"Non SecureLogin Error (-1) An invalid or corrupt single sign-on entry has been found."

  • 7008479
  • 28-Apr-2011
  • 26-Apr-2012

Environment

Novell SecureLogin
NSL6.x

NSL7.x
NSL installed in AD mode.
NSL installed in eDirectory mode.

Situation

Error returned when SecureLogin is loading:
"Non SecureLogin Error(-1).   "An invalid or corrupt single sign-on entry was found.... Do you want to delete it?"
or "“NSL data is corrupt, do you want to load it from server"
or  "Broker_Header_data_Corrupt(-116). "An invalid or corrupt single sign-on entry was found.... Do you want to delete it?"



Error may recur the next time SecureLogin is loaded, even if the user answers “yes” to the prompt to delete.

Resolution

Select the “yes” option when prompted.

If the problem recurs, change a setting, script, or stored variable in the SecureLogin workstation utility, so that the user's data is re-written to the directory.  If this is not an option, try deleting the local  cache file.  On Windows7 the cache file is located at C:\Users\<user name>\AppData\Roaming\SecureLogin\Cache.  On Windows XP the cache file is located at C:\Documents and Settings\<username>\Application Data\SecureLogin\Cache.

If the problem persists investigate possible directory replication and synchronization problems.

Additional Information

This error occurs if SecureLogin attempts to read encrypted data from the directory, but is not able to decrypt the data with the encryption keys.  SecureLogin encryption keys are created from the passphrase or (if passphrases have been set to “hidden”) from the username, including context.

Possible causes of the error include:
- Directory replication / synchronization problems.
- Changing the user key by moving a user to a different location in the directory or  by copying that user to a new domain/forest/tree
- Changing the encryption mode to AES and then trying to access the data from a workstation that does not support AES (i.e. Win2000)
- Corrupt data in the directory
- Clearing the user data from the datastore without removing the users local cache file may also cause the problem.  In this case corrupt data previously copied from the directory to the workstation can return.
 
Note that this problem may recur for an individual user if the cleanup action fails, or if  SecureLogin has no data updates for the user.  SecureLogin does not immediately write data to the directory on startup.  Neither does it consider finding bad data a change to be written.  Making a change such as changing a variable or a script can cause the user's SecureLogin data to be rewritten.  Changing a network password will also cause the data to be updated.

Other corruption related errors may occur when NSL loads, and should be investigated in the same manner.  These include the following:

-103: BROKER_INVALID_CLASS_CREATED
Possible Cause: Data has become corrupted, or you are running an earlier version.
SecureLogin is trying to create a new version of the application definition data format that was stored in ANDS.

-318: BROKER_DIRECTORY_CRC_DOES_NOT_MATCH
Possible Cause: Whenever SecureLogin stores an entry in Microsoft Active Directory, SecureLogin employs a redundancy check. If the redundancy check does not match when SecureLogin reloads the entry, then the data in Microsoft Active Directory has been corrupted.
Action: Troubleshoot Microsoft Active Directory or Microsoft ADAM.


-422: BROKER_SLASSO_OUT_OF_MEMORY
Possible Cause: Data has become corrupted, or the software is not working as intended.
Action: Contact Novell Support.

-488
# Different entry types being invalid/corrupt

-116: BROKER_HEADER_DATA_CORRUPT
Possible Cause: Data is corrupted. You might have a customized build for your site, but have installed a standard version of SecureLogin, or have gone from a standard version to a customized build for your site.
Action: Delete the local cache file and try again. If unsuccessful, contact Novell Support.

-120: BROKER_INVALID_PREF_DATA_TYPE
Possible Cause: Data is corrupted or the software is not working as intended.
Action: Contact Novell Support.

-121: BROKER_PREFERENCE_DATA_CORRUPT
Possible Cause: Data has become corrupted or the software is not working as intended.
Action: Contact Novell Support.

-138: BROKER_SYMBOL_DATA--142: BROKER_SET_PREF_INVALID
Possible Cause: Data has become corrupted or the software is not working as intended.
Action: Contact Novell Support.

142: BROKER_SET_PREF_INVALID
Possible Cause: Data has become corrupted or the software is not working as intended.
Action: Contact Novell Support.
_CORRUPT
Possible Cause: Data has become corrupted in the local cache file or in the directory.
Action: Delete the local cache file and try again. If unsuccessful, contact Novell Support.

-141: BROKER_PREF_INVALID
Possible Cause: Data has become corrupted or the software is not working as intended.
Action: Contact Novell Support.

-142: BROKER_SET_PREF_INVALID
Possible Cause: Data has become corrupted or the software is not working as intended.
Action: Contact Novell Support.


Additionally, the error messages below may also be presented at startup.  Each of these has a suggested solution, but if the suggestion does not help, these should also be pursued as general data corruption errors.

-211: BROKER_ENTRY_ALREADY_ON_LIST
Possible Cause: You tried to add an application definition or variable, but an application definition or variable with that name already exists.
Action: Do one of the following
Use a different name for the application definition or variable.
Rename the existing application definition or variable in the application definition editor.


-317: BROKER_INCORRECT_DATABASE_VERSION

Possible Cause: The version of SecureLogin that you are using does not handle the version of SecureLogin that is stored in the directory.
Action: Upgrade to the latest version of SecureLogin.


-340: BROKER_UNKNOWN_DATABASE_VERSION

Possible Cause: You are using an earlier version of SecureLogin.
Action: Upgrade to the latest version of SecureLogin.


-325: BROKER_ENTRY_MUST_HAVE_NON_NULL_KEY

Possible Cause: You tried to add an application definition or variable that is a blank string.
Action: Provide a name for the application definition or variable.


-140: BROKER_SCRIPT_DATA_CORRUPT

Possible Cause: Data has become corrupted in application definitions.
Action: Delete the local cache file and try again.