fartyalvikram Contributor.
Contributor.
803 views

Add eDirectory Replica Server using ndsconfig Utility

I have two IDM 4.5 Servers one is 192.168.1.111 and second is 192.168.1.113.
Both IDM 4.5 are installed on SLES 11 SP3.
Both server's eDirectory version is NetIQ eDirectory 8.8 SP8 v20804.05.
I want to add eDirectory Server Replica as 192.168.1.113 inside eDirectory Server 192.168.1.111 using ndsconfig Utility.
Server 192.168.1.111 ndscheck
Fri Jan 12 17:20:50 2018
Performing health check on the eDirectory server ".CN=dev.OU=servers.O=system.T=IDM45." ...
---------------------------------------------------------------------------------------------
Checking eDirectory LDAP and HTTP services...
Checking health of partitions ...

Status of partition ".T=IDM45." ...
Checking the status of the replica ring...
Number of replicas = 1
+---------------------------------+-------+-------------------------+---------------+------------------+
Server Name Status Time Sync Time Delta Replica State
+---------------------------------+-------+-------------------------+---------------+------------------+

.CN=dev.OU=servers.O=system.T=IDM45. UP YES 0 m:0 s ON
+---------------------------------+-------+-------------------------+---------------+------------------+

INFO: This is the ONLY server holding the replica of the partition, ".T=IDM45.". It is recommended to have at least one more replica to avoid loss of data in case of catastrophic failure.

Status of partition ".CN=driverset1.O=system.T=IDM45." ...
Checking the status of the replica ring...
Number of replicas = 1
+---------------------------------+-------+-------------------------+---------------+------------------+
Server Name Status Time Sync Time Delta Replica State
+---------------------------------+-------+-------------------------+---------------+------------------+

.CN=dev.OU=servers.O=system.T=IDM45. UP YES 0 m:0 s ON
+---------------------------------+-------+-------------------------+---------------+------------------+

INFO: This is the ONLY server holding the replica of the partition, ".CN=driverset1.O=system.T=IDM45.". It is recommended to have at least one more replica to avoid loss of data in case of catastrophic failure.
eDirectory health check completed.

Refer log file "/var/opt/novell/eDirectory/log/ndscheck.log" for more details.

Server 192.168.1.113 ndscheck
Fri Jan 12 17:27:06 2018
Performing health check on the eDirectory server ".CN=idm.OU=servers.O=system.T=IDM45." ...
---------------------------------------------------------------------------------------------
Checking eDirectory LDAP and HTTP services...
Checking health of partitions ...

Status of partition ".T=IDM45." ...
Checking the status of the replica ring...
Number of replicas = 1
+---------------------------------+-------+-------------------------+---------------+------------------+
Server Name Status Time Sync Time Delta Replica State
+---------------------------------+-------+-------------------------+---------------+------------------+

.CN=idm.OU=servers.O=system.T=IDM45. UP YES 0 m:0 s ON
+---------------------------------+-------+-------------------------+---------------+------------------+

INFO: This is the ONLY server holding the replica of the partition, ".T=IDM45.". It is recommended to have at least one more replica to avoid loss of data in case of catastrophic failure.

Status of partition ".CN=driverset1.O=system.T=IDM45." ...
Checking the status of the replica ring...
Number of replicas = 1
+---------------------------------+-------+-------------------------+---------------+------------------+
Server Name Status Time Sync Time Delta Replica State
+---------------------------------+-------+-------------------------+---------------+------------------+

.CN=idm.OU=servers.O=system.T=IDM45. UP YES 0 m:0 s ON
+---------------------------------+-------+-------------------------+---------------+------------------+

INFO: This is the ONLY server holding the replica of the partition, ".CN=driverset1.O=system.T=IDM45.". It is recommended to have at least one more replica to avoid loss of data in case of catastrophic failure.
eDirectory health check completed.

Refer log file "/var/opt/novell/eDirectory/log/ndscheck.log" for more details.

So please guide me how can I proceed for adding replica server or provide some steps for this.
Labels (1)
0 Likes
3 Replies
Knowledge Partner Knowledge Partner
Knowledge Partner

Re: Add eDirectory Replica Server using ndsconfig Utility

Are these two servers already part of the same tree? Based on the tree
name it would seem so, but perhaps you incorrectly created both servers
with the same tree name, but really in separate trees. If so, you need to
undo that as you cannot have duplicate trees safely. I am guessing that
is what happened, so I presume this is also a new installation of
everything, which means you can remove it and add one of the servers into
the other server's tree and then be fine.

It would help if you explained exactly how you created these eDirectory
environments, specifically which commands you ran, in which order, on
which boxes, preferably with links to documentation you followed.

--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below.

If you want to send me a private message, please let me know in the
forum as I do not use the web interface often.
0 Likes
fartyalvikram Contributor.
Contributor.

Re: Add eDirectory Replica Server using ndsconfig Utility

No both servers are not the part of the same tree.
Is it mandatory to add Tree Name for adding the eDir Replica Server?
And is it possible to add eDir Replica Server without modifying the Tree Name or some new installation stuff?
If yes so please provide me the steps so I can add Replica Server using ndsconfig Utility.
I have installed both server separately using "Identity_Manager_4.5_Linux_Advanced" ISO and performed Integrated Installation.
0 Likes
Highlighted
Knowledge Partner Knowledge Partner
Knowledge Partner

Re: Add eDirectory Replica Server using ndsconfig Utility

On 01/14/2018 11:46 PM, fartyalvikram wrote:
>
> No both servers are not the part of the same tree.


They say they are, so one of them is wrong. When you installed them, you
must have chosen "create a new tree" (or something meaning the same thing)
as part of the installation, so even though they are not in the same tree,
they are in trees with the same name, which is pretty risky since if the
two trees ever do start communicating as part of one tree it could lead to
the corruption of both. This is one of the reasons tree names should be
unique in a given environment, though you may have many servers in any
single tree.

> Is it mandatory to add Tree Name for adding the eDir Replica Server?


I am not sure what you are asking. Every server must have a tree to which
it belongs, and servers within a single tree can exchange eDirectory
information (via replication or other inter-server communications). There
are also possibly multiple trees in an environment, but they are logically
separate and do not communicate with eachother unless something is setup
to do so via Identity Manager (IDM) which is not native eDirectory.

> And is it possible to add eDir Replica Server without modifying the Tree
> Name or some new installation stuff?


In your case, no. You must clean up one of the two, then add that one to
the other server's tree, so you will only have one tree, but two servers
in it.

> If yes so please provide me the steps so I can add Replica Server using
> ndsconfig Utility.
> I have installed both server separately using
> "Identity_Manager_4.5_Linux_Advanced" ISO and performed Integrated
> Installation.


The Integrated Install is a nice way to get a demo environment going, but
it is mostly meant for setting up a new tree. Using it on two separate
boxes is a good way to get two independent environments (such as what you
have) even if you do not want to. It may be able to join a server to a
tree as well, but since it is not supported in Production (thus its
usefulness as a demo-only tool) I have not experimented with that as it is
of no value to me.

Your best bet is probably to use those media, but do NOT use the
integrated install binary at the root of tie media, but instead use the
regular eDirectory and IDM media one at a time to do their respective
installs, on the second server. Leave the first server alone, but join
the second server to it if you want two servers in the same tree, maybe
with both holding replicas of everything.

Having written all of that, it may be useful if you explain, in detail,
what you are trying to do with these boxes. Maybe you want to quickly
setup eDirectory synchronization (vs. replication) between two trees, in
which case you could use the media, and the steps, you currently have, but
you just need to have trees with unique names to be normal. IDM, which
you are using, would synchronize data between disparate trees, among other
things (LDAP directories, databases, files, etc.).

--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below.

If you want to send me a private message, please let me know in the
forum as I do not use the web interface often.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.