Cannot set node manager password in weblogic console (10.3.3)

Hi,
I've been trying to configure a custom AD authenticator in the weblogic console for 10.3.3 and get Invalid pad byte on the node manager password when it tries to activate my changes. After trying several things suggested in other forums, I went into the weblogic console, under domains->security, changed the node manager user and password, and still get an Invalid pad byte on the password I entered! Any suggestions?
Thanks!
Julia Allen

Well that didn't work :( . I went into config.xml and changed <node-manager-username> and <node-manager-password-encrypted> to clear text, restarted, went into the console and tried to change the node manager username and password in Domains-->Security-->Advanced and still got invalid pad byte on the password I entered when I saved. Interestingly enough when the page came up the value for node-manager-username was the old value... not the one I changed in config.xml before I started the server. I verified that I changed the correct config.xml. When I looked at it after restart, the values had not been changed to encrypted values. And, yes, production mode is false. So I'm guessing a cache problem somewhere? Or a corruption in one of the other security files that I cannot determine?
One thing I did try was to reset the admin password following steps I found in other places (e.g. renaming ldift/initialized/properties files, running java weblogic.security.utils.AdminAccount) but nothing. Still the same problem. Also note that the server starts just fine... the console just barfs with this invalid pad byte error whenever I try and configure that AD provider or actually try and change the node user name and password.
Any other ideas? Your help is greatly appreciated!
Julia

Similar Messages

Getting error message while strating managed server in weblogic console.

Hi,
Here are my config steps I followed:
1. Created Domain with the Admin server port 8001.
2. Able to log into the Admin console successfully.
3. Created Machine in the console
4. Created Managed server ms01.
5. Created Network Channels under ms01 for http and https with different ports.
6. Started node manager
7. Started ms01 and status shows RUNNING.
8. Deployed one sample war file on this ms01. Deployment was successful.
9. Tried to access the application which is deployed, white page is displayed. But same app I was able to access before, so its clear nothing wrong in war file.
10. I rebooted wls after this and tried restarting managed server, but stuck at this point because of below error.
At this point I could see error message in the wls log.
like:
<Error> <NodeManager> <BEA-300033> <Could not execute command "getVersion" on the node manager. Reason: "Connection refused: connect. Could not connect to NodeManager. Check that it is running at localhost:5,556.".>
<Error> <NodeManager> <BEA-300033> <Could not execute command "getNMLog" on the node manager. Reason: "Connection refused: connect. Could not connect to NodeManager. Check that it is running at sdc78197svod.corp.siebel.com:5,556.".>
I tried rebooting wls, did not work out.
Any help on this appreciated.
Thanks

Is the node manager running at sdc78197svod.corp.siebel.com:5,556 ? YOu can do a telnet to this IP, port to confirm.

Can i use single node manager with two weblogic domain?

I am very new to weblogic and node manager.
i had created two domains in weblogic. (single node manger).
Can i connect both domains with same nodemanger?
How to do this?

The node manager uses a nodemanager.domains file to determine which domains it manages, for example,
domain_name=/path_to_domain/domain_name
other_domain_name=/path_to_other_domain/other_domain_name
This file can be found in the NODEMANAGER_HOME, that you specified when starting the node manager (startNodeManager - NODEMGR_HOME="${WL_HOME}/../oracle_common/common/nodemanager")
When you are running the domain on multiple machines you have to enroll the node manager into the domain (http://docs.oracle.com/cd/E23943_01/web.1111/e13813/reference.htm#i1065827)
A scripted example can be found here: Middleware Snippets: Automate WebLogic Installation and Configuration. The Node Manager administration guide can be found here: Oracle&reg; Fusion Middleware Node Manager Administrator's Guide for Oracle WebLogic Server 11g Release 1 (10.3.6) -….

How to set autocommit false in Oracle Weblogic console?

Hi All,
While invoking the oracle Ebiz custom package from Oracle SOA 11g BPEL we are getting below error:-
java.sql.SQLSyntaxErrorException: ORA-02089: COMMIT is not allowed in a subordinate session.
Wondering if there is some properties through which we can set the autocommit false on the Oracle Weblogic Console.
Highly appreciate any pointers for the same.
Thanks in advance.

Yes I did set global transaction (XA) up in the db adapter. True, there are couple of commits in the API and from outside BPEL that works fine, the error i am getting when trying to access the API through BPEL. I am calling this only API from the BPEL.
Do you think there needs to setup explicit "autoCommit=false" somewhere in the weblogic console?

My password lock cannot be turned off (button is greyed out and does not react) and I cannot set to "simple" password (4 digits) for the same reason (button greyed out)

Today, I got a message from my iphone 4 telling me that my password was expired and that I had to change it.
Now I am forced to enter a 8 character long password and I cannot turn off the password lock (button is greyed out and does not react) and I cannot change to "simple" code.
I am so upset that I am considering throwing the bloody thing to the rubbish bin
Can you help?

Have a work Exchange account on your phone? These policies can be enforced by a profile installed on your phone. There is nothing you can do to change this except delete the Exchange account.

Cannot set guided access password on iTouch after IOS* update. How can I fix this?

We upgraded my daughters iTouch to IOS8. When I go into guided access to set the password, it will not accept it. It keep taking me back to the Set Guided Access Password each time. I will put in the 4 digits, confirm the 4 digits and it takes me back to the original scree that says Set Guided Access Password. How can I get this to work?

Try a reset: hold down the home button along with the power button until you see the Apple, then let go.

Cant set Remote Management password

I am going nuts trying to find this out! When I right click the remote
management agent, the security selection is greyed out. I have full admin
rights to the tree. Does anyone know where this setting is to allow this?
thanks

I set this option but the security option on the systray icon is still
greyed out so I cant set the password. Any reason why this is restricted?
> On Wed, 09 Nov 2005 19:17:54 GMT, [email protected] wrote:
>
> > Does anyone know where this setting is to allow this?
>
> if the wks is imported you need to allow this in the remote management
> policies..
> --
>
>
> Marcus Breiden
>
> Please change -- to - to mail me.
> The content of this mail is my private and personal opinion.
> http://www.edu-magic.net

Cannot set a secure password

I woke up to see an email about an order for a calling subscription to Guatemala added to my account (while I was sleeping)
The first thing I did was log in and change my password. The problem is the site keeps giving me a message that my new password is 'too easy to guess' and won't accept it. It does this when I use a strong password with numbers, symbols and different case letters. - Yet I found the only way to change my password was to use a simple password that really IS easy to guess. - It takes that fine.

Open routers set up page using http://192.168.1.1 ....you will see username & password ....leave username blank & in password use admin.....
Click on "wireless" tab.... look for "wireless security" sub-tab ...... it will show you security level ....... you can either make it WEP or disable the seurity .....
In case of WEP have a note of WEP key no-1 ...... click save settings....

Cannot set BIOS supervisor password on U300s

Hi, all.
I could enter BIOS and could set parameter in Advanced tab, I could view Security tab, but, I couldn't change any parameter! It wasn't lock by password at all. It seemed like the entire menu was disabled. So, I couldn't create the supervisor password.
Does anyone have an idea?
Thanks.
Solved!
Go to Solution.

I found that I must change fast boot to normal boot first, then I could set the password. Solved!

[wls8.1 sp.3] cannot remote start with node manager on another server

In this domain run on 2 physical servers in windows 2003. In machine that has admin server can start with node manager but another machine without admin server cannot remote start . when i remote start , the node manager has facing error messages as below:
# AT "node manager monitoring" in weblogic admin console
[[NodeManager:300033]Could not execute command ping on the node manager. Reason: weblogic.nodemanager.NodeManagerException: [CommandInvoker: Failed to send command: 'ping to server 'null' to NodeManager at host: 'xxx.xxx.xxx.24:5555' with exception Connection reset by peer.. Please ensure that the NodeManager is active on the target machine].]
# AT "nodemanger.log" has facing error messages as below:
<Aug 20, 2008 7:34:07 PM ICT> <Info> <[email protected]:5555> <NodeManage r started, log messages being written into file C:\bea\WEBLOG~1\common\NODEMA~1\ NodeManagerLogs\NodeManagerInternal\nm_server02_08_20_2008-19_34_03.log>
<Aug 20, 2008 7:59:58 PM ICT> <Warning> <Security> <BEA-090476> <Invalid/unknown SSL header was received from peer server01 - 10.208.50.23 during SSL handsha ke.> <Aug 20, 2008 8:00:11 PM ICT> <Warning> <Security> <BEA-090476> <Invalid/unknown SSL header was received from peer server01 - xxx.xxx.xxx.23 during SSL handsha key.>
I would REALLY appreciate any suggestions as to what might be the cause or what i could try.
Thanks ....

Hi,
It is up to you to decide whether you want to use nodemanager or not.
It does not make any difference if the server is started via script or nodemanager.
if i want everything (AS, MS, and NM) to come up at server boot i need to set each of them up as windows services (which is what i have at the moment) but this wont allow me to use the node manager ==> Yes this statement is correct.
You can either set AS and MS as windows service (or) AS and nodemanager as service.
Thanks,
Sharmela

Weblogic 9.2 Node Manager Starts, Managed Servers Do Not

Hello,
We just upgraded from 8.1.6 to 9.2.3 and I got the Node Manager and the admin console to start up.
However, anytime I try to start a managed server, I get a failed error. I tried to create a new server and start it, and I get the same error. When I go to the server.out file, this is what I see in the file.
See below.
Any advice / help would be greatly appreciated. Thanks in advance!!!
<Apr 20, 2011 2:34:17 PM> <Info> <NodeManager> <Starting WebLogic server with command line: D:\bea\jdk150_12\jre\bin\java -Dweblogic.Name=da_01 -Djava.security.policy=D:\bea\WEBLOG~2\server\lib\weblogic.policy -Dweblogic.management.server=http://10.32.12.77:7001 -Djava.library.path=D:\bea\WEBLOG~2\server\bin;.;C:\WINDOWS\system32;C:\WINDOWS;D:\bea\WEBLOG~2\server\native\win\32;D:\bea\WEBLOG~2\server\bin;D:\bea\jdk150_12\jre\bin;D:\bea\jdk150_12\bin;D:\bea\WEBLOG~2\server\native\win\32\oci920_8;D:\Program Files\Documentum\Shared;D:\Documentum\product\5.3\bin;D:\Documentum\fulltext\fast40;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\system32\WindowsPowerShell\v1.0;C:\WINDOWS\system32\WindowsPowerShell\v1.0;C:\Program Files\Microsoft SQL Server\90\Tools\binn\;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;D:\Documentum\product\5.3\fusion;C:\Program Files\Microsoft SQL Server\90\DTS\Binn\;C:\Program Files\Microsoft SQL Server\90\Tools\Binn\VSShell\Common7\IDE\;C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\PrivateAssemblies\ -Djava.class.path=.;D:\bea\patch_weblogic923\profiles\default\sys_manifest_classpath\weblogic_patch.jar;D:\bea\jdk150_12\lib\tools.jar;D:\bea\WEBLOG~2\server\lib\weblogic_sp.jar;D:\bea\WEBLOG~2\server\lib\weblogic.jar;D:\bea\WEBLOG~2\server\lib\webservices.jar; -Dweblogic.system.BootIdentityFile=D:\bea_domains\cheniere_dctm\servers\da_01\data\nodemanager\boot.properties -Dweblogic.nodemanager.ServiceEnabled=true -Dweblogic.security.SSL.ignoreHostnameVerification=false -Dweblogic.ReverseDNSAllowed=false weblogic.Server >
<Apr 20, 2011 2:34:17 PM> <Info> <NodeManager> <Working directory is "D:\bea_domains\cheniere_dctm">
<Apr 20, 2011 2:34:17 PM> <Info> <NodeManager> <Server output log file is "D:\bea_domains\cheniere_dctm\servers\da_01\logs\da_01.out">
Usage: java [-options] class [args...]
(to execute a class)
or java [-options] -jar jarfile [args...]
(to execute a jar file)
where options include:
-client     to select the "client" VM
-server     to select the "server" VM
-hotspot     is a synonym for the "client" VM [deprecated]
The default VM is client.
-cp <class search path of directories and zip/jar files>
-classpath <class search path of directories and zip/jar files>
A ; separated list of directories, JAR archives,
and ZIP archives to search for class files.
-D<name>=<value>
set a system property
-verbose[:class|gc|jni]
enable verbose output
-version print product version and exit
-version:<value>
require the specified version to run
-showversion print product version and continue
-jre-restrict-search | -jre-no-restrict-search
include/exclude user private JREs in the version search
-? -help print this help message
-X print help on non-standard options
-ea[:<packagename>...|:<classname>]
-enableassertions[:<packagename>...|:<classname>]
enable assertions
-da[:<packagename>...|:<classname>]
-disableassertions[:<packagename>...|:<classname>]
disable assertions
-esa | -enablesystemassertions
enable system assertions
-dsa | -disablesystemassertions
disable system assertions
-agentlib:<libname>[=<options>]
load native agent library <libname>, e.g. -agentlib:hprof
see also, -agentlib:jdwp=help and -agentlib:hprof=help
-agentpath:<pathname>[=<options>]
load native agent library by full pathname
-javaagent:<jarpath>[=<options>]
load Java programming language agent, see java.lang.instrument
<Apr 20, 2011 2:34:18 PM> <Info> <NodeManager> <Server failed during startup so will not be restarted>

Hi,
Your JAVA_OPTIONS contains -Djava.library.path which has values with SPACES which is causing the issue.
Example:
-Djava.library.path=D:\bea\WEBLOG~2\server\bin;.;C:\WINDOWS\system32;C:\WINDOWS;D:\bea\WEBLOG~2\server\native\win\32;D:\bea\WEBLOG~2\server\bin;D:\bea\jdk150_12\jre\bin;D:\bea\jdk150_12\bin;D:\bea\WEBLOG~2\server\native\win\32\oci920_8;D:\Program Files\Documentum\Shared;D:\Documentum\product\5.3\bin;D:\Documentum\fulltext\fast40;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\system32\WindowsPowerShell\v1.0;C:\WINDOWS\system32\WindowsPowerShell\v1.0;C:\Program Files\Microsoft SQL Server\90\Tools\binn\;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;D:\Documentum\product\5.3\fusion;C:\Program Files\Microsoft SQL Server\90\DTS\Binn\;C:\Program Files\Microsoft SQL Server\90\Tools\Binn\VSShell\Common7\IDE\;C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\PrivateAssemblies\There are some paths included in the java.library.path which contains SPACES like C:\Program Files\Microsoft SQL Server\90\Tools\binn\
It means there is a Space between words like 'C:\Program Files'
Please add the complete java.library.path inside a Double quote so that the Spaces will not cause any issue...
Example : with the below run you will get the same exception as you mentioned
java   -Djava.library.path=C:\Program Files\Microsoft SQL Server\90\Tools\binn\    HelloWorldCorrect way as following:
java   -Djava.library.path="C:\Program Files\Microsoft SQL Server\90\Tools\binn\"    HelloWorldQuotation mark added in the path which has spaces.
Regards,
Ravish Mody
http://middlewaremagic.com/weblogic
Come, Join Us and Experience The Magic…

Error configuring and starting Managed Server in WebLogic 10.3

Hi,
I am able to configure and start the Managed Server on windows environment. I am trying to configure Managed Server on linux environment. I am configuring the Managed Server with custom keystore. When I configured the Managed Server I specified the keystore/trustsote information in the Keystores tab of the Admin Console for Managed Server settings. Specified Private Key Alias, Password in SSL tab.But when I am starting the Managed Server from command line, I see the process looking for demo trust files and failing.
Here is the command I run to start the Managed Server:
./startManagedWebLogic.sh MyManagedServer1 https://localhost.localdomain:8443
Below is the console output:
<Mar 11, 2015 12:37:44 PM PDT> <Info> <WebLogicServer> <BEA-000377> <Starting WebLogic Server with Java HotSpot(TM) 64-Bit Server VM Version 20.45-b01 from Sun Microsystems Inc.>
<Mar 11, 2015 12:37:45 PM PDT> <Info> <Security> <BEA-090065> <Getting boot identity from user.>
Enter username to boot WebLogic server:beaadmin
Enter password to boot WebLogic server:
<Mar 11, 2015 12:37:53 PM PDT> <Info> <Security> <BEA-090908> <Using default WebLogic SSL Hostname Verifier implementation.>
<Mar 11, 2015 12:37:53 PM PDT> <Notice> <Security> <BEA-090169> <Loading trusted certificates from the jks keystore file /opt/wlserver_10.3/server/lib/DemoTrust.jks.>
<Mar 11, 2015 12:37:53 PM PDT> <Error> <Security> <BEA-090132> <Could not open the keystore file /opt/wlserver_10.3/server/lib/DemoTrust.jks for read access. Exception: java.io.FileNotFoundException: /opt/wlserver_10.3/server/lib/DemoTrust.jks (No such file or directory)>
<Mar 11, 2015 12:37:53 PM PDT> <Warning> <Security> <BEA-090164> <Failed to load trusted certificates from keystore /opt/wlserver_10.3/server/lib/DemoTrust.jks of type jks>
<Mar 11, 2015 12:37:53 PM PDT> <Notice> <Security> <BEA-090169> <Loading trusted certificates from the jks keystore file /opt/jre1.6.0_45/lib/security/cacerts.>
<Mar 11, 2015 12:37:53 PM PDT> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=Entrust Root Certification Authority - G2,OU=(c) 2009 Entrust\, Inc. - for authorized use only,OU=See www.entrust.net/legal-terms,O=Entrust\, Inc.,C=US". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
<Mar 11, 2015 12:37:53 PM PDT> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=thawte Primary Root CA - G3,OU=(c) 2008 thawte\, Inc. - For authorized use only,OU=Certification Services Division,O=thawte\, Inc.,C=US". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
<Mar 11, 2015 12:37:53 PM PDT> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=T-TeleSec GlobalRoot Class 3,OU=T-Systems Trust Center,O=T-Systems Enterprise Services GmbH,C=DE". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
<Mar 11, 2015 12:37:53 PM PDT> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=T-TeleSec GlobalRoot Class 2,OU=T-Systems Trust Center,O=T-Systems Enterprise Services GmbH,C=DE". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
<Mar 11, 2015 12:37:53 PM PDT> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=GlobalSign,O=GlobalSign,OU=GlobalSign Root CA - R3". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
<Mar 11, 2015 12:37:53 PM PDT> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "OU=Security Communication RootCA2,O=SECOM Trust Systems CO.\,LTD.,C=JP". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
<Mar 11, 2015 12:37:53 PM PDT> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=VeriSign Universal Root Certification Authority,OU=(c) 2008 VeriSign\, Inc. - For authorized use only,OU=VeriSign Trust Network,O=VeriSign\, Inc.,C=US". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
<Mar 11, 2015 12:37:53 PM PDT> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=KEYNECTIS ROOT CA,OU=ROOT,O=KEYNECTIS,C=FR". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
<Mar 11, 2015 12:37:53 PM PDT> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=GeoTrust Primary Certification Authority - G3,OU=(c) 2008 GeoTrust Inc. - For authorized use only,O=GeoTrust Inc.,C=US". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
<Mar 11, 2015 12:37:53 PM PDT> <Info> <Management> <BEA-141107> <Version: WebLogic Server 10.3.6.0 Tue Nov 15 08:52:36 PST 2011 1441050 >
<Mar 11, 2015 12:37:54 PM PDT> <Warning> <Security> <BEA-090477> <Certificate chain received from localhost.localdomain - 127.0.0.1 was not trusted causing SSL handshake failure.>
<Mar 11, 2015 12:37:54 PM PDT> <Warning> <Security> <BEA-090477> <Certificate chain received from localhost.localdomain - 127.0.0.1 was not trusted causing SSL handshake failure.>
<Mar 11, 2015 12:37:54 PM PDT> <Warning> <Security> <BEA-090477> <Certificate chain received from localhost.localdomain - 127.0.0.1 was not trusted causing SSL handshake failure.>
<Mar 11, 2015 12:37:54 PM PDT> <Warning> <Security> <BEA-090477> <Certificate chain received from localhost.localdomain - 127.0.0.1 was not trusted causing SSL handshake failure.>
<Mar 11, 2015 12:37:54 PM PDT> <Warning> <Security> <BEA-090477> <Certificate chain received from localhost.localdomain - 127.0.0.1 was not trusted causing SSL handshake failure.>
<Mar 11, 2015 12:37:55 PM PDT> <Warning> <Security> <BEA-090477> <Certificate chain received from localhost.localdomain - 127.0.0.1 was not trusted causing SSL handshake failure.>
<Mar 11, 2015 12:37:55 PM PDT> <Warning> <Security> <BEA-090477> <Certificate chain received from localhost.localdomain - 127.0.0.1 was not trusted causing SSL handshake failure.>
<Mar 11, 2015 12:37:55 PM PDT> <Emergency> <Management> <BEA-141151> <The admin server could not be reached at https://localhost.localdomain:8443.>
<Mar 11, 2015 12:37:55 PM PDT> <Info> <Configuration Management> <BEA-150018> <This server is being started in managed server independence mode in the absence of the admin server.>
<Mar 11, 2015 12:37:55 PM PDT> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to STARTING>
<Mar 11, 2015 12:37:55 PM PDT> <Info> <WorkManager> <BEA-002900> <Initializing self-tuning thread pool>
<Mar 11, 2015 12:37:55 PM PDT> <Notice> <LoggingService> <BEA-320400> <The log file /h/data/local/base_domain/servers/MyManagedServer1/logs/MyManagedServer1.log will be rotated. Reopen the log file if tailing has stopped. This can happen on some platforms like Windows.>
<Mar 11, 2015 12:37:55 PM PDT> <Notice> <LoggingService> <BEA-320401> <The log file has been rotated to /h/data/local/base_domain/servers/MyManagedServer1/logs/MyManagedServer1.log00015. Log messages will continue to be logged in /h/data/local/base_domain/servers/MyManagedServer1/logs/MyManagedServer1.log.>
<Mar 11, 2015 12:37:55 PM PDT> <Notice> <Log Management> <BEA-170019> <The server log file /h/data/local/base_domain/servers/MyManagedServer1/logs/MyManagedServer1.log is opened. All server side log events will be written to this file.>
<Mar 11, 2015 12:37:56 PM PDT> <Error> <Security> <BEA-000000> <[Security:090837]The configured keystore location for the PKI Credential Mapper is either null or empty.>
<Mar 11, 2015 12:37:56 PM PDT> <Error> <Security> <BEA-000000> <[Security:090815]The password provided for the keystore configured for the PKICredential Mapper was null.>
<Mar 11, 2015 12:37:57 PM PDT> <Notice> <Security> <BEA-090082> <Security initializing using security realm myrealm.>
<Mar 11, 2015 12:37:57 PM PDT> <Critical> <Security> <BEA-090403> <Authentication for user beaadmin denied>
<Mar 11, 2015 12:37:57 PM PDT> <Critical> <WebLogicServer> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: Authentication for user beaadmin denied
weblogic.security.SecurityInitializationException: Authentication for user beaadmin denied
        at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:966)
        at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1054)
        at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)
        at weblogic.security.SecurityService.start(SecurityService.java:141)
        at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
        Truncated. see log file for complete stacktrace
Caused By: javax.security.auth.login.FailedLoginException: [Security:090303]Authentication Failed: User beaadmin weblogic.security.providers.authentication.LDAPAtnDelegateException: [Security:090295]caught unexpected exception
        at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:251)
        at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
        at java.security.AccessController.doPrivileged(Native Method)
        at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        Truncated. see log file for complete stacktrace
>
<Mar 11, 2015 12:37:57 PM PDT> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FAILED>
<Mar 11, 2015 12:37:57 PM PDT> <Error> <WebLogicServer> <BEA-000383> <A critical service failed. The server will shut itself down>
<Mar 11, 2015 12:37:57 PM PDT> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>
Why is it looking for demotrust.jks file to start the Managed Server. We don't use the demo trust and cannot copy to the location it is referring to. I followed the solution provided at the below link:
http://serverfault.com/questions/106499/custom-trust-and-custom-identity-keystore-in-weblogic-10-3
There are 2 options given in the link. To update the boot.properties of the Admin Server and appending JAVA_OPTIONS to DomainEnv file. Both of these caused the failure of Admin Server. I couldn't bring up the server after these changes.I also came across posts talking about boot.properties for Managed Server. I don't see the security folder that has boot.properties for my Managed Server (verified it on both windows and linux boxes).
Thanks in advance.
-nn.

Hi Faisal,
Here is the config.xml file:
<?xml version="1.0" encoding="UTF-8"?>
<domain xsi:schemaLocation="http://xmlns.oracle.com/weblogic/security/wls http://xmlns.oracle.com/weblogic/security/wls/1.0/wls.xsd http://xmlns.oracle.com/weblogic/domain http://xmlns.oracle.com/weblogic/1.0/domain.xsd http://xmlns.oracle.com/weblogic/security http://xmlns.oracle.com/weblogic/1.0/security.xsd http://xmlns.oracle.com/weblogic/security/xacml http://xmlns.oracle.com/weblogic/security/xacml/1.0/xacml.xsd"
        xmlns="http://xmlns.oracle.com/weblogic/domain" xmlns:sec="http://xmlns.oracle.com/weblogic/security"
        xmlns:wls="http://xmlns.oracle.com/weblogic/security/wls" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <name>JCRMDomain</name>
    <domain-version>10.3.4.0</domain-version>
    <security-configuration xmlns:xacml="http://xmlns.oracle.com/weblogic/security/xacml">
        <name>JCRMDomain</name>
        <realm>
            <sec:authentication-provider xsi:type="wls:default-authenticatorType">
                <sec:control-flag>SUFFICIENT</sec:control-flag>
            </sec:authentication-provider>
            <sec:authentication-provider xmlns:ext="http://xmlns.oracle.com/weblogic/security/extension" xsi:type="ext:jcrm-authenticatorType">
                <sec:name>JcrmAuthenticator</sec:name>
                <sec:control-flag>SUFFICIENT</sec:control-flag>
            </sec:authentication-provider>
            <sec:role-mapper xmlns:xac="http://xmlns.oracle.com/weblogic/security/xacml" xsi:type="xac:xacml-role-mapperType"></sec:role-mapper>
            <sec:authorizer xmlns:xac="http://xmlns.oracle.com/weblogic/security/xacml" xsi:type="xac:xacml-authorizerType"></sec:authorizer>
            <sec:adjudicator xsi:type="wls:default-adjudicatorType"></sec:adjudicator>
            <sec:credential-mapper xsi:type="wls:default-credential-mapperType"></sec:credential-mapper>
            <sec:credential-mapper xsi:type="wls:pki-credential-mapperType">
                <sec:name>PKICredentialMapper</sec:name>
            </sec:credential-mapper>
            <sec:cert-path-provider xsi:type="wls:web-logic-cert-path-providerType"></sec:cert-path-provider>
            <sec:cert-path-builder>WebLogicCertPathProvider</sec:cert-path-builder>
            <sec:user-lockout-manager>
                <sec:lockout-threshold>3</sec:lockout-threshold>
                <sec:lockout-duration>15</sec:lockout-duration>
                <sec:lockout-reset-duration>99999</sec:lockout-reset-duration>
            </sec:user-lockout-manager>
            <sec:deploy-role-ignored>false</sec:deploy-role-ignored>
            <sec:deploy-policy-ignored>false</sec:deploy-policy-ignored>
            <sec:fully-delegate-authorization>true</sec:fully-delegate-authorization>
            <sec:security-dd-model>DDOnly</sec:security-dd-model>
            <sec:combined-role-mapping-enabled>true</sec:combined-role-mapping-enabled>
            <sec:name>myrealm</sec:name>
            <sec:delegate-m-bean-authorization>false</sec:delegate-m-bean-authorization>
            <sec:password-validator xmlns:pas="http://xmlns.oracle.com/weblogic/security/providers/passwordvalidator"
                                    xsi:type="pas:system-password-validatorType">
                <sec:name>JCRMPasswordValidator</sec:name>
                <pas:max-password-length>31</pas:max-password-length>
                <pas:min-password-length>15</pas:min-password-length>
                <pas:min-numeric-characters>2</pas:min-numeric-characters>
                <pas:min-lowercase-characters>2</pas:min-lowercase-characters>
                <pas:min-uppercase-characters>2</pas:min-uppercase-characters>
                <pas:min-non-alphanumeric-characters>2</pas:min-non-alphanumeric-characters>
            </sec:password-validator>
            <sec:deployable-provider-synchronization-enabled>false</sec:deployable-provider-synchronization-enabled>
        </realm>
        <default-realm>myrealm</default-realm>
        <credential-encrypted>{AES}cpwhv2peqwl0Z8Ma1Jk7KlmC6d1gtCAqxnzrmR5ssybHpM9AUzbBRJ7rE7m4/7U16IHgsTMkcOr/5/abZJ4NeuHR45jdDK1EjFmnUuPssISmGkan3EIpCKHmPPIynVxh</credential-encrypted>
        <node-manager-username>wdUXiuwL5A</node-manager-username>
        <node-manager-password-encrypted>{AES}UDiZjaLOrm0y+/I9noQVURudpzmRKMBOQR2B8ofNIt8=</node-manager-password-encrypted>
    </security-configuration>
    <server>
        <name>AdminServer</name>
        <max-http-message-size>10000000</max-http-message-size>
        <ssl>
            <name>AdminServer</name>
            <enabled>true</enabled>
            <hostname-verifier xsi:nil="true"></hostname-verifier>
            <hostname-verification-ignored>true</hostname-verification-ignored>
            <client-certificate-enforced>false</client-certificate-enforced>
            <listen-port>8443</listen-port>
            <two-way-ssl-enabled>true</two-way-ssl-enabled>
            <server-private-key-alias>localhost.localdomain</server-private-key-alias>
            <server-private-key-pass-phrase-encrypted>{AES}eZnL/NM4/xJaFj8rZAE4oB2htDm3srPUsTWYtDXblvk=</server-private-key-pass-phrase-encrypted>
            <ssl-rejection-logging-enabled>true</ssl-rejection-logging-enabled>
            <allow-unencrypted-null-cipher>false</allow-unencrypted-null-cipher>
            <use-server-certs>true</use-server-certs>
            <jsse-enabled>true</jsse-enabled>
        </ssl>
        <listen-port-enabled>false</listen-port-enabled>
        <web-server>
            <keep-alive-secs>60</keep-alive-secs>
            <https-keep-alive-secs>60</https-keep-alive-secs>
        </web-server>
        <listen-address/>
        <java-compiler>javac</java-compiler>
        <tunneling-enabled>true</tunneling-enabled>
        <tunneling-client-ping-secs>45</tunneling-client-ping-secs>
        <tunneling-client-timeout-secs>40</tunneling-client-timeout-secs>
        <client-cert-proxy-enabled>false</client-cert-proxy-enabled>
        <key-stores>CustomIdentityAndCustomTrust</key-stores>
        <custom-identity-key-store-file-name>certstores/keystore</custom-identity-key-store-file-name>
        <custom-identity-key-store-type>JKS</custom-identity-key-store-type>
        <custom-identity-key-store-pass-phrase-encrypted>{AES}eZnL/NM4/xJaFj8rZAE4oB2htDm3srPUsTWYtDXblvk=</custom-identity-key-store-pass-phrase-encrypted>
        <custom-trust-key-store-file-name>certstores/truststore</custom-trust-key-store-file-name>
        <custom-trust-key-store-type>JKS</custom-trust-key-store-type>
        <custom-trust-key-store-pass-phrase-encrypted>{AES}uSkLzfC74bMCEjomgVdHtVw47iZg8BN71g7cdKr+XHo=</custom-trust-key-store-pass-phrase-encrypted>
    <overload-protection>
      <panic-action>system-exit</panic-action>
      <failure-action>force-shutdown</failure-action>
      <server-failure-trigger>
        <max-stuck-thread-time>600</max-stuck-thread-time>
        <stuck-thread-count>3</stuck-thread-count>
      </server-failure-trigger>
    </overload-protection>
    </server>
    <server>
      <name>MyManagedServer1</name>
      <ssl>
        <enabled>true</enabled>
        <listen-port>8445</listen-port>
        <server-private-key-alias>localhost.localdomain</server-private-key-alias>
        <server-private-key-pass-phrase-encrypted>{AES}eZnL/NM4/xJaFj8rZAE4oB2htDm3srPUsTWYtDXblvk=</server-private-key-pass-phrase-encrypted>
      </ssl>
      <machine xsi:nil="true"></machine>
      <listen-port>8444</listen-port>
      <listen-port-enabled>true</listen-port-enabled>
      <cluster xsi:nil="true"></cluster>
      <web-server>
        <web-server-log>
          <number-of-files-limited>false</number-of-files-limited>
        </web-server-log>
      </web-server>
      <listen-address></listen-address>
      <key-stores>CustomIdentityAndCustomTrust</key-stores>
      <custom-identity-key-store-file-name>certstores/keystore</custom-identity-key-store-file-name>
      <custom-identity-key-store-type>JKS</custom-identity-key-store-type>
      <custom-identity-key-store-pass-phrase-encrypted>{AES}eZnL/NM4/xJaFj8rZAE4oB2htDm3srPUsTWYtDXblvk=</custom-identity-key-store-pass-phrase-encrypted>
      <custom-trust-key-store-file-name>certstores/truststore</custom-trust-key-store-file-name>
      <custom-trust-key-store-type>JKS</custom-trust-key-store-type>
      <custom-trust-key-store-pass-phrase-encrypted>{AES}uSkLzfC74bMCEjomgVdHtVw47iZg8BN71g7cdKr+XHo=</custom-trust-key-store-pass-phrase-encrypted>
      <data-source>
        <rmi-jdbc-security xsi:nil="true"></rmi-jdbc-security>
      </data-source>
    </server>
    <production-mode-enabled>false</production-mode-enabled>
    <embedded-ldap>
        <name>JCRMDomain</name>
        <credential-encrypted>{AES}LNAnq4qCQQmy9rCOMN+uIZVPq1bVvPrwQqqtOScZrnYmwESt9aruHNVy4IjqMWz7</credential-encrypted>
    </embedded-ldap>
    <administration-port-enabled>true</administration-port-enabled>
    <configuration-version>10.3.4.0</configuration-version>
    <admin-server-name>AdminServer</admin-server-name>
</domain>
It has 'CustomIdentityAndCustomTrust' for both Admin Server as well as managed Server in it.
Thanks,
nn

Steps to setup and configure Node Manager on local and remote machine

Hello,
I am using WLS 10.3 on Windows.
I have two machines, One cluster and two managed servers (one on each machine) created under a domain. I have used configuration wizard to create the domain.
I have gone through documents on Node Manager and found what to configure. But I have not found when to configure. In other words I want to know what is the sequence of steps if I have to set Node Manager on my local machine (in which domain exists) and on remote machine.
Please let me know the sequence of steps I need to follow to set and configure the Node Manager on local and remote machine. I want to use Java Node Manager (not the Script node manager).
Thanks,
Sanjay

Hello,
Ok, let me tell you what I have done till now.
1) Installed WebLogic 10.3 on machine A (local machine, on which I have created domain and my Admin Server is running. Also Managed Server 1 is created on this machine).
2) Installed WebLogic 10.3 on machine B (remote machine, on which Managed Server 2 will be created).
3) On machine A I used the configuration wizard and create a domain. While creating the domain I did the following:
i) Created two managed servers.
ii) Created a cluster
iii) Assigned Servers to cluster.
iv) Created two machines.
v) Assigned servers to machines (Admin Server and MS_1 to machine A and MS_2 to machine B).
4) Sarted Admin Server.
5) On the Admin Console I made some configurations for the Node Manager on Machines -> Machine A -> Node Manager. Assigned the values:
i) Type (SSL)
ii) Listen Address (IP_Address of machine A)
iii) Listen Port (5556)
6) Similarly did for Machine B.
So till now phsically the managed server (MS_2) directory and configuration is not there on Machine B (its only configured on machine A because I created the domain on Machine A).
Now I want install/configure/setup NM on both the machines. Start my both the managed servers using Admin Console (which will use the node managers).
What are the sequence of steps I need to follow my task?
Any help and suggestions are welcome with warm regards.
Thanks,
Sanjay

WLS 10.3: Node Manager error while starting managed server

Hi,
I get the following error when trying to start a managed server using Node Manager from the Admin console on WLS 10.3
Error:
<27/11/2009 3:21:34 PM> <Info> <NodeManager> <Server output log file is "/opt/osb/osb_env/domains/DevVVDomain/servers/dev_osb_server1/logs/dev_osb_server1.out">
/opt/osb/osb_env/domains/DevVVDomain/bin/startWebLogic.sh: grep: not found
/opt/osb/osb_env/domains/DevVVDomain/bin/startWebLogic.sh: uname: not found
/opt/osb/osb_env/domains/DevVVDomain/bin/startWebLogic.sh/opt/osb/osb_env/domains/DevVVDomain/bin/startWebLogic.sh: : grepuname: : not foundnot found
/opt/osb/osb_env/domains/DevVVDomain/bin/startWebLogic.sh: uname/opt/osb/osb_env/domains/DevVVDomain/bin/startWebLogic.sh: : not foundgrep
: not found
/opt/osb/osb_env/domains/DevVVDomain/bin/startWebLogic.sh: grep: not found
/opt/osb/osb_env/domains/DevVVDomain/bin/startWebLogic.sh: uname: not found
/opt/osb/osb_env/domains/DevVVDomain/bin/startWebLogic.sh: expr: not found
/opt/osb/osb_env/domains/DevVVDomain/bin/startWebLogic.sh: test: argument expected
<27/11/2009 3:21:35 PM> <Debug> <NodeManager> <Waiting for the process to die: null>
<27/11/2009 3:21:35 PM> <Info> <NodeManager> <Server failed during startup so will not be restarted>
<27/11/2009 3:21:35 PM> <Debug> <NodeManager> <runMonitor returned, setting finished=true and notifying waiters>My nodemanager.properties file looks like this:
DomainsFile=/opt/osb/osb1031/wlserver_10.3/common/nodemanager/nodemanager.domains
LogLimit=0
PropertiesVersion=10.3
javaHome=/opt/osb/osb1031/jrockitR27.6.5-32
AuthenticationEnabled=true
NodeManagerHome=/opt/osb/osb1031/wlserver_10.3/common/nodemanager
JavaHome=/opt/osb/osb1031/jrockitR27.6.5-32/jre
LogLevel=INFO
DomainsFileEnabled=true
StartScriptName=startWebLogic.sh
ListenAddress=mcsdev3
NativeVersionEnabled=false
ListenPort=5556
LogToStderr=true
SecureListener=false
LogCount=1
StopScriptEnabled=true
QuitEnabled=false
LogAppend=true
StateCheckInterval=500
CrashRecoveryEnabled=false
StartScriptEnabled=true
LogFile=/opt/osb/osb1031/wlserver_10.3/common/nodemanager/nodemanager.log
LogFormatter=weblogic.nodemanager.server.LogFormatter
ListenBacklog=50
StopScriptName=stopWeblogic.shPlease let me know what additional configuration is required to get the server started properly
Regards
Vikas

Found a workaround:
Manually, add PATH (and probably the other environment variables also) to
${WLS_HOME}/common/bin/commEnv.sh.

How to change system password in weblogic 8.1 ?

Hi,
Will you shed some lights on the steps of changing system password ? In weblogic console, I changed the password in Security->User and also in the remote start tab of admin server. When re-starting admin server, got this error : <Jun 17, 2005 1:36:59 PM PDT> <Critical> <Security> <l0065073> <doris811_admin> <main> <<WLS Kernel>> <> <BEA-090052> <Server installed as Windows NT service with incorrect password for user admin; The password may have been changed since the server was installed as a Windows NT Service. Contact the Windows NT system administrator.>. Any help is appreciated.
Jessie

I ran the installservice with the new password and received following errors when starting the service :
Program Error : beasvc.exe has generated errors and will be closed by Windows....
Microsoft Management Console : Could not start the beasvc doris_doris_admin service on local computer, Error 1067: The process terminated unexpectedly
Should I change password in weblogic console
security->user prior to re-install service with the new password ?
Any help is greatly appreciated.
Jessie

Cannot set node manager password in weblogic console (10.3.3)

Similar Messages

Maybe you are looking for