Novell is now a part of Micro Focus

Overview of NetWare 4.0 New Features

Articles and Tips: article

ROBERT E. JONES
Senior Technical Writer
Systems Research Department

01 Apr 1993


NetWare 4.0 offers many new and exciting features not found in previous versions of NetWare. This AppNote highlights the most important new features and gives a feature-by-feature comparison between NetWare 4.0 and NetWare 3.11.

Introduction

NetWare 4.0 is the most advanced and powerful network operating system available today. This release represents the ninth generation of NetWare development. It adds a whole new dimension to network computing, extending network services and making network management easier than ever.

Currently, peer-to-peer networking is receiving a lot of attention in the computer industry. Although these types of networks can address the needs of small businesses or departments, they tend to introduce resource security and management problems in a corporate networking environment. For critical business data to be viably handled on a network, the underlying platform must be robust enough to handle network-wide administration and management. It must also provide ample security to protect sensitive corporate information.

NetWare 4.0 allows better management control, easier maintenance, and more flexible security options than any other network operating system currently available. It is the ideal platform for today's sophisticated networking needs, and it will continue to support those needs as network computing evolves in the future.

This Application Note introduces some of the major new features of NetWare 4.0. For those familiar with previous versions of NetWare, it contains a feature-by-feature comparison of NetWare 4.0 and NetWare 3.11. More detailed information is contained in subsequent AppNotes in this issue.

NetWare 4.0 New Features

NetWare 4.0 inherits all the capabilities of earlier versions of NetWare and adds many new, exciting features. The most significant new features are the replacement of the bindery with NetWare Directory Services, increased security capabilities, and more flexible DOS client software. (These features, as well as installation, migration, and coexistence, are discussed in more detail in the other AppNotes in this issue.)

The sections which follow provide an overview of new features. For more information, refer to the NetWare 4.0 documentation.

NetWare Directory Services

In NetWare 4.0, the bindery has been replaced by NetWare Directory Services (NDS). NDS maintains a global, distributed, replicated database of information about network resources such as users, groups, servers, volumes, printers, computers, modems, and soon. With NDS, it is now possible to integrate a diverse network of resources into a single, easy-to-use environment.

The advantages of NDS are many. NDS provides a new network-wide login which makes network navigation and resource access easier for authorized users. Instead of logging in to specific servers, users can now login to the network. They can then access all the resources and services they have rights to, without having to explicitly login or attach to other servers. NDS handles all of the address resolution issues in the background, so users are shielded from the complexity of having to understand the network topology, protocols, media, and communication links.

Because the NDS database is replicated, multiple copies of users' required login information are spread throughout the network. This replication allows users to login to the network whether or not their "home" server is on-line. As long as the servers that provide the necessary data or services are operational, the user can access them. In this sense, when a user is logged in to the network, servers become "transparent" to the process of actually using the network. Users only need one password to gain access to all network resources available to them.

When a user accesses resources on the network (such as servers, volumes, and printers), authentication occurs in the background to verify that the user has rights to use those resources. NDS authentication works in combination with new access control features to provide network security.

More detailed information on NDS is contained in the NetWare Directory Services AppNotes in this issue.

Server Memory Management

NetWare's server memory management capabilities have been redesigned in NetWare 4.0 to increase efficiency. The server can now manage memory in a way that provides a better overall utilization of server memory, and which also prevents server applications from running out of memory.

In NetWare 3.11, the operating system allocates memory in five or more memory pools that serve different purposes. When server applications run, the memory they need is allocated from these pools. But when some applications finish running, the memory management routines do not always make the memory available to other applications. This can cause memory problems for other applications, as memory from one pool cannot be reallocated to another memory pool.

NetWare 4.0 has only one memory allocation pool, and memory used by one application can be reallocated when that application is finished with it. This improved memory management cuts down on the number of necessary operations and helps the server run more efficiently.

Data Storage Management

Many of today's new applications and data structures require significantly more storage space than in the past. NetWare 4.0 offers a number of new features that can help you manage increasing demands for data storage space.

Block Suballocation. Block suballocation allows small files, or that part of a file which exceeds the volume's default block size, to share a disk block with other files. This feature lets more files be stored in a smaller amount of space on a NetWare volume.

For example, in NetWare 3.11, if the default block size for a volume is 64 KB, and you create a 65 KB file, that file would use two complete disk blocks, or 128 KB. The remaining 63 KB in the second block is unused.

With NetWare 4.0's block suballocation feature enabled, any partially used disk block is divided into 512- byte suballocation blocks. These suballocation blocks are used to share the remainder of the block with any "leftover" fragments of other files. Using block suballocation in the example above, the system would allocate one disk block (64 KB) and two 512-byte suballocation blocks to store the 65 KB file. The remaining 63 KB of the second block is available for use by other files.

Block suballocation is enabled by default when NetWare 4.0 is installed.

File Compression. NetWare 4.0 provides a file compression feature which allows files to be compressed as they are saved to the hard disk. The files are automatically decompressed when they are retrieved. Enabling file compression lets NetWare volumes hold more on- line data by compressing files that are seldom accessed.

With this compression feature, you can effectively increase the amount of available disk space without adding new drives. The compression algorithm used can increase usable disk space up to 63%. For example, 600 MB of files on a volume could be compressed to as little as 222 MB. This can be a money-saving feature for environments where adding disk storage is financially prohibitive.

NetWare manages the file compression internally. Users (or the Supervisor) can flag individual files or directories either to be compressed after not being accessed for a time, or to never be compressed. When compression is enabled for a volume, the files flagged for compression are compressed after not being accessed for the specified amount of time. Files are automatically decompressed when accessed by a user.

Data Migration. Another new feature of NetWare 4.0 is data migration. This feature enables servers to transfer data that is used infrequently to an off- line storage device such as a disk, CD- ROM, or tape drive. NetWare 4.0 still "sees" the data as residing on the NetWare volume. If the user requests a file stored off-line, the file will demigrate back to the server's hard disk.

Data migration frees up valuable hard disk space for frequently accessed files, while still allowing full access to the migrated files.

High Capacity Storage System. The High-Capacity Storage System (HCSS) is a data storage and retrieval system that extends the storage capacity of the NetWare server by integrating one or more optical library units, known as "jukeboxes," into the NetWare file system. (A jukebox is a high-capacity storage device that uses an autochanger to mount and dismount optical disks automatically.)

The HCSS works with data migration to move files between faster, low-capacity storage devices (the server's hard disk) and slower, high-capacity storage devices (optical disks in a jukebox). It uses rewritable optical disks (either one-sided or two-sided) so that it is possible to repeatedly write and erase data.

The files and directories on the jukeboxes are accessed using the same NetWare commands and function calls used to access data from the hard disks. Access can be made by either users or programs.

HCSS uses free space on the server's hard disk to temporarily store (or cache) the most active files. When space is needed to store additional files and the allocated space reaches a predetermined capacity, the least-active files are transparently moved to optical disks.

When a user requests a file stored on optical disk, HCSS automatically copies the file from the jukebox back onto the server's hard disk. This process, known as demigration, allows users to access their most active files quickly.

Auditing

NetWare 4.0's auditing capabilities are much more powerful than in any previous versions of NetWare. Auditing allows authorized users (auditors) to audit past and present transactions on the network. These auditors act independently of network administrators to ensure that network records are accurate and confidential information is secure.

Transactions and events that can be monitored through NetWare 4.0 auditing include:

  • Logins and logouts

  • Trustee modifications

  • File creations, deletions, reads, and writes

  • Requests to manipulate queues

  • Directory Services object creations, deletions, reads, and writes

  • Events directly related to Directory Services objects

  • Events directly related to users

With NetWare 4.0, auditors are able to track Directory Services events as well as file system and volume transactions. Auditing is enabled at the volume level for file system auditing, and at the container object level for Directory Services events.

Auditors should not be Supervisors and should not have SUPERVISOR rights or equivalence. Auditors can track events and activities on the network, but should not be able to open or modify network files (other than the Audit Data and Audit History files), unless they are granted rights to do so by the network supervisor.

The AUDITCON audit program files are automatically installed on your system when you install or upgrade to NetWare 4.0.

Other New Features

Running NLMs in Protected Mode. NetWare 4.0 has server memory protection features that guard OS memory from corruption by third-party NLMs. These features ensure that your server will not be halted by a faulty NLM.

Memory protection allows you to run NLMs in a separate memory domain called the OS_PROTECTED domain. After you have loaded an NLM in the OS_PROTECTED domain (ring 1, 2, or 3) and found it safe, you can load it into the OS domain (ring0), where it can run most efficiently.

Note: All NLMs included with NetWare 4.0 have been tested and do not need to be run in an OS_PROTECTED domain.

Packet Burst Protocol. The packet burst protocol (or burst mode) capability which required a separate DOS client shell in NetWare 3.11 has been incorporated into the new client software. Packet burst is designed to transmit multipacket messages efficiently over an internetwork, which can result in faster data transmission between workstations and servers. Packet burst is enabled by loading PBURST.NLM on the server and entering a line in the workstation's NET.CFG file.

Large Internet Packets. The Large Internet Packet (LIP) feature allows increased throughput over network bridges or routers by increasing packet size. This feature is particularly helpful when using Ethernet or Token Ring architectures that allow larger packets to be sent over the network.

Multiple Languages. NetWare 4.0 has been adapted for use with multiple languages. The operating system, NLMs, and utilities use English as the default language, but they can be set to other languages as well. You can also set the server console keyboard for different languages.

NetWare Print Services. With NetWare 4.0, the hassle of having to know about print queues or print servers is eliminated. In bindery-based NetWare, only the print server and print queues exist as bindery objects; printers are defined as attributes of the print server. With NetWare Directory Services, print servers, print queues, and printers are all individual objects. They can be created and modified in any order with NetWare's text or graphical printing utilities.

One print server can now service up to 256 printers. Network printers can be attached directly to the network, to any NetWare server (via NPRINTER.NLM), or to DOS or OS/2 workstations (via NPRINTER.EXE). Users no longer need to know about print servers or print queues; they can send print jobs directly to a printer by specifying the printer name.

Other printing-related enhancements include support for:

  • Configuring print queue polling time

  • Unlimited number of print job configurations

  • Third-party print job configurations

  • Print jobs from Macintosh and NFS clients

NetWare 4.0 Utilities

The NetWare 4.0 utilities support Windows and OS/2 environments in addition to the DOS environment. Many utilities from earlier versions of NetWare have been consolidated into one, modified, or eliminated altogether. Also, new utilities and NLMs have been created for NetWare 4.0.

Figure 1 lists the NetWare 4.0 utilities, NLMs, and tools grouped according to functional categories. The "Type" column indicates the type of utility as follows:


Server Util

Utilities whichare entered at the server console promptto monitor and control the network

Server NLM

NetWare LoadableModules which are loaded and run at the server

Text Util

Character-based utilitieswhich are run on DOS and OS/2 workstations

GUI Util

New graphical userinterface (GUI) utilities that allow supervisors to manage the network from Windows or OS/2 workstations

GUI Tools

New graphical userinterface (GUI) workstation tools that enableusers to perform a variety of basic network tasks

Figure 1: NetWare 4.0 utilities grouped according to purpose.


Category

Utility

Type

Description

GeneralAdministration

NetWare Administrator(NWAdmin)

GUI Util

Allows youto create NDS objects and assign propertyvalues and rights. (Graphical counterpartof the NETADMIN text utility.)

NETADMIN

Text Util

Menu-drivenutility that allows you to create NDS objectsand assign property values and rights. ConsolidatesSYSCON, DSPACE, SECURITY, and USERDEF.

UIMPORT

Text Util

Allows youto create many User objects at the same timeusing a (non-NDS) database. Replaces MAKEUSER.

ServerManagement

SERVMAN

Server NLM

Lets you changeSET parameters in the .NCF files, and IPX/SPX,device, volume, and network information.

MONITOR

Server NLM

ConsolidatesMONITOR and FCONSOLE.

RCONSOLE

Server NLM

ConsolidatesRCONSOLE and ACONSOLE.

DOMAIN

Server NLM

Creates a protectedOS (OSP) domain to be run in Ring 1, 2, or3. All new third-party NLMs should be developedand tested in an OSP domain.

NWSNUT

Server NLM

NLM UtilityUser Interface module B provides a libraryof routines used by certain NLMs (such asSERVMAN and MONITOR).

NDSManagement

Partition Administrator

GUI Util

Allows youto manage NDS partitions and replicas. (Partof the NetWare Administrator utility.)

PARTMGR

Text Util

Allows youto manage NDS partitions and replicas.

TIMESYNC

Server NLM

Controls timesynchronization on servers running NDS.

DSREPAIR

Server NLM

Repairs andcorrects problems in the NDS database. (Similarto what BINDFIX and BINDREST did for the bindery.)

StorageManagement

LIST DEVICES

Server Util

Displays diskdevice information for the server.

SCAN FOR NEW DEVICES

Server Util

Scans for diskhardware that has been added since the server was last booted.

MAGAZINE

Server Util

Confirms whetherrequests to insert and remove magazines inthe server have or have not been satisfied.

MEDIA

Server Util

Confirms whetherrequests to insert and remove media in theserver have or have not been satisfied.

CDROM

Server NLM

Allows theserver to use a CD-ROM disk as a read-only volume.

RTDM

Server NLM

Real Time DataMigration. (See third-party documentation.)

Mirroring

MIRROR STATUS

Server Util

Displays allmirrored logical disk partitions and their status.

REMIRROR PARTITION

Server Util

Starts theremirroring of logical disk partitions.

ABORT REMIRROR

Server Util

Stops the remirroringof logical disk partitions.

FileManagement

FILER

Text Util

ConsolidatesFILER, VOLINFO, SALVAGE, and PURGE.

FLAG

Text Util

ConsolidatesFLAG, FLAGDIR, and SMODE.

Securityand Auditing

RIGHTS

Text Util

ConsolidatesRIGHTS, ALLOW, GRANT, REMOVE, REVOKE, and TLIST.

AUDITCON

Text Util

Allows independentauditors to audit network transactions, NDSevents, and events specific to a volume orserver. (Consolidates ATOTAL and PAUDIT.)

Printing

PCONSOLE

Text Util

Allows youto create Print Server, Print Queue, andPrinter objects to set up the printing environment.

NPRINTER

Text Util

Server NLM

Allows anyprinter to be used as a network printer,whether attached to a DOS or OS/2 workstationor to a NetWare server.

Backup

SBACKUP

Server NLM

Completes backuprequests directed to it from the network.(Consolidates NBACKUP.)

Internationalization

KEYB

Server Util

Allows youto select a nationality or language.

LANGUAGE

Server Util

Sets the serveror NLMs to use a specific language.

Remote Boot

RPL

Server NLM

Remote ProgramLoad enables remote booting of IBM PC-compatiblediskless workstations.

Client Utilities

LOGIN

Text Util

Consolidates ATTACH and LOGIN.

MENU

Text Util

Allows youto create a menued working environment for users.

NETUSER

Text Util

Allows usersto access network attachments, manage drivemappings, send messages, and set up printjobs. (Replaces SESSION.)

NDIR

Text Util

ConsolidatesNDIR, CHKDIR, LISTDIR, and CHKVOL.

NLIST

Text Util

Allows usersto view information about files, directories,users, groups, volumes, servers, and queues.(Consolidates SLIST and USERLIST.)

SEND

Text Util

ConsolidatesSEND, CASTON, and CASTOFF.

CX

Text Util

Allows usersto change context, or position, in the Directory tree.

Tools for Windows - OS/2

GUI Tools

Tools for Windowsand OS/2 are installed as a group in theProgram Manager (Windows) or on the desktop (OS/2).

NetWare Feature Comparison

Figure 2 provides a comparison of features common to NetWare 4.0 and NetWare 3.11, as well a listing of many features new with NetWare 4.0.

