Configure Sun Directory Server 6.3 with SSL in OIM 9.1.0.2

Similar Messages

• Installation/Config Problem with Sun Directory Server Control Center (6.0)

  Hi All,
  I have recently attempted an installation of Sun Directory Server EE 6.0 on a x86 Solaris 10 machine.
  I have selected to install Core Directory Server and Sun Directory Server Control Center with my installation.
  After installation, if I check the status of the SUNDSCC, I receive the following message:
  bash-3.00# ./dsccsetup status
  DSCC Application is not installed
  DSCC Agent is registered in Cacao
  DSCC Registry has been created
  Path of DSCC registry is /var/opt/SUNWdsee/dscc6/dcc/ads
  Port of DSCC registry is 3998
  I have also tried to re-start the Sun Java Web Console using the /usr/sbin/smcwebserver start command but that does not do anything.
  If i try to initialize the SUNDSCC usin the ./dsccsetup initialize command, the registry got created, but it still displays as "application not installed".
  I do not understand. I have already installed this application using the JES installer.
  please help!
  Regards,
  Saahil Goel

  I had a similar issue. Here is how I fixed it.
  Run dsccsetup status with the -v option. it will show you where it is trying to find the DSCC Application. Then do a find on your system to see where it is actually installed. Then simply copy it over to where dsccsetup is looking for it. Then do dsccsetup initialize. Below is what it looked like on my system when I did it:
  # ./dsccsetup status -v
  ## /usr/sbin/smreg is present
  ## /usr/sbin/smcwebserver is present
  ## /opt/server/sun/dscc6/dccapp is MISSING
  DSCC Application is not installed
  ## /opt/sun/cacao/bin/cacaoadm is present
  ## /opt/server/sun/dscc6/lib/jar/nquickmodule.jar is present
  ## Running /opt/sun/cacao/bin/cacaoadm list-modules -r
  DSCC Agent is registered in Cacao
  ## Running /opt/sun/cacao/bin/cacaoadm status
  ## Running /opt/sun/cacao/bin/cacaoadm list-modules
  ## Running /opt/sun/cacao/bin/cacaoadm get-param network-bind-address
  ## Running /opt/sun/cacao/bin/cacaoadm get-param jmxmp-connector-port
  ## /opt/server/sun/ds6/bin/dsadm is present
  DSCC Registry has been created
  Path of DSCC registry is /var/opt/sun/dscc6/dcc/ads
  Port of DSCC registry is 3998
  # find / -name dccapp
  /opt/server/dscc6/dccapp
  # cp -R /opt/server/dscc6 /opt/server/sun
  # ./dsccsetup dismantle
  DSCC Application is not registered in Sun Java(TM) Web Console
  Unregistering DSCC Agent from Cacao...
  Deleting DSCC Registry...
  All server registrations will be definitively erased.
  Existing server instances will not be modified.
  Do you really want to delete the DSCC Registry ? [y/n]y
  Server stopped
  DSCC Registry has been deleted successfully
  # ./dsccsetup initialize
  Registering DSCC Application in Sun Java(TM) Web Console
  This operation is going to stop Sun Java(TM) Web Console.
  Do you want to continue ? [y,n] y
  Stopping Sun Java(TM) Web Console...
  Registration is on-going. Please wait...
  DSCC is registered in Sun Java(TM) Web Console
  Restarting Sun Java(TM) Web Console
  Please wait : this may take several seconds...
  Sun Java(TM) Web Console restarted successfully
  Registering DSCC Agent in Cacao...
  Checking Cacao status...
  Deploying DSCC agent in Cacao...
  DSCC agent has been successfully registered in Cacao.
  Choose password for Directory Service Manager:
  Confirm password for Directory Service Manager:
  Creating DSCC registry...
  DSCC Registry has been created successfully
  Hope this helps.

