Environment
Novell Access Manager 3
Situation
Getting event code 300101014 or 300101015 when attempting to authenticate to a protected resource.
Resolution
Set up of NTP and cron jobs, on your LAG(s) and Identity Server(s).
First:
Set up NTP on your LAG within Access Manager's Admin Console.
Set up NTP on your Identity Server using YaST.
(use the same NTP server)
Second:
Insert one line or the other of the following lines to the /etc/crontab file...
...depending on whether it is for a LAG or Identity Server:
If configuring for LAG, insert the following line only.
*/5 * * * * root rcxntpd restart
If configuring for Identity Server, insert the following line only.
*/5 * * * * root rcntp restart
Note: For SLES 11 and 11 SP1 use the following line only for both LAG and Identity Server /etc/crontab files.
*/5 * * * * root rcntp restart
Restart cron with /etc/init.d/cron restart. This will cause the 'rcntp restart' command to be run every 5 minutes, and it will persist through reboots, unlike the watch command.
To verify it is working, use tail -f /var/log/messages and watch for something like this:
Oct 29 16:38:46 user15 /usr/sbin/cron[2601]: (CRON) STARTUP (V5.0)
Oct 29 16:40:01 user15 /usr/sbin/cron[2611]: (root) CMD (rcntp restart)
Oct 29 16:40:01 user15 ntpd[2655]: ntpd 4.2.4p6@1.1549-o Mon Feb 23 19:40:27
...
First:
Set up NTP on your LAG within Access Manager's Admin Console.
Set up NTP on your Identity Server using YaST.
(use the same NTP server)
Second:
Insert one line or the other of the following lines to the /etc/crontab file...
...depending on whether it is for a LAG or Identity Server:
If configuring for LAG, insert the following line only.
*/5 * * * * root rcxntpd restart
If configuring for Identity Server, insert the following line only.
*/5 * * * * root rcntp restart
Note: For SLES 11 and 11 SP1 use the following line only for both LAG and Identity Server /etc/crontab files.
*/5 * * * * root rcntp restart
Restart cron with /etc/init.d/cron restart. This will cause the 'rcntp restart' command to be run every 5 minutes, and it will persist through reboots, unlike the watch command.
To verify it is working, use tail -f /var/log/messages and watch for something like this:
Oct 29 16:38:46 user15 /usr/sbin/cron[2601]: (CRON) STARTUP (V5.0)
Oct 29 16:40:01 user15 /usr/sbin/cron[2611]: (root) CMD (rcntp restart)
Oct 29 16:40:01 user15 ntpd[2655]: ntpd 4.2.4p6@1.1549-o Mon Feb 23 19:40:27
...
Additional Information
See also:
Documentation page for alternative method. (both methods are valid)
Section 3.8.1, Keeping Time Synchronized on the Access Manager Devices
https://www.novell.com/documentation/novellaccessmanager31/installation/data/b6qsgmc.html#bfj349m
Reference to this known problem:
See KB 3858673 "Time drifting when running a Linux guest under VMware ESX server"
https://support.microfocus.com/kb/doc.php?id=3858673&sli ceId=1&docTypeID=DT_TID_1_1&dialogID=20444125&stateId=0%200%2020438894
Documentation page for alternative method. (both methods are valid)
Section 3.8.1, Keeping Time Synchronized on the Access Manager Devices
https://www.novell.com/documentation/novellaccessmanager31/installation/data/b6qsgmc.html#bfj349m
Reference to this known problem:
See KB 3858673 "Time drifting when running a Linux guest under VMware ESX server"
https://support.microfocus.com/kb/doc.php?id=3858673&sli ceId=1&docTypeID=DT_TID_1_1&dialogID=20444125&stateId=0%200%2020438894