Highlighted
TSchmauch Absent Member.
Absent Member.
693 views

IDM/eDir cluster installation

Hi. I currently have eDir 9.1 clustered and running on RHEL 7. The IDM installation says it completed successfully, but when i try to run configure.sh I run into a few things I am not sure of. I choose a custom configuration since the documentation says to do that if you already have an identity vault. From there my options are Create a new vault, add to a vault on the local machine or add to a vault on a remote machine.

When I try local it does not seem to be able to find the tree. I am guessing it is using the server's IP and doesn't know what the IP's for the clustered vault is. If i try a remote vault, it connects to the tree fine, but also tries to add a connection on the server itself (not edir IP) for port 524. I am not sure which configuration I should be using in the situation and I cannot find any documentation on it.

The only real cluster related IDM information I can find in the install documentation is to setup Node 1 using the Metadirectory server option, but I have no idea how that translates to the installer except maybe it is saying just install the engine?

Thank you for your help,
Tom
Labels (1)
Tags (2)
0 Likes
3 Replies
Knowledge Partner Knowledge Partner
Knowledge Partner

Re: IDM/eDir cluster installation

If I were doing this I would not use the configure pieces for anything,
instead just setting up the software and then configuring the rest on my
own. The configure bits, for the engine, are not doing that much anyway,
and considering you are already adding in clustering I think you are
headed for a sea of corner cases.

Install the engine software on a couple boxes, setup the clustering for
the eDirectory instance, and then be sure you keep your two cluster nodes
consistent (JAR files for connectors, firewalls, etc.) lest your failover
is likely to fail.

Is it safe to assume your cluster is basically two RHEL boxes in
active/passive mode with regard to the eDirectory instance, sharing the
eDirectory data directory essentially, maybe the config directory, and
NICI information so whichever is running acts like the only real
eDirectory server? Are you using corosync/etc. for management of this, or
some other software? While this works, and there are even documents
covering it, it is also a fair bit of work compared to other options like
using virtualization layers to do something similar (though those can
respond more-slowly than some other options).

--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below.

If you want to send me a private message, please let me know in the
forum as I do not use the web interface often.
0 Likes
TSchmauch Absent Member.
Absent Member.

Re: IDM/eDir cluster installation

Thank you for the reply. Yes, there are two RHEL using Corosync and they are active/passive. eDrectory runs fine on either node, it is configured to use its dedicated cluster IP. We have 5 eDirectory trees spread between the two servers.

I can install the engine, but since there are multiple eDir trees on each server, I did not know if ./configure was needed in order to tell it which tree to use or is that all done by added the server to a driver set via iManager?

FYI, I have two windows servers running IDM 4.7, so the schema should already be extended.

Thank you again for your help
Tom
0 Likes
Knowledge Partner Knowledge Partner
Knowledge Partner

Re: IDM/eDir cluster installation

On 05/22/2018 02:24 AM, TSchmauch wrote:
>
> Thank you for the reply. Yes, there are two RHEL using Corosync and
> they are active/passive. eDrectory runs fine on either node, it is
> configured to use its dedicated cluster IP. We have 5 eDirectory trees
> spread between the two servers.


This makes me think you have multiple instances of eDirectory per box,
then; that should also be fine, but just to be clear are these all running
from the same root (RPM-based) install of eDirectory?

> I can install the engine, but since there are multiple eDir trees on
> each server, I did not know if ./configure was needed in order to tell
> it which tree to use or is that all done by added the server to a driver
> set via iManager?


IDM is installed onto an eDirectory installation (as opposed to instance)
so that its binaries then reside with eDirectory's. With that done, IDM
still does not load until the relevant eDirectory NCP Server object is
linked to a DriverSet. When that is done, as eDirectory loads it realizes
it needs to add a subprocess of the IDM engine, which it then does. As a
result, you should not need to do anything other than extend schema and
link an instance's own server object to a DriverSet in order for all of
that to work. Extending schema can be done with the
/opt/novell/eDirectory/bin/idm-install-schema script that is present after
intsalling IDM. This only needs to be executed once per eDirectory tree,
as replication will send the schema to all replicas as soon as the Master
replicas of [root] are extended.

--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below.

If you want to send me a private message, please let me know in the
forum as I do not use the web interface often.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.