7.1 Configuration Utilities

7.1.1 The ndsconfig Utility

You can use the ndsconfig utility to configure eDirectory. This utility can also be used to add the eDirectory Replica Server into an existing tree or to create a new tree. For more information, see Using the ndsconfig Utility to Add or Remove the eDirectory Replica Server.

NOTE:Ensure that the NCP server name is unique in the network.

To change the current configuration of the installed components, use the following syntax:

ndsconfig {set value_list | get [parameter_list] | get help [parameter_list]}

Refer to Configuration Parameters for a description of ndsconfig parameters.

IMPORTANT:After installation, ensure that you run the ndsconfig utility from the installed location on the server, which is /opt/novell/eDirectory/bin by default. Do not run ndsconfig from the installation package.

7.1.2 Using LDAP Tools to Configure the LDAP Server and LDAP Group Objects

You can use the LDAP tools included with eDirectory on Linux computers to modify, view, and refresh the attributes of LDAP Server and Group objects.

For more information, see Using LDAP Tools on Linux in the NetIQ eDirectory 8.8 SP8 Administration Guide.

7.1.3 Using the nmasinst Utility to Configure NetIQ Modular Authentication Service

For eDirectory 8.8, by default, ndsconfig configures NMAS. You can also use nmasinst to configure NMAS.

ndsconfig only configures NMAS and does not install the login methods. To install these login methods, you can use nmasinst. For more information, see Using the nmasinst Utility to Configure NMAS.

7.1.4 Customizing eDirectory

Using the ndsd init Script

The ndsd init script starts the daemon when the system starts with the configuration parameters from the default configuration file, /etc/opt/novell/eDirectory/conf/nds.conf.

NOTE:You should not use the /etc/init.d/ndsd script in the systemd environment . Systemd is currently supported with SLES 12 and RHEL 7 platforms only. For more information, see Using eDirectory on SLES 12 and RHEL 7 Platforms.

Before starting ndsd, ensure that any SLP (Service Location Protocol) agent is running on the host. You can install OpenSLP, any native SLP available with your operating system, or NetIQ SLP.

NOTE:To start eDirectory, use the ndsmanage utility.

To start ndsd, run /etc/init.d/ndsd start.

To stop ndsd, run /etc/init.d/ndsd stop.

The eDirectory configuration creates the following shell scripts in the /opt/novell/eDirectory/sbin location:

  • pre_ndsd_start

  • post_ndsd_start

  • pre_ndsd_stop

  • post_ndsd_stop

As the name indicates, the pre_ndsd_start script is executed before the ndsd binary is started by the /etc/init.d/ndsd script. The post_ndsd_start script is executed after the ndsd binary is started by the /etc/init.d/ndsd script. Similarly, the pre_ndsd_stop and post_ndsd_stop scripts are executed before and after stopping the ndsd process, respectively.

You can add commands of your choice to these scripts to get them executed. By default, the post_ndsd_start script has commands to ensure that /etc/init.d/ndsd comes out after ensuring that the LDAP services are up and running.

NOTE:You must add all the environment variables required for the eDirectory service in the pre_ndsd_start_custom script. Exporting of environment variables on terminals or /etc/init.d/ndsd script is not used by eDirectory.

Using eDirectory on SLES 12 and RHEL 7 Platforms

eDirectory starts the daemon when the system starts with the configuration parameters from the default configuration file, /etc/opt/novell/eDirectory/conf/nds.conf.

Before starting ndsd, ensure that any SLP (Service Location Protocol) agent is running on the host. You can install OpenSLP, any native SLP available with your operating system, or NetIQ SLP.

To start or stop eDirectory, use the ndsmanage utility.

The eDirectory configuration creates the following shell scripts in the /opt/novell/eDirectory/sbin location:

  • pre_ndsd_start_custom: Use this script for custom addition of commands before executing eDirectory.

  • post_ndsd_start_custom: Use this script for custom addition of commands after executing eDirectory.

  • post_ndsd_stop_custom: Use this script for custom addition of commands after stopping eDirectory.

NOTE:Do not use any of the factory scripts from the /opt/novell/eDirectory/sbin / location. The eDirectory configuration will use the factory scripts. To include additional commands of your choice, use custom scripts.

Enabling Non-Root Instances of eDirectory to Start at Server Boot

eDirectory instances from a non-root install do not start automatically. To enable the non-root instances of eDirectory to start automatically when the server is restarted, perform the following steps:

  1. Create a start script.

  2. Type the following command into the script:

    su - user1 -c"/home/user1/eDirectory/opt/novell/eDirectory/bin/ndsmanage startall

    In the above example, eDirectory is running as non-root user1 using the ndsmanage script found in /home/user1/eDirectory/opt/novell/eDirectory/bin/ndsmanage path.

  3. Save the file.

  4. Give appropriate permission to the root user to execute the script.

  5. Create symbolic links to the start script using the following commands:

    ln -s /etc/init.d/ndsstart /sbin/rcndsstart
    ln -s /etc/init.d/ndstart /etc/init.d/rc2.d/S10ndsstart
    ln -s /etc/init.d/ndstart /etc/init.d/rc3.d/S10ndsstart
    ln -s /etc/init.d/ndsstart /etc/init.d/rc5.d/S10ndsstart

Now if the server is rebooted, all non-root instances of eDirectory will start automatically.