18.11 The change_proxy_pwd.sh Script Fails to Synchronize Password

Whenever the common proxy user password is not synchronized across OES Credential Store, eDirectory and various other OES services, the change_proxy_pwd.sh script fails with the following error: NDS error failed authentication -669.

To resolve:

  1. Take a note of the current proxy user name and password using the following commands:

    /opt/novell/proxymgmt/bin/cp_retrieve_proxy_cred username
    /opt/novell/proxymgmt/bin/cp_retrieve_proxy_cred password 
  2. Try logging into NDS using the following command: ndslogin <proxy user name in dot format>. Example: ndslogin cn=OESCommonProxy_wgp-drs22.o=novell.

    Successful login indicates that the common proxy credentials are in sync with eDirectory and OES Credential Store. If the login is unsuccessful, change the common proxy user password in eDirectory using iManager, then follow Step 1 and Step 3.

  3. To synchronize the passwords across OES Credential Store, eDirectory and various other OES services, export the proxy user password to the service specific environment variable, then run the service specific proxy credential script (<service_name>_update_proxy_cred.sh) that is available at /opt/novell/<service_name>/bin.

    For example, to synchronize the password of the CIFS service with OES Credential Store and eDirectory:

    • Export the proxy user password to the CIFS environment variables using the export OES_CIFS_DATA="proxy user password retrieved in Step 1" command.

    • Run the CIFS proxy credentials update script using the /opt/novell/cifs/bin/cifs_update_proxy_cred.sh <specify proxy username retrieved in Step 1> command.

    Repeat this step for each of the services installed on your OES server.