Master/Slave Server is not reachable
We have standalone server install, but then I go to System->object finder and try to search something: i got the following error:
"Master/Slave Server is not reachable"
This typically indicates a problem with the System Identity User. Go to Common Services > Server > Security > System Identity Setup. Re-enter the username and password, and make sure the username points to an account with full access to all LMS applications and tasks.
Similar Messages
-
Weblogic Server is not reachable
Hi Guys,
we use a Weblogic Server 4.5.1 SP8 on Solaris 2.7 und JDK 1.2.1_04 and the
performance pack.
In addition we use a Netscape Enterprise Server as a proxy with the nsapi
bridge. Sometime the Weblogic Server is not reachable over the T3 protocol.
In the access log of the NES we get timeout errors for Weblogic Server. We
used the weblogic.Admin class to ping the server at every minute. So we
could realize that the server was not reachable for about 5 minutes. After
that time the server worked normally. But during this time the server seemed
to be dead. There was no logging at all. Does anyone has an idea?
Thanks in advance
Lutz StrobelThanks a lot. It is restarted. Could you please elaborate the solution... this was related to some security right?
-
Hey guys,
I had implemented a Java MATLAB server, which can handle MATLAB requests. Now I want to implement a master server which forwards the request to different slave server with a connection with MATLAB. This architecture should handle parallel requests.
What should I use?
RMI or JMS?
Thanx in advance!That is the most efficient provided you have buffering, i.e. new DataInputStream(new BufferedInputStream(socket.getInputStream())) and new DataOutputStream(new BufferedOutputStream(socket.getOutputStream())).
The other techniques I listed are easier to program and higher-level, i.e. more powerful. If your application protocol is already designed you are already doing it the best way. -
After enabling of SSL encrypton on LDAP I can't connect anymore to the LDAB. I think the Lions Server supports now the SSL encrypton for Open Directory.
.....
-
What's up with the iPhone update server. I have repeatedly tried in recent days to update the IOS software on my wife's 3GS iPhone but keep getting message that the iPhone update server cannot be contacted. The phone syncs normally and I am sure I am connected to the internet properly. Also I have successfully updated ITunes software during this same time frame. What gives??
Try this support document http://support.apple.com/kb/TS3694 and look at this section.
Unable to contact the iOS software update server gs.apple.com
Error 1004, 1013, 1638, 3194: These errors may be the result of the connection to gs.apple.com being redirected or blocked. Follow these steps to resolve these errors:
Install the latest version of iTunes.
Check security software. Ensure that communication to gs.apple.com is allowed. Follow this article for assistance with security software. iTunes for Windows: Troubleshooting security software issues.
Check the hosts file. The restore will fail if there is an active entry to redirect gs.apple.com. Follow iTunes: Advanced iTunes Store troubleshooting to edit the hosts file or revert to a default hosts file. See section "Blocked by configuration: (Mac OS X/Windows) > Rebuild network information".
Try to restore from another known-good computer and network.
If the errors persist on another computer, the device may need service. -
Air video server not reachable?
I cannot figure out why the air video server is not reachable.
Also, see here:
http://www.inmethod.com/air-video/troubleshooting.html -
Slave instance can not synchronized with the master for a long time
Hi,
Slave instance can not synchronized with the master for a long time, and the gap of LSNs between slave and master are more and more larger. The transfer bytes per second between master and slave is 118MB/s , upper limit to the ethernet card. Why???
ENVIRONMENT:
1. A network program which we called mcdb is based on BDB 4.8.30. It is used to accept get/set requests and then query data from bdb or save data to bdb.
2. mcdb implements replication with bdb replication manager api. The default start replication policy is DB_REP_ELECTION, rep ack policy is DB_REPMGR_ACKS_ONE_PEER and rep priority is 100.
3. The bdb data files, bdb log files, region files and rep files are all in the same home directory.
4. There are two instances of the mcdb are separately on two standalone servers which has no other programs. These two instances are in one replication group which can elect a master automatically.
5. The master instance is online, which has lots of requests (get, set, delete).
ACTIONS:
1. Start two mcdb instances on two servers and the two instance make a replication group. Slave has already synchronized with the master.
2. Stop the slave for a long time (more than 20 hours).
3. Start the slave instance to synchronize data with master.
RESULT:
1. the gap of LSNs between slave and master are more and more larger.
2. db_stat of master and slave:
master db_stat:
467170 Number of PERM messages not acknowledged
9245 Number of messages queued due to network delay
172415 Number of messages discarded due to queue length
25880 Number of existing connections dropped
3407 Number of failed new connection attempts
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
DB_REPMGR site information:
10.67.15.146 (eid: 0, port: 30011)
Environment configured as a replication master
331726/3574994 Next LSN to be used
0/0 Not waiting for any missed log records
328872/466092 Maximum permanent LSN
0 Next page number expected
0 Not waiting for any missed pages
0 Number of duplicate master conditions originally detected at this site
2147M Current environment ID (2147483647)
100 Current environment priority
49 Current generation number
50 Election generation number for the current or next election
2323 Number of duplicate log records received
0 Number of log records currently queued
6768 Maximum number of log records ever queued at once
55284 Total number of log records queued
120M Number of log records received and appended to the log (120475988)
111 Number of log records missed and requested
2147M Current master ID (2147483647)
2 Number of times the master has changed
0 Number of messages received with a bad generation number
8505306 Number of messages received and processed
12 Number of messages ignored due to pending recovery
471869 Number of failed message sends
12M Number of messages sent (12959945)
0 Number of new site messages received
1 Number of environments believed to be in the replication group
990543 Transmission limited
0 Number of outdated conditions detected
0 Number of duplicate page records received
0 Number of page records received and added to databases
0 Number of page records missed and requested
Startup complete
6244678 Number of transactions applied
0 Number of startsync messages delayed
1 Number of elections held
1 Number of elections won
No election in progress
0.057097 Duration of last election (seconds)
8944103 Number of bulk buffer sends triggered by full buffer
0 Number of single records exceeding bulk buffer size
5273M Number of records added to a bulk buffer (5273592170)
10M Number of bulk buffers sent (10490865)
0 Number of re-request messages received
0 Number of request messages this client failed to process
0 Number of request messages received by this client
slave db_stat:
0 Number of PERM messages not acknowledged
0 Number of messages queued due to network delay
0 Number of messages discarded due to queue length
1454 Number of existing connections dropped
0 Number of failed new connection attempts
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
DB_REPMGR site information:
10.67.15.147 (eid: 0, port: 30011)
Environment configured as a replication client
329544/2916048 Next LSN expected
330433/2013808 LSN of first log record we have after missed log records
329543/5500501 Maximum permanent LSN
0 Next page number expected
0 Not waiting for any missed pages
0 Number of duplicate master conditions originally detected at this site
2147M Current environment ID (2147483647)
100 Current environment priority
49 Current generation number
50 Election generation number for the current or next election
5256M Number of duplicate log records received (5256599432)
3925284 Number of log records currently queued
3925285 Maximum number of log records ever queued at once
4880561 Total number of log records queued
3578038 Number of log records received and appended to the log
1912297 Number of log records missed and requested
0 Current master ID
1 Number of times the master has changed
0 Number of messages received with a bad generation number
12M Number of messages received and processed (12980442)
2 Number of messages ignored due to pending recovery
0 Number of failed message sends
1912307 Number of messages sent
0 Number of new site messages received
0 Number of environments believed to be in the replication group
0 Transmission limited
0 Number of outdated conditions detected
0 Number of duplicate page records received
0 Number of page records received and added to databases
0 Number of page records missed and requested
Startup incomplete
110568 Number of transactions applied
80 Number of startsync messages delayed
0 Number of elections held
0 Number of elections won
No election in progress
0 Number of bulk buffer sends triggered by full buffer
0 Number of single records exceeding bulk buffer size
0 Number of records added to a bulk buffer
0 Number of bulk buffers sent
0 Number of re-request messages received
0 Number of request messages this client failed to process
0 Number of request messages received by this client
Edited by: 899585 on 2013-1-4 下午10:54
Edited by: 899585 on 2013-1-4 下午10:55Hi,
Unfortunately, this issue is beyond the level of what is supported over the forum. Performance related issues are extremely complex and require an in-depth understanding of your environment and dedicated support. In a generic sense, you can look at this as a basic queueing problem. You have a server that went down and work is still coming in. When the server gets started it is possible that it may never catch up depending on new work coming in and the rate at processing the old work.
