This website uses cookies. By continuing to browse or login to this website, you consent to the use of cookies. Learn more.
OK
Highlighted
aferris
Absent Member.
Absent Member.
‎2016-05-16 19:37
2017 views

ndsconfig upgrade fails to recreate certs

iPrint Appliance 1.1.0.407-HP419

Our self signed certs expired last week so I followed the "ndsconfig upgrade plus unload and reload ldap" method.

it didn't work:

Configuring SAS service
ERROR 111: Unable to connect to local server.Unable to configure LDAP server with default SSL CertificateDNS certificate. Use ConsoleOne/ldapconfig to associate SSL CertificateDNS certificate with LDAP server
Server is Down.

ERROR 2: Unable to unload dsi module - No such file or directory.
The instance at /etc/opt/novell/eDirectory conf/nds.conf is upgraded sucessfully

ERROR: ndsconfig return value = 100.

I've reverted back to the snapshot I took so we're still running with a working LDAP server. But I would like to update my certs so we can see printer status pages. I haven't applied the latest 1.1 patch (patch 5) yet. Is there anything I can do to make this successfully complete?

thanks,
Andrew
0 Likes
Reply
Report Inappropriate Content
7 Replies
Highlighted
aferris
Absent Member.
Absent Member.
‎2016-05-16 19:46

Re: ndsconfig upgrade fails to recreate certs

One other thing to mention is that I didn't run ndsconfig from the full path which I see now would be a good idea.

Andrew
0 Likes
Reply
Report Inappropriate Content
Highlighted
bobjohnson
Micro Focus Contributor
Micro Focus Contributor
‎2016-05-17 03:32

Re: ndsconfig upgrade fails to recreate certs

This knowledgebase article will step you through the process. There are more steps involved than the steps you took. You can watch the video by clicking the link in the article. Under additional information there is another process you may wish to follow if you choose. Here is the link to the article:
https://www.novell.com/support/kb/doc.php?id=7016720
0 Likes
Reply
Report Inappropriate Content
Highlighted
aferris
Absent Member.
Absent Member.
‎2016-05-17 17:52

Re: ndsconfig upgrade fails to recreate certs

Thanks for info. My original problem was from not running ndsconfig from /opt/novell/eDirectory/bin.

Andrew
0 Likes
Reply
Report Inappropriate Content
Highlighted
aferris
Absent Member.
Absent Member.
‎2016-06-01 16:57

Re: ndsconfig upgrade fails to recreate certs

I have followed TID 7016720 and re-created valid certs that expired in June 2018. If I try and manage a Print or the PrintManager I get:

Authorization Required
IPP Error: 0xF0191
HTTP Error: 401

I've been stepping through TID 3897348 and steps 1, 2, and 3 don't seem to apply. Step 4 is edit /etc/opt/novell/iprint/httpd/conf/iprint_ssl.conf and change the AuthLDAPURL from DNS to localhost. Is this still the best TID to follow?

thanks,
Andrew
0 Likes
Reply
Report Inappropriate Content
Highlighted
thsundel
Knowledge Partner
Knowledge Partner
‎2016-06-02 08:39

Re: ndsconfig upgrade fails to recreate certs

aferris;2430357 wrote:
I have followed TID 7016720 and re-created valid certs that expired in June 2018. If I try and manage a Print or the PrintManager I get:

Authorization Required
IPP Error: 0xF0191
HTTP Error: 401

I've been stepping through TID 3897348 and steps 1, 2, and 3 don't seem to apply. Step 4 is edit /etc/opt/novell/iprint/httpd/conf/iprint_ssl.conf and change the AuthLDAPURL from DNS to localhost. Is this still the best TID to follow?

thanks,
Andrew


Maybe this: https://www.novell.com/support/kb/doc.php?id=7016906 ?

Thomas
0 Likes
Reply
Report Inappropriate Content
Highlighted
aferris
Absent Member.
Absent Member.
‎2016-06-02 17:41

Re: ndsconfig upgrade fails to recreate certs

Thanks for the reply. My iprint_ssl.conf has AuthzLDAPDNAuthoritative already set to off.

Andrew
0 Likes
Reply
Report Inappropriate Content
Highlighted
aferris
Absent Member.
Absent Member.
‎2016-06-02 17:57

Re: ndsconfig upgrade fails to recreate certs

And step 4 of TID 3897348 did fix it - changing from DNS_NAME to localhost. /etc/opt/novell/iprint/httpd/con/iprint_ssl.conf says not to modify the file right at the top. I wonder if 1.1 Patch 4 changed the AuthLDAPNURL value back to DNS_NAME rather than localhost.

anyhow thanks again for all the help,

Andrew
0 Likes
Reply
Report Inappropriate Content
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.