This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Novell Data Synchronizer Mobility Pack Update 3

Hello All,

Novell Data Synchronizer Mobility Pack Update 3 has been released in patch
finder (http://download.novell.com/patch/finder/)

http://download.novell.com/Download?buildid=s2-irTrXcxU~

Regards
MJ


Parents Reply
  • 0 in reply to 
    My update didn't go so well... I ran the update.sh and it installed fine, restarted the services and users could not connect. Tried restarting server a couple times too.
    Everything looks good that I can see, LDAP auth works on the webpage login, but the sync fails on the device, like it can't connect to the server anymore...
    Any ideas on what I can try next? Thank you.
Children
  • 0 in reply to 
    All services look like they are running, postgresql is running, I can login to the datasync website and it shows groupwise and mobility are running... But devices can't connect ?
  • 0 in reply to 
    dknudson wrote:

    > All services look like they are running, postgresql is running, I can
    > login to the datasync website and it shows groupwise and mobility are
    > running... But devices can't connect ?


    Any errors in the Mobility connector log?

    --
    Novell Knowledge Partner
    Enhancement Requests: http://www.novell.com/rms
  • 0 in reply to 
    What do your logs show, and check your firewall config on your server too. I have my firewall off on my server as it's behind our Cisco ASA. So check to make sure maybe your firewall is off (maybe it is set to start on boot)???
  • 0 in reply to 
    dknudson;2073190 wrote:
    All services look like they are running, postgresql is running, I can login to the datasync website and it shows groupwise and mobility are running... But devices can't connect ?


    You may also want to check/change the ssl settings before it would allow sslv2 but sense the update it will only accept sslv3. I have seen a few phones that did not like this. You can re-enable sslv2 and see if that helps.
  • 0 in reply to 
    I've run into the same issue (thread here: http://forums.novell.com/novell-product-support-forums/data-synchronizer/ds-mobility-pack/431888-290-update-ssl2-any-way-disable-new-feature.html ) - we still haven't found a resolution for the problem, which seems to be affecting original Droids and some iPhones.

    If it helps any, I'll post my Mobility XML content here; the server itself has been restarted but that didn't help either:

    <connector>
    <settings>
    <common>
    <folderSupport>1</folderSupport>
    <log>
    <failures>on</failures>
    <verbose>off</verbose>
    <file>default.pipeline1.mobility.log</file>
    <level>info</level>
    </log>
    <startup>auto</startup>
    <enabled>true</enabled>
    <notifications>
    <notification>
    <connectorID>default.pipeline1.groupwise</connectorID>
    <type>targetSettingsChanged</type>
    </notification>
    </notifications>
    <caching>disabled</caching>
    <type>mobility</type>
    </common>
    <custom>
    <attachmentMaxSize>500</attachmentMaxSize>
    <soapServer/>
    <tasks>0</tasks>
    <galConnector>default.pipeline1.groupwise</galConnector>
    <listenPort>443</listenPort>
    <sslCiphers>DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:CAMELLIA256-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:CAMELLIA128-SHA:RC4-SHA:RC4-MD5:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC4-MD5</sslCiphers>
    <AEFrequencyType>1</AEFrequencyType>
    <dbhost>localhost</dbhost>
    <databaseMaintenanceStartHour/>
    <initialSyncEmail>0</initialSyncEmail>
    <dbtype>postgresql</dbtype>
    <databaseMaintenance/>
    <forceOutbox>1</forceOutbox>
    <listenAddress>0.0.0.0</listenAddress>
    <pollRate>20</pollRate>
    <authentication>ldap</authentication>
    <CodewordFrequency>5</CodewordFrequency>
    <ldapPort>636</ldapPort>
    <dbuser>datasync_user</dbuser>
    <PolicyEnable>0</PolicyEnable>
    <profile>0</profile>
    <dbport>5432</dbport>
    <databaseMaintenanceStopHour/>
    <dbpass>dbpasshere</dbpass>
    <sslMethod>3</sslMethod>
    <ssl>1</ssl>
    <sendMailConnector>default.pipeline1.groupwise</sendMailConnector>
    <dhport>5432</dhport>
    <dbname>mobility</dbname>
    <DeviceWipeThreshold>20</DeviceWipeThreshold>
    <blockDevices>0</blockDevices>
    <PasswordComplexity>0</PasswordComplexity>
    <initialSync>1</initialSync>
    <notes>1</notes>
    <ldapSSL>1</ldapSSL>
    <AEFrequencyValue>5</AEFrequencyValue>
    <ldapAddress>ldapserver.millikin.edu</ldapAddress>
    <galUserName>infotech</galUserName>
    <notesAsAllDay>1</notesAsAllDay>
    <MinimumPasswordLength>8</MinimumPasswordLength>
    <PolicyKey>0</PolicyKey>
    </custom>
    </settings>
    </connector>
  • 0 in reply to 
    Hi dKnudson

    The solution is following:
    I used sslMethod 3 for my environment..

    regards
    Ramon

    Selecting a Specific Version of SSL
    By default, the Mobility Connector accepts connections from mobile devices
    that use SSLv3 and TLSv1, but rejects connections from mobile devices that
    use SSLv2. If a userâ€Tms mobile device tries to connect using SSLv2, the user
    receives an error and cannot connect. You can enable and disable different
    versions of SSL protocols and also specify the cipher to use with the
    desired protocol.

    1.In Synchronizer Web Admin, click the Mobility Connector to display the
    Mobility Connector Configuration page, then click Edit XML Source to display
    the Connector XML Source window.

    2.Add the following tags between the <custom> and </custom> tags:

    <sslMethod>value</sslMethod>
    <sslCiphers>list</sslCiphers>
    3.In the <sslMethod> tag, replace value with any of the following values:

    SSL Version
    Value

    SSLv2
    1 (not recommended)

    SSLv3
    2

    TLSv1
    4

    All of the above
    3 (not recommended)

    SSLv3 and TLSv1
    5 (default)


    4.In a terminal window, use the following command to determine the ciphers
    that are available on your system:

    openssl ciphers -ssl3
    5.In the <sslCiphers> tag in the Connector XML Source window, replace list
    with the desired values as provided by the openssl command.

    6.Click Save XML to save your changes, then click Home to return to the main
    Synchronizer Web Admin page.

    7.Restart the Mobility Connector to put the desired SSL protocol and ciphers
    into effect.


    "dknudson" schrieb im Newsbeitrag
    news:dknudson.4ouoka@no-mx.forums.novell.com...


    My update didn't go so well... I ran the update.sh and it installed
    fine, restarted the services and users could not connect. Tried
    restarting server a couple times too.
    Everything looks good that I can see, LDAP auth works on the webpage
    login, but the sync fails on the device, like it can't connect to the
    server anymore...
    Any ideas on what I can try next? Thank you.


    --
    dknudson
    ------------------------------------------------------------------------
    dknudson's Profile: http://forums.novell.com/member.php?userid=18772
    View this thread: http://forums.novell.com/showthread.php?t=431642

  • 0 in reply to 
    Hi Smily

    Do you work with self signed certificates? If this is the case, you have to
    reimport the certificates in your device.

    Ramon

    "smily 03" schrieb im Newsbeitrag
    news:smily_03.4ov2g2@no-mx.forums.novell.com...


    I've run into the same issue (thread here:
    http://forums.novell.com/novell-product-support-forums/data-synchronizer/ds-mobility-pack/431888-290-update-ssl2-any-way-disable-new-feature.html
    ) - we still haven't found a resolution for the problem, which seems to
    be affecting original Droids and some iPhones.

    If it helps any, I'll post my Mobility XML content here; the server
    itself has been restarted but that didn't help either:


    Code:
    --------------------
    <connector>
    <settings>
    <common>
    <folderSupport>1</folderSupport>
    <log>
    <failures>on</failures>
    <verbose>off</verbose>
    <file>default.pipeline1.mobility.log</file>
    <level>info</level>
    </log>
    <startup>auto</startup>
    <enabled>true</enabled>
    <notifications>
    <notification>
    <connectorID>default.pipeline1.groupwise</connectorID>
    <type>targetSettingsChanged</type>
    </notification>
    </notifications>
    <caching>disabled</caching>
    <type>mobility</type>
    </common>
    <custom>
    <attachmentMaxSize>500</attachmentMaxSize>
    <soapServer/>
    <tasks>0</tasks>
    <galConnector>default.pipeline1.groupwise</galConnector>
    <listenPort>443</listenPort>
    <sslCiphers>DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:CAMELLIA256-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:CAMELLIA128-SHA:RC4-SHA:RC4-MD5:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC4-MD5</sslCiphers>
    <AEFrequencyType>1</AEFrequencyType>
    <dbhost>localhost</dbhost>
    <databaseMaintenanceStartHour/>
    <initialSyncEmail>0</initialSyncEmail>
    <dbtype>postgresql</dbtype>
    <databaseMaintenance/>
    <forceOutbox>1</forceOutbox>
    <listenAddress>0.0.0.0</listenAddress>
    <pollRate>20</pollRate>
    <authentication>ldap</authentication>
    <CodewordFrequency>5</CodewordFrequency>
    <ldapPort>636</ldapPort>
    <dbuser>datasync_user</dbuser>
    <PolicyEnable>0</PolicyEnable>
    <profile>0</profile>
    <dbport>5432</dbport>
    <databaseMaintenanceStopHour/>
    <dbpass>dbpasshere</dbpass>
    <sslMethod>3</sslMethod>
    <ssl>1</ssl>
    <sendMailConnector>default.pipeline1.groupwise</sendMailConnector>
    <dhport>5432</dhport>
    <dbname>mobility</dbname>
    <DeviceWipeThreshold>20</DeviceWipeThreshold>
    <blockDevices>0</blockDevices>
    <PasswordComplexity>0</PasswordComplexity>
    <initialSync>1</initialSync>
    <notes>1</notes>
    <ldapSSL>1</ldapSSL>
    <AEFrequencyValue>5</AEFrequencyValue>
    <ldapAddress>ldapserver.millikin.edu</ldapAddress>
    <galUserName>infotech</galUserName>
    <notesAsAllDay>1</notesAsAllDay>
    <MinimumPasswordLength>8</MinimumPasswordLength>
    <PolicyKey>0</PolicyKey>
    </custom>
    </settings>
    </connector>
    --------------------


    --
    smily_03
    ------------------------------------------------------------------------
    smily_03's Profile: http://forums.novell.com/member.php?userid=23003
    View this thread: http://forums.novell.com/showthread.php?t=431642

  • 0 in reply to 
    Ok, we got this resolved last night, wanted to let you all know what the cause was in case you experience it as well.

    Ultimately it ended up being from some bad/misplaced items in the GroupWise accounts of a couple of our users that had caused their initial sync to fail. With the original version of NDS, if the initial sync failed, it would still allow the device to connect to the system, however, with the latest version, that is no longer the case.

    I worked with a Novell support rep (who was really really helpful and knowledgeable by the way - kudos to Mukesh Jethwani :) ) and we went through the GroupWise accounts of the users who were having the problem, and this is what we found:

    One user had drug their Documents folder inside of their address book, which we drug back out under their mailbox.
    One user had drug one of their subcalendars into their Cabinet, which we drug back into their calendar.
    One user had old "xxxx.dup" and "xxxx.dup1" copies of their address books from the old GW5.5 Mac client, which we deleted.
    We'll be looking into the accounts of the other users experiencing the problem as they stop by our office.

    After making those changes and doing a "re-init" on their account in NDS, they were able to connect fine, so the error about security policies was just how their devices were interpreting the messages that were returned to them by the server.