Iowa/Nebraska Novell Technical Blast
John Bezy, Novell Iowa/Nebraska Systems Engineer
Vol 4, No 3 - 2/11/02
** High Priority **
BrainShare 2002- Reduced Price Deadline Nears
BrainShare 2002 is just around the corner! So get ready, set, go to
learn first-hand about Novell's latest products and strategies. Get
hands-on technical experience. See the latest third-party offerings.
Network. Play in the technology lab. Take a certification test. And have
fun! As every year, BrainShare 2002 will be held in Salt Lake City,
Utah, at the Salt Palace Convention Center; the dates are March 17 through
March 22, 2002. Online registration started December 1, 2001 at www.novellbrainshare.com.
If you register before February 15, 2002, registration costs $1,495.00.
After that, it's $1,695.00.
Also, Vertical Track available For BrainShare
For the first time ever at BrainShare, a vertical track is available
which includes sessions specific to customers who are in Government,
Healthcare, Education, Finance and Small Business. Right now there are
20 classes available, but rumor has it that a few more might be added.
More info can be found at http://www.novellbrainshare.com/portal/controller/catalog,
select the "track" tab and then choose "Industry Vertical Solutions"
from the drop-down list.
FYI-
After I sent out the last edition of the eBlast, I received about 10
returns stating my eBlast contained a virus, and that the e-mail was
not delivered. My eBlast did NOT contain a virus. It did contain
information about the latest virus at that time and included the text
of the message delivered by the virus. You can review that last blast
at the CINP web site at http://www.cinp.net/nov_blast.html.
Seems your virus scanning is even determining that viruses exist inside
plain text messages. Interesting. Just be aware this is happening. I
hope your e-mail system is not simply discarding these messages without
human review- if so, I bet you are losing lots of important e-mails,
besides just mine....
Iowa/Nebraska Upcoming Events
Novell Portal Services
Novell Portal Services enables organizations to create personal Web
portals that give their partners, customers and employees all the
relevant information, resources, tools and applications they need to
conduct business and execute their daily work responsibilities. Novell
Portal Services presents within the user's web browser a customized
collection of services and resources, appropriate to the user's specific
needs, interests, roles and responsibilities. This is a Free event.
March 5, Des Moines, IA Help Desk PM
http://register.novell.com/login/index.cfm?action=prelogin&fuse=event&id=3129&event_id=3129&lcode=enu
March 6, Omaha, NE Compaq Office AM
http://register.novell.com/login/index.cfm?action=prelogin&fuse=event&id=3130&event_id=3130&lcode=enu
Novell SecureAccess
What is Novell's SecureAccess??
The seminar presenters will discuss Novell's solutions to:
The CIO Corner
CIOs talk back about Microsoft's Licensing Programs
CIO Magazine, BY SCOTT BERINATO
"Microsoft came up with a new subscription licensing model, called Licensing
6.0 and Software Assurance, saying it made life simple for corporate
IT. But CIOs are now saying the plan is a long ride with a fare that
keeps climbing."
http://www.cio.com/archive/011502/meter.html
CEOs Take Closer Look At Security
By Eric Chabrow, Jan 23, 2001
"Nine of 10 CEOs at companies with yearly revenue of $1 billion or more
have personally reviewed disaster-planning documents since Sept. 11,
according to a survey by Booz Allen Hamilton. And, not unexpectedly,
two-thirds see their companies spending more on security in the foreseeable
future."
http://www.informationweek.com/story/IWK20020123S0007
Technical Tips
Linux on The Desktop??
We are looking for details of customers who are seriously evaluating
or have deployed Linux on Intel on the desktop. Please feel free to
let me know about how great Linux would be, ZENworks for Linux, how
evil MS are etc. etc. - just in another email. Something like this:
http://www.theregister.co.uk/content/4/23667.html
Consider- ZENworks for Servers 3 - Indy - will allow management of a
Linux box; RPM management, software distribution, configuration policy
management. We are looking for 'what is missing' or 'what needs tweaking'
to make this usable for customers: Inventory, remote control, specific
policies (i.e. for X, desktop) .... Let me know..
Ports Used By ZENworks for Desktops v3.x??
Here they are..
UDP 67 Used for both DHCP and Proxy DHCP (PDHCP.NLM) w/
ZENworks PreBoot Services. Only one of the two services can utilize
this port. If both are running on the same machine port 4011 will be
used as well.
UDP 4011 Used for Proxy DHCP (PDHCP.NLM) when a DHCP server
is already running on the machine you are installing PDHCP to.
UDP 18753 Port used for communications between the Di-NIC client
and the Di-NIC server.
UDP 69 Port used for TFTP. Used by PreBoot services to
send the files to the PXE enabled clients.
TCP 21 File Transfer Protocol (FTP). Used by the ZENworks
for Desktops 3 remote management components for file transfer. Opened
by SRVFTP32.EXE.
UDP/TCP 53 Domain Name Server (DNS). Used to resolve names
to IP addresses.
UDP/TCP 427 Service Location Protocol (SLP). Used to find
resources in a Pure/IP environment.
TCP 517 Used by ZENworks for Desktops 3 remote management for
chat functionality. Opened by WTALK32.EXE.
TCP 524 NetWare Core Protocol (NCP). Used for native NetWare
communications.
TCP 998 Used by the ZENworks for Desktops 3 imaging process.
All imaging data and operations occur over this port. Opened by IMGSERV.NLM.
UDP 997 Used by ZENworks for Desktops 3.2 imaging process
when multicasting a server based image.
TCP 1521 Used by ZENworks for Desktops 3 inventory database when
using Oracle as the database.
TCP 2638 Port used by ZENworks for Desktops 3 communication
with the Sybase database. Used between storer and database.
UDP 1761 Used by ZENworks for Desktops 3 remote management
for verification/security checking and remote execute processes. Opened
by WUSER32.EXE.
UDP 1762 Used by ZENworks for Desktops 3 remote management
for remote control and remote view. Opened by WUSER32.EXE.
UDP 1763 Used by ZENworks for Desktops 3 remote management
for remote diagnostics. Opened by WUSER32 when launching DIAG32.DLL.
UDP 1765 Used by ZENworks for Desktops 3 remote management
for remote wake-up of a workstation. Listed for by Wake-on-LAN cards
and the WUOLService.EXE.
TCP 8039 Used by ZENworks for Desktops 3 automatic workstation
import. Opened by the automatic workstation import service.
TCP 65432 Used by ZENworks for Desktops 3 inventory process.
Allows data to be sent between the sender and receiver. Opened by the
receiver.
TCP 80 This port is the standard web port and is used
by OnDemand's web server, iFolder and portal services.
TCP 443 This port is the SSL web port and is used by OnDemand's
web server, iFolder and portal services.
TCP 389 This port is the standard LDAP port and is used
by iFolder and portal services.
TCP 636 This port is the SSL LDAP port and is used by
iFolder and portal services.
NetWare Server License Download site NOW LIVE!
You can now download unique server licenses for NW6 Servers...electronically.
With the release of Novell's NetWare 6, Novell charges only for the
number of NetWare users that your customers have in your environment,
and not how many servers you have. However, each server still needs its'
own unique server license.
So to allow you the greatest flexibility for your architectural needs,
you can download as many unique server licenses as you need....free.
Just register on-line, and Novell will email you as many unique server
licenses as you need.
Here are some URLs for you to register their NW 6 server licenses:
NetWare 6 Mainpage: www.novell.com/netware6
NetWare Coolsolutions page:
http://www.novell.com/coolsolutions/netware/index.html
Novell Download site: www.Novell.com/download
Knowledge Base TID#11065536:
http://support.novell.com/cgi-bin/search/searchtid.cgi?/10065536.htm
Software Security - The National Infrastructure Protection Center
Do you know about the National Infrastructure Protection Center? It
lists software vulnerabilities by product for 2001 (mid-Dec 2000 to
mid-Dec 2001). Microsoft as vendor is cited 127 times, with the MS
platforms high many, many more. Novell is cited for 6 problems, while
NetWare is only mentioned once as having been a problem with a third
party product. Good site to know...
http://www.nipc.gov/cybernotes/2001/cyberissue2001-26.pdf
Using Native File Access? How do you search through all the
subordinate NDS containers to find users?
