Novell Tomcat on NetWare
- The logger screen shows this output:
not support non-TLS binds
Consult NetWare documentation for details and workarounds
Tomcat will not start.
LDAP connectivity not found on ldap://localhost:636
Please load NLDAP and then manually execute command: sys:/tomcat/4/bin/startup
If your server host certificates have change recently, executing
sys:/system/tckeygen.ncf may be needed to restore secure LDAP
- Tckeygen was used to successfully import the server certificates to the Tomcat keystore.
- TCPCON shows that port 636 is listening. Protocol Information, TCP, TCP Connections (hit Tab to toggle the port names to port numbers).
- In ConsoleOne, the LDAP Server object for the server has the
"Disable SSL Port" is NOT checked,
Server Certificate: SSL CertificateDNS
Client Certificate: Not Requested
"Require TLS for All Operations" is NOT checked.
- Tomcat is using port 636 for LDAP authentication. This can be checked in the sys:/tomcat/4/conf/server.xml file. A search for'636' should result in a line similar to:
- DSTRACE with only the LDAP parameter enabled shows the following when loading Tomcat:
Monitor 0x11c initiating TLS handshake on connection 0x78c65000
DoTLSHandshake on connection 0x78c65000
BIO ctrl called with unknown cmd 7
Completed TLS handshake on connection 0x78c65000
DoBind on connection 0x78c65000
Treating simple bind with empty DN and no password as anonymous
Bind name:NULL, version:3, authentication:simple
Sending operation result 48:"":"Anonymous Simple Bind Disabled." to connection 0x78c65000
Operation 0x1:0x60 on connection 0x78c65000 completed in 0 seconds
Monitor 0x11c found connection 0x78c65000 ending TLS session
DoTLSShutdown on connection 0x78c65000
Monitor 0x11c found connection 0x78c65000 socket closed, err = -5871, 0 of 0 bytes read
Monitor 0x11c initiating close for connection 0x78c65000
Server closing connection 0x78c65000, socket error = -5871
Connection 0x78c65000 closed
- In ConsoleOne, open the properties of the LDAP server
- Open the 'NDS Rights' tab. Make sure that the server is a
trustee of the LDAP Server object.
- Open the 'Assigned Rights' for the server.
- Give the server object full rights to the the LDAP Server
object. There should be an [All Attributes Rights] in the Property
window. This should also have all rights enabled.
- Once these changes are made, click OK and then apply the
- On the general tab, click the "Refresh NLDAP Server Now" button (or enter "unload nldap" and then "load nldap" at the server console).
After refreshing NLDAP, try loading Tomcat again by entering'Tomcat4' at the console prompt. Switch to the logger screen to see if it loads properly.