Novell Identity Manager User Application Driver needs to be activated or is set to expire or expired.

  • 3093694
  • 20-Mar-2008
  • 27-Apr-2012

Environment

Novell Identity Manager 3.0
Novell Identity Manager 3.5
Novell Identity Manager 3.5.1

Situation

Novell Identity Manager User Application Driver needs to be activated or is set to expire or expired.

Reviewing the status of the IDM User Application driver in the fishbone view in iManager shows the driver status as one of the following, expired, expiring in the near future or not activated.

Resolution

If the User Application driver can not be activated set the trace level to 4 on the driver set and start the User Application driver. After the User Application driver is started up to look at the trace for the activation information. The trace should show a minimum activation level and the value of the "driver-id" attribute should be UABASE or UAPROV depending on the version IDM. If it is anything else there is a problem with the driver.

There are several possible causes for the driver to not be properly activated. Each possible cause is listed below.

1. The JBoss server with running the User Application on it was not started before the driver was started.

2. The username and or password for the JBoss application is not correct.

3. The JBoss user application is not installed.

4. The host .port and or Context in the driver configuration are not correct..

5. There is no connection from the machine running edir to the web App machine.

6. The user given in the driver configuration is not a provisioning user.

7. The eDir user name or password have been changed.


8) The information in the User Application Driver is not correct.

9) A firewall is between eDirectory and the User Application (JBoss) that is blocking the communication



 

Fix

1. Verify that the JBoss server running the IDM User Application was started prior to the starting the driver.

2 . Verify that you can log into the portal with the username and password given in the driver configuration. (Note: That user should be a provisioning user.)

3 Verify that the web application was installed.

4: Verify the address exists and can be accessed by pinging it. (Note: In IDM User Application 3.5.0, verify that IP address is used and can be pinged. DO NOT use DNS names with the IDM 3.5.0 User Application.)

5. Verify that you ping the User App. machine from eDir.


 

6. Verify in the driver configuration the user listed is the provisioning user. (Note: the provisioning user has extra provisioning options)

7. The eDir user name or password have been changed to correct user name or password..

8) Correct the information in the User Application Driver.

9) Verify in the firewall the port is open between eDirectory and the User Application (JBoss) defined in the User Application Driver configuration.

To access the IDM User Application Driver configuration information, got to iManager -> Roles and Tasks -> Identity Manager -> Identity Manager Overview -> Select your Driver Set -> Go to the Properties of the User Application Driver -> Identity Manager Tab -> Driver Configuration Sub Tab.

Status

Top Issue

Additional Information

The Identity Manager User Application installation requires that the User Application driver already exist prior to installing the User Application and the driver will be stopped and not activated. In order to activate the driver, the driver must be stopped prior to starting the User Application (JBoss). Once the User Application is running, start the User Application driver and the driver should be activated. During the Driver start, it does an HTTP SOAP call to the User Application (JBoss) and then the User Application will respond back with either UABASE (non provisioning) or UAPROV (provisioning). Until that can happen, the Driver will always be in Eval mode. If this is not corrected before the Eval period ends (90 day trial period) the User Application (JBoss) will not be able to start correctly starting on the day that the Evaluation ends. The User Application server also has to point to the eDirectory server that the User Application Driver is running on. If the User Application points to one eDirectory server (server 1) and the User Application Driver is running on another eDirectory server (server 2) the User Application will never be able to get the User Application Driver to activate. This holds true for a cluster of eDirectory servers because when you go through a Load Balancer you will not always hit the eDirectory server (server 2) that is running the User Application driver. The User Application must point to the eDirectory server that the User Application Driver is running on to activate and show the correct driver information in the User Application

Feedback service temporarily unavailable. For content questions or problems, please contact Support.