Novell Nsure TM Identity Manager 2 andGroupWise Provisioning Art Purcell, GroupWise ® Engineering,...

Novell NsureTM Identity Manager 2 andGroupWise Provisioning

Art Purcell, GroupWise® Engineering, apurcell@gw.novell.com

David Holbrook, DirXML Engineering, dwholbrook@novell.com

one Net: Information without boundaries…where the right people are connected with the right information at the right time to make the right decisions.

The one Net vision

Novell exteNd™

Novell Nsure™

Novell Nterprise™

Novell NgageSM

The one Net vision

Novell Nsure solutions take identity management to a whole new level. Novell Nsure gives you the power to control access so you can confidently deliver the right resources to the right people — securely, efficiently, and best of all, affordably.

Novell Nsure™

Novell exteNd™

Novell Nsure™

Novell Nterprise™

Novell NgageSM

Topics covered

• What is Novell Nsure Identity Manager 2?

• What do we mean by automated provisioning and administration?

• What can the GroupWise® driver do?

• How does the GroupWise driver work?

• Demonstration

• ConsoleOne® administration

• Creating an email meta-directory

What is Novell Nsure Identity Manager 2?

• Two-way synchronization technology for eDirectory™ based on events

• Directory and applications

• Directory and directory

• For more details, go to an Identity

Manager session

• www.novell.com....

What do we mean by automated provisioning and administration?

Based on a change in eDirectory

• Automated account creation

• Automated account maintenance

• Automated account termination

Before Employee starts job, no email account– Calls help desk– Contacts IS&T tech– Creates new account with some user

information– User information is not complete

Automated account creation

New Employee is hired

After– Employee is created in HR system– GroupWise account is created

automatically– Employee is given account information

at hire time

Before– Employee called HR– Employee called IS&T– IS Help desk modified user

information in ConsoleOne with GroupWise snap-ins

Automated account maintenance

Employee’s information is modified

After– Employee modifies information in eGuide– eDirectory account is updated– GroupWise address book is automatically

updated

Before– HR notified IS&T (sometimes weeks or

months later, sometimes never)– IS&T terminated account access

(sometimes improperly, sometimes the wrong account)

– Meanwhile mail forwarding was on going

Automated account termination

Employee leaves the company

– HR sets employee status to inactive– DirXML disables eDirectory account– DirXML disables, expires or deletes

GroupWise account– GroupWise account is automatically

removed from distribution lists

What can the GroupWise Identity Manager driver do?

• Account management• Attribute management• Internet address administration• Distribution list administration• External object administration• Query GroupWise domain via

preprocessor• Automated administration of a

meta-directory

Account management

• Account creation

• Account placement

• Account expiration

• Account disablement

• Account deletion

Attribute management

Default attribute synchronization

• Configured attributes are automatically

synchronized

Custom attribute mapping

• 20 reserved GroupWise attributes for custom data

• Map an eDirectory attribute to a reserved

GroupWise attribute

Internet address administration

Through customization the driver can• Set internet domain• Set address format• Set address to any value

• GroupWise 6.5 or later• Define gateway aliases automatically• Create GroupWise nicknames

• On user move or rename • GroupWise 6.01 or later

Distribution list administration

Through customization the driver can

● Add user to a distribution list● Remove user from a distribution list● Remove user from all distribution lists● Query for distribution list information− By user− By distribution list

External object administration

External post office

External user object

The driver can create, modify, and delete

External users in GroupWise domain

GroupWise Driver

GroupWise Domain

Exchange Driver

GroupWise eDirectorywith Exchange users

External users in GroupWise domain

GroupWise Driver

Notes Driver

GroupWise Domain

GroupWise Driver

eDirectory with Notes users

GroupWise eDirectory

Place external users in external PO

Query GroupWise directory

Query GroupWise objects for attributes

Query for proposed email

addresses

Query can be used to populate

a meta-directory

Automated administration of a meta-directory

Based on information in GroupWise

• Synchronize information to a meta-directory

• Global address book for multiple email systems:

GroupWise, NetMail™, Exchange, Notes, etc.

How does the GroupWise Identity Manager driver work?

Components

• GroupWise

• eDirectory

• Identity Manager

• GroupWise driver

Option 1 - GroupWise driver 2.1• Works with GroupWise 5.5 through 6.5

• NetWare, Linux, Unix, Windows server

– eDirectory replica with users to be managed

– Identity Manager

• Windows server

– Remote loader

– GroupWise driver

– Connection to a GroupWise domain

• NetWare or Windows server

– GroupWise domain

Three separate servers

GroupWise systemeDirectory replicaIdentity Manager

Windows serverGroupWise driver

Option 2 - GroupWise driver 2.1• Works with GroupWise 5.5 through 6.5

• NetWare server

– eDirectory replica with users to be

managed

– Identity Manager

– GroupWise driver

– GroupWise domain

Single server

eDirectory replica Identity Manager GroupWise driver GroupWise domain

Configuring the GroupWise driver

When the driver and domain are on separate servers, need to specify the:

• GroupWise primary domain server

• Primary domain path on server

• Server authentication name and password

– The same username and password must be configured on both systems

– The eDirectory context is required when the GroupWise Domain Database is on a remote NetWare server.

Demo time

• Import driver configuration

• Show configuration options

• Create some users

• Remove distribution lists

• Transform a delete event to disable account

ConsoleOne administration

Impact of GroupWise driver on ConsoleOne administration

• Use current GroupWise Snap-ins

• Have a process and follow it– Operations that are performed by the driver– Operations that are performed manually

through ConsoleOne

• Let the driver do its work• Rename GroupWise accounts with driver or

ConsoleOne but not both

ConsoleOne administration (cont)

Impact of GroupWise driver on ConsoleOne administration

• Admin-defined attributes– Map attributes in driver– Configure attributes in ConsoleOne

• Manual association of GroupWise and eDirectory objects

– See cautions in GroupWise driver documentation before doing this

Creating an email meta-directory

Basic concept

• Synchronize all data into a central eDirectory tree

• Synchronize data into individual applications as desired

• Two basic configurations– GroupWise objects in the meta-

directory tree– One GroupWise driver

– Separate GroupWise and meta-directory trees

– Two GroupWise drivers

Email meta-directory

eDirectory ExchangeGroupWise

Notes NetMail

= DirXML drivers

Creating an email meta-directory

Two basic configurations0. GroupWise users and external users in

the same meta-directory tree.

1. GroupWise users in one tree and external users in a second tree.

• Use the query function of the GroupWise DirXML driver to pull data from GroupWise and put it into the meta-directory.

GroupWise and meta-directory tree

GroupWise Domain

Exchange Driver

Meta-Directory and GroupWise eDirectory

GroupWise Driver

GroupWise users and external users in the same tree

Meta-directory from GroupWise

GroupWise Domain

GroupWise Driver

Notes Driver

Query for GroupWise Users and place them in meta-directory

GroupWise Driver

Meta-Directorywith Notes users

and GroupWise users

GroupWise eDirectory

GroupWise users and external users in separate trees

Deploying the GroupWise DirXML driver

Simple implementation• Knowledge / skillset required:

– Basic XML and XSLT knowledge– Basic DirXML knowledge– Expert-level GroupWise knowledge– Expert-level eDirectory knowledge

Complex• Knowledge / skillset required:

– XML and XSLT proficiency– Expert-level DirXML knowledge– Expert-level GroupWise knowledge– Expert-level eDirectory knowledge

Option: Consultant / VAR

General DisclaimerThis document is not to be construed as a promise by any participating company to develop, deliver, or market a product. Novell, Inc., makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc., reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.

No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.

Novell Nsure TM Identity Manager 2 andGroupWise Provisioning Art Purcell, GroupWise ® Engineering,...

Documents

GroupWise Disaster Recovery Admin Guide · To run most effectively GroupWise Disaster Recovery should use the version of GroupWise software that the GroupWise server is using Go to

Nsure ™ Identity Manager 2 (formerly DirXML ® ) Driver Development Overview Richard Matheson DirXML Driver Engineering Manager Novell, Inc. rmatheson@novell.com

GroupWise 8 Basics

Guía del usuario del cliente de GroupWise 18 › es-es › documentation › ... · 1 1Inicio 1.1 Instalación del cliente de GroupWise 1 GroupWise,

Overview of Novell® Nsure ™ Identity Manager Deployment Studio Steven Weitzeil Director of Engineering, Nsure Identity Manager & Nsure Audit Novell Bill

Groupwise – skicka mail

Novell GroupWise ® Mobile Server, powered by Intellisync Gregory Webb Novell, GroupWise Product Marketing Ken Muir Director, Novell GroupWise Engineering

Nsure ™ Audit: Instrumenting Custom Applications Rick Meredith Jason Arrington Nsure Audit Engineering Novell, Inc

VIIIDatabases - novell.com fileUnderstanding GroupWise Databases 25 novdocx (en) 11 December 2007 373 25Understanding GroupWise Databases Your GroupWise® system includes numerous

GroupWise Administration - Micro Focus€¦ · POA SOAP Configuration ... Microsoft .NET Framework 3.5 SP 1 GroupWise 7 SP 3 Win 32 Client GroupWise 7 SP 2 HP GroupWise 8 SP 2 Recommended:

Nsure ™ Identity Manager 2 (formerly DirXML ® ) Driver Development Bill Bodine Senior Consultant bbodine@novell.com

Implementing the DirXML ® Starter Pack on NetWare ® 6.5 Richard Moore, Novell DirXML Engineering Stuart Mansell, Novell Consulting

Www.novell.com Understanding Novell DirXML ™ Technology Nick Nikols DirXML Architect and Engineering Manager Novell, Inc. nick@novell.com Steven Weitzeil

Guia Groupwise Español

GroupWise 7 to Outlook 2010 Transition GroupWise 7 to... · Email Rules in GroupWise 7 To capture email rules in GroupWise: 1. Click Tools Rules. 2. In the Rules window, click on

GroupWise 8 Support Pack 3 - Novell is now Micro …€¦ · 4 GroupWise 8 Support Pack 3 5.1.2 GroupWise Version Compatibility If you install GroupWise on multiple platforms, or

GroupWise Email II

groupwise archive

Managing Novell ® Nsure™ Identity Manager 2 (formerly DirXML) Policies Shon Vella Software Engineer, Consultant Novell, Inc. Perin Blanchard Software Engineer,

GroupWise Training Manual