but that
>> is not necessary to sync AD.
>>
>> If you are only syncing AD, with no plans to sync other systems, then
>> there really isn't a need for an Identity Vault, and the one server could
>> be used for all IM functions.
>>
>> You can hack an AD/eDir sync solution together to get this working, but if
>> you don't have a very strong DS and AD background, along with maybe some
>> reasonable coding skills, I would recommend contracting this to someone
>> that can do it more quickly, efficiently, and ultimately, less expensively
>> that doing it yourself.
>>
>> I would roughly estimate that on a fairly simple AD/eDir sync, you would
>> spend, at a bare minimum,a week of hands-on (not chronological) to get it
>> going, including requirements analysis (absolutely required) and testing
>> prior to roll-out.
>> -jt
>>
>>
>> James Taylor
>> The East Cobb Group, Inc.
>> 678-697-9420
>> james.taylor at eastcobbgroup.com
>> http://www.eastcobbgroup.com
>>
>>
>>
>>
>>>>> "joea at j4computers.com" <joea at j4computers.com> 1/16/2009 09:22 AM >>>
>> Looking over IM, for the first time in a while, in prepartation for an
>> imminent meeting on synching data between AD and eDir.
>>
>> Thinking of offering IM as a potential solution.  However, not clear from
>> an skim over, just what needs to be installed for simple data (and
>> passwords, one supposes, as a sweetener) sync.
>>
>> I see
>>
>> IM "metadirectory" system (surely needed)
>> Web Based Admin Server (surely needed)
>> Secure Logging Service (?)
>> User Application server (?)
>> User Application Browser (?)
>> Audit (?)
>> OpenXDAS (?)
>> User Application SSO integration (?)
>> other stuff.
>>
>> This looks far too complicated to get a handle on in an hour but as a
>> start, are the ? marked items optional, depending on need/desires, or
>> required?
>>
>> joe a.
>>
>> _______________________________________________
>> Novell mailing list
>> Novell at netlab1.oucs.ox.ac.uk
>> http://netlab1.usu.edu/mailman/listinfo/novell
>>
>>
>> _______________________________________________
>> Novell mailing list
>> Novell at netlab1.oucs.ox.ac.uk
>> http://netlab1.usu.edu/mailman/listinfo/novell
>>
>
>
>
> --
> Geoffrey Carman
> geoffreycarman at gmail.com
> _______________________________________________
> Novell mailing list
> Novell at netlab1.oucs.ox.ac.uk
> http://netlab1.usu.edu/mailman/listinfo/novell
>
> _______________________________________________
> Novell mailing list
> Novell at netlab1.oucs.ox.ac.uk
> http://netlab1.usu.edu/mailman/listinfo/novell
>

-- 
Sent from my mobile device

Geoffrey Carman
geoffreycarman at gmail.com

From bbrush at gmail.com  Fri Jan 16 17:32:25 2009
From: bbrush at gmail.com (Bill Brush)
Date: Fri, 16 Jan 2009 11:32:25 -0600
Subject: Identity Manager minimum "components"
In-Reply-To: <993788ac0901160815i5ed759a4u50588bece07464aa@mail.gmail.com>
References: <497051D3020000850005F43D@FS-LIN-OES>
	<49705DC90200007500042595@inet.eastcobbgroup.com>
	<993788ac0901160732u1862bd3cqb0db339e85dac305@mail.gmail.com>
	<4970673802000075000425C9@inet.eastcobbgroup.com>
	<993788ac0901160815i5ed759a4u50588bece07464aa@mail.gmail.com>
Message-ID: <167f4090901160932q175e7470ib63ba4db3a34e88c@mail.gmail.com>

For what it's worth, I installed our IDM infrastructure with a lot of
"learn as you go."  No actual classes on IDM, but a lot of Brainshare
sessions on the topic.  No consultants, since there aren't any
locally.

In my experience you can get a perfectly serviceable installation
without a lot of work.  Is my installation optimized?  Probably not.
Does it work?  Yes.  I now have 1 eDir syncing with 3 AD's with
different entitlements.  I've been through 3 or 4 IDM upgrades.  I've
installed the user app, in fact I have two user app servers.

The thing is, this is a fairly small shop so it's much easier for me
to spend my time learning the software and testing my understanding
than it is to drop $20K on a consultant (real life number, not a
guess.)  Would I go into a situation with my skills where I had to
sync a million user directory?  Hell no.  Would I feel comfortable
with a thousand or two?  Probably.

IDM is not that complicated as a tool.  If you want to customize it to
the nth degree, then it becomes much more involved, but the "out of
the box" AD driver configuration works fine for 99% of your installs.

My suggestion would be to do what I did.  Grab VMware, load up an AD
box, install IDM and eDir on something (could be the same AD box) and
test it.  I've got a some internal instructions from NTS that I've
found to be the best info on what the choices actually mean, and while
it was written for Dirxml 1.1a, it's still basically the same driver.

Bill

On Fri, Jan 16, 2009 at 10:15 AM, Geoffrey Carman
<geoffreycarman at gmail.com> wrote:
> I can agree with everything james just said.
>

From geoffreycarman at gmail.com  Fri Jan 16 20:10:20 2009
From: geoffreycarman at gmail.com (Geoffrey Carman)
Date: Fri, 16 Jan 2009 15:10:20 -0500
Subject: Identity Manager minimum "components"
In-Reply-To: <167f4090901160932q175e7470ib63ba4db3a34e88c@mail.gmail.com>
References: <497051D3020000850005F43D@FS-LIN-OES>
	<49705DC90200007500042595@inet.eastcobbgroup.com>
	<993788ac0901160732u1862bd3cqb0db339e85dac305@mail.gmail.com>
	<4970673802000075000425C9@inet.eastcobbgroup.com>
	<993788ac0901160815i5ed759a4u50588bece07464aa@mail.gmail.com>
	<167f4090901160932q175e7470ib63ba4db3a34e88c@mail.gmail.com>
Message-ID: <993788ac0901161210p2c45527csc044395a6d913a93@mail.gmail.com>

so as I said earlier, I am a consultant.  But I agree with your point.
 If I drop in from the sky, deliver it complete, you will be afraid to
death to touch it.

Far better for you to know what you have, know how to make it work,
then get outside help for the hard stuff.

Nothing personal but a bog standard AD driver is kind of boring.  :)

Much rather be doing interesting stuff.  Which once you realize how
useful IDM is, you will start to consider wanting done. Then we become
more useful for interesting stuff.

We see a lot of places with built IDM solutions they are literally
scared to touch.  I think that is a terrible place to be.  You should
know and understand all the stuff you run.

So go for it!  Lots of good resources to learn from.  Forums, Cool SolutionsL

Aaron B's articles at:
http://www.novell.com/communities/user/55/track

He has a series on getting started with the AD driver that is pretty good.

Once you get into more interesting stuff and understand the basics, a
couple of good walk throughs to get an understanding of what is going
on, I think are some I wrote for that purpose:

How the password rules in the Command Transform work (Why/How a modify
attr of nspmDistributionPassword becomes a <modify-password> event,
and vica versa).
http://www.novell.com/communities/node/1474/password-transformation-rule-sets

Walking through the AD driver to use GCV's for DN values:
http://www.novell.com/communities/node/4335/how-gcvize-a-driver-part-1-subscriber-channel

http://www.novell.com/communities/node/4336/how-gcvize-a-driver-part-2

What happens when group membership changes in AD...

http://www.novell.com/communities/node/5729/watching-group-membership-changes-coming-ad-driver

lots and lots of great content on Cool Solutions.  You do not need a
training course.  Whoever suggested a VM and try it and play, ask
questions here, on the forums, etc, and then learn that way, had it
correct!



On Fri, Jan 16, 2009 at 12:32 PM, Bill Brush <bbrush at gmail.com> wrote:
> For what it's worth, I installed our IDM infrastructure with a lot of
> "learn as you go."  No actual classes on IDM, but a lot of Brainshare
> sessions on the topic.  No consultants, since there aren't any
> locally.
>
> In my experience you can get a perfectly serviceable installation
> without a lot of work.  Is my installation optimized?  Probably not.
> Does it work?  Yes.  I now have 1 eDir syncing with 3 AD's with
> different entitlements.  I've been through 3 or 4 IDM upgrades.  I've
> installed the user app, in fact I have two user app servers.
>
> The thing is, this is a fairly small shop so it's much easier for me
> to spend my time learning the software and testing my understanding
> than it is to drop $20K on a consultant (real life number, not a
> guess.)  Would I go into a situation with my skills where I had to
> sync a million user directory?  Hell no.  Would I feel comfortable
> with a thousand or two?  Probably.
>
> IDM is not that complicated as a tool.  If you want to customize it to
> the nth degree, then it becomes much more involved, but the "out of
> the box" AD driver configuration works fine for 99% of your installs.
>
> My suggestion would be to do what I did.  Grab VMware, load up an AD
> box, install IDM and eDir on something (could be the same AD box) and
> test it.  I've got a some internal instructions from NTS that I've
> found to be the best info on what the choices actually mean, and while
> it was written for Dirxml 1.1a, it's still basically the same driver.
>
> Bill
>
> On Fri, Jan 16, 2009 at 10:15 AM, Geoffrey Carman
> <geoffreycarman at gmail.com> wrote:
>> I can agree with everything james just said.
>>
> _______________________________________________
> Novell mailing list
> Novell at netlab1.oucs.ox.ac.uk
> http://netlab1.usu.edu/mailman/listinfo/novell
>



-- 
Geoffrey Carman
geoffreycarman at gmail.com

From MGlenn at cco.state.oh.us  Sun Jan 18 17:07:08 2009
From: MGlenn at cco.state.oh.us (Michael Glenn)
Date: Sun, 18 Jan 2009 12:07:08 -0500
Subject: Identity Manager minimum "components"
In-Reply-To: <167f4090901160932q175e7470ib63ba4db3a34e88c@mail.gmail.com>
References: <497051D3020000850005F43D@FS-LIN-OES>
	<49705DC90200007500042595@inet.eastcobbgroup.com>
	<993788ac0901160732u1862bd3cqb0db339e85dac305@mail.gmail.com>
	<4970673802000075000425C9@inet.eastcobbgroup.com>
	<993788ac0901160815i5ed759a4u50588bece07464aa@mail.gmail.com>
	<167f4090901160932q175e7470ib63ba4db3a34e88c@mail.gmail.com>
Message-ID: <49731B6A.33FD.002C.1@cco.state.oh.us>

Ditto. I needed a unidirectional NDS-to-AD sync with a handful of user attribute filters, so I sat down and read the fine manual over the course of a weekend (lots of coffee required), blew-up a lab setup five times, then put it out there. I *did* make one call to Novell when some sync traffic refused to propagate properly (it's a very old tree), but it's worked ever since. I'm now kicking-around the idea of using it to control our DBMS access security. 

Major drawback to IDM 3.5 (IMO): It really could use a much more transparent debugging mechanism, and an out-of-the-box method of capturing, saving, then re-introducing sync traffic for testing purposes would be a big help.


>>> Bill Brush <bbrush at gmail.com> 01/16/2009 12:32 >>>
For what it's worth, I installed our IDM infrastructure with a lot of
"learn as you go."  


From James.Taylor at eastcobbgroup.com  Sun Jan 18 18:48:47 2009
From: James.Taylor at eastcobbgroup.com (James Taylor)
Date: Sun, 18 Jan 2009 13:48:47 -0500
Subject: Identity Manager minimum "components"
In-Reply-To: <49731B6A.33FD.002C.1@cco.state.oh.us>
References: <497051D3020000850005F43D@FS-LIN-OES>
	<49705DC90200007500042595@inet.eastcobbgroup.com>
	<993788ac0901160732u1862bd3cqb0db339e85dac305@mail.gmail.com>
	<4970673802000075000425C9@inet.eastcobbgroup.com>
	<993788ac0901160815i5ed759a4u50588bece07464aa@mail.gmail.com>
	<167f4090901160932q175e7470ib63ba4db3a34e88c@mail.gmail.com>
	<49731B6A.33FD.002C.1@cco.state.oh.us>
Message-ID: <4973333F0200007500029454@inet.eastcobbgroup.com>

The Designer tool is excellent for configuring and debugging new installations and tweaking old ones.
It allows everything you are asking for and is being updated almost daily.

http://www.novell.com/coolsolutions/dirxml/designer

-jt 
 

James Taylor
The East Cobb Group, Inc.
678-697-9420
james.taylor at eastcobbgroup.com
http://www.eastcobbgroup.com




>>> "Michael Glenn" <MGlenn at cco.state.oh.us> 1/18/2009 12:07 PM >>> 
Ditto. I needed a unidirectional NDS-to-AD sync with a handful of user attribute filters, so I sat down and read the fine manual over the course of a weekend (lots of coffee required), blew-up a lab setup five times, then put it out there. I *did* make one call to Novell when some sync traffic refused to propagate properly (it's a very old tree), but it's worked ever since. I'm now kicking-around the idea of using it to control our DBMS access security. 

Major drawback to IDM 3.5 (IMO): It really could use a much more transparent debugging mechanism, and an out-of-the-box method of capturing, saving, then re-introducing sync traffic for testing purposes would be a big help.


>>> Bill Brush <bbrush at gmail.com> 01/16/2009 12:32 >>>
For what it's worth, I installed our IDM infrastructure with a lot of
"learn as you go."  

_______________________________________________
Novell mailing list
Novell at netlab1.oucs.ox.ac.uk
http://netlab1.usu.edu/mailman/listinfo/novell



From cal.frye at oberlin.edu  Tue Jan 20 00:05:32 2009
From: cal.frye at oberlin.edu (Cal Frye)
Date: Mon, 19 Jan 2009 19:05:32 -0500
Subject: NetMail assistance?
Message-ID: <4975154C.7020604@oberlin.edu>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hey, all,
Gee, I hate email sometimes!

Nsure Audit blew up on me on my home/test server. It's there for NetMail, which switched
to Audit for logging with version 3.5. Now I can't get IMS to load, and I can't find my
NetMail CD to attempt a reinstall. Plus, the tape drive has gone bad, so backups are not
immediately at hand.

Anyone have an ISO image of Netmail 3.5, 3.51 or 3.52 I could have to try to get this
thing limping along again?

Think I'm going to migrate it all to something simpler, but I need to at least get into my
archived messages and the listserv configurations...

- --
Best Wishes for 2009,
- -- Cal Frye, Network Administrator, Oberlin College
   Mudd Library, x.56930 -- CIT will NEVER ask you for your password!

   www.calfrye.com,  www.pitalabs.com


"I'm not afraid of storms, for I'm learning how to sail my ship. --Louisa May Alcott.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)

iEYEARECAAYFAkl1FUwACgkQyHqSEmCod+up+wCfcPWBsDkyMgvKSZJA/3Xnwlxj
cewAn0TKBCxqPk/V/gC0tqc47qSKIc05
=avHv
-----END PGP SIGNATURE-----

From cal.frye at oberlin.edu  Tue Jan 20 03:24:22 2009
From: cal.frye at oberlin.edu (Cal Frye)
Date: Mon, 19 Jan 2009 22:24:22 -0500
Subject: NetMail assistance?
In-Reply-To: <4975154C.7020604@oberlin.edu>
References: <4975154C.7020604@oberlin.edu>
Message-ID: <497543E6.6020300@oberlin.edu>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cal Frye wrote:
> Hey, all,
> Gee, I hate email sometimes!
> 
> Nsure Audit blew up on me on my home/test server. It's there for NetMail, which switched
> to Audit for logging with version 3.5. Now I can't get IMS to load, and I can't find my
> NetMail CD to attempt a reinstall. Plus, the tape drive has gone bad, so backups are not
> immediately at hand.

