This section summarizes the new features and enhancements in Micro Focus Open Enterprise Server (OES) 2018 SP3 release.
Beginning with OES 2018 SP3, OES can be installed on a UEFI enabled secure boot environment. The Micro Focus Secure Boot Certificates will be imported during the installation of OES with secure boot enabled. You are required to enroll the key in the UEFI prompt and follow the steps to add the certificates in the Machine Owner Keys (MOK) database. For more information, see Deploying OES 2018 SP3 in a UEFI Secure Boot Environment in the OES 2018 SP3: Installation Guide.
A new screen to participate in the Product Improvement program is available on installing or upgrading to OES 2018 SP3. For more information, see Product Improvementin the OES 2018 SP3: Installation Guide.
The OES Welcome page is rebranded to reflect the Micro Focus style. The page now highlights the top features for the release along with few important links to resources, community forums, and so on.
OES 2018 SP3 server supports TLS v1.2.
The Product Improvement program enables Micro Focus to collect statistical data about your usage of services on the OES server. This data enables us to ensure that you have the best possible experience with the OES services. The data is sent weekly once to the Micro Focus server. For more information, see Product Improvement in the OES 2018 SP3: Planning and Implementation Guide.
A new screen to participate in this program is available on installing or upgrading to OES 2018 SP3.
Provides a rich dashboard to monitor the health of all the servers (and its services) that are part of the agent search context in the same eDirectory tree. The CIS server contacts all these servers to provide a real-time health status. For more information, see OES Dashboard in the OES 2018 SP3: Planning and Implementation Guide.
This feature allows client to continue using opened files even after a temporary connection loss. A durable handle is a special file handle (from SMB server perspective) that is preserved in case of client’s temporary connection loss and allows them to continue file operations where it stopped once connectivity is restored.
Apple Time Machine (ATM) is a default application for backing up Mac clients data to local and network volumes. As part of this feature, Apple extensions (of the SMB protocol) are implemented to let ATM backup Mac client's data to the NSS volumes. For more information, see Apple Time Machine Backups to NSS Volumes in the OES 2018 SP3: OES CIFS for Linux Administration Guide.
Toggling between SMB Versions: By default, the SMB v1 sessions are disabled and SMB v3 option is enabled.
--dialect=SMB|SMB2|SMB3
--disable-smbv1-sessions=all
Display of Shares Depending on Trustees: Enables or disables the display of shares depending on the trustee rights of the user or group.
--check-share-visibility-rights=yes|no
Directory Leasing: Enables or disables directory leasing for SMB 3.0 or later connections. Directory leasing enables clients to cache the meta data of directories and thereby improves the overall performance.
--directory-leasing=yes|no
Apple Time Machine Backup: Enables or disables share to be Apple Time Machine (ATM) backup target. Enable this option to let ATM running on the Mac clients to backup their data to the specified share.
--atm-backup=yes|no
The --use-casa option is available to store and retrieve usernames and passwords from the OES Credential Store. For more information, see File System Migration Commands in the OES 2018 SP3: Migration Tool Administration Guide.
Beginning with OES 2018 SP3, the ncpcon commands supports BASH auto completion.
CPU affinity is applied to SSG threads in NCP Server for improving the encryption performance. By default, encryption at server level is enabled. For more information, see Managing NCP Threads in the OES 2018 SP3: NCP Server for Linux Administration Guide.
The REPLICATE_PRIMARY_TREE_TO_SHADOW option is enabled by default in OES 2018 SP3. When this option is enabled, the primary volume directory tree structure gets replicated to the shadow volume directory tree when an existing NSS volume is configured as primary volume for DST. For more information, see Dynamic Storage Technology for NCP Server in the OES 2018 SP3: NCP Server for Linux Administration Guide.
You can now enforce encryption and MFA at volume/cluster volume level or path level on the NCP server. For more information, see Managing NCP Security Configurations in the OES 2018 SP3: NCP Server for Linux Administration Guide.
Two error codes ‘103 (0x67)’ and ‘104 (0x68)’ are introduced for Encryption and MFA enforcement. For more information, see Managing NCP Security Configurations in the OES 2018 SP3: NCP Server for Linux Administration Guide.
Auto Discard: This feature discards the unused blocks automatically that are released by the pool. This functionality is supported on pools that reside completely on thin provisioned storage. This avoids user intervention to discard the unused blocks by executing the fstrim command.
The nss, nsscon, and nlvm utilities are updated with a new option (No)AutoDiscard to enable or disable the autodiscard feature for a given pool.
Device Agnostic: OES supports thin provisioning features (Fstrim, Auto Discard, and Blk_discard_on_delete) on all types of storage device drivers. The certified virtualized platforms by us are VMware, XEN, and KVM.
The following NSS utilities are enhanced to include --dst and --no-dst options:
rights
attrib
nssquota
nsschown
For more information, see man page of the corresponding utility.
The Linux utilities - mkdir, rmdir and mv are enhanced to support DST. Any operation performed on a directory in the Primary volume is replicated on the shadow volumes for these utilities.
Use an Existing Volume When Moving or Splitting Data: An existing volume can be selected when performing a Move or Split operation. For more information, see Moving an NSS Volume with DFS and Splitting a Volume with DFS in the OES 2018 SP3: Distributed File Services Administration Guide for Linux.
Manage eDirectory or Active Directory Trustees: When you map the volume as an eDirectory user, then to manage AD trustees, select the option List Active Directory trustees also in the Settings tab. Similarly, when you map the volume as an AD user, then to manage eDirectory trustees, select the option List eDirectory trustees also in the Settings tab. For more information see, Settings (Mac) in the OES 2018 SP3: NSS AD Administration Guide.
