Upload
novell
View
2.096
Download
0
Embed Size (px)
DESCRIPTION
See how the popular Novell Storage Manager can help you manage file storage and user administration like never before. Leveraging user identities and roles, you can customize policies based on your business rules, thereby automating redundant tasks and reducing the heavy manual effort typically required for file management. Attend this session to hear from the experts on architecture, deployment patterns and how to get the most bang for your buck!
Citation preview
Novell® Storage Manager:Your Secret Weapon for Simplified File and User Management
Ed ShropshireProgram [email protected]
David CondreyEngineering [email protected]
© Novell, Inc. All rights reserved.2
Agenda
• Novell® Storage Manager 2.5 Components Update• Managing Personal User Storage
– Getting existing storage managed
– Quota Management and Auxiliary Storage
• Managing Collaborative Storage– Group-based and Container-based Storage
– New Manage / Backfill Operations
• NSM 2.5 Action Object and LDAP/ IDM Integration• Upgrading from NSM 2.0
© Novell, Inc. All rights reserved.3
Agenda
A
• Novell® Storage Manager Overview
• Getting Existing Storage Managed by Policy
• Managing Collaborative Storage
• Rights Analysis and Reports
• File Grooming and Data Vaulting
• Auxiliary Storage Policies
• Identity Manager Integration
• Life-cycle Storage Management Demo
© Novell, Inc. All rights reserved.4
Exponential Growth in Storage
• Capacity at Fortune 1000 companies doubling every 10 months1
• 60% Compounded Annual Growth Rate (CAGR) for storage during 2006-20112
• 36% CAGR of capacity-optimized storage shipments exceeding 20 million terabytes by 20113
1 TheInfoPro study, 20062 IDC, May 20073 IDC, December 2007
© Novell, Inc. All rights reserved.5
File-based Data Growth
IDC, January 2009
“The fastest-growing data type is the file. Unstructured, file-based data is growing faster, is consuming more space, and is being retained longer. This is a challenge that touches every tier of storage, from primary to data protection to archiving.”
© Novell, Inc. All rights reserved.6
The Quick Fix: Add More Storage
• Tier 1 storage: SAN, file server, etc
• Tier 2 storage: Serial ATA device, NAS, etc.
• Tier 3 storage: Tape storage
© Novell, Inc. All rights reserved.7
Just Adding Storage is Unsustainable
IDC, December 2007
“Simply continuing to add more storage throughtraditional methods is unsustainable becausemany datacenters will be unable to provide thenecessary power, space, or cooling. As a result,companies need to be more effective andefficient in the way they provide storage resources.”
© Novell, Inc. All rights reserved.8
The Need for Storage Management
• Regularly and on-going
• Files and folders reviewed
• Compliance Management
• Determination made to
– Leave data where it is
– Move it to Tier 2 or 3 storage
– Delete it
But where are you going to find time to do all this?
© Novell, Inc. All rights reserved.9
Novell® Storage Manager
• Automates full lifecycle management of user andgroup storage
• Leverages eDirectory™ or Active Directory
• Automates comprehensive set of management tasks
• Identity-based
• Policy-driven
• Helps assure compliance
• Saves significant time and money
© Novell, Inc. All rights reserved.10
Storage
Storage Hardware Environments
• Storage Hardware Platforms• Storage Area Networks• Unstructured data• Company assets• NetWare and OES Linux• Linux• Windows Server
© Novell, Inc. All rights reserved.11
StorageIdentity
AD
Novell eDirectory
Microsoft Active Directory
• Provisioning / De-Provisioning• Role Based Management
Identity Management
• Storage Hardware Platforms• Storage Area Networks• Unstructured data• Company assets• NetWare & OES Linux• Linux• Windows Server
© Novell, Inc. All rights reserved.12
Identity-drivenStorage Management StorageIdentity
• Provisioning / De-Provisioning• Lifecycle Storage Management• Automate manual processes• Secure based on policies
AD
Novell eDirectory
Microsoft Active Directory
Event
Event
Policy
Policy
• Provisioning / De-Provisioning• Role Based Management
Novell Storage Manager
Novell Storage Manager
NovellStorageManager
NovellStorageManager
Identity-driven and Policy-based Storage Management
• Storage Hardware Platforms• Storage Area Networks• Unstructured data• Company assets• NetWare & OES Linux• Linux• Windows Server
© Novell, Inc. All rights reserved.13
The Common Thread: Identity
• HIPAA
• Sarbanes-Oxley
• Privacy Act
• Audit Requirements
• NCLB / AYP
• Fast employee ramp-up
• Do more with less
• Team Collaboration
• Eliminate redundant administration tasks
• Reduce helpdesk burden
• Trend Analysis
• Reduce Complexity
• Consistent storage policies
• Deprovision access to critical data
• File Rights Analysis
• Intellectual Property
Identity-driven Storage Management
DataSecurity
CostReduction Productivity Regulatory
Compliance
© Novell, Inc. All rights reserved.14
And be done with it
Put your policies in the directory
Point your directory at your disk
Manage Storage Based on Policy
© Novell, Inc. All rights reserved.15
Lifecycle Storage ManagementBased on Identity and Policy
© Novell, Inc. All rights reserved.16
Server65
Novell® Storage ManagerPolicy-Driven Automation
SanFransisco
X
Boston
Acme
SFO-Policy
BOS-PolicyVaultServer
Server21
Server37
• Provisioning/Placement• Load-balancing• Restructuring
• Tiering• Migration• Renaming• Deprovisioning/Vaulting
Server4
Novell® Storage Manager 2.5Components and Server Requirements
© Novell, Inc. All rights reserved.18
Novell® Storage Manager Components
• Collaborative Storage Policies
• User Storage Policies
• Auxiliary Storage Policies
• Block Policies
• Provision Storage
• Rename Folders
• Cleanup Storage
• Server to Server Data Migration
• Grooming and Vaulting of Storage
• File Template Copies
DelegatedWork
NSM EventMonitor
NSMEngine
NSMAgent
StoragePolicies
© Novell, Inc. All rights reserved.19
Novell® Storage ManagerPolicy Architecture
PolicyAssociations
Collaborative Storage Management
Rules
Personal Storage Management
Rules
© Novell, Inc. All rights reserved.20
Novell® Storage ManagerServer Component Example
HQ
ATL LON
VOL1:\UsersVOL1:\Collaborative
VOL1:\UsersVOL1:\Collaborative
VOL1:\UsersVOL1:\Collaborative
OESLX-LONOESNW-ATLOESLX-ATL
Agent Agent Agent
M – DAM – HQM – ATLM – LON
Event
OESLX-HQ OESNW-HQ
EngineEvent
RW – DARW – HQRW – ATLRW – LONVOL1:\NSMTEMPLATES
DA
HQ
ATL
LON
DA
NSMPOLICIES
GROUP
USER
-OWNER--MEMBER--GROUP-
LON-USERS
© Novell, Inc. All rights reserved.21
Novell® Storage ManagerCreate User Event
HQ
ATL LON
VOL1:\UsersVOL1:\Collaborative
VOL1:\UsersVOL1:\Collaborative
VOL1:\UsersVOL1:\Collaborative
OESLX-LONOESNW-ATLOESLX-ATL
Agent Agent Agent
M – DAM – HQM – ATLM – LON
Event
OESLX-HQ OESNW-HQ
EngineEvent
RW – DARW – HQRW – ATLRW – LONVOL1:\NSMTEMPLATES
User
DA
HQ
ATL
LON
DA
NSMPOLICIES
GROUP
USER
-OWNER--MEMBER--GROUP-
LON-USERS
© Novell, Inc. All rights reserved.22
Novell® Storage ManagerCreate User Event
HQ
ATL LON
VOL1:\UsersVOL1:\Collaborative
VOL1:\UsersVOL1:\Collaborative
VOL1:\UsersVOL1:\Collaborative
OESLX-LONOESNW-ATLOESLX-ATL
Agent Agent Agent
M – DAM – HQM – ATLM – LON
Event
OESLX-HQ OESNW-HQ
EngineEvent
RW – DARW – HQRW – ATLRW – LONVOL1:\NSMTEMPLATES
User
DA
HQ
ATL
LON
DA
NSMPOLICIES
GROUP
USER
-OWNER--MEMBER--GROUP-
LON-USERS
© Novell, Inc. All rights reserved.23
Novell® Storage ManagerCreate User Event
HQ
ATL LON
VOL1:\UsersVOL1:\Collaborative
VOL1:\UsersVOL1:\Collaborative
VOL1:\UsersVOL1:\Collaborative
OESLX-LONOESNW-ATLOESLX-ATL
Agent Agent Agent
M – DAM – HQM – ATLM – LON
Event
OESLX-HQ OESNW-HQ
EngineEvent
RW – DARW – HQRW – ATLRW – LONVOL1:\NSMTEMPLATES
User
DA
HQ
ATL
LON
DA
NSMPOLICIES
GROUP
USER
-OWNER--MEMBER--GROUP-
LON-USERS
© Novell, Inc. All rights reserved.24
Novell® Storage ManagerCreate User Event
HQ
ATL LON
VOL1:\UsersVOL1:\Collaborative
VOL1:\UsersVOL1:\Collaborative
VOL1:\Users \BSMITHVOL1:\Collaborative
OESLX-LONOESNW-ATLOESLX-ATL
Agent Agent Agent
M – DAM – HQM – ATLM – LON
Event
OESLX-HQ OESNW-HQ
EngineEvent
RW – DARW – HQRW – ATLRW – LONVOL1:\NSMTEMPLATES
User
DA
HQ
ATL
LON
DA
NSMPOLICIES
GROUP
USER
-OWNER--MEMBER--GROUP-
LON-USERS
© Novell, Inc. All rights reserved.25
Novell® Storage Manager 2.5 Agent
Delegate Tasks to Target Agent
• Server to Server Data Migration
• Grooming and Vaulting of Storage
• File Template Copies
NSM EventMonitor
NSMEngine
StoragePolicies
Agent ManagedStorageAgentManaged
Storage
Directory Services
© Novell, Inc. All rights reserved.26
Novell® Storage ManagerMove User Event
HQ
ATL LON
VOL1:\UsersVOL1:\Collaborative
VOL1:\Users \BSMITHVOL1:\Collaborative
VOL1:\UsersVOL1:\Collaborative
OESLX-LONOESNW-ATLOESLX-ATL
M – DAM – HQM – ATLM – LON
Event
OESLX-HQ OESNW-HQ
EngineEvent
RW – DARW – HQRW – ATLRW – LONVOL1:\NSMTEMPLATES
User
DA
HQ
ATL
LON
DA
NSMPOLICIES
GROUP
USER
-OWNER--MEMBER--GROUP-
LON-USERS
TargetSource
© Novell, Inc. All rights reserved.27
Novell® Storage ManagerMove User Event
HQ
ATL LON
VOL1:\UsersVOL1:\Collaborative
VOL1:\Users \BSMITHVOL1:\Collaborative
VOL1:\UsersVOL1:\Collaborative
OESLX-LONOESNW-ATLOESLX-ATL
M – DAM – HQM – ATLM – LON
Event
OESLX-HQ OESNW-HQ
EngineEvent
RW – DARW – HQRW – ATLRW – LONVOL1:\NSMTEMPLATES
User
DA
HQ
ATL
LON
DA
NSMPOLICIES
GROUP
USER
-OWNER--MEMBER--GROUP-
LON-USERS
TargetSource
© Novell, Inc. All rights reserved.28
Novell® Storage ManagerMove User Event
HQ
ATL LON
VOL1:\UsersVOL1:\Collaborative
VOL1:\Users \BSMITHVOL1:\Collaborative
VOL1:\UsersVOL1:\Collaborative
OESLX-LONOESNW-ATLOESLX-ATL
M – DAM – HQM – ATLM – LON
Event
OESLX-HQ OESNW-HQ
EngineEvent
RW – DARW – HQRW – ATLRW – LONVOL1:\NSMTEMPLATES
User
DA
HQ
ATL
LON
DA
NSMPOLICIES
GROUP
USER
-OWNER--MEMBER--GROUP-
LON-USERS
TargetSource
© Novell, Inc. All rights reserved.29
Novell® Storage ManagerMove User Event
HQ
ATL LON
VOL1:\UsersVOL1:\Collaborative
VOL1:\Users \BSMITHVOL1:\Collaborative
VOL1:\UsersVOL1:\Collaborative
OESLX-LONOESNW-ATLOESLX-ATL
M – DAM – HQM – ATLM – LON
Event
OESLX-HQ OESNW-HQ
EngineEvent
RW – DARW – HQRW – ATLRW – LONVOL1:\NSMTEMPLATES
User
DA
HQ
ATL
LON
DA
NSMPOLICIES
GROUP
USER
-OWNER--MEMBER--GROUP-
LON-USERS
TargetSource
© Novell, Inc. All rights reserved.30
Novell® Storage ManagerMove User Event
HQ
ATL LON
VOL1:\UsersVOL1:\Collaborative
VOL1:\Users \BSMITHVOL1:\Collaborative
VOL1:\UsersVOL1:\Collaborative
OESLX-LONOESNW-ATLOESLX-ATL
M – DAM – HQM – ATLM – LON
Event
OESLX-HQ OESNW-HQ
EngineEvent
RW – DARW – HQRW – ATLRW – LONVOL1:\NSMTEMPLATES
User
DA
HQ
ATL
LON
DA
NSMPOLICIES
GROUP
USER
-OWNER--MEMBER--GROUP-
LON-USERS
TargetSource
© Novell, Inc. All rights reserved.31
Novell® Storage ManagerMove User Event
HQ
ATL LON
VOL1:\UsersVOL1:\Collaborative
VOL1:\UsersVOL1:\Collaborative
VOL1:\Users \BSMITHVOL1:\Collaborative
OESLX-LONOESNW-ATLOESLX-ATL
M – DAM – HQM – ATLM – LON
Event
OESLX-HQ OESNW-HQ
EngineEvent
RW – DARW – HQRW – ATLRW – LONVOL1:\NSMTEMPLATES
User
DA
HQ
ATL
LON
DA
NSMPOLICIES
GROUP
USER
-OWNER--MEMBER--GROUP-
LON-USERS
TargetSource
© Novell, Inc. All rights reserved.32
Novell® Storage Manager 2.5Engine Requirements
• NetWare® 6.5 SP7 or later• Virtualized NetWare 6.5 SP7 or later• NSM 3.0 – Native Linux Support
NSM 2.5 EngineNetWare
© Novell, Inc. All rights reserved.33
Novell® Storage Manager 2.5Event Monitoring Requirements
• SUSE® Linux Enterprise Server10 SP1 or later
• Open Enterprise Server 2Linux or later
• eDirectory™ 8.7.3.10 or later• eDirectory 8.8 SP2 or later
OESLinux
NSM 2.5 Event Monitor
OESLinux
NSM 2.5 Event Monitor
NetWare
NSM 2.5 Event Monitor
• NetWare® 6.5 SP5 or later
• eDirectory 8.7.3.9 or later• eDirectory 8.8 SP2 or later
© Novell, Inc. All rights reserved.34
Novell® Storage Manager 2.5Agent Requirements
Managed Storage• NetWare® – Novell Storage
Services™ / Traditional• Open Enterprise Server
NW – NSS / Traditional• OES 2 – NSS• OES 2 – EXT3• OES 2 - Reiser
Server Requirements• NW 6.5 / OES-NW SP7 or later• OES 2 Linux SP1 or later
NSM 2.5 Agent
OESLinuxNetWare
© Novell, Inc. All rights reserved.35
NSMAdmin Requirements
• .NET 3.5 Framework• Windows XP SP3, Windows Vista SP1, or Windows 2007• Windows Server 2003 SP2 or later• Windows Server 2008 SP 1 or later
Novell Storage Manager 2.5Management Interface
Installation Planning
© Novell, Inc. All rights reserved.37
Installation Planning
• Plan server that will be running the Engine
• Plan servers for Event and Agent components
• Design eDirectory™ Structure and Location for Storage Policies
• Policy Naming Standards (User, Auxiliary and Collaborative)
• Obtain Eval or Production Novell® Storage Manager 2.5 License
– http://www.storagemgr.com
• Install .NET 3.5 on the Windows Management Workstation
Getting Existing User StorageManaged By Policy
© Novell, Inc. All rights reserved.39
Process Overview
• Run Janitor and gather global statistics and anomaly reports
• Run Consistency Checks on target users and correct issues
• Configure User Storage File Template• Create and associate User Storage Policy and remove
existing home directory creation process• Perform Novell® Storage Manager Manage Operations• Run Final Consistency Checks and Anomaly Reports• Configure Quota Manager Help Desk Interface
© Novell, Inc. All rights reserved.40
Global Statistics
© Novell, Inc. All rights reserved.41
Anomaly ReportsOrphaned Home Directory Candidates
© Novell, Inc. All rights reserved.42
Getting Existing Storage ManagedConsistency Check Report
© Novell, Inc. All rights reserved.43
Getting Existing Storage ManagedConsistency Check Report
© Novell, Inc. All rights reserved.44
Create Policy and Bring StorageInto Compliance
© Novell, Inc. All rights reserved.45
Final Report – 100% Compliance
Quota Management
© Novell, Inc. All rights reserved.47
Quota Management Rules
© Novell, Inc. All rights reserved.48
Preserve Quota on Move andImport Settings
© Novell, Inc. All rights reserved.49
Quota Manager Help Desk Interface
© Novell, Inc. All rights reserved.50
Quota Manager Help Desk Interface
Group-based CollaborativeStorage Policies
© Novell, Inc. All rights reserved.52
Policy DefinitionsUser Home Directory Attributes
DeleteWait
…
Template
Rights
Quota
Paths
OES Linux
NetWare
Home Directory
© Novell, Inc. All rights reserved.53
Policy DefinitionsGroup Home Directory Attribute
DeleteWait
…
Template
Rights
Quota
Paths
DeleteWait
…
Template
Rights
Quota
Paths
OES Linux
NetWare
Home DirectorycccFSFactoryHomedir
© Novell, Inc. All rights reserved.54
Identity-Driven Collaborative StoragePolicy Association
Algorithm: Random Balance (Path)Rights:Quota: 500 MBTemplate: SERV1/VOL1:ProjectFilesDelWait: Never
Policy TargetFile Systems
ATLANTA
ENG SALESPROJECTS
SERV1/VOL1:ProjectFiles
Assign Policy to Projects Container
© Novell, Inc. All rights reserved.55
Identity-Driven Collaborative StorageCreate Group Event
Algorithm: Random Balance (Path)Rights:Quota: 500 MBTemplate: SERV1/VOL1:ProjectFilesDelWait: Never
Policy TargetFile Systems
ATLANTA
ENG SALESPROJECTS
Create ProjectGroup Project
SERV1/VOL1:ProjectFiles
Assign Policy to Projects Container
© Novell, Inc. All rights reserved.56
Identity-Driven Collaborative StorageApply Policy Settings
Algorithm: Random Balance (Path)Rights:Quota: 500 MBTemplate: SERV1/VOL1:ProjectFilesDelWait: Never
Policy TargetFile Systems
ATLANTA
ENG SALESPROJECTS
Create ProjectGroup Project
SERV1/VOL1:ProjectFiles
ATL-Project Automatically Create Project Storage
ATL-Project
500MB
Rights Quota
Copy Group Storage Template Files
© Novell, Inc. All rights reserved.57
Novell® Storage Manager Monitors the Group Member and Owner Attributes
EWilliamson.ENG.HQ.CORPJHill.ENG.HQ.CORPKBates.ENG.HQ.CORPLPickens.ENG.HQ.CORPPHamby.ENG.HQ.CORPRDonalds.ENG.HQ.CORPSHolmes.ENG.HQ.CORPTHerlong.ENG.HQ.CORP
SHolmes.ENG.HQ.CORPTHerlong.ENG.HQ.CORP
Members Owners
+
Assign Members and Owners to the Project Group
© Novell, Inc. All rights reserved.58
Provision Shared Storage andAssign Rights
ProjectMembers
Manager
RightsQuota
Novell® Storage Manager automatically provisions storage and assigns file system rights for project managers and team members
Group Storage PolicyConfiguration Steps
© Novell, Inc. All rights reserved.60
1. Create 3 eDirectory™ Objects
Create eDirectory
Objects
© Novell, Inc. All rights reserved.61
2. Create Novell® Storage Manager Storage File Template
Create File Template
SYS:\FACTORY\SAMPLE TEMPLATES
© Novell, Inc. All rights reserved.62
3. Assign Rights to Storage File Template
AssignRights to
Directories
Rights
© Novell, Inc. All rights reserved.63
4. Create Novell® Storage Manager Group Storage Policy and Associate with Projects Container
© Novell, Inc. All rights reserved.64
5. Create eDirectory™ Group ObjectATL-PROJECTCreate Group
Object
© Novell, Inc. All rights reserved.65
Novell® Storage Manager Copies Template and Assigns Rights
© Novell, Inc. All rights reserved.66
6. Assign Owners and Membersto Group
EWilliamson.ENG.HQ.CORPJHill.ENG.HQ.CORPKBates.ENG.HQ.CORPLPickens.ENG.HQ.CORPPHamby.ENG.HQ.CORPRDonalds.ENG.HQ.CORPSHolmes.ENG.HQ.CORPTHerlong.ENG.HQ.CORP
SHolmes.ENG.HQ.CORPTHerlong.ENG.HQ.CORP
Members Owners
+
© Novell, Inc. All rights reserved.67
Provision Shared Storage and Assign Rights Based on Group Owner and Membership
Novell® Storage Manager automatically provisions storage and assigns file system rights for project managers and team members
RightsQuota
Team Members
Project Managers
© Novell, Inc. All rights reserved.68
Provision Class Storage and Assign Rights Based on Group Owner and Membership
RightsQuota
Novell® Storage Manager automatically provisions storage and assigns file system rights for instructors and students
Instructor
Students
© Novell, Inc. All rights reserved.69
Dynamic Template Processing
© Novell, Inc. All rights reserved.70
Dynamic Template Processing
Hide Folders FromEnd Users View
© Novell, Inc. All rights reserved.71
Sample TemplatesSYS:\FACTORY Directory
© Novell, Inc. All rights reserved.72
Vault on Delete Rules
© Novell, Inc. All rights reserved.73
Migrate Collaborative Storage
© Novell, Inc. All rights reserved.74
Backfill Multiple Groups
Auxiliary Storage Policies
© Novell, Inc. All rights reserved.76
Expanding the Scope of Managed User Storage• Novell® Storage Manager 2.0 has limited scope of
managing one piece of storage per user (the Home Directory)
• Many customers have a need to manage multiple pieces of storage per user
• Workarounds include using the -member- processing in collaborative storage policies or scripts
• A new methodology: linking the primary home directory policy to auxiliary policies
• Seperate and independent policy rules (rights, quota, templates, cleanup, grooming, vaulting)
© Novell, Inc. All rights reserved.77
Auxiliary Storage Management Examples• Application folder managed by IT department
• HR folder created for each employee
• Student Records Folder (Portfolio)
• Terminal Services profile folder for each employee
© Novell, Inc. All rights reserved.78
Auxiliary Storage Policies
ATL-Primary APPS-AUX
HR-AUX
ATL LONHQ
CORP
LON-Primary APPS-AUX
© Novell, Inc. All rights reserved.79
Auxiliary Storage Policies
ATL-Primary APPS-AUX
HR-AUX
ATL LONHQ
CORP
LON-Primary APPS-AUX
© Novell, Inc. All rights reserved.80
Provision Auxiliary Storage
SKNIGHT
ATL-Primary APPS-AUX
HR-AUX
ATL LONHQ
CORP
LON-Primary APPS-AUX
© Novell, Inc. All rights reserved.81
APPS-AUX
Provision Auxiliary Storage
Read Only Access
No Access
SKNIGHT
ATL-Primary APPS-AUX
HR-AUX
ATL LONHQ
CORP
LON-Primary APPS-AUX
© Novell, Inc. All rights reserved.82
Life Cycle Management – Move User
Read Only Access
ATL-Primary APPS-AUX
HR-AUX
ATL LONHQ
CORP
LON-Primary APPS-AUX
SKNIGHT
© Novell, Inc. All rights reserved.83
Life Cycle Management – Move User
Read Only Access
ATL LONHQ
CORP
ATL-Primary APPS-AUX
HR-AUX
LON-Primary APPS-AUX
SKNIGHT
© Novell, Inc. All rights reserved.84
Life Cycle Management – Move User
Read Only Access
ATL LONHQ
CORP
ATL-Primary APPS-AUX
HR-AUX
LON-Primary APPS-AUX
SKNIGHT
© Novell, Inc. All rights reserved.85
Deprovision Auxiliary Storage
Read Only Access
Vault
DeleteATL LONHQ
CORP
ATL-Primary APPS-AUX
HR-AUX
LON-Primary APPS-AUX
SKNIGHTX
© Novell, Inc. All rights reserved.86
Deprovision Auxiliary Storage
Delete
ATL LONHQ
CORP
ATL-Primary APPS-AUX
HR-AUX
LON-Primary APPS-AUX
© Novell, Inc. All rights reserved.87
Deprovision Auxiliary Storage
Vault
ATL LONHQ
CORP
ATL-Primary APPS-AUX
HR-AUX
LON-Primary APPS-AUX
© Novell, Inc. All rights reserved.88
Linking User Storage Policies
DE
PrimaryPolicy
Apps Aux HR Aux
StorageTemplate Target Storage
Template Target
StorageTemplate
Target
The primarypolicy manages
the HomeDirectory
By linking AUXpolicies to theprimary policy,Novell® Storage
Manager can managemultiple pieces ofstorage per user
Multi-valuedAttribute added toeach user object
There is nopractical limit tothe number oflinked policies
© Novell, Inc. All rights reserved.89
AUX Policy Naming
DE
DEPRI
AppsAux
HRAux
StorageTemplate
StorageTemplate
StorageTemplate
Auxiliary Policies are named accordingto their function
© Novell, Inc. All rights reserved.90
Location Storage
DE
Jan
DEPRI
AppsAux
HRAux
StorageTemplate
StorageTemplate
StorageTemplate
Home Directory
AuxillaryStorage(Multi-Valued)
A multi-valued attribute named AuxiliaryStorage is added to the user and points to
the individual user directory in eachauxiliary storage location
© Novell, Inc. All rights reserved.91
Application of Linked Policies
DE
Jan
DEPRI
AppsAux
HRAux
Jan
Jan
Jan
StorageTemplate
StorageTemplate
StorageTemplate
Home Directory
AuxillaryStorage(Multi-Valued)
When a user's home directory is provisioned,each piece of auxiliary storage is provisioned
If a user is renamed or deleted, each piece ofauxiliary storage is renamed or cleaned up
according to the individual policy
© Novell, Inc. All rights reserved.92
Policy Change
DE
Jan
DEPRI
AppsAux
HRAux
Jan
Jan
Jan
StorageTemplate
StorageTemplate
StorageTemplate
UK
UKPRI
TSAux
AppsAux
Jan
Jan
Jan
StorageTemplate
StorageTemplate
StorageTemplate
Home Directory
AuxillaryStorage(Multi-Valued)
© Novell, Inc. All rights reserved.93
AUXMAP
• New command to use the auxiliary storage catalog on the user to allow drive mapping to the storage associated with a policy
• Located in the Components folder
User_Apps
JanAUXMAP ROOT K:=Apps-Aux
Disaster Recovery Management
© Novell, Inc. All rights reserved.95
Defining DR
PersonalDisaster
GlobalDisaster
• Volume Failures• SAN Failures• Data Center Failures
• Misplaced Files• Overwritten Files• Accidentally Deleted
Files
© Novell, Inc. All rights reserved.96
DR Challenges
Recovery from global disasters is intellectually simple
• Volume23 was corrupted at 16:21 on May 12, 2008
• Use the latest backup to recover the data
Recovery from personal disasters is intellectually challenging• Bob says some of his files are gone• Thinks he saw them a few months ago … Not sure• Uncertainty ensues...• Where are Bob's files located on the network?• Where were they last week? Last month?
© Novell, Inc. All rights reserved.97
Migration and DR Challenges
Administrators at all sitesmigrate and restructure
storage
Backups operate withoutregard to data users and
do not provide identity-baseddata-based recording
Without manual processes,no record exists of where aparticular object's data waslocated at any point in time
eDirectory™
Active Directory Admin
Server65
Server37
May 12Move
May 1Access
June 1Access
© Novell, Inc. All rights reserved.98
Storage Location Tracking
Server41
DataRights*Quota*
???
DirectoryServices
Important toUsers•Locate, Access,Share
Important toAdministrators•DR•Management
Directory servicescontains pointes to abasic set of storage
locations
Used by user to locateand access storage
locations
Used by administratorsto determine storagelocation information in
personal disastersituations
Can become corrupt orlost in global disaster
situations
Management of thesepointers is outside thescope of many backup
solutions
© Novell, Inc. All rights reserved.99
Novell® Storage Manager and DR
• Policy engine manages storage and Directory Services pointers to storage
• Extends directory services to hold an unlimited number of storage locations per object
• Maintains a catalog of all managed storage locations and associated information
• Provides post-data-recovery tools that use the catalog
NSM
✔ Restore quota information in the File System
✔ Restore storage locationpointers in DS
✔ Restore trustee rights inthe File System
DirectoryServices
DirectoryServices
Backup
© Novell, Inc. All rights reserved.100
Solving the Timeline DR Problem
NSM
NSMCatalog
Server65
Server37
May 1Access
June 1Access
May 12Move
Backup Admin
NSM NSMCatalog
NSM managesdata storages
based on identityand maintains
locationinformation in the
catalog
NSM catalogextended to
maintainhistorical
information
Historicalinformation iscategorized by
purpose
Administratorscan retrieve atimeline-based
data mapdetailing storagelocations for data
by purpose
Appropriatebackup can beeasily located
Storage Redistribution(Novell® Storage Manager 2.5 SP1)
© Novell, Inc. All rights reserved.102
Novell® Storage Manager polices allow distribution of directories across multiple storage locationsDistribution algorithm is defined in the policy
Background
SanFransisco Munich
AcmeServer37
Server42
Server65
MUN-Policy
© Novell, Inc. All rights reserved.103
Problem Statement
Over time, storagedistribution may needadjustment
There are a number ofreasons that adjustmentsmay be necessary
© Novell, Inc. All rights reserved.104
Additional paths added to the policy
Distribution Adjustment Reason #1
SanFransisco Munich
AcmeServer37
Server42
Server65
MUN-Policy
Server68
© Novell, Inc. All rights reserved.105
Change in the underlying disk subsystem for existing paths
Disk is added or removedOther storage on the target volumes freed or used
Distribution Adjustment Reason #2
SanFransisco Munich
AcmeServer37
Server42
Server65
MUN-Policy
© Novell, Inc. All rights reserved.106
Data and/or storage usage characteristics are not uniform
Distribution Adjustment Reason #3
SanFransisco Munich
AcmeServer37
Server42
Server65
MUN-Policy
© Novell, Inc. All rights reserved.107
Redistribution Criteria
Redistribution may be needed according to various criteria:
Number of directorieswithin a given path
Data size of all directorieswithin a given path
Quota-based commitment for alldirectories within a given path
© Novell, Inc. All rights reserved.108
Redistribution Criteria Targeting
Administratorallowed to specifyapproximate target
distributionaccording to
percentages on apath-by-path basis
Path Current Target
S65/Vol1:Users 55%
S37/Share:Users 21%
S21/Vol1:UHome 10%
S15/V1:Users 14%
20%
40%
20%
20%
© Novell, Inc. All rights reserved.109
NSMAdmin
1. Engine collects size/quota data for all policy related storage nightly via the janitor process
2. Novell® Storage Manager Admin uses relevant data for storage managed by a given policy
3. Allows the admin to direct redistribution according to criteria and see the approximate effects prior to triggering any data movement
4. Admin issues redistribution operations to the Engine as discrete tasks on the event queue
Methodology
IntendedAction List
3
DirectorySize and
Quota Data
NSMEngine
JanitorProcess
1
Identity Policy
Request Data for a Policy
2Return Object/Path/Size/QuotaData
Issue Move Op Commands
4
© Novell, Inc. All rights reserved.110
Results are Approximate
Data size and quota commitment informationis based on most recent janitor scan
Physical volume sizes may prohibitreaching requested redistribution goals
Network is fluid while operations are calculatedand conducted – user data changes by the second
Best results obtained by performing redistribution operations soon after a janitor scan during periods of low network usage
© Novell, Inc. All rights reserved.111
Redistribution is a Policy Operation
© Novell, Inc. All rights reserved.112
Criteria Selection
Select primarycriteria for
redistribution
Data Size
Dir Count Commit
© Novell, Inc. All rights reserved.113
Perform calculationsand show projections
Targeting and Calculations
Enter targetpercentages
Show calculatedoperations next
© Novell, Inc. All rights reserved.114
Preliminary Results Review
Submit operationsto the engine
Individually selecttargets
Individually enable/disabletarget operations
Novell® Storage ManagerAction Object
© Novell, Inc. All rights reserved.116
Maybe Policy is Not Enough
• Taking action outside of the Novell® Storage Manager canned policy construct
• Work with events and objects that are not connected to NSM Policies
• Insert approval processes through workflow
• Drive file system actions through the IDM Driver paradigm
• Provide exception based access to storage locations
© Novell, Inc. All rights reserved.117
Action Object Facts
• Provides a type of application programming interface (API) for use with Novell® Storage Manager
• An object in eDirectory™ that represents a single file system event, such as creating a directory or setting file system rights on a specified target path
• Used to manage file system related tasks outside the normal Novell Storage Manager policy construct
• May be created by any process, application, or API that can manage extended object classes and attributes in eDirectory
– Examples include iManager, ConsoleOne®, LDIF andNovell Identity Manager
© Novell, Inc. All rights reserved.118
Relationship Begins
Provision Shared Storage Basedon Role
Provisioning
Move Locations Change Roles
Forgot Password
Password Expires
Password Management
Relationship Ends
De-provisioning
Access Resources
Access Management
Single Sign-on
Marketing Share
Sales Dept
Role-based Entitlement
Marketing Role
© Novell, Inc. All rights reserved.119
Relationship Begins
Provision Shared Storage Basedon Role
Provisioning
Move Locations Change Roles
Forgot Password
Password Expires
Password Management
Relationship Ends
De-provisioning
Access Resources
Access Management
Single Sign-on
Marketing Share
Sales Dept
Role-based Entitlement
Marketing Role
© Novell, Inc. All rights reserved.120
Relationship Begins
Exception Based AccessProvisioning
Move Locations Change Roles
Forgot Password
Password Expires
Password Management
Relationship Ends
De-provisioning
Workflow Entitlement
Access Resources
Access Management
Single Sign-on
Sales Dept Access Request
Marketing Share
Sales Dept
Role-based Entitlement
Marketing Role
Exception Based Access
© Novell, Inc. All rights reserved.121
Relationship Begins
Exception Based AccessProvisioning
Move Locations Change Roles
Forgot Password
Password Expires
Password Management
Relationship Ends
De-provisioning
Workflow Entitlement
Access Resources
Access Management
Single Sign-on
Approval
Sales Dept Access Request
Marketing Share
Sales Dept
Role-based Entitlement
Marketing Role
Exception Based Access
© Novell, Inc. All rights reserved.122
Relationship Begins
Exception Based AccessProvisioning
Move Locations Change Roles
Forgot Password
Password Expires
Password Management
Relationship Ends
De-provisioning
Workflow Entitlement
Access Resources
Access Management
Single Sign-on
Approval
Sales Dept Access Request
NSM Provisions Access to Sales Dept Secure Folder
Marketing Share
Sales Dept
Role-based Entitlement
Marketing Role
Exception Based Access
© Novell, Inc. All rights reserved.123
Choosing a Command/Control InterfaceConsidered:
– SOAP or Web Services– Local System API– RPC-Based API– Others
Most IDM developers know how to work with Directory Services
So, let’s use eDirectory™ as the interface ActionObjects
© Novell, Inc. All rights reserved.124
Novell® Storage Manager Action Object Schema AttributesOperationOptionsPath1Path2Execute TimeExecute OptionsAssociationControlStatusResultCleanupChain_StartChain_Next
MkDirCopyDirRemoveDirSetQuotaRemoveQuotaSetTrusteeCopyTrusteeSetAttrRename…
Each Action Object performs one discrete file system operation
© Novell, Inc. All rights reserved.125
Set Trustee Attributes
© Novell, Inc. All rights reserved.126
Novell® Storage Manager Action Object Operations
© Novell, Inc. All rights reserved.127
Action Object Securityand Performance
Even monitor watches for Action Objects
Subsystem must be enabled in the engine
Eligible container(s) must be configured
Security checks done against the object creator
Work is done under the guidance of the engine
© Novell, Inc. All rights reserved.128
Overview
11
1
2
3 33
LDAP/LDIF
iManager
Identity ManagerRole Based Provisioning
Workflow
NSM DirectoryEvent Monitor
NSM Engine
CCTEC-TREE
o=org
ou=usersou=actions
TrusteeAssignments
QuotaManagement
Folder CreationFolder Copy
© Novell, Inc. All rights reserved.129
Role-based Provisioning
Role Based
Storage Manager
IDM
Workflow Based
Identity Manager Entitlement
HR System
Workflow Entitlement
Marketing Role
Role-based Provisioning (RBP)
© Novell, Inc. All rights reserved.130
Role-based Provisioning
Role Based
Storage Manager
IDM
Workflow Based
Identity Manager Entitlement
HR System
Workflow Entitlement
Marketing Department
Role-based Provisioning (RBP)
Marketing Role
© Novell, Inc. All rights reserved.131
Role-based ProvisioningIdentity Manager Entitlement
Marketing Department
Workflow Entitlement
Role-based Provisioning (RBP)
NSM Storage Policy
Marketing Role
Role Based
Storage Manager
IDM
Workflow Based
HR System
© Novell, Inc. All rights reserved.132
Role-based ProvisioningIdentity Manager Entitlement
Marketing Share
Workflow Entitlement
Role-based Provisioning (RBP)
NSM Storage Policy
Marketing Department
Marketing Role
Role Based
Storage Manager
IDM
Workflow Based
HR System
© Novell, Inc. All rights reserved.133
Workflow EntitlementsIdentity Manager Entitlement
Workflow Entitlement
Marketing Share
Role-based Provisioning (RBP)
Marketing Department
Marketing Role
Role Based
Storage Manager
IDM
Workflow Based
HR System
© Novell, Inc. All rights reserved.134
Workflow Entitlements
Workflow Entitlement
Identity Manager Entitlement
Marketing Share
Sales Dept Access Request
Role-based Provisioning (RBP)
Marketing Department
Marketing Role
Role Based
Storage Manager
IDM
Workflow Based
HR System
© Novell, Inc. All rights reserved.135
Workflow Entitlements
Workflow Entitlement
Identity Manager Entitlement
Marketing Share
Sales Dept Access Request
Approval
Role-based Provisioning (RBP)
Marketing Department
Marketing Role
Role Based
Storage Manager
IDM
Workflow Based
HR System
© Novell, Inc. All rights reserved.136
Workflow EntitlementsIdentity Manager Entitlement
Marketing Share
Sales Dept Access Request
Workflow Entitlement
Approval
Role-based Provisioning (RBP)
Marketing Department
Marketing Role
NSM Action Object
Operation: SetTrusteePath: (Folder Path)Option: RFTarget: bob.lon.corp
Trigger:
Role Based
Storage Manager
IDM
Workflow Based
HR System
© Novell, Inc. All rights reserved.137
Workflow EntitlementsIdentity Manager Entitlement
NSM Action Object
Marketing Share
Sales Dept Access Request
Workflow Entitlement
Approval
Role-based Provisioning (RBP)
Marketing Department
Marketing Role
Operation: SetTrusteePath: (Folder Path)Option: RFTarget: bob.lon.corp
Trigger: READY
Set Trigger Attribute
Role Based
Storage Manager
IDM
Workflow Based
HR System
© Novell, Inc. All rights reserved.138
Workflow EntitlementsIdentity Manager Entitlement
Marketing Share
Sales Dept Access Request
Workflow Entitlement
Approval
Provision Read & File Scan access to Sales Dept Secure Folder
Role-based Provisioning (RBP)
Marketing Department
Marketing Role
NSM Action Object
Role Based
Storage Manager
IDM
Workflow Based
HR System
© Novell, Inc. All rights reserved.139
Workflow EntitlementsIdentity Manager Entitlement
Marketing Share
Sales Dept Access Request
Workflow Entitlement
Approval
Completion Status
Role-based Provisioning (RBP)
Provision Read Only Access to Sales Dept Secure Folder
Marketing Department
Marketing Role
NSM Action Object
Role Based
Storage Manager
IDM
Workflow Based
HR System
© Novell, Inc. All rights reserved.140
Workflow EntitlementsIdentity Manager Entitlement
Marketing Share
Workflow Entitlement
Approval
Notification to User
Completion Status
Sales Dept Access
Role-based Provisioning (RBP)
Provision Read Only Access to Sales Dept Secure Folder
Marketing Department
Marketing Role
NSM Action Object
Role Based
Storage Manager
IDM
Workflow Based
HR System
Upgrading fromNovell® Storage Manager 2.0
© Novell, Inc. All rights reserved.142
Novell® Storage Manager 2.5Engine Platform
NetWareNetWareNSM 2.0 Engine
FSFENGIN.NL,M NSM 2.5 EngineNSMENGIN.NL,M
• NetWare® 6.5 SP7 or later
© Novell, Inc. All rights reserved.143
Novell® Sentinel™ to Novell Storage Manager 2.5 Agent Platform
NSMAGENT.NL,M
NetWare OESLinux
NSM 2.5 Agent
NetWareNSM 2.0 SentinelFSFEVENT.NL,M
• NetWare® 6.5 SP7 or later
• Open Enterprise Server 2 Linux SP1 or later
Server Requirements
© Novell, Inc. All rights reserved.144
Novell® Storage Manager 2.5Agent Requirements
NetWare OESLinux
NSM 2.5 Agent
• NetWare® – Novell Storage Services™ / Traditional
• Open Enterprise Server NetWare – NSS / Traditional
• OES 2 – NSS• OES 2 – EXT3• OES 2 - Reiser
Managed Storage
• NetWare 6.5 / OES-NetWare SP7 or later
• OES 2 Linux SP1 or later
Server Requirements
© Novell, Inc. All rights reserved.145
Event Monitoring Platform
Novell® Storage Manager 2.5 Event Monitor
LDAP Event Monitor
OESLinux
LDAP Event Monitor
OESLinux
NetWare
NetWare
NSM 2.0 Event MonitorFSFEVENT.NL,M
NSMEVENT.NL,M
© Novell, Inc. All rights reserved.146
Novell® Storage Manager 2.5 Event Monitoring Requirements
• SUSE® Linux EnterpriseServer 10 SP1 or later
• Open Enterprise Server 2Linux or later
• eDirectory™ 8.7.3.10 or later• eDirectory 8.8 SP2 or later
OESLinux
NSM 2.5 Event Monitor
OESLinux
NSM 2.5 Event Monitor
NetWare
NSM 2.5 Event Monitor
• NetWare 6.5 SP5 or later
• eDirectory 8.7.3.9 or later• eDirectory 8.8 SP2 or later
© Novell, Inc. All rights reserved.147
UpgradeMore Stuff You Need to Know
• All communications between Engine, Event and Agents converted from NCP™ to XML/HTTPS
• Engine volcache gets rebuilt on upgrade • Schema extended for new policy attributes• Agent now does template copy, vaulting and grooming operations• Agent configured on engine server off loads engine• Need a new License.dat file - http://www.storagemgr.com• STOP creating any user and group objects in eDirectory™
• Make sure eDirectory is healthy and in sync• If moving the engine to another server or volume, do this either
before or after the upgrade– http://www.storagemgr.com/nsm/content/support/faqs
© Novell, Inc. All rights reserved.148
Upgrade Check Lists – Page 9Complete Novell® Storage Manager 2.5 Training or install on lab system to get familiar with new management interface and features prior to upgrading
Document the server and path where the current NSM 2.0 Engine is running
Obtain a new NSM 2.5 Production License (Trial or Production)http://www.storagemgr.com
Using NSMAdmin, select Admin Dashboard | Utilities | dumpconfig•Print and document current NSM 2.0 configuration •Document current Sentinel, Proxy Sentinels and Event servers•Document any work that needs to be completed by the engine
Verify that the NSM 2.0 Engine server meets NSM 2.5 requirements of NetWare® 6.5 SP7 or later
Verify that the servers that have the Event service enabled meet NSM 2.5 requirements. Document any that don’t and that will not be upgraded.•NetWare 6.5 SP5 or later •eDirectory™ 8.7.9 or later•eDirectory 8.8 SP2 or later
Verify that the servers that have the Sentinel service enabled meet the NSM 2.5 Agent requirements of NetWare 6.5 SP7 or later
Any NetWare servers that have the NSM 2.0 Sentinel enabled that do not meet the SP7 requirement will have to either be upgraded to SP7 or you will need to configure an Proxy Agent for them.
Notes
© Novell, Inc. All rights reserved.149
Upgrade Check ListsVerify that any OES Linux servers that are targeted for the Novell® Storage Manager Linux Agent have been upgraded to Open Enterprise Server 2 Linux SP1 minimum.
Document any OES 2 Linux SP1 servers that currently have a Proxy Agent configured that you plan to install the NSM Agent on.
Verify that any OES Linux or Linux servers that are targeted for the NSM Event service meet the following requirements OES 2 Linux
• Server Installation - OES 2 Linux or later• Monitored Replicas - eDirectory 8.7.3.10 or later• Monitored Replicas at eDirectory 8.8 SP2 or later
SUSE® Linux Enterprise Server 10 •Server Installation- SLES 10 SP1 or later•Monitored Replicas - eDirectory™ 8.7.3.10 or later•Monitored Replicas at eDirectory 8.8 SP2 or later
Run NSMAdmin 2.0 and complete the following•Clean up pending events that need to process. •Remove all Sentinels that will not be upgraded•Remove any Event servers that will not be upgrade
Install .NET 3.5 on the NSM Management workstation
Make a backup copy of the current NSM 2.0 Installation folder
Perform eDirectory Health Check - Timesync and Partition Sync
Make sure no one is creating or moving user objects in eDirectory. If Collaborative policies are configured, make sure group objects are not getting created until after the upgrade.
Complete the following steps just prior to starting the upgrade
Notes
© Novell, Inc. All rights reserved.150
Product Web Pagehttp://www.novell.com/storagemanger
© Novell, Inc. All rights reserved.151
Novell® Storage Manager SupportWeb Site
http://www.storagemgr.com
Unpublished Work of Novell, Inc. All Rights Reserved.This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc. Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.
General DisclaimerThis document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for Novell products remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.