search cancel

Recover UNIX v2 Endpoint when Endpoint's IP address was changed

book

Article ID: 203358

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal CA Identity Suite

Issue/Introduction

Ideally, when UNIX v2 Endpoint requires IP address change, Endpoint Admin works together with IM Admin going through below procedure
        1. IM Admin stops any scheduled Explore and Correlate job or any other jobs for this UNIX v2 Endpoint. 
        2. IM Admin opens the UNIX v2 Endpoint configuration via Provisioning Manager or IM User Console.
        3. Endpoint Admin changes the IP address of the Endpoint to a new IP address.
        4. IM Admin immediately sets the new IP address in the opened UNIX v2 Endpoint configuration

If IM Admin doesn't open the UNIX v2 Endpoint configuration before the Endpoint IP address change then there will not any available Endpoint configuration anymore, as after the UNIX v2 Endpoint IP address change, the UNIX v2 Endpoint configuration cannot be accessed anymore. Using Provisioning Manager, attempt to open the UNIX v2 Endpoint configuration yields "Endpoint read failed" error occurred and followed by "Unable to display the requested property sheet" dialog.

How can we amend the UNIX v2 Endpoint configuration in this situation?

Environment

Release : 14.x

Component : IdentityMinder(Identity Manager)

Resolution

In this case, we need to use JXplorer or other 3rd party LDAP Browser to modify the UNIX v2 Endpoint host and password data in the Provisioning Directory directly.

1. Launch JXplorer to access Provisioning Directory with the following connection strings

ldap://prov_server_host:20391
User DN: eTDSAContainerName=DSAs,eTNamespaceName=CommonObjects,dc=etadb
Password: Provisioning Directory Shared Secret

2. Go to etadb > im > UNIX v2 > and select the UNIX v2 Endpoint and modify its following attributes
eTDYNHost : set this to the new IP address
eTDYNPassword : set this the plain password/passphrase required to access the UNIX v2 endpoint

3. If you just restart JCS service, please wait for a while until JCS service is fully started up

4. Now, you should be to access the Endpoint configuration again using Provisioning Manager.

5. Set the Password. This will update the value of eTDYNPassword attribute with encrypted password again in Provisioning Directory.

Attachments