|Applies To||RSA ACE/Server 5.1 (no longer supported as of 7-14-2006)|
Microsoft Windows 2000 Server SP3
|Issue||sdtest.exe cannot display correct information|
Configuration Version: -14400
Client Retries: -85020
Client Timeout: -17411
Port Number: -1659983862
Server Release: N/A
SDCONF.REC filesize = 528 bytes
|Cause||The SDCONF.REC file installed on the W2K system is an invalid file, and therefore cannot be read correctly|
|Resolution||There are two types of files that may be created on an ACE/Server and placed on an ACE/Agent:|
1. SDCONF.REC - Mandatory:
This file holds details about where the ACE/Agent should connect to authenticate (for the very first time). This file will be in the ACEDATA directory, for example c:\ace\data.
There are two very specific reasons why this file might not be the copy you find in ACEDATA: 1) You have a "legacy" agent, and 2) you are using network address translation (NAT) between your ACE/Agent and the ACE/Server(s). See the ACE/Server documentation for additional details about both of these subjects.
2. NODESECRET.REC - Optional (new feature available in ACE/Server 5.1):
In most circumstances, the Agent and Server automatically set up a "node secret" (a file or registry setting with a random key in it) when the first authentication takes place. In certain circumstances, administrators may choose to be directly involved in this process and do steps manually. More details about this process may be found in the ACE/Server Admin manual.
Make sure not to confuse these two files. If you mistakenly think the NODESECRET.REC file is to be renamed SDCONF.REC and placed on the ACE/Agent, garbled details about your configuration will be displayed when performing a test authentication (as shown above).
NOTE: All instances ACE/Server 5.x and ACE/Agent 5.x will always have a 1024-byte SDCONF.REC
|Legacy Article ID||a17064|