Before you start the process of installation, ensure you have met the following prerequisites. These steps can be used to validate the state of the system before beginning the installation process.
Before installing DSfW, ensure the domain name is entered correctly in YaST. To verify and correct the domain name, do the following:
Open
. Select the option.Verify that the domain name is correct.
Select the /etc/hosts files.
option to ensure that changes you have made gets added to theVerify that the Name Server 1 points to a DSfW domain controller that is also acting as the DNS server. By default the first domain controller of the first domain will always host the DNS server. However, for the first domain controller of the first domain, Name Server 1 must be the IP address of the local server. For details see, DNS Server is Installed.
IMPORTANT:In case of installation of a child domain, make sure you specify the name of the parent domain in the
field for resolving hostnames.Click
to save the changes.Ensure that Novell DNS service is installed and the server is up and running to resolve name resolution queries.
In case of a first domain installation, the /etc/resolv.conf file must have an entry of the local DNS server. Whereas if it is child domain installation, the /etc/resolv.conf file must have the entry of the parent DNS server.
Ensure time is synchronized between all servers in the replica ring by executing the following command:
ndscheck -a <bind dn> -w <password>
This command in addition to displaying partition and replica health also displays time difference between servers in the replica ring. If you observe a time difference between the server, ensure that all the servers in the replica ring are referencing the same NTP server. After this is done, restart the NTP server by using the rcntp restart command.
Verify that the state of the servers in the replica ring is On by executing the following command:
ndsstat -r
The ndsstat utility displays information related to eDirectory servers, such as the eDirectory tree name, the fully distinguished server name, and the eDirectory version.
In case of a name-mapped installation, you are installing DSfW in an existing tree. To ensure the installation does not encounter errors, make sure you meet the following prerequisites:
Before installing DSfW, ensure the domain name is entered correctly in YaST. To verify and correct the domain name, do the following:
Open
. Select the option.Verify that the domain name is correct.
Select the /etc/hosts files.
option to ensure that changes you have made gets added to theVerify that the Name Server 1 points to a DSfW domain controller that is also acting as the DNS server. By default the first domain controller of the first domain will always host the DNS server. However, for the first domain controller of the first domain, Name Server 1 must be the IP address of the local server. For details see, DNS Server is Installed.
IMPORTANT:In case of installation of a child domain, make sure you specify the name of the parent domain in the
field for resolving hostnames.Click
to save the changes.Before installing DSfW, ensure that the eDirectory version is 8.8 SP2 or greater. You must also ensure that the eDirectory version of the servers holding the writable replica of the tree root partition is 8.8 SP2 and above.
The container in which you are installing DSfW must be partitioned.
Ensure that Novell DNS service is installed and the server is up and running to resolve name resolution queries.
In case of a first domain installation, the /etc/resolv.conf file must have an entry of the local DNS server. Whereas if it is child domain installation, the /etc/resolv.conf file must have the entry of the parent DNS server.
Ensure time is synchronized between all servers in the replica ring by executing the following command:
ndscheck -a <bind dn> -w <password>
This command in addition to displaying partition and replica health also displays time difference between servers in the replica ring. If you observe a time difference between the server, ensure that all the servers in the replica ring are referencing the same NTP server. After this is done, restart the NTP server using the rcntp restart command.
Ensure the schema is synchronized on all the servers in the replica ring by executing the following command on all the servers:
ldapsearch -b cn=schema -s base -x attributetypes=<schema attribute>
Substitute the schema attribute value with an attribute you have used in the schema.
For example: ldapsearch -b cn=schema -s base -x attributetypes=xad-domain-flag
Verify that the state of the servers in the replica ring is On by executing the following command:
ndsstat -r
The ndsstat utility displays information related to eDirectory servers, such as the eDirectory tree name, the fully distinguished server name, and the eDirectory version.
When you are installing in a name-mapped setup, ensure that you have adequate permissions for the following objects in the tree:
Container that is being provisioned
Permissions for DNS Locator and Group objects
Permissions to the Security container
Modify permissions to the NCP servers holding replica of the master server
When you are installing DSfW, it creates few default containers. Make sure that the following container names do not already exist under the domain partition:
cn=Computers
cn=Users
ou=Domain Controllers
cn=DefaultMigrationContainer
cn=Deleted Objects
cn=ForeignSecurityPrincipals
cn=Infrastructure
cn=LostAndFound
cn=NTDS Quotas
cn=Program Data
cn=System
cn=Container