Tip the Scales With Novell iFolder Professional Edition 2.0
Articles and Tips: article
01 May 2002
Except for the click of your mouse and (occasionally) keyboard, the house is quiet. The late hour and surrounding darkness reinforce the impression that in this universe, there's only you and the video clip you are editing, image by image, on your home computer.
Because this is a weeknight and you need to be at work early in the morning, you save your project, then--just to be safe--save it again to another directory. This project long ago outgrew the capacity of your ZIP drive. You've been meaning to get a tape backup but haven't gotten around to it yet.
As you move quietly down the hall for a few hours of sleep, you think you hear something. You stop, listen, and deciding you were mistaken, go on. At 4 a.m., you wake with a feeling of dread. Remembering what you thought you heard, you rise and go directly to the study. Instead of displaying your screensaver, the stark, black eye of your PC monitor reflects the surrounding darkness. A bit of investigation reveals the awful truth: Your computer's hard drive has gone south and, with it, your project files.
As a network administrator, you spend your working days solving problems for users--not the least of which are problems with storing, accessing, and managing data. At home, however, you are a user, and these problems are also your problems. Like any other user, you are subject to forces that conspire against your attempts to safely store, manage, and access data. (Hard-drive failure is a particularly insidious example of these malevolent forces.)
As a user, don't you wish at this moment that your entire project were safely stored in a personal iFolder on your Internet or Application Service Provider's (xSP's) Novell iFolder server? That is, don't you wish your xSP offered Novell iFolder as a service?
INTRODUCING NOVELL IFOLDER PROFESSIONAL EDITION 2.0
Your xSP may soon be doing exactly that. Novell iFolder Professional Edition 2.0--which is designed from the ground up to support large-scale deployments of Novell iFolder--is now available. (A large-scale deployment is a deployment that includes more than one iFolder server.) As a result, your xSP can offer Novell iFolder as a service. If recent user responses are any indication of the extent to which you will value Novell iFolder, you will willingly--even gladly--pay for this service.
In testimonial after testimonial, users credit Novell iFolder with saving their data and effectively solving their data-related problems. In fact, one user--Chip DiComo--claims that Novell iFolder saved his marriage. Of course, DiComo's claim is probably a deliberate exaggeration to underscore his appreciation for Novell iFolder. (You can read Novell iFolder user testimonials at www.novell.com/products/ifolder/testimonials.html.)
In other words, DiComo and other users consider Novell iFolder a valuable service. As such, these users will probably reward the xSPs that offer Novell iFolder--with both dollars and loyalty. (For information about Novell iFolder Professional Edition 2.0 availability and licensing, see "Get This.")
Of course, you don't have to be a user or an xSP to reap the benefits of Novell iFolder Professional Edition 2.0. This new version of Novell iFolder, like previous versions of Novell iFolder, can also simplify your life as a network administrator.
Novell iFolder simplifies and accelerates access to your data because you can access data from anywhere you have an Internet connection and a standard (HTML-enabled) web browser. Novell iFolder secures your data by encrypting it as it crosses the Internet and on the iFolder server where your data is stored. In addition, Novell iFolder keeps multiple copies of your data synchronized.
With Novell iFolder, your data is always current, available, and safe--even if your hard drive fails. For your company, Novell iFolder means that valuable data is stored centrally, rather than scattered across a forest of user workstations and laptops. This data is, therefore, easy for you, the network administrator, to manage and back up.
NOVELL IFOLDER, THE CONDENSED VERSION
In a nutshell, Novell iFolder works like this: Using a web browser, you access an iFolder server and, from this server, you download iFolder client software. When you install iFolder client software on your computer, this software creates a personal iFolder on your computer's hard drive and publishes this personal iFolder to the iFolder server.
Your personal iFolder looks like any other folder on your computer's hard drive, and you can access your personal iFolder just as you access any other folder. You can save, drag-and-drop, or copy files to your personal iFolder.
The iFolder client software running on your computer monitors your personal iFolder and notifies the iFolder server if you make changes to the contents of your personal iFolder. Likewise, the iFolder server notifies this client software when its copy of your personal iFolder changes.
In other words, Novell iFolder client and server software work together to keep the contents of these two personal iFolders synchronized. If you download and install Novell iFolder client software on a second computer, the iFolder server publishes your existing personal iFolder to this computer. Using Novell iFolder, you can synchronize your data across as many computers as you want.
Access From the Road
The data in your personal iFolder is available from virtually anywhere you happen to find yourself--even when you can't access a computer running Novell iFolder client software. Using Novell iFolder Professional Edition 2.0, you can access your personal iFolder on the iFolder server from any computer or personal digital assistant (PDA) that has Internet access and an HTML-enabled web browser.
If you are using Novell iFolder Standard Edition, you can access this folder from computers that have an Internet connection and a java-enabled web browser. (For more information about how to install Novell iFolder client and server software, see "Novell iFolder: Your Data Where You Want It, When You Want It," Novell Connection, May 2001, pp. 6-20.)
Note: Novell iFolder Standard Edition 1.01 is the version of Novell iFolder included with NetWare 6. Although you can now purchase Novell iFolder Standard Edition 1.01 as a separate product, in the future, it will be available only with NetWare 6.
Except as noted, the brief description above applies to all versions of Novell iFolder--including Novell iFolder Professional Edition 2.0. However, to better support large-scale deployments of Novell iFolder, Novell changed the underlying architecture of Novell iFolder Professional Edition 2.0.
Novell also added several new features to Novell iFolder Professional Edition 2.0 that enhance its ability to support large-scale deployments. For example, Novell iFolder Professional Edition 2.0 includes the following:
Support for additional network operating systems
Support for millions of users (multiple iFolder servers act as a single system)
Reporting tool for billing and management
Ability for administrators to recover pass phrases
Thin-client support for Citrix, Terminal Server, and Novell OnDemand Services
Support for Pocket PC and Palm PDA access to files via a web browser
Ability to choose the location of the iFolder directory on local hard drives
BUILDING NOVELL IFOLDER TO SCALE
Although these new features were designed with large-scale deployments of Novell iFolder in mind, your company doesn't need to be gargantuan to use Novell iFolder Professional Edition 2.0. In fact, Novell iFolder Professional Edition 2.0 supports single-server deployments of Novell iFolder for smaller companies.
To better support companies of any size, Novell has also built Novell iFolder Professional Edition 2.0 to run on multiple operating systems. Like previous versions of iFolder, Novell iFolder Professional Edition 2.0 runs on NetWare 6 and 5.1 (with Support Pack 3 and above) and Windows 2000 and NT. In addition, Novell iFolder Professional Edition 2.0 runs on Linux and Solaris servers. Specifically, Novell iFolder Professional Edition 2.0 has been tested with Solaris 8.0 and Red Hat Linux 7.1 and 7.2.
In addition, Novell iFolder Professional Edition 2.0 client software supports a variety of desktop operating systems. Novell iFolder supports Windows XP, 2000, NT 4, 98, and 95, and will soon support the Macintosh operating system.
Of course, larger companies--such as xSPs--are the main beneficiaries of Novell iFolder Professional Edition 2.0's innate scalability. These companies can add as many iFolder servers as they need. Specifically, Novell product manager Matt French estimates that companies can add at least 100 servers to a Novell iFolder Professional Edition 2.0 system.
As French explains, if each of these servers supports 10,000 users, such a system would support 1,000,000 users. "Most companies won't need to support this many users, although xSPs potentially could," French adds.
To add an iFolder server to your company's existing iFolder Professional Edition 2.0 system, you simply complete the following steps:
Access the web-based iFolder Management console.
Select Global Settings from the main web page.
Select iFolder Servers on the Global Settings menu, and click the Add bar.
HOW IFOLDER SERVERS COME TOGETHER
The new architecture of Novell iFolder Professional Edition 2.0 enables all users to log in to a single iFolder server--the default server--regardless of the number of iFolder servers in your company's iFolder system. This new architecture also enables you to manage multiple iFolder servers as a single iFolder system.
To tie individual servers into a single iFolder system, Novell iFolder Professional Edition 2.0 uses one or more Lightweight Directory Access Protocol (LDAP)-compliant directories. (Although Novell plans to provide support for other leading LDAP v3-compliant directories in the future, Novell iFolder Professional Edition 2.0 currently only supports eDirectory 8.6 and above.) Specifically, Novell iFolder uses a Global Settings LDAP directory to store global Novell iFolder server configuration settings. (See Figure 1.) For example, the Global Settings LDAP directory stores the identity of the default iFolder server--the server to which all of your company's iFolder users log in.
