DSfW: ADC install fails NDS error: bad password (-222)

Document ID:7011732
Creation Date:30-Jan-2013
Modified Date:30-Jan-2013
- Micro Focus Products:
  eDirectory
  Open Enterprise Server
- SUSE Products:
  SUSE Linux Enterprise Server

Environment

Novell Open Enterprise Server 11 SP1 (OES11SP1)

Domain Services for Windows
DSfW

Situation

Installing an ADC fails with "NDS error: bad password (-222)"
OES11SP1 ADC install into a Name Mapped domain (no patches)
PDC is OES11SP1 November Maintenance Patch

Resolution

Setting the passwordExpirationTime on the administrator to a date in the future or removing the password expiration on the password policy, or setting a new password before installing an ADC is the current workaround until a bug fix.

Cause

The Administrators password is good, but the expiration date is older than thecurrent date. The Administrator user is assigned the domain password policyand has the nspmDoNotExpirePassword set to TRUE.

The Administrator password is being interpreted as expired if the expiration date isolder than the current date and the nspmDoNotExpirePassword attribute is set toTRUE.The nspmDoNotExpirePassword attribute should override and the passwordexpiration. Instead the nspmDoNotExpirePassword is interpreted as FALSE on a DSfW server.