DSfW: OES11SP2 - SLAPI Configuration fails in Provisioning wizard

  • Document ID:7015779
  • Creation Date:15-Oct-2014
  • Modified Date:17-Jul-2015
    • Micro Focus Products:
      eDirectory
      Open Enterprise Server
    • SUSE Products:
      SUSE Linux Enterprise Server

Environment

Novell Open Enterprise Server 11 SP2 (OES11SP2)
Domain Services for Windows
DSfW

Situation

Only seen in OES11SP2 

FRD name mapped install

SLAPI Configuration fails in Provisioning wizard

Can not contact ldap server

Resolution

Delete the SSL Certificate DNS and then recreate.
To recreate iManager or ndsconfig
  1. ndsconfig add -m sas
  2. iManager | Certificate Server | Create Default Certificates | Browse and select server | then click Next | click Next | click Finish
  3. Either - Restart eDirectory or nldap, so it recognizes the new certificate  (nldap can be restarted by unloading and reloading using, nldap -u; nldap -l from the command line or using, unload nldap; then load nldap from the ndstrace console. 
  4. Close and relaunch the DSfW Provisioning Wizard

Cause

The SSL Certificate DNS has a subject with the IP address instead of the DNS name.

When the SSL Certificate DNS is deleted and recreated, the subject then shows the correct name (dns name) and the slapi task completes.

Additional Information

Importing /var/opt/novell/xad/ds/domain/nldap-delete-classlist.ldif
2014-02-14 08:24:17 connect and bind.. 127.0.0.1, 389, cn=rick,o=rick, /etc/opt/novell/certs/SSCert.pem
Importing /var/opt/novell/xad/ds/domain/nldap.ldif

2014-02-14 08:24:17 connect and bind.. 127.0.0.1, 389, cn=rick,o=rick, /etc/opt/novell/certs/SSCert.pem
2014-02-14 08:24:17 Executing LD_PRELOAD=/opt/novell/xad/lib64/libadmpasswd.so.2 /usr/bin/ldapmodify -x -H ldaps://dsfw1.test.com:636 -D 'cn=rick,o=rick' -w ***** -f /var/opt/novell/xad/ds/domain/nldap-UniqueDomainID-index.ldif
Index Definition addition for uniqueDomainID attribute on the NCP server object failed.
 [ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)] at /opt/novell/xad/lib64/perl/XAD/nds.pm line 531.

 at /opt/novell/xad/lib64/perl/Logger.pm line 120
	Logger::_err('Index Definition addition for uniqueDomainID attribute on the...') called at /opt/novell/xad/lib64/perl/Logger.pm line 211
	Logger::Log(0, 'Index Definition addition for uniqueDomainID attribute on the...') called at /opt/novell/xad/lib64/perl/XAD/nds.pm line 535
	nds::uniqueDomainID_indexing() called at /opt/novell/xad/lib64/perl/XAD/nds.pm line 578
	eval {...} called at /opt/novell/xad/lib64/perl/XAD/nds.pm line 552
	nds::configure_nldap_objects('frd_install=HASH(0x792e88)') called at /opt/novell/xad/share/dcinit/provision/provision_config_slapi.pl line 47
2014-02-14 08:24:17,527 INFO  - SLAPI Configuration:SLAPI Configuration  returned.