• Sun
    December 16, 2008

Removing Authentication Module From Auth Chain On Command Line

Guest Author
Someone asked me for help to correct an Access Manager 7.1 environment. The default auth chain "ldapService" was modified on this AM7.1 instance by adding anonymous module as required. However, the anonymous module was not configured right to include amadmin in the user list. After this change, amadmin can not login any more to the default auth chain.
I wrote a script to fix this quickly.
new="iplanet-am-auth-configuration=LDAP REQUIRED "
old="iplanet-am-auth-configuration=LDAP REQUIRED Anonymous REQUIRED "
ldapmodify -D "cn=Directory Manager" -w $pass -h $host -p $port << EOF
dn: $dn
changetype: modify
delete: sunkeyvalue
sunkeyvalue: $old
ldapmodify -D "cn=Directory Manager" -w $pass -h $host -p $port << EOF
dn: $dn
changetype: modify
add: sunkeyvalue
sunkeyvalue: $new
Actually this can be fixed on console itself. Though amadmin can not login to AM7.1 by URL /amserver/UI/Login, you should be able to login by appending ?module=LDAP or ?module=DataStore to the login URL.

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.