eDirectory is the heart of OES network services and security.
If you are creating a new eDirectory tree on your network, you must do some additional planning before you install the first server into the tree. The first server is important for two reasons:
You create the basic eDirectory tree structure during the first installation
The first server permanently hosts the Certificate Authority for your organization
To ensure that your eDirectory tree meets your needs, take time to plan the following:
Structure of the eDirectory tree:
A well-designed tree provides containers for servers, users, printers, etc. It is also optimized for efficient data transfer between geographically dispersed locations. For more information, see Designing Your NetIQ eDirectory Network
in the NetIQ eDirectory 8.8 SP8 Administration Guide.
Time synchronization: eDirectory requires that all servers, both NetWare and OES, be time synchronized. For more information, see Section 12.3, Time Services.
Partitions and replicas:
eDirectory allows the tree to be partitioned for scalability. Replicas (copies) of the partitions provide fault tolerance within the tree. The first three servers installed into an eDirectory tree automatically receive replicas of the tree’s root partition. You might want to create additional partitions and replicas. For more information, see Managing Partitions and Replicas
in the NetIQ eDirectory 8.8 SP8 Administration Guide.
For information on these and other eDirectory planning tasks, see the NetIQ eDirectory 8.8 SP8 Administration Guide.
The OES 11 SP2: Getting Started with OES 11 and Virtualized NetWare guide provides a basic introduction to creating container objects as well as Group and User objects in eDirectory.
When installing into an existing tree, make sure you observe the following best practices whenever possible:
Use Existing eDirectory Objects: Whenever possible, existing eDirectory objects, organizational units, users, groups, password policies, etc. should be used during the installation.
If new contexts or users are needed, it is best to create these prior to the installation.
Synchronize Replicas Before and After: Ensure that all eDirectory partitions affected by the installation are synchronized before you begin and after you finish the installation.
Also, before installing into an existing tree, be sure you understand the information in Section 14.2.3, eDirectory Coexistence and Migration.