So what would you do in this case --- one thing would be to reduce the new work coming in. In HA terms this would be slowing the master down and you can increase DB_REP_ACK_TIMEOUT for this. Another thing you could do is add fresh servers to help reduce the workload. In HA terms, this would be the equivalent of restarting the client and give it a fresh look at everything. Another thing you could do is replan the system and load balance. In HA terms, it would mean something like take a hot backup of the master and reinit a client from scratch.
If you are interested in getting a dedicated support person working on this concern, please let me know and we can move forward down that path. Just respond to the thread with your email address and I will get in contact with you so we can pursue that approach.
thanks
mike -
For server the Node Manager associated with machine is not reachable
Hello all,
I am getting this error, when i start my Managed Server which is in shutdown state
For server SAA-Dev-1, the Node Manager associated with machine vm-bea-dev is not reachable.
All of the servers selected are currently in a state which is incompatible with this operation or are not associated with a running Node Manager. No action will be performed.
The configuration details are
i am using weblogic 9.2 MP3 version in windows 2k3 server.
It has a machine vm-bea-dev, a cluster cluster-saa-dev, to which both the managed servers saa-dev-1 and saa-dev-2 are assigned. There are 3 applications deployed onto managed Server 1 and 1 for managed Server 2.
Managed Server 1 is in shutdown state, and when i start the server, it gives the error specified below
For server SAA-Dev-1, the Node Manager associated with machine vm-bea-dev is not reachable.
All of the servers selected are currently in a state which is incompatible with this operation or are not associated with a running Node Manager. No action will be performed.
The same for Managed Server 2 too, and this server is in Admin State, i dont know how it went into that state.
Can somebody please help me reslove it.
Thanks in advanceActually the cert is coming from your Dev machine but it is sending the Prod cert.
What cert is used by your admin server ? It should match the host name.
So your Dev machine is apparently using a copy of the prod cert / keystore rather than using its own DEV cert. It's not clear from your post whether this is the nodemanager using the wrong cert, or the managed server. So both should be checked.
The managed servers need to be using a cert that matches their host name. If you have a managed server on VM-BEA-DEV, then the cert needs to be CN=VM-BEA-DEV. You can also use a load-balancer CN name in the cert if you have the cluster's HTTP values set to match.
In your nodemanager.properties, are you explicitly accessing keystores, such as with:
KeyStores=CustomIdentityAndJavaStandardTrust
CustomIdentityAlias=some_alias
CustomIdentityKeyStoreFileName=some_path_to_keystore
CustomIdentityKeyStorePassPhrase={3DES}...
CustomIdentityKeyStoreType=jks
CustomIdentityPrivateKeyPassPhrase={3DES}
In my multi-machine clusters, I have multiple certificates such as:
admin machine1:
has a cert for use by the admin server and NM that matches the host name ( with node manager.properties entries such as the above )
has a 2nd cert that matches the load-balancer name for the cluster - used by the managed servers
all other machines:
has a cert for use by NM that matches the host name ( with node manager.properties entries such as the above )
has a 2nd cert that matches the load-balancer name for the cluster - used by the managed servers -
Weblogic Server Installation in Master/Slave
Hi All,
I have two linux server dedicated for weblogic server and I want to configure weblogic server on both the machines with one of them becomes a server and other machine will be a slave.
I have searched a lot but couldn't find any adequate information. Could someone please shed some light on how to install/configure weblogic server in master/slave fashion/pattern?
I appreciate for any help.
