ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

CA WA DE (dSeries) : Server does not start with this message Exception initializing LDAP server configuration

book

Article ID: 187196

calendar_today

Updated On:

Products

CA Workload Automation DE - Scheduler (dSeries) CA Workload Automation DE CA Workload Automation DE - System Agent (dSeries) CA Workload Automation DE - Business Agents (dSeries)

Issue/Introduction

DE server fails on restarts with messages like these in tracelogs:

Starting server: [FAILED]

2020XXXX 00:00:12.345 [essential] [INFO] main: [2020-XX-XX_00:00:12.345] Sending SNMP/Email: Host Address: localhost

Timestamp: 2020XXXX 00:00:12.345

Parameter 1: CA Workload Automation DE

Parameter 2: 12.1.00.00

Parameter 3: Server localhost:7500

Parameter 4: localhost:162

Parameter 5: localhost:7500: Exception : Exception initializing LDAP server configuration: 

Cause

The DE server on start up will load the keystore to get the SSL certificates for LDAP servers.  If the password or the path of the keystore is incorrect, the server will not be able to access keystore and access the certificates.   This will prevent the server from starting up and results in this message.

Exception initializing LDAP server configuration

Environment

Component: CA Workload Automation DE (dSeries)
Release: 12.x

Resolution

The keystore password and path must match that is stored in DE.  The password is stored in the database in encrypted format.  The stored password cannot be decrypted to match the actual password.  The database used by DE will have to be manually updated to start the server.

Connect to database and run the following update the DB.  Note:  It is strongly recommended to backup the database before any changes are made.

UPDATE ESP_CONFIG_PROPERTY SET IN_USE_1 = '', IN_USE_2 = '', DESIRED ='' 
WHERE NAME = 'ldap.trustStore'

UPDATE ESP_CONFIG_PROPERTY SET IN_USE_1 = 'false', IN_USE_2 = 'false', DESIRED ='false'
WHERE NAME ='shutdown.if.ldap.unreachable'

UPDATE ESP_CONFIG_PROPERTY SET IN_USE_1 = 'false', IN_USE_12 = 'false', DESIRED = 'false'
where name = 'ldap.isSSLEnabled'

Prefix the table name with appropriate schema or user name as database requirement.

The above changes will disable LDAPS (LDAP over SSL) connections.  If LDAP services requires SSL connection then LDAP or Windows AD users will not able to login to DE via Desktop Client.  The ADMIN and SCHEDMASTER will still be able to login.  Login as ADMIN and enable LDAPS with correct path to keystore and password.




Attachments