Environment
Novell ZENworks 11 Configuration Management Appliance
Novell ZENworks 11 Configuration Management
Situation
ZENworks Linux server upgraded to ZENworks 11, either by media-based upgrade or Appliance Upgrade
Cannot login on managed devices
ERROR: Unable to log into the network because the login credentials or the server certificate is incorrect
File /srv/www/casaats/logs/start.log contains:
PID file (/var/lib/CASA/authtoken/svc/casaatsd.pid) found. Is Tomcat still running? Start aborted.
Resolution
This is fixed in version 11.1 - see KB 7008746 "ZENworks Configuration Management 11.1 - update information and list of fixes" which can be found at https://www.novell.com/support
Workaround:
- In the file /srv/www/casaats/conf/server-sun.xml, search for <Connector (It will be in the <!-- SSL_CONNECTOR_BEGIN --> section)
- Append
keyAlias="tomcat" protocol="HTTP/1.1" SSLEnabled="true"
to the Connector tag. (These attributes can be found in the <Connector section of the /srv/www/casaats/conf/server-sun.xml.rpmnew file) - At the end it should look similar to:
<Connector acceptCount="300" algorithm="SunX509" clientAuth="false" debug="0" disableUploadTimeout="true" enableLookups="false" keystoreFile="/etc/opt/novell/zenworks/security/server.keystore" keystorePass="ad034c9b6fdefcdfbdaa8578a090f3b4" maxSpareThreads="75" maxThreads="150" minSpareThreads="25" port="2645" scheme="https" secure="true" sslProtocol="TLS" keyAlias="tomcat" protocol="HTTP/1.1" SSLEnabled="true"/>
(note that parameters can appear in a different order, and that the line has been split here to aid readability) - For "regular" (i.e., non-Appliance) servers, restart the casa ats server
/etc/init.d/casa_atsd restart - For Appliance servers, delete the casaatsd.pid file and start the casa ats server
rm -f /var/lib/CASA/authtoken/svc/casaatsd.pid
/etc/init.d/casa_atsd start
Additional Information
Note that this problem will occur on all upgraded Appliance servers, but has only been observed on a few upgraded systems that are not Appliances.