Thanks,
SanjayI think you need to do some reading of how domain's are organized with 1 Admin Server and 0 to many Managed Servers. The Managed Servers can be grouped into Clusters if you want. The servers can be across multiple machines. Check out the following link and perhaps the detail under clustering and respond if you have a more precise question.
http://edocs.beasys.com/wls/docs103/domain_config/understand_domains.html#wp1101973 -
11g node manager reachable but server does not start from admin console
I have a issue with node manager is reachable from admin console and from command prompt it is not connected and could not able to start the managed server.
If i change /config/nodemanager/nm_password.properties plain text and restart it is not reachable in admin console abut can connect from command prompt. I could not able to start the even with this scenario.
i see below error when try to check machine monitor tab.
<Error> <NodeManager> <BEA-300033> <Could not execute command "getVersion" on the node manager. Reason: "Access to domain 'dom_11gint' for user 'Ckr10ycOJN' denied".>
Ckr10ycOJN username in config.xml
node manager and managed servers are not root user process.
Please help me if have any suggestions.Pls. make sure the following points in your environment.
1) Check '*nodemanager.domains*' file in <<WL_HOME>>\commo\nodemanager directory
a) This file should have the entry for your domain 'dom_11gint'.
b) Ensure the path referred in the nodemanager.domains file is correct one.
2) Ensure the following remote server startup parameters are passed properly.
a) In the Admin Console, Navigate Servers --> <<SERVER_NAME>> -->Configuration --> Server Start
b) Pass the required Class Path, Arguments, User Name, Password(User name and Password to boot the managed servers) -
Afaria Trial Server Not reachable
Hi All,
I created a SAP Afaria Trial account, the account has instantiated a Server with a IP private address
which is not reachable, I have tested the IP (10.17.3.207) with following tools
Ping.eu
Tracert
It fails to reach the server
I did the following :
Went to the site http://www.sapmobilesecure.com/
Clicked on Free Trail
Registered my self
Got Two emails with login credentials
Logged into the server https://portal.sapafaria.com/login.php
Got the Server IP(10.17.3.207) address from Server Tab from the Administrator menu
Tried to access the wsdl as follows from desktop chrome browser
http://10.17.3.207:7980/AfariaService/Policy?wsdl
Which returns following error message in the chrome browser (I have installed fiddler in chrome)
[Fiddler] The connection to '10.17.3.207' failed.
Error: TimedOut (0x274c).
System.Net.Sockets.SocketException A connection attempt failed because the connected party did not properly
respond after a period of time, or established connection failed because connected host has failed to respond
The IP provided is private(as tested from ping.eu).
Can any one help in any pointer to resolve the issue.Hello Prakash,
as SAP Afaria is a tool for mobile devices, you might have a faster answer if you post this question in the SAP for Mobile Discussions (as that Space is more relevant for mobile-related problems).
Regards,
Laszlo -
SPA 3102- STUN SERVER NOT REACHABLE
Hello,
Following are Line 1 settings of an SPA-3102
Nat mapping enabled=yes
Nat keep alive enabled=yes
Proxy server:correct proxy server specified
Outbound proxy server: Correct outbound proxy server specified
UserID and passwords are configured properly
SIP TAB:
RTP port min=16384
RTP port max=16390
Handle via received=yes
Insert via received=yes
Substitute via addr=yes
STUN enable=yes
STUN Server=aa.aa.com (correct STUN server configured)
Hadle via rport=yes
Inser via rport=yes
Send resp to SRC port=yes
STUN test enable=yes
TURN server=not configured
STUN test enable=yes
EXT IP=not configured
NAT keep alive INTVL=15
Problem:
On the REGISTER message I am receiving following warning
Warning: 399 spa "STUN Server Not Reachable"
User-Agent: Linksys/SPA3102-5.1.7(GW)
Content-Length: 0
Allow: ACK, BYE, CANCEL, INFO, INVITE, NOTIFY, OPTIONS, REFER
Supported: x-sipura, replaces
Would you please explain why I receive STUN not reachable warning? It is a reachable STUN server. SPA 3102 devices are placed behind ADSL modems of ITSPI just noticed that you have Handle VIA received = yes, so if the proxy is responding with a 'received' tag, then the SPA would learn its external IP, without needing to contact the STUN server. I have a system that is behind NAT but does not need STUN or symmetric RTP, because it uses the IP from the received tag in the SDP. (In my case, I have the RTP ports forwarded to the SPA, so no port number translations are needed.)
-
My solution for AEBS locking up (NTP server not reachable)
I'll prefix this by saying that the issue that I found is pretty rare, but easy to fix.
I had a problem with my Airport Express that would cause all sorts of weird problems. After a couple days, either it wouldn't print, not allow clients to associate, not accept the correct password in the Airport Admin Utility, or not show up in the Airport Admin utility.
It turns out that I had enabled using a NTP server, but the NTP server wasn't reachable. In my network setup, the airports are in part of the subnet that's firewalled from the internet. The fix was for me to change the NTP server to an internal machine, but turning off NTP would have worked just the same.
NTP seems to only be used for logging, so turning it off shouldn't affect network performance.
I haven't had to reset either base stations since.Here you go!
Use the terminal and be a root user and follow the steps bellow:
cd /etc
more ntp.conf
Then include this two lines:
server 127.127.1.1 prefer
fudge 127.127.1.1 stratum 3 refid NIST
After that save and exit. Then checked your ntp using the server admin tool and thats done. Be warn don't mend anything with the system preferences date and time. -
Master-Slave Problem: Please Help
I am having a problem getting master/slave repositories set up for synchronization.
My MDM server environment is Solaris with Oracle 10.2 database.
MDM version is 5.5.41.58 (5.5 SP05).
I create a repository. I unarchive my data into it. I create a slave repository from it. I go into Data Manager and change the description of one product in the master repository. In the Console, the server log has the following message:
Master Server failed to log change because of error: The new transaction id is less than the last transaction id. (code 4289454080).
Has anybody had the same issue? Any clues as to what the problem and/or fix is?
Thanks in advance.Hello Simon,
Thank you for taking the time to respond.
The unarchive process involved the following: we have a production catalog running MDM 4.0.58. We had an SAP consultant assist in migrating our catalog to MDM 5.5 SP05. This was done using a local server running Windows and SQL Server. From the Windows MDM 5.5, I made an archive. I transferred it to the Solaris/Oracle environment. Using the Console I did the unarchive.
One interesting thing to note: when MDM 5.5 SP05 was installed on Solaris, the "Modifications" directory was not created. Initial attempts to synchronize gave a different error. I determined that the directory was missing and had our data center admin create it. He then stopped the MDM server and restarted it. Then I deleted my master and slave repositories and started over. And then got the error referenced above.
Running the CLIX command gives the following:
52 for the master and 50 for the slave.
In the server log, the only errors I see (other than the one about the transaction id's) are when starting the master and slave repositories I see:
SERVICE 'xxx', SCHEMA 'yyy', ERROR CODE=1002 ||| ORA-01002: fetch out of sequence Last CMD: SELECT PermanentId, Id, F153, F154, F163, F164, F353, F387, F414 FROM A2i_40
In the assertion log, there is nothing at the time of creating the slave. When starting the slave, there are many messages relating to accelerators. At the time when I was changing the data in the master, there are messages from A2iIndexedTransactions.cpp (lines 647, 119, 96, and 231).
If you need any more info, let me know.
Thanks again for your help. -
Problems installing an iFolder slave server
Hi,
I have an iFolder 3.8.4.0 master server configured and working with an AD server. I am now trying to add a second iFolder server as a slave in this iFolder domain. I'm running simias-server-setup and choosing "Y" when I get to the "Slave Server?" prompt. I'm putting in the same iFolder admin user and proxy user and passwords that I used for the master server. However, I get a failure at the end that indicates a credential error. Since the conversation is SSL-encrypted, I can't get much useful information in a WireShark trace. I should note on this same server, if I configure it as another master, it works perfectly against the AD server with SSL, so I'd have to believe the SSL cert for the AD server is properly imported. Is there any type of debug logging I can enable or more detailed output tracing I can do to determine why this is failing?
Here is the error at the end of the simias-server-setup script:
----------- excerpt ---------------------
Ldap certificate :
Mono Certificate Manager - version 2.6.4.0
Manage X.509 certificates and CRL from stores.
