Problem: A few times a week, I would find that one of my Identity Manager drivers would be stopped when I arrive for work in the morning.

Solution: Create a cron job that would somehow restart the driver.

Background: We have a rather ‘simple’ IDM environment that we use to synchronize our eDirectory tree to an Active Directory domain, using an Oracle database to fill in the missing information. I use the term simple not because of my proficiency with Novell’s Identity Manager product, but because that some (and probably most) configurations are more complex than ours. My problem, being charged with maintaining our IDM environment, I am simply not as comfortable with it as I’d like to be. I do have to admit that once the driver and engine configuration setup was complete, it’s been pretty much running like an appliance, except for one minor problem. About 2 or 3 times a week, I would come to work in the morning and after logging into iManager, I would find that one of the drivers were stopped. The stopped driver was always the JDBC driver for Oracle, which was named ‘PeopleSoft View’, but in reality it was the JDBC driver for Oracle, which looked at a read only view of a PeopleSoft dump. I didn’t think my issue was with the configuration of the driver or the engine itself, since I would see this same driver stopped in all of our testing environments without fail. If it was stopped in one environment, it was stopped in all 3.

After looking at the traces, I made the assumption that the driver was being shut down due to it’s in ability to talk to the database during the time the database was shut down for back up, seeing errors that mentioned something of that nature in the trace files. The one thing that was consistent with all of our production and testing environments was that the JDBC driver for Oracle in each environment pointed to the database server, and the same view.

What I decided I needed to do was try and figure out a way to automatically start the driver in the morning, more importantly, I needed a way to check to see if it was running and if the driver was stopped start it up. Since we have our identity vault running on a SLES 10 SP2 server, bash scripting would probably be my best tool to accomplish this, and to run this script as a cron job on a daily basis. After doing some cursory searching through the MASSIVE documentation for Novell’s Identity Manager, I really couldn’t find what I was looking, mainly because I wasn’t sure what I was really looking for. After posting a query on the Novell community forums, one of the helpful volunteers pointed me to a specific part of the documentation, it was the dxcmd command. After reading through the help section of this command, I saw that was a pretty robust command. But could it do what I wanted to do? Absolutely, and with ease. The dxcmd has two modes, command line mode, as well as an interactive mode. I would choose the command line mode because I wanted to script this command and use it in a cron job.

Below is a simple script that I put together that checks the status of the driver that I was having an issue with, and if the command returned that the driver was stopped, then the script would start the driver.

#	This command checks the status of the driver, which it's output is written to $
#	If the value of the driver status is 2, then it's assumed the driver is running.
#	Output from the -getstate dxcmd switch is 
#	0 = Stopped
#	1 = Starting
#	2 = Running
#	3 = Shutting Down
#	11 = Get Schema
#	Anything else that is returned is an error
/opt/novell/eDirectory/bin/dxcmd -q -user admin.OU -host <SERVERNAME> -password <PASSWORD> -getstate 'PeopleSoft View.Drivers.IDM'
 if [ $? = 0 ]; then
 /opt/novell/eDirectory/bin/dxcmd -q -user admin.OU -host <SERVERNAME> -password <PASSWORD> -start 'PeopleSoft View.Drivers.IDM'
echo "PeopleSoft Driver was restarted" | mail -s '<SERVERNAME>: DirXML Driver Status Check'
exit 0

0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this post.
Categories: Uncategorized

Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment.  It just worked for at least one person, and perhaps it will be useful for you too.  Be sure to test in a non-production environment.

Leave a Reply

No Comments
By: gc48501
Jun 23, 2009
3:21 pm
Active Directory Automation Cloud Computing Cloud Security Configuration Customizing Data Breach DirXML Drivers End User Management Identity Manager Importing-Exporting / ICE/ LDIF Intelligent Workload Management IT Security Knowledge Depot LDAP Monitoring Open Enterprise Server Passwords Reporting Secure Access Sentinel Supported Troubleshooting Workflow