The following information pertains to the installation process using the Java Enterprise System installer.
The Java ES 2005Q4 installer is responsible for installing Java 1.5_03 to your system. You will not have to download a later version of Java in order to complete the installation.
Two versions of Directory Server are installed on Solaris 9 systems. When starting or stopping Directory Server you need to specify which version of Directory Server explicitly (for example, 5.2). This task is documented in the Installation Guide.
Also, a Portal Server log issue appears in the Solaris operating system (6267783). If the installer crashes or you interrupt the installation process, you should delete the /tmp/.jes_CaChE directory before restarting the installation process.
A key issue is that the installer does not allow you to perform a deployment in the CLI mode because the installer does not allow you to select only the Gateway sub-components.
Solution Use the installer in the GUI mode.
The installer should check if shared components is an evaluation component and replace it if in fact it is an evaluation component.
Solution Ensure that the workstation does not have an evaluation component installed before beginning an installation.
In the Netlet proxy panel, the installer does not accept the valid IP address and asks to enter the valid IP address. This problem also occurs in the GUI mode .
Solution Ensure that the /etc/hosts file contains the correct information.
Any Java ES 2005Q4 installation using CD swaps from within zones will fail. Installation into non-global zones from CDs is not supported in Java ES 2005Q4. Specifically, installation of Sun Cluster on a local zone is also not supported.
When installing build 10 on Solaris 9, update 6 on the install fails because it requires a patch that is not applicable on update 6 (patch 117714–06).
Solution Install the SUNWced and SUNWcedu packages.
The post installation configurator doe not copy the localization files into the directory where soar.war is deployed. The localization packages are installed under /opt/SUNWsoar/webapps/WEB-INF.
Solution After running the install target of configurator as normal the localization packages may be installed by typing the following command:
ant —f build-install.xml install.l10n
Solution Only use the version of comm_dssetup.pl found in /opt/SUNWcomds/sbin. Ignore all other versions.
When you install Messaging Server on Solaris 10, you get a “hostname not a fully-qualified domain name” error. Solaris 10 supports IPv6. Ipnodes are found in the hostname resolution path.
Solution Manually add the FQDN to both the /etc/hosts and the /etc/inet/ipnodes files.
If /share is an automount directory with nothing mounted to it, the installer flags “not enough space on /share “ when Sun Cluster agents are installed.
Solution Unmount /share and run the installer again.
# umount /share
When you run the installer in silent mode, SUNWpr and SUNWtls are not upgraded.
Solution Use pkadd to manually install from the Solaris operating system.
Please note that log messages are not always valid. For example, the “no software was installed” message appears even if some (but not all) component products are installed after an error of some sort.
All occurrences of Sun ONE in the names and descriptions of the data services for Java ES applications should read “Sun Java System”. For example, “Sun Cluster data service for Sun ONE Application Server” should read “...for Sun Java System Application Server”.
When a component product is selected, the installer automatically selects to install any dependent component products. The component product selection page does not indicate that the dependencies have been selected along with the original component product.
Solution None.
The “**” to indicate a disabled selection is not implemented globally.
Solution None.
In multinode installations you may find that the Amconsole home page fails to appear. Refer to the solution listed below:
Login to the realm console of the first instance (for example: <first-node-protocol>://<first-node-fqdn>:<first-node-port>/amserver)
Click on the link corresponding to the default realm.
In the text field for “Realm/DNS Aliases”, enter “<node2–fqdn>” and click Add.
Click Save.
Click on the “Realms” link in the bread crumb above the tabs.
Click on the “Configuration” tab.
Click on the “System Properties” tab
Click on the “Platform” service tab.
Under “Instance Name”, click the “New...” button.
In the “Server” field, enter “<node2–protocol://<node2–fqdn>:<node2–port>”.
In the “Instance Name” field, enter an unused number (for example, the number 2).
Click “OK”.
Click “Save”.
The problem of web server startup failures can be attributed to the Access Manager's SDK configuration. In the current scenario, the AMConfig.properties file contains the wrong information and causes a series a web server startup failures. The following variables do not have the correct information:
com.iplanet.am.directory.host
com.iplanet.am.server.host
com.iplanet.am.console.host
com.iplanet.am.profile.host
com.iplanet.am.naming.url
com.iplanet.am.notification.url
Solution On your node B, where Access Manager SDK is installed with Web Server, modify the <Web_Server_Instance_dir>/config/server.xml file and add the required Access Manager JAR files to the classpath.
While installing Access Manager, using the CLI, you may not be presented with a dialog box that provides warning information concerning your configuration. This dialog box does not appear while using the CLI.
Solution Use the graphical user interface (GUI) to install Access Manager.
The Java ES Installer does not add a platform entry for an existing directory server installation (DIRECTORY_MODE=2).
Solution Edit the platform service Server List attribute to add the second instance. For example. if the first instance is host1.example.com, it will have an entry such as http://host1.example.com:port|01. If the second instance is on host2 and uses the same Directory Server as host1, use the Access Manager administrator console to add an entry such as http://host2.example.com:port|02.
To improve the search performance, Directory Server has several new indexes. Therefore, after you install Access Manager with an existing directory information tree (DIT), rebuild the Directory Server indexes by running the db2index.pl script. For example: # ./db2index.pl -D "cn=Directory Manager" -w password -n userRoot
The db2index.pl script is available in the DS-install-directory/slapd-hostname/ directory.
Solution For every user created through the use of the commadmin command line interface, you will need to register all of the missing services with the Access Manager admin console.
Solution In both Directory Server, make sure to have inside cn=config, cn=ldbm database,cn=plugins, cn=config, nsslapd-lookthroughlimit set to -1.
The installer does not configure the web container for a console-only installation on a local server.
Solution Perform a console only installation in two separate installation sessions:
In the first installation session, perform a “Configure Now” install of the web container (Application Server or Web Server).
In the second installation session, perform a “Configure Later” install of Access Manager Administration Console.
After the second session is finished, change to the Access Manager utilities directory. For example, on Solaris systems:
# cd AccessManager-base/SUNWam/bin/ |
where AccessManager-base is the Access Manager base installation directory.
Copy the amsamplesilent file and specify a new file name.
Edit the copy of the amsamplesilent file to specific the configuration information, including DEPLOY_LEVEL (2 for console only) CONSOLE_HOST, CONSOLE_PORT, and SERVER_PORT variables.
Run the amconfig script with the edited amsamplesilent file. For example:
# ./amconfig -s copy-of-amsamplesilent |
where copy-of-amsamplesilent is the name of the copy of the amsamplesilent file.
For more information about the amsamplesilent file and amconfig script, see the Access Manager 2005Q4 Administration Guide.
After the Access Manager upgrade process is finished, the upgrade log indicates that the DB based logging was not handled correctly.
Solution None. The current release of the Access Manager upgrade process does not support DB based logging.
If Directory Server is already installed and has SSL enabled, the installation of Access Manager 2005Q1 will fail. To install Access Manager 2005Q1, first disable SSL for Directory Server. After the Access Manager installation is finished, then re-enable SSL for Directory Server.
In passwords (such as for amadmin) and the Directory Server root suffix, Access Manager does not support a single quote (\q). The back-slash (\\), however, is supported.
When you run the Java Enterprise System installer, the installation of Access Manager 2005Q1 fails if Directory Server 5.1 SP2 is configured to require users to change their passwords the first time they log in.
Solution Set the Directory Server password reset policy to “off”.
The HTTP administrator interface and related files may be susceptible to DOS attacks.
Solution It is recommended that you temporarily remove the help.exe file until a fix is available. Also, do not run Administration server as a privileged system user. It is also recommended that you firewall and filter Administration Server access to allow trusted hosts only.
If you install Access Manager 7.0 on Application Server 8.1 and choose non-default URIs for Access Manager (for example, idserver instead of amconsole and idconsole instead of amconsole). Specifically, in the amas81configfile, the configureServerPolicy() does not account for the use case in which Access Manager is being configured with default URIs. Instead it assumes that the Access Manager war files will be deployed with the default URIs and grant permissions to amserver.war, amconsole.war, and ampassword.war.
Solution Perform the following procedure:
Stop the application server instance on which Access Manager was deployed.
Change to the following directory: ${AS_DOMAINS_DIR}/${AS_DOMAIN}/config
Type the following command: cp server.policy server.policy.orig
Locate the following policies grant codeBase: "file:\${com.sun.aas.instanceRoot}/applications/j2ee-modules/amserver/-" { permission java.net.SocketPermission "*", "connect,accept,resolve"; permission java.util.PropertyPermission "*", "read, write"; }; grant codeBase "file:\${com.sun.aas.instanceRoot}/applications/j2ee-modules/amconsole/-" { permission java.net.SocketPermission "*", "connect,accept,resolve"; permission java.util.PropertyPermission "*", "read, write"; }; grant codeBase "file:\${com.sun.aas.instanceRoot}/applications/j2ee-modules/ampassword/-" { permission java.net.SocketPermission "*", "connect,accept,resolve"; permission java.util.PropertyPermission "*", "read, write"; };
Replace "amserver" with the URI for the services web application in the line grant codeBase "file:\${com.sun.aas.instanceRoot}/applications/j2ee-modules/amserver/-" {
For legacy mode installations, replace "amconsole" with the URI for the console web application in the line grant codeBase "file:\${com.sun.aas.instanceRoot}/applications/j2ee-modules/amconsole/-" {
Replace "ampassword" with the URI for the password web application in the line grant codeBase "file:\${com.sun.aas.instanceRoot}/applications/j2ee-modules/ampassword/-" {
Start the application server instance on which Access Manager was deployed.
When stopping the Administration Server and using patchadd to apply a patch the process fails.
Solution You must start the Administration Server before applying the patch.
Sun JavaTM System Application Server Enterprise Edition 8.1 2005Q2 Update 2 is the correct notation. The notation Sun JavaTMSystem Application Server Enterprise Edition 8.1 2005Q4 was in error.
The installer prompts you for the “server name” for the Application Server. However, the installer uses the actual host name of the machine regardless of what you input in the text field.
Solution If the server name is different from the server’s host name, become superuser and type the following in the domain directory of interest (the “server root” directory):
# find . -type f -exec grep -l $HOSTNAME {} \\ ;
Then, change the file contents appropriately.
Calender Server does not work with HA (Sun Cluster) on Solaris 10 without patch 120500–02 (6308379)
Solution Install patch 120500–02.
When too many connections are established to the DPS server from a remote node, the DPS response is slow and exceptions are thrown.
Solution None
Since the agents are separate products, they should have patches that can be applied stand-alone to the agents' products.
Solution None.
When components are configured the corresponding output is sent to the installer's stdout instead of the log. This action places the CLI progress bar on multiple lines in the installer output.
Solution None
You cannot configure Directory Server if you are reinstalling after having uninstalled. During the uninstall, /var/opt is not removed. As a result, the Directory slapd is not found and there are errors logged when you try to start Directory Server.
Solution After uinstalling Directory Server, remove /var/opt before you reinstall.
If you install Directory Server in one session and then try to install Administration Server in a second session, the box for Administration Server is already checked even though it is not installed and configured. You therefore cannot install and configure Administration Server.
Solution Install Directory Server and Administration Server in the same session. Or, refer to the Directory Server Administration documentation to learn how to manually configure Administration Server.
If you remove the Solaris packages directly, the next time the installer is run, it may see Message Queue as still being installed and not behave correctly.
Solution If you have already removed the Message Queue packages manually, you must uninstall Message Queue using the uninstaller. Run the uninstaller and select Message Queue components for removal.
Existing deployments who do not wish to upgrade the server will have to explicitly set the property of collaboration session factory object to use the Legacy protocol implementation. In the API place the following constructor to create a ColloaborationSessionFactor: CollaborationSessionFactory factory = newCollaborationSessionFactory(“com.iplanet.im.client.api.ilMSessionFactory”);
Solution
Install and configure Directory Server and Administration Server on the directory system.
Install Administration Server and Messaging Server on the Messaging system. Administration Server can be configured during the installation, but Messaging Server cannot.
Configure Messaging Server.
In order to use Messaging Server with Schema 2 support, you must install Access Manager and Directory Server.
Solution Currently, the only way to get Schema 2 support into Directory Server is to install Access Manager.
Access Manager also requires Web Server (or Application Server) to act as its web container. If Access Manager is not installed with Directory Server, then only Schema 1 is used by Messaging Server. Because there are no user selectable options for Schema 1 or 2 during the Java Enterprise System installation, Access Manager must be installed to update Directory Server.
Solution Refer to the following publication for the latest upgrade documentation regarding this issue:
Sun Java Enterprise System 2005Q4 Upgrade Guide
Solution On a Solaris 10 system, after starting the gateway watchdog process, issue the command:
#svcadm restart cron
The following exceptions may appear in the Application Server log during Portal installation:
java.lang.ClassNotFoundException: com.sun.mobile.filter.AMLController
Solution This is normal.
When upgrading Portal Server from Java ES 2005Q1 into Java ES 2005Q4, using docs Sun Java Enterprise System 2005Q4, Upgrade Guide, July 29, 2005, command deploy does not work. This bug also applies to Administration Server and Access Manager. The bug only occurs when the file $HOME/.asadmintruststore is not present.
Solution Press “Y” and the Enter key, if command “deploy redeploy” stops and the question “Do you trust the above certificate [y/n] appears in a log (/var/opt/SUNWam/debug/deploy.log).
Solution Launch a browser to access the amconsole. Under the Service Configuration tab, choose gateway. In the right-bottom corner of the web page, choose the default link then choose the security tab. Add URL like "http://IS_HOST:PORT/amserver/UI/Login" into the Non-authenticated URLs: field. For example: http://boa.prc.sun.com:80/amserver/UI/Login. Next, restart gateway using the following command: /etc/init.d/gateway -n default start debug.
Current Portal Servers still use JCE 1.2.1 packages which expire on July 27th, 2005.
Solution Although this issue exists for all Java ES releases from Java ES 2003Q4 to Java ES 2005Q4 and the JCE 1.2.1 files appear in the distribution, the files are not being used and will not affect Java ES 2005Q4.
The remove_Wireless process fails during Portal Server unconfigure operation (psconfig and unconfigurewithscrubds).
Solution Edit the remove_Wireless file and comment out the empty if statement. An example is shown below:
#Perform web container specific un-config
#
#if [ “$DEPLOY_TYPE” == “IWS” ]; then
#elif [ “$DEPLOY_TYPE” = “SUNONE” ]; then
#fi
Solution To start the gateway type ./gateway start -n default. In order to stop the gateway type /gateway stop -n default.
A fix is available in patches 118950–14 (Solaris SPARC), 118951–14 (Solaris/x86), and 118952–14 (Linux).
Solution Each time the Portal Server, Administration Server or Web Server is restarted, the gateway must also be restarted. Enter gateway stop to stop the server and gateway start to start the server.
When the proxylet is enabled, SRA still uses the rewriter technology to fetch the login pages and a part of the desktop page before the proxylet starts.
Solution None
Launching the instant messaging link and refreshing the portal desktop causes the “ERROR: content is not available” to appear. Also, an exception is thrown in this file:
/var/opt/SUNWam/desktop.debug.
Solution Edit the domain.xml file (located in /var/opt/SUNWappserver/domain1/config and perform the following
Modify the Java configuration classpath-prefix with /usr/share/lib/jaxen-core.jar
Type stop-domain domain1
Type asadmin start-domain
Enter your user name and password.
Clicking on the help icon from the SampleIFrame Channel produces “HTTP Status 404 — /portal/docs/en/desktop/iframechann.htm” is not available.
Solution None. No help is provided with iFrame provider.
During installation and uninstallation of Portal Server, the installer and uninstaller appear to hang. The delay can be up to 30 minutes before installation/uninstallation finishes successfully.
Solution None.
Regardless of the installation mode, gateway redirection does not occur during a multi-session installation.
Solution
Launch a Portal Server browser and access the amconsole.
Under “Service Configuration” tab, select “gateway”.
In the lower right corner of the window, click “default” and “security” tab as well.
Then, add a URL like “http://IS_HOST:PORT/amserver/UI/Login” into “Non-authenticated URLs:” field.
An example URL is http://boa.prc.sun.com:80/amserver/UI/Login.
Finally, restart the Portal gateway by doing the following as superuser:
# /etc/init.d/gateway -n default start debug |
This bug can cause failure of the Java Enterprise System common agent container.
Platform/Architecture: This bug only occurs with the Solaris 10 system running on the x86 architecture or the SPARC architecture and with the Java 2 Runtime Environment, Standard Edition 1.5. Depending on cryptoadm configuration you have, the common agent container could fail on a Solaris 10 system when you open an SSL connection.
Solution Run the following command as root: crypto disable metaslot.
Common agent container displays the version number after the module number.
Solution Two workarounds are available. (1) Stop common agent container (this stops all common agent container modules, including the JesMF module and its dependant modules). (2) Alternatively, you can also use common agent container admin commands to manually undeploy modules that have dependencies on JesMF and then undeploy the JesMF module.
The installer does not upgrade the SUNWtcatu package.
Solution Before commencing with installation, manually remove SUNWtcatu using pkgrm. Then, when you run the installer, the correct package version for Tomcat 4.0.5 is installed.
Solution Before commencing with installation, manually remove SUNWtcatu using pkgrm.
In the Sun Cluster 3.1 8/05 Installation Guide, the instruction for adding common agent container packages in the “How to Upgrade Dependency Software” sections for rolling and non-rolling upgrade is correct only for the common agent container distributed in SC31U4 IFR. The procedure is incorrect for the common agent container shipped in Java ES 2005Q4. For the common agent container shipped in Java ES 2005Q4, the correct instruction should be:
pkgadd —d . SUNWcacaocfg SUNWcacao
The installer gives you the option of choosing to install the Sun Cluster HA Application Server Agent with Application Server and HADB 8.1. However, the HA Application Server Agent does not support Application Server and HADB 8.1. As a result, you cannot configure HA Application Server.
Solution Do not install the HA Application Server Agent with Application Server and HADB 8.1.
Java Enterprise System 2005Q1 includes the Sun Cluster Data Service for the Sun Java System Directory Server 5 2004Q2. If you need the Sun Cluster Data Service for Sun Java System Directory Server 5.0 or 5.1 or for Netscape HTTP, version 4.1.6, it is available in the Sun Cluster 3.1 Data Services 10/03 release. To request this release, contact your Sun customer service representative.
Instead, it is installed from the Java Enterprise System 1 Accessory CD, volume 3. Also, the data services are not installed from the agents CD. Instead, they are installed from the Java Enterprise System 1 Accessory CD, volume 3.
If you have installed a Sun Cluster Agent prior to running the Java Enterprise System installer, the installer does not allow you to install additional agents.
Solution Install additional Sun Cluster Agents using pkgadd.
Solution Back-up all your configuration files. Then, remove the install directory before installing Web Server using the Java Enterprise System installer.
When startup on boot enabled, after successfully installing Web Proxy Server the installation summary report states that the installation and configuration failed.
Solution Configure the Web Proxy Server after the installation is complete.
Solution Resize the window. Then, click Back and Next. The window will display correctly.
Using the configure later option when installing on all locales results in a number of broken links for the SUNWasuee package.
Solution Add the localization packages manually after installation.