Welcome Serena Central users! CLICK HERE
The migration of the Serena Central community is currently underway. Be sure to read THIS MESSAGE to get your new login set up to access your account.
ScorpionSting Absent Member.
Absent Member.
1857 views

Worked until consultant suggested running osp configupdate


v4.5.1
eDirectory is running.
User app can comms - configupdate.sh can see tree and browse.
Re-running configupdate.sh doesn't fix issue.
ism-configuration.properties has correct values for
com.netiq.idm.osp.ldap.port, com.netiq.idm.osp.ldap.host, and
com.netiq.idm.osp.ldap.use-ssl

On start of tomcat:


Code:
--------------------
2015-08-27 08:58:41,487 [localhost-startStop-1] FATAL com.sssw.fw.directory.api.EboDirectoryFactory- An unexpected exception occurred in the directory layer.
com.sssw.fw.exception.EboUnrecoverableSystemException: An unexpected exception occurred in the directory layer.
at com.sssw.fw.directory.realm.impl.jndildap.EboLdapDirectoryConnection.createBaseContext(EboLdapDirectoryConnection.java:309)
at com.sssw.fw.directory.realm.impl.jndildap.EboLdapDirectoryConnection.authenticate(EboLdapDirectoryConnection.java:167)
at com.sssw.fw.directory.realm.impl.jndildap.EboLdapDirectoryConnectionManager.createConnectionArray(EboLdapDirectoryConnectionManager.java:355)
at com.sssw.fw.directory.realm.impl.jndildap.EboLdapDirectoryConnectionManager.<init>(EboLdapDirectoryConnectionManager.java:111)
at com.sssw.fw.directory.realm.impl.jndildap.EboJndiLdapDirectoryFactory.createConnectionMgrInstance(EboJndiLdapDirectoryFactory.java:125)
at com.sssw.fw.directory.api.EboDirectoryFactory$ConnMgrHolder.<clinit>(EboDirectoryFactory.java:75)
at com.sssw.fw.directory.api.EboDirectoryFactory.getConnMgr(EboDirectoryFactory.java:108)
at com.novell.soa.common.i18n.UADriverLocaleConfigurationLoader.getDocumentInputSource(UADriverLocaleConfigurationLoader.java:64)
at com.novell.soa.common.i18n.LocaleInfo.createSystemLocaleConfig(LocaleInfo.java:102)
at com.novell.soa.common.i18n.LocaleInfo.<clinit>(LocaleInfo.java:88)
at com.novell.srvprv.spi.util.servlet.LogConfigurator.initialize(LogConfigurator.java:100)
at com.novell.srvprv.spi.util.servlet.LogConfigurator.init(LogConfigurator.java:83)
at com.sssw.fw.servlet.InitListener.contextInitialized(InitListener.java:128)
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4992)
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5490)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:901)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:877)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:649)
at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:1083)
at org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1880)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: javax.naming.CommunicationException: myEdirServer:636 [Root exception is java.net.UnknownHostException: myEdirServer]
at com.sun.jndi.ldap.Connection.<init>(Unknown Source)
at com.sun.jndi.ldap.LdapClient.<init>(Unknown Source)
at com.sun.jndi.ldap.LdapClient.getInstance(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.connect(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.<init>(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(Unknown Source)
at javax.naming.spi.NamingManager.getInitialContext(Unknown Source)
at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
at javax.naming.InitialContext.init(Unknown Source)
at javax.naming.ldap.InitialLdapContext.<init>(Unknown Source)
at com.sssw.fw.directory.realm.impl.jndildap.EboLdapDirectoryConnection.createBaseContext(EboLdapDirectoryConnection.java:297)
... 25 more
Caused by: java.net.UnknownHostException: myEdirServer
at java.net.AbstractPlainSocketImpl.connect(Unknown Source)
at java.net.SocksSocketImpl.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at sun.security.ssl.SSLSocketImpl.connect(Unknown Source)
at sun.security.ssl.SSLSocketImpl.<init>(Unknown Source)
at sun.security.ssl.SSLSocketFactoryImpl.createSocket(Unknown Source)
at com.sssw.fw.directory.realm.impl.jndildap.LdapSSLSocketFactory.createSocket(LdapSSLSocketFactory.java:92)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at com.sun.jndi.ldap.Connection.createSocket(Unknown Source)
... 39 more
2015-08-27 08:58:41,491 [localhost-startStop-1] ERROR org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/IDMProv]- Exception sending context initialized event to listener instance of class com.sssw.fw.servlet.InitListener
java.lang.ExceptionInInitializerError
at com.novell.srvprv.spi.util.servlet.LogConfigurator.initialize(LogConfigurator.java:100)
at com.novell.srvprv.spi.util.servlet.LogConfigurator.init(LogConfigurator.java:83)
at com.sssw.fw.servlet.InitListener.contextInitialized(InitListener.java:128)
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4992)
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5490)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:901)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:877)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:649)
at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:1083)
at org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1880)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.lang.NullPointerException
at com.novell.soa.common.i18n.UADriverLocaleConfigurationLoader.getDocumentInputSource(UADriverLocaleConfigurationLoader.java:64)
at com.novell.soa.common.i18n.LocaleInfo.createSystemLocaleConfig(LocaleInfo.java:102)
at com.novell.soa.common.i18n.LocaleInfo.<clinit>(LocaleInfo.java:88)
... 16 more
2015-08-27 08:58:41,492 [localhost-startStop-1] ERROR org.apache.catalina.core.StandardContext- Error listenerStart
2015-08-27 08:58:41,497 [localhost-startStop-1] ERROR org.apache.catalina.core.StandardContext- Context [/IDMProv] startup failed due to previous errors
--------------------


--
-"Also now available in 'G+'
(https://plus.google.com/u/0/112362149544381813153) and 'Website'
(https://www.isam.kiwi/) format".- 😉
------------------------------------------------------------------------
ScorpionSting's Profile: https://forums.netiq.com/member.php?userid=469
View this thread: https://forums.netiq.com/showthread.php?t=54140


Visit my Website for links to Cool Solution articles.
Labels (1)
0 Likes
18 Replies
Highlighted
Knowledge Partner
Knowledge Partner

Re: Worked until consultant suggested running osp configupdate

On 8/26/2015 7:06 PM, ScorpionSting wrote:

Dang consultants, can't take them anywhere...

> v4.5.1
> eDirectory is running.
> User app can comms - configupdate.sh can see tree and browse.
> Re-running configupdate.sh doesn't fix issue.
> ism-configuration.properties has correct values for
> com.netiq.idm.osp.ldap.port, com.netiq.idm.osp.ldap.host, and
> com.netiq.idm.osp.ldap.use-ssl
>
> On start of tomcat:
>
>
> Code:
> --------------------
> 2015-08-27 08:58:41,487 [localhost-startStop-1] FATAL com.sssw.fw.directory.api.EboDirectoryFactory- An unexpected exception occurred in the directory layer.
> com.sssw.fw.exception.EboUnrecoverableSystemException: An unexpected exception occurred in the directory layer.


so this is User app since it is a com.sssw (silverstream SW or somesuch).

> Caused by: java.net.UnknownHostException: myEdirServer


> Caused by: javax.naming.CommunicationException: myEdirServer:636

[Root exception is java.net.UnknownHostException: myEdirServer]

> Caused by: java.lang.NullPointerException
> at com.novell.soa.common.i18n.UADriverLocaleConfigurationLoader.getDocumentInputSource(UADriverLocaleConfigurationLoader.java:64)


Any chance it is as simple as myEdirServer is not resolving?

It cannot talk to to the LDAP source and claims it is unknown host.

Hosts file nonsense?


