Failed login count in Novell Remote Manager increments due to LDAP requests.

  • 3008055
  • 18-Jul-2006
  • 27-Apr-2012

Environment

Novell NetWare Remote Manager
Novell eDirectory

Situation

Symptom:
In the Health Monitor of Novell Remote Manager the Failed Logins Per Hour count is incrementing but users are not failing to login.
Reason:
Any LDAP bind request that hits a server will first try to find the object in the local database and then, if it fails, it will use referrals to walk the tree. If the object is not found in a local replica on this first attempt a -779 ERR CANNOT GO REMOTE is returned. The -779 returned by this first attempt to login to the local database is a legitimate failed login so the failed login count increments in Novell Remote Manager . However, the end result for the user is not a failed login because LDAP will then use referrals and the user is successfully logged into a different server. So both LDAP and Novell Remote Manager are functioning properly in their own regard.
To verify that the failed login count is rising due to -779 errors you can trace LDAP activity using dstrace. TID 10062292 has instructions on capturing LDAP information with dstrace.

Resolution

If you are seeing the failed login count in Novell Remote Manager incrementing due to -779 errors you may want to evaluate why there are LDAP bind requests to this server if it does not hold a replica. Then you can consider adding a replica(s) to this server or changing the behavior of the application doing the LDAP binds.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.