Infinity9999 Absent Member.
Absent Member.
1101 views

eDirectory and SLP question

So I've been dealing with this for several versions now (maybe since 8.8.8...it's been a while), but I have a question about how eDirectory uses SLP now. In the ancient past, we would install the Linux version of OpenSLP, configure our DA servers and scope and be off and running. As we generally just keep updating our servers as each version comes out, that setup is still in place. Then somewhere around 8.8.8, NetIQ started putting novell-edirectory-openslp as a package in the install. When that installed, we no longer saw the tree in the tree list on clients. Uninstalling that one package made it all work again, so we've just been going into the nds-install and removing that package from the server_packages list every time we download a new release. With the most recent 9.1.1 release, I thought I'd try to get it to work again, since it is kind of a pain to have to go edit that install file every time. But again, if that novell-edirectory-openslp package installs, then none of the SLP registrations seem to make it to our DA servers.

The documentation is misleading too, as it states that starting with version 9.0 you had to install SLP separately. From https://www.netiq.com/documentation/edirectory-9/edir_install/data/a79kg0w.html:
"In earlier releases of eDirectory, SLP was installed during the eDirectory install. But with eDirectory 9.0, you need to separately install SLP before proceeding with the eDirectory install." That just seems backwards to how it actually worked. So is it just an incompatibility with having both the SLES OpenSSL package and the novell-edirectory-opensl package installed? I still only have a single /etc/slp.conf file, but there's nothing that I've found that indicates if the eDir-specific install uses that default conf or if it needs something else. It's not listed as a module to load, and there's no conf under /etc/opt/novell/eDirectory/conf.

I just find it odd that I can't really find any thing other than a handful of Google hits for that package name and the documentation makes it sound like you need to install the Linux OpenSLP and makes no mention of what that novell-edirectory-openslp is there for. Should I just continue in my path of editing the nds-install every time we install a new release? Or is that novell-edirectory-openslp supposed to be adequate to make SLP work (and if so, what am I missing?)?
Labels (1)
0 Likes
13 Replies
Knowledge Partner
Knowledge Partner

Re: eDirectory and SLP question

On 2018-06-29 17:34, infinity9999 wrote:
>
> So I've been dealing with this for several versions now (maybe since
> 8.8.8...it's been a while), but I have a question about how eDirectory
> uses SLP now. In the ancient past, we would install the Linux version
> of OpenSLP, configure our DA servers and scope and be off and running.
> As we generally just keep updating our servers as each version comes
> out, that setup is still in place. Then somewhere around 8.8.8, NetIQ
> started putting novell-edirectory-openslp as a package in the install.
> When that installed, we no longer saw the tree in the tree list on
> clients. Uninstalling that one package made it all work again, so we've
> just been going into the nds-install and removing that package from the
> server_packages list every time we download a new release. With the
> most recent 9.1.1 release, I thought I'd try to get it to work again,
> since it is kind of a pain to have to go edit that install file every
> time. But again, if that novell-edirectory-openslp package installs,
> then none of the SLP registrations seem to make it to our DA servers.
>
> The documentation is misleading too, as it states that starting with
> version 9.0 you had to install SLP separately. From
> https://www.netiq.com/documentation/edirectory-9/edir_install/data/a79kg0w.html:
>
> "In earlier releases of eDirectory, SLP was installed during the
> eDirectory install. But with eDirectory 9.0, you need to separately
> install SLP before proceeding with the eDirectory install." That just
> seems backwards to how it actually worked. So is it just an
> incompatibility with having both the SLES OpenSSL package and the
> novell-edirectory-opensl package installed? I still only have a single
> /etc/slp.conf file, but there's nothing that I've found that indicates
> if the eDir-specific install uses that default conf or if it needs
> something else. It's not listed as a module to load, and there's no
> conf under /etc/opt/novell/eDirectory/conf.
>
> I just find it odd that I can't really find any thing other than a
> handful of Google hits for that package name and the documentation makes
> it sound like you need to install the Linux OpenSLP and makes no mention
> of what that novell-edirectory-openslp is there for. Should I just
> continue in my path of editing the nds-install every time we install a
> new release? Or is that novell-edirectory-openslp supposed to be
> adequate to make SLP work (and if so, what am I missing?)?
>
>

Everywhere we install eDirectory for LDAP and/or IDM we never ever use
SLP! Everything we use eDirectory for works just fine.
Please note that we don't use any other legacy Novell products such as
the Novell client so we can't comment on that.

0 Likes
Knowledge Partner
Knowledge Partner

Re: eDirectory and SLP question

>> I just find it odd that I can't really find any thing other than a
>> handful of Google hits for that package name and the documentation makes
>> it sound like you need to install the Linux OpenSLP and makes no mention
>> of what that novell-edirectory-openslp is there for.  Should I just
>> continue in my path of editing the nds-install every time we install a
>> new release?  Or is that novell-edirectory-openslp supposed to be
>> adequate to make SLP work (and if so, what am I missing?)?
>>
>>

> Everywhere we install eDirectory for LDAP and/or IDM we never ever use
> SLP! Everything we use eDirectory for works just fine.
> Please note that we don't use any other legacy Novell products such as
> the Novell client so we can't comment on that.


The trick is, register the IP of a replica holder (or all of them) as
the DNS name of the tree. Then lookups of simply the tree name then
work, before even getting to SLP.

0 Likes
Infinity9999 Absent Member.
Absent Member.

Re: eDirectory and SLP question

The only thing is that we still have Novell Client use with some Netware servers, so we still need to be able to do tree browsing through that. I already have DNS records that match the tree names, and that works fine for iManager. I'm fine with continuing on the path I've been on as I know it works. I just don't understand what the embedded module is supposed to be used for and why it breaks the OS version of the SLP daemon if you install it.
0 Likes
Sabhay1 Absent Member.
Absent Member.

Re: eDirectory and SLP question

infinity9999;2483290 wrote:

I just find it odd that I can't really find any thing other than a handful of Google hits for that package name and the documentation makes it sound like you need to install the Linux OpenSLP and makes no mention of what that novell-edirectory-openslp is there for. Should I just continue in my path of editing the nds-install every time we install a new release? Or is that novell-edirectory-openslp supposed to be adequate to make SLP work (and if so, what am I missing?)?


eDirectory started packaging novell-edirectory-openslp to support a pure IPv6 environment. For IPv6, slp 2.0 was required and older machines did not had slp 2.0 through their system repositories. So, eDirectory started building and packaging slp 2.0 since then.
0 Likes
Infinity9999 Absent Member.
Absent Member.

Re: eDirectory and SLP question

Thanks for that info. Should I assume from that statement that if I uninstall the OS version of SLP and only use the one shipped with eDirectory, then I'll have both IPv4 and IPv6 compatibility? I'm still confused why things break if I install the one shipped with eDirectory. It's almost like the eDirectory version has its own configuration or just isn't using the /etc/slp.conf file. And if that's the case, I'm not sure what I need to update to make the eDirectory version talk to our DA servers.
0 Likes
Highlighted
Knowledge Partner
Knowledge Partner

Re: eDirectory and SLP question

is there a file named slpuasa.conf in /etc ?
0 Likes
Infinity9999 Absent Member.
Absent Member.

Re: eDirectory and SLP question

mathiasbraun;2483529 wrote:
is there a file named slpuasa.conf in /etc ?


No, looking for slp* under /etc only gives slp.conf, slp.reg and slp.spi. Is slpuasa.conf the file that manages the eDirectory version of SLP? I want to say that sounds familiar, like we may have used that when we had SLP integrated into one of our trees, but we stopped using it when we moved to using SLP DAs that were standalone because they stopped packaging SLP with eDirectory (I think that was back in the 8.7 or early 8.8 times).

These are the packages that are currently installed:
yast2-slp-3.1.11-1.85.x86_64
openslp-2.0.0-17.1.x86_64
openslp-server-2.0.0-17.1.x86_64
novell-edirectory-openslp-9.1.1-0.x86_64
openslp-32bit-2.0.0-17.1.x86_64
0 Likes
Knowledge Partner
Knowledge Partner

Re: eDirectory and SLP question

In the old days both config and daemon coming with eDir ware named slpuasa. Personally i exclusively use the "native" stuff since the codebase became a little more sophisticated due to pressure generated by NetWare customers which were naturally shocked by the numerous weaknesses in the "open" implementation which rather rendered it unusable for business use. Somewhen around OES2SP3 it started getting a little more viable. For standalone eDirectory installations i normally install AND configure it before i even copy the eDir installation sources over to the box. And i haven't seen an instance where the edir-slp package "rolled over" the existing code.
Which version of SLES and eDir are you running exactly when you face this issue?
0 Likes
Infinity9999 Absent Member.
Absent Member.

Re: eDirectory and SLP question

We've had issues on SLES11 (pretty much any service pack level) and eDir 8.8.8 (I'd have to go look at which patch version threw that SLP module back into the install) up through our current testing which is SLES 12 SP3 and eDir 9.1.1 (the update that just got released). We don't use OES.
0 Likes
Knowledge Partner
Knowledge Partner

Re: eDirectory and SLP question

I'll try to dupe this when i find an hour or two.
I've mentioned OES just because it's been IMHO the first enterprise software which really used (better: TRIED to use) the openSLP implementation in a way where lack of function and functionality really hurt. So it's been something like the driving force for improvements.
0 Likes
Sabhay1 Absent Member.
Absent Member.

Re: eDirectory and SLP question

infinity9999;2483527 wrote:
Thanks for that info. Should I assume from that statement that if I uninstall the OS version of SLP and only use the one shipped with eDirectory, then I'll have both IPv4 and IPv6 compatibility? I'm still confused why things break if I install the one shipped with eDirectory. It's almost like the eDirectory version has its own configuration or just isn't using the /etc/slp.conf file. And if that's the case, I'm not sure what I need to update to make the eDirectory version talk to our DA servers.


If you remove the OS slp, then any other service using SLP will stop working. slp package bundled by eDiectory is installed in a eDirectory path which other services would not know and it is only used by eDirectory. You can check what error is being reported by the eDirectory using SADV tag in ndstrace. eDir will try to register SLP on every restart of the server.
0 Likes
Knowledge Partner
Knowledge Partner

Re: eDirectory and SLP question

...and scheduled according to "n4u.nds.advertise-life-time".
0 Likes
Infinity9999 Absent Member.
Absent Member.

Re: eDirectory and SLP question

@Sabhay - So I have a lab tree where I have one box with the eDir slp package installed along with the OS stuff, and one with the same things but I just did an rpm -e on the eDir SLP package. On the box with the eDir package installed, I get things like "SLP Register url service:ldap:///x.x.x.x:389. failed failed, no referrals (-634) (SLPError: -19)." On the box without it, it all registers normally. I still think it has to do with the fact that there's no configuration for the eDir package to use (that I can find). I do recall using slpuasa.conf back in the day before we moved to using the openSLP stuff. But that file doesn't exist on any of our boxes.

@mathiasbraun - we have all of our servers set with an advertise-life-time of 600.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.