home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
OS/2 Shareware BBS: 16 Announce
/
16-Announce.zip
/
296273.zip
/
296273.ANN
Wrap
Text File
|
1996-07-31
|
62KB
|
1,552 lines
IBM Directory and Security Server for OS/2 Warp, Version 4 and DCE/DFS Client for OS/2 Warp, Version 4
Announced on July 30, 1996
Software Announcement 296273
At a Glance
IBM Directory and Security Server for OS/2 Warp, Version 4 enhances
and extends OS/2 LAN Server, Version 4.0, and OS/2 Warp Server,
Version 4 by providing:
o Industry-leading file/print/application server services combined
with open, industry-standard, distributed services
o Simplified administration of distributed resources through an
extension of the award-winning OS/2 LAN Server, Version 4.0 GUI
o Single signon to OS/2 LAN Server, Version 4.0 and OS/2 Warp
Server, Version 4 and DCE networks
o Consistent view of time across the LAN/WAN
o Increased scalability
o Improved network security through DCE Access Control Lists (ACLs)
o Internationalization
o Foundation for open distributed application development
o Distributed Services layer of Open Blueprint(TM), IBM's commitment
to open distributed computing
o Client services for DFS
o Directory and Security Server administration and application
development tools
o DCE Client Including DFS offered as a separately orderable product
for customers in heterogeneous environments
-----------------------------------------
For ordering, contact:
Your IBM representative, an IBM Authorized
Business Partner, or IBM DIRECT at
800-IBM-CALL Reference: SE005
Overview
The IBM Directory and Security Server for OS/2(R) Warp, Version 4 is
now added to the IBM Software Server series. These software servers
enable you to rapidly implement client/server applications by using
modular server technology that supports multiple server and client
platforms.
Directory and Security Server delivers two major functions:
o An enhancement to IBM OS/2 LAN Server, Version 4.0 and OS/2 Warp
Server, Version 4 enterprise level facilities with the addition of
File and Print Sharing Services
o An implementation of the Open Software Foundation (OSF)
Distributed Computing Environment (DCE) Version 1.1
Directory and Security Server is based on DCE Version 1.1 from the
OSF. It easily interoperates and integrates with other products,
regardless of vendor or platform, that comply with OSF/DCE V1.1.
Directory and Security Server with OS/2 LAN Server, Version 4.0 or
OS/2 Warp Server, Version 4 allows file, print, and application
sharing across an enterprise. Directory and Security Server is
structured to allow OS/2 LAN Server, Version 4.0 and OS/2 Warp
Server, Version 4 DCE-enabled File and Print Sharing Services in
Directory and Security Server to be installed, along with the
required DCE directory and security components, in one simple
operation. Also, if you want, you can install only the DCE server
components of Directory and Security Server on OS/2 Warp Server,
Version 4 or OS/2 LAN Server, Version 4.0 on any version of
OS/2 Warp.
Directory and Security Server lets you consolidate all of your
OS/2 LAN Server, Version 4.0 and OS/2 Warp Server, Version 4 networks
into a single network. In other words, Directory and Security Server
greatly reduces administrator workload by allowing administrators to
manage a single "cell" instead of multiple "domains". Network
administrators can now manage every user and every resource across an
enterprise-wide network from a single workstation.
End users will appreciate being able to easily access any resource in
any domain in the Directory and Security Server cell. End users will
be able to access any file or printer or application in any domain
(provided they are authorized to use that resource) with a single
signon.
In addition to being components of Directory and Security Server, the
DCE Client and the Distributed File System (DFS) Client are offered
in a separately orderable product, DCE Client Including DFS for
OS/2 Warp, Version 4, for customers who have AIX(R) or third-party
DCE Servers and want to include DCE Clients and DFS Clients on
OS/2 Warp in their distributed computing environments.
Intended Customers
Customers interested in the distributed computing functions of
directory, security, and remote procedure calls (RPC) including:
o Enterprise file and print customers
o UNIX(1) networking customers
o Cross platform customers
Key Prerequisites
Hardware -- An Intel-based processor model 80486, or higher, with a
minimum Processor speed of 33MHz for all components except the
Directory and Security Server Client (Full/Admin), which requires a
66MHz Processor speed.
Software -- OS/2 Warp Server, Version 4 with latest FixPack or
OS/2 LAN Server 4.0 with OS/2 Warp with latest FixPack
Planned Availability Date
July 31, 1996
DESCRIPTION
Directory and Security Server
IBM is pleased to be adding the Directory and Security Server for
OS/2 Warp, Version 4 to the IBM Software Server series.
Directory and Security Server includes the following components that
can each be installed on the same or different computers:
o DCE Security Server
o DCE Directory Server
o Directory and Security Server Client
o DCE-enabled File and Print Sharing Services
o DCE Client
o DFS Client
o Directory and Security Server Tools
Directory and Security Server delivers an implementation of OSF DCE
1.1 on OS/2 Warp Server, Version 4 that interoperates with any other
OSF DCE-compatible implementation of DCE on any platform using
supported transport protocols. New OSF DCE 1.1 function available in
Directory and Security Server includes extended registry attributes
for easy integration with existing client-server applications.
IBM Directory and Security Server, Version 4 interoperates with other
DCE-compliant applications and systems. Since its introduction in
1992, DCE has garnered broad support in the industry from system
vendors, applications and tools vendors, and from major companies in
the industry. One of the primary reasons for its broad acceptance is
the assurance that applications or tools developed to the DCE
interface standards will work the same, regardless of systems
platform. This lets you be more confident that your investment will
be protected, and for software vendors, the ability to broaden their
reach to new markets, and to minimize the porting effort to move the
applications to new platforms.
Directory and Security Server allows existing OS/2 LAN Server and
OS/2 Warp Server, Version 4 clients to take advantage of DCE services
with no changes to the clients. Directory and Security Server helps
deliver an environment with a single user definition and single
signon, and is designed to strengthen the administrative control of
existing OS/2 LAN Server and OS/2 Warp Server, Version 4 networks.
