CA LDAP or DSI Server Failing Startup After Copying program.

book

Article ID: 35392

calendar_today

Updated On:

Products

CA-24X7 High-Availability Manager for DB2 for z/OS CA-Batch Processor Compile QQF CA Data Compressor for DB2 for z/OS Data Navigator for DB2 UDB for z/OS CA-DB Delivery for DB2 CA Unicenter NSM CA Log Compress DBA for DB2 Guide Online CA InfoRefiner Advantage InfoRefiner Advantage InfoRefiner Maint Upgrade CA InfoTransport Advantage InfoTransport Maint Upgrade Online Reorg for DB2 for z/OS CA RC/Update for DB2 for z/OS Query Analyzer RI Editor for DB2 for z/OS DB2 TOOLS- DATABASE MISC

Issue/Introduction

Question:

After copying a CA LDAP install directory that has been recently refreshed with the latest maintenance, DSI fails at startup with the following in the stderr log:

2015-12-08 10:34:43,068 1449592483067010 TGDRS /Access/Access/pdSelectApp.jsp DEBUG com.ams.cacs.security.CacsProcessLogin.processLogin - entering...
2015-12-08 10:34:43,068 1449592483067010 TGDRS /Access/Access/pdSelectApp.jsp DEBUG class com.ams.cacs.security.CacsSecurityProvider.authenticateUser() - entering ...
2015-12-08 10:34:44,075 1449592483067010 TGDRS /Access/Access/pdSelectApp.jsp ERROR class com.ams.cacs.security.TGAuthenticator.DSI_JNI_Authenticate() - User: TGDRS : Failed in DSI_JNI_Authenticate.DSI_java_open(). iRetCode: 13
2015-12-08 10:34:44,075 1449592483067010 TGDRS /Access/Access/pdSelectApp.jsp ERROR class com.ams.cacs.security.TGAuthenticator.DSI_JNI_Authenticate() - User: TGDRS : Failed in DSI_JNI_Authenticate.DSI_java_close(). iRetCode: 7

Answer:

Copying the programs from one directory to another can cause the APF authorization bit to be turned off depending on the program used to copy.

It is recommended that a program that copies the files/programs with their respective attributes so as not to lose them.

Recommend using a program that will copy the file/program with its respective attribute and not lose them. The following is an example of how to check the APF attribute and turn on the APF attribute:

From OMVS:

Change to your site's CA LDAP Server installation directory containing the dll files.

  cd /u/product/your.CA.LDAP.server.directory    

Issue the USS List file command to display the extended attributes for the dll files.

  ls -lE *.dll

The attribute APF authorized must be set to YES. If it is not, use the USS extattr command to set this attribute for each DDL file. For example:

  extattr +ap filename.dll 

Issue the USS List file command to verify the the extended attributes for the dll 
files were changed.                                          

  ls -lE *.dll



Environment

Release:
Component: GEN

Resolution

Please Update This Required Field