How to clean up eDirectory, and reinstall the server, after a fatal Linux or OES2 or OES11 server crash

Document ID:3361110
Creation Date:04-Feb-2007
Modified Date:08-Jul-2014
- Micro Focus Products:
  eDirectory
  Open Enterprise Server

Environment

Novell Open Enterprise Server 2

Novell Open Enterprise Server 11
Novell eDirectory 8.7.3
Novell eDirectory 8.8.x

Situation

Accidentally removed the /var/nds/dib directory .
NDSD doesn't start anymore.
How to clean up the eDirectory tree after a fatal server crash
How to reinstall an eDirectory database on OES Linux server after crash.

Resolution

Note: make sure that you read and understand all these instructions, from start to finish, before starting on this process.

Clean up the eDirectory Tree

If the dead server held any replicas, it (the server) must be removed from those replica rings using Advanced ndsrepair options. Then, if it held any Master replicas, one intact server with a Read Write replica must be promoted to Master using Advanced ndsrepair options. Once the tree is syncing cleanly (no -625 or other fatal errors in sync) clean up the tree by deleting the server NCP object with iManager and all objects related to that server that appear as unknown objects (yellow circle with question mark). These will typically include its NSS volume objects, server certificates, LDAP Server objects, and more. All will be recreated when the server is re-added to the tree.

Also at this time you should determine whether the dead server was the Certificate Authority (CA) of the tree. If it was then a new CA must be created before re-installing the dead server; see KB 10074205 . Otherwise the server will not be able to re-join the tree.

Stop the eDirectory daemon with: rcndsd stop

Delete any remaining eDirectory Database files (if present) in the /var/nds/dib (by default). Delete all files with a *.NDS extension and all files and directories with NDS.*

Stop the http listener:

rcnovell-httpstkd stop

Take time now to confirm that the tree is syncing 100% cleanly, and that all deleted objects have gone completely from eDirectory. If they have not deleted and purged successfully DO NOT PROCEED as they will interfere with the reinstall if still there. If you still cannot clear them seek help from more experienced eDirectory support personnel, the Novell Support Forums, or Novell Technical Services.

Reinstall eDirectory [this section good up to OES2 SP2 only - for later versions see the documentation links below]

Install now back the server into the tree. You can use the following command

ndsconfig add -t -n

You may get the error message "LDAP Server is not associated with certificate.". You can check that ldaps is working correctly by using nestat -a to display the open ports and look for the ldaps port (by default 636)

Recreate the nam workstation and linux objects. This is a sample syntax:
namconfig add -a cn=admin,o=novell -r o=novell -w o=novell -S ipaddressofldapserver:389 -l 636

Reboot everything should be back

For Open Enterprise Server 2 SP3 and later detailed descriptions for Reconfiguring eDirectory and OES Services can be found in the Documentation:

OES2 SP3 https://www.novell.com/documentation/oes2/inst_oes_lx/?page=/documentation/oes2/inst_oes_lx/data/br83az8.html

OES11 SP1 https://www.novell.com/documentation/oes11/inst_oes_lx/?page=/documentation/oes11/inst_oes_lx/data/br83az8.html#br83az8

Additional Information

search: re-install oessp2 oessp1 eDirectory install
Formerly known as TID# 10100037

+ Advanced eDirectory Troubleshooting