Novell Support Forums - New Posts
Install and Upgrade with EVMS Partitioned Server
Install and Upgrade with EVMS Partitioned Server
20-Nov-2009 02:55 PM
Creating EVMS partitions on a clean disk machine:
If the server has the partitions created already with a previous installation, delete the old partitions and create the EVMS partitions new.
Follow the steps below to clean up the disk and create the partitions.
More...
20-Nov-2009 02:55 PM
Creating EVMS partitions on a clean disk machine:
- Click Partitioning on the Installation Settings screen and select Create EVMS Based Proposal and click Next.
http://www.novell.com/communities/fi...7/9308-1_0.jpg
Click to view.
- It creates a boot partition and lvm container with EVMS volumes on the second partition.
http://www.novell.com/communities/fi...7/9308-2_0.jpg
Click to view.
If the server has the partitions created already with a previous installation, delete the old partitions and create the EVMS partitions new.
Follow the steps below to clean up the disk and create the partitions.
- Choose Create Custom Partition Setup
http://www.novell.com/communities/fi...7/9308-3_0.jpg
Click to view.
- Then select disk
http://www.novell.com/communities/fi...7/9308-4_0.jpg
Click to view.
- Press the button Use entire hard disk and choose the Create EVMS Based Proposal option.
http://www.novell.com/communities/fi...7/9308-5_0.jpg
Click to view.
- It goes back to the Installation Settings screen with the EVMS partitions created.
It then deletes the existing partitions and creates a new boot partition and lvm container with EVMS volumes.</p>
http://www.novell.com/communities/fi...7/9308-6_0.jpg
Click to view.
- Install OES2 SP1 with EVMS Partitioning to create NSS pools and Volumes.
- Down the server and upgrade to OES2 SP2. During System for Update screen, while mounting the partitions, it shows a window saying the /dev/evms/sda1 could not be mounted.
- Select the button "Specify Mount options".
http://www.novell.com/communities/fi...7/9308-7_0.jpg
Click to view.
- By default the path under Device will be /dev/evms/sda1.
http://www.novell.com/communities/fi...7/9308-8_0.jpg
Click to view.
- Edit the Device to remove evms i.e /dev/evms/sda1 to /dev/sda1, then click OK.
http://www.novell.com/communities/fi...7/9308-9_0.jpg
Click to view.
- Start the Update on the EVMS Partitioned server.
http://www.novell.com/communities/fi.../9308-10_0.jpg
Click to view.
More...
Categories: Novell Support Forums - New Posts
Error Codes of the SAP HR driver for Identity Manager - Part
Error Codes of the SAP HR driver for Identity Manager - Part 1
20-Nov-2009 01:13 PM
SAP HR Driver, error messages:
Table of Contents:
Introduction:
Novell Identity Manager has a list of various pre built drivers for a variety of systems. For example, Active Directory, Lotus Notes, SAP UM, SAP HR, PeopleSoft, BMC Remedy, and so on.
There are a couple of generic drivers as well, that handle a large number of different systems. These include the JDBC driver, which can connect to most databases that have a JDBC interface available. There is the LDAP driver that connects to a large number of LDAP systems, There is the SOAP driver which can connect in principle to any SOAP (SPML or DSML) based web service. There are the Delimited Text driver, for when all else fails, as long as you can you get a text file (CSV perhaps) dump of the data you can use this driver. You could always write your own, using the Java API to connect to the target systems native interfaces, or when available you can use the Scripting driver to do the same, but in a simpler fashion.
Between all these options you should be good to connect most systems as needed.
Once you have a nice system set up, troubleshooting is always entertaining. One criticism I have of the Novell provided documentation is that it does not have sufficient documentation of possible error codes that can occur for each driver. Now to be fair, this is a pretty hard task, as many of the error codes are not actually generated on the Novell Identity Manager engine side, and rather are often system specific to the connected system. Nonetheless I think it would be very beneficial to include such error codes and cases. I have noticed that the troubleshooting section of the driver docs have been getting filled in, with at least some minor amount of details in the latest revisions of the documentation, which is a very good thing. But as always, I encourage more content from the writers.
Rather than just be a blow hard and annoy people, I decided to try and work on this issue myself.
I have a series of articles along this train of thought. For the JDBC driver I wrote:
I did the same for the Active Directory driver in this series of articles:
Error Codes of the eDirectory Driver for Identity Manager - Part 1
I have more content stored up, that I need to finish up writing, like this article on the SAP HR driver error codes. I have a bunch of error messages from the GroupWise, and eDirectory drivers I need to write about.
I highly recommend that when you work with a new driver, keep a nice text editor open, and as each error occurs, paste it into a continuing file, and as soon as you figure out the problem, write down a couple of lines explaining the issue. Then when you have some time, write it up in this sort of format and submit it to Cool Solutions. This way everyone benefits!
Additionally, if you are not aware of it, the Novell Support Forums do an excellent job of supporting Novell products for free. The community works to answer the questions, and Novell does encourage people by selecting some of the more common contributors to be Novell Knowledge Partners. I personally follow the Identity Manager forums and lightly watch some of the others. You can find the Novell Support Forums at http://forums.novell.com or you can use NNTP in a news reader like Thunderbird or the GroupWise client as well. I personally prefer NNTP over a web interface, but the web interface is more easily searched and indexed, so different strokes for different folks.
Before we get to the error codes, a few quick points about the SAP HR driver, SAP as a system is HUGE! It has many many components and systems, and lots of people involved in getting it going. There are actually several SAP drivers from Novell. The original two are the SAP UM, and HR modules. The SAP UM lets you synchronize users in and out of SAP, as users of the system. That is, as users in SAP, who can log in to a module and do work. Alas, the way passwords work in SAP, they are per module. There is a specific SAP module called the CUA (Central User Agent?) which the SAP UM driver can connect too, and push users into, and then the CUA within SAP can push those users to other modules, but it does not push passwords. In which case, you might have a standard SAP UM driver connecting to the CUA to synchronize users, but need additional drivers for all the systems you wish to synchronize passwords too, that only sync passwords, and no other attributes.
Novell has since released a couple of SAP drivers for GRC, and Netweaver that I have not had time to look at, but sound interesting.
The SAP HR driver is meant to synchronize employees out of the HR system, as they are hired, transferred, and withdrawn (nobody is terminated in SAP, they are withdrawn). These are used to create user objects in the Identity Vault to populate and control users in all the other systems.
This article is just about the SAP HR driver. This driver is somewhat peculiar in at least three ways.
Error on bad iDOC format:
DirXML: [10/02/08 14:01:10.232]: TRACE: ParseIDoc: IDoc file opened successfully.DirXML: [10/02/08 14:01:10.258]: TRACE: ParseIDoc: Exception in IDoc Parsing: java.lang.NumberFormatException: For input string: " ". File processing terminated.DirXML: [10/02/08 14:01:10.268]: TRACE: ParseIDoc: File '/idm/idocs/O_400_00000000115871645' renamed to '/idm/idocs/O_400_00000000115871645.proc' successfully.DirXML: [10/02/08 14:01:10.750]: TRACE: SAPPublicationShim: Setting 'success' status on eventObject 'P+00011188'DirXML: [10/02/08 14:01:10.751]: TRACE: ParseIDoc: Status of Published document 'O_400_00000000115871645' is 'bad'DirXML: [10/02/08 14:01:10.763]: TRACE: ParseIDoc: File 'O_400_00000000115871645.proc' renamed to '/idm/idocs/O_400_00000000115871645.bad' successfully.As I was learning about iDOCs I tried editing one myself, to cut it into pieces and make it smaller, into a single event I could follow and troubleshoot. Well looks like I made a typo.
The formatting is VERY constrained and non tolerant of errors. Extra carriage returns or line feeds are a definite no no, and with everything being based on placement of the character in a very long line, you can imagine all the possible errors inadvertent editing could cause.
The good news is that vi or vim are great editors as they do not line wrap on you, munge carriage returns or line feeds, or otherwise do things that many Windows based editors will do to your file.
There are actually two different classes of this kind of error. This first one, just gets caught by the shim and treated as an error.
Then next class of error is much more fatal to the driver shim (whether it be running local or in a remote loader. Though as always, a remote loader is probably a better idea).
Fatal iDOC processing error:
This is the remote loader side trace of the event, as it reads the file, and sees an error. Finally it decides it is a fatal error.
DirXML: [10/01/09 10:49:06.017]: TRACE: ParseIDoc: No Character Set Encoding specified. Using default encoding: ISO8859_1DirXML: [10/01/09 10:49:06.018]: TRACE: ParseIDoc: IDoc file opened successfully.DirXML: [10/01/09 10:49:06.019]: TRACE: ParseIDoc: IDoc to parse: /idm/idocs/O_400_0000000019079301aDirXML: [10/01/09 10:49:06.020]: TRACE: ParseIDoc: Segment EDI_DC40DirXML: [10/01/09 10:49:06.025]: TRACE: ParseIDoc: Unable to read specified byte count from array. Bad line in input file.DirXML: [10/01/09 10:49:06.027]: TRACE: ParseIDoc: Segment E2PLOGIDirXML: [10/01/09 10:49:06.028]: TRACE: ParseIDoc: Object type S found in filter.DirXML: [10/01/09 10:49:06.028]: TRACE: ParseIDoc: Parsing object type S segmentDirXML: [10/01/09 10:49:06.029]: TRACE: ParseIDoc: Object identifier: 00030928DirXML: [10/01/09 10:49:06.029]: TRACE: ParseIDoc: Operation: IDirXML: [10/01/09 10:49:06.030]: TRACE: ParseIDoc: E2PITYP foundDirXML: [10/01/09 10:49:06.030]: TRACE: ParseIDoc: Parsing infotype: 1000, subtype: DirXML: [10/01/09 10:49:06.031]: TRACE: ParseIDoc: GSA segment 'E2P1000001'DirXML: [10/01/09 10:49:06.032]: TRACE: ParseIDoc: Skipping history item - Type: P1000, timestamp: 20050418-20050801DirXML: [10/01/09 10:49:06.033]: TRACE: ParseIDoc: E2PITYP foundDirXML: [10/01/09 10:49:06.033]: TRACE: ParseIDoc: Parsing infotype: 1001, subtype: A003DirXML: [10/01/09 10:49:06.035]: TRACE: ParseIDoc: GSA segment 'E2P1001001'DirXML: [10/01/09 10:49:06.035]: TRACE: ParseIDoc: Skipping history item - Type: P1001, timestamp: 20050418-20050801DirXML: [10/01/09 10:49:06.036]: TRACE: ParseIDoc: Unable to read specified byte count from array. Bad line in input file.DirXML: [10/01/09 10:49:06.037]: DirXML Log Event ------------------- Driver = \ACME-EDIR\acme\services\idm\IDMSet\SAP-HR351 Thread = Publisher Level = error Message = Exception caused by PublicationShim.start()java.lang.NullPointerExcept ion at com.novell.nds.dirxml.driver.SAPShim.ParseIDoc.sta rtparse(ParseIDoc.java(Compiled Code)) at com.novell.nds.dirxml.driver.SAPShim.SAPPublicatio nShim.getOutboundIDoc(SAPPublicationShim.java(Comp iled Code)) at com.novell.nds.dirxml.driver.SAPShim.SAPPublicatio nShim.start(SAPPublicationShim.java(Compiled Code)) at com.novell.nds.dirxml.remote.loader.Driver.run(Dri ver.java:851) at java.lang.Thread.run(Thread.java:570)DirXML: [10/01/09 10:49:06.049]: DirXML Log Event ------------------- Driver = \ACME-EDIR\acme\services\idm\IDMSet\SAP-HR351 Thread = Publisher Level = fatal Message = Exception caused by PublicationShim.start()java.lang.NullPointerExcept ion at com.novell.nds.dirxml.driver.SAPShim.ParseIDoc.sta rtparse(ParseIDoc.java(Compiled Code)) at com.novell.nds.dirxml.driver.SAPShim.SAPPublicatio nShim.getOutboundIDoc(SAPPublicationShim.java(Comp iled Code)) at com.novell.nds.dirxml.driver.SAPShim.SAPPublicatio nShim.start(SAPPublicationShim.java(Compiled Code)) at com.novell.nds.dirxml.remote.loader.Driver.run(Dri ver.java:851) at java.lang.Thread.run(Thread.java:570) You can see the Log Event, that it is a Fatal type event, meaning the driver will shut down.
Then you see the driver shut down event. Nice that it ended so gracefully in this case.
DirXML: [10/01/09 10:49:06.068]: TRACE: Remote driver stopped Watching trace on the engine side shows, the following error, basically the same error the Remote Loader reported, bubbled back to the engine side.
This is useful, as often you may not have easy access to the Remote Loader side to watch the trace, nor might you be running it with trace enabled, as it can eat up disk space quickly, and reduce performance.
[10/01/09 10:49:06.061]:SAP-HR351 :Remote Interface Driver: Received.[10/01/09 10:49:06.061]:SAP-HR351 : Exception caused by PublicationShim.start()java.lang.NullPointerExcept ion at com.novell.nds.dirxml.driver.SAPShim.ParseIDoc.sta rtparse(ParseIDoc.java(Compiled Code)) at com.novell.nds.dirxml.driver.SAPShim.SAPPublicatio nShim.getOutboundIDoc(SAPPublicationShim.java(Comp iled Code)) at com.novell.nds.dirxml.driver.SAPShim.SAPPublicatio nShim.start(SAPPublicationShim.java(Compiled Code)) at com.novell.nds.dirxml.remote.loader.Driver.run(Dri ver.java:851) at java.lang.Thread.run(Thread.java:570) In the first case of a bad iDOC file, I no longer remember what and how I edited the file to cause the non fatal error, that was nicely handled by the shim. In the case of the fatal error, I am pretty sure all I did was leave a trailing empty line, carriage return in VI. Sort of like when you paste in, and the cursor does not have a ~ on the last line, rather there is a blank line in the view in VI. A simple dd to delete the line clears it up, but leaving it behind seems to have caused the issue.
The actual error, on the Remote Loader side that seems to get us in trouble here is: Unable to read specified byte count from array. Bad line in input file.
I wonder if this is a bug versus normal behavior, as it would seem this would be an excellent case, where the shim should quietly handle it as an error, rename the file to .bad as it does above in the previous example and get on with its life. But for some reason, this specific error is fatal. I don't really have the time to report it as a bug, but it leaves me wondering.
Bad Password for account in SAP:
DirXML Driver for SAP/HR Novell, Inc. Error authenticating to SAP host: RFC_ERROR_LOGON_FAILURE [10/08/08 12:58:47.684]:SAP-HR351 PT:Applying schema mapping policies to input.[10/08/08 12:58:47.685]:SAP-HR351 PT:Applying policy: %+C%14CMapping+Policy%-C.[10/08/08 12:58:47.682]:SAP-HR351 PT:Resolving association references.[10/08/08 12:58:47.687]:SAP-HR351 PT:DirXML Log Event ------------------- Driver: \ACME-DEV\acme\services\idm\IDMSet\SAP-HR351 Channel: Publisher Status: Fatal Message: Error authenticating to SAP host: RFC_ERROR_LOGON_FAILUREThis is a nice clear error. Logon Failure. Yay. The best kind. The password was wrong for the account in SAP, used on the Subscriber channel for the BAPI calls. This happened to me, as they refreshed our QC environment and lost my SAP account, recreated it with a different password. I am curious, is this normal for SAP people to do? They did this to me about 4 times over the course of the project. It has to be the most annoying thing to come on site and find out that nothing is working. Takes about half a day to find out what they changed without mentioning it to me, and then to fix it.
Oh, did we not tell you we refreshed that machine, and upgraded it, and threw away any changes we made for your lab? Do I sound bitter? It truly was annoying, especially when it kept happening!
Anyway, easy enough to detect and figure out once you know what to look for.
I think that is enough for now, stay tuned for part 2 where we tackle a bunch more errors that may help you out when deploying this driver in your environment.
As always, I highly recommend that you try to do this sort of article yourself and publish any error codes you might find. The more we get into Google the easier it will be for others searching for help on the topic to help themselves!
More...
20-Nov-2009 01:13 PM
SAP HR Driver, error messages:
Table of Contents:
Introduction:
Novell Identity Manager has a list of various pre built drivers for a variety of systems. For example, Active Directory, Lotus Notes, SAP UM, SAP HR, PeopleSoft, BMC Remedy, and so on.
There are a couple of generic drivers as well, that handle a large number of different systems. These include the JDBC driver, which can connect to most databases that have a JDBC interface available. There is the LDAP driver that connects to a large number of LDAP systems, There is the SOAP driver which can connect in principle to any SOAP (SPML or DSML) based web service. There are the Delimited Text driver, for when all else fails, as long as you can you get a text file (CSV perhaps) dump of the data you can use this driver. You could always write your own, using the Java API to connect to the target systems native interfaces, or when available you can use the Scripting driver to do the same, but in a simpler fashion.
Between all these options you should be good to connect most systems as needed.
Once you have a nice system set up, troubleshooting is always entertaining. One criticism I have of the Novell provided documentation is that it does not have sufficient documentation of possible error codes that can occur for each driver. Now to be fair, this is a pretty hard task, as many of the error codes are not actually generated on the Novell Identity Manager engine side, and rather are often system specific to the connected system. Nonetheless I think it would be very beneficial to include such error codes and cases. I have noticed that the troubleshooting section of the driver docs have been getting filled in, with at least some minor amount of details in the latest revisions of the documentation, which is a very good thing. But as always, I encourage more content from the writers.
Rather than just be a blow hard and annoy people, I decided to try and work on this issue myself.
I have a series of articles along this train of thought. For the JDBC driver I wrote:
- Error Codes of the Novell Identity Manager Driver for JDBC: Part 1 of 4
- Error Codes of the Novell Identity Manager Driver for JDBC: Part 2 of 4
- Error Codes of the Novell Identity Manager Driver for JDBC: Part 3 of 4
- Error Codes of the Novell Identity Manager Driver for JDBC: Part 4 of 4
I did the same for the Active Directory driver in this series of articles:
- Active Directory Driver Error Messages - Part 1
- Active Directory Driver Error Messages - Part 2
- Active Directory Driver Error Messages - Part 3
- Active Directory Driver Error Messages - Part 4
Error Codes of the eDirectory Driver for Identity Manager - Part 1
I have more content stored up, that I need to finish up writing, like this article on the SAP HR driver error codes. I have a bunch of error messages from the GroupWise, and eDirectory drivers I need to write about.
I highly recommend that when you work with a new driver, keep a nice text editor open, and as each error occurs, paste it into a continuing file, and as soon as you figure out the problem, write down a couple of lines explaining the issue. Then when you have some time, write it up in this sort of format and submit it to Cool Solutions. This way everyone benefits!
Additionally, if you are not aware of it, the Novell Support Forums do an excellent job of supporting Novell products for free. The community works to answer the questions, and Novell does encourage people by selecting some of the more common contributors to be Novell Knowledge Partners. I personally follow the Identity Manager forums and lightly watch some of the others. You can find the Novell Support Forums at http://forums.novell.com or you can use NNTP in a news reader like Thunderbird or the GroupWise client as well. I personally prefer NNTP over a web interface, but the web interface is more easily searched and indexed, so different strokes for different folks.
Before we get to the error codes, a few quick points about the SAP HR driver, SAP as a system is HUGE! It has many many components and systems, and lots of people involved in getting it going. There are actually several SAP drivers from Novell. The original two are the SAP UM, and HR modules. The SAP UM lets you synchronize users in and out of SAP, as users of the system. That is, as users in SAP, who can log in to a module and do work. Alas, the way passwords work in SAP, they are per module. There is a specific SAP module called the CUA (Central User Agent?) which the SAP UM driver can connect too, and push users into, and then the CUA within SAP can push those users to other modules, but it does not push passwords. In which case, you might have a standard SAP UM driver connecting to the CUA to synchronize users, but need additional drivers for all the systems you wish to synchronize passwords too, that only sync passwords, and no other attributes.
Novell has since released a couple of SAP drivers for GRC, and Netweaver that I have not had time to look at, but sound interesting.
The SAP HR driver is meant to synchronize employees out of the HR system, as they are hired, transferred, and withdrawn (nobody is terminated in SAP, they are withdrawn). These are used to create user objects in the Identity Vault to populate and control users in all the other systems.
This article is just about the SAP HR driver. This driver is somewhat peculiar in at least three ways.
- There are two different communication methods. The Publisher channel (events from SAP HR coming to IDdentity Manager) uses iDOCs to transmit the information. For more information about iDOC's in this context, you can read my previous articles on the topic.
- Troubleshooting iDOC Issues in the SAP HR Driver for Identity Manager
- Decoding iDOCs with the IDM SAP Driver
- When an event comes through the Publisher channel as an iDOC the data in the iDOC is all you can query. While you can try and query back to SAP HR, really all you are looking at is the iDOC in memory. This is a very frustrating limitation.
- RELATIONSHIPS: SAP HR uses a relatively complex system for managing reporting structure and relationships. Ask an SAP guy and he will say, but of course you do it like this, it is simple. To every one else it is very confusing. The RELATIONSHIP data is only available during the life span of the iDOC in memory in the Remote Loader (aka while it is being processed) and there is no way to query back for it either.
Error on bad iDOC format:
DirXML: [10/02/08 14:01:10.232]: TRACE: ParseIDoc: IDoc file opened successfully.DirXML: [10/02/08 14:01:10.258]: TRACE: ParseIDoc: Exception in IDoc Parsing: java.lang.NumberFormatException: For input string: " ". File processing terminated.DirXML: [10/02/08 14:01:10.268]: TRACE: ParseIDoc: File '/idm/idocs/O_400_00000000115871645' renamed to '/idm/idocs/O_400_00000000115871645.proc' successfully.DirXML: [10/02/08 14:01:10.750]: TRACE: SAPPublicationShim: Setting 'success' status on eventObject 'P+00011188'DirXML: [10/02/08 14:01:10.751]: TRACE: ParseIDoc: Status of Published document 'O_400_00000000115871645' is 'bad'DirXML: [10/02/08 14:01:10.763]: TRACE: ParseIDoc: File 'O_400_00000000115871645.proc' renamed to '/idm/idocs/O_400_00000000115871645.bad' successfully.As I was learning about iDOCs I tried editing one myself, to cut it into pieces and make it smaller, into a single event I could follow and troubleshoot. Well looks like I made a typo.
The formatting is VERY constrained and non tolerant of errors. Extra carriage returns or line feeds are a definite no no, and with everything being based on placement of the character in a very long line, you can imagine all the possible errors inadvertent editing could cause.
The good news is that vi or vim are great editors as they do not line wrap on you, munge carriage returns or line feeds, or otherwise do things that many Windows based editors will do to your file.
There are actually two different classes of this kind of error. This first one, just gets caught by the shim and treated as an error.
Then next class of error is much more fatal to the driver shim (whether it be running local or in a remote loader. Though as always, a remote loader is probably a better idea).
Fatal iDOC processing error:
This is the remote loader side trace of the event, as it reads the file, and sees an error. Finally it decides it is a fatal error.
DirXML: [10/01/09 10:49:06.017]: TRACE: ParseIDoc: No Character Set Encoding specified. Using default encoding: ISO8859_1DirXML: [10/01/09 10:49:06.018]: TRACE: ParseIDoc: IDoc file opened successfully.DirXML: [10/01/09 10:49:06.019]: TRACE: ParseIDoc: IDoc to parse: /idm/idocs/O_400_0000000019079301aDirXML: [10/01/09 10:49:06.020]: TRACE: ParseIDoc: Segment EDI_DC40DirXML: [10/01/09 10:49:06.025]: TRACE: ParseIDoc: Unable to read specified byte count from array. Bad line in input file.DirXML: [10/01/09 10:49:06.027]: TRACE: ParseIDoc: Segment E2PLOGIDirXML: [10/01/09 10:49:06.028]: TRACE: ParseIDoc: Object type S found in filter.DirXML: [10/01/09 10:49:06.028]: TRACE: ParseIDoc: Parsing object type S segmentDirXML: [10/01/09 10:49:06.029]: TRACE: ParseIDoc: Object identifier: 00030928DirXML: [10/01/09 10:49:06.029]: TRACE: ParseIDoc: Operation: IDirXML: [10/01/09 10:49:06.030]: TRACE: ParseIDoc: E2PITYP foundDirXML: [10/01/09 10:49:06.030]: TRACE: ParseIDoc: Parsing infotype: 1000, subtype: DirXML: [10/01/09 10:49:06.031]: TRACE: ParseIDoc: GSA segment 'E2P1000001'DirXML: [10/01/09 10:49:06.032]: TRACE: ParseIDoc: Skipping history item - Type: P1000, timestamp: 20050418-20050801DirXML: [10/01/09 10:49:06.033]: TRACE: ParseIDoc: E2PITYP foundDirXML: [10/01/09 10:49:06.033]: TRACE: ParseIDoc: Parsing infotype: 1001, subtype: A003DirXML: [10/01/09 10:49:06.035]: TRACE: ParseIDoc: GSA segment 'E2P1001001'DirXML: [10/01/09 10:49:06.035]: TRACE: ParseIDoc: Skipping history item - Type: P1001, timestamp: 20050418-20050801DirXML: [10/01/09 10:49:06.036]: TRACE: ParseIDoc: Unable to read specified byte count from array. Bad line in input file.DirXML: [10/01/09 10:49:06.037]: DirXML Log Event ------------------- Driver = \ACME-EDIR\acme\services\idm\IDMSet\SAP-HR351 Thread = Publisher Level = error Message = Exception caused by PublicationShim.start()java.lang.NullPointerExcept ion at com.novell.nds.dirxml.driver.SAPShim.ParseIDoc.sta rtparse(ParseIDoc.java(Compiled Code)) at com.novell.nds.dirxml.driver.SAPShim.SAPPublicatio nShim.getOutboundIDoc(SAPPublicationShim.java(Comp iled Code)) at com.novell.nds.dirxml.driver.SAPShim.SAPPublicatio nShim.start(SAPPublicationShim.java(Compiled Code)) at com.novell.nds.dirxml.remote.loader.Driver.run(Dri ver.java:851) at java.lang.Thread.run(Thread.java:570)DirXML: [10/01/09 10:49:06.049]: DirXML Log Event ------------------- Driver = \ACME-EDIR\acme\services\idm\IDMSet\SAP-HR351 Thread = Publisher Level = fatal Message = Exception caused by PublicationShim.start()java.lang.NullPointerExcept ion at com.novell.nds.dirxml.driver.SAPShim.ParseIDoc.sta rtparse(ParseIDoc.java(Compiled Code)) at com.novell.nds.dirxml.driver.SAPShim.SAPPublicatio nShim.getOutboundIDoc(SAPPublicationShim.java(Comp iled Code)) at com.novell.nds.dirxml.driver.SAPShim.SAPPublicatio nShim.start(SAPPublicationShim.java(Compiled Code)) at com.novell.nds.dirxml.remote.loader.Driver.run(Dri ver.java:851) at java.lang.Thread.run(Thread.java:570) You can see the Log Event, that it is a Fatal type event, meaning the driver will shut down.
Then you see the driver shut down event. Nice that it ended so gracefully in this case.
DirXML: [10/01/09 10:49:06.068]: TRACE: Remote driver stopped Watching trace on the engine side shows, the following error, basically the same error the Remote Loader reported, bubbled back to the engine side.
This is useful, as often you may not have easy access to the Remote Loader side to watch the trace, nor might you be running it with trace enabled, as it can eat up disk space quickly, and reduce performance.
[10/01/09 10:49:06.061]:SAP-HR351 :Remote Interface Driver: Received.[10/01/09 10:49:06.061]:SAP-HR351 : Exception caused by PublicationShim.start()java.lang.NullPointerExcept ion at com.novell.nds.dirxml.driver.SAPShim.ParseIDoc.sta rtparse(ParseIDoc.java(Compiled Code)) at com.novell.nds.dirxml.driver.SAPShim.SAPPublicatio nShim.getOutboundIDoc(SAPPublicationShim.java(Comp iled Code)) at com.novell.nds.dirxml.driver.SAPShim.SAPPublicatio nShim.start(SAPPublicationShim.java(Compiled Code)) at com.novell.nds.dirxml.remote.loader.Driver.run(Dri ver.java:851) at java.lang.Thread.run(Thread.java:570) In the first case of a bad iDOC file, I no longer remember what and how I edited the file to cause the non fatal error, that was nicely handled by the shim. In the case of the fatal error, I am pretty sure all I did was leave a trailing empty line, carriage return in VI. Sort of like when you paste in, and the cursor does not have a ~ on the last line, rather there is a blank line in the view in VI. A simple dd to delete the line clears it up, but leaving it behind seems to have caused the issue.
The actual error, on the Remote Loader side that seems to get us in trouble here is: Unable to read specified byte count from array. Bad line in input file.
I wonder if this is a bug versus normal behavior, as it would seem this would be an excellent case, where the shim should quietly handle it as an error, rename the file to .bad as it does above in the previous example and get on with its life. But for some reason, this specific error is fatal. I don't really have the time to report it as a bug, but it leaves me wondering.
Bad Password for account in SAP:
DirXML Driver for SAP/HR Novell, Inc. Error authenticating to SAP host: RFC_ERROR_LOGON_FAILURE [10/08/08 12:58:47.684]:SAP-HR351 PT:Applying schema mapping policies to input.[10/08/08 12:58:47.685]:SAP-HR351 PT:Applying policy: %+C%14CMapping+Policy%-C.[10/08/08 12:58:47.682]:SAP-HR351 PT:Resolving association references.[10/08/08 12:58:47.687]:SAP-HR351 PT:DirXML Log Event ------------------- Driver: \ACME-DEV\acme\services\idm\IDMSet\SAP-HR351 Channel: Publisher Status: Fatal Message: Error authenticating to SAP host: RFC_ERROR_LOGON_FAILUREThis is a nice clear error. Logon Failure. Yay. The best kind. The password was wrong for the account in SAP, used on the Subscriber channel for the BAPI calls. This happened to me, as they refreshed our QC environment and lost my SAP account, recreated it with a different password. I am curious, is this normal for SAP people to do? They did this to me about 4 times over the course of the project. It has to be the most annoying thing to come on site and find out that nothing is working. Takes about half a day to find out what they changed without mentioning it to me, and then to fix it.
Oh, did we not tell you we refreshed that machine, and upgraded it, and threw away any changes we made for your lab? Do I sound bitter? It truly was annoying, especially when it kept happening!
Anyway, easy enough to detect and figure out once you know what to look for.
I think that is enough for now, stay tuned for part 2 where we tackle a bunch more errors that may help you out when deploying this driver in your environment.
As always, I highly recommend that you try to do this sort of article yourself and publish any error codes you might find. The more we get into Google the easier it will be for others searching for help on the topic to help themselves!
More...
Categories: Novell Support Forums - New Posts
User Application - setting default page error
Hey all,
I just installed the newest User Application and I'm trying to set the default page for my users when they log in.
I click Administration -> page admin
Click DefaultContainerPage
CLick select default next to default shared page
I get an error saying...
IE cannot open the internet site http://IP:8080/IDM/portal/portlet/Po...aredPagePicker
Operation aborted.
Is this a known issue? How can I get this working?
Thanks.
I just installed the newest User Application and I'm trying to set the default page for my users when they log in.
I click Administration -> page admin
Click DefaultContainerPage
CLick select default next to default shared page
I get an error saying...
IE cannot open the internet site http://IP:8080/IDM/portal/portlet/Po...aredPagePicker
Operation aborted.
Is this a known issue? How can I get this working?
Thanks.
Categories: Novell Support Forums - New Posts
Can't deploy agent after upgrade to ZCM 10.2.0
This happened to me once already this year; that was going from ZCM 10.0.3 to 10.1.3 on SLES 10 SP2. See ZCM 10.1.3 on SLES: No Windows agent push deployment, Novell, forum, forums, support.
In that case, I had not deployed the agent to any machines in the field yet, so I was able to do a full reinstall of SLES and ZCM to cure the problem. This time, I have the agent installed on several hundred machines and cannot afford the time to do another rebuild.
So, here's the short version. I upgraded the server (SLES 10 SP2) from ZCM 10.1.3 to 10.2.0 last week successfully. Afterwards I was unable to discover any new devices, but I soon fixed that problem by upgrading the agent on the Windows proxy to 10.2. Now I can discover devices all day long and everything looks good. Specifically, I can discover devices using the WinAPI functions (with correct local account credentials) and the OS is reported correctly, either XP SP3 or Vista SP2.
When I try to deploy an agent (any adaptive agent) to the discovered devices, I always receive the error "Error: Credentials invalid. Please ensure that Classic file sharing is enabled on the target device." Yes, the credentials are valid because I used them to discover the device in the first place. Yes, I have tried both local administrator accounts and domain administrator accounts with various syntaxes with no progress made.
I have followed all of the documentation for opening firewall ports (I usually turn Windows Firewall off for troubleshooting this kind of them), enabling classic file sharing, starting the Remote Registry service, et c. I reviewed the new documentation for 10.2 regarding this and everything is exactly as stated. Yet, I still cannot push the agent out to a discovered device (either XP or Vista)!
Am I the only one who attempts to use this agent deployment feature? Does everyone else deploy the agent with Group Policy scripts in AD or something similar? Honestly, when I did our site-wide deployment this summer I had to create a set of manual scripts to run to enable the proper settings and install the agent since the built-in agent deployment was so flaky (granted, this was before the upgrade, so I was still running 10.1.3).
I do not know what else to do except continue to install the agent manually (which does work, and the workstations always register properly). Surely someone has some experience or some ideas?
In that case, I had not deployed the agent to any machines in the field yet, so I was able to do a full reinstall of SLES and ZCM to cure the problem. This time, I have the agent installed on several hundred machines and cannot afford the time to do another rebuild.
So, here's the short version. I upgraded the server (SLES 10 SP2) from ZCM 10.1.3 to 10.2.0 last week successfully. Afterwards I was unable to discover any new devices, but I soon fixed that problem by upgrading the agent on the Windows proxy to 10.2. Now I can discover devices all day long and everything looks good. Specifically, I can discover devices using the WinAPI functions (with correct local account credentials) and the OS is reported correctly, either XP SP3 or Vista SP2.
When I try to deploy an agent (any adaptive agent) to the discovered devices, I always receive the error "Error: Credentials invalid. Please ensure that Classic file sharing is enabled on the target device." Yes, the credentials are valid because I used them to discover the device in the first place. Yes, I have tried both local administrator accounts and domain administrator accounts with various syntaxes with no progress made.
I have followed all of the documentation for opening firewall ports (I usually turn Windows Firewall off for troubleshooting this kind of them), enabling classic file sharing, starting the Remote Registry service, et c. I reviewed the new documentation for 10.2 regarding this and everything is exactly as stated. Yet, I still cannot push the agent out to a discovered device (either XP or Vista)!
Am I the only one who attempts to use this agent deployment feature? Does everyone else deploy the agent with Group Policy scripts in AD or something similar? Honestly, when I did our site-wide deployment this summer I had to create a set of manual scripts to run to enable the proper settings and install the agent since the built-in agent deployment was so flaky (granted, this was before the upgrade, so I was still running 10.1.3).
I do not know what else to do except continue to install the agent manually (which does work, and the workstations always register properly). Surely someone has some experience or some ideas?
Categories: Novell Support Forums - New Posts
LDAP Contextless - Mulitple Servers?
We use LDAP contextless login in our environment, and for the most part it has been rock steady. We had an issue today though where one our LDAP servers wasn't working...but just the LDAP piece. Other services on that server weren't affected, and we could communicate with it just fine. Clients trying to query for LDAP searches were given a search timeout error. We list three servers in the 'servers' field on the client settings. If we moved one of the other servers up to be first on the list they could login. If we moved the malfunction server back to the top they got the timeout again.
My question is... whats the point of multiple servers if it doesn't query the other servers if the first one times out? Does it only use the secondary servers if it can't ping the first one?
We are using Netware 6.5 SP7 w/eDir 8.8.2
Windows XP Pro workstations with 4.91 SP5 client
thanks for any suggestions.
My question is... whats the point of multiple servers if it doesn't query the other servers if the first one times out? Does it only use the secondary servers if it can't ping the first one?
We are using Netware 6.5 SP7 w/eDir 8.8.2
Windows XP Pro workstations with 4.91 SP5 client
thanks for any suggestions.
Categories: Novell Support Forums - New Posts
Problems restarting services
I've been having some problems when recycling some of the zcm services on SLES and was wondering if anyone else has been running into this problem.
Here are the commands that I'm running, in the order that I'm running them.
/etc/init.d/novell-zenmntr stop
/etc/init.d/novell-zenloader stop
/etc/init.d/novell-zenserver stop
/etc/init.d/sybase-asa stop
/etc/init.d/sybase-asa start
/etc/init.d/novell-zenserver start
/etc/init.d/novell-zenloader start
/etc/init.d/novell-zenmntr start
The problem that I'm having is that the Sybase database doesn't seem to start. I don't get any errors when running the start command but if I do a '/etc/init.d/sybase-asa status' I get an unused status back and I can't log into ZCC. The weird thing is that if I completely recycle (init 6) the server everything comes up normally, including the database.
All this server does is run a vanilla install of ZCM 10.2 with the internal Sybase database.
Any suggestions?
Here are the commands that I'm running, in the order that I'm running them.
/etc/init.d/novell-zenmntr stop
/etc/init.d/novell-zenloader stop
/etc/init.d/novell-zenserver stop
/etc/init.d/sybase-asa stop
/etc/init.d/sybase-asa start
/etc/init.d/novell-zenserver start
/etc/init.d/novell-zenloader start
/etc/init.d/novell-zenmntr start
The problem that I'm having is that the Sybase database doesn't seem to start. I don't get any errors when running the start command but if I do a '/etc/init.d/sybase-asa status' I get an unused status back and I can't log into ZCC. The weird thing is that if I completely recycle (init 6) the server everything comes up normally, including the database.
All this server does is run a vanilla install of ZCM 10.2 with the internal Sybase database.
Any suggestions?
Categories: Novell Support Forums - New Posts
Troubleshoot Bundle Launch Once on each user
I have a batch file to update a registry key under HKCU. I create a directive bundle and the action is set to "Launch Windows Executable" and I point the command to the batch file. In the Launch Options, it is set as Run Once-for each user that logs in.
It ran once for the first time and did not run when a different user login. I wonder what is the best way to troubleshoot if the bundle launches under different windows login.
Thanks in advance.
Wilson
It ran once for the first time and did not run when a different user login. I wonder what is the best way to troubleshoot if the bundle launches under different windows login.
Thanks in advance.
Wilson
Categories: Novell Support Forums - New Posts
Issue with adding registry key
ZCM 10 SP2. In the bundle action, I added "registry edit" and I imported the registry file that I want the bundle to add the keys and the registry operation is set up as "Create Always". However, the registry key won't get added to the device (ensure I have incremented the bundle version and ensured the ZCM agent has the correct bundle version). However, if I add the action as Windows Executable and points to a batch file that has one line:
call regedit.exe /s "M:\registry keys\Setting.reg"
the registry keys are updated.
I wonder how can I troubleshoot the issue? Worse case, I can use the batch file to update the registry but I think it would be good to use the ZCM registry option.
Thanks in advance.
Wilson
call regedit.exe /s "M:\registry keys\Setting.reg"
the registry keys are updated.
I wonder how can I troubleshoot the issue? Worse case, I can use the batch file to update the registry but I think it would be good to use the ZCM registry option.
Thanks in advance.
Wilson
Categories: Novell Support Forums - New Posts
DNS
We are needing to use an internal DNS server to point to a internal webserver. However, the website also accessible from outside throught Port Forwarding. The external DNS servers point to our public IP address and everything works from outside. However, when we are behind our firewall it doesn't allow us to communicate with the webserver through our external IP address. I believe this is called loopback NAT (or something like that).
Anyways, we need to be able to point a subdomain x.mydomain.com internally. Anybody have any idea how to do this? If I setup mydomain.com as master and add an entry for X then it works... but I can no longer connect to any other subdomains of mydomain.com. Is there a way to specify an A record for just ONE thing and forward everything else?
Thanks,
Craig
Anyways, we need to be able to point a subdomain x.mydomain.com internally. Anybody have any idea how to do this? If I setup mydomain.com as master and add an entry for X then it works... but I can no longer connect to any other subdomains of mydomain.com. Is there a way to specify an A record for just ONE thing and forward everything else?
Thanks,
Craig
Categories: Novell Support Forums - New Posts
multihoming - mixing dns and path based?
I'm on my last iChain to NAM upgrade.
The ichain setup had 3 accelerators on it.
One was regular domain based multihoming (with a few items having Secure Exchange in them).
One was a "parent" accelerator with 3-5 path-based children
One was an http (not https) accelerator.
With NAM, I know I will need at least two IP for my proxies.
One proxy will be for HTTP (non SSL as we had that discussion in this forum that you couldn't have one IP do both http and https).
the other proxy would be for the other stuff.
However, I'm not sure if I can mix proxies.
The reason I had to separate them out in iChain was that I couldn't do this (have the parent contain both domain and path based)
So my path based ones can only do SSL.
I THINK I can do this in NAM, but not sure.
The ichain setup had 3 accelerators on it.
One was regular domain based multihoming (with a few items having Secure Exchange in them).
One was a "parent" accelerator with 3-5 path-based children
One was an http (not https) accelerator.
With NAM, I know I will need at least two IP for my proxies.
One proxy will be for HTTP (non SSL as we had that discussion in this forum that you couldn't have one IP do both http and https).
the other proxy would be for the other stuff.
However, I'm not sure if I can mix proxies.
The reason I had to separate them out in iChain was that I couldn't do this (have the parent contain both domain and path based)
So my path based ones can only do SSL.
I THINK I can do this in NAM, but not sure.
Categories: Novell Support Forums - New Posts
Application that requests random password characters
Greetings,
I am new to Novell SSO and new to this group, but I have many years
programming experience.
I have to write a login script for a web application that requests
random characters from the users password. For example, it may say
"Please enter the second, fifth and last letters of your password".
There are then 3 input boxes: one for each of the three characters.
I can easily convert words like second, third, ninth etc to 2, 3, and
9. But I have two problem:
1 - I am using RegSplit to get the number_words from the string - but
am having difficulty with the first one because it has a comma
appended (ie, "second," as in the example above). Does anyone have any
advice how to do that?
2 - I have the users password stored as a string, but don't find any
subtring functions in SSO - I need to extract the 2nd, 3rd, and 9th
(to use the previous example - obviously this changes every time) from
the stored password so that they can be presented to the input box.
Any advice on that one would be great too!
Many thanks,
Simon Knights.
[We are using Novell SSO v6.1, if that makes any difference]
I am new to Novell SSO and new to this group, but I have many years
programming experience.
I have to write a login script for a web application that requests
random characters from the users password. For example, it may say
"Please enter the second, fifth and last letters of your password".
There are then 3 input boxes: one for each of the three characters.
I can easily convert words like second, third, ninth etc to 2, 3, and
9. But I have two problem:
1 - I am using RegSplit to get the number_words from the string - but
am having difficulty with the first one because it has a comma
appended (ie, "second," as in the example above). Does anyone have any
advice how to do that?
2 - I have the users password stored as a string, but don't find any
subtring functions in SSO - I need to extract the 2nd, 3rd, and 9th
(to use the previous example - obviously this changes every time) from
the stored password so that they can be presented to the input box.
Any advice on that one would be great too!
Many thanks,
Simon Knights.
[We are using Novell SSO v6.1, if that makes any difference]
Categories: Novell Support Forums - New Posts
LDAP Contextless - Multiple servers?
We use LDAP contextless login in our environment, and for the most part it has been rock steady. We had an issue today though where one our LDAP servers wasn't working...but just the LDAP piece. Other services on that server weren't affected, and we could communicate with it just fine. Clients trying to query for LDAP searches were given a search timeout error. We list three servers in the 'servers' field on the client settings. If we moved one of the other servers up to be first on the list they could login. If we moved the malfunction server back to the top they got the timeout again.
My question is... whats the point of multiple servers if it doesn't query the other servers if the first one times out? Does it only use the secondary servers if it can't ping the first one?
thanks for any suggestions.
My question is... whats the point of multiple servers if it doesn't query the other servers if the first one times out? Does it only use the secondary servers if it can't ping the first one?
thanks for any suggestions.
Categories: Novell Support Forums - New Posts
Where to start....?!
Ok. So basically I have been testing ZenWorks ZCM 10.2.0 for the past few months and I am really getting no where with the product. I like the overall idea and concepts of ZCM, but I cannot seem to get things to work the way I want.
I didn't know where to start so I figured I would post it here under "Agent Deployment" since it began with "A". Here is the list of problems I am running into.
1) I was able to get 2 Workstations to register with the (standard network install agent). I was not able to get 1 workstation registered using a custom-deployment installer.
2) When I change the Computer name, I cannot get the object to re-register.
3) I cannot get any other workstations to register after imaging. I setup a base image with the full-agent installed. Then using SYSPREP, I "packaged" the workstation, creating new SIDS, before I created the image. I then bring the image back down to a new workstation and cannot seem to get the workstation to register to the Zone. I have tried the zenworks-registration.war fix to no avail. This process works fine with Zenworks 7, why did they have to break it!???!!?
4) I attempted to update to 10.2.1 and the update was supposedly "successful" but the properties of the Zen server still reports running ZCM 10.2.0.0.
5) I am running into the same problem mentioned in other thread, http://forums.novell.com/novell-prod...in-issues.html, about the second ZenWorks Login window. For some reason this works OK on 2 of 4 installs.
6) Trying to uninstall the Zen 10 agent is horrible and as mentioned before, should not be this difficult. Why do I need to reinstall the Novell Client.
After reading all the work arounds, this really does not seem ready for deployment. ZCM is supposed to be a "Zero" effort management tool, as stated in their documents. http://www.novell.com/documentation/...loyment_bp.pdf
Any help or guidance on how to properly use Zen 10 registration, imaging, and deployment would be great. Thank you all for your time and allow me to rant.
I didn't know where to start so I figured I would post it here under "Agent Deployment" since it began with "A". Here is the list of problems I am running into.
1) I was able to get 2 Workstations to register with the (standard network install agent). I was not able to get 1 workstation registered using a custom-deployment installer.
2) When I change the Computer name, I cannot get the object to re-register.
3) I cannot get any other workstations to register after imaging. I setup a base image with the full-agent installed. Then using SYSPREP, I "packaged" the workstation, creating new SIDS, before I created the image. I then bring the image back down to a new workstation and cannot seem to get the workstation to register to the Zone. I have tried the zenworks-registration.war fix to no avail. This process works fine with Zenworks 7, why did they have to break it!???!!?
4) I attempted to update to 10.2.1 and the update was supposedly "successful" but the properties of the Zen server still reports running ZCM 10.2.0.0.
5) I am running into the same problem mentioned in other thread, http://forums.novell.com/novell-prod...in-issues.html, about the second ZenWorks Login window. For some reason this works OK on 2 of 4 installs.
6) Trying to uninstall the Zen 10 agent is horrible and as mentioned before, should not be this difficult. Why do I need to reinstall the Novell Client.
After reading all the work arounds, this really does not seem ready for deployment. ZCM is supposed to be a "Zero" effort management tool, as stated in their documents. http://www.novell.com/documentation/...loyment_bp.pdf
Any help or guidance on how to properly use Zen 10 registration, imaging, and deployment would be great. Thank you all for your time and allow me to rant.
Categories: Novell Support Forums - New Posts
completing an interrupted upgrade
I have a SLES10.1 box that I was in the process of upgrading to 10.2 using the DVD iso's. I started the process and it installed the first DVD but when I went to the second DVD, discovered the DVD was bad and it abended the install.
So I downloaded a fresh copy of both ISO's but this time I thought instead of messing with physical media, I'd just mount both ISO's as installation sources. So I copied both file with the original names (SLES-10-SP2-DVD-i586-GM-DVDx.iso) to a location on my server's hard drive and went into yast. Went into installation sources, chose directory, selected the iso checkbox and pointed it to the first ISO. According to the help in that screen, I don't need to add the second ISO individually.
So now that I've done that, when I go into software management, I can add/remove programs from that particular install source.
But I'm concerned that the original 10.1 to 10.2 upgrade only half completed. What can I do to restart it or force it to complete now that I've got both ISO's sitting on the disk?
So I downloaded a fresh copy of both ISO's but this time I thought instead of messing with physical media, I'd just mount both ISO's as installation sources. So I copied both file with the original names (SLES-10-SP2-DVD-i586-GM-DVDx.iso) to a location on my server's hard drive and went into yast. Went into installation sources, chose directory, selected the iso checkbox and pointed it to the first ISO. According to the help in that screen, I don't need to add the second ISO individually.
So now that I've done that, when I go into software management, I can add/remove programs from that particular install source.
But I'm concerned that the original 10.1 to 10.2 upgrade only half completed. What can I do to restart it or force it to complete now that I've got both ISO's sitting on the disk?
Categories: Novell Support Forums - New Posts
Will SP2 still get secuirty patches or do I need to update?
I just want to know if security patches are still being release for SP2 or if I have to update to SP3 to get all the security patches.
Thank you.
Thank you.
Categories: Novell Support Forums - New Posts
Diff branding/pages for diff. resources
Hopefully someone can help me decide which method is the best/easiest to use:
I have two IDP clusters and two LAG clusters.
One set for internal, one set for "outside" users.
The "outside" one needs to have different branding (so that means changes to the nidp.jsp file) for two diff. proxies.
One proxy gets "branding1" and one proxy gets "branding2". the proxy with branding2 will have many proxies on it (like one parent, many children if I were to use iChain terms).
The docs on page 42 seem to indicate that if I created a custom page from the nidp.jsp file (which I'm assuming I would have to do since that's where the branding is at), that I MUST use the "adding logic to the main.jsp file" section.
Both "login pages" would also have their own respective and different login.jsp file as well.
But that's it.
Just want to make sure that if I need to customize the branding (again that's in the nidp.jsp) that I MUST do the "long/nasty" portion of the login page, vs. just creating two methods and specifying the pages there.
I have two IDP clusters and two LAG clusters.
One set for internal, one set for "outside" users.
The "outside" one needs to have different branding (so that means changes to the nidp.jsp file) for two diff. proxies.
One proxy gets "branding1" and one proxy gets "branding2". the proxy with branding2 will have many proxies on it (like one parent, many children if I were to use iChain terms).
The docs on page 42 seem to indicate that if I created a custom page from the nidp.jsp file (which I'm assuming I would have to do since that's where the branding is at), that I MUST use the "adding logic to the main.jsp file" section.
Both "login pages" would also have their own respective and different login.jsp file as well.
But that's it.
Just want to make sure that if I need to customize the branding (again that's in the nidp.jsp) that I MUST do the "long/nasty" portion of the login page, vs. just creating two methods and specifying the pages there.
Categories: Novell Support Forums - New Posts
How to include virtual machines containers workloads?
Hi,
When conducting a virtualization assessment ever more often we face the need to include hosted virtual machine containers (Microsoft Virtual Server, VMware Server) which have important services at the base operating system level that need to be monitored and included in the final scenarios.
Although most of the time the virtual machines on top of them are not important for the virtualization assessment itself, because they are test or development virtual machines that will not be considered for the new virtualization scenarios, we cannot stop the virtualization containers because they are in use (especially for an assessments that has a 30 day duration).
The problem we have is that when performing the Consolidation Analysis we cannot add those base workloads (or even the complete workloads including the virtual containers metrics) inside the new virtualization hosts we are defining. Those machines are alway considered by Recon as existing target virtual containers.
Is there a way to bypass this behavior as to include those workloads as normal Windows servers?
Thanks
When conducting a virtualization assessment ever more often we face the need to include hosted virtual machine containers (Microsoft Virtual Server, VMware Server) which have important services at the base operating system level that need to be monitored and included in the final scenarios.
Although most of the time the virtual machines on top of them are not important for the virtualization assessment itself, because they are test or development virtual machines that will not be considered for the new virtualization scenarios, we cannot stop the virtualization containers because they are in use (especially for an assessments that has a 30 day duration).
The problem we have is that when performing the Consolidation Analysis we cannot add those base workloads (or even the complete workloads including the virtual containers metrics) inside the new virtualization hosts we are defining. Those machines are alway considered by Recon as existing target virtual containers.
Is there a way to bypass this behavior as to include those workloads as normal Windows servers?
Thanks
Categories: Novell Support Forums - New Posts
Using variables in xpath variable search
Hello,
I'm trying to use a variable as part of a Variable node search in an xpath expression.
A variable, $var_foundattrs, contains a nodeset with something like...
<instance>
<attr attr-name="preferredName">John</attr>
<attr attr-name="Surname">Doe</attr>
</instance>
I would like to access one of these attr nodes by doing something like the following
$var_foundattrs//attr[@attr-name = $var_lookingfor]
Where $var_lookingfor might expand to "preferredName", "initials", or anything else.
But I can't seem to figure out a way to get variable #2 ($var_lookingfor) to expand into its value. Xpath seems to want to treat it like a string literal--thus this always returns "", because "$var_lookingfor" is not an attr-name.
I'm guessing that xpath doesn't like this because the ...//attr[@attr ... blah ...] expression is all 'part of' the variable expansion of $var_foundattrs, so it doesn't really make sense to expand a variable inside of another variable expansion.
Is there anyway to do this?
Thanks!!
I'm trying to use a variable as part of a Variable node search in an xpath expression.
A variable, $var_foundattrs, contains a nodeset with something like...
<instance>
<attr attr-name="preferredName">John</attr>
<attr attr-name="Surname">Doe</attr>
</instance>
I would like to access one of these attr nodes by doing something like the following
$var_foundattrs//attr[@attr-name = $var_lookingfor]
Where $var_lookingfor might expand to "preferredName", "initials", or anything else.
But I can't seem to figure out a way to get variable #2 ($var_lookingfor) to expand into its value. Xpath seems to want to treat it like a string literal--thus this always returns "", because "$var_lookingfor" is not an attr-name.
I'm guessing that xpath doesn't like this because the ...//attr[@attr ... blah ...] expression is all 'part of' the variable expansion of $var_foundattrs, so it doesn't really make sense to expand a variable inside of another variable expansion.
Is there anyway to do this?
Thanks!!
Categories: Novell Support Forums - New Posts
archive error c05d after copying archives
i have a client who had archives saved on c:\mydocuments - pc was replaced/customer's archives were not copied over. His client began a new archive folder on c:\mydocuments on new pc.
We copied the old archives from old PC to new pc in c:\archives folder and pointed his client to c:\archives vs. c:\mydocuments - it asked if I wanted to move archives....to which I replied yes.
I can open archives in both folders: c:\mydocuments and c:\archives...but I cannot unarchive anything in c:\mydocuments (new folder) - i get message:
c05d - dependent store file does not exist on the disk. I can unarchive from c:\archives - the file copied over from old pc.
I have looked up this error and get numerous suggestions, should I be running a structural rebuild? any advise on this issue would be appreciated.
thanks
edwina richardson
We copied the old archives from old PC to new pc in c:\archives folder and pointed his client to c:\archives vs. c:\mydocuments - it asked if I wanted to move archives....to which I replied yes.
I can open archives in both folders: c:\mydocuments and c:\archives...but I cannot unarchive anything in c:\mydocuments (new folder) - i get message:
c05d - dependent store file does not exist on the disk. I can unarchive from c:\archives - the file copied over from old pc.
I have looked up this error and get numerous suggestions, should I be running a structural rebuild? any advise on this issue would be appreciated.
thanks
edwina richardson
Categories: Novell Support Forums - New Posts
Access privileges for "disk" group members
Does anybody know which access privileges does a user that belongs to "disk" UNIX group have? Is there any security issue concerned?
In principle, members of such group have access to 'disk' information, raw devices, etc., but where all these privileges specified?
Thanks for any help.
In principle, members of such group have access to 'disk' information, raw devices, etc., but where all these privileges specified?
Thanks for any help.
Categories: Novell Support Forums - New Posts