When I use iManager to try to set a universal password for a user, I get
the following error:

Server configuration error - NMAS LDAP Transport Error.

When I try and set a simple password for a user, I get a more verbose

Unable to read objects from eDirectory
In order to transmit or receive NMAS data, a secure connection via
LDAP is required. Unfortunately, LDAP authentication from the web
client to the web server that hosts iManager could not be completed.
The most likely causes are that the LDAP service is not running on the
web server, or that a secure connection could not be opened to the LDAP
service. Please refer to the JSSE API User's Guide on the iManager
installation CD, and the appendix entitled "Configuring and Using SSL
for LDAP" in the Novell iManager Administration Guide for more information.

So, I guess there's something wrong with LDAP. I've tried to do some of
my own testing, but now I'm stuck.

Using the ldapbrowser utility, I have succesfully browsed all servers
using all of the 4 methods, except for two of my 4 servers, both of
which failed the "authenticated clear-text" test.
I also tried to obtain some dstrace log data for LDAP.

This is what I get:

Found available monitor 0x279
New TCP connection 0x84f405c0, monitor = 0x279, index = 1
DoBind: Rejecting unencrypted bind on cleartext port
Monitor 0x279 found connection 0x84f405c0 socket closed, err = 57, 0 of
0 bytes read
Monitor 0x279 initiating close for connection 0x84f405c0
Server closing connection 0x84f405c0, socket error = 57

I don't see any reason (i.e. any differences between working servers
and non-working servers) why it wold reject unencrypted binds.

Any suggestions as to what's going on, or how to find more info would
be apreciated.

Jim Helfer