IBM Tivoli Federated Identity Manager Version 6.2.2.7 Error Message Reference GC32-2289-05
IBM Tivoli Federated Identity Manager Version 6.2.2.7 Error Message Reference GC32-2289-05
Note Before using this information and the product it supports, read the information in Notices on page 211. Edition notice Note: This edition applies to version 6, release 2, modification 2.7 of IBM Tivoli Federated Identity Manager (product number 5724-L73) and to all subsequent releases and modifications until otherwise indicated in new editions. Copyright IBM Corporation 2006, 2013. US Government Users Restricted Rights Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
Contents Figures............... v About this publication........ vii Intended audience............ vii Access to publications and terminology..... vii IBM Tivoli Federated Identity Manager library viii Prerequisite publications......... ix Related publications.......... ix Accessing terminology online....... ix Accessing publications online....... ix Ordering publications.......... x Accessibility.............. x Tivoli technical training........... x Support information............ x Statement of Good Security Practices...... xi Conventions used in this book........ xi Typeface conventions.......... xi Operating system-dependent variables and paths xii Chapter 1. Message overview..... 1 Message types.............. 1 Message format............. 1 Chapter 2. Tivoli Federated Identity Manager Messages.......... 5 Chapter 3. Common Auditing and Reporting Service messages..... 183 Notices.............. 211 Copyright IBM Corp. 2006, 2013 iii
iv IBM Tivoli Federated Identity Manager Version 6.2.2.7: Error Message Reference
Figures 1. Message ID format.......... 2 Copyright IBM Corp. 2006, 2013 v
vi IBM Tivoli Federated Identity Manager Version 6.2.2.7: Error Message Reference
About this publication Intended audience IBM Tivoli Federated Identity Manager Version 6.2.2 implements solutions for federated single sign-on, Web services security management, and provisioning that are based on open standards. IBM Tivoli Federated Identity Manager extends the authentication and authorization solutions provided by IBM Tivoli Access Manager to simplify the integration of multiple existing Web solutions. This guide describes the error messages for IBM Tivoli Federated Identity Manager. The target audience for this book includes network security architects, system administrators, network administrators, and system integrators. Readers of this book should have working knowledge of networking security issues, encryption technology, keys, and certificates. Readers should also be familiar with the implementation of authentication and authorization policies in a distributed environment. This book describes an implementation of a Web services solution that supports multiple Web services standards. Readers should have knowledge of specific Web services standards, as obtained from the documentation produced by the standards body for each respective standard. Readers should be familiar with the development and deployment of applications for use in a Web services environment. This includes experience with deploying applications into an IBM WebSphere Application Server environment. Access to publications and terminology This section provides: v A list of publications in the IBM Tivoli Federated Identity Manager library. v Links to Online publications on page viii. v A link to the IBM Terminology website on page viii. IBM Tivoli Federated Identity Manager library The following documents are available in the IBM Tivoli Federated Identity Manager library: v IBM Tivoli Federated Identity Manager Quick Start Guide v IBM Tivoli Federated Identity Manager Installation Guide, GC27-2718-01 v IBM Tivoli Federated Identity Manager Configuration Guide, GC27-2719-02 v v v v v v IBM Tivoli Federated Identity Manager Installing, configuring, and administering risk-based access, SC27-4445-02 IBM Tivoli Federated Identity Manager Configuring web services security, GC32-0169-04 IBM Tivoli Federated Identity Manager Administration Guide, SC23-6191-02 IBM Tivoli Federated Identity Manager Auditing Guide, GC32-2287-05 IBM Tivoli Federated Identity Manager Troubleshooting Guide, GC27-2715-01 IBM Tivoli Federated Identity Manager Error Message Reference, GC32-2289-04 Copyright IBM Corp. 2006, 2013 vii
Online publications IBM posts product publications when the product is released and when the publications are updated at the following locations: IBM Tivoli Federated Identity Manager Information Center The http://publib.boulder.ibm.com/infocenter/tivihelp/v2r1/topic/ com.ibm.tspm.doc_7.1/welcome.html site displays the information center welcome page for this product. IBM Security Systems Documentation Central and Welcome page IBM Security Systems Documentation Central provides an alphabetical list of all IBM Security Systems product documentation and links to the product information center for specific versions of each product. Welcome to IBM Security Systems Information Centers provides and introduction to, links to, and general information about IBM Security Systems information centers. IBM Publications Center The http://www-05.ibm.com/e-business/linkweb/publications/servlet/ pbi.wss site offers customized search functions to help you find all the IBM publications you need. IBM Terminology website The IBM Terminology website consolidates terminology for product libraries in one location. You can access the Terminology website at http://www.ibm.com/ software/globalization/terminology. IBM Tivoli Federated Identity Manager library The publications in the IBM Tivoli Federated Identity Manager library are: v IBM Tivoli Federated Identity Manager Quick Start Guide Provides instructions for getting started with IBM Tivoli Federated Identity Manager. v IBM Tivoli Federated Identity Manager Installation Guide Provides instructions for installing IBM Tivoli Federated Identity Manager. v IBM Tivoli Federated Identity Manager Configuration Guide Provides instructions for configuring IBM Tivoli Federated Identity Manager. v IBM Tivoli Federated Identity Manager Administration Guide Provides instructions for completing administration tasks that are required for all deployments. v IBM Tivoli Federated Identity Manager Web Services Security Management Guide Provides instructions for completing configuration tasks for Web services security management. v IBM Tivoli Federated Identity Manager Auditing Guide Provides instructions for auditing IBM Tivoli Federated Identity Manager events. v IBM Tivoli Federated Identity Manager Error Message Reference Provides explanations of the IBM Tivoli Federated Identity Manager error messages. v IBM Tivoli Federated Identity Manager Troubleshooting Guide Provides troubleshooting information and instructions for problem solving. viii IBM Tivoli Federated Identity Manager Version 6.2.2.7: Error Message Reference
You can obtain the publications from the IBM Tivoli Federated Identity Manager Information Center: http://publib.boulder.ibm.com/infocenter/tivihelp/v2r1/topic/ com.ibm.tivoli.fim.doc_6.2.2/ic/ic-homepage.html Prerequisite publications To use the information in this book effectively, you should have some knowledge about related software products, which you can obtain from the following sources: v Tivoli Access Manager Information Center: http://publib.boulder.ibm.com/infocenter/tivihelp/v2r1/index.jsp?toc=/ com.ibm.itame.doc/toc.xml v IBM WebSphere Application Server Version 8.0 Information Center: http://publib.boulder.ibm.com/infocenter/wasinfo/v8r0/index.jsp You can obtain PDF versions of the IBM WebSphere Application Server documentation at: http://www.ibm.com/software/webservers/appserv/was/library/ Related publications You can obtain related publications from the IBM Web sites: v v v v Enterprise Security Architecture Using IBM Tivoli Security Solutions. This book is available in PDF (Portable Document Format) at http:// www.redbooks.ibm.com/redbooks/pdfs/sg246014.pdf or in HTML (Hypertext Markup Language) at http://www.redbooks.ibm.com/redbooks/sg246014/ Federated Identity Management and Web Services Security with IBM Tivoli Security Solutions (SG24-6394-01). This book is available in PDF at http:// www.redbooks.ibm.com/redbooks/pdfs/sg246394.pdf or in HTML at http://www.redbooks.ibm.com/redbooks/sg246394/ The Tivoli Software Library provides a variety of Tivoli publications such as white papers, datasheets, demonstrations, redbooks, and announcement letters. The Tivoli Software Library is available on the Web at: http:// publib.boulder.ibm.com/tividd/td/tdprodlist.html The Tivoli Software Glossary includes definitions for many of the technical terms related to Tivoli software. The Tivoli Software Glossary is available at http://publib.boulder.ibm.com/tividd/td/tdprodlist.html Accessing terminology online The IBM Terminology Web site consolidates the terminology from IBM product libraries in one convenient location. You can access the Terminology Web site at http://www.ibm.com/software/globalization/terminology Accessing publications online IBM posts publications for this and all other Tivoli products, as they become available and whenever they are updated, to the Tivoli Information Center Web site at http://publib.boulder.ibm.com/infocenter/tivihelp/v3r1/index.jsp. Note: If you print PDF documents on other than letter-sized paper, set the option in the File Print window that allows Adobe Reader to print letter-sized pages on your local paper. About this publication ix
Accessibility Ordering publications You can order hard copies of some publications. Tivoli technical training Support information Many countries provide an online ordering service. Follow these steps to access this service: 1. Go to http://www-947.ibm.com/support/entry/portal/documentation 2. Select IBM Publications Center from Getting Started. 3. Select your country from Select a country/region/language to begin and click the arrow icon. 4. Follow the instructions for how to order hard copy publications on Welcome to the IBM Publications Center. If your country does not provide an online ordering service, contact your software account representative to order publications. Follow these steps to find your local contact: 1. Go to http://www.ibm.com/planetwide/ 2. Click your country name to display a list of contacts. Accessibility features help a user who has a physical disability, such as restricted mobility or limited vision, to use software products successfully. With this product, you can use assistive technologies to hear and navigate the interface. You also can use the keyboard instead of the mouse to operate all features of the graphical user interface. For additional information, see the "Accessibility" topic in the information center at http://publib.boulder.ibm.com/infocenter/tivihelp/v2r1/topic/ com.ibm.tivoli.fim.doc_6.2.2/ic/ic-homepage.html. For Tivoli technical training information, refer to the following IBM Tivoli Education Web site at http://www.ibm.com/software/tivoli/education. If you have a problem with your IBM software, you want to resolve it quickly. IBM provides the following ways for you to obtain the support you need: Online Go to the IBM Software Support site at http://www.ibm.com/software/ support/probsub.html and follow the instructions. IBM Support Assistant The IBM Support Assistant (ISA) is a free local software serviceability workbench that helps you resolve questions and problems with IBM software products. The ISA provides quick access to support-related information and serviceability tools for problem determination. To install the ISA software, see the IBM Tivoli Federated Identity Manager Installation Guide. Also see: http://www.ibm.com/software/support/isa. Troubleshooting Guide For more information about resolving problems, see the IBM Tivoli Federated Identity Manager Troubleshooting Guide. x IBM Tivoli Federated Identity Manager Version 6.2.2.7: Error Message Reference
Statement of Good Security Practices IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. Conventions used in this book This reference uses several conventions for special terms and actions and for operating system-dependent commands and paths. Typeface conventions This publication uses the following typeface conventions: Bold Italic v v v v v Lowercase commands and mixed case commands that are otherwise difficult to distinguish from surrounding text Interface controls (check boxes, push buttons, radio buttons, spin buttons, fields, folders, icons, list boxes, items inside list boxes, multicolumn lists, containers, menu choices, menu names, tabs, property sheets), labels (such as Tip:, and Operating system considerations:) Keywords and parameters in text Citations (examples: titles of publications, diskettes, and CDs Words defined in text (example: a nonswitched line is called a point-to-point line) v Emphasis of words and letters (words as words example: "Use the word that to introduce a restrictive clause."; letters as letters example: "The LUN address must start with the letter L.") v New terms in text (except in a definition list): a view is a frame in a workspace that contains data. v Variables and values you must provide:... where myname represents... Monospace v Examples and code examples v File names, programming keywords, and other elements that are difficult to distinguish from surrounding text v Message text and prompts addressed to the user v Text that the user must type v Values for arguments or command options About this publication xi
Operating system-dependent variables and paths This publication uses the UNIX convention for specifying environment variables and for directory notation. When using the Windows command line, replace $variable with % variable% for environment variables and replace each forward slash (/) with a backslash (\) in directory paths. The names of environment variables are not always the same in the Windows and UNIX environments. For example, %TEMP% in Windows environments is equivalent to $TMPDIR in UNIX environments. Note: If you are using the bash shell on a Windows system, you can use the UNIX conventions. xii IBM Tivoli Federated Identity Manager Version 6.2.2.7: Error Message Reference
Chapter 1. Message overview Message types Message format Messages indicate events that occur during the operation of the system. Depending on their purpose, messages might be displayed on the screen. By default, all informational, warning, and error messages are written to the message logs. The logs can be reviewed later to determine what events occurred, to see what corrective actions were taken, and to audit all the actions performed. For more information about message logs, refer to the IBM Tivoli Federated Identity Manager Problem Determination Guide. Tivoli Federated Identity Manager uses messages of specific types. The following types of messages are used: Informational messages Indicate conditions that are worthy of noting but that do not require you to take any precautions or perform an action. Warning messages Indicate that a condition has been detected that you should be aware of, but does not necessarily require that you take any action. Error messages Indicates that a condition has occurred that requires you to take action. Messages logged by Tivoli Federated Identity Manager adhere to the Tivoli Message Standard. Each message consists of a message identifier (ID) and accompanying message text. Message ID format A message ID consists of 10 alphanumeric characters that uniquely identify the message. A message ID in Tivoli Federated Identity Manager is composed of: v three-character product identifier (FBT for Tivoli Federated Identity Manager and CBA and CFG for Common Auditing and Reporting Service) v two-character or three-character component or subsystem identifier v three-digit or four-digit serial or message number v one-character type code indicating the severity of the message The figure that follows shows a graphical representation of a possible message ID and identifies its different parts. (Some messages might use 2 characters for the component ID and 4 digits for the serial number.) Copyright IBM Corp. 2006, 2013 1
FBT RTE 033 I Severity I - Informational W -- Warning E Error Message number (3 digits) Component or subsystem identifier (3 characters) IBM product prefix (3 characters) Figure 1. Message ID format Component identifiers The component identifier indicates which component or subsystem produced the message. ADM Administration commands AUD Audit CC Common Auditing and Reporting Service disk cache CDS InfoCard messages CE Common Auditing and Reporting Service emitter CFG Configuration properties CLI Command-line interface CO Common Audit Service Configuration Console CON Tivoli Federated Identity Manager console FMS Management service IDS Identity service IN Common Auditing and Reporting Service installation ISJ Alias service JDBC component ISL Alias service LDAP component IVT Installation verification test KES Key service keystore management KJK Key service keystore management LIB Liberty single sign-on protocol LOG Logging MB Common Audit Service Configuration MBean MGT Management MET Metadata handling MOD Module OID OpenID messages PWD Password handling 2 IBM Tivoli Federated Identity Manager Version 6.2.2.7: Error Message Reference
RPT RTE SML SOC SPS STM STS STZ SU TAC TRC USC WS WSF WSP WSS XS XU Report messages Runtime environment component configuration SAML single sign-on protocol SOAP client Single sign-on protocol service Secure token service Secure token service modules RACF PassTicket tokens Common Audit Staging Utility Tivoli Access Manager configuration as point-of-contact server Trust client User self care Common Auditing and Reporting Service Web service WS-Federation single sign-on protocol Provisioning service Web services security management Common Audit Service XML data store Common Audit Service XML store utilities Severity Associated with each message is a severity level that indicates whether corrective action must be taken. Table 1. Severity level Severity Description I (Informational) Provides information or feedback about normal events that occur. In general, no action needs to be performed in response to an informational message. FBTRTE033I The domain default was successfully created. FBTSTM066I The Trust Service has been disabled. W (Warning) Indicates that a potentially undesirable condition has occurred, but processing can continue. Intervention or corrective action might be necessary in response to a warning message. FBTLOG002W An integer was expected. FBTTRC004W The returned RequestSecurityTokenResponse did not have a wsu:id Chapter 1. Message overview 3
Table 1. Severity level (continued) Severity Description E (Error) Indicates that a problem has occurred that requires intervention or correction before processing can continue. An error message might be accompanied by one or more warning or informational messages that provide additional details about the problem. FBTCON013E The federation with ID insert could not be retrieved from the single sign-on protocol service. This error can occur if the console is unable to communicate with the single sign-on protocol service. FBTSML260E The binding value value for attribute attr is not valid for profile profile. Message text The text of the message, in the system locale, also is recorded in the log file. If the message text is not available in the desired language, the English language text is used. 4 IBM Tivoli Federated Identity Manager Version 6.2.2.7: Error Message Reference
Chapter 2. Tivoli Federated Identity Manager Messages These messages are provided by Tivoli Federated Identity Manager. FBTADM002E successfully. The invoked command failed. The executed command did not complete Command execution halted. Check the log files or examine any returned exceptions. FBTADM004E There are no SAML Artifact Services configured. See message. Command execution halted. No response required. FBTADM005E There are no SAML Artifact Services configured with the given configuration identifier. See message. Command execution halted. No response required. FBTADM006E The given name for the creation of the new Tivoli Federated Identity Manager domain already exists. Supply a different domain name or remove the existing domain first. See message. Command execution halted. No response required. FBTADM007E A Tivoli Federated Identity Manager domain name is required for this operation to complete. See message. Command execution halted. Specify the domain name using the parameter fimdomainname FBTADM008E A WebSphere cluster or server name is required for this operation. If the target environment is on a cluster, enter the clustername. If the target environment is not a cluster, provide the name of the application server (typically server1). To find the name of the cluster or the server use the Application Servers panel on the WebSphere administrative console. See message. Command execution halted. No response required. FBTADM009E One or more parameters have to be provided for this operation. See message. Command execution halted. View the usage and pass the required parameters to the command. FBTADM010E The Tivoli Federated Identity Manager domain specified for this operation does not exist. See message. Command execution halted. Run the list operation of the command manageitfimdomain to view the domain name. FBTADM011E The Tivoli Federated Identity Manager runtime is not currently deployed into the selected domain. To deploy the runtime use the deploy operation of this command. See message. Command execution halted. Run the deploy operation of the command manageitfimdomain to deploy the runtime. FBTADM013E A file name to read from or write to needs to be provided for this command. Copyright IBM Corp. 2006, 2013 5
FBTADM014E FBTADM025E See message. command. Command execution halted. Specify a file name for this FBTADM014E Required Tivoli Access Manager parameters were not passed to this operation. When a Tivoli Federated Identity Manager domain uses Tivoli Access Manager the following parameters are required, tamadminid, tamtampolicyserver, tamauthzservers, tamauthzports. See message. Command execution halted. Check the documentation or view the command help for usage. FBTADM017E The following error ocurred while reloading the Tivoli Federated Identity Manager Management Service. Errors from the Tivoli Federated Identity Manager Management Service is returned as a result of executing the reloaditfimmanagementservice command. Command execution halted. Check the log files on the Tivoli Federated Identity Manager Management Service machine for the exception details. FBTADM021E This operation requires that the configuration type for the alias service is set to ldap but the current configuration is jdbc. Run the configure operation to change the configuration to ldap. See message. Command execution halted. Run the configure operation of the manageitfimnameidsvc command. FBTADM022E The provided server, hostname and port, already exists in the configuration. If you need to modify the parameters use the modifyhost operation. See message. Command execution halted. Run the modifyhost operation of the manageitfimnameidsvc command. FBTADM023E The provided server, hostname and port, is not defined in the configuration. Create this server entry using the addhost operation. See message. Command execution halted. Run the addhost operation of the manageitfimnameidsvc command. FBTADM018E One of the parameters passed needs to be an integer but it is not. See message. Command execution halted. No response required. FBTADM019E One or more parameters passed are in an incorrect format. See message. Command execution halted. No response required. FBTADM020E The configuration type passed to the command is in an unrecognized format. Acceptable values are ldap or jdbc. See message. Command execution halted. Check the documentation or view the command help for usage. FBTADM024E The parameter insert is required for this operation. See message. Command execution halted. Check the documentation or view the command help for usage. FBTADM025E The partner insert associated to federation insert was not found. Check that both partner and federation names are correct. You can use the list operation of the manageitfimpartner commands to get a list of existing partners and federations. See message. Command execution halted. Run the list operation of the manageitfimpartner command. 6 IBM Tivoli Federated Identity Manager Version 6.2.2.7: Error Message Reference
FBTADM026E FBTADM039E FBTADM026E The property insert is required for this operation. See message. Command execution halted. Check the documentation for response file property requirements for this operation. FBTADM033E The Report Engine could not be shut down. Check the log files or examine any returned exceptions. See message. No response required. FBTADM028E The parameter insert is required for this operation but it was not given. The command requires parameters that were not passed in. Command execution halted. Check the documentation or view the command help for usage. FBTADM029E The Tivoli Federated Identity Manager domain name, server name, server port, and report name are not specified. The command requires parameters that were not passed in. Command execution halted. View the usage and pass the required parameters to the command. FBTADM030E The Tivoli Federated Identity Manager domain name, server name, and server port are not specified. The command requires parameters that were not passed in. Command execution halted. View the usage and pass the required parameters to the command. FBTADM031E No runnable reports were found. See message. No response required. FBTADM032E The Report Engine could not be started. Check the log files or examine any returned exceptions. See message. No response required. FBTADM034E No reports are currently running. See message. No response required. FBTADM035E The Tivoli Federated Identity Manager domain name, server name, and server port are not specified. The command requires parameters that were not passed in. Command execution halted. View the usage and pass the required parameters to the command. FBTADM036E No archived reports were found. See message. No response required. FBTADM037E The Tivoli Federated Identity Manager domain name, server name, and server port are not specified. The command requires parameters that were not passed in. Command execution halted. View the usage and pass the required parameters to the command. FBTADM038E A report design is required for this operation to complete. See message. Command execution halted. Specify the report design using the reportdesign parameter. FBTADM039E A hostname is required for this operation to complete. See message. Command execution halted. Chapter 2. Tivoli Federated Identity Manager Messages 7
FBTADM040E FBTADM051E Specify the host name using the hostname parameter. FBTADM040E A port is required for this operation to complete. See message. hostport parameter. Command execution halted. Specify the port using the FBTADM041E A render type is required for this operation to complete. See message. Command execution halted. Specify the render type using the rendertype parameter. FBTADM042E The supplied keystore was not found in the domain. Verify that the kesytore name is correct and that it does exist. See message. Command execution halted. No response required. FBTADM043E No keys are defined inside the supplied Key Store. See message. Command execution halted. No response required. FBTADM044E The domain supplied does not have any keystores defined. See message. Command execution halted. No response required. FBTADM045E The supplied response file does not contain a valid federation name to be created. See message. to the response file. Command execution halted. Add the FedName property FBTADM046E The federation insert already exists. Specify a different name in the response file. See message. Command execution halted. No response required. FBTADM047E Unable to create partner response file. Verify that the parameters supplied were correct and verify the logs. See message. Command execution halted. Check the log files on the Tivoli Federated Identity Manager Management Service machine for errors. FBTADM048E The file insert specified in property insert does not exist. See message. Command execution halted. Check the path to the file. FBTADM049E This operation requires the Tivoli Access Manager administrator password in order to complete. Provide this password by specifying the -tamadminpwd option. See message. Command execution halted. No response required. FBTADM050E Unable to create federation response file. Verify that the parameters supplied were correct and verify the logs. See message. Command execution halted. Check the log files on the Tivoli Federated Identity Manager Management Service machine for errors. FBTADM051E A Tivoli Federated Identity Manager domain already exists in the target cluster or server insert. Remove that domain before attempting to create a new one. See message. Command execution halted. No response required. 8 IBM Tivoli Federated Identity Manager Version 6.2.2.7: Error Message Reference
FBTADM052E FBTADM064E FBTADM052E The federation insert is not an identity provider. A query requester partner can only be added to an identity provider federation. See message. Command execution halted. No response required. FBTADM058E The callback property: insert for callback insert is not defined. Check the available properties for a callback using the listcallbacks operation. See message. Command execution halted. No response required. FBTADM053E Unable to import the key insert into keystore insert. Make sure that the keystore name and supplied password are correct. See message. Command execution halted. No response required. FBTADM054E The export operation failed to write the domain to the supplied file. Check the name and path of the supplied file and that its location can be written. See message. Command execution halted. No response required. FBTADM055E Unable to undeploy runtime from: insert. See message. Command execution halted. Check the log files on the Tivoli Federated Identity Manager Management Service machine for errors. FBTADM056E This operation is not supported for the specified Single Sign-On protocol. See message. Command execution halted. No response required. FBTADM057E The callback id: insert is not defined. Publish the Point of Contact callback plug-ins to the runtime node if creating a custom point of contact or check the existing callback names using the listcallbacks operation. See message. Command execution halted. No response required. FBTADM059E The specified Point of Contact profile: insert was not found. See message. Command execution halted. No response required. FBTADM060E The specified Chain Request Mapping with uuid: insert was not found. See message. Command execution halted. No response required. FBTADM061E The module instance with uuid: insert was not found. See message. Command execution halted. No response required. FBTADM062E The module type with uuid: insert was not found. See message. Command execution halted. No response required. FBTADM063E The module chain with uuid: insert was not found. See message. Command execution halted. No response required. FBTADM064E The number of instances provided does not match the number of modes provided. These two numbers must match. See message. Command execution halted. No response required. Chapter 2. Tivoli Federated Identity Manager Messages 9
