DSfW: After Migration KDC and XADSD do not start
This document (7011899) is provided subject to the disclaimer at the end of this document.
Environment
Novell Open Enterprise Server 11 SP1 (OES 11SP1) Linux
Novell Open Enterprise Server 2 SP3 (OES 2SP3) Linux
Domain Services for Windows
DSFW
DSFW
January 2013 Maintenance Patch
Situation
After OES2SP3 migration to OES11SP1 XADSD and KDC do not start
xadsd and xad-krb5kdc are not running after migration from oes2sp3 to oes11sp1
Resolution
The start up files are copied from the OES2SP3 server over to the OES11 SP1 server.
In the /etc/init.d/xad-krb5kdc go to line 212 or search for xadsd_check_running and rem the line out (#).
#xadsd_check_running
In the /etc/init.d/xadsd go to line 34 or search for NCALRPCDIR=$REGISTRY=NcalRpcDir and rem the line out.
Then add a new line below #NCALRPCDIR=$REGISTRY=NcalRpcDir and put NCALRPCDIR=/var/opt/novell/xad/rpc
#NCALRPCDIR=$REGISTRY=NcalRpcDir
NCALRPCDIR=/var/opt/novell/xad/rpc
Cause
The servers were not at the same patch level. Both source and target servers should be at the same patch level when doing a migration.
Additional Information
Sample xadsd startup file
#! /bin/sh
# Copyright (c) 2001-2006 Novell, Inc.
#
# Author: Novell, Inc.
#
# /etc/init.d/xadsd
#
### BEGIN INIT INFO
# Provides: xadsd
# Required-Start: $network $syslog ndsd rpcd
# Required-Stop: $network $syslog
# Default-Start: 3 5
# Default-Stop: 0 1 2 6
# Short-Description: Domain Services Daemon
# Description: Domain Services for Windows
### END INIT INFO
_LIB=`/opt/novell/xad/share/dcinit/printConfigKey.pl "_Lib"`
EXEC_PREFIX=/opt/novell/n
BINDIR=$EXEC_PREFIX/bin
SBINDIR=$EXEC_PREFIX/sbin
LIBEXECDIR=$EXEC_PREFIX/libexec
SYSCONFDIR=/etc/opt/novell/xad
LOCALSTATEDIR=/var/opt/novell/xad
LIBDIR=$EXEC_PREFIX/$_LIB
DATADIR=$EXEC_PREFIX/share
NDS_EXEC_PREFIX=/opt/novell/eDirectory
NDS_BINDIR=$NDS_EXEC_PREFIX/bin
NDS_SBINDIR=$NDS_EXEC_PREFIX/sbin
NDS_LIBDIR=$NDS_EXEC_PREFIX/$_LIB
NDS_LOCALSTATEDIR=/var$NDS_EXEC_PREFIX
#NCALRPCDIR=$REGISTRY=NcalRpcDir
NCALRPCDIR=/var/opt/novell/xad/rpc
export RPC_NCALRPC_DIR=$NCALRPCDIR
DCINIT_CONFIG=$SYSCONFDIR/xad.ini
export DCINIT_CONFIG
PATH=$DATADIR/dcinit:$SBINDIR:$LIBEXECDIR:$BINDIR:/sbin:$PATH
export PATH
LD_LIBRARY_PATH=/opt/novell/xad/$_LIB:/opt/novell/xad/$_LIB/nds-modules:/opt/novell/eDirectory/$_LIB:/opt/novell/eDirectory/$_LIB/nds-modules:$LD_LIBRARY_PATH
export LD_LIBRARY_PATH
SASL_PATH=$LIBDIR/sasl2
export SASL_PATH
LDAPCONF=$SYSCONFDIR/openldap/ldap.conf
export LDAPCONF
KRB5CCNAME=KCM:SYSTEM
export KRB5CCNAME
RPC_SERVER_DISC_TIME=600
export RPC_SERVER_DISC_TIME
NDS_CONF=$SYSCONFDIR/nds.conf
NAMED_CONF=$SYSCONFDIR/named.conf
LDAPI_SOCKET=$LOCALSTATEDIR/run/ldapi
test -f $SYSCONFDIR/xad.ini || exit 0
# Souce xadsd server port if one is configured.
XADSD_CONF=/etc/sysconfig/novell/xadsd
test -f $XADSD_CONF && . $XADSD_CONF
test -n "$XADSD_RPC_SERVER_PORT" && XADSD_SERVER_PORT_ARGS="-p $XADSD_RPC_SERVER_PORT"
ndsd_check_running()
{
PIDNDSD=`cat $NDS_LOCALSTATEDIR/data/ndsd.pid 2>/dev/null`
if [ ! -z "$PIDNDSD" ] ; then
y=0
printf " Waiting for LDAP server to be ready ...\n"
while [ $y -lt 60 ]
do
/usr/bin/ldapsearch -LLL -b "" -s base -Y EXTERNAL dn >/dev/null 2>&1
if [ "$?" == 0 ]
then
return
fi
printf "."
sleep 1
y=$((y+1))
done
printf " LDAP server is not Responding.\n"
exit 1
else
printf " LDAP server must be started before Domain Services for Windows.\n"
exit 1
fi
}
xadsd_check_running()
{
$LIBEXECDIR/xadsd -S >/dev/null 2>&1
if [ $? -eq 1 ]; then
true
else
false
fi
}
# Shell functions sourced from /etc/rc.status:
# rc_check check and set local and overall rc status
# rc_status check and set local and overall rc status
# rc_status -v ditto but be verbose in local rc status
# rc_status -v -r ditto and clear the local rc status
# rc_failed set local and overall rc status to failed
# rc_failed <num> set local and overall rc status to <num><num>
# rc_reset clear local rc status (overall remains)
# rc_exit exit appropriate to overall rc status
. /etc/rc.status
# First reset status of this service
rc_reset
# Return values acc. to LSB for all commands but status:
# 0 - success
# 1 - generic or unspecified error
# 2 - invalid or excess argument(s)
# 3 - unimplemented feature (e.g. "reload")
# 4 - insufficient privilege
# 5 - program is not installed
# 6 - program is not configured
# 7 - program is not running
#
# Note that starting an already running service, stopping
# or restarting a not-running service as well as the restart
# with force-reload (in case signalling is not supported) are
# considered a success.
case "$1" in
start)
## Start daemon with startproc(8). If this fails
## the echo return value is set appropriate.
# NOTE: startproc returns 0, even if service is
# already running to match LSB spec.
STARTPROC_ARGS="-q -u root"
ndsd_check_running
echo -n "Starting Domain Services Daemon"
startproc $STARTPROC_ARGS -p $LOCALSTATEDIR/run/xadsd.pid -s -t 3 $LIBEXECDIR/xadsd $XADSD_SERVER_PORT_ARGS
if [ $? -eq 0 ]; then
xadsd_check_running
fi
rc_status -v -r
# root and ntp need access to the domain socket
chown ntp $RPC_NCALRPC_DIR/xadsd
#Remove the old link
rm -f /var/lib/ntp/$LOCALSTATEDIR/rpc/xadsd
#Link the domain socket to /var/lib/ntp chroot jail
ln -f $RPC_NCALRPC_DIR/xadsd /var/lib/ntp/$LOCALSTATEDIR/rpc/xadsd
# refresh winbindd to recognize xad services
killall -SIGHUP nmbd 2>/dev/null
killall -SIGHUP winbindd 2>/dev/null
killall -SIGHUP smbd 2>/dev/null
;;
stop)
## Stop daemon with killproc(8) and if this fails
## set echo the echo return value.
KILLPROC_ARGS=-TERM
echo -n "Shutting down Domain Services Daemon"
killproc $KILLPROC_ARGS -p $LOCALSTATEDIR/run/xadsd.pid $LIBEXECDIR/xadsd
rc_status -v -r
# Delete epheremal endpoints
rm -f $RPC_NCALRPC_DIR/xadsd
rm -f $RPC_NCALRPC_DIR/PIPE/np/samr
rm -f $RPC_NCALRPC_DIR/PIPE/np/lsarpc
rm -f $RPC_NCALRPC_DIR/PIPE/np/netlogon
;;
try-restart)
## Stop the service and if this succeeds (i.e. the
## service was running before), start it again.
## Note: try-restart is not (yet) part of LSB (as of 0.7.5)
$0 status >/dev/null && $0 restart
# Remember status and be quiet
rc_status
;;
restart)
## Stop the service and regardless of whether it was
## running or not, start it again.
$0 stop
$0 start
# Remember status and be quiet
rc_status
;;
force-reload)
## Signal the daemon to reload its config. Most daemons
## do this on signal 1 (SIGHUP).
## If it does not support it, restart.
echo -n "Reloading Domain Services Daemon"
# Otherwise:
$0 stop && $0 start
rc_status
;;
reload)
## Like force-reload, but if daemon does not support
## signalling, do nothing (!)
echo -n "Reloading Domain Services Daemon"
# Otherwise if it does not support reload:
rc_failed 3
rc_status -v -r
;;
status)
## Check status with checkproc(8), if process is running
## checkproc will return with exit status 0.
CHECKPROC_ARGS=
# Status has a slightly different for the status command:
# 0 - service running
# 1 - service dead, but /var/run/ pid file exists
# 2 - service dead, but /var/lock/ lock file exists
# 3 - service not running
# NOTE: checkproc returns LSB compliant status values.
echo -n "Checking for Domain Services Daemon"
checkproc $CHECKPROC_ARGS -p $LOCALSTATEDIR/run/xadsd.pid $LIBEXECDIR/xadsd
rc=$?
if [ ${rc} -eq 0 ]; then
xadsd_check_running
rc=$?
fi
( exit ${rc} )
rc_status -v
;;
*)
echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload}"
exit 1
;;
esac
rc_exit
#! /bin/sh
# Copyright (c) 2001-2006 Novell, Inc.
#
# Author: Novell, Inc.
#
# /etc/init.d/xadsd
#
### BEGIN INIT INFO
# Provides: xadsd
# Required-Start: $network $syslog ndsd rpcd
# Required-Stop: $network $syslog
# Default-Start: 3 5
# Default-Stop: 0 1 2 6
# Short-Description: Domain Services Daemon
# Description: Domain Services for Windows
### END INIT INFO
_LIB=`/opt/novell/xad/share/dcinit/printConfigKey.pl "_Lib"`
EXEC_PREFIX=/opt/novell/xad
BINDIR=$EXEC_PREFIX/bin
SBINDIR=$EXEC_PREFIX/sbin
LIBEXECDIR=$EXEC_PREFIX/libexec
SYSCONFDIR=/etc/opt/novell/xad
LOCALSTATEDIR=/var/opt/novell/xad
LIBDIR=$EXEC_PREFIX/$_LIB
DATADIR=$EXEC_PREFIX/share
NDS_EXEC_PREFIX=/opt/novell/eDirectory
NDS_BINDIR=$NDS_EXEC_PREFIX/bin
NDS_SBINDIR=$NDS_EXEC_PREFIX/sbin
NDS_LIBDIR=$NDS_EXEC_PREFIX/$_LIB
NDS_LOCALSTATEDIR=/var$NDS_EXEC_PREFIX
NCALRPCDIR=$REGISTRY=NcalRpcDir
export RPC_NCALRPC_DIR=$NCALRPCDIR
DCINIT_CONFIG=$SYSCONFDIR/xad.ini
export DCINIT_CONFIG
PATH=$DATADIR/dcinit:$SBINDIR:$LIBEXECDIR:$BINDIR:/sbin:$PATH
export PATH
LD_LIBRARY_PATH=/opt/novell/xad/$_LIB:/opt/novell/xad/$_LIB/nds-modules:/opt/novell/eDirectory/$_LIB:/opt/novell/eDirectory/$_LIB/nds-modules:$LD_LIBRARY_PATH
export LD_LIBRARY_PATH
SASL_PATH=$LIBDIR/sasl2
export SASL_PATH
LDAPCONF=$SYSCONFDIR/openldap/ldap.conf
export LDAPCONF
KRB5CCNAME=KCM:SYSTEM
export KRB5CCNAME
RPC_SERVER_DISC_TIME=600
export RPC_SERVER_DISC_TIME
NDS_CONF=$SYSCONFDIR/nds.conf
NAMED_CONF=$SYSCONFDIR/named.conf
LDAPI_SOCKET=$LOCALSTATEDIR/run/ldapi
test -f $SYSCONFDIR/xad.ini || exit 0
# Souce xadsd server port if one is configured.
XADSD_CONF=/etc/sysconfig/novell/xadsd
test -f $XADSD_CONF && . $XADSD_CONF
test -n "$XADSD_RPC_SERVER_PORT" && XADSD_SERVER_PORT_ARGS="-p $XADSD_RPC_SERVER_PORT"
ndsd_check_running()
{
PIDNDSD=`cat $NDS_LOCALSTATEDIR/data/ndsd.pid 2>/dev/null`
if [ ! -z "$PIDNDSD" ] ; then
y=0
printf " Waiting for LDAP server to be ready ...\n"
while [ $y -lt 60 ]
do
/usr/bin/ldapsearch -LLL -b "" -s base -Y EXTERNAL dn >/dev/null 2>&1
if [ "$?" == 0 ]
then
return
fi
printf "."
sleep 1
y=$((y+1))
done
printf " LDAP server is not Responding.\n"
exit 1
else
printf " LDAP server must be started before Domain Services for Windows.\n"
exit 1
fi
}
xadsd_check_running()
{
$LIBEXECDIR/xadsd -S >/dev/null 2>&1
if [ $? -eq 1 ]; then
true
else
false
fi
}
# Shell functions sourced from /etc/rc.status:
# rc_check check and set local and overall rc status
# rc_status check and set local and overall rc status
# rc_status -v ditto but be verbose in local rc status
# rc_status -v -r ditto and clear the local rc status
# rc_failed set local and overall rc status to failed
# rc_failed <num> set local and overall rc status to <num><num>
# rc_reset clear local rc status (overall remains)
# rc_exit exit appropriate to overall rc status
. /etc/rc.status
# First reset status of this service
rc_reset
# Return values acc. to LSB for all commands but status:
# 0 - success
# 1 - generic or unspecified error
# 2 - invalid or excess argument(s)
# 3 - unimplemented feature (e.g. "reload")
# 4 - insufficient privilege
# 5 - program is not installed
# 6 - program is not configured
# 7 - program is not running
#
# Note that starting an already running service, stopping
# or restarting a not-running service as well as the restart
# with force-reload (in case signalling is not supported) are
# considered a success.
case "$1" in
start)
## Start daemon with startproc(8). If this fails
## the echo return value is set appropriate.
# NOTE: startproc returns 0, even if service is
# already running to match LSB spec.
STARTPROC_ARGS="-q -u root"
ndsd_check_running
echo -n "Starting Domain Services Daemon"
startproc $STARTPROC_ARGS -p $LOCALSTATEDIR/run/xadsd.pid -s -t 3 $LIBEXECDIR/xadsd $XADSD_SERVER_PORT_ARGS
if [ $? -eq 0 ]; then
xadsd_check_running
fi
rc_status -v -r
# root and ntp need access to the domain socket
chown ntp $RPC_NCALRPC_DIR/xadsd
#Remove the old link
rm -f /var/lib/ntp/$LOCALSTATEDIR/rpc/xadsd
#Link the domain socket to /var/lib/ntp chroot jail
ln -f $RPC_NCALRPC_DIR/xadsd /var/lib/ntp/$LOCALSTATEDIR/rpc/xadsd
# refresh winbindd to recognize xad services
killall -SIGHUP nmbd 2>/dev/null
killall -SIGHUP winbindd 2>/dev/null
killall -SIGHUP smbd 2>/dev/null
;;
stop)
## Stop daemon with killproc(8) and if this fails
## set echo the echo return value.
KILLPROC_ARGS=-TERM
echo -n "Shutting down Domain Services Daemon"
killproc $KILLPROC_ARGS -p $LOCALSTATEDIR/run/xadsd.pid $LIBEXECDIR/xadsd
rc_status -v -r
# Delete epheremal endpoints
rm -f $RPC_NCALRPC_DIR/xadsd
rm -f $RPC_NCALRPC_DIR/PIPE/np/samr
rm -f $RPC_NCALRPC_DIR/PIPE/np/lsarpc
rm -f $RPC_NCALRPC_DIR/PIPE/np/netlogon
;;
try-restart)
## Stop the service and if this succeeds (i.e. the
## service was running before), start it again.
## Note: try-restart is not (yet) part of LSB (as of 0.7.5)
$0 status >/dev/null && $0 restart
# Remember status and be quiet
rc_status
;;
restart)
## Stop the service and regardless of whether it was
## running or not, start it again.
$0 stop
$0 start
# Remember status and be quiet
rc_status
;;
force-reload)
## Signal the daemon to reload its config. Most daemons
## do this on signal 1 (SIGHUP).
## If it does not support it, restart.
echo -n "Reloading Domain Services Daemon"
# Otherwise:
$0 stop && $0 start
rc_status
;;
reload)
## Like force-reload, but if daemon does not support
## signalling, do nothing (!)
echo -n "Reloading Domain Services Daemon"
# Otherwise if it does not support reload:
rc_failed 3
rc_status -v -r
;;
status)
## Check status with checkproc(8), if process is running
## checkproc will return with exit status 0.
CHECKPROC_ARGS=
# Status has a slightly different for the status command:
# 0 - service running
# 1 - service dead, but /var/run/ pid file exists
# 2 - service dead, but /var/lock/ lock file exists
# 3 - service not running
# NOTE: checkproc returns LSB compliant status values.
echo -n "Checking for Domain Services Daemon"
checkproc $CHECKPROC_ARGS -p $LOCALSTATEDIR/run/xadsd.pid $LIBEXECDIR/xadsd
rc=$?
if [ ${rc} -eq 0 ]; then
xadsd_check_running
rc=$?
fi
( exit ${rc} )
rc_status -v
;;
*)
echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload}"
exit 1
;;
esac
rc_exit
Sample xad-krb5kdc
#! /bin/sh
# Copyright (c) 2001-2006 Novell, Inc.
#
# Author: Novell, Inc.
#
# /etc/init.d/xad-krb5kdc
#
### BEGIN INIT INFO
# Provides: krb5kdc
# Required-Start: $network $syslog ndsd
# Required-Stop: $network $syslog
# Default-Start: 3 5
# Default-Stop: 0 1 2 6
# Short-Description: Kerberos KDC Daemon
# Description: Kerberos KDC Server
### END INIT INFO
_LIB=`/opt/novell/xad/share/dcinit/printConfigKey.pl "_Lib"`
EXEC_PREFIX=/opt/novell/xad
BINDIR=$EXEC_PREFIX/bin
SBINDIR=$EXEC_PREFIX/sbin
LIBEXECDIR=$EXEC_PREFIX/libexec
SYSCONFDIR=/etc/opt/novell/xad
LOCALSTATEDIR=/var/opt/novell/xad
LIBDIR=$EXEC_PREFIX/$_LIB
DATADIR=$EXEC_PREFIX/share
NDS_EXEC_PREFIX=/opt/novell/eDirectory
NDS_BINDIR=$NDS_EXEC_PREFIX/bin
NDS_SBINDIR=$NDS_EXEC_PREFIX/sbin
NDS_LIBDIR=$NDS_EXEC_PREFIX/$_LIB
NDS_LOCALSTATEDIR=/var$NDS_EXEC_PREFIX
KRB5_CONFIG=$SYSCONFDIR/krb5.conf
export KRB5_CONFIG
DCINIT_CONFIG=$SYSCONFDIR/xad.ini
export DCINIT_CONFIG
PATH=$DATADIR/dcinit:$SBINDIR:$LIBEXECDIR:$BINDIR:/sbin:$PATH
export PATH
LD_LIBRARY_PATH=/opt/novell/xad/$_LIB:/opt/novell/xad/$_LIB/nds-modules:/opt/novell/eDirectory/$_LIB:/opt/novell/eDirectory/$_LIB/nds-modules:$LD_LIBRARY_PATH
export LD_LIBRARY_PATH
SASL_PATH=$LIBDIR/sasl2
export SASL_PATH
LDAPCONF=$SYSCONFDIR/openldap/ldap.conf
export LDAPCONF
KRB5CCNAME=KCM:SYSTEM
export KRB5CCNAME
NDS_CONF=$SYSCONFDIR/nds.conf
NAMED_CONF=$SYSCONFDIR/named.conf
LDAPI_SOCKET=$LOCALSTATEDIR/run/ldapi
test -f $SYSCONFDIR/xad.ini || exit 0
ndsd_check_running()
{
PIDNDSD=`cat $NDS_LOCALSTATEDIR/data/ndsd.pid 2>/dev/null`
if [ ! -z "$PIDNDSD" ] ; then
y=0
printf " Waiting for LDAP server to be ready ...\n"
while [ $y -lt 60 ]
do
/usr/bin/ldapsearch -LLL -b "" -s base -Y EXTERNAL dn >/dev/null 2>&1
if [ "$?" == 0 ]
then
return
fi
printf "."
sleep 1
y=$((y+1))
done
printf " LDAP server is not Responding.\n"
exit 1
else
printf " LDAP server must be started before Domain Services for Windows.\n"
exit 1
fi
}
xadsd_check_running()
{
$LIBEXECDIR/xadsd -S >/dev/null 2>&1
if [ $? -eq 1 ]; then
true
else
false
fi
}
# Shell functions sourced from /etc/rc.status:
# rc_check check and set local and overall rc status
# rc_status check and set local and overall rc status
# rc_status -v ditto but be verbose in local rc status
# rc_status -v -r ditto and clear the local rc status
# rc_failed set local and overall rc status to failed
# rc_failed <num> set local and overall rc status to <num><num>
# rc_reset clear local rc status (overall remains)
# rc_exit exit appropriate to overall rc status
. /etc/rc.status
# First reset status of this service
rc_reset
# Return values acc. to LSB for all commands but status:
# 0 - success
# 1 - generic or unspecified error
# 2 - invalid or excess argument(s)
# 3 - unimplemented feature (e.g. "reload")
# 4 - insufficient privilege
# 5 - program is not installed
# 6 - program is not configured
# 7 - program is not running
#
# Note that starting an already running service, stopping
# or restarting a not-running service as well as the restart
# with force-reload (in case signalling is not supported) are
# considered a success.
case "$1" in
start)
## Start daemon with startproc(8). If this fails
## the echo return value is set appropriate.
# NOTE: startproc returns 0, even if service is
# already running to match LSB spec.
STARTPROC_ARGS="-q -u root"
ndsd_check_running
echo -n "Starting Kerberos KDC"
startproc $STARTPROC_ARGS -p $LOCALSTATEDIR/run/krb5kdc.pid -s $SBINDIR/krb5kdc
rc_status -v -r
;;
stop)
## Stop daemon with killproc(8) and if this fails
## set echo the echo return value.
KILLPROC_ARGS=-TERM
echo -n "Shutting down Kerberos KDC"
#killproc $KILLPROC_ARGS -p $LOCALSTATEDIR/run/krb5kdc.pid $SBINDIR/krb5kdc
killproc $KILLPROC_ARGS $SBINDIR/krb5kdc
rc_status -v -r
;;
try-restart)
## Stop the service and if this succeeds (i.e. the
## service was running before), start it again.
## Note: try-restart is not (yet) part of LSB (as of 0.7.5)
$0 status >/dev/null && $0 restart
# Remember status and be quiet
rc_status
;;
restart)
## Stop the service and regardless of whether it was
## running or not, start it again.
$0 stop
$0 start
# Remember status and be quiet
rc_status
;;
force-reload)
## Signal the daemon to reload its config. Most daemons
## do this on signal 1 (SIGHUP).
## If it does not support it, restart.
echo -n "Reloading Kerberos KDC Service"
# Otherwise:
$0 stop && $0 start
rc_status
;;
reload)
## Like force-reload, but if daemon does not support
## signalling, do nothing (!)
echo -n "Reloading Kerberos KDC Service"
# Otherwise if it does not support reload:
rc_failed 3
rc_status -v -r
;;
status)
## Check status with checkproc(8), if process is running
## checkproc will return with exit status 0.
CHECKPROC_ARGS=
# Status has a slightly different for the status command:
# 0 - service running
# 1 - service dead, but /var/run/ pid file exists
# 2 - service dead, but /var/lock/ lock file exists
# 3 - service not running
echo -n "Checking for Kerberos KDC Service"
# NOTE: checkproc returns LSB compliant status values.
checkproc $CHECKPROC_ARGS $SBINDIR/krb5kdc
rc=$?
if [ ${rc} -eq 0 ]; then
#xadsd_check_running
rc=$?
fi
( exit ${rc} )
rc_status -v
;;
*)
echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload}"
exit 1
;;
esac
rc_exit
#! /bin/sh
# Copyright (c) 2001-2006 Novell, Inc.
#
# Author: Novell, Inc.
#
# /etc/init.d/xad-krb5kdc
#
### BEGIN INIT INFO
# Provides: krb5kdc
# Required-Start: $network $syslog ndsd
# Required-Stop: $network $syslog
# Default-Start: 3 5
# Default-Stop: 0 1 2 6
# Short-Description: Kerberos KDC Daemon
# Description: Kerberos KDC Server
### END INIT INFO
_LIB=`/opt/novell/xad/share/dcinit/printConfigKey.pl "_Lib"`
EXEC_PREFIX=/opt/novell/xad
BINDIR=$EXEC_PREFIX/bin
SBINDIR=$EXEC_PREFIX/sbin
LIBEXECDIR=$EXEC_PREFIX/libexec
SYSCONFDIR=/etc/opt/novell/xad
LOCALSTATEDIR=/var/opt/novell/xad
LIBDIR=$EXEC_PREFIX/$_LIB
DATADIR=$EXEC_PREFIX/share
NDS_EXEC_PREFIX=/opt/novell/eDirectory
NDS_BINDIR=$NDS_EXEC_PREFIX/bin
NDS_SBINDIR=$NDS_EXEC_PREFIX/sbin
NDS_LIBDIR=$NDS_EXEC_PREFIX/$_LIB
NDS_LOCALSTATEDIR=/var$NDS_EXEC_PREFIX
KRB5_CONFIG=$SYSCONFDIR/krb5.conf
export KRB5_CONFIG
DCINIT_CONFIG=$SYSCONFDIR/xad.ini
export DCINIT_CONFIG
PATH=$DATADIR/dcinit:$SBINDIR:$LIBEXECDIR:$BINDIR:/sbin:$PATH
export PATH
LD_LIBRARY_PATH=/opt/novell/xad/$_LIB:/opt/novell/xad/$_LIB/nds-modules:/opt/novell/eDirectory/$_LIB:/opt/novell/eDirectory/$_LIB/nds-modules:$LD_LIBRARY_PATH
export LD_LIBRARY_PATH
SASL_PATH=$LIBDIR/sasl2
export SASL_PATH
LDAPCONF=$SYSCONFDIR/openldap/ldap.conf
export LDAPCONF
KRB5CCNAME=KCM:SYSTEM
export KRB5CCNAME
NDS_CONF=$SYSCONFDIR/nds.conf
NAMED_CONF=$SYSCONFDIR/named.conf
LDAPI_SOCKET=$LOCALSTATEDIR/run/ldapi
test -f $SYSCONFDIR/xad.ini || exit 0
ndsd_check_running()
{
PIDNDSD=`cat $NDS_LOCALSTATEDIR/data/ndsd.pid 2>/dev/null`
if [ ! -z "$PIDNDSD" ] ; then
y=0
printf " Waiting for LDAP server to be ready ...\n"
while [ $y -lt 300 ]
do
/usr/bin/ldapsearch -LLL -b "" -s base -Y EXTERNAL dn >/dev/null 2>&1
if [ "$?" == 0 ]
then
return
fi
printf "."
sleep 1
y=$((y+1))
done
printf " LDAP server is not Responding.\n"
exit 1
else
printf " LDAP server must be started before Domain Services for Windows.\n"
exit 1
fi
}
xadsd_check_running()
{
$LIBEXECDIR/xadsd -S >/dev/null 2>&1
if [ $? -eq 1 ]; then
true
else
false
fi
}
# Shell functions sourced from /etc/rc.status:
# rc_check check and set local and overall rc status
# rc_status check and set local and overall rc status
# rc_status -v ditto but be verbose in local rc status
# rc_status -v -r ditto and clear the local rc status
# rc_failed set local and overall rc status to failed
# rc_failed <num> set local and overall rc status to <num><num>
# rc_reset clear local rc status (overall remains)
# rc_exit exit appropriate to overall rc status
. /etc/rc.status
# First reset status of this service
rc_reset
# Return values acc. to LSB for all commands but status:
# 0 - success
# 1 - generic or unspecified error
# 2 - invalid or excess argument(s)
# 3 - unimplemented feature (e.g. "reload")
# 4 - insufficient privilege
# 5 - program is not installed
# 6 - program is not configured
# 7 - program is not running
#
# Note that starting an already running service, stopping
# or restarting a not-running service as well as the restart
# with force-reload (in case signalling is not supported) are
# considered a success.
case "$1" in
start)
## Start daemon with startproc(8). If this fails
## the echo return value is set appropriate.
# NOTE: startproc returns 0, even if service is
# already running to match LSB spec.
STARTPROC_ARGS="-q -u root"
ndsd_check_running
echo -n "Starting Kerberos KDC"
startproc $STARTPROC_ARGS -p $LOCALSTATEDIR/run/krb5kdc.pid -s $SBINDIR/krb5kdc
rc=$?
if [ $rc -ne 0 ]
then
( exit ${rc} )
fi
rc_status -v -r
;;
stop)
## Stop daemon with killproc(8) and if this fails
## set echo the echo return value.
KILLPROC_ARGS=-TERM
echo -n "Shutting down Kerberos KDC"
#killproc $KILLPROC_ARGS -p $LOCALSTATEDIR/run/krb5kdc.pid $SBINDIR/krb5kdc
killproc $KILLPROC_ARGS $SBINDIR/krb5kdc
rc_status -v -r
;;
try-restart)
## Stop the service and if this succeeds (i.e. the
## service was running before), start it again.
## Note: try-restart is not (yet) part of LSB (as of 0.7.5)
$0 status >/dev/null && $0 restart
# Remember status and be quiet
rc_status
;;
restart)
## Stop the service and regardless of whether it was
## running or not, start it again.
$0 stop
$0 start
# Remember status and be quiet
rc_status
;;
force-reload)
## Signal the daemon to reload its config. Most daemons
## do this on signal 1 (SIGHUP).
## If it does not support it, restart.
echo -n "Reloading Kerberos KDC Service"
# Otherwise:
$0 stop && $0 start
rc_status
;;
reload)
## Like force-reload, but if daemon does not support
## signalling, do nothing (!)
echo -n "Reloading Kerberos KDC Service"
# Otherwise if it does not support reload:
rc_failed 3
rc_status -v -r
;;
status)
## Check status with checkproc(8), if process is running
## checkproc will return with exit status 0.
CHECKPROC_ARGS=
# Status has a slightly different for the status command:
# 0 - service running
# 1 - service dead, but /var/run/ pid file exists
# 2 - service dead, but /var/lock/ lock file exists
# 3 - service not running
echo -n "Checking for Kerberos KDC Service"
# NOTE: checkproc returns LSB compliant status values.
#checkproc $CHECKPROC_ARGS -p $LOCALSTATEDIR/run/krb5kdc.pid $SBINDIR/krb5kdc
checkproc $CHECKPROC_ARGS $SBINDIR/krb5kdc
rc=$?
( exit ${rc} )
rc_status -v
;;
*)
echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload}"
exit 1
;;
esac
rc_exit
Disclaimer
This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:7011899
- Creation Date:07-MAR-13
- Modified Date:07-MAR-13
- NovellOpen Enterprise Server
- SUSESUSE Linux Enterprise Server
- NetIQeDirectory
Did this document solve your problem? Provide Feedback