SHIFT

--- Sjoerd Hooft's InFormation Technology ---

User Tools

Site Tools


Sidebar

Recently Changed Pages:

View All Pages


View All Tags


LinkedIn




WIKI Disclaimer: As with most other things on the Internet, the content on this wiki is not supported. It was contributed by me and is published “as is”. It has worked for me, and might work for you.
Also note that any view or statement expressed anywhere on this site are strictly mine and not the opinions or views of my employer.


Pages with comments

View All Comments

edirectoryhealthcheck

eDirectory Health Check

This is a simplification of the Novell document NDS / eDirectory Health Check Procedures - Cross Platform. This article handles only netware and linux, but in the same way. We assume you have the NDSRepair for UNIX Menu Wrapper installed and know how to work with it, which is explained on the download page. If this article refers to DSREPAIR.NLM it also refers to the dsrmenu utility. You still could use original document to determine if you have a static or a dynamic tree, and with that how often you should perform a health check. My experience tells me that most environments have a static tree and need a health check once every month. If you add and remove servers, partitions and schema files almost weekly you should also perform a health check once a week. This is how dsrmenu looks like:
dsrmenu.jpg
NDSRepair for UNIX Menu Wrapper for eDirectory 8.5, 8.6 and 8.7
NDSRepair for UNIX Menu Wrapper for eDirectory 8.8:
This is how dsrepair.nlm looks like:
dsrepair.jpg

Health Check procedure

STEP 1 - Verifying DS Versions

All NDS versions should be at the latest version on their respective operating system platforms. You can verify all DS version that exist in your tree by using the DSREPAIR utility. All servers in the tree should be patched to the latest available versions. Netware&Linux - Performing a time synchronization check within DSREPAIR (DSREPAIR.NLM | Time Synchronization) will report the DS version for each server in the tree. Load DSREPAIR.NLM from the server console and execute 'Time Synchronization'

STEP 2 - Time Synchronization

NDS communication uses timestamps to uniquely identify objects and the objects modification time for synchronization purposes.  If servers in the tree are not synchronized to the correct local time (or more importantly, to each other) replica synchronization will not be reliable and severe object corruption and data loss can be experienced.  To avoid these problems, time must be in sync across all servers in the network. The following steps outline how to check time synchronization for each platform: Netware&Linux - Load DSREPAIR.NLM from the server console and execute 'Time Synchronization'. This process will check every server in the tree (including NT, Unix and Linux servers) and report whether the server's time is synchronized to the network.

STEP 3 - Server-to-Server Synchronization

NDS servers communicate changes made to objects and partitions boundaries. This step is used to verify that no errors exist when NDS performs synchronization process. To perform this step, a server must have a replica to display the needed NDS trace information. Netware - From the file server console prompt type:

SET DSTRACE=ON (this activates the NDS eDirectory transactions screen)
SET DSTRACE=NODEBUG (turns off all preset filters)
SET DSTRACE=+S (this makes it so you can see the synchronization)
SET DSTRACE=*H (this initiates NDS eDirectory synchronization between servers)

Once you have enough trace information type the following to turn DSTRACE off.

SET DSTRACE=NODEBUG
SET DSTRACE=OFF

The NDS eDirectory trace screen can be viewed by selecting 'Directory Services' from the list of Current Screens made available by pressing the two keys <CTRL><ESC> simultaneously. If there are not any errors, there will be a line displaying 'All Processed = Yes.' This message will be displayed for each partition contained on this server. If the information is more than can fit on a single screen, use the following command to save it to a file for viewing:

SET TTF=ON (sends DSTRACE screen to SYS:SYSTEM\DSTRACE.DBG file, which can be viewed in any text editor)
SET DSTRACE=*R (resets the DSTRACE.DBG file to 0 bytes)
SET TTF=OFF (once NDS eDirectory has completed synchronizing all partitions)

You can then map a drive to your server's SYS:SYSTEM directory and bring the DSTRACE.DBG file up in a text editor. Search for '-6' and '-7' (this will show any NDS errors during synchronization, such as -625 or -746), or 'YES' (this will show successful synchronization for a partition). Linux - Execute “ndstrace” from the server command-line. Within the ndstrace utility enter:

SET NDSTRACE=ON (enables file logging to /var/nds/DSTRACE.LOG)
SET NDSTRACE=NODEBUG (turns off all preset filters)
SET NDSTRACE=+SKLK (enables filter of synchronization traffic)
SET NDSTRACE=*H (initiates synchronization between file servers)

The displayed information is also saved in the DSTRACE.LOG file, which can be viewed by any text editor.

STEP 4 - Replica Synchronization

This step reports replica synchronization status for every partition that has a replica on the current server. This operation reads the Synchronization Status attribute from the replica object on each server that holds replicas of the partitions. It displays the time the last successful synchronization to all servers and any errors that have occurred since the last synchronization. Netware&Linux - DSREPAIR.NLM | Report Synchronization Status.

STEP 5 - External References

This step checks each external reference object to determine if a replica containing the object can be located. It will also display obituaries and will show you the states of all servers in the back link lists for the obituaries. Netware&Linux - DSREPAIR.NLM | Advanced Options Menu | Check External References

STEP 6 - Replica States

This step lists partitions and states of the replicas stored in the current server's NDS database files. Netware&Linux - DSREPAIR.NLM | Advanced Option Menu | Replica and Partition Operations

STEP 7 - Schema Synchronization

Each of the NDS servers have schema definitions that are used for creating and maintaining objects. This step is used verify that schema synchronization between servers is working correctly. To perform this step, a server must have a replica to display the needed NDS trace information. Netware&Linux - From the file server console prompt, type:

SET DSTRACE=ON (this activates the NDS eDirectory transactions screen)
SET DSTRACE=NODEBUG (turns off all preset filters)
SET DSTRACE=+SCHEMA (this will display schema information)
SET DSTRACE=*SS (this initiates schema synchronization)

Once you have enough trace information type the following to turn DSTRACE off.

SET DSTRACE=NODEBUG
SET DSTRACE=OFF

The NDS eDirectory trace screen can be viewed by selecting 'Directory Services' from the list of Current Screens made available by pressing the two keys <CTRL><ESC> simultaneously. Check for the message 'SCHEMA: All Processed = Yes.'

STEP 8 - Repair Local Database

If while following the above outlined Health Check Procedures you encounter DS errors or if you suspect problems with a server's DS database, the Repair Local Database option within DSREPAIR is a valuable tool to check a server's DS database. “Repair Local Database” checks the integrity of the database and fixes any problems it encounters, as well as reports information that may be useful. “Repair Local Database” does not need to be run at either a specific time or specific interval. It should be used in accordance with your organization's specific needs or used as a tool to maintain DS databases. Netware&Linux - Load DSREPAIR | Advanced Options | Repair Local DS Database or Netware&Linux - Load DSREPAIR | Unattended Full Repair

You could leave a comment if you were logged in.
edirectoryhealthcheck.txt · Last modified: 2021/09/24 00:24 (external edit)