Authentication Issues During Synchronization
Articles and Tips: qna
01 Aug 2002
Q.
While preparing for our eDirectory upgrade next month, I have been tracking down stuck obituaries on various servers. On one NetWare v5.0, SP6a, NDS7.51 server, I performed an unattended full repair and immediately saw NDS synchronization errors between this server and all other servers in its replica rings. This server holds a Read-Write replica of the [Root] partition and subordinate references to the three branch partitions of our tree.
The DSRepair synchronization check errors are:
-632 Remote from remote RW replicas to this server
-669 Remote from this server's replica to remote RW replica servers
-no errors to servers holding subordinate references
I have performed the following steps:
-Advanced Options/Repair Local Database/Check Local References Only
0 errors
-Advanced Options/Servers Known to this Server/Select a server/Repair all Network Addresses
0 errors
-Unattended Full Repair
2 errors found in stream syntax files
In the repairing replica ring phase, the message
"ERROR: - Could not Authenticate, error: -669"
displays for each server holding a Read/Write of the partition. The message
"OK - Authenticated to server"
displays for each server holding a subordinate reference of the partition. My questions are:
Do you recognize this scenario and do you have a suggestion on how I can restore authentication to the server?
If not, what is the best method for removing a dead server cleanly?
Not Authenticating in Amman
A.
Dear Not Authenticating: From my familiarity with this type of situation, it appears that it is a corruption in the encryption key on the server and that the only recourse is to remove the server and reinstall NDS. Make sure you bring down the affected server and remove it from your NDS tree via NDSManager. I suspect that this will work for you.
* Originally published in Novell AppNotes
Disclaimer
The origin of this information may be internal or external to Novell. While Novell makes all reasonable efforts to verify this information, Novell does not make explicit or implied claims to its validity.