Environment
Novell Client 2 SP3 for Windows 7
Novell Client 4.91 SP5 for Windows XP
OES 11 on Linux
Novell Client 4.91 SP5 for Windows XP
OES 11 on Linux
Situation
Unable to login from Windows workstation.
Can't find the tree or server when clicking "Trees" or "Servers" buttons.
Error: "Tree or server not found".
Typing the server's IP address in the "Tree" or "Server" fields allows for successful login.
Can't find the tree or server when clicking "Trees" or "Servers" buttons.
Error: "Tree or server not found".
Typing the server's IP address in the "Tree" or "Server" fields allows for successful login.
Resolution
General Notes:
SLP consists of three components:
1. Edit its /etc/slp.conf file
vi \etc\slp.conf
2. Uncomment the following line:
;net.slp.DAAddresses = myDa1,myDa2,myDa3
and replace myDa1, etc., with the IP addresses of your DAs (including the server where you are editing this file, if it is also a DA).
3. Restart SLP
rcslpd restart
To make a server a DA (Best practice is to have a DA on each LAN segment):
Note: In a multi subnetted environment you must have SLP configured with a DA.
1. Edit the server's /etc/slp.conf file
vi \etc\slp.conf
2. Uncomment the following line:
;net.slp.DAAddresses = myDa1,myDa2,myDa3
and replace myDa1, etc., with the IP addresses of your DAs (including the server where you are editing this file).
3. Uncomment the following line:
;net.slp.isDA = true
4. Restart SLP
rcslpd restart
The server is now a DA servicing the default scope.
To make a workstation a UA
Note: It is also possible to deliver the SLP configuration via DHCP (options 78 and 79).
By default, the Novell Client uses SLP to locate services without any configuration. It does this by multicasting to find a DA, then communicating with the first working DA that responds. However, you can force the Client to unicast directly to a DA of your choice by configuring the Client, as follows:
1. Open the Novell Client Properties and complete the configuration on the "Service Location" tab.
System Tray > Red N icon > Novell Client Properties > Service Location tab
2. Enter the IP address of the DA(s) in the "Directory Agent List" section
3. Enter the scope (if you are defining scopes) in the "Scope List" section (see Possible Cause #5, below)
The above steps comprise the basic setup of SLP. If SLP is not working properly after completing these steps, troubleshoot as follows:
Determine whether the SLP protocol on the workstation can "see" the tree or server:
On the workstation (at a command prompt):
slpinfo /a
The Tree you are trying to find should be listed under the section:
======== Trees ========
The server (SA) you are trying to find should be listed under the section:
======== Servers ========
The Directory Agent (DA) should be listed under the section
========Directory Agents ========
On the server: (in a console terminal session or via Putty), use slptool:
To display all the partitions, including the tree:
slptool findsrvs service:ndap.novell
To display all the servers:
slptool findsrvs service:bindery.novell
If the service you are looking for is not found:
Possible Cause 1: The SLP service is stopped or not working properly on the server
Restart SLP
rcslpd restart
If this does not resolve the problem:
Possible Cause 2: SLP is not properly configured on the server
Configure SLP on the OES server serving as a DA.
1. Edit the /etc/slp.conf file
vi \etc\slp.conf
Define the Directory Agents
2. Uncomment the following line:
;net.slp.DAAddresses = myDa1,myDa2,myDa3
and replace myDa1, etc., with the DAs (including the server where you are editing this file)
3. Uncomment the following line:
;net.slp.isDA = true
4. Restart SLP
rcslpd restart
If this does not resolve the problem:
Possible Cause 3: The SLES Firewall is blocking SLP traffic
Disable the firewall
rcSuSEfirewall2 stop
If this resolves the problem, instead of disabling the firewall entirely, you can fine-tune the firewall to pass UDP and TCP traffic on port 427.
If this does not resolve the problem:
Possible Cause 4: eDirectory is not registering services with SLP
Either A) Wait for eDirectory to register the services or B) Restart eDirectory to re-register the services immediately.
A) Wait for eDirectory to register the services
The default registration timeout for OES is 60 minutes. This timeout can be changed. For example, to make eDirectory register every 10 minutes instead of the default 60 minutes (the eDirectory registration default on NetWare was 10 minutes), execute the following command (a restart of the ndsd service is required for the change to become active):
ndsconfig set n4u.nds.advertise-life-time=600
Verify the setting by typing:
ndsconfig get | grep -i n4u.nds.advertise-life-time
Observe the RNRadvertise value to see when eDir will attempt to register its Bindery and NDAP services again.
iMonitor > Agent Activity > Background Processes Schedule
(https://<ipaddress>:8030/nds/activity/background)
See TID 7001449 for more information about the eDirectory one hour timer and how to adjust it to register in a shorter interval. This TID also describes how to use iMonitor to watch eDirectory count down to the next registration of services.
B) Restart eDirectory to re-register the services immediately
Any users will be disconnected!
rcndsd restart
Note: DA backup and synchronization can be configured. If the DA has been designated as a backup server, the known services at the time of the last backup will be read from the backup file immediately upon the start/restart of the DA. The backup file can also be useful in troubleshooting SLP. If DA synchronization has been enabled, services will be synchronized between configured DAs. To enable DA backup and synchronization:
1. Edit the /etc/slp.conf file
vi \etc\slp.conf
2. Uncomment the following lines:
;net.slp.isDABackup = true
;net.slp.DASyncReg =true
3. Restart SLP
rcslpd restart
See TID 7001449 for more information about these options.
Possible Cause 5: SLP scopes are not correctly configured
A scope is always used in SLP name resolution. If no scope is specified, the "default" scope is used. The Novell Client will only find services which are advertised within the scope specified in the Client's SLP configuration. A Novell server will only advertise itself as being available within the scopes for which it is configured.
Novell Client Configuration:
Navigate to: System Tray > Red N > Novell Client Properties > Service Location tab > Scope List
If using a scope other than the default scope, enter it here.
Novell OES Server Configuration:
In a terminal session, edit the slp.conf file. For example:
vi /etc/slp.conf
Uncomment the line:
;net.slp.useScopes = myScope1,myScope2,myScope3
Edit this line to reflect the scopes for which this server is to be included. Ensure that there are no spaces between the scope names. i.e. "myScope1,myScope2" instead of "myScope1, myScope2".
Then restart SLP, using the command:
rcslpd restart
SLP consists of three components:
- User Agent (UA): This is the entity that needs to look up services (generally, the workstation).
- Service Agent (SA): This is the entity that the UA wants to find (generally, a file server).
- Directory Agent (DA): This is the entity that maintains a listing of the SAs.
1. Edit its /etc/slp.conf file
vi \etc\slp.conf
2. Uncomment the following line:
;net.slp.DAAddresses = myDa1,myDa2,myDa3
and replace myDa1, etc., with the IP addresses of your DAs (including the server where you are editing this file, if it is also a DA).
3. Restart SLP
rcslpd restart
To make a server a DA (Best practice is to have a DA on each LAN segment):
Note: In a multi subnetted environment you must have SLP configured with a DA.
1. Edit the server's /etc/slp.conf file
vi \etc\slp.conf
2. Uncomment the following line:
;net.slp.DAAddresses = myDa1,myDa2,myDa3
and replace myDa1, etc., with the IP addresses of your DAs (including the server where you are editing this file).
3. Uncomment the following line:
;net.slp.isDA = true
4. Restart SLP
rcslpd restart
The server is now a DA servicing the default scope.
To make a workstation a UA
Note: It is also possible to deliver the SLP configuration via DHCP (options 78 and 79).
By default, the Novell Client uses SLP to locate services without any configuration. It does this by multicasting to find a DA, then communicating with the first working DA that responds. However, you can force the Client to unicast directly to a DA of your choice by configuring the Client, as follows:
1. Open the Novell Client Properties and complete the configuration on the "Service Location" tab.
System Tray > Red N icon > Novell Client Properties > Service Location tab
2. Enter the IP address of the DA(s) in the "Directory Agent List" section
3. Enter the scope (if you are defining scopes) in the "Scope List" section (see Possible Cause #5, below)
The above steps comprise the basic setup of SLP. If SLP is not working properly after completing these steps, troubleshoot as follows:
Determine whether the SLP protocol on the workstation can "see" the tree or server:
On the workstation (at a command prompt):
slpinfo /a
The Tree you are trying to find should be listed under the section:
======== Trees ========
The server (SA) you are trying to find should be listed under the section:
======== Servers ========
The Directory Agent (DA) should be listed under the section
========Directory Agents ========
On the server: (in a console terminal session or via Putty), use slptool:
To display all the partitions, including the tree:
slptool findsrvs service:ndap.novell
To display all the servers:
slptool findsrvs service:bindery.novell
If the service you are looking for is not found:
Possible Cause 1: The SLP service is stopped or not working properly on the server
Restart SLP
rcslpd restart
If this does not resolve the problem:
Possible Cause 2: SLP is not properly configured on the server
Configure SLP on the OES server serving as a DA.
1. Edit the /etc/slp.conf file
vi \etc\slp.conf
Define the Directory Agents
2. Uncomment the following line:
;net.slp.DAAddresses = myDa1,myDa2,myDa3
and replace myDa1, etc., with the DAs (including the server where you are editing this file)
3. Uncomment the following line:
;net.slp.isDA = true
4. Restart SLP
rcslpd restart
If this does not resolve the problem:
Possible Cause 3: The SLES Firewall is blocking SLP traffic
Disable the firewall
rcSuSEfirewall2 stop
If this resolves the problem, instead of disabling the firewall entirely, you can fine-tune the firewall to pass UDP and TCP traffic on port 427.
If this does not resolve the problem:
Possible Cause 4: eDirectory is not registering services with SLP
Either A) Wait for eDirectory to register the services or B) Restart eDirectory to re-register the services immediately.
