Environment
Novell iFolder 3
Novell Open Enterprise Server 2 (OES 2) Linux Support Pack 2
Novell Open Enterprise Server 2 (OES 2) Linux Support Pack 3
Novell Open Enterprise Server 11 (OES 11) Linux Support Pack 1
Novell Open Enterprise Server 11 (OES 11) Linux Support Pack 2
Novell Open Enterprise Server 2 (OES 2) Linux Support Pack 2
Novell Open Enterprise Server 2 (OES 2) Linux Support Pack 3
Novell Open Enterprise Server 11 (OES 11) Linux Support Pack 1
Novell Open Enterprise Server 11 (OES 11) Linux Support Pack 2
Situation
iFolder newly configured using NSS volume.
Cannot login to iFolder Administration, Web interface or iFolder Client.
It is assumed here that there is really no data in the iFolder database, so iFolder can be reconfigured at will and without needing to do a back up of any data.
Cannot login to iFolder Administration, Web interface or iFolder Client.
It is assumed here that there is really no data in the iFolder database, so iFolder can be reconfigured at will and without needing to do a back up of any data.
Resolution
The 'wwwrun' user must have supervisor rights to the NSS volume path first before configuring iFolder.
iFolder NSS volume path example: /media/nss/VOL1/iFolderData
rights command example:
rights -f /media/nss/VOL1/iFolderData -r s trustee wwwrun.novell.treename
Check the rights by using the following command:
example:
rights -f /media/nss/VOL1/iFolderData effective wwwrun.novell.treename
(output should show as)
Effective Rights
---------------------
File: /media/nss/VOL1/iFolderData
---------------------
User: wwwrun.novell.treename
[supervisor, read, write, create, erase, access control, scan, modify]
Effective rights can be resynchronized to reset rights on the NSS volume using the following command:
VOL1 example: ncpcon nss resync=VOL1
After doing this, run the rights command again as in the above example.
After the above rights to the 'wwwrun' user have been done successfully, then reconfigure iFolder to the NSS volume path, but first delete the 'simias' folder found at path /media/nss/VOL1/iFolderData/ using 'rm -rf simias' and also beforehand delete the iFolderProxy user, as both of these will get created the next time iFolder is reconfigured.
iFolder NSS volume path example: /media/nss/VOL1/iFolderData
rights command example:
rights -f /media/nss/VOL1/iFolderData -r s trustee wwwrun.novell.treename
Check the rights by using the following command:
example:
rights -f /media/nss/VOL1/iFolderData effective wwwrun.novell.treename
(output should show as)
Effective Rights
---------------------
File: /media/nss/VOL1/iFolderData
---------------------
User: wwwrun.novell.treename
[supervisor, read, write, create, erase, access control, scan, modify]
Effective rights can be resynchronized to reset rights on the NSS volume using the following command:
VOL1 example: ncpcon nss resync=VOL1
After doing this, run the rights command again as in the above example.
After the above rights to the 'wwwrun' user have been done successfully, then reconfigure iFolder to the NSS volume path, but first delete the 'simias' folder found at path /media/nss/VOL1/iFolderData/ using 'rm -rf simias' and also beforehand delete the iFolderProxy user, as both of these will get created the next time iFolder is reconfigured.
- From command line the following command can be used to reconfigure iFolder:
yast2 novell-ifolder3
Click on Continue and select all three (3) check boxes to reconfigure iFolder, using the correct /media/nss/ path.(example above: /media/nss/VOL1/iFolderData)
The 'wwwrun' user must be LUM enabled. (Even if is shows it has already been LUM enabled, you may still need to run through LUM enabling it using iManager.)
Check to see that the 'wwwrun' user can resolve using the command 'id wwwrun' from command line.
If it does resolve properly check the following...
- check to see that wwwrun exists in the /etc/passwd file.
- check to see that wwwrun user exists in iManager in eDirectory.
- if wwwrun user exists in both /etc/passwd file and in eDirectory when looking at the user in iManager then do the following...
- in the /etc/passwd file then remark out the line for wwwrun user with a pound (#) sign in front, save the change and then do the command 'id wwwrun' if it says "no such user" or does not resolve properly then the 'wwwrun' user is not being resolved by eDir/LUM as it should for this to work.
- LUM enable the 'wwwrun' user in eDir using iManager and make sure you can resolve now using 'id wwwrun' command. If it resolves properly from LUM then reconfigure iFolder, but first delete the 'simias' folder found at path /media/nss/VOL1/iFolderData/ using 'rm -rf simias' and also beforehand delete the iFolderProxy user, as both of these will get created the next time iFolder is reconfigured.