Novell Open Enterprise Server 2 (OES 2) Linux Support Pack 3
Novell Open Enterprise Server 11 (OES 11) Linux Support Pack 1
Novell Open Enterprise Server 11 (OES 11) Linux Support Pack 2
Novell Common Internet File System (CIFS)
Novell Modular Authentication Service(NMAS)
When a user tries to login against CIFS on OES in the cifs.log a -1660 error will be logged.
On the OES server the NMAS Login Method (cifslinlsm) has been defined.
Novell CIFS on OES uses an NMAS Login Method for user authentication.
The NMAS method libraries for CIFS are ( these must be synced to the server holding the replica of a user):
- 32-bit: /var/opt/novell/eDirectory/data/nmas-methods/CIFSLINLSM
- 64-bit: /var/opt/novell/eDirectory/data/nmas-methods/CIFSLINLSM_X64
- Check existence of the library on a server in the path specified above.
- The following command should return a line with the library method
# lsof -p `pgrep ndsd` | grep CIFSLINLSM[_X64]
method has to be synced manually if any of the above fails.
CIFS login methods can be verified and synced to a server using either ndstrace or iMonitor tool.
Please use the following steps:
- Using ndstrace:
- Run backlinker to sync the login methods to local security:
- # ndstrace
- NDSTrace:set ndstrace=nodebug
- NDSTrace: dstrace tags blnk
- NDSTrace: set ndstrace=*B (This may take a while to complete depending on the tree size)
- NDSTrace: quit
- Restart eDirectory service (not mandatory)
# rcndsd restart
- Verify if CIFS login works from a Windows/Linux workstation by mounting a CIFS share.
- using iMonitor:
- Log in to iMonitor, https://IPAddress:8030/nds , and select tree at the top.
- Go to Security(Entry Record)->Authorized Login Methods->cifslinlsm
- Check for the Flags of sasLoginServerMethodLinux and sasLoginServerMethodLinuxX64 Attribute. These flags have to be Present, otherwise sync the attribute using ndstrace method.
Another thing that you can try is to delete the /var/opt/novell/eDirectory/data/nmas-methods/CIFSLINLSM_64 or CIFSLINLSM file and restart eDir. (rcndsd restart)
The login method will be read into memory from the local copy of the security container in eDir and the CIFSLINLSM_64 or CIFSLNLSM file will be recreated.