A.1 Modifying the eDirectory Tree and Replica Server

After installing the Identity Vault, you can use the DHost utility to configure the Identity Vault. You must have Administrator rights to use the DHost utility. When you use this utility with arguments, it validates all arguments and prompts for the password of the user having Administrator rights. If you use the utility without arguments, ndsconfig displays a description of the utility and available options.

You can also use this utility to remove the eDirectory Replica Server and change the current configuration of eDirectory Server. For more information, see Configuring the Identity Vault after Installation.

When you use the DHost utility, the following conditions apply:

  • The maximum number of characters allowed for the treename, admin_FDN, and server_FDN variables are as follows:

    • treename: 32 characters

    • admin_FDN: 255 characters

    • server_FDN: 255 characters

  • When you add a server to an existing tree and the context that you specify does not exist in the Server object, the DHost utility creates the context while adding the server.

  • You can add LDAP and security services to the existing tree after installing the Identity Vault.

  • To enable encrypted replication in the server, include the -E option in the commands for adding a server to an existing tree. For more information about encrypted replication, see “Encrypted Replication” in the NetIQ eDirectory Administration Guide.

For more information about using the DHost utility to modify eDirectory, see the NetIQ eDirectory Administration Guide.