Anonymous_User Absent Member.
Absent Member.
1959 views

CIFS Login error 1326

Hello,

i am experimenting with NFAP at the moment. I had it set up and running,
but suddenly i get only the 1326 error (unknown userid or password wrong).
Environment:
NFAP-Server: MAXO1: NW6SP4, CIFSPT5, edir V8.7.0 , no replica
Server SILO: NW6SP4, Replica-Information
Client W2KSP4 without Novell Client

I had it running. Successfully logged in with HRZT and some other userids.
-Then my certificates on SILO (and some other servers) where expired. I
fixed that with PKIDIAG, ran an unattended full DSREPAIR and reloaded
SILO. Certificates on MAXO1 are still valid to November.
-After this the CIFS Login for all my testuserids (with simple password
set) only gives the famous 1326 error.
-I checked with NMASMON (protocols attached), but all seems normal to me:
-MAXO1 is found and contacted
-Windows Userid HRZT ist found in the configured context Maint.hrz.unibi
-Because there is no local replica on MAXO1 server SILO is contacted
-SILOs NMASMON Log shows successfull login, but still i get the 1526
error at the client??????

I already:
-Ran DSREPAIR and restarted MAXO1, also SILO again. Logger Screen shows
no problems.
-NDS and TIME is in sync; no obits; no errors.
-Restarted the Windows-Client
-Reset the simple password for HRZT
-Checked the Loginmethod with C1 in the security container
-Secure Netstorage Login via SILO and MAXO1 is possible. Was broken
before on SILO because of the expired certificates.


Any ideas?

Regards
Helmut Reihs

SILOS NMAS LOG:
---------------
NMAS Standard Edition
0: Screen and file output started at Fri May 28 09:44:04 2004

62: Destroy NMAS Session for reuse
62: Create NMAS Session
0: Put attribute with ID = 2 of length 28 bytes
0: Put attribute with ID = 1 of length 42 bytes
0: Put attribute with ID = 11 of length 16 bytes
62: RemoteCheckIfLocalUser checking hrzt.maint.hrz.unibi.
62: RemoteCheckIfLocalUser is a local user.
62: Server thread started
62: >>ServerGet: message size=8 queue size 0
62: >>ClientPut: message size=8 queue Size 0
62: >>ServerGet: message size=24 queue size 0
62: >>ClientPut: message size=24 queue Size 0
62: OEM
62: OEM Verb 6
62: Server Transport
62: <<ServerPut: message size=8 queue size 0
62: <<ServerPut: message size=12 queue size 8
62: >>ServerGet: message size=8 queue size 0
62: <<ClientGet: message size=8 queue Size 0
62: <<ClientGet: message size=12 queue Size 12
62: >>ClientPut: message size=8 queue Size 0
62: >>ServerGet: message size=608 queue size 0
62: >>ClientPut: message size=608 queue Size 0
62: <<ClientGet: message size=8 queue Size 0
62: OEM
62: OEM Verb 3
62: HandleTransKey
62: HandleTransKey DataLen = 584
62: HandleTransKeys Wrapping Key OID first word = 0x86600B06
62: HandleTransKeys Export Grade (DES) Wrapping Key
62: keyTag in while = 1
62: keyTag in while = 2
62: keyTag in while = 3
62: HandleTransKeys end of while err = 0
62: Transaction keys unwrapped:HandleTransKeys
62: 3 Transaction keys unwrapped
62: Return code from HandleTransKeys = 0
62: <<ServerPut: message size=8 queue size 0
62: <<ServerPut: message size=12 queue size 8
62: >>ServerGet: message size=8 queue size 0
62: <<ClientGet: message size=12 queue Size 12
62: >>ClientPut: message size=8 queue Size 0
62: >>ServerGet: message size=7 queue size 0
62: >>ClientPut: message size=7 queue Size 0
62: CanDo
62: <<ClientGet: message size=8 queue Size 0
62: Sequence Selected == "LSMCIFS"
62: Login Method 0x0000000D
62: MAF_Begin LSM 0x0000000D
62: <<ServerPut: message size=8 queue size 0
62: <<ServerPut: message size=5 queue size 8
62: MAF_Read LSM 0x0000000D
62: <<ClientGet: message size=5 queue Size 5
62: >>ServerGet: message size=8 queue size 0
62: >>ClientPut: message size=8 queue Size 0
62: >>ServerGet: message size=2449 queue size 0
62: >>ClientPut: message size=2449 queue Size 0
62: MAF_Write LSM 0x0000000D
62: <<ServerPut: message size=8 queue size 0
62: <<ServerPut: message size=2449 queue size 8
62: MAF_Read LSM 0x0000000D
62: >>ServerGet: message size=8 queue size 0
62: <<ClientGet: message size=8 queue Size 8
62: <<ClientGet: message size=2449 queue Size 2449
62: >>ClientPut: message size=8 queue Size 0
62: >>ServerGet: message size=2449 queue size 0
62: >>ClientPut: message size=2449 queue Size 0
62: MAF_GetAttribute LSM 0x0000000D AID: 24 Tag: PASSWORD HASH
62: MAF_Write LSM 0x0000000D
62: <<ServerPut: message size=8 queue size 0
62: <<ServerPut: message size=2449 queue size 8
62: MAF_End LSM 0x0000000D
62: LSM 0x0000000D successful
62: >>ServerGet: message size=8 queue size 0
62: <<ClientGet: message size=8 queue Size 0
62: <<ClientGet: message size=2449 queue Size 2449
62: >>ClientPut: message size=8 queue Size 0
62: WhatNext
62: Successful login
62: <<ServerPut: message size=8 queue size 0
62: <<ServerPut: message size=4 queue size 8
62: <<ClientGet: message size=8 queue Size 0
62: <<ClientGet: message size=4 queue Size 4
62: >>ClientPut: message size=8 queue Size 0
62: <<ClientGet: message size=8 queue Size 0
62: >>ServerGet: message size=8 queue size 8
62: <<ServerPut: message size=8 queue size 0
62: Server thread exited
62: NDS Credential request
62: Returning NDS Credential size 626
62: Encrypted NDS Credential size 632
62: Client Session Destroy Request
62: Local Session Cleared (Not Destroyed)

MAXO1 NMAS LOG:
----------------
NMAS Standard Edition
0: Screen and file output started at Fri May 28 09:43:50 2004

58: Create NMAS Session
58: RemoteCheckIfLocalUser checking hrzt.maint.hrz.unibi.
58: RemoteCheckIfLocalUser is NOT a local user.
58: Found 4 servers in replica ring
58: Attempting server CN=MAXO.OU=LAB.OU=HRZ.O=UniBi for remote session
58: Attempting server CN=RIGO.OU=LAB.OU=HRZ.O=UniBi for remote session
58: Attempting server CN=SILO.OU=LAB.OU=HRZ.O=UniBi for remote session
58: Attempting server CN=ARGO.OU=Serv.OU=HRZ.O=UniBi for remote session
58: Connected to server CN=MAXO.OU=LAB.OU=HRZ.O=UniBi for remote session
58: Connected to server CN=RIGO.OU=LAB.OU=HRZ.O=UniBi for remote session
58: Connected to server CN=SILO.OU=LAB.OU=HRZ.O=UniBi for remote session
58: Connected to server CN=ARGO.OU=Serv.OU=HRZ.O=UniBi for remote session
58: Server CN=SILO.OU=LAB.OU=HRZ.O=UniBi has NMAS 2.3
58: Server CN=SILO.OU=LAB.OU=HRZ.O=UniBi will be used for remote session
58: Server CN=RIGO.OU=LAB.OU=HRZ.O=UniBi has NMAS 2.0
58: tryReplicaRing: NMAS 2.2 Server Found
58: tryReplicaRing: Waiting for 3 connection threads
58: Server CN=ARGO.OU=Serv.OU=HRZ.O=UniBi has NMAS 2.0
58: NCPOpenConnection dContext == 0x74950011
58: Server CN=MAXO.OU=LAB.OU=HRZ.O=UniBi has NMAS 2.0
58: NMAS_CanDo sendMessage 0
58: NMAS_CanDo sendMessage 0
58: NMAS_CanDo disassembleDoPacket 0
58: MAF_Begin LCM 0x00000000
58: MAF_Write LCM 0x00000000
58: MAF_Read LCM 0x00000000
58: MAF_Write LCM 0x00000000
58: MAF_Read LCM 0x00000000
58: MAF_End LCM 0x00000000
58: Client Session Destroy Request
58: Remote Session Destroyed
58: Destroy NMAS Session
58: Aborted Session Destroyed (with MAF)
59: Create NMAS Session
59: RemoteCheckIfLocalUser checking hrzt.serv.hrz.unibi.
59: ERROR: -601 RemoteCheckIfLocalUser: DDCResolveName
59: ERROR: -601 RemoteCheckIfLocalUser failed.
59: NCPCheckIfLocalUser failed -601
59: Client Session Destroy Request
59: Destroy NMAS Session
59: Aborted Session Destroyed (with MAF)
60: Create NMAS Session
60: RemoteCheckIfLocalUser checking hrzt.unibi.
60: ERROR: -601 RemoteCheckIfLocalUser: DDCResolveName
60: ERROR: -601 RemoteCheckIfLocalUser failed.
60: NCPCheckIfLocalUser failed -601
60: Client Session Destroy Request
60: Destroy NMAS Session
60: Aborted Session Destroyed (with MAF)
58: tryReplicaRing: All connection threads finished
58: mafMakeConnection: freeing shared resources
Labels (1)
0 Likes
3 Replies
Anonymous_User Absent Member.
Absent Member.

Re: CIFS Login error 1326

will you create a NEW user and check with that user. Sometimes when certificates get messed up, the server no longer has the ability to encrypt or decrypt data with the certificate in which a user was created. If you CAN login with a newly created user.... The bad news is the only way that _I_ know how to fix that is to delete and recreate the user object. Someone that deals with NICI and PKI might know a better way though. If it still doesn't work with a new user then either put a replica of the user object on the local server, or try logging in as a user that the server has a replica of-------This is only a test to see if your problem is coming from NMAS transactions or not, having a local replica takes NMAS out of the picture (you still have the login method). Also, you can check to see if the user account is expired, locked, limited concurrent logins, etc. Try logging in as that user on a Novell Client machine, make sure that the user can login and has access to the volumes on the server.


>>> Helmut Reihs<hrx@nosp.uni-bielefeld.de> 2004-05-28 02:10:47 >>>


Hello,

i am experimenting with NFAP at the moment. I had it set up and running,
but suddenly i get only the 1326 error (unknown userid or password wrong).
Environment:
NFAP-Server: MAXO1: NW6SP4, CIFSPT5, edir V8.7.0 , no replica
Server SILO: NW6SP4, Replica-Information
Client W2KSP4 without Novell Client

I had it running. Successfully logged in with HRZT and some other userids.
-Then my certificates on SILO (and some other servers) where expired. I
fixed that with PKIDIAG, ran an unattended full DSREPAIR and reloaded
SILO. Certificates on MAXO1 are still valid to November.
-After this the CIFS Login for all my testuserids (with simple password
set) only gives the famous 1326 error.
-I checked with NMASMON (protocols attached), but all seems normal to me:
-MAXO1 is found and contacted
-Windows Userid HRZT ist found in the configured context Maint.hrz.unibi
-Because there is no local replica on MAXO1 server SILO is contacted
-SILOs NMASMON Log shows successfull login, but still i get the 1526
error at the client??????

I already:
-Ran DSREPAIR and restarted MAXO1, also SILO again. Logger Screen shows
no problems.
-NDS and TIME is in sync; no obits; no errors.
-Restarted the Windows-Client
-Reset the simple password for HRZT
-Checked the Loginmethod with C1 in the security container
-Secure Netstorage Login via SILO and MAXO1 is possible. Was broken
before on SILO because of the expired certificates.


Any ideas?

Regards
Helmut Reihs

SILOS NMAS LOG:
---------------
NMAS Standard Edition
0: Screen and file output started at Fri May 28 09:44:04 2004

62: Destroy NMAS Session for reuse
62: Create NMAS Session
0: Put attribute with ID = 2 of length 28 bytes
0: Put attribute with ID = 1 of length 42 bytes
0: Put attribute with ID = 11 of length 16 bytes
62: RemoteCheckIfLocalUser checking hrzt.maint.hrz.unibi.
62: RemoteCheckIfLocalUser is a local user.
62: Server thread started
62: >>ServerGet: message size=8 queue size 0
62: >>ClientPut: message size=8 queue Size 0
62: >>ServerGet: message size=24 queue size 0
62: >>ClientPut: message size=24 queue Size 0
62: OEM
62: OEM Verb 6
62: Server Transport
62: <<ServerPut: message size=8 queue size 0
62: <<ServerPut: message size=12 queue size 8
62: >>ServerGet: message size=8 queue size 0
62: <<ClientGet: message size=8 queue Size 0
62: <<ClientGet: message size=12 queue Size 12
62: >>ClientPut: message size=8 queue Size 0
62: >>ServerGet: message size=608 queue size 0
62: >>ClientPut: message size=608 queue Size 0
62: <<ClientGet: message size=8 queue Size 0
62: OEM
62: OEM Verb 3
62: HandleTransKey
62: HandleTransKey DataLen = 584
62: HandleTransKeys Wrapping Key OID first word = 0x86600B06
62: HandleTransKeys Export Grade (DES) Wrapping Key
62: keyTag in while = 1
62: keyTag in while = 2
62: keyTag in while = 3
62: HandleTransKeys end of while err = 0
62: Transaction keys unwrapped:HandleTransKeys
62: 3 Transaction keys unwrapped
62: Return code from HandleTransKeys = 0
62: <<ServerPut: message size=8 queue size 0
62: <<ServerPut: message size=12 queue size 8
62: >>ServerGet: message size=8 queue size 0
62: <<ClientGet: message size=12 queue Size 12
62: >>ClientPut: message size=8 queue Size 0
62: >>ServerGet: message size=7 queue size 0
62: >>ClientPut: message size=7 queue Size 0
62: CanDo
62: <<ClientGet: message size=8 queue Size 0
62: Sequence Selected == "LSMCIFS"
62: Login Method 0x0000000D
62: MAF_Begin LSM 0x0000000D
62: <<ServerPut: message size=8 queue size 0
62: <<ServerPut: message size=5 queue size 8
62: MAF_Read LSM 0x0000000D
62: <<ClientGet: message size=5 queue Size 5
62: >>ServerGet: message size=8 queue size 0
62: >>ClientPut: message size=8 queue Size 0
62: >>ServerGet: message size=2449 queue size 0
62: >>ClientPut: message size=2449 queue Size 0
62: MAF_Write LSM 0x0000000D
62: <<ServerPut: message size=8 queue size 0
62: <<ServerPut: message size=2449 queue size 8
62: MAF_Read LSM 0x0000000D
62: >>ServerGet: message size=8 queue size 0
62: <<ClientGet: message size=8 queue Size 8
62: <<ClientGet: message size=2449 queue Size 2449
62: >>ClientPut: message size=8 queue Size 0
62: >>ServerGet: message size=2449 queue size 0
62: >>ClientPut: message size=2449 queue Size 0
62: MAF_GetAttribute LSM 0x0000000D AID: 24 Tag: PASSWORD HASH
62: MAF_Write LSM 0x0000000D
62: <<ServerPut: message size=8 queue size 0
62: <<ServerPut: message size=2449 queue size 8
62: MAF_End LSM 0x0000000D
62: LSM 0x0000000D successful
62: >>ServerGet: message size=8 queue size 0
62: <<ClientGet: message size=8 queue Size 0
62: <<ClientGet: message size=2449 queue Size 2449
62: >>ClientPut: message size=8 queue Size 0
62: WhatNext
62: Successful login
62: <<ServerPut: message size=8 queue size 0
62: <<ServerPut: message size=4 queue size 8
62: <<ClientGet: message size=8 queue Size 0
62: <<ClientGet: message size=4 queue Size 4
62: >>ClientPut: message size=8 queue Size 0
62: <<ClientGet: message size=8 queue Size 0
62: >>ServerGet: message size=8 queue size 8
62: <<ServerPut: message size=8 queue size 0
62: Server thread exited
62: NDS Credential request
62: Returning NDS Credential size 626
62: Encrypted NDS Credential size 632
62: Client Session Destroy Request
62: Local Session Cleared (Not Destroyed)

MAXO1 NMAS LOG:
----------------
NMAS Standard Edition
0: Screen and file output started at Fri May 28 09:43:50 2004

58: Create NMAS Session
58: RemoteCheckIfLocalUser checking hrzt.maint.hrz.unibi.
58: RemoteCheckIfLocalUser is NOT a local user.
58: Found 4 servers in replica ring
58: Attempting server CN=MAXO.OU=LAB.OU=HRZ.O=UniBi for remote session
58: Attempting server CN=RIGO.OU=LAB.OU=HRZ.O=UniBi for remote session
58: Attempting server CN=SILO.OU=LAB.OU=HRZ.O=UniBi for remote session
58: Attempting server CN=ARGO.OU=Serv.OU=HRZ.O=UniBi for remote session
58: Connected to server CN=MAXO.OU=LAB.OU=HRZ.O=UniBi for remote session
58: Connected to server CN=RIGO.OU=LAB.OU=HRZ.O=UniBi for remote session
58: Connected to server CN=SILO.OU=LAB.OU=HRZ.O=UniBi for remote session
58: Connected to server CN=ARGO.OU=Serv.OU=HRZ.O=UniBi for remote session
58: Server CN=SILO.OU=LAB.OU=HRZ.O=UniBi has NMAS 2.3
58: Server CN=SILO.OU=LAB.OU=HRZ.O=UniBi will be used for remote session
58: Server CN=RIGO.OU=LAB.OU=HRZ.O=UniBi has NMAS 2.0
58: tryReplicaRing: NMAS 2.2 Server Found
58: tryReplicaRing: Waiting for 3 connection threads
58: Server CN=ARGO.OU=Serv.OU=HRZ.O=UniBi has NMAS 2.0
58: NCPOpenConnection dContext == 0x74950011
58: Server CN=MAXO.OU=LAB.OU=HRZ.O=UniBi has NMAS 2.0
58: NMAS_CanDo sendMessage 0
58: NMAS_CanDo sendMessage 0
58: NMAS_CanDo disassembleDoPacket 0
58: MAF_Begin LCM 0x00000000
58: MAF_Write LCM 0x00000000
58: MAF_Read LCM 0x00000000
58: MAF_Write LCM 0x00000000
58: MAF_Read LCM 0x00000000
58: MAF_End LCM 0x00000000
58: Client Session Destroy Request
58: Remote Session Destroyed
58: Destroy NMAS Session
58: Aborted Session Destroyed (with MAF)
59: Create NMAS Session
59: RemoteCheckIfLocalUser checking hrzt.serv.hrz.unibi.
59: ERROR: -601 RemoteCheckIfLocalUser: DDCResolveName
59: ERROR: -601 RemoteCheckIfLocalUser failed.
59: NCPCheckIfLocalUser failed -601
59: Client Session Destroy Request
59: Destroy NMAS Session
59: Aborted Session Destroyed (with MAF)
60: Create NMAS Session
60: RemoteCheckIfLocalUser checking hrzt.unibi.
60: ERROR: -601 RemoteCheckIfLocalUser: DDCResolveName
60: ERROR: -601 RemoteCheckIfLocalUser failed.
60: NCPCheckIfLocalUser failed -601
60: Client Session Destroy Request
60: Destroy NMAS Session
60: Aborted Session Destroyed (with MAF)
58: tryReplicaRing: All connection threads finished
58: mafMakeConnection: freeing shared resources

