Novell Identity Manager recovery procedure when a replica was removed from the server

  • 3904195
  • 15-Jan-2008
  • 26-Apr-2012

Environment

Novell Identity Manager Nsure Identity Manager 2.0
Novell Identity Manager Identity Manager 3.0

Situation

Either of the situations bellow could cause loss of server-centric information for a Driver:
- Replica (Read/Write or Master) of the Partition that holds the Driver set was removed from the server.
- DSREPAIR -XK2 procedure was used on the server to which the Driver set was associated with.
- DSREPAIR > Repair timestamps and declare a new epoch was declared on the partition, and the IDM server had a Read/Write of the partition
- Unable to start the driver.  com.novell.admin.common.exceptions.UniqueSPIException: (Error -783) The DirXML Interface Module (VRDIM) is not currently loaded into NetWare or into DHost.

Resolution

The Server-centric information needs to be added back to the driver. If a driver export or a Designer project with all the driver's data is available, this is a simple task. If not the information needs to be entered manually.

Scenario 1 - a driver export is available from before the problem (do those steps for each driver in the Driver set):
01 - Start iManager, login as a user with supervisor rights to the driver object
02 - Click on 'Identity Manager Utilities' ('DirXML Utilities' on Nsure Identity Manager 2.0)
03 - Click on 'New Driver'
04 - Select 'In an existing driver set' , and either type or browse to the proper Driver set. Click 'Next'
05 - Select 'Import a driver configuration from the client (.XML file)'
06 - Click 'Browse', and choose the driver export. Click'Next'
07 - On the 'Existing drivers:' dropdown, select the driver you are restoring.
08 - (Conditional) Fill the driver password and the authentication password, if your driver had them before.
09 - (Conditional) Fill the remote loader password (field might only show if you were using remote loader)
10 - Select 'Update everything about that driver', then click'Next'
11 - Click 'Finish'
12 - (Optional but recommended): Check the driver's properties, specially the 'Global Configuration Values' to make sure they are properly configured for your environment and didn't change since the export was taken.

Scenario 2 - a Designer project is available from before the problem (those steps assume Designer 2.0M5.1, the text might vary on other versions):
01 - Start Designer
02 - Open the saved project
03 - Click on the icon that represents your Driver set
04 - Select the 'Live' menu, 'compare' menu item
05 - (Conditional) If requested by Designer, enter the authentication parameters for your tree, and point to the IDM server on the Host Name field
06 - In the Designer/eDirectory Object Compare there will be a list of discrepancies between the project and eDirectory, showing the lost data. Click on the Driver set object
07 - For the 'Reconcile Action:', select 'Update eDirectory'
08 - Click on the 'Reconcile' button. A windows showing the progress will pop-up
09 - After the process is finished, the 'Reconcile Results' window will give status messages. Click 'Ok' to close the window

Scenario 3 - Manually entering the information needed (this assumes that the drivers were properly documented but exports are not available, and has to be done for each driver in the Driver set):
01 - Start iManager, login as a user with supervisor rights to the driver object
02 - Click on 'Identity Manager' ('DirXML' on Nsure Identity Manager 2.0)
03 - Click on 'Identity Manager Overview' ('DirXML' on Nsure Identity Manager 2.0)
04 - Select 'Search in container:'
05 - Click on the magnifying glass icon, then browse to the container were the Driver set resides in your eDirectory tree and select it
06 - Click 'Search'
07 - Click on the driver's status icon (Yin/Yang icon if started, Stop sign if stopped) and select 'Edit Properties'
08 - In the 'Identity Manager' tab, 'Driver Configuration' link, fill the data required by your driver (the actual fields used vary per driver). All drivers require both the 'Driver Module' section and the 'Startup Option' section to be set. Other sections that might be required depending on your driver are: 'Driver Object Password' section, 'Authentication' section and 'Driver Parameters' section. Click 'Apply' to save the changes before moving to any other link.
09 - (Conditional) For the 'Driver Parameters' section to show its options, its XML with the proper options has to be inplace, so restoring it involves clicking the 'Edit XML' button, selecting the'Enable XML Editing' check box and typing the actual XML for your driver. After typing the XML click 'Ok' to return to the previous screen, and that section should show its normal fields. Click 'Apply' to save the changes before moving to any other link.
10 - (Conditional) In the 'Identity Manager' tab, 'Global Configuration Values' link, recreate the GCVs for your driver. That can be done one at a time using the 'Add' button, or by editing its XML. To edit its XML click the 'Edit XML' button, on the next screen select the 'Enable XML Editing' check box and typing the actual XML for your driver's GCV. After typing the XML click 'Ok' to return to the previous screen, and the GCVs should be listed there. Click 'Apply' to save the changes before moving to any other link.
11 - (Conditional) In the 'Identity Manager' tab, 'Named Passwords' link, add back your Named Passwords by clicking the 'Add' button and filling the fields on the pop-up, then click 'Ok'. Click'Apply' to save the changes before moving to any other link.
12 - At this point Click 'Ok' to close the driver's properties window.