IBM Support

tacmd createuser command failure

Technical Blog Post


Abstract

tacmd createuser command failure when using LDAP

Body

image

tacmd createuser command failure when using LDAP

 Errors seen:

KUICCU001I Validating user credentials...
KUICCU012E The createUser command failed because the value specified for -dn|--distname option is incorrect.
The value for distinguished name is incorrect. Please specify a proper
distinguished name or leave the field blank by ignoring the -dn option.
 
Verify that the correct distinguished name is specified and run the
createUser command again.

This can mean that the -dn was not created correctly at configuration time, if it has never worked check the configuration settings.
The information is in the manual:

https://www.ibm.com/support/knowledgecenter/SSTFXA_6.3.0/com.ibm.itm.doc_6.3/adminuse/msad_ldap_enableteps.htm

However if it has previously worked check for password changes and any other errors in the logs: SytemOut.log and RAS1 CQ log.

If it is found that the wasadmin password has been changed, this causes the TEPS not able to access the LDAP.

To reset the wasadmin password for the TEPS the following needs to be done:

(1) Start eWAS using the command:
 
./enableISCLite.sh true
 
(2) Run the following command to update the eWAS password (and in turn
re-generate the encrypted form of the password in the cq.config file):
 
updateTEPSEPass.sh <username> <password>
 
(3) Reconfigure the TEPS to propagate the changes.
 
All three steps are needed to allow the password to be updated on the TEPS.

[{"Business Unit":{"code":"BU004","label":"Hybrid Cloud"},"Product":{"code":"","label":""},"Component":"","Platform":[{"code":"","label":""}],"Version":"","Edition":""},{"Business Unit":{"code":"BU004","label":"Hybrid Cloud"},"Product":{"code":"SSZ8F3","label":"IBM Tivoli Monitoring V6"},"Component":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions","Edition":""}]

UID

ibm11084161