Monthly Archives: July 2012

OES11 SP1 Beta released

The OES11 SP1 Beta has been publicly released
Check it out if you are interested in seeing some of the new features in OES

The big news for Domain Services for Windows is the simplified install.
The install allows for a simplified install
For the simplified install the YaST configuration screens have been minimized.
The first screen start with what type of install instead of the eDirectory screen.
Some screens have been eliminated and common default values are used automatically making the install less confusing.

Plus it runs on SLES11 SP2

For more info see

The ISOs can be found here:

The documentation can be found here:

Delete an attribute on all users with a script

Here is the bases of a script to delete an attribute on a user.

I come across issues where an attribute was populated on several users that shouldn’t be there or you want to create new objectsids or just remove the existing objectsids and replace them with a back up.

Most DSfW installs are a name mapped install meaning the install is mapped to an existing container in the tree.  If this is the case the domain name most likely will not patch to context in the tree and most likely the objectclass wit not be domain.  An example of a domain with the name of mapped to a container with an objectclass of Organization (o=novell) and not domain (dc=novell).  Even it if is a dc most likely the fdn does not match the domain name.  Continuing with our example of that would… Continue reading

Script to monitor DSfW processes and restart services

If a DSfW server running DNS has a DSfW specific process stop or crash a quick stop gap mesure is to monitor the DSfW processes and restart them if one or more of the DSfW processes stop.  I created a simple script that will check that a pid exists for each process.  The script is called  While it does not restart DSfW in every condition like if a process continues to run but is not responding or say a process crashes but the pid is never cleaned up, it does work for most situations.

Create a cron job to run the script every hour, 30 minutes, 10 minutes, what ever you desire.  My recomendation is to not go below 5 minutes since eDirectory might take several minutes to stop and start again.

To create a cronjob use the crontab command with the -e… Continue reading

Backup ObjectSid

For a disaster recovery issue it might be necessary to have a backup of all objectsSids for users and computers.

Here is a simple script to create a ldif file that is ready to import and replace existing objectsids.

Since computers have an objectclass of user setting the filter to “(&(objectclass=user)(objectsid=*))” will return all users and computers with an objectsid.  The base can be set to the domain name context (ex: dc=domain,dc=com) if this is ran from a DSfW server other wise use the standard context in eDir (ex: o=novell) assuming this is a name mapped install and the context does not use dc objectclass.



ldapsearch -x -LLL -H ldaps://localhost:636 -D cn=admin,o=novell -W -b “o=novell” -s sub “(&(objectclass=user)(objectsid=*))” dn objectsid|sed s[objectsid[‘changetype:modify\nreplace:objectsid\nobjectsid'[g | grep -v ^# > Objectsids_restore.ldif

exit 0