Hi, I'm trying to recreate a production environment. I need to get
working two eDirectories so I can later get an IDM edir2edir driver to
connect them. The issue is I'm having some trouble with the restore of
the eDirectory.

What I do first is to backup the productive server with:


Code:
--------------------
dsbk backup -t -e novell -b -f fileBackup -l logFile
--------------------


After that in a VM running SUSE Linux Enterprise Server 11 (x86_64) SP2,
I installed the x64 version of eDirectory in its version 8.8 SP6 (same
as the backup). In order to restore the backup first I create a
temporary tree with:


Code:
--------------------
ndsconfig new -t "MY-TREE" -n servers.services.tree -a admin.services.tree -w novell -d /var/opt/novell/eDirectory/data/dib -D /var/opt/novell/eDirectory
--------------------


Later I restore with dsbk the backup. This with:

Code:
--------------------
dsbk restore -f fileBackup -l logFile -r -a -o -u -n -v -k -e novell
--------------------


The log says the restore is OK, but afterwards the ldapserver doesn't
answer any of the queries you make. When I restart the server I get:

Code:
--------------------
$> rcndsd restart
Executing customized settings before stopping the Novell eDirectory server...
Stopping Novell eDirectory server...
........................ done
Executing customized settings after stopping the Novell eDirectory server...
Executing customized settings before starting the Novell eDirectory server...
Starting Novell eDirectory server...
done
Executing customized settings after starting the Novell eDirectory server...
Novell eDirectory LDAP Server is not listening on the TCP port.
Novell eDirectory LDAP Server is not listening on the TLS port.
--------------------


The ndsd.log shows "*The local agent could not be opened - failed,
CCS_UnwrapKey failed (-6061)*":

Code:
--------------------
Jul 31 13:52:59 Path of Novell eDirectory configuration file /etc/opt/novell/eDirectory/conf/nds.conf
Jul 31 13:52:59 Host process for Novell eDirectory 8.8 SP6 v20601.18 successfully started
Jul 31 13:52:59 DHLog: file size 1048576
[ -- DHost Logging STARTED Wed Jul 31 13:52:59 2013 -- ]
Jul 31 13:52:59 MASV Init called
Jul 31 13:52:59 Mandatory Access Control Service Version: 2.0.1 started
Jul 31 13:52:59 started
Jul 31 13:52:59 SPM DClient Version:3.3.3.0 Build:20100914 started
Jul 31 13:52:59 MASV Init called
Jul 31 13:52:59 MASV already initialized.
Jul 31 13:53:00 The local agent could not be opened - failed, CCS_UnwrapKey failed (-6061)
Jul 31 13:53:01 GAMS Init called
Jul 31 13:53:01 Graded Authentication Management Service Version: 2.0.1 started
Jul 31 13:53:01 Information: SNMP Trap Server for Novell eDirectory 8.8.6 v20601.30 started.

Jul 31 13:53:02 NDS iMonitor for Novell eDirectory 8.8 SP6 v20601.10 started successfully.
Jul 31 13:53:02 Novell PKI Services Started Successfully
Jul 31 13:53:02 Loading SecretStore Server...
Jul 31 13:53:02 Novell SecretStore Service Version 3.4.2 Loaded Successfully
Jul 31 13:53:02 Loading SecretStore NCP Transport Plugin...
Jul 31 13:53:02 Novell SecretStore NCP Plugin Version 3.4.2 Loaded Successfully.
--------------------


The only way to start the eDirectory without troubles is with "*rcndsd
start -rdb*":


Code:
--------------------
$> rcndsd start -rdb
Executing customized settings before starting the Novell eDirectory server...
Starting Novell eDirectory server...
done
Executing customized settings after starting the Novell eDirectory server...
Novell eDirectory LDAP Server is listening on the TCP port.
Novell eDirectory LDAP Server is listening on the TLS port.
--------------------


After having the eDirectory running I clean up (delete) from the
directory (via iManager) the objects of other servers that exist in the
productive environment, promote the server to master of the partitions
(if necesary), check the eDirectory health (ndsrepair -E, -T, -N),
repair the database (ndsrepair -R) and try to restart the service
obtaining the same result without the "-rdb" flag.

What do you think I'm doing wrong? Am I missing something?
I will really appreciate your help!


--
guillermoveitia
------------------------------------------------------------------------
guillermoveitia's Profile: https://forums.netiq.com/member.php?userid=598
View this thread: https://forums.netiq.com/showthread.php?t=48302