Error: "Login Failed, LDAP Server Down?"
(Last modified: 20Jan2003)
This document (10069098) is provided subject to the disclaimer at the end of this document.
fact
Novell iFolder 1.01
NSBS 6 Express default install
LDAP
NSBS 6 Standard Install
NLDAP
NSBS 6
Novell Small Business Suite 6.0
Novell NetWare 6
Novell NetWare Small Business Suite 6
symptom
Error: "Login Failed, LDAP Server Down?"
Applications that use LDAP do not work
Unable to login to the iFolder client or the iFolder Administrative Server
cause
By default iFolder sets up the LDAP hosts to listen on secured port 636 and it is through this port configuration that iFolder will authenticate users to DS. This error is seen when port 636 is not listening on the server. On a small business server this is caused by the GWIA.NCF loading before the NLDAP.NLM. If LDAP is not loaded on the server then the GWIA will implement its own LDAP service and take the ports LDAP would use (389 and 636). It can also be caused by certificate problems and the certificate defined on the LDAP SERVER object.
fix
If this is a small business server, edit the autoexec.ncf for the server and move the NLDAP.NLM to load prior to the GWIA.NCF file. Once this change is made restart the server.
Verify that the secured port for LDAP is listening. From the server console load TCPCON | PROTOCOL INFORMATION | TCP | TCP CONNECTIONS and scroll through the list. If 389 is showing but 636 is not, this is the reason iFolder authentication fails.
First, from ConsoleOne (loaded from the NetWare 6 server or with the snapins for NetWare 6) go to the properties of the LDAP SERVER object. Under the SSL configuration TAB verify that a certificate has been selected and that it is a valid certificate. To test whether the certificate is valid try loading it against the remote manager on the server. This load line can be found in SYS:\SYSTEM\AUTOEXEC.NCF for loading HTTPSTK.NLM. If the certificate is valid but the port still will not load try disabling the SSL port for LDAP again under the properties of the LDAP SERVER object under the SSL certificate tab. Once this feature is disabled go to the general tab and choose to REFRESH NLDAP SERVER. Then go back under SSL Configuration and uncheck the box for DISABLE SSL PORT and again REFRESH NLDAP SERVER. This process will unload NLDAP and reload it with SSL disabled then when unselecting the DISABLE SSL PORT option it will again unload NLDAP and reload with the SSL parameters.
Go back into TCPCON and look for port 389 and 636. Once 636 is listening at the server console type STOPIFOLDER then STARTIFOLDER and attempt a login.
document
| Document Title: | Error: "Login Failed, LDAP Server Down?" |
| Document ID: | 10069098 |
| Solution ID: | NOVL73796 |
| Creation Date: | 12Mar2002 |
| Modified Date: | 20Jan2003 |
| Novell Product Class: | NetWare Novell eDirectory Other Web Services |
disclaimer
The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.