bmccraw

Home Members bmccraw

Learn more about our upcoming Identity Summits

show less show more
Profile picture of bmccraw

@bmccraw

active 1 year, 4 months ago
Points balance: 173 ♪
Rank: bmccraw
  • Activity
  • Profile
  • Groups 0
  • Forums
  • Personal
  • Mentions
  • Favorites
  • Groups
  • Profile picture of bmccraw

    bmccraw commented on the post, Immutable Deployment Pattern for ForgeRock Access Management (AM) Configuration without File Based… 2 years, 9 months ago

    I want to point out a discrepancy, in the article above, it says:

    “Finally the last key component to this model is Affinity Based Load Balancing for the Userstore, CTS, App and Policy stores to both simplify

  • Profile picture of bmccraw

    bmccraw replied to the topic How to configure OpenDJ replication topology for AWS Multi region replication in the forum Directory Services 3 years, 2 months ago

    I agree with @bill-nelsonidentityfusion-com‘s suggestion. I’ll also add a reminder to use a different replication group-id in each region to keep the DS servers connected to the local region’s RS server.

  • Profile picture of bmccraw

    bmccraw replied to the topic Directory Services 5.5 – Security issue with locked accounts ? in the forum Directory Services 3 years, 3 months ago

    Hi Sylvain,

    We noticed the same thing and opened a ticket with support. Even though it’s not listed in the AM 6.0 changelog, we did verify they fixed it in AM 6.0. Although you can’t see the ticket anymore, this is the ticket support pointed us to for the fix OPENAM-11336

    – Brandon

  • Profile picture of bmccraw

    bmccraw replied to the topic Can you use the LDAP Proxy server to connect 2 data Centres in the forum Directory Services 3 years, 4 months ago

    @ludo,

    You mentioned there isn’t a way to disable schema replication, but in the documentation when upgrading replication servers, it mentions the --noSchemaReplication parameter specifically for a case like @richardabbottnhs-net is attempting. Would that flag not be applicable in this case for some reason?

    DS 5.5 mixed topology replication

  • Profile picture of bmccraw

    bmccraw replied to the topic Forgeops: Amster can't install OpenAM in the forum DevOps 3 years, 5 months ago

    David,

    Switching to the release/6.5.0 branch of forgeops seems to have fixed the issue. I’m able to get the XUI to load now. Thank you for the simple suggestion.

  • Profile picture of bmccraw

    bmccraw replied to the topic Forgeops: Amster can't install OpenAM in the forum DevOps 3 years, 5 months ago

    Thanks David. I did just notice it says to not run on the master branch of forgeops. I’ll switch now and see if that helps.

    my minikube version is 0.31.0 so I think I’m ok with version compatibility.

  • Profile picture of bmccraw

    bmccraw replied to the topic Forgeops: Amster can't install OpenAM in the forum DevOps 3 years, 5 months ago

    Sure:

    This is how I started my minikube environment:
    minikube start --memory=8192 --disk-size=30g --vm-driver=vmwarefusion --bootstrapper kubeadm --kubernetes-version=v1.11.2 && minikube ssh sudo ip link set docker0 promisc on

    I’m on the master branch of forgeops.

  • Profile picture of bmccraw

    bmccraw started the topic Forgeops: Amster can't install OpenAM in the forum DevOps 3 years, 5 months ago

    I’m finally sitting down to play with forgeops and I can’t get it to work. I’ve got minikube up and running on my mac, I can deploy all the helm charts, but when the amster service attempts to execute the install-openam script, it fails with:

    am> :load /opt/amster/scripts/00_install.amster
    Failed to execute the 'install-openam' command:…
    [Read more]

  • Profile picture of bmccraw

    bmccraw changed their profile picture 4 years ago

  • Profile picture of bmccraw

    bmccraw replied to the topic User Search on Identity page in AM 6 in the forum Access Management 4 years ago

    @bill-nelsonidentityfusion-com I guess I need to spend some time on that now. It wasn’t a high priority yet. Guess that just changed. Thanks for confirming I wasn’t blind or having some error I wasn’t aware of.

  • Profile picture of bmccraw

    bmccraw started the topic User Search on Identity page in AM 6 in the forum Access Management 4 years ago

    In Access Management 6, the Subjects page has been moved to the Identities page. Am I just blind, or is the search box missing from this page? I can’t find any way to manage my users through AM other than scrolling through page after page looking for the right account.

  • Profile picture of bmccraw

    bmccraw replied to the topic Devops & AM Sites in the forum DevOps 4 years, 1 month ago

    Ah! Thanks Warren. I’d seen clones mentioned but I never realized that’s what it meant. Good to know sites aren’t necessary for multi-server deployments and that we didn’t implement a poor solution.

  • Profile picture of bmccraw

    bmccraw started the topic Devops & AM Sites in the forum DevOps 4 years, 1 month ago

    I’ve worked with multi-server architectures in AM for a while now, but I’ve never configured them in a site. Each server is configured as “openam” so they essentially all shared the exact same configuration (stored in an external DS). Am I missing some benefit of sites?

    I’m using the AWS Application Load Balancer, so I can’t configure it to…[Read more]

  • Profile picture of bmccraw

    bmccraw replied to the topic Affinity Load Balancing behind an AWS Network Load Balancer in the forum DevOps 4 years, 6 months ago

    Finally found confirmation that affinity routing isn’t supported on the userstore backend. Looks like it’s being worked on though. https://bugster.forgerock.org/jira/browse/OPENAM-12184

  • Profile picture of bmccraw

    bmccraw started the topic Affinity Load Balancing behind an AWS Network Load Balancer in the forum DevOps 4 years, 6 months ago

    Hi everyone,

    I’m looking for some help understanding an architectural assumption. We setup OpenAM (v5.5) to communicate with an OpenDS (v5.5) proxy using the affinity load balancing algorithm through an AWS Network Load Balancer (NLB). Behind the OpenDS-Proxy are separate servers for both user and CTS storage on separate baseDNs. The…[Read more]

Profile Photo giancarlo Profile Photo atarpley

Search the forums

Leaderboard

The leaderboard is based on our rockin' informal points system, read about it here.

Recent blog posts

  • Using an Authentication Tree Stage to Build a Custom UI with the ForgeRock JavaScript SDK February 26, 2020
  • Identity Workflow with AM using Zeebe and Cloud Functions February 19, 2020
  • IDM: Zero Downtime Upgrade Strategy Using a Blue/Green Deployment January 23, 2020
  • DS: Zero Downtime Upgrade Strategy Using a Blue/Green Deployment January 22, 2020
  • AM and IG: Zero Downtime Upgrade Strategy Using a Blue/Green Deployment January 22, 2020
Visit our blog

Recent Topics

  • Handle exception in Node Patch Object
  • SP Initiated SSO – Unable to do sso or federation
  • Realm level access
  • How can I generate 32 bytes Random salt in js script
  • Bypass Login Page in Chain

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

  • Blog
  • Documentation
    • OpenAM / Access Management
    • OpenDJ / Directory Services
    • OpenIDM / Identity Management
    • OpenIG / Identity Gateway
    • OpenICF / Open Connector Framework
    • Intro to Identity
  • Forums
    • General Discussion
    • ForgeRock Products
      • OpenAM
      • OpenIDM
      • OpenDJ
      • OpenIG
      • OpenUMA
    • DevOps
    • Internet of Things
    • Documentation
    • Groups
  • Twitter
  • Facebook
  • Linkedin
  • Youtube

Log in with your credentials

Lost your password?

Forgot your details?

I remember my details