pgold Absent Member.
Absent Member.
150 views

Problems with existing IDM


Hi. I was given a problem yesterday afternoon, and I am not yet sure
how to tackle it. I am not even sure what the problem is. I do know
that there were problems with the edir replicas on our servers, and to
resolve that problem someone here spoke with Novell and apparently
removed the servers from edirectory and then put them back. In doing so
the existing IDM services stopped working. He was told that somehow we
need to reconnect the IDM to our edirectory tree. I am not sure I
understand what needs to be recoonected, but I need to get this back up
asap.

Our IDM environment is edir to edir. It syncs from our tree to a flat
intermediary tree which then has another IDM infrastructure to sync to
another system which we do not control. So it is the edir to edir that
is not working at the moment. I tried to get a trace, but that does not
seem to be working right either.

Any help will be highly appreciated!

Phil Goldwasser
BTDS LAN Group
Fire Department of New York


--
pgold
------------------------------------------------------------------------
pgold's Profile: http://forums.novell.com/member.php?userid=114234
View this thread: http://forums.novell.com/showthread.php?t=455088

Labels (1)
0 Likes
2 Replies
Knowledge Partner
Knowledge Partner

Re: Problems with existing IDM

On 4/25/2012 9:16 AM, pgold wrote:
>
> Hi. I was given a problem yesterday afternoon, and I am not yet sure
> how to tackle it. I am not even sure what the problem is. I do know
> that there were problems with the edir replicas on our servers, and to
> resolve that problem someone here spoke with Novell and apparently
> removed the servers from edirectory and then put them back. In doing so
> the existing IDM services stopped working. He was told that somehow we
> need to reconnect the IDM to our edirectory tree. I am not sure I
> understand what needs to be recoonected, but I need to get this back up
> asap.
>
> Our IDM environment is edir to edir. It syncs from our tree to a flat
> intermediary tree which then has another IDM infrastructure to sync to
> another system which we do not control. So it is the edir to edir that
> is not working at the moment. I tried to get a trace, but that does not
> seem to be working right either.


Probably the Per Replica attributes that strangely (from an eDir
perspective) are not replicated to other replicas, so that two servers
in a driver set can have two different auth settings/start
settings/GCV's etc.

Read more here:
http://www.novell.com/communities/node/13125/common-mistakes-newcomers-idm-make-part-4

Recovering, well that depends on what kind of backups. Designer with a
reasonably up to date copy of the project would be simplest and 5
minutes to fix.

iManager export of the Driver. We could import that into Designer as a
'new' driver, and look at the values, copy them over.

(or read it out of the XML itself).

And so on...


0 Likes
Knowledge Partner
Knowledge Partner

Re: Problems with existing IDM

On Wed, 25 Apr 2012 13:16:01 +0000, pgold wrote:

> Hi. I was given a problem yesterday afternoon, and I am not yet sure
> how to tackle it. I am not even sure what the problem is. I do know
> that there were problems with the edir replicas on our servers, and to
> resolve that problem someone here spoke with Novell and apparently
> removed the servers from edirectory and then put them back.


If you have an SR open with Novell, then you should probably have support
continue helping you recover from whatever failure you're dealing with
here.


> the existing IDM services stopped working. He was told that somehow we
> need to reconnect the IDM to our edirectory tree. I am not sure I
> understand what needs to be recoonected, but I need to get this back up
> asap.


It's likely that what has happened is that the server specific attribute
data that the IDM engine needs has been lost. Putting it back depends on
what you have that may have backed it up, or sufficient expertise to
recreate it. I'm not getting the feeling that you have done this before,
or have any idea what you're doing (no offense intended, of course), so
since you already have an SR open with support, I'd recommend continuing
to work with them on this problem.


--
--------------------------------------------------------------------------
David Gersic dgersic_@_niu.edu
Knowledge Partner http://forums.novell.com

Please post questions in the forums. No support provided via email.

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.