ZDM 7.0.1 IR3a HP2 running on NSS volume on a NCS cluster.
Nodes are SLES10SP1/OES2.
I am trying to get Automatic Workstation Import working but it cannot find the Import Policy. I *think* the cause is the LDAP lookup.
I have a working DNS entry for zenwsimport.
I can import manually (zwsreg) when I specify the policy and no importserver.
I would appreciate any pointers in this.

My 'novell-zdm-awsi.conf' is below, followed by an excerpt from my 'awsi.log'.
[By the way, I did try specifying my main NDS server in the LDAP statement but it made no difference]
-----------------------------------------------------------

# Specify the IP/DNS address of the eDir LDAP server
# where the workstation objects will be created/deleted
# default=localhost
#LDAP_SERVER=localhost
#LDAP_TREENAME=YOUR_TREE_NAME

# Specify the Clear Text LDAP port for the LDAP server specified above
# default=389
#LDAP_PORT=389

# Specify the SSL LDAP port for the LDAP server specified above
# default=636
#SSL_PORT=636

# Specify the HTTP listening port for the WS import service
# default=8039
#PORT=8039

# Specify the path of nds.conf
# Setting to a default path to be backwards compatible to pre-
# eDirectory 8.8 installations
# default=/etc/nds.conf
NDS_CONF_FILE=/etc/opt/novell/eDirectory/conf/nds.conf


# Specify the distinguished name of the Server object
# that represents this server
# example: T=SKIER,O=NOVELL,OU=SERVERS,CN=MY_SERVER
# If no DN is specified here, the service will attempt to determine the local
# machine's DN and use it.
SERVER_DN=T=ODYSSEY,O=SEABOURN,OU=ODY,OU=SERVER,CN =ODY-FIL1

# Specify which service(s) to start
START_IMPORT_SERVICE=true
START_REMOVAL_SERVICE=true

# Specify the log location. If no location is set, no log
# will be generated
IMPORT_SERVICE_LOGFILE=/var/opt/novell/log/zenworks/awsi.log
REMOVAL_SERVICE_LOGFILE=/var/opt/novell/log/zenworks/awsr.log

# Specify the log level for log events reported to the console
# default=-1, valid levels are 0 to 3, 3 being the most verbose
loglevel=-1

# Specify the log level for log events reported to the log file
# default=-1, valid levels are 0 to 3, 3 being the most verbose
logfilelevel=3
------------------------------------------------------
---------------------------------------------------------
Jan 7, 2009 2:48:12 PM Connection opened: /172.22.100.239:1039
Jan 7, 2009 2:48:12 PM Header = POST /oneNet/wsimport HTTP/1.1
NovINet: v2.0
User-Agent: ZenHttp
Host: zenwsimport:8039
Content-Length: 892
Connection: Keep-Alive

Jan 7, 2009 2:48:12 PM contentLength = 892
Jan 7, 2009 2:48:12 PM bytesRead=892 byteCount=892
Jan 7, 2009 2:48:12 PM Content is UTF-16LE encoded.
Jan 7, 2009 2:48:12 PM request = <?xml version="1.0" encoding="UTF-16LE"?>
<new_ws>
<computer>CHANGE-760</computer>
<cpu>PENTIUM PRO</cpu>
<dns>CHANGE-760.seabourn.com</dns>
<subnet_mask>255.255.255.0</subnet_mask>
<ip>172.22.100.239</ip>
<ipx></ipx>
<mac>00:21:9B:16:CD:E2</mac>
<os>WINXP (5.1 Service Pack 3)</os>
<server>ODY-DIR2</server>
<user_dn>[Public]</user_dn>
<login_count>0</login_count>
<auditing_version>7.0.1.0</auditing_version>
</new_ws>

Jan 7, 2009 2:48:12 PM OS = <linux>
Jan 7, 2009 2:48:12 PM FindImport Policy serverDN = CN=ODY-FIL1.OU=SERVER.OU=ODY.O=SEABOURN
Jan 7, 2009 2:48:12 PM javax.naming.CommunicationException: anonymous bind failed: localhost:636 [Root exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Couldn't find trusted certificate]
Jan 7, 2009 2:48:12 PM No import policy found.
Jan 7, 2009 2:48:12 PM Connection closed: /172.22.100.239:1039