In addition, Novell iFolder Professional Edition 2.0 uses one or more User LDAP directories to authenticate users and to store information that associates individual users with the iFolder servers upon which these users' personal iFolders are stored. If a user's personal iFolder does not reside on the default iFolder server, this server uses the information stored in the User LDAP directories to redirect this user's requests to the iFolder server upon which his or her personal iFolder resides. (For more information about how Novell iFolder Professional Edition 2.0 uses LDAP-compliant directories, see "Sizing Up the New Foundation.")
In contrast, with Novell iFolder Standard Edition 1.0 and 1.01, users must log in to the individual Novell iFolder server upon which those users' personal iFolders reside. In addition, you must manage each iFolder server separately.
HAVE A SAN? USE IT!
If your company is using a Storage Area Network (SAN), you can configure your company's Novell iFolder Professional Edition 2.0 server to use that SAN. (This capability was also available with Novell iFolder Standard Edition 1.0 or 1.01. For information about how Novell configured a Novell iFolder Standard Edition 1.0 server to use its SAN, see "Setting Up the Server: Just the Gist," of the "Novell iFolder: Your Data Where You Want It, When You Want It" article.)
As you probably know, a SAN separates data storage from the servers that access that storage. Therefore, depending on the amount of usable storage space available in a particular SAN, an iFolder server can probably support more and larger personal iFolders by using a SAN than it can by using the server's internal storage.
If you configure an iFolder server to use a SAN, you can increase the amount of storage available to that server by increasing the size of the iFolder volume on the SAN. According to French, Novell has resized the iFolder volume on its SAN several times. "Novell started out with a 175 GB volume. It then allocated additional disk space to this volume, making it 250 GB, and is now running out of space and plans to add another 75 GB."
Because Novell iFolder can't solve users' data-related problems if users' personal iFolders aren't available, Novell recommends that you deploy Novell iFolder in a clustered environment that uses SAN storage. For example, you can run Novell iFolder in a Novell Cluster Services cluster that accesses personal iFolders on a SAN, thereby ensuring that users' personal iFolders are always available. (For more information about using Novell Cluster Services with a SAN, see "Novell Cluster Services 1.6: Keep the Server Side Up and the SAN Side Simple," Novell Connection, June 2001, pp. 22-31.)
A BOON FOR BEAN COUNTERS
The iFolder Management console--which is a web-based management utility for Novell iFolder--has been updated in Novell iFolder Professional Edition 2.0. As you would expect, this utility includes new features to help you better manage your company's large-scale deployment of Novell iFolder. For example, the utility's System Monitoring tool displays real-time information about how much disk space is available on iFolder servers.
Perhaps more importantly, the iFolder Management console now includes the Reporting tool to help your company keep track of iFolder usage. This feature is particularly helpful if your company or an xSP wants to charge for that usage. For example, the Reporting tool displays user account information, such as the total amount of disk space each user's personal iFolder consumes. (See Figure 2.)
The Reporting tool also displays the amount of information each user downloaded or uploaded when his or her personal iFolder was last synchronized. This information is helpful if your company wants to track users' bandwidth consumption. In addition, the Reporting tool provides general information such as the total number of users on your company's Novell iFolder system; server information, such as server uptime; and LDAP statistics, such as the number of users in a particular LDAP directory.
You access the Reporting tool from the main web page of the iFolder Management console. To access the iFolder Management console, you type the following URL--which is case sensitive--in a supported browser's Location field: https://ifolderserveripaddress/iFolderServer/Admin.
The iFolder Management console supports Netscape 4.7 and above and Internet Explorer 5 and above. The Reporting tool can display reports in your browser window and can also export these reports as comma-delimited files. You--or your company's accountant--can then import these files into a spreadsheet application.
PRIVACY PLEASE! BUT NOT TOO MUCH!
All versions of Novell iFolder provide several security options, including the option to enable encryption using 128-bit Blowfish encryption keys. (Blowfish is a symmetric block cipher encryption scheme. For more information about Blowfish, see the "A Little Privacy, Please!" section of the "Novell iFolder: Your Data Where You Want It, When You Want It" article.)
When you enable the Encryption option, users can--if they choose--encrypt their data as it crosses the Internet. Data is also encrypted in the user's personal iFolder on the Novell iFolder server. You can also opt to force users to use the Encryption option. (See Figure 3.)
If you or users opt to encrypt data, Novell iFolder client software prompts users to provide a pass phrase. As you know, Novell iFolder uses this pass phrase to generate the 128-bit key that encrypts and decrypts users' data.
After users provide this pass phrase, the Novell iFolder client software displays a dialog box that asks if users want this software to remember their pass phrase. If users enable this feature, the client software stores the pass phrase on the local hard drive. Thereafter, when users authenticate to the iFolder server, the client software automatically provides the iFolder server with their pass phrase so they don't have to. Of course, if users don't enable this feature, their pass phrase isn't stored on their local hard drive.
In addition to these encryption options, Novell iFolder Professional Edition 2.0 provides the option to recover pass phrases. If you don't select and enforce the Recover Pass Phrase option, your company may not be able to recover valuable data stored in Novell iFolder servers.
For example, suppose your company has iFolder users who work at the office using computers that your company provides. Your company also has users who telecommute using their own computers. Further suppose that you have enforced the Encryption option for all iFolder users.
If an in-house user leaves your company, your company's security officer can probably recover the data in this user's personal iFolder without first recovering the user's pass phrase. To recover this data without the user's pass phrase, however, the security officer would need to access the personal iFolder that resides on the user's computer. Depending on the size of your company and the rate of employee turnover, physically accessing users' computers to recover data could consume a significant amount of time.
If a telecommuting user leaves the company, on the other hand, physically accessing the personal iFolder on this user's computer is probably not an option. Therefore, without this user's pass phrase, your company probably couldn't recover this user's data at all.
By enabling and enforcing the Recover Pass Phrase option, you can ensure that your company's security officer has access to the data stored in users' personal iFolders, regardless of who owns the computers from which users access those personal iFolders. (For information about how to recover information that is stored using this option, see "Keys You Can't Lose.")
YOU CAN'T BE TOO THIN FOR NOVELL IFOLDER
Deploying Novell iFolder in a thin-client environment can present a few problems. In this environment, Novell iFolder would normally create personal iFolders on the local drives of thin-client servers, as opposed to creating these personal iFolders on the hard drives of users' local computers. These personal iFolders would therefore consume valuable space on thin-client servers.
In addition, thin-client environments can cause synchronization delays between personal iFolders on thin-client servers and personal iFolders on Novell iFolder servers. This delay is caused because all user data must be synchronized to the local drives of the thin-client servers.
Fortunately, Novell iFolder Professional Edition 2.0 includes Novell NetDrive, which is software that enables you to access NetWare 6 servers using standard Internet protocols, such as FTP. Novell NetDrive also supports Novell's Internet Folder Protocol (IFP), the filing protocol that Novell iFolder uses.
By using Novell NetDrive, you can deploy Novell iFolder in a thin-client environment without consuming valuable space on the thin-client server. Novell NetDrive provides the ability to map a network drive from thin-client servers directly to the default iFolder server. Using Novell NetDrive, users access personal iFolders directly from the iFolder server, thus eliminating synchronization delays and potential storage problems.
Novell NetDrive supports the following thin-client environments:
Terminal Services Client
Novell OnDemand Services
To set up Novell iFolder access for thin-client users, you install Novell NetDrive on your company's thin-client servers. These servers then display a Novell NetDrive icon on users' virtual desktops. You (or these users) can then double-click this icon to map a drive from the thin-client server to the users' personal iFolder on your company's NetWare 6 iFolder server. (For more information about installing and using Novell NetDrive, visit www.novell.com/documentation/lg/nw6p/index.html and select Novell NetDrive from the Managing Network Storage area.)
FOR YOU, TOO
Although Novell created Novell iFolder Professional Edition 2.0 for companies and xSPs that need more than one Novell iFolder server, all versions of Novell iFolder--including Novell iFolder Professional Edition 2.0--are created with the user in mind. The following are a few features that will impress any iFolder user:
Personal Digital Assistant (PDA) Support
You can use PDAs that support Microsoft's Pocket PC operating system--such as Compaq's iPAQ or Hewlett-Packard's Jornada--to access your personal iFolder. (For more information about iPAQ and Jornada, visit www.compaq.com/products/handhelds/pocketpc/index.html and http://hp-at-home.com/gatewayPages/handhelds.htm.) Novell iFolder Professional Edition 2.0 also supports PDAs that use the Palm operating system, such as the Palm and Handspring PDAs. (For more information about Palm and Handspring PDAs, visit http://www.palm.com/ and http://www.handspring.com/, respectively.)
Note: Novell has currently tested Novell iFolder only with the Handspring Blazer web browser.
You access your personal iFolder from one of these devices by connecting to the Internet, launching your PDA's browser, and typing the URL of the Novell iFolder default server. You then log in to your company's Novell iFolder system over a Secure Sockets Layer (SSL) connection. After you authenticate, your browser displays your personal iFolder. You can then view and download files and folders within your personal iFolder. Unfortunately, Pocket PC and Handspring Blazer browsers do not support uploads.
Put It Anywhere You Want It To Be
Have you noticed that your computer desktop looks a little (or maybe even a lot) different from your colleagues' desktop? As a user, you have your own way of doing things. Just as you like arranging the icons on your computer's desktop to suit your own tastes and needs, you like locating the files on your computer's hard drive where you want them.
Novell iFolder Professional Edition 2.0 enables users to put their local personal iFolder directory anywhere on their computer's hard drive. The installation program for the iFolder Professional Edition 2.0 client software prompts users to specify where they want to store the local copy of their personal iFolder. Users can select the default location (C:/My Documents/iFolder/username/Home) or can browse to select another location. (See Figure 4.)
Of course if you, as a network administrator, are using Novell iFolder Professional Edition 2.0 on your company's network, you have the option to tell users exactly where to put their personal iFolders. As French explains, some companies have policies that require users to store all data files in a particular directory.
If you want to enable users to select the location of their local personal iFolder, you do nothing; users have this ability by default. If you want to specify a directory for users, you access the iFolder Management console and complete the following steps:
Select Global Settings.
Select Global Policies.
Display client policies and specify a Novell iFolder location in the iFolder Location field.
Click the checkbox to enforce this location. (See Figure 3.)
YOU NEEDED THIS
Assuming that you'd like to try Novell iFolder before you buy it (either as a service from your xSP or to deploy on your company's network), Novell is currently making 10 MB of personal iFolder space available on its Novell iFolder Professional Edition 2.0 system. To sign up for this free service, visit http://ifolderdemo.novell.com/. However, be warned: If you try Novell iFolder, you may not be able to live without it.
Skeptical? So was Randy Anderson of Springfield, Illinois. In a recent Novell iFolder testimonial, Anderson writes that he thought he would never use Novell iFolder because using it "would be a hassle."
"I was wrong!" Anderson's testimonial proclaims. "I wonder how I ever survived without it." (You can view this and other Novell iFolder testimonials at www.novell.com/products/ifolder/testimonials.html.)
Because Novell iFolder Professional Edition 2.0 supports large-scale deployments of Novell iFolder, it is now more possible than ever that Anderson's xSP will offer Novell iFolder as a service. If Anderson's xSP does so, Anderson may never have to live without Novell iFolder.
Cheryl Walton works as a senior writer for Niche Associates, an agency that specializes in writing and editing technical documents. Niche Associates is located in Sandy, Utah. (For more information, visit http://www.nicheassociates.com/.)
Where do you go to get Novell iFolder Professional Edition 2.0 for your company, and how much will you pay for it? The answers to these questions depend on your company's particular situation.
For example, if your company is not an Internet or Application Service Provider (xSP) and is not already using Novell iFolder Standard Edition 1.0 or 1.01, you can purchase Novell iFolder Professional Edition 2.0 online through shopNovell, Novell's online store (www.shopnovell.com) for U.S. $49 per user. (Novell iFolder Standard Edition 1.01 is the version of Novell iFolder that is included with NetWare 6.)
You can also purchase Novell iFolder Professional Edition 2.0 at this price through your local Novell channel partner or sales office. If you live in North or South America, you can also purchase Novell iFolder Professional Edition 2.0 directly from Novell by calling the Novell Customer Response Center (CRC) at 1-888-321-4272.
If your company is already using a previous version of Novell iFolder Standard Edition, you can purchase Novell Professional Edition 2.0 as an upgrade for U.S. $26 per user through your local Novell channel partner or sales office. In the Americas, you can also purchase an upgrade through the Novell CRC.
For a limited time, Novell is also offering Novell iFolder Professional Edition 2.0 free if you purchase a maintenance agreement or upgrade protection for Novell iFolder. For more information, you can contact your local Novell channel partner or sales office or the Novell CRC.
Finally, if your company is an xSP, regardless of whether or not it is currently using a previous version of Novell iFolder Standard Edition, you can purchase Novell iFolder Professional Edition for U.S. $1.50 per user per month. Call the Novell CRC or your local Novell channel partner or sales office for details.
Sizing Up the New Foundation
As you know, the height to which a building can scale depends on the size of that building's foundation. (After all, as the cliché goes, you can't build a mansion on the foundation of an outhouse.) Likewise, software can only scale to accommodate large numbers of users if it is designed from the ground up to do so.
Therefore, when Novell set out to create Novell iFolder Professional Edition 2.0--the version of Novell iFolder for large-scale deployments--it redesigned the Novell iFolder architecture. (A large-scale deployment is a deployment that includes two or more iFolder servers. See Figure 1.)
Specifically, Novell iFolder Standard Edition 1.0 and 1.01 use a directory only for user authentication. Novell iFolder Professional Edition 2.0, on the other hand, also uses a directory to enable two or more Novell iFolder Professional Edition 2.0 servers to act as a single system. (Novell iFolder Standard Edition 1.01 is the version of Novell iFolder included with NetWare 6.)
Novell iFolder Professional Edition 2.0 extends the schema of Lightweight Directory Access Protocol (LDAP) v3-compliant directories to include specialized objects and attributes. To accomplish this task, Novell iFolder makes only LDAP v3-compliant calls.
However, all LDAP v3-compliant directories don't interpret these standard calls in the same way. As a result, Novell iFolder Professional Edition 2.0 currently supports only one LDAP v3-compliant directory: Novell eDirectory. Novell plans to add support for other popular LDAP v3-compliant directories, such as Netscape iPlanet and Microsoft Active Directory, in the future.
YOU KNOW YOU CARE
From a management standpoint, you don't need to know much about these objects and attributes. In fact, you don't even need to know they exist. Novell iFolder Professional Edition 2.0 creates one of these objects--the iFolderSettings object--in the background when you install Novell iFolder. Novell iFolder then creates additional iFolder objects--such as iFolderServer objects--and manages all iFolder objects in the background when you manage your company's Novell iFolder system using the iFolder Management console.
However, because IT is your vocation (and possibly even your passion), Novell Connection thinks you might like to know more about these objects and attributes than meets your eye when you manage them. Specifically, you may be interested in what these objects and attributes are and how they provide the foundation for a large-scale deployment of Novell iFolder Professional Edition 2.0.
UNDERNEATH IT ALL
Novell iFolder Profssional Edition 2.0 extends LDAP v3-compliant directories to include the following objects:
The iFolderSettings object
The iFolderLDAP object
The iFolderServer object
The iFolderUser object
THE IFOLDERSETTINGS OBJECT
The iFolderSettings object identifies the default Novell iFolder server, which is the server that all users in a large-scale deployment of Novell iFolder log in to. This default server enables you to manage several iFolder servers and client computers as a single system. (A client computer is a computer upon which Novell iFolder client software is running.) Using Novell iFolder Standard Edition 1.0 and 1.01, which are not expressly designed for large-scale deployments of Novell iFolder, you must manage each iFolder server and its corresponding client computers separately.
The iFolderSettings object includes the following attributes:
iFolderDefaultServerName. This attribute specifies the Domain Naming System (DNS) name or the IP address of the default iFolder server.
iFolderClientXml. This attribute specifies default iFolder global client policies, such as security policies, which apply to all client computers in an iFolder system.
You enable and enforce global client policies for client computers through the iFolder Management console. (See Figure 2.) To manage global client policies, select the Global Settings link on the main web page of the iFolder Management console, and select Global Policies. You then click the Display bar to display client policies.
iFolderServerXml. This attribute specifies default iFolder global server policies, such as default disk-space quotas for personal iFolders. To set global server policies, you access the iFolder Management console and select Global Settings. You then select Global Policies and click the Display bar to display server policies.
iFolderAdminNames. This attribute specifies the LDAP usernames of Novell iFolder administrators.
THE IFOLDERLDAP OBJECT
The iFolderLDAP object specifies the Global Settings LDAP directory, which stores the iFolder server and client software settings specified in the iFolderSettings object. This object also specifies one or more User LDAP directories, which the iFolder default server uses to authenticate users and to locate the specific iFolder servers upon which these users' personal iFolders reside. (You can authenticate users via one or more LDAP v3-compliant directories. The Global Settings LDAP directory and the User LDAP directory can be the same LDAP v3-compliant directory.)
The iFolderLDAP object includes the following attributes:
iFolderLDAPDNSorIP. This attribute specifies the DNS name or the IP address of the server upon which the Global Settings LDAP directory resides. This directory contains the iFolderSettings object, the iFolderLDAP object, and iFolderServer objects.
iFolderLDAPPort. This attribute specifies the ports over which the Global Settings LDAP directory sends and receives requests.
iFolderLDAPContexts. This attribute specifies the User LDAP directories and contexts in which the iFolder default server authenticates users. You can add new LDAP User directories and contexts to the iFolder LDAP object by selecting the Global Settings link on the iFolder Management console main web page. Next, you select Global Settings and User LDAPs. You then click the Add button to add a new User LDAP directory or context.
iFolderLDAPCertificate. This attribute specifies the location of the digital certificate Novell iFolder uses to establish Secure Sockets Layer (SSL) communications with requesting browsers.
THE IFOLDERSERVER OBJECT
The Global Settings LDAP directory contains one iFolderServer object for each server in your company's iFolder system. Novell iFolder creates these objects when you add servers to your company's iFolder system.
To add a new Novell iFolder server, you access the iFolder Management console, select Global Settings, and then select iFolder Servers. Finally, you click the Add bar to add a new server.
iFolderServer objects include the following attributes:
iFolderServerDNSorIP. This attribute specifies the DNS name or the IP address of the iFolder server that the iFolderServer object represents.
iFolderServerSecureDNSorIP. If you use a port other than port 443 for secure communications, this attribute specifies that port. (By default, Novell iFolder servers use port 443 for secure communications.)
THE IFOLDERUSER OBJECT
The Novell iFolder installation program extends User LDAP directories to include the iFolder object class, which is an auxiliary class of LDAP User objects. As its name implies, this auxiliary object class identifies iFolder users. When an iFolder client requests authentication, the iFolder server searches LDAP User directories for iFolderUser objects.
To add iFolderUser objects, you access the iFolder Management console and select the User Management link on the main web page. You then select Add from the User Management menu.
The iFolderUser object includes the following attributes:
iFolderServerName. This attribute specifies the name or the IP address of the iFolder server upon which the user's personal iFolder resides. If this server is not the default server, the default server redirects the user's requests to this server.
iFolderQuota. This attribute specifies the disk space that a user's personal iFolder is allowed to consume. To set space quotas for individual users, you access the iFolder Management console and select User Management on the main page. You then search for and select the iFolderUser object representing the user whose quota you want to set. The iFolder Management console displays a page containing information about this user. You set this user's space quota on this page by specifying the maximum amount of disk space this user is allowed to consume (in MB) and then clicking the Update bar.
PUT IT ALL TOGETHER
When a user accesses the default iFolder server, this server prompts the user to provide a username and password. The default server then performs a Bind operation to the LDAP directories specified in the iFolderLDAP object. After performing this operation, the default server uses the user's credentials to search these directories for this user.
When the default server finds the user, this server authenticates the user. The default server then checks the iFolderUser object for the identity of the iFolder server upon which the user's personal iFolder is stored. If this user's personal iFolder isn't stored on the default iFolder server, the default server redirects the user's request to the iFolder server where the user's personal iFolder resides.
Of course, the user has no idea his or her requests are being redirected to another iFolder server. The redirection process is invisible to the user.
* Originally published in Novell Connection Magazine
The origin of this information may be internal or external to Novell. While Novell makes all reasonable efforts to verify this information, Novell does not make explicit or implied claims to its validity.