Server crashed, now need to clean up eDirectory tree to prepare to install new DSfW Forest and Domain.
Make an existing server the master of all partitions and remove the DSfW server from the rings.
See TID 7002415 to designate a new server as the master of a partition.
- Merge the child partitions into the domain partition.
- Merge the schema partition into the configuration partition.
- For OES 2015 and newer: Merge the <servername>.Servers.Site-One.Sites.Configuration.<domain>.<TLD> into the parent partition. Example: DSFW1.Servers.Site-One.Sites.Configuration.Provo-Lab.int
- Merge the configuration partition into the domain partition.
- After merging the partitions delete the Schema and Configuration containers.
Note: Make sure that there's still a Master server for the domain partition.
Shutdown the DSfW server permanently.
Delete the server object, SSL certificate objects, and LDAP objects.
Delete all DSfW created objects.
Delete these objects and the child objects to these containers. The Users container might have additional users created by the administrator. If those users are to be retained, move them to another container outside the DSfW domain first! Users located in the domain, but not in one of the following containers can me left in their existing container. The containers that are created by DSfW are as follows:
dn: ou=Domain Controllers,<DomainDN>dn: ou=OESSystemObjects,<DomainDN>dn: ou=novell,<DomainDN> for OES2SP1 ONLYdn: cn=Builtin,<DomainDN>dn: cn=Configuration,<DomainDN>dn: cn=Computers,<DomainDN>dn: cn=DefaultMigrationContainer,<DomainDN>dn: cn=Deleted Objects,<DomainDN>dn: cn=ForeignsSecurityPrincipals,<DomainDN>dn: cn=NTDS Quotas,<DomainDN>dn: cn=System,<DomainDN>dn: cn=Users,<DomainDN>dn: cn=Infrastructure,<DomainDN>dn: cn=LostAndFound,<DomainDN>dn: cn=Program Data,<DomainDN>
Remove the aux class "domainDNS" and "xadFlags" (depending on the patch level "xad-Domain-Flag" might be present instead of "xadFlags") from the domain partition root. Since domainDNS and xadFlags are aux classes, to remove them go to the extensions of the object.
For Console One right click on the container, select extensions of this object, select the domainDNS aux class and click remove Extension. Do the same for xadFlags.
For iManager click the Schema role, Object Extensions task, browse to the container, select the domainDNS aux class and click remove. Do the same for xadFlags. Note: xadFlags is new starting OES2sp3.
- Remove the following ACLs from the partition where DSfW is installed:
For Console One right click on the container, select Trustees of this object, select the assigned trustee, click Assigned Rights, and remove the property right. If you wish to remove a trustee completely like [Root], select the trustee and click Delete Trustee.For iManager click the Rights role, Modify Trustees task, browse to the container, check the box next to the trustee you wish to modify, click assigned rights, check the box next to the property right you wish to remove, and click Remove Seletected.
ACL: 1#subtree#[Public]#cnACL: 4#subtree#[This]#dBCSPwdACL: 4#subtree#[This]#unicodePwdACL: 4#subtree#[This]#supplementalCredentialsACL: 3#subtree#[Root]#[All Attributes Rights] (OES11SP3 ONLY - each attribute is listed: remove all attributes)ACL: 3#subtree#[Root]#userCertificate;binaryACL: 3#subtree#[Root]#cACertificate;binary
- Check that the following attributes have been removed from the partition where DSfW is installed. If these attributes exist, remove them.
In Console One go to the properties of the container, other tab, select the attribute you wish to remove and click Delete.
In iManager Modify the container object, click the General tab, click 'other' underneath the General tab, select the attribute you wish to remove and click Delete.
- These attributes should not cause an issue with OES11 re-installs, but will cause and issue with OES2SP3 and earlier.If re-installing OES2SP3 DSfW call Novell Support to have these attributes removed. Since they are Read-Only, they cannot be removed with standard tools.