If you have an established eDirectory infrastructure, most people who support Macs as well are interested in reusing that infrastructure. If you follow Cool Solutions, you will see several postings on how to do this on your own, using the posix (RFC2037) schema 'stuff'.
![]()
Once you have such a system and in place and automated it works just fine.Of course, the problem is that in order to use a network drive as a home directory, and ultimately to share it with your Windows users' home directories, you need to maintain the reference to the home directory location in two places:. The eDirectory attribute on the user, HOMEDIRECTORY that is referenceable in the login script. In the posix extensions, for AFP users or SMB usersThese two locations are in no way linked or connected.
Novell Kanaka for Mac Podcasts Jan 2014 Provided By Novell The best way to integrate Mac workstations into the users' enterprise network. Kanaka gives the users' single log-in functionality to.
So if you need to move a user's home directory to a different location, then you need to change it in two places. Again, if you have this automated, it's not really an issue. But automating this step is a bit more tricky.If you use a product like Novell's File System Factory, which is a wonderful tool for home directory management, (look for a review of this product coming soon), then moving a user's home directory needs extra work.Kanaka SolutionCondrey Consulting makes a number of products for use in Novell environments, and for Macintosh users with eDirectory trees, they have a product called Kanaka.Kanaka consists of two parts.
First, there is a single NLM running on one server per tree (although you probably want to pick two servers at least, for redundancy). The second component is an Open Directory plugin that you install on each target Macintosh computer.ConfigurationConfiguration is two-fold; once per tree on the server side, and once per client.Client-Side ConfigurationOn the client side,1. Install the provided DMG file. You can do this from a direct mount of the sys:kanaka volume, from a copy provided otherwise, or by downloading from the Kanaka web interface at:2. Open Directory Access from Macintosh HD: Applications: Utilities, and you'll see an option for Kanaka.3.
Click to configure, and then provide a URL to the Kanaka interface, usually in the form of. If you decide on two or more servers for redundancy and fault tolerance, then enter the second one on the next line, and so on.Figure 1 - Kanaka interfaceYou should not have to reboot, but of course, if it only takes a moment or two, go ahead and do that.Client-Side ConfigurationServer-side takes a little more thought. You need to deploy the KanakSC.NLM file and some associated file structure to a server that can be AFP- or SMB-mounted by your clients. There is an unforeseen consequence here: AFP/SMB from Novell, as part of the Native File Access Pack, basically needs a replica (master or read/write) on the local server to allow authentication. The server hosting KanakaSC.NLM, according to the manual, requires the ability to mount the SYS (or potentially you could move it elsewhere) volume to be mountable over AFP/SMB for proxy directories.
There is a cute trick that can work around this, under some circumstances. That trick in a moment.1. Install the server-side component by running the Win32 installer executable which is how Kanaka is distributed.The authors comment that in order to administer a Netware server at this moment in time, you require a Windows workstation. (iManager does not count, because several snap-ins require Internet Explorer, which is only on Windows.) Therefore, they might as well distribute the package in this manner. This is hard to argue with, even if a slightly different format choice would be helpful.2. Once KanakaSC.NLM is running on your server, connect to it via the Novell Remote Manager (NoRM) interface at and authenticate as appropriate to your config.3.
![]()
At the bottom, click the Kanaka option, which takes you to the Kanaka main interface.4. Run the Config Wizard, which asks you to do a couple of simple tasks: extend the schema, install a license file, (you can request a 30 day demo file at this point), create a proxy user, set the login search contexts, and assign AFP names to NSS volumes.Kanaka MagicThe last step is the trickiest and most important, and in some ways, where Kanaka performs its most sublime tasks.
The problem is that the name format for an AFP volume under OS X is of the type, afp://server.ip.address/volumeName. But eDirectory stores volumes as.SERVERVOL.context.ou.o, and there is no link in eDirectory between the volume name and the AFP volume name. Worse still, imagine a cluster volume, whose name has changed to.CLUSTERRESOURCEVOL.context.ou.o - or far worse, where the admin has renamed the AFP volume. NFAP allows an admin to edit the sys:etcafpvol.cfg file and rename the 'ugly' default volume name in AFP of SERVER.VOL to something 'prettier' like PrettyVolumeNameForStudents. This decision is basically completely arbitrary, and it is stored on each server in a file in the file system - not in eDirectory.Figure 2 - Volume listKanaka's magic, which solves the 'home directory stored in two places' problem, is to translate one name to the other. When you extended the schema you added an attribute called cccKanakaAFPVolumeName, which is an attribute of the Volume class. When you use the Kanaka web interface to assign a value, Kanaka walks the tree, searches for all Volume objects and presents them in a list.
You then select each volume you care about and give it a valid AFP name, IP name of the server, and whatever the volume name is set to for AFP.Users with widely distributed trees have complained that this task is a pain, if you have hundreds of volumes, but that is a fairly rare case. Usually it is only a small handful of volumes to be mapped, and it only has to be done once. For those with large numbers, choose your tool (LDAP/LDIF, JRB Tools, third party attribute manipulator), export the volume list yourself, load it into an editor, make all the changes, then push them out to the cccKanakaAFPVolumeName attrib. The syntax is easy to get (set one, retrieve it with your toolset, and then look at it).Once the volumes names are properly mapped, when a user logs in, the Open Directory plugin on the Mac asks the KanakaSC NLM on the server for your info.
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the. Certain versions of content ('Material') accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company.
As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.
Micro Focus has released an update to its popular macOS access software-Micro Focus Kanaka for Mac 3.0. Provides Mac macOS users automated single login access to NetIQ eDirectory storage resources through flexible login options. The Kanaka Plug-in component allows users to simultaneously log in to macOS and mount storage resources through a single username and password. The Kanaka Desktop Client allows users to access network storage resources after they have logged in as a local user to macOS.Rebranded InterfaceThis is the first Kanaka for Mac version to implement the Micro Focus branding elements. These are most apparent in the login, management, and installation interfaces. In some cases, the names of files and folders have changed to reflect the new product name.Rebranded Micro Focus Kanaka for Mac login interface.Support for macOS SierraWhen Apple introduced macOS Sierra in September 2016, the new operating system included a bug that prevented the Kanaka Plug-in from automatically mounting storage resources without prompting the user for their username and password. Apple fixed the bug in the new release of.Updated Product DocumentationThe has been thoroughly reviewed and updated with new information on generating certificates and upgrading from version 2.x.How to Get Kanaka for Mac 3.0Micro Focus Kanaka for Mac is available for download through the or through the.
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the. Certain versions of content ('Material') accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.
![]() Comments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
March 2023
Categories |