ScorpionSting Absent Member.
Absent Member.
1313 views

9.1.1 CEF

Hmmm....CEF won't load....


DHost was unable to load libcefauditds.so because of an unknown error that was probably returned by the module's initialization routine.
Error code: -603.


But the required modules are installed:


xxxxxxx:/etc/opt/novell/eDirectory/conf # rpm -qa | grep -i cefinst
novell-edirectory-cefinstrument-9.1.1-46.x86_64
xxxxxxx:/etc/opt/novell/eDirectory/conf # rpm -qa | grep -i xdas
novell-edirectory-xdaslog-conf-9.1.1-0.noarch
novell-edirectory-xdaslog-9.1.1-0.x86_64
novell-edirectory-xdasinstrument-9.1.1-0.x86_64


And it appears the required attributes are there on the server object:


dn: cn=xxxxxxxx, o=ADMIN
NAuditInstrumentation: DSConfigured
cefVersion: 0
xdasConfiguration: DSNoReplicatedEvents=1
xdasConfiguration: dsaccount=Person$Organizational Person$User$$
xdasConfiguration: dstrust=Group$dynamicGroup$dynamicGroupAux$LDAP Group$Organizational Role$$
xdasConfiguration: loglargevalues=false
xdasConfiguration: xdasEvents=
xdasVersion: 2

Visit my Website for links to Cool Solution articles.
Labels (1)
0 Likes
16 Replies
ScorpionSting Absent Member.
Absent Member.

Re: 9.1.1 CEF

Also, the 3.1.1.20180609 plugins are installed, but I can't seem to get the CEF tab up under Auditing....I guess it might show when the module can load...??? Or is this going to be a catch22?

Visit my Website for links to Cool Solution articles.
0 Likes
ScorpionSting Absent Member.
Absent Member.

Re: 9.1.1 CEF

ScorpionSting;2483257 wrote:
Also, the 3.1.1.20180609 plugins are installed, but I can't seem to get the CEF tab up under Auditing....I guess it might show when the module can load...??? Or is this going to be a catch22?


So, bug with this...

Even though there was an in-place upgrade of iMan from 3.1.0 to 3.1.1, and the eDir/pki/nmas plugins were updated after the upgrade, there were no "updates" to the RBS..... I deleted the entire RBS and re-created it, now I get the CEF tab :mad:

Visit my Website for links to Cool Solution articles.
0 Likes
ScorpionSting Absent Member.
Absent Member.

Re: 9.1.1 CEF

ScorpionSting;2483258 wrote:
So, bug with this...

Even though there was an in-place upgrade of iMan from 3.1.0 to 3.1.1, and the eDir/pki/nmas plugins were updated after the upgrade, there were no "updates" to the RBS..... I deleted the entire RBS and re-created it, now I get the CEF tab :mad:


After updating object with CEF logging, module now loads.....

This is freakin' irritating!

Visit my Website for links to Cool Solution articles.
0 Likes
Knowledge Partner
Knowledge Partner

Re: 9.1.1 CEF

On 06/28/2018 06:04 PM, ScorpionSting wrote:
>
> Hmmm....CEF won't load....


Did it before you upgraded o 9.1 SP1, or is this a new setup?

> Code:
> --------------------
>
> DHost was unable to *load* 'libcefauditds.so' (https://x3100m4.lan.isam.kiwi:8030/dhost/modules?I:libcefauditds.so) because of an unknown error that was probably returned by the module's initialization routine.
> Error code: -603.
> --------------------


-603 means no such attribute; do you have the CEF attributes configured on
the server object for auditing? That would not be done by default.

> But the required modules are installed:
>
> Code:
> --------------------
>
> *xxxxxxx:/etc/opt/novell/eDirectory/conf #* rpm -qa | grep -i cefinst
> novell-edirectory-*cefinst*rument-9.1.1-46.x86_64
> *xxxxxxx:/etc/opt/novell/eDirectory/conf #* rpm -qa | grep -i xdas
> novell-edirectory-*xdas*log-conf-9.1.1-0.noarch
> novell-edirectory-*xdas*log-9.1.1-0.x86_64
> novell-edirectory-*xdas*instrument-9.1.1-0.x86_64
> --------------------


CEF and XDAS are mutually exclusive; only one can run (regardless of
installation) at a time, so while it's not bad (afaik) that XDAS stuff is
there, it must not be loaded.


ndstrace -c modules | grep -i audit


> And it appears the required attributes are there on the server object:
>
> Code:
> --------------------
>
> dn: cn=xxxxxxxx, o=ADMIN
> NAuditInstrumentation: DSConfigured
> cefVersion: 0
> xdasConfiguration: DSNoReplicatedEvents=1
> xdasConfiguration: dsaccount=Person$Organizational Person$User$$
> xdasConfiguration: dstrust=Group$dynamicGroup$dynamicGroupAux$LDAP Group$Organizational Role$$
> xdasConfiguration: loglargevalues=false
> xdasConfiguration: xdasEvents=
> xdasVersion: 2
>
> --------------------


Other than cefVersion, I do not see anything related to CEF, so I do not
think things are really there. Combining this with the -603, I would
guess you have not configured CEF on this server, thus it will not load.

--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below.

If you want to send me a private message, please let me know in the
forum as I do not use the web interface often.
0 Likes
Knowledge Partner
Knowledge Partner

Re: 9.1.1 CEF

On 6/29/2018 6:25 AM, ab wrote:
> On 06/28/2018 06:04 PM, ScorpionSting wrote:
>>
>> Hmmm....CEF won't load....

>
> Did it before you upgraded o 9.1 SP1, or is this a new setup?
>
>> Code:
>> --------------------
>>
>> DHost was unable to *load* 'libcefauditds.so' (https://x3100m4.lan.isam.kiwi:8030/dhost/modules?I:libcefauditds.so) because of an unknown error that was probably returned by the module's initialization routine.
>> Error code: -603.
>> --------------------

>
> -603 means no such attribute; do you have the CEF attributes configured on
> the server object for auditing? That would not be done by default.


I just ran into this with auditds, that you get a 603 error is the NCP
Server is missing the NCP Key Material Name, a string, that seems to
hold SSL CertificateDNS as a value.

This site had 7 servers, and 6 have a value, only one did not. Still
not sure what sets that...

0 Likes
ScorpionSting Absent Member.
Absent Member.

Re: 9.1.1 CEF

ab;2483272 wrote:
On 06/28/2018 06:04 PM, ScorpionSting wrote:
>
> Hmmm....CEF won't load....


Did it before you upgraded o 9.1 SP1, or is this a new setup?



Upgrade, all was okay in 3.1.0

ab;2483272 wrote:


> Code:
> --------------------
>
> DHost was unable to *load* 'libcefauditds.so' (https://x3100m4.lan.isam.kiwi:8030/dhost/modules?I:libcefauditds.so) because of an unknown error that was probably returned by the module's initialization routine.
> Error code: -603.
> --------------------


-603 means no such attribute; do you have the CEF attributes configured on
the server object for auditing? That would not be done by default.

> But the required modules are installed:
>
> Code:
> --------------------
>
> *xxxxxxx:/etc/opt/novell/eDirectory/conf #* rpm -qa | grep -i cefinst
> novell-edirectory-*cefinst*rument-9.1.1-46.x86_64
> *xxxxxxx:/etc/opt/novell/eDirectory/conf #* rpm -qa | grep -i xdas
> novell-edirectory-*xdas*log-conf-9.1.1-0.noarch
> novell-edirectory-*xdas*log-9.1.1-0.x86_64
> novell-edirectory-*xdas*instrument-9.1.1-0.x86_64
> --------------------


CEF and XDAS are mutually exclusive; only one can run (regardless of
installation) at a time, so while it's not bad (afaik) that XDAS stuff is
there, it must not be loaded.


Ahh....actually need to check documentation there sport: https://www.netiq.com/documentation/edirectory-91/edir_admin/data/t44e7j6b8ufi.html#t44e7j6bc6sw

ab;2483272 wrote:


ndstrace -c modules | grep -i audit


> And it appears the required attributes are there on the server object:
>
> Code:
> --------------------
>
> dn: cn=xxxxxxxx, o=ADMIN
> NAuditInstrumentation: DSConfigured
> cefVersion: 0
> xdasConfiguration: DSNoReplicatedEvents=1
> xdasConfiguration: dsaccount=Person$Organizational Person$User$$
> xdasConfiguration: dstrust=Group$dynamicGroup$dynamicGroupAux$LDAP Group$Organizational Role$$
> xdasConfiguration: loglargevalues=false
> xdasConfiguration: xdasEvents=
> xdasVersion: 2
>
> --------------------


Other than cefVersion, I do not see anything related to CEF, so I do not
think things are really there. Combining this with the -603, I would
guess you have not configured CEF on this server, thus it will not load.

--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below.

If you want to send me a private message, please let me know in the
forum as I do not use the web interface often.

Visit my Website for links to Cool Solution articles.
0 Likes
Knowledge Partner
Knowledge Partner

Re: 9.1.1 CEF

On 06/29/2018 07:54 AM, ScorpionSting wrote:
>
>>> But the required modules are installed:
>>>
>>> Code:
>>> --------------------
>>>
>>> *xxxxxxx:/etc/opt/novell/eDirectory/conf #* rpm -qa | grep -i

>> cefinst
>>> novell-edirectory-*cefinst*rument-9.1.1-46.x86_64
>>> *xxxxxxx:/etc/opt/novell/eDirectory/conf #* rpm -qa | grep -i xdas
>>> novell-edirectory-*xdas*log-conf-9.1.1-0.noarch
>>> novell-edirectory-*xdas*log-9.1.1-0.x86_64
>>> novell-edirectory-*xdas*instrument-9.1.1-0.x86_64
>>> --------------------

>>
>> CEF and XDAS are mutually exclusive; only one can run (regardless of
>> installation) at a time, so while it's not bad (afaik) that XDAS stuff
>> is
>> there, it must not be loaded.

>
> Ahh....actually need to check documentation there sport:
> https://www.netiq.com/documentation/edirectory-91/edir_admin/data/t44e7j6b8ufi.html#t44e7j6bc6sw


Care to elaborate? The documentation confirms what I stated that you
cannot have both modules loaded at once, and that they are mutually exclusive.

Anyway, sounds like you fixed it by configuring CEF.

--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below.

If you want to send me a private message, please let me know in the
forum as I do not use the web interface often.
0 Likes
Knowledge Partner
Knowledge Partner

Re: 9.1.1 CEF

On 6/29/2018 10:48 AM, ab wrote:
> On 06/29/2018 07:54 AM, ScorpionSting wrote:
>>
>>>> But the required modules are installed:
>>>>
>>>> Code:
>>>> --------------------
>>>>
>>>> *xxxxxxx:/etc/opt/novell/eDirectory/conf #* rpm -qa | grep -i
>>> cefinst
>>>> novell-edirectory-*cefinst*rument-9.1.1-46.x86_64
>>>> *xxxxxxx:/etc/opt/novell/eDirectory/conf #* rpm -qa | grep -i xdas
>>>> novell-edirectory-*xdas*log-conf-9.1.1-0.noarch
>>>> novell-edirectory-*xdas*log-9.1.1-0.x86_64
>>>> novell-edirectory-*xdas*instrument-9.1.1-0.x86_64
>>>> --------------------
>>>
>>> CEF and XDAS are mutually exclusive; only one can run (regardless of
>>> installation) at a time, so while it's not bad (afaik) that XDAS stuff
>>> is
>>> there, it must not be loaded.

>>
>> Ahh....actually need to check documentation there sport:
>> https://www.netiq.com/documentation/edirectory-91/edir_admin/data/t44e7j6b8ufi.html#t44e7j6bc6sw

>
> Care to elaborate? The documentation confirms what I stated that you
> cannot have both modules loaded at once, and that they are mutually exclusive.
>
> Anyway, sounds like you fixed it by configuring CEF.


I was surprised that auditds is no longer installed, but the RPM Is
present. So of the three audit methods, there can be only one. Stupid
highlander directories. (Very empty tree, basically just:
cn=TheOnlyOne,o=highlanders )

0 Likes
Knowledge Partner
Knowledge Partner

Re: 9.1.1 CEF

On 06/29/2018 11:03 AM, Geoffrey Carman wrote:
>
> I was surprised that auditds is no longer installed, but the RPM Is
> present. So of the three audit methods, there can be only one. Stupid
> highlander directories. (Very empty tree, basically just:
> cn=TheOnlyOne,o=highlanders )


As far as I know, the edirinst package (which houses the auditds module)
has never been installed, or even upgraded during an upgrade, by default,
which is silly, but it's just how it is. The XDAS (and now CEF) piece has
been installed, but still not configured by default since that always
requires iManager or LDAP to set attributes on the NCP Server object.

--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below.

If you want to send me a private message, please let me know in the
forum as I do not use the web interface often.
0 Likes
Knowledge Partner
Knowledge Partner

Re: 9.1.1 CEF

On 7/1/2018 8:38 AM, ab wrote:
> On 06/29/2018 11:03 AM, Geoffrey Carman wrote:
>>
>> I was surprised that auditds is no longer installed, but the RPM Is
>> present. So of the three audit methods, there can be only one. Stupid
>> highlander directories. (Very empty tree, basically just:
>> cn=TheOnlyOne,o=highlanders )

>
> As far as I know, the edirinst package (which houses the auditds module)
> has never been installed, or even upgraded during an upgrade, by default,
> which is silly, but it's just how it is. The XDAS (and now CEF) piece has
> been installed, but still not configured by default since that always
> requires iManager or LDAP to set attributes on the NCP Server object.


Good to know it is not something new.
0 Likes
Sabhay1 Absent Member.
Absent Member.

Re: 9.1.1 CEF

ab;2483326 wrote:
On 06/29/2018 11:03 AM, Geoffrey Carman wrote:
As far as I know, the edirinst package (which houses the auditds module)
has never been installed, or even upgraded during an upgrade, by default,
which is silly, but it's just how it is. The XDAS (and now CEF) piece has
been installed, but still not configured by default since that always
requires iManager or LDAP to set attributes on the NCP Server object.

AFAIK, starting from 9.0.3, edirinst package is upgraded by the standalone installer if was installed previously.
0 Likes
Sabhay1 Absent Member.
Absent Member.

Re: 9.1.1 CEF

geoffc;2483297 wrote:
On 6/29/2018 10:48 AM, ab wrote:
I was surprised that auditds is no longer installed, but the RPM Is
present. So of the three audit methods, there can be only one. Stupid
highlander directories. (Very empty tree, basically just:
cn=TheOnlyOne,o=highlanders )


You can use auditds along with CEF or XDAS, but you can choose only one in between CEF and XDAS as both are syslog format.
0 Likes
Knowledge Partner
Knowledge Partner

Re: 9.1.1 CEF

On 7/3/2018 12:44 PM, Sabhay wrote:
>
> geoffc;2483297 Wrote:
>> On 6/29/2018 10:48 AM, ab wrote:
>> I was surprised that auditds is no longer installed, but the RPM Is
>> present. So of the three audit methods, there can be only one. Stupid
>> highlander directories. (Very empty tree, basically just:
>> cn=TheOnlyOne,o=highlanders )

>
> You can use auditds along with CEF or XDAS, but you can choose only one
> in between CEF and XDAS as both are syslog format.


That is an interesting point I had not considered.


0 Likes
brucetimberlake Absent Member.
Absent Member.

Re: 9.1.1 CEF

FWIW we opened an SR for this problem (no CEF tab in the Audit page), and the fix turned out to be using iManager 3.1.1, deleting the eDir 9.x plugin that was listed as already installed with iManager 3.1.1, and then making sure the latest eDir plugin was installed. After that the CEF tab showed up for us.

We tried the RBS removal/recreate and it did not help. That's why we went with the SR and Paula helped us out 🙂
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.