Backend suffix purges when Directory Server is restarted

I have Directory Server 5.2P4 running on a solaris 10 machine. There is a Tivoli Access Manager (TAM) installed and uses Directory to store its Policies/Access related data. TAM needs a root suffix secAuthority=Default to be present in directory where-in it stores its data.
I created a root suffix secAuthority=Default and named its backend database as TAM (NOT 'Default' since it gets purged when Directory is restarted). However when I restarted the Directory, the root suffix still gets deleted. There is no data in it just the suffix (secAuthority=Default).
Suggestions?
-Thanks

I got a resolution to this. I was creating the suffix with 'Use Defaults' option rather than 'Use custom' option. Once I used custom option, the suffix was created properly and retained when Directory was re-started.
So for some reason 'Use Defaults' option does not go well with the Directory when creating a suffix of type secAuthority=Default. The 'Default' name of the backend is the problem area. secAuthority=xyz works great. But TAM expects secAuthority=Default hence the 'Use Custom' option needed.

Similar Messages

  • Resisting the creation of new log files when SQL SERVER is restarted

    Hi,
    I know that when SQL server is restarted new log files are created. But is it possible to resist creating new log fils and insert log data in the existing log files that are used before restarting the sql server

    Hello,
    I guess Raghvendra answered your question. And as per your previous post its not clear what you want to ask an you did not revert. Again if your issue is solved appreciate if you can please mark the answer and vote the posts helpful.
     Can I continue to log in the same file.?
    What does this line mean exactly ? Yes SQL Server will continue to use same transaction log file(LDF file) for writing information as it was using before shutdown. If you are talking about errorlog file a new errorlog file would be created which you can
    read using
    sp_readerrorlog
    Even if you stopped SQL Server service mistakenly its not that server is gone. Yes when you stopped the server all inflight transactions are rolled back. And when SQL Server would come online it would undergo crash recovery and would bring all the databases
    online by reading transaction log file and performing redo and undo of information. All committed transaction would be rolled forward and uncommitted would be rolled back.
    Please mark this reply as answer if it solved your issue or vote as helpful if it helped so that other forum members can benefit from it
    My Technet Wiki Article
    MVP

  • Suffix data gets deleted when SunOne server is restarted

    I manually created a new suffix for a program I'm installing. The program, during configuration, creates directory entries in this new suffix. Everything works great, but whenever you restart the SunOne server, the data entries underneath this suffix get deleted. the suffix is still there, but when you click on the Directory tab in the console, the directory entries have all disappeared for the suffix I created. Very bizarre. Any help would be appreciated!

    I checked both the access and the error logs, nothing of significance shows up. The suffix was originally created from the console manually. This problem occured on a Solaris 9 server, but I have been able to re-create it very easily on a Windows 2000 Advanced server.
    Using VMWare, I can easily keep going back and forth from the image with the data and the image with the data missing. I've also noticed that if I try to do an export of the data for this suffix, I get an error that says
    "LDAP server is unwilling to perform". I'm wondering if these two errors are related. When I try to do an export with a different suffix on this server, it works great. Right before you do the export, it tells you that if the server does not have the proper access rights on this file, the export will not succeed. I'm not sure how to check that. I did create the suffix manually from the console logged in as cn=Directory Manager". Should I be using a different id? Thanks for your help!

  • File Adapter Query, when PI server restarts polling starts

    Hi Experts,
    I have one problem with File sender adapter if someone can suggest solution or easy way to handle situation.
    I have a interface with 50 file adapters.
    I am activating all file adapters with poling interval 24 Hours.
    And I am activating all adapters after 10 minutes interval so that all should not run at same time.
    So every thing is good.
    But the problem is that whenever BASIS team restarts the SAP-PI server. All 50 file sender adapters get restart at same time (i.e. all poling starts at same time which I do not want because of file size of all files and dependency of one interface i/p on other file o/p).
    So every time when server is getting re-started, I have to re-activate all 50 adapters by sitting for many hours after every 10 minute interval.
    Can someone suggest any solution for above problem, or itu2019s not possible to control sender file adapter poling start when server starts instead of time when I activate it originally?
    Regards

    Hi Rohan,
    As far as I know, it is not possible to schedule the adapter when the server gets restarted.
    Lets see what experts say on the same.
    Thanks,

  • Problems when the server is down

    When the server is restarted after a task is assigned, this task saves its state
    (claimed). After that, when I try to mark that task as completed, the server says
    that the conversation id is not found. Is that a Bug? or how can I fix that problem?
    Thank you

    The process doesn't finish because it's waiting for a task complete event.
    "Raja" <[email protected]> wrote:
    >
    i face this problem frequently. I believe the archival and Purging process
    of the
    WL integration archives and purges the Process Instance Info for those
    instances
    that are completed or Terminated. But i could see the tasks created by
    these instances
    left behind. If a user does any operation on these tasks result is the
    "Conversion
    Id not found exception". Iam not sure if this is a bug or is it by design.
    "David Uribe" <[email protected]> wrote:
    When the server is restarted after a task is assigned, this task saves
    its state
    (claimed). After that, when I try to mark that task as completed, the
    server says
    that the conversation id is not found. Is that a Bug? or how can I fix
    that problem?
    Thank you

  • Unable to make SSL connection from Proxy Server to Directory Server

    I have recently installed Directory Proxy Server 5.2 Patch 3 on Solaris 9 server. Backend directories are Sun Directory Server 5.2sp3 using Thawte signed certificates.
    I can't get the Proxy Server to make a successful SSL connection to the Directory Servers. The proxy server can make the non-ssl connection without problem. When the Proxy Server attempts the SSL connection it gives SEC_ERROR_UNTRUSTED_ISSUER error. The SSL certificates on the Directory Servers are signed by Thawte and have just recently been updated. The certificate for the Proxy Server is also signed by Thawte. The CA certificate is loaded in both the Proxy Server and the Directory Server.
    I also have an iPlanet Directory Access Router (iDAR) 5.0 Server that is our current production server that serves these same directories and I haven't had a problem with SSL connection with it. So, the certificates are good.
    I've encluded an exerpt from the Proxy Server log below for one of SSL connection attempts.
    Aug 30 2005 16:12:12 king.oit.duke.edu SunONEDPS[ 17471]: [STAT/CONN]    [   560
    307] Connection from secured listen port. New connection is on socket 37.
    Aug 30 2005 16:12:12 king.oit.duke.edu SunONEDPS[ 17471]: [STAT/CONN]    [   560
    305] Number of open connections is 1.
    Aug 30 2005 16:12:12 king.oit.duke.edu SunONEDPS[ 17471]: [STAT/CONN]    [   171
    211] [client(         152.3.100.30,  37)] Accepting connection via dukenet-group
    Aug 30 2005 16:12:12 king.oit.duke.edu SunONEDPS[ 17471]: [NOTICE]       [   302
    023] Failure with CERT_VerifyCertNow (checking signature, usage: "certUsageSSLSe
    rver").
    Aug 30 2005 16:12:12 king.oit.duke.edu SunONEDPS[ 17471]: [NOTICE]       [   302
    023] SEC_ERROR_BASE + 20, NSPR error: -8172 (0xffffe014). Native errno is: 11
    Aug 30 2005 16:12:12 king.oit.duke.edu SunONEDPS[ 17471]: [NOTICE]       [   385
    729] Rejected certificate on socket 38
    Aug 30 2005 16:12:12 king.oit.duke.edu SunONEDPS[ 17471]: [NOTICE]       [   385
    729] SEC_ERROR_BASE + 20, NSPR error: -8172 (0xffffe014). Native errno is: 11
    Aug 30 2005 16:12:12 king.oit.duke.edu SunONEDPS[ 17471]: [NOTICE]       [   385
    728] Certificate rejected on socket 38
    Aug 30 2005 16:12:12 king.oit.duke.edu SunONEDPS[ 17471]: [NOTICE]       [   385
    728] SEC_ERROR_BASE + 20, NSPR error: -8172 (0xffffe014). Native errno is: 11
    Aug 30 2005 16:12:12 king.oit.duke.edu SunONEDPS[ 17471]: [NOTICE]       [   385
    721] Read on socket 38 failed.
    Aug 30 2005 16:12:12 king.oit.duke.edu SunONEDPS[ 17471]: [NOTICE]       [   385
    721] SEC_ERROR_BASE + 20, NSPR error: -8172 (0xffffe014). Native errno is: 11
    Aug 30 2005 16:12:12 king.oit.duke.edu SunONEDPS[ 17471]: [EXCEPTION]    [   301
    006] Unexpected error on socket 38. (Error: -8172).
    Aug 30 2005 16:12:12 king.oit.duke.edu SunONEDPS[ 17471]: [NOTICE]       [   171
    002] [client(         152.3.100.30,  37)] [server(  152.3.101.110+  636,  38)] L
    ost connection to server, trying to failover to another
    Aug 30 2005 16:12:12 king.oit.duke.edu SunONEDPS[ 17471]: [NOTICE]       [   302
    023] Failure with CERT_VerifyCertNow (checking signature, usage: "certUsageSSLSe
    rver").
    Aug 30 2005 16:12:12 king.oit.duke.edu SunONEDPS[ 17471]: [NOTICE]       [   302
    023] SEC_ERROR_BASE + 20, NSPR error: -8172 (0xffffe014). Native errno is: 11
    Aug 30 2005 16:12:12 king.oit.duke.edu SunONEDPS[ 17471]: [NOTICE]       [   385
    729] Rejected certificate on socket 38
    Aug 30 2005 16:12:12 king.oit.duke.edu SunONEDPS[ 17471]: [NOTICE]       [   385
    729] SEC_ERROR_BASE + 20, NSPR error: -8172 (0xffffe014). Native errno is: 11
    Aug 30 2005 16:12:12 king.oit.duke.edu SunONEDPS[ 17471]: [NOTICE]       [   385
    728] Certificate rejected on socket 38
    Aug 30 2005 16:12:12 king.oit.duke.edu SunONEDPS[ 17471]: [NOTICE]       [   385
    728] SEC_ERROR_BASE + 20, NSPR error: -8172 (0xffffe014). Native errno is: 11
    Aug 30 2005 16:12:12 king.oit.duke.edu SunONEDPS[ 17471]: [EXCEPTION]    [   385
    717] ber_flush unexpected error on socket 38
    Aug 30 2005 16:12:12 king.oit.duke.edu SunONEDPS[ 17471]: [EXCEPTION]    [   385
    717] SEC_ERROR_BASE + 20, NSPR error: -8172 (0xffffe014). Native errno is: 11
    Aug 30 2005 16:12:12 king.oit.duke.edu SunONEDPS[ 17471]: [EXCEPTION]    [   385
    717] ber_flush unexpected error on socket 38
    Aug 30 2005 16:12:12 king.oit.duke.edu SunONEDPS[ 17471]: [EXCEPTION]    [   385
    717] NSPR error: -5938 (0xffffe8ce). Native errno is: 11
    Aug 30 2005 16:12:12 king.oit.duke.edu SunONEDPS[ 17471]: [NOTICE]       [   385
    721] Read on socket 38 failed.
    Aug 30 2005 16:12:12 king.oit.duke.edu SunONEDPS[ 17471]: [NOTICE]       [   385
    721] NSPR error: -5938 (0xffffe8ce). Native errno is: 11
    Aug 30 2005 16:12:12 king.oit.duke.edu SunONEDPS[ 17471]: [EXCEPTION]    [   301
    006] Unexpected error on socket 38. (Error: -5938).
    Aug 30 2005 16:12:12 king.oit.duke.edu SunONEDPS[ 17471]: [NOTICE]       [   171
    002] [client(         152.3.100.30,  37)] [server(    152.3.232.3+  636,  38)] L
    ost connection to server, trying to failover to another
    Aug 30 2005 16:12:12 king.oit.duke.edu SunONEDPS[ 17471]: [EXCEPTION]    [   385
    717] ber_flush unexpected error on socket 38
    Aug 30 2005 16:12:12 king.oit.duke.edu SunONEDPS[ 17471]: [EXCEPTION]    [   385
    717] NSPR error: -5938 (0xffffe8ce). Native errno is: 11
    Aug 30 2005 16:12:12 king.oit.duke.edu SunONEDPS[ 17471]: [EXCEPTION]    [   190
    102] [client(         152.3.100.30,  37)] Rejecting request The server is tempor
    arily busy
    Aug 30 2005 16:12:12 king.oit.duke.edu SunONEDPS[ 17471]: [OP/CONN]      [   170
    904] [client(         152.3.100.30,  37)] [server(  152.3.101.110+  636,  38)] C
    onnection unbound by client

    No, that was on 5.1. For 6.0, my classpath has just:
    %JAVA_HOME%\lib\tools.jar;%WL_HOME%\lib\weblogic_sp.jar;%WL_HOME%\lib\weblogic.jar;
    %CLASSPATH%
    This works fine.

  • Not (automatically)  purge  temporary directory when BI server restorted

    Hello,
    can we force BI publisher server (jboss) when restarted, to not (automatically) purge temporary directory .../xdo/cache and ...xdo/temp (not remove temporary files under xdo).
    thank's

    The patch 13553428 QA:BLK:DELIVER TO CORP. OID LDAP USERS FAILED WITH IMPERSONATOR DOES'NT EXIST. 11.1.1.6.0 Generic Platform (American English) General Oracle BI Suite EE Apr 5, 2012 799.4 KB
    Resolved the OBIEE login issue.
    Thanks,
    -VS

  • Restart directory server

    Hi,
    I just un-pluged my solaris host. When I start it again. I found that
    LDAP directory server is not running anymore. How can I start it up
    again?
    Since if i run :
    ../iasdeploy removeapp abc
    ../iascontrol stop
    it will have error like
    Could not connect to LDAP server on wee.host.com port 389...retrying
    Any other server i need to restart mannally besides LDAP server? kxs?
    kas? kcs?
    thanks

    Did you restart the admin server (./start-admin) and the ldap server (./start-slapd) ?
    Cheers,
    Vasanth

  • When I stream videos from my laptop onto my Apple TV via my iPad 2 using the Air Video app/server the video plays great however when I pause the video the Apple TV reverts back to the home screen within a few seconds and then when I want to restart watchi

    When I stream videos from my laptop onto my Apple TV via my iPad 2 using the Air Video app/server the video plays great however when I pause the video the Apple TV reverts back to the home screen within a few seconds and then when I want to restart watching the video I have to re-buffer the video. Is there any way I can stop the Apple TV from reverting back to the home screen when I pause the video I’m watching?

    Welcome to the Apple Community.
    Contact the developer of the Air Video app.

  • How to disable autostart (application) when managed server restart ?

    Hi Ppl,
    How to disable autostart (application) when managed server restart ?
    I want some of the applications to remain not started. In WebSPhere, we have an option disable auto start for applications.
    I don't find in weblogic.
    Thanks

    Hi,
    I agree with Faisal. When you shutdown your WL server while the application is running, the thing is when you start your server again, it would automatically start the application with it. Now if the application was down when you shutdown the server, it _the application_ won't start with the server.
    So it depends on the application last state, when you start your server.
    Regards,
    Mohab

  • Server automatically restart when built jsp page

    When i want to build a jsp using the build.xml file the server automatically restart..
    the following error shows in console
    Buildfile: C:\AE10\ATG10.0.3\WatchCart\Storefront\build.xml
    copyFiles:
    [echo] Start Copying ----
    [copy] Warning: WEB-INF\web.xml modified in the future.
    [copy] Warning: checkout\gadgets\shippingInitialize.jsp modified in the future.
    [copy] Warning: javaScriptEx\first.jsp modified in the future.
    [copy] Warning: javaScriptEx\second.jsp modified in the future.
    [copy] Warning: javaScriptEx\second1.jsp modified in the future.
    [copy] Warning: javaScriptEx\third.jsp modified in the future.
    [copy] Warning: navigation\gadgets\sites.jsp modified in the future.
    [copy] Warning: sku\sku.jsp modified in the future.
    [copy] Warning: sku\skuDisplay.jsp modified in the future.
    [copy] Copying 2 files to C:\AE10\jboss-5.1.0.GA\server\atg_watchprod\deploy\ATG.ear\store.war
    [echo] Finish copying -----
    BUILD SUCCESSFUL
    Total time: 328 milliseconds
    Thanks in advance

    sachindere76 ,
    good question, but this is not the problem.
    I did re-code my "public int getCard1()" method though:
    it was:
    public int getCard1 () {
    return card1;
    and I changed it to:
    public String getCard1 () {
              return Integer.toString(card1);
    since my jsp page tag was aparently looking for a string to work with, returning a String from the method seems to have helped now.
    I rebooted my machine and re-strated jakarta-tomcat server to verify and it worked fine this time.

  • When will Directory Server support RFC 4511?

    I would like to know when Sun plans to support the new LDAP v3 suite of RFCs, including RFC 4511?

    Thanks Ludovic.
    So if a client wants to support the password policies that are currently implemented on Directory Server 5.2, and also the policies that will be implemented in 6.0, then the client needs to support both the "vchu" and "behera" Internet Drafts, correct? Just to make sure I understand the "vchu" draft, the client is NOT required to send a password policy request control to the server in order to get password policy information returned, correct? ALL the policy information comes either in the error string associated with the LDAPResult OR in the 2 new controls defined in "vchu" (for expiring and already-expired passwords). Is all that correct?
    Is that the extent of what the client would need to do for support of 5.2? Or are there other password policy issues the client would need to code for in addition to what's in "vchu"?
    Also, does the "behera" draft define the extent of Directory Server 6.0 support for password policies, or will there be additional things the client will have to be aware of and code for?
    Thanks,
    gil
    I'm also confused about the relationship between the shadowAccount object class attributes defined in RFC 2307 vs. the password policy supported by Directory Server 5.2 (and 6.0). Are these attributes needed in support of either the "old" or the "new" password policies? Are they obsoleted by either password policy? Do the shadowAccount and password policy attributes operate independently from each other? If so, what do the shadowAccount attributes do for you that the password policy attributes don't? I'm having a hard time sorting out whether I need both types of attributes or only one...
    Thanks,
    gil
    Message was edited by: Gil Geiman
    ggeiman

  • Directory Server 6.2 - Possible Database Corruption

    We have become aware of a bug in Directory Server 6.2 only that could cause database corruption. We have a hotfix for this issue, and if you are running Directory Server 6.2 and run into this problem then you should contact Sun Support and ask for the fix for the following bug
    6642430: DB corruption (zero&rsquo;d pages) when performing db2ldif against large 20GB ldif file.
    The sunsolve record for this bug can be found at [http://sunsolve.sun.com/search/document.do?assetkey=1-1-6642430-1].
    NOTE: This issue does not affect Directory Server 6.0 or 6.1 release so you only need this fix if you are running Directory Server 6.2.
    After you have the hotfix for this issue on Directory Server 6.2 and have applied the hotfix, then you will have to re-initialize the database from an LDIF backup to fully correct the corruption issue. Simply applying the hotfix will not fix the database if the database is already corrupted. Database corruption can be present though not detected with data in binary formats. You must therefore rebuild the database by importing an LDIF backup.
    Directory Server Enterprise Edition 6.2 is no longer available for download and Directory Server Enterprise Edition 6.3, which includes a fix for this issue, will be available for download early April. When upgrading to Directory Server 6.3 from 6.2 (not needed if you are on 6.0 or 6.1), make sure you export the database (db2ldif) prior to the upgrade and then re-import the database after the upgrade to fully re-initialize the database and to ensure that no corruption issues remain.
    Recommended patch or upgrade procedures:
    <ol><li>     Shut down each directory server instance, as described in [Starting, Stopping, and Restarting a Directory Server Instance|http://docs.sun.com/app/docs/doc/820-2491/6ne3dhd8u?a=view#bcaan].
    </li>
    <li>     Perform an LDIF export of the database, as described in [Backing Up to LDIF|http://docs.sun.com/app/docs/doc/820-2491/6ne3dhdio?a=view#ganwh].
    </li>
    <li>     Install the [hotfix for bug 6642430|http://sunsolve.sun.com/search/document.do?assetkey=1-1-6642430-1] on Directory Server 6.2, or upgrade your Directory Server 6.2 instance to Directory Server 6.3 once Directory Server 6.3 is available for download (early April). You will need to login to Sunsolve in order to
         see this bug description.
    </li>
    <li>     Re-initialize the database from the LDIF exported in step 2, as described in [Importing Data From an LDIF File|http://docs.sun.com/app/docs/doc/820-2491/6ne3dhdj4?a=view#ganwc].
         If you are running replicated instances of Directory Server, make sure you read [Restoring Replicated Suffixes|http://docs.sun.com/app/docs/doc/820-2491/6ne3dhdjc?a=view#bcajf] as well.
    </li>
    </ol>
    Edited by: KevinLeMay on Mar 28, 2008 4:48 AM

    The entry was not imported most likely because it's parent isn't in the database yet. Are entries above this in another backend ? If so try importing that backend first. Also, that dn is so long, that it exhausted the buffer which is used to write messages in the access log. This is why, there's nothing after "which".
    What is the exact reason why a export and import is necessary? Or is it only necessary if
    the database is already corrupt? Is there a way to check that?The database corruption could be silent. So a binary backup/restore when going from 6.2 to 6.3 is not recommended and the LDIF route must be used.

  • Directory Server 6.2 upgrade to 6.3: import LDIF problem

    Hi all,
    I have tried upgrading my Directory Server 6.2 to version 6.3 because of the database integrity issues as stated in:
    http://blogs.sun.com/dsee/entry/directory_server_6_2_database
    I have followed the steps defined in this article:
    1. Shut down each directory server instance, as described in Starting, Stopping, and Restarting a Directory Server Instance.
    2. Perform an LDIF export of the database, as described in Backing Up to LDIF.
    3. Install the hotfix for bug 6642430 on Directory Server 6.2, or upgrade your Directory Server 6.2 instance to Directory Server 6.3 once Directory Server 6.3 is available for download (early April). You will need to login to Sunsolve in order to see this bug description.
    But when importing the LDIF export, I got the following error:
    [17/Dec/2008:14:44:08 +0100] - import ec: WARNING: Skipping entry "sunPortalAdminPortalDomainPortalServerInstanceMonitoringID=Monitoring,sunPortalAdminPortalDomainPortalServerInstanceID=sol10portal-80,sunPortalAdminPortalDomainPortalID=portal1,sunPortalAdminPortalDomainID=defaultDomain,o=example" whichIt's the only information I get about why the entry was skipped (I did not forget to copy the part after 'which', there was no information there :-))
    This resulted in a missing Portal instance configuration and thus I got a 'configuration error' when surfing through the gateway to the portal.
    I have also tried: manually importing that entry, which resulted in a 'Object does not exist' error. I have tried copying the whole tree from another backup with identical setup, which wasn't working either.
    Did anyone experience the same problems before? Did I do something wrong or is there a workaround for this?
    Second question: What is the exact reason why a export and import is necessary? Or is it only necessary if the database is already corrupt? Is there a way to check that?
    Thanks alot!
    Sten

    The entry was not imported most likely because it's parent isn't in the database yet. Are entries above this in another backend ? If so try importing that backend first. Also, that dn is so long, that it exhausted the buffer which is used to write messages in the access log. This is why, there's nothing after "which".
    What is the exact reason why a export and import is necessary? Or is it only necessary if
    the database is already corrupt? Is there a way to check that?The database corruption could be silent. So a binary backup/restore when going from 6.2 to 6.3 is not recommended and the LDIF route must be used.

  • Monioring iplanet Directory server 5.1 SP2 via SNMP

    Hi ,
    I try to monitor my directory server by using snmp on solaris8 sparc server .
    All thing look ok , but when i restart or start the master subagent via the console admin server i've got the error message
    " An error occured when starting SNMP subagent. Check that the configuration data you entered is correct and that the SNMP master is running"
    Did sommeon have an idea to solve this problem
    Best regards

    i did not understand the concept of disable in NetscapeRoot as u said "Accidentally,we had disbled the NetscapeRoot suffix through the iPlanet Dir sever console ". Dou mind explain a little bit about how you did it?
    One option is export the o=NetscapeRoot into a ldif file, after re-build your directories, import o=NetscapeRoot whics ever is necessay ,"do not export every thing".

Maybe you are looking for