Blog View

GroupLink Corporation is excited to once again sponsor BrainShare. This event has always been a great opportunity to learn more about Novell and Novell Partner products. We can’t wait to see everyone there! As always at BrainShare, GroupLink will be playing an exciting game at our booth #101. This year we will be playing Super Deal or Not Deal, which you could play to win a new car! (Or other consolation prize, based on the results of the game). The grand prize game will be played on Thursday, March 25 at 12:30 pm at booth 101. To be entered to play you must:

1. See a product demo of everything HelpDesk, the Novell Integrated HelpDesk (see booth 101).
2. Complete the designated survey card.

We will also be playing Deal or Not Deal every ½ hour during the exhibit hall hours, where you could win prizes worth up to $200.

On, Wednesday, March 24, we will be hosting an intro to everything HelpDesk dinner. This dinner will be a great chance to hear from your colleagues about how they benefit from the Novell integration of everything HelpDesk. Details:

Location: Radisson Hotel Downtown SLC
Date: March 24
Time: 5:00 pm to 6:00 pm
Link to register: http://www.grouplink.net/events/prospectdinner.glml

All attendees will be entered to win one of our prize giveaways, including:

$25 Gift Cards
iPod Touch
HP Mini Netbook.

Also, don’t forget to attend our session at BrainShare, it will be held Tuesday at 2:30 pm!

GroupLink’s everything HelpDesk features key integration with your current Novell infrastructure. By implementing this solution you can increase your ROI and reduce your total overall costs by:
- Keeping communication lines open with automated GroupWise (and Outlook/Exchange) email notifications when a ticket is submitted, updated or closed.
- Producing powerful reports that give you the ability to customize and save reports to find key performance indicators (KPIs) for use with trend analysis and troubleshooting.
- Using LDAP integration with eDirectory (and Active Directory) to eliminate the need to maintain a separate database for your help desk.
- Managing your essential assets with ZENworks 10 Integration.

• Collaboration Cool Solutions

Solution featured in this story: eControl from Omni

Overview

The University Hospital of Würzburg consists of four integrated clinical institutes that comprise 19 hospitals with 87 units and 8 intensive care units. In addition, the University Hospital is affiliated with six vocational healthcare schools (nursing, pediatric nursing, midwifery, physiotherapy, dieticians and massage). Each year, approximately 50,000 patients receive medical treatment in the facility and 180,000 receive out-patient care.

To deliver this level of healthcare, the University Hospital of Würzburg uses multiple IT applications across distributed Microsoft and Novell networks. The Hospital's Medical Informatics Service Centre includes 50 staff members who are resonsible for management and supervision, network equipment, systems, SAP administration processes, SAP clinical processes, and other service and support activities. All of these employees are part of the helpdesk team. Two employees take care of user administration for approximately 5,000 IT workplaces that are used by 6,000 staff.

The University Hospital of Würzburg implemented eControl from Omni to centrally manage a large number of user identities and accounts. eControl has replaced Microsoft Management Console, iManager and ConsoleOne for managing user accounts across mixed and multiple Microsoft and Novell networks from a single web-based interface, accessible from any browser. Account updates can be carried out quickly and easily by front-line staff who have very little technical knowledge of Microsoft or Novell systems. The network also includes managed systems such as Siemens DirX (telephony system) and several SAP systems (SAP-HR, SAP-KIS, SAP-BW).

The Challenge

Using Microsoft Management Console, iManager and ConsoleOne to manage more than 6,000 user accounts across diverse systems and with a large number of possible attributes and properties was a time-consuming task. The University Hospital of Würzburg needed a unified interface that delivered centralised role-based administration across all systems.

"With eControl, we finally have a unified, cross-platform management tool that allows us to make individual or bulk changes in our systems without losing any of the functionality of the native administration applications," said Andreas Thiele, Assistant Director of Systems, Identity Management and Infrastructure at the University Hospital of Würzburg. "eControl provides role-based access to all our Microsoft and Novell accounts and attributes without having to give users any administrator rights or access to complex tools."

"Naturally, security plays an important role at any University Hospital. eControl satisfies all our security rules and requirements," continued Mr. Thiele. "eControl's Audit and Reporting, in fact, provides a full audit log of all changes made in our systems for administrator oversight."

The Solution

The University Hospital of Würzburg uses the following eControl modules for centralised, role-based Identity Management for its Microsoft and Novell systems:

eControl Manage: eControl Manage simplifies and centralises administration of user accounts, security and distribution groups, and other directory-based objects without having to assign any administrator or special access rights. eControl's Web 2.0 interface is very intuitive and does not require any user training.

eControl Create: Non-IT employees from departments like HR or the front office can use eControl Create to create user accounts based on pre-configured profiles across Microsoft and Novell platforms – with no administrator rights or special permissions required.

eControl Self-Service: In short, eControl Self-Service allows end-users to reset their own password in Active Directory / Exchange and eDirectory / GroupWise and to carry out other routine self-service tasks.

The Results

"After we began searching for a unified identity management solution, our IT partner, Maintainet AG, made us aware of eControl," said Mr. Thiele.

"We implemented eControl on our own without any problems," continued Mr. Thiele. "We leveraged existing hardware and no programming was required to complete the implementation. User adoption and satisfaction have been very good because minimal to no training is required for front-line staff. Although we have not directly measured the savings of eControl, it is evident that even after a short time, the time savings are significant through eControl's centralised identity management and its Web 2.0 interface and Software-as-a-Service (SaaS) access.

"We are happy that we no longer need to switch back and forth between Microsoft Management Console, iManager and ConsoleOne to manage user identities in our Novell and Microsoft systems. eControl provides a unified identity management solution that saves valuable administrator time, reduces administration complexity and keeps all our systems and modifications under control."

"With the implementation of eControl, it is now possible to delegate administration tasks, which was very complex using the old tools," stated Mr. Thiele.

More Information

• Contact Omni

• Cloud Security Service

As part of the upgrade to Teaming 2.1, we have updated the look and feel of our forms in the Teaming Library. The changes include background color, dividers, and borders. In this article we give you some quick, easy pointers on how to make these changes for your own site.

You can update the look of your site by using the HTML element, which is under the “Layout Options” when adding a new element.

Click “HTML” to open the HTML editor. The HTML element creator then prompts you for the caption and the name.

Enter a Caption (not required).

Enter a Data Name (required).
You can update the look of your site by using the HTML element, which is under the “Layout Options” when adding a new element.

Click “HTML” to open the HTML editor. The HTML element creator then prompts you for the caption and the name.

Enter a Caption (not required).

Enter a Data Name (required).

Notice two text boxes. HTML Top represents the HTML tags that come before the elements that are set inside the HTML element. HTML Bottom represents the HTML tags that come after the elements.

The first two enhancements to the form are background color and border. Any color can be used for the background. All that is required is the HTML code for that specific color. The HTML color that we used is “f4f4f4” (light gray). We used this code on our HTML element:

<table cellpadding=“4” borders=“1” bgcolor=“#f4f4f4” width=“700”><tr><td>

</td></tr></table>

This specifies the size in pixels of the border (border=“1”), the background color (style=“background-color: #f4f4f4” or bgcolor=“#f4f4f4”), the width of the form in pixels (width=“700”) and the distance between cells in the table (cellpadding=“4”) in pixels. This is a really handy code that can be used on any form to give it a more professional look.

The break and divider are two other elements you can use to quickly improve the look of your form. The break causes a space between two elements, so they're much easier to read. The code for an HTML break is very simple:

<br/>

Use this in a new HTML element and place it in the designer where you want a little extra space.

You might find the Divider layout element doesn't always create the amount of space that you want, so you may want to also add a break. This HTML divider has a break before and after it. It is simply a break, then the code for the divider, then another break. No HTML bottom is required for this code because nothing will be placed inside this element.

This gives a little more space above and below the thin gray line in the form.

We used these simple enhancements, to upgrade some of the forms to give them a better look and feel. Feel free to look through them and send us any questions that you have.

- Teaming Library

• Teaming Cool Solutions

Dipto Chakravarty, general manager, Cloud Security & VP Engineering, Security Management Operating Platforms, Novell, Inc.

Part 1

Identity management was a complex issue to begin with and this complexity is only increasing with the advent of cloud computing. To deal with it, those responsible for managing identities and those creating technologies for identity management have had to continuously innovate.

The latest innovation we are seeing is in the area of intelligent workload management, specifically towards intelligently managing identity-aware workloads. Before I talk about that, I’d like to you to consider how we got to where we are today.

Identity Management can be decomposed into four basic functions:

1. Authentication

In order for a user to access your systems, you need to authenticate that he is who he says he is. Authentication methods can be very basic, such as simply requiring that the user enter a password, or they can be stronger and involve fingerprint readers or other types of biometrics.

Of course, the number of systems that an individual may have to access during the course of a workday has proliferated, and many of these systems have migrated off premise. In order to deal with multiple password issues and the varying authentication requirements of different systems, some organizations have moved to single-sign-on methodologies.

At the same time, we’ve become better at correlating different types of identity data to allow for the behavioral analysis of users. We can know, for example, when “Frank” swiped his ID badge in order to enter the campus as well as when he tried, and perhaps failed to enter his password correctly. When someone is trying to use Frank’s password when he’s not on premise, we know there’s a problem!

2. Authorization

Once we know who a user is, we need to be able to authorize his use of this or that application or system.

The traditional authorization method is roles-based. “Frank” may be a marketer who should be authorized to access marketing assets at various levels; he may also manage a P&L, so he needs authorization to access financial systems; and he may be a “super-user” for some infrastructural elements like a website.

Role-based authorization is often supplemented with policy-driven authorization. For instance, Frank can only be a root-user while he’s on campus so the question becomes, “How do I delegate this privilege to him for the time he’s on campus and then rescind it once he’s left?”

3. Provisioning

With authentication done and authorizations in place, the system is then responsible for rolling out the appropriate attributes based on relevant credentials.

4. Auditing

Finally, the system needs to log activity, perform audits, generate reports and track events as they happen.

These functions in themselves are by no means new: provisioning users is easily two decades old; authorization has been around as long as client-server or time-share systems have been around, etc. What is new is the way that these get connected and work together.

People have gone from multiple tools addressing individual functions to bundles or platforms where you have authentication and authorization and auditing all sorted in a systemic way so that you can cut across and report across them. This bundling or platforming has become necessary as SLAs have become stricter and regulations gotten tighter.

With tighter regulations has come ever-increasing complexity. You not only need to have these tools in place, but you’ve also got to map the various technologies to specific controls – compliance controls security controls, governance, and on and on. These controls have 6 to 7 different components which in turn get mapped to the actual regulations which could be PCI for financial records, Sarbanes Oxley for the password retries, HIPAA for any health records, etc.

And now, to add to the complexity, you have to deal with the fact that some of these components are actually “out there” in the cloud. I believe that this new layer of complexity makes “intelligence” (as in “Intelligent Workload Management”) an absolute necessity.

I’ll address that idea in my next post but would first like to ask, how are you dealing with the increasing complexity of identity management as a service?

The Allow Field Level Modifications feature is unique to the forms and workflows Teaming. This new feature allows you to give a user restricted access to predetermined sections of a form instead of giving a user access to modify the whole form. In the example that follows, we created a form and workflow called Project Delegation. For the example, we want the manager to be able to delegate a project by specifying information about the project, and then assigning it to another employee. In our example, the delegatee is selected through the user list. To make our workflow dynamic, we used a user list in the Workflow Processes to match the delegatee with modifying rights, but you can give users restricted rights in other ways. The result is a dynamic form and workflow where an employee can't modify the information that the manager filled out, but just what the manager wants him or her to fill out.

In order to accomplish this, you need to modify the form in the Entry Definitions and the workflow in the Workflow Processes. This is how we did it:

Entry Definitions

We began by determining which fields in the form we wanted to be modified by the employee doing the project. In each field that we wanted to give restricted access, we clicked Modify > Allow field level modifications > OK as shown to the left.

Workflow Processes

Next, to make the form and workflow dynamic so that the delegatee was given restricted modifying rights, we accessed the workflow process. We then selected the state Delegate > Add > Access Controls > OK.

We then clicked Access Controls > Add > Modify Specified Fields > OK.

Next, we selected Modify Specified Fields > Modify.

In the modify window, at the bottom, we clicked on Select an Entry Type, then scrolled through the forms to select which form we were referring to in our workflow. Then we selected the form again and clicked OK. After giving restricted modification rights, our screen looks like the screen in the image to the left.

The Allow Field Level Modifications functionality in Teaming 2.1 helps you create even more robust forms and workflows, and allows you to control who is entering what data. We hope you will enjoy this new feature.

- Teaming Library

• Cool Solutions

How to do a Top Down Rebuild? Check out these… Doing a Top Down Rebuild on GroupWise 5, 6, 6.5, 7, or 8 Procedures for a GroupWise Top-down Rebuild Performing a Top-Down GroupWise Rebuild with No User Downtime _

Here’s a list of the sessions GWAVA is offering during BrainShare.

• GWAVA 5 Appliance with an SMTP Scanner – Hands-on Lab
• Policy Enforcement with GWAVA 5 Hands-on Lab
• Reload Disaster Recovery - Hands-on Lab
• Reload Single Message Restore - Hands-on Lab
• Retain Archiving Initial Configuration Hands-on Lab
• Retain - Reload Integration Hands-on Lab
• Introduction to GWAVA Reload
• Introduction to GWAVA Retain 1.8 for GroupWise
• Introduction to GWAVA 5
• Introduction to GWAVA Retain 2 for BlackBerry Enterprise Server (BES)
• Community Announcement Forum

For detailed descriptions of the GWAVA BrainShare sessions, click HERE. Sign up for GWAVA sessions using your BrainShare registration.

Don’t miss out on other GWAVA events during BrainShare either! There is a free movie on Sunday night, games and fun on Monday and Wednesday nights. On Tuesday night, get your picture taken with Elmo at Party with the Partners.
Click HERE for complete information and to register. Remember, it’s all free to you and there will be lots of chances to win fantastic prizes.

Follow GWAVA on Twitter at BrainShareSLC.

• Collaboration Cool Solutions

GroupLink Corporation is excited to once again sponsor BrainShare. This event has always been a great opportunity to learn more about Novell and Novell Partner products. We can’t wait to see everyone there! As always at BrainShare, GroupLink will be playing an exciting game at our booth #101. This year we will be playing Super Deal or Not Deal, which you could play to win a new car! (Or other consolation prize, based on the results of the game). The grand prize game will be played on Thursday, March 25 at 12:30 pm at booth 101. To be entered to play you must:

1. See a product demo of everything HelpDesk, the Novell Integrated HelpDesk (see booth 101).
2. Complete the designated survey card.

We will also be playing Deal or Not Deal every ½ hour during the exhibit hall hours, where you could win prizes worth up to $200.

On, Wednesday, March 24, we will be hosting an intro to everything HelpDesk dinner. This dinner will be a great chance to hear from your colleagues about how they benefit from the Novell integration of everything HelpDesk. Details:

Location: Radisson Hotel Downtown SLC
Date: March 24
Time: 5:00 pm to 6:00 pm
Link to register: http://www.grouplink.net/events/prospectdinner.glml

All attendees will be entered to win one of our prize giveaways, including:

$25 Gift Cards
iPod Touch
HP Mini Netbook.

Also, don't forget to attend our session at BrainShare, it will be held Tuesday at 2:30 pm!

GroupLink’s everything HelpDesk features key integration with your current Novell infrastructure. By implementing this solution you can increase your ROI and reduce your total overall costs by:
- Keeping communication lines open with automated GroupWise (and Outlook/Exchange) email notifications when a ticket is submitted, updated or closed.
- Producing powerful reports that give you the ability to customize and save reports to find key performance indicators (KPIs) for use with trend analysis and troubleshooting.
- Using LDAP integration with eDirectory (and Active Directory) to eliminate the need to maintain a separate database for your help desk.
- Managing your essential assets with ZENworks 10 Integration.

• Collaboration Cool Solutions

Last September, Chris Hoff wrote of his concerns about SaaSprawl, setting off a lengthy and lively discussion.

At the core of Hoff’s concern was the tendency for enterprises to “edge toward Cloud adoption by cherry picking applications for externalization using SaaS as the platforms.”

The net result of this cherry picking is an IT administration nightmare as SaaS vendor relationships proliferate creating a jungle of multiple usernames & passwords, multiple identity silos, and a plethora of divergent administrative tools.

On top of it all, with Gartner showing that SaaS adoption is growing, and predicting that it will continue to do so into the foreseeable future, the situation is just going to get worse.

Of course, the problem isn’t so much that organizations will seek software services from multiple sources – this is, after all, a major benefit of the SaaS model in the first place.

No, the real problem is posed by the need to manage security and identity across numerous SaaS instances, each with its own peculiar way of doing so.

An ideal solution to this problem then would allow organizations to engage whatever software services they wished while at the same time allowing these organizations to apply their internal identity and security management systems in the same way to each instance.

Interestingly enough, Novell recently conducted a survey of its customers and discovered that 43% of them would be more inclined to consider and purchase an SaaS offering if it included just such a solution.

IT leaders are not going to rein in SaaS sprawl by exercising greater control over the purchasing decisions of people who are getting pressure from the C-suite to increase efficiency by outsourcing elements of their infrastructure. Sure, the headaches are all on the side of the SaaS consumer, but it is not necessarily the case that that’s where the cure should be implemented.

On the contrary, doesn’t it make more sense to attack the problem from the side of the SaaS provider by giving them the ability to work with the client’s existing security architecture? Wouldn’t that alleviate the client’s pain while making the vendor that much more appealing?

What’s your cure for SaaS sprawl?

• Cool Blogs: Official Novell Bloggers

Are you attending BrainShare SLC 2010? Don´t miss the opportunity to follow some really unique session about System z. Enroll these sessions today via the session scheduler at https://www.novellbrainshare.com/slc2010/scheduler/search.do and learn from customers and experts what is so special about SUSE Linux Enterprise Server for System z!

Tuesday 9am-1pm, Thursday 9am-1pm, Room 255B
ELS206: SPECIAL Hands-on Workshop – Install SUSE Linux Enterprise Server on IBM System z (Classroom set-up – You don´t need to bring/use your own Laptop!)
Trainer: Richard Lewis, IBM
Happy Birthday SUSE Linux Enterprise Server for System z! 10 Years on the Mainframe – and counting! Come take advantage of this unique opportunity at BrainShare. Richard Lewis, a master expert and pioneer for Linux on the mainframe, will teach you how to install and configure SUSE Linux Enterprise Server for System z in a z/VM virtual machine. After this intensive hands-on experience, you will be equipped with the skills and the confidence required to install Linux for System z by yourself. You should have minimum basic Linux knowledge. LIMITED NUMBER OF SEATS AVAILABLE!

Monday 11:30am-12:45pm, Room 150 D/E
ELS208: German Pension Fund Goes Linux: Legacy Application Migration to z/Linux with Minimal Risk
Speakers: Falk-Oliver Bischoff , Head of IT Department, Deutsche Rentenversicherung (German Pension Fund), Florian Delonge, Business Development Director EMEA, Clerity Solutions, Inc. , Olaf Senger, IBM
THIS CUSTOMER SUCCESS WILL ALSO BE FEATURED DURING THE KEYNOTE!
In this session, you will gain detailed insight into why and how German Pension Fund (Deutsche Rentenversicherung) migrated a monolithic mainframe application consisting of 3.5 million lines of code and 2,500 CICS COBOL programs and the required transaction environment to SUSE Linux Enterprise Server for System z. In addition to reducing software costs through the use of open source software, German Pension Fund can now rely on a consolidated system based on a modern, flexible and reliable operating system, which will also be used as the host system for content management and archiving systems. One of the main reasons for the move to Linux was that it can be used on multiple or different hardware platforms with minimal adaptations. And the biggest advantage of the IBM System z10 environment for German Pension Fund—besides its legendary reliability and intelligent resource usage—clearly is that all application components run on a single machine, which means that administration effort and access times between z/OS and Linux are minimal.

Wednesday 4pm-5:15pm, Room 251 F
ELS310 – What’s New with Linux on System z
Speakers: Richard Lewis (IBM, I/T Executive), Ihno Krumreich (Novell, Project Manager System z)
This session will give a detailed report on the functionalities found in newer kernel versions as they relate to Linux on System z. Areas included are advanced virtualization, storage support, RAS, security, as well as usability and serviceability. This session will also give some insight into the IBM Linux on System z development process itself. Last, but not least, attendees get an overview of features, functionalities and tools specific to SUSE Linux Enterprise Server for System z.

• Cool Blogs: Official Novell Bloggers

One-Click Access to ConsoleOne in Linux

Running ConsoleOne directly from the server is helpful and often necessary, especially if you are using SLES as the server OS. With OES, you have the NSS file system that lets you easily connect a Windows workstation to your domain (assuming that workstation has a Novell Client). If you're using a Linux desktop that is capable of running the Novell Client for Linux, ConsoleOne can still be run locally while connecting to the domain database on the OES server. Using a SLES server further limits your options.

Instead of installing and configuring Samba or NFS (which I'm not sure is recommended anyway), using SSH to run ConsoleOne allows you to use a common protocol.

I most often use the Linux desktop and have been able to make one-click ConsoleOne access via SSH work. While Putty, a Windows SSH client, can provide similar functionality, I do not know of a way to generate the necessary SSH key with Putty in order to make this work in a one-click way.

For the remainder of this article, I'll call the server running the domain and from where we want to run ConsoleOne 'gwdom1'. I will assume that ConsoleOne with the current snapins is installed, executable, and fully functional from the domain server console for the purposes of administering GroupWise. I will also assume that we want to connect to this server as 'root'.

Running ConsoleOne via SSH

This is the easy part. First, SSH to the server where the domain is running as the root user using the following command. The '-X' is crucial as it enables X11 forwarding:

ssh -X root@gwdom1

After entering the root password, execute this command:

/usr/ConsoleOne/bin/ConsoleOne

At this point, ConsoleOne should appear on your Linux desktop (running from gwdom1) and you can login and connect to gwdom1's domain database. This will verify that ConsoleOne can be run in the way it needs for this process to ultimately work.

This part should be possible using Putty for Windows. However, providing the specific steps of doing so is not the intent of this article.

Your Very Own Script

You can easily combine the above two commands into one script file. First, go to your home folder using the console and switch to a folder called /bin. For non-root users, it will be /home/username/. For root, it's /root.

Once in the /bin folder of your home folder, create a file called 'c1_gwdom1' (or whatever you want to use as the command that calls this) using your favorite text editor. The file should contain the following:

#/bin/bash ssh -X root@gwdom1 "/usr/ConsoleOne/bin/ConsoleOne &"

The '#/bin/bash' part is probably unnecessary, but I've gotten in the habit of putting this in my scripts. Nevertheless, save the file and exit your editor. Now, from the console, make your script executable. Use the command:

chmod 755 c1_gwdom1

Because your /bin folder in your home folder is, by default, in the path, you should be able to type 'c1_gwdom1' from any folder and it will start. Try it out. You will have to enter the root password for gwdom1 to have it connect (more on removing this later). ConsoleOne should start on your local workstation. If you want to have it start in the background, use 'c1_gwdom1 &' and you won't have to keep your console window open.

No Password Required

Here it gets more complicated. However, this is also the key to one-click access. This is also the part that I am unsure how to duplicate in Windows. It may be there, but my limited use of Windows for administration of GroupWise has kept me from researching this further.

What we have to do is to first generate an SSH key, then enter the key info into gwdom1's authorized list. This tells gwdom1 to trust connections from this machine. So keep in mind that if you have multiple machines from which you want to use one-click ConsoleOne, you will have to repeat this step for each.

From a console on your Linux desktop, enter 'ssh-keygen -t rsa' and you should get a prompt for a path. Use the default path and leave the passphrase blank. Once you've finished that command, you should have a file in your Linux desktop's /home/username/.ssh/ folder called 'id_rsa.pub'. View the contents of this file by typing:

cat /home/username/.ssh/id_rsa.pub

Highlight and copy the contents of that file to the clipboard using the GUI. Now open another console and SSH over to gwdom1 as root.

In the /root/.ssh/ folder of gwdom1 you should find a file called authorized_keys2. Make a quick backup copy of this file before you start editing it. Edit the file and go the bottom. Add another line, then Paste the contents of your local id_rsa.pub file into it. Save the file and exit out of the SSH session.

Test this by re-SSHing to gwdom1. If it worked, then you should be able to SSH without getting a password prompt.

Click Me!

To make it all nice, neat, and easily accessible you can now create yourself a shortcut. The steps for doing this will depend on whether you use GNOME or KDE (or another Desktop Environment). Chances are that you know how to do this so I will not go into specific steps to create a shortcut.

The application/command that you want the shortcut to run is:

/home/username/bin/c1_gwdom1

Create it and click to test.

What should happen is that ConsoleOne should now appear, having been run over SSH from the server running/hosting your domain.

• GroupWise Cool Solutions

Still have questions about GroupWise that you want answered? Here’s another chance to ask. Back by popular demand, the second installment in our GroupWise Guru Series... introducing, Morris the Magnificent!

Simply post your question here in the Morris the Magnificent Blog. Every week, Morris the Magnificent will magically select a question or two about GroupWise security, GroupWise archiving, or a general GroupWise question, and conjure up his answer.

Meet Morris the Magnificent

How to Participate:

1. Register by creating a profile below. It's quick and easy!
2. Post your question as a comment.
3. Check back often to see if Morris has answered your question. 

Note: Please enable cookies.

 

By SVV Satyanarayana

GroupWise is a product from Novell that provides for team collaboration like email, sharing documents in a team, instant messaging, scheduling meetings, reminders, etc. It comes under category of "Collaboration Software".

The beauty of GroupWise is that its client as well as server is supported on different OS platforms. A GroupWise client is available on Mac, Windows and Linux, as well as the web. The GroupWise Server is supported on Windows Server, Linux and NetWare. So users have many options.

This article is about the instant messaging feature of GroupWise. Novell GroupWise Messenger is a corporate instant messaging application that ships with every GroupWise client, including the WebAccess client.

GroupWise Instant Messenger:

In any corporation, there must be a lot of communication options. They can be anything from oral communication, sending emails, talking over the phone and sharing data.

Above all, corporate communication must be done in most secured fashion such that it can’t be hacked by anyone. GroupWise Messenger provides this for us.

The next thing is "Authentication". It only connects to a user database available on Novell eDirectory. Novell eDirectory provides an efficient and secure way of authentication of GroupWise Messenger users.

The following are a few features that I like most:

1. Support for multiple languages: Supports more than 20 international languages. If your company is spread across different parts of the globe, especially in countries like Japan where English usage is minimal, users feel comfortable to use applications in their native languages.
2. Changing passwords is made easy: There are many companies that implement security policies and force employees to change their passwords regularly. So, in a company that uses eDirectory as their authentication server, there is a simple way for employees to change their GroupWise Messenger password. If the same password is applicable to access other applications in their company, it is reflected in them as well, immediately.
   Just click Tools -> Change password in menu (Preferences -> Change Password on Mac) to change the password of eDirectory. GroupWise Messenger client implements LDAP SDK to access eDirectory.

   Click to view.

3. Archiving and retrieving chat messages: (This option has to be set on the server.) Users don't have to mention explicitly that they want to store their chats. Just enable the option on server and it works on your client. You can even search the archived content also.

   This image shows chat history in a conversation window

   Click to view.

   This image shows how to search archived logs:

   Click File > Search Archive.

   Click to view.

   This image shows how to disable history:

   Click Tools > Options, then click History. For Macintosh, click Preferences > Options, then click History and deselect display history in conversation windows.

   Click to view.

4. Using command line/terminal and browser to set options: Obviously all the applications that let users set preferences/options related to that application are available to the end-user only when the application is started. But what if a user wants to set options to the application before it starts? (Something like running the application in the background.) GroupWise Messenger offers options like running the application in background, setting GW server details before starting the application itself, etc. All these options can be set from command line/terminal or from the browser.

   It's simple to do.

   The following are the command line options that we can set when starting GroupWise Messenger:

   Startup Option What It Does /l-xx Sets the user interface language. XX is the two-letter ANSI language abbreviation. /background Starts GroupWise Messenger without showing the mainwindow. /u-xxx or /@u-xxx Specifies what user ID to log in with. XXX is the user ID. /ipa-xxx Specifies the IP address to log in with. XXX is the IP address. /ipp-xxx Specifies the IP port to log in with. XXX is the IP port. /import-filename Imports a specific contacts list. filename is the .nmx file. /multi Starts multiple instances of the GroupWise Messenger client.

5. Integrating GroupWise Messenger with GroupWise Client: (This functionality is available only for Windows environments.)

   As discussed in introduction, GroupWise has a full-featured mail client too. In a corporate office, GroupWise is connected to Novell eDirectory server, and you can take some actions from within both email and Messenger programs.

   GW mail client offers:

   1. GW mail client application has the option to send instant messages to other users
   2. GW mail client allows you to see the status of other users
   3. GW mail client allows you to see the contact list
   4. You can start GroupWise Messenger along with GW mail client
   5. You can change preferences of GroupWise Messenger from GW mail client

   GW Instant Messenger offers

   1. Sending GroupWise email from GroupWise Messenger
6. Support with other protocols: Other applications and protocols like iChat, Adium, Pidgin (Gaim previously), mobile clients like Blackberry, etc., are configurable to use the GroupWise Messenger client without hacking anything.

   I actually use Adium to connect to GW server instead of using Novell's Java-based Messenger client. The fact that Adium integrates with Growl for notifications, appling themes, colors, etc., made me to use it. Still I get all the functionality of GW instant messenger. Configuring Adium with GW server is also easy.

Note: GroupWise Instant Messenger is a feature of GroupWise, and is not sold separately. GroupWise Instant Messenger comes with the WebAccess version of GroupWise – which is a less-expensive alternative to the full GroupWise Client for Linux, Mac, and Windows. You can buy the WebAccess version from here.

More Articles about GroupWise Corporate Instant Messenger

• Benefits of GroupWise Instant Messenger
• Enhancing Productivity with GroupWise Instant Messenger
• GroupWise Corporate Instant Messenger - who's in the office right now?
• Using GroupWise Corporate Instant Messenger to improve Collaboration and Productivity
• GroupWise Messenger: Communication with the Front Line

• Collaboration Cool Solutions

If your plans next week include the Open Source Business Conference in San Francisco, be sure to sit in for the Novell roundtable on software appliances. Scheduled for Thursday, March 18, 9:45 to 10:15 a.m, the roundtable is led by Novell’s Carlos Montero-Luque and brings together executives from GroundWork Open Source, Ingres, IBM and SAP. These industry experts will discuss how trends, such as cloud computing, are driving the explosive demand for software appliances, how appliances are transforming the software delivery paradigm and why open source is the key enabler of this growing market.

by Bob Bentley

During the economic downturn, while organizations were cutting expenses wherever they could, compliance-related spending actually grew. This continued growth in spending reflects the simple fact that public companies required to hold customer data, which includes just about everybody, have very strong regulatory incentives to make sure that security and governance as to who’s got access to what sensitive resources is well controlled and managed.

These ongoing regulatory pressures have brought about a major shift in the identity and access management market. Specifically, organizations are investing in these solutions today not for purposes of automation and cost reduction, as was the case in the past, but in order to maintain and manage to ever-higher compliance standards.

Compliance has been a mounting concern ever since the days of Enron and related financial fiascos. It became clear that the real issue behind these events was that people weren’t really being governed very well. To put it simply, people had access to, and were able to make decisions and take action with, very sensitive IT systems when they really shouldn’t have.

What followed in the wake of these scandals were a host of regulatory movements all around the world – in the US, Europe, Japan, etc. – where there were all kinds of new government rules and regulations telling corporations very clearly, “You need to govern the access that people have to make sure that it’s appropriate and not excessive, that people aren’t accumulating rights as they go from one job to another within the same organization, and that when people leave the organization that their access rights to these very sensitive tools that are used everyday are quickly terminated.”

At the same time, the message came down that you, as an organization, have to be able to protect any customer information that you may be holding. For example, if you are a credit card company, you probably have a lot of information about people that is very sensitive and could be used in a damaging way if it got out. Therefore, according to these government edicts, you had to have adequate controls in place to prevent people from hacking in to your systems from the outside as well as to prevent insiders with elevated privileges from getting access to and misusing sensitive data.

One result of this regulatory evolution is that demands placed on identity and access management systems have changed. Indeed, it would be fair to say that these systems are becoming in effect “compliance systems.” Specifically, this means that they are expected, among other things, to increase the visibility and the availability of information for decision makers and stakeholders with regards to who has access to what in their organization.

Indeed, to meet the demands of these clients, identity systems are evolving to not only determine the level of compliance across the enterprise, but also to be able to enforce compliance on a relatively real-time basis. The ultimate ideal is to have identity systems, such as those that we have developed, which are policy-driven and able to prevent bad things from happening in the first place, or detect things, such as the creation of an unauthorized user in my accounts payable system, and reverse them in real-time.

To put it another way, in order to determine compliance any good identity management solution will give you good visibility into the current state of things – Who has access to what right now? What was that like a month ago or a year ago? Who did what with the resources they were granted? – but a state-of-the-art system will allow you to maintain real-time control and actually manage to compliance on an ongoing basis.

Do you see compliance management as the key function of identity management today?

this blog (http://ccsblog.burtongroup.com/collaboration_and_content/2010/03/elliottnovell-what-might-happen-to-groupwise.html) by Bill Pray (http://www.burtongroup.com/AboutUs/Bios/PrintBio.aspx?Id=169), previous GroupWise Product Manager, on the future of GroupWise. What-if... The bid by Elliott for Novell has lead to speculation on what may happen should the buyout be successful. Blogs from Drue Reeves (Novell Going Private (http://dcsblog.burtongroup.com/data_center_strategies/2010/03/novell-going-private.html)?) and Richard Jones (Elliott/Novell: Implications on SUSE (http://dcsblog.burtongroup.com/data_center_strategies/2010/03/elliottnovell-implications-on-suse.html)) have highlighted their observations. Having been a former Novell employee and product manager for GroupWise, I want to take the opportunity to add my observations on what might happen to Novell’s communications and collaboration technologies should the buyout occur. GroupWise has been a solid, mature, feature rich, enterprise solution for many years.

Check out this blog by Bill Pray, previous GroupWise Product Manager, on the future of GroupWise. What-if… The bid by Elliott for Novell has lead to speculation on what may happen should the buyout be successful. Blogs from Drue Reeves (Novell Going Private?) and Richard Jones (Elliott/Novell: Implications on SUSE) have highlighted their observations. Having [...]

Check out this video – State of the Internet 2010 – Remarkable Stats on the State of the Internet – a must-watch video! _

If you are an employee, an IT administrator or a CIO, you are probably either using social media tools, are looking to get control of their use or are worried about their impact. So, you are probably wondering what a perfect world would look like when it comes to your enterprise social environment.

Join Wendy Steinle, Novell Director of Solutions and Product Marketing for End-User Computing, in this next video installment to learn more about how users, enterprise IT admins and CIOs can all find happiness in the continually evolving world of social collaboration tools.

Osterman Research has just published a major study of messaging in the small- and mid-sized business (SMB) market in North America. Here’s some of what was found: * Interestingly, despite the fact that SaaS can reduce the cost of providing email, particularly for smaller organizations, many decision makers are absolutely against the [...]