Failed to authenticate: Entry not found in index

hcl-bot · February 20, 2008, 10:17am

Hi

Hope someone can shed some light on this - trying to be CRISPY

Scenario:

Server 6.5.4FP3 on W2K

Client 6.5.2 on XP SP2

User and Server are registered under two different certifiers:

(trying to anonymize and keep it simple…)

User: first last/OU2/OU1_for_users/org_for_users

Server: servername/Servers/OU2/OU1_for_servers/org_for_servers

So far, I have:

added */OU1_for_users/org_for_users in the “access server” field on the security tab of the server doc (users listed in all trusted directories is NOT checked but user is nevertheless listed in the directory)
created a cross certificate "OU1_for_servers/org_for_servers:OU1_for_users/org_for_users
issued a load updall names.nsf -r on the server console
let the user retry with the same result as before

(error message “02/20/2008 02:44:55 PM first last/OU2//OU1_for_users/org_for_users from host [xxx.xxx.xx.xxx:2683] failed to authenticate: Entry not found in index”)
searched this forum for the error message in the subject of this post.

The only probably related post is this one:

It pointed me to this technote:

I have then checked the certifier document in my server’s directory but there is no forward slash preceding the Org.

What am I missing ?

Anyone ?

Thanks for your time !

Stefan

hcl-bot · March 17, 2008, 5:47am

Subject: SOLVED: failed to authenticate: Entry not found in index

Maybe helpful for others stumbling across this issue:

If you have enabled public key checking in the server document, you have to cross-certify the users “full” org directly with the servers org, i.e.

org_for_servers:OU2/OU1/org_for_users

(instead of OU1_for_servers/org_for_servers:OU1_for_users/org_for_users)

This finally resolved my issue.