Developing with NDS Using Industry Standards: Java, ActiveX, ODBC, Scripting, and C
Articles and Tips: article
NDS Market Development Manager
Developer Alliance Division
01 Dec 1997
Provides a basic understanding of Novell's development environment and the options, opportunities and benefits presented by NDS-enabling your applications. Concentrates on Java.
NDS (Novell Directory Services ) allows you to integrate your directory-enabled application with every widely used client-based directory access protocol, developer API, and back-end name resolution or directory service in the industry. Because NDS successfully addresses the issues that developers face, such as time to market, limited tools, platforms, and protocol integration, the developer world is brimming with vast new opportunities for building a new generation of intelligent, network-aware applications.
While most applications have a directory to organize information and direct users to resources they need, Novell Directory Services does much more. Global, platform-independent and accessible from virtually any client or standard browser with a single sign-on, NDS is the directory that links users, applications, services, and platforms of all kinds, adding value and dimension to your applications while dramatically shortening your time to market.
Novell Directory Services technology has been developed as a single, network-wide directory, which is why companies such as IBM, SCO, HP, ICL, Olivetti, NCR, Siemens Nixdorf, Unisys, and others are shipping NDS with their products, integrated into their operating systems and services. NDS is pulling together enterprise networks with mainframe systems and with heavy-duty database servers like Oracle, Sybase, and Informix, as well. And NDS already manages more than 24 million client desktops worldwide.
Such broad-based support of a common directory is unprecedented, and it serves to further reinforce the significance of NDS as the industry's only global directory that is capable of providing secure, manageable access to your applications in highly diverse and distributed multi-vendors networks.
As a component of its NT-integration roadmap, Novell is implementing NDS on Windows NT, which is scheduled for availability in late 1997. Providing NDS natively on Windows NT opens the doors wide for developers to fully leverage NDS as a platform-independent applications infrastructure.
This service will enable developers to build NT applications that can be administered and authenticated by NDS, and it will make NT an equal participant among the above-mentioned platforms, enabling developers with maximum freedom of choice while accruing the benefits of NDS across intranets and the Internet.
Novell recognizes that developers want to preserve their investment in their code and they want options that enable them to rapidly deliver best-in-class applications. NDS is a stable, mature, widely used directory service, which means you can write code to it today with confidence because NDS offers a development environment of open standards, Internet protocols, and languages that will persist well into the future.
NDS and Your Application
NDS provides maximum flexibility and control in building and deploying applications. Simply, applications you build that are directory-enabled means they are aware of the network. Enabled applications can query and log in to network services, discover new services, and register application-specific information that can then be administered, managed and secured across the network, rather than on individual client or server machines.
Beyond global directory lookups, NDS not only provides the better-known benefits of a single sign-on and a single point of administration; NDS gives you a powerful network database and the potential for new levels of automation and interactivity for your application.
For example, with the extensibility of NDS, you can modify the directory schema to add application-specific attributes or information that automates how applications and users interact. Just as users and resources are managed across the network from the directory, your application can also benefit from the anytime, anywhere access control, management and security attributes of a global directory. So instead of requiring your application to perform its own login and password security access, it can leverage NDS for this information.
NDS provides the ability to automate how an application can log into the network and gain access to services, lowering your application's cost of ownership by providing a single point of administration, management and distribution. It can serve as the universal link between disparate (and distant) workstations, servers, hubs, routers, databases, operating systems, network environments, individual users, workgroups, organizations and your application.
NDS adds value to applications because it simplifies access and management of information for your network administrators and end-user customers. For example, the NDS name service maps network names to addresses using a hierarchical name space rather than a flat name space. This hierarchy allows the database to be mapped as a tree that can be partitioned by its subtrees. Because object names contain the hierarchy information, users can access network resources globally, and administrators can administer the entire tree and its objects from a single point.
However, as a developer, you also reap much more than these "second-hand" benefits. You obtain concrete advantages such as less hassle and less time spent in the development process. You can pick and choose the NDS functionalities you want to leverage, including single sign-on, authentication, administration, management and object repository.
