Error: Unable to locate administrator user in corporate dir AdminUI
search cancel

Error: Unable to locate administrator user in corporate dir AdminUI

book

Article ID: 246752

calendar_today

Updated On:

Products

SITEMINDER

Issue/Introduction

 

When running an AdminUI, this one reports an error when an administrator tries to log in:

  2022-06-23 20:30:24,840 ERROR [ims.llsdk.role.azengine] (default task-1) Unable to locate administrator user in the corporate directory
  2022-06-23 20:30:24,840 [ERROR] ims.ui [] - com.netegrity.llsdk6.imsapi.exception.ImsRuntimeException
  com.netegrity.llsdk6.imsapi.exception.ImsRuntimeException: Unable to locate administrator user in the corporate directory
          at com.netegrity.llsdk6.imsimpl.securityengine.PolicyEngine.getAdministratorsTasks(PolicyEngine.java:1601) ~[imsapi6.jar:?]

 

Environment

 

  AdminUI 12.8SP5 on RedHat 7;
  Policy Server 12.8SP5 on RedHat 7;
  External Admin Store;

 

Resolution

 

Similar to changing the base_url for the AdminUI, the LDAP_SEARCH_ROOT can be modified (1):

  • Take a backup of the entire repository:
       /opt/CA/siteminder/adminui/standalone/data
  • Stop the AdminUI;

  • Download db-derby-10.14.2.0-bin.tar.gz from https://db.apache.org/derby/releases/release-10_14_2_0.cgi
      
      [root@adminui ~]# cd /opt/db-derby-10.14.2.0-bin/bin

      [root@adminui bin]# export JAVA_HOME=/opt/jdk

      [root@adminui bin]# ./ij

      ij version 10.14

      ij> connect 'jdbc:derby:/opt/CA/siteminder/adminui/standalone/data/derby/siteminder/objectstore';

      ij> select LDAP_SEARCH_ROOT from IM_DIR_CONNECTION;

      LDAP_SEARCH_ROOT

      --------------------------------------------------------------------------------------------------------------------------------

      ou=Administrators,ou=SiteMinder,dc=ps,dc=training,dc=com

      1 row selected

      ij> update IM_DIR_CONNECTION set LDAP_SEARCH_ROOT = 'ou=Administrators,ou=SiteMinder,dc=ps,dc=MYLDAP,dc=com';

      1 row inserted/updated/deleted

      ij> select LDAP_SEARCH_ROOT from IM_DIR_CONNECTION;

      LDAP_SEARCH_ROOT

      --------------------------------------------------------------------------------------------------------------------------------

      ou=Administrators,ou=SiteMinder,dc=ps,dc=MYLDAP,dc=com

      1 row selected

      ij> commit;

      ij> disconnect;

      ij> exit;
  • Start the AdminUI;

Then, the administrator should be able to log in to the AdminUI without any issues.

 

Additional Information

 

(1)

    AdminUI protected by Reverse Proxy Web Agent redirection URL change
    

Powered by Wolken Software