Problems : Novell eDirectory LDAP Server TLS port is not listening.
giacomo....@ailux.org
On the my server named "SERVER01", as a result of the installation of
updates, during the server restart it happens:
- In the boot log appears the message : Novell eDirectory LDAP Server TLS
port is not listening.
- In the Welcome screen not appears never user name, but it's also
possibile login using name "root".
- waiting 1 minute, ending user's session "root", in the Welcome screen
appears user "admin".
Why ??.
The My problems is, during the installations of a new server in the same
server01's tree , is not possible conneting on the eDirectory DB.
Help me
Giacomo
giacomo....@ailux.org
Rudi Synoradzki
> port is not listening.
/etc/init.d/nldap:
The script is trying for 1 minute to access the LDAP Server ports. If there
is no response within the time period, it simply echoes the error-messages.
Usually you don't have to care about, if you can connect via LDAP.
> - In the Welcome screen not appears never user name, but it's also
> possibile login using name "root".
> - waiting 1 minute, ending user's session "root", in the Welcome screen
> appears user "admin".
>
It seems that KDM is not yet finished while other processes still starting
up. But is that really a problem on a server? What happens if you connect
the server i.e. using vnc? Will you see the userlist there?
> The My problems is, during the installations of a new server in the same
> server01's tree , is not possible conneting on the eDirectory DB.
This mostly is a SLP issue as the DA does not find the root of your tree.
The most easy trick is to create /etc/hosts.nds and put the treename and
server in it. See details using "man hosts.nds". Very important is, to tail
the treename with a ".", i.e.
mytree. 192.168.1.4
(Taken out of Rick Killpack's eDirectory Field Guide)
Rudi
Giacomo Vianelli
I have used your suggestions, but nothing is changed.
Other informations for you :
- After much times (10-30 minutes) the situation not change, in fact the
result (using "nldap") is
Novell eDirectory LDAP Server TCP port is listening.
Novell eDirectory LDAP Server TLS port is not listening.
- I have observed taht the port 636 in not in LISTEN state (using netstat).
- The ndsstat -s result is :
This list shows each server found in the local database.
Building server list
Server name Local Status Local ID
.server01.ailux.UNI. Up 00008030
.SERVERBK.ailux.UNI. Up 000081f1
- The ndsstat -s result is :
Replicas of Partition : .T=UNI.
Server Name Replica Type Replica State
.CN=server01.O=ailux.T=UNI. Master On
.CN=SERVERBK.O=ailux.T=UNI. Read/Write On
- But using ndsrepair -U
The commando does not succeed to connect on SERVERBK.
Help me
Ciao
Giacomo
>>> Il Ven, Ago 25, 2006 alle 10:22 am, nel messaggio
<vbAHg.286$PP....@prv-forum2.provo.novell.com>, Rudi
Synoradzki<Ru...@nospam.com> ha scritto:
Rudi Synoradzki
could it be, that you have enabled OpenLDAP within YAST? I remember there
have been suggestions to run nldap either, which I prefer and what is
installed with eDirectory by default.
Otherwise TID 10100513 may help.
"netstat -l" usually does not show the ports but the services:
tcp 0 0 *:ldap *:* LISTEN
tcp 0 0 *:ldaps *:* LISTEN
What eDirectory version ?
What is shown on "ndldap -s" ?
Any references to find in "ndsd.log" ?
Rudi
Rudi Synoradzki
> But after updates of the serverbk (the server01 it was updated), the LDAP
> ports on the
> serverbk are not in listen.
>
Giacomo, which updates from where exactly?
- Worth a Try, as right now the major problem seems to me that server01
shows serverbk as "down".
"ndsrepair -N" on server01 to verify if this server knows serverbk. If it is
shown as down, follow the screen instructions to repair the network
address. If the servers can communicate, the serverbk should be shown as up
now. If it is still down, investigate for communication problems i.e check
all hosts-files, check the DNS entries, any filters between the servers
blocking ports etc.
Next step is then "ndsrepair -N" on serverbk, this server should get
server01 as "up" now.
If the servers talk, you can use IMonitor or dstrace to watch nds
replication, this should give a couple more information.
When replication is running fine, "nldap -u" and "nldap -l" should reload
the LDAP servers working on both servers.
Rudi
Giacomo Vianelli
>>> Il Mar, Ago 29, 2006 alle 6:21 pm, nel messaggio
<wA%Ig.3610$PP...@prv-forum2.provo.novell.com>, Rudi
Synoradzki<Ru...@nospam.com> ha scritto:
> Giacomo Vianelli wrote:
>
>> But after updates of the serverbk (the server01 it was updated), the
> LDAP
>> ports on the
>> serverbk are not in listen.
>>
> Giacomo, which updates from where exactly?
**************
The updates proposed from red carpet, after new installation (see attached
rdc.log file).
>
> - Worth a Try, as right now the major problem seems to me that server01
> shows serverbk as "down".
>
> "ndsrepair -N" on server01 to verify if this server knows serverbk. If it
> is
> shown as down, follow the screen instructions to repair the network
> address. If the servers can communicate, the serverbk should be shown as
> up
> now. If it is still down, investigate for communication problems i.e
> check
> all hosts-files, check the DNS entries, any filters between the servers
> blocking ports etc.
**************
The ndsrepair -N response is on server01 : :
Checking server: .serverbk.ailux
Checking server address in Replica ID : 2, .[Root].
ERROR: Could not connect. Error : -626
Total errors: 1
**************
The comunication network between servers is ok (use command ping, putty,
browser http ..)
>
> Next step is then "ndsrepair -N" on serverbk, this server should get
> server01 as "up" now.
>
**************
The ndsrepair -N response is on serverbk : :
Unable to connect to NDS Server. NDS server may be down
> If the servers talk, you can use IMonitor or dstrace to watch nds
> replication, this should give a couple more information.
>
> When replication is running fine, "nldap -u" and "nldap -l" should reload
> the LDAP servers working on both servers.
>
**************
The nldap -l response is on serverbk : :
NLDAP server loading / unloading utility for Novell eDirectory 8.7.3.7
v10554.24
Failed to start LDAP services.
**************
I try the ndsd start in log file /var/nds/ndsd.log found
ago 30 18:10:17 Path of Novell eDirectory configuration file /etc/nds.conf
ago 30 18:10:20 NCPShim Init Failed, error -601
I believe that the problem in NDS DB !?!
Help me
Ciao
Giacomo
Rudi Synoradzki
the 626 is really serious (query Google or Novell Support for NDS error
626).
What I would do now is:
Remove serverbk and all relating objects from your tree (TID 10010922 should
be helpful) and then remove eDirectory from serverbk (I'll guess that
ndsconfig remove will not work as your eDirectory isn't up, so
delete /etc/nds.conf and the eDirectory files - found
in /var/opt/novell/eDirectory to remove eDirectory manually).
Check iMonitor/Trace or DSTrace that everything is fine (propably ndsrepair
is required also) and then reinstall eDirectory on serverbk again.
Rudi
Giacomo Vianelli
I have made it, but nothing is changed
The partial solutions (.. sich !) is : re-install new serverbk, but
without last updates !
in this case the serverbk run is ok !, But for last updates ??.
Mystery ....?!?!
Thanks for the support that you have lend to me ..
Ciao
Giacomo
>>> Il Gio, Ago 31, 2006 alle 5:50 pm, nel messaggio
<fjFJg.1799$8j5...@prv-forum2.provo.novell.com>, Rudi