O C T O B E R   1 9 9 6
N O V E L L  A P P  N O T E

SERVER MAINTENANCE
Maintaining NDS Information for a NetWare 4.11 Server During a Brief
Shutdown or Hardware Upgrade


The NetWare 4.11 INSTALL.NLM utility includes several new options to help you
preserve Novell Directory Services (NDS) information when you need to bring
down a server for maintenance operations. The new options are found by
selecting "Directory options (install NetWare Directory Services)" from
INSTALL's main menu and then selecting "Directory backup and restore options"
(see Figure 1).

These options offer the same functionality that DSMAINT.NLM provides for
NetWare 4.1 servers. These enhancements to the INSTALL utility address two
cases of planned server outages: shutting down a server temporarily, and
upgrading server hardware.


Maintaining Server Object References During a Brief Shutdown

At times, it is necessary to remove a NetWare Server object from the NDS tree
for a brief period of time. For example, if an authentication key is
corrupted, it is necessary to reinstall NDS on the server. During the
uninstall process, the Server object is removed from the tree and other
objects that reference the Server object in their required attributes can
become Unknown objects. A similar type of problem can occur with services
such as printing that are associated with a physical server. If the server
referenced in a Queue object's Host Server attribute is removed, the Queue
remains a known object but it is useless because it has lost the link to the
queue directory on the server.

With the enhanced INSTALL, you can avoid losing objects and ease re-
installation by substituting references to the server with references to
another object that you create for this purpose. After reinstalling NDS on
the server, you can use INSTALL to replace these references to the server in
other objects' Host Server, Host Device, or Message (Default) Server
attributes.


Here are the steps for performing this procedure:

     Note:You must have at least two servers on your network in order for
          this procedure to work.

     1. Load INSTALL.NLM on the server you are going to shut down. Select
        "Directory options" and then "Remove Directory Services from this
        server." When prompted, enter the Admin username and password.

     2. INSTALL displays the prompt "Enter the placeholder object
        distinguished name" with the name of the current server listed as a
        default. This is where you select another object for "holding" the
        server references. The object you use must not be a NetWare Server
        object, but it can be an existing User object. The user object you
        have logged in as would be an appropriate choice. Enter the object's
        full distinguished name; for example, .CN=Admin.O=ABC.

     3. The next prompt is "Change from which distinguished name and below"
        with the default of [Root] displayed. This is where you enter the
        full distinguished name of the container where you want to begin
        searching for objects that reference this server's NetWare Server
        object. In most cases, you should leave this option set to [Root].

        If this server holds a master replica, INSTALL will prompt you to
        select an option to switch the master replica to another server in
        the replica ring.

     4. At this point, you can continue the process of removing Novell
        Directory Services and bringing down the server.

     5. Once you have completed the required maintenance operation on the
        server, reload INSTALL and select "Directory options", followed by
        "Directory backup and restore options." Select the "Restore
        references from another object to this server" option to reverse the
        substitutions made previously in Steps 2 and 3. You will again be
        required to provide the full name of the temporary object that is
        holding the references.

        Note: INSTALL automatically removes volume IDs from the physical
              volumes on the server so that Volume objects are not removed
              during an uninstall.



Upgrading Server Hardware

There are times when a server requires an upgrade that does not affect the
server as an NDS object. For example, the SYS volume may be physically
located on an old hard disk drive that needs to be upgraded. In these
situations, you no longer need to uninstall NDS from the server. You can use
INSTALL to save NDS information in preparation for the planned hardware
upgrade of the server. After the upgrade, you can restore this NDS
information to the server with INSTALL.

Before you run INSTALL, you should have a current backup of the entire
server.

The "Save local DS information prior to hardware upgrade" option prepares the
NDS information on this server prior to the upgrade. When you select this
option, INSTALL creates a file called BACKUP.NDS in the server's SYS:SYSTEM
directory. This file stores all the NDS information for this server,
including replica information. This file should be included in backup
procedures before bringing the server down.

Using this option locks and disables the NDS database on this server,
preventing any data changes from taking place. To other servers that normally
communicate with this server, the server appears to be down. Any NDS
information that normally is sent to the locked server is held by other
servers in the tree; when the server comes back online, this "stored"
information is used to resynchronize the server.

Because other servers in the tree are expecting the server to come back
online quickly, you should not plan to take several days to upgrade the
server. Complete the upgrade promptly and restore NDS information on the
server as soon as possible.

