Novell is now a part of Micro Focus

Troubleshooting iManager 2.02

Novell Cool Solutions: Tip

Digg This - Slashdot This

Posted: 28 Apr 2004

If you have had trouble accessing iManager 2.02 on NetWare 6.5, some handy troubleshooting tips may be in order. This article gets you started, focusing on Server Certificates, LDAP over SSL, Tomcat, and Apache issues. For the full details, check out TID 10090732.

For the following information, the server name of "Server1" is assumed and resides in the context O=Novell.
1: Check for Server Certificates

In ConsoleOne verify the following certificate objects exist in the same context as Server1 (our sample server with context O=Novell):

  • SAS Service - Server1
  • SSL CertificateIP - Server1
  • SSL CertificateDNS - Server1

If these objects do not exist, download PKIDIAG.NLM and run PKIDIAG with options 4 then 0 to automatically recreate them. If these objects do exist, run PKIDIAG.NLM with options 4 then 0 to verify the configuration of these objects. See the TID for testing tips.

If the creation of a new Certificate fails, there may be tree CA issues that need to be resolved or investigated.

2: LDAP over SSL

To determine if LDAP over SSL is configured or working, at the server console unload NLDAP.NLM and load NLDAP.NLM. The modules NTLS.NLM and SASL.NLM should auto load. If they do not then, LDAP on this server is not configured for SSL. Even if they do auto load, you still need to verify LDAP over SSL.

To verify the LDAP server and LDAP group objects exist for Server1,

*Check the following attributes on the LDAP Server object:

  • General tab - LDAP group is configured.
  • SSL/TLS Configuration tab - TLS (SSL) port is 636.
  • Disable SSL port is not checked.
  • Server Certificate is configured. (This should be configured with one of the certificates like SSL CertificateDNS.)
  • Other tab - Verify the ldapConfigVersion attribute value is 8. (eDirectory 8.7.3)
  • Other tab - Verify the ldapConfigVersion attribute value is 7. (eDirectory 8.7.1)

*Check the following attributes on the LDAP Group object:

  • Server list tab - The LDAP server object is in the LDAP server list.
  • Other tab - Make sure the ldapConfigVersion attribute has proper value.For eDir 8.7.1 value should be 7.For eDir value should be 8.
  • Other tab - Verify the ldapConfigVersion attribute value is 8. (eDirectory 8.7.3)
  • Other tab - Verify the ldapConfigVersion attribute value is 7. (eDirectory 8.7.1)

Once this configuration is complete, when NLDAP loads it should auto load NTLS and SASL and ports 389 and 636 will show as being bound and listening in TCPCON.

*Then verify LDAP is working by following TID 10066259 - How to Test LDAP over SSL.

For troubleshooting tips on LDAP loading and operation, see TID 10090732.

3: Verify that Tomcat is loading properly

Load TOMCAT4 and view the logger screen for errors. To stop Tomcat type at the server console TC4STOP. Wait about a minute and then type TOMCAT4. Tomcat will take two to three minutes to complete loading. When done the following line should appear on the Logger screen:

INFO: JK2: ajp13 listening on /

If you do not see the ajp13 listening on port 9010 message, then Tomcat is not loading properly or is still in the process of coming up.

If Tomcat does not load properly, see TID 10090732.

Also see TID 10087091 (Tomcat 4 on NetWare 6.5 will not load) for more information on Troubleshooting Tomcat4.

4: Verify that Apache is loading properly
Verify the Apache Server is running. On NetWare 6.5 it will show up as a screen labeled "Apache 2.0.4x for NetWare". You can also go into TCPCON and verify that ports 80 and 443 are listening. To stop the Apache web server on NetWare 6.5, run AP2WEBDN and then AP2WEBUP. If you get a 404 error when trying to access the /nps/servlet/configure page, most likely the INCLUDE statement for the nps-apache.conf file is missing from the Apache configuration file (SYS:\APACHE2\CONF\HTTPD.CONF). Verify there is an INCLUDE statement the same as below. Include sys:/tomcat/4/conf/nps-Apache.conf
Running iManager

After verifying the 4 areas above, the server should be prepared to run iManager.

If a previous iManager install failed, or you are unable to get into iManager after verifing the above, restart the iManager installation using the NetWare 6.5 Products CD or NetWare 6.5SP1a Overlay Prodcuts CD. Before starting the install, rename the following files on the server:

  • Sys:\ni\data\ni.log
  • Sys:\ni\data\nioutput.txt

If there are issues during the installation, the errors will be captured in these files.

Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions.

© Copyright Micro Focus or one of its affiliates