NetWare 4.11 to 5 Update - Details

Two methods of upgrading:

1.In-place upgrade: install nw 5 on the same machine over existing files

• No additional hardware required
• Can use suballocation and disk compression on the vol
• Slight chance of data loss
• NW3.1x- 3.2 - 4.x - IFSB

2.Across-the-wire upgrade (migration): Must have an existing NetWare 5 server and NDS tree first. Install the Novell Upgrade Wizard on a workstation, log in to both old and new servers as Admin equivalent, run Upgrade Wizard, and create a new project. Drag and drop users, groups, volumes, printers, and other bindery objects from old server to their new locations in the NDS tree.

Novell Upgrade wizard : Move NW 3.1x bindery, passwords, security rights

• Can drag bindery and volume objects
• Source server remains intact
• Can migrate multiple server to a single one
• Checks for potential conflicts and errors

Choosing a protocol

• Pure IP needs NW5 client, IP address, subnet mask, router or gateway address
• IPX  loads and binds all detected IPX frames types, Ethernet_802.2
• IP and IPX : ease the transition to pure ip for adm can be bind to a single NIC

2 Use the Installation Program to Upgrade a NetWare 4.1x server to NetWare 5.
You should upgrade the server with the Master Replica of [Root] partition first.

1. Preparation for Server Upgrade

• Make 2 or more backups of existing file systems, bindery, and NDS
• Write down IRQ and I/O port of NICs
• Broadcast message to all users to log out
• Investigate all NLMs and .HAMs for compatibility issues

2. Performing the upgrade

• Install.bat
• Select the mouse and video drivers
• Automatic hardware detection, mounts volume SYS and load Java virtual machine
• Select the protocol for network boards
• Update NDS
• Install licensing *.nlf

3. Complete post-upgrade procedures

• Upgrade printing conf with NDPS
• Modify login scripts
• Upgrade NW client win95 --2.2 winnt –4.11

3 Use the Novell Upgrade Wizard to upgrade a NetWare 3.1x server to NetWare 5.

1. Install the Novell Upgrade wizard ||\products\upgrdwzd\upgrwzd.exe
2. Prepare for the migration
3. Launch the utility || rograms\novell\novell pgrade wizard\novell pgrade wizard
4. Prepare a project
5. Move objects from the project window || bindery objects and volume data
6. Verify that objects and files can be upgraded as specified From toolbar | click verification select project | verify project
7. Migrate the server components across the wire
8. Complete the post-migration steps

Notes

• On 3.x, consolidate user names from different servers
• Upgrade Workstations to Client32 version 2.2 or higher
• If servers are on different segments, disable SAP filtering
• NetWare 3.x requires upgrading NLMs with those from Upgrade Wizard
• On NetWare 3.1x, UNLOAD TSA31x.NLM, SMDR.NLM, SMDR32x.NLM, PXS.NLM, TLI.NLM, AFTER311.NLM, CLIB.NLM, A3112.NLM, STREAMS.NLM and LOAD TSA312.NLM in this order.
• Add any name spaces from old server to new server
• If upgrading from NetWare 2.x, you must do an intermediate upgrade to 3.x or 4.x first.

4. Explain Novell Licensing Services and add an additional license certificate.

Nls helps monitor and control the use of licensed software

Components

• License service providers LSP : license software that runs on nw srv
• Nls clients : request licensing services from LSP : licensing-enable software
• NDS objects : license container, Lsp, license certificate objects

Tools to install and create license certificates

• NetWare Administrator
• NLS Manager
• NWCONFIG.NLM

  5 Explain how NetWare 5 uses virtual memory.

• NetWare 5 uses virtual memory paging. Page size is 4K.
• Least used pages are moved to a swap file on a disk drive to free up RAM for other uses. Swap file is created on SYS during installation.
• Swap file shrinks and grows dynamically. Novell suggests deleting swap file on SYS and recreating swap files on other volumes
• one swap file per volume
• Data moved to virtual mem will be stored on any available swap file on any volume

Commands

• "SWAP ADD <volume name> [Parameters]" in Autoexec.ncf. Parameters of SWAP file can be MIN, MAX, and MIN FREE. SWAP by itself displays swap file info.
• "SWAP DEL <volume name>" deletes a swap file from a volume and moves its data to another volume.
• "SWAP PARAMETER <volume name> [Parameter]=<value>" changes swap file settings.

Use MONITOR.NLM --> Virtual Memory --> Swap Files to view swap statistics.

Disk Thrashing is excessive swapping of pages. The solution to thrashing is to add RAM.    

6 Describe the advantages, disadvantages, and storage concepts of the Novell Storage Services (NSS) file system.

Benefits:

• Handles files up to 8 TB
• Unlimited files in single directory
• Faster access to data in files
• Volumes mount and repair more quickly
• Low RAM Requirements (32MB minimum)
• Supports most types of storage devices
• Space on multiple devices can be combined into one volume
• Enhanced CD-ROM volume-mounting support
• Allows 4 NetWare partitions per disk
• Unlimited volumes per NetWare partition

Drawbacks:

• Transaction Tracking Services (TTS) not supported
• Disk striping/mirroring not supported
• Hierarchical Storage Management (HSM) not supported
• Real-Time Data Migration (RTDM) not supported
• File compression not supported
• VREPAIR not supported (uses VERIFY and REBUILD instead)
• NSS can’t be used on SYS.

Components

• Provider == scans devices to find free space. (NWPRV is the provider for NetWare volumes and MMPRV is the provider for IBM-compatible volumes.)
• Consumer == manages free space by placing a deposit object to register ownership. It builds logical, internal file input and output paths to helps NSS find stored data. It registers itself in the free space to prevent other consumers
• Storage group == represents all disk space on server regardless of device. Storage group can be organized into volume(s).

7 Set up Novell Storage Services (NSS) on your server.

• Design an NSS volume by identifying its intended purpose
• Create an NSS volume
• Load Nss.nlm

Use nwconfig.nlm to create NSS volumes.

8. Load support for Java applications on the NetWare 5 server.

• A Java Class is a full Java application
• A Java Applet is a Java program that runs in a web browser or applet viewer.
• Java class and applet names are case sensitive and require long filename support
• To load/unload the GUI console STARTX.NCF or UNLOAD STARTX.NCF
• C1START loads the GUI and then also ConsoleOne
• Java loads the Java Virtual machine
• Java applications are developed using the Java Abstract Widowing AWT toolkit. Nw5 supports Java apps written using the Java AWT or Java Foundation Class

Hardware requirements for Java

9. Launch Java programs and applets from the NetWare GUI.
+ �menuitem � Exec command
To run a Java app: JAVA [-options] <Class Path & Filename>
To run an applet: APPLET http://<URL to HTML file with applet tag>

10. Manage NetWare from the server using ConsoleOne.

To run ConsoleOne from a workstation, run SYS:\PUBLIC\MGMT\Console1.exe

ConsoleOne can be used to:

• Rename, Copy, Delete files in volumes
• Edit text files (including server config files)
• Administer NDS (But will only create new Group, Org., Org. Unit, or User objects)
• Access local and remote server console consoles
• Manage the local server file system

Remote server access (requires RCONAG6.NLM on server). Go to My Server, Tools, RConsoleJ. In right pane, enter server's IP address and password, click Connect.

11 Install DNS and DHCP services.

1. Extend the schema and create default DNS\DHCP objects
2. Install novell client on adm machine sys:\public\dnsdhcp\setup.exe
3. Install DNS\DHCP management console and NW adm snap-in files

Three ways to install DNS/DHCP on server:

• Select it during initial installation;
• Use DNIPINST.NLM; or
• In the GUI console, click the Novell button, then Install, then New Products.

The workstation software is a Java app called the DNS/DHCP Management Console. To install it, run SYS:\PUBLIC\DNSDHCP\SETUP.EXE. It adds a snap-in to NetWare Administrator and it places an icon on your desktop. The DNS/DHCP Mgmt Console has two tabs: one for DNS, one for DHCP. Be sure to use to correct tab. Wkst 48 mb Ram 8.5 mb DNS/DHCP objects can be viewed in NetWare Administrator, but you must use DNS/DHCP Mgmt Console to create, edit, or delete DNS/DHCP objects.

Configure workstations to use DNS and/or DHCP in the TCP/IP properties of the network control panel.

When the NDS schema is extended to support NDS objects we will see 3 new objects:

• DNSDHCP-Group object - Contains users and any servers running DNS/DHCP. It is automatically a trustee of a DNS or DHCP object. Access to information contained in DNS or DHCP objects can be obtained by an NDS object by making that object a member of the DNSDHCP-Group group object. Any NetWare server designated as a DNS and DHCP server is automatically a member of the DNSDHCP-Group Group object. This provides NetWare servers with the necessary rights to DNS and DHCP configuration information within an NDS tree
• DNS-DHCP Locator Object - Contains global configuration info, a list of servers, subnets, and zones in the tree. Used by DNS/DHCP Mgmt Console to locate objects. Can't be configured, and doesn't display in the Mgmt Console.
• RootServerInfo - A Zone object used in looking up host names outside your domain. It points to root servers on the Internet allowing you to resolve domain names that belong to domains not maintained in your NDS tree.

12. Configure and start DHCP services.

1. Assign a NetWare server as DHCP
2. Configure IP info
3. Start DHCP : DHCPSRVR

DHCP is a client/server service which provides configuration parameters to Internet hosts. Both servers and clients are hosts.

There are two components to DHCP:
a protocol used to deliver the host-specific configuration parameters from a DHCP server to a host; and an added protocol for assigning network addresses to hosts.

DHCP provides all the necessary name and address information needed to locate hosts on the network.

Relay agents
DHCP requests are broadcasts and therefore are not forwarded by routers. In order for DHCP servers to respond to DHCP requests from remote segments, we must employ a relay agent. A relay agent is software based and runs on a router to forward DHCP requests to a DHCP server. The same agent then forwards responses back to the workstation.Dynamic Host Configuration Protocol (DHCP) provides conf parameters to Internet hosts

BOOTPFWD.NLM is Novell's implementation of a relay agent. BOOTPFWD.NLM must be configured on NetWare servers that route segments that would otherwise not reach the DHCP server. BOOTPFWD.NLM must be configured to forward DHCP requests to your DHCP server.

A DHCP Server Object: The DHCP server object contains a listing of subnet ranges that the DHCP server is servicing as well as server-specific configuration and policy information. Can be created in the container o – ou –c -l

A DHCP subnet object: A DHCP Subnet object represents an IP network address that is assigned to a physical network segment. The Subnet object is a container object holding IP address configuration information that can be assigned to nodes that reside on that particular IP network segment.

A Subnet Address Range object Contains a range of IP addresses available for dynamic address assignment.

An IP Address object: Manually assigns an IP address to a specific machine on the network or excludes the assignment of an IP address on the network.

A Subnet Pool Object Allows multiple Subnet objects to service DHCP request for a network segment that has more than 1 IP subnet address configured on it. Create in container objects

13. Import a DHCP database.
DHCP can import DHCP 2.0 or 3.0 file formats. Dns\dhcp management console| Import DHCP db

14. Configure and start DNS services.

1. Conf DNS services using DNS\DHCP management console
2. Start DNS services : NAMED
3. Conf wkst to use DNS

Domain Name Services (DNS) can be up to 255 characters an it is not case sensitive Translates host names (such as 'www.cramsession.com') into IP addresses (139.142.34.89). The master name server (a.k.a. primary name server) maintains the database of resource records. Information maintained is called Authoritative db in BIND format

Replica name servers (secondary name server) :maintains a copy of the database from a master name server (through a zone transfer) and is used to provide a faster, more local name server.

DNS resolvers : DNS clients , submits a request for an address to a srv within its default domain.

A DNS Zone ( logical divisions of the Internet) is all or part of a domain for which the server provides DNS services. For example, the novell.com domain can be broken into a zone for support.novell.com and a zone for education.novell.com. Each portion of the domain can have its own DNS server to handle requests within the zone. Each DNS server has a Start of Authority (SOA).

Six types of resource record object (RRs):

• A (Address) - A Hostname to IP-address mapping
• NS (Name Server) - A listing for another name server
• SOA (Start of Authority) - This server's zone of authority
• CNAME (Canonical Name) - An alias. Resolves alias hostname to primary hostname.
• MX (Mail Exchange) - Maps e-mail addresses to domain names
• PTR (Pointer) - Pointer to other records when doing reverse lookups. Used in IN-ADDR.ARPA zones.

DNS-Specific NDS Objects: DNS Name Server, DNS Zone, Resource Record, Resource Record Set.

To change a resource record object, you must delete it and recreate it. Designated servers Nw srv assign to service a DNS zone objects Tasks

• Querying NDS to resolve names into IP address
• Adding and deleting Resource Records
• Updating the zone serial nb

15. Import a DNS database.
Import DNS db from DNS\DHCP management console

16. Explain the services provided by the Netscape FastTrack Server for NetWare.
Web server. Enables users to publish documents on internal corporate networks intranet and on the www Internet

17 Install the Netscape FastTrack Server for NetWare.
Requires long filename namespace on volume that holds website files. (LOAD LONG.NAM & ADD NAME SPACE LONG TO <volume name>)

To install, log in from a workstation as Admin-equivalent and run \PRODUCTS\WEBSERV\SETUP.EXE from the NetWare 5 CD. Make note of the Administration Server TCP Port.

