Identity server not showing in console - Micro Focus Community

Lexon171 · ‎2021-01-22

Hello! This is not the first time I have installed an access manager. This is not a complicated procedure.
I installed on a test bench again today.
I installed console. Set up a username and password. After installation, I successfully entered the console in the browser.
On another server, I am setting up an identity server. Specified the ip address of the console server, login and password. Installation completed successfully
But when I go to the admin console again, there is no identity server there.
Hosts on the same network.
There are no errors in the logs tomcat and volera. Services restarted.
How to find out why the identity server is not displayed? What am I missing?

Sebastijan · ‎2021-01-22

There is quite good identity server import troubleshooting section in documentation:

https://www.netiq.com/documentation/access-manager-45/install_upgrade/data/bgvd1h9.html

Double check ports that need to be opened. I know you've mentioned that admin console and idp are on the same server, but checking ports might detect if there is a service not running on admin console.

If all services are running and ports are accessible, run reimport.

Troubleshooting guide also mentions some log files that might be worth checking.

Kind regards,

Sebastijan

Lexon171 · ‎2021-01-22

Thanks for the link! My firewall is disabled, all ports are open. But running the netstat -nlupt command, I did not see port 1289. This is strange. I still did everything that was written in the documentation, set up a time server, did a re-import, and re-installed everything. Still not displayed. There are no errors in the logs, the services are running.

Sebastijan · ‎2021-01-23

I've checked few of my installations and none of them are running services on admin console using port 1289, so I think this is not the reason.

If there is nothing in reimport log file (I think /tmp/novell_access_manager/nidp_reimport.log) or devman/jcc log files (check app_sc.0.log on admin console and jcc-0.log.0 on idp) then you will need to open SR.

Lexon171 · ‎2021-01-22

I found port 1289 for console and access gateway communication. I do not use access gateway or install it. Should it work without it?

ericveysey · ‎2021-01-25

There are a small amount of ports you need to import the IDP into the Console:

Console to IDP

1443

IDP to Console

8444

524

636

Check those with netcat once your IDP is up, trigger a reimport and check the logs.

You don't need to install the Gateway, you can just install Console + IDP.

Lexon171 · ‎2021-01-25

i checked the settings. These are the admin console ports.

Further ports of identity server.

then i executed the commands ./conf/reimport_nidp.sh jcc and ./conf/reimport_nidp.sh nidp. Result: completed successfully.

The reimport log file contains the following entry.

But the admin console is empty.

EVCIS · ‎2021-01-25

It looks like it's listening on IPv6. Go ahead and disable IPv6 in YAST, reboot and try to re-import again.

Thanks. Eric.

Lexon171 · ‎2021-01-26

I disabled IPv6 on admin console and identity server. Rebooted operating systems. Reimport completed successfully, but the identity server did not appear in the web interface.

In the iManager admin console, on the old stand, where everyone is working along the path tree / novell / accessManagerContainer / nids / server, there are records of all identity servers. No entries on the new stand.

Lexon171 · ‎2021-01-26

In the logs of identity server tomcat / catalina.out I found the following error. Can it affect the display?

Lexon171 · ‎2021-01-26

I changed the date to December 1, 2020 and it worked. But it's weird where to get the look for 2021. I downloaded from the site today and the same error.