Direkt zum Hauptbereich

How to get rid of "ghost-servers" in your WebSEAL Server list?

Imagine some funny guys installed some weird servers or anything connecting to your policy director and you do not know why and who and they are long gone and you assume that the servers have no purpose anymore. Or you have an old Web Portal Manager (amwpm) installation, but the server where it was installed is long gone.

So, how to get rid of those servers in your list?

pdadmin sec_master> server list
si2tty-hst1116.dada.com
amwpm-hst2128
hirsch.emea.dadacorp.net-localhost

# touch /tmp/null.conf

# svrsslcfg -unconfig -f /tmp/null.conf -n amwpm -h hst2128 -P ******* -A sec_master
Unconfiguration of application "amwpm" for host "hst2128" is in progress.
This might take several minutes.
SSL unconfiguration for application "amwpm" has completed successfully.


# svrsslcfg -unconfig -f /tmp/null.conf -n si2tty -h hst1116.dada.com -P ******* -A sec_master
Unconfiguration of application "si2tam" for host "hst1116.dada.com" is in progress.
This might take several minutes.
SSL unconfiguration for application "si2tty" has completed successfully.

# svrsslcfg -unconfig -f /tmp/null.conf -n hirsch.emea.dadacorp.net -h localhost -P ******* -A sec_master
Unconfiguration of application "hirsch.emea.dadacorp.net" for host "localhost" is in progress.
This might take several minutes.
SSL unconfiguration for application "hirsch.emea.dadacorp.net" has completed successfully.

Kommentare

Beliebte Posts aus diesem Blog

Error: HPDMG0764E An internal error has occurred. (status 0x14c012fc)

Error: HPDMG0764E An internal error has occurred. (status 0x14c012fc) pdadmin sec_master> user create dg1234 uid=dg1234,cn=team1,cn=users,o=company lala lala ********** Could not perform the administration request Error: HPDMG0764E An internal error has occurred. (status 0x14c012fc) Description: After the upgrade from Policy Director (policy server) V5.1 to V6.0 the errors above occured when trying to write to the registry. Solution: The task of updating the ldap schema did not work well for some reason. After doing it again the errors did not occur again: # ivrgy_tool -d -h ldap_host -p port -D ldap_admin -w pwd schema

WebSphere Application Server LDAP: The administrative user ID does not exist in the user repository.

When you try to enable global security with ldap authentication you get the following error when configuring your ldap repository (IBM Directory Server): The administrative user ID does not exist in the user repository. Reason: The bind user must be searchable. This means that an ldapsearch with this user as bind user must return his own entry. If this does not work, you have to add an aclEntry: vi change-was7101-aclentry.ldif dn: uid=was7101,cn=mygroup,cn=admusr,o=mycomp aclentry: access-id:UID=WAS7101,CN=MYGROUP,CN=ADMUSR,O=MYCOMP:normal:rsc $ ldapmodify -h myhost -x -D "cn=root" -w ******* -f change-was7101-aclentry.ldif modifying entry "uid=was7101,cn=mygroup,cn=admusr,o=mycomp" Now user was7101 can do an ldapsearch to find itself and therefore you can use it to configure you LDAP repository. This article gave me the hint: http://www-01.ibm.com/support/docview.wss?rs=767&uid=swg21219253