Cover V09, I01
Article
Figure 1
Figure 2
Figure 3
Figure 4
Figure 5
Scorecard

jan2000.tar

EnlightenDSM -- Distributed Systems Management

Marcel Gagné

The day-to-day demands on an average systems administrator are many. Printer problems alone can add up to a quarter of administration time. Add to that user creation, network management, security...well, you get the idea. Now, toss in today's enterprise-wide, multi-platform environment. Take a handful of NT servers, a large scale HP-UX system, a couple of IBM RISC 6000s, a couple hundred Windows 95 workstations, a Linux firewall, and a SCO print server -- and you have the makings of a real pressure cooker of a job. Now, spread this out over several cities from one end of the country to the other, and things really get interesting.

Anything that promises to streamline that process is going to catch your attention. If that something also promises management of this distributed and varied environment through a single, friendly, graphical user interface, it demands even closer examination.

Enter Enlighten Software Solutions' Distributed Systems Manager or EnlightenDSM. This product makes it possible to manage users, printers, disk space, security, and a host of administration functions from a single X Window console. I took EnlightenDSM on a test drive across just such a mixed environment. In this article, I will tell you what I found.

Installation

While performing this review, I had the opportunity to work with two different versions of EnlightenDSM. The first copy I received included agents for different releases, but my first installation was on an IBM RISC6000. I also installed the product on my notebook computer using Enlighten's new kid on the block, a Linux-based release that ships with TurboLinux Workstation 3.6. It's the latest and greatest version of EnlightenDSM, which includes several security enhancements.

The TurboLinux version, aside from requiring TurboLinux, is probably the easiest of the installs. It is simply an RPM (Red Hat Package Manager) bundle that installs with a single command line (two if you count the CD-ROM mount command).

rpm -ivh EnlightenDSM-3.4.0-6.i386.rpm

The RISC 6000 version (or any of the other platforms supported) is not much more difficult. EnlightenDSM comes with a “Quick Install Guide” detailing the mount command for the various platforms. For instance, the RS/6000 mount command is /etc/mount -r -v cdrfs /dev/cd0 /cdrom. The next step is to execute /cdrom/CDINSTAL, then the show begins.

You have the opportunity at this point in the installation to install the DSM agents to other hosts on your network. When I first did this, I only installed to two hosts (mostly because I just wanted to see what would happen). I recommend that you specify at once all the other hosts on which you would like to install the GUI or distributed systems agents (DSA) rather than doing them one by one.

The default install directory is /opt/enlighten, but this can be changed if you do not have the disk space in that partition. EnlightenDSM requires about 100 MB for a full install of the product and its Enterprise Management Database (EMD). On all but the Linux version, the EMD runs on Informix. The Linux product uses PostgreSQL. Further, each installation of the DSA (or client) requires about 30 MB.

Documentation

EnlightenDSM is certainly rich in documentation. My package arrived with a cleanly laid out User Guide, a reference manual, and a CD. The User Guide is aimed at the first-time user -- the person who just got a copy of DSM and is anxious to get going. I confess to being that user. In fact, I generally just want to load the software and start testing. Then, when I've had a quick look around, I crack open the manuals for more information.

The reference manual has some obvious duplication with the User Guide but goes into much more detail, including some command-line utilities that are not otherwise covered. Perhaps the most interesting piece of documentation is the companion CD-ROM. Along with the text documentation provided in HTML and other formats, there is a collection of AVI files -- little videos that take you through a number of EnlightenDSM functions, such as creating/maintaining a DNS or keeping a visual eye on your system with the status map.

The product itself is well documented. On just about every screen, you'll find a friendly “Help” button (located in the upper right-hand corner) ready to offer assistance on whatever portion of the tool you are currently working with.

Working with EnlightenDSM

After you have installed the management console, group management server, and the various DSAs, you can start EnlightenDSM from the command line of your X station. My X station is my Linux notebook running the K Desktop Environment.

/opt/enlighten/bin/xenln &

If you run the Linux version (and I gather the same holds true for future versions of the product), the command has changed slightly.

/opt/enlighten/bin/dsm &

My first impression was, “This is it? It looks too simple.” There's something disconcerting to the systems administrator when after everything is up and running, you find yourself looking at a simple button bar or launcher with icons labeled “Configure”, “User”, “Printer”, “Network”, “Security”, “Disk”, “Archive”, and “System” (see Figure 1). It seems as if a product that aspires to be a one-stop shop to multi-platform administration should look like more. After a virtual shrug, I clicked my first button, “User”, (Yes, I know. I didn't start at the beginning.) and worked my way from one group of menus to another.

I jumped right in. After all, Enlighten Software promised me that I could take over the world (my virtual networked world, that is) in fifteen minutes. That fifteen minutes is roughly the time it takes to install EnlightenDSM, by the way. I wanted to take over the world immediately.

After hitting a couple of speed bumps, which I'll explain later, EnlightenDSM quickly proved itself. Let me give you a tour of that deceptively simple control center/button bar.

My next visit was to the “Security” menu. Lately, I've been bugging my customers (and anyone else who is willing to listen) to enforce some basic security policies like decent password choices. I was curious to see how well they had listened. I selected “Obvious Passwords” under the security menu, picked a small handful of hosts, and clicked the most basic test (there are three levels of increasing complexity). After humming along for a few seconds, I was presented with a report of thirty odd users (out of a few hundred) whose passwords were their names. In a couple of cases, there were no passwords at all! The IT manager was shocked. Needless to say, the problem was quickly addressed.

After this wonderful demonstration, I returned to the configuration screen. Part of the ease of adminstration comes from the definition of adminstrative “pools”, logical groupings of similar systems, or offices, or geographical locations. I created a Toronto pool, chose a half dozen or so hosts, (both NT and UNIX) and simultaneeously created users across all of these hosts. There was no need to log in to each individual system.

I brought up the printer management menu and had a look at my print queues -- all of them, across my entire pool. When I first did this, we were running a large month-end process, so there were a couple of thousand jobs in one of the print queues. It was quite interesting to be able to move one of those jobs to another printer with the click of a mouse.

While wandering around, I generated disk usage reports by user, ran checks on attempted break-ins across my various network systems, and even ran a backup from a Windows 95 workstation to a remote 8-mm tape drive on an RS6000 (see Figure 2). When a problem comes up or something looks awry, EnlightenDSM provides “Wizards” to help you analyze the problem.

During the course of this review, I tried pretty much everything (which is quite a bit). From the GUI, I could lock and unlock user accounts, monitor vital system files, schedule backups, work with processes, and reset the time on remote servers.

Later in my evaluation, Enlighten Software sent me the brand new release of their Linux product. Since I had a “blank slate” system, I used EnlightenDSM to help me through the setup of the local DNS. I clicked on the network icon, chose “DNS”, then “Server Configuration”. I was pleased to see that the software was prepared to work with both BIND 4 and BIND 8. In seconds, I had a fully configured nameserver running on my new system.

Warning! Warning!

When you discover a problem, it's often already critical. You can save yourself a few headaches by using EnlightenDSM's Programmable Events Processor, or “PEP”. PEP provides the means to customize a variety of alarm scenarios on your system by setting thresholds on disk space, system performance, and so on. Then, using the system map, you can keep an eye on the various hosts in the pools you've defined. If something is amiss, Enlighten can warn you by sending mail to a specific user. You can also execute a UNIX command (print a report or send a page).

Previously, I mentioned the status map. You'll find this under the same menu option. Using the status map, you can look down on your system, seeing all pools displayed against a graphic map of your own choosing. EnlightenDSM provides a number of pixmaps, including the entire United States, Canada, individual states, and various other countries. You can also create your own bitmap backgrounds to represent a rackmounted system, a corporate hierarchy, or a line-drawing map of your office. You then simply drag the host or pool icons into the rooms, or proper locations on your country map (see Figure 3). From that view, you can drill down from your various pools to individual hosts, where EnlightenDSM will provide yet another level of detail. This is the “Host Overview” window (see Figure 4).

The top part of the screen is a summary view of the individual system, with operating system type, number of users logged on, CPU load, disk space, and so on. The bottom part of the screen provides details on the types of events being tracked and their severity. There's also a convenient “Telnet” button that will transport you immediately to the host in question, so you can take care of remote problems.

Something I found particularly exciting when I checked out the status on my own test system (the Linux notebook) was that EnlightenDSM registered changes in the packages I installed while I was running the test. The information was a flag on the “Host Overview” screen, but there was also an email message in root's mailbox, informing me that somebody had installed software on the system.

Share the Responsibility

So, you've got this great admin tool, but you still have to do all the work, maintain all the users, handle all the printer requests, and so on. Actually, EnlightenDSM can help there as well.

Under the “Configure” icon, if you choose “User Authorization”, you'll find just what you need to allow someone else to administer printers or whatever else you think he or she can handle. In Figure 5; you'll see the screen that allows you to create these user profiles. My user, “natika”, can add or remove users and administer the print queue, but not much else. This is great stuff since every overworked sys admin would love to off-load some work without giving up the root password.

Your user still gets the default menu, but certain functions are locked out. If you want to make your junior administrator's job really simple, you can edit the menu file and create a smaller version of the EnlightenDSM button bar with only those functions you define as activated. Although editing the menus is easy, some type of a “point and click” interface would be helpful.

Speed Bumps Revisited

Earlier, I mentioned a few speed bumps. I waited to discuss them because I did not want them to detract from my description of what is otherwise an excellent product.

The first thing I tried to do was change the configuration of a user on my system. EnlightenDSM brought up the “Modify User” window and let me make my changes. My choices at that point were “Modify” (Didn't I just click that one?), “Next”, and “Clear Fields”. I knew I didn't want to clear fields, and I assumed that what I wanted was “Next”. I clicked “Next” and found myself back at my first screen with my user unmodified. The correct choice was actually “Modify”, as in, “Confirm your modification”. This form of dialogue exists throughout EnlightenDSM. The “Next” button is provided because EnlightenDSM makes it possible to modify a number of users, and moves you from one user to the next. I've grown up in the world of the “OK” button, and I tend to act first and wonder later.

As I mentioned earlier, all the screens have a friendly “Help” button in the top right-hand corner. Had I read the documentation first (or clicked on the help button) I would have figured this out sooner, but even afterward, it took me a while to break the Next/OK habit.

Some kind of expected completion time display would also be nice. For instance, “Disk Usage Information by User” ran for about 10 minutes on the filesystem I gave it. Although I realize that an actual estimate may be difficult since the system is busy figuring that out as it goes, any kind of update (e.g., “Now analyzing /home on host ‘dilly'”) would help. According to the company, the program does provide this information when more than one filesystem is selected for reporting against.

My only other suggestion would be to have a command-line interface for most of the EnlightenDSM functions. It is not always convenient to make your way to an X workstation for administration (particularly if you are awakened in the middle of the night with a problem). The advent of the Linux version, however, may make this a non-problem as a simple, portable X administration console becomes easy to deploy.

I mentioned these personal annoyances to my contact at Enlighten Software. He was quite receptive to all, so perhaps these items will be addressed in the near future. He threatened to go work on the “OK” button as soon as he got off the phone. He also pointed out that those screens can be modified in the menu editor, but hey, I'd like it to be that way out of the box!

Take DSM Out for a Free Spin

Enlighten Software offers the User Administration module from their EnlightenDSM product as a free download. I highly recommend that you grab it. This small version still provides full cross-platform control over user and group administration as described above, and Enlighten will let you keep the product, forever! That's not a bad deal.

At the time of writing, the Linux version of the free download was not yet available, but I hope that won't be long in coming. You can, however, find the User component for all the other supported platforms.

When you fire up the free product, you will get three buttons. The “Configure” button lets you set up pools (as described earlier) and define your environment. The “User” button actually gives you the control functions. Finally, you also get an “Enlighten” button, which includes documentation and some HTML screens that take you through a tour of the full-blown product.

Conclusion

Systems administration is becoming increasingly complex and time consuming. In the enterprise-wide world, the costs of administering so many diverse platforms can be enormous. EnlightenDSM may just be what you need to alleviate some of this confusion. With its one-console approach to systems administration, you can win back more of your time. Add to that the capability to hand off certain less-critical system administration functions to non-root users, and longer coffee breaks start to seem possible.

EnlightenDSM is a big office product aimed at large shops with multi-platform OS and distributed systems. Using DSM to administer a single host with a handful of users doesn't win you anything. You likely already have the tools to take care of that lone NT server or lone Linux Internet gateway. The addition of Linux as a supported platform, however, means that DSM may find itself in increasingly more shops.

Pricing varies depending on the number of platforms and clients, but a typical EnlightenDSM deployment runs between $35K and $70K depending on the types and numbers of systems. This includes deployment costs and installation/setup support from Enlighten Software Solutions. Interested parties should contact Enlighten Software for details.

EnlightenDSM is a powerful cross-platform adminstration tool and a great product that deserves a serious look.

Contact Information

Enlighten Software Solutions

http://www.EnlightenDSM.com

999 Baker Way, Fifth Floor

San Mateo, California, 94404

(800) 928-5000

Outside the United States, call (650) 578-0700

About the Author

Marcel Gagné lives and writes in the mythical city of Mississauga, Ontario. There, he is president of Salmar Consulting Inc, a systems integration and network consulting firm. He also writes science fiction and fantasy, and edits TransVersions, a science fiction, fantasy, and horror magazine. He has loved UNIX and all its flavours for more than 15 years now, and will even admit it in public. He can be reached at mggagne@salmar.com. You can find out more from his web site at www.salmar.com.
 

© 2002 CMP Media LLC. All Rights Reserved.
www.samag.com