Big news! The community will be moving to a new platform April 21. Read more.
Big news! The community will be moving to a new platform April 21. Read more.
Absent Member.
Absent Member.
2300 views

ndsconfig upgrade fails to recreate certs

iPrint Appliance 1.1.0.407-HP419

Our self signed certs expired last week so I followed the "ndsconfig upgrade plus unload and reload ldap" method.

it didn't work:

Configuring SAS service
ERROR 111: Unable to connect to local server.Unable to configure LDAP server with default SSL CertificateDNS certificate. Use ConsoleOne/ldapconfig to associate SSL CertificateDNS certificate with LDAP server
Server is Down.

ERROR 2: Unable to unload dsi module - No such file or directory.
The instance at /etc/opt/novell/eDirectory conf/nds.conf is upgraded sucessfully

ERROR: ndsconfig return value = 100.

I've reverted back to the snapshot I took so we're still running with a working LDAP server. But I would like to update my certs so we can see printer status pages. I haven't applied the latest 1.1 patch (patch 5) yet. Is there anything I can do to make this successfully complete?

thanks,
Andrew
0 Likes
7 Replies
Absent Member.
Absent Member.

One other thing to mention is that I didn't run ndsconfig from the full path which I see now would be a good idea.

Andrew
0 Likes
Micro Focus Frequent Contributor
Micro Focus Frequent Contributor

This knowledgebase article will step you through the process. There are more steps involved than the steps you took. You can watch the video by clicking the link in the article. Under additional information there is another process you may wish to follow if you choose. Here is the link to the article:
https://www.novell.com/support/kb/doc.php?id=7016720
0 Likes
Absent Member.
Absent Member.

Thanks for info. My original problem was from not running ndsconfig from /opt/novell/eDirectory/bin.

Andrew
0 Likes
Absent Member.
Absent Member.

I have followed TID 7016720 and re-created valid certs that expired in June 2018. If I try and manage a Print or the PrintManager I get:

Authorization Required
IPP Error: 0xF0191
HTTP Error: 401

I've been stepping through TID 3897348 and steps 1, 2, and 3 don't seem to apply. Step 4 is edit /etc/opt/novell/iprint/httpd/conf/iprint_ssl.conf and change the AuthLDAPURL from DNS to localhost. Is this still the best TID to follow?

thanks,
Andrew
0 Likes
Knowledge Partner Knowledge Partner
Knowledge Partner

aferris;2430357 wrote:
I have followed TID 7016720 and re-created valid certs that expired in June 2018. If I try and manage a Print or the PrintManager I get:

Authorization Required
IPP Error: 0xF0191
HTTP Error: 401

I've been stepping through TID 3897348 and steps 1, 2, and 3 don't seem to apply. Step 4 is edit /etc/opt/novell/iprint/httpd/conf/iprint_ssl.conf and change the AuthLDAPURL from DNS to localhost. Is this still the best TID to follow?

thanks,
Andrew


Maybe this: https://www.novell.com/support/kb/doc.php?id=7016906 ?

Thomas
0 Likes
Absent Member.
Absent Member.

Thanks for the reply. My iprint_ssl.conf has AuthzLDAPDNAuthoritative already set to off.

Andrew
0 Likes
Absent Member.
Absent Member.

And step 4 of TID 3897348 did fix it - changing from DNS_NAME to localhost. /etc/opt/novell/iprint/httpd/con/iprint_ssl.conf says not to modify the file right at the top. I wonder if 1.1 Patch 4 changed the AuthLDAPNURL value back to DNS_NAME rather than localhost.

anyhow thanks again for all the help,

Andrew
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.