Problem Description: In production environment we have two nodes and it’s clustered. The environment has OAS and Oracle Access Manager Products installed in same node. I have seen issue like OC4J not coming up while restarting the osinfra services in one node. Previously everything was working fine, unable to understand what happen suddenly.
Cause: Somehow LBR hostname is missed in one node. SSO is using LBR to get OID connection.
Workaround summary,
1. Stop the osinfra service or kill the (OAS) process manually since the pid are catch hold by oracle user
2. Start the OID service [oracle_home/opmn/bin]$./opmnctl startproc process-type=OID
Confirmed whether ldapbind is happening or not
3. [oracle_home/bin]$ ./ldapbind -h <oid_hostname> -p <oid_non_ssl_port> -D cn=orcladmin -w <pwd>
4. [oracle_home/bin]$ ./ldapbind -h <oid_hostname> -p <oid_ssl_port> -U 1 -D cn=orcladmin -w <pwd>
5. Start the OC4J service [oracle_home/opmn/bin]$./opmnctl startproc process-type=OC4J_SECURITY
6. Unable to come up, once again stop all services in osinfra, and truncate the ods_process table and start the process again but no luck.
I did some more workarounds but no luck.
Finally I replace the old backup of osinfra folder and try to bring up the services one by one.
1. Started the OID service but ldapbind not happening. Executed the action plan in this metalink 558296.1
Now ldapbind happen smoothly but again OC4J service not coming up after replaces the backup.
2. Tried to reset the IASpassword but it’s failed.
After long workaround, we come to know the solution for this issue.
3. resetiaspassword is not working because is expecting LBR working and we get a little clue about this issue and we tried to bind with LBR hostname but its failed.
4. Verified the LBR hostname in /etc/hosts file and we surprised how LBR entry get missed.
5. Added LBR hostname in /etc/hosts and then ping/ldapbind was working
Finally, executed resetiaspasswd too and OC4J_SECURITY started as expected.
I hope this will hep you. 🙂
An Oracle Identity and Access Management professional, having working on Oracle Access Manager Single Sign-On implementations, Installation/Configuration of Identity Server, Web Pass, Web Gate, Access Gate, Policy Manager, Access Server, Policy Domains, Authentication /Authorization schemes, Single Sign-On (single and multi-domain), OIM, OVD, OID, OAAM, OIF, High Availability/Failover/ SSL deployment.