Problem: How do I bind eDirectory to the new IP address on the new card added (second NIC added after the eDirectory configuration).

There might be deployments where initially eDirectory is configured on a server with a single NIC. Later, if another NIC is added to it, how do we ensure that eDirectory is bounded by this new IP address as well, along with the existing IP address. One way is to make multiple instances with custom ports and the second NIC. In such a case, the administrator has to manage multiple trees.

Solution: One can associate the same instance of eDirectory to multiple IP addresses using the following the steps.

  1. Set the ncp port to the new ip address along with the existing.

    Example: ndsconfig set n4u.server.interfaces=164.99.156.15@524,164.99.156.14@524
  2. Set the http port to the new ip address along with the existing.

    Example: ndsconfig set n4u.server.interfaces=164.99.156.15@8028,164.99.156.14@8028
  3. Set the https port to the new ip address along with the existing.

    Example: ndsconfig set n4u.server.interfaces=164.99.156.15@8030,164.99.156.14@8030

In the above example, 164.99.156.15 is the first NIC with which eDirectory is initially configured and 164.99.156.14 is the NIC that is added later.

Note: There is no need to set the TCP-389/TLS-636 ports because by default it listens on all. The above can also be done by editing the values of nds.conf. One has to restart eDirectory using /etc/init.d/ndsd restart to make the above changes of associating the instance with the IP addresses take effect.

 

 

1 vote, average: 1.00 out of 51 vote, average: 1.00 out of 51 vote, average: 1.00 out of 51 vote, average: 1.00 out of 51 vote, average: 1.00 out of 5 (1 votes, average: 1.00 out of 5)
You need to be a registered member to rate this post.
Loading...Loading...
Tags:

Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment.  It just worked for at least one person, and perhaps it will be useful for you too.  Be sure to test in a non-production environment.

Leave a Reply

3 Comments

  • rkrishnan says:

    Very helpful!

  • lhaeger says:

    Hey, you’ve got the ndsconfig parameters slightly wrong, should be three different ones instead of only n4u.server.interfaces over and over again:

    n4u.server.interfaces=164.99.156.15@524,164.99.156.14@524
    http.server.interfaces=164.99.156.15@8028,164.99.156.14@8028
    https.server.interfaces=164.99.156.15@8030,164.99.156.14@8030

    Anyway, I always change those parameters to

    n4u.server.interfaces=@524
    http.server.interfaces=@8028
    https.server.interfaces=@8030

    on my servers, so Edirectory listens on all available interfaces, even on dynamically added virtual ip addresses. Simply run “sed -i.bak ‘s/=..*@/=@/g’ /path/to/nds.conf && rcndsd restart” as root…

    Some reason *not* to do that would be
    a) multiple edir instances on a single server (same ports, different ip addresses) or
    b) if you have to prevent Edirectory to bind to a specific interface

    Finally, there’s a similar parameter for the LDAP interface, check “ldapconfig get” for the current settings.

  • MARVHUFFAKER says:

    You should fix the syntax in the original post. It is horribly inaccurate and worthless. Furthermore frustrating to realize it’s wrong after you’ve followed it, then have to troubleshoot and figure out the whole thing was wrong. The comments are helpful but nobody should have to rely on the comments when the original cool solutions article should suffice.

By: smamatha
Apr 21, 2010
5:27 pm
Reads:
1,591
Score:
1