Troubleshooting guide
Table Of Contents
- Novell eDirectory 8.8 SP7 Troubleshooting Guide
- About This Book
- 1 Resolving Error Codes
- 2 Installation and Configuration
- 2.1 Installation
- 2.1.1 Fatal Error Occurs in Schema Sync When Installing a Second eDirectory Server into the Tree on a SLES 11 Machine
- 2.1.2 Installation Not Successful
- 2.1.3 Installation Takes a Long Time
- 2.1.4 eDirectory Install Fails for Container Administrators
- 2.1.5 NICI Installation Failed - 1497
- 2.1.6 Naming Objects
- 2.1.7 NICI Does Not Get Installed in the Server Mode on Windows
- 2.1.8 Tarball Upgrade Fails With "Cannot open or remove a file containing a running program" Error Message
- 2.1.9 Installing the Library Patches
- 2.2 Configuration
- 2.2.1 Loopback Referrals Are Returned By a Directory Server
- 2.2.2 Tree Name Lookup Failed: -632 Error While Configuring eDirectory 8.8 on Linux
- 2.2.3 Adding New Servers
- 2.2.4 Excluding the DIB directory from Backup or Antivirus Processes
- 2.2.5 eDirectory ndsconfig Displays an Error on RHEL 32-bit System
- 2.3 Upgrade
- 2.3.1 The Integrated Installer Fails to Upgrade on Windows 2003
- 2.3.2 Upgrade Fails from Prior Versions of eDirectory 8.7.3 SP9 to eDirectory 8.8 SP7
- 2.3.3 Upgrade Fails if the Mount Point Is Set to /var/opt/novell/eDirectory/ data
- 2.3.4 Upgrading eDirectory After Applying a Patch Does Not Remove the Patch Version on a Windows System
- 2.4 Multiple Instances
- 2.1 Installation
- 3 Determining the eDirectory Version Number
- 4 Log Files
- 5 Troubleshooting LDIF Files
- 6 Troubleshooting SNMP
- 7 iMonitor
- 7.1 Browsing for Objects Containing Double-Byte Characters in iMonitor
- 7.2 Agent Health Check on a Single-Server Tree
- 7.3 iMonitor Report Does Not Save the Records for Each Hour
- 7.4 Creation and Modification Time Stamps
- 7.5 iMonitor Issues in Older Versions of Mozilla
- 7.6 Run Report Screen Layout Not Aligned on iMonitor
- 7.7 iMonitor Displays Error -672
- 7.8 Time Stamps Displayed in Hexadecimal Format
- 8 iManager
- 9 Obituaries
- 10 Migrating to Novell eDirectory
- 11 Schema
- 12 DSRepair
- 13 Replication
- 14 Clone DIB Issues
- 15 Novell Public Key Infrastructure Services
- 15.1 PKI Operations Not Working
- 15.2 LDAP Search from Netscape Address Book Fails
- 15.3 Removing the configuration of an eDirectory server that is acting as a treekey server in a multiserver tree after having moved the existing eDirectory objects to a different server fails with the error code for Crucial Replica.
