Deploying Novell Open Enterprise Server 2 For Linux Workbook

Deploying Novell Open ¨
Enterprise Server 2 for Linux

Workbook
COURSE 3090
Novell Training Services w w w. n o v e l l . c o m
A U T H O R I Z E D C O U R S E WA R E
Part # 100-005224-001
Version 2
Novell, Inc. Copyright 2009-CNI USE ONLY. 1 HARDCOPY ALLOWED-NO OTHER PRINTING OR DISTRIBUTION ALLOWED
Proprietary Statement Trademarks
Copyright © 2009 Novell, Inc. All rights reserved. Novell, Inc. has attempted to supply trademark information
about company names, products, and services mentioned in this
No part of this publication may be reproduced, photocopied,
manual. The following list of trademarks was derived from
stored on a retrieval system, or transmitted without the express
various sources.
prior consent of the publisher. This manual, and any portion
thereof, may not be copied without the express written Novell, Inc. Trademarks
permission of Novell, Inc.
Novell, NetWare, the N-Design, NDS, and BorderManager are
Novell, Inc. registered trademarks of Novell, Inc. in the United States and
1800 South Novell Place other countries. eDirectory, GroupWise, NetWare 3, NetWare
Provo, UT 84606-2399 3.12, NetWare 4, IPX/SPX, and the NetWare Logotype (teeth
logo) are trademarks of Novell, Inc. CNA, CNI, NAEC, and
Novell Authorized Education Center are service marks of
Disclaimer
Novell, Inc. CNE is a registered service mark of Novell, Inc. in
Novell, Inc. makes no representations or warranties with the United States and other countries.
respect to the contents or use of this manual, and specifically
disclaims any express or implied warranties of merchantability
or fitness for any particular purpose. Other Trademarks
Further, Novell, Inc. reserves the right to revise this publication AMD Athlon, AMD K5, and Duron are trademarks of
and to make changes in its content at any time, without Advanced Micro Devices. American Megatrends ia a
obligation to notify any person or entity of such revisions or registered trademark of American Megatrends Inc.
changes. AppleShare, Aqua, Cocoa, Classic, Macintosh, and OpenGL
are registered trademarks, and Appletalk, Carbon, Quartz, and
Further, Novell, Inc. makes no representations or warranties QuickTime are trademarks of Apple Computer, Inc. Caldera is
with respect to any NetWare software, and specifically a registered trademark of Caldera Systems, Inc. Compaq is a
disclaims any express or implied warranties of merchantability registered trademark of Compaq Computer Corporation. Cyrix
or fitness for any particular purpose. is a registered trademark of Cyrix Corporation. VMS is a
Further, Novell, Inc. reserves the right to make changes to any trademark of Digital Equipment Corporation. HP-UX is a
and all parts of NetWare software at any time, without registered trademark of Hewlett-Packard Company. Celeron,
obligation to notify any person or entity of such changes. Intel, and Pentium are registered trademarks, and Xeon is a
trademark of Intel Corporation. AIX, AS 400, and IBM are
This Novell Training Manual is published solely to instruct registered trademarks and PC Junior is a trademark of
students in the use of Novell networking software. Although International Business Machines Corporation. Linux is a
third-party application software packages are used in Novell registered Trademark of Linus Torvalds. Windows is a
training courses, this is for demonstration purposes only and registered trademark of Microsoft Corporation. Phoenix
shall not constitute an endorsement of any of these software Technologies is a registered trademark of Phoenix
applications. Technologies Ltd. Red Hat is a trademark of Red Hat, Inc.
Further, Novell, Inc. does not represent itself as having any Slackware is registered trademark of Slackware Linux, Inc.
particular expertise in these application software packages and Debian is trademark of Software in the Public Interest, Inc.
any use by students of the same shall be done at the students’ Java and Solaris are registered trademarks of Sun
own risk. Microsystems, Inc. in the United States and other countries.
SuSE is a registered trademark of SuSE AG. UNIX is a
registered trademark of The Open Group. Xerox is a registered
Software Piracy trademark of Xerox Corporation.
Throughout the world, unauthorized duplication of software is
subject to both criminal and civil penalties.
If you know of illegal copying of software, contact your local
Software Antipiracy Hotline.
For the Hotline number for your area, access Novell’s World
Wide Web page at
http://www.novell.com and look for the piracy page under
“Programs.”
Or, contact Novell’s anti-piracy headquarters in the U.S. at
800-PIRATES (747-2837) or 801-861-7101.
Contents
Contents
Introduction
Check the Media in Your Student Kit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Intro-1
Set Up Your Practice Environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Intro-2
Review the Setup Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Intro-2
Review the Setup Diagram . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Intro-3
Prepare Your Host Workstation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Intro-3
Test the Virtual Machines from the Course DVD . . . . . . . . . . . . . . . . . . . . . . Intro-8
Review Exercise Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Intro-8
Exercise Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Intro-8
Exercise Tips . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Intro-9
SECTION 1 Migrate Services and Data from NetWare to OES 2
Exercise 1-1 Preparing Servers for a Consolidation Migration . . . . . . . . . . . . . . . . . . . . . . . 1-2

Exercise 1-2 Migrate Volumes from NetWare to OES 2 for Linux . . . . . . . . . . . . . . . . . . . . 1-7
Exercise 1-3 Migrating iPrint from NetWare to OES 2 for Linux . . . . . . . . . . . . . . . . . . . . 1-19
Exercise 1-4 Migrating DHCP from NetWare to OES 2 for Linux . . . . . . . . . . . . . . . . . . . 1-28
Exercise 1-5 Migrating DNS from NetWare to OES 2 for Linux . . . . . . . . . . . . . . . . . . . . 1-36
Exercise 1-6 Removing the NetWare Server from the Tree . . . . . . . . . . . . . . . . . . . . . . . . . 1-46
SECTION 2 Install and Configure Novell Open Enterprise Server 2 for Linux
Exercise 2-1 Install Novell Open Enterprise Server 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2

Exercise 2-2 Use evmsgui and nssmu. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-5
SECTION 3 Find Support for OES 2 Linux Issues
SECTION 4 Maintaining and Troubleshooting OES 2 for Linux
Exercise 4-1 Backing Up SLES System Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2

Exercise 4-2 Using SMS to Back Up Volume Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4
SECTION 5 Using Dynamic Storage Technology
Exercise 5-1 Shadowing an NCP Volume . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2

Exercise 5-2 Shadowing an NSS Volume . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-7
Exercise 5-3 Creating Shadow Volume Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-15
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. WB TOC-1
To report suspected copying, please call 1-800-PIRATES.
Deploying Novell Open Enterprise Server 2 for Linux / Workbook
SECTION 6 Administering Novell Certificate Server on OES 2 for Linux
Exercise 6-1 Sniffing Packets with ethereal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-2

Exercise 6-2 Exporting a Trusted Root Certificate. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-6
Exercise 6-3 Recreating Server Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-9
SECTION 7 Configuring Storage Access Services on OES 2 for Linux
Exercise 7-1 Configuring iFolder on OES 2 for Linux . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-2

Exercise 7-2 Implementing NetStorage on OES 2 for Linux . . . . . . . . . . . . . . . . . . . . . . . . 7-21
Exercise 7-3 Implementing Novell Archive and Version Services on OES 2 for Linux . . . 7-30
SECTION 8 Implement Patches and Upgrades
Exercise 8-1 (Instructor Demonstration) Set Up an SMT Update Server . . . . . . . . . . . . . . . 8-2
WB TOC-2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
Introduction
Introduction
This workbook is designed to help you practice the skills associated with Course
3090 - Deploying Novell Open Enterprise Server 2 for Linux objectives in a
classroom or in a self-study environment.
The exercises are based on running NetWare 6.5 SP8 and Novell Open Enterprise
Server (OES) 2 servers as virtual machines (guests) running on a SLED 11 or
Windows host machine.
During the exercises, services will be migrated from the NetWare system to an OES
2 Linux system. The NetWare machine will then be taken out of the setup. Another
OES 2 for Linux machine will be added. A SLED 11 virtual machine is available for
use in some of the exercises.
Before starting the exercises, you need to make sure you complete the following
setup tasks:
■ Check the Media in Your Student Kit
■ Set Up Your Practice Environment
■ Review Exercise Guidelines
Check the Media in Your Student Kit

Your 3090 student kit contains the following items:
■ Deploying Novell Open Enterprise Server 2 for Linux Course Manual. This is
the printed course manual that contains instructional and reference content.
■ Deploying Novell Open Enterprise Server 2 for Linux Workbook. This is the
printed workbook that contains step-by-step instructions for setting up and
completing the 3090 course exercises.
■ 3090 Course DVD 1. This DVD contains the course manual and workbook in
PDF format as well as a readme file.
In addition, there are several folders with the following content:
❑ Exercises. This folder contains files used for the course exercises.
❑ OES2_Docs. This folder contains the OES 2 documentation which is
available at http://www.novell.com/documentation/oes2/pdfdoc/oes2.zip.
❑ ISOs. This folder contains ISO files used in this course.
■ 3090 Course DVD 2. This DVD contains additional ISO files used in this
course.
■ 3090 Virtual Machines DVD 1. This DVD contains the DA-NWVIX (NetWare
6.5 SP8) and DA-OES-A (OES2 SP1) VMware virtual machines.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. WB Intro-1
■ 3090 Virtual Machines DVD 2. This DVD contains the DA-SLED (SLED11)
and DA-OES-B (OES2 SP1) virtual machines.
The virtual machine files are compressed.
■ Novell Open Enterprise Server 2 SP1 Product CD. This CD contains the files
necessary for installing OES 2 SP1 as an add-on product to SLES10 SP2.
■ SUSE Linux Enterprise Server 10 SP 2 DVD. This DVD can be used to
facilitate the various labs in this course.
Set Up Your Practice Environment

Set up your practice by completing the following:
■ Review the Setup Requirements
■ Review the Setup Diagram
■ Prepare Your Host Workstation
Review the Setup Requirements
The following are the hardware and software requirements for your practice
environment:
Table Intro-1 Setup Minimum Requirements
Hardware You need one host computer that meets the following requirements:
■ Pentium IV 2.0 GHz (or faster) computer (dual-core recommended)
■ 2 GB (or more) RAM (3 GB recommended)
■ 40 GB (or more) hard disk space
■ DVD drive
Make sure that the host computer is actually addresses all of the installed
RAM. If not, exercises can run extremely slow or even stall a process.
Software To complete the practice environment setup, you need the following
software:
■ SUSE Linux Enterprise Server 10 SP 2 DVD (included in your student kit)
■ 3090 Virtual Servers DVDs (included in your student kit)
■ 3090 Course DVD (included in your student kit), which contains software
and files needed for setup
WB Intro-2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
Introduction
Review the Setup Diagram
In this course you start out with one host machine, to which four virtual servers are
added during the course, as shown in the following:
Figure Intro-1
Prepare Your Host Workstation
To complete the lab exercises in this course, you must first install and configure
VMware virtualization software on your host workstation. To do this, complete the
following:
1. Install Windows or SLED 11 on your host workstation.
2. If you’re installing VMware on a SLED workstation, use the Software
Management module in YaST to install the C/C++ Compiler and Tools pattern.
3. Install VMware Workstation on your host workstation.
VMware is virtualization software that allows you to run an operating system in
parallel to your existing operating system installation. You can use VMware to
install and configure multiple guest operating systems on your computer without
repartitioning your disks.
If you do not have VMware on your system, you can download a copy from the
VMware Web site at (http://www.vmware.com/products/). You can choose
between the following products:
❑ VMware Server: Free version of the VMware product. It can be used to
create, modify, and run VMware images. It does not allow you to create
snapshots, however.
❑ VMware Workstation: Full-featured version of VMware. The software can

be used to create, modify, and run VMware images. You can either purchase
the software or get a free 30 days evaluation key.
❑ VMware Player: Free version of the VMware product. It can run existing
virtual machines, but it can not be used to create VMware images nor does it
allow you to create snapshots.
x Most of the exercises in this course can be done with VMware Server, VMware
Workstation, or VMware Player. However, there are several exercises than can only be
completed with VMware Workstation or VMware Server.
If you need help installing a VMware product, visit

http://www.vmware.com/support/pubs/.
4. If you’re running SLED as your host, configure vmnet1 in VMware by doing the
following:
x The course virtual machines are configured to run in Host-Only mode, preventing them
from communicating on your physical network segment. The following instructions are
included so that your host workstation can communicate with your virtual machines, should
the need arise.
a. Select Computer > More Applications > System > Virtual Network
Editor.
b. When prompted, enter your root user's password.
Introduction
The following is displayed:
Figure Intro-2
c. Select vmnet1.
d. In the Subnet IP field, enter 172.17.0.0, as shown below:
Figure Intro-3
e. Select Save.
f. Open a terminal window and use the su - command to switch to your root user
account.
g. At the shell prompt, enter vi /etc/vmware/networking.
h. Press Ins; then scroll down to the answer
VNET_1_HOSTONLY_NETMASK 255.255.255.0 line.
i. Change this line to answer VNET_1_HOSTONLY_NETMASK
255.255.0.0.
j. Press Esc; then enter :exit.
k. Select Computer > More Applications > System > Virtual Network Editor
again.
l. When prompted, enter your root user's password.

m. Select vmnet1 and verify that the subnet mask has changed to 255.255.0.0, as
show below:
Figure Intro-4
n. Select Save.
o. Shut down and restart the workstation.
p. When the workstation has rebooted, log in and then open a terminal window.
q. Switch to root using the su - command.
r. At the shell prompt, enter ifconfig.
s. Verify that your host’s vmnet1 virtual network adapter has been assigned an
IP address of 172.17.0.1 and a subnet mask of 255.255.0.0, as shown below:
Figure Intro-5
5. If your host workstation is running Windows, do the following to configure

vmnet1:
x The course virtual machines are configured to run in Host-Only mode, preventing them
from communicating on your physical network segment. The following instructions are
included so that your host workstation can communicate with your virtual machines, should
the need arise.
The steps presented here are for Windows XP. The steps for configuring network settings
on Vista and Windows 7 are similar.
a. Select Start > All Programs > VMware > Manage Virtual Networks.
b. Select the Host Virtual Adapters tab.
c. Select the DHCP tab.
d. Select Stop; then select Apply.
e. Select the Host Virtual Network Mapping tab.
f. Select the > icon next to VMware Network Adapter VMnet1; then select
Subnet.
g. In the IP Address field, enter 172.17.0.0.
Introduction
h. In the Subnet Mask field, enter 255.255.0.0.

i. Select OK.
j. Select OK.
k. Select Start > Control Panel > Network Connections.
l. From the Network Connections window, right-click VMnet1; then select
Properties.
m. From the VMware Network Adapter VMnet1 Properties, scroll down and
select Internet Protocol (TCP/IP); then select Properties.
n. Select Use the following IP address; then enter the following:
❑ IP address: 172.17.0.1
❑ Subnet mask: 255.255.0.0
❑ Default gateway: <blank>
o. Select Use the following DNS server addresses; then enter 172.17.0.102 for
the preferred DNS.
x This allows the host workstation to use the DNS server running on the DA-OES-A.
p. Select OK.
q. To close the VMware Network Adapter VMnet1 Properties, select Close.
r. Close the Network Connections window.
6. If you’re running Windows, configure your Windows Firewall to allow PING
requests:
a. Select Start > Control Panel > Windows Firewall.
b. Select the Advanced tab.
c. In the ICMP field, select Settings.
d. Select Allow incoming echo request.
7. Select OK > OK.
8. Create the following folders on your host workstation’s hard drive:
❑ On SLED:
❑ /isos/3090
❑ /vms/3090
❑ On Windows XP:
❑ C:\isos\3090
❑ C:\vms\3090
9. Copy the ISO files from your course DVD to the /isos/3090 folder on your hard
drive.
10. Copy the course virtual machine files from your course virtual machine DVDs to
the /vms/3090 directory on your hard drive.
11. Configure the hot keys used to release the focus from the virtual machine by doing
the following:
a. In the VMware window, select Edit > Preferences > Hot Keys.
b. Mark Ctrl + Shift + Alt.
c. Select OK.
Test the Virtual Machines from the Course DVD
Complete the following:

1. Power on the DA-NWVIX, DA-OES-A, DA-OES-B, and DA-SLED virtual
machines and verify that they are running correctly.
2. Make sure the virtual machines have network connectivity:
a. From DA-SLED open a terminal window and enter the following command:
❑ ping -c3 da-nwvix.digitalairlines.com
b. From DA-NWVIX enter the following command:
❑ ping da-sled.digitalairlines.com
c. Press Esc to close the NetWare Ping utility.
d. Repeat this process to ping DA-SLED and DA-NWVIX from DA-OES-A.
3. Shut down the virtual machines.
a. From the DA-NWVIX console prompt, enter down.
b. From the DA-SLED virtual machine right-click the desktop; then select Open
Terminal.
c. At the terminal prompt enter the following
su -
d. For the password enter n0v3ll.
e. Shut down the DA-SLED machine by entering init 0.
f. Repeat this process to shut down DA-OES-A.
Review Exercise Guidelines

The following information provides guidelines to help you make the most of the
exercises provided in this course:
■ Exercise Conventions
■ Exercise Tips
Introduction
Exercise Conventions
The exercises use conventions that indicate information you need to enter that is
specific to your server.
The following describes the most common conventions:

■ italicized/bolded text. This is a variable reference to your unique situation, such
as the host name of your server.
For example, if the host name of your server is DA3 and you see the following:
hostname.da.com
you would enter
DA3.da.com
■ 172.17.8.x or DAx. This is the IP address or host name that is assigned to a
server.
For example, if your IP address is 172.17.8.101 and you see the following:
172.17.8.x
you would enter
172.17.8.101
■ Click and Select. The words click and select is used in exercise steps to indicate
a variety of actions including clicking a button on the interface and selecting a
menu item.
■ Enter and Type. The words enter and type have distinct meanings.
The word enter means to type text in a field or type text at a command line
prompt and press the Enter key. The word type means to type text without
pressing the Enter key.
If you are directed to type a value, make sure you do not press the Enter key or
you might activate a process that you are not ready to start.
Exercise Tips
Although we rely on your familiarity with computers and computer technology to

complete the exercises, the following tips can help you when using the workbook to
complete exercises:
■ Exercise sequence. The exercises are designed to be performed in sequence.
■ iManager and popup windows. iManager relies on pop-up windows being
available to display many of its dialogs.
Make sure your Firefox browser is configured to allow popup windows, or you
will experience problems with iManager throughout the exercises in the course.
■ Linux command line entry. Several times during the exercises, you are
required to enter commands in a terminal window that are long or repeat several
times. To save time, try using the following features:
❑ Tab fill. When entering a path to a directory or file, you can type a few
letters and press the Tab key to fill in an existing directory or filename. If the
letters you typed are ambiguous (there is more than one file or directory that
starts with those letters), press Tab again to view the available names.
❑ Command history. If you have already entered a command once and need
to enter it again (part or all of the command), you can scroll through a
history of commands by using the up or down arrow key to display the
command you need.
■ Keyboard entry problems. If you cannot use the keyboard to enter text, try
selecting the virtual machine window with the mouse.
■ Blank virtual machine displays. If the virtual machine desktops go blank, the
desktop screen saver has started. You can return to the desktop display by
clicking in the virtual machine. If that does not turn off the screen saver, press
the Up- or Down-arrow key.
You can also turn off or reconfigure the desktop screen saver by selecting
Computer > Control Center > Look and Feel > Screensaver.
Migrate Services and Data from NetWare to OES 2
SECTION 1 Migrate Services and Data from NetWare to OES 2
In this section of the workbook, you learn how to do the following:

■ “Migrate Volumes from NetWare to OES 2 for Linux” on page 1-7
In this exercise, you practice completing a same-tree migration of the DATA and
APPS volumes from the DA-NWVIX NetWare server to the DA-OES-A server.
■ “Migrating iPrint from NetWare to OES 2 for Linux” on page 1-19
In this exercise, you practice completing a same-tree migration of Novell iPrint
data from the DA-NWVIX NetWare server to the DA-OES-A server.
■ “Migrating DHCP from NetWare to OES 2 for Linux” on page 1-28
In this exercise, you practice completing a same-tree migration of DHCP
configuration and lease data from the DA-NWVIX NetWare server to the
DA-OES-A server.
■ “Migrating DNS from NetWare to OES 2 for Linux” on page 1-36
In this exercise, you practice completing a same-tree migration of DNS
configuration and zone data from the DA-NWVIX NetWare server to the
DA-OES-A server.
■ “Removing the NetWare Server from the Tree” on page 1-46
After you have migrated services from DA-NWVIX to DA-OES-A, you practice
removing the NetWare server from the tree and bringing the server down.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. WB 1-1
Exercise 1-1 Preparing Servers for a Consolidation Migration
In this exercise, you prepare the DA-NWVIX and DA-OES-A servers for a
consolidation migration. Complete the following:
■ Part I: Prepare the Source Server
■ Part II: Prepare the Destination Server
Part I: Prepare the Source Server
Prepare the DA-NWVIX server for a consolidation migration by doing the following:
1. If necessary, start VMware on your host workstation and open the following files:
❑ /vms/3090/DA-OES-A/DA-OES-A.vmx
❑ /vms/3090/DA-NWVIX/DA-NWVIX.vmx
x If your host workstation is running Windows, these files are located in C:\VMS\3090.
2. Power on your DA-OES-A and DA-NWVIX virtual machines.

