{"id":512,"date":"2012-10-17T11:10:32","date_gmt":"2012-10-17T16:10:32","guid":{"rendered":"http:\/\/www.thedarktimes.us\/wordpress\/?p=512"},"modified":"2012-10-17T11:10:32","modified_gmt":"2012-10-17T16:10:32","slug":"recreating-certificates-on-oes-migrating-to-a-new-server-and-checking-status-in-a-nutshell","status":"publish","type":"post","link":"https:\/\/www.thedarktimes.us\/wordpress\/oes2-linux\/recreating-certificates-on-oes-migrating-to-a-new-server-and-checking-status-in-a-nutshell\/%20","title":{"rendered":"Recreating Certificates on OES, migrating to a new server, and checking status (in a nutshell)"},"content":{"rendered":"

Recreating Certificates on OES, migrating to a new server, and checking status (in a nutshell)<\/strong><\/p>\n

Author Info<\/strong><\/p>\n

3 October 2012 – 11:25am
\nSubmitted by: shawniverson2<\/a><\/p>\n

Preparation <\/strong><\/p>\n

Step 1 — Become One with Your Environment<\/strong><\/p>\n

Understand and document your environment.<\/p>\n

i.e. IP Addressing, services running on old server<\/a>, eDirectory<\/a> structure, etc.<\/p>\n

This information is different in every environment.<\/p>\n

Step 2 — Be Your Environment<\/strong><\/p>\n

Fully back up your current environment.<\/p>\n

These steps vary depending on your backup solution.<\/p>\n

Step 3 — Focus and Meditate on Your Environment<\/strong><\/p>\n

Practice with OES in a test environment first until you are comfortable. A good technique is to restore\/clone your current environment into a sandbox, snapshot it, and practice upgrading until you get it right. This is also a good way to verify that restores from backup will work as well \ud83d\ude09<\/p>\n

Again, steps here vary depending on your backup and cloning solution.<\/p>\n

Execution<\/strong><\/p>\n

Step 1 — Where’s my CA?<\/strong><\/p>\n

Make sure you know where your Certificate Authority is located.<\/p>\n

A quick way to determine which server is the CA is to go to iManager<\/a> –> Novell Certificate Server<\/a> –> Configure Certificate Authority<\/p>\n

Look at the host server<\/a> entry.<\/p>\n

Step 2 — Is my CA valid?<\/strong><\/p>\n

iManager –> Novell Certificate Server –> Configure Certificate Authority –> Certificates –> Check each cert and click Validate<\/p>\n

If your CA certs are not valid, you will need to fix this before proceeding as you will not be able to generate server certificates.<\/p>\n

The procedure to fix this problem is to recreate your CA and generate new CA certificates.<\/p>\n

See How do I move the Organizational CA to another server?<\/a> under Option II for more information.<\/p>\n

Step 3 — Are my server certs valid?<\/strong><\/p>\n

iManager –> Novell Certificate Access –> Server Certificates<\/p>\n

Use the magnifying glass to select your server and validate your certificates.<\/p>\n

Step 4 — Recreating server certs (if not valid)<\/strong><\/p>\n

I highly recommend this procedure. OES scatters the certificates all over the place for many services. Updating them in eDirectory\/iManager is not enough! Why not let this script do it for you?<\/p>\n

Certificate Re-creation Script for OES1, OES2 and OES 11<\/a><\/p>\n

Step 5 — Migrating to a new server<\/strong><\/p>\n

Two methods generally exist for this. Transfer ID and Server Consolidation. Your path will depend on your unique situation and requirements.<\/p>\n

The Migration Tool Administration Guide from Novell is your friend. Download the guide from Novell for you particular version of OES.<\/p>\n

Note from step 1: If the server you are migrating from is your CA, you’ll need to migrate the CA as well! This is not covered in the guide!<\/p>\n

See How do I move the Organizational CA to another server?<\/a> Option I for more information.<\/p>\n

Step 6 — Checking status<\/strong><\/p>\n

Checking status will depend on what services you are running on your server.<\/p>\n

Tip 1:<\/strong> Check running services<\/p>\n

Using service servicename status or rcservicename status will tell you if a service is running.<\/p>\n

(Look in \/etc\/init.d for a full list of services on your server. Note that some services may be disabled.)<\/p>\n

Tip 2:<\/strong> Check your logs<\/p>\n

OES scatters logs all over the place. Here are some common places.<\/p>\n

\/var\/log
\n\/var\/opt\/novell\/log\/servicename
\n\/var\/opt\/novell\/servicename\/log<\/p>\n

Tip 3:<\/strong> Monitor your server using top for CPU<\/a>, Process, and Memory in realtime<\/p>\n

Tip 4:<\/strong> Use Remote Manager<\/p>\n

http:\/\/myservername:8008<\/a><\/p>\n

Tip 5:<\/strong> Use iMonitor for eDirectory health<\/p>\n

https:\/\/myservername:8030<\/a><\/p>\n

Tip 6:<\/strong> Monitor disk usage<\/p>\n

Use df -h from a shell<\/a>\/terminal for a quick glance<\/p>\n

Step 7 — Download the Docs for More Information<\/strong><\/p>\n

Novell keeps extensive documentation<\/a> on OES on nearly every topic related to OES. Get your copy of the documentation!<\/p>\n

 <\/p>\n

Disclaimer:<\/em><\/strong> As with everything else at Cool Solutions, this content is definitely not supported by Novell (so don’t even think of calling Support if you try something and it blows up). <\/em><\/p>\n

It was contributed by a community member and is published “as is.” It seems to have worked for at least one person, and might work for you. But please be sure to test, test, test before you do anything drastic with it<\/span>.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"

Recreating Certificates on OES, migrating to a new server, and checking status (in a nutshell) Author Info 3 October 2012 – 11:25am Submitted by: shawniverson2 Preparation Step 1 — Become One with Your Environment Understand and document your environment. i.e. IP Addressing, services running on old server, eDirectory structure, etc. This information is different in […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[50,25,29],"tags":[],"class_list":["post-512","post","type-post","status-publish","format-standard","hentry","category-oes11","category-oes2-linux","category-oes2-sp3"],"_links":{"self":[{"href":"https:\/\/www.thedarktimes.us\/wordpress\/wp-json\/wp\/v2\/posts\/512","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.thedarktimes.us\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.thedarktimes.us\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.thedarktimes.us\/wordpress\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.thedarktimes.us\/wordpress\/wp-json\/wp\/v2\/comments?post=512"}],"version-history":[{"count":1,"href":"https:\/\/www.thedarktimes.us\/wordpress\/wp-json\/wp\/v2\/posts\/512\/revisions"}],"predecessor-version":[{"id":513,"href":"https:\/\/www.thedarktimes.us\/wordpress\/wp-json\/wp\/v2\/posts\/512\/revisions\/513"}],"wp:attachment":[{"href":"https:\/\/www.thedarktimes.us\/wordpress\/wp-json\/wp\/v2\/media?parent=512"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.thedarktimes.us\/wordpress\/wp-json\/wp\/v2\/categories?post=512"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.thedarktimes.us\/wordpress\/wp-json\/wp\/v2\/tags?post=512"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}