Environment
iManager 3.2.2
eDirectory 9.2.2
Open Enterprise Server 2018 SP2 (OES 2018 SP2) Linux
eDirectory 9.2.2
Open Enterprise Server 2018 SP2 (OES 2018 SP2) Linux
Situation
Note that this situation applies only to OES servers running iManager.
- The iManager keystore (/var/opt/novell/iManager/nps/WEB-INF/iMKS) is missing.
- iManager debug log (/var/opt/novell/iManager/nps/WEB-INF/logs/debug.html) and /var/log/messages show the following "Permission denied" error:
[12:04:12.467] KeyStore_IM.........141 Unable to create the iManager KeyStore.: Permission denied 09/16/20 [12:04:12.467] KeyStore_IM.........141
java.io.IOException: Permission denied
at java.io.File.createNewFile(File.java:1023)
at com.novell.emframe.fw.security.KeyStore_IM.getIMKeyStoreFileObject(KeyStore_IM.java:423)at com.novell.emframe.fw.security.KeyStore_IM.<init>(KeyStore_IM.java:80)
- /var/opt/novell/iManager/nps/WEB-INF is owned by root:root. It should be owned by wwwrun:www. You can verify this by running the following command:
# ls -l /var/opt/novell/iManager/nps/
Resolution
- Correct the owner with the following command:
# chown wwwrun:www /var/opt/novell/iManager/nps/WEB-INF
- Restart tomcat
# systemctl restart novell-tomcat.service
- Attempt to set a Universal Password in iManager. The iMks file will be created in /var/opt/novell/iManager/nps/WEB-INF. The password change should be successful.
Additional Information
The LDAP NMAS Transport Error message is misleading. Always check the iManager logs to see exactly what is failing.