Red Hat Acquires Netscape Server Products 257
KrisWithAK writes "According to a press release, Red Hat is acquiring parts of the Netscape Enterprise Suite including the directory server and certificate management system. I am definitely looking forward to more open source competition with OpenLDAP!"
What';s wrong with OpenLDAP? (Score:5, Informative)
OpenLDAP seemed to work fine, although maybe it was because we weren't really loading it up too much...
Re:What';s wrong with OpenLDAP? (Score:4, Informative)
Re:What';s wrong with OpenLDAP? (Score:4, Informative)
Re:What';s wrong with OpenLDAP? (Score:2, Interesting)
Netscape Enterprise Server? Really? (Score:3, Interesting)
Re:Netscape Enterprise Server? Really? (Score:3, Informative)
Very very similar products, both good.
Re:Netscape Enterprise Server? Really? (Score:3, Interesting)
I've fairly regularly seen little Netscape 'N' logos as the favourites icon in Safari. I can't imagine anyone intentionally setting it to such a thing, so are they from Netscape servers where the icon is still set to the default?
Shot across the bow to Novell/SuSE (Score:5, Insightful)
I didn't even realize there still was a standalone Netscape offerring. We migrated from Netscape to iPlanet to Sun Web to Sun Java One (or something like that). Anybody out there stick with the Netscape product?
This is a direct challenge to Novell/SuSE and Novell Directory Services [or eDirectory, or whatever they're calling it this week].
Red Hat must have realized that they needed a directory offering to compete in the enterprise.
That gives us four major directory vendors:
PS: Now that the Netscape browser has devolved into Firefox, and the enterprise stuff has been sold to Red Hat, does Netscape still exist as an independent company [other than some "portal" site on the web]?PPS: And are there any /. CPAs who'd care to calculate AOL's return on investment from the Netscape purchase?
Re:Shot across the bow to Novell/SuSE (Score:2)
When I used NES (not Nintendo!) on Netware it worked great with NDS. My first thought when reading this was it would have been a better fit for Novell. And that was before MS did the same with IIS/AD.
Re:Shot across the bow to Novell/SuSE (Score:3, Informative)
The answer is no. I wasn't even aware that Netscape still had server products; I thought part of the AOL/Netscape merger was that all of those were sold off to Sun as iPlanet.
July 2003 was when all Netscape browser developers were fired from AOL, and AOL now has no relationship with Mozilla other tha
Re:Netscape Enterprise Server? Really? (Score:2)
Yep. The US Department of Defense has an enterprise license agreement with Netscape for their browser, directory, and certificate authority products. DoD's public key infrastructure is implemented with netscape's CA and directory products.
Ease of LDAP. (Score:5, Insightful)
I'm looking more for an LDAP that's easy to setup and run.
Re:Ease of LDAP. (Score:5, Informative)
Regards,
Steve
Re:Ease of LDAP. (Score:2)
Re:Ease of LDAP. (Score:5, Informative)
I, for one, welcome our new LDAP overlords!
With that said, let me also say that I've been working with Sun's iPlanet Directory server since they acquired it from Netscape. It's used for our iPlanet mail suite. In a word, it sucks ass. The intial migration from Netscape Directory server 3.x to iPlanet's directory server was a nightmare. The documentation on the schema layout for mail was non-existent. (Still is as far as I know) There were no migration tools. I just had to dump the Netscape Directory server data to a huge text file. iPlanet support then told me to go through this file by hand and edit or remove any of the lines that didn't apply or had the wrong format. !!!! WTF!? I spent months of late nights pushing the file back and forth between OpenVMS and Solaris just so my boss could use DCL and EDT to make most of the changes needed. The migration actually took me about a year and a half and there is still detritus floating around the LDAP directory. I now have a better understanding of the user account portion of iPlanet's schema, but no thanks to Sun. iPlanet sucks. I can only hope that Redhat will do a better job with what they've acquired.
One last bit to my rant:
Sun STILL has portions of the old Netscape administration tools in the iPlanet suite. This wouldn't be a problem except for the fact that they still kind of work. Enough to damage LDAP data. According to their support they told me to NOT use those tools. THEN WHY THE HELL ARE THEY STILL INCLUDED!!!!??? Crap. Pure crap.
Re:Ease of LDAP. (Score:3, Informative)
Second, the directory server is a great product (probably one of the few great products left unscathed by Sun).
The problems you are seeing are Sun's failure to integrate the iPlanet products well, which only got worse with JES 6.0 - For instance when they added pmdf to the messaging server and changed to the 5.x schema, they broke all the Messaging user admin in Console, and never fixed them or came up with reasonable replac
Re:Ease of LDAP. (Score:2)
Looks like a good fit. (Score:2, Insightful)
1. How does the Netscape Directory Server compare to OpenLDAP?
2. Are the two interoperable?
Re:Looks like a good fit. (Score:5, Informative)
Here's the feature guide [netscape.com] for Directory Server 6.21.
Re:Looks like a good fit. (Score:4, Informative)
2. Yes, sort of. Some forms of replication can work, and both are standard ldap servers. As far as I know (I haven't used openldap for a bit) openldap cannot understand Netscape/iPlanet/Sun Directory server's new replication.
Re:Looks like a good fit. (Score:2, Informative)
Re:Looks like a good fit. (Score:2, Informative)
AOL already uses it..... (Score:5, Interesting)
I hope they can advance enough to make some real competition for Microsoft Active Directory. I know a huge reason Windows shops never consider an alternative is because the AD GPO allows for some very granular management of AD resources.
Re:AOL already uses it..... (Score:2)
Re:AOL already uses it..... (Score:2)
Re:AOL already uses it..... (Score:2)
pGina (Score:4, Informative)
always preview (Score:3, Informative)
That's still around? (Score:4, Insightful)
Do you mind if I ask, how worthwhile are these products to Redhat? What kind of state are they in? How recently have they been updated, are they still in active development or just maitenence mode? Does anyone still use them? And do they offer any worthwhile features or functionality not already available in free products?
Re:That's still around? (Score:3, Interesting)
That's the only thing of interest to me, personally. I think apache's web server eclipsed them a while ago.
Re:That's still around? (Score:5, Interesting)
Regards,
Steve
Re:That's still around? (Score:2, Interesting)
We run iPlanet on several hundred web servers and have a SunONE pilot looking to cover around 25 million users. iPlanet stuff seems to be smooth; SunONE has been...challenging.
As I understand, tho, what RedHat got isn't the new stuff we are using.
Re:That's still around? (Score:2)
I have no idea what you are doing, so I don't know if this would help, but if I needed dozens or hundreds of web servers I would use Zeus Web Server [zeus.com]. It's the best web server on the market and designed for high traffic, clustering and easy administration.
I use Zeus and because of it I don't need dozens of web servers.
Re:That's still around? (Score:3, Informative)
Selling [google.com] pet food [google.com] on [google.com] the internet [google.com] *is* a good idea, or at least a profitable one.
Re:That's still around? (Score:2, Informative)
For RedHat, it means they can compete in the enterprise directory market. Sun's services run on Linux as well as Solaris for x86, so RedHat needs these to maintain any kind of competitive stance. Its a good buy for them since AOL isn't doing anything with the products.
Does OpenLDAP even work? (Score:4, Interesting)
I have maintained Netscape/iPlanet LDAP servers before and they may not be perfect, but they worked. Perhaps a good open source LDAP server will help LDAP become a viable alternative to Windows Directory or other authentication systems.
I thought I read about a Java LDAP server once, but never looked into it much.
Re:Does OpenLDAP even work? (Score:5, Insightful)
LDAP in general and OpenLDAP in particuliar is a complex subject. The initial learning curve is pretty steep. Good luck with it.
Re:Does OpenLDAP even work? (Score:5, Informative)
We use it to authenticate our email and calendar users (from two different servers). I'm migrating us off our OLD Netware servers (damn lean budget years!) to Samba and am setting Samba to authenticate against it as well, finally giving our users a single userid and password for all our services.
