Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-4549

ssoadm should use 'com.iplanet.am.sdk.ldap' instead of 'com.iplanet.am.sdk.remote' for com.iplanet.am.sdk.package

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Won't Fix
    • Affects Version/s: 10.0.0, 10.0.1, 10.1.0-Xpress, 10.0.2, 11.0.0, 11.0.1, 11.0.2, 12.0.0
    • Fix Version/s: None
    • Component/s: CLI
    • Labels:
    • Rank:
      1|hzoq2n:
    • Support Ticket IDs:

      Description

      ssoadm talks to the configuration data store via LDAP, however as the JVM option

      -D"com.iplanet.am.sdk.package=com.iplanet.am.sdk.remote"
      

      is set in ssoadm script it also fires (uneeded) SOAP calls to OpenAM like ...

      'SMSObject.checkForLocal',
      'DirectoryManager.objectcsChagned_idrepo',
      'DirectroyManager.getFullyQualifiedNames_idrepo("dsameuser"…)',
      'DirectoryManager.getFullyQualifiedNames_idrepo("amadmin"…)'

      in a test

      ssoadm export-svc-cfg
      

      fired about 950 SOAP request 'DirectoryManager.getFullyQualifiedNames_idrepo("amadmin"…)' to OpenAM

      Workaround:

      replace

      -D"com.iplanet.am.sdk.package=com.iplanet.am.sdk.remote"
      

      with

      -D"com.iplanet.am.sdk.package=com.iplanet.am.sdk.ldap"
      

      in ssoadm script

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              bthalmayr Bernhard Thalmayr
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: