NDS Enhancements
Home Up News Feedback Search

 

JPC FINANCIAL LIMITED

Financial Ltd

Directory Enquiries

Currency Converter

Train Tickets

 

NDS Enhancements in NetWare 5


In the article "Understanding NDS," we introduce you to some of the basics of NDS. But Novell has added a number of enhancements to NDS with the release of NetWare 5. NDS enhancements in NetWare 5 fall along two lines: performance (in both speed and stability) and manageability. In this article, we'll show you some of these changes.

Enhanced performance


If you have a small network—perhaps only one or two servers on the same LAN—then you won't notice many of NetWare 5's performance improvements, because they deal with improved synchronization between NDS replicas on different servers. When your NDS tree includes several servers, each server can store part of the tree. Any time you change the NDS tree, NDS copies these changes to each server in the tree. To increase performance in larger networks, Novell changed the way NetWare processes updates and transmits them from server to server.

In NetWare 4.x, when you made changes to an NDS object, NDS dated the change with a time stamp. Then, when it came time to transmit the changes to other servers on the network, NDS scanned the time stamp of each object in the NDS tree. If it found an object that had changed, it transmitted the changed property.

NetWare 5 still uses time stamps to know when an object changes. But when the time comes to replicate the changes, it does something different. Instead of scanning each object in the NDS database and collecting the changes before transmitting them, NetWare 5 collects the changes to objects in a cache. The server then transmits the cached information directly. Doing so saves time that would normally be used for collecting changes.

 

 

Replica synchronization


Novell has also made several changes to the way earlier versions of NetWare handle replica synchronizations. Replica synchronization is the term that Novell uses for copying NDS database changes from server to server. When NetWare 4.x synchronizes its NDS database, it must contact every server in its replica ring with the updates—one at a time. After the server contacts every server in the tree and verifies the updates, the synchronization is considered complete.

If you have several servers spread out over slow WAN links, it may take an extremely long time for the NDS database to synchronize. When the synchronization finally completes, it may already be time for the next one to occur. Also, this time lag can cause excessive network traffic and NDS problems if the synchronizations are never regularly completed.

Novell addresses this situation in NetWare 5 by changing the way it completes synchronizations. Rather than contacting every server in the replica ring, NetWare 5 tracks the time stamps for each server in the replica. The time stamp for each server in the replica is known as the transitive vector. When synchronization occurs, NDS checks the time stamps in the transitive vector of the replicas. Then, updates are sent only to those servers in the replica that have time stamps older than the issuing server. The servers exchange new transitive vectors to update the time stamps in the replica.

 

 

Replica rings and sequential updates


Novell has also changed the way NDS updates servers in the replica ring. NetWare 4.x keeps track of neighboring replicas and updates them sequentially. Every update travels around the ring from one server to another in the same order. This process can result in bottlenecks if the replica rings from multiple servers overlap. If two servers try to update the replicas on one server at the same time, one of the servers must wait. This wait can hold up the updates for the rest of the replica ring.

NetWare 5 does away with sequential updates. Instead, NetWare 5 servers randomize the order of the servers in their replica ring list before issuing updates, reducing the risk of overlapping replica rings.

To speed updates across slow WAN links and use WAN bandwidth more efficiently, Novell has changed how NDS transmits changes to replicas. NetWare 4.x sends only one object change in each data packet, while NetWare 5 can send multiple object changes in each packet. The number of objects that can be carried per packet will vary, depending on the size of the change and the size of your packets.

 

 

Enhanced manageability


Novell has made NDS easier to manage by giving you more flexible control over some object properties and by adding some useful utilities. If you've used NDS, you know that you can let objects inherit rights from other objects in your tree. Doing so can save time when you have to grant the same rights to many objects in the tree.

 

 

Inheritable ACLs


Novell has added a new type of inheritance to NDS called inheritable ACLs. You'll appreciate inheritable ACLs if you have to maintain several users on your network whose information constantly changes. You can use inheritable ACLs to assign supervisor rights over specific parts of an object, such as addresses or phone numbers. Now, you can create a group of users who can manage and change certain parts of the user information for you. But at the same time, you don't have to worry about granting general administrator rights to people who might accidentally cause damage to your network.

 

 

Password Management Property


One of the most common problems you've probably encountered is a user forgetting a password. In NetWare 4.x, the only way you could give a user the ability to change the passwords of other users was to give him or her full Administrator rights. Rather than having to change passwords yourself, you can use NetWare 5's new Password Management Property to grant rights to a user who you want to delegate password responsibility to. If you set a user's Password Management Property, that user can go into the NDS and change another user's password. But you don't have to worry about the user viewing passwords—the user can only change them, not see them.

 

 

DSDiag and Schema Manager


To further ease your job of managing the NDS tree, Novell has introduced two new NDS utilities: DSDiag and Schema Manager. We'll cover both utilities in greater detail in the future.

DSDiag is an NLM that runs on your server. DSDiag gathers information about NDS from all the servers in your NDS tree. It gives you such information as:

The versions of NDS running on your servers
What NDS processes are running
The NDS partition tables on the servers
The replica rings for each partition
Synchronization status for all replica rings
A comparison of information between replicas in a ring

NDS Schema Manager runs in the NDS Manager utility. Unlike DSDiag, which runs as an NLM on your server, Schema Manager runs from your workstation.

The schema is a set of rules that the NDS database uses to control which objects and properties can appear in the database. NDS Schema Manager grants you full control over all aspects of your NDS tree's schema. You can use it to view or change virtually everything about the schema of your NDS tree. You can even create entirely new objects in your tree or add properties to existing objects.

Conclusion


NDS is (and has been) a flexible, powerful directory service. Ever since introducing NDS to NetWare with NetWare 4.0, Novell has worked to improve NDS and add new features. The tradition continues with NetWare 5. As we've discussed in this article, the new features in NetWare 5 help you manage and improve the performance of NDS in large networks.

 

 

  People have seen this web site.  

   

Send mail to webmaster@kjp-ltd.co.uk with questions or comments about this web site.