Anonymous_User Absent Member.
Absent Member.
4732 views

unable to start micasad and afptcpd services

When I started AFP service, it said it started but when I checked the
status, it is not.

The log file says:
afptcpd [16460]: Failed to read proxy user credentials. Ensure CASA is
running and AFP casa entery is updated. Error: -803
afptcpd [16460]: [debug] failed to obtain AFP proxy user credentials (1)
<1>. Check proxy user in casa store
afptcpd [16460]: unable to authenticate with AFP proxy user 1 <1>

I tried to reconfigure AFP proxy user by typing yast2 novell-afp. But I
still can not start micasad service or novell-afp service.

I would appreciate it very much if someone can give me some advice on
where I should look at the above issue.

Thanks a lot!
Labels (1)
0 Likes
7 Replies
Anonymous_User Absent Member.
Absent Member.

Re: unable to start micasad and afptcpd services

Hi

I also have problems starting the novell-afptcpd service. Service says its
running but it is not listening on the correct port. I have issued a SR for
this but nothing much is done by Novell.

Regards
Bjorn


0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: unable to start micasad and afptcpd services

Bjorn Sundqvist wrote:
> Hi
>
> I also have problems starting the novell-afptcpd service. Service says its
> running but it is not listening on the correct port. I have issued a SR for
> this but nothing much is done by Novell.
>
> Regards
> Bjorn
>
>

Would you please update the case once the problem has been fixed?

Thanks,
0 Likes
mhutton Absent Member.
Absent Member.

Re: unable to start micasad and afptcpd services

I've tried to install afp on 2 test servers and the Yast configuration never activates nor ever shows up in yast. When I try to run yast2 novell-afp I get as far as Unable to create user cn=afpProxyUser-servername,o=orgname, Error: 1, then more errors until it gives a script error and exits! This shouldn't be so difficult!
0 Likes
junaid_s841 Absent Member.
Absent Member.

Re: unable to start micasad and afptcpd services

Before starting the AFP daemon ensure CASA is running.

$ rcmicasad status

Also ensure the AFP CASA store exists:

$ CASAcli -l
should list the afp-casa store.

If either of these steps fail you will not be able to run the AFP daemon. You might also want to try reconfiguring AFP and store the proxy user credentials in encrypted file format rather than CASA and tehn check if the AFP daemon comes up fine. Although this is not a secure option it will help us localize the problem to the AFP or CASA daemon.

Junaid
0 Likes
mhutton Absent Member.
Absent Member.

Re: unable to start micasad and afptcpd services

I had been able to get casa to run, the micasad status is running, Casacli lists 0 credential sets. Since the AFP Install never prompted with the Configuration Screen and never added a Yast module for configuring AFP, I have to attempt to configure afp by running either yast or yast2 novell-afp, it prompts me for the admin password for a blank edir tree and a blank admin user name with no way to define which tree or admin username or context! If I put in the password for the admin that I know is correct, it continues to the AFP Configuration - MAC client access to NSS volumes screen. Then, trying to create or use the AFP proxy user I get "Credentials Failed using Server: blank, do you want to continue anyway". If I continue, it wants me to select a password policy (only one choice) then I get "Unable to set user cn=afpproxyuser,o=xxxxx as reader of passwords Error:1". Acknowledging this gives "could not configure Novell afp services dure to a configuration script error".
It appears to me that if I had a way to actually configure AFP successfully and link the afpproxyuser to afp that it might actually load afp and work.
Questions...
- Why doesn't it go into the afp config when afp is installed?
- Why doesn't it add a yast module?
- Why have I had to manually configure Casa?
- Why when I run yast2 or yast afp-novell does it prompt me for a blank tree and servername that can't be defined?
- Is there another way to configure afp?
0 Likes
junaid_s841 Absent Member.
Absent Member.

Re: unable to start micasad and afptcpd services

It appears like there is an issue with eDirectory on your set up. The fact that it did not show the tree name suggests that the ldap query to fetch the tree name failed. Are other OES services running normally on your box? To answer your other queries:

- Why doesn't it go into the afp config when afp is installed?
If AFP was chosen to install as part of the OES install then AFP configuration is listed and allows you to modify the configuration.

- Why doesn't it add a yast module?
In YaST if you've chosen to install the novell-afptcpd module it auto-selects the yast2-novell-afp module for install.

- Why have I had to manually configure Casa?
It's not required to manually configure CASA. If the AFP configuration goes through fine, it takes care of storing proxy user credentials in CASA.

- Why when I run yast2 or yast afp-novell does it prompt me for a blank tree and servername that can't be defined?
Like I mentioned before it could be an issue with the eDir. Can you post the log entries of /var/log/YaST2/y2log ?

- Is there another way to configure afp?
You need to do the following to configure AFP:
1) create a proxy user (this is a normal eDirectory user with rights to read AFP users password)
2) ensure AFP users are assigned to a universal password policy
3) add the proxy user (created in step 1) as a reader of passwords to the password policies attached to AFP users
4) run the command:
$ casaforafp
this will prompt you for user credentials. provide the credentials of the AFP proxy user (created in step 1). this steps stores your proxy user credentials in CASA
5) edit the /etc/opt/novell/afptcpd/afpdircxt.conf
file and store the context of AFP users here. For instance, if cn=afpuser.o=mycompany is an AFP user, store o=mycompany in afpdircxt.conf

run AFP: rcnovell-afptcpd start
if you still see issues post the contents of: /var/log/afptcpd/afptcp.log

Junaid
0 Likes
spgsitsupport Absent Member.
Absent Member.

Re: unable to start micasad and afptcpd services

Nothing changed with another SP. Same error, same problem. For something that should be dead simple

Seb
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.