Identity Server 6.1 problem in appserver 7.0
Hi,
I am trying to install ID6.1 on Appserver 7.0.They are all part of JES03Q4Sparc bits.
After installing the ID6.1 on Appserver7.0 ,i am not able to bring the amconsole.It says "page cannot be found".
I looked into the log file and there are visible problems during installation.
1./var/sadm/pkg/SUNWamsdk/install/postinstall: /usr/jdk/entsys-j2se/bin/native2ascii: not found
/var/sadm/pkg/SUNWamsdk/install/postinstall: /usr/jdk/entsys-j2se/bin/jar: not found
2: cannot access /opt/SUNWam/web-apps/introduction/WEB-INF/web.xml
/var/sadm/pkg/SUNWamsai/install/postinstall: /opt/SUNWam/web-apps/introduction/WEB-INF/web.xml: cannot create
cp: cannot access /opt/SUNWam/web-apps/introduction/WEB-INF/classes/FSIntroConfig.properties
3Installation of <SUNWamsai> was successful.
ps/introduction/WEB-INF/classes/FSIntroConfig.properties: cannot create
/var/sadm/pkg/SUNWamsai/install/postinstall: /usr/jdk/entsys-j2se/bin/jar: not found
mv: cannot access introduction.war
Installed Package: SUNWamsai
Install complete.
I could see the amadmin user in the directory server 5.2.The only problem seems to be that installation fails to load amconsole,ampassword related webmodule into the appserver.
Btw,am using JDK1.4_0_6.
Any help would be greatly appreciated.
Thanks
it is evident that your jdk is not installed properly
jar and native2ascii are required for successful install
make sure these utilities installed properly
and reinstall ID server
Similar Messages
-
Problems Starting Identity Server
Greetings all,
I'm attempting to get Identity Server installed and running under Web Server 6.0SP5.
I've created and installed a war, set the waveset.home option on the JVM, I've imported the init.xml (MySQL DB) and ran through the Demo Org wizard. That all has gone fine until I restarted the web server to login (previoulsy showing the Import Exchange File page.)
Now when the web server attempts to start up the servlet(s) I get this error:
info: CORE3282: stdout: Constructing Startup Servlet...
info: CORE3282: stdout: Initializing Startup Servlet...
info: CORE3282: stdout: Defining system properties...
info: CORE3282: stdout: StartupServlet: waveset.home already defined as /opt/SUNWwbsvr/https-spiega.web.pplsi.com/webapps/https-spiega.web.pplsi.com/idm/
info: CORE3282: stdout: StartupServlet: Defining properties from web.xml
info: CORE3282: stdout: Starting: Identity Server...
warning: CORE3283: stderr: java.lang.NullPointerException
warning: CORE3283: stderr: at org.mozilla.jss.crypto.PBEKeyGenParams.<init>(PBEKeyGenParams.java:67)
warning: CORE3283: stderr: at org.mozilla.jss.provider.javax.crypto.JSSSecretKeyFactorySpi.makePBEKeyGenParams(JSSSecretKeyFactorySpi.java:106)
warning: CORE3283: stderr: at org.mozilla.jss.provider.javax.crypto.JSSSecretKeyFactorySpi.engineGenerateSecret(JSSSecretKeyFactorySpi.java:147)
warning: CORE3283: stderr: at javax.crypto.SecretKeyFactory.generateSecret(DashoA12275)
warning: CORE3283: stderr: at com.waveset.util.CryptoUtil.generatePBEKey(CryptoUtil.java:196)
warning: CORE3283: stderr: at com.waveset.util.Encryptor.generateKey(Encryptor.java:350)
warning: CORE3283: stderr: at com.waveset.security.authn.ServerKeyStore.setKeyEncryptionKey(ServerKeyStore.java:393)
warning: CORE3283: stderr: at com.waveset.security.authn.ServerKeyStore.startMeUp(ServerKeyStore.java:104)
warning: CORE3283: stderr: at com.waveset.server.Server.init(Server.java:333)
warning: CORE3283: stderr: at com.waveset.server.Server.start(Server.java:217)
warning: CORE3283: stderr: at com.waveset.server.Server.getServer(Server.java:807)
warning: CORE3283: stderr: at com.waveset.server.Server.getServer(Server.java:784)
warning: CORE3283: stderr: at com.waveset.server.StartupServlet.startServer(StartupServlet.java:402)
warning: CORE3283: stderr: at com.waveset.server.StartupServlet.init(StartupServlet.java:93)
warning: CORE3283: stderr: at javax.servlet.GenericServlet.init(GenericServlet.java:256)
warning: CORE3283: stderr: at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:921)
warning: CORE3283: stderr: at org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:813)
warning: CORE3283: stderr: at org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:3478)
warning: CORE3283: stderr: at org.apache.catalina.core.StandardContext.start(StandardContext.java:3760)
warning: CORE3283: stderr: at com.iplanet.ias.web.WebModule.start(WebModule.java:251)
warning: CORE3283: stderr: at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1133)
warning: CORE3283: stderr: at org.apache.catalina.core.StandardHost.start(StandardHost.java:652)
warning: CORE3283: stderr: at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1133)
warning: CORE3283: stderr: at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:355)
warning: CORE3283: stderr: at org.apache.catalina.startup.Embedded.start(Embedded.java:995)
warning: CORE3283: stderr: at com.iplanet.ias.web.WebContainer.start(WebContainer.java:431)
warning: CORE3283: stderr: at com.iplanet.ias.web.WebContainer.startInstance(WebContainer.java:500)
warning: CORE3283: stderr: at com.iplanet.ias.server.J2EERunner.confPostInit(J2EERunner.java:161)
info: CORE3282: stdout: Problem starting Identity server: com.waveset.util.WavesetException:
info: CORE3282: stdout: ==> java.lang.NullPointerException:
info: CORE3282: stdout: ...Finished starting Startup Servlet
I've downloaded the laters jss4.jar from mozilla and placed it in the $WSHOME/WEB-INF/lib directory and added it to the front of the JVM's class path.
Any further suggestions. I really appreciate any help.
Thanks!
JeremyJeremy,
What is the version of IDM you are trying to install/run? Also, what is "Web Server 6.0SP5"? Is that the Sun Web server?
You may want to check if the version of IDM you are trying to install is supported on the version of web server you are installing on.
~Suvesh -
Problem with a dual Identity Server
Hi!
We are currently deploying MS 6.0p1. We have two servers for Identity Server and Directory Server is replicating its database on both machines. Problem that we have is that on second Identity Server we can not log on with simple user name but with this "uid=admin, ou=people, dc=domain, dc=com". On first server we can log on with simple user name.
Any ideas?Found the log, but the log does not tell much!
05/16/2004 08:37:30:406 PM CEST: Thread[Thread-23,5,main]
adminDN-> uid=amAdmin,ou=People,dc=bih,dc=net,dc=ba
Host: sis2.bih.net.ba
PORT : 389
05/16/2004 08:37:30:585 PM CEST: Thread[Thread-23,5,main]
LDAP resbundle locale=en_US
05/16/2004 08:37:31:067 PM CEST: Thread[Thread-23,5,main]
currentState : 1
05/16/2004 08:37:31:068 PM CEST: Thread[Thread-23,5,main]
you are in LoginScreen:1
05/16/2004 08:37:31:069 PM CEST: Thread[Thread-23,5,main]
LDAP initialize()
05/16/2004 08:37:31:070 PM CEST: Thread[Thread-23,5,main]
attrs is : []
05/16/2004 08:37:31:283 PM CEST: Thread[Thread-23,5,main]
bindDN-> cn=amldapuser,ou=DSAME Users,dc=bih,dc=net,dc=ba
baseDN-> o=bih.net.ba,dc=bih,dc=net,dc=ba
userNamingAttr-> uid
userSearchAttr(s)-> [uid]
userCreationAttrs-> []
searchFilter->
searchScope-> 2
ssl-> false
authLevel: 0
Host: sis1.bih.net.ba
PORT : 389
Pattern : *|(|)|&|!
05/16/2004 08:37:31:295 PM CEST: Thread[Thread-23,5,main]
Connecting to sis1.bih.net.ba:389
Searching o=bih.net.ba,dc=bih,dc=net,dc=ba for (uid=amdin)
scope = 2
05/16/2004 08:37:31:296 PM CEST: Thread[Thread-23,5,main]
Create ConnectionPool: sis1.bih.net.ba:389
05/16/2004 08:37:31:297 PM CEST: Thread[Thread-23,5,main]
LDAPAuthUtils.LDAPAuthUtils: min=1, max=10
05/16/2004 08:37:31:308 PM CEST: Thread[Thread-23,5,main]
Cannot authenticate
05/16/2004 08:37:31:313 PM CEST: Thread[Thread-23,5,main]
Invalid password.
05/16/2004 08:37:46:648 PM CEST: Thread[Thread-28,5,main]
LDAP resbundle locale=en_US
05/16/2004 08:37:46:728 PM CEST: Thread[Thread-28,5,main]
currentState : 1
05/16/2004 08:37:46:728 PM CEST: Thread[Thread-28,5,main]
you are in LoginScreen:1
05/16/2004 08:37:46:729 PM CEST: Thread[Thread-28,5,main]
LDAP initialize()
05/16/2004 08:37:46:730 PM CEST: Thread[Thread-28,5,main]
attrs is : []
05/16/2004 08:37:46:730 PM CEST: Thread[Thread-28,5,main]
bindDN-> cn=amldapuser,ou=DSAME Users,dc=bih,dc=net,dc=ba
baseDN-> o=bih.net.ba,dc=bih,dc=net,dc=ba
userNamingAttr-> uid
userSearchAttr(s)-> [uid]
userCreationAttrs-> []
searchFilter->
searchScope-> 2
ssl-> false
authLevel: 0
Host: sis1.bih.net.ba
PORT : 389
Pattern : *|(|)|&|!
05/16/2004 08:37:46:760 PM CEST: Thread[Thread-28,5,main]
Connecting to sis1.bih.net.ba:389
Searching o=bih.net.ba,dc=bih,dc=net,dc=ba for (uid=amdin)
scope = 2
05/16/2004 08:37:46:766 PM CEST: Thread[Thread-28,5,main]
Cannot authenticate
05/16/2004 08:37:46:768 PM CEST: Thread[Thread-28,5,main]
Invalid password.
05/16/2004 08:41:50:583 PM CEST: Thread[Thread-29,5,main]
LDAP resbundle locale=en_US
05/16/2004 08:41:50:614 PM CEST: Thread[Thread-29,5,main]
currentState : 1
05/16/2004 08:41:50:614 PM CEST: Thread[Thread-29,5,main]
you are in LoginScreen:1
05/16/2004 08:41:50:615 PM CEST: Thread[Thread-29,5,main]
LDAP initialize()
05/16/2004 08:41:50:616 PM CEST: Thread[Thread-29,5,main]
attrs is : []
05/16/2004 08:41:50:616 PM CEST: Thread[Thread-29,5,main]
bindDN-> cn=amldapuser,ou=DSAME Users,dc=bih,dc=net,dc=ba
baseDN-> o=bih.net.ba,dc=bih,dc=net,dc=ba
userNamingAttr-> uid
userSearchAttr(s)-> [uid]
userCreationAttrs-> []
searchFilter->
searchScope-> 2
ssl-> false
authLevel: 0
Host: sis1.bih.net.ba
PORT : 389
Pattern : *|(|)|&|!
05/16/2004 08:41:50:622 PM CEST: Thread[Thread-29,5,main]
Connecting to sis1.bih.net.ba:389
Searching o=bih.net.ba,dc=bih,dc=net,dc=ba for (uid=amdin)
scope = 2
05/16/2004 08:41:50:628 PM CEST: Thread[Thread-29,5,main]
Cannot authenticate
05/16/2004 08:41:50:629 PM CEST: Thread[Thread-29,5,main]
Invalid password.
05/16/2004 08:43:45:894 PM CEST: Thread[Thread-30,5,main]
LDAP resbundle locale=en_US
05/16/2004 08:43:45:974 PM CEST: Thread[Thread-30,5,main]
currentState : 1
05/16/2004 08:43:45:974 PM CEST: Thread[Thread-30,5,main]
you are in LoginScreen:1
05/16/2004 08:43:45:975 PM CEST: Thread[Thread-30,5,main]
LDAP initialize()
05/16/2004 08:43:45:975 PM CEST: Thread[Thread-30,5,main]
attrs is : []
05/16/2004 08:43:45:978 PM CEST: Thread[Thread-30,5,main]
bindDN-> cn=amldapuser,ou=DSAME Users,dc=bih,dc=net,dc=ba
baseDN-> o=bih.net.ba,dc=bih,dc=net,dc=ba
userNamingAttr-> uid
userSearchAttr(s)-> [uid]
userCreationAttrs-> []
searchFilter->
searchScope-> 2
ssl-> false
authLevel: 0
Host: sis1.bih.net.ba
PORT : 389
Pattern : *|(|)|&|!
