How to Remove a DSfW server, Domain, and Forest
This document (7005431) is provided subject to the disclaimer at the end of this document.
Server crashed, now need to clean up eDirectory tree to prepare to install new DSfW Forest and Domain.
How to remove DSFW Domain Controller, Domain, and Forest and re-install a DSFW Forest, Domain and Domain Controller.
Instructions on cleaning up eDirectory after a DSfW server is removed. This will prepare the tree so that a new DSfW server,Domain, and Forest can be installed on a new OES2 SP3 or OES11.x server.
Make an existing server the master of all partitions and remove the DSfW server from the rings. See TID 7002415 to designate a new server as the master of a partition.
Merge the child partitions into the domain partition.
First merge the schema partition into the configuration partition.
Then merge the configuration partition into the domain partition.
After merging the partitions delete the Schema and Configuration containers.
Note: Make sure that there's still a Master server for the domain partition.
Delete the server object, ssl certificate objects, and ldap objects.
Delete all DSfW created objects.
Delete these objects and the child objects to these containers. The Users container might have additional users created by the administrator. If those users are to be retained, move them to another container outside the DSfW domain. Users located in the domain, but not in one of the following containers can me left in their existing contianer.
The containers that are created by DSFW are as follows:
dn: ou=Domain Controllers,<DomainDN>
dn: ou=OESSystemObjects,<DomainDN> for OES2SP2
dn: ou=novell,<DomainDN> for OES2SP1
dn: cn=Deleted Objects,<DomainDN>
dn: cn=NTDS Quotas,<DomainDN>
dn: cn=Program Data,<DomainDN>
Remove the aux class "domainDNS" and "xadFlags" (depending on the patch level "xad-Domain-Flag" might be present instead of "xadFlags") from the domain partition root. Since domainDNS and xadFlags are aux classes, to remove them go to the extentions of the object.
For Console One right click on the container, select extensions of this object, select the domainDNS aux class and click remove Extension. Do the same for xadFlags.
For iManager click the Schema role, Object Extensions task, browse to the container, select the domainDNS aux class and click remove. Do the same for xadFlags. Note: xadFlags is new starting oes2sp3.
Remove the following ACLs from the partition where DSfW is installed
For Console One right click on the container, select Trustees of this object, select the assigned trustee, click Assigned Rights, and remove the property right. If you wish to remove a trustee completely like [Root], select the trustee and click Delete Trustee.
For iManager click the Rights role, Modify Trustees task, browse to the container, check the box next to the trustee you wish to modify, click assigned rights, check the box next to the property right you wish to remove, and click Remove Seletected.
ACL: 3#subtree#[Root]#[All Attributes Rights] (SP3 will list each attribute, remove all attributes)
- Check that the following attributes have been removed from the partition where DSfW is installed. If these attributes exist, remove them.
In Console One go to the properties of the container, other tab, select the attribute you wish to remove and click Delete.
In iManager Modify the container object, click the General tab, click 'other' underneath the General tab, select the attribute you wish to remove and click Delete.
- These attributes should not cause an issue with OES11 re-isintalls, but will cause and issue with OES2SP3 and earlier.If re-installing OES2SP3 DSfW call Novell Support to have these attributes removed. Since they are Read Only they can not be removed with standard tools.nextRid
This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:7005431
- Creation Date:03-MAR-10
- Modified Date:02-JUN-16
- NovellOpen Enterprise Server
Did this document solve your problem? Provide Feedback