Well, replying to my own message, I was able to get most of it to load again, finally. It
can't connect with Audit, but that no longer is causing it to refuse to start. I still
wouldn't mind a fresh copy of the installation disk, as with the divestiture of NetMail it
no longer seems to be available anywhere any longer, but I can be more patient again,
thanks ;-)

- --
Best Wishes for 2009,
- -- Cal Frye, Network Administrator, Oberlin College
   Mudd Library, x.56930 -- CIT will NEVER ask you for your password!

   www.calfrye.com,  www.pitalabs.com


"Standing for right when it is unpopular is a true test of moral character." -- Margaret
Chase Smith.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)

iEYEARECAAYFAkl1Q+UACgkQyHqSEmCod+ubagCfeoiyl9xdz4MiioO9aAhjeZ8d
x2YAn0r+4WWvl4njSeWWgOVgWkZ89waq
=8sfD
-----END PGP SIGNATURE-----

From hooeld at bay.k12.fl.us  Tue Jan 20 03:43:48 2009
From: hooeld at bay.k12.fl.us (Leslie Hooe)
Date: Mon, 19 Jan 2009 21:43:48 -0600
Subject: NetMail assistance?
In-Reply-To: <497543E6.6020300@oberlin.edu>
References: <4975154C.7020604@oberlin.edu> <497543E6.6020300@oberlin.edu>
Message-ID: <4974F414020000010020AFCC@BNGW.bay.k12.fl.us>

Netmail is available from Massaging Architects.  http://www.messagingarchitects.com/en/netmail/
 
 
Leslie Hooe
Telecommunications Manager
Bay District Schools
(850) 747-5295 

>>> On 1/19/2009 at 9:24 PM, in message <497543E6.6020300 at oberlin.edu>, Cal Frye <cal.frye at oberlin.edu> wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cal Frye wrote:
> Hey, all,
> Gee, I hate email sometimes!
> 
> Nsure Audit blew up on me on my home/test server. It's there for NetMail, which switched
> to Audit for logging with version 3.5. Now I can't get IMS to load, and I can't find my
> NetMail CD to attempt a reinstall. Plus, the tape drive has gone bad, so backups are not
> immediately at hand.

Well, replying to my own message, I was able to get most of it to load again, finally. It
can't connect with Audit, but that no longer is causing it to refuse to start. I still
wouldn't mind a fresh copy of the installation disk, as with the divestiture of NetMail it
no longer seems to be available anywhere any longer, but I can be more patient again,
thanks ;-)

- --
Best Wishes for 2009,
- -- Cal Frye, Network Administrator, Oberlin College
   Mudd Library, x.56930 -- CIT will NEVER ask you for your password!

   www.calfrye.com,  www.pitalabs.com


"Standing for right when it is unpopular is a true test of moral character." -- Margaret
Chase Smith.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)

iEYEARECAAYFAkl1Q+UACgkQyHqSEmCod+ubagCfeoiyl9xdz4MiioO9aAhjeZ8d
x2YAn0r+4WWvl4njSeWWgOVgWkZ89waq
=8sfD
-----END PGP SIGNATURE-----
_______________________________________________
Novell mailing list
Novell at netlab1.oucs.ox.ac.uk
http://netlab1.usu.edu/mailman/listinfo/novell





The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Under Florida law, e-mail addresses are public records. If you do not want your e-mail address released in response to a public-records request, do not send electronic mail to this entity. Instead, contact this office by phone or in writing.


From cal.frye at oberlin.edu  Tue Jan 20 15:04:42 2009
From: cal.frye at oberlin.edu (Cal Frye)
Date: Tue, 20 Jan 2009 10:04:42 -0500
Subject: NetMail assistance?
In-Reply-To: <4974F414020000010020AFCC@BNGW.bay.k12.fl.us>
References: <4975154C.7020604@oberlin.edu> <497543E6.6020300@oberlin.edu>
	<4974F414020000010020AFCC@BNGW.bay.k12.fl.us>
Message-ID: <4975E80A.4050302@oberlin.edu>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Leslie Hooe wrote:
> Netmail is available from Massaging Architects.  http://www.messagingarchitects.com/en/netmail/
>  
Found that, thanks. Do you know if their "3.6" is the same as Novell's "3.52?" I'm still
waiting for them to return my call...

- --
Best Wishes for 2009,
- -- Cal Frye, Network Administrator, Oberlin College
   Mudd Library, x.56930 -- CIT will NEVER ask you for your password!

   www.calfrye.com,  www.pitalabs.com


"Perhaps we never appreciate the here and now until it is challenged." --Anne Morrow Lindberg.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)

iEYEARECAAYFAkl16AkACgkQyHqSEmCod+tG8QCgzrzDV8FoZeXNyiOvU360OpJr
nvsAnjh+38OQ21sKBTPvH8cWcRsn67Ak
=0UJi
-----END PGP SIGNATURE-----

From jcunningham at upei.ca  Tue Jan 20 15:08:22 2009
From: jcunningham at upei.ca (John Cunningham)
Date: Tue, 20 Jan 2009 11:08:22 -0400
Subject: NetMail assistance?
In-Reply-To: <4975E80A.4050302@oberlin.edu>
References: <4975154C.7020604@oberlin.edu> <497543E6.6020300@oberlin.edu>
	<4974F414020000010020AFCC@BNGW.bay.k12.fl.us>
	<4975E80A.4050302@oberlin.edu>
Message-ID: <4975B0A7.EFF9.0093.0@groupwise.upei.ca>

M+NetMail 3.6 is a release upgrade from 3.52 so it includes patches, additional features and, one would presume, performance and stability improvements. It's the same product underneath with MA's enhancements - and hooks for it to integrate into their other M+ products.
 
Nicer interface, if you ask me. The traditional interface templates are still included.
 
~John

>>> On 1/20/2009 at 11:04 AM, Cal Frye <cal.frye at oberlin.edu> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Leslie Hooe wrote:
> Netmail is available from Massaging Architects.  http://www.messagingarchitects.com/en/netmail/ 
>  
Found that, thanks. Do you know if their "3.6" is the same as Novell's "3.52?" I'm still
waiting for them to return my call...

- --
Best Wishes for 2009,
- -- Cal Frye, Network Administrator, Oberlin College
   Mudd Library, x.56930 -- CIT will NEVER ask you for your password!

   www.calfrye.com,  www.pitalabs.com 


"Perhaps we never appreciate the here and now until it is challenged." --Anne Morrow Lindberg.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)

iEYEARECAAYFAkl16AkACgkQyHqSEmCod+tG8QCgzrzDV8FoZeXNyiOvU360OpJr
nvsAnjh+38OQ21sKBTPvH8cWcRsn67Ak
=0UJi
-----END PGP SIGNATURE-----
_______________________________________________
Novell mailing list
Novell at netlab1.oucs.ox.ac.uk 
http://netlab1.usu.edu/mailman/listinfo/novell

From hooeld at bay.k12.fl.us  Tue Jan 20 15:08:59 2009
From: hooeld at bay.k12.fl.us (Leslie Hooe)
Date: Tue, 20 Jan 2009 09:08:59 -0600
Subject: NetMail assistance?
In-Reply-To: <4975E80A.4050302@oberlin.edu>
References: <4975154C.7020604@oberlin.edu> <497543E6.6020300@oberlin.edu>
	<4974F414020000010020AFCC@BNGW.bay.k12.fl.us>
	<4975E80A.4050302@oberlin.edu>
Message-ID: <497594AB020000010020B03C@BNGW.bay.k12.fl.us>

I did not see anything different when I installed it, but did not compare files dates or anything like that..
 
 
 
Leslie Hooe
Telecommunications Manager
Bay District Schools
(850) 747-5295 

>>> On 1/20/2009 at 9:04 AM, in message <4975E80A.4050302 at oberlin.edu>, Cal Frye <cal.frye at oberlin.edu> wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Leslie Hooe wrote:
> Netmail is available from Massaging Architects.  http://www.messagingarchitects.com/en/netmail/
>  
Found that, thanks. Do you know if their "3.6" is the same as Novell's "3.52?" I'm still
waiting for them to return my call...

- --
Best Wishes for 2009,
- -- Cal Frye, Network Administrator, Oberlin College
   Mudd Library, x.56930 -- CIT will NEVER ask you for your password!

   www.calfrye.com,  www.pitalabs.com


"Perhaps we never appreciate the here and now until it is challenged." --Anne Morrow Lindberg.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)

iEYEARECAAYFAkl16AkACgkQyHqSEmCod+tG8QCgzrzDV8FoZeXNyiOvU360OpJr
nvsAnjh+38OQ21sKBTPvH8cWcRsn67Ak
=0UJi
-----END PGP SIGNATURE-----
_______________________________________________
Novell mailing list
Novell at netlab1.oucs.ox.ac.uk
http://netlab1.usu.edu/mailman/listinfo/novell





The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Under Florida law, e-mail addresses are public records. If you do not want your e-mail address released in response to a public-records request, do not send electronic mail to this entity. Instead, contact this office by phone or in writing.


From MollardM at mbc.qld.edu.au  Fri Jan 23 02:10:14 2009
From: MollardM at mbc.qld.edu.au (Michael Mollard)
Date: Fri, 23 Jan 2009 12:10:14 +1000
Subject: iPrint issues?
Message-ID: <4979B3A4.E927.0018.0@mbc.qld.edu.au>

Hi all,
We are running iPrint on a NW65sp7 server.  Clients are XPSP3, with iPrint 5.12

When we access the /ipp webpage to install printers, we are getting lots of "1392 Directory is Corrupt.. " type errors.  This is happening on various printers and various PCs.
If I use Add/Remove Printers and browse the NDPS/Controlled Printers to manually install the printer, some if the printers have "Status: Raedy", while others have "Error: The network Address is invalid".

I have done a NDPS database sync on the Print Server. It all seems to be ok.

Has anyone seen this sort of thing before.  It has me stumped.  We eventually manage to combine uninstalling/reinstalling the iprint client, rebooting, and tweaking to get it working in most places, but it isn't a good advertisement for iPrint.

Open to any thoughts or suggestions.

Thanks,

Michael Mollard
Network Administrator
Moreton Bay College
mollardm at mbc.qld.edu.au
http://www.mbc.qld.edu.au
Ph: (Direct) 07 3907 5712 / (Mob) 0417 631 801 
Fax: 07 3390 8919 ( http://www.mbc.qld.edu.au )


--------------------------------------------------------------------------------
Disclaimer: Whilst every attempt has been made to ensure that material contained in this email is free from computer viruses or other defects, the attached files are provided, and may only be used, on the basis that the user assumes all responsibility for use of the material transmitted. This email is intended only for the use of the individual or entity names above and may contain information that is confidential and privileged. If you are not the intended recipient, please note that any dissemination, distribution or copying of this email is strictly prohibited. If you have received this email in error, please notify us immediately by return email or telephone 07 3390 8555 and destroy the original message. The contents of this message are provided without responsibility in law for their accuracy or otherwise, and without assumption of a duty of care by the School.
--------------------------------------------------------------------------------

From RGrein at tpchd.org  Fri Jan 23 15:49:59 2009
From: RGrein at tpchd.org (Randy Grein)
Date: Fri, 23 Jan 2009 07:49:59 -0800
Subject: iPrint issues?
In-Reply-To: <4979B3A4.E927.0018.0@mbc.qld.edu.au>
References: <4979B3A4.E927.0018.0@mbc.qld.edu.au>
Message-ID: <497976A6.811E.0072.0@tpchd.org>

Is DS healthy?

Only problem I've had is occasional driver corruption; reinstall the driver and it's good. My suspicion is that it's a hardware problem with that cluster, but it's not important enough to debug.

Randy Grein
Sr. Network Engineer


>>> "Michael Mollard" <MollardM at mbc.qld.edu.au> 1/22/2009 6:10 PM >>>
Hi all,
We are running iPrint on a NW65sp7 server.  Clients are XPSP3, with iPrint 5.12

When we access the /ipp webpage to install printers, we are getting lots of "1392 Directory is Corrupt.. " type errors.  This is happening on various printers and various PCs.
If I use Add/Remove Printers and browse the NDPS/Controlled Printers to manually install the printer, some if the printers have "Status: Raedy", while others have "Error: The network Address is invalid".

I have done a NDPS database sync on the Print Server. It all seems to be ok.

Has anyone seen this sort of thing before.  It has me stumped.  We eventually manage to combine uninstalling/reinstalling the iprint client, rebooting, and tweaking to get it working in most places, but it isn't a good advertisement for iPrint.

Open to any thoughts or suggestions.

Thanks,

Michael Mollard
Network Administrator
Moreton Bay College
mollardm at mbc.qld.edu.au 
http://www.mbc.qld.edu.au 
Ph: (Direct) 07 3907 5712 / (Mob) 0417 631 801 
Fax: 07 3390 8919 ( http://www.mbc.qld.edu.au )


--------------------------------------------------------------------------------
Disclaimer: Whilst every attempt has been made to ensure that material contained in this email is free from computer viruses or other defects, the attached files are provided, and may only be used, on the basis that the user assumes all responsibility for use of the material transmitted. This email is intended only for the use of the individual or entity names above and may contain information that is confidential and privileged. If you are not the intended recipient, please note that any dissemination, distribution or copying of this email is strictly prohibited. If you have received this email in error, please notify us immediately by return email or telephone 07 3390 8555 and destroy the original message. The contents of this message are provided without responsibility in law for their accuracy or otherwise, and without assumption of a duty of care by the School.
--------------------------------------------------------------------------------
_______________________________________________
Novell mailing list
Novell at netlab1.oucs.ox.ac.uk 
http://netlab1.usu.edu/mailman/listinfo/novell

*************************************************************************************
This e-mail and any attachments may contain confidential and privileged information. It has been scanned for viruses. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this e-mail and destroy any copies. Any dissemination, use, review, disclosure, or distribution of this information by a person other than the intended recipient is unauthorized and may be illegal.
**************************************************************************************



From MGlenn at cco.state.oh.us  Fri Jan 23 17:08:29 2009
From: MGlenn at cco.state.oh.us (Michael Glenn)
Date: Fri, 23 Jan 2009 12:08:29 -0500
Subject: iPrint issues?
In-Reply-To: <497976A6.811E.0072.0@tpchd.org>
References: <4979B3A4.E927.0018.0@mbc.qld.edu.au>
	<497976A6.811E.0072.0@tpchd.org>
Message-ID: <4979B33C.33FD.002C.1@cco.state.oh.us>

<rant>
My only current heartburn with printing is with the current crop of Xerox drivers. Completely unsuited for a business network of any scale.
</rant>

>>> "Randy Grein" <RGrein at tpchd.org> 01/23/2009 10:49 >>>
Is DS healthy?

Only problem I've had is occasional driver corruption; reinstall the driver and it's good. My suspicion is that it's a hardware problem with that cluster, but it's not important enough to debug.

Randy Grein
Sr. Network Engineer


>>> "Michael Mollard" <MollardM at mbc.qld.edu.au> 1/22/2009 6:10 PM >>>
Hi all,
We are running iPrint on a NW65sp7 server.  Clients are XPSP3, with iPrint 5.12

When we access the /ipp webpage to install printers, we are getting lots of "1392 Directory is Corrupt.. " type errors.  This is happening on various printers and various PCs.
If I use Add/Remove Printers and browse the NDPS/Controlled Printers to manually install the printer, some if the printers have "Status: Raedy", while others have "Error: The network Address is invalid".