05/16/2004 08:43:45:984 PM CEST: Thread[Thread-30,5,main]
Connecting to sis1.bih.net.ba:389
Searching o=bih.net.ba,dc=bih,dc=net,dc=ba for (uid=amdin)
scope = 2
05/16/2004 08:43:45:989 PM CEST: Thread[Thread-30,5,main]
Cannot authenticate
05/16/2004 08:43:45:991 PM CEST: Thread[Thread-30,5,main]
Invalid password.
05/16/2004 08:45:46:145 PM CEST: Thread[Thread-31,5,main]
LDAP resbundle locale=en_US
05/16/2004 08:45:46:172 PM CEST: Thread[Thread-31,5,main]
currentState : 1
05/16/2004 08:45:46:173 PM CEST: Thread[Thread-31,5,main]
you are in LoginScreen:1
05/16/2004 08:45:46:173 PM CEST: Thread[Thread-31,5,main]
LDAP initialize()
05/16/2004 08:45:46:174 PM CEST: Thread[Thread-31,5,main]
attrs is : []
05/16/2004 08:45:46:174 PM CEST: Thread[Thread-31,5,main]
bindDN-> cn=amldapuser,ou=DSAME Users,dc=bih,dc=net,dc=ba
baseDN-> o=bih.net.ba,dc=bih,dc=net,dc=ba
userNamingAttr-> uid
userSearchAttr(s)-> [uid]
userCreationAttrs-> []
searchFilter->
searchScope-> 2
ssl-> false
authLevel: 0
Host: sis1.bih.net.ba
PORT : 389
Pattern : *|(|)|&|!
05/16/2004 08:45:46:179 PM CEST: Thread[Thread-31,5,main]
Connecting to sis1.bih.net.ba:389
Searching o=bih.net.ba,dc=bih,dc=net,dc=ba for (uid=admin)
scope = 2
05/16/2004 08:45:46:184 PM CEST: Thread[Thread-31,5,main]
Cannot authenticate
05/16/2004 08:45:46:185 PM CEST: Thread[Thread-31,5,main]
Invalid password. -
Custom Authentication Module on Identity Server
Hi,
I have a custom authentication module which I am trying to access through the policy agent.
I have set the following property in AMAgent.properties file
com.sun.am.policy.am.loginURL= http://host:port/amserver/UI/Login?module=CustomLoginModule.
My login module code is something like this:
package com.iplanet.am.samples.authentication.providers;
import java.util.*;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.login.LoginException;
import com.sun.identity.authentication.spi.AMLoginModule;
import com.sun.identity.authentication.spi.AuthLoginException;
import java.rmi.RemoteException;
import java.io.FileInputStream;
import java.util.Properties;
public class LoginModule1 extends AMLoginModule
private String userName;
private String userTokenId;
private HashMap usersMap;
private java.security.Principal userPrincipal = null;
public LoginModule1() throws LoginException
public void init(Subject subject, Map sharedState, Map options)
System.out.println("LoginModule1 initialization");
usersMap = new HashMap();
ResourceBundle bundle = ResourceBundle.getBundle("users");
Enumeration users = bundle.getKeys();
while (users.hasMoreElements())
String user = (String)users.nextElement();
String password = bundle.getString(user.trim());
usersMap.put(user, password);
public int process(Callback[] callbacks, int state) throws AuthLoginException
int currentState = state;
if (currentState == 1)
userName = ((NameCallback) callbacks[0]).getName().trim();
char[] passwd = ((PasswordCallback) callbacks[1]).getPassword();
String passwdString = new String (passwd);
if (userName.equals(""))
throw new AuthLoginException("names must not be empty");
if (userName.equals("testuser") && passwdString.equals("testuser"))
userTokenId = userName;
return -1;
if (usersMap.containsKey(userName))
if (usersMap.get(userName).equals(new String(passwd)))
userTokenId = userName;
return -1;
return 0;
public java.security.Principal getPrincipal()
if (userPrincipal != null)
return userPrincipal;
else
if (userTokenId != null)
userPrincipal = new SamplePrincipal("testuser");
return userPrincipal;
else
return null;
So When the user requests a protected resource, the policy agent forwards the user to Identity Server with the module as CustomLoginModule. However, after this, authentication does not succeed and I get the following error message in the agent log file.
2004-08-09 15:24:08.640 Error 2712:130f060 PolicyAgent: validate_session_policy() access allowed to unknown user
2004-08-09 15:24:09.030 Error 2712:24fda5e8 PolicyAgent: validate_session_policy() access allowed to unknown user
2004-08-09 15:24:23.484 Error 2712:130f060 PolicyAgent: validate_session_policy() access allowed to unknown user
2004-08-09 15:24:28.281 Error 2712:24fda5e8 PolicyEngine: am_policy_evaluate: InternalException in Service::construct_auth_svc with error message:Application authentication failed during service creation. and code:20
2004-08-09 15:24:28.281 Error 2712:24fda5e8 PolicyAgent: validate_session_policy() access allowed to unknown user
2004-08-09 15:24:29.484 Error 2712:130f060 PolicyAgent: validate_session_policy() access allowed to unknown user
2004-08-09 15:24:29.499 Error 2712:24fda5e8 PolicyEngine: am_policy_evaluate: InternalException in Service::construct_auth_svc with error message:Application authentication failed during service creation. and code:20
2004-08-09 15:24:29.499 128 2712:24fda5e8 RemoteLog: User unknown was denied access to http://ps0391.persistent.co.in:80/test/index.html.
2004-08-09 15:24:29.499 Error 2712:24fda5e8 LogService: LogService::logMessage() loggedBy SSOTokenID is invalid.
2004-08-09 15:24:29.499 Error 2712:24fda5e8 all: am_log_vlog() failed with status AM_REMOTE_LOG_FAILURE.
2004-08-09 15:24:29.499 -1 2712:24fda5e8 PolicyAgent: validate_session_policy() access denied to unknown user
The necessary policy object is already created in Identity Server. Please send your suggestions to fix this problem.
Thanks
SrinivasDoes the principal "testuser" exist in your realm? If I understand your module correctly, it looks like it always returns "testuser".
I am guessing that Access Manager is not finding your principal. Typically if access manager cannot associate the principal returned by the custom AMLoginModule it will fail the authentication.
I am wondering if this is related to a seperate problem I have seen with custom login modules. Try chaning the code to return an LDAP style principal it may work:
so return "uid=testuser,ou=People,dc=yourdomain,dc=com" for example. In theory this should not be necessary but it solved some problems for me, though I am not sure why. -
Work around for server not found problems on FF36
I have found a work around for all the people having server not found problems with FF36.
If you manually set your network adapter DNS to an external DNS server (as opposed to your local ISP) then the problem goes away. I set mine to use the two google DNS servers:
Preferred: 8.8.8.8
Alternate: 8.8.4.4
Not a clue why this works but it is 100% successful on my desktop PC, whereas before I could hardly connect to a webpage with FF36 without multiple page refreshes and much frustration, even though FF35 was fine and rolling back to FF35 was also fine.
Something has changed in FF36 and either the way it handles DNS or the way it works with some network adapters.
It is nothing to do with add-ons, profiles or firewall software as I have tried all of these things and only the DNS change made a difference. I even copied over a full working profile and the program files directory for Mozilla from my portable which was having no problems and the problem still existed on the desktop, which is why I started looking at the network adapater since everything else between the working PC and the non working one was identical.
Hopefully this will help the developers to pin down the real cause of the problem and fix it in the next release.Well done. Thanks for finding that.
That is not only assigned but has an approved patch included in the scheduled Fx36.0.1 release so it should be fixed in few days, watch out for the upgrade.
* Bug 1093983 - DNS resolver should not use 'ANY' to get cached records for TTL <sup>[https://bugzilla.mozilla.org/show_bug.cgi?id=1093983#c35 c#35]</sup>
* https://wiki.mozilla.org/Firefox/Channels/Meetings/2015-03-03#Schedule_Update
With the bug now fixed it would not really be appropriate to add further comment. I do now see another related bug assigned but not being fast tracked, so if all goes well that will probably land in Firefox 39.
* Bug 1138242 - DNS: Request A and AAAA record types rather than ANY when obtaining TTL on Windows -
Identity Server has not been configured for this new user/group suffix
Hi all
I am having a problem trying to configure the Directory Server (5.2) for Messaging Server.
My configuration is as follows:
SJES Q12005
Server 1 - Directory Server 5.2
Server 1 - Access Manager (formerly Identity Server)
Server 1 - Web Server 6.1
I have successfully installed the above and can login to Access Manager.
I next installed Calendar & Messengar Server on "Server 1". Upon running "comm_dssetup.pl" from /opt/SUNWcomds/sbin, I get the following error:
"Identity Server has not been configured for this new user/group suffix"
Copy and paste of what I entered:
bash-2.05# perl comm_dssetup.pl
Welcome to the Directory Server preparation tool for
Sun Java(tm) System communication services.
(Version 6.3 Revision 1.0)
This tool prepares your directory server for use by the
communications services which include Messaging, Calendar and their components.
The logfile is /var/tmp/dssetup_20050830165940.log.
Do you want to continue [y]:
Please enter the full path to the directory where the Sun ONE
Directory Server was installed.
Directory server root [var/opt/mps/serverroot] : /opt/mps/serverroot
Please select a directory server instance from the following list:
[1] slapd-sunldap
Which instance do you want [1]:
Please enter the directory manager DN [cn=Directory Manager]: cn=DirMan
Password:
Detected DS version 5.2
Will this directory server be used for users/groups [Yes]:
Please enter the Users/Groups base suffix [dc=samplecompany-dev,dc=co,dc=uk] : ou=infrastructure,o=sampletown,dc=samplecompany-dev,dc=co,dc=uk
There are 3 possible schema types:
1 - schema 1 for systems with iMS 5.x data
1.5 - schema 2 compatibility for systems with iMS 5.x data
that has been converted with commdirmig
2 - schema 2 native for systems using Identity Server
Please enter the Schema Type (1, 1.5, 2) [1]: 2
Identity Server has not been configured for this new user/group suffix
You can opt to continue, but you will not be able to use
features that depend on Identity Server
Are you sure you want this schema type? [n]:
I have entered my user group suffix exactly as specified during the Access Manager install (hence I am able to login as "amadmin").
Looking at the LDAP logs to try and figure out whats going wrong I see its not getting hits on all searches it is performing:
[30/Aug/2005:16:41:18 +0100] conn=299 op=159 msgId=161 - SRCH base="ou=services,ou=infrastructure,o=northampton,dc=dataforce-
dev,dc=co,dc=uk" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1)(|(objectClass=*)(objectClass=ldapsubentry)))(obj
ectClass=referral)(objectClass=organization)(objectClass=organizationalUnit)(objectClass=netscapeServer)(objectClass=netscape
Resource)(objectClass=domain))" attrs="dn"
[30/Aug/2005:16:41:18 +0100] conn=299 op=159 msgId=161 - RESULT err=4 tag=101 nentries=1 etime=0
[30/Aug/2005:16:41:18 +0100] conn=299 op=160 msgId=162 - ABANDON targetop=NOTFOUND msgid=161
[30/Aug/2005:16:41:18 +0100] conn=299 op=161 msgId=163 - SRCH base="ou=people,ou=infrastructure,o=northampton,dc=dataforce-de
v,dc=co,dc=uk" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1)(|(objectClass=*)(objectClass=ldapsubentry)))(objec
tClass=referral)(objectClass=organization)(objectClass=organizationalUnit)(objectClass=netscapeServer)(objectClass=netscapeRe
source)(objectClass=domain))" attrs="dn"
[30/Aug/2005:16:41:18 +0100] conn=299 op=161 msgId=163 - RESULT err=0 tag=101 nentries=0 etime=0
[30/Aug/2005:16:41:18 +0100] conn=299 op=162 msgId=164 - SRCH base="ou=clientdata,ou=infrastructure,o=northampton,dc=dataforc
e-dev,dc=co,dc=uk" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1)(|(objectClass=*)(objectClass=ldapsubentry)))(o
bjectClass=referral)(objectClass=organization)(objectClass=organizationalUnit)(objectClass=netscapeServer)(objectClass=netsca
peResource)(objectClass=domain))" attrs="dn"
[30/Aug/2005:16:41:18 +0100] conn=299 op=162 msgId=164 - RESULT err=0 tag=101 nentries=1 etime=0
[30/Aug/2005:16:41:18 +0100] conn=299 op=163 msgId=165 - ABANDON targetop=NOTFOUND msgid=164
[30/Aug/2005:16:41:20 +0100] conn=299 op=164 msgId=166 - SRCH base="ou=services,ou=infrastructure,o=northampton,dc=dataforce-
dev,dc=co,dc=uk" scope=1 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates ref aci"
[30/Aug/2005:16:41:20 +0100] conn=299 op=164 msgId=166 - RESULT err=0 tag=101 nentries=41 etime=0
[30/Aug/2005:16:41:28 +0100] conn=299 op=165 msgId=167 - SRCH base="ou=services,ou=infrastructure,o=northampton,dc=dataforce-
dev,dc=co,dc=uk" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates ref aci"
[30/Aug/2005:16:41:28 +0100] conn=299 op=165 msgId=167 - RESULT err=0 tag=101 nentries=1 etime=0
[30/Aug/2005:16:41:28 +0100] conn=299 op=166 msgId=168 - SRCH base="ou=services,ou=infrastructure,o=northampton,dc=dataforce-
dev,dc=co,dc=uk" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1)(|(objectClass=*)(objectClass=ldapsubentry)))(obj
ectClass=referral)(objectClass=organization)(objectClass=organizationalUnit)(objectClass=netscapeServer)(objectClass=netscape
Resource)(objectClass=domain))" attrs="objectClass numSubordinates ref aci"
[30/Aug/2005:16:41:29 +0100] conn=299 op=166 msgId=168 - RESULT err=0 tag=101 nentries=41 etime=1
[30/Aug/2005:16:41:29 +0100] conn=299 op=167 msgId=169 - SRCH base="ou=iplanetamauthservice,ou=services,ou=infrastructure,o=n
orthampton,dc=dataforce-dev,dc=co,dc=uk" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1)(|(objectClass=*)(objectC
lass=ldapsubentry)))(objectClass=referral)(objectClass=organization)(objectClass=organizationalUnit)(objectClass=netscapeServ
er)(objectClass=netscapeResource)(objectClass=domain))" attrs="dn"
[30/Aug/2005:16:41:29 +0100] conn=299 op=167 msgId=169 - RESULT err=0 tag=101 nentries=1 etime=0
[30/Aug/2005:16:41:29 +0100] conn=299 op=168 msgId=170 - ABANDON targetop=NOTFOUND msgid=169
[30/Aug/2005:16:41:29 +0100] conn=299 op=169 msgId=171 - SRCH base="ou=iplanetamauthldapservice,ou=services,ou=infrastructure
,o=northampton,dc=dataforce-dev,dc=co,dc=uk" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1)(|(objectClass=*)(obj
ectClass=ldapsubentry)))(objectClass=referral)(objectClass=organization)(objectClass=organizationalUnit)(objectClass=netscape
Server)(objectClass=netscapeResource)(objectClass=domain))" attrs="dn"
[30/Aug/2005:16:41:29 +0100] conn=299 op=169 msgId=171 - RESULT err=0 tag=101 nentries=1 etime=0
[30/Aug/2005:16:41:29 +0100] conn=299 op=170 msgId=172 - ABANDON targetop=NOTFOUND msgid=171
[30/Aug/2005:16:41:29 +0100] conn=299 op=171 msgId=173 - SRCH base="ou=iplanetampolicyconfigservice,ou=services,ou=infrastruc
ture,o=northampton,dc=dataforce-dev,dc=co,dc=uk" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1)(|(objectClass=*)
(objectClass=ldapsubentry)))(objectClass=referral)(objectClass=organization)(objectClass=organizationalUnit)(objectClass=nets
capeServer)(objectClass=netscapeResource)(objectClass=domain))" attrs="dn"
[30/Aug/2005:16:41:29 +0100] conn=299 op=171 msgId=173 - RESULT err=0 tag=101 nentries=1 etime=0
[30/Aug/2005:16:41:29 +0100] conn=299 op=172 msgId=174 - ABANDON targetop=NOTFOUND msgid=173
[30/Aug/2005:16:41:29 +0100] conn=299 op=173 msgId=175 - SRCH base="ou=iplanetamauthenticationdomainconfigservice,ou=services
,ou=infrastructure,o=northampton,dc=dataforce-dev,dc=co,dc=uk" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1)(|(
--More--(83%)
The list goes on.
Can anyone give me any pointers?
ThanksHi
Thanks for your reply!
I did mis-type, my mistake - sorry about that.
If I dont over-ride the default it works, I've pretty much got the whole setup working now but I'm not particularly over the moon about the way the ldap tree is setup, I'd like finer granuality as we are going to attempt to get syncronization working with AD.
I have an idea about how I'd like to set up our Mail/Calendar/LDAP infrastructure the 2nd time around (I'm just testing at the mo) - so I might have a question or two for you if you dont mind taking a look when you have a minute?
Thanks Jay -
Integrating Messaging Server and Identity Server
I've got JES 2004Q2, and I'm trying to install the various components on different workstations to prove that a) the software works, and b) it's a viable alternative to Exchange (so please please help me get it working!)
The problem I have is getting Messenger Server and Directory Server talking properly so that I can create users and then log in as those users. After days of frustrating searching for solutions to this problem (and also find people who have successfully done this), I decided to install the components onto one server.
And it worked. Installing Messaging Server, Identity Server, Web Server (contained for Identity Server), Directory Server, and Admin Server all on the same box, configuring them all to use the same directory server for UG and preferences, running the various configuration tools that come with the software, and it all works together fine. Using "./commadmin domain modify .... -S mail", I get "OK". I can add users with the "-S mail" option, log in as those users, and send emails between those users. So this tells me that the software does work, albeit on one box.
When I try to separate the services out to separate boxes, they don't seem to integrate properly. I thought that maybe the order in which you configured applications made a difference (ie. configuring Identity Server after Messenger Server means IS will pick up on the changes made to the directory by MS, and enable it). I also tried to see if using the same options directory server from different boxes helped, but nothing. I've even tried patching them using 116568-52 and 116585-10 but no luck.
