IBM Tivoli Directory Server Fixes
| IBM Tivoli Directory Server |
|---|
| IBM Tivoli Directory Server Topics |
| How To · Troubleshooting · Technical Notes |
[edit] DB2LDIF fails with a failed to log on user error message
So you are getting this when running db2ldif:
GLPCOM014E Failed to log on user: instancenamehere. GLPRDB111E The server is unable to use the username and password combination for the DB2 instance owner in the configuration file to establish a connection to the database.
Make sure your instancenamehere user is active and has the active password. On windows go to the "Local Users and Groups" console, pull up the user and make sure that it is active, the password change is not required and that the password never expires.
[edit] Attributes names limitations
- IDS does not support underscores in attribute names
- IDS does not support attribute names that are nonunique within the first 16 characters (DB2 limitation for index field names)
[edit] IDSWebApp logs location
WebSphere\AppServer\profiles\default\IDSLogs\logs
[edit] LDAP cant connect to a db on start and continues in a config-only mode
Try to connect to the db directly. Su - ldapdb2 and run:
db2 connect to database database using user using password
If is in a backup pending mode run the Offline backup script.
[edit] Lost password to superadmin to ITDSWebApp
replace the contents of ldap/appsrv/installedApps/DefaultNode/IDSWebApp.war.ear/IDSWebApp.war/WEB-INF/classes/security/console_passwd with this ef13c691261ad9f4f313 ef03d586310f (makes the password back to 'secret')
[edit] A suffix is in a read-only mode because it is a slave of a replication. need to make it read-write
First you should have read this.
If nothing helped this is what I did - backup everything into an ldif. kill the db2. remove slave replication entries from the ldif. recreate the db2. import everything back into the ldap. Seemed to work fine on a db2 with close to a million entries. Here is the list of commands
idsdb2ldif -o ldap.ldif -I iamldap idsucfgdb -I iamldap idscfgdb -I iamldap -a db2admin -t idsdb -l e:\ idsldif2db -i ldapx.ldif -I iamldap -r no
[edit] Replication error in a peer-to-peer configuration only on one side
Make sure replicator user (e.g. cn=replicator) has proper priviliges on the system. try to add an entry from the other side manually
ldapadd -h host -D cn=replicator -w... -i file.ldif
with the file.ldif like this
dn: cn=test,dc=com cn: test objectclass: accessGroup
if it fails then the easiest solution is to add cn=replicator to the suffix owners. login into IDS WebApp, directory management->manage entry, select the suffix, in a drop down next to the "go" button select "edit acls" click owners (last tab) and add it (cn=replicator) as a new "access-id" type. Try the ldapadd again.
See here for an official fix. (last time I tested the fix did not work so I had to come up with the above workaround)
|
|||||
