Netoria's SFLOGIN 2.0: Extending the Capabilities of Novell's Client Software
Articles and Tips:
01 Mar 1998
SFLOGIN 2.0 from Netoria Inc. is a login enhancer--a tool that makes logging in to an intraNetWare or NetWare 4 network easier for users while providing more flexibility for network administrators. SFLOGIN 2.0 is available for Windows NT, Windows 95, Windows 3.x, and DOS workstations running Novell's client software. (SFLOGIN 2.0 does not support Microsoft's Client for NetWare Networks.)
Because Novell's client software is powerful, flexible, and fast, you may wonder why you need a login enhancer. This article explains how SFLOGIN 2.0 extends the capabilities of Novell's client software in a Novell Directory Services (NDS) environment, enabling users to effortlessly log in to the network from any workstation and allowing you to better manage the login process.
CONTEXTLESS LOGIN
The main feature of SFLOGIN 2.0 is its ability to search an NDS tree to find specific User objects--a feature knownas acontextless login. This feature allows users to log in instantly from any workstation on the network. Although a contextless login may not be critical for small networks, this feature can be a tremendous management tool for large networks with complex NDS trees. Here's why:
As the network administrator, you specify a login context in Novell's client software on each user's workstation. For example, you could specify the following login context:
OU=MARKETING.OU=PROVO.O=XYZ
The login context specifies the location of each user's User object in the NDS tree. If a user logs in from the workstation that is configured for the user, Novell's client software knows where to look for the correct User object in the NDS tree. As a result, the user enters only his or her username, such as Dennis, to log in to the network. The user does not have to know his or her context in the NDS tree.
However, if no login context is specified or if the login context of a particular workstation is configured for another user, the user must specify his or her context when logging in. For example, if Dennis's User object existed in the above login context, he would have to enter his username and complete NDS context to log in to the network:
DENNIS.MARKETING.PROVO.XYZ
Unfortunately, not many users know or remember their complete NDS context. For example, Figure 1 shows part of company XYZ's NDS tree. Two User objects are shown in different container objects: Dennis's User object is located in OU=MARKETING.OU=PROVO.O=XYZ, and Bill's User object is located in OU=ACCOUNTING.OU=PROVO.O=XYZ. As long as Dennis and Bill logged in to the network from their own workstations with the proper login context, they could simply enter their username and password to log in to the network.
Figure 1: Because the User objects for Dennis and Bill are located in different container objects, the users' login contexts are different.
However, suppose that Dennis worked with Bill on a project and tried to log in to the network from Bill's workstation. Since Dennis's and Bill's User objects reside in different NDS contexts, Dennis would have to enter his username and complete NDS context to log in to the network from Bill's workstation.
SFLOGIN 2.0 makes the login process much easier for users trying to log in to the network from a workstation for which an incorrect login context is specified. A roaming user enters only his or her username, and SFLOGIN 2.0 searches NDS to locate the correct User object. The more complex your company's NDS tree is, the greater benefit SFLOGIN 2.0 provides.
SFLOGIN 2.0 uses a 32-bit, multithreaded NDS search engine, which can quickly search even large networks. I installed SFLOGIN 2.0 on a large network with approximately 5,000 User objects, and search results appeared almost instantly, with the longest delays taking only a couple of seconds.
OTHER FEATURES
In addition to providing a contextless login, SFLOGIN 2.0 offers the following features:
SFLOGIN 2.0 offers complete support for the most popular workstation platforms, including Windows NT, Windows 95, Windows 3.x, and DOS.
SFLOGIN 2.0 offers complete support for NDS. You use Novell's NetWare Administrator (NWADMIN) utility to configure SFLOGIN 2.0. Because all of the SFLOGIN 2.0 options are stored in NDS, no configuration or .INI files are stored on the workstations.
SFLOGIN 2.0 offers a graphical NDS browser. If a text search does not provide the correct results, you can use the graphical NDS browser to browse multiple NDS trees and even bindery-based servers to find a User object. You can also disable this feature for security purposes.
SFLOGIN 2.0 offers a single login. You log in only once to access NDS, Windows NT, Windows 95, and even Lotus Notes. (According to Netoria, a future version of SFLOGIN 2.0 will support host-emulation software.)
SFLOGIN 2.0 offers password synchronization to keep a user's passwords the same: If the user changes one password, all of his or her passwords are changed.
You can even configure password rules. For example, you can configure rules for the minimum password length, the minimum number of numeric or alphanumeric characters, and the maximum number of repeated characters.
SFLOGIN 2.0 offers a customizable login screen. You can choose which elements you want to appear on the login screen. For example, you can include images, news, and announcements.
SFLOGIN 2.0 offers a frequent login list. SFLOGIN 2.0 tracks users who log in from a particular workstation, allowing frequent users to select their username from a pull-down menu. Users must then enter the correct password.
SFLOGIN 2.0 offers WSFREG32, an automatic installation tool. You can modify intraNetWare or NetWare 4 login scripts to include this tool, which automatically installs, removes, or updates existing versions of SFLOGIN 2.0 on a large number of workstations.
INSTALLING SFLOGIN 2.0
I installed SFLOGIN 2.0 on a test network that included a small NDS tree running on two intraNetWare servers, two Windows NT servers, and a handful of workstations. The workstations were running a variety of operating systems, including Windows NT, Windows 95, Windows 3.x, and DOS. I used the Windows NT workstation as an administration workstation. I first installed SFLOGIN 2.0 on this workstation and then ran the NWADMIN utility.
SFLOGIN 2.0 does not include printed documentation, and the online documentation isn't available until the product is installed. Fortunately, installing SFLOGIN 2.0 is easy. However, before you begin the installation process, you must ensure that Novell's latest client software is installed on each workstation. (You can download this client software from http://www.novell.com/novellsw/platform.html.) The administration workstation must also have a World-Wide Web browser installed since the online documentation for SFLOGIN 2.0 comes in HyperText Markup Language (HTML) format.
To install SFLOGIN 2.0 on several workstations, you can use a software distribution system. As mentioned earlier, you can also modify intraNetWare or NetWare 4 login scripts to include the WSFREG32 tool. This tool then automatically installs SFLOGIN 2.0 when each user logs in to the network.
SFLOGIN 2.0 runs as a snap-in module to Novell's client software and replaces Novell's standard login screen. However, SFLOGIN 2.0 does not affect the operation of Novell's client software or any of its components, other than the login screen. Novell's client software continues to provide normal login functionality, such as login script execution.
After you install SFLOGIN 2.0, the only noticeable difference is that an icon is created for the online documentation. The next time you log in, however, the default SFLOGIN 2.0 login screen appears. (See Figure 2.)
Figure 2: The default login screen for SFLOGIN 2.0 resembles Novell's standard login screen. However, the default login screen for SFLOGIN 2.0 adds searching capabilities and a graphical NDS browser.
In addition to entering a specific username on the SFLOGIN 2.0 login screen, you can enter variables in the Name field and search for all User objects that match your search criteria. For example, if you enteredd*SFLOGIN 2.0 would search for all User objects that matched this search criteria and would display these objects in a pull-down menu, prompting you to select the correct User object. After you selected a User object, you would be prompted to enter a password, which would then be verified by NDS.
In addition to changing the colorsof the login screen and adding the Netoria company logo, SFLOGIN 2.0 adds a Browse button, which allows you to browse your company's NDS tree to find a specific User object. This graphical NDS browser is especially helpful if two User objects have the same usernames but exist in different container objects or even in different NDS trees.
For example, suppose that you wanted to log in to the network as Jim in the Sales container object, and you entered Jim on the SFLOGIN 2.0 login screen. Instead of finding Jim in the Sales container object, however, the SFLOGIN 2.0 search engine might find Jim in the Accounting container object. You could then click the Browse button on the SFLOGIN 2.0 login screen and select the correct User object--without having to type in Jim's complete NDS context.
CONFIGURING AND CUSTOMIZING SFLOGIN 2.0
To configure and customize SFLOGIN 2.0, you must have ADMIN rights to the NDS tree. After logging in to the network, you must run the NWADMIN utility. As the NWADMIN utility loads, a screen appears, prompting you to extend the NDS schema. After the schema is extended, you can use the NWADMIN utility to manage SFLOGIN 2.0.
Since you extended the NDS schema, several new NDS objects appear in the list of available objects. You must first create a Netoria SFLOGIN 2.0 Configuration object. Then by double-clicking this object, you can access the configuration options of SFLOGIN 2.0. (See Figure 3.)
Figure 3: Because SFLOGIN 2.0 completely supports NDS, you can use the NWADMIN utility to manage SFLOGIN 2.0.
As you browse the configuration options, you begin to realize how powerful and flexible SFLOGIN 2.0 is. For example, you can enable or disable most of the features that appear on the SFLOGIN 2.0 login screen. To create the customized login screen shown in Figure 4, I kept all of the default settings and simply modified the layout of the login screen.
Figure 4: You can easily customize the SFLOGIN 2.0 login screen. For example, you can add a text box that includes urgent messages or announcements.
To customize the SFLOGIN 2.0 login screen, you need to create a Screen Designer Page object. When you select this object, you are presented with a simple interface that allows you to customize the appearance of the login screen. You can completely redesign the login screen or just add a few basic elements to the existing login screen. (See Figure 4.)
One nice feature you can add to the SFLOGIN 2.0 login screen is a text box for news. The text box shown in Figure 4 is filled with text that comes from the Netoria News object, which you create. Any time you add or modify the text in this object, the new text appears in the login screen.
You can use the Netoria News object to ensure that users receive a particular message. Since you can't force users to read their e-mail messages, you can send users a message on the login screen. However, you can't send customized messages for groups of users unless the users are located in different container objects. Every user located in the same container object receives the message you send.
CONCLUSION
SFLOGIN 2.0 is an invaluable tool for any intraNetWare or NetWare 4 network running NDS. SFLOGIN 2.0 makes logging in to the network easier and provides new network management features. These features, which include a contextless login, password synchronization, and a customizable login screen, make SFLOGIN 2.0 a must-have utility.
You can download a fully functional trial version of SFLOGIN 2.0 from http://www.netoria.com/software/form.htm. This version expires in 60 days.
You can purchase SFLOGIN 2.0 on a workstation-by-workstation basis. For networks with less than 100 workstations, the average price per workstation is U.S. $8. This price plummets to U.S. $2 per workstation for networks that have more than 3,000 workstations.
For more information about SFLOGIN 2.0, visit Netoria's web site (http://www.netoria.com). You can also call 1-888-227-0744 or 1-801-227-0722, or you can send a fax to 1-801-221-1688.
Dennis Williams is a freelance writer who specializes in writing about network systems and remote access. Dennis is based in Alpine, Utah. You can reach Dennis at Dennis@ProductReviews.com.
NetWare Connection, March 1998, pp.39-41
* Originally published in Novell Connection Magazine
Disclaimer
The origin of this information may be internal or external to Novell. While Novell makes all reasonable efforts to verify this information, Novell does not make explicit or implied claims to its validity.