Anonymous_User Absent Member.
Absent Member.
281 views

Unable to delete DirXML-DriverStorage attribute from driver


Hi,

Trying to move IDM AD Driver to another AD host as explained in
TID7000882, Option 1 i tried to delete the DirXML-DriverStorage
attribute using iManager. I have put the IP address of the server that
is the Identity Engine instead of the tree name when I started the
iManager, go to the driver object, on the Other tab, selected the
DirXML-DriverStorage attribute deleted it and apllyied. But if go back
on the driver object the attribute is still there!
The engine is stopped, the RL is stopped, I don't know what to do next.
Can someone help me ?
What I'm doing wrong ?

Thanks,
Viki


--
vdusnoki
------------------------------------------------------------------------
vdusnoki's Profile: https://forums.netiq.com/member.php?userid=5728
View this thread: https://forums.netiq.com/showthread.php?t=50744

Labels (1)
0 Likes
4 Replies
Anonymous_User Absent Member.
Absent Member.

Re: Unable to delete DirXML-DriverStorage attribute from driver

Is eDirectory healthy with regard to time synchronization?

Try using an LDAP-based tool like Apache Directory Studio. Point to the
server, browser to the object, delete the attribute, and then see if, when
refreshing in that LDAP tool, it shows up again.

--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below...
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Unable to delete DirXML-DriverStorage attribute from driver


ab;244169 Wrote:
> Is eDirectory healthy with regard to time synchronization?
>
> Try using an LDAP-based tool like Apache Directory Studio. Point to
> the
> server, browser to the object, delete the attribute, and then see if,
> when
> refreshing in that LDAP tool, it shows up again.
>
> --
> Good luck.
>
> If you find this post helpful and are logged into the web interface,
> show your appreciation and click on the star below...


I was able to delete it with Console One and after that everything was
fine. I still don't understand why it was not possible to do it with
iManager and hope not to have issues on production(tomorow I have to do
it on production also).
It can be an issue if I delete an attribute with Console One ?

Thanks for your help,
Viki


--
vdusnoki
------------------------------------------------------------------------
vdusnoki's Profile: https://forums.netiq.com/member.php?userid=5728
View this thread: https://forums.netiq.com/showthread.php?t=50744

0 Likes
Knowledge Partner
Knowledge Partner

Re: Unable to delete DirXML-DriverStorage attribute from driver

On 5/4/2014 4:54 PM, vdusnoki wrote:
>
> ab;244169 Wrote:
>> Is eDirectory healthy with regard to time synchronization?
>>
>> Try using an LDAP-based tool like Apache Directory Studio. Point to
>> the
>> server, browser to the object, delete the attribute, and then see if,
>> when
>> refreshing in that LDAP tool, it shows up again.
>>
>> --
>> Good luck.
>>
>> If you find this post helpful and are logged into the web interface,
>> show your appreciation and click on the star below...

>
> I was able to delete it with Console One and after that everything was
> fine. I still don't understand why it was not possible to do it with
> iManager and hope not to have issues on production(tomorow I have to do
> it on production also).
> It can be an issue if I delete an attribute with Console One ?


The attribute is flagged in schema as Per-Replica. Which means, if
there is an object with this attribute, whose partition has 3 replicas,
it is perfectly legal to have a different value for this same object,
but on different replicas.

That is, ServerA hosting one replica can have a value that differs from
the value on ServerB hosting the second replica, and from ServerC
hosting the third replica.

if you are used to thinking about eDir being a replicated database, that
should make your head hurt.

But it is a useful thing.

So why iMan/C1 issues? Well, in those two tools you use NCP to
communicate, which can walk servers in working with you. The two tools
make it very hard (if not impossible) to guarentee what server you are
talking too.

Nor do they show you the different replicas possible versions of the
attribute.

To effectively manage a per-replica attribute, the tools should have
been modified to show a view of teh data, where each replicas version is
shown. BUt they did not.

therefore the best way to handle it is to use LDAP. LDAP allows you to
strictly control teh server you are talking too. Connect to each server
in the replica ring and look at the same attribute. You likely will see
differences. Converesly, find the replica hosted on the server running
the engine, since that is teh one you care about to delete, or validate
that you did delete the attribute value.

It seems complex, but really it is a good idea for the most part.


0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Unable to delete DirXML-DriverStorage attribute from driver


Thanks for your input.
I was able to do it on production also.

Viki


--
vdusnoki
------------------------------------------------------------------------
vdusnoki's Profile: https://forums.netiq.com/member.php?userid=5728
View this thread: https://forums.netiq.com/showthread.php?t=50744

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.