Novell is now a part of Micro Focus

My Favorites


Please to see your favorites.

Security Vulnerability: Novell Identity Manager engine installation leaves admin tree credentials in a file.

This document (7006705) is provided subject to the disclaimer at the end of this document.


Novell Identity Manager 3.6.1


When installing Novell Identity Manager (IDM) the installer prompts for credentials to the tree where IDM is being installed.  This is done so that schema can be extended for the IDM product within eDirectory.  A log file for the installation is written to /tmp/idmInstall.log which contains the steps taken during the installation and in some cases contains the credentials as entered by the administrator.


The log file is not needed by IDM or any other product after the installation is complete and is used for troubleshooting failures during the install.  It should be removed once the installation is completed.  The file is, by default, at the following location:


This location may change based on the system environment variables but should be in the defined temporary directory in any case.

This is currently resolved in IDM 4.01.  If there is another patch for IDM 3.6, this will also be included there.  There is no guarentee that there will be another 3.6 patch released at this time.  The suggestion is to upgrade to IDM 4.01


Security Alert


This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7006705
  • Creation Date:23-AUG-10
  • Modified Date:11-JUN-13
    • NetIQIdentity Manager

Did this document solve your problem? Provide Feedback