Perl 6 - the future is here, just unevenly distributed

IRC log for #openam, 2014-10-13

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
04:51 ramteid joined #openam
07:45 rghose1 joined #openam
07:50 rghose1 hey, so openam displays a different hostname when I run it as opposed to the fqdn I used during installation.
07:50 rghose1 can this cause any issues in replication or anything else ?
07:50 rghose1 since looks like my session replication does not work as expected
07:50 rghose1 any ideas people ?
08:20 bthalmayr the FQDN shown in OpenAM console is the value for 'hostname' ... this is not used elsewhere
08:20 rghose1 ok
08:20 bthalmayr if you use embedded configuration store as CTS store, just check OpenDJ replication logs
08:21 bthalmayr if embedded config store is used be aware that the 'Directory Server' (role of OpenDJ instance) can choose a remote Replication Server ...
08:22 bthalmayr if this RS is down and the DS does not failover properly OpenAM  LDAP write operations fail
08:23 bthalmayr Session debug log will tell you if and why CTS operation fails
08:31 fatbloke joined #openam
08:39 rghose1 thanks :)
08:40 rghose1 currently, I am getting this: Invalid service host name in the Sessions page on OpenAM console
08:59 KermitTheFragger joined #openam
09:07 bthalmayr joined #openam
09:08 bthalmayr Session tab will try to retrieve SSO sessions from all OpenAM instances in the deployment (known in configuration store)
09:10 bthalmayr Potentially the host where the Console is running can not resolve/contact the other OpenAM instances (due to networking, ssl)
11:22 pfreixes joined #openam
11:25 rghose1 joined #openam
11:33 rghose1 In OpenDS Logs I keep getting this:  category=SYNC severity=INFORMATION msgID=14680169 msg=Replication server accepted a connection from *unused_server*:44516 to local address 0.0.0.0/0.0.0.0:58989 but the SSL handshake failed. This is probably benign, but may indicate a transient network outage or a misconfigured client application connecting to this replication server. The error was: Received fatal alert: certificate_unknown
11:33 MegaMatt joined #openam
11:33 rghose1 even though I had this server removed frm server and sites tab in OpenAM
11:33 rghose1 OpenDS probably attempts replciations
11:33 rghose1 replciation**, how do I fix this ?
13:34 TKA joined #openam
14:31 fatbloke1 joined #openam
16:36 fatbloke1 left #openam
16:47 fatbloke joined #openam
17:55 jjpp joined #openam
18:17 pfreixes joined #openam
19:10 fatbloke joined #openam
19:42 fatbloke joined #openam
20:08 greg___ joined #openam
20:10 greg___ Hello Everyone, trying to setup opemam for the first time, I am currently trying to connect to a back in AD Store, when I leave the "LDAP People Container Value" blank, I get this error when trying to view subjects
20:10 greg___ An error occurred while processing this request. Contact your administrator.
20:11 MegaMatt And so what does the log file show?
20:12 MegaMatt Is the LDAP People Container Naming Attribute empty?
20:12 greg___ that is part of my inexperience, what log file should I be looking at? currently catalina.out doesn't show anythng
20:13 MegaMatt Anything in the IDRepo?
20:13 greg___ I have cn for the naming attribute
20:14 greg___ hmmm. don't see anything for the IDrepo in the configuration options
20:14 MegaMatt IDRepo is the log file
20:14 greg___ ah sorry
20:14 greg___ one sec
20:15 MegaMatt *IdRepo rather
20:15 MegaMatt https://lists.forgerock.org/piperma​il/openam/2010-December/000167.html popped up in a search, not sure if it’s actually equivalent but it was my top hit in google as well
20:16 MegaMatt and here’s a previous conversation we had on IRC: http://irclog.perlgeek.de/openam/2014-02-14
20:17 greg___ ok let me check those
20:18 greg___ from IdRepo ERROR: An error occurred while executing persistent search
20:18 greg___ so I will check that out too
20:18 MegaMatt Read the irc log
20:18 MegaMatt same discussion almost exactly
20:19 MegaMatt aldaris previously said:psearch is not closely related, but if there are connection problems then yeah that could tell why
20:32 greg___ hmmmm... i have gone through the IRC log a couple of times, I might be missing something but everything appears to be set properly.. but I did see this in the IdRepo file...
20:32 greg___ org.forgerock.opendj.ldap.Mu​ltipleEntriesFoundException: Unexpected Results Returned: The search request succeeded but returned a search result reference containing the following URI: ldap://ForestDnsZones.TESTDOMAIN.NET/D​C=ForestDnsZones,DC=TESTDOMAIN,DC=NET
20:33 MegaMatt https://bugster.forgerock.o​rg/jira/browse/OPENAM-3385
20:34 greg___ does this still apply with version 11?
20:34 MegaMatt yes, fixed in 11.0.1
20:34 MegaMatt Try using cn=users,dc=domain,dc=com
20:34 greg___ ok let me see
20:35 MegaMatt Not sure if that’s a workaround, or just avoids the error message from appearing actually
20:35 MegaMatt it’s not clear from the description in 3385
20:45 greg___ so a couple things I noticed, something needs to be in the people container, even if bogus will not through the exception (but obviously does not show the proper results) leaving the group container blank shows all the groups as expected
20:46 greg___ when putting in Users, displays the correct users
20:46 greg___ problem is my users are under ou's and sub ou's so it looks like it can't query it for some reason

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary