iManager error: "This user does not have the correct credentials to authenticate to the CIMOM client"

  • 3937454
  • 08-Nov-2007
  • 26-Apr-2012

Environment

Novell NetWare 6.5 Support Pack 6
Novell iManager 2.6
CIFS plugin from NW65SP6 or later
Storage plugin from NW65SP6 or later

Situation

When trying to manager CIFS on a remote server, iManager shows the error "This user does not have the correct credentials to authenticate to the CIMOM client".

Debugging steps:
Enable LDAP tracing on the remote server using the following commands:
SET DSTRACE=ON
SET DSTRACE=-ALL +LDAP
When selecting the server from within the CIFS option in iManager, the DSTRACE screen shows the following messages:
TLS accept failure 1 on connection 0x8e590b60, setting err = -5875. Error Stack:
error: 14094414:SSL routines:SSL3_READ_BYTES, sslv3 alert certificate expired - SSL alert number 45
TLS handshake failed on connection 0x8e590b60, err -5875
BIO ctrl called with unknown cmd 7
This is caused because the SSL certificate used by LDAP on the destination server has expired

Resolution

run PKIDIAG.NLM on the destination server to generate a new SSL certificate. Then unload and reload NLDAP.NLM to make LDAP use the new certificate. When running PKIDIAG make sure to choose options 4, 6, and 0 (in that order).

Additional Information

Make sure the uniqueid attribute of the user that you are logged on iManager is the same as the object name(CN). For instance, the uniqueid of the "admin" object must be "admin"