Highlighted
Absent Member.
Absent Member.
722 views

2014R2: could not add secondary domain

Hi,

Environment:
GW2014 R2 HP1
primary domain on OES11

Goal:
I want to create a new secondary domain on Windows server

Error messages:
If I click finish in the install console on the windows server to create
the domain I get the message "Secondary domain () could not added"

Checks:
The services (admin service, MTA) are created, admin service is running,
mta service is stopped.
If I manually start the MTA service, it will stop after few seconds

I checked the domain folder on the windows server and missed wpcsin,
wpcsout, wpgate, wpoffice, wptemp folders.
I copied these folders from a running windows mta.
If I start the MTA using startagent.cmd..
startagent.cmd reports:
"SSL Configuration has been disabled because of failure in setting up
SSL rc= [8201]"

After changing Domain type to Windows and activating monitor, I
restarted the MTA in debug window and got the messages
"waiting for task NGW-P0-GW-<domainname> to complete"
"waiting for task NGW-P2-GW-<domainname> to complete"

Aunt Google could not present an answer...

I think, it´s the SSL message preventing the clean start, but how to
solve this?
admin console reports the location of certs in
c:\programdata\novell\groupwise\... , may be, it´s a secured place not
reachable?

Gotthard Anger

--
Gotthard Anger
Anwenderbetreuung Netzwerkadministration
Landeskirchenamt der EKM
gotthardanger@no-mx.forums.novell.com
http://forums.novell.com/member.php?u=35038

Mails an diese Adresse werden nur nach vorheriger Ansage gelesen!
Mails for this address will only be read if you trigger me before.
Labels (1)
0 Likes
8 Replies
Highlighted
Knowledge Partner
Knowledge Partner

Re: 2014R2: could not add secondary domain

Hi.

Am 29.04.2016 um 09:00 schrieb Gotthard Anger:
>
> Error messages:
> If I click finish in the install console on the windows server to create
> the domain I get the message "Secondary domain () could not added"
>
> Checks:
> The services (admin service, MTA) are created, admin service is running,
> mta service is stopped.
> If I manually start the MTA service, it will stop after few seconds
>
> I checked the domain folder on the windows server and missed wpcsin,
> wpcsout, wpgate, wpoffice, wptemp folders.
> I copied these folders from a running windows mta.


That's normal, those folders get created by the MTA when it starts.
Yours doesn't start, which is also why you get the error at creation time.

> If I start the MTA using startagent.cmd..
> startagent.cmd reports:
> "SSL Configuration has been disabled because of failure in setting up
> SSL rc= [8201]"


There you go. That's usually a port conflict. The port your MTA wants to
listen on is already used on the machine.

One other (rare) reason for that error is a file access error, e.g
missing rights, a file being opened by something else (AV scanner?)

CU,
--
Massimo Rosen
Novell Knowledge Partner
No emails please!
http://www.cfc-it.de
CU,
--
Massimo Rosen
Micro Focus Knowledge Partner
No emails please!
http://www.cfc-it.de
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: 2014R2: could not add secondary domain

Massimo,

thx for your answer.

Am 29.04.2016 um 10:50 schrieb Massimo Rosen:
>> "SSL Configuration has been disabled because of failure in setting up
>> SSL rc= [8201]"

>
> There you go. That's usually a port conflict. The port your MTA wants to
> listen on is already used on the machine.


port 7100 not used, if the mta is down
when started, netstat reports 7100 as listening, also the primary domain
mta has connected to port 7100.
>
> One other (rare) reason for that error is a file access error, e.g
> missing rights, a file being opened by something else (AV scanner?)

Avira, central managed and I have no access to the settings - have to
ask my partners.

Go

--
Gotthard Anger
Anwenderbetreuung Netzwerkadministration
Landeskirchenamt der EKM
gotthardanger@no-mx.forums.novell.com
http://forums.novell.com/member.php?u=35038

Mails an diese Adresse werden nur nach vorheriger Ansage gelesen!
Mails for this address will only be read if you trigger me before.
0 Likes
Highlighted
Knowledge Partner
Knowledge Partner

Re: 2014R2: could not add secondary domain

Am 29.04.2016 um 12:05 schrieb Gotthard Anger:
> Massimo,
>
> thx for your answer.
>
> Am 29.04.2016 um 10:50 schrieb Massimo Rosen:
>>> "SSL Configuration has been disabled because of failure in setting up
>>> SSL rc= [8201]"

>>
>> There you go. That's usually a port conflict. The port your MTA wants to
>> listen on is already used on the machine.

>
> port 7100 not used, if the mta is down
> when started, netstat reports 7100 as listening, also the primary domain
> mta has connected to port 7100.


But there are more ports a MTA uses, for instance the http(s) port for
the console.

CU,
--
Massimo Rosen
Novell Knowledge Partner
No emails please!
http://www.cfc-it.de
CU,
--
Massimo Rosen
Micro Focus Knowledge Partner
No emails please!
http://www.cfc-it.de
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: 2014R2: could not add secondary domain

Hello,

Am 29.04.2016 um 19:58 schrieb Massimo Rosen:
> But there are more ports a MTA uses, for instance the http(s) port for
> the console.


This is the logfile:
00:00:00 1730 LOG: Opening new log file: 0502mta.001
00:00:00 1730 General Settings:
00:00:00 1730 GroupWise Agent Build Version: 14.2.0 -122092
00:00:00 1730 GroupWise Agent Build Date: 12-03-15
00:00:00 1730 Domain Directory: e:\grpwise\gwhndom02
00:00:00 1730 Work Directory: e:\grpwise\gwhndom02\mslocal
00:00:00 1730 Database Version: 1420
00:00:00 1730 Preferred GWIA: HN-DOM1.GWIA
00:00:00 1730 Default Route: HN-DOM1
00:00:00 1730 Known IDomains: *eblsa.de
00:00:00 1730 Known IDomains: *ekmd.de
00:00:00 1730 Allow Direct Send to Other Systems: No
00:00:00 1730 Force Route: No
00:00:00 1730 Error Mail to Administrator: No
00:00:00 1730 Display the Active Log Window Initially: Yes
00:00:00 1730 Directory Authenticated: No
00:00:00 1730 Directory User Synchronization: Yes
00:00:00 1730 Admin Task Processing: Yes
00:00:00 1730 Database Recovery: Yes
00:00:00 1730 Simple Network Management Protocol (SNMP): Disabled
00:00:00 1730 TCP/IP Settings:
00:00:00 1730 Maximum Inbound TCP/IP Connections: 50
00:00:00 1730 TCP/IP Address: x.x.x.x
00:00:00 1730 TCP Port for Incoming Connections: 7100
00:00:00 1730 Message Transfer over SSL: Disabled
00:00:00 1730 TCP Port for HTTP Connections: 7180
00:00:00 1730 HTTP Refresh Rate: 60 secs
00:00:00 1730 HTTP over SSL: Disabled
00:00:00 1730 TCP/IP Connection Timeout: 20
00:00:00 1730 TCP/IP Data Timeout: 40
00:00:00 1730 Event Log Settings:
00:00:00 1730 Log Level: Normal
00:00:00 1730 Disk Logging: Yes
00:00:00 1730 Log Directory: e:\grpwise\gwhndom02\mslocal
00:00:00 1730 Maximum Log File Age: 30 Days
00:00:00 1730 Maximum Log Disk Space: 100 MB (Default)
00:00:00 1730 Performance Settings:
00:00:00 1730 Additional High Priority Scanner Thread: Yes
00:00:00 1730 Additional Mail Priority Scanner Thread: Yes
00:00:00 1730 Low Priority Scan Cycle: 15 Seconds
00:00:00 1730 High Priority Scan Cycle: 5 Seconds
00:00:00 1730 Message Log Settings:
00:00:00 1730 Message logging disabled (/NOMSGLOG)
00:00:00 1730 Scheduled Event Settings:
00:00:00 1730 Today's Directory User Sync Event Times:
07:00:05 174C RTR: GW-HNDOM02: 00000838.00A: Routing
e:\grpwise\gwhndom02\mslocal\gwinprog\2\00000838.00A (1 kb)
12:06:42 172C DIS: Processing shutdown request
12:06:42 172C DIS: MTA shutdown in progress
12:06:42 172C Shutdown of Threads

at first, I can see no port conflict
and then: Who´s triggering the shutdown?

Go


--
Gotthard Anger
Anwenderbetreuung Netzwerkadministration
Landeskirchenamt der EKM
gotthardanger@no-mx.forums.novell.com
http://forums.novell.com/member.php?u=35038

Mails an diese Adresse werden nur nach vorheriger Ansage gelesen!
Mails for this address will only be read if you trigger me before.
0 Likes
Highlighted
Knowledge Partner
Knowledge Partner

Re: 2014R2: could not add secondary domain

Am 02.05.2016 um 12:11 schrieb Gotthard Anger:
> Hello,
>
> Am 29.04.2016 um 19:58 schrieb Massimo Rosen:
>> But there are more ports a MTA uses, for instance the http(s) port for
>> the console.

>
> This is the logfile:
> 00:00:00 1730 LOG: Opening new log file: 0502mta.001
> 00:00:00 1730 General Settings:
> 00:00:00 1730 GroupWise Agent Build Version: 14.2.0 -122092
> 00:00:00 1730 GroupWise Agent Build Date: 12-03-15
> 00:00:00 1730 Domain Directory: e:\grpwise\gwhndom02
> 00:00:00 1730 Work Directory: e:\grpwise\gwhndom02\mslocal
> 00:00:00 1730 Database Version: 1420
> 00:00:00 1730 Preferred GWIA: HN-DOM1.GWIA
> 00:00:00 1730 Default Route: HN-DOM1
> 00:00:00 1730 Known IDomains: *eblsa.de
> 00:00:00 1730 Known IDomains: *ekmd.de
> 00:00:00 1730 Allow Direct Send to Other Systems: No
> 00:00:00 1730 Force Route: No
> 00:00:00 1730 Error Mail to Administrator: No
> 00:00:00 1730 Display the Active Log Window Initially: Yes
> 00:00:00 1730 Directory Authenticated: No
> 00:00:00 1730 Directory User Synchronization: Yes
> 00:00:00 1730 Admin Task Processing: Yes
> 00:00:00 1730 Database Recovery: Yes
> 00:00:00 1730 Simple Network Management Protocol (SNMP): Disabled
> 00:00:00 1730 TCP/IP Settings:
> 00:00:00 1730 Maximum Inbound TCP/IP Connections: 50
> 00:00:00 1730 TCP/IP Address: x.x.x.x
> 00:00:00 1730 TCP Port for Incoming Connections: 7100
> 00:00:00 1730 Message Transfer over SSL: Disabled
> 00:00:00 1730 TCP Port for HTTP Connections: 7180
> 00:00:00 1730 HTTP Refresh Rate: 60 secs
> 00:00:00 1730 HTTP over SSL: Disabled
> 00:00:00 1730 TCP/IP Connection Timeout: 20
> 00:00:00 1730 TCP/IP Data Timeout: 40
> 00:00:00 1730 Event Log Settings:
> 00:00:00 1730 Log Level: Normal
> 00:00:00 1730 Disk Logging: Yes
> 00:00:00 1730 Log Directory: e:\grpwise\gwhndom02\mslocal
> 00:00:00 1730 Maximum Log File Age: 30 Days
> 00:00:00 1730 Maximum Log Disk Space: 100 MB (Default)
> 00:00:00 1730 Performance Settings:
> 00:00:00 1730 Additional High Priority Scanner Thread: Yes
> 00:00:00 1730 Additional Mail Priority Scanner Thread: Yes
> 00:00:00 1730 Low Priority Scan Cycle: 15 Seconds
> 00:00:00 1730 High Priority Scan Cycle: 5 Seconds
> 00:00:00 1730 Message Log Settings:
> 00:00:00 1730 Message logging disabled (/NOMSGLOG)
> 00:00:00 1730 Scheduled Event Settings:
> 00:00:00 1730 Today's Directory User Sync Event Times:
> 07:00:05 174C RTR: GW-HNDOM02: 00000838.00A: Routing
> e:\grpwise\gwhndom02\mslocal\gwinprog\2\00000838.00A (1 kb)
> 12:06:42 172C DIS: Processing shutdown request
> 12:06:42 172C DIS: MTA shutdown in progress
> 12:06:42 172C Shutdown of Threads
>
> at first, I can see no port conflict
> and then: Who´s triggering the shutdown?


You can't see a port conflict there. You have to check yourself if port
7100 and 7180 are unused.

And I'm thoroughly confused by your log. Which domain is that? Is there
nothing else happening in those 12 hours? And in your first post you
said it's 2014R2 HP1. This log says it isn't, it's 2014R2 without HP1.

CU,
--
Massimo Rosen
Novell Knowledge Partner
No emails please!
http://www.cfc-it.de
CU,
--
Massimo Rosen
Micro Focus Knowledge Partner
No emails please!
http://www.cfc-it.de
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: 2014R2: could not add secondary domain

Am 02.05.2016 um 12:27 schrieb Massimo Rosen:
> Am 02.05.2016 um 12:11 schrieb Gotthard Anger:
>> Hello,
>>
>> Am 29.04.2016 um 19:58 schrieb Massimo Rosen:
>>> But there are more ports a MTA uses, for instance the http(s) port for
>>> the console.

>>
>> This is the logfile:


> You can't see a port conflict there. You have to check yourself if port
> 7100 and 7180 are unused.
>
> And I'm thoroughly confused by your log. Which domain is that? Is there
> nothing else happening in those 12 hours?

Excuse me, this was the log from the manual started mta. If I take the
mmc to start the mta, no log will written.
The Domain is empty and contains no postoffice.

If the MTA is down, netstat reports no listening on port 7100 and 7180.
Port 9710 is listening.

> And in your first post you
> said it's 2014R2 HP1. This log says it isn't, it's 2014R2 without HP1.

Oh! I just downloaded the zip from customer center and forgot to verify
the version. Update will follow

Go
--
Gotthard Anger
Anwenderbetreuung Netzwerkadministration
Landeskirchenamt der EKM
gotthardanger@no-mx.forums.novell.com
http://forums.novell.com/member.php?u=35038

Mails an diese Adresse werden nur nach vorheriger Ansage gelesen!
Mails for this address will only be read if you trigger me before.
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: 2014R2: could not add secondary domain

I just had the exact same thing happen. I opened a ticket with support. They asked if the .DC files were in the secondary domain directory. They were not. Pam from support said to copy those (4) .DC files from the primary domain directory to the secondary domain directory. When I did that, the MTA started right up.
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: 2014R2: could not add secondary domain

Am 02.05.2016 um 20:06 schrieb plessm:
>
> I just had the exact same thing happen. I opened a ticket with support.
> They asked if the .DC files were in the secondary domain directory.
> They were not. Pam from support said to copy those (4) .DC files from
> the primary domain directory to the secondary domain directory. When I
> did that, the MTA started right up.
>
>

Yeah, this is it.

May be that´s a bug: admin service could not copy the dc files from
primary domain to secondary domain folder, if primary domain on OES and
secondary domain on windows. Same bug occurs if you create a postoffice
on the windows machine. gwpo.dc and ngwguard.dc are missed in po folder
after creating. Admin console says ok but the PO service will not run.

@massimo: groupwise files are upgraded to HP1 with same behaviour

Thx
Gotthard

--
Gotthard Anger
Anwenderbetreuung Netzwerkadministration
Landeskirchenamt der EKM
gotthardanger@no-mx.forums.novell.com
http://forums.novell.com/member.php?u=35038

Mails an diese Adresse werden nur nach vorheriger Ansage gelesen!
Mails for this address will only be read if you trigger me before.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.