Gentjan Kocaqi

It depends on what is the role of these Directory Servers. As far as I know, if DS is acting as Identity Store, you can’t set up this failover. Configuring those two DS under a Load Balancer is a better suggestion I have. But yeah, this is more a question to ask to AM session in this forum.

Here are my commands converted to Windows (I do make use of Linux)

Backup:
./backup.bat --port 4444 --bindDN "cn=Directory Manager" --bindPassword password --backUpAll --backupDirectory D:abcOpenDJserverbak --start 0

List backups (get the ID):
./restore --backupDirectory D:abcOpenDJserverbak --listBackups

Restore:
./restore --port 4444…[Read more]

Hey,

That curl contains many typo errors. Fix them and try again providing more info about the error you are getting. Which version of AM are you working on and which is the page/url you are following to achieve this?

Cheers

You will get the results immediately after the exam from PersonVue.

As far as I know the latest Open Source version is 3.0.0 and this supports Java 7 or 8 (see link: prerequisites-java). And yes, DS 6.5 needs license to be used in Production.

Session failover requires an OpenAM site configuration with a Core Token Service.

6.5 talks about CTS Tuning Considerations but I got you. Like I said, per my understanding these global attributes and its values are stored in the configuration store of your OpenAMs.Since you have two OpenAMs, I would expect you to have two OpenDJ config stores,each per OpenAM. If those two Config Stores are not in replication, then you need to…[Read more]

I will expect that those values will be written on the Configuration Store of AM instead of the CTS store. In order to provide you a better reply, could you please point out the procedure you are working on? In this case we can get the versions of various components you are talking about. Cheers

I think your OpenAM version should be ok. It seems an error that comes from AWS (your service provider here). Please double check your steps related to AWS. And have a look to this:
https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_saml.html#troubleshoot_saml_invalid-response

Cheers

As Ludo pointed out, you can do this via IDM (config both LDAP servers and do the synchronization between the two) or via other dedicated sync tools such as lsc-project (https://lsc-project.org). Regarding what could fit to you it depends on your needs: is it just a one time migration because you are changing LDAP provider or do you want to keep…[Read more]

I did have a look to that doc you are following and it seems you are at “Procedure 1.4. To Install an External OpenDJ Directory Server” step 3. I do believe that your confusion is coming from the instructions for version 2.6 and 3.0: it seems you executed them both instead of just one related to your version of OpenDJ. This explains the error you…[Read more]

Hi @tillman,

One thing you can do to speed up the things in such situation you occured is having monitorings in place for OpenDJs. You could monitor if you have correct reads/writes in your instances and fire an alert if not.
Regarding the failover, you do this at the application level but that might not solve this issue to you cause as far as I…[Read more]

Hello @tillman,

I do believe that the term ‘failover’ in your description is not used correctly or it might be I did not get correctly your question.
You are saying that you have 3 instances of OpenDJ and these instances are part of the same replication topology. If one of your instances hit the bug you reported, I do agree that this instance…[Read more]

I would suggest to make sure the XML is valid cause it seems like a syntax-error.Try validating the syntax in your tool of choice first.

Could you share some more info about your environment. Info like OS used, JDK version, Application Server version and so on…

I understand from the article posted that OpenDJ 2.6.x,3.x and 5.x are FIPS 140-2 compliant.

I would suggest to clarify your question here cause it is hard to understand it. It seems to me that in some way you had automatized building OpenAM using bash scripts. And you want to know if you can make them work on windows. Is that correct?

IMHO, section 2.1 says that “ForgeRock supports customers using OpenAM server software on the following operating system versions” which means that if you will make use of OpenAM 13 in production and will get the support from FR for that particular version then SuSE 12 version is not recommended by FR cause probably they have made tests agains…[Read more]

Here is the description of your LDAP_ERROR_CODE 81:

81: Server Down

This generally indicates that a previously-established connection is no longer valid. It may indicate that the server to which the connection was established has shut down, but it could also mean that the connection was closed or has become invalid for some other reason (e.g.,…[Read more]