EvilDobe Absent Member.
Absent Member.
1521 views

SSL AD Remote Loader errors


Hi all - long time reader, first time poster. I have a seemingly easy
issue to resolve that I just can't figure out. I am trying to configure
a remote loader on a DC and I keep getting the following error:

=========================================================
DirXML: [03/23/12 10:44:52.90]: Loader: Verifying command port...
DirXML: [03/23/12 10:44:53.99]: Loader: Verifying driver can be
loaded...
DirXML: [03/23/12 10:44:53.99]: ADDriver: Driver::destroy
DirXML: [03/23/12 10:44:53.99]: ADDriver: Driver::~Driver()
DirXML: [03/23/12 10:44:53.99]: Loader: Initializing SSL encryption...
DirXML: [03/23/12 10:44:56.04]: Loader: Waiting for DirXML to connect
on 'TCP server socket, port 8090, address localhost, using SSL'...
DirXML: [03/23/12 10:45:05.54]: Loader: Received 'handshake' document
DirXML: [03/23/12 10:45:05.54]: Loader: XML Document:
DirXML: [03/23/12 10:45:05.54]: <handshake version="1.0">
<password><!-- content suppressed --></password>
</handshake>
DirXML: [03/23/12 10:45:06.23]:
DirXML Log Event -------------------
Thread = Connection Monitor
Level = warning
Message = Handshake timeout: closing connection
DirXML: [03/23/12 10:45:06.23]:
DirXML Log Event -------------------
Thread = Subscriber Channel
Level = error
Message = Authentication handshake failed: No response to handshake
document
DirXML: [03/23/12 10:45:06.23]:
DirXML Log Event -------------------
Thread = Connection Receiver
Level = warning
Message = SSL protocol failure: error:1408F10B:SSL
routines:SSL3_GET_RECORD:wrong version number
DirXML: [03/23/12 10:45:06.35]: Loader: Waiting for DirXML to connect
on 'TCP server socket, port 8090, address localhost, using SSL'...
=========================================================


I've spent a great deal of time researching the issue & from what I can
tell everything is correct but I keep getting this error. What I have
done so far:

*** Exported the Self Signed Certificate in base64 format from the CA
*** Created a certificate for the AD Driver to use in my metadirectory
*** Configured my Remote Loader with the following parameters
Driver = C:\Novell\RemoteLoader\ADDriver.dll
Config File = C:\Novell\RemoteLoader\SSLADRemoteLoader-Config.txt
Command Port = 8093
Connection Port = 8090
Address = All
Trace Level = 3
Trace File = C:\Novell\LogFiles\SSLADRemoteLoader-Trace.log
Trace File Size = 10
Trusted Root File =
C:\Novell\Certificates\TESTIDENT-CA-SelfSignedCert.b64
*** Confirmed the Remote Loader Password matches (reset password &
manually set)
*** Confirmed the Driver Object Password matches (reset password &
manually set)
*** Configured the AD Driver to use SSL
*** Configured the Remote Loader Connection parameters with the
following: hostname=10.16.132.7 port=8090 kmo='LoaderTESTRWD13'

I have followed the instructions here and on various threads.
http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7003300





What am I missing? What more troubleshooting can I do? This is
getting extremely frustrating & I am at my witts end with this. Thanks
in advance for any help anyone may be able to provide.


--
EvilDobe
------------------------------------------------------------------------
EvilDobe's Profile: http://forums.novell.com/member.php?userid=103503
View this thread: http://forums.novell.com/showthread.php?t=453841

Labels (1)
0 Likes
4 Replies
Anonymous_User Absent Member.
Absent Member.

Re: SSL AD Remote Loader errors

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Handshake timeout is probably your problem. See TID# 7009471, or google
for site:novell handshake timeout for a bunch of stuff.

Good luck.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJPbKNcAAoJEF+XTK08PnB59v0P/Rv7RVYRBTx9Et5XBznPBwNy
YGfJWpjTyCNevpVni4TDCyOJ05PBIM61T4qmtaziKzgRow45WCbL3Lqm2upZjj+R
+nfhF0hFjvS1UwRFl5YMIwI7pCJBhpeHJj4ipSkC2T4M0MzkKHkc5UD55++G2447
uJaKUQTNT1g6epCSpn5WvvrhB7SMwwrZSvVi3cPN4AihfQhCb5+bpwGxQnZvBDkp
mJxNVgTLZACd+1MMrsUbEyPlJG5RaYW3JC3NssYkwjP1vSOxlgF/J5p+4pLj5Kx/
QikuGJ4yyZsnj213bov4BpBmRifNWHD9koTEgeSStVaF9+jVONcDtOFGaVq2DTYT
oaaWxFvXaqeTYxdJwRG3KyBCaFpu7iVC+VYest6hgoAy44Zahkh/Y6PUeahDAfKe
smcrfy/Jd8oUkrjD1aNCoU6rCxpXhE09mJMA4zuqsBI6hb9+8MVa463D6Oq+wJag
8h01o2zqtbPlcQEX3/K01aEO1J4ciszwymLXnUmFfnJFjBgtzgSadkvBYzoR7JDf
Rds30ebsJHS54vpmrIwrDDFrDSU4q+SapvRMiAyHO5v8xC6TwGZLPlWAMwZymBcG
2B+T8ONyv70U3g22whg134O43TjtBJm7UULqSKLOw4BrbPjSAgLOcV7461nfDYOi
btn11iidHrbcwMmbMjIv
=iyEG
-----END PGP SIGNATURE-----
0 Likes
EvilDobe Absent Member.
Absent Member.

Re: SSL AD Remote Loader errors


Thank you for the response. I have Googled the TID and made the
appropriate changes. My connection parameters are now:
hostname=10.16.132.7 port=8090 handshaketimeout=10000
kmo='testrwd13RL'

I am now getting this error: <status event-id="0"
level="error">Code(-9046) Invalid password specified for
<check-password>.</status>

I have confirmed the password is correct by logging into a workstation
& the metadirectory using the credentials stored in the driver.


--
EvilDobe
------------------------------------------------------------------------
EvilDobe's Profile: http://forums.novell.com/member.php?userid=103503
View this thread: http://forums.novell.com/showthread.php?t=453841

0 Likes
Knowledge Partner
Knowledge Partner

Re: SSL AD Remote Loader errors

On 23.03.2012 19:16, EvilDobe wrote:
>
> Thank you for the response. I have Googled the TID and made the
> appropriate changes. My connection parameters are now:
> hostname=10.16.132.7 port=8090 handshaketimeout=10000
> kmo='testrwd13RL'
>
> I am now getting this error:<status event-id="0"
> level="error">Code(-9046) Invalid password specified for
> <check-password>.</status>
>
> I have confirmed the password is correct by logging into a workstation
> & the metadirectory using the credentials stored in the driver.


Do you get "Remote driver successfully started" after the Invalid
password specified message? If so then this is OK.

Otherwise, I suggest you temporarily turn off the SSL on both sides,
start the driver to verify that the driver is correctly configured and
starts properly. If that is the case, then your problem is with the SSL
config.
Alex McHugh - Knowledge Partner - Stavanger, Norway
Who are the Knowledge Partners
If you appreciate my comments, please click the Like button.
If I have resolved your issue, please click the Accept as Solution button.
0 Likes
EvilDobe Absent Member.
Absent Member.

Re: SSL AD Remote Loader errors


The error was caused by the driver object password. I wasn't paying
attention to what I was doing & kept setting the remote loader password
& the application password but never noticed the driver object password
needed to be changed.

Thanks for all the responses. Help was much appreciated.


--
EvilDobe
------------------------------------------------------------------------
EvilDobe's Profile: http://forums.novell.com/member.php?userid=103503
View this thread: http://forums.novell.com/showthread.php?t=453841

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.