Environment
Novell Open Enterprise Server 2 SP3 (OES 2SP3)
Novell Open Enterprise Server 11 (OES11)
Domain Services for Windows
DSFW
Situation
Install of DSFW reports a failure in the provisioning wizard on Samify Objects.
2011-03-15 10:59:05 samifying
nLSLicenseID=SN:91555555,nLSPublisher=Novell+nLSProduct=NetWare 6
Server+nLSVersion=650,dc=novell,dc=com
2011-03-15 10:59:05 samifying
nLSLicenseID=SN:91555555,nLSPublisher=Novell+nLSProduct=NetWare 6
Server+nLSVersion=650,dc=novell,dc=com
NDS error: no such value (-602) at /opt/novell/xad/lib64/perl/XAD/secure.pm
line 497, <DATA> line 819.
at /opt/novell/xad/lib64/perl/Logger.pm line 119
Logger::_err('NDS error: no such value (-602) at
/opt/novell/xad/lib64/perl...') called at /opt/novell/xad/lib64/perl/Logger.pm
line 202
Logger::Log(0, 'NDS error: no such value (-602) at
/opt/novell/xad/lib64/perl...') called at
/opt/novell/xad/lib64/perl/XAD/secure.pm line 509
secure::samify_all_domain_objects('frd_install=HASH(0x660290)') called at
/opt/novell/xad/share/dcinit/provision/provision_samify.pl line 48
2011-03-15 10:59:05,371 INFO - Samification of User and Group Objects:Finished
Samifying Objects
line 497, <DATA> line 819.
at /opt/novell/xad/lib64/perl/Logger.pm line 119
Logger::_err('NDS error: no such value (-602) at
/opt/novell/xad/lib64/perl...') called at /opt/novell/xad/lib64/perl/Logger.pm
line 202
Logger::Log(0, 'NDS error: no such value (-602) at
/opt/novell/xad/lib64/perl...') called at
/opt/novell/xad/lib64/perl/XAD/secure.pm line 509
secure::samify_all_domain_objects('frd_install=HASH(0x660290)') called at
/opt/novell/xad/share/dcinit/provision/provision_samify.pl line 48
2011-03-15 10:59:05,371 INFO - Samification of User and Group Objects:Finished
Samifying Objects
Resolution
This issue is resolved with OES11SP1
For OES11 apply the September 2012 Maintenance Patch then rerun the samify task.
The samify task reports an error, but all user and group objects appear to be
samified. To verify if a user or group is samified look at the other tab in iManager and see if there is a samaccountname attribute. If so then the user is samified.
samified. To verify if a user or group is samified look at the other tab in iManager and see if there is a samaccountname attribute. If so then the user is samified.
Once DSfW is installed on the server do the following ldapsearch on the DSfW server
LDAPCONF=/etc/opt/novell/xad/openldap/ldap.conf /usr/bin/ldapsearch -Y EXTERNAL
-b "" '(&(objectClass=user)(!(sAMAccountName=*)))' dn:
-b "" '(&(objectClass=user)(!(sAMAccountName=*)))' dn:
This search will return all users with out a samaccountname.
You can do the same search for objetclass=group
If a user or group in the domain is not samified modifying the user or using the domaincntrl utility.
To use the domaincntrl utility to samify users first get a kerberos ticket then
kinit administrator
enter the administrators password at the prompt
Then run domaincntrl --samify
Select the container you wish to samify users and groups in.