Environment
Novell Access Management 3 Access Administration
Novell Access Management 3 Linux Novell Identity Server
Situation
Access Manager IR1 patch (nam3ir1.tar.gz) installed
Access Administrator and IDP server running on the same host
User store on a private subnet that the private interface of the IDP server can communicate with
LDAP communication between IDP server and LDAP server (running on NetWare 6.5) is secure using TCP port 636
When the IDP server is being brought up, the status shows green but the 'health check' monitor shows that the 'User Datastores' are not operating eg.
Services - Identity Server Configuration
Configuration Datastore
User Datastores
Clustering
User Datastores - For user store Paddy User Store all replicas are not responding
(Required Action) Ensure that all replicas of this user store are operating correctly
The secure LDAP server trusted root certificate was imported correctly and assigned to the correct certificate store. Standard, non secure LDAP communication worked fine.
Access Administrator and IDP server running on the same host
User store on a private subnet that the private interface of the IDP server can communicate with
LDAP communication between IDP server and LDAP server (running on NetWare 6.5) is secure using TCP port 636
When the IDP server is being brought up, the status shows green but the 'health check' monitor shows that the 'User Datastores' are not operating eg.
Services - Identity Server Configuration
Configuration Datastore
User Datastores
Clustering
User Datastores - For user store Paddy User Store all replicas are not responding
(Required Action) Ensure that all replicas of this user store are operating correctly
The secure LDAP server trusted root certificate was imported correctly and assigned to the correct certificate store. Standard, non secure LDAP communication worked fine.
Resolution
Make sure that the LDAP group object parameter 'Require TLS for
simple binds with password' is disabled.