Hello, I'm currently deploying One Identity Manager 9.2 in a Kubernetes environment , using the official Docker images: oneidentity/oneim-appserver:9.2 oneidentity/oneim-api:9.2 Context I deployed the App Server with the appropriate environment variables: DBSYSTEM=MSSQL CONNSTRING=Data Source=<sql-host>\\<instance>;Initial Catalog=OneIM;User ID=<user>;Password=<pwd>;Encrypt=True;TrustServerCertificate=True BASEURL=oneim-app.mydomain.local/ UPDATEUSER=cccAdmin UPDATEUSERPASSWORD=<valid-password> TARGETS=Server\\Web\\AppServer The pod is running. The login interface is reachable. I can successfully authenticate using cccAdmin . Problem However, after login, I receive the error: pgsql Copier Modifier [ServiceStack.HttpError] Requested object '/appserver/update/allowed' was not found on this server . ServiceStack.HttpError: Requested object '/appserver/update/allowed' was not found on this server . This error loops continuously in logs every few seconds. The endpoint /appserver/update/allowed returns a 404 when called manually with curl from inside the pod (unless authenticated, in which case it redirects to /login.aspx ). What I've tried Verified that the cccAdmin user exists and can log in. Ensured the TARGETS variable is set to only Server\Web\AppServer . Tried using and not using a ConfigMap for Web.config — no impact. Questions Is /appserver/update/allowed supposed to be a real endpoint? If so, what conditions are required for it to be enabled? Is there something wrong in my TARGETS or configuration that would prevent this from being exposed? Are there additional steps required after first deployment to enable full functionality of the App Server? Thanks in advance for any help you can provide Chakir EL HABRIRI

App Server Error – /appserver/update/allowed not found (Kubernetes deployment, version 9.2)

chakir el habriri 1 day ago

Hello,

I'm currently deploying One Identity Manager 9.2 in a Kubernetes environment, using the official Docker images:

oneidentity/oneim-appserver:9.2
oneidentity/oneim-api:9.2

Context

I deployed the App Server with the appropriate environment variables:
- DBSYSTEM=MSSQL
- CONNSTRING=Data Source=<sql-host>\\<instance>;Initial Catalog=OneIM;User ID=<user>;Password=<pwd>;Encrypt=True;TrustServerCertificate=True
- BASEURL=oneim-app.mydomain.local/
- UPDATEUSER=cccAdmin
- UPDATEUSERPASSWORD=<valid-password>
- TARGETS=Server\\Web\\AppServer
The pod is running.
The login interface is reachable.
I can successfully authenticate using cccAdmin.

Problem

However, after login, I receive the error:

This error loops continuously in logs every few seconds. The endpoint /appserver/update/allowed returns a 404 when called manually with curl from inside the pod (unless authenticated, in which case it redirects to /login.aspx).

What I've tried

Verified that the cccAdmin user exists and can log in.
Ensured the TARGETS variable is set to only Server\Web\AppServer.
Tried using and not using a ConfigMap for Web.config — no impact.

Questions

Is /appserver/update/allowed supposed to be a real endpoint? If so, what conditions are required for it to be enabled?
Is there something wrong in my TARGETS or configuration that would prevent this from being exposed?
Are there additional steps required after first deployment to enable full functionality of the App Server?

Thanks in advance for any help you can provide

Chakir EL HABRIRI

0 Markus Weiss-Ehlers 9 hours ago

You are using the Linux containers, and Auto Update is turned off in these containers. That's why the route update/allowed is not available. Does the error appear in the logs if you do not log into the UI?

Your TRAGETS is just the Application Server without a search index. The default targets include the application server and search index targets: Server\Web\AppServer,Server\Web\AppServer\SearchCrawler,Server\Web\AppServer\SearchIndex
Cancel
Up 0 Down

Reply

Verify Answer

Cancel
0 chakir el habriri 4 hours ago in reply to Markus Weiss-Ehlers
Voici une réponse complète et professionnelle que tu peux poster sur le forum ou envoyer à ton contact One Identity :

Hi,

Thanks for your explanation.

I’ve checked the logs of the App Server pod right after startup before any user interaction or login to the UI

Here is what I observed:

I do not see any error related to "/update/allowed" in the logs.

However, I do see other errors, right after container startup, including:

Could not find authentication data for session g40rBQ2qjB4PfUZNRd9j, it may have expired. [ServiceStack.HttpError] Unauthorized PUT /appserver/EntitySource HTTP/1.1" 302 ... PUT /login.aspx?ReturnUrl=%2fappserver%2fEntitySource HTTP/1.1" 401 ...

This indicates that some internal process (maybe the search crawler or internal service check) is trying to hit /appserver/EntitySource without valid credentials.

Deployment configuration:

In my Kubernetes manifest, I already tried with the following environment variables defined:

- name: TARGETS value: "Server\\Web\\AppServer,Server\\Web\\AppServer\\SearchCrawler,Server\\Web\\AppServer\\SearchIndex" - name: SKIPUPDATECHECK value: "true"

So the App Server should already be configured with the expected default targets, including the search index components.

Remaining questions:

Is it expected behavior to have these 401 logs at startup in the Linux container version with SKIPUPDATECHECK=true?

Should I just ignore these error messages, since the app seems to work correctly once the app UI is accessed?

Thanks again for your support! Let me know if you'd like additional logs or setup details.
I can share with you my manifest if need

Chakir EL HABRIRI
Cancel
Up 0 Down

Reply

Verify Answer

Cancel

App Server Error – /appserver/update/allowed not found (Kubernetes deployment, version 9.2)

Context

Problem

What I've tried

Questions

Deployment configuration:

Remaining questions: