pintoa2000
asked on
Novell Account Management
We use Novell Account Management 2.1 on our NT domain controllers. We have Edirectory 8.7 running on Netware 5.5, 6.0 & 6.5.
Most of our clients are windows XP and some are Windows 2000 , all part of the NT domain running AM 2.1. Our applications are running on W2K/IIS with integrated authentication. When a user logs in on his/her workstation using the Novell 4.9 client, he is automatically signed on to the NT domain in the background . He then accesses the applications running on IIS and is automatically signed in since he has already authenticated to the domain.
Every few days are users experience a problem when accessing the IIS applications, ie. they are prompted for an id and password for the IIS applications. Although they have signed in to the domain. When we remote console to the PDC , we find that we cannot login on the PDC as well. The only solution is to restart the pdc after which authentication for both IIS apps and Client login is fine.
We have 1 PDC and 1 BDC, both running NT 4.0 , SP6.
Does anyone have a idea on how we can solve this.. ?
Thanks
Most of our clients are windows XP and some are Windows 2000 , all part of the NT domain running AM 2.1. Our applications are running on W2K/IIS with integrated authentication. When a user logs in on his/her workstation using the Novell 4.9 client, he is automatically signed on to the NT domain in the background . He then accesses the applications running on IIS and is automatically signed in since he has already authenticated to the domain.
Every few days are users experience a problem when accessing the IIS applications, ie. they are prompted for an id and password for the IIS applications. Although they have signed in to the domain. When we remote console to the PDC , we find that we cannot login on the PDC as well. The only solution is to restart the pdc after which authentication for both IIS apps and Client login is fine.
We have 1 PDC and 1 BDC, both running NT 4.0 , SP6.
Does anyone have a idea on how we can solve this.. ?
Thanks
Here's a great TID to look at first when you are having Acct. MgMt issues:
http://support.novell.com/cgi-bin/search/searchtid.cgi?/10075375.htm
http://support.novell.com/cgi-bin/search/searchtid.cgi?/10075375.htm
Pintoa2000,
How many clients do you have accessing the BDC/PDC? I found the following Microsoft documentation that references these error messages.
http://support.microsoft.com/default.aspx?scid=kb%3BEN-US%3B154398
It makes reference to installing NT 4.0 SP6a
How many clients do you have accessing the BDC/PDC? I found the following Microsoft documentation that references these error messages.
http://support.microsoft.com/default.aspx?scid=kb%3BEN-US%3B154398
It makes reference to installing NT 4.0 SP6a
And just an FYI, seeing as you have NetWare v6.5 in your network - NetWare v6.5 with SP2 or later can function as a DC in the Windoze Domain. So, if you're willing to re-engineer a bit, you might not even need to have an actual Windoze DC.
ASKER
Psi,
That is real news to me.. Do you have any documentation that I can refer to. We are at the cross roads here with NT 4 becoming end of life in December. Since I dont like MS AD and since we have a robust Edirectory setup, we were looking at putting in Linux/Samba . But your suggestion is an excellent one and I will investigate this further , however if you could send me more information that would be great.
That is real news to me.. Do you have any documentation that I can refer to. We are at the cross roads here with NT 4 becoming end of life in December. Since I dont like MS AD and since we have a robust Edirectory setup, we were looking at putting in Linux/Samba . But your suggestion is an excellent one and I will investigate this further , however if you could send me more information that would be great.
ASKER
hendrixl,
we have sp6a on the DC's.
mojo,
Checked the TID no information I can use there.
Really need to fix this problem.
Thanks
we have sp6a on the DC's.
mojo,
Checked the TID no information I can use there.
Really need to fix this problem.
Thanks
I'll dig up where I found that reference. I saw it in black-n-white, but I'll be Micro$ofted if I can remember where right this second.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Will look through them and get back to you if this is feasible in our environment.. cant think why not .
Also , any cluse on the the problem.
Thanks
Also , any cluse on the the problem.
Thanks
Sounds more like a PDC problem than a NAM problem.
How about the PDC's swapfile/paging file? Is is a fixed size, and is it on a different volume than the SAM database?
How big is the SAM database? Have you ever compacted it? (one of the joys of using Windoze domains...)
Has the PDC been defragged lately?
How about the PDC's swapfile/paging file? Is is a fixed size, and is it on a different volume than the SAM database?
How big is the SAM database? Have you ever compacted it? (one of the joys of using Windoze domains...)
Has the PDC been defragged lately?
ASKER
Shineon
That is a really good question and we have never looked into any of the aspects that you mention.
Will look into it tommorrow and get back to you.
I think you may have something there.. too bad the points are only 500.. cos if any of your suggestions are good I think its worth a lot more..
Maybe you and Psi should think about moving to more lucrative surroundings.
That is a really good question and we have never looked into any of the aspects that you mention.
Will look into it tommorrow and get back to you.
I think you may have something there.. too bad the points are only 500.. cos if any of your suggestions are good I think its worth a lot more..
Maybe you and Psi should think about moving to more lucrative surroundings.
*chuckle* In another Question, we traded info on where the 3 of us (DSPoole, ShineOn and myself) were located, and found out we have the whole country covered (West Coast, Middle North America, East Coast; in that order).
I just not the salesman to hang out my own shingle - I can't lie...excuse me, exaggerate...to prospective customers enuf to impress them more than the smooth-talking salesperson who's next in line for the decision-maker's time. Altho I do a little freelancing.
And all that's fascinating, I'm sure, but it doesn't get you any closer to a solution, pintoa2000. Cleaning up the NT disk environment is a good idea; even if it doesn't solve this particular problem, it may solve/prevent others.
I just not the salesman to hang out my own shingle - I can't lie...excuse me, exaggerate...to prospective customers enuf to impress them more than the smooth-talking salesperson who's next in line for the decision-maker's time. Altho I do a little freelancing.
And all that's fascinating, I'm sure, but it doesn't get you any closer to a solution, pintoa2000. Cleaning up the NT disk environment is a good idea; even if it doesn't solve this particular problem, it may solve/prevent others.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER