Highlighted
matt4 Honored Contributor.
Honored Contributor.
306 views

Cannot Upgrade to IdM 4.8 on Root Install/Non-Root Instance

I am running IdM 4.7.3 engine on a Linux server where eDir software is installed as ROOT, but the INSTANCE is running as a NON-ROOT user (see https://community.microfocus.com/t5/eDirectory-Tips-Information/eDirectory-Conversion-root-to-non-root-instances/ta-p/1775521 for more info).  I tried to upgrade to IdM 4.8 engine, but I have been unable to because of this configuration.  The installer now in 4.8 requires logging into eDir, unlike in 4.7 where it did not.  So when I run the installer as root, it cannot access the non-root instance of eDir.  Of course, I cannot run the regular installer as the non-privledged user either.  There is a non-root install script included with 4.8, but it appears to only work with the tarball install where the eDir INSTANCE owner is ALSO the owner of the installed software (binaries).  So this won't work in this scenario as well.

When running eDir as non-root, I prefer this configuration because then I can use the standard installer for eDir and the instance owner does not have full rights to the binaries.    

I know this is technically not a supported configuration, but has anyone gotten IdM 4.8 engine installed on a server configured this way?  If so, how did you do it?  Thanks!

Matt

P.S. Please vote for my idea to get this configuration supported:

https://ideas.microfocus.com/MFI/eDirectory/Idea/Detail/15380

 

Labels (1)
0 Likes
5 Replies
Micro Focus Contributor
Micro Focus Contributor

Re: Cannot Upgrade to IdM 4.8 on Root Install/Non-Root Instance

Hello Matt,

Why can't the root installation process use the non-root eDir? I would have expected that to work quite well.....

The tarball installer is it's own beast, and comes with its own problems. Running the standard install, but then configuring an instance to run as non-root, would be fairly standard i would have thought.

What's the error you're getting?

Cheers,

Steve

0 Likes
matt4 Honored Contributor.
Honored Contributor.

Re: Cannot Upgrade to IdM 4.8 on Root Install/Non-Root Instance

 

Why can't the root installation process use the non-root eDir? I would have expected that to work quite well.....

No, this doesn't work at all. The 4.8 IdM Engine installer uses ndsmanage to figure out the name of the tree and then attempts to login using ndslogin.  The ndsmanage command fails since root does not own the eDir instance.  As far as the root user is concerned, there are no instances of eDir.  The install scripts do not have proper error handling for this situation (they would also fail if there were multiple instances of eDir as well).  The engine installer also tries to stop eDir and start it a few times.  Again, this fails since root does not own the eDir instance.  I was actually able to get it to install by hacking the install script.  The only caveat is you have to do the schema extensions after the fact.  

The tarball installer is it's own beast, and comes with its own problems. Running the standard install, but then configuring an instance to run as non-root, would be fairly standard i would have thought.

Are you taking about eDir here? Yes, that works great and I do that all the time. BUT IT IS NOT A SUPPORTED CONFIGURATION, contrary to what has been incorrectly stated in the community. I think it should be supported, hence my post on the ideas portal.

What's the error you're getting?

During the IdM engine install? None, you just end up in an endless loop trying to login to the tree.  The install scripts have very poor error handling.  

 

0 Likes
Dieseloreo Trusted Contributor.
Trusted Contributor.

Re: Cannot Upgrade to IdM 4.8 on Root Install/Non-Root Instance

try making a instances.0 symbolic link to the instances.<userpid> in the etc/opt/novell/eDirectory/conf/.edir directory and the root user will now see ndsd.

hope that helps.

0 Likes
matt4 Honored Contributor.
Honored Contributor.

Re: Cannot Upgrade to IdM 4.8 on Root Install/Non-Root Instance

 

That worked! Well, it at least allowed the installer to complete and is a much more elegant solution than what I was doing, hacking the install scripts.  

This allowed the ndsmanage command to execute properly and find the nds.conf file which in turn allowed the installer to find the tree name which then allowed ndslogin to work.  

The software appears to have installed just fine.  However, it was not able to stop/start eDir, I still had to do that manually (even though I saw no errors).  I also executed the schema extension script again as the instance owner just in case ( /opt/novell/eDirectory/bin/idm-install-schema ).

Thanks for that tip.  Sometimes it is the simplest things.  I never even thought about doing that!

 

Matt

 

0 Likes
Dieseloreo Trusted Contributor.
Trusted Contributor.

Re: Cannot Upgrade to IdM 4.8 on Root Install/Non-Root Instance

happy to help...im currently fighting 9.1.4 with 4.7.3 install. 4.7.0 works fine until i patch it and then it fails.

we are moving from root to non-root idm and edir install of 9.1.4

we edir/idm/non-root people have to stick together!  🙂

p.s. i usually hack the install script to remove packages i dont need and to make it unattended as the non-root unattended/attended is lacking...alot

 

 

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.