namcd not starting in OES2 SP3 Linux server

  • Document ID:7008446
  • Creation Date:25-Apr-2011
  • Modified Date:30-Apr-2012
    • Micro Focus Products:
      eDirectory
      Open Enterprise Server
    • SUSE Products:
      SUSE Linux Enterprise Server

Environment

Novell eDirectory 8.8 for Linux
Novell Open Enterprise Server 2 (OES 2) Linux Support Pack 3

Situation

rcnamcd status shows dead
LUM not starting on OES2 SP2 Linux server
Linux User Management not starting on OES2 SP2 Linux server

/var/log/messages shows error as:
"param_errmsg: unknown error returned reading configurtaion alternative-ldap-server-list
main: init_pre_threads failed, err code is 206: unknown error 206. Problem in namcd initialization, existing"

LDAP trace shows
"-222 error bad password"

Resolution

1.       Check SSL certificates for the LDAP server in /etc/nam.conf file.

1.1.     Open iManager, click Novell Certificate Access and in turn select Server Certificates option

1.2.     Click object selector (magnifying glass icon) and browse to select the LDAP server which is specified in /etc/nam.conf file.

1.3.     Check all certificates and click on validate.

1.4.     If any of the certificates shows invalid or expired, delete all SSL certificates and then recreate them.  

1.5.     Under Roles and Tasks select Novell Certificate Server  and click on Create default Certificates. Select LDAP server using object selector (magnifying glass icon) and click next

1.6.     Select the default options and click next and finally click finish. Follow steps 1.3 to ensure the created certificates are valid.

 

2.        Check LDAP connectivity.

2.1.     On Linux

nldap –u

nldap -l

 

2.2.     On NetWare

unload nldap

load nldap

 

2.3.     In Linux terminal window use netstat command to check LDAP connectivity on port 389 and 636

netstat –anp |grep 389

netstat –anp |grep 636

 

On Netware use tcpcon to check the ports mentioned above.

Note: ICE or LDAP browser can also be used to check the connectivity

 

3.       Change LDAP server in /etc/nam.conf file

3.1.     Replace the preferred LDAP server and point it to the LDAP server which holds the Master or Read Write replica in a tree for root or for the partition in which the server and LUM user resides. This could be done using “vi” or “gedit”

3.2.     Restart LUM services using the commands below:

namconfig –k

namconfig cache_refresh

rcnamcd restart

rcnamcd status

id<username>

 

4.   In OES2 SP3 server, there is a new feature in which OESCommon Proxy User gets installed with eDirectory      

      installation through YAST | OES installation and configuration. It also creates a default password policy in   

      eDirectory assigned to OESCommon Proxy User automatically with default password. In older versions of   

      OES2 each of the following applications creates a separate Proxy user for them like

      AFP

     CIFS

     NCS

     DHCP

     DNS

     iFolder

     NSS

     NetStorage

     Samba

 

     For LUM [Linux User Management] installation, OESCommon Proxy user is optional. If the option is selected it   

     saves the configuration in /etc/sysconfig/novell/lum2_sp3 file. Proxy user is used by OES services   

     to retrieve (and/or update) the configuration and service specific information in eDirectory.

 

5.   To remove Proxy User from LUM, go to the location

        cd /var/lib/novell-lum

   ./lum_update_proxy_cred.sh          # it prompt for admin credentials

 

6.   For changing OESCommon Proxy User password, go to the location

         cd /opt/novell/proxymgmt/bin

        ./change_proxy_pwd.sh –A no       # it prompt for Proxy user FDN and prompt for new password