Another Tree-Splitting Example From the Trenches
Novell Cool Solutions: Trench
By Peter J Strifas
Digg This -
Posted: 26 Oct 2001
From the "more than one way to split a tree" department, eDirectory arborist Peter J Strifas sent us this fantastic example of how his team split off part of their company, packed them up, and moved them out.
Regarding Jim Henderson's "Splitting eDirectory Trees" and the TID referenced in the post (TID number 10050607)- we actually used this TID as a basis for a tree split that would affect 1200 users, 5 servers and 32 printers.
Here's what we did: Our Master Replica server has mirrored drives (a Compaq with 9.1GB drives). We pulled one of the drives and replaced it with an identical blank drive. The Compaq raid array did its job of re-mirroring the drives. Next, we backed up our eDirectory tree using ArcServe as well as using the -RC switch (dsrepair) on all our servers holding replicas. On all the volume objects, we backed-up the trustee assignments as well.
We took the removed drive and installed it in similar hardware on an isolated network with an admin workstation attached. There, we cleaned up the tree -- we removed all the references to servers (and volumes) except for the reference to the Master Replica server (RS01). In short, we treated all the other servers as "crashed" servers and followed Novell's guidelines for removing crashed servers from a tree.
At this point, we merged all partitions into one large partition [ROOT]. Then we were able to delete all containers and their objects that were not required for the sub-tree that was being split from our tree. So only the containers and objects necessary for the division being sold were left in the tree.
After checking the tree's health, we partitioned the "target" tree according to eDirectory guidelines for WAN links. This also allowed us to install the target servers into this tree more effectively over slow(er) WAN links. Next, we renamed the server object (to Server1) and its SYS volume object; then rebooted. Again, we checked the health of the tree, and found it to be sound, so we proceeded to the next phase -- renaming the tree to DivisionTree. Once the tree was renamed to reflect the organization it supported, we set about preparing it for production; checking such items as NAL Launcher Configuration tree, ZEN policies, etc. We also re-structured this new tree to better reflect their new division's WAN infrastructure and department organization.
Additional preparation included a registry edit that would edit workstation settings for the Novell Client set as a NAL object with Force Run checked, and a printer assessment spreadsheet for information necessary to recreate the JetDirect environment in the new tree setting.
On "D-DAY", we took this server to the off-site location that would be the headquarters of the new division. We placed the server on the LAN and brought it up. Since all was well, we removed DS from one of the 5 servers (HHA01) in the sub-tree and re-installed it into the new target tree (DivisionTree). Once DS was on this server, we restored trustee assignments to all its volumes and tested against it with several workstations. We were able to verify access to the tree, authentication, drive mappings, and access to files rather quickly. Another group concentrated on re-configuring the printer environment and we were able to test printing as well. At this point, we moved forward adding the remaining four servers in the same manner.
Once we had all the servers in the tree, we added all the replicas of DivisionTree to HHA01 thus creating a "Replica" server for this tree. Once all the replicas were on-board, we promoted them to MASTER so that HHA01 was the "Master Replica" server for the DivisionTree. After completing an eDirectory health check, we downed the "temp server" and removed it from the LAN. Using an admin workstation, we treated this as a crashed server in the tree and removed its objects and references to them according to Novell's guidelines. This left us with a fully functional eDirectory tree with the 5 necessary servers, the eDirectory objects they required, and their intact file system.
Our only shortcoming was preparing for all the different workstation types on their LAN segments. We discovered afterwards that several users also logged in with DOS/WIN3.x workstations for legacy applications (they were never migrated to the WinNT environment for some reason).
After a 3 weeks rest, we went after some real fun.... We went back to our production eDirectory tree (4800 users, 32 servers, NDS4NT, MetaFrame and 450+ printers) and renamed it :) But that's an entirely different story....