Known Issues and Limitations

Configuration Issues

“Notification URL needs to be updated for Access Manager SDK installation without web container (6491977)” on page 19

“Password Reset service reports notification errors when a password is changed (6455079)” on page 19

“Platform server list and FQDN alias attribute are not updated (6309259, 6308649)” on page 20

“Data validation for required attributes in the services (6308653)” on page 20

“Document workaround for deployment on a secure WebLogic 8.1 instance (6295863)”

on page 20

“The amconfig script does not update the realm/DNS aliases and platform server list entries (6284161)” on page 20

“Default Access Manager mode is realm in the configuration state file template (6280844)” on page 21

Notification URL needs to be updated for Access Manager SDK installation without web container (6491977)

If you install the Access Manager SDK without a web container by running the Java ES 5 installer with the Configure Now option, the com.iplanet.am.notification.url property in the AMConfig.properties file is set toNOTIFICATION_URL. If you don't perform any additional web container configuration, users will not receive notifications from the remote Access Manager server.

Workaround: Reset this property as follows: com.iplanet.am.notification.url=""

Password Reset service reports notification errors when a password is changed (6455079)

When a password is changed, Access Manager submits the email notification using an unqualified sender name Identity-Server which results in errors entries in the amPasswordReset logs. Example:

07/19/2006 10:26:04:010 AM PDT: Thread[service-j2ee,5,main]

ERROR: Could not send email to user [Ljava.lang.String;@999262

com.sun.mail.smtp.SMTPSendFailedException: 553 5.5.4 <Identity-Server>...

Domain name required for sender address Identity-Server

Workaround: Change the configuration in

/opt/SUNWam/locale/amPasswordResetModuleMsgs.properties.

Change the from address. Change fromAddress.label=<Identity-Server> to fromAddress.label=<IdentityServer@myhost.company.com>

Change the lockOutEmailFrom property to insure that lockout notifications use the correct from address.

Sun Java System Access Manager 7.1 Release Notes

19

Page 19
Image 19
Sun Microsystems 819468310 manual Configuration Issues