Novell

This is Your Open EnterpriseTM

eDirectory 8.8 SP3 FTF2 for Linux & Unix

This document (5036121) is provided subject to the disclaimer at the end of this document.

patches this patch supersedes

This patch does not supersede any other patches.

patches that supersede this patch

ProductStatusNext Superceded ByLast Superceded By
Novell eDirectory 8.8.3ObsoleteeDirectory 8.8 SP3 FTF3 for Linux & UnixeDirectory 8.8 SP3 FTF3 for Linux & Unix

Warning: The patch associated with this readme is obsolete; it is no longer available for download.

Continue

patch attributes

Architecture: x86, x86-64
Security patch: Yes
Priority: Optional
Distribution Type: Field Test File
http://download.novell.com/Download?buildid=zGUEnQnnass~

document

Revision: 5
Document ID: 5036121
Creation Date: 2008-11-07 16:09:23
Modified Date: 2009-03-01 22:26:51

technical support

This Field Test File is supported by Novell Technical Services.

abstract

This patch is an update to eDirectory 8.8 Support Pack 3.
This update is being provided to resolve any critical issues found since the original release of the Novell eDirectory 8.8 Support Pack 3.

Platforms: Linux and Unix
Main Module Versions contained in this patch: DS: 20216.87 NLDAP: 20216.76 DSREPAIR: 20214.27

NOTE: THIS PATCH CANNOT BE INSTALLED ON OES 2!!!

MD5SUM: cd5a4ca9d95f4864c75db1c5e9742329

details

PRE INSTALLATION NOTES:

This patch can only be applied to eDirectory 8.8 SP3.

DO NOT INSTALL THIS PATCH TO OES2!!!

This patch assumes the server is using the latest supported Operating Systems and support packs as listed in the product documentation.

This FTF is designated eDirectory 8.8.3 FTF2. This FTF carries the designation of FTF2 because a previous fix for auditing only, the eDirectory 8.8 SP3 Instrumentation Patch, was released earlier. This FTF does not contain that fix.
If the instrumentation fix is required it can be found at: http://download.novell.com/Download?buildid=RH_B5b3M6EQ~

Issues Resolved:

DS
- Browsing a container holding 7000 objects with ConsoleOne would cause the server to go into high utilization (Bug 403278)
- ConsoleOne not showing all objects and an additional sorting fix (Bug 410976)
- Mutex fix to resolve unresponsiveness (Bug 414846)
- Installation hangs at LUM configuration - mutex deadlock fix in flaim (Bug 417236)
- Server core trying to free an uninitialized value (Bug 417619)
- Security Vulnerability - Resolved issue where a NCP heap overflow vulnerability existed. (ZDI-CAN-335) (Bug 396819)
- Nested groups not disabled when setting their nestedConfig value to 1 (Bug 433529)
- NetWare abends when setting the NDS Bindery Mask in Monitor - missing msg file (Bug 411021)
(NOTE: The Description field still shows <<< BAD MESSAGE >>> when setting via the set command)
- Core when running ndstrace and the ndstrace.cfg file is corrupt (Bug 403864)
- Core when running " ndsindex -W "- updated CLDAP SDK (Bug 349954)
- Core when auditing monitored events (Bug 411425)

DSLOADER
- Invalid time value output in dstrace (Bug 415269)

LDAP
- UNIX - Server with login disabled causes intruder count to increase resulting in LDAP client lockout (Bug 288797)
- LDAP server failing with duplicate context -625 errors (Bug 420389)
~ LDAP not rpc compliant for anonymous search request (Bug 412766)

DSREPAIR
- WIN32 - Dhost crashes on Windows when running repair (Bug 374744)

DHOST
- NTLS dumps on Windows (Bug 413022)

DSTRACE
- Invalid error codes in dstrace (Bug 426349)

SAL
-UNIX - IDM engine stops when IDM driver is restarted (Bug 406016)

NDSBACKUP
- Ndsbackup not adding the auxClassCompatibility flag and not timestamping entries (Bug 307559)

INSTALL - After upgrading eDirectory the message, " Background Object Upgrade " [FERR_OLD_VIEW] would never complete (Bug 411721)

=========================================================


LINUX INSTALLATION GUIDE:

This is a manual installation.

WARNING: DO NOT RUN THIS UPDATE ON AN OES 2 SERVER!!!
Determination of whether a server is running OES 2 can be made by typing the following command: " cat
/etc/novell-release " If this command reports "OPEN ENTERPRISE SERVER 2" this server cannot be patched with this
FTF!

Server Requirements:
Server MUST be running eDirectory 8.8 Support Pack 3.
This can be verified by typing " /opt/novell/eDirectory/bin/ndsstat " at a terminal session. The binary version displayed
should be 20216.83 if the server is currently running the initial release of 8.8 Support Pack 3.
NOTE: If the version displayed is earlier the server must be upgraded to eDirectory 8.8 Support Pack 3 prior to applying
this FTF.

Pre-Installation checklist:
1. Run a health check on the tree to ensure there are no current problems with this or any other server in the tree.
2. IMPORTANT! You should make a backup of the server's eDirectory database AND NICI files. Among other methods,
this can be done by stopping NDSD, " /etc/init.d/ndsd stop " and creating a tarball achive of the eDirectory instance(s)'s
database ../dib and NICI directory . NOTE: An eDirectory 8.8.3 database will not load without the ORIGINAL NICI files.
Example (assuming the default database location was selected during the original installation):
" /etc/init.d/ndsd stop "
" cd /var/opt/novell/eDirectory/data " " tar -cvzf ndsbackup.tgz dib "
" cd /var/opt/novell " " tar -cvzf nici.tgz nici "
Also make a copy of the following files:
/etc/opt/novell/eDirectory/conf/nds.conf


/etc/opt/novell/eDirectory/conf/ndsimon.conf
/etc/opt/novell/eDirectory/conf/ndssnmp/ndssnmp.cfg (if it exists)
/etc/opt/novell/eDirectory/conf/ndssnmp/ndstrap.cfg (if it exists)
/var/opt/novell/eDirectory/data/dib/_ndsdb.ini (if it exists)
3. Ensure this server has eDirectory 8.8 Support Pack 3 installed.

Installation:
1. Log in as a user with root privileges on the host.
2. Stop NDSD. "/etc/init.d/ndsd stop"
Make an eDirectory backup as indicated above.
3. The following packages will need to be removed:
novell-NDSbase
novell-NDSrepair
novell-NDSserv
novell-NLDAPbase
Remove them by performing the following command:
" rpm --erase --nodeps --noscripts novell-NDSbase novell-NDSrepair novell-NDSserv novell-NLDAPbase "
4a. For a 32 bit installation install the packages from this FTF as in the following example:
" rpm --install --force --nodeps novell-NDSbase.i586.rpm novell-NDSrepair.i586.rpm novell-NDSserv.i586.rpm novell-NLDAPbase.i586.rpm "
4b. For a 64 bit installation install the packages from this FTF as in the following example:
" rpm --install --force --nodeps novell-NDSbase.x86_64.rpm novell-NDSrepair.x86_64.rpm novell-NDSserv.x86_64.rpm novell-NLDAPbase.x86_64.rpm "
5. Restart NDSD. "/etc/init.d/ndsd start"
Typing " /opt/novell/eDirectory/bin/ndsstat " should now report a binary version of 20216.87.


=========================================================


SOLARIS INSTALLATION GUIDE:
This is a manual installation.

Server Requirements:
Server MUST be running eDirectory 8.8 Support Pack 3.
This can be verified by typing " /opt/novell/eDirectory/bin/ndsstat " at a terminal session. The binary version displayed
should be 20216.83 if the server is currently running the initial release of 8.8 Support Pack 3.
NOTE: If the version displayed is earlier the server must be upgraded to eDirectory 8.8 Support Pack 3 prior to applying
this FTF.

Pre-Installation checklist:
1. Run a health check on the tree to ensure there are no current problems with this or any other server in the tree.
2. IMPORTANT! You should make a backup of the server's eDirectory database AND NICI files. Among other methods,
this can be done by stopping NDSD, " /etc/init.d/ndsd stop " and creating a tarball achive of the eDirectory instance(s)'s
database ../dib and NICI directory . An eDirectory 8.8.2 database will not load without the ORIGINAL NICI files.
Example (assuming the default database location was selected during the orginal installation):
" /etc/init.d/ndsd stop "
" cd /var/opt/novell/eDirectory/data " " tar -cf ndsbackup.tgz dib "
" cd /var/opt/novell " " tar -cf nici.tgz nici "
Also make a copy of the following files:
/etc/opt/novell/eDirectory/conf/nds.conf
/etc/opt/novell/eDirectory/conf/ndsimon.conf
/etc/opt/novell/eDirectory/conf/ndssnmp/ndssnmp.cfg (if it exists)
/etc/opt/novell/eDirectory/conf/ndssnmp/ndstrap.cfg (if it exists)
/var/opt/novell/eDirectory/data/dib/_ndsdb.ini (if it exists)
3. Ensure this server has eDirectory 8.8 Support Pack 3 installed.

Installation:
1. Log in as a user with root privileges on the host.
2. Stop NDSD. "/etc/init.d/ndsd stop"
Make an eDirectory backup as indicated above.
3. The following packages will need to be removed:
NDSbase
NDSrepair
NDSserv
NLDAPbase
Remove them by performing the following command:
" pkgrm NDSbase NDSrepair NDSserv NLDAPbase "
Answer yes to any additional questions regarding removal and to the dependancy checks.
4. Install the packages from this FTF as in the following examples:
" pkgadd -d NDSbase.pkg "
" pkgadd -d NDSrepair.pkg "
" pkgadd -d NDSserv.pkg "
" pkgadd -d NLDAPbase.pkg "
Answer all to the question as to which packages to install and yes to all other questions.
5. Restart NDSD. "/etc/init.d/ndsd start"
typing " /opt/novell/eDirectory/bin/ndsstat " should now report a Binary Version of 20216.87.


=========================================================


AIX INSTALLATION GUIDE:
This is a manual installation.

Server Requirements:
Server MUST be running eDirectory 8.8 Support Pack 3.
This can be verified by typing " /opt/novell/eDirectory/bin/ndsstat " at a terminal session. The binary version displayed
should be 20216.83 if the server is currently running the initial release of 8.8 Support Pack 3.
NOTE: If the version displayed is earlier the server must be upgraded to eDirectory 8.8 Support Pack 2 prior to applying
this FTF.

Pre-Installation checklist:
1. Run a health check on the tree to ensure there are no current problems with this or any other server in the tree.
2. IMPORTANT! You should make a backup of the server's eDirectory database AND NICI files. Among other methods,
this can be done by stopping NDSD, " /etc/init.d/ndsd stop " and creating a tarball achive of the eDirectory instance(s)'s
database ../dib and NICI directory . An eDirectory 8.8.2 database will not load without the ORIGINAL NICI files.
Example (assuming the default database location was selected during the orginal installation):
" /etc/init.d/ndsd stop "
" cd /var/opt/novell/eDirectory/data " " tar -cf ndsbackup.tgz dib "
" cd /var/opt/novell " " tar -cf nici.tgz nici "
Also make a copy of the following files:
/etc/opt/novell/eDirectory/conf/nds.conf
/etc/opt/novell/eDirectory/conf/ndsimon.conf
/etc/opt/novell/eDirectory/conf/ndssnmp/ndssnmp.cfg (if it exists)
/etc/opt/novell/eDirectory/conf/ndssnmp/ndstrap.cfg (if it exists)
/var/opt/novell/eDirectory/data/dib/_ndsdb.ini (if it exists)
3. Ensure this server has eDirectory 8.8 Support Pack 3 installed.

Installation:
1. Log in as a user with root privileges on the host.
2. Stop NDSD. "/etc/init.d/ndsd stop"
Make an eDirectory backup as indicated above.
3. The following packages will need to be removed:
NDS.NDSbase
NDS.NDSrepair
NDS.NDSserv
NDS.NLDAPbase
Remove them by performing the following command:
" installp -ug NDS.NDSbase NDS.NDSrepair NDS.NDSserv NDS.NLDAPbase "
4. Install the packages from this FTF as in the following examples:
" installp -acgXd NDS.NDSbase "
" installp -acgXd NDS.NDSrepair "
" installp -acgXd NDS.NDSserv "
" installp -acgXd NDS.NLDAPbase "
5. Copy back the original configuration files backed up in Preinstall step 2. IE: " mv
nds.conf /etc/opt/novell/eDirectory/conf/nds.conf "
6. Restart NDSD. " /etc/init.d/ndsd start "
typing " /opt/novell/eDirectory/bin/ndsstat " should now report a Binary Version of 20216.87.

security fixes

ZDI-CAN-335

file contents

Files IncludedSizeDate
edir883_ftf2_nix.tgz67.5 MB (70872180)2008-11-06 17:03:15
readme_5036121.htmlN/A2009-03-01 22:26:51

disclaimer

The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information. Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.

Novell is a registered trademark of Novell, Inc. in the United States and other countries. SUSE is a registered trademark of SUSE Linux AG, a Novell business. *All third-party trademarks are the property of their respective owners.

© 2007 Novell, Inc. All Rights Reserved.