Solved

working of LTPA

Posted on 2008-10-12
5
9,801 Views
Last Modified: 2013-12-11
I ran into issue where Websphere dmgr gave the error message LTPA token expired and resync failed message appeared  in the nodeagent log

ADMS0005E: Unable to generate synchronization request:
javax.management.JMRuntimeException: ADMN0022E: Access denied
for the getRepositoryEpoch operation on ConfigRepository MBean
due to insufficient or empty credentials.

is the issue because of LTPA token expire? what needs to be done to solve the issue

can someone please explain me how does LTPA token concept and why expiry of the token results in the stopping of the appservers and nodeagent.
0
Comment
Question by:chinky2377
  • 4
5 Comments
 
LVL 41

Accepted Solution

by:
HonorGod earned 50 total points
ID: 22705512
LTPA = Lightweight Third-Party Authentication

http://en.wikipedia.org/wiki/IBM_Lightweight_Third-Party_Authentication

Apparently, a token was created that had an expiration date, and that
date/time has come and gone.  Therefore, the token is no longer valid.

This page should help you correct the issue:

http://publib.boulder.ibm.com/infocenter/wasinfo/v6r1/index.jsp?topic=/com.ibm.websphere.base.doc/info/aes/ae/usec_authmechandexpire.html
0
 
LVL 41

Expert Comment

by:HonorGod
ID: 22705534
The AppServers (and nodeagents, which are also AppServers) stop because
authentication can no longer be performed, and the AppServers can't "trust"
any application that uses the referenced "token"
0
 

Expert Comment

by:siddharth1747
ID: 22780130
Running into same issue between nodeagent and dmgr, re-generated ltpa tokens for dmgr, did a manual resync of nodeagent (successful output) and stopped/re-started the dmgr and nodeagent, still complaining of a lack of trust between nodeagent and dmgr running on same physical host on AIX.....Please help....
0
 
LVL 41

Expert Comment

by:HonorGod
ID: 22780484
Are you seeing any errors in the logs (e.g., certification expired)?
0
 
LVL 41

Expert Comment

by:HonorGod
ID: 22827977
I'm sorry you didn't like the answer, thanks for the points though.

Good luck & have a great day.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Verbose logging is used to diagnose garbage collector problems. By default, -verbose:gc output is written to either native_stderr.log or native_stdout.log.   It is also possible to redirect the logs to a user-specified file. This article will de…
This exercise is about for the following scenario: Dmgr and One node with 2 application server. Each application server contains it owns application. Application server name as follows server1 contains app1 server2 contains app1 Prereq…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now