OpenLDAP is lightweight (size and CPU-wise), robust, and reliable. It's also really easy to set up if you use the version included with your distribution. You can also replicate the server to give yourself good fault-tolerance on another piece of hardware.
RedHat has good online documentation on their website in the RHEL Reference Guide that should help explain things to you a bit.
Re:Does OpenLDAP even work? (Score:2)
What I think is a real problem: the lack of a user-friendly tool to maintain the database.
Some open source tools exist but they are too low-level. E.g. they operate on the level of "add record" and "add attribute".
What you need is a tool that can be user-configured, and comes with panels f
Re:Does OpenLDAP even work? (Score:2)
This is NOT what I need. And not what the average user needs, I think.
What I need is a program that displays complete panels with all information about a certain object (maybe on more than one tab) that allows editing on the object level.
Just consider a simple, very typical case: a new employee joined the company, you want to add a person record.
Do you want to type a DN, add the record, then one by one open all kinds of at
Re:Does OpenLDAP even work? (Score:2)
Re:Does OpenLDAP even work? (Score:2)
Yeah, I can feel your pain. I feel the same way and need a similar tool too. However, you have to keep in mind that LDAP object are by definition extensible, and the schema modifiable. This make writing a general-purpose tool pretty hard.
I am not quite sure why you hav
Re:Does OpenLDAP even work? (Score:3, Insightful)
Re:Does OpenLDAP even work? (Score:2)
Re:Does OpenLDAP even work? (Score:2)
The main problem is with the "do one thing well" philosophy, which is generally laudable from a technical standpoint but sometimes leaves users needing more. Most people don't need just a directory server, but a set of specific directory services built on the directory server. With time and patience you can build what you need. But if you don't have the time or the patience, then you need to look elsewhere.
This pretty much characterized my own foray into using OpenLDAP, which w
Re:Does OpenLDAP even work? (Score:4, Interesting)
Novell sucks because there are some things you can do only in NWAdmin, others you can do only in ConsoleOne. Dumb. That's from Netware 5.1 and 6.0 though, maybe their newer stuff has improved.
Lotus Domino's admin software sucks because everything is buried under 17 layers and if you click the wrong 'X' in the interface, you lose all 17 layers and have to start over. I hate Domino.
iPlanet/SunOne's GUI interface isn't too bad but seems to be really slow, even on a 2GHz server with very few users(?). For advanced config options, you sometimes have to resort to editing a text file (albeit still within the admin GUI), which is one weak point.
AD seems to have got it right with the ADUC and other MMC snap-ins, although if you get in and start messing around with permissions and GPOs you'd better know exactly what the heck you are doing because it's real easy to change things in ways you never expected (or in other words, break AD). The only drawback is, you don't have much low-level control over LDAP attributes and things -- you're just kind of stuck with 'the Microsoft Way' of doing things.
In short, there is no perfect solution. I favor OpenLDAP just because it's OSS but the installation (from source) and the learning curve are both unpleasant. If you're a clueless MCSE-type and just want a quick LDAP directory, I'm afraid AD is the least painful route... if you don't mind clicking a soul-sucking EULA and bleeding ridiculous licensing fees to the Evil Empire.
are they gonna open source it? (Score:2, Insightful)
Also, is there any reference documentation for the Open Source Architecture? I'd love it, cause as it stands, sometimes open sources like a disorganized mess.
Re:are they gonna open source it? (Score:5, Interesting)
Regards,
Steve
Re:are they gonna open source it? (Score:2)
Increasing Power of Red Hat (Score:5, Insightful)
Re:Increasing Power of Red Hat (Score:4, Insightful)
Which is a shame from AOL's perspective since now their AOL client is stuck with an obsolete browser engine, written by their mortal enemy. They could have gone to Gecko but they chose not to. Oh yes - I'm sure MS will be leaping up and down to add new functionality for AOL's sake - NOT.
The sad thing is there were (and are) AOL products that do use Gecko, including at one stage beta of the AOL client. But rather stupidly they never followed through in any serious manner. If they had shipped an AOL client using Gecko there would now be 25+ million additional non-IE users in the US. Even where they did use it, such as AOL Communicator (a Thunderbird like email client) they basically screwed the pooch by implementing the whole app in C++ and using Gecko just to render HTML mail. How stupid is that given they could have written it in XUL in less time?
AOL just doesn't get it. Technology is for them just the means to stick a big shiny button on the start page. That's as good as it gets. Technical considerations such as standards compliance play second fiddle to marketing and dumb ideas to keep their audience happy. I also reckon there was a lot of infighting between the 'establishment' (who develop against IE) and those who want to try something risky even if it means flux in the short term.
Well that's too bad for them. Their customer base is dwindling - sick of the monolithic client, sick of the AWFUL email, sick of the incestuous links, and sick of the pricing. These days I reckon all but the most helpless of their users would be happier with barebones broadband, Firefox / IE combined with an email app. AOL is going to find itself in a niche if it doesn't change soon.
Re:Increasing Power of Red Hat (Score:2)
On Windows it is a different story. I imagine that the IE browser component is simple enough to flip out (assuming it is encapsulated), but that is only half the battle. The AOL site is probably riddled services and features that rely on MS specific DHTML, ActiveX and wh
Please tell me about Netscape LDAP server ACL (Score:5, Interesting)
For those who are familiar with Netscape LDAP server, could you teach me a bit about its ACL management capability ? OpenLDAP, in this regard, is pathetic. The ACL have to be written in some kind of filter language *inside* the config file, which need a restart/reload to take effect. It is very error-prone and basically the part of OpenLDAP that give me the most troubles. How is Netscape in this regard ? Can you define by-object ACL ? How are they stored ? How do you manage them ?
Thanks for you insights !
Re:Please tell me about Netscape LDAP server ACL (Score:4, Informative)
Re:Please tell me about Netscape LDAP server ACL (Score:2)
It's been a while since I maintained one, but it used to be pretty cool. You can put an ACL-attribute into every entry, and the ACL in that entry then applies to it and all entries below it in the tree. As I recall, the ACL can be in an LDAP search format so you can basically make things as complicated as you want.
IIRC, there was an upper limit to the amount of ACLs you could put in the
Re:Please tell me about Netscape LDAP server ACL (Score:3, Informative)
Re:Please tell me about Netscape LDAP server ACL (Score:4, Informative)
You forgot the <smartass> tag. You did mean that sarcastically, didn't you?
I replaced NIS with OpenLDAP on a small network and have a lot of love for it, but your example looked like a Sendmail config file rewritten as APL macros piped through Perl with a couple of trips through Babelfish. That is, I recognized a few words but have no freakin' idea what you were trying to say.
I sincerely hope Netscape provides some good competition to OpenLDAP, because I'd like to think I'll never have to try to understand what you just wrote.
Re:Please tell me about Netscape LDAP server ACL (Score:2)
And that is why I'm still using NIS. The wire protocol for LDAP may well be very efficient. But LDAP in general, and OpenLDAP in particular, is a nightmare to configure, and I just don't have the time to beat in into submission. NIS is up and running in 5 minutes, and requires essentially zero
Re:Please tell me about Netscape LDAP server ACL (Score:2, Informative)
The filters make a LOT of sense, he put some simple ones in there, but you get the hang of it:
If the target attribute is not "userPassword", (then a version number, and a description) then allow read, search, or comp
Re:Please tell me about Netscape LDAP server ACL (Score:2)
[snip] strange characters... [/snip]
Please tell me there is a GUI admin utility allowing you to set ACLs !?
What's the point? (Score:2, Interesting)
The schizophrenia that Red Hat is displaying makes Sun & Oracle look sane by comparison.
Sun vs. AOL (Score:2)
i.e., Sun Downloads [sun.com]
Re:Sun vs. AOL (Score:3, Informative)
Re:Sun vs. AOL (Score:2, Interesting)
Netscape Servers (Score:2, Informative)
Netscape Directory Server... (Score:4, Interesting)
They were relatively trouble free, much more so than some of the other "Netscape" products (Calendar Server)...
