Access Manager ambckup.sh / amdiagcf.sh fail running with: failError 21004005 'Failed to generate XML version of configuration data

  • Document ID:7024080
  • Creation Date:22-Aug-2019
  • Modified Date:22-Aug-2019
    • Micro Focus Products:
      Access Manager (NAM)

Environment

  • Access Manager 4.3
  • Access Manager 4.4
  • Access Manager 4.5

Situation

  • The amdiagcfg.sh and ambckup.sh scripts located at "/opt/novell/devman/bin" fail with:

    AM#201004002: Application error.
    Options:
    -xmlDump
    -userid cn=admin,o=novell
    -pwd **********
    -IpAddr 10.10.1.1
    -file /root/nambkup/22.08.2019.xml

    ----------------
    java.lang.NullPointerException
        at com.novell.nids.bkuputil.Util.xmlEncode(Unknown Source)
        at com.novell.nids.bkuputil.Util.dumpCert(Unknown Source)
        at com.novell.nids.bkuputil.Util.dumpTrustedRoots(Unknown Source)
        at com.novell.nids.bkuputil.Util.xmlDump(Unknown Source)
        at com.novell.nids.bkuputil.Util.work(Unknown Source)
        at com.novell.nids.bkuputil.Util.main(Unknown Source)
    **** Error *************** Error *************** Error ****
    AM#201004005: Failed to generate XML version of configuration data.
    FAILED to export configuration information. Please verify
        IP Address:            10.11.245.147
        LDAP Port:             636
        Administrator id:      cn=admin,o=novell
        Administrator Password: ***
        Backup path:           /root/nambkup
        Backup file:           Wednesday
    **** Error *************** Error *************** Error ****

  • The last entry in the created 22.08.2019.xml file is a root certificate entry

            <TrustedRoot>
                <Name>IDP-Cluster-edir</Name>

Resolution

  • removing the Trusted Root Certificate with the empty Subject Name which was just for testing fixed the problem

Cause

  • The Trusted Root Certificate did not contain any Subject Name Attribute. The Export / Backup process expects a certificate to store a valid Subject Name

Additional Information

Troubleshooting steps for this and similar issues
  • add  "set -x" at the beginning of the used script to force bash debugging

  • use the command which fails from the debug output to run it manually and eventually use "strace -f" and review the output

    Example:
    /opt/novell/java/bin/java -Djava.library.path=/opt/novell/lib64 -classpath log4j-1.2.15.jar:certtool.jar:vcdnbkup.jar:/opt/novell/nam/adminconsole/webapps/roma/WEB-INF/lib/vcdn_sc.jar:/opt/novell/nam/adminconsole/webapps/roma/WEB-INF/lib/vcdn_platform.jar:/opt/novell/nam/adminconsole/webapps/roma/WEB-INF/lib/novbp.jar com.novell.nids.bkuputil.Util -xmlDump -userid cn=admin,o=novell -pwd novell -IpAddr 10.2.92.100 -file /root/nambkup/22.08.2019.xml

  • check the last entry in the created XML file (in this case it was clear that it was processing Trusted Rot Certificates) and review the object for further details in the configstore ether by iManager or an LDAP browser of your choice