Solutions
Archived

Configuring OpenAM 12.0.0 using the configurator.jar tool fails with external user store

Last updated Jan 5, 2021

The purpose of this article is to provide assistance if configuring OpenAM 12.0.0 using the configurator.jar tool (openam-configurator-tool-12.0.0.jar) fails if you have an external user store. The external user store is specified by the USERSTORE_TYPE property in the configurator.jar tool.


2 readers recommend this article

Archived

This article has been archived and is no longer maintained by ForgeRock.

Symptoms

If you are trying to configure OpenAM with an external user store, the configuration fails when the configurator tool tries to create the demo user. You will see the following at the end of the configuration progress messages:

Configuring server instance....Done Creating demo user. Configuration failed!

The corresponding error is shown in the install log as follows, where errorcode=91 is shown instead of errorcode=65 if you have used LDAPS:

Configuring server instance....Done Creating demo user.AMSetupServlet.processRequest: errorMessage:Plug-in org.forgerock.openam.idrepo.ldap.DJLDAPv3Repo encountered a ldap exception. ldap errorcode=65 at org.forgerock.openam.idrepo.ldap.DJLDAPv3Repo.newIdRepoException(DJLDAPv3Repo.java:2478) at org.forgerock.openam.idrepo.ldap.DJLDAPv3Repo.handleErrorResult(DJLDAPv3Repo.java:2451) at org.forgerock.openam.idrepo.ldap.DJLDAPv3Repo.create(DJLDAPv3Repo.java:656) at com.sun.identity.idm.server.IdServicesImpl.create(IdServicesImpl.java:449) at com.sun.identity.idm.AMIdentityRepository.createIdentity(AMIdentityRepository.java:384) at com.sun.identity.setup.AMSetupServlet.createDemoUser(AMSetupServlet.java:2409) at com.sun.identity.setup.AMSetupServlet.configure(AMSetupServlet.java:1206) at com.sun.identity.setup.AMSetupServlet.processRequest(AMSetupServlet.java:693) at com.sun.identity.setup.AMSetupServlet.doPost(AMSetupServlet.java:613) at javax.servlet.http.HttpServlet.service(HttpServlet.java:646) at javax.servlet.http.HttpServlet.service(HttpServlet.java:727) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.forgerock.openam.validation.ResponseValidationFilter.doFilter(ResponseValidationFilter.java:44) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:117) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:503) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:421) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1070) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611) at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:314) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1146) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:701)

Recent Changes

Upgraded to OpenAM 12.0.0.

Causes

The value of the USERSTORE_TYPE parameter is incorrectly removed during the configuration process when using the CLI Configurator. This parameter is used by AMSetupServlet to determine that an external User Store should be configured. In this case, OpenAM does not known an external user store is being used which causes the configuration to fail.

Solution

This issue can be resolved by upgrading to OpenAM 12.0.1 or later; you can download this version from BackStage.

Alternatively, you can use the patched configurator tool, which is included in the attached SSOConfiguratorTools-12.0.0.zip.

See Also

OpenAM Reference › OpenAM Command Line Tools › configurator.jar

Related Training

N/A

Related Issue Tracker IDs

OPENAM-5381 (Specifying an external user store when using configurator tool is not being processed correctly)

OPENAM-5397 (Unable to Install OpenAM 12.0.0 using the command line configurator)

OPENAM-5597 (Cannot configure external OpenDJ with openam-configurator-tool)


Copyright and Trademarks Copyright © 2021 ForgeRock, all rights reserved.