Novell Home

Making Native File Access work after Certificate Server Reinstallation

Novell Cool Solutions: Feature
By Roger Carlsson

Digg This - Slashdot This

Posted: 2 Mar 2004
 

After the reinstallation of Novell Certificate Server, I've found that the NativeFileAccess doesn't work. If you create a new user the NFA works, but it won't work for users created with the old CA. If you try to set the simple password for an old user, you get the 1418 error.

The problem here is that the user has the old information about the old CA server. You have to recreate the SAS:Login Configuration and SAS:Login Configuration Key Attributes for every user.

You can do this with ConsoleOne. (You have to load ConsoleOne with no snapins.) Or you can use dsrepair CAREFULLY !!!!!! Here's how.

  1. Load DSREPAIR -sx"SAS:Login Configuration" run either an Unattended Full or Advanced Options menu | Repair local DS database | Rebuild operational schema, then EXIT.


  2. Load DSREPAIR -sx"SAS:Login Configuration Key" run either an Unattended Full or Advanced Options menu | Repair local DS database | Rebuild operational schema, then EXIT.


  3. Run ConsoleOne and create the Simple Password for each user.

    OR run NetWare Remote Manager | Manage eDirectory | NFAP Security | NFAP Multi-User Simple Password Set Utility.

    OR run AFPTCP cleartext and have the users login from a MAC with their NDS password.

Note: Obviously, one must be VERY careful running DSREPAIR with the -sx switch. This switch will remove any attribute specified for the ENTIRE partition. If you have single users that need these SAS-related attributes deleted, use ConsoleOne.

If you have any questions you may contact Roger atroger.carlsson@invid.se


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell