Environment
NetIQ Identity Manager Engine Other
NetIQ Identity Manager Driver - LDAP
NetIQ Identity Manager Engine Style-sheets
Situation
During startup, the driver will try to set a password on the OnBoarding job for the Permission Collection and Reconciliation Service, and after Identity Manager 4.0.2 Engine and Remote Loader Patch 7 the following can be seen in the driver log when the driver is starting:
: LDAP Driver PT: Action: do-set-local-variable("setNamedPwd",scope="policy",arg-object(token-xpath("jcmd:commandLine(string($SETPWDCMD))"))).
: LDAP Driver PT: arg-object(token-xpath("jcmd:commandLine(string($SETPWDCMD))"))
: LDAP Driver PT: token-xpath("jcmd:commandLine(string($SETPWDCMD))")
: DirXML Command Line Utility
: version 4.0.2.7
: Copyright (C) 2003-2011 Novell Inc., All Rights Reserved
: java.security.cert.CertificateException: Could not parse certificate: java.io.IOException: Illegal footer: -----END CERTIFICATE-----
: at sun.security.provider.X509Factory.engineGenerateCertificate(Unknown Source)
: at java.security.cert.CertificateFactory.generateCertificate(Unknown Source)
: at com.novell.nds.dirxml.util.DxCommand.initServerCert(DxCommand.java:1420)
: at com.novell.nds.dirxml.util.DxCommand.encryptPassword(DxCommand.java:1455)
: at com.novell.nds.dirxml.util.DxCommand.setNamedPassword(DxCommand.java:1714)
: at com.novell.nds.dirxml.util.DxCommand.access$9900(DxCommand.java:55)
: at com.novell.nds.dirxml.util.DxCommand$ArgSetNamedPwdHandler.handleArg(DxCommand.java:4028)
: LDAP Driver PT: Action: do-set-local-variable("setNamedPwd",scope="policy",arg-object(token-xpath("jcmd:commandLine(string($SETPWDCMD))"))).
: LDAP Driver PT: arg-object(token-xpath("jcmd:commandLine(string($SETPWDCMD))"))
: LDAP Driver PT: token-xpath("jcmd:commandLine(string($SETPWDCMD))")
: DirXML Command Line Utility
: version 4.0.2.7
: Copyright (C) 2003-2011 Novell Inc., All Rights Reserved
: java.security.cert.CertificateException: Could not parse certificate: java.io.IOException: Illegal footer: -----END CERTIFICATE-----
: at sun.security.provider.X509Factory.engineGenerateCertificate(Unknown Source)
: at java.security.cert.CertificateFactory.generateCertificate(Unknown Source)
: at com.novell.nds.dirxml.util.DxCommand.initServerCert(DxCommand.java:1420)
: at com.novell.nds.dirxml.util.DxCommand.encryptPassword(DxCommand.java:1455)
: at com.novell.nds.dirxml.util.DxCommand.setNamedPassword(DxCommand.java:1714)
: at com.novell.nds.dirxml.util.DxCommand.access$9900(DxCommand.java:55)
: at com.novell.nds.dirxml.util.DxCommand$ArgSetNamedPwdHandler.handleArg(DxCommand.java:4028)
Resolution
This is a cosmetic error, the password is being set on the Onboarding Job configuration.
Additional Information
It is possible to use DxCMD to check that the password has been set:
dxcmd
-> 7: Job operations...
-> 2: Operations on a specific job object...
-> Select the PermissionOnbording.<driver>.<driverset> job
-> 6: Passwords operations
-> 3: List named passwords
if 'ua-password' is listed, then the password have been set.
dxcmd
-> 7: Job operations...
-> 2: Operations on a specific job object...
-> Select the PermissionOnbording.<driver>.<driverset> job
-> 6: Passwords operations
-> 3: List named passwords
if 'ua-password' is listed, then the password have been set.