Creation of External Role Fails with External role not found in External Identitiy store (LDAP)
(Doc ID 2995598.1)
Last updated on JANUARY 10, 2024
Applies to:
Enterprise Manager Base Platform - Version 13.4.0.0.0 and laterInformation in this document applies to any platform.
Symptoms
Unable to create an External Role and getting error as Ensure the role exists in LDAP Store
==> emoms.trc <==
2023-12-15 11:53:32,745 [EMUI_11_53_32_/console/admin/rep/rolePrivsSystem$roleName=$operation=add$updateResult=updateSucceeded] WARN rep.RolePrivsData getRoleData.1149 - errMsg=Role PDC_USR_G_ORAP_PSO_O_DP not found in the external identity store (LDAP). Ensure the role exists in LDAP store.
2023-12-15 11:53:32,745 [EMUI_11_53_32_/console/admin/rep/rolePrivsSystem$roleName=$operation=add$updateResult=updateSucceeded] WARN rep.RolePrivsData getRoleData.1149 - errMsg=Role PDC_USR_G_ORAP_PSO_O_DP not found in the external identity store (LDAP). Ensure the role exists in LDAP store.
==> emoms.log <==
==> emoms.trc <==
==> emoms.log <==
2023-12-15 11:53:32,839 [[STUCK] ExecuteThread: '52' for queue: 'weblogic.kernel.Default (self-tuning)'] ERROR em.MetricEngine logp.251 - MetricCollectorThread[MetricCollector:RACCOLL152:15] unable to find metric WAIT_EVENT_HISTOGRAM
Changes
Old entries where still referring and was unable to capture with normal debug so please follow these steps
Please enable the Debug logs as below since normal Debug mode logs are not capturing any errors
a) Upload the sysman logs with debug enabled
emctl set property -name "log4j.category.oracle.sysman.core.sec.authz.opss.OPSSPolicyStoreUtil" -value "DEBUG" -sysman_pwd <sysman_password>.
emctl set property -name "log4j.category.oracle.sysman.eml.admin.rep.RolePrivsData" -value "DEBUG" -sysman_pwd <sysman_password>.
b) EMGC_OMS1.out logs with OVD debug enabled
1. Run setenv WLST_PROPERTIES "-Dweblogic.security.TrustKeyStore=DemoTrust"
2. Run $ORACLE_HOME/oracle_common/common/bin/wlst.sh
3. Connect to WLS console by running the following command:
connect('user','password','t3s://<ADMINHOST_URL>:<ADMIN_PORT>')
4. Check the loggers are loaded :
listLoggers(pattern="oracle.ods.*",target="EMGC_OMS1")
listLoggers(pattern="oracle.igf.*",target="EMGC_OMS1")
5. Set the loggers:
setLogLevel(logger="oracle.ods",target="EMGC_OMS1",level="TRACE:32",persist="1")
setLogLevel(logger="oracle.ods.virtualization",target="EMGC_OMS1",level="TRACE:32",persist="1")
setLogLevel(logger="oracle.igf",target="EMGC_OMS1",level="TRACE:32",persist="1")
6. Verify if the loggers were added:
listLoggers(pattern="oracle.ods.*",target="EMGC_OMS1")
listLoggers(pattern="oracle.igf.*",target="EMGC_OMS1")
c) Reproduce the issue (Create the role)
d) Upload the folder $DOMAIN_HOME/servers/EMGC_OMS1/logs
e) Upload <GC_INST>/EMGC_OMS1/sysman/log
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |