Identity Manager 4.0.2
Novell NetWare 6.5
SUSE Linux Enterprise Server 11 Service Pack 3 (SLES 11 SP3)
Use SDIDIAG to gather tree key information and determine which server holds all the keys.
Verify the server is assigned to the NDSPKI:SD Key Server DN attribute on the WO object.
Restart eDirectory on the server missing keys. The restart of eDirectory should sync the keys to the server.
If 64 bit keys exist, revoke them and issued a 168 bit key. Sent new keys out to the rest of the tree by restarting ndsd or using sdidiag.
After repairing the keys on the server, the NDS to NDS Driver Certificate Wizard ran successfully and created the certificates for the eDirectory Drivers.
Useful Documents TID 3455150- Using SDIDiag to gather specific SDKey information from servers.
Using SDIDIAG, found that the the server keys were missing on the IDM2.01 Server.
Formerly known as TID# 10096842
has the current sdidiag tool as of August 2014
2014-08-17 Rance Burker: Imported KB 10096842
and updated contents.