Environment
NetIQ Access Manager 3.2
Novell Access Manager 3.1
Situation
- Novell Access Manager Console 3.2SP1
- The default NIDP "test-signing" certificate has been replaced with an official certificate before a userstore has been configured
- Adding an eDirectory userstore with the option "Install NMAS SAML method" returns the eDirectory error "-601 FFFFFDA7 NO SUCH ENTRY"
Resolution
- export the configured signing certificate and its root chain
- open iManager with the latest available "NMAS Plug-ins" and "Novell Certificate Server Plug-ins" installed.
- open Roles and Tasks => NMAS Login Methods
- select the SAML Assertion authentication method
- open the affiliate menu
- review / note the "Trusted Root Container" for each already configured affiliate
- import previously exported signing certificate and root certificate(s) into the assigned "Roles and Tasks => Novell Certificate Server => Create Trusted Root".