Error Login Access Manager

Similar Messages

• Can not login access manager

  mail server version is JES messaging Server 6 2005Q4 :
  My Access Manager:http://hostname:8080/amserver
  last week, i login access manager, under the web label or configuration label�F
  in "ldap" item�Ci add new dc=xx,dc=xx,dc=xx�C
  then save configuration.
  but after that i can not login access manager.
  when i user admin login,it print:"
  Authentication failed".
  what should i do to restore access manage?
  thanks!

  javatoall wrote:
  Hi,
  I login Access Manager, access sample "realm" -> Authentication->
  Advance Properties -> User profiles and then I choiced "Dynamic with user Alias".
  Then I only configure JDBC authentication with mysql database that I don't used ldapservice.
  When I created a one new user in MySQL, I can login into web application that i security as "sample.war" successfull but new user don't right access resource that i protected before.
  When i login access manager with amdmin user, I can not find user that i has been created it in MySQL database. t
  When the users are created through the dynamic profile, the default cn/sn are set to "default" , after creation you need to login to amconsole as amadmin and change/add proper values for these attributes.
  Alternatively you can set the protected resource's policy subject to Authenticated users. This will work but not sure will meet your requirement
  >
  When i login access manager console with new user, it login successful, and view Profile of new user that I has been created.
  Can you tell me How to manage new user that I has been new in MySQL by Access manager console ?
  I want to configure access proteced resourse for that user. How to configure that ?
  read above use the authenticated users subject
  Thank for every help.
  VinhND.

• Getting error in Access Manager

  Hi All,
  We have 2 Access Manager Box in prod. We have intalled Access manager component on both box and its working fine. At the time of installation I forgot to configure the Basic over LDAP authentication, so I have reconfigure the Basic Over LDAP authentication. Its configured successfully. After some days we are getting error when trying to access the Access server or identity Server URL.
  Getting error in browser:
  Oracle Access Manager Operation Error
  The WebGate plug-in is unable to contact any Access Servers.
  Contact your website administrator to remedy this problem.
  Getting this error when I start the opmnctl:
  2009/11/16@11:08:20.035828 23919 16384 ACCESS_GATE FATAL 0x00001520 /usr/abuild/Oblix/coreid/palantir/webgate2/src/apacheentry_web_gate.cpp:416 "Exception thrown during WebGate initializationError^The AccessGate is unable to contact any Access Servers
  Getting error in OHS log file:
  [Mon Nov 16 17:15:50 2009] [error] [client 127.0.0.1] [ecid: 1258371950:10.200.37.77:24296:0:23,0] The WebGate plug-in is unable to contact any Access Servers.
  [Mon Nov 16 17:16:10 2009] [error] [client 127.0.0.1] [ecid: 1258371970:10.200.37.77:23932:0:21,0] The WebGate plug-in is unable to contact any Access Servers.
  [Mon Nov 16 17:16:30 2009] [error] [client 127.0.0.1] [ecid: 1258371990:10.200.37.77:23921:0:22,0] The WebGate plug-in is unable to contact any Access Servers
  Getting error in WebGate Log file:
  2009/11/16@11:08:20.035828 23919 16384 ACCESS_GATE FATAL 0x00001520 /usr/abuild/Oblix/coreid/palantir/webgate2/src/apacheentry_web_gate.cpp:416 "Exception thrown during WebGate initializationError
  2009/11/16@11:08:20.035828 23919 16384 ACCESS_GATE FATAL 0x00001520 /usr/abuild/Oblix/coreid/palantir/webgate2/src/apacheentry_web_gate.cpp:416"The AccessGate is unable to contact any Access Servers."
  This error we got first in node1, after some days we got the same error in node2.
  Please help me on this, its very urgent.

  Hi Colin,
  No network, DB is up and able to connect. Till friday I am able to start the OID. Now gettinf this error. Also when I try to start the dcm-daemon component getting error
  dcm-daemon~dcm-daemon~dcm~1:
  09/11/23 18:36:46 Start process
  ADMN-202046
  The OracleAS Repository API threw an exception when obtaining the connect string to the Metadata Repository
  Resolution:
  Check the exception thrown by the Repository API for resolution information.
  Some common causes of this problem are as follows:
  OID is not running or unavailable
  the ias.properties file is misconfigured with incorrect OID connection information
  OID permissions are incorrectly defined
  Base Exception:
  oracle.ias.repository.schema.SchemaException
  Unable to establish connection to the Oracle Internet Directory Server ldap://pidmim1a-ar.idm.co.in:389/. Base Exception : javax.naming.CommunicationException: pidmim1a-ar.idm.co.in:389 [Root exception is java.net.ConnectException: Connection refused]
  Not sure what went wrong. Is there any way to solve this issue or we need to install OAM from sratch.
  Edited by: user10632964 on Nov 23, 2009 10:03 PM

• Configure Oracle Access Manager - from weblogic OIF instance page bombs out

  I am trying to integrate OIF with Oracle Access Manager as SP integration module. But, when clicked on "Configure Oracle Access Manager" it throws the following error:
  Oracle Access Manager cannot be configured properly. Make sure the Oracle Access Manager SDK Server has been configured properly and the required environment variables have been set. Details can be found on Online Help and Administrative Guide.
  I have updated the environment variables and classpath, also confirmed the Access Server SDK to work properly by testing java JAccessGate.
  any help is greatly appreciated.
  The diagnostic logs show these errors:
  ========================
  Login of admin identity cn=usca_iam_admin failed. Please check to make sure the admin user ID is valid.
  at com.oblix.accessmgr.ObAccessManager.sendRequest(ObAccessManager.java:163)
  at com.oblix.accessmgr.ObAccessManager.setAdmin(ObAccessManager.java:195)
  at oracle.security.fed.admin.config.mbeans.OAMConfigUtils.configureOAM(Unknown Source)
  at oracle.security.fed.admin.config.mbeans.AdminUtilMXBeanImpl.configureOAM(Unknown Source)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:597)
  at oracle.as.jmx.framework.standardmbeans.spi.OracleStandardEmitterMBean.doInvoke(OracleStandardEmitterMBean.java:889)
  at oracle.as.jmx.framework.generic.spi.interceptors.ContextClassLoaderMBeanInterceptor.internalInvoke(ContextClassLoaderMBeanInterceptor.java:94)
  at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:245)
  at oracle.as.jmx.framework.generic.spi.interceptors.MBeanRestartInterceptor.internalInvoke(MBeanRestartInterceptor.java:116)
  at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:245)
  at oracle.as.jmx.framework.generic.spi.security.AbstractMBeanSecurityInterceptor.internalInvoke(AbstractMBeanSecurityInterceptor.java:174)
  at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doInvoke(AbstractMBeanInterceptor.java:245)
  at oracle.as.jmx.framework.standardmbeans.spi.OracleStandardEmitterMBean.invoke(OracleStandardEmitterMBean.java:803)
  at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:836)
  at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:761)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$16.run(WLSMBeanServerInterceptorBase.java:449)
  at java.security.AccessController.doPrivileged(Native Method)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:447)
  at weblogic.management.mbeanservers.internal.JMXContextInterceptor.invoke(JMXContextInterceptor.java:268)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$16.run(WLSMBeanServerInterceptorBase.java:449)
  at java.security.AccessController.doPrivileged(Native Method)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:447)
  at weblogic.management.mbeanservers.internal.SecurityInterceptor.invoke(SecurityInterceptor.java:444)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServer.invoke(WLSMBeanServer.java:323)
  at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$11$1.run(JMXConnectorSubjectForwarder.java:663)
  at java.security.AccessController.doPrivileged(Native Method)
  at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$11.run(JMXConnectorSubjectForwarder.java:661)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
  at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder.invoke(JMXConnectorSubjectForwarder.java:654)
  at javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1426)
  at javax.management.remote.rmi.RMIConnectionImpl.access$200(RMIConnectionImpl.java:72)
  at javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1264)
  at java.security.AccessController.doPrivileged(Native Method)
  at javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1366)
  at javax.management.remote.rmi.RMIConnectionImpl.invoke(RMIConnectionImpl.java:788)
  at javax.management.remote.rmi.RMIConnectionImpl_WLSkel.invoke(Unknown Source)
  at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:589)
  at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:477)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
  at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
  at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:473)
  at weblogic.rmi.internal.wls.WLSExecuteRequest.run(WLSExecuteRequest.java:118)
  at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
  at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  My Oracle Access Manager is 10.1.4.3 and OIF is 11.1.1.3
  thanks

  Hello,
  I'm having the same problem. Did anybody find a solution to fix it?
  Any help is appreciated.
  Regards,
  Ignacio.

• How to change LDAP server setting in Access Manager 6.2

  Hi,
  We have initially set authentication as a SunONE Directory Server 5.1 (master DS1) in Sun Java System Access Manager 6.2. In both /etc/opt/SUNWam/config/serverconfig.xml
  /etc/opt/SUNWam/config/AMConfig.properties
  conf files, DS1 was set initially. Also on console's Service Configuration ->LDAP->Primary LDAP Server was set as "DS1"
  Now the problem is that I am not able to change the DS1 to the other master "DS2". I set DS2 in both above conf files and also the Service Configuration page as Primary LDAP Server. I restarted the server. When I stopped the DS1, I couldn't login access manager console with any user. It looks like it is still trying to get authentication from DS1.
  Does anybody know what I am missing here?
  Regards,

  After hopeless tries, I finally made it work;) The trick was actually updating the sunKeyValue attribute of the entry:
  "dn:ou=default,ou=OrganizationConfig,ou=1.0,ou=iPlanetAMAuthLDAPService,ou=ser
  vices,dc=company,dc=com" in one of the master DS I have.
  Even though I set DS2 and loadBalancer hosts in all conf files and in Primary LDAP conf in amconsole's Service Configuration, it just didn't work until I inserted loadBalancer host in sunKeyValue attribute.
  Hope it helps to someone....
  -Bora

• Please help me about Sun Access Manager . . .

  Hi every body,
  I deploy successful Access Manager 7.1 on domain1 in GlassFish server.
  At address admin console domain1 : http://my.test.domain:4848/
  At adress listening : http://my.test.domain:8080/amserver/
  And then I install Policy Agent 2.2 and deploy agentapp.war succesful on domain2 in GlassFish server.
  At address admin console domain2 : http://my.test.domain:6868/
  At adress listening : http://my.test.domain:6948/agentapp.war.
  And then I deploy agentsample.ear on domain2 in GlashFish server and addess deployment is : http://my.test.domain:6948/agentsample
  And then I login Access Manager that create policy : http://my.test.domain:6948/agentsample/*
  When I browser http://my.test.domain:6948/agentsample on IE it redirect to Access Manager login.
  But I read a attach document, it asked me, created user and asign roles employee, manager, admin.
  I wondered that employee, manager and admin roles are available?
  If it hasnt that roles, How to create it ?
  And How to use LDAP and install Sun Directory server in window xp?
  Then end, Can you tell me, Whats wrong if I configure like above ?
  I hope you help me . . .
  Thank you very much.
  VinhND
  Edited by: javatoall on Jan 17, 2008 9:44 PM

  Hi,
  I added a page to the wiki which adds more detail to the steps to create the sample app policies on the am/fam/opensso server console UI. This includes some screen shots as well.
  This is one good thing about the sample app is that you have to learn to install the opensso server, install the agent, configure the agents properties for the sample app security and also use the opensso server UI to create policies.
  It is a bit of work, but when done you will know how to use a lot of opensso features.
  You do not need a directory server. The sample app readme refers to some directory things that really can be ignored. The wording should be changed.
  Anyhow you can use this wiki page along with the readme to help you set up the policies, the subjects etc that map to the sample app
  http://wikis.sun.com/display/OpenSSO/samplepolicy
  I will try to make a getting started page for new users, though you have done most the steps now, and need to set up sample. But this page might be useful for others who want to get started http://wikis.sun.com/display/OpenSSO/getstarted
  hth,
  Sean

