In multinode installations you may find that the Amconsole home page fails to appear. Refer to the solution listed below:
Login to the realm console of the first instance (for example: <first-node-protocol>://<first-node-fqdn>:<first-node-port>/amserver)
Click on the link corresponding to the default realm.
In the text field for “Realm/DNS Aliases”, enter “<node2–fqdn>” and click Add.
Click Save.
Click on the “Realms” link in the bread crumb above the tabs.
Click on the “Configuration” tab.
Click on the “System Properties” tab
Click on the “Platform” service tab.
Under “Instance Name”, click the “New...” button.
In the “Server” field, enter “<node2–protocol://<node2–fqdn>:<node2–port>”.
In the “Instance Name” field, enter an unused number (for example, the number 2).
Click “OK”.
Click “Save”.
The problem of web server startup failures can be attributed to the Access Manager's SDK configuration. In the current scenario, the AMConfig.properties file contains the wrong information and causes a series a web server startup failures. The following variables do not have the correct information:
com.iplanet.am.directory.host
com.iplanet.am.server.host
com.iplanet.am.console.host
com.iplanet.am.profile.host
com.iplanet.am.naming.url
com.iplanet.am.notification.url
Solution On your node B, where Access Manager SDK is installed with Web Server, modify the <Web_Server_Instance_dir>/config/server.xml file and add the required Access Manager JAR files to the classpath.
While installing Access Manager, using the CLI, you may not be presented with a dialog box that provides warning information concerning your configuration. This dialog box does not appear while using the CLI.
Solution Use the graphical user interface (GUI) to install Access Manager.
The Java ES Installer does not add a platform entry for an existing directory server installation (DIRECTORY_MODE=2).
Solution Edit the platform service Server List attribute to add the second instance. For example. if the first instance is host1.example.com, it will have an entry such as http://host1.example.com:port|01. If the second instance is on host2 and uses the same Directory Server as host1, use the Access Manager administrator console to add an entry such as http://host2.example.com:port|02.
To improve the search performance, Directory Server has several new indexes. Therefore, after you install Access Manager with an existing directory information tree (DIT), rebuild the Directory Server indexes by running the db2index.pl script. For example: # ./db2index.pl -D "cn=Directory Manager" -w password -n userRoot
The db2index.pl script is available in the DS-install-directory/slapd-hostname/ directory.
Solution For every user created through the use of the commadmin command line interface, you will need to register all of the missing services with the Access Manager admin console.
Solution In both Directory Server, make sure to have inside cn=config, cn=ldbm database,cn=plugins, cn=config, nsslapd-lookthroughlimit set to -1.
The installer does not configure the web container for a console-only installation on a local server.
Solution Perform a console only installation in two separate installation sessions:
In the first installation session, perform a “Configure Now” install of the web container (Application Server or Web Server).
In the second installation session, perform a “Configure Later” install of Access Manager Administration Console.
After the second session is finished, change to the Access Manager utilities directory. For example, on Solaris systems:
# cd AccessManager-base/SUNWam/bin/ |
where AccessManager-base is the Access Manager base installation directory.
Copy the amsamplesilent file and specify a new file name.
Edit the copy of the amsamplesilent file to specific the configuration information, including DEPLOY_LEVEL (2 for console only) CONSOLE_HOST, CONSOLE_PORT, and SERVER_PORT variables.
Run the amconfig script with the edited amsamplesilent file. For example:
# ./amconfig -s copy-of-amsamplesilent |
where copy-of-amsamplesilent is the name of the copy of the amsamplesilent file.
For more information about the amsamplesilent file and amconfig script, see the Access Manager 2005Q4 Administration Guide.
After the Access Manager upgrade process is finished, the upgrade log indicates that the DB based logging was not handled correctly.
Solution None. The current release of the Access Manager upgrade process does not support DB based logging.
If Directory Server is already installed and has SSL enabled, the installation of Access Manager 2005Q1 will fail. To install Access Manager 2005Q1, first disable SSL for Directory Server. After the Access Manager installation is finished, then re-enable SSL for Directory Server.
In passwords (such as for amadmin) and the Directory Server root suffix, Access Manager does not support a single quote (\q). The back-slash (\\), however, is supported.
When you run the Java Enterprise System installer, the installation of Access Manager 2005Q1 fails if Directory Server 5.1 SP2 is configured to require users to change their passwords the first time they log in.
Solution Set the Directory Server password reset policy to “off”.