Www.novell.com Tips and Tricks for Using Novell eDirectory ™ Utilities Roger G. Harrison Manager,...

www.novell.com

Tips and Tricks for Using Novell eDirectory™ Utilities

Tips and Tricks for Using Novell eDirectory™ Utilities

Roger G. HarrisonManager, Software EngineeringNovell, [email protected]

Pat FelstedSenior Software EngineerNovell, [email protected]

Vision…one NetA world where networks of all types—corporate and public, intranets, extranets, and the Internet—work together as one Net and securely connect employees, customers, suppliers, and partners across organizational boundaries

MissionTo solve complex business and technical challenges with Net business solutions that enable people, processes, and systems to work together and our customers to profit from the opportunities of a networked world

Deployed Versions Novell eDirectory™ and Novell Directory Services® (NDS)

Product Version Build Version

Platforms

NetWare 5.1 SP4 (NDS 7) DS.nlm v7.57 NetWare 5.1

NetWare 5.1 SP 4 (NDS 8) DS.nlm v8.79 NetWare 5.1

eDirectory 8 DS.nlm & DS.dlm v8.79

NetWare 5.0,Win NT/2K

eDirectory 8.5.x DS v85.23 NetWare 5.x,Win,Solaris

NetWare 6 (eDirectory 8.6) DS.nlm v10110.20 NetWare 6

eDirectory 8.6.1 DS v10210.43 NW 5.1,NW 6,Win,Solaris,Linux

NetWare 6 SP1 (eDirectory 8.6.2)

DS.nlm v10310.17 NetWare 6

eDirectory 8.6.2 DS v103xx.xx NW 5.1,NW 6,Win,Solaris,Linux

eDirectory 8.7 DS v10410.xx NW 5.1,NW 6,Win,Solaris,Linux,AIX

Differences Between eDirectory and NDS®

NetWare 6

NetWare

NDS eDirectory

NOS directory focused on managing NetWare® servers

A cross-platform, scalable, standards-based directory

used for managing identities that span all aspects of the network—eDirectory

is the foundation for eBusiness

NetWare 5

Novell eDirectory™ Utilities

• DSRepair• DSBrowse• DSMerge• Backup/Restore• NDSCons

• LDAP snap-in• Index manager snap-in• Novell Import Convert Export (ICE) utility• NDS iMonitor• Novell iManager

DSRepair

• Purpose DSRepair is a tool that provides low-level

integrity checking and maintenance capabilities to address a wide range of problems that may arise in eDirectory

These problems may be originated by• Users• Third-party products• DIB (Data Information Base)

inconsistencies• Hardware failure

• Save yourself grief—use DSRepair appropriately Remember that most DSRepair options are used to

fix problems with the eDirectory DIB, not to perform routine management or maintenance operations• It’s not uncommon for Novell support to have to clean up

problems made far worse by misuse of DSRepair Good Rule: Don’t use an advanced (-a or –x switch)

DSRepair option unless you• Understand what it does• Know the ramifications of using it• Are sure you’re doing it at the right time• Are sure you’re doing it for the right reason

DSRepair:General Tips and Tricks

• DSRepair has options that are similar to those found in regular management utilities but should be used only as a last resort

Some of these options are destructive (by necessity)• Example—removal of a replica from a server should be

done via ConsoleOne® or iManager– DSRepair allows you to forcibly remove a replica, but this

is not the same thing

DSRepair:General Tips and Tricks (cont.)

• Many DSRepair features are integrated into iMonitor

Paradigm: fix the problem when you see it

• Repair while database is live eDirectory 8 and later


• Partition operations are not allowed while repairing

• Disabling index and structure check will cause the rebuilding of the entire database with database locked

• Deselect all options to do ONLY schema check

DSRepair can use temp files with this option



• Repairing network address only works if SAP or SLP are properly configured

• Single object repair may be used on a known entry that is causing a problem

Tip: this is really easy to do via iMonitor

• Launch dsrepair -af to allow copying of stream files if temporary files is selected


• DSRepair only allows the creation of a DIB archive

You can’t reload or restore it This is for troubleshooting use by Novell support

and engineering personnel

DSRepair:NetWare Tips and Tricks

• DSRepair checks volume objects for Novell Storage Solutions™ (NSS) and native NetWare but only checks trustees on native NetWare volumes

DSRepair:Windows Tips and Tricks

• Single object repair can only be run from the command line or iMonitor

command line: -so <8-digit entry_id> eDirectory 8.5 and later

DSBrowse

• Purpose Browse through the DIT (Directory

Information Tree) Search for entries that meet

specified criteria Troubleshoot problems in the

schema, partition, replicas or per object

Force resend of objects from one server to another

DSBrowse:Features

• Object browse Hierarchy Object information

• Attribute browse Attribute lists Attribute Information Values

• Schema browse Class and attribute definitions

• Partition browse• Object search

DSBrowse:General Tips and Tricks

• Use iMonitor iMonitor gives you web-based access to virtually all

of the functionality of DSBrowse (and lots more)

• Search Tips The entry flags are AND’ed together The entry creation and value modification time stamps

are used in comparisons The class field specifies the base class of the searched

objects Attribute flags are AND’ed together Attribute flags may appear on any value The value time stamp query is applied to any value

DSBrowse:Windows Tips and Tricks

• Right click on items in the DIB tree browser view to see what actions you can do on them

DSMerge

• Purpose Allows you to merge (combine) two separate

NDS trees into a single tree

DSMerge:Features

• Two styles of Merge Merge

• Combines trees at the root– Merge feature allows you to merge two trees regardless

of number of servers in each tree

Graft• Grafts the root of one tree as a “branch” of the other

– Graft feature requires that the source tree have onlyone server in it

– Supported in eDirectory 8.5 and later

DSMerge:General Tips and Tricks

• DSMerge is in eDirectory 8.5 (build 85.xx) The DSMerge utility runs on the “source” tree

and merges it into a “target” tree Supports eDirectory builds 7.xx and 8.51 or

later as target Supports source trees (will run on) eDirectory

builds 8.35 or later


• Check time synchronization before merging Both trees should have the same time source

before the merge because they’re going to be in the same tree after the merge

• You need to handle security objects properly See TID 10053573 for details


• The schema on both trees must match before you attempt a merge

Use Import Remote Schema in DSRepair to synchronize the schema from one tree to another• You need to do it at least once on each tree• It reports whether schema matches when it completes

You can check for a schema match between two trees without actually doing an import of the schema by starting a merge operation and only going to the point where the schema pre-check results are reported

DSMerge:UNIX Tips and Tricks

• Use “rdate” or “ntpdate” UNIX commands on the “master” source and target tree servers to synchronize times

• Run “ndsmerge -t” and “ndsmerge -c” on the server with the master replica of [Root]

These options check for problems that might cause the merge to fail, list the servers in the tree, and display their synchronization status

DSMerge:UNIX Tips and Tricks

• Command line ndsmerge -m target-tree target-admin source-

admin[target_container]• target-tree

– Name of the target tree• target-admin

– DN of the user with administration rights to the target tree• source-admin

– DN of the user with administration rights to the source tree• target-container

– Name with full context of the container object on the target tree to which the tree object of the source tree has to be combined

– If you specify a value to this parameter, you’re doing a graft operation, and the source tree must have a single server

Backup/Restore

• Purpose Provides a method for backing up and restoring

eDirectory Enables you to recover accidentally deleted

objects Provides a way to recover data after a disaster

Backup/Restore:Features

• New! Hot Continuous Backup in eDirectory 8.7 Highly-scalable—handles trees with millions of entries Highly-available—works on live eDirectory server DIB oriented TSANDS is also supported in eDirectory 8.7

• TSANDS Architecture Customizable to backup only specific kinds of objects Restores selected objects Provides a standard TSA architecture for all platforms

TSANDS-Based Backup/Restore:General Tips and Tricks

• Use multiple servers to backup different sections of the tree to improve performance

• Run backups on a server with a local copy of the data to improve performance

• Third-party support ARCServe BackupExec Tivoli Others

NDSCons

• Purpose Manages the eDirectory modules

on the Windows platforms

NDSCons:Features

• Start and stop services• Set startup modes (automatic/manual)• Hide and show services• Specify command line parameters for

services• Display transport information• DHost configuration file access• License information display in About box

Index Manager Snap-in

• Purpose Create and manage indexes used by the

eDirectory database to maximize performance

Index Manager Snap-in:Features

• Supports three types of indexes Value

• Matches the entire value of the indexed attribute Presence

• Tests to see if the indexed attribute has at least one value

Substring (string syntaxes only)• Matches a subset of the value of the string stored in

the attribute value– This is the most expensive index type– It is also very useful in the real world

» Example—you want to efficiently search for all users whose names begin with “Sam”

Index Manager Snap-in:Tips and Tricks (cont.)

• Don’t overuse indexes Remember that indexes speed search

performance (assuming they’re no attributes involved in the search), but they slow update performance

• You can’t delete operational (system defined) indexes

They’re required for eDirectory to function

Index Manager Snap-in:Tips and Tricks (cont.)

• Access via Indexes tab on the NCP Server properties page in ConsoleOne®

Also via ndsindex utility on Solaris and Linux systems

• Temporarily suspend user-defined indexes to improve update performance—during a bulk import, for instance

Indexes will get updated when you bring them back on line

• You can copy an index on one server to another server Select the index you want to copy Click on Other Servers… Select the server where you want the new index Click Create Index

LDAP Snap-in

• Purpose Manages and configures the eDirectory LDAP

server(s) in your tree

LDAP Snap-in:Features

• Configure LDAP via two objects LDAP Server

• Configures searching, timeouts, TCP ports, security, debug tracing, and filter replica settings

• Allows you to manually refresh the LDAP server LDAP Group

• Configures referral policies, clear text passwords, proxy information, class and attribute mappings, and a list of LDAP servers in a group

LDAP Snap-in:Tips and Tricks

• The LDAP group allows you to configure group parameters for all the servers in the same LDAP group at once

• An LDAP server can only belong to one LDAP group

If you add it to another group, it will be automatically deleted out of the previous one

• Disable TCP port forces all connections to use SSL• Allow clear text passwords allows non-SSL

connections to be established to the server

Import Convert Export (ICE)

• Purpose Imports data into the directory Exports data from the directory Automatically converts data

during operation by applying DirXML™ rules

Import Convert Export:Features

• LDIF file import and export• Delimited data file import and export• .SCH file import (eDirectory 8.7)• Data migration between LDAP directories• Test bed data generation• On-the-fly DirXML rules processing• Flexible

Combine handlers in various ways to do interesting and useful things

Import Convert Export:Features

• Remote access Based on client/server architecture

• Standards-based Works with any LDAP server

• Fast Uses the LDAP Bulk Update/Replication Protocol

(LBURP) protocol when available Up to ten times faster than synchronous LDAP

operations

Import Convert Export:Availability

• Ships with eDirectory 8.5 and later Command line ConsoleOne Snap-in wizard

• Wizards, NDS Import Export…

• Command line version is included in LDAP Libraries for C SDK

Great way to update schema using LDIF files as part of your LDAP application install

Import Convert Export:Architecture

ICE Engine

Source Handler Destination Handler

ICE Engine

Source Handler Destination Handler

Import Convert Export:LDIF Import

ICE Engine

LDIF FileSource Handler

LDAP ServerDestination Handler

Import Convert Export:LDIF Export

ICE Engine

LDAP ServerSource Handler

LDIF FileDestination Handler

Import Convert Export:Server-to-Server Data Migration

ICE Engine

LDAP ServerSource Handler

LDAP ServerDestination Handler

Import Convert Export Tip #1:Get Connected

• Make sure allow clear text passwords is set on the LDAP Server Object if you want to connect with a clear text password

This is our #1 most frequently issue

• If you do not want to use clear text passwords you need to export a .DER file from the security object and specify this

• The default port for SSL is 636

Import Convert Export Tip #1:Get Connected

• Install NICI on your workstation to enable SSL connections

Windows• Use NICI install from www.novell.com

Solaris, Linux, Tru64 (initializing as a non-root user)• Copy the NICI WKS file from /var/nici/0/xmgrcfg.wks to

a location where you have write access• Enter the path in the NICI_VARDIR variable to point to

the directory in which you have placed the/nici/0/XMGRCFG.WKS file

Import Convert Export Tip #2:Control the Amount of Data You Export

• Set search entry and search time limits on exports

You may need to set the server limits to solve problems with not getting all the data you expect on an export• 0 (zero) = unlimited

Don’t forget that these limits can be controlled at both the client (ICE utility) and server

You can use the client limits to limit the amount of data you get for testing purposes

Import Convert Export Tip #3:ICE Works with Any LDAP Server

• You can use the ICE utility to import to or export from any LDAP server regardless of vendor

Import Convert Export Tip #4:Improve Your Import Speeds

•Make sure LDAP server has LBURP extensionfor improved performance

Automatically enabled when available Automatically disabled when unavailable eDirectory 8.5 and later

• Import directly to a server with a writeable replica for all entries involved in the import

This greatly reduces network overhead


• Temporarily reconfigure the database cache See eDirectory 8.6 Administration Guide

Chapter 13

• Temporarily suspend indexes• Use simple passwords

Server• Requires Novell Modular Authentication Services

(NMAS™) (starter pack is okay) Access is seamless for LDAP clients Novell clients must support NMAS


• Change the LBURP transaction size (Unix only) “N4U.LDAP.LBURP.TRANSIZE” parameter in

/etc/NDS.CONF Range from 1 to 10,000 (default 25) Generally, higher values are better unless

• The server is running low on memory and the transaction size ends up causing the server to swap to disk

• One or more of the updates in the transaction fail(then they’re done one at a time)– Adding an entry that already exists– Adding an entry and its parent in the same transaction– Any modification that violates protocol or schema rules

Import Convert Export Tip #5:Tricks for Debugging LDIF Files

• Use the latest version Vastly improved error detection and feedback

• Check the syntax of your LDIF file -n option for the LDIF source handler “Display operations but do not perform” option on the LDIF

source handler advanced options dialog

• Use the error log file to get records that have errors• Use the range option to retry records you have fixed

without re-processing the entire file• A fairly common tricky syntax error is stray white

space on a record separator line Error message

“Operation failed: 65(Object class violation), dn:”

Traditional Error Detection

ICE EngineAdd record

17 (undefined attribute type)? LDAP Directory

LDIF File

X

Traditional Error Detection

dn: cn=XMAN000005, ou=Solar System, o=Universechangetype: addgivenname: XMAN-5sn: Universe-5fullname: XMAN-5 Universe-5objectclass: inetorgpersontelephonenumber: 1-800-0000005telephonenumber: 1-801-0000005telephonenumber: 1-900-0000005title: Title-5description: This is the test description of this record.facsimileTelephoneNumber: +1 801 123 4567cn: OtherName3-000005initials: NA...mail: [email protected]: 5 South 5 East $ Salt Lake City, Utah $ USA $ Solar SystempostalCode: 99999postOfficeBox: 99999-0005street: 5 South 5 Eastl: Salt Lake Cityst: UtahphysicalDeliveryOfficeName: Solar System Defense Organizationgroupmembership: cn=We Are the World, ou=Solar System, o=Universeuid: 5

Enhanced Error Detection with Schema Cache

Directory

ICE Engine

ICE Schema Cache

Validate Record

Error: postalCode attribute is not defined

schema

LDIF File

Import Convert Export Tip #6:Enable Forward References

• Forward references are placeholder entries created when an entry referenced by another entry doesn’t already exist

• Makes it possible to import LDIF files where the entries have circular references or are not inparent-child order

o=Acme Corp.

cn=Bob cn=Susan

cn=Jim

cn=Peter,ou=Sales,o=Acme Corp.

ou=Marketing

Typical Creation of an Object

o=Acme Corp.

cn=Bob cn=Susan

cn=Jim


ou=Marketing ou=Sales


1. Create ou=Sales

o=Acme Corp.

cn=Bob cn=Susan

cn=Jim


ou=Marketing ou=Sales

cn=Peter


2. Create cn=Peter

LDIF File to Add Peter

version: 1

dn: ou=Sales,o=Acme Corp.

changetype: add

objectClass: organizationalUnit

dn: cn=Peter,ou=Sales,o=Acme Corp.

changetype: add

sn: Michaels

givenname: Peter

objectClass: inetOrgPerson

telephonenumber: +1 415 555 0001

mail: [email protected]

userpassword: Peter123

LDIF File in Wrong Order

version: 1

dn: cn=Peter,ou=Sales,o=Acme Corp.

changetype: add

sn: Michaels

givenname: Peter




userpassword: Peter123

dn: ou=Sales,o=Acme Corp.

changetype: add

objectClass: organizationalUnit

o=Acme Corp.

cn=Bob cn=Susan

cn=Jim

ou=Marketing

Forward References:LDIF File in Wrong Order

o=Acme Corp.

cn=Bob cn=Susan

cn=Jim

ou=Marketing

cn=Peter

1. Create cn=Peter,ou=Sales


o=Acme Corp.

cn=Bob cn=Susan

cn=Jim

ou=Marketing Sales

cn=Peter

A forward reference for Sales is automatically created


o=Acme Corp.

cn=Bob cn=Susan

cn=Jim

ou=Marketing Sales

cn=Peter

eDirectory finishes creating cn=Peter


o=Acme Corp.

cn=Bob cn=Susan

cn=Jim

ou=Marketing Sales

cn=Peter

2. Create forward reference for Sales

4. Attempt to create ou=Sales

2. Create ou=Sales


Salesou=Sales

o=Acme Corp.

cn=Bob cn=Susan

cn=Jim

ou=Marketing

cn=Peter

Sales forward reference is automatically morphed into ou=Sales


o=Acme Corp.

member: cn=Susan,ou=Sales,o=Acme Corp.

Circular Group Membership

cn=Admins

ou=Engineering

cn=Bob cn=SusangroupMembership:

cn=Admins,o=Acme Corp.

LDIF File with Circular Reference

version: 1

dn: cn=Admins,o=Acme Corp.

changetype: add

objectClass: groupOfNames

member: cn=Susan,o=Acme Corp.

dn: cn=Susan,ou=Engineering,o=Acme Corp.

changetype: add

sn: Moss

givenname: Susan




userpassword: Susan123

groupMembership: cn=Admins,o=Acme Corp.

o=Acme Corp.

Typical Creation of Circular Group Membership

cn=Admins

ou=Engineering

cn=Bob

1. Create group cn=Admins

o=Acme Corp.

cn=Admins

ou=Engineering

cn=Bob cn=SusangroupMembership: cn=Admins,o=Acme Corp.


2. Create user cn=Susan with groupMembership in cn=Admins

o=Acme Corp.


cn=Admins

ou=Engineering

cn=Bob cn=SusangroupMembership: cn=Admins,o=Acme Corp.


3. Add cn=Susan as member of cn=Admins

LDIF File with Circular Reference

version: 1

dn: cn=Admins,o=Acme Corp.

changetype: add

objectClass: groupOfNames

member: cn=Susan,o=Acme Corp.

dn: cn=Susan,ou=Engineering,o=Acme Corp.

changetype: add

sn: Moss

givenname: Susan




userpassword: Susan123

groupMembership: cn=Admins,o=Acme Corp.

Breaking the Circular Reference

version: 1dn: cn=Admins,o=Acme Corp.changetype: addobjectClass: groupOfNames

dn: cn=Susan,ou=Engineering,o=Acme Corp.changetype: addsn: Mossgivenname: SusanobjectClass: inetOrgPersontelephonenumber: +1 415 555 0002mail: [email protected]: Susan123groupMembership: cn=Admins,o=Acme Corp.

dn: cn=Admins,o=Acme Corp.changetype: modifyadd: membermember: cn=Susan,o=Acme Corp.-

o=Acme Corp.

Forward References:Circular Group Membership


cn=Admins

ou=Engineering

cn=Bob

1. Create group cn=Admins with cn=Susan as a member

o=Acme Corp.



cn=Admins

ou=Engineering

cn=Bob cn=Susan

cn=Susan is automatically created as a forward reference

o=Acme Corp.



cn=Admins

ou=Engineering

cn=Bob cn=Susan

2. Create cn=Susan with groupMembership in cn=Admins

cn=Susan

cn=SusangroupMembership: cn=Admins,o=Acme Corp.

o=Acme Corp.



cn=Admins

ou=Engineering

cn=Bob

cn=Susan is automatically morphed into a real User object

Import Convert Export Tip #7:Make it Easy to Use ICE

• Add the location of ICE to your path and you can run it from anywhere

Import Convert Export Tip #8 :Use Standard I/O Redirection

• The LDIF handler supports stdin/stdout (UNIX only)

Import Convert Export Tip #9:Use ICE to Make Schema Changes

• Allows schema export to LDIF

• Supports schema modifications via LDIF

• Supports .SCH import (eDirectory 8.7)

Import Convert Export Tip #10:Use the Delimited Data Handler

• You can import data from delimited text files using the Delimited Data Handler

Handler identifier is DELIM CSV, tab-separated data, etc. Currently only available from the command line

Import Convert Export Tip #11:Use the DirLoad Handler

• You can create tons of fake test data with just a little work using the DirLoad handler

Handler identifier is LOAD Uses template files to create data Makes it much easier to generate data that models the

real world• Often test data does unrealistic things, e.g., all users are

named User0001, User0002, etc. which messes up the effectiveness of indexes (and the validity of your test results)

Good way to generate test data for application development or lab deployments

Currently only available from the command line

Import Convert Export Tip #12:Use the Import Convert Export Wizard

• ConsoleOne snap-in wizard for common tasks like importing, exporting, and migrating that lead you step by step

• Supported features provides functionality identical to the command line utility

• Saves server information across sessions so you don’t have to re-enter it

Import Convert Export Tip #12:Use the Import Convert Export Wizard

• Access via NDS Import Export Wizard on the ConsoleOne wizards menu

• The advanced buttons on each dialog expose less-frequently-used and advanced features

• Use the restart button at the end if you have a problem and all of your previous settings except passwords will be retained

Import Convert Export Tip #13:Combine Handlers in New Ways

• You can do interesting things by combining handlers in different combinations

DELIM to LDIF LDAP to DELIM LDIF to LDIF (with XML rules)

Import Convert Export Tip #14:Use DirXML Rules

•DirXML rules can be used by the ICE engine to automatically perform tasks like

Placement of new entries Resolving schema mapping issues Providing default values for required attribute

values on object creation

Import Convert Export Tip #15:Easier Data Migration

•The ICE schema cache can be used to automatically update the schema on the destination to accommodate entries from the source

Access via the –C general command line option

ICE Schema Cache

schema

entries

LDAP Directory

ICE Schema Cache

entries

LDAP Directory eDirectoryX

ICE Schema Cache

ICE Schema Cacheschema 1 schema 2

schema 1—schema 2

LDAP Directory eDirectory

ICE Schema Cache

entries

ICE Schema Cache

schema 1—schema 2

LDAP Directory eDirectory

Import Convert Export Tip #16:Get Creative with ICE

•Now that you understand how ICE works, you’ll be able to think of tons of slick tricks (pun intended) of your own

Example: find and clean up rogue ACLs in tree

NDS iMonitor

• Purpose Provides web-based monitoring and diagnostic

capabilities to all servers in your NDS tree Automatically installed with eDirectory 8.5 and

higher• Just point your web browser at http://<server>/nds

NDS iMonitor:Features

• eDirectory Health Check• Synchronization information• Known servers• Agent configuration• Hyperlinked DS Trace• Error information• Object/schema examiner

NDS iMonitor:Features

• Partition list• Agent process status• Agent activity• Verb statistics• Background process schedule• DSRepair (subset)

Novell iManager

• Purpose Provides web-based management and

maintenance for eDirectory• Combines functionality of ConsoleOne and eDirectory

utilities• Role-based

Ships with eDirectory 8.7 and higher

eDirectory Utilities Today

Utilities• Backup/Restore• DSRepair• DSBrowse• DSMerge• ...

eMBox

• A set of tools and utilities with a common point of access on the back end that supports the maintenance of eDirectory

Reuse of existing utility code Command-line accessible (scriptable) Web accessible Cross-platform

Directory Management Toolbox (eMBox)

iManager(eMFrame)

Novell iManager Architecture

LDAP Plug-in

Schema Manager Plug-in

ICE Plug-in

DSMerge Plug-in

DSRepair Plug-in

Backup/Restore Plug-in

eD

ir S

DK

eM

Box S

DK

DHost Process

ServerWeb Server

LD

AP

eMBox

HTTP

Sta

ck

SO

AP

Serv

ice

...

Service Manager

Merge eMTool

Repair eMTool

Backup/Restore eMTool

eDirectory

Bro

wse

r

Getting More Information: BrainShare 2002

• DSRepair TUT330—Advanced DSRepair

• Backup/Restore TUT234—Keeping Your Business Online with eDirectory

Backup and Restore• iMonitor

IO216—Introduction to NDS iMonitor TUT229—Practical NDS iMonitor: Case Studies

in eDirectory Diagnosis• iManager

IO116—iManager Introduction and Overview TUT131—eDirectory Administration and Management

with Novell iManager• one Net Solutions Lab

Getting More Information

• Novell eDirectory 8.6 Administration Guide Sources

• Electronic distribution on eDirectory 8.6.1 CD• Download soft copy or buy hard copy at

http://www.novell.com/documentation Chapter 7

• iMonitor Chapter 8

• DSMerge• Index Manager• Import Convert Export

Chapter 12• Backup/Restore

Getting More Information

• Novell LDAP Developer’s Guide Info on configuring, administrating, and

troubleshooting LDAP and using LDAP utilities• Chapter 11: Import Convert Export (ICE)

ISBN: 0-7645-4720-8

• LDAP Tools section of the LDAP Libraries forC SDK documentation

Import Convert Export (ICE)

• Logicsource II for NDS (www.shop.novell) Especially good DSRepair information

Www.novell.com Tips and Tricks for Using Novell eDirectory ™ Utilities Roger G. Harrison Manager,...

Documents

Transcript of Www.novell.com Tips and Tricks for Using Novell eDirectory ™ Utilities Roger G. Harrison Manager,...