How to update eDirectory configuration after server IP address change (Linux)

  • 3201067
  • 13-Feb-2007
  • 23-May-2019

Environment

eDirectory
Linux

Situation

The IP address of the server has been changed. eDirectory must be manually configured to use the new address.

Resolution

DISCLAIMERS - Do not change the IP address of more than one server at a time while following this procedure! If more than one IP address is changed at a time, or all servers are moved to a new subnet at once, the servers will not be able to reestablish communications with each other without first being moved back to the original IP addresses. 

Do not attempt this procedure in a Production environment without first verifying it in a Test environment.

  1. Run the following command to show the eDirectory parameters which contain the old IP address:
# ndsconfig get | grep <oldIpAddress>

  1. For each parameter listed, set the value to the new IP address:
# ndsconfig set <parameterName>=<newIPAddress>:<Port>

  1. If any parameters cannot be set via the above command, modify them directly in the eDirectory nds.conf file. The default location is /etc/opt/novell/eDirectory/conf/nds.conf. If using a non-default location, run the following command to locate it:
# ndsconfig get | grep n4u.server.configdir

  1. After making these changes, restart eDirectory by running the following command:
# ndsmanage stopall && ndsmanage startall

  1. Re-mint the eDirectory server certificates to reflect the change in the IP address. The procedure is covered in-detail here: https://support.microfocus.com/kb/doc.php?id=7013080.
  1. Manually trigger the Limber process, which notifies all other servers of the IP address change. Run the following from the command line:
# ndstrace

> set ndstrace=*L

> exit

  1. Verify that eDirectory synchronization is healthy by running:
# ndsrepair -E

Additional Information

Note for OES users: Linux User Management (LUM or namcd) will need to be updated with the new IP address. The config file is located at /etc/nam.conf. After updating the address, import the certificate from the LDAP server  by running the following commands:

# namconfig -k

# namconfig cache_refresh

Some eDirectory environments may be configured with a hosts.nds file. It is rarely used and may not be present on the file system. It would be located in the eDirectory config directory. If present, it should be updated with the new IP address.

Change Log

5/22/2019 - Massive overhaul and simplification - John Walker

Feedback service temporarily unavailable. For content questions or problems, please contact Support.