Cannot upgrade Admin Console on Windows when admin equivalent user located outside of o=novell

  • 7017529
  • 25-Apr-2016
  • 25-Apr-2016

Environment

NetIQ Access Manager 4.2
NetIQ Access Manager Administration Console running on Windows 2012 R2

Situation

The NAM administration team wanted operations personel to be able to upgrade NAM and created a new container e.g. ou=NamOps under o=novell. A group was created within that container that included user accounts entitled to upgrade NAM.

When attempting to upgrade the Administration Console from 4.2.0 to 4.2 SP1, the upgrade script failed to login the Operations users regardless of how the user ID was specified. The error related to not being able to login using the new user was displayed (we added the user with ldap syntax, or eDir FDN but still fails) e.g. I created a user neil under ou=NamOps,o=novell with full admin rights, and could not upgrade as user cn=neil,ou=NamOps,o=novell or .neil.NamOps.novell.

Resolution

The Windows installer is automatically transforming the inputed username into "cn=<username>,o=novell". Hence if the user is cn=neil,ou=NamOps,o=novell, then when prompted, enter the username as "neil,ou=NamOps".

Note that the following scenario wont work: cn=namadmin,o=mydomain and the users must be created under the o=novell container. This would need installer changes and a defect has been entered.