You can specify multiple contexts by editing the file SYS:ETC/CIFSCTXS.CFG,
then put it into effect by entering CIFSSTOP, then CIFSSTART at the
server console. Full details at www.novell.com/documentation,
NetWare 6...
Software Evaluation Library
Next edition- number 19- is due out any day now... How to get it?
If you are already not entitled to it, go to http://www.novell.com/products/evals/sel
to subscribe. Check out what's on the latest edition at http://www.novell.com/products/evals/sel/nsellist.html
Cool URLs
Liberty Alliance? Know What It Is? Who's Involved?
http://www.infoworld.com/articles/hn/xml/02/02/01/020201hnnovell.xml
and a related- Novell Joins the Liberty Alliance Project
(February 4 2002)
Novell joins other industry leaders to establish an open, federated,
single sign-on identity model, which will simplify and secure the process
of conducting business on the Net.
http://www.novell.com/news/press/archive/2002/02/pr02010.html
Trustworthy Computing? Interesting....
http://www.trustworthycomputing.com/
and another view...
http://www.theregister.co.uk/content/4/23966.html
iPlanet Security Flaws
http://www.theregister.co.uk/content/55/23609.html
Great iChain Article in InfoWorld
FYI: http://www.infoworld.com/articles/tc/xml/02/01/14/020114tcnovell.xml
Great Start Page..
http://www.us-webmasters.com/start.htm
Good Study on VPNs
http://www.nwc.com/1302/1302ws1.html
Letter to the Editor in Zdnet Tech Update (January 28, 2002)
"What do enterprises see in Exchange?"
http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2843185,00.html
eDirectory enlightenment
eDirectory has a very nice competitive page which has competitive documents
on iPlanet, IBM Secureway, Siemens DirX and Active Directory. The url
is http://www.novell.com/competitive/nds/library.html#CompetitiveDocuments
and there are also some reality checks and benchmarks. Again, more to
come in the competitive area for eDirectory too!
The Other Guys Corner
MS' highest priority must be security
the Register, January 17 2002
http://www.theregister.co.uk/content/4/23715.html
Privacy flaw continues to dig IE hole
CNET News.com, Jan. 15, 2002
http://dailynews.yahoo.com/h/cn/20020115/tc/privacy_flaw_continues_to_dig_ie_hole_1.html
Botched Update Puts Windows XP Updates on Hold
Reuters, Jan. 14, 2002
http://dailynews.yahoo.com/h/nm/20020114/tc/tech_microsoft_glitch_dc_1.html
Security Flaws May Be Pitfall for Microsoft
L.A. Times, Jan. 14, 2002
http://www.latimes.com/technology/la-000003463jan14.story?coll=la%2Dheadlines%2Dtechnology
Microsoft shuts down online developer store; security issue eyed
Computerworld, Jan. 14, 2002
http://www.computerworld.com/itresources/rcstory/0,4167,STO67382_KEY11,00.html
WinXP Is Secure!!
http://biz.yahoo.com/rf/020114/n14362629_2.html
Apparently, Windows XP is so secure, updates from the Microsoft site
to patch security holes in Windows XP are unavailable to Windows XP
users! Don't fret, there are two workarounds if you run into this....
1) Download from Win2K or WinME, which is, of course, less secure,
then put patches onto WinXP. This may or may not work, depending on
how invasive the Windows Update site is (e.g. a credit card / XP license
number / DNA typing report may be necessary).
2) Make your user on Windows XP a member of the "Administrators" group
- in the "MSCORP" domain. Don't worry, the administrator password is
'linux-RUL3Z' - they never change it. Removing ActiveDirectory altogether
may also help.
If You Are Having to Deploy AD, Think About These...
Top 10 Active Directory management bloopers
by Jan Stafford
The only consolation for IT managers who make mistakes in Microsoft
Active Directory (AD) migration and management is that they're not
alone. After helping folks migrate and manage AD over the last couple
of years, Doug Davis has seen more than his share of bloopers. In fact,
he's compiled a list of Active Directory blunders that can help you
avoid being company to those in AD misery.
