Converting Novell Branch Office to Standard NetWare 6.5

Novell Cool Solutions: AppNote
By Michael Faris

Digg This - Slashdot This Posted: 22 Feb 2006

by Michael Faris
Network Engineer
Aviall, Inc.

Although NBO is a great product, there might be a desire to bring those servers back into the flock of your existing eDirectory tree. Being that our NBOs were on the other side of the globe, I have devised a method of removing the hands-off NBO appliance additions to the NetWare 6.5 server underneath while preserving the identity of the server and it's user data.

There are several blessings to this method that make it more non-threatening:

1. All user accounts for each NBO already exist in the CO tree.
2. Removing DS on the NBO only kills printers, which can easily be re-created.
3. ZENWorks applications (NAL) are already assigned in the CO tree.
4. RSYNC has already ensured a complete data backup of all user data, should the need arise.

Conditions: NBO v2.01 - (NetWare 6.5 SP2). This has not been tested with OES versions of NetWare.

Each NBO location had an OU corresponding to each site in the CO tree.

All user and Application objects reside in within each OU for each NBO office.

I needed a way I could install files on the server without remote-controlling a workstation, esp. since I would be removing eDirectory from the NBO at one point, so I created a script. Part of this script is taken from the NW65SP2 install (SILENT.ICS). With this script I can use NWCONFIG and ICMD. I put the files and scripts on a CD and sent it to the branch, instructing a contact to insert the CD into the NBO server.

NOTE: There is no authentication during the scripts, because, if you are able to run it, you've already logged in to the NBO Appliance and unlocked the console.

This script does NOT check for the presence of NBO. It is down and dirty and will ruin any NetWare server it is applied to, if used incorrectly.

Here are the scripts that run.

**** CONVERT.IPS ****     download here
**** NBO2NW.ICS ****      download here

The script CONVERT.IPS does the basic environment settings, removes NBO and ZWS (ZEN for Servers) from the PRODUCTS.DAT and calls NBO2NW.ICS script. When it returns, it copies a standard NW 6.5 SP2 SERVER.EXE and removes several NCF files on the boot drive that account for most of the NBO boot process. A new AUTOEXEC.NCF is created and files needed for Tomcat and Apache are copied to their respective folders.

The script NBO2NW.ICS performs the majority of the changes. Since NBO is administered through a web interface and very IE specific, I chose to remove both Tomcat and Apache2 folders on SYS and re-install them from the install files supplied with NW65SP2. The script also installs ConsoleOne, Netware Remote Manager, and iManager because they are missing or crippled with the NBO image.

Once the scripts run, the server needs to be rebooted. When it boots you will notice that it is now a server, not an appliance. And will boot as such. There are additional steps that I could not script. They need to happen in this order:

1. Remove DS from the server.



2. Run NSSMU if you wish to rename your DATA volume.



3. Run INETCFG and make sure all of the IP setting are correct. - Reinitialize system.



4. Ensure that the information for your server is correct in the following files, HOSTS, HOSTNAME and RESOLV.CFG.



5. Install DS and place the server in the context you designate in the CO tree.



6. Delete SYS:ADMINSRV\CONF\.KEYSTORE file. This contains the cert info for the old NBO tree and it will be recreated.



7. I had to delete the new server's SSL Objects in ConsoleOne because they didn't have the Trusted Root information. You should check them first.



8. Run PKIDIAG and choose FIX Mode. This re-creates the SSL objects.



9. Run TCKEYGEN from the console. This re-creates the .KEYSTORE file needed for Tomcat.



10. Reset the server.

The additional steps will configure the web services for tomcat and apache.

Make the following changes to the following files:

1. SYS:ADMINSRV\CONF\adminserv.conf
   

    ServerName [full_DNS_server_name.company.com]
    
    Listen [ip_address_of_server]:2211
    SecureListen [ip_address_of_server]:2200 "SSL CertificateDNS"
   
    <VirtualHost [ip_address_of_server]:2200>
    ServerName [full_DNS_server_name.company.com]

2. SYS:APACHE2\CONF\httpd.conf
   

    ServerName [full_DNS_server_name.company.com]
   
    eDirServer [full_DNS_server_name.company.com]

3. SYS:APACHE2\CONF\DAEMON\startup.properties
   

   ProviderURL = [full_DNS_server_name.company.com]
   
   ServerDN = cn=[ServerName],cn=NetWare Group,cn=Apache Group,o=[Your O]
   ServerName [full_DNS_server_name.company.com]

4. SYS:TOMCAT\4\WEBAPPS\NPS\WEB-INF\PortalServlet.properties
   

   System.DirectoryAddress=[ip_address_of_server]\:636
   
   Custom_Backend_Renderer_Portal_Location=http\://ip_address_of_server]/nps

   If you have iManager installed on another server, preferably, the CO server, open the same file and copy and paste the GUID for the pco account.

After all that, use ConsoleOne and specify the Home directories, if applicable, and assign user rights to your server. Any printers that were on the NBO will also need to be re-created and assigned.

Create a login script for the container, if you use one.

NOTE: All this depends if you have access to the console of the NBO. We used HP LightsOut cards to perform this conversion. A local workstation will lose connectivity once DS is removed from the server.

I used Installation Scripts for NetWare for reference:

http://www.novell.com/documentation/nw6p/index.html?page=/documentation/nw6p/othr_enu/data/hz8pck9v.html

Here is a list of files and folders I put on the CD. All relevance is from the root of the CD.

01/05/2006  07:11a                  76 AUTOEXEC.BAT
01/12/2006  09:26a               5,011 CONVERT.IPS
04/15/2004  04:58p               6,090 ICMD.MSG
05/28/2004  04:10p              33,887 ICMD.NLM
01/11/2006  10:41a      <DIR>          INSTALL
01/10/2006  03:37p               1,769 POST.TXT
01/08/2006  01:58p      <DIR>          PROD
01/11/2006  02:38p               1,225 README.TXT
06/11/2004  03:09p           1,551,431 SERVER.EXE
01/08/2006  02:22p                 289 SETLANG.ICS
02/18/2003  04:12p              28,797 SPUTIL.NLM
01/08/2006  01:28p      <DIR>          SYS
01/10/2006  08:29a             344,107 tc4keyst.exe

 INSTALL

12/04/2003  11:50a               2,277 IMGRSHIM.ZIP
01/12/2006  09:21a      <DIR>          MISC
01/11/2006  02:21p              13,369 NBO2NW.ICS
10/13/2003  02:53p                 280 UPGRDNW.PRO

 INSTALL\MISC

05/27/2005  07:04a               6,067 adminserv.conf
05/27/2005  07:04a               8,634 admin_tomcat.xml
01/10/2006  03:21p               1,548 AUTOADD.NCF
06/07/2005  07:40a              25,010 httpd.conf
06/07/2005  07:42a                 728 PortalServlet.properties
05/27/2005  07:04a              20,281 server.xml
05/27/2005  07:04a                 663 startup.properties
06/07/2005  07:43a                 219 tc4jpda.ncf
06/07/2005  07:43a              36,076 web.xml
06/07/2005  07:43a               5,097 workers.properties

 PROD

01/08/2006  01:31p      <DIR>          APACHE2
01/08/2006  01:43p      <DIR>          CONSOLE1
01/08/2006  01:26p      <DIR>          EXTEND
01/08/2006  01:58p      <DIR>          NRM
01/08/2006  01:26p      <DIR>          TOMCAT4

 PROD\APACHE2

06/07/2004  11:01a               4,983 AAP2CONF.ZIP
06/07/2004  12:18p           4,178,271 AAPACHE2.ZIP
06/07/2004  11:03a             601,469 ADMINSRV.ZSP
06/07/2004  12:18p              31,540 AP2WEBCF.ZIP
06/07/2004  01:14p             155,714 WELCOME.ZSP

 PROD\CONSOLE1

06/10/2004  10:29a           3,606,256 C1_CORE.ZIP
05/18/2004  12:54a                 795 C1_NW.ZIP
05/18/2004  12:54a          11,630,940 C1_RPT.ZIP
06/04/2004  12:11a          21,899,510 C1_WIN32.ZIP

 PROD\EXTEND

05/13/2004  03:49p          15,350,479 IMANAGER.ZSP
01/08/2006  01:26p      <DIR>          PACKAGES

 PROD\EXTEND\PACKAGES

06/08/2004  03:20p          32,172,335 PLUGINS.ZIP
06/23/2004  12:21p           6,561,709 VOFFICE.ZIP

 PROD\NRM

02/04/2004  12:39p           1,663,862 NWPORTAL.ZIP

 PROD\TOMCAT4

04/21/2004  10:49a             290,134 ADMTC4.ZIP
04/21/2004  10:49a             187,059 EXAMPLES.ZIP
04/21/2004  10:49a             770,066 NWTC4BIN.ZIP
04/21/2004  10:49a           8,764,752 TOMCAT4.ZIP

 SYS

01/08/2006  01:28p      <DIR>          RESEARCH
01/10/2006  11:01a      <DIR>          SYSZIP

 SYS\RESEARCH

01/08/2006  01:28p      <DIR>          IPV6

 SYS\RESEARCH\IPV6

01/08/2006  01:28p      <DIR>          APACHE

 SYS\RESEARCH\IPV6\APACHE

05/05/2004  02:19p             541,018 AP2IPV6.ZIP

 SYS\SYSZIP

06/07/2004  01:14p             465,687 APWLCM.ZIP
11/19/2003  05:39a             133,688 BEANS_WM.ZIP
06/03/2004  08:47a           6,301,217 C1S_ICE.ZIP
12/10/2003  06:18p             454,657 C1S_IMGR.ZIP
05/17/2004  04:49a             586,861 C1S_LDAP.ZIP
12/10/2003  06:18p             532,557 C1S_WMAN.ZIP
11/19/2003  04:32a             224,269 DNSDHCP.ZIP
12/12/2003  01:21p              65,856 EDIRWLCM.ZIP
11/13/2003  12:01p             584,534 IMANAGER.ZIP
11/21/2003  01:15p             190,200 IPRINT2.ZIP
05/26/2004  12:35p              73,354 J2EEWLCM.ZIP
03/03/2004  06:28a             644,975 NIRMAN.ZIP
05/18/2004  05:46p             474,672 NSSWELCM.ZIP
11/26/2003  10:37p             546,225 NTP_WLCM.ZIP
04/08/2004  11:11a             506,431 NWSWLCM.ZIP
05/27/2004  09:41a           1,427,825 RCONJ.ZIP
12/04/2003  03:07a             399,607 SCRIPTWM.ZIP
11/20/2003  05:58a             397,407 SMSWLCM.ZIP
06/07/2004  01:14p             120,754 SSHWLCM.ZIP
04/21/2004  10:52a              37,520 TC4WLCM.ZIP
11/19/2003  05:50a             759,286 TCPIP_WM.ZIP
11/19/2003  08:48p             684,480 UDDI.ZIP
06/22/2004  12:12p             557,688 VO_WLCM.ZIP
06/07/2004  12:35p             170,748 WSTORAGE.ZIP

Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com