home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
OS/2 Shareware BBS: 16 Announce
/
16-Announce.zip
/
296078.zip
/
296078.ANN
Wrap
Text File
|
1996-03-12
|
18KB
|
402 lines
Preview: IBM Directory and Security Server for OS/2 Warp, Version 4 Part of the IBM Software Server Series
Announced on March 12, 1996
Software Announcement 296078
In Brief . . .
IBM Directory and Security Server for OS/2 Warp, Version 4 will
enhance and extend IBM LAN Server, Version 4.0 and IBM OS/2 Warp
Server, Version 4 by providing:
o Industry-leading file/print/application server services combined
with open, industry-standard, distributed services
o Simplified administration of distributed resources through an
extension of the award-winning LAN Server, Version 4.0 GUI
(awarded to IBM by LAN Magazine)
o Single sign-on to IBM LAN Server, OS/2 Warp Server, and DCE
networks
o Consistent view of time across the LAN/WAN
o Increased scalability
o Improved network security through DCE Access Control Lists (ACLs)
o Internationalization
o Foundation for open distributed application development
o Distributed Services layer of Open Blueprint(TM), IBM's commitment
to open distributed computing
o Client services for DFS
o DCE administration and application development tools
----------------------------------------
The IBM Directory and Security Server for OS/2(R)Warp, Version 4
(DSS) will be part of the IBM Software Server series, IBM's family of
modular application servers.
These servers will enable you to rapidly implement client/server
applications by using modular server technology that will support
multiple server and client platforms. For an overview of the IBM
Software Servers, referto Software Announcement 296-071, dated
March 12, 1996.
DSS will deliver two major functions:
o A robust implementation of the Open Software Foundation (OSF)
Distributed Computing Environment (DCE) Version 1.1
o An enhancement to IBM OS/2 LAN Server, Version 4.0 and IBM OS/2
Warp Server, Version 4 enterprise-level facilities with the
addition of File and Print Sharing Services
DSS with LAN Server, Version 4.0 or OS/2 Warp Server will allow file,
print, and application sharing across an enterprise. DSS will be
structured to allow LAN Server, Version 4.0 and OS/2 Warp Server
DCE-enabled File and Print Sharing Services in DSS to be installed,
along with the required DCE directory and security components, in one
simple operation. IBM is also planning to let customers who want to
install only the DCE server components of DSS to do so on servers
containing the base operating system from OS/2 Warp Server.
The LAN Server, Version 4.0 and OS/2 Warp Server DCE-enabled File
and Print Sharing Services in DSS that exploit these DCE components
can be installed on LAN Server, Version 4.0 and OS/2 Warp Server
domain controllers. They can be installed optionally on additional
servers to allow unchanged LAN Server, Version 4.0 and OS/2 Warp
Server clients and additional servers to use the DCE global directory
and security services.
DSS will include a powerful new set of multiple client services that
will use OS/2 Warp Server client function to access LAN Server,
Version 4.0, OS/2 Warp Server File and Print Sharing Services, and
DCE client function to access DCE services. This set of services
includes a rich GUI administration tool that can administer existing
LAN Server, Version 4.0 domains, DCE cells, and DSS cells.
In addition to the DSS base product, IBM also intends to offer the
DCE Client including DFS as a separately orderable product.
Previews provide insight into IBM plans and direction. General
availability, final product content, prices, ordering information,
and terms and conditions will be provided when the product is
announced.
(R) Registered trademark of International Business Machines
Corporation in the United States or other countries or both.
(TM) Trademark of International Business Machines Corporation in the
United States or other countries or both.
Other trademarks and registered trademarks are the properties
of their respective owners.
DESCRIPTION
IBM Software Servers
The family of modular application servers, known as IBM Software
Servers, enable you to rapidly implement client/server applications,
and extend application capabilities to meet future business
requirements.
To meet today's need for software that is easy to install, use, and
operate while working with existing systems, IBM has taken proven
software technology and enhanced it with additional function,
integrated packaging, and simpler terms and conditions.
The IBM Software Servers are:
o Communications Server
o Database Server
o Preview: IBM Directory and Security Server
o Internet Connection Server
o SystemView(R) Server
o Transaction Server
o Lotus Notes
Together, these servers represent the widest range of application
servers in the industry. For announcement materials related to the
other server products, refer to Overview: IBM Software Servers,
Software Announcement 296-071, dated March 12, 1996.
Directory and Security Server
IBM Directory and Security Server for OS/2 Warp, Version 4 includes
the following components:
o DCE Security Server
o DCE Directory Server
o DSS Client
o DCE-enabled File and Print Sharing Services
o DCE Client including DFS
o DSS Tools
The IBM Directory and Security Server for OS/2 Warp, Version 4 is
part of the IBM Software Server family. The DSS will deliver a
powerful set of distributed computing services that can help large
and small enterprises move to a distributed, network-centric
computing environment. These services can be used to install a
"pure" DCE network on OS/2 Warp Server, which can interoperate with
OSF DCE-compliant components on a variety of platforms, including
mainframes, mini-computers, workstations, and PCs.
DSS will extend IBM LAN Server and IBM OS/2 Warp Server networks from
the workgroup to a distributed environment using DCE's robust
directory and security services. The IBM LAN Server integration will
be accomplished by installing the DCE-enabled File and Print Sharing
Services on top of OS/2 Warp Server or LAN Server, Version 4.0 plus
OS/2 Warp.
DSS interoperates with other DCE-compliant applications and systems.
Since its introduction in 1992, DCE has garnered broad support from
system vendors, applications and tools vendors, and major companies
in the industry. One of the primary reasons for its broad acceptance
is the assurance that applications or tools developed to the DCE
interface standards will work the same, regardless of systems
platform. This lets you be more confident that your investment will
be protected, and for software vendors, the ability to broaden their
reach to new markets, and to minimize the porting effort to move the
applications to new platforms.
DSS will allow existing IBM LAN Server and OS/2 Warp Server clients
to take advantage of DCE services with no changes to the clients.
The Directory and Security Server will help deliver an environment
with a single-user definition and single sign-on, and is designed to
strengthen the administrative control of existing IBM LAN Server and
OS/2 Warp Server networks.
IBM emphasizes protecting your investments by allowing existing IBM
LAN Server and OS/2 Warp Server clients to perform some level of
administration. The amount of administration that can be performed
by such existing clients depends on the level of the client, for
example, LAN Server, Version 3.x clients will be able to change
their own password. LAN Server, Version 4.x and OS/2 Warp Server
clients will be able to administer their own logon assignments,
private applications, and application selector lists. All other
administration in a DSS network must be done by a DSS client.
DSS will deliver an implementation of OSF DCE 1.1 on OS/2 Warp Server
that will interoperate with any other OSF DCE-compatible
implementation of DCE on any platform using supported transport
protocols. New OSF DCE 1.1 function that will be available in DSS
will include extended registry attributes for easy integration with
existing client/server applications.
DCE's powerful directory and security services, industry-standard
remote procedure call, and DFS client will all be available in DSS.
In addition, DSS will add a GUI administration tool that will allow
DCE to be administered with the same ease as that provided by the
award-winning LAN Server, Version 4.0 administration GUI.
DSS will help extend the reach of OS/2 Warp Server into the
distributed networking environment. It will allow OS/2 Warp Server
users on unchanged, existing OS/2 Warp Server and IBM LAN Server
clients to access remote servers anywhere in the DSS cell via the DCE
directory services. Using a single identity and a single sign-on,
users on clients supported by LAN Server, Version 3.x, or later, or
OS/2 Warp Server will be able to access resources on any domain in
the cell without the need to keep userids and passwords in sync
across multiple domains.
Users of DSS clients will be able to seamlessly access resources in
any cell using end-to-end Kerberos security. The workload of OS/Warp
Server administrators will be reduced because they only have to
administer a single identity for each user rather than an identity in
each domain. It will not be necessary for the administrator to set
up a trust relationship between domains for a user at an existing IBM
LAN Server client to access resources in another domain in the cell.
DSS will provide rigorous protection for your LAN/WAN with Kerberos
security and is specifically designed to protect users/resources
across WANs by:
o Never allowing passwords to flow between client and server
o Supporting multiple levels of Data Encryption Specification (DES)
and Commercial Data Masking Facility (CDMF) algorithm
(cryptography) for DCE applications
DSS will work with what you have today protecting your IBM LAN Server
and your OS/2 Warp Server investments.
DCE Security Server: The DCE Security Server will provide the
following services:
o Authentication Service -- enables two processes on different
machines to be certain of each other's identity.
o Privilege Server -- once identity has been established, the
following checks are made:
- Is the user authorized to access a resource?
- What permissions are required, and does the user have those
permissions?
Authentication and authorization are generally invoked for the
user through use of Authenticated RPC.
o Access Control List (ACL) Facility -- ACLs are lists of users
authorized to access a given resource. An ACL API allows
programmers to manipulate ACLs, and the acl_edit command allows
users to modify ACLs associated with resources that they own, to
whom (user/group) access is granted and what specific permissions
are given.
o Login Facility -- initializes a user's DCE security environment by
authenticating the user to the Security Service by means of the
user's password and then returning security credentials that will
authenticate the user to the required distributed services.
o Security Replication -- enables the Primary Registry Database to
be replicated to one or more Secondary Registry Databases.
o GSSAPI Extensions -- GSSAPI extensions are a set of APIs that
provide non-RPC applications the ability to use the DCE security
authentication protocol. The GSSAPI can be used to establish
credentials or extract Extended Privilege Attribute Certificates
(EPAC) for a non-RPC application.
o Extended Registry Attributes (ERA) -- this expands the static
registry attributes of Principal, Group, and Account to a dynamic
set of registry attributes that can be customized to a cell.
DCE Directory Server: The Directory Server (DS) will store names and
attributes of resources located in a DCE cell. It is optimized for
local access and will be comprised of the following parts:
o Server -- runs on nodes containing a database of directory
information (called a Clearinghouse) and responds to queries from
clients by accessing the database.
o Clerk -- runs on client nodes (a DS can also be a client to
another DS) and serves as an intermediary between client
applications and the DS. The clerk also maintains a cache of
directory information for his client.
o Programming Interfaces -- DS can be accessed indirectly through
the RPC Name Service Independent (NSI) or directly through the
X/Open Directory Service (XDS) API.
Directory and Security Server (DSS) Client: The DSS Client will
provide you with a drag and drop GUI to administer your distributed
network resources. This GUI is an extension of the IBM LAN Server
Version 4.0 administration GUI. It includes support for
administration of existing IBM LAN Server and OS/2 Warp Server
domains, DSS cells, and DCE cells, all in a single administration
interface.
File and Print Sharing Services: DSS will deliver DCE-enabled File
and Print Sharing Services. These services must be installed on IBM
LAN Server, Version 4.0 or IBM OS/2 Warp Server domain controllers.
It can optionally be installed on IBM LAN Server, Version 4.0 and
IBM OS/2 Warp Server additional servers to allow IBM LAN Server,
Version 4.0 and IBM OS/2 Warp Server clients and servers to use the
directory and security information in the DCE directory and security
databases.
DCE Client including Distributed File Systems (DFS): The DCE Client
including DFS will allow users to share files stored in a network of
computers without knowing the physical location of the files.
The DCE Client including DFS will provide local access to data on
remote DFS servers. Access to the DFS file space is provided to DSS
users and applications in a manner that is as natural as possible.
An object-oriented, SOM(TM)-based GUI for administration of DFS will
provide defaults for all DFS Client configuration options, but you
can use the DFS GUI to tune the DFS Client for optimal performance in
your environment. Information about DFS aggregates, filesets, and
mount points can be viewed or changed. The GUI can also be used to
modify DCE ACLs in the DFS namespace.
In addition to being a component of the base Directory and Security
product, the DCE Client, including DFS, will also be offered as a
separately orderable product.
The following DCE-base client services will also be included:
o Client Configuration Runtime
o Client Security Runtime
o Client Cell Directory Services Runtime
o Client Time Services Runtime
o Client RPC Runtime
o Client Time Zones
o Client Administration Runtime
DSS Tools: DSS Tools will contain a collection of administration and
application development tools, along with examples. Included will
be:
o DCE Interface Definition Language (IDL) compiler
o Symbols and Message Strings (sams) utility
o Diagnostic tools
o Examples
DSS has been designed to work with other IBM software servers or to
work in a stand-alone environment. As your business needs grow, you
can add other IBM Software Servers to complement your product line
such as:
o Communications Server
- Provides workstation access to other workstations, as well as
access to S/390(R) and AS/400(R) hosts with a powerful gateway
and Peer-to-Peer Networking support over SNA and TCP/IP
networks.
o Database Server
- Based on industry-standard SQL relational database technology,
the Database Server is scalable from the LAN database
client/server environment to powerful, multiprocessor systems
for businesses requiring large, highly available databases.
o Internet Connection Server
- Provides World Wide Web access to the Internet and allows
customers to provide information to their customers by creating
a presence on the Internet. The Internet Server is a key
component of IBM's Network Centric Computing strategy.
o SystemView Server
- Provides the tools necessary to manage small- to medium-sized
workgroups as well as growing enterprises. The Systemview
Server also provides functions that allow the LAN resources to
be managed from an enterprise-wide management focal point, such
as SystemView for MVS(R).
o Transaction Server
- Based on robust, proven CICS(TM) and Encina technology, the
Transaction Server builds upon the services provided by the
other IBM Software Servers to provide a powerful environment
for the development, execution, and management of
business-critical client/server applications.
o Lotus Notes
- Provides integrated client/server messaging and business
process applications to enable communication with colleagues,
collaboration in teams, and coordination of strategic business
processes. Lotus Notes is also a key component of IBM's
Network Centric Computing Strategy.
Version 4 of the IBM Software Servers were validated to work together
through IBM integration testing to run on top of IBM OS/2 Warp
Server Version 4. The testing included short and long runs under
stressed environments. IBM Directory and Security Server for
OS/2 Warp, Version 4 will undergo this same validation.