AdminUI external adminStore not configurable
search cancel

AdminUI external adminStore not configurable


Article ID: 186348


Updated On:




We're running an AdminUI and when we try to configure an External

Admin Store, we click on "Select Super User" and we get this error in
the browser :


  An error occurred while searching the directory, please check that all
  information has been correctly supplied and try again. If the problem
  persists, check the error logs for additional details.

  and the AdminUI log reports :

   2020-03-09 11:26:02,190 ERROR [] (default
   task-3) JBAS011843: Failed instantiate InitialContextFactory
   com.sun.jndi.ldap.LdapCtxFactory from classloader ModuleClassLoader
   for Module "deployment.iam_siteminder.ear.user_console.war:main"
   from Service Module Loader

How can we fix this ?


  AdminUI 12.8SP3 on Windows 2016;


At first glance, you might get this issue if the LDAP Admin Store has
connectivity issue, if SSL is not configured, if SSL certificates
aren't set in the keystore, or if the AdminUI doesn't use a corrrect
JDK installation.


Login Authentication error in im.AuthenticationModule failed to
disambiguate user NamingException: JBAS011843 LDAP: error code 52 -

  Check the health of the user directory and verify that it is
  available to serve requests.

Not able to configure external ldap authentication for adminui

  Configure first the connection without using SSL to solve the issue,
  and validate that the user can be found correctly. To configure SSL
  connection, you do need to have handy the LDAP Server SSL certificate
  to upload it when configuring the AdminUI for External Admin Store.

Import new root CA:

  keytool -import -trustcacerts -alias <alias> -keystore "siteminder/adminui/standalone/configuration/trustStore.jks" -file <RootCA.cer>
  List keystore to check it is there:
  keytool -list -v -keystore ./trustStore.jks -storepass <password>
  Restart adminui.

javax.naming.NamingException: LDAP response read timed out error in
adminui server.log

  Please upgrade the java used by the adminui to Java 1.8.0_77 (here
  java version is 1.8.0_31).

The External Admin Store should be also configured for LDAP Namespace
and not AD Namespace.