The best way to get this resolved is probably using IBM Support as the problem seems to be related to the upgrade and the supported ISAM V2 Connector.
As I do not know your environment it is difficult for me to guess on distance where the problem is - but a couple of guesses :
Original Message:
Sent: Wed November 01, 2023 02:30 AM
From: Paul van den Brink
Subject: Issue with SDI after upgrade
Hi Franz,
Thans for taking an interest in this issue.
And yes, my thoughts exactly, so I checked connectivity using jXplorer, this worked.
The upgrade of SDI also implied an upgrade to JAVA8:
C:\Beheer\SDI\IBM\TDI\V7.2\jvm\jre\bin\java.exe -version
java version "1.8.0_351"
Java(TM) SE Runtime Environment (build 8.0.7.20 - pwa6480sr7fp20-20221020_01(SR7 FP20))
IBM J9 VM (build 2.9, JRE 1.8.0 Windows 10 amd64-64-Bit Compressed References 20220929_37824 (JIT enabled, AOT enabled)
OpenJ9 - 02180fe
OMR - 48fc32a
IBM - bf759bf)
JCL - 20220922_01 based on Oracle jdk8u351-b10
With Wireshark I see a ClientHello when I use use jXplorere, but I see a FIN/ACK using SDI.
So maybe there is an TLS issue.
How to enable more logging to check this?
Regards,
Paul
------------------------------
Paul van den Brink
Original Message:
Sent: Tue October 31, 2023 10:55 AM
From: Franz Wolfhagen
Subject: Issue with SDI after upgrade
This does not look like a problem of the upgrade but a network connectivity problem.
The error message you are receiving tells you that none of the ldap servers in your config file can be contacted.
So take a look in the conf file and try connect to the ldap servers to verify the connectivity.
Of course something can have been impacted the upgrade - but as the biggest difference between FP6 and FP10 is the removal of the old log4j logging and there is nothing pointing to a problem in that direction...
HTH
------------------------------
Franz Wolfhagen
WW IAM Solution Engineer - Certified Consulting IT Specialist
IBM Security Expert Labs
Original Message:
Sent: Tue October 31, 2023 10:37 AM
From: Paul van den Brink
Subject: Issue with SDI after upgrade
Hi,
I am using SDI to update accounts in ISVA using the ISAM v2 Connector.
Recently I've upgraded SDI on my windows laptop with FP0010
applyUpdates.bat -queryreg
Information from .registry file in: C:\Beheer\SDI\IBM\TDI\V7.2
Edition: Identity
Level: 7.2.0.10
License: Full
Fixes Applied
=-=-=-=-=-=-=
SDI-7.2-FP0010(7.2.0.6)SDI-7.2-FP0006(7.2.0.3)SDI-7.2-FP0003(7.2.0.0)
Components Installed
=-=-=-=-=-=-=-=-=-=
BASE
-SDI-7.2-FP0010
-SDI-7.2-FP0006
-SDI-7.2-FP0003
SERVER
-SDI-7.2-FP0010
-SDI-7.2-FP0006
-SDI-7.2-FP0003
CE
-SDI-7.2-FP0010
-SDI-7.2-FP0006
-SDI-7.2-FP0003
JAVADOCS
-SDI-7.2-FP0010
EXAMPLES
-SDI-7.2-FP0010
-SDI-7.2-FP0006
-SDI-7.2-FP0003
IEHS
EMBEDDED WEB PLATFORM
AMC
Deferred: false
When I start my assembly line I get the following error:
15:04:55,333 INFO - CTGDIS255I AssemblyLine AssemblyLines/CleanupCIAM is started.
15:04:56,083 INFO - Scripts functions : Initialise
15:04:56,184 INFO - [InputFromISAM] CTGDIH401I ISAM v2 Connector version 20210114 .
15:04:56,825 ERROR - [InputFromISAM] CTGDIS810E handleException - cannot handle exception , initialize
com.tivoli.pd.rgy.exception.ServerDownRgyException: HPDAA0278E None of the configured LDAP servers of the appropriate type for the operation can be contacted.
at com.tivoli.pd.rgy.ldap.LdapRgyHandleMgr.getBestServerWithRecovery(LdapRgyHandleMgr.java:694)
at com.tivoli.pd.rgy.ldap.LdapRgyHandleMgr.setupHandle(LdapRgyHandleMgr.java:734)
at com.tivoli.pd.rgy.ldap.LdapRgyHandleMgr.access$500(LdapRgyHandleMgr.java:66)
at com.tivoli.pd.rgy.ldap.LdapRgyHandleMgr$JndiOperation.retryJndiOperation(LdapRgyHandleMgr.java:2307)
at com.tivoli.pd.rgy.ldap.LdapRgyHandleMgr.searchAndFetch(LdapRgyHandleMgr.java:1554)
at com.tivoli.pd.rgy.ldap.LdapRgyServerInfo.determineLdapServerType(LdapRgyServerInfo.java:925)
at com.tivoli.pd.rgy.ldap.LdapRgyServerInfo.getLdapServerType(LdapRgyServerInfo.java:378)
at com.tivoli.pd.rgy.ldap.LdapRgyDomainInfo.getSecAuthInfo(LdapRgyDomainInfo.java:210)
at com.tivoli.pd.rgy.ldap.LdapRgyDomainInfo.get(LdapRgyDomainInfo.java:139)
at com.tivoli.pd.rgy.ldap.LdapRgyDomainMgr.getDomainInfo(LdapRgyDomainMgr.java:184)
at com.tivoli.pd.rgy.ldap.LdapRgyEntityMgr.listEntities(LdapRgyEntityMgr.java:1313)
at com.tivoli.pd.rgy.ldap.LdapRgyUserMgr.listUsers(LdapRgyUserMgr.java:772)
at com.tivoli.pd.rgy.ldap.LdapRgyRegistry.listUsers(LdapRgyRegistry.java:456)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:90)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)
at java.lang.reflect.Method.invoke(Method.java:508)
at com.ibm.jscript.types.JavaAccessObject.call(JavaAccessObject.java:321)
at com.ibm.jscript.types.FBSObject.call(FBSObject.java:161)
at com.ibm.jscript.ASTTree.ASTCall.interpret(ASTCall.java:175)
at com.ibm.jscript.ASTTree.ASTAssign.interpret(ASTAssign.java:91)
at com.ibm.jscript.ASTTree.ASTIf.interpret(ASTIf.java:85)
at com.ibm.jscript.std.FunctionObject._executeFunction(FunctionObject.java:261)
at com.ibm.jscript.std.FunctionObject.executeFunction(FunctionObject.java:185)
at com.ibm.jscript.std.FunctionObject.call(FunctionObject.java:171)
at com.ibm.di.script.ScriptEngine.call(ScriptEngine.java:477)
at com.ibm.di.script.ScriptEngine.call(ScriptEngine.java:418)
at com.ibm.di.connector.ScriptConnector.selectEntries(ScriptConnector.java:203)
at com.ibm.di.server.AssemblyLineComponent.executeOperation(AssemblyLineComponent.java:3377)
at com.ibm.di.server.AssemblyLineComponent.doConnectorSelectEntries(AssemblyLineComponent.java:1268)
at com.ibm.di.server.AssemblyLineComponent.doInitialize(AssemblyLineComponent.java:1209)
at com.ibm.di.server.AssemblyLineComponent.initialize(AssemblyLineComponent.java:1151)
at com.ibm.di.server.AssemblyLine.initConnectors(AssemblyLine.java:1932)
at com.ibm.di.server.AssemblyLine.msInitConn(AssemblyLine.java:3609)
at com.ibm.di.server.AssemblyLine.executeMainStep(AssemblyLine.java:3419)
at com.ibm.di.server.AssemblyLine.executeMainLoop(AssemblyLine.java:3032)
at com.ibm.di.server.AssemblyLine.executeMainLoop(AssemblyLine.java:3015)
at com.ibm.di.server.AssemblyLine.executeAL(AssemblyLine.java:2972)
at com.ibm.di.server.AssemblyLine.run(AssemblyLine.java:1339)
Can anyone point me in the right direction to debug this?
Thanks in advance!
Regards,
Paul van den Brink
------------------------------
Paul van den Brink
------------------------------