-1660 Error is reported to CIFS service on OES using NMAS Login Method(cifslinlsm)

  • 7009224
  • 23-Aug-2011
  • 20-Jan-2016

Environment


Novell Open Enterprise Server 2 (OES 2) Linux Support Pack 3
Novell Open Enterprise Server 11 (OES 11) Linux Support Pack 1
Novell Open Enterprise Server 11 (OES 11) Linux Support Pack 2


Novell Common Internet File System (CIFS)
Novell Modular Authentication Service(NMAS)

Situation

When a user tries to login against CIFS on OES in the cifs.log a -1660 error will be logged.

On the OES server the NMAS Login Method (cifslinlsm) has been defined.

Resolution

Novell CIFS on OES uses an NMAS Login Method for user authentication.

The NMAS method libraries for CIFS are ( these must be synced to the server holding the replica of a user):

  • 32-bit: /var/opt/novell/eDirectory/data/nmas-methods/CIFSLINLSM
  • 64-bit: /var/opt/novell/eDirectory/data/nmas-methods/CIFSLINLSM_X64
To verify the CIFS login method libraries on a server, perform the following actions:
  1. Check existence of the library on a server in the path specified above.
  2. The following command should return a line with the library method name:
    # lsof -p `pgrep ndsd` | grep CIFSLINLSM[_X64]

The login method has to be synced manually if any of the above fails.

CIFS login methods can be verified and synced to a server using either ndstrace or iMonitor tool.

Please use the following steps:

  • Using ndstrace:
  1. Run backlinker to sync the login methods to local security:
    1. # ndstrace
    2. NDSTrace:set ndstrace=nodebug
    3. NDSTrace: dstrace tags blnk
    4. NDSTrace: set ndstrace=*B (This may take a while to complete depending on the tree size)
    5. NDSTrace: quit
  2. Restart eDirectory service (not mandatory)
              # rcndsd restart
  3. Verify if CIFS login works from a Windows/Linux workstation by mounting a CIFS share.


  • using iMonitor:
  1. Log in to iMonitor, https://IPAddress:8030/nds , and select tree at the top.
  2. Go to Security(Entry Record)->Authorized Login Methods->cifslinlsm
  3. Check for the Flags of sasLoginServerMethodLinux and sasLoginServerMethodLinuxX64 Attribute. These flags have to be Present, otherwise sync the attribute using ndstrace method.

Another thing that you can try is to delete the /var/opt/novell/eDirectory/data/nmas-methods/CIFSLINLSM_64 or CIFSLINLSM file and restart eDir. (rcndsd restart)

The login method will be read into memory from the local copy of the security container in eDir and the CIFSLINLSM_64 or CIFSLNLSM file will be recreated.


Cause

The problem is usually related to the local eDir process not being able to read the security container.