CA WA DE (dSeries) : Server does not start with this message Exception initializing LDAP server configuration
Article ID: 187196
Updated On:
Products
CA Workload Automation DE - Scheduler (dSeries)
CA Workload Automation DE
CA Workload Automation DE - System Agent (dSeries)
CA Workload Automation DE - Business Agents (dSeries)
Issue/Introduction
DE server fails on restarts with messages like these in tracelogs:
Starting server: [FAILED]
2020XXXX 00:00:12.345 [essential] [INFO] main: [2020-XX-XX_00:00:12.345] Sending SNMP/Email: Host Address: localhost
Timestamp: 2020XXXX 00:00:12.345
Parameter 1: CA Workload Automation DE
Parameter 2: 12.1.00.00
Parameter 3: Server localhost:7500
Parameter 4: localhost:162
Parameter 5: localhost:7500: Exception : Exception initializing LDAP server configuration:
Environment
Component: CA Workload Automation DE (dSeries)
Release: 12.x
Release: 12.x
Cause
The DE server on start up will load the keystore to get the SSL certificates for LDAP servers. If the password or the path of the keystore is incorrect, the server will not be able to access keystore and access the certificates. This will prevent the server from starting up and results in this message.
Exception initializing LDAP server configuration
Exception initializing LDAP server configuration
Resolution
The keystore password and path must match that is stored in DE. The password is stored in the database in encrypted format. The stored password cannot be decrypted to match the actual password. The database used by DE will have to be manually updated to start the server.
Connect to database and run the following update the DB. Note: It is strongly recommended to backup the database before any changes are made.
UPDATE ESP_CONFIG_PROPERTY SET IN_USE_1 = '', IN_USE_2 = '', DESIRED =''
WHERE NAME = 'ldap.trustStore'
UPDATE ESP_CONFIG_PROPERTY SET IN_USE_1 = 'false', IN_USE_2 = 'false', DESIRED ='false'
WHERE NAME ='shutdown.if.ldap.unreachable'
UPDATE ESP_CONFIG_PROPERTY SET IN_USE_1 = 'false', IN_USE_12 = 'false', DESIRED = 'false'
where name = 'ldap.isSSLEnabled'
Prefix the table name with appropriate schema or user name as database requirement.
The above changes will disable LDAPS (LDAP over SSL) connections. If LDAP services requires SSL connection then LDAP or Windows AD users will not able to login to DE via Desktop Client. The ADMIN and SCHEDMASTER will still be able to login. Login as ADMIN and enable LDAPS with correct path to keystore and password.
Connect to database and run the following update the DB. Note: It is strongly recommended to backup the database before any changes are made.
UPDATE ESP_CONFIG_PROPERTY SET IN_USE_1 = '', IN_USE_2 = '', DESIRED =''
WHERE NAME = 'ldap.trustStore'
UPDATE ESP_CONFIG_PROPERTY SET IN_USE_1 = 'false', IN_USE_2 = 'false', DESIRED ='false'
WHERE NAME ='shutdown.if.ldap.unreachable'
UPDATE ESP_CONFIG_PROPERTY SET IN_USE_1 = 'false', IN_USE_12 = 'false', DESIRED = 'false'
where name = 'ldap.isSSLEnabled'
Prefix the table name with appropriate schema or user name as database requirement.
The above changes will disable LDAPS (LDAP over SSL) connections. If LDAP services requires SSL connection then LDAP or Windows AD users will not able to login to DE via Desktop Client. The ADMIN and SCHEDMASTER will still be able to login. Login as ADMIN and enable LDAPS with correct path to keystore and password.
Feedback
Yes
No
Powered by
