The administrator configured the LDAP Server to not accept anonymous binds.
Tomcat4 doesn't start when the LDAP Server has anonymous binds disabled
Error: 500 when trying to connect to Novell iManager
Error: 500 when trying to connect to Novell Portal Services
Changing the setting to Disallow anonymous simple bindYou will need the 1.3.6h version of Console1, that comes with Netware 6.5, to resolve this problem.
1. Start Console1
2. Open the LDAP Server object
3. Go to the Restrictions tab
4. Change the Bind Restrictions option from "Disallow anonymous simple bind" to "None"
5. Click on "Apply" to save your changes
If Tomcat 4
6. From the system console, type "tcadmup" to start Tomcat4
Changes to be made if Tomcat version is 4
There's a way to work-around the problem with Tomcat 4 and keep anonymous binds disabled. You'll need to edit two files:
1. sys:/tomcat/4/bin/tomcat4.ncf
a. Comment out the last two lines by inserting a ';' symbol at the beginning.
b. Add the following line to the end of the file - 'sys:/tomcat/4/bin/startup.ncf -config sys:/tomcat/4/conf/server.xml'.
When you are done, the last three lines of the file should look like this -
;java -classpath sys:/adminsrv/tccheck.jar;sys:/adminsrv/lib/jdom.jar com.novell.application.tomcat.util.tccheck.LDAPVerifier
;sys:/tomcat/4/conf/server.xml "sys:/tomcat/4/bin/startup %1 %2 %3 %4 %5 %6 %7 %8 %9" 40
sys:/tomcat/4/bin/startup.ncf -config sys:/tomcat/4/conf/server.xml
2. sys:/tomcat/4/conf/server.xml
a. Find the JNDIRealm section
b. Add two lines under the 'authentication="simple" ' line.
c. The first line is 'connectionName="cn=admin,o=novell" ' . Note: substitute one of your user entries for cn=admin,o=novell.
d. The second line is 'connectionPassword="foobar" ' . Note: substitute your password for foobar.
When you are done, the JNDIRealm section should look llike this -
<Realm className="org.apache.catalina.realm.JNDIRealm"
connectionURL="ldap://localhost:636" debug="0"
userPattern="cn={0},O=novell" protocol="ssl"
authentication="simple"
connectionName="cn=admin,o=novell"
connectionPassword="WSpoint1"
roleBase="ou=Tomcat-Roles,O=novell" roleName="cn"
roleSearch="member={0}" />
3. From the console, type tomcat4. You should now be able to access iManager.
Changes to be made if Tomcat version is 5
There's a way to work-around the problem with Tomcat 5 and keep anonymous binds disabled. You'll need to edit two files:
1. sys:/tomcat/5.0/bin/tomcat5.ncf
a. Comment out the last two lines by inserting a ';' symbol at the beginning.
b. Add the following line to the end of the file - 'sys:/tomcat/5.0/bin/startup.ncf -config sys:/tomcat/5.0/conf/server.xml'.
When you are done, the last three lines of the file should look like this -
;java -classpath sys:/adminsrv/tccheck.jar;sys:/adminsrv/lib/jdom.jar com.novell.application.tomcat.util.tccheck.LDAPVerifier
;sys:/tomcat/4/conf/server.xml "sys:/tomcat/4/bin/startup %1 %2 %3 %4 %5 %6 %7 %8 %9" 40
sys:/tomcat/5.0/bin/startup.ncf -config sys:/tomcat/5.0/conf/server.xml
2. Open sys:/tomcat/5.0/conf/server.xml
a. Find the JNDIRealm section
b. Add two lines under the 'authentication="simple" ' line.
c. The first line is 'connectionName="cn=admin,o=novell" ' . Note: substitute one of your user entries for cn=admin,o=novell.
d. The second line is 'connectionPassword="foobar" ' . Note: substitute your password for foobar.
When you are done, the JNDIRealm section should look llike this -
<Realm className="org.apache.catalina.realm.JNDIRealm"
connectionURL="ldap://localhost:636" debug="0"
userPattern="cn={0},O=novell" protocol="ssl"
authentication="simple"
connectionName="cn=admin,o=novell"
connectionPassword="WSpoint1"
roleBase="ou=Tomcat-Roles,O=novell" roleName="cn"
roleSearch="member={0}" />
3. From the console, type tomcat5. You should now be able to access iManager.
When it's started, Tomcat4 does an anonymous bind to the LDAP Server. If this is not successful, Tomcat4 will not start.
Formerly known as TID# 10086383
Added the section of making similar changes on TOMCAT5 directories to acieve the same effect.