Question : Joining Active Directory Forest

I have a Remote Novell 5.1 Server that needs to join a Active Directory Forest......can you please advise what needs to be put in place on the Novell side in order for this is happen. I have been advised that DirXML doesn't work on 5.1 and I have to upgrade to 6 at least.

Answer : Joining Active Directory Forest

Haaaahahahaha! Limit congestion on the WAN! HAhahahahaha! Hee hee. Whoo...

If they wanted to limit congestion on the WAN, they'd dump AD as their directory and use eDirectory. Active Directory WAN replication uses way more bandwidth than eDirectory. They must be comedians.

NFAP would be a "legacy domain" mode solution at best. It's meant to allow Windows workstations to use NetWare file server resources without using the Novell client. That's all. It's not a directory-sync tool. I don't think that'd work for you.

If you need NetWare 5.1 for some legacy app that you are certain will not run on 6.5, you can get NetWare 6.5 in addition to your 5.1 and have both in the same tree, using the same version of eDirectory (with 6.5 server being the Master of Root) and then use the included DirXML starter-pack to sync with AD. NetWare 5.1 is still supported as of this date, and you can upgrade your NDS to eDirectory 8.7.3 on 5.1 AFAIK. I think that's an upgrade you have to pay for, though. I think to have both versions in the same tree, you have to have both NetWare 5.1 and NetWare 6.5 licenses. I have no idea how that would work licensing-wise, whether you can upgrade to 6.5 and "backlevel" the licensing to 5.1, since the licensing model is different for 6.x. They have you adding a Windoze server anyway, so you might as well spend even more money, hey? It would probably cost less than the alternative, which I think would be to buy Nsure Identity Manager and run it on the Windoze server. If you buy the product, it comes with eDirectory, and can run on Windows, but it's not a cheap product. You really need more reason to get full-blown Identity Manager than just syncing with AD, to justify the cost.

There is only one valid reason to use AD: Exchange 200x. All other reasons are excuses. Even then, you're better off running the enterprise on eDirectory with local AD domains synced with DirXML, IMO, rather than doing a "forest" and its bandwidth-sucking replication. There's no good reason to saddle an organization with AD and its limitations.

Unless that's what they're doing - if they say "eDirectory sits on top of Active Directory" do they mean they're using eDirectory as the Enterprise directory service like I suggested above, using it to work around the bandwidth-sucking AD replication? I surmise not - if that were the case, you wouldn't need a Windoze server at all to join a "forest," would you? I think the others should upgrade their NT4 boxes to Linux running SAMBA and Sendmail and get the Microsoft monkey off their backs rather than going with Win2K3 and AD, but that's another topic altogether.

Are they forcing you to use Exchange 2003, too? Just wondering...

Random Solutions

HP laserjet 4050N jetdirect printer

Routing, Wireless Access Point, Local Network

"no such user" bounce - Resource booking

Best Network monitoring software?

Slow startup of programs first time

Problem with "Standard Modem over bluetooth link" OS: Windows XP SP2

Kerberos Event ID 4

How to change stored Network Printer Credentials

Cisco Wireless LAN Controller