Anonymous_User Absent Member.
Absent Member.
2150 views

iFolder 3.6 and OES2

It seems to me that the initial configuration isn't automatically
creating the iFolderadmin or iFolderProxy users. Can someone tell me
the specific rights each of these users needs so I can do this manually?
Labels (1)
0 Likes
15 Replies
Anonymous_User Absent Member.
Absent Member.

Re: iFolder 3.6 and OES2

Justin Baustert wrote:

> It seems to me that the initial configuration isn't automatically
> creating the iFolderadmin or iFolderProxy users. Can someone tell me
> the specific rights each of these users needs so I can do this
> manually?


Did you go through the yast installation ?

--
Cheers,
Edward
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: iFolder 3.6 and OES2

Edward van der Maas wrote:
>
> Did you go through the yast installation ?
>


More than 10 times now. I've uninstalled, reinstalled, cleared config
files back to default, and tried, tried again. I continue to get
"failed to configure ifolder server" after making my selections. I've
read of possible problems with LDAP, but LDAP appears to be working in
other cases (DHCP, iPrint)... What else could I be missing?
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: iFolder 3.6 and OES2

Justin Baustert wrote:

> Edward van der Maas wrote:
> >
> > Did you go through the yast installation ?
> >

>
> More than 10 times now. I've uninstalled, reinstalled, cleared
> config files back to default, and tried, tried again. I continue to
> get "failed to configure ifolder server" after making my selections.
> I've read of possible problems with LDAP, but LDAP appears to be
> working in other cases (DHCP, iPrint)... What else could I be
> missing?


That is interesting. I've done it quite a few times and for me it
created the accounts properly.

Any messages in the logfiles for yast ? (not 100% sure which logfile
exactly it is). Try enabling LDAP trace when installing ifolder. I
think it uses LDAP to create all the stuff.

--
Cheers,
Edward
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: iFolder 3.6 and OES2

Edward van der Maas wrote:

> That is interesting. I've done it quite a few times and for me it
> created the accounts properly.
>
> Any messages in the logfiles for yast ? (not 100% sure which logfile
> exactly it is). Try enabling LDAP trace when installing ifolder. I
> think it uses LDAP to create all the stuff.


I am having this exact same issue when using YaST to install iFolder.
However, I have found that you can use the program called:
simias-server-setup located in:
/opt/novell/ifolder3/bin
to manually configure iFolder.

In fact, as I understand it, you don't need to run the config at all,
as long as you can manually configure your Simias.config file and
the include files for Apache, you just restart Apache and away you go.

However, I still have issues with my clients not able to connect.
So, alas, I am uninstalling and reinstalling iFolder again.

bb
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: iFolder 3.6 and OES2

Brad wrote:

> Edward van der Maas wrote:
>
> > That is interesting. I've done it quite a few times and for me it
> > created the accounts properly.
> >
> > Any messages in the logfiles for yast ? (not 100% sure which logfile
> > exactly it is). Try enabling LDAP trace when installing ifolder. I
> > think it uses LDAP to create all the stuff.

>
> I am having this exact same issue when using YaST to install iFolder.
> However, I have found that you can use the program called:
> simias-server-setup located in:
> /opt/novell/ifolder3/bin
> to manually configure iFolder.
>
> In fact, as I understand it, you don't need to run the config at all,
> as long as you can manually configure your Simias.config file and
> the include files for Apache, you just restart Apache and away you go.
>
> However, I still have issues with my clients not able to connect.
> So, alas, I am uninstalling and reinstalling iFolder again.


The user you use to authenticate that allows you to create the
ifolderproxy accounts does that user have administrative rights ?



--
Cheers,
Edward
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: iFolder 3.6 and OES2

Edward van der Maas wrote:

> The user you use to authenticate that allows you to create the
> ifolderproxy accounts does that user have administrative rights ?
>


I would say that that section in the script isn't clear.
The script ask for several accounts:
----- LDAP ADMIN DN -----
Does this account need administrative right? I assume this is only
to search the tree, so it needs read/browse rights but nothing else?

----- SYSTEM ADMIN -----
This account is a full admin account with all rights to the tree.

----- LDAP PROXY DN -----
And this one only has read/browse rights as well.


Do any of these need to be changed?

