PrevPrev Go to previous topic
NextNext Go to next topic
Last Post 12/30/2011 7:04 PM by  John Costa
Lawson Security timeout after new install
 10 Replies
Sort:
You are not authorized to post a reply.
Author Messages
John Costa
Private
Private
Veteran Member
(378 points)
Veteran Member
Posts:154


Send Message:

--
12/30/2011 1:39 PM
    Hey folks,

    I'm hoping a Lawson Security guru can help me out here.

    I'm in the process of building a new environment based on the following:

    Windows Server 2008, 64-bit
    LDAP:  Microsoft AD-LDS (residing on the same server)
    IBM WebSphere 7.0.0.19
    Lawson Core Technology 9.0.1.9

    At this time, the only components that have been installed is the Core Technology and the Security Administrator application.  I'm trying to log into the Security Administrator for the first time.  After entering my credentials, it appears to hang and I get a dialog box several minutes later indicating a call to the server has timed out.  After this error, several more minutes pass and I then get an error indicating "type mismatch".  When navigating to the "Privelaged Identities" area, I get a window stating "User Maintenance Exception - Exception reading identity."

    Checking the LASE.log file, there are multiple errors indcating the following:

    WARNING: Undefined MessageProducer: SecurityAuthenLogger!
    WARNING: Undefined MessageProducer: SecurityRMLogger!
    WARNING: Undefined MessageProducer: SecurityEventLogger!
    WARNING: Undefined MessageProducer: RemoteImplLogger!

    This is followed by several java exceptions indicating problems with  "SecurityEventHandler #11", "SecurityEventHandler #12", and "SecurityEventHandler #13".

    Any suggetions here as to what the problem might be or what I can look at?

    _________________ John - Wichita, KS
    John Henley
    Private
    Private
    Senior Member
    (9899 points)
    Senior Member
    Posts:3317


    Send Message:

    --
    12/30/2011 1:54 PM
    You can ignore these:
    WARNING: Undefined MessageProducer: SecurityAuthenLogger!
    WARNING: Undefined MessageProducer: SecurityRMLogger!
    WARNING: Undefined MessageProducer: SecurityEventLogger!
    WARNING: Undefined MessageProducer: RemoteImplLogger!

    It sounds like you have a corrupt encrypted password in the ADAM data.

    When you built the new environment,
    1. did you install Bouncy Castle and run regression tests against both the Sun Java JDK -AND- the WebSphere JDK ?
    2. did you create a new LDS/ADAM instance, or are you trying to use the one from another environment?

    Try exporting user identities from ssoconfig, and see if you get any errors during the export.
    Thanks for using the LawsonGuru.com forums!
    John
    John Costa
    Private
    Private
    Veteran Member
    (378 points)
    Veteran Member
    Posts:154


    Send Message:

    --
    12/30/2011 2:29 PM
    John,

    Thanks for the quick reply.

    The bouncy castle regression tests completed successfully and I specified PBEWITHSHAANDTWOFISH-CBC encryption during the install.

    This is a server that was used for Lawson previously and I removed the old environment and LDAP before starting fresh again. The old AD-LDS instance was deleted and a new one created.

    I am able to access my LDAP using my LDAP browser and I was able to extract my services and identities using SSOCONFIG.
    _________________ John - Wichita, KS
    Jimmy Chiu
    System Analyst
    Federal Government
    Veteran Member
    (1880 points)
    Veteran Member
    Posts:640


    Send Message:

    --
    12/30/2011 2:43 PM
    Can you check the domain account that you associated with during the loaduser step for the online privileged identity? By any chance it got disabled? It's usually UID3.
    Jimmy Chiu
    System Analyst
    Federal Government
    Veteran Member
    (1880 points)
    Veteran Member
    Posts:640


    Send Message:

    --
    12/30/2011 2:48 PM
    WARNING: Undefined MessageProducer: SecurityEventLogger!
    WARNING: Undefined MessageProducer: RemoteImplLogger!

    These two error warnings are normal, they are related to M3 apps according to the lawson engineer I worked with on these warnings.
    John Costa
    Private
    Private
    Veteran Member
    (378 points)
    Veteran Member
    Posts:154


    Send Message:

    --
    12/30/2011 2:55 PM
    Jimmy,

    I did not create an online privileged identity as all of our users have individual domain user IDs, so I have not run the "loadusers" command as specified in the post-install steps of the environment install guide. I was about to create the "BATCH" privileged identity when I discovered the problem with Lawson Security.
    _________________ John - Wichita, KS
    John Henley
    Private
    Private
    Senior Member
    (9899 points)
    Senior Member
    Posts:3317


    Send Message:

    --
    12/30/2011 3:15 PM
    If you are getting the 'type mismatch' error and having login issues before you go to the "Privileged Identities" area, your issue isn't with "privileged identities", but with LS/RM as a whole. Are you able to run the SSO smoketest?
    Thanks for using the LawsonGuru.com forums!
    John
    John Costa
    Private
    Private
    Veteran Member
    (378 points)
    Veteran Member
    Posts:154


    Send Message:

    --
    12/30/2011 3:38 PM
    John - Yes, all three SSO smoke tests complete successfully.
    _________________ John - Wichita, KS
    John Henley
    Private
    Private
    Senior Member
    (9899 points)
    Senior Member
    Posts:3317


    Send Message:

    --
    12/30/2011 4:15 PM
    So the only problem you are having is with LSA? Can you run /server/Profile ? Have you installed portal yet?
    Thanks for using the LawsonGuru.com forums!
    John
    John Costa
    Private
    Private
    Veteran Member
    (378 points)
    Veteran Member
    Posts:154


    Send Message:

    --
    12/30/2011 5:04 PM
    John - All of the IOS smoketests fail due to a java error. I have not yet installed Portal. All that's installed on the system is the Core Environment and the Lawson Security Administrator.

    Maybe I should try deleting the enterprise applications from WebSphere and reinstall them?
    _________________ John - Wichita, KS
    John Costa
    Private
    Private
    Veteran Member
    (378 points)
    Veteran Member
    Posts:154


    Send Message:

    --
    12/30/2011 7:04 PM
    I fixed the problem!

    It turns out my environment license file was missing. Apparently, when I tried to update the existing license file from a backup, there was a problem accessing the backup file. Unfortunately, what I didn't realize was that the existing license file was deleted while I was trying to restore the backup. As a result, my environment was trying to start with no valid license file in place. I determined this after reviewing the various log files and found none of the services (ladb, lajs, etc.) were starting correctly.

    Correctly restoring the license file and restarting my environment corrected the issue. Thanks folks for trying to help. Have a happy new year.
    _________________ John - Wichita, KS
    You are not authorized to post a reply.