This section lists down the error codes for the Enhance Background Authentication:
-2101 FFFFF7CB EBA ERR FAILURE
Source:
EBA service.
Explanation:
A general error occurred. For more information, see the error logs or trace messages.
-2102 FFFFF7CA EBA ERR DHOST INTERFACE NOT AVAILABLE
Source:
EBA service.
Explanation:
The interface for invoking eDirectory's internal functions has not been initialized. This will prevent EBA from functioning properly.
-2103 FFFFF7C9 EBA ERR CONN NOT AUTHENTICATED
Source:
EBA service.
Explanation:
An EBA internal operation requires a secure connection to the DSA but the NCP connection being used has not been secured.
-2104 FFFFF7C8 EBA ERR NO SERVER FOUND
Source:
EBA service.
Explanation:
An eDirectory application tried to connect to an EBA-enabled eDirectory server in a partition's replica ring. The application was not able to contact any EBA-enabled eDirectory servers.
Possible Cause:
There are no EBA-enabled eDirectory servers in the partition's replica ring.
Possible Cause:
All EBA-enabled eDirectory servers in the partition's replica ring are unreachable.
-2105 FFFFF7C7 EBA ERR NO MECH CONFIG FOUND
Source:
EBA service.
Explanation:
An attempt was made to read an EBA mechanism-specific configuration information from one of the EBA configuration attributes (EBAServerConfiguration, EBAPartitionConfiguration, EBATreeConfiguration). The mechanism-specific configuration information was missing.
Possible Cause:
The EBA mechanism has not been configured.
-2108 FFFFF7C4 EBA ERR NMAS API INIT FAILED
Source:
EBA service.
Explanation:
The interface for invoking NMAS server's internal functions has not been initialized. This will prevent EBA from functioning properly.
-2109 FFFFF7C3 EBA ERR CRED NOT FOUND
Source:
EBA service.
Explanation:
The EBA server received a background request (BA) from a client and found that the EBA server's BA credentials are not available for completing the authentication.
-2110 FFFFF7C2 EBA ERR GSS FAILURE
Source:
EBA service.
Explanation:
An error was returned by GSSAPI while performing an EBA operation.
-2111 FFFFF7C1 OPENSSL FAILURE
Source:
EBA service.
Explanation:
An error was returned by an OpenSSL API call while performing an EBA operation.
-2201 FFFFF767 EBA SSL ERR FAILURE
Source:
EBA service.
Explanation:
A general error occurred. For more information, see the error logs or trace messages.
-2203 FFFFF765 EBA SSL ERR EBACA NOT INITIALIZED
Source:
EBA service.
Explanation:
An eDirectory server that must be serviced by the EBA CA received an EBA request. The EBA CA is not running on the server.
Possible Cause:
There is an error starting the EBA CA service on the server.
Possible Cause:
EBA CA is running on another server in the network.
-2204 FFFFF764 EBA SSL ERR NCPCA NOT INITIALIZED
Source:
EBA service.
Explanation:
An eDirectory server that must be serviced by the NCP CA service received an EBA request. NCP CA is not running on the server.
Possible Cause:
There is an error starting the NCP CA service on the server.
Possible Cause:
NCP CA has not been configured on the server.
-2207 FFFFF761 EBA SSL ERR OBJECT NOT EBA ENABLED
Source:
EBA service.
Explanation:
EBA BA was attempted by a user whose eDirectory object is not present on any EBA enabled eDirectory server.
Possible Cause:
The user object was moved or renamed after login.
Possible Cause:
All EBA enabled NCP servers in the replica ring are not reachable or were removed from the replica ring after user login.
-2208 FFFFF760 EBA SSL ERR PARTITION NOT EBA ENABLED
Source:
EBA service.
Explanation:
An EBA operation was attempted that required an eDirectory partition to be present on an EBA enabled server.
Possible Cause:
An attempt was made to merge an EBA-enabled partition with the parent partition, which is not EBA enabled.
Possible Cause:
An attempt was made to designate a non EBA-enabled server as the master of the partition when the current master is EBA enabled.
-2209 FFFFF75F EBA SSL ERR EBACA NOT FOUND
Source:
EBA TLS service.
Explanation:
An attempt to read the EBA tree configuration from the tree root object failed.
Possible Cause:
EBA is not configured in the tree.
-2210 FFFFF75E EBA SSL ERR NO EBACA CERTIFICATE
Source:
EBA TLS service.
Explanation:
The EBA CA certificate is not available. The EBA CA certificate is required for validating the peer certificate during background authentication.
-2211 FFFFF75D EBA SSL ERR NO EBACA KEY
Source:
EBA TLS service.
Explanation:
The EBA CA service is not able to read its private key.
-2212 FFFFF75C EBA SSL ERR NO NCPCA CERTIFICATE
Source:
EBA TLS service.
Explanation:
The eDirectory server is not able to read its own NCP CA certificate.
-2213 FFFFF75B EBA SSL ERR NO NCPCA KEY
Source:
EBA TLS service.
Explanation:
The eDirectory server is not able to read its own NCP CA key.
-2214 FFFFF75A EBA SSL ERR NO NCP SERVER CERTIFICATE
Source:
EBA TLS service.
Explanation:
The eDirectory server is not able to access its own EBA certificate.
-2215 FFFFF759 EBA SSL ERR WRONG PEER ID
Source:
EBA TLS service.
Explanation:
During authentication the client found that the address in the peer’s certificate does not match the address to which the client connected.
-2216 FFFFF758 EBA SSL ERR HANDSHAKE FAILED
Source:
EBA TLS service.
Explanation:
An error occurred during the TLS handshake done during background authentication. For more information, see the log files or trace messages.
-2218 FFFFF756 EBA SSL ERR CERT REQUEST PENDING
Source:
EBA TLS service.
Explanation:
A request for issuing NCP CA certificate for an eDirectory server could not be completed by EBA CA and is pending with the EBA CA.
Action:
The certificate request must be approved by the EBA CA administrator using the EBA iManager plugin. After the request is approved you can enable EBA on an eDirectory server.
See Reporting Error Code Problems to NetIQ®.
-2219 FFFFF755 EBA SSL ERR NO CERT STORE
Source:
EBA TLS service.
Explanation:
An EBA component was not able to access the certificate store where EBA certificates are stored for background authentication.
Possible Cause:
The certificate store file eba.p12 is not available at the client.
Possible Cause:
The certificate store inside eDirectory DIB has not been configured. This could be because the server has not yet been configured to support EBA.
-2220 FFFFF754 EBA SSL ERR BAD CERT STORE
Source:
EBA TLS service.
Explanation:
The EBA certificate store is corrupt.
-2222 FFFFF752 EBA SSL ERR NICI FAILURE
Source:
EBA TLS service.
Explanation:
An error occurred while encrypting/decrypting EBA configuration information using the NICI storage key. For more information, see the NICI error in the log file or trace messages.
-2223 FFFFF751 EBA SSL ERR NO CRL
Source:
EBA TLS service.
Explanation:
No CRL has been published by EBA CA.
-2224 FFFFF750 EBA SSL ERR UNKNOWN CERTIFICATE
Source:
EBA TLS service.
Explanation:
An attempt was made to look up an unknown certificate from EBA CA's certificate store.
-2225 FFFFF74F EBA SSL ERR CERTIFICATE REVOKED
Source:
EBA TLS service.
Explanation:
A certificate issued by EBA CA that was expected to be valid has been revoked.
Possible Cause:
An attempt was made to revoke a certificate issued by EBA CA when the certificate has already been revoked.
-2226 FFFFF74E EBA SSL ERR NOT ALLOWED
Source:
EBA TLS service.
Explanation:
EBA no longer allows you to perform the following eDirectory operations.
Possible Cause:
Any partition/replica operation which tries to convert an EBA-enabled partition to a non EBA-enabled partition will cause this error to be returned.
Possible Cause:
Removing the tree root partition from the eDirectory server where EBA CA is running or converting the replica to read-only will cause this error to be returned.
-2227 FFFFF74D EBA SSL ERR BAD CERTIFICATE
Source:
EBA TLS service.
Explanation:
A malformed X.509 certificate was encountered by an EBA component.
-2228 FFFFF74C EBA SSL ERR DUPLICATE CERTIFICATE
Source:
EBA TLS service.
Explanation:
The certificate subject name or subject alternate name matches those of a certificate already in the EBA CA's certificate store. Certificate subject names and subject alternate names must be unique.
-2229 FFFFF74B EBA SSL ERR UNAUTHORIZED CA
Source:
EBA TLS service.
Explanation:
The server that issued the BA material used for background authentication does not have a writable replica of the user object.
Possible Cause:
The user was moved to a different partition after login.
Possible Cause:
The server to which the user logged in was removed from the partition's replica ring.
Possible Cause:
The server to which the user logged in was converted to a read-only replica.
-2231 FFFFF749 EBA SSL ERR GSS FAILURE
Source:
EBA TLS service.
Explanation:
A general error occurred in the SSL mechanism during background authentication.