Highlighted
ahleia Frequent Contributor.
Frequent Contributor.
297 views

When I install OES2 SP3 SLES 10SP4 unable to bind to edirectory through ldap

When adding new server to existing edirectory, getting message unable to bind to eDirectory through ldap.  The details shows a warning message Unable to check the duplicate server context NW19OES.ou=SERVERS.o=AL-AHLEIA.AHLEIA.  

Please help to resolve the issue

Labels (1)
Tags (2)
0 Likes
4 Replies
ahleia Frequent Contributor.
Frequent Contributor.

Re: When I install OES2 SP3 SLES 10SP4 unable to bind to edirectory through ldap

Detail of the error shows at the end, ERROR: /opt/novell/eDirectory/bin/ndsconfig return value=78

0 Likes
Knowledge Partner
Knowledge Partner

Re: When I install OES2 SP3 SLES 10SP4 unable to bind to edirectory through ldap

A view on the ndsd.log might help here.

That being said, there's a ton of possible reasons for this issue. I'd check certificates and the CA first. If you're really running OES2 it might even be possible that your CA did expire. If left untouched, an out-of-the-box CA had a 10 year lifetime IIRC. An attempt to install a new box into a tree would always fail if

- the CA has expired

- the CA server cannot get contacted

- there is no CA

- there a rights issues on the CA

a.s.o.

 

0 Likes
ahleia Frequent Contributor.
Frequent Contributor.

Re: When I install OES2 SP3 SLES 10SP4 unable to bind to edirectory through ldap

Thanks for your support and advise.

Following are shown under CA. This was expired and renewed now. Even after renewal, getting same error message unable to bind to eDirectory through LDAP.

Properties of AHLEIA CA
General tab shows,
Designated host name: AHLEIA CA.Security
Host server: ASC_NW4.SERVERS.AL-AHLEIA

subject name: O=ahleia.OU=Organizational CA
issuer name: O=NICI Licensed CA.CN=NICI Machine-Unique CA 0562E55D-2A38B8D21589862F658158541867553A
effective date: October 10, 2019 12:15:52 PM AST
expiration date: October 10, 2029 12:15:52 PM AST

NDS rights shows as below
ASC_NW4.SERVERS.AL-AHLEIA and Public (tree symbol)
assginged rights on ASC_NW4 shows Supervsor checked
and unchecked compare,read, write, add self properties.

assigned rights on public shows only read.

Replica server is not there in CA trustees. Is it required to add replica servers as a trustee?

Please your advise and support will be most appreciated.

0 Likes
Knowledge Partner
Knowledge Partner

Re: When I install OES2 SP3 SLES 10SP4 unable to bind to edirectory through ldap

Following are shown under CA. This was expired and renewed now. Even after renewal, getting same error message unable to bind to eDirectory through LDAP.

all the server certs now need to be renewed as the old ones where all tied to the expired CA

we then need to restart LDAP on each of the existing boxes :
     nldap -u
     nldap -l

confirm that /etc/nam.conf on all the existing servers point to valid servers,  then we get LUM working on each of the servers with the new LDAP certs with the command
    namconfig -k

given we hit the wall with the certs, it might not be a bad idea to reboot the servers when you can.  and check eDir health on each box with
   ndsrepair -T
   ndsrepair -E
   ndsrepair -C -Ad -A
making sure they run without errors, otherwise drill in an sort the errors out.

and now you can install that new server into the tree

 

 

___
Andy of Konecny Consulting in Toronto
Knowledge Partner Profile
If you find a post helpful, click the Like button below. Thanks!
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.