Environment
Novell Open Enterprise Server 11 SP1 (OES11SP1)
Novell Open Enterprise Server 11 SP2 (OES11SP2)
Domain Serivces for Windows
DSFW
Situation
Ldapsearch fails when the entryDN specified in search filter contains spaces before or after comma.
Workstation join to a DSFW domain using a vb script fails when a custom computer container is used.
The end result is that workstation is not joined, while the expected result is that join has taken place.
A wireshark packet trace shows the following:
88 0.000538 172,16,32,141 172.16.32.221 LDAP 428
addRequest(10) "CN=WINXP03-01,OU=XP_STD, DC=OES11SP1, DC=COM"
89 0.000858 172.16.32.221 172.16.32.141 LDAP 101
addResponse(10) noSuchObject (NDS error: no such entry (-601))
A ndstrace +ldap shows:
1744934656 LDAP: [2013/04/23 15:06:12.250] (172.16.32.141:1358)(0x00a9:0x68)
DoAdd on connection 0x40b0c000
1744934656 LDAP: [2013/04/23 15:06:12.250] (172.16.32.141:1358)(0x00a9:0x68)
add: dn (CN=WINXPSP03-01,OU=XP_STD,DC=OES11SP1,DC=COM)
1744934656 LDAP: [2013/04/23 15:06:12.252] (172.16.32.141:1358)(0x00a9:0x68)
Cannot resolve NDS name 'OU=XP_STD.Do=oes11sp1' in ResolveAndAuthNDSName, err =
no such entry (-601)
1744934656 LDAP: [2013/04/23 15:06:12.253] (172.16.32.141:1358)(0x00a9:0x68)
Base "OU=XP_STD, DC=OES11SP1, DC=COM" not found, err = no such entry (-601)
1744934656 LDAP: [2013/04/23 15:06:12.253] (172.16.32.141:1358)(0x00a9:0x68)
Sending operation result 32:"":"NDS error: no such entry (-601)" to connection
0x40b0c000
The resolve name request is truncated,
'OU=XP_STD.Do=oes11sp1' instead of OU=XP_STD,DC=OES11SP1,DC=COM being used
which is the reason for the -601 error being returned.
Resolution
The changes that will be done as part of this bug fix are:
1. Supporting the lookup of computer names which comes as part of tgs requests and the name is without '$'.
2. Password change for the cluster node was failing with access denied error is part of this fix.
Additional Information
Fix is in the July 2013 Maintenance Patch