Problem: The WebSEAL server list in the pdadmin:
pdadmin> server list
shows the server, but it does not exist anymore, i.e. because the host has been disassembled without unconfiguring the WebSEAL instance.
Solution:
1.) Delete the instance in the LDAP under:
SecAuthority=Default
- cn=securitygroup
- cn=webseal-servers
- cn=secmgrd-servers
2.) Configure the instance again, which will lead to an error, because it seems to be installed already.
Configuring WebSEAL instance 'DO-06'...HPDMG0453E
A server with the same name already exists.DPWCF0473E
The WebSEAL instance 'DO-06' failed to configure.
3.) Unconfigure the instance, which will show errors, but remove the instance totally.
# amwebcfg -action unconfig -inst_name DO-06 -admin_id sec_master -admin_pwd *********
Unconfiguring WebSEAL instance 'DO-06'...
2008-10-28-15:30:10.158+01:00I----- 0x389D51F2 amwebcfg ERROR wcf Error WebCfgAdminApi.cpp 84 0x002198d0
DPWCF0498E The user 'DO-06-webseald/srv1252' could not be removed from the group 'securitygroup'. Error message: 'HPDMG0754W The entry was not found. If a user or group is being created, ensure that the Distinguished Name (DN) specified has the correct syntax and is valid.'
2008-10-28-15:30:10.365+01:00I----- 0x389D51F2 amwebcfg ERROR wcf Error WebCfgAdminApi.cpp 84 0x002198d0
DPWCF0498E The user 'DO-06-webseald/srv1252' could not be removed from the group 'webseal-servers'. Error message: 'HPDMG0754W The entry was not found. If a user or group is being created, ensure that the Distinguished Name (DN) specified has the correct syntax and is valid.'
2008-10-28-15:30:10.573+01:00I----- 0x389D51F2 amwebcfg ERROR wcf Error WebCfgAdminApi.cpp 84 0x002198d0DPWCF0498E The user 'DO-06-webseald/srv1252' could not be removed from the group 'secmgrd-servers'. Error message: 'HPDMG0754W The entry was not found. If a user or group is being created, ensure that the Distinguished Name (DN) specified has the correct syntax and is valid.'2008-10-28-15:30:10.788+01:00I----- 0x389D51FC amwebcfg ERROR wcf Error WebCfgAdminApi.cpp 409 0x002198d0
DPWCF0508E The protected object '/WebSEAL/srv1252-DO-06' could not be deleted. Error message: 'HPDAC0458E The protected object name specified was not found in the authorization policy database.'The WebSEAL instance 'DO-06' has been successfully unconfigured.
IBM says this: http://www-01.ibm.com/support/docview.wss?rs=638&uid=swg21106208
Edit: A better is solution is this: http://danimiddleware.blogspot.com/2009/10/how-to-get-rid-of-ghost-servers-in-your.html
pdadmin> server list
shows the server, but it does not exist anymore, i.e. because the host has been disassembled without unconfiguring the WebSEAL instance.
Solution:
1.) Delete the instance in the LDAP under:
SecAuthority=Default
- cn=securitygroup
- cn=webseal-servers
- cn=secmgrd-servers
2.) Configure the instance again, which will lead to an error, because it seems to be installed already.
Configuring WebSEAL instance 'DO-06'...HPDMG0453E
A server with the same name already exists.DPWCF0473E
The WebSEAL instance 'DO-06' failed to configure.
3.) Unconfigure the instance, which will show errors, but remove the instance totally.
# amwebcfg -action unconfig -inst_name DO-06 -admin_id sec_master -admin_pwd *********
Unconfiguring WebSEAL instance 'DO-06'...
2008-10-28-15:30:10.158+01:00I----- 0x389D51F2 amwebcfg ERROR wcf Error WebCfgAdminApi.cpp 84 0x002198d0
DPWCF0498E The user 'DO-06-webseald/srv1252' could not be removed from the group 'securitygroup'. Error message: 'HPDMG0754W The entry was not found. If a user or group is being created, ensure that the Distinguished Name (DN) specified has the correct syntax and is valid.'
2008-10-28-15:30:10.365+01:00I----- 0x389D51F2 amwebcfg ERROR wcf Error WebCfgAdminApi.cpp 84 0x002198d0
DPWCF0498E The user 'DO-06-webseald/srv1252' could not be removed from the group 'webseal-servers'. Error message: 'HPDMG0754W The entry was not found. If a user or group is being created, ensure that the Distinguished Name (DN) specified has the correct syntax and is valid.'
2008-10-28-15:30:10.573+01:00I----- 0x389D51F2 amwebcfg ERROR wcf Error WebCfgAdminApi.cpp 84 0x002198d0DPWCF0498E The user 'DO-06-webseald/srv1252' could not be removed from the group 'secmgrd-servers'. Error message: 'HPDMG0754W The entry was not found. If a user or group is being created, ensure that the Distinguished Name (DN) specified has the correct syntax and is valid.'2008-10-28-15:30:10.788+01:00I----- 0x389D51FC amwebcfg ERROR wcf Error WebCfgAdminApi.cpp 409 0x002198d0
DPWCF0508E The protected object '/WebSEAL/srv1252-DO-06' could not be deleted. Error message: 'HPDAC0458E The protected object name specified was not found in the authorization policy database.'The WebSEAL instance 'DO-06' has been successfully unconfigured.
IBM says this: http://www-01.ibm.com/support/docview.wss?rs=638&uid=swg21106208
Edit: A better is solution is this: http://danimiddleware.blogspot.com/2009/10/how-to-get-rid-of-ghost-servers-in-your.html
Kommentare