Unable to get attribute from data store. 

The object may have been removed by another user prior to being removed by the current user. 

Redisplay the objects that you are trying to delete and try the operation again. 

Invalid URL 

This occurs if the URL for an OpenSSO Enterprise console window is entered incorrectly. 

There are no entities. 

The parameters entered in the search window, or in the Filter fields, did not match any objects in the directory. 

Run the search again with a different set of parameters 

There are no attributes to display. 

The selected object does not contain any editable attributes defined in its schema. 

There is no information to display for this service. 

The services viewed from the Service Configuration module do not have global or organization based attributes 

Size limit Exceeded. Refine your search to locate more entries. 

The parameters specified in the search have returned more entries than are allowed to be returned 

Modify the Maximum Results Returned from a Search attribute in the Administration service to a larger value. You can also modify the search parameters to be more restrictive. 

Time limit Exceeded. Refine your search to locate more entries. 

The search for the specified parameters has taken longer than the allowed search time. 

Modify the Timeout for Search attribute in the Administration service to a larger value. You can also modify the search parameters, so they are less restrictive, to return more values. 

Invalid user’s start location. Please contact your administrator. 

The start location DN in the users entry is no longer valid 

Edit the properties of the User service and change the value for Administrator DN to a valid DN value. 

Could not create identity object. User does not have sufficient access. 

An operation was executed by a user with insufficient permissions. The permissions a user has defined determines what operations they can perform. 

Missing Resource Bundle  

Make sure the ssoadmTools.zip is setup correctly. For information, see Installing the OpenSSO Enterprise Utilities and Scripts in the ssoAdminTools.zip File in Sun OpenSSO Enterprise 8.0 Installation and Configuration Guide

Missing CLI Definition Files 

Make sure the ssoadmTools.zip is setup correctly. For information, see Installing the OpenSSO Enterprise Utilities and Scripts in the ssoAdminTools.zip File in Sun OpenSSO Enterprise 8.0 Installation and Configuration Guide

Missing Command Name 

Make sure the ssoadmTools.zip is setup correctly. For information, see Installing the OpenSSO Enterprise Utilities and Scripts in the ssoAdminTools.zip File in Sun OpenSSO Enterprise 8.0 Installation and Configuration Guide

Missing Definition Classes  

Make sure the ssoadmTools.zip is setup correctly. For information, see Installing the OpenSSO Enterprise Utilities and Scripts in the ssoAdminTools.zip File in Sun OpenSSO Enterprise 8.0 Installation and Configuration Guide

Incorrect Definition Classes 

Make sure the ssoadmTools.zip is setup correctly. For information, see Installing the OpenSSO Enterprise Utilities and Scripts in the ssoAdminTools.zip File in Sun OpenSSO Enterprise 8.0 Installation and Configuration Guide

Unable to instantiate Definition Classes 

Make sure the ssoadmTools.zip is setup correctly. For information, see Installing the OpenSSO Enterprise Utilities and Scripts in the ssoAdminTools.zip File in Sun OpenSSO Enterprise 8.0 Installation and Configuration Guide

Unable to access Definition Classes 

Make sure the ssoadmTools.zip is setup correctly. For information, see Installing the OpenSSO Enterprise Utilities and Scripts in the ssoAdminTools.zip File in Sun OpenSSO Enterprise 8.0 Installation and Configuration Guide

Reserved option is used 

If you are extending the ssoadm CLI, check that the new sub command does not use reserved option names. 

Incorrect Usage format  

If you are extending the ssoadm CLI, check that the new sub command does not use reserved option names. 

Incorrect Option 

You have entered invalid options. 

Incorrect Sub Command  

You have entered invalid sub command. 

Sub Command implementation is not found 

If you are extending the ssoadm CLI, check that the implementation class is in the class path. 

Sub Command implementation cannot be instantiated 

If you are extending the ssoadm CLI, check that the implementation class is in the class path. 

Sub Command implementation is not accessed 

If you are extending the ssoadm CLI, check that the implementation class is accessible. 

Output Writer Class cannot be instantiated 

If you are extending the ssoadm CLI, check that the output writer class is in the class path 

Debug Class cannot be instantiated 

If you are extending the ssoadm CLI, check that the debug class is in the class path  

Cannot read the input file 

Check the file name that is provided to ssoadm 

Cannot authenticate (LDAP based).  

Check user name and password are valid 

Cannot authenticate (session 

Check user name and password are valid 

Duplicated options are defined 

If you are extending the ssoadm CLI, check that the new sub command does not have duplicate option names. 

Cannot logout 

The server may be down. 

Restart the server and logout again. 

Incorrect Option values 

You have entered invalid option values. 

Input/Output Exception 

This usually happens if the input file is not readable  

Check the structure of the input file to ensure its validity. 

Cannot write to log file 

Log directory permissions may be set incorrectly. 

Check if the log directory is writable. 

Incorrect data format 

The data in input file needs to have a key and value. e.g. example.key=value1

Session expired  

The session has expired. Usually happens if ssoadm runs for a long period of time. 

Request cannot be serviced  

Read the output printed by ssoadm. It will provide information on why ssoadm fails. For a list of messages, see Chapter 10, OpenSSO Enterprise Log File Reference

You are already logged in 

The user has already logged in and has a valid session, but there is no Success URL redirect defined. 

Either logout, or set up some login success redirect URL(s) through the OpenSSO Enterprise Console. Use the ”goto’ query parameter with the value as Admin Console URL. 

Logout Failure 

A user is unable to logout of OpenSSO Enterprise. 

Restart the server. 

Authentication exception 

An authentication Exception is thrown due to an incorrect handler 

Check the Login URL for any invalid or special characters. 

Can non redirect to default page. 

OpenSSO Enterprise cannot redirect to Success or Failure redirect URL. 

Check the web container’s error log to see if there are any errors. 

gotoLoginAfterFail link 

This link is generated when most errors occur. The link will send the user to the original Login URL page. 

Invalid password 

The password entered is invalid. 

Passwords must contain at least 8 characters. Check that the password contains the appropriate amount of characters and ensure that it has not expired. 

Authentication failed 

. This is the generic error message displayed in the default login failed template. The most common cause is invalid/incorrect credentials. 

Enter valid and correct user name/password (the credentials required by the invoked authentication module.) 

No user profile was found matching the entered user name in the given organization. 

This error is displayed while logging in to the Membership/Self-registration authentication module. 

Enter your login information again. If this is your first login attempt, select New User in the login screen. 

The password entered does not contain enough characters.  

This error is displayed while logging in to the Membership/Self-registration authentication module. 

The login password must contain at least 8 characters by default (this number is configurable through the Membership Authentication module). 

A user already exists with this name in the given organization. 

This error is displayed while logging in to the Membership/Self-registration authentication module. 

User IDs must be unique within the organization. 

The User Name and Password fields cannot have the same value.  

This error is displayed while logging in to the Membership/Self-registration authentication module. 

Make sure that the username and password are different. 

No user name was entered 

.This error is displayed while logging in to the Membership/Self-registration authentication module. 

Make sure to enter the user name. 

No password was entered. 

This error is displayed while logging in to the Membership/Self-registration authentication module. 

Make sure to enter the password. 

Missing the confirmation password field.  

This error is displayed while logging in to the Membership/Self-registration authentication module. 

Make sure to enter the password in the Confirm Password field. 

The password and the confirm password do not match. 

This error is displayed while logging in to the Membership/Self-registration authentication module. 

Make sure that the password and confirmation password match. 

An error occurred while storing the user profile. 

This error is displayed while logging in to the Membership/Self-registration authentication module. 

Make sure that the attributes and elements are valid and correct for Self Registration in the Membership.xml file.

This organization is not active 

The organization is not active. 

Activate the organization through the OpenSSO Enterprise console by changing the organization status from inactive to active.

Internal Authentication Error.  

This is a generic Authentication error which may be caused by different and multiple environmental and/or configuration issues. 

User is not active 

The user no longer has an active status. 

Activate the user through the Admin Console by changing the user status from inactive to active.

if the user is locked out by Memory Locking, restart the server. 

User does not belong to the specified role. 

This error is displayed during role-based authentication. 

Make sure that the login user belongs to the role specified for the role-based authentication. 

User session has timed out. 

The user session has timed out. 

Log in again. 

Specified authentication module is denied. 

The specified authentication module is denied. 

Make sure that the required authentication module is registered under the required organization, that the template is created and saved for the module, and that the module is selected in the Organization Authentication Modules list in the Core Authentication module. 

No configuration found 

The configuration for the authentication module was not found. 

Check the Authentication Configuration service for the required authentication method. 

Persistent Cookie Username does not exist 

Persistent Cookie Username does not exist in the Persistent Cookie Domain. 

No organization found. 

The organization was not found. 

Make sure that the requested organization is valid and correct. 

User has no profile in the specified organization. 

User has no profile in the specified organization. 

Make sure that the user exists and is valid in the specified organization in the local Directory Server. 

One of the required fields was not completed.  

One of the required fields was not completed.  

Make sure that all required fields are entered. 

Maximum Session Limit was reached 

The maximum sessions limit was reached. 

Logout and login again. 

Illegal character “/” in the policy name 

There was an illegal character “/” in the policy name. 

Make sure that the policy name does not contain the ”/’ character. 

A rule with the same name already exists 

A rule with the same name already exists within the realm. 

Use a different name for policy creation. 

Another rule with the given name already exists 

Another rule with the given name already exists 

Use a different rule name for policy creation. 

A rule with the same rule value already exists 

A rule with the same rule value already exists within the policy. 

Use a different rule value. 

No referral exists to the realm. 

No referral exists to the realm. 

In order to create policies under a sub realm, you must create a referral policy at its parent realm to indicate what resources can be referred to this sub realm 

LDAP search size limit exceeded. 

An error occurred because the search found more than the maximum number of results. 

Change the search pattern or policy configuration of the organization for the search control parameters.T he Search Size Limit is located in the Policy Configuration service. 

LDAP search time limit exceeded.  

An error occurred because the search found more than the maximum number of results. 

Change the search pattern or policy configuration of the organization for the search control parameters. The Search Time Limit is located in the Policy Configuration service. 

Invalid LDAP Bind password. 

Invalid LDAP Bind password. 

The password for LDAP Bind user defined in Policy Configuration is incorrect. This leads to the inability to get an authenticated LDAP connection to perform policy operations. 

Application SSO token is invalid 

The server could not validate the Application SSO token. Most likely the SSO token is expired. 

Enter the authentication credentials again. 

User SSO token is invalid. 

The server could not validate the User SSO token. Most likely the SSO token is expired. 

User must reauthenticate.. 

Property value not an integer 

The property value not an integer. 

The value for this plugin’s property should be an integer. 

Property Value not defined 

Property value should be defined. 

Provide a value for the given property. 

Start IP is larger than End IP 

Start IP is larger than End IP for the policy's condition. 

An attempt was made to set end IP Address to be larger than start IP Address in IP Address condition. The Start IP cannot be larger than the End IP. 

Start Date is larger than End Date 

Start date is larger than end date for the policy's condition. 

An attempt was made to set end Date to be larger than start Date in the policy’s Time Condition. The Start Date cannot be larger than the End Date. 

Policy not found in realm.  

An error occurred trying to locate a non-existing policy in a realm 

Make sure that the policy exists under the specified realm. 

User does not have sufficient access. 

The user does not have sufficient right to perform policy operations. 

Perform policy operations with the user who has appropriate access rights. 

Invalid LDAP Server host. 

The LDAP Server Host attribute value is invalid. 

Change the invalid LDAP Server host that was entered in the Policy Configuration service. 

1 

Too few arguments. 

Make sure that the mandatory arguments (--runasdn, --password, --passwordfile, --schema, --data, and --addattributes) and their values are supplied in the command line.

2 

The input XML file was not found. 

Check the syntax and make sure that the input XML is valid. 

3 

The user DN for the --runasdn value is missing.

Provide the user DN as the value for --runasdn.

4 

The service name for the --deleteservice value is missing.

Provide the service name as the value for --deleteservice.

5 

The password for the --password value is missing.

Provide the password as the value for --password.

6 

The locale name was not provided. The locale will default to en_US. 

See the Online Help for a list of locales. 

7 

Missing XML input file. 

Provide at least one input XML filename to process. 

8 

One or more arguments are incorrect. 

Check that all arguments are valid. For a set of valid arguments, type amadmin --help.

9 

Operation failed. 

When amadmin fails, it produces more precise error codes to indicate the specific error. Refer to those error codes to evaluate the problem.

10 

Cannot process requests. 

When amadmin fails, it produces more precise error codes to indicate the specific error. Refer to those error codes to evaluate the problem.

12 

Policy cannot be created. 

amadmin produces exception messages to indicate the specific error. Refer to those messages to evaluate the problem.

13 

Policy cannot be deleted. 

amadmin produces exception messages to indicate the specific error. Refer to those messages to evaluate the problem.

14 

Service cannot be deleted. 

amadmin produces exception messages to indicate the specific error. Refer to those messages to evaluate the problem.

15 

Cannot authenticate user. 

Make sure the user DN and password are correct. 

16 

Cannot parse the input XML file. 

Make sure that the XML is formatted correctly and adheres to the amAdmin.dtd .

17 

Cannot parse due to an application error or a parser initialization error. 

Make sure that the XML is formatted correctly and adheres to the amAdmin.dtd .

18 

Cannot parse because a parser with specified options cannot be built. 

amadmin produces exception messages to indicate the specific error. Refer to those messages to evaluate the problem.

19 

Cannot read the input XML file. 

amadmin produces exception messages to indicate the specific error. Refer to those messages to evaluate the problem.

20 

Cannot parse because the XML file is not a valid file. 

Check the syntax and make sure that the input XML is valid. 

21 

Cannot parse because the XML file is not a valid file. 

amadmin produces exception messages to indicate the specific error. Refer to those messages to evaluate the problem.

22 

XML file validation warnings for the file. 

amadmin produces exception messages to indicate the specific error. Refer to those messages to evaluate the problem.

23 

Cannot process the XML file. 

amadmin produces exception messages to indicate the specific error. Refer to those messages to evaluate the problem.

24 

Neither --data or --schema options are in the command.

Check that all arguments are valid. For a set of valid arguments, type amadmin --help.

25 

The XML file does not follow the correct DTD. 

Check the XML file for the DOCTYPE element.

26 

LDAP Authentication failed due to invalid DN, password, hostname, or portnumber. 

Make sure the user DN and password are correct. 

28 

Service Manager exception (SSO exception). 

amadmin produces exception messages to indicate the specific error. Refer to those messages to evaluate the problem.

29 

Service Manager exception. 

amadmin produces exception messages to indicate the specific error. Refer to those messages to evaluate the problem.

30 

Schema file inputstream exception. 

amadmin produces exception messages to indicate the specific error. Refer to those messages to evaluate the problem.

31 

Policy Manager exception (SSO exception). 

amadmin produces exception messages to indicate the specific error. Refer to those messages to evaluate the problem.

32 

Policy Manager exception. 

amadmin produces exception messages to indicate the specific error. Refer to those messages to evaluate the problem.

33 

More than one debug option is specified. 

Only one debug option should be specified. 

34 

Login failed. 

amadmin produces exception messages to indicate the specific error. Refer to those messages to evaluate the problem.

36 

Invalid attribute value. 

Check the level set for the LDAP search. It should be either SCOPE_SUB or SCOPE_ONE.

37 

Error in getting object type. 

Make sure that the DN in the XML file is value and contains the correct object type. 

38 

Invalid organization DN. 

Make sure that the DN in the XML file is valid and is an organization object. 

39 

Invalid role DN. 

Make sure that the DN in the XML file is valid and is a role object. 

40 

Invalid static group DN. 

Make sure that the DN in the XML file is valid and is a static group object. 

41 

Invalid people container DN. 

Make sure the DN in the XML file is valid and is a people container object. 

42 

Invalid organizational unit DN. 

Make sure that the DN in the XML file is valid and is a container object. 

43 

Invalid service host name. 

Make sure that the hostname for retrieving valid sessions is correct. 

44 

Subschema error. 

Subcschema is only supported for global and organization attributes. 

45 

Cannot locate service schema for service. 

Make sure that the sub schema in the XML file is valid. 

46 

The role template can be true only if the schema type is dynamic. 

Make sure that the role template in the XML file is valid. 

47 

Cannot add users to a filtered role. 

Made sure that the role DN in the XML file is not a filtered role. 

48 

Template does not exist. 

Make sure that the service template in the XML file is valid. 

49 

Cannot add users to a dynamic group. 

Made sure that the group DN in the XML file is not a dynamic group. 

50 

Policies can not be created in an organization that is a child organization of a container. 

Make sure that the organization in which the policy is to be created is not a child of a container. 

51 

The group container was not found. 

Create a group container for the parent organization or container. 

52 

Cannot remove a user from a filtered role. 

Make sure that the role DN in the XML file is not filtered role. 

53 

Cannot remove users from a dynamic group. 

Make sure that the group DN in the XML file is not a dynamic group. 

54 

The subschema string does not exist. 

Make sure that the subschema string exists in the XML file. 

59 

You are trying to add user to an organization or container. And default people container does not exists in an organization or container. 

Make sure the default people container exists. 

60 

Default URL prefix is not found following --defaultURLPrefix argument 

provide the default URL prefix accordingly. 

61 

Meta Alias is not found following --metaalias argument 

provide the Meta Alias accordingly. 

62 

Entity Name is not specified. 

provide the entity name. 

63 

File name for importing meta data is missing. 

provide the file name that contains meta data. 

64 

File name for storing exported meta data is missing. 

provide the file name for storing meta data. 

65 

Unable to get a handler to Meta attribute. Specified user name and password may be incorrect. 

ensure that user name and password are correct. 

66 

Missing resource bundle name when adding, viewing or deleting resource bundle that is store in directory server. 

provide the resource bundle name 

67 

Missing file name of file that contains the resource strings when adding resource bundle to directory server. 

Please provide a valid file name. 

68 

Failed to load liberty meta to Directory Server. 

Please check the meta data again before loading it again