jvybihal Contributor.
Contributor.
213 views

Reporting: idmdcs cant connect to idmrpt db

I am trying to setup reporting and I did get stuck at adding Data Sync Policy in Identity Manager Data Collection Services. (https://www.netiq.com/documentation/identity-manager-47/report_setup/data/dcs-settings.html)

I fill out correctly Sentinel Server Details and Database Server Details, but after clicking "Create" button, I get Database connection failure... check database connection and/or credentials.

The sentinel data seems to be fine (I tried to make them wrong, and I was presented with correct error), but I am really sure the database data are also correct, here is why:
* postgresql is binded to all IPs, pg_hba.conf set correctly
* I can connect to idmrptdb via psql (localhost) or via DBeaver (remotely) just fine, the credentials are correct

idm:/opt/netiq/idm/postgres/bin # ./psql -h 127.0.0.1 -d idmrptdb -U postgres -p 5432 
Password for user postgres:
psql.bin (9.6.10)
idmrptdb=#


My setup is just 2 servers
server1 - sentinel
server2 - everything else: idv, engine, apps, reporting, osp, etc.


I was not able to find any related error mesasges in my logs (catalina.out, driver log/trace, journal, postgres). I am not sure what is going on, and where else to look, so I would really appreciate any tips, what to check, where to look, what to read. It is fresh IdM install, 4.7.2, all components upgraded, Identity Manager Data Collection Services version 6.0.2.

Labels (1)
0 Likes
3 Replies
Micro Focus Expert
Micro Focus Expert

Re: Reporting: idmdcs cant connect to idmrpt db

On 2019-05-16 13:26, jvybihal wrote:
>
> I am trying to setup reporting and I did get stuck at adding Data Sync
> Policy in Identity Manager Data Collection Services.
> (https://www.netiq.com/documentation/identity-manager-47/report_setup/data/dcs-settings.html)
>
> I fill out *correctly* Sentinel Server Details and Database Server
> Details, but after clicking "Create" button, I get *Database connection
> failure... check database connection and/or credentials.*
>
> The sentinel data seems to be fine (I tried to make them wrong, and I
> was presented with correct error), but I am really sure the database
> data are also correct, here is why:
> * postgresql is binded to all IPs, pg_hba.conf set correctly
> * I can connect to idmrptdb via psql (localhost) or via DBeaver
> (remotely) just fine, the credentials are correct
>
>
> Code:
> --------------------
> idm:/opt/netiq/idm/postgres/bin # ./psql -h 127.0.0.1 -d idmrptdb -U postgres -p 5432
> Password for user postgres:
> psql.bin (9.6.10)
> idmrptdb=#
> --------------------
>
>
> My setup is just 2 servers
> server1 - sentinel
> server2 - everything else: idv, engine, apps, reporting, osp, etc.


Your PostgreSQL is remote to Sentinel. So the DB server IP cannot be
127.0.0.1.


--
Norbert
0 Likes
jvybihal Contributor.
Contributor.

Re: Reporting: idmdcs cant connect to idmrpt db

klasen;2499837 wrote:
On 2019-05-16 13:26, jvybihal wrote:

Your PostgreSQL is remote to Sentinel. So the DB server IP cannot be
127.0.0.1.


--
Norbert



Unfortunately, I also tried FQDN which resolves to same IP I am able to remotely connect to and it did not make a difference.
0 Likes
jvybihal Contributor.
Contributor.

Re: Reporting: idmdcs cant connect to idmrpt db

I managed to resolve it. It was not product problem, but network issue (kind of). The sentinel server is in different network. IdM server has two interfaces. Second interface was ofcourse in same network as sentinel and they communicated just fine.
My mistake was, that posgresql at IdM was not properly binded to IP on that second interface, so it was not actually listening there (that's why the tcp connection to postgresql did not work from sentinel to idm) and second issue was, that when entering FQDN, it is resolved by IdM servers DNS, instead hosts file on sentinel, which makes no sense to me (why?! - when sentinel is the one connecting TO idm. And it has correct hosts record, why not use it?).
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.