The following table lists the issues you might encounter and the suggested actions for working on these issues. If the problem persists, contact your NetIQ representative.
Issue |
Suggested Actions |
---|---|
User is unable to login in large scale environment (>2 million objects) |
Add an index for mail(Internet Mail Address) attribute with the rule set as Value in both eDirectory master and replica servers. |
When you sign out from Identity Applications page, SSPR shows an error 5053 ERROR_APP_UNAVALIABLE. |
Ignore this error. It does not cause any functionality loss. |
Challenge Responses are not prompted at the first login to the Identity Applications |
If SSPR is installed on a separate server, make sure that the SSPR certificate is imported into idm.jks located in the User Application server at /opt/netiq/idm/apps/tomcat/conf. |
Browser displays a blank page when SSPR URL is accessing |
This occurs when SSPR is not properly configured with OSP. The SSPR log shows the following information: 2018-01-24T22:24:02Z, ERROR, oauth.OAuthConsumerServlet, 5071 ERROR_OAUTH_ERROR (unexpected error communicating with oauth server: password.pwm.error.PwmUnrecoverableException: 5071 ERROR_OAUTH_ERROR (io error during oauth code resolver http request to oauth server: Certificate for <IP> doesn't match any of the subject alternative names: [IP]))
|
Error when ConfigUpdate utility is launched from a different directory |
The ConfigUpdate utility reports errors. It does not save any changes. For example, if you launch the configupdate utility using the /opt/netiq/idm/apps/configupdate/configupdate.sh command, it does not launch. Instead, navigate to the /opt/netiq/idm/apps/configupdate/ directory and then run ./configupdate.sh command. |