The "Restore local DS information after hardware upgrade" option uses the
BACKUP.NDS file created by the "Save local DS information..." option to
restore NDS information on this server. Before the NDS information is
restored, INSTALL verifies that the server is in the same relative state as
before the upgrade. INSTALL verifies that the server's object and
authentication keys still exist and that the server still exists in all the
replica rings for copies that were on this server before the upgrade.

It is important that NDS partition and replica information remain consistent
during the entire upgrade process. No replicas should be added or removed,
nor should any replica/partition types be changed during this time. Likewise,
no existing servers should be uninstalled and reinstalled, nor should any new
servers be installed until the Save and Restore procedure is complete. If
consistency of the tree (including partitions, replicas and placement of
replicas, and servers) is not maintained, the INSTALL verification process
will return a -601error during the Restore phase and the process cannot be
completed.

As always, be aware of the dependencies that other servers currently have on
the server you are upgrading. Take into consideration processes such as NDS
time synchronization. If the server plays an crucial part in the time
synchronization of the NDS tree (for example, if it is a Reference time
provider), you need to reassign the time server functions and responsibilities
to another server before you run INSTALL. Check to make sure the tree has
valid time synchronization status before continuing. (See TID 2908156 "Time
Synchronization Issues and Definitions" and TID 2911661 "Changing Time Source Type" for additional information. Both documents are available on the World Wide Web at http://support.novell.com.)

Before starting the procedure, use NDS Manager to verify the integrity of the
tree and the synchronization status of the partitions/replicas that the
candidate server contains. Resolve any errors before continuing. (See the
NetWare 4.11 document-ation for instructions.)

Note: For this procedure, you need at least two NetWare servers in your NDS
      tree and replicas of all partitions contained on the candidate server.

Here are the steps for performing this procedure:

1. If you already have a current backup, log in from a client workstation as
   Admin. Skip to Step 3.

2. If you don't have a current backup, use an SMS-compatible backup program
   to do a file system backup of the server's volume(s). For additional
   information on backup and restore, refer to "Backing Up and Restoring NDS
   in NetWare 4.11" in this issue of AppNotes.

3. Load INSTALL and choose "Directory options" from the main menu, then
   select "Directory backup and restore options".

4. Select the "Save local DS information prior to hardware upgrade" option
   and authenticate as prompted. The BACKUP.NDS file is created in the
   server's SYS:SYSTEM directory.

5. When prompted to copy the file, choose the path. The default is A: for
   copying to a diskette. Press <F3> to specify a different path. Type the
   second server's name and path, and authenticate to the remote server as
   prompted.

6. Exit the INSTALL utility.

7. Bring down the server and perform the hardware upgrade. 

8. Start up the INSTALL utility again. When prompted to select an NDS tree,
   don't. Press <F5> instead, and then press <F3>.

9. Choose the "Restore local DS information after hardware upgrade" option.
   When prompted for the file path, press <F3> and enter the path to the
   BACKUP.NDS file on the second server. Re-authenticate as prompted. The
   correct NDS information will be restored to the server.

10. Load TSA410.NLM on the server and start your backup program. From the
    backup performed in Step 2, restore data to any volumes that were affected by the hardware upgrade.
          

Permanently Removing a Functional Server from an NDS Tree

Customers frequently ask about the proper way to remove a NetWare 4 server
from the network. It is important to remember that NetWare 4 is a distributed
network environment in which servers are constantly communicating with each
other. If you need to permanently remove a functioning NetWare 4 server from
an NDS tree, it must be done properly using INSTALL.NLM. Do not just
disconnect the server from the network! If a server is removed incorrectly,
it could cause NDS synchronization problems.

   Here are the steps:

   1. Load the Install utility by typing LOAD INSTALL.

   2. From the Installation Options menu, select "Directory Options (install
      NetWare Directory Services)."

   3. From the Directory Services Options menu, select "Remove Directory
      Services from this server." Answer "Yes" to the confirmation prompt,
      and type the password for an administrative user when prompted.

   4. Respond to the on-screen prompts to continue through the process.
      INSTALL checks to make sure it is safe to remove NDS from the server.
      If the server holds a master replica, the utility will take care of
      placing the master on another server and changing this one to a
      read/write replica. If no downed servers or links to servers in a
      replica list exist, INSTALL removes NDS and deletes the Server object
      and its associated Volume objects from the tree. When this process is
      finished, press <Esc> to exit Install.

   5. In NETADMIN or NWAdmin, confirm that the Server object and its
      associated Volume objects have indeed been removed from the tree.