<meta charset="UTF-8">
<meta name="robots" content="noindex,nofollow" />
<link rel="shortcut icon" type="image/x-icon" href="/wiki/images/favicon.ico" />
<link rel="icon" type="image/x-icon" href="/wiki/images/favicon.ico" />

<pre>
!!! Overview
Materials in the [{$pagename}] don't depend on the contents of eDirectory files. On the contrary, [encrypted data in eDirectory|NICITreeKeyProvider] depend on keys stored in [{$pagename}]. 

[{$pagename}] contain the user private keys, certificates, secret store data, and NMAS store data, will not be available if [{$pagename}] are not properly maintained. Be certain the [NICI Backup Procedures] are in-place.!! [NICI] Configuration Files
[NICI] configuration files are located in the platform specific [NICI File Locations]. The [{$pagename}] listed below are present on all platforms. Platform-specific files and other configuration details are explained the [NICI Administration Guide|http://www.novell.com/documentation/nici27x/index.html].

* nici.cfg - holds the configuration settings for [NICI].
* nicisdi.key - The actual [SDI Key] [Private Key].
* NICIFK - NICI license material for [NICI server-mode operation].
* Xmgrcfg.nif - NICI per-box unique keying material generated locally. [NICI client-mode operation] and Not used if NICIFK is present. (Created on first use of [NICI] by a privileged user)
* Xarchive.000 - [NICI] master archive. Created on first use of [NICI] by a privileged user

%%warning
[{$pagename}] are [Digitally Signed] and are partially [Encrypted]. An invalid license file (NICIFK) or a client license file (xmgrcfg.wks) renders [NICI] nonfunctional.
%%

The file xmgrcfg.wks was used in the previous versions of NICI in the client mode. It is no longer used or created with NICI v2.7.0 or later. 

[NICI] operates in a [NICI server-mode operation] by default in [NICI] v2.7.0 or later. The xmgrcfg.wks is present if you are upgrading from a previous version of [NICI]. It doesn't effect the operation of [NICI] v2.7.0 or later.

!! Multiple Instances 
We strongly recommend running each instance of eDirectory on the same host with different [UserIds] to separate their [cryptographic] materials using the host system's security mechanisms. 

Otherwise, the server based [Security Domain Infrastructure] private key will be the same for all instances.

!! [Example] Files
The nici.cfg file holds the configuration settings for [NICI].
Running &quot;cat /&lt;nici config file location&gt;nici.cfg&quot; will provide the locations for the files. Typical output is shown below:
{{{
# cat /etc/opt/novell/nici.cfg

ConfigDirectory:s:20:/var/opt/novell/nici
SharedLibrary:s:9:/opt/novell/lib/libccs2.so
DAC:b:20:a4:6f:1d:c2:29:c5:fc:a8:50:7f:fd:0c:d6:19:a6:9e:91:0f:62:0e
MkUserDir:s:28:/var/opt/novell/nici/nicimud
DAC2:b:20:f8:01:a8:26:f7:f4:12:53:92:0f:a8:42:24:7d:ce:3a:da:ed:40:83
NiciVersion:s:5:2.7.2
BuildDate:s:6:070214
NiciStrength:s:2:u0
}}}!! Typical files
The Files located at the appropriate [NICI File Locations] would be similar to:
{{{
drwx------ 2 root     root      4096 Jun 15  2011 0
drwx------ 2 john2   enduser   4096 Jun 22  2011 113100
drwx------ 2 willej  enduser   4096 May 15 13:42 118952
-rw-r--r-- 1 root     root     13440 Jun 15  2011 nicifk
-rw-r--r-- 1 root     root     13440 Mar 30  2009 nicifk.new
-rwsr-xr-x 1 root     root     17128 Mar 30  2009 nicimud
-rwsr-xr-x 1 root     root     13033 Mar 30  2009 nicimud64
-rwx------ 1 root     root    115366 Mar 30  2009 primenici
-rwx------ 1 root     root    124755 Mar 30  2009 primenici64
-r-x------ 1 root     root      2969 Mar 30  2009 set_server_mode
-r-x------ 1 root     root      2969 Mar 30  2009 set_server_mode64
-rw-r--r-- 1 root     root      1222 Jun 15  2011 xarchive.000
-rw-r--r-- 1 root     root     12024 Jun 15  2011 xmgrcfg.nif
-rw-r--r-- 1 root     root      3853 Mar 30  2009 xmgrcfg.wks

./0:
total 28
-rw-r--r-- 1 root root  2448 May 23 23:37 nicisdi.key
-rw-r--r-- 1 root root   362 Jun 15  2011 xarchive.001
-rw-r--r-- 1 root root 12289 Jun 15  2011 xmgrcfg.ks2
-rw-r--r-- 1 root root   269 Jun 10 15:33 xmgrcfg.ks3
}}}

There may also be other files which should also be backed up. The other files and sub directories would be specific to a user.

There are two other [{$pagename}] that might be present, which are used to switch [NICI server-mode operation] when programs such as [eDirectory] are installed. The files are:
* nicifk.new
** set_server_mode (Linux/UNIX) or
** set_server_mode.bat (Windows)

!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
</pre>