Wait until both virtual servers have fully started.
3. Verify the health of the eDirectory tree by running a full unattended repair. Do the
following:
a. Switch to your DA-NWVIX virtual server.
b. Toggle to the server console by pressing Ctrl + Esc and then entering 1.
c. At the server console, enter DSREPAIR.
d. In the Available Options menu, select Unattended Full Repair.
Wait while the repair is run.
e. When prompted that all operations have been completed, review the number
of errors fixed; then press Enter.
f. Review the contents of the DSREPAIR.LOG file.
g. When done, press Esc.
4. Verify time synchronization with DA-OES-A by doing the following:
a. Select Time Synchronization in the Available Options menu.
b. Review the contents of the DSREPAIR.LOG file.
WB 1-2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
You may find that time is not synchronized, as shown in the figure below:
Figure 1-1
If this is the case, do the following to synchronize time:

1. Switch to your DA-OES-A virtual server.
2. Log in as geeko with a password of novell.
3. Open a terminal session by right-clicking on the desktop and selecting
Open Terminal.
4. Change to root by entering su - followed by a password of n0v3ll.
5. At the shell prompt, enter rcntp stop.
6. At the shell prompt, enter ntpdate da-nwvix.digitalairlines.com.
7. Repeat this command by pressing the Up Arrow key and then pressing
Enter.
8. Continue doing this until the time offset is as small as possible. An
example is shown below:
Figure 1-2
9. At the shell prompt, enter rcntp start.

10. Switch back to DA-NWVIX and press Esc to exit the View Log File
screen.
11. In the Available Options menu, select Time Synchronization again.
12. Verify that time is synchronized between DA-NWVIX and DA-OES-A,

as shown below:
Figure 1-3
c. Press Esc to exit the View Log File screen.

5. Verify replica synchronization by doing the following:
a. In the Available Options menu, select Report Synchronization Status.
b. Verify that all replicas are synchronized. An example is shown in the figure
below:
Figure 1-4
c. Press Esc.
d. In the Available Options menu, select Exit > Yes.
Part II: Prepare the Destination Server
Prepare the DA-OES-A server for the consolidation migration by doing the
following:
1. Switch to DA-OES-A.
2. If necessary, log in as geeko with a password of novell.
3. Select Computer > YaST.
4. When prompted, enter a password of n0v3ll.
5. Select Open Enterprise Server > OES Install and Configuration.
6. When prompted to insert your OES 2 installation disc, do the following:
a. Select Eject.
b. Select VM > Removable Devices > CD/DVD > Settings.
c. Select Use ISO Image File; then browse to and select the
OES2-SP1-i386-CD1.iso file located in /isos/3090/.
x If your host workstation is running Windows, this file is located in C:\ISOS\3090.
d. Mark Connected; then select OK.

You should see a File Browser window open, displaying the contents of the
OES 2 installation disc.
e. Close the File Browser window.
7. In YaST, select OK.
8. In the Software Selection screen, mark the following OES services for installation:
❑ Novell NCP Server for Linux
❑ Novell Storage Services (NSS)
❑ Novell iPrint
❑ Novell DHCP
❑ Novell DNS
9. Select Accept.
Wait while the services are installed.
10. When prompted to connect to the SLES 10 SP2 disc, select Eject.
11. Connect your virtual CD/DVD drive to the

SLES-10-SP2-DVD-i386-GM-DVD1.iso file located in your isos directory.
12. In YaST, select OK to continue the installation.
Wait while the installation is completed. When done, the following is displayed:
Figure 1-5
13. Under iPrint select Enabled. The Configure status should change to Disabled.
14. Repeat this for the following services:

❑ Novell DNS Services
❑ Novell DHCP Services
❑ Novell Storage Services
❑ NCP Server
15. Select Next.
16. When prompted that the installation is complete, select Finish.
17. In the Novell Customer Center Configuration screen, select Configure Later;
then select Next.
18. Close YaST.
Exercise 1-2 Migrate Volumes from NetWare to OES 2 for Linux
In this exercise, you complete a same-tree migration of the DATA and APPS volumes
from the DA-NWVIX NetWare server to the DA-OES-A server.
The DATA and APPS volumes on DA-NWVIX contain the following subdirectories
and trustee assignments:
Table 1-1 Directory Trustees Rights
/DATA/Corporate_Shared CORPORATE.SLC.DA RWCEMF
/DATA/Custsvc_Shared CUSTSVC.SLC.DA RWCEMF
/DATA/Flightops_Shared FLIGHTOPS.SLC.DA RWCEMF
/DATA/IS_Shared IS.SLC.DA RWCEMF
/DATA/Marketing_Shared MARKETING.SLC.DA RWCEMF
/DATA/Reservations_Shared RESERVATIONS.SLC.DA
/APPS/ DA RWCMF
/APPS/ IS.SLC.DA SRWCEMFA
To migrate these volumes, complete the following:

■ Part I: Configure Linux User Management and NSS
■ Part II: Create Destination Volumes on DA-OES-A
■ Part III: Migrate Volume Data to DA-OES-A
Part I: Configure Linux User Management and NSS
Before you can migrate volumes, you need to be able to make your admin user in
eDirectory the owner of several directories in the Linux server’s file system.
For this to happen, eDirectory users must be able to function as POSIX users. Linux
User Management (LUM) must be configured and running.
You also need to configure and enable NSS.
Do the following:
1. Verify that your DA-NWVIX and DA-OES-A virtual servers are running.
2. If necessary, log in to DA-OES-A as geeko with a password of novell.
4. When prompted, enter a root password of n0v3ll.
5. Select Open Enterprise Server > OES Install and Configuration.
6. If prompted, select Eject; then connect your virtual CD/DVD drive to the
OES2-SP1-i386-CD1.iso file located in /isos/3090/ and select OK.
7. In the Software Selection screen, verify that Novell Linux User Management
(LUM), Novell Storage Services (NSS), and Novell NCP Server/Dynamic
Storage Technology are selected under OES Services; then select Accept.
Figure 1-6
8. Under Linux User Management, select disabled.

The Reconfigure status should change to “enabled.”
9. Select Linux User Management.
10. When prompted, enter an admin password of novell.
11. Set the following parameters in the screen displayed:

❑ Directory Server Address: 172.17.8.102
❑ UNIX Config Context: ou=SLC.o=DA
❑ UNIX Workstation Context: ou=DEL.o=DA
This is shown below:
Figure 1-7
12. Select Next.
Figure 1-8
13. In the Linux User Management Configuration screen, select Select All; then select
Next.
14. In the Novell Open Enterprise Server Configuration screen, select Novell Storage
Services (NSS).
15. In the NSS Unique Admin Object screen, leave all values at their default settings
and select Next.
16. In the Novell Open Enterprise Server Configuration screen, select NetWare Core
Protocol (NCP) Server.
17. In the NCP Server Configuration screen, leave all values at their default settings
and select Next.
18. In the Novell Open Enterprise Server Configuration screen, disable configuration
for the following services:
19. Select Next.
Wait while the products are configured.

20. When prompted to restart eDirectory and Remote Manager, select Yes.
21. In the Installation Completed screen, select Finish.
22. In the Novell Customer Center Configuration screen, mark Configure Later; then
select Next.
23. Close YaST.
24. Verify that LUM is working by doing the following:

a. At the server desktop of DA-OES-A, select Computer > Gnome Terminal.
b. At the shell prompt, enter su admin.
c. When prompted for a password, enter novell.
You should now be logged in to the shell session as your eDirectory admin
user, as shown below:
Figure 1-9
d. At the shell prompt, enter exit.
Part II: Create Destination Volumes on DA-OES-A
Once LUM is running, your next task is to create destination volumes on DA-OES-A.
The data from the source volumes on DA-NWVIX will be migrated to these
volumes.

1. On your DA-OES-A server, select Computer > Firefox.
2. Open Novell Remote Manager (NRM) by navigating to
http://da-oes-a.digitalairlines.com:8008.
3. If prompted to accept a security certificate, select Accept This Certificate
Permanently; then select OK.
4. Log in as admin.SLC.DA with a password of novell.
5. Select Manage NCP Services > Manage Shares.
6. Under Configuration, select Create New Share.
Figure 1-10
7. Create a new NCP volume named DATA by doing the following:

a. In the Volume Name field, enter DATA.
b. In the Path field, enter /novell/volumes/DATA.
c. Select Create if not present.
d. Select OK.
Figure 1-11
e. Confirm the creation of the NCP volume by selecting OK.
8. Create a new NCP volume named APPS by doing the following:

a. Under Configuration, select Create New Share.
b. In the Volume Name field, enter APPS.
c. In the Path field, enter /novell/volumes/APPS.
d. Mark Create if not present.
e. Select OK.
f. Confirm the creation of the NCP volume by selecting OK.
You should now see the DATA and APPS volumes listed at the bottom of the
list of Active Shares, as shown below:
Figure 1-12
9. Make admin the owner of the directories in the Linux file system that services the
DATA and APPS volume by doing the following on DA-OES-A:
a. Switch to your Gnome Terminal window.
b. At the shell prompt, enter su -.
c. When prompted for root’s password, enter n0v3ll.
d. At the shell prompt, enter chmod 755 /novell.
This gives others Read and Execute permissions to the /novell directory.
e. At the shell prompt, enter chmod 755 /novell/volumes.
This gives others Read and Execute permissions to the /novell/volumes
directory.
f. At the shell prompt, enter ls -l /novell/volumes.
The root user should be listed as the owner of the APPS and DATA
directories, as shown below:
Figure 1-13
g. At the shell prompt, enter chown admin /novell/volumes/DATA/.

h. At the shell prompt, enter chown admin /novell/volumes/APPS/.
i. At the shell prompt, enter ls -l /novell/volumes.
The admin user (from eDirectory) should be listed as the owner of the DATA
and APPS directories, as shown below:
Figure 1-14
Notice that the directory owner (admin) has rwx permissions to the
directory, allowing admin Read, Write, and Execute access to the directory.
j. Make admin the owner of the /novell/volumes directory as well by entering
chown admin /novell/volumes at the shell prompt.
Part III: Migrate Volume Data to DA-OES-A
With the destination volumes created, you can now migrate the source DATA and
APPS volumes on DA-NWVIX to DA-OES-A.
The DATA volume on DA-NWVIX contains shared directories, one for each
department in the Salt Lake City office. This is shown below:
Figure 1-15
To control access, the following trustee assignments have been granted to the
directories on the DATA volume:
/DATA/Corporate_Shared CORPORATE.SLC.DA RWCEMF
/DATA/Reservations_Shared RESERVATIONS.SLC.DA RWCEMF
The APPS volume on DA-NWVIX contains shared application files used by all
Digital Airlines employees. Therefore the .DA container has been assigned RWCMF
rights to the root of this volume.
For administrative purposes, the IS.SLC.DA container has been assigned

SRWCEMFA rights to the root of the APPS volume.
You need to migrate the DATA volume from the DA-NWVIX server to the DATA
NCP volume on DA-OES-A. You also need to migrate the APPS volume from
DA-NWVIX to APPS on DA-OES-A.
Do the following:
1. At the shell prompt of DA-OES-A, enter rcnovell-xregd restart.
This daemon is responsible for synchronizing NCP users.
2. Enter miggui at the shell prompt.
Figure 1-16
3. Authenticate to the source and target servers by doing the following:

a. Select the Source server icon in the Migration pane.
b. Enter the following to authenticate to the source NetWare server:
❑ Server: da-nwvix.digitalairlines.com
❑ Port: 636
❑ User Name: cn=admin,ou=SLC,o=DA
❑ Password: novell
❑ Use SSL: Marked
c. Select OK.
If the authentication was successful, the Source server icon turns green and
its DNS name or IP address is displayed beneath it.
d. Select the Target server icon.
e. Enter the following to authenticate to the target OES 2 Linux server:
❑ root Password: n0v3ll
❑ Port: 636
❑ Use SSL: Marked
f. Select OK.
If the authentication was successful, the Target server icon turns green and
4. In the Migration Type drop-down list, select Consolidate.
5. Configure a volume migration by doing the following:
a. Under Services to Migrate, select Add.
b. Select File System; then select OK.
File System is added to the list of services to migrate.
c. Select File System; then select Configure.
d. In the Target Server pane, expand NCP Volumes.
e. In the Source Server pane, drag the DATA volume and drop it on the DATA
volume on the target server.
f. In the Volume Drop Options, leave the default selection marked and select
OK.
g. In the Source Server pane, drag the APPS volume and drop it on the APPS
volume on the target server.
h. In the Volume Drop Options, leave the default selection marked and select
OK.
Your Volume Information tab should appear as follows:
Figure 1-17
i. Select the File Options tab.
Figure 1-18
j. Select the following:

❑ Always Copy Source Files
❑ Exclude User Quotas
❑ Exclude Directory Quotas
k. In the Exclude Files field, enter *.mp3, *.acc, *.m4a, *.m4p.
l. Under Sync Options, select Delete Files Not on Source.
m. Select OK.
6. Select Save Project to save your migration project.
7. When prompted to save the migration project, select Yes.
8. Select Start in the Migration pane to start the migration process.
9. When prompted to proceed, select Yes.
Wait while the volume migration takes place. You can view the status of the
migration in the Status pane.
10. When complete, select Quit.
11. When prompted to save the project, select Yes.
12. Verify that the migrations occurred correctly by doing the following:
a. At the shell prompt, enter ncpcon.
b. At the ncpcon prompt, enter the following command:
rights view DATA:Corporate_Shared
Compare the rights displayed with those shown on page 1-13.
c. At the ncpcon prompt, enter the following:
rights view APPS:
Compare the rights displayed with those shown on page 1-13.
d. Enter quit to leave ncpcon.
e. Close all open windows on the server desktop.
(End of Exercise)
Exercise 1-3 Migrating iPrint from NetWare to OES 2 for Linux
In this exercise, you practice completing a same-tree migration of Novell iPrint data
from the DA-NWVIX NetWare server to the DA-OES-A server.
The iPrint environment on your NetWare server consists of the following

components:
■ Broker: DigitalAirlinesPrintBroker.SLC.DA
■ Print Manager: DigitalAirlinesPrintManager.SLC.DA
■ Printer: DigitalAirlinesPrinter.SLC.DA
To migrate these components to your OES 2 for Linux server, you need to complete
the following tasks:
■ Part I: Configure iPrint on DA-OES-A
■ Part II: Migrate the iPrint Environment to DA-OES-A
Part I: Configure iPrint on DA-OES-A
The first task you need to complete is to configure iPrint on DA-OES-A. Do the
following:
3. If necessary, log in to your DA-OES-A server as geeko with a password of novell.
4. Configure iPrint on DA-OES-A by doing the following:
a. On your DA-OES-A server desktop, select Computer > YaST.
b. When prompted, enter a root password of n0v3ll.
c. In YaST, select Open Enterprise Server > OES Install and Configuration.
Figure 1-19
d. Verify iPrint is already marked; then select Accept.

e. In the Novell Open Enterprise Server Configuration screen, select disabled
under iPrint.
f. Select iPrint.
g. When prompted for your admin user’s password, enter novell.
h. In the Directory Server Address drop-down list, verify that 172.17.8.102 is
listed; then select Next.
i. In the Novell Open Enterprise Server Configuration screen, disable
configuration for the following services:
j. Select Next.
Wait while the iPrint service is configured.
k. In the Installation Completed screen, select Finish.
l. In the Novell Customer Center Configuration screen, select Configure Later;
then select Next.
m. Close YaST.
5. Create a Driver Store on DA-OES-A by doing the following:
a. On your DA-OES-A virtual server, select Computer > Firefox.
b. In Firefox, open https://da-oes-a.digitalairlines.com/nps/iManager.html.
c. Log in to iManager as admin.SLC.DA with a password of novell.

d. In the top menu bar, select the Configure icon.
e. In the Configure list on the left, select Role-Based Services > RBS
Configuration.
f. Select the link (most likely “3”) in the Not installed column.
g. Select all available modules; then select Install.
h. Confirm the message that appears asking you if you want to install the selected
modules by selecting OK.
i. When the message appears indicating the modules were installed, select OK.
j. In the top menu bar, select the Roles and Tasks icon.
k. In the Roles and Tasks list, select iPrint > Create Driver Store. The
following is displayed:
Figure 1-20
l. In the Driver Store Name field, enter OESDriverStore.

m. In the Container Name field, browse to and select DEL.DA.
n. In the Target Server field, enter da-oes-a.digitalairlines.com.
o. In the eDir Server Name field, browse to and select DA-OES-A.DEL.DA.
p. Select OK.
q. When prompted that the driver store was created, select Modify.
r. In the Manage Driver Store screen, verify that the status is Active; then select
OK.
6. Create a Print Manager on DA-OES-A by doing the following:

a. In iManager, select iPrint > Create Print Manager. The following is
displayed:
Figure 1-21
b. In the Print Manager Name field, enter OESPrintManager.

c. In the Container Name field, browse to and select DEL.DA.
d. In the eDir Server name field, browse to and select DA-OES-A.DEL.DA.
e. In the Driver Store Name field, browse to and select
OESDriverStore.DEL.DA.
f. Verify that Start Print Manager After Creation is marked.
g. In the DNS Name field, enter da-oes-a.digitalairlines.com.
h. Select OK.
i. When prompted that the Print Manager was created, select Modify.
j. In the Manage Print Manager screen, verify that the status is Active; then
select OK.
k. Minimize the Firefox browser window.
Part II: Migrate the iPrint Environment to DA-OES-A
With iPrint installed on the target server, you can now migrate the iPrint environment
from the source DA-NWVIX NetWare server to your target DA-OES-A OES 2 for
Linux server.

1. Verify that the Broker and Print Manager are loaded on your DA-NWVIX
NetWare server.
a. Press Ctrl+Esc and enter the number in front of the NDPS Broker entry.
You should see a screen similar to the following on your server console:
Figure 1-22
If it is not running, switch back to the System Console and enter load
broker.
b. Press Ctrl+Esc again and enter the number in front of the NDPS Manager
entry.
You should see a screen similar to the following on your server console:
Figure 1-23
If it is not running, switch back to the System Console and enter load
ndpsm.
2. From your DA-OES-A server desktop, open a terminal window and switch to root
using the su - command with a password of novell.
3. Start the Migration Tool by entering miggui at the shell prompt.
4. When prompted to open your last project, select No.

❑ Port: 636
❑ Use SSL: Marked
c. Select OK.
❑ Port: 636
❑ Use SSL: Marked
f. Select OK.
6. Select Consolidate from the Migration Type drop-down list.
7. In the Services to Migrate pane, select Add.
8. In the Service Name list, select Novell iPrint; then select OK.
9. In the Services to Migrate pane, select Novell iPrint; then select Configure.
Figure 1-24
10. On the Print Objects tab, configure the following:

❑ Source Print Manager: Browse to and select
cn=DigitalAirlinesPrintManager,ou=SLC,o=DA.
❑ Target Print Manager: Browse to and select
cn=OESPrintManager,ou=DEL,o=DA.
11. Select Get Printers.
12. Under Source Printers, mark DigitalAirlinesPrinter.
13. Select Target Context; then browse to and select the ou=DEL,o=DA container.
14. Select the Other Options tab. The following is displayed:
Figure 1-25
15. In the Target Driver Store DN field, browse to and select

cn=OESDriverStore,ou=DEL,o=DA.
16. Select OK.
17. Select Start to start the iPrint migration.
18. When prompted to save the project file, select Yes.
Wait while iPrint is migrated. During the migration process, you can monitor the
progress in the Status pane, shown below:
Figure 1-26
20. When prompted that the migration was successful, save your changes to the
migration project and then quit the Migration Tool.
21. Verify that the migration was completed correctly by doing the following:
a. On your DA-OES-A virtual server, restore your Firefox browser window.
b. Select iPrint > Manage Print Manager.
c. In the iPrint Manager Name field, browse to and select
OESPrintManager.DEL.DA; then select OK.
d. Verify the Print Manager status is Active.
e. Select the Printer Agents tab.
You should see the DigitalAirlinesPrinter displayed, as shown below:
Figure 1-27
22. Select OK.
23. Modify the iprint.digitalairlines.com DNS record to point to DA-OES-A by doing

the following:
a. In iManager, select DNS > Resource Record Management.
b. In the drop-down list, select View/Modify Resource Record; then select OK.
c. In the Select Domain Name drop-down list, select digitalairlines.com.
d. In the Select a Host Name field, browse to and select the iprint A record.
e. Select Modify.
f. In the IP Address field, enter 172.17.8.102.
g. Select Done > OK > Done > OK.
24. Switch to your DA-NWVIX server and unload the following NLMs:
❑ NDPSM.NLM
❑ BROKER.NLM
25. Log out of iManager and close your browser window.
26. Close all open windows on the server desktop.
(End of Exercise)
Exercise 1-4 Migrating DHCP from NetWare to OES 2 for Linux
In this exercise, you practice completing a server-level migration of DHCP

configuration and lease data from the DA-NWVIX NetWare server to the DA-OES-A
server.
To do this, you need to complete the following tasks:

■ Part I: Configure the Novell DHCP Service on DA-OES-A
■ Part II: Migrate DHCP from DA-NWVIX to DA-OES-A
Part I: Configure the Novell DHCP Service on DA-OES-A
The first task you need complete is to configure the Novell DHCP service on your
DA-OES-A server. Do the following:
4. Configure Novell DHCP by doing the following:
b. When prompted, enter a root password of n0v3ll.
Figure 1-28
d. Verify Novell DHCP is selected; then select Accept.

The Novell Open Enterprise Server Configuration screen is displayed.
e. In the Novell Open Enterprise Server Configuration screen, select Novell

DHCP Services.
f. When prompted for your admin user’s password, enter novell.
The following screen is displayed:
Figure 1-29
g. Configure the following parameters:

❑ DHCP Server Context: ou=DEL.o=DA
❑ DHCP Server Object Name: DHCP_da-oes-a
❑ Locator Context: ou=DEL.o=DA
❑ Group Context: ou=DEL.o=DA
h. Select Next.
i. In the Novell DHCP LDAP and Secure Channel Configuration screen, verify
that the settings are correct; then select Next.
j. In the Novell DHCP Services Interface Selection screen, verify that your
network board is selected; then select Next.
k. In the Novell Open Enterprise Server Configuration screen, select enabled
under Novell DNS Services.
l. Select Next.
Wait while the DHCP service is configured.
m. When the installation is complete, select Finish.
n. In the Novell Customer Center Configuration screen, select Configure Later;
then select Next.
o. Close YaST.
Part II: Migrate DHCP from DA-NWVIX to DA-OES-A
With the Novell DHCP service installed, you can now migrate the DHCP service
from your DA-NWVIX server to your DA-OES-A server.
Do the following:
1. Verify that the DHCP service is running on your NetWare server by doing the
following:
a. Switch to your DA-NWVIX virtual server.
b. Toggle to your server console screen.
c. At the server console prompt, enter modules dhcp*.
The DHCPSRVR.NLM should be displayed, as shown below:
Figure 1-30
If it is not running, enter load dhcpsrvr at the server console.

2. Add Read and Write permissions to the DHCP migration directories. Do the
following:
a. Switch back to your DA-OES-A virtual server.
b. Open a terminal session.
c. At the shell prompt, enter su -.
d. When prompted for your root user’s password, enter n0v3ll.
e. At the shell prompt, enter the following commands:
chmod 777 /opt/novell/migration/dhcpmigration/tmp
chmod 777 /opt/novell/migration/dhcpmigration/dhcp
3. Start the Migration Tool by entering miggui at the shell prompt.
4. When prompted to open the last project, select No.
❑ Port: 636
❑ Use SSL: Marked
c. Select OK.
❑ Port: 636
❑ Use SSL: Marked
f. Select OK.
6. Select Consolidate from the Migration Type drop-down list.
7. In the Services to Migrate pane, select Add.
8. In the Service Name list, select Novell DHCP Service; then select OK.
9. In the Services to Migrate pane, select Novell DHCP Service; then select
Configure.
Figure 1-31
10. Mark Server Level.
11. In the Server DN field, browse to and select

cn=DHCP_DA-NWVIX,ou=SLC,o=DA.
12. Select the Other Options tab, shown below:
Figure 1-32
13. Configure the following options on the Other Options tab:

❑ Base DN: Browse to and select ou=DEL,o=DA.
❑ Locator DN: Browse to and select cn=dhcpLocator,ou=DEL,o=DA.
❑ Group DN: Browse to and select cn=DHCPGroup,ou=DEL,o=DA.
14. Select OK.
15. Start the migration by selecting Start in the Migration pane.
16. When prompted, to save your project file, select Yes.
Wait while the DHCP service is migrated.

18. When prompted that the migration was successful, save your changes to the
migration project; then quit the Migration Tool.
19. Check your migration log file for errors by doing the following:
a. At the shell prompt, enter less /var/log/dhcp-migration.log.
b. Review the log file and verify that no errors occurred, as shown below:
Figure 1-33
c. Note the names of the new DHCP objects created during the migration.
d. Press q to close.
e. Launch Firefox and navigate to
https://da-oes-a.digitalairlines.com/nps/iManager.html.
f. Log in as admin.SLC.DA with a password of novell.
g. Select the View Objects icon in the menu bar.
h. Navigate to and select the DEL.DA container.
i. Verify that the objects listed in the log file have been created. You should see
that a second DHCP Server object has been created along with a DHCP
Service object:
❑ OESDHCP_DA-NWVIX
❑ dhcpservice_OESDHCP_DA-NWVIX
You will also find the 172.17.0.0 Subnet object within the
dhcpservice_OESDHCP_DA-NWVIX object.
20. Edit your /etc/dhcpd.conf file by doing the following:
a. Switch to your terminal session on DA-OES-A.
b. At the shell prompt, enter vi /etc/dhcpd.conf.
The dhcpd.conf file is loaded in the vi editor.
c. Verify that ldap-base-dn is set to “ou=DEL,o=DA”.
d. Press Ins.
e. Modify the value assigned to the ldap-dhcp-server-cn directive to
“OESDHCP_DA-NWVIX”.
This is shown below:
Figure 1-34
x By default, ldap-dhcp-server-cn will be set to the DHCP server that was created when
the Novell DHCP service was installed on the server. You must change this parameter
to the new DHCP server that was created during the migration.
f. Press Esc; then enter :exit to save your changes and exit the vi editor.
21. At the shell prompt, enter the following command (all on one line):
cp /var/lib/dhcp/db/dhcpd.leases /var/lib/dhcp/db/dhcpd.leases.old
22. At the shell prompt, enter the following command (all on one line):
cp /var/opt/novell/dhcp/leases/DHCP_DA-NWVIX.leases
/var/lib/dhcp/db/dhcpd.leases
23. Start the OES 2 for Linux DHCP server by entering rcdhcpd start at the shell
prompt.
24. Verify that the service started correctly by entering tail /var/log/messages at the
shell prompt. You should see messages from the dhcpd daemon similar to the
following:
Figure 1-35
25. To make sure that dhcpd starts after eDirectory, edit the /etc/init.d/dhcpd file.
Within the INIT INFO block, add ndsd to the Required-Start line. It should look
like the following:
# Required-Start: $local_fs $remote_fs $network ndsd
Save the file and close the editor.
26. Make sure that dhcpd is started automatically when the system starts by entering
chkconfig dhcpd on at the shell prompt.
27. Switch to your DA-NWVIX virtual server.
28. At the server console of DA-NWVIX, enter unload dhcpsrvr.nlm.
29. Use your DA-SLED virtual workstation to verify that it gets an address from your
new DHCP server by doing the following:
a. Start your DA-SLED virtual workstation.
b. Log in as geeko, open a terminal window, and su - to root (password n0v3ll).
c. Enter ifconfig to view the IP address currently assigned to your network
board.
d. At the shell prompt, enter ifdown eth1 to disable the network interface.
e. At the shell prompt, enter ifup-dhcp eth1.

You should see messages indicating that an IP address was obtained from the
DHCP server.
f. Shut down DA-SLED by entering the following in the terminal window:
halt ; exit
30. Close all open windows on your DA-OES-A server desktop.
(End of Exercise)
Exercise 1-5 Migrating DNS from NetWare to OES 2 for Linux
In this exercise, you practice completing a same-tree migration of DNS configuration

and zone data from the DA-NWVIX NetWare server to the DA-OES-A Linux server.

■ Part I: Configure the Novell DNS Service on DA-OES-A
■ Part II: Migrate DNS from DA-NWVIX to DA-OES-A
Part I: Configure the Novell DNS Service on DA-OES-A
The first task you need complete is to install and configure the Novell DNS service
on your DA-OES-A server. Do the following:
4. Configure the existing DNSDHCP-GROUP and RootServerInfo objects in the tree
to support the Novell DNS service on OES 2 for Linux by doing the following:
b See TID 3884721 for more information about this step.
a. On your DA-OES-A server desktop, select Computer > Firefox.

b. Open https://da-nwvix.digitalairlines.com/nps/iManager.html.
c. Authenticate as admin.SLC.DA with a password of novell.
d. Select Rights > Modify Trustees.
e. In the Object Name field, browse to and select the RootServerInfo.SLC.DA
object; then select OK.
DNSDHCP-GROUP.SLC.DA should be listed as a trustee.
f. Next to the DNSDHCP-GROUP.SLC.DA trustee, select Assigned Rights.
g. On the Entry Rights line, deselect the Create and Delete rights.
The trustee assignments for the DNSDHCP-GROUP.SLC.DA object should

appear as follows:
Figure 1-36
h. Select Done > OK > OK.

i. Log out of iManager and close your browser window.
5. Install Novell DNS by doing the following:
b. When prompted, enter a password of n0v3ll.
Figure 1-37
d. Verify Novell DNS is marked; then select Accept.

The Novell Open Enterprise Server Configuration screen is displayed.
e. Select Novell DNS Services.

f. When prompted for your admin user’s password, enter novell.
Figure 1-38
g. Enter the following parameters:

❑ Directory Server Address: 172.17.8.102
❑ Novell DNS Services Locator Object Context: ou=SLC.o=DA
❑ Novell DNS Services Root Server Info Context: ou=SLC.o=DA
❑ Novell DNS Services Group Object Context: ou=SLC.o=DA
❑ Local NCP Server Context: ou=DEL.o=DA
❑ Use Secure LDAP Port: Checked
h. Select Next.
i. In the Novell Open Enterprise Server Configuration dialog, select Next.
Wait while DNS is configured.
j. When prompted that the installation is complete, select Finish.
k. In the Novell Customer Center Configuration screen, select Configure Later;
then select Next.
l. Close YaST.
Part II: Migrate DNS from DA-NWVIX to DA-OES-A
1. At the server console of DA-NWVIX, enter UNLOAD NAMED.NLM.

2. At the server desktop of DA-OES-A, select Computer > Firefox.
3. In Firefox, open https://172.17.8.101/nps/iManager.html.
4. Authenticate to the tree as admin.SLC.DA with a password of novell.
5. Select the View Objects icon in the toolbar.
6. On the Tree tab, browse to the SLC.DA container.
7. Identify the DNS server object associated with the DA-NWVIX server that will be
migrated to the target OES 2 for Linux server. Record its name and context below:
x The source DNS Server object will be removed during the migration.
8. Use iManager to move the DNS server from DA-NWVIX to DA-OES-A by doing
the following:
a. In iManager, select the Roles and Tasks icon.
b. Select DNS > Scope Settings.
c. In the Context of Locator Object and Administrative Scope fields, enter
SLC.DA.
d. Select OK > OK.
e. Under the DNS role, select DNS Server Management.
f. In the drop-down list, select Move DNS Server; then select OK.
Figure 1-39
g. In the Select DNS Server Name drop-down list, select

DNS_DA-NWVIX.SLC.DA.
h. In the Enter NCP Server Name field, browse to and select
DA-OES-A.DEL.DA.
i. Select Move.
You should see a message indicating that the move was successful, as shown
below:
Figure 1-40
j. Select OK.
k. (Conditional) In Step 9i, if you see an eDirectory interaction failure message,
it indicates the DNS server object did not get moved to the del.da context, but
remained in the slc.da context. Proceed as follows:
1. In iManager, select Directory Administration > Move Object.
2. Under Object name, browse to DNS_DA-OES-A.SLC.DA.
3. Under Move to, enter or browse to DEL.DA; select OK.
4. Confirm the success message by selecting OK.
l. Log out of iManager on DA-NWVIX.
9. Use iManager on DA-OES-A to verify that the migration occurred correctly. Do

the following:
a. Open a new tab in your Firefox browser window.
b. Open https://172.17.8.102/nps/iManager.html.
c. Log in as admin.SLC.DA with a password of novell.
d. In iManager, select Directory Administration > Modify Object.
e. Browse to and select the DNSDHCP-GROUP.SLC.DA object; then select
OK.
f. Select the Members tab. You should see that DA-OES-A has been added as a
member of the group, as shown below:
Figure 1-41
g. Select OK.
h. Select the View Objects icon.
i. On the Tree tab, browse to the DEL.DA container.
j. Verify that the DNS_DA-OES-A object has been created.
10. Start the Novell DNS service on DA-OES-A by doing the following:
a. In iManager, select the Roles and Tasks icon.
b. Select DNS > DNS Server Management.
x You can disregard the warning about scope settings.
c. Select View/Modify Server > OK.

d. Verify that DNS_DA-OES-A.DEL.DA is listed in the Select DNS Server
Name list; then select OK.
e. Verify that the DNS_DA-OES-A is configured to service the

digitalairlines.com zone, as shown below:
Figure 1-42
f. Select Cancel.
g. Under DNS, select Zone Management.
h. Select View/Modify Zone > OK.
i. Select digitalairlines.com in the Select DNS Zone drop-down list; then select
OK.
j. Verify that the DNS_DA-OES-A server is configured to be the authoritative

DNS server for the zone, as shown below:
Figure 1-43
k. Select Cancel.
l. Under DNS, select DNS Server Management.
m. Select Load/Unload Server > OK.
n. Verify that the DNS_DA-OES-A.DEL.DA server is listed in the Select DNS
Server Name drop-down list; then select OK.
o. Select Load.
p. When prompted that the server loaded correctly, select OK.
11. Configure DA-NWVIX and DA-OES-A to use the new resolver address by doing
the following:
c. In YaST, select Network Services > DNS and Hostname.
d. In the Name Server 1 field, enter 172.17.8.102; then select Finish.
e. Close YaST.
f. Select Computer > Gnome Terminal.
g. At the shell prompt, enter nslookup da-oes-a.digitalairlines.com.
h. At the shell prompt, enter nslookup da-nwvix.digitalairlines.com.
These domain names should resolve to 172.17.8.102 and 172.17.8.101, as

shown below:
Figure 1-44
i. Make sure the nameserver starts when the system is booted. In the terminal
window, su - to root and enter
chkconfig novell-named on
j. Switch to your DA-NWVIX virtual server.
k. At the NetWare server console, enter EDIT SYS:\ETC\RESOLV.CFG.
l. Change the value of the name server parameter to 172.17.8.102.
m. Press Esc.
n. When prompted to save the changes, select Yes.
o. Press Esc to exit the editor.
p. At the server console, enter nslookup.
q. In the nslookup screen, enter da-oes-a.digitalairlines.com at the nslookup
prompt.
r. In the nslookup screen, enter da-nwvix.digitalairlines.com at the nslookup
prompt.
s. Verify that these domain names resolve to 172.17.8.102 and 172.17.8.101, as
shown below:
Figure 1-45
t. Enter exit; then press any key to exit.