IBM emphasizes protecting your investments by allowing existing IBM
LAN Server and OS/2 Warp Server clients to perform some level of
administration. The amount of administration that can be performed
by such existing clients depends upon the level of the client, for
example, IBM LAN Server, Version 3.x clients are able to change
their own password. IBM LAN Server, Version 4.x and OS/2 Warp
Server clients are able to also administer their own logon
assignments, private applications, and application selector lists.
All other administration in a Directory and Security Server network
must be done by a Directory and Security Server client.
Directory and Security Server works with what you have today, thereby
protecting your OS/2 LAN Server and your OS/2 Warp Server
investments.
In addition, Directory and Security Server adds a GUI administration
tool, which allows DCE to be administered with the same ease as that
provided by the award-winning OS/2 LAN Server, Version 4.0
administration GUI.
Directory and Security Server helps to extend the reach of OS/2 Warp
Server, Version 4 into the distributed networking environment, and
allows OS/2 Warp Server, Version 4 users on unchanged, existing
OS/2 Warp Server, Version 4 and OS/2 LAN Server clients to access
remote servers anywhere in the Directory and Security Server cell via
the DCE directory services. Using a single identity and a single
signon, users on clients supported by OS/2 LAN Server, Version 3.x,
and later, or OS/2 Warp Server can access resources on any domain in
the cell without the need to keep user IDs and passwords in sync
across multiple domains.
Users of Directory and Security Server clients can seamlessly access
resources in any cell using end-to-end Kerberos security. The
workload of OS/2 Warp Server, Version 4 administrators is reduced
because they only have to administer a single identity for each user
rather than an identity in each domain. It is no longer necessary
for the administrator to set up a trust relationship between domains
in order for a user at an existing OS/2 LAN Server client to access
resources in another domain in the cell.
Directory and Security Server provides some of the most rigorous
protection available for your LAN/WAN with Kerberos security and is
specifically designed to protect users/resources across WANs by:
o Never allowing passwords to flow between client and server
o Supporting multiple levels of Data Encryption Specification (DES)
and Commercial Data Masking Facility (CDMF) algorithm
(cryptography) for DCE applications
With more and more commerce being transacted electronically, the
security capability of DCE provides an environment for secure
transaction of information. This level of security is pertinent to
all industries but is especially important to financial businesses.
DCE provides two types of data protection:
o Data Integrity -- protects information from modification as it is
sent across the network.
o Data Privacy -- protects information from modification and
disclosure as it is sent across the network.
DCE has two mechanisms for data privacy:
o Data Encryption Standard (DES)
This cryptographic function is implemented in software only. The
DES facility is also designed for applications requiring
application data encryption; however, there are stringent U.S.
Department of Commerce regulations that restrict distribution
outside the United States.
o CDMF
The CDMF provides support for the encryption of DCE application
data and is available in both DES and CDMF versions. It allows
information to be protected on a worldwide, enterprise-wide basis.
This cryptographic function is specially designed for use in
machines for banking or money transactions, or its equipment for
the encryption of inter-banking transactions, and it is intended
for use in such applications. This cryptographic function is also
under the jurisdiction of the U.S. Department of Commerce;
however, there are no market limitations.
The CDMF versions of the DCE products are being made available on a
worldwide basis. The DES versions are being made available only in
the U.S. and Canada. For further information contact your local
export regulation coordinator (ERC) or export regulation executive
(ERE).
DCE Security Server
The DCE Security Server provides the following services:
o Authentication Service -- enables two processes on different
machines to be certain of each other's identity.
o Privilege Server -- once identity has been established, the
following checks are made:
- Is the user authorized to access a resource?
- What permissions are required, and does the user have those
permissions?
Authentication and authorization are generally invoked for the
user through use of Authenticated RPC.
o Access Control List Facility (ACL) -- ACLs are lists of users who
are authorized to access a given resource. An ACL API allows
programmers to manipulate ACLs, and a command line interface
allows users to modify ACLs associated with resources that they
own, to whom (user/group) access is granted, and what specific
permissions are given.
o Login Facility -- initializes a user's DCE security environment by
authenticating the user to the Security Service by means of the
user's password and then returning security credentials that
authenticate the user to the required distributed services.
o Security Replication -- enables the Primary Registry Database to
be replicated to one or more Secondary Registry Databases.
o GSSAPI Extensions -- GSSAPI extensions are a set of APIs that
provide non-RPC applications the ability to use the DCE security
authentication protocol. The GSSAPI can be used to establish
credentials or extract Extended Privilege Attribute Certificates
(EPAC) for a non-RPC application.
o Extended Registry Attributes (ERA) -- This expands the static
registry attributes of Principal, Group, and Account to a dynamic
set of registry attributes that can be customized to a cell.
DCE Directory Server
The Directory Server (DS) stores names and attributes of resources
located in a DCE cell. It is optimized for local access and is
comprised of the following parts:
o Server -- runs on nodes containing a database of directory
information (called a Clearinghouse) and responds to queries from
clients by accessing the database.
o Clerk -- runs on client nodes (a DS can also be a client to
another DS) and serves as an intermediary between client
applications and the DS. The clerk also maintains a cache of
directory information for his client.
o Programming Interfaces -- DS can be accessed indirectly through
the RPC Name Service Independent (NSI) or directly through the
X/Open Directory Service (XDS) API.
Directory and Security Server Client
The Directory and Security Server Client provides you with a
drag-and-drop GUI to administer your distributed network resources.
This GUI is an extension of the OS/2 LAN Server, Version 4.0
administration GUI. It includes support for administration of
existing OS/2 LAN Server and OS/2 Warp Server domains, Directory and
Security Server cells, and DCE cells all in a single administration
interface.
DCE-enabled File and Print Sharing Services
Directory and Security Server delivers DCE-enabled File and Print
Sharing Services. These services increase the scalability of
OS/2 LAN Server and OS/2 Warp Server by allowing administrators to
consolidate multiple OS/2 LAN Server domains into a single Directory
and Security Server cell. This increases the number of resources
that can be accessed from an OS/2 LAN Server or OS/2 Warp Server
client with a single ID, simplifying password and ID administration.
In addition, the fact that user and resource information is now
stored in the Directory and Security Server registry and directory,
removes architectural restrictions imposed by the OS/2 LAN Server
Security Database (net.acc) and Domain Control Database (DCDB) files.
In order to simplify administration and allow for an easy migration
from the current OS/2 LAN Server domain environment, Directory and
Security Server introduces the concept of resource domains. Resource
domains allow resource administration to be divided into subsets that
can correspond to an OS/2 LAN Server or OS/2 Warp Server domain.
These subsets can have a hierarchical administrative relationship
that effectively allows hierarchical management of the OS/2 LAN
Server or OS/2 Warp Server resources in a network.
Directory and Security Server also supports utilities to restructure
the resource domain tree. These utilities include:
o Merge resource domains -- merges two existing resource domains
into one.
o Move resource domain -- moves a resource domain from one branch of
the tree to another.
o Move server -- moves a server from one resource to another.
Directory and Security Server supports unchanged OS/2 LAN Server or
OS/2 Warp Server additional servers in the Directory and Security
Server resource domain by synchronizing the directory and security
information in the Directory and Security Server databases with the
information in the net.acc and DCDB files used by unchanged
additional servers. When information such as a user or group
identification is changed in the Directory and Security Server
directory and registry database, the information is propagated to the
net.acc and DCDB for any resource domains that are affected by the
change and which contain unchanged additional servers. The
administrator can select on an individual resource domain basis
whether this synchronization should occur. Unchanged clients
communicate with Directory and Security Server domain controllers and
additional servers in the same manner that they communicate with
OS/2 LAN Server and OS/2 Warp Server servers. When these clients
perform operations such as login that require communication with the
Directory and Security Server directory and security services, the
Directory and Security Server domain controller performs that
communication on their behalf.
These services must be installed on OS/2 LAN Server, Version 4.0 or
OS/2 Warp Server, Version 4 domain controllers and can optionally be
installed on OS/2 LAN Server, Version 4.0 and OS/2 Warp Server,
Version 4 additional servers to allow OS/2 LAN Server, Version 4.0
and OS/2 Warp Server, Version 4 clients and servers to use the
directory and security information in the DCE directory and security
databases.
DCE Client and DFS Client
The DCE Client and the DFS Client allow users to share files stored
in a network of computers without knowing the physical location of
the files.
The DCE Client and DFS Client provide local access to data on remote
DFS servers. Access to the DFS file space is provided to Directory
and Security Server users and applications in a manner that is as
natural as possible.
An object-oriented SOM(TM)-based GUI for administration of DFS
provides defaults for all DFS Client configuration options, but you
can use the DFS GUI to tune the DFS Client for optimal performance in
your environment. Information about DFS aggregates, filesets, and
mount points can be viewed or changed. The GUI can also be used to
modify DCE ACLs in the DFS namespace.
In addition to being components of Directory and Security Server, the
DCE and DFS clients are offered in a separately orderable product,
Distributed Computing Environment Client Including Distributed File
System for OS/2 Warp, Version 4, (DCE Client Including DFS) for
customers who have AIX or third-party DCE servers and want to include
OS/2 Warp DCE and DFS clients in their distributed computing
environments.
The following DCE base client services are included in Directory and
Security Server and in DCE Client Including DFS:
o Client Configuration Runtime
o Client Security Runtime
o Client Cell Directory Services Runtime
o Client Time Services Runtime
o Client RPC Runtime
o Client Administration Runtime
Directory and Security Server Tools
Directory and Security Server Tools contains a collection of
administration and application development tools, along with
examples. Included are:
o DCE Interface Definition Language (IDL) compiler
o Symbols and Message Strings (SAMS) utility
o Diagnostic tools
o Examples
Use-Based Charging Structure
Directory and Security Server contains use-based features (UBFs) that
are subject to separate use-based charges. You must acquire one UBF
for each registered user (user ID) registered to use or access
certain portions of this product. One UBF will be included with each
Directory and Security Server for OS/2 Warp, Version 4 and for each
Directory and Security Server for OS/2 Warp, Version 4 Additional
License. Registered users are defined as a user ID listed in the
Directory and Security Server Registry Database.
If you are using a third party's product for your Directory and
Security Server Registry Database, you must acquire one UBF for each
user ID listed in that registry as a result of having installed
Directory and Security Server.
If a user ID is listed in the Directory and Security Server Registry
Database and in a third-party database, then only one UBF per user ID
is required for an enterprise.
When you purchase the separately orderable DCE Client Including DFS
for OS/2 Warp, Version 4, you are entitled to access the Directory
and Security Server for OS/2 Warp, Version 4 Server without
purchasing a UBF.
Number of user IDs in the Directory and Security Server Registry
Database can be monitored through the Account Folder accessed through
the Directory and Security Server Client or through the DCE Client.
IBM Software Servers
On March 12, 1996, IBM announced a family of modular application
servers, known as IBM Software Servers. These servers enable
customers to rapidly implement client/server applications, and extend
application capabilities to meet future business requirements.
To meet today's need for software that is easy to install, use, and
operate while working with existing systems, IBM has taken proven
software technology and enhanced it with additional function,
integrated packaging, and simpler terms and conditions.
The IBM Software Servers announced were:
o IBM Communications Server
o IBM Database Server
o Preview: IBM Directory and Security Server
o IBM Internet Connection Server
o SystemView(R) Server
o IBM Transaction Server
o Lotus Notes
Together, these servers represent the widest range of application
servers in the industry. For announcement materials related to the
other server products not covered in this announcement, refer to the
Overview: IBM Software Servers, Software Announcement 296-071, dated
March 12, 1996.
Directory and Security Server for OS/2 Warp, Version 4 has been
designed to work with other IBM Software Servers or to work in a
stand-alone environment. As your business needs grow, you can add
other IBM Software Servers to complement your product line such as:
o Communications Server
- Provides workstation access to other workstations as well as
access to S/390(R) and AS/400(R) hosts with a powerful gateway
and peer-to-peer networking support over SNA and TCP/IP
networks.
o Database Server
- Based on industry-standard SQL relational database technology,
the Database Server is scalable from the LAN database
client/server environment to powerful multiprocessor systems
for businesses requiring large, highly available databases.
o Internet Connection Server
- Provides WWW access to the Internet and allows customers to
provide information to their customers by creating a presence
on the Internet. The Internet Server is a key component of
IBM's network computing strategy.
o SystemView Server
- Provides the tools necessary to manage small to medium-sized
workgroups and growing enterprises. The SystemView Server also
provides functions that allow the LAN resources to be managed
from an enterprise-wide management focal point, such as
SystemView for MVS(R).
o Transaction Server
- Based on robust, proven CICS(TM) and Encina technology, the
Transaction Server builds upon the services provided by the
other IBM Software Servers to provide a powerful environment
for the development, execution, and management of
business-critical client/server applications.
o Lotus Notes
- Provides integrated client/server messaging and business
process applications to enable communication with colleagues,
collaboration in teams, and coordination of strategic business
processes. Lotus Notes is also a key component of IBM's
network computing strategy.
Directory and Security Server for OS/2 Warp, Version 4 and Version 4
of the IBM Software Servers were certified to work together through
integration testing to run on top of OS/2 Warp Server, Version 4.
The testing included short and long runs under stressed environments.
Open Blueprint: The Directory and Security Server for OS/2 Warp,
Version 4 provides a single consistent source for resolving names and
locations of resources to achieve a single-system image and enable
access to all resources in the distributed system. Its
implementation is consistent with the Directory and Naming function
described in Open Blueprint. To facilitate open, distributed,
multivendor interoperability, it provides the:
o Directory Service industry-standard interface from X/Open
o Object Manager industry-standard interface from X/Open
and supports the:
o Cell Directory Service industry-standard protocol from X/Open
o X.500 industry-standard protocol from the International
Organization for Standardization (ISO)
o Domain Name Service industry-standard protocol from the Internet
Engineering Task Force (IETF)
The Directory and Security Server for OS/2 Warp provides the
capability to identify and authenticate users and control their
access to resources. Its implementation is consistent with the
Security function described in Open Blueprint. To facilitate open,
distributed, multivendor interoperability, the Transaction Server
provides the:
o DCE Security Registry (SEC_RGY) industry-standard interface from
the OSF
o Generalized Security Services Application Program Interface
(GSSAPI) industry-standard interface from the IETF/OSF
o DCE Security Access Control List (SEC_ACL) industry-standard
interface from the OSF
and supports the:
o DCE Registry industry-standard protocol from the OSF
o Kerberos industry-standard protocol from Massachusetts Institute
of Technology (MIT)/OSF
o DCE Access Control Lists (ACLs) industry-standard protocol from
the OSF
Directory and Security Server for OS/2 Warp, Version 4 provides the
ability to maintain knowledge of the time of day and to synchronize
system clocks. Its implementation is consistent with the Time
function described in IBM's Open Blueprint. It provides the DCE
Distributed Time Service (DTS) industry-standard interface from
X/Open and supports the DCE DTS industry-standard protocol from
X/Open to facilitate open, distributed, multivendor interoperability.
PUBLICATIONS
The following publication is shipped in hardcopy as part of the
Directory and Security Server for OS/2 Warp, Version 4 program
package:
Form
Title Number
Directory and Security Server
for OS/2 Warp, Version 4
Up and Running! S28H-0137
The Up and Running! publication provides a step-by-step procedure
using default settings to enable the user to get started with the
product.
The following publications can be purchased in hard-copy by
contacting your IBM representative. They are also provided in
soft-copy on the product CD-ROM.
Order
Title Number
Directory and Security Server
LAN Programmer's Guide S28H-0130
Directory and Security Server for
OS/2 Warp, Version 4 Up and Running! S28H-0137
The following IBM Redbook publications can be purchased in hard-copy
by contacting your IBM representative:
Order
Title Number
Inside the Directory and Security
Server for OS/2 Warp SG24-4785
Understanding OSF DCE 1.1 for
AIX and OS/2 Warp SG24-4616
Displayable Softcopy Publications: The following Directory and
Security Server publications are provided in softcopy on the product
CD-ROM in the following format:
o Information Presentation Facility (IPF) (filetype .INF)
Directory and Security Server Softcopy Publications
o Directory and Security Server Up and Running
o Directory and Security Server Administrator's Reference
o Directory and Security Server Command and Utilities
o Directory and Security Server Client User's Guide
o Directory and Security Server Problem Determination
o Directory and Security Server Trademarks
o Directory and Security Server Programming Guide and Reference
o MPTS Configuration Guide
o MPTS Sockets Programming Reference
The following DCE publications are provided in softcopy on the
product CD-ROM in two formats:
o IPF (filetype .INF)
o PostScript (filetype .PS)
DCE Softcopy Publications
o Getting Started
o Administration Guide
o Administration Commands Reference
o Application Development Reference
o Application Development Guide -- Introduction and Style
o Application Development Guide -- Core
o Application Development Guide -- Directory Services
o DFS Client Guide and Reference
The following manuals are shipped in IPF, but not in PS:
o Error Message Manual
o Glossary
The IPF files are viewed using the OS/2 IPF viewer.
The files in PostScript format can be printed on a suitable
PostScript printer; the files contain the fonts that are required.
As an example of a suitable printer, all books have been printed
using an IBM 3916 Page Printer with 16MB of memory.
