Agent login fails if Server list not populated with FQDN of primary

  • 7009074
  • 28-Jul-2011
  • 27-Apr-2012

Environment

Novell ZENworks 11 Configuration Management

Situation

After install of a new zone with Windows primary server, new agents fail to login to user source.
 
ERROR (in casaauthtoken.log):
 
[644-6C0] [16:47:31] CASA_AuthToken -UserApprovedCert- Invalid Cert from Host = zenPrimary1
[644-6C0] [16:47:31] CASA_AuthToken -InternalRpc- User approved invalid certificate from zenPrimary1
[644-6C0] [16:47:31] CASA_AuthToken -AllowInvalidCertsFromHost- Start
[644-6C0] [16:47:31] CASA_AuthToken -AllowInvalidCertsFromHost- X509_ASN_ENCODING
[644-6C0] [16:47:31] CASA_AuthToken -AllowInvalidCertsFromHost- Entered to iterate the cert list
[644-6C0] [16:47:31] CASA_AuthToken -AllowInvalidCertsFromHost- End, retStatus = 0
[644-6C0] [16:47:31] CASA_AuthToken -InternalRpc- End, retStatus = 0
[644-6C0] [16:47:31] CASA_AuthToken -Rpc- End, retStatus = 0
[644-6C0] [16:47:31] CASA_AuthToken -ObtainAuthTokenFromServer- Did not receive GetAuthPolicy Response data
[644-6C0] [16:47:31] CASA_AuthToken -CloseRpcSession- Start
[644-6C0] [16:47:31] CASA_AuthToken -CloseRpcSession- End
[644-6C0] [16:47:31] CASA_AuthToken -ObtainAuthTokenFromServer- End, retStatus = C7FF0020
[644-6C0] [16:47:32] CASA_AuthToken -ObtainAuthTokenInt- End, retStatus = C7FF0020
[644-6C0] [16:47:32] CASA_AuthToken -ObtainAuthTokenEx- End, retStatus = C7FF0020
 
ERROR (in zmd-messages.log):
 
 [DEBUG] [07/19/2011 16:40:17.200] [1616] [ZenworksWindowsService] [8] [] [CommonCasa] [] [ObtainAuthToken took exception: -939589600 System.Exception: -939589600
   at Novell.Casa.Client.Auth.Authtoken.ObtainAuthToken(String sService, String sHost, WinLuid luid)

Resolution

This is fixed in version 11.2 - see KB 7010044 "ZENworks Configuration Management 11.2 - update information and list of fixes" which can be found at https://www.novell.com/support
 
Workaround:
 
Check that the agent managment icon (Z-Icon) Properties Servers List shows URL for shortname only.  In the example above:
 
 
Check the server certificate.  Note if the certificate subject is the server's FQDN.  For example, zenPrimary1.novell.com.
 
Note if the server is not in an Active directory Domain.
 
If all above are true, check Control Panel System Computer name on the primary.  Ensure that the Computer Fullname is set as the FQDN, for example zenPrimary1.novell.com.  If this is changed, refresh the primary server to ensure that the change is picked up. 
 
Note:  After changing the name, it will be necessary to wait for an hour before the agents will see the new settings on refresh.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.