Environment
Novell eDirectory 8.8 for All Platforms
Situation
NMAS Error -1660
ndstrace with +time +tags +auth +rslv +nmas shows the following:
4214277888 AUTH: [2013/12/13 09:35:25.157] [00008054] <.Admin.NOVELL.MY_TREE.> EmuVerifyPassword returned error OS error of some sort (-255), conn: 15
4214277888 RSLV: [2013/12/13 09:35:25.157] Resolving \MY_TREE\Security
4214277888 RSLV: [2013/12/13 09:35:25.164] Resolving \MY_TREE\CN=Security\CN=Login Policy
4214277888 AUTH: [2013/12/13 09:35:25.164] [00008054] <.Admin.NOVELL.MY_TREE.> DCSimplePasswordVerifyEx returned error -1660 (0xfffffffffffff984), conn: 15
4214277888 AUTH: [2013/12/13 09:35:25.165] UpdateLoginAttributesThread page 1 processed 1 login in 1 milliseconds
4214277888 AUTH: [2013/12/13 09:35:25.165] UpdateLoginAttributesThread page 2 processed 0 login in 0 milliseconds
345507584 AUTH: [2013/12/13 09:35:25.165] UpdateLoginAttributesThread page 1 processed 0 login in 0 milliseconds
345507584 AUTH: [2013/12/13 09:35:25.165] UpdateLoginAttributesThread page 2 processed 0 login in 0 milliseconds
4214277888 AUTH: [2013/12/13 09:35:25.165] [00008054] <.Admin.NOVELL.MY_TREE.> LocalLoginRequest. Error failed authentication (-669), conn: 15.
Resolution
The login sequence "Simple Password" is missing or needs to be deleted and recreated. It possilbe that the method must be re-installed, the then sequence created.
To delete the Simple Password login sequence:
Launch Novell iManager.
Authenticate to the eDirectory tree as an administrator or a user with administrative rights.
On the Roles and Tasks menu, click NMAS > NMAS Login Sequences.
Select the Simple Password login sequence.
Click Delete, then click Yes.
Create the login sequence.
Launch Novell iManager.
Authenticate to the eDirectory tree as an administrator or a user with administrative rights.
From the Roles and Tasks menu, click NMAS > NMAS Login Sequences.
Click New and specify a name for the new login sequence - Simple Password.
All available methods are listed under Available Login Methods and Available Post-Login Methods.
Select the Sequence Type from the drop-down list - should be AND.
Use the horizontal arrows to add each desired method to the sequence. For the Simple Password sequence select Simple Password from the Available Login Methods, and move it to Login Methods.
Click Finish to save the login sequence.
If this does not work then re-install the method. The sequence might have to be re-create again after installing the method.
Here is an example of installing the Simple Password method on a Linux server.
/opt/novell/eDirectory/bin/nmasinst -addmethod 'cn=admin.o=novell' 'MY_TREE' /opt/novell/nmas/nmasmthd/SimplePassword/config.txt -h 192.168.0.52
Where -h is the IP of a server with a replica of root and the security container and of course change the admin and tree name.
Cause
The login sequence "Simple Password" is missing or corrupted.
Additional Information
Documentation for methods and sequences and the management of methods and sequences.
See TID 7009602 for information on how to take a NMAS trace.