0 Likes
ScorpionSting Absent Member.
Absent Member.

Re: Worked until consultant suggested running osp configupdate


Missing the point Geoff...... I believe "myEdirServer" is some
default/java parameter.....it has zero relation to the actual ldap
server (which is FQDN)....its almost like IDMProv's load is not reading
the ldap server value


--
-"Also now available in 'G+'
(https://plus.google.com/u/0/112362149544381813153) and 'Website'
(https://www.isam.kiwi/) format".- 😉
------------------------------------------------------------------------
ScorpionSting's Profile: https://forums.netiq.com/member.php?userid=469
View this thread: https://forums.netiq.com/showthread.php?t=54140


Visit my Website for links to Cool Solution articles.
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Worked until consultant suggested running osp configupdate

On 08/26/2015 09:40 PM, ScorpionSting wrote:
>
> Missing the point Geoff...... I believe "myEdirServer" is some
> default/java parameter.....it has zero relation to the actual ldap
> server (which is FQDN)....its almost like IDMProv's load is not reading
> the ldap server value
>
>

Greetings,

1) What application server are you deployed on?

2) Who owns the file ism-configuration.properties?

3) How are you starting the Application server?

4) Are you sure the mapping to the ism-configuration.properties is 100%
correct for your the Application Server that you are deployed on?



--

Sincerely,
Steven Williams
Lead Software Engineer
Micro Focus
0 Likes
ScorpionSting Absent Member.
Absent Member.

Re: Worked until consultant suggested running osp configupdate


1) Original post did say "when tomcat starts", so I guess tomcat.

2) novlua

3) As root, idmapps_tomcat_init

4) Well, you're not really providing information as to exactly what
parameter the IDMProv uses for LDAP, but the com.netiq.idm.osp.ldap.host
is 100% and is the only parameter in there with the ldap server dn.

Some actual information as to how the applications work would not go
amiss. Keeping secrets just so customers have to go through the pain of
SRs will drive us away. We're already on the brink of have NetIQ
replaced with Microsoft across the enterprise.

Steven Williams;260237 Wrote:
> On 08/26/2015 09:40 PM, ScorpionSting wrote:
> Greetings,
>
> 1) What application server are you deployed on?
>
> 2) Who owns the file ism-configuration.properties?
>
> 3) How are you starting the Application server?
>
> 4) Are you sure the mapping to the ism-configuration.properties is 100%
> correct for your the Application Server that you are deployed on?
>
>
>
> --
>
> Sincerely,
> Steven Williams
> Lead Software Engineer
> Micro Focus



--
-"Also now available in 'G+'
(https://plus.google.com/u/0/112362149544381813153) and 'Website'
(https://www.isam.kiwi/) format".- 😉
------------------------------------------------------------------------
ScorpionSting's Profile: https://forums.netiq.com/member.php?userid=469
View this thread: https://forums.netiq.com/showthread.php?t=54140


Visit my Website for links to Cool Solution articles.
0 Likes
Knowledge Partner
Knowledge Partner

Re: Worked until consultant suggested running osp configupdate

On 8/26/2015 9:40 PM, ScorpionSting wrote:
>
> Missing the point Geoff...... I believe "myEdirServer" is some
> default/java parameter.....it has zero relation to the actual ldap
> server (which is FQDN)....its almost like IDMProv's load is not reading
> the ldap server value


That is interesting and weird.

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Worked until consultant suggested running osp configupdate

On 8/27/2015 7:07 AM, Geoffrey Carman wrote:
> On 8/26/2015 9:40 PM, ScorpionSting wrote:
>>
>> Missing the point Geoff...... I believe "myEdirServer" is some
>> default/java parameter.....it has zero relation to the actual ldap
>> server (which is FQDN)....its almost like IDMProv's load is not reading
>> the ldap server value

>
> That is interesting and weird.
>


Last time I saw this type of behavior the ism-configuration.properties
file had been corrupted after running configupdate. Never could
duplicate it to report a defect, got in the habit of making a backup of
the file after things are working and after validating changes.

Cheers,

-Fernando
0 Likes
ScorpionSting Absent Member.
Absent Member.

Re: Worked until consultant suggested running osp configupdate


The parameters of this file should be fully documented so it can be
diagnosed and fixed.

This is part of "product configuration" and should be available to
customers as part of the public documentation without the need for an SR
to configure.

I don't even know if order is of importance (as the osp configupdate
reordered some of the contents).


--
-"Also now available in 'G+'
(https://plus.google.com/u/0/112362149544381813153) and 'Website'
(https://www.isam.kiwi/) format".- 😉
------------------------------------------------------------------------
ScorpionSting's Profile: https://forums.netiq.com/member.php?userid=469
View this thread: https://forums.netiq.com/showthread.php?t=54140


Visit my Website for links to Cool Solution articles.
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Worked until consultant suggested running osp configupdate

On 08/30/2015 08:04 PM, ScorpionSting wrote:
>
> The parameters of this file should be fully documented so it can be
> diagnosed and fixed.
>
> This is part of "product configuration" and should be available to
> customers as part of the public documentation without the need for an SR
> to configure.
>
> I don't even know if order is of importance (as the osp configupdate
> reordered some of the contents).
>
>

Greetings,
I still do not understand why you are using the configupdate under
the OSP install.



The settings you outlined are for OSP and not the Apps.


If this deployment on Tomcat has

1) OSP
2) Identity Applications (IDMProv, landing, dash)

Then you should be using the configupdate under the User Application
install.

Depending upon how OSP's configupdate is configured can change what
values are in the ism properties file



--

Sincerely,
Steven Williams
Lead Software Engineer
Micro Focus
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Worked until consultant suggested running osp configupdate

On 08/31/2015 07:19 AM, Steven Williams wrote:
> On 08/30/2015 08:04 PM, ScorpionSting wrote:
>>
>> The parameters of this file should be fully documented so it can be
>> diagnosed and fixed.
>>
>> This is part of "product configuration" and should be available to
>> customers as part of the public documentation without the need for an SR
>> to configure.
>>
>> I don't even know if order is of importance (as the osp configupdate
>> reordered some of the contents).
>>
>>

> Greetings,
> I still do not understand why you are using the configupdate under
> the OSP install.
>
>
>
> The settings you outlined are for OSP and not the Apps.
>
>
> If this deployment on Tomcat has
>
> 1) OSP
> 2) Identity Applications (IDMProv, landing, dash)
>
> Then you should be using the configupdate under the User Application
> install.
>
> Depending upon how OSP's configupdate is configured can change what
> values are in the ism properties file
>
>
>

Greetings,

If you could please outline what you were ultimately trying to do, it
would help to provide you with some possible solutions.




--

Sincerely,
Steven Williams
Lead Software Engineer
Micro Focus
0 Likes
ScorpionSting Absent Member.
Absent Member.

Re: Worked until consultant suggested running osp configupdate


Steven Williams;260386 Wrote:
> On 08/31/2015 07:19 AM, Steven Williams wrote:
> > On 08/30/2015 08:04 PM, ScorpionSting wrote:
> >>
> >> The parameters of this file should be fully documented so it can be
> >> diagnosed and fixed.
> >>
> >> This is part of "product configuration" and should be available to
> >> customers as part of the public documentation without the need for an

> SR
> >> to configure.
> >>
> >> I don't even know if order is of importance (as the osp configupdate
> >> reordered some of the contents).
> >>
> >>

> > Greetings,
> > I still do not understand why you are using the configupdate under
> > the OSP install.
> >
> >
> >
> > The settings you outlined are for OSP and not the Apps.
> >
> >
> > If this deployment on Tomcat has
> >
> > 1) OSP
> > 2) Identity Applications (IDMProv, landing, dash)
> >
> > Then you should be using the configupdate under the User Application
> > install.
> >
> > Depending upon how OSP's configupdate is configured can change what
> > values are in the ism properties file
> >
> >
> >

> Greetings,
>
> If you could please outline what you were ultimately trying to do, it
> would help to provide you with some possible solutions.
>
>
>
>
> --
>
> Sincerely,
> Steven Williams
> Lead Software Engineer
> Micro Focus



How about make the **** thing work?


--
-"Also now available in 'G+'
(https://plus.google.com/u/0/112362149544381813153) and 'Website'
(https://www.isam.kiwi/) format".- 😉
------------------------------------------------------------------------
ScorpionSting's Profile: https://forums.netiq.com/member.php?userid=469
View this thread: https://forums.netiq.com/showthread.php?t=54140


Visit my Website for links to Cool Solution articles.
0 Likes
Knowledge Partner
Knowledge Partner

Re: Worked until consultant suggested running osp configupdate

ScorpionSting wrote:

> How about make the **** thing work?


I guess Steve's question was about why your consultant suggested running osp
configupdate? What was wrong with your "working" UA so you did that in the
first place?
______________________________________________
https://www.is4it.de/identity-access-management
0 Likes
ScorpionSting Absent Member.
Absent Member.

Re: Worked until consultant suggested running osp configupdate


"Working" excluding that old issue with SSL and token passing between
OSP and IDMProv......but at least IDMProv was loading previously.


--
-"Also now available in 'G+'
(https://plus.google.com/u/0/112362149544381813153) and 'Website'
(https://www.isam.kiwi/) format".- 😉
------------------------------------------------------------------------
ScorpionSting's Profile: https://forums.netiq.com/member.php?userid=469
View this thread: https://forums.netiq.com/showthread.php?t=54140


Visit my Website for links to Cool Solution articles.
0 Likes
ScorpionSting Absent Member.
Absent Member.

Re: Worked until consultant suggested running osp configupdate


Some of the below variables were removed by the osp configupdate:


Code:
--------------------
DirectoryService/realms/jndi/params/AUTHORITY = ****
DirectoryService/realms/jndi/params/CONTAINER_OBJECT = ****
DirectoryService/realms/jndi/params/DRIVER_SET_ROOT = ****
DirectoryService/realms/jndi/params/DYNAMIC_GROUP_OBJECT = ****
DirectoryService/realms/jndi/params/GROUP_OBJECT = ****
DirectoryService/realms/jndi/params/GROUP_ROOT_CONTAINER = ****
DirectoryService/realms/jndi/params/GROUP_SEARCH_SCOPE = ****
DirectoryService/realms/jndi/params/GROUP_USER_MEMBER_ATTRIB = ****
DirectoryService/realms/jndi/params/KEYSTORE_PATH = ****
DirectoryService/realms/jndi/params/LOGIN_ATTRIBUTE = ****
DirectoryService/realms/jndi/params/MANDATORY_SECURE_ADMIN_CONNECTION = ****
DirectoryService/realms/jndi/params/MANDATORY_SECURE_USER_CONNECTION = ****
DirectoryService/realms/jndi/params/NAMING_ATTRIBUTE = ****
DirectoryService/realms/jndi/params/OBJECT_ATTRIB = ****
DirectoryService/realms/jndi/params/PLAIN_PORT = ****
DirectoryService/realms/jndi/params/PROVISION_ROOT = ****
DirectoryService/realms/jndi/params/ROOT_NAME = ****
DirectoryService/realms/jndi/params/SECURE_PORT = ****
DirectoryService/realms/jndi/params/USER_GROUP_MEMBER_ATTRIB = ****
DirectoryService/realms/jndi/params/USER_OBJECT = ****
DirectoryService/realms/jndi/params/USER_ROOT_CONTAINER = ****
DirectoryService/realms/jndi/params/USER_SEARCH_SCOPE = ****
DirectoryService/realms/jndi/params/USE_DYNAMIC_GROUPS = ****
DirectoryService/realms/jndi/params/USE_PUB_ANON = ****
DirectoryService/realms/jndi/params/UUID_ATTRIB = ****
DirectoryService/realms/jndi/params/UUID_AUX_CLASS = ****
RoleService/nrf-compliance-admin-assigned-identity-dn = ****
RoleService/nrf-configuration-rdn = ****
RoleService/nrf-role-admin-assigned-identity-dn = ****
--------------------


--
-"Also now available in 'G+'
(https://plus.google.com/u/0/112362149544381813153) and 'Website'
(https://www.isam.kiwi/) format".- 😉
------------------------------------------------------------------------
ScorpionSting's Profile: https://forums.netiq.com/member.php?userid=469
View this thread: https://forums.netiq.com/showthread.php?t=54140


Visit my Website for links to Cool Solution articles.
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Worked until consultant suggested running osp configupdate