Therefore, I've found that installing all servers on one box works, but installing them on separate boxes doesn't (despite using the same directory servers). My conclusion in this is that one of two things must be the case:
a) there's something in the install that has to be changed to reflect the fact that the services are running on different boxes
b) the install of the services adds files to the system somewhere which other packages in JES pick up on (hence the reason why installing everything on one box works), and this isn't documented anywhere
Unfortunately, the output of commadmin when it fails isn't that helpful (nothing against the developers, however it doesn't really help in the fault finding process). I do believe however that the problem is with Identity Server and its configuration, rather than Messaging Server.
Here's some (possibly) useful info:
kipling# ./imsimta version
Sun Java(tm) System Messaging Server 6.1 HotFix 0.01 (built Jun 24 2004)
libimta.so 6.1 HotFix 0.01 (built 12:52:04, Jun 24 2004)
SunOS kipling 5.8 Generic_117350-02 sun4u sparc SUNW,Sun-Blade-1500
kipling#
(on UG server)
# ./commadmin domain modify -D admin -w <password> -d uwe.ac.uk -n uwe.ac.uk -S mail -H kipling.uwe.ac.uk
FAIL
Unable to set attribute(s)
(some verbose mode output)
[Debug]: Contacting : http://bronte.uwe.ac.uk:10080/commcli/TaskManager
[Debug]: To servlet: task=ModifyDomain&objecttype=Domain&domain=uwe.ac.uk&add_services=mail&add_preferredmailhost=kipling.uwe.ac.uk
[Debug]: RECV: FAIL
[Debug]: RECV: Unable to set attribute(s)
[Debug]: CLITask: status returned =FAIL
FAIL
Unable to set attribute(s)
[Debug]: DBG: doOne returned code=6
[Debug]: Contacting : http://bronte.uwe.ac.uk:10080/commcli/logout
[Debug]: Logout ...
[Debug]: RECV: SSOToken id AQIC5wM2LY4SfcyW5hbVBGXqCdsYYDjVarSFRMd6HIxsGho=@AAJTSQACMDE=#
[Debug]: RECV: destroyed
Root suffix: dc=uwe,dc=ac,dc=uk (all "o=" references have been dropped)
All services have their own local options directory server.
Can anyone give me any suggestions? If I log a support call with Sun, what is the likely resolution time? My ultimate goal is to get the whole suite running together, then install Portal server. Once that's working, download the connectors for Outlook and get it all working with Outlook. As I said at the start, we're hoping to show this is a viable alternative to Exchange (certainly for the backend) so any help will be greatly appreciated!
Iainslo_chewie wrote:
Does the email recipient address change when the email is sent to gmail i.e. does an email sent to [email protected] become [email protected]?
We've got google for domains setup, so users would retain a @domain.com address regardless if there mailbox was hosted on the internal server or hosted at google.You can make use of the mailRoutingAddress: user attribute and source routing to get the desired behaviour e.g.
=> Set the following value to the LDAP entry of the user who is hosted on the gmail server. The "[email protected]" address should match the users mail: address:
mailRoutingAddress: @gmail.com:[email protected]=> Ensure the following option has been tcp_local channel in your imta.cnf file. This option strips off the "@gmail.com" value of the recipient address before sending the email to the gmail.com servers.
dequeue_removerouteMake sure you run "./imsimta cnbuild;./imsimta restart" after modifying the imta.cnf file.
Regards,
Shane. -
Security solution with Identity server for SOX compliance
Hi all,
Has anybody used Identity Server as security solution to achieve SOX compliance? i want to know general view, opinions , experiance of ppl while implementing such solution.
Just a little background of SOX: It is Created by US Congress in the wake of corporate scandals like Enron in 2001 and 2002.it is an attempts to tighten controls over corporate financial reporting and transparency.
I am basically interested in implementing security solutions using Identity server for SOX compliance. Section 404 of this act deals with internal controls, which essentially requires organizations to provide following facilities -
1. User Identification, authorization and access
2. User control of user accounts
3. Central identification and access rights/permissions management
4. Violation and security activity report
Has anybody developed such solution? What are your general experiance, problems , issues etc? Please share your view....Just too quick to draw conclusion: See below FAQ
If you are not in the same AS container, let me know. Jerry
Copy from J2EE agent FAQ
Question - Is it possible to install a J2EE 2.1agent and Identity Server on the same instance of the application server ?
Installing the IS60SP1/IS61 server and J2EE 2.1 policy agent on the sameninstance of Application server is not a supported configuration. We do support the 21 J2EE agent and IS installed on different instances of the application server. So, users can install theJ2EE 2.1 agent on a one instance of the application server and install IS on a different instance of the apps server. -
Web Policy Agent 2.1 for Apache 1.3.27 with Identity Server 6.1
Web Policy Agent 2.1 for Apache 1.3.27 with Identity Server 6.1
Does anybody has a working combination of the above ? I get a ID login page and after that I always get a access denied page. I get this exception on the agent logs:
2004-10-14 16:28:00.917 Warning 6347:c1818 PolicyAgent: in get_cookie: no cooki
e in ap_table
2004-10-14 16:28:01.895 Warning 6359:c1818 PolicyAgent: Invalid URL for propert
y (com.sun.am.policy.agents.accessDeniedURL) specified
2004-10-14 16:28:56.742 Warning 6349:c1818 PolicyAgent: am_web_is_access_allowe
d(http://xx.xx.xx.net:8080/, GET) denying access: status = access de
nied (20)
2004-10-14 16:28:56.743 128 6349:c1818 RemoteLog: User testuser1 was denie
d access to http://xx.xx.xx.net:8080/.
2004-10-14 16:28:56.831 -1 6349:c1818 PolicyAgent: URL Access Agent: acces
s denied to testuser1
We can ignore Invalid URL property part because its just looking for a custom url in place there. I have cookies enabled in my browser. I even turned on the prompt option. No luck yet.
Any suggestions would be of great help.
Thanks,
Sunil.From your description, since the agent installs file with a different JRE, I would suspect it has something to do with the availability of JCE provider in the first JRE. By default, WebSphere's JRE is equipped with IBM JCE provider which is what the agent uses to encrypt the necessary
information. If this provider is not configured correctly it could result in the error that you are seeing. Please check the WebSphere installation and make sure that the JRE used by it has the necessary IBM JCE provider configured. The java.security file for this should contain something like:
security.provider.1=sun.security.provider.Sun
security.provider.2=com.ibm.crypto.provider.IBMJCE
security.provider.3=com.ibm.jsse.IBMJSSEProvider
security.provider.4=com.ibm.security.cert.IBMCertPath
security.provider.5=com.ibm.crypto.pkcs11.provider.IBMPKCS11
Also, make sure that when you are installing the agent you specify the Java Home as prompted by the agent to point to the location where this JRE is installed. Typically this is under WebSphere/AppServer/java directory. HTH, Jerry -
Proxy Server 3.6 with Identity Server 5.1!
Hi All,
I'm doing a Proof of Concept on integrating Identity Server 5.1 with proxy server 3.6. The proxy server is configured as a reverse proxy for another web server (since the web server is not supported by agent pack).
I've configured the reverse proxy and add the agent to the proxy. However, each time after auth. in the Identity server and return back to the reverse proxy, it'll go to http://rproxy.domain.com/.domain.com not http://rproxy.domain.com.
Moreover, even the user session is invalid, the user can go to the reverse proxy without re-auth even I've disable all the cache in the proxy server.
Is it possible to use reverse proxy with identity server? If yes, how to config?
Thanks
Clive ChanHi Clive Chan,
i am also have the same problem, can you tell me which patch have you add to solve the problem?
Thanks a lot!
Angus -
Page Not Found error when accessing the Identity server console
Hi,
I have installed the Sun One Portal Server.
when i access the URL for Identity server, i am getting Page not Found exception.
Any suggestions, why this problem could occur.
Regards,
MuktaFirst the obvious: Restart the Webserver/Application Server
Did you choose "Configure Later"?
Is amconsole/amserver/... really deployed? You can see this in the Admin web interface of the server.
Do you see anything in the logfiles?
Chris -
Identity Server administration console NOT ACCESSIBLE!
hello, I get the following error when I enter the
any comments are appreciated!
thanks
following URL:
http://FullyQualifiedHostName:port/amconsole
Root Cause
java.lang.VerifyError: (class: com/iplanet/services/comm/https/ApprovalCallback, method: approve signature: (Lorg/mozilla/jss/crypto/X509Certificate;Lorg/mozilla/jss/ssl/SSLCertificateApprovalCallback$ValidityStatus;)Z) Incompatible object argument for function call
at com.iplanet.services.comm.https.HttpsClient.doConnect(HttpsClient.java:274)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:402)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:618)
at sun.net.www.http.HttpClient.(HttpClient.java:306)
at sun.net.www.http.HttpClient.(HttpClient.java:254)
at com.iplanet.services.comm.https.HttpsClient.(HttpsClient.java:191)
at com.iplanet.services.comm.https.HttpsClient.New(HttpsClient.java:219)
at com.iplanet.services.comm.https.HttpsURLConnection.connect(HttpsURLConnection.java:112)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:569)
at com.iplanet.services.comm.client.PLLClient.send(PLLClient.java:113)
at com.iplanet.services.comm.client.PLLClient.send(PLLClient.java:71)
at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:335)
at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:308)
at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:219)
at com.iplanet.dpro.session.service.SessionService.(SessionService.java:1106)
at com.iplanet.dpro.session.service.SessionService.getSessionService(SessionService.java:256)
at com.sun.identity.authentication.service.AuthD.getSS(AuthD.java:593)
at com.sun.identity.authentication.service.AuthD.initAuthSessions(AuthD.java:614)
at com.sun.identity.authentication.service.AuthD.(AuthD.java:203)
at com.sun.identity.authentication.service.AuthD.getAuth(AuthD.java:368)
at com.sun.identity.authentication.UI.LoginServlet.initializeRequestContext(LoginServlet.java:97)
at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:407)
at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:324)
at com.iplanet.jato.ApplicationServletBase.doGet(ApplicationServletBase.java:294)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at org.apache.catalina.core.StandardWrapperValve.invokeServletService(StandardWrapperValve.java:720)
at org.apache.catalina.core.StandardWrapperValve.access$000(StandardWrapperValve.java:118)
at org.apache.catalina.core.StandardWrapperValve$1.run(StandardWrapperValve.java:278)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:274)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:212)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:203)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
at com.iplanet.ias.web.connector.nsapi.NSAPIProcessor.process(NSAPIProcessor.java:158)
at com.iplanet.ias.web.WebContainer.service(WebContainer.java:850)
whole error:
Sun ONE Application Server - HTTP Status 500 Error
The server encountered an internal error (Internal Server Error) that prevented it from fulfilling this request.
Type: Exception Report
Message: Internal Server Error
Exception
javax.servlet.ServletException: Servlet execution threw an exception
at org.apache.catalina.core.StandardWrapperValve.invokeServletService(StandardWrapperValve.java:742)
at org.apache.catalina.core.StandardWrapperValve.access$000(StandardWrapperValve.java:118)
at org.apache.catalina.core.StandardWrapperValve$1.run(StandardWrapperValve.java:278)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:274)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:212)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:203)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
at com.iplanet.ias.web.connector.nsapi.NSAPIProcessor.process(NSAPIProcessor.java:158)
at com.iplanet.ias.web.WebContainer.service(WebContainer.java:850)
Root Cause
java.lang.VerifyError: (class: com/iplanet/services/comm/https/ApprovalCallback, method: approve signature: (Lorg/mozilla/jss/crypto/X509Certificate;Lorg/mozilla/jss/ssl/SSLCertificateApprovalCallback$ValidityStatus;)Z) Incompatible object argument for function call
at com.iplanet.services.comm.https.HttpsClient.doConnect(HttpsClient.java:274)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:402)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:618)
at sun.net.www.http.HttpClient.(HttpClient.java:306)
at sun.net.www.http.HttpClient.(HttpClient.java:254)
at com.iplanet.services.comm.https.HttpsClient.(HttpsClient.java:191)
at com.iplanet.services.comm.https.HttpsClient.New(HttpsClient.java:219)
at com.iplanet.services.comm.https.HttpsURLConnection.connect(HttpsURLConnection.java:112)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:569)
at com.iplanet.services.comm.client.PLLClient.send(PLLClient.java:113)
at com.iplanet.services.comm.client.PLLClient.send(PLLClient.java:71)
at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:335)
at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:308)
at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:219)
at com.iplanet.dpro.session.service.SessionService.(SessionService.java:1106)
at com.iplanet.dpro.session.service.SessionService.getSessionService(SessionService.java:256)
at com.sun.identity.authentication.service.AuthD.getSS(AuthD.java:593)
at com.sun.identity.authentication.service.AuthD.initAuthSessions(AuthD.java:614)
at com.sun.identity.authentication.service.AuthD.(AuthD.java:203)
at com.sun.identity.authentication.service.AuthD.getAuth(AuthD.java:368)
at com.sun.identity.authentication.UI.LoginServlet.initializeRequestContext(LoginServlet.java:97)
at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:407)
at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:324)
at com.iplanet.jato.ApplicationServletBase.doGet(ApplicationServletBase.java:294)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at org.apache.catalina.core.StandardWrapperValve.invokeServletService(StandardWrapperValve.java:720)
at org.apache.catalina.core.StandardWrapperValve.access$000(StandardWrapperValve.java:118)
at org.apache.catalina.core.StandardWrapperValve$1.run(StandardWrapperValve.java:278)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:274)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:212)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:203)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
at com.iplanet.ias.web.connector.nsapi.NSAPIProcessor.process(NSAPIProcessor.java:158)
at com.iplanet.ias.web.WebContainer.service(WebContainer.java:850)Check out Thread: Running SSL on Identity Server by brkan dated August 2, 2004. It gives a solution to the problem that worked for me.
