Hello Everyone,

I have a bit of a sticky problem that hopefully will be very simple for those well-versed in NMAS. I am going to try to write it out as simply as I can:

The Problem:
I recently migrated a Netware server to OES using Novell's miggui tool. After the migration, users outside the partition held by the migrated server can log in via AFP, but users within that partition cannot. That is, the local replica is ou=1221,ou=d1,o=ecsd. So cn=user1,ou=0561,ou=d1,o=ecsd could connect via AFP (with appropriate rights) but user cn=goldfinger,ou=1221,ou=d1,o=ecsd cannot.

Things I Have Verified:
That AFP contexts are set up correctly. That Universal Password is set (I even created a new user in case old users had a bad attribute of some sort). That the afplinlsm login method is correctly set up and configured in the tree. Users in the local partition CAN do an AFP logon to a second server at the site (Netware 6.5) that does not have a replica.

What I Suspect:
That the afplinlsm method is not being correctly loaded by the migrated server, but that AFP is otherwise working fine and that there is no problem with the users. Since logins to this OES server for users outside of the server partition are working (i.e. are passed to another server), but logins for users local to the server are not, then it is a problem specific to this server, and specific to AFP (since users in the server's partition can log in via the Novell client and via SSH without difficulty).

Further Proof:
/var/opt/novell/eDirectory/data/nmas-methods/AFPLINLSM_X64.SO exists with same rights as other files in the same directory.
Running install_afp_lsm.sh quits with NMAS error -1699 (indicating that a newer version is installed already, which is good)

The AFP log gives me lines like:
Dec 6 16:54:54 m1221 afptcpd[24137]: [debug] LDAP user name: cn=goldfinger,ou=1221,ou=D1,o=ECSD
Dec 6 16:54:57 m1221 afptcpd[24137]: [error] User authentication failed for user: cn=goldfinger,ou=1221,ou=D1,o=ECSD, Err:-1660
Dec 6 16:54:57 m1221 afptcpd[24137]: Closing session: 39 <0x7ba010>, Socket: 34, Pending requests: 0


Dstrace for NMAS on the migrated server gives me lines like:
17:06:04 4BC88940 00000000 -1 NMAS: 2359431: Login Sequence afplinlsm not valid.
17:06:04 4BC88940 00000000 -1 NMAS: 2359431: Login Sequence NDS is valid.
17:06:04 4BC88940 00000000 -1 NMAS: 2359431: ERROR: -1660 Client can not do requested login sequence "afplinlsm"
17:06:04 4BC88940 00000000 -1 NMAS: 2359431: ERROR: -1660 CanDo

Shape of the Solution?:
I think I need to tell the server that it can use AFPLINLSM_X64.SO for NMAS, but I am unsure how to proceed.

Johnnie Odom
Network Services
School District of Escambia County