Open Enterprise Server Readme

1.1.1 Linux Support

OES SP2 is supported only on SUSE LINUX Enterprise Server 9 for x86 SP2, included with OES. There is no direct upgrade path from Novell Nterprise™ Linux Services 1.0.

1.1.2 NetWare Support

Installing OES Support Pack 2 for NetWare is the same as installing NetWare 6.5 with Support Pack 5. The codebase of OES Support Pack 2 and NetWare 6.5 Support Pack 5 are the same. You can upgrade to OES from previous versions of NetWare. Upgrading to OES on NetWare is essentially the same as upgrading from previous versions of NetWare to NetWare 6.5 SP5 and OES SP2 for NetWare. Unless otherwise noted, all previously available functionality of NetWare 6.5 still works.

1.2.1 Not All OES Client Components Have Been Tested in Windows XP SP2 Environment

Some problems might occur when accessing an OES server from a Windows^* XP client with SP2 installed. For example, a pop-up might appear, saying that the publisher is unknown. Please report to Novell any additional problems that occur.

1.2.2 Installation Method When Creating a New eDirectory Tree

If you want to create a new eDirectory™ tree that contains both NetWare and Linux servers, you must start the tree creation using a NetWare server first.If you use a Linux server to create a new tree and subsequently add a NetWare server to it, you will not be able to install any client or server licenses. Any features that require either a NetWare Server license and/or Novell Client™ Access license will be inaccessible.For more information, see Adding a NetWare Server to an OES Linux Tree in the Novell OES SP2 Planning and Implementation Guide.

1.2.3 Linux Issues

The following issues exist on OES Linux:

2.19.1 iManager Does Not Run

If you are using nwdeploy.exe to do a remote upgrade, and if Tomcat does not load after rebooting and iManager won't run, the catalina.jar file has become corrupted. To resolve this, copy the catalina.jar file from \products\tomcat4\tomcat4.zip on the overlay ISO path to the server’s \tomcat\4\server\lib directory.

To prevent this in future remote upgrades, unload Tomcat and unload Java prior to doing the upgrade by completing the following:

2.19.2 Post-installing Certificate Server

Doing a remote post-install of Certificate Server using the Deployment Manager may not complete the installation from the Supoort Pack 6 overlay. Since Certificate Server is installed by default in most cases, you should not need to post-install it again.

If Certificate Server needs to be post-installed such as when migrating server to new hardware, you should post-install Certificate server using the local server’s gui.

2.21.1 Unsupported SSL File Types

For SSL private key files, file type Der is not supported.

2.21.2 Space Is Not supported in SSL Filenames

Do not include spaces in filenames for public key certificate, private key, and trusted certificate files.

2.21.3 Chain of Multiple Certification Authorities (CA) Signers Not Supported

Certificates with more than one CA signer in the certificate chain are not supported. Use certificates having a single CA signer.

2.22.1 Boot Volume Files Are Not Backed Up

If the install detects a Branch Office appliance, no files on the C: drive are backed up during the install. This change was made to prevent the appliance from running out of disk space on that drive.

2.22.2 Ongoing Novell Branch Office Issues

Ongoing issues from earlier releases are available in the Novell Nterprise Branch Office 2.0.5 Readme.

2.22.3 Replication

If you continue to receive error -10 and error -30, even after following suggetions in section 2.2 of the NBO 2.0.5 Readme, and you have large Data sets to replicate, try the following:

3.1.1 Deploying eDirectory 8.8

Open Enterprise Server Support Pack 2 includes updates for eDirectory 8.73. If you want to deploy eDirectory 8.8, see “Using YaST to Install and Configure eDirectory 8.8” in the Novell eDirectory 8.8 Installation Guide and TID 10100450 for known issues.

3.1.2 Additional Configuration after Applying Patches

After applying SP2 patches, you need to do additional configuration for several components as outlined in Configuring Services After Applying an OES Support Pack of the OES Linux Installation Guide.

3.1.3 Virtual Office Updates Not Included in SP2

The Virtual Office component and updates are not included in Open Enterprise Server Support Pack 2. Existing Virtual Office installations will continue to run on servers updated to OES SP2. If you are creating a new server and want to install Virtual Office, install it using the Open Enterprise Server SP 1 CDs, then update or patch the server to SP 2.

To obtain the Virtual Office 1.6.1 for Linux update, download vo_linux1_6_1.tar.gz from the support.novell.com.

3.1.4 I/O through NSS Software RAID 5 Devices on SATA Drives Might Cause Extreme Slowness

For NSS on Linux, I/O through an NSS software RAID 5 device on some SATA drives might be so slow that the machine appears to hang. Only certain SATA drives experience this I/O slowdown when used in RAID 5; other SATA drives perform as expected. We are not aware of any problems for NSS software RAID 0 or RAID 1 devices on SATA drives.

We are currently working to address this issue. Meanwhile, we recommend that you conduct a small I/O test prior to implementing NSS software RAID 5 on your SATA drives.

3.1.5 SecretStore Stops Functioning after Patching

If you patch a server running Novell® SecretStore™ to OES SP2, SecretStore stops functioning because the configuration files were overwritten by the patches. To resolve this, you must reconfigure SecretStore using the following commands:

3.1.6 iPrint Issues

3.1.7 Multi-byte Character Issues

3.1.8 Cannot Install exteNd Director

Before installing exteNd v5.2.1, you must disable the Name Services Cache Daemon (nscd) on OES SP2 before the exteNd suite install. The daemon can be disabled in Yast > System > Runlevel Editor. The nscd service should be enabled after the exteNd suite install is completed.

This does not affect updating servers that already have exteNd Director already installed.

3.1.9 Extending Schema for exteNd v5.2.1

To add the schema extension for exteNd v5.2., you need to use a version of iManager from OES SP1 or earlier, ConsoleOne or the command line version of ICE1 schema extension. You can build the ICE command in iManager, and then cut and paste it to the command line in Linux and extend the schema that way.

3.1.10 GroupWise Connection Error

GroupWise® cannot use the updated glibc that is included with OES SP2; if you install it, you receive errors that the POA cannot connect to the MTA via IP.

To resolve this, do not update the glibc package. If you have already installed the new package, you can backrev to the previous version by doing the following:

Applying any of the current GroupWise 7 SP1 Field Test patches or beta, allows the GroupWise agents to run as root. After the application of the GroupWise patch files, it is no longer necessary to backrev the glibc patch

3.1.11 NSS Does Not Support Clustering for RAID 5 on Linux

NSS software RAID 5 is not supported with clustering on OES Linux. NSS does support software RAID 5 if the disk is not shared in a cluster.

3.2.1 Deploying eDirectory 8.8

Open Enterprise Server Support Pack 2 includes updates for eDirectory 8.73. If you want to deploy eDirectory 8.8, see TID 10100450 for known issues.

3.2.2 Empty List of Domain Names

If sys:\etc\resolv.cfg is not accessible, then both inetcfg.nlm and the Configure TCP/IP option in Novell Remote Manager for NetWare do not show any domain names and name servers.

3.2.3 Virtual Office Updates Not Included in SP2

The Virtual Office component and updates are not included in Open Enterprise Server Support Pack 2. Existing Virtual Office installations will continue to run on servers updated to OES SP2. If you are creating a new server and want to install Virtual Office, install it using the Open Enterprise Server SP 1 CDs, then update or patch the server to SP 2.

To obtain the Virtual Office 1.6.1 for NetWare update, download vo_netware1_6_1.exe from support.novell.com.

3.2.4 Available Memory Health Status in Novell Remote Manager for NetWare

The server health item for Available Memory in Novell Remote Manager for NetWare is configured by default with threshold values calculated as a percentage of the total server memory. Starting with OES SP2, adjustments have been made to the server's memory handling that allow for lower values for these thresholds, so the defaults for Suspect and Critical levels have been changed.

These changes to the default threshold values are in place on a new server install with OES SP2 (NW6.5 SP5), but the defaults are not automatically changed on a server that is being upgraded to the latest Support Pack, to avoid overwriting any custom values you have already set for these thresholds.

If you see the Available Memory server health item showing a status of Suspect (yellow) or Critical (red) after applying the Support Pack (that might not occur depending on the server memory and existing settings), adjust the threshold values to the new defaults for Available Memory.

3.2.5 CE1000 Driver Change

The CE1000 LAN Driver has been removed from this support pack and replaced with the E1000 LAN Driver. If you install using the overlay (CD Image) method, the replacement E1000 driver is used automatically.

If you install using the support pack script install (using nwconfig.nlm), the old CE1000 LAN driver on the server is used. To run the new driver, run inetcfg to configure the new driver, or edit the autoexec.ncf file if you load Lan drivers from autoexec.ncf.

3.2.6 Error When Migrating Printers with the Server Consolidation Migration Toolkit

When using the Server Consolidation Migration Toolkit to move printers from one NetWare server to another, you might see the following error message:

Dropped printer agent is invalid. It has either been deleted, been disassociated with PSM, the source PSM no longer exists or the destination PSM no longer exists. Do you want to delete this object from the project database?

Click either Yes or No because the printer agent was already moved to a target PSM. Refreshing the objects shows that the move was completed.

3.2.7 Time Stamp Issue on FTP Server

It is not possible to set a time stamp on a subdirectory or file, from a directory that has white-space characters in its name. To resolve this, specify the absolute path of file or directory in quotes. This can also be done from the parent directory that doesn't have spaces in its name, then you can set the time stamp for the files or directories with the relative path specified in quotes.

3.2.8 iPrint Issues

3.2.9 Novell Branch Office

Before installing this Support Pack on a Novell Branch Office (NBO) server, delete any previous backups on c:\nwserver\backspx, where x can be 2 to 4. This prevents the server from running out of disk space on the c: drive during the Support Pack installation, which could cause an abend.

4.2.1 Cacerts File Moved to New Location

Beginning with OES SP1, the Tomcat certificate file for cacerts was changed to /var/opt/novell/tomcat4/conf/cacerts. This change might affect services running inside Tomcat that make a connection to an SSL-enabled service and in multiple server configurations or for signed certificates obtained from a third-party.

Before applying the Support Pack, you should back up your the cacerts file in /usr/lib/SunJava2-1.4.2/jre/lib/security as described in TID 10098127.

4.2.2 Download of Latest Release Notes Fails

If installing OES sp2, the internet connection test and downloading of release notes might fail and the YaST online update is populated with the wrong server. To resolve this issue, go to the Yast Online Update screen. Change the Installation Source to "User-Defined Location" and enter http://update.novell.com/YOU as the server. You should now be able to connect to the YaST online update server.

If this fails, check that you have DNS setup on your network. Currently there are no YOU patches available for the install so this step can be skipped.

5.1.1 NetWare Install Program

Novell no longer distinguishes between a NetWare 6.5 Support Pack installation and the OES for NetWare installation. The ability to choose between Open Enterprise Server and NetWare 6.5 SP5 has been removed from the Install program.

If you are upgrading from NetWare 6.5 FCS or later, Novell recommends that you run NWCONFIG and use Product Options to apply the SP5 updates from the update CD. This method upgrades QuickFinder™ to version 4.1 and Virtual Office to version 1.6. It also detects the version of iManager and applies either iManager 2.0.2 or iManager 2.5 updates as required.

If you want to upgrade iManager 2.0.2 to iManager 2.5, do a product install of iManager 2.5 using the NetWare 6.5 SP5 overlay CDs after you have applied the SP5 updates in NWCONFIG.

Before upgrading from NetWare 5.1 or NetWare 6.0 using the overlay CDs, you should back up any configuration files that you have customized. After the upgrade, you can restore the customized files if necessary.

In order to be upgraded to OES NetWare, NetWare 5.1 servers must have SP7 or later applied; NetWare 6.0 servers must have SP5 or later applied.

5.1.2 Migration and Consolidation Tools

The NetWare Migration Wizard and the Novell Server Consolidation Utility have been combined under a single launch interface called the Novell Server Consolidation and Migration Toolkit. The new launch interface asks you what type of consolidation or migration project you want to perform and then launches the appropriate utility automatically: Novell Server Consolidation Utility 4.1 or NetWare Migration Wizard 8.1.

In NetWare Migration Wizard 8.1, the option to perform a full backup of the source server's trustees has been removed. Novell encourages customers to always do a full tape backup of their source server before beginning the migration. If this is done, there is no need to separately back up all the source server's trustees within the Migration Wizard.

NetWare Migration Wizard 8.1 now supports NetWare 4 as a source server, which was previously supported only in Migration Wizard 6.5.

New features in Server Consolidation Utility 4.1 include the ability to run a project as a server-based process. This means the utility does not control or monitor the actual data copying; rather, an agent running on the server processes the project. You also have the ability to migrate iPrint Print Managers and Printer Agents from a NetWare 6.5 SP3 or later environment to an OES Linux environment.

5.2.1 Installing Multiple Servers

You should install one NetWare server at a time into a tree, waiting for the installation program to complete before installing an additional server into the same tree.

5.2.2 Avoid Some eDirectory Operations during OES Installation

While installing OES, you should not initiate heavy eDirectory operations such as partitioning, mass user creation, and mass Linux User Management enabling due to slow performance. You should perform these operations after OES is installed.

5.2.3 No CD Switch When Installing NetWare 6.5 SP5/OES on VMWare

When installing or upgrading to NetWare 6.5 SP5/OES on VMWare, the switch between the OS and Products CDs might not mount the Products CD. To fix this, go into the VMWare devices, disconnect the CD-ROM IDE channel, and then reconnect. The NetWare Install program should now detect and mount the Products CD.

5.2.4 Overlay Install Issue with ULTRA Driver

If the ULTRA driver has been selected during the NetWare installation but refuses to load, load the IDEATA driver instead:

5.2.5 Installing the Support Pack Causes ZENworks Imaging to Stop Functioning

After installing the Support Pack, ZENworks Imaging might stop functioning. To resolve this follow the instructions in TID 10098801 on the Support Web site.

5.2.6 ZENworks Server Management Does Not Work on Servers after Upgrade

When a NetWare 6.5 server is upgraded to OES NetWare, a newer JVM^* is installed that is incompatible with the zencommon.jar file in ZENworks® 6.5, so the Server Policies and Server Software Package functionalities no longer work.

To resolve this, upgrade Server Management to ZENworks 6.5 Support Pack 1 after upgrading NetWare to obtain an updated zencommon.jar file.

5.2.7 NetWare Support Pack Install Overwrites ZENworks Middle Tier Components

The OES NetWare installation overwrites ZENworks middle tier (XTier) components and upgrades XTier from version 2.0x to 3.01. However, ZENworks Desktop Management (ZDM) 6.5 and 7.0 require xTier version 2.0x for proper functionality.

ZDM 6.5 and 7.0 users must reinstall XTier after upgrading from a previous version of NetWare to OES NetWare SP1 (NetWare 6.5 SP5). Note that this impacts NetStorage functionality.

5.2.8 Configuring Virtual Device for NSS When Installing OES NetWare on VMWare

When installing OES NetWare Support Pack on a VMWare ESX Server, keep the following guidelines in mind as you configure the virtual device for your Novell Storage Services™ (NSS) volumes.

Whenever possible, you should create the virtual device in persistent mode (not undoable). In this mode, all writes are committed to the device immediately without creating a redo file.

If you create the virtual device in undoable mode, be sure to leave enough free space for the redo file to grow to the size of the partition created for the virtual server. To avoid possible problems, the virtual device should be set at twice the size of the NSS partition.

If you create the virtual device in undoable mode and don't have enough free space for the redo file, you might experience issues such as the NSS pool being deactivated or the NSS partition being deleted.

6.1.1 Apache Restart Problem Might Cause a Service to Hang

If a service uses Apache, the service might hang if any module using the Apache instance does not exit immediately in response to the Apache Restart command. To avoid this problem, use the Apache Reload command instead of Restart or Start and Stop.

6.1.2 Cacerts File Moved to New Location

Beginning with OES SP1, the Tomcat certificate file for cacerts was changed to /var/opt/novell/tomcat4/conf/cacerts. This change might affect services running inside Tomcat that make a connection to an SSL-enabled service and in multiple server configurations or for signed certificates obtained from a third-party.

To resolve any of these issues, you must reimport your certificates as described in TID 10098127.

6.2.1 Apache Restart Problem Might Cause a Service to Hang

If a service uses Apache, the service might hang if any module using the Apache instance does not exit immediately in response to the Apache Restart command. To avoid this problem, use the Apache Reload command instead of Restart or Start and Stop.

6.2.2 Using the Internal HTTP stack of Tomcat

By default, the internal HTTP stack of Tomcat is disabled on NetWare. If you want to use the Tomcat secure internal HTTP stack, additional configuration is required because the default NetWare SSL certificates stored in Tomcat’s keystore are not compatible with Tomcat’s secure HTTP stack.

To use the internal HTTP stack:

keytool -import -alias tomcat -file certificatename.cer -keystore sys:/adminsrv/conf/.keystore

6.2.3 Remote NetWare Upgrade Does Not Configure Apache2 Admin Server Properly

If, during a remote upgrade of NetWare, you accept the defaults for the LDAP server (specifically, Require TLS for Simple Binds), the Apache2 Admin Server will not get configured properly.

Any of the following resolves this issue:

6.2.4 Preventing Potentially Large mod_jk Log File

Extremely high traffic volumes on the Tomcat Servlet Container can cause the mod_jk log file to grow large enough to consume the hard drive space on your server's sys: volume.

To prevent this potential problem, disable the log file:

6.2.5 Broken Links in the Tomcat Web Application Manager

In the Tomcat Web application manager utility (http://domain_name/tomcat/htmlmanager/html/), some hypertext links to various Web applications might not work. This is because while the manager utility can identify the names of each installed application, it has no method for discovering the exact paths (including port numbers) to all of the applications on your server. In addition, Apache requires a trailing forward slash (/) at the end of its URL, which the manager utility does not append by default.

In most cases, this issue can be resolved by adding a forward slash (/) at the end of the URL. For example, if you clicked the /tomcat/manager link, the referenced URL might be

https://airport.newyork.digitalairlines.com/tomcat/manager

Because this URL is missing a required trailing forward slash, the browser returns an Object Not Found error message. You could then add a forward slash to the end of the URL to access the application:

https://airport.newyork.digitalairlines.com/tomcat/manager/

If the trailing slash does not fix the issue, you can access the application some other way, such as through the NetWare Welcome Web page or through Virtual Office if you have installed it.

6.2.6 Server Certificate Issues

Tomcat sometimes fails to start if there are problems with the server certificate.

If the server certificate has changed since the time of installation, you might need to export the SSL CertificateIP Trusted Root Object to sys:/public/RootCert.der using ConsoleOne® and then execute the following command at the system console:

keytool -import -v -noprompt -trustcacerts -file sys:/public/RootCert.der -keystore sys:/adminsrv/conf/.keystore -storepass changeit

6.2.7 Tomcat 5 Not Supported

Although Tomcat 5 can be installed, it has had limited testing and is unsupported in this release.