How to perform a NCP exclude on eDirectory for Windows.

  • 3095848
  • 21-Jun-2007
  • 19-Aug-2014


Novell eDirectory 8.7.3 SP9 FTF2 for Windows 2000/2003
Novell eDirectory 8.8 SP1 FTF3 for Windows 2000/2003
Novell eDirectory 8.8 SP2 for Windows 2000/2003


If there are multiple NICs with IP bound to a server running eDirectory and one of those NICs is connected to a private network the other servers cannot route to this can result in errors and latency. Symptoms include slow logins, slow synchronization and errors displayed in dstrace. This is because, by default, all bound NIC addresses are written to the referral information for that server. If a workstation or server attempts to use the private network address handed out by eDirectory for that server it will have to timeout before using one of that server's other addresses.

It is possible that the following error is returned when attempting the procedure below:
Error: -5980 attempting to close transport

In this case, follow the instructions in the "Additional information" section.


To avoid this situation the address to the private network needs to be excluded from the referral list. For eDirectory running on Windows the following procedure needs to be performed.
Assume there are two NICs, one bound to and the second NIC bound to
1. Use ndscons to connect to the NIC you wish to keep in the referrals.
c:\novell\nds\ndscons.exe /addr=
2. Confirm this is the NIC that ndscons connected to by looking at the Connections tab and examining the "local admin" . This should have an IP address of
3. Close the other bound transport that NCP should be excluded from.
4. Close ndscons.exe.
5. Type in a command line " net stop "nds server0" to stop dhost.
6. The file \dibfiles\transact.acs should not exist since it should have merged the changes.
7. Type " net start "nds server0" to start dhost once again.
The address should no longer be used for NCP connections. (This does not exclude a workstation from connecting to it.)  In order to strip the address from the referral list for that server a repair server addresses needs to be performed on that server in dsrepair\ndsrepair. This will remove the excluded address from that server's NCP server object as well as the replica attribute value for that server in any replica rings it is a member of.

Additional Information

To change the IP address on a Windows NT/2000 server see TID 3934357

If it's not possible to close the interface using the NDS console utility (error -5980), it is also possible to do this editing the config.acs file in the Dibfiles directory. The entries in this file for two interfaces would look like this:

[NCP Engine/Transports/Enum] = 0x00000004
[NCP Engine/Transports/Enum/000] = {0x00 0x00 0x00 0x06 0x00 0x02 0x0c 0x02 0x17 0x17 0xa8 0xc0}
[NCP Engine/Transports/Enum/001] = {0x00 0x00 0x00 0x11 0x00 0x02 0x0c 0x02 0x17 0x17 0xa8 0xc0}
[NCP Engine/Transports/Enum/002] = {0x00 0x00 0x00 0x06 0x00 0x02 0x0c 0x02 0x0d 0x0c 0x0b 0x0a}
[NCP Engine/Transports/Enum/003] = {0x00 0x00 0x00 0x11 0x00 0x02 0x0c 0x02 0x0d 0x0c 0x0b 0x0a}

The last four bytes in the list represent the IP address in hexadecimal format and in reverse order. For example,  0x0d 0x0c 0x0b 0x0a can be translated to 0x0d=13, 0x0c=12, 0x0b=11, 0x0a=10, in reverse order it represents address In a similar fashion, the first two addresses represent the TCP and UDP ports for IP address

Select the IP address you want to delete, stop the eDirectory service and edit the config.acs file, removing the entries for the interfaces you don't want eDirectory to listen on. In this example, if you want to exclude the address, the resulting lines would look like:
[NCP Engine/Transports/Enum] = 0x00000002
[NCP Engine/Transports/Enum/000] = {0x00 0x00 0x00 0x06 0x00 0x02 0x0c 0x02 0x0d 0x0c 0x0b 0x0a}
[NCP Engine/Transports/Enum/001] = {0x00 0x00 0x00 0x11 0x00 0x02 0x0c 0x02 0x0d 0x0c 0x0b 0x0a}

Notice that the first line has been modified with the correct amount of Transports present and that the order number was changed to reflect the new position in the list (from 002 to 000 and from 003 to 001).