Identity Server 6.1 problem in appserver 7.0

Hi,
I am trying to install ID6.1 on Appserver 7.0.They are all part of JES03Q4Sparc bits.
After installing the ID6.1 on Appserver7.0 ,i am not able to bring the amconsole.It says "page cannot be found".
I looked into the log file and there are visible problems during installation.
1./var/sadm/pkg/SUNWamsdk/install/postinstall: /usr/jdk/entsys-j2se/bin/native2ascii: not found
/var/sadm/pkg/SUNWamsdk/install/postinstall: /usr/jdk/entsys-j2se/bin/jar: not found
2: cannot access /opt/SUNWam/web-apps/introduction/WEB-INF/web.xml
/var/sadm/pkg/SUNWamsai/install/postinstall: /opt/SUNWam/web-apps/introduction/WEB-INF/web.xml: cannot create
cp: cannot access /opt/SUNWam/web-apps/introduction/WEB-INF/classes/FSIntroConfig.properties
3Installation of <SUNWamsai> was successful.
ps/introduction/WEB-INF/classes/FSIntroConfig.properties: cannot create
/var/sadm/pkg/SUNWamsai/install/postinstall: /usr/jdk/entsys-j2se/bin/jar: not found
mv: cannot access introduction.war
Installed Package: SUNWamsai
Install complete.
I could see the amadmin user in the directory server 5.2.The only problem seems to be that installation fails to load amconsole,ampassword related webmodule into the appserver.
Btw,am using JDK1.4_0_6.
Any help would be greatly appreciated.
Thanks

it is evident that your jdk is not installed properly
jar and native2ascii are required for successful install
make sure these utilities installed properly
and reinstall ID server

Similar Messages

  • Problems Starting Identity Server

    Greetings all,
    I'm attempting to get Identity Server installed and running under Web Server 6.0SP5.
    I've created and installed a war, set the waveset.home option on the JVM, I've imported the init.xml (MySQL DB) and ran through the Demo Org wizard. That all has gone fine until I restarted the web server to login (previoulsy showing the Import Exchange File page.)
    Now when the web server attempts to start up the servlet(s) I get this error:
    info: CORE3282: stdout: Constructing Startup Servlet...
    info: CORE3282: stdout: Initializing Startup Servlet...
    info: CORE3282: stdout: Defining system properties...
    info: CORE3282: stdout: StartupServlet: waveset.home already defined as /opt/SUNWwbsvr/https-spiega.web.pplsi.com/webapps/https-spiega.web.pplsi.com/idm/
    info: CORE3282: stdout: StartupServlet: Defining properties from web.xml
    info: CORE3282: stdout: Starting: Identity Server...
    warning: CORE3283: stderr: java.lang.NullPointerException
    warning: CORE3283: stderr: at org.mozilla.jss.crypto.PBEKeyGenParams.<init>(PBEKeyGenParams.java:67)
    warning: CORE3283: stderr: at org.mozilla.jss.provider.javax.crypto.JSSSecretKeyFactorySpi.makePBEKeyGenParams(JSSSecretKeyFactorySpi.java:106)
    warning: CORE3283: stderr: at org.mozilla.jss.provider.javax.crypto.JSSSecretKeyFactorySpi.engineGenerateSecret(JSSSecretKeyFactorySpi.java:147)
    warning: CORE3283: stderr: at javax.crypto.SecretKeyFactory.generateSecret(DashoA12275)
    warning: CORE3283: stderr: at com.waveset.util.CryptoUtil.generatePBEKey(CryptoUtil.java:196)
    warning: CORE3283: stderr: at com.waveset.util.Encryptor.generateKey(Encryptor.java:350)
    warning: CORE3283: stderr: at com.waveset.security.authn.ServerKeyStore.setKeyEncryptionKey(ServerKeyStore.java:393)
    warning: CORE3283: stderr: at com.waveset.security.authn.ServerKeyStore.startMeUp(ServerKeyStore.java:104)
    warning: CORE3283: stderr: at com.waveset.server.Server.init(Server.java:333)
    warning: CORE3283: stderr: at com.waveset.server.Server.start(Server.java:217)
    warning: CORE3283: stderr: at com.waveset.server.Server.getServer(Server.java:807)
    warning: CORE3283: stderr: at com.waveset.server.Server.getServer(Server.java:784)
    warning: CORE3283: stderr: at com.waveset.server.StartupServlet.startServer(StartupServlet.java:402)
    warning: CORE3283: stderr: at com.waveset.server.StartupServlet.init(StartupServlet.java:93)
    warning: CORE3283: stderr: at javax.servlet.GenericServlet.init(GenericServlet.java:256)
    warning: CORE3283: stderr: at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:921)
    warning: CORE3283: stderr: at org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:813)
    warning: CORE3283: stderr: at org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:3478)
    warning: CORE3283: stderr: at org.apache.catalina.core.StandardContext.start(StandardContext.java:3760)
    warning: CORE3283: stderr: at com.iplanet.ias.web.WebModule.start(WebModule.java:251)
    warning: CORE3283: stderr: at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1133)
    warning: CORE3283: stderr: at org.apache.catalina.core.StandardHost.start(StandardHost.java:652)
    warning: CORE3283: stderr: at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1133)
    warning: CORE3283: stderr: at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:355)
    warning: CORE3283: stderr: at org.apache.catalina.startup.Embedded.start(Embedded.java:995)
    warning: CORE3283: stderr: at com.iplanet.ias.web.WebContainer.start(WebContainer.java:431)
    warning: CORE3283: stderr: at com.iplanet.ias.web.WebContainer.startInstance(WebContainer.java:500)
    warning: CORE3283: stderr: at com.iplanet.ias.server.J2EERunner.confPostInit(J2EERunner.java:161)
    info: CORE3282: stdout: Problem starting Identity server: com.waveset.util.WavesetException:
    info: CORE3282: stdout: ==> java.lang.NullPointerException:
    info: CORE3282: stdout: ...Finished starting Startup Servlet
    I've downloaded the laters jss4.jar from mozilla and placed it in the $WSHOME/WEB-INF/lib directory and added it to the front of the JVM's class path.
    Any further suggestions. I really appreciate any help.
    Thanks!
    Jeremy

    Jeremy,
    What is the version of IDM you are trying to install/run? Also, what is "Web Server 6.0SP5"? Is that the Sun Web server?
    You may want to check if the version of IDM you are trying to install is supported on the version of web server you are installing on.
    ~Suvesh

  • Problem with a dual Identity Server

    Hi!
    We are currently deploying MS 6.0p1. We have two servers for Identity Server and Directory Server is replicating its database on both machines. Problem that we have is that on second Identity Server we can not log on with simple user name but with this "uid=admin, ou=people, dc=domain, dc=com". On first server we can log on with simple user name.
    Any ideas?

    Found the log, but the log does not tell much!
    05/16/2004 08:37:30:406 PM CEST: Thread[Thread-23,5,main]
    adminDN-> uid=amAdmin,ou=People,dc=bih,dc=net,dc=ba
    Host: sis2.bih.net.ba
    PORT : 389
    05/16/2004 08:37:30:585 PM CEST: Thread[Thread-23,5,main]
    LDAP resbundle locale=en_US
    05/16/2004 08:37:31:067 PM CEST: Thread[Thread-23,5,main]
    currentState : 1
    05/16/2004 08:37:31:068 PM CEST: Thread[Thread-23,5,main]
    you are in LoginScreen:1
    05/16/2004 08:37:31:069 PM CEST: Thread[Thread-23,5,main]
    LDAP initialize()
    05/16/2004 08:37:31:070 PM CEST: Thread[Thread-23,5,main]
    attrs is : []
    05/16/2004 08:37:31:283 PM CEST: Thread[Thread-23,5,main]
    bindDN-> cn=amldapuser,ou=DSAME Users,dc=bih,dc=net,dc=ba
    baseDN-> o=bih.net.ba,dc=bih,dc=net,dc=ba
    userNamingAttr-> uid
    userSearchAttr(s)-> [uid]
    userCreationAttrs-> []
    searchFilter->
    searchScope-> 2
    ssl-> false
    authLevel: 0
    Host: sis1.bih.net.ba
    PORT : 389
    Pattern : *|(|)|&|!
    05/16/2004 08:37:31:295 PM CEST: Thread[Thread-23,5,main]
    Connecting to sis1.bih.net.ba:389
    Searching o=bih.net.ba,dc=bih,dc=net,dc=ba for (uid=amdin)
    scope = 2
    05/16/2004 08:37:31:296 PM CEST: Thread[Thread-23,5,main]
    Create ConnectionPool: sis1.bih.net.ba:389
    05/16/2004 08:37:31:297 PM CEST: Thread[Thread-23,5,main]
    LDAPAuthUtils.LDAPAuthUtils: min=1, max=10
    05/16/2004 08:37:31:308 PM CEST: Thread[Thread-23,5,main]
    Cannot authenticate
    05/16/2004 08:37:31:313 PM CEST: Thread[Thread-23,5,main]
    Invalid password.
    05/16/2004 08:37:46:648 PM CEST: Thread[Thread-28,5,main]
    LDAP resbundle locale=en_US
    05/16/2004 08:37:46:728 PM CEST: Thread[Thread-28,5,main]
    currentState : 1
    05/16/2004 08:37:46:728 PM CEST: Thread[Thread-28,5,main]
    you are in LoginScreen:1
    05/16/2004 08:37:46:729 PM CEST: Thread[Thread-28,5,main]
    LDAP initialize()
    05/16/2004 08:37:46:730 PM CEST: Thread[Thread-28,5,main]
    attrs is : []
    05/16/2004 08:37:46:730 PM CEST: Thread[Thread-28,5,main]
    bindDN-> cn=amldapuser,ou=DSAME Users,dc=bih,dc=net,dc=ba
    baseDN-> o=bih.net.ba,dc=bih,dc=net,dc=ba
    userNamingAttr-> uid
    userSearchAttr(s)-> [uid]
    userCreationAttrs-> []
    searchFilter->
    searchScope-> 2
    ssl-> false
    authLevel: 0
    Host: sis1.bih.net.ba
    PORT : 389
    Pattern : *|(|)|&|!
    05/16/2004 08:37:46:760 PM CEST: Thread[Thread-28,5,main]
    Connecting to sis1.bih.net.ba:389
    Searching o=bih.net.ba,dc=bih,dc=net,dc=ba for (uid=amdin)
    scope = 2
    05/16/2004 08:37:46:766 PM CEST: Thread[Thread-28,5,main]
    Cannot authenticate
    05/16/2004 08:37:46:768 PM CEST: Thread[Thread-28,5,main]
    Invalid password.
    05/16/2004 08:41:50:583 PM CEST: Thread[Thread-29,5,main]
    LDAP resbundle locale=en_US
    05/16/2004 08:41:50:614 PM CEST: Thread[Thread-29,5,main]
    currentState : 1
    05/16/2004 08:41:50:614 PM CEST: Thread[Thread-29,5,main]
    you are in LoginScreen:1
    05/16/2004 08:41:50:615 PM CEST: Thread[Thread-29,5,main]
    LDAP initialize()
    05/16/2004 08:41:50:616 PM CEST: Thread[Thread-29,5,main]
    attrs is : []
    05/16/2004 08:41:50:616 PM CEST: Thread[Thread-29,5,main]
    bindDN-> cn=amldapuser,ou=DSAME Users,dc=bih,dc=net,dc=ba
    baseDN-> o=bih.net.ba,dc=bih,dc=net,dc=ba
    userNamingAttr-> uid
    userSearchAttr(s)-> [uid]
    userCreationAttrs-> []
    searchFilter->
    searchScope-> 2
    ssl-> false
    authLevel: 0
    Host: sis1.bih.net.ba
    PORT : 389
    Pattern : *|(|)|&|!
    05/16/2004 08:41:50:622 PM CEST: Thread[Thread-29,5,main]
    Connecting to sis1.bih.net.ba:389
    Searching o=bih.net.ba,dc=bih,dc=net,dc=ba for (uid=amdin)
    scope = 2
    05/16/2004 08:41:50:628 PM CEST: Thread[Thread-29,5,main]
    Cannot authenticate
    05/16/2004 08:41:50:629 PM CEST: Thread[Thread-29,5,main]
    Invalid password.
    05/16/2004 08:43:45:894 PM CEST: Thread[Thread-30,5,main]
    LDAP resbundle locale=en_US
    05/16/2004 08:43:45:974 PM CEST: Thread[Thread-30,5,main]
    currentState : 1
    05/16/2004 08:43:45:974 PM CEST: Thread[Thread-30,5,main]
    you are in LoginScreen:1
    05/16/2004 08:43:45:975 PM CEST: Thread[Thread-30,5,main]
    LDAP initialize()
    05/16/2004 08:43:45:975 PM CEST: Thread[Thread-30,5,main]
    attrs is : []
    05/16/2004 08:43:45:978 PM CEST: Thread[Thread-30,5,main]
    bindDN-> cn=amldapuser,ou=DSAME Users,dc=bih,dc=net,dc=ba
    baseDN-> o=bih.net.ba,dc=bih,dc=net,dc=ba
    userNamingAttr-> uid
    userSearchAttr(s)-> [uid]
    userCreationAttrs-> []
    searchFilter->
    searchScope-> 2
    ssl-> false
    authLevel: 0
    Host: sis1.bih.net.ba
    PORT : 389
    Pattern : *|(|)|&|!
    05/16/2004 08:43:45:984 PM CEST: Thread[Thread-30,5,main]
    Connecting to sis1.bih.net.ba:389
    Searching o=bih.net.ba,dc=bih,dc=net,dc=ba for (uid=amdin)
    scope = 2
    05/16/2004 08:43:45:989 PM CEST: Thread[Thread-30,5,main]
    Cannot authenticate
    05/16/2004 08:43:45:991 PM CEST: Thread[Thread-30,5,main]
    Invalid password.
    05/16/2004 08:45:46:145 PM CEST: Thread[Thread-31,5,main]
    LDAP resbundle locale=en_US
    05/16/2004 08:45:46:172 PM CEST: Thread[Thread-31,5,main]
    currentState : 1
    05/16/2004 08:45:46:173 PM CEST: Thread[Thread-31,5,main]
    you are in LoginScreen:1
    05/16/2004 08:45:46:173 PM CEST: Thread[Thread-31,5,main]
    LDAP initialize()
    05/16/2004 08:45:46:174 PM CEST: Thread[Thread-31,5,main]
    attrs is : []
    05/16/2004 08:45:46:174 PM CEST: Thread[Thread-31,5,main]
    bindDN-> cn=amldapuser,ou=DSAME Users,dc=bih,dc=net,dc=ba
    baseDN-> o=bih.net.ba,dc=bih,dc=net,dc=ba
    userNamingAttr-> uid
    userSearchAttr(s)-> [uid]
    userCreationAttrs-> []
    searchFilter->
    searchScope-> 2
    ssl-> false
    authLevel: 0
    Host: sis1.bih.net.ba
    PORT : 389
    Pattern : *|(|)|&|!
    05/16/2004 08:45:46:179 PM CEST: Thread[Thread-31,5,main]
    Connecting to sis1.bih.net.ba:389
    Searching o=bih.net.ba,dc=bih,dc=net,dc=ba for (uid=admin)
    scope = 2
    05/16/2004 08:45:46:184 PM CEST: Thread[Thread-31,5,main]
    Cannot authenticate
    05/16/2004 08:45:46:185 PM CEST: Thread[Thread-31,5,main]
    Invalid password.

  • Custom Authentication Module on Identity Server

    Hi,
    I have a custom authentication module which I am trying to access through the policy agent.
    I have set the following property in AMAgent.properties file
    com.sun.am.policy.am.loginURL= http://host:port/amserver/UI/Login?module=CustomLoginModule.
    My login module code is something like this:
    package com.iplanet.am.samples.authentication.providers;
    import java.util.*;
    import javax.security.auth.Subject;
    import javax.security.auth.callback.Callback;
    import javax.security.auth.callback.NameCallback;
    import javax.security.auth.callback.PasswordCallback;
    import javax.security.auth.login.LoginException;
    import com.sun.identity.authentication.spi.AMLoginModule;
    import com.sun.identity.authentication.spi.AuthLoginException;
    import java.rmi.RemoteException;
    import java.io.FileInputStream;
    import java.util.Properties;
    public class LoginModule1 extends AMLoginModule
    private String userName;
    private String userTokenId;
    private HashMap usersMap;
    private java.security.Principal userPrincipal = null;
    public LoginModule1() throws LoginException
    public void init(Subject subject, Map sharedState, Map options)
              System.out.println("LoginModule1 initialization");
              usersMap = new HashMap();
              ResourceBundle bundle = ResourceBundle.getBundle("users");
              Enumeration users = bundle.getKeys();
              while (users.hasMoreElements())
                   String user = (String)users.nextElement();
                   String password = bundle.getString(user.trim());
                   usersMap.put(user, password);
    public int process(Callback[] callbacks, int state) throws AuthLoginException
              int currentState = state;
              if (currentState == 1)
                   userName = ((NameCallback) callbacks[0]).getName().trim();
                   char[] passwd = ((PasswordCallback) callbacks[1]).getPassword();
                   String passwdString = new String (passwd);
                   if (userName.equals(""))
                        throw new AuthLoginException("names must not be empty");
                   if (userName.equals("testuser") && passwdString.equals("testuser"))
                        userTokenId = userName;
                        return -1;
                   if (usersMap.containsKey(userName))
                        if (usersMap.get(userName).equals(new String(passwd)))
                             userTokenId = userName;
                             return -1;
                   return 0;
         public java.security.Principal getPrincipal()
              if (userPrincipal != null)
                   return userPrincipal;
              else
              if (userTokenId != null)
                   userPrincipal = new SamplePrincipal("testuser");
                   return userPrincipal;
              else
                   return null;
    So When the user requests a protected resource, the policy agent forwards the user to Identity Server with the module as CustomLoginModule. However, after this, authentication does not succeed and I get the following error message in the agent log file.
    2004-08-09 15:24:08.640 Error 2712:130f060 PolicyAgent: validate_session_policy() access allowed to unknown user
    2004-08-09 15:24:09.030 Error 2712:24fda5e8 PolicyAgent: validate_session_policy() access allowed to unknown user
    2004-08-09 15:24:23.484 Error 2712:130f060 PolicyAgent: validate_session_policy() access allowed to unknown user
    2004-08-09 15:24:28.281 Error 2712:24fda5e8 PolicyEngine: am_policy_evaluate: InternalException in Service::construct_auth_svc with error message:Application authentication failed during service creation. and code:20
    2004-08-09 15:24:28.281 Error 2712:24fda5e8 PolicyAgent: validate_session_policy() access allowed to unknown user
    2004-08-09 15:24:29.484 Error 2712:130f060 PolicyAgent: validate_session_policy() access allowed to unknown user
    2004-08-09 15:24:29.499 Error 2712:24fda5e8 PolicyEngine: am_policy_evaluate: InternalException in Service::construct_auth_svc with error message:Application authentication failed during service creation. and code:20
    2004-08-09 15:24:29.499 128 2712:24fda5e8 RemoteLog: User unknown was denied access to http://ps0391.persistent.co.in:80/test/index.html.
    2004-08-09 15:24:29.499 Error 2712:24fda5e8 LogService: LogService::logMessage() loggedBy SSOTokenID is invalid.
    2004-08-09 15:24:29.499 Error 2712:24fda5e8 all: am_log_vlog() failed with status AM_REMOTE_LOG_FAILURE.
    2004-08-09 15:24:29.499 -1 2712:24fda5e8 PolicyAgent: validate_session_policy() access denied to unknown user
    The necessary policy object is already created in Identity Server. Please send your suggestions to fix this problem.
    Thanks
    Srinivas

    Does the principal "testuser" exist in your realm? If I understand your module correctly, it looks like it always returns "testuser".
    I am guessing that Access Manager is not finding your principal. Typically if access manager cannot associate the principal returned by the custom AMLoginModule it will fail the authentication.
    I am wondering if this is related to a seperate problem I have seen with custom login modules. Try chaning the code to return an LDAP style principal it may work:
    so return "uid=testuser,ou=People,dc=yourdomain,dc=com" for example. In theory this should not be necessary but it solved some problems for me, though I am not sure why.

  • Work around for server not found problems on FF36

    I have found a work around for all the people having server not found problems with FF36.
    If you manually set your network adapter DNS to an external DNS server (as opposed to your local ISP) then the problem goes away. I set mine to use the two google DNS servers:
    Preferred: 8.8.8.8
    Alternate: 8.8.4.4
    Not a clue why this works but it is 100% successful on my desktop PC, whereas before I could hardly connect to a webpage with FF36 without multiple page refreshes and much frustration, even though FF35 was fine and rolling back to FF35 was also fine.
    Something has changed in FF36 and either the way it handles DNS or the way it works with some network adapters.
    It is nothing to do with add-ons, profiles or firewall software as I have tried all of these things and only the DNS change made a difference. I even copied over a full working profile and the program files directory for Mozilla from my portable which was having no problems and the problem still existed on the desktop, which is why I started looking at the network adapater since everything else between the working PC and the non working one was identical.
    Hopefully this will help the developers to pin down the real cause of the problem and fix it in the next release.

    Well done. Thanks for finding that.
    That is not only assigned but has an approved patch included in the scheduled Fx36.0.1 release so it should be fixed in few days, watch out for the upgrade.
    * Bug 1093983 - DNS resolver should not use 'ANY' to get cached records for TTL <sup>[https://bugzilla.mozilla.org/show_bug.cgi?id=1093983#c35 c#35]</sup>
    * https://wiki.mozilla.org/Firefox/Channels/Meetings/2015-03-03#Schedule_Update
    With the bug now fixed it would not really be appropriate to add further comment. I do now see another related bug assigned but not being fast tracked, so if all goes well that will probably land in Firefox 39.
    * Bug 1138242 - DNS: Request A and AAAA record types rather than ANY when obtaining TTL on Windows

  • Identity Server has not been configured for this new user/group suffix

    Hi all
    I am having a problem trying to configure the Directory Server (5.2) for Messaging Server.
    My configuration is as follows:
    SJES Q12005
    Server 1 - Directory Server 5.2
    Server 1 - Access Manager (formerly Identity Server)
    Server 1 - Web Server 6.1
    I have successfully installed the above and can login to Access Manager.
    I next installed Calendar & Messengar Server on "Server 1". Upon running "comm_dssetup.pl" from /opt/SUNWcomds/sbin, I get the following error:
    "Identity Server has not been configured for this new user/group suffix"
    Copy and paste of what I entered:
    bash-2.05# perl comm_dssetup.pl
    Welcome to the Directory Server preparation tool for
    Sun Java(tm) System communication services.
    (Version 6.3 Revision 1.0)
    This tool prepares your directory server for use by the
    communications services which include Messaging, Calendar and their components.
    The logfile is /var/tmp/dssetup_20050830165940.log.
    Do you want to continue [y]:
    Please enter the full path to the directory where the Sun ONE
    Directory Server was installed.
    Directory server root [var/opt/mps/serverroot] : /opt/mps/serverroot
    Please select a directory server instance from the following list:
    [1] slapd-sunldap
    Which instance do you want [1]:
    Please enter the directory manager DN [cn=Directory Manager]: cn=DirMan
    Password:
    Detected DS version 5.2
    Will this directory server be used for users/groups [Yes]:
    Please enter the Users/Groups base suffix [dc=samplecompany-dev,dc=co,dc=uk] : ou=infrastructure,o=sampletown,dc=samplecompany-dev,dc=co,dc=uk
    There are 3 possible schema types:
    1 - schema 1 for systems with iMS 5.x data
    1.5 - schema 2 compatibility for systems with iMS 5.x data
    that has been converted with commdirmig
    2 - schema 2 native for systems using Identity Server
    Please enter the Schema Type (1, 1.5, 2) [1]: 2
    Identity Server has not been configured for this new user/group suffix
    You can opt to continue, but you will not be able to use
    features that depend on Identity Server
    Are you sure you want this schema type? [n]:
    I have entered my user group suffix exactly as specified during the Access Manager install (hence I am able to login as "amadmin").
    Looking at the LDAP logs to try and figure out whats going wrong I see its not getting hits on all searches it is performing:
    [30/Aug/2005:16:41:18 +0100] conn=299 op=159 msgId=161 - SRCH base="ou=services,ou=infrastructure,o=northampton,dc=dataforce-
    dev,dc=co,dc=uk" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1)(|(objectClass=*)(objectClass=ldapsubentry)))(obj
    ectClass=referral)(objectClass=organization)(objectClass=organizationalUnit)(objectClass=netscapeServer)(objectClass=netscape
    Resource)(objectClass=domain))" attrs="dn"
    [30/Aug/2005:16:41:18 +0100] conn=299 op=159 msgId=161 - RESULT err=4 tag=101 nentries=1 etime=0
    [30/Aug/2005:16:41:18 +0100] conn=299 op=160 msgId=162 - ABANDON targetop=NOTFOUND msgid=161
    [30/Aug/2005:16:41:18 +0100] conn=299 op=161 msgId=163 - SRCH base="ou=people,ou=infrastructure,o=northampton,dc=dataforce-de
    v,dc=co,dc=uk" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1)(|(objectClass=*)(objectClass=ldapsubentry)))(objec
    tClass=referral)(objectClass=organization)(objectClass=organizationalUnit)(objectClass=netscapeServer)(objectClass=netscapeRe
    source)(objectClass=domain))" attrs="dn"
    [30/Aug/2005:16:41:18 +0100] conn=299 op=161 msgId=163 - RESULT err=0 tag=101 nentries=0 etime=0
    [30/Aug/2005:16:41:18 +0100] conn=299 op=162 msgId=164 - SRCH base="ou=clientdata,ou=infrastructure,o=northampton,dc=dataforc
    e-dev,dc=co,dc=uk" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1)(|(objectClass=*)(objectClass=ldapsubentry)))(o
    bjectClass=referral)(objectClass=organization)(objectClass=organizationalUnit)(objectClass=netscapeServer)(objectClass=netsca
    peResource)(objectClass=domain))" attrs="dn"
    [30/Aug/2005:16:41:18 +0100] conn=299 op=162 msgId=164 - RESULT err=0 tag=101 nentries=1 etime=0
    [30/Aug/2005:16:41:18 +0100] conn=299 op=163 msgId=165 - ABANDON targetop=NOTFOUND msgid=164
    [30/Aug/2005:16:41:20 +0100] conn=299 op=164 msgId=166 - SRCH base="ou=services,ou=infrastructure,o=northampton,dc=dataforce-
    dev,dc=co,dc=uk" scope=1 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates ref aci"
    [30/Aug/2005:16:41:20 +0100] conn=299 op=164 msgId=166 - RESULT err=0 tag=101 nentries=41 etime=0
    [30/Aug/2005:16:41:28 +0100] conn=299 op=165 msgId=167 - SRCH base="ou=services,ou=infrastructure,o=northampton,dc=dataforce-
    dev,dc=co,dc=uk" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates ref aci"
    [30/Aug/2005:16:41:28 +0100] conn=299 op=165 msgId=167 - RESULT err=0 tag=101 nentries=1 etime=0
    [30/Aug/2005:16:41:28 +0100] conn=299 op=166 msgId=168 - SRCH base="ou=services,ou=infrastructure,o=northampton,dc=dataforce-
    dev,dc=co,dc=uk" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1)(|(objectClass=*)(objectClass=ldapsubentry)))(obj
    ectClass=referral)(objectClass=organization)(objectClass=organizationalUnit)(objectClass=netscapeServer)(objectClass=netscape
    Resource)(objectClass=domain))" attrs="objectClass numSubordinates ref aci"
    [30/Aug/2005:16:41:29 +0100] conn=299 op=166 msgId=168 - RESULT err=0 tag=101 nentries=41 etime=1
    [30/Aug/2005:16:41:29 +0100] conn=299 op=167 msgId=169 - SRCH base="ou=iplanetamauthservice,ou=services,ou=infrastructure,o=n
    orthampton,dc=dataforce-dev,dc=co,dc=uk" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1)(|(objectClass=*)(objectC
    lass=ldapsubentry)))(objectClass=referral)(objectClass=organization)(objectClass=organizationalUnit)(objectClass=netscapeServ
    er)(objectClass=netscapeResource)(objectClass=domain))" attrs="dn"
    [30/Aug/2005:16:41:29 +0100] conn=299 op=167 msgId=169 - RESULT err=0 tag=101 nentries=1 etime=0
    [30/Aug/2005:16:41:29 +0100] conn=299 op=168 msgId=170 - ABANDON targetop=NOTFOUND msgid=169
    [30/Aug/2005:16:41:29 +0100] conn=299 op=169 msgId=171 - SRCH base="ou=iplanetamauthldapservice,ou=services,ou=infrastructure
    ,o=northampton,dc=dataforce-dev,dc=co,dc=uk" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1)(|(objectClass=*)(obj
    ectClass=ldapsubentry)))(objectClass=referral)(objectClass=organization)(objectClass=organizationalUnit)(objectClass=netscape
    Server)(objectClass=netscapeResource)(objectClass=domain))" attrs="dn"
    [30/Aug/2005:16:41:29 +0100] conn=299 op=169 msgId=171 - RESULT err=0 tag=101 nentries=1 etime=0
    [30/Aug/2005:16:41:29 +0100] conn=299 op=170 msgId=172 - ABANDON targetop=NOTFOUND msgid=171
    [30/Aug/2005:16:41:29 +0100] conn=299 op=171 msgId=173 - SRCH base="ou=iplanetampolicyconfigservice,ou=services,ou=infrastruc
    ture,o=northampton,dc=dataforce-dev,dc=co,dc=uk" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1)(|(objectClass=*)
    (objectClass=ldapsubentry)))(objectClass=referral)(objectClass=organization)(objectClass=organizationalUnit)(objectClass=nets
    capeServer)(objectClass=netscapeResource)(objectClass=domain))" attrs="dn"
    [30/Aug/2005:16:41:29 +0100] conn=299 op=171 msgId=173 - RESULT err=0 tag=101 nentries=1 etime=0
    [30/Aug/2005:16:41:29 +0100] conn=299 op=172 msgId=174 - ABANDON targetop=NOTFOUND msgid=173
    [30/Aug/2005:16:41:29 +0100] conn=299 op=173 msgId=175 - SRCH base="ou=iplanetamauthenticationdomainconfigservice,ou=services
    ,ou=infrastructure,o=northampton,dc=dataforce-dev,dc=co,dc=uk" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1)(|(
    --More--(83%)
    The list goes on.
    Can anyone give me any pointers?
    Thanks

    Hi
    Thanks for your reply!
    I did mis-type, my mistake - sorry about that.
    If I dont over-ride the default it works, I've pretty much got the whole setup working now but I'm not particularly over the moon about the way the ldap tree is setup, I'd like finer granuality as we are going to attempt to get syncronization working with AD.
    I have an idea about how I'd like to set up our Mail/Calendar/LDAP infrastructure the 2nd time around (I'm just testing at the mo) - so I might have a question or two for you if you dont mind taking a look when you have a minute?
    Thanks Jay

  • Integrating Messaging Server and Identity Server

    I've got JES 2004Q2, and I'm trying to install the various components on different workstations to prove that a) the software works, and b) it's a viable alternative to Exchange (so please please help me get it working!)
    The problem I have is getting Messenger Server and Directory Server talking properly so that I can create users and then log in as those users. After days of frustrating searching for solutions to this problem (and also find people who have successfully done this), I decided to install the components onto one server.
    And it worked. Installing Messaging Server, Identity Server, Web Server (contained for Identity Server), Directory Server, and Admin Server all on the same box, configuring them all to use the same directory server for UG and preferences, running the various configuration tools that come with the software, and it all works together fine. Using "./commadmin domain modify .... -S mail", I get "OK". I can add users with the "-S mail" option, log in as those users, and send emails between those users. So this tells me that the software does work, albeit on one box.
    When I try to separate the services out to separate boxes, they don't seem to integrate properly. I thought that maybe the order in which you configured applications made a difference (ie. configuring Identity Server after Messenger Server means IS will pick up on the changes made to the directory by MS, and enable it). I also tried to see if using the same options directory server from different boxes helped, but nothing. I've even tried patching them using 116568-52 and 116585-10 but no luck.
    Therefore, I've found that installing all servers on one box works, but installing them on separate boxes doesn't (despite using the same directory servers). My conclusion in this is that one of two things must be the case:
    a) there's something in the install that has to be changed to reflect the fact that the services are running on different boxes
    b) the install of the services adds files to the system somewhere which other packages in JES pick up on (hence the reason why installing everything on one box works), and this isn't documented anywhere
    Unfortunately, the output of commadmin when it fails isn't that helpful (nothing against the developers, however it doesn't really help in the fault finding process). I do believe however that the problem is with Identity Server and its configuration, rather than Messaging Server.
    Here's some (possibly) useful info:
    kipling# ./imsimta version
    Sun Java(tm) System Messaging Server 6.1 HotFix 0.01 (built Jun 24 2004)
    libimta.so 6.1 HotFix 0.01 (built 12:52:04, Jun 24 2004)
    SunOS kipling 5.8 Generic_117350-02 sun4u sparc SUNW,Sun-Blade-1500
    kipling#
    (on UG server)
    # ./commadmin domain modify -D admin -w <password> -d uwe.ac.uk -n uwe.ac.uk -S mail -H kipling.uwe.ac.uk
    FAIL
    Unable to set attribute(s)
    (some verbose mode output)
    [Debug]: Contacting : http://bronte.uwe.ac.uk:10080/commcli/TaskManager
    [Debug]: To servlet: task=ModifyDomain&objecttype=Domain&domain=uwe.ac.uk&add_services=mail&add_preferredmailhost=kipling.uwe.ac.uk
    [Debug]: RECV: FAIL
    [Debug]: RECV: Unable to set attribute(s)
    [Debug]: CLITask: status returned =FAIL
    FAIL
    Unable to set attribute(s)
    [Debug]: DBG: doOne returned code=6
    [Debug]: Contacting : http://bronte.uwe.ac.uk:10080/commcli/logout
    [Debug]: Logout ...
    [Debug]: RECV: SSOToken id AQIC5wM2LY4SfcyW5hbVBGXqCdsYYDjVarSFRMd6HIxsGho=@AAJTSQACMDE=#
    [Debug]: RECV: destroyed
    Root suffix: dc=uwe,dc=ac,dc=uk (all "o=" references have been dropped)
    All services have their own local options directory server.
    Can anyone give me any suggestions? If I log a support call with Sun, what is the likely resolution time? My ultimate goal is to get the whole suite running together, then install Portal server. Once that's working, download the connectors for Outlook and get it all working with Outlook. As I said at the start, we're hoping to show this is a viable alternative to Exchange (certainly for the backend) so any help will be greatly appreciated!
    Iain

    slo_chewie wrote:
    Does the email recipient address change when the email is sent to gmail i.e. does an email sent to [email protected] become [email protected]?
    We've got google for domains setup, so users would retain a @domain.com address regardless if there mailbox was hosted on the internal server or hosted at google.You can make use of the mailRoutingAddress: user attribute and source routing to get the desired behaviour e.g.
    => Set the following value to the LDAP entry of the user who is hosted on the gmail server. The "[email protected]" address should match the users mail: address:
    mailRoutingAddress: @gmail.com:[email protected]=> Ensure the following option has been tcp_local channel in your imta.cnf file. This option strips off the "@gmail.com" value of the recipient address before sending the email to the gmail.com servers.
    dequeue_removerouteMake sure you run "./imsimta cnbuild;./imsimta restart" after modifying the imta.cnf file.
    Regards,
    Shane.

  • Security solution with Identity server for SOX compliance

    Hi all,
    Has anybody used Identity Server as security solution to achieve SOX compliance? i want to know general view, opinions , experiance of ppl while implementing such solution.
    Just a little background of SOX: It is Created by US Congress in the wake of corporate scandals like Enron in 2001 and 2002.it is an attempts to tighten controls over corporate financial reporting and transparency.
    I am basically interested in implementing security solutions using Identity server for SOX compliance. Section 404 of this act deals with internal controls, which essentially requires organizations to provide following facilities -
    1. User Identification, authorization and access
    2. User control of user accounts
    3. Central identification and access rights/permissions management
    4. Violation and security activity report
    Has anybody developed such solution? What are your general experiance, problems , issues etc? Please share your view....

    Just too quick to draw conclusion: See below FAQ
    If you are not in the same AS container, let me know. Jerry
    Copy from J2EE agent FAQ
    Question - Is it possible to install a J2EE 2.1agent and Identity Server on the same instance of the application server ?
    Installing the IS60SP1/IS61 server and J2EE 2.1 policy agent on the sameninstance of Application server is not a supported configuration. We do support the 21 J2EE agent and IS installed on different instances of the application server. So, users can install theJ2EE 2.1 agent on a one instance of the application server and install IS on a different instance of the apps server.

  • Web Policy Agent 2.1 for Apache 1.3.27 with Identity Server 6.1

    Web Policy Agent 2.1 for Apache 1.3.27 with Identity Server 6.1
    Does anybody has a working combination of the above ? I get a ID login page and after that I always get a access denied page. I get this exception on the agent logs:
    2004-10-14 16:28:00.917 Warning 6347:c1818 PolicyAgent: in get_cookie: no cooki
    e in ap_table
    2004-10-14 16:28:01.895 Warning 6359:c1818 PolicyAgent: Invalid URL for propert
    y (com.sun.am.policy.agents.accessDeniedURL) specified
    2004-10-14 16:28:56.742 Warning 6349:c1818 PolicyAgent: am_web_is_access_allowe
    d(http://xx.xx.xx.net:8080/, GET) denying access: status = access de
    nied (20)
    2004-10-14 16:28:56.743 128 6349:c1818 RemoteLog: User testuser1 was denie
    d access to http://xx.xx.xx.net:8080/.
    2004-10-14 16:28:56.831 -1 6349:c1818 PolicyAgent: URL Access Agent: acces
    s denied to testuser1
    We can ignore Invalid URL property part because its just looking for a custom url in place there. I have cookies enabled in my browser. I even turned on the prompt option. No luck yet.
    Any suggestions would be of great help.
    Thanks,
    Sunil.

    From your description, since the agent installs file with a different JRE, I would suspect it has something to do with the availability of JCE provider in the first JRE. By default, WebSphere's JRE is equipped with IBM JCE provider which is what the agent uses to encrypt the necessary
    information. If this provider is not configured correctly it could result in the error that you are seeing. Please check the WebSphere installation and make sure that the JRE used by it has the necessary IBM JCE provider configured. The java.security file for this should contain something like:
    security.provider.1=sun.security.provider.Sun
    security.provider.2=com.ibm.crypto.provider.IBMJCE
    security.provider.3=com.ibm.jsse.IBMJSSEProvider
    security.provider.4=com.ibm.security.cert.IBMCertPath
    security.provider.5=com.ibm.crypto.pkcs11.provider.IBMPKCS11
    Also, make sure that when you are installing the agent you specify the Java Home as prompted by the agent to point to the location where this JRE is installed. Typically this is under WebSphere/AppServer/java directory. HTH, Jerry

  • Proxy Server 3.6 with Identity Server 5.1!

    Hi All,
    I'm doing a Proof of Concept on integrating Identity Server 5.1 with proxy server 3.6. The proxy server is configured as a reverse proxy for another web server (since the web server is not supported by agent pack).
    I've configured the reverse proxy and add the agent to the proxy. However, each time after auth. in the Identity server and return back to the reverse proxy, it'll go to http://rproxy.domain.com/.domain.com not http://rproxy.domain.com.
    Moreover, even the user session is invalid, the user can go to the reverse proxy without re-auth even I've disable all the cache in the proxy server.
    Is it possible to use reverse proxy with identity server? If yes, how to config?
    Thanks
    Clive Chan

    Hi Clive Chan,
    i am also have the same problem, can you tell me which patch have you add to solve the problem?
    Thanks a lot!
    Angus

  • Page Not Found error when accessing the Identity server console

    Hi,
    I have installed the Sun One Portal Server.
    when i access the URL for Identity server, i am getting Page not Found exception.
    Any suggestions, why this problem could occur.
    Regards,
    Mukta

    First the obvious: Restart the Webserver/Application Server
    Did you choose "Configure Later"?
    Is amconsole/amserver/... really deployed? You can see this in the Admin web interface of the server.
    Do you see anything in the logfiles?
    Chris

  • Identity Server administration console NOT ACCESSIBLE!

    hello, I get the following error when I enter the
    any comments are appreciated!
    thanks
    following URL:
    http://FullyQualifiedHostName:port/amconsole
    Root Cause
    java.lang.VerifyError: (class: com/iplanet/services/comm/https/ApprovalCallback, method: approve signature: (Lorg/mozilla/jss/crypto/X509Certificate;Lorg/mozilla/jss/ssl/SSLCertificateApprovalCallback$ValidityStatus;)Z) Incompatible object argument for function call
         at com.iplanet.services.comm.https.HttpsClient.doConnect(HttpsClient.java:274)
         at sun.net.www.http.HttpClient.openServer(HttpClient.java:402)
         at sun.net.www.http.HttpClient.openServer(HttpClient.java:618)
         at sun.net.www.http.HttpClient.(HttpClient.java:306)
         at sun.net.www.http.HttpClient.(HttpClient.java:254)
         at com.iplanet.services.comm.https.HttpsClient.(HttpsClient.java:191)
         at com.iplanet.services.comm.https.HttpsClient.New(HttpsClient.java:219)
         at com.iplanet.services.comm.https.HttpsURLConnection.connect(HttpsURLConnection.java:112)
         at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:569)
         at com.iplanet.services.comm.client.PLLClient.send(PLLClient.java:113)
         at com.iplanet.services.comm.client.PLLClient.send(PLLClient.java:71)
         at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:335)
         at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:308)
         at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:219)
         at com.iplanet.dpro.session.service.SessionService.(SessionService.java:1106)
         at com.iplanet.dpro.session.service.SessionService.getSessionService(SessionService.java:256)
         at com.sun.identity.authentication.service.AuthD.getSS(AuthD.java:593)
         at com.sun.identity.authentication.service.AuthD.initAuthSessions(AuthD.java:614)
         at com.sun.identity.authentication.service.AuthD.(AuthD.java:203)
         at com.sun.identity.authentication.service.AuthD.getAuth(AuthD.java:368)
         at com.sun.identity.authentication.UI.LoginServlet.initializeRequestContext(LoginServlet.java:97)
         at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:407)
         at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:324)
         at com.iplanet.jato.ApplicationServletBase.doGet(ApplicationServletBase.java:294)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at org.apache.catalina.core.StandardWrapperValve.invokeServletService(StandardWrapperValve.java:720)
         at org.apache.catalina.core.StandardWrapperValve.access$000(StandardWrapperValve.java:118)
         at org.apache.catalina.core.StandardWrapperValve$1.run(StandardWrapperValve.java:278)
         at java.security.AccessController.doPrivileged(Native Method)
         at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:274)
         at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
         at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:212)
         at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
         at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:203)
         at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
         at com.iplanet.ias.web.connector.nsapi.NSAPIProcessor.process(NSAPIProcessor.java:158)
         at com.iplanet.ias.web.WebContainer.service(WebContainer.java:850)
    whole error:
    Sun ONE Application Server - HTTP Status 500 Error
    The server encountered an internal error (Internal Server Error) that prevented it from fulfilling this request.
    Type: Exception Report
    Message: Internal Server Error
    Exception
    javax.servlet.ServletException: Servlet execution threw an exception
         at org.apache.catalina.core.StandardWrapperValve.invokeServletService(StandardWrapperValve.java:742)
         at org.apache.catalina.core.StandardWrapperValve.access$000(StandardWrapperValve.java:118)
         at org.apache.catalina.core.StandardWrapperValve$1.run(StandardWrapperValve.java:278)
         at java.security.AccessController.doPrivileged(Native Method)
         at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:274)
         at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
         at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:212)
         at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
         at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:203)
         at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
         at com.iplanet.ias.web.connector.nsapi.NSAPIProcessor.process(NSAPIProcessor.java:158)
         at com.iplanet.ias.web.WebContainer.service(WebContainer.java:850)
    Root Cause
    java.lang.VerifyError: (class: com/iplanet/services/comm/https/ApprovalCallback, method: approve signature: (Lorg/mozilla/jss/crypto/X509Certificate;Lorg/mozilla/jss/ssl/SSLCertificateApprovalCallback$ValidityStatus;)Z) Incompatible object argument for function call
         at com.iplanet.services.comm.https.HttpsClient.doConnect(HttpsClient.java:274)
         at sun.net.www.http.HttpClient.openServer(HttpClient.java:402)
         at sun.net.www.http.HttpClient.openServer(HttpClient.java:618)
         at sun.net.www.http.HttpClient.(HttpClient.java:306)
         at sun.net.www.http.HttpClient.(HttpClient.java:254)
         at com.iplanet.services.comm.https.HttpsClient.(HttpsClient.java:191)
         at com.iplanet.services.comm.https.HttpsClient.New(HttpsClient.java:219)
         at com.iplanet.services.comm.https.HttpsURLConnection.connect(HttpsURLConnection.java:112)
         at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:569)
         at com.iplanet.services.comm.client.PLLClient.send(PLLClient.java:113)
         at com.iplanet.services.comm.client.PLLClient.send(PLLClient.java:71)
         at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:335)
         at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:308)
         at com.iplanet.services.naming.WebtopNaming.getServerID(WebtopNaming.java:219)
         at com.iplanet.dpro.session.service.SessionService.(SessionService.java:1106)
         at com.iplanet.dpro.session.service.SessionService.getSessionService(SessionService.java:256)
         at com.sun.identity.authentication.service.AuthD.getSS(AuthD.java:593)
         at com.sun.identity.authentication.service.AuthD.initAuthSessions(AuthD.java:614)
         at com.sun.identity.authentication.service.AuthD.(AuthD.java:203)
         at com.sun.identity.authentication.service.AuthD.getAuth(AuthD.java:368)
         at com.sun.identity.authentication.UI.LoginServlet.initializeRequestContext(LoginServlet.java:97)
         at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:407)
         at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:324)
         at com.iplanet.jato.ApplicationServletBase.doGet(ApplicationServletBase.java:294)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at org.apache.catalina.core.StandardWrapperValve.invokeServletService(StandardWrapperValve.java:720)
         at org.apache.catalina.core.StandardWrapperValve.access$000(StandardWrapperValve.java:118)
         at org.apache.catalina.core.StandardWrapperValve$1.run(StandardWrapperValve.java:278)
         at java.security.AccessController.doPrivileged(Native Method)
         at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:274)
         at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
         at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:212)
         at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
         at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:203)
         at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
         at com.iplanet.ias.web.connector.nsapi.NSAPIProcessor.process(NSAPIProcessor.java:158)
         at com.iplanet.ias.web.WebContainer.service(WebContainer.java:850)

    Check out Thread: Running SSL on Identity Server by brkan dated August 2, 2004. It gives a solution to the problem that worked for me.

  • Can I upgrade Sun ONE Identity Server 6.0 schema v1.0 to schema v2.0

    I'm have Sun ONE Identity Server 6.0
    now I install Sun Java Communications Suite 5&#65292;but I'm copy dssetp to Sun ONE Identity Server 6.0 host,
    i'm run pl comm_dssetup.pl
    Welcome to the Directory Server preparation tool for
    Sun Java(tm) System communication services.
    (Version 6.3 Revision 1.0)
    This tool prepares your directory server for use by the
    communications services which include Messaging, Calendar and their components.
    The logfile is /var/tmp/dssetup_20050830165940.log.
    Do you want to continue [y]:
    Please enter the full path to the directory where the Sun ONE
    Directory Server was installed.
    Directory server root [/usr/iplanet/servers/slapd-ids] : /usr/iplanet/servers/slapd-ids
    Please select a directory server instance from the following list:
    [1] slapd-sunldap
    Which instance do you want [1]:
    Please enter the directory manager DN [cn=Directory Manager]: cn=DirMan
    Password:
    DirectoryServernotrunningornotlisteningtoport389.*
    DetectedDSversion0.0*
    Pleasecorrecttheproblemandre-runthisscript.*

    Hi,
    whr25 wrote:
    I'm have Sun ONE Identity Server 6.0
    now I install Sun Java Communications Suite 5&#65292;but I'm copy dssetp to Sun ONE Identity Server 6.0 host,
    i'm run pl comm_dssetup.pl
    Welcome to the Directory Server preparation tool for
    Sun Java(tm) System communication services.
    (Version 6.3 Revision 1.0)
    This tool prepares your directory server for use by the
    communications services which include Messaging, Calendar and their components.
    The logfile is /var/tmp/dssetup_20050830165940.log.
    Do you want to continue [y]:
    Please enter the full path to the directory where the Sun ONE
    Directory Server was installed.
    Directory server root [/usr/iplanet/servers/slapd-ids] : /usr/iplanet/servers/slapd-ids
    Please select a directory server instance from the following list:
    [1] slapd-sunldap
    Which instance do you want [1]:
    Please enter the directory manager DN [cn=Directory Manager]: cn=DirMan
    Password:
    DirectoryServernotrunningornotlisteningtoport389.*
    DetectedDSversion0.0*
    Pleasecorrecttheproblemandre-runthisscript.*So is the directory server instance running?
    I'm a little unsure as to what your actual problem is. You say "Can I upgrade Sun ONE Identity Server 6.0 schema v1.0 to schema v2.0" in the question subject but then don't clarify this in the above.
    Regards,
    Shane.

  • Sun Identity Server on Windows 2003?

    When will the Sun Java Systems Identity Server be available for Windows 2003?
    Thanks,
    Eoin

    I am having the same problem with this entry not being found in the registry. I've performed a search for 'Identity Manager' and found the gateway entry values here instead:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Sevices\IdentityManagerGateway
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Sevices\IdentityManagerGateway
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Sevices\IdentityManagerGateway
    Please advise how to turn on the gateway loggin feature if this would make the specific entry to HKEY_LOCAL_MACHINE\SOFTWARE.... in the registry.
    Thanks.

  • Page not found error while accessing Identity server console(Error Code:50)

    Hi Guys,
    Whenever I am trying to access the admin console of Identity server I am getting Page not found error. I believe some configuration must be missing for which I am getting this error. I am accessing the URL through following URL
    http://<Portal Server Fully Qualified Domain Name>/amconsole
    Please Help me if anybody has come across this problem

    Hi,
    First of all,check your install logs.
    Most likely you should find errors like the following
    "cannot access /usr/jdk/ent2se "
    "/usr/jdk/bin/jar" not found etc.
    In these cases the problem is the JDK version.
    Install the latest version of JDK and make sure that
    /usr/bin/java points to the installed JDK version.
    HTH,
    Ramnath

Maybe you are looking for

  • Bridge mode not supported for lap1261N

    Hello, I have a WLC2504 and 2 LAP1261N (converted from autonomous to lightweight) with release 7.0.116.0 and I want to create a point-to-point mesh link between the 2 APs. When trying to change the APs mode from local to bridge I receive the message

  • How to recover ZFS pool after re-installation of Solaris10

    I have two disks(c1t0d0-disk1, c1t1d0-disk2) and I installed Solaris 10(fresh installation) in a slice of disk1. On the other hand, I have ZFS filesystem in a slice of disk2. I would like to restore old ZFS filesystem in disk2. How do I recover old Z

  • PC froze then died

     My PC had been working fine for several hours till I tried to sort out a problem with a silent front speaker. The front right speaker (5.1 system) sometimes stops working but can usually be fixed by repositioning or reinserting the plug in the onboa

  • Packing Material Functionality

    Dear All, Description of Scenario: I have BOM for FG(Finished Goods) with RM(Raw material) and PM(Packing Material), where Packing Material Being BOX. In BOX we can pack 15 nos of FG, thus in BOM the quantity of BOX would be (1/15 = 0.067) to manufac

  • Internet Explorer Security Warning Message

    Hi am using pure html and am sure not using any active components in my page. When i preview in Internet Explorer, though it shows the page, but in the top it gives a security warning: To help protect your security, Internet Explorer has restricted t