Educause Security Discussion mailing list archives
Re: Justifying the move from Novell to AD
From: John Kaftan <jkaftan () UTICA EDU>
Date: Wed, 4 Nov 2009 10:53:44 -0500
Please keep this conversation online as we are in the process of migrating as well and I would like to know what we are up against. Our drivers to move away from Novell: Cost - We are paying big bucks each year for a campus agreement with Novell. Our campus agreement with Microsoft includes the Office suite as well as server CALs. Microsoft per server licensing is basically free ($89 per copy for standard, something like $250 for Enterprise). Security - This may seem contrary to common perception but we already have SUN LDAP, we have to have AD to manage our growing MS server farm, and Novell = too complex. The more simple a system is the easier it is to keep secure. Integration - Ditto what others have said. Skillset - It is getting tougher and tougher to find staff and support that know Novell well. Collaboration - We were finding that most other colleges have made the change. It is tougher to collaborate when you are off on your own. Ageing Hardware - Our Novell system is running on EOL servers. We need to rebuild the system anyway so now is a good time to change. Client - Issues with the Novell client adding another layer of complexity (printing via Vista Client, and issues with MACs and Novell). I think that is about it. John Kaftan Infrastructure Manager Utica College -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Eoin Dunne Sent: Wednesday, November 04, 2009 7:50 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Justifying the move from Novell to AD Hello Tom, This thread is of interest to me as our Institute is mostly AD with a few pockets of Novell, the reason being difficulties in migrating Apple Macs to AD. Examples of this would include issues with mapping shares, file caching and errors when users moved between Mac and Windows desktops. If anyone has overcome issues such as these I would appreciate a follow-up discussion (off-line if appropriate) Many thanks, Eoin. -- Eoin Dunne IT Support Manager, Information Services Department, Dublin Institute of Technology, Kevin Street, Dublin 8, Ireland. Tel: +353-1-4024604 (direct line) Email: eoin.dunne () dit ie -----Original Message----- From: Tom Jackson [mailto:tom.jackson () UNCP EDU] Sent: 04 November 2009 03:17 Subject: Re: Justifying the move from Novell to AD We had much the same drivers and situation with Novell and just finished an 18 month migration. Additional drivers where difficultly in finding consultants and staff who could work with eDirectory compared to those who could work with AD, comparative ease of implementing desktop controls via group policies with AD, and the ability to sync Apple's Open Directory with AD. We hope to eventually leverage Open Directory to push out desktop controls for our Mac users. We used Novell's Identity Management solution to sync eDirectory and AD during our migration. This included bi-directional password synchronization. It generally worked, but it did crash from on occasion. We did have a couple of issues with Identity Manager. Accounts that were in the process of syncing into AD when Identity Manager crashed were never completely set up, and events that occurred while Identity Manager was down were never captured and sent to AD. Cheers, Tom Jackson Associate Chief Information Officer/Chief Technology Officer University of North Carolina at Pembroke Pembroke, NC 28372 tom.jackson () uncp edu | 910 775-4355 | 910 775-4333 (fax) ________________________________________ From: The EDUCAUSE Security Constituent Group Listserv [SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Hugh Burley [Hburley () TRU CA] Sent: Tuesday, November 03, 2009 4:47 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Justifying the move from Novell to AD Hi Christopher, We have made the decision to introduce AD here concurrently with Novell, once we find a way to have E-directory update AD. We will probably move away from Novell over the next couple/few years. The primary business driver is the inability to easily integrate many enterprise solutions with E-Directory. A second issue has been the continued decline in Novell's customer base. This second issue is almost self fulfilling as we and other Universities rush to not be the last Institution to have Novell. A third driver for us is the move away from in-house email solutions at some future date. Example of problems: -When we rolled out Eduroam ( https://wiki.bc.net/atl-conf/display/CANEDUROAM/Home ) the Novell radius service was a pain to try and get working. We did getting it working though. -Our Anti-virus solution integrates with AD by default but required effort to sort of integrate with E-Directory. Reports remain less than what I was hoping for. -When reviewing other enterprise solutions vendors almost always integrate with AD and we always have to ask if they could integrate with Novell. The answer almost always is "we can use LDAP with some reduced functionality". - VMWare View which we are evaluating for thin client access integrate with AD. -Our Windows desktop profiles are not integrated with Novell. -Novell Certified Professionals are increasingly hard to find. Some positive things to say about Novell: - Novell servers are very secure. - Our network shares and printing currently work very well. - Novell has an excellent Identity Management suite. - Novell has collaboration technologies that are stable and can be effective. Regards,
Christopher Jones <Christopher.Jones () UFV CA> 03/11/2009 10:03 am >>>
We're in the process of planning a migration from Novell to AD. We currently are building a business case for implementing AD. For those of you who have recently completed a Novell to AD migration, I would appreciate any information/documentation you may have used to support the decision, particularly from a security and TCO standpoint. Thanks. Christopher Jones IT Security Administrator University of the Fraser Valley This message has been scanned for content and viruses by the DIT Information Services E-Mail Scanning Service, and is believed to be clean. http://www.dit.ie
Current thread:
- Justifying the move from Novell to AD Christopher Jones (Nov 03)
- <Possible follow-ups>
- Re: Justifying the move from Novell to AD Sarazen, Daniel (Nov 03)
- Re: Justifying the move from Novell to AD David Lancaster (Nov 03)
- Re: Justifying the move from Novell to AD Mark Rogowski (Nov 03)
- Re: Justifying the move from Novell to AD Kevin Wilcox (Nov 03)
- Re: Justifying the move from Novell to AD Matthew Gracie (Nov 03)
- Re: Justifying the move from Novell to AD Hugh Burley (Nov 03)
- Re: Justifying the move from Novell to AD Timothy Payne (Nov 03)
- Re: Justifying the move from Novell to AD Tom Jackson (Nov 03)
- Re: Justifying the move from Novell to AD Eoin Dunne (Nov 04)
- Re: Justifying the move from Novell to AD John Kaftan (Nov 04)
- Justifying the move from Novell to AD Christopher Jones (Nov 04)
- Re: Justifying the move from Novell to AD Justin Dover (Nov 04)
- Re: Justifying the move from Novell to AD Dexter Caldwell (Nov 04)
- Re: Justifying the move from Novell to AD Dergenski, Todd A. (Nov 05)
- Re: Justifying the move from Novell to AD Christopher Jones (Nov 05)