Solved

Upgrade to EDirectory

Posted on 2004-04-23
33
923 Views
Last Modified: 2007-12-19
I'm running four Netware 5.0 servers with NDS version 7.51 and one 5.1 server with Edirectory 8.82.

I'd like to run all at some version of EDirectory.   Naturally, it is not supported so there isn't much documention.

Do you have a recommended way of performing this upgrade?  
0
Comment
Question by:teemdance
  • 11
  • 10
  • 6
  • +2
33 Comments
 
LVL 34

Expert Comment

by:PsiCop
ID: 10901600
Note that NetWare v5.0 was EOLed a year or so ago, and is no longer supported by Novell. I have not checked to be sure, but I do not think that eDirectory v8.8.2 has been tested on NetWare v5.0. If I'm right, then I would strongly recommend you avoid such a configuration (eDirectory v8.8.2 on NetWare v5.1).

If I were you, I would upgrade the v5.0 servers to v5.1 to ensure that eDirectory is going to function on them, and then update eDirectory. When upgrading the v5.0 servers, be sure to use the appropriate Overlay CD, but don't apply one with a later Support Pack than the existing v5.1 server is already running.

It may make life easier to move the NDS replicas off of each server as you perform the upgrade, and then return the replica to the server once the upgrade is complete.

Be sure that NDS is healthy before starting this process - run DSREPAIR on all servers hosting replicas.
0
 

Author Comment

by:teemdance
ID: 10902105
Thank you for the input.   You are correct - 5.0 was EOLed.   Do you have any comments about running a version 8.X on the 5.0 servers?   If so, is it just a matter of replacing dsloader and ds.nlm?   I appreciate your assitance.
0
 
LVL 34

Expert Comment

by:PsiCop
ID: 10902163
No, it is NOT just a matter of replacing one or two NLMs. There are significant structural differences between NDS v7 and eDirectory v8.

In my original comment, I specifically stated that I do *not* recommend you run eDirectory on NetWare v5.0. I'm not sure if Novell has specifically stated this, but my experience is that NetWare v5.1 is a bare minimum for that version of eDirectory.

For that matter, I don't think its such a good idea to run eDir v8.8 in the same tree as NDS v7, but it seems to be working for you, so I was going to leave well-enough alone. eDirectory is MUCH more sensitive to version variations than NDS.

In short, I recommend you upgrade your NetWare v5.0 servers to v5.1, and THEN update them to eDir 8.8.2.
0
 
LVL 10

Accepted Solution

by:
DSPoole earned 85 total points
ID: 10904942
you are not running "eDir v8.8" on NetWare 5.0 - you are running NDS 8 on NetWare 5.0

eDirectory is ONLY supported on NetWare 5.1 and above.  It won't install on NetWare 5.0 - do NOT ATTEMPT TO MANUALLY REPLACE THE FILES - you'll hose up the directory on those servers.

The latest version of eDirectory is 8.7.3 for NetWare 5.1 and above, Windows, Linux and *nix platforms.
0
 
LVL 34

Assisted Solution

by:PsiCop
PsiCop earned 83 total points
ID: 10904995
Thanks, DSPoole. I wasn't up on which rev was supported on the older versions.

teemdance, DSPoole's info pretty much confirms what I've been trying to tell you - the newer versions of eDirectory are not supported on old, EOLed versions of NetWare. You need to upgrade NetWare before you can upgrade to newer eDirectory. If you try your Mickey-Mouse idea of just replacing a few files, at best you'll just screw up those servers, if you don't kill your entire NDS tree.
0
 
LVL 30

Assisted Solution

by:pgm554
pgm554 earned 82 total points
ID: 10908853
When 5.0 shipped ,you had 2 choices for DS , DS7(recman) or DS8(FLAIM),EDIR is an upgraded more functional version of DS8.
On a 5.0 server EDIR 8.5.x is the ONLY version of EDIR that will run on a 5.0 .So yes ,you can upgrade to EDIR.

