Users get "too many simultaneous connections" error after NDS removed from NetWare 6.5 server
We removed NDS from the server "M", after creating a new Master replica (of the single partition for this tree) on a new server "M6". Other servers in this tree (M2, M4) have had Read/Write replicas for quite a while. The goal was to phase out server M, which was no longer used except for a few print queues and to hold the master replica.
(We discovered later that many print queues were still being used, and that issue was addressed under a different question at https://www.experts-exchange.com/questions/21830584/Print-queues-moved-to-new-server-now-Status-Not-Available-How-do-we-fix-this-problem.html )
While removing NDS from the server M, all references to M were automatically removed as part of the process. Any user that was connected to the server M now get an error regarding too many simulatneous connections. Other than increasing the number of simultaneous connections for each of these many users, how can we correct this?
Is there a way to use DSRepair to clear all connection information other than current connections? We have increased the number of connections for a few power users, but would like to avoid making this change for all users.
(We discovered later that many print queues were still being used, and that issue was addressed under a different question at https://www.experts-exchange.com/questions/21830584/Print-queues-moved-to-new-server-now-Status-Not-Available-How-do-we-fix-this-problem.html )
While removing NDS from the server M, all references to M were automatically removed as part of the process. Any user that was connected to the server M now get an error regarding too many simulatneous connections. Other than increasing the number of simultaneous connections for each of these many users, how can we correct this?
Is there a way to use DSRepair to clear all connection information other than current connections? We have increased the number of connections for a few power users, but would like to avoid making this change for all users.
I agree - its a licensing issue. Make sure the licence object in the eDirectory Tree is properly associated with the other servers.
ASKER
There are three license objects, each associated to server M6, M4, M2 respectively:
NLS_LSP_M6
NLS_LSP_M4
NLS_LSP_M2
In the Security container, when I right-clicked on the W_Tree Organizational CA object, a message appeared titled "No Host Server Specified", which displayed the following text:
This object is non-functional because the "Host Server Attribute" is missing. This attribute specifies the server which can process actions that require the private key for the associated public key certificate. Operations associated with the certificates in this object will fail. See Novell Technical Information Document (TID) 10056795.
We tried to follow the instructions in TID 10056795, but found that the WO object (within the KAP container) did not contain the NDSPKI:SD Key Server DN as mentioned early in
"b. Using ConsoleOne, open the Properties of the W0 object. Click the Other tab. Modify the NDSPKI:SD Key Server DN to refer to the server selected ..."
Any ideas?
NLS_LSP_M6
NLS_LSP_M4
NLS_LSP_M2
In the Security container, when I right-clicked on the W_Tree Organizational CA object, a message appeared titled "No Host Server Specified", which displayed the following text:
This object is non-functional because the "Host Server Attribute" is missing. This attribute specifies the server which can process actions that require the private key for the associated public key certificate. Operations associated with the certificates in this object will fail. See Novell Technical Information Document (TID) 10056795.
We tried to follow the instructions in TID 10056795, but found that the WO object (within the KAP container) did not contain the NDSPKI:SD Key Server DN as mentioned early in
"b. Using ConsoleOne, open the Properties of the W0 object. Click the Other tab. Modify the NDSPKI:SD Key Server DN to refer to the server selected ..."
Any ideas?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
We will give the TID 10056795 a try, then report the results here. Thanks.
Check your user license containers, and make sure they have no SERVER associations. Only server licenses should be associated to a server. The server association properties still exist in the user license objects, but they should not be used with NW6.0 and above.
Side issues regarding licensing:
Make sure user licenses are installed close to the user - in other words, and especially if you have no read/write replica of [Root] or if you're partitioned with separate [Root] and Organization partitions a read/write replica of org, at a location, then don't put all the user licenses in the org container. Put them in the top-level OU for that site's partition, at or above the OU(s) that hold(s) that site's users.
If you have a flat tree, you MUST have a read/write replica of the container that has the licenses at each site, or you'll be authenticating across the WAN.