Question & Answer
Question
What diagnostic data should be collected to help IBM Support troubleshoot RBM (Role-Based Management) LDAP login problems on the DataPower Gateway Appliance?
If you are having problems with LDAP via AAA policy or custom xslt, follow link below for data collection -
Answer
The following information describes the steps to collect diagnostic data needed by IBM support to investigate the problem.
A. Describe the problem:
Provide detailed problem description - including error messages or the unexpected results.
- Is this an existing environment or a new setup?
- Are there any recent changes that might have caused the problem to occur?
B. Recreate the problem to collect error-report set at RBM debug level and packet capture:
1) Enable RBM Debug Logging from default domain
Control Panel -> Troubleshooting -> Logging
Log Level = Debug
Enable Internal Logging = ON
Enable RBM Debug logging = ON
Click 'Set Log Level'
2) Start packet capture from default domain
Control Panel -> Troubleshooting -> 'Start Packet Capture' section
Interface Type= All Interfaces
Mode= Continuous
Maximum size= 20000
Maximum Packet Size= 9000
Filter Expression= host x.x.x.x (where x.x.x.x is the IP address of the LDAP server)
Log SSL Key = ON (if using SSL/TLS to the LDAP server)
click 'Start Packet Capture'
3) Recreate the Problem
C. Download the data and submit to IBM Support for review.
1) Generate Error-Report:
Control Panel -> Troubleshooting -> Reporting -> click 'Generate Error Report'
2) Stop the packet capture:
Control Panel -> Troubleshooting -> 'Stop packet capture' section
Interface Type= All Interfaces
click 'Stop Packet Capture'
3) Download the error-report, packet capture and sslkeyfile:
temporary:///capture.pcap
logtemp:///sslkeyfile.log
4) Export the RBM configuration
5) Upload the files to the IBM DataPower support case -
Was this topic helpful?
Document Information
Modified date:
03 April 2023
UID
swg21410242