Total Pageviews

Thursday, July 24, 2014

how to check OHS version in Linux or solaris

Answer:

 Go to $OHS_HOME/inventory
Now run 'ls -d Components*/*/* |grep -i ohs2'
 

Wednesday, July 23, 2014

5.2 LDAP startup issue:

DS 5.2 have issue of keeping pid file when it is shutdown abnormally. when u restart DS it give following error. 11g automatically clear this attribute.


ERROR<5895> - Schema  - conn=-1 op=-1 msgId=-1 - User error:  Entry "cn=schema", single-valued attribute "nsSchemaCSN" has multiple values


Solution:
you need to clear PID file that is created under /instance/locks/server directory. remove any process file created under this /server directory and restart server. it will start after some recovery process.
 

user cant open crontab when running following command
 
$ crontab -l

crontab: can't open your crontab file.

Solution:

User don’t have access to run cronjob. User need to be in  cron.d/cron.allow  file in order to run cronjobs. contact you system administrator to add user id in cron.allow file

SSL communication between OAM and OID failing with error

OAM and OID authentication issue.
error while configuring SSL communication between OAM and OID

<oracle.ods.virtualization.engine.backend.jndi.adapter1> <LIBOVD-60024> <Connection error: simple bind failed: servername.port>
 <Warning> <oracle.igf.ovd> <IGF-00008> <Operations error: mesg=Protocol Error LDAP Error 2 : simple bind failed
 <Error> <oracle.oam.user.identity.provider> <OAMSSA-20023> <Authentication Failure for user


Solution

it is a bug  : OAM 11GR2PS2 - OID USER IDENTITY STORE ISSUES IF SSL ENABLED. there is no fix yet.
 

Sunday, July 6, 2014


 
Issue : OAM 10g Error

. <html><head><title>Oracle Access Manager Operation Error</title><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=utf-8"></head><body><h1>Oracle Access Manager Operation Error</h1><p>The mapping of credentials (Resource=/login.html RequesterIP=ipaddress HostTarget=http://servername:port Operation=GET) to a user profile failed. The Access Server may not be able to connect to the user directory, or the authentication scheme Anonymous Authentication may have an invalid obMappingFilter parameter for its credential_mapping plugin.</p><p>Contact your website administrator to remedy this problem.</p></body></html

 
solution.:
this issue happen when you are trying to put a login page at the place that is already protected by policy. in order to resolve this you have to create new Policy for anonyms user and unprotect your login page.

Create another policy to unprotect the page you are trying to access. at this policy you have to give access to anonymous users.
 
here are some steps to define Anynomys Policy to access login page that is under /login/login.html.

1.      General Tab à (specify name of authentication scheme)

 

2.      Resources à Resource Type (http) à Host Identifiers (hostname) à URL Prefix (page where your url exists e.g /login/login.html).

 

3.      Authorization Rules à Anonymous Authorization rule.

 

a.      Allow Acccess (OblixAnonymous) Role Any one.

4.      Default Rules à at General Authentication Scheme = Anonymous Authentication

a.      Authorizatoin Expression = Anonymous Authorization rule.
 
 

5.      Policies à Resouces types = http

a.      Resouce Operations Get POST Put

b.      Resource

                                                    i.     Host Identifiers = hostname

                                                   ii.     URL Prefix /login/login.html

                                                  iii.     Host Identifiers = Hostname

 or other reason can be your OID or LDAP is missing username defined in Plugin obMappingFilter
in order to fix this do following.

if u are using 10g go to Access console  --> Access System Console --> click on Authentication Management.

at Authentication Management scheme for Anonymous Authentication there is a Plugin defined like

credential_mapping
obMappingBase="dc=t-mobile,dc=com",obMappingFilter="(uid=OblixAnonymous)"


Make sure cn=OblixAnonymous is present in OID or LDAP. If not, import/create this user. This user is required to have anonymous access to Lost Password Management url.