Server and Edir details:

Server OS = SLES 9
Server name = lxrba7
eDir = Novell eDirectory 8.8 SP2
Replica ring has 7 other servers in it and this server contains only
read/write replicas. Some SLES 9 with Novell eDirectory 8.8 SP2 and
some with Netware 6.5 and Novell eDirectory 8.8 SP5

This morning we had to reboot one of our Edir servers (lxrba7). When
the server came back up ndsd had not started and the following error was
displayed when I tried to start it manually:
-
lxrba7:~ # rcndsd start
Executing customized settings before starting the Novell eDirectory
server...
Starting Novell eDirectory server...

done
Executing customized settings after starting the Novell eDirectory
server...
/etc/init.d/nldap: line 179: [: /var/nds/dib: binary operator expected
Validation failed in post_ndsd_start script.
Please refer to //etc/init.d/post_ndsd_start.-

After some troubleshooting I found that it seemed like the issue was
being caused by duplicate entries in
/etc/opt/novell/eDirectory/conf/nds.conf. Apparently there is some bug
with adds duplicate entries to this file in some instances. In any event
I backed up the file and then removed to duplicate entries. When I
tried starting ndsd again the above error was gone but I was now getting
the following:

-lxrba7:/etc/opt/novell/eDirectory/conf # rcndsd start
Executing customized settings before starting the Novell eDirectory
server...
Starting Novell eDirectory server...

done
Executing customized settings after starting the Novell eDirectory
server...
Novell eDirectory LDAP Server is not listening on the TCP port.
Novell eDirectory LDAP Server is not listening on the TLS port.-

I have double checked that only one instance of ndsd is trying to
start. Also did the following to check relevant listening ports:

-lxrba7:~ # netstat -na | grep -i listen | egrep
"389|636|524|8028|8030"
tcp 0 0 127.0.0.1:524 0.0.0.0:*
LISTEN
tcp 0 0 191.96.111.157:8028 0.0.0.0:*
LISTEN
tcp 0 0 191.96.111.157:8030 0.0.0.0:*
LISTEN-

As you can see there is nothing listening on 389 and 636.

Below is sample output from "NDSTRACE +LDAP +TIME +TAGS", while I ran
"nldap -u" and then "nldap -l":

-INFO: LDAP Agent for Novell eDirectory 8.8 SP2 (20216.43) stopped
DEBUG: DCFreeContext context 616c0003 idHandle ffffffff, connHandle
00000000, //opt/novell/eDirectory/lib/nds-module
s/libgams.so
DEBUG: DCFreeContext context 616c0004 idHandle ffffffff, connHandle
ffffffff, unknown module
DEBUG: DCCreateContext context 616d0003 moduleHandle 00000106
//opt/novell/eDirectory/lib/nds-modules/libgams.so, id
Handle ffffffff
DEBUG: request DS Ping by context 616d0003 ,cFlags=00010584 ,
scflags=00000000 failed, system failure (-632)
DEBUG: request DSAResolveName by context 616d0003 ,cFlags=00010584 ,
scflags=00000000 failed, system failure (-632)
DEBUG: DCCreateContext context 616d0004 moduleHandle 00000106
//opt/novell/eDirectory/lib/nds-modules/libgams.so, id
Handle ffffffff
DEBUG: DCFreeContext context 616d0004 idHandle ffffffff, connHandle
ffffffff, //opt/novell/eDirectory/lib/nds-module
s/libgams.so
DEBUG: DCFreeContext context 616d0003 idHandle ffffffff, connHandle
00000000, //opt/novell/eDirectory/lib/nds-module
s/libgams.so
DEBUG: DCFreeContext context 616d0004 idHandle ffffffff, connHandle
ffffffff, unknown module
INFO: DS Local Agent is not open in GetAgentStateAndSlashTreeName
INFO: GetAgentStateAndSlashTreeName failed in ReadConfigFromDS, err =
ds locked (-663)
INFO: Could not update server configuration, err = ds locked (-663)
INFO: LDAP Agent for Novell eDirectory 8.8 SP2 (20216.43) stopped
INFO: DS Local Agent is not open in GetAgentStateAndSlashTreeName
INFO: GetAgentStateAndSlashTreeName failed in ReadConfigFromDS, err =
ds locked (-663)
INFO: Could not update server configuration, err = ds locked (-663)-

I am at the point now where it looks to me like something bad has
happened to the edir replica on this server and I am beginning to think
that perhaps the route I should follow is removing eDirectory, deleting
the relative objects from the tree and then reinstalling EDir on this
server and then re-adding it to the tree. A big concern is the fact that
this is the server that has the Novell IDM 3.6 edir-to-edir connector on
it and also has a replica of that set of objects on it, so I am
concerned that in removing eDirectory I will be creating a huge amount
of hassle in trying to get the connection with IDM back up.

Is there any thing else that I can try or some other solution that
would fix this issue...hopefully something that doesnt mean trashing
edir on this server. Many thanks to anybody willing to impart any
wisdom with regard to this issue.


--
calwynb
------------------------------------------------------------------------
calwynb's Profile: http://forums.novell.com/member.php?userid=34073
View this thread: http://forums.novell.com/showthread.php?t=447980