Anonymous_User Absent Member.
Absent Member.
9586 views

Couldn't get FDN from LUM for uid

We have a Netware OES LInux server patched to SP2. My /var/log/messages file has thousands of this error in it and is constantly filling:

Jul 15 04:19:34 <servername> kernel: Couldn't get FDN from LUM for uid, rc=105 = 2
Jul 15 04:19:55 <servername> last message repeated 5 times

In Yast, I went to users and groups and it appears that tomcat has id 105

I have been looking through the KB but cannot find any other reverences to this error.

Can someone tell me where to start looking for a solution?

Thanks

Matt
Labels (2)
0 Likes
8 Replies
Anonymous_User Absent Member.
Absent Member.

Re: Couldn't get FDN from LUM for uid

On Fri, 20 Jul 2007 13:42:53 +0000, Matt Schlawin wrote:

> We have a Netware OES LInux server patched to SP2. My /var/log/messages
> file has thousands of this error in it and is constantly filling:
>
> Jul 15 04:19:34 <servername> kernel: Couldn't get FDN from LUM for uid,
> rc=105 = 2 Jul 15 04:19:55 <servername> last message repeated 5 times
>
> In Yast, I went to users and groups and it appears that tomcat has id 105
>
> I have been looking through the KB but cannot find any other reverences to
> this error.
>
> Can someone tell me where to start looking for a solution?
>


Sounds like LUM is not working properly.
What happens if you run rcnamcd restart?



--
Mark Robinson
Novell Volunteer SysOp
www.nds8.co.uk
One by one the penguins steal my sanity...

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Couldn't get FDN from LUM for uid

Thanks for the reply.

rcnamcd status show "running" and restart restarts with no errors, but I keep getting hundreds of the FDN from LUM errors an hour.

id=105 is tomcat, correct? Could it be that tomcat is not LUM enabled correctly. I believe it uses the novlwww user.

In iManager, novlwww show that it is LUM enabled. novlwww is a member of the admingroup which also shows LUM enabled. I have not tried re-enabling these yet.

Also, I have a LUM enabled group called admingrp Can I delete that group? It's empty.

Thanks again,

Matt


>>> On 7/23/2007 at 4:52 AM, in message <pan.2007.07.23.09.53.24.676888@no.spam.please.nds8.co.uk>, Mark Robinson<mark.robinson@no.spam.please.nds8.co.uk> wrote:


On Fri, 20 Jul 2007 13:42:53 +0000, Matt Schlawin wrote:


> We have a Netware OES LInux server patched to SP2. My /var/log/messages
> file has thousands of this error in it and is constantly filling:
>
> Jul 15 04:19:34 <servername> kernel: Couldn't get FDN from LUM for uid,
> rc=105 = 2 Jul 15 04:19:55 <servername> last message repeated 5 times
>
> In Yast, I went to users and groups and it appears that tomcat has id 105
>
> I have been looking through the KB but cannot find any other reverences to
> this error.
>
> Can someone tell me where to start looking for a solution?
>


Sounds like LUM is not working properly.
What happens if you run rcnamcd restart?



--
Mark Robinson
Novell Volunteer SysOp
www.nds8.co.uk
One by one the penguins steal my sanity...
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Couldn't get FDN from LUM for uid

On Mon, 23 Jul 2007 13:43:00 +0000, Matt Schlawin wrote:

> Thanks for the reply.
>
> rcnamcd status show "running" and restart restarts with no errors, but I
> keep getting hundreds of the FDN from LUM errors an hour.
>
> id=105 is tomcat, correct? Could it be that tomcat is not LUM enabled
> correctly. I believe it uses the novlwww user.


If you run getent passwd you should see a combination of local and eDir
LUM users.

> In iManager, novlwww show that it is LUM enabled. novlwww is a member
> of the admingroup which also shows LUM enabled. I have not tried
> re-enabling these yet.
>
> Also, I have a LUM enabled group called admingrp Can I delete that
> group?
> It's empty.
>


Admingroup would normally have your main admin user in there.
No, don't delete it!

