The section contains problems you may encounter during the eDirectory 8.8 configuration.
When eDirectory is configured to listen on loopback addresses, the loopback addresses are stored and returned to the clients when they perform searches and other operations. The referrals are not applicable to the clients that attempts to connect from the machines other than the server. Therefore, the clients fail to connect by using those loopback referrals. However, the other referrals returned by the server still work for the clients.
Trying to connect to each loopback referrals and then choosing the correct referrals could affect the performance of the clients.
To workaround: select only one interface that eDirectory can communicates on; do not select the loopback interfaces during the install.
While configuring eDirectory 8.8 on Linux, you might get the Tree name lookup failed: -632 error. To resolve this, perform the following steps:
After installing the SLP package, ensure that you manually start SLP as follows:
After uninstalling the SLP package, ensure that you manually stop SLP as follows:
You cannot add a new server into a context if its fully qualified DN length is more than 255 characters. The length restriction applies to a fully qualified DN and not to the context length. The fully qualified DN of any object can have a maximum of 255 characters.
After installing eDirectory, you should configure your environment to exclude the DIB directory on your eDirectory server from any antivirus or backup software processes. If you do not exclude the DIB directory from processes of this type, you may encounter corrupted DIB files or -618 FFFFFD96 INCONSISTENT DATABASE errors.
Use the eDirectory Backup Tool to back up your DIB directory. For more information about backing up eDirectory, see NetIQ eDirectory 8.8 SP8 Administration Guide.
eDirectory ndsconfig displays the following error on RHEL 32-bit system.
error while loading shared libraries: /opt/novell/lib/libccs2.so: cannot restore segment prot after reloc: Permission denied
To workaround the issue: Run the following commands.
chcon -t textrel_shlib_t '/opt/novell/eDirectory/lib/libsal.so.1.0.0'
chcon -t textrel_shlib_t '/opt/novell/lib/libccs2.so.2.7.6'
Consider a scenario where eDirectory 8.8 SP8 has both IPv4 and IPv6 configured and only one of the them (for example, IPv4) has an entry in the /etc/hosts file, and the other interface is accessible from a remote machine. If you configure eDirectory to listen on both the IPs, the IP AG certificate is generated only for the IP that is listed in the /etc/hosts file. In this example, it is generated for IPv4.