- 15.4 While uninstalling the eDirectory Server holding the CA, the KMOs created on that server will be moved to another server in the tree and become invalid
- 16 Troubleshooting Utilities on Linux and UNIX
- 17 NMAS on Linux and UNIX
- 18 Troubleshooting on Windows
- 19 Accessing HTTPSTK When DS Is Not Loaded
- 20 Encrypting Data in eDirectory
- 20.1 Error Messages
- 20.2 Problem With Duplicate Encryption Algorithms
- 20.3 Encryption of Stream Attributes
- 20.4 Configuring Encrypted Replication through iManager
- 20.5 Viewing or Modifying Encrypted Attributes through iManager
- 20.6 Merging Trees With Encrypted Replication Enabled Fails
- 20.7 Limber Displays -603 Error
- 21 The eDirectory Management Toolbox
- 22 SASL-GSSAPI
- 23 Miscellaneous
- 23.1 Backing Up a Container
- 23.2 Repeated eDirectory Logins
- 23.3 Enabling Event System Statistics
- 23.4 Tracking Memory Corruption Issues on Linux
- 23.5 TCP Connection not Terminating after Abnormal Logout
- 23.6 NDS Error, System Failure (-632) Occurs When Doing ldapsearch for the User Objects
- 23.7 Disabling SecretStore
- 23.8 Viewing SLP Man Pages
- 23.9 dsbk Configuration File Location
- 23.10 SLP Interoperability Issues on OES Linux
- 23.11 ldif2dib Fails to Open the Error Log File When the DIB Directory Exists In the Custom Path
- 23.12 eDirectory Server Does Not Start Automatically in the Virtual SLES 10
- 23.13 ndsd Does Not Start After a System Crash
- 23.14 Do not Execute DSTrace With All Tags Enabled on UNIX Systems
- 23.15 LDAP is Not RFC Compliant For Anonymous Search Requests
- 23.16 Troubleshooting Ports with Custom eDirectory 8.8 Instances
- 23.17 Rebooting the Host
- 23.18 ndsd Not Listening at the Loopback Address on a Given NCP Port
- 23.19 LDAP Transaction OIDs
- 23.20 Errors -5871 and -5875 in LDAP Trace
- 23.21 NDSCons Gives -625 Error if a Tree is Renamed
- 23.22 Listening on Multiple NICs Slows Down eDirectory ldapsearch Performance
- 23.23 Unable to Limit the Number of Concurrent Users on UNIX/ Linux Platforms
- 23.24 ndsd Fails to Shut Down Due to SLP
- 23.25 eDirectory Does Not Support Symbolic Links for DIB Location
14 Novell eDirectory 8.8 SP7 Troubleshooting Guide
If the
-632: Error description System failure
error message appears during installation,
exit from the installation process.
Set the
n4u.base.slp.max-wait
parameter to a larger value, such as 50, in the
/etc/opt/
novell/eDirectory/conf/nds.conf
file, then restart the installation process.
During installation, if the
Tree Name Not Found
error message is displayed, do the following:
1 Check whether multicast routing is enabled on the Solaris host that you are installing the
product on.
2 Specify the IP address of the master server of the Tree partition.
2.1.3 Installation Takes a Long Time
When you are installing eDirectory into an existing tree and the installation takes a long time to
complete, look at the DSTrace screen on the server. If the
-625 Transport failure
message
appears, you need to reset the address cache.
To reset the address cache, enter the following command at the system console:
set dstrace = *A
2.1.4 eDirectory Install Fails for Container Administrators
The eDirectory 8.8 installation program supports installations by administrators who have
supervisor rights to the container that the server resides in. In order to handle this, the first server
that eDirectory 8.8 is installed into must have supervisor rights to [Root] to extend the schema. From
that point on, subsequent servers do not have to have rights to [Root]. However, with eDirectory 8.8,
depending on the platform that eDirectory 8.8 is installed in to first, all schema might not be
extended, requiring supervisor rights to [Root] for subsequent server installations on different
platforms.
If eDirectory 8.8 will be installed on multiple platforms, make sure that you have supervisor rights to
[Root] for the first server eDirectory will be installed on for EACH platform. For example, if the first
server that eDirectory 8.8 is going to be installed on is running Linux, and eDirectory 8.8 will also be
installed on Solaris, the first server for each platform must have supervisor rights to [Root].
Subsequent servers on each platform will only have to have container administrator rights to the
container where the server is being installed.
For additional information, see solution NOVL83874 (http://support.novell.com/docs/Tids/Solutions/
10073723.html) in the Novell eDirectory 8.7.x Readme Addendum.
2.1.5 NICI Installation Failed - 1497
A message warning that the Novell International Cryptographic Infrastructure (NICI) initialization
failed means that the
NFK
file is not right. Ensure that you have the right
NFK
file. This problem might
not occur on Linux and UNIX platforms, as by default the
NFK
file is part of the NICI package.
2.1.6 Naming Objects
When you use special characters while naming objects, the -
671 No Such Parent
error message
appears. Avoid using any of the following special characters when naming objects:
\ /, * ? .