Documentum Administrator in docker writes the dm_bof_registry password in blank

CN23

Hello good morning

I am trying to create a documentum administrator container in docker 20.x in a lab environment however, for some reason, when I create the container I get an authentication error in dm_bof_registry ([DM_SESSION_E_AUTH_FAIL]error: “Authentication failed for user dm_bof_registry with docbase laboratorio.)
I have already checked the credentials in the CS and they work correctly, if I check the docker log it looks like I am not entering the password parameter in the dfc.properties file (hide the IP in this message for security):

01 Feb 2025 01:16:50,234 INFO [at ./updateAppXml.pl line 28.] - Application location: /opt/tomcat/webapps/da
01 Feb 2025 01:16:50,235 INFO [at ./updateAppXml.pl line 29.] - Application name : da
01 Feb 2025 01:16:50,237 INFO [at ./updateAppXml.pl line 46.] - setting properties from /opt/tomcat/webapps/da/external-configurations/app.properties
01 Feb 2025 01:16:50,237 INFO [at ./updateAppXml.pl line 63.] - setting properties from environment variables appproperties
01 Feb 2025 01:16:50,250 INFO [at ./updateAppXml.pl line 189.] - Updated app.xml file /opt/tomcat/webapps/da/wdk/app.xml successfully
01 Feb 2025 01:16:50,309 INFO [at ./updateDfcProperties.pl line 21.] - Application location: /opt/tomcat/webapps/da
dos2unix: converting file /opt/tomcat/webapps/da/WEB-INF/classes/dfc.properties to Unix format...
01 Feb 2025 01:16:50,315 INFO [at ./updateDfcProperties.pl line 35.] - fetching properties from dfc.properties file
01 Feb 2025 01:16:50,315 INFO [at ./updateDfcProperties.pl line 55.] - fetching properties from environment dfcproperties variable
01 Feb 2025 01:16:50,316 INFO [at ./updateDfcProperties.pl line 86.] - Updating /opt/tomcat/webapps/da/WEB-INF/classes/dfc.properties with the below values
01 Feb 2025 01:16:50,316 INFO [at ./updateDfcProperties.pl line 90.] - dfc.data.dir=/opt/tomcat/data
01 Feb 2025 01:16:50,316 INFO [at ./updateDfcProperties.pl line 90.] - dfc.docbroker.port[0]=1689
01 Feb 2025 01:16:50,317 INFO [at ./updateDfcProperties.pl line 90.] - dfc.docbroker.host[0]=<IP>
01 Feb 2025 01:16:50,317 INFO [at ./updateDfcProperties.pl line 90.] - dfc.session.allow_trusted_login=false
01 Feb 2025 01:16:50,318 INFO [at ./updateDfcProperties.pl line 90.] - dfc.tokenstorage.dir=/opt/tomcat/token
01 Feb 2025 01:16:50,319 INFO [at ./updateDfcProperties.pl line 90.] - dfc.security.ssl.use_anonymous_cipher=true
01 Feb 2025 01:16:50,320 INFO [at ./updateDfcProperties.pl line 90.] - dfc.globalregistry.repository=laboratorio
01 Feb 2025 01:16:50,321 INFO [at ./updateDfcProperties.pl line 90.] - dfc.tokenstorage.enable=false
01 Feb 2025 01:16:50,322 INFO [at ./updateDfcProperties.pl line 90.] - dfc.globalregistry.username=dm_bof_registry
01 Feb 2025 01:16:50,322 INFO [at ./updateDfcProperties.pl line 90.] - dfc.diagnostics.resources.enable=true
01 Feb 2025 01:16:50,407 INFO [at ./updateOtdsProperties.pl line 21.] - Application location: /opt/tomcat/webapps/da
01 Feb 2025 01:16:50,407 INFO [at ./updateOtdsProperties.pl line 27.] - fetching properties from otds.properties file /opt/tomcat/webapps/da/external-configurations/otdsoauth.properties
01 Feb 2025 01:16:50,407 INFO [at ./updateOtdsProperties.pl line 47.] - fetching properties from environment otdsproperties variable
sh: line 1: OTDS_APP_URL: No such file or directory
DctmReportsValue false
01 Feb 2025 01:16:50,503 INFO [at ./updateLog4j2Properties.pl line 14.] - Application location: /opt/tomcat/webapps/da

if I access the container and check the dfc.properties the password appears blank, also I have tried the encrypted password generated by the container itself for presets and preferences and it does not work in the CS that password.

why is it not working?

This is my variable (the IP and password have been hidden for security): DFC_PROPERTIES=dfc.data.dir=/opt/tomcat/data::dfc.tokenstorage.dir=/opt/tomcat/token::dfc.tokenstorage.enable=false::dfc.docbroker.host[0]=<IP>::dfc.docbroker.port[0]=1689::dfc.globalregistry. repository=laboratory::dfc.globalregistry.username=dm_bof_registry::dfc.globalregistry.password=<passwd without encrypt>::dfc.session.allow_trusted_login=false::dfc.security.ssl.use_anonymous_cipher=true

If I change the password inside the container to the one generated by the CS and restart tomcat it works correctly, however, every time I restart the container it disappears again and stops working.

Note: i have tested the docbroker port 1489 and with the encrypted password of dm_bof_registry and have the same problem.

I'm using Docker 20.10.24, Docker Compose version v2.17.3, DCTM Server and DA 23.4 in a RHEL 9.4

Thank you very much in advance,
Best regards.

CN23

Hello,
I have enabled authentication tracing and I can see the following error message when DA container connects with dm_bof_registry to CS container:

Error verifying host and client signature: Client rights object not found in docbase for client id

But I don't understand why this happens, if I'm not mistaken, you can only configure privileged clients in DA, but this is the DA trying to connect to DCTM, however, I would like to know how to make the CS can trust with the DA container when this is started with the docker-compose, both are in the same docker network of bridge type.

Thank you,
Best regards

AlvaroDeAndresGomez

Earlier documentum images are quite broken / had many issues. For DA, I would suggest avoid the official image and doing something like this:

https://blog.aldago.es/2020/04/13/improving-opentexts-documentum-administrator-20-2-docker-container/

It will save you from many headaches with OT's images

CN23

Ok I will try to do it that way with DA, however I have some doubts, this is image 23.4 so it is not a very old image, and I have tried to install xPlore 22.1.6 in a container and I have also the same problem, writing in the logs the authentication error with dm_bof_registry.

What could be the problem? Since it is not such an old DA image, shouldn't it work correctly for your deployments in productive client environments?

Thanks in advance,

Kind regards