Topic
  • 3 replies
  • Latest Post - ‏2013-09-18T16:51:29Z by irina999
SystemAdmin
SystemAdmin
9855 Posts

Pinned topic Policy Server TAM v6.1.1 cannot be configured in windows server 2008R2 SP1

‏2013-03-18T03:33:43Z |
Dear all,

We have some issue when trying to configure the policy server we have 2 servers 1 for Active Directory 1 for Policy server but it always pop up "HPDBG0938E configuration failed", I already search in this forum but still have not found the solution.

There is some link that said if the policy server configuration failed to start up, we just to change the logon type for this service to Local System and change to start automatically after that, and change the registry also.
But my problem is the policy server cannot be configured, and the service cannot be started also.
Below is the log from the configuration

< 3/17/2013 - 8:26:43 PM
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

3/17/2013-8:27:03 PM: Configuring Access Manager Policy Server....
C:\PROGRA~2\Tivoli\POLICY~1\sbin\ivmgrd_setup.exe -y no -m "********" -r 7135 -l 1460 -t 7200 -D no -f no
OpenConfFile: "C:\PROGRA~2\Tivoli\POLICY~1\etc\pd.conf"
getentry: C:\PROGRA~2\Tivoli\POLICY~1\etc\pd.conf pdrte user-reg-type
CloseConfFile: C:\PROGRA~2\Tivoli\POLICY~1\etc\pd.conf
OpenConfFile: "C:\PROGRA~2\Tivoli\POLICY~1\etc\activedir.conf"
getentry: C:\PROGRA~2\Tivoli\POLICY~1\etc\activedir.conf uraf-registry hostname
getentry: C:\PROGRA~2\Tivoli\POLICY~1\etc\activedir.conf uraf-registry useEncryption
getentry: C:\PROGRA~2\Tivoli\POLICY~1\etc\activedir.conf uraf-registry domain
getentry: C:\PROGRA~2\Tivoli\POLICY~1\etc\activedir.conf uraf-registry dnforpd
getentry: C:\PROGRA~2\Tivoli\POLICY~1\etc\activedir.conf uraf-registry Multi-domain
getentry: C:\PROGRA~2\Tivoli\POLICY~1\etc\activedir.conf uraf-registry bind-id
getentry: C:\PROGRA~2\Tivoli\POLICY~1\etc\activedir.conf uraf-registry bind-pwd
CloseConfFile: C:\PROGRA~2\Tivoli\POLICY~1\etc\activedir.conf
OpenConfFile: "C:\PROGRA~2\Tivoli\POLICY~1\etc\pd.conf"
getentry: C:\PROGRA~2\Tivoli\POLICY~1\etc\pd.conf pdrte user-reg-type
CloseConfFile: C:\PROGRA~2\Tivoli\POLICY~1\etc\pd.conf
OpenConfFile: "C:\PROGRA~2\Tivoli\POLICY~1\etc\pd.conf"
getentry: C:\PROGRA~2\Tivoli\POLICY~1\etc\pd.conf pdrte user-reg-type
CloseConfFile: C:\PROGRA~2\Tivoli\POLICY~1\etc\pd.conf
C:\PROGRA~2\Tivoli\POLICY~1\sbin\mgrsslcfg.exe -config -f no -t 7200 -l 1460 -D no
Creating the SSL certificate. This might take several minutes.
The SSL configuration of the Tivoli Access Manager policy server
has completed successfully.

The policy server's signed SSL certificate is base-64 encoded and
saved in text file "C:\PROGRA~2\Tivoli\POLICY~1\keytab\pdcacert.b64."

This file is required by the configuration program on each machine
in your secure domain.
C:\PROGRA~2\Tivoli\POLICY~1\sbin\bassslcfg.exe -config -f no -c "C:\PROGRA~2\Tivoli\POLICY~1\keytab\pdcacert.b64" -p 7135 -h TAMEB1
The SSL configuration of Access Control Runtime has completed successfully.
Tivoli Access Manager policy server domain name: Default
Tivoli Access Manager policy server host name: TAMEB1
Tivoli Access Manager policy server listening port: 7135

2013-03-17-20:27:13.770-07:00I----- 0x16B48064 PID#2848 ERROR rgy ad E:\build\am611\src\uraf\ad\schema\adschema_update.cpp 550 0x00000ad0
HPDRG0100E The operation in the Active Directory registry for adschema_update.exe: ADSCHEMA_CHECK_SCHEMA_RIGHTS failed with return error 8000500d.
adschema_update: result 1, retcode -2147463155
HPDBG0938E Configuration failed.

3/17/2013-8:29:13 PM: HPDBG0938E Configuration failed.
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> 3/17/2013 - 8:29:15 PM
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Kindly please help,
Thanks,
Best Regards,
Achmad
Updated on 2013-03-19T04:04:24Z at 2013-03-19T04:04:24Z by SystemAdmin
  • SystemAdmin
    SystemAdmin
    9855 Posts

    Re: Policy Server TAM v6.1.1 cannot be configured in windows server 2008R2 SP1

    ‏2013-03-19T01:50:31Z  
    do you have appropriate rights in AD to configure Policy server
    check the rights in AD as its not allowing to update the schema.
  • SystemAdmin
    SystemAdmin
    9855 Posts

    Re: Policy Server TAM v6.1.1 cannot be configured in windows server 2008R2 SP1

    ‏2013-03-19T04:04:24Z  
    do you have appropriate rights in AD to configure Policy server
    check the rights in AD as its not allowing to update the schema.
    Hi Sandeep,

    yes, I do, I am using an user who has domain admin role
    Thanks
  • irina999
    irina999
    23 Posts

    Re: Policy Server TAM v6.1.1 cannot be configured in windows server 2008R2 SP1

    ‏2013-09-18T16:51:29Z  
    Hi Sandeep,

    yes, I do, I am using an user who has domain admin role
    Thanks

    Hi,

    I wonder if there is a resolution to this problem as I am experiencing the same issue on my Win 2008 R2 SP1 server.