Satellite servers fail FQDN logins after update - Windows Only

  • Document ID:7012945
  • Creation Date:25-Jul-2013
  • Modified Date:29-Mar-2016
    • Micro Focus Products:
      ZENworks Configuration Management

Environment

Novell ZENworks Configuration Management 11.2

Situation

Windows Authentication Satellite servers may fail user logon after system update.  The problem is specific to when the cache history user is used to bind (example CN=user1,CN=users,DC=domain,DC=com).

ERROR (from server ats.log):

2013-07-25 08:09:00,802 WARN authtoksvc.PwdAuthenticate invoke()- NamingException: Method Not Implemented
2013-07-25 08:09:00,865 WARN authtoksvc.PwdAuthenticate invoke()- Failed to resolve identity for entity CN=user1,CN=users,DC=domain,DC=com

ERROR (from agent zmd-messages.log):

[DEBUG] [07/24/2013 15:37:41.399] [1888] [ZenworksWindowsService] [78] [] [CommonCasa] [] [ObtainAuthToken took exception: -939589594 System.Exception: -939589594
   at Novell.Casa.Client.Auth.Authtoken.ObtainAuthToken(String sService, String sHost, WinLuid luid, String()& extraData, IntPtr micasaContext, String& AuthMech)
   at Novell.Zenworks.Zmd.Common.CasaHelper.ObtainAuthToken(String SessionID, String RealmName, String Host, String& AuthToken, String()& ExtraAttribs, IntPtr MicasaContext, String& AuthMech)] [] [] 
 [DEBUG] [07/24/2013 15:37:41.399] [1888] [ZenworksWindowsService] [78] [] [CommonCasa] [] [Stack Trace:     at Novell.Casa.Client.Auth.Authtoken.ObtainAuthToken(String sService, String sHost, WinLuid luid, String()& extraData, IntPtr micasaContext, String& AuthMech)
   at Novell.Zenworks.Zmd.Common.CasaHelper.ObtainAuthToken(String SessionID, String RealmName, String Host, String& AuthToken, String()& ExtraAttribs, IntPtr MicasaContext, String& AuthMech)] [] [] 





Resolution

The following steps should update the CasaAuthTokenSvc web app to current versions with classes supporting the new method required for user FQDN login names.
  1. Confirm that the file in %ZENWORKS_HOME%\webserver\webapps\CasaAuthTokenSvc.war is proper and current to version.   Do not, copy it manually from another authentication server.
  2. Delete the %ZENWORKS_HOME%\CasaAuthTokenSvc directory (do not delete the .war file).
  3. Restart the Novell ZENworks Agent Service and the Novell ZENworks Authentication Server service.
  4. Refresh the agent.
  5. Run zac asr -t all