D.1 Troubleshooting the Installation Issues

The following table lists the issues you might encounter and the suggested actions for working on these issues. If the problem persists, contact your NetIQ representative.

Issues

Suggested Actions

Installation Takes a Long Time.

When you are installing eDirectory into an existing tree and the installation takes a long time to complete, look at the DSTrace screen on the server. If the -625 Transport failure message appears, you need to reset the address cache

To reset the address cache, enter the following command at the system console:

set dstrace = *A

eDirectory Install Fails for Container Administrators

The eDirectory 9.0 installation program supports installations by administrators who have supervisor rights to the container that the server resides in. In order to handle this, the first server that eDirectory 9.0 is installed into must have supervisor rights to [Root] to extend the schema. From that point on, subsequent servers do not have to have rights to [Root]. However, with eDirectory 9.0, depending on the platform that eDirectory 9.0 is installed in to first, all schema might not be extended, requiring supervisor rights to [Root] for subsequent server installations on different platforms.

If eDirectory 9.0 will be installed on multiple platforms, make sure that you have supervisor rights to [Root] for the first server eDirectory will be installed on for EACH platform. For example, if the first server that eDirectory 9.0 is going to be installed on is running Linux, and eDirectory 9.0 will also be installed on Solaris, the first server for each platform must have supervisor rights to [Root]. Subsequent servers on each platform will only have to have container administrator rights to the container where the server is being installed.

For additional information, see solution NOVL83874 in the eDirectory 8.7.x Readme Addendum

Default Listeners for New Network Interface

On Windows, eDirectory listens on all interfaces configured on the computer for NCP, HTTP, HTTPS, LDAP and LDAPS by default. Adding a new network interface address to the computer, and restarting eDirectory will make it start listening on that address automatically, and have referrals also added correspondingly.

NOTE:On Linux, we need to manually add interfaces to n4u.server.interfaces parameter.

Replication Issues After an Upgrade

When you upgrade to eDirectory 9.0 and enable encrypted replication, replication fails in rare scenarios.

To workaround this issue:

  1. In NetIQ iManager, select Modify Object, then select the NCP Server object.

  2. Under the General tab, select Other.

  3. Add NCPKeyMaterialName from Unvalued Attributes to Valued Attributes with the certificate name. For example, SSL CertificateDNS.

  4. Run Limber on the server where the attribute changed in Step 3. For information about using Limber, see the NetIQ eDirectory Administration Guide.