Object not found

This error message appears when a user performs an NFC tap with their Nymi Band, for example, to log into Evidian SSO. 

Object not Found is a generic error, and requires log file investigation for additional error messages to narrow down the specific reason for the failure.

Note: Ensure that the Evidian software is in debug mode.  Enabling Debug Mode in Evidian provides more information.

To narrow down a cause, review the Evidian log files for additional error messages that appear before the Object not found error.

For example, review the WGSS(nymi) log file and search for the error code 0x81010009.  This is the error code that is associated with Object Not Found error. 

Review the error messages that appear before the 0x81010009 error.

Cause

Potential causes include:

  • The user terminal cannot establish a connection to the NES server due to network issues.
  • The BLE adapter is not plugged into the user terminal at the time the Nymi Band tap is performed on an NFC reader. 
  • SPNs are not correctly configured in the environment for NES.
  • The NEA certificates have expired on the user terminal and the user terminal cannot retrieve NEA certificates from the NES server.

    In the sample log output below, we can see that the message WearableExtension.cpp :0440: Ext::GetListOfVisibleDevices returns: 0x8101201c appears before the Object not Found error.

     
                                704:(22/03/17 06:13:14.149):CHttpClient.cpp :0402: -> CHttpClient::GetHttpStatus
                                704:(22/03/17 06:13:14.149):CHttpClient.cpp :0411: <- CHttpClient::GetHttpStatus
                                704:(22/03/17 06:13:14.149):NesClient.cpp :0114: Error from token request--code: 0 - message: 'The operation is complete"
                                '
                                704:(22/03/17 06:13:14.149):NesClient.cpp :0122: <- nymi::NesClient::AuthenticateWithToken
                                704:(22/03/17 06:13:14.149):Listener.cpp :0411: Unable to get token with USER creds
                                5bc:(22/04/04 13:31:31.469):WearableExtension.cpp :0440: Ext::GetListOfVisibleDevices returns: 0x8101201c
                                5bc:(22/04/04 13:31:31.469):WearableExtension.cpp :0441: 0 visible devices
                                5bc:(22/04/04 13:31:31.469):AutoChrono.cpp :0029: [TIME] Wearable::FreeListOfDevices() : 0 ms
                                5bc:(22/04/04 13:31:31.469):WearableExtension.cpp :0495: <- CWearableExtension::ValidateProvisions returned: 0x81010009
                                5bc:(22/04/04 13:31:31.469):AutoLock.cpp :0178: CS Unlock(WEProtectDll)
                                5bc:(22/04/04 13:31:31.469):WearableContext.cpp :0460: <- CWearableContext::ConnectUserWearableDevice returned: 0x81010009
                            

    The Evidian Errors and Events application provides the following error message for the 0x8101201c error code:  FMK_E_SECURITY_CERTIFICATECHAINNOTTRUSTED

    Inspection of the C:\Windows\System32\config\systemprofile\AppData\Roaming\Nymi\NSL\string\ksp directory shows that there are only the 8 locally-generated certificate files.

    The nymi_api.log file displays the following errors:

    
                                WARN - Verifying NEA certs without an NES connection. Some checks will be skipped.
                                ERROR - NSL: nsl_verify_nea_cert_chain, 2227, 5
                                ERROR - Error: ErrorWithMessage { error: MissingCerts, specifics: "Missing NES connection parameters. Please call `init` with additional fields \'nes_url\' and \'token\'" }
                                INFO - sending update to nea {"operation":"init","exchange":"30809","status":8000,"payload":{},"error":{"error_description":"NEA missing certificates.","error_specifics":"Missing NES connection parameters. Please call `init` with additional fields 'nes_url' and 'token'"}}
                            

    The user terminal cannot retrieve the NEA certificates from the NES server over port 443 (by default). NEA certificates are used to secure communications between the Nymi Band and the BLE adapter. The NEA certificates are a combination of 8 locally-generated certificates files and 12 NES-generated certificate files. By default, the NEA certificates on a user terminal expire every 14 or 90 days by default, depending on the Connected Worker Platform(CWP) version.  When the certificates expire, the user terminal initiates a request to retrieve certificates from the NES server when the Evidian Enterprise Access Management Security Service restarts or when an action occurs that requires certificates. 

Resolution

Perform the following sequence of actions to determine the cause of the communication issue:

  • Review the IIS log file in the C:\inetpub\logs directory on the IIS server that hosts the NES instance to confirm that communication between the user terminal and NES server occurs over http/https.  
  • Confirm that user terminal can successfully request authentication by token with the NES server.
  • Review Troubleshooting Basic Connectivity Issues to confirm that the client can communicate with the NES server.
  • Inspect firewall logs to confirm that bi-directional communication occurs between the client and server over http/https.
  • Ensure that the BLE adapter is inserted into a USB port on the user terminal.  If the adapter is in the USB port, reseat the adapter in the port, or try a different port.
  • Review the article Troubleshooting SPN Issues.

Articles in this section

Was this article helpful?
0 out of 0 found this helpful
Share

Comments

0 comments

Please sign in to leave a comment.