Environment
Open Enterprise Server 11 SP2 (OES11SP2)
Open Enterprise Server 11 SP1 (OES11SP1)
Open Enterprise Server 2 SP3 (OES2SP3)
Domain Services for Windows
DSfW
eDirectory
Situation
First DSfW Server installed into tree (FRD NM)
Install fails with 64 bit syntax error
Resolution
The install is checking the version of the eDirectory server specified in the YaST configuration section of the install.
The script that checks the version is /opt/novell/xad/share/dcinit/ndsSchVersionCheck.sh.
Run the script with a -x to see the output.
Example for an eDir server with IP Address of 192.168.1.10 and Tree name of MYTREE
sh -x /opt/novell/xad/share/dcinit/ndsSchVersionCheck.sh 192.168.1.10 MYTREE
sh -x /opt/novell/xad/share/dcinit/ndsSchVersionCheck.sh 192.168.1.10 MYTREE
Examine the results for the "ServerMajorVersion"
+ ROOT_SERVER=192.168.1.10
++ echo MYTREE
++ tr '[:lower:]' '[:upper:]'
+ treeName=MYTREE
++ /usr/bin/ldapsearch -h 192.168.1.10 -b '' -s base -LLL -x dsaName
++ sed ' /^ / {; H; d; }; /^ /! {; x; s/\n //; }; '
++ grep dsaName
++ awk '-FdsaName: ' '{print $2}'
+ NcpServerDN=cn=eDIR,o=Novell
+ '[' cn=eDIR,o=Novell = '' ']'
++ awk -F, '{print $1}'
++ awk -Fcn= '{print $2}'
++ echo cn=eDIR,o=Novell
+ NcpServerName=eDIR
++ echo cn=eDIR,o=Novell
++ sed -e 's/\,\([a-z,A-Z,0-9]*\)=/.\1=/g' -e s/st=/s=/ig
+ NcpServerDN_NDS=cn=eDIR.o=Novell
++ /opt/novell/eDirectory/bin/ndsstat -h 192.168.1.10 -p .T=MYTREE. -d
++ grep -i '^.cn=eDIR.o=Novell'
+ ReplicaRing='.CN=eDIR.O=Novell.T=MYTREE. Master On 20705.00 eDirectory for Linux x86_64 v8.8 SP7 [DS] '
+ test -z '.CN=eDIR.O=Novell.T=MYTREE. Master On 20705.00 eDirectory for Linux x86_64 v8.8 SP7 [DS] '
++ echo '.CN=eDIR.O=Novell.T=MYTREE. Master On 2 0705.00 eDirectory for Linux x86_64 v8.8 SP7 [DS] '
++ sed s/cn=eDIR.o=Novell//i
++ awk '{print $2}'
+ ReplicaType=Master
+ test -z Master
+ ServerMajorVersion=0
++ /usr/bin/ldapsearch -h 192.168.1.10 -b '' -s base -x
++ sed ' /^ / {; H; d; }; /^ /! {; x; s/\n //; }; '
++ grep -i version
++ tail -1
++ awk -F '(' '{print $2}'
++ awk -F . '{print $1}'
+ ServerMajorVersion=
+ '[' -eq 0 ']'
/opt/novell/xad/share/dcinit/ndsSchVersionCheck.sh: line 43: [: -eq: unary opera tor expected
+ '[' Master = Master -o Master = Read/Write ']'
+ '[' -n ']'
+ '[' -ge 20214 ']'
/opt/novell/xad/share/dcinit/ndsSchVersionCheck.sh: line 52: [: -ge: unary opera tor expected
exit 1
In this case the "ServerMajorVersion" is returning NULL instead of a version like 20705 and that is the reason for the failure.
Do the following ldapsearch changing the the IP address to the eDirectory server being queried:
/usr/bin/ldapsearch -h 192.168.1.10 -b '' -s base -LLL -x vendorVersion
If the vendor version is returned and not 8.8 SP2 (20214 ) or greater, point to another eDirectory server running eDirectory 8.8 SP2 or greater.
If the vendor version is not returned then check that anonymous bind is enabled on the eDirectory server being queried for the version.
Versify ldap is up and listening:
netstat -tupan |egrep "389|636" | grep LISTEN
Should return similiar results to this:
tcp 0 0 0.0.0.0:389 0.0.0.0:* LISTEN 3366/ndsd
tcp 0 0 0.0.0.0:636 0.0.0.0:* LISTEN 3366/ndsd
If ldap is listening and anonymous bind is enabled take a ldap trace to troubleshoot ldap on this server. TID 7009602
If a ldap proxy user is configured on the eDirectory server, check that the proxy user has rights to the version attribute at the root of the tree. If a proxy user is not configured on the ldap server object the default rights used in an anonymous ldap bind is Public. By default Public should have the correct rights. If Public's rights have been modified (usually limited), verify Public has rights to version at the root of the tree.
Check for inherit rights filters (IRFs).
Try pointing to another eDirectory server.
+