Cannot Create Cluster Resources: <date/time><hostname> ncs-configd: createVolumeResource failed: {'info': 'NDS error: no access (-672)', 'desc': 'Insufficient access'}

  • 7005195
  • 21-Jan-2010
  • 29-Apr-2013


Novell Open Enterprise Server 2 (OES 2) Linux Support Pack 2


Could not create any new cluster resources either in  nssmu or imanager. The following error would appear in the /var/log/messages file when trying to create a resource in nssmu:
Dec 28 22:39:39 <hostname> ncs-configd: createVolumeResource failed: {'info': 'NDS error: no access (-672)', 'desc': 'Insufficient access'}
This means that the user that's trying to create the resource does not have rights to nds. The user would be whoever logged into the linux host on boot up. This error was constantly being inserted into the /var/log/messages file every time an attempt was made to create a new cluster resource in nssmu. New nds non cluster objects could be created in the same context however, using imanager. If an existing pool was cluster enabled in imanager the error -498 would be returned. This means that there is a duplicate object of the same name in the same container where the new object is being created. This was not the case as there was no object of that name in that context. This had been working before. The only change made was that the cluster had been updated to OES2 SP2 from OES2 SP1. Existing cluster resources worked fine.


Enabled extended ldap debugging on the host's ldap server object and started watching ndstrace while trying to create a new cluster object, It was attempting a null bind.  Looked into the casa credentials on all four nodes since upgrading to oes2sp2.  There was no longer a NovellClusterServices.Novell credential stored.  Issued the following command:

KEYVALUE=cn=xxx,o=xxxx  CASAcli -s -n NovellClusterServices.Novell -k DN_LDAP
Setting NovellClusterServices.Novell 
KEYVALUE=<password obscured> CASAcli -s -n NovellClusterServices.Novell -k Password 
Setting NovellClusterServices.Novell 
We were able to create cluster resources after that. Apparently the update to SP2 compromised the CASA configuration, thus resulting in limited NDS access.