search cancel

Error : Ignoring entry when creating CA Directory Policy Store

book

Article ID: 215823

calendar_today

Updated On:

Products

SITEMINDER

Issue/Introduction

 

Creating a new Policy Store on a new machine as part of a migration
activity. After installing CA directory, the new DSA gets created
using the command :

   dxnewdsa  -t data -s 500 myPolicyStore 4489  o=mycompany.com

I tried to export the ldif file from existing policy store and tried
to import it to new set

  # dxloaddb -v myPolicyStore /tmp/myPolicyStore.ldif

  Ignoring entry: o=mycompany,c=us
  LDAP: invalid oid: smTimeSync
  Wrong syntax for value "smTimeSync" on line 11
  Error while reading from ldif file
  Error while writing db

 

Resolution

 

The new DSA has been created with incorrect prefix

  (o=mycompany.com)

To solve this issue, edit the file :

  $DXHOME/config/knowledge/myPolicyStore.dxc

It should contain this command:

set dsa "myPolicyStore" =
{
    prefix        = <o "mycompany.com">
    dsa-name      = <o "mycompany.com"><cn "myPolicyStore">
    dsa-password  = "secret"
    address       = tcp "your host name" port 4489
    disp-psap     = DISP
    snmp-port     = 4489
    console-port  = 4490
    auth-levels   = anonymous, clear-password
};

Replace the prefix and dsa-name:

    prefix        = <c us><o mycompany>
    dsa-name      = <c us><o mycompany><cn "myPolicyStore">