It is recommended that you check your eDirectory* tree for SDI key consistency. If invalid keys exist they should be fixed by running SDIDIAG at the server console.
Note: The following products may not work after installing NetWare* 6.5 if the tree contains invalid SDI keys:
To validate SDI keys do the following:
If no problems are found, continue with the installation. If problems are found, follow the instructions written to the sys:system\sdinotes.txt file to resolve any configuration and key issues.
To verify that the SDI Domain Key Servers are Running NICI 2.4.2 or later:
The version must be 24212.98 or later.
We recommend that NetWare 6.5 be installed on your SDI Domain Key servers. However, this is not required. At a minimum, you must install NICI 2.4.2 or later on these servers.
If the version is earlier, you must do ONE of the following:
Note: You can download NICI version 2.4.2 from the Novell* Free Download site. Select Novell International Cryptographic Infrastructure from the Choose a Product drop-down list, then click Submit Search. NICI 2.4.2 requires eDirectory 85.1 or later.
Continue by doing the following:
To remove a server as an SDI Domain Key Server:
For example, if server1 exists in container PRV in the organization Novell within the Novell_Inc tree, you would type .server1.PRV.Novell.Novell_Inc. for servername.
To add a server as an SDI Domain Key Server:
For example, if server1 exists in container PRV in the organization Novell within the Novell_Inc tree, you would type .server1.PRV.Novell.Novell_Inc. for servername.
After completing one of the options above, rerun the SDIDIAG check command.
For more information on SDIDIAG options and operations, refer to Novell TID 10081773.
*Novell trademark. **Third-party trademark. For more information, see Legal Notices.