On 08/31/2015 07:14 PM, ScorpionSting wrote:
>
> Some of the below variables were removed by the osp configupdate:
>
>
> Code:
> --------------------
> DirectoryService/realms/jndi/params/AUTHORITY = ****
> DirectoryService/realms/jndi/params/CONTAINER_OBJECT = ****
> DirectoryService/realms/jndi/params/DRIVER_SET_ROOT = ****
> DirectoryService/realms/jndi/params/DYNAMIC_GROUP_OBJECT = ****
> DirectoryService/realms/jndi/params/GROUP_OBJECT = ****
> DirectoryService/realms/jndi/params/GROUP_ROOT_CONTAINER = ****
> DirectoryService/realms/jndi/params/GROUP_SEARCH_SCOPE = ****
> DirectoryService/realms/jndi/params/GROUP_USER_MEMBER_ATTRIB = ****
> DirectoryService/realms/jndi/params/KEYSTORE_PATH = ****
> DirectoryService/realms/jndi/params/LOGIN_ATTRIBUTE = ****
> DirectoryService/realms/jndi/params/MANDATORY_SECURE_ADMIN_CONNECTION = ****
> DirectoryService/realms/jndi/params/MANDATORY_SECURE_USER_CONNECTION = ****
> DirectoryService/realms/jndi/params/NAMING_ATTRIBUTE = ****
> DirectoryService/realms/jndi/params/OBJECT_ATTRIB = ****
> DirectoryService/realms/jndi/params/PLAIN_PORT = ****
> DirectoryService/realms/jndi/params/PROVISION_ROOT = ****
> DirectoryService/realms/jndi/params/ROOT_NAME = ****
> DirectoryService/realms/jndi/params/SECURE_PORT = ****
> DirectoryService/realms/jndi/params/USER_GROUP_MEMBER_ATTRIB = ****
> DirectoryService/realms/jndi/params/USER_OBJECT = ****
> DirectoryService/realms/jndi/params/USER_ROOT_CONTAINER = ****
> DirectoryService/realms/jndi/params/USER_SEARCH_SCOPE = ****
> DirectoryService/realms/jndi/params/USE_DYNAMIC_GROUPS = ****
> DirectoryService/realms/jndi/params/USE_PUB_ANON = ****
> DirectoryService/realms/jndi/params/UUID_ATTRIB = ****
> DirectoryService/realms/jndi/params/UUID_AUX_CLASS = ****
> RoleService/nrf-compliance-admin-assigned-identity-dn = ****
> RoleService/nrf-configuration-rdn = ****
> RoleService/nrf-role-admin-assigned-identity-dn = ****
> --------------------
>
>

Greetings,
Yes, the configupdate that is under the osp root install folder, is
set-up to be used in the case where OSP is deployed without the Apps.
When you launched this version of configupdate, you should have only
seen three (3) tabs with the following names:

Identity Vault
Authentication
SSO Client

When you press OK using this version of configupdate, it will modify the
ism properties file a certain way.



The configupdate that is in the UserApplication root install folder, is
set-up to handle more cases. With this set-up of configupdate you can
see either three (3) or four (4) tabs with the following names:

User Application
Reporting
Authentication
SSO Clients


*Note: with adding Access Review to the environment, it is possible to
see up to five (5) tabs*

=================

There can be three (3) different configupdate "installs" on your server
if you have OSP, Identity Applications, and Identity Reporting all
installed on the one (1) server.

When you use the different set-ups/installs of configupdate depends upon
the situation

For Example:

1) If you only have OSP deployed, then you would utilize the
configupdate under the osp root install folder. This will be necessary
to map in the values of the SSO Clients tabs after you have performed
the other installs.

2) If you have OSP and Identity Applications deployed together then you
should utilize the configupdate in the UserApplication root install folder

3) If you have OSP, Identity Applications, and Identity Reporting
deployed together then you should utilize the configupdate in the
UserApplication root install folder


If this is not clear in the documentation, then I will submit a note to
have this updated in the documentation.

We are looking to improve the way one needs to update the environment
when you are deployed in different configurations

-Distributed Application servers (Each component on its own Tomcat
OSP
SSPR
Identity Applications
Identity Reporting

-Different Application servers (OSP on Tomcat and the Applications on
WebSphere)

-Clustered



--

Sincerely,
Steven Williams
Lead Software Engineer
Micro Focus
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.