Welcome Serena Central users! CLICK HERE
The migration of the Serena Central community is currently underway. Be sure to read THIS MESSAGE to get your new login set up to access your account.
adrianrauta Absent Member.
Absent Member.
863 views

IGA first startup issues

Hi,

I have some issues starting up the IGA 3.0.
The setup I have is like this: I have installed an IDV server (eDirectory+iManager+IdentityApps) on a VM and IGA (Tomcat+Postgres+OSP+IGA) on another VM using the standard options, nothing fancy.
They are in the same LAN and communicate easily between them.

When I try to access the IGA interface, for a split second I can see the top of the app (colored bue) and than Firefox goes saying unable to connect.
The link used in Firefox is http://<hostname>:8080/#/nav

As I have analized the logs, I can see in the osp log an error like this:

Preamble: [Tenant]
Priority Level: SEVERE
Java: internal.atlaslite.jcce.util.StackUtil.logThrowable() [86] thread=osp-common-thread-1
Time: 2018-11-08T18:44:50.473+0200
Log Data: Unexpected error probing container TLS:
java.net.ConnectException
Connection refused (Connection refused)
java.net.PlainSocketImpl: PlainSocketImpl.java: socketConnect: -2


Any idea why this happens?
The catalina.out does not show anything special.

Thanks,
Adrian
0 Likes
5 Replies
Highlighted
jmontm42 Absent Member.
Absent Member.

Re: IGA first startup issues

I'd start with ensuring OSP on the IG server can communicate with your eDirectory server. It MUST be able to talk on 636 (even if you want to use 389, you HAVE to have 636 working initially).

Try disabling firewall on both boxes, then in configupdate in /opt/netiq/idm/apps/osp/bin enter your vault credentials and validate they work by using the magnifying glass on the line where you select the base user object container. If you can get in there, you are good with edir connection.

--Jim
0 Likes
adrianrauta Absent Member.
Absent Member.

Re: IGA first startup issues

Hi Jim,

Thanks for these first suggestions.
The firewall was disabled since before I started the IGA installation.

With the config utility I also played before adding this topic/thread and it has some weird behaviour.
On the first click on the magnifier I get a message that the connectivity data is wrong and it cannot connect.
I close the popup error, click again the magnifier and I get the browse window and I can browse the eDirectory.
Any idea why this happends?
Should I try a reinstall? Or maybe it's something Java related?

Adrian
0 Likes
Micro Focus Expert
Micro Focus Expert

Re: IGA first startup issues

On 11/9/18 6:54 AM, adrianrauta wrote:
>
> Hi Jim,
>
> Thanks for these first suggestions.
> The firewall was disabled since before I started the IGA installation.
>
> With the config utility I also played before adding this topic/thread
> and it has some weird behaviour.
> On the first click on the -magnifier- I get a message that the
> connectivity data is wrong and it cannot connect.
> I close the popup error, click again the -magnifier- and I get the
> browse window and I can browse the eDirectory.
> Any idea why this happends?
> Should I try a reinstall? Or maybe it's something Java related?
>
> Adrian
>
>

Greetings,

1) I would look at the Network Traffic in a LAN trace when you launch
configupdate and receive the error.

2) You should also enable LDAP tracing in eDirectory at this time and
see what is happening.

It could be that too much time is being taken to respond from the
eDirectory server.

I have also seen where it was necessary to run a repair on eDirectory so
that the logins and browsing would work in a timely manner.



--
Sincerely,
Steven Williams
Principal Enterprise Architect
Micro Focus
0 Likes
Knowledge Partner
Knowledge Partner

Re: IGA first startup issues


> 1) I would look at the Network Traffic in a LAN trace when you launch
> configupdate and receive the error.
>
> 2) You should also enable LDAP tracing in eDirectory at this time and
> see what is happening.


This is likely the most helpful.

> It could be that too much time is being taken to respond from the
> eDirectory server.
>
> I have also seen where it was necessary to run a repair on eDirectory so
> that the logins and browsing would work in a timely manner.

This is likely not the best of advice, better to figure out what is
wrong than to blindly run repairs.

0 Likes
Knowledge Partner
Knowledge Partner

Re: IGA first startup issues

On 11/8/2018 11:54 AM, adrianrauta wrote:
>
> Hi,
>
> I have some issues starting up the IGA 3.0.
> The setup I have is like this: I have installed an IDV server
> (eDirectory+iManager+IdentityApps) on a VM and IGA
> (Tomcat+Postgres+OSP+IGA) on another VM using the standard options,
> nothing fancy.
> They are in the same LAN and communicate easily between them.
>
> When I try to access the IGA interface, for a split second I can see the
> top of the app (colored bue) and than Firefox goes saying unable to
> connect.
> The link used in Firefox is http://<hostname>:8080/#/nav
>
> As I have analized the logs, I can see in the osp log an error like
> this:
>
>> Preamble: [Tenant]
>> Priority Level: SEVERE
>> Java: internal.atlaslite.jcce.util.StackUtil.logThrowable() [86]
>> thread=osp-common-thread-1
>> Time: 2018-11-08T18:44:50.473+0200
>> Log Data: Unexpected error probing container TLS:
>> java.net.ConnectException
>> Connection refused (Connection refused)
>> java.net.PlainSocketImpl: PlainSocketImpl.java: socketConnect: -2

>
> Any idea why this happens?
> The catalina.out does not show anything special.


What you are seeing is the Client app, which runs in your browser load,
but then it makes a call to OSP which fails.

Every startup there is a TLS probe to see which version is available.
Looks you are running cleartext and it wants to see TLS. Perhaps mint
your self a cert and try it over SSL/TLS?

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.