PreInstall Check List

Pre-Installation Check List#

Before we accept that a server is production ready, we need to make sure the server is setup properly for our use.

eDirectory related administration id's#


We need the following groups configured.
  • ndsgroup(1004)-Main eDirectory administration id group default assignment
This can be verified by:
cat /etc/passwd|grep nds
ndsuser:x:1004:1004:NDS Admin:/admin/home/ndsuser:/bin/bash


f00201461041ndsgroupRudy Givan
e01712261039ndsgroupJohn G Johnson Jr
b00328164019ndsgroupJim Willeke
e01340964020ndsgroupMike Moore
f00287964021ndsgroupWalter Hirschberg

eDirectory Software Requirements#

The following lists the software required to run eDirectory and Identity Manager 2 on Solaris. Novell supports eDirectory on the following versions of Solaris:
  • Solaris 8 on Sun SPARC (with patch 108827-20 or later)
  • Solaris 9 on Sun SPARC
  • All latest recommended set of patches available on the SunSolve Web page (http://sunsolve.sun.com).
If you do not update your system with the latest patch before installing eDirectory, you will get the patchadd error.

The following additional software packages are required:

  • SUNWbash
  • SMCgzip
  • SUNWjsnmp
  • SUNWsasnm
  • SUNWsacom
Check by:
ndsuser@ino2s021$ pkginfo -i SUNWbash  
system      SUNWbash       GNU Bourne-Again shell (bash)

At this time, Directory Engineering can support eDirectory on the following versions of Solaris:

  • Solaris 8 on Sun SPARC
  • Solaris 9 on Sun SPARC

Check by

ndsuser@ino2s021$ uname -a
SunOS ino2s021 5.9 Generic_117171-13 sun4u sparc SUNW,Sun-Fire-V440
Note: Sun is weird. The 5.9 implies Solaris 9. 5.8 would be Solaris 8.

File System Requirements.#

Each file system listed in the table below is assumed to be a separate mount point. For eDirectory, only these mount points are required:
  • /var/nds
  • /var/ndsbkup

/var/nds16 GB32 GBext3/4096eDirectory database (DIB) and log files
/var/ndsbkup16 GB32 GBstandardUsed to store backup database files for archival to tape

Check this by

df -k|grep nds
/dev/vx/dsk/SANdg/varnds 104852352 1708168 101532584     2%    /var/nds
/dev/vx/dsk/datadg/varndsbkup 71673504  268944 70288872     1%    /var/ndsbkup
The fist number is the size of the mount point.

NTP (ntpd)#

The ntpd service should be set to auto start with the server, and configured to synchronize with a standard NTP source. Use of a reliable external NTP source, such as GPS receiver, is required. Here is an example /etc/ntp.conf file
# Time sources and
# Prohibit general access to this service
restrict default ignore
# Permit time sync with time sources
# but prohibit time sources from query or modify
restrict noquery nomodify notrap
restrict noquery nomodify notrap
# Permit all access over loopback device


The sendmail process should be configured to forward mail to internal SMTP mail relays. The host currently in use is:

Any SMTP Relay that allows messages to be sent to external as well as internal e-mail addresses meets the requirement. This allows scripts on the server to send alerts to e-mail and text pagers.

See also Sendmail Config


It would be preferred to have the bash shell as the default shell for ndsuser and the eDirectory team ids.


The current version of Perl (perl5.xx.xx) is needed perform administrative functions on the server in the eDirectory tree. The following Perl modules (and their dependencies) should also be installed:
  • HTTP::Date
  • MIME::Base64
  • Net::LDAP
  • Net::LDAPS

Configuring sudo#

See Configuring sudo

More Information#

There might be more information for this subject on one of the following: ...nobody