BorderManager 3.9 Access Control rules not working, getting "Could NOT find ACL" error on the logger screen

  • 7001558
  • 08-Oct-2008
  • 26-Apr-2012


Novell BorderManager 3.9 Support Pack 1
Novell BorderManager 3.9


Access Rules can be viewed, created, and edited in iManager, but the rules do not seem to be working.  For example, a URL rule is created to block http://**, but users are able to access  The following error is seen on the NetWare logger screen when administering the rules with iManager:
xpath is ACL/AccessRule[@RuleNumber='032b30aa']AcessRule[@RuleNumber='032b30aa']
Value is null
Setting the value of field = checkboxURL127, XPath = ACL/AccessRule[@RuleNumber=
'032b30aa']AcessRule[@RuleNumber='032b30aa']/URL[1]/Configured[@Value='http://*.*'], Value = 0
Could NOT find ACL/AccessRule[@RuleNumber='032b30aa']AcessRule[@RuleNumber='032b


If running the shipping build of BorderManager 3.9, update to Service Pack 1.  Run the fillattr command to convert rules and proxy configuration to the format recognized by the BorderManager plug-ins for iManager.  The following is the syntax for the fillattr command:
fillattr <host ip> <login dn> <password> <server dn> <search base dn>
For example,
fillattr cn=admin,o=novell novell cn=nwserver-38,o=novell o=novell
If running fillattr does not resolve the issue, try removing and reinstalling the BorderManager plug-ins in iManager:
  1. In iManager, go to Configure -> Plug-in Installation -> Installed Novell Plug-in Modules.  Select the BorderManager Proxy and Access Control NPM's, and remove them

  2. Restart tomcat with these commands:

    For iManager 2.7:
    (wait for tomcat to stop)

    For iManager 2.6:

    tc4stop (wait for tomcat to stop)

  3. Go back into iManager and verify if the Proxy and Access Control plug-ins were removed.  If they were removed successfully, skip to step 9.  If the plug-ins were not moved, continue with step 4 to manually remove them.

  4. Stop tomcat.

  5. Delete the following files and directories:

    For iManager 2.6, search in sys:\tomcat\4.0\ instead of sys:\tomcat\5.0\.

  6. Start tomcat.

  7. Wait for iManager to come back up, then log in.  Check that the BorderManager Proxy and Access Control plug-ins are gone.

  8. Go to Configure -> Plug-in Installation -> Installed Novell Plug-in Modules.  Ensure that the BM modules are gone.

  9. Go to Available Novell Plug-in Modules.  Select and remove the NBM ACL and NBM Proxy Configuration modules if the file locations appear as 'Local Directory'.

  10. Click on Add, and navigate to the bmacl_2.7.npm and bmpxy_2.7.npm files (or bmacl_2.7.npm and bmpxy_2.6.npm for iManager 2.6) in the BORDER directory on the BM 3.9 SP 1 media.  Select the NBM ACL and NBM Proxy Configuration modules and install.

  11. Stop and start tomcat, then test the newly installed BorderManager snap-ins.

  12. Test the Access Rules.  If they still do not work correctly, delete and recreate the rules using the newly installed BorderManager plug-ins.