| Sun ONE Portal Server 6.2 Deployment Guide |
Appendix A
Troubleshooting Your Portal DeploymentThis appendix describes how to troubleshoot the Sun™ ONE Portal Server software and the Sun™ ONE Portal Server, Secure Remote Access (SRA) product.
This appendix contains the following sections:
Troubleshooting Sun ONE™ Portal ServerThis sections contains troubleshooting information for Portal Server.
UNIX Processes
For the portal to be functioning properly, check that the following root-owned processes are running. Use the ps command to see this output.
Directory Server:
/ns-slapd -D /usr/ldap/slapd-server -i /usr/ldap/slapd-server/logs/pid
Identity Server:
identity-server-install-root/SUNWam/bin/doUnix -c 8946
Portal Server:
./uxwdog -d portal-server-install-root/SUNWam/servers/https-server/config
ns-httpd -d portal-server-install-root/SUNWam/servers/https-server/config
Admin Web Server (optional, but usually running):
./uxwdog -d web-container-install-root/SUNWam/servers/https-admserv/config
ns-httpd -d web-container-install-root/SUNWam/servers/https-admserv/config
Log Files
Examine the following log files for errors.
Web Server (errors and access):
web-container-install-root/SUNWam/servers/https-server/logs
Directory Server:
/var/opt/SUNWam/logs
Recovering the Search Database
The Search database maintains recoverable transaction logs. Thus, under normal circumstances, you do not have to do anything to recover the database. Recovery from errors and transient conditions such as a full disk are straight forward. If desired, maintain Search database archives and restore from an archive in case you lost the entire database. In this scenario, you would copy the archive to the original database to recover it.
To Recover the Database
Stopping and Starting Portal Server
Use the following commands to stop and start the portal and its associated processes. You do not need to stop the server to restart it. If you start a server that is already running, the server is stopped and restarted.
To Stop Portal Server
Type:
/etc/init.d/amserver stop
To Start Portal Server
Type:
/etc/init.d/amserver start
To start multiple instances of Portal Server, type:
/etc/init.d/amserver startall
Working with the Display Profile
If you need to troubleshoot the XML contents of your portal’s display profile, it is useful to extract it to a file for examination. At some point in the troubleshooting process, it might be useful to reload the display profile.
To Extract the Display Profile
To Reload the Display Profile
- Login as administrator.
- Use the dpadmin command to reload the display profile. For example:
./dpadmin modify -u "uid=amAdmin,ou=People,o=sesta.com,o=isp" -w password -d "o=sesta.com,o=isp" /tmp/updated_displayxml
This example reloads the contents of the display profile from the /tmp/updated_displayxml file.
High CPU Utilization for Portal Server Instance
When using the Cisco Content Services Switch, you might see a very high CPU utilization on the Portal Server instance with Sun™ ONE Web Server error file showing the following message every five seconds.
[20/Jan/2003:16:53:36] failure ( 5926): Error accepting connection -5928, oserr=130 (Connect aborted)
The cause of this error is a “sticky bit” setting within the Cisco Content Services Switch that is causing these errors. These load balancers periodically ping the servers (every five seconds) to verify that they are alive. After turning off the “sticky bit” setting, which disables the ping to the server every 5 seconds, the errors will no longer show up in Web Server.
Configuring a Sun ONE Portal Server Instance to Use an HTTP Proxy
If the Portal Server software is installed on a host that cannot directly access certain portions of the Internet or your intranet, you can receive errors. For example, when using the SampleSimpleWebService provider, you might see the following error when the proxy has not been configured:
To Configure Usage of an HTTP Proxy for a Portal Server Instance
- Change directories to the portal server install root directory containing the configuration for the instance.
cd portal-server-install-root/SUNWam/servers/https-servername/config
- Edit the server.xml file within this directory and add the following lines:
http.proxyHost=proxy-host
http.proxyPort=proxy-port
http.nonProxyHosts=portal-host
where proxy-host is the fully-qualified domain name of the proxy host, proxy-port is the port on which the proxy is run, and portal-host is the fully qualified domain name of the portal host.
Troubleshooting SRAThis section describes how to capture information that Sun ONE support personnel need to troubleshoot problems in your deployment.
Introduction to shooter
The shooter tool captures all the information that the development and support team will require to troubleshoot problems in your deployment of the Sun™ ONE Portal Server, Secure Remote Access product. You can also run this tool on a Portal Server machine.
This tool captures the following data:
- Installation type—Determines if the installation has Portal Server, Portal Server with Secure Remote Access support, or Portal Server with SRA
- System configuration related information—Determines the host, domain, operating system, version, CPU type and speed, clock speed, and memory available
- Processors, processor sets, and the SRA processes bound to them
- SRA installation log
- The platform.conf file(s)
- The settings in the gateway script such as the JVM™ settings including heap usage, and library path
- Gateway service settings
- Tuning settings in various files used for configuring Sun™ ONE Identity Server, Sun™ ONE Directory Server, and Sun™ ONE Web Server
- Output of the Java™ garbage collection
- A memory or process footprint while the gateway was being used
- Formatted debug log files
- Rewriter rulesets
Using shooter
The shooter tool includes five files as described below.
shooter.sh
This is the main script. Run this script after a test or just before starting a test on the SRA installation.
From portal-server-install-root/bin/perf, type:
./shooter.sh
This tool collects data under a temporary folder and displays the folder name.
gctool.pl
This script collects and formats the garbage collection output from the JVM.
To run gctool, start the gateway, and type the following to redirect the output to this script and allow collection throughout the test.
/etc/init.d/gateway -n default start | gctool.pl
At the end of the test period, run shooter to collect the output of gctool along with other data.
memfoot.sh
This script tracks the memory footprint of a process. Start this script after starting the gateway and allow it to run during the duration of the test. The largest process with the given name or PID is tracked after every specified number of seconds.
To run memfoot, type:
./memfoot java 60
The output of this script is a time-stamped process status file. The shooter tool collects this output along with the rest of the data.
uniq.pl
This script is used internally by shooter to find unique lines and their count. The advantage over the system uniq script is that it finds non-adjacent unique lines.
GWDump.class
This class is called internally by shooter to obtain the gateway settings in the administration console.
SRA Log Files
Examine the following log files for errors.
Gateway:
/var/opt/SUNWps/debug/srapGateway_gateway-hostname_gateway-profile-name
NetFile:
/var/opt/SUNWps/debug/srapNetFile
Netlet:
/var/opt/SUNWps/debug/srapNetlet_gateway-hostname_gateway-profile-name
