search cancel

CA WA DE (dSeries) : Server does not start with this message Exception initializing LDAP server configuration


Article ID: 187196


Updated On:


CA Workload Automation DE - Scheduler (dSeries) CA Workload Automation DE CA Workload Automation DE - System Agent (dSeries) CA Workload Automation DE - Business Agents (dSeries)


DE server fails on restarts with messages like these in tracelogs:

Starting server: [FAILED]

2020XXXX 00:00:12.345 [essential] [INFO] main: [2020-XX-XX_00:00:12.345] Sending SNMP/Email: Host Address: localhost

Timestamp: 2020XXXX 00:00:12.345

Parameter 1: CA Workload Automation DE

Parameter 2:

Parameter 3: Server localhost:7500

Parameter 4: localhost:162

Parameter 5: localhost:7500: Exception : Exception initializing LDAP server configuration: 


The DE server on start up will load the keystore to get the SSL certificates for LDAP servers.  If the password or the path of the keystore is incorrect, the server will not be able to access keystore and access the certificates.   This will prevent the server from starting up and results in this message.

Exception initializing LDAP server configuration


Component: CA Workload Automation DE (dSeries)
Release: 12.x


The keystore password and path must match that is stored in DE.  The password is stored in the database in encrypted format.  The stored password cannot be decrypted to match the actual password.  The database used by DE will have to be manually updated to start the server.

Connect to database and run the following update the DB.  Note:  It is strongly recommended to backup the database before any changes are made.

WHERE NAME = 'ldap.trustStore'

UPDATE ESP_CONFIG_PROPERTY SET IN_USE_1 = 'false', IN_USE_2 = 'false', DESIRED ='false'
WHERE NAME ='shutdown.if.ldap.unreachable'

UPDATE ESP_CONFIG_PROPERTY SET IN_USE_1 = 'false', IN_USE_12 = 'false', DESIRED = 'false'
where name = 'ldap.isSSLEnabled'

Prefix the table name with appropriate schema or user name as database requirement.

The above changes will disable LDAPS (LDAP over SSL) connections.  If LDAP services requires SSL connection then LDAP or Windows AD users will not able to login to DE via Desktop Client.  The ADMIN and SCHEDMASTER will still be able to login.  Login as ADMIN and enable LDAPS with correct path to keystore and password.