ERROR: -603 when trying to edit or create a Universal Password policy

  • 3489189
  • 05-Jun-2007
  • 26-Apr-2012

Environment


Novell iManager 2.6
Novell Identity Manager 3.5
Novell Identity Manager 3.5 - iManager Plug-ins
Novell Modular Authentication Service (NMAS) version 3.1.2
Novell Security Services 2.0.4


Password management plugins from IDM 3.5 have been installed on the system. The actual packages are:
  • novell_imanager_pwdmanagement_plugins, version 10.2.20070412, with description "Novell iManager Password Management Plug-ins for Security Services 2.0.4"
  • pwdpolicy, version 10.2.20070412, with description "Novell Identity Manager 3.5 - Password Management Plug-ins"

Situation

ERROR: NDS Error -603 when trying to edit a Universal Password policy using the Identity Manager 3.5 plug-ins on a tree where Identity Manager 3.5 is not installed.

ERROR: (Error -603) The requested attribute could not be found.

The process of creation seems to work fine but in the last step (Step 8 of 8) the -603 error is returned when attempting to save the newly created policy. When trying to edit the policy, it can be seen that the policy has not been created correctly, only very little information is populated.

Resolution

The lastest version of the plug-ins support a series of new NMAS features, for which the schema needs to be extended (in order to get more information on these features, refer to KB 3432478, "New NMAS features available with Security Services 2.0.4").
In order to use these features, the schema needs to be extended. This will happen as part of the installation process of Identity Manager 3.5 but it will not happen just by installing the Security Services 2.0.4 patch.

In order to resolve this problem without installing Identity Manager 3.5, the schema can be extended with the files present on the Netware build of ss204, under the SECURITY\NMAS\files\schema directory.

Additional Information

In order to manually extend the schema on a Netware server, follow these steps:
  1. Copy the files to a temporary folder in the server holding the master replica of Root
  2. At the server console, launch NWCONFIG
  3. Select Directory Options | Extend Schema
  4. Authenticate to the tree with admin equivalent credentials
  5. Indicate the path to the schema extension files
  6. The result of the operation will be logged in the SYS:\SYSTEM\DSMISC.LOG file.