NetWare SFTP can't reach some NW cluster volumes and OES Linux volumes

  • 3338087
  • 23-Oct-2007
  • 27-Apr-2012

Environment

Novell Open Enterprise Server
Novell NetWare 6.5 Support Pack 6

Situation

When connecting to a NetWare 6.5 server via SFTP, users are typically put in their home directory on an NCP volume anywhere in the tree, regardless of which NCP server it resides on. This is often referred to as "remote server access" or "remote volume access."
Cases have been seen where some NetWare cluster servers and volumes can be reached, or some OES Linux NCP volumes cannot be reached.
In some cases, it was noted that sys:etc/ssh/logs/sftp-server.log files shows a number of successful nw_sftp_stat procedures, and a number of failures as well. All the failures were dealing with server names in lowercase and all the successes were dealing with uppercase.

Resolution

More than one issue can be involved:
1. For SFTP to reach OES Linux servers with NCP volumes (including NSS volumes) it is important to keep the OES Linux system up to date on OES channel patches. Specifically, a recent NCP patch known as patch-11527, released in June 2007, is required for this type of access to work.
2. Investigation showed that some Server Objects in eDirectory existed with lowercase names. Or in the case of clustering, this may be the Virtual Server Object rather thant he node's server object.
Server object names in eDir have traditionally been all uppercase, but some more recent utilities allow them to be created in lowercase. For example, the iManager cluster setup wizard allows this, as does the OES Linux install. NetWare SFTP has a bug which causes trouble with lowercase server object names.
A fix for NetWare SFTP has been made and is included in NetWare 6.5 SP7.
Short of applying SP7, one possible work-around is to rename the server object to uppercase (without changing any other aspect of the name). Most utilities will not rename a server object, but one that will is the "Gawor LDAP browser". See https://www.novell.com/coolsolutions/tools/13765.html for information on that browser.
Care should be exercised to watch for any side effects that come of renaming the server object. If other problems are caused, the server object name should be returned to its original name. In Novell's testing, no problems were encountered. However, the tests did not include a broad range of Novell products and activities.
Another option would be to reinstall the server, making sure to specify server name in uppercase whenever prompted.