Web Services products (iFolder, iManager) not working properly because of LDAP issues
(Last modified: 13May2004)
This document (10081103) is provided subject to the disclaimer at the end of this document.
fact
Novell eDirectory 8.7.3 for All Platforms
Novell eDirectory 8.7.1 for All Platforms
Novell eDirectory 8.7 for All Platforms
symptom
Web Services products (iFolder, iManager) not working properly because of LDAP issues
Error: "Failed to add LDAP Server because of version incompatibiliy"
Cannot add LDAP Server Object to LDAP Group
LDAP Simple Bind failed error -81 when trying to query LDAP (or perform a test export).
ldapconfigversion attribute is missing on "other" tab for LDAP Group & LDAP Server objects
change
Upgraded to eDirectory 8.7.0
Upgraded to eDirectory 8.7.1
Upgraded to eDirectory 8.7.3
cause
When the LDAP Group object is created outside manually, it is created with an ldapconfigversion of '0'.
The LDAP objects for servers using eDirectory 8.7 will be created with an ldapconfigversion of '5.'
The LDAP objects for servers using eDirectory 8.7.1 will be created with an ldapconfigversion of '7.'
The LDAP objects for servers using eDirectory 8.7.3 will be created with an ldapconfigversion of '8.'
This difference creates the 'version incompatibility'.
fix
Open the properties box of the LDAP Server object
Click on the 'Other" tab and locate the ldapconfigversion attribute
Expand the ldapconfigversion attribute and verfy the config number.
Close the LDAP Server object
Go to the LDAP Grojup object and open the Properties Dialog box
Click on the 'Other' Tab and the ldapconfigversion attribute to expand it.
Click the 'Modify' button and change the value so that it matches one of the LDAP Server object ldapconfigversion values noted above.
NOTE:
1. Make sure that when you are re-creating the LDAP objects you create the objects with the latest ConsoleOne snap-ins, it is best to launch ConsoleOne from the server you are working on, so that the snap-ins will be the correct ones to work with that version of eDirectory.
2. Make sure that the NCP Server object has an LDAP Server attribute on it, if not use ConsoleOne and add the attribute on the "other" tab, then unload and re-load the NLDAP.NLM.
3. Make sure that ldapbindrestrictions attribute is also associated with the LDAP Server object, if not you may need to re-extend LDAP schema on that server. Go to NWCONFIG | DIRECTORY OPTIONS and specify the path to the schema file, which will most likely be SYS:SYSTEM\SCHEMA\LDAP.SCH. Then run the following DSTRACE commands at the console prompt:
SET DSTRACE=ON
SET DSTRACE=+SCHEMA
SET DSTRACE=*SSD
SET DSTRACE=*SSA
Wait for an "All Processed = Yes" on the Directory Services Screen then continue to the ConsoleOne Section of this TID.
document
| Document Title: | Web Services products (iFolder, iManager) not working properly because of LDAP issues |
| Document ID: | 10081103 |
| Solution ID: | NOVL87865 |
| Creation Date: | 14Mar2003 |
| Modified Date: | 13May2004 |
| Novell Product Class: | NetWare Novell eDirectory |
disclaimer
The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.