Disclaimer: THIS IS NOT SUPPORTED BY NOVELL. This procedure requires the use of a tape backup system that may not be supported by Novell. Any failure in that system, or the procedures lain out in the following, is the responsibility of the customer.
Note: This process will allow you to merge the tree with the original in the future, unlike other procedures.
1. Place a Read/Write replica of ALL partitions (no exceptions) in the tree on the server designated to be the primary NDS server in the child tree.
2. Verify the parent tree is in good health. Ascertain that you have implemented the latest version of NDS and DSRepair on all your servers. Use DSRepair to make sure that all servers are communicating and in sync (Report and Time Synchronization). In advanced options run Check External References to make sure there are no obituaries with the MOVE_INHIBIT flag set. If this is the case, stop here and determine why this obituary isn't clearing. Ideally there should be no obituaries, but it is possible to proceed if some do exist, but none can have that flag set.
3. Also consult the articles "Maintain a Healthy NDS Tree" parts one and two in the August and October 1997 issues of Appnotes, respectively, for further tests you can run to make sure your tree is healthy.
4. Backup trustee rights on the volumes of all servers that will be installed into the new tree. This can be done using an SMS-compliant backup application or the TBACKUP utility that can be downloaded from the Novell Support Connection site.
5. Backup the NDS, on that server holding a copy of all partitions, with an SMS compliant tape backup system.
Note: This will give you a contextual tape backup of all the objects in your current tree except the root. This should allow you to restore into a vanilla tree without causing collisions of creation timestamps. Also, installing a new tree will ensure that those objects will have different creation timestamps and the subsequent tape restore of the NDS will restore the objects with new creation timestamps.
6. Make a backup DIB set of the NDS database on the server in advanced options in DSRepair. Continue doing so along this process as desired, naming the file differently each time. If you make a non-reversible mistake (especially in step 5) you have two choices: you will need to open an incident with Novell Technical support for a technician to dialin to the server and restore the NDS DIB set you backed up, or you can remove NDS from this server and re-install it back into the parent tree, and start the process again from the beginning. If contacting Novell tech support is not an option, disregard this step (and be careful!). If you do have to contact support for this, keep in mind that the technician will evaluate your circumstances and will choose whether or not to proceed at his/her discretion.
Do not proceed if any servers in the tree aren't in sync or communicating, or if DSRepair is reporting errors of any kind.
Procedure for splitting the old NDS server and placing it in the new tree:
1. Remove DS from the server which will host the new tree.
2. Disconnect designated NDS server of the child tree from the rest of the network and place it on its own isolated hub/switch with an administrative client attached. This server must not communicate with any server on the network until you are told to put it back on the network in steps below.
Note: This is a precautionary measure to ensure that no collisions take place between the main tree and the new one.
3. Install DS and create the new tree making sure a unique tree name is used.
3.a Restore the previously backed up NDS onto the new / moved server
4. Using NWAdmin verify that all lower containers and objects are accessible.
5. Remove all server objects - except the new master server - from tree with NDSManager. This may take some time, especially for large trees. The larger the tree the more disk activity will take place on the server while NDS readjusts its database, which may cause bursts of high utilization for short periods of time. Be patient and wait it out. Wait for the server to settle down each time before removing the next server.
8. Remove all unknown objects from tree in NWAdmin, such as volume objects.
9. Change time configuration to Single, remove configured time sources. If you want to have primary and reference servers in the new tree that's fine, but keep it simple for now and make those changes later.
11. Run an unattended full repair. Re-run this operation until it reports zero errors. If certain errors should persist, troubleshoot each individually and do not proceed until they are all corrected.
12. Login to new tree, verify health of new tree and all DS operations complete.
**If the new tree name is not unique this can cause collisions when your reconnect this tree to the network.
13. If tree health is good (using above steps) and ParentTree Cleanup is finished, put server on network.
14. Verify servers can see each other.
These steps may be performed concurrently with the previous set of instructions, or consecutively (recommended). If you make a mistake or abort anywhere while in the
split process and have to re-install the DS server back into the original tree, you need to do the following cleanup steps BEFORE putting it back.
ParentTree Cleanup
1. Remove all instances of server in replica rings, if any. Use DSRepair for this operation on the servers in parent tree with a Master replica of any and all partitions.
2. Remove new DS server from tree using NDSManager, if there.
3. Remove unknown objects in current tree with NWAdmin.
4. Check health of tree as in Preparatory procedure above.
At this point you are free to add additional servers to the new child tree. Simply remove directory services from these servers, then install each into the new tree. Afterward you will have to restore the trustee rights from tap backup or manually. You may also re-fashion the new tree as desired. You will also need to re-create any print queues since the volume IDs of the volumes they originally referenced will have changed (assuming they exist at all).
NOTE: The above is a practical example of how a portion of an NDS tree can be split off from a parent tree to form a new one. This procedure is designed for larger trees where the servers involved are spread across remote sites for which the communications apparatus cannot be disabled or altered while the new tree is being formed. This methodology was derived from a real-world implementation of a tree split in a production environment.
Bear in mind that Novell Technical Support does not fully endorse methodologies of splitting trees other than creating a new tree from scratch and re-creating the original objects therein. The user must assume the burden of risk by doing it any other way, including this approach. However, if you follow these steps carefully and with due caution, fully reviewing each step before proceeding, the results should be satisfactory.
.
|