Highlighted
Absent Member.
Absent Member.
3980 views

Trying to install LUM

Configuring LUM with namconfig and receive the following:

namconfig.getSchemaName: schema name = cn=schema
NAM Schema is extended successfully.
NAM Unique id schema is already extended.
uidNumber and gidNumber attribute indices already exist in the LDAP server
Error:Unknown error

It then goes back to the prompt. Any ideas??
Labels (2)
0 Likes
21 Replies
Absent Member.
Absent Member.

Re: Trying to install LUM

krobertsjr,

It appears that in the past few days you have not received a response to your
posting. That concerns us, and has triggered this automated reply.

Has your problem been resolved? If not, you might try one of the following options:

- Visit http://support.novell.com and search the knowledgebase and/or check all
the other self support options and support programs available.
- You could also try posting your message again. Make sure it is posted in the
correct newsgroup. (http://forums.novell.com)

Be sure to read the forum FAQ about what to expect in the way of responses:
http://forums.novell.com/faq.php

If this is a reply to a duplicate posting, please ignore and accept our apologies
and rest assured we will issue a stern reprimand to our posting bot.

Good luck!

Your Novell Product Support Forums Team
http://support.novell.com/forums/

0 Likes
Highlighted
Knowledge Partner
Knowledge Partner

Re: Trying to install LUM

Which version of OES are you running and is the server patched up to date?

Have you tried reinstalling/reconfiguring LUM from the YaST OES Install.. option?
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: Trying to install LUM

Yes I have. I believe LUM is working now since I can login to the server using an ldap authenicated account. My only issue now is that nothing shows in the LUM enabled services under the workstation object.

OES version 2 sp 1
0 Likes
Highlighted
Knowledge Partner
Knowledge Partner

Re: Trying to install LUM

krobertsjr;1853233 wrote:
Yes I have. I believe LUM is working now since I can login to the server using an ldap authenicated account. My only issue now is that nothing shows in the LUM enabled services under the workstation object.

OES version 2 sp 1

I'm not sure what you are expecting to see. I usually just check the config files to check how the service is configured. I'll have a look to see what I'm seeing in some different setups.

As a suggestion, monitor the server's /var/log/messages for a while -this will show runtime messages. (easiest to use a console/putty connection using 'tail -f /var/log/messages' while working on and with the server).

You can also restart the namcd to see if any specific messages are thrown. Running an extra 'namconfig cache_refresh' after refreshing the server should also give an idea how the service is doing.

These two docs give good info on how to check if LUM is working correctly:
Troubleshooting Linux User Management - Step by step
Novell Documentation
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: Trying to install LUM

magic31;1853284 wrote:
I'm not sure what you are expecting to see. I usually just check the config files to check how the service is configured. I'll have a look to see what I'm seeing in some different setups.

As a suggestion, monitor the server's /var/log/messages for a while -this will show runtime messages. (easiest to use a console/putty connection using 'tail -f /var/log/messages' while working on and with the server).

You can also restart the namcd to see if any specific messages are thrown. Running an extra 'namconfig cache_refresh' after refreshing the server should also give an idea how the service is doing.

These two docs give good info on how to check if LUM is working correctly:
Troubleshooting Linux User Management - Step by step
Novell Documentation



Thanks, let me know if you find anything on the enabled services not showing. I have done what you suggested and everything ooks good except for the fact the services that are enabled are not showing in iManager.
0 Likes
Highlighted
Knowledge Partner
Knowledge Partner

Re: Trying to install LUM

krobertsjr;1853349 wrote:
Thanks, let me know if you find anything on the enabled services not showing.

Well, looking in various workstation objects the LUM services list is empty in my setup too. Not sure if that field is supposed to get filled, but not having any issues either. So I guess you're good unless anybody else can chime in to tell us better 😉

Cheers,
Willem
0 Likes
Highlighted
Acclaimed Contributor.
Acclaimed Contributor.

Re: Trying to install LUM

>> So I guess you're good unless anybody else can chime in to tell us better 😉

interesting thing .... iManager seems to check all the files in /etc/pam.d for the entries

auth	sufficient	pam_nam.so	use_first_pass
account sufficient pam_nam.so
password sufficient pam_nam.so
session optional pam_nam.so


if it finds them in a file, it shows that file in the services list.
So as a test you can create a file called testlum and add those four lines.
Then open the modify lum workstation object in iManager once again, select the object of the server and change to the services view. Then you should see testlum.

Anyway not all services need all four lines and I had one file with just one line and then it was not reported. But the service was still okay because that one just needs the auth section. So if the services work and you don't want to deal with the different pam settings, ignore it.

Rainer
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: Trying to install LUM

Thanks for the solution. I have one more question that I have posted in other forums but have not gotten an answer to. When installing iFolder I recieve an error that i have an invalid certificate and when doing a ldap trace during the install it give me back an error that an ivalid protocol request was received. Any ideas?
0 Likes
Highlighted
Acclaimed Contributor.
Acclaimed Contributor.

Re: Trying to install LUM

krobertsjr,

use iManager to check the certificates of the server (SSL CertificaeDNS, SSL CertificateIP). They might have been expired if the server is older then 2 years. They were created during the server installation with a default lifetime of those two years. It is a common problem that they expire and then some services might have problems with it.

Rainer
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: Trying to install LUM

I have and they were not. I recreated them any way and still nojoy. Any other ideas?
0 Likes
Highlighted
Acclaimed Contributor.
Acclaimed Contributor.

Re: Trying to install LUM

Do you see the ldap url that ifolder tries to use ?
Is that ldap on port 389 or secure ldap on port 636 ?

On the ldap server object of that server there be a restriction activated that disables unsecure bind with passwords. In case ifolder tries to use just ldap and that is activated, it will block that access.

On the command line you can also check the setting using "ldapconfig get" and then provide a user like .admin.context with the password.

...
Require TLS for Simple Binds with Password: yes
...

In case ifolder uses just ldap this would block that communication.

Rainer
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.