Node Service Enabled
5093 Node Service Error
5079 LDAP Data error
Error is shown in the Configuration Manager Health screen:"The node service system can not operate normally: error writing node service heartbeat: 5079 ERROR_LDAP_DATA_ERROR (error writing node service data: javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - NDS error: illegal attribute (-608)])"
1. If node service is not needed, disable it in SSPR Configuration Editor under Settings, Application, Session Management
2. If node service is desired, extend the schema to add the pwmData attribute (new in SSPR 4.4 or later).
The eDirectory schema can be extended in multiple ways. See "Manually Extending the Schema" in the eDirectory documentation at https://www.netiq.com/documentation/edirectory-92/edir_admin/data/amijij0.html
Use the "edirectory-schema.ldif," the "edirectory-schema-update.ldif, or " edirectory-schema.sch file included with SSPR. These can be found in Configuration Editor by clicking the "book" icon in the top right to open the reference documentation. Select "LDAP Schema Definition" and download schema LDIFs.
When properly extended the objectclass pwmUser will include the pwmData attribute. All users will have an objectclass attribute value of pwmUser on all the servers that SSPR would connect to.
The NDS illegal attribute error occurs when the schema is not properly extended.
The node service allows SSPR to detect and identify when multiple application nodes are similar configured and can share user sessions. It must be enabled for Password Expiration Notification Emails to work properly.