Highlighted
Nihii Respected Contributor.
Respected Contributor.
179 views

NAM 4.5 Upgrade

Hi,

We recently upgraded NAM Appliance to 4.5 and applied latest patch. After upgrade we are experiencing issues with OSP SAML2 integration. User App times out intermittently.  User App is running on 4.6.4 version on RHEL. Rebooting NAM servers fixes issue temporarily.

Anyone facing similar issue?

Thanks

0 Likes
5 Replies
Knowledge Partner
Knowledge Partner

Re: NAM 4.5 Upgrade

Is NAM doing SAML to OSP, or doing OAuth instead of OSP?

There are timeouts on sessions in several places in OSP-IDM integration and really more in NAM as well. I would consider and make sure they are all reasonaly close to each other.

Look in configupdate.sh for the OSP/UA values.  You are still at UA 4.6.4 so watch the NMAS SAML method, (how UA logs you the logged user, into eDir, without a password, ince you SAMLed in via NAM, so UA never had a password) which is maintained in attribute on the authSamlAffiliate object under the cn=Security container. (Search for objectclass=authSamlAffiliate and you will find it.

 

Nihii Respected Contributor.
Respected Contributor.

Re: NAM 4.5 Upgrade

Thanks Geof for your response. Yes, time out was changed in iManager(RBPMSAML) to default. Matched with NAM contract time out. No issues till now.
0 Likes
Knowledge Partner
Knowledge Partner

Re: NAM 4.5 Upgrade

So you are saying that the timeouts in:

 

OSP - for session timeout

NMAS-SAML Method - session timeout

User App - session timeout

NAM - session timeout

are all set the same and you are seeing odd timeouts?

There is an OAuth ticket time window as well, which is renewed, but I find making them all similar and longish works best. (Yes sessions persist in memory and eat memory but better than timeouts, since they seem to be refreshing sessions poorly at the moment).

 

0 Likes
Nihii Respected Contributor.
Respected Contributor.

Re: NAM 4.5 Upgrade

Matched all the timeouts to same i.e. 720(43200). Issue seems to be resolved now.
SLong Valued Contributor.
Valued Contributor.

Re: NAM 4.5 Upgrade

Was looking for this, just found it in one of my browser pinned tabs, but don't think that was your issue.

https://support.microfocus.com/kb/doc.php?id=7017249#

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.