1 2 3 4 5 Previous Next 66 Replies Latest reply on Feb 6, 2012 10:04 AM by Abhishek Singh 'J_IDM' Go to original post
      • 45. Re: Installed OIM Server but can't login
        KdeGraaf
        Hi J,

        I'm getting an error while running LDAPConfigPostSetup.
        Do you maybe have any Idea why that is?

        Can it have something to do with oblixpersonpwdpolicy and oblixOrgPerson objectclasses that are not attached to user orcladmin and PUBLIC?
        (see video 7, sheet 12)
        In the video you have to manually update those users. I didn't do that because I did not kown how to add those classes.
        [oracle@FusionMiddleware ldap_config_util]$ export WL_HOME=/u01/Oracle/Middleware/wlserver_10.3
        [oracle@FusionMiddleware ldap_config_util]$ ./LDAPConfigPostSetup.sh
        [Enter OID admin password:]
        [Enter OIM admin password:]
        UsernamePasswordLoginModule.initialize(), debug enabled
        UsernamePasswordLoginModule.login(), username xelsysadm
        UsernamePasswordLoginModule.login(), URL t3://iamserver.server.nl:14000
        java.lang.reflect.InvocationTargetException
                at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
                at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
                at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
                at java.lang.reflect.Method.invoke(Method.java:597)
                at oracle.iam.platform.OIMClient.loginSessionCreated(OIMClient.java:209)
                at oracle.iam.platform.OIMClient.login(OIMClient.java:136)
                at oracle.iam.platform.OIMClient.login(OIMClient.java:129)
                at oracle.iam.platformservice.utils.LDAPConfigPostSetup.<init>(LDAPConfigPostSetup.java:125)
                at oracle.iam.platformservice.utils.LDAPConfigPostSetup.main(LDAPConfigPostSetup.java:87)
        Caused by: org.omg.CORBA.NO_PERMISSION:   vmcid: 0x0  minor code: 0  completed: No
                at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
                at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
                at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
                at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
                at java.lang.Class.newInstance0(Class.java:355)
                at java.lang.Class.newInstance(Class.java:308)
                at com.sun.corba.se.impl.protocol.giopmsgheaders.MessageBase.getSystemException(MessageBase.java:897)
                at com.sun.corba.se.impl.protocol.giopmsgheaders.ReplyMessage_1_2.getSystemException(ReplyMessage_1_2.java:99)
                at com.sun.corba.se.impl.protocol.CorbaMessageMediatorImpl.getSystemExceptionReply(CorbaMessageMediatorImpl.java:572)
                at com.sun.corba.se.impl.protocol.CorbaClientRequestDispatcherImpl.processResponse(CorbaClientRequestDispatcherImpl.java:452)
                at com.sun.corba.se.impl.protocol.CorbaClientRequestDispatcherImpl.marshalingComplete(CorbaClientRequestDispatcherImpl.java:339)
                at com.sun.corba.se.impl.protocol.CorbaClientDelegateImpl.invoke(CorbaClientDelegateImpl.java:129)
                at org.omg.CORBA.portable.ObjectImpl._invoke(ObjectImpl.java:457)
                at oracle.iam.platformservice.api._ClientLoginSessionService_1nfafx_ClientLoginSessionServiceRemoteRIntf_Stub.loginSessionCreatedx(Unknown Source)
                at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
                at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
                at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
                at java.lang.reflect.Method.invoke(Method.java:597)
                at weblogic.ejb.container.internal.RemoteBusinessIntfProxy.invoke(RemoteBusinessIntfProxy.java:85)
                at $Proxy0.loginSessionCreatedx(Unknown Source)
                at oracle.iam.platformservice.api.ClientLoginSessionServiceDelegate.loginSessionCreated(Unknown Source)
                at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
                at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
                at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
                at java.lang.reflect.Method.invoke(Method.java:597)
                at Thor.API.Base.SecurityInvocationHandler$1.run(SecurityInvocationHandler.java:68)
                at weblogic.security.subject.SubjectProxy.doAs(SubjectProxy.java:64)
                at weblogic.security.subject.SubjectManager.runAs(SubjectManager.java:262)
                at weblogic.security.Security.runAs(Security.java:48)
                at Thor.API.Security.LoginHandler.weblogicLoginSession.runAs(weblogicLoginSession.java:52)
                at Thor.API.Base.SecurityInvocationHandler.invoke(SecurityInvocationHandler.java:79)
                at $Proxy1.loginSessionCreated(Unknown Source)
                ... 9 more
        org.omg.CORBA.NO_PERMISSION:   vmcid: 0x0  minor code: 0  completed: No
                at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
                at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
                at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
                at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
                at java.lang.Class.newInstance0(Class.java:355)
                at java.lang.Class.newInstance(Class.java:308)
                at com.sun.corba.se.impl.protocol.giopmsgheaders.MessageBase.getSystemException(MessageBase.java:897)
                at com.sun.corba.se.impl.protocol.giopmsgheaders.ReplyMessage_1_2.getSystemException(ReplyMessage_1_2.java:99)
                at com.sun.corba.se.impl.protocol.CorbaMessageMediatorImpl.getSystemExceptionReply(CorbaMessageMediatorImpl.java:572)
                at com.sun.corba.se.impl.protocol.CorbaClientRequestDispatcherImpl.processResponse(CorbaClientRequestDispatcherImpl.java:452)
                at com.sun.corba.se.impl.protocol.CorbaClientRequestDispatcherImpl.marshalingComplete(CorbaClientRequestDispatcherImpl.java:339)
                at com.sun.corba.se.impl.protocol.CorbaClientDelegateImpl.invoke(CorbaClientDelegateImpl.java:129)
                at org.omg.CORBA.portable.ObjectImpl._invoke(ObjectImpl.java:457)
                at oracle.iam.scheduler.api._SchedulerService_lp8yuv_SchedulerServiceRemoteRIntf_Stub.getJobDetailsx(Unknown Source)
                at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
                at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
                at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
                at java.lang.reflect.Method.invoke(Method.java:597)
                at weblogic.ejb.container.internal.RemoteBusinessIntfProxy.invoke(RemoteBusinessIntfProxy.java:85)
                at $Proxy2.getJobDetailsx(Unknown Source)
                at oracle.iam.scheduler.api.SchedulerServiceDelegate.getJobDetails(Unknown Source)
                at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
                at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
                at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
                at java.lang.reflect.Method.invoke(Method.java:597)
                at Thor.API.Base.SecurityInvocationHandler$1.run(SecurityInvocationHandler.java:68)
                at weblogic.security.subject.SubjectProxy.doAs(SubjectProxy.java:64)
                at weblogic.security.subject.SubjectManager.runAs(SubjectManager.java:262)
                at weblogic.security.Security.runAs(Security.java:48)
                at Thor.API.Security.LoginHandler.weblogicLoginSession.runAs(weblogicLoginSession.java:52)
                at Thor.API.Base.SecurityInvocationHandler.invoke(SecurityInvocationHandler.java:79)
                at $Proxy3.getJobDetails(Unknown Source)
                at oracle.iam.platformservice.utils.LDAPConfigPostSetup.updateLDAPSyncScheduleJobs(LDAPConfigPostSetup.java:153)
                at oracle.iam.platformservice.utils.LDAPConfigPostSetup.main(LDAPConfigPostSetup.java:91)
        [oracle@FusionMiddleware ldap_config_util]$ 
        • 46. Re: Installed OIM Server but can't login
          KdeGraaf
          Found it already....

          It is asking for OID and OIM password.... I tought it was asking for OIM password twice.

          Still curious about this:
          Can it have something to do with oblixpersonpwdpolicy and oblixOrgPerson objectclasses that are not attached to user orcladmin and PUBLIC?
          +(see video 7, sheet 12)+
          In the video you have to manually update those users. I didn't do that because I did not kown how to add those classes.
          • 47. Re: Installed OIM Server but can't login
            KdeGraaf
            J,

            Can you maybe help me with these questions:



            1.
            I started the weblogic servers and on the enterprise manager I see that oid1 is down.
            Should I boot that manually or should that come up with something else?

            2.
            In video 7, sheet 12 is mentioned that some classes(oblixpersonpwdpolicy, oblixOrgPerson ) need to be added to the user orcl and PUBLIC.
            How can I do that?

            I'm using JXplorer to examine the users. I added the classes with the button <Change Class>. Then I click in <Submit> but that is giving me this message "Unable to perform Modify operation."
            details: javax.naming.directory.InvalidAttributeValueException:[LDAP:error code 19 - Constraint Violation]; remaining name 'cn=orcladmin,cn=Users,dc=domain,dc=nl
            • 48. Re: Installed OIM Server but can't login
              Abhishek Singh 'J_IDM'
              Sorry, I was out of town with no access to net.

              1) The OID can be started using opmctl command... it will be present in ur MW_HOME/ast****/bin
              -> ./opmctl status
              if its stopped...then run the following command
              ./opmnctl startall

              PS: The command spelling may be incorrect above..just verify in the directory where u installed OID/OVD etc

              2) To add any class...U dont need to use JXplorer. The ODSM provides very good GUI to work with OID/OVD.

              So try to access ur ODSM using URL. http://hostname:7005/odsm
              -> on top right corner, >> symbol..try to connect directory..
              Give ur OID connection details..

              After that U should be able to login to ur OID using ODSM console.

              All d best :)

              J
              • 49. Re: Installed OIM Server but can't login
                KdeGraaf
                Hi J,

                Thanks for helping again!
                ODSM works much easier than JXplorer.

                I am now running weblogicexportmetadata.sh (Video 8, sheet 36)and I get this error:
                 
                Problem invoking WLST - Traceback (innermost last):
                  File "/u01/Oracle/Middleware/Oracle_IAM2/server/bin/weblogicExportMetadata.py", line 22, in ?
                  File "/u01/Oracle/Middleware/oracle_common/common/wlst/mdsWLSTCommands.py", line 237, in exportMetadata
                  File "/u01/Oracle/Middleware/oracle_common/common/wlst/mdsWLSTCommands.py", line 727, in executeAppRuntimeMBeanOperation
                  File "/u01/Oracle/Middleware/oracle_common/common/wlst/mdsWLSTCommands.py", line 697, in getMDSAppRuntimeMBean
                UserWarning: MDS-91002: MDS Application runtime MBean for "@appname" is not available. "exportMetadata" operation failure.
                Looks like the tool does not know wich app to use and that is why I see @appname.
                I googled and found this page:http://docs.oracle.com/cd/E14571_01/doc.1111/e14309/utils.htm
                There I read "Set the necessary properties in the weblogic.properties file, which is located in the same folder as the utilities."
                All values are empty there.

                should I use OIM or OIMMetadata as application_name?
                • 50. Re: Installed OIM Server but can't login
                  Abhishek Singh 'J_IDM'
                  Its OIMMetadata ...just have a look to this link.
                  http://docs.oracle.com/cd/E14571_01/doc.1111/e14309/utils.htm

                  Regards,
                  J
                  • 51. Re: Installed OIM Server but can't login
                    KdeGraaf
                    Hi J,

                    Thanks, have it working now.

                    I just installed webgate and restarted the OHS.
                    If I now want to go to OIM I get redirected and need to fill in my SSO credentials.
                    xelsysadm is not working and if I login with oamadmin I get logged to OIM as oamadmin. But that is not what I want.

                    How can I login to OIM as xelsysadm now?

                    Thanks.
                    • 52. Re: Installed OIM Server but can't login
                      Abhishek Singh 'J_IDM'
                      Hi,

                      Ideally it should work after succesful integration..

                      Neways, now u need to debug why its not allowing xelsysadm....

                      so check following items now..

                      1) check whether xelsysadm is present in ur OID..let me know the result..

                      2) check OAM managed Server log when u enter XELSYSADM/PASSWORD,..in the SSO login page..copy page the error message..


                      After that I can tell what is the problem..

                      It may be some problem with ur Identity/Data Store mentioned in OAM/Providers..

                      Regards,
                      J
                      • 53. Re: Installed OIM Server but can't login
                        KdeGraaf
                        HI J,

                        I have an other issue now.
                        I restarted the server and now I can't reach OIM login page anymore. I get an error 404.
                        Error 404--Not Found
                        From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
                        10.4.5 404 Not Found
                        
                        The server has not found anything matching the Request-URI. No indication is given of whether the condition is temporary or permanent.
                        
                        If the server does not wish to make this information available to the client, the status code 403 (Forbidden) can be used instead. The 410 (Gone) status code SHOULD be used if the server knows, through some internally configurable mechanism, that an old resource is permanently unavailable and has no forwarding address.
                        I think it has something to do with the file /u01/Oracle/Middleware/asinst_1/config/OHS/ohs1/mod_wl_ohs.conf I edited.
                        I added:
                        <IfModule weblogic_module>
                            <Location /oamconsole>
                            SetHandler weblogic-handler
                            WebLogicHost iamserver.domain.nl
                            WebLogicPort 7001
                            </Location>
                            <Location /apmconsole>
                            SetHandler weblogic-handler
                            WebLogicHost iamserver.domain.nl
                            WebLogicPort 7001
                            </Location>
                        </IfModule>
                        
                        <IfModule weblogic_module>
                            WebLogicHost iamserver.domain.nl
                            WebLogicPort 14100
                            MatchExpression /oam*
                        </IfModule>
                        
                        <IfModule weblogic_module>
                            WebLogicHost iamserver.domain.nl
                            WebLogicPort 14000
                            MatchExpression /oim*
                            MatchExpression /admin*
                            MatchExpression /xlWebApp*
                            MatchExpression /Nexaweb*
                            MatchExpression /workflowservice*
                            MatchExpression /callbackService*
                            MatchExpression /SchedulerService-web*
                            MatchExpression /iam-consoles-faces*
                        </IfModule>
                        When I remove that code and restart OHS and then go to \OIM then I get also a 404 error. But then the page only contains
                        Not Found 
                        Sorry!The page requested was not found.
                        Do you know what is going wrong?
                        • 54. Re: Installed OIM Server but can't login
                          Abhishek Singh 'J_IDM'
                          Hi,

                          I am not very sure where problem happened..do u have ur backup files?

                          If yes, revert and try to make changes one by one and see where exactly its failing..

                          Better...do google and check abt errors which u r getting :)

                          J

                          Edited by: J_IDM on Feb 2, 2012 10:24 PM
                          • 55. Re: Installed OIM Server but can't login
                            KdeGraaf
                            Hi J,

                            I have a backup from yesterday. I have the login issue now with xelsysadm

                            1) check whether xelsysadm is present in ur OID..let me know the result..
                            No I deleted that users, video told me to do so.... (video 7, sheet 13)
                            I did create the user System Administrator.

                            2) check OAM managed Server log when u enter XELSYSADM/PASSWORD,..in the SSO login page..copy page the error message..
                            I get a message user xelsysadm not found.


                            I can login with the user System Administrator that I created.
                            When I do that I get to the login page of OIM. In the OIM log I see now user System Administrator not found.
                            When I now try login with xelsysadm I see:
                            <Feb 3, 2012 10:12:58 AM CET> <Warning> <oracle.oam.agent-default> <BEA-000000> <OAM Server request failed: OpCode = 1 [IsResrcOpProtected], Returned Status = Major code: 5(ResrcOpNotProtected) Minor code: 2(NoCode) , extraInfo = [prefHost:IAMSuiteAgent, resource:/oim/faces/pages/Login.jspx]>
                            Did I lock myself out of OIM?
                            • 56. Re: Installed OIM Server but can't login
                              Abhishek Singh 'J_IDM'
                              In the video,

                              the UID for SYSTEM ADMIN is XELSYSADM only.

                              So whats UID of SYSTEM ADMINISTRATOR?

                              The step was required because using prepareIdentityStore, the firstname,lastname and other mandatory items were not passed.

                              So if ur UID=XELSYSADM, then the XELSYSADM should be able to do login.


                              REGARDS,
                              J
                              • 57. Re: Installed OIM Server but can't login
                                KdeGraaf
                                Hi J,

                                Thanks for quick responding.

                                The UID is XELSYSADM: http://imageshack.us/f/72/screenshotavq.png/

                                But I can't login with xelsysadm.
                                • 58. Re: Installed OIM Server but can't login
                                  Abhishek Singh 'J_IDM'
                                  check,,using which attribute ur OAM is authenticating,..is it cn or uid?

                                  if its cn then you can change ur OAM/provider setting to use uid.

                                  Check what ur requirement in ur enviornment..whether they want authentication based on cn or uid..

                                  If its cn, then in OID, change it to cn=xelsysadm for System Adminstrator you have created.

                                  J
                                  • 59. Re: Installed OIM Server but can't login
                                    Abhishek Singh 'J_IDM'
                                    Also, I am unable to view ur snapshot...

                                    So if the above suggestion does not work, then copy paste the OID content for this SYSTEM Administrator here...