Thanks
Brad B.
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: iFolder 3.6 and OES2

Brad wrote:

> Edward van der Maas wrote:
>
> > The user you use to authenticate that allows you to create the
> > ifolderproxy accounts does that user have administrative rights ?
> >

>
> I would say that that section in the script isn't clear.
> The script ask for several accounts:
> ----- LDAP ADMIN DN -----
> Does this account need administrative right? I assume this is only
> to search the tree, so it needs read/browse rights but nothing else?
>
> ----- SYSTEM ADMIN -----
> This account is a full admin account with all rights to the tree.
>
> ----- LDAP PROXY DN -----
> And this one only has read/browse rights as well.
>
>
> Do any of these need to be changed?


So you have created users like these specified and tested it ?



--
Cheers,
Edward
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: iFolder 3.6 and OES2

Edward van der Maas wrote:

> Brad wrote:
>
>> Edward van der Maas wrote:
>>
>> > The user you use to authenticate that allows you to create the
>> > ifolderproxy accounts does that user have administrative rights ?
>> >

>>
>> I would say that that section in the script isn't clear.
>> The script ask for several accounts:
>> ----- LDAP ADMIN DN -----
>> Does this account need administrative right? I assume this is only
>> to search the tree, so it needs read/browse rights but nothing else?
>>
>> ----- SYSTEM ADMIN -----
>> This account is a full admin account with all rights to the tree.
>>
>> ----- LDAP PROXY DN -----
>> And this one only has read/browse rights as well.
>>
>>
>> Do any of these need to be changed?

>
> So you have created users like these specified and tested it ?


I have these users in my tree and I have successfully logged in with
each of them.
I have had the "master" iFolder setup and running successfully, however
I was attempting to setup a "slave" server. The slave server configuration
got mangled and somehow killed my master server. So, I am currently in
the process of reinstalling the master server and still having issues.

A ldap trace shows:
Bind name:cn=iFolder_ServerAgent,O=LA, version:3, authentication:simple
Failed to resolve full context on connection 0x11013b40, err = no such entry
(-601)
Failed to authenticate full context on connection 0x11013b40, err = no such
entry (-601)

I have not seen any mention in the iFolder 3.6 documentation of the
"iFolder_ServerAgent" object being installed or created. I do not have
this object in my tree. I'm not sure if it's needed for iFolder 3.6.
I am currently working with our PSE to resolve this iFolder issue.
If we find something specific I will post, but I would appreciate any other
insights any one can offer.

Thanks
Brad B
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: iFolder 3.6 and OES2

Brad wrote:


> A ldap trace shows:
> Bind name:cn=iFolder_ServerAgent,O=LA, version:3,
> authentication:simple Failed to resolve full context on connection
> 0x11013b40, err = no such entry (-601)
> Failed to authenticate full context on connection 0x11013b40, err =
> no such entry (-601)


How strange, have you tried logging via an LDAP browser yourself ?



--
Cheers,
Edward
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: iFolder 3.6 and OES2

Edward van der Maas wrote:

> Brad wrote:
>
>
>> A ldap trace shows:
>> Bind name:cn=iFolder_ServerAgent,O=LA, version:3,
>> authentication:simple Failed to resolve full context on connection
>> 0x11013b40, err = no such entry (-601)
>> Failed to authenticate full context on connection 0x11013b40, err =
>> no such entry (-601)

>
> How strange, have you tried logging via an LDAP browser yourself ?
>


Yes, I have used ldapsearch and logged in via several different accounts.
However, I should mention that the above object was necessary in iFolder v2.
But from what i am told it is not needed in v 3.6.

I was told that the error found in my iFolder setup was present in some
beta versions, but the development team thought it was resolved. NTS
notified the dev team and they are looking into the issue.

BB
0 Likes
reznid01 Absent Member.
Absent Member.

Re: iFolder 3.6 and OES2

Brad;1562811 wrote:
Edward van der Maas wrote:

> Brad wrote:
>
>
>> A ldap trace shows:
>> Bind name:cn=iFolder_ServerAgent,O=LA, version:3,
>> authentication:simple Failed to resolve full context on connection
>> 0x11013b40, err = no such entry (-601)
>> Failed to authenticate full context on connection 0x11013b40, err =
>> no such entry (-601)

>
> How strange, have you tried logging via an LDAP browser yourself ?
>


Yes, I have used ldapsearch and logged in via several different accounts.
However, I should mention that the above object was necessary in iFolder v2.
But from what i am told it is not needed in v 3.6.

I was told that the error found in my iFolder setup was present in some
beta versions, but the development team thought it was resolved. NTS
notified the dev team and they are looking into the issue.

BB


Try to recreate Server Certificates it might help.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.