Incorrect IDYSYS Error

If you write an incorrect IDSYS to a tenant or a storage domain, subsequent attempts to access the system return an HTTP 503 error. This is an example response:

HTTP/1.1 503 Service Unavailable
	Server: CAStor Cluster/6.5.4
	Via: 1.1 172.16.99.70 (Cloud Gateway SCSP/2.2)
	Gateway-Request-Id: D9DF0347CB7EAAE9 
	Gateway-Error-Message: Unable to connect to identity system 
   		ldap://172.16.99.20:636 as cn=gateways,dc=caringo,dc=com: 
   		javax.naming.ServiceUnavailableException: 172.30.0.42:636; socket closed
	Content-Length: 44
	Identity system failure or misconfiguration

To work around this, authenticate as a qualified user defined in the tenant IDSYS or the root IDSYS and replace the bad IDSYS. For example, if the user admin exists in the root IDSYS, write a corrected version of the storage domain's IDSYS and authenticate the request as user "admin@".

Warning

If you write an incorrect Policy to a tenant or storage domain, you can lock yourself out.

Workaround

To work around a Policy problem, authenticate with a "!" (exclamation point) prefix on the user name and replace the bad Policy. For example, if the user admin exists in the root IDSYS and the storage domain's Policy has denied access to all users, write a corrected version of the Policy to the storage domain by authenticating as "!admin@".

For more information, see IDSYS Document Format.

Swarm Documentation

Bad IDSYS or Policy

Incorrect IDYSYS Error

Warning

Workaround

Related content