Environment
NetIQ Identity Manager 4.0.2
NetIQ Identity Manager 4.5
NetIQ Identity Manager Driver - Groupwise REST 4.0.0.1
Novell GroupWise 2014
NetIQ Identity Manager 4.5
NetIQ Identity Manager Driver - Groupwise REST 4.0.0.1
Novell GroupWise 2014
Situation
When starting the Groupwise REST driver it fails with:
<nds dtdversion="2.0" ndsversion="8.x">
<source>
<product build="20150211_0629" instance="GW2014" version="4.0.0.1">DirXML Driver for GroupWise</product>
<contact>NetIQ Corporation</contact>
</source>
<output>
<status code="com.novell.gw.dirxml.driver.rest.exceptions.AuthenticationException: Failed to authenticate GroupWise Admin Service" level="fatal" type="app-authentication">
<description>Failure initializing GroupWise</description>
<code>com.novell.gw.dirxml.driver.rest.exceptions.AuthenticationException: Failed to authenticate GroupWise Admin Service</code>
</status>
<init-params event-id="write-state"/>
</output>
</nds>
<nds dtdversion="2.0" ndsversion="8.x">
<source>
<product build="20150211_0629" instance="GW2014" version="4.0.0.1">DirXML Driver for GroupWise</product>
<contact>NetIQ Corporation</contact>
</source>
<output>
<status code="com.novell.gw.dirxml.driver.rest.exceptions.AuthenticationException: Failed to authenticate GroupWise Admin Service" level="fatal" type="app-authentication">
<description>Failure initializing GroupWise</description>
<code>com.novell.gw.dirxml.driver.rest.exceptions.AuthenticationException: Failed to authenticate GroupWise Admin Service</code>
</status>
<init-params event-id="write-state"/>
</output>
</nds>
Resolution
Changing the Driver to connect to use the proper sever name configured for the mta solved the problem.
Cause
To verify connectivity use curl:
curl -k -X GET -H "Content-Type: application/json" -H 'Accept: application/json' --user admin https://server:9710/gwadmin-service/system/whoami
Successful result:
{
"roles" : [ "ROLE_SUPER_ADMIN", "ROLE_ADMIN", "SYSTEM_RECORD" ],
"user" : {
"name" : "admin"
}
}
Failed result:
{"httpStatusCode":401,"statusCode":null,"statusMsg":"Unable to find Admin Service: server:9710","error":true,"params":null,"httpStatus":"UNAUTHORIZED"}
The reason for this is that admin-service will listen on the ip address or dns name configured in:
a) .mta file in domain directory (--ip setting - default blank)
b) mta settings on the mta object
The .mta file will overwrite the setting on the mta.
curl -k -X GET -H "Content-Type: application/json" -H 'Accept: application/json' --user admin https://server:9710/gwadmin-service/system/whoami
Successful result:
{
"roles" : [ "ROLE_SUPER_ADMIN", "ROLE_ADMIN", "SYSTEM_RECORD" ],
"user" : {
"name" : "admin"
}
}
Failed result:
{"httpStatusCode":401,"statusCode":null,"statusMsg":"Unable to find Admin Service: server:9710","error":true,"params":null,"httpStatus":"UNAUTHORIZED"}
The reason for this is that admin-service will listen on the ip address or dns name configured in:
a) .mta file in domain directory (--ip setting - default blank)
b) mta settings on the mta object
The .mta file will overwrite the setting on the mta.