Environment
Novell eDirectory 8.7.3 Support Pack 10b
Novell SuSE Linux Enterprise Server 10
Situation
eDirectory LDAP Server was not listening on TLS Port while installing eDirectory on Linux
LDAP not listening on port 636
SSL Certifiactes are not created
SSL Certifiactes are not created
iMonitor not working
Resolution
Modify "/etc/nds.conf" file as per the actual nds.conf file since the file is not updated properly while configuring eDirectory on SLES Server:
Once the above mentioned changes have been made to "/etc/nds.conf" perform the following steps:
- n4u.server.interfaces=192.168.1.2@524
- n4u.server.vardir=/var/nds
- n4u.nds.dibdir=/var/nds/dib
- http.server.clear-port=8028
- http.server.tls-port=8030
- http.server.interfaces=192.168.1.2@8028
- https.server.interfaces=192.168.1.2@8030
- n4u.server.libdir=/usr/lib
- n4u.server.configdir=/etc
- n4u.server.log-file=/var/nds/ndsd.log
- n4u.nds.server-name=sles10sp1
- n4u.base.tree-name=SLES-TREE
- n4u.nds.preferred-server=sles10sp1
- n4u.nds.server-context=OU=linux.O=novell
- https.server.cached-cert-dn=SSL CertificateIP - sles10sp1.linux.novell
Once the above mentioned changes have been made to "/etc/nds.conf" perform the following steps:
- Restart eDirectory by typing “rcndsd restart” without quotes or by typing “/etc/init.d/ndsd restart” without quotes
- Type “ndsconfig upgrade” without quotes at the server console. This time the server will load with “eDirectory LDAP Server TLS Port is Listening” message, creating SAS, SSL IP and SSL DNS Objects in a eDirectory tree
- To restart LDAP type “nldap -u” without quotes at the server console followd by “nldap -l”
- Try to access iMonitor with "http://<ip_address>:8028/nds" without quotes and this time it will be accessed without any issues
Additional Information
Possible Cause:
- nds.conf file not updated.
- Certificates were not properly created after the new installation
- “ndsconfig upgrade” failed with TLS Port not listening while recreating SAS Object, SSL IP and SSL DNS Certificates.