Running Edirectory And Imanager On The Same Machine (Windows Only); Section 8.11, "Running Edirectory And Imanager On The Same Machine (Windows Only) - Novell IMANAGER 2.7.3 - ADMINISTRATION Administration Manual

8.11 Running eDirectory and iManager on the
Same Machine (Windows only)
If iManager was installed before eDirectory, you might experience any of the following errors when
using iManager, LDAP(S), or HTTP(S) to access eDirectory.
-340 error when trying to access encrypted attributes with iManager
LDAP : SSL_CTX_use_KMO failed. Error stack: error:1412D0D4:SSL
routines:SSL_CTX_use_KMO:read wrong packet type (err = -1418)
HTTP : 0016 TLS operation failed, err: 1, result: -1 --
HTTP : -- error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher
HTTP : 0017 TLS operation failed, err: 1, result: -1 --
HTTP : -- error:1406B0BD:SSL routines:GET_CLIENT_MASTER_KEY:no p
rivatekey
HTTP : Unable to access server certificate and key, handshakes will fail
HTTP : -- error:1412D0D4:SSL routines:SSL_CTX_use_KMO:read wrong packet type
Limber : Error while setting NCP Key Material Name SSL CertificateDNS to
server, Err: failed, -340 (0xfffffeac)...
Limber : Error During syncKeyMaterialInfo -340 (0xfffffeac)
It could be that eDirectory's initial system configuration has not occurred. The user who installed
eDirectory and the user who is running the eDirectory server must coordinate the eDirectory
configuration. Generally, eDirectory is installed as administrator and is run as SYSTEM. You can
manually correct this issue, but an understanding of eDirectory, iManager, NICI, and other currently
installed products is necessary. You must determine if the following steps are safe to perform. You
should also check the product's documentation and dependencies to see if any long-term encrypted
data or secrets are used.
If eDirectory and iManager are installed on the same physical machine, you can manually configure
eDirectory after eDirectory installation.
NOTE: You should not do this if eDirectory was installed at a previous time and has been
successfully running on the current machine.
1 Log in as an administrator.
2 Stop the eDirectory server and the Tomcat service.
Also stop any other service that may be using NICI.
3 Take ownership of the
Do this from the file properties' Security > Advanced Options.
4 Save the contents of the
5 Delete the contents of the
6 Copy the contents of
%systemroot%\system32\novell\NICI\SYSTEM
7 You can reset the permissions of
contents so that only SYSTEM has access.
8 Restart the NDS Server and Tomcat services and any other service you may have stopped.
%systemroot%\system32\novell\NICI\SYSTEM
directory in a backup directory.
SYSTEM
directory.
SYSTEM
%systemroot%\system32\novell\NICI\Administrator
%systemroot%\system32\novell\NICI\SYSTEM
--
directory.
to
and its
Troubleshooting 93