12. Close all open windows on the desktop of DA-OES-A.
13. (Optional) Boot your DA-SLED virtual workstation and repeat steps 11a through
11h above to configure the workstation to use 172.17.8.102 as its DNS server.
(End of Exercise)
Exercise 1-6 Removing the NetWare Server from the Tree
Now that you have migrated services from DA-NWVIX to DA-OES-A, you can
remove the NetWare server from the tree and bring the server down. In this exercise,
you practice doing this.
You need to do the following:

■ Part I: Promote the Replica on DA-OES-A to Be a Master Replica
■ Part II: Migrate the Organizational Certificate Authority from DA-NWVIX to
DA-OES-A
■ Part III: Remove DA-NWVIX from the Tree
■ Part IV: Clean Up OES 2 for Linux Services on DA-OES-A
Part I: Promote the Replica on DA-OES-A to Be a Master Replica
The first thing you need to do is to promote the replica on DA-OES-A to be the
master replica of the [Root] partition. Do the following:
2. Select Computer > Gnome Terminal.
3. At the shell prompt, change to your root user account by entering su - at the shell
prompt.
5. At the shell prompt, enter ndsrepair -P.
A screen similar to the following is displayed:
Figure 1-46
6. When prompted to enter a replica number, enter 1 to modify the .[Root]. partition.
Figure 1-47
7. When prompted to enter a replica option, enter 5 to designate the server as the new
master replica.
You should see a message indicating that the server now holds the master replica
of the partition and that the replica on DA-NWVIX has been changed to a
read/write replica. This is shown below:
Figure 1-48
Part II: Migrate the Organizational Certificate Authority from DA-NWVIX to

DA-OES-A
The next task you need to complete is to move the organizational certificate authority
from DA-NWVIX to DA-OES-A before removing the NetWare server from the tree.
x Using the Novell Certificate Server on OES 2 for Linux is covered in detail in Section 8 of this
course. The steps presented here are required to be able to complete the exercises that appear in
the next section.
To do this, complete the following:

1. Export the CA's Self-Signed Certificate by doing the following:
a. On the desktop of DA-OES-A, select Computer > Firefox.
b. In your Firefox browser, open
https://da-nwvix.digitalairlines.com/nps/iManager.html.
c. Log in to the DA-TREE as admin.SLC.DA with a password of novell.
d. In iManager, select Directory Administration > Modify Object.
e. In the Object Name field, browse to and select the DA-TREE CA.Security
object; then select OK.
f. Select the Certificates tab.
g. Select Self Signed Certificate; then select Validate.
The certificate status should change to Valid, as shown below:
Figure 1-49
h. Select Self Signed Certificate; then select Export.
Figure 1-50
i. Verify that Export Private Key is marked.

j. In the Password fields enter novell.
k. Select Next.
l. Select Save the Exported Certificate.
m. In the Firefox Opening cert.pfx window, select Save File.
The file is saved to /home/geeko/Desktop on DA-OES-A.
n. In iManager, select Close > OK.
2. Delete the existing Certificate Authority in the tree by doing the following:
a. In iManager, select Delete Object under Directory Administration.
b. In the Object Name field, browse to and select DA-TREE CA.Security; then
select OK.
c. When prompted to confirm the deletion, select OK.
d. When prompted that the object was deleted, select OK.
3. Create a new Certificate Authority in the tree by doing the following:
a. In iManager, select Novell Certificate Server > Configure Certificate
Authority.
Figure 1-51
b. In the Server field, browse to and select DA-OES-A.DEL.DA.

c. In the Object Name field, enter New DA-TREE CA.
x You must not use the same name that was used by the old Certificate Authority.
d. Select Import; then select Next.

e. In the Filename field, browse to and select /home/geeko/Desktop/cert.pfx.
f. In the Password field, enter novell; then select OK.
g. Select Next > Next.
Figure 1-52
h. Select Finish.
i. Select OK.
j. In iManager, select Directory Administration > Modify Object.
k. In the Object Name field, browse to and select the New DA-TREE
CA.Security object; then select OK.
l. Verify that the Host Server is DA-OES-A.DEL.DA, as shown below:
Figure 1-53
m. Select Cancel; then log out of iManager and close your browser window.
Part III: Remove DA-NWVIX from the Tree
With the replica promoted and the CA migrated, you can now remove DA-NWVIX
from the eDirectory tree. Do the following:
1. Switch to your DA-NWVIX virtual server.
2. At the server console, enter NWCONFIG.
3. Select Directory Options.
Figure 1-54
4. Select Remove Directory Services from this Server.

5. Read the Warning screen that is displayed; then press Enter.
6. When prompted to remove Directory Services, select Yes.
7. Authenticate as admin.SLC.DA with a password of novell.
8. Read the warning about external references; then press Esc.
9. When prompted to remove Directory Services, select Yes.
10. If you see a Timesync warning screen, press Enter.
11. When prompted that Directory Services has been removed, press Enter.
12. When prompted to reboot the server, select No.
13. Press Esc twice; then select Yes to exit NWCONFIG.
14. At the server console of DA-NWVIX, enter DOWN.
15. Switch to your DA-OES-A virtual machine.
16. At the shell prompt of DA-OES-A, enter ndsrepair -U.
Wait while ndsrepair performs a full unattended repair on your eDirectory tree.
17. If necessary, run ndsrepair -U again until 0 errors are reported.
Part IV: Clean Up OES 2 for Linux Services on DA-OES-A
Before proceeding, you must reconfigure the LUM and LDAP services on
DA-OES-A to point to 172.17.8.102 instead of 172.17.8.101.
Do the following:
1. On DA-OES-A, select Computer > YaST.
3. In YaST, select Open Enterprise Server > OES Install and Configuration.
4. In the Patterns window, select Accept (without marking any new packages for
installation).
5. Under LDAP Configuration for Open Enterprise Services, select Disabled. (The
Reconfigure status should change to Enabled.)
6. Select LDAP Configuration for Open Enterprise Services.
7. In the Admin Password field, enter novell.
8. In the list of configured LDAP servers, select 172.17.8.101; then select Delete.
The LDAP server on DA-OES-A (172.l7.8.102) should still be listed, as shown

below:
Figure 1-55
9. Select Next.
x The following steps regarding LUM are needed if you used the IP address 172.17.8.101 for
LUM in “Part I: Configure Linux User Management and NSS” on page 1-7.
10. Under Linux User Management, select Disabled. (The Reconfigure status should
change to Enabled.)
11. Select Linux User Management.
12. In the Directory Server Address drop-down list, select 172.17.8.102, as shown
below:
Figure 1-56
13. Select Next > Next.
14. In the Novell Open Enterprise Server Configuration screen, select Disabled under
Novell Storage Services (NSS).
15. Select Novell Storage Services (NSS).
16. When prompted, enter an admin password of novell.
17. In the Directory Server Address drop-down list, select 172.17.8.102.
18. Select Next > Next.
Wait while the settings are applied.

19. Select Finish.
20. In the Novell Customer Center Configuration screen, select Configure Later;
then select Next.
21. Close YaST.
22. If necessary, open a terminal session by selecting Computer > Gnome Terminal
and then change to your root user account using the su - command and a password
of n0v3ll.
23. Open the /etc/ntp.conf file in the vi editor.
The NTP server on DA-OES-A is configured to get time from 172.17.8.101.

Because DA-NWVIX will not be running for the remainder of the course,
DA-OES-A will now be used as time server.
24. Press Ins.
25. Scroll down to the end of the file and put a comment sign (#) in front of the
following line:
server 172.17.8.101
26. Save the file and leave the editor by pressing Esc and then entering :wq.
27. At the shell prompt, enter rcntp restart.
28. Close all open windows on the desktop of DA-OES-A.
(End of Exercise)
Install and Configure Novell Open Enterprise Server 2 for Linux
SECTION 2 Install and Configure Novell Open Enterprise

Server 2 for Linux

■ “Install Novell Open Enterprise Server 2” on page 2-2
In this exercise, you install Novell Open Enterprise Server as an add-on product
on DA-OES-B and integrate it into the DA-TREE.
■ “Use evmsgui and nssmu” on page 2-5
In this exercise, you learn how to use evmsgui to create a regular Linux partition
and nssmu to create an NSS pool and volume.
Exercise 2-1 Install Novell Open Enterprise Server 2
In this exercise, you install Novell Open Enterprise Server 2 SP1 as an add-on
product on DA-OES-B. During the installation process, you will integrate this server
into the existing DA-TREE.
Do the following:
1. Verify that your DA-OES-A virtual server is running.
2. Open your DA-OES-B virtual server in VMware and power it on.
Wait while the virtual machine boots.
3. Log in to DA-OES-B as geeko with a password of novell.
4. Open a terminal window and use the su - command to switch to the root user
account.
6. Open the /etc/resolv.conf file in vi and make sure the nameserver entry points to
172.17.8.102; as shown below:
Figure 2-1
Change the entry if needed; then save the file and exit vi.
7. On DA-OES-B, start YaST by entering yast2.
8. In YaST, select Software > Add-on Product.
9. In the Add-On Product Media dialog, mark CD; then select Next.
10. When prompted, to insert the add-on product CD, do the following:
a. Select Eject.
b. Select VM > Removable Devices > CD/DVD > Settings.
c. Select Use ISO Image File, then browse to and select the
OES2-SP1-i386-CD1.iso file located in /isos/3090/.
x If your host workstation is running Windows, this file is located in C:\ISOS\3090.
d. Mark Connected; then select OK.

You should see a File Browser window open displaying the contents of the
OES 2 installation disc.
e. Close the File Browser window.
11. Select Continue.
12. Accept the license agreement; then select Next.
13. Select the following Patterns in the OES Services section:

❑ Novell Backup / Storage Management Services
❑ Novell eDirectory
❑ Novell iManager
❑ Novell Linux User Management (LUM)
❑ Novell NCP Server / Dynamic Storage Technology
❑ Novell Remote Manager (NRM)
❑ Novell Storage Services (NSS)
14. Select Accept.
15. When prompted to insert the SLES 10 SP2 installation disc, select Eject; then
configure your virtual CD/DVD drive to use the
SLES-10-SP2-DVD-i386-GM-DVD1.iso file located in your /isos directory.
16. Select OK.
Wait while the packages are installed.

17. When prompted to insert the OES 2 SP1 installation disc, select Eject; then
configure your virtual CD/DVD drive to use the OES2-SP1-i386-CD1.iso file
located in your /isos directory.
18. Select OK.
Wait while the packages are installed. This may take up to 10 minutes to
complete, depending upon the speed of your host computer system.
19. In the eDirectory Configuration - New or Existing Tree, select Existing Tree.
20. Type DA-TREE in the eDirectory Tree Name field.
21. Verify Use eDirectory Certificate for HTTPS Services and Require TLS for
Simple Binds with Password are marked; then select Next.
22. In the eDirectory Configuration - Existing Tree Information dialog, enter the
following information:
❑ IP address: 172.17.8.102 (the IP address of DA-OES-A).
❑ FDN entry for the DA-TREE admin: cn=admin,ou=SLC,o=DA
❑ Admin password: novell
The other values do not need to be changed from their default settings.
23. Select Next.
24. In the eDirectory Configuration - Local Server Configuration, make sure the
Server Context is ou=SLC.o=DA.
The other values do not need to be changed from their default settings.
25. Select Next to continue.
26. In the eDirectory Configuration - NTP and SLP dialog, enter the IP address of the
NTP server, 172.17.8.102.
27. Select Use Multicast to Access SLP; then select Next.
28. Confirm the warning regarding this SLP setting by selecting Yes.
29. In the Novell Modular Authentication Service dialog, accept the default selections
by selecting Next.
30. In the Novell Open Enterprise Server Configuration dialog, review the
configuration; then select Next to complete the configuration.
31. Wait while the services are configured and started.
x The configuration of eDirectory, iManager and other Services can take quite some time,
even on fast machines.
32. When prompted to restart eDirectory, select Yes.
select Next.
35. Close YaST.
36. Close your terminal window.
(End of Exercise)
Exercise 2-2 Use evmsgui and nssmu
In this exercise, you use evmsgui to create a regular Linux partition and nssmu to
create an NSS pool and volume. Do the following:
■ Part I: Use evmsgui to Manage Partitions and File Systems
■ Part II: Using nssmu, Create a users Volume
Part I: Use evmsgui to Manage Partitions and File Systems
Do the following:
1. Verify DA-OES-A and DA-OES-B are up and running.
2. If necessary, log in to DA-OES-B as geeko with a password of novell.
3. Open a terminal window.
4. Enter su - followed by a password of n0v3ll to switch to the root user account.
5. Enter evmsgui;
6. When prompted that the disk has not been initialized, do the following:
a. Select Yes for sdb and No for any others.
b. Select the Disks tab; then right-click on sdb and select Remove segment
manager from Object.
c. Make sure NWSegMgr sdb is highlighted; then select Remove.
d. Confirm the success message by selecting OK.
7. Add a partition table to /dev/sdb:
a. Select Actions > Add > Segment Manager to Storage Object.
b. In the Add Segment Manager to Storage Object dialog, select DOS Segment
Manager; then select Next.
c. In the Select Plugin Acceptable Objects dialog, select sdb; then select Next.
d. In the Configuration Options dialog, select Linux as disk type; then select
Add.
e. Confirm the success message by selecting OK.
8. Add a partition to /dev/sdb:
a. Select Actions > Create > Segment.
b. In the Create Disk Segment Dialog, select DOS Segment Manager; then
select Next.
c. In the Select Plugin Acceptable Objects dialog, select the sdb_freespace1
entry; then select Next.
d. In the Configuration Options dialog, enter a size of 1000 MB.
e. Leave the suggested values for Offset (0), Partition Type (Linux), Partition
Type ID (0x83), Bootable (No), and Primary Partition (Yes) unchanged and
select Create.
f. Confirm the success message by selecting OK.
9. Create an EVMS Volume in /dev/sdb1:

a. Select the Segments tab; then right-click the sdb1 entry and select Create
EVMS Volume.
b. In the Create EVMS Volume dialog, make sure that sdb1 is selected and type
data into the Name field.
c. Continue by selecting Create.
d. Confirm the success message by selecting OK.
10. Create a file system within the EVMS Volume:
a. Select Actions > File System > Make.
b. In the Make File System dialog, select Ext2/3 File System Interface Module;
then select Next.
c. In the Select Plugin Acceptable Objects dialog, select the /dev/evms/data
entry; then select Next.
d. In the Configuration Options dialog, type data into the Volume Label field;
then continue by selecting Make.
e. Confirm the dialog that informs you that the operation will complete when the
changes are saved by selecting OK.
11. Write the changes to disk by doing the following:
a. select the Save button in evmsgui.
b. Select Save in the dialog that appears.
12. Mount the newly created file system:
a. Select Actions > File System > Mount.
b. In the Mount File System dialog, make sure /dev/evms/data is selected.
c. Type /data in the Mount Point field.
d. Mount the file system by selecting Mount.
x If the mount point doesn’t exist, it will be created automatically.
e. Confirm the success message by selecting OK.

13. Close evmsgui by selecting Actions > Quit.
14. In the terminal window, enter mount and view the output.
You should see that /dev/evms/data is mounted on /data and formatted with the
ext3 file system, as shown below:
Figure 2-2
Part II: Using nssmu, Create a users Volume
1. In the terminal window, enter nssmu.

2. Using the arrow keys, highlight the Pools entry and press Enter.
3. Press the Insert key and type users_pool as the pool name; then press Enter.
4. Highlight the sdb entry and press Enter.
5. Type 2000 as the size in MB; then press Enter.
After a few moments, the users_pool is displayed in the pool information.
6. Press Esc to return to the nssmu main menu.
7. Using the arrow keys, highlight the Volumes entry and press Enter.
8. Press the Insert key and enter users as the volume name.
9. In the Encryption dialog, press n.
10. Make sure the users_pool is selected and press Enter.
Information for the users volume is displayed in the Logical Volume Information
pane, as shown below:
Figure 2-3
11. Press Esc twice to return to the main menu and quit nssmu.
(End of Exercise)
Find Support for OES 2 Linux Issues
SECTION 3 Find Support for OES 2 Linux Issues
There are no exercises in this section of the Workbook.
Maintaining and Troubleshooting OES 2 for Linux
SECTION 4 Maintaining and Troubleshooting OES 2 for Linux

■ “Backing Up SLES System Settings” on page 4-2
In this exercise, you practice backing up SLES system settings from your
DA-OES-A server using the YaST System Backup module.
■ “Using SMS to Back Up Volume Data” on page 4-4
In this exercise, you practice backing up the DATA and APPS volumes on your
DA-OES-A server, using SMS and nbackup on DA-OES-B.
Exercise 4-1 Backing Up SLES System Settings
In this exercise, you practice backing up SLES system settings from your DA-OES-A
server using the YaST System Backup module. To do this, complete the following:
1. If necessary, boot your DA-OES-A and DA-OES-B virtual servers.
2. Log in to your DA-OES-A virtual server desktop as geeko with a password of
novell.
3. From the server desktop, start the YaST System Backup module by selecting
Computer > YaST.
5. In YaST, select System > System Backup.
6. Create a profile by selecting Profile Management > Add.
7. When prompted to provide a name for the profile, enter DA-OES-A_Backup;
then select OK.
Figure 4-1
8. In the File Name field, enter /root/DA-OES-A_backup.

9. Verify that Local File is marked.
10. Verify that Create Backup Archive is marked.
11. Verify that tar with tar-gzip subarchives is selected in the Archive Type
drop-down list.
12. Select Next.
Figure 4-2
13. Verify the following options are marked:

❑ Back Up Files Not Belonging to Any Package
❑ Check MD5 Sum Instead of Time or Size
14. In the Archive Description field, type SLES System Backup of DA-OES-A and
press Enter.
15. Select Next.
16. In the Search Constraints screen, select OK.
You are returned to the YaST System Backup dialog.

17. Start the backup by selecting the DA-OES-A_Backup profile and then selecting
Create Backup.
Wait while the backup runs. This will take some time to complete.
18. When your system backup is complete, select OK.
19. Close the YaST module by selecting Close.
20. Close YaST.
(End of Exercise)
Exercise 4-2 Using SMS to Back Up Volume Data
In this exercise, you practice backing up the DATA and APPS volumes on your
DA-OES-A server, using SMS and nbackup on DA-OES-B.

■ Part I: Verify that SMS Is Installed
■ Part II: Configure smdrd and tsafs
■ Part III: Use nbackup to Back Up the DATA and APPS Volumes
Part I: Verify that SMS Is Installed
The first task you need to complete is to verify that SMS is installed on your servers.
Do the following:
novell.
3. From the server desktop of DA-OES-A, select Computer > YaST.
6. Verify that Novell Backup / Storage Management Services is marked with a
blue check mark (indicating that the service is installed).
7. (Conditional) If Novell Backup / Storage Management Services is not marked,
mark it and select Accept. Otherwise, select Cancel.
select Next.
9. Close YaST.
10. Repeat this process to verify that SMS has been installed on DA-OES-B.
Part II: Configure smdrd and tsafs
The next task you need to complete is to configure the smdrd daemon on DA-OES-B
and DA-OES-A. You also need to configure the tsafs TSA on DA-OES-B. Do the
following:
1. Configure the smdrd daemon on DA-OES-B by doing the following:
a. On your server desktop, select Computer > Firefox.
b. Open https://da-oes-b.digitalairlines.com/nps/iManager.html.
c. Log in to the DA-TREE as admin.SLC.DA with a password of novell.
d. Expand SMS Backup and Restore.
e. Select SMDR Options.
f. In the Server field, browse to and select DA-OES-B.SLC.DA; then select OK.
g. Configure the following options:

❑ Supported Protocols: Verify that TCP/IP is marked.
❑ IP Address: Verify that 172.17.8.104 is listed.
❑ Discovery Mechanisms: Verify that SLP and HOSTS/DNS are
marked.
❑ Discover Order: Move HOSTS/DNS to the top of the list by selecting
this option and then selecting the Up Arrow icon.
h. Select OK.
i. When prompted that the settings were applied, select OK.
2. Configure the smdrd daemon on DA-OES-A by doing the following:
a. Under SMS Backup and Restore, select SMDR Options.
b. In the Server field, browse to and select DA-OES-A.DEL.DA; then select
OK.
c. Configure the following options:
❑ Supported Protocols: Verify that TCP/IP is marked.
❑ IP Address: Verify that 172.17.8.102 is listed.
❑ Discovery Mechanisms: Verify that SLP and HOSTS/DNS are
marked.
❑ Discover Order: Move HOSTS/DNS to the top of the list by selecting
this option and then selecting the Up Arrow icon.
d. Select OK.
e. When prompted that the settings were applied, select OK.
3. Configure the tsafs TSA on DA-OES-A by doing the following:
a. Under SMS Backup and Restore, select TSAFS Options.
b. In the Server field, browse to and select DA-OES-A.
c. Configure the following options, as appropriate:
❑ TSA Mode: Verify that this parameter is set to Linux.
❑ Read Buffer Size: Verify that this parameter is set to 65536.
❑ Read Threads Per Job: Verify that this parameter is set to 4.
❑ Read Thread Allocation: Verify that this parameter is set to 100.
❑ Read Ahead Throttle: Set this parameter to 10.
❑ Cache Memory Threshold: Set this parameter 20.
❑ Enable Caching: Verify that this option is marked.
❑ Enable Clustering: Deselect this option.
d. Select OK.
e. When prompted that the settings have been changed, select OK.
Part III: Use nbackup to Back Up the DATA and APPS Volumes
With the smdrd daemon and the tsafs TSA configured, you can now use the nbackup
utility to back up the DATA and APPS volumes on DA-OES-A.
Do the following:
1. Switch to DA-OES-B and, if necessary, log in as geeko with a password of novell.
2. From the desktop of DA-OES-B, select Computer > Gnome Terminal.
3. Switch to your root user account using the su - command and a password of n0v3ll.
4. At the shell prompt. enter cd /opt/novell/sms/bin.
5. Back up the DATA volume on DA-OES-A by entering the following command at
the shell prompt (all on one line):
./nbackup -cvf /root/DATAbackup.sidf -U admin --target-type=linux
-R da-oes-a.digitalairlines.com /novell/volumes/DATA/
6. When prompted for a password, enter novell.
The backup takes place. When complete, output similar to the following should
be displayed:
Figure 4-3
You will see two errors in the output for the following files:
❑ voldata.tdf
❑ ._NETWARE
These files are system files and can’t be backed up. You can safely ignore these
errors. You can view details about the errors in the /root/DATAbackup.warn
file.
x If you see errors other than these, it’s likely that the admin eDirectory user has not been
made the owner of the /novell/volumes/DATA and /novell/volumes/APPS directories. Use
the ls -l /novell/volumes/ command to check this. If root (or some other user) is the owner
of these two directories, you can enter chown admin /novell/volumes/APPS and chown
admin /novell/volumes/DATA to fix the problem. Then rerun the nbackup command
above.
7. Back up the APPS volume on DA-OES-A by entering the following command at

the shell prompt (all on one line):
./nbackup -cvf /root/APPSbackup.sidf -U admin --target-type=linux
-R da-oes-a.digitalairlines.com /novell/volumes/APPS/
8. When prompted for a password, enter novell.
The backup takes place. When complete, output similar to the following should
be displayed:
Figure 4-4
(End of Exercise)
Using Dynamic Storage Technology
SECTION 5 Using Dynamic Storage Technology

■ “Shadowing an NCP Volume” on page 5-2
In this exercise, you create a shadow volume from the DATA volume by creating
a secondary storage area for the DATA volume on your DA-OES-A server.
■ “Shadowing an NSS Volume” on page 5-7
In this exercise, you create an NSS volume on DA-OES-B named DATA and
create a secondary volume for it.
■ “Creating Shadow Volume Policies” on page 5-15
In this exercise, you create shadow volume policies for the shadow volume you
created on DA-OES-B.
Exercise 5-1 Shadowing an NCP Volume
In this exercise, you create a shadow volume from the DATA volume by creating a
secondary storage area for the DATA volume on your DA-OES-A server.
Do the following:
novell.
3. Select Computer > Firefox.
4. Open a browser window and navigate to
http://da-oes-a.digitalairlines.com:8008.
5. Log in to Novell Remote Manager as admin (password novell).
6. Expand View File System; then select Dynamic Storage Technology Options.
7. Locate the DATA volume under Volume Information.
8. Next to DATA, select Add Shadow.
9. Select Add Shadow Volume.
Figure 5-1
10. In the Shadow Path field, type /novell/volumes/DATA_SHADOW.
x For classroom purposes, you are creating the shadow on the same device as the primary
storage area. In a production environment, you could leverage the benefits of DST by
placing the primary storage and secondary storage areas on different devices, based upon
your implementation scenario.
11. Mark Create If Not Present.
12. Select Create.
The volume’s Share Information screen is displayed, showing the file system
paths for the primary storage area and the secondary storage area.
13. Explore the directory structure of the primary and secondary storage areas by
doing the following:
a. At the server desktop of DA-OES-A, select Computer > Gnome Terminal.
b. Change to your root user account by entering su - and entering a password of
n0v3ll at the shell prompt.
c. Change to the primary storage area by entering cd /novell/volumes/DATA at
the shell prompt.
d. Enter ls at the shell prompt.
The output should look similar to the following:
Figure 5-2
e. Change to your secondary storage area by entering

cd /novell/volumes/DATA_SHADOW followed by ls at the shell prompt.
You should see the following:
Figure 5-3
Notice the ._DUPLICATE_FILES directory that has been created to handle

duplicate file conflicts.
Notice that the files and directories from the primary storage area haven’t
been migrated yet. You need to establish shadow volume policies to
configure how files are to be spread between the primary and secondary
storage areas.
f. At the shell prompt, enter ncpcon shadow DATA operation=lp to view a
listing of files in the primary storage area.
You should see an output similar to the following:
Figure 5-4
g. At the shell prompt, enter ncpcon shadow DATA operation=ls to view a

listing of files in the secondary storage area.
You should see an output similar to the following:
Figure 5-5
14. Create a file in the primary storage area and shift it to the secondary storage area
by doing the following:
a. If necessary, power on your DA-SLED virtual workstation.
b. If necessary, log in to your DA-SLED workstation as geeko with a password
of novell.
c. Right-click the N icon in the system tray; then select Novell Login.
d. Log in to the DA-OES-A server in the DA-TREE tree from your DA-SLED
virtual workstation as kkeetch, context IS.SLC.DA, with a password of
novell.
x If you can’t connect using the server’s dn, as listed above, you can use its IP address:
172.17.8.102.
e. Right-click the N icon in the system tray; then select Novell Map Directory.
f. Map network drive G in /home/geeko to \\DA-OES-A\DATA:IS_Shared\.
g. Select OK when the drive mapping is complete.
h. Double-click geeko’s Home on the desktop.

You should see a directory named G in your home folder that is mapped to
DATA:IS_Shared on DA-OES-A, as shown below:
Figure 5-6
i. Double-click the G mapped directory.

j. Right-click in the right pane and select Create Document > Empty File.
k. Name the file TestFile.txt.
l. Right-click TestFile.txt; then select Open with “OpenOffice.org Writer.”
m. Enter some text of your own choosing in the file.
n. Save your changes to the file and exit OpenOffice.
o. Switch back to your DA-OES-A virtual server.
p. At the shell prompt, enter ncpcon shadow DATA operation=lp to view a
listing of files in the primary storage area.
You should see the TestFile.txt file in the IS_Shared directory, as shown
below:
Figure 5-7
q. Shift the TestFile.txt file in IS_Shared from the primary storage area to the
secondary storage area by entering ncpcon shift
“DATA:IS_Shared\TestFile.txt” shadow at the shell prompt.
r. At the shell prompt, enter ncpcon shadow DATA operation=ls to view a

listing of files in the secondary storage area.
The TestFile.txt file is now stored in the secondary storage area, as shown
below:
Figure 5-8
s. If necessary, use the cd command to change to the

/novell/volumes/DATA_SHADOW directory on DA-OES-A.
t. At the shell prompt, enter ls.
You should see the IS_Shared directory in the secondary storage area, as
shown below:
Figure 5-9
u. Switch back to your DA-SLED virtual workstation.

v. If necessary, browse back to your G mapped directory in your home directory.
w. Select Reload in the menu bar.
You should see no change in the file because DST provides a unified
directory tree view, regardless of where a file resides in the shadow volume.
x. Close all open windows on the DA-SLED workstation and log out from the
DA-TREE eDirectory tree.
(End of Exercise)
Exercise 5-2 Shadowing an NSS Volume
In this exercise, you create an NSS volume on DA-OES-B named DATA and create a
secondary volume for it.
Complete the following tasks:

■ Part I: Create NSS Volumes for Shadowing on DA-OES-B
■ Part II: Configure NCP/NSS Bindings for the DATA Volume
■ Part III: Create a Shadow Volume from NSS Volumes
■ Part IV: Copy Content to the Shadow Volume
Part I: Create NSS Volumes for Shadowing on DA-OES-B
The first task you need to complete is to create the NSS volumes that will be used for
shadowing on DA-OES-B. Complete the following:
1. Verify that your DA-OES-A and DA-OES-B virtual servers are up and running.
2. If necessary, log in to DA-OES-B as geeko with a password of novell.
3. Create pools for your volumes by doing the following:
a. At your DA-OES-B virtual server desktop, select Computer > Gnome
Terminal.
b. Use the su - command with a password of novell to switch to your root user
account.
c. At the shell prompt, enter nssmu.
d. In the nssmu Main Menu, select Pools.
e. In the Pools screen, press Ins to create a new pool.
f. When prompted to enter a new pool name, enter DATA_POOL.
g. When prompted to select a device to create the pool on, select sdb.
h. When prompted for a partition size, enter 1000.
Wait while the pool is created. When complete, details about the pool are
displayed.
i. Repeat steps d through h above to create a second pool on sdb named
SHADOW_POOL.
When complete, you should have two new pools on the device, in addition to
the one created in an earlier exercise, as shown below:
Figure 5-10
4. Create the DATA volume in the DATA_POOL pool by doing the following:
a. In the Pools menu, press Esc.
b. In the nssmu Main Menu, select Volumes.
c. Press Ins.
d. When prompted for a new volume name, enter DATA.
e. When prompted to encrypt the volume, enter N for no.
f. In the Pools menu, select DATA_POOL.
The DATA volume details are displayed, as shown below:
Figure 5-11
You may need to press F5 to refresh the display to view details about the
DATA volume.
g. Repeat steps c through f above to create a second volume named
SHADOWVOL in the SHADOW_POOL.
When you’re done, you should have two new NSS volumes, DATA and
SHADOWVOL, on DA-OES-B, as shown below:
Figure 5-12
h. Exit nssmu by pressing Esc twice.
Part II: Configure NCP/NSS Bindings for the DATA Volume
With your two volumes created, you must next disable the NCP/NSS bindings for the
SHADOWVOL NSS volume. Do the following:
1. On your DA-OES-B server desktop, select Computer > Firefox.
2. In Firefox, open http://da-oes-b.digitalairlines.com:8008.
3. Log in as admin.SLC.DA with a password of novell.
4. Select Manage NCP Services > Manage Shares.
You should see both the DATA and the SHADOWVOL volumes displayed as
NCP shares, as shown below:
Figure 5-13
You need to disable the NCP binding for the SHADOWVOL volume.
5. Under Configuration, select NCP/NSS Bindings.
Figure 5-14
6. On the SHADOWVOL line, mark No in the NCP Accessible column.

7. On the SHADOWVOL line, select Save Selection.
The NCP Shares screen is displayed. You should no longer see the
SHADOWVOL volume listed, as shown below:
Figure 5-15
Part III: Create a Shadow Volume from NSS Volumes
With the NSS volumes created and your NCP/NSS bindings configured, you can now
create a shadow volume from the DATA and SHADOWVOL volumes.
Do the following:
1. Select View File System > Dynamic Storage Technology Options.
You should see an Add Shadow link next to the DATA volume, as shown below:
Figure 5-16
2. Select Add Shadow next to the DATA volume.

3. Under Volume Tasks, select Add Shadow Volume.
4. In the Shadow Path field, enter /media/nss/SHADOWVOL.
x Remember that path and file names in the Linux file system are case sensitive!
5. Do not mark Create If Not Present.
x When shadowing NSS volumes, the secondary NSS volume must already exist.
6. Select Create.
You should now see that the SHADOWVOL path has been added as the file
system shadow path for the DATA volume, as shown below:
Figure 5-17
7. Select Dynamic Storage Technology Options under View File System.

8. Verify that the Shadow Status for the DATA volume is set to Shadowed, as shown
below:
Figure 5-18
Part IV: Copy Content to the Shadow Volume
1. If necessary, start your DA-SLED virtual workstation and log in as geeko with a
password of novell.
2. Right-click the N icon in the system tray; then select Novell Login.
3. Log in to the DA-OES-B server in the DA-TREE as admin.SLC.DA, with a
password of novell.
4. Right-click the N icon in the system tray; then select Novell Map Directory.
5. Map network drive G in /home/geeko to \\DA-OES-B\DATA:.
6. Select OK when prompted that the directory has been mapped.
7. On DA-SLED, open a terminal window and change directory to the
/home/geeko/G directory by entering cd /home/geeko/G.
8. Unpack the exercise_5-2_files.tgz archive on the geeko user’s desktop using the
following command:
tar -xzf /home/geeko/Desktop/exercise_5-2_files.tgz
9. Make trustee assignments to the folders you just copied by doing the following:
a. Open the File Browser by double-clicking geeko’s Home icon on the desktop.
b. Double-click the G directory.
c. In the File Browser window, right click Corporate_Shared; then select
Novell Properties.
d. (Conditional) If the Read-Only attribute is marked, deselect it.
e. Select the Novell Rights tab.
Figure 5-19
f. Expand eDirectory; then browse to and select the SLC.DA container.
g. Select Add.
SLC.DA is added to the list of trustees.
h. Mark the following rights for the SLC.DA container:
❑ R
❑ W
❑ E
❑ C
❑ M
❑ F
i. Select OK.
j. Repeat steps c through i above to add the following trustees to the respective
containers:
/DATA/Reservations_Shared RESERVATIONS.SLC.DA RWCEMF
10. Close all open windows on DA-SLED and log out from the DA-TREE eDirectory
tree.
11. Close all open windows on DA-OES-A and DA-OES-B.
(End of Exercise)
Exercise 5-3 Creating Shadow Volume Policies
In this exercise, you create shadow volume policies for the shadow volume you
created on DA-OES-B.
Do the following:
1. Verify that your DA-OES-A and DA-OES-B virtual servers are running.
2. If necessary, log in to your DA-OES-B server desktop as geeko with a password
of novell.
3. From the DA-OES-B server desktop, select Computer > Firefox.
4. In Firefox, open http://da-oes-b.digitalairlines.com:8008.
5. In NRM, select View File System > Dynamic Storage Technology Options.
6. Create a policy that moves all PDF image files from the primary storage area to the
secondary storage area every night starting at 6:00 PM by doing the following:
a. Select Create a New Policy.
b. In the Description field, enter PDF Files.
c. Configure the following policy parameters:
❑ Start Time: 18:00
❑ End Time: 07:00
❑ Frequency: Daily
❑ Execute Now: Enabled (marked)
❑ Command Status: Active
❑ Volume Selection: DATA
❑ Volume Operations: Move Selected Files from Primary Area to
Shadow Area
❑ Search Pattern: *.PDF
d. Select Submit.
The Dynamic Storage Technology Options screen is displayed.
Wait a few minutes for the policy to be applied. When it is applied, you
should see the number of total files moved for the PDF Files policy
increment from 0 to 12, as shown below:
Figure 5-20
7. Repeat step 6 twice to create two more polices that move the following file types
from the primary storage area to the secondary storage area every night starting at
6:00 PM:
❑ *.MP3
❑ *.WMA
8. Create a policy that moves all files that haven’t been modified for more than one
month from the primary storage area to the secondary storage area every Friday
night starting at 6:00 PM by doing the following:
a. Under Dynamic Storage Technology Policies, select Create a New Policy.
b. In the Description field, enter Old Files.
c. Configure the following policy parameters:
❑ End Time: 07:00
❑ Start Day: Friday
❑ Frequency: Weekly
❑ Execute Now: Enabled (marked)
❑ Volume Operations: Move Selected Files from Primary Area to
Shadow Area
❑ Search Pattern: *.*
❑ Time Stamp: Last Modified Time
❑ Direction: Greater Than

❑ Months: 1
d. Select Submit.
9. Create a policy that moves any files modified within the last day in the secondary
storage area to the primary storage area by doing the following:
a. Under View File System, select Dynamic Storage Technology Options.
b. Under Dynamic Storage Technology Policies, select Create a New Policy.
c. In the Description field, enter Newly Modified Files.
d. Configure the following policy parameters:
❑ End Time: 07:00
❑ Frequency: Daily
❑ Execute Now: Disabled (not marked)
❑ Volume Operations: Move Selected Files from Shadow Area to
Primary Area
❑ Search Pattern: *.*
❑ Time Stamp: Last Modified Time, Last Accessed Time, and Last
Changed Time
❑ Direction: Less Than
❑ Days: 1
e. Select Submit.
10. Verify the results of the policies by doing the following:
a. Select the Home icon (File System) in the menu bar.
b. Under File Systems, select the /media/nss/DATA link next to DATA.
c. Select the Corporate_Shared directory.
You should see that no files reside in this directory, as shown below:
Figure 5-21
d. Select the Home icon again.

e. Select the /media/nss/SHADOWVOL link next to SHADOWVOL.
f. Select the Corporate_Shared directory.
The files that used to reside in the primary storage area have been moved to
the secondary storage area, as shown below:
Figure 5-22
11. Log out of NRM.
12. Close all open windows on the desktop of DA-SLED, DA-OES-A, and
DA-OES-B.
(End of Exercise)
Administering Novell Certificate Server on OES 2 for Linux
SECTION 6 Administering Novell Certificate Server on OES 2 for

Linux

■ “Sniffing Packets with ethereal” on page 6-2
In this exercise, you use the ethereal utility on DA-OES-A to capture packets on
your network segment.
■ “Exporting a Trusted Root Certificate” on page 6-6
In this exercise, you practice exporting the trusted root certificate for DA-TREE
and importing it into your Firefox browser on your DA-SLED workstation.
■ “Recreating Server Certificates” on page 6-9
In this exercise, you practice troubleshooting Certificate Server problems by
recreating server certificates on DA-OES-A.
Exercise 6-1 Sniffing Packets with ethereal
In this exercise, you use the ethereal utility on DA-OES-A to capture packets on your
network segment.
Do the following
novell.
3. Install the ethereal package on DA-OES-A by doing the following:
a. Connect the virtual CD/DVD drive on DA-OES-A to the
SLES-10-SP2-DVD-i386-GM-DVD1.iso located in the isos directory on
your host workstation.
b. Select Computer > YaST.
c. When prompted, enter a root password of n0v3ll.
d. In YaST, select Software > Software Management.
e. In the Filter drop-down list, select Search.
f. In the Search field, enter ethereal; then select Search.
g. Mark the ethereal package and select Accept.
h. In the Automatic Changes screen, select Continue.
i. When prompted to install additional packages, select No.
j. Close YaST.
4. Capture packets on your network segment with ethereal by doing the following:
a. On the desktop of DA-OES-A, select Computer > Gnome Terminal.
b. At the shell prompt, enter su - followed by a password of n0v3ll.
c. At the shell prompt, enter ethereal.
d. Select the Show Capture Options icon (second from left).
e. Verify that the correct network board is listed in the Interface field.
f. Mark Capture Packets in Promiscuous Mode.
g. Mark Enable Network Name Resolution.
h. Select Start; ethereal starts capturing packets.
i. On DA-OES-A, select Computer > Firefox.
j. In your Firefox browser window, open http://da-oes-b.digitalairlines.com.
k. Click several of the links on the DA-OES-B home page.
l. Switch back to your ethereal application window and select Stop.
A list of captured packets similar to the list shown below is displayed:
Figure 6-1
As you can see in the figure above, each line in the output represents a single
packet. Each line lists the following information:
❑ Packet Number
❑ Timestamp
❑ Source Address
❑ Destination Address
❑ Protocol
❑ Packet Information
When you select a particular packet, its payload is displayed in the bottom
frame of the ethereal window.
For example, in the figure below, the HTTP GET request sent when a link
was clicked on the DA-OES-B home page is displayed:
Figure 6-2
As you can see in the figure above, the request was sent as clear text.
Anyone capturing the packet could read its payload.
m. Right-click on an HTTP packet and, from the menu displayed, select Follow
TCP Stream. A screen similar to the following is displayed:
Figure 6-3
n. View the content of the stream.

o. Close the Follow TCP stream window; in the main window of Ethereal select
the Clear button.
p. Select several other captured packets in the ethereal interface. Were the packet
contents sent clear text?
5. Capture packets from a secure connection by doing the following:
a. In ethereal, select the Start a New Live Capture icon (third from the left);
then select Continue Without Saving.
b. Switch back to your Firefox browser window and open
http://da-oes-b.digitalairlines.com:8008.
d. Switch back to your ethereal window and select Stop.
e. View the contents of the various packets sent between DA-OES-B and
DA-OES-A on port 8009.
f. Right-click on a packet to or from port 8009, and from the menu displayed,
select Follow TCP Stream.
You should now see that the payload of these packets is encrypted and
unreadable, as shown below:
Figure 6-4
6. Close your ethereal windows.

7. Close your Firefox window.
(End of Exercise)
Exercise 6-2 Exporting a Trusted Root Certificate
In this exercise, you practice exporting a trusted root certificate for DA-TREE and
importing it into your Firefox browser on your DA-SLED workstation.

1. Verify that your DA-OES-A and DA-OES-B virtual servers are up and running.
2. If necessary, start your DA-SLED workstation and log in as geeko with a password
of novell.
3. On DA-SLED, select Computer > Firefox.
4. Open https://da-oes-b.digitalairlines.com/nps/iManager.html.
You should see a warning screen indicating that Firefox does not recognize the
CA that issued the site’s certificate, as shown below:
Figure 6-5
5. Select Or You Can Add an Exception > Add Exception.

6. Select Get Certificate.
7. Deselect Permanently Store This Exception; then select Confirm Security
Exception.
x If you’ve previously accessed iManager or Remote Manager on DA-OES-B using Firefox

on DA-SLED and added the exception previously, you won’t see this screen.
8. Authenticate to DA-TREE as admin.SLC.DA with a password of novell.

9. Expand the Directory Administration role and select the Modify Object task.
10. In the Object Name field, browse to and select the
SSL CertificateDNS - DA-OES-B.SLC.DA object; then select OK.
11. Select the Certificates tab.
The following appears:
Figure 6-6
12. Mark the SSL CertificateDNS certificate.
13. Select Export.
The following appears:
Figure 6-7
14. In the Certificates drop-down list, select OU=Organizational CA.O=DA-TREE.
15. Deselect Export Private Key (if it is marked).
16. In the Export Format field, select DER.
17. Select Next.
18. Select Save the Exported Certificate.
19. In the Opening cert.der window, select Save File.
20. In iManager, select Close > OK.
21. In the Firefox window, select Edit > Preferences > Advanced > Encryption >
View Certificates.
22. Select the Authorities tab.
23. In the Certificate Manager window, select Import.
24. Browse to and select /home/geeko/Desktop/cert.der; then select Open.
25. In the Downloading Certificate dialog, select Trust this CA to identify web sites;
then select OK.
You should see the following:
Figure 6-8
26. Select OK > Close.
27. Close your Firefox browser window.
28. Start Firefox again and access

https://da-oes-b.digitalairlines.com/nps/iManager.html.
You should not be prompted to accept the certificate as you were earlier, as now
the authenticity of the web site is verified by the CA certificate.
29. When complete, shut down your DA-SLED virtual workstation.
(End of Exercise)
Exercise 6-3 Recreating Server Certificates
In this exercise, you practice troubleshooting Certificate Server problems by

recreating server certificates on DA-OES-A.

1. Verify that your DA-OES-A and DA-OES-B virtual servers are running.
3. Create new certificates for your DA-OES-A server by doing the following:
a. On your DA-OES-A server desktop, select Computer > Firefox.
b. In your Firefox browser window, open
c. Log in to DA-TREE as admin.SLC.DA with a password of novell.
d. In iManager, select Novell Certificate Server > Create Default Certificates.
e. In the field provided, browse to and select DA-OES-A.DEL.DA.
f. Select Next.
Figure 6-9
g. Mark the following:

❑ Yes All Default Certificates Will Be Overwritten
❑ 172.17.8.102 Current default IP Address, DNS discovered default
❑ DA-OES-A.digitalairlines.com Current default DNS Address, DNS
discovered default
h. Select Next.
i. Select Finish.
j. In the Results screen, verify all operations were successful; then select Close.
4. Export the SSL CertificateDNS certificate by doing the following:
a. If a cert.pfx file already exists on the geeko user’s desktop, delete it.
b. In iManager, select Directory Administration > Modify Object.

c. Browse to and select the SSL CertificateDNS - DA-OES-A.DEL.DA
certificate object; then select OK.
d. Select the Certificates tab.
e. Mark SSL CertificateDNS; then select Validate.
iManager should report the certificate’s status as Valid.
f. Mark SSL CertificateDNS; then select Export.
Figure 6-10
g. In the Certificates drop-down list, select SSL CertificateDNS.

h. Verify that Export Private Key and Include All Certificates in The
Certification Path if Available are marked.
i. In the Password fields, assign the private key a password of novell.
j. Select Next.
k. Select Save the Exported Certificate.
l. Download the cert.pfx file.
It is saved to /home/geeko/Desktop as cert.pfx by default.
m. Select Close > OK.
n. On DA-OES-A, select Computer > Gnome Terminal.
o. Change to your root user account by entering su - along with a password of
n0v3ll at the shell prompt.
p. At the shell prompt, enter cp /home/geeko/Desktop/cert.pfx /root.
5. Install the certificate on the DA-OES server. Do the following:
a. Extract the server key and certificates by entering the following command at
the shell prompt:
openssl pkcs12 -in /root/cert.pfx -nodes -clcerts -out /root/servcert.pem
b. When prompted for a password, enter novell.
c. At the shell prompt, enter ls -l /root.
You should see that the servcert.pem file has been created in your root
user’s home directory.
d. Extract and install the trusted root certificate by entering the following
command at the shell prompt:
openssl pkcs12 -in /root/cert.pfx -nokeys -nodes -cacerts -out
/etc/opt/novell/certs/SSCert.pem
e. When prompted, enter a password of novell.
f. At the shell prompt, enter ls -l /etc/opt/novell/certs.
You should see that a new SSCert.pem file has been created in
/etc/opt/novell/certs.
g. Install the Private Key by entering the following command at the shell prompt:
openssl rsa -in /root/servcert.pem -out /etc/ssl/servercerts/serverkey.pem
h. Install the Public Key Certificate by entering the following command at the
shell prompt:
openssl x509 -in /root/servcert.pem -out
/etc/ssl/servercerts/servercert.pem
i. Install the binary version of the Trusted Root Certificate by entering the
following command at the shell prompt:
openssl x509 -outform der -in /etc/opt/novell/certs/SSCert.pem -out
/etc/opt/novell/certs/SSCert.der
6. Verify that the new server certificates are working correctly on your DA-OES-A
server by doing the following:
a. In your Firefox browser window, open
You should see the iManager login page, as shown below:
Figure 6-11
b. Select the lock icon in the lower right corner of the Firefox window. Select the
Security tab and select View. Note the Issued On date in the Validity section.
c. Close the Firefox browser window on DA-OES-A.

d. Restart the Apache web server by entering rcapache2 restart.
e. Start the Firefox browser on DA-OES-A.
f. In your Firefox browser window, open
https://da-oes-a.digitalairlines.com/nps/iManager.html again.
g. Log in to DA-TREE as admin.SLC.DA with a password of novell.
If you are able to access iManager and log in, then the certificate files you
created and installed are working correctly.
h. Repeat step b. You should see today’s date in the Issued On line.
7. Log out of iManager and close all open windows on the server desktop.
(End of Exercise)
Configuring Storage Access Services on OES 2 for Linux
SECTION 7 Configuring Storage Access Services on OES 2 for

Linux

■ “Configuring iFolder on OES 2 for Linux” on page 7-2
In this exercise, you practice implementing iFolder on your DA-OES-B server.
■ “Implementing NetStorage on OES 2 for Linux” on page 7-21
In this exercise, you practice installing and configuring NetStorage on your
DA-OES-A server.
■ “Implementing Novell Archive and Version Services on OES 2 for Linux” on
page 7-30
In this exercise, you practice implementing Novell Archive and Version services
on your DA-OES-A server.
Exercise 7-1 Configuring iFolder on OES 2 for Linux
In this exercise, you practice implementing iFolder on your DA-OES-B server. You
need to do the following:
■ Part I: Install iFolder on DA-OES-B
■ Part II: Configure iFolder System Policies
■ Part III: Install the iFolder Client
■ Part IV: Configure Your iFolder Account
■ Part V: Create and Share an iFolder
Part I: Install iFolder on DA-OES-B
The first task you need to complete is to install iFolder on DA-OES-B.
Do the following:
2. If necessary, log in to your DA-OES-B virtual server desktop as geeko with a
password of novell.
3. If necessary, connect the virtual CD/DVD drive on DA-OES-A to the
OES2-SP1-i386-CD1.iso file located in the isos directory on your host
workstation.
4. At the desktop of your DA-OES-B server, select Computer > YaST.
5. When prompted, enter n0v3ll for your root user’s password.
7. Mark the Novell iFolder pattern.
8. Select Accept.
9. In the Changed Packages screen, select Continue.
10. In the Novell Open Enterprise Server Configuration screen, select Novell iFolder.
Figure 7-1
11. Verify that the following components are marked:

❑ iFolder Server
❑ iFolder Web Admin
❑ iFolder Web Access
12. Select Next.
Figure 7-2
13. Configure the following parameters:

❑ Name Used to Identify the iFolder System to Users: iFolder
❑ System Description: iFolder Enterprise System on DA-OES-B
❑ Path to the Server Data File (entered by default): /var/simias/data/
❑ Path to the Recovery Agent Certificates: Blank
14. Select Next.
Figure 7-3

❑ Name of iFolder Server (entered by default): DA-OES-B
❑ iFolder Public URL: http://da-oes-b.digitalairlines.com
❑ iFolder Private URL: http://da-oes-b.digitalairlines.com
❑ SSL Option for iFolder: Both
❑ iFolder Port to Listen On: 443
16. Select Next.
17. In the Directory Server Address drop-down list, select 172.17.8.104 (entered by
default).
18. Select Next.
19. When prompted to enter your admin user’s password, enter novell.
Figure 7-4

❑ The iFolder Default Administrator (entered by default):
cn=admin,ou=SLC,o=DA
❑ iFolder Admin Password (entered by default): novell
❑ Verify iFolder Admin Password (entered by default): novell
❑ LDAP Proxy User (entered by default): cn=iFolderProxy,ou=SLC,o=DA
❑ LDAP Proxy User Password: novell
❑ Verify LDAP Proxy User Password: novell
❑ LDAP Search Contexts: Use the Add button to add the following contexts to
the ou=SLC,o=DA context already listed:
❑ ou=DEL,o=DA
❑ ou=LON,o=DA
❑ LDAP Naming Attribute: cn
❑ Require a secure connection between the LDAP server and the iFolder
Server: Marked (enabled)
21. Select Next.
Figure 7-5
22. Configure the following options:

❑ An Apache Alias That Will Point to the iFolder Web Access Application
(entered by default): /ifolder
❑ The Host or IP address of the iFolder Server That Will Be Used by the
iFolder Web Access Application (entered by default): 172.17.8.104
❑ Connect to iFolder Server Using SSL: Marked (enabled)
❑ iFolder Server Port To Connect On: 443
❑ Require a Secure Connection Between the Browser and the iFolder Web
Access Application: Marked (enabled)
23. Select Next.
Figure 7-6

❑ An Apache Alias That Will Point to the iFolder Web Admin Application
(entered by default): /admin
❑ The Host or IP Address of the iFolder Server That Will Be Used by the
iFolder Web Admin Application (entered by default): 172.17.8.104
❑ Connect to iFolder Server Using SSL: Marked (enabled)
❑ iFolder Server Port To Connect On: 443
❑ Require a Secure Connection Between the Browser and the iFolder Web
Admin Application: Marked (enabled)
25. Select Next.
26. In the Novell Open Enterprise Server Configuration screen, select Next.
Wait while iFolder is configured and the installation finalized.

27. In the Installation Completed screen, select Finish.
select Next.
29. Close YaST.
30. Verify that iFolder is running correctly by doing the following:

a. On your DA-OES-B server desktop, select Computer > Firefox.
b. Select Edit > Preferences > Content.
c. In the Block Pop-Up Windows, line, select Exceptions.

d. In the Address of web site line, type .digitalairlines.com and select Allow;
then select Close > Close.
e. Open https://da-oes-b.digitalairlines.com/nps/iManager.html.
f. Log in to the DA-TREE as admin.SLC.DA with a password of novell.
g. Select iFolder 3.7 > Launch iFolder Admin Console.
Figure 7-7
h. In the iFolder Server field, enter da-oes-b.digitalairlines.com.

i. Mark Authenticate Using Current iManager Credentials; then select OK.
If your installation was successful, the iFolder Administrator is displayed:
Figure 7-8
Part II: Configure iFolder System Policies
Configure iFolder system-wide policies by doing the following:

1. Create a system policy that sets a disk quota of 250 MB and a file size limit of 4
MB, filters out music files, and sets a synchronization interval of 15 minutes by
doing the following:
a. Select the System tab in iFolder Administrator.
Figure 7-9
b. Under Disk Quota, mark Limit.

c. In the MB field, enter 250.
d. Under File Size, mark Limit.
e. In the MB field, enter 4.
f. In the Excluded Files field, enter *.mp3; then select Add.
g. Repeat step f above to exclude the following file types:
❑ *.wma
❑ *.m4a
h. Under Synchronization, mark Interval.
i. In the Minutes field, enter 15.
j. Select Save.
2. Configure a policy for the BBuchanan user that grants him a disk quota of 500 MB
and a file size limit of 10 MB by doing the following:
a. Select the Users tab.
b. Select the BBuchanan user.
Figure 7-10
c. Under Disk Quota, mark Limit.

d. In the MB field, enter 500.
e. Under File Size, mark Limit.
f. In the MB field, enter 10.
g. Select Save.
Notice that elements of the system policy which are not over-ridden by the
user policy are automatically applied to the user, as shown below:
Figure 7-11
Part III: Install the iFolder Client
With the iFolder service installed and configured, you next need to download and
install the iFolder client on your workstation. Do the following:
1. If necessary, start your DA-SLED virtual workstation.
2. Log in to DA-SLED as geeko with a password of novell.
3. Install the prerequisite packages required by the iFolder client by doing the
following:
a. Connect the virtual CD/DVD drive on your DA-SLED workstation to the
SLED-11-DVD-i586-GM-DVD1.iso file in your host systems isos directory.
c. When prompted, enter a password of n0v3ll.
d. Select Software > Software Management.
e. Search for and mark the following packages for installation:
❑ xsp
❑ dbus-1-mono
❑ gtk-sharp2-complete
❑ mono-basic
❑ mono-tools
f. Select Apply to install the packages.
g. Wait while the packages are installed.
h. When complete, close YaST.
4. To install the client software on DA-SLED, do the following:
a. Select Computer > Gnome Terminal.
b. Change to your root user’s account using the su - command and entering a
password of n0v3ll.
c. Change to the /tmp directory by entering cd /tmp at the shell prompt.
d. Extract the files from the compressed tar archive by entering tar -zxvf
/home/geeko/Desktop/ifolder3-sled11.tar.gz at the shell prompt.
e. At the shell prompt, enter cd /tmp/ifolder3-sled11/i586.
Within the /tmp/ifolder3-sled11 directory are two subdirectories. The rpms
in the i586 directory are for workstations that use 32-bit CPUs. The rpms in
the x86_64 directory are for workstations that use 64-bit CPUs.
f. At the shell prompt, enter the following command:
rpm -Uhv *
5. Restart DA-SLED by selecting Computer > Shutdown > Restart.
Wait while DA-SLED restarts.
6. When DA-SLED has restarted, log in as geeko with a password of novell.
Part IV: Configure Your iFolder Account
Next you need to start the iFolder client and configure your iFolder account. To do
this, complete the following:
1. On DA-SLED, select Computer > More Applications > System.
2. Right-click the iFolder 3 icon; then select Add to Startup Programs.
3. Select iFolder 3.
You are prompted to configure your iFolder account, as shown below:
Figure 7-12
4. Configure the iFolder client on DA-SLED for the BBuchanan user by doing the
following:
a. In the Welcome page, select Forward.
b. In the Server Address field, enter da-oes-b.digitalairlines.com; then select
Forward.
c. In the Identity page, enter the following:
❑ User Name: BBuchanan
d. Select Forward.
e. In the Verify and Connect screen, review the information you entered; then
select Connect.
f. When prompted to accept the server certificate, select Yes.
g. Deselect (unmark) Create Default iFolder; then select Next.
h. In the Congratulations screen, select Finish.
Part V: Create and Share an iFolder
With the BBuchanan iFolder account created, you next need to create an iFolder.
1. On DA-SLED, select Computer > Nautilus.
2. In geeko’s home directory, create a folder named iFolder by right-clicking in the
white space and selecting Create Folder.
3. Double-click iFolder.
4. Create a new folder in the iFolder folder named Shared.
5. Right-click the Shared folder; then select Convert to an iFolder.

Figure 7-13
6. In the Convert to an iFolder screen, select OK.

7. Switch to your iFolder window.
8. Select View > Refresh.
The Shared iFolder you just created should be displayed, as shown below:
Figure 7-14
9. Share the Shared iFolder with the ASanders user by doing the following:
a. Select the Shared iFolder in the iFolder window; then select the Share With...
icon in the toolbar.
b. In the Sharing tab, select Add.
Figure 7-15
c. Select the Amber Sanders user; then select Add.

d. Select OK.
The iFolder is now shared with ASanders.

e. Select Close.
10. Copy files to the Shared folder and synchronize the contents by doing the
following:
a. Switch to your File Browser window.
b. Browse to the /tmp/ifolder3-sled11/i586 directory.
c. Copy all of the files in this directory to /home/geeko/iFolder/Shared.
d. Switch to your iFolder window.
e. Select the Shared iFolder; then select the Synchronize Now icon in the
toolbar.
f. Switch to the Firefox window where you are logged in to the iFolder
Administration on the DA-OES-B server.
g. In the iFolder Administration window, select the iFolders tab.
h. (Conditional) If necessary, log back in as admin with a password of novell.
i. Select the Shared iFolder.
You should see the following
Figure 7-16
11. Create a new local account on DA-SLED for the Amber Sanders user by doing the
following:
a. Switch back to your DA-SLED virtual workstation.
c. When prompted, enter a root password of n0v3ll.
d. In YaST, select Security and Users > User and Group Management.
e. In the User and Group Administration screen, select Add.
Figure 7-17
f. In the User’s Full Name field, enter Amber Sanders.

g. In the Username field, enter asanders.
h. In the Password fields, enter novell.
i. Select OK.
j. In the Password warning screens, select Yes.
k. Select OK.
12. On DA-SLED, select Computer > Logout > Logout.
13. Log back in to DA-SLED as asanders with a password of novell.
x Be sure to wait for the workstation to finish logging in completely before proceeding.
14. Configure an iFolder account for Amber Sanders. Do the following:

a. On DA-SLED, select Computer > More Applications > System > iFolder 3.
You are prompted to configure an iFolder account.
b. In the Welcome page, select Forward.
c. In the Server Address field, enter da-oes-b.digitalairlines.com; then select
Forward.
d. In the Identity page, enter the following:
❑ User Name: ASanders
e. Select Forward.
f. In the Verify and Connect screen, review the information you entered; then
select Connect.
g. Accept the security certificate.
h. Deselect (unmark) Create Default iFolder; then select Next.
i. In the Congratulations screen, select Finish.
You should see the Shared iFolder that BBuchanan shared with ASanders, as
shown below:
Figure 7-18
j. Select the Shared iFolder; then select the Download icon in the toolbar.
k. Browse to the /home/asanders directory; then select Create Folder.
l. Create a folder named iFolder.
m. Select the iFolder folder; then select Download.
n. When the synchronization is complete, right-click the Shared iFolder; then
select Open.
You should see the files uploaded by BBuchanan, as shown below:
Figure 7-19
o. On DA-SLED, close your File Browser window; then log out of the ASanders
account.
(End of Exercise)
Exercise 7-2 Implementing NetStorage on OES 2 for Linux
In this exercise, you practice installing and configuring NetStorage on your

DA-OES-A server.

■ Part I: Install NetStorage on DA-OES-A
■ Part II: Add an NSS Volume to DA-OES-A
■ Part III: Create Storage Location Objects
■ Part IV: Create a Storage Location List
■ Part V: Access Files Through NetStorage
Part I: Install NetStorage on DA-OES-A
To install NetStorage, do the following:

2. If necessary, log in to your DA-OES-A virtual server desktop as geeko with a
password of novell.
workstation.
4. On the server desktop, select Computer > YaST.
5. When prompted, enter a root user password of n0v3ll.
7. Mark the Novell NetStorage pattern.
8. Select Accept.
9. When prompted to insert your SLES 10 SP2 disc, select Eject; then connect the
virtual CD/DVD drive on DA-OES-A to the
SLES-10-SP2-DVD-i386-GM-DVD1.iso file located in the isos directory on
10. Select OK.
virtual CD/DVD drive on DA-OES-A to the OES2-SP1-i386-CD1.iso file located
in the isos directory on your host workstation.
12. Select OK.
After a few minutes, the Novell Open Enterprise Server Configuration dialog
appears.
13. (Conditional) If necessary, select disabled under NetStorage to enable
reconfiguration.
14. In the Novell Open Enterprise Server Configuration screen, select NetStorage.
15. When prompted for your admin user’s password, enter novell.
Figure 7-20

❑ Authentication Domain Host: 172.17.8.102
❑ Proxy User Name with Context: cn=admin,ou=SLC,o=DA
❑ Proxy User Password: novell
❑ User Context: o=DA
17. Select Next.
18. In the Novel Open Enterprise Server Configuration screen, select Next.
Wait while the configuration is saved and the installation is finalized.

19. When the installation is complete, select Finish.
select Next.
21. Close YaST.
22. Test the configuration by doing the following:

a. On the desktop of DA-OES-A, select Computer > Firefox.
b. In the Firefox browser window, access
https://da-oes-a.digitalairlines.com/oneNet/NetStorage/
You should see the default shares of NSS_Volumes and shared, as shown
below:
Figure 7-21
d. Select the Logout icon in the toolbar.
Part II: Add an NSS Volume to DA-OES-A
Before you can create a Storage Location object for storage on DA-OES-A, you must
first add an NSS volume. Complete the following:
1. Add another storage device for NSS volumes to DA-OES-A by doing the
following:
a. In your DA-OES-A virtual server, select Computer > Shutdown >
Shutdown.
Wait while the server goes down.
c. In the VMware window, select Edit Virtual Machine Settings.
d. Select Add.
e. Select Hard Disk > Next.
f. Select Create a New Virtual Disk > Next.
g. Select SCSI > Next.
h. Set the disk size is set to 4.0 GB; then select Next > Finish.
i. Select OK.
j. In the DA-OES-A virtual machine window, select Power On This Virtual
Machine.
Wait while your virtual server boots.
k. Log in to your DA-OES-A server as geeko with a password of novell.
2. Initialize the new disk by completing the following:

a. At your DA-OES-A virtual server desktop, select Computer > Gnome
Terminal.
b. At the shell prompt, enter su - and a password of n0v3ll to switch to your root
user.
c. At the shell prompt, enter nssmu.
x You may have to wait a minute for the NSS service to start on the server before you
can enter nssmu.
d. Select Devices.
e. Select sdb.
f. Confirm the message that there are no partitions on the device by pressing
Enter.
g. Initialize the disk by pressing F3.
h. When prompted that this will destroy all data on the device, enter Y.
i. When complete, press Esc.
3. Create a pool for your volume by doing the following:
a. In the nssmu Main Menu, select Pools.
b. In the Pools screen, press Ins to create a new pool.
c. When prompted to enter a new pool name, enter VOL1_POOL.
d. When prompted to select a device to create the pool on, select sdb.
e. When prompted for a partition size, enter 1000.
Wait while the pool is created.
4. Create the VOL1 volume in the VOL1_POOL pool by doing the following:
a. In the Pools menu, press Esc.
b. In the nssmu Main Menu, select Volumes.
c. Press Ins.
d. When prompted for a new volume name, enter VOL1.
e. When prompted to encrypt the volume, enter N for no.
f. In the Pools menu, select VOL1_POOL.
The VOL1 volume details are displayed.
You may need to press F5 to refresh the details about the VOL1 volume.
g. Press Esc twice to exit nssmu.
Part III: Create Storage Location Objects
Create a Storage Location object for VOL1 on DA-OES-A and another Storage
Location object for the DATA volume on DA-OES-B by doing the following:
1. In the Firefox browser window on DA-OES-A, access
2. Authenticate to the DA-TREE as admin.SLC.DA with a password of novell.
3. Create a Storage Location object for the VOL1 volume on DA-OES-A by doing
the following:
a. Select File Access (NetStorage) > New Storage Location.
Figure 7-22
b. Enter the following parameters for the Storage Location:

❑ Object Name: VOL1Storage
❑ Display Name: VOL1 on DA-OES-A
❑ Directory Location: ncp://da-oes-a.digitalairlines.com/VOL1/
❑ Context: DEL.DA
❑ Comment: User storage on the VOL1 volume on the DA-OES-A
server.
c. Select Create.
d. When prompted that the object was created, select Repeat Task.
4. Repeat steps b through c above to create a Storage Location object that points to
the DATA volume on DA-OES-B:
❑ Object Name: DATAStorage
❑ Display Name: DATA on DA-OES-B
❑ Directory Location: ncp://da-oes-b.digitalairlines.com/DATA/
❑ Context: DEL.DA
❑ Comment: User storage on the DATA volume on the DA-OES-B
server.
5. When prompted that the object was created, select OK.
Part IV: Create a Storage Location List
Create Storage Location lists that grant users in the DEL.DA, and LON.DA
containers access to the Storage Location objects you just created by doing the
following:
1. In iManager, under File Access (NetStorage), select Assign Storage Location to
Object.
2. In the Object field, browse to and select the DEL.DA container.
3. Select OK.
4. In the Storage Location Objects field, browse to and select the DATAStorage and
VOL1Storage Storage Location objects you created earlier in the DEL.DA
container, as shown below:
Figure 7-23
5. Select OK > OK.

6. When prompted that the assignment was successful, select Repeat Task.
7. Repeat Steps 2 to 5 to assign the LON.DA container object to the same two
Storage Location objects.
8. When prompted that the assignment was successful, select OK.
9. Log out of iManager.
10. Make the LON.DA and DEL.DA containers trustees of the VOL1 and DATA
volumes by doing the following:
a. At the shell prompt on DA-OES-A, enter ncpcon rights add VOL1:
LON.DA RWCMF.
b. At the shell prompt on DA-OES-A, enter ncpcon rights add VOL1: DEL.DA
RWCMF.
c. At the shell prompt, enter ncpcon rights view VOL1:.
d. Verify that Read, Write, Create, Modify, and File Scan rights to the root
directory of the VOL1 volume were granted to the LON.DA and DEL.DA
containers.
e. Switch to your DA-OES-B virtual server and log in as geeko with a password
of novell.
f. Open a terminal session.
g. Change to your root user account using the su - command along with a
password of n0v3ll.
h. At the shell prompt, enter ncpcon rights add DATA: LON.DA RWCMF.
i. At the shell prompt, enter ncpcon rights add DATA: DEL.DA RWCMF.
j. At the shell prompt, enter rights view DATA:.
k. Verify that Read, Write, Create, Modify, and File Scan rights to the root
directory of the DATA volume were granted to the LON.DA and DEL.DA
containers.
Part V: Access Files Through NetStorage
After you have configured a Storage Location object and a Storage Location list,
your users can access files on your server.
Do the following:
1. In the Firefox browser on DA-OES-A, open the following URL:
https://da-oes-a.digitalairlines.com/oneNet/NetStorage/
2. In the Authentication Required window, log in as LMorgan.LON.DA with a
password of novell.
You should see the DATA and VOL1 storage locations that you associated with
the LON.DA container, as shown below:
Figure 7-24
3. On your DA-OES-A desktop, select Computer > Home Folder.
x This is done only for classroom purposes. In a production environment, you would create
your volume directory structure for your users and use trustee assignments to control
access.
4. In the File Browser window, right-click on white space in the right frame; then
select Create Document > Empty File.
5. Rename the file MyFile.txt.
6. Right-click MyFile.txt; then select Open with gedit.
7. Enter text of your choosing into the file; then select Save.
8. Select File > Quit.
9. Switch back to your Firefox window.
10. In the Firefox toolbar, select Edit > Preferences > Content.
a. In the Block Pop-Up Windows, line, select Exceptions.
b. In the Address of web site line, type .digitalairlines.com and select Allow;
then select Close > Close.
11. In the left frame, select the VOL1 on DA-OES-A storage location.
12. Select File > New Folder.
13. When prompted to name the new folder, enter Home.
14. In the left frame, select the Home directory you just created.
15. Select File > New Folder.
16. When prompted to name the new folder, enter LMorgan; then select OK.
17. In the left frame, select the LMorgan directory you just created.
18. Select File > Upload.
19. Browse to and select the /home/geeko/MyFile.txt file; then select Upload.
You should see the MyFile.txt file uploaded to the LMorgan directory as shown
below:
Figure 7-25
20. Log out of NetStorage and close your browser window.
21. Close all open windows on the desktop of DA-OES-A and DA-OES-B.
(End of Exercise)
Exercise 7-3 Implementing Novell Archive and Version Services on OES 2 for Linux
In this exercise, you practice implementing Novell Archive and Version services on
your DA-OES-A server.

■ Part I: Install Novell Archive and Version Services on DA-OES-A
■ Part II: Create an Archive Volume
■ Part III: Configure the Archive Server
■ Part IV: Configure an Archive Job
■ Part V: Retrieve Prior File Versions
Part I: Install Novell Archive and Version Services on DA-OES-A
The first task you need complete is to install the Novell Archive and Version Services
software on your archive server which, in this exercise, will be DA-OES-A. Do the
following:
2. If necessary, log in to your DA-OES-A virtual server desktop as geeko with a
password of novell.
workstation.
4. Start YaST.
6. Mark the Novell Archive and Version Services pattern.
7. Select Accept.
virtual CD/DVD drive on DA-OES-A to the OES2-SP1-i386-CD1.iso file located
in the isos directory on your host workstation.
9. Select OK.
After a few minutes, the Novell Open Enterprise Server Configuration dialog
appears.
10. In the Novell Open Enterprise Server Configuration screen, select Archive and
Version Services.
11. When prompted for your admin user’s password, enter novell.
Figure 7-26
12. In the Password fields, enter novell.
13. Select Next.
14. In the Novell Enterprise Server Configuration screen, select Next.
select Next.
17. Close YaST.
18. Open a terminal window and su - to the root account using a password of n0v3ll.
19. Start the adminfs and novell-ark daemons by entering rcadminfs start and
rcnovell-ark start.
Part II: Create an Archive Volume
Before you can configure version jobs, you must create a volume on your archive
server that will store archive data. Do the following:
1. At the shell prompt on DA-OES-A, enter nssmu.
2. Create an NSS pool for the archive volume by doing the following:
a. In the Main Menu, select Pools.
b. Create a new pool by pressing Ins.
c. When prompted, enter a pool name of ARK_POOL.
d. Select the sdb storage device.
e. When prompted, enter a partition size of 2047 for the pool.
f. Press Esc.
3. Create an archive volume in the pool you just created by doing the following:
a. In the Main Menu, select Volumes.
b. Press Ins to create a new volume.
c. When prompted, enter a volume name of ARKVOL.
d. When prompted to encrypt the volume, select No.
e. In the Pools menu, select the ARK_POOL you just created.
When complete, a screen similar to the following is displayed:
Figure 7-27
f. Press Esc.
4. Press Esc to exit nssmu.
Part III: Configure the Archive Server
The next task you need to complete is to configure the archive service on
DA-OES-A. Complete the following:
1. On your DA-OES-A server desktop, select Computer > Firefox.
2. In your Firefox browser window, access
x If you can’t access iManager on DA-OES-A, open a terminal session. Then shut down and
restart the tomcat5 and apache2 services.
3. Log in to the DA-TREE as admin.SLC.DA with a password of novell.

4. In iManager, select Archive Versioning > Archive Server Properties.
5. In the Server field, browse to and select DA-OES-A.DEL.DA.
Wait for a moment for the page to be refreshed.
6. In the Volume Path field, enter ARKVOL:/archive.
7. Review the authentication information displayed and verify that it is correct.

8. Select Apply.
9. When prompted that moving the archive volume will make existing versions
unavailable, select OK.
10. Configure default job settings for your server by doing the following:
a. Select the Default Job Settings tab.
Figure 7-28
b. Configure the following default job parameters:

❑ Copy all files the first time the job is run: marked (enabled)
❑ Server: DA-OES-A.DEL.DA
❑ Run Schedule: Every 5 Minutes
x In a production environment, you would use a much longer versioning epoch.
❑ Delete Policy: 7 Days

❑ Maximum Keep Time: 60 Days
❑ Versions: 10
❑ Keep Latest Version of Current File: Marked (enabled)
c. Select Apply to save your changes.
11. Select OK.
Part IV: Configure an Archive Job
With your archive volume and your default job settings configured, you next need to
configure an archive job for the VOL1 volume on DA-OES-A.
Do the following:
1. In iManager on DA-OES-A, select Archive Versioning > Archive Jobs.
2. In the Server field, verify that DA-OES-A.DEL.DA is selected.
3. On the Jobs tab, select New.
Figure 7-29
4. In the Name field, enter VOL1_Arc.

5. Verify that the following parameters are set:
❑ Copy all files the first time the job is run: Marked (enabled)
❑ Use Default Job’s Source Server: Marked (enabled)
❑ Mount Point field: VOL1
❑ Use Default Job’s Snapshot Pool: Not marked (disabled)
❑ Use Default Job’s Run Schedule: Marked (enabled)
❑ Use Default Job’s Delete Policy: Marked (enabled)
6. Select OK.
The job is displayed in the list of jobs, as shown below:
Figure 7-30
7. Select the Log tab.

