Novell Home

Checking eDirectory 8.6.2 on Solaris and Linux Hosts

Novell Cool Solutions: Tip
By Subbu K.K.

Digg This - Slashdot This

Posted: 18 Apr 2002
 

Are you unable to 'see' eDirectory service configured on Solaris or a Linux box? Here are some simple steps you can take to pin down the fault:

  1. Check your environment and server configuration
  2. $ echo ${NDS_CONF:-/etc/nds.conf}
    /etc/nds.conf
    $ ndsconfig get tcp-port configdir vardir dibdir
    n4u.server.tcp-port=3000 [default: 524]
    n4u.server.configdir=/etc
    n4u.server.vardir=/var/nds
    n4u.nds.dibdir=/var/nds/dib
    $
    
    If the NDAP port number is other than the default, then remember to use the new number for all future checks.

  3. Check if replica server is up and running

  4. You can use ndsstat(1) command to 'ping' the replica server.
    $ ndsstat -h `hostname`:3000
    Tree Name: ORG-TREE
    Server Name: .CN=sol-51.O=org.T=ORG-TREE.
    NDS Version: 10320.02
    Root Most Entry Depth: 0
    $
    
    This will tell you if your server agent is up and listening on the port. If you dont get a 'ping' back, then you need to run 'ndsd' and check in the ndsd.log file in vardir for any errors.
    $ ndsd
    $ tail -f `ndsconfig get vardir | cut -d= -f2`/ndsd.log
    Apr 10 14:02:58  starting to load modules
    Apr 10 14:02:58  GAMS Loaded Successfully
    Apr 10 14:03:04  MASV : Initialized
    Apr 10 14:03:04  NDS server 8.6.2 successfully started
    Apr 10 14:03:04  Starting LDAP services
    Apr 10 14:03:06  LDAP v3 for Novell eDirectory 8.6.2 v10310.02
    ....
    $ 
    
  5. Check if LDAP service is configured
  6. $ ldapconfig -p 3000 -a admin.org -V
    ...
    LDAP Enable TCP = YES
    ...
    LDAP TCP Port = 3001
    ...
    $ 
    
    A common error with ldapconfig is the use of LDAP port instead of NDAP port. Unlike other commands that begin with ldap prefix, ldapconfig is actually an NDAP utility for setting LDAP service and group objects attributes. Verify if 'LDAP Enable TCP' is set to YES and 'LDAP TCP Port' is defined correctly. If these are not set correctly, use the '-s' option to set them to the correct value.

  7. Check if LDAP service modules are running
  8. $ ndstrace -c 'modules'
    ...
    libnldap.la	Running  Init: 0x40E8DEF0  Exit: 0x40E8DF6C 
    ...
    $ 
    
    Check if the nldap module is running. If not, then start it with 'nldap -l'.

  9. Check DSE
  10. $ /usr/ldaptools/bin/ldapsearch -p 3001 -s base objectclass=*
    ..
    $
    
    These commands will print the DSE (Directory Server-specific Entry) for the LDAP server. This will assure you that the LDAP service is up and responding.

  11. Final Check

  12. Lastly, check if your treename is registered and visible in the local network. You can use either slpinfo(1M) of Novell's SLP or slptool(1M) of the openslp package.
    $ slpinfo -a service:ndap.novell///TIME-TREE.
    ..
    $
    
    The three slashes and the trailing dot are important. The SLP service agent, slpuasa(1m), should be running for this command to work. Sometimes, SLP may have been suppressed with a flat file (hosts.nds) in configdir. You can check for this file also with the command:
    $ cat `ndsconfig get configdir | cut -d= -f2`/hosts.nds
    TIME-TREE. sol-51:3000
    $
    
    If this file is present, then SLP is not used.


    Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell