DWP Catalog - User Group sync script doesn't work with SSL

Version 14
    Share This:

    This document contains official content from the BMC Software Knowledge Base. It is automatically updated when the knowledge article is modified.


    MyIT Service Broker


    Any SBE/DWP Catalog version with SSL enabled


    We have enabled native SSL for Service Broker but when we run the user_group sync we see the following errors:

    Exception in thread "main" java.lang.StackOverflowError
    at sun.misc.URLClassPath.getLoader(URLClassPath.java:503)
    at sun.misc.URLClassPath.getNextLoader(URLClassPath.java:484)
    at sun.misc.URLClassPath.access$100(URLClassPath.java:65)
    at sun.misc.URLClassPath$1.next(URLClassPath.java:266)
    at sun.misc.URLClassPath$1.hasMoreElements(URLClassPath.java:277)
    at java.net.URLClassLoader$3$1.run(URLClassLoader.java:601)
    at java.net.URLClassLoader$3$1.run(URLClassLoader.java:599)
     at java.security.AccessController.doPrivileged(Native Method)
    at java.net.URLClassLoader$3.next(URLClassLoader.java:598)
    at java.net.URLClassLoader$3.hasMoreElements(URLClassLoader.java:623)
    at sun.misc.CompoundEnumeration.next(CompoundEnumeration.java:45)
     at com.bmc.myservice.tools.util.WebClient.loginWhenNecessary(WebClient.java:80)
    at com.bmc.myservice.tools.util.WebClient.loginWhenNecessary(WebClient.java:80


    Script does not have the SSL parameters that are required for this task. You need to add them.


    FROM DWP 20.02 and beyond



    If DWP Catalog is configured to run on http, you will need to add these parameters in the shell script:


    -sb_proto https
    -ts_path <keystore location>
    -ts_password <keystore password>


    -sb_proto https
    -ts_password=keystore pass

    ./user_group_sync.sh -itsm_s clm-aus-tv1iak.bmc.com -itsm_u Demo -itsm_p bmcAdm1n -itsm_a 0 -sb_s dwpcatalog-americas.bmc.com -sb_u hannah_admin@bmc.com -sb_p password -sb_a 9988 -sb_aw 8443 -sb_proto https -ts_path=/opt/certs/catalog.jks -ts_password=keystore pass -date_file /src/data.time -lock_file /src/sb.lock -sb_group_creation none -skip_disabled true >> /var/log/sb_user_sync.log




    BEFORE DWP 20.02

    In order for the script to run on an SSL SB Server, you must use the attached updated   user_group_synch script & JAR file 
      NOTE: You don't nee the jar file on 3.5 and beyond.  File is located at:  
    1. Please backup the current files then extract both of them into the "  /opt/bmc/ARSystem/artools" directory (replacing the old files) 
    2. Edit the   user_group_sync script to include the extract below with your own JRE path   -if needed- in addition to the   keystore path &   password as highlighted below: 

     /opt/jdk1.8.0_121/bin/java -cp dependency/*:com.bmc.myservice.tools-1.0.00-SNAPSHOT.jar -Dsb_base_url="https://$sb_server:$sb_web_port/" -Dtenant_admin_user="$sb_user" -Dtenant_admin_password=$sb_password -Dgroup_format="$group_format" -Dinput_file=People.arx -Djavax.net.ssl.trustStore=/opt/bmc/ARSystem/jetty/etc/keystore -Djavax.net.ssl.trustStorePassword=changeit -Duser_input_file=User.arx com.bmc.myservice.tools.etl.Main

    - Breaking original  user_group_synch into lines   
    -cp dependency/*:com.bmc.myservice.tools-1.0.00-SNAPSHOT.jar  
    -Duser_input_file=User.arx -Dskip_disabled="$skip_disabled" com.bmc.myservice.tools.etl.Main 
       You only need to add and edit the things in red, mentioned in the KA, which are these two lines:


    So, it looks like this.
    -cp dependency/*:com.bmc.myservice.tools-1.0.00-SNAPSHOT.jar

    -Duser_input_file=User.arx -Dskip_disabled="$skip_disabled" com.bmc.myservice.tools.etl.Main
    -Put all of this on a single line

    -Do these edits, save and close.
    -Try again.

    NOTE: To know what the actual java version being used is (if no symbolic links are in place). The one having + will be the one that is being used. 

      alternatives --config java

    Selection    Command
       1           java-1.7.0-openjdk.x86_64 (/usr/lib/jvm/java-1.7.0-openjdk-
    *  2           java-1.8.0-openjdk.x86_64 (/usr/lib/jvm/java-1.8.0-openjdk-
     + 3           /usr/java/jre1.8.0_181-amd64/bin/java   ---THIS ONE
      3. Once this has been don   e run the script as per the following instructions: 
      NOTE: Depending on the volume of records the script may take a long period of time to complete.  
    Security has changed with Service Broker 3.3 patch 1 so you must also log in as Demo and tick "Cross Reference Blank Password"  
      User-added image


    Article Number:


    Article Type:

    Solutions to a Product Problem

      Looking for additional information?    Search BMC Support  or  Browse Knowledge Articles