NMAS: error -1660 Can not find Login Sequence

Document ID:7014308
Creation Date:17-Dec-2013
Modified Date:17-Dec-2013
- Micro Focus Products:
  eDirectory
  Open Enterprise Server

Environment

Novell eDirectory 8.8 for All Platforms

Situation

NMAS Error -1660

ndstrace with +time +tags +auth +rslv +nmas shows the following:

4214277888 AUTH: [2013/12/13 09:35:25.157] [00008054] <.Admin.NOVELL.MY_TREE.> EmuVerifyPassword returned error OS error of some sort (-255), conn: 15

4214277888 RSLV: [2013/12/13 09:35:25.157] Resolving \MY_TREE\Security

4214277888 RSLV: [2013/12/13 09:35:25.164] Resolving \MY_TREE\CN=Security\CN=Login Policy

4214277888 AUTH: [2013/12/13 09:35:25.164] [00008054] <.Admin.NOVELL.MY_TREE.> DCSimplePasswordVerifyEx returned error -1660 (0xfffffffffffff984), conn: 15

4214277888 AUTH: [2013/12/13 09:35:25.165] UpdateLoginAttributesThread page 1 processed 1 login in 1 milliseconds

4214277888 AUTH: [2013/12/13 09:35:25.165] UpdateLoginAttributesThread page 2 processed 0 login in 0 milliseconds

345507584 AUTH: [2013/12/13 09:35:25.165] UpdateLoginAttributesThread page 1 processed 0 login in 0 milliseconds

345507584 AUTH: [2013/12/13 09:35:25.165] UpdateLoginAttributesThread page 2 processed 0 login in 0 milliseconds

4214277888 AUTH: [2013/12/13 09:35:25.165] [00008054] <.Admin.NOVELL.MY_TREE.> LocalLoginRequest. Error failed authentication (-669), conn: 15.

Resolution

The login sequence "Simple Password" is missing or needs to be deleted and recreated. It possilbe that the method must be re-installed, the then sequence created.

To delete the Simple Password login sequence:

Launch Novell iManager.

Authenticate to the eDirectory tree as an administrator or a user with administrative rights.

On the Roles and Tasks menu, click NMAS > NMAS Login Sequences.

Select the Simple Password login sequence.

Click Delete, then click Yes.

Create the login sequence.

Launch Novell iManager.

Authenticate to the eDirectory tree as an administrator or a user with administrative rights.

From the Roles and Tasks menu, click NMAS > NMAS Login Sequences.

Click New and specify a name for the new login sequence - Simple Password.

All available methods are listed under Available Login Methods and Available Post-Login Methods.

Select the Sequence Type from the drop-down list - should be AND.

Use the horizontal arrows to add each desired method to the sequence. For the Simple Password sequence select Simple Password from the Available Login Methods, and move it to Login Methods.

Click Finish to save the login sequence.

If this does not work then re-install the method. The sequence might have to be re-create again after installing the method.

Here is an example of installing the Simple Password method on a Linux server.

/opt/novell/eDirectory/bin/nmasinst -addmethod 'cn=admin.o=novell' 'MY_TREE' /opt/novell/nmas/nmasmthd/SimplePassword/config.txt -h 192.168.0.52

Where -h is the IP of a server with a replica of root and the security container and of course change the admin and tree name.

Cause

The login sequence "Simple Password" is missing or corrupted.

Additional Information

Documentation for methods and sequences and the management of methods and sequences.

https://www.netiq.com/documentation/edir88/edirin88/data/a79kg0w.html#aif16f0

https://www.netiq.com/documentation/nmas33/admin/data/a53vj9a.html

See TID 7009602 for information on how to take a NMAS trace.