If a PostScript printer is not available, it is possible to print the
IPF files on other types of printers, but these will not provide the
same quality or formatting as the PostScript documents.
The following softcopy books are available as BookMaster(R) files:
o Directory and Security Server for OS/2 Warp, Version 4 Up and
Running
o MPTS Configuration Guide
o MPTS Sockets Programming Reference
EDUCATION SUPPORT
The appropriate curriculum will be updated, as necessary, to include
the enhancements described in this announcement.
Details of the education support will be provided by planned
availability through separate education announcement.
Descriptions of all classroom and self-study courses are available.
Call IBM Education and Training at 800-IBM-TEACH (426-8322) for
education catalogs, schedules, and enrollments.
TECHNICAL INFORMATION
Specified Operating Environment
Hardware Requirements
Minimum Directory and Security Server Hardware Environments
o Personal System/2(R) or selected compatible IBM and non-IBM
systems
o An Intel-based processor model 80486, or higher, with a minimum
processor speed of 33MHz for all components except the Directory
and Security Server Client (Full/Admin), which requires a 66MHz
processor speed.
.-------------------+--------------------------------------.
| | Minimum |
|-------------------+-------+--------+---------------------|
| | RAM | DASD | CPU |
|-------------------+-------+--------+---------------------|
|DSS Client (slim) | 16MB | 200MB | 486 33MHz |
|-------------------+-------+--------+---------------------|
|DSS Client (full/ | 24MB | 300MB | 486 66MHz |
| admin) | | | |
|-------------------+-------+--------+---------------------|
|Domain Controller | 24MB | 400MB | 486 33MHz |
|-------------------+-------+--------+---------------------|
|Security Server | 24MB | 400MB | 486 33MHz |
|-------------------+-------+--------+---------------------|
|Directory Server | 24MB | 400MB | 486 33MHz |
|-------------------+-------+--------+---------------------|
|Security and | 24MB | 400MB | 486 33MHz |
| Directory Server | | | |
|-------------------+-------+--------+---------------------|
|Additional Server | 24MB | 400MB | 486 33MHz |
|-------------------+-------+--------+---------------------|
|DSS Domain | 32MB | 400MB | 486 33MHz |
| Controller and any| | | |
| Combination of | | | |
| DSS Servers | | | |
|-------------------+-------+--------+---------------------|
| DSS = Directory and Security Server |
'----------------------------------------------------------'
.-------------------+--------------------------------------.
| | Recommended |
|-------------------+-------+--------+---------------------|
| | RAM | DASD | CPU |
|-------------------+-------+--------+---------------------|
|DSS Client | 16MB | 300MB | 486 66MHz |
|-------------------+-------+--------+---------------------|
|Admin Workstation | 32MB | 300MB | Pentium 90 |
| (dss full/admin | | | |
| client) | | | |
|-------------------+-------+--------+---------------------|
|Domain Controller | 32MB | 400MB | Pentium 90 |
|-------------------+-------+--------+---------------------|
|Security Server | 32MB | 400MB | Pentium 90 |
|-------------------+-------+--------+---------------------|
|Directory Server | 32MB | 400MB | Pentium 90 |
|-------------------+-------+--------+---------------------|
|Security and | 32MB | 400MB | Pentium 90 |
| Directory Server | | | |
|-------------------+-------+--------+---------------------|
|Additional Server | 32MB | 400MB | Pentium 90 |
|-------------------+-------+--------+---------------------|
|DSS Domain | 48MB | 400MB | Pentium 90 |
| Controller and any| | | |
| Combination of | | | |
| DSS Servers | | | |
'-------------------+-------+--------+---------------------'
Some Directory and Security Server for OS/2 Warp components have
unique requirements; refer to the IBM Directory and Security Server
Up and Running book and the License Information, included with this
product.
Reference the following URL for information regarding supported
hardware adapters:
http://www.software.ibm.com/is/sw-servers/
directory/index.html.
Minimum DCE Client Including DFS Hardware Environments:
o Personal System/2 or selected compatible IBM and non-IBM systems
o An Intel-based processor model 80486, or higher
o One fixed disk drive
- 36MB of additional DASD for DCE, transport services, and
publications
o Memory -- 3MB of additional RAM (5MB is recommended)
These requirements vary and may not accommodate the particular
program functions you select.
Reference the following URL for information regarding supported
hardware adapters:
http://www.software.ibm.com/is/sw-servers/
directory/index.html.
Memory and fixed disk requirements for prerequisite software, user
applications, swapper file, and data are not included.
Software Requirements
Minimum Software Requirements for Directory and Security Server
o OS/2 Warp Server, Version 4 with latest FixPack
or
o OS/2 LAN Server, Version 4.0 plus OS/2 Warp with latest FixPack
Some Directory and Security Server for OS/2 Warp components have
unique requirements; refer to the IBM Directory and Security Server
Up and Running book and the Readme file for Directory and Security
Server for additional software requirements and prerequisite
information.
This product includes multiple programs and components with unique
terms and conditions:
DCE Server Services: DCE Security Server and/or DCE Directory Server
must be installed on OS/2 Warp Server, Version 4 or OS/2 LAN Server,
Version 4.0 running on any version of OS/2 Warp. DCE Security Server
and DCE Directory Server are also separately available as Right to
Copy with an associated charge per copy, subject to the same use
restriction.
DCE Client Services: The DCE Client can be used to access DCE server
services (including DCE Directory Server and DCE Security Server) or
to enable communication between DCE application programs' servers and
clients. The DCE Client will be installed and used this way as part
of your installation, and use of either the DFS Client or the
Directory and Security Server Client included in this product.
Subject to this restriction, you can copy, install, and use the DCE
Client, the DFS Client, or the Directory and Security Server Client
without additional charge for such copies, although separate server
access charges can apply.
OS/2 LAN/OS/2 Warp Server "Server" Services: DCE-enabled File and
Print Sharing Services must be installed on OS/2 Warp Server, Version
4 or OS/2 LAN Server, Version 4.0 running on any version of
OS/2 Warp, and will replace as an upgrade, portions of these
prerequisite programs. DCE-enabled File and Print Sharing Services
can be copied and installed as required by the customer without
additional charge; these copies are subject to this same
prerequisite. DCE-enabled File and Print Sharing Services is also
separately available as Right to Copy with an associated charge per
copy, subject to the same use restriction.
OS/2 LAN/OS/2 Warp Server "Client" Services: The Directory and
Security Server Client includes the OS/2 LAN Requester program
product, plus the DCE Client and other DCE components and features.
You can use the OS/2 LAN Requester portion of the Directory and
Security Server Client to access OS/2 LAN Server, OS/2 Warp Server,
and other compatible LAN services. Other DCE components and features
in the Directory and Security Server Client will allow you to access
DCE services. Subject to the DCE Client restrictions described
above, you can copy, install, and use the Directory and Security
Server Client without additional restriction or charge for such
copies, although separate server access charges can apply.
Additional Components: You can copy, install, and use the Directory
and Security Server Tools and other administrative interfaces and
tools provided with this product without additional charge to copy.
Refer to the product documentation for additional software and
hardware requirements.
.-----------------------------------------------------------.
| |
| Allowable DSS Installations |
|-------------------+-------------+-------------+-----------|
| |DCE-Enabled | | |
| | File and | DCE | DCE |
| |Print Sharing| Directory | Security |
| | Services | Server | Server |
|-------------------+-------------+-------------+-----------|
|OS/2 Warp plus | Not | No | No |
| Latest FixPack | Applicable | | |
|-------------------+-------------+-------------+-----------|
|OS/2 LAN Server 4.0| | | |
| Domain Controller | | | |
| or Additional | | | |
| Servers Entry | | | |
| or Advanced | Yes | Yes | Yes |
| plus OS/2 Warp | | | |
| plus Latest | | | |
| FixPack | | | |
| | | | |
|-------------------+-------------+-------------+-----------|
|OS/2 Warp Server 4 | | | |
| File/Print | | | |
| Services Domain | | | |
| Controller or | Yes | Yes | Yes |
| Additional | | | |
| Servers Entry or | | | |
| Advanced plus | | | |
| Latest FixPack | | | |
|-------------------+-------------+-------------+-----------|
|OS/2 Warp Server 4 | | | |
| Operating System | No | Yes | Yes |
| plus Latest | | | |
| FixPack | | | |
'-------------------+-------------+-------------+-----------'
Minimum Software Requirements for DCE Client Including DFS
o OS/2 Warp with latest FixPack
Refer to the Readme file for DCE Client Including DFS for additional
software requirements and prerequisite information.
Limitations
o Legacy clients have limited administrative capabilities and full
resource access capabilities within a single cell. Full
administration and/or cross-cell resource access requires a
Directory and Security Server client.
o Legacy additional servers retain their OS/2 LAN Server and
OS/2 Warp Server limits (that is, 255 groups), can continue to
serve as Remote Initial Program Load (RIPL) servers and can export
their shared resources within a Directory and Security Server
cell. Adding Directory and Security Server to an additional
server removes the OS/2 LAN Server and OS/2 Warp Server limits and
allows resources to be exported across cells, but does not allow
the server to be used as a RIPL server.
o Advanced servers with Directory and Security Server installed do
not support HPFS386 local security.
o Use of NETBIOS with Dynamic Host Configuration Protocol (DHCP)
support requires an external NETBIOS name server, not supplied by
IBM.
o Some OS/2 LAN Server, Version 4.0 applets and utilities are not
supported on servers upon which Directory and Security Server has
been installed.
Planning Information
Packaging
Directory and Security Server for OS/2 Warp, Version 4 program
package contents
o CD-ROM media
o IBM International Program License Agreement (IPLA)
o IBM license information
o Product registration card
o IBM service card
o FixPack flyer
o FixPack CD-ROM
o IBM Technical Connection for OS/2 Warp flyer
o IBM Directory and Security Server Up and Running hardcopy document
o Proof of Entitlement for Directory and Security Server and one UBF
DCE Client including DFS, Version 4 program package contents
o CD-ROM media
o IPLA
o IBM license information
o Product registration card
o IBM service card
o FixPack flyer
o FixPack CD-ROM
o IBM Technical Connection for OS/2 Warp flyer
o Release notes
o Proof of Entitlement
Security, Auditability, and Control
Directory and Security Server and DCE Client for DFS use the security
and auditability features through the full support of DCE
authenticated remote procedure call (RPC), allowing secure access in
a distributed computing environment.
User management is responsible for evaluation, selection, and
implementation of security features, administrative procedures, and
appropriate controls in application systems and communication
facilities.
ORDERING INFORMATION
Orders for new licenses will be accepted now.
Shipments will begin on July 31, 1996.
To order these programs for order type, specify the order type
number, feature number, part number, program name, media, and
quantity.
Program Package: Program CD-ROM with documentation
Order Type 5801-AAR
Feature Part
Program Name Number Number
Directory and Security Server
for OS/2 Warp,
Version 4 (DES) 2035 10H9754
Directory and Security Server
for OS/2 Warp,
Version 4 (CDMF) 2036 25H7945
Distributed Computing
Environment Client
Including Distributed
File System,
Version 4 (DES) 2037 25H7940
Distributed Computing
Environment Client
Including Distributed
File System,
Version 4 (CDMF) 2038 25H7946
Additional License Copies: Authorizes the customer who has a program
package to make a single copy of the program media and printed
documentation.
The authorization is given by providing the customer a Proof of
Entitlement for Additional License -- with Certificate, which has its
own part number and feature number.
Order Type 5802-AAR
Feature Part
Program Name Number Number
IBM Directory and Security
Server for OS/2 Warp,
Version 4, (DES)
Proof of Entitlement
Additional License --
with Certificate 2606 25H7937
IBM Directory Server,
Version 4 (DES)
Proof of Entitlement
Additional License --
with Certificate 2607 25H7973
IBM Security Server,
Version 4 (DES)
Proof of Entitlement
Additional License --
with Certificate 2608 25H7982
DCE-Enabled File and Print
Sharing Services (DES)
Proof of Entitlement
Additional License --
with Certificate 1096 25H7939
IBM Directory and Security
Server for OS/2 Warp,
Version 4, (CDMF)
Proof of Entitlement
Additional License --
with Certificate 2609 25H7962
IBM Directory Server,
Version 4 (CDMF)
Proof of Entitlement
Additional License --
with Certificate 2610 25H7975
Feature Part
Program Name Number Number
IBM Security Server,
Version 4 (CDMF)
Proof of Entitlement
Additional License --
with Certificate 2611 28H0006
DCE-Enabled File and Print
Sharing Services (CDMF)
Proof of Entitlement
Additional License --
with Certificate 1098 25H7980
IBM DCE Client Including
DFS, Version 4, (DES)
Proof of Entitlement
Additional License --
with Certificate 2612 25H7942
IBM DCE Client Including
DFS Version 4, (CDMF)
Proof of Entitlement
Additional License --
with Certificate 2614 25H7967
Additional License Copies -- Software Advantage Exhibit:
Authorization to make additional license copies begins on the start
date specified in the Software Advantage Agreement. Proof of
Entitlement will be provided monthly.
Order Type 5802-AAR
Part
Program Name Number
IBM Directory and Security Server,
Version 4 (DES)
Proof of Entitlement
for Additional License --
without Certificate 27H9609
IBM Directory Server,
Version 4 (DES)
Proof of Entitlement
for Additional License --
without Certificate 25H7979
IBM Security Server,
Version 4 (DES)
Proof of Entitlement for
Additional License --
without Certificate 25H7983
IBM DCE-Enabled File and Print
Sharing Services, Version 4
(DES) Proof of Entitlement
for Additional License --
without Certificate 25H7984
IBM Directory and Security
Server, Version 4
(CDMF Version)
Proof of Entitlement
for Additional License --
without Certificate 27H9610
IBM Directory Server,
Version 4 (CDMF)
Proof of Entitlement for
Additional License --
without Certificate 28H0003
Part
Program Name Number
IBM Security Server,
Version 4 (CDMF)
Proof of Entitlement for
Additional License --
without Certificate 28H0007
DCE-Enabled File and Print
Sharing Services
Version 4 (CDMF)
Proof of Entitlement for
Additional License --
without Certificate 25H7933
IBM DCE Client Including
DFS, Version 4 (DES)
Proof of Entitlement for
Additional License --
without Certificate 27H9568
IBM DCE Client Including
DFS, Version 4 (CDMF)
Proof of Entitlement for
Additional License --
without Certificate 27H9574
UBFs: An authorization for a number of users or number of resources
used or managed is the Proof of Entitlement for UBFs.
Order Type 5807-AAR
Feature Part
Program Name Number Number
IBM Directory and Security
Server, Version 4, (DES)
UBF -- 1-pack
Certificate 0500 25H7928
IBM Directory and Security
Server, Version 4, (DES)
UBF -- 5-pack
Certificate 0506 25H7929
IBM Directory and Security
Server, Version 4, (DES)
UBF -- 10-pack 0512 25H7931
IBM Directory and Security
Server, Version 4, (DES)
UBF -- 50-pack
Certificate 0518 25H7932
IBM Directory and Security
Server, Version 4, (CDMF)
UBF -- 1-pack
Certificate 0501 25H7957
IBM Directory and Security
Server, Version 4, (CDMF)
UBF -- 5-pack
Certificate 0507 25H7958
IBM Directory and Security
Server, Version 4, (CDMF)
UBF -- 10-pack
Certificate 0513 25H7959
IBM Directory and Security
Server, Version 4, (CDMF)
UBF -- 50-pack
Certificate 0519 25H7960
UBFs -- Software Advantage: When the Volume Discount Exhibit --
Software Advantage for Workstations applies, authorization for use
begins on the agreement start date. Continued authorized use is
based on the Proof of Entitlement for UBFs subsequently provided to
the customer.
Order Type 5807-AAR
Part
Program Name Number
IBM Directory and Security
Server, Version 4, (DES)
UBF -- Software Advantage 25H7938
IBM Directory and Security
Server, Version 4, (CDMF)
UBF -- Software Advantage 25H7963
Documentation: Separate documentation with no media.
The following publications will be available at planned availability.
To order, contact your IBM representative or your dealer. They are
also provided in soft-copy on the product CD-ROM.
Form
Title Number
Directory and Security Server, Version 4
Up and Running! S28H-0137
Directory and Security Server
LAN Programmer's Guide S28H-0130
Program Package Upgrade: Program CD-ROM with documentation
Order Type 5803-AAR
Feature Part
Program Name Number Number
Upgrade from DCE Client
Version 1, single-user to
DCE Including DFS,
Version 4 (DES) 0515 27H9571
Upgrade from DCE Client
Version 1, single-user to
DCE Including DFS,
Version 4 (CDMF) 0516 27H9577
Additional License Copy Upgrade: Authorizes the customer who has a
program package upgrade to make a single copy of the program media
and printed documentation.
The authorization is given by providing the customer a Proof of
Entitlement for Additional License -- with Certificate, which has its
own part number and feature number.
Order Type 5804-AAR
Feature Part
Program Name Number Number
IBM Additional License Upgrade
from DCE Client, Version 1
single-user to DCE Client
Including DFS, Version 4 --
1-Pack (DES) 0591 27H9572
Feature Part
Program Name Number Number
IBM Additional License Upgrade
from DCE Client, Version 1
single-user to DCE Client
Including DFS, Version 4 --
1-pack (CDMF) 0592 27H9578
Additional License Copy Upgrade -- Software Advantage Exhibit:
Authorization to make additional license copies begins on the start
date specified in the Software Advantage Agreement. Proof of
Entitlement will be provided monthly.
Order Type 5804-AAR
Part
Program Name Number
IBM Additional License Upgrade
from DCE Client, Version 1
single-user to DCE Client
Including DFS, Version 4
Additional License --
Software Advantage (DES) 27H9573
IBM Additional License Upgrade
from DCE Client, Version 1
single-user to DCE Client
Including DFS, Version 4
Additional License --
Software Advantage (CDMF) 27H9579
Upgrade Protection (New Product): The following upgrade protection
products are only available under the Software Advantage for
Workstations offering:
Order Type 5809-AAR
Part
Program Name Number
Upgrade Protection for IBM
Directory and Security Server
OTC* 25H7964
QC** 25H7956
Upgrade Protection for IBM
Directory Server
OTC 28H0004
QC 28H0005
Upgrade Protection for IBM
Security Server
OTC 28H0008
QC 28H0009
Upgrade Protection for IBM
Directory and Security
Server -- UBF
OTC 25H7974
QC 25H7965
Upgrade Protection for IBM
Distributed Computing
Environment Client
including Distributed
File System
OTC 27H9575
QC 27H9576
* One-Time Charge
** Quarterly Charge
Program Upgrade
The program package upgrade option allows currently licensed users of
DCE Client for OS/2, Version 1.0 to obtain the new function for a
program upgrade charge. The program upgrade to DCE Client Including
DFS will be available on July 31, 1996. Orders will be accepted
after July 31, 1996. These upgrades will be available through IBM
authorized remarketers. The remarketer will require a Proof of
Entitlement for each upgrade ordered.
Customers can also order upgrades through the local IBM office using
the IBM Personal Software Program Upgrade and Certification Order
Form. The total quantity of upgrades acquired for a specific program
cannot exceed the total quantity of program packages and/or
additional licenses previously acquired for that program. Proof of
License for upgrade eligibility for additional license upgrades is a
copy of this invoice or previously acquired Proof of Entitlement for
Additional License -- with Certificate. Additional license upgrades
can be entered through the local IBM office using the IBM Personal
Software Program Upgrade and Certification Order Form or ordered
through an authorized remarketer.
TERMS AND CONDITIONS
Licensing: The programs described in this announcement are licensed
under the terms and conditions of the IBM International Program
License Agreement. A copy of the agreement is included in the
program package.
Additional License: Proof of Entitlement must be acquired.
UBFs: Proof of Entitlement must be acquired.
Use-Based Charging Structure: Directory and Security Server contains
UBFs that are subject to separate use-based charges. You must
acquire one UBF for each registered user (user ID) registered to use
or access certain portions of this product. One UBF will be included
with each Directory and Security Server for OS/2 Warp, Version 4 and
for each Directory and Security Server for OS/2 Warp, Version 4
Additional License. Registered users are defined as a user ID listed
in the Directory and Security Server Registry Database.
If you are using a third party's product for your Directory and
Security Server Registry Database, you must acquire one UBF for each
user ID listed in that registry as a result of having installed
Directory and Security Server.
If a user ID is listed in the Directory and Security Server Registry
Database and in a third-party Registry Database, then only one UBF
per user ID is required for an enterprise.
When you purchase the separately orderable DCE Client Including DFS
for OS/2 Warp, Version 4, you are entitled to access the Directory
and Security Server for OS/2 Warp, Version 4 Server without
purchasing a UBF.
Number of user IDs in the Directory and Security Server Registry
Database can be monitored through the Account Folder accessed through
the Directory and Security Server Client or through the DCE Client.
Software Advantage for Workstations -- Upgrade Protection: The
announced program is eligible as an entitled upgrade. Entitled
customers will be provided with a no-charge program package and a
Proof of Entitlement authorizing right to copy equal to the number of
programs protected. Shipment will follow general availability.
Variable Charges Apply: No
Limited Warranty: Yes
Program Services: Program services will be available until
September 30, 1998.
Support Line: The Personal Systems Support Line applies.
Complimentary Introductory Support: Not applicable
Volume Orders: For information regarding volume orders, contact your
IBM representative.
The without certificate program numbers for additional licenses,
additional license upgrades, UBFs, UBF upgrades, and upgrade
protection part numbers included in this announcement are eligible
for volume discounting under the terms of the Software Advantage for
Workstations Agreement and Exhibit.
Guarantee: Yes. The IBM 30-day, money-back guarantee applies.
Authorization for Copy and Use on Home/Portable Computer: Not
applicable for this program.
Program Transfer: Fully transferable
Educational Allowance: A reduced charge is available to qualified
education customers. The educational allowance cannot be added to
any other discount or allowance.
CHARGES
Contact your IBM representative for charges information for this
announcement.
CALL NOW TO ORDER
To order, contact IBM Direct, your local IBM representative, or your
IBM Authorized Business Partner.
IBM Direct, our national direct marketing organization, can also
arrange to put your name on the mailing list for catalogs of IBM
products.
Phone: 800-IBM-CALL
Fax: 800-2IBM-FAX
Internet: ibm_direct@vnet.ibm.com
Mail: IBM Direct
Dept. SE005
P.O. Box 16848
Atlanta, GA 30321-0848
Reference: SE005
To identify your local IBM Authorized Business Partner or IBM
representative, call 800-IBM-4YOU.
Note: Shipments will begin after the planned availability date.
(1) Registered trademark in the United States and other countries
licensed exclusively through X/Open Company Limited.
(R) Registered trademark of International Business Machines
Corporation in the United States or other countries or both.
(TM) Trademark of International Business Machines Corporation in the
United States or other countries or both.
Other trademarks and registered trademarks are the properties
of their respective owners.