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: CIFS Login error 1326

Thanks for the tips,

-i created a new user, checked that he could login normally and map the
volume in question on the testserver.
-but mapping the volume via cifs for this user still gives the error
-i am reluctant to put a replica on the server, because it did run
before without that and the in my first mail attached NMAS-Log seems to
indicate that the NMAS-Login is not the problem.
-I have a highly partitioned NDS and would not like to have to put a
replica of all potential user-contexts on cifs-accessed servers.

Any other ideas?

Regards
Helmut



D. SKye Hodges wrote:

> will you create a NEW user and check with that user. Sometimes when
> certificates get messed up, the server no longer has the ability to
> encrypt or decrypt data with the certificate in which a user was
> created. If you CAN login with a newly created user.... The bad news
> is the only way that _I_ know how to fix that is to delete and recreate
> the user object. Someone that deals with NICI and PKI might know a
> better way though. If it still doesn't work with a new user then either
> put a replica of the user object on the local server, or try logging in
> as a user that the server has a replica of-------This is only a test to
> see if your problem is coming from NMAS transactions or not, having a
> local replica takes NMAS out of the picture (you still have the login
> method). Also, you can check to see if the user account is expired,
> locked, limited concurrent logins, etc. Try logging in as that user on
> a Novell Client machine, make sure that the user can login and has
> access to the volumes on the server.
>
>

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: CIFS Login error 1326

the replica is JUST for a test, if it works, it will allow us to narrow the problem, if it doesn't work it will help us rule out what is not the problem. This is the only thing that I can think of to try as a next step in troubleshooting this.

>>> Helmut Reihs<hrx@nosp.uni-bielefeld.de> 2004-06-09 01:02:21 >>>


Thanks for the tips,

-i created a new user, checked that he could login normally and map the
volume in question on the testserver.
-but mapping the volume via cifs for this user still gives the error
-i am reluctant to put a replica on the server, because it did run
before without that and the in my first mail attached NMAS-Log seems to
indicate that the NMAS-Login is not the problem.
-I have a highly partitioned NDS and would not like to have to put a
replica of all potential user-contexts on cifs-accessed servers.

Any other ideas?

Regards
Helmut



D. SKye Hodges wrote:

> will you create a NEW user and check with that user. Sometimes when
> certificates get messed up, the server no longer has the ability to
> encrypt or decrypt data with the certificate in which a user was
> created. If you CAN login with a newly created user.... The bad news
> is the only way that _I_ know how to fix that is to delete and recreate
> the user object. Someone that deals with NICI and PKI might know a
> better way though. If it still doesn't work with a new user then either
> put a replica of the user object on the local server, or try logging in
> as a user that the server has a replica of-------This is only a test to
> see if your problem is coming from NMAS transactions or not, having a
> local replica takes NMAS out of the picture (you still have the login
> method). Also, you can check to see if the user account is expired,
> locked, limited concurrent logins, etc. Try logging in as that user on
> a Novell Client machine, make sure that the user can login and has
> access to the volumes on the server.
>
>


0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.