APAR status
Closed as fixed if next.
Error description
After upgrading and upon rotating the server signing key, the resigning process attempts to decrypt the EncryptedPassword column in the LDAP_SETTINGS table with the new key, which it can't, and this is what throws the error. The workaround is to delete the EncryptedPassword column, rotate the server signing key, and then fix the LDAP password in the console as a local master operator.
Local fix
Workaround: 1. UPDATE LDAP_Settings SET EncryptedPassword = NULL 2. Open a command prompt and cd to the BES Server directory (or wherever BESAdmin is). 3. Run BESAdmin.exe /resignSecurityData 4. Log in as local MO. 5. Go to the LDAP Directories tree item. 6. Edit each LDAP Directory with the appropriate password.
Problem summary
This issue will be addressed in the next release of IBM Endpoint Manager. General availability Q1 2014 (release date subject to change).
Problem conclusion
Temporary fix
Comments
APAR Information
APAR number
IV41860
Reported component name
TIV EP MG PLTFM
Reported component ID
5725C43PO
Reported release
90W
Status
CLOSED FIN
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2013-05-07
Closed date
2013-11-13
Last modified date
2013-11-13
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
TIV EP MGR SERV
Fixed component ID
5725C43SV
Applicable component levels
R90W PSY
UP
[{"Business Unit":{"code":null,"label":null},"Product":{"code":"SSBQVS","label":"Tivoli Endpoint Manager"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"90W","Edition":"","Line of Business":{"code":"","label":""}}]
Document Information
Modified date:
13 November 2013