A) Wait for eDirectory to register the services
The default registration timeout for OES is 60 minutes. This timeout can be changed. For example, to make eDirectory register every 10 minutes instead of the default 60 minutes (the eDirectory registration default on NetWare was 10 minutes), execute the following command (a restart of the ndsd service is required for the change to become active):
ndsconfig set n4u.nds.advertise-life-time=600
Verify the setting by typing:
ndsconfig get | grep -i n4u.nds.advertise-life-time
Observe the RNRadvertise value to see when eDir will attempt to register its Bindery and NDAP services again.
iMonitor > Agent Activity > Background Processes Schedule
(https://<ipaddress>:8030/nds/activity/background)
See TID 7001449 for more information about the eDirectory one hour timer and how to adjust it to register in a shorter interval. This TID also describes how to use iMonitor to watch eDirectory count down to the next registration of services.
B) Restart eDirectory to re-register the services immediately
Any users will be disconnected!
rcndsd restart
Note: DA backup and synchronization can be configured. If the DA has been designated as a backup server, the known services at the time of the last backup will be read from the backup file immediately upon the start/restart of the DA. The backup file can also be useful in troubleshooting SLP. If DA synchronization has been enabled, services will be synchronized between configured DAs. To enable DA backup and synchronization:
1. Edit the /etc/slp.conf file
vi \etc\slp.conf
2. Uncomment the following lines:
;net.slp.isDABackup = true
;net.slp.DASyncReg =true
3. Restart SLP
rcslpd restart
See TID 7001449 for more information about these options.
Possible Cause 5: SLP scopes are not correctly configured
A scope is always used in SLP name resolution. If no scope is specified, the "default" scope is used. The Novell Client will only find services which are advertised within the scope specified in the Client's SLP configuration. A Novell server will only advertise itself as being available within the scopes for which it is configured.
Novell Client Configuration:
Navigate to: System Tray > Red N > Novell Client Properties > Service Location tab > Scope List
If using a scope other than the default scope, enter it here.
Novell OES Server Configuration:
In a terminal session, edit the slp.conf file. For example:
vi /etc/slp.conf
Uncomment the line:
;net.slp.useScopes = myScope1,myScope2,myScope3
Edit this line to reflect the scopes for which this server is to be included. Ensure that there are no spaces between the scope names. i.e. "myScope1,myScope2" instead of "myScope1, myScope2".
Then restart SLP, using the command:
rcslpd restart
Possible Cause 6: Hosts file is mis-configured
Examine the /etc/hosts file. If present, remove the 127.0.0.2 line. See TID 7005104 or TID 7005394.
Cause
Possible causes addressed in this TID:
1: The SLP service is stopped or not working properly on the server
2: SLP is not properly configured on the server
3: The SLES Firewall is blocking SLP traffic
4: eDirectory is not registering services with SLP
5: SLP scopes are not correctly configured
1: The SLP service is stopped or not working properly on the server
2: SLP is not properly configured on the server
3: The SLES Firewall is blocking SLP traffic
4: eDirectory is not registering services with SLP
5: SLP scopes are not correctly configured
6: Hosts file is misconfigured
Additional Information
To further debug SLP, capture a LAN trace and/or enable SLP logging
Capture a LAN trace
To capture the LAN traffic associated with the startup/registration of SLP services on the OES server for analysis:
Start a LAN trace on the server, then restart SLP again.
tcpdump -i any -s 0 -w <filename.cap>
rcslpd restart
Press <CTRL><C> to stop the tcpdump
Transfer the LAN trace to a workstation
a) Run WinSCP on the Windows workstation
b) Email the trace using Linux command line:
mail -a <filename> <email_address>)
<ctrl><d> to send.
Examine the trace using Wireshark or other protocol analyzer (Wireshark filter = "srvloc").
Enable SLP Logging
1. Edit the /etc/slp.conf file
vi \etc\slp.conf
2. Uncomment the following lines in the "Tracing and Logging" section:
;net.slp.traceDATraffic = true
;net.slptraceReg = true
;net.slp.traceDrop = true
;net.slp.traceMsg = true
Capture a LAN trace
To capture the LAN traffic associated with the startup/registration of SLP services on the OES server for analysis:
Start a LAN trace on the server, then restart SLP again.
tcpdump -i any -s 0 -w <filename.cap>
rcslpd restart
Press <CTRL><C> to stop the tcpdump
Transfer the LAN trace to a workstation
a) Run WinSCP on the Windows workstation
b) Email the trace using Linux command line:
mail -a <filename> <email_address>)
<ctrl><d> to send.
Examine the trace using Wireshark or other protocol analyzer (Wireshark filter = "srvloc").
Enable SLP Logging
1. Edit the /etc/slp.conf file
vi \etc\slp.conf
2. Uncomment the following lines in the "Tracing and Logging" section:
;net.slp.traceDATraffic = true
;net.slptraceReg = true
;net.slp.traceDrop = true
;net.slp.traceMsg = true