UPDATE (post-publish), 20100806: Though this post was originally tested entirely on 32-bit Opensuse 11.1, thanks to the prompt by Philip (see comments below), I have set up and tested this config on 64-bit Opensuse 11.3 with the 64-bit eDirectory 8.8sp5. I can confirm that it works well. Now back to the original post…
A little while ago, I had to get a quick lab up with two redundant LDAP servers for application testing. I had some Opensuse 11.1 32-bit VM images lying around, and I chose eDirectory, for ease of administration and setup in my short time available. This is a quick way to get a high-quality, fault-tolerant free directory server on a free OS…
Of course, I happened to take notes (as I usually do), and thought I’d post them here for anyone who might be interested in doing the same.
In the following example environment, the two servers are “node1” (192.168.6.11) and “node2” (192.168.6.12), in the eDirectory tree called “NODETREE”. The rest should be obvious…
First, install the required supporting library:
zypper in libstdc++33Get the eDirectory files from Novell:
eDirectory_88SP5_Linux_i586.tar.gz
…and unzip it, and run setup:
cd /tmp/eDirectory/setup
./nds-installIgnore this “unsupported” warning. If we could enter “Of course!”, we would, but we can’t. Just enter “y”….
%%% Warning: This is not a supported platform for eDirectory 8.8.5. Please refer to NOVELL Documentation for information on supported platforms. Do you want to Continue '[y/n/q] ? '
You are prompted to agree to the license… …yes, you agree to the license…. π
Press “q” to quit viewing, and “y” to agree.
You are prompted to “Select the components you wish to install..”
Choose option 1 to install the server (or 1,2 for all). It will install needed packages.
Reboot.
Now edit the eDirectry “hosts” config file, since it is a closed environment. I’m starting on node2 for some strange reason, so I add that as the address of the tree here:
vi /etc/opt/novell/eDirectory/conf/hosts.nds…and create the following entry:
NODETREE 192.168.6.12If you’re not using DNS in your lab, you might want to make sure all eDir servers are in the hosts file. Either way, just make sure they are resolvable:
vi /etc/hosts…and create the following entries:
node1 192.168.6.11
node2 192.168.6.12Now run ndsconfig with the required parameters. Here is my example to build a new tree with the first of two servers (again, mine happens to use node2 first, but either server is fine to build the tree):
/opt/novell/eDirectory/bin/ndsconfig new -t nodetree -n ou=Services.o=CORP -a cn=admin.o=CORP -i -S node2 -B 192.168.6.12…and you will be asked for the new Admin password and the NDS (whoops, eDirectory) instance and DIB location.
Add the other server to that previously-created tree (after repeating the install procedures on the second server):
/opt/novell/eDirectory/bin/ndsconfig add -S node1 -t nodetree -n ou=Services.o=CORP -a cn=admin.o=CORP -B 192.168.6.11 -p 192.168.6.12…and that’s it! You’re up and running, and ready for LDAP requests. Of course, you might want to create an OU for users (perhaps ou=users,o=CORP), and some users, etc., etc., etc…
π
Will this work on OS11.3?
@ philip
I’m not sure if it will work in Opensuse 11.3… Honestly, I haven’t tried it. I’m sure I will though, and I’ll report back…
Make sure to let me/us know what happens if you (or anyone else) try it!
– Jeremy
UPDATE, 20100806: Thanks to the prompt by Philip (see comment above), I have set up and tested this config on 64-bit Opensuse 11.3 with the 64-bit eDirectory 8.8sp5. I can confirm that it works well.
Thanks for testing it on 11.3, I am probably gonna use it for building a test environment at work.
Maybe if you would change the title of your blog it will appeal to more people, ‘cos hey, who is using 11.1 nowadays?
Philip.
@ philip
Good advice. I have modestly tweaked the post and the subject accordingly.
By the way… I still use 11.1 in a couple places… π
Thanks!
– Jeremy
Hi Jeremy,
”
vi /etc/opt/novell/eDirectory/conf/hosts.nds
β¦and create the following entry:
NODETREE 192.168.6.12
”
Could you please tell me what exactly does this step do ?