Bear this in mind,even when you have met all of the pre req's that Novell asks you to do before an upgrade and EVERYTHING looks fine,you can still have a major F.U. ,because of a bug or undocumented issue.
You need to very careful ,because I have gone through issues with Novell tech support where backline blames stuff on the developers and the developers may or may not have fixed something that had been an issue with that release.

I have been there and done that.
0
 
LVL 30

Expert Comment

by:pgm554
ID: 10908896
Wait a minute ,you aren't running the "real"  EDIR on the 5.1 box either,only DS 8.

If you want to run the same version DS on both the 5.1 and the 5.0 boxes, go to 8.5.1,it runs on both.
So if your issue is wanting matched real EDIR on the boxes,then  8.5.1 is where you should go.
0
 

Author Comment

by:teemdance
ID: 10919090
So, you are saying:

I can run the same version of Directory Services (8.5.1) on all my servers (5.0 and 5.1).  

If I want to run *EDirectory* than I must upgrade the 5.0 boxes to at least 5.1 or better, than perform the upgrade.

Thank you for the education and valuable input.

Jon H.

0
 
LVL 30

Expert Comment

by:pgm554
ID: 10920976
No,the first unified EDIR was code named Tao which is  the 8.5.x (DS 85.12),it will run on the 5.1 and 5.0 boxes.
The version you are running is NDS 8,which can be called EDIR,but the unification took place with the release of TAO (8.5.x).
According to the documentation,TAO will run on both platforms.

I know it is confusing,but between the marketing folks and the engineering people ,there was an identity crisis as to what should be named what.That is why Novell has an "identity" crisis.

Now,with that being said,would it be better to have all machines running as the same OS and patch level?You betcha'.

But if money and expertise are a problem,then the Edir upgrade thing is a workable solution.
There are some performace enhancements with the newer EDIR,but it has been my experience that no upgrade ever goes as smoothly as you might think. Just my 2 cents.

0
 
LVL 34

Expert Comment

by:PsiCop
ID: 10921314
When he said "Edirectory 8.82" in his original message, I quite naturally assumed he had eDirectory. I think DSPoole made the same assumption as well.

If he has NDS version 8 as opposed to eDirectory, then yes, he can do what he wants. But it depends on *precisely* what he has running. His statements to date have been contradictory.
0
 
LVL 30

Expert Comment

by:pgm554
ID: 10922007
He was right, because Novell did (does) refer to that version as edir.
I was at a Novell reseller meeting a few years ago and the folks at Novell did indeed refer to DS 8.x as a build of Edir.TAO was supposed to be the real release of Edir.

Let's review some Novell marketing confusers.
 
How about NDS for NT > Corporate NDS >Edirectory?

How about the Managewise/ZEN situation? You had Managewise and Zen for Servers plus Zen for desktops all kinda’ lumped in to Zenworks 6 suite. But Novell not doing a good job of "splaining it to everybody.

DirXML > Nsure Identity Management

How about the new Nsure and the old DENIM moniker?

Netware >Intranetware>Netware

Sound confusing? Yup!

Hey ,lookit, I 've been a CNS 5/6.X for a few years all ready, so if I'm confused at times ,just think what the regular folks must be think about the name changing.


ARRRRGHHHHHHH!!!!!!!!
0
 

Author Comment

by:teemdance
ID: 10922042
Wow!   I'm going back over this tomorrow.   Thanks - I'll post something tomorrow.

Best Regards,

Jon
0
 
LVL 10

Expert Comment

by:DSPoole
ID: 10922150
'How about NDS for NT > Corporate NDS >Edirectory?'

Actually, that was "NDS Corporate Edition" and it's now "Novell Account Manager" which comes in either "Enterprise Edition" or specific versions (ie:  Windows, UNIX, etc.)

eDirectory is not NDS for NT.

NDS for NT (and it's itterations) was a product that sync'd information FROM NDS/eDirectory to/from NT Domains/ActiveDirectory.
0
 
LVL 30

Expert Comment

by:pgm554
ID: 10922693
NDS Corporate Edition, NDS for NT, NDS for Solaris and NDS for Linux, Novell Account Management 2.1, and NDS Authentication Services have all been rolled into NAM 3.0.There are no longer any specific versions for OS's.

NDS for NT and NAM 2.1 worked only on an NT 4 Domain (samsrv.dll),NAM replaced the the samsrv.dll on the NT 4 boxes.You can't do that on a 2000 box or above ,Dirxml is needed.
They have just recenly released a version of Dirxml (Nsure Identity Manager)that will do the new 2003 AD.

As I said before ,it is quite confusing.
0
 
LVL 34

Expert Comment

by:PsiCop
ID: 10922758
None of which really answers the question we need answered, namely what EXACTLY is the DS on the server?

teemdance, what EXACTLY is the output from the console command --> MODULES DS.NLM
0
 
LVL 30

Expert Comment

by:pgm554
ID: 10922785
Here is a chart of Edir versions along with their code names and supported platforms.




    www.dreamlan.com/nds-version.gif



Hope this unconfuses a bit.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 30

Expert Comment

by:pgm554
ID: 10922859
He is running DS 8.82 .Code name Fusion.I believe the latest release for that DS 8 is 8.85 .

The 8.8.2 in his post is a red herring.There is no such version.It appears to maybe be a typo.

He should be able to upgrade to TAO.
0
 

Author Comment

by:teemdance
ID: 10927778
Here are two screen shots from my environment (requested commands from above):

http://64.0.249.94/screenshot1.html
http://64.0.249.94/screenshot.html

So, I believe my solution is:

1) Match versions of NDS modules.  

2) Request the dollars to perform an upgrade on 4 servers from 5.0 to 6.X

3) Perform upgrade to E-Directory (from NDS).

 

0
 
LVL 30

Expert Comment

by:pgm554
ID: 10930180
If you got the bucks,go for it.But the are MANY caveats.
The NWdeploy utility is a start.
No matter what Novell or anybody else tells you,the upgrade is not as straight forward as they make it

Minimum RAM on a 6.5 server is 512 mg.(it won't install with anything less)

The SYS volume should be about 4 gigs.The DS database can grow VERY large.

If you want the advantages of clustering ,you will need to convert the traditional volumes to NSS.

The backup software will need to be upgraded to something that will support 6.x.

The licensing scheme is completly different in the 6 world as opposed to the 5.X(unless you had a MLA).

Your SLP scope will have to be named for SLP version 2.

If you are clustering ,there can be NO IPX on the servers or clients.

Timesync that doesn't do RIP/SAP will need to be configured.

Que based printing will need to be converted to NDPS.

If you need to go to bigger faster hardware,plan on buying Server Magic or Portlock to make the move .

Your DS MUST be in tip top shape ,no errors allowed.If you hammer that ,you are dead in the water.

These are off of the top of my head.

So you have been advised.
0
 

Author Comment

by:teemdance
ID: 10931110
Sounds like I'd be better off starting over.  

New hardware, new OS, new tree and LPR printing.    

Thanks for the input.  
0
 
LVL 34

Expert Comment

by:PsiCop
ID: 10931725
One advantage of going to v6.x is that licensing becomes per-seat. Doesn't matter how many physical servers you have, you just pay per user. This is a significant departure from v5.x licensing.
0
 
LVL 30

Expert Comment

by:pgm554
ID: 10932798
There are a lot of advantages to upgrading and, if done right ,will make your life as a sysadmin a whole lot easier.

But you need to understand what challeges you will face from somebody who has been there and done that.
If you can find a design consultant who has done a few upgrades,work with that person on the research and design of what it is you want to accomplish.

If the upgrade is planned correctly, you will be satisfied with the end result.If ,on the otherhand ,the approach is done haphazardly,you will have a few more gray and a few less hairs at the end of the project.
0
 
LVL 10

Expert Comment

by:DSPoole
ID: 10932863
pgm554:

NAM3 allows you to do ActiveDirectory as well:

http://www.novell.com/products/accountmanagement/quicklook.html

'To protect your servers and their resources, you need a uniform way to control and manage user account information across your various network platforms, including OS/390, Linux, Solaris, AIX, HP-UX, Windows NT Domain, ***Windows 2000 AD***, Windows 2000/NT standalone and FreeBSD. Novell® Account Management is a cross-platform access-management product that provides consistent protection so your server platforms can work together reliably, as one Net. '

NAM2.1 is, outdated... ;)
0
 
LVL 10

Expert Comment

by:DSPoole
ID: 10932891
PsiCop:

'One advantage of going to v6.x is that licensing becomes per-seat. Doesn't matter how many physical servers you have, you just pay per user. This is a significant departure from v5.x licensing.'

Actually, it's per-CONNECTION with 6.5.  This means that, I, as one user can eat up three licenses if I have three computers to log into.  It's an advantage if you have more users than computers.  I think you have to count printers and the maximum number of Citrix/Terminal Services licenses as well.
0
 
LVL 10

Expert Comment

by:DSPoole
ID: 10932908
pgm554:

'Que based printing will need to be converted to NDPS.'

Not true, NetWare 6.5 supports queue-based printing, under IPX no less.  You can also do queue-based printing under IP by assigning the NDPS printer to service the queue.

0
 
LVL 30

Expert Comment

by:pgm554
ID: 10933162
If you cluster and go to IP only,you will need to go to NDPS.You can't have IPX on the clustered servers or the clients that will use the cluster services.

As for the NAM thing,if you look at my post,I say that NAM 3 combines all of the old products into one all encompassing product.

My point was, that Novell has a confusing way of relaying what products are doing what now a days.

As for 6.x licensing,it is all done through the tree,NDPS has an advantage over QUE based printing in that it takes up only one connection license,regardless of the number of printers serviced.

Licensing on 6.x is no longer concurrent.If you create a user on 6.X ,and that user logs in once,that user is counted against your license count for 90 days.

I don't like that,but what ya' gonna do?
0
 
LVL 30

Expert Comment

by:pgm554
ID: 10933279
One other point,when clustering NDPS the print queues will not fail over because they are server centric and not tree centric.So if you have a file server failure and the queues are on the sys volume ,no printing from the queues.

So unless you really need queue printing,why bother?
0
 
LVL 34

Expert Comment

by:PsiCop
ID: 11009295
teemdance, has your Question been answered?
0
 

Author Comment

by:teemdance
ID: 11034106
I'm satisfied.   Thank you!
0
 
LVL 34

Expert Comment

by:PsiCop
ID: 11034637
Glad to hear that. Please don't forget to close the Question and award points to the Expert(s) who helped you.
0
 

Expert Comment

by:jpierre76
ID: 11858997
Greetings,

I have a dilemma:

Someone intelligent has upgraded NW 5.0 SP6a to NDS 8.512 and now they are asking me (a rusted CNE) to upgrade theses boxes to NW 5.1. They have ZENworks 4.01 as well.

I appreciate all recipes to that one :-)

Cheers,
Jimmy
0
 
LVL 34

Expert Comment

by:PsiCop
ID: 11864934
jpierre,

Its generally considered bad form in EE to piggyback on another Asker's Question like this, even if your topic is related. Instead, you should open your own Question using your own Question Points.

That said, the upgrade should be fairly painless, and can be done either "in place" or as a forklift using Migration Wizard. If you still need more help, please open your own Question.
0
 
LVL 34

Expert Comment

by:PsiCop
ID: 11865194
Whoops! Sorry, hadn't seen your new Question.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
In this article, I will show you HOW TO: Create your first Windows Virtual Machine on a VMware vSphere Hypervisor 6.5 (ESXi 6.5) Host Server, the Windows OS we will install is Windows Server 2016.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now