Sunday, August 12, 2012

No such Organization found

There was a discussion in OpenAM mailing list few days ago with regard to an error - "No such Organization found". 



When such an error occurs, there are a few possibilities. One of it is a mis-configuration in Realm/DNS Aliases, such that an identical alias is created in different Realm.
 
The following shows an alias "idp.azlabs.sg" being created in Top Level Realm.



The same alias "idp.azlabs.sg" is also being created in Realm "testrealm".




When such a setting is configured, "No such Organization found" error will be displayed when a user or administrator attempts to login via OpenAM login page. As such, you are stuck if you are an administrator! There is no way you can login via the GUI.

How to resolve this issue?


* Use a LDAP browser to explicitly delete the duplicate alias.

The following is the alias which we want to keep:




The following is the duplicate alias which we need to delete:



Delete the entry "sunxmlKeyValue=sunidentityrepositoryservice-sunOrganizationAliases=idp.azlabs.sg" will do the trick! Remember to restart OpenAM server.




By the way, the following error is captured in Authentication debug log - "Multiple mappings found for organization identifier: idp.azlabs.sg".





This is where a lot of people failed to check before posting their questions in the mailing list. If one could look at the Authentication debug log in detail, the root cause is pretty obvious.

.

Tuesday, August 7, 2012

Sun Directory Server EOL Dates

I have a few customers who are still running Sun Java System Directory Server Enterprise Edition 6.3.x. One of them called me this morning wanting to know when will 6.3.x support ends.

I think the following information is helpful.



Note: Support for Sun DSEE 6.3.x ends on Dec 2013 and there is no extended support. Any customer who wants to continue to use Sun DSEE has to migrate to 7.x.


.