Environment
Novell Open Enterprise Server 2 (OES 2) Linux Support Pack 3
Situation
FFFDFFFD7 error running TSATEST:
Error code NWSMTSConnectToTargetServiceEx fffdffd7
Error:Failed to connect Target Service:Username or Password invalid
Disconnected from TSA
Third party backup software will not connect successfully.
Error code NWSMTSConnectToTargetServiceEx fffdffd7
Error:Failed to connect Target Service:Username or Password invalid
Disconnected from TSA
Third party backup software will not connect successfully.
Resolution
In this example the server has IP address 10.10.10.10.
- Check in the /etc/nam.conf and verify that the preferred-server is pointing to the correct server. In this example the IP address is 10.10.10.10. If the IP address in the nam.conf file is incorrect, you need to change this to the correct IP address.
- With the following command, check if a connection to the ldap server can be established:
/opt/novell/eDirectory/bin/ldapsearch -e /var/lib/novell-lum/.10.10.10.10.der -h 10.10.10.10 -b "" -s base - If this fails, perform the following actions:
- Go into the /var/nam directory. In this directory, you should find a file called .10.10.10.10.der (On previous versions of novell-lum the directory is /var/lib/novell-lum)
- Create a backup copy using: mv .10.10.10.10.der .10.10.10.10.der.bak
- Using namconfig -k" a new .10.10.10.10.der will be created
- Go into the /var/nam directory. In this directory, you should find a file called .10.10.10.10.der (On previous versions of novell-lum the directory is /var/lib/novell-lum)
- Repeat step 2.
- If a connection can be established, you need to restart namcd deamon and refresh the local cache with:
- rcnamcd stop
- rcnamcd start
- namconfig cache_refresh
Additional Information
The following errors were found in /var/log/messages:
smdrd[374]: Loading TSA tsafs
smdrd[374]: Module tsafs successfully loaded
smdrd[374]: pam_ldap_init: ldapssl_add_trusted_cert() failed
smdrd[374]: _nds_ldap_init: pam_ldap_init failed, trying to connect to the alternative LDAP server
smdrd[374]: _nds_ldap_init: Unable to get list of alternative LDAP servers from the config file, error [2]
smdrd[374]: PAM_NAM: _nds_loginUser: nds_ldap_init failed
smdrd[374]: PAM_NAM: ldapmapstatus: pam_get_data of LDAPHandle failed
smdrd[374]: PAM_NAM: _nds_clear_and_exit: Could not return ldap handle
smdrd[374]: PAM_NAM: pam_sm_authenticate: NDS Login failed
When attempting to restart LUM (rcnamcd restart) it failed to load with the following error:
Failed to get LDAP handle. Make sure you have LDAP server certificate in /var/lib/novell-lum directory.
This error repeated until we halted the attempt to load the namcd service. To resolve this we copied the certificates locally by running namconfig -k, and restarting namcd.
smdrd[374]: Loading TSA tsafs
smdrd[374]: Module tsafs successfully loaded
smdrd[374]: pam_ldap_init: ldapssl_add_trusted_cert() failed
smdrd[374]: _nds_ldap_init: pam_ldap_init failed, trying to connect to the alternative LDAP server
smdrd[374]: _nds_ldap_init: Unable to get list of alternative LDAP servers from the config file, error [2]
smdrd[374]: PAM_NAM: _nds_loginUser: nds_ldap_init failed
smdrd[374]: PAM_NAM: ldapmapstatus: pam_get_data of LDAPHandle failed
smdrd[374]: PAM_NAM: _nds_clear_and_exit: Could not return ldap handle
smdrd[374]: PAM_NAM: pam_sm_authenticate: NDS Login failed
When attempting to restart LUM (rcnamcd restart) it failed to load with the following error:
Failed to get LDAP handle. Make sure you have LDAP server certificate in /var/lib/novell-lum directory.
This error repeated until we halted the attempt to load the namcd service. To resolve this we copied the certificates locally by running namconfig -k, and restarting namcd.