Environment
NetWare 6.5
Novell NetWare 6.5
Novell NetWare 6.5
Situation
UserID was deleted and recreated.
User cannot access home directory
Admin cannot modify, delete, or add Trustee Assignment
User cannot access home directory
Admin cannot modify, delete, or add Trustee Assignment
Resolution
Use DMPTRUST.NLM to verify that the NSS GUID matches eDirectory GUID for the userid.
dmptrust
If the GUID does not match then the report for the Trustee Assignment in dmptrust.out will look like this:
Name: \USERS\C2Stephe.old
(1-0) Rights: 0xDB GUID=34700B23-0765-420B-B7-44-A9C2A4E0E72B ID=BDBA
Name=.CN=C2STEPHE.OU=Toronto.O=Org.T=TREE.
!!! NSS GUID does not match eDIR (F0A94800-B6C5-11DB-90-7B-001279D8C5A5) !!!
(2-1) Rights: 0x1FB GUID=F0A94800-B6C5-11DB-90-7B-001279D8C5A5 ID=BDBA
Name=.CN=C2STEPHE.OU=Toronto.O=Org.T=TREE.
If this is the case, use the utility syncguid to re-synchronize the NSS guid with the eDirectory for the user id. In order to be certain the NSS has up-to-date information from eDirectory run the console command:
nss /resetIDCache
Then run the syncguid command:
syncguid
If the dmptrust report shows unknown trustees or many miss matched guid's you may need to run an nss visibility rebuild with the nss maintenance command:
nss /VisibilityRebuild=