In addition, by using NDS, you can be confident that you're adding tried-and-true directory functionality to your application. You can use your choice of familiar developer tools without having to design and build access and management services of your own. Lastly, you can design, build, market and support your application while Novell handles the directory-services end.
NDS Support of Industry-Standard Interfaces
With the evolution of multiple interface standards, NDS enables you to develop to a common interface and share its directory information across multiple name spaces. Among the interfaces, more and more organizations are already developing to LDAP, and Novell is providing a scalable, secure, manageable LDAP directory via NDS. LDAP Services for NDS enables new uses of NDS in network environments, enabling developers, and administrators to access any NDS or NDS- compatible directory through any LDAP-compatible application.
NDS also provides other kinds of directory information to all the clients in a network environment. LDAP Services for NDS supports most NDS security features and adds an LDAP access control layer that provides additional security features which allow you to make some types of directory information available to the public, make other types available to your organization, and make certain types available only to those groups or individuals that have a need to know. Working together, LDAP and NDS make the Internet/intranet environment directory-enabled.
You can download Novell LDAP Services for free at http://www.novell.com/nds/ldapf inl.html. (The most widely used implementation of LDAP was written at the University of Michigan. The latest release is available at ftp://terminator.rs.itd.umich.e du/ldap/ldap-3.3.tar.Z.)
NDS also supports Java Naming and Directory Interface (JNDI) and Active Directory Service Interface (ADSI), so developers with virtually any kind of tools can write platform-independent, directory-enabled, Internet-ready applications efficiently and easily. For the developer, this means:
Access NDS any way you choose. Whether you're working with C code (NetWare SDK, LDAP APIs, etc.), object-oriented tools (JNDI, ADSI), ActiveX controls, JavaBeans components, NCA cartridges, Scripting interfaces, ODBC drivers, or client-based programming tools (Visual Basic, Java Studio, Java Cafe, etc.), NDS is readily accessible.
Platform-independent APIs. In effect, product that leverages NDS will leverage multiple platforms, and it will come to market faster and be less expensive to develop. Because when a product becomes NDS-enabled for one NDS-supported platform, you can recompile for each additional platform that you want your application to support. NDS APIs are standard and open across all supported platforms.
Make your application Internet-ready. An NDS-enabled application is capable of using the Internet as a backbone or point of entry. Users will be able to access the directory through any LDAP-aware application (such as Netscape Communicator) via standard Internet connections.
Store information in NDS and make it available over the Internet to users with LDAP- aware applications. Users can connect to NDS via LDAP on any platform and access information across TCP/IP connections. (Note: By the end of 1997, Novell expects IntranetWare and NDS to be protocol-independent, running natively on both IPX and IP)
Like Novell, many vendors and developers are adopting LDAP, JNDI and ADSI to build platform-independent, Internet-ready solutions. Netscape, IBM, Sun Microsystems and Microsoft are all behind these efforts. However, NDS offers the industry's only global directory that provides developers with a common interface to LDAP, JNDI and ADSI. For more information about Novell's support for JNDI and ADSI, visit http://developer.novell.com/nds.
Figure 1: NDS Development Components.
NDS-Enabling with Java
Novell is working with Sun Microsystems and other industry leaders to provide a 100% pure Java Naming and Directory Interface (JNDI) an industry-wide directory and naming API for Java that allows developers to write full-blown directory-enabled applications once and have them run anywhere. In addition to being completely platform- independent, JNDI provides a single development paradigm that crosses multiple directories (NDS, LDAP, DNS), file systems, etc., and is name-space independent.
Early on, Novell recognized the value of Java as a platform for distributed computing. But if Java does have one drawback, it's that it doesn't come with a rich set of networking services. Novell is remedying this problem by enhancing the extensibility of Java's network services.
The company was the first major player in the industry to license the Java Virtual Machine a set of NetWare Loadable Modules that interprets Java logic and executes it on IntranetWare. Novell will fully comply with the underlying Java platform while extending its functionality to expose its catalog of network services and promote richer Java server development. While Java today does not yet offer the performance capabilities that NLM developers have come to expect, we are working to provide that level of performance with Java, and we will continue to improve the tools that will assist developers in converting their NLMs to Java applications.
Novell is partnering with Sun Microsystems to develop open APIs to network services including NDS. This partnership is helping developers create directory-enabled Java applications that leverage directory attributes, such as naming, access rights and security in their application development for any platform.
These elements will be increasingly advantageous in intranet environments as the ability to name, locate, manage and secure objects becomes essential. Programmers will be more productive and won't have to write code to the idiosyncrasies of each platform. For example, in navigating to a file system on NT, you'll no longer have to figure out special circumstances for individual platforms. And developers will also be able to deploy legacy databases on intranets without rewriting reams of code.
Novell's Network Services Framework for Java SDK represents a very strategic product for developers developing to Novell platforms. Novell's Network Services Framework for Java SDK is a server-side SDK that delivers a complete Java development environment that enables development of rich Java-based applications, services and solutions on the server. The SDK embraces and extends Sun's JavaSoft JDK 1.1.3 and JavaSoft Java Server SDK, delivering the Java Runtime Environment (JVM/JDK, JIT, GUI, ORB) and Java Services Framework (JNDI, NSI) interfaces and documentation for developers to write Java applications and solutions on the IntranetWare and NetWare platform.
The SDK also includes additional Java Developer Tools and Intranet/Internet Services to enhance the Java environment, such as Web Server, NetBasic, ODBC and others, to enable the creation of Web-based applications and solutions. The SDK is available at http://developer.novell.com/java.
The Java Naming and Directory Interface is available as an Early Access Release at http://developer.novell.com/java/sdk/jndidis.htm, with final implementation due in Q3 97. A new addition to JavaSoft's Enterprise API set, JNDI provides Java applications with a unified interface, enabling seamless connectivity to heterogeneous enterprise naming and directory services.
JNDI will make it much easier within the Java space to make class calls to register network applications and discover resources on the network. Novell has been the key definer of this set of interfaces and will follow the introduction of this software with a whole range of new services, including licensing, collaboration and electronic commerce. In every case, NDS will provide and improve the ability to discover, locate and securely manage information and resources.
Novell's strategic plans call for incorporating Java at multiple levels for developing rich Internet/intranet services and solutions. JavaBeans are high-level abstractions of Java code that are packaged as functional, reusable components that can be run on any platform. In addition, they can be included as components in other visual development tools such as Visual Basic.
Novell's initial JavaBean offering includes an NDS Bean that provides complete access to the functionality of NDS. Java developers are able to browse NDS trees, edit/add attributes, create/delete objects, etc., using any of the standard Java development tools. Applications can take full advantage of the directory for management, security, access control, and licensing using the NDS JavaBean.
The NDS Bean is the first of many that will expose IntranetWare's networking services for use in Java-based applications and management utilities. The NDS Bean is currently an Early Access Release available at http://developer.novell.com/nds. Other JavaBeans now in development include Volume Admin, Server Admin, Print Queue Admin, Session, LDAP and Bindery.
As for security, Novell is working on an NDS provider to support the Java Security API (JSAPI). Because NDS is a global directory service, the NDS provider will offer a new, comprehensive level of security to multiple Java classes.
NDS is the only directory service that offers broad platform-independent support and the security and scalability necessary for the large, distributed Java applications that can be developed for the Internet/intranets. By integrating Java and NDS through JNDI, Novell is enabling developers to build applications solutions that will perform better that will be easier to manage, distribute, secure, and deploy across heterogeneous global networks.
NDS-Enabling With ActiveX
Novell recognizes the power and popularity of ActiveX and Visual Basic and is committed to opening NDS to visual programming tools. In fact, Novell is making NDS accessible to virtually any tool that can consume ActiveX components, including Visual Basic, Delphi, PowerBuilder and others.
Novell is readying a set of ActiveX controls for NDS administration which will give developers complete access to NDS schema. Session Control will let you log in and out of the network using NDS authentication, and the Directory Control will let you read/write/modify information in the NDS tree and schema. This will enable you to create new attributes for existing objects and additional objects of your choice (i.e., a new object for an application) which makes your directory a far more useful general-purpose repository.
The first set of ActiveX controls will be followed by others that expose the functionality of other Novell services, including Novell Application Launcher (NAL) Application Admin, LDAP Directory, PrintServer Admin, File System Admin, and general-purpose network controls such as the "Transporter."
In 1997, Novell will make available the NDS Active Directory Service Interface (ADSI) Provider. The simple benefit is that using Microsoft's interface to directory services with IntranetWare clients will expose NDS and its rich functionality through a wide array of operations. Along with full browsing capabilities, this functionality will include some base security/authentication types of calls, which ADSI defines, as well as NDS security functionality.
Novell's NDS ODBC Driver enables SQL access to NDS using Visual Basic, Delphi, PowerBuilder or other IDE (Integrated Development Environment) to create applications that access NDS for information, authentication and management.
It allows developers to use standard database utilities for reporting, graphing and charting NDS information. And high-level developers have visual access to the inner workings of NDS objects through the NDS ODBC driver. In addition, because NDS is now a regular ODBC Data Source within visual builder tools such as Visual Basic, this will allow applications to be built very quickly by using the data-bound controls found in those environments.
The current NDS ODBC Driver allows applications and utilities to view and read (creation/deletion in the next version) NDS object and attribute information without the risk of unauthorized intrusion. In addition, NDS object information can be gleaned and reported using standard SQL query and report generators. Virtually any tool that provides access through ODBC can be used with NDS.
This includes the data-grid controls available in Visual Basic and the flexible ODBC reporting tool included with Microsoft's InterDev tools. The NDS ODBC Driver is currently available in beta form for download at http://developer.novell.com.
NDS-Enabling with IntranetWare Scripting
For developers seeking to run business logic or Web server programs on IntranetWare, Novell is making NDS accessible to scripting tools. In fact, scripting tools and NDS make it possible to use IntranetWare as a middle-tier integration platform to the entire enterprise.
The NetBasic IDE provides administrators and corporate developers with an easy way to develop server applications and utilities that fit their exact needs. NetBasic is a Visual Basic script-compatible language developed by a Novell partner, HiTecSoft Corporation, and included in current versions of IntranetWare and NetWare 4.11. (NetBasic will be fully VB Script-compatible by the end of 1997). NetBasic's familiar Visual Basic-style syntax and structure represents a big leap over application development in C or C++.
In its current form, NetBasic is a subset of the full VB syntax and runtime libraries as defined by Microsoft for developing browser-enabled applications and utilities that run directly on IntranetWare/NetWare file servers. NetBasic provides an easy-to-use, drag-and-drop GUI, and an easy alternative to writing a Visual Basic application or going across the network to the server and doing database queries.
NetBasic also complies with Novell's Network Modular Extension (NMX) standard, which is the most popular Common Gateway Interface (CGI) on NetWare and IntranetWare. NMX components offer reusable functionality and flexibility that speeds up the process of writing programs for many common Internet-related tasks.
NMX is a set of APIs and development guidelines that are part of Novell's DeveloperNet development environment for creating an open architecture for NetWare Loadable Modules (NLM ) and Basic script libraries. NLMs and scripts built using NMX APIs are referred to as "NMX-compliant" libraries that can be created using Novell's NLM SDK, C/C++ compilers or NetBasic IDE. For example, NetBasic's NDS NMX library lets you draw information out of NDS. Additional information and SDK downloads are available at http://developer.novell.com.
Using BASIC and HiTecSoft's compiler technology currently offers the easiest way to write NLMs that run on the server. HiTecSoft's Intranet Compiler combines NetBasic Scripts, HTML, GIF, JPEG, music, video and other resources into a single NLM with a stream of data that can be sent directly to the browser for unparalleled performance. The compiler can also compile NetBasic scripts into an NMX using Basic or C/C++.
The Oracle Database component of NetBasic allows developers to access SQL queries from a Basic language, Java, C/C++ interface, or WEB server HTML commands (using the NetBasic Web Server Component). Abstractions to the Oracle SQL server enable developers to easily login and logout, execute SQL commands, enumerate records, and have full access to the Oracle SQL database. For a demonstration of a directory-enabled script application, see http://www.hitecsoft.com.
