000021724 - How to capture Novell Modular Authentication Service (NMAS) trace with Novell NetWare 6.5

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 4Show Document
  • View in full screen mode

Article Content

Article Number000021724
Applies ToRSA Authentication Agent 3.0 for Novell Modular Authentication Service (NMAS)
Novell Modular Authentication Service (NMAS)
Novell eDirectory
Novell NetWare 6.5
Debugging Novell NetWare
IssueHow to capture Novell Modular Authentication Service (NMAS) trace with Novell NetWare 6.5
A Microsoft Windows workstation installed with a Novell client is having problems with an NMAS RSA Authentication Agent
Resolution

How to configure NMAS client trace and/or NMAS server trace

NOTE: This information is available in the Novell Support Knowledge Base as a Technical Information Document (TID).

NMAS Client Trace (TID 10092531)

Open the Novell Client Properties | Choose Location Profiles tab | select "Default" (or applicable Location) and select properties | Select properties once more | go to the NMAS tab and select the "Log NMAS Client Activity" | Select the "Log file" button and specify where the log file will be located. It is recommended to put this file on the desktop and call it NMAS.LOG | Select OK.

Reboot your workstation after making these changes.

Valid trace entries from a working RSA Authentication Agent 3.0 for Novell Modular Authentication Service (NMAS) with the Novell Client:


 

NMAS.DLL starting ...
Writing log file to: C:\NMAS.LOG

NMASDLL.C in NMAS.DLL was compiled Jun 19 2003 21:39:44.

Country ID    = 1
Code page     = 437
reply (NMAS ID) 0Wrapping Key OID length = 13 first word = 0x86600B06
Domestic Grade (3DES) Wrapping Key
mafPut write successful
mafPut write successful
In sendCanDo
mafPut write successful
mafPut write successful
sendCanDo Done
DO method
In doMethod
Loading LCM for method 0x60 from C:\WINDOWS\system32\securID.dll
Entry point at 0x1771660 is LCM00000060
XMsgDecrypt: CCS_DataDecryptInit returned 0
XMsgDecrypt: CCS_Decrypt returned 0
XMsgEncrypt: CCS_Encrypt returned cryptoLen = 56
mafPut write successful
mafPut write successful
XMsgDecrypt: CCS_DataDecryptInit returned 0
XMsgDecrypt: CCS_Decrypt returned 0
mafPut write successful
Method Success
Destroyed Contextuthentication materials total size 542
nmasVersion2Login returned 0NMAS_LegacyLogin error code: 0
Last Login Time 29689062 -1469203648

NMAS Server Trace for Netware 6.5 (TID 10092261)

The following are steps on how to capture an NMAS trace using Novell eDirectory iMonitor:

Novell eDirectory iMonitor

1.  Launch Novell eDirectory iMonitor on the NMAS server by going to http: //ip_address:port/nds
2.  Select the Trace Configuration hyperlink or the icon at the top of the screen with the lightening bolt.
3.  Under DS Trace Options, remove all selections.
4.  In the bottom section, select the NMAS trace option
5.  Select the Trace On button.
6.  Click the Refresh Button on your Browser and you should see a Trace Live link on the left.
7.  By default the trace will not refresh automatically.  Select the Refresh On button to turn on the auto refresh
8.  Once the trace traffic has been captured, go back to the Trace Configuration link and select the Trace Off button.
9.  You can view the trace file by going to the Trace History hyperlink

Valid Novell eDirectory iMonitor trace entries from a working RSA Authentication Agent 3.0 for Novell Modular Authentication Service (NMAS) with NetWare 6.5 server:

14:54:06 BD941280 00000000 FFFFFFFF -1 NMAS: 0: Create NMAS Session
14:54:06 BD941280 00000000 FFFFFFFF -1 NMAS: 0: Put attribute with ID = 2 of length 24 bytes
14:54:06 BD941280 00000000 FFFFFFFF -1 NMAS: 0: Put attribute with ID = 1 of length 62 bytes
14:54:06 BD941280 00000000 FFFFFFFF -1 NMAS: 0: Put attribute with ID = 11 of length 50 bytes
14:54:06 BD941280 00000000 FFFFFFFF -1 NMAS: 0: Server thread started
14:54:06 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: >>ServerGet: message size=8 queue size 0
14:54:06 BD941280 00000000 FFFFFFFF -1 NMAS: 0: >>ClientPut: message size=8 queue Size 0
14:54:06 B7C680A0 00000000 FFFFFFFF -1 NMAS: 0: >>ClientPut: message size=626 queue Size 8
14:54:06 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: >>ServerGet: message size=626 queue size 626
14:54:06 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: OEM
14:54:06 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: OEM Verb 3
14:54:06 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: HandleTransKey
14:54:06 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: HandleTransKey DataLen = 602
14:54:06 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: HandleTransKeys Wrapping Key OID first word = 0x86600B06
14:54:06 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: HandleTransKeys Domestic Grade (3DES) Wrapping Key
14:54:06 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: keyTag in while = 1
14:54:06 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: keyTag in while = 2
14:54:06 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: keyTag in while = 3
14:54:06 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: HandleTransKeys end of while err = 0
14:54:06 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: Transaction keys unwrapped:HandleTransKeys
14:54:06 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: 3 Transaction keys unwrapped
14:54:06 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: Return code from HandleTransKeys = 0
14:54:06 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: <<ServerPut: message size=8 queue size 0
14:54:06 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: <<ServerPut: message size=12 queue size 8
14:54:06 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: >>ServerGet: message size=8 queue size 0
14:54:06 B7C680A0 00000000 FFFFFFFF -1 NMAS: 0: <<ClientGet: message size=8 queue Size 20
14:54:06 B7C680A0 00000000 FFFFFFFF -1 NMAS: 0: <<ClientGet: message size=12 queue Size 12
14:54:06 B7C680A0 00000000 FFFFFFFF -1 NMAS: 0: >>ClientPut: message size=8 queue Size 0
14:54:06 B7C680A0 00000000 FFFFFFFF -1 NMAS: 0: >>ClientPut: message size=23 queue Size 8
14:54:06 B7C680A0 00000000 FFFFFFFF -1 NMAS: 0: <<ClientGet: message size=8 queue Size 0
14:54:06 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: >>ServerGet: message size=23 queue size 23
14:54:06 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: CanDo
14:54:06 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: Sequence Selected == "RSA Authentication Agent"
14:54:06 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: Login Method 0x00000060
14:54:06 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: MAF_Begin LSM 0x00000060
14:54:06 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: <<ServerPut: message size=8 queue size 0
14:54:06 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: <<ServerPut: message size=5 queue size 8
14:54:06 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: MAF_GetAttribute LSM 0x00000060 AID: 22 Tag: ACEUserName
14:54:06 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: MAF_XWrite LSM 0x00000060
14:54:06 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: <<ServerPut: message size=320 queue size 13
14:54:06 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: MAF_XRead LSM 0x00000060
14:54:06 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: >>ServerGet: message size=8 queue size 0
14:54:06 B7C680A0 00000000 FFFFFFFF -1 NMAS: 0: <<ClientGet: message size=5 queue Size 325
14:54:06 B7C680A0 00000000 FFFFFFFF -1 NMAS: 0: <<ClientGet: message size=8 queue Size 320
14:54:06 B7C680A0 00000000 FFFFFFFF -1 NMAS: 0: <<ClientGet: message size=312 queue Size 312
14:54:09 B7C680A0 00000000 FFFFFFFF -1 NMAS: 0: >>ClientPut: message size=8 queue Size 0
14:54:09 B7C680A0 00000000 FFFFFFFF -1 NMAS: 0: >>ClientPut: message size=64 queue Size 8
14:54:09 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: >>ServerGet: message size=64 queue size 64
14:54:09 B7C680A0 00000000 FFFFFFFF -1 NMAS: 0: <<ClientGet: message size=8 queue Size 0
14:54:11 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: MAF_XWrite LSM 0x00000060
14:54:11 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: <<ServerPut: message size=320 queue size 0
14:54:11 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: MAF_End LSM 0x00000060
14:54:11 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: LSM 0x00000060 successful
14:54:11 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: >>ServerGet: message size=8 queue size 0
14:54:11 B7C680A0 00000000 FFFFFFFF -1 NMAS: 0: <<ClientGet: message size=312 queue Size 312
14:54:11 B7C680A0 00000000 FFFFFFFF -1 NMAS: 0: >>ClientPut: message size=8 queue Size 0
14:54:11 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: WhatNext
14:54:11 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: Successful login
14:54:11 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: <<ServerPut: message size=8 queue size 0
14:54:11 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: <<ServerPut: message size=4 queue size 8
14:54:11 B7C680A0 00000000 FFFFFFFF -1 NMAS: 0: <<ClientGet: message size=8 queue Size 12
14:54:11 B7C680A0 00000000 FFFFFFFF -1 NMAS: 0: <<ClientGet: message size=4 queue Size 4
14:54:11 B7C680A0 00000000 FFFFFFFF -1 NMAS: 0: NDS Credential request
14:54:11 B7C680A0 00000000 FFFFFFFF -1 NMAS: 0: Returning NDS Credential size 554
14:54:11 B7C680A0 00000000 FFFFFFFF -1 NMAS: 0: Encrypted NDS Credential size 560
14:54:12 B7C680A0 00000000 FFFFFFFF -1 NMAS: 0: Client Session Destroy Request
14:54:12 B7C680A0 00000000 FFFFFFFF -1 NMAS: 0: Local Session Cleared (Not Destroyed)
14:54:12 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: >>ServerGet: session cleared
14:54:12 B67A9200 00000000 FFFFFFFF -1 NMAS: 0: Server thread exited

For more information about NMAS, see the following solutions:

How to configure NMAS Client to use a Valid Login Sequence

How to interpret Novell Modular Authentication Service (NMAS) error codes to diagnose a problem with RSA ACE/Agent for NMAS

Legacy Article IDa24762

Attachments

    Outcomes