Removing the port number from the network address value on non-NetWare platforms

  • 7001188
  • 20-Aug-2008
  • 26-Apr-2012

Environment

Novell eDirectory 8.8 for All Platforms

Situation

Network addresses are getting stuck on user objects when the servers are in a mixed environment of NetWare and Linux servers.  Linux servers add the port number to the network address and NetWare does not resulting in an inbility to find a matching network address on logout hence they do not get removed.  This is causing problems with logins when users are restricted to only one or a few concurrent connections.  eDirectory counts the number of network address values on a user object when determining the current connection count for that user.

Resolution

In 883 and partially in 882ftf2,  eDirectory changed the way it handles concurrent connections. Based on requests from NetWare customers moving to OES, e Directory's behavior was changed on non-NetWare platforms to match NetWare behavior. On non-NetWare platforms, concurrent connections was done using a double check method:

(1) Check for network addresses on that entry.

(2) Check for number of connections in dhost connection table for that identity.

On NetWare only step (1) was performed. Also NetWare does not consider port number as part of netware address. To match NetWare behavior a new parameter was added named n4u.server.mask-port-number whose default value is 1 ( i.e behave as NetWare )

Administrator can reset this parameter to 0 and get back to old non-netware platform behavior. Additionally there is a timing window for network address updates. Earlier it used to 5 seconds , in eDirectory 8.7.3 SP10 and 8.8 SP3 it was changed to 15 seconds.   This determines the time eDirectory waits before writing a network address to flaim.

Additional Information

These two changes:
1. Change from 5 seconds to 15 seconds before updating FLAIM on an address write
2. Added the new mask-port-number parameter
were both added to eDirectory 8.8 SP3 and 8.7.3.10b FTF2.