-
Can I upgrade Sun ONE Identity Server 6.0 schema v1.0 to schema v2.0
I'm have Sun ONE Identity Server 6.0
now I install Sun Java Communications Suite 5,but I'm copy dssetp to Sun ONE Identity Server 6.0 host,
i'm run pl comm_dssetup.pl
Welcome to the Directory Server preparation tool for
Sun Java(tm) System communication services.
(Version 6.3 Revision 1.0)
This tool prepares your directory server for use by the
communications services which include Messaging, Calendar and their components.
The logfile is /var/tmp/dssetup_20050830165940.log.
Do you want to continue [y]:
Please enter the full path to the directory where the Sun ONE
Directory Server was installed.
Directory server root [/usr/iplanet/servers/slapd-ids] : /usr/iplanet/servers/slapd-ids
Please select a directory server instance from the following list:
[1] slapd-sunldap
Which instance do you want [1]:
Please enter the directory manager DN [cn=Directory Manager]: cn=DirMan
Password:
DirectoryServernotrunningornotlisteningtoport389.*
DetectedDSversion0.0*
Pleasecorrecttheproblemandre-runthisscript.*Hi,
whr25 wrote:
I'm have Sun ONE Identity Server 6.0
now I install Sun Java Communications Suite 5,but I'm copy dssetp to Sun ONE Identity Server 6.0 host,
i'm run pl comm_dssetup.pl
Welcome to the Directory Server preparation tool for
Sun Java(tm) System communication services.
(Version 6.3 Revision 1.0)
This tool prepares your directory server for use by the
communications services which include Messaging, Calendar and their components.
The logfile is /var/tmp/dssetup_20050830165940.log.
Do you want to continue [y]:
Please enter the full path to the directory where the Sun ONE
Directory Server was installed.
Directory server root [/usr/iplanet/servers/slapd-ids] : /usr/iplanet/servers/slapd-ids
Please select a directory server instance from the following list:
[1] slapd-sunldap
Which instance do you want [1]:
Please enter the directory manager DN [cn=Directory Manager]: cn=DirMan
Password:
DirectoryServernotrunningornotlisteningtoport389.*
DetectedDSversion0.0*
Pleasecorrecttheproblemandre-runthisscript.*So is the directory server instance running?
I'm a little unsure as to what your actual problem is. You say "Can I upgrade Sun ONE Identity Server 6.0 schema v1.0 to schema v2.0" in the question subject but then don't clarify this in the above.
Regards,
Shane. -
Sun Identity Server on Windows 2003?
When will the Sun Java Systems Identity Server be available for Windows 2003?
Thanks,
EoinI am having the same problem with this entry not being found in the registry. I've performed a search for 'Identity Manager' and found the gateway entry values here instead:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Sevices\IdentityManagerGateway
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Sevices\IdentityManagerGateway
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Sevices\IdentityManagerGateway
Please advise how to turn on the gateway loggin feature if this would make the specific entry to HKEY_LOCAL_MACHINE\SOFTWARE.... in the registry.
Thanks. -
Page not found error while accessing Identity server console(Error Code:50)
Hi Guys,
Whenever I am trying to access the admin console of Identity server I am getting Page not found error. I believe some configuration must be missing for which I am getting this error. I am accessing the URL through following URL
http://<Portal Server Fully Qualified Domain Name>/amconsole
Please Help me if anybody has come across this problemHi,
First of all,check your install logs.
Most likely you should find errors like the following
"cannot access /usr/jdk/ent2se "
"/usr/jdk/bin/jar" not found etc.
In these cases the problem is the JDK version.
Install the latest version of JDK and make sure that
/usr/bin/java points to the installed JDK version.
HTH,
Ramnath
Maybe you are looking for
-
Bridge mode not supported for lap1261N
Hello, I have a WLC2504 and 2 LAP1261N (converted from autonomous to lightweight) with release 7.0.116.0 and I want to create a point-to-point mesh link between the 2 APs. When trying to change the APs mode from local to bridge I receive the message
-
How to recover ZFS pool after re-installation of Solaris10
I have two disks(c1t0d0-disk1, c1t1d0-disk2) and I installed Solaris 10(fresh installation) in a slice of disk1. On the other hand, I have ZFS filesystem in a slice of disk2. I would like to restore old ZFS filesystem in disk2. How do I recover old Z
-
My PC had been working fine for several hours till I tried to sort out a problem with a silent front speaker. The front right speaker (5.1 system) sometimes stops working but can usually be fixed by repositioning or reinserting the plug in the onboa
-
Packing Material Functionality
Dear All, Description of Scenario: I have BOM for FG(Finished Goods) with RM(Raw material) and PM(Packing Material), where Packing Material Being BOX. In BOX we can pack 15 nos of FG, thus in BOM the quantity of BOX would be (1/15 = 0.067) to manufac
-
Internet Explorer Security Warning Message
Hi am using pure html and am sure not using any active components in my page. When i preview in Internet Explorer, though it shows the page, but in the top it gives a security warning: To help protect your security, Internet Explorer has restricted t