DSfW Migration – OES 11 SP1 to OES11 SP2

DSfW Migrations can be tricky if you do not follow the documentation carefully.  I created two videos that take you through the process of a successful migration.  The videos do not cover the pre-migration.  For the pre-migration you want to ensure the tree and DSfW server specifically is healthy.

The key is to install and configure eDirectory with the pre-migration pattern on the target server using the Software Management tool provided by the YaST utility.  DO NOT Use the OES Install and Configuration utility.  This is the key piece most people miss.  If you use the OES Install and Configuration utility the DSfW patter will not be able to be installed.  Instead the pre-migration pattern will be layed down, the pre-migration wizard will pop up.  If you continue through the pre-migration pattern eDir will be installed.  You then click on the DSfW pattern to install and it will fail stating eDirectory is already installed.  If you do not configure the pre-migration, just install through the OES Install and Configuration utility, when the DSfW Pattern is checked it will attempt to install and configure DSfW, not a migration server.

Here are key points from the documentation to follow.

  1. Install and configure eDirectory with pre-migration pattern on the target server using the Software Management tool provided by the YaST utility.  DO NOT Use the OES Install and Configuration utility.

  2. If the source server has proxy user configured for services such as LUM, see Section 32.0, Migrating Proxy users to OES 11 SP2.

  3. Install the DSfW pattern on top of the preexisting patterns and follow through with the pre-migartion pattern.  If you are prompted to install the and configure DSfW you have not installed the pre-migration pattern with the Software Management utility.

  4. Reboot the target server.

  5. Ensure that you have copied the SSH keys to avoid multiple password prompts:

    1. Enable SSH on the source server and the target server.

    2. Enter the # ssh-keygen -t rsa command on the target server.

    3. When you are prompted to enter the file in which to save the key, press Enter.

      The ssh keys are stored in the default location (/root/.ssh/id_rsa).

    4. When you are prompted to enter the passphrase, do not enter a passphrase.  Press Enter.

    5. Copy the key value (the output of the # ssh-keygen -t rsa command) to the source server using the following command:

      ssh-copy-id -i /root/.ssh/id_rsa.pub root@

      Where -i /root/.ssh/id_rsa.pub is the output of # ssh-keygen -t rsa command and the ip address is for the source server.
  6. Run the DSfW migration script on the target server. The purpose of this script is to migrate the DSfW-specific data to the target server.

    /opt/novell/xad/sbin/migrate_dsfw.pl — source= –all

    The ip address is for the source server.

    The migration script invokes the miggui tool.

    The Transfer ID operation migrates eDirectory, LUM, and other associated services of the source server.  Once you get to the Reinitialize Server you are home free.  You can run ndsconfig upgrade for the eDir upgrade and Critificate.  Lum can be skipped and fixed later.  For more information, see Section 10.4, Select the Source and Target Server and the Migration Type.

    The migrate_dsfw.pl tool is broken into three parts, premig, MIGGUI, and postmig.  If the migration looks to have completed, but upon reboot the DSfW services are not availble, specifically xad-krb5 and xadsd, it will be necessary to run the tool with –postmig.

    /opt/novell/xad/sbin/migrate_dsfw.pl — source= –postmig

  7. Reboot the target server.

  8. After you reboot the server, you are prompted to configure additional features like WINS and Sites. This can be done using the DSfW Feature Configuration Wizard.  If it does not start it can be manually started using the command /opt/novell/xad/sbin/provision_dsfw.sh

  9. Click Next.

  10. On the task list page, click Run to manually execute a task or click Run All to execute all the tasks sequentially without any manual intervention.

  11. After you complete executing the DSfW Feature Configuration Wizard, you must verify if all the daemons are up and running by executing the following command:

    xadcntrl status

  12. Run the following command to verify if the schema has been extended, rights on the domain controller objects have been added, and the unique domain id on the domain root has been added.

    /opt/novell/xad/sbin/domaincntrl –preps

Comments are closed.