Novell Home

My Favorites

Close

Please to see your favorites.

Error: "Status : 403 Forbidden Error. Description : User Name Mismatch"

(Last modified: 28Nov2001)

This document (10065296) is provided subject to the disclaimer at the end of this document.

fact

iChain 2.0

symptom

Error: "Status : 403 Forbidden Error. Description : User Name Mismatch"

fix

Using Novell Certificate Authority on the LDAP Server ( NW 5.1 with SP3, NICI 2.0.1, PKIS 2.2.0) for MUTUAL authentication.  When the accelerator has just the MUTUAL Cert Profile,  the user can login using his/her certificate (generated from the Novell CA).   The protected resource is restricted.  

Now if the LDAP Profile (pointing to the same eDir tree) is assigned (AND) with the MUTUAL Cert Profile then after the SSL Server & Client Handshake is over and the user credentials are provided in the LDAP user login auth page, one gets the following error:

Information Alert

Status : 403 Forbidden Error
Description : User Name Mismatch

This problem is due to the User Certificate being created by a Novell Certificate Server v2.0 SnapinVer 2.3a for ConsoleOne 1.2c & 1.2d which has the following format:

(for eg.,) CN=user1020.OU=stress.O=novell

WorkAround:
 
Use the Novell Certificate Server v2.0 Snapin Ver 2.21 for ConsoleOne to create the user certificate which would have the following format by default ie.,

 (for eg.,) O=novell.OU=stress.CN=user1020

Import this certificate at the user workstation (after deleting the previous) and then use this to login.

disclaimer

The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.

  • Document ID:
  • 10065296
  • Solution ID: NOVL60510
  • Creation Date: 11Oct2001
  • Modified Date: 28Nov2001
    • NetIQiChain

Did this document solve your problem? Provide Feedback