CTGDIS810E handleException - cannot handle exception , update com.ibm.dsml2.jndi.DSML2NamingException: other:null

CTGDIS810E handleException - cannot handle exception , update 
com.ibm.dsml2.jndi.DSML2NamingException: other:null

This above exception came when i was creating few test users in ISIM test environment and I had prepared all the test users data correctly in input file for loading in ISIM via  HR feed manual execution, After execution i saw this exception in TDI logs and i realized that something went wrong in HRMS feed JNDI DSML connector and in JNDI connection configuration.
I did my analysis and had performed few actions like comparison with production JNDI AL, configuration match....etc.
After putting all the things and without success, randomly i had look trace.log and saw ITIM messaging bus was stopped. immediately I realized because of this reason ITIM bus was not processing the requests to ISIM.
Simply I took WAS restart and the problem got resolved without crying here and there.

Worst Experience in Auckland Sandrigham Park.

Usually me and my flatmates always prefer to go for walk in Auckland Sandrigham park in New zeland. This is very beautiful and awesome country where we can stay for long term and permanently. People respect each other very well and so many good rules are placed by the New Zealand Government.
But we never know what accident can be happen with us in future. One day horrible situation created for me by the GOD to have some terrible experience and some lesson learning, it was around 7:30 PM and that day my flatmate went for his office party, so i just went for a walk alone and it was Saturday evening and there was no crowed in the park.
In new zeland, There are different-different people identity like Kiwi, Tonga, Mowaries and Physi Indians, so I was attacked by three drinkers and start abusing me like are you Indian so i said No I am not Indian to save myself.
I forgot everything at that movement they were three and very tall and big black guys. they abused me and asked for a money. first i started to look the area, i was able to see only trees, no peoples and no crowd was over-there.
I saw there was small nullah, I have run through my complete strength and cross that nullah. but in three of them one of the guy was able to crossed and he again caught me. The good thing was happened I came in public area wherein two Indian people was putting their cloths in their cars. I sought for help, but they did not response on my voice. somehow i was able to near to them with that guy who was drunk and trying to force me for money.
the guy who caught me started to loose his control from me, I realized this is right time to move and run because he was loosing his concentration from me and asking money to another Indians who were near to car.
I just hit his hand from my hand and never look back, just far away from there. I run with my complete strength for 10 min.
Overall for me the lesson is, always be health conscious, at least if you cant hit them back just try to save yourself.

CWSIT0103E: No messaging engine was found that matched the following parameters: bus=itim_bus, targetGroup=null, targetType=BusMember, targetSignificance=Required, transportChain=InboundSecureMessaging, proximity=Server.

Caused by: com.ibm.websphere.sib.exception.SIResourceException: CWSIT0088E: There are currently no messaging engines in bus itim_bus running. Additional failure information: CWSIT0103E: No messaging engine was found that matched the following parameters: bus=itim_bus, targetGroup=null, targetType=BusMember, targetSignificance=Required, transportChain=InboundSecureMessaging, proximity=Server. 

Solution:- when your ITIM environment will not proceed requests and all the request will be in queued because of this Error, so in this case below steps need to be taken.

1. clean WAS Trans and partner log

2. Restart of DB2, TDS and WAS. 

This solution worked for my customer environment, hope will help yours as well.

Regards

Arvind Kumar

CTGDIS078I AssemblyLine AssemblyLines/ITDIRMI_Dispatcher_Boot_AL failed with error: Port already in use: 0; nested exception is:

            java.net.BindException: Address already in use: NET_Bind. 

Customer experience:- I took manual steps like ending java process and dispatcher restart but that not help me out. this problem mainly happen in windows based OS when your RMI dispatcher does not stop completely. 

To resolve this error and customer impact, only way is just reboot the window box.

HTH

Arvind Kumar

windows could not start the Access manager

Error:- windows could not start the Access manager instance.
Solution:- This issue occurs because of two reasons probably like when you have changed some parameter in webseal instance conf file which not valid or may not supported.
and second case would be when webseal instance logs file size exceed, once you reduce the instance log file size, issue will surely resolved.

sometime customer needs immediate solution, so always save your bandwidth by facing kind of experiences rather than doing a logs analysis and complete logs reading.

Regards
Arvind kumar

Block URL on webseal TAM 6.1

Few months back, I received customer requirement to block specific URLs through TAM webSEAL which running on virtual host junction like y.z.com, so i had just performed following steps.

Steps:- 1. Create a restricted ACL for access requiring authentication:
pdadmin> sec_master> acl create restricted
pdadmin> sec_master> acl modify restricted set group iv-admin TcmdbsvaBRrxl
pdadmin> sec_master> acl modify restricted set group webseal-servers Tgmdbsrxl
pdadmin> sec_master> acl modify restricted set user sec_master TcmdbsvaBRlrx
pdadmin> sec_master> acl modify restricted set any-other Trx
pdadmin> sec_master> acl modify restricted set unauthenticated T

2. Attach the restricted ACL to the /sapnet directory on y.z.com (entered as one line):
pdadmin sec_master> acl attach 
/WebSEAL/instance name/@vhost-y.z/sapnet restricted

Kt pass command mandatory for SPNEGO authentication on AD controller

I had faced issue during SSO integration for Salesforce application in TAM 6.1 environment.
scenario was basically to provide SPNEGO authentication for internal customer users and form based authentication to external customer users.
every steps i did perfectly in WebSEAL like junction creation, ACL and groups imply on Salesforce application. but i chased for SPNEGO authentication through webseal.
after putting some efforts, i found that i missed KTpass command on AD controller.

Command:-

ktpass -princ HTTP/apps.test.com@DOMAIN.COM –mapuser username.

 Regards
Arvind Kumar

Unable to accept request to unknown address

I had faced this error during TFIM IDP and SP partner communication.

Error:-
                                                         
Unable to accept request to unknown address, https://login.hostname.local:
9443/sps/idplogin/saml20/Login, this may be due to:                    
No configured endpoint or protocol exists that is mapped to this      
endpoint                                                              
Because this endpoint is unknown to this SPS, please validate that    
other applications such as the point of contact or partner sign-on    
servers are correctly configured for the correct endpoints.This is not
a problem with the SPS.      

Solution:- I found the solution that Service partner configuration mapped wrong.
                  vendor has configured wrong IDP URL in service provider configuration setting.
request failing because letter change in the URL  
with "Login", starting with a capital "L" and it has to be small letter.                          
                                                                       
https://login.hostname.local:9443/sps/idplogin/saml20/Login            
                                                                       
the call has to be made using login in all lower case... i.e.:        
                                                                       
https://login.athene.local:9443/sps/idplogin/saml20/login            

hope this helps.

HPDRG0201E Error code 0x31 was received from the LDAP server. Error text: "Invalid credentials".

HPDRG0201E   Error code 0x31 was received from the LDAP server. Error text: "Invalid credentials".

 Solution:  I faced this error during IBM Security access manager packages configuration.
                  found there was no "secAuthority=Default" suffix on the ldap.
                  so I have added this suffix on SAM ldap.

/opt/ibm/ldap/V6.0/sbin/idscfgsuf -I ldapdb2 -s secAuthority=Default
                      

IBM DB2 Enterperise Server Edition V9.7 not detected, install can not continue.

IBM DB2 Enterperise Server Edition V9.7 not detected, install can not continue.

error: %pre(idsldap-srv64bit63-6.3.0-0.x86_64) scripted failed, exit status 1
error: install: %pre scriptlet failed (2). skipping idsldap-srv64bit63-6.3.0.0

Description: - I faced this error when i was installing base TDS 6.3.0 version with DB2 10.1
                     

Solution: - TDS 6.3.0 does not support Db210.1 , Minimum it is required TDS level 6.3.0.21.

                

AM GLPRPL116E Replication for DN 'CN=ip:1389,CN=ip:1389,IBM-REPLICAGROUP=DEFAULT,OU=PORTAL,DC=COM' encountered a gap in the change IDs: 26 followed 24 after trying one more time but is continuing.

AM GLPRPL116E Replication for DN 'CN=ip:1389,CN=ip:1389,IBM-REPLICAGROUP=DEFAULT,OU=PORTAL,DC=COM'
encountered a gap in the change IDs: 26 followed 24 after trying one more time but is continuing.

 This error I faced when i was doing IBM TDS master- replica configuration in the environment.

Solution:- error occur because of encryption seed & salt values different on TDS servers

1 ) check the sync & salt value on both TDS server's from the below ldap command that should be the same.

ldapsearch -D <username> -w <passowrd> -h ip -p 1389 -s base -b cn=crypto,cn=localhost cn=*

if value are different, again recreated the instance and provide the same encryption seed otherwise replication will not work.