Removing Directory Services from a server.
(Last modified: 23Apr2003)
This document (10019060) is provided subject to the disclaimer at the end of this document.
goal
Removing Directory Services from a server.
How to remove server from tree gracefully.
fact
Novell NetWare 4.2
Novell NetWare 4.11
Novell NetWare 5.0
Novell NetWare 5.1
Formerly TID #2949331
symptom
Server has old hardware and needs to be removed from tree
Removing a healthy server from the tree.
Server's context is incorrect, caused by corruption or other problems.
For whatever reason, the server needs to be removed from tree temporarily or permanently.
cause
A server needs to be temporarily or permanently removed from tree.
NOTE: When Novell Directory Services is removed from a server, the following five items are lost:
1. Directory Map Objects
2. Bindery Print Queues
3. Links to user home directories. (The actual directory is not lost, just the link from the user to the directory, which is located in the user object details screen in NetWare Administrator.
4. Trustee assignments (file system rights).
5. Security objects.
To address Items 1-3, see Solution Document 10013535, "Crashed Server - Saving server references (DSMAINT -PSE)"
To address Item 4, either restore trustee assignments from a backup program, or use TBACK3.EXE, available from the Novell File Finder (Files and patches) on the support.novell.com web page. Instructions for this program are in the readme file.
fix
It's important to make sure that the server that you want to remove Directory Services from does not hold a master replica of any partition.
1. Assuming the server has not crashed, Load DSREPAIR | Advanced Options | go to Replica and Partition operations | check here to see if this server holds any master replicas.
2. If this server holds a master replica, determine if another server holds a Read/Write replica of that partition. You can find this information either in NDSmanager, by highlighting the partition, or in DSREPAIR. To find this information in DSrepair, do the following:
Load DSREPAIR | Advanced Options | go to Replica and Partition operations | highlight the Master replica and press enter | select View Replica Ring and enter again. When viewing the replica ring, get the name of a server that holds a R/W copy.
NOTE: Do NOT designate a Subordinate Reference replica as Master. If you do this, you will lose all the objects in that partition immediately.
2a. Go to the server that holds the R/W replica of that partition and designate it the Master replica. Load DSREPAIR | Advanced Options | Replica and Partition Operations | highlight the R/W replica that you want change to a Master replica. Press enter | select Designate this Server as the new master replica and press enter.
NOTE: The DSrepair screen does not automatically refresh, so to make sure the replica has been changed to Master, escape back to the Advanced Options Menu, and go back into Replica and Partition Operations. You should see the change.
3. Make sure that the server you want to remove Directory Services from is not the SINGLE or REFERENCE Time provider. To check this, Load DSREPAIR | select Time Synchronization. You will see a column listing the servers and what type of time provider they are.
4. If this server is a SINGLE or REFERENCE Time provider, be sure to designate another server as the same type provider as this server. This can be done with the following steps;
Load SERVMAN (NW4.x) or MONITOR (NW5) | Server Parameters | Time | change both the DEFAULT Time Server Type and Timesync Type entries from SECONDARY to SINGLE or REFERENCE whichever the case may be.
For further information on TIMESYNC and steps to do this, see TID 10058645, "Time Synchronization Setup" or TID 2908867 "Timesync Config, Issues and Definitions"
5. To remove Directory Services (DS) off of this server:
Load INSTALL (NW4x) or NWCONFIG (NW5) | Directory Options | select Remove Directory Services from this server.
6. Load ConsoleOne and manually delete any objects previously associated with the server. (i.e., volume objects, licensing objects, etc.)
7. Delete the security objects associated with this server. They will be the SSL CertificateDNS, SSL CertificateIP and the SAS objects. There is a file in SYS:SYSTEM\NICI\NICISDI.KEY that needs to be deleted as well.
8. Verification of a successful removal:
a) Verify that the procedure has successfully removed DS by selecting the option Remove Directory Services from this server again. If it says "Directory Services has already been removed from this server" then it was successful.
b) Verify the server object has been deleted in NWAdmin
c) Verify removal of Volume objects in NWAdmin (Delete if not - See Step number 6 above.)
d) Verify that the server has been removed from the replica rings by looking, on the server holding the Master replica of a replica that was on the server being removed, in DSRepair | Advanced Options | Replica and Partition Operations | Select replica that was on the server | View replica ring and see if server is gone.
9. To reinstall NDS, follow the steps found in the solution Install a NW 5.x Server after removing DS, NDS, eDirectory.
Note: If Directory Services does not remove gracefully refer to TID #10013746, Steps to force NDS (eDirectory) off a server .
document
| Document Title: | Removing Directory Services from a server. |
| Document ID: | 10019060 |
| Solution ID: | 1.0.34638881.2362154 |
| Creation Date: | 13Oct1999 |
| Modified Date: | 23Apr2003 |
| Novell Product Class: | End of Life NetWare Novell BorderManager Services Novell eDirectory |
disclaimer
The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.