• Am not able to get the Access manager 7-  login page

  I have installed Access Manager and configured it was worked. but i did the Policy agent cofiguration for Access Manager after that i couldn't login to Access manager ie /amserver while on trying http://localhost:8080/amserver/UI/Login
  am getting the following error
  exception
  javax.servlet.ServletException
       org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:300)
       org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:165)
       java.security.AccessController.doPrivileged(Native Method)
       com.sun.mobile.filter.AMLController.doFilter(AMLController.java:163)
  root cause
  java.lang.NoClassDefFoundError
       com.sun.identity.authentication.server.AuthContextLocal.(AuthContextLocal.java:140)
       com.sun.identity.authentication.service.LoginState.createAuthContext(LoginState.java:1121)
       com.sun.identity.authentication.service.AuthUtils.getAuthContext(AuthUtils.java:310)
       com.sun.identity.authentication.service.AuthUtils.getAuthContext(AuthUtils.java:250)
       com.sun.identity.authentication.UI.LoginViewBean.forwardTo(LoginViewBean.java:325)
       com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServletBase.java:981)
       com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:615)
       com.iplanet.jato.ApplicationServletBase.doGet(ApplicationServletBase.java:459)
       javax.servlet.http.HttpServlet.service(HttpServlet.java:747)
       javax.servlet.http.HttpServlet.service(HttpServlet.java:860)
       sun.reflect.GeneratedMethodAccessor115.invoke(Unknown Source)
       sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       java.lang.reflect.Method.invoke(Method.java:585)
       org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:249)
       java.security.AccessController.doPrivileged(Native Method)
       javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
       org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:282)
       org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:165)
       java.security.AccessController.doPrivileged(Native Method)
       com.sun.mobile.filter.AMLController.doFilter(AMLController.java:163)
  please any do some need full to solve this problem
  regards
  vimalraj.s

  Guys,
  This is a common problem that I have noticed when policy agent is installed on the same DAS (Domain Admin Server of Sun java Application Server) instance where access manager is installed.
  Best solution is to deploy your application on a different DAS and configure / install policy agent for the new DAS.
  If web server is used for Access Manager, Deploy your application on a different instance.
  Alternatively, follow these instructions.
  Assume that you have policy agent binary installed on /opt/SUNWam/policyagent/ j2ee_agents/am_as81_agent.
  When policy agent is configured, it creates a new configuration folder named agent_001.
  1.     Login to DAS and remove the class path changes done by the policy agent installer.
  These are the class path to remove:
  /opt/SUNWam/ policyagent /j2ee_agents/am_as81_agent/lib/agent.jar
  /opt/SUNWam/ policyagent /j2ee_agents/am_as81_agent/lib/amclientsdk.jar
  /opt/SUNWam/ policyagent /j2ee_agents/am_as81_agent/locale
  /opt/SUNWam/ policyagent /j2ee_agents/am_as81_agent/agent_001/config
  2.     Add these to the class path to the end of the class path suffix. NOT AT THE START
  /opt/SUNWam/ policyagent /j2ee_agents/am_as81_agent/lib/agent.jar
  /opt/SUNWam/ policyagent /j2ee_agents/am_as81_agent/lib/locale
  3.     Insert amclientsdk.jar to the classpath. Insert this before agent.jar but after am_*.jar files (am_sdk.jar,am_services.jar,am_sso_provider.jar,am_logging.jar )
  4.     open amConfig.properties . Add this line to the bottom of the file.
  com.sun.identity.agents.config.location=/opt/SUNWam/ policyagent /j2ee_agents/am_as81_agent/agent_001/config/AMAgent.properties
  Above line points to the policy agent configuration file.
  5.     last but not the least:
  a.     Make sure that an agent is created in Access manager with the same name and password as the one that you gave when installing policy agent.
  b.     Set property com.sun.identity.agents.config.filter.mode = SSO_ONLY in AMAgent.properties. This will help initial testing of the configuration.
  c.     Above configuration is for Unix. But shouldwork for other OS as well.
  Best of Luck
  KK

• Error while accessing Access Manager

  Hi All,
  I am getting the following error after configuring access manager and restarting the web server.
  [25/May/2006:18:14:16] info ( 1724): CORE1116: Sun Java System Web Server 6.1SP5 B01/15/2006 23:04
  [25/May/2006:18:14:30] info ( 1724): HTTP3072: [LS ls1] http://GDYESSER33609.wipro.com:13004 ready to accept requests
  [25/May/2006:18:14:30] info ( 1724): CORE3274: successful server startup
  [25/May/2006:18:15:29] warning ( 1724): CORE3283: stderr: Exception in thread "amStats" java.lang.ExceptionInInitializerError
  [25/May/2006:18:15:29] warning ( 1724): CORE3283: stderr:      at com.sun.identity.authentication.service.AuthStatsListener.printStats(AuthStatsListener.java:56)
  [25/May/2006:18:15:29] warning ( 1724): CORE3283: stderr:      at com.iplanet.am.util.StatsRunner.run(StatsRunner.java:91)
  [25/May/2006:18:15:29] warning ( 1724): CORE3283: stderr: Caused by: java.lang.NullPointerException
  [25/May/2006:18:15:29] warning ( 1724): CORE3283: stderr:      at com.iplanet.services.cdm.ClientsManager.getDefaultInstance(ClientsManager.java:108)
  [25/May/2006:18:15:29] warning ( 1724): CORE3283: stderr:      at com.sun.identity.authentication.service.AuthUtils.<clinit>(AuthUtils.java:199)
  I have configured and restarted the web server, when i try to access the access manager I get the above error. Someone please respond at the earliest.
  Thanks.

  Hi Tanya,
  Thank you for posting in Windows Server Forum.
  From which device you are trying to access RemoteApp program?
  For getting any remote session or accessing RemoteApp the user must be added under “Remote Desktop Users” local group. So please under user under that group and verify. 
  Also add the user under System>Remote Settings>Remote Tab>Allow remote connection to this computer and add the user under that. Now after performing this above steps verify whether user can login remotely.
  Hope it helps!
  Thanks.
  Dharmesh Solanki
  TechNet Community Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Custom login page with Policy Agent 2.2 & Access Manager

  Hi,
  I’m trying to set up policy agent 2.2 and Access Manager to use the login page of the application I’m trying to secure. I’m not sure if this is the correct forum or not so feel free to move this if need be.
  I’ve been using this link: http://docs.sun.com/source/816-6884-10/chapter3.html#wp25376 but it doesn’t seem to make sense.
  In my AMAgent.properties file I’ve set up
  com.sun.identity.agents.config.login.form[0]=/contextRoot/login/login.jsp to my login page and I’ve also configured the web.xml for that application to use the login:
       <login-config>
            <auth-method>FORM</auth-method>
            <form-login-config>
                 <form-login-page>/login/login.jsp</form-login-page>
                 <form-error-page>/login/login.jsp</form-error-page>
            </form-login-config>          
       </login-config>
  When I try and access the login page I’m redirected to the default access manager login page. I did notice in the AMProperties.xml file the following line:
  com.sun.identity.agents.config.login.url[0] = http://amserverhost:80/amserver/UI/Login
  It seems like I should change that to point to my login page but I didn’t see any documentation supporting that. When I change that property to point to location of my login page, i get a redirect loop error.
  When I remove the com.sun.identity.agents.config.login.form[0] property all together, I just get a resource restricted error.
  Now when I configure the com.sun.identity.agents.config.login.form[0] property, set the config.login.url = to my login page AND set the com.sun.identity.agents.config.notenforced.uri[0] property equal to my login page (so the login page is no longer protected) I am able to see the login page
  Is unrestricting the login page correct? I’m able to access the login.jsp page directly and when I try and access protected resources I’m redirected back to the login page so everything seems to be working correctly but I’m not sure if this is the correct way.

  Hi Neeraj,
  I still have not been able to resolve that issue. Let me know If you find a solution for the same.
  Thanks,
  Srinivas

• Cannot acces the login page of Access Manager 7.1 amserver

  I am new to Access Manager 7.1. After a successfull installation on Solaris 10 11/06 x86, SUN Java Directory Server 6 EE, SUN Java Application Server 8.2 i cannot reach the login page of amserver. The Application Server registers properly the Web Applications, the configuration of the Access Manager was good in my best knowledge. The exeption is as follows
  type Exception report
  message
  description The server encountered an internal error () that prevented it from fulfilling this request.
  exception
  javax.servlet.ServletException: AMSetupFilter.doFilter
       com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:100)
  root cause
  com.iplanet.jato.CompleteRequestException
       com.sun.identity.authentication.UI.AuthenticationServletBase.onUncaughtException(AuthenticationServletBase.java:122)
       com.iplanet.jato.ApplicationServletBase.fireUncaughtException(ApplicationServletBase.java:1164)
       com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:639)
       com.iplanet.jato.ApplicationServletBase.doGet(ApplicationServletBase.java:459)
       javax.servlet.http.HttpServlet.service(HttpServlet.java:747)
       javax.servlet.http.HttpServlet.service(HttpServlet.java:860)
       sun.reflect.GeneratedMethodAccessor73.invoke(Unknown Source)
       sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       java.lang.reflect.Method.invoke(Method.java:585)
       org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:249)
       java.security.AccessController.doPrivileged(Native Method)
       javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
       org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:282)
       org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:165)
       java.security.AccessController.doPrivileged(Native Method)
       com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:86)
  note The full stack trace of the root cause is available in the Sun-Java-System/Application-Server logs.
  Could anybody help me to solve this situation.
  Thanks

  Hey,
  were you able to resolve this issue???
  I am getting the same error after I re-installed the SUN suite(including portal,access manager ,directory server etc)
  Please let me know If you can help.!
  Thanks
  Deepak

• Sun Access Manager  - Authentication Error

  Hello everyone,
  I'm trying to configure Sun Access Manager 7.0 with sun web server 6.1 and directory server 5.2 on windows xp.
  I'm getting the following error when I try to login with uid=amAdmin
  "Permission to perform the read operation denied to uid=amAdmin,ou=People,dc=example,dc=com"
  I do not see any errors from the debug files. Could anyone help me in fixing this problem.
  Thanks in advance,
  -krishna

  Is your AM log level set to message? If not, set to message and retest. You should get output in your debug logs.
  On the agent side, set your logging to all:5

• Enabling OCSP checking in Access Manager causes Directory lookup error

  I have deployed Access Manager 7.1 update 1 to Sun Java Web Server 7. This is on a Solaris 9 sparc server.
  If I enable OCSP checking in AMConfig.properties, I get the following in my web server logs:
  HTTP3068: Error receiving request from 214.x.x.x (Directory lookup error).
  This is when running the webserver as webservd - if I run it as root (not acceptable in my environment) I don't have a problem. I have successful installations on a Solaris 10 x86, and another Solaris 9 sparc server.
  It seems to be either a permissions issue, or an environment issue, but after working with LD_LIBRARY_PATH, and adding .jar and .so files to the amserver lib directory, I'm still not getting a working configuration. Does anyone have any ideas?

  Thanks samk,
  After the installation, I have started the Directory server,admin,and console with following commands:
  bash-3.00# directoryserver start
  bash-3.00# directoryserver start-admin
  SunONE-WebServer-Enterprise/6.0SP3 B05/19/2004 02:48
  warning: daemon is running as super-user
  [LS ls1] http://AM55-zone.ipsolutionshowcase.com <http://AM55-zone.ipsolutionshowcase.com> , port 390 ready to accept requests
  startup: server started successfully
  bash-3.00# directoryserver startconsole
  Recieved the Login console window,logged in and got the ipsolutionshowcase tree.
  What are the next steps I need to folow in order to launch the Access Manager page?
  Ant thoughts?
  Thanks for ye help
  Sid

• Login onto Oracle Access Manager HELP PLEASE!!!

