2.2 NMAS Software

NMAS is included as a bundled product with Novell eDirectory. The software image includes the following:

NMAS client software is available with the Novell Client for Windows and with Novell SecureLogin.

2.2.1 Server and Client Software Installation

NMAS server-side software must be installed with eDirectory 8.7.3 or later. NMAS client-side software must be installed on each client workstation that will access the network using the NMAS login methods. After installation, NMAS is managed using iManager or ConsoleOne.

The NMAS client software now ships with the Novell Client. For more information, refer to the Novell Client for Windows documentation.

During the installation, NMAS extends the eDirectory schema and creates new objects in the Security container in the eDirectory tree. These new objects are the Authorized Login Methods container, the Authorized Post-Login Methods container, the Security Policy object, and the Login Policy object. All login methods are stored and managed in the Authorized Login Methods container. All post-login methods are stored and managed in the Authorized Post-Login Methods container.

2.2.2 Login Method Software and Partners

Software and Partners

Several currently supported login methods are available on the NMAS software image.

NMAS software includes support for a number of login methods from third-party authentication developers. Refer to the Novell Partners Web site for a list of Novell partners.

Each partner that develops login methods for NMAS addresses network authentication with unique product features and characteristics. Therefore, each login method varies in its actual security properties.

Novell has not evaluated the security methodologies of these partner products, so although these products might have qualified for the Novell Yes, Tested & Approved or Novell Directory Enabled logos, those logos relate to general product interoperability only.

We encourage you to carefully investigate each partner's product features to determine which product will best meet your security needs. Also note that some login methods require additional hardware and software not included with the NMAS product.

Installing a Login Method

NMAS login methods (server software, plug-ins, and snap-ins) can be installed by using the following:

  • nmasinst (available on all eDirectory platforms), which requires eDirectory to be installed

  • iManager plug-in

  • ConsoleOne snap-in

For more information on installing a login method, see Section 3.1, Installing a Login Method.

2.2.3 Universal Password

Universal Password is a way to simplify the integration and management of different password and authentication systems into a coherent network. It provides one password for all access to eDirectory, enables the use of extended characters in passwords, enables advanced password policy enforcement, and allows synchronization of passwords from eDirectory to other systems.

For more information on Universal Password, see the Novell Password Management 3.3.2 Administration Guide.

2.2.4 iManager and ConsoleOne Management

You can manage NMAS by using iManager or ConsoleOne. Novell iManager is a Web-based utility for managing eDirectory. ConsoleOne is a GUI-based Java* utility for managing eDirectory. Specific property pages in each utility let you manage login methods, login sequences, enrollment, and graded authentication.

By default, NMAS installs the standard NDS password login method. Additional login methods can be installed by using ConsoleOne, iManager, and a wizard launched from the Authorized Login Methods container using the Create New Object option. Post-login methods can be installed using a wizard launched from the Authorized Post-Login Methods container using the Create New Object option.

For more information about installing login methods, see Section 3.1, Installing a Login Method.