Domino server 8.5.3 Windows 2008 R2
Notes Client 8.5.1
As part of policy documents, new registered users have their ID uploaded to an ID Vault. I have enabled some ID vault debug settings.
The problem I have is: on installing Notes client on PC for first time, user receives "Wrong Password" prompt. I believe the user record is being found correctly in the vault:
01/08/2013 07:21:29 IDVAULT: idsync.c nwall; FileChunkSize 16384; WantDnLoad 1; WantUpLoad 0; WantCerts 0; WantChallengeC 0; UpFileHasPW: 0; TE0 0; TE1 0; TE2 1; TE3 1
But I see this, which looks like a certificate failure of some sort.
01/08/2013 07:21:29 IDVAULT: idsync.c FetchArtifacts: IDVGetVOCertChain: Note item not found
01/08/2013 07:21:29 IDVAULT: idsync.c IDVSrvDlgSync: FetchArtifacts: Note item not found
If I then extract the ID from the vault, copy to the PC, set up continues as normal, so there would not appear to be anything wrong with the ID…?
The only references I can find online for above server messages, I have found here:
- http://www-01.ibm.com/support/docview.wss?uid=swg27037703&aid=1
- http://lotusnotus.com/lotusnotus_en.nsf/dx/a-little-story-about-an-error-with-id-vault….htm
but I am fairly certain they do not apply to my situation.Anyone with any pointers or comments would be greatly received.
Here's a larger chunk of server output when running Notes Client setup for user: nwall
01/08/2013 07:21:05 IDVAULT: idvdb.c IDVFindIDInVault: Exiting: No error
01/08/2013 07:21:05 IDVAULT: download.c IDVServerDialogDnLoad: IDVLookupUserIDInfo: No error
NAMELookup::<NIFGetInternetDomain> getting internet domain information.
01/08/2013 07:21:29 IDVAULT: download.c IDVServerDialogDnLoad: IDVServerStartSyncDialog: No error
01/08/2013 07:21:29 IDVAULT: idsync.c nwall; FileChunkSize 16384; WantDnLoad 1; WantUpLoad 0; WantCerts 0; WantChallengeC 0; UpFileHasPW: 0; TE0 0; TE1 0; TE2 1; TE3 1
NAMELookup::<NIFGetInternetDomain> getting internet domain information.
NAMELookup::<Lookup> PID:TID ( F54: 7) start of routine
NAMELookup::<lookup> Searching view '$Users' (1 of 1 views).
NAMELookup::<lookup> Searching name='nwall'
(1 of 1 names).
NAMELookup::<lookup> Searching DBIndex=1.
NAMELookup::<lookup> from cache took 0 msecs
NAMELookup::<lookup> NumReturned=1, TotalNumReturned=1 match(es) for name='nwall'
NAMELookup::<lookup> Skipping to next view/namespace (stop at first match)!
NAMELookup::<LocateNameSpace> locate namespace in DBIndex=1, view='$ServerAccess'
NAMELookup::<LocateNameSpace> locate namespace in DBIndex=1, view='$PoliciesByGroup'
01/08/2013 07:21:29 IDVAULT: idsync.c FetchArtifacts: IDVGetVOCertChain: Note item not found
01/08/2013 07:21:29 IDVAULT: idsync.c IDVSrvDlgSync: FetchArtifacts: Note item not found
Best Answer
1.) Thats very hard to troubleshoot without seeing your names.nsf and the vault. Can you check the following:
names.nsf -> Security -> Certificates -> Vault Trust Certificates
There should be a kind of certificate chain. Meaning that your vault should be "connected" to your user CA. Are the certificate chain in place here?
2.) Which settings have the fields: - Compare public keys - Log public key mismatches - Check passwords on Notes IDs in your server documents? Do have all servers the same?