It definitely sounds like something went wrong with the LUM enablement of
the server. Did you do all the configuration at install time or
post-install?

--
Mark Robinson
Novell Volunteer SysOp
www.nds8.co.uk
One by one the penguins steal my sanity...

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Couldn't get FDN from LUM for uid


>If you run getent passwd you should see a combination of local and eDir
>LUM users.


Yes I do. I see about 20 users including admin and tomcat.

>Admingroup would normally have your main admin user in there.
>No, don't delete it!


Wrong group...I have an "admingroup" with the admin user, novlwww, and UNIX
Worstations objects in it. I'm talking about "admingrp" that is empty. It
is LUM enabled but since it is empty, I think I can delete it.


>It definitely sounds like something went wrong with the LUM enablement of
>the server. Did you do all the configuration at install time or
>post-install?


I did it post-install.

This has been working fine for over a year and it suddenly broke. I did,
however, find some more clues!

1. I have two other OES Linux servers and there are all three generating
the same messages!
2. When I set up the OES Linux servers, I went to Yast, Network Services,
OES Network configuration, I had set up one of my Netware 6.5 servers as an
LDAP server. When I try to add another one now,however, I get "credentials
failed" no matter how I try to log in. I tried deleting the Netware LDAP
server and adding it again, but I get the same "credentials failed" message.
I cannot add any server without getting "credentials failes" on all three
linux boxes. (And yes, I did remember to take out the period and put in a
comma in the FDN!)
3. I have an LDAP browser program that runs under Windows that I use to
check for LDAP problems. I can use this to successfully connect to the
Netware box and all three OES Linux boxes.
4. PKDiag did find a problem on the Netware box but it corrected it and
subsequent PKIDIAG checks are clean. I have rebooted all servers in
question.

Is this related or a different problem? I ran a full NDS repair and have
zero errors. I have two full NDS partitions on Netware boxes and one full
partition on one of the OES Linux boxes.

Matt


--
Mark Robinson
Novell Volunteer SysOp
www.nds8.co.uk
One by one the penguins steal my sanity...



0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Couldn't get FDN from LUM for uid

On Tue, 24 Jul 2007 02:22:34 +0000, Matt Schlawin wrote:

>
>>If you run getent passwd you should see a combination of local and eDir
>>LUM users.

>
> Yes I do. I see about 20 users including admin and tomcat.


Good

>>Admingroup would normally have your main admin user in there. No, don't
>>delete it!

>
> Wrong group...I have an "admingroup" with the admin user, novlwww, and
> UNIX Worstations objects in it. I'm talking about "admingrp" that is
> empty. It is LUM enabled but since it is empty, I think I can delete
> it.


Yep, that does sound OK.


>>It definitely sounds like something went wrong with the LUM enablement
>>of the server. Did you do all the configuration at install time or
>>post-install?

>
> I did it post-install.
>
> This has been working fine for over a year and it suddenly broke. I
> did, however, find some more clues!
>
> 1. I have two other OES Linux servers and there are all three
> generating the same messages!
> 2. When I set up the OES Linux servers, I went to Yast, Network
> Services, OES Network configuration, I had set up one of my Netware 6.5
> servers as an LDAP server. When I try to add another one now,however, I
> get "credentials failed" no matter how I try to log in. I tried
> deleting the Netware LDAP server and adding it again, but I get the same
> "credentials failed" message.
> I cannot add any server without getting "credentials failes" on all
> three
> linux boxes. (And yes, I did remember to take out the period and put in
> a comma in the FDN!)
> 3. I have an LDAP browser program that runs under Windows that I use to
> check for LDAP problems. I can use this to successfully connect to the
> Netware box and all three OES Linux boxes. 4. PKDiag did find a problem
> on the Netware box but it corrected it and subsequent PKIDIAG checks are
> clean. I have rebooted all servers in question.
>
> Is this related or a different problem? I ran a full NDS repair and
> have zero errors. I have two full NDS partitions on Netware boxes and
> one full partition on one of the OES Linux boxes.


I think this is related. It smells of a certificate issue here. Did the
6.5 box just get a new cert or anything like that???



--
Mark Robinson
Novell Volunteer SysOp
www.nds8.co.uk
One by one the penguins steal my sanity...

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Couldn't get FDN from LUM for uid

Mark Robinson wrote:
> On Tue, 24 Jul 2007 02:22:34 +0000, Matt Schlawin wrote:
>
>>> If you run getent passwd you should see a combination of local and eDir
>>> LUM users.

>> Yes I do. I see about 20 users including admin and tomcat.

>
> Good
>
>>> Admingroup would normally have your main admin user in there. No, don't
>>> delete it!

>> Wrong group...I have an "admingroup" with the admin user, novlwww, and
>> UNIX Worstations objects in it. I'm talking about "admingrp" that is
>> empty. It is LUM enabled but since it is empty, I think I can delete
>> it.

>
> Yep, that does sound OK.
>
>
>>> It definitely sounds like something went wrong with the LUM enablement
>>> of the server. Did you do all the configuration at install time or
>>> post-install?

>> I did it post-install.
>>
>> This has been working fine for over a year and it suddenly broke. I
>> did, however, find some more clues!
>>
>> 1. I have two other OES Linux servers and there are all three
>> generating the same messages!
>> 2. When I set up the OES Linux servers, I went to Yast, Network
>> Services, OES Network configuration, I had set up one of my Netware 6.5
>> servers as an LDAP server. When I try to add another one now,however, I
>> get "credentials failed" no matter how I try to log in. I tried
>> deleting the Netware LDAP server and adding it again, but I get the same
>> "credentials failed" message.
>> I cannot add any server without getting "credentials failes" on all
>> three
>> linux boxes. (And yes, I did remember to take out the period and put in
>> a comma in the FDN!)
>> 3. I have an LDAP browser program that runs under Windows that I use to
>> check for LDAP problems. I can use this to successfully connect to the
>> Netware box and all three OES Linux boxes. 4. PKDiag did find a problem
>> on the Netware box but it corrected it and subsequent PKIDIAG checks are
>> clean. I have rebooted all servers in question.
>>
>> Is this related or a different problem? I ran a full NDS repair and
>> have zero errors. I have two full NDS partitions on Netware boxes and
>> one full partition on one of the OES Linux boxes.

>
> I think this is related. It smells of a certificate issue here. Did the
> 6.5 box just get a new cert or anything like that???
>

YES! I was having an iManager issue on the Netware Box. I ran PKIDiag
and it found an error and fixed it.

What does that mean and what do I do now?

We're getting closer!

Matt
0 Likes
Highlighted
Anonymous_User Absent Member.
Absent Member.

Re: Couldn't get FDN from LUM for uid

I ran through TID 10066259 and verified that LDAP over SSL is working on the
Netware box. I'm guessing that the problem is that I need to tell tomcat on
the Linux boxes how to communicate to the LDAP Netware box again??

How do I do that?

Matt



>>> On 7/26/2007 at 8:05 PM, in message

<xxbqi.5104$oH4.2870@prv-forum2.provo.novell.com>, Matthew
Schlawin<mschlawin@fvlhs.org> wrote:
Mark Robinson wrote:
> On Tue, 24 Jul 2007 02:22:34 +0000, Matt Schlawin wrote:
>
>>> If you run getent passwd you should see a combination of local and eDir
>>> LUM users.

>> Yes I do. I see about 20 users including admin and tomcat.

>
> Good
>
>>> Admingroup would normally have your main admin user in there. No, don't
>>> delete it!

>> Wrong group...I have an "admingroup" with the admin user, novlwww, and
>> UNIX Worstations objects in it. I'm talking about "admingrp" that is
>> empty. It is LUM enabled but since it is empty, I think I can delete
>> it.

>
> Yep, that does sound OK.
>
>
>>> It definitely sounds like something went wrong with the LUM enablement
>>> of the server. Did you do all the configuration at install time or
>>> post-install?

>> I did it post-install.
>>
>> This has been working fine for over a year and it suddenly broke. I
>> did, however, find some more clues!
>>
>> 1. I have two other OES Linux servers and there are all three
>> generating the same messages!
>> 2. When I set up the OES Linux servers, I went to Yast, Network
>> Services, OES Network configuration, I had set up one of my Netware 6.5
>> servers as an LDAP server. When I try to add another one now,however, I
>> get "credentials failed" no matter how I try to log in. I tried
>> deleting the Netware LDAP server and adding it again, but I get the same
>> "credentials failed" message.
>> I cannot add any server without getting "credentials failes" on all
>> three
>> linux boxes. (And yes, I did remember to take out the period and put in
>> a comma in the FDN!)
>> 3. I have an LDAP browser program that runs under Windows that I use to
>> check for LDAP problems. I can use this to successfully connect to the
>> Netware box and all three OES Linux boxes. 4. PKDiag did find a problem
>> on the Netware box but it corrected it and subsequent PKIDIAG checks are
>> clean. I have rebooted all servers in question.
>>
>> Is this related or a different problem? I ran a full NDS repair and
>> have zero errors. I have two full NDS partitions on Netware boxes and
>> one full partition on one of the OES Linux boxes.

>
> I think this is related. It smells of a certificate issue here. Did the
> 6.5 box just get a new cert or anything like that???
>

YES! I was having an iManager issue on the Netware Box. I ran PKIDiag
and it found an error and fixed it.

What does that mean and what do I do now?

We're getting closer!

Matt


0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Couldn't get FDN from LUM for uid

This error occurs whenever I start up tomcat. They stop when I stop tomcat. Is tomcat LUM enabled?

Matt


>>> On 7/26/2007 at 10:17 AM, in message <pan.2007.07.26.15.18.17.7482@no.spam.please.nds8.co.uk>, Mark Robinson<mark.robinson@no.spam.please.nds8.co.uk> wrote:


On Tue, 24 Jul 2007 02:22:34 +0000, Matt Schlawin wrote:


>

>>If you run getent passwd you should see a combination of local and eDir
>>LUM users.

>
> Yes I do. I see about 20 users including admin and tomcat.


Good


>>Admingroup would normally have your main admin user in there. No, don't
>>delete it!

>
> Wrong group...I have an "admingroup" with the admin user, novlwww, and
> UNIX Worstations objects in it. I'm talking about "admingrp" that is
> empty. It is LUM enabled but since it is empty, I think I can delete
> it.


Yep, that does sound OK.



>>It definitely sounds like something went wrong with the LUM enablement
>>of the server. Did you do all the configuration at install time or
>>post-install?

>
> I did it post-install.
>
> This has been working fine for over a year and it suddenly broke. I
> did, however, find some more clues!
>
> 1. I have two other OES Linux servers and there are all three
> generating the same messages!
> 2. When I set up the OES Linux servers, I went to Yast, Network
> Services, OES Network configuration, I had set up one of my Netware 6.5
> servers as an LDAP server. When I try to add another one now,however, I
> get "credentials failed" no matter how I try to log in. I tried
> deleting the Netware LDAP server and adding it again, but I get the same
> "credentials failed" message.
> I cannot add any server without getting "credentials failes" on all
> three
> linux boxes. (And yes, I did remember to take out the period and put in
> a comma in the FDN!)
> 3. I have an LDAP browser program that runs under Windows that I use to
> check for LDAP problems. I can use this to successfully connect to the
> Netware box and all three OES Linux boxes. 4. PKDiag did find a problem
> on the Netware box but it corrected it and subsequent PKIDIAG checks are
> clean. I have rebooted all servers in question.
>
> Is this related or a different problem? I ran a full NDS repair and
> have zero errors. I have two full NDS partitions on Netware boxes and
> one full partition on one of the OES Linux boxes.


I think this is related. It smells of a certificate issue here. Did the
6.5 box just get a new cert or anything like that???



--
Mark Robinson
Novell Volunteer SysOp
www.nds8.co.uk
One by one the penguins steal my sanity...
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.