Network Computingwww.networkcomputing.com

This environment has produced an unusually large NDS tree, with a single container holding the 28,000 student user objects. In addition to the student containers, each of the 40 university departments controls its ow n departmental container.

What Time Is It? Obviously, servers in a large NDS environment must communicate to exchange NDS information. It is a mistake to assume that if there are no obvious problems, the servers are successfully completing these exchanges. This may not be the case--several circumstances can cause a failure of NDS communication.

One of the most important aspects of NDS communication is time synchronization. NDS information from a server out of step with the official network time will not be accepted. Therefore, it is important that your time service be configured specifically for your network and synchronized throughout.

To architect time services in NDS, you could designate a particular server as the absolute time source. However, this model provides no redundancy. We designated a committee of three central servers as primary time servers configured in SERVMAN.NLM. This committee determines the official time through averaging, preventing any single server from causing time to drift too severely.

You should configure your other servers as secondary time servers. Through the SERVMAN.NLM, we configu red our secondary time servers to stay in sync via our designated committee. This prevents any server from listening to a new or misconfigured server erroneously set up as a primary server.

To configure the primary servers, enter the appropriate server names in the "Timesync Add Time Source" screen in SERVMAN.NLM. You also must enable the option for "Timesync Configured Sources" to notify your servers to only use the time sources entered and not to listen to any time source advertised. We find the interface confusing and suggest that you double-check your configuration by editing SYS:SYSTEM\TIMESYNC.CFG.

You also should review the time status of your servers with the "TIME" console command. To check all servers in the tree, use the "Time Synchronization" choice from the main menu in DSREPAIR.NLM. In the event of a problem, your first troubleshooting step should be to check time synchr onization across all servers in the tree--not just those that hold read-write replicas.

Staying In Step Installing the most current network drivers from Novell or your NIC vendor also is important for NDS communication. Although even simple production server upgrades can represent a risk and be an inconvenience, that's no reason to avoid using the latest drivers available. Novell support staff has told us that even if no network problems are apparent, upgrading the drivers for all servers in the tree may be important for proper NDS communication.

Novell also strongly recommends that all servers in the tree run the same version of NDS NetWare Loadable Modules (NLMs). Differing versions will interoperate, but communication inefficiencies or worse may result from such a setup. Servers should be running at least version 5.06 of NDS NLM, available on Novell's Web

site (support.novell.com). The time status report mentioned above also displays the version of NDS running on each server.

To updat e the version of NDS.NLM running on a server, put the new NDS.NLM file in the system directory and at the console give the comma nd SET DSTRACE=*. (that's an asterisk followed by a period).