32.12.17 (Windows) Cannot Configure Some of the OAuth Features After an Upgrade

After upgrading Access Manager on a Windows setup, you cannot perform the following tasks:

Registering a client application
Deleting an existing client application
Creating a Resource Server
Deleting an existing resource server
Using any of the configured Access Manager Resource Servers after updating nidsOAuthGrant attribute

These issues occur because the syntax of nidsOAuth2CFGXML is set to string or octet instead of stream.

To change the syntax to stream, perform the following steps on Administration Console:

Back up nidsOAuth2CFGXML
1. On the dashboard, click <user name> at the top right of the page and thenclick Manage Directory Objects.
2. Navigate to novell > accessManagerContainer > nids > cluster > SCCxxxxxx > OACxxxxxx > OATxxxxxx.
3. In the content frame, click the Edit icon next to OATxxxxxx.
4. Under Valued Attributes select nidsOAuth2CFGXML and then click Edit.
5. On the Edit Attribute page, click the Edit icon.
6. Copy the content under Unicode Values and then save it as an xml file in any local folder.
Delete nidsOAuth2CFGXML
1. On the dashboard, click <user name> at the top right of the page and thenclick Manage Directory Objects.
2. Navigate to novell > accessManagerContainer > nids > cluster > SCCxxxxxx > OACxxxxxx > OATxxxxxx.
3. In the content frame, click the Edit icon next to OATxxxxxx.
4. Under Valued Attributes select nidsOAuth2CFGXML.
5. Click Delete > > OK > Apply > OK.
Log in to NDS iMonitor (eDirectory’s Management Utility) to update the attributes
1. Open a browser and enter the following URL:
  
  https://<Admin console ip>:8030/nds/trace
2. Log in using the FQDN credentials.
  
  For example, User FDN: admin.novell and Password: novell
3. Under DS Trace Options select the following options:
  - Backlinker
  - Janitor
  - Purge
  These options are required along with the options that are selected by default.
4. Click Trace On > Update.
5. In the navigation pane, click Agent Configuration > Agent Triggers.
6. Select the following options and then click Submit:
  - Janitor
  - Purger
  - Reference Check
7. Click Trace Configuration > Trace Live
8. A message similar to the following is displayed:
  
  BLink: 109 Valid Attributes, 0 Invalid Attributes in the Cached attributes list
Run the LDIF file on the Administration Console server
1. Click here to open and then save the LDIF file.
2. Go to C:\Novell\NDS\.
3. Run the following ice command:
  
  ice.exe -v -C -n -S LDIF -v -c -f <LDIF file path> -D LDAP -v -L C:\Novell\NDS\DIBFiles\CertServ\SSCert.der -s <IP address of Administration Console> -p <port number> -d <cn> -w <password>
  
  For example, run ice.exe -v -C -n -S LDIF -v -c -f C:\Users\Administrator\Desktop\1102902.ldif -D LDAP -v -L C:\Novell\NDS\DIBFiles\CertServ\SSCert.der -s 164.99.184.112 -p 636 -d cn=admin,o=novell -w novell
4. Restart the tomcat service on Administration Console.
Restore the values from the back up file to nidsOAuth2CFGXML
1. On the dashboard, click <user name> at the top right of the page and thenclick Manage Directory Objects.
2. Navigate to novell > accessManagerContainer > nids > cluster > SCCxxxxxx > OACxxxxxx > OATxxxxxx.
3. In the content frame, click the Edit icon next to OATxxxxxx.
4. Under Unvalued Attributes select nidsOAuth2CFGXML and then use the left arrow to move it under Valued Attributes.
5. Click the Edit icon and then click Choose File to upload the backed up xml file.
6. Click Upload File > Modify > OK.

NOTE:If the value of nidsOAuth2CFGXML is not uploaded properly, you can edit the value by using LDAP admin utility with Administration Console credentials.