FBTADM065E FBTADM076E FBTADM065E The mode: insert for module instance: insert is not supported. See message. Command execution halted. No response required. FBTADM066E The chain mapping for chain: insert was not found. See message. Command execution halted. No response required. FBTADM067E The custom properties cannot be loaded into the specified domain. imported. The custom properties cannot be Command execution halted. No response required. FBTADM068E The given name for the Tivoli Federated Identity Manager domain does not exist. Supply a different domain name. exist. The specified domain name does not Command execution halted. No response required. FBTADM069E A Tivoli Federated Identity Manager federation name is required for this operation to complete. This operation requires the name of an existing federation. Command execution halted. Specify the federation name using the parameter federationname FBTADM070E The federation insert does not exist. Specify a different name. exist. The specified federation name does not Command execution halted. No response required. FBTADM071E The operation operation is unknown for the current command. An operation was specified that is not implemented for the current command. Command execution halted. Please enter a valid operation for this command. FBTADM072E A key with alias 'key alias' was not found in the keystore 'keystore'. An alias was specified for a signing or encryption key, but no key with that alias was found in the specified keystore. Command execution halted. Please enter a valid alias. FBTADM073E The partner role value insert specified on parameter insert is not supported for this operation. The partner role specified is not supported by the federation. Command execution halted. Check the documentation or view the command help for usage. FBTADM074E The migration type is required for this operation to complete. This operation requires the migration type to be performed. Command execution halted. Specify the migration type using the parameter migrationtype FBTADM075E The migration type value insert specified on parameter insert is not supported by the runtime. The migration type specified is not supported by the runtime. types for the runtime. Command execution halted. List the supported migration FBTADM076E The migration type insert does not support the use of a response file. The migration type specified does not support the use of a response file. Command execution halted. Execute the operation 10 IBM Tivoli Federated Identity Manager Version 6.2.2.7: Error Message Reference
FBTADM077E FBTADM086E without using a response file. FBTADM077E The federation name can contain only characters from the set 'a-z', 'A-Z' and '0-9'. Specify a different name in the response file using only the valid characters. See message. Command execution halted. No response required. FBTADM078E A module chain with the display name name already exists. A module chain with the specified name already exists. Module chain display names must be unique. the new module chain. Command execution halted. Specify a different name for FBTADM079E A module instance with the name name already exists. A module instance with the specified name already exists. Module instance names must be unique. Command execution halted. Specify a different name for the new module instance. FBTADM080E The module instance instance is protected and cannot be deleted. The specified module instance cannot be deleted because it is a protected instance. Command execution halted. No response required. FBTADM081E The module instance instance cannot be deleted because it is currently used in one or more module chains. The specified module instance cannot be deleted because it is used in one or more module chains. Command execution halted. If the module instance must be deleted, remove it from the module chains that use it, or delete those module chains. FBTADM082E The module type for module instance instance cannot be changed from oldtype to newtype. The module type for a module instance cannot be changed. Command execution halted. Create a new module instance with the required type, then reconfigure any module chains using the existing module instance to use the new one. If the existing module instance is no longer required, it may then be deleted. FBTADM083E The name of module instance instance cannot be changed from oldname to newname. be changed. The name of a module instance cannot Command execution halted. Create a new module instance with the specified name. If the existing module instance is no longer required, delete it. FBTADM084E The minimum length for client identifier is <number> characters. The length of the client identifier in the response file does not meet the required length. Ensure the client identifier meets the minimum length requirement. FBTADM085E The client identifier can contain only characters from the set 'a-z', 'A-Z' and '0-9'. Specify a different client identifier using the valid characters. The client identifier in the response file contains a character that is not valid. Provide the valid client identifier in the response file. FBTADM086E An error occurred when verifying the client identifier. A client with the specified client identifier already exists. The client identifier in the response file is not valid because it is already in use. Ensure the client identifier specified is unique for this federation. Chapter 2. Tivoli Federated Identity Manager Messages 11
FBTADM087E FBTADM099E FBTADM087E The minimum length for the client shared-secret is <number> characters. The length of the client shared-secret in the response file does not meet the required length. Ensure that the client shared-secret meets the minimum length requirement. FBTADM089E The client callback URI is not valid. Specify a valid client callback URI. If this is not applicable, specify 'oob'. The client callback URI in the response file is not valid. Provide the valid client callback URI in the response file. FBTADM090E The client identifier cannot be modified. The client identifier in the response file is different from the registered one. Provide the registered client identifier in the response file. FBTADM091E The minimum length for client identifier is <number> characters. The length of the client identifier in the response file does not meet the required length. Ensure the client identifier meets the minimum length requirement. FBTADM092E The client identifier can contain only characters from the set 'a-z', 'A-Z' and '0-9'. Specify a different client identifier using the valid characters. The client identifier in the response file contains a character that is not valid. Provide a valid client identifier in the response file. FBTADM093E An error occurred when verifying the client identifier. A client with the specified client identifier already exists. The client identifier in the response file is not valid because it is already in use. Ensure the client identifier specified is unique for this federation. FBTADM094E The minimum length for the client shared-secret is <number> characters. The length of the client shared-secret in the response file does not meet the required length. Ensure that the client shared-secret meets the minimum length requirement. FBTADM096E The client redirection URI is not valid. Specify a valid client redirection URI. The client redirection URI in the response file is not valid. Provide a valid client redirection URI in the response file. FBTADM097E The client identifier cannot be modified. The client identifier in the response file is different from the registered one. Provide the registered client identifier in the response file. FBTADM098E An OAuth partner cannot be created for the federation insert. An external client provider was selected for the federation. IBM Tivoli Federated Identity Manager internal partners are not allowed when an external client provider is selected. Add clients externally based on your implementation, or change the OAuth client provider configuration to add partners to IBM Tivoli Federated Identity Manager. FBTADM099E The partner insert that is associated to federation insert cannot be deleted. Global entity partners are used in an OAuth 2.0 flow. You must not delete any of the global entity partners. Note that if an OAuth 2.0 federation is deleted, its associated global entity partners are also deleted. Command execution halted. 12 IBM Tivoli Federated Identity Manager Version 6.2.2.7: Error Message Reference
FBTADM100E FBTAUD008E FBTADM100E The partner insert that is associated to federation insert cannot be deleted. Global entity partner is used in an OAuth 1.0 flow. You must not delete the global entity partner. Note that if an OAuth 1.0 federation is deleted, its associated global entity partner is also deleted. Command execution halted. FBTADM101E The XML file format is not valid for insert. The XML file that you provided is not formatted correctly. Command execution halted. Check your XML file for syntax errors, and fix the errors. FBTAUD001E Check the audit configuration to ensure that it is correct. The audit configuration settings might contain errors or ommissions. try restarting the server. System will not audit. Check the audit properties or properties and the encapsulated exception to solve the problem. FBTAUD005E An error was encountered while initializing context to the Common Audit Serivice server. Check the JNDI connection property and emitter profile for possible errors. This error occurs due to problems in the audit configuration. System will not audit. Check the properties mentioned in the error and the encapsulated exception to solve the problem. FBTAUD006E An error was encountered while sending the audit event to the Common Audit Service server. This error occurs because of problems in the audit configuration, or because of connectivity problems with the Common Audit Service server. event. System will not audit this particular Ensure that the Common Audit Service server is running and check the encapsulated exception to solve the problem. FBTAUD002E The passed-in audit provider is not supported. This error occurs due to problems in the audit configuration. System will not audit. Check the audit properties or try restarting the server. FBTAUD003E The audit configuration property insert is not defined or is incorrect. This error occurs due to problems in the audit configuration. System will not audit. Correctly specify the property and restart the server. FBTAUD004E An error was encountered while initializing the file logger. This error occurs due to problems in the audit configuration. System will not audit. Check the file logger FBTAUD007E An error was encountered while initializing the audit component. This error occurs because of problems in the audit configuration, or because of connectivity problems with the Common Audit Service server. event. System will not audit this particular Ensure that the Common Audit Service server is running and check the previous exceptions in the log to determine the cause of the problem. FBTAUD008E An event completion exception was encountered because all of the event data is not filled in correctly. This error occurs if any of the required elements in the event are not set. System will not audit this particular event and will log an exception. Check the encapsulated exception to solve the problem. Chapter 2. Tivoli Federated Identity Manager Messages 13
