I ran into a few hitches yesterday, that I hinted at. The first thing I ran across is that I don't understand how OpenSSL and NovellPKI work together. I got asked during the install to create a Certificate Authority. I got side-tracked in the mind-set of, 'there is only one CA per tree, and this isn't it', and didn't create one. This got me later when it didn't export some key SSL file and apache2 wasn't able to load.
So I removed edir from the server and tried the install again.
Where I came upon my second problem. Specifically, ndsconfig does not remove edirectory nearly as well as NWCONFIG does on NetWare. There were objects scattered hither and thither that prevented a successful reinstall of edir on the same server name. Objects like LDAP Server objects, and SAS objects. To get edir reinstalled successfully I had to manually delete all the extra objects.
This is a problem I ran into during testing, I just forgot I ran into it before I headed over to the other data center. Oops.
The third problem were the post-SP updates. Since SP2 was released in January, there have been a LOT of patches since then. 1.7GB worth of patches. Good thing I work for an Educational institution with fat pipes and was performing the update during an intersession when traffic is very light. Aye. THAT didn't give me any grief at all, happily.
Since SP2 came out, it looks like we've been averaging something like 2.3 patches per day inclusive of weekends. That's a lot. That's more than Microsoft in the bad old days before they came up with the Patch Tuesday concept. So once again I blow the dust off of procedures I used back then:
The other thing I forgot was the cardinal rule of doing ANYTHING with Linux:
Tags: novell, OES
So I removed edir from the server and tried the install again.
Where I came upon my second problem. Specifically, ndsconfig does not remove edirectory nearly as well as NWCONFIG does on NetWare. There were objects scattered hither and thither that prevented a successful reinstall of edir on the same server name. Objects like LDAP Server objects, and SAS objects. To get edir reinstalled successfully I had to manually delete all the extra objects.
This is a problem I ran into during testing, I just forgot I ran into it before I headed over to the other data center. Oops.
The third problem were the post-SP updates. Since SP2 was released in January, there have been a LOT of patches since then. 1.7GB worth of patches. Good thing I work for an Educational institution with fat pipes and was performing the update during an intersession when traffic is very light. Aye. THAT didn't give me any grief at all, happily.
Since SP2 came out, it looks like we've been averaging something like 2.3 patches per day inclusive of weekends. That's a lot. That's more than Microsoft in the bad old days before they came up with the Patch Tuesday concept. So once again I blow the dust off of procedures I used back then:
- Identify the patch.
- Assess if we have the package that is being patched.
- Determine if the behavior addressed by this patch is one we'll ever run in to.
- Based on 3, decided if this is a Patch Now, or Patch Normally patch.
The other thing I forgot was the cardinal rule of doing ANYTHING with Linux:
Thou shalt have internet access and a browser. Yea, verrily, yea.I didn't. I assumed, wrongly, that the Windows servers next to my patient would be usable. Those four are running headless. Oops. Ah well.
Tags: novell, OES