I have done a NDPS database sync on the Print Server. It all seems to be ok.

Has anyone seen this sort of thing before.  It has me stumped.  We eventually manage to combine uninstalling/reinstalling the iprint client, rebooting, and tweaking to get it working in most places, but it isn't a good advertisement for iPrint.

Open to any thoughts or suggestions.

Thanks,

Michael Mollard
Network Administrator
Moreton Bay College
mollardm at mbc.qld.edu.au 
http://www.mbc.qld.edu.au 
Ph: (Direct) 07 3907 5712 / (Mob) 0417 631 801 
Fax: 07 3390 8919 ( http://www.mbc.qld.edu.au )


--------------------------------------------------------------------------------
Disclaimer: Whilst every attempt has been made to ensure that material contained in this email is free from computer viruses or other defects, the attached files are provided, and may only be used, on the basis that the user assumes all responsibility for use of the material transmitted. This email is intended only for the use of the individual or entity names above and may contain information that is confidential and privileged. If you are not the intended recipient, please note that any dissemination, distribution or copying of this email is strictly prohibited. If you have received this email in error, please notify us immediately by return email or telephone 07 3390 8555 and destroy the original message. The contents of this message are provided without responsibility in law for their accuracy or otherwise, and without assumption of a duty of care by the School.
--------------------------------------------------------------------------------
_______________________________________________
Novell mailing list
Novell at netlab1.oucs.ox.ac.uk 
http://netlab1.usu.edu/mailman/listinfo/novell 

*************************************************************************************
This e-mail and any attachments may contain confidential and privileged information. It has been scanned for viruses. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this e-mail and destroy any copies. Any dissemination, use, review, disclosure, or distribution of this information by a person other than the intended recipient is unauthorized and may be illegal.
**************************************************************************************


_______________________________________________
Novell mailing list
Novell at netlab1.oucs.ox.ac.uk 
http://netlab1.usu.edu/mailman/listinfo/novell


From RGrein at tpchd.org  Fri Jan 23 17:17:36 2009
From: RGrein at tpchd.org (Randy Grein)
Date: Fri, 23 Jan 2009 09:17:36 -0800
Subject: iPrint issues?
In-Reply-To: <4979B33C.33FD.002C.1@cco.state.oh.us>
References: <4979B3A4.E927.0018.0@mbc.qld.edu.au>
	<497976A6.811E.0072.0@tpchd.org> <4979B33C.33FD.002C.1@cco.state.oh.us>
Message-ID: <49798B2F.811E.0072.0@tpchd.org>

Well, if you want to talk about that....

The big Canon iR series are likewise, well, poorly put together for anything more than a small workgroup. They print well enough, but they include a 'count' function that integrates well with the front panel. Only problem is every workstation has to be configured to print direct, no intervening server - not even direct print in iPrint will work. Of course it's not a big deal to capture printer data through iPrint and copier counts through the front panel, but accounting doesn't like that.

Randy Grein
Sr. Network Engineer


>>> "Michael Glenn" <MGlenn at cco.state.oh.us> 1/23/2009 9:08 AM >>>
<rant>
My only current heartburn with printing is with the current crop of Xerox drivers. Completely unsuited for a business network of any scale.
</rant>

>>> "Randy Grein" <RGrein at tpchd.org> 01/23/2009 10:49 >>>
Is DS healthy?

Only problem I've had is occasional driver corruption; reinstall the driver and it's good. My suspicion is that it's a hardware problem with that cluster, but it's not important enough to debug.

Randy Grein
Sr. Network Engineer


>>> "Michael Mollard" <MollardM at mbc.qld.edu.au> 1/22/2009 6:10 PM >>>
Hi all,
We are running iPrint on a NW65sp7 server.  Clients are XPSP3, with iPrint 5.12

When we access the /ipp webpage to install printers, we are getting lots of "1392 Directory is Corrupt.. " type errors.  This is happening on various printers and various PCs.
If I use Add/Remove Printers and browse the NDPS/Controlled Printers to manually install the printer, some if the printers have "Status: Raedy", while others have "Error: The network Address is invalid".

I have done a NDPS database sync on the Print Server. It all seems to be ok.

Has anyone seen this sort of thing before.  It has me stumped.  We eventually manage to combine uninstalling/reinstalling the iprint client, rebooting, and tweaking to get it working in most places, but it isn't a good advertisement for iPrint.

Open to any thoughts or suggestions.

Thanks,

Michael Mollard
Network Administrator
Moreton Bay College
mollardm at mbc.qld.edu.au 
http://www.mbc.qld.edu.au 
Ph: (Direct) 07 3907 5712 / (Mob) 0417 631 801 
Fax: 07 3390 8919 ( http://www.mbc.qld.edu.au )


--------------------------------------------------------------------------------
Disclaimer: Whilst every attempt has been made to ensure that material contained in this email is free from computer viruses or other defects, the attached files are provided, and may only be used, on the basis that the user assumes all responsibility for use of the material transmitted. This email is intended only for the use of the individual or entity names above and may contain information that is confidential and privileged. If you are not the intended recipient, please note that any dissemination, distribution or copying of this email is strictly prohibited. If you have received this email in error, please notify us immediately by return email or telephone 07 3390 8555 and destroy the original message. The contents of this message are provided without responsibility in law for their accuracy or otherwise, and without assumption of a duty of care by the School.
--------------------------------------------------------------------------------
_______________________________________________
Novell mailing list
Novell at netlab1.oucs.ox.ac.uk 
http://netlab1.usu.edu/mailman/listinfo/novell 

*************************************************************************************
This e-mail and any attachments may contain confidential and privileged information. It has been scanned for viruses. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this e-mail and destroy any copies. Any dissemination, use, review, disclosure, or distribution of this information by a person other than the intended recipient is unauthorized and may be illegal.
**************************************************************************************


_______________________________________________
Novell mailing list
Novell at netlab1.oucs.ox.ac.uk 
http://netlab1.usu.edu/mailman/listinfo/novell 

_______________________________________________
Novell mailing list
Novell at netlab1.oucs.ox.ac.uk 
http://netlab1.usu.edu/mailman/listinfo/novell
*************************************************************************************
This e-mail and any attachments may contain confidential and privileged information. It has been scanned for viruses. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this e-mail and destroy any copies. Any dissemination, use, review, disclosure, or distribution of this information by a person other than the intended recipient is unauthorized and may be illegal.
**************************************************************************************



From Alar.Pandis at mtk.ut.ee  Mon Jan 26 11:45:06 2009
From: Alar.Pandis at mtk.ut.ee (Alar Pandis)
Date: Mon, 26 Jan 2009 13:45:06 +0200
Subject: After upgrade OES2 to SP1 on SLES 10 iFolder sysconf page empty
Message-ID: <00b201c97fab$8906f700$8800000a@infutiknt.mtk.ut.ee>

Hi!
Finally I managed upgrade OES2 to OES2 SP1 (and SLES 10 SP1 to SP2), but ...
during iFolder upgrade appear error "unable to upgrade Novell iFolder 3" or
something (I didn't write it down). But, seems to me everything works fine
(couple of hours for now at least). But ... when I try to reconfigure
iFolder (just a try!) it appears that third page in YaST "Novell iFolder
System Configuration Options" is empty! Nothing there but back, abort and
next! Last one can't be chosen as error "A valid Server Name must be
entered" appear, but I can't enter it, no field for that. In "Use Following
Configuration" screen after enabling iFolder reconf appear that "Novell
iFolder requires additional conf info". I can't see anything important is
missing in this conf list under iFolder, but - as I described - I can't
change also nothing. Weird.
Good to have it work as ... may be is good idea to use SSL connection
instead regular (client 3.7 support it) and this option is in this list I
can't change.
Any ideas?
I wrote this in Novell iFolder forum, but nothing yet.
More thanks,
Alar from Estonia.



From joe.doupnik at oucs.ox.ac.uk  Mon Jan 26 12:00:17 2009
From: joe.doupnik at oucs.ox.ac.uk (Joe Doupnik)
Date: Mon, 26 Jan 2009 12:00:17 +0000
Subject: After upgrade OES2 to SP1 on SLES 10 iFolder sysconf page empty
In-Reply-To: <00b201c97fab$8906f700$8800000a@infutiknt.mtk.ut.ee>
References: <00b201c97fab$8906f700$8800000a@infutiknt.mtk.ut.ee>
Message-ID: <497DA5D1.1080705@oucs.ox.ac.uk>

Alar Pandis wrote:
> Hi!
> Finally I managed upgrade OES2 to OES2 SP1 (and SLES 10 SP1 to SP2), but ...
> during iFolder upgrade appear error "unable to upgrade Novell iFolder 3" or
> something (I didn't write it down). But, seems to me everything works fine
> (couple of hours for now at least). But ... when I try to reconfigure
> iFolder (just a try!) it appears that third page in YaST "Novell iFolder
> System Configuration Options" is empty! Nothing there but back, abort and
> next! Last one can't be chosen as error "A valid Server Name must be
> entered" appear, but I can't enter it, no field for that. In "Use Following
> Configuration" screen after enabling iFolder reconf appear that "Novell
> iFolder requires additional conf info". I can't see anything important is
> missing in this conf list under iFolder, but - as I described - I can't
> change also nothing. Weird.
> Good to have it work as ... may be is good idea to use SSL connection
> instead regular (client 3.7 support it) and this option is in this list I
> can't change.
> Any ideas?
> I wrote this in Novell iFolder forum, but nothing yet.
> More thanks,
> Alar from Estonia.
> 
> 
> _______________________________________________
> Novell mailing list
> Novell at netlab1.oucs.ox.ac.uk
> http://netlab1.usu.edu/mailman/listinfo/novell
-----------
	One easily missed detail is whether to use comma or dot notation
for a username.
	My usual method of getting into these problems is to delete and
reinstall the application. This has its share of dependency difficulties
as shown in YaST so I use detailed RPM deletions to work around the
inadquate menus. Once reinstalled then the OES Install & Reconfig menu
should (quotes) work after enabling the app.
	Joe D.

From James.Taylor at eastcobbgroup.com  Mon Jan 26 13:57:21 2009
From: James.Taylor at eastcobbgroup.com (James Taylor)
Date: Mon, 26 Jan 2009 08:57:21 -0500
Subject: After upgrade OES2 to SP1 on SLES 10 iFolder sysconf page empty
In-Reply-To: <00b201c97fab$8906f700$8800000a@infutiknt.mtk.ut.ee>
References: <00b201c97fab$8906f700$8800000a@infutiknt.mtk.ut.ee>
Message-ID: <497D7AF1020000750002A148@inet.eastcobbgroup.com>

You can bypass the yast config for ifolder3 by doing a command line configuration
Open a console window at the server and su to root.
cd /opt/novell/ifolder3/bin and run ./simias-server-config
enter all of the the information relevant to your system as it prompts.
Many of the entries will have defaults that are preset to values you want to use. Just select Y when you see those. Otherwise, type in the correct info.  One annoying quirk of the installation is that you can't backspace for the entries.  If you make a mistake, ctrl-c and rerun, it only takes a few minutes to set up.
-jt 
 

James Taylor
The East Cobb Group, Inc.
678-697-9420
james.taylor at eastcobbgroup.com
http://www.eastcobbgroup.com




>>> "Alar Pandis" <Alar.Pandis at mtk.ut.ee> 1/26/2009 06:45 AM >>> 
Hi!
Finally I managed upgrade OES2 to OES2 SP1 (and SLES 10 SP1 to SP2), but ...
during iFolder upgrade appear error "unable to upgrade Novell iFolder 3" or
something (I didn't write it down). But, seems to me everything works fine
(couple of hours for now at least). But ... when I try to reconfigure
iFolder (just a try!) it appears that third page in YaST "Novell iFolder
System Configuration Options" is empty! Nothing there but back, abort and
next! Last one can't be chosen as error "A valid Server Name must be
entered" appear, but I can't enter it, no field for that. In "Use Following
Configuration" screen after enabling iFolder reconf appear that "Novell
iFolder requires additional conf info". I can't see anything important is
missing in this conf list under iFolder, but - as I described - I can't
change also nothing. Weird.
Good to have it work as ... may be is good idea to use SSL connection
instead regular (client 3.7 support it) and this option is in this list I
can't change.
Any ideas?
I wrote this in Novell iFolder forum, but nothing yet.
More thanks,
Alar from Estonia.


_______________________________________________
Novell mailing list
Novell at netlab1.oucs.ox.ac.uk
http://netlab1.usu.edu/mailman/listinfo/novell



From toomas.aas at raad.tartu.ee  Wed Jan 28 06:52:25 2009
From: toomas.aas at raad.tartu.ee (Toomas Aas)
Date: Wed, 28 Jan 2009 08:52:25 +0200
Subject: Replacement for nlist
Message-ID: <498000A9.7030707@raad.tartu.ee>

Hello!

I'm trying to figure out how many active users are in our eDirectory 8.7.3 
tree by running this command:

nlist user where "last login time" gt 12/28/08 /r /s

However, it gives inconsistent results. Among the output there are error 
messages such as:

NLIST-4.22-991: An error occurred in NWDSREAD.  Error code: FD77

Searching support.novell.com resulted in "yeah, nlist is an old DOS utility 
and there is not much that can be done about this".

Is there any other tool that can be used to achieve the same goal?

-- 
Toomas Aas --------------------------------------------------------
|arvutiv?rgu peaspetsialist | head specialist on computer networks|
|Tartu Linnakantselei       | Tartu City Office                   |
skype: toomas_aas ----------------------------------- +372 736 1274


From L.C.Alexander at herts.ac.uk  Wed Jan 28 07:42:53 2009
From: L.C.Alexander at herts.ac.uk (Alexander, Larry)
Date: Wed, 28 Jan 2009 07:42:53 +0000
Subject: Replacement for nlist
In-Reply-To: <498000A9.7030707@raad.tartu.ee>
References: <498000A9.7030707@raad.tartu.ee>
Message-ID: <249D31647A2E9244899D8E46B942846AAE43B96191@UH-MAILSTOR.herts.ac.uk>

Suspect you could do it with ldapsearch located in the consoleone/1.2/bin folder.


Larry C. Alexander
Systems & Applications Manager
University of Hertfordshire, College Lane, Hatfield, Herts, AL10 9AB, UK
Tel: 01707-284703  Fax: 01707-284666  Mobile: 07734-540924
Email: L.C.Alexander at Herts.ac.uk




-----Original Message-----
From: novell-bounces at netlab1.oucs.ox.ac.uk [mailto:novell-bounces at netlab1.oucs.ox.ac.uk] On Behalf Of Toomas Aas
Sent: 28 January 2009 06:52
To: Novell LAN Interest Group
Subject: Replacement for nlist

Hello!

I'm trying to figure out how many active users are in our eDirectory 8.7.3
tree by running this command:

nlist user where "last login time" gt 12/28/08 /r /s

However, it gives inconsistent results. Among the output there are error
messages such as:

NLIST-4.22-991: An error occurred in NWDSREAD.  Error code: FD77

Searching support.novell.com resulted in "yeah, nlist is an old DOS utility
and there is not much that can be done about this".

Is there any other tool that can be used to achieve the same goal?

