Oracle® Fusion Middleware Troubleshooting Guide for Oracle Mobile Security Suite Release 3.0.1 Part Number E51929-03 |
|
|
PDF · Mobi · ePub |
This chapter describes how to address common issues with Oracle Mobile Security Suite.
The following is a list of common troubleshooting issues that are observed in actual deployments:
Ports not opened (incoming and outgoing from Access Server)
Ports blocked either by an external firewall, an application firewall, or iptables
configuration
Host names not resolving, DNS problems
Users do not know how to get server certificates
Access Server cert not trusted on mobile device
The clock on the Mobile Security Access Server and the Windows domain controller are out of sync
Users type in UID, not full UPN
Back end applications do not have Kerberos SPNs properly defined
Container and containerized apps signed with different certificates
When building container static library project, selecting a build target of simulator or a connected device instead of generic iOS device
Trying to do PKINIT with older Windows version, prior to Win2k8R2
Incorrect user certificate templates
Incorrect web settings that send everything direct, or block everything
When running servers with a domain account, insufficient privileges
Missing batch logon or run as service privilege
Missing LDAP logon privilege
Missing privilege to issue certificate template for users
Missing privilege to revoke certificates on the CA
Missing LDAP groups to map admin groups when starting installation
Missing trust relationships in multi-domain environments
Use of alternate UPN suffixes with KINIT (requires configuration change)
Some back end servers running very old SSL stacks that cannot handle newer ciphers reported by the Access Server (requires configuration change)
Old or low-end Android devices