Complete Trustee Management Support for eDirectory Users: An eDirectory user can manage trustee rights, file system rights, directory quota, and user quota (remove quota). To perform trustee management, you must be an eDirectory administrator or a user who has administrative privileges.
Multi forest Support for AD users: Previously NFARM for MAC supported only single forest. Now it supports multi-forest browsing to choose an AD users for trustee management. A user can choose the required domain from the list of available domains.
NFARM client for macOS Universal App supports both Intel and Apple silicon based macOS Big Sur.
Add eDirectory or Active Directory Trustees: When you map the volume as an eDirectory user, then you can add AD trustees by selecting the option List Active Directory trustees also. Similarly, when you map the volume as an AD user, then you can add eDirectory trustees too.
For more information, see NFARM (OES File Access Rights Management) in the OES 2018 SP3: NSS AD Administration Guide.
The Salvage utility for Windows is updated with new options as follows:
Filter and Clear Filter to set and clear attributes to display the salvaged data.
Recursive to salvage all data from folders and subfolders.
For more information, see Salvage and Purge on Windows in the OES 2018 SP3: OES CIFS for Linux Administration Guide.
Trigger File Extension: Specify an extension for the trigger files. By default, the CEF format displays the extension as cef_ready. The other formats will not have any extension.
-t or --triggerFileExtension
iPrint users can now be authenticated by using Microsoft Identity platform for secure iPrint printers. This functionality is available with Desktop printing (Windows), QuickPrint, Release Portal, and Context Menu-based Desktop Printing too. For more information, see Identity Sources in the OES 2018 SP3: iPrint Advanced Administration Guide.
A new service file iprint-cups.service is added to start the cups binary on iPrint Advanced server with cupsd-iprint.conf (iPrint configuration file) file.
The CUPS file (cups.service) available with the earlier release is masked and should not be used with the OES 2018 SP3 server.
The iPrint Client is upgraded to version 6.22.10 and allows Azure users to print to iPrint secure printers.
The iPrint Client is upgraded to version 6.15 and supports macOS Big Sur (Intel and Apple M1 architecture).
DNS-DHCP management console is packaged as Microsoft installers for Windows 64 and 32 bit machines and can be managed using Programs and Features in Windows systems. DNS-DHCP management console is enhanced with Auto-populate feature for login dialog. The feature pulls past users corresponding to Server IP for login.
DSfW supports Filr integration. When DSfW and Filr are synchronized, DSfW users can access Filr services. DSfW server provides backend authentication and storage with three methods:
NSS AD as the storage backend for DSfW and Filr
Windows as the storage backend for DSfW and Filr
NetApp as the storage backend for DSfW and Filr
Different types of Filr deployment such as small deployment, large deployment, and expandable deployment can synchronize with DSfW servers, NetApp and NSS AD as a storage backend.
DSfW supports Multi Factor Authentication (MFA) capabilities by integrating with NetIQ’s Advanced Authentication. This provides more security to the workstations, which are joined to DSfW domain. MFA is supported with Windows and MAC workstations.
The novell-oes-samba stack in OES 2018 SP2 was on Samba 4.6. In this release, the two versions are aligned by updating novell-oes-samba to 4.10 version. The protocol stack remains as SMB 2.
DSfW offers updated schema level as Microsoft Windows Server 2019. There is no functional level change in Windows server 2019 nor in DSfW.
Added more checks based on regular encountered customer issues. OES 2018S P3 checks include sites and subnet, strict check of ndsd ports like UDP over 389 and 636, and if correct nmas-methods are deployed. smb.conf file is also validated for new parameters. Subset of the script is also integrated to supportconfig tool. The link to download Healthcheck script is OES Tips and Information.
DSfW now supports domain join and file access for NetApp ONTAP 9.9.1.
The Load, Unload, and Monitor cluster script limit is increased from 3200 bytes to 1 MB. A maximum of 1 MB is supported if the cluster is homogeneous with all the nodes on OES 2018 SP3. In a mixed node cluster with at least one node on a version lower than OES 2018 SP3, the script length will be restricted to 3200 bytes/3.2KB. See Script Length Limits in the OES 2018 SP3: OES Cluster Services for Linux Administration Guide.
The following options are added to the SBD util command line. For more information on each of the options, see the SBD Utility man page.
sbdutil -Z: Use the entire device while creating a partition.
sbdutil -I: Initializes the entire SBD partition.
sbdutil -i: Initialize the SBD partition except the cluster event logs.
sbdutil -E: Backup the event logs.
sbdutil -v: View the used slots on the SBD partition.
sbdutil -E -k: Export the backed up cluster event logs in a raw format.
sbdutil -m: Restore the back up cluster event logs to a newly created SBD partition.
sbdutil -r -x: Export the logs in XML format.
sbdutil -r -j: Export the logs in json format.
sbdutil -r -u: Export the logs in CSV format.
The logrotate service is enabled to archive cluster monitor.out logs. The monitor.out files are compressed and saved in the system for 365 days. For more information, see Log Filesin the OES 2018 SP3: OES Cluster Services for Linux Administration Guide.
NSS resource migration in cluster is improved by the enhancement made in pool and volume deactivation. This reduces the time taken for cluster NSS resource migration.
maintenance < on | off > <expiry_time>: An expiry time can be set to automatically turn off the cluster maintenance mode. For more information, see the cluster man page.
cluster maintenance <on|off> <expiry_time>
OES 2018 SP3 supports the following upgraded products bundled with OES:
NetIQ eDirectory 9.2.4
Micro Focus iManager 3.2.4
Besides bug fixes, there are no other changes to the following components for OES 2018 SP3:
Apple Filing Protocol (AFP)
Business Continuity Clustering (BCC)
Linux User Management (LUM)
NetStorage
OES FTP
Storage Management Services (SMS)