000018457 - Error: 'Node verification failed' and 'Passcode accepted' when using RSA ACE/Agent for Netscape

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000018457
Applies ToiPlanet Web Server
RSA ACE/Agent 1.1 for Netscape
IssueError: "Node verification failed" and "Passcode accepted" when using RSA ACE/Agent for Netscape
When trying to authenticate via RSA ACE/Agent for Netscape/iPlanet, the passcode is accepted, but then the error "Node verification failed" appears in ACE/Server log
CauseThe permissions on the web server /var/ace/data directory are such that the Netscape administrator cannot write to it. ACE/Server receives a proper passcode but fails to place the node secret in /var/ace/data due to this permission problem. This further results in a securid error on the HTML page. The log monitor of the ACE/Server shows passcode accepted node verification failed.
ResolutionIn order to properly send the node secret from the Master ACE/Server to the iPlanet Web Server or Netscape Enterprise Server, the /var/ace/data directory must be writable by the Netscape administrator. After the permissions have been changed and authenticated, check the /var/ace/data directory on the web server for the 'securid' file.  

There are several ways to determine who is the Netscape Server administrator.

1. Look for the line 'user' under server preferences from a web browser:

   http://<servername>:<administration port>
   Click on the webserver name
   Click 'view server settings'
   Look at line which reads User: <name of netscape administrator>

2. View the contents of the magnus.conf file by doing the following:

   cd /opt/netscape/suitespot/https-<servername>/config
   cat magnus.conf |grep -i user
Legacy Article IDa673