FBTAUD009E FBTCDS009E FBTAUD009E System could not audit a call because a required parameter to the API is not available. This error occurs if any of the required elements in the event are not set. System will not audit this particular event and will log an exception. Check the parameter that is not being passed correctly. FBTAUD010E An event validation exception was encountered because all of the event data is not correctly filled in. This error occurs if any of the required elements in the event are not set. System will not audit this particular event and log an exception. Check the encapsulated exception to solve the problem. FBTCDS001E The received request is missing the required parameter: parameter message. FBTCDS002E The current request is not valid. The request will be halted. Validate the incoming Token exchange failed. The current request could not be completed because the token exchange failed. The request will be halted. Validate the incoming message and the trust service configuration. In addition, examine the trace logs to see why the token exchange failed. FBTCDS003E The security token could not be decrypted. The encrypted security token could not be decrypted. Ensure that the decryption keys and decryption parameters are configured properly for the provider that sent the message. FBTCDS004E The security token signature could not be validated. be validated. The security token signature could not Ensure that the validation keys are configured properly for the provider that sent the message. FBTCDS005E The request was missing the TARGET parameter. The login page must contain a TARGET parameter either in the Query string or in a hidden input field. The operation will be halted. Modify the login page to contain a TARGET parameter, which should point to the target SSO URL. FBTCDS006E While processing action: action the following configuration parameter was determined to be missing or incorrect: param The current request could not be completed because the configuration is not valid. configured correctly. The request will be halted. Validate that the system is FBTCDS007E The current user making the request is not authenticated. message. The current request is not valid. The request will be halted. Validate the incoming FBTCDS008E The Security Token Service was unable to generate a token for this request. The current request is not valid. The request will be halted. Validate the incoming message, and the system configuration. FBTCDS009E The card used for authentication to the STS mapped to the alias: action and could not be mapped to a local user account. The alias service could not resolve the alias generated from the token presented for authentication to a local user account. This may be because the alias was not written correctly when the card was created, or that the alias has been deleted from the alias service. The request will be halted. Validate that the alias server 14 IBM Tivoli Federated Identity Manager Version 6.2.2.7: Error Message Reference
FBTCDS010E FBTCFG003E is configured and working, and that the alias for the user exists. FBTCDS010E The incoming request to the InfoCard STS has an AppliesTo address which does not contain the identity information of the relying party: appliesto The AppliesTo element from the client should either not contain an AppliesTo element, or if it does, it must contain the identity information (including the X509 certificate) of the relying party. This can be caused if the metadata policy response to InfoCard does not contain the <wsaw:usingaddressing/> directive. The request will be halted. Validate that the configured metadata policy contains <wsaw:usingaddressing/> FBTCDS011E The incoming request to the InfoCard STS does not contain a valid authentication token for this federation. The incoming request may contain no authentication token, or it may contain an authentication token which does not match the authentication mechanism supported by this federation. The request will be halted. Validate that the incoming request contains the correct authentication token. FBTCDS012E The incoming metadata exchange request contains an invalid 'action' header in the SOAP request: action The incoming request contained an 'action' header other than: http:// schemas.xmlsoap.org/ws/2004/09/transfer/get The request will be halted. Validate that the client is sending a valid metadata exchange request. FBTCDS014E The request for a card contained a support claim parameter in an invalid format: sclaim The incoming request contained a supported claim in an invalid format. The request will be halted. Validate that the getcard HTML template has supported claims in the correct format. FBTCDS015E The supplied card alias, ppid, is already in-use by another user. The user supplied a self-issued card that is already associated with another user's account. is necessary. The request will be halted. No administrative response FBTCFG001E An error occurred while reading a configuration document. An attempt to read a configuration stream has failed. halted. The configuration request will be Validate the Tivoli Federated Identity Manager configuration. FBTCFG002E The expected root for this document, type documentroottype was not found in the document. The expected document root was missing because the parsed configuration file does not contain the correct configuration document. halted. The configuration request will be Validate the Tivoli Federated Identity Manager configuration. FBTCDS013E The incoming metadata exchange request contains an invalid 'to' header in the SOAP request: to. We were expecting our metadata exchange endpoint: mexendpoint The incoming request contained a 'to' header which did not match our metadata exchange endpoint. The request will be halted. Validate that the client is sending a valid metadata exchange request. FBTCFG003E The configuration for the component component was not found in this document. The expected document root was missing because the parsed configuration file does not contain the correct configuration document. halted. The configuration request will be Validate the Tivoli Federated Identity Manager configuration. Chapter 2. Tivoli Federated Identity Manager Messages 15