MAS LDAP Password change...

[bholzi88]

Greetings,

I have a system half alive right now. When attempting to start VMSC I get an error: "Unable to connect to the Message Application Server. Before continuing, ensure that it's MM Application Server service has started. (80045930) LDAP_INAPPROPRIATE_AUTH: Authentication is inappropriate. accompanied with 1642 errors for heart beat an a hand-full of ocrpc errors, and event ID: 1886 Unable to open directory on server *mss hostname* (Authentication is inappropriate.) on the app event log.

I believe all of these point to one thing: the LDAP password on the MAS is not correct for whatever reason. I did an analysis of the DCT file and found it not specified......which was strange considering it shouldn't have installed.

Anyways, I understand where to change the LDAP password and info in the MSS, however changing it in the MAS? Never done that before.

Any help?

-Brian

 

[bholzi88]

This is an MM 5.2 SP 8 - BTW

 

[bholzi88]

RECENT DEVELOPMENT: It helps when the cabling is right for the private LAN...

ANOTHER ISSUE: My Voicemail Domain is coming up blank... VMSC is open and I see Voice Mail Domains but there are no utilities under it... What could cause this?

 

[kepetersen]

The VMSC won't start if the MSS is down. Verify under Server Status that both databases (top / bottom 2 lines shows In Service and UP. Verify on the MSS the Trusted Servers are pointing to the MAS by the private IP interface (192.168.x.x, 172.31.x.x or, etc).

On the VMSC, under Security, Messaging Application Servers, you will see the IMAPI, IMAP4 and LDAP passwords. These match the MSS passwords set on the Trusted Servers and System Administration sections. If you have an older design form (MM 2.0 Planning form) it will show which passwords relate to the IMAPI, IMAP4 and LDAP passwords clearly. The passwords must be set the same on the MSS & MAS for the machines to talk to each other.

 

[bholzi88]

Kepetersen -- Thank you. I decided to do a full reload, as I tried your suggestion with no joy. I really appreciate your help as I am almost complete with the config process.

Ironic that you posted -- I ran into the same error you did on the "MAS OS" thread. Would that same issue be resolved by configuring the DCT file to just not join the corporate domain? Or must I change those DNS ipaddresses to the MAS1 private address.

As soon as you are able,
Brian

 

[bholzi88]

UPDATE: I tried and it failed again... I cant seem to get rid of this.

 

[kepetersen]

The IP process is unique on the MM to say the least. Forget the networking concept of IP private and corporate for a minute. In the MM dual network setup the traditional design was that the MM was its own domain with the MAS1 as the domain controller. Original private IP was the 192.168.1.1 (MSS) and MAS1 as 192.168.1.250, MAS2 (.249), MAS3 (.248)... mas6 (.245) THEN the Corporate IP could be anything else including what the network team knows also as a private IP range. It can't be however on the same segment as the private IP 192.168.1.x. The corporate interface can't be the same as the private.

With 3.1 MM this changed to a new flavor of MM where you could connect to the customer domain controller which in the DCT is the selection under Windows domain to Join a Corporate domain. This element requires that you provide the customer domain controller information.

Under Corporate Network details you have three choices:
1. Connect to corporate network using the specified (static) IP addresses <<default>>
2. Connect to corporate network and obtain IP addresses automatically with DHCP
3. Do not connect MM to the corporate network

#1 is the one most used. The DNS can use the private IP of the MAS1 if the customer doesn't have a DNS server or for prep before connection to the network. WINS is used in an DHCP environment and not on static on the initial installation.

The MSS passwords correspond to the MAS in the VMSC:
LDAP - on the VMSC is also seen as LDAP On the MSS Trusted Server, used on the MAS trusts
IMAPI - on the VMSC is the MWI On the MSS Trusted Server, seen as VVSTS
IMAP4 - on the VMSC is the IMAP4 On the MSS under System Administration as the IMAP4 password
MSS machine name password On the MSS under Networked Machine management

The trick with the DCT and installs, is that if it partially creates the MM but then fails don't use it again. Build the MSS manually to complete the process.

Installations are made better by the DCT and wizards but it is still best to follow the installation guide order as defined.

How many MAS do you have in this install?

Hope this helps.

 

[bholzi88]

That was a large help, thank you. The concepts are very important to this box's temperament.

RESOLUTION: Following the guidelines of the PSN regarding my issue , I went to the MSS and changed the setting (Auth. or Anonymous) then REBOOT the MSS in the midst of the error and config, which pretty much goes against the MM configuration as a whole, but known issues are known issues. Retried through the error, and MAS2 came up just fine once it was remedied.

Thank you very much, Kepetersen for your support on this, it pointed me in the right direction.