Environment
Novell Open Enterprise Server 2 SP1 (OES2SP2)
Novell Open Enterprise Server 2 SP2 (OES2SP3)
Domain Services for Windows
DSFW
Novell Open Enterprise Server 2 SP2 (OES2SP3)
Domain Services for Windows
DSFW
Situation
Upgrading DSFW from OES2SP2 to OES2SP3 through the channel fails. The RPMs are installed and after rebooting the server to continuing the upgrade we see a failure to either update the password policy being updated or updating the domain with ACL of uniqueDomainID
Below is an example of failing to update the domain container with the ACL of uniqueDomainID
2011-01-02 10:10:26 Executing ... SASL_PATH=/opt/novell/xad/lib/sasl2 LD_PRELOAD=/opt/novell/xad/lib/libadmpasswd.so /usr/bin/ldapmodify -f
/tmp/tmp.Ij0Fh7jm
2011-01-02 10:10:27 Updated the password policy
2011-01-02 10:10:28 LDAP server not started yet, retrying ..
2011-01-02 10:10:30 Executing ... SASL_PATH=/opt/novell/xad/lib/sasl2 LD_PRELOAD=/opt/novell/xad/lib/libadmpasswd.so /usr/bin/ldapmodify -f /tmp/tmp.AQDHsLSs
2011-01-02 10:10:30 Failed to update o=novell with ACL of uniqueDomainID: 16 - [ldap_modify: No such attribute (16) additional info: NDS error: no such attribute (-603) modifying entry "o=novell"], retrying... at /opt/novell/xad/lib/perl/upgrade2sp3.pm line 299.
Below is an example of failing to update the domain container with the ACL of uniqueDomainID
2011-01-02 10:10:26 Executing ... SASL_PATH=/opt/novell/xad/lib/sasl2 LD_PRELOAD=/opt/novell/xad/lib/libadmpasswd.so /usr/bin/ldapmodify -f
/tmp/tmp.Ij0Fh7jm
2011-01-02 10:10:27 Updated the password policy
2011-01-02 10:10:28 LDAP server not started yet, retrying ..
2011-01-02 10:10:30 Executing ... SASL_PATH=/opt/novell/xad/lib/sasl2 LD_PRELOAD=/opt/novell/xad/lib/libadmpasswd.so /usr/bin/ldapmodify -f /tmp/tmp.AQDHsLSs
2011-01-02 10:10:30 Failed to update o=novell with ACL of uniqueDomainID: 16 - [ldap_modify: No such attribute (16) additional info: NDS error: no such attribute (-603) modifying entry "o=novell"], retrying... at /opt/novell/xad/lib/perl/upgrade2sp3.pm line 299.
Resolution
To prevent the failure extending DSFW schema after the RPMs are updated and before the server reboot.
The workaround to continue the upgrade after the failure is to:
kinit administrator
Enter password when prompted
Then run the /opt/novell/xad/sbin/upgrade_dsfw.pl script.
The workaround to continue the upgrade after the failure is to:
kinit administrator
Enter password when prompted
Then run the /opt/novell/xad/sbin/upgrade_dsfw.pl script.