--
Toomas Aas --------------------------------------------------------
|arvutiv?rgu peaspetsialist | head specialist on computer networks|
|Tartu Linnakantselei       | Tartu City Office                   |
skype: toomas_aas ----------------------------------- +372 736 1274

_______________________________________________
Novell mailing list
Novell at netlab1.oucs.ox.ac.uk
http://netlab1.usu.edu/mailman/listinfo/novell

From tim at nds8.co.uk  Wed Jan 28 07:57:45 2009
From: tim at nds8.co.uk (Tim Heywood)
Date: Wed, 28 Jan 2009 07:57:45 +0000
Subject: Replacement for nlist
In-Reply-To: <498000A9.7030707@raad.tartu.ee>
References: <498000A9.7030707@raad.tartu.ee>
Message-ID: <49800FF9020000BB00049428@mail2.nds8.com>

Sounds like you need the tool that Novell use when they audit a
commercial customer...

LMS tool is it's name and it can be found on
http://www.novell.com/licensing/lms/tools.html

HTH

T


-- 
 
Tim Heywood
NDS8
Novell Platinum Solution Provider
 
Office:  +44 (0) 131 538 8202
Mobile:  +44 (0) 7974 134264








>>> On 28 January, 2009 at 06:52, Toomas Aas <toomas.aas at raad.tartu.ee>
wrote: 
> Hello!
> 
> I'm trying to figure out how many active users are in our eDirectory
8.7.3 
> tree by running this command:
> 
> nlist user where "last login time" gt 12/28/08 /r /s
> 
> However, it gives inconsistent results. Among the output there are
error 
> messages such as:
> 
> NLIST-4.22-991: An error occurred in NWDSREAD.  Error code: FD77
> 
> Searching support.novell.com resulted in "yeah, nlist is an old DOS
utility 
> and there is not much that can be done about this".
> 
> Is there any other tool that can be used to achieve the same goal?


The information contained in this email is intended for the person to 
whom it is addressed and may contain confidential and/or privileged 
information. You should not copy, retain, forward or disclose its 
contents to anyone else, or take any action based upon it, if it is 
not addressed to you personally. If the message is received by anyone
other 
than the addressee, please notify the sender and delete the message. 

NDS8 does not accept responsibility for changes made to this 
message after it was sent. Whilst all reasonable care has been taken to 
avoid the transmission of viruses, it is the responsibility of the 
recipient to ensure that the onward transmission, opening or use of 
this message and any attachments will not adversely affect its systems
or data.

From toomas.aas at raad.tartu.ee  Wed Jan 28 08:33:23 2009
From: toomas.aas at raad.tartu.ee (Toomas Aas)
Date: Wed, 28 Jan 2009 10:33:23 +0200
Subject: Replacement for nlist
In-Reply-To: <49800FF9020000BB00049428@mail2.nds8.com>
References: <498000A9.7030707@raad.tartu.ee>
	<49800FF9020000BB00049428@mail2.nds8.com>
Message-ID: <49801853.1020209@raad.tartu.ee>

Tim Heywood wrote:

> LMS tool is it's name and it can be found on
> http://www.novell.com/licensing/lms/tools.html

Thanks, that's exactly what I was looking for.

-- 
Toomas Aas

From dtran at ssc.ucla.edu  Wed Jan 28 21:18:20 2009
From: dtran at ssc.ucla.edu (Daniel Tran)
Date: Wed, 28 Jan 2009 13:18:20 -0800
Subject: Replacement for nlist
In-Reply-To: <49801853.1020209@raad.tartu.ee>
References: <498000A9.7030707@raad.tartu.ee><49800FF9020000BB00049428@mail2.nds8.com>
	<49801853.1020209@raad.tartu.ee>
Message-ID: <D2A4CE9969F00C4DB94310BD8B1E20320190C3BF@SSCBE.SS.ucla.edu>

Another Tool that is nice to use is DSreport (free).
If you can't find it. Let me know.

Best,
Daniel

-----Original Message-----
From: novell-bounces at netlab1.oucs.ox.ac.uk
[mailto:novell-bounces at netlab1.oucs.ox.ac.uk] On Behalf Of Toomas Aas
Sent: Wednesday, January 28, 2009 12:33 AM
To: Novell LAN Interest Group
Subject: Re: Replacement for nlist

Tim Heywood wrote:

> LMS tool is it's name and it can be found on
> http://www.novell.com/licensing/lms/tools.html

Thanks, that's exactly what I was looking for.

-- 
Toomas Aas
_______________________________________________
Novell mailing list
Novell at netlab1.oucs.ox.ac.uk
http://netlab1.usu.edu/mailman/listinfo/novell


From jrd at netlab1.oucs.ox.ac.uk  Thu Jan 29 20:10:20 2009
From: jrd at netlab1.oucs.ox.ac.uk (jrd)
Date: Thu, 29 Jan 2009 20:10:20 +0000
Subject: Identity Manager comparison with Sun's offering
Message-ID: <49820D2C.6050205@netlab1.oucs.ox.ac.uk>


I'm curious if anyone has compared Sun's IDM before using Novell's 
product.  I'm currently working with Sun's product and it seems incredibly 
complex.

I might throw up a test box to get acquainted with it.  I also need to get 
up to speed with linux.  I've been out of the Novell game now for a couple 
years and I'm feeling left out :(

Tony

Anthony L Vissoc | GCG US WW IS INFRASTRUCTURE TEAM | 
Eastman Kodak Company | 3000 Research Blvd | Dayton, OH 45420 | 
tony.vissoc at kodak.com | 937-259-3860 Office | 
www.kodak.com 

----------
Note: I have forwarded this message by hand because its graphical
attachment caused it to be discarded.
Joe D.



From James.Taylor at eastcobbgroup.com  Thu Jan 29 20:29:51 2009
From: James.Taylor at eastcobbgroup.com (James Taylor)
Date: Thu, 29 Jan 2009 15:29:51 -0500
Subject: Identity Manager comparison with Sun's offering
In-Reply-To: <49820D2C.6050205@netlab1.oucs.ox.ac.uk>
References: <49820D2C.6050205@netlab1.oucs.ox.ac.uk>
Message-ID: <4981CB6F020000750002A89E@inet.eastcobbgroup.com>

I have not worked directly with Sun's product, but based on what I've seen, you would have a lot less heartburn with IDM. The basic infrastructure is fairly straightforward to set up (I'd say easy, but I work with eDir intensively), and the configuration tools are extremely mature and powerful.

My overwhelming preference is to run IDM in a Linux environment, but it is not necessary, as the product also runs quite well on Windows servers.

If you have any specific questions regarding the type of connections, provisioning or workflow, I would be happy to either answer or find answers to your questions.

-jt 
 

James Taylor
The East Cobb Group, Inc.
678-697-9420
james.taylor at eastcobbgroup.com
http://www.eastcobbgroup.com




>>> jrd <jrd at netlab1.oucs.ox.ac.uk> 1/29/2009 03:10 PM >>> 

I'm curious if anyone has compared Sun's IDM before using Novell's 
product.  I'm currently working with Sun's product and it seems incredibly 
complex.

I might throw up a test box to get acquainted with it.  I also need to get 
up to speed with linux.  I've been out of the Novell game now for a couple 
years and I'm feeling left out :(

Tony

Anthony L Vissoc | GCG US WW IS INFRASTRUCTURE TEAM | 
Eastman Kodak Company | 3000 Research Blvd | Dayton, OH 45420 | 
tony.vissoc at kodak.com | 937-259-3860 Office | 
www.kodak.com 

----------
Note: I have forwarded this message by hand because its graphical
attachment caused it to be discarded.
Joe D.


_______________________________________________
Novell mailing list
Novell at netlab1.oucs.ox.ac.uk
http://netlab1.usu.edu/mailman/listinfo/novell



From tvatwork at gmail.com  Thu Jan 29 20:37:03 2009
From: tvatwork at gmail.com (Tony Vissoc)
Date: Thu, 29 Jan 2009 15:37:03 -0500
Subject: Identity Manager comparison with Sun's offering
In-Reply-To: <4981CB6F020000750002A89E@inet.eastcobbgroup.com>
References: <49820D2C.6050205@netlab1.oucs.ox.ac.uk>
	<4981CB6F020000750002A89E@inet.eastcobbgroup.com>
Message-ID: <3ae995370901291237h7a2ebcddte30f51ac9fd832ef@mail.gmail.com>

Thanks, I'll probably take a look at it and go from there.

