Environment
Novell Open Enterprise Server 11 (OES 11) Linux
Situation
Unable to assign system rights for Kanaka
Kanka proxy object creation fails
Unknown Directory Services error has occured
While configuring Kanaka via the web URL (https://<server_or_ip>:3089); and error is seen when trying to progress past "Setup Wizard Step 2 of 4". The message is "Unknown Directory Services error has occurred."
The log,
/var/opt/novell/kanaka/engine/log/novell-kanakaengined.log, when in
log level 7 shows:
01
2012-01-23 16:21:23 -21600 5 0004 25195 49011940 UI:
admin.novell [10.20.30.40] LOGIN SUCCESS
01 2012-01-23 16:21:23
-21600 5 0003 25195 49011940 GL: Base schema appears to be
properly extended.
01 2012-01-23 16:21:23 -21600 7 8007 25195
49011940 NWXPLAT: m_pfnNWDSReadAttrDef() failed, rc = -603.
01
2012-01-23 16:21:23 -21600 5 0003 25195 49011940 GL:
Collaborative Homedirectory attribute ccx-FSFManagedPath is
available.
01 2012-01-23 16:21:23 -21600 5 0003 25195 49011940
GL: Kanaka AFP Volume name attribute cccKanakaAFPVolumeName is
available.
01 2012-01-23 16:21:37 -21600 7 8007 25195 49011940
NWXPLAT: m_pfnNWDSReadAttrDef() failed, rc = -603.
01
2012-01-23 16:22:33 -21600 7 8007 25195 49011940 NWXPLAT:
m_pfnNWDSAddObject() failed, rc = -606.
01 2012-01-23 16:22:52
-21600 7 8007 25195 49011940 NWXPLAT: m_pfnNWDSAddObject()
failed, rc = -606.
01 2012-01-23 16:22:55 -21600 7 8007 25195
49011940 NWXPLAT: m_pfnNWDSGenerateKeyPairEx() failed, rc =
-16000.
Resolution
Check for a password policy assignment in the container where the Kanaka proxy user was created. The Kanaka proxy user requires a 35 character password and most policies limit this. The Kanaka proxy user has already been created, so the fix simply involves:
1. Create a new password policy that allows for long passwords
2. Assign the new password policy to the Kanaka proxy user
3. Repeat step 2 of the wizard with all of the same information as before
This time through, the wizard will complete successfully.