On logging in to iManager with a pre-eDirectory 8.8 tree, password roles and tasks may not be visible. The screen below shows that the Passwords Plugin is missing with a pre-eDirectory 8.8 tree login.
If you have any other eDirectory tree where the passwords plug in is visible, you can use DSRepair to extend the schema.
1. Run ndsrepair -S -Ad
2. Choose option 5, Import schema from Tree.
3. Provide the admin credentials and the name of the tree where the password plug in is visible in order to get the schema extended to view the Passwords plug in in iManager.
Below is the screen message:
bash-2.05# ndsrepair -S -Ad Repair utility for Novell eDirectory - 8.7.3 v10551.79 DS Version 10554.28 Tree name: EDIRECTORY-87310 Server name: .ST-FC-SOL-7.novell Size of /var/nds/ndsrepair.log = 22285 bytes. Administrator name: admin.novell nPassword: Logging In To Server Please Wait... GLOBAL SCHEMA OPERATIONS 1. Request schema from Master Server 2. Reset local schema 3. Post Netware 5 Schema Update 4. Optional Schema Enhancements 5. Import schema from Tree 6. Declare a new epoch Enter 'q' to escape the operation. Enter a schema option(1-6)?5 Request schema from Tree : COMPAT-TREE-NW-213 Preparing Log File "/var/nds/ndsrepair.log" Please Wait... Checking and extending schema from a remote tree Start: Tuesday, January 15, 2008 16:15:37 Local Time Making connection to source tree, "COMPAT-TREE-NW-213" Source server name: "CN=ST-NF-CLI-213.O=novell" Adding attribute: helpdeskengineer Adding attribute: admin Adding attribute: hr Adding attribute: novellStatus Adding attribute: novellTeamCode Adding attribute: preferedLanguage Adding attribute: novellPreferedName Adding attribute: novellCostCentre Adding attribute: nsimPasswordReminder Adding attribute: nsimHint Adding attribute: nsimPwdRuleEnforcement Adding attribute: nsimChallengeSetGUID Adding attribute: nsimChallengeSetDN Adding attribute: nsimAssignments Adding attribute: nsimForgottenAction Adding attribute: nsimForgottenLoginConfig Adding attribute: nsimMaxResponseLength Adding attribute: nsimMinResponseLength Adding attribute: nsimNumberRandomQuestions Adding attribute: nsimRandomQuestions Adding attribute: nsimRequiredQuestions Adding attribute: notfMergeTemplateSubject Adding attribute: notfMergeTemplateData Adding attribute: SAS:SecretStoreData Adding attribute: SAS:SecretStoreKey Adding attribute: notfSMTPEmailUserName Adding attribute: notfSMTPEmailFrom Adding attribute: notfSMTPEmailHost Warning: class nspmPasswordAux Local optional attribute rule has elements which the remote side doesn't Adding class: novellPerson Adding class: nsimChallengeSet Adding class: notfMergeTemplate Adding class: notfTemplateCollection Warning: class rbsTask2 Local optional attribute rule has elements which the remote side doesn't Warning: class rbsCollection2 Local optional attribute rule has elements which the remote side doesn't Warning: class nspmPasswordPolicy Local containment rule has elements which the remote side doesn't Warning: class nspmPasswordPolicy Local optional attribute rule has elements which the remote side doesn't Modifying class: nspmPasswordPolicy Modified optional attribute rules using remote definition Warning: class nspmPasswordPolicyContainer Local containment rule has elements which the remote side doesn't Warning: class ndsLoginProperties Local optional attribute rule has elements which the remote side doesn't Modifying class: ndsLoginProperties Modified optional attribute rules using remote definition Schema successfully checked and extended Total errors: 0 NDSRepair process completed.
Note: In above screen message, EDIRECTORY-87310 is the tree where the passwords plug-in is not visible, on login to iManager. COMPAT-TREE-NW-213 is the name of the tree where the passwords plug-in is visible. You must have SLP running in order to locate the tree where the passwords plug in is visible.
In case there are no eDirectory trees available where the password plug in is visible, a solution can also be achieved by extending the schema manually, using the ndssch utility. For example:
ndssch [-h hostname[:port]] [-t tree_name] [-d] admin_FDN schemafile.
The schema files that need to be extended are: nmas.sch, nspm.sch, notf.sch, and nsimpm.sch. The schema needs to be extended once per tree.
You can now view the passwords plug-in in iManager and use it. Here’s what it looks like after the schema extension:
This solution is useful for people who find it difficult to see the passwords plug-in with pre-8.8 eDirectory trees.