Once in awhile they would hang, without any sort of error indication, no log entries or the like, which made troubleshooting them very problematic.
The management interface was a Java app, which seemed fairly primitive,compared to NDS/eDirectory which I have used for about 9 years and AD which I have used since late 2000.
Overall, I'd say my experience with Netscape Directory Server was positive, but it really could use some updating, if it hasn't been already...
open Virtual machine (for java, C# python perl) (Score:2)
then we would not have to worry about all the nightmare of java / mono / interpreters
then we would be free
I know there is parrot but larry et al are slow nowadays redhat could get java or C# through GCC and life would be nicer
regards
John Jones
Re:open Virtual machine (for java, C# python perl) (Score:3)
For the moment Red Hat has been extensively involved in things like the GNU java compiler. That has an additional advantage over a virtual machine - it can generate native code so you can program in java and get sane memory consumption and performance, while jits generally only achive one of the two (or neither usually)
The significance of this... (Score:5, Interesting)
Re:The significance of this... (Score:2)
"Best" is very much in the eye of the beholder....
Re:The significance of this... (Score:2, Informative)
Calendar Server (Score:3, Insightful)
Way back, I installed it at an R&D facility; the client worked across platforms (solaris and windows) and provided an alternative to the nasty exchange lock-in.
Is there *any* alternative to Exchange now?
Re:Calendar Server (Score:2)
GroupWise.
I was a GroupWise/WordPerfect Office administrator for about 10 years...
One of my employers replaced it with Netscape Messaging Server (A mistake IMHO) and another replaced it with Lotus Notes (Another mistake).
My current employer uses Exchange, for which I am the admin.
Outside of the obvious problems with Outlook, Exchange isn't all that bad, but GroupWise is still better.
I have had GroupWise servers which hadn't been rebooted in years...That's rea
Re:Calendar Server (Score:4, Informative)
It became iPlanet CS, which became SunONE CS and is integrated into the Sun JES stack. It now includes an Outlook connector.
http://wwws.sun.com/software/products/calendar_
Re:Calendar Server (Score:2)
So whatever happened to Netscape's calendar server?
If I'm not entierly misinformed, it ended up with a company named Steltor who developed it further under the name CorporateTime. A year or two ago they in turn got bought by Oracle and it's now called Oracle Calendar. It's still actively developed.
/greger
Re:Calendar Server (Score:2, Informative)
Meeting Maker is a semi-reasonable cross-platform alternative to exchange for calendaring. They support the mac well, and they have a java/web client. They have a (motif) solaris client for the older versions which they never ported to linux, i think that this has been discontinued with the current version. However I think they have something more coming with the upcoming product.
You can make the windows client work in Wine, and the web/java client works standalone with a 1.3.1
Re:Calendar Server (Score:3, Informative)
For proof, I did an implementation for over 1 million users of calendar, directory and messaging. Its run on three 6800's (two for messaging, one for calendar, all doma
A smart move (Score:5, Interesting)
By acquiring this software, Red Hat immediately improves the value proposition of their platform. By open sourcing it, the software can quickly gain mindshare and installed base. Imagine what would have happened if Novell had done this in, say, 1999. There'd be NDS everywhere, and Active Directory wouldn't have nearly the penetration it does today.
Re:A smart move (Score:2)
Re:A smart move (Score:2)
Re:A smart move (Score:2)
Soon to be? edirectory runs really well on linux, in fact our onsite novell guy told me that they are seeing better performance in their labs from edirectory on suse linux than they are from edirectory on solaris...
But agreed, linux needs an inexpensive and easy to use directory server in order to gain significant ground in small and medium businesses.
Finally linux for CertServer and Calendar Server? (Score:3, Interesting)
3rd Party Source code to be removed. (Score:2, Interesting)
The MTA is written by Innosoft International (www.innosoft.com). So the question is will they be leaving out a vital component of the mail server or will they just have to give away the MTA as well.
Re:3rd Party Source code to be removed. (Score:2)
Also remember that ther Netscape MTA had horrific memory leaks, and the "solution" they adopted to fix that was that an MTA process would handel N transactions, then kill itself and fork off a new MTA instance.
There are fairly big chunks of third party software in all of the products as they
Re: (Score:2)
OpenLDAP vs Netscape's LDAP server (Score:4, Insightful)
OpenLDAP used about 20 megs of memory total, ramping up to 50 to 100 megs under heavy load. It could handle about 30 to 40 auths / searches a second.
Worse for the Netscape server was that it would just plain stop working after an hour or so of heavy load testing.
We went with OpenLDAP, and wrote our own edit screens for it since at the time it came with nothing very useful to a user (only ldapadd, etc... command line stuff).
After about a year of only handling the web server it was on we pointed our Peoplesoft implementation at it, which proceeded to increase our load from one auth every couple of seconds to about 10 auths a second. Other than the slightly larger number of openldap processes running, we never really noticed the load.
Hope that helps anyone looking at the two. I certainly would hope the Netscape server has gotten better, but everything I've read about it since then seems to say it hasn't.
Re:OpenLDAP vs Netscape's LDAP server (Score:2, Interesting)
The Netscape DS does not require or use multiple processes - it is a multi-threaded server. If configured correctly it will scale into the millions of entries, and 100's operations per second. For most deployments (and the server was pretty much sold into Fortu
Re:OpenLDAP vs Netscape's LDAP server (Score:2)
as an aside, we run multiple master, and a lot of our breakage comes from this.
2) OpenLDAP is multithreaded as well, not multiple processes.
The big issue we've found (and we run both) is complexity. OpenLDAP is a simple daemon, vs. netscape/iplanet is more of an environment, with a config direct
My only question - (Score:2)
Hopefully redhat will do the right thing here and not pull a microsoft... I'd love to run their product on suse linux, just as there are those who would want to run it on solaris...
Poor Timing? (Score:2)
Release the bad news, then drop the good news a day or two later.
Re-re-reinventing the wheel (Score:2)
-m
Let's Make A Deal! (Score:3, Funny)
AOL sells Netscape for $30 million.
Hmm.. Carry the 4... the 0's... Yep, that's a crap deal. Congrats to AOL and all parties involved.
And everyone was worried AOL would buy RedHat. Oh the irony!
I Welcome Great GUIs (Score:2)
This is where other comercial products do not typically shine when they are ported to to Linux and if the FOSS group can get this server suite (httpd, news, mail, calendar, proxy, and LDAP) it would be a huge bonus.
Ususally when a commercial port comes to Un*x it is a barebones, edit the configs with vi, sort of thing. Not that that is bad mind you. B
Scary! (Score:2)
At first I read it as "SCO Prominent On 2005 Budgets".
Well, it's almost Halloween.
ldap vs. sql (Score:2)
Re:ldap vs. sql (Score:4, Informative)
Essentially, LDAP directories fill niche roles, one of which is as an address book server, another is authentication services. In their niche, DS deployments are unequalled (and no, slapping an LDAP protocol interface on a SQL engine doesn't cut it.) One guiding principal is if you have 70/80% reads to 30/20% writes - a directory server may be a better option for your application. There are other considerations, but that is beyond the scope of this blah blah blah...
Re:ldap vs. sql (Score:3, Interesting)
A database that is not even in 1st normal form.
Other highlights include a hiarchical tree structure to store entries and extensive standard schema for many object types.
And primary keys called "dn"s (distinguished names) that reflect the tree structure in a kind of path, so that when you move objects around in the tree, the dn changes. You'll have to change all other attributes that contain this dn as a value in order to keep the tree consistent. There are no mecha
MS $witcheroo? (Score:2)
Apache? (Score:3, Interesting)
Will Red Hat dump the Apache webserver over the new noxious licensing?
OpenBSD has done so (by halting with an old release).
Re:I never thought I'd see the day... (Score:3, Interesting)
1. Netscape Directory Server was derived from the UMich LDAP implementation.
2. Netscape Messaging Server started life as Cyrus and Post.Office hacked together.
3. Netscape Collabra Server was an enhanced INN.
4. etc. and of course, let's not forget NCSA Mosaic...