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2008 Novell. BSD licensed.
X.509 Certificate v3
Issued from: DC=local, DC=wwt, DC=test, CN=testad1
Issued to: CN=TESTAD1.test.wwt.local
Valid from: 02/06/2012 05:20:54
Valid until: 02/05/2013 05:20:54
----- ACCEPT LDAP CERTIFICATE -----
Accept LDAP Certificate? [Y]:
Done
Connecting to ldaps://10.2.2.164/...
at Novell.Directory.Ldap.LdapResponse.chkResultCode () [0x00000] in <filename unknown>:0
at Novell.Directory.Ldap.LdapConnection.chkResultCode (Novell.Directory.Ldap.LdapMessageQueue queue, Novell.Directory.Ldap.LdapConstraints cons, Novell.Directory.Ldap.LdapResponse response) [0x00000] in <filename unknown>:0
at Novell.Directory.Ldap.LdapConnection.Bind (Int32 version, System.String dn, System.SByte[] passwd, Novell.Directory.Ldap.LdapConstraints cons) [0x00000] in <filename unknown>:0
at Novell.Directory.Ldap.LdapConnection.Bind (Int32 version, System.String dn, System.String passwd, Novell.Directory.Ldap.LdapConstraints cons) [0x00000] in <filename unknown>:0
at Novell.Directory.Ldap.LdapConnection.Bind (System.String dn, System.String passwd, AuthenticationTypes authenticationTypes) [0x00000] in <filename unknown>:0
at Novell.Directory.Ldap.LdapConnection.Bind (System.String dn, System.String passwd) [0x00000] in <filename unknown>:0
at Novell.iFolder.Utility.LdapUtility.Connect () [0x00000] in <filename unknown>:0
at Novell.iFolder.SimiasServerSetup.SetupLdap () [0x00000] in <filename unknown>:0
Removing slave from master
Url https://testif1.wwt.com/simias10/HostAdmin.asmx
Url https://testif1.wwt.com/simias10/DomainService.asmx
Failed
LdapException: (49) Invalid Credentials
LdapException: Server Message: 80090308: LdapErr: DSID-0C0903AA, comment: AcceptSecurityContext error, data 525, v1772
LdapException: Matched DN:
at Novell.Directory.Ldap.LdapResponse.chkResultCode () [0x00000] in <filename unknown>:0
at Novell.Directory.Ldap.LdapConnection.chkResultCode (Novell.Directory.Ldap.LdapMessageQueue queue, Novell.Directory.Ldap.LdapConstraints cons, Novell.Directory.Ldap.LdapResponse response) [0x00000] in <filename unknown>:0
at Novell.Directory.Ldap.LdapConnection.Bind (Int32 version, System.String dn, System.SByte[] passwd, Novell.Directory.Ldap.LdapConstraints cons) [0x00000] in <filename unknown>:0
at Novell.Directory.Ldap.LdapConnection.Bind (Int32 version, System.String dn, System.String passwd, Novell.Directory.Ldap.LdapConstraints cons) [0x00000] in <filename unknown>:0
at Novell.Directory.Ldap.LdapConnection.Bind (System.String dn, System.String passwd, AuthenticationTypes authenticationTypes) [0x00000] in <filename unknown>:0
at Novell.Directory.Ldap.LdapConnection.Bind (System.String dn, System.String passwd) [0x00000] in <filename unknown>:0
at Novell.iFolder.Utility.LdapUtility.Connect () [0x00000] in <filename unknown>:0
at Novell.iFolder.SimiasServerSetup.SetupLdap () [0x00000] in <filename unknown>:0
FAILED
In troubleshooting this error, I've noticed that when I re-run the simias-server-setup and point to the existing location of the Simias.config file that was partially created, when it gets to the point where it asks the admin user dn, it inserts an additional "dc=test" in the string below when it auto-suggests the admin user in [brackets]:
cn=ifadmin,cn=Users,dc=test,dc=test,dc=wwt,dc=loca l
I found this line in the master server's Simias.config file and corrected it to reflect the proper dn for the ifadmin user:
cn=ifadmin,cn=Users,dc=test,dc=wwt,dc=local
I then re-ran the simais-server-setup, and this time it auto-suggested the correct path, however it fails with a different error that states the admin user is in an invalid context, and it shows the "cn" of Users as an "ou":
cn=ifadmin,ou=Users,dc=test,dc=wwt,dc=local
So something is different between the master and slave configuration in the setup program, but I can't tell what I need to enter to make it work. Any suggestions would be greatly appreciated!!
Best regards,
GregI was eventually able to resolve this issue myself. In an effort to help someone else if they should have the same problem, I will relay the details. What I ended up doing is opening the port in my firewall between the iFolder server and the AD server to allow LDAP cleartext (389) and then running a WireShark trace on the AD server to see what was actually going on. As is typical with software installation problems, the problem turned out to be rather simple, however the logs didn't really give enough detail as to what was failing (see above, which is all I got when it failed).
I had already found out anecdotally when re-running the install script that I had one typo in the master iFolder server's Simias.config file (an extra "dc=test" somehow got inserted into the path of the "iFolder admin user" (ifadmin in our case)):
cn=ifadmin,cn=Users,dc=test,dc=test,dc=wwt,dc=loca l
I found this line in the master server's Simias.config file and corrected it to reflect the proper dn for the ifadmin user:
cn=ifadmin,cn=Users,dc=test,dc=wwt,dc=local
I then re-ran the Simias-server-setup, and this time it auto-suggested the correct path, however it fails with a different error that states the admin user is in an invalid context, and it shows the "cn" of Users as an "ou":
cn=ifadmin,ou=Users,dc=test,dc=wwt,dc=local
What I didn't see until I did the wireshark trace is that after the slave server contacts the master server on it's SOAP URL, it pulls down the LDAP search contexts that are configured on the master, and it then tries to verify each one against the LDAP server. If it gets to one that does not verify, it bails and ends with the "LDAP Credentials" error seen on my earlier post. The thing I was confused on, is the "second" error shown just above, where it changes "cn=Users" to "ou=Users" in the dn for the ifadmin user. That turned out to be another line in the LDAP search contexts pulled from the master's Simias.config file. That was configured in the file as "ou=Users,dc=test,dc=wwt,dc=local". Someone familiar with LDAP and eDirectory, like myself, won't immediately find anything wrong with that, since "users" is a container, and in our way of thinking really is an "OU". For AD, for whatever stupid reason, Microsoft decided that the "users" container is a "CN", whereas the "groups" container is an "OU". Nice consistency. My Master server worked with this typo, because we don't have any production users under the "CN=users..." container (except ifadmin, which is called out by FQDN earlier in the config file), so it never needs to search in that container anyway. In the WireShark trace, you could see the AD server failing on validation of that OU (err, I mean CN) of "Users", and that is where the simias-server-setup script bombed. An extra properly-worded line of explanation in the setup script would have prevented a few hours of hair-pulling, but at least it's working now. Hope it helps someone in the future.
Best regards,
Greg
Maybe you are looking for
-
I can't sync music already on my computer to my ipod touch; the ipod shows up under Devices in itunes but does not show buttons (Summary etc.) when I click on it. I've read through all the Help tutorials but none of them say what to do if the sync op
-
More information: The iPod ran out of battery late thursday night and I plugged it in to charge. The charging symbol appeared but within 20 minutes, the ipod had gotten very hot and had gained no charge. It hasn't been dropped and it hasn't gotten we
-
Mac running slow and Mackeeper not working since 10.9.2 installation
Why is my MacMini2 running slow after installing Mavericks? Why is MacKeeper no longer available?
-
Hi Everyone, I am getting below issues while processing few of the message, Description="Description not provided" is common across all the below listed error. Please let us know if any of you have ecountered this kind of issues. Error #1: A message
-
last saturday my iPhone 5 died... Now almost a week later I am trying to restore my calendar to my macbook, I've searched the community for an answer but there doesn't seem to be a logical solution, I'm using TEMPO calendar and I really need to get t