Hi,

I have an iFolder 3.8.4.0 master server configured and working with an AD server. I am now trying to add a second iFolder server as a slave in this iFolder domain. I'm running simias-server-setup and choosing "Y" when I get to the "Slave Server?" prompt. I'm putting in the same iFolder admin user and proxy user and passwords that I used for the master server. However, I get a failure at the end that indicates a credential error. Since the conversation is SSL-encrypted, I can't get much useful information in a WireShark trace. I should note on this same server, if I configure it as another master, it works perfectly against the AD server with SSL, so I'd have to believe the SSL cert for the AD server is properly imported. Is there any type of debug logging I can enable or more detailed output tracing I can do to determine why this is failing?

Here is the error at the end of the simias-server-setup script:


----------- excerpt ---------------------

Ldap certificate :

Mono Certificate Manager - version 2.6.4.0
Manage X.509 certificates and CRL from stores.
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2008 Novell. BSD licensed.


X.509 Certificate v3
Issued from: DC=local, DC=wwt, DC=test, CN=testad1
Issued to: CN=TESTAD1.test.wwt.local
Valid from: 02/06/2012 05:20:54
Valid until: 02/05/2013 05:20:54


----- ACCEPT LDAP CERTIFICATE -----


Accept LDAP Certificate? [Y]:
Done
Connecting to ldaps://10.2.2.164/...
at Novell.Directory.Ldap.LdapResponse.chkResultCode () [0x00000] in <filename unknown>:0
at Novell.Directory.Ldap.LdapConnection.chkResultCode (Novell.Directory.Ldap.LdapMessageQueue queue, Novell.Directory.Ldap.LdapConstraints cons, Novell.Directory.Ldap.LdapResponse response) [0x00000] in <filename unknown>:0
at Novell.Directory.Ldap.LdapConnection.Bind (Int32 version, System.String dn, System.SByte[] passwd, Novell.Directory.Ldap.LdapConstraints cons) [0x00000] in <filename unknown>:0
at Novell.Directory.Ldap.LdapConnection.Bind (Int32 version, System.String dn, System.String passwd, Novell.Directory.Ldap.LdapConstraints cons) [0x00000] in <filename unknown>:0
at Novell.Directory.Ldap.LdapConnection.Bind (System.String dn, System.String passwd, AuthenticationTypes authenticationTypes) [0x00000] in <filename unknown>:0
at Novell.Directory.Ldap.LdapConnection.Bind (System.String dn, System.String passwd) [0x00000] in <filename unknown>:0
at Novell.iFolder.Utility.LdapUtility.Connect () [0x00000] in <filename unknown>:0
at Novell.iFolder.SimiasServerSetup.SetupLdap () [0x00000] in <filename unknown>:0
Removing slave from master
Url https://testif1.wwt.com/simias10/HostAdmin.asmx
Url https://testif1.wwt.com/simias10/DomainService.asmx
Failed

LdapException: (49) Invalid Credentials
LdapException: Server Message: 80090308: LdapErr: DSID-0C0903AA, comment: AcceptSecurityContext error, data 525, v1772
LdapException: Matched DN:
at Novell.Directory.Ldap.LdapResponse.chkResultCode () [0x00000] in <filename unknown>:0
at Novell.Directory.Ldap.LdapConnection.chkResultCode (Novell.Directory.Ldap.LdapMessageQueue queue, Novell.Directory.Ldap.LdapConstraints cons, Novell.Directory.Ldap.LdapResponse response) [0x00000] in <filename unknown>:0
at Novell.Directory.Ldap.LdapConnection.Bind (Int32 version, System.String dn, System.SByte[] passwd, Novell.Directory.Ldap.LdapConstraints cons) [0x00000] in <filename unknown>:0
at Novell.Directory.Ldap.LdapConnection.Bind (Int32 version, System.String dn, System.String passwd, Novell.Directory.Ldap.LdapConstraints cons) [0x00000] in <filename unknown>:0
at Novell.Directory.Ldap.LdapConnection.Bind (System.String dn, System.String passwd, AuthenticationTypes authenticationTypes) [0x00000] in <filename unknown>:0
at Novell.Directory.Ldap.LdapConnection.Bind (System.String dn, System.String passwd) [0x00000] in <filename unknown>:0
at Novell.iFolder.Utility.LdapUtility.Connect () [0x00000] in <filename unknown>:0
at Novell.iFolder.SimiasServerSetup.SetupLdap () [0x00000] in <filename unknown>:0

FAILED

---------------------------------------

In troubleshooting this error, I've noticed that when I re-run the simias-server-setup and point to the existing location of the Simias.config file that was partially created, when it gets to the point where it asks the admin user dn, it inserts an additional "dc=test" in the string below when it auto-suggests the admin user in [brackets]:

cn=ifadmin,cn=Users,dc=test,dc=test,dc=wwt,dc=loca l

I found this line in the master server's Simias.config file and corrected it to reflect the proper dn for the ifadmin user:

cn=ifadmin,cn=Users,dc=test,dc=wwt,dc=local

I then re-ran the simais-server-setup, and this time it auto-suggested the correct path, however it fails with a different error that states the admin user is in an invalid context, and it shows the "cn" of Users as an "ou":

cn=ifadmin,ou=Users,dc=test,dc=wwt,dc=local

So something is different between the master and slave configuration in the setup program, but I can't tell what I need to enter to make it work. Any suggestions would be greatly appreciated!!

Best regards,
Greg