Directory and Resource Administrator 10.x
- Stop and Disable the NetIQ Administration Service on the Primary DRA Server BEFORE removing the LDS instance
- The ADLDS instance hosted on all Secondary DRA server(s) must be removed, BEFORE removing the Primary DRA server's ADLDS instance.
- Use Windows Add / Remove Programs to remove the existing ADLDS instance
- Modify the DRA specific ADLDS information with the Windows Registry, of the Primary sever
- Registry path: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Mission Critical Software\OnePoint\Administration\Modules\ServerConfiguration\ADAMConfiguration
- Reg path HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Mission Critical Software\OnePoint\Administration\Data\Modules\ServerConfiguration\PrimaryADAMConfiguration
- InstanceCreationFlag Note: If rebuilding the Primary DRA Serverâs LDS instance this value will be set a decimal value of 1
- Note: If using a different port number, ensure two way communication on the port between all DRA servers
- PrimaryAdminAccount â This should be set a Domain Local group, which contains the AD account used to run the NetiQ Administration Service on every DRA server within the MMS
- PrimaryInstanceStatusFlag â This should be set to decimal value 1
- PrimaryLDAPPort â This should be set the value of LDAPPort in the Primary DRA Serverâs local registry path HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Mission Critical Software\OnePoint\Administration\Modules\ServerConfiguration\ADAMConfiguration
To restore the ADLDS instance hosted on the Primary DRA Server
- Logon locally as DRA Service or a direct member of the ADLDS Administrators group
- Use the following options within the Microsoft LDS wizard,
- located in Administrative Tools within the Start Menu
- Registry path HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Mission Critical Software\OnePoint\Administration\Modules\ServerConfiguration\ADAMConfiguration).
- This value will also be the Windows Service Display name as well.
- The DRA HCU may only be run as DRA Service or a direct member of the ADLDS Administrators group
- Note: Exclude the AD LDS Replication and Instance Backup
Rebuilding the ADLDS instance hosted on the Primary DRA server will cause data loss of all DRA specific configuration data stored within ADLDS. Some of this data will be re-created by re-configuring DRA using the Delegation and Configuration console.
The following DRA feature specific configuration data can not be re-created
DRA Virtual Attributes
DRA Custom LDAP Search Queries
DRA Dynamic Group filters
Once the ADLDS instance is re-created, you will need to re-configure the following feature:
Managed Domain access account details -- This will trigger a FACR on every manged domain
Managed Tenant -- This will need to be re-added
Managed Domain Last Logon job details
DRA Reporting Collector Schedule
The DRA Reporting data , nor the DRA Change History data is not stored within LDS. This data will be saved if ADLDS is reconfigured.
The value used for Admin Account is recommended to be a Domain Local Group, which must contain the AD account used to run the NetIQ Administration Service.
The values used for LDAP and SSL ports should be the same on every DRA Server. The default value to be used is 50000 and 50001 . For more details on the ports, please see the DRA install guide .