Known Issues and Limitations: Installation

The following information pertains to the installation process using the Java Enterprise System installer.

Miscellaneous Installation Issues

Installation Media Issues

The Java ES 2005Q4 installer is responsible for installing Java 1.5_03 to your system. You will not have to download a later version of Java in order to complete the installation.

Two versions of Directory Server are installed on Solaris 9 systems. When starting or stopping Directory Server you need to specify which version of Directory Server explicitly (for example, 5.2). This task is documented in the Installation Guide.

Also, a Portal Server log issue appears in the Solaris operating system (6267783). If the installer crashes or you interrupt the installation process, you should delete the /tmp/.jes_CaChE directory before restarting the installation process.

In CLI Mode, the Installer does not let you install Portal Server Gateway Alone (6279513)

A key issue is that the installer does not allow you to perform a deployment in the CLI mode because the installer does not allow you to select only the Gateway sub-components.

Solution Use the installer in the GUI mode.

Java ES 2005Q4 Installer needs a mechanism to query if a product license is of type evaluation (6265136)

The installer should check if shared components is an evaluation component and replace it if in fact it is an evaluation component.

Solution Ensure that the workstation does not have an evaluation component installed before beginning an installation.

Problem with IP Address validation for Netlet Proxy (6317592)

In the Netlet proxy panel, the installer does not accept the valid IP address and asks to enter the valid IP address. This problem also occurs in the GUI mode .

Solution Ensure that the /etc/hosts file contains the correct information.

Zone improvement and physical media installation (6298792)

Any Java ES 2005Q4 installation using CD swaps from within zones will fail. Installation into non-global zones from CDs is not supported in Java ES 2005Q4. Specifically, installation of Sun Cluster on a local zone is also not supported.

Installer requests patch that is not applicable on Solaris 9, update 6 (6315304)

When installing build 10 on Solaris 9, update 6 on the install fails because it requires a patch that is not applicable on update 6 (patch 117714–06).

Solution Install the SUNWced and SUNWcedu packages.

Post installation configurator does not copy localization files into the directory where soar.war is deployed (6274056)

The post installation configurator doe not copy the localization files into the directory where soar.war is deployed. The localization packages are installed under /opt/SUNWsoar/webapps/WEB-INF.

Solution After running the install target of configurator as normal the localization packages may be installed by typing the following command:

ant —f build-install.xml install.l10n

Multiple versions of comm_dsetup.pl exist (6226161)

Solution Only use the version of comm_dssetup.pl found in /opt/SUNWcomds/sbin. Ignore all other versions.

FQDN error when installing Messaging Server on Solaris 10 (no issue ID)

When you install Messaging Server on Solaris 10, you get a “hostname not a fully-qualified domain name” error. Solaris 10 supports IPv6. Ipnodes are found in the hostname resolution path.

Solution Manually add the FQDN to both the /etc/hosts and the /etc/inet/ipnodes files.

Insufficient disk space in /share (5099218)

If /share is an automount directory with nothing mounted to it, the installer flags “not enough space on /share “ when Sun Cluster agents are installed.

Solution Unmount /share and run the installer again.

# umount /share

Installer in silent mode does not upgrade some shared component packages (6208244)

When you run the installer in silent mode, SUNWpr and SUNWtls are not upgraded.

Solution Use pkadd to manually install from the Solaris operating system.

Installation log messages are not always valid (no specific ID)

Please note that log messages are not always valid. For example, the “no software was installed” message appears even if some (but not all) component products are installed after an error of some sort.

Mentions of “Sun ONE” in data services should be “Sun Java System” (no specific ID)

All occurrences of Sun ONE in the names and descriptions of the data services for Java ES applications should read “Sun Java System”. For example, “Sun Cluster data service for Sun ONE Application Server” should read “...for Sun Java System Application Server”.

Auto-selection of components in component selection page confusing (4957873)

When a component product is selected, the installer automatically selects to install any dependent component products. The component product selection page does not indicate that the dependencies have been selected along with the original component product.

Solution None.

Selected component notation inconsistent from page to page (5033467)

The “**” to indicate a disabled selection is not implemented globally.

Solution None.

Access Manager Installation

Amconsole home page is not coming up in multinode installations (6291099)

In multinode installations you may find that the Amconsole home page fails to appear. Refer to the solution listed below:

1. Login to the realm console of the first instance (for example: <first-node-protocol>://<first-node-fqdn>:<first-node-port>/amserver)

2. Click on the link corresponding to the default realm.

3. In the text field for “Realm/DNS Aliases”, enter “<node2–fqdn>” and click Add.

4. Click Save.

5. Click on the “Realms” link in the bread crumb above the tabs.

6. Click on the “Configuration” tab.

7. Click on the “System Properties” tab

8. Click on the “Platform” service tab.

9. Under “Instance Name”, click the “New...” button.

10. In the “Server” field, enter “<node2–protocol://<node2–fqdn>:<node2–port>”.

11. In the “Instance Name” field, enter an unused number (for example, the number 2).

12. Click “OK”.

13. Click “Save”.

Access Manager SDK configuration causes web server startup failure errors (6293225)

The problem of web server startup failures can be attributed to the Access Manager's SDK configuration. In the current scenario, the AMConfig.properties file contains the wrong information and causes a series a web server startup failures. The following variables do not have the correct information:

• com.iplanet.am.directory.host

• com.iplanet.am.server.host

• com.iplanet.am.console.host

• com.iplanet.am.profile.host

• com.iplanet.am.naming.url

• com.iplanet.am.notification.url

Solution On your node B, where Access Manager SDK is installed with Web Server, modify the <Web_Server_Instance_dir>/config/server.xml file and add the required Access Manager JAR files to the classpath.

Unable to install Access Manager (using CLI) without Directory Server in a multi-node deployment (6305887)

While installing Access Manager, using the CLI, you may not be presented with a dialog box that provides warning information concerning your configuration. This dialog box does not appear while using the CLI.

Solution Use the graphical user interface (GUI) to install Access Manager.

Installer doesn't add platform entry for existing directory install (6202902)

The Java ES Installer does not add a platform entry for an existing directory server installation (DIRECTORY_MODE=2).

Solution Edit the platform service Server List attribute to add the second instance. For example. if the first instance is host1.example.com, it will have an entry such as http://host1.example.com:port|01. If the second instance is on host2 and uses the same Directory Server as host1, use the Access Manager administrator console to add an entry such as http://host2.example.com:port|02.

Installing Access Manager on an existing DIT requires rebuilding Directory Server indexes (6268096)

To improve the search performance, Directory Server has several new indexes. Therefore, after you install Access Manager with an existing directory information tree (DIT), rebuild the Directory Server indexes by running the db2index.pl script. For example: # ./db2index.pl -D "cn=Directory Manager" -w password -n userRoot

The db2index.pl script is available in the DS-install-directory/slapd-hostname/ directory.

Access Manager registered portal services are not added to user when created through the Access Manager SDK (6280171)

Solution For every user created through the use of the commadmin command line interface, you will need to register all of the missing services with the Access Manager admin console.

Sub-org creation not possible from one Identity Server by using Identity Server amadmin CLI (5001850)

Solution In both Directory Server, make sure to have inside cn=config, cn=ldbm database,cn=plugins, cn=config, nsslapd-lookthroughlimit set to -1.

Console-only install configuration fails (5047119)

The installer does not configure the web container for a console-only installation on a local server.

Solution Perform a console only installation in two separate installation sessions:

1. In the first installation session, perform a “Configure Now” install of the web container (Application Server or Web Server).

2. In the second installation session, perform a “Configure Later” install of Access Manager Administration Console.

3. After the second session is finished, change to the Access Manager utilities directory. For example, on Solaris systems:

   # cd AccessManager-base/SUNWam/bin/

   where AccessManager-base is the Access Manager base installation directory.

4. Copy the amsamplesilent file and specify a new file name.

5. Edit the copy of the amsamplesilent file to specific the configuration information, including DEPLOY_LEVEL (2 for console only) CONSOLE_HOST, CONSOLE_PORT, and SERVER_PORT variables.

6. Run the amconfig script with the edited amsamplesilent file. For example:

   # ./amconfig -s copy-of-amsamplesilent

   where copy-of-amsamplesilent is the name of the copy of the amsamplesilent file.

   For more information about the amsamplesilent file and amconfig script, see the Access Manager 2005Q4 Administration Guide.

pre61to62upgrade script does not handle DB based logging correctly (5042233)

After the Access Manager upgrade process is finished, the upgrade log indicates that the DB based logging was not handled correctly.

