Message: /opt/vmware/share/config/lightwave-ui-oidc.xml (No such file or directory)

[chuy08]

Fresh install of lightwave 1.2.1 from repos on photon and I can't seem to login because it can't fine the above mentioned file. I see no mention of it in the repo either. Not sure what I'm doing wrong?

[kganugapati]

Lightwave folks - can someone jump on this?

[wfu8]

This file is generated during Lightwave installation/configuration. The fact you do not have the configuration file meaning your Lightwave UI installation had failed. The logic is @ vmidentity/lightwaveui/src/main/java/com/vmware/lightwaveui/RegisterOidc.java for Lightwave UI.

We need see your installation logs to determine why UI registration failed for you.

[chuy08]

The relevant information from stdout during install as follows:

root@lightwave [ ~ ]# /opt/vmware/bin/configure-lightwave-server --password qASSk3kpzuDB5NAJKv7_B Deploying in standalone mode... 20170927160336:INFO:Setting up system as Infrastructure standalone node 20170927160336:INFO:Starting service [dcerpc] 20170927160336:INFO:Starting service [vmdns] 20170927160336:INFO:Starting service [vmafd] 20170927160337:INFO:Starting service [vmdir] 20170927160340:INFO:Starting service [vmca] 20170927160341:INFO:Setting various configuration values 20170927160341:INFO:Promoting directory service to be domain controller 20170927160408:INFO:Setting up the logical deployment unit 20170927160408:INFO:Setting up VMware Certificate Authority 20170927160409:INFO:Adding VMCA's root certificate to VMware endpoint certificate store 20170927160409:INFO:Generating Machine SSL cert 140363025766064:error:0906D06C:lib(9):func(109):reason(108):pem_lib.c:707:Expecting: CERTIFICATE 20170927160409:INFO:Setting Machine SSL certificate 20170927160409:INFO:Publishing Machine SSL certificate for directory service 20170927160409:INFO:Restarting service [vmdir] Domain Controller setup was successful Secure Token Service Installation - Started

-----Checking Authentication service----- Authentication Service checked successfully.

-----Checking Directory service----- Sep 27, 2017 4:04:12 PM com.vmware.identity.interop.ldap.OpenLdapClientLibrary INFO: SSL library initialized successfully Directory Service checked successfully.

-----Checking Certificate service----- Certificate Service checked successfully.

-----Begin installing components----- VMware Identity Manager VMware Secure Token Service Lightwave UI

Begin installing component: vmware-identity-manager Installed vmware-identity-manager succesfully.

Begin installing component: vmware-secure-token-service Checking health of endpoint: 'https://lightwave.lightwave.local:443/afd/vecs/ssl' The endpoint : 'https://lightwave.lightwave.local:443/afd/vecs/ssl' is deployed successfully Checking health of endpoint: 'https://lightwave.lightwave.local:443/idm/' The endpoint : 'https://lightwave.lightwave.local:443/idm/' is deployed successfully Checking health of endpoint: 'https://lightwave.lightwave.local:443/openidconnect/jwks' The endpoint : 'https://lightwave.lightwave.local:443/openidconnect/jwks' is deployed successfully Checking health of endpoint: 'https://lightwave.lightwave.local:443/sts/STSService' The endpoint : 'https://lightwave.lightwave.local:443/sts/STSService' is deployed successfully Installed vmware-secure-token-service succesfully.

Begin installing component: lightwave-ui Configuring Lightwave UI for domain : lightwave.local Started regsitration for Oidc against tenant : lightwave.local javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS name matching lightwave found. javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS name matching lightwave found. Oidc successfully added. Details - Lightwave UI OIDC Client registration failed ... java.lang.Exception: Client ID for OIDC not found in response. Configure ROOT index.jsp for Lightwave Installed lightwave-ui succesfully. Installation completed successfully. Secure Token Service was installed Successfully ! Setup complete.

A snippet from vmdirvmafdvmdirclient.log

root@lightwave [ /var/log/lightwave ]# cat vmdirvmafdvmdirclient.log 2017-09-27T16:03:41.566Z:t@140685487986432:ERROR: VmDirReadDCAccountPassword failed with error code: 40700 2017-09-27T16:03:41.569Z:t@140685487986432:INFO: Lotus server name: (lightwave) 2017-09-27T16:03:43.107Z:t@140685487986432:INFO: VmDirLocalInitializeHost (lightwave.local)(Default-first-site)() passed 2017-09-27T16:03:43.108Z:t@140685487986432:INFO: Vmdir instance ready for LDAP service 2017-09-27T16:03:43.142Z:t@140685487986432:INFO: DC account (cn=lightwave,ou=Domain Controllers,dc=lightwave,dc=local) created (recycle F) 2017-09-27T16:03:43.148Z:t@140685487986432:INFO: VmDirLdapSetupAccountMembership (cn=lightwave,ou=Domain Controllers,dc=lightwave,dc=local) 2017-09-27T16:03:43.210Z:t@140685487986432:INFO: Service account (cn=ldap/lightwave@LIGHTWAVE.LOCAL,cn=Managed Service Accounts,dc=lightwave,dc=local) created (recycle F) 2017-09-27T16:03:43.239Z:t@140685487986432:INFO: Service account (cn=vmca/lightwave@LIGHTWAVE.LOCAL,cn=Managed Service Accounts,dc=lightwave,dc=local) created (recycle F) 2017-09-27T16:03:43.274Z:t@140685487986432:INFO: Service account (cn=host/lightwave@LIGHTWAVE.LOCAL,cn=Managed Service Accounts,dc=lightwave,dc=local) created (recycle F) 2017-09-27T16:03:43.311Z:t@140685487986432:INFO: Service account (cn=http/lightwave@LIGHTWAVE.LOCAL,cn=Managed Service Accounts,dc=lightwave,dc=local) created (recycle F) 2017-09-27T16:03:43.350Z:t@140685487986432:INFO: Service account (cn=DNS/lightwave@LIGHTWAVE.LOCAL,cn=Managed Service Accounts,dc=lightwave,dc=local) created (recycle F) 2017-09-27T16:03:43.350Z:t@140685487986432:INFO: _VmDirSetupKrbAccount (lightwave.local)(lightwave) passed 2017-09-27T16:03:43.468Z:t@140685487986432:INFO: Keytab file (/etc/krb5.keytab) created 2017-09-27T16:03:43.468Z:t@140685487986432:INFO: VmDirSetupHostInstance (lightwave.local)(Default-first-site)(lightwave) passed

Thanks

[chuy08]

I figured this out.

hostname -f has to return fqdn or else nothing good happens, see above.