When running an AdminUI, this one reports an error when an administrator tries to log in:
2022-06-23 20:30:24,840 ERROR [ims.llsdk.role.azengine] (default task-1) Unable to locate administrator user in the corporate directory
2022-06-23 20:30:24,840 [ERROR] ims.ui [] - com.netegrity.llsdk6.imsapi.exception.ImsRuntimeException
com.netegrity.llsdk6.imsapi.exception.ImsRuntimeException: Unable to locate administrator user in the corporate directory
at com.netegrity.llsdk6.imsimpl.securityengine.PolicyEngine.getAdministratorsTasks(PolicyEngine.java:1601) ~[imsapi6.jar:?]
AdminUI 12.8SP5 on RedHat 7;
Policy Server 12.8SP5 on RedHat 7;
External Admin Store;
Similar to changing the base_url for the AdminUI, the LDAP_SEARCH_ROOT can be modified (1):
/installation_path/CA/siteminder/adminui/standalone/data
[root@adminui ~]# cd /installation_path/db-derby-10.14.2.0-bin/bin
[root@adminui bin]# export JAVA_HOME=/opt/jdk
[root@adminui bin]# ./ij
ij version 10.14
ij> connect 'jdbc:derby:/installation_path/CA/siteminder/adminui/standalone/data/derby/siteminder/objectstore';
ij> select LDAP_SEARCH_ROOT from IM_DIR_CONNECTION;
LDAP_SEARCH_ROOT
--------------------------------------------------------------------------------------------------------------------------------
ou=Administrators,ou=SiteMinder,dc=ps,dc=example,dc=com
1 row selected
ij> update IM_DIR_CONNECTION set LDAP_SEARCH_ROOT = 'ou=Administrators,ou=SiteMinder,dc=ps,dc=example,dc=com';
1 row inserted/updated/deleted
ij> select LDAP_SEARCH_ROOT from IM_DIR_CONNECTION;
LDAP_SEARCH_ROOT
--------------------------------------------------------------------------------------------------------------------------------
ou=Administrators,ou=SiteMinder,dc=ps,dc=example,dc=com
1 row selected
ij> commit;
ij> disconnect;
ij> exit;
Then, the administrator should be able to log in to the AdminUI without any issues.