A utility to help get the red out of Novell Directory Services

When Microsoft released Windows NT 4.0, it included the NWConvert utility to help organizations migrate NetWare bindery-based servers to NT. NWConvert was an effective tool that performed well for shops that didn't use Novell Directory Services (NDS). Now, as Microsoft's server market share continues to increase, the company has redrawn the battle lines in its competition with Novell. No longer focused solely on increasing its NT Server sales, Microsoft is fighting for control of the enterprise directory namespace.

Active Directory (AD) is Microsoft's foremost weapon in the fight for directory dominance. Microsoft has positioned AD to be a robust, enterprisewide directory. And NT 5.0 includes Directory Service Migration Tool, a new utility that lets you migrate all or part of an NDS or bindery-based directory to AD. The utility migrates NetWare users, groups, files, rights, and container structures to their counterparts in AD. Directory Service Migration Tool lets you divide migrations into projects, so you can migrate sections of an NDS directory one at a time and make a large migration manageable.

When you run the utility, NT queries selected parts of your NDS tree, obtains necessary data, and writes the data to a local database. You can view and manipulate your NDS data in the Directory Service Migration Tool database before entering the data in AD, and the changes don't affect your production NetWare environment. This ability to manipulate your NDS information before writing it to AD is great because it lets you work at your own pace during a migration. In addition, because this utility transfers your directory data across the network, you don't risk damage to your NDS structure during the migration.

You must decide for yourself whether to migrate your NDS directory to AD. (For more information about NDS and NetWare-to-NT migrations, see "Related Articles in Windows NT Magazine," page 164.) If you decide to make the transition, this utility makes the process less difficult.

Installation
Before you can use Directory Service Migration Tool, you need to install an appropriate protocol on your NT 5.0 server to connect to your NetWare servers and the Gateway Services for NetWare (GSNW) client. Then, select the Add/Remove Programs applet in Control Panel, and choose the Windows NT Setup tab. Double-click Networking Options and select Directory Service Migration Tool. The utility installs as a Microsoft Management Console (MMC) snap-in.

Next, you need to add the snap-in to an MMC file. Run mmc.exe to launch MMC, then select Add/Remove Snap-in from the File menu and select Add, Directory Service Migration Tool, as Screen 1 shows. Save this MMC configuration for easy future access: Select Console, Save As to save the configuration as an MMC (.msc) file. By default, MMC saves the .msc file in the My Administrative Tools directory for the user account you used to log on. If you save the configuration in this directory, MMC puts the utility on your Start menu.

Migrating NDS to AD
After you add the utility to an MMC file, you can start creating projects. The utility lets you add new projects as you work through different phases of your NDS migration. For example, you might create a separate project for each of your company's servers or offices. This feature is important because an enterprise directory migration is a large task. You need to plan, check, and double-check your work every step of the way, and you need to make sure you have reliable backups. To create a new project, right-click Directory Service Migration Tool in MMC and select New, Project.

To start importing NDS information from NetWare, right-click the project you defined and select New, View from NetWare to start Directory Service Migration Tool's Discover Wizard. The wizard prompts you for the information it needs to begin the import process. During step 2, which Screen 2 depicts, the wizard asks you to select one or more contexts (organizations or organizational units--OUs) to import into your project. Select the contexts you want to import, then click Add Context to add them to the Selected Contexts pane of the Discover Wizard window, then click Next. The wizard will finish, and Directory Service Migration Tool will start importing your NDS information into the database.

Screen 2 shows a project in which I asked Directory Service Migration Tool to import the CONSTELLATION organization object, which resides within the CONSTELLATION NDS tree on the ORION intraNetWare server. The organization object consists of a few users and other NDS objects, as Screen 3 shows.

When the Directory Service Migration Tool discovery process finishes, the utility lets you know whether it generated any error messages or warnings during the discovery process. You need to look into any problems the utility reports. Click Log Viewer to look through an Event Viewer-type log to investigate problems that the utility encountered while importing your NDS directory. Directory Service Migration Tool logged two errors and four warning events during my migration of CONSTELLATION. One warning event reported that Directory Service Migration Tool didn't support the NDS object for the queue LASERJET, so the utility couldn't import LASERJET. Screen 4 shows this warning.

   Prev. page   [1] 2     next page



You must log on before posting a comment.

If you don't have a username & password, please register now.

Reader Comments

<i>Windows NT Magazine </i>is fond of saying, “We’re not owned by Microsoft.” If that’s true, what’s up with the opening page (page 161) of Douglas Toombs’ “NT 5.0’s Directory Service Migration Tool” (November 1998)? The article and illustration imply that Active Directory (AD) is superior to Novell Directory Services (NDS). From what I’ve read about both directory services, nothing could be further from the truth. Why didn’t you publish an article comparing the two directory services? I don’t mean something like the article you ran a few months back encompassing all the available directories from every vendor—–I mean a direct, unbiased comparison between NDS and AD. Wouldn’t that kind of article help readers decide which directory is most appropriate for their situations? If you can’t run such an article, how can you print an article concerning migrating from NDS to AD? How are we to know that we are not migrating to an inferior product? In the same issue, on the other end of the prejudicial spectrum is David Chernicoff’s NT Intelligence: “Walking the Walk and Talking the Talk,” which was a breath of fresh air to me. Wouldn’t it be nice if the entire magazine followed the logic and reason in this all-too-rare and excellent piece. Your masthead contains a funny bit of irony in “Writing for <i>Windows NT Magazine</i>.” The statement reads, “All articles are edited to ensure that they conform to our editorial standards of quality and objectivity.” I agree with the quality part, but if page 161 is “objective,” I think you need to relearn the meaning of the word.<br> --James Petro<br><br>

Windows NT Magazine <i>appreciates reader feedback; we take it very seriously. Administrators who work with NT every day and want to share their discoveries and solutions with fellow professionals write most of the magazine’s articles. Of the two articles that you mention, an employee of the magazine wrote “Walking the Walk and Talking the Talk.” We ensure that articles are technically accurate, but we don’t tell our authors what position to take. We encourage authors to express their opinions.<br> --Karen Forster</i>

James Petro- August 06, 1999

HI,

I'm wondering if this DSMT is still existing? I cannot find it in Windows 2000 server. Are we suppose to use the MSDSS tools instead?

regds

Mel- February 28, 2003

 
 

ADS BY GOOGLE