Novell eDirectory 8.8 Troubleshooting Guide - NetIQ

More documents

Recommendations

Info

SASL-GSSAPI: Not enough memory Cause: Not enough memory to perform the specific operation. SASL-GSSAPI: Invalid Input Token Cause: Token from client is defective or invalid novdocx (en) 22 June 2009 SASL-GSSAPI: NMAS error NMAS error code Cause: This error is generated in NMAS and is an internal error. SASL-GSS: Invalid LDAP service principal name LDAP_service_principal_name Cause: The LDAP service principal name is invalid. SASL-GSS: Reading LDAP service principal key from eDirectory failed Cause: The LDAP service principal object is not created. Cause: The realm object’s master key is changed. Cause: The LDAP service principal object was not found in the subtree of the realm to which it belongs. SASL-GSS: Creating GSS context failed Cause: The time is not in sync between the client, KDC and the eDirectory servers. Cause: The key of the LDAP service principal was changed in the Kerberos database, but not updated in eDirectory. Cause: The encryption type is not supported. SASL GSSAPI: Invalid user FDN = user_FDN Cause: The user FDN provided by the client is not valid. SASL GSSAPI: No user DN is associated with principal client_principal_name Cause: A user object under the subtree is not attached with the Kerberos principal name. SASL GSSAPI: More than one user DN is associated with principal client_principal_name Cause: More than one user object under the subtree is associated with the same principal. ldap_simple_bind_s: Invalid credentials major = 1, minor =0 Cause: The cause might be the version mismatch between the ldap service principal on the KDC server and the ldap service principal on the eDirectory server. This is because every time you extract the ldap service principal key to the keytab file, the key version number gets incremented. 106 Novell eDirectory 8.8 Troubleshooting Guide
Action: Do the following: 1 Update the key in eDirectory server so that the version numbers are in sync. 2 Destroy the tickets at the client. 3 Get the TGT again for the principal. 4 Perform the ldap sasl bind operation. novdocx (en) 22 June 2009 SASL-GSSAPI 107
Page 1 and 2:
Troubleshooting Guide AUTHORIZED DO
Page 3 and 4:
Novell Trademarks Client32 is a tra
Page 5 and 6:
Contents About This Book 11 novdocx
Page 7 and 8:
10.2.1 Step 1: Perform the Schema C
Page 9 and 10:
23.7.3 On Windows . . . . . . . . .
Page 11 and 12:
About This Book This Troubleshootin
Page 13 and 14:
1Resolving Error Codes For a comple
Page 15 and 16:
2Installation and Configuration •
Page 17 and 18:
4c Edit the /etc/slpuasa.conf to ad
Page 19 and 20:
pkgadd -d NOVLniu0.pkg 4 Start eDir
Page 21 and 22:
3Determining the eDirectory Version
Page 23 and 24:
• Run iMonitor. On the Agent Summ
Page 25 and 26:
4Log Files This section contains in
Page 27 and 28:
5Troubleshooting LDIF Files The Nov
Page 29 and 30:
Component Record Delimiters Descrip
Page 31 and 32:
The Modify Change Type The modify c
Page 33 and 34:
Field newsuperior (optional) Descri
Page 35 and 36:
5.2 Debugging LDIF Files • “Ena
Page 37 and 38:
Option Base DN Scope Description Ba
Page 39 and 40:
Using the Novell Import Conversion
Page 41 and 42:
5.3.2 Adding a New Attribute To add
Page 43 and 44:
objectclasses: (2.16.840.1.113719.1
Page 45 and 46:
6Troubleshooting SNMP This section
Page 47 and 48:
SERVER test-server test-server is t
Page 49 and 50:
7iMonitor • Section 7.1, “Brows
Page 51 and 52:
8iManager • Section 8.1, “LDAP
Page 53 and 54:
9Obituaries There has been a great
Page 55 and 56: If the obituary is a Primary obitua
Page 57 and 58: • Obituaries can change states on
Page 59 and 60: 10Migrating to Novell eDirectory Th
Page 61 and 62: Option 3: Add cn to the definition
Page 63 and 64: changetype: modify delete: objectcl
Page 65 and 66: Any records that contain references
Page 67 and 68: 1Schema This section includes infor
Page 69 and 70: 12ndsrepair • Section 12.1, “Ru
Page 71 and 72: 13Replication • Section 13.1, “
Page 73 and 74: 14Clone DIB Issues • Section 14.1
Page 75 and 76: 15Novell Public Key Infrastructure
Page 77 and 78: 16Troubleshooting Utilities on Linu
Page 79 and 80: Option Description -P Replica and P
Page 81 and 82: Option Optional Schema Enhancements
Page 83 and 84: Determines the complete synchroniza
Page 85 and 86: 16.5.2 Troubleshooting ndsrepair Er
Page 87 and 88: Trace Flag DNS DRLK DVRS Descriptio
Page 89 and 90: Trace Flag Parameters Description *
Page 91 and 92: Trace Flag Parameters Description !
Page 93 and 94: 17NMAS on Linux and UNIX • Sectio
Page 95 and 96: 18Troubleshooting on Windows • Se
Page 97 and 98: 19Accessing HTTPSTK When DS Is Not
Page 99 and 100: 20Encrypting Data in eDirectory In
Page 101 and 102: Action 1. Upgrade the server to a c
Page 103 and 104: 21The eDirectory Management Toolbox
Page 105: 2SASL-GSSAPI This section discusses
Page 109 and 110: 23Miscellaneous • Section 23.1,
Page 111 and 112: These parameters are available in /
Page 113 and 114: 23.7.3 On Windows 1 Go to the novel
Page 115 and 116: 23.19 ndsd Not Listening at the Loo
show all

Novell eDirectory 8.8 Troubleshooting Guide - NetIQ

Create successful ePaper yourself

Delete template?

Save as template?