Monday, March 5, 2012

OpenAM Password Reset : There are no questions configured for you

I'm still playing around with OpenAM 10.0 EA, but have been stuck with the following Password Reset feature for days:

"There are no questions configured for you" - How can it be? I have followed exactly the steps described in OpenAM Administrator Guide.

I have explicitly keyed in "MacDonald" for the challenge question. What else can it be?

In the end, I gave up. I asked my colleague to provide a fresh pair of eyes. He took less than a minute!

OMG! That's not very obvious to me.

So ... if the Password Reset question is set and - most importantly - enabled, then the following is the expected flow:

Step 1:

Step 2:

Step 3:


PS: Password Reset feature is not related to Password Policy in Directory Server (aka OpenDJ / DSEE / AD). 

Thursday, March 1, 2012

Sun Java System Web Server 7.0 not able to start after installing ForgeRock OpenAM Policy Agent 3.0.4

My customer has some servers that are installed with Sun Java System Web Server 7.0 on Solaris 10 Sparc. These servers are to be protected with ForgeRock Policy Agent 3.0.4.

It's not complicated. In fact, I have done this many times in another customer's site.

It has been some time since I touched Sun Web Server. :) So, there's no luck today!

# more /export/products/webserver7/ 

[01/Mar/2012:16:36:50] info (13057): CORE1116: Sun Java System Web Server 7.0 B12/04/2006 10:15 [01/Mar/2012:16:36:50] failure (13057): CORE2253: Error running Init function load-modules: dlopen of /openam_web_agents/sjsws_agent/lib/ failed ( webservd: fatal: /openam_web_agents/sjsws_agent/lib/ wrong ELF class: ELFCLASS64)

Luckily, this is simple to solve. I installed the wrong PA binary. Ha!

I should have installed the 32-bit binary, instead of the 64-bit.