Troubleshooting guide

ManualsBrandsRed Hat ManualsConsumer electronicsDIRECTORY SERVER 7.1 SP7 - S

Table Of Contents

Novell eDirectory 8.8 SP7 Troubleshooting Guide
About This Book
1 Resolving Error Codes
2 Installation and Configuration
- 2.1 Installation
- 2.2 Configuration
- 2.3 Upgrade
- 2.4 Multiple Instances
3 Determining the eDirectory Version Number
- 3.1 Windows
- 3.2 Linux
- 3.3 Solaris
- 3.4 AIX
4 Log Files
- 4.1 modschema.log
- 4.2 dsinstall.log
- 4.3 ndsd.log
5 Troubleshooting LDIF Files
- 5.1 Understanding LDIF
- 5.2 Debugging LDIF Files
- 5.3 Using LDIF to Extend the Schema
6 Troubleshooting SNMP
- 6.1 Traps Might Not Get Generated As Expected
- 6.2 SNMP Group Object
- 6.3 SNMP Initializing Errors
- 6.4 SNMP Subagent Does Not Start
- 6.5 LDAP SNMP Statistics Not Reported
- 6.6 SNMP Issues
- 6.7 SNMP Walk Hangs on Solaris Platform
7 iMonitor
- 7.1 Browsing for Objects Containing Double-Byte Characters in iMonitor
- 7.2 Agent Health Check on a Single-Server Tree
- 7.3 iMonitor Report Does Not Save the Records for Each Hour
- 7.4 Creation and Modification Time Stamps
- 7.5 iMonitor Issues in Older Versions of Mozilla
- 7.6 Run Report Screen Layout Not Aligned on iMonitor
- 7.7 iMonitor Displays Error -672
- 7.8 Time Stamps Displayed in Hexadecimal Format
8 iManager
- 8.1 LDAP Operations Fail After Creating a New LDAP Group Using Quick Create
- 8.2 Issues While Backing Up on Red Hat EUC in the Japanese Locale
9 Obituaries
- 9.1 Examples
  - 9.1.1 Deleting an Object
  - 9.1.2 Moving an Object
- 9.2 Impact of Stuck and Orphaned Obituaries
- 9.3 Prevention
- 9.4 Troubleshooting Tips
  - 9.4.1 Solutions
  - 9.4.2 Previous Practices
10 Migrating to Novell eDirectory
- 10.1 Migrating the Sun ONE Schema to Novell eDirectory
- 10.2 Migrating the Active Directory Schema to Novell eDirectory Using ICE
- 10.3 Migrating from OpenLDAP to Novell eDirectory
11 Schema
12 DSRepair
- 12.1 Running DSRepair on an NFS Mounted DIB on Linux
- 12.2 Running DSRepair with -R Option Hangs
- 12.3 Running DSRepair after Upgrade or Migration
13 Replication
14 Clone DIB Issues
- 14.1 Clone DIB Fails With -601 and -603 Errors
- 14.2 Clone DIB Can Fail Immediately After Offline Bulkload
- 14.3 Issue in Cloning with Enabled Encrypted Replication Feature
15 Novell Public Key Infrastructure Services
- 15.1 PKI Operations Not Working
- 15.2 LDAP Search from Netscape Address Book Fails
- 15.3 Removing the configuration of an eDirectory server that is acting as a treekey server in a multiserver tree after having moved the existing eDirectory objects to a different server fails with the error code for Crucial Replica.
- 15.4 While uninstalling the eDirectory Server holding the CA, the KMOs created on that server will be moved to another server in the tree and become invalid
16 Troubleshooting Utilities on Linux and UNIX
- 16.1 Novell Import Convert Export Utility
- 16.2 ndsconfig Utility
- 16.3 ndsmerge Utility
- 16.4 DSTrace Utility
- 16.5 ndsbackup Utility
- 16.6 Using DSRepair
  - 16.6.1 Syntax
  - 16.6.2 Troubleshooting DSRepair
- 16.7 Using DSTrace
17 NMAS on Linux and UNIX
- 17.1 Unable to Log In Using Any Method
- 17.2 The User Added Using the ICE Utility Is Unable to Log In Using Simple Password
18 Troubleshooting on Windows
- 18.1 The eDirectory for Windows Server Won’t Start
- 18.2 The Windows Server Can’t Open the eDirectory Database Files
- 18.3 SLP_NETWORK_ERROR(-23) Occurs in Windows Machines
19 Accessing HTTPSTK When DS Is Not Loaded
- 19.1 Setting the sadmin Password on Windows
- 19.2 Setting the sadmin Password on Linux, Solaris, and AIX
20 Encrypting Data in eDirectory
- 20.1 Error Messages
- 20.2 Problem With Duplicate Encryption Algorithms
- 20.3 Encryption of Stream Attributes
- 20.4 Configuring Encrypted Replication through iManager
- 20.5 Viewing or Modifying Encrypted Attributes through iManager
- 20.6 Merging Trees With Encrypted Replication Enabled Fails
- 20.7 Limber Displays -603 Error
21 The eDirectory Management Toolbox
- 21.1 Unable to Stop the eMTool Services
- 21.2 Restore gives -6020 error
22 SASL-GSSAPI
- 22.1 SASL-GSSAPI Issues
  - 22.1.1 Issue with Multiple User Objects
  - 22.1.2 Authorization ID
- 22.2 Log File
- 22.3 Error Messages
23 Miscellaneous
- 23.1 Backing Up a Container
- 23.2 Repeated eDirectory Logins
- 23.3 Enabling Event System Statistics
- 23.4 Tracking Memory Corruption Issues on Linux
- 23.5 TCP Connection not Terminating after Abnormal Logout
- 23.6 NDS Error, System Failure (-632) Occurs When Doing ldapsearch for the User Objects
- 23.7 Disabling SecretStore
  - 23.7.1 On Linux and UNIX
  - 23.7.2 On Windows
- 23.8 Viewing SLP Man Pages
- 23.9 dsbk Configuration File Location
- 23.10 SLP Interoperability Issues on OES Linux
- 23.11 ldif2dib Fails to Open the Error Log File When the DIB Directory Exists In the Custom Path
- 23.12 eDirectory Server Does Not Start Automatically in the Virtual SLES 10
- 23.13 ndsd Does Not Start After a System Crash
- 23.14 Do not Execute DSTrace With All Tags Enabled on UNIX Systems
- 23.15 LDAP is Not RFC Compliant For Anonymous Search Requests
- 23.16 Troubleshooting Ports with Custom eDirectory 8.8 Instances
- 23.17 Rebooting the Host
- 23.18 ndsd Not Listening at the Loopback Address on a Given NCP Port
- 23.19 LDAP Transaction OIDs
- 23.20 Errors -5871 and -5875 in LDAP Trace
- 23.21 NDSCons Gives -625 Error if a Tree is Renamed
- 23.22 Listening on Multiple NICs Slows Down eDirectory ldapsearch Performance
- 23.23 Unable to Limit the Number of Concurrent Users on UNIX/ Linux Platforms
- 23.24 ndsd Fails to Shut Down Due to SLP
- 23.25 eDirectory Does Not Support Symbolic Links for DIB Location