Figure 2: Feature comparatison between NetWare 4.0 and 3.


FEATURE

NetWare4.0

NetWare3.11

OPERATINGSYSTEM ARCHITECTURE

Maximum numberof user connections per server

1000

250

User configuration(stratification)

5, 10, 20,50, 100,250, 500, 1000

5, 10, 20,50,100, 250

Maximum numberof server connections per client workstation

50 (configurablein client VLM)

8

Object-basedglobal naming service

Yes (NetWareDirectory Services)

No

Single loginto network

Yes

No

MEMORYAND DISK REQUIREMENTS

Minimum servermemory requirements

6 MB

4 MB

Optional Ring3 memory protection

Yes

No

Dynamic Ring3 reinitialization on failure

Yes

No

ContinuousRing 0 operation on Ring 3 fail

Yes

No

Hard diskspace used by operating system

12 to 60 MB

9 MB

FILESYSTEM AND STORAGE

Read-aheadcache

Yes

No

Intelligentdata compression

Yes

No

Support fordata migration hardware (optical jukebox,read/write optical, and so on)

Yes

No

Real-timeData Migration - High Capacity Storage System(HCSS)

Yes

No

NETWORKSECURITY

Restrict loginto specific Medium Access Contol addresses

Yes (optional)

No

Compressiondirectory and file attribute

Yes

No

Migrationdirectory and file attribute

Yes

No

SECURITYAUDITING

File system auditing

Yes

No

NDS event auditing

Yes

No

Independent network auditor

Yes

No

Independent auditor password

Yes

No

Multiple auditors

Yes

No

Audit user security transactions

Yes

No

Audit user file transactions

Yes

No

Audit supervisor transactions

Yes

No

Audit file creation statistics

Yes

No

Audit directorycreation statistics

Yes

No

Audit volume statistics

Yes

No

Transaction logs

Yes

No

Filter transaction logs

Yes

No

Transactionmonitoring/automatic log updates

Yes

No

NETWORKMANAGEMENT

Determinewho has console/supervisor privileges

Yes

No

View consoleoperation status

Yes

No

View supervisorequivalent status

Yes

No

View hierarchicalDirectory tree

Yes

No

Remote consolesession security

Yes

No

Remote consolemodem callback

Yes

No

NETWORKNAME SERVICES (Directory Services)

Maximum numberof tree levels

15

N/A

Object oriented

Yes

No

Directoryobject creation (user, volume, alias, organization,print server, queue, printer group, computer,directory map, bindery objects, and so on)

Yes

No

Extensibleschema (set of objects and attributes)

Yes (programmed)

No

Maximum numberof attributes per object

Unlimited (defaultset of attributes per object type)

N/A

Maximum lengthof attribute fields

Unlimited

N/A

Partitiondatabase

Yes (logicalsubtree)

No

Physical locationof partitions

One or moreservers

N/A

User-definablepartitions

Yes

N/A

Partitionsreplicated across multiple servers

Yes

N/A

Root partitionreplicated

Yes

N/A

Read-onlypartitions

Yes

N/A

Read/Writepartitions

Yes

N/A

Backgroundauthentication

Yes

N/A

Backgroundsynchronization

Yes

N/A

Protocol independent

Yes

N/A

Unicode enabled

Yes

N/A

External nameservice synchronization

Yes

N/A

Object andproperty access rights (add, delete, rename,move, read, compare, list, modify, browse)

Yes

N/A

Name searching(white paging)

Yes

No

Topical searching(yellow paging)

Yes

No

Figure 2: Feature comparison between NetWare 4.0 and 3.11.(continued).


FEATURE

NetWare4.0

NetWare3.11

TIMESYNCHRONIZATION

Internationaltime zone support

Yes

No

Daylight SavingsTime support

Yes

No

User-configurabletime synchronization

Yes

No

Single referencetime server

Yes (optionaluse of external atomic clock)

No

Multiple primarytime servers

Yes

No

Multiple secondarytime servers

Yes

No

BACKUPSERVICES

Workstationbackup

Yes (DOS, OS/2)

No

NETWORKPRINTING

Maximum sharedprinters per print server

256

16

RAM used onworkstation-attached network printer

4,976 bytes(parallel)

5,488 bytes (serial)

4-20 KB

NETWORKUTILITIES

Approximatenumber of utilities

50 (consolidated)

130

IMAGING(Optional Service)

Attributesearch

Yes

No

Image manipulation

Yes

No

Distributeddata migration (Mass Storage System - MSS)

Yes

No

Image compression

Yes

No

Content documentarchitecture

Yes

No

APPLICATIONPROGRAM INTERFACES (APIs)

Image EnabledNetWare (optional Kodak services)

Yes

No

Hierarchicalstorage (data migration)

Yes

No

Document managementservices

Yes (post 4.0release)

No

COMMUNICATIONPROTOCOLS

Large InternetPacket (LIP)

Yes

No

CLIENTSUPPORT AND INTEROPERABILITY

DOS

Modular client"requester" architecture

Yes (VLM)

No

Number offiles stored on a DOS workstation by thenetwork operating system

20 (4 plus16 optional VLMs)

4

Conventionalmemory (640KB area) used (Use of XMS/EMSsupports built in; small footprint whenused)

53KB (requester,IPXODI, LSL, LANdriver)

59KB (shell,IPXODI, LSL, LAN driver)

Additionalconventional memory used with packet burst(Use of XMS/EMS supports built in; smallfootprint when used)

53KB

63KB

Extended memorysupport

Yes

Yes (HMA only)

LPT portson client

LPT1 - LPT9

(VLMssupport)

LPT1 - LPT3

Windows

Windows 3.0NetWare Tools

Yes (expandedusertools)

Yes (basicusertools only)

Windows 3.1NetWare Tools

Yes (expandeduserand admin. tools)

Yes (basicusertools only)

Packet burstincluded with Windows client

Yes (requester)

No (shell)

Load clientsoftware after Windows

Yes

No

Login underWindows

Yes

No

UNIX

NeXT workstationsupport

Yes

No

CLIENTUTILITIES FOR NETWARE ADMINISTRATION

Supported Platforms

Windows

Yes (3.1 only)

No

OS/2 2.0 PresentationManager (PM)

Yes

No

SupervisorAdministrative Functions

Single administrativetool for network

Yes (Windows,PM)

No

File system(move, copy, trustees, salvage, rights)

DOS, Windows,PM

DOS

Directoryservices (create/delete objects; edit attributes)

DOS, Windows,PM

N/A

Search NDSDirectory

DOS, Windows,PM

N/A

Move objectsin Directory Services tree

DOS, Windows

N/A

DirectoryServices security

DOS, Windows,PM

N/A

DirectoryServices partition management

DOS, Windows

N/A

Printing (queues,printers, print servers)

DOS, Windows

DOS

End UserTools

Change/SetDirectory Services context

DOS, Windows,PM

N/A

Browse DirectoryServices

DOS, Windows,PM

N/A

User toolswork with both bindery and Directory Services

DOS, Windows,PM

N/A

Change filerights and attributes

DOS, Windows,PM

DOS

Login

DOS, Windows,PM

DOS

Client install

DOS, PM

DOS

NETWORKINTERFACE CARD SUPPORT

Client

Ethernet defaultframe type

IEEE 802.2

Raw 802.3

NDIS protocolstack supported (via ODINSUP)

Yes

No

Third-partydrivers supported

Yes (approx.150 included in box)

Yes (Novelldrivers only included in box)

Server

Ethernet defaultframe type

IEEE 802.2

Raw 802.3

Third-partydrivers supported

Yes (approx.150included in box)

Yes (Novelldrivers only included in box)

DOCUMENTATION

Availableon CD-ROM

Yes

No

Windows-baseddocumentation viewer

Yes

No

* Originally published in Novell AppNotes


Disclaimer

The origin of this information may be internal or external to Novell. While Novell makes all reasonable efforts to verify this information, Novell does not make explicit or implied claims to its validity.

© Copyright Micro Focus or one of its affiliates