APAR status
Closed as duplicate of another APAR.
Error description
TAMe 4.1+FP10 on Solaris 8 Customer experiencing same problem as reported in March 2004 in PMR 10228,999,000, that being after ivacld.idb is refreshed, ivacld will not start. They are experiencing this in 6 additional ivacld servers. They receive the following error message in the msg__ivacld.log file: 2004-04-30-06:28:42.333+00:00I----- 0x1005B0B4 pdacld FATAL acl general ivacld.cpp 364 0x00000001 The Authorization Server could not be started (0x132120c8). Refreshing the password and certificate manually using "svrsslcfg -chgpwd" and "svrsslcfg -chgcert" doesn't have any effect. Confirmed ssl-auto-refresh in ivacld.conf is set to "yes". ************ In trying to determine whether the date on the key database file in question (ivacld.kdb) and/or it's corresponding .sth file gets changed to reflect a regenerated certificate or refreshed password during/after the problem occurs, had the customer provide ls -l output on the "db" and "keytab" directories as shown here: As you can see both the ivacld.db and the ivacld.kdb and sth files were updated on April 30, 2004, the date the problem started to occur. <ivmgr@msddrpd03> ls -l db key* db: total 13344 -rw------- 1 ivmgr ivmgr 3407872 Apr 30 01:25 ivacld.db -rw------- 1 ivmgr ivmgr 3407872 Apr 30 01:12 ivacld.db.backup keytab: total 64 -rw------- 1 ivmgr ivmgr 10080 Apr 30 13:42 ivacld.kdb -rw------- 1 ivmgr ivmgr 129 Apr 30 13:39 ivacld.sth -rw------- 1 ivmgr ivmgr 10080 Apr 1 14:36 ivmgrd.kdb -rw------- 1 ivmgr ivmgr 129 Apr 1 14:36 ivmgrd.sth -rw------- 1 ivmgr ivmgr 5080 Dec 10 2002 pd.kdb -rw------- 1 ivmgr ivmgr 129 Dec 10 2002 pd.sth -rw------- 1 ivmgr ivmgr 1070 Oct 30 2002 pdcacert.b64 -rw------- 1 ivmgr ivmgr 1070 Jun 25 2003 pdcacert_download.b64 ************ The only thing that gets them back up and running is to unconfigure/reconfigure ivacld. After discussing with L3, to allow customer to get server back into production, requested the customer run and provide system_status.ksh before AND after they unconfigured/reconfigured ivacld. CUSTOMER DATA The system_status.ksh output is available for L3 to review: $ pwd pdlevel3.tivlab.austin.ibm.com/pmrs/30321,999,000 $ ls msddrpd03_05-10-04_13-28-42 msddrpd03_06-11-04_16-05-41 ^ ^ | | | | before unconfigure/reconfigure after unconfigure/reconfigure
Local fix
Problem summary
Problem conclusion
Temporary fix
Comments
Per Chet H, duplicate of IY53760.
APAR Information
APAR number
IY59026
Reported component name
ACCESS MGR BASE
Reported component ID
5724C0801
Reported release
410
Status
CLOSED DUB
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2004-07-19
Closed date
2004-07-30
Last modified date
2004-09-30
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Applicable component levels
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSPREK","label":"Tivoli Access Manager for e-business"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"410","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]
Document Information
Modified date:
30 September 2004