5 Replies Latest reply: Jan 11, 2005 10:00 AM by 807573 RSS

    Meta-Admin tool errors starting a UTC connector

    807573
      Hello.

      Has anyone experience with meta-admin?

      I have problems using Meta-Admin to start a Connector. The stop and statistics succeed OK. Starting the join-engine seems to succeed too!

      My start .ldif file is:

      admin-URL: http://admin:admin@hus.edelkey.net:30789
      configuration: ldap://hus.edelkey.net:3891/
      cn%3Dutc-STMtiimi%2Ccn%3DConnedctors%2Ccn%3Dsystem%2C
      ou%3D5%2Cou%3Dmeta-directory%2Cou%3Dglobal%20preferences%2C
      ou%3Dedelkey.net%2Co%3Dnetscaperoot
      authenticationDetails: simple "cn=Directory Manager" managerxy
      admin-path: utc50-STMtiimi/Tasks/start

      but when I try to run meta-admin I get odd error. (password modified for this post)


      # ./meta-admin -ax < $NETSITE_ROOT/start-tiimiCV.ldif
      LWP::UserAgent::new: ()
      LWP::UserAgent::request: ()
      LWP::UserAgent::simple_request: POST http://admin:admin@hus.edelkey.net:30789/utc50-STMtiimi/Tasks/start
      LWP::UserAgent::_need_proxy: Not proxied
      LWP::Protocol::http::request: ()
      LWP::Protocol::http::request: POST /utc50-STMtiimi/Tasks/start HTTP/1.0
      Authorization: Basic AYWRBCtaW46YWRtaW4=
      Host: hus.edelkey.net:30789
      User-Agent: SunONE-Meta_Admin/2.05
      Content-Length: 306
      Content-Type: application/x-www-form-urlencoded

      LWP::Protocol::http::request: POST /utc50-STMtiimi/Tasks/start HTTP/1.0
      Authorization: Basic AYWRBCtaW46YWRtaW4=
      Host: hus.edelkey.net:30789
      User-Agent: SunONE-Meta_Admin/2.05
      Content-Length: 306
      Content-Type: application/x-www-form-urlencoded

      LWP::Protocol::http::request: reading response
      LWP::Protocol::http::request: HTTP/1.1 200 OK
      Server: Netscape-Enterprise/6.0
      Date: Fri, 07 Jan 2005 08:55:34 GMT
      Admin-Server: Sun-ONE-Administrator/5.2
      Content-type: text/plain;charset=UTF-8
      Connection: close

      LWP::Protocol::http::request: HTTP/1.1 200 OK
      LWP::Protocol::collect: read 14 bytes
      LWP::Protocol::collect: read 73 bytes
      LWP::Protocol::collect: read 42 bytes
      LWP::Protocol::collect: read 29 bytes
      LWP::UserAgent::request: Simple result: OK
      NMC_Status: 0
      NMC_ErrInfo: chown /user/STMmeta/servers/utc-STMtiimi/config/start.conf
      usage: chown [-fhR] owner[:group] file...
      chown: at start.pl line 89.
      # ls /user/STMmeta/servers/utc-STMtiimi/config/start.conf
      /user/STMmeta/servers/utc-STMtiimi/config/start.conf: No such file or directory
      #

      Just what is wrong with my set-up??

      I cant find this start-conf file anywhere!

      The system is Meta 5.1 running on Solaris 9

      HELPP!!!!!!!
        • 1. Re: Meta-Admin tool errors starting a UTC connector
          807573
          I am a bit confused what you mean by 'run' meta-admin...
          Anyways see the below tech note.
          HTH,
          Suveer Chainani

          CLI

          You can use CLI to issue commands to a JE, as long as you have the Meta Admin Server username/passwd. You can issue these commands from the m/c that has JE installed. Or (as the Sun ONE Console works), from any other Meta installation in that LAN.

          You could do the following:


          CD to ....<mds51>/bin/meta50/bin

          and do a:
          # export NETSITE_ROOT=/opt/meta/mds51
          # ./meta-admin < ./input.ldif


          where input.ldif is dependent on the operation. Ensure that there is no trailing spaces in the input.ldif file which is name: value pair type. And could be:



          1. Stop JE

          admin-URL: http://admin:password@lucifer.india.sun.com:10010
          admin-path: join50-engine/Tasks/stop

          2. Start JE
          Note that Start JE requires additional parameters to supply to start.pl, which creates start.conf., which is required to start the nsmds process.

          SuiteSpotUser: root
          admin-URL: http://admin:password@lucifer.india.sun.com:10010
          admin-path: join50-engine/Tasks/start
          authenticationDetails: simple "cn=Directory Manager" password
          configuration: LDAP://lucifer.india.sun.com:1389/cn%3Djoin-engine%2Ccn%3DMeta-Directories%2Ccn%3DSystem%2Cou%3D5%2Cou%3DMeta-Directory%2Cou%3DGlobal%20Preferences%2Cou%3Dindia.sun.com%2Co%3DnetscapeRoot

          "configuration" attribute points to the config dir. Ensure that the host, port and domain are correct.

          3. Refresh

          admin-URL: http://admin:password@lucifer.india.sun.com:10010
          admin-path: join50-engine/Tasks/request
          op: refresh MV
          mv: corp
          cv: nds

          where corp is the MV_ID and
          nds is the CV_ID

          4. Refresh Unlinked

          admin-URL: http://admin:password@lucifer.india.sun.com:10010
          admin-path: join50-engine/Tasks/request
          op: refresh_unlinked MV
          mv: corp
          cv: nds

          where corp is the MV_ID and
          nds is the CV_ID


          5. Enable View

          admin-URL: http://admin:password@lucifer.india.sun.com:10010
          admin-path: join50-engine/Tasks/request
          op: enable
          mv: corp
          cv: nds

          where corp is the MV_ID and
          nds is the CV_ID

          6. Disable View

          admin-URL: http://admin:password@lucifer.india.sun.com:10010
          admin-path: join50-engine/Tasks/request
          op: disable
          mv: corp
          cv: nds

          where corp is the MV_ID and
          nds is the CV_ID


          7. Refresh Groups

          Refresh Groups is a cool option in Meta-Directory as one can specify the search criteria (in the group Filters Definition in the PV screen) with which the Join Engine will do a refresh.

          admin-URL: http://admin:password@lucifer.india.sun.com:10010
          admin-path: join50-engine/Tasks/request
          op: refresh_groups CV
          mv: corp
          cv: nds

          where corp is the MV_ID and
          nds is the CV_ID

          8. Validate Links

          admin-URL: http://admin:password@lucifer.india.sun.com:10010
          admin-path: join50-engine/Tasks/request
          op: validate_links CV
          mv: corp
          cv: nds

          where corp is the MV_ID and
          nds is the CV_ID

          9. Break Links

          admin-URL: http://admin:password@lucifer.india.sun.com:10010
          admin-path: join50-engine/Tasks/request
          op: break_links CV
          mv: corp
          cv: nds

          where corp is the MV_ID and
          nds is the CV_ID


          10. Get Status
          admin-URL: http://admin:password@lucifer.india.sun.com:10010
          admin-path: join50-engine/Tasks/read/status

          11. Get Statistics
          admin-URL: http://admin:password@lucifer.india.sun.com:10010
          admin-path: join50-engine/Tasks/read/statistics

          -----------------------------------------------------------------

          Connector Level Command Line Operations


          # cd < mds51>/bin/meta50/bin
          # export NETSITE_ROOT=/opt/meta/mds51
          # ./meta-admin < ./input.ldif

          where input.ldif is dependent on the operation, and is mentioned below.


          Java Based

          1. Stop Connector

          admin-URL: http://admin:password@lucifer.india.sun.com:10010
          admin-path: ndc50-cv-nds/Tasks/stop

          where cv-nds, in admin-path, is the CV Name for the Novell Connector



          2. Start Connector

          SuiteSpotUser: root
          admin-URL: http://admin:password@lucifer.india.sun.com:10010
          admin-path: ndc50-cv-nds/Tasks/start
          authenticationDetails: simple_base64 Y249RGlyZWN0b3J5IE1hbmFnZXI= cGFzc3dvcmQ=
          configuration: LDAP://lucifer.india.sun.com:1389/cn%3Dndc-cv-nds%2Ccn%3DConnectors%2Ccn%3DSystem%2Cou%3D5%2Cou%3DMeta-Directory%2Cou%3DGlobal%20Preferences%2Cou%3Dindia.sun.com%2Co%3DnetscapeRoot

          where cv-nds, in admin-path, is the CV Name for the Novell Connector and
          where ndc-cv-nds, in configuration, is the Novell Connector name.
          Note that the authenticationDetails are in base64 which is generated from the b64.pl script below:

          use MIME::Base64;
          if ( "$ARGV[0]" eq "-e" ){
          printf ("%s", encode_base64(eval "\"$ARGV[1]\""));
          }
          elsif ( "$ARGV[0]" eq "-d" ) {
          printf ("%s", decode_base64(eval "\"$ARGV[1]\""));
          } else {
          printf("Encode or Decode using Base64\n");
          printf("Encode: b64.pl -e \"string\"\n");
          printf("Decode: b64.pl -d \"encoded text\"\n");
          }


          Usage of the above script is:
          # /$NETSITE_ROOT/lib/nsPerl5.005_03/nsperl b64.pl -e "cn=Directory Manager"
          Y249RGlyZWN0b3J5IE1hbmFnZXI=

          # /$NETSITE_ROOT/lib/nsPerl5.005_03/nsperl b64.pl -e password
          cGFzc3dvcmQ=

          # /$NETSITE_ROOT/lib/nsPerl5.005_03/nsperl b64.pl -d cGFzc3dvcmQ=
          password

          3. Refresh Connector

          The Console sets a flag in the configdir, telling which way to refresh, before actually sending the refresh request. Therefore we first have to manually set the flag in the direction required by an ldapmodify, and then send the refresh request. The flag is reset (to 0) by the connector after it perfroms the refresh.


          For EDS to CV Refresh create a file nds2cv.ldif

          dn: cn=1,cn=Tasks,cn=ndc-cv-nds,cn=Connectors,cn=System,ou=5,ou=Meta-Directory,ou=Global Preferences,ou=india.sun.com,o=netscapeRoot
          changetype: modify
          delete: mdsGeneralConfiguration
          mdsGeneralConfiguration: TaskReSyncToCV=0
          -
          add: mdsGeneralConfiguration
          mdsGeneralConfiguration: TaskReSyncToCV=1


          For CV to EDS Refresh create a file cv2nds.ldif

          dn: cn=1,cn=Tasks,cn=ndc-cv-nds,cn=Connectors,cn=System,ou=5,ou=Meta-Directory,ou=Global Preferences,ou=india.sun.com,o=netscapeRoot
          changetype: modify
          delete: mdsGeneralConfiguration
          mdsGeneralConfiguration: TaskReSyncFromCV=0
          -
          add: mdsGeneralConfiguration
          mdsGeneralConfiguration: TaskReSyncFromCV=1

          where ndc-cv-nds is the Novell Connector name

          Then do a

          ldapmodify -D "cn=Directory Manager" -w password -h lucifer.india.sun.com -p 1389 -f nds2cv.ldif


          Finally execute the input.ldif

          admin-URL: http://admin:password@lucifer.india.sun.com:10010
          admin-path: ndc50-cv-nds/Tasks/request
          op: refresh


          where cv-nds, in admin-path, is the CV Name for the Novell Connector




          UTC Based

          1. Stop Conector

          admin-URL: http://admin:password@lucifer.india.sun.com:10010
          admin-path: utc50-cv-utc/Tasks/stop

          where cv-utc, in admin-path, is the CV Name for the UTC Connector


          2. Start Connector

          SuiteSpotUser: root
          admin-URL: http://admin:password@lucifer.india.sun.com:10010
          admin-path: utc50-cv-utc/Tasks/start
          authenticationDetails: simple "cn=Directory Manager" password
          configuration: LDAP://lucifer.india.sun.com:1389/cn%3Dutc-cv-utc%2Ccn%3DConnectors%2Ccn%3DSystem%2Cou%3D5%2Cou%3DMeta-Directory%2Cou%3DGlobal%20Preferences%2Cou%3Dindia.sun.com%2Co%3DnetscapeRoot

          where cv-utc, in admin-path, is the CV Name for the UTC Connector and
          where utc-cv-nds, in configuration, is the UTC Connector name.
          Note that, in case of UTC, the authenticationDetails are provided in clear text.


          3. Refresh Connector

          The Console sets a flag in the configdir, telling which way to refresh, before actually sending the refresh request. Therefore we first have to manually set the flag in the direction required by an ldapmodify, and then send the refresh request. The flag is reset (to 0) by the connector after it perfroms the refresh.

          for EDS to CV Refresh create a file utc2cv.ldif

          dn: cn=1,cn=Tasks,cn=utc-cv-utc,cn=Connectors,cn=System,ou=5,ou=Meta-Directory,ou=Global Preferences,ou=india.sun.com,o=netscapeRoot
          changetype: modify
          delete: mdsGeneralConfiguration
          mdsGeneralConfiguration: TaskReSyncToCV=0
          -
          add: mdsGeneralConfiguration
          mdsGeneralConfiguration: TaskReSyncToCV=1

          for CV to EDS Refresh create a file cv2utc.ldif

          dn: cn=1,cn=Tasks,cn=utc-cv-utc,cn=Connectors,cn=System,ou=5,ou=Meta-Directory,ou=Global Preferences,ou=india.sun.com,o=netscapeRoot
          changetype: modify
          delete: mdsGeneralConfiguration
          mdsGeneralConfiguration: TaskReSyncFromCV=0
          -
          add: mdsGeneralConfiguration
          mdsGeneralConfiguration: TaskReSyncFromCV=1
          where utc-cv-utc is the UTC Connector name

          Then do a

          ldapmodify -D "cn=Directory Manager" -w password -h lucifer.india.sun.com -p 1389 -f utc2cv.ldif


          Finally execute the input.ldif

          admin-URL: http://admin:password@lucifer.india.sun.com:10010
          admin-path: utc50-cv-utc/Tasks/request
          op: refresh CV

          where cv-utc, in admin-path, is the CV Name for the UTC Connector




          ------------------------------------
          • 2. Re: Meta-Admin tool errors starting a UTC connector
            807573
            Hello from Helsinki, Finland.

            Great article. Certainly more informative than the Meta 5.1 Admin guide, my only source of information.

            I 'run' meta-admin exactly as you describe only I used the -x flag.

            cd $NETSITE_ROOT/bin/meta50/bin
            ./meta-admin -ax < $NETSITE_ROOT/start-tiimiCV.ldif

            I think I need buy a Meta-English directory. Your terms are confusing.

            CV name for connector??
            UTC Connector name??

            I am not quite sure what these terms are. I believe my .ldif file is correct.

            At the meta console initial page. under server group (2) i see..

            Meta-Directory (join50-engine)
            Meta-Directory (utc50-STMtiimi)

            When i view the open the join-engine page from meta console ..
            under the configuration tab I have

            Connector View STMtiimi

            and under Connectors - Universal utc-STMtiimi


            so my startSTMtiimi.ldif file is I think.

            admin-URL: http://admin:admin@hus.edelkey.net:30789
            configuration: ldap://hus.edelkey.net:3891/
            cn%3Dutc-STMtiimi%2Ccn%3DConnedctors%2Ccn%3Dsystem%2C
            ou%3D5%2Cou%3Dmeta-directory%2Cou%3Dglobal%20preferences%2C
            ou%3Dedelkey.net%2Co%3Dnetscaperoot
            authenticationDetails: simple "cn=Directory Manager" managerxy
            admin-path: utc50-STMtiimi/Tasks/start

            but i get an error:

            NMC_Status: 0
            NMC_ErrInfo: chown /user/STMmeta/servers/utc-STMtiimi/config/start.conf
            usage: chown [-fhR] owner[:group] file...
            chown: at start.pl line 89.

            which I dont understand.
            • 3. Re: Meta-Admin tool errors starting a UTC connector
              807573
              Yes...terminology can be tricky. Basically what I mean is Connector View Name (CV Name), and Connector Name.

              Anyways, for you I think you should be fine with putting the below on the top of your ldif.

              SuiteSpotUser: root

              Cheers
              Suveer Chainani
              • 4. Re: Meta-Admin tool errors starting a UTC connector - ldap errors??!!
                807573
                I am progressing.

                I locate a problem, but unsure how to correct it.

                When I attempt to start the UTC connector via the Meta-Admin tool, I get the following log file:-

                [2005/01/11 10:58:46.38 +0200] 3928:3940 3 Log Creating Logging Grunt Thread
                [2005/01/11 10:58:46.39 +0200] 3928:3940 3 Log Created Logging Grunt Thread Successfully
                [2005/01/11 10:58:46.39 +0200] 3928:3940 3 PerlMain Product-id: SunONE.utc-prima
                [2005/01/11 10:58:46.40 +0200] 3928:3940 3 LdapConfig PerlDra LogDirectory configuration is not set
                [2005/01/11 10:58:46.40 +0200] 3928:3940 3 LdapConfig PerlDra LogPrefix configuration is not set
                [2005/01/11 10:58:46.40 +0200] 3928:3940 3 LdapConfig PerlDra LogMinFreeKBytes configuration is not set
                [2005/01/11 10:58:46.40 +0200] 3928:3940 3 LdapConfig PerlDra LogTotalMaxKBytes configuration is not set
                [2005/01/11 10:58:46.40 +0200] 3928:3940 3 LdapConfig PerlDra MaxLogFileSize configuration is not set
                [2005/01/11 10:58:46.40 +0200] 3928:3940 3 LdapConfig PerlDra LogRollOverDays configuration is not set
                [2005/01/11 10:58:46.40 +0200] 3928:3940 3 LdapConfig PerlDra LogRetentionDays configuration is not set
                [2005/01/11 10:58:46.40 +0200] 3928:3940 3 LdapConfig 777134200021046154gBufferTime configuration is not set
                [2005/01/11 10:58:46.40 +0200] 3928:3940 1 Service -------- STOP SunONE.Connector service

                yet I can start the connector quite happily from the Console.

                The questions now:

                are these LDAP values critical and if so..
                how to set them!!!!

                I can't understand why the JE can be started quite successfully via Meta-Admin yet the UTC connector gives these problems.

                I appreciate all the help so far... this Meta-Admin tool is very important (to me) as it is the only tool to allow a fully automatic Meta start-up following a system reboot.
                • 5. Re: Meta-Admin tool errors starting a UTC connector
                  807573
                  Hi,

                  Suveer's pointer to "SuiteSpotuser" might sort you out but in addition here's a script I use to start/stop UTC's.

                  In my case the suitespotuser is a new account I created called 'meta' and you'll need to edit the port 60232 to be the port number of your meta admin server and port 390 to the port number of your meta config instance (Netscaperoot). You'll also need to change the NETSITE_ROOT.

                  Call the script UTC.ksh and make it executable then run it with the command:

                  ./UTC.ksh start CVxxx

                  where CVxxx is the name of your connector minus the utc- bit.

                  Hope it helps!

                  Barry


                  #!/usr/bin/ksh

                  # Edit the following variables to reflect your environment

                  ADMUSER=admin
                  ADMPWD=password
                  METAFQDN=host.yourdomain.com
                  METAUSER=dWlkPU1ldGFNYW5hZ2VyLG89TmV0c2NhcGVSb290
                  METAPWD='bWV0YW1hbmFnZXI='
                  METADOMAIN=yourdomain.com

                  export ADMUSER ADMPWD METAFQDN METAUSER METAPWD METADOMAIN

                  NETSITE_ROOT=/opt/meta

                  export NETSITE_ROOT

                  cd /opt/meta/bin/meta50/bin

                  tmpldif_file=/tmp/ldapcmd.ldif

                  echo "SuiteSpotUser: meta" > ${tmpldif_file}
                  echo "admin-URL: http://${ADMUSER}:${ADMPWD}@${METAFQDN}:60232" >> ${tmpldif_fil
                  e}
                  echo "authenticationDetails: simple_base64 ${METAUSER} ${METAPWD}" >> ${tmpldif_
                  file}
                  echo "configuration: ldap://${METAFQDN}:390/cn%3dutc-$2,%20cn%3dConnectors,cn%3d
                  System,%20ou%3d5,%20ou%3dMeta-Directory,%20ou%3dGlobal%20Preferences,%20ou%3d${M
                  ETADOMAIN},%20o%3dNetscapeRoot" >> ${tmpldif_file}

                  case "$1" in
                  start)
                  echo "admin-path: utc50-$2/Tasks/$1" >> ${tmpldif_file}
                  echo " " >> ${tmpldif_file}
                  /opt/meta/bin/meta50/bin/meta-admin < ${tmpldif_file} 2>&1
                  /usr/bin/rm ${tmpldif_file}
                  ;;
                  *)
                  echo "Usage: $0 { start <utc> | stop <utc> }"
                  exit 1
                  ;;
                  esac
                  exit top)
                  echo "admin-path: utc50-$2/Tasks/$1" >> ${tmpldif_file}
                  echo " " >> ${tmpldif_file}
                  /opt/meta/bin/meta50/bin/meta-admin < ${tmpldif_file} 2>&1
                  /usr/bin/rm ${tmpldif_file}
                  ;;
                  *)
                  echo "Usage: $0 { start <utc> | stop <utc> }"
                  exit 1
                  ;;
                  esac
                  exit 0