IBM Support

Complete LDAP / Directory Server Cleanup and Reconfigure

Troubleshooting


Problem

In some LDAP/Directory Server error recovery scenarios it is necessary to perform a complete cleanup and reconfigure. The steps below will provide complete cleanup of LDAP/Directory Server.

Resolving The Problem

A complete cleanup of the LDAP/Directory Server is many times required when other recovery / reconfigure option are unavailable or ineffective.

Notes:
1. If LDAP / Directory Server had been previously used, a restore from backup will be needed to restore data.
 
Automatic Cleanup and Reconfigure:
Run the following commands to first remove the existing LDAP instance, then reconfigure it (replace password with the password you would like to set the 'cn=Administrator' LDAP administrative ID to):
 
  RMVDIRINST INSTANCE(QUSRDIR) DLTLIB(*YES)
ADDDIRINST INSTANCE(QUSRDIR) ADMIN('cn=administrator' password) SUFFIX('DC=mysystem,DC=mycompany,DC=com')

 
Manual Cleanup and Reconfigure:
1. If currently active, end the directory server and publishing agents. On the operating system command line, type the following command:

ENDTCPSVR *DIRSRV

Press the Enter key. Then, type the following command:

WRKUSRJOB QDIRSRV

Press the Enter key.

End the QGLDPUBA and QGLDPUBE jobs
2. Clear the library used by LDAP/ Directory Server:

CLRLIB QUSRDIRDB

Delete the libraries used by LDAP/ Directory Server:

DLTLIB QUSRDIRDB
DLTLIB QUSRDIRCF
DLTLIB QUSRDIRCL
3. Clear the IFS directory used by LDAP/ Directory Server:

On the IBM i command line issue the STRQSH command. Then type the following command:

rm -rf /qibm/userdata/os400/dirsrv
4. To delete objects in QUSRSYS that store configuration information (QGLDCFG *USRSPC, and QGLDVLDL *VLDL), on the operating system command line type the following:

DLTUSRSPC QUSRSYS/QGLDCFG

DLTVLDL QUSRSYS/QGLDVLDL
5. There is a *USRQ in QDIRSRV2 that must be removed. On the operating system command line, type the following:

DLTUSRQ USRQ(QDIRSRV2/QGLDPUBQ)
6. Re-run the Directory Services ss03 exit program before starting the Configure from the GUI, where VnRnMn is the Version, Release, Modification for your operating system.

CALL QSYSDIR/QGLD03EX 'VnRnMn'

LDAP is now no longer configured.

To configure LDAP perform the following:
A) To access the Navigator for i Web GUI open a browser on your PC and direct it to http://server:2001 where server is the name of the IBM i system log in and navigate to the TCP/IP servers on the left panel
image-20230112073205-1

*Note If you are unable to access the page or get an error when accessing it please see technical doc N1018538 for requirements and solutions to the ADMIN server.


B) Right click on  Directory Server LDAP and select Configure, this will bring up the Configuration Wizard. Take the defaults on this panel and click Next.
image-20230112080427-4

C) Accept all the defaults on the next panel and click Next
image-20230112080313-3
D) Click Next accepting the default Disk Pool
image-20230112080542-5
E) On the 'Specify Administrator DN' uncheck the 'System-generated' box and set the password for 'cn=Administrator' and set a password. Then click Next.
image-20230112080709-6
F) On the 'Specify Suffixes' screen accept all the defaults and click Next.
image-20230112080956-7
G) Accept all the defaults for the ports and click Next.
image-20230112081051-8
H) Select Yes use all IP addresses or No and check which IP address you want the server to listen on and click Next.
image-20230112081229-10
I) On the 'Specify TCP/IP Preference' accept the default and click Next.
image-20230112081327-11
J) On the Summary screen review and click Finish.
image-20230112081502-12

The server will then be configured and after it is completed you should be able to start the LDAP server.

[{"Type":"MASTER","Line of Business":{"code":"LOB57","label":"Power"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SWG60","label":"IBM i"},"ARM Category":[{"code":"a8m0z0000000CJ2AAM","label":"IBM i Tivoli Directory Server"}],"ARM Case Number":"","Platform":[{"code":"PF012","label":"IBM i"}],"Version":"All Versions"}]

Historical Number

539158915

Document Information

Modified date:
12 January 2023

UID

nas8N1012689