Douglas Ouzts

1
Identity Based Storage Management
Novell File System Factory

• Douglas Ouzts
• Condrey Consulting Corporation
• douzts_at_condreyconsulting.com

2
The one Net vision
3
The one Net vision
4
Agenda

• Introduction to Condrey Consulting Corporation
• Identity Based Storage Management
• File System Factory Overview
• File System Factory Technical Components
• IUAdmin - Web Based Access and Management
• AuditLogin Whos Accessing Storage
• TrustFun File Rights Trustee Analysis
• Live Demo
• QA

5
Condrey Consulting CorporationCompany Overview

• David Condrey Owner and CEO
• US Software Engineering Corporation based in
  Greenville, SC
• Customers in 33 countries representing
  Commercial, Fortune 1000, State Federal
  Government, Military, Healthcare, Higher-Ed and
  K12
• Well known and respected by customers, especially
  in the academic market
• Well known at Novell Model Partner
• Invested in the future of Novell

6
Condrey Consulting Products Overview

• Novell File System Factory Novell Nsure -
  Novell Price List
• Identity Based Storage Management
• Ties Provisioning to the NetWare OS Event
  Driven and Policy Based
• Lifecycle Content and Data Management
• IUAdmin
• Policy Based Personal and Collaborative Storage
  Access
• Integrates with File System Factory
• Integrates with exteNd Portal, Virtual Office and
  iChain
• Web Based Access to Personal and Group Content
• Web Based Help Desk Administration
• Web Based User Self-Service and Password Reset
• AuditLogin and TrustFun
• Whos Accessing Storage and What Rights Do They
  Have?
• Login/Logout - Date, Time,Workstation
• Trend Reports and Graphs
• File and Directory Rights Analysis

7
File System Factory Education Customers

• University of Kentucky 43,000 users
• Northern Illinois University 67,000 users
• Minnesota State Colleges Universities 93,000
  users
• Charleston County Schools, SC 42,000 users
• University of Georgia 60,000 users
• Embry Riddle University 12,000 users
• Hemet School District, Los Angeles
• Grand Rapids Community College
• Savannah Chatham County Schools, Georgia
• Douglas County Schools, Georgia
• Newton County Schools, Georgia

8
More File System Education Customers

• Escondido Union High School District
• Sutton Public Schools
• Ramaz School
• Augsburg College
• Southwestern Community District No. 9
• Le Moyne College
• Macon County R-1
• Grant MacEwan College
• Clemson University
• Community Consolidated School
• District Illinois
• Ramaz School
• Augsburg College

• Northwestern Michigan University
• Old Dominion University
• Madison Area Technical College
• Waukesha County Technical College
• Blackhawk PA School District
• Marysville Village Schools
• Spearfish School District
• Maine Township High School District
• Waubonsee Community College
• Western Illinois Univeristy
• Escondido Union High School District
• Sutton Public Schools

9
Sample of Education Customers Leveraging
File System Factory, IUAdmin and AuditLogin
10
Identity Based Storage Management
11
The Challenge

• Do you give all your users home directories?
• If you do, how do you manage the disk space?
• Do you evenly distribute the disk space?
  Criteria?
• How do you manage growth?
• If you do give your users home directories, how
  do you clean them up? How extensible is it?
• Do you give ALL your groups of users
  collaborative storage space?
• Business All working groups?
• Education All sections of all classes?
• Do you evenly distribute the disk space?
• How do you manage growth? Cleanup?

12
Creating and ManagingeDirectory Objects
Datafile
Datafile
LDIF
App
13
File System FactoryPhilosophy and Mission
14
A New Philosophy
Point your tree
at your disk
and be done with it.
15
Mission 1
Automatic disk space for ALL Users!
16
Mission 2
Automatic disk space for EACH Work Group!
17
Solution
Yeah, we can do that
We
create it,
manage it,
clean it up!
and most importantly
18
Solution
All you have to do is create the objects
any way
you want
well handle the rest!
19
What is File System Factory?
20
Identity-Based Storage Management
Identity Mgr
PeopleSoft
Driver
Driver
LINUX
Driver

• Policy Based, Event-Driven
• Control it with ZENworks
• like policies.
• Load balancing

• Storage creation
• Storage management
• Storage cleanup
• Personal user storage
• Group storage

21
Novell File System Factory Overview

• Automatic NetWare storage which provides access
  from Windows, Mac, UNIX, and the Web.
• Relieves disk management headaches.
• All Namespaces
• Traditional and Novell Storage Services (NSS)
  supported
• Built on procedures proven in real world
  environments.
• Load balancing.
• Automated policy based data Migration between
  servers
• Cleanup (everybodys pain point) is now automated
  based on policy.
• Executive and Administrative Dashboard
• Employee Data Manager (Workflow)
• Web Based Quota Manager
• Web Based File System Rights Analysis

22
File System FactoryStorage Management based on
Policy and Events
You Create and Manage objects any way you want,
FSF will handle the file system.
23
Coming up Next
File System Factory for
Microsoft Active Directory Linux
24
Provision and De-Provision Storage for Netware,
Active Directory and Linux
Identity Mgr
PeopleSoft
Driver
Driver
LINUX
FSF
25
Methodology
26
FSF Methodology
New workflow component allows employees manager
to review, reassign, or vault user data prior to
deletion.
Algorithm Random Balance Rights RWCEMFA Quota
150 MB Template SERV1/VOL1Procedures DelWait
90 Days
Target File Systems
Policy

• Create

• Rename

BJones
BSmith

• Delete

RWCEMFA
Copy
BSmith
BJones
150MB
SERV1/VOL1Procedures
27
Policy Assignment Data Migration

• Seamless
• Fault-tolerant
• Safe

BSmith
BSmith
Scheduler 900PM
BSmith 50MB
BSmith 25MB
28
Northern Illinois UniversityData Migration -
Backfill
BSmith
RJones
KJackson
RCroom
DWyatt
Pentium Pro 200s 0 Users
Pentium Pro 200s 67,672 Users
29
Data Migration Scheduling
30
Policy Assignmentscan be made via

• File System Factory Web Interface
• LDAP
• Nsure Identity Manager
• NDK Application

CNBSmith SurnameSmith StudentID123456789 cccFSF
actoryPolicyRiverside.Schools.Jefferson
31
Collaborative Storage
32
Why is this Important?

• Sharing data and working together is what
  networks are all about.
• Yet in most environments, managing shared disk
  storage is the most manual process in the shop.
• This means its resource intensive.
• This means it is not managed in a timely manner.
• This means that many times collaborative storage
  just does not happen.

Why do we have this network again?
33
Policy Definitions
Paths
Quota
Rights
Template

DeleteWait
34
Policy Definitions
cccFSFactoryHomedir
Home Directory
Paths
Paths
Quota
Quota
Rights
Rights
Template
Template


DeleteWait
DeleteWait
35
Business FSF Group Policy Example
Algorithm Random Balance Rights Template Quota
500 MB Template SERV1/VOL1ProjectFiles DelWait
Never
Assign Policy to Projects Container
Target File Systems
Policy
Create Project Group Object
ATL-BLDG-1
Automatically Create Project Storage and Assign
Policies
ATL-BLDG-1
Copy Project Files from Template
Copy
150MB
SERV1/VOL1ProjectFiles
36
Education Group Policy Example
Algorithm Random Balance Rights none Quota 500
MB Template SERV1/VOL1Courses DelWait 90 Days
Assign Policy to Courses Container
Target File Systems
Policy
Create Course Group Object
SPAN340-001
Automatically Create Group Storage and Assign
Policies
SPAN340-001
Copy Course Files for Each Student from Template
Copy
150MB
SERV1/VOL1Courses
37
Group Policy TemplatesConfiguration Steps
Create Group Object
SPAN340-001.MS.COURSES.STATEU
Create FSF Group Policy Using the FSF Management
Interface
Create eDir Objects
Assign Members Owners to the Group
Create Template
Assign Rights to Directories
38
Group Policy Templates
Assign Students as Members and Instructors as
Owners
Members
Owners
JSmith.Students.STATEU MRoberts.Students.STATEU NF
rost.Students.STATEU PJones.Students.STATEU RBrook
s.Students.STATEU SSmith.Students.STATEU STimms.St
udents.STATEU TJones.Students.STATEU TSmythe.Stude
nts.STATEU WClark.Students.STATEU
ABelcher.Staff.STATEU KAlesanto.Staff.STATEU
39
Group Policy Templates
File System Factory Automatically Provisions
Storage for Students and Instructors
40
Universal Resource Access(URAccess)
41
Wheres my stuff?

• Users need an easy way to find their storage
  even if you need to move it.
• Personal Storage and Group Storage.
• Map a Drive? Theres only so many letters in the
  alphabet.
• Login Script Management is a headache for group
  storage.

42
URAccess

• End-User tool for dynamically building
  personalized access links to storage.
• Leverages Home_Directory user attribute for
  personal storage.
• Leverages cccFSFactoryHomedir group attribute for
  shared storage.
• Creates a local set of UNC paths and description
  presented to the user in a Windows UI.
• Like App-Launcher for ZENworks, except provides
  access to storage.
• List can be refreshed at any time.
• Supports multiple tree connections.

43
URAccess
BOB.USERS.ACME
Home Directory
CLUST1/USERVOL6USERS\BOB
SecEqual
EVERYONE.ENGR.ACME BIG PROJECT.ENGR.ACME MANAGERS.
ENGR.ACME SMALL PROJECT.ENGR.ACME
EVERYONE.ENGR.ACME
cccFSFactoryHomedir
SERV6/GVOLENGR\EVERYONE
cccResource
http//www.IEEE.com
NWCCGetAllConnRefInfo()
requires IUAdmin
44
URAccess
45
Executive and Admin Dashboards
46
Executive Storage Dashboard
Storage Trends on User and Group Policies
47
Administrative Storage Dashboard
Event Statistics
Storage Health Check
https//your.server.name.or.ip.address8009/FSF/HT
TP_FSFExecutiveDashboard.
48
Web Based Quota Manager
49
Web Based Quota Manager Policy Configuration
50
Quota Manager Help Desk Interface
https//your.server.name.or.ip.address8009/FSF/HT
TP_FSFQuotaMgr
51
Quota Manager Help Desk Interface
52
Quota Manager Help Desk Interface
53
File System Rights Analysis
54
File System Rights Analysis
55
Rights Analysis
OWNERS
MEMBERS
56
Employee Data ManagerWorkflow
57
Novell eGuide Manager
58
Policy Configuration
59
Employee Data Manager Interface
60
Identity Based Storage Management
Identity Mgr
PeopleSoft
Driver
Driver
LINUX
FSF
61
Technical Overview
62
What are the requirements?
Any Novell supported version of NDS or
eDirectory (6.xx, 7.xx, 8.xx, 85.xx, 8.6.x,
8.7.x)
NetWare 5.1 SP6 or later NetWare 6.0 SP4 or
later NetWare 6.5 or later
NetWare 6.0 SP4 or later NetWare 6.5 or later
NetWare 4.x SP9 or later NetWare 5.0 SP6a or
later NetWare 5.1 SP6 or later NetWare 6.0 SP4 or
later NetWare 6.5 or later
63
Global Event Subsystemand Transaction Tracking
FSF_Event
FSF_Event
FSF_Event
Event DB
FSF_Engine
64
The State Machine Architecture
Neither rain, nor snow, nor sleet, nor gloom of
delayed DS synchronization shall stay this system
from the swift (or eventual) completion of its
appointed tasks

• DS is replicated.
• Servers go down for maintenance or other
  reasons.
• Routers die.
• Fiber is dug up on occasion.

Thats real life.
65
The State Machine Architecture
Event AddUser
Server Z
RWEMFA
66
Actions and StatesAdd User

• define FSF_ACTION_NEW_USER 4000
• define FSF_ACTION_NEW_USER_STATUS_WAIT_TO_SEE
  4010
• define FSF_ACTION_NEW_USER_STATUS_WAIT_FOR_POLICY
  4013
• define FSF_ACTION_NEW_USER_STATUS_GET_POLICY
  4016
• define FSF_ACTION_NEW_USER_STATUS_WAIT_FOR_PATHS
  4018
• define FSF_ACTION_NEW_USER_STATUS_PICK_LOCATION
  4020
• define FSF_ACTION_NEW_USER_STATUS_NO_PATHS 4021
• define FSF_ACTION_NEW_USER_STATUS_CREATE_DIRECTOR
  Y 4030
• define FSF_ACTION_NEW_USER_STATUS_SET_OWNER 4035
• define FSF_ACTION_NEW_USER_STATUS_APPLY_TRUSTEE
  4040
• define FSF_ACTION_NEW_USER_STATUS_SET_QUOTA 4050
• define FSF_ACTION_NEW_USER_STATUS_COPY_TEMPLATE
  4060
• define FSF_ACTION_NEW_USER_STATUS_SET_HOMEDIR_ATT
  RIBUTE 4070
• define FSF_ACTION_NEW_USER_STATUS_SET_MESSAGE_SER
  VER_ATTRIBUTE 4075
• define FSF_ACTION_NEW_USER_STATUS_USER_EXIT 4080
• define FSF_ACTION_NEW_USER_STATUS_NORMAL 4090

67
State and the Process Queue
Server R1
Server R2
Server E
FSF-ENGINE
68
Internet User Administrator IUAdmin
Web Based Access and Management
69
IUAdmin

• Web Based Access to Netware Personal Home
  Directory Storage
• Managed by File System Factory Policies
• Web Based Access to Collaborative Group Storage
  Based on
• File System Factory Policies
• Integrate with Novell Extend Portal, Netware 6.5
  Virtual
• Office Portal and Novell iChain
• User Self Service
• Self-Service Password Reset
• Let Users Optionally fix their own problems
• Help Desk Administration
• Location and Departmental based Help Desk
• Help Desk Group Management
• User Help Indicators Identify Account Problems

Intruder Lockout
Grace Logins
Login Disabled
Account Expired
70
IUAdmin -Web Based Access Management
Personal Storage
Group Storage
71
IUAdmin Help Desk
72
IUAdmin Architecture

• Built on top of Novells HTTPSTK..no webserver to
  install or configure.
• SSL connections for security.
• Contextless Login.
• No schema extensions. However
• optional extensions are provided
• for increased functionality.
• Runs on Netware 5.1 or above with
• any version of eDirectory.

Help Desk
User Self Service
File System Access
File System Mgt
IUAdmin Core Architecture
File System Factory
Resource Mgt

Other products provide Management Paks that plug
in to the architecture.
AuditLogin Trustfun
ePortfolio
73
AuditLogin TrustFun
Security - Audit Access Rights Analysis
74
AuditLogin

• Audits all objects in tree in a single operation
  
• No configuring multiple containers.
• Logs are automatically cleaned up based on user
  parameters
• Logs from all servers are consolidated into a
  single set of
• comprehensive files.
• Log files are simple text files that can be
  easily searched or
• imported into other programs for trends
  analysis.
• 5 minute installation.
• Self-Maintaining based on user options.
• Multiple log formats supported.
• Remote server configuration from Windows
  workstation.
• Graphing subsystem that supports multiple
  servers
• concurrently on a single graph.

Currently Installed in 33 Countries
75
AuditLogin Graph
76
AuditLogin - Log File Report
77
TrustFun - Rights Trustee AnalysisWin32
Application
78
TrustFun Report
79
Trustee Assignment Detail
80
Tying it all together
GroupWise
File System Factory
NetMail
Employees
Novell iChain
Identity Based Storage Management Home
Directory Management Group Storage
Management Web Based Quota Management
File Rights Trustee Analysis Exec and
Admin Storage Dashboards Employee Data
Manager (Workflow)
Web Based File Storage
Access Help Desk Self Service
Password Reset
IUAdmin
AuditLogin Report Graph
AuditLogin
81
How can Condrey Consulting Help ?

• Partner Training on File System Factory, IUAdmin
  and AuditLogin
• Proposal Templates and Best Practices to get
  Partner Jump Started
• Design and Implementation Support
• Partner Resource Portal Sales, Marketing and
  Technical Resources
• One Year Internal Use of CCC Products with Annual
  Renewal Based on Product Sales and Commitment
• Discounts based on Volume of Sales
• 50,000.00 and Above 25
• 25,000.00 - 49,999.00 20
• Up to 24,999.00 15

82

• DEMO

• File System Factory Initial Installation
• Review of Management Interface
• Backfill Existing Users - Create a User Policy
• Move Users to new location Move Files
• Rename User
• Delete User Clean Up Files
• Group Course Policies Business Education
  Example
• Rights and Trustee Analysis
• URAccess Access to Group Storage No Drive
  Mappings
• Quota Manager Interface
• Executive Dashboard Interface
• IUAdmin Web Based Access and Management

83
For More Information

• Visit www.novell.com/products/filesystemfactory
• Visit www.filesystemfactory.com
• Discuss on the FSF forum at http//support.novell.
  com/forums/
• Send product questions/suggestions to
  FSFDev_at_novell.com
• Visit www.condreyconsulting.com
• Talk to your Local Account Team or Business
  Partner Rep
• 50 Off Promotion for VLA, CLA and MLA Customers