My Most Common Problems with OES

A Personal Odyssey with Johnnie Odom I Come To Praise OES

Open Enterprise Server: The only Linux-based solution with enterprise-level organizational awareness and cross-platform client capabilities. Combines the entire open source SuSE stack with robust proprietary services. Consider making every Linux server an OES server: Novell Remote Manager (NoRM), eDirectory users / LUM, NCP maps on the fly, included clustering, NLVM. SR#1006660666

What if I based a session around my OES SRs? Tracing through, a few interesting trends arise. We’ll ignore SRs based on my own stupidity. Oldest Open SR: 17 December 2010. We’ll save the DNS items for a few hours hence. The eDirectory Mafia

Most problems had eDirectory at their root -- it was crashing or not communicating. What happened? OES and eDirectory are two very different teams and now at two different companies. Impossible to test edge case combinations. In the end, lots of traces and core dumps. (TID 3054866 for core dumps.) Beware App-Armor. It makes things even more confusing. The Xtier Black Hole

Xtier: The layer that shims eDirectory to applications. How do we turn debugging on? Where is the documentation? The Unbearable Lightness of LUM

What just happened to my webserver? wwwrun disappeared. Set it up, run namconfig cache_refresh every now and then? Or maybe namconfig -k to check certs? Or maybe edit nam.conf and redo the entire thing? And why are there so many Unix Configuration objects floating around? Support: Why do you have so many LUM users? The Oompa Loompa Users

Choose your setup account carefully. It can never change. Use the common proxy. If you have upgraded a server from OES 2.2 or earlier, be sure to run /opt/novell/proxymgmt/bin/ create_common_proxyuser.sh and turn on as many services as possible. Check Universal Password rules for any “robot admin” user. Make sure that they can retrieve passwords. The Troll at the Installation Bridge

Sometimes eDirectory doesn’t want to finish YaST configuration. Obviously, the first things to check are eDirectory health and whether a previous install was not cleaned up. How far did we get? If not far, try point to another replica server. If very far: SSH into machine and check ndsstat. Did the server object and certificates get created? Can we just prod /etc/ sysconfig/novell/edir and set SERVICE_CONFIGURED to yes? Don’t try to do anything else if eDirectory cannot be shown to be up. America’s Favorite Gameshow

WILL-IT-BOOT? If your boot devices are not referenced by label, weird things will happen on updates, especially if you have a separate /boot. If rcnovell-xregd or rcnovell-xsrvd don’t start, you aren’t getting anything else. Especially NSS. Check LUM again. And let’s not get started on file system questions. Well, maybe for a moment. The Migration Habits of the Western NCP Server

Migration wizard generally works well. Some problems with dependencies (the dreaded “ruby” message), but it is one of the best-tested OES services. Do we need to migrate? On the other hand, for some services it might be much better just to set up your new server and add a secondary IP and DNS name later. You did use DNS for everything, right? Specifically: DNS, DHCP, SLP, GroupWise. Migrating a Netware iPrint Broker to an OES Driver Store is a special case. Papers, Please

For proper operation, always keep the server registered with the appropriate update channels. Required: Base OES and SuSE channels. Bonus: SuSE SDK and OpenSuSE Special Case: SuSE Clustering and Once your licenses expire, remember to re-register to keep your channels. Also, every now and then one or both channels vanish anyway. Be wary of receiving updates for only one product. Pick a permanent e-mail for registration. Repeated registration problems: Try /usr/bin/suse_register Just use SMT already. Minor Gripes

Vim. Really? Give me nano. Install locate to take away the pain of files everywhere. rcnovell-httpstkd just dies sometimes. Why is NetIQ LDAP Proxy not included with OES? Harvesting roll forward logs. Architectural Gripes

Some problems are not merely bugs and frustrations. Some cut to the bone. What is OES now? Does it have a theme? Netware replacement? Services on top of Linux? Foundation for other products? (DsFW, Filr) What is OES in the Future? Filr shows one path. So does DsFW. Where’s the rest of it? It Takes An Attachmate Group

Open Enterprise Server: A Novell Product SuSE Linux Enterprise Server: Proudly assembled in Nuremburg of only the finest open source components eDirectory: Stored in NetIQ’s Attic Would you like a copy of Reflection to connect to that? Please see Attachmate. The Holy Roman Empire

NSS, NCP, AFP ported directly. DNS and DHCP Half OSS and Half Novell OpenSLP, NTP, Kernel, all OSS Which CIFS? Tools iManager: The One True eDirectory / OES Interface. Except for ... DNS / DHCP Console. For the OSS. If you want it done right, do it in a Terminal. Unless you can do it easier in YaST. Oh, and iFolder has its own web interface. Don’t tell anyone: ConsoleOne still works. So does NWAdmin. (They’ll come and get me in a second.) Just write some PHP making LDAP calls already. OES Is Persona Non Grata

GroupWise Repositories and NCP. ZCM and Port 8009 SuSE Login Options Platespin P2V Heck, ANY P2V Datasync, Access Manager Backups: Is it Linux or Netware? Maybe just flat files. Core Functionality (iPrint Migration, Certificate Re- creation, Radius mass-config) farmed out to Cool Solutions. Again, I Come to Praise OES

eDirectory as a data store is still the right model. NetStorage is still magic. The AFP Server still scales beyond the competition. NSS and NCP? Perfect when running. See You Soon!

Stick around for OES vs. OS X. Questions? Thank You.