NDS-Enabling with C
If your development choice is C-level interfaces, Novell Directory Access Protocol (NDAP) provides a complete set of NDS client APIs using C- level coding. Novell also gives you full NDS server APIs, which means that if you're writing a NetWare Loadable Module or applications for Sun Solaris, HP-UX and other platforms, you can access NDS on the server. All NDAP functionality is provided through the NetWare SDK, which you can download from the Web at http://developer.novell.com.
Looking To the Future
Novell is also extending the power of NDS with ongoing development of a wide array of new directory- enabled network services. For example, it's clear that objects and components will play a critically important role in the development of distributed computing. But object model standards such as Common Object Request Broker Architecture (CORBA) lack robust service-location capabilities. In order to extend NDS-based functionality to the CORBA ORB, Novell is developing Trader Services as a scalable method of locating other CORBA services anywhere on the network.
Trader Services are like the yellow pages to the NDS white pages. They will expose NDS functionality through standard protocols such as Internet Inter-ORB Protocol (IIOP). But NDS functionality will not be confined to ORBs; it will also encompass programming objects in general. While NDS provides service location, Trader Services will take it to a higher level. The intent is to make all objects, services and ORBs that comply with the CORBA standard work together without requiring further integration.
The alpha release of IntranetWare Trader Services is a CORBA-compliant trading object service that is written completely in Java. It requires a Visibroker 1.2 Development Package and a Java Virtual Machine (JVM). It can be run on any JVM, including IntranetWare. For an advance look, you can download the IntranetWare Trader Service alpha release at http://developer.novell.com/object/sdk/trader/trdr10b.exe.
NDS is also gaining greater functionality as services such as Novell Application Launcher (NAL) mature. The latest generation of NAL provides simple, powerful software and data distribution for IntranetWare and NetWare networks. Through tight integration with NDS, NAL lets administrators deliver new and updated applications and data to thousands of desktops including Windows 95 and Windows NT throughout global enterprises.
Phase 2 of NAL, due later this year, will provide server-to-server distribution. NAL was designed specifically to automate and simplify the software distribution process. It greatly reduces the cost of managing networks and their services lowering overall cost of network ownership. For details, visit http://www.novell.com/managewise.
Another service with great promise is Novell's Global Event System. Unlike NAL, which requires active participation of the administrator and user in the process of software or information distribution, the Global Event System automates the process, requiring minimal human intervention. Let's say, for example, stock brokers want to be advised when a particular set of stocks hit a ceiling (or bottom out). With the Global Event System, they can set the parameters in NDS and their workstations will then alert them when the event takes place. Administrators will use the Global Event System to automate business logic.
For instance, when a user is transferred from one department or geographical location to another, he or she has to be closed out of one container and moved into another, losing and gaining rights as appropriate. With the Global Event System, the administrator can set the parameters and, when the move takes place, the users' rights are modified automatically at login. As for developers, they will be able to trigger events and functionality according to whatever criteria they wish, easily adding outstanding automation to their applications.
Additional NDS enhancements like Catalog Services and non- global schema will make development to and extension of the NDS schema even faster and more flexible. Catalog Services change the search characteristics of the directory and improves the ability of users to retrieve data stored in NDS by providing a flat-file dynamic copy of the hierarchical data. This will allow applications to be developed very easily to query the simple catalog, or NDS extraction, faster than accessing to the hierarchical NDS datastore.
Non-global schema allows developers to customize a portion of the NDS tree by changing the types of objects and properties of existing objects without affecting the entire tree. This will provide developers with the ability to extend a class definition to include structured data that could be anything from a Windows icon to executable code, scripts or Java applets that would provide "methods" for NDS objects.
The upcoming availability of NDS for Microsoft NT further demonstrates Novell's commitment to the directory-enabled Internet. The extensible, flexible nature of NDS will soon provide a superior method for integrating and managing both Windows NT Workstations and Windows NT Servers. By providing NDS on NT, developers can be assured that a robust, heterogeneous network directory service is available wherever they want to run their applications, even on networks that are exclusively NT.
* Originally published in Novell AppNotes
The origin of this information may be internal or external to Novell. While Novell makes all reasonable efforts to verify this information, Novell does not make explicit or implied claims to its validity.