Sometimes runtime configuration(policy Server in Appliance) fails (or partially configured) in TAM/ISAM due to some issues.
When the users tries to reconfigure it again, ISAM throws an error message its already configured but it will not be in running state.
So its better to delete the default user entries created by TAM/ISAM before reconfiguring it.
Below are the commands to delete the default ISAM users(created during the runtime configuration) from the registry before reconfiguring it.
cd /opt/ibm/ldap/V6.3/bin
./idsldapdelete -D cn=root -w <password> cn=Subdomains,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=Resources,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=ResourceGroups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=Default,cn=Policies,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=SecurityGroup,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=SecurityGroup,cn=Groups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=ivacld-servers,cn=SecurityGroups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=ivacld-servers,cn=Groups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=remote-acl-users,cn=SecurityGroups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=remote-acl-users,cn=Groups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=SecurityMaster,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=Policy,cn=Policies,principalName=sec_master,cn=Users,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=Policy,cn=Policies,principalName=ivmgrd/master,cn=Users,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=Policies,principalName=sec_master,cn=Users,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=Policies,principalName=ivmgrd/master,cn=Users,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=ivmgrd-servers,cn=SecurityGroups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=ivmgrd-servers,cn=Groups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=iv-admin,cn=SecurityGroups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=iv-admin,cn=Groups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=secmgrd-servers,cn=SecurityGroups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=secmgrd-servers,cn=Groups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=webseal-servers,cn=SecurityGroups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=webseal-servers,cn=Groups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=webseal-mpa-servers,cn=SecurityGroups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=webseal-mpa-servers,cn=Groups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=ivmgrd/master,cn=SecurityDaemons,secAuthority=Default
./idsldapdelete -D cn=root -w <password> principalName=ivmgrd/master,cn=Users,secAuthority=Default
./idsldapdelete -D cn=root -w <password> principalName=sec_master,cn=Users,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=Users,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=Groups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=SecurityGroups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=Policies,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=SecurityDaemons,secAuthority=Default
./idsldapdelete -D cn=root -w <password> secAuthority=Default
./idsldapsearch -D cn=root -w <password> -b 'secAuthority=Default' -s sub '(objectclass=*)'
Thanks,
Nandavaram Pavan Kumar
When the users tries to reconfigure it again, ISAM throws an error message its already configured but it will not be in running state.
So its better to delete the default user entries created by TAM/ISAM before reconfiguring it.
Below are the commands to delete the default ISAM users(created during the runtime configuration) from the registry before reconfiguring it.
cd /opt/ibm/ldap/V6.3/bin
./idsldapdelete -D cn=root -w <password> cn=Subdomains,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=Resources,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=ResourceGroups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=Default,cn=Policies,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=SecurityGroup,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=SecurityGroup,cn=Groups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=ivacld-servers,cn=SecurityGroups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=ivacld-servers,cn=Groups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=remote-acl-users,cn=SecurityGroups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=remote-acl-users,cn=Groups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=SecurityMaster,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=Policy,cn=Policies,principalName=sec_master,cn=Users,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=Policy,cn=Policies,principalName=ivmgrd/master,cn=Users,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=Policies,principalName=sec_master,cn=Users,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=Policies,principalName=ivmgrd/master,cn=Users,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=ivmgrd-servers,cn=SecurityGroups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=ivmgrd-servers,cn=Groups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=iv-admin,cn=SecurityGroups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=iv-admin,cn=Groups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=secmgrd-servers,cn=SecurityGroups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=secmgrd-servers,cn=Groups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=webseal-servers,cn=SecurityGroups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=webseal-servers,cn=Groups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=webseal-mpa-servers,cn=SecurityGroups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=webseal-mpa-servers,cn=Groups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=ivmgrd/master,cn=SecurityDaemons,secAuthority=Default
./idsldapdelete -D cn=root -w <password> principalName=ivmgrd/master,cn=Users,secAuthority=Default
./idsldapdelete -D cn=root -w <password> principalName=sec_master,cn=Users,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=Users,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=Groups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=SecurityGroups,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=Policies,secAuthority=Default
./idsldapdelete -D cn=root -w <password> cn=SecurityDaemons,secAuthority=Default
./idsldapdelete -D cn=root -w <password> secAuthority=Default
./idsldapsearch -D cn=root -w <password> -b 'secAuthority=Default' -s sub '(objectclass=*)'
Thanks,
Nandavaram Pavan Kumar
No comments:
Post a Comment