  Hi All,
  I have a major problem, all of a sudden I am unable to log on to my Access Manager via the Web Console.
  My OAM is using OVD for User Directory and AD as the configuration Directory.
  When I try and logon using any user (LDAP mainly) it says "invalid credentials", I hit "Lost PW" button and returns the same message.
  Has any one got any ideas, OVD seems ok, I can browse both my Active directories with it, my AD are avaliable (telnet port 389 ok)
  I have enabled loggin on the OVD. It give me the following on the main server log. below is also the server exception log, sections are separated by a -------------.
  Thanks inadvance
  [2008-03-19 18:05:37,635] WARN - DoSManager: Found unbound connection from active ip addresses.[Session: cn=admin/192.168.200.75] [DoSManager]
  [2008-03-19 18:05:37,635] WARN - DoSManager: Found unbound connection from active ip addresses.[Session: cn=admin/192.168.200.75] [DoSManager]
  [2008-03-19 18:05:37,635] WARN - DoSManager: Found unbound connection from active users.[Session: cn=admin/192.168.200.75] [DoSManager]
  [2008-03-19 18:05:37,635] WARN - DoSManager: Found unbound connection from active users.[Session: cn=admin/192.168.200.75] [DoSManager]
  [2008-03-19 18:05:37,635] WARN - DoSManager: Found unbound connection from active users.[Session: cn=admin/192.168.200.75] [DoSManager]
  [2008-03-19 18:05:37,635] WARN - DoSManager: Found unbound connection from active users.[Session: cn=admin/192.168.200.75] [DoSManager]
  [2008-03-19 18:05:44,322] INFO - DumpTransactions: SEARCH Operation: (Transaction#OC-AD.Dump Before.32)
  BindDN: cn=admin
  Base: dc=MyCompany,dc=ovd
  Scope: 2
  Filter: (&(objectclass=inetorgperson)(&(uid=dpapadopoulos)(|(obUserAccountControl=ACTIVATED)(!(obUserAccountControl=*)))))
  TypesOnly: FALSE
  Attrs: [cn] [WorkThread# 7]
  [2008-03-19 18:05:44,322] INFO - DumpTransactions: SEARCH Operation: (Transaction#OC-AD.Dump After.32)
  BindDN: cn=admin
  Base: dc=MyCompany,dc=ovd
  Scope: 2
  Filter: (&(objectclass=user)(&(samaccountname=dpapadopoulos)(|(obUserAccountControl=ACTIVATED)(!(obUserAccountControl=*)))))
  TypesOnly: FALSE
  Attrs: [cn] [WorkThread# 7]
  [2008-03-19 18:05:44,322] WARN - ConnectionHandle: Remote Server Failure:connection closed [WorkThread# 7]
  [2008-03-19 18:05:44,322] INFO - DumpTransactions: SEARCH Results: (Transaction#OC-AD.Dump After.32) NULL [WorkThread# 7]
  [2008-03-19 18:05:44,322] INFO - DumpTransactions: SEARCH Results: (Transaction#OC-AD.Dump Before.32) NULL [WorkThread# 7]
  [2008-03-19 18:05:44,322] INFO - exceptionlog: SEARCH Results: (Transaction#OC-AD.Dump After.32) NULL [WorkThread# 7]
  com.octetstring.vde.util.DirectoryException: LDAP Error 2 : No Remote Servers Available at com.octetstring.vde.backend.jndi.BackendJNDI.flushConnections(BackendJNDI.java:1820) at com.octetstring.vde.backend.jndi.ConnectionManager.flushConnections(ConnectionManager.java:64) at com.octetstring.vde.backend.jndi.ConnectionHandle.search(ConnectionHandle.java:367) at com.octetstring.vde.backend.jndi.BackendJNDI.get(BackendJNDI.java:1108) at com.octetstring.vde.chain.Chain.nextGet(Chain.java:289) at com.octetstring.vde.chain.plugins.DumpTransactions.DumpTransactions.get(DumpTransactions.java:267) at com.octetstring.vde.chain.Chain.nextGet(Chain.java:298) at com.octetstring.vde.chain.BasePlugin.get(BasePlugin.java:86) at com.octetstring.vde.chain.Chain.nextGet(Chain.java:298) at com.octetstring.vde.chain.plugins.objectClass.ObjectClassMapper.get(ObjectClassMapper.java:267) at com.octetstring.vde.chain.Chain.nextGet(Chain.java:298) at com.octetstring.vde.chain.BasePlugin.get(BasePlugin.java:86) at com.octetstring.vde.chain.Chain.nextGet(Chain.java:298) at com.octetstring.vde.chain.plugins.DumpTransactions.DumpTransactions.get(DumpTransactions.java:267) at com.octetstring.vde.chain.Chain.nextGet(Chain.java:298) at com.octetstring.vde.chain.PluginChain.runGet(PluginChain.java:188) at com.octetstring.vde.chain.PluginManager.runGet(PluginManager.java:425) at com.octetstring.vde.chain.PluginManager.runGet(PluginManager.java:380) at com.octetstring.vde.backend.AdapterServiceInterface.get(AdapterServiceInterface.java:560) at com.octetstring.vde.backend.BackendHandler.get(BackendHandler.java:707) at com.octetstring.vde.chain.Chain.nextGet(Chain.java:282) at com.octetstring.vde.chain.plugins.AclCheckerPlugin.get(AclCheckerPlugin.java:322) at com.octetstring.vde.chain.Chain.nextGet(Chain.java:298) at com.octetstring.vde.chain.PluginChain.runGet(PluginChain.java:188) at com.octetstring.vde.chain.PluginManager.runGet(PluginManager.java:425) at com.octetstring.vde.chain.PluginManager.runGet(PluginManager.java:380) at com.octetstring.vde.chain.GlobalServicesInterface.runGet(GlobalServicesInterface.java:205) at com.octetstring.vde.operation.SearchOperation.perform(SearchOperation.java:401) at com.octetstring.vde.MessageHandler.doSearch(MessageHandler.java:517) at com.octetstring.vde.MessageHandler.answerRequest(MessageHandler.java:136) at com.octetstring.vde.WorkThread.run(WorkThread.java:89) [2008-03-19 18:05:44,322] INFO - exceptionlog: SEARCH Results: (Transaction#OC-AD.Dump Before.32) NULL [WorkThread# 7]
  com.octetstring.vde.util.DirectoryException: LDAP Error 2 : No Remote Servers Available at com.octetstring.vde.backend.jndi.BackendJNDI.flushConnections(BackendJNDI.java:1820) at com.octetstring.vde.backend.jndi.ConnectionManager.flushConnections(ConnectionManager.java:64) at com.octetstring.vde.backend.jndi.ConnectionHandle.search(ConnectionHandle.java:367) at com.octetstring.vde.backend.jndi.BackendJNDI.get(BackendJNDI.java:1108) at com.octetstring.vde.chain.Chain.nextGet(Chain.java:289) at com.octetstring.vde.chain.plugins.DumpTransactions.DumpTransactions.get(DumpTransactions.java:267) at com.octetstring.vde.chain.Chain.nextGet(Chain.java:298) at com.octetstring.vde.chain.BasePlugin.get(BasePlugin.java:86) at com.octetstring.vde.chain.Chain.nextGet(Chain.java:298) at com.octetstring.vde.chain.plugins.objectClass.ObjectClassMapper.get(ObjectClassMapper.java:267) at com.octetstring.vde.chain.Chain.nextGet(Chain.java:298) at com.octetstring.vde.chain.BasePlugin.get(BasePlugin.java:86) at com.octetstring.vde.chain.Chain.nextGet(Chain.java:298) at com.octetstring.vde.chain.plugins.DumpTransactions.DumpTransactions.get(DumpTransactions.java:267) at com.octetstring.vde.chain.Chain.nextGet(Chain.java:298) at com.octetstring.vde.chain.PluginChain.runGet(PluginChain.java:188) at com.octetstring.vde.chain.PluginManager.runGet(PluginManager.java:425) at com.octetstring.vde.chain.PluginManager.runGet(PluginManager.java:380) at com.octetstring.vde.backend.AdapterServiceInterface.get(AdapterServiceInterface.java:560) at com.octetstring.vde.backend.BackendHandler.get(BackendHandler.java:707) at com.octetstring.vde.chain.Chain.nextGet(Chain.java:282) at com.octetstring.vde.chain.plugins.AclCheckerPlugin.get(AclCheckerPlugin.java:322) at com.octetstring.vde.chain.Chain.nextGet(Chain.java:298) at com.octetstring.vde.chain.PluginChain.runGet(PluginChain.java:188) at com.octetstring.vde.chain.PluginManager.runGet(PluginManager.java:425) at com.octetstring.vde.chain.PluginManager.runGet(PluginManager.java:380) at com.octetstring.vde.chain.GlobalServicesInterface.runGet(GlobalServicesInterface.java:205) at com.octetstring.vde.operation.SearchOperation.perform(SearchOperation.java:401) at com.octetstring.vde.MessageHandler.doSearch(MessageHandler.java:517) at com.octetstring.vde.MessageHandler.answerRequest(MessageHandler.java:136) at com.octetstring.vde.WorkThread.run(WorkThread.java:89)
  If you have got this far then thanks for reading ;)

  Finally managed to solve the problem.
  While creating the Join view adapter, we had to specify the binding adapter as OID instead of the database as we had done.
  Changed the binding adapter to OID and can login to OAM console now!
  :)

• Not able to login to Sun Access Manager

  Hi All,
  I am new to Sun Access Manager. I changed the LDAP Configuration in Identity Management->Authentication Module->LDAP to some incorrect LDAP Server. Now i am not able to login to the amconsole of Access Manager. I am getting an Authentication fail error. Is there any way i can revert the changes for the LDAP i have made as i am not able to open the console to revert the changes.
  Thanks in advance,
  Annu

  Check your AppServer to see it up and running or not.

• Login to Sun access manager admin console failed.

  we are using Sun access manager 2003Q4. Today i am not able to login to the amconsole itself.it says authentication failed. i tried with all the admin users we have and also with the amadmin same error.
  The ldap is up and running.
  can any one suggest me the probable problem and solution.
  or the log files i need to look at which can help in trouble shooting.
  thanks in advance

  Check your AppServer to see it up and running or not.