I'm having problems with the 4.5.2 Identity Applications. I've added a
post to this thread but decided to create a different post due to the
fact that i have a newer version.

Last week I installed and patched a new environment. It's on the latest
eDir version (8.8.8 patch 6) with latest IDM and Identity Application
patches (4.5.2). The whole install went fine and I left the environment
in a working state. Today i tried to access the Identity Applications
and it failed:

1. go to IPaddress/landing
2. Log in with uaadmin account
3. landing page only displays a blue line at the top and an empty white
4. /IDMProv fails as well. After a minute of trying to load the page it
fails with the following error on screen (browser)


Identity Manager authentication is not correctly configured or Identity Manager to eDirectory SAML communication is not functioning correctly. Please contact an administrator to correct the problem.


catalina.out displays the following error:


2015-12-16 14:16:37,949 [http-bio-8080-exec-4] INFO com.novell.pwdmgt.util.PasswordHelper- [RBPM] [Login_Failure] cn=uaadmin,o=Company failed to log in.
2015-12-16 14:16:37,951 [http-bio-8080-exec-4] ERROR com.novell.common.auth.JAASManager- [RBPM] Login failed for user: cn=uaadmin,o=Company


/RRA also displays this error after a minute or so. When browsing to
http://server:8080/osp/a/idm/auth/app?sid=2 the One SSO platform does
display a logged in uaadmin user so it really seems like a SAML

Strange thing is that I am the only one with logins to the environment.
Nothing has changed in the past few days in configuration of eDirectory
or Tomcat/Identity Applications.

I've tried the following:
- Restarts of eDir and Tomcat Identity Applications (and the servers
- Checked date/time of both servers (equal)
- Check in iManager if NMAS login method SAML assertion is in use (it
- Have the configupdate.sh recreate the RBPMSAML object via advanced
options (works fine)
- Checked the SSO clients for errors (URL's and secrets)
- Checked the password policy for users that can resolve passwords
(removed a user, observed an SSPR error and re-added the user)

I really don't know what's going on and the logging doesn't help me
either apart from the fact that i can see that the uaadmin login fails

Can someone please point me in a direction how to debug this?

Sjoerdk's Profile: https://forums.netiq.com/member.php?userid=1135
View this thread: https://forums.netiq.com/showthread.php?t=54941