eDirectory is crashing due to corrupted KMOCACHE

  • 7003362
  • 27-May-2009
  • 26-Apr-2012


Novell eDirectory 8.8 for All Platforms
Novell eDirectory 8.7 for All Platforms


eDirectory crashes with EIP in NTLS.NLM

ABEND.LOG shows:

EIP in NTLS.NLM at code start +00028290h

Stack is similar as shown below


The KMOCACHE which acts as a cache for the certificates is corrupted and needs to be cleaned. The place of the kmocache is depending on the platform:

-On NetWare it is located in sys:system/certsrv/kmocache
-On Linux/Unix it is located under the "dib" directory which can be found using the "ndsconfig get | grep dibdir" command. Under this directory there is a certserv directory which contains the kmocache
-On Windows it is located under DIBFiles as well (by default in c:\novell\nds), under CertServ/KMOCache

The procedure to delete the corrupted kmocache is the following - please note users will not be able to connect to the server while doing this operation:
-Stop eDirectory:
        -NetWare: unload ds
        -Linux/Unix: /etc/init.d/ndsd stop
        -Windows: Stop the eDirectory service
-Remove all files from the kmocache directory mentioned above
-Start eDirectory:
        -NetWare: load ds
        -Linux/Unix: /etc/init.d/ndsd start
        -Windows: Start the eDirectory service

Additional Information

Current EIP: 90120F0C  NTLS.NLM|asn1_ex_i2c+57
9E03379C  90120E0E  NTLS.NLM|ASN1_template_i2d+518
9E0337C8  901205E7  NTLS.NLM|ASN1_item_ex_i2d+AD
9E03382C  90120AC3  NTLS.NLM|ASN1_template_i2d+1CD
9E033878  90120806  NTLS.NLM|ASN1_item_ex_i2d+2CC
9E0338D4  90120B6D  NTLS.NLM|ASN1_template_i2d+277
9E033920  90120806  NTLS.NLM|ASN1_item_ex_i2d+2CC
9E03397C  9012052D  NTLS.NLM|ASN1_item_i2d+97
9E0339AC  900C3AF5  NTLS.NLM|i2d_X509+13
9E0339C0  900AFD0F  NTLS.NLM|ssl3_output_cert_chain+290
9E033A6C  900A76F9  NTLS.NLM|ssl3_send_server_certificate+6D
9E033A88  900A4B38  NTLS.NLM|ssl3_accept+48A
9E033AC4  900B554C  NTLS.NLM|SSL_accept+22
9E033AD4  900B1350  NTLS.NLM|ssl23_get_client_hello+974
9E033B34  900B093C  NTLS.NLM|ssl23_accept+1B6
9E033B5C  900B554C  NTLS.NLM|SSL_accept+22
9E033B6C  98C41D77  NLDAP.NLM|DoTLSHandshake+2EC
9E034BB0  98C28A38  NLDAP.NLM|OperationThread+14E2
9E034BF4  98C21618  NLDAP.NLM|TPSetAvailableWorkInfo+78
9E034C0C  98C21D96  NLDAP.NLM|TPWorkerThread+E8
9E034C24  9040C356  THREADS.NLM|getcmd+21E
9E034C4C  9040C18C  THREADS.NLM|getcmd+54
9E034C64  90426730  THREADS.NLM|<Start of DATA segment>+2730
9E034C68  0021FD88  SERVER.NLM|TcoNewSystemThreadEntryPoint+40
(stack end)