Wait for the job to run.
When complete, you should see log messages similar to the following:
Figure 7-31
Part V: Retrieve Prior File Versions
In this part of this exercise, you make modifications to the MyFile.txt file and then
view prior file versions. Do the following:
1. LUM-enable the LMorgan.LON.DA user account by doing the following:
a. In iManager on DA-OES-A, select Linux User Management > Enable
Users for Linux.
b. In the Object Name field, browse to and select the LMorgan.LON.DA User
object.
c. Select Next.
d. Mark Create a New Linux-Enabled Group.
e. In the Group Name field, enter LUMGroup.
f. In the Context field, browse to and select LON.DA.
g. Select Next.
h. In the Unix Workstation Name field, browse to and select the following
objects:
❑ UNIX Workstation - DA-OES-B.SLC.DA
❑ UNIX Workstation - DA-OES-A.DEL.DA
i. Select OK.
j. Select Next.
k. Select Finish.
l. When prompted that the user was successfully Linux-enabled, select OK.
2. If necessary, start your DA-SLED virtual workstation.
4. If you are currently logged into the DA-TREE using the Novell Client, right-click
the N icon in the system tray; then select Novell Logout.
5. Right-click the N icon in the system tray; then select Novell Login.
6. Log in to the DA-OES-A server as LMorgan.LON.DA with a password of
novell.
7. Right-click the N icon in the system tray; then select Novell Map Directory.
8. Map directory L to the VOL1 volume on DA-OES-A.
9. When prompted that the directory has been mapped, select OK.
10. Double-click geeko’s Home on the desktop.
11. Double-click the L mapped directory.
12. Browse to the Home/LMorgan directory.
13. Right-click the MyFile.txt file; then select Open with OpenOffice.org Writer.
14. Make changes of your choice to the text of the file.
15. Save the changes to the file.
16. Select File > Quit.
17. Switch to your Firefox browser window with iManager loaded on DA-OES-A.
18. Select Archive Versioning > Archive Jobs; then select the Log tab.
19. Wait for the version job to run.
20. At the bottom of the Log tab in iManager, select the Get Newest Log Entries (two
arrows pointing to the left) icon.
You should see messages similar to the following:
Figure 7-32
21. View prior versions of the MyFile.txt file by doing the following:
a. On DA-SLED, start Firefox and access
https://da-oes-a.digitalairlines.com/oneNet/NetStorage.
b. Log in as LMorgan.LON.DA with a password of novell.
c. In the Firefox browser window, select Edit > Preferences; then select the
Content tab.
d. On the Block Pop-Up Windows line, select Exceptions.
e. In the Address of Web Site line, enter .digitalairlines.com; then select Allow.
f. Select Close > Close.
g. On the left, select VOL1 on DA-OES-A > Home > LMorgan.
h. Right-click on the MyFile.txt file; then select Archive.
i. Review the archived time stamps of the versions in the list.
j. Select the first version of the MyFile.txt file; then select Restore.
k. Select Close.
l. Double-click the geeko’s Home icon on the desktop.
m. Double-click L > Home > LMorgan.
n. Right-click the MyFile.txt file; then select Open with OpenOffice.org
Writer.
You should see that MyFile.txt has reverted to its original version.
22. Close all open windows on the desktop of DA-OES-A, DA-OES-B, and
DA-SLED.
(End of Exercise)
Implement Patches and Upgrades
SECTION 8 Implement Patches and Upgrades

■ “(Instructor Demonstration) Set Up an SMT Update Server” on page 8-2
In this exercise, your instructor configures DA-OES-A as an SMT server. Your
instructor then configures DA-OES-B as an SMT client that gets its updates from
DA-OES-A.
x A pre-recorded demonstration of this exercise is available in the Exercises directory on your

Course DVD.
Exercise 8-1 (Instructor Demonstration) Set Up an SMT Update Server
In this exercise, your instructor will demonstrate how to configure DA-OES-A as an

SMT server. Your instructor will then configure DA-OES-B as an SMT client that
gets its updates from DA-OES-A.
x Because this exercise requires a live Internet connection, a Novell Web account, and access to a
valid email account, it will be done only by your instructor.
You need to do the following:

■ Part I: (Conditional) Set Up Your Novell Customer Center Account
■ Part II: Install and Configure MySQL on DA-OES-A
■ Part III: Configure the Novell Customer Center Configuration on DA-OES-A
■ Part V: Configure SMT on DA-OES-A
■ Part VI: Configure DA-OES-B as an SMT Client
Part I: (Conditional) Set Up Your Novell Customer Center Account
Before you can set up SMT on DA-OES-A, you must have a valid account on
Novell’s Web site to access the Novell Customer Center. Do the following:
1. On your host workstation, open a Web browser and navigate to
http://www.novell.com.
2. Select Menu > Create an Account.
Figure 8-1
3. Fill out the fields provided in the form; then select Create Login to create your
Novell account.
4. Obtain a SLES 10 and an OES 2 activation code by doing the following:
a. Navigate to http://www.novell.com/download.
b. In the Product or Technology field, select Open Enterprise Server.
c. In the Version field, select Open Enterprise Server SP1.
d. Select Search.
e. Select Open Enterprise Server 2 SP1 e-Media Kit.
f. Scroll down to and select Get Activation Code.
g. Log in using the Novell user account and password you just configured.
You should see a message indicating the an activation code has been sent to
your email address.
h. Access your email account and retrieve the email messages containing your
SLES 10 and OES 2 activation codes.
x When you request an OES 2 activation code, the NCC will send you an activation code
for SLES 10 SP2 and an activation code for OES 2 SP1 in separate email messages.
Part II: Install and Configure MySQL on DA-OES-A
SMT requires the MySQL database service to be running on the server. Do the
following to install MySQL on DA-OES-A:
1. Verify that your DA-OES-A and DA-OES-B virtual machines are up and running.
SLES-10-SP2-DVD-i386-GM-DVD1.iso file located in the isos directory on
6. Select Software > Software Management.
7. In the Search field, enter mysql; then select Search.
8. Select the following packages in the right frame:
❑ mysql
❑ mysql-client
❑ mysql-shared
❑ perl-DBD-mysql
9. Select Accept.
10. In the Automatic Changes screen, select Continue.
Wait while packages are installed.

11. When prompted to install or remove more packages, select No.
12. Close YaST.
13. Select Computer > Gnome Terminal.
14. Switch to root using the su - command followed by a password of n0v3ll.
15. Start the MySQL database on the server by entering rcmysql start at the shell
prompt.
16. Configure MySQL to start automatically every time the server boots by entering
chkconfig mysql on.
17. Verify that MySQL will start automatically every time the server boots by entering
chkconfig -l mysql at the shell prompt.
You should see that MySQL will start by default in runlevels 2, 3, and 4, as
shown below:
Figure 8-2
18. Set the MySQL root user’s password by entering the following command at the
shell prompt:
mysqladmin -u root password novell
Part III: Configure the Novell Customer Center Configuration on DA-OES-A
The next task you need to complete is to configure the Novell Customer Center
configuration on DA-OES-A.
x This part of the demonstration requires a live Internet connection.
Do the following:
1. Add a bridged network adapter to DA-OES-A by doing the following:
a. At the shell prompt, enter init 0 to shut down the virtual machine.
Wait while the virtual machine shuts down.
b. When the virtual machine has shut down, select Edit Virtual Machine
Settings in the VMware window.
c. Select Add.
d. Select Network Adapter > Next.
e. Select Bridged; then select Finish.
f. Select OK.
2. Assign the new network adapter a static MAC address by doing the following:
a. Power on the DA-OES-A virtual machine.
b. When the GRUB boot menu appears, press Space to stop the timer.
c. Power off the DA-OES-A virtual machine by selecting the Power Off icon in
the VMware window toolbar.
d. In the VMware window, select File > Close to close the DA-OES-A virtual
machine.
e. Open the /vms/3090/DA-OES-A/DA-OES-A.vmx file in a text editor.
x On Windows, this file is located in C:\VMS\3090\DA-OES-A.
f. Scroll down to the ethernet1 entries at the end of the configuration file.
g. Change the line that reads ethernet1.addressType = "generated" to
ethernet1.addressType = "static"
h. Remark out the line that reads ethernet1.generatedAddressOffset = "10" by
placing a pound sign (#) at the beginning of the line.
i. Locate the ethernet1.generatedAddress line and change it to read
ethernet1.Address.
j. Set the value of the ethernet1.Address line to one of the following MAC
addresses:
❑ 00:50:56:00:00:61
❑ 00:50:56:00:00:62
❑ 00:50:56:00:00:63
❑ 00:50:56:00:00:64
❑ 00:50:56:00:00:65
❑ 00:50:56:00:00:66
❑ 00:50:56:00:00:67
❑ 00:50:56:00:00:68
❑ 00:50:56:00:00:69
❑ 00:50:56:00:00:70
❑ 00:50:56:00:00:71
❑ 00:50:56:00:00:72
❑ 00:50:56:00:00:73
❑ 00:50:56:00:00:74
❑ 00:50:56:00:00:75
x If you are working in a classroom environment, coordinate with other users to ensure
duplicate MAC addresses aren’t used.
A sample is shown below:
Figure 8-3
k. Save your changes to the file and exit the text editor.
3. Open the DA-OES-A.vmx file in VMware and power on the virtual machine.
Wait while the virtual machine boots.
4. Configure network settings for the new bridged adapter by doing the following on
DA-OES-A.
a. Log in as geeko with a password of novell.
c. When prompted, enter a password of n0v3ll.
d. Select Network Devices > Network Card.
e. Verify Traditional Method with ifup is selected; then select Next.
Figure 8-4
f. Select the unconfigured network adapter in the upper pane; then select Edit.
g. Select Automatic Address Setup (via DHCP); then select Next.
x If your network does not have a DHCP server running, configure the adapter with a
valid static IP address, subnet mask, DNS resolver address, and default router address.
h. Select Finish.
i. Open a terminal window and su - to root with a password of n0v3ll.
j. Verify that the adapter received an IP address by entering ifconfig.
You should see output similar to the following for the eth1 interface:
Figure 8-5
k. At the shell prompt, enter ping www.yahoo.com. Verify that the remote Web
server responds.
5. Switch back to the YaST window on DA-OES-A.
6. Select Software > Novell Customer Center Configuration.
7. Select the following:
❑ Configure Now
❑ Hardware Profile
❑ Optional Information
❑ Registration Code
❑ Regularly Synchronize with the Customer Center
8. Select Next.
9. In the Manual Interaction Required screen, select Continue.
Figure 8-6
10. Enter the following information:

❑ Email address: Use the same email address you used to set up your Novell
account
❑ SLES 10 SP2 activation code: Enter the SLES 10 SP2 activation code you
were sent by the NCC.
❑ OES 2 activation code: Enter the OES 2 SP1 activation code you were sent
by the NCC.
11. Select Submit.
Wait while the codes are processed.

12. When complete, select Continue.
Wait while the system is configured. This may take up to 20 minutes to

complete.
13. When prompted that the configuration was successful, select OK.
14. Leave YaST running.
Part IV: Generate Your Mirror Credentials
Before creating local mirrors of the update repositories, you need to generate your
mirror credentials from the Novell Customer Center by doing the following:
1. From your host workstation access the Novell Customer Center at
http://www.novell.com/center.
2. Log in to the NCC using your Novell user account and password.
3. Select My Products.
A list of product families is shown.
4. Expand SUSE Linux Enterprise Server.
5. Double-click SUSE Linux Enterprise Server 10.
x If multiple entries for SUSE Linux Enterprise Server 10 are listed, check the code and
match up the entry with the activation code sent to you in the email message received
earlier.
6. In the Downloads section, select the Mirror Credentials link.

7. Select Generate.
8. Record your username and password.
9. Repeat this process to generate and record your OES 2 product credentials.
Part V: Configure SMT on DA-OES-A
With the system registered, you now need to configure SMT on DA-OES-A. Do the
following:
1. In YaST, select Software > Add-On Product.
2. Select Local Directory; then select Next.
3. Select ISO Image.
4. Browse to and select the
/home/geeko/Desktop/SLES-10-SP2-SMT-BiArch-GM-CD1.iso file; then
select OK.
5. In the License Agreement screen, accept the license agreement; then select Next.
6. In the Software Installation screen, select Patterns from the Filter drop-down list.
7. Verify that SMT: Subscription Management Tool is selected, as shown below:
Figure 8-7
8. Select Accept.
9. In the Automatic Changes screen, select Continue.
10. When prompted to install more packages, select No.
The following configuration screen is displayed:
Figure 8-8
11. Configure the following:

a. Verify Enable Subscription Management Tool Service (SMT) is selected.
b. Enter your SLES 10 mirroring credentials username in the NU User field.
c. Enter your SLES 10 mirroring credentials password in the NU Password field.
d. Verify the credentials by selecting Test.
SMT will connect to the Customer Center server using the credentials
provided and download test data.
e. When prompted that the test was successful, select OK.
f. Enter the email address you used for the NCC registration in the NCC Email
Used for Registration field.
The SMT Server URL field should be automatically populated with
http://da-oes-a.digitalairlines.com.
g. Select Next.
Figure 8-9
12. In the second SMT configuration screen, configure the following:

a. In the Database Password for smt User fields, enter novell.
b. Select Add; then enter the your email address in the New Email field.
c. Select OK.
d. Select Next.
Figure 8-10
13. When prompted to enter your MySQL database root user’s password, enter novell;
then select OK.
14. In the Novell Customer Center Configuration screen, select Next.
This may take up to 30 minutes to complete.

15. When prompted that an update server has been added to your configuration, select
OK.
16. When the installation is complete, close YaST.
Part VI: Configure DA-OES-B as an SMT Client
With the update server configured, you now need to configure your DA-OES-B
server as an SMT client. Do the following:
1. Copy the clientSetup4SMT.sh file from DA-OES-A to DA-OES-B by doing the
following:
a. In the DA-OES-A VMware window, select VM > Removable Devices >
Floppy > Settings.
b. Select Use Floppy Image File; then browse to and select the floppy.flp file
located in the /vms/3090/DA-OES-A directory.
c. Select Connected; then select OK.
d. At the shell prompt on DA-OES-A, enter mount -t vfat /dev/fd0
/media/floppy.
e. At the shell prompt, enter cp

/usr/share/doc/packages/smt/clientSetup4SMT.sh /media/floppy to copy
the client setup script to the virtual floppy diskette.
f. At the shell prompt, enter umount /dev/fd0.
g. In the DA-OES-A VMware window, select VM > Removable Devices >
Floppy > Disconnect.
2. Switch to DA-OES-B.
3. Copy the setup script to the geeko user’s desktop by doing the following:
a. In the DA-OES-B VMware window, select VM > Removable Devices >
Floppy > Settings.
b. Select Use Floppy Image File; then browse to and locate the floppy.flp file
located in the /vms/3090/DA-OES-A directory.
c. Select Connected; then select OK.
d. At the shell prompt on DA-OES-B, enter mount -t vfat /dev/fd0
/media/floppy.
e. At the shell prompt, enter cp /media/floppy/clientSetup4SMT.sh
/home/geeko/Desktop to copy the client setup script from the virtual floppy
diskette.
f. At the shell prompt, enter umount /dev/fd0.
g. In the DA-OES-B VMware window, select VM > Removable Devices >
Floppy > Disconnect.
4. If you are currently logged in to DA-OES-B, select Computer > Logout >
Logout.
5. In the Login screen, select Shut Down; then enter a password of n0v3ll.
Wait while the system shuts down.
6. Select Power On This Virtual Machine.
7. In the GRUB boot menu, press Space to stop the timer.
8. In the Boot Options field, enter the following:
regurl=https://da-oes-a.digitalairlines.com/center/regsvc/
9. Select SUSE Linux Enterprise Server 10 SP2 in the GRUB menu and press
Enter to boot the system.
Wait while the system boots.
11. Open a terminal session and switch to root using the su - command followed by a
password of n0v3ll.
12. At the shell prompt, enter the following (all on one line):
/home/geeko/Desktop/clientSetup4SMT.sh
https://da-oes-a.digitalairlines.com/center/regsvc
13. When prompted to accept the certificate, enter y.
14. When prompted that the client setup is finished, register DA-OES-B by entering
suse_register at the shell prompt.
15. Switch back to DA-OES-A.
16. At the shell prompt, enter smt-list-registrations.
You should see DA-OES-B listed, as shown below:
Figure 8-11
At this point, you would wait for the scheduled SMT jobs to take place to update
both DA-OES-A and DA-OES-B.
17. Wait about 5 minutes; then check your email account.
You should see two messages from the Novell Customer Center. When you open
these messages, you should see a link that allows you to activate SLES 10 and
OES 2 on DA-OES-B, as shown below:
Figure 8-12
18. Select one of the links presented in the email messages to activate DA-OES-B.
19. If necessary, log in to the NCC using your Novell username and password.
20. Select Needs Activation; then double-click DA-OES-B.
21. Scroll down to the Registered Software heading.
22. Select Activate under SUSE Linux Enterprise Server 10.
23. Enter your SLES 10 activation code, sent to you previously; then select Activate
> Yes.
24. Under My Groups, select Evaluation; then double-click DA-OES-B again.
25. Under Novell Open Enterprise Server 2 (OES), select Activate.
26. Enter your OES 2 activation code, sent to you previously; then select Activate >
Yes.
At this point, your SMT configuration is working correctly. You would now
leave the systems running and let the SMT service keep DA-OES-A and
DA-OES-B up to date according to the configured job schedule, which occurs at
12:33 am (by default).
(End of Exercise)

Deploying Novell Open Enterprise Server 2 For Linux Workbook

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Deploying Novell Open Enterprise Server 2 For Linux Workbook

Uploaded by

Copyright:

Available Formats

Deploying Novell Open ¨

Enterprise Server 2 for Linux

SECTION 1 Migrate Services and Data from NetWare to OES 2

Exercise 1-1 Preparing Servers for a Consolidation Migration . . . . . . . . . . . . . . . . . . . . . . . 1-2

Exercise 2-1 Install Novell Open Enterprise Server 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2

SECTION 3 Find Support for OES 2 Linux Issues

SECTION 4 Maintaining and Troubleshooting OES 2 for Linux

Exercise 4-1 Backing Up SLES System Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2

SECTION 5 Using Dynamic Storage Technology

Exercise 5-1 Shadowing an NCP Volume . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2

SECTION 6 Administering Novell Certificate Server on OES 2 for Linux

Exercise 6-1 Sniffing Packets with ethereal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-2

SECTION 7 Configuring Storage Access Services on OES 2 for Linux

Exercise 7-1 Configuring iFolder on OES 2 for Linux . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-2

SECTION 8 Implement Patches and Upgrades

Exercise 8-1 (Instructor Demonstration) Set Up an SMT Update Server . . . . . . . . . . . . . . . 8-2

Check the Media in Your Student Kit

Set Up Your Practice Environment

Review the Setup Requirements

Table Intro-1 Setup Minimum Requirements

Review the Setup Diagram

Prepare Your Host Workstation

❑ VMware Workstation: Full-featured version of VMware. The software can

If you need help installing a VMware product, visit

The following is displayed:

l. When prompted, enter your root user's password.

5. If your host workstation is running Windows, do the following to configure

h. In the Subnet Mask field, enter 255.255.0.0.

Test the Virtual Machines from the Course DVD

Complete the following:

Review Exercise Guidelines

The following describes the most common conventions:

Although we rely on your familiarity with computers and computer technology to

SECTION 1 Migrate Services and Data from NetWare to OES 2

In this section of the workbook, you learn how to do the following:

Exercise 1-1 Preparing Servers for a Consolidation Migration

Part I: Prepare the Source Server

2. Power on your DA-OES-A and DA-NWVIX virtual machines.

If this is the case, do the following to synchronize time:

9. At the shell prompt, enter rcntp start.

12. Verify that time is synchronized between DA-NWVIX and DA-OES-A,

c. Press Esc to exit the View Log File screen.

Part II: Prepare the Destination Server

x If your host workstation is running Windows, this file is located in C:\ISOS\3090.

d. Mark Connected; then select OK.

11. Connect your virtual CD/DVD drive to the

14. Repeat this for the following services:

16. When prompted that the installation is complete, select Finish.

Exercise 1-2 Migrate Volumes from NetWare to OES 2 for Linux

Table 1-1 Directory Trustees Rights

/DATA/Corporate_Shared CORPORATE.SLC.DA RWCEMF

/DATA/Custsvc_Shared CUSTSVC.SLC.DA RWCEMF

/DATA/Flightops_Shared FLIGHTOPS.SLC.DA RWCEMF

/DATA/IS_Shared IS.SLC.DA RWCEMF

/DATA/Marketing_Shared MARKETING.SLC.DA RWCEMF

/APPS/ IS.SLC.DA SRWCEMFA

To migrate these volumes, complete the following:

Part I: Configure Linux User Management and NSS

You also need to configure and enable NSS.

8. Under Linux User Management, select disabled.

11. Set the following parameters in the screen displayed:

This is shown below:

12. Select Next.