Server requires a unique ip address a long name space NW 4.11 64 Mb of RAM , 100 Mb

At the NetWare console, use NSWEB.NCF to load the server and NSWEBDN.NCF to unload the web server. By default, web pages are stored under SYS:\NOVONYX\SUITESPOT\DOCS.

18. Use the Administration Server to configure the Netscape FastTrack Server for NetWare.
Manage the web server through the Netscape Server Administration Page via a web browser. The URL will be HTTP://<SERVER NAME>:<ADMIN TCP PORT>. You have full access to administer all Netscape FastTrack web servers on your network from here. Click the button for the server you want to manage, then you have the following options:

• ON/OFF - Loads or unloads web services on the selected NetWare server
• VIEW SERVER SETTINGS - Hostname, IP Address, Port, log settings, document directories and defaults,
• CGI settings, and index style
• RESTORE CONFIGURATION - You can restore the server to previously used saved configuration settings
• PERFORMANCE TUNING - Number of connections (48 is default), DNS lookups, size of listen queue, http
• connection timeout, buffer and packet sizes.
• MIME TYPES - Add, Remove & Edit MIME types by file extension
• NETWORK SETTINGS - TCP Port, IP address, hostname, news & mail servers
• ERROR RESPONSES - customize error messages by error code
• RESTRICT ACCESS - Access control settings
• ENCRYPTION ON/OFF - enable/disable encryption, set ports & aliases
• ENCRYPTION PREFERENCES - SSL version, cipher settings

To restrict the size of a web directory, use NWADMIN to limit directory size

19. Troubleshoot and tune the Netscape FastTrack Server for NetWare.

• Tune server performance

1. Maximum simultaneous requests:nb of active request allowed for the srv at 1 time
2. Domain name system lookups
3. Listen-queue size:NB of incoming connections the system will accept for that socket def:100
4. http persistent connection timeout

• Set the max packet receive buffers

1. Max physical receive packet size : change in startup.ncf, Monitor
2. Setting max packet receive buffers : max amount of mem allocated to receive incoming packets. Monitor

• Regulate Web server contents

1. File sizes
2. HTML features

20 Describe the purpose and function of NDPS and how it differs from queue-based printing services. Single utility that manages all printing in the NetWare 5 environment.Downloads all necessary drivers to the workstation. Supports TCP/IP. Designed to handle the complexity of network printing.

21 Explain the four NDPS components and their functions.

• Printer Agent: Software entity 1:1 correlation with a prn, manages print job processing, answers queries, generates events notification, ensure the scalability of the printing env. Object that is the combined printer, print queue and print server
• NDPS Manager: Controls printer Agents . 1 srv: 1managr
• NDPS Gateway: Installed on the NetWare 5 server. Acts as agent for non-NDPS aware printers (most today). Provides a bridge between NDPS clients and legacy printers
• NDPS Broker: allows for: SRS (Service Registry Services) for public access printers to be advertised on the network. ENS (Event Notification Services) delivers messages to users regarding job status/events. RMS (Resource Management Services) centrally manages drivers, definition files, banners, and fonts.

22 List the NDPS printer types and explain the difference between public access printers and controlled access printers. Printer Types include;

• Public: no NDS object (resides in Broker)
• Controlled Access: NDS object uses corresponding NDPS Gateway, security, more event status notification offer simple or auto client installation

23 Configure the network for NDPS by creating and configuring the appropriate NDPS objects in NDS.

• Verify syst requirements: 4 Mb of Ram additional + 80 Mb space, No SMP or Unix
• Install NDPS software : Initial install or NW Gui
• Create an loaf NDPS Manager: highlight Container,right click create NDPS manager, Load : ndpsm manager_name_and_context
• Create Printer Agents

24 Configure a workstation to print to NDPS printers.

NW client 2.2

• Conf NDS to download prn drivers and conf printing on wkst auto : Container details , NDPS Remote Printer Management > show the results window on wkst > click Add class printer< Update driver
• Manually conf wkst using Novell Printer Manager : public/win32/NWPMW32

25 List the benefits and components of Z.E.N.works and describe the function of each.

• Zero Effort Network
• Conf and manage wkst and Windows desktops
• Solve wkst software problems remotely
• Distribute and manage apps

