timallen
Well Known Member
We recently had a problem with a remote office where no one could connect to OneWorld. They always receved the error:
"SEC0000007 - Unable to locate security server"
I found a solution. As it turns out, they had a firewall which was blocking the port 6009 (The firewall software considered this to be an X-Windows port).
Here is the process I went through to find this out:
Me: Has this problem always existed?
Client: No, when OneWorld was first installed, it worked. This started happening about a month ago.
(Conclusion: Something changed about a month ago to make this happen-- my job becomes finding out what changed)
Me: How many machines in that office can't connect?
Client: All of them
(Conclusion: it either is a network problem, or the installer in that office did something weird).
Me: What changed in the network?
Client: I think there were some changes in the DNS Server, and maybe some other things...
(Conclusions: The client doesn't know what has been done)
At this point I connected remotely to one of the client machines and pinged the Enterprise Server. This worked. At least on this machine, DNS was okay.
Then I tried to open a telnet session from the client to the E/S on port 6009:
telnet
open entsvr 6009
This failed. On other machines where OneWorld works, I can do this. The connection takes place, and some non-human readable characters come on screen.
(Conclusion: port 6009 has been blocked)
Me: Is it possible that there is a firewall blocking port 6009?
Client: (slaps head) They updated the firewall software recently!
The client then opened the firewall log, and there were a bunch of "denial" messages about people trying to enter on port 6009.
We put a new rule in the Firewall to allow oexplore.exe to talk on port 6009 to the enterprise server.
The problem was solved!
"SEC0000007 - Unable to locate security server"
I found a solution. As it turns out, they had a firewall which was blocking the port 6009 (The firewall software considered this to be an X-Windows port).
Here is the process I went through to find this out:
Me: Has this problem always existed?
Client: No, when OneWorld was first installed, it worked. This started happening about a month ago.
(Conclusion: Something changed about a month ago to make this happen-- my job becomes finding out what changed)
Me: How many machines in that office can't connect?
Client: All of them
(Conclusion: it either is a network problem, or the installer in that office did something weird).
Me: What changed in the network?
Client: I think there were some changes in the DNS Server, and maybe some other things...
(Conclusions: The client doesn't know what has been done)
At this point I connected remotely to one of the client machines and pinged the Enterprise Server. This worked. At least on this machine, DNS was okay.
Then I tried to open a telnet session from the client to the E/S on port 6009:
telnet
open entsvr 6009
This failed. On other machines where OneWorld works, I can do this. The connection takes place, and some non-human readable characters come on screen.
(Conclusion: port 6009 has been blocked)
Me: Is it possible that there is a firewall blocking port 6009?
Client: (slaps head) They updated the firewall software recently!
The client then opened the firewall log, and there were a bunch of "denial" messages about people trying to enter on port 6009.
We put a new rule in the Firewall to allow oexplore.exe to talk on port 6009 to the enterprise server.
The problem was solved!