1. Don't test Replication prior to going live. This one is repeated
time and again. "Replication is the lifeblood of an Active Directory
and when it doesn't work properly, late nights ensue," said Davis. If
you don't plan, test and prepare for replication, you'll end up in the
AD hall of shame.
2. Install the first Domain Controller without any planning. The first
step to bringing up AD is, of course, to install the root server. Prior
to this step you should have planned your forest, determined naming
standards, etc. "Many people don't because they are anxious to jump
in and start having fun with the system," said Davis. "This often leaves
them with awkward forest names or the pain of having to start the entire
process over again."
3. Neglect DNS. Without DNS there isn't a whole lot you can do with
Active Directory. In Active Directory, DNS is King, and has to be treated
as such. Many companies neglect planning their DNS infrastructure and
immediately get into problems trying to do such things as add new domain
controllers to the forest, or connect to the directory -- basically
anything that is required to really use Active Directory. DNS in Active
Directory isn't just about PING. "You need to understand how your DNS
infrastructure works and whether it will be able to support Active Directory's
requirement for dynamic DNS and service resource record maintenance,"
explained Davis.
4. Manage Active Directory as if it were NT. This seems to make sense,
but a surprising number of IT managers don't take advantage of the new
management capabilities of AD, treating it in much the same fashion
as NT. "AD is not NT," Davis asserted. "Don't add everyone to the Enterprise
Admin group. Continue to ask yourself, 'Why am I not using native delegation?'"
The delegation engine in Active Directory is extensive and robust.
"Ignore it, and things will get ugly," he warned.
5. Have a complicated Naming Standard. Numbers can be easily
sorted, but they make lousy naming conventions because who can remember
if Rebecca is IK000098 or IK90887? Davis spent many minutes watching
network administrators hunt and peck for the account they need. Then
they end up calling the end user to say, "What is your network ID again?"
It doesn't matter whether you use attributes in AD or you add one yourself,
"just don't clutter up the full name or display name with info that
can't be used," Davis said.
6. Deploy too many forests, domains, OUs. "We see this all the
time," Davis said. "It's fun to create new forests, domains or OUs, but
the price is administratively so high that we wonder why our customers
get trigger happy to add new entities." Always ask yourself, honestly,
why one forest, one domain and one OU isn't enough. Question every addition.
"We have had to go into companies and do bulk re-orders of OU structures
when folks just got out of hand," said Davis. "When you start deploying
GPOs into a five domain, 300 OU AD deployment, things get messy fast."
When you consider the amount of administrative delegation you can do
with native delegation, those extra OUs often don't help out as much
as you might think.
7. Deploy GPOs without understanding what they do. Group Policy
Objects are powerful tools to ensure that the end user experience is
exactly what is required, that security policies are enforced, and that
crucial software is published and deployed. "Just jump right in, however,
and you will make systems unusable," Davis said. "Read up on GPOs, understand
what they can do, and deploy them gradually. You will thank me for this
one!"
8. Go nuts with Schema Extensions. Active Directory now has a
robust schema that can be easily added to, but you have to be careful.
Adding new attributes that are not static (i.e. you can make many changes
to them) will bog replication down. Also, attributes can only be disabled
immediately after they have been added, so you will be stuck with attributes
you don't want if you're not careful. "It's not scary stuff; just plan
for it," Davis advised.
9. Add too many attributes to your Global Catalog. The Global
Catalog is a quick search engine for AD and is used extensively by your
end-users. "Quite a few times, we have been called in to improve the
speed of queries," Davis noted. Why? Admins have added attributes to
the Global Catalog in order to help with specific queries, which unfortunately,
completely bogged down the Catalog. Keep it simple.
10. Use ADSIEdit with abandon. "ADSIEdit (available from the
resource kit) is a cool tool because it allows you to get right into
the attribute settings for any object," said Davis. In this way, it
is similar to the raw property mode of Exchange Administrator. "However,
just because you can see an attribute value doesn't mean you should
change it," he warned. "And sometimes when you change values, you can't
change them back." Determine what the attribute in question does and
why you think it should be modified before mucking around it there.
Finally, a good way to avoid mistakes is to use MSDN. This is a treasure
trove of faithfully updated information, said Davis. Yet, many IT professionals
are unaware of this resource. "Go to www.msdn.microsoft.com
and check on your issue before you do anything else," he advised. You
could find information there that will help you avoid landing on Davis'
blooper list!
Send Spammers Packing
http://www.networkcomputing.com/1303/1303colbarney.html
But check out the last several paragraphs. Secure MS .Net? Compromised
by a teenager? Makes me feel secure...
Education
Help Desk, Des Moines, IA
Advanced Network Technologies, Omaha, NE
New Certified Novell Salesperson Courseware Available
The latest edition of Selling Net Services Solutions version 6.0 has
just been released. It includes updated materials on Novell's strategy,
NetWare 6, new versions of the ZENWORKS family, Security and Provisioning
solutions including industry partner examples, increasing your revenues
with Novell licensing options, along with coverage of other great Novell
solutions. Completing this courseware prepares you to take the Certified
Novell Salesperson exam and obtain your CNS certification.
http://www.novell.com/partners/channel/academy/spresent.html
DirXML Training This Spring
Novell will be delivering DirXML version 1.1 Advanced Technical Training
this Spring. In this intense, four-day, hands-on course, you will learn
solutions, configurations, and customization of various shipping drivers;
tips and tricks; troubleshooting drivers; debugging; eXtensible Stylesheet
Language Transformations (XSLT); applications; and much, much more.
Class dates and locations will be:
February 19th Detroit, Michigan
March 25th Provo, Utah
April 16th Tampa, Florida
For a complete course description and registration information, contact
Jason Chapman at (801) 861-1784.
Novell Net Solutions Free WebCasts!!!
There will be one web cast for each of the following joint solutions:
1. Rapid Technology Rationalization (RTR) Solution, February 13, 1:00 PM EST, One Hour
Register today at www.novellnetsolutions.com
or call 800-608-1800. For more information on the Novell Rapid Technology
Rationalization Solution visit www.novell.com/solutions/rtr.
Register by Monday, February 11 to enter the drawing for a Sony Digital
Recorder.
2. Identity Provisioning for PeopleSoft (IPP) Solution, February 20, 1:00 PM EST, One Hour
Register today at www.novellnetsolutions.com
or call 800-608-1800. For more information on the Novell Identity Provisioning
for PeopleSoft Solution visit www.novell.com/solutions/ipp.
Register by Monday, February 18 to enter a drawing for a Sony Digital
Recorder.
3. Active Information Portal (AIP) Solution, February 27, 1:00 PM EST, One Hour
Register today at www.novellnetsolutions.com
or call 800-608-1800. For information on the Novell Active Information
Portal Solution visit www.novell.com/solutions/aip.
Register by Monday, February 25 to automatically enter the drawing for
a Sony Digital Recorder.
4. Secure Partner Portal (SPP) Solution, March 6, 1:00 PM EST, One Hour
5. Business Process Management (BPM) Solution, Date and Time TBD
Agenda for all 4 web casts, all times in EST:
1:00 - 1:05 PM: Introduction & Welcome
1:05 - 1:35 PM: Benefits of each Solution presented
1:35 - 1:50 PM: Analyst Speaker
1:50 - 2:00 PM: Q&A and Prize Drawing
Partner Information
PartnerNet 2002 Program Announced
Well 2002 is here and so is the NEW and IMPROVED Novell PartnerNet Program.
There have been several new changes made to the PartnerNet Program for
2002, with NOVELL CERTIFICATIONS leading the way. So here is your opportunity
to get CNS Certified. Below are the registration web sites for the
upcoming CNS Training to be held:
Omaha
2/19 8:30am - 5pm
Compaq, 1000 N. 90th Street
https://register.novell.com/login/index.cfm?action=prelogin&fuse=event&id=3090&event_id=3090&lcode=enu
This new training is going to be very valuable in selling Novell's NetWare
6, ZEN for Desktops 3.2, GroupWise 6, and new "solutions" like iChain,
DirXML, OnDemand, and Novell Portal Services.
NOTE: CNS Certification is a REQUIREMENT for ALL levels of the Novell
PartnerNet Program.
Should you have any questions please contact myself or Steve Ferrick
(515.537.5300). We look forward to seeing ALL of you at the nearest
event to you.
