Novell Doc: OES Linux Installation Guide - Meeting the Upgrade Requirements

4.1 Meeting the Upgrade Requirements

Meet the following OES Linux requirements before you install any OES Linux components:
- Make sure the server has a static IP address.
- Make sure DNS returns the server's DNS name when presented with the server's IP address. You can the use host to validate this item.
- Make sure the server has a server certificate that has been generated and exported as a Common Server certificate.
  
  To check for or add a certificate, do the following:
  1. Launch YaST.
  2. Click Security and Users > CA Management.
  3. If no Certificate Authorities (CAs) are listed, create one by clicking Create Root CA.
    
    If a CA is listed, you can use it by selecting the CA and clicking Enter CA.
  4. If you are using a listed CA, you must provide the CA password (generally the root password).
  5. Click Certificates > Add.
  6. Fill out the forms required for a server certificate. After the last form is complete, a server certificate is created and listed in the certificate list.
  7. Select the certificate you just created.
  8. Click the Export button, then select Export as common server certificate.
If you are upgrading from a server with either OpenLDAP or eDirectory™ already installed and running, you have several options. Select one that matches your situation.
- Upgrade the server with OpenLDAP to OES without eDirectory.
  
  In this scenario, make sure that eDirectory is available somewhere on the network. However, when upgrading to OES on this server, do not select eDirectory. For other OES services that are installed during the upgrade, make sure that they are configured to use the existing eDirectory servers as an LDAP backend rather than the local OpenLDAP server.
  
  Any existing users of OpenLDAP will not be affected. However, you might need to use a product such as Nsure Identity Manager 2 to synchronize between the various directories in your environment.
- Upgrade the server with OpenLDAP to OES with eDirectory.
  
  Make sure that no LDAP daemon is running on the server by doing the following:
  
  IMPORTANT:The OpenLDAP that ships with SLES conflicts with the eDirectory LDAP and causes problems in the upgrade.
  1. At a command prompt, check to see if the LDAP daemon is running by entering
    
    ps -e | grep slapd
  2. To stop the LDAP daemon, enter
    
    kill -9 process_ID
    
    The process ID is displayed in Step 1.
  3. Prevent the LDAP daemon from loading in the future by entering
    
    chkconfig ldap off
  4. Check to make sure the LDAP daemon is turned off by entering
    
    chkconfig -l
  If you want to migrate the data from the existing OpenLDAP server to the new eDirectory server, perform the following steps:
  1. Export your data from the OpenLDAP server before you begin the upgrade. If you do not, you will lose any data stored in the OpenLDAP directory database.
  2. Prepare the new eDirectory tree with schema that is compatible for the data that has been exported from the OpenLDAP server.
  3. Import the data into the new eDirectory tree.
  Even if you do not migrate the data from the OpenLDAP server to eDirectory, if you plan to use eDirectory as an LDAP back end for the various SLES components (for example, User Management and DNS/DHCP server configuration data), you must prepare the new eDirectory tree with the schema definitions found in /opt/novell/ldif/schemadiff.ldif. Then you must configure those components to use the new eDirectory LDAP front end.
  
  In this scenario, the current Open Enterprise Server product does not provide any tools to do this upgrade and migration automatically. Novell is looking at the possibility of providing these tools in future releases.
- Upgrade a server that has eDirectory 8.7.3 IR3 to OES with eDirectory.
  
  The version of eDirectory that ships with OES is 8.7.3 IR5. The only earlier version of eDirectory supported on SLES 9 is 8.7.3 IR3. If the IR3 version of eDirectory is already installed and you want to upgrade to OES eDirectory, you can simply select eDirectory during the OES upgrade process and eDirectory is automatically updated correctly, even if the eDirectory DIB has been relocated to a non-standard location. An administrator familiar with eDirectory administration and configuration can easily determine whether the automatic upgrade was successful and manually adjust any of the configuration settings that need to be changed or optimized.
Review and complete the instructions for Preparing the OES Linux Files for Installation. We recommend using the network installation option, especially if you are installing multiple servers.