TIA
@ goll
Ah, that. That is a manual way for the replica servers to find eDirectory (especially helpful during the installation of additional servers after the first), since I didn’t have SLP and stuff set up in my closed lab. You don’t have to do it if you have a working SLP/DNS environment, but it certainly doesn’t hurt.
π
Hello again
Thanks for the clarification π
Cheers.
Hello
I have been trying to install edirectory
./ndsconfig new -t glommensgate -n o=ew -a cn=admin.o=ew
….
….
Starting the service ‘ndsd’… Error: Cannot start ‘ndsd’, start manually.
ERROR: ./ndsconfig return value = 10
./ndscheck –config-file /etc/opt/novell/eDirectory/conf/nds.conf
..
..
ERROR: Failed to connect to server “192.168.0.167” at port “524”.
SuSE-release
openSUSE 12.1 (i586)
VERSION = 12.1
CODENAME = Asparagus
eDirectory 8.8.7
Have you trid it? Do you have some tips on how to get it working.
I have googled a lot but don’t find much info. π
Espen
@Espen-
On 12.1, eh? I haven’t tried that. I haven’t checked to see if there are other versions, or if it’s even possible…
It didn’t complain about dependancies or anything?
-Jeremy
Hello.
I did a new test on a virtual maskin.
I installed opensuse 12.1 standar KDE
Downloaded eDirectory_88SP7_Linux_i586.tar.gz
It said it needed libstdc++
So I ‘zypper install libstdc++33’
Then ‘nds-install’
No problem.
but when I tride
linux-nu9c:~/eDirectory/setup # ndsconfig new -t glommensgate -n o=ew -a cn=admin.o=ew
Enter the password for cn=admin.o=ew:
Re-enter the password for cn=admin.o=ew:
Please enter the absolute path for the instance [ /var/opt/novell/eDirectory ]:
Please enter absolute path of the database directory [ /var/opt/novell/eDirectory/data/dib ]:
Configuring the NDAP interfaces… Done
Configuring the HTTP interfaces… Done
Configuring the LDAP interfaces… Done
Configuring Novell eDirectory server with the following parameters, Please wait…
Tree Name : glommensgate
Server DN : linux-nu9c.o=ew
Admin DN : cn=admin.o=ew
NCP Interface(s) : 10.0.2.15@524
HTTP Interface(s) : 10.0.2.15@8028
HTTPS Interface(s) : 10.0.2.15@8030
LDAP TCP Port : 389
LDAP TLS Port : 636
LDAP TLS Required : Yes
Duplicate Tree Lookup : Yes
Configuration File : /etc/opt/novell/eDirectory/conf/nds.conf
Instance Location : /var/opt/novell/eDirectory/data
DIB Location : /var/opt/novell/eDirectory/data/dib
ERROR: Unable to get host IP address.
linux-nu9c:~/eDirectory/setup # ifconfig
eth0 Link encap:Ethernet HWaddr 08:00:27:89:4D:E9
inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe89:4de9/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:162162 errors:0 dropped:0 overruns:0 frame:0
TX packets:44935 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:145310669 (138.5 Mb) TX bytes:2878960 (2.7 Mb)
linux-nu9c:~/eDirectory/setup # /etc/init.d/ndsd start
redirecting to systemctl
linux-nu9c:~/eDirectory/setup # ps aux |grep ndsd
root 31465 1.1 0.5 145712 23412 ? Sl 20:02 0:00 /opt/novell/eDirectory/sbin/ndsd
Well it does look like it’s working thise time. Se if I can get a imanager working to connect to it:)
Espen
@Espen –
Well, that’s funny. Yes, sometimes just re-tracing your steps is helpful.
I was going to say that maybe you need to configure your /etc/hosts file or something, but then you figured it out..
Way to go!
-Jeremy
Works on 12.2 using eDir 8.8.7
@ mike –
Thanks for the heads-up, Mike!
-Jeremy