Novell Home

Using DSMaint to Preserve and Protect NDS During a NetWare Reinstall

Novell Cool Solutions: Trench
By Craig Nadler

Digg This - Slashdot This

Posted: 30 May 2002
 

I have come up with a way to utilize the DSMaint utility to do a complete reinstallation of a NetWare server (without changing the hardware). This allows you blow away a NetWare box for whatever reason (i.e. resizing the system volumes; changing the setup of the server etc. without having to worry about NDS issues.) The process has worked great for me. I've used it on a number of servers; mostly because the system volumes were too small and I did not want to span the volumes.

Single Server Procedures

Important Info: This first procedure will work perfectly for situations where you are reinstalling a single server or moving from one server to another and will not need to access the original server again. In a dual server process, when you run DSMaint on the original server and restore it on the second server, the second server will be fully operational, however, the original server will remain in a locked state as DSMaint locks directory services and you will not be able to access the server again unless you follow the procedures In the second part of this document: Dual Server Procedures.

Checklist for Reinstalling a NetWare 4.x Server with DSMAINT.NLM to preserve NDS during upgrade.

  1. Backup Server Data -- i.e. Vol1 data or any other data that is crucial.
  2. Run DSREPAIR to ensure that the local directory is healthy. Correct any errors that may be present.
  3. Make a copy of the Startup.ncf file and the Autoexec.ncf file and, if possible, print them for easy reference later.
Important: You must be authenticated on the Novell server before you continue to the next step.. If you have to reboot the server for any reason due to the above steps, you must log into the server from a workstation before continuing. If you don't and export NDS using DSMAINT without being logged in to the server, you will under no circumstances be able to get back on the server to copy off the backup.ds file created by DSMAINT.NLM as directory services will be completely locked out.

Load the DSMAINT.NLM on the NetWare Server. Select the Prepare NDS for hardware upgrade as shown below.

Note: Once you select this option, You will be required to enter the admin login and password. It will then completely lock out directory services and all directory operations will be ceased. The directory will be saved to a file in Sys:System called backup.ds.
Crucial Step: If you do not do this you can't restore DS on the new installation of the server. Access the SYS volume from the workstation that you have authenticated on. Copy the backup.ds file from the sys:system directory to the local workstation.

Now you can go ahead and reinstall the server, I usually leave the DOS partition on the C: drive, run fdisk, and delete the NON DOS partition. Then I rem out the server.exe from the autoexec.bat.

When you reinstall the Server you must use the Same Server Name and Internal IPX number as the server had before, but when you get to the directory services installation, you must not install into the MIAMIDIST tree, select a new tree and call it whatever you want as it will be removed shortly.

After you complete the server installation install the latest support pack. The shipping version of Netware 4.11 did not come with DSMaint.NLM. It was included later with a support pack, so If you don't install a support pack you cannot restore DS to the server unless you use the install.nlm -- a more complicated process.

Add any necessary name spaces to server, usually the long name space. For example, use Add Name space Long to Vol1 and make sure everything is the same as it was before in the Startup.ncf and autoexec.ncf except, of course, any software that you have yet to install.

These next steps can be done in whatever order you like. I usually restore the data to vol1 before I restore directory services but you don't have to.

Log into the new Tree you created to continue with the admin account you created during the install.

Restore Data to Vol1. (You will lose all file rights as DSMAINT maintains all NDS rights but not file system rights. So you will have to use NWAdmin to restore file system rights to your objects later. The only way to avoid this is to use a backup utility to restore the files from tape. I usually use a workstation to store the files from the server during this process.)

Copy the Backup.ds file from the workstation to the Sys:System directory on the server.

Remove Directory Services completely from the server using Install.nlm. (Note: Make sure to exit install before continuing as DSMAINT.NLM will not load if install.nlm is loaded.)

Load DSMAINT.NLM

Choose restore NDS following hardware upgrade.

You should now once again be a part of the MiamiDist Tree and you can now log into the tree and run Nwadmin and conclude by restoring all necessary file system rights to Ccmail directories, User directories, Shared Drive, and any other necessary files on Vol1.

Dual Server Procedure

This is an addendum to the above directions, you still need to follow the above instructions, these are simply in addition to the steps outlined above. Read through all steps before attempting to try this procedure.

Although dsmaint.nlm was probably not intended for this purpose, with a little creativity I have found a way to use DSMaint to Migrate one Novell server to another without affecting NDS and also be able to leave the original server in service under another name.

This process is quite a bit more complicated.

If your original server contains the Master Replica of the partition you are working with then I would highly recommend that move the Master Replica to another server if possible by promoting a R/W replica on another server to the Master. Do not do this on the server that you migrating to, it needs to be on another server. The reason for this is the following: Once you run DSMaint on the Server with the Master Replica, Directory Services will be completely locked out on that server and will in no way be able to communicate with NDS.

Therefore, once you copy the backup.ds file to the server you are migrating to you have to remove Directory Services before you can restore the backup.ds file to the replacement server. Here is the problem. You cannot remove directory services if the server cannot contact the master replica of your partition. Therefore, if you locked the DS on the server with Master Replica then you cannot proceed. You will have to restore DS on the original server by reimporting the backup.ds file then Go back and remove DS off the replacement Server. Next, you will have to run DSMaint.nlm on the original server again creating a new backup.ds file and copying it a connected workstation. However, since you have no directory services on your new server you will be unable to copy the new backup.ds file to the server.

So you will then have to install Directory services on the new server by creating new tree (do not put the server into an existing tree because you are going to remove DS as soon as the file copy is complete) just to be able to log into the server, then you need to log into the server copy the file, remove directory services and finally run dsmaint.nlm and import the directory of the original server. Next you must change the Internal IPX number on the replacement server to that of the original server and also change the name to match the original server (as stated in first part of this document). As you can see this is much more complicated but can still be done if absolutely necessary.

Recommended Method
An easier solution is to move the Master Replica to a third server that contains a R/W replica of the same partition, then after you run DSMaint.nlm on the original server you can copy the backup.ds file to the replacement server, then remove directory services without incident as the server will still be able to contact the Master Replica. Finally you will restore NDS on the new server using DSMaint.nlm. Then you will change the internal IPX number and name to match the original server. As you can see this is much simpler then the procedure above.

Removing DS off the old server after migration is complete.
Now that you have an operational server that has completely assumed the identity of the original server in NDS, you decide you want to keep the old file server online. As of right now that cannot be done as you have locked out the directory and will be unable to remove DS off the original server, as it cannot communicate with NDS. I have found a way to accomplish this however using hidden switches with dsrepair.nlm.

The procedure.
On your server console type load "dsrepair -a"
This will load dsrepair in advanced mode and give you additional options in the menu. Try to remove DS and it will most likely fail.

Next load "dsrepair -dsremove" on the server to force the server to delete directory services on that server. Then if you go into install and try to remove directory services again it should no longer have directory services installed, then you can simply proceed to change the internal IPX number on the original server to a number that is not used by any other server in your tree and renaming the server. Then you must reboot the server and install directory services and you can go ahead and place it back into the tree as a new server with a new name. Run a full dsrepair when this process is complete to make sure that the directory is healthy on the server.

If you have questions for Craig about this procedure, you can contact him at: Craig.J.Nadler@usdoj.gov.


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell