7.7 eDirectory

7.7.1 Avoid Uninstalling eDirectory

OES services are tightly integrated with eDirectory and do not function without it.

Although the eDirectory 8.8 documentation describes how to remove and reinstall eDirectory, the processes described do not cleanly decouple OES services, nor do they restore service connections. As a result, not only does uninstalling eDirectory break OES services, reinstalling eDirectory does not restore them.

If you have an issue that you believe can only be resolved by uninstalling eDirectory, make sure you consult with Novell Technical Services before you attempt to do so.

7.7.2 Avoid Renaming Trees and Containers

The configuration files for many OES services point to configuration data stored within eDirectory.

Although eDirectory tracks all changes internally, OES services do not. Therefore, if you rename your eDirectory tree or one of the containers below [Root], you should expect that one or more of your OES services will break.

If you need to rename a container or tree, make sure that you

  1. Identify all of the configuration files for your OES services.

  2. Assess whether the changes that you are planning impact any of your service configurations.

  3. Understand and articulate the changes that are required to restore your services after renaming.

There are no automated tools in OES for resolving the configuration errors and other problems that are caused by renaming a tree or its containers.

7.7.3 Default Static Cache Limit Might Be Inadequate

The eDirectory install in OES 2 SP3 sets a default static cache of 200 MB if an _ndsdb.ini file is not present in the dib directory.

To improve performance, you can adjust the cache parameter in the _ndsdb.ini file after the install to meet your eDirectory performance requirements, depending on the database size and available system RAM. We recommend setting the cache to 200 MB on a 2 GB RAM system and 512 MB on 4 GB RAM system.

7.7.4 eDirectory Not Restarting Automatically

After a system crash or power failure, eDirectory services (ndsd) might not automatically restart in some situations. To start eDirectory again, do the following:

  1. Delete the /var/opt/novell/eDirectory/data/ndsd.pid file.

  2. At a terminal prompt, enter /etc/init.d/ndsd start.

7.7.5 One Instance Only

OES 2 supports only one instance of eDirectory (meaning one tree instance) per server.

If you need two or more instances running on a single server, you must install them on a non-OES server, such as SLES 10.

7.7.6 Special Characters in Usernames and Passwords

Using special characters in usernames and passwords can create problems when the values are passed during an eDirectory installation or schema extension.

If the username or password contains special characters, such as $, #, and so on, escape the character by preceding it with a backslash (\). For example, an administrator username of

cn=admin$name.o=container

must be passed as

cn=admin\$name.o=container

When entering parameter values at the command line, you can either escape the character or place single quotes around the value. For example:

cn=admin\$name.o=container

or

'cn=admin$name.o=container'