• User provisioning with Sun Directory Server

  I'm migrating from the internal user data store to external with Sun Directory Server as the LDAP backend and I'm unable to provision new users. I use unidssearch to list the unprovisioned accounts and it lists the user I'd like to provision. I then execute 'uniuser -user -add "DID=uid=testy,ou=People,dc=domain,dc=com" -n 10' which returns an Insufficient access right error. When I look at das.log I see the following entry...
  DATE = Thu May 10 10:25:09 2007
  PID = 440; TID = 1095888896
  LOG TYPE -> DEBUG
  FUNCTION NAME -> ctldap_CalUserUpdateByDirectoryId
  dn: uid=testy,ou=People,dc=domain,dc=com
  changetype: add
  ctCalXItemId: 00010:00500
  o: Domain Corporation
  objectClass: ctCalUser
  This entry tells me that uniuser is try to do an LDAP_ADD on an existing object in the directory when it should do a LDAP_MODIFY.
  Does anyone know why this is?

  the unidsacisetup(8) command can be used to add the ACI for Sun Directory server. The ACI it sets is a little to loose for my liking so I modified it slightly.
  Original:
  (target="ldap:///dc=domain,dc=com") (targetattr = "*") (version 3.0; acl "Calendar Administrators Group"; allow(all) groupdn = "ldap:///cn=OracleCalendarAdminGroup,ou=OracleCalendar,dc=domain,dc=com";)
  Modified:
  (target="ldap:///dc=domain,dc=com") (targetattr = "*") (version 3.0; acl "Calendar Administrators Group"; allow(read,write,compare) groupdn = "ldap:///cn=OracleCalendarAdminGroup,ou=OracleCalendar,dc=domain,dc=com";)

• Problem with Sun Directory Server 6.0 Console

  Hi,
  I posted same onto wrong forum earlier hope I am in correct place :).
  I have installed Sun Directory server on my Sparc box and now I am unable to start the management console. I followed some instruction on net and it say we have to refister the product using folowing command from dscc6/bin folder for installation
  System SnapShot_
  # ./dsccsetup initialize
  DSCC Application is already registered
  DSCC Agent is already registered
  Choose password for Directory Service Manager:
  Confirm password for Directory Service Manager:
  Creating DSCC registry...
  DSCC Registry has been created successfully
  *and it suppose to be started on https://Ip_address:6789 but its not. Can any one please tell me how to start the admn console to manage my directory server effectively.
  Note: I have already started the instance I have created during the installation using slapd-start script and its running successfully.
  Thanks,
  Sheeraz

  NOOOOO :( ..... Now i can see the login page.,.. Thanks mate.... Now when I am trying to log in using the UserName and Password I have supplied during the installation process (Sun Directory Server) it says Authentication failed.????
  This looks like a general webconsole... do I need to provide an specific URL for diretory server page ?????

• Sun Directory Server and OID Synchronization

  I'm having a problem with synchronizing OID with our existing Sun Directory Server. This is a one way synchronization, using Sun DS as the source, and OID as the destination. I've successfully installed OID with SSL enabled (this is part of an Oracle Portal installation), and followed what docs I could find. I created an integration profile based off the iPlanet Import profile, and imported a custom mapping profile based off a differing DIT naming convention (o=company.com vs dc=company,dc=com). I have applied an ACI that should allow the synchronization profile user to update entries on the OID side, and a user in Sun DS that has access to the appropriate areas on that side. I was able to successfully bootstrap and import all of our users, and it was also able modify the last changelog number.
  Having said all of that, incremental changes aren't propagating to OID. I'm not sure where to look or what steps to take to troubleshoot this, as I'm brand new to OID. There's an agent execution command that is blank in the integration profile, but according to what I've found that's the default and is acceptable.
  Am I missing a step here? According to the docs, all I need to do is enable the profile, and away it goes.
  One last thing I had to do to overcome an issue with the changelog number not updating was adding our internal root ca's certificate to the local JVM's cacerts file. I accomplished this with the keytool command, and it seemed to work fine. I'm unsure if it's the SSL config that is hosed and is causing this, or if it's a configuration parameter I'm missing.. but I don't have anywhere to start as far as troubleshooting is concerned.

  On your integration profile, did you set the debug level to 63? You should have a _____.aud and a _____.trc file in your $ORACLE_HOME/ldap/odi/log directory that will provide more info. Did you start your DIP server (odisrv) with the oidctl command?
  You might also look at downloading the "diptester" utility for troubleshooting OID synchronization issues.
  - Brian

• Error while migrating to Sun Directory Server 6.0

  Hi All,
  I am trying to migrate the Sun One Directory Server 5.2 to Sun Directory Server 6.0. I am getting the following error
  bash-3.2# ./dsmig migrate-config /var/Sun/mps/slapd-circb2bld3/ /var/SunDirectoryServer6.0/dsInst/
  Launching Configuration Migration of server instance /var/Sun/mps/slapd-circb2bld3 .....
  Enter the certificate database password:
  Starting server instance /var/SunDirectoryServer6.0/dsInst ..... Instance /var/SunDirectoryServer6.0/dsInst is already running (ns-slapd pid is 3868)
  Enter "cn=Directory Manager" password:
  Connecting to server localhost:389 .....
  Could not bind securely on "localhost:389".
  Remote host closed connection during handshake
  Details: SSL peer shut down incorrectly
  Could not create context for configuration migration.
  Operation "migrate-config" failed.
  Please help me.

  Please stop
  The migration guide has step by step instructions, including command line examples, are you using that as your reference?
  Your upgrade should be to (at a minimum) DSEE 6.3.1.1.1. Upgrading to 6.0 is upgrading to a release level that has no patches or fixes to the product. There are significant fixes to the migration command line tools. There is a good chance you will run into issues.
  You should install and review migration to ODSEE 11.1.1.7.0 (which would effectively be the 7.2 release of the DS).
  There is a specific guide for migration and upgrade, which includes migration from DS 5.2 to 11.x
  The full documentation collection for 11.1.1.7.0 is here
  http://docs.oracle.com/cd/E29127_01/index.htm
  The specific migration guide is here
  http://docs.oracle.com/cd/E29127_01/doc.111170/e28971/toc.htm
  See: Part II Migrating from ODSEE 5.2 to ODSEE 11g Release 1 (11.1.1.7.0)
  ODSEE 11.1.1.7.0 can be downloaded from here.
  http://www.oracle.com/technetwork/middleware/downloads/oid-11g-161194.html

• Error while starting Sun Directory Server 6.0

  Hello,
  I recently migrated from Sun Directory Server 5.2 to Sun Directory Server 6.0. I am trying to start the server. I get the following error
  bash-3.2# ./start-slapd
  Enter PIN for Internal (Software) Token:
  Enter PIN for Internal (Software) Token:
  [29/Mar/2013:11:39:47 -0400] - ERROR<4780> - SSL - conn=-1 op=-1 msgId=-1 - Security Initialization: Unable to authenticate to slot for cipher family cn=RSA,cn=encryption,cn=config ( error -8177 - The security password entered is incorrect. )
  Server not running!! Failed to start ns-slapd process.
  Please help me here. I dont know the PIN for Internal (Software) Token. Please help.

  Hi,
  it seems you're trying to start an instance which is configured for SSL, so at startup time, it's asking the default keystore password to access the internal security certificate/device.
  You should know that password.
  Thanks,
  Marco

• Sun Directory Server as Primary Domain Controller.

  Hello,
  I've recently installed Sun Directory Server, Access Manager, and DSEE Identity Manager, on CentOS 5.2, with success, but my question is:
  Can I use this directory as a primary domain controller for my network, I want to know if it is possible to integrate this directory in the same way that Active Directory works, I mean connecting Windows computers to the DC with some kind of connector (because windows won't connect to another directory than AD natively). I know that there are some MSGina replacements, like pgina, but I'm looking for some serious solution, especially for computers running Windows Vista.
  Thanks in advance.

  Hi,
  thanks for your answer, but.. there is a way to configure the DSEE to be like a native 2000/2003 Active Directory?, I mean, connecting directly to the DSEE without using Samba, I know that is possible to use that solution, but you lose some functionality.
  I've been trying to do some research about the topic, like modifying the bind DNS to act like a AD DNS, and it works at a certain grade, windows xp detects the SVR records but when it tries to connect to the directory it fails giving me an error telling that the DC isn't available. It will be great to make such environment, Windows XP / Vista connected to DSEE without third party software.
  Any comment would be greatly appreciated.
  Thanks.

• Sun Directory Server Installation

  Hi all,
  I am a student in a Computer Science degree and as my project i am designing a web application that allows users to exchange ideas through a "messaging" system.
  After discussion with my tutors we have come up with a design idea that we would use an LDAP server to authenticate users as well as keep message details such as Topic, message header, etc. The actual body of the msg should be kept in a separate database.
  To the point....
  It has been suggested that i use the Sun Java System Directory Server 5.2 for this project and i was also given a compressed installation package. I have tried to install this and received error msgs similar to the ones i have found others have had in this forum.
  For example topics:
  1. Forums - Directory Server configuration issues in Windows
  2. Forums - Install failed on Windows XP
  I am using windows XP and from what i have read although it is not supported some people have managed to get this to work. Also i read that maybe Studio enterprise might solve this issue or provide some support?
  Is this true and if so can someone give me some guidance on how to achieve this?
  Also i would appreciate your opinion on wether this design approach( LDAP for authentication and database for store) is feasible or technicaly "correct" and maybe suggestions to a different approach....

  I think that its never a bad idea to get acquainted with something like the Sun Directory Server although I'm not sure that means that one HAS to use it in a project.
  The DS can be a pain to get up but for the most part if you get the latest DS5.2 Q4 or something...most installations go smoothly. If it was me I would just chuck every thing about the convo into the directory but I'm sure that there's a reason that you want to use the DS in conjuction with other storage DBs.
  I don't think you need to get Studio enterprise. I was able to get it up and running all by itself on windows. After I installed it I jsut made sure to remember the two random ports it picks up for Admin and DS ldap usage. Also I changed the password expiry time of the account that is used by the Admin console.
  GLuck with this.
  Cheers,
  - Pulkit

• Linux: /etc/pam.d/system-auth config w/ Sun Directory Server 6.2

  I have a RHEL 4.3 WS system authenticating againd a Sun Directory Server 6.2 ldap server. I've configured my linux as an ldap client according to Redhat and Sun docs:
  http://kbase.redhat.com/faq/FAQ_79_6031.shtm
  http://www.sun.com/bigadmin/features/articles/nis_ldap_part3.jsp#P3
  My problem is with the /etc/pam.d/system-auth file. I've configured it according to the above sun doc but receive an error in /var/logs/ messages with this one line:
  account    [default=bad   success=ok user_unknown=ignore err=ignore
  authinfo_unavail=ignore] /lib/security/$ISA/pam_ldap.soThe error returned is:
  Mar  5 22:54:29 hostname sshd: PAM pam_parse: expecting return value;
  [...err=ignore authinfo_unavail=ignore]Login works fine if I comment that line, but I'd like to correct the error in that statement. Any help would be appreciated.
  Here is my entire /etc/pam.d/system-auth file:
  #%PAM-1.0
  # This file is auto-generated.
  # User changes will be destroyed the next time authconfig is run.
  auth        required      /lib/security/$ISA/pam_env.so
  auth        sufficient    /lib/security/$ISA/pam_unix.so likeauth
  nullok
  auth        sufficient    /lib/security/$ISA/pam_ldap.so
  use_first_pass
  auth        required      /lib/security/$ISA/pam_deny.so
  account     required      /lib/security/$ISA/pam_unix.so
  account     sufficient    /lib/security/$ISA/pam_succeed_if.so uid <
  100 quiet
  account    [default=bad   success=ok user_unknown=ignore err=ignore
  authinfo_unavail=ignore] /lib/security/$ISA/pam_ldap.so
  account    [default=bad   success=ok user_unknown=ignore err=ignore
  authinfo_unavail=ignore] /lib/security/$ISA/pam_ldap.so
  account     required      /lib/security/$ISA/pam_permit.so
  password    requisite     /lib/security/$ISA/pam_cracklib.so retry=3
  password    sufficient    /lib/security/$ISA/pam_unix.so nullok
  use_authtok md5 shadow nis remember=12
  password    sufficient    /lib/security/$ISA/pam_ldap.so use_authtok
  password    sufficient    /lib/security/$ISA/pam_unix.so nullok
  use_authtok md5 shadow
  password    required      /lib/security/$ISA/pam_deny.so
  session     required      /lib/security/$ISA/pam_limits.so
  session     required      /lib/security/$ISA/pam_unix.soThanks.
  keywords:
  linux ldap sun directory server pam.d system-auth

  You do realize there is a decdicated Directory Server forum?
  It can be readily found on the Enterprise System forum page.
  http://forum.java.sun.com/index.jspa?tab=es

• Provisioning Sun directory Server to a User in OIM

  I am learning a OIM tool since 2 months, I could not able to do provisioning sun directory server to a user in OIM, the error is I am not getting the value for Organization DN. I am using ODSEE 11.1.1.5.0 and OIM 11.1.1.5.0. I have followed below steps
  1. Copy Connector and External Code Files.
  2. Configure Oracle Identity Manager Server.
  3. Import an Oracle Identity Manager Connector.
  4. Define an IT Resource.
  5. Create a User.
  6. Assign the Connector to a User.
  Please anyone suggest me solution for this problem.

  Hi,
  You need to run organization lookup reconciliation first then select value in the process form.
  If you are getting particular error, paste error messages from console?
  Regards,
  Raghav.

• How to configure sun application server 8.2 for Oracle RAC 10g

  Hello,
  We have numerous boxes running the sun platform application server 8.2 and 2 boxes running enterprise version 8.2 all connecting to a 4 node Oracle RAC 10 G release 2 database. We have the system up and working. The application servers are connecting just fine to the database and the apps don't have any problems querying, inserting, etc. However, when we try to do failover testing of situations when a node or nodes of the Oracle RAC database goes down the application server does not gain new valid connections. Our configuration is this, OracleDataSource for the data source, table validation turned on with a valid table, ONS configuration set in properties, connectionCache enabled, and fastconnectionfailover enabled as well in the properties. We have that long oracle rac url with load balancing turned on set fot the database URL. We have the checkbox checked to fail all connections on any failure. ONS is configured properly within the database because we have a java application that runs outside of the application server that uses all the same settings described above (only set manually in our code for the OracleDataSource). This application works seemlessly when DB nodes are shutdown. We can shutdown all but one node and it's still humming along without skipping a beat. Start up one of the others, kill the last node, it still hums along nicely without skipping a beat. We'd really like to get the applications running in the application server to work the same way. Any help would be greatly appreciated. We've tried all the combinations that we can think of with configuration settings in the application server and it never works. Am tempted to rip out the database connection pool from inside the application server and configure it manually in the code but we are using entity beans and this is the much easier approach, if it will work. It's down to the point of does sun application server actually work with oracle RAC for connection failovers.