Troubleshooting LDIF Files 41

NDSAttributeTypeDescription = "(" whsp

numericoid whsp ; AttributeType identifier

[ "NAME" qdescrs ] ; name used in AttributeType

[ "DESC" qdstring ] ; description

[ "OBSOLETE" whsp ]

[ "SUP" woid ] ; derived from this other AttributeType

[ "EQUALITY" woid] ; Matching Rule name

[ "ORDERING" woid] ; Matching Rule name

[ "SUBSTR" woid ] ; Matching Rule name

[ "SYNTAX" whsp noidlen whsp ] ; Syntax OID

[ "SINGLE-VALUE" whsp ] ; default multi-valued

[ "COLLECTIVE" whsp ] ; default not collective

[ "NO-USER-MODIFICATION" whsp ] ; default user modifiable

[ "USAGE" whsp AttributeUsage ] ; default userApplications

[ "X-NDS_PUBLIC_READ" qdstrings ]

; default not public read (’0’)

[ "X-NDS_SERVER_READ" qdstrings ]

; default not server read (’0’)

[ "X-NDS_NEVER_SYNC" qdstrings ]

; default not never sync (’0’)

[ "X-NDS_NOT_SCHED_SYNC_IMMEDIATE" qdstrings ]

; default sched sync immediate (’0’)

[ "X-NDS_SCHED_SYNC_NEVER" qdstrings ]

; default schedule sync (’0’)

[ "X-NDS_LOWER_BOUND" qdstrings ]

; default no lower bound(’0’)

;(upper is specified in SYNTAX)

[ "X-NDS_NAME_VALUE_ACCESS" qdstrings ]

; default not name value access (’0’)

[ "X-NDS_NAME" qdstrings ] ; legacy NDS name

whsp ")"

The following example LDIF file adds the

title

attribute type to the schema:

1 version: 1

2 dn: cn=schema

3 changetype: add

4 attributeTypes: ( 2.5.4.12 NAME ’title’ DESC ’Standa

5 rd Attribute’ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{

6 64} X-NDS_NAME ’Title’ X-NDS_NOT_SCHED_SYNC_IMMEDIA

7 TE ’1’ X-NDS_LOWER_BOUND ’1’)

Single-Valued versus Multivalued

An attribute defaults to multivalued unless it is explicitly made single-valued. The following

example LDIF file makes title single-valued by adding the

SINGLE-VALUE

keyword after the

SYNTAX

section:

1 version: 1

2 dn: cn=schema

3 changetype: add

4 attributeTypes: ( 2.5.4.12 NAME ’title’ DESC ’Standa

5 rd Attribute’ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{

6 64} SINGLE-VALUE X-NDS_NAME ’Title’ X-NDS_NOT_SCHED

7 _SYNC_IMMEDIATE ’1’ X-NDS_LOWER_BOUND ’1’)