Vice Admiral
Vice Admiral
566 views

Identity server not showing in console

Hello! This is not the first time I have installed an access manager. This is not a complicated procedure.
I installed on a test bench again today.
I installed console. Set up a username and password. After installation, I successfully entered the console in the browser.
On another server, I am setting up an identity server. Specified the ip address of the console server, login and password. Installation completed successfully
But when I go to the admin console again, there is no identity server there.
Hosts on the same network.
There are no errors in the logs tomcat and volera. Services restarted.
How to find out why the identity server is not displayed? What am I missing?
0 Likes
10 Replies
Knowledge Partner Knowledge Partner
Knowledge Partner

There is quite good identity server import troubleshooting section in documentation:

https://www.netiq.com/documentation/access-manager-45/install_upgrade/data/bgvd1h9.html

 

Double check ports that need to be opened. I know you've mentioned that admin console and idp are on the same server, but checking ports might detect if there is a service not running on admin console.

If all services are running and ports are accessible, run reimport.

Troubleshooting guide also mentions some log files that might be worth checking.

 

Kind regards,

Sebastijan

0 Likes
Vice Admiral
Vice Admiral

Thanks for the link! My firewall is disabled, all ports are open. But running the netstat -nlupt command, I did not see port 1289. This is strange. I still did everything that was written in the documentation, set up a time server, did a re-import, and re-installed everything. Still not displayed. There are no errors in the logs, the services are running.

0 Likes
Knowledge Partner Knowledge Partner
Knowledge Partner

I've checked few of my installations and none of them are running services on admin console using port 1289, so I think this is not the reason.

If there is nothing in reimport log file (I think /tmp/novell_access_manager/nidp_reimport.log) or devman/jcc log files (check app_sc.0.log on admin console and jcc-0.log.0 on idp) then you will need to open SR.

0 Likes
Vice Admiral
Vice Admiral

I found port 1289 for console and access gateway communication. I do not use access gateway or install it. Should it work without it?

0 Likes
Captain
Captain

There are a small amount of ports you need to import the IDP into the Console: 

Console to IDP

1443

IDP to Console

8444

524

636

Check those with netcat once your IDP is up, trigger a reimport and check the logs. 

You don't need to install the Gateway, you can just install Console + IDP. 

0 Likes
Vice Admiral
Vice Admiral

i checked the settings. These are the admin console ports.

Screenshot_1.png

 Further ports of identity server.

Screenshot_2.png

 then i executed the commands ./conf/reimport_nidp.sh jcc and ./conf/reimport_nidp.sh nidp. Result: completed successfully.

Screenshot_3.png

 The reimport log file contains the following entry.

Screenshot_4.png

 But the admin console is empty.

Screenshot_5.png

0 Likes
Commander
Commander

It looks like it's listening on IPv6. Go ahead and disable IPv6 in YAST, reboot and try to re-import again. 

 

 

Thanks. Eric. 

 

0 Likes
Vice Admiral
Vice Admiral

I disabled IPv6 on admin console and identity server. Rebooted operating systems. Reimport completed successfully, but the identity server did not appear in the web interface.

In the iManager admin console, on the old stand, where everyone is working along the path tree / novell / accessManagerContainer / nids / server, there are records of all identity servers. No entries on the new stand.

Vice Admiral
Vice Admiral

In the logs of identity server tomcat / catalina.out I found the following error. Can it affect the display?

Screenshot_1.png

Vice Admiral
Vice Admiral

I changed the date to December 1, 2020 and it worked. But it's weird where to get the look for 2021. I downloaded from the site today and the same error.
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.