opensso
  1. opensso
  2. OPENSSO-4094

Multiserver setup fails when the configuration store is DSEE with different password for amadmin and DSEE bind DN

    Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Critical Critical
    • Resolution: Fixed
    • Affects Version/s: current
    • Fix Version/s: build6a
    • Component/s: install
    • Labels:
      None
    • Environment:

      Operating System: Windows XP
      Platform: All

    • Issuezilla Id:
      4,094

      Description

      Description:
      ------------
      Server 1:
      sm:um::remote:remote
      amadmin password is different from cn=directory manager password of config store

      Configure server 2 ,
      choose "Add to existing deployment"

      Configurator fails with "Cannot connect to Directory Server"

      Config store access logs shows
      [06/Nov/2008:10:52:47 -0800] conn=2162 op=0 msgId=7 - BIND dn="cn=Directory Mana
      ger" method=128 version=3
      [06/Nov/2008:10:52:47 -0800] conn=2162 op=0 msgId=7 - RESULT err=49 tag=97 nentr
      ies=0 etime=0

      Workaround
      ----------
      When configuring the second server, instead of choosing the option,
      "Add to existing deployment", provide all the details as for server1.
      Give the exact same details of config store/encryption keys/user store/UrlAccess
      Agent password

      1. CRT_approved:4094
        0.1 kB
        pluo
      2. CRT_submittal:4094
        20 kB
        veiming

        Activity

        Hide
        veiming added a comment -

        reassign

        Show
        veiming added a comment - reassign
        Hide
        veiming added a comment -

        This needs to be doc in 8.0 RN

        Show
        veiming added a comment - This needs to be doc in 8.0 RN
        Hide
        veiming added a comment -

        Created an attachment (id=7218)
        CRT_submittal:4094

        Show
        veiming added a comment - Created an attachment (id=7218) CRT_submittal:4094
        Hide
        pluo added a comment -

        Created an attachment (id=7219)
        CRT_approved:4094

        Show
        pluo added a comment - Created an attachment (id=7219) CRT_approved:4094
        Hide
        cneberg added a comment -

        adding self to cc.

        Show
        cneberg added a comment - adding self to cc.
        Hide
        inthanga added a comment -

        This issue happens only in the following conditions are met

        • Your configuration store is DSEE
        • You are trying to perform multiserver install
        • Your amadmin password is different from the DSEE BIND passwd

        There are two workarounds to move forward on this
        1. Make sure your configuration Directory Server's bind dn passwd is same as amadmin
        2. Follow the Access Manager 7.x like procedure to configure the second and more
        servers.

        To perform the second server installation pointing to the first opensso server's
        configuration directory
        Simply access the configurator page of the second opensso server enter the
        amadmin password,cookie domain and other details for step 1 and step 2 , at step
        3 do not select the Add to Existing Deployment instead Select first instance
        option, at this step provide the same directory server name/port/DN/password and
        the encryption key of your first server. then proceed as usual.
        more details can be found here
        http://blogs.sun.com/indira/entry/configuring_multiple_opensso_servers_with

        Show
        inthanga added a comment - This issue happens only in the following conditions are met Your configuration store is DSEE You are trying to perform multiserver install Your amadmin password is different from the DSEE BIND passwd There are two workarounds to move forward on this 1. Make sure your configuration Directory Server's bind dn passwd is same as amadmin 2. Follow the Access Manager 7.x like procedure to configure the second and more servers. To perform the second server installation pointing to the first opensso server's configuration directory Simply access the configurator page of the second opensso server enter the amadmin password,cookie domain and other details for step 1 and step 2 , at step 3 do not select the Add to Existing Deployment instead Select first instance option, at this step provide the same directory server name/port/DN/password and the encryption key of your first server. then proceed as usual. more details can be found here http://blogs.sun.com/indira/entry/configuring_multiple_opensso_servers_with
        Hide
        inthanga added a comment -

        rephrased summary

        Show
        inthanga added a comment - rephrased summary
        Hide
        veiming added a comment -

        fixed

        Show
        veiming added a comment - fixed
        Hide
        grathinam added a comment -

        TestCase:
        ---------
        InstallConfig_TC49

        Show
        grathinam added a comment - TestCase: --------- InstallConfig_TC49

          People

          • Assignee:
            veiming
            Reporter:
            nithyas
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: