Wednesday Dec 02, 2009

JSESSIONID with Weblogic 10.3 and IDM

Hello All,

I hope you're enjoying the holidays. I wanted to make a post before the new year so I went back to review some of my old cases and I came up with this one.


After an upgrade from 7.0 to we would run a recon and then go check the recon status and we saw the error:

[Read More]

Friday Oct 16, 2009

Recon Part 2

Hello All,
    This is part two of the Recon blog. Sorry it took so long to get this out but if you know me, you know once I go down a road I keep digging. In this case I kept get deeper and deeper into the subject and this is what I came up with. 

What I will do is walk through a AD reconciliation and talk about the gateway. I will end with some tips on why Recons fail and what to look for.
[Read More]

Friday Aug 07, 2009


I have been fighting with this topic for a while. It always comes up in conversations with customers and fellow workers. Reconciliation, It can cause you headaches or it can be your friend. What I am going to attempt is first a basic blog about recons . Then I plan to go into detail on another blog on how an AD recon works by going through the gateway and then to AD. So here it goes.

1. What is a Recon?
[Read More]

Tuesday Jun 09, 2009

Manual Upgrade of IDM using Sun App Server with a JDBC Data Source

Hello Again .

I ran into this issue while troubleshooting a post process error doing a manual upgrade from to 8.1 using Sun App Server with a JDBC Data Source defined. I will show the errors I was getting and then show you the steps on how to do this.

Note: The documentation is correct but if you don't read it you will miss a few gotchas that my customer and I ran into.  

For the customer issue they were doing a manual upgrade from IDM to 8.1 using  Sun App Server 9.1 with Microsoft SQL as their repository connecting through JDBC Data Source.

What they did to upgrade:
[Read More]

Wednesday Mar 25, 2009

What is a View?

What is a View?

A view is a collection of Attributes that come together from one or more objects that are managed by IDM. They are transient, dynamic and are not stored in the Repo. Basically think of it as a snapshot of Attributes. It can change depending on what your Workflow/Form is doing. You run into views primarily in Workflows and Forms.

[Read More]

Monday Mar 09, 2009 while doing a test connection to gateway

I ran into this issue the other day and thought I would post this . I was upgrading my IDM server from 6.0sp2 to 6.0sp4 and noticed that when I was doing a test connection for my AD resource I saw the following error.

The error you will see is "AD: ==>\\n"

I went to the debug/Gateway.JSP and tried to check the version. I got the same error message.

Once you see this, if you look at the gateway trace from the command line by running gateway where ever you have your gateway.exe file.

03/02/2009 [2900] (../../../../src/wps/agent/connect/RASecureConnection.cpp,287): ReceivePrivate:
TERMINATING CONNECTION: incoming sequence number -1141250322 does not match receive count 0
03/02/2009 [2900] (../../../../src/wps/agent/connect/client_handler.cpp,350): ReceivePrivate() mesage refused 1

To fix this issue:

1. Open registry (ie. regedit)

2. Locate gateway entry (ie. Software\\\\Waveset\\\\Lighthouse\\\\Gateway)

3. If you see "ServerSignature" key, delete it by right clicking on the key and select "Delete"

This default key is used to encrypt the communication between IdM and the gateway.

This will fix your issue in most cases

On certain occasions you might have to also do:

Remove the key on the IDM side from the resource itself using these instructions:

1. First please go to the debug URL

2. List objects of type "Resource"

3. Take a back-up of one of the resources in question that uses the GW. We only need to test with one of them to see if this change makes it work. No need to worry about the other one(s) at this point.

4. After taking a back-up, click on the "edit" link for the resource in question.

5. Scroll down to the very bottom of the text box and delete the entry that looks like this. All 3 or 4 lines need to be removed.

   <ObjectRef type='EncryptionKey' id='#ID#1ADD6A42FBB66F6A:15E0C2B:11A70463869:-7B40' name='GatewayEncryptionKey'/>

6. Then save it and try the test connection again for the resource to see if it's successful.

I hope you find this little tidbit useful as it doesn't happen often but when you install and uninstall as much as I do it seems to happen more.


I have been in support for about 10 years now and have been doing IDM support for 5 years now. I have been working for SUN for 9 years and have supported the whole JES Stack during that time.


« June 2016