1025 error 1718:-672 insufficient rights
(Last modified: 24Jan2003)
This document (10023400) is provided subject to the disclaimer at the end of this document.
fact
Novell NetWare 4.11
Novell NetWare 4.2
Novell NetWare 5.0
NetWare Administrator
Attempting to create a user of group using a template object and assigning a home directory.
Attempting to create a user or group object using a template, without assigning a home directory.
Assigned an administrative group all except Supervisor Object or Property rights.
Formerly TID 2918241 "Key pair could not be generated"
Attempting to install ARCserve onto a server.
symptom
1025 error 1718:-672 insufficient rights
Error: "Object key pair could not be generated. 304:0x8805."
Error: "An object key pair could not be generated: Error code: 403: -601" (NWAdmin 4.10.4).
The User object is created but sometimes is unusable.
Error: "Unable to create AS_Backup_server. Error code = 0xFD88."
cause
There are two attributes that are added to containers where objects can be created. These
attributes are the CA Public Key and the CA Private Key. (CA = Certificate of Authority). The windows based utilities (different flavors of NWAdmin) use this in allowing the public and private key for an object to be created. If the CA Public and Private keys are corrupt, the public and private key for the object being created is not generated.
fix
Known solutions:
1) Run the DSRepair option to rebuild operational schema on all servers in the NDS tree or at least all servers that hold a copy of the partition in which you are trying to create the user.
To do this: Load DSRepair | Advanced options | Repair local ds database | set all the options to no except Check local references = yes and Rebuild operational schema=yes | F10 to begin the repair.
2) Update the client being used. In one situation, the errors would occur in both the NWAdmin 4.10.4 and NWAdmin3X. 4.11.11. The client that consistently failed was the 2.10 client. 2.12 did not have the issue. The latest client as of 9/5/1997 can be obtained from WWW.NOVELL.COM. Nest down into the Products, Product Catalog, Downloadable software to find the links for the new intraNetWare client version 2.2.
3) In one instance, the container Public Key which contained the server and other objects was corrupted. By moving the server and volume objects into a different container we were able to successfully create objects and install ARCserve onto the server. You would then need to delete and recreate the container after removing all objects from it.
4) Required a dial in to the NDS Tree to clear out objects CA Private and CA Public Keys on the container where objects could not be created . These keys are deleted with a dial in and then the Flat Cleaner re-certifies the CA Public and CA Private key for the objects in question.
document
| Document Title: | 1025 error 1718:-672 insufficient rights |
| Document ID: | 10023400 |
| Solution ID: | 1.0.43932492.2451645 |
| Creation Date: | 15Dec1999 |
| Modified Date: | 24Jan2003 |
| Novell Product Class: | Groupware NetWare Novell eDirectory |
disclaimer
The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.