On Thu, Jan 29, 2009 at 3:29 PM, James Taylor
<James.Taylor at eastcobbgroup.com> wrote:
> I have not worked directly with Sun's product, but based on what I've seen, you would have a lot less heartburn with IDM. The basic infrastructure is fairly straightforward to set up (I'd say easy, but I work with eDir intensively), and the configuration tools are extremely mature and powerful.
>
> My overwhelming preference is to run IDM in a Linux environment, but it is not necessary, as the product also runs quite well on Windows servers.
>
> If you have any specific questions regarding the type of connections, provisioning or workflow, I would be happy to either answer or find answers to your questions.
>
> -jt
>
>
> James Taylor
> The East Cobb Group, Inc.
> 678-697-9420
> james.taylor at eastcobbgroup.com
> http://www.eastcobbgroup.com
>
>
>
>
>>>> jrd <jrd at netlab1.oucs.ox.ac.uk> 1/29/2009 03:10 PM >>>
>
> I'm curious if anyone has compared Sun's IDM before using Novell's
> product.  I'm currently working with Sun's product and it seems incredibly
> complex.
>
> I might throw up a test box to get acquainted with it.  I also need to get
> up to speed with linux.  I've been out of the Novell game now for a couple
> years and I'm feeling left out :(
>
> Tony
>
> Anthony L Vissoc | GCG US WW IS INFRASTRUCTURE TEAM |
> Eastman Kodak Company | 3000 Research Blvd | Dayton, OH 45420 |
> tony.vissoc at kodak.com | 937-259-3860 Office |
> www.kodak.com
>
> ----------
> Note: I have forwarded this message by hand because its graphical
> attachment caused it to be discarded.
> Joe D.
>
>
> _______________________________________________
> Novell mailing list
> Novell at netlab1.oucs.ox.ac.uk
> http://netlab1.usu.edu/mailman/listinfo/novell
>
>
> _______________________________________________
> Novell mailing list
> Novell at netlab1.oucs.ox.ac.uk
> http://netlab1.usu.edu/mailman/listinfo/novell
>

From geoffreycarman at gmail.com  Fri Jan 30 15:01:24 2009
From: geoffreycarman at gmail.com (Geoffrey Carman)
Date: Fri, 30 Jan 2009 10:01:24 -0500
Subject: Identity Manager comparison with Sun's offering
In-Reply-To: <3ae995370901291237h7a2ebcddte30f51ac9fd832ef@mail.gmail.com>
References: <49820D2C.6050205@netlab1.oucs.ox.ac.uk>
	<4981CB6F020000750002A89E@inet.eastcobbgroup.com>
	<3ae995370901291237h7a2ebcddte30f51ac9fd832ef@mail.gmail.com>
Message-ID: <993788ac0901300701j3b4ad57es72d1ae38b25760ba@mail.gmail.com>

My boss looked in detail at Sun/Courion/IDM for a comparison for a
client a year or so ago.

His comment about Sun was that it looked like a jumble of pieces not
quite integrated into one product yet.  Bought this, that and the
other.

Same is actually true of Novell (IDM engine, then User App, then
Sentinel) but they are a few revisions in now, and it is much better
integrated these days.  (Lets see if we get Access manager and
sentinel config into Designer, and then I would say one aspect of that
is complete).



On Thu, Jan 29, 2009 at 3:37 PM, Tony Vissoc <tvatwork at gmail.com> wrote:
> Thanks, I'll probably take a look at it and go from there.
>
> On Thu, Jan 29, 2009 at 3:29 PM, James Taylor
> <James.Taylor at eastcobbgroup.com> wrote:
>> I have not worked directly with Sun's product, but based on what I've seen, you would have a lot less heartburn with IDM. The basic infrastructure is fairly straightforward to set up (I'd say easy, but I work with eDir intensively), and the configuration tools are extremely mature and powerful.
>>
>> My overwhelming preference is to run IDM in a Linux environment, but it is not necessary, as the product also runs quite well on Windows servers.
>>
>> If you have any specific questions regarding the type of connections, provisioning or workflow, I would be happy to either answer or find answers to your questions.
>>
>> -jt
>>
>>
>> James Taylor
>> The East Cobb Group, Inc.
>> 678-697-9420
>> james.taylor at eastcobbgroup.com
>> http://www.eastcobbgroup.com
>>
>>
>>
>>
>>>>> jrd <jrd at netlab1.oucs.ox.ac.uk> 1/29/2009 03:10 PM >>>
>>
>> I'm curious if anyone has compared Sun's IDM before using Novell's
>> product.  I'm currently working with Sun's product and it seems incredibly
>> complex.
>>
>> I might throw up a test box to get acquainted with it.  I also need to get
>> up to speed with linux.  I've been out of the Novell game now for a couple
>> years and I'm feeling left out :(
>>
>> Tony
>>
>> Anthony L Vissoc | GCG US WW IS INFRASTRUCTURE TEAM |
>> Eastman Kodak Company | 3000 Research Blvd | Dayton, OH 45420 |
>> tony.vissoc at kodak.com | 937-259-3860 Office |
>> www.kodak.com
>>
>> ----------
>> Note: I have forwarded this message by hand because its graphical
>> attachment caused it to be discarded.
>> Joe D.
>>
>>
>> _______________________________________________
>> Novell mailing list
>> Novell at netlab1.oucs.ox.ac.uk
>> http://netlab1.usu.edu/mailman/listinfo/novell
>>
>>
>> _______________________________________________
>> Novell mailing list
>> Novell at netlab1.oucs.ox.ac.uk
>> http://netlab1.usu.edu/mailman/listinfo/novell
>>
> _______________________________________________
> Novell mailing list
> Novell at netlab1.oucs.ox.ac.uk
> http://netlab1.usu.edu/mailman/listinfo/novell
>



-- 
Geoffrey Carman
geoffreycarman at gmail.com

From pjc9001 at nyp.org  Fri Jan 30 21:52:09 2009
From: pjc9001 at nyp.org (Peter J. Cox)
Date: Fri, 30 Jan 2009 16:52:09 -0500
Subject: iPrint via PHP-LDAP update Question
Message-ID: <49837689.1030403@nyp.org>

    I'm hoping that someone else might have run into this and come up 
with the answer.
We're using a NW 6.5 sp6 box to host our iPrint, we'd like to upgrade to 
OES but we use the PHP-LDAP iPrint cool solution by Daniel Bray 
(http://www.novell.com/coolsolutions/feature/575.html). We're a hospital 
and floors get changed a little too much to use the Map tool, Daniel's 
scripts have been a godsend for us in offering our users an iPrint 
solution for printing. The issue we run into is that when we tried to 
upgrade we found that the PHP (or Apache ?) script generated errors when 
running on the new box (which uses PHP5 and Apache 2 vs PHP4 and Apache2 
on the NW6.5 box). I've emailed Bray about it and he thought it was an 
issue between PHP versions but he's no longer working with Novell 
products, we don't have enough PHP experience to figure it out and when 
I tried Novell I was asked for the info and told they'd get back to me 
(9 months now....... still nothing).
    I figure I'd ask (beg, plead, etc) the members of this group to see 
if anyone else has had any experience. We'd really like to stay with 
Novell and iPrint but not 6.5 and not the mapping tool.

-- 
If there are any questions or problems
please contact me.
_______________________
Peter J. Cox
Network Manager, IT
NY Methodist Hospital




--------------------

This electronic message is intended to be for the use only of the named recipient, and may contain information that is confidential or privileged.  If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution or use of the contents of this message is strictly prohibited.  If you have received this message in error or are not the named recipient, please notify us immediately by contacting the sender at the electronic mail address noted above, and delete and destroy all copies of this message.  Thank you.