DNS fails to start - CASA Credential Not found
This document (7006446) is provided subject to the disclaimer at the end of this document.
Novell Open Enterprise Server 2SP2
Novell Open Enterprise Server 2SP3
Domain Services for Windows
DNS fails to start
novell-named fails to start
The /var/opt/novell/log/named/named.run shows the following:
28-Jun-2010 12:02:52.938 general: main: notice: starting BIND 9.3.2 -u named
28-Jun-2010 12:02:52.947 general: dns/message: error: Credential Not found
28-Jun-2010 12:02:52.947 general: dns/db: critical: CASA Error has occured, error:No credential is retrived from CASA
28-Jun-2010 12:02:52.947 general: dns/db: warning: Could not open the credential file
28-Jun-2010 12:02:52.947 general: dns/db: critical: No credential found in the file
28-Jun-2010 12:02:54.986 general: dns/db: critical: Failed to load RRs of a zone with error -109
28-Jun-2010 12:02:54.986 general: dns/hints: warning: Loading Root data from directory Failed
28-Jun-2010 12:02:54.988 general: server: info: loading configuration from '/etc/opt/novell/named/named.conf'
28-Jun-2010 12:02:54.988 config: isccfg/parser: error: none:0: open: /etc/opt/novell/named/named.conf: file not found
28-Jun-2010 12:02:54.997 general: server: critical: loading configuration: file not found
28-Jun-2010 12:02:54.997 general: server: critical: exiting (due to fatal error)
The CASA keys for the dns-proxy are missing.
CASA is selected by default and is recommend since it is more secure than using the file option.
To create the CASA credentials install the CASAcli client.
Do a search in YaST or zypper for casa-cli.
From the terminal do the following casacli commands to list your keys and create the keys.
In the last KEYVALUE listed the "-k Password" is exactly what you enter.
Do not enter the actual password of the dns-proxy user as that was done at the beginning just after "KEYVALUE=".
For the <dns-proxyuser and context> put your fully qualified/distinguished dns-proxy user. Do not include the <>.
EXAMPLE: If the proxy user is admin.novell put cn=admin,o=novell
Here are the relevant CASAcli commands:
CASAcli -l (this will list your current CASA keys)
CASAcli -h (this will give you help to delete/recreate keys)
To store the proxy user and context:
KEYVALUE=<your-dns-proxy-user and context - see the example above> CASAcli -s -n dns-ldap -k CN
KEYVALUE= cn=admin,o=novell CASAcli -s -n dns-ldap -k CN
To store that proxy users password in CASA:
KEYVALUE=<the proxy user's password> CASAcli -s -n dns-ldap -k Password
KEYVALUE= adminpassword CASAcli -s -n dns-ldap -k Password
Be sure novell-xregd is running before starting novell-named.
After creating or resetting the keys, try starting novell-named.
This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.