tips_and_howtos:edirectory_maintenance

NetIQ eDirectory maintenance how-to

This is a checklist needed do to in order to keep your eDirectory healthy and happy. I do these regularly.

Basic checks and updates.

uptime
date
df -h
yum update #rhel / centos
zypper ref; zypper up #suse

Check for errors in system logs.

journalctl -p err -b

Other log checks as necessary including eDirectory / IDM logs.

Check that time is in sync on all of the replicas.

ndsrepair -T

Fire up ndstrace, give following commands and see if any red errors come up.

#enables screen and file logging to the ndstrace.log file
SET NDSTRACE=ON
#turns off all preset filters
SET NDSTRACE=NODEBUG
#enables filtering of synchronization traffic
SET NDSTRACE=+SKLK
#initiates synchronization between file servers
SET NDSTRACE=*H

If unsure of the output do

less -iR /var/opt/novell/eDirectory/log/ndstrace.log

View the replica state for each partition with

ndsrepair -E

View replica configurations for each replica with command

ndsrepair -P

View obituaries with command

ndsrepair -C -Ad -A

Check my other document about handling stuck obituaries if you find ones.

Again fire up ndstrace and give folloing commands

#enables screen and file logging to the ndstrace.log file
SET NDSTRACE=ON
#turn off all preset filters
SET NDSTRACE=NODEBUG
#enables filter of schema synchronization traffic
SET NDSTRACE=+SCMA
Additionally you can look at the schema-related operations for both inbound and outbound by entering:
SET NDSTRACE=+SCMD
#initiates synchronization of all schemas
SET NDSTRACE=*SS

Issue local repair at each replica, one at a time.

ndsrepair -R

Check that your ndsbackup is in operation

crontab -l
ls -alt <backup-dir>

If need do a reboot

ndsmanage stopall && reboot

And check that drivers are active by using iManager, ndstrace, log files or dxcmd

dxcmd -host 127.0.0.1 -user admin.dn

Comments and suggestions

If you find bugs above please comment below. Also feel free to rate.

  • tips_and_howtos/edirectory_maintenance.txt
  • Last modified: 2021/10/24 13:51
  • by 127.0.0.1