Federated Tree Information
Articles and Tips: tip
01 Dec 2001
Applications Using Federated Trees
If an application relies on resolving to [Root] for finding information, it will not work in the federated environment. In previous versions of eDirectory, [Root] indicated the root of the namespace, the management space, and the schema space. Tree federation changes the root of the namespace.
Future releases of the directory will separate the root of the management space from the schema space as well.
Using the Novell Client in a Federated Tree
The existing Novell Client looks for broadcast information regarding existing NDS eDirectory trees in the environment it is attached to. Current eDirectory and new eDirectory 8.5 servers advertise or broadcast the partition root names they hold (for example, Serv1.novell.com.dns).
To display the trees, all information other than the tree name is stripped off and discarded, leaving only the Domain Name Service (DNS) component. Thus, in the federated environment, the Client will only show the tree nameDNS and will not show the individual, independent federation points.
To successfully use the Novell Client in a federated environment, enter a fully qualified username, password, and server name. You should leave the tree name and context fields blank.
Instead of using the NetWare services GUI for client connections, run the Novell login from the Start menu (instead of from the system tray). This issue will be completely resolved in a future fix.
Network Address Translation and Federated Trees
Because of address embedding, Network Address Translation (NAT) is not compatible with the NCP protocol that Novell Directory Services (NDS) communications use. As a result, federation of NDS trees that reside on different private networks and that use NAT to translate unregistered IP addresses will not work.
As a workaround, you can use a Virtual Private Network (VPN) which will eliminate the need for NAT for IP communication between the private networks. VPN also provides encryption security for the NCP protocol information.
* Originally published in Novell AppNotes
The origin of this information may be internal or external to Novell. While Novell makes all reasonable efforts to verify this information, Novell does not make explicit or implied claims to its validity.