Environment
Novell eDirectory 8.8 for All Platforms
Novell eDirectory 8.7 for All Platforms
Novell eDirectory 8.7 for All Platforms
Situation
eDirectory crashes with EIP in NTLS.NLM
ABEND.LOG shows:
EIP in NTLS.NLM at code start +00028290h
Stack is similar as shown below
ABEND.LOG shows:
EIP in NTLS.NLM at code start +00028290h
Stack is similar as shown below
Resolution
The KMOCACHE which acts as a cache for the certificates is
corrupted and needs to be cleaned. The place of the kmocache is
depending on the platform:
-On NetWare it is located in sys:system/certsrv/kmocache
-On Linux/Unix it is located under the "dib" directory which can be found using the "ndsconfig get | grep dibdir" command. Under this directory there is a certserv directory which contains the kmocache
-On Windows it is located under DIBFiles as well (by default in c:\novell\nds), under CertServ/KMOCache
The procedure to delete the corrupted kmocache is the following - please note users will not be able to connect to the server while doing this operation:
-Stop eDirectory:
-NetWare: unload ds
-Linux/Unix: /etc/init.d/ndsd stop
-Windows: Stop the eDirectory service
-Remove all files from the kmocache directory mentioned above
-Start eDirectory:
-NetWare: load ds
-Linux/Unix: /etc/init.d/ndsd start
-Windows: Start the eDirectory service
-On NetWare it is located in sys:system/certsrv/kmocache
-On Linux/Unix it is located under the "dib" directory which can be found using the "ndsconfig get | grep dibdir" command. Under this directory there is a certserv directory which contains the kmocache
-On Windows it is located under DIBFiles as well (by default in c:\novell\nds), under CertServ/KMOCache
The procedure to delete the corrupted kmocache is the following - please note users will not be able to connect to the server while doing this operation:
-Stop eDirectory:
-NetWare: unload ds
-Linux/Unix: /etc/init.d/ndsd stop
-Windows: Stop the eDirectory service
-Remove all files from the kmocache directory mentioned above
-Start eDirectory:
-NetWare: load ds
-Linux/Unix: /etc/init.d/ndsd start
-Windows: Start the eDirectory service
Additional Information
Current EIP: 90120F0C
NTLS.NLM|asn1_ex_i2c+57
9E03379C 90120E0E NTLS.NLM|ASN1_template_i2d+518
9E0337C8 901205E7 NTLS.NLM|ASN1_item_ex_i2d+AD
9E03382C 90120AC3 NTLS.NLM|ASN1_template_i2d+1CD
9E033878 90120806 NTLS.NLM|ASN1_item_ex_i2d+2CC
9E0338D4 90120B6D NTLS.NLM|ASN1_template_i2d+277
9E033920 90120806 NTLS.NLM|ASN1_item_ex_i2d+2CC
9E03397C 9012052D NTLS.NLM|ASN1_item_i2d+97
9E0339AC 900C3AF5 NTLS.NLM|i2d_X509+13
9E0339C0 900AFD0F NTLS.NLM|ssl3_output_cert_chain+290
9E033A6C 900A76F9 NTLS.NLM|ssl3_send_server_certificate+6D
9E033A88 900A4B38 NTLS.NLM|ssl3_accept+48A
9E033AC4 900B554C NTLS.NLM|SSL_accept+22
9E033AD4 900B1350 NTLS.NLM|ssl23_get_client_hello+974
9E033B34 900B093C NTLS.NLM|ssl23_accept+1B6
9E033B5C 900B554C NTLS.NLM|SSL_accept+22
9E033B6C 98C41D77 NLDAP.NLM|DoTLSHandshake+2EC
9E034BB0 98C28A38 NLDAP.NLM|OperationThread+14E2
9E034BF4 98C21618 NLDAP.NLM|TPSetAvailableWorkInfo+78
9E034C0C 98C21D96 NLDAP.NLM|TPWorkerThread+E8
9E034C24 9040C356 THREADS.NLM|getcmd+21E
9E034C4C 9040C18C THREADS.NLM|getcmd+54
9E034C64 90426730 THREADS.NLM|<Start of DATA segment>+2730
9E034C68 0021FD88 SERVER.NLM|TcoNewSystemThreadEntryPoint+40
(stack end)
9E03379C 90120E0E NTLS.NLM|ASN1_template_i2d+518
9E0337C8 901205E7 NTLS.NLM|ASN1_item_ex_i2d+AD
9E03382C 90120AC3 NTLS.NLM|ASN1_template_i2d+1CD
9E033878 90120806 NTLS.NLM|ASN1_item_ex_i2d+2CC
9E0338D4 90120B6D NTLS.NLM|ASN1_template_i2d+277
9E033920 90120806 NTLS.NLM|ASN1_item_ex_i2d+2CC
9E03397C 9012052D NTLS.NLM|ASN1_item_i2d+97
9E0339AC 900C3AF5 NTLS.NLM|i2d_X509+13
9E0339C0 900AFD0F NTLS.NLM|ssl3_output_cert_chain+290
9E033A6C 900A76F9 NTLS.NLM|ssl3_send_server_certificate+6D
9E033A88 900A4B38 NTLS.NLM|ssl3_accept+48A
9E033AC4 900B554C NTLS.NLM|SSL_accept+22
9E033AD4 900B1350 NTLS.NLM|ssl23_get_client_hello+974
9E033B34 900B093C NTLS.NLM|ssl23_accept+1B6
9E033B5C 900B554C NTLS.NLM|SSL_accept+22
9E033B6C 98C41D77 NLDAP.NLM|DoTLSHandshake+2EC
9E034BB0 98C28A38 NLDAP.NLM|OperationThread+14E2
9E034BF4 98C21618 NLDAP.NLM|TPSetAvailableWorkInfo+78
9E034C0C 98C21D96 NLDAP.NLM|TPWorkerThread+E8
9E034C24 9040C356 THREADS.NLM|getcmd+21E
9E034C4C 9040C18C THREADS.NLM|getcmd+54
9E034C64 90426730 THREADS.NLM|<Start of DATA segment>+2730
9E034C68 0021FD88 SERVER.NLM|TcoNewSystemThreadEntryPoint+40
(stack end)