It's been long break for me here. Busy with an SSO solution for one of our prestigious client. Will be posting on that as well in next few days.. :) But for now it's something which I encountered recently while enabling security of Portal 6.0 with AD 2007 hosted on Windows 2008.
During the enable-security-wmmur-ldap script, I was getting following error at the Portal server startup task.
Target started: action-configure-content-security
action-configure-content-security:
xmlaccess EJPXB0006I: Connecting to URL http://localhost:10038/wps/config/
xmlaccess EJPXB0002I: Reading input file D:\WPS6\IBM\WEBSPH~1\PORTAL~1\config\work\ContentAdminGroupsPAC.xml
Error 404: Initialization of one or more services failed.
xmlaccess EJPXB0015E: Server response indicates an error.
xmlaccess EJPXB0015E: Server response indicates an error.
xmlaccess EJPXB0006I: Connecting to URL http://localhost:10038/wps/config/
xmlaccess EJPXB0002I: Reading input file D:\WPS6\IBM\WEBSPH~1\PORTAL~1\config\work\ContentUserGroupsPAC.xml
Error 404: Initialization of one or more services failed.
xmlaccess EJPXB0015E: Server response indicates an error.
xmlaccess EJPXB0015E: Server response indicates an error.
Mon Jan 31 21:59:35 IST 2011
Target started: action-init-accesscontrol
action-init-accesscontrol:
echo Calling ContentModelInitializer
Target finished: action-init-accesscontrol
Target finished: action-configure-content-security
Target finished: enable-security-wmmur-ldap
When I checked the sysout.log file I found the following error.
1/31/11 21:54:22:023 IST 0000000a Servlet E com.ibm.wps.engine.Servlet init EJPFD0016E: Initialization of service failed.
com.ibm.wps.ac.DomainAdministratorNotFoundException: EJPSB0107E: Exception occurred while retrieving the identity of the domain adminuser/admingroup cn=wpadmin,cn=users,dc=newmail,dc=com.
action-configure-content-security:
xmlaccess EJPXB0006I: Connecting to URL http://localhost:10038/wps/config/
xmlaccess EJPXB0002I: Reading input file D:\WPS6\IBM\WEBSPH~1\PORTAL~1\config\work\ContentAdminGroupsPAC.xml
Error 404: Initialization of one or more services failed.
xmlaccess EJPXB0015E: Server response indicates an error.
xmlaccess EJPXB0015E: Server response indicates an error.
xmlaccess EJPXB0006I: Connecting to URL http://localhost:10038/wps/config/
xmlaccess EJPXB0002I: Reading input file D:\WPS6\IBM\WEBSPH~1\PORTAL~1\config\work\ContentUserGroupsPAC.xml
Error 404: Initialization of one or more services failed.
xmlaccess EJPXB0015E: Server response indicates an error.
xmlaccess EJPXB0015E: Server response indicates an error.
Mon Jan 31 21:59:35 IST 2011
Target started: action-init-accesscontrol
action-init-accesscontrol:
echo Calling ContentModelInitializer
Target finished: action-init-accesscontrol
Target finished: action-configure-content-security
Target finished: enable-security-wmmur-ldap
When I checked the sysout.log file I found the following error.
com.ibm.wps.ac.DomainAdministratorNotFoundException: EJPSB0107E: Exception occurred while retrieving the identity of the domain adminuser/admingroup cn=wpadmin,cn=users,dc=newmail,dc=com.
When I troubleshooted further, I found that this is because of the password policy implementation in WPS which restricts some special characters to be used as usename and password. In windows 2008 you have certain password policy constraints that prevents a plain password to be entered while creating a user. You atleast need to enter one special character.
I found this link on the infocenter which elaborates on the special characters for username and password.
Based on this I have used "Underscore" in the password rather then restrictive special characters in WPS while creating user in AD and then try running the above task and it successfully completed.
Hope this small troubleshooting may help somebody in his hard times with portal integration with LDAP.