Solution None. The current release of the Access Manager upgrade process does not support DB based logging.

Installing Access Manager 2005Q1 With SSL Enabled Directory Server (no Issue ID)

If Directory Server is already installed and has SSL enabled, the installation of Access Manager 2005Q1 will fail. To install Access Manager 2005Q1, first disable SSL for Directory Server. After the Access Manager installation is finished, then re-enable SSL for Directory Server.

Single Quote Not Allowed in Passwords and Root Suffix (no issue ID)

In passwords (such as for amadmin) and the Directory Server root suffix, Access Manager does not support a single quote (\q). The back-slash (\\), however, is supported.

Installation of Access Manager fails if Directory Server 5.1 SP2 implements the Reset Password (4992507)

When you run the Java Enterprise System installer, the installation of Access Manager 2005Q1 fails if Directory Server 5.1 SP2 is configured to require users to change their passwords the first time they log in.

Solution Set the Directory Server password reset policy to “off”.

Administration Server Installation

Possible security exposure via HTTP administration interface (6252097)

The HTTP administrator interface and related files may be susceptible to DOS attacks.

Solution It is recommended that you temporarily remove the help.exe file until a fix is available. Also, do not run Administration server as a privileged system user. It is also recommended that you firewall and filter Administration Server access to allow trusted hosts only.

Deployment on Administration Server 8.1 with non-default URIs is inaccessible (6308426)

If you install Access Manager 7.0 on Application Server 8.1 and choose non-default URIs for Access Manager (for example, idserver instead of amconsole and idconsole instead of amconsole). Specifically, in the amas81configfile, the configureServerPolicy() does not account for the use case in which Access Manager is being configured with default URIs. Instead it assumes that the Access Manager war files will be deployed with the default URIs and grant permissions to amserver.war, amconsole.war, and ampassword.war.

Solution Perform the following procedure:

1. Stop the application server instance on which Access Manager was deployed.

2. Change to the following directory: ${AS_DOMAINS_DIR}/${AS_DOMAIN}/config

3. Type the following command: cp server.policy server.policy.orig

4. Locate the following policies grant codeBase: "file:\${com.sun.aas.instanceRoot}/applications/j2ee-modules/amserver/-" { permission java.net.SocketPermission "*", "connect,accept,resolve"; permission java.util.PropertyPermission "*", "read, write"; }; grant codeBase "file:\${com.sun.aas.instanceRoot}/applications/j2ee-modules/amconsole/-" { permission java.net.SocketPermission "*", "connect,accept,resolve"; permission java.util.PropertyPermission "*", "read, write"; }; grant codeBase "file:\${com.sun.aas.instanceRoot}/applications/j2ee-modules/ampassword/-" { permission java.net.SocketPermission "*", "connect,accept,resolve"; permission java.util.PropertyPermission "*", "read, write"; };

5. Replace "amserver" with the URI for the services web application in the line grant codeBase "file:\${com.sun.aas.instanceRoot}/applications/j2ee-modules/amserver/-" {

6. For legacy mode installations, replace "amconsole" with the URI for the console web application in the line grant codeBase "file:\${com.sun.aas.instanceRoot}/applications/j2ee-modules/amconsole/-" {

7. Replace "ampassword" with the URI for the password web application in the line grant codeBase "file:\${com.sun.aas.instanceRoot}/applications/j2ee-modules/ampassword/-" {

8. Start the application server instance on which Access Manager was deployed.

Administration Server patch fails to apply when server is stopped (6273652)

When stopping the Administration Server and using patchadd to apply a patch the process fails.

Solution You must start the Administration Server before applying the patch.

Application Server Installation

Java ES 2005Q4 Promoted build 08 shows incorrect Application Server Name ( 6297837)

Sun Java^TM System Application Server Enterprise Edition 8.1 2005Q2 Update 2 is the correct notation. The notation Sun Java^TMSystem Application Server Enterprise Edition 8.1 2005Q4 was in error.

Installer does not recognize host name user enters in configuration page (4931514)

The installer prompts you for the “server name” for the Application Server. However, the installer uses the actual host name of the machine regardless of what you input in the text field.

Solution If the server name is different from the server’s host name, become superuser and type the following in the domain directory of interest (the “server root” directory):

# find . -type f -exec grep -l $HOSTNAME {} \\ ;

Then, change the file contents appropriately.

Calendar Server Installation

Calender Server does not work with HA (Sun Cluster) on Solaris 10 without patch 120500–02 (6308379)

Solution Install patch 120500–02.

Directory Server Installation

Slow DPS response causing exceptions in web server and system instability

When too many connections are established to the DPS server from a remote node, the DPS response is slow and exceptions are thrown.

Solution None

Directory Server Agent package SUNWdsha for Sun Cluster needs separating from Directory Server patch (6198729)

Since the agents are separate products, they should have patches that can be applied stand-alone to the agents' products.

Solution None.

Directory Server configuration output splits the progress bar on silent mode (4928102)

When components are configured the corresponding output is sent to the installer's stdout instead of the log. This action places the CLI progress bar on multiple lines in the installer output.

Solution None

Cannot configure Directory Server if you reinstall after uninstalling (6223527)

You cannot configure Directory Server if you are reinstalling after having uninstalled. During the uninstall, /var/opt is not removed. As a result, the Directory slapd is not found and there are errors logged when you try to start Directory Server.

Solution After uinstalling Directory Server, remove /var/opt before you reinstall.

Cannot install Directory Server and Administration Server in separate sessions (5096114)

If you install Directory Server in one session and then try to install Administration Server in a second session, the box for Administration Server is already checked even though it is not installed and configured. You therefore cannot install and configure Administration Server.

Solution Install Directory Server and Administration Server in the same session. Or, refer to the Directory Server Administration documentation to learn how to manually configure Administration Server.

Message Queue Installation

If Message Queue is installed with Java ES installer you must use uninstaller to uninstall (no issue ID)

If you remove the Solaris packages directly, the next time the installer is run, it may see Message Queue as still being installed and not behave correctly.

Solution If you have already removed the Message Queue packages manually, you must uninstall Message Queue using the uninstaller. Run the uninstaller and select Message Queue components for removal.

Messaging Server Installation

The default factory is different in Java ES 2004Q2 and Java ES 2005Q1 (6200472)

Existing deployments who do not wish to upgrade the server will have to explicitly set the property of collaboration session factory object to use the Legacy protocol implementation. In the API place the following constructor to create a ColloaborationSessionFactor: CollaborationSessionFactory factory = newCollaborationSessionFactory(“com.iplanet.im.client.api.ilMSessionFactory”);

Problem installing Messaging Server and Directory Server on different machines (no specific ID)

Solution

To install Messaging Server and Directory Server on different machines

Steps

1. Install and configure Directory Server and Administration Server on the directory system.

2. Install Administration Server and Messaging Server on the Messaging system. Administration Server can be configured during the installation, but Messaging Server cannot.

3. Configure Messaging Server.

Using Messaging Server (and Directory Server) with Schema 2 support (4916028)

In order to use Messaging Server with Schema 2 support, you must install Access Manager and Directory Server.

Solution Currently, the only way to get Schema 2 support into Directory Server is to install Access Manager.

Access Manager also requires Web Server (or Application Server) to act as its web container. If Access Manager is not installed with Directory Server, then only Schema 1 is used by Messaging Server. Because there are no user selectable options for Schema 1 or 2 during the Java Enterprise System installation, Access Manager must be installed to update Directory Server.

Portal Server Installation

(Solaris and Linux) Portal Server upgrade failing — cannot find /opt/SUNWappserver7/bin/asadmin (6313972)

Solution Refer to the following publication for the latest upgrade documentation regarding this issue:

Sun Java Enterprise System 2005Q4 Upgrade Guide

SRA init scrips try to run /etc/init.d/cron (6300415)

Solution On a Solaris 10 system, after starting the gateway watchdog process, issue the command:

#svcadm restart cron

Application Server log contains Java exceptions, but install is successful (6320674)

The following exceptions may appear in the Application Server log during Portal installation:

java.lang.ClassNotFoundException: com.sun.mobile.filter.AMLController

Solution This is normal.

Portal Server Upgrade from Java ES 2005Q1 to Java ES 2005Q4 (redeploy) not working — waiting for a key “Y” (6309079)

When upgrading Portal Server from Java ES 2005Q1 into Java ES 2005Q4, using docs Sun Java Enterprise System 2005Q4, Upgrade Guide, July 29, 2005, command deploy does not work. This bug also applies to Administration Server and Access Manager. The bug only occurs when the file $HOME/.asadmintruststore is not present.

Solution Press “Y” and the Enter key, if command “deploy redeploy” stops and the question “Do you trust the above certificate [y/n] appears in a log (/var/opt/SUNWam/debug/deploy.log).

(Solaris and Linux) 10WS, Gateway Redirection is not happening in Multisession installation (4971011)

Solution Launch a browser to access the amconsole. Under the Service Configuration tab, choose gateway. In the right-bottom corner of the web page, choose the default link then choose the security tab. Add URL like "http://IS_HOST:PORT/amserver/UI/Login" into the Non-authenticated URLs: field. For example: http://boa.prc.sun.com:80/amserver/UI/Login. Next, restart gateway using the following command: /etc/init.d/gateway -n default start debug.

Certificates expire on Portal Servers which use JCE 1.2.1 package (6297953)

Current Portal Servers still use JCE 1.2.1 packages which expire on July 27th, 2005.

Solution Although this issue exists for all Java ES releases from Java ES 2003Q4 to Java ES 2005Q4 and the JCE 1.2.1 files appear in the distribution, the files are not being used and will not affect Java ES 2005Q4.

Invalid shell syntax in remove_Wireless process (6301677)

The remove_Wireless process fails during Portal Server unconfigure operation (psconfig and unconfigurewithscrubds).

Solution Edit the remove_Wireless file and comment out the empty if statement. An example is shown below:

#Perform web container specific un-config

#

#if [ “$DEPLOY_TYPE” == “IWS” ]; then

#elif [ “$DEPLOY_TYPE” = “SUNONE” ]; then

#fi

Unable to stop Gateway in two host scenario (6283068)

Solution To start the gateway type ./gateway start -n default. In order to stop the gateway type /gateway stop -n default.

Portal Server Gateway login after Portal Server restart (6191449)

A fix is available in patches 118950–14 (Solaris SPARC), 118951–14 (Solaris/x86), and 118952–14 (Linux).

Solution Each time the Portal Server, Administration Server or Web Server is restarted, the gateway must also be restarted. Enter gateway stop to stop the server and gateway start to start the server.

Login page is not downloaded through proxylet (6216514)

When the proxylet is enabled, SRA still uses the rewriter technology to fetch the login pages and a part of the desktop page before the proxylet starts.

Solution None

Exception thrown after reloading Portal Desktop (218871)

Launching the instant messaging link and refreshing the portal desktop causes the “ERROR: content is not available” to appear. Also, an exception is thrown in this file:

/var/opt/SUNWam/desktop.debug.

Solution Edit the domain.xml file (located in /var/opt/SUNWappserver/domain1/config and perform the following

Modify the Java configuration classpath-prefix with /usr/share/lib/jaxen-core.jar

Type stop-domain domain1

Type asadmin start-domain

Enter your user name and password.

Help file link doe not work for iFrameprovider on the desktop (6199105)

Clicking on the help icon from the SampleIFrame Channel produces “HTTP Status 404 — /portal/docs/en/desktop/iframechann.htm” is not available.

Solution None. No help is provided with iFrame provider.

Installation and uninstallation of Portal Server appears to hang (5106639)

During installation and uninstallation of Portal Server, the installer and uninstaller appear to hang. The delay can be up to 30 minutes before installation/uninstallation finishes successfully.

Solution None.

Gateway redirection not happening in any multi-session installation (4971011)

Regardless of the installation mode, gateway redirection does not occur during a multi-session installation.

Solution

To enable gateway redirection

Steps

1. Launch a Portal Server browser and access the amconsole.

2. Under “Service Configuration” tab, select “gateway”.

3. In the lower right corner of the window, click “default” and “security” tab as well.

4. Then, add a URL like “http://IS_HOST:PORT/amserver/UI/Login” into “Non-authenticated URLs:” field.

   An example URL is http://boa.prc.sun.com:80/amserver/UI/Login.

5. Finally, restart the Portal gateway by doing the following as superuser:

   # /etc/init.d/gateway -n default start debug

Shared Component Issues

metaslot needs to return CK_EFFECTIVELY_INFINITE in token info(6276483)

This bug can cause failure of the Java Enterprise System common agent container.

Platform/Architecture: This bug only occurs with the Solaris 10 system running on the x86 architecture or the SPARC architecture and with the Java 2 Runtime Environment, Standard Edition 1.5. Depending on cryptoadm configuration you have, the common agent container could fail on a Solaris 10 system when you open an SSL connection.

Solution Run the following command as root: crypto disable metaslot.

MFWK 1.0 mfwkadm stop and undeploy does not work with Common Agent Container 1.1 build 10 (6262977)

Common agent container displays the version number after the module number.

Solution Two workarounds are available. (1) Stop common agent container (this stops all common agent container modules, including the JesMF module and its dependant modules). (2) Alternatively, you can also use common agent container admin commands to manually undeploy modules that have dependencies on JesMF and then undeploy the JesMF module.

Installer does not upgrade Apache Tomcat 4.0.1 to Apache Tomcat 4.0.5 (6202992)

The installer does not upgrade the SUNWtcatu package.

Solution Before commencing with installation, manually remove SUNWtcatu using pkgrm. Then, when you run the installer, the correct package version for Tomcat 4.0.5 is installed.

Sun Java Web Console set-up script does not upgrade SUNWtcatu package (6202315)

Solution Before commencing with installation, manually remove SUNWtcatu using pkgrm.

Sun Cluster Installation

Updated P2 Common Agent Container/doc Package dependency change from 1.0 to 1.1 causes installation problems

In the Sun Cluster 3.1 8/05 Installation Guide, the instruction for adding common agent container packages in the “How to Upgrade Dependency Software” sections for rolling and non-rolling upgrade is correct only for the common agent container distributed in SC31U4 IFR. The procedure is incorrect for the common agent container shipped in Java ES 2005Q4. For the common agent container shipped in Java ES 2005Q4, the correct instruction should be:

pkgadd —d . SUNWcacaocfg SUNWcacao

Sun Cluster HA Application Server Agent does not support Application Server 8.1 and HADB 8.1 (6212333)

The installer gives you the option of choosing to install the Sun Cluster HA Application Server Agent with Application Server and HADB 8.1. However, the HA Application Server Agent does not support Application Server and HADB 8.1. As a result, you cannot configure HA Application Server.

Solution Do not install the HA Application Server Agent with Application Server and HADB 8.1.

Sun Cluster Data Services for previous versions of Directory Server (no issue ID)

Java Enterprise System 2005Q1 includes the Sun Cluster Data Service for the Sun Java System Directory Server 5 2004Q2. If you need the Sun Cluster Data Service for Sun Java System Directory Server 5.0 or 5.1 or for Netscape HTTP, version 4.1.6, it is available in the Sun Cluster 3.1 Data Services 10/03 release. To request this release, contact your Sun customer service representative.

Sun Cluster Data Service for Oracle Parallel Server/Real Application Clusters not installed from Sun Cluster 3.1 CD (no issue ID)

Instead, it is installed from the Java Enterprise System 1 Accessory CD, volume 3. Also, the data services are not installed from the agents CD. Instead, they are installed from the Java Enterprise System 1 Accessory CD, volume 3.

Installer does not allow for additional Sun Cluster agents to be installed if one exists on system (no issue ID)

If you have installed a Sun Cluster Agent prior to running the Java Enterprise System installer, the installer does not allow you to install additional agents.

Solution Install additional Sun Cluster Agents using pkgadd.

Web Server Installation

Web Server installation fails if install directory is populated with files from a previously installed version (no issue ID)

Solution Back-up all your configuration files. Then, remove the install directory before installing Web Server using the Java Enterprise System installer.

Web Proxy Server Issues

Web Proxy Server fails to configure through common installer (6322036)

When startup on boot enabled, after successfully installing Web Proxy Server the installation summary report states that the installation and configuration failed.

Solution Configure the Web Proxy Server after the installation is complete.

Localization Issues

Custom Configuration installer screen sometimes displays with crippled text layout (6210498)

Solution Resize the window. Then, click Back and Next. The window will display correctly.

Cannot use configure later option when installing on all locales (6206190)

Using the configure later option when installing on all locales results in a number of broken links for the SUNWasuee package.

Solution Add the localization packages manually after installation.