Sales Stuff----
New IDC Report Ranks Novell BorderManager Among Top 5 Firewalls
In its December 2001 bulletin, "Who's the Lord of the Rings? Worldwide
Firewall/VPN Software Market Forecast and Analysis, 2001-2005," IDC
ranked Novell among the top five companies competing in the firewall/VPN
market. Novell captured 4.1% of the market share with Novell BorderManager,
earning $30 million in revenue in the 2000 firewall/VPN market space-an
increase of 4% over 1999.
Novell BorderManager is one of Novell's premier access and security
solutions. With its powerful directory-integrated features, it enables
companies to control, accelerate and monitor their users' Internet
activities. Because Novell BorderManager leverages identity-based access
control and forward proxies, companies can safeguard their network
against undesirable Internet content while maintaining exceptional
performance levels. Novell BorderManager also integrates VPN services,
an industry-certified firewall and a scalable content-filtering service
to ensure that companies' networks are protected and their users are
productive.
IDC foresees continued growth in the worldwide Firewall/VPN market.
In fact, IDC predicts that the firewall/VPN market will grow to $1.7
billion by 2005. In its study, IDC considered the twenty leading
providers of Firewall/VPN services. Novell was ranked ahead of such
formidable competitors as IBM, Network Associates, Sun Microsystems
Inc., and others. Novell is committed to increasing its market share
in the firewall/VPN market and will continue to invest in Novell
BorderManager. Novell will be releasing a new version of Novell
BorderManager in the second quarter of 2002.
New Phone Number for Iowa/Nebraska Account Manager
Steve's numbers now are:
(new) Novell Office #515.537.5300
(same) Cellular Ph #515.250.6194
(same)TollFree Fax #866.618.4712
Administration Information:
Trouble Incident Escalation
I am NOT a Tech Support person... But, if you have an open support incident
and it has been open for an unusually long period of time, one of my
functions is to help escalate the issue inside Novell Tech Support. I
will decide what the 'unusually long period of time' is... If you have
a support contract, your issue should be resolved within days (resolved;
depending on the level of the support contract, someone should contact
you within minutes/hours to start working on it.) Without a support contract,
you might face hours/days of waiting before tech support can address
your call. So, if you feel you need assistance, send me an e-mail describing
the incident, the incident number, and who to contact. If you don't have
an open incident, don't get me involved until you do.
How to Get Tech Support
Want to see how some of our solutions work?
Check them out at the on-line demo city... http://democity.novell.com/staticindex.html
Due a Software Upgrade?
Here is how the process works.... You should receive an e-mail from Novell
Sales Operations stating you are entitled, as an upgrade protection customer,
the next upgrade for product XYZ... You should then go to the upgrade request
site at www.novell.com/licensing/upgfulfill
and fill in the appropriate lines and information. Your upgrade should then
be shipped second day.... BUT turnaround time is dependent on when the product
is actually available for FCS (First Customer Ship), which could be days or
weeks after the actual product announcement. If you are then having problems,
please let your IA/NE Novell team know so we can get involved.
Previous Editions of this E-Blast
Have you missed previous editions of this newsletter? Want to read them?
Thanks to the CINP (Central Iowa Network Professionals), they have posted
them all at http://www.cinp.net, Links, then 4th item down under Novell,
or directly to http://www.cinp.net/nov_blast.html...
Subscribe to news listservs at:
For GroupWise list: http://www.ngwlist.com
For Syracuse U NetWare list: listserv@listserv.syr.edu with 'subscribe novell' in message body
Disclaimer:
Information contained herein is provided as-is. Opinions are those of
the author and may or may not be the same as those of Novell, and are definitely
NOT attributable to Novell unless otherwise noted.
John Bezy
Technology Account Manager
Iowa/Nebraska
ph: (402) 291-1808
eFax: (561) 760-6149
fax: (402) 291-4529
Novell-the leading provider of
Net Services Software
www.novell.com
jbezy@novell.com
Last Revised February 11, 2002. Site maintainted by MG Consulting and Colorfx Marketing Services, sponsors of the Central Iowa Network Professionals.
Feedback |
Legal |
Privacy
© 1999-2002 Central Iowa Network Professionals