  Hi,
  We are also facing similar execption. Here is the error, we are getting, when a node is failed on RAC.
  [#|2007-11-11T12:43:53.685+0000|WARNING|sun-appserver-ee8.1_02|javax.enterprise.system.core.transaction|_ThreadID=38;|JTS5041: The resource manager is doing work outside a global transaction
  oracle.jdbc.xa.OracleXAException
  at oracle.jdbc.xa.OracleXAResource.checkError(OracleXAResource.java:1270)
  at oracle.jdbc.xa.client.OracleXAResource.start(OracleXAResource.java:318)
  at com.sun.gjc.spi.XAResourceImpl.start(XAResourceImpl.java:184)
  at com.sun.jts.jta.TransactionState.startAssociation(TransactionState.java:258)
  at com.sun.jts.jta.TransactionImpl.enlistResource(TransactionImpl.java:181)
  at com.sun.enterprise.distributedtx.J2EETransaction.enlistResource(J2EETransaction.java:397)
  at com.sun.enterprise.distributedtx.J2EETransactionManagerImpl.enlistResource(J2EETransactionManagerImpl.java:312)
  at com.sun.enterprise.distributedtx.J2EETransactionManagerOpt.enlistResource(J2EETransactionManagerOpt.java:114)
  at com.sun.enterprise.resource.ResourceManagerImpl.registerResource(ResourceManagerImpl.java:113)
  at com.sun.enterprise.resource.ResourceManagerImpl.enlistResource(ResourceManagerImpl.java:71)
  at com.sun.enterprise.resource.PoolManagerImpl.getResource(PoolManagerImpl.java:176)
  at com.sun.enterprise.connectors.ConnectionManagerImpl.internalGetConnection(ConnectionManagerImpl.java:268)
  at com.sun.enterprise.connectors.ConnectionManagerImpl.allocateConnection(ConnectionManagerImpl.java:193)
  at com.sun.enterprise.connectors.ConnectionManagerImpl.allocateConnection(ConnectionManagerImpl.java:122)
  at com.sun.gjc.spi.DataSource.getConnection(DataSource.java:70)
  at com.syntegra.nasp.etp.dax.DBManager.getConnection(DBManager.java:192)
  at com.syntegra.nasp.etp.dax.DBManager.createDBCommand(DBManager.java:241)
  at com.syntegra.nasp.etp.dax.DBManager.createDBCommand(DBManager.java:251)
  at com.syntegra.nasp.etp.dax.sp.SPS_PRESCRIPTION_GUID_PROC.getCommand(SPS_PRESCRIPTION_GUID_PROC.java:31)
  at com.syntegra.nasp.etp.dax.sp.SPS_PRESCRIPTION_GUID_PROC.execute(SPS_PRESCRIPTION_GUID_PROC.java:23)
  at com.syntegra.nasp.etp.dax.PrescriptionBaseDataMapper.loadPresciptionByGUID(PrescriptionBaseDataMapper.java:203)
  at com.syntegra.nasp.etp.model.PrescriptionBase.findByPrescriptionGUID(PrescriptionBase.java:176)
  at com.syntegra.nasp.etp.messages.PatientPrescriptionReleaseRequest.execute(PatientPrescriptionReleaseRequest.java:120)
  at com.syntegra.nasp.etp.service.ETPSLBean.processMessage(ETPSLBean.java:159)
  at sun.reflect.GeneratedMethodAccessor97.invoke(Unknown Source)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:324)
  at com.sun.enterprise.security.SecurityUtil.invoke(SecurityUtil.java:147)
  at com.sun.ejb.containers.EJBLocalObjectInvocationHandler.invoke(EJBLocalObjectInvocationHandler.java:128)
  at $Proxy6.processMessage(Unknown Source)
  at com.syntegra.nasp.etp.listener.RequestListener.onRequest(RequestListener.java:204)
  at com.syntegra.spine.csf.consumer.mdb.CSFListenerRegisteringConsumer.onRequest(CSFListenerRegisteringConsumer.java:54)
  at com.syntegra.spine.csf.consumer.mdb.CSFConsumerBase.invokeListener(CSFConsumerBase.java:267)
  at com.syntegra.spine.csf.consumer.mdb.CSFConsumerBase.processMessage(CSFConsumerBase.java:180)
  at com.syntegra.spine.csf.consumer.mdb.CSFConsumerBase.onMessage(CSFConsumerBase.java:102)
  at sun.reflect.GeneratedMethodAccessor96.invoke(Unknown Source)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:324)
  at com.sun.enterprise.security.SecurityUtil$2.run(SecurityUtil.java:153)
  at java.security.AccessController.doPrivileged(Native Method)
  at com.sun.enterprise.security.application.EJBSecurityManager.doAsPrivileged(EJBSecurityManager.java:955)
  at com.sun.enterprise.security.SecurityUtil.invoke(SecurityUtil.java:158)
  at com.sun.ejb.containers.MessageBeanContainer.deliverMessage(MessageBeanContainer.java:956)
  at com.sun.ejb.containers.MessageBeanListenerImpl.deliverMessage(MessageBeanListenerImpl.java:42)
  at com.sun.enterprise.connectors.inflow.MessageEndpointInvocationHandler.invoke(MessageEndpointInvocationHandler.java:130)
  at $Proxy9.onMessage(Unknown Source)
  at com.sun.genericra.inbound.DeliveryHelper.deliverMessage(DeliveryHelper.java:183)
  at com.sun.genericra.inbound.DeliveryHelper.deliver(DeliveryHelper.
  Regards
  Selvan.

• Log file size in Sun Directory Server

  Does anyone have an idea about the how the Sun Directory Server's log file size will increase in size with respective to the actions performed?
  Can someone give a data regarding this? If someone has a better scenario and the supportive data w.r.t log file size it will be helpful.
  Thanks,

  AFAIK No its based on time "At a certain time, or after a specified interval, the server rotates your access logs. "
  More info in Archiving Log Files in [http://docs.sun.com/app/docs/doc/820-7985/gczxv?l=en&a=vie]
  It should be easy to write such a script to be run as a daemon in logs directory. Here is the pseudo code :
  while [1]
  do
  get size of the access/error log file
  If size of file > max_size
  <ws-install-dir>/https-<instance>/bin/rotate
  sleep for sometime
  done

• Sun Identity Server 6.1 with Weblogic 8.1 sp2

  Hi,
  I've installed the IS 6.1 with WLS 8.1 sp2 and the agent 2.1.1 and followed the agent configuration guide to configure the xml files (web.xml and weblogic.xml) and agent authenticator.
  When I login to the restricted resource, the browser is redirected to the IS server login page. After login, the browser is redirected back to the resource with 403 forbidden.
  Is there any step missing? Should I additional add some policy in the IS console? .....
  Clive

  I have just installed Sun Identity Server 6.2 with WebLogic 8.1 SP3 and am experiencing the same results. Have you resolved this issue in your environment? We are evaluating Portal Server running on a BEA WLS Container and thus do not have Sun Support on the Identity Server Component of this configuration.

• Sun Directory Server crashed

  Hi ,
  i dont know where to post this question because i really dont understand myself the error
  i downloaded Sun Directory Server 5.2 and installed in both my Solaris
  one of them is Solaris 8 ( Production Server)
  the other one is Solaris 10 ( Another Prod Server )
  i did master-master ldap replication but it works okay for quite sometimes ( few days )
  only today i found today that one of the directory server is crashing and what i found in the log is
  Dec/2006:17:17:10] config (10607):
  [19/Dec/2006:17:17:10] config (10607): 0xfe000000       /usr/lib/libpthread.so.1
  [19/Dec/2006:17:17:10] config (10607):
  [19/Dec/2006:17:17:10] config (10607): 0xfdfd0000       /usr/lib/libCrun.so.1
  [19/Dec/2006:17:17:10] config (10607):
  [19/Dec/2006:17:17:10] config (10607): 0xfdfb0000       /usr/lib/libmp.so.2
  [19/Dec/2006:17:17:10] config (10607):
  [19/Dec/2006:17:17:10] config (10607): 0xfdf90000       /usr/lib/libaio.so.1
  [19/Dec/2006:17:17:10] config (10607):
  [19/Dec/2006:17:17:10] config (10607): 0xfdf40000       /usr/lib/libresolv.so.2
  [19/Dec/2006:17:17:10] config (10607):
  [19/Dec/2006:17:17:10] config (10607): 0xfede0000       /usr/platform/SUNW,Sun-Fire-480R/lib/libc_psr.so.1
  [19/Dec/2006:17:17:10] config (10607):
  [19/Dec/2006:17:17:10] config (10607): 0xfded0000       /usr/lib/nss_files.so.1
  [19/Dec/2006:17:17:10] config (10607):
  [19/Dec/2006:17:17:10] config (10607): 0xfdea0000       /var/Sun/mps/bin/https/lib/libAdmservPlugin.so
  [19/Dec/2006:17:17:10] config (10607):
  [19/Dec/2006:17:17:10] config (10607): 0xfde70000       /var/Sun/mps/lib/libadmsslutil52.so
  [19/Dec/2006:17:17:10] config (10607):
  [19/Dec/2006:17:17:10] config (10607): 0xfde40000       /v[19/Dec/2006:17:17:10] config (10607): # An error report file has been saved as hs_err_pid10607.log.
  [19/Dec/2006:17:17:10] config (10607):
  [19/Dec/2006:17:17:10] config (10607): # Please refer to the file for further information.
  [19/Dec/2006:17:17:10] config (10607):
  [19/Dec/2006:17:17:10] config (10607): #
  [19/Dec/2006:17:17:10] config (10607):
  [19/Dec/2006:17:17:14] info (10610): Installing a new configuration
  [19/Dec/2006:17:17:14] info (10610): [LS ls1] http://ils1app3.tpcils.com, port 390 ready to accept requests
  [19/Dec/2006:17:17:14] info (10610): A new configuration was successfully installed
  [19/Dec/2006:17:17:14] info (10610): Using the Java HotSpot(TM) Server VM v1.4.1_01 from Sun Microsystems Inc.
  [19/Dec/2006:17:17:14] info (10610): Java VM classpath: /var/Sun/mps/bin/https/jar/NSServletLayer.jar:/var/Sun/mps/bin/https/jar/NSJavaUtil.jar:/var/Sun/mps/bin/https/jar/NSJavaMiscUtil.jar:/var/Sun/mps/bin/https/jar/servlet.jar:/var/Sun/mps/bin/https/jar/servlet-2.3-filters-api.jar:/var/Sun/mps/bin/https/jar/jspengine.jar:/var/Sun/mps/java/ldapjdk.jar:/var/Sun/mps/java/jss311.jar:
  [19/Dec/2006:17:17:14] info (10610): Loading IWSSessionManager by default.
  [19/Dec/2006:17:17:14] info (10610): IWSSessionManager: Maximum number of sessions is 1000
  [19/Dec/2006:17:17:14] catastrophe (10610): Server crash detected (signal SIGSEGV)
  [19/Dec/2006:17:17:14] info (10610): Crash occurred in function PR_Write from module /var/Sun/mps/lib/libnspr4.so
  [19/Dec/2006:17:17:14] config (10610):
  [19/Dec/2006:17:17:14] config (10610): An unexpected exception has been detected in native code outside the VM.
  [19/Dec/2006:17:17:14] config (10610):
  [19/Dec/2006:17:17:14] config (10610): Unexpected Signal : 11 occurred at PC=0xFEEBB384
  [19/Dec/2006:17:17:14] config (10610):
  [19/Dec/2006:17:17:14] config (10610): Function=
  [19/Dec/2006:17:17:14] config (10610): PR_Write+0x0
  [19/Dec/2006:17:17:14] config (10610):
  [19/Dec/2006:17:17:14] config (10610): Library=/var/Sun/mps/lib/libnspr4.so
  [19/Dec/2006:17:17:14] config (10610):
  [19/Dec/2006:17:17:14] config (10610):
  [19/Dec/2006:17:17:14] config (10610): Cannot obtain thread information
  [19/Dec/2006:17:17:14] config (10610):This is happening is the Solaris 8
  while in the Solaris 10 ( new box ) i cant see there is an error being logged.
  Any help/idea would be highly appreciated.
  Thanks

  Could it be because of too many load calls to LDAP server?
  or different java version ??