Environment
Novell BorderManager 3.8
Novell eDirectory 8.7.3 for NetWare 6.5
Situation
Customer has a S2S vpn link with only one tree, so tree is split
between the sites. Each vpn server holds a replica of its own
partition. Master of [root] is located on a different server on the
master vpn network.
When the slave server is rebooted, reading NDS configuration information takes 10-15 minutes to finish and load proxy components.
If a copy of [root] is placed on the slave, it loads within 2-3 minutes. If then [root] is removed from master vpn network, then master vpn server shows this error.
But if vpn is started, tunnel establish and then proxy components loaded, it works within 2-3 minutes.
So this issue is only seen when vpn services and proxy services are restarted simultaneously on a site with no copy of [root]
When the slave server is rebooted, reading NDS configuration information takes 10-15 minutes to finish and load proxy components.
If a copy of [root] is placed on the slave, it loads within 2-3 minutes. If then [root] is removed from master vpn network, then master vpn server shows this error.
But if vpn is started, tunnel establish and then proxy components loaded, it works within 2-3 minutes.
So this issue is only seen when vpn services and proxy services are restarted simultaneously on a site with no copy of [root]
Resolution
Current problem in that scenario is that eDirectory on the slaves
takes up to 10 minutes to open, because it first tries to connect
to all Servers holding a copy of Root. Of course, to be able to
connect to those servers, the vptunnel would have to be up, which
only works when eDirectory finally opens it's database.
Although that behaviour is a bug in eDirectory introduced in eDir 8.7.3, the eDir team is unwilling to change that again (eDirectory versions older than 8.7.3 do not show this behaviour, they open their local database instantly, no matter if they connect to other servers or not).
Currently workarounds are:
1. Let it takes 10-15 minutes to load
2. Restart server with no vpn or proxy services and once ds database is open, then load them
3. Place a copy of [root] locally.
Although that behaviour is a bug in eDirectory introduced in eDir 8.7.3, the eDir team is unwilling to change that again (eDirectory versions older than 8.7.3 do not show this behaviour, they open their local database instantly, no matter if they connect to other servers or not).
Currently workarounds are:
1. Let it takes 10-15 minutes to load
2. Restart server with no vpn or proxy services and once ds database is open, then load them
3. Place a copy of [root] locally.