Benefits

Components

• Desktop management : allows conf of desktop policies in NDS for windows clients
• Application launcher :distribute network-based apps to user`s wkst and mane those app as objects in NDS tree
• Remote control:remotely access user`s wkst through wkst object in NDS
• Help requester

26. Install Z.E.N.works and the NetWare Client.

• �nstall ZEN works components on the server: NW 4.11 Nwadmin32.exe, 40 Mb of Ram ,175 Mb disk space, [S] to the [Root]
• Install wkst manager: winsetup.exe

27 Describe Z.E.N.works policy packages and explain how policies are used to manage workstations. Collection of NDs ibjects created to maintain wkst objects, help set up parameters for managing wkst, users, groups or containers

Only 1 win 95 user package can be associated with the admin Policy rights are applied in the order of object then container

28. Explain how to register workstations and import them into NDS using NetWare Administrator. Wkst must be registered with NDS before they can be imported into the NDS tree and managed as other objects

Run wkst registration agent WSREG32.exe Methods of registering a wkst

1. Application launcher
2. Zen works scheduler
3. Login script

Once registered a log file is created WSREG32.log

Wkst has been used to log in to net once the appear on the list they can be imported

1. create a user policy package for each wkst platform
2. conf wkst import policy to create wkst objects > TOOLS > Import wkst

29. Configure desktop environments throughout the network.
Enabling user system policies or computer system policies, take effect as soon as the policy is enable and the scheduled event for the policy appears

30. Distribute applications using the Novell Application Launcher.

• Use the snAppShot (creates image of current app-settin and allows distribution) utility to capture the wkst 's conf info
• Create the app object from the template file created by snAppshot
• Associate the app object with container , group, wkst or user object
• Place NAL.exe in a login script

31. Manage workstations using the Z.E.N.works Remote Control utility.

• Verify NDS rights requirements : [W] Dm remote Verification property of wkst object [R] [public] to all properties in wkst object
• Verify client requirement

1. run the remote control agent application
2. Connect to the network using NDS
3. Be registered in NDS
4. Have a wkst object in the NDS tree

• Establish remote control security : by default object are created with remote control access enabled
• Connect to the target wkst > TOOLs> remote control wkst
• Control the target wkst
• End a remote control session } Alt+ F4

32. Set up the HelpRequester application so users can report workstations problems.

HELPREQ32 :Conf in user policies

33. Describe transitive synchronization.

• Bridge the gap between IP-only networl and Ipx-only netw
• Eliminate the requirement that all servers in a replica list must be able to comm and synchronize with each srv in the replica list.
• Reduces synchronization traffic

34. Describe WAN Traffic Manager and its use to manage synchronization traffic. Wan traffic manager

• Allows management of traffic across WAN links reducing net costs
• Controls server-to-server traffic generated by NDS
• Can restrict traffic based on cost of traffic, time of day, type of traffic or combo
• Controls periodic events initiated by adm or users (replica sync)
• Does not control adm , users events

Components

• WTM.nlm
• NetWare adm snap-in
• WAN traffic policies

35. Describe Network Time Protocol.
NW 5 server communicates time with other servers using IP. It uses TIMESYNC-loaded auto and NTP (IP standard use to determine time , based on the Internet)-manually loaded. When NTP is loaded IPX server must be set to secondary servers.

36 Configure Network Time Protocol (NTP) to synchronize time in an IP or mixed /IPX environment.

NTP.cfg

• peer address
• server address ( hostname or IP)
• default 127.127.1.0

NTP assumes that the time it gets from an Internet time source is the correct time. The secondary servers changes their time to match the NTp running srv

37. Describe contextless login.
Eliminate the needs for users to supply an NDS context, uses Catalog Services .

38. Set up the network to allow contextless login.

• Verify that lgncon32.dll & dscqry.dll Exist
• create an NDSCat:Master Catalog object: USRCAT
  1. primary label : lgncon
  2. secondary label: users
  3. filter page: "object class"=user
  4. USRCAT trustee of [Root] [B] object rights
  5. [Public] trustee of [USRCAT] [RC] properties rights
  6. Load DSCAT
  7. Once complete unload
• Configures the client workstation: netw neigh| novell NW client | contextless login | enabler| wildcard searching allowed| catalog field: USRCAT

Presuming you have NDS Catalog Services installed, the steps are:

• Create and configure an NDSCat:Master Catalog object
• assign the proper trustee rights to the new NDSCat:Master Catalog object
• run DSCAT.NLM
• from the workstation right click on NetWare Neighborhood and configure the NetWare Client for Contextless Login.

39 Describe NetWare 5 licensing, including license container objects and license certificate objects. Authorize users to use NW to connect to the net. Issues a license when a piece of software request one. Provides features and tools for monitoring and managing license usage on net When NW is installed 2 objects are added

• License container objects : can contain multiple license certificate objects . the name attributes: publisher, product and version

Types

1. user license container
2. server license container

• License certificate objects :

1. installed into license container objects
2. contains info about the product: publisher, product name, version, units allow, if additional licensees are available
3. Admin user is owner by default

40 Manage NetWare user licenses.

• Assigning licenses to users : assigning to objects that represent the greated NB of users. Assigning to container allows all users in the container and subcontainer to use license : User - Group = O = OU
• Installing add licenses

41 Describe compatability mode. . With a Migration Agent server on each segment there would be no problems exchanging information sourced from either IPX or IP. The MA (Migration Agent) is supported only at the NetWare server.

The MA is enabled by loading the IPX Compatibility driver (scmd.nlm) with the Migration Agent option. The Migration Agents are then used by the IP systems on the network. If more than one MA is needed, all Migration Agents must be able to access the same IPX networks or be able to exchange IPX network information. Migration Agents exchange IPX network information by invoking the IP Backbone Support feature, which is accomplished by loading the scmd.nlm with the backbone support options. CMD servers are pure IP NetWare servers.

42. Describe the Migration Gateway.

43. Configure and maintain compatibility mode on a NetWare 5 server.

44. Describe Service Location Protocol (SLP)
The Service Location Protocol provides the same function in IP networks as SAP provides in IPX networks. It registers information in a database and allows clients to query the database to find services. There are, however, two principal differences between SAP and SLP:

SLP does not maintain a global database of services. It registers services only in the local area. It discovers services in the local area via multicast requests, which are forwarded using NDS replication from network to network within a site.

SLP assumes that the client is able to locate either services themselves, or a database server representing those services, using these pan-network multicasts.

Through Novell's integration of SLP with NDS, local SLP information is compiled to provide a global representation of all available services on the network. This provides dynamic discovery of services locally and scalability in large networks.

45. Describe Novell's Public Key Infrastructure (PKI). Novell Public Key Infrastructure (PKI) Services enables the use of public key cryptography and public key certificates in an NDS-enabled network. PKI Services allows you to request, manage, and store public key certificates and their associated key pairs in the NDS tree and to establish and manage an NDS tree certificate authority (CA) that is specific to your NDS tree and to your organization.

PKI Services also works with most commercial certificate authorities such as VeriSign and with the major certificate authority software, such as Netscape CA Server. PKI Services optionally generates PKCS #10 formatted certificate signing requests (CSRs) that can be used by commercial or external certificate authorities.

Novell PKI Services consists of a PKI NLM and a snap-in module to NetWare Administrator. A network administrator uses NetWare Administrator as the administration point for PKI Services.

Public key cryptography is the system of using digital codes called "keys" to authenticate senders of messages and encrypt message content.

Public key cryptography differs from conventional cryptography in that two mathematically-related keys (a private key and a public key) are used instead of one common key.

When data is encrypted using the public key, it can only be decrypted using the private key. Conversely, when data is encrypted using the private key, it can only be decrypted using the public key.

For example, if Alice wants to send Bob an encrypted message using public key cryptography, Alice encrypts her message in Bob's public key.

Since only Bob knows his private key, only Bob can decrypt the message. Likewise, Bob can send an encrypted response to Alice by encrypting the response in Alice's public key. Only Alice can decrypt the response because only Alice knows her private key.

Public keys are normally made available in the form of a public key certificate. Public key certificates are certified by a certificate authority (CA). Normally, this process involves some due diligence on the part of the CA to verify that the individual or entity is indeed who they claim to be.

Through the process of certification, users of a public key infrastructure have some assurance that the public key certificates are valid. The level of assurance depends on the policies and practices of the CA.

Public key cryptography is widely used for authentication and encryption in the computer industry. Novell PKI Services for NDS uses it specifically for public key certificate creation, issuing, and management.

46. Describe Novell International Cryptography Infrastructure (NICI).

47. Configure and maintain PKI.

48. Describe the features and benefits of NetWare 5.

49 Describe the process of migrating to NetWare 5 in an IP only environment.